pulumiverse / pulumi-talos Goto Github PK

View Code? Open in Web Editor NEW

37.0 3.0 11.0 1.18 MB

Pulumi provider for Talos

License: Mozilla Public License 2.0

Makefile 1.01% Go 3.03% C# 32.83% TypeScript 16.21% Python 46.93%

pulumi pulumi-provider

pulumi-talos's Introduction

Talos Resource Provider

The Talos Resource Provider lets you manage Talos Linux machines & clusters.

Installing

This package is available for several languages/platforms:

Node.js (JavaScript/TypeScript)

To use from JavaScript or TypeScript in Node.js, install using either npm:

npm install @pulumiverse/talos

or yarn:

yarn add @pulumiverse/talos

Python

To use from Python, install using pip:

pip install pulumiverse_talos

Go

To use from Go, use go get to grab the latest version of the library:

go get github.com/pulumiverse/pulumi-talos/sdk/go/...

.NET

To use from .NET, install using dotnet add package:

dotnet add package Pulumiverse.Talos

Reference

For detailed reference documentation, please visit the Pulumi registry.

pulumi-talos's People

Contributors

Stargazers

Watchers

Forkers

frezbo rsmitty alexanderniebuhr alinanova21 gunzy83 t0yv0 unstoppablemango adace123 cnunciato vincentvdk

pulumi-talos's Issues

Problem with composite output properties

This issue is to communicate the roadblock I bumped into while trying to map output types to specific generated Pulumi SDK types.

In the TF provider, one can pass a composite output from the talos_machine_secrets resource further downstream:

resource "talos_machine_secrets" "this" {}

data "talos_machine_configuration" "controlplane" {
  cluster_name     = var.cluster_name
  cluster_endpoint = var.cluster_endpoint
  machine_type     = "controlplane"
  machine_secrets  = talos_machine_secrets.this.machine_secrets # <-- composite output passed here
}

In Pulumi, the generated output types for the properties of talos.machine.Secrets resource are different from the generated input types of e.g. the function talos.machine.getConfiguration. This results in that we can't immediately pass the property downstream, resulting in issues like #80.

I discussed this with a few of the Pulumi product engineers, only to conclude that it currently is not possible to fluently pass composite outputs immediately as inputs downstream, and this consistently in all of Pulumi's supported programming languages.

This is definitely a first case of resources returning a composite type, so I file a feature request for this: pulumi/pulumi#15883

In the meantime, I will investigate how to rework the Pulumi Talos Linux provider for the best user experience.

Talos 1.5.0 compatibility

Hello !
Talos 1.5.0 has just been released and it seems to introduce some breaking changes in the Talos configuration. Is it planned to upgrade this pulumi provider or this project is dead ?
Thanks !

The Pulumi registry link does not seem to work

The "the Pulumi registry" link in the README.md does not work.

I've tried to find it at https://www.pulumi.com/docs/, but it didn't find anything.

Package name

Given this is a terraform wrapper, should it not be pulumi-tf-talos?

Unable to use ClientConfiguration from Secrets as an input

For Go, it looks like #69 changed machine.NewSecrets to machine.NewSecretsType. (This makes the Go examples incorrect, by the way.) However, it doesn't seem to work as expected.

Let's say talosSecrets represents the result of a machine.NewSecretsType call. We'd then need to use this result (or portions of it) in a number of other places:

We'd need to use the MachineSecrets portion in a machine.GetConfigurationOutput call. This works via talosSecrets.ToSecretTypeOutput().MachineSecrets().
We'd also need to use the ClientConfiguration portion in both machine.NewConfigurationApply and machine.NewBootstrap calls. This does not work using talosSecrets.ToSecretTypeOutput.ClientConfiguration() (incorrect type/type mismatch reported by the IDE and running pulumi preview or pulumi up fails with a go build error).

Ultimately, this means that the provider appears to be broken/non-functional for Go (I have not tested/checked in other languages).

Here is the error received when running pulumi preview or pulumi up:

    # github.com/pulumiverse/pulumi-talos/sdk/go/talos/machine
    ../../Go/pkg/mod/github.com/pulumiverse/pulumi-talos/[email protected]/go/talos/machine/secrets.go:49:6: SecretsType redeclared in this block
    	../../Go/pkg/mod/github.com/pulumiverse/pulumi-talos/[email protected]/go/talos/machine/pulumiTypes.go:3190:6: other declaration of SecretsType
    ../../Go/pkg/mod/github.com/pulumiverse/pulumi-talos/[email protected]/go/talos/machine/secrets.go:69:75: cannot use &resource (value of type *SecretsType) as pulumi.Resource value in argument to ctx.RegisterResource: *SecretsType does not implement pulumi.Resource (missing method URN)
    ../../Go/pkg/mod/github.com/pulumiverse/pulumi-talos/[email protected]/go/talos/machine/secrets.go:117:6: SecretsTypeArgs redeclared in this block
    	../../Go/pkg/mod/github.com/pulumiverse/pulumi-talos/[email protected]/go/talos/machine/pulumiTypes.go:3209:6: other declaration of SecretsTypeArgs
    ../../Go/pkg/mod/github.com/pulumiverse/pulumi-talos/[email protected]/go/talos/machine/secrets.go:122:24: method SecretsTypeArgs.ElementType already declared at ../../Go/pkg/mod/github.com/pulumiverse/pulumi-talos/[email protected]/go/talos/machine/pulumiTypes.go:3216:24
    ../../Go/pkg/mod/github.com/pulumiverse/pulumi-talos/[email protected]/go/talos/machine/secrets.go:126:6: SecretsTypeInput redeclared in this block
    	../../Go/pkg/mod/github.com/pulumiverse/pulumi-talos/[email protected]/go/talos/machine/pulumiTypes.go:3201:6: other declaration of SecretsTypeInput
    ../../Go/pkg/mod/github.com/pulumiverse/pulumi-talos/[email protected]/go/talos/machine/secrets.go:195:6: SecretsTypeOutput redeclared in this block
    	../../Go/pkg/mod/github.com/pulumiverse/pulumi-talos/[email protected]/go/talos/machine/pulumiTypes.go:3270:6: other declaration of SecretsTypeOutput
    ../../Go/pkg/mod/github.com/pulumiverse/pulumi-talos/[email protected]/go/talos/machine/secrets.go:197:26: method SecretsTypeOutput.ElementType already declared at ../../Go/pkg/mod/github.com/pulumiverse/pulumi-talos/[email protected]/go/talos/machine/pulumiTypes.go:3272:26
    ../../Go/pkg/mod/github.com/pulumiverse/pulumi-talos/[email protected]/go/talos/machine/secrets.go:201:28: method SecretsTypeOutput.ToSecretsTypeOutput already declared at ../../Go/pkg/mod/github.com/pulumiverse/pulumi-talos/[email protected]/go/talos/machine/pulumiTypes.go:3276:28
    ../../Go/pkg/mod/github.com/pulumiverse/pulumi-talos/[email protected]/go/talos/machine/secrets.go:205:28: method SecretsTypeOutput.ToSecretsTypeOutputWithContext already declared at ../../Go/pkg/mod/github.com/pulumiverse/pulumi-talos/[email protected]/go/talos/machine/pulumiTypes.go:3280:28
    ../../Go/pkg/mod/github.com/pulumiverse/pulumi-talos/[email protected]/go/talos/machine/init.go:29:7: cannot use &SecretsType{} (value of type *SecretsType) as pulumi.Resource value in assignment: *SecretsType does not implement pulumi.Resource (missing method URN)
    ../../Go/pkg/mod/github.com/pulumiverse/pulumi-talos/[email protected]/go/talos/machine/secrets.go:69:75: too many errors

    error: error in compiling Go: unable to run `go build`: exit status 1

add back some of the SDK languages

Pulumi supports a bunch of languages to define the infrastructure and it would be nice if this provider would support more languages than just Go (which is not ideal for defining configuration/infra).
Especially NodeJS would be nice to have, as it is the easiest to read quickly imo.
Is it possible for siderolabs to publish an official npm package as generating it with build_nodejs works fine?

And thanks a lot for the work on Talos, it's amazing :)

Provider not present in the pulumi registry

Hello together,

thank you for your work :)

The Readme references the the pulumi registry to look at the API docs.
Unfortunately the Talos provider is not present in the pulumi registry (anymore).

Are you aware? If yes will the package be back in the registry?

Error marshaling MachineConfigurationInput

Hello 👋 New user of Talos and Pulumi here. I hope I am creating this issue in the right place - if not, please point me to where it should be.

My goal is to use Pulumi to provision a Talos cluster on VM's running in Azure. Right now I have provisioned a single VM (and all the related Azure resources), and the VM uses the Talos Linux 1.6.0 disk image in the community gallery. I want this VM to act as a control plane node.

I am working from the example in the Pulumi registry (https://www.pulumi.com/registry/packages/talos/), with the YAML engine. Just copy/pasting that YAML and running pulumi up gives me this error:

% pulumi up
Previewing update (dev):
     Type                 Name                          Plan     Info
     pulumi:pulumi:Stack  provision-sandbox-yaml-2-dev           2 errors

Diagnostics:
  pulumi:pulumi:Stack (provision-sandbox-yaml-2-dev):
    error: rpc error: code = Unknown desc = invocation of talos:machine/getConfiguration:getConfiguration returned an error: cannot encode config to call ReadDataSource for "talos_machine_configuration": objectEncoder failed on property "machine_secrets": objectEncoder failed on property "secrets": objectEncoder failed on property "bootstrap_token": Expected a string, got: {map[]}
    
      on Pulumi.yaml line 6:
       6:     fn::invoke:
       7:       function: talos:machine/getConfiguration:getConfiguration
       8:       arguments:
       9:         clusterName: "exampleCluster"
      10:         machineType: "controlplane"
      11:         clusterEndpoint: "https://cluster.local:6443"
      12:         machineSecrets: ${secrets.machineSecrets}
      13:       return: machineConfiguration
    error: an unhandled error occurred: waiting for RPCs: marshaling properties: awaiting input property "machineConfigurationInput": runtime error

My Pulumi program looks like this:

name: provision-sandbox-yaml-2
runtime: yaml
description: A minimal Pulumi YAML program
variables:
  configuration:
    fn::invoke:
      function: talos:machine/getConfiguration:getConfiguration
      arguments:
        clusterName: "exampleCluster"
        machineType: "controlplane"
        clusterEndpoint: "https://cluster.local:6443"
        machineSecrets: ${secrets.machineSecrets}
      return: machineConfiguration

resources:
  secrets:
    type: talos:machine/secrets:Secrets
  configurationApply:
    type: talos:machine/configurationApply:ConfigurationApply
    properties:
      clientConfiguration: ${secrets.clientConfiguration}
      machineConfigurationInput: ${configuration}
      node: "10.5.0.2"
      configPatches:
        - fn::toJSON:
            machine:
              install:
                disk: "/dev/sdd"
  bootstrap:
    type: talos:machine:Bootstrap
    properties:
      node: "10.5.0.2"
      clientConfiguration: ${secrets.clientConfiguration}
    options:
      dependsOn:
        - ${configurationApply}

outputs: {}

Let me know if you need more context/logging.

Dependency Dashboard

This issue lists Renovate updates and detected dependencies. Read the Dependency Dashboard docs to learn more.

Rate-Limited

These updates are currently rate-limited. Click on a checkbox below to force their creation now.

Open

These updates have all been created already. Click a checkbox below to force a retry/rebase of any.

Detected dependencies

github-actions

.github/workflows/main.yml

actions/checkout v3

actions/checkout v3

actions/setup-go v3

jaxxstorm/action-install-gh-release v1.9.0

pulumi/action-install-pulumi-cli v2

actions/setup-node v4

actions/setup-dotnet v3

actions/setup-python v4

actions/download-artifact v3

actions/upload-artifact v3

actions/checkout v3

actions/checkout v3

actions/setup-go v3

jaxxstorm/action-install-gh-release v1.9.0

pulumi/action-install-pulumi-cli v2

jaxxstorm/action-install-gh-release v1.9.0

actions/upload-artifact v3

actions/checkout v3

actions/checkout v3

actions/setup-go v3

jaxxstorm/action-install-gh-release v1.9.0

pulumi/action-install-pulumi-cli v2

actions/setup-node v4

actions/setup-dotnet v3

actions/setup-python v4

actions/download-artifact v3

actions/download-artifact v3

.github/workflows/release.yaml

actions/checkout v4.1.1

actions/setup-go v4.1.0

jaxxstorm/action-install-gh-release v1.10.0

goreleaser/goreleaser-action v5.0.0

actions/github-script v6.4.1

actions/checkout v4.1.1

actions/setup-go v4.1.0

jaxxstorm/action-install-gh-release v1.10.0

pulumi/actions v4

actions/setup-node v4.0.2

actions/setup-dotnet v2.1.1

actions/setup-python v4.7.1

pypa/gh-action-pypi-publish v1.8.10

JS-DevTools/npm-publish v2.2.2

.github/workflows/upgrade-bridge.yml

pulumi/pulumi-upgrade-provider-action v0.0.12

gomod

examples/go.mod

go 1.20

examples/go/go.mod

go 1.21.5

go 1.22.1

github.com/pulumi/pulumi/sdk/v3 v3.104.2

github.com/pulumiverse/pulumi-talos/sdk v0.0.0

provider/go.mod

go 1.21.5

github.com/pulumi/terraform-plugin-sdk/v2 v2.0.0-20230912190043-e6d96b3b8f7e@e6d96b3b8f7e

github.com/pulumi/pulumi-terraform-bridge/pf v0.26.0

github.com/pulumi/pulumi-terraform-bridge/v3 v3.73.0

github.com/pulumi/pulumi/pkg/v3 v3.104.2

github.com/siderolabs/terraform-provider-talos v0.4.0

sdk/go.mod

npm

examples/typescript/package.json

typescript ^4.0.0

@pulumi/pulumi ^3.0.0

@pulumiverse/talos 0.1.8

@types/node ^14

sdk/nodejs/package.json

nuget

examples/dotnet/talos.csproj

sdk/dotnet/Pulumiverse.Talos.csproj

pip_requirements

examples/python/requirements.txt

pulumi >=3.0.0,<4.0.0

pulumiverse_talos ==0.1.8

pip_setup

sdk/python/setup.py

Check this box to trigger a request for Renovate to run again on this repository

Error while doing a patch in control plane

Hello,

I am trying to remove "/cluster/apiServer/admissionControl/" from the control plane configuration using patches. As it is a field that is only present in control planes (and not in workers), while using the talosctl command I needed to use the flag --config-patch-control-plane

So,

If I run talosctl gen config talos-k8s-aws-tutorial https://tast:6443/ --with-examples=false --with-docs=false --kubernetes-version 1.23.9 --config-patch-control-plane '[{"op": "remove", "path": "/cluster/apiServer/admissionControl"}]' it works
If I run talosctl gen config talos-k8s-aws-tutorial https://tast:6443/ --with-examples=false --with-docs=false --kubernetes-version 1.23.9 --config-patch '[{"op": "remove", "path": "/cluster/apiServer/admissionControl"}]' I am getting the following error:

failed to generate config bundle: error patching configs: failure applying rfc6902 patches to talos machine config: remove operation does not apply: doc is missing path: "/cluster/apiServer/admissionControl": missing value

So I would like to be available to do the same using the terraform provider, but it looks that I am having a similar error as the previous one:

talos_machine_configuration_controlplane.machineconfig_cp: Creating...
╷
│ Error: failure applying rfc6902 patches to talos machine config: remove operation does not apply: doc is missing path: "/cluster/apiServer/admissionControl": missing value
│
│   with talos_machine_configuration_controlplane.machineconfig_cp,
│   on talos-config.tf line 4, in resource "talos_machine_configuration_controlplane" "machineconfig_cp":
│    4: resource "talos_machine_configuration_controlplane" "machineconfig_cp" {

My terraform code:

resource "talos_machine_configuration_controlplane" "machineconfig_cp" {
  cluster_name     = "test"
  cluster_endpoint = "https://example-lb:443"
  machine_secrets  = talos_machine_secrets.machine_secrets.machine_secrets
  config_patches = [
    file("${path.module}/talos-patches/admissioncontroller.yaml")
  ]
  docs_enabled = false
  examples_enabled = false
  kubernetes_version = "1.23.9"
  talos_version = "v1.2.1"

}

talos-patches/admissioncontroller.yaml file content:

[
    {
        "op": "remove",
        "path": "/cluster/apiServer/admissionControl"
    }
]

It is a bug or I am doing something wrong?

More context:
https://taloscommunity.slack.com/archives/CG25RPZNE/p1663105063165239