From 167067b3dc1c7e11d9a707c32e8d8ce064f625fe Mon Sep 17 00:00:00 2001
From: Pierre Oblin <pierre.oblin@orange.com>
Date: Thu, 18 Nov 2021 05:19:20 -0500
Subject: [PATCH 1/4] fix k3s killall script closes #55

---
 jobs/k3s-agent/templates/bin/k3s-killall.sh  | 2 +-
 jobs/k3s-server/templates/bin/k3s-killall.sh | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/jobs/k3s-agent/templates/bin/k3s-killall.sh b/jobs/k3s-agent/templates/bin/k3s-killall.sh
index 50543fea..b0bf1cd3 100755
--- a/jobs/k3s-agent/templates/bin/k3s-killall.sh
+++ b/jobs/k3s-agent/templates/bin/k3s-killall.sh
@@ -62,7 +62,7 @@ do_unmount() {
 
 do_unmount '/run/k3s'
 do_unmount '/var/lib/rancher/k3s'
-do_unmount '/var/lib/kubelet/pods'
+do_unmount '/var/vcap/data/k3s-agent/kubelet/pods' #bosh fs layout adaptation
 do_unmount '/run/netns/cni-'
 
 # Delete network interface(s) that match 'master cni0'
diff --git a/jobs/k3s-server/templates/bin/k3s-killall.sh b/jobs/k3s-server/templates/bin/k3s-killall.sh
index 50543fea..b0bf1cd3 100755
--- a/jobs/k3s-server/templates/bin/k3s-killall.sh
+++ b/jobs/k3s-server/templates/bin/k3s-killall.sh
@@ -62,7 +62,7 @@ do_unmount() {
 
 do_unmount '/run/k3s'
 do_unmount '/var/lib/rancher/k3s'
-do_unmount '/var/lib/kubelet/pods'
+do_unmount '/var/vcap/data/k3s-agent/kubelet/pods' #bosh fs layout adaptation
 do_unmount '/run/netns/cni-'
 
 # Delete network interface(s) that match 'master cni0'

From e4c2a66d66ec095c1ab845c00a3311d18dc643fa Mon Sep 17 00:00:00 2001
From: Pierre Oblin <pierre.oblin@orange.com>
Date: Thu, 18 Nov 2021 07:59:59 -0500
Subject: [PATCH 2/4] add array of additional tls-san, closes #51

https://github.com/orange-cloudfoundry/k3s-boshrelease/issues/51
---
 jobs/k3s-server/spec                  | 5 +++++
 jobs/k3s-server/templates/bin/ctl.erb | 6 ++++++
 2 files changed, 11 insertions(+)

diff --git a/jobs/k3s-server/spec b/jobs/k3s-server/spec
index ed229d60..efc9791c 100644
--- a/jobs/k3s-server/spec
+++ b/jobs/k3s-server/spec
@@ -160,6 +160,11 @@ properties:
   k3s.master_vip_api:
     description: externaly defined vip ip for HA k3s (enables multi master instance groups). This is used for public api access, tls-san, and agents to server communication
 
+  k3s.additional_tls_sans:
+    description: array of additionnal tls-san for k8s api (added to default, ip, bosh-dns alias, or master vip if set)
+    default: []
+
+
 #done    
 #   -v value                                   (logging) Number for the log level verbosity (default: 0)
 #   --bind-address value                       (listener) k3s bind address (default: 0.0.0.0)
diff --git a/jobs/k3s-server/templates/bin/ctl.erb b/jobs/k3s-server/templates/bin/ctl.erb
index 83367d7b..a34cd676 100755
--- a/jobs/k3s-server/templates/bin/ctl.erb
+++ b/jobs/k3s-server/templates/bin/ctl.erb
@@ -75,6 +75,12 @@ case $1 in
 <% end %>
 <% end %>
 
+<% if_p('k3s.additional_tls_sans') do |value| %>
+<% p('k3s.additional_tls_sans').each do |san| %>
+    export FLAGS="$FLAGS --tls-san=<%= san %>"
+<% end %>
+<% end %>
+
 <% if_p('k3s.kube-cloud-controller-manager-arg') do |value| %>
 <% p('k3s.kube-cloud-controller-manager-arg').each do |flag| %>
     export FLAGS="$FLAGS --kube-cloud-controller-manager-arg=<%= flag %>"

From afd04e41d55daaf338c19d80eb7937afa5ef8192 Mon Sep 17 00:00:00 2001
From: Pierre Oblin <pierre.oblin@orange.com>
Date: Fri, 19 Nov 2021 14:44:00 +0000
Subject: [PATCH 3/4] bump k9s 0.25.3

---
 config/blobs.yml | 6 +++---
 vendir.lock      | 2 +-
 vendir.yml       | 2 +-
 3 files changed, 5 insertions(+), 5 deletions(-)

diff --git a/config/blobs.yml b/config/blobs.yml
index 583c0147..561108b8 100644
--- a/config/blobs.yml
+++ b/config/blobs.yml
@@ -7,9 +7,9 @@ k3s/k3s:
   object_id: 961a8805-55b9-4326-79a2-33b4f84a0a2b
   sha: sha256:cc9783c1b55360a750e102e7f76ef40353ac7d25fdb56f2e60e4bfe4c27ea5a9
 k9s/k9s:
-  size: 55521280
-  object_id: 1ae53940-e1a9-4c65-620b-245943c3ac34
-  sha: sha256:30d224999c38039888f08af4c017730e5fa3e6298b0946ab5d5a75efc59ec891
+  size: 55345152
+  object_id: ab60c63b-4855-4d38-73bf-aa90ddc5d976
+  sha: sha256:eb54cb3eca51f102683d30350f793f350d585794bb56f6323009445ab4fe7b8a
 kubectl/kubectl:
   size: 40226816
   object_id: a35d9768-942e-40a8-4596-30fd8062131c
diff --git a/vendir.lock b/vendir.lock
index f08f4542..cd8700c2 100755
--- a/vendir.lock
+++ b/vendir.lock
@@ -5,7 +5,7 @@ directories:
       url: https://api.github.com/repos/k3s-io/k3s/releases/52643096
     path: github.com/k3s-io/k3s
   - githubRelease:
-      url: https://api.github.com/repos/derailed/k9s/releases/53504665
+      url: https://api.github.com/repos/derailed/k9s/releases/53558283
     path: github.com/derailed/k9s
   path: src
 kind: LockConfig
diff --git a/vendir.yml b/vendir.yml
index 6959198c..81f4980a 100644
--- a/vendir.yml
+++ b/vendir.yml
@@ -21,7 +21,7 @@ directories:
   - path: github.com/derailed/k9s
     githubRelease:
       slug: derailed/k9s
-      tag: v0.25.1
+      tag: v0.25.3
       disableAutoChecksumValidation: true 
     includePaths:
     - "k9s_Linux_x86_64.tar.gz"

From b3baa4ba1a539a80d17c998abcb3243bff2b262b Mon Sep 17 00:00:00 2001
From: Pierre Oblin <pierre.oblin@orange.com>
Date: Fri, 19 Nov 2021 19:35:51 +0000
Subject: [PATCH 4/4] final version 21

---
 .final_builds/jobs/k3s-agent/index.yml  |  4 ++
 .final_builds/jobs/k3s-server/index.yml |  4 ++
 .final_builds/packages/k9s/index.yml    |  4 ++
 releases/k3s/index.yml                  |  2 +
 releases/k3s/k3s-21.yml                 | 58 +++++++++++++++++++++++++
 5 files changed, 72 insertions(+)
 create mode 100644 releases/k3s/k3s-21.yml

diff --git a/.final_builds/jobs/k3s-agent/index.yml b/.final_builds/jobs/k3s-agent/index.yml
index 96d7aa66..aa2647af 100644
--- a/.final_builds/jobs/k3s-agent/index.yml
+++ b/.final_builds/jobs/k3s-agent/index.yml
@@ -43,6 +43,10 @@ builds:
     version: a4d175996786ee5d1f915411a05765fa4174895bb3b00d077c60488b42119595
     blobstore_id: aa65b3bb-66f7-45b7-678e-497b2857704a
     sha1: sha256:3f6e549c4989d7febabb3287aa9bdf54a9b9a32679129a9b34e0ee47d2bf5719
+  b2090fcd22d7ee2a9914ee24d2ce77c62e8a86594ea1aba8673a732b21e76c2d:
+    version: b2090fcd22d7ee2a9914ee24d2ce77c62e8a86594ea1aba8673a732b21e76c2d
+    blobstore_id: b3ec1510-a0be-4394-7835-9460919e843e
+    sha1: sha256:c15854f417cf5ce6c6a059770869f1f2a15a202c806542c18662a00e6d9ec373
   c17a8adc1a8f595743f58228497c767a8bf5faab71e184c7a48c45bbeac1a843:
     version: c17a8adc1a8f595743f58228497c767a8bf5faab71e184c7a48c45bbeac1a843
     blobstore_id: 6d5c4e0a-e31a-49a8-5037-96aa51036a49
diff --git a/.final_builds/jobs/k3s-server/index.yml b/.final_builds/jobs/k3s-server/index.yml
index 8d4b4c10..acc49371 100644
--- a/.final_builds/jobs/k3s-server/index.yml
+++ b/.final_builds/jobs/k3s-server/index.yml
@@ -39,6 +39,10 @@ builds:
     version: 66c6019bc76d287c130841960d988232c4279aff394c7becb6a0c111a35e74d3
     blobstore_id: 90f3bc61-4475-47df-5bc2-df8df8550790
     sha1: sha256:e42412ba3d43b514a7b79ba609a48654a88186696a947056ddbc77b2c702a16e
+  68ef93b0ca643f4eff4170f83a91cd8624ba14daed9b2b89dcf1443b255a80f2:
+    version: 68ef93b0ca643f4eff4170f83a91cd8624ba14daed9b2b89dcf1443b255a80f2
+    blobstore_id: f3b074d1-5408-438b-4051-ca2121378ec6
+    sha1: sha256:8685832196cc4f5bbef715a5f8d930b311644a873db55e4a5a8405a3da049595
   85cbbe9198ed988a83185dbf9ddf52e6979f18b78a902198289df16b44e37a6f:
     version: 85cbbe9198ed988a83185dbf9ddf52e6979f18b78a902198289df16b44e37a6f
     blobstore_id: 21b746aa-39a6-40f4-5021-622a56913fb7
diff --git a/.final_builds/packages/k9s/index.yml b/.final_builds/packages/k9s/index.yml
index 52e0779c..e7527cf6 100644
--- a/.final_builds/packages/k9s/index.yml
+++ b/.final_builds/packages/k9s/index.yml
@@ -3,6 +3,10 @@ builds:
     version: 24b739026ef4bf491afc64ba3f32f7373dfe02e72f3f12a99af4f2c2b0eb106b
     blobstore_id: 4da80913-361d-4ba5-7f98-96d9b41011a9
     sha1: sha256:c1cffd40cbbb48bd80a35acf981d428051740da0c68835de7bede43d24cb3ece
+  9b556fa69d85046816daa09f737ed1d1137323e671727a09780396d57781ba5e:
+    version: 9b556fa69d85046816daa09f737ed1d1137323e671727a09780396d57781ba5e
+    blobstore_id: 55f6b46d-f3be-4b39-7971-411eb12ee0ec
+    sha1: sha256:f59628eb4b927ef28f1df40959f1877c6cbeebee5067f231c10733dfd40f53bb
   a6bdc7fe225b68ee8652ff5498619337fe61d5ca3830197d91ab5339f913d136:
     version: a6bdc7fe225b68ee8652ff5498619337fe61d5ca3830197d91ab5339f913d136
     blobstore_id: 7f435236-0a27-4e72-5aed-32c6cba36321
diff --git a/releases/k3s/index.yml b/releases/k3s/index.yml
index 11402e36..435b0a26 100644
--- a/releases/k3s/index.yml
+++ b/releases/k3s/index.yml
@@ -31,6 +31,8 @@ builds:
     version: "2"
   aa13e70f-e6f6-402f-54ae-3505a9e67570:
     version: "7"
+  b1374cae-5d51-4318-58fc-f2734f5077b3:
+    version: "21"
   bd7b1738-aa12-4f3a-55e9-fbeba85494d9:
     version: "11"
   c83221a4-9990-46f7-5fb0-e90adcaec54e:
diff --git a/releases/k3s/k3s-21.yml b/releases/k3s/k3s-21.yml
new file mode 100644
index 00000000..d951b05a
--- /dev/null
+++ b/releases/k3s/k3s-21.yml
@@ -0,0 +1,58 @@
+name: k3s
+version: "21"
+commit_hash: afd04e4
+uncommitted_changes: false
+jobs:
+- name: k3s-agent
+  version: b2090fcd22d7ee2a9914ee24d2ce77c62e8a86594ea1aba8673a732b21e76c2d
+  fingerprint: b2090fcd22d7ee2a9914ee24d2ce77c62e8a86594ea1aba8673a732b21e76c2d
+  sha1: sha256:c15854f417cf5ce6c6a059770869f1f2a15a202c806542c18662a00e6d9ec373
+  packages:
+  - k3s
+  - kubectl-k3s
+  - k3s-images
+- name: k3s-agent-airgaped-images
+  version: dac8160deeef67d642c67065cdb584c53ca84807717f4b7abb3e748badb97313
+  fingerprint: dac8160deeef67d642c67065cdb584c53ca84807717f4b7abb3e748badb97313
+  sha1: sha256:56989c04162b348ce691ad78d9ceaefc4b46338df95ebe87fda1e5ce0a30d429
+  packages:
+  - k3s-images
+- name: k3s-server
+  version: 68ef93b0ca643f4eff4170f83a91cd8624ba14daed9b2b89dcf1443b255a80f2
+  fingerprint: 68ef93b0ca643f4eff4170f83a91cd8624ba14daed9b2b89dcf1443b255a80f2
+  sha1: sha256:8685832196cc4f5bbef715a5f8d930b311644a873db55e4a5a8405a3da049595
+  packages:
+  - k3s
+  - k9s
+  - kubectl-k3s
+- name: k3s-server-airgaped-images
+  version: 3e8cc00744f582f54235a554c9a5a1bcbc16c8848330d8b17fbe1ab270f7d2ef
+  fingerprint: 3e8cc00744f582f54235a554c9a5a1bcbc16c8848330d8b17fbe1ab270f7d2ef
+  sha1: sha256:fbae88a6d6e06d8ac29288b73a971832e77d2483978c56481844e1c7f8e77c78
+  packages:
+  - k3s-images
+packages:
+- name: k3s
+  version: 51e59e09b03182cec02264570585cf5314ba53e22947c725cb2350109bc8524c
+  fingerprint: 51e59e09b03182cec02264570585cf5314ba53e22947c725cb2350109bc8524c
+  sha1: sha256:f277b2dd5c0f8a22e7a4ae685a7561a33e319b1353fb5c13004d04138d3630f2
+  dependencies: []
+- name: k3s-images
+  version: 216634c7f9c8c684053d50520c87d01d37670f9fb0df006d7b880277c5521cbe
+  fingerprint: 216634c7f9c8c684053d50520c87d01d37670f9fb0df006d7b880277c5521cbe
+  sha1: sha256:ba0c3aa34e08840258f110cf87f624dc2e6efed49b811c1e404f6d1f0a61377a
+  dependencies: []
+- name: k9s
+  version: 9b556fa69d85046816daa09f737ed1d1137323e671727a09780396d57781ba5e
+  fingerprint: 9b556fa69d85046816daa09f737ed1d1137323e671727a09780396d57781ba5e
+  sha1: sha256:f59628eb4b927ef28f1df40959f1877c6cbeebee5067f231c10733dfd40f53bb
+  dependencies: []
+- name: kubectl-k3s
+  version: 879683d1f72b98af4d9cfa29f5855db733d76aed08a5b868ef0c4322262e6fc0
+  fingerprint: 879683d1f72b98af4d9cfa29f5855db733d76aed08a5b868ef0c4322262e6fc0
+  sha1: sha256:345fd8dc9ca93d43658a80b360f730e6a9ba43bac02be1b6ab3c16a1584e5cc7
+  dependencies: []
+license:
+  version: cf0ca1fe65dee9607c7bb9460a3f20835e582cbb7f5b2c3625fba2e21d7e91b9
+  fingerprint: cf0ca1fe65dee9607c7bb9460a3f20835e582cbb7f5b2c3625fba2e21d7e91b9
+  sha1: sha256:cbe3175489dfaec91e9f392399fbfb68e008885feb91a3b8d493a35d2fc5a8fa