github/kairos
7
0
Fork 0
mirror of https://github.com/kairos-io/kairos.git synced 2025-02-09 05:18:51 +00:00
Code Issues Packages Projects Releases Wiki Activity

Use kairos-init (#3130)

Browse Source 
This uses Kairos init to build all images. X86, arm and UKI images are all build with init with a single docker file. Artifacts are then build from those, like isos or raw images

Also drops a bit of earthly ik the build process to directly build with docker and call aurora directly as well, so we have 1 less layer of complexity. Ideally with this, only docker is needed locally to generate final artifacts, upgrade images, raw images, UKI artifacts (EFI, upgrade and iso) and so on. Init + aurora substitutes the earthly pipeline for building.

Testing still relies on earthly for the ginkgo tests.


---------

Signed-off-by: Itxaka <itxaka@kairos.io>
This commit is contained in:
Itxaka 2025-02-06 15:56:04 +01:00 committed by GitHub
parent 297d841b42
commit a25810dacf
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
40 changed files with 441 additions and 3646 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
.github/workflows/image-master.yaml vendored
View File

@ -320,7 +320,7 @@ jobs:
flavorRelease:
- "leap-15.6"
standard:
uses: ./.github/workflows/reusable-build-provider.yaml
uses: ./.github/workflows/reusable-build-flavor.yaml
needs:
- core
permissions:

87
.github/workflows/image-pr.yaml vendored
View File

@ -38,7 +38,6 @@ jobs:
model: generic
variant: core
arch: amd64
core-ubuntu-24-lts:
uses: ./.github/workflows/reusable-build-flavor.yaml
secrets: inherit
@ -65,7 +64,6 @@ jobs:
model: generic
variant: core
arch: amd64
core-ubuntu-24-10:
uses: ./.github/workflows/reusable-build-flavor.yaml
secrets: inherit
@ -92,7 +90,6 @@ jobs:
model: generic
variant: core
arch: amd64
core-alpine:
uses: ./.github/workflows/reusable-build-flavor.yaml
secrets: inherit
@ -119,34 +116,6 @@ jobs:
model: generic
variant: core
arch: amd64
standard:
uses: ./.github/workflows/reusable-build-provider.yaml
secrets: inherit
permissions:
id-token: write # OIDC support
contents: write
security-events: write
actions: read
attestations: read
checks: read
deployments: read
discussions: read
issues: read
packages: read
pages: read
pull-requests: read
repository-projects: read
statuses: read
with:
flavor: opensuse
flavor_release: "leap-15.6"
family: opensuse
base_image: opensuse/leap:15.6
model: generic
variant: standard
arch: amd64
install:
uses: ./.github/workflows/reusable-install-test.yaml
secrets: inherit
@ -154,9 +123,9 @@ jobs:
flavor: ubuntu
flavor_release: "24.04"
secureboot: false
variant: core
needs:
- core-ubuntu-24-lts
install-target:
secrets: inherit
uses: ./.github/workflows/reusable-install-test-target.yaml
@ -164,9 +133,9 @@ jobs:
flavor: ubuntu
flavor_release: "24.04"
secureboot: false
variant: core
needs:
- core-ubuntu-24-lts
install-secureboot:
uses: ./.github/workflows/reusable-install-test.yaml
secrets: inherit
@ -174,72 +143,72 @@ jobs:
flavor: ubuntu
flavor_release: "24.04"
secureboot: true
variant: core
needs:
- core-ubuntu-24-lts
install-alpine:
uses: ./.github/workflows/reusable-install-test.yaml
secrets: inherit
with:
flavor: alpine
flavor_release: "3.19"
variant: core
needs:
- core-alpine
zfs:
uses: ./.github/workflows/reusable-zfs-test.yaml
secrets: inherit
with:
flavor: ubuntu
flavor_release: "22.04"
variant: core
needs:
- core-ubuntu-22-lts
acceptance:
uses: ./.github/workflows/reusable-qemu-acceptance-test.yaml
secrets: inherit
with:
flavor: ubuntu
flavor_release: "24.04"
variant: core
needs:
- core-ubuntu-24-lts
acceptance-alpine:
uses: ./.github/workflows/reusable-qemu-acceptance-test.yaml
secrets: inherit
with:
flavor: alpine
flavor_release: "3.19"
variant: core
needs:
- core-alpine
bundles:
uses: ./.github/workflows/reusable-qemu-bundles-test.yaml
secrets: inherit
with:
flavor: ubuntu
flavor_release: "24.04"
variant: core
needs:
- core-ubuntu-24-lts
reset:
uses: ./.github/workflows/reusable-qemu-reset-test.yaml
secrets: inherit
with:
flavor: ubuntu
flavor_release: "24.04"
variant: core
needs:
- core-ubuntu-24-lts
reset-alpine:
uses: ./.github/workflows/reusable-qemu-reset-test.yaml
secrets: inherit
with:
flavor: alpine
flavor_release: "3.19"
variant: core
needs:
- core-alpine
netboot:
uses: ./.github/workflows/reusable-qemu-netboot-test.yaml
secrets: inherit
@ -252,7 +221,6 @@ jobs:
variant: core
needs:
- core-ubuntu-24-lts
netboot-alpine:
uses: ./.github/workflows/reusable-qemu-netboot-test.yaml
secrets: inherit
@ -265,25 +233,26 @@ jobs:
variant: core
needs:
- core-alpine
upgrade:
uses: ./.github/workflows/reusable-upgrade-with-cli-test.yaml
secrets: inherit
with:
flavor: ubuntu
flavor_release: "24.04"
variant: core
arch: amd64
needs:
- core-ubuntu-24-lts
upgrade-alpine:
uses: ./.github/workflows/reusable-upgrade-with-cli-test.yaml
secrets: inherit
with:
flavor: alpine
flavor_release: "3.19"
variant: core
arch: amd64
needs:
- core-alpine
upgrade-latest:
uses: ./.github/workflows/reusable-upgrade-latest-test.yaml
secrets: inherit
@ -291,19 +260,11 @@ jobs:
flavor: ubuntu
flavor_release: "24.04"
family: "ubuntu"
variant: core
arch: amd64
# release_matcher: "23.10" # introduced so tests can be green while we wait for the kairos release with the latest flavor release
needs:
- core-ubuntu-24-lts
# enable once the first alpine only release is out as it currently cannot find the latest alpine release properly
# upgrade-latest-alpine:
# uses: ./.github/workflows/reusable-upgrade-latest-test.yaml
# with:
# flavor: alpine
# flavor_release: "3.19"
# needs:
# - core-alpine
custom-partitioning:
secrets: inherit
uses: ./.github/workflows/reusable-custom-partitioning-test.yaml
@ -323,17 +284,12 @@ jobs:
repository-projects: read
statuses: read
with:
flavor: ${{ matrix.flavor }}
flavor_release: ${{ matrix.flavorRelease }}
flavor: "ubuntu"
flavor_release: "24.04"
variant: core
needs:
- core-ubuntu-24-lts
strategy:
fail-fast: true
matrix:
flavor:
- "ubuntu"
flavorRelease:
- "24.04"
encryption:
secrets: inherit
uses: ./.github/workflows/reusable-encryption-test.yaml
@ -341,6 +297,7 @@ jobs:
flavor: ubuntu
flavor_release: "24.04"
label: ${{ matrix.label }}
variant: core
needs:
- core-ubuntu-24-lts
strategy:
@ -352,7 +309,6 @@ jobs:
- "remote-static"
- "remote-https-pinned"
- "remote-https-bad-cert"
encryption-alpine:
secrets: inherit
uses: ./.github/workflows/reusable-encryption-test.yaml
@ -360,6 +316,7 @@ jobs:
flavor: alpine
flavor_release: "3.19"
label: ${{ matrix.label }}
variant: core
needs:
- core-alpine
strategy:

202
.github/workflows/reusable-build-flavor.yaml vendored
View File

@ -35,199 +35,45 @@ jobs:
actions: read
security-events: write
steps:
- name: Release space from worker
run: |
echo "Listing top largest packages"
pkgs=$(dpkg-query -Wf '${Installed-Size}\t${Package}\t${Status}\n' | awk '$NF == "installed"{print $1 "\t" $2}' | sort -nr)
head -n 30 <<< "${pkgs}"
echo
df -h
echo
sudo apt-get remove -y '^llvm-.*|^libllvm.*' || true
sudo apt-get remove --auto-remove android-sdk-platform-tools || true
sudo apt-get purge --auto-remove android-sdk-platform-tools || true
sudo rm -rf /usr/local/lib/android
sudo apt-get remove -y '^dotnet-.*|^aspnetcore-.*' || true
sudo rm -rf /usr/share/dotnet
sudo apt-get remove -y '^mono-.*' || true
sudo apt-get remove -y '^ghc-.*' || true
sudo apt-get remove -y '.*jdk.*|.*jre.*' || true
sudo apt-get remove -y 'php.*' || true
sudo apt-get remove -y hhvm || true
sudo apt-get remove -y powershell || true
sudo apt-get remove -y firefox || true
sudo apt-get remove -y monodoc-manual || true
sudo apt-get remove -y msbuild || true
sudo apt-get remove -y microsoft-edge-stable || true
sudo apt-get remove -y '^google-.*' || true
sudo apt-get remove -y azure-cli || true
sudo apt-get remove -y '^mongo.*-.*|^postgresql-.*|^mysql-.*|^mssql-.*' || true
sudo apt-get remove -y '^gfortran-.*' || true
sudo apt-get remove -y '^gcc-*' || true
sudo apt-get remove -y '^g++-*' || true
sudo apt-get remove -y '^cpp-*' || true
sudo apt-get autoremove -y
sudo apt-get clean
echo
echo "Listing top largest packages"
pkgs=$(dpkg-query -Wf '${Installed-Size}\t${Package}\t${Status}\n' | awk '$NF == "installed"{print $1 "\t" $2}' | sort -nr)
head -n 30 <<< "${pkgs}"
echo
sudo rm -rfv build || true
df -h
- uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4
- run: |
git fetch --prune --unshallow
- name: Release space from worker
run: |
sudo rm -rf /usr/local/lib/android # will release about 10 GB if you don't need Android
sudo rm -rf /usr/share/dotnet # will release about 20GB if you don't need .NET
- name: Set up QEMU
uses: docker/setup-qemu-action@master
with:
platforms: all
- name: Set up Docker Buildx
id: buildx
uses: docker/setup-buildx-action@master
- name: Install Cosign
uses: sigstore/cosign-installer@main
- name: Login to Quay Registry
if: ${{ github.event_name == 'push' && github.ref == 'refs/heads/master' }}
run: echo ${{ secrets.QUAY_PASSWORD }} | docker login -u ${{ secrets.QUAY_USERNAME }} --password-stdin quay.io
- name: Install earthly
uses: Luet-lab/luet-install-action@cec77490c3f2416d7d07a47cfab04d448641d7ce # v1.1
with:
repository: quay.io/kairos/packages
packages: utils/earthly
- name: Block all traffic to metadata ip # For cloud runners, the metadata ip can interact with our test machines
- name: Set Version
run: |
sudo iptables -I INPUT -s 169.254.169.254 -j DROP
sudo iptables -I OUTPUT -d 169.254.169.254 -j DROP
- name: Login to earthly
echo "GIT_VERSION=$(git describe --always --tags --dirty)" >> $GITHUB_ENV
- name: Build container 🔧
uses: docker/build-push-action@v6
with:
context: .
file: images/Dockerfile
platforms: linux/amd64
load: true
tags: ${{ inputs.flavor }}-init:${{ inputs.flavor_release }}
build-args: |
BASE_IMAGE=${{ inputs.base_image }}
MODEL=${{ inputs.model }}
VARIANT=${{ inputs.variant }}
- name: Build iso 📦
run: |
earthly account login --token ${{ secrets.EARTHLY_TOKEN }} && earthly org select Kairos
- name: Build PR 🔧
if: ${{ github.event_name == 'pull_request' }}
run: |
earthly --platform=linux/${{ inputs.arch }} +ci \
--SECURITY_SCANS=false \
--VARIANT=${{ inputs.variant }} \
--FLAVOR=${{ inputs.flavor }} \
--FLAVOR_RELEASE=${{ inputs.flavor_release }} \
--BASE_IMAGE=${{ inputs.base_image }} \
--MODEL=${{ inputs.model }} \
--FAMILY=${{ inputs.family }}
sudo mv build/* .
sudo rm -rf build
- name: Install kairos-agent (for versioneer)
uses: Luet-lab/luet-install-action@cec77490c3f2416d7d07a47cfab04d448641d7ce # v1.1
with:
repository: quay.io/kairos/packages
packages: system/kairos-agent
- name: Build master 🔧
if: ${{ github.event_name == 'push' && github.ref == 'refs/heads/master' }}
run: |
earthly --platform=linux/${{ inputs.arch }} +ci \
--SECURITY_SCANS=true \
--VARIANT=${{ inputs.variant }} \
--FLAVOR=${{ inputs.flavor }} \
--FLAVOR_RELEASE=${{ inputs.flavor_release }} \
--BASE_IMAGE=${{ inputs.base_image }} \
--MODEL=${{ inputs.model }} \
--FAMILY=${{ inputs.family }}
sudo mv build/* .
sudo rm -rf build
mkdir trivy-results grype-results
trivy=$(ls *trivy.sarif 2>/dev/null | head -n 1)
grype=$(ls *grype.sarif 2>/dev/null | head -n 1)
sudo mv $trivy trivy-results/result.sarif
sudo mv $grype grype-results/result.sarif
- uses: itxaka/sarif-filter@v1
if: ${{ github.event_name == 'push' && github.ref == 'refs/heads/master' }}
with:
input: trivy-results/result.sarif
output: trivy-results/result.sarif
severity: critical
- uses: itxaka/sarif-filter@v1
if: ${{ github.event_name == 'push' && github.ref == 'refs/heads/master' }}
with:
input: grype-results/result.sarif
output: grype-results/result.sarif
severity: critical
- name: Check scan results
if: ${{ github.event_name == 'push' && github.ref == 'refs/heads/master' }}
continue-on-error: true
run: |
result=$(cat grype-results/result.sarif | jq '.runs[0].results | length')
if (( result > 0 )); then
echo "Critical severity issues found in Grype scan"
exit 1
fi
result=$(cat trivy-results/result.sarif | jq '.runs[0].results | length')
if (( result > 0 )); then
echo "Critical severity issues found in Trivy scan"
exit 1
fi
- name: Upload Trivy scan results to GitHub Security tab
if: ${{ github.event_name == 'push' && github.ref == 'refs/heads/master' }}
uses: github/codeql-action/upload-sarif@f09c1c0a94de965c15400f5634aa42fac8fb8f88 # v3
with:
sarif_file: 'trivy-results'
category: ${{ inputs.flavor }}-${{ inputs.flavor_release }}-${{ inputs.variant }}-${{ inputs.arch }}-${{ inputs.model }}-trivy
- name: Upload Grype scan results to GitHub Security tab
if: ${{ github.event_name == 'push' && github.ref == 'refs/heads/master' }}
uses: github/codeql-action/upload-sarif@f09c1c0a94de965c15400f5634aa42fac8fb8f88 # v3
with:
sarif_file: 'grype-results'
category: ${{ inputs.flavor }}-${{ inputs.flavor_release }}-${{ inputs.variant }}-${{ inputs.arch }}-${{ inputs.model }}-grype
- uses: actions/upload-artifact@65c4c4a1ddee5b72f698fdd19549f0f0fb45cf08 # v4
if: ${{ github.event_name == 'push' && github.ref == 'refs/heads/master' }}
with:
name: kairos-${{ inputs.flavor }}-${{ inputs.flavor_release }}-scan-results.zip
path: |
grype-results/*.sarif
trivy-results/*.sarif
if-no-files-found: error
mkdir build
docker run --rm -v /var/run/docker.sock:/var/run/docker.sock \
-v $PWD:/output \
quay.io/kairos/auroraboot:latest --debug build-iso --output /output/ \
--name kairos-${{ inputs.flavor }}-${{ inputs.flavor_release }}-${{ inputs.variant }}-${{ inputs.arch }}-${{ env.GIT_VERSION }} \
docker:${{ inputs.flavor }}-init:${{ inputs.flavor_release }}
- uses: actions/upload-artifact@65c4c4a1ddee5b72f698fdd19549f0f0fb45cf08 # v4
with:
name: kairos-${{ inputs.flavor }}-${{ inputs.flavor_release }}.iso.zip
name: kairos-${{ inputs.flavor }}-${{ inputs.flavor_release }}-${{ inputs.variant }}.iso.zip
path: |
*.iso
*.sha256
versions.yaml
if-no-files-found: error
- uses: actions/upload-artifact@65c4c4a1ddee5b72f698fdd19549f0f0fb45cf08 # v4
if: ${{ github.event_name == 'push' && github.ref == 'refs/heads/master' }}
with:
name: kairos-${{ inputs.flavor }}-${{ inputs.flavor_release }}.sbom.zip
path: |
*.syft.json
*.spdx.json
if-no-files-found: error
- name: Push to quay
if: ${{ github.event_name == 'push' && github.ref == 'refs/heads/master' }}
env:
COSIGN_YES: true
run: |
IMAGE=$(FLAVOR=${{ inputs.flavor }} FLAVOR_RELEASE="${{ inputs.flavor_release }}" MODEL=${{ inputs.model }} TARGETARCH=${{ inputs.arch }} VARIANT=${{ inputs.variant}} REGISTRY_AND_ORG="quay.io/kairos" RELEASE=master kairos-agent versioneer container-artifact-name)
docker tag $(cat IMAGE) $IMAGE
docker push $IMAGE
image_ref=$(docker image inspect --format='{{index .RepoDigests 0}}' "$IMAGE")
# TODO: on master we don't want to push all the sbom files since the tag is always the same and we don't go back to clean the old sbom files
# but we should also use this reusable job for releases and then it's important to do it
# For master:
cosign sign $image_ref
# For releases:
# spdx=$(ls *.spdx.json)
# cosign attach sbom --sbom $spdx $image_ref
# cosign sign $image_ref --attachment sbom
# in-toto attestation
# cosign attest --type spdx --predicate $spdx $image_ref
- name: Push to testing
run: |
_IMG=$(cat IMAGE)
TEST_IMAGE="ttl.sh/kairos-${{ inputs.flavor }}-${{ inputs.flavor_release }}-${{ github.sha }}:24h"
docker tag $_IMG $TEST_IMAGE
TEST_IMAGE="ttl.sh/kairos-${{ inputs.flavor }}-${{ inputs.flavor_release }}-${{ inputs.variant }}-${{ inputs.arch }}-${{ github.sha }}:24h"
docker tag ${{ inputs.flavor }}-init:${{ inputs.flavor_release }} $TEST_IMAGE
docker push $TEST_IMAGE

173
.github/workflows/reusable-build-provider.yaml vendored
View File

@ -1,173 +0,0 @@
name: Reusable workflow that builds a Provider image
on:
workflow_call:
inputs:
flavor:
required: true
type: string
flavor_release:
required: true
type: string
base_image:
required: true
type: string
model:
required: true
type: string
family:
required: true
type: string
variant:
required: true
type: string
arch:
required: true
type: string
permissions: read-all
jobs:
build:
runs-on: ubuntu-latest
permissions:
id-token: write # OIDC support
contents: write
actions: read
security-events: write
steps:
- name: Release space from worker
run: |
echo "Listing top largest packages"
pkgs=$(dpkg-query -Wf '${Installed-Size}\t${Package}\t${Status}\n' | awk '$NF == "installed"{print $1 "\t" $2}' | sort -nr)
head -n 30 <<< "${pkgs}"
echo
df -h
echo
sudo apt-get remove -y '^llvm-.*|^libllvm.*' || true
sudo apt-get remove --auto-remove android-sdk-platform-tools || true
sudo apt-get purge --auto-remove android-sdk-platform-tools || true
sudo rm -rf /usr/local/lib/android
sudo apt-get remove -y '^dotnet-.*|^aspnetcore-.*' || true
sudo rm -rf /usr/share/dotnet
sudo apt-get remove -y '^mono-.*' || true
sudo apt-get remove -y '^ghc-.*' || true
sudo apt-get remove -y '.*jdk.*|.*jre.*' || true
sudo apt-get remove -y 'php.*' || true
sudo apt-get remove -y hhvm || true
sudo apt-get remove -y powershell || true
sudo apt-get remove -y firefox || true
sudo apt-get remove -y monodoc-manual || true
sudo apt-get remove -y msbuild || true
sudo apt-get remove -y microsoft-edge-stable || true
sudo apt-get remove -y '^google-.*' || true
sudo apt-get remove -y azure-cli || true
sudo apt-get remove -y '^mongo.*-.*|^postgresql-.*|^mysql-.*|^mssql-.*' || true
sudo apt-get remove -y '^gfortran-.*' || true
sudo apt-get remove -y '^gcc-*' || true
sudo apt-get remove -y '^g++-*' || true
sudo apt-get remove -y '^cpp-*' || true
sudo apt-get autoremove -y
sudo apt-get clean
echo
echo "Listing top largest packages"
pkgs=$(dpkg-query -Wf '${Installed-Size}\t${Package}\t${Status}\n' | awk '$NF == "installed"{print $1 "\t" $2}' | sort -nr)
head -n 30 <<< "${pkgs}"
echo
sudo rm -rfv build || true
df -h
- uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4
- run: |
git fetch --prune --unshallow
- name: Install earthly
uses: Luet-lab/luet-install-action@cec77490c3f2416d7d07a47cfab04d448641d7ce # v1.1
with:
repository: quay.io/kairos/packages
packages: utils/earthly
- name: Block all traffic to metadata ip # For cloud runners, the metadata ip can interact with our test machines
run: |
sudo iptables -I INPUT -s 169.254.169.254 -j DROP
sudo iptables -I OUTPUT -d 169.254.169.254 -j DROP
- name: Login to earthly
run: |
earthly account login --token ${{ secrets.EARTHLY_TOKEN }} && earthly org select Kairos
- name: Build PR 🔧
if: ${{ github.event_name == 'pull_request' }}
run: |
earthly --platform=linux/${{ inputs.arch }} +extract-framework-profile
INIT=$([[ "${{ inputs.flavor }}" == "alpine" ]] && echo "openrc" || echo "systemd")
K3S_VERSION=$(sudo luet --config framework-profile.yaml search -o json k8s/k3s | jq --arg INIT "$INIT" '.packages | map(select(.name == "k3s-" + $INIT)) | map(.version) | unique | last' | tr -d '"')
earthly --platform=linux/${{ inputs.arch }} +ci \
--SECURITY_SCANS=false \
--VARIANT=${{ inputs.variant }} \
--FLAVOR=${{ inputs.flavor }} \
--FLAVOR_RELEASE=${{ inputs.flavor_release }} \
--BASE_IMAGE=${{ inputs.base_image }} \
--MODEL=${{ inputs.model }} \
--FAMILY=${{ inputs.family }} \
--K3S_VERSION=${K3S_VERSION}
sudo mv build/* .
sudo rm -rf build
- name: Install kairos-agent (for versioneer)
uses: Luet-lab/luet-install-action@cec77490c3f2416d7d07a47cfab04d448641d7ce # v1.1
with:
repository: quay.io/kairos/packages
packages: system/kairos-agent
- name: Build master 🔧
if: ${{ github.event_name == 'push' && github.ref == 'refs/heads/master' }}
run: |
earthly --platform=linux/${{ inputs.arch }} +extract-framework-profile
INIT=$([[ "${{ inputs.flavor }}" == "alpine" ]] && echo "openrc" || echo "systemd")
K3S_VERSION=$(sudo luet --config framework-profile.yaml search -o json k8s/k3s | jq --arg INIT "$INIT" '.packages | map(select(.name == "k3s-" + $INIT)) | map(.version) | unique | last' | tr -d '"')
earthly --platform=linux/${{ inputs.arch }} +ci \
--SECURITY_SCANS=true \
--VARIANT=${{ inputs.variant }} \
--FLAVOR=${{ inputs.flavor }} \
--FLAVOR_RELEASE=${{ inputs.flavor_release }} \
--BASE_IMAGE=${{ inputs.base_image }} \
--MODEL=${{ inputs.model }} \
--FAMILY=${{ inputs.family }} \
--K3S_VERSION=${K3S_VERSION}
sudo mv build/* .
sudo rm -rf build
- uses: actions/upload-artifact@65c4c4a1ddee5b72f698fdd19549f0f0fb45cf08 # v4
with:
name: kairos-${{ inputs.flavor }}-${{ inputs.flavor_release }}-provider.iso.zip
path: |
*.iso
*.sha256
versions.yaml
if-no-files-found: error
- name: Login to Quay Registry
if: ${{ github.event_name == 'push' && github.ref == 'refs/heads/master' }}
run: echo ${{ secrets.QUAY_PASSWORD }} | docker login -u ${{ secrets.QUAY_USERNAME }} --password-stdin quay.io
- name: Install Cosign
uses: sigstore/cosign-installer@main
- name: Push to quay
if: ${{ github.event_name == 'push' && github.ref == 'refs/heads/master' }}
env:
COSIGN_YES: true
run: |
INIT=$([[ "${{ inputs.flavor }}" == "alpine" ]] && echo "openrc" || echo "systemd")
K3S_VERSION=$(sudo luet --config framework-profile.yaml search -o json k8s/k3s | jq --arg INIT "$INIT" '.packages | map(select(.name == "k3s-" + $INIT)) | map(.version) | unique | last' | tr -d '"')
IMAGE=$(FLAVOR=${{ inputs.flavor }} FLAVOR_RELEASE="${{ inputs.flavor_release }}" MODEL=${{ inputs.model }} TARGETARCH=${{ inputs.arch }} VARIANT=${{ inputs.variant}} REGISTRY_AND_ORG="quay.io/kairos" RELEASE=master-k3sv${K3S_VERSION%%+*}-k3s1 kairos-agent versioneer container-artifact-name)
docker tag $(cat IMAGE) $IMAGE
docker push $IMAGE
image_ref=$(docker image inspect --format='{{index .RepoDigests 0}}' "$IMAGE")
# TODO: on master we don't want to push all the sbom files since the tag is always the same and we don't go back to clean the old sbom files
# but we should also use this reusable job for releases and then it's important to do it
# For master:
cosign sign $image_ref
# For releases:
# spdx=$(ls *.spdx.json)
# cosign attach sbom --sbom $spdx $image_ref
# cosign sign $image_ref --attachment sbom
# in-toto attestation
# cosign attest --type spdx --predicate $spdx $image_ref
- name: Push to testing
run: |
_IMG=$(cat IMAGE)
TEST_IMAGE="ttl.sh/kairos-${{ inputs.flavor }}-${{ inputs.flavor_release }}-${{ github.sha }}-provider:24h"
docker tag $_IMG $TEST_IMAGE
docker push $TEST_IMAGE

6
.github/workflows/reusable-custom-partitioning-test.yaml vendored
View File

@ -9,6 +9,9 @@ on:
flavor_release:
required: true
type: string
variant:
required: true
type: string
permissions: read-all
jobs:
@ -46,14 +49,13 @@ jobs:
- name: Download artifacts
uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 # v4.1.8
with:
name: kairos-${{ inputs.flavor }}-${{ inputs.flavor_release}}.iso.zip
name: kairos-${{ inputs.flavor }}-${{ inputs.flavor_release}}-${{ inputs.variant }}.iso.zip
- name: Run tests
env:
USE_QEMU: true
KVM: true
MEMORY: 4000
CPUS: 2
CONTAINER_IMAGE: ttl.sh/kairos-${{ inputs.flavor }}-${{ inputs.flavor_release }}-${{ github.sha }}:24h
run: |
ls *.iso
export ISO=$PWD/$(ls *.iso)

9
.github/workflows/reusable-docker-arm-build.yaml vendored
View File

@ -98,18 +98,14 @@ jobs:
uses: docker/build-push-action@v6
with:
context: images/
file: images/Dockerfile.kairos-${{ inputs.family }}
file: images/Dockerfile
platforms: linux/arm64
load: true
tags: ${{ env.IMAGE_REF }}, kairos:${{ env.GIT_VERSION }}
build-args: |
VARIANT=${{ inputs.variant }}
MODEL=${{ inputs.model }}
FLAVOR=${{ inputs.flavor }}
FLAVOR_RELEASE=${{ inputs.flavor_release }}
FAMILY=${{ inputs.family }}
BASE_IMAGE=${{ inputs.base_image }}
RELEASE=${{ env.RELEASE }}
SOFTWARE_VERSION: ${{ inputs.k3s_version && 'v' || '' }}${{ inputs.k3s_version }}
SOFTWARE_VERSION_PREFIX=k3s
# renovate: datasource=docker depName=quay.io/kairos/framework versioning=semver
@ -154,9 +150,6 @@ jobs:
build-args: |
VARIANT=${{ inputs.variant }}
MODEL=${{ inputs.model }}
FLAVOR=${{ inputs.flavor }}
FLAVOR_RELEASE=${{ inputs.flavor_release }}
FAMILY=${{ inputs.family }}
BASE_IMAGE=${{ inputs.base_image }}
RELEASE=${{ env.RELEASE }}
SOFTWARE_VERSION: ${{ inputs.k3s_version && 'v' || '' }}${{ inputs.k3s_version }}

45
.github/workflows/reusable-encryption-test.yaml vendored
View File

@ -12,6 +12,9 @@ on:
label:
required: true
type: string
variant:
required: true
type: string
permissions: read-all
jobs:
@ -21,46 +24,6 @@ jobs:
run:
shell: bash -eo pipefail {0}
steps:
- name: Release space from worker
run: |
echo "Listing top largest packages"
pkgs=$(dpkg-query -Wf '${Installed-Size}\t${Package}\t${Status}\n' | awk '$NF == "installed"{print $1 "\t" $2}' | sort -nr)
head -n 30 <<< "${pkgs}"
echo
df -h
echo
sudo apt-get remove -y '^llvm-.*|^libllvm.*' || true
sudo apt-get remove --auto-remove android-sdk-platform-tools || true
sudo apt-get purge --auto-remove android-sdk-platform-tools || true
sudo rm -rf /usr/local/lib/android
sudo apt-get remove -y '^dotnet-.*|^aspnetcore-.*' || true
sudo rm -rf /usr/share/dotnet
sudo apt-get remove -y '^mono-.*' || true
sudo apt-get remove -y '^ghc-.*' || true
sudo apt-get remove -y '.*jdk.*|.*jre.*' || true
sudo apt-get remove -y 'php.*' || true
sudo apt-get remove -y hhvm || true
sudo apt-get remove -y powershell || true
sudo apt-get remove -y firefox || true
sudo apt-get remove -y monodoc-manual || true
sudo apt-get remove -y msbuild || true
sudo apt-get remove -y microsoft-edge-stable || true
sudo apt-get remove -y '^google-.*' || true
sudo apt-get remove -y azure-cli || true
sudo apt-get remove -y '^mongo.*-.*|^postgresql-.*|^mysql-.*|^mssql-.*' || true
sudo apt-get remove -y '^gfortran-.*' || true
sudo apt-get remove -y '^gcc-*' || true
sudo apt-get remove -y '^g++-*' || true
sudo apt-get remove -y '^cpp-*' || true
sudo apt-get autoremove -y
sudo apt-get clean
echo
echo "Listing top largest packages"
pkgs=$(dpkg-query -Wf '${Installed-Size}\t${Package}\t${Status}\n' | awk '$NF == "installed"{print $1 "\t" $2}' | sort -nr)
head -n 30 <<< "${pkgs}"
echo
sudo rm -rfv build || true
df -h
- name: Checkout code
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4
with:
@ -86,7 +49,7 @@ jobs:
id: iso
uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 # v4.1.8
with:
name: kairos-${{ inputs.flavor }}-${{ inputs.flavor_release }}.iso.zip
name: kairos-${{ inputs.flavor }}-${{ inputs.flavor_release }}-${{ inputs.variant }}.iso.zip
- name: Display structure of downloaded files
run: ls -las .
- name: Block all traffic to metadata ip # For cloud runners, the metadata ip can interact with our test machines

15
.github/workflows/reusable-install-test-target.yaml vendored
View File

@ -12,6 +12,9 @@ on:
secureboot:
required: false
type: boolean
variant:
required: true
type: string
permissions: read-all
jobs:
@ -21,11 +24,6 @@ jobs:
- uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4
- run: |
git fetch --prune --unshallow
- name: Download ISO
id: iso
uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 # v4.1.8
with:
name: kairos-${{ inputs.flavor }}-${{ inputs.flavor_release}}.iso.zip
- name: Install Go
uses: actions/setup-go@3041bf56c941b39c61721a86cd11f3bb1338122a # v5
with:
@ -49,6 +47,11 @@ jobs:
# TODO: Switch back to the above solution when we switch to the github runners
# https://askubuntu.com/a/1081326
sudo setfacl -m u:runner:rwx /dev/kvm
- name: Download ISO
id: iso
uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 # v4.1.8
with:
name: kairos-${{ inputs.flavor }}-${{ inputs.flavor_release}}-${{ inputs.variant }}.iso.zip
- name: Tests
env:
USE_QEMU: true
@ -70,6 +73,6 @@ jobs:
- uses: actions/upload-artifact@65c4c4a1ddee5b72f698fdd19549f0f0fb45cf08 # v4
if: failure()
with:
name: ${{ inputs.flavor }}.logs.zip
name: ${{ inputs.flavor }}-${{ inputs.flavor_release }}-${{ inputs.variant }}-install-test.logs.zip
path: tests/**/logs/*
if-no-files-found: warn

5
.github/workflows/reusable-install-test.yaml vendored
View File

@ -12,6 +12,9 @@ on:
secureboot:
required: false
type: boolean
variant:
required: true
type: string
permissions: read-all
jobs:
@ -25,7 +28,7 @@ jobs:
id: iso
uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 # v4.1.8
with:
name: kairos-${{ inputs.flavor }}-${{ inputs.flavor_release}}.iso.zip
name: kairos-${{ inputs.flavor }}-${{ inputs.flavor_release}}-${{ inputs.variant }}.iso.zip
- name: Install Go
uses: actions/setup-go@3041bf56c941b39c61721a86cd11f3bb1338122a # v5
with:

10
.github/workflows/reusable-provider-tests.yaml vendored
View File

@ -12,6 +12,12 @@ on:
label:
required: true
type: string
variant:
required: true
type: string
arch:
required: true
type: string
permissions: read-all
jobs:
@ -58,7 +64,7 @@ jobs:
- name: Download artifacts
uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 # v4.1.8
with:
name: kairos-${{ inputs.flavor }}-${{ inputs.flavor_release }}-provider.iso.zip
name: kairos-${{ inputs.flavor }}-${{ inputs.flavor_release }}-${{ inputs.variant }}.iso.zip
- name: Run tests
env:
USE_QEMU: true
@ -66,7 +72,7 @@ jobs:
MEMORY: 4000
CPUS: 2
DRIVE_SIZE: 30000
CONTAINER_IMAGE: ttl.sh/kairos-${{ inputs.flavor }}-${{ inputs.flavor_release }}-${{ github.sha }}-provider:24h
CONTAINER_IMAGE: ttl.sh/kairos-${{ inputs.flavor }}-${{ inputs.flavor_release }}-${{ inputs.variant }}-${{ inputs.arch }}-${{ github.sha }}-provider:24h
run: |
ls *.iso
export ISO=$PWD/$(ls *.iso)

5
.github/workflows/reusable-provider-upgrade-latest-test.yaml vendored
View File

@ -15,6 +15,9 @@ on:
release_matcher:
required: false
type: string
variant:
required: true
type: string
permissions: read-all
jobs:
@ -71,7 +74,7 @@ jobs:
export MEMORY=4000
export CPUS=2
export DRIVE_SIZE=30000
export CONTAINER_IMAGE=ttl.sh/kairos-${{ inputs.flavor }}-${{ inputs.flavor_release }}-${{ github.sha }}-provider:24h
export CONTAINER_IMAGE=ttl.sh/kairos-${{ inputs.flavor }}-${{ inputs.flavor_release }}-${{ inputs.variant }}-${{ github.sha }}-provider:24h
export ISO=$PWD/$(ls -1 *.iso | grep -v ipxe | head -n 1)
cp tests/go.* .

5
.github/workflows/reusable-qemu-acceptance-test.yaml vendored
View File

@ -9,6 +9,9 @@ on:
flavor_release:
required: true
type: string
variant:
required: true
type: string
permissions: read-all
jobs:
@ -22,7 +25,7 @@ jobs:
id: iso
uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 # v4.1.8
with:
name: kairos-${{ inputs.flavor }}-${{ inputs.flavor_release }}.iso.zip
name: kairos-${{ inputs.flavor }}-${{ inputs.flavor_release }}-${{ inputs.variant }}.iso.zip
- name: Install Go
uses: actions/setup-go@3041bf56c941b39c61721a86cd11f3bb1338122a # v5
with:

5
.github/workflows/reusable-qemu-bundles-test.yaml vendored
View File

@ -9,6 +9,9 @@ on:
flavor_release:
required: true
type: string
variant:
required: true
type: string
permissions: read-all
jobs:
@ -22,7 +25,7 @@ jobs:
id: iso
uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 # v4.1.8
with:
name: kairos-${{ inputs.flavor }}-${{ inputs.flavor_release }}.iso.zip
name: kairos-${{ inputs.flavor }}-${{ inputs.flavor_release }}-${{ inputs.variant }}.iso.zip
- name: Display structure of downloaded files
run: ls -las .
- name: Install earthly

109
.github/workflows/reusable-qemu-netboot-test.yaml vendored
View File

@ -25,69 +25,58 @@ on:
permissions: read-all
jobs:
test:
runs-on: ubuntu-latest
runs-on: kvm
steps:
- name: Release space from worker
run: |
echo "Listing top largest packages"
pkgs=$(dpkg-query -Wf '${Installed-Size}\t${Package}\t${Status}\n' | awk '$NF == "installed"{print $1 "\t" $2}' | sort -nr)
head -n 30 <<< "${pkgs}"
echo
df -h
echo
sudo apt-get remove -y '^llvm-.*|^libllvm.*' || true
sudo apt-get remove --auto-remove android-sdk-platform-tools || true
sudo apt-get purge --auto-remove android-sdk-platform-tools || true
sudo rm -rf /usr/local/lib/android
sudo apt-get remove -y '^dotnet-.*|^aspnetcore-.*' || true
sudo rm -rf /usr/share/dotnet
sudo apt-get remove -y '^mono-.*' || true
sudo apt-get remove -y '^ghc-.*' || true
sudo apt-get remove -y '.*jdk.*|.*jre.*' || true
sudo apt-get remove -y 'php.*' || true
sudo apt-get remove -y hhvm || true
sudo apt-get remove -y powershell || true
sudo apt-get remove -y firefox || true
sudo apt-get remove -y monodoc-manual || true
sudo apt-get remove -y msbuild || true
sudo apt-get remove -y microsoft-edge-stable || true
sudo apt-get remove -y '^google-.*' || true
sudo apt-get remove -y azure-cli || true
sudo apt-get remove -y '^mongo.*-.*|^postgresql-.*|^mysql-.*|^mssql-.*' || true
sudo apt-get remove -y '^gfortran-.*' || true
sudo apt-get remove -y '^gcc-*' || true
sudo apt-get remove -y '^g++-*' || true
sudo apt-get remove -y '^cpp-*' || true
sudo apt-get autoremove -y
sudo apt-get clean
echo
echo "Listing top largest packages"
pkgs=$(dpkg-query -Wf '${Installed-Size}\t${Package}\t${Status}\n' | awk '$NF == "installed"{print $1 "\t" $2}' | sort -nr)
head -n 30 <<< "${pkgs}"
echo
sudo rm -rfv build || true
df -h
- uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4
- run: |
git fetch --prune --unshallow
- name: Install earthly
uses: Luet-lab/luet-install-action@cec77490c3f2416d7d07a47cfab04d448641d7ce # v1.1
with:
repository: quay.io/kairos/packages
packages: utils/earthly
- uses: actions/checkout@v4
- name: Block all traffic to metadata ip # For cloud runners, the metadata ip can interact with our test machines
run: |
sudo iptables -I INPUT -s 169.254.169.254 -j DROP
sudo iptables -I OUTPUT -d 169.254.169.254 -j DROP
- name: Login to earthly
- name: Install Go
uses: actions/setup-go@3041bf56c941b39c61721a86cd11f3bb1338122a # v5
with:
go-version-file: tests/go.mod
cache-dependency-path: tests/go.sum
- uses: actions/checkout@v4
with:
repository: "ipxe/ipxe"
path: "ipxe"
fetch-depth: '0'
- name: Set up QEMU
uses: docker/setup-qemu-action@master
with:
platforms: all
- name: Install deps
run: |
earthly account login --token ${{ secrets.EARTHLY_TOKEN }} && earthly org select Kairos
- run: |
earthly -P +run-qemu-netboot-test \
--TEST_SUITE=netboot-test \
--FLAVOR=${{ inputs.flavor }} \
--FLAVOR_RELEASE=${{ inputs.flavor_release }} \
--FAMILY=${{ inputs.family }} \
--BASE_IMAGE=${{ inputs.base_image}} \
--MODEL=${{ inputs.model }} \
--VARIANT=${{ inputs.variant }}
sudo apt-get update
sudo apt-get install -y mtools syslinux isolinux git make gcc liblzma-dev mkisofs xorriso build-essential qemu-utils qemu-system-x86
- name: Build iPXE iso with our script on it
run: |
cp tests/assets/kairos.ipxe ipxe/src/kairos.ipxe
pushd ipxe/src && make bin/ipxe.iso EMBED=kairos.ipxe && popd
cp ipxe/src/bin/ipxe.iso ipxe.iso
- name: Download ISO
id: iso
uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 # v4.1.8
with:
name: kairos-${{ inputs.flavor }}-${{ inputs.flavor_release }}-${{ inputs.variant }}.iso.zip
- name: Extract ipxe artifacts for the ipxe server
run: |
mkdir -p build
export ISO=$(ls $PWD/*${{ inputs.flavor }}*.iso)
isoinfo -x /rootfs.squashfs -R -i ${ISO} > build/kairos.squashfs
isoinfo -x /boot/kernel -R -i ${ISO} > build/kairos-kernel
isoinfo -x /boot/initrd -R -i ${ISO} > build/kairos-initrd
- name: Run tests
env:
USE_QEMU: true
KVM: true
MEMORY: 4000
CPUS: 2
run: |
# Run the http server in the background
docker run -d -v $PWD/build/:/build --workdir=/build --net=host python:3.11.0-alpine python3 -m http.server 80
export ISO=$PWD/ipxe.iso
cp tests/go.* .
go mod download
go run github.com/onsi/ginkgo/v2/ginkgo -v --label-filter "netboot-test" --fail-fast -r ./tests/

5
.github/workflows/reusable-qemu-reset-test.yaml vendored
View File

@ -9,6 +9,9 @@ on:
flavor_release:
required: true
type: string
variant:
required: true
type: string
permissions: read-all
jobs:
@ -22,7 +25,7 @@ jobs:
id: iso
uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 # v4.1.8
with:
name: kairos-${{ inputs.flavor }}-${{ inputs.flavor_release }}.iso.zip
name: kairos-${{ inputs.flavor }}-${{ inputs.flavor_release }}-${{ inputs.variant }}.iso.zip
- name: Display structure of downloaded files
run: ls -las .
- name: Install earthly

83
.github/workflows/reusable-uki-test.yaml vendored
View File

@ -6,9 +6,6 @@ on:
base_image:
required: true
type: string
family:
required: true
type: string
flavor:
required: true
type: string
@ -18,10 +15,9 @@ on:
variant:
required: true
type: string
k3s_version:
required: false
model:
required: true
type: string
permissions: read-all
jobs:
test-uki:
@ -34,18 +30,25 @@ jobs:
env:
FLAVOR: ${{ inputs.flavor }}
FLAVOR_RELEASE: ${{ inputs.flavor_release }}
TEMP_IMAGE: ttl.sh/${{ inputs.flavor }}-${{ inputs.flavor_release}}-${{ inputs.variant }}-${{ github.sha }}:6h
steps:
- name: Install earthly
uses: Luet-lab/luet-install-action@cec77490c3f2416d7d07a47cfab04d448641d7ce # v1.1
with:
repository: quay.io/kairos/packages
packages: utils/earthly
- uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4
- name: Install Go
uses: actions/setup-go@3041bf56c941b39c61721a86cd11f3bb1338122a # v5
with:
go-version-file: tests/go.mod
cache-dependency-path: tests/go.sum
- name: Enable KVM group perms
- name: Set up Docker Buildx
id: buildx
uses: docker/setup-buildx-action@master
- name: Enable KVM group perms and install deps
run: |
sudo apt-get update
sudo apt-get install -y libvirt-clients libvirt-daemon-system libvirt-daemon virtinst bridge-utils qemu qemu-system-x86 qemu-system-x86 qemu-utils qemu-kvm acl udev
sudo apt-get install -y libvirt-clients libvirt-daemon-system libvirt-daemon virtinst bridge-utils qemu qemu-system-x86 qemu-system-x86 qemu-utils qemu-kvm acl udev mkisofs
# https://github.blog/changelog/2023-02-23-hardware-accelerated-android-virtualization-on-actions-windows-and-linux-larger-hosted-runners/
# echo 'KERNEL=="kvm", GROUP="kvm", MODE="0666", OPTIONS+="static_node=kvm"' | sudo tee /etc/udev/rules.d/99-kvm4all.rules
# sudo udevadm control --reload-rules
@ -55,45 +58,40 @@ jobs:
# TODO: Switch back to the above solution when we switch to the github runners
# https://askubuntu.com/a/1081326
sudo setfacl -m u:runner:rwx /dev/kvm
- name: Install earthly
uses: Luet-lab/luet-install-action@cec77490c3f2416d7d07a47cfab04d448641d7ce # v1.1
- name: Build the docker image
uses: docker/build-push-action@v6
with:
repository: quay.io/kairos/packages
packages: utils/earthly
- name: Login to earthly
run: |
earthly account login --token ${{ secrets.EARTHLY_TOKEN }} && earthly org select Kairos
- name: Build base image 🔧
run: | # known flavors to work with uki+encryption: fedora >= 38, ubuntu >= 23.10, anything with systemd 253
earthly +base-image \
--FLAVOR=${{ inputs.flavor }} \
--FLAVOR_RELEASE=${{ inputs.flavor_release }} \
--FAMILY=${{ inputs.family }} \
--MODEL=generic \
--VARIANT=${{ inputs.variant }} \
--BASE_IMAGE=${{ inputs.base_image }} \
--BOOTLOADER=systemd-boot \
--K3S_VERSION=${{ inputs.k3s_version }}
- name: Push image to ttl.sh
run: |
docker tag $(cat build/IMAGE) $TEMP_IMAGE
docker push $TEMP_IMAGE
context: .
file: images/Dockerfile
platforms: linux/amd64
load: true
tags: ${{ inputs.flavor }}-init:${{ inputs.flavor_release }}
build-args: |
BASE_IMAGE=${{ inputs.base_image }}
MODEL=${{ inputs.model }}
VARIANT=${{ inputs.variant }}
TRUSTED_BOOT=true
- name: Build uki ISO 🔧
run: |
earthly +uki-iso \
--BASE_IMAGE=$TEMP_IMAGE \
--AURORABOOT_OVERLAY_DIR=tests/assets/sysext/ \
--AURORABOOT_KEYS_DIR=tests/assets/keys/ \
--AURORABOOT_FLAGS="--single-efi-cmdline=\"testentry: nothing\""
mkdir build
docker run --rm -v /var/run/docker.sock:/var/run/docker.sock \
-v $PWD/tests/assets/keys:/keys \
-v $PWD/tests/assets/sysext/:/overlay \
-v $PWD/build/:/output \
quay.io/kairos/auroraboot:latest --debug build-uki --output-dir /output/ -k /keys --output-type iso \
--single-efi-cmdline="testentry: nothing" \
--overlay-iso /overlay \
docker:${{ inputs.flavor }}-init:${{ inputs.flavor_release }}
- name: Create datasource iso 🔧
run: |
earthly +datasource-iso --CLOUD_CONFIG=tests/assets/uki-install.yaml
cp tests/assets/uki-install.yaml user-data
touch meta-data
mkisofs -output build/datasource.iso -volid cidata -joliet -rock user-data meta-data
- name: Build uki upgrade image 🔧
run: |
rm -rf /tmp/unpacked
sudo luet util unpack "${TEMP_IMAGE}" ./unpacked
sudo luet util unpack ${{ inputs.flavor }}-init:${{ inputs.flavor_release }} ./unpacked --local
new_version="mynewversion"
sudo sed -i 's/^KAIROS_VERSION=.*/KAIROS_VERSION="'$new_version'"/' ./unpacked/etc/os-release
sudo sed -i 's/^KAIROS_VERSION=.*/KAIROS_VERSION="'$new_version'"/' ./unpacked/etc/kairos-release
echo "$new_version" > "${PWD}/build/expected_new_version"
@ -101,9 +99,8 @@ jobs:
-v $PWD/unpacked:/unpacked \
-v $PWD/build:/result \
-v $PWD/tests/assets/keys:/keys \
quay.io/kairos/auroraboot:latest build-uki \
quay.io/kairos/auroraboot:latest --debug build-uki \
--output-dir /result --keys /keys --output-type container \
--single-efi-cmdline "myentry: foobar" \
dir:/unpacked
docker load -i build/*.tar
@ -149,13 +146,13 @@ jobs:
run: |
SUFFIX="-uki"
IMAGE=$(FLAVOR=${{ inputs.flavor }} FLAVOR_RELEASE="${{ inputs.flavor_release }}" MODEL=generic TARGETARCH=amd64 VARIANT=${{ inputs.variant }} REGISTRY_AND_ORG="quay.io/kairos" RELEASE=master kairos-agent versioneer container-artifact-name)
docker tag $(cat build/IMAGE) "$IMAGE$SUFFIX"
docker tag ${{ inputs.flavor }}-init:${{ inputs.flavor_release }} "$IMAGE$SUFFIX"
docker push "$IMAGE$SUFFIX"
image_ref=$(docker image inspect --format='{{index .RepoDigests 0}}' "$IMAGE$SUFFIX")
cosign sign $image_ref
- uses: actions/upload-artifact@65c4c4a1ddee5b72f698fdd19549f0f0fb45cf08 # v4
if: failure()
with:
name: ${{ inputs.flavor }}-${{ inputs.flavor_release }}-${{ inputs.variant }}.logs.zip
name: ${{ inputs.flavor }}-${{ inputs.flavor_release }}-${{ inputs.variant }}-uki.logs.zip
path: tests/**/logs/*
if-no-files-found: warn

48
.github/workflows/reusable-upgrade-latest-test.yaml vendored
View File

@ -15,6 +15,12 @@ on:
release_matcher:
required: false
type: string
variant:
required: true
type: string
arch:
required: true
type: string
permissions: read-all
jobs:
@ -23,46 +29,6 @@ jobs:
env:
MATCHER: ${{ inputs.release_matcher || inputs.flavor_release }}
steps:
- name: Release space from worker
run: |
echo "Listing top largest packages"
pkgs=$(dpkg-query -Wf '${Installed-Size}\t${Package}\t${Status}\n' | awk '$NF == "installed"{print $1 "\t" $2}' | sort -nr)
head -n 30 <<< "${pkgs}"
echo
df -h
echo
sudo apt-get remove -y '^llvm-.*|^libllvm.*' || true
sudo apt-get remove --auto-remove android-sdk-platform-tools || true
sudo apt-get purge --auto-remove android-sdk-platform-tools || true
sudo rm -rf /usr/local/lib/android
sudo apt-get remove -y '^dotnet-.*|^aspnetcore-.*' || true
sudo rm -rf /usr/share/dotnet
sudo apt-get remove -y '^mono-.*' || true
sudo apt-get remove -y '^ghc-.*' || true
sudo apt-get remove -y '.*jdk.*|.*jre.*' || true
sudo apt-get remove -y 'php.*' || true
sudo apt-get remove -y hhvm || true
sudo apt-get remove -y powershell || true
sudo apt-get remove -y firefox || true
sudo apt-get remove -y monodoc-manual || true
sudo apt-get remove -y msbuild || true
sudo apt-get remove -y microsoft-edge-stable || true
sudo apt-get remove -y '^google-.*' || true
sudo apt-get remove -y azure-cli || true
sudo apt-get remove -y '^mongo.*-.*|^postgresql-.*|^mysql-.*|^mssql-.*' || true
sudo apt-get remove -y '^gfortran-.*' || true
sudo apt-get remove -y '^gcc-*' || true
sudo apt-get remove -y '^g++-*' || true
sudo apt-get remove -y '^cpp-*' || true
sudo apt-get autoremove -y
sudo apt-get clean
echo
echo "Listing top largest packages"
pkgs=$(dpkg-query -Wf '${Installed-Size}\t${Package}\t${Status}\n' | awk '$NF == "installed"{print $1 "\t" $2}' | sort -nr)
head -n 30 <<< "${pkgs}"
echo
sudo rm -rfv build || true
df -h
- uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4
- run: |
git fetch --prune --unshallow
@ -92,7 +58,7 @@ jobs:
# we use the right one.
ISO=$(ls kairos-${{ inputs.family }}-${{ env.MATCHER }}*core-amd64-generic-v*.iso | grep -v ipxe | head -n 1)
earthly +run-qemu-test --PREBUILT_ISO=$ISO \
--CONTAINER_IMAGE=ttl.sh/kairos-${{ inputs.flavor }}-${{ inputs.flavor_release }}-${{ github.sha }}:24h \
--CONTAINER_IMAGE=ttl.sh/kairos-${{ inputs.flavor }}-${{ inputs.flavor_release }}-${{ inputs.variant }}-${{ inputs.arch }}-${{ github.sha }}:24h \
--TEST_SUITE=upgrade-latest-with-cli
- uses: actions/upload-artifact@65c4c4a1ddee5b72f698fdd19549f0f0fb45cf08 # v4
if: failure()

50
.github/workflows/reusable-upgrade-with-cli-test.yaml vendored
View File

@ -9,52 +9,18 @@ on:
flavor_release:
required: true
type: string
variant:
required: true
type: string
arch:
required: true
type: string
permissions: read-all
jobs:
test:
runs-on: kvm
steps:
- name: Release space from worker
run: |
echo "Listing top largest packages"
pkgs=$(dpkg-query -Wf '${Installed-Size}\t${Package}\t${Status}\n' | awk '$NF == "installed"{print $1 "\t" $2}' | sort -nr)
head -n 30 <<< "${pkgs}"
echo
df -h
echo
sudo apt-get remove -y '^llvm-.*|^libllvm.*' || true
sudo apt-get remove --auto-remove android-sdk-platform-tools || true
sudo apt-get purge --auto-remove android-sdk-platform-tools || true
sudo rm -rf /usr/local/lib/android
sudo apt-get remove -y '^dotnet-.*|^aspnetcore-.*' || true
sudo rm -rf /usr/share/dotnet
sudo apt-get remove -y '^mono-.*' || true
sudo apt-get remove -y '^ghc-.*' || true
sudo apt-get remove -y '.*jdk.*|.*jre.*' || true
sudo apt-get remove -y 'php.*' || true
sudo apt-get remove -y hhvm || true
sudo apt-get remove -y powershell || true
sudo apt-get remove -y firefox || true
sudo apt-get remove -y monodoc-manual || true
sudo apt-get remove -y msbuild || true
sudo apt-get remove -y microsoft-edge-stable || true
sudo apt-get remove -y '^google-.*' || true
sudo apt-get remove -y azure-cli || true
sudo apt-get remove -y '^mongo.*-.*|^postgresql-.*|^mysql-.*|^mssql-.*' || true
sudo apt-get remove -y '^gfortran-.*' || true
sudo apt-get remove -y '^gcc-*' || true
sudo apt-get remove -y '^g++-*' || true
sudo apt-get remove -y '^cpp-*' || true
sudo apt-get autoremove -y
sudo apt-get clean
echo
echo "Listing top largest packages"
pkgs=$(dpkg-query -Wf '${Installed-Size}\t${Package}\t${Status}\n' | awk '$NF == "installed"{print $1 "\t" $2}' | sort -nr)
head -n 30 <<< "${pkgs}"
echo
sudo rm -rfv build || true
df -h
- name: Install earthly
uses: Luet-lab/luet-install-action@cec77490c3f2416d7d07a47cfab04d448641d7ce # v1.1
with:
@ -67,7 +33,7 @@ jobs:
id: iso
uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 # v4.1.8
with:
name: kairos-${{ inputs.flavor }}-${{ inputs.flavor_release }}.iso.zip
name: kairos-${{ inputs.flavor }}-${{ inputs.flavor_release }}-${{ inputs.variant }}.iso.zip
- name: Display structure of downloaded files
run: ls -las .
- name: Block all traffic to metadata ip # For cloud runners, the metadata ip can interact with our test machines
@ -80,7 +46,7 @@ jobs:
- run: |
earthly +run-qemu-test --PREBUILT_ISO=$(ls *${{ inputs.flavor }}*.iso) \
--FLAVOR=${{ inputs.flavor }} \
--CONTAINER_IMAGE=ttl.sh/kairos-${{ inputs.flavor }}-${{ inputs.flavor_release }}-${{ github.sha }}:24h \
--CONTAINER_IMAGE=ttl.sh/kairos-${{ inputs.flavor }}-${{ inputs.flavor_release }}-${{ inputs.variant }}-${{ inputs.arch }}-${{ github.sha }}:24h \
--TEST_SUITE=upgrade-with-cli
- uses: actions/upload-artifact@65c4c4a1ddee5b72f698fdd19549f0f0fb45cf08 # v4
if: failure()

59
.github/workflows/reusable-zfs-test.yaml vendored
View File

@ -9,6 +9,9 @@ on:
flavor_release:
required: true
type: string
variant:
required: true
type: string
permissions: read-all
jobs:
@ -16,24 +19,50 @@ jobs:
runs-on: kvm
steps:
- uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4
- name: Download ISO
id: iso
uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 # v4.1.8
- name: Install Go
uses: actions/setup-go@3041bf56c941b39c61721a86cd11f3bb1338122a # v5
with:
name: kairos-${{ inputs.flavor }}-${{ inputs.flavor_release }}.iso.zip
- name: Display structure of downloaded files
run: ls -R
- name: Install earthly
uses: Luet-lab/luet-install-action@cec77490c3f2416d7d07a47cfab04d448641d7ce # v1.1
with:
repository: quay.io/kairos/packages
packages: utils/earthly
go-version-file: tests/go.mod
cache-dependency-path: tests/go.sum
- name: Block all traffic to metadata ip # For cloud runners, the metadata ip can interact with our test machines
run: |
sudo iptables -I INPUT -s 169.254.169.254 -j DROP
sudo iptables -I OUTPUT -d 169.254.169.254 -j DROP
- name: Login to earthly
- name: Enable KVM group perms
run: |
earthly account login --token ${{ secrets.EARTHLY_TOKEN }} && earthly org select Kairos
- run: |
earthly +run-qemu-test --PREBUILT_ISO=$(ls *${{ inputs.flavor }}*.iso) --TEST_SUITE=zfs --FLAVOR=${{ inputs.flavor }}
sudo apt-get update
sudo apt-get install -y libvirt-clients libvirt-daemon-system libvirt-daemon virtinst bridge-utils qemu qemu-system-x86 qemu-system-x86 qemu-utils qemu-kvm acl udev
# https://github.blog/changelog/2023-02-23-hardware-accelerated-android-virtualization-on-actions-windows-and-linux-larger-hosted-runners/
# echo 'KERNEL=="kvm", GROUP="kvm", MODE="0666", OPTIONS+="static_node=kvm"' | sudo tee /etc/udev/rules.d/99-kvm4all.rules
# sudo udevadm control --reload-rules
# sudo udevadm trigger --name-match=kvm
# sudo usermod -a -G kvm,libvirt $USER
#
# TODO: Switch back to the above solution when we switch to the github runners
# https://askubuntu.com/a/1081326
sudo setfacl -m u:runner:rwx /dev/kvm
- name: Download ISO
id: iso
uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 # v4.1.8
with:
name: kairos-${{ inputs.flavor }}-${{ inputs.flavor_release }}-${{ inputs.variant}}.iso.zip
- name: Run tests
env:
USE_QEMU: true
KVM: true
MEMORY: 4000
CPUS: 2
DRIVE_SIZE: 30000
run: |
ls *.iso
export ISO=$PWD/$(ls *.iso)
echo "ISO is: $ISO"
cp tests/go.* .
go run github.com/onsi/ginkgo/v2/ginkgo -v --label-filter "zfs" --fail-fast -r ./tests/
- uses: actions/upload-artifact@65c4c4a1ddee5b72f698fdd19549f0f0fb45cf08 # v4
if: failure()
with:
name: ${{ inputs.flavor }}-${{ inputs.flavor_release }}-${{ inputs.variant }}-zfs-test.logs.zip
path: tests/**/logs/*
if-no-files-found: warn

7
.github/workflows/uki.yaml vendored
View File

@ -22,17 +22,19 @@ jobs:
family: ubuntu
base_image: ubuntu:24.04
variant: core
model: generic
- flavor: ubuntu
flavor_release: 24.04
family: ubuntu
base_image: ubuntu:24.04
variant: standard
k3s_version: 1.31.4+1 # we need to use a matrix like we do in the other pipelines, but adding manually now just to see if this makes it work
model: generic
- flavor: fedora
family: rhel
flavor_release: 40
base_image: fedora:40
variant: core
model: generic
uses: ./.github/workflows/reusable-uki-test.yaml
permissions:
id-token: write # OIDC support
@ -52,8 +54,7 @@ jobs:
secrets: inherit
with:
base_image: ${{ matrix.base_image }}
family: ${{ matrix.family }}
flavor: ${{ matrix.flavor }}
flavor_release: ${{ matrix.flavor_release }}
variant: ${{ matrix.variant }}
k3s_version: ${{ matrix.k3s_version }}
model: ${{ matrix.model }}

16
images/Dockerfile Normal file
View File

@ -0,0 +1,16 @@
ARG BASE_IMAGE=ubuntu:20.04
FROM quay.io/kairos/kairos-init:v0.2.0 AS kairos-init
FROM ${BASE_IMAGE} AS base
ARG VARIANT=core
ARG MODEL=generic
ARG TRUSTED_BOOT=false
ARG KUBERNETES_PROVIDER=k3s
ARG KUBERNETES_VERSION=latest
COPY --from=kairos-init /kairos-init /kairos-init
RUN /kairos-init -l debug -s install -m "${MODEL}" -v "${VARIANT}" -t "${TRUSTED_BOOT}" -k "${KUBERNETES_PROVIDER}" --k8sversion "${KUBERNETES_VERSION}"
RUN /kairos-init -l debug -s init -m "${MODEL}" -v "${VARIANT}" -t "${TRUSTED_BOOT}" -k "${KUBERNETES_PROVIDER}" --k8sversion "${KUBERNETES_VERSION}"
RUN /kairos-init -l debug --validate -m "${MODEL}" -v "${VARIANT}" -t "${TRUSTED_BOOT}" -k "${KUBERNETES_PROVIDER}" --k8sversion "${KUBERNETES_VERSION}"
RUN rm /kairos-init

151
images/Dockerfile.alpine
View File

@ -1,151 +0,0 @@
# WARNING: This is a base image used internally for Kairos, it is not meant to be built directly, use the images/Dockerfile.kairos-* files instead
###############################################################
#### ARGS ####
###############################################################
# WARNING: While some of the ARGs are not used in this file, they are used in the images/Dockerfile.kairos-* files
# TARGETARCH is used to determine the architecture of the image, it is already set by Docker so it doesn't need to be defined here
ARG FAMILY=alpine
ARG FLAVOR
ARG FLAVOR_RELEASE
ARG MODEL=generic
ARG BASE_IMAGE=alpine:3.19
ARG VARIANT
ARG VERSION
ARG FRAMEWORK_VERSION=main
###############################################################
#### Common ####
###############################################################
FROM $BASE_IMAGE AS common
RUN apk --no-cache add \
bash \
bash-completion \
blkid \
cloud-utils-growpart \
bonding \
bridge \
busybox-openrc \
ca-certificates \
connman \
conntrack-tools \
coreutils \
cryptsetup \
curl \
device-mapper-udev \
dbus \
dmidecode \
dosfstools \
e2fsprogs \
e2fsprogs-extra \
efibootmgr \
eudev \
eudev-hwids \
fail2ban \
findutils \
findmnt \
gawk \
gcompat \
gettext \
grub \
grub-efi \
haveged \
htop \
hvtools \
iproute2 \
iptables \
irqbalance \
iscsi-scst \
jq \
kbd-bkeymaps \
libc6-compat \
libusb \
lm-sensors \
logrotate \
lsscsi \
lvm2 \
lvm2-extra \
mdadm \
mdadm-misc \
mdadm-udev \
multipath-tools \
nano \
ncurses \
ncurses-terminfo \
nfs-utils \
open-iscsi \
openrc \
openssh-client \
openssh-server \
open-vm-tools \
open-vm-tools-deploypkg \
open-vm-tools-guestinfo \
open-vm-tools-static \
open-vm-tools-vmbackup \
parted \
procps \
parted \
qemu-guest-agent \
rbd-nbd \
rsync \
sgdisk \
smartmontools \
squashfs-tools \
strace \
sudo \
tar \
tzdata \
util-linux \
vim \
which \
wireguard-tools \
wpa_supplicant \
xfsprogs \
xfsprogs-extra \
xz
###############################################################
#### Common to a Model ####
###############################################################
FROM common AS generic
ARG TARGETARCH
RUN if [ "${TARGETARCH}" = "amd64" ];then apk --no-cache add grub-bios; fi
RUN apk --no-cache add \
bonding \
bridge \
rbd-nbd
# use --no-scripts to avoid building initramfs
RUN apk --no-cache add linux-lts --no-scripts
# Alpine provides the kernel under this name
RUN ln -sf /boot/vmlinuz-lts /boot/vmlinuz
# TODO: should this be part of rpi too?
# Enable tun module on boot for edgevpn/vpn services
RUN echo "tun" >> /etc/modules
FROM common as rpicommon
COPY rpi/config.txt /boot/config.txt
FROM rpicommon AS rpi3
# use --no-scripts to avoid building initramfs
RUN apk --no-cache add linux-rpi --no-scripts
FROM rpicommon AS rpi4
# use --no-scripts to avoid building initramfs
RUN apk --no-cache add linux-rpi4 --no-scripts
# Alpine-rpi provides the kernel under this name
RUN ln -sf /boot/vmlinuz-rpi4 /boot/vmlinuz
###############################################################
#### Post-Process Common to All ####
###############################################################
FROM ${MODEL} AS all
RUN rc-update add sshd boot && \
rc-update add connman boot && \
rc-update add acpid boot && \
rc-update add hwclock boot && \
rc-update add syslog boot && \
rc-update add udev sysinit && \
rc-update add udev-trigger sysinit && \
rc-update add cgroups sysinit && \
rc-update add ntpd boot && \
rc-update add crond && \
rc-update add fail2ban

172
images/Dockerfile.debian
View File

@ -1,172 +0,0 @@
# WARNING: This is a base image used internally for Kairos, it is not meant to be built directly, use the images/Dockerfile.kairos-* files instead
###############################################################
#### ARGS ####
###############################################################
# WARNING: While some of the ARGs are not used in this file, they are used in the images/Dockerfile.kairos-* files
# TARGETARCH is used to determine the architecture of the image, it is already set by Docker so it doesn't need to be defined here
ARG FAMILY=debian
ARG FLAVOR
ARG FLAVOR_RELEASE
ARG MODEL=generic
ARG BASE_IMAGE=debian:testing
ARG VARIANT
ARG VERSION
ARG FRAMEWORK_VERSION=main
###############################################################
#### Upstream Images ####
###############################################################
# we use testing for amd64 because zfsutils-linux is not available in bookworm
FROM $BASE_IMAGE AS amd64-upstream
RUN apt-get update && apt-get install -y --no-install-recommends ca-certificates
RUN <<EOF
echo "deb https://ftp.debian.org/debian bookworm main contrib" >> /etc/apt/sources.list.d/kairos.list
EOF
FROM $BASE_IMAGE AS arm64-upstream
###############################################################
#### Common ####
###############################################################
FROM ${TARGETARCH}-upstream AS common
ENV DEBIAN_FRONTEND=noninteractive
RUN apt-get update && apt-get install -y --no-install-recommends \
binutils \
cloud-guest-utils \
conntrack \
console-setup \
coreutils \
cryptsetup \
curl \
debianutils \
dmraid \
dosfstools \
dracut \
dracut-live \
dracut-network \
e2fsprogs \
e2fsprogs-l10n \
efibootmgr \
ethtool \
firmware-linux-free \
fuse3 \
gawk \
gdisk \
gnupg \
gnupg1-l10n \
grub2-common \
haveged \
iproute2 \
iptables \
iputils-ping \
isc-dhcp-common \
isc-dhcp-client \
jq \
krb5-locales \
less \
libatm1 \
libglib2.0-data \
libgpm2 \
libldap-common \
libnss-systemd \
libpam-cap \
libsasl2-modules \
lvm2 \
mdadm \
nano \
nbd-client \
ncurses-term \
neovim \
nfs-common \
nftables \
nohang \
open-iscsi \
openssh-server \
open-vm-tools \
os-prober \
parted \
patch \
pigz \
pkg-config \
polkitd \
psmisc \
publicsuffix \
python3-pynvim \
rsync \
shared-mime-info \
shim-signed \
snapd \
squashfs-tools \
sudo \
systemd \
systemd-resolved \
systemd-sysv \
systemd-timesyncd \
tar \
xauth \
xclip \
xdg-user-dirs \
xxd \
xz-utils \
zerofree \
&& apt-get clean && rm -rf /var/lib/apt/lists/*
###############################################################
#### bookworm vs testing differences ####
###############################################################
FROM common AS common-bookworm
FROM common AS common-testing
RUN apt-get update && apt-get install -y systemd-cryptsetup && apt-get clean && rm -rf /var/lib/apt/lists/*
###############################################################
#### Common to a Model ####
###############################################################
FROM common-${FLAVOR_RELEASE} AS amd64-generic
RUN apt-get update \
&& apt-get install -y --no-install-recommends \
grub2 \
grub-pc-bin \
grub-efi-amd64-bin \
grub-efi-amd64-signed \
linux-image-amd64 \
qemu-guest-agent \
zfsutils-linux \
&& apt-get clean && rm -rf /var/lib/apt/lists/*
FROM common-${FLAVOR_RELEASE} AS arm64-common
RUN apt-get update \
&& apt-get install -y --no-install-recommends \
grub-efi-arm64-bin \
grub-efi-arm64-signed \
linux-image-arm64 \
&& apt-get clean && rm -rf /var/lib/apt/lists/*
FROM arm64-common AS arm64-generic
RUN apt-get update \
&& apt-get install -y --no-install-recommends \
qemu-guest-agent \
&& apt-get clean && rm -rf /var/lib/apt/lists/*
FROM arm64-common AS rpicommon
RUN sed -i 's/^Components: main.*$/& non-free-firmware/' /etc/apt/sources.list.d/debian.sources
RUN apt-get update \
&& apt-get install -y --no-install-recommends \
raspi-firmware \
&& apt-get clean && rm -rf /var/lib/apt/lists/*
COPY rpi/config.txt /boot/config.txt
FROM rpicommon AS arm64-rpi3
FROM rpicommon AS arm64-rpi4
###############################################################
#### Post-Process Common to All ####
###############################################################
FROM ${TARGETARCH}-${MODEL} AS all
RUN systemctl enable systemd-networkd
RUN systemctl enable ssh
# Fixup sudo perms
RUN chown root:root /usr/bin/sudo && chmod 4755 /usr/bin/sudo

123
images/Dockerfile.kairos
View File

@ -1,123 +0,0 @@
# WARNING: Do not build this image on its own, use the different Dockerfile.kairos-* instead
FROM --platform="linux/${TARGETARCH}" quay.io/kairos/framework:${FRAMEWORK_VERSION} AS framework
FROM all AS base-kairos
# Symlinks to make elemental installer work
RUN ORIG=/usr/sbin/grub-install; DEST=/usr/sbin/grub2-install; [ -e $ORIG ] && [ ! -e $DEST ] && ln -s $ORIG $DEST || true
RUN ORIG=/usr/bin/grub-editenv; DEST=/usr/sbin/grub2-editenv; [ -e $ORIG ] && [ ! -e $DEST ] && ln -s $ORIG $DEST || true
# here we add 100Mb aprox
COPY --from=framework / /
RUN rm -rf /etc/ssh/ssh_host_*
COPY which-init.sh /usr/local/bin/which-init.sh
RUN if [ -f "/etc/kairos-release" ]; then sed -i -n '/KAIROS_/!p' /etc/kairos-release; fi
# need to be defined after FROM for them to be replaced in the RUN bellow
ARG HOME_URL="https://github.com/kairos-io/kairos"
ARG BUG_REPORT_URL="https://github.com/kairos-io/kairos/issues"
ARG GITHUB_REPO="kairos-io/kairos"
ARG ID=kairos
ARG REGISTRY_AND_ORG="quay.io/kairos"
ARG RELEASE
ARG FLAVOR
ARG FLAVOR_RELEASE
ARG VARIANT
ARG FAMILY
ARG MODEL
ARG TARGETARCH
ARG SOFTWARE_VERSION
ARG SOFTWARE_VERSION_PREFIX
ARG SOFTWARE_LUET_VERSION=""
RUN rm -rf /etc/machine-id
FROM base-kairos AS kairos-core
FROM base-kairos AS kairos-standard
ARG SOFTWARE_VERSION
LABEL io.kairos.k3s_version="${SOFTWARE_VERSION}"
RUN luet install -y system/provider-kairos
RUN luet install -y "k8s/${SOFTWARE_VERSION_PREFIX}-$(which-init.sh)@${SOFTWARE_LUET_VERSION:-$SOFTWARE_VERSION}" utils/edgevpn utils/k9s utils/nerdctl container/kubectl utils/kube-vip
FROM kairos-${VARIANT} AS kairos-final
ARG BASE_IMAGE
ARG FRAMEWORK_VERSION
ARG RELEASE
ARG FLAVOR
ARG FLAVOR_RELEASE
ARG VARIANT
ARG FAMILY
ARG MODEL
ARG TARGETARCH
ARG SOFTWARE_VERSION
ARG SOFTWARE_VERSION_PREFIX
LABEL org.opencontainers.image.authors="Kairos Maintainers <team@kairos.io>"
LABEL org.opencontainers.image.licenses="Apache-2.0"
LABEL org.opencontainers.image.url="https://github.com/kairos-io/kairos"
LABEL org.opencontainers.image.source="https://github.com/kairos-io/kairos.git"
LABEL io.kairos.base_image="${BASE_IMAGE}"
LABEL io.kairos.variant="${VARIANT}"
LABEL io.kairos.family="${FAMILY}"
LABEL io.kairos.flavor="${FLAVOR}"
LABEL io.kairos.flavor_release="${FLAVOR_RELEASE}"
LABEL io.kairos.model="${MODEL}"
LABEL io.kairos.release="${RELEASE}"
LABEL io.kairos.framework-version="${FRAMEWORK_VERSION}"
LABEL io.kairos.software-version="${SOFTWARE_VERSION}"
LABEL io.kairos.software-version-prefix="${SOFTWARE_VERSION_PREFIX}"
LABEL io.kairos.targetarch="${TARGETARCH}"
RUN kairos-agent versioneer os-release-variables > /etc/kairos-release
RUN kairos-agent versioneer container-artifact-name > /IMAGE
SHELL ["/bin/bash", "-o", "pipefail", "-c"]
RUN luet database get-all-installed --output /etc/kairos/versions.yaml
# TODO what about caches?
RUN kernel=$(ls /lib/modules | head -n1) && depmod -a "${kernel}"
# Set empty machine-id
# This prevents systemd from thinking that the machine is on first boot
# and recreating /etc/ dependencies in services and such
# do this before initramfs so its in the initramfs
RUN printf "" > /etc/machine-id || true
# Regenerate initrd if necessary, proper config files with immucore and custom initrd should already be in there installed by framework
# for systemd distros
RUN if [ -f "/usr/bin/dracut" ]; then \
kernel=$(ls /lib/modules | head -n1) && \
dracut -f "/boot/initrd-${kernel}" "${kernel}" && \
ln -sf "initrd-${kernel}" /boot/initrd; \
fi
# for alpine (openrc based)
RUN if [ -f "/sbin/mkinitfs" ]; then \
kernel=$(ls /lib/modules | head -n1) && \
mkinitfs -o /boot/initrd "${kernel}"; \
fi
# symlink kernel to /boot/vmlinuz
RUN kernel=$(ls /boot/vmlinuz-* 2>/dev/null | head -n1) && if [ -e "$kernel" ]; then ln -sf "$kernel" /boot/vmlinuz; fi || true
RUN kernel=$(ls /boot/Image* 2>/dev/null | head -n1) && if [ -e "$kernel" ]; then ln -sf "$kernel" /boot/vmlinuz; fi || true
# this is generally present on rhel based systems, but it doesn't hurt to remove in any case
RUN rm -rf /boot/initramfs-* || true
RUN rm /var/lib/dbus/machine-id || true
RUN rm /etc/hostname || true
# Disable the make-policy service that its on by default on some systemd versions
# it creates a pcrlock.json policy that conflicts with our mesurements when trying to enroll it
RUN if [ "$(which-init.sh)" = "systemd" ]; then \
systemctl disable systemd-pcrlock-make-policy || true; \
systemctl mask systemd-pcrlock-make-policy || true; \
journalctl --vacuum-size=1K || true; \
fi
RUN rm -rf /tmp/*
RUN luet cleanup
RUN rm -rf /var/luet

273
images/Dockerfile.kairos-alpine
View File

@ -1,273 +0,0 @@
# This file is auto-generated with the command: earthly +kairos-dockerfile --FAMILY=alpine
###############################################################
#### ARGS ####
###############################################################
# TARGETARCH is used to determine the architecture of the image, it is already set by Docker so it doesn't need to be defined here
ARG FAMILY=alpine
ARG FLAVOR
ARG FLAVOR_RELEASE
ARG MODEL=generic
ARG BASE_IMAGE=alpine:3.19
ARG VARIANT
ARG VERSION
ARG FRAMEWORK_VERSION=main
###############################################################
#### Common ####
###############################################################
FROM $BASE_IMAGE AS common
RUN apk --no-cache add \
bash \
bash-completion \
blkid \
cloud-utils-growpart \
bonding \
bridge \
busybox-openrc \
ca-certificates \
connman \
conntrack-tools \
coreutils \
cryptsetup \
curl \
device-mapper-udev \
dbus \
dmidecode \
dosfstools \
e2fsprogs \
e2fsprogs-extra \
efibootmgr \
eudev \
eudev-hwids \
fail2ban \
findutils \
findmnt \
gawk \
gcompat \
gettext \
grub \
grub-efi \
haveged \
htop \
hvtools \
iproute2 \
iptables \
irqbalance \
iscsi-scst \
jq \
kbd-bkeymaps \
libc6-compat \
libusb \
lm-sensors \
logrotate \
lsscsi \
lvm2 \
lvm2-extra \
mdadm \
mdadm-misc \
mdadm-udev \
multipath-tools \
nano \
ncurses \
ncurses-terminfo \
nfs-utils \
open-iscsi \
openrc \
openssh-client \
openssh-server \
open-vm-tools \
open-vm-tools-deploypkg \
open-vm-tools-guestinfo \
open-vm-tools-static \
open-vm-tools-vmbackup \
parted \
procps \
parted \
qemu-guest-agent \
rbd-nbd \
rsync \
sgdisk \
smartmontools \
squashfs-tools \
strace \
sudo \
tar \
tzdata \
util-linux \
vim \
which \
wireguard-tools \
wpa_supplicant \
xfsprogs \
xfsprogs-extra \
xz
###############################################################
#### Common to a Model ####
###############################################################
FROM common AS generic
ARG TARGETARCH
RUN if [ "${TARGETARCH}" = "amd64" ];then apk --no-cache add grub-bios; fi
RUN apk --no-cache add \
bonding \
bridge \
rbd-nbd
# use --no-scripts to avoid building initramfs
RUN apk --no-cache add linux-lts --no-scripts
# Alpine provides the kernel under this name
RUN ln -sf /boot/vmlinuz-lts /boot/vmlinuz
# TODO: should this be part of rpi too?
# Enable tun module on boot for edgevpn/vpn services
RUN echo "tun" >> /etc/modules
FROM common as rpicommon
COPY rpi/config.txt /boot/config.txt
FROM rpicommon AS rpi3
# use --no-scripts to avoid building initramfs
RUN apk --no-cache add linux-rpi --no-scripts
FROM rpicommon AS rpi4
# use --no-scripts to avoid building initramfs
RUN apk --no-cache add linux-rpi4 --no-scripts
# Alpine-rpi provides the kernel under this name
RUN ln -sf /boot/vmlinuz-rpi4 /boot/vmlinuz
###############################################################
#### Post-Process Common to All ####
###############################################################
FROM ${MODEL} AS all
RUN rc-update add sshd boot && \
rc-update add connman boot && \
rc-update add acpid boot && \
rc-update add hwclock boot && \
rc-update add syslog boot && \
rc-update add udev sysinit && \
rc-update add udev-trigger sysinit && \
rc-update add cgroups sysinit && \
rc-update add ntpd boot && \
rc-update add crond && \
rc-update add fail2ban
FROM --platform="linux/${TARGETARCH}" quay.io/kairos/framework:${FRAMEWORK_VERSION} AS framework
FROM all AS base-kairos
# Symlinks to make elemental installer work
RUN ORIG=/usr/sbin/grub-install; DEST=/usr/sbin/grub2-install; [ -e $ORIG ] && [ ! -e $DEST ] && ln -s $ORIG $DEST || true
RUN ORIG=/usr/bin/grub-editenv; DEST=/usr/sbin/grub2-editenv; [ -e $ORIG ] && [ ! -e $DEST ] && ln -s $ORIG $DEST || true
# here we add 100Mb aprox
COPY --from=framework / /
RUN rm -rf /etc/ssh/ssh_host_*
COPY which-init.sh /usr/local/bin/which-init.sh
RUN if [ -f "/etc/kairos-release" ]; then sed -i -n '/KAIROS_/!p' /etc/kairos-release; fi
# need to be defined after FROM for them to be replaced in the RUN bellow
ARG HOME_URL="https://github.com/kairos-io/kairos"
ARG BUG_REPORT_URL="https://github.com/kairos-io/kairos/issues"
ARG GITHUB_REPO="kairos-io/kairos"
ARG ID=kairos
ARG REGISTRY_AND_ORG="quay.io/kairos"
ARG RELEASE
ARG FLAVOR
ARG FLAVOR_RELEASE
ARG VARIANT
ARG FAMILY
ARG MODEL
ARG TARGETARCH
ARG SOFTWARE_VERSION
ARG SOFTWARE_VERSION_PREFIX
ARG SOFTWARE_LUET_VERSION=""
RUN rm -rf /etc/machine-id
FROM base-kairos AS kairos-core
FROM base-kairos AS kairos-standard
ARG SOFTWARE_VERSION
LABEL io.kairos.k3s_version="${SOFTWARE_VERSION}"
RUN luet install -y system/provider-kairos
RUN luet install -y "k8s/${SOFTWARE_VERSION_PREFIX}-$(which-init.sh)@${SOFTWARE_LUET_VERSION:-$SOFTWARE_VERSION}" utils/edgevpn utils/k9s utils/nerdctl container/kubectl utils/kube-vip
FROM kairos-${VARIANT} AS kairos-final
ARG BASE_IMAGE
ARG FRAMEWORK_VERSION
ARG RELEASE
ARG FLAVOR
ARG FLAVOR_RELEASE
ARG VARIANT
ARG FAMILY
ARG MODEL
ARG TARGETARCH
ARG SOFTWARE_VERSION
ARG SOFTWARE_VERSION_PREFIX
LABEL org.opencontainers.image.authors="Kairos Maintainers <team@kairos.io>"
LABEL org.opencontainers.image.licenses="Apache-2.0"
LABEL org.opencontainers.image.url="https://github.com/kairos-io/kairos"
LABEL org.opencontainers.image.source="https://github.com/kairos-io/kairos.git"
LABEL io.kairos.base_image="${BASE_IMAGE}"
LABEL io.kairos.variant="${VARIANT}"
LABEL io.kairos.family="${FAMILY}"
LABEL io.kairos.flavor="${FLAVOR}"
LABEL io.kairos.flavor_release="${FLAVOR_RELEASE}"
LABEL io.kairos.model="${MODEL}"
LABEL io.kairos.release="${RELEASE}"
LABEL io.kairos.framework-version="${FRAMEWORK_VERSION}"
LABEL io.kairos.software-version="${SOFTWARE_VERSION}"
LABEL io.kairos.software-version-prefix="${SOFTWARE_VERSION_PREFIX}"
LABEL io.kairos.targetarch="${TARGETARCH}"
RUN kairos-agent versioneer os-release-variables > /etc/kairos-release
RUN kairos-agent versioneer container-artifact-name > /IMAGE
SHELL ["/bin/bash", "-o", "pipefail", "-c"]
RUN luet database get-all-installed --output /etc/kairos/versions.yaml
# TODO what about caches?
RUN kernel=$(ls /lib/modules | head -n1) && depmod -a "${kernel}"
# Set empty machine-id
# This prevents systemd from thinking that the machine is on first boot
# and recreating /etc/ dependencies in services and such
# do this before initramfs so its in the initramfs
RUN printf "" > /etc/machine-id || true
# Regenerate initrd if necessary, proper config files with immucore and custom initrd should already be in there installed by framework
# for systemd distros
RUN if [ -f "/usr/bin/dracut" ]; then \
kernel=$(ls /lib/modules | head -n1) && \
dracut -f "/boot/initrd-${kernel}" "${kernel}" && \
ln -sf "initrd-${kernel}" /boot/initrd; \
fi
# for alpine (openrc based)
RUN if [ -f "/sbin/mkinitfs" ]; then \
kernel=$(ls /lib/modules | head -n1) && \
mkinitfs -o /boot/initrd "${kernel}"; \
fi
# symlink kernel to /boot/vmlinuz
RUN kernel=$(ls /boot/vmlinuz-* 2>/dev/null | head -n1) && if [ -e "$kernel" ]; then ln -sf "$kernel" /boot/vmlinuz; fi || true
RUN kernel=$(ls /boot/Image* 2>/dev/null | head -n1) && if [ -e "$kernel" ]; then ln -sf "$kernel" /boot/vmlinuz; fi || true
# this is generally present on rhel based systems, but it doesn't hurt to remove in any case
RUN rm -rf /boot/initramfs-* || true
RUN rm /var/lib/dbus/machine-id || true
RUN rm /etc/hostname || true
# Disable the make-policy service that its on by default on some systemd versions
# it creates a pcrlock.json policy that conflicts with our mesurements when trying to enroll it
RUN if [ "$(which-init.sh)" = "systemd" ]; then \
systemctl disable systemd-pcrlock-make-policy || true; \
systemctl mask systemd-pcrlock-make-policy || true; \
journalctl --vacuum-size=1K || true; \
fi
RUN rm -rf /tmp/*
RUN luet cleanup
RUN rm -rf /var/luet

294
images/Dockerfile.kairos-debian
View File

@ -1,294 +0,0 @@
# This file is auto-generated with the command: earthly +kairos-dockerfile --FAMILY=debian
###############################################################
#### ARGS ####
###############################################################
# TARGETARCH is used to determine the architecture of the image, it is already set by Docker so it doesn't need to be defined here
ARG FAMILY=debian
ARG FLAVOR
ARG FLAVOR_RELEASE
ARG MODEL=generic
ARG BASE_IMAGE=debian:testing
ARG VARIANT
ARG VERSION
ARG FRAMEWORK_VERSION=main
###############################################################
#### Upstream Images ####
###############################################################
# we use testing for amd64 because zfsutils-linux is not available in bookworm
FROM $BASE_IMAGE AS amd64-upstream
RUN apt-get update && apt-get install -y --no-install-recommends ca-certificates
RUN <<EOF
echo "deb https://ftp.debian.org/debian bookworm main contrib" >> /etc/apt/sources.list.d/kairos.list
EOF
FROM $BASE_IMAGE AS arm64-upstream
###############################################################
#### Common ####
###############################################################
FROM ${TARGETARCH}-upstream AS common
ENV DEBIAN_FRONTEND=noninteractive
RUN apt-get update && apt-get install -y --no-install-recommends \
binutils \
cloud-guest-utils \
conntrack \
console-setup \
coreutils \
cryptsetup \
curl \
debianutils \
dmraid \
dosfstools \
dracut \
dracut-live \
dracut-network \
e2fsprogs \
e2fsprogs-l10n \
efibootmgr \
ethtool \
firmware-linux-free \
fuse3 \
gawk \
gdisk \
gnupg \
gnupg1-l10n \
grub2-common \
haveged \
iproute2 \
iptables \
iputils-ping \
isc-dhcp-common \
isc-dhcp-client \
jq \
krb5-locales \
less \
libatm1 \
libglib2.0-data \
libgpm2 \
libldap-common \
libnss-systemd \
libpam-cap \
libsasl2-modules \
lvm2 \
mdadm \
nano \
nbd-client \
ncurses-term \
neovim \
nfs-common \
nftables \
nohang \
open-iscsi \
openssh-server \
open-vm-tools \
os-prober \
parted \
patch \
pigz \
pkg-config \
polkitd \
psmisc \
publicsuffix \
python3-pynvim \
rsync \
shared-mime-info \
shim-signed \
snapd \
squashfs-tools \
sudo \
systemd \
systemd-resolved \
systemd-sysv \
systemd-timesyncd \
tar \
xauth \
xclip \
xdg-user-dirs \
xxd \
xz-utils \
zerofree \
&& apt-get clean && rm -rf /var/lib/apt/lists/*
###############################################################
#### bookworm vs testing differences ####
###############################################################
FROM common AS common-bookworm
FROM common AS common-testing
RUN apt-get update && apt-get install -y systemd-cryptsetup && apt-get clean && rm -rf /var/lib/apt/lists/*
###############################################################
#### Common to a Model ####
###############################################################
FROM common-${FLAVOR_RELEASE} AS amd64-generic
RUN apt-get update \
&& apt-get install -y --no-install-recommends \
grub2 \
grub-pc-bin \
grub-efi-amd64-bin \
grub-efi-amd64-signed \
linux-image-amd64 \
qemu-guest-agent \
zfsutils-linux \
&& apt-get clean && rm -rf /var/lib/apt/lists/*
FROM common-${FLAVOR_RELEASE} AS arm64-common
RUN apt-get update \
&& apt-get install -y --no-install-recommends \
grub-efi-arm64-bin \
grub-efi-arm64-signed \
linux-image-arm64 \
&& apt-get clean && rm -rf /var/lib/apt/lists/*
FROM arm64-common AS arm64-generic
RUN apt-get update \
&& apt-get install -y --no-install-recommends \
qemu-guest-agent \
&& apt-get clean && rm -rf /var/lib/apt/lists/*
FROM arm64-common AS rpicommon
RUN sed -i 's/^Components: main.*$/& non-free-firmware/' /etc/apt/sources.list.d/debian.sources
RUN apt-get update \
&& apt-get install -y --no-install-recommends \
raspi-firmware \
&& apt-get clean && rm -rf /var/lib/apt/lists/*
COPY rpi/config.txt /boot/config.txt
FROM rpicommon AS arm64-rpi3
FROM rpicommon AS arm64-rpi4
###############################################################
#### Post-Process Common to All ####
###############################################################
FROM ${TARGETARCH}-${MODEL} AS all
RUN systemctl enable systemd-networkd
RUN systemctl enable ssh
# Fixup sudo perms
RUN chown root:root /usr/bin/sudo && chmod 4755 /usr/bin/sudo
FROM --platform="linux/${TARGETARCH}" quay.io/kairos/framework:${FRAMEWORK_VERSION} AS framework
FROM all AS base-kairos
# Symlinks to make elemental installer work
RUN ORIG=/usr/sbin/grub-install; DEST=/usr/sbin/grub2-install; [ -e $ORIG ] && [ ! -e $DEST ] && ln -s $ORIG $DEST || true
RUN ORIG=/usr/bin/grub-editenv; DEST=/usr/sbin/grub2-editenv; [ -e $ORIG ] && [ ! -e $DEST ] && ln -s $ORIG $DEST || true
# here we add 100Mb aprox
COPY --from=framework / /
RUN rm -rf /etc/ssh/ssh_host_*
COPY which-init.sh /usr/local/bin/which-init.sh
RUN if [ -f "/etc/kairos-release" ]; then sed -i -n '/KAIROS_/!p' /etc/kairos-release; fi
# need to be defined after FROM for them to be replaced in the RUN bellow
ARG HOME_URL="https://github.com/kairos-io/kairos"
ARG BUG_REPORT_URL="https://github.com/kairos-io/kairos/issues"
ARG GITHUB_REPO="kairos-io/kairos"
ARG ID=kairos
ARG REGISTRY_AND_ORG="quay.io/kairos"
ARG RELEASE
ARG FLAVOR
ARG FLAVOR_RELEASE
ARG VARIANT
ARG FAMILY
ARG MODEL
ARG TARGETARCH
ARG SOFTWARE_VERSION
ARG SOFTWARE_VERSION_PREFIX
ARG SOFTWARE_LUET_VERSION=""
RUN rm -rf /etc/machine-id
FROM base-kairos AS kairos-core
FROM base-kairos AS kairos-standard
ARG SOFTWARE_VERSION
LABEL io.kairos.k3s_version="${SOFTWARE_VERSION}"
RUN luet install -y system/provider-kairos
RUN luet install -y "k8s/${SOFTWARE_VERSION_PREFIX}-$(which-init.sh)@${SOFTWARE_LUET_VERSION:-$SOFTWARE_VERSION}" utils/edgevpn utils/k9s utils/nerdctl container/kubectl utils/kube-vip
FROM kairos-${VARIANT} AS kairos-final
ARG BASE_IMAGE
ARG FRAMEWORK_VERSION
ARG RELEASE
ARG FLAVOR
ARG FLAVOR_RELEASE
ARG VARIANT
ARG FAMILY
ARG MODEL
ARG TARGETARCH
ARG SOFTWARE_VERSION
ARG SOFTWARE_VERSION_PREFIX
LABEL org.opencontainers.image.authors="Kairos Maintainers <team@kairos.io>"
LABEL org.opencontainers.image.licenses="Apache-2.0"
LABEL org.opencontainers.image.url="https://github.com/kairos-io/kairos"
LABEL org.opencontainers.image.source="https://github.com/kairos-io/kairos.git"
LABEL io.kairos.base_image="${BASE_IMAGE}"
LABEL io.kairos.variant="${VARIANT}"
LABEL io.kairos.family="${FAMILY}"
LABEL io.kairos.flavor="${FLAVOR}"
LABEL io.kairos.flavor_release="${FLAVOR_RELEASE}"
LABEL io.kairos.model="${MODEL}"
LABEL io.kairos.release="${RELEASE}"
LABEL io.kairos.framework-version="${FRAMEWORK_VERSION}"
LABEL io.kairos.software-version="${SOFTWARE_VERSION}"
LABEL io.kairos.software-version-prefix="${SOFTWARE_VERSION_PREFIX}"
LABEL io.kairos.targetarch="${TARGETARCH}"
RUN kairos-agent versioneer os-release-variables > /etc/kairos-release
RUN kairos-agent versioneer container-artifact-name > /IMAGE
SHELL ["/bin/bash", "-o", "pipefail", "-c"]
RUN luet database get-all-installed --output /etc/kairos/versions.yaml
# TODO what about caches?
RUN kernel=$(ls /lib/modules | head -n1) && depmod -a "${kernel}"
# Set empty machine-id
# This prevents systemd from thinking that the machine is on first boot
# and recreating /etc/ dependencies in services and such
# do this before initramfs so its in the initramfs
RUN printf "" > /etc/machine-id || true
# Regenerate initrd if necessary, proper config files with immucore and custom initrd should already be in there installed by framework
# for systemd distros
RUN if [ -f "/usr/bin/dracut" ]; then \
kernel=$(ls /lib/modules | head -n1) && \
dracut -f "/boot/initrd-${kernel}" "${kernel}" && \
ln -sf "initrd-${kernel}" /boot/initrd; \
fi
# for alpine (openrc based)
RUN if [ -f "/sbin/mkinitfs" ]; then \
kernel=$(ls /lib/modules | head -n1) && \
mkinitfs -o /boot/initrd "${kernel}"; \
fi
# symlink kernel to /boot/vmlinuz
RUN kernel=$(ls /boot/vmlinuz-* 2>/dev/null | head -n1) && if [ -e "$kernel" ]; then ln -sf "$kernel" /boot/vmlinuz; fi || true
RUN kernel=$(ls /boot/Image* 2>/dev/null | head -n1) && if [ -e "$kernel" ]; then ln -sf "$kernel" /boot/vmlinuz; fi || true
# this is generally present on rhel based systems, but it doesn't hurt to remove in any case
RUN rm -rf /boot/initramfs-* || true
RUN rm /var/lib/dbus/machine-id || true
RUN rm /etc/hostname || true
# Disable the make-policy service that its on by default on some systemd versions
# it creates a pcrlock.json policy that conflicts with our mesurements when trying to enroll it
RUN if [ "$(which-init.sh)" = "systemd" ]; then \
systemctl disable systemd-pcrlock-make-policy || true; \
systemctl mask systemd-pcrlock-make-policy || true; \
journalctl --vacuum-size=1K || true; \
fi
RUN rm -rf /tmp/*
RUN luet cleanup
RUN rm -rf /var/luet

283
images/Dockerfile.kairos-opensuse
View File

@ -1,283 +0,0 @@
# This file is auto-generated with the command: earthly +kairos-dockerfile --FAMILY=opensuse
###############################################################
#### ARGS ####
###############################################################
# TARGETARCH is used to determine the architecture of the image, it is already set by Docker so it doesn't need to be defined here
ARG FAMILY=opensuse
ARG FLAVOR
ARG FLAVOR_RELEASE
ARG MODEL=generic
ARG BASE_IMAGE
ARG VARIANT
ARG VERSION
ARG FRAMEWORK_VERSION=main
FROM $BASE_IMAGE AS base
FROM base AS leap-15.6-repo
RUN zypper ar -G https://download.opensuse.org/repositories/utilities/15.6/utilities.repo || true && \
zypper ref
FROM base AS tumbleweed-repo-amd64
RUN zypper removerepo repo-openh264 && \
zypper ref
FROM base AS tumbleweed-repo-arm64
RUN zypper ar https://download.opensuse.org/ports/aarch64/tumbleweed/repo/oss/ aarch64 || true && \
zypper ref
FROM tumbleweed-repo-${TARGETARCH} AS tumbleweed-repo
RUN zypper ar -G https://download.opensuse.org/repositories/utilities/openSUSE_Factory/utilities.repo || true && \
zypper ref
FROM ${FLAVOR_RELEASE}-repo AS common
RUN zypper in --force-resolution -y \
bash-completion \
conntrack-tools \
cryptsetup \
coreutils \
curl \
device-mapper \
dhcp-client \
dosfstools \
dracut \
e2fsprogs \
fail2ban \
findutils \
gawk \
growpart \
gptfdisk \
haveged \
htop \
iproute2 \
iptables \
iputils \
issue-generator \
jq \
less \
logrotate \
lsscsi \
lvm2 \
mdadm \
multipath-tools \
nano \
nfs-utils \
nohang \
open-iscsi \
openssh \
open-vm-tools \
parted \
pigz \
policycoreutils \
polkit \
procps \
rsync \
shim \
squashfs \
strace \
sudo \
systemd \
systemd-network \
tar \
timezone \
tmux \
vim \
which \
tpm2* \
&& zypper cc
FROM common as amd64
RUN zypper in --force-resolution -y \
grub2-i386-pc \
grub2-x86_64-efi \
kernel-firmware-all \
nethogs \
patch \
systemd-sysvinit \
&& zypper cc
FROM common as arm64
RUN zypper in --force-resolution -y \
bcm43xx-firmware \
grub2-arm64-efi \
iw \
kernel-firmware-ath10k \
kernel-firmware-ath11k \
kernel-firmware-atheros \
kernel-firmware-bluetooth \
kernel-firmware-brcm \
kernel-firmware-iwlwifi \
kernel-firmware-network \
kernel-firmware-realtek \
kernel-firmware-serial \
kernel-firmware-usb-network \
nethogs \
&& zypper cc
###############################################################
#### Model ####
###############################################################
FROM ${TARGETARCH} AS generic
RUN zypper in --force-resolution -y \
lldpd \
qemu-guest-agent \
&& zypper cc
FROM ${TARGETARCH} AS rpicommon
RUN zypper in --force-resolution -y \
raspberrypi-eeprom \
raspberrypi-firmware \
raspberrypi-firmware-dt \
sysconfig \
sysconfig-netconfig \
sysvinit-tools \
wireless-tools \
wpa_supplicant \
&& zypper cc
COPY rpi/config.txt /boot/config.txt
FROM rpicommon AS rpi-leap-15.6
# somehow these two are needed in leap
RUN zypper in --force-resolution -y \
grub2-i386-pc \
grub2-x86_64-efi \
&& zypper cc
FROM rpicommon AS rpi-tumbleweed
FROM rpi-${FLAVOR_RELEASE} AS rpi3
FROM rpi-${FLAVOR_RELEASE} AS rpi4
###############################################################
#### Post-Process Common to All ####
###############################################################
FROM ${MODEL} AS all
# Not sure why but if I install kernel-defult at the common stage, it doesn't populate /boot so it's done here. Should
# be investigated further.
RUN zypper in --force-resolution -y \
kernel-default \
&& zypper cc
FROM --platform="linux/${TARGETARCH}" quay.io/kairos/framework:${FRAMEWORK_VERSION} AS framework
FROM all AS base-kairos
# Symlinks to make elemental installer work
RUN ORIG=/usr/sbin/grub-install; DEST=/usr/sbin/grub2-install; [ -e $ORIG ] && [ ! -e $DEST ] && ln -s $ORIG $DEST || true
RUN ORIG=/usr/bin/grub-editenv; DEST=/usr/sbin/grub2-editenv; [ -e $ORIG ] && [ ! -e $DEST ] && ln -s $ORIG $DEST || true
# here we add 100Mb aprox
COPY --from=framework / /
RUN rm -rf /etc/ssh/ssh_host_*
COPY which-init.sh /usr/local/bin/which-init.sh
RUN if [ -f "/etc/kairos-release" ]; then sed -i -n '/KAIROS_/!p' /etc/kairos-release; fi
# need to be defined after FROM for them to be replaced in the RUN bellow
ARG HOME_URL="https://github.com/kairos-io/kairos"
ARG BUG_REPORT_URL="https://github.com/kairos-io/kairos/issues"
ARG GITHUB_REPO="kairos-io/kairos"
ARG ID=kairos
ARG REGISTRY_AND_ORG="quay.io/kairos"
ARG RELEASE
ARG FLAVOR
ARG FLAVOR_RELEASE
ARG VARIANT
ARG FAMILY
ARG MODEL
ARG TARGETARCH
ARG SOFTWARE_VERSION
ARG SOFTWARE_VERSION_PREFIX
ARG SOFTWARE_LUET_VERSION=""
RUN rm -rf /etc/machine-id
FROM base-kairos AS kairos-core
FROM base-kairos AS kairos-standard
ARG SOFTWARE_VERSION
LABEL io.kairos.k3s_version="${SOFTWARE_VERSION}"
RUN luet install -y system/provider-kairos
RUN luet install -y "k8s/${SOFTWARE_VERSION_PREFIX}-$(which-init.sh)@${SOFTWARE_LUET_VERSION:-$SOFTWARE_VERSION}" utils/edgevpn utils/k9s utils/nerdctl container/kubectl utils/kube-vip
FROM kairos-${VARIANT} AS kairos-final
ARG BASE_IMAGE
ARG FRAMEWORK_VERSION
ARG RELEASE
ARG FLAVOR
ARG FLAVOR_RELEASE
ARG VARIANT
ARG FAMILY
ARG MODEL
ARG TARGETARCH
ARG SOFTWARE_VERSION
ARG SOFTWARE_VERSION_PREFIX
LABEL org.opencontainers.image.authors="Kairos Maintainers <team@kairos.io>"
LABEL org.opencontainers.image.licenses="Apache-2.0"
LABEL org.opencontainers.image.url="https://github.com/kairos-io/kairos"
LABEL org.opencontainers.image.source="https://github.com/kairos-io/kairos.git"
LABEL io.kairos.base_image="${BASE_IMAGE}"
LABEL io.kairos.variant="${VARIANT}"
LABEL io.kairos.family="${FAMILY}"
LABEL io.kairos.flavor="${FLAVOR}"
LABEL io.kairos.flavor_release="${FLAVOR_RELEASE}"
LABEL io.kairos.model="${MODEL}"
LABEL io.kairos.release="${RELEASE}"
LABEL io.kairos.framework-version="${FRAMEWORK_VERSION}"
LABEL io.kairos.software-version="${SOFTWARE_VERSION}"
LABEL io.kairos.software-version-prefix="${SOFTWARE_VERSION_PREFIX}"
LABEL io.kairos.targetarch="${TARGETARCH}"
RUN kairos-agent versioneer os-release-variables > /etc/kairos-release
RUN kairos-agent versioneer container-artifact-name > /IMAGE
SHELL ["/bin/bash", "-o", "pipefail", "-c"]
RUN luet database get-all-installed --output /etc/kairos/versions.yaml
# TODO what about caches?
RUN kernel=$(ls /lib/modules | head -n1) && depmod -a "${kernel}"
# Set empty machine-id
# This prevents systemd from thinking that the machine is on first boot
# and recreating /etc/ dependencies in services and such
# do this before initramfs so its in the initramfs
RUN printf "" > /etc/machine-id || true
# Regenerate initrd if necessary, proper config files with immucore and custom initrd should already be in there installed by framework
# for systemd distros
RUN if [ -f "/usr/bin/dracut" ]; then \
kernel=$(ls /lib/modules | head -n1) && \
dracut -f "/boot/initrd-${kernel}" "${kernel}" && \
ln -sf "initrd-${kernel}" /boot/initrd; \
fi
# for alpine (openrc based)
RUN if [ -f "/sbin/mkinitfs" ]; then \
kernel=$(ls /lib/modules | head -n1) && \
mkinitfs -o /boot/initrd "${kernel}"; \
fi
# symlink kernel to /boot/vmlinuz
RUN kernel=$(ls /boot/vmlinuz-* 2>/dev/null | head -n1) && if [ -e "$kernel" ]; then ln -sf "$kernel" /boot/vmlinuz; fi || true
RUN kernel=$(ls /boot/Image* 2>/dev/null | head -n1) && if [ -e "$kernel" ]; then ln -sf "$kernel" /boot/vmlinuz; fi || true
# this is generally present on rhel based systems, but it doesn't hurt to remove in any case
RUN rm -rf /boot/initramfs-* || true
RUN rm /var/lib/dbus/machine-id || true
RUN rm /etc/hostname || true
# Disable the make-policy service that its on by default on some systemd versions
# it creates a pcrlock.json policy that conflicts with our mesurements when trying to enroll it
RUN if [ "$(which-init.sh)" = "systemd" ]; then \
systemctl disable systemd-pcrlock-make-policy || true; \
systemctl mask systemd-pcrlock-make-policy || true; \
journalctl --vacuum-size=1K || true; \
fi
RUN rm -rf /tmp/*
RUN luet cleanup
RUN rm -rf /var/luet

234
images/Dockerfile.kairos-rhel
View File

@ -1,234 +0,0 @@
# This file is auto-generated with the command: earthly +kairos-dockerfile --FAMILY=rhel
###############################################################
#### ARGS ####
###############################################################
# TARGETARCH is used to determine the architecture of the image, it is already set by Docker so it doesn't need to be defined here
ARG FAMILY=rhel
ARG FLAVOR
ARG FLAVOR_RELEASE
ARG MODEL=generic
ARG BASE_IMAGE
ARG VARIANT
ARG VERSION
ARG FRAMEWORK_VERSION=main
ARG BOOTLOADER=grub
FROM $BASE_IMAGE AS base
RUN echo "install_weak_deps=False" >> /etc/dnf/dnf.conf
# Install packages according to distro
# epel-packages https://docs.fedoraproject.org/en-US/epel/
FROM base AS epel
RUN dnf install -y epel-release && dnf clean all
RUN dnf install -y "https://zfsonlinux.org/epel/zfs-release-2-3$(rpm --eval "%{dist}").noarch.rpm" && dnf clean all
FROM epel AS almalinux
FROM epel AS rockylinux
FROM base AS fedora
# Enable once zfs releases for fedora 40
#RUN dnf install -y "https://zfsonlinux.org/fedora/zfs-release-2-4$(rpm --eval "%{dist}").noarch.rpm" && dnf clean all
# install common packages
FROM ${FLAVOR} AS common
RUN dnf update -y
RUN dnf makecache
RUN dnf install -y \
audit \
cracklib-dicts \
cloud-utils-growpart \
device-mapper \
dosfstools \
dhcp-client \
e2fsprogs \
efibootmgr \
gawk \
gdisk \
haveged \
less \
livecd-tools \
lvm2 \
nano \
openssh-server \
openssh-clients \
parted \
polkit \
qemu-guest-agent \
rsync \
sudo \
systemd \
systemd-networkd \
systemd-resolved \
tar \
which \
&& dnf clean all
FROM common AS grub
RUN dnf install -y \
dracut \
dracut-live \
dracut-network \
dracut-squash \
grub2 \
squashfs-tools \
&& dnf clean all
FROM grub AS grub-amd64
RUN dnf install -y \
grub2-efi-x64 \
grub2-efi-x64-modules \
grub2-pc \
shim-x64 \
&& dnf clean all
FROM grub AS grub-arm64
RUN dnf install -y \
grub2-efi-aa64 \
grub2-efi-aa64-modules \
shim-aa64 \
&& dnf clean all
FROM common AS systemd-boot-arm64
FROM common AS systemd-boot-amd64
FROM ${BOOTLOADER}-${TARGETARCH} AS all
RUN dnf install -y \
kernel \
kernel-modules \
kernel-modules-extra \
&& dnf clean all
RUN mkdir -p /run/lock
RUN touch /usr/libexec/.keep
RUN systemctl enable getty@tty1.service
RUN systemctl enable getty@tty2.service
RUN systemctl enable getty@tty3.service
RUN systemctl enable systemd-networkd
RUN systemctl enable systemd-resolved
RUN systemctl disable dnf-makecache.service
RUN systemctl disable dnf-makecache.timer
RUN systemctl enable sshd
FROM --platform="linux/${TARGETARCH}" quay.io/kairos/framework:${FRAMEWORK_VERSION} AS framework
FROM all AS base-kairos
# Symlinks to make elemental installer work
RUN ORIG=/usr/sbin/grub-install; DEST=/usr/sbin/grub2-install; [ -e $ORIG ] && [ ! -e $DEST ] && ln -s $ORIG $DEST || true
RUN ORIG=/usr/bin/grub-editenv; DEST=/usr/sbin/grub2-editenv; [ -e $ORIG ] && [ ! -e $DEST ] && ln -s $ORIG $DEST || true
# here we add 100Mb aprox
COPY --from=framework / /
RUN rm -rf /etc/ssh/ssh_host_*
COPY which-init.sh /usr/local/bin/which-init.sh
RUN if [ -f "/etc/kairos-release" ]; then sed -i -n '/KAIROS_/!p' /etc/kairos-release; fi
# need to be defined after FROM for them to be replaced in the RUN bellow
ARG HOME_URL="https://github.com/kairos-io/kairos"
ARG BUG_REPORT_URL="https://github.com/kairos-io/kairos/issues"
ARG GITHUB_REPO="kairos-io/kairos"
ARG ID=kairos
ARG REGISTRY_AND_ORG="quay.io/kairos"
ARG RELEASE
ARG FLAVOR
ARG FLAVOR_RELEASE
ARG VARIANT
ARG FAMILY
ARG MODEL
ARG TARGETARCH
ARG SOFTWARE_VERSION
ARG SOFTWARE_VERSION_PREFIX
ARG SOFTWARE_LUET_VERSION=""
RUN rm -rf /etc/machine-id
FROM base-kairos AS kairos-core
FROM base-kairos AS kairos-standard
ARG SOFTWARE_VERSION
LABEL io.kairos.k3s_version="${SOFTWARE_VERSION}"
RUN luet install -y system/provider-kairos
RUN luet install -y "k8s/${SOFTWARE_VERSION_PREFIX}-$(which-init.sh)@${SOFTWARE_LUET_VERSION:-$SOFTWARE_VERSION}" utils/edgevpn utils/k9s utils/nerdctl container/kubectl utils/kube-vip
FROM kairos-${VARIANT} AS kairos-final
ARG BASE_IMAGE
ARG FRAMEWORK_VERSION
ARG RELEASE
ARG FLAVOR
ARG FLAVOR_RELEASE
ARG VARIANT
ARG FAMILY
ARG MODEL
ARG TARGETARCH
ARG SOFTWARE_VERSION
ARG SOFTWARE_VERSION_PREFIX
LABEL org.opencontainers.image.authors="Kairos Maintainers <team@kairos.io>"
LABEL org.opencontainers.image.licenses="Apache-2.0"
LABEL org.opencontainers.image.url="https://github.com/kairos-io/kairos"
LABEL org.opencontainers.image.source="https://github.com/kairos-io/kairos.git"
LABEL io.kairos.base_image="${BASE_IMAGE}"
LABEL io.kairos.variant="${VARIANT}"
LABEL io.kairos.family="${FAMILY}"
LABEL io.kairos.flavor="${FLAVOR}"
LABEL io.kairos.flavor_release="${FLAVOR_RELEASE}"
LABEL io.kairos.model="${MODEL}"
LABEL io.kairos.release="${RELEASE}"
LABEL io.kairos.framework-version="${FRAMEWORK_VERSION}"
LABEL io.kairos.software-version="${SOFTWARE_VERSION}"
LABEL io.kairos.software-version-prefix="${SOFTWARE_VERSION_PREFIX}"
LABEL io.kairos.targetarch="${TARGETARCH}"
RUN kairos-agent versioneer os-release-variables > /etc/kairos-release
RUN kairos-agent versioneer container-artifact-name > /IMAGE
SHELL ["/bin/bash", "-o", "pipefail", "-c"]
RUN luet database get-all-installed --output /etc/kairos/versions.yaml
# TODO what about caches?
RUN kernel=$(ls /lib/modules | head -n1) && depmod -a "${kernel}"
# Set empty machine-id
# This prevents systemd from thinking that the machine is on first boot
# and recreating /etc/ dependencies in services and such
# do this before initramfs so its in the initramfs
RUN printf "" > /etc/machine-id || true
# Regenerate initrd if necessary, proper config files with immucore and custom initrd should already be in there installed by framework
# for systemd distros
RUN if [ -f "/usr/bin/dracut" ]; then \
kernel=$(ls /lib/modules | head -n1) && \
dracut -f "/boot/initrd-${kernel}" "${kernel}" && \
ln -sf "initrd-${kernel}" /boot/initrd; \
fi
# for alpine (openrc based)
RUN if [ -f "/sbin/mkinitfs" ]; then \
kernel=$(ls /lib/modules | head -n1) && \
mkinitfs -o /boot/initrd "${kernel}"; \
fi
# symlink kernel to /boot/vmlinuz
RUN kernel=$(ls /boot/vmlinuz-* 2>/dev/null | head -n1) && if [ -e "$kernel" ]; then ln -sf "$kernel" /boot/vmlinuz; fi || true
RUN kernel=$(ls /boot/Image* 2>/dev/null | head -n1) && if [ -e "$kernel" ]; then ln -sf "$kernel" /boot/vmlinuz; fi || true
# this is generally present on rhel based systems, but it doesn't hurt to remove in any case
RUN rm -rf /boot/initramfs-* || true
RUN rm /var/lib/dbus/machine-id || true
RUN rm /etc/hostname || true
# Disable the make-policy service that its on by default on some systemd versions
# it creates a pcrlock.json policy that conflicts with our mesurements when trying to enroll it
RUN if [ "$(which-init.sh)" = "systemd" ]; then \
systemctl disable systemd-pcrlock-make-policy || true; \
systemctl mask systemd-pcrlock-make-policy || true; \
journalctl --vacuum-size=1K || true; \
fi
RUN rm -rf /tmp/*
RUN luet cleanup
RUN rm -rf /var/luet

493
images/Dockerfile.kairos-ubuntu
View File

@ -1,493 +0,0 @@
# This file is auto-generated with the command: earthly +kairos-dockerfile --FAMILY=ubuntu
###############################################################
#### ARGS ####
###############################################################
# TARGETARCH is used to determine the architecture of the image, it is already set by Docker so it doesn't need to be defined here
ARG FAMILY=ubuntu
# Currently supported flavors are:
# - ubuntu
ARG FLAVOR
# - 24.10
# - 24.04
# - 22.04
# - 20.04
ARG FLAVOR_RELEASE
# Currently supported models are:
# - generic
# - rpi4
# - rpi3
ARG MODEL=generic
ARG BASE_IMAGE
ARG VARIANT
ARG VERSION
ARG FRAMEWORK_VERSION=main
ARG BOOTLOADER=grub
###############################################################
#### Upstream Images ####
###############################################################
FROM ${BASE_IMAGE} AS ubuntu-24.10-upstream
FROM ${BASE_IMAGE} AS ubuntu-24.04-upstream
FROM ${BASE_IMAGE} AS ubuntu-22.04-upstream
FROM ${BASE_IMAGE} AS ubuntu-20.04-upstream
###############################################################
#### build nohang from source ####
###############################################################
# There's an issue between the nohang package provided by
# Ubuntu and the zfsutils-linux package, there is a fix in
# nohang upstream but it's not yet available in the Ubuntu
# package, so we build it from source
FROM ubuntu:22.04 as nohang-src
WORKDIR /root
RUN apt-get update \
&& apt-get install -y --no-install-recommends \
make fakeroot git ca-certificates gnupg
RUN git clone -b master --depth=1 https://github.com/hakavlad/nohang.git \
&& cd nohang \
&& echo > deb/DEBIAN/postinst \
&& deb/build.sh
###############################################################
#### Pre-Process Common to All ####
###############################################################
FROM ${FLAVOR}-${FLAVOR_RELEASE}-upstream AS common
ENV DEBIAN_FRONTEND=noninteractive
RUN apt-get update \
&& apt-get install -y --no-install-recommends \
ca-certificates \
conntrack \
console-data \
cloud-guest-utils \
cryptsetup \
curl \
debianutils \
dosfstools \
e2fsprogs \
fdisk \
file \
gawk \
gdisk \
gettext \
haveged \
iproute2 \
iptables \
iputils-ping \
jq \
krb5-locales \
less \
lvm2 \
nano \
nbd-client \
nfs-common \
open-iscsi \
open-vm-tools \
openssh-server \
parted \
rsync \
sudo \
systemd \
systemd-timesyncd \
systemd-container \
tar \
ubuntu-advantage-tools \
xz-utils \
zstd \
tpm2-tools \
&& apt-get remove -y unattended-upgrades && apt-get clean && rm -rf /var/lib/apt/lists/*
# Install nohang
COPY --from=nohang-src /root/nohang/deb/package.deb /tmp/nohang.deb
RUN apt-get install -y --no-install-recommends /tmp/nohang.deb
RUN rm -rf /tmp/nohang.deb
# This target is aimed at UKI images and avoids to install GRUB and any other unnecesary packages
# to the image because there are limitations on the total size
# systemd-boot is neccesary as it brings the /usr/lib/systemd/systemd-bless-boot for boot assesment
FROM common AS systemd-boot
SHELL ["/bin/bash", "-o", "pipefail", "-c"]
RUN apt-get update && apt-get install -y --no-install-recommends \
iucode-tool \
kmod \
linux-base \
systemd-boot \
&& apt-get remove -y unattended-upgrades && apt-get clean && rm -rf /var/lib/apt/lists/*
# for UKI, install the linux-modules pkg if no modules are found
RUN [ -z "$(ls -A /lib/modules/)" ] && apt-get update && apt-get install -y --no-install-recommends \
"$(apt-cache search linux-modules | grep -oP 'linux-modules-\d+.\d+.\d+-\d+-generic' | sort -V | tail -1)" \
&& apt-get remove -y unattended-upgrades && apt-get clean && rm -rf /var/lib/apt/lists/* || true
# for UKI, install the linux-image pkg if no kernel is found
RUN [ -z "$(ls -A /boot/vmlinuz*)" ] && apt-get update && apt-get install -y --no-install-recommends \
"$(apt-cache search linux-image | grep -oP 'linux-image-\d+.\d+.\d+-\d+-generic' | sort -V | tail -1)" \
&& apt-get remove -y unattended-upgrades && apt-get clean && rm -rf /var/lib/apt/lists/* || true
# This target is aimed at non-UKI images where size is not a concern
FROM common AS grub
RUN apt-get update \
&& apt-get install -y --no-install-recommends \
coreutils \
dracut \
dracut-network \
grub2-common \
kbd \
lldpd \
neovim \
# this brings grub as a dependency
shim-signed \
snmpd \
squashfs-tools \
zfsutils-linux \
&& apt-get remove -y unattended-upgrades && apt-get clean && rm -rf /var/lib/apt/lists/*
FROM systemd-boot AS systemd-boot-amd64
RUN apt-get update \
&& apt-get install -y --no-install-recommends shared-mime-info \
&& apt-get remove -y unattended-upgrades && apt-get clean && rm -rf /var/lib/apt/lists/*
RUN [ -z "$(ls -A /lib/firmware/amd/)" ] && apt-get update && apt-get install -y --no-install-recommends \
&& apt-get install -y --no-install-recommends amd64-microcode \
&& apt-get remove -y unattended-upgrades && apt-get clean && rm -rf /var/lib/apt/lists/* || true
RUN [ -z "$(ls -A /lib/firmware/intel-ucode/)" ] && apt-get update && apt-get install -y --no-install-recommends \
&& apt-get install -y --no-install-recommends intel-microcode \
&& apt-get remove -y unattended-upgrades && apt-get clean && rm -rf /var/lib/apt/lists/* || true
FROM systemd-boot AS systemd-boot-arm64
FROM systemd-boot-amd64 AS systemd-boot-amd64-24.10
FROM systemd-boot-amd64 AS systemd-boot-amd64-24.04
FROM systemd-boot-arm64 AS systemd-boot-arm64-24.10
FROM systemd-boot-arm64 AS systemd-boot-arm64-24.04
FROM grub AS grub-amd64
RUN apt-get update \
&& apt-get install -y --no-install-recommends \
grub2 \
grub-efi-amd64-bin \
grub-efi-amd64-signed \
grub-pc-bin \
&& apt-get remove -y unattended-upgrades && apt-get clean && rm -rf /var/lib/apt/lists/*
FROM grub AS grub-arm64
RUN apt-get update \
&& apt-get install -y --no-install-recommends \
grub-efi-arm64 \
grub-efi-arm64-bin \
grub-efi-arm64-signed \
&& apt-get remove -y unattended-upgrades && apt-get clean && rm -rf /var/lib/apt/lists/*
FROM grub-${TARGETARCH} AS grub-current
RUN apt-get update \
&& apt-get install -y --no-install-recommends \
dracut-live \
&& apt-get remove -y unattended-upgrades && apt-get clean && rm -rf /var/lib/apt/lists/*
FROM grub-${TARGETARCH} AS grub-legacy
FROM grub-current AS grub-amd64-current
FROM grub-current AS grub-arm64-current
FROM grub-legacy AS grub-amd64-legacy
FROM grub-legacy AS grub-arm64-legacy
FROM grub-current AS grub-amd64-24.10
FROM grub-current AS grub-amd64-24.04
FROM grub-current AS grub-amd64-22.04
FROM grub-legacy AS grub-amd64-20.04
FROM grub-current AS grub-arm64-24.10
FROM grub-current AS grub-arm64-24.04
FROM grub-current AS grub-arm64-22.04
FROM grub-legacy AS grub-arm64-20.04
###############################################################
#### Common to a Single Architecture ####
###############################################################
FROM ${BOOTLOADER}-${TARGETARCH}-${FLAVOR_RELEASE} AS amd64
RUN apt-get update \
&& apt-get install -y --no-install-recommends \
dmsetup \
efibootmgr \
isc-dhcp-common \
mdadm \
ncurses-term \
networkd-dispatcher \
packagekit-tools \
publicsuffix \
thermald \
xdg-user-dirs \
xxd \
zerofree \
&& apt-get clean && rm -rf /var/lib/apt/lists/*
FROM ${BOOTLOADER}-${TARGETARCH}-${FLAVOR_RELEASE} AS arm64
RUN apt-get update \
&& apt-get install -y --no-install-recommends \
keyutils \
&& apt-get clean && rm -rf /var/lib/apt/lists/*
###############################################################
#### Common to an Arch and Flavor ####
###############################################################
FROM ${TARGETARCH} AS base-ubuntu-legacy
RUN apt-get update && apt-get install -y --no-install-recommends \
file \
fuse \
patch \
policykit-1 \
&& apt-get clean && rm -rf /var/lib/apt/lists/*
FROM ${TARGETARCH} AS base-ubuntu-current
RUN apt-get update && apt-get install -y --no-install-recommends \
firmware-sof-signed \
fuse3 \
pigz \
polkitd \
&& apt-get clean && rm -rf /var/lib/apt/lists/*
FROM base-ubuntu-current AS kernel-ubuntu-current
RUN apt-get update
# If a kernel is already installed, don't try to install it again, this way the base image can
# be non-hwe for older releases
RUN [ -z "$(ls -A /boot/vmlinuz*)" ] && apt-get install -y --no-install-recommends \
linux-image-generic-hwe-24.04 || true
RUN apt-get clean && rm -rf /var/lib/apt/lists/*
FROM kernel-ubuntu-current AS kernel-ubuntu-24.10
FROM kernel-ubuntu-current AS kernel-ubuntu-24.04
FROM base-ubuntu-current AS kernel-ubuntu-22.04
RUN apt-get update
# If a kernel is already installed, don't try to install it again, this way the base image can
# be non-hwe for older releases
RUN [ -z "$(ls -A /boot/vmlinuz*)" ] && apt-get install -y --no-install-recommends \
linux-image-generic-hwe-22.04 || true
RUN apt-get clean && rm -rf /var/lib/apt/lists/*
FROM base-ubuntu-legacy AS kernel-ubuntu-20.04
# If a kernel is already installed, don't try to install it again, this way the base image can
# be non-hwe for older releases
RUN apt-get update
RUN [ -z "$(ls -A /boot/vmlinuz*)" ] && apt-get install -y --no-install-recommends \
linux-image-generic-hwe-20.04 || true
RUN apt-get clean && rm -rf /var/lib/apt/lists/*
FROM kernel-ubuntu-24.10 AS amd64-ubuntu-24.10
FROM kernel-ubuntu-24.04 AS amd64-ubuntu-24.04
FROM kernel-ubuntu-22.04 AS amd64-ubuntu-22.04
FROM kernel-ubuntu-20.04 AS amd64-ubuntu-20.04
FROM kernel-ubuntu-24.10 AS arm64-ubuntu-24.10
FROM kernel-ubuntu-24.04 AS arm64-ubuntu-24.04
FROM kernel-ubuntu-22.04 AS arm64-ubuntu-22.04
FROM kernel-ubuntu-20.04 AS arm64-ubuntu-20.04
###############################################################
#### Common to a Single Model ####
###############################################################
FROM ${TARGETARCH}-${FLAVOR}-${FLAVOR_RELEASE} AS generic
RUN apt-get update && apt-get install -y --no-install-recommends \
linux-base \
qemu-guest-agent \
&& apt-get clean && rm -rf /var/lib/apt/lists/*
FROM arm64-${FLAVOR}-${FLAVOR_RELEASE} AS rpicommon
RUN apt-get update && apt-get install -y --no-install-recommends \
linux-raspi \
&& apt-get clean && rm -rf /var/lib/apt/lists/*
COPY rpi/config.txt /boot/config.txt
FROM rpicommon AS ubuntu-20.04-rpi
RUN apt-get update && apt-get install -y --no-install-recommends \
linux-firmware-raspi2 \
&& apt-get clean && rm -rf /var/lib/apt/lists/*
FROM rpicommon AS ubuntu-22.04-rpi
RUN apt-get update && apt-get install -y --no-install-recommends \
linux-firmware-raspi \
linux-modules-extra-raspi \
&& apt-get clean && rm -rf /var/lib/apt/lists/*
FROM generic AS amd64-ubuntu-24.10-generic
FROM generic AS amd64-ubuntu-24.04-generic
FROM generic AS amd64-ubuntu-22.04-generic
FROM generic AS amd64-ubuntu-20.04-generic
FROM generic AS arm64-ubuntu-24.10-generic
FROM generic AS arm64-ubuntu-24.04-generic
FROM ubuntu-22.04-rpi AS arm64-ubuntu-24.04-rpi4
FROM ubuntu-22.04-rpi AS arm64-ubuntu-22.04-rpi3
FROM ubuntu-22.04-rpi AS arm64-ubuntu-22.04-rpi4
FROM ubuntu-20.04-rpi AS arm64-ubuntu-20.04-rpi3
FROM ubuntu-20.04-rpi AS arm64-ubuntu-20.04-rpi4
FROM generic AS arm64-ubuntu-22.04-nvidia-jetson-agx-orin
###############################################################
#### Common to a Single Flavor ####
###############################################################
FROM ${TARGETARCH}-${FLAVOR}-${FLAVOR_RELEASE}-${MODEL} AS ubuntu-latest
RUN apt-get update \
&& apt-get install -y --no-install-recommends \
dbus-user-session \
pkg-config \
systemd-hwe-hwdb \
systemd-resolved \
&& apt-get clean && rm -rf /var/lib/apt/lists/*
FROM ubuntu-latest AS ubuntu-latest-selinux
RUN apt-get update \
&& apt-get install -y --no-install-recommends \
isc-dhcp-common \
isc-dhcp-client \
selinux-utils \
selinux-basics \
selinux-policy-default \
&& apt-get clean && rm -rf /var/lib/apt/lists/*
FROM ubuntu-latest-selinux AS ubuntu-24.10
FROM ubuntu-latest-selinux AS ubuntu-24.04
FROM ${TARGETARCH}-${FLAVOR}-${FLAVOR_RELEASE}-${MODEL} AS ubuntu-legacy
FROM ubuntu-legacy AS ubuntu-22.04
RUN apt-get update
# If the generic kernel is installed we don't want to install HWE related packages
SHELL ["/bin/bash", "-o", "pipefail", "-c"]
RUN apt-cache search linux-image-generic | grep hwe &> /dev/null && apt-get install -y --no-install-recommends \
systemd-hwe-hwdb
RUN apt-get clean && rm -rf /var/lib/apt/lists/*
FROM ubuntu-legacy AS ubuntu-20.04
###############################################################
#### Post-Process Common to All ####
###############################################################
FROM ${FLAVOR}-${FLAVOR_RELEASE} AS all
RUN systemctl enable systemd-networkd
RUN systemctl enable ssh
# Fixup sudo perms
RUN chown root:root /usr/bin/sudo && chmod 4755 /usr/bin/sudo
FROM --platform="linux/${TARGETARCH}" quay.io/kairos/framework:${FRAMEWORK_VERSION} AS framework
FROM all AS base-kairos
# Symlinks to make elemental installer work
RUN ORIG=/usr/sbin/grub-install; DEST=/usr/sbin/grub2-install; [ -e $ORIG ] && [ ! -e $DEST ] && ln -s $ORIG $DEST || true
RUN ORIG=/usr/bin/grub-editenv; DEST=/usr/sbin/grub2-editenv; [ -e $ORIG ] && [ ! -e $DEST ] && ln -s $ORIG $DEST || true
# here we add 100Mb aprox
COPY --from=framework / /
RUN rm -rf /etc/ssh/ssh_host_*
COPY which-init.sh /usr/local/bin/which-init.sh
RUN if [ -f "/etc/kairos-release" ]; then sed -i -n '/KAIROS_/!p' /etc/kairos-release; fi
# need to be defined after FROM for them to be replaced in the RUN bellow
ARG HOME_URL="https://github.com/kairos-io/kairos"
ARG BUG_REPORT_URL="https://github.com/kairos-io/kairos/issues"
ARG GITHUB_REPO="kairos-io/kairos"
ARG ID=kairos
ARG REGISTRY_AND_ORG="quay.io/kairos"
ARG RELEASE
ARG FLAVOR
ARG FLAVOR_RELEASE
ARG VARIANT
ARG FAMILY
ARG MODEL
ARG TARGETARCH
ARG SOFTWARE_VERSION
ARG SOFTWARE_VERSION_PREFIX
ARG SOFTWARE_LUET_VERSION=""
RUN rm -rf /etc/machine-id
FROM base-kairos AS kairos-core
FROM base-kairos AS kairos-standard
ARG SOFTWARE_VERSION
LABEL io.kairos.k3s_version="${SOFTWARE_VERSION}"
RUN luet install -y system/provider-kairos
RUN luet install -y "k8s/${SOFTWARE_VERSION_PREFIX}-$(which-init.sh)@${SOFTWARE_LUET_VERSION:-$SOFTWARE_VERSION}" utils/edgevpn utils/k9s utils/nerdctl container/kubectl utils/kube-vip
FROM kairos-${VARIANT} AS kairos-final
ARG BASE_IMAGE
ARG FRAMEWORK_VERSION
ARG RELEASE
ARG FLAVOR
ARG FLAVOR_RELEASE
ARG VARIANT
ARG FAMILY
ARG MODEL
ARG TARGETARCH
ARG SOFTWARE_VERSION
ARG SOFTWARE_VERSION_PREFIX
LABEL org.opencontainers.image.authors="Kairos Maintainers <team@kairos.io>"
LABEL org.opencontainers.image.licenses="Apache-2.0"
LABEL org.opencontainers.image.url="https://github.com/kairos-io/kairos"
LABEL org.opencontainers.image.source="https://github.com/kairos-io/kairos.git"
LABEL io.kairos.base_image="${BASE_IMAGE}"
LABEL io.kairos.variant="${VARIANT}"
LABEL io.kairos.family="${FAMILY}"
LABEL io.kairos.flavor="${FLAVOR}"
LABEL io.kairos.flavor_release="${FLAVOR_RELEASE}"
LABEL io.kairos.model="${MODEL}"
LABEL io.kairos.release="${RELEASE}"
LABEL io.kairos.framework-version="${FRAMEWORK_VERSION}"
LABEL io.kairos.software-version="${SOFTWARE_VERSION}"
LABEL io.kairos.software-version-prefix="${SOFTWARE_VERSION_PREFIX}"
LABEL io.kairos.targetarch="${TARGETARCH}"
RUN kairos-agent versioneer os-release-variables > /etc/kairos-release
RUN kairos-agent versioneer container-artifact-name > /IMAGE
SHELL ["/bin/bash", "-o", "pipefail", "-c"]
RUN luet database get-all-installed --output /etc/kairos/versions.yaml
# TODO what about caches?
RUN kernel=$(ls /lib/modules | head -n1) && depmod -a "${kernel}"
# Set empty machine-id
# This prevents systemd from thinking that the machine is on first boot
# and recreating /etc/ dependencies in services and such
# do this before initramfs so its in the initramfs
RUN printf "" > /etc/machine-id || true
# Regenerate initrd if necessary, proper config files with immucore and custom initrd should already be in there installed by framework
# for systemd distros
RUN if [ -f "/usr/bin/dracut" ]; then \
kernel=$(ls /lib/modules | head -n1) && \
dracut -f "/boot/initrd-${kernel}" "${kernel}" && \
ln -sf "initrd-${kernel}" /boot/initrd; \
fi
# for alpine (openrc based)
RUN if [ -f "/sbin/mkinitfs" ]; then \
kernel=$(ls /lib/modules | head -n1) && \
mkinitfs -o /boot/initrd "${kernel}"; \
fi
# symlink kernel to /boot/vmlinuz
RUN kernel=$(ls /boot/vmlinuz-* 2>/dev/null | head -n1) && if [ -e "$kernel" ]; then ln -sf "$kernel" /boot/vmlinuz; fi || true
RUN kernel=$(ls /boot/Image* 2>/dev/null | head -n1) && if [ -e "$kernel" ]; then ln -sf "$kernel" /boot/vmlinuz; fi || true
# this is generally present on rhel based systems, but it doesn't hurt to remove in any case
RUN rm -rf /boot/initramfs-* || true
RUN rm /var/lib/dbus/machine-id || true
RUN rm /etc/hostname || true
# Disable the make-policy service that its on by default on some systemd versions
# it creates a pcrlock.json policy that conflicts with our mesurements when trying to enroll it
RUN if [ "$(which-init.sh)" = "systemd" ]; then \
systemctl disable systemd-pcrlock-make-policy || true; \
systemctl mask systemd-pcrlock-make-policy || true; \
journalctl --vacuum-size=1K || true; \
fi
RUN rm -rf /tmp/*
RUN luet cleanup
RUN rm -rf /var/luet

161
images/Dockerfile.opensuse
View File

@ -1,161 +0,0 @@
# WARNING: This is a base image used internally for Kairos, it is not meant to be built directly, use the images/Dockerfile.kairos-* files instead
###############################################################
#### ARGS ####
###############################################################
# WARNING: While some of the ARGs are not used in this file, they are used in the images/Dockerfile.kairos-* files
# TARGETARCH is used to determine the architecture of the image, it is already set by Docker so it doesn't need to be defined here
ARG FAMILY=opensuse
ARG FLAVOR
ARG FLAVOR_RELEASE
ARG MODEL=generic
ARG BASE_IMAGE
ARG VARIANT
ARG VERSION
ARG FRAMEWORK_VERSION=main
FROM $BASE_IMAGE AS base
FROM base AS leap-15.6-repo
RUN zypper ar -G https://download.opensuse.org/repositories/utilities/15.6/utilities.repo || true && \
zypper ref
FROM base AS tumbleweed-repo-amd64
RUN zypper removerepo repo-openh264 && \
zypper ref
FROM base AS tumbleweed-repo-arm64
RUN zypper ar https://download.opensuse.org/ports/aarch64/tumbleweed/repo/oss/ aarch64 || true && \
zypper ref
FROM tumbleweed-repo-${TARGETARCH} AS tumbleweed-repo
RUN zypper ar -G https://download.opensuse.org/repositories/utilities/openSUSE_Factory/utilities.repo || true && \
zypper ref
FROM ${FLAVOR_RELEASE}-repo AS common
RUN zypper in --force-resolution -y \
bash-completion \
conntrack-tools \
cryptsetup \
coreutils \
curl \
device-mapper \
dhcp-client \
dosfstools \
dracut \
e2fsprogs \
fail2ban \
findutils \
gawk \
growpart \
gptfdisk \
haveged \
htop \
iproute2 \
iptables \
iputils \
issue-generator \
jq \
less \
logrotate \
lsscsi \
lvm2 \
mdadm \
multipath-tools \
nano \
nfs-utils \
nohang \
open-iscsi \
openssh \
open-vm-tools \
parted \
pigz \
policycoreutils \
polkit \
procps \
rsync \
shim \
squashfs \
strace \
sudo \
systemd \
systemd-network \
tar \
timezone \
tmux \
vim \
which \
tpm2* \
&& zypper cc
FROM common as amd64
RUN zypper in --force-resolution -y \
grub2-i386-pc \
grub2-x86_64-efi \
kernel-firmware-all \
nethogs \
patch \
systemd-sysvinit \
&& zypper cc
FROM common as arm64
RUN zypper in --force-resolution -y \
bcm43xx-firmware \
grub2-arm64-efi \
iw \
kernel-firmware-ath10k \
kernel-firmware-ath11k \
kernel-firmware-atheros \
kernel-firmware-bluetooth \
kernel-firmware-brcm \
kernel-firmware-iwlwifi \
kernel-firmware-network \
kernel-firmware-realtek \
kernel-firmware-serial \
kernel-firmware-usb-network \
nethogs \
&& zypper cc
###############################################################
#### Model ####
###############################################################
FROM ${TARGETARCH} AS generic
RUN zypper in --force-resolution -y \
lldpd \
qemu-guest-agent \
&& zypper cc
FROM ${TARGETARCH} AS rpicommon
RUN zypper in --force-resolution -y \
raspberrypi-eeprom \
raspberrypi-firmware \
raspberrypi-firmware-dt \
sysconfig \
sysconfig-netconfig \
sysvinit-tools \
wireless-tools \
wpa_supplicant \
&& zypper cc
COPY rpi/config.txt /boot/config.txt
FROM rpicommon AS rpi-leap-15.6
# somehow these two are needed in leap
RUN zypper in --force-resolution -y \
grub2-i386-pc \
grub2-x86_64-efi \
&& zypper cc
FROM rpicommon AS rpi-tumbleweed
FROM rpi-${FLAVOR_RELEASE} AS rpi3
FROM rpi-${FLAVOR_RELEASE} AS rpi4
###############################################################
#### Post-Process Common to All ####
###############################################################
FROM ${MODEL} AS all
# Not sure why but if I install kernel-defult at the common stage, it doesn't populate /boot so it's done here. Should
# be investigated further.
RUN zypper in --force-resolution -y \
kernel-default \
&& zypper cc

112
images/Dockerfile.rhel
View File

@ -1,112 +0,0 @@
# WARNING: This is a base image used internally for Kairos, it is not meant to be built directly, use the images/Dockerfile.kairos-* files instead
###############################################################
#### ARGS ####
###############################################################
# WARNING: While some of the ARGs are not used in this file, they are used in the images/Dockerfile.kairos-* files
# TARGETARCH is used to determine the architecture of the image, it is already set by Docker so it doesn't need to be defined here
ARG FAMILY=rhel
ARG FLAVOR
ARG FLAVOR_RELEASE
ARG MODEL=generic
ARG BASE_IMAGE
ARG VARIANT
ARG VERSION
ARG FRAMEWORK_VERSION=main
ARG BOOTLOADER=grub
FROM $BASE_IMAGE AS base
RUN echo "install_weak_deps=False" >> /etc/dnf/dnf.conf
# Install packages according to distro
# epel-packages https://docs.fedoraproject.org/en-US/epel/
FROM base AS epel
RUN dnf install -y epel-release && dnf clean all
RUN dnf install -y "https://zfsonlinux.org/epel/zfs-release-2-3$(rpm --eval "%{dist}").noarch.rpm" && dnf clean all
FROM epel AS almalinux
FROM epel AS rockylinux
FROM base AS fedora
# Enable once zfs releases for fedora 40
#RUN dnf install -y "https://zfsonlinux.org/fedora/zfs-release-2-4$(rpm --eval "%{dist}").noarch.rpm" && dnf clean all
# install common packages
FROM ${FLAVOR} AS common
RUN dnf update -y
RUN dnf makecache
RUN dnf install -y \
audit \
cracklib-dicts \
cloud-utils-growpart \
device-mapper \
dosfstools \
dhcp-client \
e2fsprogs \
efibootmgr \
gawk \
gdisk \
haveged \
less \
livecd-tools \
lvm2 \
nano \
openssh-server \
openssh-clients \
parted \
polkit \
qemu-guest-agent \
rsync \
sudo \
systemd \
systemd-networkd \
systemd-resolved \
tar \
which \
&& dnf clean all
FROM common AS grub
RUN dnf install -y \
dracut \
dracut-live \
dracut-network \
dracut-squash \
grub2 \
squashfs-tools \
&& dnf clean all
FROM grub AS grub-amd64
RUN dnf install -y \
grub2-efi-x64 \
grub2-efi-x64-modules \
grub2-pc \
shim-x64 \
&& dnf clean all
FROM grub AS grub-arm64
RUN dnf install -y \
grub2-efi-aa64 \
grub2-efi-aa64-modules \
shim-aa64 \
&& dnf clean all
FROM common AS systemd-boot-arm64
FROM common AS systemd-boot-amd64
FROM ${BOOTLOADER}-${TARGETARCH} AS all
RUN dnf install -y \
kernel \
kernel-modules \
kernel-modules-extra \
&& dnf clean all
RUN mkdir -p /run/lock
RUN touch /usr/libexec/.keep
RUN systemctl enable getty@tty1.service
RUN systemctl enable getty@tty2.service
RUN systemctl enable getty@tty3.service
RUN systemctl enable systemd-networkd
RUN systemctl enable systemd-resolved
RUN systemctl disable dnf-makecache.service
RUN systemctl disable dnf-makecache.timer
RUN systemctl enable sshd

371
images/Dockerfile.ubuntu
View File

@ -1,371 +0,0 @@
# WARNING: This is a base image used internally for Kairos, it is not meant to be built directly, use the images/Dockerfile.kairos-* files instead
###############################################################
#### ARGS ####
###############################################################
# WARNING: While some of the ARGs are not used in this file, they are used in the images/Dockerfile.kairos-* files
# TARGETARCH is used to determine the architecture of the image, it is already set by Docker so it doesn't need to be defined here
ARG FAMILY=ubuntu
# Currently supported flavors are:
# - ubuntu
ARG FLAVOR
# - 24.10
# - 24.04
# - 22.04
# - 20.04
ARG FLAVOR_RELEASE
# Currently supported models are:
# - generic
# - rpi4
# - rpi3
ARG MODEL=generic
ARG BASE_IMAGE
ARG VARIANT
ARG VERSION
ARG FRAMEWORK_VERSION=main
ARG BOOTLOADER=grub
###############################################################
#### Upstream Images ####
###############################################################
FROM ${BASE_IMAGE} AS ubuntu-24.10-upstream
FROM ${BASE_IMAGE} AS ubuntu-24.04-upstream
FROM ${BASE_IMAGE} AS ubuntu-22.04-upstream
FROM ${BASE_IMAGE} AS ubuntu-20.04-upstream
###############################################################
#### build nohang from source ####
###############################################################
# There's an issue between the nohang package provided by
# Ubuntu and the zfsutils-linux package, there is a fix in
# nohang upstream but it's not yet available in the Ubuntu
# package, so we build it from source
FROM ubuntu:22.04 as nohang-src
WORKDIR /root
RUN apt-get update \
&& apt-get install -y --no-install-recommends \
make fakeroot git ca-certificates gnupg
RUN git clone -b master --depth=1 https://github.com/hakavlad/nohang.git \
&& cd nohang \
&& echo > deb/DEBIAN/postinst \
&& deb/build.sh
###############################################################
#### Pre-Process Common to All ####
###############################################################
FROM ${FLAVOR}-${FLAVOR_RELEASE}-upstream AS common
ENV DEBIAN_FRONTEND=noninteractive
RUN apt-get update \
&& apt-get install -y --no-install-recommends \
ca-certificates \
conntrack \
console-data \
cloud-guest-utils \
cryptsetup \
curl \
debianutils \
dosfstools \
e2fsprogs \
fdisk \
file \
gawk \
gdisk \
gettext \
haveged \
iproute2 \
iptables \
iputils-ping \
jq \
krb5-locales \
less \
lvm2 \
nano \
nbd-client \
nfs-common \
open-iscsi \
open-vm-tools \
openssh-server \
parted \
rsync \
sudo \
systemd \
systemd-timesyncd \
systemd-container \
tar \
ubuntu-advantage-tools \
xz-utils \
zstd \
tpm2-tools \
&& apt-get remove -y unattended-upgrades && apt-get clean && rm -rf /var/lib/apt/lists/*
# Install nohang
COPY --from=nohang-src /root/nohang/deb/package.deb /tmp/nohang.deb
RUN apt-get install -y --no-install-recommends /tmp/nohang.deb
RUN rm -rf /tmp/nohang.deb
# This target is aimed at UKI images and avoids to install GRUB and any other unnecesary packages
# to the image because there are limitations on the total size
# systemd-boot is neccesary as it brings the /usr/lib/systemd/systemd-bless-boot for boot assesment
FROM common AS systemd-boot
SHELL ["/bin/bash", "-o", "pipefail", "-c"]
RUN apt-get update && apt-get install -y --no-install-recommends \
iucode-tool \
kmod \
linux-base \
systemd-boot \
&& apt-get remove -y unattended-upgrades && apt-get clean && rm -rf /var/lib/apt/lists/*
# for UKI, install the linux-modules pkg if no modules are found
RUN [ -z "$(ls -A /lib/modules/)" ] && apt-get update && apt-get install -y --no-install-recommends \
"$(apt-cache search linux-modules | grep -oP 'linux-modules-\d+.\d+.\d+-\d+-generic' | sort -V | tail -1)" \
&& apt-get remove -y unattended-upgrades && apt-get clean && rm -rf /var/lib/apt/lists/* || true
# for UKI, install the linux-image pkg if no kernel is found
RUN [ -z "$(ls -A /boot/vmlinuz*)" ] && apt-get update && apt-get install -y --no-install-recommends \
"$(apt-cache search linux-image | grep -oP 'linux-image-\d+.\d+.\d+-\d+-generic' | sort -V | tail -1)" \
&& apt-get remove -y unattended-upgrades && apt-get clean && rm -rf /var/lib/apt/lists/* || true
# This target is aimed at non-UKI images where size is not a concern
FROM common AS grub
RUN apt-get update \
&& apt-get install -y --no-install-recommends \
coreutils \
dracut \
dracut-network \
grub2-common \
kbd \
lldpd \
neovim \
# this brings grub as a dependency
shim-signed \
snmpd \
squashfs-tools \
zfsutils-linux \
&& apt-get remove -y unattended-upgrades && apt-get clean && rm -rf /var/lib/apt/lists/*
FROM systemd-boot AS systemd-boot-amd64
RUN apt-get update \
&& apt-get install -y --no-install-recommends shared-mime-info \
&& apt-get remove -y unattended-upgrades && apt-get clean && rm -rf /var/lib/apt/lists/*
RUN [ -z "$(ls -A /lib/firmware/amd/)" ] && apt-get update && apt-get install -y --no-install-recommends \
&& apt-get install -y --no-install-recommends amd64-microcode \
&& apt-get remove -y unattended-upgrades && apt-get clean && rm -rf /var/lib/apt/lists/* || true
RUN [ -z "$(ls -A /lib/firmware/intel-ucode/)" ] && apt-get update && apt-get install -y --no-install-recommends \
&& apt-get install -y --no-install-recommends intel-microcode \
&& apt-get remove -y unattended-upgrades && apt-get clean && rm -rf /var/lib/apt/lists/* || true
FROM systemd-boot AS systemd-boot-arm64
FROM systemd-boot-amd64 AS systemd-boot-amd64-24.10
FROM systemd-boot-amd64 AS systemd-boot-amd64-24.04
FROM systemd-boot-arm64 AS systemd-boot-arm64-24.10
FROM systemd-boot-arm64 AS systemd-boot-arm64-24.04
FROM grub AS grub-amd64
RUN apt-get update \
&& apt-get install -y --no-install-recommends \
grub2 \
grub-efi-amd64-bin \
grub-efi-amd64-signed \
grub-pc-bin \
&& apt-get remove -y unattended-upgrades && apt-get clean && rm -rf /var/lib/apt/lists/*
FROM grub AS grub-arm64
RUN apt-get update \
&& apt-get install -y --no-install-recommends \
grub-efi-arm64 \
grub-efi-arm64-bin \
grub-efi-arm64-signed \
&& apt-get remove -y unattended-upgrades && apt-get clean && rm -rf /var/lib/apt/lists/*
FROM grub-${TARGETARCH} AS grub-current
RUN apt-get update \
&& apt-get install -y --no-install-recommends \
dracut-live \
&& apt-get remove -y unattended-upgrades && apt-get clean && rm -rf /var/lib/apt/lists/*
FROM grub-${TARGETARCH} AS grub-legacy
FROM grub-current AS grub-amd64-current
FROM grub-current AS grub-arm64-current
FROM grub-legacy AS grub-amd64-legacy
FROM grub-legacy AS grub-arm64-legacy
FROM grub-current AS grub-amd64-24.10
FROM grub-current AS grub-amd64-24.04
FROM grub-current AS grub-amd64-22.04
FROM grub-legacy AS grub-amd64-20.04
FROM grub-current AS grub-arm64-24.10
FROM grub-current AS grub-arm64-24.04
FROM grub-current AS grub-arm64-22.04
FROM grub-legacy AS grub-arm64-20.04
###############################################################
#### Common to a Single Architecture ####
###############################################################
FROM ${BOOTLOADER}-${TARGETARCH}-${FLAVOR_RELEASE} AS amd64
RUN apt-get update \
&& apt-get install -y --no-install-recommends \
dmsetup \
efibootmgr \
isc-dhcp-common \
mdadm \
ncurses-term \
networkd-dispatcher \
packagekit-tools \
publicsuffix \
thermald \
xdg-user-dirs \
xxd \
zerofree \
&& apt-get clean && rm -rf /var/lib/apt/lists/*
FROM ${BOOTLOADER}-${TARGETARCH}-${FLAVOR_RELEASE} AS arm64
RUN apt-get update \
&& apt-get install -y --no-install-recommends \
keyutils \
&& apt-get clean && rm -rf /var/lib/apt/lists/*
###############################################################
#### Common to an Arch and Flavor ####
###############################################################
FROM ${TARGETARCH} AS base-ubuntu-legacy
RUN apt-get update && apt-get install -y --no-install-recommends \
file \
fuse \
patch \
policykit-1 \
&& apt-get clean && rm -rf /var/lib/apt/lists/*
FROM ${TARGETARCH} AS base-ubuntu-current
RUN apt-get update && apt-get install -y --no-install-recommends \
firmware-sof-signed \
fuse3 \
pigz \
polkitd \
&& apt-get clean && rm -rf /var/lib/apt/lists/*
FROM base-ubuntu-current AS kernel-ubuntu-current
RUN apt-get update
# If a kernel is already installed, don't try to install it again, this way the base image can
# be non-hwe for older releases
RUN [ -z "$(ls -A /boot/vmlinuz*)" ] && apt-get install -y --no-install-recommends \
linux-image-generic-hwe-24.04 || true
RUN apt-get clean && rm -rf /var/lib/apt/lists/*
FROM kernel-ubuntu-current AS kernel-ubuntu-24.10
FROM kernel-ubuntu-current AS kernel-ubuntu-24.04
FROM base-ubuntu-current AS kernel-ubuntu-22.04
RUN apt-get update
# If a kernel is already installed, don't try to install it again, this way the base image can
# be non-hwe for older releases
RUN [ -z "$(ls -A /boot/vmlinuz*)" ] && apt-get install -y --no-install-recommends \
linux-image-generic-hwe-22.04 || true
RUN apt-get clean && rm -rf /var/lib/apt/lists/*
FROM base-ubuntu-legacy AS kernel-ubuntu-20.04
# If a kernel is already installed, don't try to install it again, this way the base image can
# be non-hwe for older releases
RUN apt-get update
RUN [ -z "$(ls -A /boot/vmlinuz*)" ] && apt-get install -y --no-install-recommends \
linux-image-generic-hwe-20.04 || true
RUN apt-get clean && rm -rf /var/lib/apt/lists/*
FROM kernel-ubuntu-24.10 AS amd64-ubuntu-24.10
FROM kernel-ubuntu-24.04 AS amd64-ubuntu-24.04
FROM kernel-ubuntu-22.04 AS amd64-ubuntu-22.04
FROM kernel-ubuntu-20.04 AS amd64-ubuntu-20.04
FROM kernel-ubuntu-24.10 AS arm64-ubuntu-24.10
FROM kernel-ubuntu-24.04 AS arm64-ubuntu-24.04
FROM kernel-ubuntu-22.04 AS arm64-ubuntu-22.04
FROM kernel-ubuntu-20.04 AS arm64-ubuntu-20.04
###############################################################
#### Common to a Single Model ####
###############################################################
FROM ${TARGETARCH}-${FLAVOR}-${FLAVOR_RELEASE} AS generic
RUN apt-get update && apt-get install -y --no-install-recommends \
linux-base \
qemu-guest-agent \
&& apt-get clean && rm -rf /var/lib/apt/lists/*
FROM arm64-${FLAVOR}-${FLAVOR_RELEASE} AS rpicommon
RUN apt-get update && apt-get install -y --no-install-recommends \
linux-raspi \
&& apt-get clean && rm -rf /var/lib/apt/lists/*
COPY rpi/config.txt /boot/config.txt
FROM rpicommon AS ubuntu-20.04-rpi
RUN apt-get update && apt-get install -y --no-install-recommends \
linux-firmware-raspi2 \
&& apt-get clean && rm -rf /var/lib/apt/lists/*
FROM rpicommon AS ubuntu-22.04-rpi
RUN apt-get update && apt-get install -y --no-install-recommends \
linux-firmware-raspi \
linux-modules-extra-raspi \
&& apt-get clean && rm -rf /var/lib/apt/lists/*
FROM generic AS amd64-ubuntu-24.10-generic
FROM generic AS amd64-ubuntu-24.04-generic
FROM generic AS amd64-ubuntu-22.04-generic
FROM generic AS amd64-ubuntu-20.04-generic
FROM generic AS arm64-ubuntu-24.10-generic
FROM generic AS arm64-ubuntu-24.04-generic
FROM ubuntu-22.04-rpi AS arm64-ubuntu-24.04-rpi4
FROM ubuntu-22.04-rpi AS arm64-ubuntu-22.04-rpi3
FROM ubuntu-22.04-rpi AS arm64-ubuntu-22.04-rpi4
FROM ubuntu-20.04-rpi AS arm64-ubuntu-20.04-rpi3
FROM ubuntu-20.04-rpi AS arm64-ubuntu-20.04-rpi4
FROM generic AS arm64-ubuntu-22.04-nvidia-jetson-agx-orin
###############################################################
#### Common to a Single Flavor ####
###############################################################
FROM ${TARGETARCH}-${FLAVOR}-${FLAVOR_RELEASE}-${MODEL} AS ubuntu-latest
RUN apt-get update \
&& apt-get install -y --no-install-recommends \
dbus-user-session \
pkg-config \
systemd-hwe-hwdb \
systemd-resolved \
&& apt-get clean && rm -rf /var/lib/apt/lists/*
FROM ubuntu-latest AS ubuntu-latest-selinux
RUN apt-get update \
&& apt-get install -y --no-install-recommends \
isc-dhcp-common \
isc-dhcp-client \
selinux-utils \
selinux-basics \
selinux-policy-default \
&& apt-get clean && rm -rf /var/lib/apt/lists/*
FROM ubuntu-latest-selinux AS ubuntu-24.10
FROM ubuntu-latest-selinux AS ubuntu-24.04
FROM ${TARGETARCH}-${FLAVOR}-${FLAVOR_RELEASE}-${MODEL} AS ubuntu-legacy
FROM ubuntu-legacy AS ubuntu-22.04
RUN apt-get update
# If the generic kernel is installed we don't want to install HWE related packages
SHELL ["/bin/bash", "-o", "pipefail", "-c"]
RUN apt-cache search linux-image-generic | grep hwe &> /dev/null && apt-get install -y --no-install-recommends \
systemd-hwe-hwdb
RUN apt-get clean && rm -rf /var/lib/apt/lists/*
FROM ubuntu-legacy AS ubuntu-20.04
###############################################################
#### Post-Process Common to All ####
###############################################################
FROM ${FLAVOR}-${FLAVOR_RELEASE} AS all
RUN systemctl enable systemd-networkd
RUN systemctl enable ssh
# Fixup sudo perms
RUN chown root:root /usr/bin/sudo && chmod 4755 /usr/bin/sudo

28
images/dracut-broken-iscsi-ubuntu-20.patch
View File

@ -1,28 +0,0 @@
diff --git a/module-setup.sh b/module-setup.sh
index 59ea5e089..fe40547d1 100755
--- a/module-setup.sh
+++ b/module-setup.sh
@@ -265,6 +265,23 @@ install() {
echo "After=dracut-cmdline.service"
echo "Before=dracut-initqueue.service"
) > "${initdir}/$systemdsystemunitdir/iscsid.service.d/dracut.conf"
+
+ # The iscsi deamon does not need to wait for any storage inside initrd
+ mkdir -p "${initdir}/$systemdsystemunitdir/iscsid.socket.d"
+ (
+ echo "[Unit]"
+ echo "DefaultDependencies=no"
+ echo "Conflicts=shutdown.target"
+ echo "Before=shutdown.target sockets.target"
+ ) > "${initdir}/$systemdsystemunitdir/iscsid.socket.d/dracut.conf"
+ mkdir -p "${initdir}/$systemdsystemunitdir/iscsuio.socket.d"
+ (
+ echo "[Unit]"
+ echo "DefaultDependencies=no"
+ echo "Conflicts=shutdown.target"
+ echo "Before=shutdown.target sockets.target"
+ ) > "${initdir}/$systemdsystemunitdir/iscsuio.socket.d/dracut.conf"
+
fi
inst_dir /var/lib/iscsi
dracut_need_initqueue

9
images/rpi/config.txt
View File

@ -1,9 +0,0 @@
# https://emteria.com/kb/connect-uart-rpi
# https://www.raspberrypi.com/documentation/computers/config_txt.html
enable_uart=1
uart_2ndstage=1
# Disabling bluetooth might change the serial device:
# https://raspberrypi.stackexchange.com/a/69721
# On rpi4, if bluetooth is not disabled (like here), the device is /dev/ttyS0
#dtoverlay=disable-bt

16
images/which-init.sh
View File

@ -1,16 +0,0 @@
#!/bin/bash
# Check for systemd
if [ -x /bin/systemctl ] || [ -x /usr/bin/systemctl ]; then
echo "systemd"
exit 0
fi
# Check for OpenRC
if [ -x /sbin/openrc ] || [ -x /usr/sbin/rc ]; then
echo "openrc"
exit 0
fi
# If neither systemd nor OpenRC is found
exit 1

6
tests/assets/kairos.ipxe Normal file
View File

@ -0,0 +1,6 @@
#!ipxe
set dns 8.8.8.8
ifconf
kernel http://10.0.2.2/kairos-kernel root=live:http://10.0.2.2/kairos.squashfs initrd=kairos-initrd rd.neednet=1 ip=dhcp rd.cos.disable netboot install-mode config_url=${config} console=tty1 console=ttyS0 rd.live.overlay.overlayfs
initrd http://10.0.2.2/kairos-initrd
boot

101
tests/go.mod
View File

@ -2,12 +2,14 @@ module kairos-tests
go 1.23.4
toolchain go1.23.6
require (
github.com/google/uuid v1.6.0
github.com/kairos-io/go-nodepair v0.2.0
github.com/kairos-io/go-nodepair v0.3.0
github.com/lmittmann/ppm v1.0.2
github.com/makiuchi-d/gozxing v0.1.1
github.com/mudler/edgevpn v0.29.1
github.com/mudler/edgevpn v0.29.2
github.com/mudler/go-processmanager v0.0.0-20240820160718-8b802d3ecf82
github.com/onsi/ginkgo/v2 v2.22.2
github.com/onsi/gomega v1.36.2
@ -18,44 +20,44 @@ require (
require (
github.com/benbjohnson/clock v1.3.5 // indirect
github.com/beorn7/perks v1.0.1 // indirect
github.com/bramvdbogaerde/go-scp v1.2.0 // indirect
github.com/bramvdbogaerde/go-scp v1.5.0 // indirect
github.com/c-robinson/iplib v1.0.8 // indirect
github.com/cavaliergopher/grab/v3 v3.0.1 // indirect
github.com/cenkalti/backoff/v4 v4.3.0 // indirect
github.com/cespare/xxhash/v2 v2.3.0 // indirect
github.com/codingsince1985/checksum v1.2.4 // indirect
github.com/codingsince1985/checksum v1.3.0 // indirect
github.com/containerd/cgroups v1.1.0 // indirect
github.com/coreos/go-systemd/v22 v22.5.0 // indirect
github.com/cpuguy83/go-md2man/v2 v2.0.5 // indirect
github.com/creachadair/otp v0.5.0 // indirect
github.com/davecgh/go-spew v1.1.1 // indirect
github.com/davidlazar/go-crypto v0.0.0-20200604182044-b73af7476f6c // indirect
github.com/decred/dcrd/dcrec/secp256k1/v4 v4.3.0 // indirect
github.com/disintegration/imaging v1.6.2 // indirect
github.com/docker/go-units v0.5.0 // indirect
github.com/ebitengine/purego v0.8.2 // indirect
github.com/elastic/gosigar v0.14.3 // indirect
github.com/eliukblau/pixterm v1.3.1 // indirect
github.com/eliukblau/pixterm v1.3.2 // indirect
github.com/flynn/noise v1.1.0 // indirect
github.com/francoispqt/gojay v1.2.13 // indirect
github.com/gen2brain/shm v0.0.0-20230802011745-f2460f5984f7 // indirect
github.com/go-logr/logr v1.4.2 // indirect
github.com/go-logr/stdr v1.2.2 // indirect
github.com/go-ole/go-ole v1.2.6 // indirect
github.com/go-ole/go-ole v1.3.0 // indirect
github.com/go-task/slim-sprig/v3 v3.0.0 // indirect
github.com/godbus/dbus/v5 v5.1.0 // indirect
github.com/gogo/protobuf v1.3.2 // indirect
github.com/google/btree v1.1.2 // indirect
github.com/google/btree v1.1.3 // indirect
github.com/google/go-cmp v0.6.0 // indirect
github.com/google/gopacket v1.1.19 // indirect
github.com/google/pprof v0.0.0-20241210010833-40e02aabc2ad // indirect
github.com/google/pprof v0.0.0-20250202011525-fc3143867406 // indirect
github.com/gorilla/websocket v1.5.3 // indirect
github.com/hashicorp/errwrap v1.1.0 // indirect
github.com/hashicorp/go-multierror v1.1.1 // indirect
github.com/hashicorp/golang-lru v1.0.2 // indirect
github.com/hashicorp/golang-lru/v2 v2.0.7 // indirect
github.com/huin/goupnp v1.3.0 // indirect
github.com/ipfs/boxo v0.24.3 // indirect
github.com/ipfs/go-cid v0.4.1 // indirect
github.com/ipfs/boxo v0.27.4 // indirect
github.com/ipfs/go-cid v0.5.0 // indirect
github.com/ipfs/go-datastore v0.6.0 // indirect
github.com/ipfs/go-log v1.0.5 // indirect
github.com/ipfs/go-log/v2 v2.5.1 // indirect
@ -67,32 +69,29 @@ require (
github.com/kbinani/screenshot v0.0.0-20230812210009-b87d31814237 // indirect
github.com/klauspost/compress v1.17.11 // indirect
github.com/klauspost/cpuid/v2 v2.2.9 // indirect
github.com/koron/go-ssdp v0.0.4 // indirect
github.com/labstack/echo/v4 v4.13.3 // indirect
github.com/labstack/gommon v0.4.2 // indirect
github.com/koron/go-ssdp v0.0.5 // indirect
github.com/libp2p/go-buffer-pool v0.1.0 // indirect
github.com/libp2p/go-cidranger v1.1.0 // indirect
github.com/libp2p/go-flow-metrics v0.2.0 // indirect
github.com/libp2p/go-libp2p v0.38.1 // indirect
github.com/libp2p/go-libp2p v0.38.2 // indirect
github.com/libp2p/go-libp2p-asn-util v0.4.1 // indirect
github.com/libp2p/go-libp2p-kad-dht v0.28.2 // indirect
github.com/libp2p/go-libp2p-kbucket v0.6.4 // indirect
github.com/libp2p/go-libp2p-kad-dht v0.29.0 // indirect
github.com/libp2p/go-libp2p-kbucket v0.6.5 // indirect
github.com/libp2p/go-libp2p-pubsub v0.12.0 // indirect
github.com/libp2p/go-libp2p-record v0.2.0 // indirect
github.com/libp2p/go-libp2p-record v0.3.1 // indirect
github.com/libp2p/go-libp2p-routing-helpers v0.7.4 // indirect
github.com/libp2p/go-msgio v0.3.0 // indirect
github.com/libp2p/go-nat v0.2.0 // indirect
github.com/libp2p/go-netroute v0.2.2 // indirect
github.com/libp2p/go-reuseport v0.4.0 // indirect
github.com/libp2p/go-yamux/v4 v4.0.1 // indirect
github.com/libp2p/go-yamux/v4 v4.0.2 // indirect
github.com/libp2p/zeroconf/v2 v2.2.0 // indirect
github.com/lucasb-eyer/go-colorful v1.2.0 // indirect
github.com/lufia/plan9stats v0.0.0-20211012122336-39d0f177ccd0 // indirect
github.com/lufia/plan9stats v0.0.0-20240909124753-873cd0166683 // indirect
github.com/lxn/win v0.0.0-20210218163916-a377121e959e // indirect
github.com/marten-seemann/tcp v0.0.0-20210406111302-dfbc87cc63fd // indirect
github.com/mattn/go-colorable v0.1.13 // indirect
github.com/mattn/go-isatty v0.0.20 // indirect
github.com/miekg/dns v1.1.62 // indirect
github.com/miekg/dns v1.1.63 // indirect
github.com/mikioh/tcpinfo v0.0.0-20190314235526-30a79bb1804b // indirect
github.com/mikioh/tcpopt v0.0.0-20190314235656-172688c1accc // indirect
github.com/minio/sha256-simd v1.0.1 // indirect
@ -118,13 +117,13 @@ require (
github.com/pion/dtls/v2 v2.2.12 // indirect
github.com/pion/ice/v2 v2.3.37 // indirect
github.com/pion/interceptor v0.1.37 // indirect
github.com/pion/logging v0.2.2 // indirect
github.com/pion/logging v0.2.3 // indirect
github.com/pion/mdns v0.0.12 // indirect
github.com/pion/randutil v0.1.0 // indirect
github.com/pion/rtcp v1.2.15 // indirect
github.com/pion/rtp v1.8.10 // indirect
github.com/pion/rtp v1.8.11 // indirect
github.com/pion/sctp v1.8.35 // indirect
github.com/pion/sdp/v3 v3.0.9 // indirect
github.com/pion/sdp/v3 v3.0.10 // indirect
github.com/pion/srtp/v2 v2.0.20 // indirect
github.com/pion/stun v0.6.1 // indirect
github.com/pion/transport/v2 v2.2.10 // indirect
@ -134,57 +133,53 @@ require (
github.com/pkg/errors v0.9.1 // indirect
github.com/pmezard/go-difflib v1.0.0 // indirect
github.com/polydawn/refmt v0.89.0 // indirect
github.com/power-devops/perfstat v0.0.0-20210106213030-5aafc221ea8c // indirect
github.com/power-devops/perfstat v0.0.0-20240221224432-82ca36839d55 // indirect
github.com/prometheus/client_golang v1.20.5 // indirect
github.com/prometheus/client_model v0.6.1 // indirect
github.com/prometheus/common v0.61.0 // indirect
github.com/prometheus/common v0.62.0 // indirect
github.com/prometheus/procfs v0.15.1 // indirect
github.com/quic-go/qpack v0.5.1 // indirect
github.com/quic-go/quic-go v0.48.2 // indirect
github.com/quic-go/quic-go v0.49.0 // indirect
github.com/quic-go/webtransport-go v0.8.1-0.20241018022711-4ac2c9250e66 // indirect
github.com/raulk/go-watchdog v1.3.0 // indirect
github.com/russross/blackfriday/v2 v2.1.0 // indirect
github.com/shirou/gopsutil/v4 v4.24.7 // indirect
github.com/shoenig/go-m1cpu v0.1.6 // indirect
github.com/shirou/gopsutil/v4 v4.25.1 // indirect
github.com/skip2/go-qrcode v0.0.0-20200617195104-da1b6568686e // indirect
github.com/songgao/packets v0.0.0-20160404182456-549a10cd4091 // indirect
github.com/spaolacci/murmur3 v1.1.0 // indirect
github.com/stretchr/testify v1.10.0 // indirect
github.com/tklauser/go-sysconf v0.3.12 // indirect
github.com/tklauser/numcpus v0.6.1 // indirect
github.com/urfave/cli/v2 v2.27.5 // indirect
github.com/valyala/bytebufferpool v1.0.0 // indirect
github.com/valyala/fasttemplate v1.2.2 // indirect
github.com/tklauser/go-sysconf v0.3.14 // indirect
github.com/tklauser/numcpus v0.9.0 // indirect
github.com/vishvananda/netlink v1.3.0 // indirect
github.com/vishvananda/netns v0.0.4 // indirect
github.com/vishvananda/netns v0.0.5 // indirect
github.com/whyrusleeping/go-keyspace v0.0.0-20160322163242-5b898ac5add1 // indirect
github.com/wlynxg/anet v0.0.5 // indirect
github.com/xrash/smetrics v0.0.0-20240521201337-686a1a2994c1 // indirect
github.com/yusufpapurcu/wmi v1.2.4 // indirect
go.opencensus.io v0.24.0 // indirect
go.opentelemetry.io/otel v1.31.0 // indirect
go.opentelemetry.io/otel/metric v1.31.0 // indirect
go.opentelemetry.io/otel/trace v1.31.0 // indirect
go.opentelemetry.io/auto/sdk v1.1.0 // indirect
go.opentelemetry.io/otel v1.34.0 // indirect
go.opentelemetry.io/otel/metric v1.34.0 // indirect
go.opentelemetry.io/otel/trace v1.34.0 // indirect
go.uber.org/dig v1.18.0 // indirect
go.uber.org/fx v1.23.0 // indirect
go.uber.org/mock v0.5.0 // indirect
go.uber.org/multierr v1.11.0 // indirect
go.uber.org/zap v1.27.0 // indirect
golang.org/x/crypto v0.31.0 // indirect
golang.org/x/exp v0.0.0-20241217172543-b2144cdd0a67 // indirect
golang.org/x/image v0.18.0 // indirect
golang.org/x/mod v0.22.0 // indirect
golang.org/x/net v0.33.0 // indirect
golang.org/x/sync v0.10.0 // indirect
golang.org/x/sys v0.29.0 // indirect
golang.org/x/text v0.21.0 // indirect
golang.org/x/tools v0.28.0 // indirect
golang.org/x/crypto v0.32.0 // indirect
golang.org/x/exp v0.0.0-20250128182459-e0ece0dbea4c // indirect
golang.org/x/image v0.20.0 // indirect
golang.org/x/mod v0.23.0 // indirect
golang.org/x/net v0.34.0 // indirect
golang.org/x/sync v0.11.0 // indirect
golang.org/x/sys v0.30.0 // indirect
golang.org/x/text v0.22.0 // indirect
golang.org/x/time v0.8.0 // indirect
golang.org/x/tools v0.29.0 // indirect
golang.org/x/xerrors v0.0.0-20240903120638-7835f813f4da // indirect
golang.zx2c4.com/wintun v0.0.0-20230126152724-0fa3db229ce2 // indirect
golang.zx2c4.com/wireguard v0.0.0-20220703234212-c31a7b1ab478 // indirect
golang.zx2c4.com/wireguard v0.0.0-20231211153847-12269c276173 // indirect
golang.zx2c4.com/wireguard/windows v0.5.3 // indirect
gonum.org/v1/gonum v0.15.0 // indirect
google.golang.org/protobuf v1.36.1 // indirect
gonum.org/v1/gonum v0.15.1 // indirect
google.golang.org/protobuf v1.36.4 // indirect
gopkg.in/yaml.v2 v2.4.0 // indirect
lukechampine.com/blake3 v1.3.0 // indirect
)

282
tests/go.sum
View File

@ -17,8 +17,8 @@ github.com/beorn7/perks v0.0.0-20180321164747-3a771d992973/go.mod h1:Dwedo/Wpr24
github.com/beorn7/perks v1.0.1 h1:VlbKKnNfV8bJzeqoa4cOKqO6bYr3WgKZxO8Z16+hsOM=
github.com/beorn7/perks v1.0.1/go.mod h1:G2ZrVWU2WbWT9wwq4/hrbKbnv/1ERSJQ0ibhJ6rlkpw=
github.com/bradfitz/go-smtpd v0.0.0-20170404230938-deb6d6237625/go.mod h1:HYsPBTaaSFSlLx/70C2HPIMNZpVV8+vt/A+FMnYP11g=
github.com/bramvdbogaerde/go-scp v1.2.0 h1:mNF1lCXQ6jQcxCBBuc2g/CQwVy/4QONaoD5Aqg9r+Zg=
github.com/bramvdbogaerde/go-scp v1.2.0/go.mod h1:s4ZldBoRAOgUg8IrRP2Urmq5qqd2yPXQTPshACY8vQ0=
github.com/bramvdbogaerde/go-scp v1.5.0 h1:a9BinAjTfQh273eh7vd3qUgmBC+bx+3TRDtkZWmIpzM=
github.com/bramvdbogaerde/go-scp v1.5.0/go.mod h1:on2aH5AxaFb2G0N5Vsdy6B0Ml7k9HuHSwfo1y0QzAbQ=
github.com/buger/jsonparser v0.0.0-20181115193947-bf1c66bbce23/go.mod h1:bbYlZJ7hK1yFx9hf58LP0zeX7UjIGs20ufpu3evjr+s=
github.com/c-robinson/iplib v1.0.8 h1:exDRViDyL9UBLcfmlxxkY5odWX5092nPsQIykHXhIn4=
github.com/c-robinson/iplib v1.0.8/go.mod h1:i3LuuFL1hRT5gFpBRnEydzw8R6yhGkF4szNDIbF8pgo=
@ -32,8 +32,8 @@ github.com/cespare/xxhash/v2 v2.3.0/go.mod h1:VGX0DQ3Q6kWi7AoAeZDth3/j3BFtOZR5XL
github.com/cilium/ebpf v0.2.0/go.mod h1:To2CFviqOWL/M0gIMsvSMlqe7em/l1ALkX1PyjrX2Qs=
github.com/client9/misspell v0.3.4/go.mod h1:qj6jICC3Q7zFZvVWo7KLAzC3yx5G7kyvSDkc90ppPyw=
github.com/cncf/udpa/go v0.0.0-20191209042840-269d4d468f6f/go.mod h1:M8M6+tZqaGXZJjfX53e64911xZQV5JYwmTeXPW+k8Sc=
github.com/codingsince1985/checksum v1.2.4 h1:kQUpBE1b43jrthLR/RYO4ucEXcZJCq3LpGsMfPDVJYQ=
github.com/codingsince1985/checksum v1.2.4/go.mod h1:c9FdM+lYMC4fx7uCOy+0DQaFWM6sbU9R/jnm9AHZD50=
github.com/codingsince1985/checksum v1.3.0 h1:kqqIqWBwjidGmt/pO4yXCEX+np7HACGx72EB+MkKcVY=
github.com/codingsince1985/checksum v1.3.0/go.mod h1:QfRskdtdWap+gJil8e5obw6I8/cWJ0SwMUACruWDSU8=
github.com/containerd/cgroups v0.0.0-20201119153540-4cbc285b3327/go.mod h1:ZJeTFisyysqgcCdecO57Dj79RfL0LNeGiFUqLYQRYLE=
github.com/containerd/cgroups v1.1.0 h1:v8rEWFl6EoqHB+swVNjVoCJE8o3jX7e8nqBGPLaDFBM=
github.com/containerd/cgroups v1.1.0/go.mod h1:6ppBcbh/NOOUU+dMKrykgaBnK9lCIBxHqJDGwsa1mIw=
@ -43,8 +43,6 @@ github.com/coreos/go-systemd/v22 v22.5.0 h1:RrqgGjYQKalulkV8NGVIfkXQf6YYmOyiJKk8
github.com/coreos/go-systemd/v22 v22.5.0/go.mod h1:Y58oyj3AT4RCenI/lSvhwexgC+NSVTIJ3seZv2GcEnc=
github.com/cpuguy83/go-md2man/v2 v2.0.0-20190314233015-f79a8a8ca69d/go.mod h1:maD7wRr/U5Z6m/iR4s+kqSMx2CaBsrgA7czyZG/E6dU=
github.com/cpuguy83/go-md2man/v2 v2.0.0/go.mod h1:maD7wRr/U5Z6m/iR4s+kqSMx2CaBsrgA7czyZG/E6dU=
github.com/cpuguy83/go-md2man/v2 v2.0.5 h1:ZtcqGrnekaHpVLArFSe4HK5DoKx1T0rq2DwVB0alcyc=
github.com/cpuguy83/go-md2man/v2 v2.0.5/go.mod h1:tgQtvFlXSQOSOSIRvRPT7W67SCa46tRHOmNcaadrF8o=
github.com/creachadair/mds v0.21.3 h1:RRgEAPIb52cU0q7UxGyN+13QlCVTZIL4slRr0cYYQfA=
github.com/creachadair/mds v0.21.3/go.mod h1:1ltMWZd9yXhaHEoZwBialMaviWVUpRPvMwVP7saFAzM=
github.com/creachadair/otp v0.5.0 h1:q3Th7CXm2zlmCdBjw5tEPFOj4oWJMnVL5HXlq0sNKS0=
@ -64,11 +62,13 @@ github.com/docker/go-units v0.4.0/go.mod h1:fgPhTUdO+D/Jk86RDLlptpiXQzgHJF7gydDD
github.com/docker/go-units v0.5.0 h1:69rxXcBk27SvSaaxTtLh/8llcHD8vYHT7WSdRZ/jvr4=
github.com/docker/go-units v0.5.0/go.mod h1:fgPhTUdO+D/Jk86RDLlptpiXQzgHJF7gydDDbaIK4Dk=
github.com/dustin/go-humanize v1.0.0/go.mod h1:HtrtbFcZ19U5GC7JDqmcUSB87Iq5E25KnS6fMYU6eOk=
github.com/ebitengine/purego v0.8.2 h1:jPPGWs2sZ1UgOSgD2bClL0MJIqu58nOmIcBuXr62z1I=
github.com/ebitengine/purego v0.8.2/go.mod h1:iIjxzd6CiRiOG0UyXP+V1+jWqUXVjPKLAI0mRfJZTmQ=
github.com/elastic/gosigar v0.12.0/go.mod h1:iXRIGg2tLnu7LBdpqzyQfGDEidKCfWcCMS0WKyPWoMs=
github.com/elastic/gosigar v0.14.3 h1:xwkKwPia+hSfg9GqrCUKYdId102m9qTJIIr7egmK/uo=
github.com/elastic/gosigar v0.14.3/go.mod h1:iXRIGg2tLnu7LBdpqzyQfGDEidKCfWcCMS0WKyPWoMs=
github.com/eliukblau/pixterm v1.3.1 h1:XeouQViH+lmzCa7sMUoK2cd7qlgHYGLIjwRKaOdJbKA=
github.com/eliukblau/pixterm v1.3.1/go.mod h1:on5ueknFt+ZFVvIVVzQ7/JXwPjv5fJd8Q1Ybh7XixfU=
github.com/eliukblau/pixterm v1.3.2 h1:kAF9qvbaDV3emb9LPHw1Bvd9D5o4y28U0e8Q9vfl24I=
github.com/eliukblau/pixterm v1.3.2/go.mod h1:CgaInx2l92Xo3GTldly4UQeNghSFXmIQNk3zL77Xo/A=
github.com/envoyproxy/go-control-plane v0.9.0/go.mod h1:YTl/9mNaCwkRvm6d1a2C3ymFceY/DCBVvsKhRF0iEA4=
github.com/envoyproxy/go-control-plane v0.9.1-0.20191026205805-5f8ba28d4473/go.mod h1:YTl/9mNaCwkRvm6d1a2C3ymFceY/DCBVvsKhRF0iEA4=
github.com/envoyproxy/go-control-plane v0.9.4/go.mod h1:6rpuAdCZL397s3pYoYcLgu1mIlRU8Am5FuJP05cCM98=
@ -93,8 +93,9 @@ github.com/go-logr/logr v1.4.2 h1:6pFjapn8bFcIbiKo3XT4j/BhANplGihG6tvd+8rYgrY=
github.com/go-logr/logr v1.4.2/go.mod h1:9T104GzyrTigFIr8wt5mBrctHMim0Nb2HLGrmQ40KvY=
github.com/go-logr/stdr v1.2.2 h1:hSWxHoqTgW2S2qGc0LTAI563KZ5YKYRhT3MFKZMbjag=
github.com/go-logr/stdr v1.2.2/go.mod h1:mMo/vtBO5dYbehREoey6XUKy/eSumjCCveDpRre4VKE=
github.com/go-ole/go-ole v1.2.6 h1:/Fpf6oFPoeFik9ty7siob0G6Ke8QvQEuVcuChpwXzpY=
github.com/go-ole/go-ole v1.2.6/go.mod h1:pprOEPIfldk/42T2oK7lQ4v4JSDwmV0As9GaiUsvbm0=
github.com/go-ole/go-ole v1.3.0 h1:Dt6ye7+vXGIKZ7Xtk4s6/xVdGDQynvom7xCFEdWr6uE=
github.com/go-ole/go-ole v1.3.0/go.mod h1:5LS6F96DhAwUc7C+1HLexzMXY1xGRSryjyPPKW6zv78=
github.com/go-task/slim-sprig/v3 v3.0.0 h1:sUs3vkvUymDpBKi3qH1YSqBQk9+9D/8M2mN1vB6EwHI=
github.com/go-task/slim-sprig/v3 v3.0.0/go.mod h1:W848ghGpv3Qj3dhTPRyJypKRiqCdHZiAzKg9hl15HA8=
github.com/go-yaml/yaml v2.1.0+incompatible/go.mod h1:w2MrLa16VYP0jy6N7M5kHaCkaLENm+P+Tv+MfurjSw0=
@ -107,9 +108,8 @@ github.com/gogo/protobuf v1.3.1/go.mod h1:SlYgWuQ5SjCEi6WLHjHCa1yvBfUnHcTbrrZtXP
github.com/gogo/protobuf v1.3.2 h1:Ov1cvc58UF3b5XjBnZv7+opcTcQFZebYjWzi34vdm4Q=
github.com/gogo/protobuf v1.3.2/go.mod h1:P1XiOD3dCwIKUDQYPy72D8LYyHL2YPYrpS2s69NZV8Q=
github.com/golang/glog v0.0.0-20160126235308-23def4e6c14b/go.mod h1:SBH7ygxi8pfUlaOkMMuAQtPIUF8ecWP5IEl/CR7VP2Q=
github.com/golang/groupcache v0.0.0-20200121045136-8c9f03a8e57e h1:1r7pUrabqp18hOBcwBwiTsbnFeTZHV9eER/QT5JVZxY=
github.com/golang/groupcache v0.0.0-20200121045136-8c9f03a8e57e/go.mod h1:cIg4eruTrX1D+g88fzRXU5OdNfaM+9IcxsU14FzY7Hc=
github.com/golang/groupcache v0.0.0-20210331224755-41bb18bfe9da h1:oI5xCqsCo564l8iNU+DwB5epxmsaqB+rhGL0m5jtYqE=
github.com/golang/groupcache v0.0.0-20210331224755-41bb18bfe9da/go.mod h1:cIg4eruTrX1D+g88fzRXU5OdNfaM+9IcxsU14FzY7Hc=
github.com/golang/lint v0.0.0-20180702182130-06c8688daad7/go.mod h1:tluoj9z5200jBnyusfRPU2LqT6J+DAorxEvtC7LHB+E=
github.com/golang/mock v1.1.1/go.mod h1:oTYuIxOrZwtPieC+H1uAHpcLFnEyAGVDL/k47Jfbm0A=
github.com/golang/mock v1.2.0/go.mod h1:oTYuIxOrZwtPieC+H1uAHpcLFnEyAGVDL/k47Jfbm0A=
@ -124,8 +124,8 @@ github.com/golang/protobuf v1.4.0/go.mod h1:jodUvKwWbYaEsadDk5Fwe5c77LiNKVO9IDvq
github.com/golang/protobuf v1.4.1/go.mod h1:U8fpvMrcmy5pZrNK1lt4xCsGvpyWQ/VVv6QDs8UjoX8=
github.com/golang/protobuf v1.4.3/go.mod h1:oDoupMAO8OvCJWAcko0GGGIgR6R6ocIYbsSw735rRwI=
github.com/google/btree v0.0.0-20180813153112-4030bb1f1f0c/go.mod h1:lNA+9X1NB3Zf8V7Ke586lFgjr2dZNuvo3lPJSGZ5JPQ=
github.com/google/btree v1.1.2 h1:xf4v41cLI2Z6FxbKm+8Bu+m8ifhj15JuZ9sa0jZCMUU=
github.com/google/btree v1.1.2/go.mod h1:qOPhT0dTNdNzV6Z/lhRX0YXUafgPLFUh+gZMl761Gm4=
github.com/google/btree v1.1.3 h1:CVpQJjYgC4VbzxeGVHfvZrv1ctoYCAI8vbl07Fcxlyg=
github.com/google/btree v1.1.3/go.mod h1:qOPhT0dTNdNzV6Z/lhRX0YXUafgPLFUh+gZMl761Gm4=
github.com/google/go-cmp v0.2.0/go.mod h1:oXzfMopK8JAjlY9xF4vHSVASa0yLyX7SntLO5aqRK0M=
github.com/google/go-cmp v0.3.0/go.mod h1:8QqcDgzrUqlUb/G2PQTWiueGozuR1884gddMywk6iLU=
github.com/google/go-cmp v0.3.1/go.mod h1:8QqcDgzrUqlUb/G2PQTWiueGozuR1884gddMywk6iLU=
@ -133,7 +133,6 @@ github.com/google/go-cmp v0.4.0/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/
github.com/google/go-cmp v0.5.0/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE=
github.com/google/go-cmp v0.5.2/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE=
github.com/google/go-cmp v0.5.3/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE=
github.com/google/go-cmp v0.5.6/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE=
github.com/google/go-cmp v0.6.0 h1:ofyhxvXcZhMsU5ulbFiLKl/XBFqE1GSq7atu8tAmTRI=
github.com/google/go-cmp v0.6.0/go.mod h1:17dUlkBOakJ0+DkrSSNjCkIjxS6bF9zb3elmeNGIjoY=
github.com/google/go-github v17.0.0+incompatible/go.mod h1:zLgOLi98H3fifZn+44m+umXrS52loVEgC2AApnigrVQ=
@ -142,10 +141,8 @@ github.com/google/gopacket v1.1.19 h1:ves8RnFZPGiFnTS0uPQStjwru6uO6h+nlr9j6fL7kF
github.com/google/gopacket v1.1.19/go.mod h1:iJ8V8n6KS+z2U1A8pUwu8bW5SyEMkXJB8Yo/Vo+TKTo=
github.com/google/martian v2.1.0+incompatible/go.mod h1:9I4somxYTbIHy5NJKHRl3wXiIaQGbYVAs8BPL6v8lEs=
github.com/google/pprof v0.0.0-20181206194817-3ea8567a2e57/go.mod h1:zfwlbNMJ+OItoe0UupaVj+oy1omPYYDuagoSzA8v9mc=
github.com/google/pprof v0.0.0-20241029153458-d1b30febd7db h1:097atOisP2aRj7vFgYQBbFN4U4JNXUNYpxael3UzMyo=
github.com/google/pprof v0.0.0-20241029153458-d1b30febd7db/go.mod h1:vavhavw2zAxS5dIdcRluK6cSGGPlZynqzFM8NdvU144=
github.com/google/pprof v0.0.0-20241210010833-40e02aabc2ad h1:a6HEuzUHeKH6hwfN/ZoQgRgVIWFJljSWa/zetS2WTvg=
github.com/google/pprof v0.0.0-20241210010833-40e02aabc2ad/go.mod h1:vavhavw2zAxS5dIdcRluK6cSGGPlZynqzFM8NdvU144=
github.com/google/pprof v0.0.0-20250202011525-fc3143867406 h1:wlQI2cYY0BsWmmPPAnxfQ8SDW0S3Jasn+4B8kXFxprg=
github.com/google/pprof v0.0.0-20250202011525-fc3143867406/go.mod h1:vavhavw2zAxS5dIdcRluK6cSGGPlZynqzFM8NdvU144=
github.com/google/renameio v0.1.0/go.mod h1:KWCgfxg9yswjAJkECMjeO8J8rahYeXnNhOm40UhjYkI=
github.com/google/uuid v1.1.2/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo=
github.com/google/uuid v1.3.1/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo=
@ -171,14 +168,12 @@ github.com/hashicorp/golang-lru/v2 v2.0.7 h1:a+bsQ5rvGLjzHuww6tVxozPZFVghXaHOwFs
github.com/hashicorp/golang-lru/v2 v2.0.7/go.mod h1:QeFd9opnmA6QUJc5vARoKUSoFhyfM2/ZepoAG6RGpeM=
github.com/huin/goupnp v1.3.0 h1:UvLUlWDNpoUdYzb2TCn+MuTWtcjXKSza2n6CBdQ0xXc=
github.com/huin/goupnp v1.3.0/go.mod h1:gnGPsThkYa7bFi/KWmEysQRf48l2dvR5bxr2OFckNX8=
github.com/ipfs/boxo v0.24.1 h1:Y1n+8Q9lqeWLhEMZR2staJDnY80mtSWNR+hOhG3VtDo=
github.com/ipfs/boxo v0.24.1/go.mod h1:8mVcuQl2qqprmSOXHeqvvP4TezOobM92fKF3+ugpE58=
github.com/ipfs/boxo v0.24.3 h1:gldDPOWdM3Rz0v5LkVLtZu7A7gFNvAlWcmxhCqlHR3c=
github.com/ipfs/boxo v0.24.3/go.mod h1:h0DRzOY1IBFDHp6KNvrJLMFdSXTYID0Zf+q7X05JsNg=
github.com/ipfs/boxo v0.27.4 h1:6nC8lY5GnR6whAbW88hFz6L13wZUj2vr5BRe3iTvYBI=
github.com/ipfs/boxo v0.27.4/go.mod h1:qEIRrGNr0bitDedTCzyzBHxzNWqYmyuHgK8LG9Q83EM=
github.com/ipfs/go-block-format v0.2.0 h1:ZqrkxBA2ICbDRbK8KJs/u0O3dlp6gmAuuXUJNiW1Ycs=
github.com/ipfs/go-block-format v0.2.0/go.mod h1:+jpL11nFx5A/SPpsoBn6Bzkra/zaArfSmsknbPMYgzM=
github.com/ipfs/go-cid v0.4.1 h1:A/T3qGvxi4kpKWWcPC/PgbvDA2bjVLO7n4UeVwnbs/s=
github.com/ipfs/go-cid v0.4.1/go.mod h1:uQHwDeX4c6CtyrFwdqyhpNcxVewur1M7l7fNU7LKwZk=
github.com/ipfs/go-cid v0.5.0 h1:goEKKhaGm0ul11IHA7I6p1GmKz8kEYniqFopaB5Otwg=
github.com/ipfs/go-cid v0.5.0/go.mod h1:0L7vmeNXpQpUS9vt+yEARkJ8rOg43DF3iPgn4GIN0mk=
github.com/ipfs/go-datastore v0.6.0 h1:JKyz+Gvz1QEZw0LsX1IBn+JFCJQH4SJVFtM4uWU0Myk=
github.com/ipfs/go-datastore v0.6.0/go.mod h1:rt5M3nNbSO/8q1t4LNkLyUwRs8HupMeN/8O4Vn9YAT8=
github.com/ipfs/go-detect-race v0.0.1 h1:qX/xay2W3E4Q1U7d9lNs1sU9nvguX0a7319XbyQ6cOk=
@ -208,8 +203,8 @@ github.com/json-iterator/go v1.1.6/go.mod h1:+SdeFBvtyEkXs7REEP0seUULqWtbJapLOCV
github.com/jstemmer/go-junit-report v0.0.0-20190106144839-af01ea7f8024/go.mod h1:6v2b51hI/fHJwM22ozAgKL4VKDeJcHhJFhtBdhmNjmU=
github.com/jtolds/gls v4.20.0+incompatible h1:xdiiI2gbIgH/gLH7ADydsJ1uDOEzR8yvV7C0MuV77Wo=
github.com/jtolds/gls v4.20.0+incompatible/go.mod h1:QJZ7F/aHp+rZTRtaJ1ow/lLfFfVYBRgL+9YlvaHOwJU=
github.com/kairos-io/go-nodepair v0.2.0 h1:G47RZb/BF1bj/NMl3JZFelUifC4uCTnrFE9mK+z4x7U=
github.com/kairos-io/go-nodepair v0.2.0/go.mod h1:9e1YCP7Wa8Un5ZVHcVrRfnnkiuiBgJGJ7EdtaPhBhAA=
github.com/kairos-io/go-nodepair v0.3.0 h1:JIMBAtbNhIAsx89aP61mQDGMuGFoIQH/woK2tMDYD6k=
github.com/kairos-io/go-nodepair v0.3.0/go.mod h1:7i905W/KmR9DAcMSVJr/Wdb84E5Yyu9YLgj7chwX1xs=
github.com/kbinani/screenshot v0.0.0-20230812210009-b87d31814237 h1:YOp8St+CM/AQ9Vp4XYm4272E77MptJDHkwypQHIRl9Q=
github.com/kbinani/screenshot v0.0.0-20230812210009-b87d31814237/go.mod h1:e7qQlOY68wOz4b82D7n+DdaptZAi+SHW0+yKiWZzEYE=
github.com/kisielk/errcheck v1.2.0/go.mod h1:/BMXB+zMLi60iA8Vv6Ksmxu/1UDYcXs4uQLJ+jE2L00=
@ -217,12 +212,10 @@ github.com/kisielk/errcheck v1.5.0/go.mod h1:pFxgyoBC7bSaBwPgfKdkLd5X25qrDl4LWUI
github.com/kisielk/gotool v1.0.0/go.mod h1:XhKaO+MFFWcvkIS/tQcRk01m1F5IRFswLeQ+oQHNcck=
github.com/klauspost/compress v1.17.11 h1:In6xLpyWOi1+C7tXUUWv2ot1QvBjxevKAaI6IXrJmUc=
github.com/klauspost/compress v1.17.11/go.mod h1:pMDklpSncoRMuLFrf1W9Ss9KT+0rH90U12bZKk7uwG0=
github.com/klauspost/cpuid/v2 v2.2.8 h1:+StwCXwm9PdpiEkPyzBXIy+M9KUb4ODm0Zarf1kS5BM=
github.com/klauspost/cpuid/v2 v2.2.8/go.mod h1:Lcz8mBdAVJIBVzewtcLocK12l3Y+JytZYpaMropDUws=
github.com/klauspost/cpuid/v2 v2.2.9 h1:66ze0taIn2H33fBvCkXuv9BmCwDfafmiIVpKV9kKGuY=
github.com/klauspost/cpuid/v2 v2.2.9/go.mod h1:rqkxqrZ1EhYM9G+hXH7YdowN5R5RGN6NK4QwQ3WMXF8=
github.com/koron/go-ssdp v0.0.4 h1:1IDwrghSKYM7yLf7XCzbByg2sJ/JcNOZRXS2jczTwz0=
github.com/koron/go-ssdp v0.0.4/go.mod h1:oDXq+E5IL5q0U8uSBcoAXzTzInwy5lEgC91HoKtbmZk=
github.com/koron/go-ssdp v0.0.5 h1:E1iSMxIs4WqxTbIBLtmNBeOOC+1sCIXQeqTWVnpmwhk=
github.com/koron/go-ssdp v0.0.5/go.mod h1:Qm59B7hpKpDqfyRNWRNr00jGwLdXjDyZh6y7rH6VS0w=
github.com/kr/pretty v0.1.0/go.mod h1:dAy3ld7l9f0ibDNOQOHHMYYIIbhfbHSm3C4ZsoJORNo=
github.com/kr/pretty v0.2.1/go.mod h1:ipq/a2n7PKx3OHsz4KJII5eveXtPO4qwEXGdVfWzfnI=
github.com/kr/pretty v0.3.1 h1:flRD4NNwYAUpkphVc1HcthR4KEIFJ65n8Mw5qdRn3LE=
@ -232,34 +225,24 @@ github.com/kr/pty v1.1.3/go.mod h1:pFQYn66WHrOpPYNljwOMqo10TkYh1fy3cYio2l3bCsQ=
github.com/kr/text v0.1.0/go.mod h1:4Jbv+DJW3UT/LiOwJeYQe1efqtUx/iVham/4vfdArNI=
github.com/kr/text v0.2.0 h1:5Nx0Ya0ZqY2ygV366QzturHI13Jq95ApcVaJBhpS+AY=
github.com/kr/text v0.2.0/go.mod h1:eLer722TekiGuMkidMxC/pM04lWEeraHUUmBw8l2grE=
github.com/labstack/echo/v4 v4.13.3 h1:pwhpCPrTl5qry5HRdM5FwdXnhXSLSY+WE+YQSeCaafY=
github.com/labstack/echo/v4 v4.13.3/go.mod h1:o90YNEeQWjDozo584l7AwhJMHN0bOC4tAfg+Xox9q5g=
github.com/labstack/gommon v0.4.2 h1:F8qTUNXgG1+6WQmqoUWnz8WiEU60mXVVw0P4ht1WRA0=
github.com/labstack/gommon v0.4.2/go.mod h1:QlUFxVM+SNXhDL/Z7YhocGIBYOiwB0mXm1+1bAPHPyU=
github.com/libp2p/go-buffer-pool v0.1.0 h1:oK4mSFcQz7cTQIfqbe4MIj9gLW+mnanjyFtc6cdF0Y8=
github.com/libp2p/go-buffer-pool v0.1.0/go.mod h1:N+vh8gMqimBzdKkSMVuydVDq+UV5QTWy5HSiZacSbPg=
github.com/libp2p/go-cidranger v1.1.0 h1:ewPN8EZ0dd1LSnrtuwd4709PXVcITVeuwbag38yPW7c=
github.com/libp2p/go-cidranger v1.1.0/go.mod h1:KWZTfSr+r9qEo9OkI9/SIEeAtw+NNoU0dXIXt15Okic=
github.com/libp2p/go-flow-metrics v0.2.0 h1:EIZzjmeOE6c8Dav0sNv35vhZxATIXWZg6j/C08XmmDw=
github.com/libp2p/go-flow-metrics v0.2.0/go.mod h1:st3qqfu8+pMfh+9Mzqb2GTiwrAGjIPszEjZmtksN8Jc=
github.com/libp2p/go-libp2p v0.36.5 h1:DoABsaHO0VXwH6pwCs2F6XKAXWYjFMO4HFBoVxTnF9g=
github.com/libp2p/go-libp2p v0.36.5/go.mod h1:CpszAtXxHYOcyvB7K8rSHgnNlh21eKjYbEfLoMerbEI=
github.com/libp2p/go-libp2p v0.38.1 h1:aT1K7IFWi+gZUsQGCzTHBTlKX5QVZQOahng8DnOr6tQ=
github.com/libp2p/go-libp2p v0.38.1/go.mod h1:QWV4zGL3O9nXKdHirIC59DoRcZ446dfkjbOJ55NEWFo=
github.com/libp2p/go-libp2p v0.38.2 h1:9SZQDOCi82A25An4kx30lEtr6kGTxrtoaDkbs5xrK5k=
github.com/libp2p/go-libp2p v0.38.2/go.mod h1:QWV4zGL3O9nXKdHirIC59DoRcZ446dfkjbOJ55NEWFo=
github.com/libp2p/go-libp2p-asn-util v0.4.1 h1:xqL7++IKD9TBFMgnLPZR6/6iYhawHKHl950SO9L6n94=
github.com/libp2p/go-libp2p-asn-util v0.4.1/go.mod h1:d/NI6XZ9qxw67b4e+NgpQexCIiFYJjErASrYW4PFDN8=
github.com/libp2p/go-libp2p-kad-dht v0.27.0 h1:1Ea32tVTPiAfaLpPMbaBWFJgbsi/JpMqC2YBuFdf32o=
github.com/libp2p/go-libp2p-kad-dht v0.27.0/go.mod h1:ixhjLuzaXSGtWsKsXTj7erySNuVC4UP7NO015cRrF14=
github.com/libp2p/go-libp2p-kad-dht v0.28.1 h1:DVTfzG8Ybn88g9RycIq47evWCRss5f0Wm8iWtpwyHso=
github.com/libp2p/go-libp2p-kad-dht v0.28.1/go.mod h1:0wHURlSFdAC42+wF7GEmpLoARw8JuS8do2guCtc/Y/w=
github.com/libp2p/go-libp2p-kad-dht v0.28.2 h1:/VivUl/Ru0tVgkWNhDDBy8pK6q+gRdI+z8VfqmSUJWo=
github.com/libp2p/go-libp2p-kad-dht v0.28.2/go.mod h1:sUR/qh4p/5+YFXBtwOiCmIBeBA2YD94ttmL+Xk8+pTE=
github.com/libp2p/go-libp2p-kbucket v0.6.4 h1:OjfiYxU42TKQSB8t8WYd8MKhYhMJeO2If+NiuKfb6iQ=
github.com/libp2p/go-libp2p-kbucket v0.6.4/go.mod h1:jp6w82sczYaBsAypt5ayACcRJi0lgsba7o4TzJKEfWA=
github.com/libp2p/go-libp2p-kad-dht v0.29.0 h1:045eW21lGlMSD9aKSZZGH4fnBMIInPwQLxIQ35P962I=
github.com/libp2p/go-libp2p-kad-dht v0.29.0/go.mod h1:mIci3rHSwDsxQWcCjfmxD8vMTgh5xLuvwb1D5WP8ZNk=
github.com/libp2p/go-libp2p-kbucket v0.6.5 h1:Fsl1YvZcMwqrR4DYrTO02yo9PGYs2HBQIT3lGXFMTxg=
github.com/libp2p/go-libp2p-kbucket v0.6.5/go.mod h1:U6WOd0BvnSp03IQSrjgM54tg7zh1UUNsXLJqAQzClTA=
github.com/libp2p/go-libp2p-pubsub v0.12.0 h1:PENNZjSfk8KYxANRlpipdS7+BfLmOl3L2E/6vSNjbdI=
github.com/libp2p/go-libp2p-pubsub v0.12.0/go.mod h1:Oi0zw9aw8/Y5GC99zt+Ef2gYAl+0nZlwdJonDyOz/sE=
github.com/libp2p/go-libp2p-record v0.2.0 h1:oiNUOCWno2BFuxt3my4i1frNrt7PerzB3queqa1NkQ0=
github.com/libp2p/go-libp2p-record v0.2.0/go.mod h1:I+3zMkvvg5m2OcSdoL0KPljyJyvNDFGKX7QdlpYUcwk=
github.com/libp2p/go-libp2p-record v0.3.1 h1:cly48Xi5GjNw5Wq+7gmjfBiG9HCzQVkiZOUZ8kUl+Fg=
github.com/libp2p/go-libp2p-record v0.3.1/go.mod h1:T8itUkLcWQLCYMqtX7Th6r7SexyUJpIyPgks757td/E=
github.com/libp2p/go-libp2p-routing-helpers v0.7.4 h1:6LqS1Bzn5CfDJ4tzvP9uwh42IB7TJLNFJA6dEeGBv84=
github.com/libp2p/go-libp2p-routing-helpers v0.7.4/go.mod h1:we5WDj9tbolBXOuF1hGOkR+r7Uh1408tQbAKaT5n1LE=
github.com/libp2p/go-libp2p-testing v0.12.0 h1:EPvBb4kKMWO29qP4mZGyhVzUyR25dvfUIK5WDu6iPUA=
@ -268,23 +251,20 @@ github.com/libp2p/go-msgio v0.3.0 h1:mf3Z8B1xcFN314sWX+2vOTShIE0Mmn2TXn3YCUQGNj0
github.com/libp2p/go-msgio v0.3.0/go.mod h1:nyRM819GmVaF9LX3l03RMh10QdOroF++NBbxAb0mmDM=
github.com/libp2p/go-nat v0.2.0 h1:Tyz+bUFAYqGyJ/ppPPymMGbIgNRH+WqC5QrT5fKrrGk=
github.com/libp2p/go-nat v0.2.0/go.mod h1:3MJr+GRpRkyT65EpVPBstXLvOlAPzUVlG6Pwg9ohLJk=
github.com/libp2p/go-netroute v0.2.1 h1:V8kVrpD8GK0Riv15/7VN6RbUQ3URNZVosw7H2v9tksU=
github.com/libp2p/go-netroute v0.2.1/go.mod h1:hraioZr0fhBjG0ZRXJJ6Zj2IVEVNx6tDTFQfSmcq7mQ=
github.com/libp2p/go-netroute v0.2.2 h1:Dejd8cQ47Qx2kRABg6lPwknU7+nBnFRpko45/fFPuZ8=
github.com/libp2p/go-netroute v0.2.2/go.mod h1:Rntq6jUAH0l9Gg17w5bFGhcC9a+vk4KNXs6s7IljKYE=
github.com/libp2p/go-reuseport v0.4.0 h1:nR5KU7hD0WxXCJbmw7r2rhRYruNRl2koHw8fQscQm2s=
github.com/libp2p/go-reuseport v0.4.0/go.mod h1:ZtI03j/wO5hZVDFo2jKywN6bYKWLOy8Se6DrI2E1cLU=
github.com/libp2p/go-yamux/v4 v4.0.1 h1:FfDR4S1wj6Bw2Pqbc8Uz7pCxeRBPbwsBbEdfwiCypkQ=
github.com/libp2p/go-yamux/v4 v4.0.1/go.mod h1:NWjl8ZTLOGlozrXSOZ/HlfG++39iKNnM5wwmtQP1YB4=
github.com/libp2p/go-yamux/v4 v4.0.2 h1:nrLh89LN/LEiqcFiqdKDRHjGstN300C1269K/EX0CPU=
github.com/libp2p/go-yamux/v4 v4.0.2/go.mod h1:C808cCRgOs1iBwY4S71T5oxgMxgLmqUw56qh4AeBW2o=
github.com/libp2p/zeroconf/v2 v2.2.0 h1:Cup06Jv6u81HLhIj1KasuNM/RHHrJ8T7wOTS4+Tv53Q=
github.com/libp2p/zeroconf/v2 v2.2.0/go.mod h1:fuJqLnUwZTshS3U/bMRJ3+ow/v9oid1n0DmyYyNO1Xs=
github.com/lmittmann/ppm v1.0.2 h1:YW2FFG864rGdrzYu41XngKfptOQU2V+cOmi/hBbaUlI=
github.com/lmittmann/ppm v1.0.2/go.mod h1:GObNM/dbtplb87+9xClwI9bZ+AOPMg0Ujf4k3iLo23E=
github.com/lucasb-eyer/go-colorful v1.0.3/go.mod h1:R4dSotOR9KMtayYi1e77YzuveK+i7ruzyGqttikkLy0=
github.com/lucasb-eyer/go-colorful v1.2.0 h1:1nnpGOrhyZZuNyfu1QjKiUICQ74+3FNCN69Aj6K7nkY=
github.com/lucasb-eyer/go-colorful v1.2.0/go.mod h1:R4dSotOR9KMtayYi1e77YzuveK+i7ruzyGqttikkLy0=
github.com/lufia/plan9stats v0.0.0-20211012122336-39d0f177ccd0 h1:6E+4a0GO5zZEnZ81pIr0yLvtUWk2if982qA3F3QD6H4=
github.com/lufia/plan9stats v0.0.0-20211012122336-39d0f177ccd0/go.mod h1:zJYVVT2jmtg6P3p1VtQj7WsuWi/y4VnjVBn7F8KPB3I=
github.com/lufia/plan9stats v0.0.0-20240909124753-873cd0166683 h1:7UMa6KCCMjZEMDtTVdcGu0B1GmmC7QJKiCCjyTAWQy0=
github.com/lufia/plan9stats v0.0.0-20240909124753-873cd0166683/go.mod h1:ilwx/Dta8jXAgpFYFvSWEMwxmbWXyiUHkd5FwyKhb5k=
github.com/lunixbochs/vtclean v1.0.0/go.mod h1:pHhQNgMf3btfWnGBVipUOjRYhoOsdGqdm/+2c2E2WMI=
github.com/lxn/win v0.0.0-20210218163916-a377121e959e h1:H+t6A/QJMbhCSEH5rAuRxh+CtW96g0Or0Fxa9IKr4uc=
github.com/lxn/win v0.0.0-20210218163916-a377121e959e/go.mod h1:KxxjdtRkfNoYDCUP5ryK7XJJNTnpC8atvtmTheChOtk=
@ -293,17 +273,14 @@ github.com/makiuchi-d/gozxing v0.1.1 h1:xxqijhoedi+/lZlhINteGbywIrewVdVv2wl9r5O9
github.com/makiuchi-d/gozxing v0.1.1/go.mod h1:eRIHbOjX7QWxLIDJoQuMLhuXg9LAuw6znsUtRkNw9DU=
github.com/marten-seemann/tcp v0.0.0-20210406111302-dfbc87cc63fd h1:br0buuQ854V8u83wA0rVZ8ttrq5CpaPZdvrK0LP2lOk=
github.com/marten-seemann/tcp v0.0.0-20210406111302-dfbc87cc63fd/go.mod h1:QuCEs1Nt24+FYQEqAAncTDPJIuGs+LxK1MCiFL25pMU=
github.com/mattn/go-colorable v0.1.13 h1:fFA4WZxdEF4tXPZVKMLwD8oUnCTTo08duU7wxecdEvA=
github.com/mattn/go-colorable v0.1.13/go.mod h1:7S9/ev0klgBDR4GtXTXX8a3vIGJpMovkB8vQcUbaXHg=
github.com/mattn/go-isatty v0.0.14/go.mod h1:7GGIvUiUoEMVVmxf/4nioHXj79iQHKdU27kJ6hsGG94=
github.com/mattn/go-isatty v0.0.16/go.mod h1:kYGgaQfpe5nmfYZH+SKPsOc2e4SrIfOl2e/yFXSvRLM=
github.com/mattn/go-isatty v0.0.20 h1:xfD0iDuEKnDkl03q4limB+vH+GxLEtL/jb4xVJSWWEY=
github.com/mattn/go-isatty v0.0.20/go.mod h1:W+V8PltTTMOvKvAeJH7IuucS94S2C6jfK/D7dTCTo3Y=
github.com/matttproud/golang_protobuf_extensions v1.0.1/go.mod h1:D8He9yQNgCq6Z5Ld7szi9bcBfOoFv/3dc6xSMkL2PC0=
github.com/microcosm-cc/bluemonday v1.0.1/go.mod h1:hsXNsILzKxV+sX77C5b8FSuKF00vh2OMYv+xgHpAMF4=
github.com/miekg/dns v1.1.43/go.mod h1:+evo5L0630/F6ca/Z9+GAqzhjGyn8/c+TBaOyfEl0V4=
github.com/miekg/dns v1.1.62 h1:cN8OuEF1/x5Rq6Np+h1epln8OiyPWV+lROx9LxcGgIQ=
github.com/miekg/dns v1.1.62/go.mod h1:mvDlcItzm+br7MToIKqkglaGhlFMHJ9DTNNWONWXbNQ=
github.com/miekg/dns v1.1.63 h1:8M5aAw6OMZfFXTT7K5V0Eu5YiiL8l7nUAkyN6C9YwaY=
github.com/miekg/dns v1.1.63/go.mod h1:6NGHfjhpmr5lt3XPLuyfDJi5AXbNIPM9PY6H6sF1Nfs=
github.com/mikioh/tcp v0.0.0-20190314235350-803a9b46060c h1:bzE/A84HN25pxAuk9Eej1Kz9OUelF97nAc82bDquQI8=
github.com/mikioh/tcp v0.0.0-20190314235350-803a9b46060c/go.mod h1:0SQS9kMwD2VsyFEB++InYyBJroV/FRmBgcydeSUcJms=
github.com/mikioh/tcpinfo v0.0.0-20190314235526-30a79bb1804b h1:z78hV3sbSMAUoyUMM0I83AUIT6Hu17AWfgjzIbtrYFc=
@ -321,12 +298,8 @@ github.com/modern-go/reflect2 v1.0.1/go.mod h1:bx2lNnkwVCuqBIxFjflWJWanXIb3Rllmb
github.com/mr-tron/base58 v1.1.2/go.mod h1:BinMc/sQntlIE1frQmRFPUoPA1Zkr8VRgBdjWI2mNwc=
github.com/mr-tron/base58 v1.2.0 h1:T/HDJBh4ZCPbU39/+c3rRvE0uKBQlU27+QI8LJ4t64o=
github.com/mr-tron/base58 v1.2.0/go.mod h1:BinMc/sQntlIE1frQmRFPUoPA1Zkr8VRgBdjWI2mNwc=
github.com/mudler/edgevpn v0.28.4 h1:9shCLB3TRyCoZtWc1NUXhfhd/R9bURkbNuxi5tJJMvo=
github.com/mudler/edgevpn v0.28.4/go.mod h1:KJMuWVXboAg7gdOGk7tmiwM1trBpmlGidH/ODQqBvjg=
github.com/mudler/edgevpn v0.29.0 h1:SEkVyjXL6P8szUZFlL8W1EYBxvFsEIFvXlXcRfGrXYU=
github.com/mudler/edgevpn v0.29.0/go.mod h1:+kSy9b44eo97PnJ3fOnTkcTgxNXdgJBcd2bopx4leto=
github.com/mudler/edgevpn v0.29.1 h1:suKlwhNvxYhr5v+mRsaazT0aghe6UAfmh/29uVrG0nw=
github.com/mudler/edgevpn v0.29.1/go.mod h1:WToitENIlxqDx7uDzByoMqeh7d5pXpcWjFwjCUI0oTc=
github.com/mudler/edgevpn v0.29.2 h1:+VBTPZ+DeSSEFiZhw0HzgE+w8vaH/B1GVGNolZwyECo=
github.com/mudler/edgevpn v0.29.2/go.mod h1:gBPr/+5XbtkRMD/iXmrdykyylB2qXTTF+nfUdKaqogE=
github.com/mudler/go-processmanager v0.0.0-20240820160718-8b802d3ecf82 h1:FVT07EI8njvsD4tC2Hw8Xhactp5AWhsQWD4oTeQuSAU=
github.com/mudler/go-processmanager v0.0.0-20240820160718-8b802d3ecf82/go.mod h1:Urp7LG5jylKoDq0663qeBh0pINGcRl35nXdKx82PSoU=
github.com/mudler/water v0.0.0-20221010214108-8c7313014ce0 h1:Qh6ghkMgTu6siFbTf7L3IszJmshMhXxNL4V+t7IIA6w=
@ -338,8 +311,6 @@ github.com/multiformats/go-base36 v0.2.0/go.mod h1:qvnKE++v+2MWCfePClUEjE78Z7P2a
github.com/multiformats/go-multiaddr v0.1.1/go.mod h1:aMKBKNEYmzmDmxfX88/vz+J5IU55txyt0p4aiWVohjo=
github.com/multiformats/go-multiaddr v0.14.0 h1:bfrHrJhrRuh/NXH5mCnemjpbGjzRw/b+tJFOD41g2tU=
github.com/multiformats/go-multiaddr v0.14.0/go.mod h1:6EkVAxtznq2yC3QT5CM1UTAwG0GTP3EWAIcjHuzQ+r4=
github.com/multiformats/go-multiaddr-dns v0.4.0 h1:P76EJ3qzBXpUXZ3twdCDx/kvagMsNo0LMFXpyms/zgU=
github.com/multiformats/go-multiaddr-dns v0.4.0/go.mod h1:7hfthtB4E4pQwirrz+J0CcDUfbWzTqEzVyYKKIKpgkc=
github.com/multiformats/go-multiaddr-dns v0.4.1 h1:whi/uCLbDS3mSEUMb1MsoT4uzUeZB0N32yzufqS0i5M=
github.com/multiformats/go-multiaddr-dns v0.4.1/go.mod h1:7hfthtB4E4pQwirrz+J0CcDUfbWzTqEzVyYKKIKpgkc=
github.com/multiformats/go-multiaddr-fmt v0.1.0 h1:WLEFClPycPkp4fnIzoFoV9FVd49/eQsuaL3/CWe167E=
@ -351,8 +322,6 @@ github.com/multiformats/go-multicodec v0.9.0/go.mod h1:L3QTQvMIaVBkXOXXtVmYE+LI1
github.com/multiformats/go-multihash v0.0.8/go.mod h1:YSLudS+Pi8NHE7o6tb3D8vrpKa63epEDmG8nTduyAew=
github.com/multiformats/go-multihash v0.2.3 h1:7Lyc8XfX/IY2jWb/gI7JP+o7JEq9hOa7BFvVU9RSh+U=
github.com/multiformats/go-multihash v0.2.3/go.mod h1:dXgKXCXjBzdscBLk9JkjINiEsCKRVch90MdaGiKsvSM=
github.com/multiformats/go-multistream v0.5.0 h1:5htLSLl7lvJk3xx3qT/8Zm9J4K8vEOf/QGkvOGQAyiE=
github.com/multiformats/go-multistream v0.5.0/go.mod h1:n6tMZiwiP2wUsR8DgfDWw1dydlEqV3l6N3/GBsX6ILA=
github.com/multiformats/go-multistream v0.6.0 h1:ZaHKbsL404720283o4c/IHQXiS6gb8qAN5EIJ4PN5EA=
github.com/multiformats/go-multistream v0.6.0/go.mod h1:MOyoG5otO24cHIg8kf9QW2/NozURlkP/rvi2FQJyCPg=
github.com/multiformats/go-varint v0.0.7 h1:sWSGR+f/eu5ABZA2ZpYKBILXTTs9JWpdEM/nEGOHFS8=
@ -365,12 +334,8 @@ github.com/nxadm/tail v1.4.11 h1:8feyoE3OzPrcshW5/MJ4sGESc5cqmGkGCWlco4l0bqY=
github.com/nxadm/tail v1.4.11/go.mod h1:OTaG3NK980DZzxbRq6lEuzgU+mug70nY11sMd4JXXHc=
github.com/onsi/ginkgo v1.16.5 h1:8xi0RTUf59SOSfEtZMvwTvXYMzG4gV23XVHOZiXNtnE=
github.com/onsi/ginkgo v1.16.5/go.mod h1:+E8gABHa3K6zRBolWtd+ROzc/U5bkGt0FwiG042wbpU=
github.com/onsi/ginkgo/v2 v2.22.0 h1:Yed107/8DjTr0lKCNt7Dn8yQ6ybuDRQoMGrNFKzMfHg=
github.com/onsi/ginkgo/v2 v2.22.0/go.mod h1:7Du3c42kxCUegi0IImZ1wUQzMBVecgIHjR1C+NkhLQo=
github.com/onsi/ginkgo/v2 v2.22.2 h1:/3X8Panh8/WwhU/3Ssa6rCKqPLuAkVY2I0RoyDLySlU=
github.com/onsi/ginkgo/v2 v2.22.2/go.mod h1:oeMosUL+8LtarXBHu/c0bx2D/K9zyQ6uX3cTyztHwsk=
github.com/onsi/gomega v1.35.1 h1:Cwbd75ZBPxFSuZ6T+rN/WCb/gOc6YgFBXLlZLhC7Ds4=
github.com/onsi/gomega v1.35.1/go.mod h1:PvZbdDc8J6XJEpDK4HCuRBm8a6Fzp9/DmhC9C7yFlog=
github.com/onsi/gomega v1.36.2 h1:koNYke6TVk6ZmnyHrCXba/T/MoLBXFjeC1PtvYgw0A8=
github.com/onsi/gomega v1.36.2/go.mod h1:DdwyADRjrc825LhMEkD76cHR5+pUnjhUN8GlHlRPHzY=
github.com/opencontainers/runtime-spec v1.0.2/go.mod h1:jwyrGlmzljRJv/Fgzds9SsS/C5hL+LL3ko9hs6T5lQ0=
@ -385,41 +350,32 @@ github.com/peterbourgon/diskv v2.0.1+incompatible h1:UBdAOUP5p4RWqPBg048CAvpKN+v
github.com/peterbourgon/diskv v2.0.1+incompatible/go.mod h1:uqqh8zWWbv1HBMNONnaR/tNboyR3/BZd58JJSHlUSCU=
github.com/phayes/freeport v0.0.0-20220201140144-74d24b5ae9f5 h1:Ii+DKncOVM8Cu1Hc+ETb5K+23HdAMvESYE3ZJ5b5cMI=
github.com/phayes/freeport v0.0.0-20220201140144-74d24b5ae9f5/go.mod h1:iIss55rKnNBTvrwdmkUpLnDpZoAHvWaiq5+iMmen4AE=
github.com/pion/datachannel v1.5.9 h1:LpIWAOYPyDrXtU+BW7X0Yt/vGtYxtXQ8ql7dFfYUVZA=
github.com/pion/datachannel v1.5.9/go.mod h1:kDUuk4CU4Uxp82NH4LQZbISULkX/HtzKa4P7ldf9izE=
github.com/pion/datachannel v1.5.10 h1:ly0Q26K1i6ZkGf42W7D4hQYR90pZwzFOjTq5AuCKk4o=
github.com/pion/datachannel v1.5.10/go.mod h1:p/jJfC9arb29W7WrxyKbepTU20CFgyx5oLo8Rs4Py/M=
github.com/pion/dtls/v2 v2.2.7/go.mod h1:8WiMkebSHFD0T+dIU+UeBaoV7kDhOW5oDCzZ7WZ/F9s=
github.com/pion/dtls/v2 v2.2.12 h1:KP7H5/c1EiVAAKUmXyCzPiQe5+bCJrpOeKg/L05dunk=
github.com/pion/dtls/v2 v2.2.12/go.mod h1:d9SYc9fch0CqK90mRk1dC7AkzzpwJj6u2GU3u+9pqFE=
github.com/pion/ice/v2 v2.3.36 h1:SopeXiVbbcooUg2EIR8sq4b13RQ8gzrkkldOVg+bBsc=
github.com/pion/ice/v2 v2.3.36/go.mod h1:mBF7lnigdqgtB+YHkaY/Y6s6tsyRyo4u4rPGRuOjUBQ=
github.com/pion/ice/v2 v2.3.37 h1:ObIdaNDu1rCo7hObhs34YSBcO7fjslJMZV0ux+uZWh0=
github.com/pion/ice/v2 v2.3.37/go.mod h1:mBF7lnigdqgtB+YHkaY/Y6s6tsyRyo4u4rPGRuOjUBQ=
github.com/pion/interceptor v0.1.37 h1:aRA8Zpab/wE7/c0O3fh1PqY0AJI3fCSEM5lRWJVorwI=
github.com/pion/interceptor v0.1.37/go.mod h1:JzxbJ4umVTlZAf+/utHzNesY8tmRkM2lVmkS82TTj8Y=
github.com/pion/logging v0.2.2 h1:M9+AIj/+pxNsDfAT64+MAVgJO0rsyLnoJKCqf//DoeY=
github.com/pion/logging v0.2.2/go.mod h1:k0/tDVsRCX2Mb2ZEmTqNa7CWsQPc+YYCB7Q+5pahoms=
github.com/pion/logging v0.2.3 h1:gHuf0zpoh1GW67Nr6Gj4cv5Z9ZscU7g/EaoC/Ke/igI=
github.com/pion/logging v0.2.3/go.mod h1:z8YfknkquMe1csOrxK5kc+5/ZPAzMxbKLX5aXpbpC90=
github.com/pion/mdns v0.0.12 h1:CiMYlY+O0azojWDmxdNr7ADGrnZ+V6Ilfner+6mSVK8=
github.com/pion/mdns v0.0.12/go.mod h1:VExJjv8to/6Wqm1FXK+Ii/Z9tsVk/F5sD/N70cnYFbk=
github.com/pion/randutil v0.1.0 h1:CFG1UdESneORglEsnimhUjf33Rwjubwj6xfiOXBa3mA=
github.com/pion/randutil v0.1.0/go.mod h1:XcJrSMMbbMRhASFVOlj/5hQial/Y8oH/HVo7TBZq+j8=
github.com/pion/rtcp v1.2.12/go.mod h1:sn6qjxvnwyAkkPzPULIbVqSKI5Dv54Rv7VG0kNxh9L4=
github.com/pion/rtcp v1.2.14 h1:KCkGV3vJ+4DAJmvP0vaQShsb0xkRfWkO540Gy102KyE=
github.com/pion/rtcp v1.2.14/go.mod h1:sn6qjxvnwyAkkPzPULIbVqSKI5Dv54Rv7VG0kNxh9L4=
github.com/pion/rtcp v1.2.15 h1:LZQi2JbdipLOj4eBjK4wlVoQWfrZbh3Q6eHtWtJBZBo=
github.com/pion/rtcp v1.2.15/go.mod h1:jlGuAjHMEXwMUHK78RgX0UmEJFV4zUKOFHR7OP+D3D0=
github.com/pion/rtp v1.8.3/go.mod h1:pBGHaFt/yW7bf1jjWAoUjpSNoDnw98KTMg+jWWvziqU=
github.com/pion/rtp v1.8.9 h1:E2HX740TZKaqdcPmf4pw6ZZuG8u5RlMMt+l3dxeu6Wk=
github.com/pion/rtp v1.8.9/go.mod h1:pBGHaFt/yW7bf1jjWAoUjpSNoDnw98KTMg+jWWvziqU=
github.com/pion/rtp v1.8.10 h1:puphjdbjPB+L+NFaVuZ5h6bt1g5q4kFIoI+r5q/g0CU=
github.com/pion/rtp v1.8.10/go.mod h1:8uMBJj32Pa1wwx8Fuv/AsFhn8jsgw+3rUC2PfoBZ8p4=
github.com/pion/sctp v1.8.33 h1:dSE4wX6uTJBcNm8+YlMg7lw1wqyKHggsP5uKbdj+NZw=
github.com/pion/sctp v1.8.33/go.mod h1:beTnqSzewI53KWoG3nqB282oDMGrhNxBdb+JZnkCwRM=
github.com/pion/rtp v1.8.11 h1:17xjnY5WO5hgO6SD3/NTIUPvSFw/PbLsIJyz1r1yNIk=
github.com/pion/rtp v1.8.11/go.mod h1:8uMBJj32Pa1wwx8Fuv/AsFhn8jsgw+3rUC2PfoBZ8p4=
github.com/pion/sctp v1.8.35 h1:qwtKvNK1Wc5tHMIYgTDJhfZk7vATGVHhXbUDfHbYwzA=
github.com/pion/sctp v1.8.35/go.mod h1:EcXP8zCYVTRy3W9xtOF7wJm1L1aXfKRQzaM33SjQlzg=
github.com/pion/sdp/v3 v3.0.9 h1:pX++dCHoHUwq43kuwf3PyJfHlwIj4hXA7Vrifiq0IJY=
github.com/pion/sdp/v3 v3.0.9/go.mod h1:B5xmvENq5IXJimIO4zfp6LAe1fD9N+kFv+V/1lOdz8M=
github.com/pion/sdp/v3 v3.0.10 h1:6MChLE/1xYB+CjumMw+gZ9ufp2DPApuVSnDT8t5MIgA=
github.com/pion/sdp/v3 v3.0.10/go.mod h1:88GMahN5xnScv1hIMTqLdu/cOcUkj6a9ytbncwMCq2E=
github.com/pion/srtp/v2 v2.0.20 h1:HNNny4s+OUmG280ETrCdgFndp4ufx3/uy85EawYEhTk=
github.com/pion/srtp/v2 v2.0.20/go.mod h1:0KJQjA99A6/a0DOVTu1PhDSw0CXF2jTkqOoMg3ODqdA=
github.com/pion/stun v0.6.1 h1:8lp6YejULeHBF8NmV8e2787BogQhduZugh5PdhDyyN4=
@ -435,8 +391,6 @@ github.com/pion/transport/v3 v3.0.7/go.mod h1:YleKiTZ4vqNxVwh77Z0zytYi7rXHl7j6uP
github.com/pion/turn/v2 v2.1.3/go.mod h1:huEpByKKHix2/b9kmTAM3YoX6MKP+/D//0ClgUYR2fY=
github.com/pion/turn/v2 v2.1.6 h1:Xr2niVsiPTB0FPtt+yAWKFUkU1eotQbGgpTIld4x1Gc=
github.com/pion/turn/v2 v2.1.6/go.mod h1:huEpByKKHix2/b9kmTAM3YoX6MKP+/D//0ClgUYR2fY=
github.com/pion/webrtc/v3 v3.3.4 h1:v2heQVnXTSqNRXcaFQVOhIOYkLMxOu1iJG8uy1djvkk=
github.com/pion/webrtc/v3 v3.3.4/go.mod h1:liNa+E1iwyzyXqNUwvoMRNQ10x8h8FOeJKL8RkIbamE=
github.com/pion/webrtc/v3 v3.3.5 h1:ZsSzaMz/i9nblPdiAkZoP+E6Kmjw+jnyq3bEmU3EtRg=
github.com/pion/webrtc/v3 v3.3.5/go.mod h1:liNa+E1iwyzyXqNUwvoMRNQ10x8h8FOeJKL8RkIbamE=
github.com/pkg/errors v0.8.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0=
@ -446,8 +400,8 @@ github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZb
github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4=
github.com/polydawn/refmt v0.89.0 h1:ADJTApkvkeBZsN0tBTx8QjpD9JkmxbKp0cxfr9qszm4=
github.com/polydawn/refmt v0.89.0/go.mod h1:/zvteZs/GwLtCgZ4BL6CBsk9IKIlexP43ObX9AxTqTw=
github.com/power-devops/perfstat v0.0.0-20210106213030-5aafc221ea8c h1:ncq/mPwQF4JjgDlrVEn3C11VoGHZN7m8qihwgMEtzYw=
github.com/power-devops/perfstat v0.0.0-20210106213030-5aafc221ea8c/go.mod h1:OmDBASR4679mdNQnz2pUhc2G8CO2JrUAVFDRBDP/hJE=
github.com/power-devops/perfstat v0.0.0-20240221224432-82ca36839d55 h1:o4JXh1EVt9k/+g42oCprj/FisM4qX9L3sZB3upGN2ZU=
github.com/power-devops/perfstat v0.0.0-20240221224432-82ca36839d55/go.mod h1:OmDBASR4679mdNQnz2pUhc2G8CO2JrUAVFDRBDP/hJE=
github.com/prometheus/client_golang v0.8.0/go.mod h1:7SWBe2y4D6OKWSNQJUaRYU/AaXPKyh/dDVn+NZz0KFw=
github.com/prometheus/client_golang v1.20.5 h1:cxppBPuYhUnsO6yo/aoRol4L7q7UFfdm+bR9r+8l63Y=
github.com/prometheus/client_golang v1.20.5/go.mod h1:PIEt8X02hGcP8JWbeHyeZ53Y/jReSnHgO035n//V5WE=
@ -456,42 +410,27 @@ github.com/prometheus/client_model v0.0.0-20190812154241-14fe0d1b01d4/go.mod h1:
github.com/prometheus/client_model v0.6.1 h1:ZKSh/rekM+n3CeS952MLRAdFwIKqeY8b62p8ais2e9E=
github.com/prometheus/client_model v0.6.1/go.mod h1:OrxVMOVHjw3lKMa8+x6HeMGkHMQyHDk9E3jmP2AmGiY=
github.com/prometheus/common v0.0.0-20180801064454-c7de2306084e/go.mod h1:daVV7qP5qjZbuso7PdcryaAu0sAZbrN9i7WWcTMWvro=
github.com/prometheus/common v0.60.0 h1:+V9PAREWNvJMAuJ1x1BaWl9dewMW4YrHZQbx0sJNllA=
github.com/prometheus/common v0.60.0/go.mod h1:h0LYf1R1deLSKtD4Vdg8gy4RuOvENW2J/h19V5NADQw=
github.com/prometheus/common v0.61.0 h1:3gv/GThfX0cV2lpO7gkTUwZru38mxevy90Bj8YFSRQQ=
github.com/prometheus/common v0.61.0/go.mod h1:zr29OCN/2BsJRaFwG8QOBr41D6kkchKbpeNH7pAjb/s=
github.com/prometheus/common v0.62.0 h1:xasJaQlnWAeyHdUBeGjXmutelfJHWMRr+Fg4QszZ2Io=
github.com/prometheus/common v0.62.0/go.mod h1:vyBcEuLSvWos9B1+CyL7JZ2up+uFzXhkqml0W5zIY1I=
github.com/prometheus/procfs v0.0.0-20180725123919-05ee40e3a273/go.mod h1:c3At6R/oaqEKCNdg8wHV1ftS6bRYblBhIjjI8uT2IGk=
github.com/prometheus/procfs v0.15.1 h1:YagwOFzUgYfKKHX6Dr+sHT7km/hxC76UB0learggepc=
github.com/prometheus/procfs v0.15.1/go.mod h1:fB45yRUv8NstnjriLhBQLuOUt+WW4BsoGhij/e3PBqk=
github.com/quic-go/qpack v0.4.0 h1:Cr9BXA1sQS2SmDUWjSofMPNKmvF6IiIfDRmgU0w1ZCo=
github.com/quic-go/qpack v0.4.0/go.mod h1:UZVnYIfi5GRk+zI9UMaCPsmZ2xKJP7XBUvVyT1Knj9A=
github.com/quic-go/qpack v0.5.1 h1:giqksBPnT/HDtZ6VhtFKgoLOWmlyo9Ei6u9PqzIMbhI=
github.com/quic-go/qpack v0.5.1/go.mod h1:+PC4XFrEskIVkcLzpEkbLqq1uCoxPhQuvK5rH1ZgaEg=
github.com/quic-go/quic-go v0.46.0 h1:uuwLClEEyk1DNvchH8uCByQVjo3yKL9opKulExNDs7Y=
github.com/quic-go/quic-go v0.46.0/go.mod h1:1dLehS7TIR64+vxGR70GDcatWTOtMX2PUtnKsjbTurI=
github.com/quic-go/quic-go v0.48.2 h1:wsKXZPeGWpMpCGSWqOcqpW2wZYic/8T3aqiOID0/KWE=
github.com/quic-go/quic-go v0.48.2/go.mod h1:yBgs3rWBOADpga7F+jJsb6Ybg1LSYiQvwWlLX+/6HMs=
github.com/quic-go/webtransport-go v0.8.0 h1:HxSrwun11U+LlmwpgM1kEqIqH90IT4N8auv/cD7QFJg=
github.com/quic-go/webtransport-go v0.8.0/go.mod h1:N99tjprW432Ut5ONql/aUhSLT0YVSlwHohQsuac9WaM=
github.com/quic-go/quic-go v0.49.0 h1:w5iJHXwHxs1QxyBv1EHKuC50GX5to8mJAxvtnttJp94=
github.com/quic-go/quic-go v0.49.0/go.mod h1:s2wDnmCdooUQBmQfpUSTCYBl1/D4FcqbULMMkASvR6s=
github.com/quic-go/webtransport-go v0.8.1-0.20241018022711-4ac2c9250e66 h1:4WFk6u3sOT6pLa1kQ50ZVdm8BQFgJNA117cepZxtLIg=
github.com/quic-go/webtransport-go v0.8.1-0.20241018022711-4ac2c9250e66/go.mod h1:Vp72IJajgeOL6ddqrAhmp7IM9zbTcgkQxD/YdxrVwMw=
github.com/raulk/go-watchdog v1.3.0 h1:oUmdlHxdkXRJlwfG0O9omj8ukerm8MEQavSiDTEtBsk=
github.com/raulk/go-watchdog v1.3.0/go.mod h1:fIvOnLbF0b0ZwkB9YU4mOW9Did//4vPZtDqv66NfsMU=
github.com/rogpeppe/go-internal v1.3.0/go.mod h1:M8bDsm7K2OlrFYOpmOWEs/qY81heoFRclV5y23lUDJ4=
github.com/rogpeppe/go-internal v1.10.0 h1:TMyTOH3F/DB16zRVcYyreMH6GnZZrwQVAoYjRBZyWFQ=
github.com/rogpeppe/go-internal v1.10.0/go.mod h1:UQnix2H7Ngw/k4C5ijL5+65zddjncjaFoBhdsK/akog=
github.com/russross/blackfriday v1.5.2 h1:HyvC0ARfnZBqnXwABFeSZHpKvJHJJfPz81GNueLj0oo=
github.com/rogpeppe/go-internal v1.13.1 h1:KvO1DLK/DRN07sQ1LQKScxyZJuNnedQ5/wKSR38lUII=
github.com/rogpeppe/go-internal v1.13.1/go.mod h1:uMEvuHeurkdAXX61udpOXGD/AzZDWNMNyH2VO9fmH0o=
github.com/russross/blackfriday v1.5.2/go.mod h1:JO/DiYxRf+HjHt06OyowR9PTA263kcR/rfWxYHBV53g=
github.com/russross/blackfriday/v2 v2.0.1/go.mod h1:+Rmxgy9KzJVeS9/2gXHxylqXiyQDYRxCVz55jmeOWTM=
github.com/russross/blackfriday/v2 v2.1.0 h1:JIOH55/0cWyOuilr9/qlrm0BSXldqnqwMsf35Ld67mk=
github.com/russross/blackfriday/v2 v2.1.0/go.mod h1:+Rmxgy9KzJVeS9/2gXHxylqXiyQDYRxCVz55jmeOWTM=
github.com/sergi/go-diff v1.0.0/go.mod h1:0CfEIISq7TuYL3j771MWULgwwjU+GofnZX9QAmXWZgo=
github.com/shirou/gopsutil/v4 v4.24.7 h1:V9UGTK4gQ8HvcnPKf6Zt3XHyQq/peaekfxpJ2HSocJk=
github.com/shirou/gopsutil/v4 v4.24.7/go.mod h1:0uW/073rP7FYLOkvxolUQM5rMOLTNmRXnFKafpb71rw=
github.com/shoenig/go-m1cpu v0.1.6 h1:nxdKQNcEB6vzgA2E2bvzKIYRuNj7XNJ4S/aRSwKzFtM=
github.com/shoenig/go-m1cpu v0.1.6/go.mod h1:1JJMcUBvfNwpq05QDQVAnx3gUHr9IYF7GNg9SUEw2VQ=
github.com/shoenig/test v0.6.4 h1:kVTaSd7WLz5WZ2IaoM0RSzRsUD+m8wRR+5qvntpn4LU=
github.com/shoenig/test v0.6.4/go.mod h1:byHiCGXqrVaflBLAMq/srcZIHynQPQgeyvkvXnjqq0k=
github.com/shirou/gopsutil/v4 v4.25.1 h1:QSWkTc+fu9LTAWfkZwZ6j8MSUk4A2LV7rbH0ZqmLjXs=
github.com/shirou/gopsutil/v4 v4.25.1/go.mod h1:RoUCUpndaJFtT+2zsZzzmhvbfGoDCJ7nFXKJf8GqJbI=
github.com/shurcooL/component v0.0.0-20170202220835-f88ec8f54cc4/go.mod h1:XhFIlyj5a1fBNx5aJTbKoIq0mNaPvOagO+HjB3EtxrY=
github.com/shurcooL/events v0.0.0-20181021180414-410e4ca65f48/go.mod h1:5u70Mqkb5O5cxEA8nxTsgrgLehJeAw6Oc4Ab1c/P1HM=
github.com/shurcooL/github_flavored_markdown v0.0.0-20181002035957-2122de532470/go.mod h1:2dOwnU2uBioM+SGy2aZoq1f/Sd1l9OkAeAUvjSyvgU0=
@ -534,7 +473,6 @@ github.com/spectrocloud/peg v0.0.0-20240405075800-c5da7125e30f/go.mod h1:L2fIdtZ
github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME=
github.com/stretchr/objx v0.4.0/go.mod h1:YvHI0jy2hoMjB+UWwv71VJQ9isScKT/TqJzVSSt89Yw=
github.com/stretchr/objx v0.5.0/go.mod h1:Yh+to48EsGEfYuaHDzXPcE3xhTkx73EhmCGUpEOglKo=
github.com/stretchr/objx v0.5.2/go.mod h1:FRsXN1f5AsAjCGJKqEizvkpNtU+EGNCLh3NxZ/8L+MA=
github.com/stretchr/testify v1.2.2/go.mod h1:a8OnRcib4nhh0OaRAV+Yts87kKdq0PP7pXfy6kDkUVs=
github.com/stretchr/testify v1.3.0/go.mod h1:M5WIy9Dh21IEIfnGCwXGc5bZfKNJtfHm1UVUgZn+9EI=
github.com/stretchr/testify v1.4.0/go.mod h1:j7eGeouHqKxXV5pUuKE4zz7dFj8WfuZ+81PSLYec5m4=
@ -544,30 +482,22 @@ github.com/stretchr/testify v1.8.0/go.mod h1:yNjHg4UonilssWZ8iaSj1OCr/vHnekPRkoO
github.com/stretchr/testify v1.8.1/go.mod h1:w2LPCIKwWwSfY2zedu0+kehJoqGctiVI29o6fzry7u4=
github.com/stretchr/testify v1.8.3/go.mod h1:sz/lmYIOXD/1dqDmKjjqLyZ2RngseejIcXlSw2iwfAo=
github.com/stretchr/testify v1.8.4/go.mod h1:sz/lmYIOXD/1dqDmKjjqLyZ2RngseejIcXlSw2iwfAo=
github.com/stretchr/testify v1.9.0 h1:HtqpIVDClZ4nwg75+f6Lvsy/wHu+3BoSGCbBAcpTsTg=
github.com/stretchr/testify v1.9.0/go.mod h1:r2ic/lqez/lEtzL7wO/rwa5dbSLXVDPFyf8C91i36aY=
github.com/stretchr/testify v1.10.0 h1:Xv5erBjTwe/5IxqUQTdXv5kgmIvbHo3QQyRwhJsOfJA=
github.com/stretchr/testify v1.10.0/go.mod h1:r2ic/lqez/lEtzL7wO/rwa5dbSLXVDPFyf8C91i36aY=
github.com/tarm/serial v0.0.0-20180830185346-98f6abe2eb07/go.mod h1:kDXzergiv9cbyO7IOYJZWg1U88JhDg3PB6klq9Hg2pA=
github.com/tklauser/go-sysconf v0.3.12 h1:0QaGUFOdQaIVdPgfITYzaTegZvdCjmYO52cSFAEVmqU=
github.com/tklauser/go-sysconf v0.3.12/go.mod h1:Ho14jnntGE1fpdOqQEEaiKRpvIavV0hSfmBq8nJbHYI=
github.com/tklauser/numcpus v0.6.1 h1:ng9scYS7az0Bk4OZLvrNXNSAO2Pxr1XXRAPyjhIx+Fk=
github.com/tklauser/numcpus v0.6.1/go.mod h1:1XfjsgE2zo8GVw7POkMbHENHzVg3GzmoZ9fESEdAacY=
github.com/tklauser/go-sysconf v0.3.14 h1:g5vzr9iPFFz24v2KZXs/pvpvh8/V9Fw6vQK5ZZb78yU=
github.com/tklauser/go-sysconf v0.3.14/go.mod h1:1ym4lWMLUOhuBOPGtRcJm7tEGX4SCYNEEEtghGG/8uY=
github.com/tklauser/numcpus v0.9.0 h1:lmyCHtANi8aRUgkckBgoDk1nHCux3n2cgkJLXdQGPDo=
github.com/tklauser/numcpus v0.9.0/go.mod h1:SN6Nq1O3VychhC1npsWostA+oW+VOQTxZrS604NSRyI=
github.com/urfave/cli v1.22.2/go.mod h1:Gos4lmkARVdJ6EkW0WaNv/tZAAMe9V7XWyB60NtXRu0=
github.com/urfave/cli v1.22.10 h1:p8Fspmz3iTctJstry1PYS3HVdllxnEzTEsgIgtxTrCk=
github.com/urfave/cli v1.22.10/go.mod h1:Gos4lmkARVdJ6EkW0WaNv/tZAAMe9V7XWyB60NtXRu0=
github.com/urfave/cli/v2 v2.27.5 h1:WoHEJLdsXr6dDWoJgMq/CboDmyY/8HMMH1fTECbih+w=
github.com/urfave/cli/v2 v2.27.5/go.mod h1:3Sevf16NykTbInEnD0yKkjDAeZDS0A6bzhBH5hrMvTQ=
github.com/valyala/bytebufferpool v1.0.0 h1:GqA5TC/0021Y/b9FG4Oi9Mr3q7XYx6KllzawFIhcdPw=
github.com/valyala/bytebufferpool v1.0.0/go.mod h1:6bBcMArwyJ5K/AmCkWv1jt77kVWyCJ6HpOuEn7z0Csc=
github.com/valyala/fasttemplate v1.2.2 h1:lxLXG0uE3Qnshl9QyaK6XJxMXlQZELvChBOCmQD0Loo=
github.com/valyala/fasttemplate v1.2.2/go.mod h1:KHLXt3tVN2HBp8eijSv/kGJopbvo7S+qRAEEKiv+SiQ=
github.com/viant/assertly v0.4.8/go.mod h1:aGifi++jvCrUaklKEKT0BU95igDNaqkvz+49uaYMPRU=
github.com/viant/toolbox v0.24.0/go.mod h1:OxMCG57V0PXuIP2HNQrtJf2CjqdmbrOx5EkMILuUhzM=
github.com/vishvananda/netlink v1.3.0 h1:X7l42GfcV4S6E4vHTsw48qbrV+9PVojNfIhZcwQdrZk=
github.com/vishvananda/netlink v1.3.0/go.mod h1:i6NetklAujEcC6fK0JPjT8qSwWyO0HLn4UKG+hGqeJs=
github.com/vishvananda/netns v0.0.4 h1:Oeaw1EM2JMxD51g9uhtC0D7erkIjgmj8+JZc26m1YX8=
github.com/vishvananda/netns v0.0.4/go.mod h1:SpkAiCQRtJ6TvvxPnOSyH3BMl6unz3xZlaprSwhNNJM=
github.com/vishvananda/netns v0.0.5 h1:DfiHV+j8bA32MFM7bfEunvT8IAqQ/NzSJHtcmW5zdEY=
github.com/vishvananda/netns v0.0.5/go.mod h1:SpkAiCQRtJ6TvvxPnOSyH3BMl6unz3xZlaprSwhNNJM=
github.com/warpfork/go-wish v0.0.0-20220906213052-39a1cc7a02d0 h1:GDDkbFiaK8jsSDJfjId/PEGEShv6ugrt4kYsC5UIDaQ=
github.com/warpfork/go-wish v0.0.0-20220906213052-39a1cc7a02d0/go.mod h1:x6AKhvSSexNrVSrViXSHUEbICjmGXhtgABaHIySUSGw=
github.com/whyrusleeping/go-keyspace v0.0.0-20160322163242-5b898ac5add1 h1:EKhdznlJHPMoKr0XTrX+IlJs1LH3lyx2nfr1dOlZ79k=
@ -575,8 +505,6 @@ github.com/whyrusleeping/go-keyspace v0.0.0-20160322163242-5b898ac5add1/go.mod h
github.com/wlynxg/anet v0.0.3/go.mod h1:eay5PRQr7fIVAMbTbchTnO9gG65Hg/uYGdc7mguHxoA=
github.com/wlynxg/anet v0.0.5 h1:J3VJGi1gvo0JwZ/P1/Yc/8p63SoW98B5dHkYDmpgvvU=
github.com/wlynxg/anet v0.0.5/go.mod h1:eay5PRQr7fIVAMbTbchTnO9gG65Hg/uYGdc7mguHxoA=
github.com/xrash/smetrics v0.0.0-20240521201337-686a1a2994c1 h1:gEOO8jv9F4OT7lGCjxCBTO/36wtF6j2nSip77qHd4x4=
github.com/xrash/smetrics v0.0.0-20240521201337-686a1a2994c1/go.mod h1:Ohn+xnUBiLI6FVj/9LpzZWtj1/D6lUovWYBkxHVV3aM=
github.com/yuin/goldmark v1.1.27/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74=
github.com/yuin/goldmark v1.2.1/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74=
github.com/yuin/goldmark v1.3.5/go.mod h1:mwnBkeHKe2W/ZEtQ+71ViKU8L12m81fl3OWwC1Zlc8k=
@ -586,12 +514,14 @@ github.com/yusufpapurcu/wmi v1.2.4/go.mod h1:SBZ9tNy3G9/m5Oi98Zks0QjeHVDvuK0qfxQ
go.opencensus.io v0.18.0/go.mod h1:vKdFvxhtzZ9onBp9VKHK8z/sRpBMnKAsufL7wlDrCOA=
go.opencensus.io v0.24.0 h1:y73uSU6J157QMP2kn2r30vwW1A2W2WFwSCGnAVxeaD0=
go.opencensus.io v0.24.0/go.mod h1:vNK8G9p7aAivkbmorf4v+7Hgx+Zs0yY+0fOtgBfjQKo=
go.opentelemetry.io/otel v1.31.0 h1:NsJcKPIW0D0H3NgzPDHmo0WW6SptzPdqg/L1zsIm2hY=
go.opentelemetry.io/otel v1.31.0/go.mod h1:O0C14Yl9FgkjqcCZAsE053C13OaddMYr/hz6clDkEJE=
go.opentelemetry.io/otel/metric v1.31.0 h1:FSErL0ATQAmYHUIzSezZibnyVlft1ybhy4ozRPcF2fE=
go.opentelemetry.io/otel/metric v1.31.0/go.mod h1:C3dEloVbLuYoX41KpmAhOqNriGbA+qqH6PQ5E5mUfnY=
go.opentelemetry.io/otel/trace v1.31.0 h1:ffjsj1aRouKewfr85U2aGagJ46+MvodynlQ1HYdmJys=
go.opentelemetry.io/otel/trace v1.31.0/go.mod h1:TXZkRk7SM2ZQLtR6eoAWQFIHPvzQ06FJAsO1tJg480A=
go.opentelemetry.io/auto/sdk v1.1.0 h1:cH53jehLUN6UFLY71z+NDOiNJqDdPRaXzTel0sJySYA=
go.opentelemetry.io/auto/sdk v1.1.0/go.mod h1:3wSPjt5PWp2RhlCcmmOial7AvC4DQqZb7a7wCow3W8A=
go.opentelemetry.io/otel v1.34.0 h1:zRLXxLCgL1WyKsPVrgbSdMN4c0FMkDAskSTQP+0hdUY=
go.opentelemetry.io/otel v1.34.0/go.mod h1:OWFPOQ+h4G8xpyjgqo4SxJYdDQ/qmRH+wivy7zzx9oI=
go.opentelemetry.io/otel/metric v1.34.0 h1:+eTR3U0MyfWjRDhmFMxe2SsW64QrZ84AOhvqS7Y+PoQ=
go.opentelemetry.io/otel/metric v1.34.0/go.mod h1:CEDrp0fy2D0MvkXE+dPV7cMi8tWZwX3dmaIhwPOaqHE=
go.opentelemetry.io/otel/trace v1.34.0 h1:+ouXS2V8Rd4hp4580a8q23bg0azF2nI8cqLYnC8mh/k=
go.opentelemetry.io/otel/trace v1.34.0/go.mod h1:Svm7lSjQD7kG7KJ/MUHPVXSDGz2OX4h0M2jHBhmSfRE=
go.uber.org/atomic v1.6.0/go.mod h1:sABNBOSYdrvTF6hTgEIbc7YasKWGhgEQZyfxyTvoXHQ=
go.uber.org/atomic v1.7.0/go.mod h1:fEN4uk6kAWBTFdckzkM89CLk9XfWZrxpCo0nPH17wJc=
go.uber.org/dig v1.18.0 h1:imUL1UiY0Mg4bqbFfsRQO5G4CGRBec/ZujWTvSVp3pw=
@ -620,26 +550,21 @@ golang.org/x/crypto v0.0.0-20190313024323-a1f597ede03a/go.mod h1:djNgcEr1/C05ACk
golang.org/x/crypto v0.0.0-20190510104115-cbcb75029529/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI=
golang.org/x/crypto v0.0.0-20190611184440-5c40567a22f8/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI=
golang.org/x/crypto v0.0.0-20191011191535-87dc89f01550/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI=
golang.org/x/crypto v0.0.0-20191206172530-e9b2fee46413/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto=
golang.org/x/crypto v0.0.0-20200602180216-279210d13fed/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto=
golang.org/x/crypto v0.0.0-20200622213623-75b288015ac9/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto=
golang.org/x/crypto v0.0.0-20210322153248-0c34fe9e7dc2/go.mod h1:T9bdIzuCu7OtxOm1hfPfRQxPLYneinmdGuTeoZ9dtd4=
golang.org/x/crypto v0.0.0-20210513164829-c07d793c2f9a/go.mod h1:P+XmwS30IXTQdn5tA2iutPOUgjI07+tq3H3K9MVA1s8=
golang.org/x/crypto v0.0.0-20210921155107-089bfa567519/go.mod h1:GvvjBRRGRdwPK5ydBHafDWAxML/pGHZbMvKqRZ5+Abc=
golang.org/x/crypto v0.8.0/go.mod h1:mRqEX+O9/h5TFCrQhkgjo2yKi0yYA+9ecGkdQoHrywE=
golang.org/x/crypto v0.12.0/go.mod h1:NF0Gs7EO5K4qLn+Ylc+fih8BSTeIjAP05siRnAh98yw=
golang.org/x/crypto v0.18.0/go.mod h1:R0j02AL6hcrfOiy9T4ZYp/rcWeMxM3L6QYxlOuEG1mg=
golang.org/x/crypto v0.31.0 h1:ihbySMvVjLAeSH1IbfcRTkD/iNscyz8rGzjF/E5hV6U=
golang.org/x/crypto v0.31.0/go.mod h1:kDsLvtWBEx7MV9tJOj9bnXsPbxwJQ6csT/x4KIN4Ssk=
golang.org/x/crypto v0.32.0 h1:euUpcYgM8WcP71gNpTqQCn6rC2t6ULUPiOzfWaXVVfc=
golang.org/x/crypto v0.32.0/go.mod h1:ZnnJkOaASj8g0AjIduWNlq2NRxL0PlBrbKVyZ6V/Ugc=
golang.org/x/exp v0.0.0-20190121172915-509febef88a4/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA=
golang.org/x/exp v0.0.0-20241009180824-f66d83c29e7c h1:7dEasQXItcW1xKJ2+gg5VOiBnqWrJc+rq0DPKyvvdbY=
golang.org/x/exp v0.0.0-20241009180824-f66d83c29e7c/go.mod h1:NQtJDoLvd6faHhE7m4T/1IY708gDefGGjR/iUW8yQQ8=
golang.org/x/exp v0.0.0-20241217172543-b2144cdd0a67 h1:1UoZQm6f0P/ZO0w1Ri+f+ifG/gXhegadRdwBIXEFWDo=
golang.org/x/exp v0.0.0-20241217172543-b2144cdd0a67/go.mod h1:qj5a5QZpwLU2NLQudwIN5koi3beDhSAlJwa67PuM98c=
golang.org/x/exp v0.0.0-20250128182459-e0ece0dbea4c h1:KL/ZBHXgKGVmuZBZ01Lt57yE5ws8ZPSkkihmEyq7FXc=
golang.org/x/exp v0.0.0-20250128182459-e0ece0dbea4c/go.mod h1:tujkw807nyEEAamNbDrEGzRav+ilXA7PCRAd6xsmwiU=
golang.org/x/image v0.0.0-20191009234506-e7c1f5e7dbb8/go.mod h1:FeLwcggjj3mMvU+oOTbSwawSJRM1uh48EjtB4UJZlP0=
golang.org/x/image v0.0.0-20191206065243-da761ea9ff43/go.mod h1:FeLwcggjj3mMvU+oOTbSwawSJRM1uh48EjtB4UJZlP0=
golang.org/x/image v0.18.0 h1:jGzIakQa/ZXI1I0Fxvaa9W7yP25TqT6cHIHn+6CqvSQ=
golang.org/x/image v0.18.0/go.mod h1:4yyo5vMFQjVjUcVk4jEQcU9MGy/rulF5WvUILseCM2E=
golang.org/x/image v0.20.0 h1:7cVCUjQwfL18gyBJOmYvptfSHS8Fb3YUDtfLIZ7Nbpw=
golang.org/x/image v0.20.0/go.mod h1:0a88To4CYVBAHp5FXJm8o7QbUl37Vd85ply1vyD8auM=
golang.org/x/lint v0.0.0-20180702182130-06c8688daad7/go.mod h1:UVdnD1Gm6xHRNCYTkRU2/jEulfH38KcIWyp/GAMgvoE=
golang.org/x/lint v0.0.0-20181026193005-c67002cb31c3/go.mod h1:UVdnD1Gm6xHRNCYTkRU2/jEulfH38KcIWyp/GAMgvoE=
golang.org/x/lint v0.0.0-20190227174305-5b3e6a55c961/go.mod h1:wehouNa3lNwaWXcvxsM5YxQ5yQlVC4a0KAMCusXpPoU=
@ -653,10 +578,8 @@ golang.org/x/mod v0.3.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA=
golang.org/x/mod v0.4.2/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA=
golang.org/x/mod v0.6.0-dev.0.20220419223038-86c51ed26bb4/go.mod h1:jJ57K6gSWd91VN4djpZkiMVwK6gcyfeH4XE8wZrZaV4=
golang.org/x/mod v0.8.0/go.mod h1:iBbtSCu2XBx23ZKBPSOrRkjjQPZFPuis4dIYUhu/chs=
golang.org/x/mod v0.21.0 h1:vvrHzRwRfVKSiLrG+d4FMl/Qi4ukBCE6kZlTUkDYRT0=
golang.org/x/mod v0.21.0/go.mod h1:6SkKJ3Xj0I0BrPOZoBy3bdMptDDU9oJrpohJ3eWZ1fY=
golang.org/x/mod v0.22.0 h1:D4nJWe9zXqHOmWqj4VMOJhvzj7bEZg4wEYa759z1pH4=
golang.org/x/mod v0.22.0/go.mod h1:6SkKJ3Xj0I0BrPOZoBy3bdMptDDU9oJrpohJ3eWZ1fY=
golang.org/x/mod v0.23.0 h1:Zb7khfcRGKk+kqfxFaP5tZqCnDZMjC5VtUBs87Hr6QM=
golang.org/x/mod v0.23.0/go.mod h1:6SkKJ3Xj0I0BrPOZoBy3bdMptDDU9oJrpohJ3eWZ1fY=
golang.org/x/net v0.0.0-20180724234803-3673e40ba225/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4=
golang.org/x/net v0.0.0-20180826012351-8a410e7b638d/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4=
golang.org/x/net v0.0.0-20180906233101-161cd47e91fd/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4=
@ -681,8 +604,8 @@ golang.org/x/net v0.9.0/go.mod h1:d48xBJpPfHeWQsugry2m+kC02ZBRGRgulfHnEXEuWns=
golang.org/x/net v0.10.0/go.mod h1:0qNGK6F8kojg2nk9dLZ2mShWaEBan6FAoqfSigmmuDg=
golang.org/x/net v0.14.0/go.mod h1:PpSgVXXLK0OxS0F31C1/tv6XNguvCrnXIDrFMspZIUI=
golang.org/x/net v0.20.0/go.mod h1:z8BVo6PvndSri0LbOE3hAn0apkU+1YvI6E70E9jsnvY=
golang.org/x/net v0.33.0 h1:74SYHlV8BIgHIFC/LrYkOGIwL19eTYXQ5wc6TBuO36I=
golang.org/x/net v0.33.0/go.mod h1:HXLR5J+9DxmrqMwG9qjGCxZ+zKXxBru04zlTvWlWuN4=
golang.org/x/net v0.34.0 h1:Mb7Mrk043xzHgnRM88suvJFwzVrRfHEHJEl5/71CKw0=
golang.org/x/net v0.34.0/go.mod h1:di0qlW3YNM5oh6GqDGQr92MyTozJPmybPK4Ev/Gm31k=
golang.org/x/oauth2 v0.0.0-20180821212333-d2e6202438be/go.mod h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U=
golang.org/x/oauth2 v0.0.0-20181017192945-9dcd33a902f4/go.mod h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U=
golang.org/x/oauth2 v0.0.0-20181203162652-d668ce993890/go.mod h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U=
@ -698,8 +621,8 @@ golang.org/x/sync v0.0.0-20201020160332-67f06af15bc9/go.mod h1:RxMgew5VJxzue5/jJ
golang.org/x/sync v0.0.0-20210220032951-036812b2e83c/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
golang.org/x/sync v0.0.0-20220722155255-886fb9371eb4/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
golang.org/x/sync v0.1.0/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
golang.org/x/sync v0.10.0 h1:3NQrjDixjgGwUOCaF8w2+VYHv0Ve/vGYSbdkTa98gmQ=
golang.org/x/sync v0.10.0/go.mod h1:Czt+wKu1gCyEFDUtn0jG5QVvpJ6rzVqr5aXyt9drQfk=
golang.org/x/sync v0.11.0 h1:GGz8+XQP4FvTTrjZPzNKTMFtSXH80RAzG+5ghFPgK9w=
golang.org/x/sync v0.11.0/go.mod h1:Czt+wKu1gCyEFDUtn0jG5QVvpJ6rzVqr5aXyt9drQfk=
golang.org/x/sys v0.0.0-20180810173357-98c5dad5d1a0/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
golang.org/x/sys v0.0.0-20180830151530-49385e6e1522/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
golang.org/x/sys v0.0.0-20180909124046-d0be0721c37e/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
@ -720,12 +643,11 @@ golang.org/x/sys v0.0.0-20210330210617-4fbd30eecc44/go.mod h1:h1NjWce9XRLGQEsW7w
golang.org/x/sys v0.0.0-20210423082822-04245dca01da/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
golang.org/x/sys v0.0.0-20210426080607-c94f62235c83/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
golang.org/x/sys v0.0.0-20210510120138-977fb7262007/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
golang.org/x/sys v0.0.0-20210525143221-35b2ab0089ea/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
golang.org/x/sys v0.0.0-20210615035016-665e8c7367d1/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
golang.org/x/sys v0.0.0-20210630005230-0f9fa26af87c/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
golang.org/x/sys v0.0.0-20220520151302-bc2c85ada10a/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
golang.org/x/sys v0.0.0-20220722155257-8c9f86f7a55f/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
golang.org/x/sys v0.0.0-20220811171246-fbc7d0a398ab/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
golang.org/x/sys v0.1.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
golang.org/x/sys v0.2.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
golang.org/x/sys v0.5.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
golang.org/x/sys v0.6.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
@ -735,10 +657,8 @@ golang.org/x/sys v0.9.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
golang.org/x/sys v0.10.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
golang.org/x/sys v0.11.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
golang.org/x/sys v0.16.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA=
golang.org/x/sys v0.28.0 h1:Fksou7UEQUWlKvIdsqzJmUmCX3cZuD2+P3XyyzwMhlA=
golang.org/x/sys v0.28.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA=
golang.org/x/sys v0.29.0 h1:TPYlXGxvx1MGTn2GiZDhnjPA9wZzZeGKHHmKhHYvgaU=
golang.org/x/sys v0.29.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA=
golang.org/x/sys v0.30.0 h1:QjkSwP/36a20jFYWkSue1YwXzLmsV5Gfq7Eiy72C1uc=
golang.org/x/sys v0.30.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA=
golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo=
golang.org/x/term v0.0.0-20210927222741-03fcf44c2211/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8=
golang.org/x/term v0.5.0/go.mod h1:jMB1sMXY+tzblOD4FWmEbocvup2/aLOaQEp7JmGp78k=
@ -746,8 +666,8 @@ golang.org/x/term v0.7.0/go.mod h1:P32HKFT3hSsZrRxla30E9HqToFYAQPCMs/zFMBUFqPY=
golang.org/x/term v0.8.0/go.mod h1:xPskH00ivmX89bAKVGSKKtLOWNx2+17Eiy94tnKShWo=
golang.org/x/term v0.11.0/go.mod h1:zC9APTIj3jG3FdV/Ons+XE1riIZXG4aZ4GTHiPZJPIU=
golang.org/x/term v0.16.0/go.mod h1:yn7UURbUtPyrVJPGPq404EukNFxcm/foM+bV/bfcDsY=
golang.org/x/term v0.27.0 h1:WP60Sv1nlK1T6SupCHbXzSaN0b9wUmsPoRS9b61A23Q=
golang.org/x/term v0.27.0/go.mod h1:iMsnZpn0cago0GOrHO2+Y7u7JPn5AylBrcoWkElMTSM=
golang.org/x/term v0.28.0 h1:/Ts8HFuMR2E6IP/jlo7QVLZHggjKQbhu/7H0LJFr3Gg=
golang.org/x/term v0.28.0/go.mod h1:Sw/lC2IAUZ92udQNf3WodGtn4k/XoLyZoh8v/8uiwek=
golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
golang.org/x/text v0.3.1-0.20180807135948-17ff2d5776d2/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
golang.org/x/text v0.3.3/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ=
@ -757,12 +677,12 @@ golang.org/x/text v0.7.0/go.mod h1:mrYo+phRRbMaCq/xk9113O4dZlRixOauAjOtrjsXDZ8=
golang.org/x/text v0.9.0/go.mod h1:e1OnstbJyHTd6l/uOt8jFFHp6TRDWZR/bV3emEE/zU8=
golang.org/x/text v0.12.0/go.mod h1:TvPlkZtksWOMsz7fbANvkp4WM8x/WCo/om8BMLbz+aE=
golang.org/x/text v0.14.0/go.mod h1:18ZOQIKpY8NJVqYksKHtTdi31H5itFRjB5/qKTNYzSU=
golang.org/x/text v0.21.0 h1:zyQAAkrwaneQ066sspRyJaG9VNi/YJ1NfzcGB3hZ/qo=
golang.org/x/text v0.21.0/go.mod h1:4IBbMaMmOPCJ8SecivzSH54+73PCFmPWxNTLm+vZkEQ=
golang.org/x/text v0.22.0 h1:bofq7m3/HAFvbF51jz3Q9wLg3jkvSPuiZu/pD1XwgtM=
golang.org/x/text v0.22.0/go.mod h1:YRoo4H8PVmsu+E3Ou7cqLVH8oXWIHVoX0jqUWALQhfY=
golang.org/x/time v0.0.0-20180412165947-fbb02b2291d2/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ=
golang.org/x/time v0.0.0-20181108054448-85acf8d2951c/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ=
golang.org/x/time v0.5.0 h1:o7cqy6amK/52YcAKIPlM3a+Fpj35zvRj2TP+e1xFSfk=
golang.org/x/time v0.5.0/go.mod h1:3BpzKBy/shNhVucY/MWOyx10tF3SFh9QdLuxbVysPQM=
golang.org/x/time v0.8.0 h1:9i3RxcPv3PZnitoVGMPDKZSq1xW1gK1Xy3ArNOGZfEg=
golang.org/x/time v0.8.0/go.mod h1:3BpzKBy/shNhVucY/MWOyx10tF3SFh9QdLuxbVysPQM=
golang.org/x/tools v0.0.0-20180828015842-6cd1fcedba52/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ=
golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ=
golang.org/x/tools v0.0.0-20181030000716-a0a13e073c7b/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ=
@ -782,10 +702,8 @@ golang.org/x/tools v0.0.0-20210106214847-113979e3529a/go.mod h1:emZCQorbCU4vsT4f
golang.org/x/tools v0.1.5/go.mod h1:o0xws9oXOQQZyjljx8fwUC0k7L1pTE6eaCbjGeHmOkk=
golang.org/x/tools v0.1.12/go.mod h1:hNGJHUnrk76NpqgfD5Aqm5Crs+Hm0VOH/i9J2+nxYbc=
golang.org/x/tools v0.6.0/go.mod h1:Xwgl3UAJ/d3gWutnCtw505GrjyAbvKui8lOU390QaIU=
golang.org/x/tools v0.26.0 h1:v/60pFQmzmT9ExmjDv2gGIfi3OqfKoEP6I5+umXlbnQ=
golang.org/x/tools v0.26.0/go.mod h1:TPVVj70c7JJ3WCazhD8OdXcZg/og+b9+tH/KxylGwH0=
golang.org/x/tools v0.28.0 h1:WuB6qZ4RPCQo5aP3WdKZS7i595EdWqWR8vqJTlwTVK8=
golang.org/x/tools v0.28.0/go.mod h1:dcIOrVd3mfQKTgrDVQHqCPMWy6lnhfhtX3hLXYVLfRw=
golang.org/x/tools v0.29.0 h1:Xx0h3TtM9rzQpQuR4dKLrdglAmCEN5Oi+P74JdhdzXE=
golang.org/x/tools v0.29.0/go.mod h1:KMQVMRsVxU6nHCFXrBPhDB8XncLNLM0lIy/F14RP588=
golang.org/x/xerrors v0.0.0-20190717185122-a985d3407aa7/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
golang.org/x/xerrors v0.0.0-20191011141410-1b5146add898/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
@ -794,12 +712,12 @@ golang.org/x/xerrors v0.0.0-20240903120638-7835f813f4da h1:noIWHXmPHxILtqtCOPIhS
golang.org/x/xerrors v0.0.0-20240903120638-7835f813f4da/go.mod h1:NDW/Ps6MPRej6fsCIbMTohpP40sJ/P/vI1MoTEGwX90=
golang.zx2c4.com/wintun v0.0.0-20230126152724-0fa3db229ce2 h1:B82qJJgjvYKsXS9jeunTOisW56dUokqW/FOteYJJ/yg=
golang.zx2c4.com/wintun v0.0.0-20230126152724-0fa3db229ce2/go.mod h1:deeaetjYA+DHMHg+sMSMI58GrEteJUUzzw7en6TJQcI=
golang.zx2c4.com/wireguard v0.0.0-20220703234212-c31a7b1ab478 h1:vDy//hdR+GnROE3OdYbQKt9rdtNdHkDtONvpRwmls/0=
golang.zx2c4.com/wireguard v0.0.0-20220703234212-c31a7b1ab478/go.mod h1:bVQfyl2sCM/QIIGHpWbFGfHPuDvqnCNkT6MQLTCjO/U=
golang.zx2c4.com/wireguard v0.0.0-20231211153847-12269c276173 h1:/jFs0duh4rdb8uIfPMv78iAJGcPKDeqAFnaLBropIC4=
golang.zx2c4.com/wireguard v0.0.0-20231211153847-12269c276173/go.mod h1:tkCQ4FQXmpAgYVh++1cq16/dH4QJtmvpRv19DWGAHSA=
golang.zx2c4.com/wireguard/windows v0.5.3 h1:On6j2Rpn3OEMXqBq00QEDC7bWSZrPIHKIus8eIuExIE=
golang.zx2c4.com/wireguard/windows v0.5.3/go.mod h1:9TEe8TJmtwyQebdFwAkEWOPr3prrtqm+REGFifP60hI=
gonum.org/v1/gonum v0.15.0 h1:2lYxjRbTYyxkJxlhC+LvJIx3SsANPdRybu1tGj9/OrQ=
gonum.org/v1/gonum v0.15.0/go.mod h1:xzZVBJBtS+Mz4q0Yl2LJTk+OxOg4jiXZ7qBoM0uISGo=
gonum.org/v1/gonum v0.15.1 h1:FNy7N6OUZVUaWG9pTiD+jlhdQ3lMP+/LcTpJ6+a8sQ0=
gonum.org/v1/gonum v0.15.1/go.mod h1:eZTZuRFrzu5pcyjN5wJhcIhnUdNijYxX1T2IcrOGY0o=
google.golang.org/api v0.0.0-20180910000450-7ca32eb868bf/go.mod h1:4mhQ8q/RsB7i+udVvVy5NUi08OU8ZlA0gRVgrF7VFY0=
google.golang.org/api v0.0.0-20181030000543-1d582fd0359e/go.mod h1:4mhQ8q/RsB7i+udVvVy5NUi08OU8ZlA0gRVgrF7VFY0=
google.golang.org/api v0.1.0/go.mod h1:UGEZY7KEX120AnNLIHFMKIo4obdJhkp2tPbaPlQx13Y=
@ -831,10 +749,8 @@ google.golang.org/protobuf v1.22.0/go.mod h1:EGpADcykh3NcUnDUJcl1+ZksZNG86OlYog2
google.golang.org/protobuf v1.23.0/go.mod h1:EGpADcykh3NcUnDUJcl1+ZksZNG86OlYog2l/sGQquU=
google.golang.org/protobuf v1.23.1-0.20200526195155-81db48ad09cc/go.mod h1:EGpADcykh3NcUnDUJcl1+ZksZNG86OlYog2l/sGQquU=
google.golang.org/protobuf v1.25.0/go.mod h1:9JNX74DMeImyA3h4bdi1ymwjUzf21/xIlbajtzgsN7c=
google.golang.org/protobuf v1.35.1 h1:m3LfL6/Ca+fqnjnlqQXNpFPABW1UD7mjh8KO2mKFytA=
google.golang.org/protobuf v1.35.1/go.mod h1:9fA7Ob0pmnwhb644+1+CVWFRbNajQ6iRojtC/QF5bRE=
google.golang.org/protobuf v1.36.1 h1:yBPeRvTftaleIgM3PZ/WBIZ7XM/eEYAaEyCwvyjq/gk=
google.golang.org/protobuf v1.36.1/go.mod h1:9fA7Ob0pmnwhb644+1+CVWFRbNajQ6iRojtC/QF5bRE=
google.golang.org/protobuf v1.36.4 h1:6A3ZDJHn/eNqc1i+IdefRzy/9PokBTPvcqMySR7NNIM=
google.golang.org/protobuf v1.36.4/go.mod h1:9fA7Ob0pmnwhb644+1+CVWFRbNajQ6iRojtC/QF5bRE=
gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
gopkg.in/check.v1 v1.0.0-20180628173108-788fd7840127/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
gopkg.in/check.v1 v1.0.0-20190902080502-41f04d3bba15/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
@ -854,6 +770,8 @@ gopkg.in/yaml.v3 v3.0.0-20210107192922-496545a6307b/go.mod h1:K4uyk7z7BCEPqu6E+C
gopkg.in/yaml.v3 v3.0.1 h1:fxVm/GzAzEWqLHuvctI91KS9hhNmmWOoWu0XTYJS7CA=
gopkg.in/yaml.v3 v3.0.1/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=
grpc.go4.org v0.0.0-20170609214715-11d0a25b4919/go.mod h1:77eQGdRu53HpSqPFJFmuJdjuHRquDANNeA4x7B8WQ9o=
gvisor.dev/gvisor v0.0.0-20230927004350-cbd86285d259 h1:TbRPT0HtzFP3Cno1zZo7yPzEEnfu8EjLfl6IU9VfqkQ=
gvisor.dev/gvisor v0.0.0-20230927004350-cbd86285d259/go.mod h1:AVgIgHMwK63XvmAzWG9vLQ41YnVHN0du0tEC46fI7yY=
honnef.co/go/tools v0.0.0-20180728063816-88497007e858/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4=
honnef.co/go/tools v0.0.0-20190102054323-c2f93a96b099/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4=
honnef.co/go/tools v0.0.0-20190106161140-3f1c8253044a/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4=

26
tests/install_target_test.go
View File

@ -8,6 +8,7 @@ import (
"github.com/spectrocloud/peg/pkg/machine"
"github.com/spectrocloud/peg/pkg/machine/types"
"os"
"path/filepath"
"strings"
"time"
@ -44,7 +45,19 @@ var _ = Describe("kairos install test different targets", Label("install-test-ta
})
AfterEach(func() {
if CurrentSpecReport().Failed() {
serial, _ := os.ReadFile(filepath.Join(vm.StateDir, "serial.log"))
_ = os.MkdirAll("logs", os.ModePerm|os.ModeDir)
_ = os.WriteFile(filepath.Join("logs", "serial.log"), serial, os.ModePerm)
fmt.Println(string(serial))
}
if CurrentSpecReport().Failed() {
gatherLogs(vm)
}
Expect(vm.Destroy(nil)).ToNot(HaveOccurred())
})
// TODO: Install on second disk instead of first and check that it worked.
@ -68,20 +81,23 @@ var _ = Describe("kairos install test different targets", Label("install-test-ta
})
By("waiting for VM to reboot", func() {
_, _ = vm.Sudo("reboot")
Expect(vm.DetachCD()).ToNot(HaveOccurred())
vm.EventuallyConnects(1200)
})
By("checking that vm has rebooted to 'active'", func() {
var out string
Eventually(func() string {
out, _ := vm.Sudo("kairos-agent state boot")
out, err = vm.Sudo("kairos-agent state boot")
if err != nil {
fmt.Println(err.Error())
return ""
}
return out
}, 40*time.Minute, 10*time.Second).Should(
}, 5*time.Minute, 10*time.Second).Should(
Or(
ContainSubstring("active_boot"),
))
), out)
})
By("checking corresponding state", func() {

6
tests/zfs_test.go
View File

@ -33,7 +33,11 @@ var _ = Describe("kairos zfs test", Label("zfs"), func() {
})
By("creating a pool with two disks", func() {
out, err := vm.Sudo("dd if=/dev/zero of=/usr/local/disk0.img bs=1M count=1024")
// Check mods
out, err := vm.Sudo("lsmod")
Expect(err).ToNot(HaveOccurred(), out)
Expect(out).To(ContainSubstring("zfs"), out)
out, err = vm.Sudo("dd if=/dev/zero of=/usr/local/disk0.img bs=1M count=1024")
Expect(err).ToNot(HaveOccurred(), out)
out, err = vm.Sudo("dd if=/dev/zero of=/usr/local/disk1.img bs=1M count=1024")
Expect(err).ToNot(HaveOccurred(), out)