Script 'mail_helper' called by obssrc Hello community, here is the log from the commit of package talosctl for openSUSE:Factory checked in at 2025-05-31 19:17:16 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/talosctl (Old) and /work/SRC/openSUSE:Factory/.talosctl.new.16005 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "talosctl" Sat May 31 19:17:16 2025 rev:29 rq:1281587 version:1.10.3 Changes: -------- --- /work/SRC/openSUSE:Factory/talosctl/talosctl.changes 2025-05-20 09:38:02.721233841 +0200 +++ /work/SRC/openSUSE:Factory/.talosctl.new.16005/talosctl.changes 2025-05-31 19:18:15.730222116 +0200 @@ -1,0 +2,7 @@ +Sat May 31 06:41:20 UTC 2025 - Johannes Kastl <opensuse_buildserv...@ojkastl.de> + +- update to 1.10.3: + https://github.com/siderolabs/talos/releases/tag/v1.10.3 + * no CLI-related changes in the Changelog + +------------------------------------------------------------------- Old: ---- talosctl-1.10.2.obscpio New: ---- talosctl-1.10.3.obscpio ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ talosctl.spec ++++++ --- /var/tmp/diff_new_pack.m4d7kt/_old 2025-05-31 19:18:16.718263737 +0200 +++ /var/tmp/diff_new_pack.m4d7kt/_new 2025-05-31 19:18:16.718263737 +0200 @@ -17,7 +17,7 @@ Name: talosctl -Version: 1.10.2 +Version: 1.10.3 Release: 0 Summary: CLI to interact with Talos Linux License: MPL-2.0 ++++++ _service ++++++ --- /var/tmp/diff_new_pack.m4d7kt/_old 2025-05-31 19:18:16.758265421 +0200 +++ /var/tmp/diff_new_pack.m4d7kt/_new 2025-05-31 19:18:16.762265590 +0200 @@ -4,7 +4,7 @@ <param name="scm">git</param> <param name="exclude">.git</param> <param name="exclude">go.work</param> - <param name="revision">v1.10.2</param> + <param name="revision">v1.10.3</param> <param name="match-tag">v*</param> <param name="versionformat">@PARENT_TAG@</param> <param name="versionrewrite-pattern">v(.*)</param> ++++++ talosctl-1.10.2.obscpio -> talosctl-1.10.3.obscpio ++++++ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/talosctl-1.10.2/CHANGELOG.md new/talosctl-1.10.3/CHANGELOG.md --- old/talosctl-1.10.2/CHANGELOG.md 2025-05-16 16:04:24.000000000 +0200 +++ new/talosctl-1.10.3/CHANGELOG.md 2025-05-29 08:34:28.000000000 +0200 @@ -1,3 +1,77 @@ +## [Talos 1.10.3](https://github.com/siderolabs/talos/releases/tag/v1.10.3) (2025-05-29) + +Welcome to the v1.10.3 release of Talos! + + + +Please try out the release binaries and report any issues at +https://github.com/siderolabs/talos/issues. + +### Component Updates + +Linux: 6.12.28 +Kubernetes: 1.33.1 + +Talos is built with Go 1.24.3. + + +### Contributors + +* Andrey Smirnov +* Noel Georgi + +### Changes +<details><summary>9 commits</summary> +<p> + +* [`85110deec`](https://github.com/siderolabs/talos/commit/85110deec25d0fbfe1cdfc4eec2189ad48bec8ad) fix(ci): reproducibility test +* [`64609aad5`](https://github.com/siderolabs/talos/commit/64609aad5c7986d0051e9ff2a1d0e232a65ee16b) fix(ci): iso reproducibility file permissions +* [`d24ef442b`](https://github.com/siderolabs/talos/commit/d24ef442bce8d3b09e7a839e992fb55b113c4300) fix: nocloud metadata for hostname +* [`d4eaf78dc`](https://github.com/siderolabs/talos/commit/d4eaf78dc6685072d98e31ab5cf4e9af37d3fd8d) fix: allow any PKI in Talos API +* [`2b5f34a41`](https://github.com/siderolabs/talos/commit/2b5f34a4127478c5aa46df85c44780bfd7cee9b0) fix: metal-iso reproducibility +* [`3692f6fef`](https://github.com/siderolabs/talos/commit/3692f6fefa8bc68337067505970013d3af531d64) fix: bump apid memory limit +* [`284ffe9cb`](https://github.com/siderolabs/talos/commit/284ffe9cbe5b933aacf5b3ae1434ca82296a00cf) feat: update default Kubernetes to v1.33.1 +* [`ecdac8802`](https://github.com/siderolabs/talos/commit/ecdac88029129a1e3ce6099ff64da333de4a0244) chore: clean up `/usr/bin` +* [`e9a6ba902`](https://github.com/siderolabs/talos/commit/e9a6ba902049f8608da984e8c0c101618cdab178) feat: update Linux to 6.12.28 +</p> +</details> + +### Changes from siderolabs/crypto +<details><summary>2 commits</summary> +<p> + +* [`17107ae`](https://github.com/siderolabs/crypto/commit/17107ae45403a2bcd4fecfb4660b60276652b00d) fix: add generic CSR generator and OpenSSL interop +* [`53659fc`](https://github.com/siderolabs/crypto/commit/53659fc35f6abd4ada7ffa22ef1b148cf93c0f28) refactor: split into files +</p> +</details> + +### Changes from siderolabs/pkgs +<details><summary>4 commits</summary> +<p> + +* [`39b9c9f`](https://github.com/siderolabs/pkgs/commit/39b9c9f841cb786f46a791ac392c66945c218eca) fix: drop pcre2 binaries +* [`b622793`](https://github.com/siderolabs/pkgs/commit/b6227930a0f68f9da7cd95b6928419c546b17ada) fix: drop broken symlinks +* [`ca63fc8`](https://github.com/siderolabs/pkgs/commit/ca63fc87df90a1fd1c44bc5b9c223f367843897f) fix: clean up some binaries +* [`1ff9dc5`](https://github.com/siderolabs/pkgs/commit/1ff9dc5cd64e43949e661e4eb3b6e6a92f063a8b) feat: update Linux 6.12.28, firmware +</p> +</details> + +### Dependency Changes + +* **github.com/siderolabs/crypto** v0.5.1 -> v0.6.0 +* **github.com/siderolabs/pkgs** v1.10.0-12-gb425b44 -> v1.10.0-16-g39b9c9f +* **k8s.io/api** v0.33.0 -> v0.33.1 +* **k8s.io/apimachinery** v0.33.0 -> v0.33.1 +* **k8s.io/apiserver** v0.33.0 -> v0.33.1 +* **k8s.io/client-go** v0.33.0 -> v0.33.1 +* **k8s.io/component-base** v0.33.0 -> v0.33.1 +* **k8s.io/kube-scheduler** v0.33.0 -> v0.33.1 +* **k8s.io/kubectl** v0.33.0 -> v0.33.1 +* **k8s.io/kubelet** v0.33.0 -> v0.33.1 +* **k8s.io/pod-security-admission** v0.33.0 -> v0.33.1 + +Previous release can be found at [v1.10.2](https://github.com/siderolabs/talos/releases/tag/v1.10.2) + ## [Talos 1.10.2](https://github.com/siderolabs/talos/releases/tag/v1.10.2) (2025-05-16) Welcome to the v1.10.2 release of Talos! diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/talosctl-1.10.2/Makefile new/talosctl-1.10.3/Makefile --- old/talosctl-1.10.2/Makefile 2025-05-16 16:04:24.000000000 +0200 +++ new/talosctl-1.10.3/Makefile 2025-05-29 08:34:28.000000000 +0200 @@ -27,7 +27,7 @@ TOOLS_PREFIX ?= ghcr.io/siderolabs/tools TOOLS ?= v1.10.0-2-gfa51331 PKGS_PREFIX ?= ghcr.io/siderolabs -PKGS ?= v1.10.0-12-gb425b44 +PKGS ?= v1.10.0-16-g39b9c9f KRES_IMAGE ?= ghcr.io/siderolabs/kres:latest CONFORMANCE_IMAGE ?= ghcr.io/siderolabs/conform:latest @@ -125,7 +125,7 @@ INTEGRATION_TEST_DEFAULT_TARGET := $(INTEGRATION_TEST)-$(OPERATING_SYSTEM) INTEGRATION_TEST_PROVISION_DEFAULT_TARGET := integration-test-provision-$(OPERATING_SYSTEM) # renovate: datasource=github-releases depName=kubernetes/kubernetes -KUBECTL_VERSION ?= v1.33.0 +KUBECTL_VERSION ?= v1.33.1 # renovate: datasource=github-releases depName=kastenhq/kubestr KUBESTR_VERSION ?= v0.4.48 # renovate: datasource=github-releases depName=helm/helm @@ -338,6 +338,9 @@ # Build Abstractions +$(ARTIFACTS): + @mkdir -p $(ARTIFACTS) + .PHONY: base target-%: ## Builds the specified target defined in the Dockerfile. The build result will only remain in the build cache. @$(BUILD) \ @@ -570,23 +573,19 @@ $(ARTIFACTS)/$(INTEGRATION_TEST_PROVISION_DEFAULT_TARGET)-amd64: @$(MAKE) local-$(INTEGRATION_TEST_PROVISION_DEFAULT_TARGET) DEST=$(ARTIFACTS) PLATFORM=linux/amd64 WITH_RACE=true -$(ARTIFACTS)/kubectl: - @mkdir -p $(ARTIFACTS) +$(ARTIFACTS)/kubectl: $(ARTIFACTS) @curl -L -o $(ARTIFACTS)/kubectl "$(KUBECTL_URL)" @chmod +x $(ARTIFACTS)/kubectl -$(ARTIFACTS)/kubestr: - @mkdir -p $(ARTIFACTS) +$(ARTIFACTS)/kubestr: $(ARTIFACTS) @curl -L "$(KUBESTR_URL)" | tar xzf - -C $(ARTIFACTS) kubestr @chmod +x $(ARTIFACTS)/kubestr -$(ARTIFACTS)/helm: - @mkdir -p $(ARTIFACTS) +$(ARTIFACTS)/helm: $(ARTIFACTS) @curl -L "$(HELM_URL)" | tar xzf - -C $(ARTIFACTS) --strip-components=1 linux-amd64/helm @chmod +x $(ARTIFACTS)/helm -$(ARTIFACTS)/cilium: - @mkdir -p $(ARTIFACTS) +$(ARTIFACTS)/cilium: $(ARTIFACTS) @curl -L "$(CILIUM_CLI_URL)" | tar xzf - -C $(ARTIFACTS) cilium @chmod +x $(ARTIFACTS)/cilium @@ -704,12 +703,13 @@ done .PHONY: reproducibility-test -reproducibility-test: +reproducibility-test: $(ARTIFACTS) @$(MAKE) reproducibility-test-local-initramfs @$(MAKE) reproducibility-test-docker-installer-base INSTALLER_ARCH=targetarch PLATFORM=$(OPERATING_SYSTEM)/$(ARCH) @$(MAKE) reproducibility-test-docker-talos reproducibility-test-docker-imager reproducibility-test-docker-talosctl PLATFORM=$(OPERATING_SYSTEM)/$(ARCH) + @$(MAKE) reproducibility-test-iso -reproducibility-test-docker-%: +reproducibility-test-docker-%: $(ARTIFACTS) @rm -rf _out1/ _out2/ @mkdir -p _out1/ _out2/ @$(MAKE) docker-$* DEST=_out1/ @@ -717,7 +717,7 @@ @find _out1/ -type f | xargs -IFILE diffoscope FILE `echo FILE | sed 's/_out1/_out2/'` @rm -rf _out1/ _out2/ -reproducibility-test-local-%: +reproducibility-test-local-%: $(ARTIFACTS) @rm -rf _out1/ _out2/ @mkdir -p _out1/ _out2/ @$(MAKE) local-$* DEST=_out1/ @@ -725,6 +725,13 @@ @find _out1/ -type f | xargs -IFILE diffoscope FILE `echo FILE | sed 's/_out1/_out2/'` @rm -rf _out1/ _out2/ +reproducibility-test-iso: $(ARTIFACTS) + @$(MAKE) iso + mv $(ARTIFACTS)/metal-amd64.iso $(ARTIFACTS)/metal-amd64.iso.orig + @$(MAKE) iso + @diffoscope $(ARTIFACTS)/metal-amd64.iso.orig $(ARTIFACTS)/metal-amd64.iso + @rm -rf $(ARTIFACTS)/metal-amd64.iso.orig + .PHONY: ci-temp-release-tag ci-temp-release-tag: ## Generates a temporary release tag for CI run. @if [ -n "$(CI_RELEASE_TAG)" -a -n "$${GITHUB_ENV}" ]; then \ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/talosctl-1.10.2/go.mod new/talosctl-1.10.3/go.mod --- old/talosctl-1.10.2/go.mod 2025-05-16 16:04:24.000000000 +0200 +++ new/talosctl-1.10.3/go.mod 2025-05-29 08:34:28.000000000 +0200 @@ -35,16 +35,16 @@ // Kubernetes dependencies sharing the same version. require ( - k8s.io/api v0.33.0 - k8s.io/apimachinery v0.33.0 - k8s.io/apiserver v0.33.0 - k8s.io/client-go v0.33.0 - k8s.io/component-base v0.33.0 - k8s.io/cri-api v0.33.0 - k8s.io/kube-scheduler v0.33.0 - k8s.io/kubectl v0.33.0 - k8s.io/kubelet v0.33.0 - k8s.io/pod-security-admission v0.33.0 + k8s.io/api v0.33.1 + k8s.io/apimachinery v0.33.1 + k8s.io/apiserver v0.33.1 + k8s.io/client-go v0.33.1 + k8s.io/component-base v0.33.1 + k8s.io/cri-api v0.33.1 + k8s.io/kube-scheduler v0.33.1 + k8s.io/kubectl v0.33.1 + k8s.io/kubelet v0.33.1 + k8s.io/pod-security-admission v0.33.1 ) require ( @@ -138,7 +138,7 @@ github.com/ryanuber/go-glob v1.0.0 github.com/safchain/ethtool v0.5.10 github.com/scaleway/scaleway-sdk-go v1.0.0-beta.33 - github.com/siderolabs/crypto v0.5.1 + github.com/siderolabs/crypto v0.6.0 github.com/siderolabs/discovery-api v0.1.6 github.com/siderolabs/discovery-client v0.1.11 github.com/siderolabs/gen v0.8.0 @@ -165,7 +165,7 @@ github.com/siderolabs/net v0.4.0 github.com/siderolabs/proto-codec v0.1.2 github.com/siderolabs/siderolink v0.3.13 - github.com/siderolabs/talos/pkg/machinery v1.10.2 + github.com/siderolabs/talos/pkg/machinery v1.10.3 github.com/sirupsen/logrus v1.9.3 github.com/spf13/cobra v1.9.1 github.com/spf13/pflag v1.0.6 @@ -364,7 +364,7 @@ gopkg.in/evanphx/json-patch.v4 v4.12.0 // indirect gopkg.in/inf.v0 v0.9.1 // indirect gopkg.in/yaml.v2 v2.4.0 // indirect - k8s.io/cli-runtime v0.33.0 // indirect + k8s.io/cli-runtime v0.33.1 // indirect k8s.io/kube-openapi v0.0.0-20250318190949-c8a335a9a2ff // indirect k8s.io/utils v0.0.0-20250321185631-1f6e0b77f77e // indirect kernel.org/pub/linux/libs/security/libcap/psx v1.2.76 // indirect diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/talosctl-1.10.2/go.sum new/talosctl-1.10.3/go.sum --- old/talosctl-1.10.2/go.sum 2025-05-16 16:04:24.000000000 +0200 +++ new/talosctl-1.10.3/go.sum 2025-05-29 08:34:28.000000000 +0200 @@ -619,8 +619,8 @@ github.com/sergi/go-diff v1.2.0/go.mod h1:STckp+ISIX8hZLjrqAeVduY0gWCT9IjLuqbuNXdaHfM= github.com/siderolabs/coredns v1.12.52 h1:t4jcCc9HKAE/5X+gzzlvVRwBYuLyFurRjzrYjs456JU= github.com/siderolabs/coredns v1.12.52/go.mod h1:PZ37h5Mk/Mv0a1ldG5x95AnOgchBNljj4MD1DKQr4gM= -github.com/siderolabs/crypto v0.5.1 h1:aZEUTZBoP8rH+0TqQAlUgazriPh89MrXf4R+th+m6ps= -github.com/siderolabs/crypto v0.5.1/go.mod h1:7RHC7eUKBx6RLS2lDaNXrQ83zY9iPH/aQSTxk1I4/j4= +github.com/siderolabs/crypto v0.6.0 h1:s33hNOneGhlxCI3fLKj2hgopeJkeRO7UYo3KL0HNVu4= +github.com/siderolabs/crypto v0.6.0/go.mod h1:7RHC7eUKBx6RLS2lDaNXrQ83zY9iPH/aQSTxk1I4/j4= github.com/siderolabs/discovery-api v0.1.6 h1:/LhsF1ytqFEfWwV0UKfUgn90k9fk5+rhYMJ9yeUB2yc= github.com/siderolabs/discovery-api v0.1.6/go.mod h1:s5CnTyRMGid/vJNSJs8Jw9I4tnKHu/2SGqP2ytTaePQ= github.com/siderolabs/discovery-client v0.1.11 h1:Au+7QZ+CIB6g4C7ZCC4m5Ai5Uso1g/I3/E4bSUElzF8= @@ -1103,32 +1103,32 @@ honnef.co/go/tools v0.0.0-20190102054323-c2f93a96b099/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= honnef.co/go/tools v0.0.0-20190418001031-e561f6794a2a/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= honnef.co/go/tools v0.0.0-20190523083050-ea95bdfd59fc/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= -k8s.io/api v0.33.0 h1:yTgZVn1XEe6opVpP1FylmNrIFWuDqe2H0V8CT5gxfIU= -k8s.io/api v0.33.0/go.mod h1:CTO61ECK/KU7haa3qq8sarQ0biLq2ju405IZAd9zsiM= -k8s.io/apimachinery v0.33.0 h1:1a6kHrJxb2hs4t8EE5wuR/WxKDwGN1FKH3JvDtA0CIQ= -k8s.io/apimachinery v0.33.0/go.mod h1:BHW0YOu7n22fFv/JkYOEfkUYNRN0fj0BlvMFWA7b+SM= -k8s.io/apiserver v0.33.0 h1:QqcM6c+qEEjkOODHppFXRiw/cE2zP85704YrQ9YaBbc= -k8s.io/apiserver v0.33.0/go.mod h1:EixYOit0YTxt8zrO2kBU7ixAtxFce9gKGq367nFmqI8= -k8s.io/cli-runtime v0.33.0 h1:Lbl/pq/1o8BaIuyn+aVLdEPHVN665tBAXUePs8wjX7c= -k8s.io/cli-runtime v0.33.0/go.mod h1:QcA+r43HeUM9jXFJx7A+yiTPfCooau/iCcP1wQh4NFw= -k8s.io/client-go v0.33.0 h1:UASR0sAYVUzs2kYuKn/ZakZlcs2bEHaizrrHUZg0G98= -k8s.io/client-go v0.33.0/go.mod h1:kGkd+l/gNGg8GYWAPr0xF1rRKvVWvzh9vmZAMXtaKOg= -k8s.io/component-base v0.33.0 h1:Ot4PyJI+0JAD9covDhwLp9UNkUja209OzsJ4FzScBNk= -k8s.io/component-base v0.33.0/go.mod h1:aXYZLbw3kihdkOPMDhWbjGCO6sg+luw554KP51t8qCU= -k8s.io/cri-api v0.33.0 h1:YyGNgWmuSREqFPlP3XCstlHLilYdW898KwtKoaTYwBs= -k8s.io/cri-api v0.33.0/go.mod h1:OLQvT45OpIA+tv91ZrpuFIGY+Y2Ho23poS7n115Aocs= +k8s.io/api v0.33.1 h1:tA6Cf3bHnLIrUK4IqEgb2v++/GYUtqiu9sRVk3iBXyw= +k8s.io/api v0.33.1/go.mod h1:87esjTn9DRSRTD4fWMXamiXxJhpOIREjWOSjsW1kEHw= +k8s.io/apimachinery v0.33.1 h1:mzqXWV8tW9Rw4VeW9rEkqvnxj59k1ezDUl20tFK/oM4= +k8s.io/apimachinery v0.33.1/go.mod h1:BHW0YOu7n22fFv/JkYOEfkUYNRN0fj0BlvMFWA7b+SM= +k8s.io/apiserver v0.33.1 h1:yLgLUPDVC6tHbNcw5uE9mo1T6ELhJj7B0geifra3Qdo= +k8s.io/apiserver v0.33.1/go.mod h1:VMbE4ArWYLO01omz+k8hFjAdYfc3GVAYPrhP2tTKccs= +k8s.io/cli-runtime v0.33.1 h1:TvpjEtF71ViFmPeYMj1baZMJR4iWUEplklsUQ7D3quA= +k8s.io/cli-runtime v0.33.1/go.mod h1:9dz5Q4Uh8io4OWCLiEf/217DXwqNgiTS/IOuza99VZE= +k8s.io/client-go v0.33.1 h1:ZZV/Ks2g92cyxWkRRnfUDsnhNn28eFpt26aGc8KbXF4= +k8s.io/client-go v0.33.1/go.mod h1:JAsUrl1ArO7uRVFWfcj6kOomSlCv+JpvIsp6usAGefA= +k8s.io/component-base v0.33.1 h1:EoJ0xA+wr77T+G8p6T3l4efT2oNwbqBVKR71E0tBIaI= +k8s.io/component-base v0.33.1/go.mod h1:guT/w/6piyPfTgq7gfvgetyXMIh10zuXA6cRRm3rDuY= +k8s.io/cri-api v0.33.1 h1:CEvLiHZm/uTTp/5qsesU8/OG1a56RPnwMk4Ae73bUvs= +k8s.io/cri-api v0.33.1/go.mod h1:OLQvT45OpIA+tv91ZrpuFIGY+Y2Ho23poS7n115Aocs= k8s.io/klog/v2 v2.130.1 h1:n9Xl7H1Xvksem4KFG4PYbdQCQxqc/tTUyrgXaOhHSzk= k8s.io/klog/v2 v2.130.1/go.mod h1:3Jpz1GvMt720eyJH1ckRHK1EDfpxISzJ7I9OYgaDtPE= k8s.io/kube-openapi v0.0.0-20250318190949-c8a335a9a2ff h1:/usPimJzUKKu+m+TE36gUyGcf03XZEP0ZIKgKj35LS4= k8s.io/kube-openapi v0.0.0-20250318190949-c8a335a9a2ff/go.mod h1:5jIi+8yX4RIb8wk3XwBo5Pq2ccx4FP10ohkbSKCZoK8= -k8s.io/kube-scheduler v0.33.0 h1:G5psn7ynB5Vjfo0ia8uz32Gv46TRa5RgTq4PTm+yjR0= -k8s.io/kube-scheduler v0.33.0/go.mod h1:I+0aqwJ3G9f9pyfKfoN5b0uP9M6MinNpxXRlCXkM17E= -k8s.io/kubectl v0.33.0 h1:HiRb1yqibBSCqic4pRZP+viiOBAnIdwYDpzUFejs07g= -k8s.io/kubectl v0.33.0/go.mod h1:gAlGBuS1Jq1fYZ9AjGWbI/5Vk3M/VW2DK4g10Fpyn/0= -k8s.io/kubelet v0.33.0 h1:4pJA2Ge6Rp0kDNV76KH7pTBiaV2T1a1874QHMcubuSU= -k8s.io/kubelet v0.33.0/go.mod h1:iDnxbJQMy9DUNaML5L/WUlt3uJtNLWh7ZAe0JSp4Yi0= -k8s.io/pod-security-admission v0.33.0 h1:di/iicB5plCq+iQeqgf2s1N5DOSzTDiOOv5OiAbuYWE= -k8s.io/pod-security-admission v0.33.0/go.mod h1:McuUMtSclLNxQdCkDTTWqKR79jnpHT/022GuanVU/Wg= +k8s.io/kube-scheduler v0.33.1 h1:0WfBGqrfy3HzqgIVxIRpq+iYQKMgh24vcmAlvDYRkzo= +k8s.io/kube-scheduler v0.33.1/go.mod h1:Gz6+HUJcGvIkRk1PRLVniVwYasVvNhjhTbZWPh2gJ+8= +k8s.io/kubectl v0.33.1 h1:OJUXa6FV5bap6iRy345ezEjU9dTLxqv1zFTVqmeHb6A= +k8s.io/kubectl v0.33.1/go.mod h1:Z07pGqXoP4NgITlPRrnmiM3qnoo1QrK1zjw85Aiz8J0= +k8s.io/kubelet v0.33.1 h1:x4LCw1/iZVWOKA4RoITnuB8gMHnw31HPB3S0EF0EexE= +k8s.io/kubelet v0.33.1/go.mod h1:8WpdC9M95VmsqIdGSQrajXooTfT5otEj8pGWOm+KKfQ= +k8s.io/pod-security-admission v0.33.1 h1:amePfcTDgLHB1wpZFIO7chW3Pc/ikeYbniuMTQEcaB4= +k8s.io/pod-security-admission v0.33.1/go.mod h1:3gSyP5JPgte2EHjQheA81299vISL6D7DDvk2m9RQj6k= k8s.io/utils v0.0.0-20250321185631-1f6e0b77f77e h1:KqK5c/ghOm8xkHYhlodbp6i6+r+ChV2vuAuVRdFbLro= k8s.io/utils v0.0.0-20250321185631-1f6e0b77f77e/go.mod h1:OLgZIPagt7ERELqWJFomSt595RzquPNLL48iOWgYOg0= kernel.org/pub/linux/libs/security/libcap/cap v1.2.76 h1:mrdLPj8ujM6eIKGtd1PkkuCIodpFFDM42Cfm0YODkIM= diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/talosctl-1.10.2/hack/cleanup.sh new/talosctl-1.10.3/hack/cleanup.sh --- old/talosctl-1.10.2/hack/cleanup.sh 2025-05-16 16:04:24.000000000 +0200 +++ new/talosctl-1.10.3/hack/cleanup.sh 2025-05-29 08:34:28.000000000 +0200 @@ -1,20 +1,6 @@ #!/bin/bash PREFIX="${1}" -function remove_symlinks() { - set +e - for l in $(find ${PREFIX} -type l); do - readlink $l | grep -q /toolchain - if [ $? == 0 ]; then - unlink $l - fi - done - set -e -} - -# Remove any symlinks that might have been need at build time. -remove_symlinks - # Remove any archives as we do not need them since everything is dynamically linked. find ${PREFIX} -type f -name \*.a -delete find ${PREFIX} -type f -name \*.la -delete @@ -33,6 +19,5 @@ ${PREFIX}/usr/libexec/getconf \ ${PREFIX}/var/db -# Remove contents of /usr/bin except for udevadm -# TODO: do not install these files in the first place. -# find ${PREFIX}/usr/bin \( -type f -o -type l \) ! -name udevadm -delete +# Drop broken symlinks. +find ${PREFIX} -xtype l -print -delete diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/talosctl-1.10.2/hack/release.toml new/talosctl-1.10.3/hack/release.toml --- old/talosctl-1.10.2/hack/release.toml 2025-05-16 16:04:24.000000000 +0200 +++ new/talosctl-1.10.3/hack/release.toml 2025-05-29 08:34:28.000000000 +0200 @@ -7,7 +7,7 @@ ignore_deps = ["github.com/coredns/coredns"] # previous release -previous = "v1.10.1" +previous = "v1.10.2" pre_release = false @@ -19,7 +19,8 @@ [notes.updates] title = "Component Updates" description = """ -Linux: 6.12.27 +Linux: 6.12.28 +Kubernetes: 1.33.1 Talos is built with Go 1.24.3. """ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/talosctl-1.10.2/hack/test/e2e.sh new/talosctl-1.10.3/hack/test/e2e.sh --- old/talosctl-1.10.2/hack/test/e2e.sh 2025-05-16 16:04:24.000000000 +0200 +++ new/talosctl-1.10.3/hack/test/e2e.sh 2025-05-29 08:34:28.000000000 +0200 @@ -33,7 +33,7 @@ # Kubernetes export KUBECONFIG="${TMP}/kubeconfig" -export KUBERNETES_VERSION=${KUBERNETES_VERSION:-1.33.0} +export KUBERNETES_VERSION=${KUBERNETES_VERSION:-1.33.1} export NAME_PREFIX="talos-e2e-${SHA}-${PLATFORM}" export TIMEOUT=1200 diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/talosctl-1.10.2/internal/app/machined/pkg/controllers/secrets/api.go new/talosctl-1.10.3/internal/app/machined/pkg/controllers/secrets/api.go --- old/talosctl-1.10.2/internal/app/machined/pkg/controllers/secrets/api.go 2025-05-16 16:04:24.000000000 +0200 +++ new/talosctl-1.10.3/internal/app/machined/pkg/controllers/secrets/api.go 2025-05-29 08:34:28.000000000 +0200 @@ -345,7 +345,18 @@ defer remoteGen.Close() //nolint:errcheck - serverCSR, serverCert, err := x509.NewEd25519CSRAndIdentity( + // use the last CA in the list of accepted CAs as a template + if len(rootSpec.AcceptedCAs) == 0 { + return errors.New("no accepted CAs") + } + + acceptedCA, err := rootSpec.AcceptedCAs[len(rootSpec.AcceptedCAs)-1].GetCert() + if err != nil { + return fmt.Errorf("failed to parse CA certificate: %w", err) + } + + serverCSR, serverCert, err := x509.NewCSRAndIdentityFromCA( + acceptedCA, x509.IPAddresses(certSANs.StdIPs()), x509.DNSNames(certSANs.DNSNames), x509.CommonName(certSANs.FQDN), diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/talosctl-1.10.2/internal/app/machined/pkg/runtime/v1alpha1/platform/nocloud/metadata.go new/talosctl-1.10.3/internal/app/machined/pkg/runtime/v1alpha1/platform/nocloud/metadata.go --- old/talosctl-1.10.2/internal/app/machined/pkg/runtime/v1alpha1/platform/nocloud/metadata.go 2025-05-16 16:04:24.000000000 +0200 +++ new/talosctl-1.10.3/internal/app/machined/pkg/runtime/v1alpha1/platform/nocloud/metadata.go 2025-05-29 08:34:28.000000000 +0200 @@ -129,8 +129,8 @@ // MetadataConfig holds meta info. type MetadataConfig struct { Hostname string `yaml:"hostname,omitempty"` - InternalDNS string `json:"local-hostname,omitempty"` - ExternalDNS string `json:"public-hostname,omitempty"` + InternalDNS string `yaml:"local-hostname,omitempty"` + ExternalDNS string `yaml:"public-hostname,omitempty"` InstanceID string `yaml:"instance-id,omitempty"` InstanceType string `yaml:"instance-type,omitempty"` ProviderID string `yaml:"provider-id,omitempty"` diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/talosctl-1.10.2/internal/app/machined/pkg/runtime/v1alpha1/platform/nocloud/nocloud_test.go new/talosctl-1.10.3/internal/app/machined/pkg/runtime/v1alpha1/platform/nocloud/nocloud_test.go --- old/talosctl-1.10.2/internal/app/machined/pkg/runtime/v1alpha1/platform/nocloud/nocloud_test.go 2025-05-16 16:04:24.000000000 +0200 +++ new/talosctl-1.10.3/internal/app/machined/pkg/runtime/v1alpha1/platform/nocloud/nocloud_test.go 2025-05-29 08:34:28.000000000 +0200 @@ -25,20 +25,20 @@ "github.com/siderolabs/talos/pkg/machinery/resources/runtime" ) -//go:embed testdata/metadata-v1.yaml -var rawMetadataV1 []byte +//go:embed testdata/in-v1.yaml +var rawNetworkConfigV1 []byte -//go:embed testdata/metadata-v1-pnap.yaml -var rawMetadataV1Pnap []byte +//go:embed testdata/in-v1-pnap.yaml +var rawNetworkConfigV1Pnap []byte -//go:embed testdata/metadata-v2-nocloud.yaml -var rawMetadataV2Nocloud []byte +//go:embed testdata/in-v2-nocloud.yaml +var rawNetworkConfigV2Nocloud []byte -//go:embed testdata/metadata-v2-cloud-init.yaml -var rawMetadataV2CloudInit []byte +//go:embed testdata/in-v2-cloud-init.yaml +var rawNetworkConfigV2CloudInit []byte -//go:embed testdata/metadata-v2-serverscom.yaml -var rawMetadataV2Serverscom []byte +//go:embed testdata/in-v2-serverscom.yaml +var rawNetworkConfigV2Serverscom []byte //go:embed testdata/expected-v1.yaml var expectedNetworkConfigV1 string @@ -52,7 +52,7 @@ //go:embed testdata/expected-v2-serverscom.yaml var expectedNetworkConfigV2Serverscom string -func TestParseMetadata(t *testing.T) { +func TestParseNetworkConfig(t *testing.T) { t.Parallel() for _, tt := range []struct { @@ -64,29 +64,29 @@ }{ { name: "V1", - raw: rawMetadataV1, + raw: rawNetworkConfigV1, expected: expectedNetworkConfigV1, }, { name: "V1-pnap", - raw: rawMetadataV1Pnap, + raw: rawNetworkConfigV1Pnap, expected: expectedNetworkConfigV1Pnap, }, { name: "V2-nocloud", - raw: rawMetadataV2Nocloud, + raw: rawNetworkConfigV2Nocloud, expected: expectedNetworkConfigV2, expectedNeedsRecocile: true, }, { name: "V2-cloud-init", - raw: rawMetadataV2CloudInit, + raw: rawNetworkConfigV2CloudInit, expected: expectedNetworkConfigV2, expectedNeedsRecocile: true, }, { name: "V2-servers.com", - raw: rawMetadataV2Serverscom, + raw: rawNetworkConfigV2Serverscom, expected: expectedNetworkConfigV2Serverscom, }, } { @@ -172,3 +172,20 @@ }) } } + +//go:embed testdata/metadata-nocloud.yaml +var rawMetadataNocloud []byte + +func TestMedatada(t *testing.T) { + t.Parallel() + + var md nocloud.MetadataConfig + + err := yaml.Unmarshal(rawMetadataNocloud, &md) + require.NoError(t, err) + + assert.Equal(t, nocloud.MetadataConfig{ + InstanceID: "80d6927ecb30c1707b12f38ed1211535930ff16e", + InternalDNS: "talos-worker-3", + }, md) +} diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/talosctl-1.10.2/internal/app/machined/pkg/runtime/v1alpha1/platform/nocloud/testdata/in-v1-pnap.yaml new/talosctl-1.10.3/internal/app/machined/pkg/runtime/v1alpha1/platform/nocloud/testdata/in-v1-pnap.yaml --- old/talosctl-1.10.2/internal/app/machined/pkg/runtime/v1alpha1/platform/nocloud/testdata/in-v1-pnap.yaml 1970-01-01 01:00:00.000000000 +0100 +++ new/talosctl-1.10.3/internal/app/machined/pkg/runtime/v1alpha1/platform/nocloud/testdata/in-v1-pnap.yaml 2025-05-29 08:34:28.000000000 +0200 @@ -0,0 +1,53 @@ +version: 1 +config: + +- type: physical + name: eno1np0 + mac_address: "3c:ec:ef:e0:45:28" + mtu: 9000 + +- type: physical + name: eno2np1 + mac_address: "3c:ec:ef:e0:45:29" + mtu: 9000 + +- type: bond + name: bond0 + mac_address: "3c:ec:ef:e0:45:28" + mtu: 9000 + bond_interfaces: + - eno1np0 + - eno2np1 + params: + bond-lacp-rate: fast + bond-miimon: 100 + bond-mode: 802.3ad + bond-xmit-hash-policy: layer3+4 + up-delay: 0 + down-delay: 0 + +# public frontend MERGED_FRONTEND vlan 2 +- type: vlan + name: bond0.2 + mtu: 9000 + vlan_id: 2 + vlan_link: bond0 + subnets: + - address: 1.2.3.4/29 + gateway: 1.2.3.5 + type: static + +# private backend vlan 4 +- type: vlan + mtu: 9000 + name: bond0.4 + vlan_id: 4 + vlan_link: bond0 + subnets: + - type: static + address: 10.0.0.11/24 + +- type: nameserver + address: + - 8.8.8.8 + - 8.8.4.4 diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/talosctl-1.10.2/internal/app/machined/pkg/runtime/v1alpha1/platform/nocloud/testdata/in-v1.yaml new/talosctl-1.10.3/internal/app/machined/pkg/runtime/v1alpha1/platform/nocloud/testdata/in-v1.yaml --- old/talosctl-1.10.2/internal/app/machined/pkg/runtime/v1alpha1/platform/nocloud/testdata/in-v1.yaml 1970-01-01 01:00:00.000000000 +0100 +++ new/talosctl-1.10.3/internal/app/machined/pkg/runtime/v1alpha1/platform/nocloud/testdata/in-v1.yaml 2025-05-29 08:34:28.000000000 +0200 @@ -0,0 +1,29 @@ +version: 1 +config: + - type: physical + name: eth0 + mac_address: '68:05:ca:b8:f1:f7' + subnets: + - type: static + address: '192.168.1.11' + netmask: '255.255.255.0' + gateway: '192.168.1.1' + - type: static6 + address: '2001:2:3:4:5:6:7:f7/64' + gateway: 'fe80::1' + - type: physical + name: eth1 + mac_address: '68:05:ca:b8:f1:f9' + subnets: + - type: static + address: '192.168.2.11' + netmask: '255.255.255.0' + gateway: '192.168.2.1' + - type: static6 + address: '2001:2:3:4:5:6:7:f9/64' + gateway: 'fe80::2' + - type: nameserver + address: + - '192.168.1.1' + search: + - 'lan' diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/talosctl-1.10.2/internal/app/machined/pkg/runtime/v1alpha1/platform/nocloud/testdata/in-v2-cloud-init.yaml new/talosctl-1.10.3/internal/app/machined/pkg/runtime/v1alpha1/platform/nocloud/testdata/in-v2-cloud-init.yaml --- old/talosctl-1.10.2/internal/app/machined/pkg/runtime/v1alpha1/platform/nocloud/testdata/in-v2-cloud-init.yaml 1970-01-01 01:00:00.000000000 +0100 +++ new/talosctl-1.10.3/internal/app/machined/pkg/runtime/v1alpha1/platform/nocloud/testdata/in-v2-cloud-init.yaml 2025-05-29 08:34:28.000000000 +0200 @@ -0,0 +1,70 @@ +network: + version: 2 + ethernets: + eth0: + match: + macaddress: "00:20:6e:1f:f9:a8" + dhcp4: true + addresses: + - 192.168.14.2/24 + - 2001:1::1/64 + gateway4: 192.168.14.1 + gateway6: 2001:1::2 + nameservers: + search: [foo.local, bar.local] + addresses: [8.8.8.8] + eth1: + match: + macaddress: '00:20:6e:1f:f9:a9' + addresses: + - 10.22.14.2/32 + nameservers: + search: [ foo.local, bar.local ] + routes: + - to: "0.0.0.0/0" + via: "192.168.14.1" + metric: 100 + on-link: true + + ext1: + match: + macaddress: 68:05:ca:b8:f1:f8 + ext2: + match: + macaddress: 68:05:ca:b8:f1:f9 + + bonds: + bond0: + interfaces: + - ext1 + - ext2 + macaddress: e4:3d:1a:4d:6a:28 + mtu: 1500 + parameters: + mode: 802.3ad + mii-monitor-interval: 100 + down-delay: 200 + up-delay: 200 + lacp-rate: fast + transmit-hash-policy: layer3+4 + addresses: + - 10.10.4.140/29 + nameservers: + addresses: + - 1.1.1.1 + - 2.2.2.2 + routes: + - to: 10.0.0.0/8 + via: 10.10.4.147 + - to: 192.168.0.0/16 + via: 10.10.4.147 + - to: 188.42.208.0/21 + via: 10.10.4.147 + + vlans: + bond0.4: + id: 4 + link: bond0 + mtu: 1500 + addresses: + - 192.34.34.34/32 diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/talosctl-1.10.2/internal/app/machined/pkg/runtime/v1alpha1/platform/nocloud/testdata/in-v2-nocloud.yaml new/talosctl-1.10.3/internal/app/machined/pkg/runtime/v1alpha1/platform/nocloud/testdata/in-v2-nocloud.yaml --- old/talosctl-1.10.2/internal/app/machined/pkg/runtime/v1alpha1/platform/nocloud/testdata/in-v2-nocloud.yaml 1970-01-01 01:00:00.000000000 +0100 +++ new/talosctl-1.10.3/internal/app/machined/pkg/runtime/v1alpha1/platform/nocloud/testdata/in-v2-nocloud.yaml 2025-05-29 08:34:28.000000000 +0200 @@ -0,0 +1,69 @@ +version: 2 +ethernets: + eth0: + match: + macaddress: "00:20:6e:1f:f9:a8" + dhcp4: true + addresses: + - 192.168.14.2/24 + - 2001:1::1/64 + gateway4: 192.168.14.1 + gateway6: 2001:1::2 + nameservers: + search: [foo.local, bar.local] + addresses: [8.8.8.8] + eth1: + match: + macaddress: '00:20:6e:1f:f9:a9' + addresses: + - 10.22.14.2/32 + nameservers: + search: [ foo.local, bar.local ] + routes: + - to: "0.0.0.0/0" + via: "192.168.14.1" + metric: 100 + on-link: true + + ext1: + match: + macaddress: 68:05:ca:b8:f1:f8 + ext2: + match: + macaddress: 68:05:ca:b8:f1:f9 + +bonds: + bond0: + interfaces: + - ext1 + - ext2 + macaddress: e4:3d:1a:4d:6a:28 + mtu: 1500 + parameters: + mode: 802.3ad + mii-monitor-interval: 100 + down-delay: 200 + up-delay: 200 + lacp-rate: fast + transmit-hash-policy: layer3+4 + addresses: + - 10.10.4.140/29 + nameservers: + addresses: + - 1.1.1.1 + - 2.2.2.2 + routes: + - to: 10.0.0.0/8 + via: 10.10.4.147 + - to: 192.168.0.0/16 + via: 10.10.4.147 + - to: 188.42.208.0/21 + via: 10.10.4.147 + +vlans: + bond0.4: + id: 4 + link: bond0 + mtu: 1500 + addresses: + - 192.34.34.34/32 diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/talosctl-1.10.2/internal/app/machined/pkg/runtime/v1alpha1/platform/nocloud/testdata/in-v2-serverscom.yaml new/talosctl-1.10.3/internal/app/machined/pkg/runtime/v1alpha1/platform/nocloud/testdata/in-v2-serverscom.yaml --- old/talosctl-1.10.2/internal/app/machined/pkg/runtime/v1alpha1/platform/nocloud/testdata/in-v2-serverscom.yaml 1970-01-01 01:00:00.000000000 +0100 +++ new/talosctl-1.10.3/internal/app/machined/pkg/runtime/v1alpha1/platform/nocloud/testdata/in-v2-serverscom.yaml 2025-05-29 08:34:28.000000000 +0200 @@ -0,0 +1,49 @@ +version: 2 +bonds: + aggi: + interfaces: + - int0 + - int1 + addresses: + - 10.26.98.92/29 + parameters: + mode: 802.3ad + lacp-rate: slow + mii-monitor-interval: 100 + up-delay: 200 + down-delay: 200 + transmit-hash-policy: layer3+4 + routes: + - to: 10.0.0.0/8 + via: 10.26.98.91 + - to: 192.168.0.0/16 + via: 10.26.98.91 + - to: 188.42.208.0/21 + via: 10.26.98.91 + agge: + interfaces: + - ext0 + - ext1 + addresses: + - 188.42.48.188/29 + parameters: + mode: 802.3ad + lacp-rate: slow + mii-monitor-interval: 100 + up-delay: 200 + down-delay: 200 + transmit-hash-policy: layer3+4 + gateway4: 188.42.48.187 +ethernets: + int0: + match: + macaddress: 68:05:ca:b8:f1:f8 + int1: + match: + macaddress: 68:05:ca:b8:f1:f9 + ext0: + match: + macaddress: 3c:ec:EF:e0:45:28 + ext1: + match: + macaddress: 3c:EC:ef:e0:45:29 diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/talosctl-1.10.2/internal/app/machined/pkg/runtime/v1alpha1/platform/nocloud/testdata/metadata-nocloud.yaml new/talosctl-1.10.3/internal/app/machined/pkg/runtime/v1alpha1/platform/nocloud/testdata/metadata-nocloud.yaml --- old/talosctl-1.10.2/internal/app/machined/pkg/runtime/v1alpha1/platform/nocloud/testdata/metadata-nocloud.yaml 1970-01-01 01:00:00.000000000 +0100 +++ new/talosctl-1.10.3/internal/app/machined/pkg/runtime/v1alpha1/platform/nocloud/testdata/metadata-nocloud.yaml 2025-05-29 08:34:28.000000000 +0200 @@ -0,0 +1,2 @@ +instance-id: 80d6927ecb30c1707b12f38ed1211535930ff16e +local-hostname: talos-worker-3 diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/talosctl-1.10.2/internal/app/machined/pkg/runtime/v1alpha1/platform/nocloud/testdata/metadata-v1-pnap.yaml new/talosctl-1.10.3/internal/app/machined/pkg/runtime/v1alpha1/platform/nocloud/testdata/metadata-v1-pnap.yaml --- old/talosctl-1.10.2/internal/app/machined/pkg/runtime/v1alpha1/platform/nocloud/testdata/metadata-v1-pnap.yaml 2025-05-16 16:04:24.000000000 +0200 +++ new/talosctl-1.10.3/internal/app/machined/pkg/runtime/v1alpha1/platform/nocloud/testdata/metadata-v1-pnap.yaml 1970-01-01 01:00:00.000000000 +0100 @@ -1,53 +0,0 @@ -version: 1 -config: - -- type: physical - name: eno1np0 - mac_address: "3c:ec:ef:e0:45:28" - mtu: 9000 - -- type: physical - name: eno2np1 - mac_address: "3c:ec:ef:e0:45:29" - mtu: 9000 - -- type: bond - name: bond0 - mac_address: "3c:ec:ef:e0:45:28" - mtu: 9000 - bond_interfaces: - - eno1np0 - - eno2np1 - params: - bond-lacp-rate: fast - bond-miimon: 100 - bond-mode: 802.3ad - bond-xmit-hash-policy: layer3+4 - up-delay: 0 - down-delay: 0 - -# public frontend MERGED_FRONTEND vlan 2 -- type: vlan - name: bond0.2 - mtu: 9000 - vlan_id: 2 - vlan_link: bond0 - subnets: - - address: 1.2.3.4/29 - gateway: 1.2.3.5 - type: static - -# private backend vlan 4 -- type: vlan - mtu: 9000 - name: bond0.4 - vlan_id: 4 - vlan_link: bond0 - subnets: - - type: static - address: 10.0.0.11/24 - -- type: nameserver - address: - - 8.8.8.8 - - 8.8.4.4 diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/talosctl-1.10.2/internal/app/machined/pkg/runtime/v1alpha1/platform/nocloud/testdata/metadata-v1.yaml new/talosctl-1.10.3/internal/app/machined/pkg/runtime/v1alpha1/platform/nocloud/testdata/metadata-v1.yaml --- old/talosctl-1.10.2/internal/app/machined/pkg/runtime/v1alpha1/platform/nocloud/testdata/metadata-v1.yaml 2025-05-16 16:04:24.000000000 +0200 +++ new/talosctl-1.10.3/internal/app/machined/pkg/runtime/v1alpha1/platform/nocloud/testdata/metadata-v1.yaml 1970-01-01 01:00:00.000000000 +0100 @@ -1,29 +0,0 @@ -version: 1 -config: - - type: physical - name: eth0 - mac_address: '68:05:ca:b8:f1:f7' - subnets: - - type: static - address: '192.168.1.11' - netmask: '255.255.255.0' - gateway: '192.168.1.1' - - type: static6 - address: '2001:2:3:4:5:6:7:f7/64' - gateway: 'fe80::1' - - type: physical - name: eth1 - mac_address: '68:05:ca:b8:f1:f9' - subnets: - - type: static - address: '192.168.2.11' - netmask: '255.255.255.0' - gateway: '192.168.2.1' - - type: static6 - address: '2001:2:3:4:5:6:7:f9/64' - gateway: 'fe80::2' - - type: nameserver - address: - - '192.168.1.1' - search: - - 'lan' diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/talosctl-1.10.2/internal/app/machined/pkg/runtime/v1alpha1/platform/nocloud/testdata/metadata-v2-cloud-init.yaml new/talosctl-1.10.3/internal/app/machined/pkg/runtime/v1alpha1/platform/nocloud/testdata/metadata-v2-cloud-init.yaml --- old/talosctl-1.10.2/internal/app/machined/pkg/runtime/v1alpha1/platform/nocloud/testdata/metadata-v2-cloud-init.yaml 2025-05-16 16:04:24.000000000 +0200 +++ new/talosctl-1.10.3/internal/app/machined/pkg/runtime/v1alpha1/platform/nocloud/testdata/metadata-v2-cloud-init.yaml 1970-01-01 01:00:00.000000000 +0100 @@ -1,70 +0,0 @@ -network: - version: 2 - ethernets: - eth0: - match: - macaddress: "00:20:6e:1f:f9:a8" - dhcp4: true - addresses: - - 192.168.14.2/24 - - 2001:1::1/64 - gateway4: 192.168.14.1 - gateway6: 2001:1::2 - nameservers: - search: [foo.local, bar.local] - addresses: [8.8.8.8] - eth1: - match: - macaddress: '00:20:6e:1f:f9:a9' - addresses: - - 10.22.14.2/32 - nameservers: - search: [ foo.local, bar.local ] - routes: - - to: "0.0.0.0/0" - via: "192.168.14.1" - metric: 100 - on-link: true - - ext1: - match: - macaddress: 68:05:ca:b8:f1:f8 - ext2: - match: - macaddress: 68:05:ca:b8:f1:f9 - - bonds: - bond0: - interfaces: - - ext1 - - ext2 - macaddress: e4:3d:1a:4d:6a:28 - mtu: 1500 - parameters: - mode: 802.3ad - mii-monitor-interval: 100 - down-delay: 200 - up-delay: 200 - lacp-rate: fast - transmit-hash-policy: layer3+4 - addresses: - - 10.10.4.140/29 - nameservers: - addresses: - - 1.1.1.1 - - 2.2.2.2 - routes: - - to: 10.0.0.0/8 - via: 10.10.4.147 - - to: 192.168.0.0/16 - via: 10.10.4.147 - - to: 188.42.208.0/21 - via: 10.10.4.147 - - vlans: - bond0.4: - id: 4 - link: bond0 - mtu: 1500 - addresses: - - 192.34.34.34/32 diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/talosctl-1.10.2/internal/app/machined/pkg/runtime/v1alpha1/platform/nocloud/testdata/metadata-v2-nocloud.yaml new/talosctl-1.10.3/internal/app/machined/pkg/runtime/v1alpha1/platform/nocloud/testdata/metadata-v2-nocloud.yaml --- old/talosctl-1.10.2/internal/app/machined/pkg/runtime/v1alpha1/platform/nocloud/testdata/metadata-v2-nocloud.yaml 2025-05-16 16:04:24.000000000 +0200 +++ new/talosctl-1.10.3/internal/app/machined/pkg/runtime/v1alpha1/platform/nocloud/testdata/metadata-v2-nocloud.yaml 1970-01-01 01:00:00.000000000 +0100 @@ -1,69 +0,0 @@ -version: 2 -ethernets: - eth0: - match: - macaddress: "00:20:6e:1f:f9:a8" - dhcp4: true - addresses: - - 192.168.14.2/24 - - 2001:1::1/64 - gateway4: 192.168.14.1 - gateway6: 2001:1::2 - nameservers: - search: [foo.local, bar.local] - addresses: [8.8.8.8] - eth1: - match: - macaddress: '00:20:6e:1f:f9:a9' - addresses: - - 10.22.14.2/32 - nameservers: - search: [ foo.local, bar.local ] - routes: - - to: "0.0.0.0/0" - via: "192.168.14.1" - metric: 100 - on-link: true - - ext1: - match: - macaddress: 68:05:ca:b8:f1:f8 - ext2: - match: - macaddress: 68:05:ca:b8:f1:f9 - -bonds: - bond0: - interfaces: - - ext1 - - ext2 - macaddress: e4:3d:1a:4d:6a:28 - mtu: 1500 - parameters: - mode: 802.3ad - mii-monitor-interval: 100 - down-delay: 200 - up-delay: 200 - lacp-rate: fast - transmit-hash-policy: layer3+4 - addresses: - - 10.10.4.140/29 - nameservers: - addresses: - - 1.1.1.1 - - 2.2.2.2 - routes: - - to: 10.0.0.0/8 - via: 10.10.4.147 - - to: 192.168.0.0/16 - via: 10.10.4.147 - - to: 188.42.208.0/21 - via: 10.10.4.147 - -vlans: - bond0.4: - id: 4 - link: bond0 - mtu: 1500 - addresses: - - 192.34.34.34/32 diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/talosctl-1.10.2/internal/app/machined/pkg/runtime/v1alpha1/platform/nocloud/testdata/metadata-v2-serverscom.yaml new/talosctl-1.10.3/internal/app/machined/pkg/runtime/v1alpha1/platform/nocloud/testdata/metadata-v2-serverscom.yaml --- old/talosctl-1.10.2/internal/app/machined/pkg/runtime/v1alpha1/platform/nocloud/testdata/metadata-v2-serverscom.yaml 2025-05-16 16:04:24.000000000 +0200 +++ new/talosctl-1.10.3/internal/app/machined/pkg/runtime/v1alpha1/platform/nocloud/testdata/metadata-v2-serverscom.yaml 1970-01-01 01:00:00.000000000 +0100 @@ -1,49 +0,0 @@ -version: 2 -bonds: - aggi: - interfaces: - - int0 - - int1 - addresses: - - 10.26.98.92/29 - parameters: - mode: 802.3ad - lacp-rate: slow - mii-monitor-interval: 100 - up-delay: 200 - down-delay: 200 - transmit-hash-policy: layer3+4 - routes: - - to: 10.0.0.0/8 - via: 10.26.98.91 - - to: 192.168.0.0/16 - via: 10.26.98.91 - - to: 188.42.208.0/21 - via: 10.26.98.91 - agge: - interfaces: - - ext0 - - ext1 - addresses: - - 188.42.48.188/29 - parameters: - mode: 802.3ad - lacp-rate: slow - mii-monitor-interval: 100 - up-delay: 200 - down-delay: 200 - transmit-hash-policy: layer3+4 - gateway4: 188.42.48.187 -ethernets: - int0: - match: - macaddress: 68:05:ca:b8:f1:f8 - int1: - match: - macaddress: 68:05:ca:b8:f1:f9 - ext0: - match: - macaddress: 3c:ec:EF:e0:45:28 - ext1: - match: - macaddress: 3c:EC:ef:e0:45:29 diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/talosctl-1.10.2/internal/integration/api/apid.go new/talosctl-1.10.3/internal/integration/api/apid.go --- old/talosctl-1.10.2/internal/integration/api/apid.go 2025-05-16 16:04:24.000000000 +0200 +++ new/talosctl-1.10.3/internal/integration/api/apid.go 2025-05-29 08:34:28.000000000 +0200 @@ -7,15 +7,22 @@ package api import ( + "bytes" "context" + "slices" + "testing" "time" "github.com/cosi-project/runtime/pkg/safe" + "github.com/dustin/go-humanize" "google.golang.org/grpc/codes" "github.com/siderolabs/talos/internal/integration/base" + machineapi "github.com/siderolabs/talos/pkg/machinery/api/machine" "github.com/siderolabs/talos/pkg/machinery/client" "github.com/siderolabs/talos/pkg/machinery/config/machine" + "github.com/siderolabs/talos/pkg/machinery/constants" + "github.com/siderolabs/talos/pkg/machinery/resources/config" "github.com/siderolabs/talos/pkg/machinery/resources/network" ) @@ -35,15 +42,7 @@ // SetupTest ... func (suite *ApidSuite) SetupTest() { // make sure API calls have timeout - suite.ctx, suite.ctxCancel = context.WithTimeout(context.Background(), 15*time.Second) - - if suite.Cluster == nil { - suite.T().Skip("information about routable endpoints is not available") - } - - if suite.APISuite.Endpoint != "" { - suite.T().Skip("test skipped as custom endpoint is set") - } + suite.ctx, suite.ctxCancel = context.WithTimeout(context.Background(), time.Minute) } // TearDownTest ... @@ -55,6 +54,14 @@ // TestControlPlaneRouting verify access to all nodes via each control plane node as an endpoints. func (suite *ApidSuite) TestControlPlaneRouting() { + if suite.Cluster == nil { + suite.T().Skip("information about routable endpoints is not available") + } + + if suite.APISuite.Endpoint != "" { + suite.T().Skip("test skipped as custom endpoint is set") + } + endpoints := suite.DiscoverNodeInternalIPsByType(suite.ctx, machine.TypeControlPlane) nodes := suite.DiscoverNodeInternalIPs(suite.ctx) @@ -97,6 +104,14 @@ // TestWorkerNoRouting verifies that worker nodes perform no routing. func (suite *ApidSuite) TestWorkerNoRouting() { + if suite.Cluster == nil { + suite.T().Skip("information about routable endpoints is not available") + } + + if suite.APISuite.Endpoint != "" { + suite.T().Skip("test skipped as custom endpoint is set") + } + endpoints := suite.DiscoverNodeInternalIPsByType(suite.ctx, machine.TypeWorker) nodes := suite.DiscoverNodeInternalIPs(suite.ctx) @@ -155,6 +170,68 @@ } } +// TestBigPayload verifies that big payloads are handled correctly. +func (suite *ApidSuite) TestBigPayload() { + if testing.Short() { + suite.T().Skip("skipping test in short mode") + } + + node := suite.RandomDiscoveredNodeInternalIP(machine.TypeWorker) + nodeCtx := client.WithNode(suite.ctx, node) + + suite.T().Logf("testing big payload on node %s", node) + + // we are going to simulate a big payload by making machine configuration big enough + cfg, err := safe.StateGetByID[*config.MachineConfig](nodeCtx, suite.Client.COSI, config.ActiveID) + suite.Require().NoError(err) + + originalCfg, err := cfg.Container().Bytes() + suite.Require().NoError(err) + + // the config is encoded twice in the resource gRPC message, so ensure that we can get to the one third of the size + const targetConfigSize = constants.GRPCMaxMessageSize / 3 + + suite.T().Logf("original config size: %d (%s), target size is %d (%s)", + len(originalCfg), humanize.Bytes(uint64(len(originalCfg))), targetConfigSize, humanize.Bytes(uint64(targetConfigSize)), + ) + + bytesToAdd := targetConfigSize - len(originalCfg) + if bytesToAdd <= 0 { + suite.T().Skip("configuration is already big enough") + } + + const commentLine = "# this is a comment line added to make the config bigger and bigger and bigger and bigger all the way\n" + + newConfig := slices.Concat(originalCfg, bytes.Repeat([]byte(commentLine), bytesToAdd/len(commentLine)+1)) + + suite.Assert().Greater(len(newConfig), targetConfigSize) + + _, err = suite.Client.ApplyConfiguration(nodeCtx, &machineapi.ApplyConfigurationRequest{ + Data: newConfig, + Mode: machineapi.ApplyConfigurationRequest_NO_REBOOT, + }) + suite.Require().NoError(err) + + // now get the machine configuration back several times + for range 5 { + cfg, err = safe.StateGetByID[*config.MachineConfig](nodeCtx, suite.Client.COSI, config.ActiveID) + suite.Require().NoError(err) + + // check that the configuration is the same + newCfg, err := cfg.Container().Bytes() + suite.Require().NoError(err) + + suite.Assert().Equal(newConfig, newCfg) + } + + // revert the configuration + _, err = suite.Client.ApplyConfiguration(nodeCtx, &machineapi.ApplyConfigurationRequest{ + Data: originalCfg, + Mode: machineapi.ApplyConfigurationRequest_NO_REBOOT, + }) + suite.Require().NoError(err) +} + func init() { allSuites = append(allSuites, new(ApidSuite)) } diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/talosctl-1.10.2/pkg/imager/iso/uefi.go new/talosctl-1.10.3/pkg/imager/iso/uefi.go --- old/talosctl-1.10.2/pkg/imager/iso/uefi.go 2025-05-16 16:04:24.000000000 +0200 +++ new/talosctl-1.10.3/pkg/imager/iso/uefi.go 2025-05-29 08:34:28.000000000 +0200 @@ -171,6 +171,11 @@ } } + // fixup directory timestamps recursively + if err := utils.TouchFiles(printf, options.ScratchDir); err != nil { + return nil, err + } + if _, err := cmd.Run( "mcopy", "-s", // recursive @@ -186,11 +191,6 @@ return nil, err } - // fixup directory timestamps recursively - if err := utils.TouchFiles(printf, options.ScratchDir); err != nil { - return nil, err - } - printf("creating ISO image") return &ExecutorOptions{ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/talosctl-1.10.2/pkg/machinery/constants/constants.go new/talosctl-1.10.3/pkg/machinery/constants/constants.go --- old/talosctl-1.10.2/pkg/machinery/constants/constants.go 2025-05-16 16:04:24.000000000 +0200 +++ new/talosctl-1.10.3/pkg/machinery/constants/constants.go 2025-05-29 08:34:28.000000000 +0200 @@ -14,7 +14,7 @@ const ( // DefaultKernelVersion is the default Linux kernel version. - DefaultKernelVersion = "6.12.27-talos" + DefaultKernelVersion = "6.12.28-talos" // KernelParamConfig is the kernel parameter name for specifying the URL. // to the config. @@ -389,7 +389,7 @@ // DefaultKubernetesVersion is the default target version of the control plane. // renovate: datasource=github-releases depName=kubernetes/kubernetes - DefaultKubernetesVersion = "1.33.0" + DefaultKubernetesVersion = "1.33.1" // SupportedKubernetesVersions is the number of Kubernetes versions supported by Talos starting from DefaultKubernesVersion going backwards. SupportedKubernetesVersions = 6 @@ -796,7 +796,7 @@ CgroupApidReservedMemory = 16 * 1024 * 1024 // CgroupApidMaxMemory is the hard memory limit for the apid process. - CgroupApidMaxMemory = 40 * 1024 * 1024 + CgroupApidMaxMemory = 128 * 1024 * 1024 // CgroupApidMillicores is the CPU weight for the apid process. CgroupApidMillicores = 500 diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/talosctl-1.10.2/pkg/machinery/gendata/data/pkgs new/talosctl-1.10.3/pkg/machinery/gendata/data/pkgs --- old/talosctl-1.10.2/pkg/machinery/gendata/data/pkgs 2025-05-16 16:04:24.000000000 +0200 +++ new/talosctl-1.10.3/pkg/machinery/gendata/data/pkgs 2025-05-29 08:34:28.000000000 +0200 @@ -1 +1 @@ -v1.10.0-12-gb425b44 \ No newline at end of file +v1.10.0-16-g39b9c9f \ No newline at end of file diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/talosctl-1.10.2/pkg/machinery/gendata/data/tag new/talosctl-1.10.3/pkg/machinery/gendata/data/tag --- old/talosctl-1.10.2/pkg/machinery/gendata/data/tag 2025-05-16 16:04:24.000000000 +0200 +++ new/talosctl-1.10.3/pkg/machinery/gendata/data/tag 2025-05-29 08:34:28.000000000 +0200 @@ -1 +1 @@ -v1.10.2 \ No newline at end of file +v1.10.3 \ No newline at end of file diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/talosctl-1.10.2/pkg/machinery/go.mod new/talosctl-1.10.3/pkg/machinery/go.mod --- old/talosctl-1.10.2/pkg/machinery/go.mod 2025-05-16 16:04:24.000000000 +0200 +++ new/talosctl-1.10.3/pkg/machinery/go.mod 2025-05-29 08:34:28.000000000 +0200 @@ -29,7 +29,7 @@ github.com/planetscale/vtprotobuf v0.6.1-0.20241121165744-79df5c4772f2 github.com/ryanuber/go-glob v1.0.0 github.com/santhosh-tekuri/jsonschema/v5 v5.3.1 - github.com/siderolabs/crypto v0.5.1 + github.com/siderolabs/crypto v0.6.0 github.com/siderolabs/gen v0.8.0 github.com/siderolabs/go-api-signature v0.3.6 github.com/siderolabs/go-pointer v1.0.1 diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/talosctl-1.10.2/pkg/machinery/go.sum new/talosctl-1.10.3/pkg/machinery/go.sum --- old/talosctl-1.10.2/pkg/machinery/go.sum 2025-05-16 16:04:24.000000000 +0200 +++ new/talosctl-1.10.3/pkg/machinery/go.sum 2025-05-29 08:34:28.000000000 +0200 @@ -109,8 +109,8 @@ github.com/santhosh-tekuri/jsonschema/v5 v5.3.1/go.mod h1:uToXkOrWAZ6/Oc07xWQrPOhJotwFIyu2bBVN41fcDUY= github.com/sasha-s/go-deadlock v0.3.5 h1:tNCOEEDG6tBqrNDOX35j/7hL5FcFViG6awUGROb2NsU= github.com/sasha-s/go-deadlock v0.3.5/go.mod h1:bugP6EGbdGYObIlx7pUZtWqlvo8k9H6vCBBsiChJQ5U= -github.com/siderolabs/crypto v0.5.1 h1:aZEUTZBoP8rH+0TqQAlUgazriPh89MrXf4R+th+m6ps= -github.com/siderolabs/crypto v0.5.1/go.mod h1:7RHC7eUKBx6RLS2lDaNXrQ83zY9iPH/aQSTxk1I4/j4= +github.com/siderolabs/crypto v0.6.0 h1:s33hNOneGhlxCI3fLKj2hgopeJkeRO7UYo3KL0HNVu4= +github.com/siderolabs/crypto v0.6.0/go.mod h1:7RHC7eUKBx6RLS2lDaNXrQ83zY9iPH/aQSTxk1I4/j4= github.com/siderolabs/ethtool v0.4.0-sidero h1:Ls/M4bFUjfcB1RDVviPZlL3kWcXaEVVSbKke+EZ2A9U= github.com/siderolabs/ethtool v0.4.0-sidero/go.mod h1:nOIR88fiFTdBfakYLEUAhxdy75Ih/fgnSlsSKAHRpfc= github.com/siderolabs/gen v0.8.0 h1:Pj93+hexkk5hQ7izjJ6YXnEWc8vlzOmDwFz13/VzS7o= diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/talosctl-1.10.2/pkg/machinery/version/os-release new/talosctl-1.10.3/pkg/machinery/version/os-release --- old/talosctl-1.10.2/pkg/machinery/version/os-release 2025-05-16 16:04:24.000000000 +0200 +++ new/talosctl-1.10.3/pkg/machinery/version/os-release 2025-05-29 08:34:28.000000000 +0200 @@ -1,7 +1,7 @@ NAME="Talos" ID=talos -VERSION_ID=v1.10.2 -PRETTY_NAME="Talos (v1.10.2)" +VERSION_ID=v1.10.3 +PRETTY_NAME="Talos (v1.10.3)" HOME_URL="https://www.talos.dev/"; BUG_REPORT_URL="https://github.com/siderolabs/talos/issues"; VENDOR_NAME="Sidero Labs" diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/talosctl-1.10.2/pkg/makefs/xfs_test.go new/talosctl-1.10.3/pkg/makefs/xfs_test.go --- old/talosctl-1.10.2/pkg/makefs/xfs_test.go 2025-05-16 16:04:24.000000000 +0200 +++ new/talosctl-1.10.3/pkg/makefs/xfs_test.go 2025-05-29 08:34:28.000000000 +0200 @@ -104,7 +104,7 @@ var stdout bytes.Buffer - cmd := exec.Command("xfs_info", tempFile) + cmd := exec.Command("xfs_db", "-p", "xfs_info", "-c", "info", tempFile) cmd.Stdout = &stdout require.NoError(t, cmd.Run()) diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/talosctl-1.10.2/website/content/v1.10/reference/cli.md new/talosctl-1.10.3/website/content/v1.10/reference/cli.md --- old/talosctl-1.10.2/website/content/v1.10/reference/cli.md 2025-05-16 16:04:24.000000000 +0200 +++ new/talosctl-1.10.3/website/content/v1.10/reference/cli.md 2025-05-29 08:34:28.000000000 +0200 @@ -144,7 +144,7 @@ --bad-rtc launch VM with bad RTC state (QEMU only) --cidr string CIDR of the cluster network (IPv4, ULA network for IPv6 is derived in automated way) (default "10.5.0.0/24") --cni-bin-path strings search path for CNI binaries (VM only) (default [/home/user/.talos/cni/bin]) - --cni-bundle-url string URL to download CNI bundle from (VM only) (default "https://github.com/siderolabs/talos/releases/download/v1.10.2/talosctl-cni-bundle-${ARCH}.tar.gz";) + --cni-bundle-url string URL to download CNI bundle from (VM only) (default "https://github.com/siderolabs/talos/releases/download/v1.10.3/talosctl-cni-bundle-${ARCH}.tar.gz";) --cni-cache-dir string CNI cache directory path (VM only) (default "/home/user/.talos/cni/cache") --cni-conf-dir string CNI config directory path (VM only) (default "/home/user/.talos/cni/conf.d") --config-injection-method string a method to inject machine config: default is HTTP server, 'metal-iso' to mount an ISO (QEMU only) @@ -186,7 +186,7 @@ --ipxe-boot-script string iPXE boot script (URL) to use --iso-path string the ISO path to use for the initial boot (VM only) --kubeprism-port int KubePrism port (set to 0 to disable) (default 7445) - --kubernetes-version string desired kubernetes version to run (default "1.33.0") + --kubernetes-version string desired kubernetes version to run (default "1.33.1") --memory int the limit on memory usage in MB (each control plane/VM) (default 2048) --memory-workers int the limit on memory usage in MB (each worker/VM) (default 2048) --mount mount attach a mount to the container (Docker only) @@ -1364,7 +1364,7 @@ -h, --help help for config --install-disk string the disk to install to (default "/dev/sda") --install-image string the image used to perform an installation (default "ghcr.io/siderolabs/installer:latest") - --kubernetes-version string desired kubernetes version to run (default "1.33.0") + --kubernetes-version string desired kubernetes version to run (default "1.33.1") -o, --output string destination to output generated files. when multiple output types are specified, it must be a directory. for a single output type, it must either be a file path, or "-" for stdout -t, --output-types strings types of outputs to be generated. valid types are: ["controlplane" "worker" "talosconfig"] (default [controlplane,worker,talosconfig]) -p, --persist the desired persist value for configs (default true) @@ -1797,7 +1797,7 @@ ### Examples ``` -talosctl images cache-create --images=ghcr.io/siderolabs/kubelet:v1.33.0 --image-cache-path=/tmp/talos-image-cache +talosctl images cache-create --images=ghcr.io/siderolabs/kubelet:v1.33.1 --image-cache-path=/tmp/talos-image-cache Alternatively, stdin can be piped to the command: talosctl images default | talosctl images cache-create --image-cache-path=/tmp/talos-image-cache --images=- @@ -2982,7 +2982,7 @@ --debug debug operation from kernel logs. --wait is set to true when this flag is set -f, --force force the upgrade (skip checks on etcd health and members, might lead to data loss) -h, --help help for upgrade - -i, --image string the container image to use for performing the install (default "ghcr.io/siderolabs/installer:v1.10.2") + -i, --image string the container image to use for performing the install (default "ghcr.io/siderolabs/installer:v1.10.3") --insecure upgrade using the insecure (encrypted with no auth) maintenance service -m, --reboot-mode string select the reboot mode during upgrade. Mode "powercycle" bypasses kexec. Valid values are: ["default" "powercycle"]. (default "default") -s, --stage stage the upgrade to perform it after a reboot @@ -3029,7 +3029,7 @@ --pre-pull-images pre-pull images before upgrade (default true) --proxy-image string kube-proxy image to use (default "registry.k8s.io/kube-proxy") --scheduler-image string kube-scheduler image to use (default "registry.k8s.io/kube-scheduler") - --to string the Kubernetes control plane version to upgrade to (default "1.33.0") + --to string the Kubernetes control plane version to upgrade to (default "1.33.1") --upgrade-kubelet upgrade kubelet service (default true) --with-docs patch all machine configs adding the documentation for each field (default true) --with-examples patch all machine configs with the commented examples (default true) diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/talosctl-1.10.2/website/content/v1.10/reference/configuration/v1alpha1/config.md new/talosctl-1.10.3/website/content/v1.10/reference/configuration/v1alpha1/config.md --- old/talosctl-1.10.2/website/content/v1.10/reference/configuration/v1alpha1/config.md 2025-05-16 16:04:24.000000000 +0200 +++ new/talosctl-1.10.3/website/content/v1.10/reference/configuration/v1alpha1/config.md 2025-05-29 08:34:28.000000000 +0200 @@ -86,7 +86,7 @@ {{< /highlight >}}</details> | | |`kubelet` |<a href="#Config.machine.kubelet">KubeletConfig</a> |Used to provide additional options to the kubelet. <details><summary>Show example(s)</summary>{{< highlight yaml >}} kubelet: - image: ghcr.io/siderolabs/kubelet:v1.33.0 # The `image` field is an optional reference to an alternative kubelet image. + image: ghcr.io/siderolabs/kubelet:v1.33.1 # The `image` field is an optional reference to an alternative kubelet image. # The `extraArgs` field is used to provide additional flags to the kubelet. extraArgs: feature-gates: ServerSideApply=true @@ -497,7 +497,7 @@ {{< highlight yaml >}} machine: kubelet: - image: ghcr.io/siderolabs/kubelet:v1.33.0 # The `image` field is an optional reference to an alternative kubelet image. + image: ghcr.io/siderolabs/kubelet:v1.33.1 # The `image` field is an optional reference to an alternative kubelet image. # The `extraArgs` field is used to provide additional flags to the kubelet. extraArgs: feature-gates: ServerSideApply=true @@ -550,7 +550,7 @@ | Field | Type | Description | Value(s) | |-------|------|-------------|----------| |`image` |string |The `image` field is an optional reference to an alternative kubelet image. <details><summary>Show example(s)</summary>{{< highlight yaml >}} -image: ghcr.io/siderolabs/kubelet:v1.33.0 +image: ghcr.io/siderolabs/kubelet:v1.33.1 {{< /highlight >}}</details> | | |`clusterDNS` |[]string |The `ClusterDNS` field is an optional reference to an alternative kubelet clusterDNS ip list. <details><summary>Show example(s)</summary>{{< highlight yaml >}} clusterDNS: @@ -2889,7 +2889,7 @@ {{< /highlight >}}</details> | | |`apiServer` |<a href="#Config.cluster.apiServer">APIServerConfig</a> |API server specific configuration options. <details><summary>Show example(s)</summary>{{< highlight yaml >}} apiServer: - image: registry.k8s.io/kube-apiserver:v1.33.0 # The container image used in the API server manifest. + image: registry.k8s.io/kube-apiserver:v1.33.1 # The container image used in the API server manifest. # Extra arguments to supply to the API server. extraArgs: feature-gates: ServerSideApply=true @@ -2954,14 +2954,14 @@ {{< /highlight >}}</details> | | |`controllerManager` |<a href="#Config.cluster.controllerManager">ControllerManagerConfig</a> |Controller manager server specific configuration options. <details><summary>Show example(s)</summary>{{< highlight yaml >}} controllerManager: - image: registry.k8s.io/kube-controller-manager:v1.33.0 # The container image used in the controller manager manifest. + image: registry.k8s.io/kube-controller-manager:v1.33.1 # The container image used in the controller manager manifest. # Extra arguments to supply to the controller manager. extraArgs: feature-gates: ServerSideApply=true {{< /highlight >}}</details> | | |`proxy` |<a href="#Config.cluster.proxy">ProxyConfig</a> |Kube-proxy server-specific configuration options <details><summary>Show example(s)</summary>{{< highlight yaml >}} proxy: - image: registry.k8s.io/kube-proxy:v1.33.0 # The container image used in the kube-proxy manifest. + image: registry.k8s.io/kube-proxy:v1.33.1 # The container image used in the kube-proxy manifest. mode: ipvs # proxy mode of kube-proxy. # Extra arguments to supply to kube-proxy. extraArgs: @@ -2972,7 +2972,7 @@ {{< /highlight >}}</details> | | |`scheduler` |<a href="#Config.cluster.scheduler">SchedulerConfig</a> |Scheduler server specific configuration options. <details><summary>Show example(s)</summary>{{< highlight yaml >}} scheduler: - image: registry.k8s.io/kube-scheduler:v1.33.0 # The container image used in the scheduler manifest. + image: registry.k8s.io/kube-scheduler:v1.33.1 # The container image used in the scheduler manifest. # Extra arguments to supply to the scheduler. extraArgs: feature-gates: AllBeta=true @@ -3216,7 +3216,7 @@ {{< highlight yaml >}} cluster: apiServer: - image: registry.k8s.io/kube-apiserver:v1.33.0 # The container image used in the API server manifest. + image: registry.k8s.io/kube-apiserver:v1.33.1 # The container image used in the API server manifest. # Extra arguments to supply to the API server. extraArgs: feature-gates: ServerSideApply=true @@ -3284,7 +3284,7 @@ | Field | Type | Description | Value(s) | |-------|------|-------------|----------| |`image` |string |The container image used in the API server manifest. <details><summary>Show example(s)</summary>{{< highlight yaml >}} -image: registry.k8s.io/kube-apiserver:v1.33.0 +image: registry.k8s.io/kube-apiserver:v1.33.1 {{< /highlight >}}</details> | | |`extraArgs` |map[string]string |Extra arguments to supply to the API server. | | |`extraVolumes` |<a href="#Config.cluster.apiServer.extraVolumes.">[]VolumeMountConfig</a> |Extra volumes to mount to the API server static pod. | | @@ -3496,7 +3496,7 @@ {{< highlight yaml >}} cluster: controllerManager: - image: registry.k8s.io/kube-controller-manager:v1.33.0 # The container image used in the controller manager manifest. + image: registry.k8s.io/kube-controller-manager:v1.33.1 # The container image used in the controller manager manifest. # Extra arguments to supply to the controller manager. extraArgs: feature-gates: ServerSideApply=true @@ -3506,7 +3506,7 @@ | Field | Type | Description | Value(s) | |-------|------|-------------|----------| |`image` |string |The container image used in the controller manager manifest. <details><summary>Show example(s)</summary>{{< highlight yaml >}} -image: registry.k8s.io/kube-controller-manager:v1.33.0 +image: registry.k8s.io/kube-controller-manager:v1.33.1 {{< /highlight >}}</details> | | |`extraArgs` |map[string]string |Extra arguments to supply to the controller manager. | | |`extraVolumes` |<a href="#Config.cluster.controllerManager.extraVolumes.">[]VolumeMountConfig</a> |Extra volumes to mount to the controller manager static pod. | | @@ -3576,7 +3576,7 @@ {{< highlight yaml >}} cluster: proxy: - image: registry.k8s.io/kube-proxy:v1.33.0 # The container image used in the kube-proxy manifest. + image: registry.k8s.io/kube-proxy:v1.33.1 # The container image used in the kube-proxy manifest. mode: ipvs # proxy mode of kube-proxy. # Extra arguments to supply to kube-proxy. extraArgs: @@ -3593,7 +3593,7 @@ disabled: false {{< /highlight >}}</details> | | |`image` |string |The container image used in the kube-proxy manifest. <details><summary>Show example(s)</summary>{{< highlight yaml >}} -image: registry.k8s.io/kube-proxy:v1.33.0 +image: registry.k8s.io/kube-proxy:v1.33.1 {{< /highlight >}}</details> | | |`mode` |string |<details><summary>proxy mode of kube-proxy.</summary>The default is 'iptables'.</details> | | |`extraArgs` |map[string]string |Extra arguments to supply to kube-proxy. | | @@ -3612,7 +3612,7 @@ {{< highlight yaml >}} cluster: scheduler: - image: registry.k8s.io/kube-scheduler:v1.33.0 # The container image used in the scheduler manifest. + image: registry.k8s.io/kube-scheduler:v1.33.1 # The container image used in the scheduler manifest. # Extra arguments to supply to the scheduler. extraArgs: feature-gates: AllBeta=true @@ -3622,7 +3622,7 @@ | Field | Type | Description | Value(s) | |-------|------|-------------|----------| |`image` |string |The container image used in the scheduler manifest. <details><summary>Show example(s)</summary>{{< highlight yaml >}} -image: registry.k8s.io/kube-scheduler:v1.33.0 +image: registry.k8s.io/kube-scheduler:v1.33.1 {{< /highlight >}}</details> | | |`extraArgs` |map[string]string |Extra arguments to supply to the scheduler. | | |`extraVolumes` |<a href="#Config.cluster.scheduler.extraVolumes.">[]VolumeMountConfig</a> |Extra volumes to mount to the scheduler static pod. | | ++++++ talosctl.obsinfo ++++++ --- /var/tmp/diff_new_pack.m4d7kt/_old 2025-05-31 19:18:19.126365176 +0200 +++ /var/tmp/diff_new_pack.m4d7kt/_new 2025-05-31 19:18:19.130365345 +0200 @@ -1,5 +1,5 @@ name: talosctl -version: 1.10.2 -mtime: 1747404264 -commit: 1cf5914b6e9c7ff9ffd1576602e6beafcffc147b +version: 1.10.3 +mtime: 1748500468 +commit: dde2cebce8e0eb690e8d272d49f1543065e3d889 ++++++ vendor.tar.gz ++++++ /work/SRC/openSUSE:Factory/talosctl/vendor.tar.gz /work/SRC/openSUSE:Factory/.talosctl.new.16005/vendor.tar.gz differ: char 117, line 1
