backports: for v1.13.0-rc.0#1043
Merged
talos-bot merged 12 commits intoApr 15, 2026
Merged
Conversation
Netbird failed to build with Go 1.26 previously, bump version to fix and reenable. Signed-off-by: Noel Georgi <git@frezbo.dev> (cherry picked from commit ddd4720)
Fixes cases where later tasks fail because the disks are still in use (e.g. closing encrypted volumes). Signed-off-by: Galen Abell <galen@galenabell.com> Signed-off-by: Noel Georgi <git@frezbo.dev> (cherry picked from commit 5aeaf4e)
Allow both `/etc/ld.so.conf` and `/etc/ld.so.cache` files in `/etc` since tools expect these to be standard. Signed-off-by: Noel Georgi <git@frezbo.dev> (cherry picked from commit 77208fd)
Allow more NVIDIA and NVME files from extensions, this helps keep Talos rootfs clean and only extensions bring in the required files/symlinks. Signed-off-by: Noel Georgi <git@frezbo.dev> (cherry picked from commit 5a0db53)
Rework and cleanup the NVIDIA extensions so that it uses standard paths and is easier to maintain. Signed-off-by: Noel Georgi <git@frezbo.dev> (cherry picked from commit fdd0258)
Rekres to avoid downloading bldr everytime. Signed-off-by: Noel Georgi <git@frezbo.dev> (cherry picked from commit f525338)
Update various dependencies: - gvisor: 20260309.0 -> 20260406.0 - soci-snapshotter: v0.12.1 -> v0.13.0 - kata-containers: 3.27.0 -> 3.28.0 - crun: 1.26 -> 1.27 - qemu-guest-agent: 10.2.1 -> 10.2.2 - tailscale: 1.94.2 -> 1.96.4 - newt: 1.10.2 -> 1.11.0 - netbird: 0.67.2 -> 0.67.4 - nut: 2.8.4 -> 2.8.5 - fuse3: 3.18.1 -> 3.18.2 - util-linux: 2.41.3 -> 2.41.4 - pkgs/tools update Signed-off-by: Mateusz Urbanek <mateusz.urbanek@siderolabs.com> (cherry picked from commit a9a1e7d)
Make sure we don't ship duplictate extension files. Signed-off-by: Noel Georgi <git@frezbo.dev> (cherry picked from commit 26dae82)
Update and regen docs. Signed-off-by: Andrey Smirnov <andrey.smirnov@siderolabs.com> (cherry picked from commit 3670607)
Add uhid and joydev extensions. Signed-off-by: Ansgar Dahlen <adahlen@evoila.de> Signed-off-by: Noel Georgi <git@frezbo.dev> (cherry picked from commit c5ef7eb)
Save Netbird config to persistent location. Signed-off-by: sam <67697492+shyam0904a@users.noreply.github.com> Signed-off-by: Noel Georgi <git@frezbo.dev> (cherry picked from commit 62d2176)
This is a fix for PR siderolabs#1038, without it the extensions are never built. Signed-off-by: Andrey Smirnov <andrey.smirnov@siderolabs.com> (cherry picked from commit 07b4337)
There was a problem hiding this comment.
Pull request overview
Backports a collection of features/fixes and dependency updates targeted for the v1.13.0-rc.0 release train, including NVIDIA/glibc layout changes, new driver extensions, shutdown behavior improvements, and CI validation enhancements.
Changes:
- Update multiple component versions (gVisor, soci-snapshotter, kata-containers, crun, tailscale, netbird, nut, fuse3, qemu-guest-agent, util-linux, etc.) and refresh generated release/docs metadata.
- Rework glibc + NVIDIA-related packaging/mounts to use standard filesystem locations (
/usr/local,/etc/ld.so.*,/usr/bin/*symlinks). - Add new kernel-module extensions (
uhid,joydev) and introduce duplicate-extension-file validation in CI.
Reviewed changes
Copilot reviewed 42 out of 42 changed files in this pull request and generated 1 comment.
Show a summary per file
| File | Description |
|---|---|
| tools/nvme-cli/pkg.yaml | Adds /usr/bin/nvme symlink for standard tooling expectations. |
| storage/zfs/zfs-service/main.go | Exports zpools on shutdown after unmount to avoid device-busy issues. |
| storage/vars.yaml | Bumps FUSE3 to 3.18.2 with updated checksums. |
| power/vars.yaml | Bumps NUT to 2.8.5 with updated checksums. |
| power/nut-client/patches/replace_system.patch | Replaces system() usage in upsmon shutdown handling with a custom runner. |
| nvidia-gpu/nvidia-fabricmanager/production/nvidia-fabricmanager.yaml | Adjusts bind mounts for glibc loader/libs using standard paths. |
| nvidia-gpu/nvidia-fabricmanager/lts/nvidia-fabricmanager.yaml | Same mount/path adjustments for LTS fabricmanager. |
| nvidia-gpu/nvidia-container-toolkit/production/nvidia-persistenced.yaml | Switches glibc mount from /usr/local/glibc to standard /usr/local/lib + loader mounts. |
| nvidia-gpu/nvidia-container-toolkit/production/nvidia-cdi-gen.yaml | Updates CDI generation mounts (adds /etc, /usr/share, firmware) and removes old glibc library search path flag. |
| nvidia-gpu/nvidia-container-toolkit/nvidia-pkgs/production/pkg.yaml | Updates installer paths, ldconfig location, adds /usr/bin symlinks, and fixes rooted symlink targets. |
| nvidia-gpu/nvidia-container-toolkit/nvidia-pkgs/lts/pkg.yaml | Same packaging changes for LTS NVIDIA pkgs. |
| nvidia-gpu/nvidia-container-toolkit/nvidia-container-runtime/pkg.yaml | Adds /usr/bin symlinks for toolkit commands. |
| nvidia-gpu/nvidia-container-toolkit/lts/nvidia-persistenced.yaml | Same mount/path adjustments for LTS persistenced. |
| nvidia-gpu/nvidia-container-toolkit/lts/nvidia-cdi-gen.yaml | Same CDI mount/path adjustments for LTS. |
| network/vars.yaml | Bumps tailscale/newt/netbird versions and checksums. |
| network/netbird/netbird.yaml | Moves NetBird config path to persistent /var/lib. |
| misc/glibc/pkg.yaml | Reworks glibc install prefix/layout to /usr/local and /etc with loader + ldconfig symlinks. |
| misc/glibc/ld.so.conf | Updates ld.so.conf to point at /usr/local/lib. |
| internal/base/pkg.yaml | Updates extensions-validator image reference. |
| hack/test/exceptions-arm64.yaml | Adds arm64 duplicate-finder exception list for known-duplicate files. |
| hack/test/exceptions-amd64.yaml | Adds amd64 duplicate-finder exception list for known-duplicate files. |
| hack/release.toml | Updates release notes content and documentation link; refreshes component versions list. |
| guest-agents/vars.yaml | Bumps qemu-guest-agent version/checksums. |
| go.work.sum | Updates Go workspace dependency checksums. |
| drivers/uhid/vars.yaml | Introduces uhid extension variables (tier/version). |
| drivers/uhid/pkg.yaml | Adds uhid kernel module extension build/install/test steps. |
| drivers/uhid/manifest.yaml.tmpl | Adds uhid extension manifest template. |
| drivers/uhid/files/modules.txt | Lists uhid module artifacts to package. |
| drivers/uhid/README.md | Documents uhid extension usage/compatibility. |
| drivers/joydev/vars.yaml | Introduces joydev extension variables (tier/version). |
| drivers/joydev/pkg.yaml | Adds joydev kernel module extension build/install/test steps. |
| drivers/joydev/manifest.yaml.tmpl | Adds joydev extension manifest template. |
| drivers/joydev/files/modules.txt | Lists joydev module artifacts to package. |
| drivers/joydev/README.md | Documents joydev extension usage/compatibility. |
| container-runtime/vars.yaml | Bumps gVisor/soci-snapshotter/kata/crun versions and checksums. |
| README.md | Updates catalog versions, adds new extensions, and expands allowed rootfs paths list. |
| Pkgfile | Bumps linux-firmware + util-linux versions used by the build. |
| Makefile | Updates generated metadata, adds new targets, adds duplicate-finder validation target, updates go-tools release usage. |
| .kres.yaml | Rekres updates: enables netbird, adds new targets and validation step, switches to GO_TOOLS_RELEASE. |
| .github/workflows/slack-notify.yaml | Updates slack-github-action pin/version. |
| .github/workflows/slack-notify-ci-failure.yaml | Updates slack-github-action pin/version. |
| .github/workflows/ci.yaml | Updates docker/login-action pin; adds extensions-validate step; updates release action pin. |
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
frezbo
approved these changes
Apr 15, 2026
Member
Author
|
/m |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
PRs backported: