dependabot[bot]
77bd16ff51
build(deps): bump github/codeql-action from 4.35.1 to 4.35.2
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 4.35.1 to 4.35.2.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](c10b8064de...95e58e9a2c
2026-04-20 11:12:02 +00:00
Rafael
26c11f5c4d
Switch from draft to pre-release ( #13951 )
...
govulncheck / govulncheck (push) Has been cancelled
Scorecard supply-chain security / Scorecard analysis (push) Has been cancelled
Signed-off-by: Rafael Breno <rafael_breno@outlook.com>
2026-04-16 20:23:48 -03:00
Chris Wayne
c6abac5140
Bump Traefik to 3.6.13 ( #13969 )
...
* Bump Traefik to 3.6.13
Signed-off-by: Chris Wayne <cwayne18@gmail.com>
Co-authored-by: Brad Davidson <brad@oatmail.org>
2026-04-16 18:20:38 -04:00
Rafael
663d6f82fe
Switch release workflow trigger and add draft flag for release creation ( #13902 )
...
Signed-off-by: Rafael Breno <rafael_breno@outlook.com>
Signed-off-by: Rafael <32229014+rafaelbreno@users.noreply.github.com>
2026-04-16 13:52:00 -03:00
Rafael
595cf680cf
Update to v1.35.4 ( #13946 )
...
Signed-off-by: Rafael Breno <rafael_breno@outlook.com>
2026-04-16 13:11:00 -03:00
thomasferrandiz
ee72c08b9b
Merge pull request #13937 from thomasferrandiz/bump-flannel-v0.28.4
...
Bump flannel to v0.28.4
2026-04-15 21:35:56 +02:00
Thomas Ferrandiz
bcf72325fd
Bump flannel to v0.28.4
...
Signed-off-by: Thomas Ferrandiz <thomas.ferrandiz@suse.com>
2026-04-15 18:27:01 +00:00
Brad Davidson
6eb9d7c819
Bump containerd to v2.2.3
...
govulncheck / govulncheck (push) Has been cancelled
Scorecard supply-chain security / Scorecard analysis (push) Has been cancelled
Also bumps docker/docker (moby)
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2026-04-15 11:05:42 -07:00
Brad Davidson
f891548e32
Fix embedded excutor VPN config injection
...
Scorecard supply-chain security / Scorecard analysis (push) Waiting to run
Allow the executor to modify node config before certs are generated, and use this to add VPN node IPs to kubelet serving cert
2026-04-14 09:03:05 -07:00
Manuel Buil
4b18631007
Bump traefik to 3.6.12 ( #13912 )
...
Scorecard supply-chain security / Scorecard analysis (push) Waiting to run
Signed-off-by: Manuel Buil <mbuil@suse.com>
2026-04-13 16:59:32 -04:00
dependabot[bot]
33f9173021
build(deps): bump docker/build-push-action from 7.0.0 to 7.1.0
...
Bumps [docker/build-push-action](https://github.com/docker/build-push-action ) from 7.0.0 to 7.1.0.
- [Release notes](https://github.com/docker/build-push-action/releases )
- [Commits](d08e5c354a...bcafcacb16
2026-04-13 11:08:05 -07:00
dependabot[bot]
32f2169ed3
build(deps): bump softprops/action-gh-release from 2.6.1 to 3.0.0
...
Bumps [softprops/action-gh-release](https://github.com/softprops/action-gh-release ) from 2.6.1 to 3.0.0.
- [Release notes](https://github.com/softprops/action-gh-release/releases )
- [Changelog](https://github.com/softprops/action-gh-release/blob/master/CHANGELOG.md )
- [Commits](153bb8e044...b430933298
2026-04-13 11:07:48 -07:00
dependabot[bot]
8b6f2a40e7
build(deps): bump actions/upload-artifact from 7.0.0 to 7.0.1
...
Bumps [actions/upload-artifact](https://github.com/actions/upload-artifact ) from 7.0.0 to 7.0.1.
- [Release notes](https://github.com/actions/upload-artifact/releases )
- [Commits](bbbca2ddaa...043fb46d1a
2026-04-13 11:07:38 -07:00
dependabot[bot]
0ae2bb1e6b
build(deps): bump aws-actions/configure-aws-credentials
...
Bumps [aws-actions/configure-aws-credentials](https://github.com/aws-actions/configure-aws-credentials ) from 6.0.0 to 6.1.0.
- [Release notes](https://github.com/aws-actions/configure-aws-credentials/releases )
- [Changelog](https://github.com/aws-actions/configure-aws-credentials/blob/main/CHANGELOG.md )
- [Commits](8df5847569...ec61189d14
2026-04-13 11:07:17 -07:00
dependabot[bot]
62ce497982
build(deps): bump actions/github-script from 8.0.0 to 9.0.0
...
Bumps [actions/github-script](https://github.com/actions/github-script ) from 8.0.0 to 9.0.0.
- [Release notes](https://github.com/actions/github-script/releases )
- [Commits](ed597411d8...3a2844b7e9
2026-04-13 11:07:07 -07:00
Brad Davidson
59004ba8f6
Bump runc/spegel/helm-controller/kine
...
govulncheck / govulncheck (push) Has been cancelled
Scorecard supply-chain security / Scorecard analysis (push) Has been cancelled
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2026-04-10 15:26:41 -07:00
Vitor Savian
468ccb50c3
Bump klipper helm to build20260410
...
Signed-off-by: Vitor Savian <vitor.savian@suse.com>
2026-04-10 16:15:55 -03:00
Brad Davidson
aaf780aaf5
Fix S3 test
...
Scorecard supply-chain security / Scorecard analysis (push) Waiting to run
Also pin the s3mock version to avoid future unexpected breaking changes
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2026-04-10 08:55:08 -07:00
dependabot[bot]
d937c5a088
build(deps): bump github.com/nats-io/nats-server/v2
...
govulncheck / govulncheck (push) Waiting to run
Scorecard supply-chain security / Scorecard analysis (push) Waiting to run
Bumps [github.com/nats-io/nats-server/v2](https://github.com/nats-io/nats-server ) from 2.12.2 to 2.12.6.
- [Release notes](https://github.com/nats-io/nats-server/releases )
- [Changelog](https://github.com/nats-io/nats-server/blob/main/RELEASES.md )
- [Commits](https://github.com/nats-io/nats-server/compare/v2.12.2...v2.12.6 )
---
updated-dependencies:
- dependency-name: github.com/nats-io/nats-server/v2
dependency-version: 2.12.6
dependency-type: indirect
...
Signed-off-by: dependabot[bot] <support@github.com>
2026-04-09 15:37:48 -07:00
dependabot[bot]
d162000d58
build(deps): bump github.com/buger/jsonparser from 1.1.1 to 1.1.2
...
Bumps [github.com/buger/jsonparser](https://github.com/buger/jsonparser ) from 1.1.1 to 1.1.2.
- [Release notes](https://github.com/buger/jsonparser/releases )
- [Commits](https://github.com/buger/jsonparser/compare/v1.1.1...v1.1.2 )
---
updated-dependencies:
- dependency-name: github.com/buger/jsonparser
dependency-version: 1.1.2
dependency-type: indirect
...
Signed-off-by: dependabot[bot] <support@github.com>
2026-04-09 15:37:39 -07:00
Jon Hermansen
500fd9cfd1
Fix reproducibility of embedded data tarball
...
The tar command in package-cli produces a non-reproducible archive
because file ordering and timestamps vary between builds. This causes
bit-for-bit differences when rebuilding k3s from the same source,
which breaks reproducible build systems such as Nix.
Sort the archive entries by name and clamp modification times to the
Unix epoch so the tarball content is deterministic regardless of
filesystem ordering or build time.
Ref: NixOS/nixpkgs#430225
Ref: NixOS/nixpkgs#502374
Signed-off-by: Jon Hermansen <jon@jh86.org>
2026-04-09 14:34:50 -07:00
dependabot[bot]
8a4219e66c
build(deps): bump updatecli/updatecli-action from 2.100.0 to 3.0.0
...
Bumps [updatecli/updatecli-action](https://github.com/updatecli/updatecli-action ) from 2.100.0 to 3.0.0.
- [Release notes](https://github.com/updatecli/updatecli-action/releases )
- [Commits](4b17f4ea78...2cc8e6d8e3
2026-04-09 12:41:39 -07:00
dependabot[bot]
1fe6732169
build(deps): bump docker/setup-buildx-action from 3.12.0 to 4.0.0
...
Bumps [docker/setup-buildx-action](https://github.com/docker/setup-buildx-action ) from 3.12.0 to 4.0.0.
- [Release notes](https://github.com/docker/setup-buildx-action/releases )
- [Commits](8d2750c68a...4d04d5d948
2026-04-09 12:41:15 -07:00
dependabot[bot]
91dc10db9c
build(deps): bump github/codeql-action from 4.34.1 to 4.35.1
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 4.34.1 to 4.35.1.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](3869755554...c10b8064de
2026-04-09 12:40:57 -07:00
dependabot[bot]
28d434405d
build(deps): bump actions/upload-artifact from 6.0.0 to 7.0.0
...
Bumps [actions/upload-artifact](https://github.com/actions/upload-artifact ) from 6.0.0 to 7.0.0.
- [Release notes](https://github.com/actions/upload-artifact/releases )
- [Commits](b7c566a772...bbbca2ddaa
2026-04-09 12:40:37 -07:00
dependabot[bot]
d5fc981f18
build(deps): bump github.com/go-jose/go-jose/v4 from 4.1.3 to 4.1.4
...
Bumps [github.com/go-jose/go-jose/v4](https://github.com/go-jose/go-jose ) from 4.1.3 to 4.1.4.
- [Release notes](https://github.com/go-jose/go-jose/releases )
- [Commits](https://github.com/go-jose/go-jose/compare/v4.1.3...v4.1.4 )
---
updated-dependencies:
- dependency-name: github.com/go-jose/go-jose/v4
dependency-version: 4.1.4
dependency-type: indirect
...
Signed-off-by: dependabot[bot] <support@github.com>
2026-04-09 12:39:58 -07:00
Manuel Buil
d7c11bd78d
Check the k3s-root sha256sum
...
Scorecard supply-chain security / Scorecard analysis (push) Has been cancelled
Signed-off-by: Manuel Buil <mbuil@suse.com>
2026-04-02 12:17:39 +02:00
Manuel Buil
5e578729b7
Verify sha256sum for kubelet and vagrant zip
...
Scorecard supply-chain security / Scorecard analysis (push) Waiting to run
Signed-off-by: Manuel Buil <mbuil@suse.com>
2026-04-01 19:08:35 +02:00
Manuel Buil
909ffe67c7
Pin govulncheck GHA version
...
Signed-off-by: Manuel Buil <mbuil@suse.com>
2026-04-01 18:08:59 +02:00
Manuel Buil
2a2cd99e3d
Secure the e2e yaml GHA
...
Signed-off-by: Manuel Buil <mbuil@suse.com>
2026-04-01 18:07:03 +02:00
Manuel Buil
9b6d5dfedd
Secure the vagrant-setup action.yaml
...
Signed-off-by: Manuel Buil <mbuil@suse.com>
2026-04-01 18:06:54 +02:00
Manuel Buil
77edf27321
Make tests/integration/Dockerfile.test more secure
...
Signed-off-by: Manuel Buil <mbuil@suse.com>
2026-04-01 18:06:43 +02:00
Manuel Buil
9701c74553
Make Dockerfile.test more secure
...
Signed-off-by: Manuel Buil <mbuil@suse.com>
2026-04-01 18:05:49 +02:00
caroline-suse-rancher
9b93abc827
Merge pull request #13890 from BenBo17/main
...
Add Rocket Technologies to the list of adopters
2026-04-01 11:35:38 -04:00
Ben Schick
abdfc194f2
Add Rocket Technologies to the list of adopters
...
Signed-off-by: Ben Schick <b.schick@rocket-technologies.de>
2026-03-31 23:32:22 +02:00
caroline-suse-rancher
1dd8d5ca6c
Merge pull request #13881 from caesarakalaeii/patch-1
...
Install Script / build (push) Has been cancelled
Scorecard supply-chain security / Scorecard analysis (push) Has been cancelled
Install Script / Smoke Test (push) Has been cancelled
Add sipgate to the list of adopters
2026-03-30 12:41:33 -04:00
Rafael
d4ad4acbfe
Update stable to v1.34.6+k3s1 ( #13873 )
...
Signed-off-by: Rafael Breno <rafael_breno@outlook.com>
2026-03-30 11:28:31 -03:00
Caesar
2125fd1201
Add sipgate to the list of adopters
...
As requested at kubecon, this adds sipgate as a k3s adopter
Signed-off-by: Caesar <82340152+caesarakalaeii@users.noreply.github.com>
2026-03-30 13:25:18 +02:00
Michael Fritch
f1deb4ec75
Update to flannel v0.28.2
...
govulncheck / govulncheck (push) Has been cancelled
Scorecard supply-chain security / Scorecard analysis (push) Has been cancelled
Signed-off-by: Michael Fritch <mfritch@suse.com>
2026-03-27 13:37:44 -06:00
Chris Wayne
57ad253578
Dapper is kill ( #13860 )
...
Scorecard supply-chain security / Scorecard analysis (push) Waiting to run
Install Script / build (push) Has been cancelled
Install Script / Smoke Test (push) Has been cancelled
* Remove Dockerfile.dapper as it is not used
Signed-off-by: Chris Wayne <cwayne18@gmail.com>
2026-03-26 14:47:51 -04:00
Chris Wayne
b483ddc65a
Pin GH Actions to commit sha ( #13861 )
...
Signed-off-by: Chris Wayne <cwayne18@gmail.com>
2026-03-26 14:12:15 -04:00
Brad Davidson
a666b7905c
Add context to controller event recorders
...
Scorecard supply-chain security / Scorecard analysis (push) Waiting to run
govulncheck / govulncheck (push) Has been cancelled
Fixes issue where RKE2 event recorder events were not logged to console due to lack of logging context.
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2026-03-25 15:32:15 -07:00
Brad Davidson
367c38b49e
Bump helm-controller for job race fix
...
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2026-03-25 15:31:51 -07:00
DT1mote
cc1c20fdc0
fix: typo in etcd membership error message
...
Scorecard supply-chain security / Scorecard analysis (push) Waiting to run
Found a typo while working, quick fix.
It should display "This server is not a member of the etcd cluster" instead of "this server is a not a member of the etcd cluster"
Kind regards,
Signed-off-by: DT1mote <74531281+DT1mote@users.noreply.github.com>
2026-03-24 16:13:18 -07:00
Charlie Tonneslan
f40cf096c9
Fix typo: overriden -> overridden in snapshot_handler.go
...
Signed-off-by: Charlie Tonneslan <cst0520@gmail.com>
2026-03-24 16:12:56 -07:00
github-actions[bot]
a686a45bdb
chore: Update Trivy version in Dockerfile.dapper ( #13845 )
...
Scorecard supply-chain security / Scorecard analysis (push) Waiting to run
Made with ❤️ ️ by updatecli
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
2026-03-23 15:35:48 -04:00
Rafael
176c93176d
[main] Update to v1.35.3-k3s1 and Go 1.25.7 ( #13836 )
...
govulncheck / govulncheck (push) Has been cancelled
Scorecard supply-chain security / Scorecard analysis (push) Has been cancelled
* Update to v1.35.3
Signed-off-by: Rafael Breno <rafael_breno@outlook.com>
* Update how VERSION_GOLANG is set
Signed-off-by: Rafael Breno <rafael_breno@outlook.com>
---------
Signed-off-by: Rafael Breno <rafael_breno@outlook.com>
2026-03-19 17:17:36 -03:00
dependabot[bot]
8183260241
build(deps): bump aquasecurity/trivy-action from 0.34.1 to 0.35.0 ( #13802 )
...
Scorecard supply-chain security / Scorecard analysis (push) Has been cancelled
Bumps [aquasecurity/trivy-action](https://github.com/aquasecurity/trivy-action ) from 0.34.1 to 0.35.0.
- [Release notes](https://github.com/aquasecurity/trivy-action/releases )
- [Commits](https://github.com/aquasecurity/trivy-action/compare/0.34.1...0.35.0 )
---
updated-dependencies:
- dependency-name: aquasecurity/trivy-action
dependency-version: 0.35.0
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-03-17 09:09:15 -07:00
dependabot[bot]
b9f4182d51
build(deps): bump softprops/action-gh-release from 2.5.0 to 2.6.1 ( #13803 )
...
Bumps [softprops/action-gh-release](https://github.com/softprops/action-gh-release ) from 2.5.0 to 2.6.1.
- [Release notes](https://github.com/softprops/action-gh-release/releases )
- [Changelog](https://github.com/softprops/action-gh-release/blob/master/CHANGELOG.md )
- [Commits](https://github.com/softprops/action-gh-release/compare/v2.5.0...v2.6.1 )
---
updated-dependencies:
- dependency-name: softprops/action-gh-release
dependency-version: 2.6.1
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-03-17 09:09:04 -07:00
dependabot[bot]
f29d8288b0
build(deps): bump docker/login-action from 3 to 4 ( #13804 )
...
Bumps [docker/login-action](https://github.com/docker/login-action ) from 3 to 4.
- [Release notes](https://github.com/docker/login-action/releases )
- [Commits](https://github.com/docker/login-action/compare/v3...v4 )
---
updated-dependencies:
- dependency-name: docker/login-action
dependency-version: '4'
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-03-17 09:08:56 -07:00
