Extensions are posted the following way:
`extensions.talos.dev/<name>=<version>`
The name should be valid as a label (annotation) key.
If the value is valid as a label value, use labels, otherwise use
annotations.
Also implements node annotations in the machine config as a side-effect.
Fixes#9089Fixes#8971
See #9070
Signed-off-by: Andrey Smirnov <andrey.smirnov@siderolabs.com>
Provide `XDG_RUNTIME_DIR` environment variable, this specifically fixes
the `kubectl exec` action when `/tmp` is filled up.
Update containerd configuration to version 3 and fix it up.
Signed-off-by: Andrey Smirnov <andrey.smirnov@siderolabs.com>
Signed-off-by: Noel Georgi <git@frezbo.dev>
This patch adds a flag to `secureboot.database.Generate` to append the
Microsoft UEFI secure boot DB and KEK certificates to the appropriate
ESLs, in addition to complimentary command line flags.
This patch also includes a copy of said Microsoft certificates. The
certificates are downloaded from an official Microsoft repo.
Signed-off-by: Jean-Francois Roy <jf@devklog.net>
Signed-off-by: Andrey Smirnov <andrey.smirnov@siderolabs.com>
- replace `interface{}` with `any` using `gofmt -r 'interface{} -> any -w'`
- replace `a = []T{}` with `var a []T` where possible.
- replace `a = []T{}` with `a = make([]T, 0, len(b))` where possible.
Signed-off-by: Dmitriy Matrenichev <dmitry.matrenichev@siderolabs.com>
`SortBonds` function bothered me since the last time I refactored this part.
We always know that it only accepts `network.LinkSpec`s, but we accepted the slice of untyped Resources because
this is what `List` method returns. Now we can do better, since `safe.List` now supports `Swap` method.
We can utilize `sort.Interface` and pass `safe.List` directly to `SortBonds`.
Signed-off-by: Dmitriy Matrenichev <dmitry.matrenichev@siderolabs.com>
Previously it was generating same name for the state file causing
parallel runs to delete resources created by another running test.
Fix names to be unique by reading `cluster_name`.
Signed-off-by: Noel Georgi <git@frezbo.dev>
Bring in AppArmor pkg from `pkgs` which would add
`/sbin/apparmor_parser` which would get picked by containerd.
Signed-off-by: Noel Georgi <git@frezbo.dev>
Run e2e-aws-nvidia-oss with zfs extension enabled.
Also fix the iscsi tests to get transport info using the new disks api.
Signed-off-by: Noel Georgi <git@frezbo.dev>
Azure SDK has a CVE, bump other modules.
Update `hydrophone` with my fixes which got merged upstream.
Signed-off-by: Andrey Smirnov <andrey.smirnov@siderolabs.com>
Talos diagnostics analyzes current system state and comes up with detailed
warnings on the system misconfiguration which might be tricky to figure
out other way.
Signed-off-by: Andrey Smirnov <andrey.smirnov@siderolabs.com>
Version 0.3.6 contains incorrect server implementation which breaks our integration tests.
Signed-off-by: Dmitriy Matrenichev <dmitry.matrenichev@siderolabs.com>
This PR moves the GCP tests to a new project there. I'm working on consolidating projects, names, and doing some reservations out there.
Signed-off-by: Spencer Smith <spencer.smith@talos-systems.com>
Initramfs and kernel are compressed with zstd.
Extensions are compressed with zstd for Talos 1.8+.
Signed-off-by: Andrey Smirnov <andrey.smirnov@siderolabs.com>
Allow skipping NAT for the given destinations from a cluster network. This option makes it possible to form an etcd cluster from clusters in different networks created by running `talosctl cluster create` command multiple times using different CIDRs: they simply should have the CIDR of the other clusters passed with `--non-masquerade-cidrs`.
Signed-off-by: Utku Ozdemir <utku.ozdemir@siderolabs.com>
