Skip to content

Commit

Permalink
feat: prepare for Talos 1.9
Browse files Browse the repository at this point in the history
Update tools, pkgs, extras.

Brings in Go 1.23.1, Linux 6.6.52, new xfsprogs, etc.

Fork docs.

Add new version contract, etc.

Signed-off-by: Andrey Smirnov <[email protected]>
  • Loading branch information
smira committed Sep 27, 2024
1 parent ea7bf9f commit 392c479
Show file tree
Hide file tree
Showing 209 changed files with 43,272 additions and 256 deletions.
10 changes: 5 additions & 5 deletions Makefile
Original file line number Diff line number Diff line change
Expand Up @@ -17,11 +17,11 @@ ZSTD_COMPRESSION_LEVEL ?= 18
CI_RELEASE_TAG := $(shell git log --oneline --format=%B -n 1 HEAD^2 -- 2>/dev/null | head -n 1 | sed -r "/^release\(.*\)/ s/^release\((.*)\):.*$$/\\1/; t; Q")

ARTIFACTS := _out
TOOLS ?= ghcr.io/siderolabs/tools:v1.8.0-1-ga0c06c6
TOOLS ?= ghcr.io/siderolabs/tools:v1.9.0-alpha.0-2-g9f2189b

PKGS_PREFIX ?= ghcr.io/siderolabs
PKGS ?= v1.9.0-alpha.0-6-gca2e8c8
EXTRAS ?= v1.8.0
PKGS ?= v1.9.0-alpha.0-9-g6f40fbb
EXTRAS ?= v1.9.0-alpha.0

KRES_IMAGE ?= ghcr.io/siderolabs/kres:latest
CONFORMANCE_IMAGE ?= ghcr.io/siderolabs/conform:latest
Expand Down Expand Up @@ -57,13 +57,13 @@ PKG_KERNEL ?= $(PKGS_PREFIX)/kernel:$(PKGS)
PKG_TALOSCTL_CNI_BUNDLE_INSTALL ?= $(PKGS_PREFIX)/talosctl-cni-bundle-install:$(EXTRAS)

# renovate: datasource=github-tags depName=golang/go
GO_VERSION ?= 1.22
GO_VERSION ?= 1.23
# renovate: datasource=go depName=golang.org/x/tools
GOIMPORTS_VERSION ?= v0.24.0
# renovate: datasource=go depName=mvdan.cc/gofumpt
GOFUMPT_VERSION ?= v0.7.0
# renovate: datasource=go depName=github.com/golangci/golangci-lint
GOLANGCILINT_VERSION ?= v1.60.3
GOLANGCILINT_VERSION ?= v1.61.0
# renovate: datasource=go depName=golang.org/x/tools
STRINGER_VERSION ?= v0.24.0
# renovate: datasource=go depName=github.com/dmarkham/enumer
Expand Down
2 changes: 1 addition & 1 deletion cmd/talosctl/cmd/talos/get.go
Original file line number Diff line number Diff line change
Expand Up @@ -109,7 +109,7 @@ func getResources(args []string) func(ctx context.Context, c *client.Client) err
var nodeCtx context.Context

if node == "" {
nodeCtx = ctx //nolint:fatcontext
nodeCtx = ctx
} else {
nodeCtx = client.WithNode(ctx, node)
}
Expand Down
2 changes: 1 addition & 1 deletion cmd/talosctl/pkg/talos/helpers/resources.go
Original file line number Diff line number Diff line change
Expand Up @@ -63,7 +63,7 @@ func ForEachResource(ctx context.Context,
var nodeCtx context.Context

if node == "" {
nodeCtx = ctx //nolint:fatcontext
nodeCtx = ctx
} else {
nodeCtx = client.WithNode(ctx, node)
}
Expand Down
2 changes: 1 addition & 1 deletion go.mod
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
module github.com/siderolabs/talos

go 1.22.7
go 1.23.1

replace (
// see e.g. https://github.com/grpc/grpc-go/issues/6696
Expand Down
2 changes: 1 addition & 1 deletion go.work
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
go 1.22.7
go 1.23.1

use (
.
Expand Down
2 changes: 1 addition & 1 deletion hack/cloud-image-uploader/go.mod
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
module github.com/siderolabs/cloud-image-uploader

go 1.22.7
go 1.23.1

require (
cloud.google.com/go/storage v1.43.0
Expand Down
2 changes: 1 addition & 1 deletion hack/docgen/go.mod
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
module github.com/siderolabs/talos-hack-docgen

go 1.22.7
go 1.23.1

// forked go-yaml that introduces RawYAML interface, which can be used to populate YAML fields using bytes
// which are then encoded as a valid YAML blocks with proper indentiation
Expand Down
2 changes: 1 addition & 1 deletion hack/gotagsrewrite/go.mod
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
module github.com/siderolabs/gotagsrewrite

go 1.22.7
go 1.23.1

require (
github.com/fatih/structtag v1.2.0
Expand Down
2 changes: 1 addition & 1 deletion hack/module-sig-verify/go.mod
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
module module-sig-verify

go 1.22.4
go 1.23.1

require go.mozilla.org/pkcs7 v0.0.0-20210826202110-33d05740a352
231 changes: 3 additions & 228 deletions hack/release.toml
Original file line number Diff line number Diff line change
Expand Up @@ -7,7 +7,7 @@ match_deps = "^github.com/((talos-systems|siderolabs)/[a-zA-Z0-9-]+)$"
ignore_deps = ["github.com/coredns/coredns"]

# previous release
previous = "v1.7.0"
previous = "v1.8.0"

pre_release = true

Expand All @@ -28,234 +28,9 @@ All other release assets can be downloaded from [Image Factory](https://www.talo
[notes.updates]
title = "Component Updates"
description = """\
Kubernetes: 1.31.1
Linux: 6.6.49
containerd: 2.0.0-rc.4
runc: 1.2.0-rc.3
etcd: 3.5.16
Flannel: 0.25.6
Flannel CNI plugin: 1.5.1
CoreDNS: 1.1.13
Linux: 6.6.52
Talos is built with Go 1.22.7.
"""

[notes.apparmor]
title = "Workload Apparmor Profile"
description = """\
Talos Linux can now apply the default AppArmor profiles to all workloads started via containerd, if the machine is installed with the AppArmor LSM enforced via the extraKernelArgs.
Eg:
```yaml
machine:
install:
extraKernelArgs:
- security=apparmor
```
"""

[notes.zstd]
title = "ZSTD Compression"
description = """\
Talos Linux now compresses kernel and initramfs using ZSTD.
Linux arm64 kernel is now compressed (previously it was uncompressed).
"""

[notes.forward-kube-dns-to-host]
title = "DNS Forwarding for CoreDNS pods"
description = """\
Usage of the host DNS resolver as upstream for Kubernetes CoreDNS pods is now enabled by default. You can disable it
with:
```yaml
machine:
features:
hostDNS:
enabled: true
forwardKubeDNSToHost: false
```
Please note that on running cluster you will have to kill CoreDNS pods for this change to apply.
The IP address used to forward DNS queries has changed to the fixed `169.254.116.108` address.
For those upgrading from Talos 1.7 with `forwardKubeDNSToHost` enabled, the old Kubernetes service
can be cleaned up with `kubectl delete -n kube-system service host-dns`.
"""

[notes.lspci]
title = "PCI Devices"
description = """\
A list of PCI devices can now be obtained via `PCIDevices` resource, e.g. `talosctl get pcidevices`.
"""

[notes.diagnostics]
title = "Diagnostics"
description = """\
Talos Linux now shows diagnostics information for common problems related to misconfiguration via `talosctl health` and Talos dashboard.
"""

[notes.bridge]
title = "Bridge Interface"
description = """\
Talos Linux now support configuring 'vlan_filtering' for bridge interfaces.
"""

[notes.proxy]
title = "kube-proxy"
description = """\
Talos Linux configures kube-proxy >= v1.31.0 to use 'nftables' backend by default.
"""

[notes.trusted-roots]
title = "Custom Trusted Roots"
description = """\
Talos Linux now supports adding [custom trusted roots](https://www.talos.dev/v1.8/talos-guides/configuration/certificate-authorities/) (CA certificates) via `TrustedRootsConfig` configuration documents.
"""

[notes.labels]
title = "Default Node Labels"
description = """\
Talos Linux on config generation now adds a label `node.kubernetes.io/exclude-from-external-load-balancers` by default for the control plane nodes.
"""

[notes.secureboot]
title = "Secure Boot"
description = """\
Talos Linux now can optionally include well-known UEFI (Microsoft) SecureBoot keys into the auto-enrollment UEFI database.
"""

[notes.annotations]
title = "Node Annotations"
description = """\
Talos Linux now supports configuring Kubernetes node annotations via machine configuration (`.machine.nodeAnnotations`) in a way similar to node labels.
"""

[notes.extensions]
title = "Extensions in Kubernetes Nodes"
description = """\
Talos Linux now publishes list of installed extensions as Kubernetes node labels/annotations.
The key format is `extensions.talos.dev/<name>` and the value is the extension version.
If the extension name is not valid as a label key, it will be skipped.
If the extension version is a valid label value, it will be put to the label; otherwise it will be put to the annotation.
For Talos machines booted of the Image Factory artifacts, this means that the schematic ID will be published as the annotation
`extensions.talos.dev/schematic` (as it is longer than 63 characters).
"""

[notes.nvidia]
title = "NVIDIA GPU Support"
description = """\
Starting with Talos 1.8.0, SideroLabs would ships extensions for both LTS and Production versions of NVIDIA extensions.
For more details see the CHANGELOG of [extensions](https://github.com/siderolabs/extensions/releases).
Upgrades with an exisiting schematic id from Image Factory would keep the existing LTS version of the NVIDIA extension.
"""

[notes.kubelet]
title = "Slim Kubelet Image"
description = """\
Kubelet container image includes various utilities that kubelet might use to perform various tasks.
Starting with Kubernetes 1.31.0, `kubelet` image now includes less utilities, as the in-tree CSI plugins were
removed in Kubernetes 1.31.0. This reduces `kubelet` image size and potential attack surface.
For Kubernetes < 1.31.0, there will be two images built:
* `v1.x.y` (default, fat)
* `v1.x.y-slim` (slim)
For Kubernetes >= 1.31.0, there will be same two images built, but the
default tag would point to slim image:
* `v1.x.y` (default, slim)
* `v1.x.y-fat` (fat)
"""

[notes.cni]
title = "CNI Plugins"
description = """\
Talos Linux now bundles by default the following standard CNI plugins:
* `bridge`
* `firewall`
* `flannel`
* `host-local`
* `loopback`
* `portmap`
The Talos bundled Flannel manifest was simplified to remove the `install-cni` step.
"""

[notes.udevd]
title = "Device Extra Settle Timeout"
description = """\
Talos Linux now supports a kernel command line argument `talos.device.settle_time=3m` to set the device extra settle timeout to workaround issues with broken drivers.
"""

[notes.platform]
title = "Platform Support"
description = """\
Talos Linux now supports Apache CloudStack platform.
"""

[notes.metal-image]
title = "Metal images"
description = """\
Starting with Talos 1.8, `console=ttyS0` kernel argument is removed from the metal images and installer. If running virtualized in QEMU (For eg: Proxmox), this can be added as an extra kernel argument if needed via Image Factory or using Imager.
This should fix slow boot or no console output issues on most bare metal hardware.
"""

[notes.kernel-args]
title = "`talos.halt_if_installed` kernel argument"
description = """\
Starting with Talos 1.8, ISO's generated from Boot Assets would have a new kernel argument `talos.halt_if_installed` which would pause the boot sequence until boot timeout if Talos is already installed on the disk.
ISO generated for pre 1.8 versions would not have this kernel argument.
This can be also explicitly enabled by setting `talos.halt_if_installed=1` in kernel argument.
"""


[notes.installer]
title = "Installer"
description = """\
Talos Linux installer now never wipes the system disk on upgrades, which means that the flag
`--preserve` is always set for `talosctl upgrade`.
"""

[notes.disk-management]
title = "Disk Management"
description = """\
Talos Linux now supports [configuration](https://www.talos.dev/v1.8/talos-guides/configuration/disk-management/#machine-configuration) for the `EPHEMERAL` volume.
"""

[notes.kubespan]
title = "KubeSpan"
description = """\
Extra announced endpoints can be added using the [`KubespanEndpointsConfig` document](https://www.talos.dev/v1.8/talos-guides/network/kubespan/#configuration).
"""

[notes.cmdline-config]
title = "Machine Configuration via Kernel Command Line"
description = """\
Talos Linux supports supplying zstd-compressed, base64-encoded machine configuration small documents via the kernel command line parameter `talos.config.inline`.
"""

[notes.patch-delete]
title = "Removing parts of the configuration using `$patch: delete` syntax"
description = """\
Talos Linux now supports removing parts of the configuration using the `$patch: delete` syntax similar to the kubernetes.
More information can be found [here](https://www.talos.dev/v1.8/talos-guides/configuration/patching/#strategic-merge-patches).
"""

[notes.dev-tun]
title = "Accessing `/dev/net/tun` in Kubernetes Pods"
description = """\
Talos Linux ships with `runc` 1.2, which [drops](https://github.com/opencontainers/runc/pull/3468) legacy rule to expose `/dev/net/tun` devices by default in the container.
If you need to access `/dev/net/tun` in your Kubernetes pods (e.g. running Tailscale as a Kubernetes pod), you can add use [device plugins](https:/www.talos.dev/v1.8/kubernetes-guides/configuration/device-plugins/) to expose `/dev/net/tun` to the pod.
Talos is built with Go 1.23.1.
"""

[make_deps]
Expand Down
2 changes: 1 addition & 1 deletion hack/structprotogen/go.mod
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
module github.com/siderolabs/structprotogen

go 1.22.7
go 1.23.1

require (
github.com/fatih/structtag v1.2.0
Expand Down
2 changes: 2 additions & 0 deletions hack/structprotogen/types/types.go
Original file line number Diff line number Diff line change
Expand Up @@ -229,6 +229,8 @@ func TypeInfo(t types.Type) TypeInfoData {
return makeType[Basic]("", t.Name())
case *types.Pointer:
return TypeInfo(t.Elem())
case *types.Alias:
return TypeInfo(types.Unalias(t))
case *types.Named:
if _, ok := t.Underlying().(*types.Basic); ok {
return makeType[Basic](t.Obj().Pkg().Path(), t.Obj().Name())
Expand Down
2 changes: 1 addition & 1 deletion internal/app/machined/pkg/system/health/check.go
Original file line number Diff line number Diff line change
Expand Up @@ -40,7 +40,7 @@ func Run(ctx context.Context, settings *Settings, state *State, check Check) err

for {
err = func() error {
checkCtx, checkCtxCancel = context.WithTimeout(ctx, settings.Timeout)
checkCtx, checkCtxCancel = context.WithTimeout(ctx, settings.Timeout) //nolint:fatcontext
defer checkCtxCancel()

return check(checkCtx)
Expand Down
4 changes: 2 additions & 2 deletions internal/pkg/dashboard/configurl.go
Original file line number Diff line number Diff line change
Expand Up @@ -67,7 +67,7 @@ func NewConfigURLGrid(ctx context.Context, dashboard *Dashboard) *ConfigURLGrid
grid.form.AddFormItem(grid.existingCode)
grid.form.AddFormItem(grid.newCodeField)
grid.form.AddButton("Save", func() {
ctx = nodeContext(ctx, grid.selectedNode)
ctx = nodeContext(ctx, grid.selectedNode) //nolint:fatcontext

value := grid.newCodeField.GetText()

Expand All @@ -88,7 +88,7 @@ func NewConfigURLGrid(ctx context.Context, dashboard *Dashboard) *ConfigURLGrid
grid.dashboard.selectScreen(ScreenSummary)
})
grid.form.AddButton("Delete", func() {
ctx = nodeContext(ctx, grid.selectedNode)
ctx = nodeContext(ctx, grid.selectedNode) //nolint:fatcontext

err := dashboard.cli.MetaDelete(ctx, meta.DownloadURLCode)
if err != nil {
Expand Down
2 changes: 1 addition & 1 deletion internal/pkg/etcd/endpoints.go
Original file line number Diff line number Diff line change
Expand Up @@ -42,7 +42,7 @@ func GetEndpoints(ctx context.Context, resources state.State) ([]string, error)
endpoints := endpointAddrs.Strings()

// Etcd expects host:port format.
for i := range len(endpoints) {
for i := range endpoints {
endpoints[i] = nethelpers.JoinHostPort(endpoints[i], constants.EtcdClientPort)
}

Expand Down
Loading

0 comments on commit 392c479

Please sign in to comment.