diff --git a/controllers/secrets.go b/controllers/secrets.go index 0a2ba02..b440620 100644 --- a/controllers/secrets.go +++ b/controllers/secrets.go @@ -34,27 +34,74 @@ func (r *TalosConfigReconciler) fetchSecret(ctx context.Context, config *bootstr return retSecret, nil } -func (r *TalosConfigReconciler) writeInputSecret(ctx context.Context, scope *TalosConfigScope, input *generate.Input) (*corev1.Secret, error) { +// getSecretsBundle either generates or loads existing secret. +func (r *TalosConfigReconciler) getSecretsBundle(ctx context.Context, scope *TalosConfigScope, secretName string, opts ...generate.GenOption) (*generate.SecretsBundle, error) { + var secretsBundle *generate.SecretsBundle - certMarshal, err := yaml.Marshal(input.Certs) - if err != nil { - return nil, err - } +retry: + secret, err := r.fetchSecret(ctx, scope.Config, secretName) - kubeSecretsMarshal, err := yaml.Marshal(input.Secrets) - if err != nil { - return nil, err + switch { + case err != nil && k8serrors.IsNotFound(err): + // no cluster secret yet, generate new one + secretsBundle, err = generate.NewSecretsBundle(generate.NewClock(), opts...) + if err != nil { + return nil, fmt.Errorf("error generating new secrets bundle: %w", err) + } + + if err = r.writeSecretsBundleSecret(ctx, scope, secretName, secretsBundle); err != nil { + if k8serrors.IsAlreadyExists(err) { + // conflict on creation, retry loading + goto retry + } + + return nil, fmt.Errorf("error writing secrets bundle: %w", err) + } + case err != nil: + return nil, fmt.Errorf("error reading secrets bundle: %w", err) + default: + // successfully loaded secret, initialize secretsBundle from it + secretsBundle = &generate.SecretsBundle{ + Clock: generate.NewClock(), + } + + if _, ok := secret.Data["bundle"]; ok { + // new format + if err = yaml.Unmarshal(secret.Data["bundle"], secretsBundle); err != nil { + return nil, fmt.Errorf("error unmarshaling secrets bundle: %w", err) + } + } else { + // legacy format + if err = yaml.Unmarshal(secret.Data["certs"], &secretsBundle.Certs); err != nil { + return nil, fmt.Errorf("error unmarshaling certs: %w", err) + } + + if err = yaml.Unmarshal(secret.Data["kubeSecrets"], &secretsBundle.Secrets); err != nil { + return nil, fmt.Errorf("error unmarshaling secrets: %w", err) + } + + if err = yaml.Unmarshal(secret.Data["trustdInfo"], &secretsBundle.TrustdInfo); err != nil { + return nil, fmt.Errorf("error unmarshaling trustd info: %w", err) + } + + // not stored in legacy format, use empty values + secretsBundle.Cluster = &generate.Cluster{} + } } - trustdInfoMarshal, err := yaml.Marshal(input.TrustdInfo) + return secretsBundle, nil +} + +func (r *TalosConfigReconciler) writeSecretsBundleSecret(ctx context.Context, scope *TalosConfigScope, secretName string, secretsBundle *generate.SecretsBundle) error { + bundle, err := yaml.Marshal(secretsBundle) if err != nil { - return nil, err + return fmt.Errorf("error marshaling secrets bundle: %w", err) } - certSecret := &corev1.Secret{ + secret := &corev1.Secret{ ObjectMeta: metav1.ObjectMeta{ Namespace: scope.Config.Namespace, - Name: scope.Cluster.Name + "-talos", + Name: secretName, Labels: map[string]string{ capiv1.ClusterLabelName: scope.Cluster.Name, }, @@ -63,45 +110,43 @@ func (r *TalosConfigReconciler) writeInputSecret(ctx context.Context, scope *Tal }, }, Data: map[string][]byte{ - "certs": certMarshal, - "kubeSecrets": kubeSecretsMarshal, - "trustdInfo": trustdInfoMarshal, + "bundle": bundle, }, } - err = r.Client.Create(ctx, certSecret) - if err != nil { - return nil, err - } - return certSecret, nil + return r.Client.Create(ctx, secret) } func (r *TalosConfigReconciler) writeK8sCASecret(ctx context.Context, scope *TalosConfigScope, certs *x509.PEMEncodedCertificateAndKey) error { // Create ca secret only if it doesn't already exist _, err := r.fetchSecret(ctx, scope.Config, scope.Cluster.Name+"-ca") - if k8serrors.IsNotFound(err) { - certSecret := &corev1.Secret{ - ObjectMeta: metav1.ObjectMeta{ - Namespace: scope.Config.Namespace, - Name: scope.Cluster.Name + "-ca", - Labels: map[string]string{ - capiv1.ClusterLabelName: scope.Cluster.Name, - }, - OwnerReferences: []metav1.OwnerReference{ - *metav1.NewControllerRef(scope.Cluster, capiv1.GroupVersion.WithKind("Cluster")), - }, + if err == nil { + return nil + } + + if !k8serrors.IsNotFound(err) { + return err + } + + certSecret := &corev1.Secret{ + ObjectMeta: metav1.ObjectMeta{ + Namespace: scope.Config.Namespace, + Name: scope.Cluster.Name + "-ca", + Labels: map[string]string{ + capiv1.ClusterLabelName: scope.Cluster.Name, }, - Data: map[string][]byte{ - "tls.crt": certs.Crt, - "tls.key": certs.Key, + OwnerReferences: []metav1.OwnerReference{ + *metav1.NewControllerRef(scope.Cluster, capiv1.GroupVersion.WithKind("Cluster")), }, - } + }, + Data: map[string][]byte{ + "tls.crt": certs.Crt, + "tls.key": certs.Key, + }, + } - err = r.Client.Create(ctx, certSecret) - if err != nil { - return err - } - } else if err != nil { + err = r.Client.Create(ctx, certSecret) + if err != nil && !k8serrors.IsAlreadyExists(err) { return err } diff --git a/controllers/talosconfig_controller.go b/controllers/talosconfig_controller.go index 4f63ae6..b7774ac 100644 --- a/controllers/talosconfig_controller.go +++ b/controllers/talosconfig_controller.go @@ -19,11 +19,10 @@ import ( "github.com/talos-systems/talos/pkg/machinery/config/configpatcher" "github.com/talos-systems/talos/pkg/machinery/config/types/v1alpha1" "github.com/talos-systems/talos/pkg/machinery/config/types/v1alpha1/generate" - configmachine "github.com/talos-systems/talos/pkg/machinery/config/types/v1alpha1/machine" + "github.com/talos-systems/talos/pkg/machinery/config/types/v1alpha1/machine" "github.com/talos-systems/talos/pkg/machinery/constants" "gopkg.in/yaml.v2" apierrors "k8s.io/apimachinery/pkg/api/errors" - k8serrors "k8s.io/apimachinery/pkg/api/errors" "k8s.io/apimachinery/pkg/runtime" capiv1 "sigs.k8s.io/cluster-api/api/v1alpha3" bsutil "sigs.k8s.io/cluster-api/bootstrap/util" @@ -48,7 +47,7 @@ const ( ) var ( - defaultVersionContract = config.TalosVersion0_8 + defaultVersionContract = config.TalosVersionCurrent ) // TalosConfigReconciler reconciles a TalosConfig object @@ -206,9 +205,11 @@ func (r *TalosConfigReconciler) Reconcile(req ctrl.Request) (_ ctrl.Result, rerr var retData *TalosConfigBundle - switch config.Spec.GenerateType { + machineType, _ := machine.ParseType(config.Spec.GenerateType) //nolint:errcheck // handle errors later + + switch { // Slurp and use user-supplied configs - case "none": + case config.Spec.GenerateType == "none": if config.Spec.Data == "" { return ctrl.Result{}, errors.New("failed to specify config data with none generate type") } @@ -218,14 +219,14 @@ func (r *TalosConfigReconciler) Reconcile(req ctrl.Request) (_ ctrl.Result, rerr } // Generate configs on the fly - case "init", "controlplane", "join": + case machineType != machine.TypeUnknown: retData, err = r.genConfigs(ctx, tcScope) if err != nil { return ctrl.Result{}, err } default: - return ctrl.Result{}, errors.New("unknown generate type specified") + return ctrl.Result{}, fmt.Errorf("unknown generate type specified: %q", config.Spec.GenerateType) } // Handle patches to the machine config if they were specified @@ -319,11 +320,8 @@ func (r *TalosConfigReconciler) userConfigs(ctx context.Context, scope *TalosCon } // Create the secret with kubernetes certs so a kubeconfig can be generated - if userConfig.Machine().Type() == configmachine.TypeInit { - err = r.writeK8sCASecret(ctx, scope, userConfig.Cluster().CA()) - if err != nil { - return retBundle, err - } + if err = r.writeK8sCASecret(ctx, scope, userConfig.Cluster().CA()); err != nil { + return retBundle, err } userConfigStr, err := userConfig.String() @@ -341,12 +339,9 @@ func (r *TalosConfigReconciler) genConfigs(ctx context.Context, scope *TalosConf retBundle := &TalosConfigBundle{} // Determine what type of node this is - machineType := configmachine.TypeJoin - switch scope.Config.Spec.GenerateType { - case "init": - machineType = configmachine.TypeInit - case "controlplane": - machineType = configmachine.TypeControlPlane + machineType, err := machine.ParseType(scope.Config.Spec.GenerateType) + if err != nil { + machineType = machine.TypeWorker } // Allow user to override default kube version. @@ -391,12 +386,13 @@ func (r *TalosConfigReconciler) genConfigs(ctx context.Context, scope *TalosConf genOptions = append(genOptions, generate.WithVersionContract(versionContract)) - secretBundle, err := generate.NewSecretsBundle(generate.NewClock(), genOptions...) + secretBundle, err := r.getSecretsBundle(ctx, scope, scope.Cluster.Name+"-talos", genOptions...) if err != nil { return retBundle, err } APIEndpointPort := strconv.Itoa(int(scope.Cluster.Spec.ControlPlaneEndpoint.Port)) + input, err := generate.NewInput( scope.Cluster.Name, "https://"+scope.Cluster.Spec.ControlPlaneEndpoint.Host+":"+APIEndpointPort, @@ -408,51 +404,11 @@ func (r *TalosConfigReconciler) genConfigs(ctx context.Context, scope *TalosConf return retBundle, err } - // Stash our generated input secrets so that we can reuse them for other nodes - inputSecret, err := r.fetchSecret(ctx, scope.Config, scope.Cluster.Name+"-talos") - if machineType == configmachine.TypeInit && k8serrors.IsNotFound(err) { - inputSecret, err = r.writeInputSecret(ctx, scope, input) - if err != nil { - return retBundle, err - } - } else if err != nil { - return retBundle, err - } - // Create the secret with kubernetes certs so a kubeconfig can be generated - _, err = r.fetchSecret(ctx, scope.Config, scope.Cluster.Name+"-ca") - if machineType == configmachine.TypeInit && k8serrors.IsNotFound(err) { - err = r.writeK8sCASecret(ctx, scope, input.Certs.K8s) - if err != nil { - return retBundle, err - } - } else if err != nil { - return retBundle, err - } - - certs := &generate.Certs{} - kubeSecrets := &generate.Secrets{} - trustdInfo := &generate.TrustdInfo{} - - err = yaml.Unmarshal(inputSecret.Data["certs"], certs) - if err != nil { + if err = r.writeK8sCASecret(ctx, scope, input.Certs.K8s); err != nil { return retBundle, err } - err = yaml.Unmarshal(inputSecret.Data["kubeSecrets"], kubeSecrets) - if err != nil { - return retBundle, err - } - - err = yaml.Unmarshal(inputSecret.Data["trustdInfo"], trustdInfo) - if err != nil { - return retBundle, err - } - - input.Certs = certs - input.Secrets = kubeSecrets - input.TrustdInfo = trustdInfo - tcString, err := genTalosConfigFile(input.ClusterName, input.Certs) if err != nil { return retBundle, err diff --git a/go.mod b/go.mod index 7672e63..46c8ab5 100644 --- a/go.mod +++ b/go.mod @@ -8,15 +8,14 @@ require ( github.com/go-logr/logr v0.1.0 github.com/spf13/pflag v1.0.5 github.com/stretchr/testify v1.7.0 - github.com/talos-systems/crypto v0.3.1 - github.com/talos-systems/talos/pkg/machinery v0.11.3 - golang.org/x/sys v0.0.0-20210816074244-15123e1e1f71 + github.com/talos-systems/crypto v0.3.2 + github.com/talos-systems/talos/pkg/machinery v0.12.3-0.20210920195258-7e63e43eb399 + golang.org/x/sys v0.0.0-20210630005230-0f9fa26af87c gopkg.in/yaml.v2 v2.4.0 k8s.io/api v0.17.9 k8s.io/apiextensions-apiserver v0.17.9 k8s.io/apimachinery v0.17.9 k8s.io/client-go v0.17.9 - k8s.io/utils v0.0.0-20200619165400-6e3d28b6ed19 sigs.k8s.io/cluster-api v0.3.22 sigs.k8s.io/controller-runtime v0.5.14 ) @@ -28,7 +27,7 @@ require ( github.com/cespare/xxhash/v2 v2.1.1 // indirect github.com/containerd/go-cni v1.0.2 // indirect github.com/containernetworking/cni v0.8.1 // indirect - github.com/cosi-project/runtime v0.0.0-20210625174835-93ead370bf57 // indirect + github.com/cosi-project/runtime v0.0.0-20210707150857-25f235cd0682 // indirect github.com/davecgh/go-spew v1.1.1 // indirect github.com/docker/distribution v2.7.1+incompatible // indirect github.com/drone/envsubst v1.0.3-0.20200709223903-efdb65b94e5a // indirect @@ -79,11 +78,11 @@ require ( github.com/spf13/jwalterweatherman v1.0.0 // indirect github.com/spf13/viper v1.6.2 // indirect github.com/subosito/gotenv v1.2.0 // indirect - github.com/talos-systems/go-blockdevice v0.2.1 // indirect + github.com/talos-systems/go-blockdevice v0.2.3 // indirect github.com/talos-systems/net v0.3.0 // indirect go.uber.org/atomic v1.7.0 // indirect - go.uber.org/multierr v1.6.0 // indirect - go.uber.org/zap v1.16.0 // indirect + go.uber.org/multierr v1.7.0 // indirect + go.uber.org/zap v1.18.1 // indirect golang.org/x/crypto v0.0.0-20200622213623-75b288015ac9 // indirect golang.org/x/net v0.0.0-20210525063256-abc453219eb5 // indirect golang.org/x/oauth2 v0.0.0-20200107190931-bf48bf16ab8d // indirect @@ -91,9 +90,9 @@ require ( golang.org/x/time v0.0.0-20191024005414-555d28b269f0 // indirect gomodules.xyz/jsonpatch/v2 v2.0.1 // indirect google.golang.org/appengine v1.6.6 // indirect - google.golang.org/genproto v0.0.0-20210617175327-b9e0b3197ced // indirect - google.golang.org/grpc v1.38.0 // indirect - google.golang.org/protobuf v1.26.0 // indirect + google.golang.org/genproto v0.0.0-20210722135532-667f2b7c528f // indirect + google.golang.org/grpc v1.40.0 // indirect + google.golang.org/protobuf v1.27.1 // indirect gopkg.in/fsnotify.v1 v1.4.7 // indirect gopkg.in/inf.v0 v0.9.1 // indirect gopkg.in/ini.v1 v1.51.0 // indirect @@ -104,5 +103,6 @@ require ( k8s.io/klog v1.0.0 // indirect k8s.io/klog/v2 v2.0.0 // indirect k8s.io/kube-openapi v0.0.0-20200410145947-bcb3869e6f29 // indirect + k8s.io/utils v0.0.0-20200619165400-6e3d28b6ed19 // indirect sigs.k8s.io/yaml v1.2.0 // indirect ) diff --git a/go.sum b/go.sum index 56ab15b..626e3b8 100644 --- a/go.sum +++ b/go.sum @@ -29,12 +29,15 @@ github.com/alecthomas/units v0.0.0-20151022065526-2efee857e7cf/go.mod h1:ybxpYRF github.com/alecthomas/units v0.0.0-20190717042225-c3de453c63f4/go.mod h1:ybxpYRFXyAe+OPACYpWeL0wqObRcbAqCMya13uyzqw0= github.com/alessio/shellescape v0.0.0-20190409004728-b115ca0f9053/go.mod h1:xW8sBma2LE3QxFSzCnH9qe6gAE2yO9GvQaWwX89HxbE= github.com/andreyvit/diff v0.0.0-20170406064948-c7f18ee00883/go.mod h1:rCTlJbsFo29Kk6CurOXKm700vrz8f0KW0JNfpkRJY/8= +github.com/antihax/optional v1.0.0/go.mod h1:uupD/76wgC+ih3iEmQUL+0Ugr19nfwCT1kdvxnR2qWY= github.com/armon/circbuf v0.0.0-20190214190532-5111143e8da2/go.mod h1:3U/XgcO3hCbHZ8TKRvWD2dDTCfh9M9ya+I9JpbB7O8o= github.com/armon/consul-api v0.0.0-20180202201655-eb2c6b5be1b6/go.mod h1:grANhF5doyWs3UAsr3K4I6qtAmlQcZDesFNEHPZAzj8= github.com/asaskevich/govalidator v0.0.0-20180720115003-f9ffefc3facf/go.mod h1:lB+ZfQJz7igIIfQNfa7Ml4HSf2uFQQRzpGGRXenZAgY= github.com/asaskevich/govalidator v0.0.0-20190424111038-f61b66f89f4a/go.mod h1:lB+ZfQJz7igIIfQNfa7Ml4HSf2uFQQRzpGGRXenZAgY= github.com/asaskevich/govalidator v0.0.0-20210307081110-f21760c49a8d h1:Byv0BzEl3/e6D5CLfI0j/7hiIEtvGVFPCZ7Ei2oq8iQ= github.com/asaskevich/govalidator v0.0.0-20210307081110-f21760c49a8d/go.mod h1:WaHUgvxTVq04UNunO+XhnAqY/wQc+bxr74GqbsZ/Jqw= +github.com/benbjohnson/clock v1.1.0 h1:Q92kusRqC1XV2MjkWETPvjJVqKetz1OzxZB7mHJLju8= +github.com/benbjohnson/clock v1.1.0/go.mod h1:J11/hYXuz8f4ySSvYwY0FKfm+ezbsZBKZxNJlLklBHA= github.com/beorn7/perks v0.0.0-20180321164747-3a771d992973/go.mod h1:Dwedo/Wpr24TaqPxmxbtue+5NUziq4I4S80YR8gNf3Q= github.com/beorn7/perks v1.0.0/go.mod h1:KWe93zE9D1o94FZ5RNwFwVgaQK1VOXiVxmqh+CedLV8= github.com/beorn7/perks v1.0.1 h1:VlbKKnNfV8bJzeqoa4cOKqO6bYr3WgKZxO8Z16+hsOM= @@ -43,7 +46,7 @@ github.com/bgentry/speakeasy v0.1.0/go.mod h1:+zsyZBPWlz7T6j88CTgSN5bM796AkVf0kB github.com/blang/semver v3.5.0+incompatible/go.mod h1:kRBLl5iJ+tD4TcOOxsy/0fnwebNt5EWlYSAyrTnjyyk= github.com/blang/semver v3.5.1+incompatible h1:cQNTCjp13qL8KC3Nbxr/y2Bqb63oX6wdnnjpJbkM4JQ= github.com/blang/semver v3.5.1+incompatible/go.mod h1:kRBLl5iJ+tD4TcOOxsy/0fnwebNt5EWlYSAyrTnjyyk= -github.com/cenkalti/backoff/v4 v4.1.0/go.mod h1:scbssz8iZGpm3xbr14ovlUdkxfGXNInqkPWOWmG2CLw= +github.com/cenkalti/backoff/v4 v4.1.1/go.mod h1:scbssz8iZGpm3xbr14ovlUdkxfGXNInqkPWOWmG2CLw= github.com/census-instrumentation/opencensus-proto v0.2.1/go.mod h1:f6KPmirojxKA12rnyqOA5BBL4O983OfeGPqjHWSTneU= github.com/cespare/xxhash v1.1.0 h1:a6HrQnmkObjyL+Gs60czilIUGqrzKutQD6XZog3p+ko= github.com/cespare/xxhash v1.1.0/go.mod h1:XrSqR1VqqWfGrhpAt58auRo0WTKS1nRRg3ghfAqPWnc= @@ -53,7 +56,9 @@ github.com/cilium/ebpf v0.5.0/go.mod h1:4tRaxcgiL706VnOzHOdBlY8IEAIdxINsQBcU4xJJ github.com/cilium/ebpf v0.6.1 h1:n6ZUOkSFi6OwcMeTCFaDQx2Onx2rEikQo69315MNbdc= github.com/cilium/ebpf v0.6.1/go.mod h1:4tRaxcgiL706VnOzHOdBlY8IEAIdxINsQBcU4xJJXRs= github.com/client9/misspell v0.3.4/go.mod h1:qj6jICC3Q7zFZvVWo7KLAzC3yx5G7kyvSDkc90ppPyw= +github.com/cncf/udpa/go v0.0.0-20191209042840-269d4d468f6f/go.mod h1:M8M6+tZqaGXZJjfX53e64911xZQV5JYwmTeXPW+k8Sc= github.com/cncf/udpa/go v0.0.0-20201120205902-5459f2c99403/go.mod h1:WmhPx2Nbnhtbo57+VJT5O0JRkEi1Wbu0z5j0R8u5Hbk= +github.com/cncf/xds/go v0.0.0-20210312221358-fbca930ec8ed/go.mod h1:eXthEFrGJvWHgFFCl3hGmgk+/aYT6PnTQLykKQRLhEs= github.com/cockroachdb/datadriven v0.0.0-20190809214429-80d97fb3cbaa/go.mod h1:zn76sxSg3SzpJ0PPJaLDCu+Bu0Lg3sKTORVIj19EIF8= github.com/containerd/go-cni v1.0.2 h1:YbJAhpTevL2v6u8JC1NhCYRwf+3Vzxcc5vGnYoJ7VeE= github.com/containerd/go-cni v1.0.2/go.mod h1:nrNABBHzu0ZwCug9Ije8hL2xBCYh/pjfMb1aZGrrohk= @@ -75,8 +80,8 @@ github.com/coreos/go-systemd v0.0.0-20190321100706-95778dfbb74e/go.mod h1:F5haX7 github.com/coreos/pkg v0.0.0-20160727233714-3ac0863d7acf/go.mod h1:E3G3o1h8I7cfcXa63jLwjI0eiQQMgzzUDFVpN/nH/eA= github.com/coreos/pkg v0.0.0-20180108230652-97fdf19511ea/go.mod h1:E3G3o1h8I7cfcXa63jLwjI0eiQQMgzzUDFVpN/nH/eA= github.com/coreos/pkg v0.0.0-20180928190104-399ea9e2e55f/go.mod h1:E3G3o1h8I7cfcXa63jLwjI0eiQQMgzzUDFVpN/nH/eA= -github.com/cosi-project/runtime v0.0.0-20210625174835-93ead370bf57 h1:gZQEGt1L56dirY59z8gtiqacfLoDPdmOhyGEXqTSRvo= -github.com/cosi-project/runtime v0.0.0-20210625174835-93ead370bf57/go.mod h1:v/3MIWNuuOSdXXMl3QgCSwZrAk1fTOmQHEnTAfvDqP4= +github.com/cosi-project/runtime v0.0.0-20210707150857-25f235cd0682 h1:5c+yMqm1ZL25FnS3C7iS9sGmrs8b/7lha5fJzqO+VmM= +github.com/cosi-project/runtime v0.0.0-20210707150857-25f235cd0682/go.mod h1:fWDa1vgmSfHFypuffoq04I++IGMHQcduRKffG51jPfY= github.com/cpuguy83/go-md2man v1.0.10/go.mod h1:SmD6nW6nTyfqj6ABTjUi3V3JVMnlJmwcJI5acqYI6dE= github.com/cpuguy83/go-md2man/v2 v2.0.0/go.mod h1:maD7wRr/U5Z6m/iR4s+kqSMx2CaBsrgA7czyZG/E6dU= github.com/creack/pty v1.1.7/go.mod h1:lj5s0c3V2DBrqTV7llrYr5NG6My20zk30Fl46Y7DoTY= @@ -104,8 +109,9 @@ github.com/emicklei/go-restful v0.0.0-20170410110728-ff4f55a20633/go.mod h1:otzb github.com/emicklei/go-restful v2.9.5+incompatible/go.mod h1:otzb+WCGbkyDHkqmQmT5YD2WR4BBwUdeQoFo8l/7tVs= github.com/envoyproxy/go-control-plane v0.9.0/go.mod h1:YTl/9mNaCwkRvm6d1a2C3ymFceY/DCBVvsKhRF0iEA4= github.com/envoyproxy/go-control-plane v0.9.1-0.20191026205805-5f8ba28d4473/go.mod h1:YTl/9mNaCwkRvm6d1a2C3ymFceY/DCBVvsKhRF0iEA4= +github.com/envoyproxy/go-control-plane v0.9.4/go.mod h1:6rpuAdCZL397s3pYoYcLgu1mIlRU8Am5FuJP05cCM98= github.com/envoyproxy/go-control-plane v0.9.9-0.20201210154907-fd9021fe5dad/go.mod h1:cXg6YxExXjJnVBQHBLXeUAgxn2UodCpnH306RInaBQk= -github.com/envoyproxy/go-control-plane v0.9.9-0.20210217033140-668b12f5399d/go.mod h1:cXg6YxExXjJnVBQHBLXeUAgxn2UodCpnH306RInaBQk= +github.com/envoyproxy/go-control-plane v0.9.9-0.20210512163311-63b5d3c536b0/go.mod h1:hliV/p42l8fGbc6Y9bQ70uLwIvmJyVE5k4iMKlh8wCQ= github.com/envoyproxy/protoc-gen-validate v0.1.0/go.mod h1:iSmxcyjqTsJpI2R4NaDN7+kN2VEUnK/pcBlmesArF7c= github.com/evanphx/json-patch v4.2.0+incompatible/go.mod h1:50XU6AFN0ol/bzJsmQLiYLvXMP4fmwYFNcr97nuDLSk= github.com/evanphx/json-patch v4.5.0+incompatible/go.mod h1:50XU6AFN0ol/bzJsmQLiYLvXMP4fmwYFNcr97nuDLSk= @@ -195,6 +201,7 @@ github.com/golang/protobuf v0.0.0-20161109072736-4bd1920723d7/go.mod h1:6lQm79b+ github.com/golang/protobuf v1.2.0/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U= github.com/golang/protobuf v1.3.1/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U= github.com/golang/protobuf v1.3.2/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U= +github.com/golang/protobuf v1.3.3/go.mod h1:vzj43D7+SQXF/4pzW/hwtAqwc6iTitCiVSaWz5lYuqw= github.com/golang/protobuf v1.4.0-rc.1/go.mod h1:ceaxUfeHdC40wWswd/P6IGgMaK3YpKi5j83Wpe3EHw8= github.com/golang/protobuf v1.4.0-rc.1.0.20200221234624-67d41d38c208/go.mod h1:xKAWHe0F5eneWXFV3EuXVDTCmh+JuBKY0li0aMyXATA= github.com/golang/protobuf v1.4.0-rc.2/go.mod h1:LlEzMj4AhA7rCAGe4KMBDvJI+AwstrUpVNzEA03Pprs= @@ -202,6 +209,7 @@ github.com/golang/protobuf v1.4.0-rc.4.0.20200313231945-b860323f09d0/go.mod h1:W github.com/golang/protobuf v1.4.0/go.mod h1:jodUvKwWbYaEsadDk5Fwe5c77LiNKVO9IDvqG2KuDX0= github.com/golang/protobuf v1.4.1/go.mod h1:U8fpvMrcmy5pZrNK1lt4xCsGvpyWQ/VVv6QDs8UjoX8= github.com/golang/protobuf v1.4.2/go.mod h1:oDoupMAO8OvCJWAcko0GGGIgR6R6ocIYbsSw735rRwI= +github.com/golang/protobuf v1.4.3/go.mod h1:oDoupMAO8OvCJWAcko0GGGIgR6R6ocIYbsSw735rRwI= github.com/golang/protobuf v1.5.0/go.mod h1:FsONVRAS9T7sI+LIUmWTfcYkHO4aIWwzhcaSAoJOfIk= github.com/golang/protobuf v1.5.2 h1:ROPKBNFfQgOUMifHyP+KYbvpjbdoFNs+aK7DXlji0Tw= github.com/golang/protobuf v1.5.2/go.mod h1:XVQd3VNwM+JqD3oG2Ue2ip4fOMUkwXdXDdiuN0vRsmY= @@ -228,7 +236,6 @@ github.com/google/gofuzz v1.1.0 h1:Hsa8mG0dQ46ij8Sl2AYJDUv1oA9/d6Vk+3LG99Oe02g= github.com/google/gofuzz v1.1.0/go.mod h1:dBl0BpW6vV/+mYPU4Po3pmUjxk6FQPldtuIdl/M65Eg= github.com/google/martian v2.1.0+incompatible/go.mod h1:9I4somxYTbIHy5NJKHRl3wXiIaQGbYVAs8BPL6v8lEs= github.com/google/pprof v0.0.0-20181206194817-3ea8567a2e57/go.mod h1:zfwlbNMJ+OItoe0UupaVj+oy1omPYYDuagoSzA8v9mc= -github.com/google/renameio v0.1.0/go.mod h1:KWCgfxg9yswjAJkECMjeO8J8rahYeXnNhOm40UhjYkI= github.com/google/uuid v1.0.0/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo= github.com/google/uuid v1.1.1/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo= github.com/google/uuid v1.1.2 h1:EVhdT+1Kseyi1/pUmXKaFxYsDNy9RQYkMWRH68J/W7Y= @@ -249,6 +256,7 @@ github.com/grpc-ecosystem/go-grpc-middleware v1.0.1-0.20190118093823-f849b5445de github.com/grpc-ecosystem/go-grpc-prometheus v1.2.0/go.mod h1:8NvIoxWQoOIhqOTXgfV/d3M/q6VIi02HzZEHgUlZvzk= github.com/grpc-ecosystem/grpc-gateway v1.9.0/go.mod h1:vNeuVxBJEsws4ogUvrchl83t/GYV9WGTSLVdBhOQFDY= github.com/grpc-ecosystem/grpc-gateway v1.9.5/go.mod h1:vNeuVxBJEsws4ogUvrchl83t/GYV9WGTSLVdBhOQFDY= +github.com/grpc-ecosystem/grpc-gateway v1.16.0/go.mod h1:BDjrQk3hbvj6Nolgz8mAMFbcEtjT1g+wF4CSlocrBnw= github.com/hashicorp/errwrap v1.0.0 h1:hLrqtEDnRye3+sgx6z4qVLNuviH3MR5aQ0ykNJa/UYA= github.com/hashicorp/errwrap v1.0.0/go.mod h1:YH+1FKiLXxHSkmPseP+kNlulaMuP3n2brvKWEqk/Jc4= github.com/hashicorp/go-immutable-radix v1.3.0/go.mod h1:0y9vanUI8NX6FsYoO3zeMjhV/C5i9g4Q3DwcSNZ4P60= @@ -297,7 +305,6 @@ github.com/kisielk/gotool v1.0.0/go.mod h1:XhKaO+MFFWcvkIS/tQcRk01m1F5IRFswLeQ+o github.com/konsorten/go-windows-terminal-sequences v1.0.1/go.mod h1:T0+1ngSBFLxvqU3pZ+m/2kptfBszLMUkC4ZK/EgS/cQ= github.com/kr/logfmt v0.0.0-20140226030751-b84e30acd515/go.mod h1:+0opPa2QZZtGFBFZlji/RkVcI2GknAs/DXo4wKdlNEc= github.com/kr/pretty v0.1.0/go.mod h1:dAy3ld7l9f0ibDNOQOHHMYYIIbhfbHSm3C4ZsoJORNo= -github.com/kr/pretty v0.2.1 h1:Fmg33tUaq4/8ym9TJN1x7sLJnHVwhP33CNkpYV/7rwI= github.com/kr/pretty v0.2.1/go.mod h1:ipq/a2n7PKx3OHsz4KJII5eveXtPO4qwEXGdVfWzfnI= github.com/kr/pty v1.1.1/go.mod h1:pFQYn66WHrOpPYNljwOMqo10TkYh1fy3cYio2l3bCsQ= github.com/kr/pty v1.1.5/go.mod h1:9r2w37qlBe7rQ6e1fg1S/9xpWHSnaqNdHD3WcMdbPDA= @@ -351,6 +358,7 @@ github.com/munnerz/goautoneg v0.0.0-20120707110453-a547fc61f48d/go.mod h1:+n7T8m github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822/go.mod h1:+n7T8mK8HuQTcFwEeznm/DIxMOiR9yIdICNftLE1DvQ= github.com/mwitkow/go-conntrack v0.0.0-20161129095857-cc309e4a2223/go.mod h1:qRWi+5nqEBWmkhHvq77mSJWrCKwh8bxhgT7d/eI7P4U= github.com/mxk/go-flowrate v0.0.0-20140419014527-cca7078d478f/go.mod h1:ZdcZmHo+o7JKHSa8/e818NopupXU1YMK5fe1lsApnBw= +github.com/niemeyer/pretty v0.0.0-20200227124842-a10e7caefd8e h1:fD57ERR4JtEqsWbfPhv4DMiApHyliiK5xCTNVSPiaAs= github.com/niemeyer/pretty v0.0.0-20200227124842-a10e7caefd8e/go.mod h1:zD1mROLANZcx1PVRCS0qkT7pwLkGfwJo4zjcN/Tysno= github.com/nxadm/tail v1.4.4/go.mod h1:kenIhsEOeOJmVchQTgglprH7qJGnHDVpk1VPCcaMI8A= github.com/nxadm/tail v1.4.8 h1:nPr65rt6Y5JFSKQO7qToXr7pePgD6Gwiw05lkbyAQTE= @@ -411,7 +419,7 @@ github.com/prometheus/procfs v0.0.11/go.mod h1:lV6e/gmhEcM9IjHGsFOCxxuZ+z1YqCvr4 github.com/prometheus/tsdb v0.7.1/go.mod h1:qhTCs0VvXwvX/y3TZrWD7rabWM+ijKTux40TwIPHuXU= github.com/remyoudompheng/bigfft v0.0.0-20170806203942-52369c62f446/go.mod h1:uYEyJGbgTkfkS4+E/PavXkNJcbFIpEtjt2B0KDQ5+9M= github.com/rogpeppe/fastuuid v0.0.0-20150106093220-6724a57986af/go.mod h1:XWv6SoW27p1b0cqNHllgS5HIMJraePCO15w5zCzIWYg= -github.com/rogpeppe/go-internal v1.3.0/go.mod h1:M8bDsm7K2OlrFYOpmOWEs/qY81heoFRclV5y23lUDJ4= +github.com/rogpeppe/fastuuid v1.2.0/go.mod h1:jVj6XXZzXRy/MSR5jhDC/2q6DgLz+nrA6LYCDYWNEvQ= github.com/russross/blackfriday v1.5.2/go.mod h1:JO/DiYxRf+HjHt06OyowR9PTA263kcR/rfWxYHBV53g= github.com/russross/blackfriday/v2 v2.0.1/go.mod h1:+Rmxgy9KzJVeS9/2gXHxylqXiyQDYRxCVz55jmeOWTM= github.com/ryanuber/go-glob v1.0.0 h1:iQh3xXAumdQ+4Ufa5b25cRpC5TYKlno6hsv6Cb3pkBk= @@ -424,6 +432,8 @@ github.com/smartystreets/assertions v0.0.0-20180927180507-b2de0cb4f26d h1:zE9ykE github.com/smartystreets/assertions v0.0.0-20180927180507-b2de0cb4f26d/go.mod h1:OnSkiWE9lh6wB0YB77sQom3nweQdgAjqCqsofrRNTgc= github.com/smartystreets/goconvey v1.6.4 h1:fv0U8FUIMPNf1L9lnHLvLhgicrIVChEkdzIKYqbNC9s= github.com/smartystreets/goconvey v1.6.4/go.mod h1:syvi0/a8iFYH4r/RixwvyeAJjdLS9QV7WQ/tjFTllLA= +github.com/smira/talos/pkg/machinery v0.0.0-20210920195258-7e63e43eb399 h1:4eO8ltJZZTUOtWGbGi6nKSylWuYC65dSEICHkQqHnDc= +github.com/smira/talos/pkg/machinery v0.0.0-20210920195258-7e63e43eb399/go.mod h1:qX77JMZawrDTQaJucqecdlFsHy+dbnZ9YL8Kw4qL7d4= github.com/soheilhy/cmux v0.1.4/go.mod h1:IM3LyeVVIOuxMH7sFAkER9+bJ4dT7Ms6E4xg4kGIyLM= github.com/spaolacci/murmur3 v0.0.0-20180118202830-f09979ecbc72/go.mod h1:JwIasOWyU6f++ZhiEuf87xNszmSA2myDM2Kzu9HwQUA= github.com/spf13/afero v1.1.2/go.mod h1:j4pytiNVoe2o6bmDsKpLACNPDBIoEAkihy7loJ1B0CQ= @@ -460,17 +470,19 @@ github.com/stretchr/testify v1.7.0 h1:nwc3DEeHmmLAfoZucVR881uASk0Mfjw8xYJ99tb5Cc github.com/stretchr/testify v1.7.0/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg= github.com/subosito/gotenv v1.2.0 h1:Slr1R9HxAlEKefgq5jn9U+DnETlIUa6HfgEzj0g5d7s= github.com/subosito/gotenv v1.2.0/go.mod h1:N0PQaV/YGNqwC0u51sEeR/aUtSLEXKX9iv69rRypqCw= -github.com/talos-systems/crypto v0.3.1 h1:TSUfwrN3+sAunR/e78pU8JMbBo9VDfS3fJtpMg7xQ6k= -github.com/talos-systems/crypto v0.3.1/go.mod h1:xaNCB2/Bxaj+qrkdeodhRv5eKQVvKOGBBMj58MrIPY8= -github.com/talos-systems/go-blockdevice v0.2.1 h1:swoY5NcssuMgdCf/dlMngNDgEAasGp2jviPqAz9Epss= -github.com/talos-systems/go-blockdevice v0.2.1/go.mod h1:qnn/zDc09I1DA2BUDDCOSA2D0P8pIDjN8pGiRoRaQig= +github.com/talos-systems/crypto v0.3.2 h1:I+MC9ql6K29EMlbPzdSeHZInSRWdze1FX1qGGrlom8Q= +github.com/talos-systems/crypto v0.3.2/go.mod h1:xaNCB2/Bxaj+qrkdeodhRv5eKQVvKOGBBMj58MrIPY8= +github.com/talos-systems/go-blockdevice v0.2.3 h1:THqjUboZfTVth3R9+75vtBXYWollr5bVg3wLGpB4C6I= +github.com/talos-systems/go-blockdevice v0.2.3/go.mod h1:qnn/zDc09I1DA2BUDDCOSA2D0P8pIDjN8pGiRoRaQig= github.com/talos-systems/go-cmd v0.0.0-20210216164758-68eb0067e0f0/go.mod h1:kf+rZzTEmlDiYQ6ulslvRONnKLQH8x83TowltGMhO+k= github.com/talos-systems/go-retry v0.1.1-0.20201113203059-8c63d290a688/go.mod h1:HiXQqyVStZ35uSY/MTLWVvQVmC3lIW2MS5VdDaMtoKM= -github.com/talos-systems/go-retry v0.2.1-0.20210119124456-b9dc1a990133/go.mod h1:HiXQqyVStZ35uSY/MTLWVvQVmC3lIW2MS5VdDaMtoKM= +github.com/talos-systems/go-retry v0.3.1/go.mod h1:HiXQqyVStZ35uSY/MTLWVvQVmC3lIW2MS5VdDaMtoKM= github.com/talos-systems/net v0.3.0 h1:TG6PoiNdg9NmSeSjyecSgguUXzoJ8wp5a8RYlIdkq3Y= github.com/talos-systems/net v0.3.0/go.mod h1:VreSAyRmxMtqussAHSKMKkJQa1YwBTSVfkmE4Jydam4= -github.com/talos-systems/talos/pkg/machinery v0.11.3 h1:ms70oWmGHyfOV0G+aMzfg6hvt5J8wtr8iobv2uLAVtU= -github.com/talos-systems/talos/pkg/machinery v0.11.3/go.mod h1:TH99lX6IMJys9kgBJ6MNIOV0UsxmTVS0fUr7rP5KTac= +github.com/talos-systems/talos/pkg/machinery v0.12.2 h1:pLRVkJ1Xa1rrVUsqJ0RccL0c2q9It268wwBV4cvg8kk= +github.com/talos-systems/talos/pkg/machinery v0.12.2/go.mod h1:qX77JMZawrDTQaJucqecdlFsHy+dbnZ9YL8Kw4qL7d4= +github.com/talos-systems/talos/pkg/machinery v0.12.3-0.20210920195258-7e63e43eb399 h1:mmQ/XAV9xRm3chHx/f4xBZH4I2T960fJh4chkedW+nY= +github.com/talos-systems/talos/pkg/machinery v0.12.3-0.20210920195258-7e63e43eb399/go.mod h1:qX77JMZawrDTQaJucqecdlFsHy+dbnZ9YL8Kw4qL7d4= github.com/tidwall/pretty v1.0.0/go.mod h1:XNkn88O1ChpSDQmQeStsy+sBenx6DDtFZJxhVysOjyk= github.com/tmc/grpc-websocket-proxy v0.0.0-20170815181823-89b8d40f7ca8/go.mod h1:ncp9v5uamzpCO7NfCPTXjqaC+bZgJeR0sMTm6dMHP7U= github.com/tmc/grpc-websocket-proxy v0.0.0-20190109142713-0ad062ec5ee5/go.mod h1:ncp9v5uamzpCO7NfCPTXjqaC+bZgJeR0sMTm6dMHP7U= @@ -489,26 +501,25 @@ go.mongodb.org/mongo-driver v1.0.3/go.mod h1:u7ryQJ+DOzQmeO7zB6MHyr8jkEQvC8vH7qL go.mongodb.org/mongo-driver v1.1.1/go.mod h1:u7ryQJ+DOzQmeO7zB6MHyr8jkEQvC8vH7qLUO4lqsUM= go.mongodb.org/mongo-driver v1.1.2/go.mod h1:u7ryQJ+DOzQmeO7zB6MHyr8jkEQvC8vH7qLUO4lqsUM= go.opencensus.io v0.21.0/go.mod h1:mSImk1erAIZhrmZN+AvHh14ztQfjbGwt4TtuofqLduU= +go.opentelemetry.io/proto/otlp v0.7.0/go.mod h1:PqfVotwruBrMGOCsRd/89rSnXhoiJIqeYNgFYFoEGnI= go.uber.org/atomic v1.3.2/go.mod h1:gD2HeocX3+yG+ygLZcrzQJaqmWj9AIm7n08wl/qW/PE= go.uber.org/atomic v1.4.0/go.mod h1:gD2HeocX3+yG+ygLZcrzQJaqmWj9AIm7n08wl/qW/PE= -go.uber.org/atomic v1.6.0/go.mod h1:sABNBOSYdrvTF6hTgEIbc7YasKWGhgEQZyfxyTvoXHQ= go.uber.org/atomic v1.7.0 h1:ADUqmZGgLDDfbSL9ZmPxKTybcoEYHgpYfELNoN+7hsw= go.uber.org/atomic v1.7.0/go.mod h1:fEN4uk6kAWBTFdckzkM89CLk9XfWZrxpCo0nPH17wJc= +go.uber.org/goleak v1.1.10 h1:z+mqJhf6ss6BSfSM671tgKyZBFPTTJM+HLxnhPC3wu0= go.uber.org/goleak v1.1.10/go.mod h1:8a7PlsEVH3e/a/GLqe5IIrQx6GzcnRmZEufDUTk4A7A= go.uber.org/multierr v1.1.0/go.mod h1:wR5kodmAFQ0UK8QlbwjlSNy0Z68gJhDJUG5sjR94q/0= -go.uber.org/multierr v1.5.0/go.mod h1:FeouvMocqHpRaaGuG9EjoKcStLC43Zu/fmqdUMPcKYU= -go.uber.org/multierr v1.6.0 h1:y6IPFStTAIT5Ytl7/XYmHvzXQ7S3g/IeZW9hyZ5thw4= go.uber.org/multierr v1.6.0/go.mod h1:cdWPpRnG4AhwMwsgIHip0KRBQjJy5kYEpYjJxpXp9iU= -go.uber.org/tools v0.0.0-20190618225709-2cfd321de3ee/go.mod h1:vJERXedbb3MVM5f9Ejo0C68/HhF8uaILCdgjnY+goOA= +go.uber.org/multierr v1.7.0 h1:zaiO/rmgFjbmCXdSYJWQcdvOCsthmdaHfr3Gm2Kx4Ec= +go.uber.org/multierr v1.7.0/go.mod h1:7EAYxJLBy9rStEaz58O2t4Uvip6FSURkq8/ppBp95ak= go.uber.org/zap v1.10.0/go.mod h1:vwi/ZaCAaUcBkycHslxD9B2zi4UTXhF60s6SWpuDF0Q= -go.uber.org/zap v1.16.0 h1:uFRZXykJGK9lLY4HtgSw44DnIcAM+kRBP7x5m+NpAOM= -go.uber.org/zap v1.16.0/go.mod h1:MA8QOfq0BHJwdXa996Y4dYkAqRKB8/1K1QMMZVaNZjQ= +go.uber.org/zap v1.18.1 h1:CSUJ2mjFszzEWt4CdKISEuChVIXGBn3lAPwkRGyVrc4= +go.uber.org/zap v1.18.1/go.mod h1:xg/QME4nWcxGxrpdeYfq7UvYrLh66cuVKdrbD1XF/NI= golang.org/x/crypto v0.0.0-20180904163835-0709b304e793/go.mod h1:6SG95UA2DQfeDnfUPMdvaQW0Q7yPrPDi9nlGo2tz2b4= golang.org/x/crypto v0.0.0-20181203042331-505ab145d0a9/go.mod h1:6SG95UA2DQfeDnfUPMdvaQW0Q7yPrPDi9nlGo2tz2b4= golang.org/x/crypto v0.0.0-20190211182817-74369b46fc67/go.mod h1:6SG95UA2DQfeDnfUPMdvaQW0Q7yPrPDi9nlGo2tz2b4= golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w= golang.org/x/crypto v0.0.0-20190320223903-b7391e95e576/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w= -golang.org/x/crypto v0.0.0-20190510104115-cbcb75029529/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI= golang.org/x/crypto v0.0.0-20190611184440-5c40567a22f8/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI= golang.org/x/crypto v0.0.0-20190617133340-57b3e21c3d56/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI= golang.org/x/crypto v0.0.0-20191011191535-87dc89f01550/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI= @@ -528,10 +539,8 @@ golang.org/x/lint v0.0.0-20190930215403-16217165b5de/go.mod h1:6SW0HCj/g11FgYtHl golang.org/x/lint v0.0.0-20210508222113-6edffad5e616 h1:VLliZ0d+/avPrXXH+OakdXhpJuEoBZuwh1m2j7U6Iug= golang.org/x/lint v0.0.0-20210508222113-6edffad5e616/go.mod h1:3xt1FjdF8hUf6vQPIChWIBhFzV8gjjsPE/fR3IyQdNY= golang.org/x/mobile v0.0.0-20190312151609-d3739f865fa6/go.mod h1:z+o9i4GpDbdi3rU15maQ/Ox0txvL9dWGYEHz965HBQE= -golang.org/x/mod v0.0.0-20190513183733-4bf6d317e70e/go.mod h1:mXi4GBBbnImb6dmsKGUJ2LatrhH/nqhxcFungHvyanc= golang.org/x/mod v0.1.1-0.20191105210325-c90efee705ee/go.mod h1:QqPTAvyqsEbceGzBzNggFXnrqF1CaUcvgkdR5Ot7KZg= golang.org/x/mod v0.3.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= -golang.org/x/mod v0.4.2 h1:Gz96sIWK3OalVv/I/qNygP42zyoKp3xptRVCWRFEBvo= golang.org/x/mod v0.4.2/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= golang.org/x/net v0.0.0-20170114055629-f2499483f923/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= golang.org/x/net v0.0.0-20180724234803-3673e40ba225/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= @@ -555,6 +564,7 @@ golang.org/x/net v0.0.0-20191004110552-13f9640d40b9/go.mod h1:z5CRVTTTmAJ677TzLL golang.org/x/net v0.0.0-20191007182048-72f939374954/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= golang.org/x/net v0.0.0-20200202094626-16171245cfb2/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= golang.org/x/net v0.0.0-20200520004742-59133d7f0dd7/go.mod h1:qpuaurCH72eLCgpAm/N6yyVIVM9cpaDIP3A8BGJEC5A= +golang.org/x/net v0.0.0-20200822124328-c89045814202/go.mod h1:/O7V0waA8r7cgGh81Ro3o1hOxt32SMVPicZroKQ2sZA= golang.org/x/net v0.0.0-20201010224723-4f7140c49acb/go.mod h1:sp8m0HH+o8qH0wwXwYZr8TS3Oi6o0r6Gce1SSxlDquU= golang.org/x/net v0.0.0-20201021035429-f5854403a974/go.mod h1:sp8m0HH+o8qH0wwXwYZr8TS3Oi6o0r6Gce1SSxlDquU= golang.org/x/net v0.0.0-20201110031124-69a78807bb2b/go.mod h1:sp8m0HH+o8qH0wwXwYZr8TS3Oi6o0r6Gce1SSxlDquU= @@ -621,9 +631,8 @@ golang.org/x/sys v0.0.0-20210330210617-4fbd30eecc44/go.mod h1:h1NjWce9XRLGQEsW7w golang.org/x/sys v0.0.0-20210423082822-04245dca01da/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20210510120138-977fb7262007/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20210525143221-35b2ab0089ea/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.0.0-20210616094352-59db8d763f22/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.0.0-20210816074244-15123e1e1f71 h1:ikCpsnYR+Ew0vu99XlDp55lGgDJdIMx3f4a18jfse/s= -golang.org/x/sys v0.0.0-20210816074244-15123e1e1f71/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= +golang.org/x/sys v0.0.0-20210630005230-0f9fa26af87c h1:F1jZWGFhYfh0Ci55sIpILtKKK8p3i2/krTr0H1rg74I= +golang.org/x/sys v0.0.0-20210630005230-0f9fa26af87c/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo= golang.org/x/text v0.0.0-20160726164857-2910a502d2bf/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= @@ -654,16 +663,14 @@ golang.org/x/tools v0.0.0-20190328211700-ab21143f2384/go.mod h1:LCzVGOaR6xXOjkQ3 golang.org/x/tools v0.0.0-20190524140312-2c0ae7006135/go.mod h1:RgjU9mgBXZiqYHBnxXauZ1Gv1EHHAz9KjViQ78xBX0Q= golang.org/x/tools v0.0.0-20190614205625-5aca471b1d59/go.mod h1:/rFqwRUd4F7ZHNgwSSTFct+R/Kf4OFW1sUzUTQQTgfc= golang.org/x/tools v0.0.0-20190617190820-da514acc4774/go.mod h1:/rFqwRUd4F7ZHNgwSSTFct+R/Kf4OFW1sUzUTQQTgfc= -golang.org/x/tools v0.0.0-20190621195816-6e04913cbbac/go.mod h1:/rFqwRUd4F7ZHNgwSSTFct+R/Kf4OFW1sUzUTQQTgfc= golang.org/x/tools v0.0.0-20190920225731-5eefd052ad72/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= -golang.org/x/tools v0.0.0-20191029041327-9cc4af7d6b2c/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= -golang.org/x/tools v0.0.0-20191029190741-b9c20aec41a5/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= golang.org/x/tools v0.0.0-20191108193012-7d206e10da11/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= golang.org/x/tools v0.0.0-20191119224855-298f0cb1881e/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= golang.org/x/tools v0.0.0-20200130002326-2f3ba24bd6e7/go.mod h1:TB2adYChydJhpapKDTa4BR/hXlZSLoq2Wpct/0txZ28= golang.org/x/tools v0.0.0-20201224043029-2b0845dc783e/go.mod h1:emZCQorbCU4vsT4fOWvOPXz4eW1wZW4PmDk9uLelYpA= -golang.org/x/tools v0.1.3 h1:L69ShwSZEyCsLKoAxDKeMvLDZkumEe8gXUZAjab0tX8= -golang.org/x/tools v0.1.3/go.mod h1:o0xws9oXOQQZyjljx8fwUC0k7L1pTE6eaCbjGeHmOkk= +golang.org/x/tools v0.1.4/go.mod h1:o0xws9oXOQQZyjljx8fwUC0k7L1pTE6eaCbjGeHmOkk= +golang.org/x/tools v0.1.5 h1:ouewzE6p+/VEB31YYnTbEJdi8pFqKp4P4n85vwo3DHA= +golang.org/x/tools v0.1.5/go.mod h1:o0xws9oXOQQZyjljx8fwUC0k7L1pTE6eaCbjGeHmOkk= golang.org/x/xerrors v0.0.0-20190717185122-a985d3407aa7/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= golang.org/x/xerrors v0.0.0-20191011141410-1b5146add898/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= @@ -685,9 +692,10 @@ google.golang.org/genproto v0.0.0-20190307195333-5fe7a883aa19/go.mod h1:VzzqZJRn google.golang.org/genproto v0.0.0-20190418145605-e7d98fc518a7/go.mod h1:VzzqZJRnGkLBvHegQrXjBqPurQTc5/KpmUdxsrq26oE= google.golang.org/genproto v0.0.0-20190502173448-54afdca5d873/go.mod h1:VzzqZJRnGkLBvHegQrXjBqPurQTc5/KpmUdxsrq26oE= google.golang.org/genproto v0.0.0-20190819201941-24fa4b261c55/go.mod h1:DMBHOl98Agz4BDEuKkezgsaosCRResVns1a3J2ZsMNc= +google.golang.org/genproto v0.0.0-20200513103714-09dca8ec2884/go.mod h1:55QSHmfGQM9UVYDPBsyGGes0y52j32PQ3BqQfXhyH3c= google.golang.org/genproto v0.0.0-20200526211855-cb27e3aa2013/go.mod h1:NbSheEEYHJ7i3ixzK3sjbqSGDJWnxyFXZblF3eUsNvo= -google.golang.org/genproto v0.0.0-20210617175327-b9e0b3197ced h1:c5geK1iMU3cDKtFrCVQIcjR3W+JOZMuhIyICMCTbtus= -google.golang.org/genproto v0.0.0-20210617175327-b9e0b3197ced/go.mod h1:SzzZ/N+nwJDaO1kznhnlzqS8ocJICar6hYhVyhi++24= +google.golang.org/genproto v0.0.0-20210722135532-667f2b7c528f h1:YORWxaStkWBnWgELOHTmDrqNlFXuVGEbhwbB5iK94bQ= +google.golang.org/genproto v0.0.0-20210722135532-667f2b7c528f/go.mod h1:ob2IJxKrgPT52GcgX759i1sleT07tiKowYBGbczaW48= google.golang.org/grpc v1.19.0/go.mod h1:mqu4LbDTu4XGKhr4mRzUsmM4RtVoemTSY81AxZiDr8c= google.golang.org/grpc v1.21.0/go.mod h1:oYelfM1adQP15Ek0mdvEgi9Df8B9CZIaU1084ijfRaM= google.golang.org/grpc v1.23.0/go.mod h1:Y5yQAOtifL1yxbo5wqy6BxZv8vAUGQwXBOALyacEbxg= @@ -695,9 +703,11 @@ google.golang.org/grpc v1.23.1/go.mod h1:Y5yQAOtifL1yxbo5wqy6BxZv8vAUGQwXBOALyac google.golang.org/grpc v1.25.1/go.mod h1:c3i+UQWmh7LiEpx4sFZnkU36qjEYZ0imhYfXVyQciAY= google.golang.org/grpc v1.26.0/go.mod h1:qbnxyOmOxrQa7FizSgH+ReBfzJrCY1pSN7KXBS8abTk= google.golang.org/grpc v1.27.0/go.mod h1:qbnxyOmOxrQa7FizSgH+ReBfzJrCY1pSN7KXBS8abTk= -google.golang.org/grpc v1.36.1/go.mod h1:qjiiYl8FncCW8feJPdyg3v6XW24KsRHe+dy9BAGRRjU= -google.golang.org/grpc v1.38.0 h1:/9BgsAsa5nWe26HqOlvlgJnqBuktYOLCgjCPqsa56W0= -google.golang.org/grpc v1.38.0/go.mod h1:NREThFqKR1f3iQ6oBuvc5LadQuXVGo9rkm5ZGrQdJfM= +google.golang.org/grpc v1.33.1/go.mod h1:fr5YgcSWrqhRRxogOsw7RzIpsmvOZ6IcH4kBYTpR3n0= +google.golang.org/grpc v1.36.0/go.mod h1:qjiiYl8FncCW8feJPdyg3v6XW24KsRHe+dy9BAGRRjU= +google.golang.org/grpc v1.39.0/go.mod h1:PImNr+rS9TWYb2O4/emRugxiyHZ5JyHW5F+RPnDzfrE= +google.golang.org/grpc v1.40.0 h1:AGJ0Ih4mHjSeibYkFGh1dD9KJ/eOtZ93I6hoHhukQ5Q= +google.golang.org/grpc v1.40.0/go.mod h1:ogyxbiOoUXAkP+4+xa6PZSE9DZgIHtSpzjDTB9KAK34= google.golang.org/protobuf v0.0.0-20200109180630-ec00e32a8dfd/go.mod h1:DFci5gLYBciE7Vtevhsrf46CRTquxDuWsQurQQe4oz8= google.golang.org/protobuf v0.0.0-20200221191635-4d8936d0db64/go.mod h1:kwYJMbMJ01Woi6D6+Kah6886xMZcty6N08ah7+eCXa0= google.golang.org/protobuf v0.0.0-20200228230310-ab0ca4ff8a60/go.mod h1:cfTl7dwQJ+fmap5saPgwCLgHXTUD7jkjRqWcaiX5VyM= @@ -708,18 +718,17 @@ google.golang.org/protobuf v1.23.0/go.mod h1:EGpADcykh3NcUnDUJcl1+ZksZNG86OlYog2 google.golang.org/protobuf v1.23.1-0.20200526195155-81db48ad09cc/go.mod h1:EGpADcykh3NcUnDUJcl1+ZksZNG86OlYog2l/sGQquU= google.golang.org/protobuf v1.25.0/go.mod h1:9JNX74DMeImyA3h4bdi1ymwjUzf21/xIlbajtzgsN7c= google.golang.org/protobuf v1.26.0-rc.1/go.mod h1:jlhhOSvTdKEhbULTjvd4ARK9grFBp09yW+WbY/TyQbw= -google.golang.org/protobuf v1.26.0 h1:bxAC2xTBsZGibn2RTntX0oH50xLsqy1OxA9tTL3p/lk= google.golang.org/protobuf v1.26.0/go.mod h1:9q0QmTI4eRPtz6boOQmLYwt+qCgq0jsYwAQnmE0givc= +google.golang.org/protobuf v1.27.1 h1:SnqbnDw1V7RiZcXPx5MEeqPv2s79L9i7BJUlG/+RurQ= +google.golang.org/protobuf v1.27.1/go.mod h1:9q0QmTI4eRPtz6boOQmLYwt+qCgq0jsYwAQnmE0givc= gopkg.in/alecthomas/kingpin.v2 v2.2.6/go.mod h1:FMv+mEhP44yOT+4EoQTLFTRgOQ1FBLkstjWtayDeSgw= gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= gopkg.in/check.v1 v1.0.0-20180628173108-788fd7840127/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= gopkg.in/check.v1 v1.0.0-20190902080502-41f04d3bba15/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= gopkg.in/check.v1 v1.0.0-20200227125254-8fa46927fb4f/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= +gopkg.in/check.v1 v1.0.0-20200902074654-038fdea0a05b h1:QRR6H1YWRnHb4Y/HeNFCTJLFVxaq6wH4YuVdsUOr75U= gopkg.in/check.v1 v1.0.0-20200902074654-038fdea0a05b/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= -gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c h1:Hei/4ADfdWqJk1ZMxUNpqntNwaWcugrBjAiHlqqRiVk= -gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c/go.mod h1:JHkPIbrfpd72SG/EVd6muEfDQjcINNoR0C8j2r3qZ4Q= gopkg.in/cheggaaa/pb.v1 v1.0.25/go.mod h1:V/YB90LKu/1FcN3WVnfiiE5oMCibMjukxqG/qStrOgw= -gopkg.in/errgo.v2 v2.1.0/go.mod h1:hNsd1EY+bozCKY1Ytp96fpM3vjJbqLJn88ws8XvfDNI= gopkg.in/fsnotify.v1 v1.4.7 h1:xOHLXZwVvI9hhs+cLKq5+I5onOuwQLhQwiu63xxlHs4= gopkg.in/fsnotify.v1 v1.4.7/go.mod h1:Tz8NjZHkW78fSQdbUxIjBTcgA1z1m8ZHf0WmKUhAMys= gopkg.in/inf.v0 v0.9.1 h1:73M5CoZyi3ZLMOyDlQh031Cx6N9NDJ2Vvfl76EDAgDc= @@ -734,6 +743,7 @@ gopkg.in/tomb.v1 v1.0.0-20141024135613-dd632973f1e7/go.mod h1:dt/ZhP58zS4L8KSrWD gopkg.in/yaml.v2 v2.0.0-20170812160011-eb3733d160e7/go.mod h1:JAlM8MvJe8wmxCU4Bli9HhUf9+ttbYbLASfIpnQbh74= gopkg.in/yaml.v2 v2.2.1/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= gopkg.in/yaml.v2 v2.2.2/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= +gopkg.in/yaml.v2 v2.2.3/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= gopkg.in/yaml.v2 v2.2.4/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= gopkg.in/yaml.v2 v2.2.5/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= gopkg.in/yaml.v2 v2.2.8/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= @@ -749,8 +759,6 @@ gotest.tools v2.2.0+incompatible/go.mod h1:DsYFclhRJ6vuDpmuTbkuFWG+y2sxOXAzmJt81 honnef.co/go/tools v0.0.0-20190102054323-c2f93a96b099/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= honnef.co/go/tools v0.0.0-20190106161140-3f1c8253044a/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= honnef.co/go/tools v0.0.0-20190523083050-ea95bdfd59fc/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= -honnef.co/go/tools v0.0.1-2019.2.3 h1:3JgtbtFHMiCmsznwGVTUWbgGov+pVqnlf1dEJTNAXeM= -honnef.co/go/tools v0.0.1-2019.2.3/go.mod h1:a3bituU0lyd329TUQxRnasdCoJDkEUEAqEt0JzvZhAg= k8s.io/api v0.17.9 h1:BA/U8qtSNzx7BbmQy3lODbCxVMKGNUpBJ2fjsKt6OOY= k8s.io/api v0.17.9/go.mod h1:avJJAA1fSV6tnbCGW2K+S+ilDFW7WpNr5BScoiZ1M1U= k8s.io/apiextensions-apiserver v0.17.9 h1:GWtUr9LErCZBV7QEUIF7wiICPG6wzPukFRrwDv/AIdM= diff --git a/internal/integration/assertions_test.go b/internal/integration/assertions_test.go index 03102dc..3ff7deb 100644 --- a/internal/integration/assertions_test.go +++ b/internal/integration/assertions_test.go @@ -82,27 +82,16 @@ func assertControllerSecret(ctx context.Context, t *testing.T, c client.Client, } require.NoError(t, c.Get(ctx, key, &talosSecret)) - assert.Len(t, talosSecret.Data, 3) - assert.NotEmpty(t, talosSecret.Data["certs"]) - assert.NotEmpty(t, talosSecret.Data["kubeSecrets"]) - assert.NotEmpty(t, talosSecret.Data["trustdInfo"]) + assert.Len(t, talosSecret.Data, 1) + assert.NotEmpty(t, talosSecret.Data["bundle"]) // cross-checks secretsBundle := generate.NewSecretsBundleFromConfig(generate.NewClock(), provider) + secretsBundle.Clock = nil - var certs generate.Certs - require.NoError(t, yaml.Unmarshal(talosSecret.Data["certs"], &certs)) - assert.NotEmpty(t, certs.Admin) - certs.Admin = nil - assert.Equal(t, secretsBundle.Certs, &certs) - - var kubeSecrets generate.Secrets - require.NoError(t, yaml.Unmarshal(talosSecret.Data["kubeSecrets"], &kubeSecrets)) - assert.Equal(t, secretsBundle.Secrets, &kubeSecrets) - - var trustdInfo generate.TrustdInfo - require.NoError(t, yaml.Unmarshal(talosSecret.Data["trustdInfo"], &trustdInfo)) - assert.Equal(t, secretsBundle.TrustdInfo, &trustdInfo) + var savedBundle generate.SecretsBundle + require.NoError(t, yaml.Unmarshal(talosSecret.Data["bundle"], &savedBundle)) + assert.Equal(t, *secretsBundle, savedBundle) } // assertSameMachineConfigSecrets checks that control plane configs share same set of secrets. @@ -130,8 +119,8 @@ func assertCompatibleMachineConfigs(ctx context.Context, t *testing.T, c client. checks := []func(p machineconfig.Provider) interface{}{ func(p machineconfig.Provider) interface{} { return p.Machine().Security().Token() }, - // TODO: uncomment me with Talos 0.12: func(p machineconfig.Provider) interface{} { return p.Cluster().ID() }, - // TODO: uncomment me with Talos 0.12: func(p machineconfig.Provider) interface{} { return p.Cluster().Secret() }, + func(p machineconfig.Provider) interface{} { return p.Cluster().ID() }, + func(p machineconfig.Provider) interface{} { return p.Cluster().Secret() }, func(p machineconfig.Provider) interface{} { return p.Cluster().Endpoint().String() }, func(p machineconfig.Provider) interface{} { return p.Cluster().Token().ID() }, func(p machineconfig.Provider) interface{} { return p.Cluster().Token().Secret() }, diff --git a/internal/integration/integration_test.go b/internal/integration/integration_test.go index 244c0aa..88ee038 100644 --- a/internal/integration/integration_test.go +++ b/internal/integration/integration_test.go @@ -5,13 +5,16 @@ package integration import ( + "encoding/json" "testing" "github.com/stretchr/testify/assert" "github.com/stretchr/testify/require" bootstrapv1alpha3 "github.com/talos-systems/cluster-api-bootstrap-provider-talos/api/v1alpha3" talosmachine "github.com/talos-systems/talos/pkg/machinery/config/types/v1alpha1/machine" + corev1 "k8s.io/api/core/v1" apiextensions "k8s.io/apiextensions-apiserver/pkg/apis/apiextensions/v1" + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" capiv1 "sigs.k8s.io/cluster-api/api/v1alpha3" ) @@ -71,7 +74,7 @@ func TestIntegration(t *testing.T) { machine := createMachine(ctx, t, c, cluster) workers = append(workers, createTalosConfig(ctx, t, c, machine, bootstrapv1alpha3.TalosConfigSpec{ - GenerateType: talosmachine.TypeJoin.String(), + GenerateType: talosmachine.TypeWorker.String(), TalosVersion: TalosVersion, })) } @@ -89,7 +92,7 @@ func TestIntegration(t *testing.T) { case i < len(controlplanes): assert.Equal(t, talosmachine.TypeControlPlane, provider.Machine().Type()) default: - assert.Equal(t, talosmachine.TypeJoin, provider.Machine().Type()) + assert.Equal(t, talosmachine.TypeWorker, provider.Machine().Type()) } } @@ -177,4 +180,50 @@ func TestIntegration(t *testing.T) { assert.Equal(t, []string{"myserver.com"}, provider.Machine().Security().CertSANs()) }) + t.Run("LegacyClusterSecret", func(t *testing.T) { + t.Parallel() + + namespaceName := setupTest(ctx, t, c) + cluster := createCluster(ctx, t, c, namespaceName, nil) + machine := createMachine(ctx, t, c, cluster) + + // create a secret which imitates legacy secret format. + clusterSecret := corev1.Secret{ + ObjectMeta: metav1.ObjectMeta{ + Namespace: namespaceName, + Name: cluster.Name + "-talos", + Labels: map[string]string{ + capiv1.ClusterLabelName: cluster.Name, + }, + }, + } + + require.NoError(t, json.Unmarshal([]byte(legacySecretData), &clusterSecret.Data)) + require.NoError(t, c.Create(ctx, &clusterSecret)) + + talosConfig := createTalosConfig(ctx, t, c, machine, bootstrapv1alpha3.TalosConfigSpec{ + GenerateType: talosmachine.TypeControlPlane.String(), + TalosVersion: TalosVersion, + }) + waitForReady(ctx, t, c, talosConfig) + + provider := assertMachineConfiguration(ctx, t, c, talosConfig) + + assertClusterCA(ctx, t, c, cluster, provider) + + assert.Equal(t, "o19zh7.yv7rxce3lsptnme9", provider.Machine().Security().Token()) + assert.Equal(t, "5dwzrh", provider.Cluster().Token().ID()) + assert.Equal(t, "5ms9d5eke1muskrg", provider.Cluster().Token().Secret()) + assert.Equal(t, "-----BEGIN CERTIFICATE-----\nMIIBiTCCAS+gAwIBAgIQM4a04RExgV7BBZ2qmazx3TAKBggqhkjOPQQDBDAVMRMw\nEQYDVQQKEwprdWJlcm5ldGVzMB4XDTIxMDkyMDE4NDE0OVoXDTMxMDkxODE4NDE0\nOVowFTETMBEGA1UEChMKa3ViZXJuZXRlczBZMBMGByqGSM49AgEGCCqGSM49AwEH\nA0IABLezryg3QXmplOVP7+ap/ZTQCSlL3qiOeV7m3G8w8rvRaf+La9D0fCVJ9Rj/\nTyuuQFxQ203oeXPIfmE9HqtdjwqjYTBfMA4GA1UdDwEB/wQEAwIChDAdBgNVHSUE\nFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwDwYDVR0TAQH/BAUwAwEB/zAdBgNVHQ4E\nFgQUW0vg9AdP/ZK5+yR/73BpfvPRHMkwCgYIKoZIzj0EAwQDSAAwRQIgdvTMbjH+\n4XOMZzFIDjnq42I/suDw4cnGXcrlWdJ+aZYCIQDurrEAKmPrMgNqT2wP6JWYylla\n3l7yV8hS5CgCpJTaEg==\n-----END CERTIFICATE-----\n", string(provider.Cluster().CA().Crt)) //nolint:lll + assert.Equal(t, "-----BEGIN CERTIFICATE-----\nMIIBPzCB8qADAgECAhEArv8iYjWXC8Mataa8e2pezDAFBgMrZXAwEDEOMAwGA1UE\nChMFdGFsb3MwHhcNMjEwOTIwMTg0MTQ5WhcNMzEwOTE4MTg0MTQ5WjAQMQ4wDAYD\nVQQKEwV0YWxvczAqMAUGAytlcAMhAOCRMlGNjsdQmgls2PCSgMdMeAIB8fAKsnCp\naXX3rfUKo2EwXzAOBgNVHQ8BAf8EBAMCAoQwHQYDVR0lBBYwFAYIKwYBBQUHAwEG\nCCsGAQUFBwMCMA8GA1UdEwEB/wQFMAMBAf8wHQYDVR0OBBYEFIDgT1HeMDtWHHXl\nmVhYqUPDU0JoMAUGAytlcANBAD2GLO2vG9MHGxt9658X4xZLSYNldAgDy2tHmZ7l\nnAjAR0npZoQXBVhorrQEcea7g6To9BDmtzrF0StW895d0Ak=\n-----END CERTIFICATE-----\n", string(provider.Machine().Security().CA().Crt)) + }) + +} + +// legacy cluster secret format +const legacySecretData = `{ +"certs": "YWRtaW46CiAgY3J0OiBMUzB0TFMxQ1JVZEpUaUJEUlZKVVNVWkpRMEZVUlMwdExTMHRDazFKU1VKTmFrTkNOV0ZCUkVGblJVTkJhRUpNZEV4U1R5OHlOMGQ0TkRsaVJXSnpVbVZYT1V0TlFWVkhRWGwwYkdORVFWRk5VVFIzUkVGWlJGWlJVVXNLUlhkV01GbFhlSFpqZWtGbFJuY3dlVTFVUVRWTmFrRjRUMFJSZUU1RWJHRkdkekI2VFZSQk5VMVVaM2hQUkZGNFRrUnNZVTFDVFhoRlZFRlFRbWRPVmdwQ1FXOVVRMGM1ZWs5dFJtdGlWMngxVFVOdmQwSlJXVVJMTWxaM1FYbEZRV0ZpWVZKU2MzTllaMDVhZUd3MVoyeG1abWx6V1ZkcFpIZG1OVUZHV1dwRENscEhheTlLT1Roek5FNXRhbFZxUWxGTlFUUkhRVEZWWkVSM1JVSXZkMUZGUVhkSlNHZEVRV1JDWjA1V1NGTlZSVVpxUVZWQ1oyZHlRbWRGUmtKUlkwUUtRVkZaU1V0M1dVSkNVVlZJUVhkSmQwaDNXVVJXVWpCcVFrSm5kMFp2UVZWblQwSlFWV1EwZDA4eFdXTmtaVmRhVjBacGNGRTRUbFJSYldkM1FsRlpSQXBMTWxaM1FUQkZRVGg0UlRNelRFeE9hbEpxVjFVdlJsZ3ZRVmRFZDFWc0t6RnNja3hRVkZRNU5UUXpXbHBtZDBncldVdDVWMkpqUmt4NlRFSnFaRXBKQ2pSSU5rZFFZekpqTVhwd2JqQlVZbHA0UzJJeWMxUmFjSGRZUkZKRVVUMDlDaTB0TFMwdFJVNUVJRU5GVWxSSlJrbERRVlJGTFMwdExTMEsKICBrZXk6IExTMHRMUzFDUlVkSlRpQkZSREkxTlRFNUlGQlNTVlpCVkVVZ1MwVlpMUzB0TFMwS1RVTTBRMEZSUVhkQ1VWbEVTekpXZDBKRFNVVkpUVTVQTjBkbVZrNTVlbU5XWmtoc1dtUXpaVEZSY0hOaU1WZGhRMDFMTkdWM2NYQmxVRTFwV1RsR2JBb3RMUzB0TFVWT1JDQkZSREkxTlRFNUlGQlNTVlpCVkVVZ1MwVlpMUzB0TFMwSwpldGNkOgogIGNydDogTFMwdExTMUNSVWRKVGlCRFJWSlVTVVpKUTBGVVJTMHRMUzB0Q2sxSlNVSm1WRU5EUVZOVFowRjNTVUpCWjBsU1FVMXVPRGgyZVd0VE0wWnZTVnBFV0RZd04zSkhWamgzUTJkWlNVdHZXa2w2YWpCRlFYZFJkMFI2UlU0S1RVRnpSMEV4VlVWRGFFMUZXbGhTYWxwRVFXVkdkekI1VFZSQk5VMXFRWGhQUkZGNFRrUnNZVVozTUhwTlZFRTFUVlJuZUU5RVVYaE9SR3hoVFVFNGVBcEVWRUZNUW1kT1ZrSkJiMVJDUjFZd1dUSlJkMWRVUVZSQ1oyTnhhR3RxVDFCUlNVSkNaMmR4YUd0cVQxQlJUVUpDZDA1RFFVRlVVVlJLTDJGNVJucHhDa1JvTm5WYWN6SjNUbXBUZWt4emVHaGpVVTFwZWtaTFFWUktNWEkwVTA1bWFEVkRSM2RYU1V4elNtaFRZell4YUdocVZXZzNlRUZXWkRObGQxbG9iWFVLT0ZCUWN6TnNlRE5VUzJOd2J6SkZkMWg2UVU5Q1owNVdTRkU0UWtGbU9FVkNRVTFEUVc5UmQwaFJXVVJXVWpCc1FrSlpkMFpCV1VsTGQxbENRbEZWU0FwQmQwVkhRME56UjBGUlZVWkNkMDFEVFVFNFIwRXhWV1JGZDBWQ0wzZFJSazFCVFVKQlpqaDNTRkZaUkZaU01FOUNRbGxGUmtoVk1IWXJWR1l2U2pOVkNqSmlOM0l5TkdGemNqaGlja1ZaTUZaTlFXOUhRME54UjFOTk5EbENRVTFGUVRCalFVMUZVVU5KU0ZOdlkyaFdOMUZJY2psNVFXOXJiakJqYTNjNVdtY0tjemczYUU5eU1WRlZkbGRzUTI4d1ZUSTNSak5CYVVJMGJEVlJjREJ5U0VWR2NtWnhMeTlqZVVaTE9YaERVVzlFSzA5eFNVWnhWVEJ6YWsxVFYwUnZSZ3A2WnowOUNpMHRMUzB0UlU1RUlFTkZVbFJKUmtsRFFWUkZMUzB0TFMwSwogIGtleTogTFMwdExTMUNSVWRKVGlCRlF5QlFVa2xXUVZSRklFdEZXUzB0TFMwdENrMUlZME5CVVVWRlNVWlVZemxxVUU1QlZXbGtSbUV2WkUxR1NIcDFOV0ZuYm5jeFl6UkZkVnB4Vm1KTE1rbGFWa2xRUldSdlFXOUhRME54UjFOTk5Ea0tRWGRGU0c5VlVVUlJaMEZGTUVWNVpqSnphR00yWnpSbGNtMWlUbk5FV1RCemVUZE5XVmhGUkVsemVGTm5SWGxrWVN0RmFsZzBaVkZvYzBacFF6ZERXUXBWYms5MFdWbFpNVWxsT0ZGR1dHUXpjMGRKV25KMlJIbzNUalZqWkRCNWJrdFJQVDBLTFMwdExTMUZUa1FnUlVNZ1VGSkpWa0ZVUlNCTFJWa3RMUzB0TFFvPQprOHM6CiAgY3J0OiBMUzB0TFMxQ1JVZEpUaUJEUlZKVVNVWkpRMEZVUlMwdExTMHRDazFKU1VKcFZFTkRRVk1yWjBGM1NVSkJaMGxSVFRSaE1EUlNSWGhuVmpkQ1Fsb3ljVzFoZW5nelZFRkxRbWRuY1docmFrOVFVVkZFUWtSQlZrMVNUWGNLUlZGWlJGWlJVVXRGZDNCeVpGZEtiR050Tld4a1IxWjZUVUkwV0VSVVNYaE5SR3Q1VFVSRk5FNUVSVEJQVm05WVJGUk5lRTFFYTNoUFJFVTBUa1JGTUFwUFZtOTNSbFJGVkUxQ1JVZEJNVlZGUTJoTlMyRXpWbWxhV0VwMVdsaFNiR042UWxwTlFrMUhRbmx4UjFOTk5EbEJaMFZIUTBOeFIxTk5ORGxCZDBWSUNrRXdTVUZDVEdWNmNubG5NMUZZYlhCc1QxWlFOeXRoY0M5YVZGRkRVMnhNTTNGcFQyVldOMjB6UnpoM09ISjJVbUZtSzB4aE9VUXdaa05XU2psU2FpOEtWSGwxZFZGR2VGRXlNRE52WlZoUVNXWnRSVGxJY1hSa2FuZHhhbGxVUW1aTlFUUkhRVEZWWkVSM1JVSXZkMUZGUVhkSlEyaEVRV1JDWjA1V1NGTlZSUXBHYWtGVlFtZG5ja0puUlVaQ1VXTkVRVkZaU1V0M1dVSkNVVlZJUVhkSmQwUjNXVVJXVWpCVVFWRklMMEpCVlhkQmQwVkNMM3BCWkVKblRsWklVVFJGQ2tablVWVlhNSFpuT1VGa1VDOWFTelVyZVZJdk56TkNjR1oyVUZKSVRXdDNRMmRaU1V0dldrbDZhakJGUVhkUlJGTkJRWGRTVVVsblpIWlVUV0pxU0NzS05GaFBUVnA2UmtsRWFtNXhOREpKTDNOMVJIYzBZMjVIV0dOeWJGZGtTaXRoV2xsRFNWRkVkWEp5UlVGTGJWQnlUV2RPY1ZReWQxQTJTbGRaZVd4c1lRb3piRGQ1Vmpob1V6VkRaME53U2xSaFJXYzlQUW90TFMwdExVVk9SQ0JEUlZKVVNVWkpRMEZVUlMwdExTMHRDZz09CiAga2V5OiBMUzB0TFMxQ1JVZEpUaUJGUXlCUVVrbFdRVlJGSUV0RldTMHRMUzB0Q2sxSVkwTkJVVVZGU1VaTVRVdHJjMFExYlhOdFZqQTBLM2hPTTBGVFZtaHVOVmhWTW5WUGJFRkVabXRHWTNaRWFqQnlORGx2UVc5SFEwTnhSMU5OTkRrS1FYZEZTRzlWVVVSUlowRkZkRGRQZGt0RVpFSmxZVzFWTlZVdmRqVnhiamxzVGtGS1MxVjJaWEZKTlRWWWRXSmpZbnBFZVhVNVJuQXZOSFJ5TUZCU09BcEtWVzR4UjFBNVVFczJOVUZZUmtSaVZHVm9OV000YUN0WlZEQmxjVEV5VUVOblBUMEtMUzB0TFMxRlRrUWdSVU1nVUZKSlZrRlVSU0JMUlZrdExTMHRMUW89Cms4c2FnZ3JlZ2F0b3I6CiAgY3J0OiBMUzB0TFMxQ1JVZEpUaUJEUlZKVVNVWkpRMEZVUlMwdExTMHRDazFKU1VKWWFrTkRRVkZYWjBGM1NVSkJaMGxSWm5KTFV6RmthV001T0ZCc1ptMHZNMmw2WW1SV2FrRkxRbWRuY1docmFrOVFVVkZFUWtSQlFVMUNORmdLUkZSSmVFMUVhM2xOUkVVMFRrUkZNRTlXYjFoRVZFMTRUVVJyZUU5RVJUUk9SRVV3VDFadmQwRkVRbHBOUWsxSFFubHhSMU5OTkRsQlowVkhRME54UndwVFRUUTVRWGRGU0VFd1NVRkNRMUJqZFVJMkwycEVTa3RDT1RRck0xRlFZaTlQVWl0M1JqZEdaR2d3ZFhkb1UyOXlaak53ZUhSeFpqTkJZbGxOTkU4NUNteFlRek5yTVZwRE1tNUNkbEU1UXpac1ZGZEpWVVpYWkV0SFNtTkxhalpzZGpWNWFsbFVRbVpOUVRSSFFURlZaRVIzUlVJdmQxRkZRWGRKUTJoRVFXUUtRbWRPVmtoVFZVVkdha0ZWUW1kbmNrSm5SVVpDVVdORVFWRlpTVXQzV1VKQ1VWVklRWGRKZDBSM1dVUldVakJVUVZGSUwwSkJWWGRCZDBWQ0wzcEJaQXBDWjA1V1NGRTBSVVpuVVZVMVUwTlVUR054YVZwUGJ6WXhjVkJrWm5OdVZYZEtRV1ozVVZWM1EyZFpTVXR2V2tsNmFqQkZRWGRSUkZKM1FYZFNRVWxuQ2xNMGVVUlFRakZtZGxRNGRFbGxhR1ZWVEhkVFl6QXlWWFV2YkRWNVZHNUNVVTFUYlVZMldUazVVMDFEU1VWdlVUVnpMM0YwZEVKSldrWjNNMGd5Y1RBS1MzUTFOM1oxVjJKSUswOXdTMmhNVlV0MFZESkNjWFE1Q2kwdExTMHRSVTVFSUVORlVsUkpSa2xEUVZSRkxTMHRMUzBLCiAga2V5OiBMUzB0TFMxQ1JVZEpUaUJGUXlCUVVrbFdRVlJGSUV0RldTMHRMUzB0Q2sxSVkwTkJVVVZGU1VzNVN6VkpNVkI1TW1GU1RDdFdhU3R6ZFRVek5qUjBOMGxvTkVoS1MxTnRTVWMzY1RKNmRXMXdkVVZ2UVc5SFEwTnhSMU5OTkRrS1FYZEZTRzlWVVVSUlowRkZTVGw1TkVoeUswMU5hMjlJTTJvM1pFRTVkamcxU0RkQldITldNa2hUTjBOR1MybDBMMlZ1UnpKd0wyTkNkR2Q2WnpjeVZncGpUR1ZVVm10TVlXTkhPVVF3VEhGV1RsbG9VVlphTUc5WmJIZHhVSEZYTDI1QlBUMEtMUzB0TFMxRlRrUWdSVU1nVUZKSlZrRlVSU0JMUlZrdExTMHRMUW89Cms4c3NlcnZpY2VhY2NvdW50OgogIGtleTogTFMwdExTMUNSVWRKVGlCRlF5QlFVa2xXUVZSRklFdEZXUzB0TFMwdENrMUlZME5CVVVWRlNVbENTR3B1YzA5NWVGRTJNVkV5VFZGcVVrWTRSVUphVldaVVNHbElPVk41ZG1WSVIya3ZNVWhoYVc5dlFXOUhRME54UjFOTk5Ea0tRWGRGU0c5VlVVUlJaMEZGZFd4cWJuRTRTRGswZGxkSlZsbG9ZVEJEZGxkWVNFaHhNekJtUTFSbU1qaEZaVTB5UlUxU09XNVNTamxxZDBWVVVsWlNOUXBYSzFsT1ZITnVVRTR4ZFZOVU5rRlZRVGhZZGl0WVFqRlVkek5WYUVSdllsVkJQVDBLTFMwdExTMUZUa1FnUlVNZ1VGSkpWa0ZVUlNCTFJWa3RMUzB0TFFvPQpvczoKICBjcnQ6IExTMHRMUzFDUlVkSlRpQkRSVkpVU1VaSlEwRlVSUzB0TFMwdENrMUpTVUpRZWtOQ09IRkJSRUZuUlVOQmFFVkJjblk0YVZscVYxaERPRTFoZEdGaE9HVXljR1Y2UkVGR1FtZE5jbHBZUVhkRlJFVlBUVUYzUjBFeFZVVUtRMmhOUm1SSFJuTmlNMDEzU0doalRrMXFSWGRQVkVsM1RWUm5NRTFVVVRWWGFHTk9UWHBGZDA5VVJUUk5WR2N3VFZSUk5WZHFRVkZOVVRSM1JFRlpSQXBXVVZGTFJYZFdNRmxYZUhaamVrRnhUVUZWUjBGNWRHeGpRVTFvUVU5RFVrMXNSMDVxYzJSUmJXZHNjekpRUTFOblRXUk5aVUZKUWpobVFVdHpia053Q21GWVdETnlabFZMYnpKRmQxaDZRVTlDWjA1V1NGRTRRa0ZtT0VWQ1FVMURRVzlSZDBoUldVUldVakJzUWtKWmQwWkJXVWxMZDFsQ1FsRlZTRUYzUlVjS1EwTnpSMEZSVlVaQ2QwMURUVUU0UjBFeFZXUkZkMFZDTDNkUlJrMUJUVUpCWmpoM1NGRlpSRlpTTUU5Q1FsbEZSa2xFWjFReFNHVk5SSFJYU0VoWWJBcHRWbWhaY1ZWUVJGVXdTbTlOUVZWSFFYbDBiR05CVGtKQlJESkhURTh5ZGtjNVRVaEhlSFE1TmpVNFdEUjRXa3hUV1U1c1pFRm5SSGt5ZEVodFdqZHNDbTVCYWtGU01HNXdXbTlSV0VKV2FHOXljbEZGWTJWaE4yYzJWRzg1UWtSdGRIcHlSakJUZEZjNE9UVmtNRUZyUFFvdExTMHRMVVZPUkNCRFJWSlVTVVpKUTBGVVJTMHRMUzB0Q2c9PQogIGtleTogTFMwdExTMUNSVWRKVGlCRlJESTFOVEU1SUZCU1NWWkJWRVVnUzBWWkxTMHRMUzBLVFVNMFEwRlJRWGRDVVZsRVN6SldkMEpEU1VWSlJtUkpZWE4xUzBNemVuZHBOREJFV2xNNVNUTldUSFJXUWtKVlNuaEdiVVYzYkdsdFVuWlZlSGhHWndvdExTMHRMVVZPUkNCRlJESTFOVEU1SUZCU1NWWkJWRVVnUzBWWkxTMHRMUzBLCg==", +"kubeSecrets": "Ym9vdHN0cmFwdG9rZW46IDVkd3pyaC41bXM5ZDVla2UxbXVza3JnCmFlc2NiY2VuY3J5cHRpb25zZWNyZXQ6IGp4aFBxMkM2TVJGYk5kQzdyZE5KU3dKbXNZM1lIMjNnUnpuYjdlZmhLTU09Cg==", +"trustdInfo": "dG9rZW46IG8xOXpoNy55djdyeGNlM2xzcHRubWU5Cg==" } +`