Skip to content

CHANGELOG.md

Latest commit

 

History

History
1232 lines (1125 loc) · 126 KB

CHANGELOG.md

File metadata and controls

1232 lines (1125 loc) · 126 KB

omni-infra-provider-bare-metal 0.9.0 (2026-04-08)

Welcome to the v0.9.0 release of omni-infra-provider-bare-metal!

Please try out the release binaries and report any issues at https://github.com/siderolabs/omni-infra-provider-bare-metal/issues.

Removed --dhcp-proxy-port Flag

The --dhcp-proxy-port flag has been removed. The DHCP proxy now always listens on both port 67 and port 4011 as required by the PXE specification. If you were using --dhcp-proxy-port=4011 to run in proxy DHCP mode, use --disable-dhcp-proxy-broadcast instead.

Contributors

  • Utku Ozdemir

Changes

2 commits

  • 84b50bf fix: listen on both DHCP port 67 and 4011 per PXE spec
  • c9b458e test: add BMC integration tests and fix hardcoded IPMI username

Dependency Changes

  • golang.org/x/net v0.51.0 -> v0.52.0
  • golang.org/x/sync v0.19.0 -> v0.20.0
  • google.golang.org/grpc v1.79.1 -> v1.80.0

Previous release can be found at v0.8.1

omni-infra-provider-bare-metal 0.8.1 (2026-03-03)

Welcome to the v0.8.1 release of omni-infra-provider-bare-metal!

Please try out the release binaries and report any issues at https://github.com/siderolabs/omni-infra-provider-bare-metal/issues.

Contributors

  • Andrey Smirnov
  • Mateusz Urbanek
  • Noel Georgi
  • Kevin Tijssen
  • Dmitrii Sharshakov
  • Laura Brehm
  • Orzelius
  • Utku Ozdemir
  • Artem Chernyshev
  • Edward Sammut Alessi
  • Tim Jones
  • Bryan Lee
  • Max Makarov
  • Pranav Patil
  • Alexis La Goutte
  • Andreas Freund
  • Andrei Kvapil
  • Christopher Puschmann
  • Daddie0
  • Daniil Kivenko
  • Florian Ströger
  • Fritz Schaal
  • Jan Paul
  • Jonas Lammler
  • Justin Garrison
  • Lennard Klein
  • Matthew Sanabria
  • Mickaël Canévet
  • Mikolaj Pawlikowski
  • Nico Berlee
  • Olav Thoresen
  • Skye Soss
  • Spencer Smith
  • Sébastien Masset
  • dataprolet
  • drew

Changes

3 commits

  • 9ed9832 chore: bump deps including new redfish changes
  • 89de24a fix: correct /tftp/ HTTP path, debug build tags, and comment typos
  • 529806a fix: use a private IP range in tests

Changes from siderolabs/image-factory

50 commits

  • f0c7a7b release(v1.0.3): prepare release
  • dd92631 docs: correct path to hack/copy-artifacts.sh
  • ddc1a83 fix: update Talos to fix rpi_5 build
  • b3d07e5 docs: remove redundant Kubernetes version prerequisite
  • 9666795 fix: values.schema.json
  • 8a8da46 feat: adjust security context for user namespace mode
  • bc631dc fix: values.schema.json
  • 8ea6fe9 feat: add user namespace support with Kubernetes version validation
  • 324c464 fix: skip initializing TUF if keyless signing is disabled
  • a42b9d9 release(v1.0.2): prepare release
  • 80d1ba3 fix: pass nameoptions to verify bundle too
  • eec01d1 release(v1.0.1): prepare release
  • ec1c0a7 fix: pass insecure to the cosign new bundle verifier
  • 14d0f2a release(v1.0.0): prepare release
  • a90529c feat: add more security contexts
  • ec69fe2 fix: extra kernel args for overlays
  • aa325ee feat: add Helm docs and schema
  • 3c18e05 feat: add Sidero google service account email also to verfiers
  • 151feb5 fix: docs url
  • 42a1c45 feat: add helm to kres
  • ac4718a feat: update Talos and pkgs
  • 1d6468e feat: add helm e2e to CI
  • 2f0499c feat: added e2e tests
  • 2eccf98 fix: made changes on the recommendation of copilot
  • e27ea36 feat: Added E2E with KUTTL
  • 9f6b9e7 feat: Added additional tests
  • 4939747 feat: Added helm unittests
  • dcaa1db feat: added helmchart
  • 1f85622 feat: add cloudflare credentials helper
  • 852856d fix: installer internal config
  • c8c6576 release(v1.0.0-beta.0): prepare release
  • 56bd21b fix: allow Cache-Control header in CORS
  • 83f4d91 fix: clarify bootloader selection
  • c8c5faa feat: allow using image GET/HEAD API by the JS code on any domains
  • e732d90 feat: support acm for secureboot
  • 5f103c1 feat: support copying to clipboard
  • c3532c4 feat: update Talos with GRUB and other fixes
  • b5ba663 fix: avoid pulling Talos core in schematic pkg
  • b2b0cc8 fix: update cosign to v3.0.4
  • fca99d0 chore: update docs/developing.md
  • 49f4226 chore: separate kres integration-test variables
  • 190aa22 fix: add missing libarchive dependency
  • 37bd795 fix: image-factory rootless
  • 99cbfd7 fix: don't enforce bundle verified
  • cf3e56a chore: bump talos
  • 8723b02 fix: drop sbc board support
  • f0150c4 feat: use rootless Image Factory
  • f57218f feat: refactor configuration of image factory
  • e440ce7 fix: support new cosign bundle format
  • 5eb1775 feat: introduce Enterprise Image Factory

Changes from siderolabs/talos

222 commits

  • 59311a792 release(v1.13.0-alpha.2): prepare release
  • 009f0d6ca chore: update pkgs
  • ba56b0295 feat: include hid-multitouch.ko kernel module in rootfs
  • ae29a0dcc feat: update Linux to 6.18.13
  • 7cf1de279 fix: bring in new version of go-cmd and go-blockdevice
  • c8800b41e fix: update path handling on talosctl cgroups
  • 0a7b6eb2c chore: test extensions
  • 8b1c974a2 refactor: drop termui-widgets library
  • 5baa0028e fix: add owning inventory annotation to talos manifests
  • d3e793d14 fix: stop Kubernetes client from dynamically reloading the certs
  • 6a5a0e3bd feat: support pattern link aliases
  • 9758bd4fe feat: update Go to 1.26
  • e00aed0f6 feat: update Kubernetes v1.36.0-alpha.1
  • f20445ad0 chore: improve logging of disk encryption handling
  • f018fbe7b fix: handle raw encryption keys with \n properly
  • e5b0eb017 fix: hold user volumes root mountpoint
  • 8a0e79774 refactor: split locate and provision
  • a59db0e92 fix: improve OpenStack bare metal network configuration reliability
  • 659009ad8 fix: remove stale endpoints
  • dab0d4783 fix: allow static hosts in /etc/hosts without hostname
  • 45f214154 feat: update go-kubernetes to use new Myers diff
  • 35ad0448c fix: switch to better Myers algorithm implementation
  • 0048464be feat: update etcd to v3.6.8
  • 5df10f260 fix: use mcopy instead of diskfs to populate VFAT
  • ce53ffa90 fix: disks flag parsing and handling in create qemu command
  • 3bd3dd7ca fix: memory overuse in imager VFAT
  • f118ee47e fix: read multi-doc machine config with newer talosctl
  • 70c6c2154 feat: add filter for KubeSpan advertised networks
  • daf18abf4 fix: fix talosctl debug in enforcing mode
  • 33b5b2565 fix: ignore volumes in wave calculation without provisioning
  • a16392559 feat: add explicit service account support to Talos client
  • 4d531884e chore: update dependencies
  • 406b8c83c feat: update doc links to docs.siderolabs.com
  • 87615f551 feat: implement network policies with Flannel CNI
  • 6995bc1b1 chore: update homebrew formula on release
  • 7942d5a98 fix: image gc controller config
  • 52e8727d0 feat: add IPv6 GRE support
  • 9690dbad0 chore: bump tools (including linter)
  • 2628eb2ec fix: typo with rpi_5 profile name
  • d5ebcd7ca fix: stop building talosctl debug on Windows
  • 8b85c7c63 chore: update deps
  • d905035b5 fix: swap volume configuration for min/max size
  • d43a01ccb feat: implement talosctl debug
  • 34a31c979 feat: add mount options support for existing volumes
  • 1bf95eed1 feat: improve dashboard uptime display
  • 055add7ae release(v1.13.0-alpha.1): prepare release
  • 900516e68 chore: update image signer
  • 938de566e feat: bump kernel
  • 388cec727 feat(overlays): add new overlays
  • 9f2dd6312 refactor: api tests
  • a90783146 feat: add a helper module to generate standard patches
  • 1fec5b23d fix: implement merger for PercentageSize
  • 8b245b8f2 feat: implement new image service APIs
  • d90c775b8 chore: rename internal talosctl debug air-gapped
  • 2165280d0 refactor: change the way one2many proxying is picked
  • b1b703dbe chore: move sync logging code to go-kubernetes package
  • e48c6d7ab fix: allow to expose a port multiple times in Docker
  • 410d8cb57 fix: undo CRLF on Windows (talosctl edit)
  • 859d3f03c feat: add RPi5 to the list of supported SBCs
  • 0bd48bbc6 fix(talosctl): pass --k8s-endpoint flag to rotate-ca kubernetes rotation
  • b9e27ebe7 feat: update Linux kernel with dm-integrity
  • 6aa9b0677 fix: skip empty documents on config decoding
  • 494492489 fix: always set advertised peer URLs
  • 782cc507d fix: open the filesystem as read-only
  • 28e61a740 fix: set GRUB prefix correctly on arm64
  • a4f1c5239 feat: update GRUB to 2.14
  • 562920701 fix: use node podCIDRs for kubespan advertiseKubernetesNetworks
  • 39460365c feat: implement layering for ProbeSpec
  • b5c760f70 feat: add ProbeConfig for network connectivity probes
  • 4b274f761 feat: support aws cert manager in imager
  • 417209512 fix: fallback to /proc/meminfo for memory modules
  • 7f1147bed fix: add warnings to 802.3ad bond
  • ddd6b186e refactor: generate GRUB images
  • c7aa266ea fix: overwrite resolver config with machine config
  • cf70f05fa fix: oracle platform file format
  • 8c7b8f5b7 feat: add support for negative max size
  • 77bc3d21f fix: marshal of FailOverMac property
  • 38e280c93 fix: make OOM expression a bit less sensitive
  • 3d1301640 fix: wipe the first/last 1MiB in addition to wiping by signatures
  • 1aa6528ad fix: make OOM controller more precise by considering separate cgroup PSI
  • f7072c050 fix: check if the device is not mounted when wiping
  • 743c3b94b fix: use correct containerd import path
  • f2dd08594 feat: report image pull progress in the console
  • 72fe98a06 fix: boot with GRUB
  • d4ed13d93 fix: add talos version to Hetzner Cloud client user agent
  • 150c41c30 feat: update Linux to 6.18.5
  • 01a367891 fix: use append instead of prepend in service-account-issuer
  • d1954278a feat: add extraArgs from service-account-issuer
  • 91b88f7f9 feat: support multiple values for extraArgs
  • 96e604874 fix: add hostname to endpoints
  • 7033275a7 refactor: move BootloaderKind into machinery
  • 71adaf0ea fix: sort mirrors and tls configs when generating the machine config
  • 34f09a300 feat: add VLAN support to OpenStack platform
  • 5127ef7c2 fix: wipe disk by signatures
  • 415bfaedb fix: panic in configpatcher when the whole section is missing
  • e5aca71cd fix: fix healthcheck timeout
  • 634b71e2d docs: move talosctl pcap example to Example Block
  • 818492731 feat: implement KubeSpan multi-document configuration
  • 4d0604b9d chore: remove unrelated machineconfig
  • e36863470 feat: add it87 hwmon module
  • 308c75090 fix: resolve SideroLink Wireguard endpoint on reconnect
  • e4ef494de fix: drop the persist config flag from gen config
  • c3176adcf feat: add EnvironmentConfig document
  • c839b3880 feat: expose more SSA options in the upgrade-k8s command
  • b8ff9677e fix: handle correctly incomplete RegistryTLSConfig
  • 99f2ddada fix: bond config via platform
  • 2449ffea4 fix: allow HostnameConfig to be used with incomplete machine config
  • 35fc52087 fix: lock down etcd listen address to IPv4 localhost
  • 27253d731 feat: use new xfs config file
  • c9d84ae21 fix: generate OCI-compliant image config
  • 7a4b2b33a fix: update VIP config example
  • 080efcbda feat: add k8s-version parameter to k8s-bundle
  • b764f5f72 fix: skip sync test when kube-proxy is disabled
  • 70e67787d feat: imager: populate filesystems with root owned files
  • 7416dca59 fix: print talosctl images to release notes
  • dc2009e47 chore: use context when creating filesystems
  • 85f7be6e3 chore: update slack links
  • 154952175 fix: disable swap for system services
  • d98b415af fix: drop more non-overlay SBC stuff
  • 226cd6bc1 fix: do not allocate for the actual disk image file
  • 53f5bf8d2 fix: overlay installers
  • 10d0cfd93 fix: overlay install in image mode
  • 77086694d fix: partition data population
  • 4d5657b1a fix: drop SBC board code
  • c4f3f6d3e feat: implement kubernetes server-side apply
  • f12fd2b0a test: bump Image Factory tests
  • c76484e58 release(v1.13.0-alpha.0): prepare release
  • f0d8a6851 test: skip the source bundle on exact tag
  • c57701d65 fix: remove interactive installer
  • 43937c1cd feat: update Linux and systemd
  • 72a194df8 feat: add VM CPU hot-add rules
  • f09ae1e0d fix: probe small images correctly
  • 8f2b33799 feat: imager support rootless builds
  • c7525a97e feat: support creating filesystems from folder
  • e2bffb5ce chore: refactor imager code so it's more clear
  • 0fb50dbd0 fix: invalid versions check in talos-bundle
  • b5dd56032 test: upgrade versions in upgrade tests
  • 3dfa4d6e4 fix: make upgrade work with SELinux enforcing=1
  • 786c8e2ee feat: ship pigz/igzip in rootfs to speed up image decompression
  • 48d242918 feat: update containerd to 2.2.1
  • 536541afe fix: mount volume mount/unmount race
  • 39117d457 feat: update dependencies
  • f0f420725 fix: bond setting change detection
  • 8d6a7a867 feat: update Kubernetes to 1.35.0
  • 845a0d09c feat: update etcd 3.6.7, CoreDNS 1.13.2
  • b95912e04 feat: enforce proc_mem.force_override=never by default
  • 681f3e84c test: run virtiofs tests only when virtiofsd is running
  • 0592ff0cd fix: drop the Omni API URL check on IP address
  • a4879a5fa feat: update Linux to 6.18.1
  • 43b43ff18 docs: split talosctl commands into groups
  • 6d17c18bf feat: enable Powercap and Intel RAPL
  • 884e76662 docs: fix the talosctl cluster create help output
  • 6dc31be4f fix: exclude new Virtual IPs configured with new config
  • 94905c73e feat(talosctl): support running qemu x86 on Mac
  • f871ab241 fix: provide json support in nft binary
  • 694f45413 feat: external volumes
  • 39feb16d2 fix: update containerd 2.2.0 with cgroups patch
  • 82027eb9b fix: bond configuration with new settings
  • 121b13b8f fix: disable kexec on arm64
  • 7eaa725d0 fix: selection of boot entry
  • 949bdb90a feat: add Secure Boot to CloudStack platform config
  • 798143a88 fix: discard better klog message from Kubernetes client
  • 008cd0986 fix: disable kexec in talosctl cluster create on arm64
  • bb62b29ed chore: prepare talos for 1.13
  • c0935030a chore: fork reference docs for 1.13.x
  • e387e48b3 fix: do not override DNS on MacOS
  • 1e7e87fb1 fix: rework NFT rules for KubeSpan
  • 51bcfb567 feat: rename image default and source bundle
  • 585abe944 feat: update Kubernetes to v1.35.0-rc.1
  • f301e3e9b fix: update KubeSpan MSS clamping
  • 74c1df6f4 test: propagate MTU size to QEMU in talosctl cluster create
  • d347ca1af fix: update CNI plugins to 1.9.0
  • e3f8196b4 chore: update Grype and Syft
  • e1b8ab323 docs: add misssing period
  • cd04c3dde docs: update release notes
  • fc8ae3249 docs: add omni join token example to create qemu command
  • 9fa00773c chore: update go-blockdevice
  • ba13b6786 fix: correct condition to use UKI cmdline in GRUB
  • d2ce3f47f docs: drop machine.network example
  • cf087c1e0 test: bird2 extension
  • 13df94388 fix: adapt SELinuxSuite.TestNoPtrace to new strace version
  • 861787c38 fix: mark secureboot as supported for metal
  • 04e3e87ad fix: clean up kubelet mounts
  • 21057903a fix: clear provisioning data on SideroLink config change
  • 0f9f4c05f feat: update Kubernetes to 1.35.0-rc.0
  • d4309d7b1 fix: add a timeout for DNS resolving for NTP
  • dd6c1089c feat: update Linux to 6.18.0
  • e9a30bf9a test: revert add direct connectivity CA rotation test
  • cc95562bc fix: don't disable LACP by default
  • c9fe4679b test: add platform acquire/not valid config unit-test
  • 5a03a7a20 chore: fix longhorn test
  • a0cfc3527 feat: implement logs persistence
  • 51b732bea fix: selection of boot entry
  • 18f8ac369 feat: update Kubernetes to 1.35.0-beta.0
  • 92fa7c5e4 chore: update pkgs for NVIDIA 580.105.08
  • f489299b6 chore: correct condition for running k8s integration tests
  • ab149750d chore: update tools/pkgs to 1.13.0-alpha.0
  • 87ff9f860 test: fix the image-factory test to pass IF endpoint
  • 2ffe538e7 test: add direct connectivity CA rotation test
  • 70f6b80e0 chore(ci): skip multipath extension tests
  • 561cfb60c chore: update pkgs and tools version
  • 2f42202a7 fix: simplify OOM expression
  • 7b06ae8c2 test: fix flaky LinkSpec/Wireguard test
  • e715f3871 feat: present kernel log as talosctl logs kernel
  • e2ee39b8a fix: support specifying patch file without '@' symbol
  • e202b1f9e fix: trim trailing dots from certificate SANs
  • 7f7079f9c fix: assign value of multicast setting properly
  • eba96141e feat: update etcd to 3.6.6
  • 9945ceef3 docs: add API Server Cipher Suites changelog
  • 9ed488d09 feat: update TLS cipher suites for API server
  • f1c04e4d6 feat: generate mirrors patch
  • a89108995 fix: add CA subject to generated certificate
  • 35dd612a5 fix: add more resilient move
  • 83675838f feat: extend flags of cache-cert-gen
  • 80ab7a064 chore: remove spammy 'clean up unused volumes' logs
  • 74d35900a chore: disable k8s integration tests for 1GiB worker nodes
  • 4f6218674 feat: support TALOS_HOME env var
  • 0c59b3ea3 feat: add multicast to linkconfig
  • 6db06f4d5 feat: implement multicast setting
  • eeded98f5 fix: add riscv64 talosctl to release artifacts
  • a6bbae91b fix: fix typos across the project
  • 83f2bdb9c feat: support relative voume size

Changes from siderolabs/talos-metal-agent

4 commits

  • 3bcd6af release(v0.1.4): prepare release
  • f2f51f9 fix: default to IPMI port 623 when it is unsupported
  • b475ccc chore: bump deps, rekres
  • 8e92d6e chore: bump extensions ref in boot assets image

Dependency Changes

  • github.com/cosi-project/runtime v1.13.0 -> v1.14.0
  • github.com/insomniacslk/dhcp 175e84fbb167 -> 5adc3eb26f91
  • github.com/klauspost/compress v1.18.3 -> v1.18.4
  • github.com/pin/tftp/v3 17016b3c2849 -> v3.2.0
  • github.com/siderolabs/image-factory v0.9.0 -> v1.0.3
  • github.com/siderolabs/omni/client v1.4.7 -> v1.5.8
  • github.com/siderolabs/talos v1.12.2 -> v1.13.0-alpha.2
  • github.com/siderolabs/talos-metal-agent v0.1.3 -> v0.1.4
  • github.com/siderolabs/talos/pkg/machinery v1.13.0-alpha.0 -> 58e006461d30
  • github.com/stmcginnis/gofish v0.20.0 -> v0.21.4
  • golang.org/x/net v0.49.0 -> v0.51.0
  • google.golang.org/grpc v1.78.0 -> v1.79.1
  • google.golang.org/protobuf v1.36.11 -> f2248ac996af

Previous release can be found at v0.8.0

omni-infra-provider-bare-metal 0.8.0 (2026-02-05)

Welcome to the v0.8.0 release of omni-infra-provider-bare-metal!

Please try out the release binaries and report any issues at https://github.com/siderolabs/omni-infra-provider-bare-metal/issues.

Contributors

  • Andrey Smirnov
  • Noel Georgi
  • Mateusz Urbanek
  • Amarachi Iheanacho
  • Dmitrii Sharshakov
  • Orzelius
  • Laura Brehm
  • Oguz Kilcan
  • Justin Garrison
  • Utku Ozdemir
  • Bryan Lee
  • George Gaál
  • 459below
  • Adrian L Lange
  • Aleksandr Gamzin
  • Alp Celik
  • Andrew Longwill
  • Artem Chernyshev
  • Chris Sanders
  • Christopher Puschmann
  • Dmitry
  • Edward Sammut Alessi
  • Febrian
  • Florian Grignon
  • Giau. Tran Minh
  • Grzegorz Rozniecki
  • Jonas Lammler
  • Lennard Klein
  • Markus Freitag
  • Max Makarov
  • Michael Smith
  • Mike Beaumont
  • Misha Aksenov
  • MrMrRubic
  • Olivier Doucet
  • Pranav
  • Serge Logvinov
  • Skye Soss
  • Skyler Mäntysaari
  • SuitDeer
  • Tom
  • aurh1l
  • frozenprocess
  • frozensprocess
  • kassad
  • leppeK
  • samoreno
  • theschles
  • winnie

Changes

1 commit

  • 3cf79cc test: set required Omni SQLite storage path flag to integration test

Changes from siderolabs/image-factory

16 commits

  • fa266e0 release(v0.9.0): prepare release
  • 6799661 feat: show booter command in final wizard
  • fb22bce feat: support selecting bootloader
  • e881e4b feat: bump deps
  • d1bec57 feat: implement schematic GET API
  • f1dad9d feat: better test matrix
  • bc4f959 fix: remove secureboot talosctl preset
  • db5e4dc feat: add a prompt about using talosctl cluster create qemu
  • 2c5037c chore: bump deps
  • 1559666 feat: replace hardcoded artifact image constants with CLI-configurable values
  • c27ee27 fix: return 400 when an invalid image name is requested
  • 58125d4 feat: support proxying external installer registry
  • d782950 feat: support serving TLS froom Image Factory
  • 743fe7f feat: support disable cosign signature verification
  • 3a20123 chore: rekres with parallel jobs
  • 241963f chore(ci): use runner groups

Changes from siderolabs/talos

388 commits

  • 54e5b438d release(v1.12.2): prepare release
  • 30da0bc19 fix: oracle platform file format
  • 7ddb37b1f fix: make OOM expression a bit less sensitive
  • e438ec23e fix: marshal of FailOverMac property
  • 717ed7265 fix: check if the device is not mounted when wiping
  • c95c9fd06 fix: wipe the first/last 1MiB in addition to wiping by signatures
  • 52bed358d fix: add talos version to Hetzner Cloud client user agent
  • 0e447a431 fix: make OOM controller more precise by considering separate cgroup PSI
  • 3b974b99e fix: sort mirrors and tls configs when generating the machine config
  • 8b16fe50b feat: add VLAN support to OpenStack platform
  • eb8480c4c fix: panic in configpatcher when the whole section is missing
  • 4d44306dd fix: wipe disk by signatures
  • cca4cd269 feat: add it87 hwmon module
  • d9480eef2 fix: resolve SideroLink Wireguard endpoint on reconnect
  • e16c2d5bb fix: handle correctly incomplete RegistryTLSConfig
  • dedd273df fix: bond config via platform
  • f527cff23 fix: allow HostnameConfig to be used with incomplete machine config
  • 10918136c fix: lock down etcd listen address to IPv4 localhost
  • 9f8d938db fix: print talosctl images to release notes
  • 95433c167 fix: update VIP config example
  • 919394fee feat: update Go to 1.25.6
  • 7ea2ef7cf release(v1.12.1): prepare release
  • 78a785604 chore: run rekres and update dependencies
  • c31067173 fix: disable swap for system services
  • a7e8426cf test: skip the source bundle on exact tag
  • 943984167 fix: probe small images correctly
  • 42df71637 fix: invalid versions check in talos-bundle
  • a3e90e445 fix: make upgrade work with SELinux enforcing=1
  • ac91ade2c release(v1.12.0): prepare release
  • 82553b2a1 fix: mount volume mount/unmount race
  • 33f6e22ec fix: bond setting change detection
  • d5be50ac5 docs: split talosctl commands into groups
  • 70d3ab9ac feat: update Kubernetes to 1.35.0
  • 101814d88 feat: update etcd 3.6.7, CoreDNS 1.13.2
  • ce286825a fix: drop the Omni API URL check on IP address
  • 96f724adc feat: enable Powercap and Intel RAPL
  • e195427c1 docs: fix the talosctl cluster create help output
  • e025355b7 feat(talosctl): support running qemu x86 on Mac
  • 21a914a1d fix: exclude new Virtual IPs configured with new config
  • ca645777d fix: provide json support in nft binary
  • 6dd0558a3 feat: sync pkgs
  • c931847cc feat: update containerd to v2.1.6
  • a2a77004d release(v1.12.0-rc.1): prepare release
  • 47198780b fix: bond configuration with new settings
  • 03a424bdf fix: disable kexec on arm64
  • 688fb789b feat: add Secure Boot to CloudStack platform config
  • 66e67fd13 fix: discard better klog message from Kubernetes client
  • d8403498c fix: disable kexec in talosctl cluster create on arm64
  • 5ced4258c fix: do not override DNS on MacOS
  • fabf3f0e7 fix: selection of boot entry
  • 93cec4b9d fix: update CNI plugins to 1.9.0
  • 964098d96 fix: update KubeSpan MSS clamping
  • bce04084d feat: rename image default and source bundle
  • d1abc0f84 chore: update pkgs
  • 061307687 release(v1.12.0-rc.0): prepare release
  • bc4de5b79 fix: constants file
  • 4a15763a9 docs: update release notes
  • 297336549 fix: correct condition to use UKI cmdline in GRUB
  • 0ac58929d docs: drop machine.network example
  • 184a45c40 test: bird2 extension
  • 8eac9f37d docs: add omni join token example to create qemu command
  • e79a94d57 fix: adapt SELinuxSuite.TestNoPtrace to new strace version
  • 7a1bb4c26 fix: mark secureboot as supported for metal
  • 5c6ee6ace fix: clear provisioning data on SideroLink config change
  • 2e6fe4684 feat: update Linux to 6.18.0
  • 473bc17c1 feat: update Kubernetes to 1.35.0-rc.0
  • 6dc8e82b3 fix: add a timeout for DNS resolving for NTP
  • a7dbbbd4d fix: don't disable LACP by default
  • 3ca342c09 chore: fix longhorn test
  • 364ebb6ba fix: selection of boot entry
  • aa286d3f6 feat: update Kubernetes to 1.35.0-beta.0
  • f4891eebb feat: implement logs persistence
  • c9a4f95b4 release(v1.12.0-beta.1): prepare release
  • d321d7da0 chore: correct condition for running k8s integration tests
  • 736f32a80 chore: disable k8s integration tests for 1GiB worker nodes
  • d9de616c4 chore(ci): skip multipath extension tests
  • 57d6683cd chore: update pkgs and tools version
  • 949323ab5 feat: present kernel log as talosctl logs kernel
  • 7531fcbc7 test: fix flaky LinkSpec/Wireguard test
  • 1dbc64d69 fix: simplify OOM expression
  • 0ffb1d857 fix: trim trailing dots from certificate SANs
  • 9a2f6d9c9 fix: support specifying patch file without '@' symbol
  • 582b0feab fix: assign value of multicast setting properly
  • 16aa6ac47 feat: update etcd to 3.6.6
  • 4396f09c8 docs: add API Server Cipher Suites changelog
  • fdf6fe8e6 feat: update TLS cipher suites for API server
  • 139cce3b4 fix: add CA subject to generated certificate
  • 9b294af22 feat: generate mirrors patch
  • 15465f0c5 fix: add more resilient move
  • b4147e3a1 feat: extend flags of cache-cert-gen
  • 72d3d1c9f chore: remove spammy 'clean up unused volumes' logs
  • d6c78de84 feat: support TALOS_HOME env var
  • 4040e0814 feat: implement multicast setting
  • eb636dc1f feat: add multicast to linkconfig
  • e34e458c4 feat: update dependencies
  • 36152d278 fix: add riscv64 talosctl to release artifacts
  • aebbbaf27 feat: support relative voume size
  • 3d997d742 release(v1.12.0-beta.0): prepare release
  • e62384ba3 fix: re-creating STATE after partition drop
  • 6919d232a docs: update kernel args size
  • 887b296dc test: randomize MAC addresses used in the unit-tests
  • 6063fbf91 feat: update dependencies
  • 542a67a06 feat: add riscv64 build of talosctl
  • 68560b53a fix: split volume/disk locators
  • 2c3d30e94 docs: fix image-cache-path flag description
  • 93f2e87c2 feat: shorthand for generating secrets to stdout
  • 5e1de0035 feat: implement time and resolvers multi-doc configuration
  • 399240be3 feat: drop partitions on reset with system partitions wipe
  • 5cca96655 feat: add new rockchip sbcs
  • 00fe50d86 fix: uefi bootorder setting
  • 3a881184b chore: improve error handling for system disk reset
  • 859194e67 chore: extract system+user volume config transformers, test
  • 308c6bc41 feat: add full disk volumes
  • 82ac1119e feat: implement new registry configuration
  • 106f45799 feat: update Linux kernel with userfaultfd/VDPA
  • 721a1e0d7 chore: rename+improve client.ErrEventNotSupported
  • 43f4e317f fix: race between VolumeConfigController and UserVolumeConfigController
  • 66c01a706 chore: deprecate interactive installer mode
  • 957770f65 feat(machined): add panic/force mode reboot
  • 60be0daf8 feat: implement multi-doc Wireguard config
  • cf014cb5d fix: only set default bootloader if none is set
  • e9b016f80 fix: use strict platform match when pulling images
  • fafab391b feat: update Kubernetes to 1.35.0-alpha.3
  • 7bf3aaca9 feat: allow glibc aarch64 so files in extensions
  • c8561ee2d feat: implement bridge multi-document config
  • f4ad3077b feat: implement bond multi-doc configuration
  • 75fe47582 fix: stop attaching to tearing down mount parents
  • c93a9c6b4 fix: improve OOM controller stability and make test strict on false positives
  • 021bbfefb feat: update Go 1.25.4, containerd 2.1.5
  • e25db484f test: disable parallelism in Longhorn tests
  • 54b93aff0 feat: update Linux 6.17.7, runc 1.3.3
  • 2af69ff35 fix: provide minimal platform metadata always
  • 92eeaa482 fix: update YAML library
  • aa24da9aa fix: bump kubelet credendial provider config to v1
  • 335f91761 feat: add short -c flag for --cluster
  • 4c095281b fix: set a timeout for SideroLink provision API call
  • 75e4c4a59 fix: log duplication on log senders
  • e3cbc92c0 fix: add video kernel module to arm
  • d69305a67 fix: userspace wireguard handling
  • ee5fee7c8 fix: image-signer commands
  • be028b67a feat: add support for multi-doc VLAN config
  • f3df0f80b feat: add directory backed UserVolumes
  • 0327e7790 feat: add support for dashboard custom console parameter
  • fed948b8a release(v1.12.0-alpha.2): prepare release
  • fb4bfe851 chore: fix LVM test
  • f4ee0d112 chore: disable VIP operator test
  • 288f63872 feat: bump deps
  • b66482c52 feat: allow disabling injection of extra cmdline in cluster create
  • 704b5f99e feat: update Kubernetes to 1.35.0-alpha.2
  • 1dffa5d99 feat: implement virtual IP operator config
  • 43b1d7537 fix: validate provisioner when destroying local clusters
  • b494c54c8 fix: talos import on non-linux
  • 61e95cb4b feat: support bootloader option for ISO
  • d11072726 fix: provide offset for partitions in discovered volumes
  • 39eeae963 feat: update dependencies
  • 9890a9a31 test: fix OOM test
  • c0772b8ed feat: add airgapped mode to QEMU backed talos
  • ac60a9e27 fix: update test for PCI driver rebind/IOMMU
  • 6c98f4cdb feat: implement new DHCP network configuration
  • da92a756d fix: drop 'ro' falg from defaults
  • 28fd2390c fix: imager build on arm64
  • 4e12df8c5 test: integration test for OOM controller
  • 7e498faba feat: use image signer
  • eccb21dd3 feat: add presets to the 'cluster create qemu' command
  • ec0a813fa feat: unify cmdline handling GRUB/systemd-boot
  • 37e4c40c6 fix: skip module signature tests on docker provisioner only
  • 8124efb42 fix: cache e2e
  • 4adcda0f5 fix: reserve the apid and trustd ports from the ephemeral port range
  • ced57b047 feat: support optionally disabling module sig verification
  • 1e5c4ed64 fix: build talosctl image cache-serve non-linux
  • dbdd2b237 feat: add static registry to talosctl
  • 77d8cc7c5 chore: push latest tag only on main
  • 59d9b1c75 feat: update dependencies
  • bf6ad5171 feat: add back install script
  • da451c5ba chore: drop documentation except for fresh reference
  • 2f23fedeb fix: file leak in reading cgroups
  • b412ffdbc docs: update README.md for docs link
  • 8dc51bae7 feat: add drm_gpuvm and drm_gpusvm_helper modules
  • 4ca58aeb8 fix: make Akamai platform usable
  • 061f8e76f feat: bump pkgs
  • a9fa852da feat: update uefi image to talos linux logo
  • 04753ba69 feat: update go to 1.25.2
  • 9a42b05bd feat: implement link aliasing
  • d732bd0be chore(ci): run only nvidia tests for NVIDIA workflows
  • 8d1468209 fix: stop populating apiserver cert SANs
  • 02473244c fix: wait for mount status to be proper mode
  • 825622d90 fix: resource proto definitions
  • 2c6003e79 docs: add Project Calico installation in two mode
  • 4fb4c8678 feat: add disk.EnableUUID to generated ova
  • 33fb48f8f fix: add dashboard spinner
  • 053fd0bd4 feat: update Linux to 6.17
  • 34e107e1b docs: fix broken link
  • dfbece56b docs: update the kubespan docs
  • 8b041a72c docs: update scaleway.md
  • 435dcbf82 fix: provide nocloud metadata with missing network config
  • ec3bd878f refactor: remove the go-blockdevice v1 completely
  • 33544bde9 fix: minor improvements to fs
  • fd2eebf7f feat: create merge patch from diff of two machine configs
  • eadbdda94 fix: uefi boot order setting
  • cd9fb2743 fix: support secure HTTP proxy with gRPC dial
  • adf87b4b9 feat: update Flannel to v0.27.4
  • 5dfb7e1fe feat: serve etcd image from registry.k8s.io
  • 5ca841804 fix: nftables flaky test
  • a940e45a7 feat: generate list of images required to build talos
  • 3472d6e79 fix: revert "chore: use new mount/v3 package in efivarfs"
  • 42c0bdbf3 feat: add provisioner flag to images default command
  • 6bc0b1bcf feat: drop and lock deprecated features
  • 362a8e63b fix: change the compression format
  • 6e58f58aa fix: mkdir artifacts path
  • 3165a2b84 release(v1.12.0-alpha.1): prepare release
  • e455c7ea9 chore: use testing/synctest in tests
  • 7f048e962 feat: update dependencies
  • fe36b3d32 fix: stop returning EINVAL on remount of detached mounts
  • c6279e04c chore: use new mount/v3 package in efivarfs
  • d5197effb feat: update etcd 3.6.5, CoreDNS 1.12.4
  • 33714b715 feat: release cloud image using factory
  • d10a2747e docs: deprecate JSON6902 patches and interactive installer
  • 1e604cbf5 fix: don't set broadcast for /31 and /32 addresses
  • 65a66097a refactor: split cluster create logic into smaller parts
  • ab847310e fix: provide refreshing CA pool (resolvers)
  • d63c3ed7d docs: update secureboot docs
  • 493f7ed9d feat: support embedded config
  • 251df70f6 feat: add a userspace OOM controller
  • 7bae5b40b feat: implement link configuration
  • 724857dec fix(ci): skip netbird extension for tests
  • e06a08698 fix: default gateway as string
  • 7ed07412e fix: uefi boot entry handling logic
  • ea4ed165a refactor: efivarfs mock and tests
  • 1fca111e2 feat: support setting wake-on-lan for Ethernet
  • 94f78dbe7 docs: add a documentation for running Talos in KVM
  • 46902f8fd docs: add TrueFullstaq to adopters
  • a28e5cbd5 chore: update pkgs and tools
  • 7cf403db8 docs: step-by-step scaleway documentation to get an image
  • 687285fa2 docs: remove 'curl' in wget command
  • 9db6dc06c feat: stop mounting state partition
  • 53ce93aae test: try to clear connection refused more aggressively
  • 51db5279c fix: bump trustd memory limit
  • 25204dc8a fix(machined): change constants.MinimumGOAMD64Level using build tag
  • 9cd2d794d feat: ship nft binary with Talos rootfs
  • b1416c9fe feat: record last log the failed service
  • 0b129f9ef feat: enforce more KSPP and hardening sysctls
  • 11872643c chore: drop docs folder
  • d30fdcd88 chore: pass in github token to imager
  • b88f27d80 chore: make reset test code a bit better
  • 1cde53d01 test: fix several issues with tests
  • 16cd127a0 docs: add docs on updating image cache
  • c3ae92b14 fix: build kernel checks only on linux
  • 2120904ec feat: create detached tmpfs
  • 6bbee6de5 docs: remove 'ceph-data' from volume examples/docs
  • 07acb3bd2 fix: use correct order to determine SideroV1 keys directory path
  • 2d57fa002 fix: trim zero bytes in the DHCP host & domain response
  • 451cb5f78 docs: clarify disk partition confusion
  • a2122ee5c feat: implement HostConfig multi-doc
  • 69ab076b4 fix: re-create cgroups when restarting runners
  • 297b5cc28 docs: add docs on node labels
  • e168512dd fix: apply 'ro' flag to iso9660 filesystems
  • 7f7acfbb9 docs: fix typo in doc
  • d57882b18 feat: update Kubernetes to 1.34.1
  • f85f82f32 test: fix flakiness in RawVolumes test
  • 82569e319 feat: update Linux 6.16.6
  • 2fd2ab4e4 fix: remove CoreDNS cpu limit
  • ce9bc32a0 chore(ci): rekres to use new runner groups
  • 8b64f68f6 test: improve test stability
  • 272cb860d chore: drop the --input-dir flag from the cluster create command
  • 1b6533675 docs: add note about ca-signed certs for secureboot
  • d3f88f50c docs: document talos vip failover behavior
  • 005fc8bd5 docs: add docs on syncing configs after a kube upgrade
  • 4d876d9af feat: update Go to 1.25.1
  • 2b556cd22 feat: implement multi-doc StaticHostConfig
  • a7b776842 docs: replace Raspberry Pi 5 links with Talos builder
  • a349b20ed docs: clarify that talos does not support intermediate ca
  • 895133de9 feat: support configuring PCR states to bind disk encryption
  • c1360103b docs: fix command for uploading image on Hetzner
  • 43b5b9d89 fix: correctly handle status-code 204
  • feeb0d312 feat: update runc to 1.3.1
  • 421634a14 docs: add docs on multihoming
  • 41af2d230 refactor: clean up internal cluster creation code
  • 3000d9e43 fix: don't bootstrap talos cluster if there's no config present
  • 79cb871d0 feat: use the id of the volume in the mapped luks2 name
  • 6c322710d chore: refactor mount package
  • ced7186e2 refactor: update COSI to 1.11.0
  • de2e24fcd docs: clarify that install-cni image is deprecated
  • bef8ef509 docs: add docs on cilium's compatibility with kubespan
  • e5acb10fc feat: update pkgs
  • c4c1daf0e docs: add info about br_netfilter
  • 5c52ecac3 docs: clarify interactive dashboard resolution control
  • 15ecb02a4 feat: update Linux kernel (memcg_v1, ublk)
  • 53f18c2f6 fix: enable support for VMWare arm64
  • 3bbe1c0da docs: add docs on grow flag
  • b9fb09dcd release(v1.12.0-alpha.0): prepare release
  • 6a389cad3 chore: update dependencies
  • 9d98c2e89 feat: add a cgroup preset for PSI and --skip-cri-resolve
  • 072f77b16 chore: prepare for future Talos 1.12-alpha.0 release
  • 96f41ce88 docs: update qemu and docker docs
  • a751cd6b7 docs: activate Talos v1.11 docs by default
  • e8f1ec1c5 docs: fix broken create qemu command v1.11 docs
  • 639f0dfdd feat: update Linux to 6.16.4
  • 8aa7b3933 fix: bring back linux/armv7 build and update xz
  • 9cae7ba6b feat: update CoreDNS to 1.12.3
  • cfef3ad45 fix: drop linux/armv7 build
  • 42ea2ac50 fix: update xz module (security)
  • 4fcfd35b9 docs: fix module name example
  • 50824599a chore: update some tools
  • bcd297490 feat: allow Ed25119 in FIPS mode
  • 5992138bb test: ignore one leaking goroutine
  • d155326c1 docs: add sbc unofficial ports docs
  • 285fa7d22 docs: add the deploy application docs
  • 527791f09 feat: update Kubernetes to 1.34.0
  • a1c0e237d feat: update Linux to 6.15.11, Go to 1.25
  • 4d7fc25f8 docs: switch order of wipe disk command
  • 7368a994d feat: add SOCKS5 proxy support to dynamic proxy dialer
  • d63591069 chore: silence linter warnings
  • 07eb4d7ec fix: set default ram unit to MiB instead of MB
  • 6b732adc4 feat: update Linux to 6.12.43
  • b6410914f feat: add human readable byte size cli flags
  • ec70cef99 feat: update NVIDIA drivers and kernel
  • 0879efa69 feat: update Kubernetes default to v1.34.0-rc.2
  • f504639df feat: add a user-facing create qemu command
  • 558e0b09a test: fix the Image Factory PXE boot test
  • d73f0a2e5 docs: make readme badges consistent
  • f1369af98 chore: use new filesystem api on STATE partition
  • 366cedbe7 docs: link to kubernetes linux swap tuning
  • 2f5a16f5e fix: make --with-uuid-hostnames functionality available to qemu provider
  • 70612c1f9 refactor: split the PlatformConfigController
  • 511748339 docs: add system extension tier documentation
  • 009fb1540 test: don't run nvidia tests on integration/aws
  • 99674ef20 docs: apply fixes for what is new
  • 92db677b5 fix: image cache lockup on a missing volume
  • 9c97ed886 fix: version contract parsing in encryption keys handling
  • 1fc670a08 fix: dial with proxy
  • 18447d0af feat: update Linux to 6.12.41
  • f65f39b78 fix: provide mitigation CVE-1999-0524
  • 8817cc60c fix: actually use SIDEROV1_KEYS_DIR env var if it's provided
  • b08b20a10 feat: use key provider with fallback option for auth type SideroV1
  • 7a52d7489 fix: kubernetes upgrade options for kubelet
  • ea8289f55 feat: add a user facing docker command
  • 54ad64765 chore: re-enable vulncheck
  • 26bbddea9 fix: darwin build
  • b5d5ef79e fix: set secs field in DHCPv4 packets
  • c07911933 chore: refactor how tools are being installed
  • 34f25815c docs: fork docs for v1.12
  • b66b995d3 feat: update default Kubernetes to v1.34.0-rc.1
  • b967c587d docs: fix clone URL to include .git
  • b72c68398 docs: edit the insecure, etcd-metrics, inline and extramanifests
  • e5b9c1fff docs: remov RAS Syndrome
  • 701fe774b docs: fix cilium links and bump to 1.18.0
  • d306713a1 feat: update Go to 1.24.6
  • 721595a00 chore: add deadcode elimination linter
  • dc4865915 refactor: stop using text/template in machined code paths
  • 545be55ed feat: add a pause function to dashboard
  • 06a6c0fe3 refactor: fix deadcode elimination with godbus
  • 2dce8f8d4 refactor: replace containerd/containerd/v2 module for proper DCE
  • 9b11d8608 chore: rekres to configure slack notify workflow for CI failures
  • 5ce6a660f docs: augment the pod security docs
  • ada51ff69 fix: unmarshal encryption STATE from META
  • b9e9b2e07 docs: add what is new notes for 1.11
  • 53055bdf4 docs: fix typo in kubevirt page
  • 8d12db480 fix: one more attempt to fix volume mount race on restart
  • 34d37a268 chore: rekres to use correct slack channel for slack-notify
  • 326a00538 feat: implement talos.config.early command line arg
  • a5f3000f2 feat: implement encryption locking to STATE
  • c1e65a342 docs: remove talos API flags from mgmt commands
  • 181d0bbf5 feat: bootedentry resource
  • 7ad439ac3 fix: enforce minimum size on user volumes if not set explicitly
  • 50e37aefd fix: live reload of TLS client config for discovery client
  • 87efd75ef feat: update containerd to 2.1.4
  • 724b9de6d feat: add F71808E watchdog driver
  • 8af96f7af docs: add ETCD downgrade documentation
  • 44edd205d docs: add remark about 'exclude-from-external-load-balancers' label
  • 727101926 fix(ci): use a random suffix for ami names
  • d621ce372 fix: grype scan
  • d62e255c2 fix: issues with reading GPT
  • 5d0883e14 feat: update PCI DB module to v0.3.2
  • 3751c8ccf test: wait for service account test job longer
  • a592eb9f9 feat: update Linux to 6.12.40
  • 4c40e6d3f feat: update etcd to 3.6.4
  • 2bc37bd2c docs: fix error in kernel module guide
  • bfc57fb86 chore: tag aws snapshots created via ci with the image name
  • 06ef7108a fix: issue with volume remount on service restart
  • 03efbff18 docs: add SBOM documentation
  • af8a2869d fix: do not download artifacts for cron Grype scan
  • 5f442159b feat: unify disk encryption configuration
  • 38e176e59 chore(ci): fix datasource versioning
  • 85d6b9198 feat: update etcd to v3.5.22
  • dd7bd2dab docs: rewrite the getting started and prod docs for v1.10 and v1.11
  • 136a899aa chore: regenerate release step with signing fixes
  • 450b30d5a chore(ci): add more nvidia test matrix
  • 451c2c4c3 test: add talosctl:latest to the image cache

Dependency Changes

  • github.com/bougou/go-ipmi v0.7.8 -> v0.8.1
  • github.com/cosi-project/runtime v1.12.0 -> v1.13.0
  • github.com/klauspost/compress v1.18.1 -> v1.18.3
  • github.com/planetscale/vtprotobuf 79df5c4772f2 -> ba97887b0a25
  • github.com/siderolabs/image-factory v0.8.4 -> v0.9.0
  • github.com/siderolabs/omni/client v1.3.2 -> v1.4.7
  • github.com/siderolabs/talos v1.11.5 -> v1.12.2
  • github.com/siderolabs/talos/pkg/machinery v1.12.0-beta.0 -> v1.13.0-alpha.0
  • github.com/spf13/cobra v1.10.1 -> v1.10.2
  • go.uber.org/zap v1.27.0 -> v1.27.1
  • golang.org/x/net v0.47.0 -> v0.49.0
  • golang.org/x/sync v0.18.0 -> v0.19.0
  • google.golang.org/grpc v1.76.0 -> v1.78.0
  • google.golang.org/protobuf v1.36.10 -> v1.36.11

Previous release can be found at v0.7.1

omni-infra-provider-bare-metal 0.7.1 (2025-12-02)

Welcome to the v0.7.1 release of omni-infra-provider-bare-metal!

Please try out the release binaries and report any issues at https://github.com/siderolabs/omni-infra-provider-bare-metal/issues.

Contributors

  • Utku Ozdemir

Changes

1 commit

  • 821b331 fix: always include the extra config docs in machine config

Dependency Changes

This release has no dependency changes

Previous release can be found at v0.7.0

omni-infra-provider-bare-metal 0.7.0 (2025-11-17)

Welcome to the v0.7.0 release of omni-infra-provider-bare-metal!

Please try out the release binaries and report any issues at https://github.com/siderolabs/omni-infra-provider-bare-metal/issues.

Contributors

  • Andrey Smirnov
  • Mateusz Urbanek
  • Noel Georgi
  • Utku Ozdemir
  • Justin Garrison
  • Laura Brehm

Changes

2 commits

  • 61f2a5d chore: rekres, bump deps
  • f303b3f feat: allow providing additional config documents from config endpoint

Changes from siderolabs/gen

1 commit

  • 4c7388b chore: update Go modules, replace YAML library

Changes from siderolabs/talos

15 commits

  • bc34de6e1 release(v1.11.5): prepare release
  • 3945c6c8f feat: update containerd to 2.1.5
  • 8aec37684 release(v1.11.4): prepare release
  • 9c27f9e62 fix: race between VolumeConfigController and UserVolumeConfigController
  • ac27129b1 fix: provide minimal platform metadata always
  • 19463323e fix: image-signer commands
  • 62aa09644 chore: update dependencies
  • 075f9ef22 fix: userspace wireguard handling
  • 35b97016c fix: log duplication on log senders
  • d00754e35 fix: add video kernel module to arm
  • 89bca7590 fix: set a timeout for SideroLink provision API call
  • 23b21eb90 fix: imager build on arm64
  • 2a4f1771c feat: use image signer
  • e043e1bc0 chore: push latest tag only on main
  • 8edddafcd fix: reserve the apid and trustd ports from the ephemeral port range

Dependency Changes

  • github.com/cosi-project/runtime v1.11.0 -> v1.12.0
  • github.com/grpc-ecosystem/go-grpc-middleware/v2 v2.3.2 -> v2.3.3
  • github.com/insomniacslk/dhcp da879a2c3546 -> 175e84fbb167
  • github.com/klauspost/compress v1.18.0 -> v1.18.1
  • github.com/siderolabs/gen v0.8.5 -> v0.8.6
  • github.com/siderolabs/omni/client v1.2.1 -> v1.3.2
  • github.com/siderolabs/talos v1.11.3 -> v1.11.5
  • github.com/siderolabs/talos/pkg/machinery v1.11.3 -> v1.12.0-beta.0
  • golang.org/x/net v0.46.0 -> v0.47.0
  • golang.org/x/sync v0.17.0 -> v0.18.0

Previous release can be found at v0.6.0

omni-infra-provider-bare-metal 0.6.0 (2025-11-07)

Welcome to the v0.6.0 release of omni-infra-provider-bare-metal!

Please try out the release binaries and report any issues at https://github.com/siderolabs/omni-infra-provider-bare-metal/issues.

Contributors

  • Utku Ozdemir

Changes

1 commit

  • 9c50645 feat: allow specifying a custom DHCP proxy port

Dependency Changes

This release has no dependency changes

Previous release can be found at v0.5.0

omni-infra-provider-bare-metal 0.5.0 (2025-10-17)

Welcome to the v0.5.0 release of omni-infra-provider-bare-metal!

Please try out the release binaries and report any issues at https://github.com/siderolabs/omni-infra-provider-bare-metal/issues.

Contributors

  • Andrey Smirnov
  • Mateusz Urbanek
  • Noel Georgi
  • Dmitrii Sharshakov
  • Oguz Kilcan
  • Utku Ozdemir
  • Alp Celik
  • Amarachi Iheanacho
  • Andrew Longwill
  • Chris Sanders
  • Grzegorz Rozniecki
  • Markus Freitag
  • Olivier Doucet
  • Orzelius
  • Serge Logvinov

Changes

3 commits

  • 4e7f89b chore: bump Talos version to 1.11.3, make integration tests parallel
  • e53367e chore: rekres, bump deps
  • 5bca2eb refactor: adapt to new QTransform controllers

Changes from siderolabs/crypto

2 commits

  • 4154a77 feat: implement dynamic certificate reloader
  • dae07fa chore: update to Go 1.25

Changes from siderolabs/image-factory

20 commits

  • a3a7661 release(v0.8.4): prepare release
  • 075aa3f fix: update Talos to 1.11.1
  • 02723cd fix: translation ID
  • 94c6df1 release(v0.8.3): prepare release
  • 7254abf fix: disable redirects to PXE
  • 251aee0 release(v0.8.2): prepare release
  • 418eebb fix: don't filter out rc versions
  • 57ad419 release(v0.8.1): prepare release
  • 6392086 fix: prevent failure on cache.Get
  • a1e3707 feat: add fallback if S3 is missbehaving
  • 9760ab0 release(v0.8.0): prepare release
  • 7c6d261 fix: set content-disposition on S3
  • f3e97df docs(image-factory): add info about S3 cache and CDN
  • d25e7ac fix: add extra context to logs from s3 cache
  • a3a0dff fix: add optional region to S3 client
  • a9e2d08 feat: add support for Object Storage and CDN cache
  • b8bfc19 docs: add air-gapped documentation
  • f8b4ef0 docs: add new translation
  • 0c83228 release(v0.7.6): prepare release
  • 6f409ec fix: drop extractParams function

Changes from siderolabs/talos

92 commits

  • a0243ef77 release(v1.11.3): prepare release
  • 560241c00 fix: make Akamai platform usable
  • 1b23cad61 fix: cherry-pick of commit 0fbb0b0 from #11959
  • 876719a92 fix: cherry-pick of commit cd9fb27 from #11943
  • 9a30ab6f5 feat: bump go, kernel and runc
  • 0fbb0b028 fix: provide nocloud metadata with missing network config
  • 0dad32819 feat: update Flannel to v0.27.4
  • 49182b386 fix: support secure HTTP proxy with gRPC dial
  • a460f5726 feat: update etcd 3.6.5, CoreDNS 1.12.4
  • 48ee8581b fix: don't set broadcast for /31 and /32 addresses
  • 7668c52dd fix: provide refreshing CA pool (resolvers)
  • 511b4d2e8 release(v1.11.2): prepare release
  • ac452574e fix: default gateway as string
  • 7cec0e042 fix: uefi boot entry handling logic
  • 637154ed2 docs: drop invalid v1.12 docs
  • a6d2f65a6 chore(ci): rekres to use new runner groups
  • cd82ee204 refactor: efivarfs mock and tests
  • 996d97de6 chore: update pkgs
  • bbf860c5c docs: update component updates
  • 24c1bcecf fix: bump trustd memory limit
  • 56d6d6f75 chore: pass in github token to imager
  • 682df89d7 fix: use correct order to determine SideroV1 keys directory path
  • a838881fa fix: trim zero bytes in the DHCP host & domain response
  • 9c962ae9c fix: re-create cgroups when restarting runners
  • de243f9ae test: fix flakiness in RawVolumes test
  • ec8fde596 feat: update Kubernetes to 1.34.1
  • 797897dfb test: improve test stability
  • 98273666e feat: update runc to 1.3.1
  • 8e85c8362 release(v1.11.1): prepare release
  • ff8644cd2 fix: correctly handle status-code 204
  • 7d5fe2d0f feat: update Linux kernel (memcg_v1, ublk)
  • 9e310a9dd fix: enable support for VMWare arm64
  • f7620f028 feat: update CoreDNS to 1.12.3
  • 01bf2f6f9 feat: add SOCKS5 proxy support to dynamic proxy dialer
  • 8a578bc4a feat: update Linux to 6.12.45
  • d9d89a3a8 release(v1.11.0): prepare release
  • 364b48690 feat: update pkgs/tools for pcre2 10.46
  • be70ea03f feat: update pkgs for NVIDIA prod 570.172.08
  • a5f80b4fe fix: bring back linux/armv7 build and update xz
  • 751dae432 fix: drop linux/armv7 build
  • 8cbd75320 fix: update xz module (security)
  • 803ed1ef9 feat: update Kubernetes to 1.34.0
  • a80898da9 feat: update Linux to 6.12.43
  • 30c14aa71 feat: update Kubernetes default to v1.34.0-rc.2
  • ed7d8cbac docs: link to kubernetes linux swap tuning
  • 1ee82120e docs: apply fixes for what is new
  • 36102eae1 release(v1.11.0-rc.0): prepare release
  • 0f22913d9 fix: image cache lockup on a missing volume
  • 46cf25c7c feat: update Linux to 6.12.41
  • 62f6c97fe fix: provide mitigation CVE-1999-0524
  • 350319063 fix: actually use SIDEROV1_KEYS_DIR env var if it's provided
  • 430a27dc2 fix: kubernetes upgrade options for kubelet
  • e3a9097c4 fix: set secs field in DHCPv4 packets
  • babddd0e4 fix: dial with proxy
  • 23efda4db feat: use key provider with fallback option for auth type SideroV1
  • e2a5a9b3f chore: re-enable vulncheck
  • f5d700a0c release(v1.11.0-beta.2): prepare release
  • 6186d1821 chore: disable vulncheck temporarily
  • e4a2a8d9c feat: update default Kubernetes to v1.34.0-rc.1
  • 4c4236d7e feat: update Go to 1.24.6
  • a01a390f6 chore: add deadcode elimination linter
  • 49fad0ede feat: add a pause function to dashboard
  • 21e8e9dc9 refactor: replace containerd/containerd/v2 module for proper DCE
  • bbd01b6b7 refactor: fix deadcode elimination with godbus
  • e8d9c81cc refactor: stop using text/template in machined code paths
  • 85589662a fix: unmarshal encryption STATE from META
  • f10a626d2 docs: add what is new notes for 1.11
  • 5a15ce88b release(v1.11.0-beta.1): prepare release
  • 614ca2e22 fix: one more attempt to fix volume mount race on restart
  • 4b86dfe6f feat: implement encryption locking to STATE
  • 8ae76c320 feat: implement talos.config.early command line arg
  • 19f8c605e docs: remove talos API flags from mgmt commands
  • fa1d6fef8 feat: bootedentry resource
  • 7dee810d4 fix: live reload of TLS client config for discovery client
  • a5dc22466 fix: enforce minimum size on user volumes if not set explicitly
  • 7836e924d feat: update containerd to 2.1.4
  • 5012550ec feat: add F71808E watchdog driver
  • 10ddc4cdd fix: grype scan
  • d108e0a08 fix(ci): use a random suffix for ami names
  • 504225546 fix: issues with reading GPT
  • bdaf08dd4 feat: update PCI DB module to v0.3.2
  • 667dcebec test: wait for service account test job longer
  • ae176a4b7 feat: update etcd to 3.6.4
  • 201b6801f fix: issue with volume remount on service restart
  • 2a911402b chore: tag aws snapshots created via ci with the image name
  • d8bd84b56 docs: add SBOM documentation
  • 7eec61993 feat: unify disk encryption configuration
  • 4ff2bf9e0 feat: update etcd to v3.5.22
  • 31a67d379 fix: do not download artifacts for cron Grype scan
  • c6b6e0bb3 docs: rewrite the getting started and prod docs for v1.10 and v1.11
  • ca1c656e6 chore(ci): add more nvidia test matrix
  • 7a2e0f068 feat: sync pkgs, update Linux to 6.12.40

Dependency Changes

  • github.com/bougou/go-ipmi v0.7.7 -> v0.7.8
  • github.com/cosi-project/runtime v1.10.7 -> v1.11.0
  • github.com/insomniacslk/dhcp 5f8cf70e8c5f -> da879a2c3546
  • github.com/pin/tftp/v3 v3.1.0 -> 17016b3c2849
  • github.com/siderolabs/crypto v0.6.3 -> v0.6.4
  • github.com/siderolabs/image-factory v0.7.5 -> v0.8.4
  • github.com/siderolabs/omni/client da3f28f6b1f0 -> v1.2.1
  • github.com/siderolabs/talos v1.11.0-beta.0 -> v1.11.3
  • github.com/siderolabs/talos/pkg/machinery v1.11.0-beta.0 -> v1.11.3
  • github.com/spf13/cobra v1.9.1 -> v1.10.1
  • github.com/stretchr/testify v1.10.0 -> v1.11.1
  • golang.org/x/net v0.42.0 -> v0.46.0
  • golang.org/x/sync v0.16.0 -> v0.17.0
  • google.golang.org/grpc v1.74.2 -> v1.76.0
  • google.golang.org/protobuf v1.36.6 -> v1.36.10

Previous release can be found at v0.4.0