Also add an ordinal to subtests so its easier to figure out which one is failing
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>

Restricting deferred node password validation to only requests from the local node is not possible without breaking split-role cluster cold start. There are too many cases where node password secrets may not yet be available due to the apiserver not being up.
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>

* Update to v1.32.1
Signed-off-by: Rafael Breno <32229014+rafaelbreno@users.noreply.github.com>

* Update Go version
Signed-off-by: Rafael Breno <32229014+rafaelbreno@users.noreply.github.com>

---------
Signed-off-by: Rafael Breno <32229014+rafaelbreno@users.noreply.github.com>

Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
(cherry picked from commit d0ea741b)
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>

* Upload E2E journald logs as artifacts in GHA
Signed-off-by: Derek Nola <derek.nola@suse.com>

* Improve fork information for parent extraction
Signed-off-by: Derek Nola <derek.nola@suse.com>

---------
Signed-off-by: Derek Nola <derek.nola@suse.com>

* Add "k3s certificate check" clause for better test coverage
Signed-off-by: Derek Nola <derek.nola@suse.com>

* Add table support to cert check
Signed-off-by: Derek Nola <derek.nola@suse.com>

---------
Signed-off-by: Derek Nola <derek.nola@suse.com>

* Add auto import images for containerd image store

* Add auto import images
Signed-off-by: Vitor Savian <vitor.savian@suse.com>

* Fix EOF error log when importing tarball files
Signed-off-by: Vitor Savian <vitor.savian@suse.com>

* Delaying queue
Signed-off-by: Vitor Savian <vitor.savian@suse.com>

* Add parse for images
Signed-off-by: Vitor Savian <vitor.savian@suse.com>

---------
Signed-off-by: Vitor Savian <vitor.savian@suse.com>

Only wait for k3s-controller RBAC when AuthorizeNodeWithSelectors blocks kubelet from listing nodes
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>

#11501
Signed-off-by: muicoder <muicoder@gmail.com>
(cherry picked from commit 0144d9b7)
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>

Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
(cherry picked from commit 9b1b90b1)
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>

Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
(cherry picked from commit f345697c)
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>

Make this field an interface instead of pointer to allow mocking. Not sure why wrangler has a type that returns an interface instead of just making it an interface itself. Wrangler in general is hard to mock for testing.
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
(cherry picked from commit e6327652)
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>

Convert nodepassword tests to use shared mocks
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
(cherry picked from commit c20c0637)
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>

Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
(cherry picked from commit 8f8cfb56)
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>

Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
(cherry picked from commit f8271d85)
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>

Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
(cherry picked from commit 36537244)
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>

Clients now generate keys client-side and send CSRs. If the server is down-level and sends a cert+key instead of just responding with a cert signed with the client's public key, we use the key from the server instead.
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
(cherry picked from commit caeebc52)
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>

Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
(cherry picked from commit 5b1d57f7)
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>

The servers package, and router.go in particular, had become quite
large. Address this by moving some things out to separate packages:
* http request handlers all move to pkg/server/handlers.
* node password bootstrap auth handler goes into pkg/nodepassword with
  the other nodepassword code.

While we're at it, also be more consistent about calling variables that
hold a config.Control struct or reference `control` instead of `config` or `server`.
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
(cherry picked from commit 2e4e7cf2)
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>

#11501
Signed-off-by: muicoder <muicoder@gmail.com>
(cherry picked from commit 056cee82)
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>

Signed-off-by: Derek Nola <derek.nola@suse.com>
(cherry picked from commit 67ffd2ab)
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>

Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com>

Avoid "snapshot save already in progress" flake when snapshot reconcile from previous save is still in progress.
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>

Signed-off-by: Brad Davidson <brad.davidson@rancher.com>

Signed-off-by: Brad Davidson <brad.davidson@rancher.com>

Expose actual error, so that we can tell if the deployment is not found or not ready/available
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>

Makes logged output more consistent when k3s fails during initialization
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>

* Update libraries and codegen for k8s 1.32
Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com>
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>

* Fixes for 1.32
Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com>
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>

* Disable tests with down-rev agents

These are broken by AuthorizeNodeWithSelectors being on by default. All
agents must be upgraded to v1.32 or newer to work properly, until we
backport RBAC changes to older branches.
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>

---------
Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com>
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
Co-authored-by: Brad Davidson <brad.davidson@rancher.com>

Signed-off-by: Derek Nola <derek.nola@suse.com>

Bumps alpine from 3.20 to 3.21.

---
updated-dependencies:
- dependency-name: alpine
  dependency-type: direct:production
  update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

Signed-off-by: Brooks Newberry <brooks@newberry.com>

Made with ❤️️ by updatecli
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>

* Update to coredns 1.12.0
Signed-off-by: Reinhard Nägele <unguiculus@gmail.com>

Add flags supervisor and apiserver ports and bind address so that we can add an e2e to cover supervisor and apiserver on separate ports, as used by rke2
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>

Fix issue where rke2 tunnel was trying to connect to apiserver port instead of supervisor
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>

Signed-off-by: Derek Nola <derek.nola@suse.com>

Signed-off-by: Brad Davidson <brad.davidson@rancher.com>

The error message should be printf style, not just concatenated. The
current message is garbled if the command or result contains things that
look like formatting directives:

`Internal error occurred: error sending request: Post "https://10.10.10.102:10250/exec/default/volume-test/volume-test?command=sh&command=-c&command=echo+local-path-test+%!!(MISSING)E(MISSING)+%!!(MISSING)F(MISSING)data%!!(MISSING)F(MISSING)test&error=1&output=1": proxy error from 127.0.0.1:6443 while dialing 10.10.10.102:10250, code 502: 502 Bad Gateway`
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>