Skip to content

chore(deps): update dependency siderolabs/talos to v1.9.0

Botaniker (Bot) requested to merge renovate/siderolabs-talos-1.x into main

This MR contains the following updates:

Package Update Change OpenSSF
siderolabs/talos minor v1.7.7 -> v1.9.0 OpenSSF Scorecard

Release Notes

siderolabs/talos (siderolabs/talos)

v1.9.0

Compare Source

44 commits

  • af5d6b8c4 fix: show SELinux labels on pseudo-fs
  • f46922fa9 chore: fix dockerfile warnings
  • a13f82c59 feat: udev: label device nodes
  • e899fb37f feat: label created files in /etc
  • 5f68c17ed feat: implement image cache configuration
  • 0ffb2187a feat: registry proxy
  • 77cf84fb5 feat: support generating iso with imagecache
  • 5de6275b8 chore: image cache generator improvements
  • 1a8cc5f8b feat: add SELinux labels to volumes
  • 61b9129e0 fix: add directory entries and filemode to tarball
  • 4caeae21e refactor: optimize flags and SetLabel
  • 6074a870a feat: add e2fsprogs to talos rootfs
  • 7ffcf5b93 docs: update getting started
  • c4c1a0d7c fix: make vmware platform common code build on all arches
  • cc768037f feat: implement block device wipe
  • 6fb518ae5 fix: don't activate LVM volumes in agent mode
  • 0e3ed3072 fix: no longer leak Close reader
  • 4dc58cfdf chore: small fixes
  • f400ae911 fix: small fixes for image cache generation
  • 93754b7de fix: config and platform manifest generation
  • 95b2fc946 feat: image cache gen
  • e4c6186c6 chore: remove i915/amdgpu drivers
  • 744ad12a6 docs: update replicated-local-storage-with-openebs.md
  • fd713e451 feat: add permanent hardware addr to device selectors
  • d55a96e8c refactor: remove SELinux client_u and client_r
  • 3a5b55fd2 fix: allow CEL expressions config merge
  • f1b15f580 chore: remove replace for safchain/ethtool
  • f9697a9a0 fix: register controlplane node with NoSchedule taint
  • 30f8b5a9f fix: registry mirror fallback handling
  • 0f41e7743 feat: allow for onlink directive (nocloud)
  • e26d0043e chore: code cleanup
  • 43fe3807a feat: implement tracking of blockdevice secondaries
  • 8a7476c3a fix: install on non-empty disk
  • 8b4253d18 feat: update etcd to v3.5.17
  • 5a0fd5b88 refactor: move early initialization functions to pre-initialize phase
  • 9916e2cd8 chore: update pkgs/tools/extras for Go 1.23.3
  • 20bbf0235 docs: update vultr documentation
  • aea98940b fix: arch linux search paths and names for QEMU provisioner
  • 682718d4c fix: use imager incoming version for extension validation
  • 9a02ecc49 feat: rewrite install disk selector to use CEL expressions
  • eba35f441 docs: add note about PSP in Rook-Ceph guide
  • 38b80fb1d docs: add missing --talosconfig parameter to end of Hetzner guide
  • a07f66c91 docs: gcp: fix controlplane nodes tags
  • 4fe6dc8a0 chore: clean dns code

v1.8.4

Compare Source

Talos 1.8.4 (2024-12-13)

Welcome to the v1.8.4 release of Talos!

Starting with Talos v1.8.0, only standard assets would be published as github release assets. These include:

  • cloud-images.json
  • talosctl binaries
  • kernel
  • initramfs
  • metal iso and disk images
  • talosctl-cni-bundle

All other release assets can be downloaded from Image Factory.

Please try out the release binaries and report any issues at https://github.com/siderolabs/talos/issues.

Component Updates

Linux: 6.6.64 runc: 1.2.3 Kubernetes: 1.31.4 etcd: 3.5.17

Talos is built with Go 1.22.10.

Contributors
  • Andrey Smirnov
  • Dmitriy Matrenichev
  • Christian Luetke-Stetzkamp
  • Noel Georgi
  • OliviaBarrington
  • Steven Kreitzer
Changes
17 commits

  • @​3c151c8 release(v1.8.4): prepare release
  • @​1fb38e4 fix: use mtu network option for podman
  • @​acd9fda fix: order volume config by the requested size
  • @​c547557 fix: install iptables-nft to the host
  • @​94b342b fix: lock provisioning order of user disk partitions
  • @​df8fe4c feat: support vlan/bond in v1, vlan in v2 for nocloud
  • @​3a1727e fix: don't reset health status if service doesn't support health checks
  • @​7ff796f fix: make system_disk condition work properly before install
  • @​379eefd fix: nocloud network link matching on MAC addresses
  • @​c87ec03 feat: allow for onlink directive (nocloud)
  • @​aa14ae5 fix: small logrus fixes
  • @​b90863a fix: properly halt installation if Talos already installed
  • @​6d20ade fix: make vmware platform common code build on all arches
  • @​bc2d547 fix: allow CEL expressions config merge
  • @​5188f64 fix: install on non-empty disk
  • @​6f411cc feat: update etcd to v3.5.17
  • @​7f91e31 feat: update Linux 6.6.64, runc 1.2.3
Changes from siderolabs/pkgs
7 commits

Changes from siderolabs/tools
1 commit

Dependency Changes
  • github.com/siderolabs/go-blockdevice/v2 v2.0.3 -> v2.0.4
  • github.com/siderolabs/pkgs v1.8.0-31-g9c80a4a -> v1.8.0-38-g0698d6e
  • github.com/siderolabs/talos/pkg/machinery v1.8.3 -> v1.8.4
  • github.com/siderolabs/tools v1.8.0-3-g653182a -> v1.8.0-4-gadfcf5a
  • go.etcd.io/etcd/api/v3 v3.5.16 -> v3.5.17
  • go.etcd.io/etcd/client/pkg/v3 v3.5.16 -> v3.5.17
  • go.etcd.io/etcd/client/v3 v3.5.16 -> v3.5.17
  • go.etcd.io/etcd/etcdutl/v3 v3.5.16 -> v3.5.17
  • k8s.io/api v0.31.2 -> v0.31.4
  • k8s.io/apiserver v0.31.2 -> v0.31.4
  • k8s.io/client-go v0.31.2 -> v0.31.4
  • k8s.io/component-base v0.31.2 -> v0.31.4
  • k8s.io/kube-scheduler v0.31.2 -> v0.31.4
  • k8s.io/kubectl v0.31.2 -> v0.31.4
  • k8s.io/kubelet v0.31.2 -> v0.31.4
  • k8s.io/pod-security-admission v0.31.2 -> v0.31.4

Previous release can be found at v1.8.3

Images
ghcr.io/siderolabs/flannel:v0.25.7
registry.k8s.io/coredns/coredns:v1.11.3
gcr.io/etcd-development/etcd:v3.5.17
registry.k8s.io/kube-apiserver:v1.31.4
registry.k8s.io/kube-controller-manager:v1.31.4
registry.k8s.io/kube-scheduler:v1.31.4
registry.k8s.io/kube-proxy:v1.31.4
ghcr.io/siderolabs/kubelet:v1.31.4
ghcr.io/siderolabs/installer:v1.8.4
registry.k8s.io/pause:3.10

v1.8.3

Compare Source

Talos 1.8.3 (2024-11-13)

Welcome to the v1.8.3 release of Talos!

Starting with Talos v1.8.0, only standard assets would be published as github release assets. These include:

  • cloud-images.json
  • talosctl binaries
  • kernel
  • initramfs
  • metal iso and disk images
  • talosctl-cni-bundle

All other release assets can be downloaded from Image Factory.

Please try out the release binaries and report any issues at https://github.com/siderolabs/talos/issues.

Component Updates

Linux: 6.6.60 containerd: 2.0.0 runc: 1.2.1

Talos is built with Go 1.22.9.

Contributors
  • Andrey Smirnov
  • blablu
  • Dmitry Sharshakov
  • Joakim Nohlgård
  • Noel Georgi
  • Remko Molier
  • Sam Stelfox
Changes
15 commits

  • @​6494ace release(v1.8.3): prepare release
  • @​01c9f45 fix: arch linux search paths and names for QEMU provisioner
  • @​8b5c5f1 chore: fix nil pointer dereference in AWS uploader
  • @​fbf85dd fix: install disk matcher error
  • @​ff3fcce feat: add dm-cache dm-cache-smq kernel modules
  • @​6d872e4 feat: allow extra mounts for docker-based talosctl cluster create
  • @​8c193c8 fix: update permissions for logging directories in /var
  • @​5044a41 fix: mount /sys/kernel/security conditionally
  • @​83abb66 fix: make route normalization keep family
  • @​228a943 fix: do not trim 0 from process SELinux label
  • @​d4a3a2b fix: prevent panic in nocloud platform code
  • @​5c7b02d fix: update the CRI sandbox image reference
  • @​f8155c4 feat: add parsing of vlanNNNN:ethX style VLAN cmdline args
  • @​ea19f15 fix: generation of SecureBoot iso
  • @​fddaa60 feat: update Linux, runc, containerd, go
Changes from siderolabs/pkgs
7 commits

Changes from siderolabs/tools
1 commit

Dependency Changes
  • github.com/docker/cli v27.1.1 new
  • github.com/docker/docker v27.2.0 -> v27.1.1
  • github.com/siderolabs/pkgs v1.8.0-24-ge72b2f4 -> v1.8.0-31-g9c80a4a
  • github.com/siderolabs/talos/pkg/machinery v1.8.2 -> v1.8.3
  • github.com/siderolabs/tools v1.8.0-2-g7719230 -> v1.8.0-3-g653182a

Previous release can be found at v1.8.2

Images
ghcr.io/siderolabs/flannel:v0.25.7
registry.k8s.io/coredns/coredns:v1.11.3
gcr.io/etcd-development/etcd:v3.5.16
registry.k8s.io/kube-apiserver:v1.31.2
registry.k8s.io/kube-controller-manager:v1.31.2
registry.k8s.io/kube-scheduler:v1.31.2
registry.k8s.io/kube-proxy:v1.31.2
ghcr.io/siderolabs/kubelet:v1.31.2
ghcr.io/siderolabs/installer:v1.8.3
registry.k8s.io/pause:3.10

v1.8.2

Compare Source

Talos 1.8.2 (2024-10-28)

Welcome to the v1.8.2 release of Talos!

Starting with Talos v1.8.0, only standard assets would be published as github release assets. These include:

  • cloud-images.json
  • talosctl binaries
  • kernel
  • initramfs
  • metal iso and disk images
  • talosctl-cni-bundle

All other release assets can be downloaded from Image Factory.

Please try out the release binaries and report any issues at https://github.com/siderolabs/talos/issues.

Component Updates

Linux: 6.6.58 containerd: 2.0.0-rc.6 runc: 1.2.0 Kubernetes: 1.31.2

Talos is built with Go 1.22.8.

Contributors
  • Andrey Smirnov
  • Dmitriy Matrenichev
  • Joakim Nohlgård
  • Noel Georgi
  • Philip Schmid
  • Philipp Kleber
  • Serge Logvinov
Changes
18 commits

Changes from siderolabs/crypto
1 commit

Changes from siderolabs/go-circular
1 commit

Changes from siderolabs/pkgs
8 commits

Changes from siderolabs/siderolink
1 commit

Dependency Changes
  • github.com/klauspost/compress v1.17.10 -> v1.17.11
  • github.com/siderolabs/crypto v0.4.4 -> v0.5.0
  • github.com/siderolabs/go-circular v0.2.0 -> v0.2.1
  • github.com/siderolabs/pkgs v1.8.0-16-g71d23b4 -> v1.8.0-24-ge72b2f4
  • github.com/siderolabs/siderolink v0.3.10 -> v0.3.11
  • github.com/siderolabs/talos/pkg/machinery v1.8.1 -> v1.8.2
  • golang.org/x/time v0.6.0 -> v0.7.0
  • k8s.io/api v0.31.1 -> v0.31.2
  • k8s.io/apiserver v0.31.1 -> v0.31.2
  • k8s.io/client-go v0.31.1 -> v0.31.2
  • k8s.io/component-base v0.31.1 -> v0.31.2
  • k8s.io/kube-scheduler v0.31.1 -> v0.31.2
  • k8s.io/kubectl v0.31.1 -> v0.31.2
  • k8s.io/kubelet v0.31.1 -> v0.31.2
  • k8s.io/pod-security-admission v0.31.1 -> v0.31.2

Previous release can be found at v1.8.1

Images
ghcr.io/siderolabs/flannel:v0.25.7
registry.k8s.io/coredns/coredns:v1.11.3
gcr.io/etcd-development/etcd:v3.5.16
registry.k8s.io/kube-apiserver:v1.31.2
registry.k8s.io/kube-controller-manager:v1.31.2
registry.k8s.io/kube-scheduler:v1.31.2
registry.k8s.io/kube-proxy:v1.31.2
ghcr.io/siderolabs/kubelet:v1.31.2
ghcr.io/siderolabs/installer:v1.8.2
registry.k8s.io/pause:3.9

v1.8.1

Compare Source

Talos 1.8.1 (2024-10-08)

Welcome to the v1.8.1 release of Talos!

Starting with Talos v1.8.0, only standard assets would be published as github release assets. These include:

  • cloud-images.json
  • talosctl binaries
  • kernel
  • initramfs
  • metal iso and disk images
  • talosctl-cni-bundle

All other release assets can be downloaded from Image Factory.

Please try out the release binaries and report any issues at https://github.com/siderolabs/talos/issues.

Component Updates

Linux: 6.6.54 containerd: 2.0.0-rc.5 Flannel: 0.25.7

Talos is built with Go 1.22.8.

Contributors
  • Andrey Smirnov
  • Hexoplon
  • ekarlso
Changes
16 commits

  • @​477752f release(v1.8.1): prepare release
  • @​362c9f8 test: skip lvm test if not enough user disks available
  • @​7930500 chore: checkout extensions from release-1.8, not main
  • @​f6d6306 fix: wipe system partitions correctly via kernel args
  • @​4d279c6 fix: volume encryption with failing keyslots
  • @​070defa fix: update grpc-go the latest patch release
  • @​a2d12fd feat: update Flannel to v0.25.7
  • @​e2f560b feat: bring in lpfc kernel module driver
  • @​788336a feat: enable QEDF driver
  • @​e4341fa fix: make /var/run empty on reboots
  • @​66228ef fix: multiple fixes for LVM activation
  • @​5f4515f fix: prevent file descriptors leaks to child processes
  • @​a55103e chore: ignore more plugins for system containerd
  • @​ffcdc0b fix: build talosctl without tcell_minimal
  • @​d29f660 feat: add support for CI Network config in nocloud
  • @​01e580b feat: update Go 1.22.8, Linux, pkgs
Changes from siderolabs/pkgs
8 commits

Changes from siderolabs/tools
1 commit

Dependency Changes
  • github.com/klauspost/compress v1.17.9 -> v1.17.10
  • github.com/siderolabs/go-blockdevice/v2 v2.0.2 -> v2.0.3
  • github.com/siderolabs/pkgs v1.8.0-8-gdf1a1a5 -> v1.8.0-16-g71d23b4
  • github.com/siderolabs/talos/pkg/machinery v1.8.0 -> v1.8.1
  • github.com/siderolabs/tools v1.8.0-1-ga0c06c6 -> v1.8.0-2-g7719230
  • google.golang.org/grpc v1.66.0 -> v1.66.3

Previous release can be found at v1.8.0

Images
ghcr.io/siderolabs/flannel:v0.25.7
registry.k8s.io/coredns/coredns:v1.11.3
gcr.io/etcd-development/etcd:v3.5.16
registry.k8s.io/kube-apiserver:v1.31.1
registry.k8s.io/kube-controller-manager:v1.31.1
registry.k8s.io/kube-scheduler:v1.31.1
registry.k8s.io/kube-proxy:v1.31.1
ghcr.io/siderolabs/kubelet:v1.31.1
ghcr.io/siderolabs/installer:v1.8.1
registry.k8s.io/pause:3.9

v1.8.0

Compare Source

113 commits

  • 6f7c3a8e5 fix: build of talosctl on non-Linux arches
  • f0a59cec7 release(v1.8.0-alpha.2): prepare release
  • c8aed3be4 fix: correctly add console args for ttyS0
  • b453385bd feat: support volume configuration, provisioning, etc
  • b6b16b35f chore: pause sequencer when talos installed and iso booted
  • eade0a9f2 chore: bring in uio modules
  • 81f9fcd9c fix: report errors correctly when pulling, fix EEXIST
  • b309e87b4 docs: fix invalid input in field user_data
  • c7474877a docs: kubeProxyReplacement from "disabled" to "false"
  • be2ebf6b4 chore: bump dependencies
  • 88601bff4 chore: drop calico from interactive installer
  • 106c17d0b chore: aarch64 qemu local secureboot support
  • da6263506 feat: update Flannel to v0.25.6
  • 19a44c2b0 chore: drop console ttyS0 argument
  • 75cecb421 feat: add Apache Cloudstack support
  • 951cf66fd feat: add Cisco fnic driver
  • 2d3bc94bf fix(ci): fix broken tests
  • a9551b7ca fix: host DNS access with firewall enabled
  • 4834a61a8 feat: report SELinux labels
  • 8fe39eacb chore: move csi tests as go test
  • e4f8cb854 fix: merge extension service config files by mountPath
  • 5ba1df469 chore: add java package to protos
  • 823480800 fix: add missing host/nvme-rdma
  • 5b4b64979 fix: bump go-smbios for broken SMIOS tables
  • f57d1f07e fix: add NVMe target kernel modules
  • 5ff6cf82c fix: drop /opt mount for containers/tink
  • 3c0db34d8 docs: update kubespan docs
  • 3041d9075 fix: always handle PermissionDenied in dashboard resource watches
  • 36f83eea9 chore: make qemu check flag consistent with code
  • fe52cb074 chore: update protoc-gen-doc
  • ee4290f68 fix: bind HostDNS to 169.254.x link-local address
  • c312a46f6 chore: restructure k8s component health checks
  • e193e7db9 docs: fix incorrect path for openebs in documentation
  • beadbac21 docs: update Oracle Cloud Talos custom image docs
  • 6f969e364 chore: improve cluster create UX on aarch64
  • 45cc8688a chore: replace if blocks with min/max functions
  • a5bd770bf fix: retry with another upstream if the previous failed
  • 82e19f38a docs: add high-level overlay development guide
  • 872599c9a chore: drop image assets from release
  • 3c36c41a9 feat: provide device extra settle timeout
  • 9e348ef35 feat: update Kubernetes to 1.31.0
  • 61a1c946b feat: bundle (some) CNI plugins with Talos core
  • 091da163b chore: support arm64 kexec from zboot kernel images
  • 73511c1ef chore: fix release notes
  • 2bf924c7b feat: update ISO VolumeID with Talos version
  • 9a33dce10 docs: fix the VMWare docs
  • 12562c2d5 docs: fix talos version in vmware.sh
  • ee67da14c feat: scaleway routed ip
  • eba5dafb9 fix: add dns-resolve-cache to the support bundle
  • d4f8100bd docs: fix default openebs folder
  • 60e163d54 docs: fix typo in doc
  • 98d9abdd0 chore(ci): fix cilium ci tests
  • beb9602e3 chore: bump github.com/docker/docker to v27.1.1+incompatible
  • 0698a4921 docs: aws getting started re-write
  • 4d7d7a589 chore(ci): update nvidia integration tests
  • 60e901c1d chore: document slim kubelet image
  • 622d66a98 chore: bump deps
  • f9f5e0ef5 chore: fix k8s tests
  • 2ac8d2274 chore: support unsupported flag for mkfs
  • 9b9159d1e docs: update support matrix for nvidia drivers
  • 9d3415850 fix: fix graph diffs in dashboard when node aliases are used
  • 9a126d70e chore: generate deepcopy for SecureBootAssets type
  • dff56d824 chore: remove arch-specific etcd image tag
  • c9f1dece5 feat: update Kubernetes to 1.31.0-rc.1
  • 49831c56f docs: replace removed Cilium/kubeProxyReplacement value
  • 33a316369 docs: update aws.md for loop
  • e02bd2093 feat: update Kubernetes to 1.31.0-rc.0
  • 64914b086 chore: add test for crun extension
  • 7a1c62b8b feat: publish installed extensions as node labels/annotations
  • 3f2058aba fix: update containerd configuration and settings
  • 81bd20f5a docs: remove deprecated jiva from openebs instructions
  • 480ffb88a docs: fix the amd64 PXE boot script URL
  • 20fe34dbd docs: fix docker getting started typo
  • 0fd7dfd2a docs: update Equinix Guide
  • 3d1474ac0 feat: update CoreDNS to 1.1.3
  • 50e5f37ef chore: add test for apparmor
  • 96492c097 docs: extend multus configuration for Cilium
  • 19aa44c54 fix: generate kubeconfig using proper types
  • 240104e45 feat: update Linux to 6.6.43
  • 32db8db60 chore: lock microsoft secureboot certs
  • 3ce5492f8 feat: runc memfd-bind service
  • 341b55cd3 docs: update vmware.sh
  • 117628aa6 chore: add test for gvisor extension with platform kvm
  • fd01571c4 feat: update Linux, enable Broadcom MPI3 driver
  • b333ec07d feat: update etcd to 3.5.15, Flannel to 0.25.5
  • 087290178 feat: use ethtool ioctl to get link status when netlink api not available
  • 395c64290 docs: update openebs-jiva helm repo
  • f132d3f40 chore(ci): remove artifacts directory prefix for checksums
  • fd54dc191 feat(talosctl): append microsoft secure boot certs
  • fd6ddd11e feat: provide POD_IP env var to scheduler and controller-manager
  • 407347a7a feat: update Kubernetes to 1.31.0-beta.0
  • 1b8c9ccbb fix: enforce secureboot enroll option only for supported releases
  • d52b89cb9 chore: ensure tls required on s3 buckets
  • c288ace7b fix: be more smart when merging DNS resolver config
  • d983e4430 fix: panic on shutdown
  • 01404edff chore: reduce memory requirement for contrplane nodes
  • 980f9ebc0 fix: fix log format in cluster provisioning
  • ea626a963 feat: add label 'exclude-from-external-load-balancers' for cp nodes
  • 1cf76cfbc docs: fix talosctl spelling
  • b07338f54 feat: provide machine config document to update trusted CA roots
  • f14c4795e fix: sort ports and merge adjacent ones in the nft rule
  • cf5effabb feat: provide an option to enforce SecureBoot for TPM enrollment
  • 736c1485e fix: change the UEFI firmware search path order
  • a727a1d97 chore: make using action tracker easier
  • 0aebeff35 docs: add missing backslashes
  • 398151e64 fix: remove host bind mount for /tmp for trustd
  • ce4c404e1 chore: redo FilterMessages as generic function
  • fbde9c556 chore: bump deps
  • 3bab15214 feat: update Kubernetes to 1.31.0-alpha.3
  • c2a5213ee docs: add note about mayastor nvme_tcp init container check
  • dad9c40c7 chore: simplify code
  • 963612bcc chore: redo EncodeString and EncodeBytes using buffer interface
  • d9db360ab fix: properly output multi-doc machine config in get mc

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻️ Rebasing: Whenever MR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this MR and you won't be reminded about this update again.

  • If you want to rebase/retry this MR, check this box

This MR has been generated by Renovate Bot. The local configuration can be found in the SI Renovate Bot repository.

Edited by Botaniker (Bot)

Merge request reports