bug: terraform destroy of `talos_machine_configuration_apply` using `reset=true` wipes all disk partitions, not just `STATE` & `EPHEMERAL`

[MisterWS]

Tested against bare metal server (Beeline EQ13 Pro).

When running talosctl reset command directly (e.g. talosctl reset -n xx.xx.xx.xx --graceful=false --reboot=true --system-labels-to-wipe STATE --system-labels-to-wipe EPHEMERAL), system resets just the STATE and EPHEMERAL partitions, as expected.

Terraform model version: v0.6.0 Talos version being installed: v1.8.0

Specific configuration used:

resource "talos_machine_configuration_apply" "controlplane" {
  client_configuration        = talos_machine_secrets.this.client_configuration
  machine_configuration_input = data.talos_machine_configuration.controlplane.machine_configuration
  for_each                    = var.nodes.controlplanes
  node                        = each.key
  on_destroy = {
    graceful = false
    reboot   = true
    reset    = true
  }
  config_patches = [
    templatefile("${path.module}/templates/install-disk-and-hostname.yaml.tmpl", {
      hostname     = each.value.hostname == null ? format("%s-cp-%s", var.cluster_name, index(keys(var.nodes.controlplanes), each.key)) : each.value.hostname
      install_disk = each.value.install_disk
    }),
    templatefile("${path.module}/templates/installer-image.yaml.tmpl", {
      installer_image = data.talos_image_factory_urls.this.urls.installer_secureboot
    }),
    templatefile("${path.module}/templates/cluster-endpoint-vip.yaml.tmpl", {
      cluster_endpoint_vip = var.cluster_endpoint_vip
    }),
    file("${path.module}/files/cp-scheduling.yaml"),
    file("${path.module}/files/tpm-disk-encryption.yaml"),
    file("${path.module}/files/nut-client.yaml"),
    file("${path.module}/files/tailscale.yaml"),
  ]
}

[frezbo]

@smira was this the bug from talos side?

[smira]

--system-labels-to-wipe is not a default option, so it should be sent explicitly in the API.

The default behavior of Reset API is to wipe the system disk.