Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[release-1.29] Backports for 2024-09 #10844

Merged
merged 10 commits into from
Sep 6, 2024
Merged

[release-1.29] Backports for 2024-09 #10844

merged 10 commits into from
Sep 6, 2024

Commits on Sep 5, 2024

  1. Add trivy scanning trigger for PRs (k3s-io#10758) 

    Signed-off-by: Derek Nola <derek.nola@suse.com>
(cherry picked from commit fa6940d)
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
    @dereknola @brandond
    dereknola authored and brandond committed Sep 5, 2024
    Configuration menu
    Copy the full SHA
    dbcc108 View commit details
    Browse the repository at this point in the history

  2. Bump aquasecurity/trivy-action from 0.20.0 to 0.24.0 (k3s-io#10795) 

    Bumps [aquasecurity/trivy-action](https://github.com/aquasecurity/trivy-action) from 0.20.0 to 0.24.0.
- [Release notes](https://github.com/aquasecurity/trivy-action/releases)
- [Commits](aquasecurity/trivy-action@0.20.0...0.24.0)

---
updated-dependencies:
- dependency-name: aquasecurity/trivy-action
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
(cherry picked from commit dacc636)
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
    @dependabot @brandond
    dependabot[bot] authored and brandond committed Sep 5, 2024
    Configuration menu
    Copy the full SHA
    903af1c View commit details
    Browse the repository at this point in the history

  3. Fix /trivy action running against target branch instead of PR branch 

    Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
(cherry picked from commit 3d6e4a7)
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
    @brandond
    brandond committed Sep 5, 2024
    Configuration menu
    Copy the full SHA
    db76397 View commit details
    Browse the repository at this point in the history

Commits on Sep 6, 2024

  1. Tag PR image build as latest before scanning 

    This is less effort than passing the tag across steps 🤷‍♂️

Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
(cherry picked from commit 378edb9)
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
    @brandond
    brandond committed Sep 6, 2024
    Configuration menu
    Copy the full SHA
    8307876 View commit details
    Browse the repository at this point in the history

  2. Bump traefik to v2.11.8 

    Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
(cherry picked from commit bd45aa5)
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
    @brandond
    brandond committed Sep 6, 2024
    Configuration menu
    Copy the full SHA
    19792ab View commit details
    Browse the repository at this point in the history

  3. Update coredns to 1.11.3 and metrics-server to 0.7.2 

    Used https://github.com/coredns/corefile-migration to
migrate the corefile. There are no changes for the
default file from 1.10.1 to 1.11.3.

Notable plugin changes include the k8s_external with fallthrough option
and rewrite with cname_target option.

These changes are not part of the default config that ships
with k3s. Customers using these two plugins can start using the new options

Metrics does not have any new features other than build tooling updates.

Requires rancher/image-mirror#704

Signed-off-by: Harsimran Singh Maan <maan.harry@gmail.com>
(cherry picked from commit 0b4d249)
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
    @harsimranmaan @brandond
    harsimranmaan authored and brandond committed Sep 6, 2024
    Configuration menu
    Copy the full SHA
    17d8eb6 View commit details
    Browse the repository at this point in the history

  4. Bump containerd to v1.7.21, runc to v1.1.14 

    Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
(cherry picked from commit d746073)
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
    @brandond
    brandond committed Sep 6, 2024
    Configuration menu
    Copy the full SHA
    c0f8892 View commit details
    Browse the repository at this point in the history

  5. Bump helm-controller for skip-verify/plain-http and updated tolerations 

    Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
(cherry picked from commit 662799f)
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
    @brandond
    brandond committed Sep 6, 2024
    Configuration menu
    Copy the full SHA
    1bdffdf View commit details
    Browse the repository at this point in the history

  6. Fix rotateca validation failures when not touching default self-signe… 

    …d CAs

Also silences warnings about bootstrap fields that are not intended to be handled by CA rotation

Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
(cherry picked from commit fe3324c)
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
    @brandond
    brandond committed Sep 6, 2024
    Configuration menu
    Copy the full SHA
    1a93a99 View commit details
    Browse the repository at this point in the history

  7. Only clean up containerd hosts dirs managed by k3s 

    Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
(cherry picked from commit 270f85e)
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
    @brandond
    brandond committed Sep 6, 2024
    Configuration menu
    Copy the full SHA
    d1bd238 View commit details
    Browse the repository at this point in the history