Lower min version to 1.2.0, pull in fixes for `imager` from Talos.
Add new tests for v1.3.7 as an example.
Signed-off-by: Andrey Smirnov <andrey.smirnov@siderolabs.com>
Fixes#19
Using Talos implementation of custom SecureBoot signers, provide full
implementation of SecureBoot assets signed either by static local PKI or
Azure Key Vault reference.
Signed-off-by: Andrey Smirnov <andrey.smirnov@siderolabs.com>
Image Factory now signs the generated asset using cosign flow with a
fixed key. Image Factory also verifies the signature before redirecting
to the image. This way we ensure the consistency of the cache.
The signing ECDSA private key (PEM-encoded) should be supplied as
`--signing-key-path` flag.
Fixes#29
Signed-off-by: Andrey Smirnov <andrey.smirnov@siderolabs.com>
Themes the nomenclature to align with Talos Linux
Signed-off-by: Andrew Rynhard <andrew@rynhard.io>
Signed-off-by: Andrey Smirnov <andrey.smirnov@siderolabs.com>
Fixes#13
This builds on top of extensions catalog (see
https://github.com/siderolabs/extensions/pull/225), and existing support
for specifying extension in the flavor.
Image Service resolve the list of extensions requested for a specific
version of Talos into a list of container images, pulls them, and
attaches them to the image request.
Image Service also provides endpoints to get information about available
Talos versions, supported extensions for each version, etc.
I also refactored a bit flow around fetching & verifying image to re-use
it in other flows, added support for authentication to the registry.
Signed-off-by: Andrey Smirnov <andrey.smirnov@siderolabs.com>
This allows to pull an installer image for a given version of Talos and
configuration.
The actual image is served from the registry, the image service is only
a frontend that redirects to the registry.
Signed-off-by: Andrey Smirnov <andrey.smirnov@siderolabs.com>
