fix: fix config generation failure due to secure boot status

A change in the `SecureBootStatus` in the `MachineStatus` did not cause a new config to be generated. This was caused by the `ClusterMachineConfigController` not taking the `MachineStatus` into the calculation of the hash from the inputs (`UpdateInputsVersions`) to determine if it should generate a new config or not. Modify the existing `MachineConfigGenOptions` resource to hold the required information to build the install image. Instead of using `MachineStatus+ClusterMachineTalosVersion` to build the install image URL, use only `MachineConfigGenOptions` resource. Additionally, add a migration to pre-populate the new fields in the `MachineConfigGenOptions` resources, so that they will not be modified on the next Omni upgrade. Also update the input versions of the `ClusterMachineConfig` to not contain `ClusterMachineTalosVersion` anymore, so that we won't trigger a config re-apply on the next Omni upgrade. Signed-off-by: Utku Ozdemir <utku.ozdemir@siderolabs.com>
siderolabs · Jun 6, 2024 · 8eac9c9 · 8eac9c9
1 parent 331fc31
commit 8eac9c9
Show file tree

Hide file tree

Showing 24 changed files with 2,484 additions and 1,789 deletions.
diff --git a/client/api/omni/specs/omni.pb.go b/client/api/omni/specs/omni.pb.go
diff --git a/client/api/omni/specs/omni.proto b/client/api/omni/specs/omni.proto
@@ -17,6 +17,12 @@ message MachineSpec {
   reserved 4;
 }
 
+// SecureBootStatus describes the status of the SecureBoot feature.
+message SecureBootStatus {
+  // Enabled is true if SecureBoot is detected to be available and enabled.
+  bool enabled = 1;
+}
+
 // MachineStatusSpec describes state of a Machine.
 message MachineStatusSpec {
   // HardwareStatus describes machine hardware status.
@@ -171,12 +177,6 @@ message MachineStatusSpec {
     string full_id = 9;
   }
 
-  // SecureBootStatus describes the status of the SecureBoot feature.
-  message SecureBootStatus {
-    // Enabled is true if SecureBoot is detected to be available and enabled.
-    bool enabled = 1;
-  }
-
   // Talos version.
   string talos_version = 1;
 
@@ -903,7 +903,23 @@ message MachineClassSpec {
 
 // MachineConfigGenOptionsSpec describes machine related config generation inputs.
 message MachineConfigGenOptionsSpec {
+  message InstallImage {
+    // TalosVersion is the Talos version to use for the install image.
+    string talos_version = 1;
+    // SchematicId is the schematic id to use for the install image.
+    string schematic_id = 2;
+    // SchematicInitialized is true if the schematic is initialized.
+    bool schematic_initialized = 3;
+    // SchematicInvalid is true if the schematic is invalid.
+    bool schematic_invalid = 4;
+    // SecureBootStatus is the status of the SecureBoot feature.
+    SecureBootStatus secure_boot_status = 5;
+  }
+
   string install_disk = 1;
+
+  // InstallImage contains the information needed to build the install image URL of a machine to be used by the Talos installer.
+  InstallImage install_image = 2;
 }
 
 // EtcdAuditResult is updated when the etcd audit removes a member.