From 4e814a8f286f874771d1b8083a3eafc8f18d403b Mon Sep 17 00:00:00 2001 From: Brooks Newberry Date: Tue, 16 Apr 2024 04:40:41 -0700 Subject: [PATCH 1/3] update Go to v1.21.9 Signed-off-by: Brooks Newberry --- .drone.yml | 4 ++-- Dockerfile | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/.drone.yml b/.drone.yml index d2e33f6bdb..784115f8c1 100644 --- a/.drone.yml +++ b/.drone.yml @@ -136,7 +136,7 @@ steps: - refs/tags/* - name: publish-image-runtime - image: rancher/hardened-build-base:v1.21.8b1 + image: rancher/hardened-build-base:v1.21.9b1 commands: - docker login -u $DOCKER_USERNAME -p $DOCKER_PASSWORD - DRONE_TAG=${DRONE_TAG} make publish-image-runtime @@ -312,7 +312,7 @@ steps: - refs/tags/* - name: publish-image-runtime - image: rancher/hardened-build-base:v1.21.8b1 + image: rancher/hardened-build-base:v1.21.9b1 commands: - docker login -u $DOCKER_USERNAME -p $DOCKER_PASSWORD - DRONE_TAG=${DRONE_TAG} make publish-image-runtime diff --git a/Dockerfile b/Dockerfile index 5aae98cb27..4cdd077391 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,7 +1,7 @@ ARG KUBERNETES_VERSION=dev # Build environment -FROM rancher/hardened-build-base:v1.21.8b1 AS build +FROM rancher/hardened-build-base:v1.21.9b1 AS build ARG DAPPER_HOST_ARCH ENV ARCH $DAPPER_HOST_ARCH RUN set -x && \ From 9d9372a9ac0702c9701f7a32706b886fd25f3843 Mon Sep 17 00:00:00 2001 From: Brooks Newberry Date: Tue, 16 Apr 2024 04:43:10 -0700 Subject: [PATCH 2/3] update Kubernetes to v1.29.4 Signed-off-by: Brooks Newberry --- Dockerfile | 2 +- scripts/version.sh | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/Dockerfile b/Dockerfile index 4cdd077391..c1ce5fc1a8 100644 --- a/Dockerfile +++ b/Dockerfile @@ -113,7 +113,7 @@ RUN rm -vf /charts/*.sh /charts/*.md /charts/chart_versions.yaml # This image includes any host level programs that we might need. All binaries # must be placed in bin/ of the file image and subdirectories of bin/ will be flattened during installation. # This means bin/foo/bar will become bin/bar when rke2 installs this to the host -FROM rancher/hardened-kubernetes:v1.29.3-rke2r1-build20240315 AS kubernetes +FROM rancher/hardened-kubernetes:v1.29.4-rke2r1-build20240416 AS kubernetes FROM rancher/hardened-containerd:v1.7.11-k3s2-build20231211 AS containerd FROM rancher/hardened-crictl:v1.29.0-build20231219 AS crictl FROM rancher/hardened-runc:v1.1.12-build20240201 AS runc diff --git a/scripts/version.sh b/scripts/version.sh index 7ba93ba768..51d165a2e9 100755 --- a/scripts/version.sh +++ b/scripts/version.sh @@ -31,8 +31,8 @@ REVISION=$(git rev-parse HEAD)$(if ! git diff --no-ext-diff --quiet --exit-code; PLATFORM=${GOOS}-${GOARCH} RELEASE=${PROG}.${PLATFORM} # hardcode versions unless set specifically -KUBERNETES_VERSION=${KUBERNETES_VERSION:-v1.29.3} -KUBERNETES_IMAGE_TAG=${KUBERNETES_IMAGE_TAG:-v1.29.3-rke2r1-build20240315} +KUBERNETES_VERSION=${KUBERNETES_VERSION:-v1.29.4} +KUBERNETES_IMAGE_TAG=${KUBERNETES_IMAGE_TAG:-v1.29.4-rke2r1-build20240416} ETCD_VERSION=${ETCD_VERSION:-v3.5.9-k3s1} PAUSE_VERSION=${PAUSE_VERSION:-3.6} CCM_VERSION=${CCM_VERSION:-v1.29.3-build20240412} From c90dfe2e1ef9bc4c38615be477b69ffa8943a2c7 Mon Sep 17 00:00:00 2001 From: Brooks Newberry Date: Thu, 18 Apr 2024 12:40:29 -0700 Subject: [PATCH 3/3] update hardened-etcd image Signed-off-by: Brooks Newberry --- scripts/build-binary | 2 +- scripts/build-images | 2 +- scripts/build-windows-binary | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/scripts/build-binary b/scripts/build-binary index dc5482f88a..6dd9c4a6af 100755 --- a/scripts/build-binary +++ b/scripts/build-binary @@ -30,7 +30,7 @@ VERSION_FLAGS=" -X ${K3S_PKG}/pkg/version.Version=${VERSION} -X ${K3S_PKG}/pkg/version.UpstreamGolang=${VERSION_GOLANG} -X ${RKE2_PKG}/pkg/images.DefaultRegistry=${REGISTRY} - -X ${RKE2_PKG}/pkg/images.DefaultEtcdImage=rancher/hardened-etcd:${ETCD_VERSION}-build20230802 + -X ${RKE2_PKG}/pkg/images.DefaultEtcdImage=rancher/hardened-etcd:${ETCD_VERSION}-build20240418 -X ${RKE2_PKG}/pkg/images.DefaultKubernetesImage=rancher/hardened-kubernetes:${KUBERNETES_IMAGE_TAG} -X ${RKE2_PKG}/pkg/images.DefaultPauseImage=rancher/mirrored-pause:${PAUSE_VERSION} -X ${RKE2_PKG}/pkg/images.DefaultRuntimeImage=${REPO}/${PROG}-runtime:${DOCKERIZED_VERSION} diff --git a/scripts/build-images b/scripts/build-images index 801af1c963..8722601b81 100755 --- a/scripts/build-images +++ b/scripts/build-images @@ -16,7 +16,7 @@ xargs -n1 -t docker image pull --quiet << EOF >> build/images-core.txt ${REGISTRY}/rancher/hardened-coredns:v1.11.1-build20240305 ${REGISTRY}/rancher/hardened-cluster-autoscaler:v1.8.10-build20240124 ${REGISTRY}/rancher/hardened-dns-node-cache:1.22.28-build20240125 - ${REGISTRY}/rancher/hardened-etcd:${ETCD_VERSION}-build20230802 + ${REGISTRY}/rancher/hardened-etcd:${ETCD_VERSION}-build20240418 ${REGISTRY}/rancher/hardened-k8s-metrics-server:v0.7.1-build20240401 ${REGISTRY}/rancher/hardened-addon-resizer:1.8.20-build20240410 ${REGISTRY}/rancher/klipper-helm:v0.8.3-build20240228 diff --git a/scripts/build-windows-binary b/scripts/build-windows-binary index e5d5e46f90..2b5882440d 100755 --- a/scripts/build-windows-binary +++ b/scripts/build-windows-binary @@ -31,7 +31,7 @@ VERSION_FLAGS=" -X ${K3S_PKG}/pkg/version.Version=${VERSION} -X ${K3S_PKG}/pkg/version.UpstreamGolang=${VERSION_GOLANG} -X ${RKE2_PKG}/pkg/images.DefaultRegistry=${REGISTRY} - -X ${RKE2_PKG}/pkg/images.DefaultEtcdImage=rancher/hardened-etcd:${ETCD_VERSION}-build20230802 + -X ${RKE2_PKG}/pkg/images.DefaultEtcdImage=rancher/hardened-etcd:${ETCD_VERSION}-build20240418 -X ${RKE2_PKG}/pkg/images.DefaultKubernetesImage=${REPO}/hardened-kubernetes:${KUBERNETES_IMAGE_TAG} -X ${RKE2_PKG}/pkg/images.DefaultPauseImage=rancher/mirrored-pause:${PAUSE_VERSION} -X ${RKE2_PKG}/pkg/images.DefaultRuntimeImage=${REPO}/${PROG}-runtime:${DOCKERIZED_VERSION}-${GOOS}-${GOARCH}