feat: add secure boot support

siderolabs / omni

SaaS-simple deployment of Kubernetes - on your own hardware.

Other

523 stars 31 forks source link

Closed utkuozdemir closed 4 months ago

utkuozdemir commented 4 months ago

Correctly handle the retrieval and updates of schematics when a Talos node has secure boot enabled.

When secure boot is enabled, we now

Use the correct installer image, installer-secureboot instead of installer
Preserve the kernel args in the schematic on install/upgrade instead of stripping them away.

For non-secureboot, we keep everything as-is, to avoid triggering an upgrade of existing nodes.

Closes #253.

utkuozdemir commented 4 months ago

🎉

utkuozdemir commented 4 months ago

As a note, the PR was passing the whole e2e suite except a test flake and a Talos issue that was resolved in main but not yet released (due 1.7.3).