77bd16ff51
build(deps): bump github/codeql-action from 4.35.1 to 4.35.2
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 4.35.1 to 4.35.2.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](c10b8064de...95e58e9a2c
2026-04-20 11:12:02 +00:00
26c11f5c4d
Switch from draft to pre-release ( #13951 )
...
Signed-off-by: Rafael Breno <rafael_breno@outlook.com>
2026-04-16 20:23:48 -03:00
c6abac5140
Bump Traefik to 3.6.13 ( #13969 )
...
* Bump Traefik to 3.6.13
Signed-off-by: Chris Wayne <cwayne18@gmail.com>
Co-authored-by: Brad Davidson <brad@oatmail.org>
2026-04-16 18:20:38 -04:00
663d6f82fe
Switch release workflow trigger and add draft flag for release creation ( #13902 )
...
Signed-off-by: Rafael Breno <rafael_breno@outlook.com>
Signed-off-by: Rafael <32229014+rafaelbreno@users.noreply.github.com>
2026-04-16 13:52:00 -03:00
595cf680cf
Update to v1.35.4 ( #13946 )
...
Signed-off-by: Rafael Breno <rafael_breno@outlook.com>
2026-04-16 13:11:00 -03:00
ee72c08b9b
Merge pull request #13937 from thomasferrandiz/bump-flannel-v0.28.4
...
Bump flannel to v0.28.4
2026-04-15 21:35:56 +02:00
bcf72325fd
Bump flannel to v0.28.4
...
Signed-off-by: Thomas Ferrandiz <thomas.ferrandiz@suse.com>
2026-04-15 18:27:01 +00:00
6eb9d7c819
Bump containerd to v2.2.3
...
Also bumps docker/docker (moby)
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2026-04-15 11:05:42 -07:00
f891548e32
Fix embedded excutor VPN config injection
...
Allow the executor to modify node config before certs are generated, and use this to add VPN node IPs to kubelet serving cert
2026-04-14 09:03:05 -07:00
4b18631007
Bump traefik to 3.6.12 ( #13912 )
...
Signed-off-by: Manuel Buil <mbuil@suse.com>
2026-04-13 16:59:32 -04:00
33f9173021
build(deps): bump docker/build-push-action from 7.0.0 to 7.1.0
...
Bumps [docker/build-push-action](https://github.com/docker/build-push-action ) from 7.0.0 to 7.1.0.
- [Release notes](https://github.com/docker/build-push-action/releases )
- [Commits](d08e5c354a...bcafcacb16
2026-04-13 11:08:05 -07:00
32f2169ed3
build(deps): bump softprops/action-gh-release from 2.6.1 to 3.0.0
...
Bumps [softprops/action-gh-release](https://github.com/softprops/action-gh-release ) from 2.6.1 to 3.0.0.
- [Release notes](https://github.com/softprops/action-gh-release/releases )
- [Changelog](https://github.com/softprops/action-gh-release/blob/master/CHANGELOG.md )
- [Commits](153bb8e044...b430933298
2026-04-13 11:07:48 -07:00
8b6f2a40e7
build(deps): bump actions/upload-artifact from 7.0.0 to 7.0.1
...
Bumps [actions/upload-artifact](https://github.com/actions/upload-artifact ) from 7.0.0 to 7.0.1.
- [Release notes](https://github.com/actions/upload-artifact/releases )
- [Commits](bbbca2ddaa...043fb46d1a
2026-04-13 11:07:38 -07:00
0ae2bb1e6b
build(deps): bump aws-actions/configure-aws-credentials
...
Bumps [aws-actions/configure-aws-credentials](https://github.com/aws-actions/configure-aws-credentials ) from 6.0.0 to 6.1.0.
- [Release notes](https://github.com/aws-actions/configure-aws-credentials/releases )
- [Changelog](https://github.com/aws-actions/configure-aws-credentials/blob/main/CHANGELOG.md )
- [Commits](8df5847569...ec61189d14
2026-04-13 11:07:17 -07:00
62ce497982
build(deps): bump actions/github-script from 8.0.0 to 9.0.0
...
Bumps [actions/github-script](https://github.com/actions/github-script ) from 8.0.0 to 9.0.0.
- [Release notes](https://github.com/actions/github-script/releases )
- [Commits](ed597411d8...3a2844b7e9
2026-04-13 11:07:07 -07:00
59004ba8f6
Bump runc/spegel/helm-controller/kine
...
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2026-04-10 15:26:41 -07:00
468ccb50c3
Bump klipper helm to build20260410
...
Signed-off-by: Vitor Savian <vitor.savian@suse.com>
2026-04-10 16:15:55 -03:00
aaf780aaf5
Fix S3 test
...
Also pin the s3mock version to avoid future unexpected breaking changes
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2026-04-10 08:55:08 -07:00
d937c5a088
build(deps): bump github.com/nats-io/nats-server/v2
...
Bumps [github.com/nats-io/nats-server/v2](https://github.com/nats-io/nats-server ) from 2.12.2 to 2.12.6.
- [Release notes](https://github.com/nats-io/nats-server/releases )
- [Changelog](https://github.com/nats-io/nats-server/blob/main/RELEASES.md )
- [Commits](https://github.com/nats-io/nats-server/compare/v2.12.2...v2.12.6 )
---
updated-dependencies:
- dependency-name: github.com/nats-io/nats-server/v2
dependency-version: 2.12.6
dependency-type: indirect
...
Signed-off-by: dependabot[bot] <support@github.com>
2026-04-09 15:37:48 -07:00
d162000d58
build(deps): bump github.com/buger/jsonparser from 1.1.1 to 1.1.2
...
Bumps [github.com/buger/jsonparser](https://github.com/buger/jsonparser ) from 1.1.1 to 1.1.2.
- [Release notes](https://github.com/buger/jsonparser/releases )
- [Commits](https://github.com/buger/jsonparser/compare/v1.1.1...v1.1.2 )
---
updated-dependencies:
- dependency-name: github.com/buger/jsonparser
dependency-version: 1.1.2
dependency-type: indirect
...
Signed-off-by: dependabot[bot] <support@github.com>
2026-04-09 15:37:39 -07:00
500fd9cfd1
Fix reproducibility of embedded data tarball
...
The tar command in package-cli produces a non-reproducible archive
because file ordering and timestamps vary between builds. This causes
bit-for-bit differences when rebuilding k3s from the same source,
which breaks reproducible build systems such as Nix.
Sort the archive entries by name and clamp modification times to the
Unix epoch so the tarball content is deterministic regardless of
filesystem ordering or build time.
Ref: NixOS/nixpkgs#430225
Ref: NixOS/nixpkgs#502374
Signed-off-by: Jon Hermansen <jon@jh86.org>
2026-04-09 14:34:50 -07:00
8a4219e66c
build(deps): bump updatecli/updatecli-action from 2.100.0 to 3.0.0
...
Bumps [updatecli/updatecli-action](https://github.com/updatecli/updatecli-action ) from 2.100.0 to 3.0.0.
- [Release notes](https://github.com/updatecli/updatecli-action/releases )
- [Commits](4b17f4ea78...2cc8e6d8e3
2026-04-09 12:41:39 -07:00
1fe6732169
build(deps): bump docker/setup-buildx-action from 3.12.0 to 4.0.0
...
Bumps [docker/setup-buildx-action](https://github.com/docker/setup-buildx-action ) from 3.12.0 to 4.0.0.
- [Release notes](https://github.com/docker/setup-buildx-action/releases )
- [Commits](8d2750c68a...4d04d5d948
2026-04-09 12:41:15 -07:00
91dc10db9c
build(deps): bump github/codeql-action from 4.34.1 to 4.35.1
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 4.34.1 to 4.35.1.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](3869755554...c10b8064de
2026-04-09 12:40:57 -07:00
28d434405d
build(deps): bump actions/upload-artifact from 6.0.0 to 7.0.0
...
Bumps [actions/upload-artifact](https://github.com/actions/upload-artifact ) from 6.0.0 to 7.0.0.
- [Release notes](https://github.com/actions/upload-artifact/releases )
- [Commits](b7c566a772...bbbca2ddaa
2026-04-09 12:40:37 -07:00
d5fc981f18
build(deps): bump github.com/go-jose/go-jose/v4 from 4.1.3 to 4.1.4
...
Bumps [github.com/go-jose/go-jose/v4](https://github.com/go-jose/go-jose ) from 4.1.3 to 4.1.4.
- [Release notes](https://github.com/go-jose/go-jose/releases )
- [Commits](https://github.com/go-jose/go-jose/compare/v4.1.3...v4.1.4 )
---
updated-dependencies:
- dependency-name: github.com/go-jose/go-jose/v4
dependency-version: 4.1.4
dependency-type: indirect
...
Signed-off-by: dependabot[bot] <support@github.com>
2026-04-09 12:39:58 -07:00
d7c11bd78d
Check the k3s-root sha256sum
...
Signed-off-by: Manuel Buil <mbuil@suse.com>
2026-04-02 12:17:39 +02:00
5e578729b7
Verify sha256sum for kubelet and vagrant zip
...
Signed-off-by: Manuel Buil <mbuil@suse.com>
2026-04-01 19:08:35 +02:00
909ffe67c7
Pin govulncheck GHA version
...
Signed-off-by: Manuel Buil <mbuil@suse.com>
2026-04-01 18:08:59 +02:00
2a2cd99e3d
Secure the e2e yaml GHA
...
Signed-off-by: Manuel Buil <mbuil@suse.com>
2026-04-01 18:07:03 +02:00
9b6d5dfedd
Secure the vagrant-setup action.yaml
...
Signed-off-by: Manuel Buil <mbuil@suse.com>
2026-04-01 18:06:54 +02:00
77edf27321
Make tests/integration/Dockerfile.test more secure
...
Signed-off-by: Manuel Buil <mbuil@suse.com>
2026-04-01 18:06:43 +02:00
9701c74553
Make Dockerfile.test more secure
...
Signed-off-by: Manuel Buil <mbuil@suse.com>
2026-04-01 18:05:49 +02:00
9b93abc827
Merge pull request #13890 from BenBo17/main
...
Add Rocket Technologies to the list of adopters
2026-04-01 11:35:38 -04:00
abdfc194f2
Add Rocket Technologies to the list of adopters
...
Signed-off-by: Ben Schick <b.schick@rocket-technologies.de>
2026-03-31 23:32:22 +02:00
1dd8d5ca6c
Merge pull request #13881 from caesarakalaeii/patch-1
...
Add sipgate to the list of adopters
2026-03-30 12:41:33 -04:00
d4ad4acbfe
Update stable to v1.34.6+k3s1 ( #13873 )
...
Signed-off-by: Rafael Breno <rafael_breno@outlook.com>
2026-03-30 11:28:31 -03:00
2125fd1201
Add sipgate to the list of adopters
...
As requested at kubecon, this adds sipgate as a k3s adopter
Signed-off-by: Caesar <82340152+caesarakalaeii@users.noreply.github.com>
2026-03-30 13:25:18 +02:00
f1deb4ec75
Update to flannel v0.28.2
...
Signed-off-by: Michael Fritch <mfritch@suse.com>
2026-03-27 13:37:44 -06:00
57ad253578
Dapper is kill ( #13860 )
...
* Remove Dockerfile.dapper as it is not used
Signed-off-by: Chris Wayne <cwayne18@gmail.com>
2026-03-26 14:47:51 -04:00
b483ddc65a
Pin GH Actions to commit sha ( #13861 )
...
Signed-off-by: Chris Wayne <cwayne18@gmail.com>
2026-03-26 14:12:15 -04:00
a666b7905c
Add context to controller event recorders
...
Fixes issue where RKE2 event recorder events were not logged to console due to lack of logging context.
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2026-03-25 15:32:15 -07:00
367c38b49e
Bump helm-controller for job race fix
...
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2026-03-25 15:31:51 -07:00
cc1c20fdc0
fix: typo in etcd membership error message
...
Found a typo while working, quick fix.
It should display "This server is not a member of the etcd cluster" instead of "this server is a not a member of the etcd cluster"
Kind regards,
Signed-off-by: DT1mote <74531281+DT1mote@users.noreply.github.com>
2026-03-24 16:13:18 -07:00
f40cf096c9
Fix typo: overriden -> overridden in snapshot_handler.go
...
Signed-off-by: Charlie Tonneslan <cst0520@gmail.com>
2026-03-24 16:12:56 -07:00
a686a45bdb
chore: Update Trivy version in Dockerfile.dapper ( #13845 )
...
Made with ❤️ ️ by updatecli
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
2026-03-23 15:35:48 -04:00
176c93176d
[main] Update to v1.35.3-k3s1 and Go 1.25.7 ( #13836 )
...
* Update to v1.35.3
Signed-off-by: Rafael Breno <rafael_breno@outlook.com>
* Update how VERSION_GOLANG is set
Signed-off-by: Rafael Breno <rafael_breno@outlook.com>
---------
Signed-off-by: Rafael Breno <rafael_breno@outlook.com>
2026-03-19 17:17:36 -03:00
8183260241
build(deps): bump aquasecurity/trivy-action from 0.34.1 to 0.35.0 ( #13802 )
...
Bumps [aquasecurity/trivy-action](https://github.com/aquasecurity/trivy-action ) from 0.34.1 to 0.35.0.
- [Release notes](https://github.com/aquasecurity/trivy-action/releases )
- [Commits](https://github.com/aquasecurity/trivy-action/compare/0.34.1...0.35.0 )
---
updated-dependencies:
- dependency-name: aquasecurity/trivy-action
dependency-version: 0.35.0
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-03-17 09:09:15 -07:00
b9f4182d51
build(deps): bump softprops/action-gh-release from 2.5.0 to 2.6.1 ( #13803 )
...
Bumps [softprops/action-gh-release](https://github.com/softprops/action-gh-release ) from 2.5.0 to 2.6.1.
- [Release notes](https://github.com/softprops/action-gh-release/releases )
- [Changelog](https://github.com/softprops/action-gh-release/blob/master/CHANGELOG.md )
- [Commits](https://github.com/softprops/action-gh-release/compare/v2.5.0...v2.6.1 )
---
updated-dependencies:
- dependency-name: softprops/action-gh-release
dependency-version: 2.6.1
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-03-17 09:09:04 -07:00
f29d8288b0
build(deps): bump docker/login-action from 3 to 4 ( #13804 )
...
Bumps [docker/login-action](https://github.com/docker/login-action ) from 3 to 4.
- [Release notes](https://github.com/docker/login-action/releases )
- [Commits](https://github.com/docker/login-action/compare/v3...v4 )
---
updated-dependencies:
- dependency-name: docker/login-action
dependency-version: '4'
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-03-17 09:08:56 -07:00
dependabot[bot]
Rafael
Chris Wayne
thomasferrandiz
Brad Davidson
Manuel Buil
Vitor Savian
Jon Hermansen
caroline-suse-rancher
Ben Schick
Caesar
Michael Fritch
DT1mote
Charlie Tonneslan
github-actions[bot]