refactor: remove the go-blockdevice v1 completely

This is driven by a bug in `nocloud`, but it was long overdue to nuke
the old version of the library completely and rely on new code.

This refactors all four platforms which do load something from a mounted
disk into one implementation.

Fixes #11948

Signed-off-by: Andrey Smirnov <andrey.smirnov@siderolabs.com>

Author: smira

go.mod

@@ -144,7 +144,6 @@ require (
 	github.com/siderolabs/discovery-client v0.1.13
 	github.com/siderolabs/gen v0.8.5
 	github.com/siderolabs/go-api-signature v0.3.8
-	github.com/siderolabs/go-blockdevice v0.4.8
 	github.com/siderolabs/go-blockdevice/v2 v2.0.19
 	github.com/siderolabs/go-circular v0.2.3
 	github.com/siderolabs/go-cmd v0.1.3

go.sum

@@ -617,8 +617,6 @@ github.com/siderolabs/gen v0.8.5 h1:xlWXTynnGD/epaj7uplvKvmAkBH+Fp51bLnw1JC0xME=
 github.com/siderolabs/gen v0.8.5/go.mod h1:CRrktDXQf3yDJI7xKv+cDYhBbKdfd/YE16OpgcHoT9E=
 github.com/siderolabs/go-api-signature v0.3.8 h1:0iTcOWIxOAc7M8aB2L+WScUd4BoqdXshvQ4h9tSSeF8=
 github.com/siderolabs/go-api-signature v0.3.8/go.mod h1:MQy+DcXCQIFFXZr+E4tbMmnQSQs7WpubSpJFRN694mI=
-github.com/siderolabs/go-blockdevice v0.4.8 h1:KfdWvIx0Jft5YVuCsFIJFwjWEF1oqtzkgX9PeU9cX4c=
-github.com/siderolabs/go-blockdevice v0.4.8/go.mod h1:4PeOuk71pReJj1JQEXDE7kIIQJPVe8a+HZQa+qjxSEA=
 github.com/siderolabs/go-blockdevice/v2 v2.0.19 h1:V2a7HHzXlgMcZWUxpYp6BdapnwJGDAs/oGy1zkPicNA=
 github.com/siderolabs/go-blockdevice/v2 v2.0.19/go.mod h1:nqUmQxOSex/Sg70x+QyhdE/VtXZ6Q53Z4FoR2RFBzZU=
 github.com/siderolabs/go-circular v0.2.3 h1:GKkA1Tw79kEFGtWdl7WTxEUTbwtklITeiRT0V1McHrA=

internal/app/machined/pkg/controllers/block/internal/volumes/format.go

@@ -54,6 +54,8 @@ func Format(ctx context.Context, logger *zap.Logger, volumeContext ManagerContex
 
 	switch {
 	case volumeContext.Cfg.TypedSpec().Provisioning.FilesystemSpec.Type == block.FilesystemTypeNone:
+		volumeContext.Status.Filesystem, _ = block.FilesystemTypeString(info.Name) //nolint:errcheck
+
 		// this is mountable
 		if volumeContext.Cfg.TypedSpec().Mount.TargetPath != "" {
 			switch info.Name {
@@ -65,10 +67,6 @@ func Format(ctx context.Context, logger *zap.Logger, volumeContext ManagerContex
 
 				return fmt.Errorf("volume is encrypted, but no encryption config provided")
 			}
-
-			volumeContext.Status.Filesystem, _ = block.FilesystemTypeString(info.Name) //nolint:errcheck
-		} else {
-			volumeContext.Status.Filesystem = block.FilesystemTypeNone
 		}
 
 		volumeContext.Status.Phase = block.VolumePhaseReady

internal/app/machined/pkg/runtime/v1alpha1/platform/internal/blockutils/blockutils.go

@@ -0,0 +1,170 @@
+// This Source Code Form is subject to the terms of the Mozilla Public
+// License, v. 2.0. If a copy of the MPL was not distributed with this
+// file, You can obtain one at http://mozilla.org/MPL/2.0/.
+
+// Package blockutils provides volume-related helpers for platform implementation.
+package blockutils
+
+import (
+	"context"
+	"fmt"
+	"io/fs"
+	"log"
+	"time"
+
+	"github.com/cosi-project/runtime/pkg/resource"
+	"github.com/cosi-project/runtime/pkg/safe"
+	"github.com/cosi-project/runtime/pkg/state"
+	"github.com/google/cel-go/common/ast"
+	"github.com/google/cel-go/common/operators"
+	"github.com/google/cel-go/common/types"
+	"github.com/siderolabs/gen/xslices"
+
+	"github.com/siderolabs/talos/internal/pkg/mount/v3"
+	"github.com/siderolabs/talos/pkg/machinery/cel"
+	"github.com/siderolabs/talos/pkg/machinery/cel/celenv"
+	"github.com/siderolabs/talos/pkg/machinery/resources/block"
+	"github.com/siderolabs/talos/pkg/xfs"
+	"github.com/siderolabs/talos/pkg/xfs/fsopen"
+)
+
+// VolumeMatch returns a CEL expression that matches a volume by filesystem or partition label.
+func VolumeMatch(labels []string) (*cel.Expression, error) {
+	builder := cel.NewBuilder(celenv.VolumeLocator())
+
+	// "(volume.label in ['%s', ...] || volume.partition_label in ['%s', ...]) && volume.name != ''"
+	expr := builder.NewCall(
+		builder.NextID(),
+		operators.LogicalAnd,
+		builder.NewCall(
+			builder.NextID(),
+			operators.LogicalOr,
+			builder.NewCall(
+				builder.NextID(),
+				operators.In,
+				builder.NewSelect(
+					builder.NextID(),
+					builder.NewIdent(builder.NextID(), "volume"),
+					"label",
+				),
+				builder.NewList(
+					builder.NextID(),
+					xslices.Map(labels, func(label string) ast.Expr {
+						return builder.NewLiteral(builder.NextID(), types.String(label))
+					}),
+					nil,
+				),
+			),
+			builder.NewCall(
+				builder.NextID(),
+				operators.In,
+				builder.NewSelect(
+					builder.NextID(),
+					builder.NewIdent(builder.NextID(), "volume"),
+					"partition_label",
+				),
+				builder.NewList(
+					builder.NextID(),
+					xslices.Map(labels, func(label string) ast.Expr {
+						return builder.NewLiteral(builder.NextID(), types.String(label))
+					}),
+					nil,
+				),
+			),
+		),
+		builder.NewCall(
+			builder.NextID(),
+			operators.NotEquals,
+			builder.NewSelect(
+				builder.NextID(),
+				builder.NewIdent(builder.NextID(), "volume"),
+				"name",
+			),
+			builder.NewLiteral(builder.NextID(), types.String("")),
+		),
+	)
+
+	boolExpr, err := builder.ToBooleanExpression(expr)
+	if err != nil {
+		return nil, fmt.Errorf("error creating boolean expression: %w", err)
+	}
+
+	return boolExpr, nil
+}
+
+// ReadFromVolume tries to find a volume with the given label, mounts it
+// as read-only, calls the provided function with xfs.Root and unmounts it.
+//
+// If the volume wasn't found, fs.ErrNotExist is returned.
+func ReadFromVolume(ctx context.Context, r state.State, labels []string, cb func(xfs.Root, *block.VolumeStatus) error) error {
+	if len(labels) == 0 {
+		panic("at least one label must be provided")
+	}
+
+	volumeID := "platform/" + labels[0] + "/config"
+
+	matchExr, err := VolumeMatch(labels)
+	if err != nil {
+		return fmt.Errorf("error creating volume match expression: %w", err)
+	}
+
+	// create a volume which matches the expected filesystem label
+	vc := block.NewVolumeConfig(block.NamespaceName, volumeID)
+	vc.Metadata().Labels().Set(block.PlatformLabel, "")
+	vc.TypedSpec().Type = block.VolumeTypePartition
+	vc.TypedSpec().Locator = block.LocatorSpec{
+		Match: *matchExr,
+	}
+
+	if err := r.Create(ctx, vc); err != nil && !state.IsConflictError(err) {
+		return fmt.Errorf("error creating user disk volume configuration: %w", err)
+	}
+
+	defer func() {
+		ctx, cancel := context.WithTimeout(context.Background(), 10*time.Second)
+		defer cancel()
+
+		if err := r.TeardownAndDestroy(ctx, vc.Metadata()); err != nil {
+			log.Printf("error destroying volume config %s/%s: %v", vc.Metadata().Namespace(), vc.Metadata().ID(), err)
+		}
+	}()
+
+	// wait for the volume to be either ready or missing (includes waiting for devices to be ready)
+	volumeStatus, err := safe.StateWatchFor[*block.VolumeStatus](ctx,
+		r,
+		block.NewVolumeStatus(vc.Metadata().Namespace(), vc.Metadata().ID()).Metadata(),
+		state.WithEventTypes(state.Created, state.Updated),
+		state.WithCondition(func(r resource.Resource) (bool, error) {
+			phase := r.(*block.VolumeStatus).TypedSpec().Phase
+
+			return phase == block.VolumePhaseReady || phase == block.VolumePhaseMissing, nil
+		}),
+	)
+	if err != nil {
+		return fmt.Errorf("failed to watch for volume status: %w", err)
+	}
+
+	if volumeStatus.TypedSpec().Phase == block.VolumePhaseMissing {
+		return fmt.Errorf("failed to find volume with machine configuration %s: %w", vc.TypedSpec().Locator.Match, fs.ErrNotExist)
+	}
+
+	manager := mount.NewManager(
+		mount.WithReadOnly(),
+		mount.WithPrinter(log.Printf),
+		mount.WithFsopen(
+			volumeStatus.TypedSpec().Filesystem.String(),
+			fsopen.WithSource(volumeStatus.TypedSpec().MountLocation),
+		),
+		mount.WithDetached(),
+	)
+
+	// mount the volume, unmount when done
+	p, err := manager.Mount()
+	if err != nil {
+		return fmt.Errorf("failed to mount volume: %w", err)
+	}
+
+	defer manager.Unmount() //nolint:errcheck
+
+	return cb(p.Root(), volumeStatus)
+}

internal/app/machined/pkg/runtime/v1alpha1/platform/internal/blockutils/blockutils_test.go

@@ -0,0 +1,24 @@
+// This Source Code Form is subject to the terms of the Mozilla Public
+// License, v. 2.0. If a copy of the MPL was not distributed with this
+// file, You can obtain one at http://mozilla.org/MPL/2.0/.
+
+package blockutils_test
+
+import (
+	"testing"
+
+	"github.com/stretchr/testify/assert"
+	"github.com/stretchr/testify/require"
+
+	"github.com/siderolabs/talos/internal/app/machined/pkg/runtime/v1alpha1/platform/internal/blockutils"
+	"github.com/siderolabs/talos/pkg/machinery/constants"
+)
+
+func TestVolumeMatch(t *testing.T) {
+	t.Parallel()
+
+	expr, err := blockutils.VolumeMatch([]string{constants.MetalConfigISOLabel})
+	require.NoError(t, err)
+
+	assert.Equal(t, `(volume.label in ["metal-iso"] || volume.partition_label in ["metal-iso"]) && volume.name != ""`, expr.String())
+}

internal/app/machined/pkg/runtime/v1alpha1/platform/metal/metal.go

@@ -11,12 +11,8 @@ import (
 	"fmt"
 	"io/fs"
 	"log"
-	"os"
-	"path/filepath"
 	"time"
 
-	"github.com/cosi-project/runtime/pkg/resource"
-	"github.com/cosi-project/runtime/pkg/safe"
 	"github.com/cosi-project/runtime/pkg/state"
 	"github.com/siderolabs/gen/channel"
 	"github.com/siderolabs/go-pointer"
@@ -26,24 +22,18 @@ import (
 
 	"github.com/siderolabs/talos/internal/app/machined/pkg/runtime"
 	"github.com/siderolabs/talos/internal/app/machined/pkg/runtime/v1alpha1/platform/errors"
+	"github.com/siderolabs/talos/internal/app/machined/pkg/runtime/v1alpha1/platform/internal/blockutils"
 	"github.com/siderolabs/talos/internal/app/machined/pkg/runtime/v1alpha1/platform/internal/netutils"
 	"github.com/siderolabs/talos/internal/app/machined/pkg/runtime/v1alpha1/platform/metal/oauth2"
 	"github.com/siderolabs/talos/internal/app/machined/pkg/runtime/v1alpha1/platform/metal/url"
-	"github.com/siderolabs/talos/internal/pkg/mount/v3"
 	"github.com/siderolabs/talos/pkg/download"
-	"github.com/siderolabs/talos/pkg/machinery/cel"
-	"github.com/siderolabs/talos/pkg/machinery/cel/celenv"
 	"github.com/siderolabs/talos/pkg/machinery/constants"
 	"github.com/siderolabs/talos/pkg/machinery/imager/quirks"
 	"github.com/siderolabs/talos/pkg/machinery/meta"
 	"github.com/siderolabs/talos/pkg/machinery/resources/block"
 	"github.com/siderolabs/talos/pkg/machinery/resources/hardware"
 	runtimeres "github.com/siderolabs/talos/pkg/machinery/resources/runtime"
-	"github.com/siderolabs/talos/pkg/xfs/fsopen"
-)
-
-const (
-	mnt = "/mnt"
+	"github.com/siderolabs/talos/pkg/xfs"
 )
 
 // Metal is a discoverer for non-cloud environments.
@@ -131,81 +121,28 @@ func (m *Metal) Mode() runtime.Mode {
 	return runtime.ModeMetal
 }
 
-func metalISOMatch() cel.Expression {
-	return cel.MustExpression(cel.ParseBooleanExpression(
-		fmt.Sprintf("volume.label == '%s' || volume.partition_label == '%s'", constants.MetalConfigISOLabel, constants.MetalConfigISOLabel),
-		celenv.VolumeLocator(),
-	))
-}
-
 func readConfigFromISO(ctx context.Context, r state.State) ([]byte, error) {
-	volumeID := "platform/metal/config"
-
-	// create a volume which matches the expected filesystem label
-	vc := block.NewVolumeConfig(block.NamespaceName, volumeID)
-	vc.Metadata().Labels().Set(block.PlatformLabel, "")
-	vc.TypedSpec().Type = block.VolumeTypePartition
-	vc.TypedSpec().Locator = block.LocatorSpec{
-		Match: metalISOMatch(),
-	}
-	vc.TypedSpec().Mount = block.MountSpec{
-		TargetPath: mnt,
-	}
-
-	if err := r.Create(ctx, vc); err != nil && !state.IsConflictError(err) {
-		return nil, fmt.Errorf("error creating user disk volume configuration: %w", err)
-	}
-
-	// wait for the volume to be either ready or missing (includes waiting for devices to be ready)
-	volumeStatus, err := safe.StateWatchFor[*block.VolumeStatus](ctx,
-		r,
-		block.NewVolumeStatus(vc.Metadata().Namespace(), vc.Metadata().ID()).Metadata(),
-		state.WithEventTypes(state.Created, state.Updated),
-		state.WithCondition(func(r resource.Resource) (bool, error) {
-			phase := r.(*block.VolumeStatus).TypedSpec().Phase
-
-			return phase == block.VolumePhaseReady || phase == block.VolumePhaseMissing, nil
-		}),
-	)
-	if err != nil {
-		return nil, fmt.Errorf("failed to watch for volume status: %w", err)
-	}
+	var b []byte
 
-	if volumeStatus.TypedSpec().Phase == block.VolumePhaseMissing {
-		return nil, fmt.Errorf("failed to find volume with machine configuration %s", vc.TypedSpec().Locator.Match)
-	}
+	err := blockutils.ReadFromVolume(ctx, r, []string{constants.MetalConfigISOLabel}, func(root xfs.Root, volumeStatus *block.VolumeStatus) error {
+		var err error
 
-	manager := mount.NewManager(
-		mount.WithTarget(volumeStatus.TypedSpec().MountSpec.TargetPath),
-		mount.WithReadOnly(),
-		mount.WithPrinter(log.Printf),
-		mount.WithFsopen(
-			volumeStatus.TypedSpec().Filesystem.String(),
-			fsopen.WithBoolParameter("ro"),
-			fsopen.WithSource(volumeStatus.TypedSpec().MountLocation),
-		),
-	)
-
-	// mount the volume, unmount when done
-	if _, err := manager.Mount(); err != nil {
-		return nil, fmt.Errorf("failed to mount volume: %w", err)
-	}
-
-	defer manager.Unmount() //nolint:errcheck
+		b, err = xfs.ReadFile(root, constants.ConfigFilename)
+		if err != nil {
+			return fmt.Errorf("read config: %w", err)
+		}
 
-	b, err := os.ReadFile(filepath.Join(mnt, constants.ConfigFilename))
-	if err != nil {
-		return nil, fmt.Errorf("read config: %w", err)
-	}
+		log.Printf("read machine config from volume: %s (filesystem %q, UUID %q, size %s)",
+			volumeStatus.TypedSpec().Location,
+			volumeStatus.TypedSpec().Filesystem,
+			volumeStatus.TypedSpec().UUID,
+			volumeStatus.TypedSpec().PrettySize,
+		)
 
-	log.Printf("read machine config from volume: %s (filesystem %q, UUID %q, size %s)",
-		volumeStatus.TypedSpec().Location,
-		volumeStatus.TypedSpec().Filesystem,
-		volumeStatus.TypedSpec().UUID,
-		volumeStatus.TypedSpec().PrettySize,
-	)
+		return nil
+	})
 
-	return b, nil
+	return b, err
 }
 
 // KernelArgs implements the runtime.Platform interface.