Documentation ¶
Overview ¶
Package cmd implements the entrypoint of the image factory.
Index ¶
Constants ¶
This section is empty.
Variables ¶
View Source
var DefaultOptions = Options{ HTTPListenAddr: ":8080", MinTalosVersion: "1.2.0", ImageRegistry: "ghcr.io", ContainerSignatureSubjectRegExp: `@siderolabs\.com$`, ContainerSignatureIssuerRegExp: "", ContainerSignatureIssuer: "https://accounts.google.com", AssetBuildMaxConcurrency: 6, ExternalURL: "https://localhost/", SchematicServiceRepository: "ghcr.io/siderolabs/image-factory/schematics", InstallerInternalRepository: "ghcr.io/siderolabs", InstallerExternalRepository: "ghcr.io/siderolabs", TalosVersionRecheckInterval: 15 * time.Minute, CacheRepository: "ghcr.io/siderolabs/image-factory/cache", MetricsListenAddr: ":2122", }
DefaultOptions are the default options.
Functions ¶
Types ¶
type Options ¶
type Options struct { // Listen address for the HTTP frontend. HTTPListenAddr string // Asset builder options: minimum supported Talos version. MinTalosVersion string // Image registry for source images: imager, extensions, etc.. ImageRegistry string // Allow insecure connection to the image registry InsecureImageRegistry bool // Options to verify container signatures for imager, extensions, etc. ContainerSignatureSubjectRegExp string ContainerSignatureIssuerRegExp string ContainerSignatureIssuer string // Maximum number of concurrent asset builds. AssetBuildMaxConcurrency int // External URL of the image factory HTTP frontend. ExternalURL string // External URL of the image factory PXE frontend. ExternalPXEURL string // Schematic service OCI registry prefix. // It stores schematics for the image factory as blobs under that path. SchematicServiceRepository string // Allow insecure connection to the schematic service repository. InsecureSchematicRepository bool // OCI registry to store installer images has two endpoints: // - one for the image factory to push images to // - external one for the redirects InstallerInternalRepository string InstallerExternalRepository string // Allow insecure connection to the internal installer repository InsecureInstallerInternalRepository bool // TalosVersionRecheckInterval is the interval for rechecking Talos versions. TalosVersionRecheckInterval time.Duration // CacheSigningKeyPath is the path to the signing key for the cache. // // Best choice is to use ECDSA key. CacheSigningKeyPath string // OCI registry to use to store cached boot assets. // Only used internally by the image factory. CacheRepository string // Allow insecure connection to the cache repository. InsecureCacheRepository bool // Bind address for Prometheus metrics. // // Leave empty to disable. MetricsListenAddr string // SecureBoot settings. SecureBoot SecureBootOptions }
Options configures image factory.
type SecureBootOptions ¶ added in v0.2.0
type SecureBootOptions struct { // Enable SecureBoot asset generation. Enabled bool // File-based approach. SigningKeyPath, SigningCertPath string PCRKeyPath string // Azure Key Vault approach. AzureKeyVaultURL string AzureCertificateName string AzureKeyName string }
SecureBootOptions configures SecureBoot.
Click to show internal directories.
Click to hide internal directories.