Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[Release-1.26] Server Token Rotation #8577

Merged
merged 1 commit into from
Oct 10, 2023

Conversation

dereknola
Copy link
Member

Proposed Changes

Backport #8265

  • Consolidate NewCertCommands
  • Add support for user defined new token
  • Add E2E testlets
  • Ensure agent token also changes

Linked Issues

#8298

User-Facing Change

Users can now rotate the server token using `k3s token rotate -t <OLD_TOKEN> --new-token <NEW_TOKEN>`. After command succeeds, all server nodes must be restarted with the new token.

Further Comments

* Consolidate NewCertCommands
* Add support for user defined new token
* Add E2E testlets

Signed-off-by: Derek Nola <derek.nola@suse.com>

* Ensure agent token also changes

Signed-off-by: Derek Nola <derek.nola@suse.com>
@dereknola dereknola requested a review from a team as a code owner October 9, 2023 18:05
@codecov
Copy link

codecov bot commented Oct 9, 2023

Codecov Report

Attention: 70 lines in your changes are missing coverage. Please review.

Comparison is base (db869df) 19.48% compared to head (6b07899) 19.30%.

Additional details and impacted files
@@               Coverage Diff                @@
##           release-1.26    #8577      +/-   ##
================================================
- Coverage         19.48%   19.30%   -0.19%     
================================================
  Files                83       83              
  Lines              5589     5642      +53     
================================================
  Hits               1089     1089              
- Misses             4274     4327      +53     
  Partials            226      226              
Flag Coverage Δ
unittests 19.30% <0.00%> (-0.19%) ⬇️

Flags with carried forward coverage won't be shown. Click here to find out more.

Files Coverage Δ
pkg/daemons/control/deps/deps.go 48.78% <ø> (ø)
pkg/cli/cmds/certs.go 0.00% <0.00%> (ø)
pkg/cli/cmds/token.go 0.00% <0.00%> (ø)
pkg/cluster/storage.go 0.00% <0.00%> (ø)

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

@dereknola dereknola merged commit 8acba4a into k3s-io:release-1.26 Oct 10, 2023
15 checks passed
@dereknola dereknola deleted the server_token_126 branch October 17, 2023 17:08
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

2 participants