talos

mirror of https://github.com/siderolabs/talos.git synced 2025-11-01 08:51:15 +01:00

Author	SHA1	Message	Date
Noel Georgi	94e9891c1b	chore: bump sd-boot to v254-rc1 Bump sd-boot. Fix parsing PE executable offsets. Set the PE file alignment to be 512 bytes. Signed-off-by: Noel Georgi <git@frezbo.dev>	2023-07-11 15:52:57 +05:30
Tim Jones	53389b1e72	feat: auto-enroll secure boot keys Uses the auto-enrollment feature of sd-boot to enroll required UEFI Secure Boot keys. Fixes: #7373 Signed-off-by: Tim Jones <tim.jones@siderolabs.com> Signed-off-by: Noel Georgi <git@frezbo.dev>	2023-06-24 00:44:56 +05:30
Noel Georgi	3a865370f5	feat: qemu secureboot Add qemu support for secureboot testing via `talosctl cluster create`. Can be tested via: ```bash sudo -E _out/talosctl-linux-amd64 cluster create --provisioner=qemu $REGISTRY_MIRROR_FLAGS --controlplanes=1 --workers=1 --iso-path=_out/talos-uki-amd64.iso --with-secureboot=true --with-tpm2=true --skip-injecting-config --with-apply-config ``` This currently only supports just booting Talos in SecureBoot mode. Installation and Upgrade comes as extra PRs. Fixes: #7324 Signed-off-by: Noel Georgi <git@frezbo.dev>	2023-06-06 19:20:07 +05:30
Noel Georgi	bfc3419376	chore: add default console args Add default console args for UKI iso. Signed-off-by: Noel Georgi <git@frezbo.dev>	2023-06-05 19:43:20 +05:30
Noel Georgi	3f68485e44	feat: add uki iso generation This adds code to generate a UKI ISO (UEFI only). Fixes: #7261 Signed-off-by: Noel Georgi <git@frezbo.dev>	2023-06-02 22:44:27 +05:30
Andrey Smirnov	a0773f783c	chore: add ukify Go script This is a port of ukify.py and systemd-measure from systemd. This requires no actual TPM to be present to calculate the PCR signatures. Signed-off-by: Andrey Smirnov <andrey.smirnov@talos-systems.com> Signed-off-by: Noel Georgi <git@frezbo.dev>	2023-05-30 23:33:26 +05:30

6 Commits