profile

package
v1.6.1 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Dec 22, 2023 License: MPL-2.0 Imports: 20 Imported by: 0

Documentation

Overview

Package profile contains definition of the image generation profile.

Index

Constants

View Source
const (

	// MinRAWDiskSize is the minimum size disk we can create. Used for metal images.
	MinRAWDiskSize = 1246 * mib

	// DefaultRAWDiskSize is the value we use for any non-metal images by default.
	DefaultRAWDiskSize = 8192 * mib
)

Variables

View Source
var Default = map[string]Profile{

	"iso": {
		Platform:   constants.PlatformMetal,
		SecureBoot: pointer.To(false),
		Output: Output{
			Kind:      OutKindISO,
			OutFormat: OutFormatRaw,
		},
	},
	"secureboot-iso": {
		Platform:   constants.PlatformMetal,
		SecureBoot: pointer.To(true),
		Output: Output{
			Kind:      OutKindISO,
			OutFormat: OutFormatRaw,
		},
	},

	"metal": {
		Platform:   constants.PlatformMetal,
		SecureBoot: pointer.To(false),
		Output: Output{
			Kind:      OutKindImage,
			OutFormat: OutFormatXZ,
			ImageOptions: &ImageOptions{
				DiskSize:   MinRAWDiskSize,
				DiskFormat: DiskFormatRaw,
			},
		},
	},
	"secureboot-metal": {
		Platform:   constants.PlatformMetal,
		SecureBoot: pointer.To(true),
		Output: Output{
			Kind:      OutKindImage,
			OutFormat: OutFormatXZ,
			ImageOptions: &ImageOptions{
				DiskSize:   MinRAWDiskSize,
				DiskFormat: DiskFormatRaw,
			},
		},
	},
	"installer": {
		Platform:   "metal",
		SecureBoot: pointer.To(false),
		Output: Output{
			Kind:      OutKindInstaller,
			OutFormat: OutFormatRaw,
		},
	},
	"secureboot-installer": {
		Platform:   "metal",
		SecureBoot: pointer.To(true),
		Output: Output{
			Kind:      OutKindInstaller,
			OutFormat: OutFormatRaw,
		},
	},

	"aws": {
		Platform:   "aws",
		SecureBoot: pointer.To(false),
		Output: Output{
			Kind:      OutKindImage,
			OutFormat: OutFormatXZ,
			ImageOptions: &ImageOptions{
				DiskSize:   DefaultRAWDiskSize,
				DiskFormat: DiskFormatRaw,
			},
		},
	},
	"azure": {
		Platform:   "azure",
		SecureBoot: pointer.To(false),
		Output: Output{
			Kind:      OutKindImage,
			OutFormat: OutFormatXZ,
			ImageOptions: &ImageOptions{
				DiskSize:          DefaultRAWDiskSize,
				DiskFormat:        DiskFormatVPC,
				DiskFormatOptions: "subformat=fixed,force_size",
			},
		},
	},
	"digital-ocean": {
		Platform:   "digital-ocean",
		SecureBoot: pointer.To(false),
		Output: Output{
			Kind:      OutKindImage,
			OutFormat: OutFormatGZ,
			ImageOptions: &ImageOptions{
				DiskSize:   DefaultRAWDiskSize,
				DiskFormat: DiskFormatRaw,
			},
		},
	},
	"exoscale": {
		Platform:   "exoscale",
		SecureBoot: pointer.To(false),
		Output: Output{
			Kind:      OutKindImage,
			OutFormat: OutFormatXZ,
			ImageOptions: &ImageOptions{
				DiskSize:          10 * 1024 * mib,
				DiskFormat:        DiskFormatQCOW2,
				DiskFormatOptions: "cluster_size=8k",
			},
		},
	},
	"gcp": {
		Platform:   "gcp",
		SecureBoot: pointer.To(false),
		Output: Output{
			Kind:      OutKindImage,
			OutFormat: OutFormatTar,
			ImageOptions: &ImageOptions{
				DiskSize:   DefaultRAWDiskSize,
				DiskFormat: DiskFormatRaw,
			},
		},
	},
	"hcloud": {
		Platform:   "hcloud",
		SecureBoot: pointer.To(false),
		Output: Output{
			Kind:      OutKindImage,
			OutFormat: OutFormatXZ,
			ImageOptions: &ImageOptions{
				DiskSize:   MinRAWDiskSize,
				DiskFormat: DiskFormatRaw,
			},
		},
	},
	"nocloud": {
		Platform:   "nocloud",
		SecureBoot: pointer.To(false),
		Output: Output{
			Kind:      OutKindImage,
			OutFormat: OutFormatXZ,
			ImageOptions: &ImageOptions{
				DiskSize:   MinRAWDiskSize,
				DiskFormat: DiskFormatRaw,
			},
		},
	},
	"openstack": {
		Platform:   "openstack",
		SecureBoot: pointer.To(false),
		Output: Output{
			Kind:      OutKindImage,
			OutFormat: OutFormatXZ,
			ImageOptions: &ImageOptions{
				DiskSize:   MinRAWDiskSize,
				DiskFormat: DiskFormatRaw,
			},
		},
	},
	"oracle": {
		Platform:   "oracle",
		SecureBoot: pointer.To(false),
		Output: Output{
			Kind:      OutKindImage,
			OutFormat: OutFormatXZ,
			ImageOptions: &ImageOptions{
				DiskSize:          DefaultRAWDiskSize,
				DiskFormat:        DiskFormatQCOW2,
				DiskFormatOptions: "cluster_size=8k",
			},
		},
	},
	"scaleway": {
		Platform:   "scaleway",
		SecureBoot: pointer.To(false),
		Output: Output{
			Kind:      OutKindImage,
			OutFormat: OutFormatXZ,
			ImageOptions: &ImageOptions{
				DiskSize:   MinRAWDiskSize,
				DiskFormat: DiskFormatRaw,
			},
		},
	},
	"upcloud": {
		Platform:   "upcloud",
		SecureBoot: pointer.To(false),
		Output: Output{
			Kind:      OutKindImage,
			OutFormat: OutFormatXZ,
			ImageOptions: &ImageOptions{
				DiskSize:   DefaultRAWDiskSize,
				DiskFormat: DiskFormatRaw,
			},
		},
	},
	"vmware": {
		Platform:   "vmware",
		SecureBoot: pointer.To(false),
		Output: Output{
			Kind:      OutKindImage,
			OutFormat: OutFormatRaw,
			ImageOptions: &ImageOptions{
				DiskSize:   DefaultRAWDiskSize,
				DiskFormat: DiskFormatOVA,
			},
		},
	},
	"vultr": {
		Platform:   "vultr",
		SecureBoot: pointer.To(false),
		Output: Output{
			Kind:      OutKindImage,
			OutFormat: OutFormatXZ,
			ImageOptions: &ImageOptions{
				DiskSize:   DefaultRAWDiskSize,
				DiskFormat: DiskFormatRaw,
			},
		},
	},

	constants.BoardRPiGeneric: {
		Arch:       "arm64",
		Platform:   constants.PlatformMetal,
		Board:      constants.BoardRPiGeneric,
		SecureBoot: pointer.To(false),
		Output: Output{
			Kind:      OutKindImage,
			OutFormat: OutFormatXZ,
			ImageOptions: &ImageOptions{
				DiskSize:   MinRAWDiskSize,
				DiskFormat: DiskFormatRaw,
			},
		},
	},
	constants.BoardRock64: {
		Arch:       "arm64",
		Platform:   constants.PlatformMetal,
		Board:      constants.BoardRock64,
		SecureBoot: pointer.To(false),
		Output: Output{
			Kind:      OutKindImage,
			OutFormat: OutFormatXZ,
			ImageOptions: &ImageOptions{
				DiskSize:   MinRAWDiskSize,
				DiskFormat: DiskFormatRaw,
			},
		},
	},
	constants.BoardBananaPiM64: {
		Arch:       "arm64",
		Platform:   constants.PlatformMetal,
		Board:      constants.BoardBananaPiM64,
		SecureBoot: pointer.To(false),
		Output: Output{
			Kind:      OutKindImage,
			OutFormat: OutFormatXZ,
			ImageOptions: &ImageOptions{
				DiskSize:   MinRAWDiskSize,
				DiskFormat: DiskFormatRaw,
			},
		},
	},
	constants.BoardLibretechAllH3CCH5: {
		Arch:       "arm64",
		Platform:   constants.PlatformMetal,
		Board:      constants.BoardLibretechAllH3CCH5,
		SecureBoot: pointer.To(false),
		Output: Output{
			Kind:      OutKindImage,
			OutFormat: OutFormatXZ,
			ImageOptions: &ImageOptions{
				DiskSize:   MinRAWDiskSize,
				DiskFormat: DiskFormatRaw,
			},
		},
	},
	constants.BoardRockpi4: {
		Arch:       "arm64",
		Platform:   constants.PlatformMetal,
		Board:      constants.BoardRockpi4,
		SecureBoot: pointer.To(false),
		Output: Output{
			Kind:      OutKindImage,
			OutFormat: OutFormatXZ,
			ImageOptions: &ImageOptions{
				DiskSize:   MinRAWDiskSize,
				DiskFormat: DiskFormatRaw,
			},
		},
	},
	constants.BoardRockpi4c: {
		Arch:       "arm64",
		Platform:   constants.PlatformMetal,
		Board:      constants.BoardRockpi4c,
		SecureBoot: pointer.To(false),
		Output: Output{
			Kind:      OutKindImage,
			OutFormat: OutFormatXZ,
			ImageOptions: &ImageOptions{
				DiskSize:   MinRAWDiskSize,
				DiskFormat: DiskFormatRaw,
			},
		},
	},
	constants.BoardPine64: {
		Arch:       "arm64",
		Platform:   constants.PlatformMetal,
		Board:      constants.BoardPine64,
		SecureBoot: pointer.To(false),
		Output: Output{
			Kind:      OutKindImage,
			OutFormat: OutFormatXZ,
			ImageOptions: &ImageOptions{
				DiskSize:   MinRAWDiskSize,
				DiskFormat: DiskFormatRaw,
			},
		},
	},
	constants.BoardJetsonNano: {
		Arch:       "arm64",
		Platform:   constants.PlatformMetal,
		Board:      constants.BoardJetsonNano,
		SecureBoot: pointer.To(false),
		Output: Output{
			Kind:      OutKindImage,
			OutFormat: OutFormatXZ,
			ImageOptions: &ImageOptions{
				DiskSize:   MinRAWDiskSize,
				DiskFormat: DiskFormatRaw,
			},
		},
	},
	constants.BoardNanoPiR4S: {
		Arch:       "arm64",
		Platform:   constants.PlatformMetal,
		Board:      constants.BoardNanoPiR4S,
		SecureBoot: pointer.To(false),
		Output: Output{
			Kind:      OutKindImage,
			OutFormat: OutFormatXZ,
			ImageOptions: &ImageOptions{
				DiskSize:   MinRAWDiskSize,
				DiskFormat: DiskFormatRaw,
			},
		},
	},
}

Default describes built-in profiles.

Functions

This section is empty.

Types

type ContainerAsset

type ContainerAsset struct {
	// ImageRef is a reference to the container image.
	ImageRef string `yaml:"imageRef"`
	// ForceInsecure forces insecure registry communication.
	ForceInsecure bool `yaml:"forceInsecure,omitempty"`
	// TarballPath is a path to the .tar format container image contents.
	//
	// If TarballPath is set, ImageRef is ignored.
	TarballPath string `yaml:"tarballPath,omitempty"`
	// OCIPath is a path to the OCI format container image contents.
	//
	// If OCIPath is set, ImageRef is ignored.
	OCIPath string `yaml:"ociPath,omitempty"`
}

ContainerAsset describes a container asset.

func (*ContainerAsset) Extract

func (c *ContainerAsset) Extract(ctx context.Context, destination, arch string, printf func(string, ...any)) error

Extract the container asset to the path.

func (*ContainerAsset) Pull

func (c *ContainerAsset) Pull(ctx context.Context, arch string, printf func(string, ...any)) (v1.Image, error)

Pull the container asset to the path.

type CustomizationProfile

type CustomizationProfile struct {
	// ExtraKernelArgs is a list of extra kernel arguments.
	ExtraKernelArgs []string `yaml:"extraKernelArgs,omitempty"`
	// MetaContents is a list of META partition contents.
	MetaContents meta.Values `yaml:"metaContents,omitempty"`
}

CustomizationProfile describes customizations that can be applied to the image.

type DiskFormat

type DiskFormat int

DiskFormat is disk format specification.

const (
	DiskFormatUnknown DiskFormat = iota // unknown
	DiskFormatRaw                       // raw
	DiskFormatQCOW2                     // qcow2
	DiskFormatVPC                       // vhd
	DiskFormatOVA                       // ova
)

DiskFormat values.

func DiskFormatString

func DiskFormatString(s string) (DiskFormat, error)

DiskFormatString retrieves an enum value from the enum constants string name. Throws an error if the param is not part of the enum.

func DiskFormatValues

func DiskFormatValues() []DiskFormat

DiskFormatValues returns all values of the enum

func (DiskFormat) IsADiskFormat

func (i DiskFormat) IsADiskFormat() bool

IsADiskFormat returns "true" if the value is listed in the enum definition. "false" otherwise

func (DiskFormat) MarshalText

func (i DiskFormat) MarshalText() ([]byte, error)

MarshalText implements the encoding.TextMarshaler interface for DiskFormat

func (DiskFormat) String

func (i DiskFormat) String() string

func (*DiskFormat) UnmarshalText

func (i *DiskFormat) UnmarshalText(text []byte) error

UnmarshalText implements the encoding.TextUnmarshaler interface for DiskFormat

type FileAsset

type FileAsset struct {
	// Path to the file.
	Path string `yaml:"path"`
}

FileAsset describes a file asset.

type ImageOptions

type ImageOptions struct {
	// DiskSize is the size of the disk image (bytes).
	DiskSize int64 `yaml:"diskSize"`
	// DiskFormat is the format of the disk image:
	//  * raw - raw disk image
	//  * qcow2 - qcow2 disk image
	//  * vhd - VPC disk image
	//  * ova - VMWare disk image
	DiskFormat DiskFormat `yaml:"diskFormat,omitempty"`
	// DiskFormatOptions are additional options for the disk format
	DiskFormatOptions string `yaml:"diskFormatOptions,omitempty"`
}

ImageOptions describes options for the 'image' output.

type Input

type Input struct {
	// Kernel is a vmlinuz file.
	Kernel FileAsset `yaml:"kernel"`
	// Initramfs is a initramfs file (without system extensions).
	Initramfs FileAsset `yaml:"initramfs"`
	// SDStub is a sd-stub file (only for SecureBoot).
	SDStub FileAsset `yaml:"sdStub,omitempty"`
	// SDBoot is a sd-boot file (only for SecureBoot).
	SDBoot FileAsset `yaml:"sdBoot,omitempty"`
	// DTB is a path to the device tree blobs (arm64 only).
	DTB FileAsset `yaml:"dtb,omitempty"`
	// UBoot is a path to the u-boot binary (arm64 only).
	UBoot FileAsset `yaml:"uBoot,omitempty"`
	// RPiFirmware is a path to the Raspberry Pi firmware (arm64 only).
	RPiFirmware FileAsset `yaml:"rpiFirmware,omitempty"`
	// Base installer image to mutate.
	BaseInstaller ContainerAsset `yaml:"baseInstaller,omitempty"`
	// SecureBoot is a section with secureboot keys, only for SecureBoot enabled builds.
	SecureBoot *SecureBootAssets `yaml:"secureboot,omitempty"`
	// SystemExtensions is a list of system extensions to install.
	SystemExtensions []ContainerAsset `yaml:"systemExtensions,omitempty"`
}

Input describes inputs for image generation.

func (*Input) FillDefaults

func (i *Input) FillDefaults(arch, version string, secureboot bool)

FillDefaults fills default values for the input.

type OutFormat

type OutFormat int

OutFormat is output format specification.

const (
	OutFormatUnknown OutFormat = iota // unknown
	OutFormatRaw                      // raw
	OutFormatTar                      // .tar.gz
	OutFormatXZ                       // .xz
	OutFormatGZ                       // .gz
)

OutFormat values.

func OutFormatString

func OutFormatString(s string) (OutFormat, error)

OutFormatString retrieves an enum value from the enum constants string name. Throws an error if the param is not part of the enum.

func OutFormatValues

func OutFormatValues() []OutFormat

OutFormatValues returns all values of the enum

func (OutFormat) IsAOutFormat

func (i OutFormat) IsAOutFormat() bool

IsAOutFormat returns "true" if the value is listed in the enum definition. "false" otherwise

func (OutFormat) MarshalText

func (i OutFormat) MarshalText() ([]byte, error)

MarshalText implements the encoding.TextMarshaler interface for OutFormat

func (OutFormat) String

func (i OutFormat) String() string

func (*OutFormat) UnmarshalText

func (i *OutFormat) UnmarshalText(text []byte) error

UnmarshalText implements the encoding.TextUnmarshaler interface for OutFormat

type Output

type Output struct {
	// Kind of the output:
	//  * iso - ISO image
	//  * image - disk image (Talos pre-installed)
	//  * installer - installer container
	//  * kernel - Linux kernel
	//  * initramfs - initramfs image
	Kind OutputKind `yaml:"kind"`
	// Options for the 'image' output.
	ImageOptions *ImageOptions `yaml:"imageOptions,omitempty"`
	// OutFormat is the format for the output:
	//  * raw - output raw file
	//  * .tar.gz - output tar.gz archive
	//  * .xz - output xz archive
	//  * .gz - output gz archive
	OutFormat OutFormat `yaml:"outFormat"`
}

Output describes image generation result.

type OutputKind

type OutputKind int

OutputKind is output specification.

const (
	OutKindUnknown   OutputKind = iota // unknown
	OutKindISO                         // iso
	OutKindImage                       // image
	OutKindInstaller                   // installer
	OutKindKernel                      // kernel
	OutKindInitramfs                   // initramfs
	OutKindUKI                         // uki
	OutKindCmdline                     // cmdline
)

OutputKind values.

func OutputKindString

func OutputKindString(s string) (OutputKind, error)

OutputKindString retrieves an enum value from the enum constants string name. Throws an error if the param is not part of the enum.

func OutputKindValues

func OutputKindValues() []OutputKind

OutputKindValues returns all values of the enum

func (OutputKind) IsAOutputKind

func (i OutputKind) IsAOutputKind() bool

IsAOutputKind returns "true" if the value is listed in the enum definition. "false" otherwise

func (OutputKind) MarshalText

func (i OutputKind) MarshalText() ([]byte, error)

MarshalText implements the encoding.TextMarshaler interface for OutputKind

func (OutputKind) String

func (i OutputKind) String() string

func (*OutputKind) UnmarshalText

func (i *OutputKind) UnmarshalText(text []byte) error

UnmarshalText implements the encoding.TextUnmarshaler interface for OutputKind

type Profile

type Profile struct {
	// BaseProfileName is the profile name to inherit from.
	BaseProfileName string `yaml:"baseProfileName,omitempty"`
	// Architecture of the image: amd64 or arm64.
	Arch string `yaml:"arch"`
	// Platform name of the image: qemu, aws, gcp, etc.
	Platform string `yaml:"platform"`
	// Board name of the image: rpi4, etc. (only for metal image and arm64).
	Board string `yaml:"board,omitempty"`
	// SecureBoot enables SecureBoot (only for UEFI build).
	SecureBoot *bool `yaml:"secureboot"`
	// Version is Talos version.
	Version string `yaml:"version"`
	// Various customizations than can be applied to the image.
	Customization CustomizationProfile `yaml:"customization,omitempty"`

	// Input describes inputs for image generation.
	Input Input `yaml:"input"`
	// Output describes image generation result.
	Output Output `yaml:"output"`
}

Profile describes image generation result.

func (Profile) DeepCopy

func (o Profile) DeepCopy() Profile

DeepCopy generates a deep copy of Profile.

func (*Profile) Dump

func (p *Profile) Dump(w io.Writer) error

Dump the profile as YAML.

func (*Profile) OutputPath

func (p *Profile) OutputPath() string

OutputPath generates the output path for the profile.

func (*Profile) SecureBootEnabled

func (p *Profile) SecureBootEnabled() bool

SecureBootEnabled derefences SecureBoot.

func (*Profile) Validate

func (p *Profile) Validate() error

Validate the profile.

type SecureBootAssets

type SecureBootAssets struct {
	// SecureBoot signing key & cert.
	SecureBootSigner SigningKeyAndCertificate `yaml:"secureBootSigner"`
	// PCR signing key.
	PCRSigner SigningKey `yaml:"pcrSigner"`
	// Optional, auto-enrollment paths.
	PlatformKeyPath    string `yaml:"platformKeyPath,omitempty"`
	KeyExchangeKeyPath string `yaml:"keyExchangeKeyPath,omitempty"`
	SignatureKeyPath   string `yaml:"signatureKeyPath,omitempty"`
}

SecureBootAssets describes secureboot assets.

type SigningKey added in v1.6.0

type SigningKey struct {
	// File-based:
	KeyPath string `yaml:"keyPath,omitempty"`
	// Azure:
	//
	// AzureKeyVersion might be left empty to use the latest key version.
	AzureVaultURL   string `yaml:"azureVaultURL,omitempty"`
	AzureKeyID      string `yaml:"azureKeyID,omitempty"`
	AzureKeyVersion string `yaml:"azureKeyVersion,omitempty"`
}

SigningKey describes a signing key.

func (SigningKey) GetSigner added in v1.6.0

func (key SigningKey) GetSigner(ctx context.Context) (measure.RSAKey, error)

GetSigner returns the signer.

type SigningKeyAndCertificate added in v1.6.0

type SigningKeyAndCertificate struct {
	// File-based:
	KeyPath  string `yaml:"keyPath,omitempty"`
	CertPath string `yaml:"certPath,omitempty"`
	// Azure:
	AzureVaultURL      string `yaml:"azureVaultURL,omitempty"`
	AzureCertificateID string `yaml:"azureCertificateID,omitempty"`
}

SigningKeyAndCertificate describes a signing key & certificate.

func (SigningKeyAndCertificate) GetSigner added in v1.6.0

GetSigner returns the signer.

Directories

Path Synopsis
internal
signer/azure
Package azure implements SecureBoot/PCR signers via Azure Key Vault.
Package azure implements SecureBoot/PCR signers via Azure Key Vault.
signer/file
Package file implements SecureBoot/PCR signers via plain filesystem files.
Package file implements SecureBoot/PCR signers via plain filesystem files.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL