siderolabs
diff --git a/‎api/resource/definitions/network/network.proto‎
Lines changed: 5 additions & 0 deletions b/‎api/resource/definitions/network/network.proto‎
Lines changed: 5 additions & 0 deletions
diff --git a/‎internal/app/machined/pkg/controllers/network/link_alias_config.go‎
Lines changed: 178 additions & 0 deletions b/‎internal/app/machined/pkg/controllers/network/link_alias_config.go‎
Lines changed: 178 additions & 0 deletions
diff --git a/‎internal/app/machined/pkg/controllers/network/link_alias_config_test.go‎
Lines changed: 95 additions & 0 deletions b/‎internal/app/machined/pkg/controllers/network/link_alias_config_test.go‎
Lines changed: 95 additions & 0 deletions
@@ -213,6 +213,11 @@ message HostnameStatusSpec {
   string domainname = 2;
 }
 
+// LinkAliasSpecSpec describes status of rendered secrets.
+message LinkAliasSpecSpec {
+  string alias = 1;
+}
+
 // LinkRefreshSpec describes status of rendered secrets.
 message LinkRefreshSpec {
   int64 generation = 1;
 
@@ -0,0 +1,178 @@
+// This Source Code Form is subject to the terms of the Mozilla Public
+// License, v. 2.0. If a copy of the MPL was not distributed with this
+// file, You can obtain one at http://mozilla.org/MPL/2.0/.
+
+package network
+
+import (
+	"context"
+	"fmt"
+	"slices"
+
+	"github.com/cosi-project/runtime/pkg/controller"
+	"github.com/cosi-project/runtime/pkg/safe"
+	"github.com/cosi-project/runtime/pkg/state"
+	"github.com/siderolabs/gen/optional"
+	"github.com/siderolabs/gen/xslices"
+	"go.uber.org/zap"
+
+	networkpb "github.com/siderolabs/talos/pkg/machinery/api/resource/definitions/network"
+	"github.com/siderolabs/talos/pkg/machinery/cel/celenv"
+	configconfig "github.com/siderolabs/talos/pkg/machinery/config/config"
+	"github.com/siderolabs/talos/pkg/machinery/proto"
+	"github.com/siderolabs/talos/pkg/machinery/resources/config"
+	"github.com/siderolabs/talos/pkg/machinery/resources/network"
+)
+
+// LinkAliasConfigController manages network.LinkAliasSpec based on machine configuration, list of links, etc.
+type LinkAliasConfigController struct{}
+
+// Name implements controller.Controller interface.
+func (ctrl *LinkAliasConfigController) Name() string {
+	return "network.LinkAliasConfigController"
+}
+
+// Inputs implements controller.Controller interface.
+func (ctrl *LinkAliasConfigController) Inputs() []controller.Input {
+	return []controller.Input{
+		{
+			Namespace: config.NamespaceName,
+			Type:      config.MachineConfigType,
+			ID:        optional.Some(config.ActiveID),
+			Kind:      controller.InputWeak,
+		},
+		{
+			Namespace: network.NamespaceName,
+			Type:      network.LinkStatusType,
+			Kind:      controller.InputWeak,
+		},
+	}
+}
+
+// Outputs implements controller.Controller interface.
+func (ctrl *LinkAliasConfigController) Outputs() []controller.Output {
+	return []controller.Output{
+		{
+			Type: network.LinkAliasSpecType,
+			Kind: controller.OutputExclusive,
+		},
+	}
+}
+
+// Run implements controller.Controller interface.
+//
+//nolint:gocyclo,cyclop
+func (ctrl *LinkAliasConfigController) Run(ctx context.Context, r controller.Runtime, logger *zap.Logger) error {
+	for {
+		select {
+		case <-ctx.Done():
+			return nil
+		case <-r.EventCh():
+		}
+
+		r.StartTrackingOutputs()
+
+		cfg, err := safe.ReaderGetByID[*config.MachineConfig](ctx, r, config.ActiveID)
+		if err != nil {
+			if !state.IsNotFoundError(err) {
+				return fmt.Errorf("error getting machine config: %w", err)
+			}
+		}
+
+		linkStatuses, err := safe.ReaderListAll[*network.LinkStatus](ctx, r)
+		if err != nil {
+			return fmt.Errorf("error listing link statuses: %w", err)
+		}
+
+		// we are only interested in physical links
+		physicalLinks := xslices.Filter(slices.Collect(linkStatuses.All()), func(item *network.LinkStatus) bool {
+			return item.TypedSpec().Physical()
+		})
+
+		physicalLinkSpecs := make([]*networkpb.LinkStatusSpec, 0, len(physicalLinks))
+
+		for _, link := range physicalLinks {
+			var spec networkpb.LinkStatusSpec
+
+			if err = proto.ResourceSpecToProto(link, &spec); err != nil {
+				return fmt.Errorf("error converting link spec (%s) to proto: %w", link.Metadata().ID(), err)
+			}
+
+			physicalLinkSpecs = append(physicalLinkSpecs, &spec)
+		}
+
+		var linkAliasConfigs []configconfig.NetworkLinkAliasConfig
+
+		if cfg != nil {
+			linkAliasConfigs = cfg.Config().NetworkLinkAliasConfigs()
+		}
+
+		linkAliases := map[string]string{}
+
+		for _, lac := range linkAliasConfigs {
+			var matchedLinks []*network.LinkStatus
+
+			for idx, link := range physicalLinkSpecs {
+				matches, err := lac.LinkSelector().EvalBool(celenv.LinkLocator(), map[string]any{
+					"link": link,
+				})
+				if err != nil {
+					return fmt.Errorf("error evaluating link selector: %w", err)
+				}
+
+				if matches {
+					matchedLinks = append(matchedLinks, physicalLinks[idx])
+				}
+			}
+
+			if len(matchedLinks) == 0 {
+				continue
+			}
+
+			if len(matchedLinks) > 1 {
+				logger.Warn("link selector matched multiple links, skipping",
+					zap.String("selector", lac.LinkSelector().String()),
+					zap.String("alias", lac.Name()),
+					zap.Strings("links", xslices.Map(matchedLinks, func(item *network.LinkStatus) string {
+						return item.Metadata().ID()
+					})),
+				)
+
+				continue
+			}
+
+			matchedLink := matchedLinks[0]
+
+			if _, ok := linkAliases[matchedLink.Metadata().ID()]; ok {
+				logger.Warn("link already has an alias, skipping",
+					zap.String("link", matchedLink.Metadata().ID()),
+					zap.String("existing_alias", linkAliases[matchedLink.Metadata().ID()]),
+					zap.String("new_alias", lac.Name()),
+				)
+
+				continue
+			}
+
+			linkAliases[matchedLink.Metadata().ID()] = lac.Name()
+		}
+
+		for linkID, alias := range linkAliases {
+			if err = safe.WriterModify(
+				ctx,
+				r,
+				network.NewLinkAliasSpec(network.NamespaceName, linkID),
+				func(r *network.LinkAliasSpec) error {
+					r.TypedSpec().Alias = alias
+
+					return nil
+				},
+			); err != nil {
+				return fmt.Errorf("error writing link alias spec for link %q: %w", linkID, err)
+			}
+		}
+
+		if err := safe.CleanupOutputs[*network.LinkAliasSpec](ctx, r); err != nil {
+			return fmt.Errorf("error cleaning up link alias specs: %w", err)
+		}
+	}
+}
@@ -0,0 +1,95 @@
+// This Source Code Form is subject to the terms of the Mozilla Public
+// License, v. 2.0. If a copy of the MPL was not distributed with this
+// file, You can obtain one at http://mozilla.org/MPL/2.0/.
+
+//nolint:goconst
+package network_test
+
+import (
+	"net"
+	"testing"
+	"time"
+
+	"github.com/cosi-project/runtime/pkg/resource/rtestutils"
+	"github.com/stretchr/testify/assert"
+	"github.com/stretchr/testify/suite"
+
+	"github.com/siderolabs/talos/internal/app/machined/pkg/controllers/ctest"
+	netctrl "github.com/siderolabs/talos/internal/app/machined/pkg/controllers/network"
+	"github.com/siderolabs/talos/pkg/machinery/cel"
+	"github.com/siderolabs/talos/pkg/machinery/cel/celenv"
+	"github.com/siderolabs/talos/pkg/machinery/config/container"
+	networkcfg "github.com/siderolabs/talos/pkg/machinery/config/types/network"
+	"github.com/siderolabs/talos/pkg/machinery/nethelpers"
+	"github.com/siderolabs/talos/pkg/machinery/resources/config"
+	"github.com/siderolabs/talos/pkg/machinery/resources/network"
+)
+
+type LinkAliasConfigSuite struct {
+	ctest.DefaultSuite
+}
+
+func (suite *LinkAliasConfigSuite) TestMachineConfigurationNewStyle() {
+	lc1 := networkcfg.NewLinkAliasConfigV1Alpha1("net0")
+	lc1.Selector.Match = cel.MustExpression(cel.ParseBooleanExpression(`glob("00:1a:2b:*", mac(link.permanent_addr))`, celenv.LinkLocator()))
+
+	lc2 := networkcfg.NewLinkAliasConfigV1Alpha1("net1")
+	lc2.Selector.Match = cel.MustExpression(cel.ParseBooleanExpression(`glob("33:44:55:*", mac(link.permanent_addr))`, celenv.LinkLocator()))
+
+	ctr, err := container.New(lc1, lc2)
+	suite.Require().NoError(err)
+
+	cfg := config.NewMachineConfig(ctr)
+	suite.Create(cfg)
+
+	for _, link := range []struct {
+		name          string
+		permanentAddr string
+	}{
+		{
+			name:          "enp0s2",
+			permanentAddr: "00:1a:2b:33:44:55",
+		},
+		{
+			name:          "enp1s3",
+			permanentAddr: "33:44:55:66:77:88",
+		},
+		{
+			name:          "enp1s4",
+			permanentAddr: "33:44:55:66:77:89",
+		},
+	} {
+		pAddr, err := net.ParseMAC(link.permanentAddr)
+		suite.Require().NoError(err)
+
+		status := network.NewLinkStatus(network.NamespaceName, link.name)
+		status.TypedSpec().PermanentAddr = nethelpers.HardwareAddr(pAddr)
+		status.TypedSpec().HardwareAddr = nethelpers.HardwareAddr(pAddr)
+		status.TypedSpec().Type = nethelpers.LinkEther
+
+		suite.Create(status)
+	}
+
+	rtestutils.AssertResource(suite.Ctx(), suite.T(), suite.State(), "enp0s2", func(spec *network.LinkAliasSpec, asrt *assert.Assertions) {
+		asrt.Equal("net0", spec.TypedSpec().Alias)
+	})
+	rtestutils.AssertNoResource[*network.LinkAliasSpec](suite.Ctx(), suite.T(), suite.State(), "enp1s3")
+	rtestutils.AssertNoResource[*network.LinkAliasSpec](suite.Ctx(), suite.T(), suite.State(), "enp1s4")
+
+	suite.Destroy(cfg)
+
+	rtestutils.AssertNoResource[*network.LinkAliasSpec](suite.Ctx(), suite.T(), suite.State(), "enp0s2")
+}
+
+func TestLinkAliasConfigSuite(t *testing.T) {
+	t.Parallel()
+
+	suite.Run(t, &LinkAliasConfigSuite{
+		DefaultSuite: ctest.DefaultSuite{
+			Timeout: 5 * time.Second,
+			AfterSetup: func(s *ctest.DefaultSuite) {
+				s.Require().NoError(s.Runtime().RegisterController(&netctrl.LinkAliasConfigController{}))
+			},
+		},
+	})
+}