upstream/k3s
1
0
Fork 0
mirror of https://github.com/k3s-io/k3s.git synced 2026-05-28 04:34:19 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions 4
4129 commits 43 branches 1057 tags 657 MiB
Commit graph

4129 commits

This branch
This branch
All branches
Author SHA1 Message Date
Eran Markus
8655399438 Use KubeProxyDisabled helper instead of a new config field
Some checks failed
Scorecard supply-chain security / Scorecard analysis (push) Has been cancelled
Details 
Signed-off-by: Eran Markus <eran132@gmail.com>
 2026-05-26 16:45:13 -07:00
Eran Markus
a1cee760f6 Skip bridge-nf-call sysctls when kube-proxy and flannel are disabled 
Signed-off-by: Eran Markus <eran132@gmail.com>
 2026-05-26 16:45:13 -07:00
Elysia
decbab618f Fix token delete argument handling 
Signed-off-by: Elysia <148540043+elysia090@users.noreply.github.com>
 2026-05-26 16:09:01 -07:00
Jay Kubo
68ce5c2747 fix: populate IfaceName in LookupExtInterface for VXLAN recreation 
LookupExtInterface() constructs a backend.ExternalInterface but never
sets the IfaceName field, leaving it as an empty string. When the VXLAN
device (flannel.1) is deleted — e.g. because the parent interface
specified via --flannel-iface transiently disappears — the recreation
code in vxlan_network.go:165 calls net.InterfaceByName(""), which
always fails. This puts flannel into an unrecoverable retry loop:

  external interface  not found, retrying in 30s

The fix adds IfaceName: iface.Name to the struct literal. The iface
variable already holds the correct *net.Interface; its Name field just
needs to be copied into the IfaceName string that the VXLAN recreation
path reads.

This is a one-line change that enables the VXLAN device recreation
logic added in flannel PR #2272 (v0.27.4+) to actually work when
flannel is embedded in K3s.

Affects any deployment using --flannel-iface with an overlay network
(Tailscale, Nebula, ZeroTier) where the parent interface can
transiently restart.

Ref: https://github.com/k3s-io/k3s/issues/12436
Ref: https://github.com/flannel-io/flannel/issues/2247

Signed-off-by: Jay Kubo <6161465+jkubo@users.noreply.github.com>
 2026-05-26 16:04:18 -07:00
Eran Markus
7d638a23fa Use 0600 permissions for compressed etcd snapshots 
Signed-off-by: Eran Markus <eran132@gmail.com>
 2026-05-26 15:56:11 -07:00
Manuel Buil
2a0ad47e20 Nit: Wrong integration test name 
Signed-off-by: Manuel Buil <mbuil@suse.com>
 2026-05-26 18:10:00 +02:00
Tom Risse
23b074839b fix: k3s-uninstall.sh: smarter logic for "k3s-selinux" pkg removal
Some checks failed
Install Script / build (push) Has been cancelled
Details
Scorecard supply-chain security / Scorecard analysis (push) Has been cancelled
Details
Install Script / Smoke Test (push) Has been cancelled
Details 
This fixes k3s-selinux removal on Fedora CoreOS (#13710)

Signed-off-by: Tom Risse <tom@becarusys.de>
 2026-05-21 16:33:50 -03:00
Rafael
f2312ad32a
Update stable channel to v1.35.5+k3s1 (#14091)
Some checks are pending
Install Script / build (push) Waiting to run
Details
Install Script / Smoke Test (push) Blocked by required conditions
Details
Scorecard supply-chain security / Scorecard analysis (push) Waiting to run
Details 
Signed-off-by: Rafael Breno <32229014+rafaelbreno@users.noreply.github.com>
 2026-05-21 08:48:14 -03:00
Brad Davidson
26e2d49800 Add AI contribution guide
Some checks failed
Scorecard supply-chain security / Scorecard analysis (push) Has been cancelled
Details 
Inspired by https://github.com/kubernetes/community/pull/8451

Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
 2026-05-19 13:58:56 -07:00
Kai Tanaka
c6dd4c8f74 chore: fix duplicated "the" in etcd/s3 and permissions doc comments
Some checks failed
Scorecard supply-chain security / Scorecard analysis (push) Has been cancelled
Details 
Signed-off-by: Kai Tanaka <275430420+quyentonndbs@users.noreply.github.com>
 2026-05-15 10:52:56 +02:00
Brad Davidson
2f0c0d4839 Bump klipper-helm image tag
Some checks failed
Scorecard supply-chain security / Scorecard analysis (push) Has been cancelled
Details 
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
 2026-05-13 15:17:03 -07:00
Rafael
5962813672
Fix cron to run everyday at 6PM UTC (#14041)
Some checks are pending
Scorecard supply-chain security / Scorecard analysis (push) Waiting to run
Details 
Signed-off-by: Rafael Breno <rafael_breno@outlook.com>
 2026-05-13 15:27:21 -03:00
Rafael
8a3ffba97f
Update to v1.36.1 (#14052)
Some checks failed
Scorecard supply-chain security / Scorecard analysis (push) Waiting to run
Details
govulncheck / govulncheck (push) Has been cancelled
Details 
Signed-off-by: Rafael Breno <rafael_breno@outlook.com>
 2026-05-13 10:26:23 -03:00
Orlin Vasilev
ffd33e4367 Update Orlin's mail
Some checks are pending
Scorecard supply-chain security / Scorecard analysis (push) Waiting to run
Details 
Signed-off-by: Orlin Vasilev <orlin@orlix.org>
 2026-05-12 22:35:03 +02:00
github-actions[bot]
4200c2096b chore: Update rancher/local-path-provisioner image version
Some checks are pending
Scorecard supply-chain security / Scorecard analysis (push) Waiting to run
Details 
Made with ❤️️ by updatecli
 2026-05-11 11:18:22 -07:00
Brad Davidson
5463d000a6 Fix install-go cache key
Some checks failed
Scorecard supply-chain security / Scorecard analysis (push) Waiting to run
Details
govulncheck / govulncheck (push) Has been cancelled
Details 
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
 2026-05-07 17:16:18 -07:00
Brad Davidson
8cd83c1300 Bump kine to v0.15.0 
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
 2026-05-07 17:16:18 -07:00
nameearly
0f05ca280e add lost return 
Signed-off-by: nameearly <2741313455@qq.com>
 2026-05-05 23:38:48 -07:00
Rafael Breno
df4d34f687 Fix s3 path 
Signed-off-by: Rafael Breno <rafael_breno@outlook.com>
 2026-05-05 14:56:26 -07:00
github-actions[bot]
72ce287af2 chore: Update rancher/klipper-lb image versions 
Made with ❤️️ by updatecli
 2026-05-05 14:55:58 -07:00
Manuel Buil
20e1096f8f Improve K3s BUILDING and CONTRIBUTING guides
Some checks failed
govulncheck / govulncheck (push) Has been cancelled
Details
Install Script / build (push) Has been cancelled
Details
Scorecard supply-chain security / Scorecard analysis (push) Has been cancelled
Details
Install Script / Smoke Test (push) Has been cancelled
Details 
Signed-off-by: Manuel Buil <mbuil@suse.com>
 2026-04-30 15:07:54 +02:00
Vitor Savian
cbb7c2a041 Test for cri-dockerd exec 
Signed-off-by: Vitor Savian <vitor.savian@suse.com>
 2026-04-30 08:16:39 -03:00
Vitor Savian
eb395186d6 Bump cri-dockerd and cri-tools 
Signed-off-by: Vitor Savian <vitor.savian@suse.com>
 2026-04-30 08:16:39 -03:00
github-actions[bot]
ef3bb6566b chore: Update CoreDNS image version in manifests/coredns.yaml 
Made with ❤️️ by updatecli
 2026-04-28 16:02:34 -07:00
github-actions[bot]
ab8bc39cf3 chore: Update CoreDNS image version in scripts/airgap/image-list 
Made with ❤️️ by updatecli
 2026-04-28 16:02:34 -07:00
Brad Davidson
0e575f3a03 Bump spegel to v0.7.0 
Upstream has enabled QUIC in the default transport config, but we
continue to only support HTTPS (TCP) as we do not want to add a
separate QUIC UDP listener on the registry port.

Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
 2026-04-28 11:03:36 -07:00
Brad Davidson
eaddca726c Move advertise-address setup before server prepare 
Prepare uses the SANs list, so all modifications to that need to be done before preparing

Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
 2026-04-28 11:00:50 -07:00
Brad Davidson
f06dc108f4 Replace PreparingExecutor with explicit executor init 
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
 2026-04-28 11:00:50 -07:00
Rafael
44adecde65
Update stable to v1.35.4+k3s1 and add v1.36 entry (#14016) 
Signed-off-by: Rafael Breno <rafael_breno@outlook.com>
 2026-04-28 14:24:43 -03:00
github-actions[bot]
cd6bd5d026 chore: Update rancher/klipper-lb image versions 
Made with ❤️️ by updatecli
 2026-04-27 12:26:50 -07:00
Yury Tsarev
e85611e4b5
Add k8gb to adopters list in ADOPTERS.md (#13978)
Some checks failed
Scorecard supply-chain security / Scorecard analysis (push) Has been cancelled
Details 
Signed-off-by: Yury Tsarev <yury@upbound.io>
 2026-04-24 14:07:35 -04:00
Vitor Savian
9bac6745c7 Update golangci-lint to v2.11
Some checks failed
Scorecard supply-chain security / Scorecard analysis (push) Waiting to run
Details
govulncheck / govulncheck (push) Has been cancelled
Details 
Signed-off-by: Vitor Savian <vitor.savian@suse.com>
 2026-04-23 18:56:38 -03:00
Vitor Savian
3ae6542bbf Generate test mocks 
Signed-off-by: Vitor Savian <vitor.savian@suse.com>
 2026-04-23 18:56:38 -03:00
Vitor Savian
086cd7ba6f Bump upstream to 1.36 
Signed-off-by: Vitor Savian <vitor.savian@suse.com>
 2026-04-23 18:56:38 -03:00
Brad Davidson
4c18e60151 Bump klipper-helm image for revision check fix
Some checks are pending
Scorecard supply-chain security / Scorecard analysis (push) Waiting to run
Details 
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
 2026-04-22 13:42:32 -07:00
Brad Davidson
d8637ff8df Fix docker dualstack test
Some checks are pending
Scorecard supply-chain security / Scorecard analysis (push) Waiting to run
Details 
Wait for nodes and pods to be ready before checking IPs

Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
 2026-04-22 11:08:44 -07:00
Brad Davidson
c28aca64ab Fix SANs added from comma-separated node-external-ip list 
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
 2026-04-22 09:31:25 -07:00
Rafael
26c11f5c4d
Switch from draft to pre-release (#13951)
Some checks failed
govulncheck / govulncheck (push) Has been cancelled
Details
Scorecard supply-chain security / Scorecard analysis (push) Has been cancelled
Details 
Signed-off-by: Rafael Breno <rafael_breno@outlook.com>
 2026-04-16 20:23:48 -03:00
Chris Wayne
c6abac5140
Bump Traefik to 3.6.13 (#13969) 
* Bump Traefik to 3.6.13

Signed-off-by: Chris Wayne <cwayne18@gmail.com>
Co-authored-by: Brad Davidson <brad@oatmail.org>
 2026-04-16 18:20:38 -04:00
Rafael
663d6f82fe
Switch release workflow trigger and add draft flag for release creation (#13902) 
Signed-off-by: Rafael Breno <rafael_breno@outlook.com>
Signed-off-by: Rafael <32229014+rafaelbreno@users.noreply.github.com>
 2026-04-16 13:52:00 -03:00
Rafael
595cf680cf
Update to v1.35.4 (#13946) 
Signed-off-by: Rafael Breno <rafael_breno@outlook.com>
 2026-04-16 13:11:00 -03:00
thomasferrandiz
ee72c08b9b
Merge pull request #13937 from thomasferrandiz/bump-flannel-v0.28.4 
Bump flannel to v0.28.4
 2026-04-15 21:35:56 +02:00
Thomas Ferrandiz
bcf72325fd Bump flannel to v0.28.4 
Signed-off-by: Thomas Ferrandiz <thomas.ferrandiz@suse.com>
 2026-04-15 18:27:01 +00:00
Brad Davidson
6eb9d7c819 Bump containerd to v2.2.3
Some checks failed
govulncheck / govulncheck (push) Has been cancelled
Details
Scorecard supply-chain security / Scorecard analysis (push) Has been cancelled
Details 
Also bumps docker/docker (moby)

Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
 2026-04-15 11:05:42 -07:00
Brad Davidson
f891548e32 Fix embedded excutor VPN config injection
Some checks are pending
Scorecard supply-chain security / Scorecard analysis (push) Waiting to run
Details 
Allow the executor to modify node config before certs are generated, and use this to add VPN node IPs to kubelet serving cert
 2026-04-14 09:03:05 -07:00
Manuel Buil
4b18631007
Bump traefik to 3.6.12 (#13912)
Some checks are pending
Scorecard supply-chain security / Scorecard analysis (push) Waiting to run
Details 
Signed-off-by: Manuel Buil <mbuil@suse.com>
 2026-04-13 16:59:32 -04:00
dependabot[bot]
33f9173021 build(deps): bump docker/build-push-action from 7.0.0 to 7.1.0 
Bumps [docker/build-push-action](https://github.com/docker/build-push-action) from 7.0.0 to 7.1.0.
- [Release notes](https://github.com/docker/build-push-action/releases)
- [Commits](d08e5c354a...bcafcacb16)

---
updated-dependencies:
- dependency-name: docker/build-push-action
  dependency-version: 7.1.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2026-04-13 11:08:05 -07:00
dependabot[bot]
32f2169ed3 build(deps): bump softprops/action-gh-release from 2.6.1 to 3.0.0 
Bumps [softprops/action-gh-release](https://github.com/softprops/action-gh-release) from 2.6.1 to 3.0.0.
- [Release notes](https://github.com/softprops/action-gh-release/releases)
- [Changelog](https://github.com/softprops/action-gh-release/blob/master/CHANGELOG.md)
- [Commits](153bb8e044...b430933298)

---
updated-dependencies:
- dependency-name: softprops/action-gh-release
  dependency-version: 3.0.0
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
 2026-04-13 11:07:48 -07:00
dependabot[bot]
8b6f2a40e7 build(deps): bump actions/upload-artifact from 7.0.0 to 7.0.1 
Bumps [actions/upload-artifact](https://github.com/actions/upload-artifact) from 7.0.0 to 7.0.1.
- [Release notes](https://github.com/actions/upload-artifact/releases)
- [Commits](bbbca2ddaa...043fb46d1a)

---
updated-dependencies:
- dependency-name: actions/upload-artifact
  dependency-version: 7.0.1
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2026-04-13 11:07:38 -07:00
dependabot[bot]
0ae2bb1e6b build(deps): bump aws-actions/configure-aws-credentials 
Bumps [aws-actions/configure-aws-credentials](https://github.com/aws-actions/configure-aws-credentials) from 6.0.0 to 6.1.0.
- [Release notes](https://github.com/aws-actions/configure-aws-credentials/releases)
- [Changelog](https://github.com/aws-actions/configure-aws-credentials/blob/main/CHANGELOG.md)
- [Commits](8df5847569...ec61189d14)

---
updated-dependencies:
- dependency-name: aws-actions/configure-aws-credentials
  dependency-version: 6.1.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2026-04-13 11:07:17 -07:00