chore: update talos packages

Update talos to v1.12.0-beta.0

Signed-off-by: Mateusz Urbanek <[email protected]>

Author: shanduur

Makefile

@@ -9,10 +9,10 @@ NAME := cluster-api-talos-controller
 ARTIFACTS := _out
 TEST_RUN ?= ./...
 
-TOOLS ?= ghcr.io/siderolabs/tools:v1.11.0
-PKGS ?= v1.11.0
-TALOS_VERSION ?= v1.11.0
-K8S_VERSION ?= 1.34.0
+TOOLS ?= ghcr.io/siderolabs/tools:v1.12.0
+PKGS ?= v1.12.0
+TALOS_VERSION ?= v1.12.0-beta.0
+K8S_VERSION ?= 1.34.2
 
 KRES_IMAGE ?= ghcr.io/siderolabs/kres:latest
 
@@ -143,20 +143,18 @@ talosctl:
 	chmod +x ./talosctl
 
 env-up: talosctl  ## Start development environment.
-	./talosctl cluster create \
-		--talosconfig=talosconfig \
-		--name=cabpt-env \
+	./talosctl cluster create docker \
+    	--name=cabpt-env \
+		--talosconfig-destination=talosconfig \
 		--kubernetes-version=$(K8S_VERSION) \
-		--mtu=1450 \
-		--skip-kubeconfig
+		--mtu=1450
 	./talosctl kubeconfig kubeconfig \
 		--talosconfig=talosconfig \
 		--nodes=10.5.0.2 \
 		--force
 
 env-down: talosctl ## Stop development environment.
 	./talosctl cluster destroy \
-		--talosconfig=talosconfig \
 		--name=cabpt-env
 	rm -f talosconfig kubeconfig
 

README.md

@@ -61,10 +61,10 @@ This provider's versions are able to install and manage the following versions o
 
 This provider's versions are compatible with the following versions of Talos:
 
-|                  | v1.0  | v1.1  | v1.2  | v1.3  | v1.4  | v1.5  | v1.6  | v1.7  | v1.8  | v1.9  | v1.10 | v1.11 |
-| ---------------- | ----- | ----- | ----- | ----- | ----- | ----- | ----- | ----- | ----- | ----- | ----- | ----- |
-| CABPT (v0.5.x)   | ✓     | ✓     | ✓     | ✓     |       |       |       |       |       |       |       |       |
-| CABPT (v0.6.x)   |       |       | ✓     | ✓     | ✓     | ✓     | ✓     | ✓     | ✓     | ✓     | ✓     | ✓     |
+|                  | v1.0  | v1.1  | v1.2  | v1.3  | v1.4  | v1.5  | v1.6  | v1.7  | v1.8  | v1.9  | v1.10 | v1.11 | v1.12 |
+| ---------------- | ----- | ----- | ----- | ----- | ----- | ----- | ----- | ----- | ----- | ----- | ----- | ----- | ----- |
+| CABPT (v0.5.x)   | ✓     | ✓     | ✓     | ✓     |       |       |       |       |       |       |       |       |       |
+| CABPT (v0.6.x)   |       |       | ✓     | ✓     | ✓     | ✓     | ✓     | ✓     | ✓     | ✓     | ✓     | ✓     | ✓     |
 
 CABPT generates machine configuration compatible with Talos Linux version specified in the `talosVersion:` field (see below).
 
@@ -151,7 +151,9 @@ There are two [patch formats](https://www.talos.dev/latest/talos-guides/configur
 
 See Talos Linux documentation for more information on patching.
 
-> Note: JSON patches are not compatible with multi-document Talos Linux machine configuration.
+> [!IMPORTANT]
+> JSON patches are not compatible with multi-document Talos Linux machine configuration.
+> JSON patches are not compatible with Talos Linux >= 1.12.
 
 JSON 6902 patch:
 

controllers/talosconfig_controller.go

@@ -14,6 +14,7 @@ import (
 	"strings"
 	"time"
 
+	"github.com/Masterminds/semver/v3"
 	jsonpatch "github.com/evanphx/json-patch"
 	"github.com/go-logr/logr"
 	"github.com/siderolabs/talos/pkg/machinery/config"
@@ -277,6 +278,8 @@ func (r *TalosConfigReconciler) reconcileGenerate(ctx context.Context, tcScope *
 
 	machineType, _ := machine.ParseType(config.Spec.GenerateType) //nolint:errcheck // handle errors later
 
+	multiConfigPatches := []string{}
+
 	switch {
 	// Slurp and use user-supplied configs
 	case config.Spec.GenerateType == "none":
@@ -291,7 +294,7 @@ func (r *TalosConfigReconciler) reconcileGenerate(ctx context.Context, tcScope *
 
 	// Generate configs on the fly
 	case machineType != machine.TypeUnknown:
-		retData, err = r.genConfigs(ctx, tcScope)
+		retData, multiConfigPatches, err = r.genConfigs(ctx, tcScope)
 		if err != nil {
 			return err
 		}
@@ -321,6 +324,8 @@ func (r *TalosConfigReconciler) reconcileGenerate(ctx context.Context, tcScope *
 		retData.BootstrapData = string(patchedBytes)
 	}
 
+	config.Spec.StrategicPatches = append(config.Spec.StrategicPatches, multiConfigPatches...)
+
 	// Handle strategic merge patches.
 	if len(config.Spec.StrategicPatches) > 0 {
 		patches := make([]configpatcher.Patch, 0, len(config.Spec.StrategicPatches))
@@ -447,7 +452,7 @@ func (r *TalosConfigReconciler) userConfigs(ctx context.Context, scope *TalosCon
 }
 
 // genConfigs will generate a bootstrap config and a talosconfig to return
-func (r *TalosConfigReconciler) genConfigs(ctx context.Context, scope *TalosConfigScope) (*TalosConfigBundle, error) {
+func (r *TalosConfigReconciler) genConfigs(ctx context.Context, scope *TalosConfigScope) (*TalosConfigBundle, []string, error) {
 	retBundle := &TalosConfigBundle{}
 
 	// Determine what type of node this is
@@ -456,22 +461,24 @@ func (r *TalosConfigReconciler) genConfigs(ctx context.Context, scope *TalosConf
 		machineType = machine.TypeWorker
 	}
 
+	patches := []string{}
+
 	// Allow user to override default kube version.
 	// This also handles version being formatted like "vX.Y.Z" instead of without leading 'v'
 	// TrimPrefix returns the string unchanged if the prefix isn't present.
 	k8sVersion := constants.DefaultKubernetesVersion
 	if scope.ConfigOwner.IsMachinePool() {
 		mp := &expv1.MachinePool{}
 		if err := runtime.DefaultUnstructuredConverter.FromUnstructured(scope.ConfigOwner.Object, mp); err != nil {
-			return retBundle, err
+			return retBundle, patches, err
 		}
 		if mp.Spec.Template.Spec.Version != nil {
 			k8sVersion = strings.TrimPrefix(*mp.Spec.Template.Spec.Version, "v")
 		}
 	} else {
 		machine := &capiv1.Machine{}
 		if err := runtime.DefaultUnstructuredConverter.FromUnstructured(scope.ConfigOwner.Object, machine); err != nil {
-			return retBundle, err
+			return retBundle, patches, err
 		}
 		if machine.Spec.Version != nil {
 			k8sVersion = strings.TrimPrefix(*machine.Spec.Version, "v")
@@ -491,15 +498,15 @@ func (r *TalosConfigReconciler) genConfigs(ctx context.Context, scope *TalosConf
 		var err error
 		versionContract, err = config.ParseContractFromVersion(scope.Config.Spec.TalosVersion)
 		if err != nil {
-			return retBundle, fmt.Errorf("invalid talos-version: %w", err)
+			return retBundle, patches, fmt.Errorf("invalid talos-version: %w", err)
 		}
 	}
 
 	genOptions = append(genOptions, generate.WithVersionContract(versionContract))
 
 	secretBundle, err := r.getSecretsBundle(ctx, scope, true, versionContract)
 	if err != nil {
-		return retBundle, err
+		return retBundle, patches, err
 	}
 
 	genOptions = append(genOptions, generate.WithSecretsBundle(secretBundle))
@@ -518,24 +525,24 @@ func (r *TalosConfigReconciler) genConfigs(ctx context.Context, scope *TalosConf
 		genOptions...,
 	)
 	if err != nil {
-		return retBundle, err
+		return retBundle, patches, err
 	}
 
 	// Create the secret with kubernetes certs so a kubeconfig can be generated
 	if err = r.writeK8sCASecret(ctx, scope, secretBundle.Certs.K8s); err != nil {
-		return retBundle, err
+		return retBundle, patches, err
 	}
 
 	tcString, err := genTalosConfigFile(input.ClusterName, secretBundle, nil)
 	if err != nil {
-		return retBundle, err
+		return retBundle, patches, err
 	}
 
 	retBundle.TalosConfig = tcString
 
 	data, err := input.Config(machineType)
 	if err != nil {
-		return retBundle, err
+		return retBundle, patches, err
 	}
 
 	if scope.Cluster.Spec.ClusterNetwork != nil && scope.Cluster.Spec.ClusterNetwork.Pods != nil {
@@ -550,27 +557,38 @@ func (r *TalosConfigReconciler) genConfigs(ctx context.Context, scope *TalosConf
 			data.RawV1Alpha1().MachineConfig.MachineNetwork = &v1alpha1.NetworkConfig{}
 		}
 
+		talosVersion, parseErr := semver.NewVersion(strings.TrimLeft(scope.Config.Spec.TalosVersion, "v"))
+
 		if scope.Config.Spec.Hostname.Source == v1alpha3.HostnameSourceMachineName {
-			data.RawV1Alpha1().MachineConfig.MachineNetwork.NetworkHostname = scope.ConfigOwner.GetName()
+			if parseErr == nil && talosVersion.LessThan(semver.MustParse("1.12.0-beta.0")) {
+				patches = append(patches, fmt.Sprintf("apiVersion: v1alpha1\nkind: HostnameConfig\nauto: off\nhostname: %s", scope.ConfigOwner.GetName()))
+			} else {
+				data.RawV1Alpha1().MachineConfig.MachineNetwork.NetworkHostname = scope.ConfigOwner.GetName()
+			}
 		}
 
 		if scope.Config.Spec.Hostname.Source == v1alpha3.HostnameSourceInfrastructureName {
 			machine := &capiv1.Machine{}
 			if err := runtime.DefaultUnstructuredConverter.FromUnstructured(scope.ConfigOwner.Object, machine); err != nil {
-				return retBundle, err
+				return retBundle, patches, err
+			}
+
+			if parseErr == nil && talosVersion.LessThan(semver.MustParse("1.12.0-beta.0")) {
+				patches = append(patches, fmt.Sprintf("apiVersion: v1alpha1\nkind: HostnameConfig\nauto: off\nhostname: %s", machine.Spec.InfrastructureRef.Name))
+			} else {
+				data.RawV1Alpha1().MachineConfig.MachineNetwork.NetworkHostname = machine.Spec.InfrastructureRef.Name
 			}
-			data.RawV1Alpha1().MachineConfig.MachineNetwork.NetworkHostname = machine.Spec.InfrastructureRef.Name
 		}
 	}
 
 	dataOut, err := data.EncodeString(encoder.WithComments(encoder.CommentsDisabled))
 	if err != nil {
-		return retBundle, err
+		return retBundle, patches, err
 	}
 
 	retBundle.BootstrapData = dataOut
 
-	return retBundle, nil
+	return retBundle, patches, nil
 }
 
 // MachineToBootstrapMapFunc is a handler.ToRequestsFunc to be used to enqueue

go.mod

@@ -1,6 +1,6 @@
 module github.com/siderolabs/cluster-api-bootstrap-provider-talos
 
-go 1.24.0
+go 1.25.3
 
 // compatibility with kube-apiserver v0.32.3, should be dropped once kube-apiserver dependency is updated
 replace github.com/google/cel-go => github.com/google/cel-go v0.22.0
@@ -9,12 +9,12 @@ require (
 	github.com/evanphx/json-patch v5.9.11+incompatible
 	github.com/go-logr/logr v1.4.3
 	github.com/google/go-cmp v0.7.0
-	github.com/siderolabs/crypto v0.6.3
+	github.com/siderolabs/crypto v0.6.4
 	github.com/siderolabs/go-pointer v1.0.1
-	github.com/siderolabs/talos/pkg/machinery v1.11.0
+	github.com/siderolabs/talos/pkg/machinery v1.12.0-beta.0
 	github.com/spf13/pflag v1.0.7
-	github.com/stretchr/testify v1.10.0
-	golang.org/x/sys v0.35.0
+	github.com/stretchr/testify v1.11.1
+	golang.org/x/sys v0.38.0
 	gopkg.in/yaml.v2 v2.4.0
 	k8s.io/api v0.32.3
 	k8s.io/apiextensions-apiserver v0.32.3
@@ -34,7 +34,7 @@ require (
 	github.com/Masterminds/semver/v3 v3.3.0 // indirect
 	github.com/Masterminds/sprig/v3 v3.3.0 // indirect
 	github.com/NYTimes/gziphandler v1.1.1 // indirect
-	github.com/ProtonMail/go-crypto v1.2.0 // indirect
+	github.com/ProtonMail/go-crypto v1.3.0 // indirect
 	github.com/adrg/xdg v0.5.3 // indirect
 	github.com/antlr4-go/antlr/v4 v4.13.1 // indirect
 	github.com/asaskevich/govalidator v0.0.0-20190424111038-f61b66f89f4a // indirect
@@ -43,17 +43,17 @@ require (
 	github.com/cenkalti/backoff/v4 v4.3.0 // indirect
 	github.com/cespare/xxhash/v2 v2.3.0 // indirect
 	github.com/cloudflare/circl v1.6.1 // indirect
-	github.com/containerd/go-cni v1.1.12 // indirect
-	github.com/containernetworking/cni v1.2.3 // indirect
-	github.com/cosi-project/runtime v1.10.7 // indirect
+	github.com/containerd/go-cni v1.1.13 // indirect
+	github.com/containernetworking/cni v1.3.0 // indirect
+	github.com/cosi-project/runtime v1.12.0 // indirect
 	github.com/davecgh/go-spew v1.1.2-0.20180830191138-d8f796af33cc // indirect
 	github.com/distribution/reference v0.6.0 // indirect
 	github.com/drone/envsubst/v2 v2.0.0-20210730161058-179042472c46 // indirect
 	github.com/dustin/go-humanize v1.0.1 // indirect
 	github.com/emicklei/go-restful/v3 v3.12.2 // indirect
 	github.com/evanphx/json-patch/v5 v5.9.11 // indirect
 	github.com/felixge/httpsnoop v1.0.4 // indirect
-	github.com/fsnotify/fsnotify v1.8.0 // indirect
+	github.com/fsnotify/fsnotify v1.9.0 // indirect
 	github.com/fxamacker/cbor/v2 v2.7.0 // indirect
 	github.com/gertd/go-pluralize v0.2.1 // indirect
 	github.com/ghodss/yaml v1.0.0 // indirect
@@ -67,25 +67,25 @@ require (
 	github.com/gogo/protobuf v1.3.2 // indirect
 	github.com/golang/protobuf v1.5.4 // indirect
 	github.com/google/btree v1.1.3 // indirect
-	github.com/google/cel-go v0.26.0 // indirect
+	github.com/google/cel-go v0.26.1 // indirect
 	github.com/google/gnostic-models v0.6.8 // indirect
 	github.com/google/go-github/v53 v53.2.0 // indirect
 	github.com/google/go-querystring v1.1.0 // indirect
 	github.com/google/gofuzz v1.2.0 // indirect
 	github.com/google/uuid v1.6.0 // indirect
-	github.com/grpc-ecosystem/grpc-gateway/v2 v2.26.3 // indirect
+	github.com/grpc-ecosystem/grpc-gateway/v2 v2.27.3 // indirect
 	github.com/hashicorp/errwrap v1.1.0 // indirect
 	github.com/hashicorp/go-multierror v1.1.1 // indirect
 	github.com/huandu/xstrings v1.5.0 // indirect
 	github.com/inconshreveable/mousetrap v1.1.0 // indirect
 	github.com/josharian/intern v1.0.0 // indirect
 	github.com/josharian/native v1.1.0 // indirect
-	github.com/jsimonetti/rtnetlink/v2 v2.0.5 // indirect
+	github.com/jsimonetti/rtnetlink/v2 v2.1.0 // indirect
 	github.com/json-iterator/go v1.1.12 // indirect
 	github.com/mailru/easyjson v0.7.7 // indirect
 	github.com/mdlayher/ethtool v0.4.0 // indirect
 	github.com/mdlayher/genetlink v1.3.2 // indirect
-	github.com/mdlayher/netlink v1.7.2 // indirect
+	github.com/mdlayher/netlink v1.8.0 // indirect
 	github.com/mdlayher/socket v0.5.1 // indirect
 	github.com/mitchellh/copystructure v1.2.0 // indirect
 	github.com/mitchellh/reflectwalk v1.0.2 // indirect
@@ -108,9 +108,9 @@ require (
 	github.com/sagikazarmark/locafero v0.7.0 // indirect
 	github.com/sasha-s/go-deadlock v0.3.5 // indirect
 	github.com/shopspring/decimal v1.4.0 // indirect
-	github.com/siderolabs/gen v0.8.5 // indirect
+	github.com/siderolabs/gen v0.8.6 // indirect
 	github.com/siderolabs/net v0.4.0 // indirect
-	github.com/siderolabs/protoenc v0.2.2 // indirect
+	github.com/siderolabs/protoenc v0.2.4 // indirect
 	github.com/sourcegraph/conc v0.3.0 // indirect
 	github.com/spf13/afero v1.12.0 // indirect
 	github.com/spf13/cast v1.7.1 // indirect
@@ -122,28 +122,29 @@ require (
 	github.com/x448/float16 v0.8.4 // indirect
 	go.opentelemetry.io/auto/sdk v1.1.0 // indirect
 	go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.54.0 // indirect
-	go.opentelemetry.io/otel v1.35.0 // indirect
+	go.opentelemetry.io/otel v1.37.0 // indirect
 	go.opentelemetry.io/otel/exporters/otlp/otlptrace v1.28.0 // indirect
 	go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracegrpc v1.27.0 // indirect
-	go.opentelemetry.io/otel/metric v1.35.0 // indirect
-	go.opentelemetry.io/otel/sdk v1.35.0 // indirect
-	go.opentelemetry.io/otel/trace v1.35.0 // indirect
+	go.opentelemetry.io/otel/metric v1.37.0 // indirect
+	go.opentelemetry.io/otel/sdk v1.37.0 // indirect
+	go.opentelemetry.io/otel/trace v1.37.0 // indirect
 	go.opentelemetry.io/proto/otlp v1.3.1 // indirect
 	go.uber.org/multierr v1.11.0 // indirect
 	go.uber.org/zap v1.27.0 // indirect
-	golang.org/x/crypto v0.38.0 // indirect
+	go.yaml.in/yaml/v4 v4.0.0-rc.3 // indirect
+	golang.org/x/crypto v0.44.0 // indirect
 	golang.org/x/exp v0.0.0-20250128182459-e0ece0dbea4c // indirect
-	golang.org/x/net v0.40.0 // indirect
-	golang.org/x/oauth2 v0.28.0 // indirect
-	golang.org/x/sync v0.15.0 // indirect
-	golang.org/x/term v0.32.0 // indirect
-	golang.org/x/text v0.25.0 // indirect
-	golang.org/x/time v0.11.0 // indirect
+	golang.org/x/net v0.47.0 // indirect
+	golang.org/x/oauth2 v0.30.0 // indirect
+	golang.org/x/sync v0.18.0 // indirect
+	golang.org/x/term v0.37.0 // indirect
+	golang.org/x/text v0.31.0 // indirect
+	golang.org/x/time v0.14.0 // indirect
 	gomodules.xyz/jsonpatch/v2 v2.5.0 // indirect
-	google.golang.org/genproto/googleapis/api v0.0.0-20250715232539-7130f93afb79 // indirect
-	google.golang.org/genproto/googleapis/rpc v0.0.0-20250715232539-7130f93afb79 // indirect
-	google.golang.org/grpc v1.73.0 // indirect
-	google.golang.org/protobuf v1.36.6 // indirect
+	google.golang.org/genproto/googleapis/api v0.0.0-20251111163417-95abcf5c77ba // indirect
+	google.golang.org/genproto/googleapis/rpc v0.0.0-20251111163417-95abcf5c77ba // indirect
+	google.golang.org/grpc v1.76.0 // indirect
+	google.golang.org/protobuf v1.36.10 // indirect
 	gopkg.in/evanphx/json-patch.v4 v4.12.0 // indirect
 	gopkg.in/inf.v0 v0.9.1 // indirect
 	gopkg.in/yaml.v3 v3.0.1 // indirect