From 624f2a3dd1d78c5b92cc104c35d14d05f3b9a8d4 Mon Sep 17 00:00:00 2001
From: Devin Buhl <devin@buhl.casa>
Date: Thu, 18 Jan 2024 14:12:39 -0500
Subject: [PATCH] feat: add talos support

Signed-off-by: Devin Buhl <devin@buhl.casa>
---
 .taskfiles/Talos/Taskfile.yaml                | 41 +++++++++++++++++++
 .taskfiles/Workstation/Archfile               |  1 +
 .taskfiles/Workstation/Brewfile               |  2 +
 Taskfile.yaml                                 |  1 +
 bootstrap/tasks/validation/cli.yaml           | 10 +++++
 bootstrap/tasks/validation/vars.yaml          |  2 +-
 .../kubernetes/talos/talhelper.yaml.j2        |  8 ++++
 bootstrap/vars/config.sample.yaml             |  2 +-
 8 files changed, 65 insertions(+), 2 deletions(-)
 create mode 100644 .taskfiles/Talos/Taskfile.yaml
 create mode 100644 bootstrap/templates/kubernetes/talos/talhelper.yaml.j2

diff --git a/.taskfiles/Talos/Taskfile.yaml b/.taskfiles/Talos/Taskfile.yaml
new file mode 100644
index 00000000000..71a3ead55b6
--- /dev/null
+++ b/.taskfiles/Talos/Taskfile.yaml
@@ -0,0 +1,41 @@
+---
+version: "3"
+
+vars:
+  TALOS_DIR: "{{.ROOT_DIR}}/kubernetes/talos"
+
+tasks:
+
+  genconfig:
+    desc: Generate talos config
+    dir: "{{.TALOS_DIR}}"
+    cmd: talhelper genconfig
+    preconditions:
+      - { msg: "Missing talhelper config file", sh: "test -f {{.TALOS_DIR}}/talhelper.yaml" }
+
+  apply-config:
+    desc: Apply talos config on a node
+    cmd: talosctl -n {{.node}} apply-config -f "{{.TALOS_DIR}}/clusterconfig/k8s-{{.node}}.yaml"
+    vars:
+      node: '{{ or .node (fail "Argument (node) is required") }}'
+    preconditions:
+      - { msg: "Missing Talos config file", sh: "test -f {{.TALOS_DIR}}/clusterconfig/k8s-{{.node}}.yaml" }
+      - { msg: "Node not found", sh: "talosctl -n {{.node}} get mc" }
+
+  upgrade-talos:
+    desc: Upgrade talos on a node
+    cmd: talosctl -n {{.node}} upgrade --image {{.image}} --preserve=true --reboot-mode=powercycle
+    vars:
+      image: '{{ or .image (fail "Argument (image) is required") }}'
+      node: '{{ or .node (fail "Argument (node) is required") }}'
+    preconditions:
+      - { msg: "Node not found", sh: "talosctl -n {{.node}} get mc" }
+
+  upgrade-k8s:
+    desc: Upgrade k8s on a node
+    cmd: talosctl -n {{.node}} upgrade-k8s --to {{.to}}
+    vars:
+      node: '{{ or .node (fail "Argument (node) is required") }}'
+      to: '{{ or .to (fail "Argument (to) is required") }}'
+    preconditions:
+      - { msg: "Node not found", sh: "talosctl -n {{.node}} get mc" }
diff --git a/.taskfiles/Workstation/Archfile b/.taskfiles/Workstation/Archfile
index 427222415e6..2e024a5a50e 100644
--- a/.taskfiles/Workstation/Archfile
+++ b/.taskfiles/Workstation/Archfile
@@ -14,3 +14,4 @@ moreutils
 sops
 stern-bin
 talhelper-bin
+talosctl
diff --git a/.taskfiles/Workstation/Brewfile b/.taskfiles/Workstation/Brewfile
index 5d696965d5f..46a03eae9c4 100644
--- a/.taskfiles/Workstation/Brewfile
+++ b/.taskfiles/Workstation/Brewfile
@@ -1,6 +1,7 @@
 tap "fluxcd/tap"
 tap "go-task/tap"
 tap "k0sproject/tap"
+tap "siderolabs/talos"
 brew "age"
 brew "cloudflared"
 brew "direnv"
@@ -16,4 +17,5 @@ brew "moreutils"
 brew "sops"
 brew "stern"
 brew "talhelper"
+brew "talosctl"
 brew "yq"
diff --git a/Taskfile.yaml b/Taskfile.yaml
index b76be486881..ca722a33351 100644
--- a/Taskfile.yaml
+++ b/Taskfile.yaml
@@ -28,6 +28,7 @@ includes:
   repository:
     aliases: ["repo"]
     taskfile: .taskfiles/Repository/Taskfile.yaml
+  talos: .taskfiles/Talos/Taskfile.yaml
   sops: .taskfiles/Sops/Taskfile.yaml
   workstation: .taskfiles/Workstation/Taskfile.yaml
 
diff --git a/bootstrap/tasks/validation/cli.yaml b/bootstrap/tasks/validation/cli.yaml
index 930078d5b34..aa1289cf862 100644
--- a/bootstrap/tasks/validation/cli.yaml
+++ b/bootstrap/tasks/validation/cli.yaml
@@ -17,3 +17,13 @@
   check_mode: false
   register: result
   failed_when: result.rc != 0 and result.rc != 127
+
+- name: Check if required CLI tools are present for talos
+  when: bootstrap_distribution == "k0s"
+  ansible.builtin.shell: |
+    command -v {{ item }} >/dev/null 2>&1
+  loop: ["talhelper"]
+  changed_when: false
+  check_mode: false
+  register: result
+  failed_when: result.rc != 0 and result.rc != 127
diff --git a/bootstrap/tasks/validation/vars.yaml b/bootstrap/tasks/validation/vars.yaml
index 45036de2a91..467ceec36c8 100644
--- a/bootstrap/tasks/validation/vars.yaml
+++ b/bootstrap/tasks/validation/vars.yaml
@@ -33,7 +33,7 @@
 
 - name: Check if bootstrap distribution is valid
   ansible.builtin.assert:
-    that: bootstrap_distribution in ['k0s', 'k3s']
+    that: bootstrap_distribution in ['k0s', 'k3s', 'talos']
     success_msg: Distribution {{ bootstrap_distribution }} is valid
     fail_msg: Distribution {{ bootstrap_distribution }} is not valid
 
diff --git a/bootstrap/templates/kubernetes/talos/talhelper.yaml.j2 b/bootstrap/templates/kubernetes/talos/talhelper.yaml.j2
new file mode 100644
index 00000000000..56061e02418
--- /dev/null
+++ b/bootstrap/templates/kubernetes/talos/talhelper.yaml.j2
@@ -0,0 +1,8 @@
+#% if bootstrap_distribution == 'talos' %#
+---
+clusterName: &cluster k8s
+clusterPodNets:
+  - "#{ bootstrap_cluster_cidr.split(',')[0] }#"
+clusterSvcNets:
+  - "#{ bootstrap_service_cidr.split(',')[0] }#"
+#% endif %#
diff --git a/bootstrap/vars/config.sample.yaml b/bootstrap/vars/config.sample.yaml
index 159eb0f46b0..a23d9eefaa9 100644
--- a/bootstrap/vars/config.sample.yaml
+++ b/bootstrap/vars/config.sample.yaml
@@ -3,7 +3,7 @@
 # Bootstrap configuration - config.yaml is gitignored
 #
 
-# Distribution can either be 'k3s' or 'k0s'
+# Distribution can either be 'k3s', 'k0s', or 'talos'
 bootstrap_distribution: k3s
 
 # Github username (e.g. onedr0p)