New Release notes update (#180)

* Fix for using the github actions for release-notes
* Update patch release notes
* New v1.28.X page

Signed-off-by: Derek Nola <[email protected]>

.github/workflows/release-notes.yml

@@ -1,4 +1,4 @@
-name: Collect all
+name: Collect Release Notes
 on:
   workflow_dispatch
 
@@ -16,7 +16,7 @@ jobs:
           rm docs/release-notes/*.md
           scripts/collect-all-release-notes.sh
         env:
-          GITHUB_TOKEN: ${{ secrets.REPO_TOKEN }}
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
       - name: Create Pull Request
         uses: peter-evans/create-pull-request@v5
         with:

docs/release-notes/v1.24.X.md

@@ -10,6 +10,7 @@ Before upgrading from earlier releases, be sure to read the Kubernetes [Urgent U
 
 | Version | Release date | Kubernetes | Kine | SQLite | Etcd | Containerd | Runc | Flannel | Metrics-server | Traefik | CoreDNS | Helm-controller | Local-path-provisioner  |
 | ----- | ----- | ----- | ----- | ----- | ----- | ----- | ----- | ----- | ----- | ----- | ----- | ----- | -----  |
+| [v1.24.17+k3s1](v1.24.X.md#release-v12417k3s1) | Sep 05 2023| [v1.24.17](https://github.com/kubernetes/kubernetes/blob/master/CHANGELOG/CHANGELOG-1.24.md#v12417) | [v0.10.2](https://github.com/k3s-io/kine/releases/tag/v0.10.2) | [3.42.0](https://sqlite.org/releaselog/3_42_0.html) | [v3.5.3-k3s1](https://github.com/k3s-io/etcd/releases/tag/v3.5.3-k3s1) | [v1.7.3-k3s1](https://github.com/k3s-io/containerd/releases/tag/v1.7.3-k3s1) | [v1.1.8](https://github.com/opencontainers/runc/releases/tag/v1.1.8) | [v0.21.3-k3s1.23](https://github.com/flannel-io/flannel/releases/tag/v0.21.3-k3s1.23) | [v0.6.3](https://github.com/kubernetes-sigs/metrics-server/releases/tag/v0.6.3) | [v2.9.10](https://github.com/traefik/traefik/releases/tag/v2.9.10) | [v1.10.1](https://github.com/coredns/coredns/releases/tag/v1.10.1) | [v0.15.4](https://github.com/k3s-io/helm-controller/releases/tag/v0.15.4) | [v0.0.24](https://github.com/rancher/local-path-provisioner/releases/tag/v0.0.24)  |
 | [v1.24.16+k3s1](v1.24.X.md#release-v12416k3s1) | Jul 27 2023| [v1.24.16](https://github.com/kubernetes/kubernetes/blob/master/CHANGELOG/CHANGELOG-1.24.md#v12416) | [v0.10.1](https://github.com/k3s-io/kine/releases/tag/v0.10.1) | [3.39.2](https://sqlite.org/releaselog/3_39_2.html) | [v3.5.3-k3s1](https://github.com/k3s-io/etcd/releases/tag/v3.5.3-k3s1) | [v1.7.1-k3s1](https://github.com/k3s-io/containerd/releases/tag/v1.7.1-k3s1) | [v1.1.7](https://github.com/opencontainers/runc/releases/tag/v1.1.7) | [v0.21.3-k3s1.23](https://github.com/flannel-io/flannel/releases/tag/v0.21.3-k3s1.23) | [v0.6.3](https://github.com/kubernetes-sigs/metrics-server/releases/tag/v0.6.3) | [v2.9.10](https://github.com/traefik/traefik/releases/tag/v2.9.10) | [v1.10.1](https://github.com/coredns/coredns/releases/tag/v1.10.1) | [v0.15.2](https://github.com/k3s-io/helm-controller/releases/tag/v0.15.2) | [v0.0.24](https://github.com/rancher/local-path-provisioner/releases/tag/v0.0.24)  |
 | [v1.24.15+k3s1](v1.24.X.md#release-v12415k3s1) | Jun 26 2023| [v1.24.15](https://github.com/kubernetes/kubernetes/blob/master/CHANGELOG/CHANGELOG-1.24.md#v12415) | [v0.10.1](https://github.com/k3s-io/kine/releases/tag/v0.10.1) | [3.39.2](https://sqlite.org/releaselog/3_39_2.html) | [v3.5.3-k3s1](https://github.com/k3s-io/etcd/releases/tag/v3.5.3-k3s1) | [v1.7.1-k3s1](https://github.com/k3s-io/containerd/releases/tag/v1.7.1-k3s1) | [v1.1.7](https://github.com/opencontainers/runc/releases/tag/v1.1.7) | [v0.21.3-k3s1.23](https://github.com/flannel-io/flannel/releases/tag/v0.21.3-k3s1.23) | [v0.6.3](https://github.com/kubernetes-sigs/metrics-server/releases/tag/v0.6.3) | [v2.9.10](https://github.com/traefik/traefik/releases/tag/v2.9.10) | [v1.10.1](https://github.com/coredns/coredns/releases/tag/v1.10.1) | [v0.15.0](https://github.com/k3s-io/helm-controller/releases/tag/v0.15.0) | [v0.0.24](https://github.com/rancher/local-path-provisioner/releases/tag/v0.0.24)  |
 | [v1.24.14+k3s1](v1.24.X.md#release-v12414k3s1) | May 26 2023| [v1.24.14](https://github.com/kubernetes/kubernetes/blob/master/CHANGELOG/CHANGELOG-1.24.md#v12414) | [v0.10.1](https://github.com/k3s-io/kine/releases/tag/v0.10.1) | [3.39.2](https://sqlite.org/releaselog/3_39_2.html) | [v3.5.3-k3s1](https://github.com/k3s-io/etcd/releases/tag/v3.5.3-k3s1) | [v1.7.1-k3s1](https://github.com/k3s-io/containerd/releases/tag/v1.7.1-k3s1) | [v1.1.7](https://github.com/opencontainers/runc/releases/tag/v1.1.7) | [v0.21.3-k3s1.23](https://github.com/flannel-io/flannel/releases/tag/v0.21.3-k3s1.23) | [v0.6.2](https://github.com/kubernetes-sigs/metrics-server/releases/tag/v0.6.2) | [v2.9.10](https://github.com/traefik/traefik/releases/tag/v2.9.10) | [v1.10.1](https://github.com/coredns/coredns/releases/tag/v1.10.1) | [v0.14.0](https://github.com/k3s-io/helm-controller/releases/tag/v0.14.0) | [v0.0.24](https://github.com/rancher/local-path-provisioner/releases/tag/v0.0.24)  |
@@ -30,6 +31,43 @@ Before upgrading from earlier releases, be sure to read the Kubernetes [Urgent U
 
 <br />
 
+## Release v1.24.17+k3s1
+<!-- v1.24.17+k3s1 -->
+This release updates Kubernetes to v1.24.17, and fixes a number of issues.
+
+:::caution IMPORTANT
+This release includes support for remediating CVE-2023-32187, a potential Denial of Service attack vector on K3s servers. See https://github.com/k3s-io/k3s/security/advisories/GHSA-m4hf-6vgr-75r2 for more information, including mandatory steps necessary to harden clusters against this vulnerability.
+:::
+
+For more details on what's new, see the [Kubernetes release notes](https://github.com/kubernetes/kubernetes/blob/master/CHANGELOG/CHANGELOG-1.24.md#changelog-since-v12416).
+
+### Changes since v1.24.16+k3s1:
+
+* Update cni plugins version to v1.3.0 [(#8087)](https://github.com/k3s-io/k3s/pull/8087)
+* Etcd snapshots retention when node name changes [(#8124)](https://github.com/k3s-io/k3s/pull/8124)
+* August Test Backports [(#8128)](https://github.com/k3s-io/k3s/pull/8128)
+* Backports for 2023-08 release [(#8135)](https://github.com/k3s-io/k3s/pull/8135)
+  * K3s's external apiserver listener now declines to add to its certificate any subject names not associated with the kubernetes apiserver service, server nodes, or values of the --tls-san option. This prevents the certificate's SAN list from being filled with unwanted entries.
+  * K3s no longer enables the apiserver's `enable-aggregator-routing` flag when the egress proxy is not being used to route connections to in-cluster endpoints.
+  * Updated the embedded containerd to v1.7.3+k3s1
+  * Updated the embedded runc to v1.1.8
+  * User-provided containerd config templates may now use `{{ template "base" . }}` to include the default K3s template content. This makes it easier to maintain user configuration if the only need is to add additional sections to the file.
+  * Bump docker/docker module version to fix issues with cri-dockerd caused by recent releases of golang rejecting invalid host headers sent by the docker client.
+  * Updated kine to v0.10.2
+* K3s etcd-snapshot delete fail to delete local file when called with s3 flag [(#8146)](https://github.com/k3s-io/k3s/pull/8146)
+* Fix for cluster-reset backup from s3 when etcd snapshots are disabled [(#8168)](https://github.com/k3s-io/k3s/pull/8168)
+* Fixed the etcd retention to delete orphaned snapshots based on the date [(#8191)](https://github.com/k3s-io/k3s/pull/8191)
+* Additional backports for 2023-08 release [(#8214)](https://github.com/k3s-io/k3s/pull/8214)
+  * The version of `helm` used by the bundled helm controller's job image has been updated to v3.12.3
+  * Bumped dynamiclistener to address an issue that could cause the apiserver/supervisor listener on 6443 to stop serving requests on etcd-only nodes.
+  * The K3s external apiserver/supervisor listener on 6443 now sends a complete certificate chain in the TLS handshake.
+* Fix runc version bump [(#8243)](https://github.com/k3s-io/k3s/pull/8243)
+* Update to v1.24.17 [(#8240)](https://github.com/k3s-io/k3s/pull/8240)
+* Add new CLI flag to enable TLS SAN CN filtering [(#8260)](https://github.com/k3s-io/k3s/pull/8260)
+  * Added a new `--tls-san-security` option. This flag defaults to false, but can be set to true to disable automatically adding SANs to the server's TLS certificate to satisfy any hostname requested by a client.
+* Add RWMutex to address controller [(#8276)](https://github.com/k3s-io/k3s/pull/8276)
+
+-----
 ## Release v1.24.16+k3s1
 <!-- v1.24.16+k3s1 -->