fix: update k3s version and improve TLS certificate logging

- Update k3s download URLs to version 1.28.15 for both amd64 and arm64 binaries
- Enhance certificate checking to log a warning for expired TLS certificates

Signed-off-by: ysicing <[email protected]>

Author: ysicing

hack/scripts/getk3s.sh

@@ -8,10 +8,10 @@
 set -xe
 
 if [ ! -f "hack/bin/k3s-linux-amd64" ]; then
-	wget -O hack/bin/k3s-linux-amd64 https://github.com/k3s-io/k3s/releases/download/v1.28.14%2Bk3s1/k3s
+	wget -O hack/bin/k3s-linux-amd64 https://github.com/k3s-io/k3s/releases/download/v1.28.15%2Bk3s1/k3s
 fi
 if [ ! -f "hack/bin/k3s-linux-arm64" ]; then
-  wget -O hack/bin/k3s-linux-arm64 https://github.com/k3s-io/k3s/releases/download/v1.28.14%2Bk3s1/k3s-arm64
+  wget -O hack/bin/k3s-linux-arm64 https://github.com/k3s-io/k3s/releases/download/v1.28.15%2Bk3s1/k3s-arm64
 fi
 
 chmod +x hack/bin/k3s-linux-amd64 hack/bin/k3s-linux-arm64

internal/pkg/util/httptls/httptls.go

@@ -65,6 +65,10 @@ func checkCertificate(domain string) (bool, error) {
 			log.Warnf("domain %s use self-signed certificate", domain)
 			return true, nil
 		}
+		if strings.Contains(err.Error(), "x509: certificate has expired or is not vet valid") {
+			log.Warnf("domain %s tls expired", domain)
+			return true, nil
+		}
 		return false, err
 	}
 	defer func() { _ = resp.Body.Close() }()