Documentation ¶
Overview ¶
Package profile contains definition of the image generation profile.
Index ¶
Constants ¶
const ( // MinRAWDiskSize is the minimum size disk we can create. Used for metal images. MinRAWDiskSize = 1246 * mib // DefaultRAWDiskSize is the value we use for any non-metal images by default. DefaultRAWDiskSize = 8192 * mib )
Variables ¶
var Default = map[string]Profile{ "iso": { Platform: constants.PlatformMetal, SecureBoot: pointer.To(false), Output: Output{ Kind: OutKindISO, OutFormat: OutFormatRaw, }, }, "secureboot-iso": { Platform: constants.PlatformMetal, SecureBoot: pointer.To(true), Output: Output{ Kind: OutKindISO, OutFormat: OutFormatRaw, }, }, "metal": { Platform: constants.PlatformMetal, SecureBoot: pointer.To(false), Output: Output{ Kind: OutKindImage, OutFormat: OutFormatXZ, ImageOptions: &ImageOptions{ DiskSize: MinRAWDiskSize, DiskFormat: DiskFormatRaw, }, }, }, "secureboot-metal": { Platform: constants.PlatformMetal, SecureBoot: pointer.To(true), Output: Output{ Kind: OutKindImage, OutFormat: OutFormatXZ, ImageOptions: &ImageOptions{ DiskSize: MinRAWDiskSize, DiskFormat: DiskFormatRaw, }, }, }, "installer": { Platform: "metal", SecureBoot: pointer.To(false), Output: Output{ Kind: OutKindInstaller, OutFormat: OutFormatRaw, }, }, "secureboot-installer": { Platform: "metal", SecureBoot: pointer.To(true), Output: Output{ Kind: OutKindInstaller, OutFormat: OutFormatRaw, }, }, "aws": { Platform: "aws", SecureBoot: pointer.To(false), Output: Output{ Kind: OutKindImage, OutFormat: OutFormatXZ, ImageOptions: &ImageOptions{ DiskSize: DefaultRAWDiskSize, DiskFormat: DiskFormatRaw, }, }, }, "azure": { Platform: "azure", SecureBoot: pointer.To(false), Output: Output{ Kind: OutKindImage, OutFormat: OutFormatXZ, ImageOptions: &ImageOptions{ DiskSize: DefaultRAWDiskSize, DiskFormat: DiskFormatVPC, DiskFormatOptions: "subformat=fixed,force_size", }, }, }, "digital-ocean": { Platform: "digital-ocean", SecureBoot: pointer.To(false), Output: Output{ Kind: OutKindImage, OutFormat: OutFormatGZ, ImageOptions: &ImageOptions{ DiskSize: DefaultRAWDiskSize, DiskFormat: DiskFormatRaw, }, }, }, "exoscale": { Platform: "exoscale", SecureBoot: pointer.To(false), Output: Output{ Kind: OutKindImage, OutFormat: OutFormatXZ, ImageOptions: &ImageOptions{ DiskSize: 10 * 1024 * mib, DiskFormat: DiskFormatQCOW2, DiskFormatOptions: "cluster_size=8k", }, }, }, "gcp": { Platform: "gcp", SecureBoot: pointer.To(false), Output: Output{ Kind: OutKindImage, OutFormat: OutFormatTar, ImageOptions: &ImageOptions{ DiskSize: DefaultRAWDiskSize, DiskFormat: DiskFormatRaw, }, }, }, "hcloud": { Platform: "hcloud", SecureBoot: pointer.To(false), Output: Output{ Kind: OutKindImage, OutFormat: OutFormatXZ, ImageOptions: &ImageOptions{ DiskSize: MinRAWDiskSize, DiskFormat: DiskFormatRaw, }, }, }, "nocloud": { Platform: "nocloud", SecureBoot: pointer.To(false), Output: Output{ Kind: OutKindImage, OutFormat: OutFormatXZ, ImageOptions: &ImageOptions{ DiskSize: MinRAWDiskSize, DiskFormat: DiskFormatRaw, }, }, }, "openstack": { Platform: "openstack", SecureBoot: pointer.To(false), Output: Output{ Kind: OutKindImage, OutFormat: OutFormatXZ, ImageOptions: &ImageOptions{ DiskSize: MinRAWDiskSize, DiskFormat: DiskFormatRaw, }, }, }, "oracle": { Platform: "oracle", SecureBoot: pointer.To(false), Output: Output{ Kind: OutKindImage, OutFormat: OutFormatXZ, ImageOptions: &ImageOptions{ DiskSize: DefaultRAWDiskSize, DiskFormat: DiskFormatQCOW2, DiskFormatOptions: "cluster_size=8k", }, }, }, "scaleway": { Platform: "scaleway", SecureBoot: pointer.To(false), Output: Output{ Kind: OutKindImage, OutFormat: OutFormatXZ, ImageOptions: &ImageOptions{ DiskSize: MinRAWDiskSize, DiskFormat: DiskFormatRaw, }, }, }, "upcloud": { Platform: "upcloud", SecureBoot: pointer.To(false), Output: Output{ Kind: OutKindImage, OutFormat: OutFormatXZ, ImageOptions: &ImageOptions{ DiskSize: DefaultRAWDiskSize, DiskFormat: DiskFormatRaw, }, }, }, "vmware": { Platform: "vmware", SecureBoot: pointer.To(false), Output: Output{ Kind: OutKindImage, OutFormat: OutFormatRaw, ImageOptions: &ImageOptions{ DiskSize: DefaultRAWDiskSize, DiskFormat: DiskFormatOVA, }, }, }, "vultr": { Platform: "vultr", SecureBoot: pointer.To(false), Output: Output{ Kind: OutKindImage, OutFormat: OutFormatXZ, ImageOptions: &ImageOptions{ DiskSize: DefaultRAWDiskSize, DiskFormat: DiskFormatRaw, }, }, }, constants.BoardRPiGeneric: { Arch: "arm64", Platform: constants.PlatformMetal, Board: constants.BoardRPiGeneric, SecureBoot: pointer.To(false), Output: Output{ Kind: OutKindImage, OutFormat: OutFormatXZ, ImageOptions: &ImageOptions{ DiskSize: MinRAWDiskSize, DiskFormat: DiskFormatRaw, }, }, }, constants.BoardRock64: { Arch: "arm64", Platform: constants.PlatformMetal, Board: constants.BoardRock64, SecureBoot: pointer.To(false), Output: Output{ Kind: OutKindImage, OutFormat: OutFormatXZ, ImageOptions: &ImageOptions{ DiskSize: MinRAWDiskSize, DiskFormat: DiskFormatRaw, }, }, }, constants.BoardBananaPiM64: { Arch: "arm64", Platform: constants.PlatformMetal, Board: constants.BoardBananaPiM64, SecureBoot: pointer.To(false), Output: Output{ Kind: OutKindImage, OutFormat: OutFormatXZ, ImageOptions: &ImageOptions{ DiskSize: MinRAWDiskSize, DiskFormat: DiskFormatRaw, }, }, }, constants.BoardLibretechAllH3CCH5: { Arch: "arm64", Platform: constants.PlatformMetal, Board: constants.BoardLibretechAllH3CCH5, SecureBoot: pointer.To(false), Output: Output{ Kind: OutKindImage, OutFormat: OutFormatXZ, ImageOptions: &ImageOptions{ DiskSize: MinRAWDiskSize, DiskFormat: DiskFormatRaw, }, }, }, constants.BoardRockpi4: { Arch: "arm64", Platform: constants.PlatformMetal, Board: constants.BoardRockpi4, SecureBoot: pointer.To(false), Output: Output{ Kind: OutKindImage, OutFormat: OutFormatXZ, ImageOptions: &ImageOptions{ DiskSize: MinRAWDiskSize, DiskFormat: DiskFormatRaw, }, }, }, constants.BoardRockpi4c: { Arch: "arm64", Platform: constants.PlatformMetal, Board: constants.BoardRockpi4c, SecureBoot: pointer.To(false), Output: Output{ Kind: OutKindImage, OutFormat: OutFormatXZ, ImageOptions: &ImageOptions{ DiskSize: MinRAWDiskSize, DiskFormat: DiskFormatRaw, }, }, }, constants.BoardPine64: { Arch: "arm64", Platform: constants.PlatformMetal, Board: constants.BoardPine64, SecureBoot: pointer.To(false), Output: Output{ Kind: OutKindImage, OutFormat: OutFormatXZ, ImageOptions: &ImageOptions{ DiskSize: MinRAWDiskSize, DiskFormat: DiskFormatRaw, }, }, }, constants.BoardJetsonNano: { Arch: "arm64", Platform: constants.PlatformMetal, Board: constants.BoardJetsonNano, SecureBoot: pointer.To(false), Output: Output{ Kind: OutKindImage, OutFormat: OutFormatXZ, ImageOptions: &ImageOptions{ DiskSize: MinRAWDiskSize, DiskFormat: DiskFormatRaw, }, }, }, constants.BoardNanoPiR4S: { Arch: "arm64", Platform: constants.PlatformMetal, Board: constants.BoardNanoPiR4S, SecureBoot: pointer.To(false), Output: Output{ Kind: OutKindImage, OutFormat: OutFormatXZ, ImageOptions: &ImageOptions{ DiskSize: MinRAWDiskSize, DiskFormat: DiskFormatRaw, }, }, }, }
Default describes built-in profiles.
Functions ¶
This section is empty.
Types ¶
type ContainerAsset ¶
type ContainerAsset struct { // ImageRef is a reference to the container image. ImageRef string `yaml:"imageRef"` // ForceInsecure forces insecure registry communication. ForceInsecure bool `yaml:"forceInsecure,omitempty"` // TarballPath is a path to the .tar format container image contents. // // If TarballPath is set, ImageRef is ignored. TarballPath string `yaml:"tarballPath,omitempty"` // OCIPath is a path to the OCI format container image contents. // // If OCIPath is set, ImageRef is ignored. OCIPath string `yaml:"ociPath,omitempty"` }
ContainerAsset describes a container asset.
type CustomizationProfile ¶
type CustomizationProfile struct { // ExtraKernelArgs is a list of extra kernel arguments. ExtraKernelArgs []string `yaml:"extraKernelArgs,omitempty"` // MetaContents is a list of META partition contents. MetaContents meta.Values `yaml:"metaContents,omitempty"` }
CustomizationProfile describes customizations that can be applied to the image.
type DiskFormat ¶
type DiskFormat int
DiskFormat is disk format specification.
const ( DiskFormatUnknown DiskFormat = iota // unknown DiskFormatRaw // raw DiskFormatQCOW2 // qcow2 DiskFormatVPC // vhd DiskFormatOVA // ova )
DiskFormat values.
func DiskFormatString ¶
func DiskFormatString(s string) (DiskFormat, error)
DiskFormatString retrieves an enum value from the enum constants string name. Throws an error if the param is not part of the enum.
func DiskFormatValues ¶
func DiskFormatValues() []DiskFormat
DiskFormatValues returns all values of the enum
func (DiskFormat) IsADiskFormat ¶
func (i DiskFormat) IsADiskFormat() bool
IsADiskFormat returns "true" if the value is listed in the enum definition. "false" otherwise
func (DiskFormat) MarshalText ¶
func (i DiskFormat) MarshalText() ([]byte, error)
MarshalText implements the encoding.TextMarshaler interface for DiskFormat
func (DiskFormat) String ¶
func (i DiskFormat) String() string
func (*DiskFormat) UnmarshalText ¶
func (i *DiskFormat) UnmarshalText(text []byte) error
UnmarshalText implements the encoding.TextUnmarshaler interface for DiskFormat
type FileAsset ¶
type FileAsset struct { // Path to the file. Path string `yaml:"path"` }
FileAsset describes a file asset.
type ImageOptions ¶
type ImageOptions struct { // DiskSize is the size of the disk image (bytes). DiskSize int64 `yaml:"diskSize"` // DiskFormat is the format of the disk image: // * raw - raw disk image // * qcow2 - qcow2 disk image // * vhd - VPC disk image // * ova - VMWare disk image DiskFormat DiskFormat `yaml:"diskFormat,omitempty"` // DiskFormatOptions are additional options for the disk format DiskFormatOptions string `yaml:"diskFormatOptions,omitempty"` }
ImageOptions describes options for the 'image' output.
type Input ¶
type Input struct { // Kernel is a vmlinuz file. Kernel FileAsset `yaml:"kernel"` // Initramfs is a initramfs file (without system extensions). Initramfs FileAsset `yaml:"initramfs"` // SDStub is a sd-stub file (only for SecureBoot). SDStub FileAsset `yaml:"sdStub,omitempty"` // SDBoot is a sd-boot file (only for SecureBoot). SDBoot FileAsset `yaml:"sdBoot,omitempty"` // DTB is a path to the device tree blobs (arm64 only). DTB FileAsset `yaml:"dtb,omitempty"` // UBoot is a path to the u-boot binary (arm64 only). UBoot FileAsset `yaml:"uBoot,omitempty"` // RPiFirmware is a path to the Raspberry Pi firmware (arm64 only). RPiFirmware FileAsset `yaml:"rpiFirmware,omitempty"` // Base installer image to mutate. BaseInstaller ContainerAsset `yaml:"baseInstaller,omitempty"` // SecureBoot is a section with secureboot keys, only for SecureBoot enabled builds. SecureBoot *SecureBootAssets `yaml:"secureboot,omitempty"` // SystemExtensions is a list of system extensions to install. SystemExtensions []ContainerAsset `yaml:"systemExtensions,omitempty"` }
Input describes inputs for image generation.
func (*Input) FillDefaults ¶
FillDefaults fills default values for the input.
type OutFormat ¶
type OutFormat int
OutFormat is output format specification.
const ( OutFormatUnknown OutFormat = iota // unknown OutFormatRaw // raw OutFormatTar // .tar.gz OutFormatXZ // .xz OutFormatGZ // .gz )
OutFormat values.
func OutFormatString ¶
OutFormatString retrieves an enum value from the enum constants string name. Throws an error if the param is not part of the enum.
func OutFormatValues ¶
func OutFormatValues() []OutFormat
OutFormatValues returns all values of the enum
func (OutFormat) IsAOutFormat ¶
IsAOutFormat returns "true" if the value is listed in the enum definition. "false" otherwise
func (OutFormat) MarshalText ¶
MarshalText implements the encoding.TextMarshaler interface for OutFormat
func (*OutFormat) UnmarshalText ¶
UnmarshalText implements the encoding.TextUnmarshaler interface for OutFormat
type Output ¶
type Output struct { // Kind of the output: // * iso - ISO image // * image - disk image (Talos pre-installed) // * installer - installer container // * kernel - Linux kernel // * initramfs - initramfs image Kind OutputKind `yaml:"kind"` // Options for the 'image' output. ImageOptions *ImageOptions `yaml:"imageOptions,omitempty"` // OutFormat is the format for the output: // * raw - output raw file // * .tar.gz - output tar.gz archive // * .xz - output xz archive // * .gz - output gz archive OutFormat OutFormat `yaml:"outFormat"` }
Output describes image generation result.
type OutputKind ¶
type OutputKind int
OutputKind is output specification.
const ( OutKindUnknown OutputKind = iota // unknown OutKindISO // iso OutKindImage // image OutKindInstaller // installer OutKindKernel // kernel OutKindInitramfs // initramfs OutKindUKI // uki OutKindCmdline // cmdline )
OutputKind values.
func OutputKindString ¶
func OutputKindString(s string) (OutputKind, error)
OutputKindString retrieves an enum value from the enum constants string name. Throws an error if the param is not part of the enum.
func OutputKindValues ¶
func OutputKindValues() []OutputKind
OutputKindValues returns all values of the enum
func (OutputKind) IsAOutputKind ¶
func (i OutputKind) IsAOutputKind() bool
IsAOutputKind returns "true" if the value is listed in the enum definition. "false" otherwise
func (OutputKind) MarshalText ¶
func (i OutputKind) MarshalText() ([]byte, error)
MarshalText implements the encoding.TextMarshaler interface for OutputKind
func (OutputKind) String ¶
func (i OutputKind) String() string
func (*OutputKind) UnmarshalText ¶
func (i *OutputKind) UnmarshalText(text []byte) error
UnmarshalText implements the encoding.TextUnmarshaler interface for OutputKind
type Profile ¶
type Profile struct { // BaseProfileName is the profile name to inherit from. BaseProfileName string `yaml:"baseProfileName,omitempty"` // Architecture of the image: amd64 or arm64. Arch string `yaml:"arch"` // Platform name of the image: qemu, aws, gcp, etc. Platform string `yaml:"platform"` // Board name of the image: rpi4, etc. (only for metal image and arm64). Board string `yaml:"board,omitempty"` // SecureBoot enables SecureBoot (only for UEFI build). SecureBoot *bool `yaml:"secureboot"` // Version is Talos version. Version string `yaml:"version"` // Various customizations than can be applied to the image. Customization CustomizationProfile `yaml:"customization,omitempty"` // Input describes inputs for image generation. Input Input `yaml:"input"` // Output describes image generation result. Output Output `yaml:"output"` }
Profile describes image generation result.
func (*Profile) OutputPath ¶
OutputPath generates the output path for the profile.
func (*Profile) SecureBootEnabled ¶
SecureBootEnabled derefences SecureBoot.
type SecureBootAssets ¶
type SecureBootAssets struct { // SecureBoot signing key & cert. SecureBootSigner SigningKeyAndCertificate `yaml:"secureBootSigner"` // PCR signing key. PCRSigner SigningKey `yaml:"pcrSigner"` // Optional, auto-enrollment paths. PlatformKeyPath string `yaml:"platformKeyPath,omitempty"` KeyExchangeKeyPath string `yaml:"keyExchangeKeyPath,omitempty"` SignatureKeyPath string `yaml:"signatureKeyPath,omitempty"` }
SecureBootAssets describes secureboot assets.
type SigningKey ¶ added in v1.6.0
type SigningKey struct { // File-based: KeyPath string `yaml:"keyPath,omitempty"` // Azure: // // AzureKeyVersion might be left empty to use the latest key version. AzureVaultURL string `yaml:"azureVaultURL,omitempty"` AzureKeyID string `yaml:"azureKeyID,omitempty"` AzureKeyVersion string `yaml:"azureKeyVersion,omitempty"` }
SigningKey describes a signing key.
type SigningKeyAndCertificate ¶ added in v1.6.0
type SigningKeyAndCertificate struct { // File-based: KeyPath string `yaml:"keyPath,omitempty"` CertPath string `yaml:"certPath,omitempty"` // Azure: AzureVaultURL string `yaml:"azureVaultURL,omitempty"` AzureCertificateID string `yaml:"azureCertificateID,omitempty"` }
SigningKeyAndCertificate describes a signing key & certificate.
func (SigningKeyAndCertificate) GetSigner ¶ added in v1.6.0
func (keyAndCert SigningKeyAndCertificate) GetSigner(ctx context.Context) (pesign.CertificateSigner, error)
GetSigner returns the signer.
Source Files ¶
Directories ¶
Path | Synopsis |
---|---|
internal
|
|
signer/azure
Package azure implements SecureBoot/PCR signers via Azure Key Vault.
|
Package azure implements SecureBoot/PCR signers via Azure Key Vault. |
signer/file
Package file implements SecureBoot/PCR signers via plain filesystem files.
|
Package file implements SecureBoot/PCR signers via plain filesystem files. |