github cozystack/talm v0.27.0
on GitHub

7 hours ago

Highlights

Behaviour changes

  • talm init now refuses when the current directory is inside an existing talm project. Pass --root . to create a sub-project under CWD anyway, or run from the ancestor root to re-init it. (#156, #157)
  • --root <path> on subcommands (apply, template, talosconfig, kubeconfig, rotate-ca) now correctly opts out of the implicit CWD walk-up. Previously the flag was silently ignored on subcommands and walk-up always fired regardless.

Reliability

  • RotateKeys is atomic: backup-and-restore on any phase failure, no partial state on disk. (#159)
  • talm init is all-or-nothing: every destination is pre-checked before the first write, so a Chart.yaml conflict no longer leaves talosconfig/talm.key/secrets.encrypted.yaml stranded.
  • debugPhase tolerates empty patch entries (templates that conditionally emit nothing).
  • Encryption helpers write secrets.yaml and encrypted output with mode 0600.
  • IPv6 endpoint normalisation preserves brackets.

Validation

  • Centralised DNS-1123 subdomain validation across charts and runtime with consistent error messages.

Upgrade notes

The two behaviour changes above can break scripted workflows that:

  1. Run talm init from inside an existing project relying on the old walk-up overlay — either move to the parent directory or pass --root ..
  2. Pass --root <path> to subcommands and expect walk-up to still fire — the flag is now honored and walk-up is suppressed.

Full changelog: v0.26.1...v0.27.0

Check out latest releases or
releases around cozystack/talm v0.27.0

Don't miss a new talm release

NewReleases is sending notifications on new releases.

Get notifications