Showing preview only (955K chars total). Download the full file or copy to clipboard to get everything.
Repository: siderolabs/terraform-provider-talos
Branch: main
Commit: d69608163e7a
Files: 121
Total size: 907.6 KB
Directory structure:
gitextract_jyyl2tb2/
├── .conform.yaml
├── .github/
│ ├── renovate.json
│ └── workflows/
│ ├── acceptance-tests.yaml
│ ├── pull-request.yaml
│ ├── release.yml
│ └── slack-notify.yaml
├── .gitignore
├── .golangci.yml
├── .goreleaser.yml
├── .vscode/
│ └── launch.json
├── CHANGELOG.md
├── LICENSE
├── Makefile
├── README.md
├── docs/
│ ├── data-sources/
│ │ ├── client_configuration.md
│ │ ├── cluster_health.md
│ │ ├── cluster_kubeconfig.md
│ │ ├── image_factory_extensions_versions.md
│ │ ├── image_factory_overlays_versions.md
│ │ ├── image_factory_urls.md
│ │ ├── image_factory_versions.md
│ │ ├── machine_configuration.md
│ │ └── machine_disks.md
│ ├── ephemeral-resources/
│ │ ├── client_configuration.md
│ │ ├── cluster_health.md
│ │ ├── cluster_kubeconfig.md
│ │ ├── machine_configuration.md
│ │ └── machine_secrets.md
│ ├── guides/
│ │ ├── using_ephemeral_resources.md
│ │ └── version-0.2-upgrade.html.md
│ ├── index.md
│ └── resources/
│ ├── cluster_kubeconfig.md
│ ├── image_factory_schematic.md
│ ├── machine_bootstrap.md
│ ├── machine_configuration_apply.md
│ └── machine_secrets.md
├── examples/
│ ├── README.md
│ ├── data-sources/
│ │ ├── talos_client_configuration/
│ │ │ └── data-source.tf
│ │ ├── talos_cluster_kubeconfig/
│ │ │ └── data-source.tf
│ │ ├── talos_image_factory_extensions_versions/
│ │ │ └── data-source.tf
│ │ ├── talos_image_factory_overlays_versions/
│ │ │ └── data-source.tf
│ │ ├── talos_image_factory_urls/
│ │ │ └── data-source.tf
│ │ ├── talos_image_factory_versions/
│ │ │ └── data-source.tf
│ │ ├── talos_machine_configuration/
│ │ │ └── data-source.tf
│ │ └── talos_machine_disks/
│ │ └── data-source.tf
│ ├── ephemeral-resources/
│ │ ├── README.md
│ │ ├── basic/
│ │ │ ├── README.md
│ │ │ └── main.tf
│ │ └── talos_cluster_kubeconfig/
│ │ └── ephemeral-resource.tf
│ └── resources/
│ ├── talos_cluster_kubeconfig/
│ │ └── resource.tf
│ ├── talos_image_factory_schematic/
│ │ └── resource.tf
│ ├── talos_machine_bootstrap/
│ │ ├── import.sh
│ │ └── resource.tf
│ ├── talos_machine_configuration_apply/
│ │ └── resource.tf
│ └── talos_machine_secrets/
│ ├── import.sh
│ └── resource.tf
├── go.mod
├── go.sum
├── hack/
│ ├── release.sh
│ └── release.toml
├── main.go
├── pkg/
│ └── talos/
│ ├── client_configuration_test.go
│ ├── generate_kubeconfig_test.go
│ ├── internal/
│ │ └── gen/
│ │ └── diskspec.go
│ ├── provider.go
│ ├── provider_test.go
│ ├── rfc6979.go
│ ├── rfc6979_test.go
│ ├── talos_client_configuration_data_source.go
│ ├── talos_client_configuration_data_source_test.go
│ ├── talos_client_configuration_ephemeral_resource.go
│ ├── talos_client_configuration_ephemeral_resource_test.go
│ ├── talos_cluster_health_data_source.go
│ ├── talos_cluster_health_data_source_test.go
│ ├── talos_cluster_health_ephemeral_resource.go
│ ├── talos_cluster_kubeconfig_data_source.go
│ ├── talos_cluster_kubeconfig_ephemeral_resource.go
│ ├── talos_cluster_kubeconfig_ephemeral_resource_test.go
│ ├── talos_cluster_kubeconfig_resource.go
│ ├── talos_cluster_kubeconfig_resource_test.go
│ ├── talos_image_factory_extensions_versions_data_source.go
│ ├── talos_image_factory_extensions_versions_data_source_test.go
│ ├── talos_image_factory_overlays_versions_data_source.go
│ ├── talos_image_factory_overlays_versions_data_source_test.go
│ ├── talos_image_factory_schematic_resource.go
│ ├── talos_image_factory_schematic_resource_test.go
│ ├── talos_image_factory_urls_data_source.go
│ ├── talos_image_factory_urls_data_source_test.go
│ ├── talos_image_factory_versions_data_source.go
│ ├── talos_image_factory_versions_data_source_test.go
│ ├── talos_machine_bootstrap_resource.go
│ ├── talos_machine_bootstrap_resource_test.go
│ ├── talos_machine_configuration_apply_resource.go
│ ├── talos_machine_configuration_apply_resource_test.go
│ ├── talos_machine_configuration_data_source.go
│ ├── talos_machine_configuration_data_source_test.go
│ ├── talos_machine_configuration_ephemeral_resource.go
│ ├── talos_machine_configuration_ephemeral_resource_test.go
│ ├── talos_machine_disks_data_source.go
│ ├── talos_machine_disks_data_source_test.go
│ ├── talos_machine_disks_data_source_types.go
│ ├── talos_machine_secrets_ephemeral_resource.go
│ ├── talos_machine_secrets_ephemeral_resource_test.go
│ ├── talos_machine_secrets_resource.go
│ ├── talos_machine_secrets_resource_test.go
│ ├── testdata/
│ │ ├── patch-invalid.yaml
│ │ ├── patch-strategic.yaml
│ │ ├── secrets.yaml
│ │ └── secretsv1.2.yaml
│ └── util.go
├── templates/
│ ├── data-sources/
│ │ ├── machine_configuration.md.tmpl
│ │ └── machine_disks.md.tmpl
│ ├── ephemeral-resources/
│ │ └── machine_configuration.md.tmpl
│ ├── guides/
│ │ ├── using_ephemeral_resources.md
│ │ └── version-0.2-upgrade.html.md
│ ├── index.md.tmpl
│ └── resources.md.tmpl
├── terraform-registry-manifest.json
├── tools/
│ ├── go.mod
│ └── go.sum
└── tools.go
================================================
FILE CONTENTS
================================================
================================================
FILE: .conform.yaml
================================================
# THIS FILE WAS AUTOMATICALLY GENERATED, PLEASE DO NOT EDIT.
#
# Generated on 2022-03-23T19:45:28Z by kres latest.
---
policies:
- type: commit
spec:
dco: true
gpg:
required: true
identity:
gitHubOrganization: siderolabs
spellcheck:
locale: US
maximumOfOneCommit: true
header:
length: 89
imperative: true
case: lower
invalidLastCharacters: .
body:
required: true
conventional:
types: ["chore","docs","perf","refactor","style","test","release"]
scopes: [".*"]
================================================
FILE: .github/renovate.json
================================================
{
"$schema": "https://docs.renovatebot.com/renovate-schema.json",
"extends": [
":semanticCommitScopeDisabled",
"schedule:earlyMondays"
],
"packageRules": [
{
"matchDatasources": [
"go",
"golang-version"
],
"groupName": "go packages",
"matchPackageNames": [
"*"
]
}
],
"dependencyDashboard": true
}
================================================
FILE: .github/workflows/acceptance-tests.yaml
================================================
name: acceptance-tests
concurrency:
group: ${{ github.head_ref || github.run_id }}
cancel-in-progress: true
on:
pull_request:
paths:
- 'go.mod'
- 'go.sum'
- '**.go'
jobs:
acc-tests:
if: (!startsWith(github.head_ref, 'renovate/') && !startsWith(github.head_ref, 'dependabot/'))
runs-on:
group: large
env:
GOTOOLCHAIN: local
steps:
- name: Checkout
uses: actions/checkout@v4
- name: Set up Go
uses: actions/setup-go@v5
with:
go-version-file: 'go.mod'
cache: true
- name: Set up Terraform
uses: hashicorp/setup-terraform@v3
with:
terraform_wrapper: false
- name: Set up libvirt
env:
LIBVIRT_DEFAULT_URI: qemu:///system
run: |
sudo apt-get update
sudo apt-get install -y \
bridge-utils \
dnsmasq-base \
libvirt-daemon-system \
qemu-utils \
qemu-block-extra \
ovmf
sudo ln -s OVMF_VARS_4M.fd /usr/share/OVMF/OVMF_VARS.fd
sudo ln -s OVMF_CODE_4M.fd /usr/share/OVMF/OVMF_CODE.fd
sudo virtlockd -d
sudo virtlogd -d
sudo libvirtd -d
echo -e "<pool type='dir'>\n<name>default</name>\n<target>\n<path>/pool-default</path>\n</target>\n</pool>" > pool.xml
sudo mkdir /pool-default
sudo chmod a+rwx /pool-default
sudo virsh pool-define pool.xml
sudo virsh pool-start default
echo 'security_driver = "none"' | sudo tee --append /etc/libvirt/qemu.conf
cat <<EOF > net.xml
<network>
<name>default</name>
<bridge name='virbr0'/>
<mtu size="1350"/>
<forward/>
<ip address='192.168.122.1' netmask='255.255.255.0'>
<dhcp>
<range start='192.168.122.2' end='192.168.122.254'/>
</dhcp>
</ip>
</network>
EOF
sudo virsh net-destroy default
sudo virsh net-undefine default
sudo virsh net-create net.xml
- name: acceptance-test
env:
TERRAFORM_LIBVIRT_TEST_DOMAIN_TYPE: qemu
LIBVIRT_DEFAULT_URI: qemu:///system
CI: "true"
run: |
make testacc
================================================
FILE: .github/workflows/pull-request.yaml
================================================
name: check-dirty
on:
pull_request:
jobs:
check-dirty:
if: (!startsWith(github.head_ref, 'renovate/') && !startsWith(github.head_ref, 'dependabot/'))
runs-on:
group: generic
env:
GOTOOLCHAIN: local
steps:
- name: Checkout
uses: actions/checkout@v4
- name: Set up Go
uses: actions/setup-go@v5
with:
go-version-file: 'go.mod'
cache: true
- name: Go vulnerability check
run: make go-vulncheck
- name: Set up Terraform
uses: hashicorp/setup-terraform@v3
with:
terraform_wrapper: false
- name: dirty-check
run: |
make check-dirty
- name: golangci-lint
uses: golangci/golangci-lint-action@v8
================================================
FILE: .github/workflows/release.yml
================================================
# This GitHub action can publish assets for release when a tag is created.
# Currently its setup to run on any tag that matches the pattern "v*" (ie. v0.1.0).
#
# This uses an action (hashicorp/ghaction-import-gpg) that assumes you set your
# private key in the `GPG_PRIVATE_KEY` secret and passphrase in the `PASSPHRASE`
# secret. If you would rather own your own GPG handling, please fork this action
# or use an alternative one for key handling.
#
# You will need to pass the `--batch` flag to `gpg` in your signing step
# in `goreleaser` to indicate this is being used in a non-interactive mode.
#
name: release
on:
push:
tags:
- 'v*'
permissions:
contents: write
jobs:
goreleaser:
runs-on:
group: generic
steps:
- name: Checkout
uses: actions/checkout@v4
- name: Unshallow
run: git fetch --prune --unshallow
- name: Set up Go
uses: actions/setup-go@v5
with:
go-version-file: 'go.mod'
cache: true
- name: Import GPG key
uses: crazy-max/ghaction-import-gpg@v6
id: import_gpg
with:
gpg_private_key: ${{ secrets.GPG_PRIVATE_KEY }}
passphrase: ${{ secrets.PASSPHRASE }}
- name: release-notes
run: make release-notes
- name: Generate SBOM
run: make sbom
- name: Run GoReleaser
uses: goreleaser/goreleaser-action@v6
with:
version: latest
args: release --clean --release-notes=_out/RELEASE_NOTES.md
env:
GPG_FINGERPRINT: ${{ steps.import_gpg.outputs.fingerprint }}
# GitHub sets this automatically
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
================================================
FILE: .github/workflows/slack-notify.yaml
================================================
name: slack-notify
"on":
workflow_run:
workflows:
- check-dirty
- acceptance-tests
- release
types:
- completed
jobs:
slack-notify:
runs-on:
group: generic
if: github.event.workflow_run.conclusion != 'skipped'
steps:
- name: Get PR number
id: get-pr-number
if: github.event.workflow_run.event == 'pull_request'
env:
GH_TOKEN: ${{ github.token }}
run: |
echo pull_request_number=$(gh pr view -R ${{ github.repository }} ${{ github.event.workflow_run.head_repository.owner.login }}:${{ github.event.workflow_run.head_branch }} --json number --jq .number) >> $GITHUB_OUTPUT
- name: Slack Notify
uses: slackapi/slack-github-action@v2
with:
method: chat.postMessage
payload: |
{
"channel": "proj-talos-maintainers",
"attachments": [
{
"color": "${{ github.event.workflow_run.conclusion == 'success' && '#2EB886' || github.event.workflow_run.conclusion == 'failure' && '#A30002' || '#FFCC00' }}",
"fallback": "test",
"blocks": [
{
"type": "section",
"fields": [
{
"type": "mrkdwn",
"text": "${{ github.event.workflow_run.event == 'pull_request' && format('*Pull Request:* {0} (`{1}`)\n<{2}/pull/{3}|{4}>', github.repository, github.ref_name, github.event.repository.html_url, steps.get-pr-number.outputs.pull_request_number, github.event.workflow_run.display_title) || format('*Build:* {0} (`{1}`)\n<{2}/commit/{3}|{4}>', github.repository, github.ref_name, github.event.repository.html_url, github.sha, github.event.workflow_run.display_title) }}"
},
{
"type": "mrkdwn",
"text": "*Status:*\n`${{ github.event.workflow_run.conclusion }}`"
}
]
},
{
"type": "section",
"fields": [
{
"type": "mrkdwn",
"text": "*Author:*\n`${{ github.actor }}`"
},
{
"type": "mrkdwn",
"text": "*Event:*\n`${{ github.event.workflow_run.event }}`"
}
]
},
{
"type": "divider"
},
{
"type": "actions",
"elements": [
{
"type": "button",
"text": {
"type": "plain_text",
"text": "Logs"
},
"url": "${{ github.event.workflow_run.html_url }}"
},
{
"type": "button",
"text": {
"type": "plain_text",
"text": "Commit"
},
"url": "${{ github.event.repository.html_url }}/commit/${{ github.sha }}"
}
]
}
]
}
]
}
token: ${{ secrets.SLACK_BOT_TOKEN }}
================================================
FILE: .gitignore
================================================
dist
terraform-provider-talos
_out
### Terraform ###
# Local .terraform directories
**/.terraform/*
# .tfstate files
*.tfstate
*.tfstate.*
# Crash log files
crash.*.log
# Exclude all .tfvars files, which are likely to contain sensitive data, such as
# password, private keys, and other secrets. These should not be part of version
# control as they are data points which are potentially sensitive and subject
# to change depending on the environment.
#*.tfvars
#*.tfvars.json
# Ignore override files as they are usually used to override resources locally and so
# are not checked in
override.tf
override.tf.json
*_override.tf
*_override.tf.json
# Include override files you do wish to add to version control using negated pattern
# !example_override.tf
# Include tfplan files to ignore the plan output of command: terraform plan -out=tfplan
# example: *tfplan*
# Ignore CLI configuration files
.terraformrc
terraform.rc
================================================
FILE: .golangci.yml
================================================
# THIS FILE WAS AUTOMATICALLY GENERATED, PLEASE DO NOT EDIT.
#
# Generated on 2025-07-11T15:25:51Z by kres 9b39fa4b-dirty.
version: "2"
# options for analysis running
run:
modules-download-mode: readonly
issues-exit-code: 1
tests: true
# output configuration options
output:
formats:
text:
path: stdout
print-issued-lines: true
print-linter-name: true
path-prefix: ""
linters:
default: all
disable:
- exhaustruct
- err113
- forbidigo
- funcorder
- funlen
- gochecknoglobals
- gochecknoinits
- godox
- gomoddirectives
- gosec
- inamedparam
- ireturn
- mnd
- nestif
- nonamedreturns
- paralleltest
- tagalign
- tagliatelle
- thelper
- varnamelen
- wrapcheck
- testifylint # complains about our assert recorder and has a number of false positives for assert.Greater(t, thing, 1)
- protogetter # complains about us using Value field on typed spec, instead of GetValue which has a different signature
- perfsprint # complains about us using fmt.Sprintf in non-performance critical code, updating just kres took too long
- musttag # seems to be broken - goes into imported libraries and reports issues there
- nolintlint # gives false positives - disable until https://github.com/golangci/golangci-lint/issues/3228 is resolved
- wsl # replaced by wsl_v5
- noinlineerr
- embeddedstructfieldcheck # fighting in many places with fieldalignment
# all available settings of specific linters
settings:
cyclop:
# the maximal code complexity to report
max-complexity: 20
dogsled:
max-blank-identifiers: 2
dupl:
threshold: 150
errcheck:
check-type-assertions: true
check-blank: true
exhaustive:
default-signifies-exhaustive: false
gocognit:
min-complexity: 30
nestif:
min-complexity: 5
goconst:
min-len: 3
min-occurrences: 3
gocritic:
disabled-checks: [ ]
gocyclo:
min-complexity: 20
godot:
scope: declarations
gomodguard: { }
govet:
enable-all: true
lll:
line-length: 200
tab-width: 4
misspell:
locale: US
nakedret:
max-func-lines: 30
prealloc:
simple: true
range-loops: true # Report preallocation suggestions on range loops, true by default
for-loops: false # Report preallocation suggestions on for loops, false by default
revive:
rules:
- name: var-naming # Complains about package names like "common"
disabled: true
rowserrcheck: { }
testpackage: { }
unparam:
check-exported: false
unused:
local-variables-are-used: false
whitespace:
multi-if: false # Enforces newlines (or comments) after every multi-line if statement
multi-func: false # Enforces newlines (or comments) after every multi-line function signature
wsl:
strict-append: true
allow-assign-and-call: true
allow-multiline-assign: true
allow-trailing-comment: false
force-case-trailing-whitespace: 0
allow-separated-leading-comment: false
allow-cuddle-declarations: false
force-err-cuddling: false
depguard:
rules:
prevent_unmaintained_packages:
list-mode: lax # allow unless explicitly denied
files:
- $all
deny:
- pkg: io/ioutil
desc: "replaced by io and os packages since Go 1.16: https://tip.golang.org/doc/go1.16#ioutil"
test_kres_depguard_extra_rule_1:
deny:
- desc: Test rule 1
pkg: io/ioutil
files:
- test_1.go
list-mode: lax
test_kres_depguard_extra_rule_2:
deny:
- desc: Test rule 2
pkg: io/ioutil
files:
- test_2.go
list-mode: lax
exclusions:
generated: lax
paths:
- third_party$
- builtin$
- examples$
issues:
max-issues-per-linter: 10
max-same-issues: 3
uniq-by-line: true
new: false
severity:
default: error
formatters:
enable:
- gci
- gofmt
- gofumpt
settings:
gci:
sections:
- standard
- default
- localmodule
gofmt:
simplify: true
gofumpt:
extra-rules: false
exclusions:
generated: lax
paths:
- third_party$
- builtin$
- examples$
================================================
FILE: .goreleaser.yml
================================================
# Visit https://goreleaser.com for documentation on how to customize this
# behavior.
version: 2
before:
hooks:
# this is just an example and not a requirement for provider building/publishing
- go mod tidy
builds:
- env:
# goreleaser does not work with CGO, it could also complicate
# usage by users in CI/CD systems like Terraform Cloud where
# they are unable to install libraries.
- CGO_ENABLED=0
mod_timestamp: '{{ .CommitTimestamp }}'
flags:
- -trimpath
ldflags:
- '-s -w -X main.version={{.Version}} -X main.commit={{.Commit}}'
goos:
- freebsd
- windows
- linux
- darwin
goarch:
- amd64
- '386'
- arm
- arm64
ignore:
- goos: darwin
goarch: '386'
- goos: windows
goarch: arm
binary: '{{ .ProjectName }}_v{{ .Version }}'
archives:
- formats: ['zip']
name_template: '{{ .ProjectName }}_{{ .Version }}_{{ .Os }}_{{ .Arch }}'
checksum:
extra_files:
- glob: 'terraform-registry-manifest.json'
name_template: '{{ .ProjectName }}_{{ .Version }}_manifest.json'
name_template: '{{ .ProjectName }}_{{ .Version }}_SHA256SUMS'
algorithm: sha256
signs:
- artifacts: checksum
args:
# if you are using this in a GitHub action or some other automated pipeline, you
# need to pass the batch flag to indicate its not interactive.
- "--batch"
- "--local-user"
- "{{ .Env.GPG_FINGERPRINT }}" # set this environment variable for your signing key
- "--output"
- "${signature}"
- "--detach-sign"
- "${artifact}"
release:
extra_files:
- glob: 'terraform-registry-manifest.json'
name_template: '{{ .ProjectName }}_{{ .Version }}_manifest.json'
- glob: '_out/sbom.*.json'
# If you want to manually examine the release before its live, uncomment this line:
# draft: true
changelog:
disable: false
================================================
FILE: .vscode/launch.json
================================================
{
"version": "0.2.0",
"configurations": [
{
"name": "Debug Talos Terraform Provider",
"type": "go",
"request": "launch",
"mode": "debug",
// this assumes your workspace is the root of the repo
"program": "${workspaceFolder}",
"env": {},
"args": [
"-debug",
]
}
]
}
================================================
FILE: CHANGELOG.md
================================================
## [terraform-provider-talos 0.11.0](https://github.com/siderolabs/terraform-provider-talos/releases/tag/v0.11.0) (2026-04-27)
Welcome to the v0.11.0 release of terraform-provider-talos!
Please try out the release binaries and report any issues at
https://github.com/siderolabs/terraform-provider-talos/issues.
### ephemeral resources
New ephemeral resources are added, please see docs.
### Component Updates
Talos sdk: v1.13.0
### Contributors
* Noel Georgi
* Mickaël Canévet
* Nikita COEUR
* Dennis Witt
* Nahue
* purajit
### Changes
<details><summary>20 commits</summary>
<p>
* [`1c68732`](https://github.com/siderolabs/terraform-provider-talos/commit/1c68732ad71c09fbb0c425bafc26002348daa9ed) release(v0.11.0): prepare release
* [`b5affe3`](https://github.com/siderolabs/terraform-provider-talos/commit/b5affe3b5259e9ca69492090a9a632203f34ad34) fix(docs): update talos_version description
* [`ce4ede8`](https://github.com/siderolabs/terraform-provider-talos/commit/ce4ede85cc3d8a6cc5285c86f5a98b464666cc9c) fix: handle unknown-whole-list config_patches on machine_configuration_apply
* [`000a3ec`](https://github.com/siderolabs/terraform-provider-talos/commit/000a3ec9946024587d4389e8c2a4463c6c53cf83) fix(ephemeral): detect machine_configuration_input_wo changes via hash
* [`032a5ac`](https://github.com/siderolabs/terraform-provider-talos/commit/032a5ac6c75bbcd6e2d0f099bbbf500651d224a7) chore: bump deps
* [`7b6a3e4`](https://github.com/siderolabs/terraform-provider-talos/commit/7b6a3e408457faa6c54b951791d6a8b3a7146d9c) fix: prevent empty resolved_apply_mode when reusing state
* [`f427339`](https://github.com/siderolabs/terraform-provider-talos/commit/f4273395931496053d5e5c70b7c78b3f9c7bf652) release(v0.11.0-beta.2): prepare release
* [`6ed1274`](https://github.com/siderolabs/terraform-provider-talos/commit/6ed1274cd7276b3f46465e2c7cc712ccb651c99f) feat: add sboms to release
* [`4729352`](https://github.com/siderolabs/terraform-provider-talos/commit/4729352f7228f1f5454b0999798b5443ab15685e) feat(ephemeral): rewrite talos_cluster_kubeconfig to generate from machine_secrets
* [`4992c4a`](https://github.com/siderolabs/terraform-provider-talos/commit/4992c4af6d23f3e0faf7fa9d58c5ccc46810ad2d) fix(ephemeral): rewrite talos_client_configuration to generate from machine_secrets
* [`4c8def5`](https://github.com/siderolabs/terraform-provider-talos/commit/4c8def55f9ae57e5fefcaef83aab6e7a90557c1d) release(v0.11.0-beta.1): prepare release
* [`01330a9`](https://github.com/siderolabs/terraform-provider-talos/commit/01330a9d19a2a27ed79fd78c6cd1623012f61d09) chore: update goreleaser schema
* [`1585aed`](https://github.com/siderolabs/terraform-provider-talos/commit/1585aed51fcde7e158d45afa0be78f084693d396) fix: remove unsupported windows/arm build target for Go 1.25
* [`d7bb719`](https://github.com/siderolabs/terraform-provider-talos/commit/d7bb7199c1a212431339d634b905c3b9b21d0a3f) release(v0.11.0-beta.0): prepare release
* [`09f6c83`](https://github.com/siderolabs/terraform-provider-talos/commit/09f6c838e7430de02f62a1b968f425e0b2be4e0d) fix: restore correct skip_kubernetes_checks behavior
* [`eaedcfd`](https://github.com/siderolabs/terraform-provider-talos/commit/eaedcfdda3e7e3193e3d23231673ef676f575ae5) chore: bump deps
* [`f4d673f`](https://github.com/siderolabs/terraform-provider-talos/commit/f4d673f0851f25c5e15ef8ac9bd6fc12310ab2d5) feat: add ephemeral resources to prevent secrets from leaking to state
* [`5f07e0f`](https://github.com/siderolabs/terraform-provider-talos/commit/5f07e0f6043687b2dc475aeb16d489968a2dd2c5) feat: add staged_if_needing_reboot apply mode for automatic reboot prevention
* [`c8e3b87`](https://github.com/siderolabs/terraform-provider-talos/commit/c8e3b87002418699bf33a2b437f7ff59aa6c70ad) feat: add exact_filters attribute to talos_image_factory_extensions_versions
* [`efe146e`](https://github.com/siderolabs/terraform-provider-talos/commit/efe146e512fb22dd1012849fce098256115961a4) fix: gracefully handle Unknown config_patches values
</p>
</details>
### Changes since v0.11.0-beta.2
<details><summary>6 commits</summary>
<p>
* [`1c68732`](https://github.com/siderolabs/terraform-provider-talos/commit/1c68732ad71c09fbb0c425bafc26002348daa9ed) release(v0.11.0): prepare release
* [`b5affe3`](https://github.com/siderolabs/terraform-provider-talos/commit/b5affe3b5259e9ca69492090a9a632203f34ad34) fix(docs): update talos_version description
* [`ce4ede8`](https://github.com/siderolabs/terraform-provider-talos/commit/ce4ede85cc3d8a6cc5285c86f5a98b464666cc9c) fix: handle unknown-whole-list config_patches on machine_configuration_apply
* [`000a3ec`](https://github.com/siderolabs/terraform-provider-talos/commit/000a3ec9946024587d4389e8c2a4463c6c53cf83) fix(ephemeral): detect machine_configuration_input_wo changes via hash
* [`032a5ac`](https://github.com/siderolabs/terraform-provider-talos/commit/032a5ac6c75bbcd6e2d0f099bbbf500651d224a7) chore: bump deps
* [`7b6a3e4`](https://github.com/siderolabs/terraform-provider-talos/commit/7b6a3e408457faa6c54b951791d6a8b3a7146d9c) fix: prevent empty resolved_apply_mode when reusing state
</p>
</details>
### Dependency Changes
* **github.com/hashicorp/terraform-plugin-framework** v1.17.0 -> v1.19.0
* **github.com/hashicorp/terraform-plugin-go** v0.29.0 -> v0.31.0
* **github.com/hashicorp/terraform-plugin-sdk/v2** v2.38.1 -> v2.40.0
* **github.com/hashicorp/terraform-plugin-testing** v1.14.0 -> v1.15.0
* **github.com/siderolabs/crypto** v0.6.4 -> v0.6.5
* **github.com/siderolabs/image-factory** v0.9.0 -> v1.1.0
* **github.com/siderolabs/talos** v1.12.0 -> v1.13.0
* **github.com/siderolabs/talos/pkg/machinery** v1.12.0 -> v1.13.0
* **go.yaml.in/yaml/v4** v4.0.0-rc.3 -> v4.0.0-rc.4
* **golang.org/x/crypto** v0.50.0 **_new_**
* **golang.org/x/mod** v0.31.0 -> v0.35.0
* **k8s.io/client-go** v0.35.0 -> v0.35.4
Previous release can be found at [v0.10.1](https://github.com/siderolabs/terraform-provider-talos/releases/tag/v0.10.1)
## [terraform-provider-talos 0.11.0-beta.2](https://github.com/siderolabs/terraform-provider-talos/releases/tag/v0.11.0-beta.2) (2026-03-31)
Welcome to the v0.11.0-beta.2 release of terraform-provider-talos!
*This is a pre-release of terraform-provider-talos*
Please try out the release binaries and report any issues at
https://github.com/siderolabs/terraform-provider-talos/issues.
### ephemeral resources
New ephemeral resources are added, please see docs.
### Component Updates
Talos sdk: v1.13.0-beta.1
### Contributors
* Mickaël Canévet
* Noel Georgi
* Dennis Witt
* Nikita COEUR
* purajit
### Changes
<details><summary>13 commits</summary>
<p>
* [`6ed1274`](https://github.com/siderolabs/terraform-provider-talos/commit/6ed1274cd7276b3f46465e2c7cc712ccb651c99f) feat: add sboms to release
* [`4729352`](https://github.com/siderolabs/terraform-provider-talos/commit/4729352f7228f1f5454b0999798b5443ab15685e) feat(ephemeral): rewrite talos_cluster_kubeconfig to generate from machine_secrets
* [`4992c4a`](https://github.com/siderolabs/terraform-provider-talos/commit/4992c4af6d23f3e0faf7fa9d58c5ccc46810ad2d) fix(ephemeral): rewrite talos_client_configuration to generate from machine_secrets
* [`4c8def5`](https://github.com/siderolabs/terraform-provider-talos/commit/4c8def55f9ae57e5fefcaef83aab6e7a90557c1d) release(v0.11.0-beta.1): prepare release
* [`01330a9`](https://github.com/siderolabs/terraform-provider-talos/commit/01330a9d19a2a27ed79fd78c6cd1623012f61d09) chore: update goreleaser schema
* [`1585aed`](https://github.com/siderolabs/terraform-provider-talos/commit/1585aed51fcde7e158d45afa0be78f084693d396) fix: remove unsupported windows/arm build target for Go 1.25
* [`d7bb719`](https://github.com/siderolabs/terraform-provider-talos/commit/d7bb7199c1a212431339d634b905c3b9b21d0a3f) release(v0.11.0-beta.0): prepare release
* [`09f6c83`](https://github.com/siderolabs/terraform-provider-talos/commit/09f6c838e7430de02f62a1b968f425e0b2be4e0d) fix: restore correct skip_kubernetes_checks behavior
* [`eaedcfd`](https://github.com/siderolabs/terraform-provider-talos/commit/eaedcfdda3e7e3193e3d23231673ef676f575ae5) chore: bump deps
* [`f4d673f`](https://github.com/siderolabs/terraform-provider-talos/commit/f4d673f0851f25c5e15ef8ac9bd6fc12310ab2d5) feat: add ephemeral resources to prevent secrets from leaking to state
* [`5f07e0f`](https://github.com/siderolabs/terraform-provider-talos/commit/5f07e0f6043687b2dc475aeb16d489968a2dd2c5) feat: add staged_if_needing_reboot apply mode for automatic reboot prevention
* [`c8e3b87`](https://github.com/siderolabs/terraform-provider-talos/commit/c8e3b87002418699bf33a2b437f7ff59aa6c70ad) feat: add exact_filters attribute to talos_image_factory_extensions_versions
* [`efe146e`](https://github.com/siderolabs/terraform-provider-talos/commit/efe146e512fb22dd1012849fce098256115961a4) fix: gracefully handle Unknown config_patches values
</p>
</details>
### Changes since v0.11.0-beta.1
<details><summary>3 commits</summary>
<p>
* [`6ed1274`](https://github.com/siderolabs/terraform-provider-talos/commit/6ed1274cd7276b3f46465e2c7cc712ccb651c99f) feat: add sboms to release
* [`4729352`](https://github.com/siderolabs/terraform-provider-talos/commit/4729352f7228f1f5454b0999798b5443ab15685e) feat(ephemeral): rewrite talos_cluster_kubeconfig to generate from machine_secrets
* [`4992c4a`](https://github.com/siderolabs/terraform-provider-talos/commit/4992c4af6d23f3e0faf7fa9d58c5ccc46810ad2d) fix(ephemeral): rewrite talos_client_configuration to generate from machine_secrets
</p>
</details>
### Dependency Changes
* **github.com/hashicorp/terraform-plugin-framework** v1.17.0 -> v1.19.0
* **github.com/hashicorp/terraform-plugin-go** v0.29.0 -> v0.31.0
* **github.com/hashicorp/terraform-plugin-sdk/v2** v2.38.1 -> v2.40.0
* **github.com/hashicorp/terraform-plugin-testing** v1.14.0 -> v1.15.0
* **github.com/siderolabs/image-factory** v0.9.0 -> v1.0.3
* **github.com/siderolabs/talos** v1.12.0 -> v1.13.0-beta.1
* **github.com/siderolabs/talos/pkg/machinery** v1.12.0 -> v1.13.0-beta.1
* **go.yaml.in/yaml/v4** v4.0.0-rc.3 -> v4.0.0-rc.4
* **golang.org/x/crypto** v0.49.0 **_new_**
* **golang.org/x/mod** v0.31.0 -> v0.34.0
* **k8s.io/client-go** v0.35.0 -> v0.35.3
Previous release can be found at [v0.10.1](https://github.com/siderolabs/terraform-provider-talos/releases/tag/v0.10.1)
## [terraform-provider-talos 0.11.0-beta.1](https://github.com/siderolabs/terraform-provider-talos/releases/tag/v0.11.0-beta.1) (2026-02-27)
Welcome to the v0.11.0-beta.1 release of terraform-provider-talos!
*This is a pre-release of terraform-provider-talos*
Please try out the release binaries and report any issues at
https://github.com/siderolabs/terraform-provider-talos/issues.
### ephemeral resources
New ephemeral resources are added, please see docs.
### Component Updates
Talos sdk: v1.13.0-alpha.1
### Contributors
* Mickaël Canévet
* Noel Georgi
* Dennis Witt
* Nikita COEUR
* purajit
### Changes
<details><summary>9 commits</summary>
<p>
* [`01330a9`](https://github.com/siderolabs/terraform-provider-talos/commit/01330a9d19a2a27ed79fd78c6cd1623012f61d09) chore: update goreleaser schema
* [`1585aed`](https://github.com/siderolabs/terraform-provider-talos/commit/1585aed51fcde7e158d45afa0be78f084693d396) fix: remove unsupported windows/arm build target for Go 1.25
* [`d7bb719`](https://github.com/siderolabs/terraform-provider-talos/commit/d7bb7199c1a212431339d634b905c3b9b21d0a3f) release(v0.11.0-beta.0): prepare release
* [`09f6c83`](https://github.com/siderolabs/terraform-provider-talos/commit/09f6c838e7430de02f62a1b968f425e0b2be4e0d) fix: restore correct skip_kubernetes_checks behavior
* [`eaedcfd`](https://github.com/siderolabs/terraform-provider-talos/commit/eaedcfdda3e7e3193e3d23231673ef676f575ae5) chore: bump deps
* [`f4d673f`](https://github.com/siderolabs/terraform-provider-talos/commit/f4d673f0851f25c5e15ef8ac9bd6fc12310ab2d5) feat: add ephemeral resources to prevent secrets from leaking to state
* [`5f07e0f`](https://github.com/siderolabs/terraform-provider-talos/commit/5f07e0f6043687b2dc475aeb16d489968a2dd2c5) feat: add staged_if_needing_reboot apply mode for automatic reboot prevention
* [`c8e3b87`](https://github.com/siderolabs/terraform-provider-talos/commit/c8e3b87002418699bf33a2b437f7ff59aa6c70ad) feat: add exact_filters attribute to talos_image_factory_extensions_versions
* [`efe146e`](https://github.com/siderolabs/terraform-provider-talos/commit/efe146e512fb22dd1012849fce098256115961a4) fix: gracefully handle Unknown config_patches values
</p>
</details>
### Changes since v0.11.0-beta.0
<details><summary>2 commits</summary>
<p>
* [`01330a9`](https://github.com/siderolabs/terraform-provider-talos/commit/01330a9d19a2a27ed79fd78c6cd1623012f61d09) chore: update goreleaser schema
* [`1585aed`](https://github.com/siderolabs/terraform-provider-talos/commit/1585aed51fcde7e158d45afa0be78f084693d396) fix: remove unsupported windows/arm build target for Go 1.25
</p>
</details>
### Dependency Changes
* **github.com/hashicorp/terraform-plugin-go** v0.29.0 -> v0.30.0
* **github.com/hashicorp/terraform-plugin-sdk/v2** v2.38.1 -> v2.38.2
* **github.com/siderolabs/image-factory** v0.9.0 -> v1.0.3
* **github.com/siderolabs/talos** v1.12.0 -> v1.13.0-alpha.2
* **github.com/siderolabs/talos/pkg/machinery** v1.12.0 -> v1.13.0-alpha.2
* **go.yaml.in/yaml/v4** v4.0.0-rc.3 -> v4.0.0-rc.4
* **golang.org/x/mod** v0.31.0 -> v0.33.0
* **k8s.io/client-go** v0.35.0 -> v0.35.1
Previous release can be found at [v0.10.1](https://github.com/siderolabs/terraform-provider-talos/releases/tag/v0.10.1)
## [terraform-provider-talos 0.11.0-beta.0](https://github.com/siderolabs/terraform-provider-talos/releases/tag/v0.11.0-beta.0) (2026-02-26)
Welcome to the v0.11.0-beta.0 release of terraform-provider-talos!
*This is a pre-release of terraform-provider-talos*
Please try out the release binaries and report any issues at
https://github.com/siderolabs/terraform-provider-talos/issues.
### ephemeral resources
New ephemeral resources are added, please see docs.
### Component Updates
Talos sdk: v1.13.0-alpha.1
### Contributors
* Mickaël Canévet
* Dennis Witt
* Nikita COEUR
* Noel Georgi
* purajit
### Changes
<details><summary>6 commits</summary>
<p>
* [`09f6c83`](https://github.com/siderolabs/terraform-provider-talos/commit/09f6c838e7430de02f62a1b968f425e0b2be4e0d) fix: restore correct skip_kubernetes_checks behavior
* [`eaedcfd`](https://github.com/siderolabs/terraform-provider-talos/commit/eaedcfdda3e7e3193e3d23231673ef676f575ae5) chore: bump deps
* [`f4d673f`](https://github.com/siderolabs/terraform-provider-talos/commit/f4d673f0851f25c5e15ef8ac9bd6fc12310ab2d5) feat: add ephemeral resources to prevent secrets from leaking to state
* [`5f07e0f`](https://github.com/siderolabs/terraform-provider-talos/commit/5f07e0f6043687b2dc475aeb16d489968a2dd2c5) feat: add staged_if_needing_reboot apply mode for automatic reboot prevention
* [`c8e3b87`](https://github.com/siderolabs/terraform-provider-talos/commit/c8e3b87002418699bf33a2b437f7ff59aa6c70ad) feat: add exact_filters attribute to talos_image_factory_extensions_versions
* [`efe146e`](https://github.com/siderolabs/terraform-provider-talos/commit/efe146e512fb22dd1012849fce098256115961a4) fix: gracefully handle Unknown config_patches values
</p>
</details>
### Dependency Changes
* **github.com/hashicorp/terraform-plugin-go** v0.29.0 -> v0.30.0
* **github.com/hashicorp/terraform-plugin-sdk/v2** v2.38.1 -> v2.38.2
* **github.com/siderolabs/image-factory** v0.9.0 -> v1.0.3
* **github.com/siderolabs/talos** v1.12.0 -> v1.13.0-alpha.2
* **github.com/siderolabs/talos/pkg/machinery** v1.12.0 -> v1.13.0-alpha.2
* **go.yaml.in/yaml/v4** v4.0.0-rc.3 -> v4.0.0-rc.4
* **golang.org/x/mod** v0.31.0 -> v0.33.0
* **k8s.io/client-go** v0.35.0 -> v0.35.1
Previous release can be found at [v0.10.1](https://github.com/siderolabs/terraform-provider-talos/releases/tag/v0.10.1)
## [terraform-provider-talos 0.10.0-beta.0](https://github.com/siderolabs/terraform-provider-talos/releases/tag/v0.10.0-beta.0) (2025-11-28)
Welcome to the v0.10.0-beta.0 release of terraform-provider-talos!
*This is a pre-release of terraform-provider-talos*
Please try out the release binaries and report any issues at
https://github.com/siderolabs/terraform-provider-talos/issues.
### config patches
JSON6502 patches are no longer supported, use strategic patches instead.
### Component Updates
Talos sdk: v1.12.0-beta.0
### Contributors
* Noel Georgi
### Changes
<details><summary>1 commit</summary>
<p>
* [`11063bc`](https://github.com/siderolabs/terraform-provider-talos/commit/11063bc25f97c7abb8ae9ceb099bbc523c8655b8) chore: bump deps
</p>
</details>
### Dependency Changes
* **github.com/hashicorp/terraform-plugin-docs** v0.22.0 -> v0.24.0
* **github.com/hashicorp/terraform-plugin-framework** v1.15.1 -> v1.16.1
* **github.com/hashicorp/terraform-plugin-framework-timeouts** v0.5.0 -> v0.7.0
* **github.com/hashicorp/terraform-plugin-framework-validators** v0.18.0 -> v0.19.0
* **github.com/hashicorp/terraform-plugin-go** v0.28.0 -> v0.29.0
* **github.com/hashicorp/terraform-plugin-log** v0.9.0 -> v0.10.0
* **github.com/hashicorp/terraform-plugin-sdk/v2** v2.37.0 -> v2.38.1
* **github.com/siderolabs/crypto** v0.6.3 -> v0.6.4
* **github.com/siderolabs/gen** v0.8.5 -> v0.8.6
* **github.com/siderolabs/image-factory** v0.8.3 -> v0.9.0
* **github.com/siderolabs/talos** v1.11.0 -> v1.12.0-beta.0
* **github.com/siderolabs/talos/pkg/machinery** v1.11.0 -> v1.12.0-beta.0
* **go.yaml.in/yaml/v4** v4.0.0-rc.3 **_new_**
* **golang.org/x/mod** v0.27.0 -> v0.30.0
* **k8s.io/client-go** v0.34.0 -> v0.35.0-alpha.3
Previous release can be found at [v0.9.0](https://github.com/siderolabs/terraform-provider-talos/releases/tag/v0.9.0)
## [terraform-provider-talos 0.9.0-alpha.0](https://github.com/siderolabs/terraform-provider-talos/releases/tag/v0.9.0-alpha.0) (2025-05-19)
Welcome to the v0.9.0-alpha.0 release of terraform-provider-talos!
*This is a pre-release of terraform-provider-talos*
Please try out the release binaries and report any issues at
https://github.com/siderolabs/terraform-provider-talos/issues.
### talos_machine_disks Data Source
The `talos_machine_disks` data source has been updated to use the better CEL expression language.
The resource attributes and selector have been updated to use the new syntax.
The user would need to update the data source in their configuration to use the new syntax.
The expression syntax is documented in the [CEL documentation](https://www.talos.dev/latest/talos-guides/configuration/disk-management/#disk-selector).
This also brings in consistency with how disks are reported in Talos.
### Component Updates
Talos sdk: v1.11.0-alpha.0
### Contributors
* Noel Georgi
* Halvdan Hoem Grelland
* obvionaoe
### Changes
<details><summary>7 commits</summary>
<p>
* [`4016c0c`](https://github.com/siderolabs/terraform-provider-talos/commit/4016c0cc890585c6343829b99d23a22c4fb4bb42) fix: secureboot installer urls for non-metal platform
* [`34f3f1e`](https://github.com/siderolabs/terraform-provider-talos/commit/34f3f1e74a5e7b65cc82a5c46b5929fbde530790) chore: simplify disk selector code
* [`93070aa`](https://github.com/siderolabs/terraform-provider-talos/commit/93070aaa166aa2ba81a3322bac2de4b9ef927319) feat: use CEL expression filters for `talos_machine_disks`
* [`f70e10e`](https://github.com/siderolabs/terraform-provider-talos/commit/f70e10e97d81a1b211c7d09dd3b04156ece70d1a) fix: allow talos_version to be used without a `v` prefix
* [`fa8002d`](https://github.com/siderolabs/terraform-provider-talos/commit/fa8002d47d35c558ae810e50f6ed0beaa759454a) chore: bump deps
* [`e76002d`](https://github.com/siderolabs/terraform-provider-talos/commit/e76002d6bf47b39d474cc5bc01c0b919afb20046) fix: factory installer urls
* [`44eec1c`](https://github.com/siderolabs/terraform-provider-talos/commit/44eec1cc87eeae3d5eaaf45ea742807eea32367a) fix: image factory examples and docs
</p>
</details>
### Dependency Changes
* **github.com/hashicorp/terraform-plugin-framework-validators** v0.17.0 -> v0.18.0
* **github.com/siderolabs/gen** v0.8.0 -> v0.8.1
* **github.com/siderolabs/image-factory** v0.6.9 -> v0.7.0
* **github.com/siderolabs/talos** v1.10.0 -> v1.11.0-alpha.0
* **github.com/siderolabs/talos/pkg/machinery** v1.10.0 -> v1.11.0-alpha.0
Previous release can be found at [v0.8.1](https://github.com/siderolabs/terraform-provider-talos/releases/tag/v0.8.1)
## [terraform-provider-talos 0.8.0-alpha.0](https://github.com/siderolabs/terraform-provider-talos/releases/tag/v0.8.0-alpha.0) (2025-04-18)
Welcome to the v0.8.0-alpha.0 release of terraform-provider-talos!
*This is a pre-release of terraform-provider-talos*
Please try out the release binaries and report any issues at
https://github.com/siderolabs/terraform-provider-talos/issues.
### Component Updates
Talos sdk: v1.10.0-beta.0
### Contributors
* Noel Georgi
* Andrey Smirnov
* Matt Willsher
### Changes
<details><summary>5 commits</summary>
<p>
* [`2cfcf88`](https://github.com/siderolabs/terraform-provider-talos/commit/2cfcf8802e61550ad7570aa8cbd44439700fd677) chore: bump deps
* [`46ab81c`](https://github.com/siderolabs/terraform-provider-talos/commit/46ab81ca8b799e5390cf398a4a65210d2425a41e) fix: drop talos<->k8s compatibility check
* [`69596f1`](https://github.com/siderolabs/terraform-provider-talos/commit/69596f1e4b74a1d0f95e663315724d9e8150b5b0) fix: skip if aggregator certs are nil
* [`d3214dc`](https://github.com/siderolabs/terraform-provider-talos/commit/d3214dc15659de2906c1aaf2912e77a90dfaca7b) refactor: pull platform metadata from Talos machinery
* [`5c0ff77`](https://github.com/siderolabs/terraform-provider-talos/commit/5c0ff772a72339827bbd63d3fe59c52fb73148de) feat: add secure boot support to non-metal image factory urls
</p>
</details>
### Dependency Changes
* **github.com/hashicorp/terraform-plugin-docs** v0.20.1 -> v0.21.0
* **github.com/hashicorp/terraform-plugin-framework** v1.13.0 -> v1.14.1
* **github.com/hashicorp/terraform-plugin-framework-timeouts** v0.4.1 -> v0.5.0
* **github.com/hashicorp/terraform-plugin-framework-validators** v0.16.0 -> v0.17.0
* **github.com/hashicorp/terraform-plugin-go** v0.25.0 -> v0.26.0
* **github.com/hashicorp/terraform-plugin-sdk/v2** v2.35.0 -> v2.36.1
* **github.com/hashicorp/terraform-plugin-testing** v1.11.0 -> v1.12.0
* **github.com/siderolabs/image-factory** v0.6.4 -> v0.6.8
* **github.com/siderolabs/talos** v1.9.2 -> v1.10.0-beta.0
* **github.com/siderolabs/talos/pkg/machinery** v1.9.2 -> v1.10.0-beta.0
* **golang.org/x/mod** v0.22.0 -> v0.24.0
* **k8s.io/client-go** v0.32.0 -> v0.33.0-rc.0
Previous release can be found at [v0.7.1](https://github.com/siderolabs/terraform-provider-talos/releases/tag/v0.7.1)
## [terraform-provider-talos 0.8.0-alpha.0](https://github.com/siderolabs/terraform-provider-talos/releases/tag/v0.8.0-alpha.0) (2025-04-18)
Welcome to the v0.8.0-alpha.0 release of terraform-provider-talos!
Please try out the release binaries and report any issues at
https://github.com/siderolabs/terraform-provider-talos/issues.
### Component Updates
Talos sdk: v1.10.0-beta.0
### Contributors
* Noel Georgi
* Andrey Smirnov
* Matt Willsher
### Changes
<details><summary>5 commits</summary>
<p>
* [`2cfcf88`](https://github.com/siderolabs/terraform-provider-talos/commit/2cfcf8802e61550ad7570aa8cbd44439700fd677) chore: bump deps
* [`46ab81c`](https://github.com/siderolabs/terraform-provider-talos/commit/46ab81ca8b799e5390cf398a4a65210d2425a41e) fix: drop talos<->k8s compatibility check
* [`69596f1`](https://github.com/siderolabs/terraform-provider-talos/commit/69596f1e4b74a1d0f95e663315724d9e8150b5b0) fix: skip if aggregator certs are nil
* [`d3214dc`](https://github.com/siderolabs/terraform-provider-talos/commit/d3214dc15659de2906c1aaf2912e77a90dfaca7b) refactor: pull platform metadata from Talos machinery
* [`5c0ff77`](https://github.com/siderolabs/terraform-provider-talos/commit/5c0ff772a72339827bbd63d3fe59c52fb73148de) feat: add secure boot support to non-metal image factory urls
</p>
</details>
### Dependency Changes
* **github.com/hashicorp/terraform-plugin-docs** v0.20.1 -> v0.21.0
* **github.com/hashicorp/terraform-plugin-framework** v1.13.0 -> v1.14.1
* **github.com/hashicorp/terraform-plugin-framework-timeouts** v0.4.1 -> v0.5.0
* **github.com/hashicorp/terraform-plugin-framework-validators** v0.16.0 -> v0.17.0
* **github.com/hashicorp/terraform-plugin-go** v0.25.0 -> v0.26.0
* **github.com/hashicorp/terraform-plugin-sdk/v2** v2.35.0 -> v2.36.1
* **github.com/hashicorp/terraform-plugin-testing** v1.11.0 -> v1.12.0
* **github.com/siderolabs/image-factory** v0.6.4 -> v0.6.8
* **github.com/siderolabs/talos** v1.9.2 -> v1.10.0-beta.0
* **github.com/siderolabs/talos/pkg/machinery** v1.9.2 -> v1.10.0-beta.0
* **golang.org/x/mod** v0.22.0 -> v0.24.0
* **k8s.io/client-go** v0.32.0 -> v0.33.0-rc.0
Previous release can be found at [v0.7.1](https://github.com/siderolabs/terraform-provider-talos/releases/tag/v0.7.1)
## [terraform-provider-talos 0.7.0-alpha.0](https://github.com/siderolabs/terraform-provider-talos/releases/tag/v0.7.0-alpha.0) (2024-10-21)
Welcome to the v0.7.0-alpha.0 release of terraform-provider-talos!
Please try out the release binaries and report any issues at
https://github.com/siderolabs/terraform-provider-talos/issues.
### Component Updates
Talos sdk: v1.9.0-alpha.0
### Contributors
* Noel Georgi
### Changes
<details><summary>1 commit</summary>
<p>
* [`beb5e2b`](https://github.com/siderolabs/terraform-provider-talos/commit/beb5e2b38466116da1d212dea33f5d7926655442) chore: bump deps
</p>
</details>
### Dependency Changes
* **github.com/hashicorp/terraform-plugin-framework-validators** v0.13.0 -> v0.14.0
* **github.com/siderolabs/talos** v1.8.1 -> v1.9.0-alpha.0
* **github.com/siderolabs/talos/pkg/machinery** v1.8.1 -> v1.9.0-alpha.0
Previous release can be found at [v0.6.1](https://github.com/siderolabs/terraform-provider-talos/releases/tag/v0.6.1)
## [terraform-provider-talos 0.6.1](https://github.com/siderolabs/terraform-provider-talos/releases/tag/v0.6.1) (2024-10-18)
Welcome to the v0.6.1 release of terraform-provider-talos!
Please try out the release binaries and report any issues at
https://github.com/siderolabs/terraform-provider-talos/issues.
### Talos Cluster Kubeconfig
The `talos_cluster_kubeconfig` resource now supports confiuring the certificate renewal check time.
### Component Updates
Talos sdk: v1.8.1
### Contributors
* Noel Georgi
### Changes
<details><summary>3 commits</summary>
<p>
* [`daddfb7`](https://github.com/siderolabs/terraform-provider-talos/commit/daddfb76cec78135ad62e8e46f4d965eb6eed52a) feat: configurable cert refresh time for kubeconfig
* [`96c9a85`](https://github.com/siderolabs/terraform-provider-talos/commit/96c9a857f9df8a28b7f32f1d0cf948a74a8acfcb) fix: resourceplanmodifiers for kubeconfig resource
* [`800573b`](https://github.com/siderolabs/terraform-provider-talos/commit/800573b841c901f562b8b2b151e58d86516944d0) fix: disks wipe on destroy
</p>
</details>
### Dependency Changes
* **github.com/hashicorp/terraform-plugin-framework** v1.11.0 -> v1.12.0
* **github.com/hashicorp/terraform-plugin-go** v0.23.0 -> v0.24.0
* **github.com/siderolabs/crypto** v0.4.4 -> v0.5.0
* **github.com/siderolabs/go-blockdevice** v0.4.7 -> v0.4.8
* **github.com/siderolabs/talos** v1.8.0 -> v1.8.1
* **github.com/siderolabs/talos/pkg/machinery** v1.8.0 -> v1.8.1
Previous release can be found at [v0.6.0](https://github.com/siderolabs/terraform-provider-talos/releases/tag/v0.6.0)
## [terraform-provider-talos 0.6.0](https://github.com/siderolabs/terraform-provider-talos/releases/tag/v0.6.0) (2024-09-23)
Welcome to the v0.6.0 release of terraform-provider-talos!
Please try out the release binaries and report any issues at
https://github.com/siderolabs/terraform-provider-talos/issues.
### Image Factory
Support for querying info from Image Factory and registering schematics is now supported via new Terraform resources.
### Talos Cluster Health
`talos_cluster_health` data source now has a way to skip running the Kubernetes components health check by setting `skip_kubernetes_checks` to `true`.
### Talos Cluster Kubeconfig
`talos_cluster_kubeconfig` data source is now deprecated and will be removed in the next minor release.
Use `talos_cluster_kubeconfig` resource instead.
The `talos_cluster_kubeconfig` resource will regenerate kubernetes client config when the time to expiry is less than a month.
### Talos Machine Configuration Data Source
`talos_machine_configuration` data source now defaults to generating config with documentation and examples disabled.
To restore the previous behavior, set `docs` and `examples` attributes to `true`.
### Talos Machine Configuration Apply
`talos_machine_configuration_apply` resource now optionally supports resetting the machine back to maintenance mode.
### Talos Machine Secrets
`talos_machine_secrets` resource now regenerates client config when the time to expiry is less than a month.
### Component Updates
Talos sdk: v1.8.0-alpha.1
### Contributors
* Noel Georgi
* Bruno Bigras
* Hippie Hacker
### Changes
<details><summary>20 commits</summary>
<p>
* [`758df67`](https://github.com/siderolabs/terraform-provider-talos/commit/758df676873a53d0833b79f74f74c1d0cfbb1f12) docs: machine_configuration fix typo
* [`4e01809`](https://github.com/siderolabs/terraform-provider-talos/commit/4e0180983319098412faab94b18a97ca43cae192) release(v0.6.0-beta.0): prepare release
* [`8dcab7b`](https://github.com/siderolabs/terraform-provider-talos/commit/8dcab7bc766edf0b386c1a061a71f3541c75b56d) chore: bump deps
* [`3b59c4a`](https://github.com/siderolabs/terraform-provider-talos/commit/3b59c4a34fc3b1b824bf104981ac70ebc5e6e722) release(v0.6.0-alpha.2): prepare release
* [`858f7f3`](https://github.com/siderolabs/terraform-provider-talos/commit/858f7f3de9368604b8f18125420d6888606b21be) chore: bump deps
* [`7af49b3`](https://github.com/siderolabs/terraform-provider-talos/commit/7af49b315e4b37b7a165c6ef5d5dc2830dc00a6f) chore: better health checks from talos sdk
* [`063b7ae`](https://github.com/siderolabs/terraform-provider-talos/commit/063b7aeb9dc69782ec7cf541433f7b1eb92e4197) chore: default talos_machine_configuration docs and examples to false
* [`80c5534`](https://github.com/siderolabs/terraform-provider-talos/commit/80c5534fbd876506201f21b50c950ce053402a55) chore: support filtering stable version
* [`b9c7f5f`](https://github.com/siderolabs/terraform-provider-talos/commit/b9c7f5f8aedaca50a4e694e022cae456cd44d065) release(v0.6.0-alpha.1): prepare release
* [`92fcb70`](https://github.com/siderolabs/terraform-provider-talos/commit/92fcb70cd9c1d6cfb5bd3ea159e56fa493fe62db) feat: add `talos_image_factory_url` data source
* [`ffc8102`](https://github.com/siderolabs/terraform-provider-talos/commit/ffc8102dd7f7b0929dc54fa1f50afd9b2cfda6be) feat: add factory support
* [`d6c2a0b`](https://github.com/siderolabs/terraform-provider-talos/commit/d6c2a0bc939de41252d97f09b8e9dfcff3377450) chore: fix goreleaser config
* [`dcdcee6`](https://github.com/siderolabs/terraform-provider-talos/commit/dcdcee62f8d9429cc0416dfdb92dfc27391da0ee) release(v0.6.0-alpha.0): prepare release
* [`d962913`](https://github.com/siderolabs/terraform-provider-talos/commit/d9629133c03ef09d5a6136b0e6cc1624a7ef4c28) chore: reset options for `machine_configuration_apply` resource
* [`f26a591`](https://github.com/siderolabs/terraform-provider-talos/commit/f26a5911bdd243fd384a353de1c0140de256211c) chore: data source -> resource `talos_cluster_kubeconfig`
* [`78fd0d3`](https://github.com/siderolabs/terraform-provider-talos/commit/78fd0d369ff401fbd795609cbbc2275f7d108bb0) chore: ignore version prefix for `talos_version`
* [`11ae330`](https://github.com/siderolabs/terraform-provider-talos/commit/11ae33002bee7a3e319bc7f9ea7555ca3ebaa120) feat: support skipping k8s health checks
* [`0fe1a6f`](https://github.com/siderolabs/terraform-provider-talos/commit/0fe1a6fe8d4440f72d7c553cf961b0de7267404b) docs: update description of `talos_cluster_health`
* [`f6f1811`](https://github.com/siderolabs/terraform-provider-talos/commit/f6f1811e90c9eef91f562f1f8b15f78e984315a0) feat: regenerate talosconfig
* [`501c78e`](https://github.com/siderolabs/terraform-provider-talos/commit/501c78eb7403012c90229bfc24399d0e1603289b) chore: bump deps
</p>
</details>
### Changes since v0.6.0-beta.0
<details><summary>1 commit</summary>
<p>
* [`758df67`](https://github.com/siderolabs/terraform-provider-talos/commit/758df676873a53d0833b79f74f74c1d0cfbb1f12) docs: machine_configuration fix typo
</p>
</details>
### Dependency Changes
* **github.com/blang/semver/v4** v4.0.0 **_new_**
* **github.com/hashicorp/terraform-plugin-docs** v0.19.0 -> v0.19.4
* **github.com/hashicorp/terraform-plugin-framework** v1.7.0 -> v1.11.0
* **github.com/hashicorp/terraform-plugin-framework-validators** v0.12.0 -> v0.13.0
* **github.com/hashicorp/terraform-plugin-go** v0.22.1 -> v0.23.0
* **github.com/hashicorp/terraform-plugin-log** v0.9.0 **_new_**
* **github.com/hashicorp/terraform-plugin-sdk/v2** v2.33.0 -> v2.34.0
* **github.com/hashicorp/terraform-plugin-testing** v1.7.0 -> v1.10.0
* **github.com/siderolabs/gen** v0.4.8 -> v0.5.0
* **github.com/siderolabs/image-factory** v0.5.0 **_new_**
* **github.com/siderolabs/talos** v1.8.0-beta.0 **_new_**
* **github.com/siderolabs/talos/pkg/machinery** v1.7.0 -> v1.8.0-beta.0
* **golang.org/x/mod** v0.17.0 -> v0.21.0
* **k8s.io/client-go** v0.29.3 -> v0.31.0
Previous release can be found at [v0.5.0](https://github.com/siderolabs/terraform-provider-talos/releases/tag/v0.5.0)
## [terraform-provider-talos 0.6.0-beta.0](https://github.com/siderolabs/terraform-provider-talos/releases/tag/v0.6.0-beta.0) (2024-09-10)
Welcome to the v0.6.0-beta.0 release of terraform-provider-talos!
*This is a pre-release of terraform-provider-talos*
Please try out the release binaries and report any issues at
https://github.com/siderolabs/terraform-provider-talos/issues.
### Image Factory
Support for querying info from Image Factory and registering schematics is now supported via new Terraform resources.
### Talos Cluster Health
`talos_cluster_health` data source now has a way to skip running the Kubernetes components health check by setting `skip_kubernetes_checks` to `true`.
### Talos Cluster Kubeconfig
`talos_cluster_kubeconfig` data source is now deprecated and will be removed in the next minor release.
Use `talos_cluster_kubeconfig` resource instead.
The `talos_cluster_kubeconfig` resource will regenerate kubernetes client config when the time to expiry is less than a month.
### Talos Machine Configuration Data Source
`talos_machine_configuration` data source now defaults to generating config with documentation and examples disabled.
To restore the previous behavior, set `docs` and `examples` attributes to `true`.
### Talos Machine Configuration Apply
`talos_machine_configuration_apply` resource now optionally supports resetting the machine back to maintenance mode.
### Talos Machine Secrets
`talos_machine_secrets` resource now regenerates client config when the time to expiry is less than a month.
### Component Updates
Talos sdk: v1.8.0-alpha.1
### Contributors
* Noel Georgi
* Hippie Hacker
### Changes
<details><summary>18 commits</summary>
<p>
* [`8dcab7b`](https://github.com/siderolabs/terraform-provider-talos/commit/8dcab7bc766edf0b386c1a061a71f3541c75b56d) chore: bump deps
* [`3b59c4a`](https://github.com/siderolabs/terraform-provider-talos/commit/3b59c4a34fc3b1b824bf104981ac70ebc5e6e722) release(v0.6.0-alpha.2): prepare release
* [`858f7f3`](https://github.com/siderolabs/terraform-provider-talos/commit/858f7f3de9368604b8f18125420d6888606b21be) chore: bump deps
* [`7af49b3`](https://github.com/siderolabs/terraform-provider-talos/commit/7af49b315e4b37b7a165c6ef5d5dc2830dc00a6f) chore: better health checks from talos sdk
* [`063b7ae`](https://github.com/siderolabs/terraform-provider-talos/commit/063b7aeb9dc69782ec7cf541433f7b1eb92e4197) chore: default talos_machine_configuration docs and examples to false
* [`80c5534`](https://github.com/siderolabs/terraform-provider-talos/commit/80c5534fbd876506201f21b50c950ce053402a55) chore: support filtering stable version
* [`b9c7f5f`](https://github.com/siderolabs/terraform-provider-talos/commit/b9c7f5f8aedaca50a4e694e022cae456cd44d065) release(v0.6.0-alpha.1): prepare release
* [`92fcb70`](https://github.com/siderolabs/terraform-provider-talos/commit/92fcb70cd9c1d6cfb5bd3ea159e56fa493fe62db) feat: add `talos_image_factory_url` data source
* [`ffc8102`](https://github.com/siderolabs/terraform-provider-talos/commit/ffc8102dd7f7b0929dc54fa1f50afd9b2cfda6be) feat: add factory support
* [`d6c2a0b`](https://github.com/siderolabs/terraform-provider-talos/commit/d6c2a0bc939de41252d97f09b8e9dfcff3377450) chore: fix goreleaser config
* [`dcdcee6`](https://github.com/siderolabs/terraform-provider-talos/commit/dcdcee62f8d9429cc0416dfdb92dfc27391da0ee) release(v0.6.0-alpha.0): prepare release
* [`d962913`](https://github.com/siderolabs/terraform-provider-talos/commit/d9629133c03ef09d5a6136b0e6cc1624a7ef4c28) chore: reset options for `machine_configuration_apply` resource
* [`f26a591`](https://github.com/siderolabs/terraform-provider-talos/commit/f26a5911bdd243fd384a353de1c0140de256211c) chore: data source -> resource `talos_cluster_kubeconfig`
* [`78fd0d3`](https://github.com/siderolabs/terraform-provider-talos/commit/78fd0d369ff401fbd795609cbbc2275f7d108bb0) chore: ignore version prefix for `talos_version`
* [`11ae330`](https://github.com/siderolabs/terraform-provider-talos/commit/11ae33002bee7a3e319bc7f9ea7555ca3ebaa120) feat: support skipping k8s health checks
* [`0fe1a6f`](https://github.com/siderolabs/terraform-provider-talos/commit/0fe1a6fe8d4440f72d7c553cf961b0de7267404b) docs: update description of `talos_cluster_health`
* [`f6f1811`](https://github.com/siderolabs/terraform-provider-talos/commit/f6f1811e90c9eef91f562f1f8b15f78e984315a0) feat: regenerate talosconfig
* [`501c78e`](https://github.com/siderolabs/terraform-provider-talos/commit/501c78eb7403012c90229bfc24399d0e1603289b) chore: bump deps
</p>
</details>
### Changes since v0.6.0-alpha.2
<details><summary>1 commit</summary>
<p>
* [`8dcab7b`](https://github.com/siderolabs/terraform-provider-talos/commit/8dcab7bc766edf0b386c1a061a71f3541c75b56d) chore: bump deps
</p>
</details>
### Dependency Changes
* **github.com/blang/semver/v4** v4.0.0 **_new_**
* **github.com/hashicorp/terraform-plugin-docs** v0.19.0 -> v0.19.4
* **github.com/hashicorp/terraform-plugin-framework** v1.7.0 -> v1.11.0
* **github.com/hashicorp/terraform-plugin-framework-validators** v0.12.0 -> v0.13.0
* **github.com/hashicorp/terraform-plugin-go** v0.22.1 -> v0.23.0
* **github.com/hashicorp/terraform-plugin-log** v0.9.0 **_new_**
* **github.com/hashicorp/terraform-plugin-sdk/v2** v2.33.0 -> v2.34.0
* **github.com/hashicorp/terraform-plugin-testing** v1.7.0 -> v1.10.0
* **github.com/siderolabs/gen** v0.4.8 -> v0.5.0
* **github.com/siderolabs/image-factory** v0.5.0 **_new_**
* **github.com/siderolabs/talos** v1.8.0-beta.0 **_new_**
* **github.com/siderolabs/talos/pkg/machinery** v1.7.0 -> v1.8.0-beta.0
* **golang.org/x/mod** v0.17.0 -> v0.21.0
* **k8s.io/client-go** v0.29.3 -> v0.31.0
Previous release can be found at [v0.5.0](https://github.com/siderolabs/terraform-provider-talos/releases/tag/v0.5.0)
## [terraform-provider-talos 0.6.0-alpha.2](https://github.com/siderolabs/terraform-provider-talos/releases/tag/v0.6.0-alpha.2) (2024-09-02)
Welcome to the v0.6.0-alpha.2 release of terraform-provider-talos!
*This is a pre-release of terraform-provider-talos*
Please try out the release binaries and report any issues at
https://github.com/siderolabs/terraform-provider-talos/issues.
### Image Factory
Support for querying info from Image Factory and registering schematics is now supported via new Terraform resources.
### Talos Cluster Health
`talos_cluster_health` data source now has a way to skip running the Kubernetes components health check by setting `skip_kubernetes_checks` to `true`.
### Talos Cluster Kubeconfig
`talos_cluster_kubeconfig` data source is now deprecated and will be removed in the next minor release.
Use `talos_cluster_kubeconfig` resource instead.
The `talos_cluster_kubeconfig` resource will regenerate kubernetes client config when the time to expiry is less than a month.
### Talos Machine Configuration Data Source
`talos_machine_configuration` data source now defaults to generating config with documentation and examples disabled.
To restore the previous behavior, set `docs` and `examples` attributes to `true`.
### Talos Machine Configuration Apply
`talos_machine_configuration_apply` resource now optionally supports resetting the machine back to maintenance mode.
### Talos Machine Secrets
`talos_machine_secrets` resource now regenerates client config when the time to expiry is less than a month.
### Component Updates
Talos sdk: v1.8.0-alpha.1
### Contributors
* Noel Georgi
* Hippie Hacker
### Changes
<details><summary>16 commits</summary>
<p>
* [`858f7f3`](https://github.com/siderolabs/terraform-provider-talos/commit/858f7f3de9368604b8f18125420d6888606b21be) chore: bump deps
* [`7af49b3`](https://github.com/siderolabs/terraform-provider-talos/commit/7af49b315e4b37b7a165c6ef5d5dc2830dc00a6f) chore: better health checks from talos sdk
* [`063b7ae`](https://github.com/siderolabs/terraform-provider-talos/commit/063b7aeb9dc69782ec7cf541433f7b1eb92e4197) chore: default talos_machine_configuration docs and examples to false
* [`80c5534`](https://github.com/siderolabs/terraform-provider-talos/commit/80c5534fbd876506201f21b50c950ce053402a55) chore: support filtering stable version
* [`b9c7f5f`](https://github.com/siderolabs/terraform-provider-talos/commit/b9c7f5f8aedaca50a4e694e022cae456cd44d065) release(v0.6.0-alpha.1): prepare release
* [`92fcb70`](https://github.com/siderolabs/terraform-provider-talos/commit/92fcb70cd9c1d6cfb5bd3ea159e56fa493fe62db) feat: add `talos_image_factory_url` data source
* [`ffc8102`](https://github.com/siderolabs/terraform-provider-talos/commit/ffc8102dd7f7b0929dc54fa1f50afd9b2cfda6be) feat: add factory support
* [`d6c2a0b`](https://github.com/siderolabs/terraform-provider-talos/commit/d6c2a0bc939de41252d97f09b8e9dfcff3377450) chore: fix goreleaser config
* [`dcdcee6`](https://github.com/siderolabs/terraform-provider-talos/commit/dcdcee62f8d9429cc0416dfdb92dfc27391da0ee) release(v0.6.0-alpha.0): prepare release
* [`d962913`](https://github.com/siderolabs/terraform-provider-talos/commit/d9629133c03ef09d5a6136b0e6cc1624a7ef4c28) chore: reset options for `machine_configuration_apply` resource
* [`f26a591`](https://github.com/siderolabs/terraform-provider-talos/commit/f26a5911bdd243fd384a353de1c0140de256211c) chore: data source -> resource `talos_cluster_kubeconfig`
* [`78fd0d3`](https://github.com/siderolabs/terraform-provider-talos/commit/78fd0d369ff401fbd795609cbbc2275f7d108bb0) chore: ignore version prefix for `talos_version`
* [`11ae330`](https://github.com/siderolabs/terraform-provider-talos/commit/11ae33002bee7a3e319bc7f9ea7555ca3ebaa120) feat: support skipping k8s health checks
* [`0fe1a6f`](https://github.com/siderolabs/terraform-provider-talos/commit/0fe1a6fe8d4440f72d7c553cf961b0de7267404b) docs: update description of `talos_cluster_health`
* [`f6f1811`](https://github.com/siderolabs/terraform-provider-talos/commit/f6f1811e90c9eef91f562f1f8b15f78e984315a0) feat: regenerate talosconfig
* [`501c78e`](https://github.com/siderolabs/terraform-provider-talos/commit/501c78eb7403012c90229bfc24399d0e1603289b) chore: bump deps
</p>
</details>
### Changes since v0.6.0-alpha.1
<details><summary>4 commits</summary>
<p>
* [`858f7f3`](https://github.com/siderolabs/terraform-provider-talos/commit/858f7f3de9368604b8f18125420d6888606b21be) chore: bump deps
* [`7af49b3`](https://github.com/siderolabs/terraform-provider-talos/commit/7af49b315e4b37b7a165c6ef5d5dc2830dc00a6f) chore: better health checks from talos sdk
* [`063b7ae`](https://github.com/siderolabs/terraform-provider-talos/commit/063b7aeb9dc69782ec7cf541433f7b1eb92e4197) chore: default talos_machine_configuration docs and examples to false
* [`80c5534`](https://github.com/siderolabs/terraform-provider-talos/commit/80c5534fbd876506201f21b50c950ce053402a55) chore: support filtering stable version
</p>
</details>
### Dependency Changes
* **github.com/blang/semver/v4** v4.0.0 **_new_**
* **github.com/hashicorp/terraform-plugin-docs** v0.19.0 -> v0.19.4
* **github.com/hashicorp/terraform-plugin-framework** v1.7.0 -> v1.11.0
* **github.com/hashicorp/terraform-plugin-framework-validators** v0.12.0 -> v0.13.0
* **github.com/hashicorp/terraform-plugin-go** v0.22.1 -> v0.23.0
* **github.com/hashicorp/terraform-plugin-log** v0.9.0 **_new_**
* **github.com/hashicorp/terraform-plugin-sdk/v2** v2.33.0 -> v2.34.0
* **github.com/hashicorp/terraform-plugin-testing** v1.7.0 -> v1.10.0
* **github.com/siderolabs/gen** v0.4.8 -> v0.5.0
* **github.com/siderolabs/image-factory** 9687413a9a85 **_new_**
* **github.com/siderolabs/talos** v1.8.0-alpha.2 **_new_**
* **github.com/siderolabs/talos/pkg/machinery** v1.7.0 -> v1.8.0-alpha.2
* **golang.org/x/mod** v0.17.0 -> v0.20.0
* **google.golang.org/grpc** v1.63.2 -> v1.66.0
* **k8s.io/client-go** v0.29.3 -> v0.31.0
Previous release can be found at [v0.5.0](https://github.com/siderolabs/terraform-provider-talos/releases/tag/v0.5.0)
## [terraform-provider-talos 0.6.0-alpha.1](https://github.com/siderolabs/terraform-provider-talos/releases/tag/v0.6.0-alpha.1) (2024-07-18)
Welcome to the v0.6.0-alpha.1 release of terraform-provider-talos!
*This is a pre-release of terraform-provider-talos*
Please try out the release binaries and report any issues at
https://github.com/siderolabs/terraform-provider-talos/issues.
### Image Factory
Support for querying info from Image Factory and registering schematics is now supported via new Terraform resources.
### Talos Cluster Health
`talos_cluster_health` data source now has a way to skip running the Kubernetes components health check by setting `skip_kubernetes_checks` to `true`.
### Talos Cluster Kubeconfig
`talos_cluster_kubeconfig` data source is now deprecated and will be removed in the next minor release.
Use `talos_cluster_kubeconfig` resource instead.
The `talos_cluster_kubeconfig` resource will regenerate kubernetes client config when the time to expiry is less than a month.
### Talos Machine Configuration Apply
`talos_machine_configuration_apply` resource now optionally supports resetting the machine back to maintenance mode.
### Talos Machine Secrets
`talos_machine_secrets` resource now regenerates client config when the time to expiry is less than a month.
### Component Updates
Talos sdk: v1.8.0-alpha.1
### Contributors
* Noel Georgi
### Changes
<details><summary>11 commits</summary>
<p>
* [`92fcb70`](https://github.com/siderolabs/terraform-provider-talos/commit/92fcb70cd9c1d6cfb5bd3ea159e56fa493fe62db) feat: add `talos_image_factory_url` data source
* [`ffc8102`](https://github.com/siderolabs/terraform-provider-talos/commit/ffc8102dd7f7b0929dc54fa1f50afd9b2cfda6be) feat: add factory support
* [`d6c2a0b`](https://github.com/siderolabs/terraform-provider-talos/commit/d6c2a0bc939de41252d97f09b8e9dfcff3377450) chore: fix goreleaser config
* [`dcdcee6`](https://github.com/siderolabs/terraform-provider-talos/commit/dcdcee62f8d9429cc0416dfdb92dfc27391da0ee) release(v0.6.0-alpha.0): prepare release
* [`d962913`](https://github.com/siderolabs/terraform-provider-talos/commit/d9629133c03ef09d5a6136b0e6cc1624a7ef4c28) chore: reset options for `machine_configuration_apply` resource
* [`f26a591`](https://github.com/siderolabs/terraform-provider-talos/commit/f26a5911bdd243fd384a353de1c0140de256211c) chore: data source -> resource `talos_cluster_kubeconfig`
* [`78fd0d3`](https://github.com/siderolabs/terraform-provider-talos/commit/78fd0d369ff401fbd795609cbbc2275f7d108bb0) chore: ignore version prefix for `talos_version`
* [`11ae330`](https://github.com/siderolabs/terraform-provider-talos/commit/11ae33002bee7a3e319bc7f9ea7555ca3ebaa120) feat: support skipping k8s health checks
* [`0fe1a6f`](https://github.com/siderolabs/terraform-provider-talos/commit/0fe1a6fe8d4440f72d7c553cf961b0de7267404b) docs: update description of `talos_cluster_health`
* [`f6f1811`](https://github.com/siderolabs/terraform-provider-talos/commit/f6f1811e90c9eef91f562f1f8b15f78e984315a0) feat: regenerate talosconfig
* [`501c78e`](https://github.com/siderolabs/terraform-provider-talos/commit/501c78eb7403012c90229bfc24399d0e1603289b) chore: bump deps
</p>
</details>
### Changes since v0.6.0-alpha.0
<details><summary>2 commits</summary>
<p>
* [`92fcb70`](https://github.com/siderolabs/terraform-provider-talos/commit/92fcb70cd9c1d6cfb5bd3ea159e56fa493fe62db) feat: add `talos_image_factory_url` data source
* [`ffc8102`](https://github.com/siderolabs/terraform-provider-talos/commit/ffc8102dd7f7b0929dc54fa1f50afd9b2cfda6be) feat: add factory support
</p>
</details>
### Dependency Changes
* **github.com/hashicorp/terraform-plugin-docs** v0.19.0 -> v0.19.4
* **github.com/hashicorp/terraform-plugin-framework** v1.7.0 -> v1.10.0
* **github.com/hashicorp/terraform-plugin-framework-validators** v0.12.0 -> v0.13.0
* **github.com/hashicorp/terraform-plugin-go** v0.22.1 -> v0.23.0
* **github.com/hashicorp/terraform-plugin-log** v0.9.0 **_new_**
* **github.com/hashicorp/terraform-plugin-sdk/v2** v2.33.0 -> v2.34.0
* **github.com/hashicorp/terraform-plugin-testing** v1.7.0 -> v1.9.0
* **github.com/siderolabs/gen** v0.4.8 -> v0.5.0
* **github.com/siderolabs/image-factory** 8b4e0d9e9819 **_new_**
* **github.com/siderolabs/talos** 980f9ebc0725 **_new_**
* **github.com/siderolabs/talos/pkg/machinery** v1.7.0 -> v1.8.0-alpha.1
* **golang.org/x/mod** v0.17.0 -> v0.19.0
* **google.golang.org/grpc** v1.63.2 -> v1.65.0
* **k8s.io/client-go** v0.29.3 -> v0.31.0-beta.0
Previous release can be found at [v0.5.0](https://github.com/siderolabs/terraform-provider-talos/releases/tag/v0.5.0)
## [terraform-provider-talos 0.6.0-alpha.0](https://github.com/siderolabs/terraform-provider-talos/releases/tag/v0.6.0-alpha.0) (2024-07-11)
Welcome to the v0.6.0-alpha.0 release of terraform-provider-talos!
*This is a pre-release of terraform-provider-talos*
Please try out the release binaries and report any issues at
https://github.com/siderolabs/terraform-provider-talos/issues.
### Talos Cluster Health
`talos_cluster_health` data source now has a way to skip running the Kubernetes components health check by setting `skip_kubernetes_checks` to `true`.
### Talos Cluster Kubeconfig
`talos_cluster_kubeconfig` data source is now deprecated and will be removed in the next minor release.
Use `talos_cluster_kubeconfig` resource instead.
The `talos_cluster_kubeconfig` resource will regenerate kubernetes client config when the time to expiry is less than a month.
### Talos Machine Configuration Apply
`talos_machine_configuration_apply` resource now optionally supports resetting the machine back to maintenance mode.
### Talos Machine Secrets
`talos_machine_secrets` resource now regenerates client config when the time to expiry is less than a month.
### Component Updates
Talos sdk: v1.8.0-alpha.1
### Contributors
* Noel Georgi
* Dmitriy Matrenichev
### Changes
<details><summary>8 commits</summary>
<p>
* [`1908d9e`](https://github.com/siderolabs/terraform-provider-talos/commit/1908d9e085d4f0d55aa8d55888a01ed7b52e8295) release(v0.6.0-alpha.0): prepare release
* [`d962913`](https://github.com/siderolabs/terraform-provider-talos/commit/d9629133c03ef09d5a6136b0e6cc1624a7ef4c28) chore: reset options for `machine_configuration_apply` resource
* [`f26a591`](https://github.com/siderolabs/terraform-provider-talos/commit/f26a5911bdd243fd384a353de1c0140de256211c) chore: data source -> resource `talos_cluster_kubeconfig`
* [`78fd0d3`](https://github.com/siderolabs/terraform-provider-talos/commit/78fd0d369ff401fbd795609cbbc2275f7d108bb0) chore: ignore version prefix for `talos_version`
* [`11ae330`](https://github.com/siderolabs/terraform-provider-talos/commit/11ae33002bee7a3e319bc7f9ea7555ca3ebaa120) feat: support skipping k8s health checks
* [`0fe1a6f`](https://github.com/siderolabs/terraform-provider-talos/commit/0fe1a6fe8d4440f72d7c553cf961b0de7267404b) docs: update description of `talos_cluster_health`
* [`f6f1811`](https://github.com/siderolabs/terraform-provider-talos/commit/f6f1811e90c9eef91f562f1f8b15f78e984315a0) feat: regenerate talosconfig
* [`501c78e`](https://github.com/siderolabs/terraform-provider-talos/commit/501c78eb7403012c90229bfc24399d0e1603289b) chore: bump deps
</p>
</details>
### Changes from siderolabs/gen
<details><summary>2 commits</summary>
<p>
* [`7654108`](https://github.com/siderolabs/gen/commit/7654108fe6ae15d4765584342709bc0bced6b3d6) chore: add hashtriemap implementation
* [`8485864`](https://github.com/siderolabs/gen/commit/84858640dc9c3032219380885283b995d4f2b0d1) chore: optimize maps.Values and maps.Keys
</p>
</details>
### Dependency Changes
* **github.com/hashicorp/terraform-plugin-docs** v0.19.0 -> v0.19.4
* **github.com/hashicorp/terraform-plugin-framework** v1.7.0 -> v1.9.0
* **github.com/hashicorp/terraform-plugin-go** v0.22.1 -> v0.23.0
* **github.com/hashicorp/terraform-plugin-log** v0.9.0 **_new_**
* **github.com/hashicorp/terraform-plugin-sdk/v2** v2.33.0 -> v2.34.0
* **github.com/hashicorp/terraform-plugin-testing** v1.7.0 -> v1.8.0
* **github.com/siderolabs/gen** v0.4.8 -> v0.5.0
* **github.com/siderolabs/talos/pkg/machinery** v1.7.0 -> v1.8.0-alpha.1
* **golang.org/x/mod** v0.17.0 -> v0.19.0
* **google.golang.org/grpc** v1.63.2 -> v1.65.0
* **k8s.io/client-go** v0.29.3 -> v0.31.0-alpha.3
Previous release can be found at [v0.5.0](https://github.com/siderolabs/terraform-provider-talos/releases/tag/v0.5.0)
## [terraform-provider-talos 0.4.0-alpha.0](https://github.com/siderolabs/terraform-provider-talos/releases/tag/v0.4.0-alpha.0) (2023-08-30)
Welcome to the v0.4.0-alpha.0 release of terraform-provider-talos!
*This is a pre-release of terraform-provider-talos*
Please try out the release binaries and report any issues at
https://github.com/siderolabs/terraform-provider-talos/issues.
### Talos Cluster Health data source
`talos_cluster_health` data source has been added and the `wait` parameter from the `talos_cluster_kubeconfig` data source is now deprecated.
### Component Updates
Talos sdk: v1.6.0-alpha.0
### Contributors
* Noel Georgi
* Dmitriy Matrenichev
### Changes
<details><summary>4 commits</summary>
<p>
* [`1c918e6`](https://github.com/siderolabs/terraform-provider-talos/commit/1c918e65b10764b1ed5286193ac661f3daec51d9) chore: add conform
* [`ed36726`](https://github.com/siderolabs/terraform-provider-talos/commit/ed3672669b20c7fd911088609952f8e036f38a1f) feat: add `talos_cluster_health` data source.
* [`5ac7183`](https://github.com/siderolabs/terraform-provider-talos/commit/5ac7183f33a425e17821f1a294a3133daa09e7fa) fix: node/endpoint were swapped for some resources.
* [`713ac46`](https://github.com/siderolabs/terraform-provider-talos/commit/713ac4686a3e00e135cab7ea533da7319522dddd) fix: creation of talos client
</p>
</details>
### Changes from siderolabs/gen
<details><summary>1 commit</summary>
<p>
* [`36a3ae3`](https://github.com/siderolabs/gen/commit/36a3ae312ce03876b2c961a1bcb4ef4c221593d7) feat: update module
</p>
</details>
### Dependency Changes
* **github.com/hashicorp/terraform-plugin-framework** v1.3.4 -> v1.3.5
* **github.com/hashicorp/terraform-plugin-sdk/v2** v2.27.0 -> v2.28.0
* **github.com/siderolabs/gen** v0.4.5 -> v0.4.6
* **github.com/siderolabs/talos/pkg/machinery** v1.5.0 -> v1.6.0-alpha.0
* **k8s.io/client-go** v0.28.0 -> v0.28.1
Previous release can be found at [v0.3.2](https://github.com/siderolabs/terraform-provider-talos/releases/tag/v0.3.2)
## [terraform-provider-talos 0.3.0-beta.0](https://github.com/siderolabs/terraform-provider-talos/releases/tag/v0.3.0-beta.0) (2023-08-07)
Welcome to the 0.3.0-beta.0 release of terraform-provider-talos!
*This is a pre-release of terraform-provider-talos*
Please try out the release binaries and report any issues at
https://github.com/siderolabs/terraform-provider-talos/issues.
### Component Updates
Talos sdk: v1.5.0-beta.0
### Contributors
* Noel Georgi
* Ole-Martin Bratteng
* Spencer Smith
### Changes
<details><summary>5 commits</summary>
<p>
* [`3f02af3`](https://github.com/siderolabs/terraform-provider-talos/commit/3f02af32747ab97d56d274eecbb3cc12bdaa7d1c) feat: update to talos 1.5 sdk
* [`ff0e2ad`](https://github.com/siderolabs/terraform-provider-talos/commit/ff0e2adec13192716b9cf2180baa1bff2843387d) fix: ci failures due to TF state removal
* [`ee150ce`](https://github.com/siderolabs/terraform-provider-talos/commit/ee150ce9925aac49e324ba4909104cba5a9ad50e) docs: update link to contrib repo
* [`df4f876`](https://github.com/siderolabs/terraform-provider-talos/commit/df4f876ce18e8239bb1cabec7437a0f62ed1f5f7) docs: replace `type` with `machine_type`
* [`f6c8715`](https://github.com/siderolabs/terraform-provider-talos/commit/f6c871516635dbb402bfe24bd47759537c7fee46) chore: bump deps
</p>
</details>
### Dependency Changes
* **github.com/siderolabs/talos/pkg/machinery** v1.4.7 -> v1.5.0-beta.0
Previous release can be found at [v0.2.1](https://github.com/siderolabs/terraform-provider-talos/releases/tag/v0.2.1)
## [terraform-provider-talos 0.2.0-alpha.2](https://github.com/siderolabs/terraform-provider-talos/releases/tag/v0.2.0-alpha.2) (2023-04-14)
Welcome to the v0.2.0-alpha.2 release of terraform-provider-talos!
*This is a pre-release of terraform-provider-talos*
Please try out the release binaries and report any issues at
https://github.com/siderolabs/terraform-provider-talos/issues.
### Data Sources
`talos_machine_disks` data source is added to list disks on a machine.
### Provider Changes
This version of the provider includes some breaking changes. Make sure to follow the provider upgrade guide at https://registry.terraform.io/providers/siderolabs/talos/latest/docs/guides/version-0.2-upgrade.html
### Component Updates
Talos sdk: v1.4.0-beta.1
### Contributors
* Andrey Smirnov
* Andrey Smirnov
* Artem Chernyshev
* Dmitriy Matrenichev
* Artem Chernyshev
* Noel Georgi
* Serge Logvinov
* Andrew Rynhard
* Andrew Rynhard
* Matt Zahorik
* Olli Janatuinen
* Seán C McCord
* Spencer Smith
### Changes
<details><summary>2 commits</summary>
<p>
* [`187e434`](https://github.com/siderolabs/terraform-provider-talos/commit/187e434235da1107eaefc1656147900fa8c1d082) feat: `talos_machine_disks` data source
* [`a29e1e7`](https://github.com/siderolabs/terraform-provider-talos/commit/a29e1e7894776a4c796712163e64084e73b1ffa7) fix: handle unknown types at plan time
</p>
</details>
### Changes from siderolabs/gen
<details><summary>9 commits</summary>
<p>
* [`214c1ef`](https://github.com/siderolabs/gen/commit/214c1efe795cf426e5ebcc48cb305bfc7a16fdb8) chore: set `slice.Filter` result slice cap to len
* [`8e89b1e`](https://github.com/siderolabs/gen/commit/8e89b1ede9f35ff4c18a41ee44a69259181c892b) feat: add GetOrCreate and GetOrCall methods
* [`7c7ccc3`](https://github.com/siderolabs/gen/commit/7c7ccc3d973621b2fa7adfef10241ecc1f7a644d) feat: introduce channel SendWithContext
* [`b3b6db8`](https://github.com/siderolabs/gen/commit/b3b6db858cb6ce46005edeb70776608e3f9bc402) fix: fix Copy documentation and implementation
* [`521f737`](https://github.com/siderolabs/gen/commit/521f7371f40556ddce7f730c8de5e1888e40b621) feat: add xerrors package which contains additions to the std errors
* [`726e066`](https://github.com/siderolabs/gen/commit/726e066dcb35c86f82866097bed806f22b936292) fix: rename tuples.go to pair.go and set proper package name
* [`d8d7d25`](https://github.com/siderolabs/gen/commit/d8d7d25ce9a588609c00cb798206a01a866bf7a6) chore: minor additions
* [`338a650`](https://github.com/siderolabs/gen/commit/338a65065f92eb6426a66c4a88a0cc02cc02e529) chore: add initial implementation and documentation
* [`4fd8667`](https://github.com/siderolabs/gen/commit/4fd866707052c792a6adccbc28efec5debdd18a8) Initial commit
</p>
</details>
### Changes from siderolabs/go-blockdevice
<details><summary>59 commits</summary>
<p>
* [`b4386f3`](https://github.com/siderolabs/go-blockdevice/commit/b4386f37510bc25e39b231fa587288ad0abf0b68) feat: make disk utils read subsystem information from the `/sys/block`
* [`8c7ea19`](https://github.com/siderolabs/go-blockdevice/commit/8c7ea1910b27e0660e3e1a6f98b9f7e24bc11ff0) fix: blockdevice size is reported by Linux in 512 blocks always
* [`e52e012`](https://github.com/siderolabs/go-blockdevice/commit/e52e012a6935a99a1b344a898f281cf7d6a78e69) feat: add ext4 filesystem detection logic
* [`694ac62`](https://github.com/siderolabs/go-blockdevice/commit/694ac62b3dcf995beea95a77659fdc6064b457b3) chore: update imports to siderolabs, rekres
* [`dcf6044`](https://github.com/siderolabs/go-blockdevice/commit/dcf6044c906b36f183e11b6553458c680126d1d9) chore: rekres and rename
* [`9c4af49`](https://github.com/siderolabs/go-blockdevice/commit/9c4af492cc17279f0281fcd271e7423be78442bb) fix: cryptsetup remove slot
* [`74ea471`](https://github.com/siderolabs/go-blockdevice/commit/74ea47109c4525bec139640fed6354ad3097f5fb) feat: add freebsd stubs
* [`9fa801c`](https://github.com/siderolabs/go-blockdevice/commit/9fa801cf4da184e3560b9a18ba43d13316f172f9) feat: add ReadOnly attribute to Disk
* [`fccee8b`](https://github.com/siderolabs/go-blockdevice/commit/fccee8bb082b105cb60db40cb01636efc3241b5f) chore: rekres the source, fix issues
* [`d9c3a27`](https://github.com/siderolabs/go-blockdevice/commit/d9c3a273886113e24809ef1e9930fc982318217d) feat: support probing FAT12/FAT16 filesystems
* [`b374eb4`](https://github.com/siderolabs/go-blockdevice/commit/b374eb48148dc92a82d8bf9540432bb8531f73f3) fix: align partition to 1M boundary by default
* [`ec428fe`](https://github.com/siderolabs/go-blockdevice/commit/ec428fed2ecd5a389833a88f8dc333762816db99) fix: lookup filesystem labels on the actual device path
* [`7b9de26`](https://github.com/siderolabs/go-blockdevice/commit/7b9de26bc6bc3d54b95bd8e8fb3aade4b45adc6c) feat: read symlink fullpath in block device list function
* [`6928ee4`](https://github.com/siderolabs/go-blockdevice/commit/6928ee43c3034549e32f000f8b7bc16a6ebb7ed4) refactor: rewrite GPT serialize/deserialize functions
* [`0c7e429`](https://github.com/siderolabs/go-blockdevice/commit/0c7e4296e01b3df815a935db3e30de6b9d4cc1d1) refactor: simplify middle endian functions
* [`15b182d`](https://github.com/siderolabs/go-blockdevice/commit/15b182db0cd233b163ed83d1724c7e28cf29d71a) fix: return partition table not exist when trying to read an empty dev
* [`b9517d5`](https://github.com/siderolabs/go-blockdevice/commit/b9517d51120d385f97b0026f99ce3c4782940c37) fix: resize partition
* [`70d2865`](https://github.com/siderolabs/go-blockdevice/commit/70d28650b398a14469cbb5356417355b0ba62956) fix: try to find cdrom disks
* [`667bf53`](https://github.com/siderolabs/go-blockdevice/commit/667bf539b99ac34b629a0103ef7a7278a5a5f35d) fix: revert gpt partition not found
* [`d7d4cdd`](https://github.com/siderolabs/go-blockdevice/commit/d7d4cdd7ac56c82caab19246b5decd59f12195eb) fix: gpt partition not found
* [`33afba3`](https://github.com/siderolabs/go-blockdevice/commit/33afba347c0dce38a436c46a0aac26d2f99427c1) fix: also open in readonly mode when running `All` lookup method
* [`e367f9d`](https://github.com/siderolabs/go-blockdevice/commit/e367f9dc7fa935f11672de0fdc8a89429285a07a) feat: make probe always open blockdevices in readonly mode
* [`d981156`](https://github.com/siderolabs/go-blockdevice/commit/d9811569588ba44be878a00ce316f59a37abed8b) fix: allow Build for Windows
* [`fe24303`](https://github.com/siderolabs/go-blockdevice/commit/fe2430349e9d734ce6dbf4e7b2e0f8a37bb22679) fix: perform correct PMBR partition calculations
* [`2ec0c3c`](https://github.com/siderolabs/go-blockdevice/commit/2ec0c3cc0ff5ff705ed5c910ca1bcd5d93c7b102) fix: preserve the PMBR bootable flag when opening GPT partition
* [`87816a8`](https://github.com/siderolabs/go-blockdevice/commit/87816a81cefc728cfe3cb221b476d8ed4b609fd8) feat: align partition to minimum I/O size
* [`c34b59f`](https://github.com/siderolabs/go-blockdevice/commit/c34b59fb33a7ad8be18bb19bc8c8d8294b4b3a78) feat: expose more encryption options in the LUKS module
* [`30c2bc3`](https://github.com/siderolabs/go-blockdevice/commit/30c2bc3cb62af52f0aea9ce347923b0649fb7928) feat: mark MBR bootable
* [`1292574`](https://github.com/siderolabs/go-blockdevice/commit/1292574643e06512255fb0f45107e0c296eb5a3b) fix: make disk type matcher parser case insensitive
* [`b77400e`](https://github.com/siderolabs/go-blockdevice/commit/b77400e0a7261bf25da77c1f28c2f393f367bfa9) fix: properly detect nvme and sd card disk types
* [`1d830a2`](https://github.com/siderolabs/go-blockdevice/commit/1d830a25f64f6fb96a1bedd800c0b40b107dc833) fix: revert mark the EFI partition in PMBR as bootable
* [`bec914f`](https://github.com/siderolabs/go-blockdevice/commit/bec914ffdda42abcfe642bc2cdfc9fcda56a74ee) fix: mark the EFI partition in PMBR as bootable
* [`776b37d`](https://github.com/siderolabs/go-blockdevice/commit/776b37d31de0781f098f5d9d1894fbea3f2dfa1d) feat: add options to probe disk by various sysblock parameters
* [`bb3ad73`](https://github.com/siderolabs/go-blockdevice/commit/bb3ad73f69836acc2785ec659435e24a531359e7) fix: align partition start to physical sector size
* [`8f976c2`](https://github.com/siderolabs/go-blockdevice/commit/8f976c2031108651738ebd4db69fb09758754a28) feat: replace exec.Command with go-cmd module
* [`1cf7f25`](https://github.com/siderolabs/go-blockdevice/commit/1cf7f252c38cf11ef07723de2debc27d1da6b520) fix: properly handle no child processes error from cmd.Wait
* [`04a9851`](https://github.com/siderolabs/go-blockdevice/commit/04a98510c07fe8477f598befbfe6eaec4f4b73a2) feat: implement luks encryption provider
* [`b0375e4`](https://github.com/siderolabs/go-blockdevice/commit/b0375e4267fdc6108bd9ff7a5dc97b80cd924b1d) feat: add an option to open block device with exclusive flock
* [`5a1c7f7`](https://github.com/siderolabs/go-blockdevice/commit/5a1c7f768e016c93f6c0be130ffeaf34109b5b4d) refactor: add devname into gpt.Partition, refactor probe package
* [`f2728a5`](https://github.com/siderolabs/go-blockdevice/commit/f2728a581972be977d863d5d9177a873b8f3fc7b) fix: keep contents of PMBR when writing it
* [`2878460`](https://github.com/siderolabs/go-blockdevice/commit/2878460b54e8b8c3846c6a882ca9e1472c8b6b3b) fix: write second copy of partition entries
* [`943b08b`](https://github.com/siderolabs/go-blockdevice/commit/943b08bc32a2156cffb23e92b8be9288de4a7421) fix: blockdevice reset should read partition table from disk
* [`5b4ee44`](https://github.com/siderolabs/go-blockdevice/commit/5b4ee44cfd434a03ec2d7167bcc56d0f164c3fa2) fix: ignore `/dev/ram` devices
* [`98754ec`](https://github.com/siderolabs/go-blockdevice/commit/98754ec2bb200acc9e9e573fa766754d60e25ff2) refactor: rewrite GPT library
* [`2a1baad`](https://github.com/siderolabs/go-blockdevice/commit/2a1baadffdf8c9b65355e9af6e744aeab838c9db) fix: correctly build paths for `mmcblk` devices
* [`8076344`](https://github.com/siderolabs/go-blockdevice/commit/8076344a95021f25ab5d1fbf5ea4fefc790f6c3c) fix: return proper disk size from GetDisks function
* [`8742133`](https://github.com/siderolabs/go-blockdevice/commit/874213371a3fb0925aab45cbba68a957e3319525) chore: add common method to list available disks using /sys/block
* [`c4b5833`](https://github.com/siderolabs/go-blockdevice/commit/c4b583363d63503ed7e4adb9a9fa64335f7e198d) feat: implement "fast" wipe
* [`b4e67d7`](https://github.com/siderolabs/go-blockdevice/commit/b4e67d73d70d8dc06aa2b4986622dcb854dfc40c) feat: return resize status from Resize() function
* [`ceae64e`](https://github.com/siderolabs/go-blockdevice/commit/ceae64edb3a591c6f6bbd75b1149d1cfe426dd8e) fix: sync kernel partition table incrementally
* [`2cb9516`](https://github.com/siderolabs/go-blockdevice/commit/2cb95165aa67b0b839863b5ad89920c3ac7e2c82) fix: return correct error value from blkpg functions
* [`cebe43d`](https://github.com/siderolabs/go-blockdevice/commit/cebe43d1fdc1e509437198e578faa9d5a804cc37) refactor: expose `InsertAt` method via interface
* [`c40dcd8`](https://github.com/siderolabs/go-blockdevice/commit/c40dcd80c50b41c1f2a60ea6aa9d5fb3d3b180a3) fix: properly inform kernel about partition deletion
* [`bb8ac5d`](https://github.com/siderolabs/go-blockdevice/commit/bb8ac5d6a25e279e16213f585dc8d02ba6ed645f) feat: implement disk wiping via several methods
* [`23fb7dc`](https://github.com/siderolabs/go-blockdevice/commit/23fb7dc755325cfe12e48c8e8e31bebab9ddc2bc) feat: expose partition name (label)
* [`ff3a821`](https://github.com/siderolabs/go-blockdevice/commit/ff3a8210be999b8bfb2019f19f8a8b50901c64cc) feat: implement 'InsertAt' method to insert partitions at any position
* [`3d1ce4f`](https://github.com/siderolabs/go-blockdevice/commit/3d1ce4fc859fa614a4c5c54a10c0f5f4fce38bb6) fix: calculate last lba of partition correctly
* [`b71540f`](https://github.com/siderolabs/go-blockdevice/commit/b71540f6c398e958bdb7c118396a736419f735d4) feat: copy initial version from talos-systems/talos
* [`ca3c078`](https://github.com/siderolabs/go-blockdevice/commit/ca3c078da95e6497c9d41667dc242e32682e517d) Initial commit
</p>
</details>
### Dependency Changes
* **github.com/dustin/go-humanize** v1.0.1 **_new_**
* **github.com/siderolabs/gen** v0.4.3 **_new_**
* **github.com/siderolabs/go-blockdevice** v0.4.4 **_new_**
* **k8s.io/client-go** v0.26.3 -> v0.27.0
Previous release can be found at [v0.2.0-alpha.1](https://github.com/siderolabs/terraform-provider-talos/releases/tag/v0.2.0-alpha.1)
## [terraform-provider-talos 0.2.0-alpha.1](https://github.com/siderolabs/terraform-provider-talos/releases/tag/v0.2.0-alpha.1) (2023-04-12)
Welcome to the v0.2.0-alpha.1 release of terraform-provider-talos!
*This is a pre-release of terraform-provider-talos*
Please try out the release binaries and report any issues at
https://github.com/siderolabs/terraform-provider-talos/issues.
### Provider Changes
This version of the provider includes some breaking changes. Make sure to follow the provider upgrade guide at https://registry.terraform.io/providers/siderolabs/talos/latest/docs/guides/version-0.2-upgrade.html
### Component Updates
Talos sdk: v1.4.0-beta.1
### Contributors
* Noel Georgi
### Changes
<details><summary>1 commit</summary>
<p>
* [`96aeedd`](https://github.com/siderolabs/terraform-provider-talos/commit/96aeedd4bca46ced42bc98220e809940b773ce5d) docs: fix rendering of website
</p>
</details>
### Dependency Changes
* **github.com/siderolabs/talos/pkg/machinery** v1.4.0-beta.0 -> v1.4.0-beta.1
Previous release can be found at [v0.2.0-alpha.0](https://github.com/siderolabs/terraform-provider-talos/releases/tag/v0.2.0-alpha.0)
## [terraform-provider-talos 0.2.0-alpha.0](https://github.com/siderolabs/terraform-provider-talos/releases/tag/v0.2.0-alpha.0) (2023-04-10)
Welcome to the v0.2.0-alpha.0 release of terraform-provider-talos!
*This is a pre-release of terraform-provider-talos*
Please try out the release binaries and report any issues at
https://github.com/siderolabs/terraform-provider-talos/issues.
### Provider Changes
This version of the provider includes some breaking changes. Make sure to follow the provider upgrade guide at https://registry.terraform.io/providers/siderolabs/talos/latest/docs/guides/version-0.2-upgrade
### Component Updates
Talos sdk: v1.4.0-beta.0
### Contributors
* Andrey Smirnov
* Noel Georgi
* Alexey Palazhchenko
* Andrey Smirnov
* Spencer Smith
* Andrew Rynhard
* Artem Chernyshev
* Robert Wunderer
* Serge Logvinov
### Changes
<details><summary>10 commits</summary>
<p>
* [`6b2182b`](https://github.com/siderolabs/terraform-provider-talos/commit/6b2182be4015eb21d936930cfa108159b3fa16f6) chore: ci cleanup
* [`ea07caa`](https://github.com/siderolabs/terraform-provider-talos/commit/ea07caa6f39d159b286db76c525ed7cb1892f1e6) feat: code cleanup and tests
* [`4e5c210`](https://github.com/siderolabs/terraform-provider-talos/commit/4e5c210c219ddeb0ccf68cd80cb2988ce0ab5ccd) feat: use new tf sdk
* [`d1438b7`](https://github.com/siderolabs/terraform-provider-talos/commit/d1438b71d94b0ee0d0f3f5feb12317344c6e2a3e) chore: bump talos machinery
* [`aed502e`](https://github.com/siderolabs/terraform-provider-talos/commit/aed502e51945bad2493c521672a52111fcd1eca6) fix: state update required two runs
* [`dc00baa`](https://github.com/siderolabs/terraform-provider-talos/commit/dc00baad8d85e2786789ea03ac8e35d0b613bd70) fix: force new talosconfig if endpoints or nodes change
* [`b7d84ba`](https://github.com/siderolabs/terraform-provider-talos/commit/b7d84ba4e297271b1599de20310640c4ebffccb9) chore: update registry index file, remove example
* [`158dbbd`](https://github.com/siderolabs/terraform-provider-talos/commit/158dbbde42326fed9ada2a97a2a25c625c0a783e) docs: re-word `talos_version`
* [`f3b4a5b`](https://github.com/siderolabs/terraform-provider-talos/commit/f3b4a5b24362c264a642e5bc5a28bba0e70a86fc) chore: bump deps
* [`d2b6df0`](https://github.com/siderolabs/terraform-provider-talos/commit/d2b6df03e44a9150445209d3bd118c5d4417547c) docs: clarify meaning of `talos_version` in `machine_configuration` resources
</p>
</details>
### Changes from siderolabs/crypto
<details><summary>27 commits</summary>
<p>
* [`c3225ee`](https://github.com/siderolabs/crypto/commit/c3225eee603a8d1218c67e1bfe33ddde7953ed74) feat: allow CSR template subject field to be overridden
* [`8570669`](https://github.com/siderolabs/crypto/commit/85706698dac8cddd0e9f41006bed059347d2ea26) chore: rename to siderolabs/crypto
* [`e9df1b8`](https://github.com/siderolabs/crypto/commit/e9df1b8ca74c6efdc7f72191e5d2613830162fd5) feat: add support for generating keys from RSA-SHA256 CAs
* [`510b0d2`](https://github.com/siderolabs/crypto/commit/510b0d2753a89170d0c0f60e052a66484997a5b2) chore: add json tags
* [`6fa2d93`](https://github.com/siderolabs/crypto/commit/6fa2d93d0382299d5471e0de8e831c923398aaa8) fix: deepcopy nil fields as `nil`
* [`9a63cba`](https://github.com/siderolabs/crypto/commit/9a63cba8dabd278f3080fa8c160613efc48c43f8) fix: add back support for generating ECDSA keys with P-256 and SHA512
* [`893bc66`](https://github.com/siderolabs/crypto/commit/893bc66e4716a4cb7d1d5e66b5660ffc01f22823) fix: use SHA256 for ECDSA-P256
* [`deec8d4`](https://github.com/siderolabs/crypto/commit/deec8d47700e10e3ea813bdce01377bd93c83367) chore: implement DeepCopy methods for PEMEncoded* types
* [`d3cb772`](https://github.com/siderolabs/crypto/commit/d3cb77220384b3a3119a6f3ddb1340bbc811f1d1) feat: make possible to change KeyUsage
* [`6bc5bb5`](https://github.com/siderolabs/crypto/commit/6bc5bb50c52767296a1b1cab6580e3fcf1358f34) chore: remove unused argument
* [`cd18ef6`](https://github.com/siderolabs/crypto/commit/cd18ef62eb9f65d8b6730a2eb73e47e629949e1b) feat: add support for several organizations
* [`97c888b`](https://github.com/siderolabs/crypto/commit/97c888b3924dd5ac70b8d30dd66b4370b5ab1edc) chore: add options to CSR
* [`7776057`](https://github.com/siderolabs/crypto/commit/7776057f5086157873f62f6a21ec23fa9fd86e05) chore: fix typos
* [`80df078`](https://github.com/siderolabs/crypto/commit/80df078327030af7e822668405bb4853c512bd7c) chore: remove named result parameters
* [`15bdd28`](https://github.com/siderolabs/crypto/commit/15bdd282b74ac406ab243853c1b50338a1bc29d0) chore: minor updates
* [`4f80b97`](https://github.com/siderolabs/crypto/commit/4f80b976b640d773fb025d981bf85bcc8190815b) fix: verify CSR signature before issuing a certificate
* [`39584f1`](https://github.com/siderolabs/crypto/commit/39584f1b6e54e9966db1f16369092b2215707134) feat: support for key/certificate types RSA, Ed25519, ECDSA
* [`cf75519`](https://github.com/siderolabs/crypto/commit/cf75519cab82bd1b128ae9b45107c6bb422bd96a) fix: function NewKeyPair should create certificate with proper subject
* [`751c95a`](https://github.com/siderolabs/crypto/commit/751c95aa9434832a74deb6884cff7c5fd785db0b) feat: add 'PEMEncodedKey' which allows to transport keys in YAML
* [`562c3b6`](https://github.com/siderolabs/crypto/commit/562c3b66f89866746c0ba47927c55f41afed0f7f) feat: add support for public RSA key in RSAKey
* [`bda0e9c`](https://github.com/siderolabs/crypto/commit/bda0e9c24e80c658333822e2002e0bc671ac53a3) feat: enable more conversions between encoded and raw versions
* [`e0dd56a`](https://github.com/siderolabs/crypto/commit/e0dd56ac47456f85c0b247999afa93fb87ebc78b) feat: add NotBefore option for x509 cert creation
* [`12a4897`](https://github.com/siderolabs/crypto/commit/12a489768a6bb2c13e16e54617139c980f99a658) feat: add support for SPKI fingerprint generation and matching
* [`d0c3eef`](https://github.com/siderolabs/crypto/commit/d0c3eef149ec9b713e7eca8c35a6214bd0a64bc4) fix: implement NewKeyPair
* [`196679e`](https://github.com/siderolabs/crypto/commit/196679e9ec77cb709db54879ddeddd4eaafaea01) feat: move `pkg/grpc/tls` from `github.com/talos-systems/talos` as `./tls`
* [`1ff6242`](https://github.com/siderolabs/crypto/commit/1ff6242c91bb298ceeb4acd65685cba952fe4178) chore: initial version as imported from talos-systems/talos
* [`835063e`](https://github.com/siderolabs/crypto/commit/835063e055b28a525038b826a6d80cbe76402414) chore: initial commit
</p>
</details>
### Dependency Changes
* **github.com/hashicorp/terraform-plugin-framework** v1.2.0 **_new_**
* **github.com/hashicorp/terraform-plugin-framework-timeouts** v0.3.1 **_new_**
* **github.com/hashicorp/terraform-plugin-framework-validators** v0.10.0 **_new_**
* **github.com/hashicorp/terraform-plugin-go** v0.15.0 **_new_**
* **github.com/hashicorp/terraform-plugin-sdk/v2** v2.25.0 -> v2.26.1
* **github.com/hashicorp/terraform-plugin-testing** v1.2.0 **_new_**
* **github.com/siderolabs/crypto** v0.4.0 **_new_**
* **github.com/siderolabs/talos/pkg/machinery** v1.3.6 -> v1.4.0-beta.0
* **golang.org/x/mod** v0.10.0 **_new_**
* **google.golang.org/grpc** v1.51.0 -> v1.54.0
* **k8s.io/client-go** v0.26.3 **_new_**
Previous release can be found at [v0.1.2](https://github.com/siderolabs/terraform-provider-talos/releases/tag/v0.1.2)
## [terraform-provider-talos 0.1.0-alpha.12](https://github.com/siderolabs/terraform-provider-talos/releases/tag/v0.1.0-alpha.12) (2022-12-16)
Welcome to the v0.1.0-alpha.12 release of terraform-provider-talos!
*This is a pre-release of terraform-provider-talos*
Please try out the release binaries and report any issues at
https://github.com/siderolabs/terraform-provider-talos/issues.
### Fixes
Fixed an issue with the provider when using a secure Talos client.
### Contributors
* Noel Georgi
### Changes
<details><summary>1 commit</summary>
<p>
* [`3c80f59`](https://github.com/siderolabs/terraform-provider-talos/commit/3c80f59ad7a8514b5481c84ca0d210c62ea06bcc) fix: handling talos secure client
</p>
</details>
### Dependency Changes
This release has no dependency changes
Previous release can be found at [v0.1.0-alpha.11](https://github.com/siderolabs/terraform-provider-talos/releases/tag/v0.1.0-alpha.11)
## [terraform-provider-talos 0.1.0-alpha.11](https://github.com/siderolabs/terraform-provider-talos/releases/tag/v0.1.0-alpha.11) (2022-12-09)
Welcome to the v0.1.0-alpha.11 release of terraform-provider-talos!
*This is a pre-release of terraform-provider-talos*
Please try out the release binaries and report any issues at
https://github.com/siderolabs/terraform-provider-talos/issues.
### Component Updates
Talos sdk: v1.2.7
### Contributors
### Changes
<details><summary>0 commit</summary>
<p>
</p>
</details>
### Dependency Changes
This release has no dependency changes
Previous release can be found at [v0.1.0-alpha.10](https://github.com/siderolabs/terraform-provider-talos/releases/tag/v0.1.0-alpha.10)
## [terraform-provider-talos 0.1.0-alpha.10](https://github.com/siderolabs/terraform-provider-talos/releases/tag/v0.1.0-alpha.10) (2022-11-02)
Welcome to the v0.1.0-alpha.10 release of terraform-provider-talos!
*This is a pre-release of terraform-provider-talos*
Please try out the release binaries and report any issues at
https://github.com/siderolabs/terraform-provider-talos/issues.
### Component Updates
Talos sdk: v1.2.6
### Contributors
### Changes
<details><summary>0 commit</summary>
<p>
</p>
</details>
### Dependency Changes
This release has no dependency changes
Previous release can be found at [v0.1.0-alpha.9](https://github.com/siderolabs/terraform-provider-talos/releases/tag/v0.1.0-alpha.9)
## [terraform-provider-talos 0.1.0-alpha.9](https://github.com/siderolabs/terraform-provider-talos/releases/tag/v0.1.0-alpha.9) (2022-10-18)
Welcome to the v0.1.0-alpha.9 release of terraform-provider-talos!
*This is a pre-release of terraform-provider-talos*
Please try out the release binaries and report any issues at
https://github.com/siderolabs/terraform-provider-talos/issues.
### Component Updates
Talos sdk: v1.2.5
### Contributors
### Changes
<details><summary>0 commit</summary>
<p>
</p>
</details>
### Dependency Changes
This release has no dependency changes
Previous release can be found at [v0.1.0-alpha.8](https://github.com/siderolabs/terraform-provider-talos/releases/tag/v0.1.0-alpha.8)
## [terraform-provider-talos 1.2.4](https://github.com/siderolabs/terraform-provider-talos/releases/tag/v1.2.4) (2022-10-18)
Welcome to the v1.2.4 release of terraform-provider-talos!
*This is a pre-release of terraform-provider-talos*
Please try out the release binaries and report any issues at
https://github.com/siderolabs/terraform-provider-talos/issues.
### Component Updates
Talos sdk: v1.2.4
### Contributors
* Dmitriy Matrenichev
* Noel Georgi
### Changes
<details><summary>1 commit</summary>
<p>
* [`1c7975d`](https://github.com/siderolabs/terraform-provider-talos/commit/1c7975d1392406fa10a1a225e426e005d699c73e) chore: move to `gen` go pkg
</p>
</details>
### Changes from siderolabs/gen
<details><summary>2 commits</summary>
<p>
* [`338a650`](https://github.com/siderolabs/gen/commit/338a65065f92eb6426a66c4a88a0cc02cc02e529) chore: add initial implementation and documentation
* [`4fd8667`](https://github.com/siderolabs/gen/commit/4fd866707052c792a6adccbc28efec5debdd18a8) Initial commit
</p>
</details>
### Dependency Changes
* **github.com/siderolabs/gen** v0.1.0 **_new_**
Previous release can be found at [v0.1.0-alpha.7](https://github.com/siderolabs/terraform-provider-talos/releases/tag/v0.1.0-alpha.7)
## [terraform-provider-talos 0.1.0-alpha.7](https://github.com/siderolabs/terraform-provider-talos/releases/tag/v0.1.0-alpha.7) (2022-09-20)
Welcome to the v0.1.0-alpha.7 release of terraform-provider-talos!
*This is a pre-release of terraform-provider-talos*
Please try out the release binaries and report any issues at
https://github.com/siderolabs/terraform-provider-talos/issues.
### Contributors
* Noel Georgi
### Changes
<details><summary>1 commit</summary>
<p>
* [`79594a6`](https://github.com/siderolabs/terraform-provider-talos/commit/79594a60b231966f68be2e39c01990e209176d6b) chore: bump talos to v1.2.3
</p>
</details>
### Dependency Changes
This release has no dependency changes
Previous release can be found at [v0.1.0-alpha.6](https://github.com/siderolabs/terraform-provider-talos/releases/tag/v0.1.0-alpha.6)
## [terraform-provider-talos 0.1.0-alpha.6](https://github.com/siderolabs/terraform-provider-talos/releases/tag/v0.1.0-alpha.6) (2022-09-15)
Welcome to the v0.1.0-alpha.6 release of terraform-provider-talos!
*This is a pre-release of terraform-provider-talos*
Please try out the release binaries and report any issues at
https://github.com/siderolabs/terraform-provider-talos/issues.
### Talos Provider
The Talos provider now requires `endpoint` and `node` to be set for `talos_machine_configuration_apply`, `talos_machine_bootstrap`, `talos_cluster_kubeconfig` resources.
The `endpoints` and `nodes` arguments are removed for the above resources.
This release also fixes a bug when multiple endpoitns were specified in the Talos client config.
### Contributors
### Changes
<details><summary>0 commit</summary>
<p>
</p>
</details>
### Dependency Changes
This release has no dependency changes
Previous release can be found at [v0.1.0-alpha.5](https://github.com/siderolabs/terraform-provider-talos/releases/tag/v0.1.0-alpha.5)
## [terraform-provider-talos 0.1.0-alpha.5](https://github.com/siderolabs/terraform-provider-talos/releases/tag/v0.1.0-alpha.5) (2022-09-15)
Welcome to the v0.1.0-alpha.5 release of terraform-provider-talos!
*This is a pre-release of terraform-provider-talos*
Please try out the release binaries and report any issues at
https://github.com/siderolabs/terraform-provider-talos/issues.
### Talos Provider
The Talos provider now requires `endpoint` and `node` to be set for `talos_machine_configuration_apply`, `talos_machine_bootstrap`, `talos_cluster_kubeconfig` resources.
The `endpoints` and `nodes` arguments are removed for the above resources.
This release also fixes a bug when multiple endpoitns were specified in the Talos client config.
### Contributors
### Changes
<details><summary>0 commit</summary>
<p>
</p>
</details>
### Dependency Changes
This release has no dependency changes
Previous release can be found at [v0.1.0-alpha.4](https://github.com/siderolabs/terraform-provider-talos/releases/tag/v0.1.0-alpha.4)
## [terraform-provider-talos 0.1.0-alpha.4](https://github.com/siderolabs/terraform-provider-talos/releases/tag/v0.1.0-alpha.4) (2022-09-15)
Welcome to the v0.1.0-alpha.4 release of terraform-provider-talos!
*This is a pre-release of terraform-provider-talos*
Please try out the release binaries and report any issues at
https://github.com/siderolabs/terraform-provider-talos/issues.
### Talos Provider
The Talos provider now requires `endpoint` and `node` to be set for `talos_machine_configuration_apply`, `talos_machine_bootstrap`, `talos_cluster_kubeconfig` resources.
The `endpoints` and `nodes` arguments are removed for the above resources.
This release also fixes a bug when multiple endpoitns were specified in the Talos client config.
### Contributors
* Noel Georgi
* Nahuel Pastorale
### Changes
<details><summary>3 commits</summary>
<p>
* [`ea5a4ba`](https://github.com/siderolabs/terraform-provider-talos/commit/ea5a4bab1d86f20fc832fd4ffacf5978699a716e) release(v0.1.0-alpha.4): prepare release
* [`b9111db`](https://github.com/siderolabs/terraform-provider-talos/commit/b9111db42dade59000b26b313f7b7f0d5e6dc083) fix: client operations
* [`e2d04ac`](https://github.com/siderolabs/terraform-provider-talos/commit/e2d04acbf10eb092effa60a1cbc0eb27325d4b19) docs: fix wrong resource reference
</p>
</details>
### Dependency Changes
This release has no dependency changes
Previous release can be found at [v0.1.0-alpha.3](https://github.com/siderolabs/terraform-provider-talos/releases/tag/v0.1.0-alpha.3)
## [terraform-provider-talos 0.1.0-alpha.3](https://github.com/siderolabs/terraform-provider-talos/releases/tag/v0.1.0-alpha.3) (2022-09-08)
Welcome to the v0.1.0-alpha.3 release of terraform-provider-talos!
*This is a pre-release of terraform-provider-talos*
Please try out the release binaries and report any issues at
https://github.com/siderolabs/terraform-provider-talos/issues.
### Talos Provider
The Talos provider supports generating configs, applying them and bootstrap the nodes.
Resources supported:
* `talos_machine_secrets`
* `talos_client_configuration`
* `talos_machine_configuration_controlplane`
* `talos_machine_configuration_worker`
* `talos_machine_configuration_apply`
* `talos_machine_bootstrap`
* `talos_cluster_kubeconfig`
Data sources supported:
* `talos_client_configuration`
* `talos_cluster_kubeconfig`
Data sources will always create a diff and might be removed in a future release.
### Contributors
* Andrew Rynhard
* Andrey Smirnov
* Dmitriy Matrenichev
* Noel Georgi
### Changes
<details><summary>2 commits</summary>
<p>
* [`e29e302`](https://github.com/siderolabs/terraform-provider-talos/commit/e29e3028b0b5dc3c56757a7724d1400d4d98b3e8) chore: add release workflow
* [`4ecfd4f`](https://github.com/siderolabs/terraform-provider-talos/commit/4ecfd4f52353495a8304b0530d85a73b757861c9) feat: add new resources
</p>
</details>
### Changes from siderolabs/go-pointer
<details><summary>2 commits</summary>
<p>
* [`71ccdf0`](https://github.com/siderolabs/go-pointer/commit/71ccdf0d65330596f4def36da37625e4f362f2a9) chore: implement main functionality
* [`c1c3b23`](https://github.com/siderolabs/go-pointer/commit/c1c3b235d30cb0de97ed0645809f2b21af3b021e) Initial commit
</p>
</details>
### Dependency Changes
* **github.com/cosi-project/runtime** v0.1.1 **_new_**
* **github.com/siderolabs/go-pointer** v1.0.0 **_new_**
* **google.golang.org/grpc** v1.48.0 **_new_**
Previous release can be found at [v0.1.0-alpha.2](https://github.com/siderolabs/terraform-provider-talos/releases/tag/v0.1.0-alpha.2)
================================================
FILE: LICENSE
================================================
Mozilla Public License Version 2.0
==================================
1. Definitions
--------------
1.1. "Contributor"
means each individual or legal entity that creates, contributes to
the creation of, or owns Covered Software.
1.2. "Contributor Version"
means the combination of the Contributions of others (if any) used
by a Contributor and that particular Contributor's Contribution.
1.3. "Contribution"
means Covered Software of a particular Contributor.
1.4. "Covered Software"
means Source Code Form to which the initial Contributor has attached
the notice in Exhibit A, the Executable Form of such Source Code
Form, and Modifications of such Source Code Form, in each case
including portions thereof.
1.5. "Incompatible With Secondary Licenses"
means
(a) that the initial Contributor has attached the notice described
in Exhibit B to the Covered Software; or
(b) that the Covered Software was made available under the terms of
version 1.1 or earlier of the License, but not also under the
terms of a Secondary License.
1.6. "Executable Form"
means any form of the work other than Source Code Form.
1.7. "Larger Work"
means a work that combines Covered Software with other material, in
a separate file or files, that is not Covered Software.
1.8. "License"
means this document.
1.9. "Licensable"
means having the right to grant, to the maximum extent possible,
whether at the time of the initial grant or subsequently, any and
all of the rights conveyed by this License.
1.10. "Modifications"
means any of the following:
(a) any file in Source Code Form that results from an addition to,
deletion from, or modification of the contents of Covered
Software; or
(b) any new file in Source Code Form that contains any Covered
Software.
1.11. "Patent Claims" of a Contributor
means any patent claim(s), including without limitation, method,
process, and apparatus claims, in any patent Licensable by such
Contributor that would be infringed, but for the grant of the
License, by the making, using, selling, offering for sale, having
made, import, or transfer of either its Contributions or its
Contributor Version.
1.12. "Secondary License"
means either the GNU General Public License, Version 2.0, the GNU
Lesser General Public License, Version 2.1, the GNU Affero General
Public License, Version 3.0, or any later versions of those
licenses.
1.13. "Source Code Form"
means the form of the work preferred for making modifications.
1.14. "You" (or "Your")
means an individual or a legal entity exercising rights under this
License. For legal entities, "You" includes any entity that
controls, is controlled by, or is under common control with You. For
purposes of this definition, "control" means (a) the power, direct
or indirect, to cause the direction or management of such entity,
whether by contract or otherwise, or (b) ownership of more than
fifty percent (50%) of the outstanding shares or beneficial
ownership of such entity.
2. License Grants and Conditions
--------------------------------
2.1. Grants
Each Contributor hereby grants You a world-wide, royalty-free,
non-exclusive license:
(a) under intellectual property rights (other than patent or trademark)
Licensable by such Contributor to use, reproduce, make available,
modify, display, perform, distribute, and otherwise exploit its
Contributions, either on an unmodified basis, with Modifications, or
as part of a Larger Work; and
(b) under Patent Claims of such Contributor to make, use, sell, offer
for sale, have made, import, and otherwise transfer either its
Contributions or its Contributor Version.
2.2. Effective Date
The licenses granted in Section 2.1 with respect to any Contribution
become effective for each Contribution on the date the Contributor first
distributes such Contribution.
2.3. Limitations on Grant Scope
The licenses granted in this Section 2 are the only rights granted under
this License. No additional rights or licenses will be implied from the
distribution or licensing of Covered Software under this License.
Notwithstanding Section 2.1(b) above, no patent license is granted by a
Contributor:
(a) for any code that a Contributor has removed from Covered Software;
or
(b) for infringements caused by: (i) Your and any other third party's
modifications of Covered Software, or (ii) the combination of its
Contributions with other software (except as part of its Contributor
Version); or
(c) under Patent Claims infringed by Covered Software in the absence of
its Contributions.
This License does not grant any rights in the trademarks, service marks,
or logos of any Contributor (except as may be necessary to comply with
the notice requirements in Section 3.4).
2.4. Subsequent Licenses
No Contributor makes additional grants as a result of Your choice to
distribute the Covered Software under a subsequent version of this
License (see Section 10.2) or under the terms of a Secondary License (if
permitted under the terms of Section 3.3).
2.5. Representation
Each Contributor represents that the Contributor believes its
Contributions are its original creation(s) or it has sufficient rights
to grant the rights to its Contributions conveyed by this License.
2.6. Fair Use
This License is not intended to limit any rights You have under
applicable copyright doctrines of fair use, fair dealing, or other
equivalents.
2.7. Conditions
Sections 3.1, 3.2, 3.3, and 3.4 are conditions of the licenses granted
in Section 2.1.
3. Responsibilities
-------------------
3.1. Distribution of Source Form
All distribution of Covered Software in Source Code Form, including any
Modifications that You create or to which You contribute, must be under
the terms of this License. You must inform recipients that the Source
Code Form of the Covered Software is governed by the terms of this
License, and how they can obtain a copy of this License. You may not
attempt to alter or restrict the recipients' rights in the Source Code
Form.
3.2. Distribution of Executable Form
If You distribute Covered Software in Executable Form then:
(a) such Covered Software must also be made available in Source Code
Form, as described in Section 3.1, and You must inform recipients of
the Executable Form how they can obtain a copy of such Source Code
Form by reasonable means in a timely manner, at a charge no more
than the cost of distribution to the recipient; and
(b) You may distribute such Executable Form under the terms of this
License, or sublicense it under different terms, provided that the
license for the Executable Form does not attempt to limit or alter
the recipients' rights in the Source Code Form under this License.
3.3. Distribution of a Larger Work
You may create and distribute a Larger Work under terms of Your choice,
provided that You also comply with the requirements of this License for
the Covered Software. If the Larger Work is a combination of Covered
Software with a work governed by one or more Secondary Licenses, and the
Covered Software is not Incompatible With Secondary Licenses, this
License permits You to additionally distribute such Covered Software
under the terms of such Secondary License(s), so that the recipient of
the Larger Work may, at their option, further distribute the Covered
Software under the terms of either this License or such Secondary
License(s).
3.4. Notices
You may not remove or alter the substance of any license notices
(including copyright notices, patent notices, disclaimers of warranty,
or limitations of liability) contained within the Source Code Form of
the Covered Software, except that You may alter any license notices to
the extent required to remedy known factual inaccuracies.
3.5. Application of Additional Terms
You may choose to offer, and to charge a fee for, warranty, support,
indemnity or liability obligations to one or more recipients of Covered
Software. However, You may do so only on Your own behalf, and not on
behalf of any Contributor. You must make it absolutely clear that any
such warranty, support, indemnity, or liability obligation is offered by
You alone, and You hereby agree to indemnify every Contributor for any
liability incurred by such Contributor as a result of warranty, support,
indemnity or liability terms You offer. You may include additional
disclaimers of warranty and limitations of liability specific to any
jurisdiction.
4. Inability to Comply Due to Statute or Regulation
---------------------------------------------------
If it is impossible for You to comply with any of the terms of this
License with respect to some or all of the Covered Software due to
statute, judicial order, or regulation then You must: (a) comply with
the terms of this License to the maximum extent possible; and (b)
describe the limitations and the code they affect. Such description must
be placed in a text file included with all distributions of the Covered
Software under this License. Except to the extent prohibited by statute
or regulation, such description must be sufficiently detailed for a
recipient of ordinary skill to be able to understand it.
5. Termination
--------------
5.1. The rights granted under this License will terminate automatically
if You fail to comply with any of its terms. However, if You become
compliant, then the rights granted under this License from a particular
Contributor are reinstated (a) provisionally, unless and until such
Contributor explicitly and finally terminates Your grants, and (b) on an
ongoing basis, if such Contributor fails to notify You of the
non-compliance by some reasonable means prior to 60 days after You have
come back into compliance. Moreover, Your grants from a particular
Contributor are reinstated on an ongoing basis if such Contributor
notifies You of the non-compliance by some reasonable means, this is the
first time You have received notice of non-compliance with this License
from such Contributor, and You become compliant prior to 30 days after
Your receipt of the notice.
5.2. If You initiate litigation against any entity by asserting a patent
infringement claim (excluding declaratory judgment actions,
counter-claims, and cross-claims) alleging that a Contributor Version
directly or indirectly infringes any patent, then the rights granted to
You by any and all Contributors for the Covered Software under Section
2.1 of this License shall terminate.
5.3. In the event of termination under Sections 5.1 or 5.2 above, all
end user license agreements (excluding distributors and resellers) which
have been validly granted by You or Your distributors under this License
prior to termination shall survive termination.
************************************************************************
* *
* 6. Disclaimer of Warranty *
* ------------------------- *
* *
* Covered Software is provided under this License on an "as is" *
* basis, without warranty of any kind, either expressed, implied, or *
* statutory, including, without limitation, warranties that the *
* Covered Software is free of defects, merchantable, fit for a *
* particular purpose or non-infringing. The entire risk as to the *
* quality and performance of the Covered Software is with You. *
* Should any Covered Software prove defective in any respect, You *
* (not any Contributor) assume the cost of any necessary servicing, *
* repair, or correction. This disclaimer of warranty constitutes an *
* essential part of this License. No use of any Covered Software is *
* authorized under this License except under this disclaimer. *
* *
************************************************************************
************************************************************************
* *
* 7. Limitation of Liability *
* -------------------------- *
* *
* Under no circumstances and under no legal theory, whether tort *
* (including negligence), contract, or otherwise, shall any *
* Contributor, or anyone who distributes Covered Software as *
* permitted above, be liable to You for any direct, indirect, *
* special, incidental, or consequential damages of any character *
* including, without limitation, damages for lost profits, loss of *
* goodwill, work stoppage, computer failure or malfunction, or any *
* and all other commercial damages or losses, even if such party *
* shall have been informed of the possibility of such damages. This *
* limitation of liability shall not apply to liability for death or *
* personal injury resulting from such party's negligence to the *
* extent applicable law prohibits such limitation. Some *
* jurisdictions do not allow the exclusion or limitation of *
* incidental or consequential damages, so this exclusion and *
* limitation may not apply to You. *
* *
************************************************************************
8. Litigation
-------------
Any litigation relating to this License may be brought only in the
courts of a jurisdiction where the defendant maintains its principal
place of business and such litigation shall be governed by laws of that
jurisdiction, without reference to its conflict-of-law provisions.
Nothing in this Section shall prevent a party's ability to bring
cross-claims or counter-claims.
9. Miscellaneous
----------------
This License represents the complete agreement concerning the subject
matter hereof. If any provision of this License is held to be
unenforceable, such provision shall be reformed only to the extent
necessary to make it enforceable. Any law or regulation which provides
that the language of a contract shall be construed against the drafter
shall not be used to construe this License against a Contributor.
10. Versions of the License
---------------------------
10.1. New Versions
Mozilla Foundation is the license steward. Except as provided in Section
10.3, no one other than the license steward has the right to modify or
publish new versions of this License. Each version will be given a
distinguishing version number.
10.2. Effect of New Versions
You may distribute the Covered Software under the terms of the version
of the License under which You originally received the Covered Software,
or under the terms of any subsequent version published by the license
steward.
10.3. Modified Versions
If you create software not governed by this License, and you want to
create a new license for such software, you may create and use a
modified version of this License if you rename the license and remove
any references to the name of the license steward (except to note that
such modified license differs from this License).
10.4. Distributing Source Code Form that is Incompatible With Secondary
Licenses
If You choose to distribute Source Code Form that is Incompatible With
Secondary Licenses under the terms of this version of the License, the
notice described in Exhibit B of this License must be attached.
Exhibit A - Source Code Form License Notice
-------------------------------------------
This Source Code Form is subject to the terms of the Mozilla Public
License, v. 2.0. If a copy of the MPL was not distributed with this
file, You can obtain one at http://mozilla.org/MPL/2.0/.
If it is not possible or desirable to put the notice in a particular
file, then You may include the notice in a location (such as a LICENSE
file in a relevant directory) where a recipient would be likely to look
for such a notice.
You may add additional accurate notices of copyright ownership.
Exhibit B - "Incompatible With Secondary Licenses" Notice
---------------------------------------------------------
This Source Code Form is "Incompatible With Secondary Licenses", as
defined by the Mozilla Public License, v. 2.0.
================================================
FILE: Makefile
================================================
TAG ?= $(shell git describe --tag --always --dirty)
ARTIFACTS ?= _out
ifneq ($(origin TESTS), undefined)
RUNARGS = -run='$(TESTS)'
endif
ifneq ($(origin CI), undefined)
RUNARGS += -parallel=3
RUNARGS += -timeout=40m
RUNARGS += -exec="sudo -E"
endif
.PHONY: generate
generate:
go generate ./pkg/talos
go generate
.PHONY: testacc
testacc:
# TF_CLI_CONFIG_FILE is set here to avoid using the user's .terraformrc file. Ref: https://github.com/hashicorp/terraform-plugin-sdk/issues/1171
TF_CLI_CONFIG_FILE="thisfiledoesnotexist" TF_ACC=1 go test -v -failfast -cover $(RUNARGS) ./...
.PHONY: check-dirty
check-dirty: generate ## Verifies that source tree is not dirty
@if test -n "`git status --porcelain`"; then echo "Source tree is dirty"; git status; exit 1 ; fi
build-debug:
go build -gcflags='all=-N -l'
install:
go install .
$(ARTIFACTS):
mkdir -p $(ARTIFACTS)
release-notes: $(ARTIFACTS)
@ARTIFACTS=$(ARTIFACTS) ./hack/release.sh $@ $(ARTIFACTS)/RELEASE_NOTES.md $(TAG)
go-vulncheck:
go tool -modfile tools/go.mod golang.org/x/vuln/cmd/govulncheck ./...
sbom: $(ARTIFACTS)
SYFT_FORMAT_PRETTY=1 SYFT_FORMAT_SPDX_JSON_DETERMINISTIC_UUID=1 go tool -modfile tools/go.mod github.com/anchore/syft/cmd/syft dir:. -o spdx-json > $(ARTIFACTS)/sbom.spdx.json
SYFT_FORMAT_PRETTY=1 SYFT_FORMAT_SPDX_JSON_DETERMINISTIC_UUID=1 go tool -modfile tools/go.mod github.com/anchore/syft/cmd/syft dir:. -o cyclonedx-json > $(ARTIFACTS)/sbom.cyclonedx.json
================================================
FILE: README.md
================================================
# terraform-provider-talos
## Debugging
In a bash shell, build a debug version of this provider binary:
```bash
make build-debug
```
In Visual Studio Code, [start the provider in a debug session](https://developer.hashicorp.com/terraform/plugin/debugging#starting-a-provider-in-debug-mode).
In a new bash shell, go into your terraform project directory, and run
terraform with `TF_REATTACH_PROVIDERS` set to the value printed in the VSCode debug windows.
================================================
FILE: docs/data-sources/client_configuration.md
================================================
---
# generated by https://github.com/hashicorp/terraform-plugin-docs
page_title: "talos_client_configuration Data Source - talos"
subcategory: ""
description: |-
Generate client configuration for a Talos cluster
---
# talos_client_configuration (Data Source)
Generate client configuration for a Talos cluster
## Example Usage
```terraform
resource "talos_machine_secrets" "this" {}
data "talos_client_configuration" "this" {
cluster_name = "example-cluster"
client_configuration = talos_machine_secrets.this.client_configuration
nodes = ["10.5.0.2"]
}
```
<!-- schema generated by tfplugindocs -->
## Schema
### Required
- `client_configuration` (Attributes) The client configuration data (see [below for nested schema](#nestedatt--client_configuration))
- `cluster_name` (String) The name of the cluster in the generated config
### Optional
- `endpoints` (List of String) endpoints to set in the generated config
- `nodes` (List of String) nodes to set in the generated config
### Read-Only
- `id` (String) The ID of this resource
- `talos_config` (String, Sensitive) The generated client configuration
<a id="nestedatt--client_configuration"></a>
### Nested Schema for `client_configuration`
Required:
- `ca_certificate` (String) The client CA certificate
- `client_certificate` (String) The client certificate
- `client_key` (String, Sensitive) The client key
================================================
FILE: docs/data-sources/cluster_health.md
================================================
---
# generated by https://github.com/hashicorp/terraform-plugin-docs
page_title: "talos_cluster_health Data Source - talos"
subcategory: ""
description: |-
Waits for the Talos cluster to be healthy. Can be used as a dependency before running other operations on the cluster.
---
# talos_cluster_health (Data Source)
Waits for the Talos cluster to be healthy. Can be used as a dependency before running other operations on the cluster.
<!-- schema generated by tfplugindocs -->
## Schema
### Required
- `client_configuration` (Attributes) The client configuration data (see [below for nested schema](#nestedatt--client_configuration))
- `control_plane_nodes` (List of String) List of control plane nodes to check for health.
- `endpoints` (List of String) endpoints to use for the health check client. Use at least one control plane endpoint.
### Optional
- `skip_kubernetes_checks` (Boolean) Skip Kubernetes component checks, this is useful to check if the nodes has finished booting up and kubelet is running. Default is false.
- `timeouts` (Attributes) (see [below for nested schema](#nestedatt--timeouts))
- `worker_nodes` (List of String) List of worker nodes to check for health.
### Read-Only
- `id` (String) The ID of this resource.
<a id="nestedatt--client_configuration"></a>
### Nested Schema for `client_configuration`
Required:
- `ca_certificate` (String) The client CA certificate
- `client_certificate` (String) The client certificate
- `client_key` (String, Sensitive) The client key
<a id="nestedatt--timeouts"></a>
### Nested Schema for `timeouts`
Optional:
- `read` (String) A string that can be [parsed as a duration](https://pkg.go.dev/time#ParseDuration) consisting of numbers and unit suffixes, such as "30s" or "2h45m". Valid time units are "s" (seconds), "m" (minutes), "h" (hours). Read operations occur during any refresh or planning operation when refresh is enabled.
================================================
FILE: docs/data-sources/cluster_kubeconfig.md
================================================
---
# generated by https://github.com/hashicorp/terraform-plugin-docs
page_title: "talos_cluster_kubeconfig Data Source - talos"
subcategory: ""
description: |-
Retrieves the kubeconfig for a Talos cluster
---
# talos_cluster_kubeconfig (Data Source)
Retrieves the kubeconfig for a Talos cluster
## Example Usage
```terraform
resource "talos_machine_secrets" "this" {}
data "talos_machine_configuration" "this" {
cluster_name = "example-cluster"
machine_type = "controlplane"
cluster_endpoint = "https://cluster.local:6443"
machine_secrets = talos_machine_secrets.this.machine_secrets
}
data "talos_client_configuration" "this" {
cluster_name = "example-cluster"
client_configuration = talos_machine_secrets.this.client_configuration
nodes = ["10.5.0.2"]
}
resource "talos_machine_configuration_apply" "this" {
client_configuration = talos_machine_secrets.this.client_configuration
machine_configuration_input = data.talos_machine_configuration.this.machine_configuration
node = "10.5.0.2"
config_patches = [
yamlencode({
machine = {
install = {
disk = "/dev/sdd"
}
}
})
]
}
resource "talos_machine_bootstrap" "this" {
depends_on = [
talos_machine_configuration_apply.this
]
node = "10.5.0.2"
client_configuration = talos_machine_secrets.this.client_configuration
}
data "talos_cluster_kubeconfig" "this" {
depends_on = [
talos_machine_bootstrap.this
]
client_configuration = talos_machine_secrets.this.client_configuration
node = "10.5.0.2"
}
```
<!-- schema generated by tfplugindocs -->
## Schema
### Required
- `client_configuration` (Attributes) The client configuration data (see [below for nested schema](#nestedatt--client_configuration))
- `node` (String) controlplane node to retrieve the kubeconfig from
### Optional
- `endpoint` (String) endpoint to use for the talosclient. If not set, the node value will be used
- `timeouts` (Attributes) (see [below for nested schema](#nestedatt--timeouts))
- `wait` (Boolean, Deprecated) Wait for the kubernetes api to be available
### Read-Only
- `id` (String) The ID of this resource.
- `kubeconfig_raw` (String, Sensitive) The raw kubeconfig
- `kubernetes_client_configuration` (Attributes) The kubernetes client configuration (see [below for nested schema](#nestedatt--kubernetes_client_configuration))
<a id="nestedatt--client_configuration"></a>
### Nested Schema for `client_configuration`
Required:
- `ca_certificate` (String) The client CA certificate
- `client_certificate` (String) The client certificate
- `client_key` (String, Sensitive) The client key
<a id="nestedatt--timeouts"></a>
### Nested Schema for `timeouts`
Optional:
- `read` (String) A string that can be [parsed as a duration](https://pkg.go.dev/time#ParseDuration) consisting of numbers and unit suffixes, such as "30s" or "2h45m". Valid time units are "s" (seconds), "m" (minutes), "h" (hours). Read operations occur during any refresh or planning operation when refresh is enabled.
<a id="nestedatt--kubernetes_client_configuration"></a>
### Nested Schema for `kubernetes_client_configuration`
Read-Only:
- `ca_certificate` (String) The kubernetes CA certificate
- `client_certificate` (String) The kubernetes client certificate
- `client_key` (String, Sensitive) The kubernetes client key
- `host` (String) The kubernetes host
================================================
FILE: docs/data-sources/image_factory_extensions_versions.md
================================================
---
# generated by https://github.com/hashicorp/terraform-plugin-docs
page_title: "talos_image_factory_extensions_versions Data Source - talos"
subcategory: ""
description: |-
The image factory extensions versions data source provides a list of available extensions for a specific talos version from the image factory.
---
# talos_image_factory_extensions_versions (Data Source)
The image factory extensions versions data source provides a list of available extensions for a specific talos version from the image factory.
## Example Usage
```terraform
provider "talos" {}
data "talos_image_factory_extensions_versions" "this" {
# get the latest talos version
talos_version = "v1.7.5"
filters = {
names = [
"amdgpu",
"tailscale",
]
}
}
```
<!-- schema generated by tfplugindocs -->
## Schema
### Required
- `talos_version` (String) The talos version to get extensions for.
### Optional
- `exact_filters` (Attributes) The filter to apply to the extensions list. (see [below for nested schema](#nestedatt--exact_filters))
- `filters` (Attributes) The filter to apply to the extensions list. (see [below for nested schema](#nestedatt--filters))
### Read-Only
- `extensions_info` (List of Object) The list of available extensions for the specified talos version. (see [below for nested schema](#nestedatt--extensions_info))
- `id` (String) The ID of this resource.
<a id="nestedatt--exact_filters"></a>
### Nested Schema for `exact_filters`
Optional:
- `names` (List of String) The exact name match of the extension to filter by.
<a id="nestedatt--filters"></a>
### Nested Schema for `filters`
Optional:
- `names` (List of String) The name of the extension to filter by.
<a id="nestedatt--extensions_info"></a>
### Nested Schema for `extensions_info`
Read-Only:
- `author` (String)
- `description` (String)
- `digest` (String)
- `name` (String)
- `ref` (String)
================================================
FILE: docs/data-sources/image_factory_overlays_versions.md
================================================
---
# generated by https://github.com/hashicorp/terraform-plugin-docs
page_title: "talos_image_factory_overlays_versions Data Source - talos"
subcategory: ""
description: |-
The image factory overlays versions data source provides a list of available overlays for a specific talos version from the image factory.
---
# talos_image_factory_overlays_versions (Data Source)
The image factory overlays versions data source provides a list of available overlays for a specific talos version from the image factory.
## Example Usage
```terraform
provider "talos" {}
data "talos_image_factory_overlays_versions" "this" {
# get the latest talos version
talos_version = "v1.7.5"
filters = {
name = "rock4cplus"
}
}
```
<!-- schema generated by tfplugindocs -->
## Schema
### Required
- `talos_version` (String) The talos version to get overlays for.
### Optional
- `filters` (Attributes) The filter to apply to the overlays list. (see [below for nested schema](#nestedatt--filters))
### Read-Only
- `id` (String) The ID of this resource.
- `overlays_info` (List of Object) The list of available extensions for the specified talos version. (see [below for nested schema](#nestedatt--overlays_info))
<a id="nestedatt--filters"></a>
### Nested Schema for `filters`
Optional:
- `name` (String) The name of the overlay to filter by.
<a id="nestedatt--overlays_info"></a>
### Nested Schema for `overlays_info`
Read-Only:
- `digest` (String)
- `image` (String)
- `name` (String)
- `ref` (String)
================================================
FILE: docs/data-sources/image_factory_urls.md
================================================
---
# generated by https://github.com/hashicorp/terraform-plugin-docs
page_title: "talos_image_factory_urls Data Source - talos"
subcategory: ""
description: |-
Generates URLs for different assets supported by the Talos image factory.
---
# talos_image_factory_urls (Data Source)
Generates URLs for different assets supported by the Talos image factory.
## Example Usage
```terraform
data "talos_image_factory_urls" "this" {
talos_version = "v1.7.5"
schematic_id = "376567988ad370138ad8b2698212367b8edcb69b5fd68c80be1f2ec7d603b4ba"
platform = "metal"
}
output "installer_image" {
value = data.talos_image_factory_urls.this.urls.installer
}
```
<!-- schema generated by tfplugindocs -->
## Schema
### Required
- `schematic_id` (String) The schematic ID for which the URLs are generated.
- `talos_version` (String) The Talos version for which the URLs are generated.
### Optional
- `architecture` (String) The platform architecture for which the URLs are generated. Defaults to amd64.
- `platform` (String) The platform for which the URLs are generated.
#### Metal
- metal
#### Cloud Platforms
- aws
- gcp
- equinixMetal
- azure
- digital-ocean
- nocloud
- openstack
- vmware
- akamai
- cloudstack
- hcloud
- oracle
- upcloud
- vultr
- exoscale
- opennebula
- scaleway
- `sbc` (String) The SBC's (Single Board Copmuters) for which the url are generated.
#### Single Board Computers
- rpi_5
- rpi_generic
- revpi_generic
- bananapi_m64
- nanopi_r4s
- nanopi_r5s
- jetson_nano
- libretech_all_h3_cc_h5
- orangepi_r1_plus_lts
- pine64
- rock64
- rock4cplus
- rock4se
- rock5a
- rock5b
- rockpi_4
- rockpi_4c
- helios64
- turingrk1
- orangepi-5
- orangepi-5-plus
- rockpro64
- odroid-m1
- radxa-zero-3e
- rock3b
- orangepi-5-max
- rock5t
- friendlyelec-cm3588-nas
- rock5b-plus
### Read-Only
- `id` (String) The ID of this resource.
- `urls` (Attributes) The URLs for different assets supported by the Talos image factory. If the URL is not available for a specific asset, it will be an empty string. (see [below for nested schema](#nestedatt--urls))
<a id="nestedatt--urls"></a>
### Nested Schema for `urls`
Read-Only:
- `disk_image` (String) The URL for the disk image.
- `disk_image_secureboot` (String) The URL for the disk image with secure boot.
- `initramfs` (String) The URL for the initramfs image.
- `installer` (String) The URL for the installer image.
- `installer_secureboot` (String) The URL for the installer image with secure boot.
- `iso` (String) The URL for the ISO image.
- `iso_secureboot` (String) The URL for the ISO image with secure boot.
- `kernel` (String) The URL for the kernel image.
- `kernel_command_line` (String) The URL for the kernel command line.
- `pxe` (String) The URL for the PXE image.
- `uki` (String) The URL for the UKI image.
================================================
FILE: docs/data-sources/image_factory_versions.md
================================================
---
# generated by https://github.com/hashicorp/terraform-plugin-docs
page_title: "talos_image_factory_versions Data Source - talos"
subcategory: ""
description: |-
The image factory versions data source provides a list of available talos versions from the image factory.
---
# talos_image_factory_versions (Data Source)
The image factory versions data source provides a list of available talos versions from the image factory.
## Example Usage
```terraform
provider "talos" {}
data "talos_image_factory_versions" "this" {}
output "latest" {
value = element(data.talos_image_factory_versions.this.talos_versions, length(data.talos_image_factory_versions.this.talos_versions) - 1)
}
```
<!-- schema generated by tfplugindocs -->
## Schema
### Optional
- `filters` (Attributes) The filter to apply to the overlays list. (see [below for nested schema](#nestedatt--filters))
### Read-Only
- `id` (String) The ID of this resource.
- `talos_versions` (List of String) The list of available talos versions.
<a id="nestedatt--filters"></a>
### Nested Schema for `filters`
Optional:
- `stable_versions_only` (Boolean) If set to true, only stable versions will be returned. If set to false, all versions will be returned.
================================================
FILE: docs/data-sources/machine_configuration.md
================================================
---
page_title: "talos_machine_configuration Data Source - talos"
subcategory: ""
description: |-
Generate a machine configuration for a node type
---
# talos_machine_configuration (Data Source)
Generate a machine configuration for a node type
-> **Note:** It is recommended to set the optional `talos_version` attribute. Otherwise when using a new version of the provider with a new major version of the Talos SDK, new machineconfig features will be enabled by default which could cause unexpected behavior.
## Example Usage
```terraform
resource "talos_machine_secrets" "this" {}
data "talos_machine_configuration" "this" {
cluster_name = "example-cluster"
machine_type = "controlplane"
cluster_endpoint = "https://cluster.local:6443"
machine_secrets = talos_machine_secrets.this.machine_secrets
}
```
<!-- schema generated by tfplugindocs -->
## Schema
### Required
- `cluster_endpoint` (String) The endpoint of the talos kubernetes cluster
- `cluster_name` (String) The name of the talos kubernetes cluster
- `machine_secrets` (Attributes) The secrets for the talos cluster (see [below for nested schema](#nestedatt--machine_secrets))
- `machine_type` (String) The type of machine to generate the configuration for
### Optional
- `config_patches` (List of String) The list of config patches to apply to the generated configuration
- `docs` (Boolean) Whether to generate documentation for the generated configuration. Defaults to false
- `examples` (Boolean) Whether to generate examples for the generated configuration. Defaults to false
- `kubernetes_version` (String) The version of kubernetes to use
- `talos_version` (String) The Talos version contract used to generate the machine configuration. This does not control the installed Talos version. Use `config_patches` to set `machine.install.image` to the desired value. Example values: `v1.12`, `v1.12.1`, `1.12`, `1.12.1`
### Read-Only
- `id` (String) The ID of this resource.
- `machine_configuration` (String, Sensitive) The generated machine configuration
<a id="nestedatt--machine_secrets"></a>
### Nested Schema for `machine_secrets`
Required:
- `certs` (Attributes) The certs for the talos kubernetes cluster (see [below for nested schema](#nestedatt--machine_secrets--certs))
- `cluster` (Attributes) The cluster secrets (see [below for nested schema](#nestedatt--machine_secrets--cluster))
- `secrets` (Attributes) The secrets for the talos kubernetes cluster (see [below for nested schema](#nestedatt--machine_secrets--secrets))
- `trustdinfo` (Attributes) The trustd info for the talos kubernetes cluster (see [below for nested schema](#nestedatt--machine_secrets--trustdinfo))
<a id="nestedatt--machine_secrets--certs"></a>
### Nested Schema for `machine_secrets.certs`
Required:
- `etcd` (Attributes) The certificate and key pair (see [below for nested schema](#nestedatt--machine_secrets--certs--etcd))
- `k8s` (Attributes) The certificate and key pair (see [below for nested schema](#nestedatt--machine_secrets--certs--k8s))
- `k8s_aggregator` (Attributes) The certificate and key pair (see [below for nested schema](#nestedatt--machine_secrets--certs--k8s_aggregator))
- `k8s_serviceaccount` (Attributes) (see [below for nested schema](#nestedatt--machine_secrets--certs--k8s_serviceaccount))
- `os` (Attributes) The certificate and key pair (see [below for nested schema](#nestedatt--machine_secrets--certs--os))
<a id="nestedatt--machine_secrets--certs--etcd"></a>
### Nested Schema for `machine_secrets.certs.etcd`
Required:
- `cert` (String) certificate data
- `key` (String, Sensitive) key data
<a id="nestedatt--machine_secrets--certs--k8s"></a>
### Nested Schema for `machine_secrets.certs.k8s`
Required:
- `cert` (String) certificate data
- `key` (String, Sensitive) key data
<a id="nestedatt--machine_secrets--certs--k8s_aggregator"></a>
### Nested Schema for `machine_secrets.certs.k8s_aggregator`
Required:
- `cert` (String) certificate data
- `key` (String, Sensitive) key data
<a id="nestedatt--machine_secrets--certs--k8s_serviceaccount"></a>
### Nested Schema for `machine_secrets.certs.k8s_serviceaccount`
Required:
- `key` (String, Sensitive) The key for the k8s service account
<a id="nestedatt--machine_secrets--certs--os"></a>
### Nested Schema for `machine_secrets.certs.os`
Required:
- `cert` (String) certificate data
- `key` (String, Sensitive) key data
<a id="nestedatt--machine_secrets--cluster"></a>
### Nested Schema for `machine_secrets.cluster`
Required:
- `id` (String) The cluster id
- `secret` (String, Sensitive) The cluster secret
<a id="nestedatt--machine_secrets--secrets"></a>
### Nested Schema for `machine_secrets.secrets`
Required:
- `bootstrap_token` (String, Sensitive) The bootstrap token for the talos kubernetes cluster
- `secretbox_encryption_secret` (String, Sensitive) The secretbox encryption secret for the talos kubernetes cluster
Optional:
- `aescbc_encryption_secret` (String, Sensitive) The aescbc encryption secret for the talos kubernetes cluster
<a id="nestedatt--machine_secrets--trustdinfo"></a>
### Nested Schema for `machine_secrets.trustdinfo`
Required:
- `token` (String, Sensitive) The trustd token for the talos kubernetes cluster
================================================
FILE: docs/data-sources/machine_disks.md
================================================
---
page_title: "talos_machine_disks Data Source - talos"
subcategory: ""
description: |-
Generate a machine configuration for a node type
---
# talos_machine_disks (Data Source)
Generate a machine configuration for a node type
-> **Note:** Since Talos natively supports `.machine.install.diskSelector`, the `talos_machine_disks` data source maybe just used to query disk information that could be used elsewhere. It's recommended to use `machine.install.diskSelector` in Talos machine configuration.
## Example Usage
```terraform
resource "talos_machine_secrets" "this" {}
data "talos_machine_disks" "this" {
client_configuration = talos_machine_secrets.this.client_configuration
node = "10.5.0.2"
selector = "disk.size > 6u * GB"
}
# for example, this could be used to pass in a list of disks to rook-ceph
output "nvme_disks" {
value = data.talos_machine_disks.this.disks.*.name
}
```
<!-- schema generated by tfplugindocs -->
## Schema
### Required
- `client_configuration` (Attributes) The client configuration data (see [below for nested schema](#nestedatt--client_configuration))
- `node` (String) controlplane node to retrieve the kubeconfig from
### Optional
- `endpoint` (String) endpoint to use for the talosclient. If not set, the node value will be used
- `selector` (String) The CEL expression to filter the disks.
If not set, all disks will be returned.
See [CEL documentation](https://www.talos.dev/latest/talos-guides/configuration/disk-management/#disk-selector).
- `timeouts` (Attributes) (see [below for nested schema](#nestedatt--timeouts))
### Read-Only
- `disks` (Attributes List) The disks that match the filters (see [below for nested schema](#nestedatt--disks))
- `id` (String) The generated ID of this resource
<a id="nestedatt--client_configuration"></a>
### Nested Schema for `client_configuration`
Required:
- `ca_certificate` (String) The client CA certificate
- `client_certificate` (String) The client certificate
- `client_key` (String, Sensitive) The client key
<a id="nestedatt--timeouts"></a>
### Nested Schema for `timeouts`
Optional:
- `read` (String) A string that can be [parsed as a duration](https://pkg.go.dev/time#ParseDuration) consisting of numbers and unit suffixes, such as "30s" or "2h45m". Valid time units are "s" (seconds), "m" (minutes), "h" (hours). Read operations occur during any refresh or planning operation when refresh is enabled.
<a id="nestedatt--disks"></a>
### Nested Schema for `disks`
Read-Only:
- `bus_path` (String)
- `cdrom` (Boolean)
- `dev_path` (String)
- `io_size` (Number)
- `modalias` (String)
- `model` (String)
- `pretty_size` (String)
- `readonly` (Boolean)
- `rotational` (Boolean)
- `secondary_disks` (List of String)
- `sector_size` (Number)
- `serial` (String)
- `size` (Number)
- `sub_system` (String)
- `symlinks` (List of String)
- `transport` (String)
- `uuid` (String)
- `wwid` (String)
================================================
FILE: docs/ephemeral-resources/client_configuration.md
================================================
---
# generated by https://github.com/hashicorp/terraform-plugin-docs
page_title: "talos_client_configuration Ephemeral Resource - talos"
subcategory: ""
description: |-
Generate client configuration for a Talos cluster from machine secrets. This is an ephemeral resource that does not persist secrets in Terraform state. The admin client certificate is generated with pinned timestamps so talos_config is byte-identical on every open as long as machine_secrets and not_before are unchanged.
---
# talos_client_configuration (Ephemeral Resource)
Generate client configuration for a Talos cluster from machine secrets. This is an ephemeral resource that does not persist secrets in Terraform state. The admin client certificate is generated with pinned timestamps so talos_config is byte-identical on every open as long as machine_secrets and not_before are unchanged.
<!-- schema generated by tfplugindocs -->
## Schema
### Required
- `cluster_name` (String) The name of the cluster in the generated config
- `machine_secrets` (Attributes) The secrets for the talos cluster (see [below for nested schema](#nestedatt--machine_secrets))
### Optional
- `crt_ttl` (String) The lifetime of the generated admin client certificate as a Go duration string (e.g. "8760h" for 1 year, "87600h" for 10 years). Defaults to "87600h" (10 years). Only used when not_before is set; when not_before is omitted the cert uses the OS CA's NotAfter directly.
- `endpoints` (List of String) endpoints to set in the generated config
- `nodes` (List of String) nodes to set in the generated config
- `not_before` (String) RFC3339 timestamp to use as the NotBefore field of the generated admin client certificate. When set, the certificate validity starts at this time and ends at not_before + crt_ttl. Persist this value in a terraform_data resource so it is stable across plans and the generated talos_config is byte-identical on every open. When omitted, the certificate uses the OS CA's own NotBefore/NotAfter timestamps.
### Read-Only
- `client_configuration` (Attributes, Sensitive) The generated client configuration data (see [below for nested schema](#nestedatt--client_configuration))
- `talos_config` (String, Sensitive) The generated client configuration
<a id="nestedatt--machine_secrets"></a>
### Nested Schema for `machine_secrets`
Required:
- `certs` (Attributes) The certs for the talos kubernetes cluster (see [below for nested schema](#nestedatt--machine_secrets--certs))
- `cluster` (Attributes) The cluster secrets (see [below for nested schema](#nestedatt--machine_secrets--cluster))
- `secrets` (Attributes) The secrets for the talos kubernetes cluster (see [below for nested schema](#nestedatt--machine_secrets--secrets))
- `trustdinfo` (Attributes) The trustd info for the talos kubernetes cluster (see [below for nested schema](#nestedatt--machine_secrets--trustdinfo))
<a id="nestedatt--machine_secrets--certs"></a>
### Nested Schema for `machine_secrets.certs`
Required:
- `etcd` (Attributes) The certificate and key pair (see [below for nested schema](#nestedatt--machine_secrets--certs--etcd))
- `k8s` (Attributes) The certificate and key pair (see [below for nested schema](#nestedatt--machine_secrets--certs--k8s))
- `k8s_aggregator` (Attributes) The certificate and key pair (see [below for nested schema](#nestedatt--machine_secrets--certs--k8s_aggregator))
- `k8s_serviceaccount` (Attributes) (see [below for nested schema](#nestedatt--machine_secrets--certs--k8s_serviceaccount))
- `os` (Attributes) The certificate and key pair (see [below for nested schema](#nestedatt--machine_secrets--certs--os))
<a id="nestedatt--machine_secrets--certs--etcd"></a>
### Nested Schema for `machine_secrets.certs.etcd`
Required:
- `cert` (String) certificate data
- `key` (String, Sensitive) key data
<a id="nestedatt--machine_secrets--certs--k8s"></a>
### Nested Schema for `machine_secrets.certs.k8s`
Required:
- `cert` (String) certificate data
- `key` (String, Sensitive) key data
<a id="nestedatt--machine_secrets--certs--k8s_aggregator"></a>
### Nested Schema for `machine_secrets.certs.k8s_aggregator`
Required:
- `cert` (String) certificate data
- `key` (String, Sensitive) key data
<a id="nestedatt--machine_secrets--certs--k8s_serviceaccount"></a>
### Nested Schema for `machine_secrets.certs.k8s_serviceaccount`
Required:
- `key` (String, Sensitive) The key for the k8s service account
<a id="nestedatt--machine_secrets--certs--os"></a>
### Nested Schema for `machine_secrets.certs.os`
Required:
- `cert` (String) certificate data
- `key` (String, Sensitive) key data
<a id="nestedatt--machine_secrets--cluster"></a>
### Nested Schema for `machine_secrets.cluster`
Required:
- `id` (String) The cluster id
- `secret` (String, Sensitive) The cluster secret
<a id="nestedatt--machine_secrets--secrets"></a>
### Nested Schema for `machine_secrets.secrets`
Required:
- `bootstrap_token` (String, Sensitive) The bootstrap token for the talos kubernetes cluster
- `secretbox_encryption_secret` (String, Sensitive) The secretbox encryption secret for the talos kubernetes cluster
Optional:
- `aescbc_encryption_secret` (String, Sensitive) The aescbc encryption secret for the talos kubernetes cluster
<a id="nestedatt--machine_secrets--trustdinfo"></a>
### Nested Schema for `machine_secrets.trustdinfo`
Required:
- `token` (String, Sensitive) The trustd token for the talos kubernetes cluster
<a id="nestedatt--client_configuration"></a>
### Nested Schema for `client_configuration`
Read-Only:
- `ca_certificate` (String) The client CA certificate
- `client_certificate` (String) The client certificate
- `client_key` (String, Sensitive) The client key
================================================
FILE: docs/ephemeral-resources/cluster_health.md
================================================
---
# generated by https://github.com/hashicorp/terraform-plugin-docs
page_title: "talos_cluster_health Ephemeral Resource - talos"
subcategory: ""
description: |-
Checks the health of a Talos cluster. This is an ephemeral resource that does not persist secrets in Terraform state.
---
# talos_cluster_health (Ephemeral Resource)
Checks the health of a Talos cluster. This is an ephemeral resource that does not persist secrets in Terraform state.
<!-- schema generated by tfplugindocs -->
## Schema
### Required
- `client_configuration` (Attributes) The client configuration data (see [below for nested schema](#nestedatt--client_configuration))
- `control_plane_nodes` (List of String) List of control plane nodes to check for health.
- `endpoints` (List of String) endpoints to use for the health check client. Use at least one control plane endpoint.
### Optional
- `skip_kubernetes_checks` (Boolean) Skip Kubernetes component checks, this is useful to check if the nodes has finished booting up and kubelet is running. Default is false.
- `timeout` (String) Timeout for the health check. Defaults to 10m. Valid time units are 'ns', 'us' (or 'µs'), 'ms', 's', 'm', 'h'.
- `worker_nodes` (List of String) List of worker nodes to check for health.
<a id="nestedatt--client_configuration"></a>
### Nested Schema for `client_configuration`
Required:
- `ca_certificate` (String) The client CA certificate
- `client_certificate` (String) The client certificate
- `client_key` (String, Sensitive) The client key
================================================
FILE: docs/ephemeral-resources/cluster_kubeconfig.md
================================================
---
# generated by https://github.com/hashicorp/terraform-plugin-docs
page_title: "talos_cluster_kubeconfig Ephemeral Resource - talos"
subcategory: ""
description: |-
Generate a kubeconfig for a Talos cluster from machine secrets. This is an ephemeral resource that does not persist secrets in Terraform state. The admin client certificate is generated with pinned timestamps so kubeconfig_raw is byte-identical on every open as long as machine_secrets and not_before are unchanged.
---
# talos_cluster_kubeconfig (Ephemeral Resource)
Generate a kubeconfig for a Talos cluster from machine secrets. This is an ephemeral resource that does not persist secrets in Terraform state. The admin client certificate is generated with pinned timestamps so kubeconfig_raw is byte-identical on every open as long as machine_secrets and not_before are unchanged.
## Example Usage
```terraform
ephemeral "talos_machine_secrets" "this" {}
ephemeral "talos_cluster_kubeconfig" "this" {
cluster_name = "example-cluster"
machine_secrets = ephemeral.talos_machine_secrets.this.machine_secrets
endpoint = "https://10.5.0.2:6443"
}
# Recommended pattern for stable kubeconfig when storing in a secret manager:
# Persist not_before in terraform_data so the admin cert timestamps are fixed
# across plan invocations and kubeconfig_raw is byte-identical on every open.
resource "terraform_data" "kubeconfig_nbf" {
input = plantimestamp()
lifecycle {
ignore_changes = [input]
}
}
ephemeral "talos_cluster_kubeconfig" "stable" {
cluster_name = "example-cluster"
machine_secrets = ephemeral.talos_machine_secrets.this.machine_secrets
endpoint = "https://10.5.0.2:6443"
not_before = terraform_data.kubeconfig_nbf.output
crt_ttl = "87600h"
}
```
<!-- schema generated by tfplugindocs -->
## Schema
### Required
- `cluster_name` (String) The name of the cluster; embedded in the kubeconfig context and cluster names
- `endpoint` (String) The Kubernetes API server URL to embed in the kubeconfig (e.g. https://1.2.3.4:6443)
- `machine_secrets` (Attributes) The secrets for the talos cluster (see [below for nested schema](#nestedatt--machine_secrets))
### Optional
- `crt_ttl` (String) The lifetime of the generated admin client certificate as a Go duration string (e.g. "8760h" for 1 year, "87600h" for 10 years). Defaults to "87600h" (10 years). Only used when not_before is set; when not_before is omitted the cert uses the K8s CA's NotAfter directly.
- `not_before` (String) RFC3339 timestamp to use as the NotBefore field of the generated admin client certificate. When set, the certificate validity starts at this time and ends at not_before + crt_ttl. Persist this value in a terraform_data resource so it is stable across plans and the generated kubeconfig_raw is byte-identical on every open. When omitted, the certificate uses the K8s CA's own NotBefore/NotAfter timestamps.
### Read-Only
- `kubeconfig_raw` (String, Sensitive) The raw kubeconfig
- `kubernetes_client_configuration` (Attributes) The kubernetes client configuration (see [below for nested schema](#nestedatt--kubernetes_client_configuration))
<a id="nestedatt--machine_secrets"></a>
### Nested Schema for `machine_secrets`
Required:
- `certs` (Attributes) The certs for the talos kubernetes cluster (see [below for nested schema](#nestedatt--machine_secrets--certs))
- `cluster` (Attributes) The cluster secrets (see [below for nested schema](#nestedatt--machine_secrets--cluster))
- `secrets` (Attributes) The secrets for the talos kubernetes cluster (see [below for nested schema](#nestedatt--machine_secrets--secrets))
- `trustdinfo` (Attributes) The trustd info for the talos kubernetes cluster (see [below for nested schema](#nestedatt--machine_secrets--trustdinfo))
<a id="nestedatt--machine_secrets--certs"></a>
### Nested Schema for `machine_secrets.certs`
Required:
- `etcd` (Attributes) The certificate and key pair (see [below for nested schema](#nestedatt--machine_secrets--certs--etcd))
- `k8s` (Attributes) The certificate and key pair (see [below for nested schema](#nestedatt--machine_secrets--certs--k8s))
- `k8s_aggregator` (Attributes) The certificate and key pair (see [below for nested schema](#nestedatt--machine_secrets--certs--k8s_aggregator))
- `k8s_serviceaccount` (Attributes) (see [below for nested schema](#nestedatt--machine_secrets--certs--k8s_serviceaccount))
- `os` (Attributes) The certificate and key pair (see [below for nested schema](#nestedatt--machine_secrets--certs--os))
<a id="nestedatt--machine_secrets--certs--etcd"></a>
### Nested Schema for `machine_secrets.certs.etcd`
Required:
- `cert` (String) certificate data
- `key` (String, Sensitive) key data
<a id="nestedatt--machine_secrets--certs--k8s"></a>
### Nested Schema for `machine_secrets.certs.k8s`
Required:
- `cert` (String) certificate data
- `key` (String, Sensitive) key data
<a id="nestedatt--machine_secrets--certs--k8s_aggregator"></a>
### Nested Schema for `machine_secrets.certs.k8s_aggregator`
Required:
- `cert` (String) certificate data
- `key` (String, Sensitive) key data
<a id="nestedatt--machine_secrets--certs--k8s_serviceaccount"></a>
### Nested Schema for `machine_secrets.certs.k8s_serviceaccount`
Required:
- `key` (String, Sensitive) The key for the k8s service account
<a id="nestedatt--machine_secrets--certs--os"></a>
### Nested Schema for `machine_secrets.certs.os`
Required:
- `cert` (String) certificate data
- `key` (String, Sensitive) key data
<a id="nestedatt--machine_secrets--cluster"></a>
### Nested Schema for `machine_secrets.cluster`
Required:
- `id` (String) The cluster id
- `secret` (String, Sensitive) The cluster secret
<a id="nestedatt--machine_secrets--secrets"></a>
### Nested Schema for `machine_secrets.secrets`
Required:
- `bootstrap_token` (String, Sensitive) The bootstrap token for the talos kubernetes cluster
- `secretbox_encryption_secret` (String, Sensitive) The secretbox encryption secret for the talos kubernetes cluster
Optional:
- `aescbc_encryption_secret` (String, Sensitive) The aescbc encryption secret for the talos kubernetes cluster
<a id="nestedatt--machine_secrets--trustdinfo"></a>
### Nested Schema for `machine_secrets.trustdinfo`
Required:
- `token` (String, Sensitive) The trustd token for the talos kubernetes cluster
<a id="nestedatt--kubernetes_client_configuration"></a>
### Nested Schema for `kubernetes_client_configuration`
Read-Only:
- `ca_certificate` (String) The kubernetes CA certificate
- `client_certificate` (String) The kubernetes client certificate
- `client_key` (String, Sensitive) The kubernetes client key
- `host` (String) The kubernetes host
================================================
FILE: docs/ephemeral-resources/machine_configuration.md
================================================
---
page_title: "talos_machine_configuration Ephemeral Resource - talos"
subcategory: ""
description: |-
Generate a machine configuration for a node type. This is an ephemeral resource that does not persist secrets in Terraform state.
---
# talos_machine_configuration (Ephemeral Resource)
Generate a machine configuration for a node type. This is an ephemeral resource that does not persist secrets in Terraform state.
-> **Note:** It is recommended to set the optional `talos_version` attribute. Otherwise when using a new version of the provider with a new major version of the Talos SDK, new machineconfig features will be enabled by default which could cause unexpected behavior.
<!-- schema generated by tfplugindocs -->
## Schema
### Required
- `cluster_endpoint` (String) The endpoint of the talos kubernetes cluster
- `cluster_name` (String) The name of the talos kubernetes cluster
- `machine_secrets` (Attributes) The secrets for the talos cluster (see [below for nested schema](#nestedatt--machine_secrets))
- `machine_type` (String) The type of machine to generate the configuration for
### Optional
- `config_patches` (List of String) The list of config patches to apply to the generated configuration
- `docs` (Boolean) Whether to generate documentation for the generated configuration. Defaults to false
- `examples` (Boolean) Whether to generate examples for the generated configuration. Defaults to false
- `kubernetes_version` (String) The version of kubernetes to use
- `talos_version` (String) The Talos version contract used to generate the machine configuration. This does not control the installed Talos version. Use `config_patches` to set `machine.install.image` to the desired value. Example values: `v1.12`, `v1.12.1`, `1.12`, `1.12.1`
### Read-Only
- `machine_configuration` (String, Sensitive) The generated machine configuration
<a id="nestedatt--machine_secrets"></a>
### Nested Schema for `machine_secrets`
Required:
- `certs` (Attributes) The certs for the talos kubernetes cluster (see [below for nested schema](#nestedatt--machine_secrets--certs))
- `cluster` (Attributes) The cluster secrets (see [below for nested schema](#nestedatt--machine_secrets--cluster))
- `secrets` (Attributes) The secrets for the talos kubernetes cluster (see [below for nested schema](#nestedatt--machine_secrets--secrets))
- `trustdinfo` (Attributes) The trustd info for the talos kubernetes cluster (see [below for nested schema](#nestedatt--machine_secrets--trustdinfo))
<a id="nestedatt--machine_secrets--certs"></a>
### Nested Schema for `machine_secrets.certs`
Required:
- `etcd` (Attributes) The certificate and key pair (see [below for nested schema](#nestedatt--machine_secrets--certs--etcd))
- `k8s` (Attributes) The certificate and key pair (see [below for nested schema](#nestedatt--machine_secrets--certs--k8s))
- `k8s_aggregator` (Attributes) The certificate and key pair (see [below for nested schema](#nestedatt--machine_secrets--certs--k8s_aggregator))
- `k8s_serviceaccount` (Attributes) (see [below for nested schema](#nestedatt--machine_secrets--certs--k8s_serviceaccount))
- `os` (Attributes) The certificate and key pair (see [below for nested schema](#nestedatt--machine_secrets--certs--os))
<a id="nestedatt--machine_secrets--certs--etcd"></a>
### Nested Schema for `machine_secrets.certs.etcd`
Required:
- `cert` (String) certificate data
- `key` (String, Sensitive) key data
<a id="nestedatt--machine_secrets--certs--k8s"></a>
### Nested Schema for `machine_secrets.certs.k8s`
Required:
- `cert` (String) certificate data
- `key` (String, Sensitive) key data
<a id="nestedatt--machine_secrets--certs--k8s_aggregator"></a>
### Nested Schema for `machine_secrets.certs.k8s_aggregator`
Required:
- `cert` (String) certificate data
- `key` (String, Sensitive) key data
<a id="nestedatt--machine_secrets--certs--k8s_serviceaccount"></a>
### Nested Schema for `machine_secrets.certs.k8s_serviceaccount`
Required:
- `key` (String, Sensitive) The key for the k8s service account
<a id="nestedatt--machine_secrets--certs--os"></a>
### Nested Schema for `machine_secrets.certs.os`
Required:
- `cert` (String) certificate data
- `key` (String, Sensitive) key data
<a id="nestedatt--machine_secrets--cluster"></a>
### Nested Schema for `machine_secrets.cluster`
Required:
- `id` (String) The cluster id
- `secret` (String, Sensitive) The cluster secret
<a id="nestedatt--machine_secrets--secrets"></a>
### Nested Schema for `machine_secrets.secrets`
Required:
- `bootstrap_token` (String, Sensitive) The bootstrap token for the talos kubernetes cluster
- `secretbox_encryption_secret` (String, Sensitive) The secretbox encryption secret for the talos kubernetes cluster
Optional:
- `aescbc_encryption_secret` (String, Sensitive) The aescbc encryption secret for the talos kubernetes cluster
<a id="nestedatt--machine_secrets--trustdinfo"></a>
### Nested Schema for `machine_secrets.trustdinfo`
Required:
- `token` (String, Sensitive) The trustd token for the talos kubernetes cluster
================================================
FILE: docs/ephemeral-resources/machine_secrets.md
================================================
---
# generated by https://github.com/hashicorp/terraform-plugin-docs
page_title: "talos_machine_secrets Ephemeral Resource - talos"
subcategory: ""
description: |-
Generate machine secrets for Talos cluster. This is an ephemeral resource that does not persist secrets in Terraform state.
---
# talos_machine_secrets (Ephemeral Resource)
Generate machine secrets for Talos cluster. This is an ephemeral resource that does not persist secrets in Terraform state.
<!-- schema generated by tfplugindocs -->
## Schema
### Optional
- `talos_version` (String) The Talos version contract used to generate the secrets. Example values: `v1.12`, `v1.12.1`, `1.12`, `1.12.1`
### Read-Only
- `client_configuration` (Attributes) The generated client configuration data (see [below for nested schema](#nestedatt--client_configuration))
- `machine_secrets` (Attributes) The secrets for the talos cluster (see [below for nested schema](#nestedatt--machine_secrets))
<a id="nestedatt--client_configuration"></a>
### Nested Schema for `client_configuration`
Read-Only:
- `ca_certificate` (String) The client CA certificate
- `client_certificate` (String) The client certificate
- `client_key` (String, Sensitive) The client key
<a id="nestedatt--machine_secrets"></a>
### Nested Schema for `machine_secrets`
Read-Only:
- `certs` (Attributes) (see [below for nested schema](#nestedatt--machine_secrets--certs))
- `cluster` (Attributes) The cluster secrets (see [below for nested schema](#nestedatt--machine_secrets--cluster))
- `secrets` (Attributes) kubernetes cluster secrets (see [below for nested schema](#nestedatt--machine_secrets--secrets))
- `trustdinfo` (Attributes) trustd secrets (see [below for nested schema](#nestedatt--machine_secrets--trustdinfo))
<a id="nestedatt--machine_secrets--certs"></a>
### Nested Schema for `machine_secrets.certs`
Read-Only:
- `etcd` (Attributes) The certificate and key pair (see [below for nested schema](#nestedatt--machine_secrets--certs--etcd))
- `k8s` (Attributes) The certificate and key pair (see [below for nested schema](#nestedatt--machine_secrets--certs--k8s))
- `k8s_aggregator` (Attributes) The certificate and key pair (see [below for nested schema](#nestedatt--machine_secrets--certs--k8s_aggregator))
- `k8s_serviceaccount` (Attributes) The service account secrets (see [below for nested schema](#nestedatt--machine_secrets--certs--k8s_serviceaccount))
- `os` (Attributes) The certificate and key pair (see [below for nested schema](#nestedatt--machine_secrets--certs--os))
<a id="nestedatt--machine_secrets--certs--etcd"></a>
### Nested Schema for `machine_secrets.certs.etcd`
Read-Only:
- `cert` (String) certificate data
- `key` (String, Sensitive) key data
<a id="nestedatt--machine_secrets--certs--k8s"></a>
### Nested Schema for `machine_secrets.certs.k8s`
Read-Only:
- `cert` (String) certificate data
- `key` (String, Sensitive) key data
<a id="nestedatt--machine_secrets--certs--k8s_aggregator"></a>
### Nested Schema for `machine_secrets.certs.k8s_aggregator`
Read-Only:
- `cert` (String) certificate data
- `key` (String, Sensitive) key data
<a id="nestedatt--machine_secrets--certs--k8s_serviceaccount"></a>
### Nested Schema for `machine_secrets.certs.k8s_serviceaccount`
Read-Only:
- `key` (String, Sensitive) The service account key
<a id="nestedatt--machine_secrets--certs--os"></a>
### Nested Schema for `machine_secrets.certs.os`
Read-Only:
- `cert` (String) certificate data
- `key` (String, Sensitive) key data
<a id="nestedatt--machine_secrets--cluster"></a>
### Nested Schema for `machine_secrets.cluster`
Read-Only:
- `id` (String) The cluster ID
- `secret` (String, Sensitive) The cluster secret
<a id="nestedatt--machine_secrets--secrets"></a>
### Nested Schema for `machine_secrets.secrets`
Read-Only:
- `aescbc_encryption_secret` (String, Sensitive) The AES-CBC encryption secret
- `bootstrap_token` (String, Sensitive) The bootstrap token
- `secretbox_encryption_secret` (String, Sensitive) The secretbox encryption secret
<a id="nestedatt--machine_secrets--trustdinfo"></a>
### Nested Schema for `machine_secrets.trustdinfo`
Read-Only:
- `token` (String, Sensitive) The trustd token
================================================
FILE: docs/guides/using_ephemeral_resources.md
================================================
---
page_title: "Using Ephemeral Resources - talos Provider"
subcategory: ""
description: |-
Learn how to use ephemeral resources in the Talos provider to prevent secrets from being stored in Terraform state
---
# Using Ephemeral Resources in the Talos Provider
Ephemeral resources are Terraform resources that are essentially temporary. They allow you to access and use data in your configurations without that data being stored in Terraform state. This is particularly important for sensitive data like machine secrets, certificates, and kubeconfig files.
Ephemeral resources are available in Terraform v1.10 and later. For more information, see the [official HashiCorp documentation for Ephemeral Resources](https://developer.hashicorp.com/terraform/language/resources/ephemeral).
## Available Ephemeral Resources
The Talos provider includes five ephemeral resources:
- [`talos_machine_secrets`](https://registry.terraform.io/providers/siderolabs/talos/latest/docs/ephemeral-resources/machine_secrets) - Generate machine secrets without storing them in state
- [`talos_machine_configuration`](https://registry.terraform.io/providers/siderolabs/talos/latest/docs/ephemeral-resources/machine_configuration) - Generate machine configuration without storing secrets in state
- [`talos_client_configuration`](https://registry.terraform.io/providers/siderolabs/talos/latest/docs/ephemeral-resources/client_configuration) - Generate client configuration (talosconfig) without storing credentials in state
- [`talos_cluster_kubeconfig`](https://registry.terraform.io/providers/siderolabs/talos/latest/docs/ephemeral-resources/cluster_kubeconfig) - Retrieve kubeconfig without storing credentials in state
- [`talos_cluster_health`](https://registry.terraform.io/providers/siderolabs/talos/latest/docs/ephemeral-resources/cluster_health) - Check cluster health without storing credentials in state
These complement the existing data sources and resources, allowing you to avoid storing credentials and secret values in your Terraform state.
## Why Use Ephemeral Resources?
**Security Benefits:**
- Secrets never written to Terraform state files
- Reduces risk of credential exposure through state files
- Complies with security policies requiring secret-free state
**When to Use:**
- Generating Talos machine secrets
- Creating machine configurations with sensitive data
- Retrieving kubeconfig files
- Any workflow where secrets shouldn't persist in state
## Critical: Machine Secrets Persistence
**IMPORTANT**: Do not use `ephemeral "talos_machine_secrets"` without also storing them in a secret manager. Generating ephemeral machine secrets without persistence would create **new secrets on every Terraform run**, causing:
- Unpredictable changes to dependent resources
- Need to reconfigure all cluster nodes
- Loss of access to the cluster with previous credentials
- Non-deterministic infrastructure state
### Correct Pattern: Secret Manager Integration
Machine secrets should be:
1. Generated once and stored in a secret manager (Vault, AWS Secrets Manager, etc.)
2. Retrieved ephemerally from the secret manager when needed
3. Used to generate machine configurations deterministically
This ensures:
- Secrets remain stable across Terraform runs
- No secrets stored in Terraform state
- Deterministic, reproducible infrastructure
- Compliance with security policies
## Using Ephemeral Resources with Write-Only Attributes
Ephemeral resources are a source of ephemeral data, and they can be referenced in your configuration just like the attributes of resources and data sources. However, a field that references an ephemeral resource must be capable of handling ephemeral data.
The Talos provider includes write-only attributes that accept ephemeral values:
- `machine_configuration_input_wo` - Write-only alternative to `machine_configuration_input` on `talos_machine_configuration_apply` resource (requires Terraform 1.11+)
## Example: Using Vault for Secret Persistence
This example demonstrates the correct pattern for managing Talos machine secrets with Vault. Both secret generation and retrieval can coexist in the same configuration:
```terraform
terraform {
required_version = ">= 1.11"
required_providers {
talos = {
source = "siderolabs/talos"
version = "~> 0.11"
}
vault = {
source = "hashicorp/vault"
version = "~> 5.0"
}
}
}
# Step 1: Generate and store secrets in Vault
# The ephemeral resource generates secrets only when needed (first run)
# After initial creation, this won't be evaluated because data_json_wo_version is hardcoded
ephemeral "talos_machine_secrets" "this" {}
resource "vault_kv_secret_v2" "talos_secrets" {
mount = "secret"
name = "talos-cluster-${var.cluster_name}"
# Write-only attributes prevent secrets from being stored in Terraform state
data_json_wo = jsonencode({
machine_secrets = ephemeral.talos_machine_secrets.this.machine_secrets
client_configuration = ephemeral.talos_machine_secrets.this.client_configuration
})
# Hardcoded version prevents unnecessary refreshes after initial creation
data_json_wo_version = 1
}
# Step 2: Retrieve secrets ephemerally from Vault
# This runs on every terraform operation but values are never stored in state
# Referencing the resource attributes creates implicit dependency on the secret
ephemeral "vault_kv_secret_v2" "talos_secrets" {
mount = vault_kv_secret_v2.talos_secrets.mount
name = vault_kv_secret_v2.talos_secrets.name
}
locals {
# Decode the secret data
talos_data = jsondecode(ephemeral.vault_kv_secret_v2.talos_secrets.data_json)
}
# Step 3: Generate machine configuration using retrieved secrets
ephemeral "talos_machine_configuration" "controlplane" {
cluster_name = var.cluster_name
cluster_endpoint = var.cluster_endpoint
machine_type = "controlplane"
machine_secrets = local.talos_data.machine_secrets
}
# Step 4: Apply configuration using write-only input
resource "talos_machine_configuration_apply" "controlplane" {
client_configuration_wo = local.talos_data.client_configuration
machine_configuration_input_wo = ephemeral.talos_machine_configuration.controlplane.machine_configuration
node = var.controlplane_node
# Note: machine_configuration computed attribute will be null in state
# This is expected behavior for secret-free operation
}
```
**Secret-Free Operation:**
When using write-only attributes (`_wo` variants), the provider ensures zero secrets leak into state:
- **Write-only inputs** (`client_configuration_wo`, `machine_configuration_input_wo`): Never stored in state
- **Computed outputs** (`machine_configuration`): Automatically set to null in state when using write-only inputs
The provider computes the machine configuration internally during apply operations without persisting it. This provides complete secret-free operation while maintaining full functionality.
**How This Works:**
1. **First Run**:
- Secrets are generated ephemerally
- Stored in Vault with version 1
- Retrieved from Vault for immediate use
- All in a single `terraform apply` (Terraform handles the ordering automatically)
2. **Subsequent Runs**:
- The `vault_kv_secret_v2` resource doesn't need updates (version is hardcoded)
- The `ephemeral "talos_machine_secrets"` isn't evaluated (no dependent resources need it)
- Secrets are retrieved ephemerally from Vault for use in configuration
**Key Benefits:**
- Works in a single run on first apply
- Both blocks coexist permanently in your configuration
- Terraform handles all dependencies automatically
- No secrets stored in Terraform state
### Alternative Pattern: External Secret Generation
If you prefer to manage secret generation outside Terraform:
```bash
# Generate secrets manually using talosctl
talosctl gen secrets -o secrets.yaml
# Store in Vault using vault CLI
vault kv put secret/talos-cluster-prod \
machine_secrets="$(yq -o=json '.machine_secrets' secrets.yaml)" \
client_configuration="$(yq -o=json '.client_configuration' secrets.yaml)"
```
Then your Terraform configuration only needs the retrieval part:
```terraform
ephemeral "vault_kv_secret_v2" "talos_secrets" {
mount = "secret"
name = "talos-cluster-prod"
}
locals {
talos_data = jsondecode(ephemeral.vault_kv_secret_v2.talos_secrets.data_json)
}
ephemeral "talos_machine_configuration" "controlplane" {
cluster_name = "prod-cluster"
cluster_endpoint = "https://10.5.0.2:6443"
machine_type = "controlplane"
machine_secrets = local.talos_data.machine_secrets
}
```
## Example: Generating Kubeconfig Ephemerally from Machine Secrets
This example shows how to generate a kubeconfig ephemerally from machine secrets stored in Vault.
The kubeconfig is generated locally from the Kubernetes CA key — no live cluster required.
### Simple usage (CA-pinned timestamps)
When `not_before` is omitted, the admin certificate validity window is taken from the K8s CA's
own timestamps (set once when the cluster was created). The output is byte-identical on every
plan as long as `machine_secrets` does not change.
```terraform
# Retrieve stored secrets from Vault
ephemeral "vault_kv_secret_v2" "talos_secrets" {
mount = "secret"
name = "talos-cluster-prod"
}
locals {
talos_data = jsondecode(ephemeral.vault_kv_secret_v2.talos_secrets.data_json)
}
# Generate kubeconfig without storing in state
ephemeral "talos_cluster_kubeconfig" "this" {
cluster_name = "prod-cluster"
machine_secrets = local.talos_data.machine_secrets
endpoint = "https://10.5.0.2:6443"
}
# Output the kubeconfig (marked as ephemeral)
output "kubeconfig" {
value = ephemeral.talos_cluster_kubeconfig.this.kubeconfig_raw
sensitive = true
ephemeral = true
}
```
### Recommended pattern for Vault-backed workflows (explicit `not_before`)
When storing `kubeconfig_raw` in a Vault KV secret (or any resource that detects byte changes),
use a `terraform_data` resource to persist a stable `not_before` timestamp in Terraform state.
This pins the admin certificate validity window so `kubeconfig_raw` is byte-identical across
all plan invocations — no `ignore_changes` or `data_json_wo_version` bumps required until you
explicitly rotate the certificate.
```terraform
# Persist the admin cert NotBefore timestamp in regular Terraform state.
# Use ignore_changes so it is set once and never updated automatically.
# To rotate the cert: taint this resource and re-apply.
resource "terraform_data" "kubeconfig_nbf" {
input = plantimestamp()
lifecycle {
ignore_changes = [input]
}
}
# Generate kubeconfig with pinned timestamps
ephemeral "talos_cluster_kubeconfig" "this" {
cluster_name = "prod-cluster"
machine_secrets = local.talos_data.machine_secrets
endpoint = "https://10.5.0.2:6443"
not_before = terraform_data.kubeconfig_nbf.output
crt_ttl = "87600h"
}
# Store kubeconfig in Vault — kubeconfig_raw is stable so this resource
# only updates when machine_secrets or not_before change.
resource "vault_kv_secret_v2" "kubeconfig" {
mount = "secret"
name = "kubeconfig-prod-cluster"
data_json_wo = jsonencode({ kubeconfig = ephemeral.talos_cluster_kubeconfig.this.kubeconfig_raw })
data_json_wo_version = 1
}
```
**Certificate rotation**: taint `terraform_data.kubeconfig_nbf` to force a new `not_before`,
which produces a new cert and triggers a `data_json_wo_version` bump on the Vault secret.
**Note**: The kubeconfig is generated locally from the machine secrets and does not require
a running cluster.
## Alternative Secret Managers
While the examples above use HashiCorp Vault, you can use any secret manager that supports:
- Storing secrets via Terraform resources
- Retrieving secrets via ephemeral resources
### AWS Secrets Manager Example
```terraform
# Store secrets in AWS Secrets Manager
resource "aws_secretsmanager_secret" "talos_secrets" {
name = "talos-cluster-${var.cluster_name}"
}
resource "aws_secretsmanager_secret_version" "talos_secrets" {
secret_id = aws_secretsmanager_secret.talos_secrets.id
secret_string = jsonencode({
machine_secrets = talos_machine_secrets.this.machine_secrets
client_configuration = talos_machine_secrets.this.client_configuration
})
}
# Note: AWS provider doesn't yet have ephemeral resources for Secrets Manager
# You would use a data source, which still stores in state
# Watch for AWS provider updates adding ephemeral support
```
### Azure Key Vault Example
```terraform
# Store secrets in Azure Key Vault
resource "azurerm_key_vault_secret" "talos_secrets" {
name = "talos-cluster-${var.cluster_name}"
value = jsonencode({
machine_secrets = talos_machine_secrets.this.machine_secrets
client_configuration = talos_machine_secrets.this.client_configuration
})
key_vault_id = azurerm_key_vault.main.id
}
# Note: Azure provider doesn't yet have ephemeral resources for Key Vault
# You would use a data source for now
```
## Important Considerations
### Terraform Version Requirements
- **Terraform 1.10+**: Supports ephemeral resources only (no write-only attributes)
- **Terraform 1.11+**: Supports both ephemeral resources and write-only attributes
- **OpenTofu 1.11+**: Supports both ephemeral resources and write-only attributes
- Note: OpenTofu 1.10 does NOT support ephemeral resources (they were introduced in 1.11)
**For the examples in this guide**: Terraform 1.11+ or OpenTofu 1.11+ required (uses write-only attributes)
### Compatibility with Existing Resources
Ephemeral resources complement existing data sources and resources:
- **Data sources** (e.g., `data.talos_machine_configuration`) - Still work, but store output in state
- **Ephemeral resources** (e.g., `ephemeral.talos_machine_configuration`) - Same functionality, no state storage
You can migrate existing configurations to ephemeral resources by:
1. Changing `data "talos_machine_configuration"` to `ephemeral "talos_machine_configuration"`
2. Updating references from `data.talos_machine_configuration.this` to `ephemeral.talos_machine_configuration.this`
3. Using write-only attributes (e.g., `machine_configuration_input_wo`) where applicable
## Migration Guide
### From Data Source to Ephemeral Resource with Vault
**Before (using data source):**
```terraform
resource "talos_machine_secrets" "this" {}
data "talos_machine_configuration" "this" {
cluster_name = "my-cluster"
cluster_endpoint = "https://10.5.0.2:6443"
machine_type = "controlplane"
machine_secrets = talos_machine_secrets.this.machine_secrets
}
resource "talos_machine_configuration_apply" "this" {
client_configuration = talos_machine_secrets.this.client_configuration
machine_configuration_input = data.talos_machine_configuration.this.machine_configuration
node = "10.5.0.2"
}
```
**After (using ephemeral resources with Vault):**
Step 1 - Store existing secrets in Vault (one-time migration):
```terraform
# Assuming you have existing talos_machine_secrets resource
resource "vault_kv_secret_v2" "talos_secrets" {
mount = "secret"
name = "talos-cluster-my-cluster"
data_json_wo = jsonencode({
machine_secrets = talos_machine_secrets.this.machine_secrets
client_configuration = talos_machine_secrets.this.client_configuration
})
}
```
Step 2 - Use ephemeral resources to retrieve from Vault:
```terraform
# Retrieve secrets from Vault ephemerally
# Reference the resource to create implicit dependency
ephemeral "vault_kv_secret_v2" "talos_secrets" {
mount = vault_kv_secret_v2.talos_secrets.mount
name = vault_kv_secret_v2.talos_secrets.name
}
locals {
talos_data = jsondecode(ephemeral.vault_kv_secret_v2.talos_secrets.data_json)
}
# Generate configuration ephemerally
ephemeral "talos_machine_configuration" "this" {
cluster_name = "my-cluster"
cluster_endpoint = "https://10.5.0.2:6443"
machine_type = "controlplane"
machine_secrets = local.talos_data.machine_secrets
}
# Apply configuration using write-only attribute
resource "talos_machine_configuration_apply" "this" {
client_configuration_wo = local.talos_data.client_configuration
machine_configuration_input_wo = ephemeral.talos_machine_configuration.this.machine_configuration
node = "10.5.0.2"
}
```
Step 3 - After verifying the migration works, remove the `talos_machine_secrets` resource from your state:
```bash
terraform state rm talos_machine_secrets.this
```
**Benefits:**
- Machine secrets stored securely in Vault, not in Terraform state
- Secrets remain stable across Terraform runs
- Machine configuration never stored in state
- Deterministic infrastructure state
- Improved security and compliance
================================================
FILE: docs/guides/version-0.2-upgrade.html.md
================================================
---
page_title: "Terraform Talos Provider Version 0.2 Upgrade Guide"
description: |-
Terraform Talos Provider Version 0.2 Upgrade Guide
---
# Terraform Talos Provider Version 0.2 Upgrade Guide <!-- omit in toc -->
Version 0.2 of the Talos Terraform provider is a major release and include some breaking chages. This guide will walk you through the changes and how to upgrade your Terraform configuration.
~> **NOTE:** Version 0.2 of the Talos Terraform provider drops support for the following resources:
> * `talos_client_configuration`
> * `talos_cluster_kubeconfig`
> * `talos_machine_configuration_controlplane`
> * `talos_machine_configuration_worker`
The following table lists the resources that have been removed and the new resources that replace them.
| Removed Resource | Type | New Resource | Type |
| ------------------------------------------ | -------- | ----------------------------- | ------------- |
| `talos_client_configuration` | Resource | `talos_client_configuration` | Data Source |
| `talos_cluster_kubeconfig` | Resource | `talos_cluster_kubeconfig` | Data Source |
| `talos_machine_configuration_controlplane` | Resource | `talos_machine_configuration` | Data Resource |
| `talos_machine_configuration_worker` | Resource | `talos_machine_configuration` | Data Resource |
## Upgrade topics: <!-- omit in toc -->
- [Upgrading `talos_client_configuration` resource](#upgrading-talos_client_configuration-resource)
- [Upgrading `talos_cluster_kubeconfig` resource](#upgrading-talos_cluster_kubeconfig-resource)
- [Upgrading `talos_machine_configuration_controlplane` resource](#upgrading-talos_machine_configuration_controlplane-resource)
- [Upgrading `talos_machine_configuration_worker` resource](#upgrading-talos_machine_configuration_worker-resource)
### Upgrading `talos_client_configuration` resource
The `talos_client_configuration` resource has been removed. The `talos_client_configuration` data source should be used instead.
For example if the following resource was used:
```hcl
resource "talos_machine_secrets" "this" {}
resource "talos_client_configuration" "talosconfig" {
cluster_name = "example-cluster"
machine_secrets = talos_machine_secrets.this.machine_secrets
}
```
`talos_client_configuration` resource should be first removed from the state:
```bash
terraform state rm talos_client_configuration.talosconfig
```
and the code should be updated to:
```hcl
resource "talos_machine_secrets" "machine_secrets" {}
data "talos_client_configuration" "this" {
cluster_name = "example-cluster"
client_configuration = talos_machine_secrets.this.client_configuration
}
```
### Upgrading `talos_cluster_kubeconfig` resource
The `talos_cluster_kubeconfig` resource has been removed. The `talos_cluster_kubeconfig` data source should be used instead.
For example if the following resource was used:
```hcl
resource "talos_machine_secrets" "this" {}
resource "talos_client_configuration" "this" {
cluster_name = "example-cluster"
machine_secrets = talos_machine_secrets.this.machine_secrets
}
resource "talos_cluster_kubeconfig" "kubeconfig" {
talos_config = talos_client_configuration.this.talos_config
endpoint = "10.5.0.2"
node = "10.5.0.2"
}
```
`talos_cluster_kubeconfig` resource should be first removed from the state:
```bash
terraform state rm talos_cluster_kubeconfig.kubeconfig
```
and the code should be updated to:
```hcl
r
gitextract_jyyl2tb2/ ├── .conform.yaml ├── .github/ │ ├── renovate.json │ └── workflows/ │ ├── acceptance-tests.yaml │ ├── pull-request.yaml │ ├── release.yml │ └── slack-notify.yaml ├── .gitignore ├── .golangci.yml ├── .goreleaser.yml ├── .vscode/ │ └── launch.json ├── CHANGELOG.md ├── LICENSE ├── Makefile ├── README.md ├── docs/ │ ├── data-sources/ │ │ ├── client_configuration.md │ │ ├── cluster_health.md │ │ ├── cluster_kubeconfig.md │ │ ├── image_factory_extensions_versions.md │ │ ├── image_factory_overlays_versions.md │ │ ├── image_factory_urls.md │ │ ├── image_factory_versions.md │ │ ├── machine_configuration.md │ │ └── machine_disks.md │ ├── ephemeral-resources/ │ │ ├── client_configuration.md │ │ ├── cluster_health.md │ │ ├── cluster_kubeconfig.md │ │ ├── machine_configuration.md │ │ └── machine_secrets.md │ ├── guides/ │ │ ├── using_ephemeral_resources.md │ │ └── version-0.2-upgrade.html.md │ ├── index.md │ └── resources/ │ ├── cluster_kubeconfig.md │ ├── image_factory_schematic.md │ ├── machine_bootstrap.md │ ├── machine_configuration_apply.md │ └── machine_secrets.md ├── examples/ │ ├── README.md │ ├── data-sources/ │ │ ├── talos_client_configuration/ │ │ │ └── data-source.tf │ │ ├── talos_cluster_kubeconfig/ │ │ │ └── data-source.tf │ │ ├── talos_image_factory_extensions_versions/ │ │ │ └── data-source.tf │ │ ├── talos_image_factory_overlays_versions/ │ │ │ └── data-source.tf │ │ ├── talos_image_factory_urls/ │ │ │ └── data-source.tf │ │ ├── talos_image_factory_versions/ │ │ │ └── data-source.tf │ │ ├── talos_machine_configuration/ │ │ │ └── data-source.tf │ │ └── talos_machine_disks/ │ │ └── data-source.tf │ ├── ephemeral-resources/ │ │ ├── README.md │ │ ├── basic/ │ │ │ ├── README.md │ │ │ └── main.tf │ │ └── talos_cluster_kubeconfig/ │ │ └── ephemeral-resource.tf │ └── resources/ │ ├── talos_cluster_kubeconfig/ │ │ └── resource.tf │ ├── talos_image_factory_schematic/ │ │ └── resource.tf │ ├── talos_machine_bootstrap/ │ │ ├── import.sh │ │ └── resource.tf │ ├── talos_machine_configuration_apply/ │ │ └── resource.tf │ └── talos_machine_secrets/ │ ├── import.sh │ └── resource.tf ├── go.mod ├── go.sum ├── hack/ │ ├── release.sh │ └── release.toml ├── main.go ├── pkg/ │ └── talos/ │ ├── client_configuration_test.go │ ├── generate_kubeconfig_test.go │ ├── internal/ │ │ └── gen/ │ │ └── diskspec.go │ ├── provider.go │ ├── provider_test.go │ ├── rfc6979.go │ ├── rfc6979_test.go │ ├── talos_client_configuration_data_source.go │ ├── talos_client_configuration_data_source_test.go │ ├── talos_client_configuration_ephemeral_resource.go │ ├── talos_client_configuration_ephemeral_resource_test.go │ ├── talos_cluster_health_data_source.go │ ├── talos_cluster_health_data_source_test.go │ ├── talos_cluster_health_ephemeral_resource.go │ ├── talos_cluster_kubeconfig_data_source.go │ ├── talos_cluster_kubeconfig_ephemeral_resource.go │ ├── talos_cluster_kubeconfig_ephemeral_resource_test.go │ ├── talos_cluster_kubeconfig_resource.go │ ├── talos_cluster_kubeconfig_resource_test.go │ ├── talos_image_factory_extensions_versions_data_source.go │ ├── talos_image_factory_extensions_versions_data_source_test.go │ ├── talos_image_factory_overlays_versions_data_source.go │ ├── talos_image_factory_overlays_versions_data_source_test.go │ ├── talos_image_factory_schematic_resource.go │ ├── talos_image_factory_schematic_resource_test.go │ ├── talos_image_factory_urls_data_source.go │ ├── talos_image_factory_urls_data_source_test.go │ ├── talos_image_factory_versions_data_source.go │ ├── talos_image_factory_versions_data_source_test.go │ ├── talos_machine_bootstrap_resource.go │ ├── talos_machine_bootstrap_resource_test.go │ ├── talos_machine_configuration_apply_resource.go │ ├── talos_machine_configuration_apply_resource_test.go │ ├── talos_machine_configuration_data_source.go │ ├── talos_machine_configuration_data_source_test.go │ ├── talos_machine_configuration_ephemeral_resource.go │ ├── talos_machine_configuration_ephemeral_resource_test.go │ ├── talos_machine_disks_data_source.go │ ├── talos_machine_disks_data_source_test.go │ ├── talos_machine_disks_data_source_types.go │ ├── talos_machine_secrets_ephemeral_resource.go │ ├── talos_machine_secrets_ephemeral_resource_test.go │ ├── talos_machine_secrets_resource.go │ ├── talos_machine_secrets_resource_test.go │ ├── testdata/ │ │ ├── patch-invalid.yaml │ │ ├── patch-strategic.yaml │ │ ├── secrets.yaml │ │ └── secretsv1.2.yaml │ └── util.go ├── templates/ │ ├── data-sources/ │ │ ├── machine_configuration.md.tmpl │ │ └── machine_disks.md.tmpl │ ├── ephemeral-resources/ │ │ └── machine_configuration.md.tmpl │ ├── guides/ │ │ ├── using_ephemeral_resources.md │ │ └── version-0.2-upgrade.html.md │ ├── index.md.tmpl │ └── resources.md.tmpl ├── terraform-registry-manifest.json ├── tools/ │ ├── go.mod │ └── go.sum └── tools.go
SYMBOL INDEX (367 symbols across 46 files)
FILE: main.go
function main (line 27) | func main() {
FILE: pkg/talos/client_configuration_test.go
function TestGetClientConfigurationValues_Typed (line 18) | func TestGetClientConfigurationValues_Typed(t *testing.T) {
function TestGetClientConfigurationValues_Reconstructed (line 63) | func TestGetClientConfigurationValues_Reconstructed(t *testing.T) {
function TestGetClientConfigurationValues_Null (line 113) | func TestGetClientConfigurationValues_Null(t *testing.T) {
function TestGetClientConfigurationValues_Unknown (line 140) | func TestGetClientConfigurationValues_Unknown(t *testing.T) {
FILE: pkg/talos/generate_kubeconfig_test.go
function TestGenerateKubeconfigDeterminism (line 20) | func TestGenerateKubeconfigDeterminism(t *testing.T) {
FILE: pkg/talos/internal/gen/diskspec.go
function resourceMaps (line 21) | func resourceMaps() map[string]any {
function main (line 27) | func main() {
type Generator (line 117) | type Generator struct
method Printf (line 121) | func (g *Generator) Printf(format string, args ...interface{}) {
method format (line 126) | func (g *Generator) format() []byte {
function mapGoTypesToTFTypes (line 139) | func mapGoTypesToTFTypes(goType reflect.Type) (string, error) {
function mapGoTypesToTFAttributeSpec (line 162) | func mapGoTypesToTFAttributeSpec(goType reflect.Type) (string, error) {
function mapStructTypeToTFType (line 194) | func mapStructTypeToTFType(structField reflect.StructField, resourceName...
FILE: pkg/talos/provider.go
constant ImageFactoryURL (line 22) | ImageFactoryURL = "https://factory.talos.dev"
type talosProvider (line 26) | type talosProvider struct
method Metadata (line 38) | func (p *talosProvider) Metadata(_ context.Context, _ provider.Metadat...
method Schema (line 43) | func (p *talosProvider) Schema(_ context.Context, _ provider.SchemaReq...
method Configure (line 55) | func (p *talosProvider) Configure(ctx context.Context, req provider.Co...
method DataSources (line 82) | func (p *talosProvider) DataSources(_ context.Context) []func() dataso...
method Resources (line 97) | func (p *talosProvider) Resources(_ context.Context) []func() resource...
method EphemeralResources (line 108) | func (p *talosProvider) EphemeralResources(_ context.Context) []func()...
type talosProviderModelV0 (line 28) | type talosProviderModelV0 struct
function New (line 33) | func New() provider.Provider {
FILE: pkg/talos/provider_test.go
type dynamicConfig (line 28) | type dynamicConfig struct
method render (line 44) | func (c *dynamicConfig) render() string {
constant cpuModeHostPassthrough (line 40) | cpuModeHostPassthrough = "host-passthrough"
constant cpuModeHostModel (line 41) | cpuModeHostModel = "host-model"
FILE: pkg/talos/rfc6979.go
type deterministicECDSASigner (line 24) | type deterministicECDSASigner struct
method Public (line 28) | func (s *deterministicECDSASigner) Public() crypto.PublicKey {
method Sign (line 32) | func (s *deterministicECDSASigner) Sign(_ io.Reader, digest []byte, _ ...
function rfc6979Sign (line 42) | func rfc6979Sign(key *ecdsa.PrivateKey, hash []byte) (*big.Int, *big.Int) {
function rawECDSASign (line 97) | func rawECDSASign(curve elliptic.Curve, n, d, k *big.Int, hash []byte) (...
function hmacSHA256 (line 120) | func hmacSHA256(key []byte, data ...[]byte) []byte {
function int2octets (line 130) | func int2octets(v *big.Int, qLen int) []byte {
function bits2int (line 144) | func bits2int(b []byte, n *big.Int) *big.Int {
function bits2octets (line 156) | func bits2octets(hash []byte, n *big.Int, qLen int) []byte {
FILE: pkg/talos/rfc6979_test.go
function TestRFC6979SignTestVectors (line 18) | func TestRFC6979SignTestVectors(t *testing.T) {
FILE: pkg/talos/talos_client_configuration_data_source.go
type talosClientConfigurationDataSource (line 18) | type talosClientConfigurationDataSource struct
method Metadata (line 36) | func (d *talosClientConfigurationDataSource) Metadata(_ context.Contex...
method Schema (line 40) | func (d *talosClientConfigurationDataSource) Schema(_ context.Context,...
method Read (line 93) | func (d *talosClientConfigurationDataSource) Read(ctx context.Context,...
type talosClientConfigurationDataSourceModelV0 (line 20) | type talosClientConfigurationDataSourceModelV0 struct
function NewTalosClientConfigurationDataSource (line 32) | func NewTalosClientConfigurationDataSource() datasource.DataSource {
FILE: pkg/talos/talos_client_configuration_data_source_test.go
function TestAccTalosClientConfigurationDataSource (line 18) | func TestAccTalosClientConfigurationDataSource(t *testing.T) {
function testAccTalosClientConfigurationDataSourceConfig (line 58) | func testAccTalosClientConfigurationDataSourceConfig(clusterName string,...
function validateTalosClientConfigContext (line 91) | func validateTalosClientConfigContext(t *testing.T, tc, contextName stri...
FILE: pkg/talos/talos_client_configuration_ephemeral_resource.go
type talosClientConfigurationEphemeralResource (line 20) | type talosClientConfigurationEphemeralResource struct
method Metadata (line 38) | func (r *talosClientConfigurationEphemeralResource) Metadata(_ context...
method Schema (line 42) | func (r *talosClientConfigurationEphemeralResource) Schema(_ context.C...
method Open (line 116) | func (r *talosClientConfigurationEphemeralResource) Open(ctx context.C...
type talosClientConfigurationEphemeralResourceModel (line 22) | type talosClientConfigurationEphemeralResourceModel struct
function NewTalosClientConfigurationEphemeralResource (line 34) | func NewTalosClientConfigurationEphemeralResource() ephemeral.EphemeralR...
FILE: pkg/talos/talos_client_configuration_ephemeral_resource_test.go
function TestAccTalosClientConfigurationEphemeralResourceFromMachineSecrets (line 21) | func TestAccTalosClientConfigurationEphemeralResourceFromMachineSecrets(...
function TestAccTalosClientConfigurationEphemeralResourceCustomTTL (line 61) | func TestAccTalosClientConfigurationEphemeralResourceCustomTTL(t *testin...
function TestAccTalosClientConfigurationEphemeralResourceCrtTTLInvalid (line 99) | func TestAccTalosClientConfigurationEphemeralResourceCrtTTLInvalid(t *te...
function TestAccTalosClientConfigurationEphemeralResourceDeterminism (line 132) | func TestAccTalosClientConfigurationEphemeralResourceDeterminism(t *test...
function TestAccTalosClientConfigurationEphemeralResourceDeterminismWithNotBefore (line 179) | func TestAccTalosClientConfigurationEphemeralResourceDeterminismWithNotB...
function TestAccTalosClientConfigurationEphemeralResourceInvalidNotBefore (line 231) | func TestAccTalosClientConfigurationEphemeralResourceInvalidNotBefore(t ...
function TestAccTalosClientConfigurationEphemeralResourceClientConfigurationOutput (line 264) | func TestAccTalosClientConfigurationEphemeralResourceClientConfiguration...
FILE: pkg/talos/talos_cluster_health_data_source.go
type talosClusterHealthDataSource (line 26) | type talosClusterHealthDataSource struct
method Metadata (line 103) | func (d *talosClusterHealthDataSource) Metadata(_ context.Context, req...
method Schema (line 107) | func (d *talosClusterHealthDataSource) Schema(ctx context.Context, _ d...
method Read (line 160) | func (d *talosClusterHealthDataSource) Read(ctx context.Context, req d...
type talosClusterHealthDataSourceModelV0 (line 30) | type talosClusterHealthDataSourceModelV0 struct
type clusterNodes (line 40) | type clusterNodes struct
method Nodes (line 67) | func (c *clusterNodes) Nodes() []cluster.NodeInfo {
method NodesByType (line 72) | func (c *clusterNodes) NodesByType(t machine.Type) []cluster.NodeInfo {
function newClusterNodes (line 45) | func newClusterNodes(controlPlaneNodes, workerNodes []string) (*clusterN...
type reporter (line 76) | type reporter struct
method Update (line 86) | func (r *reporter) Update(condition conditions.Condition) {
method String (line 94) | func (r *reporter) String() string {
function newReporter (line 81) | func newReporter() *reporter {
function NewTalosClusterHealthDataSource (line 99) | func NewTalosClusterHealthDataSource() datasource.DataSource {
FILE: pkg/talos/talos_cluster_health_data_source_test.go
function TestAccTalosClusterHealthDataSource (line 14) | func TestAccTalosClusterHealthDataSource(t *testing.T) {
function testAccTalosClusterHealthDataSourceConfig (line 41) | func testAccTalosClusterHealthDataSourceConfig(providerName, rName strin...
FILE: pkg/talos/talos_cluster_health_ephemeral_resource.go
type talosClusterHealthEphemeralResource (line 24) | type talosClusterHealthEphemeralResource struct
method Metadata (line 62) | func (r *talosClusterHealthEphemeralResource) Metadata(_ context.Conte...
method Schema (line 66) | func (r *talosClusterHealthEphemeralResource) Schema(_ context.Context...
method Open (line 116) | func (r *talosClusterHealthEphemeralResource) Open(ctx context.Context...
type talosClusterHealthEphemeralResourceModel (line 26) | type talosClusterHealthEphemeralResourceModel struct
type healthReporter (line 35) | type healthReporter struct
method Update (line 45) | func (r *healthReporter) Update(condition conditions.Condition) {
method String (line 53) | func (r *healthReporter) String() string {
function newHealthReporter (line 40) | func newHealthReporter() *healthReporter {
function NewTalosClusterHealthEphemeralResource (line 58) | func NewTalosClusterHealthEphemeralResource() ephemeral.EphemeralResource {
FILE: pkg/talos/talos_cluster_kubeconfig_data_source.go
type talosClusterKubeConfigDataSource (line 23) | type talosClusterKubeConfigDataSource struct
method Metadata (line 43) | func (d *talosClusterKubeConfigDataSource) Metadata(_ context.Context,...
method Schema (line 47) | func (d *talosClusterKubeConfigDataSource) Schema(ctx context.Context,...
method Read (line 124) | func (d *talosClusterKubeConfigDataSource) Read(ctx context.Context, r...
type talosClusterKubeConfigDataSourceModelV0 (line 25) | type talosClusterKubeConfigDataSourceModelV0 struct
function NewTalosClusterKubeConfigDataSource (line 39) | func NewTalosClusterKubeConfigDataSource() datasource.DataSource {
FILE: pkg/talos/talos_cluster_kubeconfig_ephemeral_resource.go
type talosClusterKubeConfigEphemeralResource (line 33) | type talosClusterKubeConfigEphemeralResource struct
method Metadata (line 50) | func (r *talosClusterKubeConfigEphemeralResource) Metadata(_ context.C...
method Schema (line 54) | func (r *talosClusterKubeConfigEphemeralResource) Schema(_ context.Con...
method Open (line 125) | func (r *talosClusterKubeConfigEphemeralResource) Open(ctx context.Con...
type talosClusterKubeConfigEphemeralResourceModel (line 35) | type talosClusterKubeConfigEphemeralResourceModel struct
function NewTalosClusterKubeConfigEphemeralResource (line 46) | func NewTalosClusterKubeConfigEphemeralResource() ephemeral.EphemeralRes...
type KubeconfigResult (line 190) | type KubeconfigResult struct
function GenerateKubeconfig (line 201) | func GenerateKubeconfig(bundle *secrets.Bundle, clusterName, endpoint st...
FILE: pkg/talos/talos_cluster_kubeconfig_ephemeral_resource_test.go
function TestAccTalosClusterKubeconfigEphemeralResourceBasic (line 21) | func TestAccTalosClusterKubeconfigEphemeralResourceBasic(t *testing.T) {
function TestAccTalosClusterKubeconfigEphemeralResourceKubernetesClientConfigurationFields (line 60) | func TestAccTalosClusterKubeconfigEphemeralResourceKubernetesClientConfi...
function TestAccTalosClusterKubeconfigEphemeralResourceDeterminism (line 103) | func TestAccTalosClusterKubeconfigEphemeralResourceDeterminism(t *testin...
function TestAccTalosClusterKubeconfigEphemeralResourceDeterminismWithNotBefore (line 150) | func TestAccTalosClusterKubeconfigEphemeralResourceDeterminismWithNotBef...
function TestAccTalosClusterKubeconfigEphemeralResourceCustomTTL (line 203) | func TestAccTalosClusterKubeconfigEphemeralResourceCustomTTL(t *testing....
function TestAccTalosClusterKubeconfigEphemeralResourceInvalidTTL (line 242) | func TestAccTalosClusterKubeconfigEphemeralResourceInvalidTTL(t *testing...
function TestAccTalosClusterKubeconfigEphemeralResourceInvalidNotBefore (line 277) | func TestAccTalosClusterKubeconfigEphemeralResourceInvalidNotBefore(t *t...
FILE: pkg/talos/talos_cluster_kubeconfig_resource.go
type talosClusterKubeConfigResource (line 32) | type talosClusterKubeConfigResource struct
method Metadata (line 73) | func (r *talosClusterKubeConfigResource) Metadata(_ context.Context, r...
method Schema (line 77) | func (r *talosClusterKubeConfigResource) Schema(ctx context.Context, _...
method Create (line 165) | func (r *talosClusterKubeConfigResource) Create(ctx context.Context, r...
method Delete (line 290) | func (r *talosClusterKubeConfigResource) Delete(_ context.Context, _ r...
method Read (line 293) | func (r *talosClusterKubeConfigResource) Read(_ context.Context, _ res...
method ModifyPlan (line 299) | func (r *talosClusterKubeConfigResource) ModifyPlan(ctx context.Contex...
method UpgradeState (line 457) | func (r *talosClusterKubeConfigResource) UpgradeState(ctx context.Cont...
method Update (line 570) | func (r *talosClusterKubeConfigResource) Update(ctx context.Context, r...
type talosClusterKubeConfigResourceModelV0 (line 40) | type talosClusterKubeConfigResourceModelV0 struct
type talosClusterKubeConfigResourceModelV1 (line 50) | type talosClusterKubeConfigResourceModelV1 struct
type kubernetesClientConfiguration (line 61) | type kubernetesClientConfiguration struct
function NewTalosClusterKubeConfigResource (line 69) | func NewTalosClusterKubeConfigResource() resource.Resource {
FILE: pkg/talos/talos_cluster_kubeconfig_resource_test.go
function TestAccTalosClusterKubeconfigResource (line 17) | func TestAccTalosClusterKubeconfigResource(t *testing.T) {
function testAccTalosClusterKubeconfigResourceConfig (line 99) | func testAccTalosClusterKubeconfigResourceConfig(rName string) string {
FILE: pkg/talos/talos_image_factory_extensions_versions_data_source.go
type talosImageFactoryExtensionsVersionsDataSource (line 22) | type talosImageFactoryExtensionsVersionsDataSource struct
method Metadata (line 53) | func (d *talosImageFactoryExtensionsVersionsDataSource) Metadata(_ con...
method Schema (line 57) | func (d *talosImageFactoryExtensionsVersionsDataSource) Schema(_ conte...
method Configure (line 107) | func (d *talosImageFactoryExtensionsVersionsDataSource) Configure(_ co...
method Read (line 126) | func (d *talosImageFactoryExtensionsVersionsDataSource) Read(ctx conte...
type talosImageFactoryExtensionsVersionsDataSourceModelV0 (line 26) | type talosImageFactoryExtensionsVersionsDataSourceModelV0 struct
type talosImageFactoryExtensionsVersionsFilter (line 34) | type talosImageFactoryExtensionsVersionsFilter struct
type extensionInfo (line 38) | type extensionInfo struct
function NewTalosImageFactoryExtensionsVersionsDataSource (line 49) | func NewTalosImageFactoryExtensionsVersionsDataSource() datasource.DataS...
FILE: pkg/talos/talos_image_factory_extensions_versions_data_source_test.go
function TestAccTalosImageFactoryExtensionsVersionsDataSource (line 13) | func TestAccTalosImageFactoryExtensionsVersionsDataSource(t *testing.T) {
function testAccTalosImageFactoryExtensionsVersionsDataSourceConfig (line 42) | func testAccTalosImageFactoryExtensionsVersionsDataSourceConfig() string {
function testAccTalosImageFactoryExtensionsVersionsDataSourceConfigWithFilters (line 52) | func testAccTalosImageFactoryExtensionsVersionsDataSourceConfigWithFilte...
function testAccTalosImageFactoryExtensionsVersionsDataSourceConfigWithExactFilters (line 68) | func testAccTalosImageFactoryExtensionsVersionsDataSourceConfigWithExact...
FILE: pkg/talos/talos_image_factory_overlays_versions_data_source.go
type talosImageFactoryOverlaysVersionsDataSource (line 21) | type talosImageFactoryOverlaysVersionsDataSource struct
method Metadata (line 50) | func (d *talosImageFactoryOverlaysVersionsDataSource) Metadata(_ conte...
method Schema (line 54) | func (d *talosImageFactoryOverlaysVersionsDataSource) Schema(_ context...
method Configure (line 91) | func (d *talosImageFactoryOverlaysVersionsDataSource) Configure(_ cont...
method Read (line 109) | func (d *talosImageFactoryOverlaysVersionsDataSource) Read(ctx context...
type talosImageFactoryOverlaysVersionsDataSourceModelV0 (line 25) | type talosImageFactoryOverlaysVersionsDataSourceModelV0 struct
type talosImageFactoryOverlaysVersionsFilter (line 32) | type talosImageFactoryOverlaysVersionsFilter struct
type overlayInfo (line 36) | type overlayInfo struct
function NewTalosImageFactoryOverlaysVersionsDataSource (line 46) | func NewTalosImageFactoryOverlaysVersionsDataSource() datasource.DataSou...
FILE: pkg/talos/talos_image_factory_overlays_versions_data_source_test.go
function TestAccTalosImageFactoryOverlaysVersionsDataSource (line 13) | func TestAccTalosImageFactoryOverlaysVersionsDataSource(t *testing.T) {
function testAccTalosImageFactoryOverlaysVersionsDataSourceConfig (line 35) | func testAccTalosImageFactoryOverlaysVersionsDataSourceConfig() string {
function testAccTalosImageFactoryOverlaysVersionsDataSourceConfigWithFilters (line 45) | func testAccTalosImageFactoryOverlaysVersionsDataSourceConfigWithFilters...
FILE: pkg/talos/talos_image_factory_schematic_resource.go
type talosImageFactorySchematicResource (line 19) | type talosImageFactorySchematicResource struct
method Metadata (line 46) | func (r *talosImageFactorySchematicResource) Metadata(_ context.Contex...
method Schema (line 50) | func (r *talosImageFactorySchematicResource) Schema(_ context.Context,...
method Configure (line 66) | func (r *talosImageFactorySchematicResource) Configure(_ context.Conte...
method Create (line 84) | func (r *talosImageFactorySchematicResource) Create(ctx context.Contex...
method Delete (line 117) | func (r *talosImageFactorySchematicResource) Delete(_ context.Context,...
method Read (line 120) | func (r *talosImageFactorySchematicResource) Read(_ context.Context, _...
method Update (line 123) | func (r *talosImageFactorySchematicResource) Update(ctx context.Contex...
type talosImageFactorySchematicResourceModelV0 (line 36) | type talosImageFactorySchematicResourceModelV0 struct
function NewTalosImageFactorySchematicResource (line 42) | func NewTalosImageFactorySchematicResource() resource.Resource {
FILE: pkg/talos/talos_image_factory_schematic_resource_test.go
function TestAccTalosImageFactorySchematicResource (line 13) | func TestAccTalosImageFactorySchematicResource(t *testing.T) {
function testAccTalosTalosImageFactorySchematicConfig (line 57) | func testAccTalosTalosImageFactorySchematicConfig() string {
function testAccTalosTalosImageFactorySchematicEmptySchematicConfig (line 65) | func testAccTalosTalosImageFactorySchematicEmptySchematicConfig() string {
function testAccTalosTalosImageFactorySchematicEmptyCustomizationConfig (line 75) | func testAccTalosTalosImageFactorySchematicEmptyCustomizationConfig() st...
function testAccTalosTalosImageFactorySchematicKnownExtensionConfig (line 89) | func testAccTalosTalosImageFactorySchematicKnownExtensionConfig() string {
FILE: pkg/talos/talos_image_factory_urls_data_source.go
type talosImageFactoryURLSDataSource (line 28) | type talosImageFactoryURLSDataSource struct
method Metadata (line 97) | func (d *talosImageFactoryURLSDataSource) Metadata(_ context.Context, ...
method Schema (line 101) | func (d *talosImageFactoryURLSDataSource) Schema(_ context.Context, _ ...
method Configure (line 218) | func (d *talosImageFactoryURLSDataSource) Configure(_ context.Context,...
method Read (line 236) | func (d *talosImageFactoryURLSDataSource) Read(ctx context.Context, re...
type talosImageFactoryURLSDataSourceModelV0 (line 68) | type talosImageFactoryURLSDataSourceModelV0 struct
type urls (line 78) | type urls struct
function NewTalosImageFactoryURLSDataSource (line 93) | func NewTalosImageFactoryURLSDataSource() datasource.DataSource {
FILE: pkg/talos/talos_image_factory_urls_data_source_test.go
function TestAccTalosImageFactoryURLsDataSource (line 14) | func TestAccTalosImageFactoryURLsDataSource(t *testing.T) {
function testAccTalosImageFactoryURLsBothSBCAndPlatformNotSetConfig (line 130) | func testAccTalosImageFactoryURLsBothSBCAndPlatformNotSetConfig() string {
function testAccTalosImageFactoryURLsBothSBCAndPlatformSetConfig (line 141) | func testAccTalosImageFactoryURLsBothSBCAndPlatformSetConfig() string {
function testAccTalosImageFactoryURLsMetalPlatformConfig (line 154) | func testAccTalosImageFactoryURLsMetalPlatformConfig() string {
function testAccTalosImageFactoryURLsMetalPlatformArm64Config (line 166) | func testAccTalosImageFactoryURLsMetalPlatformArm64Config() string {
function testAccTalosImageFactoryURLsAWSPlatformConfig (line 179) | func testAccTalosImageFactoryURLsAWSPlatformConfig() string {
function testAccTalosImageFactoryURLsNoCloudPlatformConfig (line 191) | func testAccTalosImageFactoryURLsNoCloudPlatformConfig() string {
function testAccTalosImageFactoryURLsSBCConfig (line 203) | func testAccTalosImageFactoryURLsSBCConfig() string {
function testAccTalosImageFactoryURLsInvalidVersionConfig (line 215) | func testAccTalosImageFactoryURLsInvalidVersionConfig() string {
FILE: pkg/talos/talos_image_factory_versions_data_source.go
type talosImageFactoryVersionsDataSource (line 20) | type talosImageFactoryVersionsDataSource struct
method Metadata (line 41) | func (d *talosImageFactoryVersionsDataSource) Metadata(_ context.Conte...
method Schema (line 45) | func (d *talosImageFactoryVersionsDataSource) Schema(_ context.Context...
method Configure (line 71) | func (d *talosImageFactoryVersionsDataSource) Configure(_ context.Cont...
method Read (line 89) | func (d *talosImageFactoryVersionsDataSource) Read(ctx context.Context...
type talosImageFactoryVersionsDataSourceModelV0 (line 24) | type talosImageFactoryVersionsDataSourceModelV0 struct
type talosImageFactoryVersionsFilter (line 30) | type talosImageFactoryVersionsFilter struct
function NewTalosImageFactoryVersionsDataSource (line 37) | func NewTalosImageFactoryVersionsDataSource() datasource.DataSource {
FILE: pkg/talos/talos_image_factory_versions_data_source_test.go
function TestAccTalosImageFactoryVersionsDataSource (line 15) | func TestAccTalosImageFactoryVersionsDataSource(t *testing.T) {
function testAccTalosImageFactoryVersionsDataSourceConfig (line 36) | func testAccTalosImageFactoryVersionsDataSourceConfig() string {
function testAccTalosImageFactoryVersionsDataSourceWithFilterConfig (line 44) | func testAccTalosImageFactoryVersionsDataSourceWithFilterConfig() string {
FILE: pkg/talos/talos_machine_bootstrap_resource.go
type talosMachineBootstrapResource (line 27) | type talosMachineBootstrapResource struct
method Metadata (line 57) | func (r *talosMachineBootstrapResource) Metadata(_ context.Context, re...
method ValidateConfig (line 61) | func (r *talosMachineBootstrapResource) ValidateConfig(ctx context.Con...
method Schema (line 123) | func (r *talosMachineBootstrapResource) Schema(ctx context.Context, _ ...
method Create (line 193) | func (r *talosMachineBootstrapResource) Create(ctx context.Context, re...
method Read (line 295) | func (r *talosMachineBootstrapResource) Read(_ context.Context, _ reso...
method Update (line 298) | func (r *talosMachineBootstrapResource) Update(ctx context.Context, re...
method Delete (line 317) | func (r *talosMachineBootstrapResource) Delete(_ context.Context, _ re...
method ModifyPlan (line 320) | func (r *talosMachineBootstrapResource) ModifyPlan(ctx context.Context...
method UpgradeState (line 383) | func (r *talosMachineBootstrapResource) UpgradeState(_ context.Context...
method ImportState (line 453) | func (r *talosMachineBootstrapResource) ImportState(ctx context.Contex...
type talosMachineBootstrapResourceModelV0 (line 36) | type talosMachineBootstrapResourceModelV0 struct
type talosMachineBootstrapResourceModelV1 (line 43) | type talosMachineBootstrapResourceModelV1 struct
function NewTalosMachineBootstrapResource (line 53) | func NewTalosMachineBootstrapResource() resource.Resource {
function getBootstrapClientConfiguration (line 91) | func getBootstrapClientConfiguration(state *talosMachineBootstrapResourc...
FILE: pkg/talos/talos_machine_bootstrap_resource_test.go
function TestAccTalosMachineBootstrapResource (line 15) | func TestAccTalosMachineBootstrapResource(t *testing.T) {
function TestAccTalosMachineBootstrapResourceUpgrade (line 44) | func TestAccTalosMachineBootstrapResourceUpgrade(t *testing.T) {
function testAccTalosMachineBootstrapResourceConfigV0 (line 106) | func testAccTalosMachineBootstrapResourceConfigV0(providerName, rName st...
function testAccTalosMachineBootstrapResourceConfigV1 (line 117) | func testAccTalosMachineBootstrapResourceConfigV1(providerName, rName st...
function testAccTalosMachineBootstrapResourceConfigImport (line 128) | func testAccTalosMachineBootstrapResourceConfigImport(node string) string {
FILE: pkg/talos/talos_machine_configuration_apply_resource.go
type talosMachineConfigurationApplyResource (line 40) | type talosMachineConfigurationApplyResource struct
method Metadata (line 92) | func (p *talosMachineConfigurationApplyResource) Metadata(_ context.Co...
method Schema (line 96) | func (p *talosMachineConfigurationApplyResource) Schema(ctx context.Co...
method ValidateConfig (line 240) | func (p *talosMachineConfigurationApplyResource) ValidateConfig(ctx co...
method Create (line 473) | func (p *talosMachineConfigurationApplyResource) Create(ctx context.Co...
method Read (line 609) | func (p *talosMachineConfigurationApplyResource) Read(_ context.Contex...
method Update (line 612) | func (p *talosMachineConfigurationApplyResource) Update(ctx context.Co...
method Delete (line 756) | func (p *talosMachineConfigurationApplyResource) Delete(ctx context.Co...
method handleRebootPrevention (line 903) | func (p *talosMachineConfigurationApplyResource) handleRebootPrevention(
method ModifyPlan (line 1010) | func (p *talosMachineConfigurationApplyResource) ModifyPlan(ctx contex...
method setPlanMachineConfiguration (line 1134) | func (p *talosMachineConfigurationApplyResource) setPlanMachineConfigu...
method UpgradeState (line 1154) | func (p *talosMachineConfigurationApplyResource) UpgradeState(_ contex...
type talosMachineConfigurationApplyResourceModelV0 (line 55) | type talosMachineConfigurationApplyResourceModelV0 struct
type talosMachineConfigurationApplyResourceModelV1 (line 64) | type talosMachineConfigurationApplyResourceModelV1 struct
type onDestroyOptions (line 81) | type onDestroyOptions struct
function NewTalosMachineConfigurationApplyResource (line 88) | func NewTalosMachineConfigurationApplyResource() resource.Resource {
function getMachineConfigurationInput (line 287) | func getMachineConfigurationInput(state *talosMachineConfigurationApplyR...
function computeMachineConfiguration (line 296) | func computeMachineConfiguration(state *talosMachineConfigurationApplyRe...
function configPatchesAsStrings (line 328) | func configPatchesAsStrings(list types.List) ([]string, error) {
function getClientConfiguration (line 362) | func getClientConfiguration(state *talosMachineConfigurationApplyResourc...
function getClientConfigurationValues (line 397) | func getClientConfigurationValues(ctx context.Context, clientConfig base...
function getMapKeys (line 464) | func getMapKeys(m map[string]attr.Value) []string {
function getEffectiveMode (line 747) | func getEffectiveMode(state *talosMachineConfigurationApplyResourceModel...
function setResolvedApplyMode (line 879) | func setResolvedApplyMode(ctx context.Context, resp *resource.ModifyPlan...
function dryRunNeedsReboot (line 884) | func dryRunNeedsReboot(cfgBytes []byte, needsReboot *bool) func(context....
function resetGetActorID (line 1248) | func resetGetActorID(ctx context.Context, c *client.Client, req *machine...
type clientExecutor (line 1261) | type clientExecutor struct
method WithClient (line 1273) | func (c *clientExecutor) WithClient(action func(context.Context, *clie...
method NodeList (line 1279) | func (c *clientExecutor) NodeList() []string {
function newClientExecutor (line 1266) | func newClientExecutor(c *client.Client, nodes []string) *clientExecutor {
FILE: pkg/talos/talos_machine_configuration_apply_resource_test.go
function TestAccTalosMachineConfigurationApplyResource (line 19) | func TestAccTalosMachineConfigurationApplyResource(t *testing.T) {
function TestAccTalosMachineConfigurationApplyResourceAutoStaged (line 64) | func TestAccTalosMachineConfigurationApplyResourceAutoStaged(t *testing....
function logApplyModeState (line 90) | func logApplyModeState(t *testing.T, stepName string) resource.TestCheck...
function TestAccTalosMachineConfigurationApplyResourceUpgradeWithResolvedApplyModeBug (line 121) | func TestAccTalosMachineConfigurationApplyResourceUpgradeWithResolvedApp...
function TestAccTalosMachineConfigurationApplyResourceUpgradeWithResolvedApplyModeFix (line 173) | func TestAccTalosMachineConfigurationApplyResourceUpgradeWithResolvedApp...
function TestAccTalosMachineConfigurationApplyResourceUpgrade (line 217) | func TestAccTalosMachineConfigurationApplyResourceUpgrade(t *testing.T) {
function testAccTalosMachineConfigurationApplyResourceConfig (line 283) | func testAccTalosMachineConfigurationApplyResourceConfig(providerName, r...
function testAccTalosMachineConfigurationApplyResourceConfigV0 (line 294) | func testAccTalosMachineConfigurationApplyResourceConfigV0(providerName,...
function testAccTalosMachineConfigurationApplyResourceConfigV1 (line 305) | func testAccTalosMachineConfigurationApplyResourceConfigV1(providerName,...
function testAccTalosMachineConfigurationApplyResourceConfigWithAutoStaged (line 316) | func testAccTalosMachineConfigurationApplyResourceConfigWithAutoStaged(p...
function TestAccTalosMachineConfigurationApplyWithEphemeralClientConfigWO (line 370) | func TestAccTalosMachineConfigurationApplyWithEphemeralClientConfigWO(t ...
function testAccTalosMachineConfigurationApplyResourceConfigAutoStagedUpgrade (line 414) | func testAccTalosMachineConfigurationApplyResourceConfigAutoStagedUpgrad...
function testAccTalosMachineConfigurationApplyWithEphemeralClientConfigWOConfig (line 434) | func testAccTalosMachineConfigurationApplyWithEphemeralClientConfigWOCon...
function TestAccTalosMachineConfigurationApplyConfigPatchesUnknownList (line 550) | func TestAccTalosMachineConfigurationApplyConfigPatchesUnknownList(t *te...
function testAccTalosMachineConfigurationApplyConfigPatchesUnknownListConfig (line 566) | func testAccTalosMachineConfigurationApplyConfigPatchesUnknownListConfig...
FILE: pkg/talos/talos_machine_configuration_data_source.go
type talosMachineConfigurationDataSourceModelV0 (line 27) | type talosMachineConfigurationDataSourceModelV0 struct
type talosMachineConfigurationDataSource (line 41) | type talosMachineConfigurationDataSource struct
method Metadata (line 53) | func (d *talosMachineConfigurationDataSource) Metadata(_ context.Conte...
method Schema (line 57) | func (d *talosMachineConfigurationDataSource) Schema(_ context.Context...
method Read (line 116) | func (d *talosMachineConfigurationDataSource) Read(ctx context.Context...
method ValidateConfig (line 215) | func (d *talosMachineConfigurationDataSource) ValidateConfig(ctx conte...
function NewTalosMachineConfigurationDataSource (line 49) | func NewTalosMachineConfigurationDataSource() datasource.DataSource {
function validateMachineConfigurationConfig (line 240) | func validateMachineConfigurationConfig(ctx context.Context, clusterEndp...
function machineSecretsSchemaAttribute (line 278) | func machineSecretsSchemaAttribute() schema.SingleNestedAttribute {
function certSchemaInput (line 354) | func certSchemaInput() schema.SingleNestedAttribute {
function machineSecretsCertsToSecretsBundleCerts (line 372) | func machineSecretsCertsToSecretsBundleCerts(machineSecretsCerts machine...
function certDataToX509PEMEncodedCertificateAndKey (line 407) | func certDataToX509PEMEncodedCertificateAndKey(cert, key string) (*x509....
function certDataToX509PEMEncodedKey (line 424) | func certDataToX509PEMEncodedKey(key string) (*x509.PEMEncodedKey, error) {
FILE: pkg/talos/talos_machine_configuration_data_source_test.go
function TestAccTalosMachineConfigurationDataSource (line 27) | func TestAccTalosMachineConfigurationDataSource(t *testing.T) {
function testAccTalosMachineConfigurationDataSourceConfig (line 203) | func testAccTalosMachineConfigurationDataSourceConfig(
function validateGeneratedTalosMachineConfig (line 285) | func validateGeneratedTalosMachineConfig(
FILE: pkg/talos/talos_machine_configuration_ephemeral_resource.go
type talosMachineConfigurationEphemeralResource (line 29) | type talosMachineConfigurationEphemeralResource struct
method Metadata (line 49) | func (r *talosMachineConfigurationEphemeralResource) Metadata(_ contex...
method Schema (line 53) | func (r *talosMachineConfigurationEphemeralResource) Schema(_ context....
method Open (line 111) | func (r *talosMachineConfigurationEphemeralResource) Open(ctx context....
method ValidateConfig (line 230) | func (r *talosMachineConfigurationEphemeralResource) ValidateConfig(ct...
type talosMachineConfigurationEphemeralResourceModel (line 31) | type talosMachineConfigurationEphemeralResourceModel struct
function NewTalosMachineConfigurationEphemeralResource (line 45) | func NewTalosMachineConfigurationEphemeralResource() ephemeral.Ephemeral...
FILE: pkg/talos/talos_machine_configuration_ephemeral_resource_test.go
function TestAccTalosMachineConfigurationEphemeralResource (line 19) | func TestAccTalosMachineConfigurationEphemeralResource(t *testing.T) {
function TestAccTalosMachineConfigurationEphemeralResourceWorker (line 57) | func TestAccTalosMachineConfigurationEphemeralResourceWorker(t *testing....
FILE: pkg/talos/talos_machine_disks_data_source.go
type nodiskFoundError (line 32) | type nodiskFoundError struct
method Error (line 28) | func (e nodiskFoundError) Error() string {
type talosMachineDisksDataSource (line 34) | type talosMachineDisksDataSource struct
method Metadata (line 53) | func (d *talosMachineDisksDataSource) Metadata(_ context.Context, req ...
method Schema (line 57) | func (d *talosMachineDisksDataSource) Schema(ctx context.Context, _ da...
method Read (line 113) | func (d *talosMachineDisksDataSource) Read(ctx context.Context, req da...
type talosMachineDisksDataSourceModelV1 (line 36) | type talosMachineDisksDataSourceModelV1 struct
function NewTalosMachineDisksDataSource (line 49) | func NewTalosMachineDisksDataSource() datasource.DataSource {
FILE: pkg/talos/talos_machine_disks_data_source_test.go
function TestAccTalosMachineDisksDataSource (line 14) | func TestAccTalosMachineDisksDataSource(t *testing.T) {
function testAccTalosMachineDisksDataSourceConfigV0 (line 45) | func testAccTalosMachineDisksDataSourceConfigV0(providerName, rName stri...
FILE: pkg/talos/talos_machine_disks_data_source_types.go
type diskspec (line 17) | type diskspec struct
function diskspecToTFTypes (line 97) | func diskspecToTFTypes(diskspecSpec block.DiskSpec) diskspec {
FILE: pkg/talos/talos_machine_secrets_ephemeral_resource.go
type talosMachineSecretsEphemeralResource (line 23) | type talosMachineSecretsEphemeralResource struct
method Metadata (line 36) | func (r *talosMachineSecretsEphemeralResource) Metadata(_ context.Cont...
method Schema (line 40) | func (r *talosMachineSecretsEphemeralResource) Schema(_ context.Contex...
method Open (line 76) | func (r *talosMachineSecretsEphemeralResource) Open(ctx context.Contex...
type talosMachineSecretsEphemeralResourceModel (line 25) | type talosMachineSecretsEphemeralResourceModel struct
function NewTalosMachineSecretsEphemeralResource (line 32) | func NewTalosMachineSecretsEphemeralResource() ephemeral.EphemeralResour...
FILE: pkg/talos/talos_machine_secrets_ephemeral_resource_test.go
function TestAccTalosMachineSecretsEphemeralResource (line 35) | func TestAccTalosMachineSecretsEphemeralResource(t *testing.T) {
function TestAccTalosMachineSecretsEphemeralResourceNotInState (line 74) | func TestAccTalosMachineSecretsEphemeralResourceNotInState(t *testing.T) {
function TestAccTalosMachineSecretsEphemeralResourceWithDefault (line 92) | func TestAccTalosMachineSecretsEphemeralResourceWithDefault(t *testing.T) {
FILE: pkg/talos/talos_machine_secrets_resource.go
type talosMachineSecretsResource (line 44) | type talosMachineSecretsResource struct
method Metadata (line 109) | func (r *talosMachineSecretsResource) Metadata(_ context.Context, req ...
method Schema (line 113) | func (r *talosMachineSecretsResource) Schema(_ context.Context, _ reso...
method Create (line 254) | func (r *talosMachineSecretsResource) Create(ctx context.Context, req ...
method Read (line 314) | func (r *talosMachineSecretsResource) Read(_ context.Context, _ resour...
method ModifyPlan (line 317) | func (r *talosMachineSecretsResource) ModifyPlan(ctx context.Context, ...
method Update (line 386) | func (r *talosMachineSecretsResource) Update(ctx context.Context, req ...
method Delete (line 506) | func (r *talosMachineSecretsResource) Delete(_ context.Context, _ reso...
method UpgradeState (line 545) | func (r *talosMachineSecretsResource) UpgradeState(_ context.Context) ...
method ImportState (line 603) | func (r *talosMachineSecretsResource) ImportState(ctx context.Context,...
type talosMachineSecretsResourceModelV0 (line 46) | type talosMachineSecretsResourceModelV0 struct
type talosMachineSecretsResourceModelV1 (line 52) | type talosMachineSecretsResourceModelV1 struct
type clientConfiguration (line 59) | type clientConfiguration struct
type machineSecrets (line 65) | type machineSecrets struct
type machineSecretsCluster (line 72) | type machineSecretsCluster struct
type machineSecretsSecrets (line 77) | type machineSecretsSecrets struct
type machineSecretsTrustdInfo (line 83) | type machineSecretsTrustdInfo struct
type machineSecretsCerts (line 87) | type machineSecretsCerts struct
type machineSecretsCertsK8sServiceAccount (line 95) | type machineSecretsCertsK8sServiceAccount struct
type machineSecretsCertKeyPair (line 99) | type machineSecretsCertKeyPair struct
function NewTalosMachineSecretsResource (line 105) | func NewTalosMachineSecretsResource() resource.Resource {
function machineSecretsOutputSchemaAttribute (line 160) | func machineSecretsOutputSchemaAttribute() schema.SingleNestedAttribute {
function certSchema (line 236) | func certSchema() schema.SingleNestedAttribute {
function talosMachineFeaturesVersionDefaults (line 509) | func talosMachineFeaturesVersionDefaults() planmodifier.String {
type talosMachineFeaturesVersionPlanModifier (line 513) | type talosMachineFeaturesVersionPlanModifier struct
method Description (line 517) | func (apm *talosMachineFeaturesVersionPlanModifier) Description(_ cont...
method MarkdownDescription (line 521) | func (apm *talosMachineFeaturesVersionPlanModifier) MarkdownDescriptio...
method PlanModifyString (line 525) | func (apm *talosMachineFeaturesVersionPlanModifier) PlanModifyString(_...
FILE: pkg/talos/talos_machine_secrets_resource_test.go
function TestAccTalosMachineSecretsResource (line 21) | func TestAccTalosMachineSecretsResource(t *testing.T) {
function TestAccTalosMachineSecretsResourceUpgrade1 (line 298) | func TestAccTalosMachineSecretsResourceUpgrade1(t *testing.T) {
function TestAccTalosMachineSecretsResourceUpgrade2 (line 345) | func TestAccTalosMachineSecretsResourceUpgrade2(t *testing.T) { //nolint...
function TestAccTalosMachineSecretsResourceUpgrade3 (line 391) | func TestAccTalosMachineSecretsResourceUpgrade3(t *testing.T) { //nolint...
function testAccTalosMachineSecretsResourceConfig (line 437) | func testAccTalosMachineSecretsResourceConfig(talosConfigVersion string)...
FILE: pkg/talos/util.go
type machineConfigGenerateOptions (line 43) | type machineConfigGenerateOptions struct
method generate (line 55) | func (m *machineConfigGenerateOptions) generate() (string, error) {
function GenerateInstallerImage (line 134) | func GenerateInstallerImage() string {
function secretsBundleTomachineSecrets (line 138) | func secretsBundleTomachineSecrets(secretsBundle *secrets.Bundle) (talos...
function generateClientConfigurationWithTTL (line 195) | func generateClientConfigurationWithTTL(secretsBundle *secrets.Bundle, t...
function generateClientConfiguration (line 220) | func generateClientConfiguration(secretsBundle *secrets.Bundle, clusterN...
function parseCAPrivateKey (line 326) | func parseCAPrivateKey(block *pem.Block) (any, error) {
type clientConfigTimestampError (line 356) | type clientConfigTimestampError struct
method Error (line 361) | func (e *clientConfigTimestampError) Error() string { return e.detail }
function resolveClientConfigTimestamps (line 366) | func resolveClientConfigTimestamps(notBeforeStr, crtTTLStr string, osCAC...
function machineSecretsToSecretsBundle (line 412) | func machineSecretsToSecretsBundle(model talosMachineSecretsResourceMode...
function validateVersionContract (line 501) | func validateVersionContract(version string) (*config.VersionContract, e...
function talosClientOp (line 510) | func talosClientOp(ctx context.Context, endpoint, node string, tc *clien...
type talosVersionValidator (line 534) | type talosVersionValidator struct
method ValidateString (line 540) | func (v talosVersionValidator) ValidateString(_ context.Context, req v...
method Description (line 553) | func (v talosVersionValidator) Description(_ context.Context) string {
method MarkdownDescription (line 557) | func (v talosVersionValidator) MarkdownDescription(ctx context.Context...
function talosVersionValid (line 536) | func talosVersionValid() talosVersionValidator {
type goDurationValidator (line 561) | type goDurationValidator struct
method ValidateString (line 567) | func (v goDurationValidator) ValidateString(_ context.Context, req val...
method Description (line 581) | func (v goDurationValidator) Description(_ context.Context) string {
method MarkdownDescription (line 585) | func (v goDurationValidator) MarkdownDescription(ctx context.Context) ...
function goDurationValid (line 563) | func goDurationValid() goDurationValidator {
type rfc3339Validator (line 589) | type rfc3339Validator struct
method ValidateString (line 595) | func (v rfc3339Validator) ValidateString(_ context.Context, req valida...
method Description (line 609) | func (v rfc3339Validator) Description(_ context.Context) string {
method MarkdownDescription (line 613) | func (v rfc3339Validator) MarkdownDescription(ctx context.Context) str...
function rfc3339Valid (line 591) | func rfc3339Valid() rfc3339Validator {
function validateClusterEndpoint (line 617) | func validateClusterEndpoint(endpoint string) error {
function fixControlPlaneEndpoint (line 650) | func fixControlPlaneEndpoint(u *url.URL) *url.URL {
function bytesToBase64 (line 666) | func bytesToBase64(b []byte) string {
function base64ToBytes (line 670) | func base64ToBytes(in string) ([]byte, error) {
function talosClientTFConfigToTalosClientConfig (line 674) | func talosClientTFConfigToTalosClientConfig(clusterName, ca, cert, key s...
Condensed preview — 121 files, each showing path, character count, and a content snippet. Download the .json file or copy for the full structured content (990K chars).
[
{
"path": ".conform.yaml",
"chars": 557,
"preview": "# THIS FILE WAS AUTOMATICALLY GENERATED, PLEASE DO NOT EDIT.\n#\n# Generated on 2022-03-23T19:45:28Z by kres latest.\n\n---\n"
},
{
"path": ".github/renovate.json",
"chars": 462,
"preview": "{\n \"$schema\": \"https://docs.renovatebot.com/renovate-schema.json\",\n \"extends\": [\n \":semanticCommitScopeDisa"
},
{
"path": ".github/workflows/acceptance-tests.yaml",
"chars": 2343,
"preview": "name: acceptance-tests\nconcurrency:\n group: ${{ github.head_ref || github.run_id }}\n cancel-in-progress: true\non:\n pu"
},
{
"path": ".github/workflows/pull-request.yaml",
"chars": 758,
"preview": "name: check-dirty\non:\n pull_request:\njobs:\n check-dirty:\n if: (!startsWith(github.head_ref, 'renovate/') && !starts"
},
{
"path": ".github/workflows/release.yml",
"chars": 1695,
"preview": "# This GitHub action can publish assets for release when a tag is created.\n# Currently its setup to run on any tag that "
},
{
"path": ".github/workflows/slack-notify.yaml",
"chars": 4271,
"preview": "name: slack-notify\n\"on\":\n workflow_run:\n workflows:\n - check-dirty\n - acceptance-tests\n - release\n "
},
{
"path": ".gitignore",
"chars": 928,
"preview": "dist\nterraform-provider-talos\n_out\n\n### Terraform ###\n# Local .terraform directories\n**/.terraform/*\n\n# .tfstate files\n*"
},
{
"path": ".golangci.yml",
"chars": 4462,
"preview": "# THIS FILE WAS AUTOMATICALLY GENERATED, PLEASE DO NOT EDIT.\n#\n# Generated on 2025-07-11T15:25:51Z by kres 9b39fa4b-dirt"
},
{
"path": ".goreleaser.yml",
"chars": 1876,
"preview": "# Visit https://goreleaser.com for documentation on how to customize this\n# behavior.\nversion: 2\nbefore:\n hooks:\n # "
},
{
"path": ".vscode/launch.json",
"chars": 417,
"preview": "{\n \"version\": \"0.2.0\",\n \"configurations\": [\n {\n \"name\": \"Debug Talos Terraform Provider\",\n "
},
{
"path": "CHANGELOG.md",
"chars": 93011,
"preview": "## [terraform-provider-talos 0.11.0](https://github.com/siderolabs/terraform-provider-talos/releases/tag/v0.11.0) (2026-"
},
{
"path": "LICENSE",
"chars": 16725,
"preview": "Mozilla Public License Version 2.0\n==================================\n\n1. Definitions\n--------------\n\n1.1. \"Contributor\""
},
{
"path": "Makefile",
"chars": 1463,
"preview": "TAG ?= $(shell git describe --tag --always --dirty)\nARTIFACTS ?= _out\n\nifneq ($(origin TESTS), undefined)\n\tRUNARGS = -ru"
},
{
"path": "README.md",
"chars": 460,
"preview": "# terraform-provider-talos\n\n## Debugging\n\nIn a bash shell, build a debug version of this provider binary:\n\n```bash\nmake "
},
{
"path": "docs/data-sources/client_configuration.md",
"chars": 1410,
"preview": "---\n# generated by https://github.com/hashicorp/terraform-plugin-docs\npage_title: \"talos_client_configuration Data Sourc"
},
{
"path": "docs/data-sources/cluster_health.md",
"chars": 1916,
"preview": "---\n# generated by https://github.com/hashicorp/terraform-plugin-docs\npage_title: \"talos_cluster_health Data Source - ta"
},
{
"path": "docs/data-sources/cluster_kubeconfig.md",
"chars": 3476,
"preview": "---\n# generated by https://github.com/hashicorp/terraform-plugin-docs\npage_title: \"talos_cluster_kubeconfig Data Source "
},
{
"path": "docs/data-sources/image_factory_extensions_versions.md",
"chars": 1910,
"preview": "---\n# generated by https://github.com/hashicorp/terraform-plugin-docs\npage_title: \"talos_image_factory_extensions_versio"
},
{
"path": "docs/data-sources/image_factory_overlays_versions.md",
"chars": 1513,
"preview": "---\n# generated by https://github.com/hashicorp/terraform-plugin-docs\npage_title: \"talos_image_factory_overlays_versions"
},
{
"path": "docs/data-sources/image_factory_urls.md",
"chars": 3180,
"preview": "---\n# generated by https://github.com/hashicorp/terraform-plugin-docs\npage_title: \"talos_image_factory_urls Data Source "
},
{
"path": "docs/data-sources/image_factory_versions.md",
"chars": 1230,
"preview": "---\n# generated by https://github.com/hashicorp/terraform-plugin-docs\npage_title: \"talos_image_factory_versions Data Sou"
},
{
"path": "docs/data-sources/machine_configuration.md",
"chars": 5244,
"preview": "---\npage_title: \"talos_machine_configuration Data Source - talos\"\nsubcategory: \"\"\ndescription: |-\n Generate a machine c"
},
{
"path": "docs/data-sources/machine_disks.md",
"chars": 2937,
"preview": "---\npage_title: \"talos_machine_disks Data Source - talos\"\nsubcategory: \"\"\ndescription: |-\n Generate a machine configura"
},
{
"path": "docs/ephemeral-resources/client_configuration.md",
"chars": 5712,
"preview": "---\n# generated by https://github.com/hashicorp/terraform-plugin-docs\npage_title: \"talos_client_configuration Ephemeral "
},
{
"path": "docs/ephemeral-resources/cluster_health.md",
"chars": 1523,
"preview": "---\n# generated by https://github.com/hashicorp/terraform-plugin-docs\npage_title: \"talos_cluster_health Ephemeral Resour"
},
{
"path": "docs/ephemeral-resources/cluster_kubeconfig.md",
"chars": 6709,
"preview": "---\n# generated by https://github.com/hashicorp/terraform-plugin-docs\npage_title: \"talos_cluster_kubeconfig Ephemeral Re"
},
{
"path": "docs/ephemeral-resources/machine_configuration.md",
"chars": 5066,
"preview": "---\npage_title: \"talos_machine_configuration Ephemeral Resource - talos\"\nsubcategory: \"\"\ndescription: |-\n Generate a ma"
},
{
"path": "docs/ephemeral-resources/machine_secrets.md",
"chars": 4206,
"preview": "---\n# generated by https://github.com/hashicorp/terraform-plugin-docs\npage_title: \"talos_machine_secrets Ephemeral Resou"
},
{
"path": "docs/guides/using_ephemeral_resources.md",
"chars": 16841,
"preview": "---\npage_title: \"Using Ephemeral Resources - talos Provider\"\nsubcategory: \"\"\ndescription: |-\n Learn how to use ephemera"
},
{
"path": "docs/guides/version-0.2-upgrade.html.md",
"chars": 7360,
"preview": "---\npage_title: \"Terraform Talos Provider Version 0.2 Upgrade Guide\"\ndescription: |-\n Terraform Talos Provider Version "
},
{
"path": "docs/index.md",
"chars": 497,
"preview": "---\npage_title: \"Provider: Talos\"\ndescription: |-\n The Talos provider is used to manage a Talos cluster config generati"
},
{
"path": "docs/resources/cluster_kubeconfig.md",
"chars": 3630,
"preview": "---\npage_title: \"talos_cluster_kubeconfig Resource - talos\"\nsubcategory: \"\"\ndescription: |-\n Retrieves the kubeconfig f"
},
{
"path": "docs/resources/image_factory_schematic.md",
"chars": 1349,
"preview": "---\npage_title: \"talos_image_factory_schematic Resource - talos\"\nsubcategory: \"\"\ndescription: |-\n The image factory sch"
},
{
"path": "docs/resources/machine_bootstrap.md",
"chars": 3829,
"preview": "---\npage_title: \"talos_machine_bootstrap Resource - talos\"\nsubcategory: \"\"\ndescription: |-\n The machine bootstrap resou"
},
{
"path": "docs/resources/machine_configuration_apply.md",
"chars": 6177,
"preview": "---\npage_title: \"talos_machine_configuration_apply Resource - talos\"\nsubcategory: \"\"\ndescription: |-\n The machine confi"
},
{
"path": "docs/resources/machine_secrets.md",
"chars": 4308,
"preview": "---\npage_title: \"talos_machine_secrets Resource - talos\"\nsubcategory: \"\"\ndescription: |-\n Generate machine secrets for "
},
{
"path": "examples/README.md",
"chars": 98,
"preview": "# Talos provider examples\n\nThis directory contains a set of examples on using the Talos provider.\n"
},
{
"path": "examples/data-sources/talos_client_configuration/data-source.tf",
"chars": 243,
"preview": "resource \"talos_machine_secrets\" \"this\" {}\n\ndata \"talos_client_configuration\" \"this\" {\n cluster_name = \"example"
},
{
"path": "examples/data-sources/talos_cluster_kubeconfig/data-source.tf",
"chars": 1312,
"preview": "resource \"talos_machine_secrets\" \"this\" {}\n\ndata \"talos_machine_configuration\" \"this\" {\n cluster_name = \"example-cl"
},
{
"path": "examples/data-sources/talos_image_factory_extensions_versions/data-source.tf",
"chars": 212,
"preview": "provider \"talos\" {}\n\ndata \"talos_image_factory_extensions_versions\" \"this\" {\n # get the latest talos version\n talos_ve"
},
{
"path": "examples/data-sources/talos_image_factory_overlays_versions/data-source.tf",
"chars": 179,
"preview": "provider \"talos\" {}\n\ndata \"talos_image_factory_overlays_versions\" \"this\" {\n # get the latest talos version\n talos_vers"
},
{
"path": "examples/data-sources/talos_image_factory_urls/data-source.tf",
"chars": 271,
"preview": "data \"talos_image_factory_urls\" \"this\" {\n talos_version = \"v1.7.5\"\n schematic_id = \"376567988ad370138ad8b2698212367b8"
},
{
"path": "examples/data-sources/talos_image_factory_versions/data-source.tf",
"chars": 228,
"preview": "provider \"talos\" {}\n\ndata \"talos_image_factory_versions\" \"this\" {}\n\noutput \"latest\" {\n value = element(data.talos_image"
},
{
"path": "examples/data-sources/talos_machine_configuration/data-source.tf",
"chars": 279,
"preview": "resource \"talos_machine_secrets\" \"this\" {}\n\ndata \"talos_machine_configuration\" \"this\" {\n cluster_name = \"example-cl"
},
{
"path": "examples/data-sources/talos_machine_disks/data-source.tf",
"chars": 390,
"preview": "resource \"talos_machine_secrets\" \"this\" {}\n\ndata \"talos_machine_disks\" \"this\" {\n client_configuration = talos_machine_s"
},
{
"path": "examples/ephemeral-resources/README.md",
"chars": 2647,
"preview": "# Ephemeral Resources Examples\n\nThis directory contains examples demonstrating how to use ephemeral resources in the Tal"
},
{
"path": "examples/ephemeral-resources/basic/README.md",
"chars": 3892,
"preview": "# Basic Ephemeral Resources Example\n\nThis example demonstrates the fundamental pattern for using ephemeral resources wit"
},
{
"path": "examples/ephemeral-resources/basic/main.tf",
"chars": 4504,
"preview": "terraform {\n required_version = \">= 1.11\"\n required_providers {\n talos = {\n source = \"siderolabs/talos\"\n "
},
{
"path": "examples/ephemeral-resources/talos_cluster_kubeconfig/ephemeral-resource.tf",
"chars": 895,
"preview": "ephemeral \"talos_machine_secrets\" \"this\" {}\n\nephemeral \"talos_cluster_kubeconfig\" \"this\" {\n cluster_name = \"example-"
},
{
"path": "examples/resources/talos_cluster_kubeconfig/resource.tf",
"chars": 1316,
"preview": "resource \"talos_machine_secrets\" \"this\" {}\n\ndata \"talos_machine_configuration\" \"this\" {\n cluster_name = \"example-cl"
},
{
"path": "examples/resources/talos_image_factory_schematic/resource.tf",
"chars": 557,
"preview": "provider \"talos\" {}\n\ndata \"talos_image_factory_extensions_versions\" \"this\" {\n # get the latest talos version\n talos_ve"
},
{
"path": "examples/resources/talos_machine_bootstrap/import.sh",
"chars": 154,
"preview": "# machine bootstrap can be imported to let terraform know that the machine is already bootstrapped\nterraform import talo"
},
{
"path": "examples/resources/talos_machine_bootstrap/resource.tf",
"chars": 1104,
"preview": "resource \"talos_machine_secrets\" \"this\" {}\n\ndata \"talos_machine_configuration\" \"this\" {\n cluster_name = \"example-cl"
},
{
"path": "examples/resources/talos_machine_configuration_apply/resource.tf",
"chars": 942,
"preview": "resource \"talos_machine_secrets\" \"this\" {}\n\ndata \"talos_machine_configuration\" \"this\" {\n cluster_name = \"example-cl"
},
{
"path": "examples/resources/talos_machine_secrets/import.sh",
"chars": 131,
"preview": "# machine secrets can be imported from an existing secrets file\nterraform import talos_machine_secrets.this <path-to-sec"
},
{
"path": "examples/resources/talos_machine_secrets/resource.tf",
"chars": 54,
"preview": "resource \"talos_machine_secrets\" \"machine_secrets\" {}\n"
},
{
"path": "go.mod",
"chars": 9436,
"preview": "module github.com/siderolabs/terraform-provider-talos\n\ngo 1.26.2\n\nrequire (\n\tgithub.com/blang/semver/v4 v4.0.0\n\tgithub.c"
},
{
"path": "go.sum",
"chars": 51039,
"preview": "cel.dev/expr v0.25.1 h1:1KrZg61W6TWSxuNZ37Xy49ps13NUovb66QLprthtwi4=\ncel.dev/expr v0.25.1/go.mod h1:hrXvqGP6G6gyx8UAHSHJ"
},
{
"path": "hack/release.sh",
"chars": 3939,
"preview": "#!/usr/bin/env bash\n\n# THIS FILE WAS AUTOMATICALLY GENERATED, PLEASE DO NOT EDIT.\n#\n# Generated on 2024-08-29T12:20:48Z "
},
{
"path": "hack/release.toml",
"chars": 501,
"preview": "# commit to be tagged for the new release\ncommit = \"HEAD\"\n\nproject_name = \"terraform-provider-talos\"\ngithub_repo = \"side"
},
{
"path": "main.go",
"chars": 1284,
"preview": "// This Source Code Form is subject to the terms of the Mozilla Public\n// License, v. 2.0. If a copy of the MPL was not "
},
{
"path": "pkg/talos/client_configuration_test.go",
"chars": 4907,
"preview": "// This Source Code Form is subject to the terms of the Mozilla Public\n// License, v. 2.0. If a copy of the MPL was not "
},
{
"path": "pkg/talos/generate_kubeconfig_test.go",
"chars": 1644,
"preview": "// This Source Code Form is subject to the terms of the Mozilla Public\n// License, v. 2.0. If a copy of the MPL was not "
},
{
"path": "pkg/talos/internal/gen/diskspec.go",
"chars": 6299,
"preview": "// This Source Code Form is subject to the terms of the Mozilla Public\n// License, v. 2.0. If a copy of the MPL was not "
},
{
"path": "pkg/talos/provider.go",
"chars": 3957,
"preview": "// This Source Code Form is subject to the terms of the Mozilla Public\n// License, v. 2.0. If a copy of the MPL was not "
},
{
"path": "pkg/talos/provider_test.go",
"chars": 5923,
"preview": "// This Source Code Form is subject to the terms of the Mozilla Public\n// License, v. 2.0. If a copy of the MPL was not "
},
{
"path": "pkg/talos/rfc6979.go",
"chars": 4318,
"preview": "// This Source Code Form is subject to the terms of the Mozilla Public\n// License, v. 2.0. If a copy of the MPL was not "
},
{
"path": "pkg/talos/rfc6979_test.go",
"chars": 2032,
"preview": "// This Source Code Form is subject to the terms of the Mozilla Public\n// License, v. 2.0. If a copy of the MPL was not "
},
{
"path": "pkg/talos/talos_client_configuration_data_source.go",
"chars": 4811,
"preview": "// This Source Code Form is subject to the terms of the Mozilla Public\n// License, v. 2.0. If a copy of the MPL was not "
},
{
"path": "pkg/talos/talos_client_configuration_data_source_test.go",
"chars": 4347,
"preview": "// This Source Code Form is subject to the terms of the Mozilla Public\n// License, v. 2.0. If a copy of the MPL was not "
},
{
"path": "pkg/talos/talos_client_configuration_ephemeral_resource.go",
"chars": 7496,
"preview": "// This Source Code Form is subject to the terms of the Mozilla Public\n// License, v. 2.0. If a copy of the MPL was not "
},
{
"path": "pkg/talos/talos_client_configuration_ephemeral_resource_test.go",
"chars": 9082,
"preview": "// This Source Code Form is subject to the terms of the Mozilla Public\n// License, v. 2.0. If a copy of the MPL was not "
},
{
"path": "pkg/talos/talos_cluster_health_data_source.go",
"chars": 7983,
"preview": "// This Source Code Form is subject to the terms of the Mozilla Public\n// License, v. 2.0. If a copy of the MPL was not "
},
{
"path": "pkg/talos/talos_cluster_health_data_source_test.go",
"chars": 1529,
"preview": "// This Source Code Form is subject to the terms of the Mozilla Public\n// License, v. 2.0. If a copy of the MPL was not "
},
{
"path": "pkg/talos/talos_cluster_health_ephemeral_resource.go",
"chars": 7068,
"preview": "// This Source Code Form is subject to the terms of the Mozilla Public\n// License, v. 2.0. If a copy of the MPL was not "
},
{
"path": "pkg/talos/talos_cluster_kubeconfig_data_source.go",
"chars": 7667,
"preview": "// This Source Code Form is subject to the terms of the Mozilla Public\n// License, v. 2.0. If a copy of the MPL was not "
},
{
"path": "pkg/talos/talos_cluster_kubeconfig_ephemeral_resource.go",
"chars": 12424,
"preview": "// This Source Code Form is subject to the terms of the Mozilla Public\n// License, v. 2.0. If a copy of the MPL was not "
},
{
"path": "pkg/talos/talos_cluster_kubeconfig_ephemeral_resource_test.go",
"chars": 9560,
"preview": "// This Source Code Form is subject to the terms of the Mozilla Public\n// License, v. 2.0. If a copy of the MPL was not "
},
{
"path": "pkg/talos/talos_cluster_kubeconfig_resource.go",
"chars": 23813,
"preview": "// This Source Code Form is subject to the terms of the Mozilla Public\n// License, v. 2.0. If a copy of the MPL was not "
},
{
"path": "pkg/talos/talos_cluster_kubeconfig_resource_test.go",
"chars": 4624,
"preview": "// This Source Code Form is subject to the terms of the Mozilla Public\n// License, v. 2.0. If a copy of the MPL was not "
},
{
"path": "pkg/talos/talos_image_factory_extensions_versions_data_source.go",
"chars": 6799,
"preview": "// This Source Code Form is subject to the terms of the Mozilla Public\n// License, v. 2.0. If a copy of the MPL was not "
},
{
"path": "pkg/talos/talos_image_factory_extensions_versions_data_source_test.go",
"chars": 2501,
"preview": "// This Source Code Form is subject to the terms of the Mozilla Public\n// License, v. 2.0. If a copy of the MPL was not "
},
{
"path": "pkg/talos/talos_image_factory_overlays_versions_data_source.go",
"chars": 5329,
"preview": "// This Source Code Form is subject to the terms of the Mozilla Public\n// License, v. 2.0. If a copy of the MPL was not "
},
{
"path": "pkg/talos/talos_image_factory_overlays_versions_data_source_test.go",
"chars": 1710,
"preview": "// This Source Code Form is subject to the terms of the Mozilla Public\n// License, v. 2.0. If a copy of the MPL was not "
},
{
"path": "pkg/talos/talos_image_factory_schematic_resource.go",
"chars": 4780,
"preview": "// This Source Code Form is subject to the terms of the Mozilla Public\n// License, v. 2.0. If a copy of the MPL was not "
},
{
"path": "pkg/talos/talos_image_factory_schematic_resource_test.go",
"chars": 3035,
"preview": "// This Source Code Form is subject to the terms of the Mozilla Public\n// License, v. 2.0. If a copy of the MPL was not "
},
{
"path": "pkg/talos/talos_image_factory_urls_data_source.go",
"chars": 13639,
"preview": "// This Source Code Form is subject to the terms of the Mozilla Public\n// License, v. 2.0. If a copy of the MPL was not "
},
{
"path": "pkg/talos/talos_image_factory_urls_data_source_test.go",
"chars": 13704,
"preview": "// This Source Code Form is subject to the terms of the Mozilla Public\n// License, v. 2.0. If a copy of the MPL was not "
},
{
"path": "pkg/talos/talos_image_factory_versions_data_source.go",
"chars": 4434,
"preview": "// This Source Code Form is subject to the terms of the Mozilla Public\n// License, v. 2.0. If a copy of the MPL was not "
},
{
"path": "pkg/talos/talos_image_factory_versions_data_source_test.go",
"chars": 1716,
"preview": "// This Source Code Form is subject to the terms of the Mozilla Public\n// License, v. 2.0. If a copy of the MPL was not "
},
{
"path": "pkg/talos/talos_machine_bootstrap_resource.go",
"chars": 14381,
"preview": "// This Source Code Form is subject to the terms of the Mozilla Public\n// License, v. 2.0. If a copy of the MPL was not "
},
{
"path": "pkg/talos/talos_machine_bootstrap_resource_test.go",
"chars": 5060,
"preview": "// This Source Code Form is subject to the terms of the Mozilla Public\n// License, v. 2.0. If a copy of the MPL was not "
},
{
"path": "pkg/talos/talos_machine_configuration_apply_resource.go",
"chars": 39975,
"preview": "// This Source Code Form is subject to the terms of the Mozilla Public\n// License, v. 2.0. If a copy of the MPL was not "
},
{
"path": "pkg/talos/talos_machine_configuration_apply_resource_test.go",
"chars": 23509,
"preview": "// This Source Code Form is subject to the terms of the Mozilla Public\n// License, v. 2.0. If a copy of the MPL was not "
},
{
"path": "pkg/talos/talos_machine_configuration_data_source.go",
"chars": 13881,
"preview": "// This Source Code Form is subject to the terms of the Mozilla Public\n// License, v. 2.0. If a copy of the MPL was not "
},
{
"path": "pkg/talos/talos_machine_configuration_data_source_test.go",
"chars": 15023,
"preview": "// This Source Code Form is subject to the terms of the Mozilla Public\n// License, v. 2.0. If a copy of the MPL was not "
},
{
"path": "pkg/talos/talos_machine_configuration_ephemeral_resource.go",
"chars": 8860,
"preview": "// This Source Code Form is subject to the terms of the Mozilla Public\n// License, v. 2.0. If a copy of the MPL was not "
},
{
"path": "pkg/talos/talos_machine_configuration_ephemeral_resource_test.go",
"chars": 2801,
"preview": "// This Source Code Form is subject to the terms of the Mozilla Public\n// License, v. 2.0. If a copy of the MPL was not "
},
{
"path": "pkg/talos/talos_machine_disks_data_source.go",
"chars": 6526,
"preview": "// This Source Code Form is subject to the terms of the Mozilla Public\n// License, v. 2.0. If a copy of the MPL was not "
},
{
"path": "pkg/talos/talos_machine_disks_data_source_test.go",
"chars": 2118,
"preview": "// This Source Code Form is subject to the terms of the Mozilla Public\n// License, v. 2.0. If a copy of the MPL was not "
},
{
"path": "pkg/talos/talos_machine_disks_data_source_types.go",
"chars": 3914,
"preview": "// This Source Code Form is subject to the terms of the Mozilla Public\n// License, v. 2.0. If a copy of the MPL was not "
},
{
"path": "pkg/talos/talos_machine_secrets_ephemeral_resource.go",
"chars": 4693,
"preview": "// This Source Code Form is subject to the terms of the Mozilla Public\n// License, v. 2.0. If a copy of the MPL was not "
},
{
"path": "pkg/talos/talos_machine_secrets_ephemeral_resource_test.go",
"chars": 4601,
"preview": "// This Source Code Form is subject to the terms of the Mozilla Public\n// License, v. 2.0. If a copy of the MPL was not "
},
{
"path": "pkg/talos/talos_machine_secrets_resource.go",
"chars": 18947,
"preview": "// This Source Code Form is subject to the terms of the Mozilla Public\n// License, v. 2.0. If a copy of the MPL was not "
},
{
"path": "pkg/talos/talos_machine_secrets_resource_test.go",
"chars": 45339,
"preview": "// This Source Code Form is subject to the terms of the Mozilla Public\n// License, v. 2.0. If a copy of the MPL was not "
},
{
"path": "pkg/talos/testdata/patch-invalid.yaml",
"chars": 32,
"preview": "machine:\n sysctl:\n foo: bar\n"
},
{
"path": "pkg/talos/testdata/patch-strategic.yaml",
"chars": 83,
"preview": "machine:\n sysfs:\n foo: bar\ncluster:\n apiServer:\n extraArgs:\n foo: bar\n"
},
{
"path": "pkg/talos/testdata/secrets.yaml",
"chars": 4841,
"preview": "cluster:\n id: _u8NZvwQ9ObtEN7iTzc-OEpk20K-rnO3FNcjvVEQ84Q=\n secret: UnZE8oq6qPNI8tuw+WF3PGi2Zba0RQuit/aJTflOau8=\ns"
},
{
"path": "pkg/talos/testdata/secretsv1.2.yaml",
"chars": 4838,
"preview": "cluster:\n id: q_I385nl7MWqU1UpW224rQyZW4TWd_WmnxsA2MQLsl8=\n secret: 1szT7qMuensSCcSVRtnFsG0pbXMLMSZ8r5wu/41aJBc=\ns"
},
{
"path": "pkg/talos/util.go",
"chars": 21726,
"preview": "// This Source Code Form is subject to the terms of the Mozilla Public\n// License, v. 2.0. If a copy of the MPL was not "
},
{
"path": "templates/data-sources/machine_configuration.md.tmpl",
"chars": 612,
"preview": "---\npage_title: \"{{.Name}} {{.Type}} - {{.RenderedProviderName}}\"\nsubcategory: \"\"\ndescription: |-\n{{ .Description | plai"
},
{
"path": "templates/data-sources/machine_disks.md.tmpl",
"chars": 620,
"preview": "---\npage_title: \"{{.Name}} {{.Type}} - {{.RenderedProviderName}}\"\nsubcategory: \"\"\ndescription: |-\n{{ .Description | plai"
},
{
"path": "templates/ephemeral-resources/machine_configuration.md.tmpl",
"chars": 612,
"preview": "---\npage_title: \"{{.Name}} {{.Type}} - {{.RenderedProviderName}}\"\nsubcategory: \"\"\ndescription: |-\n{{ .Description | plai"
},
{
"path": "templates/guides/using_ephemeral_resources.md",
"chars": 16841,
"preview": "---\npage_title: \"Using Ephemeral Resources - talos Provider\"\nsubcategory: \"\"\ndescription: |-\n Learn how to use ephemera"
},
{
"path": "templates/guides/version-0.2-upgrade.html.md",
"chars": 7360,
"preview": "---\npage_title: \"Terraform Talos Provider Version 0.2 Upgrade Guide\"\ndescription: |-\n Terraform Talos Provider Version "
},
{
"path": "templates/index.md.tmpl",
"chars": 497,
"preview": "---\npage_title: \"Provider: Talos\"\ndescription: |-\n The Talos provider is used to manage a Talos cluster config generati"
},
{
"path": "templates/resources.md.tmpl",
"chars": 472,
"preview": "---\npage_title: \"{{.Name}} {{.Type}} - {{.RenderedProviderName}}\"\nsubcategory: \"\"\ndescription: |-\n{{ .Description | plai"
},
{
"path": "terraform-registry-manifest.json",
"chars": 104,
"preview": "{\n \"version\": 1,\n \"metadata\": {\n \"protocol_versions\": [\n \"5.0\"\n ]\n }\n}"
},
{
"path": "tools/go.mod",
"chars": 17261,
"preview": "module github.com/siderolabs/terraform-provider-talos/tools\n\ngo 1.26.1\n\ntool (\n\tgithub.com/anchore/syft/cmd/syft\n\tgolang"
},
{
"path": "tools/go.sum",
"chars": 151326,
"preview": "cel.dev/expr v0.25.1 h1:1KrZg61W6TWSxuNZ37Xy49ps13NUovb66QLprthtwi4=\ncel.dev/expr v0.25.1/go.mod h1:hrXvqGP6G6gyx8UAHSHJ"
},
{
"path": "tools.go",
"chars": 336,
"preview": "// This Source Code Form is subject to the terms of the Mozilla Public\n// License, v. 2.0. If a copy of the MPL was not "
}
]
About this extraction
This page contains the full source code of the siderolabs/terraform-provider-talos GitHub repository, extracted and formatted as plain text for AI agents and large language models (LLMs). The extraction includes 121 files (907.6 KB), approximately 309.6k tokens, and a symbol index with 367 extracted functions, classes, methods, constants, and types. Use this with OpenClaw, Claude, ChatGPT, Cursor, Windsurf, or any other AI tool that accepts text input. You can copy the full output to your clipboard or download it as a .txt file.
Extracted by GitExtract — free GitHub repo to text converter for AI. Built by Nikandr Surkov.