-
Notifications
You must be signed in to change notification settings - Fork 2.3k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Server Token Rotation #8265
Server Token Rotation #8265
Conversation
Codecov ReportAttention:
Additional details and impacted files@@ Coverage Diff @@
## master #8265 +/- ##
==========================================
+ Coverage 44.73% 49.31% +4.58%
==========================================
Files 140 141 +1
Lines 14738 14902 +164
==========================================
+ Hits 6593 7349 +756
+ Misses 7031 6333 -698
- Partials 1114 1220 +106
Flags with carried forward coverage won't be shown. Click here to find out more.
☔ View full report in Codecov by Sentry. |
cc @jakefhyde @Oats87 in case you want to look over |
2a37d0f
to
010af11
Compare
Signed-off-by: Derek Nola <[email protected]>
Signed-off-by: Derek Nola <[email protected]>
Signed-off-by: Derek Nola <[email protected]>
Signed-off-by: Derek Nola <[email protected]>
Signed-off-by: Derek Nola <[email protected]>
Signed-off-by: Derek Nola <[email protected]>
Signed-off-by: Derek Nola <[email protected]>
Signed-off-by: Derek Nola <[email protected]>
Signed-off-by: Derek Nola <[email protected]>
Signed-off-by: Derek Nola <[email protected]>
Signed-off-by: Derek Nola <[email protected]>
Signed-off-by: Derek Nola <[email protected]>
Signed-off-by: Derek Nola <[email protected]>
aeefee6
to
a250c6a
Compare
* Consolidate NewCertCommands * Add support for user defined new token * Add E2E testlets Signed-off-by: Derek Nola <[email protected]> * Ensure agent token also changes Signed-off-by: Derek Nola <[email protected]>
* Consolidate NewCertCommands * Add support for user defined new token * Add E2E testlets Signed-off-by: Derek Nola <[email protected]> * Ensure agent token also changes Signed-off-by: Derek Nola <[email protected]>
* Consolidate NewCertCommands * Add support for user defined new token * Add E2E testlets Signed-off-by: Derek Nola <[email protected]> * Ensure agent token also changes Signed-off-by: Derek Nola <[email protected]>
@dereknola is this feature complete and usable?
All the location I found: https://docs.k3s.io/cli/token#k3s-token-rotate is the only location that says that rotation is possible. |
Proposed Changes
k3s token rotate
which enables a user to rotate the initial server token.Types of Changes
New Feature
Verification
Single node:
1234
/var/lib/rancher/k3s/server/token
run:k3s token rotate --new-token=6789
k3s token rotate --token 1234 --new-token=6789
6789
HA:
1234
/var/lib/rancher/k3s/server/token
run:k3s token rotate --new-token=6789
k3s token rotate --token 1234 --new-token=6789
6789
Testing
New Testlets in E2E test
Linked Issues
#8264
User-Facing Change
Further Comments