upstream/k3s - Forgejo: Beyond coding. We Forge.

mirror of https://github.com/k3s-io/k3s.git synced 2026-02-03 20:39:49 -05:00

Author	SHA1	Message	Date
Derek Nola	f1b166f74f	Move to rootlesskit v2 (#13486 ) Signed-off-by: Derek Nola <derek.nola@suse.com>	2026-01-21 10:14:10 -08:00
Derek Nola	425630ce22	Prevent caching on PR of golangci-lint entries (#13487 ) Signed-off-by: Derek Nola <derek.nola@suse.com>	2026-01-21 10:09:46 -08:00
Manuel Buil	5e6460381b	Update Traefik version to v3.6.7 Some checks failed Scorecard supply-chain security / Scorecard analysis (push) Has been cancelled Details Signed-off-by: Manuel Buil <mbuil@suse.com>	2026-01-19 18:06:57 +01:00
Manuel Buil	c24294f24f	Fix lines to satisfy lint Signed-off-by: Manuel Buil <mbuil@suse.com>	2026-01-19 15:35:50 +01:00
Geoffrey Perrin	e61c3b5862	Add Momentum Coach AI to K3S adopters list (#13467 ) Some checks failed Scorecard supply-chain security / Scorecard analysis (push) Has been cancelled Details * Add Momentum Coach AI to K3S adopters list Signed-off-by: Geoffrey Perrin <perrin.geoffrey.1@gmail.com> * Fix typo in "Momentum Coach AI" Signed-off-by: Geoffrey Perrin <perrin.geoffrey.1@gmail.com> --------- Signed-off-by: Geoffrey Perrin <perrin.geoffrey.1@gmail.com>	2026-01-16 09:23:25 -05:00
Michael Fritch	04e8f1b5ec	Merge pull request #13449 from mgfritch/coredns-1.14.0 Some checks failed Scorecard supply-chain security / Scorecard analysis (push) Has been cancelled Details Bump to coredns 1.14.0	2026-01-09 17:34:49 -07:00
Michael Fritch	d27f36c4c4	Bump to coredns 1.14.0 Signed-off-by: Michael Fritch <mfritch@suse.com>	2026-01-09 15:53:37 -07:00
Brad Davidson	9307d829bf	Remove download/generate from vulncheck This has been broken since july when `cb061687d4` was merged Signed-off-by: Brad Davidson <brad.davidson@rancher.com>	2026-01-09 13:37:36 -08:00
Brad Davidson	358c8cc00f	Fix setup-go cache issues Some checks failed Scorecard supply-chain security / Scorecard analysis (push) Waiting to run Details govulncheck / govulncheck (push) Has been cancelled Details Install Script / build (push) Has been cancelled Details Install Script / Smoke Test (push) Has been cancelled Details * Move cleanup earlier, to prevent running out of space when restoring caches * Consistently use local setup-go action to avoid saving cache on PR runs * Update local setup-go action Signed-off-by: Brad Davidson <brad.davidson@rancher.com>	2026-01-09 13:23:28 -08:00
Brad Davidson	8c3587dfbc	Bump kine for NATS conformance fixes Includes the long-awaited fixes from * https://github.com/k3s-io/kine/pull/549 Signed-off-by: Brad Davidson <brad.davidson@rancher.com>	2026-01-09 13:23:28 -08:00
Brad Davidson	9587f67dd1	Update longhorn version in integration test from v1.4.0 to v1.10.1 Manifest from https://raw.githubusercontent.com/longhorn/longhorn/v1.10.1/deploy/longhorn.yaml - with modifications to use rancher-mirrored images to avoid image pull rate limits, and allow operation on a node with fewer resources. Also adds more log dumping on integration test failure. Signed-off-by: Brad Davidson <brad.davidson@rancher.com>	2026-01-09 10:40:31 -08:00
Brad Davidson	2ed73bed39	Add deferred store implimentation Some checks are pending govulncheck / govulncheck (push) Waiting to run Details Scorecard supply-chain security / Scorecard analysis (push) Waiting to run Details Spegel insists on checking containerd features when the store is created, so defer creating it until after contaienerd is up Signed-off-by: Brad Davidson <brad.davidson@rancher.com>	2026-01-08 13:54:14 -08:00
Brad Davidson	efeacc1ed8	Bump spegel to v0.6.0 Signed-off-by: Brad Davidson <brad.davidson@rancher.com>	2026-01-08 13:54:14 -08:00
Brad Davidson	e4f67846fe	Bump expr-lang/expr Some checks are pending govulncheck / govulncheck (push) Waiting to run Details Scorecard supply-chain security / Scorecard analysis (push) Waiting to run Details Fixes HIGH CVE-2025-68156. This is an indirect dep from github.com/nats-io/jsm.go but it appears they have not yet bumped it either Signed-off-by: Brad Davidson <brad.davidson@rancher.com>	2026-01-08 11:38:29 -08:00
luojiyin	f42523c55f	Fix atomic write in WriteSubnetFile - Use os.CreateTemp to avoid race conditions with fixed temp filename - Add f.Sync() before close to ensure data durability - Check all fmt.Fprintf errors instead of ignoring them - Preserve original file permissions when overwriting - Handle dir== edge case from filepath.Split - Check os.MkdirAll error - Proper cleanup on all error paths Signed-off-by: luojiyin <luojiyin@hotmail.com> Add documentation comments to WriteSubnetFile Clarify the design choices for atomic file writing: - Explain why CreateTemp is used (defense-in-depth, avoids pre-existing file issues) - Document the single-instance assumption - Note the permission preservation logic Signed-off-by: luojiyin <luojiyin@hotmail.com> Update WriteSubnetFile comment to clarify CreateTemp rationale Remove misleading reference to concurrent writes (K3s is single-instance). Focus on the actual benefits: avoiding stale temp files from crashes, handling unexpected permissions/ownership, and O_EXCL guarantees. Signed-off-by: luojiyin <luojiyin@hotmail.com> Refactor cleanup to use merr.NewErrors for better error aggregation Address review feedback from @brandond to improve error handling: - Change cleanup function to accept error parameter - Use merr.NewErrors to aggregate original error with Close/Remove errors - Simplify error handling with consistent return cleanup(err) pattern Signed-off-by: luojiyin <luojiyin@hotmail.com> Fix Close error handling to preserve original error Add cleanupNoClose helper to avoid double Close and preserve the original Close error when file close fails. Signed-off-by: luojiyin <luojiyin@hotmail.com>	2026-01-08 11:37:41 -08:00
Brad Davidson	926bbce8aa	Drop use of deprecated docker reexec package Signed-off-by: Brad Davidson <brad.davidson@rancher.com>	2026-01-08 11:33:17 -08:00
Brad Davidson	ade30b4568	Bump CNI plugins Signed-off-by: Brad Davidson <brad.davidson@rancher.com>	2026-01-08 11:33:17 -08:00
Rafael	b167ee165d	Push GA images to staging registry (#13438 ) Signed-off-by: Rafael Breno <rafael_breno@outlook.com>	2026-01-08 14:46:19 -03:00
Derek Nola	2e5f63ba37	Bump local path provisioner to v0.0.34 (#13430 ) Some checks are pending Scorecard supply-chain security / Scorecard analysis (push) Waiting to run Details Signed-off-by: Derek Nola <derek.nola@suse.com>	2026-01-07 13:31:26 -08:00
Brad Davidson	1f2f610b5a	Remove flannel external-ip annotations when disabled Some checks are pending Scorecard supply-chain security / Scorecard analysis (push) Waiting to run Details Signed-off-by: Brad Davidson <brad.davidson@rancher.com>	2026-01-07 11:58:56 -08:00
Derek Nola	2ef2865ebd	Bump coredns to 1.13.2 Some checks failed Scorecard supply-chain security / Scorecard analysis (push) Has been cancelled Details Signed-off-by: Derek Nola <derek.nola@suse.com>	2026-01-05 13:53:48 -08:00
Derek Nola	1fd611df35	Bump traefik to 3.6.6 Signed-off-by: Derek Nola <derek.nola@suse.com>	2026-01-05 13:53:48 -08:00
Brad Davidson	ae59cd0173	Add tests for etcd local reconcile Some checks failed Scorecard supply-chain security / Scorecard analysis (push) Waiting to run Details Install Script / build (push) Has been cancelled Details Install Script / Smoke Test (push) Has been cancelled Details Signed-off-by: Brad Davidson <brad.davidson@rancher.com>	2026-01-05 09:59:29 -08:00
Brad Davidson	0563fc258f	Fix etcd reconcile with empty TLS dirs Reconcile against local etcd would short-circuit and skip reading from the datastore if the cert dirs were missing. Signed-off-by: Brad Davidson <brad.davidson@rancher.com>	2026-01-05 09:59:29 -08:00
Brad Davidson	d38b4b30cd	Replace temporary etcd server with raw mvcc store access Fixes an issue where copying files out from under a currently-running etcd instance can cause startup reconcile to fail. Direct creation of a mvcc store without any of the raft stuff is faster, and gives us direct control over how the store handles snapshot recovery. Signed-off-by: Brad Davidson <brad.davidson@rancher.com>	2026-01-05 09:59:29 -08:00
Brad Davidson	da15d31856	Don't enforce use of wg.Go instead of Add/Done Signed-off-by: Brad Davidson <brad.davidson@rancher.com>	2026-01-05 09:59:29 -08:00
dependabot[bot]	8e416186d7	Bump actions/cache from 4 to 5 (#13347 ) Bumps [actions/cache](https://github.com/actions/cache) from 4 to 5. - [Release notes](https://github.com/actions/cache/releases) - [Changelog](https://github.com/actions/cache/blob/main/RELEASES.md) - [Commits](https://github.com/actions/cache/compare/v4...v5) --- updated-dependencies: - dependency-name: actions/cache dependency-version: '5' dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2026-01-05 09:41:31 -08:00
Ricardo Noriega	75cb83b672	Fix typos in documentation (#13411 ) Signed-off-by: Ricardo Noriega De Soto <rnoriega@redhat.com>	2026-01-05 09:36:15 -08:00
Derek Nola	a8b4befa6d	Use Get, not Head for channel page (#13402 ) Signed-off-by: Derek Nola <derek.nola@suse.com>	2026-01-05 09:35:06 -08:00
github-actions[bot]	9c89e960cd	chore: Bump Local Path Provisioner version (#13387 ) Made with ❤️️ by updatecli Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>	2026-01-05 09:32:38 -08:00
Derek Nola	fd48cd6233	Allow k3s secrets-encrypt enable on existing clusters Some checks failed Scorecard supply-chain security / Scorecard analysis (push) Has been cancelled Details - Places an identity provider as a setup to enable later encryption - Update secrets-encryption test Signed-off-by: Derek Nola <derek.nola@suse.com>	2025-12-30 10:34:23 -08:00
Derek Nola	7ece08a0dc	Bump rancher/systemd-node to v0.0.7 (SLES 16.0) Signed-off-by: Derek Nola <derek.nola@suse.com>	2025-12-30 10:34:23 -08:00
Brad Davidson	f08deaf851	Bump stable to 1.34 and add 1.35 Some checks failed Install Script / build (push) Has been cancelled Details Scorecard supply-chain security / Scorecard analysis (push) Has been cancelled Details Install Script / Smoke Test (push) Has been cancelled Details Signed-off-by: Brad Davidson <brad.davidson@rancher.com>	2025-12-22 14:10:34 -08:00
dependabot[bot]	eb443b4179	Bump actions/download-artifact from 6 to 7 (#13346 ) Some checks are pending Install Script / build (push) Waiting to run Details Install Script / Smoke Test (push) Blocked by required conditions Details Scorecard supply-chain security / Scorecard analysis (push) Waiting to run Details Bumps [actions/download-artifact](https://github.com/actions/download-artifact) from 6 to 7. - [Release notes](https://github.com/actions/download-artifact/releases) - [Commits](https://github.com/actions/download-artifact/compare/v6...v7) --- updated-dependencies: - dependency-name: actions/download-artifact dependency-version: '7' dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2025-12-22 09:22:56 -08:00
Rafael	149bb91da0	Update stable channel to v1.34.3+k3s1 (#13374 ) Signed-off-by: Rafael Breno <rafael_breno@outlook.com>	2025-12-22 10:35:33 -03:00
Brad Davidson	421e364cc9	Fix PR lint checkout depth Some checks failed Scorecard supply-chain security / Scorecard analysis (push) Has been cancelled Details Need to check out one deeper than the number of commits in order to compare to the target branch Signed-off-by: Brad Davidson <brad.davidson@rancher.com>	2025-12-18 14:46:59 -08:00
Brad Davidson	e44a77d475	lint: nested-structs Some checks failed Scorecard supply-chain security / Scorecard analysis (push) Waiting to run Details govulncheck / govulncheck (push) Has been cancelled Details Signed-off-by: Brad Davidson <brad.davidson@rancher.com>	2025-12-18 11:20:07 -08:00
Brad Davidson	fc506e56dd	lint: unnecessary-format,use-errors-new Signed-off-by: Brad Davidson <brad.davidson@rancher.com>	2025-12-18 11:20:07 -08:00
Brad Davidson	003fd4471c	lint: unhandled-error Signed-off-by: Brad Davidson <brad.davidson@rancher.com>	2025-12-18 11:20:07 -08:00
Brad Davidson	c1f02b8b19	lint: identical-switch-branches Signed-off-by: Brad Davidson <brad.davidson@rancher.com>	2025-12-18 11:20:07 -08:00
Brad Davidson	8e0e37e303	lint: useless-break Signed-off-by: Brad Davidson <brad.davidson@rancher.com>	2025-12-18 11:20:07 -08:00
Brad Davidson	91a41d8c30	lint: unnecessary-stmt Signed-off-by: Brad Davidson <brad.davidson@rancher.com>	2025-12-18 11:20:07 -08:00
Brad Davidson	49d080c7b7	lint: unexported-return Signed-off-by: Brad Davidson <brad.davidson@rancher.com>	2025-12-18 11:20:07 -08:00
Brad Davidson	46c7ade9e9	lint: unexported-naming Signed-off-by: Brad Davidson <brad.davidson@rancher.com>	2025-12-18 11:20:07 -08:00
Brad Davidson	62d2737faa	lint: unchecked-type-assertion Adds a generic wrapper around lru.Cache Signed-off-by: Brad Davidson <brad.davidson@rancher.com>	2025-12-18 11:20:07 -08:00
Brad Davidson	83feb3c31d	lint: superfluous-else Signed-off-by: Brad Davidson <brad.davidson@rancher.com>	2025-12-18 11:20:07 -08:00
Brad Davidson	e416f10e3a	lint: struct-tag Signed-off-by: Brad Davidson <brad.davidson@rancher.com>	2025-12-18 11:20:07 -08:00
Brad Davidson	291086171b	lint: redefines-builtin-id Signed-off-by: Brad Davidson <brad.davidson@rancher.com>	2025-12-18 11:20:07 -08:00
Brad Davidson	26b4f21479	lint: indent-error-flow Signed-off-by: Brad Davidson <brad.davidson@rancher.com>	2025-12-18 11:20:07 -08:00
Brad Davidson	4d1ad3d595	lint: import-alias-naming Signed-off-by: Brad Davidson <brad.davidson@rancher.com>	2025-12-18 11:20:07 -08:00

1 2 3 4 5 ...

3964 commits