diff --git a/.github/workflows/integration-airgapped-triggered.yaml b/.github/workflows/integration-airgapped-triggered.yaml index 905cf3a01..fedb1bc72 100644 --- a/.github/workflows/integration-airgapped-triggered.yaml +++ b/.github/workflows/integration-airgapped-triggered.yaml @@ -1,6 +1,6 @@ # THIS FILE WAS AUTOMATICALLY GENERATED, PLEASE DO NOT EDIT. # -# Generated on 2026-04-16T16:39:06Z by kres b6d29bf-dirty. +# Generated on 2026-04-18T08:30:12Z by kres 2de15fc-dirty. concurrency: group: ${{ github.head_ref || github.run_id }} @@ -14,6 +14,12 @@ concurrency: name: integration-airgapped-triggered jobs: default: + permissions: + actions: read + contents: write + issues: read + packages: write + pull-requests: read runs-on: group: large if: github.event.workflow_run.conclusion == 'success' diff --git a/.github/workflows/integration-aws-nvidia-triggered.yaml b/.github/workflows/integration-aws-nvidia-triggered.yaml index cae3dbbe2..28aa3d8ca 100644 --- a/.github/workflows/integration-aws-nvidia-triggered.yaml +++ b/.github/workflows/integration-aws-nvidia-triggered.yaml @@ -1,6 +1,6 @@ # THIS FILE WAS AUTOMATICALLY GENERATED, PLEASE DO NOT EDIT. # -# Generated on 2026-04-17T07:31:21Z by kres b6d29bf-dirty. +# Generated on 2026-04-18T08:30:12Z by kres 2de15fc-dirty. concurrency: group: ${{ github.head_ref || github.run_id }} @@ -14,6 +14,12 @@ concurrency: name: integration-aws-nvidia-triggered jobs: default: + permissions: + actions: read + contents: write + issues: read + packages: write + pull-requests: read runs-on: group: generic if: github.event.workflow_run.conclusion == 'success' diff --git a/.github/workflows/integration-aws-triggered.yaml b/.github/workflows/integration-aws-triggered.yaml index 9fa3b5e9b..1213acfea 100644 --- a/.github/workflows/integration-aws-triggered.yaml +++ b/.github/workflows/integration-aws-triggered.yaml @@ -1,6 +1,6 @@ # THIS FILE WAS AUTOMATICALLY GENERATED, PLEASE DO NOT EDIT. # -# Generated on 2026-04-17T07:31:21Z by kres b6d29bf-dirty. +# Generated on 2026-04-18T08:30:12Z by kres 2de15fc-dirty. concurrency: group: ${{ github.head_ref || github.run_id }} @@ -14,6 +14,12 @@ concurrency: name: integration-aws-triggered jobs: default: + permissions: + actions: read + contents: write + issues: read + packages: write + pull-requests: read runs-on: group: generic if: github.event.workflow_run.conclusion == 'success' diff --git a/.github/workflows/integration-cilium-triggered.yaml b/.github/workflows/integration-cilium-triggered.yaml index 5bc104cac..778236fa8 100644 --- a/.github/workflows/integration-cilium-triggered.yaml +++ b/.github/workflows/integration-cilium-triggered.yaml @@ -1,6 +1,6 @@ # THIS FILE WAS AUTOMATICALLY GENERATED, PLEASE DO NOT EDIT. # -# Generated on 2026-04-16T16:39:06Z by kres b6d29bf-dirty. +# Generated on 2026-04-18T08:30:12Z by kres 2de15fc-dirty. concurrency: group: ${{ github.head_ref || github.run_id }} @@ -14,6 +14,12 @@ concurrency: name: integration-cilium-triggered jobs: default: + permissions: + actions: read + contents: write + issues: read + packages: write + pull-requests: read runs-on: group: large if: github.event.workflow_run.conclusion == 'success' diff --git a/.github/workflows/integration-cloud-images-triggered.yaml b/.github/workflows/integration-cloud-images-triggered.yaml index 5fc27792b..f802d2940 100644 --- a/.github/workflows/integration-cloud-images-triggered.yaml +++ b/.github/workflows/integration-cloud-images-triggered.yaml @@ -1,6 +1,6 @@ # THIS FILE WAS AUTOMATICALLY GENERATED, PLEASE DO NOT EDIT. # -# Generated on 2026-04-16T16:39:06Z by kres b6d29bf-dirty. +# Generated on 2026-04-18T08:30:12Z by kres 2de15fc-dirty. concurrency: group: ${{ github.head_ref || github.run_id }} @@ -14,6 +14,12 @@ concurrency: name: integration-cloud-images-triggered jobs: default: + permissions: + actions: read + contents: write + issues: read + packages: write + pull-requests: read runs-on: group: generic if: github.event.workflow_run.conclusion == 'success' diff --git a/.github/workflows/integration-conformance-triggered.yaml b/.github/workflows/integration-conformance-triggered.yaml index fec654223..f11c21a63 100644 --- a/.github/workflows/integration-conformance-triggered.yaml +++ b/.github/workflows/integration-conformance-triggered.yaml @@ -1,6 +1,6 @@ # THIS FILE WAS AUTOMATICALLY GENERATED, PLEASE DO NOT EDIT. # -# Generated on 2026-04-17T07:31:21Z by kres b6d29bf-dirty. +# Generated on 2026-04-18T08:30:12Z by kres 2de15fc-dirty. concurrency: group: ${{ github.head_ref || github.run_id }} @@ -14,6 +14,12 @@ concurrency: name: integration-conformance-triggered jobs: default: + permissions: + actions: read + contents: write + issues: read + packages: write + pull-requests: read runs-on: group: large if: github.event.workflow_run.conclusion == 'success' diff --git a/.github/workflows/integration-embedded-triggered.yaml b/.github/workflows/integration-embedded-triggered.yaml index 1c251fae2..b3fcd838d 100644 --- a/.github/workflows/integration-embedded-triggered.yaml +++ b/.github/workflows/integration-embedded-triggered.yaml @@ -1,6 +1,6 @@ # THIS FILE WAS AUTOMATICALLY GENERATED, PLEASE DO NOT EDIT. # -# Generated on 2026-04-17T03:10:27Z by kres b6d29bf-dirty. +# Generated on 2026-04-18T08:30:12Z by kres 2de15fc-dirty. concurrency: group: ${{ github.head_ref || github.run_id }} @@ -14,6 +14,12 @@ concurrency: name: integration-embedded-triggered jobs: default: + permissions: + actions: read + contents: write + issues: read + packages: write + pull-requests: read runs-on: group: large if: github.event.workflow_run.conclusion == 'success' diff --git a/.github/workflows/integration-extensions-triggered.yaml b/.github/workflows/integration-extensions-triggered.yaml index 500fc86b6..f165a6548 100644 --- a/.github/workflows/integration-extensions-triggered.yaml +++ b/.github/workflows/integration-extensions-triggered.yaml @@ -1,6 +1,6 @@ # THIS FILE WAS AUTOMATICALLY GENERATED, PLEASE DO NOT EDIT. # -# Generated on 2026-04-16T16:39:06Z by kres b6d29bf-dirty. +# Generated on 2026-04-18T08:30:12Z by kres 2de15fc-dirty. concurrency: group: ${{ github.head_ref || github.run_id }} @@ -14,6 +14,12 @@ concurrency: name: integration-extensions-triggered jobs: default: + permissions: + actions: read + contents: write + issues: read + packages: write + pull-requests: read runs-on: group: large if: github.event.workflow_run.conclusion == 'success' diff --git a/.github/workflows/integration-gcp-triggered.yaml b/.github/workflows/integration-gcp-triggered.yaml index cd0e70f3f..ec1694d92 100644 --- a/.github/workflows/integration-gcp-triggered.yaml +++ b/.github/workflows/integration-gcp-triggered.yaml @@ -1,6 +1,6 @@ # THIS FILE WAS AUTOMATICALLY GENERATED, PLEASE DO NOT EDIT. # -# Generated on 2026-04-16T16:39:06Z by kres b6d29bf-dirty. +# Generated on 2026-04-18T08:30:12Z by kres 2de15fc-dirty. concurrency: group: ${{ github.head_ref || github.run_id }} @@ -14,6 +14,12 @@ concurrency: name: integration-gcp-triggered jobs: default: + permissions: + actions: read + contents: write + issues: read + packages: write + pull-requests: read runs-on: group: generic if: github.event.workflow_run.conclusion == 'success' diff --git a/.github/workflows/integration-image-cache-triggered.yaml b/.github/workflows/integration-image-cache-triggered.yaml index 41f32523a..a1c1ca289 100644 --- a/.github/workflows/integration-image-cache-triggered.yaml +++ b/.github/workflows/integration-image-cache-triggered.yaml @@ -1,6 +1,6 @@ # THIS FILE WAS AUTOMATICALLY GENERATED, PLEASE DO NOT EDIT. # -# Generated on 2026-04-16T16:39:06Z by kres b6d29bf-dirty. +# Generated on 2026-04-18T08:30:12Z by kres 2de15fc-dirty. concurrency: group: ${{ github.head_ref || github.run_id }} @@ -14,6 +14,12 @@ concurrency: name: integration-image-cache-triggered jobs: default: + permissions: + actions: read + contents: write + issues: read + packages: write + pull-requests: read runs-on: group: large if: github.event.workflow_run.conclusion == 'success' diff --git a/.github/workflows/integration-image-factory-triggered.yaml b/.github/workflows/integration-image-factory-triggered.yaml index 9c083c9b8..db64bca7e 100644 --- a/.github/workflows/integration-image-factory-triggered.yaml +++ b/.github/workflows/integration-image-factory-triggered.yaml @@ -1,6 +1,6 @@ # THIS FILE WAS AUTOMATICALLY GENERATED, PLEASE DO NOT EDIT. # -# Generated on 2026-04-16T16:39:06Z by kres b6d29bf-dirty. +# Generated on 2026-04-18T08:30:12Z by kres 2de15fc-dirty. concurrency: group: ${{ github.head_ref || github.run_id }} @@ -14,6 +14,12 @@ concurrency: name: integration-image-factory-triggered jobs: default: + permissions: + actions: read + contents: write + issues: read + packages: write + pull-requests: read runs-on: group: large if: github.event.workflow_run.conclusion == 'success' diff --git a/.github/workflows/integration-images-triggered.yaml b/.github/workflows/integration-images-triggered.yaml index 8ae7b7706..4e5064098 100644 --- a/.github/workflows/integration-images-triggered.yaml +++ b/.github/workflows/integration-images-triggered.yaml @@ -1,6 +1,6 @@ # THIS FILE WAS AUTOMATICALLY GENERATED, PLEASE DO NOT EDIT. # -# Generated on 2026-04-16T16:39:06Z by kres b6d29bf-dirty. +# Generated on 2026-04-18T08:30:12Z by kres 2de15fc-dirty. concurrency: group: ${{ github.head_ref || github.run_id }} @@ -14,6 +14,12 @@ concurrency: name: integration-images-triggered jobs: default: + permissions: + actions: read + contents: write + issues: read + packages: write + pull-requests: read runs-on: group: generic if: github.event.workflow_run.conclusion == 'success' diff --git a/.github/workflows/integration-misc-0-triggered.yaml b/.github/workflows/integration-misc-0-triggered.yaml index 99a61d8be..a11aaa7cc 100644 --- a/.github/workflows/integration-misc-0-triggered.yaml +++ b/.github/workflows/integration-misc-0-triggered.yaml @@ -1,6 +1,6 @@ # THIS FILE WAS AUTOMATICALLY GENERATED, PLEASE DO NOT EDIT. # -# Generated on 2026-04-17T03:10:27Z by kres b6d29bf-dirty. +# Generated on 2026-04-18T08:30:12Z by kres 2de15fc-dirty. concurrency: group: ${{ github.head_ref || github.run_id }} @@ -14,6 +14,12 @@ concurrency: name: integration-misc-0-triggered jobs: default: + permissions: + actions: read + contents: write + issues: read + packages: write + pull-requests: read runs-on: group: large if: github.event.workflow_run.conclusion == 'success' diff --git a/.github/workflows/integration-misc-1-triggered.yaml b/.github/workflows/integration-misc-1-triggered.yaml index 775efe485..475ea52ac 100644 --- a/.github/workflows/integration-misc-1-triggered.yaml +++ b/.github/workflows/integration-misc-1-triggered.yaml @@ -1,6 +1,6 @@ # THIS FILE WAS AUTOMATICALLY GENERATED, PLEASE DO NOT EDIT. # -# Generated on 2026-04-17T07:31:21Z by kres b6d29bf-dirty. +# Generated on 2026-04-18T08:30:12Z by kres 2de15fc-dirty. concurrency: group: ${{ github.head_ref || github.run_id }} @@ -14,6 +14,12 @@ concurrency: name: integration-misc-1-triggered jobs: default: + permissions: + actions: read + contents: write + issues: read + packages: write + pull-requests: read runs-on: group: large if: github.event.workflow_run.conclusion == 'success' diff --git a/.github/workflows/integration-misc-2-triggered.yaml b/.github/workflows/integration-misc-2-triggered.yaml index 58875cea0..5b9f5d765 100644 --- a/.github/workflows/integration-misc-2-triggered.yaml +++ b/.github/workflows/integration-misc-2-triggered.yaml @@ -1,6 +1,6 @@ # THIS FILE WAS AUTOMATICALLY GENERATED, PLEASE DO NOT EDIT. # -# Generated on 2026-04-16T16:39:06Z by kres b6d29bf-dirty. +# Generated on 2026-04-18T08:30:12Z by kres 2de15fc-dirty. concurrency: group: ${{ github.head_ref || github.run_id }} @@ -14,6 +14,12 @@ concurrency: name: integration-misc-2-triggered jobs: default: + permissions: + actions: read + contents: write + issues: read + packages: write + pull-requests: read runs-on: group: large if: github.event.workflow_run.conclusion == 'success' diff --git a/.github/workflows/integration-misc-3-triggered.yaml b/.github/workflows/integration-misc-3-triggered.yaml index 979741e94..86b9b789d 100644 --- a/.github/workflows/integration-misc-3-triggered.yaml +++ b/.github/workflows/integration-misc-3-triggered.yaml @@ -1,6 +1,6 @@ # THIS FILE WAS AUTOMATICALLY GENERATED, PLEASE DO NOT EDIT. # -# Generated on 2026-04-17T07:31:21Z by kres b6d29bf-dirty. +# Generated on 2026-04-18T08:30:12Z by kres 2de15fc-dirty. concurrency: group: ${{ github.head_ref || github.run_id }} @@ -14,6 +14,12 @@ concurrency: name: integration-misc-3-triggered jobs: default: + permissions: + actions: read + contents: write + issues: read + packages: write + pull-requests: read runs-on: group: large if: github.event.workflow_run.conclusion == 'success' diff --git a/.github/workflows/integration-misc-4-triggered.yaml b/.github/workflows/integration-misc-4-triggered.yaml index affb78824..fedef3929 100644 --- a/.github/workflows/integration-misc-4-triggered.yaml +++ b/.github/workflows/integration-misc-4-triggered.yaml @@ -1,6 +1,6 @@ # THIS FILE WAS AUTOMATICALLY GENERATED, PLEASE DO NOT EDIT. # -# Generated on 2026-04-17T07:31:21Z by kres b6d29bf-dirty. +# Generated on 2026-04-18T08:30:12Z by kres 2de15fc-dirty. concurrency: group: ${{ github.head_ref || github.run_id }} @@ -14,6 +14,12 @@ concurrency: name: integration-misc-4-triggered jobs: default: + permissions: + actions: read + contents: write + issues: read + packages: write + pull-requests: read runs-on: group: large if: github.event.workflow_run.conclusion == 'success' diff --git a/.github/workflows/integration-provision-triggered.yaml b/.github/workflows/integration-provision-triggered.yaml index fd3c204b2..b04b95822 100644 --- a/.github/workflows/integration-provision-triggered.yaml +++ b/.github/workflows/integration-provision-triggered.yaml @@ -1,6 +1,6 @@ # THIS FILE WAS AUTOMATICALLY GENERATED, PLEASE DO NOT EDIT. # -# Generated on 2026-04-17T07:31:21Z by kres b6d29bf-dirty. +# Generated on 2026-04-18T08:30:12Z by kres 2de15fc-dirty. concurrency: group: ${{ github.head_ref || github.run_id }} @@ -14,6 +14,12 @@ concurrency: name: integration-provision-triggered jobs: default: + permissions: + actions: read + contents: write + issues: read + packages: write + pull-requests: read runs-on: group: large if: github.event.workflow_run.conclusion == 'success' diff --git a/.github/workflows/integration-qemu-csi-longhorn-triggered.yaml b/.github/workflows/integration-qemu-csi-longhorn-triggered.yaml index c530400b6..e47824171 100644 --- a/.github/workflows/integration-qemu-csi-longhorn-triggered.yaml +++ b/.github/workflows/integration-qemu-csi-longhorn-triggered.yaml @@ -1,6 +1,6 @@ # THIS FILE WAS AUTOMATICALLY GENERATED, PLEASE DO NOT EDIT. # -# Generated on 2026-04-17T18:13:01Z by kres 15ff2fd. +# Generated on 2026-04-18T08:30:12Z by kres 2de15fc-dirty. concurrency: group: ${{ github.head_ref || github.run_id }} @@ -14,6 +14,12 @@ concurrency: name: integration-qemu-csi-longhorn-triggered jobs: default: + permissions: + actions: read + contents: write + issues: read + packages: write + pull-requests: read runs-on: group: large if: github.event.workflow_run.conclusion == 'success' diff --git a/.github/workflows/integration-qemu-csi-triggered.yaml b/.github/workflows/integration-qemu-csi-triggered.yaml index 5b36adc09..ec00faab9 100644 --- a/.github/workflows/integration-qemu-csi-triggered.yaml +++ b/.github/workflows/integration-qemu-csi-triggered.yaml @@ -1,6 +1,6 @@ # THIS FILE WAS AUTOMATICALLY GENERATED, PLEASE DO NOT EDIT. # -# Generated on 2026-04-17T07:31:21Z by kres b6d29bf-dirty. +# Generated on 2026-04-18T08:30:12Z by kres 2de15fc-dirty. concurrency: group: ${{ github.head_ref || github.run_id }} @@ -14,6 +14,12 @@ concurrency: name: integration-qemu-csi-triggered jobs: default: + permissions: + actions: read + contents: write + issues: read + packages: write + pull-requests: read runs-on: group: large if: github.event.workflow_run.conclusion == 'success' diff --git a/.github/workflows/integration-qemu-triggered.yaml b/.github/workflows/integration-qemu-triggered.yaml index 44118e98c..57052f65a 100644 --- a/.github/workflows/integration-qemu-triggered.yaml +++ b/.github/workflows/integration-qemu-triggered.yaml @@ -1,6 +1,6 @@ # THIS FILE WAS AUTOMATICALLY GENERATED, PLEASE DO NOT EDIT. # -# Generated on 2026-04-17T07:31:21Z by kres b6d29bf-dirty. +# Generated on 2026-04-18T08:30:12Z by kres 2de15fc-dirty. concurrency: group: ${{ github.head_ref || github.run_id }} @@ -14,6 +14,12 @@ concurrency: name: integration-qemu-triggered jobs: default: + permissions: + actions: read + contents: write + issues: read + packages: write + pull-requests: read runs-on: group: large if: github.event.workflow_run.conclusion == 'success' diff --git a/.github/workflows/integration-reproducibility-test-triggered.yaml b/.github/workflows/integration-reproducibility-test-triggered.yaml index c00ae0998..ad01f7ba6 100644 --- a/.github/workflows/integration-reproducibility-test-triggered.yaml +++ b/.github/workflows/integration-reproducibility-test-triggered.yaml @@ -1,6 +1,6 @@ # THIS FILE WAS AUTOMATICALLY GENERATED, PLEASE DO NOT EDIT. # -# Generated on 2026-04-16T16:39:06Z by kres b6d29bf-dirty. +# Generated on 2026-04-18T08:30:12Z by kres 2de15fc-dirty. concurrency: group: ${{ github.head_ref || github.run_id }} @@ -14,6 +14,12 @@ concurrency: name: integration-reproducibility-test-triggered jobs: default: + permissions: + actions: read + contents: write + issues: read + packages: write + pull-requests: read runs-on: group: large if: github.event.workflow_run.conclusion == 'success' diff --git a/.github/workflows/integration-trusted-boot-triggered.yaml b/.github/workflows/integration-trusted-boot-triggered.yaml index 5ea115219..fdcd98519 100644 --- a/.github/workflows/integration-trusted-boot-triggered.yaml +++ b/.github/workflows/integration-trusted-boot-triggered.yaml @@ -1,6 +1,6 @@ # THIS FILE WAS AUTOMATICALLY GENERATED, PLEASE DO NOT EDIT. # -# Generated on 2026-04-17T07:31:21Z by kres b6d29bf-dirty. +# Generated on 2026-04-18T08:30:12Z by kres 2de15fc-dirty. concurrency: group: ${{ github.head_ref || github.run_id }} @@ -14,6 +14,12 @@ concurrency: name: integration-trusted-boot-triggered jobs: default: + permissions: + actions: read + contents: write + issues: read + packages: write + pull-requests: read runs-on: group: large if: github.event.workflow_run.conclusion == 'success' diff --git a/internal/app/machined/pkg/controllers/runtime/maintenance_config.go b/internal/app/machined/pkg/controllers/runtime/maintenance_config.go index fb5377599..e52e4eaf8 100644 --- a/internal/app/machined/pkg/controllers/runtime/maintenance_config.go +++ b/internal/app/machined/pkg/controllers/runtime/maintenance_config.go @@ -113,7 +113,7 @@ func (ctrl *MaintenanceConfigController) Run(ctx context.Context, r controller.R } } else { // create/update config - if err = safe.WriterModify[*runtime.MaintenanceServiceConfig](ctx, r, runtime.NewMaintenanceServiceConfig(), + if err = safe.WriterModify(ctx, r, runtime.NewMaintenanceServiceConfig(), func(config *runtime.MaintenanceServiceConfig) error { config.TypedSpec().ListenAddress = listenAddress config.TypedSpec().ReachableAddresses = reachableAddresses diff --git a/pkg/machinery/go.mod b/pkg/machinery/go.mod index b1efaf196..dac9e7c5a 100644 --- a/pkg/machinery/go.mod +++ b/pkg/machinery/go.mod @@ -29,6 +29,7 @@ require ( github.com/siderolabs/net v0.4.0 github.com/siderolabs/protoenc v0.2.4 github.com/stretchr/testify v1.11.1 + go.uber.org/zap v1.27.1 go.yaml.in/yaml/v4 v4.0.0-rc.4 golang.org/x/net v0.53.0 google.golang.org/genproto/googleapis/api v0.0.0-20260414002931-afd174a4e478 @@ -62,7 +63,6 @@ require ( github.com/pmezard/go-difflib v1.0.0 // indirect github.com/sasha-s/go-deadlock v0.3.5 // indirect go.uber.org/multierr v1.11.0 // indirect - go.uber.org/zap v1.27.1 // indirect golang.org/x/crypto v0.50.0 // indirect golang.org/x/exp v0.0.0-20250128182459-e0ece0dbea4c // indirect golang.org/x/sync v0.20.0 // indirect