upstream/k3s
1
0
Fork 0
mirror of https://github.com/k3s-io/k3s.git synced 2026-05-28 04:34:19 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions 4
4093 commits 43 branches 1057 tags 657 MiB
Commit graph

4093 commits

This branch
This branch
All branches
Author SHA1 Message Date
bo.jiang
db778faaf3 fix: Remove unused legacy certificates 
Signed-off-by: bo.jiang <bo.jiang@daocloud.io>
 2025-06-24 12:31:47 -07:00
Rafael
6d076f4dd0
Update to v1.33.2 (#12533) 
Signed-off-by: Rafael Breno <32229014+rafaelbreno@users.noreply.github.com>
 2025-06-20 14:24:51 -03:00
Derek Nola
eb6fa3a230 Correctly track conformance test pids 
Signed-off-by: Derek Nola <derek.nola@suse.com>
 2025-06-18 09:19:18 -07:00
Derek Nola
4b221d0cd7 Remove old conformance Dockerfile 
Signed-off-by: Derek Nola <derek.nola@suse.com>
 2025-06-18 09:19:18 -07:00
Brad Davidson
e8062bff78 Bump helm-controller 
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
 2025-06-16 16:01:53 -07:00
Roberto Bonafiglia
573da0d41c Update network components 
Signed-off-by: Roberto Bonafiglia <roberto.bonafiglia@suse.com>
 2025-06-16 16:04:25 +02:00
Brad Davidson
c40bb449ba Fix rootless e2e test 
The install script was starting the service, and then the test itself was restarting it immediately thereafter, which caused frequent flakes.

Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
 2025-06-12 17:17:49 -07:00
Brad Davidson
5cc51edafa Fix sqlite-etcd migration 
Forgot to add new config to temporary kine in #12293

Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
 2025-06-12 17:17:49 -07:00
Brad Davidson
22d92bcb22 Bump dynamiclistener to v0.7.0 
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
 2025-06-11 22:48:03 -07:00
Roberto Machorro
12b0a492a5
Added Child Rescue Coalition to Adopters list. (#12470) 
Signed-off-by: Roberto Machorro <7190436+RobertoMachorro@users.noreply.github.com>
 2025-06-11 13:04:15 -04:00
Derek Nola
17525caedb Run integration tests when build-k3s.yaml is changed 
Signed-off-by: Derek Nola <derek.nola@suse.com>
 2025-06-11 08:07:27 -07:00
Derek Nola
f0bc228bf7 Define missing top level permissions in CI 
Signed-off-by: Derek Nola <derek.nola@suse.com>
 2025-06-11 08:07:27 -07:00
Manuel Buil
71a867cf9c
Write ADR about failed multus integration (#9434) 
Signed-off-by: Manuel Buil <mbuil@suse.com>
 2025-06-10 11:38:06 -07:00
dependabot[bot]
d2edee79ec
Bump aquasecurity/trivy-action from 0.30.0 to 0.31.0 (#12458) 
Bumps [aquasecurity/trivy-action](https://github.com/aquasecurity/trivy-action) from 0.30.0 to 0.31.0.
- [Release notes](https://github.com/aquasecurity/trivy-action/releases)
- [Commits](https://github.com/aquasecurity/trivy-action/compare/0.30.0...0.31.0)

---
updated-dependencies:
- dependency-name: aquasecurity/trivy-action
  dependency-version: 0.31.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-06-09 12:02:50 -07:00
Brad Davidson
db5390511e Switch from endpoints to endpointslices 
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
 2025-06-09 11:28:02 -07:00
Derek Nola
8e27803cea
Fix conformance labeling on CI, no tty (#12450) 
Signed-off-by: Derek Nola <derek.nola@suse.com>
 2025-06-06 09:35:16 -07:00
Zero King
490588e86b
Add new topologySpreadConstraints to coredns 
Prefer scaling across zones if multiple zones are available.
 2025-06-05 13:02:17 -07:00
bo.jiang
b5f4fd1d73 Fix K3s not validating datastore connection when no token is set 
Signed-off-by: bo.jiang <bo.jiang@daocloud.io>
 2025-06-05 12:49:26 -07:00
Caio Torres
b8cf676807
fix error on distros without VERSION_ID in os-release 2025-06-05 11:50:06 -07:00
dependabot[bot]
a724f21873
Bump ossf/scorecard-action from 2.4.1 to 2.4.2 (#12430) 
Bumps [ossf/scorecard-action](https://github.com/ossf/scorecard-action) from 2.4.1 to 2.4.2.
- [Release notes](https://github.com/ossf/scorecard-action/releases)
- [Changelog](https://github.com/ossf/scorecard-action/blob/main/RELEASE.md)
- [Commits](f49aabe0b5...05b42c6244)

---
updated-dependencies:
- dependency-name: ossf/scorecard-action
  dependency-version: 2.4.2
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-06-03 09:30:32 -06:00
Derek Nola
b33b71371a
Convert all nightly conformance to golang test framework (#12422) 
Signed-off-by: Derek Nola <derek.nola@suse.com>
 2025-06-02 14:48:19 -07:00
Patrick Evans
412a21e5a0
fix: Trivy download into dapper container is skipped (#12219) 
* only run trivy if executable is available

Signed-off-by: holysoles <holysoles97@gmail.com>
Signed-off-by: Derek Nola <derek.nola@suse.com>
Co-authored-by: Derek Nola <derek.nola@suse.com>
 2025-06-02 14:23:18 -07:00
Derek Nola
07171fd7e8 Build and push k3s image to GHCR 
Signed-off-by: Derek Nola <derek.nola@suse.com>
 2025-05-30 10:59:49 -07:00
Derek Nola
1797b5abc1 Remove unused scripts files 
Signed-off-by: Derek Nola <derek.nola@suse.com>
 2025-05-30 10:59:49 -07:00
Derek Nola
efef5a5a1a Remove legacy PROXY Envs in build system 
Signed-off-by: Derek Nola <derek.nola@suse.com>
 2025-05-30 10:59:49 -07:00
haruna
d256968ee4 Improve shebang of bash completion script 
Signed-off-by: haruna <w10776e8w@yahoo.co.jp>
 2025-05-30 10:18:42 -07:00
bo.jiang
f7f546a23e Fix secrets encryption rotation timeout causing false failures 
Signed-off-by: bo.jiang <bo.jiang@daocloud.io>
 2025-05-30 10:16:34 -07:00
Orlix
ac55e89b67
Add Uffizzi as adopter (#12348) 
Signed-off-by: Orlix <orlin@orlix.org>
 2025-05-29 10:48:33 -07:00
Caio Torres
729403345b
feat: remove master role labels (#12395) 
Signed-off-by: Caio Torres <caio.torres@suse.com>
 2025-05-28 12:41:35 -07:00
Rafael
3d0e0e2699
Update stable to v1.32.5+k3s1 (#12393) 
Signed-off-by: Rafael Breno <32229014+rafaelbreno@users.noreply.github.com>
 2025-05-26 11:16:00 -03:00
Brad Davidson
8d8d1f43bd Fix e2e startup test 
Do more cleanup between runs, collect more logs on failure.

Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
 2025-05-16 09:39:27 -07:00
Rafael
d78e666fce
Update to v1.33.1 (#12362) 
Signed-off-by: Rafael Breno <32229014+rafaelbreno@users.noreply.github.com>
 2025-05-16 13:20:47 -03:00
Brad Davidson
dad64705d3 Fix startuphooks race condition panic 
Ensure startup hooks WaitGroup is initialized before starting goroutine that will wait on it

Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
 2025-05-15 14:27:40 -07:00
Brad Davidson
0dd6f17797 Fix secretsencryption request handler panic 
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
 2025-05-15 14:27:40 -07:00
Brad Davidson
cb889d41f2 Fix authorization-config/authentication-config handling 
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
 2025-05-15 13:38:49 -07:00
Vitor Savian
effe6ce019 Bump wharfie to v0.7.0 
Signed-off-by: Vitor Savian <vitor.savian@suse.com>
 2025-05-13 12:18:49 -03:00
bo.jiang
ee7449c3b9 docs: Remove references to deprecated Vagrantfile 
Signed-off-by: bo.jiang <bo.jiang@daocloud.io>
 2025-05-12 14:31:00 -07:00
Brad Davidson
10e3d40bf3 Sync datastore config defaults with kine CLI 
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
 2025-05-09 15:32:53 -07:00
Brad Davidson
2747770623 Bump kine and enable sqlite dbstat 
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
 2025-05-09 15:32:53 -07:00
Richard Hansen
925726c84d flannel: Use custom type for network mode (IPv4, IPv6, dual-stack) 
Move the `ipv4` and `ipv6` constants to their own constant
declaration.  This ensures that the `iota` expression for the `ipv4`
constant evaluates to 0, not some arbitrary value.  (`iota` evaluates
to N for the Nth constant in the constant declaration; see
<https://go.dev/ref/spec#Iota>.)  This is also more idiomatic, which
improves readability.

Also switch from incremental integers to bit flags, and use bitwise
operators for checking.  This is more idiomatic (the integer is
treated like a set of booleans), it avoids some code duplication, and
it is necessary to avoid ambiguity.  Consider the following:

    const (
    	ipv4 = iota
    	ipv6
    )

In the above, `ipv4` would have the value 0 and `ipv6` would have the
value 1.  This would make it impossible to distinguish an IPv6-only
stack from a dual-stack configuration because `ipv6` would equal
`ipv4 + ipv6`.  With bit flags this problem doesn't exist.

And put the integer holding the bit flags in a custom type with
convenience methods to improve readability.

Signed-off-by: Richard Hansen <rhansen@rhansen.org>
 2025-05-09 12:51:48 -07:00
Vitor Savian
53de968676
Add generation for kube-scheduler and kube-controller-manager certs (#12285) 
* Add generation for kube-scheduler and kube-controller-manager certs

Signed-off-by: Vitor Savian <vitor.savian@suse.com>

* Add new certs to the tests

Signed-off-by: Vitor Savian <vitor.savian@suse.com>

* Change cert-dir to tls-cert-file and tls-private-key-file

Signed-off-by: Vitor Savian <vitor.savian@suse.com>

* Address altName structure

Co-authored-by: Brad Davidson <brad@oatmail.org>
Signed-off-by: Vitor Savian <vitor.savian@suse.com>

---------

Signed-off-by: Vitor Savian <vitor.savian@suse.com>
Co-authored-by: Brad Davidson <brad@oatmail.org>
 2025-05-09 16:25:44 -03:00
bo.jiang
4c1f014d27 Optimize certificate status check 
Signed-off-by: bo.jiang <bo.jiang@daocloud.io>
 2025-05-08 11:57:29 -07:00
Brad Davidson
67291090ca Add support for conditional image tarball imports 
Normally K3s will import all tarballs in the image dir on startup, and
re-import any tarballs that change while it is running.

This change allows users to opt into only importing tarballs that have
changed since they were last imported, even across restarts.

This behavior is opted into by touching a `.cache.json` file in the
images dir. This file is used to track the size and mtime of the image
files when they are imported.

Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
 2025-05-07 15:06:14 -07:00
Brad Davidson
a8f0acbe52 Add CLI flag and config file for s3 bucket lookup type 
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
 2025-05-07 11:50:22 -07:00
Brad Davidson
921e502918 Add anonymous-auth to flags gated on empty authorization-config value 
Also warn if default flags are not set due to user provided config

Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
 2025-05-07 10:59:27 -07:00
Brad Davidson
b15af84e4a Bump containerd/cri-dockerd/spegel/runc 
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
 2025-05-07 10:20:40 -07:00
Vitor Savian
c2efae3e1c Update channel to add 1.33 
Signed-off-by: Vitor Savian <vitor.savian@suse.com>
 2025-05-02 16:14:35 -03:00
Rafael
4804aedd3e
Update stable channel to v1.32.4 (#12231) 
Signed-off-by: Rafael Breno <32229014+rafaelbreno@users.noreply.github.com>
 2025-05-02 16:04:29 -03:00
Vitor Savian
0b48e363b5 Update certification renew alert to 120 days 
Signed-off-by: Vitor Savian <vitor.savian@suse.com>
 2025-05-02 15:17:12 -03:00
Derek Nola
edfe8c6618
Better logging on E2E tests around metrics availability (#12198) 
Signed-off-by: Derek Nola <derek.nola@suse.com>
 2025-05-02 10:31:23 -07:00