Impersonate the `os:admin` role in the Talos gRPC proxy to make the
request work both in maintenance and normal modes.
Fixes: https://github.com/siderolabs/omni/issues/1143
Signed-off-by: Artem Chernyshev <artem.chernyshev@talos-systems.com>
Make each controller process only resources labeled with it's provider
ID.
Allow overriding gRPC tunnel options for the machine classes/request
sets.
Expose join configs to the infra providers.
Also publish Omni integration tests as the part of releases.
Signed-off-by: Artem Chernyshev <artem.chernyshev@talos-systems.com>
Using so-called phantom types we can use the types themselves as keys directly without loosing performance.
You no longer need to remember which type was attached to the thing you passed in context and can look up
all fields access directly.
Part of #37
Signed-off-by: Dmitriy Matrenichev <dmitry.matrenichev@siderolabs.com>
Any insecure `talosctl` commands now work with Omni per-instance
`talosconfig`.
User should have at least `Operator` Omni role to be able to use the
insecure `talosctl` mode.
DNS resolver was updated to react on the `MachineStatus` resource
creation, not only the `ClusterMachineConfigStatus` resource.
That makes the DNS record for UUID appear as soon as machine joins Omni,
not when the machine gets allocated into a cluster.
Machines list now has maintenance Talos version update button.
The UI will issue `talosctl upgrade` when another Talos version is
picked.
`MachineStatus` controller was updated a bit: version poller wasn't
marked as dirty after maintenance upgrades. Now we mark it as dirty
every time we get Talos `MachineStatus` resource update.
Also fixed UI issues here and there.
Signed-off-by: Artem Chernyshev <artem.chernyshev@talos-systems.com>
We were not correctly checking if the nodes passed via `talosctl --nodes` were resolved before replacing the target in the GRPC metadata with the resolved ones.
We were handling a single node in the metadata correctly, but not doing the same handing for multiple nodes. This PR fixes that.
This PR simplifies that logic.
Signed-off-by: Utku Ozdemir <utku.ozdemir@siderolabs.com>
Omni is source-available under BUSL.
Signed-off-by: Andrey Smirnov <andrey.smirnov@siderolabs.com>
Co-Authored-By: Artem Chernyshev <artem.chernyshev@talos-systems.com>
Co-Authored-By: Utku Ozdemir <utku.ozdemir@siderolabs.com>
Co-Authored-By: Dmitriy Matrenichev <dmitry.matrenichev@siderolabs.com>
Co-Authored-By: Philipp Sauter <philipp.sauter@siderolabs.com>
Co-Authored-By: Noel Georgi <git@frezbo.dev>
Co-Authored-By: evgeniybryzh <evgeniybryzh@gmail.com>
Co-Authored-By: Tim Jones <tim.jones@siderolabs.com>
Co-Authored-By: Andrew Rynhard <andrew@rynhard.io>
Co-Authored-By: Spencer Smith <spencer.smith@talos-systems.com>
Co-Authored-By: Christian Rolland <christian.rolland@siderolabs.com>
Co-Authored-By: Gerard de Leeuw <gdeleeuw@leeuwit.nl>
Co-Authored-By: Steve Francis <67986293+steverfrancis@users.noreply.github.com>
Co-Authored-By: Volodymyr Mazurets <volodymyrmazureets@gmail.com>
