Skip to content

v0.23.0

Latest
Latest

Choose a tag to compare

View all tags
@bfjelds bfjelds released this 20 May 01:10
v0.23.0
9a51c88
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.

Full version: 0.23.0-2026051302.v9a51c88

New Preview (subject to change) Features

gRPC Client CLI

Trident now includes a grpc-client CLI that communicates with the Trident gRPC daemon (tridentd) over Unix socket. This enables scripted and programmatic interactions with Trident's servicing APIs.

Available commands:

  • trident grpc-client update — perform a unified update (stage + finalize) via gRPC
  • trident grpc-client commit — commit a staged update via gRPC

The gRPC UpdateService and Commit APIs have been promoted to v1 stable in this release.

(#585, #603, #581, #582)

Azure Container Linux (ACL) Support

This release introduces initial support for Azure Container Linux (ACL), Microsoft's container-optimized Linux distribution. ACL uses a minimal, immutable root filesystem with a specific partition layout and security posture than standard Azure Linux.

Key changes for ACL:

  • Added a dedicated trident-acl-agent sub-package that provides a service to query Omaha servers and trigger updates. (#640, #593, #614)
  • Added support for non-default ESP mount paths, enabling servicing for distros that do not mount the ESP at /boot/efi. (#595, #596)
  • SELinux policies are now modular — rules for optional components (cloud-init, GPG/rpm paths, ACL-removed modules) are only applied when those components are present. (#636, #611, #643)
  • Added support for initializing an empty datastore during updates on ACL distributions. (#590)
  • Expanded partition validation to accept ACL's custom USR partition type. (#625)

Changes

  • Updates now validate that host and COSI os-release metadata align before proceeding. (#617)

Bug Fixes

  • Mitigated possible initramfs boot hangs caused by stale disk UUIDs by forcing a device table refresh before dracut invocation. (#633)
  • Fixed OCI pulls to honor HTTPS_PROXY environment variables. (#637)
  • Fixed A/B update validation for systems where root (/) is not an A/B volume. (#619)
  • Fixed validation to require grub.cfg only for non-UKI images. (#618)

Known Issues

  • ImageCustomizer v1.2.0 produces UKI COSI files that are only compatible with Trident v0.21+. Trident v0.23 works with COSI files created by any recent ImageCustomizer.
  • Integration with systemd-journald is not compatible with chrooted environments, which causes Trident logs produced during the chroot steps to be missing from the system journal. All logs are still available in the background log file.

Links

Assets 8
Loading