Skip to content

feat: update default Talos image to v1.12.6 #115

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
kvaps wants to merge 1 commit into
base: main
Choose a base branch
from
+2 −2
Open

feat: update default Talos image to v1.12.6 #115

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 1 addition & 1 deletion charts/cozystack/Chart.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -12,7 +12,7 @@ templateOptions:
fileValues: []
jsonValues: []
literalValues: []
talosVersion: "v1.11"
talosVersion: "v1.12"
Copy link
Copy Markdown

@coderabbitai coderabbitai bot Apr 2, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

⚠️ Potential issue | 🟡 Minor

🧩 Analysis chain

🏁 Script executed:

#!/bin/bash
# Search for any version-specific handling or migration logic

echo "=== Checking for version-specific logic or migration code ==="
rg -n -C3 'v1\.11|v1\.12' --type=go -g '!vendor/**'

echo -e "\n=== Checking for version contract usage ==="
rg -n -C3 'ParseContractFromVersion|WithVersionContract' --type=go -g '!vendor/**'

echo -e "\n=== Checking for any upgrade or migration documentation ==="
fd -e md -e txt | xargs rg -l -i 'upgrade|migration|v1\.11|v1\.12' 2>/dev/null || echo "No migration docs found"

Repository: cozystack/talm

Length of output: 3389

🌐 Web query:

What are the differences between Talos Linux API version contracts for v1.11 and v1.12? Are there breaking changes in the machine configuration schema or API?

💡 Result:

The primary differences in Talos Linux API version contracts between v1.11 and v1.12 center on the machine configuration schema, particularly networking and related configurations. There are breaking changes in how configurations are structured and applied, but legacy v1alpha1 configurations are largely supported with deprecations. Key differences and breaking changes in machine configuration schema: - Network configuration: Major restructuring to "multi-doc" format in v1.12. The monolithic .machine.network section (except KubeSpan) is deprecated. Replaced by separate documents: - HostnameConfig (replaces .machine.network.hostname) - LinkConfig, LinkAliasConfig, EthernetConfig, BondConfig, BridgeConfig, DHCPv4Config, DHCPv6Config, VLANConfig, WireGuardConfig (replace .machine.network.interfaces) - ResolverConfig (replaces .machine.network.nameservers, searchDomains, disableSearchDomain) These new documents allow granular, runtime-applicable configs (even in maintenance mode) and embedding in boot images. Old .machine.network is deprecated but supported. - CRI registries: .machine.registries in v1alpha1 is deprecated; replaced by RegistryMirrorConfig, RegistryAuthConfig, RegistryTLSConfig documents. - Deprecations/ignored fields: v1.12 ignores and locks: - machine.features.rbac (true) - machine.features.apidCheckExtKeyUsage (true) - cluster.apiServer.disablePodSecurityPolicy (true) These fields are removed from default schema. - New fields/options: - UserVolumeConfig.volumeType: 'directory' (lightweight host dir volumes, skips provisioning). - Disk encryption: options.pcrs for TPM PCR selection. - .machine.install.grubUseUKICmdline: controls GRUB cmdline source (defaults false on upgrade). - EthernetConfig.wakeOnLAN support. - OOMConfig document for userspace OOM handler. No explicit breaking changes found in the gRPC management API (e.g., protobuf contracts for talosctl operations like upgrade, apply-config). Changes are additive/deprecated in config schema, handled transparently on upgrade. Patching legacy configs may require v1.12 talosctl and new document formats (e.g., HostnameConfig with auto: off). Upgrades from v1.11 to v1.12 preserve legacy behavior where possible (e.g., grubUseUKICmdline=false). Use talosctl gen config with --talos-version v1.11 for reproducible configs, then patch. v1.11 introduces Kubernetes version validation on config apply, new volume types (SwapVolumeConfig, RawVolumeConfig), but no major schema breaks from prior.

Citations:

🌐 Web query:

Talos Linux v1.12 Kubernetes 1.34 compatibility support requirements

💡 Result:

Talos Linux v1.12 supports Kubernetes 1.34 and provides compatibility for it, as evidenced by development commits updating to Kubernetes 1.34.0 and 1.34.1 during the v1.12 release cycle. The default Kubernetes version for Talos v1.12 is 1.35.0, with images like registry.k8s.io/kube-apiserver:v1.35.0 bundled in releases such as v1.12.2. Talos enforces Kubernetes version compatibility through machine configuration validation, introduced in v1.11 and continued in v1.12. Users can specify custom Kubernetes versions via the machine config .cluster.kubernetesVersion field or component image overrides (e.g., talosctl gen config ... --kubernetes-version 1.34.x), subject to Talos' compatibility checks. Prior support matrices (e.g., v1.11 supports 1.34-1.29) indicate typically 6 minor versions, so v1.12 likely supports 1.35 down to 1.30, including 1.34. No explicit list for v1.12 found, but 1.34 is confirmed compatible via upgrade paths and commits.

Citations:

Verify understanding of schema changes in talosVersion upgrade from v1.11 to v1.12.

The version bump introduces documented schema changes in Talos, particularly:

  • Network configuration restructure (multi-doc format replaces monolithic .machine.network)
  • CRI registries configuration changes
  • New machine config documents (HostnameConfig, LinkConfig, ResolverConfig, etc.)

However, Talos v1.12 preserves backward compatibility with v1.11 configurations—legacy configs are supported with deprecations, and upgrade paths maintain existing behavior where possible. Kubernetes v1.34.3 is compatible with Talos v1.12.

Recommendation: Review the Talos v1.12 release notes to understand the configuration changes and verify any custom machine configs are compatible with the new schema structure, but no immediate migration is required.

🤖 Prompt for AI Agents 
Verify each finding against the current code and only fix it if needed.

In `@charts/cozystack/Chart.yaml` at line 15, The Chart.yaml talosVersion bump to
"v1.12" requires you to verify schema compatibility: review Talos v1.12 release
notes and confirm any custom machine config templates and values (network, CRI
registries, HostnameConfig, LinkConfig, ResolverConfig, etc.) used by this chart
remain valid under the new multi-doc schema; update any chart templates or
documentation that reference the old .machine.network monolithic structure,
ensure the talosVersion field stays "v1.12" in Chart.yaml, run chart/cluster
validation (install/upgrade dry-run against a Talos v1.12 cluster or use schema
linter) and add notes in the chart README about deprecations/compatibility so
downstream users are aware.

withSecrets: "secrets.yaml"
kubernetesVersion: "v1.34.3"
full: false
Expand Down
2 changes: 1 addition & 1 deletion charts/cozystack/values.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,7 +1,7 @@
endpoint: "https://192.168.100.10:6443"
clusterDomain: cozy.local
floatingIP: 192.168.100.10
image: "ghcr.io/cozystack/cozystack/talos:v1.11.6"
image: "ghcr.io/cozystack/cozystack/talos:v1.12.6"
podSubnets:
- 10.244.0.0/16
serviceSubnets:
Expand Down
Loading