Skip to content

Commit 9920386

Browse files
committed
feat: update Image Factory with Talos 1.14.0-alpha.1
Fixes #454 Major changes: * bump Talos & machinery & PKGS to match Talos 1.14.0-alpha.1 * introduce disk image sector size * SecureBoot disk images auto-enroll Signed-off-by: Andrey Smirnov <andrey.smirnov@siderolabs.com>
1 parent d49e952 commit 9920386

18 files changed

Lines changed: 497 additions & 362 deletions

File tree

.github/workflows/ci.yaml

Lines changed: 17 additions & 17 deletions
Original file line numberDiff line numberDiff line change
@@ -1,6 +1,6 @@
11
# THIS FILE WAS AUTOMATICALLY GENERATED BY KRES, PLEASE DO NOT EDIT.
22
#
3-
# Generated on 2026-05-20T12:38:08Z by kres fcee7dc.
3+
# Generated on 2026-05-29T16:37:49Z by kres 8085f7d.
44

55
concurrency:
66
group: ${{ github.head_ref || github.run_id }}
@@ -57,7 +57,7 @@ jobs:
5757
git fetch --prune --unshallow
5858
- name: Set up Docker Buildx
5959
id: setup-buildx
60-
uses: docker/setup-buildx-action@4d04d5d9486b7bd6fa91e7baf45bbb4f8b9deedd # version: v4.0.0
60+
uses: docker/setup-buildx-action@d7f5e7f509e45cec5c76c4d5afdd7de93d0b3df5 # version: v4.1.0
6161
with:
6262
driver: remote
6363
endpoint: tcp://buildkit-amd64.ci.svc.cluster.local:1234
@@ -111,7 +111,7 @@ jobs:
111111
git fetch --prune --unshallow
112112
- name: Set up Docker Buildx
113113
id: setup-buildx
114-
uses: docker/setup-buildx-action@4d04d5d9486b7bd6fa91e7baf45bbb4f8b9deedd # version: v4.0.0
114+
uses: docker/setup-buildx-action@d7f5e7f509e45cec5c76c4d5afdd7de93d0b3df5 # version: v4.1.0
115115
with:
116116
driver: remote
117117
endpoint: tcp://buildkit-amd64.ci.svc.cluster.local:1234
@@ -132,7 +132,7 @@ jobs:
132132
make image-factory
133133
- name: Login to registry
134134
if: github.event_name != 'pull_request'
135-
uses: docker/login-action@4907a6ddec9925e35a0a9e82d7399ccc52663121 # version: v4.1.0
135+
uses: docker/login-action@650006c6eb7dba73a995cc03b0b2d7f5ca915bee # version: v4.2.0
136136
with:
137137
password: ${{ secrets.GITHUB_TOKEN }}
138138
registry: ghcr.io
@@ -220,7 +220,7 @@ jobs:
220220
git fetch --prune --unshallow
221221
- name: Set up Docker Buildx
222222
id: setup-buildx
223-
uses: docker/setup-buildx-action@4d04d5d9486b7bd6fa91e7baf45bbb4f8b9deedd # version: v4.0.0
223+
uses: docker/setup-buildx-action@d7f5e7f509e45cec5c76c4d5afdd7de93d0b3df5 # version: v4.1.0
224224
with:
225225
driver: remote
226226
endpoint: tcp://buildkit-amd64.ci.svc.cluster.local:1234
@@ -234,7 +234,7 @@ jobs:
234234
run: |
235235
make integration-cdn
236236
- name: coverage
237-
uses: codecov/codecov-action@57e3a136b779b570ffcdbf80b3bdc90e7fab3de2 # version: v6.0.0
237+
uses: codecov/codecov-action@e79a6962e0d4c0c17b229090214935d2e33f8354 # version: v6.0.1
238238
with:
239239
files: _out/coverage-integration-cdn.txt
240240
flags: integration-cdn
@@ -279,7 +279,7 @@ jobs:
279279
git fetch --prune --unshallow
280280
- name: Set up Docker Buildx
281281
id: setup-buildx
282-
uses: docker/setup-buildx-action@4d04d5d9486b7bd6fa91e7baf45bbb4f8b9deedd # version: v4.0.0
282+
uses: docker/setup-buildx-action@d7f5e7f509e45cec5c76c4d5afdd7de93d0b3df5 # version: v4.1.0
283283
with:
284284
driver: remote
285285
endpoint: tcp://buildkit-amd64.ci.svc.cluster.local:1234
@@ -293,7 +293,7 @@ jobs:
293293
run: |
294294
make integration-direct
295295
- name: coverage
296-
uses: codecov/codecov-action@57e3a136b779b570ffcdbf80b3bdc90e7fab3de2 # version: v6.0.0
296+
uses: codecov/codecov-action@e79a6962e0d4c0c17b229090214935d2e33f8354 # version: v6.0.1
297297
with:
298298
files: _out/coverage-integration-direct.txt
299299
flags: integration-direct
@@ -338,7 +338,7 @@ jobs:
338338
git fetch --prune --unshallow
339339
- name: Set up Docker Buildx
340340
id: setup-buildx
341-
uses: docker/setup-buildx-action@4d04d5d9486b7bd6fa91e7baf45bbb4f8b9deedd # version: v4.0.0
341+
uses: docker/setup-buildx-action@d7f5e7f509e45cec5c76c4d5afdd7de93d0b3df5 # version: v4.1.0
342342
with:
343343
driver: remote
344344
endpoint: tcp://buildkit-amd64.ci.svc.cluster.local:1234
@@ -353,7 +353,7 @@ jobs:
353353
run: |
354354
make integration-enterprise
355355
- name: coverage
356-
uses: codecov/codecov-action@57e3a136b779b570ffcdbf80b3bdc90e7fab3de2 # version: v6.0.0
356+
uses: codecov/codecov-action@e79a6962e0d4c0c17b229090214935d2e33f8354 # version: v6.0.1
357357
with:
358358
files: _out/coverage-integration-enterprise.txt
359359
flags: integration-enterprise
@@ -398,7 +398,7 @@ jobs:
398398
git fetch --prune --unshallow
399399
- name: Set up Docker Buildx
400400
id: setup-buildx
401-
uses: docker/setup-buildx-action@4d04d5d9486b7bd6fa91e7baf45bbb4f8b9deedd # version: v4.0.0
401+
uses: docker/setup-buildx-action@d7f5e7f509e45cec5c76c4d5afdd7de93d0b3df5 # version: v4.1.0
402402
with:
403403
driver: remote
404404
endpoint: tcp://buildkit-amd64.ci.svc.cluster.local:1234
@@ -412,7 +412,7 @@ jobs:
412412
run: |
413413
make integration-proxy-installer
414414
- name: coverage
415-
uses: codecov/codecov-action@57e3a136b779b570ffcdbf80b3bdc90e7fab3de2 # version: v6.0.0
415+
uses: codecov/codecov-action@e79a6962e0d4c0c17b229090214935d2e33f8354 # version: v6.0.1
416416
with:
417417
files: _out/coverage-integration-proxy-installer.txt
418418
flags: integration-proxy-installer
@@ -457,7 +457,7 @@ jobs:
457457
git fetch --prune --unshallow
458458
- name: Set up Docker Buildx
459459
id: setup-buildx
460-
uses: docker/setup-buildx-action@4d04d5d9486b7bd6fa91e7baf45bbb4f8b9deedd # version: v4.0.0
460+
uses: docker/setup-buildx-action@d7f5e7f509e45cec5c76c4d5afdd7de93d0b3df5 # version: v4.1.0
461461
with:
462462
driver: remote
463463
endpoint: tcp://buildkit-amd64.ci.svc.cluster.local:1234
@@ -471,7 +471,7 @@ jobs:
471471
run: |
472472
make integration-s3
473473
- name: coverage
474-
uses: codecov/codecov-action@57e3a136b779b570ffcdbf80b3bdc90e7fab3de2 # version: v6.0.0
474+
uses: codecov/codecov-action@e79a6962e0d4c0c17b229090214935d2e33f8354 # version: v6.0.1
475475
with:
476476
files: _out/coverage-integration-s3.txt
477477
flags: integration-s3
@@ -516,7 +516,7 @@ jobs:
516516
git fetch --prune --unshallow
517517
- name: Set up Docker Buildx
518518
id: setup-buildx
519-
uses: docker/setup-buildx-action@4d04d5d9486b7bd6fa91e7baf45bbb4f8b9deedd # version: v4.0.0
519+
uses: docker/setup-buildx-action@d7f5e7f509e45cec5c76c4d5afdd7de93d0b3df5 # version: v4.1.0
520520
with:
521521
driver: remote
522522
endpoint: tcp://buildkit-amd64.ci.svc.cluster.local:1234
@@ -563,7 +563,7 @@ jobs:
563563
git fetch --prune --unshallow
564564
- name: Set up Docker Buildx
565565
id: setup-buildx
566-
uses: docker/setup-buildx-action@4d04d5d9486b7bd6fa91e7baf45bbb4f8b9deedd # version: v4.0.0
566+
uses: docker/setup-buildx-action@d7f5e7f509e45cec5c76c4d5afdd7de93d0b3df5 # version: v4.1.0
567567
with:
568568
driver: remote
569569
endpoint: tcp://buildkit-amd64.ci.svc.cluster.local:1234
@@ -575,7 +575,7 @@ jobs:
575575
run: |
576576
make unit-tests-race
577577
- name: coverage
578-
uses: codecov/codecov-action@57e3a136b779b570ffcdbf80b3bdc90e7fab3de2 # version: v6.0.0
578+
uses: codecov/codecov-action@e79a6962e0d4c0c17b229090214935d2e33f8354 # version: v6.0.1
579579
with:
580580
files: _out/coverage-unit-tests.txt
581581
flags: unit-tests

.github/workflows/helm.yaml

Lines changed: 4 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -1,6 +1,6 @@
1-
# THIS FILE WAS AUTOMATICALLY GENERATED, PLEASE DO NOT EDIT.
1+
# THIS FILE WAS AUTOMATICALLY GENERATED BY KRES, PLEASE DO NOT EDIT.
22
#
3-
# Generated on 2026-04-16T17:59:27Z by kres b6d29bf-dirty.
3+
# Generated on 2026-05-29T16:37:49Z by kres 8085f7d.
44

55
concurrency:
66
group: helm-${{ github.head_ref || github.run_id }}
@@ -60,14 +60,14 @@ jobs:
6060
git fetch --prune --unshallow
6161
- name: Set up Docker Buildx
6262
id: setup-buildx
63-
uses: docker/setup-buildx-action@4d04d5d9486b7bd6fa91e7baf45bbb4f8b9deedd # version: v4.0.0
63+
uses: docker/setup-buildx-action@d7f5e7f509e45cec5c76c4d5afdd7de93d0b3df5 # version: v4.1.0
6464
with:
6565
driver: remote
6666
endpoint: tcp://buildkit-amd64.ci.svc.cluster.local:1234
6767
timeout-minutes: 10
6868
- name: Login to registry
6969
if: github.event_name != 'pull_request'
70-
uses: docker/login-action@4907a6ddec9925e35a0a9e82d7399ccc52663121 # version: v4.1.0
70+
uses: docker/login-action@650006c6eb7dba73a995cc03b0b2d7f5ca915bee # version: v4.2.0
7171
with:
7272
password: ${{ secrets.GITHUB_TOKEN }}
7373
registry: ghcr.io

.github/workflows/lock.yml

Lines changed: 3 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -1,6 +1,6 @@
1-
# THIS FILE WAS AUTOMATICALLY GENERATED, PLEASE DO NOT EDIT.
1+
# THIS FILE WAS AUTOMATICALLY GENERATED BY KRES, PLEASE DO NOT EDIT.
22
#
3-
# Generated on 2025-12-19T14:05:22Z by kres 26be706.
3+
# Generated on 2026-05-29T16:37:49Z by kres 8085f7d.
44

55
"on":
66
schedule:
@@ -14,7 +14,7 @@ jobs:
1414
- ubuntu-latest
1515
steps:
1616
- name: Lock old issues
17-
uses: dessant/lock-threads@7266a7ce5c1df01b1c6db85bf8cd86c737dadbe7 # version: v6.0.0
17+
uses: dessant/lock-threads@89ae32b08ed1a541efecbab17912962a5e38981c # version: v6.0.2
1818
with:
1919
issue-inactive-days: "60"
2020
log-output: "true"

.github/workflows/stale.yml

Lines changed: 3 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -1,6 +1,6 @@
1-
# THIS FILE WAS AUTOMATICALLY GENERATED, PLEASE DO NOT EDIT.
1+
# THIS FILE WAS AUTOMATICALLY GENERATED BY KRES, PLEASE DO NOT EDIT.
22
#
3-
# Generated on 2026-03-06T14:34:58Z by kres 1dd7316.
3+
# Generated on 2026-05-29T16:37:49Z by kres 8085f7d.
44

55
"on":
66
schedule:
@@ -15,7 +15,7 @@ jobs:
1515
- ubuntu-latest
1616
steps:
1717
- name: Close stale issues and PRs
18-
uses: actions/stale@b5d41d4e1d5dceea10e7104786b73624c18a190f # version: v10.2.0
18+
uses: actions/stale@eb5cf3af3ac0a1aa4c9c45633dd1ae542a27a899 # version: v10.3.0
1919
with:
2020
close-issue-message: This issue was closed because it has been stalled for 7 days with no activity.
2121
days-before-issue-close: "5"

.kres.yaml

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -23,7 +23,7 @@ spec:
2323
- name: PKGS_PREFIX
2424
defaultValue: ghcr.io/siderolabs
2525
- name: PKGS
26-
defaultValue: v1.13.0-beta.0-14-gb121566
26+
defaultValue: v1.14.0-alpha.0-70-g0870a4b
2727
docker:
2828
extraArgs:
2929
- PKGS_PREFIX

Dockerfile

Lines changed: 5 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -2,7 +2,7 @@
22

33
# THIS FILE WAS AUTOMATICALLY GENERATED BY KRES, PLEASE DO NOT EDIT.
44
#
5-
# Generated on 2026-05-20T12:38:08Z by kres fcee7dc.
5+
# Generated on 2026-05-29T16:37:49Z by kres 8085f7d.
66

77
ARG TOOLCHAIN=scratch
88
ARG PKGS_PREFIX=scratch
@@ -283,23 +283,25 @@ COPY --from=generate / /
283283
COPY --from=embed-generate / /
284284
WORKDIR /src/cmd/image-factory
285285
ARG GO_BUILDFLAGS
286+
ARG GO_GCFLAGS
286287
ARG GO_LDFLAGS
287288
ARG VERSION_PKG="internal/version"
288289
ARG SHA
289290
ARG TAG
290-
RUN --mount=type=cache,target=/root/.cache/go-build,id=image-factory/root/.cache/go-build --mount=type=cache,target=/go/pkg,id=image-factory/go/pkg GOARCH=amd64 GOOS=linux go build ${GO_BUILDFLAGS} -ldflags "${GO_LDFLAGS} -X ${VERSION_PKG}.Name=image-factory -X ${VERSION_PKG}.SHA=${SHA} -X ${VERSION_PKG}.Tag=${TAG}" -o /image-factory-linux-amd64
291+
RUN --mount=type=cache,target=/root/.cache/go-build,id=image-factory/root/.cache/go-build --mount=type=cache,target=/go/pkg,id=image-factory/go/pkg GOARCH=amd64 GOOS=linux go build ${GO_BUILDFLAGS} -gcflags "${GO_GCFLAGS}" -ldflags "${GO_LDFLAGS} -X ${VERSION_PKG}.Name=image-factory -X ${VERSION_PKG}.SHA=${SHA} -X ${VERSION_PKG}.Tag=${TAG}" -o /image-factory-linux-amd64
291292

292293
# builds image-factory-linux-arm64
293294
FROM base AS image-factory-linux-arm64-build
294295
COPY --from=generate / /
295296
COPY --from=embed-generate / /
296297
WORKDIR /src/cmd/image-factory
297298
ARG GO_BUILDFLAGS
299+
ARG GO_GCFLAGS
298300
ARG GO_LDFLAGS
299301
ARG VERSION_PKG="internal/version"
300302
ARG SHA
301303
ARG TAG
302-
RUN --mount=type=cache,target=/root/.cache/go-build,id=image-factory/root/.cache/go-build --mount=type=cache,target=/go/pkg,id=image-factory/go/pkg GOARCH=arm64 GOOS=linux go build ${GO_BUILDFLAGS} -ldflags "${GO_LDFLAGS} -X ${VERSION_PKG}.Name=image-factory -X ${VERSION_PKG}.SHA=${SHA} -X ${VERSION_PKG}.Tag=${TAG}" -o /image-factory-linux-arm64
304+
RUN --mount=type=cache,target=/root/.cache/go-build,id=image-factory/root/.cache/go-build --mount=type=cache,target=/go/pkg,id=image-factory/go/pkg GOARCH=arm64 GOOS=linux go build ${GO_BUILDFLAGS} -gcflags "${GO_GCFLAGS}" -ldflags "${GO_LDFLAGS} -X ${VERSION_PKG}.Name=image-factory -X ${VERSION_PKG}.SHA=${SHA} -X ${VERSION_PKG}.Tag=${TAG}" -o /image-factory-linux-arm64
303305

304306
FROM scratch AS image-factory-linux-amd64
305307
COPY --from=image-factory-linux-amd64-build /image-factory-linux-amd64 /image-factory-linux-amd64

Makefile

Lines changed: 6 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -1,6 +1,6 @@
11
# THIS FILE WAS AUTOMATICALLY GENERATED BY KRES, PLEASE DO NOT EDIT.
22
#
3-
# Generated on 2026-05-22T09:07:04Z by kres 44d3d02.
3+
# Generated on 2026-05-29T16:37:49Z by kres 8085f7d.
44

55
# common variables
66

@@ -33,6 +33,7 @@ DIS_VULNCHECK_VERSION ?= v0.0.0-20260430093434-b73e0972e2fb
3333
GO_BUILDFLAGS ?=
3434
GO_BUILDTAGS ?= ,
3535
GO_LDFLAGS ?=
36+
GO_GCFLAGS ?=
3637
CGO_ENABLED ?= 0
3738
GOTOOLCHAIN ?= local
3839
GOEXPERIMENT ?=
@@ -68,6 +69,7 @@ COMMON_ARGS += --build-arg=REGISTRY="$(REGISTRY)"
6869
COMMON_ARGS += --build-arg=TOOLCHAIN="$(TOOLCHAIN)"
6970
COMMON_ARGS += --build-arg=CGO_ENABLED="$(CGO_ENABLED)"
7071
COMMON_ARGS += --build-arg=GO_BUILDFLAGS="$(GO_BUILDFLAGS)"
72+
COMMON_ARGS += --build-arg=GO_GCFLAGS="$(GO_GCFLAGS)"
7173
COMMON_ARGS += --build-arg=GO_LDFLAGS="$(GO_LDFLAGS)"
7274
COMMON_ARGS += --build-arg=GOTOOLCHAIN="$(GOTOOLCHAIN)"
7375
COMMON_ARGS += --build-arg=GOEXPERIMENT="$(GOEXPERIMENT)"
@@ -81,6 +83,7 @@ COMMON_ARGS += --build-arg=DEEPCOPY_VERSION="$(DEEPCOPY_VERSION)"
8183
COMMON_ARGS += --build-arg=GOLANGCILINT_VERSION="$(GOLANGCILINT_VERSION)"
8284
COMMON_ARGS += --build-arg=GOFUMPT_VERSION="$(GOFUMPT_VERSION)"
8385
COMMON_ARGS += --build-arg=DIS_VULNCHECK_VERSION="$(DIS_VULNCHECK_VERSION)"
86+
COMMON_ARGS += --build-arg=SYFT_VERSION="$(SYFT_VERSION)"
8487
COMMON_ARGS += --build-arg=TESTPKGS="$(TESTPKGS)"
8588
COMMON_ARGS += --build-arg=HELMDOCS_VERSION="$(HELMDOCS_VERSION)"
8689
COMMON_ARGS += --build-arg=PKGS_PREFIX="$(PKGS_PREFIX)"
@@ -90,7 +93,7 @@ TOOLCHAIN ?= docker.io/golang:1.26-alpine
9093
# extra variables
9194

9295
PKGS_PREFIX ?= ghcr.io/siderolabs
93-
PKGS ?= v1.13.0-beta.0-14-gb121566
96+
PKGS ?= v1.14.0-alpha.0-70-g0870a4b
9497
RUN_TESTS_DIRECT ?= TestIntegrationDirect
9598
TEST_FLAGS ?=
9699
RUN_TESTS_S3 ?= TestIntegrationS3
@@ -168,6 +171,7 @@ GO_LDFLAGS += -linkmode=external -extldflags '-static'
168171
endif
169172

170173
ifneq (, $(filter $(WITH_DEBUG), t true TRUE y yes 1))
174+
GO_GCFLAGS += -N -l
171175
GO_BUILDTAGS := $(GO_BUILDTAGS)sidero.debug,
172176
else
173177
GO_LDFLAGS += -s

docs/api.md

Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -75,6 +75,8 @@ customization:
7575
kind: KmsgLogConfig
7676
name: remote-log
7777
url: tcp://10.0.0.50:5044/
78+
diskImage: # optional, only applies to disk images
79+
sectorSize: 4096 # optional, disk image sector size in bytes, defaults to 512 if not set
7880
overlay: # optional
7981
image: ghcr.io/siderolabs/sbc-raspberry-pi # overlay image
8082
name: rpi_generic # overlay name

docs/developing.md

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -90,7 +90,7 @@ Example running direct integration tests with registry mirrors
9090
(`127.0.0.1:5004` is a registry mirror for `ghcr.io`, `127.0.0.1:5100` is an ephemeral local registry brought up by `make` automatically, and `127.0.0.1:5005` is a local registry for pushing images):
9191

9292
```bash
93-
make integration-direct TEST_FLAGS="-test.image-registry=127.0.0.1:5004 -test.schematic-service-repository=127.0.0.1:5100/image-factory/schematic -test.installer-external-repository=127.0.0.1:5100/test -test.installer-internal-repository=127.0.0.1:5100/test -test.cache-repository=127.0.0.1:5100/image-factory/cache" REGISTRY=127.0.0.1:5005
93+
make integration-direct TEST_FLAGS="-test.image-registry=127.0.0.1:5004 -test.schematic-service-repository=127.0.0.1:5100/image-factory/schematic -test.installer-external-repository=127.0.0.1:5100/test -test.installer-internal-repository=127.0.0.1:5100/test -test.cache-repository=127.0.0.1:5100/image-factory/cache -test.signing-cache-repository=127.0.0.1:5100/image-factory/signing-cache" REGISTRY=127.0.0.1:5005
9494
```
9595

9696
A test focus can be set with:
@@ -102,7 +102,7 @@ A test focus can be set with:
102102
For Enterprise tests, use the following command:
103103

104104
```bash
105-
make integration-enterprise TEST_FLAGS="-test.image-registry=127.0.0.1:5004 -test.schematic-service-repository=127.0.0.1:5100/image-factory/schematic -test.installer-external-repository=127.0.0.1:5100/test -test.installer-internal-repository=127.0.0.1:5100/test -test.cache-repository=127.0.0.1:5100/image-factory/cache" REGISTRY=127.0.0.1:5005
105+
make integration-enterprise TEST_FLAGS="-test.image-registry=127.0.0.1:5004 -test.schematic-service-repository=127.0.0.1:5100/image-factory/schematic -test.installer-external-repository=127.0.0.1:5100/test -test.installer-internal-repository=127.0.0.1:5100/test -test.cache-repository=127.0.0.1:5100/image-factory/cache -test.signing-cache-repository=127.0.0.1:5100/image-factory/signing-cache" REGISTRY=127.0.0.1:5005
106106
```
107107

108108
(The only change is `s/integration-direct/integration-enterprise/` in the target name, and the test focus variable will be `RUN_TESTS_ENTERPRISE` instead of `RUN_TESTS_DIRECT`.)

0 commit comments

Comments
 (0)