diff --git a/CHANGES.md b/CHANGES.md index 3b7952e2..fc9b7d13 100644 --- a/CHANGES.md +++ b/CHANGES.md @@ -4,7 +4,11 @@ Notable changes between versions. ## Latest -### v1.18.8 +### Fedora CoreOS + +* Fix SELinux label of bootstrap-secrets on non-bootstrapping controllers ([#808](https://github.com/poseidon/typhoon/pull/808)) + +## v1.18.8 * Kubernetes [v1.18.8](https://github.com/kubernetes/kubernetes/blob/master/CHANGELOG/CHANGELOG-1.18.md#v1188) * Migrate from Terraform v0.12.x to v0.13.x ([#804](https://github.com/poseidon/typhoon/pull/804)) (**action required**) diff --git a/aws/fedora-coreos/kubernetes/fcc/controller.yaml b/aws/fedora-coreos/kubernetes/fcc/controller.yaml index eff6fff7..0b04e113 100644 --- a/aws/fedora-coreos/kubernetes/fcc/controller.yaml +++ b/aws/fedora-coreos/kubernetes/fcc/controller.yaml @@ -160,6 +160,7 @@ storage: mv manifests /opt/bootstrap/assets/manifests mv manifests-networking/* /opt/bootstrap/assets/manifests/ rm -rf assets auth static-manifests tls manifests-networking + chcon -R -u system_u -t container_file_t /etc/kubernetes/bootstrap-secrets - path: /opt/bootstrap/apply mode: 0544 contents: diff --git a/azure/fedora-coreos/kubernetes/fcc/controller.yaml b/azure/fedora-coreos/kubernetes/fcc/controller.yaml index 6949ba04..8e90442f 100644 --- a/azure/fedora-coreos/kubernetes/fcc/controller.yaml +++ b/azure/fedora-coreos/kubernetes/fcc/controller.yaml @@ -159,6 +159,7 @@ storage: mv manifests /opt/bootstrap/assets/manifests mv manifests-networking/* /opt/bootstrap/assets/manifests/ rm -rf assets auth static-manifests tls manifests-networking + chcon -R -u system_u -t container_file_t /etc/kubernetes/bootstrap-secrets - path: /opt/bootstrap/apply mode: 0544 contents: diff --git a/bare-metal/fedora-coreos/kubernetes/fcc/controller.yaml b/bare-metal/fedora-coreos/kubernetes/fcc/controller.yaml index 4fa1342f..9ca7657b 100644 --- a/bare-metal/fedora-coreos/kubernetes/fcc/controller.yaml +++ b/bare-metal/fedora-coreos/kubernetes/fcc/controller.yaml @@ -170,6 +170,7 @@ storage: mv manifests /opt/bootstrap/assets/manifests mv manifests-networking/* /opt/bootstrap/assets/manifests/ rm -rf assets auth static-manifests tls manifests-networking + chcon -R -u system_u -t container_file_t /etc/kubernetes/bootstrap-secrets - path: /opt/bootstrap/apply mode: 0544 contents: diff --git a/digital-ocean/fedora-coreos/kubernetes/fcc/controller.yaml b/digital-ocean/fedora-coreos/kubernetes/fcc/controller.yaml index 7e404fc2..e7278672 100644 --- a/digital-ocean/fedora-coreos/kubernetes/fcc/controller.yaml +++ b/digital-ocean/fedora-coreos/kubernetes/fcc/controller.yaml @@ -166,6 +166,7 @@ storage: mv manifests /opt/bootstrap/assets/manifests mv manifests-networking/* /opt/bootstrap/assets/manifests/ rm -rf assets auth static-manifests tls manifests-networking + chcon -R -u system_u -t container_file_t /etc/kubernetes/bootstrap-secrets - path: /opt/bootstrap/apply mode: 0544 contents: diff --git a/google-cloud/fedora-coreos/kubernetes/fcc/controller.yaml b/google-cloud/fedora-coreos/kubernetes/fcc/controller.yaml index 5dbf6a4e..a3ac0401 100644 --- a/google-cloud/fedora-coreos/kubernetes/fcc/controller.yaml +++ b/google-cloud/fedora-coreos/kubernetes/fcc/controller.yaml @@ -159,6 +159,7 @@ storage: mv manifests /opt/bootstrap/assets/manifests mv manifests-networking/* /opt/bootstrap/assets/manifests/ rm -rf assets auth static-manifests tls manifests-networking + chcon -R -u system_u -t container_file_t /etc/kubernetes/bootstrap-secrets - path: /opt/bootstrap/apply mode: 0544 contents: