CHANGELOG.md

Omni 0.43.0 (2024-10-11)

Welcome to the v0.43.0 release of Omni!

Please try out the release binaries and report any issues at https://github.com/siderolabs/omni/issues.

gRPC Tunnel

gRPC tunnel for wireguard can now be enabled when downloading the installation media from Omni.

Talos Diagnostics

Omni now shows Talos diagnostics information for Talos >= 1.8.0.

Contributors

• Artem Chernyshev
• Utku Ozdemir
• Dmitriy Matrenichev
• Andrey Smirnov
• Birger J. Nordølum
• Justin Garrison

Changes

27 commits

• 397f204 feat: display pending machine requests in the machine sets
• 0d66194 release(v0.43.0-beta.0): prepare release
• 4084b6e fix: get proper IP from peer metadata
• d547889 fix: filter requests in the infra provision controller
• d1c9d9d chore: set peer.address to inform about IP status
• 23a4092 chore: refactor code
• 5630d83 fix: ignore parse errors in the log parser
• 8334c59 chore: add a way to get provider data in the infra provider
• cc71fb6 feat: support auto provisioned machine classes
• 41c3bd5 fix: support whitespaces in the label selectors
• 99191c6 feat: integrate with Talos diagnostics
• dcf89d9 feat: update Omni for Talos 1.8 machinery
• a04b07f test: fix the error message in infra test
• 3e3e53b chore: fix capitalization of wireguard
• f69ff37 feat: make infra provider report back it's information: schema, name
• 7555312 fix: get rid of the exceptions in the ui
• 8e48723 feat: support attaching machine sets to a machine request sets
• bb2f52d chore: drop machine class status and machine set pressure resources
• 3ef1f85 fix: call deprovision only after the machine request status is deleted
• 423f729 chore: bump default versions: Talos 1.7.6, Kubernetes 1.30.5
• c4a4151 feat: allow specifying grpc tunnel option explicitly for install media
• bb14ed6 fix: parse machine labels and extensions as slices in omnictl download
• 9e033d7 docs: update omni template so docs are easier
• 4c329db fix: update COSI runtime
• 81e08eb test: run infra integration tests against Talemu provider
• f83cf3b fix: pin apexcharts version to 3.45.2
• e3d46f9 feat: implement compression of config fields on resources

Changes since v0.43.0-beta.0

1 commit

• 397f204 feat: display pending machine requests in the machine sets

Dependency Changes

• github.com/cosi-project/runtime v0.6.1 -> v0.6.3
• github.com/cosi-project/state-etcd v0.3.1 -> v0.3.2
• github.com/santhosh-tekuri/jsonschema/v5 v5.3.1 new
• github.com/siderolabs/talos/pkg/machinery 6f7c3a8e5c63 -> v1.8.0

Previous release can be found at v0.42.0

Omni 0.43.0-beta.0 (2024-10-09)

Welcome to the v0.43.0-beta.0 release of Omni!
This is a pre-release of Omni

Please try out the release binaries and report any issues at https://github.com/siderolabs/omni/issues.

gRPC Tunnel

gRPC tunnel for wireguard can now be enabled when downloading the installation media from Omni.

Talos Diagnostics

Omni now shows Talos diagnostics information for Talos >= 1.8.0.

Contributors

• Artem Chernyshev
• Utku Ozdemir
• Dmitriy Matrenichev
• Andrey Smirnov
• Birger J. Nordølum
• Justin Garrison

Changes

25 commits

• 4084b6e fix: get proper IP from peer metadata
• d547889 fix: filter requests in the infra provision controller
• d1c9d9d chore: set peer.address to inform about IP status
• 23a4092 chore: refactor code
• 5630d83 fix: ignore parse errors in the log parser
• 8334c59 chore: add a way to get provider data in the infra provider
• cc71fb6 feat: support auto provisioned machine classes
• 41c3bd5 fix: support whitespaces in the label selectors
• 99191c6 feat: integrate with Talos diagnostics
• dcf89d9 feat: update Omni for Talos 1.8 machinery
• a04b07f test: fix the error message in infra test
• 3e3e53b chore: fix capitalization of wireguard
• f69ff37 feat: make infra provider report back it's information: schema, name
• 7555312 fix: get rid of the exceptions in the ui
• 8e48723 feat: support attaching machine sets to a machine request sets
• bb2f52d chore: drop machine class status and machine set pressure resources
• 3ef1f85 fix: call deprovision only after the machine request status is deleted
• 423f729 chore: bump default versions: Talos 1.7.6, Kubernetes 1.30.5
• c4a4151 feat: allow specifying grpc tunnel option explicitly for install media
• bb14ed6 fix: parse machine labels and extensions as slices in omnictl download
• 9e033d7 docs: update omni template so docs are easier
• 4c329db fix: update COSI runtime
• 81e08eb test: run infra integration tests against Talemu provider
• f83cf3b fix: pin apexcharts version to 3.45.2
• e3d46f9 feat: implement compression of config fields on resources

Dependency Changes

• github.com/cosi-project/runtime v0.6.1 -> v0.6.3
• github.com/cosi-project/state-etcd v0.3.1 -> v0.3.2
• github.com/santhosh-tekuri/jsonschema/v5 v5.3.1 new
• github.com/siderolabs/talos/pkg/machinery 6f7c3a8e5c63 -> v1.8.0

Previous release can be found at v0.42.0

Omni 0.42.0-beta.0 (2024-09-06)

Welcome to the v0.42.0-beta.0 release of Omni!
This is a pre-release of Omni

Please try out the release binaries and report any issues at https://github.com/siderolabs/omni/issues.

Allow multiple IP's in siderolink-wireguard-advertised-addr flag

The siderolink-wireguard-advertised-addr flag now accepts multiple IP addresses separated by commas. This is useful when you have multiple IPs (IPv4 and IPv6) on the host machine and want to allow Talos nodes to connect to the Omni using any of them.

Audit log

It is now possible to get the audit log from the Omni. By default it's disabled. To enable, pass --audit-log-dir <dir> to the Omni. The audit log will be written to the specified directory, separated by day.

Retention is set to 30 days (including the current day). The audit log is written in JSON format, where each entry is a JSON object.

There are two ways to get audit log, and for both you need Admin role:

1. By using the UI: Simply click "Download audit log" in the main menu.
2. Using omnictl audit-log command. This command will stream the audit log from the Omni to the local machine stdout.

Cluster Sort

Cluster list on Clusters page can now be sorted by name or creation date. Before it was always sorted by creation date (newest first).

TLS Cert Reload

Omni service can now reload the TLS certs without restart.

Contributors

• Dmitriy Matrenichev
• Artem Chernyshev
• Andrey Smirnov
• Utku Ozdemir
• Noel Georgi
• Justin Garrison

Changes

27 commits

• c076c3c fix: filter readonly, CD and loop devices for 1.8
• 0360422 feat: support passing extra data through the siderolink join token
• 381021e fix: calculate requested and connected machines in the ClusterStatus
• 7abb0f5 chore: bump deps
• 464f699 chore: rename CloudProvider to InfraProvider
• bfe036e chore: allow to specify start and end time for audit-log
• e2f5795 chore: allow multiple IP's for siderolink-wireguard-advertised-addr flag
• 3c1defe fix: fix spelling for hover text
• 76ba670 chore: allow users with admin role to download audit log from UI
• e8d578a fix: add siderolink connection params to the infra provider interface
• 4a82cd0 chore: rewrite renamed extension names on Talos version updates
• 56c0394 fix: always remove finalizers from the ClusterMachineStatus
• ce45042 feat: implement MachineRequestSets and support links cleanup flow
• 85aaf1c feat: support sorting cluster by name, creation time
• 95c8210 feat: implement base infra provider library
• a32a6fa feat: reload TLS certs without restart
• 00ae084 fix: delete upgrade meta key from nodes after upgrades
• 3f5c0f8 chore: enable 'github.com/planetscale/vtprotobuf' encoding
• 34a8c36 chore: rekres to get BUSL license change date updated on releases
• bf188e4 chore: implement audit log reader
• 5d48547 chore: use range-over-func iterators for resource iteration
• dc349c1 chore: do a full generate with latest deps
• 67f2e8d chore: print error on closing secondary storage backing store
• 89e8a62 fix: pass the logger to machine logs circular buffer
• d2387d9 fix: use a separate phase for the extensions installation
• cbfe7c9 chore: add periodic cleanup of old log files
• aea900f fix: display machines in tearing down state

Changes from siderolabs/discovery-service

1 commit

• 270f257 chore: bump deps

Changes from siderolabs/go-api-signature

2 commits

• 8807c5e fix: account for time truncation to a second resolution
• 1b35ea8 chore: bump deps and fix data race

Changes from siderolabs/go-debug

1 commit

• c8f9b12 chore: add support for Go 1.23

Changes from siderolabs/go-talos-support

3 commits

• 58f4f0f chore: bump Go dependencies
• f9d46fd fix: add dns-resolve-cache to the list of logs gathered
• 69891cf chore: remove containerd dependency

Changes from siderolabs/image-factory

9 commits

• fe9134a release(v0.5.0): prepare release
• 7f09750 feat: update to Talos 1.8
• b985abc fix: cache generated system extension image correctly
• 9687413 fix: set SOURCE_DATA_EPOCH
• fef0833 chore: add in new helios64 overlay
• 03bd46f feat: support inclusion on well-known UEFI SecureBoot certs
• 608a6f0 chore: alias nvidia extensions to lts versions
• 8b4e0d9 chore: make metatadata pkg public
• 7a4de58 chore: build multi-arch image

Dependency Changes

• github.com/auth0/go-jwt-middleware/v2 v2.2.1 -> v2.2.2
• github.com/aws/aws-sdk-go-v2 v1.30.3 -> v1.30.4
• github.com/aws/aws-sdk-go-v2/config v1.27.27 -> v1.27.31
• github.com/aws/aws-sdk-go-v2/credentials v1.17.27 -> v1.17.30
• github.com/aws/aws-sdk-go-v2/feature/s3/manager v1.17.10 -> v1.17.16
• github.com/aws/aws-sdk-go-v2/service/s3 v1.58.3 -> v1.61.0
• github.com/aws/smithy-go v1.20.3 -> v1.20.4
• github.com/containers/image/v5 v5.32.1 -> v5.32.2
• github.com/cosi-project/runtime v0.5.5 -> v0.6.1
• github.com/cosi-project/state-etcd v0.3.0 -> v0.3.1
• github.com/fsnotify/fsnotify v1.7.0 new
• github.com/grpc-ecosystem/grpc-gateway/v2 v2.21.0 -> v2.22.0
• github.com/prometheus/client_golang v1.19.1 -> v1.20.2
• github.com/prometheus/common v0.55.0 -> v0.57.0
• github.com/siderolabs/discovery-service 74bca2da5cc8 -> v1.0.3
• github.com/siderolabs/go-api-signature v0.3.4 -> v0.3.6
• github.com/siderolabs/go-debug v0.3.0 -> v0.4.0
• github.com/siderolabs/go-talos-support v0.1.0 -> v0.1.1
• github.com/siderolabs/image-factory v0.4.2 -> v0.5.0
• github.com/siderolabs/talos/pkg/machinery v1.8.0-alpha.1 -> 6f7c3a8e5c63
• github.com/zitadel/oidc/v3 v3.27.0 -> v3.28.2
• go.etcd.io/bbolt v1.3.10 -> v1.3.11
• google.golang.org/grpc v1.65.0 -> v1.66.0
• sigs.k8s.io/controller-runtime v0.18.5 -> v0.19.0

Previous release can be found at v0.41.0

Omni 0.41.0-beta.0 (2024-08-16)

Welcome to the v0.41.0-beta.0 release of Omni!
This is a pre-release of Omni

Please try out the release binaries and report any issues at https://github.com/siderolabs/omni/issues.

Contributors

• Artem Chernyshev
• Andrey Smirnov
• Dmitriy Matrenichev
• Utku Ozdemir
• Brant Gurganus

Changes

15 commits

• 1cb1080 feat: bump kube-service-exposer to v0.2.0
• dd510e9 fix: properly cleanup tearing down exposed services
• 0bec3e4 chore: bump deps
• 6080c25 test: fix several flaky tests
• 99f9317 chore: implement audit log for several types
• ee73083 fix: properly remove MachineSetNode finalizer in the controller
• 16b008b fix: increase LRU cache size for Talos and Kubernetes clients
• 36c7b10 fix: skip reconciling redacted machine config on no input changes
• f0b44b1 fix: add gRPC read buffer pool for etcd client
• b1fceea fix: properly handle ExposedService resource finalizers
• 5e35cbe fix: fix nil pointer dereference in workload proxy reconciler
• 4746652 docs: add a stringArray example for extensions
• 7536191 chore: implement labels extractor controller for more efficient code
• 7df58fe chore: add request label to the links created by the cloud provider
• d194d59 feat: implement audit log

Dependency Changes

• github.com/aws/aws-sdk-go-v2/feature/s3/manager v1.17.8 -> v1.17.10
• github.com/aws/aws-sdk-go-v2/service/s3 v1.58.2 -> v1.58.3
• github.com/containers/image/v5 v5.31.1 -> v5.32.1
• github.com/go-jose/go-jose/v4 v4.0.3 -> v4.0.4
• github.com/google/go-containerregistry v0.20.1 -> v0.20.2
• github.com/grpc-ecosystem/grpc-gateway/v2 v2.20.0 -> v2.21.0
• github.com/johannesboyne/gofakes3 99de01ee122d -> edd0227ffc37
• github.com/prometheus/common v0.55.0 new
• github.com/zitadel/oidc/v3 v3.26.0 -> v3.27.0
• go.etcd.io/etcd/client/pkg/v3 v3.5.14 -> v3.5.15
• go.etcd.io/etcd/client/v3 v3.5.14 -> v3.5.15
• go.etcd.io/etcd/server/v3 v3.5.14 -> v3.5.15
• golang.org/x/crypto v0.25.0 -> v0.26.0
• golang.org/x/net v0.27.0 -> v0.28.0
• golang.org/x/sync v0.7.0 -> v0.8.0
• golang.org/x/tools v0.22.0 -> v0.24.0
• k8s.io/api v0.30.3 -> v0.31.0
• k8s.io/apimachinery v0.30.3 -> v0.31.0
• k8s.io/client-go v0.30.3 -> v0.31.0
• sigs.k8s.io/controller-runtime v0.18.4 -> v0.18.5

Previous release can be found at v0.40.0

Omni 0.40.0-beta.0 (2024-07-26)

Welcome to the v0.40.0-beta.0 release of Omni!
This is a pre-release of Omni

Please try out the release binaries and report any issues at https://github.com/siderolabs/omni/issues.

Support Bundle

Support downloading cluster support bundle from the UI.

Show Total Items

Display total number of clusters and machines on the corresponding pages. Also show some basic stats there: the number of clusters not ready and allocated/available machines.

Contributors

• Artem Chernyshev
• Andrey Smirnov
• Dmitriy Matrenichev
• Utku Ozdemir
• Jubblin
• Maxime Brunet
• Sam
• Spencer Smith

Changes

27 commits

• 8ef319c chore: bump kube-service-exposer version
• 743e67f chore: bump state-etcd module version
• 6759925 chore: deprecate Talos 1.3
• 5dd5259 chore: add rotating log for audit data
• 6f6e1a6 fix: do not allow deleting machine classes which are used anywhere
• aeb9322 fix: preserve labels on the MachineClass when editing it in the UI
• 641328c feat: show machine/cluster stats and total counts
• ad74f85 chore: bump deps
• 19a72be feat: add support bundle download button to cluster overview
• d76f8bd test: enable Talemu tests
• f67579f fix: properly update ClusterMachineIdentity resource
• d8e804f fix: use proper finalizer chain in the MachineClassStatusController
• 67bcc75 feat: compute machineclass machine requirement (pressure)
• 23fb0c1 fix: make image pre pull failure block the kubernetes update
• b8db949 chore: bump dependencies
• e484bca fix: improve resource deletion reliability, fix support bundle tests
• 6f73f58 fix: properly display icons on Safari browser
• 276c3f4 fix: use proper check for the machine set teardown flow
• 4cfc0e6 chore: rework auth.* keys, add ctxstore package
• 76263e1 fix: do not rely on MachineStatus updates when checking maintenance
• d271a8a fix: do not expect LB to be healthy when scaling down workers
• 085bc2e fix: add finalizer on MachineSetNode resource in the controller
• cbfb898 fix: add missing return err in the maintenance config drop migration
• a1a1d08 chore: bump deps
• 4369338 fix: update Talos machine config schema to v1.7
• b93ac81 fix: provide cached access to the state via Omni API
• 7602fde fix: update compose to fix missing information

Changes from siderolabs/go-api-signature

1 commit

• 4bf0f02 fix: get rid of data race in the key sign interceptor

Changes from siderolabs/go-kubernetes

2 commits

• ee8c6b8 fix: add one more removed feature gate for 1.31
• 37dd61f feat: add support for Kubernetes 1.31

Changes from siderolabs/grpc-proxy

5 commits

• ec3b59c fix: address all gRPC deprecations
• 02f82db chore: rekres, bump deps
• 62b29be chore: rekres, update dependencies
• 2decdd1 chore: add no-op github workflow
• 77d7adc chore: bump deps

Changes from siderolabs/image-factory

4 commits

• e5686e2 release(v0.4.2): prepare release
• 1a2b64a feat: add Rock4 SE board to the mix of supported boards
• d07a780 fix: update wizard-versions.html
• f73a61e fix: update misreported error

Dependency Changes

• github.com/adrg/xdg v0.4.0 -> v0.5.0
• github.com/aws/aws-sdk-go-v2 v1.30.0 -> v1.30.3
• github.com/aws/aws-sdk-go-v2/config v1.27.21 -> v1.27.27
• github.com/aws/aws-sdk-go-v2/credentials v1.17.21 -> v1.17.27
• github.com/aws/aws-sdk-go-v2/feature/s3/manager v1.17.1 -> v1.17.8
• github.com/aws/aws-sdk-go-v2/service/s3 v1.56.1 -> v1.58.2
• github.com/aws/smithy-go v1.20.2 -> v1.20.3
• github.com/cosi-project/runtime v0.5.0 -> v0.5.5
• github.com/cosi-project/state-etcd v0.2.9 -> v0.3.0
• github.com/go-jose/go-jose/v4 v4.0.2 -> v4.0.3
• github.com/google/go-containerregistry v0.19.2 -> v0.20.1
• github.com/siderolabs/go-api-signature v0.3.3 -> v0.3.4
• github.com/siderolabs/go-kubernetes v0.2.9 -> v0.2.11
• github.com/siderolabs/grpc-proxy v0.4.0 -> v0.4.1
• github.com/siderolabs/image-factory v0.4.1 -> v0.4.2
• github.com/siderolabs/omni/client 000000000000 -> v0.39.1
• github.com/siderolabs/talos/pkg/machinery 4feb94ca0997 -> v1.8.0-alpha.1
• github.com/zitadel/oidc/v3 v3.25.1 -> v3.26.0
• golang.org/x/crypto v0.24.0 -> v0.25.0
• golang.org/x/net v0.26.0 -> v0.27.0
• google.golang.org/grpc v1.64.0 -> v1.65.0
• k8s.io/api v0.30.2 -> v0.30.3
• k8s.io/client-go v0.30.2 -> v0.30.3

Previous release can be found at v0.39.0

Omni 0.40.0 (2024-07-26)

Welcome to the v0.40.0 release of Omni!
This is a pre-release of Omni

Please try out the release binaries and report any issues at https://github.com/siderolabs/omni/issues.

Support Bundle

Support downloading cluster support bundle from the UI.

Show Total Items

Display total number of clusters and machines on the corresponding pages. Also show some basic stats there: the number of clusters not ready and allocated/available machines.

Contributors

• Artem Chernyshev
• Andrey Smirnov
• Dmitriy Matrenichev
• Utku Ozdemir
• Jubblin
• Maxime Brunet
• Sam
• Spencer Smith

Changes

27 commits

• 8ef319c chore: bump kube-service-exposer version
• 743e67f chore: bump state-etcd module version
• 6759925 chore: deprecate Talos 1.3
• 5dd5259 chore: add rotating log for audit data
• 6f6e1a6 fix: do not allow deleting machine classes which are used anywhere
• aeb9322 fix: preserve labels on the MachineClass when editing it in the UI
• 641328c feat: show machine/cluster stats and total counts
• ad74f85 chore: bump deps
• 19a72be feat: add support bundle download button to cluster overview
• d76f8bd test: enable Talemu tests
• f67579f fix: properly update ClusterMachineIdentity resource
• d8e804f fix: use proper finalizer chain in the MachineClassStatusController
• 67bcc75 feat: compute machineclass machine requirement (pressure)
• 23fb0c1 fix: make image pre pull failure block the kubernetes update
• b8db949 chore: bump dependencies
• e484bca fix: improve resource deletion reliability, fix support bundle tests
• 6f73f58 fix: properly display icons on Safari browser
• 276c3f4 fix: use proper check for the machine set teardown flow
• 4cfc0e6 chore: rework auth.* keys, add ctxstore package
• 76263e1 fix: do not rely on MachineStatus updates when checking maintenance
• d271a8a fix: do not expect LB to be healthy when scaling down workers
• 085bc2e fix: add finalizer on MachineSetNode resource in the controller
• cbfb898 fix: add missing return err in the maintenance config drop migration
• a1a1d08 chore: bump deps
• 4369338 fix: update Talos machine config schema to v1.7
• b93ac81 fix: provide cached access to the state via Omni API
• 7602fde fix: update compose to fix missing information

Changes from siderolabs/go-api-signature

1 commit

• 4bf0f02 fix: get rid of data race in the key sign interceptor

Changes from siderolabs/go-kubernetes

2 commits

• ee8c6b8 fix: add one more removed feature gate for 1.31
• 37dd61f feat: add support for Kubernetes 1.31

Changes from siderolabs/grpc-proxy

5 commits

• ec3b59c fix: address all gRPC deprecations
• 02f82db chore: rekres, bump deps
• 62b29be chore: rekres, update dependencies
• 2decdd1 chore: add no-op github workflow
• 77d7adc chore: bump deps

Changes from siderolabs/image-factory

4 commits

• e5686e2 release(v0.4.2): prepare release
• 1a2b64a feat: add Rock4 SE board to the mix of supported boards
• d07a780 fix: update wizard-versions.html
• f73a61e fix: update misreported error

Dependency Changes

• github.com/adrg/xdg v0.4.0 -> v0.5.0
• github.com/aws/aws-sdk-go-v2 v1.30.0 -> v1.30.3
• github.com/aws/aws-sdk-go-v2/config v1.27.21 -> v1.27.27
• github.com/aws/aws-sdk-go-v2/credentials v1.17.21 -> v1.17.27
• github.com/aws/aws-sdk-go-v2/feature/s3/manager v1.17.1 -> v1.17.8
• github.com/aws/aws-sdk-go-v2/service/s3 v1.56.1 -> v1.58.2
• github.com/aws/smithy-go v1.20.2 -> v1.20.3
• github.com/cosi-project/runtime v0.5.0 -> v0.5.5
• github.com/cosi-project/state-etcd v0.2.9 -> v0.3.0
• github.com/go-jose/go-jose/v4 v4.0.2 -> v4.0.3
• github.com/google/go-containerregistry v0.19.2 -> v0.20.1
• github.com/siderolabs/go-api-signature v0.3.3 -> v0.3.4
• github.com/siderolabs/go-kubernetes v0.2.9 -> v0.2.11
• github.com/siderolabs/grpc-proxy v0.4.0 -> v0.4.1
• github.com/siderolabs/image-factory v0.4.1 -> v0.4.2
• github.com/siderolabs/omni/client 000000000000 -> v0.39.1
• github.com/siderolabs/talos/pkg/machinery 4feb94ca0997 -> v1.8.0-alpha.1
• github.com/zitadel/oidc/v3 v3.25.1 -> v3.26.0
• golang.org/x/crypto v0.24.0 -> v0.25.0
• golang.org/x/net v0.26.0 -> v0.27.0
• google.golang.org/grpc v1.64.0 -> v1.65.0
• k8s.io/api v0.30.2 -> v0.30.3
• k8s.io/client-go v0.30.2 -> v0.30.3

Previous release can be found at v0.39.0

Omni 0.39.0-beta.0 (2024-07-04)

Welcome to the v0.39.0-beta.0 release of Omni!
This is a pre-release of Omni

Please try out the release binaries and report any issues at https://github.com/siderolabs/omni/issues.

Equinix Metal

Equinix metal is now available as a download/PXE option in the UI/CLI.

Exposed Services Reliability

Exposed services proxy now provides more reliable connection to the underlying services for slower networks in the cluster. Also if some nodes are down the proxy will evict them from the routing.

Insecure Node Access

It is now possible to access nodes running in maintenance mode using talosctl. Omni account wide talosconfig and at least Operator user role is required for that. No --insecure flag should be set.

Maintenance Talos Updates

Machine's Talos version can now be updated without adding the machine to a cluster. Either talosctl upgrade -n <uuid> or the UI (Machines page) can be used for that.

Contributors

• David Anderson
• Artem Chernyshev
• Brad Fitzpatrick
• Utku Ozdemir
• Andrey Smirnov
• Dmitriy Matrenichev
• AdamEr8
• Andrey Smirnov
• Andrey Smirnov
• Dominic Evans
• Khionu Sybiern
• Nathan Johnson
• Ryan Cox
• Vincent Batts
• ignoramous

Changes

28 commits

• 116ae97 release(v0.39.0-beta.0): prepare release
• 26a61be fix: add resource caches for missing resource types
• 5d953e4 fix: do not re-create peer on the remote addr change
• 08717d9 fix: get rid of config patches for the maintenance configs
• b910c20 chore: add resource throughput metrics
• 9671551 fix: use proper permissions for cluster taint resource
• 09a8b36 fix: enable etcd client keep-alives by default
• 5e46841 chore: add go.work file
• 3810ccb fix: properly clean up stale Talos gRPC backends
• 80d9277 feat: bump service exposer version to 1.1.3
• 20b08ea fix: allow changing machine set node mgmt mode if it has no nodes
• c9b8b3f feat: add Equinix metal option in the download installation media
• 5460134 chore: bump dependencies
• cd8bac4 feat: read real IP from the provision API gRPC requests
• b47acf2 feat: support insecure access to the nodes running in maintenance
• 2f05ab0 feat: show N/∞ in the machine set if unlim allocation policy is used
• dc7c2b3 fix: detect the old vs. new URL format correctly on workload proxying
• e9bca13 feat: use tcp loadbalancer for exposed services
• 17f7168 chore: bump COSI runtime version, use its task runner
• 85424da fix: do better handling of small screens
• 8b16da3 fix: use proper z-index for the tooltip component
• 92afd42 chore: replace append with slices pkg functions
• ccc9d22 chore: update runtime and go-api-signature modules
• 551286e chore: bump go to 1.22.4, rekres
• 271bb70 chore: migrate to oidc v3
• 6dcfd4c feat: handle all goroutine panics gracefully
• c565666 feat: provide cleaner UI for the machine sets/machines lists
• e69df41 fix: redo EtcdManualBackupShouldBeCreated

Changes from siderolabs/go-api-signature

1 commit

• 782aac0 chore: bump deps

Changes from siderolabs/go-loadbalancer

1 commit

• 0639758 chore: bump deps

Changes from siderolabs/siderolink

1 commit

• e76747b chore: migrate to rtnetlink/2

Changes from siderolabs/tcpproxy

70 commits

• 3d4e7b8 chore: rename to siderolabs/tcpproxy
• 6f85d8e Implement correct half-close sequence for the connections.
• 8bea9a4 Add support for TCP_USER_TIMEOUT setting
• 91f8614 remove old ACME tls-sni-01 stuff that LetsEncrypt removed March 2019
• 74ca1dc add Proxy.AddSNIRouteFunc to do lookups by SNI dynamically
• 4e04b92 gofmt for Go 1.19
• be3ee21 (doc): s/tlsproxy/tcpproxy
• 2e577fe Modified TestProxyPROXYOut to conform with the fixed version of PROXY protocol header format
• 0f9bced Fixed HAProxy's PROXY protocol v1 Human-readable header format in DialProxy
• 2825d76 fix(test): update travis and e2e selfSignedCert fn
• b6bb9b5 Update import path to inet.af/tcpproxy
• dfa16c6 tlsrouter/README: fix the go get url
• f5c09fb Take advantage of Go 1.11's splice support, unwrap Conns in DialProxy.HandleConn
• 7f81f77 Work around deadlock with Go tip (at Go rev f3f7bd5)
• 7efa37f Quiet log spam in test.
• dbc1514 Adding the HostName field to the Conn struct (#18)
• 2b928d9 Link to docs
• de1c7de Add support for arbitrary matching against HTTP and SNI hostnames.
• c6a0996 Support configurable routing of ACME tls-sni-01 challenges.
• 815c942 Merge matcher and route into an interface that yields a Target.
• 2065af4 Support HAProxy's PROXY protocol v1 in DialProxy.
• e030359 Fix golint nits by adding docstrings and simplifying execution flow.
• 6d97c2a Correct the package building command, and only deploy for master branch commits.
• aa12504 Another attempt to fix Travis.
• f6af481 Make Travis test all packages, and remove the go.universe.tf import path.
• d7e343e Fix the godoc link to point to google/tcpproxy.
• bef9f6a Merge bradfitz's tcpproxy codebase with the software formerly known as tlsrouter.
• d86e96a Move tlsrouter's readme to the command's directory.
• 9e73877 Switch license to Apache2, add Google copyright headers.
• cbf137d Correct the travis build to kinda work.
• 3eb49e9 Move tlsrouter to cmd/tlsrouter, in preparation for rewrite as a pkg.
• af97cdd Fix copy/paste-o in doc example.
• 3273f40 Add vendor warning
• e387889 Add TargetListener
• 2eb0155 Start of tcpproxy. No Listener or reverse dialing yet.
• c58b44c Make golint fail if lint errors are found, and fix said lint.
• 4621df9 Clean up the Travis build a bit more, moving more stuff to the deploy stage.
• 96cc76f Test Travis's new build stage support.
• bbbede8 Make travis fetch the test-only dependency.
• 4b8641f Add support for HAProxy's PROXY protocol.
• d23eadc Upload packages based on Go 1.8, not 1.7.
• 7ef32e3 Add Go 1.8 to the build matrix.
• e07ecec typo
• aa3f9c9 Remove debug print in acme code.
• 6664640 Stop testing against Go 1.6.
• 728b8bc Add ACME routing support.
• a5c2ccd Use nogroup as the group, not nobody.
• a94dbd1 Port extra error checking over from netboot.
• 3cd4412 Clean up travis config a bit, and add missing copyright notice.
• aded796 Add a deploy step to garbage-collect old packagecloud files.
• 3e6354c Random change to force travis rebuild on latest code.
• 77fa998 Attempt to create a package with no version name.
• bfef4ba Revert to just debian/jessie. It's the same package anyway.
• 173db90 Try the obvious way to specify a matrix of package tags.
• ea58780 Limit the deploy to only the go 1.7 build.
• a2d0c96 Skip cleanup so travis doesn't delete the freshly built .deb.
• 73ee2e7 Attempt a packagecloud push.
• cbd4ea6 Attempt to build a debian package with FPM.
• 4f5b46f Add a systemd unit file to run tlsrouter.
• 8cc8cac Document -hello-timeout in README.
• e0a0158 Add slowloris protection, in the form of a ClientHello timeout.
• 09cc4bb Remove support for SSL 3.0.
• c41a68d Add tests for hostname matching, and make DNS matches match entire string.
• 6546db4 Fix vet errors in Go 1.6.
• e34c2a6 Add more words to README.
• b321571 Add godoc comments to appease golint.
• 55ba69d Add a Travis CI config.
• b8a3ed8 Add DNS name support to config
• 0a0a9f6 Add licensing and contributing information for release.
• b1edd90 Initial commit.

Dependency Changes

• filippo.io/age 6ad4560f4afc -> v1.2.0
• github.com/aws/aws-sdk-go-v2 v1.27.0 -> v1.30.0
• github.com/aws/aws-sdk-go-v2/config v1.27.16 -> v1.27.21
• github.com/aws/aws-sdk-go-v2/credentials v1.17.16 -> v1.17.21
• github.com/aws/aws-sdk-go-v2/feature/s3/manager v1.16.21 -> v1.17.1
• github.com/aws/aws-sdk-go-v2/service/s3 v1.54.3 -> v1.56.1
• github.com/containers/image/v5 v5.31.0 -> v5.31.1
• github.com/cosi-project/runtime v0.4.6 -> v0.5.0
• github.com/go-jose/go-jose/v4 v4.0.2 new
• github.com/google/go-containerregistry v0.19.1 -> v0.19.2
• github.com/siderolabs/go-api-signature v0.3.2 -> v0.3.3
• github.com/siderolabs/go-loadbalancer v0.3.3 -> v0.3.4
• github.com/siderolabs/siderolink v0.3.8 -> v0.3.9
• github.com/siderolabs/tcpproxy v0.1.0 new
• github.com/spf13/cobra v1.8.0 -> v1.8.1
• github.com/zitadel/oidc/v3 v3.25.1 new
• golang.org/x/crypto v0.23.0 -> v0.24.0
• golang.org/x/net v0.25.0 -> v0.26.0
• golang.org/x/tools v0.21.0 -> v0.22.0
• google.golang.org/protobuf v1.34.1 -> v1.34.2
• k8s.io/api v0.30.1 -> v0.30.2
• k8s.io/client-go v0.30.1 -> v0.30.2
• k8s.io/klog/v2 v2.120.1 -> v2.130.1
• sigs.k8s.io/controller-runtime v0.18.3 -> v0.18.4

Previous release can be found at v0.38.0

Omni 0.38.0-beta.0 (2024-06-18)

Welcome to the v0.38.0-beta.0 release of Omni!
This is a pre-release of Omni

Please try out the release binaries and report any issues at https://github.com/siderolabs/omni/issues.

Break-Glass Configs

Omni now allows getting raw Talos and Kubernetes configs that can allow bypassing Omni when accessing the cluster.

It has a couple of limitations:

• It is available only if is enabled for the account.
• Only os:operator role Talosconfig level is available.
• The cluster will be marked as tainted for the time being, which doesn't affect anything, but is the signal that Omni no longer fully controls secrets rotation.

Exposed Services DNS Name

Exposed services now use new naming schema, so it shouldn't be affected by slow DNS updates.

The domain name patter is now: <hash>-<account>.proxy-us.siderolabs.io.

Kubeconfig Authcode-Keyboard

It is now possible to generate kubeconfig with --grant-type=authcode-keyboard and Omni supports that mode. This mode will print a URL and ask for a one time code instead of starting a local HTTP server on port 8000. Clicking the URL will open the same Omni page as usual, but will present you the one time code instead of doing redirect.

This mode is useful for remote machine kubectl execution and removes the need to set up ssh port-forwarding.

Machine Logs

Machine logs are now stored using new persitent circular buffer library, which has better write efficiency.

Pending Updates

Omni UI now shows pending config changes which are not applied due to locked machines in the cluster.

Contributors

• Artem Chernyshev
• Utku Ozdemir
• Andrey Smirnov
• Dmitriy Matrenichev
• Andrey Smirnov
• Grzegorz Rozniecki

Changes

30 commits

• 4109996 fix: make MachineSetNode controller select only connected machines
• 2457897 fix: use un-cached list in the MachineSetNodeController
• 73529c2 fix: display descriptions when show description checkbox is clicked
• 6a59d63 fix: generate schematics with the extensions, meta and kernel args
• 87a7750 chore: add Akamai installation media
• fa64b46 fix: skip invalid machines in TalosUpgradeStatusController
• 22bb2cc fix: use proper types in the machine status and snapshot controllers
• a2b7b53 feat: use the new domain scheme for exposed services
• 4ecb175 fix: handle panics in Omni and Talos UI watches
• 6286340 fix: properly delete the item from the cached items slice
• 63ad5bd feat: provide a way to getadmin talosconfig and kubeconfig
• fa21349 fix: properly generate maintenance config patches
• 2e64c31 fix: ignore not found ClusterMachine in the migrations
• a2c3802 fix: validate user email on creation
• 73d0d3b fix: properly detect authcode-keyboard oidc mode
• b7a0620 feat: use circular buffer's new persistence option for machine logs
• 7eec6b9 chore: bump COSI runtime to 0.4.5
• 4d23186 feat: show pending config updates due to locked machine
• f98cf51 fix: ignore not found in the MachineStatus and MachineStatusSnapshot
• ce6e15a fix: proper time adjustment to fix flaky TestEtcdManualBackup
• 27491ea chore: upgrade github.com/containers/image to v5
• 3f75f91 fix: change Transport.Address field to Transport.Address method
• e12cfa8 feat: support authcode login in kubectl oidc-login
• 2fcd0fd fix: properly update the pulled images count if some images are skipped
• 5a4251c test: fix a data race in MachineStatusSnapshotController unit tests
• 0965091 test: fix flaky test in ClusterMachineConfigStatus unit tests
• b7d48aa chore: small fixes
• a6c8b47 fix: pass through the talosctl -n args if they cannot be resolved
• 3bab8bf chore: migrate to Vite and Bun to build the frontend
• 37c1a97 fix: use proper routing on the config patch view and edit pages

Changes from siderolabs/discovery-client

13 commits

• ca662d2 feat: export default GRPC dial options for the client
• 7a767fa chore: bump Go, deps and rekres
• f4095a1 chore: bump discovery API to v0.1.4
• fbb1cea fix: keepalive interval calculation
• ff8f4be fix: enable gRPC keepalives
• 9ba5f03 chore: app optional ControlPlane data
• 269a832 chore: rekres, update discovery api
• a5c19c6 feat: provide public IP discovered from the server
• 230f317 fix: reconnect the client on update failure
• ac5ab32 feat: support deleting an affiliate
• 27a5bee chore: rekres
• a9a5e9b feat: initial client code
• 98eb999 chore: initial commit

Dependency Changes

• github.com/containers/image/v5 v5.31.0 new
• github.com/cosi-project/runtime 15e9d678159d -> v0.4.6
• github.com/siderolabs/discovery-client v0.1.9 new

Previous release can be found at v0.37.0

Omni 0.37.0-beta.0 (2024-06-04)

Welcome to the v0.37.0-beta.0 release of Omni!
This is a pre-release of Omni

Please try out the release binaries and report any issues at https://github.com/siderolabs/omni/issues.

Node Overview Page

Node overview page now displays more information about the node. That includes:

• Machine stage.
• Unmet health check conditions of the Talos MachineStatus.
• CPU, memory and secure boot information.
• The list of labels added to the machine.

Patches UI

The UI now has the page that shows config patches define for a machine. It includes both cluster level and account level machine patches.

Secureboot Support Added

Omni now fully supports secureboot enabled machines.

Service Events

Node overview page service list now displays information about each service events. If a service fails to start it will be possible to see why in the UI.

Contributors

• Artem Chernyshev
• Andrey Smirnov
• Utku Ozdemir
• Dmitriy Matrenichev
• Christian Hüning
• Mattias Cockburn
• Petr Krutov

Changes

22 commits

• 800762d chore: rewrite MachineStatus to use QController
• ed26122 fix: implement the controller for handling machine status snapshot
• 6aa2140 feat: display more data on the node overview page
• 5654a49 chore: add renovate.json
• 82abb2b chore: bump deps
• c635827 test: do not use epoch millis in service account names
• 22e3acf chore: bump default Talos version to 1.7.4
• a67d1fb fix: always generate siderolink connection config for all machines
• 9bce82a fix: ignore MachineStatus events timestamps as they're not reliable
• ccca5b5 fix: bump siderolink module version
• f38b7e5 feat: enable ALPN for machine API
• 48cc03a fix: retry affiliate deletes
• 55afa59 feat: add secure boot support
• 0bd2a42 docs: fix a typo in the on-prem installation link
• 247c165 fix: improve wording in authentication error messages
• e2f8407 chore: run rekres
• 4a8ebbf chore: enable codecov and rekres
• 2f1ab0d feat: show service events on the node overview page
• c68a836 fix: use proper name for fetching existing extension configuration
• 4b747f0 feat: add dedicated patch pages for machines and cluster machines
• 4bd0331 fix: get rid of duplicating label completion options
• 631f5c5 chore: always build frontend on BUILDPLATFORM

Changes from siderolabs/go-circular

3 commits

• cbce5c3 feat: add persistence support
• 3c48c53 feat: implement extra compressed chunks
• 835f04c chore: rekres, update dependencies

Changes from siderolabs/go-tail

1 commit

• 7cb7294 fix: remove unexpected short read error

Changes from siderolabs/image-factory

10 commits

• 819432c release(v0.4.1): prepare release
• 4f3206b release(v0.4.0): prepare release
• b0b6bff feat: implement wizard-like UI for the Image Factory
• 8ccd284 feat: allow key-based image verification as option
• 4643056 chore: rekres/update dependencies
• 116721a fix: workaround extension name inconsistencies
• f5bc497 release(v0.3.3): prepare release
• 221b442 feat: support zstd compression
• 40a13c5 release(v0.3.2): prepare release
• 2fe6825 fix: generation of overlay installer images

Changes from siderolabs/siderolink

1 commit

• 3a587fc fix: do not ever skip updates which have remove flag

Dependency Changes

• github.com/auth0/go-jwt-middleware/v2 v2.2.0 -> v2.2.1
• github.com/aws/aws-sdk-go-v2 v1.26.1 -> v1.27.0
• github.com/aws/aws-sdk-go-v2/config v1.27.10 -> v1.27.16
• github.com/aws/aws-sdk-go-v2/credentials v1.17.10 -> v1.17.16
• github.com/aws/aws-sdk-go-v2/feature/s3/manager v1.15.8 -> v1.16.21
• github.com/aws/aws-sdk-go-v2/service/s3 v1.47.6 -> v1.54.3
• github.com/cosi-project/runtime v0.4.2 -> v0.4.3
• github.com/emicklei/dot v1.6.1 -> v1.6.2
• github.com/hashicorp/vault/api v1.10.0 -> v1.14.0
• github.com/hashicorp/vault/api/auth/kubernetes v0.5.0 -> v0.7.0
• github.com/johannesboyne/gofakes3 f005f5cc03aa -> 99de01ee122d
• github.com/prometheus/client_golang v1.19.0 -> v1.19.1
• github.com/siderolabs/go-circular v0.1.0 -> v0.2.0
• github.com/siderolabs/go-tail v0.1.0 -> v0.1.1
• github.com/siderolabs/image-factory v0.3.1 -> v0.4.1
• github.com/siderolabs/siderolink v0.3.7 -> v0.3.8
• github.com/siderolabs/talos/pkg/machinery v1.7.2 -> 4feb94ca0997
• github.com/zitadel/logging v0.5.0 -> v0.6.0
• go.etcd.io/bbolt v1.3.9 -> v1.3.10
• go.etcd.io/etcd/client/pkg/v3 v3.5.13 -> v3.5.14
• go.etcd.io/etcd/client/v3 v3.5.13 -> v3.5.14
• go.etcd.io/etcd/server/v3 v3.5.13 -> v3.5.14
• golang.org/x/tools v0.20.0 -> v0.21.0
• google.golang.org/grpc v1.63.2 -> v1.64.0
• k8s.io/api v0.30.0-rc.1 -> v0.30.1
• k8s.io/apimachinery v0.30.0-rc.1 -> v0.30.1
• k8s.io/client-go v0.30.0-rc.1 -> v0.30.1
• sigs.k8s.io/controller-runtime v0.16.3 -> v0.18.3

Previous release can be found at v0.36.0

Omni 0.36.0-beta.0 (2024-05-20)

Welcome to the v0.36.0-beta.0 release of Omni!
This is a pre-release of Omni

Please try out the release binaries and report any issues at https://github.com/siderolabs/omni/issues.

Machine And Cluster Labels Completion

The UI of search inputs was reworked. Now Omni suggests autocompletion for all existing machine and cluster labels. It also displays the labels as colored boxes in the input to better match with what's shown in the list.

Machine Set Scaling Parallelism

It is now possible to adjust worker machine sets scaling and update strategies in the UI.

omnictl Version Warnings

omnictl now warns that it has the different version from the backend.

Contributors

• Artem Chernyshev
• Dmitriy Matrenichev

Changes

13 commits

• 6501134 feat: implement labels completion for clusters and machines
• f0b9240 fix: add the label when clicking outside of the input
• 859f04a feat: warn about using omnictl version different from the backend
• 5397c70 chore: bump siderolink to 0.3.7
• 15186b6 fix: machine class edit page
• a330167 fix: use proper help string for omnictl download --talos-version flag
• c1d38e6 fix: properly do rolling update on control plane nodes
• a0d02ea fix: do not block machine config updates if loadbalancer is down
• 105fd8b fix: do not try to audit machine which no longer has MachineStatus
• 81f749f fix: do not fail schematic reconcile if initial talos version is empty
• 7bd922a feat: implement the UI for adjusting machine sets update strategies
• 0058c04 fix: get all attribute values from SAML ACS when adding user labels
• 7aabbb0 fix: make search work on NodeExtensions page

Changes from siderolabs/siderolink

2 commits

• be00ff5 chore: redo event filtering as a sequence of iterators
• a936b60 chore: handle peer events in batches

Dependency Changes

• github.com/siderolabs/siderolink v0.3.5 -> v0.3.7
• golang.org/x/crypto v0.22.0 -> v0.23.0
• golang.org/x/net v0.24.0 -> v0.25.0
• golang.org/x/sync v0.6.0 -> v0.7.0
• golang.org/x/text v0.14.0 -> v0.15.0
• golang.org/x/tools v0.19.0 -> v0.20.0
• google.golang.org/grpc v1.62.2 -> v1.63.2
• google.golang.org/protobuf v1.33.0 -> v1.34.1

Previous release can be found at v0.35.0

Omni 0.35.0-beta.0 (2024-05-08)

Welcome to the v0.35.0-beta.0 release of Omni!
This is a pre-release of Omni

Please try out the release binaries and report any issues at https://github.com/siderolabs/omni/issues.

Auth With Username/Password

Omni now shows the error about unverified Auth0 emails.

Machine Extensions

It is now possible to see currently installed system extensions for each machine in the UI and change them there. It is also possible to configure machines' system extensions during cluster creation and scaling.

Also Talos upgrades from 1.5.x -> 1.6.x+ will make Omni automatically pick up kernel modules which are no longer included in Talos >= 1.6.x.

Machine Join Configs

Partial config for joining Talos nodes running in maintenance mode can now be downloaded from the Omni UI.

Machine Status

Talos machine status is now composed both from Talos events (push model). And from Talos node MachineStatus resource (pull model). This way even if the node gets disconnected from Omni for a long time, Omni won't lose any important events.

Settings UI

Admin settings UI (backups and users) is now unified under the single page with tabs.

Contributors

• Artem Chernyshev
• Utku Ozdemir
• Andrey Smirnov
• Simon-Boyer

Changes

22 commits

• 16108a9 feat: allow setting some url params for api endpoint
• 041a436 feat: unify admin settings under Settings page
• 987f8cd feat: improve auth flow when user email is not verified
• 5b8c130 feat: imlpement the UI for configuring extensions during cluster create
• f6cd840 feat: implement the page that shows list of extensions per node
• 89fa1ad fix: make MachineSetNodeController handle machinesets without clusters
• fa3c9ff feat: automatically pick up extensions when upgrading Talos
• f40c552 chore: use new Auth0 app for CI
• 23d5532 fix: invert the order of recent clusters
• baec123 fix: do not allow adding ISO, PXE nodes running different Talos version
• 264fb35 chore: bump go-kubernetes module
• 2c42f5c feat: add button to overview page to download partial machine config
• 95197e2 feat: improve reliability of machine status snapshots
• ac4fcd8 fix: drop outdated SchematicConfigurationController finalizer
• 7953a49 fix: ignore unknown machine version on the cluster create page
• fbe196e test: use Talos nodes with partial config in integration tests
• 4b50d7c test: fix flaky test by longer k8s node checks and retries
• a32cb8a fix: start watch before delete in omnictl delete
• 40033da fix: remove MachineSetNodes after links removal
• 29667ef fix: make cluster machine install disk selector pick correct disk
• 18e41f8 fix: issue with etcd watch cancel
• 7f58ea4 fix: allow adding machines to Omni at higher speed

Changes from siderolabs/go-kubernetes

1 commit

• ddd4c69 feat: add support for Kubernetes 1.30

Dependency Changes

• github.com/aws/smithy-go v1.20.2 new
• github.com/cosi-project/runtime v0.4.1 -> v0.4.2
• github.com/cosi-project/state-etcd v0.2.8 -> v0.2.9
• github.com/rs/xid v1.5.0 new
• github.com/siderolabs/go-kubernetes v0.2.8 -> v0.2.9
• go.etcd.io/etcd/client/pkg/v3 v3.5.12 -> v3.5.13
• go.etcd.io/etcd/client/v3 v3.5.12 -> v3.5.13
• go.etcd.io/etcd/server/v3 v3.5.12 -> v3.5.13

Previous release can be found at v0.34.0

Omni 0.34.0-beta.0 (2024-04-22)

Welcome to the v0.34.0-beta.0 release of Omni!
This is a pre-release of Omni

Please try out the release binaries and report any issues at https://github.com/siderolabs/omni/issues.

Contributors

• Andrey Smirnov
• Andrey Smirnov
• Artem Chernyshev
• Utku Ozdemir
• Noel Georgi
• Andrew Rynhard
• Andrey Smirnov
• Artem Chernyshev
• Mattias Cockburn
• Dmitriy Matrenichev

Changes

15 commits

• d79e863 test: get rid of upgrade test flakiness, fix cli tests
• 6fff261 fix: implement the correct upgrade flow from 1.6.x to 1.7.x for SBC
• 586d2d7 feat: generate overlay info by extracting board kernel args
• 4134d2c chore: use sops for secrets
• f2b975b feat: read overlays from the machine, preserve them during updates
• 340d078 fix: use correct labels struct in the download installation media cmd
• 0d337c2 test: fix the flakiness in the resourcelogger test
• 23dcf32 feat: implement kubernetes node audit controller
• e037975 chore: rekres & fix linting errors
• 8aa6a6a fix: properly select schematics for machine set and machine levels
• 09a7b12 fix: skip empty config patches in ClusterMachineConfigPatches
• aa4d764 fix: always delete removed nodes from discovery service
• 7486bb8 feat: support generating installation media with overlays for Talos 1.7+
• e580f14 test: fix assertion in maintenance config patch test
• bb0618f release(v0.33.0-beta.0): prepare release

Changes from siderolabs/discovery-api

1 commit

• e1dc7bb chore: rekres, update dependencies

Changes from siderolabs/discovery-client

13 commits

• ca662d2 feat: export default GRPC dial options for the client
• 7a767fa chore: bump Go, deps and rekres
• f4095a1 chore: bump discovery API to v0.1.4
• fbb1cea fix: keepalive interval calculation
• ff8f4be fix: enable gRPC keepalives
• 9ba5f03 chore: app optional ControlPlane data
• 269a832 chore: rekres, update discovery api
• a5c19c6 feat: provide public IP discovered from the server
• 230f317 fix: reconnect the client on update failure
• ac5ab32 feat: support deleting an affiliate
• 27a5bee chore: rekres
• a9a5e9b feat: initial client code
• 98eb999 chore: initial commit

Changes from siderolabs/go-procfs

12 commits

• 9f72b22 feat: support removing kernel args
• 4b4a6ff chore: rekres
• a062a4c chore: rekres, rename
• 8cbc42d feat: provide an option to overwrite some args in AppendAll
• 24d06a9 refactor: remove talos kernel default args
• a82654e feat: implement SetAll method
• 16ce2ef fix: update cmdline.Set() to drop the value being overwritten
• 5a9a4a7 feat: update kernel args for new KSPP requirements
• 57c7311 refactor: change directory layout
• a077c96 fix: fix go module name
• 698666f chore: move package to new repo
• dabb425 Initial commit

Changes from siderolabs/image-factory

14 commits

• db55c07 release(v0.3.1): prepare release
• 762cf2b fix: generation of SecureBoot ISO
• ae1f0a3 fix: sort extensions in the UI schematic generator
• c2de13f release(v0.3.0): prepare release
• 7062392 chore: update Talos dependency to 1.7.0-beta.0
• 78f8944 feat: add cert issuer regexp option
• c0981e8 feat: add support for -insecure-schematic-service-repository flag
• 5d779bb chore: bump dependencies
• 93eb7de feat: support overlay
• df3d211 release(v0.2.3): prepare release
• 4ccf0e5 fix: ignore missing DTB and other SBC artifacts
• c7dba02 chore: run tailwindcss before creating image
• 81f2cb4 chore: bump dependencies, rekres
• 07095cd chore: re-enable govulncheck

Dependency Changes

• github.com/aws/aws-sdk-go-v2 v1.24.1 -> v1.26.1
• github.com/aws/aws-sdk-go-v2/config v1.26.4 -> v1.27.10
• github.com/aws/aws-sdk-go-v2/credentials v1.16.15 -> v1.17.10
• github.com/google/go-containerregistry v0.18.0 -> v0.19.1
• github.com/prometheus/client_golang v1.18.0 -> v1.19.0
• github.com/siderolabs/discovery-api v0.1.3 -> v0.1.4
• github.com/siderolabs/discovery-client v0.1.9 new
• github.com/siderolabs/go-procfs v0.1.2 new
• github.com/siderolabs/image-factory v0.2.2 -> v0.3.1
• github.com/siderolabs/talos/pkg/machinery v1.7.0-beta.0 -> 3dd1f4e88c22
• golang.org/x/crypto v0.21.0 -> v0.22.0
• golang.org/x/net v0.23.0 -> v0.24.0
• google.golang.org/grpc v1.62.1 -> v1.62.2
• k8s.io/api v0.29.2 -> v0.30.0-rc.1
• k8s.io/apimachinery v0.29.2 -> v0.30.0-rc.1
• k8s.io/client-go v0.29.2 -> v0.30.0-rc.1
• k8s.io/klog/v2 v2.120.0 -> v2.120.1

Previous release can be found at v0.33.0

Omni 0.33.0-beta.0 (2024-04-12)

Welcome to the v0.33.0-beta.0 release of Omni!
This is a pre-release of Omni

Please try out the release binaries and report any issues at https://github.com/siderolabs/omni/issues.

Extensions Support

It is now possible to change the list of installed extensions for the machines which are allocated into a cluster. It can be done using cluster templates. The extensions list can be defined for all machines of a cluster, machine set or for a particular machine. Extensions update is done the same way as Talos upgrades.

Machine Allocation Changes

From now on Omni doesn't allow adding machines to a cluster which has lower major or minor version of Talos. Which means that adding a machine to a cluster which will lead to downgrade of Talos version is no longer possible. It is done to avoid all kinds of weird issues which Talos downgrades might lead to.

Contributors

• Artem Chernyshev
• Dmitriy Matrenichev
• Utku Ozdemir
• Andrey Smirnov
• Spencer Smith
• Justin Garrison
• Sherif Fanous

Changes

15 commits

• 592f916 feat: don't allow downgrades of the machines when adding to a cluster
• 2e015a9 chore: support Auth0 client playing nicely with other OAuth2/OIDC providers
• de4c096 fix: ignore not existing cluster in MachineSet teardown flow
• d3e3eef chore: support WG over GRPC in Omni
• 1cc5fb9 refactor: disable K8s stats for clusters with > 50 nodes
• 1b64824 fix: add missing region input on the backups storage config page
• f70239c fix: ignore modules.dep virtual extension on schematic id calculation
• 1196863 feat: forbid *.acceptedCAs fields in config patches
• 4c179fa chore: bump Go to 1.22.2 and Talos machinery to v1.7.0-beta.0
• b171daa fix: properly render download installation media page in Safari
• 7fb5d2b chore: add barebones compose file
• 9d35dfe chore: bump net library to v0.23.0
• 5dc2eaa fix: prevent link and clustermachine deletion from getting stuck
• ae85293 docs: add screenshot and install link
• 2107c01 feat: support setting extensions list in the cluster template

Changes from siderolabs/crypto

2 commits

• c240482 feat: provide dynamic client CA matching
• 2f4f911 feat: add PEMEncodedCertificate wrapper

Changes from siderolabs/siderolink

5 commits

• 5422b1c chore: quick fixes
• 9300968 feat: move actual logic into the agent package
• 8866351 chore: implement WireGuard over GRPC
• 7909156 chore: bump deps
• eb221dd chore: bump deps

Dependency Changes

• github.com/cenkalti/backoff/v4 v4.2.1 -> v4.3.0
• github.com/cosi-project/runtime v0.4.0-alpha.9 -> v0.4.1
• github.com/siderolabs/crypto v0.4.2 -> v0.4.4
• github.com/siderolabs/siderolink v0.3.4 -> v0.3.5
• github.com/siderolabs/talos/pkg/machinery v1.7.0-alpha.1 -> v1.7.0-beta.0
• golang.org/x/crypto v0.19.0 -> v0.21.0
• golang.org/x/net v0.21.0 -> v0.23.0
• golang.org/x/tools v0.16.1 -> v0.19.0
• golang.zx2c4.com/wireguard 12269c276173 new

Previous release can be found at v0.32.0

Omni 0.20.0 (2023-10-17)

Welcome to the v0.20.0 release of Omni!

Please try out the release binaries and report any issues at https://github.com/siderolabs/omni/issues.

Kubeconfig Changes

Omni now generates Kubernetes configs without accessing Talos API.

Omni can now define SAML user roles depending on the SAML labels it gets from the SAML assertion. Role is assigned only once on user creation.

Contributors

• Andrey Smirnov
• Artem Chernyshev
• Utku Ozdemir

Changes

19 commits

• 992614d4 chore: stop kubernetes status watchers for the offline cluster
• 79868c27 chore: optimize controller operations for disconnected machines
• 8c2c39d3 fix: do not run loadbalancer for the unreachable clusters
• caf3d955 test: set unique names for config patches
• f31373bd feat: implement kubeconfig generation on Omni side
• 681ffa3b feat: allow defining SAML label mapping rules to Omni roles
• 9d3f3b9e fix: rewrite the link counter handling
• 9becbc78 refactor: use COSI runtime with new controller runtime DB
• 22235517 fix: gracefully handle links removal in the siderolink manager
• 26ae4163 refactor: lower the level of log storage logs
• 01743ecd fix: rework the talos client and configuration generation
• f837129a chore: bump Talos machinery to the latest main
• 4a79387e fix: update to Go 1.21.3
• 3df360b8 chore: log received interruption signals in Omni
• 0a72c596 chore: update state-etcd to v0.2.4
• 4f2978d2 test: override grpc call log level in authorization tests
• e21e39a8 test: avoid excessive public key registration in integration tests
• 78c5fbdf ci: remove gh actions workflow
• e9f07068 test: fix the assertion on cluster destroyed

Dependency Changes

• github.com/cosi-project/runtime v0.3.11 -> v0.3.13
• github.com/cosi-project/state-etcd v0.2.3 -> v0.2.4
• github.com/hashicorp/golang-lru/v2 v2.0.7 new
• github.com/siderolabs/talos/pkg/machinery c14a5d4f79a3 -> 7bb205ebe2ef
• golang.org/x/crypto v0.13.0 -> v0.14.0
• golang.org/x/net v0.15.0 -> v0.17.0
• google.golang.org/grpc v1.58.2 -> v1.58.3

Previous release can be found at v0.19.0

Omni 0.16.0 (2023-08-18)

Welcome to the v0.16.0 release of Omni!

Please try out the release binaries and report any issues at https://github.com/siderolabs/omni/issues.

Better Etcd Disaster Recovery

Omni now allows replacing control plane machines even if etcd is unhealthy. And stil properly handles safety checks, not allowing to break etcd quorum, allowing removing only unhealthy machines.

It also allows canceling machine destroy sequence if the machine destroyed is not being torn down by the machine set controller.

Machine Locking

Cluster templates now also support machine locking:

kind: Machine
name: 430d882a-51a8-48b3-ab00-d4b5b0b5b0b0
locked: true

Limit Workload Access

Workload proxy now takes into account the access to the cluster when allowing users to open the service endpoints.

Contributors

• Utku Ozdemir
• Artem Chernyshev
• Dmitriy Matrenichev

Changes

18 commits

• 3d1c19a1 feat: allow replacing control plane machines if it doesn't break etcd
• 12561b5b fix: don't allow changing disk for the nodes that have Talos installed
• 8e17f742 feat: allow canceling deletion of a machine set node
• 1d8722aa chore: use 1.5.0 Talos in tests and enable disk encryption feature
• 3318a443 feat: show invalid-state label if the machine is reachable but apid is not
• 05f69c0d feat: enable workload proxying by default
• dded4d81 fix: check for roles and ACLs on exposed service access
• d718f134 chore: run auth tests in main integration test pipeline
• 79516583 chore: remove toInputWeak and add mutex.Empty
• 6b2e09b7 chore: bump Go to 1.21
• a5f4a9a4 chore: cleanup ConfigPatch resources along with their owners
• a48efd7a feat: add support for machine locking in cluster templates
• 964eb23d feat: block os:admin access to Talos API from workload clusters
• 65bb6403 refactor: simplify cleanup of exposed services
• ede70550 fix: destroy exposedservices when cluster is destroyed
• ddfd7657 fix: fix workload svc proxy feature visibility on frontend
• ead58143 chore: update vault in docker-compose
• 653824ca chore: set default Talos version to v1.4.7

Dependency Changes

• github.com/emicklei/dot v1.5.0 -> v1.6.0
• github.com/siderolabs/talos/pkg/machinery 80238a05a6f8 -> v1.5.0-beta.1
• go.uber.org/zap v1.24.0 -> v1.25.0
• golang.org/x/net v0.12.0 -> v0.14.0
• golang.org/x/text v0.11.0 -> v0.12.0
• golang.org/x/tools v0.11.0 -> v0.12.0

Previous release can be found at v0.15.0

Omni 0.11.0-alpha.0 (2023-06-08)

Welcome to the v0.11.0-alpha.0 release of Omni!
This is a pre-release of Omni

Please try out the release binaries and report any issues at https://github.com/siderolabs/omni/issues.

Support Full ACL Syntax

ACL now supports configuring additive perimissions to the base role, which includes:

• accessing the clusters - read-only, write access, separate Talos API access
• read-only access to machines
• write access to machines

SAML support

Omni now supports SAML authentication. SAML authentication is enabled by the following cmd line flags:

--auth-saml-enabled
--auth-saml-url <idp-url>
--auth-saml-metadata <idp-metadata>
--auth-saml-label-rules '{"Role": "role"}'

Omni metadata endpoint is /saml/metadata.

The users are automatically created on the first SAML login. The first created user has Admin permissions, other have no permissions. Permissions can be managed by ACLs or Admin can change user roles.

Replace User Scopes with Roles

User management is now simplified. Instead of having scopes like cluster:read, cluster:write, etc, the user is assigned one of 4 roles: None, Reader, Operator, Admin.

• None - gives no permissions.
• Reader - gives readonly permissions.
• Operator - allows managing clusters, machines, getting talosconfig, but doesn't allow editing users.
• Amdin - all permissions.

Fine grained access can still be managed by ACLs.

Contributors

• Utku Ozdemir
• Artem Chernyshev
• Andrey Smirnov

Changes

10 commits

• c7c93a1e fix: let the empty endpoints be recorded if there are no endpoints
• c28907e4 feat: copy SAML attributes to Identity as labels
• a2f17a21 feat: implement full ACL syntax
• c0fa5d46 feat: add support for SAML authentication
• ad783798 fix: replace exponential-backoff library with own implementation
• c8d7183a feat: replace scopes with simplified roles
• 08a048a9 feat: update default Talos to 1.4.5, Kubernetes to 1.27.2
• 5278321b fix: respect service account key env on omnictl download
• caac445d fix: don't show OngoingTasks until the UI is authorized
• dfca66df fix: include node name in the cluster node search

Changes from siderolabs/go-api-signature

1 commit

• a034e9f feat: replace scopes with roles

Dependency Changes

• github.com/crewjam/saml v0.4.13 new
• github.com/siderolabs/go-api-signature v0.2.4 -> a034e9ff315b
• github.com/siderolabs/talos/pkg/machinery v1.4.4 -> v1.4.5

Previous release can be found at v0.10.0

Omni 0.1.0-beta.2 (2022-12-20)

Welcome to the v0.1.0-beta.2 release of Omni!
This is a pre-release of Omni

Please try out the release binaries and report any issues at https://github.com/siderolabs/omni/issues.

Contributors

• Andrey Smirnov
• Artem Chernyshev

Changes

5 commits

• 59df55f fix: bring K8s info back to life on the node overview page
• 2f54f91 chore: run etcd elections ("lock") to prevent concurrent Omni runs
• 8beb051 chore: update COSI to v0.3.0-alpha.2
• f14e358 fix: better errors in talosctl via Omni
• f12a216 fix: properly reset flush timeout in the Talos logs viewer

Dependency Changes

• github.com/cosi-project/runtime v0.3.0-alpha.1 -> v0.3.0-alpha.2

Previous release can be found at v0.1.0-beta.1

Omni 0.1.0-beta.1 (2022-12-16)

Welcome to the v0.1.0-beta.1 release of Omni!
This is a pre-release of Omni

Please try out the release binaries and report any issues at https://github.com/siderolabs/omni/issues.

Contributors

• Andrey Smirnov
• Andrey Smirnov
• Utku Ozdemir
• Alexey Palazhchenko
• Artem Chernyshev
• Dmitriy Matrenichev
• Andrew Rynhard
• Artem Chernyshev
• Noel Georgi
• Serge Logvinov

Changes

20 commits

• 9a7a9a0 feat: add RedactedClusterMachineConfig resource
• c83cfe2 feat: rework the cluster list view and cluster overview pages
• f65ce14 fix: ignore keys if the auth is disabled
• e9c3831 fix: create config patch if it does not exist
• 437d271 fix: support Kubernetes proxy OIDC flow when auth is disabled
• a47c211 fix: read cluster reference from MachineStatus spec
• 8091f16 fix: set owner on MachineStatus migration
• e986e20 fix: wrong yaml module version (should be v3)
• dbb3d48 fix: rollback etcd auto compaction retention
• 047b89f refactor: move machine status labels into spec
• f990aea feat: do not allow setting config patch fields which are owned by Omni
• 7d9258f fix: fix incorrect yaml multiline string decoding in ClusterMachineSpec
• 0b5b095 fix: prevent etcd audit from removing valid members
• 82fe21b fix: label generated patches with system-patch label
• 4c2ce26 fix: enhance watch to accept a single Ref value
• ef78843 feat: implement Machine level config patch editor
• 8144d44 fix: encode image download URL when signing & slugify file names
• 75ea9e6 refactor: rewrite generic ClusterMachineStatusController
• 5dba725 feat: add ability to download admin talosconfig in debug mode
• 5baa939 refactor: kubernetes.Runtime to cache clients and configs

Changes from siderolabs/crypto

28 commits

• c03ff58 feat: add a way to represent redacted x509 private keys
• c3225ee feat: allow CSR template subject field to be overridden
• 8570669 chore: rename to siderolabs/crypto
• e9df1b8 feat: add support for generating keys from RSA-SHA256 CAs
• 510b0d2 chore: add json tags
• 6fa2d93 fix: deepcopy nil fields as nil
• 9a63cba fix: add back support for generating ECDSA keys with P-256 and SHA512
• 893bc66 fix: use SHA256 for ECDSA-P256
• deec8d4 chore: implement DeepCopy methods for PEMEncoded* types
• d3cb772 feat: make possible to change KeyUsage
• 6bc5bb5 chore: remove unused argument
• cd18ef6 feat: add support for several organizations
• 97c888b chore: add options to CSR
• 7776057 chore: fix typos
• 80df078 chore: remove named result parameters
• 15bdd28 chore: minor updates
• 4f80b97 fix: verify CSR signature before issuing a certificate
• 39584f1 feat: support for key/certificate types RSA, Ed25519, ECDSA
• cf75519 fix: function NewKeyPair should create certificate with proper subject
• 751c95a feat: add 'PEMEncodedKey' which allows to transport keys in YAML
• 562c3b6 feat: add support for public RSA key in RSAKey
• bda0e9c feat: enable more conversions between encoded and raw versions
• e0dd56a feat: add NotBefore option for x509 cert creation
• 12a4897 feat: add support for SPKI fingerprint generation and matching
• d0c3eef fix: implement NewKeyPair
• 196679e feat: move pkg/grpc/tls from github.com/talos-systems/talos as ./tls
• 1ff6242 chore: initial version as imported from talos-systems/talos
• 835063e chore: initial commit

Changes from siderolabs/gen

1 commit

• 8e89b1e feat: add GetOrCreate and GetOrCall methods

Dependency Changes

• github.com/cosi-project/runtime v0.2.0 -> v0.3.0-alpha.1
• github.com/grpc-ecosystem/grpc-gateway/v2 v2.13.0 -> v2.14.0
• github.com/siderolabs/crypto c03ff58af505 new
• github.com/siderolabs/gen v0.4.1 -> v0.4.2
• github.com/siderolabs/talos/pkg/machinery v1.3.0-beta.0 -> 873bd3807c0f
• go.uber.org/zap v1.23.0 -> v1.24.0
• golang.org/x/net v0.2.0 -> v0.4.0
• golang.org/x/text v0.4.0 -> v0.5.0

Previous release can be found at v0.1.0-beta.0

Omni 0.1.0-beta.0 (2022-12-02)

Welcome to the v0.1.0-beta.0 release of Omni!
This is a pre-release of Omni

Please try out the release binaries and report any issues at https://github.com/siderolabs/omni/issues.

Contributors

• Artem Chernyshev
• Andrey Smirnov
• Artem Chernyshev
• Dmitriy Matrenichev
• Utku Ozdemir
• Philipp Sauter
• evgeniybryzh
• Noel Georgi
• Andrew Rynhard
• Tim Jones
• Andrew Rynhard
• Gerard de Leeuw
• Steve Francis
• Volodymyr Mazurets

Changes

405 commits

• e096c88 chore: add resource operation metrics
• 741e820 feat: implement config patch creation UI
• 5def267 fix: attempt to clean up docker container better
• 876ff5e feat: update COSI and state-etcd to 0.2.0
• 3df410d test: refactor and update config patch integration tests
• 5eea9e5 feat: add TLS support to siderolink API
• 36394ea refactor: simplify the resource leak fix
• e5b962b chore: update dev environment
• 39bf206 fix: save user picture and fullname in the local storage
• f1611c1 feat: add machine level config patch support
• f2e6cf5 fix: remove several resource/goroutine leaks
• fc37af3 feat: allow destroying config patches in the UI
• 3154d59 fix: respect SIDEROLINK_DEV_JOIN_TOKEN only in debug mode
• 38f5380 feat: avoid deleting all resources on omnictl delete
• 28666bc chore: add support for local development using compose
• cad73ce chore: increase TestEtcdAudit timeout and fix incorrect Assert() calls.
• 7199b75 chore: during config merge create config if there was none
• dab54d1 chore: increase TestTalosBackendRoles reliability
• 997cd78 feat: add reconfiguring phase to machinesetstatus
• 81fb2b9 fix: fix button order and vue config
• 252fb29 refactor: simplify backend.Server.Run method
• f335c2f refactor: split watch to Watch and WatchFunc, add unit tests
• 35a7919 feat: track machine config apply status
• 1c54710 fix: use rolling update strategy on control planes
• 17ccdc2 refactor: various logging fixes
• 3c9ca9c fix: update node overview Kubernetes node watch to make it compatible
• e8c2063 fix: enable edit config patches button on the cluster overview page
• 6e80521 fix: reset the item list after the watch gets reconnected
• 620d197 chore: remove AddContext method from runtime.Runtime interface
• 8972ade chore: update default version of Talos to v1.2.7
• 6a2dde8 fix: update the config patch rollout strategy
• fb3f6a3 fix: skip updating config status if applying config caused a reboot
• 8776146 fix: apply finalizer to the Machine only when CMS is created
• 134bb20 test: fix config patch test with reboot
• d3b6b5a feat: implement config patch viewer and editor
• 149efe1 chore: bump runtime and state-etcd modules
• c345b83 chore: output omnictl auth log to stderr
• 39b2ba2 refactor: introduce ClusterEndpoint resource
• 6998ff0 fix: treat created and updated events same
• 289fe88 feat: add omnictl apply
• 2f1be3b chore: fix TestGenerateJoinToken test
• 3829176 fix: don't close config patch editor window if config validation fails
• c96f504 feat: add suspended mode
• b967bcf feat: add last config apply error to clustermachineconfigstatus
• 0395d9d test: increase key generation timeout on storage signing test
• 577eba4 fix: set SideroLink MTU to 1280
• 0f32172 fix: minor things in frontend
• 9abcc7b test: add config patching integration tests
• 99531fb refactor: drop unneeded controller inputs
• 5172354 chore: add omnictl to the generated image
• 738cf64 fix: set cluster machine version in machine config status correctly
• 1d0d220 fix: lower ttl of the issued keys on the FE side by 10 minutes
• 2889524 feat: dynamic title
• 3d17bd7 chore: fix release CI run
• f2c752f fix: properly proxy watch requests through dev-server
• 9a74897 release(v0.1.0-alpha.1): prepare release
• 8b284f3 feat: implement Kubernetes API OIDC proxy and OIDC server
• adad8d0 refactor: rework LoadBalancerConfig/LoadBalancerStatus resources
• 08e2cb4 feat: support editing config patches on cluster and machine set levels
• e2197c8 test: e2e testing improvements
• ec9051f fix: config patching
• e2a1d6c fix: send logs in JSON format by default
• 954dd70 chore: replace talos-systems depedencies with siderolabs
• acf94db chore: add payload logger
• 838c716 fix: allow time skew on validating the public keys
• dd481d6 fix: refactor runGRPCProxy in router tests to catch listener errors
• e68d010 chore: small fixes
• ad86875 feat: minor adjustments on the cluster create page
• e61f194 chore: implement debug handlers with controller dependency graphs
• cbbf901 refactor: use generic TransformController more
• 33f9f2c chore: remove reflect from runtime package
• 6586963 feat: add scopes to users, rework authz & add integration tests
• bb355f5 fix: reload the page to init the UI Authenticator on signature fails
• c90cd48 chore: log auth context
• d278780 fix: update Clusters page UI
• 5e77607 tests: abort on first failure
• 4c55980 chore: get full method name from the service
• 2194f43 feat: redesign cluster list view
• 40b3f23 chore: enable gRPC request duration histogram
• 0235bb9 refactor: make sure Talos/Kubernetes versions are defined once
• dd6154a chore: add public key pruning
• 68908ba fix: bring back UpgradeInfo API
• f1bc692 refactor: drop dependency on Talos Go module
• 0e3ef43 feat: implement talosctl access via Omni
• 2b0014f fix: provide a way to switch the user on the authenticate page
• e295d7e chore: refactor all controller tests to use assertResource function
• 8251dfb refactor: extract PGP client key handling
• 02da9ee refactor: use extracted go-api-signature library
• 4bc3db4 fix: drop not working upgrade k8s functional
• 17ca75e feat: add 404 page
• 8dcde2a feat: implement logout flow in the frontend
• ba766b9 fix: make omnictl correctly re-auth on invalid key
• fd16f87 fix: don't set timeout on watch gRPC requests
• 8dc3cc6 fix: don't use omni in external names
• 2513661 fix: reset Error field of the MachineSetStatus
• b611e99 fix: properly handle Forbidden errors on the authentication page
• 8525502 fix: stop runners properly and clean up StatusMachineSnapshot
• ab0190d feat: implement scopes and enforce authorization
• 9198d96 feat: sign gRPC requests on the frontend to enable Authentication flow
• bdd8f21 chore: remove reset button and fix padding
• 362db57 fix: gRPC verifier should verify against original JSON payload
• 30186b8 fix: omnictl ignoring omniconfig argument
• e8ab0ba fix: do not attempt to execute failed integration test again
• 9fda25e chore: add more info on errors to different controllers
• ccda526 chore: bump grpc version
• b1ac125 chore: emit log when we got machine status event.
• 005d257 chore: set admin role specifically for Reboot request.
• 27f0e30 chore: update deps
• 77f0219 test: more unit-tests for auth components
• 0bf6ddf fix: pass through HTTP request if auth is disabled
• 4f3a67b fix: unit-tests for auth package and fixes
• e3390cb chore: rename arges-theila to omni
• 14d2614 chore: allow slashes in secretPath
• e423edc fix: add unit-tests for auth message and fix issues
• b5cfa1a feat: add vault client
• b47791c feat: sign grpc requests on cli with pgp key & verify it on server
• d6ef4d9 feat: split account ID and name
• e412e1a chore: workaround the bind problem
• e23cc59 chore: bump minimum Talos version to v1.2.4
• 0638a29 feat: stop using websockets
• 8f3c19d feat: update install media to be identifiable
• 70d1e35 feat: implement resource encryption
• 7653638 fix: fix NPE in integration tests
• e39849f chore: update Makefile and Dockerfile with kres
• 4709473 fix: return an error if external etcd client fails to be built
• 5366661 refactor: use generic transform controller
• a2a5f16 feat: limit access to Talos API via Omni to os:reader
• e254201 feat: merge internal/external states into one
• 3258ca4 feat: add ControlPlaneStatus controller
• 1c0f286 refactor: use MachineStatus Talos resource
• 0a6b19f chore: drop support for Talos resource API
• ee5f6d5 feat: add auth resource types & implement CLI auth
• 36736e1 fix: use correct protobuf URL for cosi resource spec
• b98c56d feat: bump minimum version for Talos to v1.2.3
• b93bc9c chore: move containers and optional package to the separate module
• e1af4d8 chore: update COSI to v0.2.0-alpha.1
• 788dd37 feat: implement and enable by default etcd backend
• 1b83038 release(v0.1.0-alpha.0): prepare release
• 8a9c4f1 feat: implement CLI configuration file (omniconfig)
• b0c92d5 feat: implement etcd audit controller
• 0e993a0 feat: properly support scaling down the cluster
• 264cdc9 refactor: prepare for etcd backend integration
• b519d17 feat: show version in the UI
• a2fb539 feat: keep track of loadbalancer health in the controller
• 4789c62 feat: implement a new controller that can gather cluster machine data
• bd3712e fix: populate machine label field in the patches created by the UI
• ba70b4a fix: rename to Omni, fix workers scale up, hide join token
• 47b45c1 fix: correct filenames for Digital Ocean images
• 9d217cf feat: introduce new resources, deprecate ClusterMachineTemplate
• aee153b fix: address style issue in the Pods paginator
• 752dd44 chore: update Talos machinery to 1.2.0 and use client config struct
• 88d7079 fix: regenerate sources from proto files that were rolled back.
• 84062c5 chore: update Talos to the latest master
• 5a139e4 fix: properly route theila internal requests in the gRPC proxy
• 4be4fb6 feat: add support for 'talosconfig' generation
• 9235b8b fix: properly layer gRPC proxies
• 9a516cc fix: wait for selector of 'View All' to render in e2e tests.
• 3cf3aa7 fix: some unhandled errors in the e2e tests.
• c32c7d5 fix: ignore updating cluster machines statuses without machine statuses
• 4cfa307 chore: run rekres, fix lint errors and bump Go to 1.19
• eb2d449 fix: skip the machines in tearingDown phase in the controller
• 9ebc769 fix: allow all services to be proxied by gRPC router
• ea2b01d fix: properly handle non empty resource id in the K8s resource watch
• 3bb7da3 feat: show a Cluster column in the Machine section
• 8beb70b fix: ignore tearing down clusters in the Cluster migrations
• 319d4e7 fix: properly handle null memory modules list
• 6c2120b chore: introduce migrations manager for COSI DB state
• ec52139 fix: filter out invalid memory modules info coming from Talos nodes
• 8e87031 fix: bump loadbalancer timeout settings
• bc0ed26 feat: introduce websocket, HTTP requests monitoring
• 857401f feat: add HTTP logging (static, gateway), and websocket logging
• eb612a3 fix: do hard stop of events sink gRPC server after 5 seconds
• 3162513 fix: populate nodes filter dropdown properly and rewrite filter function
• 5713a51 fix: make TSelectList search filter the items in the dropdown
• f2519ff feat: don't allow using nodes with not enough mem for the cluster
• 9e474d6 feat: show disconnected warning in the machines list
• fa52b48 feat: redesign Installation Media selection menu
• 01e301a fix: query node list using talosctl get members instead of K8s nodes
• e694df5 fix: display all available Talos versions on cluster create page
• 7a87525 fix: use v-model instead of callbacks in the inputs
• d681f5f feat: support scaling up the clusters
• e992b95 feat: show notification on image download progress
• 8ea6d9f fix: probably fix 'context canceled' on image download
• 692612b fix: improve the Talos image generation process
• a69c140 feat: introduce Prometheus metrics
• e90ca78 fix: make grpc api listen only on siderolink interface
• 99fc28c fix: display correct cluster/machine status on ui
• eaf7655 fix: add a pause before integration tests
• 19ff1c9 chore: rename download button
• e1c4e1b feat: add download options for all talos images
• 24e7863 fix: delete cached clients from gRPC proxy when the cluster is destroyed
• 58c89ef feat: implement argesctl delete command
• 3c99b49 test: add a test which removes allocated machine
• 75dd28f chore: fill in resource definitions for table headers
• 028f168 feat: End-to-end tests with playwright
• 6be6b36 chore: bump goimports from 0.1.10 to 0.1.11 and node from 18.5.0 to 18.6.0
• af4da08 test: implement kernel log streaming test
• 1eacfee feat: implement argesctl machine-logs output in 'zap-like' and 'dmesg' form.
• 96ab7ab chore: ignore memory modules with zero size
• fd0575f chore: retrieve k8s versions from github registry
• 8651527 feat: redo errgroup to return error on first nil error
• 944222d fix: show ClusterMachineStatus.Stage in 'Clusters' view
• f3f6b6e chore: refactor run method and no longer ignore log receiver listener errors
• b316377 chore: rename 'Dmesg' to 'Console'
• 19ee857 test: add a way to recover deleted machines
• e5b5bdc fix: update SideroLink library for EEXIST fixes
• 363de69 fix: spec collector equality
• 841f3b2 feat: add ability to supply machine config patches on the machines
• 907ca93 test: fix link destroy test
• 4c9f99d fix: remove machine status if the machine is in tearing down phase
• d9747e5 fix: make cluster machine status test more reliable
• 3bfff3b fix: do not set up full theila runtime during clients tests
• 4bf33bc fix: immediately fail the request if the cluster is down
• 124a5c2 fix: ensure the created date on resources is set
• 14161bf feat: add scale up integration test and minor log fixes
• 7af06fd feat: make integration tests a subtests of one global test
• f7c1464 feat: implement log receiver for logs from Talos
• 5b800ea fix: accumulate bytes received/send in the link resource
• b3b1e9b feat: machine removal
• fb01bc4 fix: use Talos 1.2.0
• 3a50efe feat: filter machines that can be added to cluster
• ba62db5 fix: properly parse siderolink-api-advertised-url if there's no port
• 96f835a fix: properly display node selectors in FireFox
• 12c20a4 fix: populate disks when machines are connected during cluster create
• 0dc97f8 fix: adjust overview page to look closer to the mockups
• 2b77af8 feat: add the chart showing the count of clusters
• a1dff65 feat: implement ISO download with embedded kernel args
• 37c03d8 test: pull kubeconfig and interact with Kubernetes API
• 75bfb08 fix: ignore the error on splitting host/port
• 3be5a32 feat: make the whole cluster list item clickable, add dropdown menu item
• 2c9dc99 fix: adjust the look of the Overview page a bit
• aa4a926 feat: add the button for downloading cluster Kubeconfig on overview page
• 4532de6 feat: support basic auth in argesctl command
• b66bb3c feat: add summary information Overview page
• 3bdbce4 test: more cluster creation tests, two clusters, cleanup
• 3b00bd5 fix: improve cluster deletion and node reset flow
• 2d83d16 test: create a cluster and verify cluster machine statuses
• f471cfd fix: copy all labels from the ClusterMachine to ClusterMachineStatus
• ec32f86 test: add integration tests up to the cluster creation
• a8d3ee5 feat: add kubeconfig command to argesctl and fix kubeconfig
• 10b9a3b test: implement API integration test
• 3e6b891 feat: aggregate cluster machine statuses in cluster status controller
• f6cbc58 chore: ignore empty processor info
• c5fc71b fix: clean up Kubernetes client and configs when a cluster is destroyed
• e8478fe fix: properly use tracker to cleanup ClusterMachineConfig resources
• 044fcad fix: make MachineStatusController connect to configured nodes
• 2867099 feat: add api endpoint to fetch kubeconfig
• 5f32667 test: support registry mirrors for development purposes
• 5114695 refactor: consistent flag naming
• 9ffb19e chore: use latest node
• 5512321 refactor: set better defaults for cli args
• ff88242 chore: mark 'siderolink-wireguard-endpoint' flags as required
• 4a9d9ad feat: add the ClusterMachineStatus resource
• e4e8b62 refactor: unify all Arges API under a single HTTP server
• 5af9049 chore: rename sidebar item
• a4fc47f chore: fix build warning
• 547b83c chore: bump siderolink version
• 11c31f3 refactor: drop one of the layered gRPC servers
• 0adbbb7 feat: introduce a way to copy kernel arguments from the UI
• ce5422a fix: import new COSI library to fix YAML marshaling
• d6cec09 feat: implement Arges API client, and minimal argesctl
• 65c8d68 feat: implement cluster creation view
• 8365b00 feat: re-enable old Theila UI
• 63e703c fix: update Talos to the latest master
• d33e27b feat: implement clusters list view
• cb9e23c feat: protect Theila state from external API access
• 952c235 fix: properly allocated ports in the loadbalancer
• a58c479 chore: report siderolink events kernel arg
• 8a56fe3 refactor: move Theila resources to public pkg/
• 1251699 fix: reset the MachineEventsSnapshot after the node is reset
• 9a2e6af feat: implement bootstrap controller
• 7107e27 feat: implement apply and reset config controller
• 1579eb0 feat: implement machine events handler and ClusterStatus
• 7214f4a feat: implement cluster load balancer controller
• 9c4fafa feat: add a controller that manages load balancers for talos clusters
• 7e3d80c feat: add a resources that specify configurations for load balancers
• dc0d356 feat: support Theila runtime watch with label selectors
• 6a568a7 feat: implement ClusterMachineConfig resource and it's controller
• 3db0f1c feat: implement TalosConfig controller
• b7ae8e1 feat: introduce Cluster controller that adds finalizers on Clusters
• 8d7ea02 chore: use label selectors in TalosConfig, set labels on the resources
• cff9cb1 fix: separate advertised endpoint from the actual wireguard endpoint
• 5be6cc3 feat: implement cluster creation UI
• a1633eb chore: add typed wrappers around State, Reader and Writer
• 5515f3d feat: add ClusterSecrets resource and controller and tests
• 7226f6c feat: add Cluster, ClusterMachine and TalosConfig resources
• ec44930 feat: enable vtprotobuf optimized marshaling
• 15be219 feat: generate TS constants from go //tsgen: comments
• caa4c4d fix: resource equality for proto specs
• beeca88 refactor: clarify code that creates or gets links for nodes
• 340c63a feat: implement Machines page
• f7bc0c6 feat: accept nodes if they provide the correct join token
• bdf789a feat: immediately reconnect SideroLink peers after Arges restart
• 6b74fa8 feat: implement MachineStatusController
• f5db0e0 feat: add more info to the siderolink connection spec
• d3e4a71 refactor: simplify the usage of gRPC resource CRUD API
• 2430115 feat: implement MachineController and small fixes
• e31d22d feat: support running Theila without contexts
• a6b3646 refactor: small fixes
• 33d2b59 refactor: clean up a bit SideroLink code, fix shutdown
• 98ec883 chore: rename main executable to avoid clashing with Theila project
• 828721d feat: enable COSI persistence for resources
• f1f7883 feat: set up siderolink endpoints in Theila
• 6439335 refactor: migrate to typed.Resource in Theila internal state
• 6195274 refactor: restructure folders in the project
• 1abf72b chore: update Talos libs to the latest version
• 16dffd9 fix: display delta time for pod's age
• 8b80726 feat: update favicon to sidero logo
• 2da7378 feat: show the extended hardware info
• d3c6004 chore: allow getting resources without version and group
• eb19087 fix: remove t-header error notification
• 5a28202 feat: restyle t-alert component
• 9f2b482 fix: get rid of racy code in the kubeconfig request code
• c40824e feat: add text Highlight feature
• 9018c81 feat: use ~/.talos/config as a primary source for clusters
• e10547b refactor: remove old components and not used code parts
• f704684 fix: properly calculate servers capacity
• 755a077 fix: use proper units for memory and CPU charts on the node monitor page
• d0a083d release(v0.2.0-alpha.0): prepare release
• 53878ee fix: properly update servers menu item when the context is changed
• b4cb9c7 feat: restyle TMonitor page
• f0377e2 fix: invert chart value for cpu, storage and memory on the overview page
• 6ea6ecf fix: update capi-utils to fix talosconfig requests for CAPI clusters
• e3796d3 chore: update capi-utils
• 39186eb feat: implement overview page, cluster dropdown, ongoing tasks
• 59f2b27 docs: update README.md
• 2b7831f feat: add Kubernetes and Servers pages
• 4451a5b fix: properly set TaskStatus namespace in the initial call
• 4545464 fix: add new fields to the TaskStatus spec, update Talos
• 891cf3b docs: describe client context types, usage
• 309b515 feat: update k8s upgrades tasks structure for the new UI representation
• 5aa8ca2 feat: add NodesPage
• db434e0 feat: add TPagination component
• 0b51727 feat: add Pods, Dashboard, Upgrade views, etc
• c549b8b feat: add Overview and Upgrade Kubernetes pages
• cec2e85 chore: define constants for all used resource types
• 962bdaf feat: add TSideBar
• fa28ccb feat: add TheHeader component
• f3418a5 feat: button;icons;config
• db30f50 fix: add frontend/node_modules to gitignore
• a675b86 fix: properly pass label selector to the metadata in ClusterListItem
• 7911d6a chore: add ability to start local development server for the frontend
• 076fee1 feat: use CAPI utils for CAPI requests
• 5ed5ba2 fix: more websocket client bugfixes
• 6fe22ad fix: reset reconnect timeouts after the client is reconnected
• c4b144a fix: talosconfig/kubeconfig when using the default context
• b439a37 fix: properly handle Same-Origin header in websockets
• ffffed1 fix: read node name from nodename resource instead of hostname
• 2d6f984 fix: use secure websockets if the page itself is using https
• 799f2d2 feat: rework the node overview page
• 0d0eaf4 fix: make charts height resize depending on the screen height
• 7de0101 fix: use polyfill to fix streaming APIs on Firefox
• 0cff2b0 feat: small UI adjustments
• d70bd41 feat: implement accept Sidero server functional
• f3a6e16 feat: add top processes list to the Overview page
• 3cf97e4 refactor: use the same object for gRPC metadata context and messages
• 243206f release(v0.1.0-alpha.2): prepare release
• e5b6f29 feat: implement node Reset
• bcb7d23 fix: node IP not being truncated
• e576d33 feat: add upgrade UI for CAPI clusters
• 10cdce7 fix: server labels key/value order and chevron orientation
• 4007177 feat: implement Kubernetes upgrade UI components
• f4917ee fix: accumulate chart updates into a single update
• 414d76c feat: implement upgrade controller
• 36742ea feat: introduce create, delete and update gRPC APIs
• 2b3d314 feat: install internal COSI runtime alongside with K8s and Talos
• ae7f784 refactor: move all generated TypeScript files under frontend/src/api
• 61bad64 release(v0.1.0-alpha.1): prepare release
• 8e5e722 feat: implement node reboot controls
• 9765a88 feat: dmesg logs page
• ecbbd67 feat: use updated timestamp to display event time on the graph
• 7c56773 refactor: use Metadata to pass context in all gRPC calls
• abb4733 feat: implement service logs viewer
• 8e8e032 feat: add ability to pick sort order on the servers page
• 1a1c728 fix: resolve the issue with idFn value generating undefined ids
• 2e83fe2 feat: allow filtering servers by picking from predefined categories
• 48f776e fix: navigate home when changing the context
• a1ce0ca fix: resolve services search issues
• 5b768f8 feat: make stacked lists searchable
• ec1bc5b feat: implement stats component and add stats to the servers page
• 1a85999 feat: align Sidero servers list outlook with the wireframes
• 524264c fix: display error message and use proper layout for the spinner
• 5263d16 feat: introduce node stats page
• 8feb35e feat: make root sidebar sections collapsible
• 36ad656 feat: detect cluster capabilities
• a25d90d feat: support switching context in the UI
• 67903e2 refactor: separate Watch from StackedList
• 76b9e1d release(v0.1.0-alpha.0): prepare release
• 7bde4c8 fix: cobra command was initialized but not actually used
• 04624c9 feat: support getting Talos and Kubernetes client configs for a cluster
• 219b9c8 feat: implement notifications component
• f8b19a0 feat: decouple watch list from the view
• 2f8c96e feat: implement appearance settings modal window
• de745d6 feat: implement Talos runtime backend
• af69a0d feat: support getting Kubernetes resource through gRPC gateway
• 2c50010 feat: implement breadcrumbs component, add support for table header
• 3fc1e80 feat: implement nodes view
• 961e93a feat: implement clusters view
• e8248ff feat: use plain zap instead of SugaredLogger everywhere
• 81ba93d chore: generate websocket protocol messages using protobuf
• 37a878d feat: make JS websocket reconnect on connection loss
• 23b3281 feat: use dynamic watcher to allow listing any kinds of resources
• 16475f5 feat: implement real time update server on top of web sockets
• 76b39ae feat: create hello world Vue app using Kres
• baab493 Initial commit

Changes since v0.1.0-alpha.1

55 commits

• e096c88 chore: add resource operation metrics
• 741e820 feat: implement config patch creation UI
• 5def267 fix: attempt to clean up docker container better
• 876ff5e feat: update COSI and state-etcd to 0.2.0
• 3df410d test: refactor and update config patch integration tests
• 5eea9e5 feat: add TLS support to siderolink API
• 36394ea refactor: simplify the resource leak fix
• e5b962b chore: update dev environment
• 39bf206 fix: save user picture and fullname in the local storage
• f1611c1 feat: add machine level config patch support
• f2e6cf5 fix: remove several resource/goroutine leaks
• fc37af3 feat: allow destroying config patches in the UI
• 3154d59 fix: respect SIDEROLINK_DEV_JOIN_TOKEN only in debug mode
• 38f5380 feat: avoid deleting all resources on omnictl delete
• 28666bc chore: add support for local development using compose
• cad73ce chore: increase TestEtcdAudit timeout and fix incorrect Assert() calls.
• 7199b75 chore: during config merge create config if there was none
• dab54d1 chore: increase TestTalosBackendRoles reliability
• 997cd78 feat: add reconfiguring phase to machinesetstatus
• 81fb2b9 fix: fix button order and vue config
• 252fb29 refactor: simplify backend.Server.Run method
• f335c2f refactor: split watch to Watch and WatchFunc, add unit tests
• 35a7919 feat: track machine config apply status
• 1c54710 fix: use rolling update strategy on control planes
• 17ccdc2 refactor: various logging fixes
• 3c9ca9c fix: update node overview Kubernetes node watch to make it compatible
• e8c2063 fix: enable edit config patches button on the cluster overview page
• 6e80521 fix: reset the item list after the watch gets reconnected
• 620d197 chore: remove AddContext method from runtime.Runtime interface
• 8972ade chore: update default version of Talos to v1.2.7
• 6a2dde8 fix: update the config patch rollout strategy
• fb3f6a3 fix: skip updating config status if applying config caused a reboot
• 8776146 fix: apply finalizer to the Machine only when CMS is created
• 134bb20 test: fix config patch test with reboot
• d3b6b5a feat: implement config patch viewer and editor
• 149efe1 chore: bump runtime and state-etcd modules
• c345b83 chore: output omnictl auth log to stderr
• 39b2ba2 refactor: introduce ClusterEndpoint resource
• 6998ff0 fix: treat created and updated events same
• 289fe88 feat: add omnictl apply
• 2f1be3b chore: fix TestGenerateJoinToken test
• 3829176 fix: don't close config patch editor window if config validation fails
• c96f504 feat: add suspended mode
• b967bcf feat: add last config apply error to clustermachineconfigstatus
• 0395d9d test: increase key generation timeout on storage signing test
• 577eba4 fix: set SideroLink MTU to 1280
• 0f32172 fix: minor things in frontend
• 9abcc7b test: add config patching integration tests
• 99531fb refactor: drop unneeded controller inputs
• 5172354 chore: add omnictl to the generated image
• 738cf64 fix: set cluster machine version in machine config status correctly
• 1d0d220 fix: lower ttl of the issued keys on the FE side by 10 minutes
• 2889524 feat: dynamic title
• 3d17bd7 chore: fix release CI run
• f2c752f fix: properly proxy watch requests through dev-server

Dependency Changes

This release has no dependency changes

Omni 0.1.0-alpha.1 (2022-11-10)

Welcome to the v0.1.0-alpha.1 release of Omni!
This is a pre-release of Omni

Please try out the release binaries and report any issues at https://github.com/siderolabs/omni/issues.

Contributors

• Artem Chernyshev
• Andrey Smirnov
• Artem Chernyshev
• Dmitriy Matrenichev
• Philipp Sauter
• Utku Ozdemir
• evgeniybryzh
• Noel Georgi
• Andrew Rynhard
• Tim Jones
• Andrew Rynhard
• Gerard de Leeuw
• Steve Francis
• Volodymyr Mazurets

Changes

349 commits

• 8b284f3 feat: implement Kubernetes API OIDC proxy and OIDC server
• adad8d0 refactor: rework LoadBalancerConfig/LoadBalancerStatus resources
• 08e2cb4 feat: support editing config patches on cluster and machine set levels
• e2197c8 test: e2e testing improvements
• ec9051f fix: config patching
• e2a1d6c fix: send logs in JSON format by default
• 954dd70 chore: replace talos-systems depedencies with siderolabs
• acf94db chore: add payload logger
• 838c716 fix: allow time skew on validating the public keys
• dd481d6 fix: refactor runGRPCProxy in router tests to catch listener errors
• e68d010 chore: small fixes
• ad86875 feat: minor adjustments on the cluster create page
• e61f194 chore: implement debug handlers with controller dependency graphs
• cbbf901 refactor: use generic TransformController more
• 33f9f2c chore: remove reflect from runtime package
• 6586963 feat: add scopes to users, rework authz & add integration tests
• bb355f5 fix: reload the page to init the UI Authenticator on signature fails
• c90cd48 chore: log auth context
• d278780 fix: update Clusters page UI
• 5e77607 tests: abort on first failure
• 4c55980 chore: get full method name from the service
• 2194f43 feat: redesign cluster list view
• 40b3f23 chore: enable gRPC request duration histogram
• 0235bb9 refactor: make sure Talos/Kubernetes versions are defined once
• dd6154a chore: add public key pruning
• 68908ba fix: bring back UpgradeInfo API
• f1bc692 refactor: drop dependency on Talos Go module
• 0e3ef43 feat: implement talosctl access via Omni
• 2b0014f fix: provide a way to switch the user on the authenticate page
• e295d7e chore: refactor all controller tests to use assertResource function
• 8251dfb refactor: extract PGP client key handling
• 02da9ee refactor: use extracted go-api-signature library
• 4bc3db4 fix: drop not working upgrade k8s functional
• 17ca75e feat: add 404 page
• 8dcde2a feat: implement logout flow in the frontend
• ba766b9 fix: make omnictl correctly re-auth on invalid key
• fd16f87 fix: don't set timeout on watch gRPC requests
• 8dc3cc6 fix: don't use omni in external names
• 2513661 fix: reset Error field of the MachineSetStatus
• b611e99 fix: properly handle Forbidden errors on the authentication page
• 8525502 fix: stop runners properly and clean up StatusMachineSnapshot
• ab0190d feat: implement scopes and enforce authorization
• 9198d96 feat: sign gRPC requests on the frontend to enable Authentication flow
• bdd8f21 chore: remove reset button and fix padding
• 362db57 fix: gRPC verifier should verify against original JSON payload
• 30186b8 fix: omnictl ignoring omniconfig argument
• e8ab0ba fix: do not attempt to execute failed integration test again
• 9fda25e chore: add more info on errors to different controllers
• ccda526 chore: bump grpc version
• b1ac125 chore: emit log when we got machine status event.
• 005d257 chore: set admin role specifically for Reboot request.
• 27f0e30 chore: update deps
• 77f0219 test: more unit-tests for auth components
• 0bf6ddf fix: pass through HTTP request if auth is disabled
• 4f3a67b fix: unit-tests for auth package and fixes
• e3390cb chore: rename arges-theila to omni
• 14d2614 chore: allow slashes in secretPath
• e423edc fix: add unit-tests for auth message and fix issues
• b5cfa1a feat: add vault client
• b47791c feat: sign grpc requests on cli with pgp key & verify it on server
• d6ef4d9 feat: split account ID and name
• e412e1a chore: workaround the bind problem
• e23cc59 chore: bump minimum Talos version to v1.2.4
• 0638a29 feat: stop using websockets
• 8f3c19d feat: update install media to be identifiable
• 70d1e35 feat: implement resource encryption
• 7653638 fix: fix NPE in integration tests
• e39849f chore: update Makefile and Dockerfile with kres
• 4709473 fix: return an error if external etcd client fails to be built
• 5366661 refactor: use generic transform controller
• a2a5f16 feat: limit access to Talos API via Omni to os:reader
• e254201 feat: merge internal/external states into one
• 3258ca4 feat: add ControlPlaneStatus controller
• 1c0f286 refactor: use MachineStatus Talos resource
• 0a6b19f chore: drop support for Talos resource API
• ee5f6d5 feat: add auth resource types & implement CLI auth
• 36736e1 fix: use correct protobuf URL for cosi resource spec
• b98c56d feat: bump minimum version for Talos to v1.2.3
• b93bc9c chore: move containers and optional package to the separate module
• e1af4d8 chore: update COSI to v0.2.0-alpha.1
• 788dd37 feat: implement and enable by default etcd backend
• 1b83038 release(v0.1.0-alpha.0): prepare release
• 8a9c4f1 feat: implement CLI configuration file (omniconfig)
• b0c92d5 feat: implement etcd audit controller
• 0e993a0 feat: properly support scaling down the cluster
• 264cdc9 refactor: prepare for etcd backend integration
• b519d17 feat: show version in the UI
• a2fb539 feat: keep track of loadbalancer health in the controller
• 4789c62 feat: implement a new controller that can gather cluster machine data
• bd3712e fix: populate machine label field in the patches created by the UI
• ba70b4a fix: rename to Omni, fix workers scale up, hide join token
• 47b45c1 fix: correct filenames for Digital Ocean images
• 9d217cf feat: introduce new resources, deprecate ClusterMachineTemplate
• aee153b fix: address style issue in the Pods paginator
• 752dd44 chore: update Talos machinery to 1.2.0 and use client config struct
• 88d7079 fix: regenerate sources from proto files that were rolled back.
• 84062c5 chore: update Talos to the latest master
• 5a139e4 fix: properly route theila internal requests in the gRPC proxy
• 4be4fb6 feat: add support for 'talosconfig' generation
• 9235b8b fix: properly layer gRPC proxies
• 9a516cc fix: wait for selector of 'View All' to render in e2e tests.
• 3cf3aa7 fix: some unhandled errors in the e2e tests.
• c32c7d5 fix: ignore updating cluster machines statuses without machine statuses
• 4cfa307 chore: run rekres, fix lint errors and bump Go to 1.19
• eb2d449 fix: skip the machines in tearingDown phase in the controller
• 9ebc769 fix: allow all services to be proxied by gRPC router
• ea2b01d fix: properly handle non empty resource id in the K8s resource watch
• 3bb7da3 feat: show a Cluster column in the Machine section
• 8beb70b fix: ignore tearing down clusters in the Cluster migrations
• 319d4e7 fix: properly handle null memory modules list
• 6c2120b chore: introduce migrations manager for COSI DB state
• ec52139 fix: filter out invalid memory modules info coming from Talos nodes
• 8e87031 fix: bump loadbalancer timeout settings
• bc0ed26 feat: introduce websocket, HTTP requests monitoring
• 857401f feat: add HTTP logging (static, gateway), and websocket logging
• eb612a3 fix: do hard stop of events sink gRPC server after 5 seconds
• 3162513 fix: populate nodes filter dropdown properly and rewrite filter function
• 5713a51 fix: make TSelectList search filter the items in the dropdown
• f2519ff feat: don't allow using nodes with not enough mem for the cluster
• 9e474d6 feat: show disconnected warning in the machines list
• fa52b48 feat: redesign Installation Media selection menu
• 01e301a fix: query node list using talosctl get members instead of K8s nodes
• e694df5 fix: display all available Talos versions on cluster create page
• 7a87525 fix: use v-model instead of callbacks in the inputs
• d681f5f feat: support scaling up the clusters
• e992b95 feat: show notification on image download progress
• 8ea6d9f fix: probably fix 'context canceled' on image download
• 692612b fix: improve the Talos image generation process
• a69c140 feat: introduce Prometheus metrics
• e90ca78 fix: make grpc api listen only on siderolink interface
• 99fc28c fix: display correct cluster/machine status on ui
• eaf7655 fix: add a pause before integration tests
• 19ff1c9 chore: rename download button
• e1c4e1b feat: add download options for all talos images
• 24e7863 fix: delete cached clients from gRPC proxy when the cluster is destroyed
• 58c89ef feat: implement argesctl delete command
• 3c99b49 test: add a test which removes allocated machine
• 75dd28f chore: fill in resource definitions for table headers
• 028f168 feat: End-to-end tests with playwright
• 6be6b36 chore: bump goimports from 0.1.10 to 0.1.11 and node from 18.5.0 to 18.6.0
• af4da08 test: implement kernel log streaming test
• 1eacfee feat: implement argesctl machine-logs output in 'zap-like' and 'dmesg' form.
• 96ab7ab chore: ignore memory modules with zero size
• fd0575f chore: retrieve k8s versions from github registry
• 8651527 feat: redo errgroup to return error on first nil error
• 944222d fix: show ClusterMachineStatus.Stage in 'Clusters' view
• f3f6b6e chore: refactor run method and no longer ignore log receiver listener errors
• b316377 chore: rename 'Dmesg' to 'Console'
• 19ee857 test: add a way to recover deleted machines
• e5b5bdc fix: update SideroLink library for EEXIST fixes
• 363de69 fix: spec collector equality
• 841f3b2 feat: add ability to supply machine config patches on the machines
• 907ca93 test: fix link destroy test
• 4c9f99d fix: remove machine status if the machine is in tearing down phase
• d9747e5 fix: make cluster machine status test more reliable
• 3bfff3b fix: do not set up full theila runtime during clients tests
• 4bf33bc fix: immediately fail the request if the cluster is down
• 124a5c2 fix: ensure the created date on resources is set
• 14161bf feat: add scale up integration test and minor log fixes
• 7af06fd feat: make integration tests a subtests of one global test
• f7c1464 feat: implement log receiver for logs from Talos
• 5b800ea fix: accumulate bytes received/send in the link resource
• b3b1e9b feat: machine removal
• fb01bc4 fix: use Talos 1.2.0
• 3a50efe feat: filter machines that can be added to cluster
• ba62db5 fix: properly parse siderolink-api-advertised-url if there's no port
• 96f835a fix: properly display node selectors in FireFox
• 12c20a4 fix: populate disks when machines are connected during cluster create
• 0dc97f8 fix: adjust overview page to look closer to the mockups
• 2b77af8 feat: add the chart showing the count of clusters
• a1dff65 feat: implement ISO download with embedded kernel args
• 37c03d8 test: pull kubeconfig and interact with Kubernetes API
• 75bfb08 fix: ignore the error on splitting host/port
• 3be5a32 feat: make the whole cluster list item clickable, add dropdown menu item
• 2c9dc99 fix: adjust the look of the Overview page a bit
• aa4a926 feat: add the button for downloading cluster Kubeconfig on overview page
• 4532de6 feat: support basic auth in argesctl command
• b66bb3c feat: add summary information Overview page
• 3bdbce4 test: more cluster creation tests, two clusters, cleanup
• 3b00bd5 fix: improve cluster deletion and node reset flow
• 2d83d16 test: create a cluster and verify cluster machine statuses
• f471cfd fix: copy all labels from the ClusterMachine to ClusterMachineStatus
• ec32f86 test: add integration tests up to the cluster creation
• a8d3ee5 feat: add kubeconfig command to argesctl and fix kubeconfig
• 10b9a3b test: implement API integration test
• 3e6b891 feat: aggregate cluster machine statuses in cluster status controller
• f6cbc58 chore: ignore empty processor info
• c5fc71b fix: clean up Kubernetes client and configs when a cluster is destroyed
• e8478fe fix: properly use tracker to cleanup ClusterMachineConfig resources
• 044fcad fix: make MachineStatusController connect to configured nodes
• 2867099 feat: add api endpoint to fetch kubeconfig
• 5f32667 test: support registry mirrors for development purposes
• 5114695 refactor: consistent flag naming
• 9ffb19e chore: use latest node
• 5512321 refactor: set better defaults for cli args
• ff88242 chore: mark 'siderolink-wireguard-endpoint' flags as required
• 4a9d9ad feat: add the ClusterMachineStatus resource
• e4e8b62 refactor: unify all Arges API under a single HTTP server
• 5af9049 chore: rename sidebar item
• a4fc47f chore: fix build warning
• 547b83c chore: bump siderolink version
• 11c31f3 refactor: drop one of the layered gRPC servers
• 0adbbb7 feat: introduce a way to copy kernel arguments from the UI
• ce5422a fix: import new COSI library to fix YAML marshaling
• d6cec09 feat: implement Arges API client, and minimal argesctl
• 65c8d68 feat: implement cluster creation view
• 8365b00 feat: re-enable old Theila UI
• 63e703c fix: update Talos to the latest master
• d33e27b feat: implement clusters list view
• cb9e23c feat: protect Theila state from external API access
• 952c235 fix: properly allocated ports in the loadbalancer
• a58c479 chore: report siderolink events kernel arg
• 8a56fe3 refactor: move Theila resources to public pkg/
• 1251699 fix: reset the MachineEventsSnapshot after the node is reset
• 9a2e6af feat: implement bootstrap controller
• 7107e27 feat: implement apply and reset config controller
• 1579eb0 feat: implement machine events handler and ClusterStatus
• 7214f4a feat: implement cluster load balancer controller
• 9c4fafa feat: add a controller that manages load balancers for talos clusters
• 7e3d80c feat: add a resources that specify configurations for load balancers
• dc0d356 feat: support Theila runtime watch with label selectors
• 6a568a7 feat: implement ClusterMachineConfig resource and it's controller
• 3db0f1c feat: implement TalosConfig controller
• b7ae8e1 feat: introduce Cluster controller that adds finalizers on Clusters
• 8d7ea02 chore: use label selectors in TalosConfig, set labels on the resources
• cff9cb1 fix: separate advertised endpoint from the actual wireguard endpoint
• 5be6cc3 feat: implement cluster creation UI
• a1633eb chore: add typed wrappers around State, Reader and Writer
• 5515f3d feat: add ClusterSecrets resource and controller and tests
• 7226f6c feat: add Cluster, ClusterMachine and TalosConfig resources
• ec44930 feat: enable vtprotobuf optimized marshaling
• 15be219 feat: generate TS constants from go //tsgen: comments
• caa4c4d fix: resource equality for proto specs
• beeca88 refactor: clarify code that creates or gets links for nodes
• 340c63a feat: implement Machines page
• f7bc0c6 feat: accept nodes if they provide the correct join token
• bdf789a feat: immediately reconnect SideroLink peers after Arges restart
• 6b74fa8 feat: implement MachineStatusController
• f5db0e0 feat: add more info to the siderolink connection spec
• d3e4a71 refactor: simplify the usage of gRPC resource CRUD API
• 2430115 feat: implement MachineController and small fixes
• e31d22d feat: support running Theila without contexts
• a6b3646 refactor: small fixes
• 33d2b59 refactor: clean up a bit SideroLink code, fix shutdown
• 98ec883 chore: rename main executable to avoid clashing with Theila project
• 828721d feat: enable COSI persistence for resources
• f1f7883 feat: set up siderolink endpoints in Theila
• 6439335 refactor: migrate to typed.Resource in Theila internal state
• 6195274 refactor: restructure folders in the project
• 1abf72b chore: update Talos libs to the latest version
• 16dffd9 fix: display delta time for pod's age
• 8b80726 feat: update favicon to sidero logo
• 2da7378 feat: show the extended hardware info
• d3c6004 chore: allow getting resources without version and group
• eb19087 fix: remove t-header error notification
• 5a28202 feat: restyle t-alert component
• 9f2b482 fix: get rid of racy code in the kubeconfig request code
• c40824e feat: add text Highlight feature
• 9018c81 feat: use ~/.talos/config as a primary source for clusters
• e10547b refactor: remove old components and not used code parts
• f704684 fix: properly calculate servers capacity
• 755a077 fix: use proper units for memory and CPU charts on the node monitor page
• d0a083d release(v0.2.0-alpha.0): prepare release
• 53878ee fix: properly update servers menu item when the context is changed
• b4cb9c7 feat: restyle TMonitor page
• f0377e2 fix: invert chart value for cpu, storage and memory on the overview page
• 6ea6ecf fix: update capi-utils to fix talosconfig requests for CAPI clusters
• e3796d3 chore: update capi-utils
• 39186eb feat: implement overview page, cluster dropdown, ongoing tasks
• 59f2b27 docs: update README.md
• 2b7831f feat: add Kubernetes and Servers pages
• 4451a5b fix: properly set TaskStatus namespace in the initial call
• 4545464 fix: add new fields to the TaskStatus spec, update Talos
• 891cf3b docs: describe client context types, usage
• 309b515 feat: update k8s upgrades tasks structure for the new UI representation
• 5aa8ca2 feat: add NodesPage
• db434e0 feat: add TPagination component
• 0b51727 feat: add Pods, Dashboard, Upgrade views, etc
• c549b8b feat: add Overview and Upgrade Kubernetes pages
• cec2e85 chore: define constants for all used resource types
• 962bdaf feat: add TSideBar
• fa28ccb feat: add TheHeader component
• f3418a5 feat: button;icons;config
• db30f50 fix: add frontend/node_modules to gitignore
• a675b86 fix: properly pass label selector to the metadata in ClusterListItem
• 7911d6a chore: add ability to start local development server for the frontend
• 076fee1 feat: use CAPI utils for CAPI requests
• 5ed5ba2 fix: more websocket client bugfixes
• 6fe22ad fix: reset reconnect timeouts after the client is reconnected
• c4b144a fix: talosconfig/kubeconfig when using the default context
• b439a37 fix: properly handle Same-Origin header in websockets
• ffffed1 fix: read node name from nodename resource instead of hostname
• 2d6f984 fix: use secure websockets if the page itself is using https
• 799f2d2 feat: rework the node overview page
• 0d0eaf4 fix: make charts height resize depending on the screen height
• 7de0101 fix: use polyfill to fix streaming APIs on Firefox
• 0cff2b0 feat: small UI adjustments
• d70bd41 feat: implement accept Sidero server functional
• f3a6e16 feat: add top processes list to the Overview page
• 3cf97e4 refactor: use the same object for gRPC metadata context and messages
• 243206f release(v0.1.0-alpha.2): prepare release
• e5b6f29 feat: implement node Reset
• bcb7d23 fix: node IP not being truncated
• e576d33 feat: add upgrade UI for CAPI clusters
• 10cdce7 fix: server labels key/value order and chevron orientation
• 4007177 feat: implement Kubernetes upgrade UI components
• f4917ee fix: accumulate chart updates into a single update
• 414d76c feat: implement upgrade controller
• 36742ea feat: introduce create, delete and update gRPC APIs
• 2b3d314 feat: install internal COSI runtime alongside with K8s and Talos
• ae7f784 refactor: move all generated TypeScript files under frontend/src/api
• 61bad64 release(v0.1.0-alpha.1): prepare release
• 8e5e722 feat: implement node reboot controls
• 9765a88 feat: dmesg logs page
• ecbbd67 feat: use updated timestamp to display event time on the graph
• 7c56773 refactor: use Metadata to pass context in all gRPC calls
• abb4733 feat: implement service logs viewer
• 8e8e032 feat: add ability to pick sort order on the servers page
• 1a1c728 fix: resolve the issue with idFn value generating undefined ids
• 2e83fe2 feat: allow filtering servers by picking from predefined categories
• 48f776e fix: navigate home when changing the context
• a1ce0ca fix: resolve services search issues
• 5b768f8 feat: make stacked lists searchable
• ec1bc5b feat: implement stats component and add stats to the servers page
• 1a85999 feat: align Sidero servers list outlook with the wireframes
• 524264c fix: display error message and use proper layout for the spinner
• 5263d16 feat: introduce node stats page
• 8feb35e feat: make root sidebar sections collapsible
• 36ad656 feat: detect cluster capabilities
• a25d90d feat: support switching context in the UI
• 67903e2 refactor: separate Watch from StackedList
• 76b9e1d release(v0.1.0-alpha.0): prepare release
• 7bde4c8 fix: cobra command was initialized but not actually used
• 04624c9 feat: support getting Talos and Kubernetes client configs for a cluster
• 219b9c8 feat: implement notifications component
• f8b19a0 feat: decouple watch list from the view
• 2f8c96e feat: implement appearance settings modal window
• de745d6 feat: implement Talos runtime backend
• af69a0d feat: support getting Kubernetes resource through gRPC gateway
• 2c50010 feat: implement breadcrumbs component, add support for table header
• 3fc1e80 feat: implement nodes view
• 961e93a feat: implement clusters view
• e8248ff feat: use plain zap instead of SugaredLogger everywhere
• 81ba93d chore: generate websocket protocol messages using protobuf
• 37a878d feat: make JS websocket reconnect on connection loss
• 23b3281 feat: use dynamic watcher to allow listing any kinds of resources
• 16475f5 feat: implement real time update server on top of web sockets
• 76b39ae feat: create hello world Vue app using Kres
• baab493 Initial commit

Changes since v0.1.0-alpha.0

81 commits

• 8b284f3 feat: implement Kubernetes API OIDC proxy and OIDC server
• adad8d0 refactor: rework LoadBalancerConfig/LoadBalancerStatus resources
• 08e2cb4 feat: support editing config patches on cluster and machine set levels
• e2197c8 test: e2e testing improvements
• ec9051f fix: config patching
• e2a1d6c fix: send logs in JSON format by default
• 954dd70 chore: replace talos-systems depedencies with siderolabs
• acf94db chore: add payload logger
• 838c716 fix: allow time skew on validating the public keys
• dd481d6 fix: refactor runGRPCProxy in router tests to catch listener errors
• e68d010 chore: small fixes
• ad86875 feat: minor adjustments on the cluster create page
• e61f194 chore: implement debug handlers with controller dependency graphs
• cbbf901 refactor: use generic TransformController more
• 33f9f2c chore: remove reflect from runtime package
• 6586963 feat: add scopes to users, rework authz & add integration tests
• bb355f5 fix: reload the page to init the UI Authenticator on signature fails
• c90cd48 chore: log auth context
• d278780 fix: update Clusters page UI
• 5e77607 tests: abort on first failure
• 4c55980 chore: get full method name from the service
• 2194f43 feat: redesign cluster list view
• 40b3f23 chore: enable gRPC request duration histogram
• 0235bb9 refactor: make sure Talos/Kubernetes versions are defined once
• dd6154a chore: add public key pruning
• 68908ba fix: bring back UpgradeInfo API
• f1bc692 refactor: drop dependency on Talos Go module
• 0e3ef43 feat: implement talosctl access via Omni
• 2b0014f fix: provide a way to switch the user on the authenticate page
• e295d7e chore: refactor all controller tests to use assertResource function
• 8251dfb refactor: extract PGP client key handling
• 02da9ee refactor: use extracted go-api-signature library
• 4bc3db4 fix: drop not working upgrade k8s functional
• 17ca75e feat: add 404 page
• 8dcde2a feat: implement logout flow in the frontend
• ba766b9 fix: make omnictl correctly re-auth on invalid key
• fd16f87 fix: don't set timeout on watch gRPC requests
• 8dc3cc6 fix: don't use omni in external names
• 2513661 fix: reset Error field of the MachineSetStatus
• b611e99 fix: properly handle Forbidden errors on the authentication page
• 8525502 fix: stop runners properly and clean up StatusMachineSnapshot
• ab0190d feat: implement scopes and enforce authorization
• 9198d96 feat: sign gRPC requests on the frontend to enable Authentication flow
• bdd8f21 chore: remove reset button and fix padding
• 362db57 fix: gRPC verifier should verify against original JSON payload
• 30186b8 fix: omnictl ignoring omniconfig argument
• e8ab0ba fix: do not attempt to execute failed integration test again
• 9fda25e chore: add more info on errors to different controllers
• ccda526 chore: bump grpc version
• b1ac125 chore: emit log when we got machine status event.
• 005d257 chore: set admin role specifically for Reboot request.
• 27f0e30 chore: update deps
• 77f0219 test: more unit-tests for auth components
• 0bf6ddf fix: pass through HTTP request if auth is disabled
• 4f3a67b fix: unit-tests for auth package and fixes
• e3390cb chore: rename arges-theila to omni
• 14d2614 chore: allow slashes in secretPath
• e423edc fix: add unit-tests for auth message and fix issues
• b5cfa1a feat: add vault client
• b47791c feat: sign grpc requests on cli with pgp key & verify it on server
• d6ef4d9 feat: split account ID and name
• e412e1a chore: workaround the bind problem
• e23cc59 chore: bump minimum Talos version to v1.2.4
• 0638a29 feat: stop using websockets
• 8f3c19d feat: update install media to be identifiable
• 70d1e35 feat: implement resource encryption
• 7653638 fix: fix NPE in integration tests
• e39849f chore: update Makefile and Dockerfile with kres
• 4709473 fix: return an error if external etcd client fails to be built
• 5366661 refactor: use generic transform controller
• a2a5f16 feat: limit access to Talos API via Omni to os:reader
• e254201 feat: merge internal/external states into one
• 3258ca4 feat: add ControlPlaneStatus controller
• 1c0f286 refactor: use MachineStatus Talos resource
• 0a6b19f chore: drop support for Talos resource API
• ee5f6d5 feat: add auth resource types & implement CLI auth
• 36736e1 fix: use correct protobuf URL for cosi resource spec
• b98c56d feat: bump minimum version for Talos to v1.2.3
• b93bc9c chore: move containers and optional package to the separate module
• e1af4d8 chore: update COSI to v0.2.0-alpha.1
• 788dd37 feat: implement and enable by default etcd backend

Dependency Changes

This release has no dependency changes

Omni 0.1.0-alpha.0 (2022-09-19)

Welcome to the v0.1.0-alpha.0 release of Omni!
This is a pre-release of Omni

Please try out the release binaries and report any issues at https://github.com/siderolabs/arges-theila/issues.

Contributors

• Artem Chernyshev
• Artem Chernyshev
• Andrey Smirnov
• Philipp Sauter
• evgeniybryzh
• Dmitriy Matrenichev
• Utku Ozdemir
• Noel Georgi
• Andrew Rynhard
• Andrew Rynhard
• Gerard de Leeuw
• Steve Francis
• Tim Jones
• Volodymyr Mazurets

Changes

267 commits

• 8a9c4f1 feat: implement CLI configuration file (omniconfig)
• b0c92d5 feat: implement etcd audit controller
• 0e993a0 feat: properly support scaling down the cluster
• 264cdc9 refactor: prepare for etcd backend integration
• b519d17 feat: show version in the UI
• a2fb539 feat: keep track of loadbalancer health in the controller
• 4789c62 feat: implement a new controller that can gather cluster machine data
• bd3712e fix: populate machine label field in the patches created by the UI
• ba70b4a fix: rename to Omni, fix workers scale up, hide join token
• 47b45c1 fix: correct filenames for Digital Ocean images
• 9d217cf feat: introduce new resources, deprecate ClusterMachineTemplate
• aee153b fix: address style issue in the Pods paginator
• 752dd44 chore: update Talos machinery to 1.2.0 and use client config struct
• 88d7079 fix: regenerate sources from proto files that were rolled back.
• 84062c5 chore: update Talos to the latest master
• 5a139e4 fix: properly route theila internal requests in the gRPC proxy
• 4be4fb6 feat: add support for 'talosconfig' generation
• 9235b8b fix: properly layer gRPC proxies
• 9a516cc fix: wait for selector of 'View All' to render in e2e tests.
• 3cf3aa7 fix: some unhandled errors in the e2e tests.
• c32c7d5 fix: ignore updating cluster machines statuses without machine statuses
• 4cfa307 chore: run rekres, fix lint errors and bump Go to 1.19
• eb2d449 fix: skip the machines in tearingDown phase in the controller
• 9ebc769 fix: allow all services to be proxied by gRPC router
• ea2b01d fix: properly handle non empty resource id in the K8s resource watch
• 3bb7da3 feat: show a Cluster column in the Machine section
• 8beb70b fix: ignore tearing down clusters in the Cluster migrations
• 319d4e7 fix: properly handle null memory modules list
• 6c2120b chore: introduce migrations manager for COSI DB state
• ec52139 fix: filter out invalid memory modules info coming from Talos nodes
• 8e87031 fix: bump loadbalancer timeout settings
• bc0ed26 feat: introduce websocket, HTTP requests monitoring
• 857401f feat: add HTTP logging (static, gateway), and websocket logging
• eb612a3 fix: do hard stop of events sink gRPC server after 5 seconds
• 3162513 fix: populate nodes filter dropdown properly and rewrite filter function
• 5713a51 fix: make TSelectList search filter the items in the dropdown
• f2519ff feat: don't allow using nodes with not enough mem for the cluster
• 9e474d6 feat: show disconnected warning in the machines list
• fa52b48 feat: redesign Installation Media selection menu
• 01e301a fix: query node list using talosctl get members instead of K8s nodes
• e694df5 fix: display all available Talos versions on cluster create page
• 7a87525 fix: use v-model instead of callbacks in the inputs
• d681f5f feat: support scaling up the clusters
• e992b95 feat: show notification on image download progress
• 8ea6d9f fix: probably fix 'context canceled' on image download
• 692612b fix: improve the Talos image generation process
• a69c140 feat: introduce Prometheus metrics
• e90ca78 fix: make grpc api listen only on siderolink interface
• 99fc28c fix: display correct cluster/machine status on ui
• eaf7655 fix: add a pause before integration tests
• 19ff1c9 chore: rename download button
• e1c4e1b feat: add download options for all talos images
• 24e7863 fix: delete cached clients from gRPC proxy when the cluster is destroyed
• 58c89ef feat: implement argesctl delete command
• 3c99b49 test: add a test which removes allocated machine
• 75dd28f chore: fill in resource definitions for table headers
• 028f168 feat: End-to-end tests with playwright
• 6be6b36 chore: bump goimports from 0.1.10 to 0.1.11 and node from 18.5.0 to 18.6.0
• af4da08 test: implement kernel log streaming test
• 1eacfee feat: implement argesctl machine-logs output in 'zap-like' and 'dmesg' form.
• 96ab7ab chore: ignore memory modules with zero size
• fd0575f chore: retrieve k8s versions from github registry
• 8651527 feat: redo errgroup to return error on first nil error
• 944222d fix: show ClusterMachineStatus.Stage in 'Clusters' view
• f3f6b6e chore: refactor run method and no longer ignore log receiver listener errors
• b316377 chore: rename 'Dmesg' to 'Console'
• 19ee857 test: add a way to recover deleted machines
• e5b5bdc fix: update SideroLink library for EEXIST fixes
• 363de69 fix: spec collector equality
• 841f3b2 feat: add ability to supply machine config patches on the machines
• 907ca93 test: fix link destroy test
• 4c9f99d fix: remove machine status if the machine is in tearing down phase
• d9747e5 fix: make cluster machine status test more reliable
• 3bfff3b fix: do not set up full theila runtime during clients tests
• 4bf33bc fix: immediately fail the request if the cluster is down
• 124a5c2 fix: ensure the created date on resources is set
• 14161bf feat: add scale up integration test and minor log fixes
• 7af06fd feat: make integration tests a subtests of one global test
• f7c1464 feat: implement log receiver for logs from Talos
• 5b800ea fix: accumulate bytes received/send in the link resource
• b3b1e9b feat: machine removal
• fb01bc4 fix: use Talos 1.2.0
• 3a50efe feat: filter machines that can be added to cluster
• ba62db5 fix: properly parse siderolink-api-advertised-url if there's no port
• 96f835a fix: properly display node selectors in FireFox
• 12c20a4 fix: populate disks when machines are connected during cluster create
• 0dc97f8 fix: adjust overview page to look closer to the mockups
• 2b77af8 feat: add the chart showing the count of clusters
• a1dff65 feat: implement ISO download with embedded kernel args
• 37c03d8 test: pull kubeconfig and interact with Kubernetes API
• 75bfb08 fix: ignore the error on splitting host/port
• 3be5a32 feat: make the whole cluster list item clickable, add dropdown menu item
• 2c9dc99 fix: adjust the look of the Overview page a bit
• aa4a926 feat: add the button for downloading cluster Kubeconfig on overview page
• 4532de6 feat: support basic auth in argesctl command
• b66bb3c feat: add summary information Overview page
• 3bdbce4 test: more cluster creation tests, two clusters, cleanup
• 3b00bd5 fix: improve cluster deletion and node reset flow
• 2d83d16 test: create a cluster and verify cluster machine statuses
• f471cfd fix: copy all labels from the ClusterMachine to ClusterMachineStatus
• ec32f86 test: add integration tests up to the cluster creation
• a8d3ee5 feat: add kubeconfig command to argesctl and fix kubeconfig
• 10b9a3b test: implement API integration test
• 3e6b891 feat: aggregate cluster machine statuses in cluster status controller
• f6cbc58 chore: ignore empty processor info
• c5fc71b fix: clean up Kubernetes client and configs when a cluster is destroyed
• e8478fe fix: properly use tracker to cleanup ClusterMachineConfig resources
• 044fcad fix: make MachineStatusController connect to configured nodes
• 2867099 feat: add api endpoint to fetch kubeconfig
• 5f32667 test: support registry mirrors for development purposes
• 5114695 refactor: consistent flag naming
• 9ffb19e chore: use latest node
• 5512321 refactor: set better defaults for cli args
• ff88242 chore: mark 'siderolink-wireguard-endpoint' flags as required
• 4a9d9ad feat: add the ClusterMachineStatus resource
• e4e8b62 refactor: unify all Arges API under a single HTTP server
• 5af9049 chore: rename sidebar item
• a4fc47f chore: fix build warning
• 547b83c chore: bump siderolink version
• 11c31f3 refactor: drop one of the layered gRPC servers
• 0adbbb7 feat: introduce a way to copy kernel arguments from the UI
• ce5422a fix: import new COSI library to fix YAML marshaling
• d6cec09 feat: implement Arges API client, and minimal argesctl
• 65c8d68 feat: implement cluster creation view
• 8365b00 feat: re-enable old Theila UI
• 63e703c fix: update Talos to the latest master
• d33e27b feat: implement clusters list view
• cb9e23c feat: protect Theila state from external API access
• 952c235 fix: properly allocated ports in the loadbalancer
• a58c479 chore: report siderolink events kernel arg
• 8a56fe3 refactor: move Theila resources to public pkg/
• 1251699 fix: reset the MachineEventsSnapshot after the node is reset
• 9a2e6af feat: implement bootstrap controller
• 7107e27 feat: implement apply and reset config controller
• 1579eb0 feat: implement machine events handler and ClusterStatus
• 7214f4a feat: implement cluster load balancer controller
• 9c4fafa feat: add a controller that manages load balancers for talos clusters
• 7e3d80c feat: add a resources that specify configurations for load balancers
• dc0d356 feat: support Theila runtime watch with label selectors
• 6a568a7 feat: implement ClusterMachineConfig resource and it's controller
• 3db0f1c feat: implement TalosConfig controller
• b7ae8e1 feat: introduce Cluster controller that adds finalizers on Clusters
• 8d7ea02 chore: use label selectors in TalosConfig, set labels on the resources
• cff9cb1 fix: separate advertised endpoint from the actual wireguard endpoint
• 5be6cc3 feat: implement cluster creation UI
• a1633eb chore: add typed wrappers around State, Reader and Writer
• 5515f3d feat: add ClusterSecrets resource and controller and tests
• 7226f6c feat: add Cluster, ClusterMachine and TalosConfig resources
• ec44930 feat: enable vtprotobuf optimized marshaling
• 15be219 feat: generate TS constants from go //tsgen: comments
• caa4c4d fix: resource equality for proto specs
• beeca88 refactor: clarify code that creates or gets links for nodes
• 340c63a feat: implement Machines page
• f7bc0c6 feat: accept nodes if they provide the correct join token
• bdf789a feat: immediately reconnect SideroLink peers after Arges restart
• 6b74fa8 feat: implement MachineStatusController
• f5db0e0 feat: add more info to the siderolink connection spec
• d3e4a71 refactor: simplify the usage of gRPC resource CRUD API
• 2430115 feat: implement MachineController and small fixes
• e31d22d feat: support running Theila without contexts
• a6b3646 refactor: small fixes
• 33d2b59 refactor: clean up a bit SideroLink code, fix shutdown
• 98ec883 chore: rename main executable to avoid clashing with Theila project
• 828721d feat: enable COSI persistence for resources
• f1f7883 feat: set up siderolink endpoints in Theila
• 6439335 refactor: migrate to typed.Resource in Theila internal state
• 6195274 refactor: restructure folders in the project
• 1abf72b chore: update Talos libs to the latest version
• 16dffd9 fix: display delta time for pod's age
• 8b80726 feat: update favicon to sidero logo
• 2da7378 feat: show the extended hardware info
• d3c6004 chore: allow getting resources without version and group
• eb19087 fix: remove t-header error notification
• 5a28202 feat: restyle t-alert component
• 9f2b482 fix: get rid of racy code in the kubeconfig request code
• c40824e feat: add text Highlight feature
• 9018c81 feat: use ~/.talos/config as a primary source for clusters
• e10547b refactor: remove old components and not used code parts
• f704684 fix: properly calculate servers capacity
• 755a077 fix: use proper units for memory and CPU charts on the node monitor page
• d0a083d release(v0.2.0-alpha.0): prepare release
• 53878ee fix: properly update servers menu item when the context is changed
• b4cb9c7 feat: restyle TMonitor page
• f0377e2 fix: invert chart value for cpu, storage and memory on the overview page
• 6ea6ecf fix: update capi-utils to fix talosconfig requests for CAPI clusters
• e3796d3 chore: update capi-utils
• 39186eb feat: implement overview page, cluster dropdown, ongoing tasks
• 59f2b27 docs: update README.md
• 2b7831f feat: add Kubernetes and Servers pages
• 4451a5b fix: properly set TaskStatus namespace in the initial call
• 4545464 fix: add new fields to the TaskStatus spec, update Talos
• 891cf3b docs: describe client context types, usage
• 309b515 feat: update k8s upgrades tasks structure for the new UI representation
• 5aa8ca2 feat: add NodesPage
• db434e0 feat: add TPagination component
• 0b51727 feat: add Pods, Dashboard, Upgrade views, etc
• c549b8b feat: add Overview and Upgrade Kubernetes pages
• cec2e85 chore: define constants for all used resource types
• 962bdaf feat: add TSideBar
• fa28ccb feat: add TheHeader component
• f3418a5 feat: button;icons;config
• db30f50 fix: add frontend/node_modules to gitignore
• a675b86 fix: properly pass label selector to the metadata in ClusterListItem
• 7911d6a chore: add ability to start local development server for the frontend
• 076fee1 feat: use CAPI utils for CAPI requests
• 5ed5ba2 fix: more websocket client bugfixes
• 6fe22ad fix: reset reconnect timeouts after the client is reconnected
• c4b144a fix: talosconfig/kubeconfig when using the default context
• b439a37 fix: properly handle Same-Origin header in websockets
• ffffed1 fix: read node name from nodename resource instead of hostname
• 2d6f984 fix: use secure websockets if the page itself is using https
• 799f2d2 feat: rework the node overview page
• 0d0eaf4 fix: make charts height resize depending on the screen height
• 7de0101 fix: use polyfill to fix streaming APIs on Firefox
• 0cff2b0 feat: small UI adjustments
• d70bd41 feat: implement accept Sidero server functional
• f3a6e16 feat: add top processes list to the Overview page
• 3cf97e4 refactor: use the same object for gRPC metadata context and messages
• 243206f release(v0.1.0-alpha.2): prepare release
• e5b6f29 feat: implement node Reset
• bcb7d23 fix: node IP not being truncated
• e576d33 feat: add upgrade UI for CAPI clusters
• 10cdce7 fix: server labels key/value order and chevron orientation
• 4007177 feat: implement Kubernetes upgrade UI components
• f4917ee fix: accumulate chart updates into a single update
• 414d76c feat: implement upgrade controller
• 36742ea feat: introduce create, delete and update gRPC APIs
• 2b3d314 feat: install internal COSI runtime alongside with K8s and Talos
• ae7f784 refactor: move all generated TypeScript files under frontend/src/api
• 61bad64 release(v0.1.0-alpha.1): prepare release
• 8e5e722 feat: implement node reboot controls
• 9765a88 feat: dmesg logs page
• ecbbd67 feat: use updated timestamp to display event time on the graph
• 7c56773 refactor: use Metadata to pass context in all gRPC calls
• abb4733 feat: implement service logs viewer
• 8e8e032 feat: add ability to pick sort order on the servers page
• 1a1c728 fix: resolve the issue with idFn value generating undefined ids
• 2e83fe2 feat: allow filtering servers by picking from predefined categories
• 48f776e fix: navigate home when changing the context
• a1ce0ca fix: resolve services search issues
• 5b768f8 feat: make stacked lists searchable
• ec1bc5b feat: implement stats component and add stats to the servers page
• 1a85999 feat: align Sidero servers list outlook with the wireframes
• 524264c fix: display error message and use proper layout for the spinner
• 5263d16 feat: introduce node stats page
• 8feb35e feat: make root sidebar sections collapsible
• 36ad656 feat: detect cluster capabilities
• a25d90d feat: support switching context in the UI
• 67903e2 refactor: separate Watch from StackedList
• 76b9e1d release(v0.1.0-alpha.0): prepare release
• 7bde4c8 fix: cobra command was initialized but not actually used
• 04624c9 feat: support getting Talos and Kubernetes client configs for a cluster
• 219b9c8 feat: implement notifications component
• f8b19a0 feat: decouple watch list from the view
• 2f8c96e feat: implement appearance settings modal window
• de745d6 feat: implement Talos runtime backend
• af69a0d feat: support getting Kubernetes resource through gRPC gateway
• 2c50010 feat: implement breadcrumbs component, add support for table header
• 3fc1e80 feat: implement nodes view
• 961e93a feat: implement clusters view
• e8248ff feat: use plain zap instead of SugaredLogger everywhere
• 81ba93d chore: generate websocket protocol messages using protobuf
• 37a878d feat: make JS websocket reconnect on connection loss
• 23b3281 feat: use dynamic watcher to allow listing any kinds of resources
• 16475f5 feat: implement real time update server on top of web sockets
• 76b39ae feat: create hello world Vue app using Kres
• baab493 Initial commit

Dependency Changes

This release has no dependency changes