Via tools/pkgs, also pulling in Clang-built Linux
Update go.mod dependencies
Fix linter errors with new golangci-lint, modernize, use new()
Signed-off-by: Dmitrii Sharshakov <dmitry.sharshakov@siderolabs.com>
Signed-off-by: Andrey Smirnov <andrey.smirnov@siderolabs.com>
Simplify the flow a bit by using live partition info,
avoid doing some calculations which are already done in the
partition code.
Remove some steps I believe we don't need to do.
Signed-off-by: Andrey Smirnov <andrey.smirnov@siderolabs.com>
Overlays installers assume the `/boot/EFI` path, so we generate assets into `/boot/EFI` then move that directory to the mountPrefix+/EFI.
Signed-off-by: Noel Georgi <git@frezbo.dev>
Boards were deprecated in favor of overlays from Talos 1.7.
Now completely remove all board specific code.
Part of: #12492
Signed-off-by: Noel Georgi <git@frezbo.dev>
Also changes the bootloader interface.
Disks are formatted/created with pre-populated source directories in Install/Image mode.
Signed-off-by: Noel Georgi <git@frezbo.dev>
Support creating filesystems from `SourceDirectory`, this implies partitions can have the data populated when formatted.
ImageCache handling is now using `SourceDirectory` while formatting simplifying the code.
Signed-off-by: Noel Georgi <git@frezbo.dev>
Use UKI cmdline either if the config is missing completely, or if the
incomplete machine config is present (we are in maintenance mode).
Fixes#12349
Signed-off-by: Andrey Smirnov <andrey.smirnov@siderolabs.com>
Update COSI, and stop using a fork of `gopkg.in/yaml.v3`, now we use new
supported for of this library.
Drop `MarshalYAMLBytes` for the machine config, as we actually marshal
config as a string, and we don't need this at all.
Make `talosctl` stop doing hacks on machine config for newer Talos, keep
hacks for backwards compatibility.
Signed-off-by: Andrey Smirnov <andrey.smirnov@siderolabs.com>
Use cmdline from the UKI in Talos 1.12+ by default for new installs.
This brings GRUB in line with systemd-boot vs. cmdline behavior.
Fixes#12019
Signed-off-by: Andrey Smirnov <andrey.smirnov@siderolabs.com>
Move stuff into `tools/go.mod`.
Also fix linting issues on the way (updating golangci-lint).
Signed-off-by: Andrey Smirnov <andrey.smirnov@siderolabs.com>
See #11210
This doesn't fix anything, but the logs will be more helpful to
understand what exactly is wrong.
Signed-off-by: Andrey Smirnov <andrey.smirnov@siderolabs.com>
Fixes#11198
We should enforce in following places:
* before starting `upgrade-k8s`, check that all Talos machines would end
up with a valid version
* validate in Talos machine configuration, this will cover both
upgrades, new installs, and any machine configuration manual edits
Signed-off-by: Andrey Smirnov <andrey.smirnov@siderolabs.com>
When using digests with images in machineconfig (e.g.
`repo/kubelet:v1.32.1@sha:...`) strip the digest part before checking
semantic version validity.
Signed-off-by: Robin Elfrink <robin@15augustus.nl>
Signed-off-by: Andrey Smirnov <andrey.smirnov@siderolabs.com>
Make default args depend on quirks, and also pass quirks down to
platform code.
Reduces amount of hacks, but it is functionally equivalent.
Signed-off-by: Andrey Smirnov <andrey.smirnov@siderolabs.com>
Move META constants out to machinery, and fix up imports. The internal
`pkg/meta` package shold not be consumed in public-facing commands.
Signed-off-by: Andrey Smirnov <andrey.smirnov@siderolabs.com>
This implements the first round of changes, replacing the volume backend
with the new implementation, while keeping most of the external
interfaces intact.
See #8367
Signed-off-by: Andrey Smirnov <andrey.smirnov@siderolabs.com>
This patch adds a flag to `secureboot.database.Generate` to append the
Microsoft UEFI secure boot DB and KEK certificates to the appropriate
ESLs, in addition to complimentary command line flags.
This patch also includes a copy of said Microsoft certificates. The
certificates are downloaded from an official Microsoft repo.
Signed-off-by: Jean-Francois Roy <jf@devklog.net>
Signed-off-by: Andrey Smirnov <andrey.smirnov@siderolabs.com>
- replace `interface{}` with `any` using `gofmt -r 'interface{} -> any -w'`
- replace `a = []T{}` with `var a []T` where possible.
- replace `a = []T{}` with `a = make([]T, 0, len(b))` where possible.
Signed-off-by: Dmitriy Matrenichev <dmitry.matrenichev@siderolabs.com>
When `udevd` rescans block device partitions while Talos is doing
partitions, it might be that Talos can hit the following error
while trying to open/mount a partition:
```
no such device or address
```
Previous attempts to fix that were using `ENODEV`, while the proper code
is `ENXIO`.
Also take exclusive lock while working with user disks to prevent
concurrent udevd rescan.
Signed-off-by: Andrey Smirnov <andrey.smirnov@siderolabs.com>
Otherwise we get `nil reference` exception during maintenance mode
upgrade with partial machine configs.
Signed-off-by: Artem Chernyshev <artem.chernyshev@talos-systems.com>
Initramfs and kernel are compressed with zstd.
Extensions are compressed with zstd for Talos 1.8+.
Signed-off-by: Andrey Smirnov <andrey.smirnov@siderolabs.com>
1. Use overlay installer to build the `cmdline` when running in
install/upgrade mode.
2. Pull down the overlay installer with the arch specific to the
installer being generated, vs. the arch of the `imager`.
3. Print a message when running an overlay installer.
Signed-off-by: Andrey Smirnov <andrey.smirnov@siderolabs.com>
Fix Equnix Metal (where proper arm64 args are known) and metal platform
(using generic arm64 console arg).
Other platforms might need to be updated, but correct settings are not
known at the moment.
Fixes#8529
Signed-off-by: Andrey Smirnov <andrey.smirnov@siderolabs.com>
provides flag for imager to pull images insecurely from private registries
Signed-off-by: Niklas Wik <niklas.wik@nokia.com>
Signed-off-by: Andrey Smirnov <andrey.smirnov@siderolabs.com>
Implement `Install` for imager overlays.
Also add support for generating installers.
Depends on: #8377Fixes: #8350Fixes: #8351Fixes: #8350
Signed-off-by: Noel Georgi <git@frezbo.dev>
To be used in the `go-talos-support` module without importing the whole
Talos repo.
Signed-off-by: Artem Chernyshev <artem.chernyshev@talos-systems.com>
