Drop settle for all

Signed-off-by: Itxaka <itxaka@kairos.io>

.github/ISSUE_TEMPLATE/file-issues-on-main-kairos-repo.md

@@ -0,0 +1,12 @@
+---
+name: File issues on main Kairos repo
+about: Tell users to file their issues on the main Kairos repo
+title: ''
+labels: ''
+assignees: ''
+
+---
+
+:warning: All Kairos issues are tracked in our main repo, please file your issue there, thanks! :warning:
+
+https://github.com/kairos-io/kairos/issues

.github/workflows/dependabot_auto.yml

@@ -0,0 +1,42 @@
+name: Dependabot auto-merge
+on:
+- pull_request_target
+
+permissions:
+  contents: write
+  pull-requests: write
+  packages: read
+
+jobs:
+  dependabot:
+    runs-on: ubuntu-latest
+    if: ${{ github.actor == 'dependabot[bot]' }}
+    steps:
+      - name: Dependabot metadata
+        id: metadata
+        uses: dependabot/fetch-metadata@v2.0.0
+        with:
+          github-token: "${{ secrets.GITHUB_TOKEN }}"
+          skip-commit-verification: true
+
+      - name: Checkout repository
+        uses: actions/checkout@v4
+
+      - name: Approve a PR if not already approved
+        run: |
+          gh pr checkout "$PR_URL"
+            if [ "$(gh pr status --json reviewDecision -q .currentBranch.reviewDecision)" != "APPROVED" ];
+          then
+            gh pr review --approve "$PR_URL"
+          else
+            echo "PR already approved.";
+          fi
+        env:
+          PR_URL: ${{github.event.pull_request.html_url}}
+          GITHUB_TOKEN: ${{secrets.GITHUB_TOKEN}}
+
+      - name: Enable auto-merge for Dependabot PRs
+        run: gh pr merge --auto --squash "$PR_URL"
+        env:
+          PR_URL: ${{github.event.pull_request.html_url}}
+          GITHUB_TOKEN: ${{secrets.GITHUB_TOKEN}}

.github/workflows/lint.yaml

@@ -0,0 +1,28 @@
+name: Lint
+on:
+  push:
+    branches:
+      - main
+  pull_request:
+    paths:
+      - '**'
+env:
+  FORCE_COLOR: 1
+jobs:
+  lint:
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v4
+        with:
+          fetch-depth: 0
+      - name: Install Go
+        uses: actions/setup-go@v5
+      - name: Install earthly
+        uses: Luet-lab/luet-install-action@v1
+        with:
+          repository: quay.io/kairos/packages
+          packages: utils/earthly
+      - name: Run Lint checks
+        run: |
+          earthly +lint

.github/workflows/renovate_auto.yml

@@ -0,0 +1,35 @@
+name: Renovate auto-merge
+on:
+- pull_request_target
+
+permissions:
+  contents: write
+  pull-requests: write
+  packages: read
+
+jobs:
+  dependabot:
+    runs-on: ubuntu-latest
+    if: ${{ github.actor == 'renovate[bot]' }}
+    steps:
+      - name: Checkout repository
+        uses: actions/checkout@v4
+
+      - name: Approve a PR if not already approved
+        run: |
+          gh pr checkout "$PR_URL"
+            if [ "$(gh pr status --json reviewDecision -q .currentBranch.reviewDecision)" != "APPROVED" ];
+          then
+            gh pr review --approve "$PR_URL"
+          else
+            echo "PR already approved.";
+          fi
+        env:
+          PR_URL: ${{github.event.pull_request.html_url}}
+          GITHUB_TOKEN: ${{secrets.GITHUB_TOKEN}}
+
+      - name: Enable auto-merge for Renovate PRs
+        run: gh pr merge --auto --squash "$PR_URL"
+        env:
+          PR_URL: ${{github.event.pull_request.html_url}}
+          GITHUB_TOKEN: ${{secrets.GITHUB_TOKEN}}

.github/workflows/unit-tests.yml

@@ -1,22 +1,26 @@
 name: Unit tests
 on:
- push:
-   branches:
-     - master
- pull_request:
+  push:
+    branches:
+      - master
+  pull_request:
 
 jobs:
   unit-tests:
+    strategy:
+      matrix:
+        # Match this version to the maintained FIPS version in packages at https://github.com/kairos-io/packages/blob/main/packages/toolchain-go/collection.yaml#L63
+        go-version: ["1.19.10", "1.20", "1.21"]
     runs-on: ubuntu-latest
     steps:
       - name: Checkout code
-        uses: actions/checkout@v3
+        uses: actions/checkout@v4
         with:
           fetch-depth: 0
       - name: Install Go
-        uses: actions/setup-go@v3
+        uses: actions/setup-go@v5
         with:
-          go-version: '^1.18'
+          go-version: ${{ matrix.go-version }}
 
       - name: Install Ginkgo
         run: go install github.com/onsi/ginkgo/v2/ginkgo@v2.5.0

.yamllint

@@ -0,0 +1,21 @@
+extends: default
+
+rules:
+  # 80 chars should be enough, but don't fail if a line is longer
+  line-length:
+    max: 150
+    level: warning
+
+  # accept both     key:
+  #                   - item
+  #
+  # and             key:
+  #                 - item
+  indentation:
+    indent-sequences: whatever
+
+  truthy:
+    check-keys: false
+
+  document-start:
+    present: false

Earthfile

@@ -3,6 +3,9 @@ VERSION 0.6
 # TODO: This needs to come from pre-built kernels in c3os repos, kcrypt included.
 # Framework images should use our initrd
 ARG BASE_IMAGE=quay.io/kairos/core-opensuse
+# renovate: datasource=docker depName=golang
+ARG GO_VERSION=1.20.2
+ARG GOLINT_VERSION=1.52.2
 
 build-kcrypt:
     FROM golang:alpine
@@ -11,15 +14,22 @@ build-kcrypt:
     WORKDIR /work
     ARG VERSION="$(git describe --tags)"
     RUN CGO_ENABLED=0 go build -o kcrypt -ldflags "-X main.Version=$VERSION"
-    SAVE ARTIFACT /work/kcrypt AS LOCAL kcrypt
+    SAVE ARTIFACT /work/kcrypt kcrypt AS LOCAL kcrypt
+
+dracut-artifacts:
+    FROM $BASE_IMAGE
+    WORKDIR /build
+    COPY --dir dracut/29kcrypt .
+    COPY dracut/10-kcrypt.conf .
+    SAVE ARTIFACT 29kcrypt 29kcrypt
+    SAVE ARTIFACT 10-kcrypt.conf 10-kcrypt.conf
 
 build-dracut:
     FROM $BASE_IMAGE
-    COPY . /work
-    COPY +build-kcrypt/kcrypt /usr/bin/kcrypt
     WORKDIR /work
-    RUN cp -r dracut/* /usr/lib/dracut/modules.d
-    RUN cp dracut.conf /etc/dracut.conf.d/10-kcrypt.conf
+    COPY +build-kcrypt/kcrypt /usr/bin/kcrypt
+    COPY +dracut-artifacts/29kcrypt /usr/lib/dracut/modules.d/29kcrypt
+    COPY +dracut-artifacts/10-kcrypt.conf /etc/dracut.conf.d/10-kcrypt.conf
     RUN kernel=$(ls /lib/modules | head -n1) && \
         dracut -f "/boot/initrd-${kernel}" "${kernel}" && \
         ln -sf "initrd-${kernel}" /boot/initrd
@@ -63,3 +73,21 @@ iso:
     RUN sha256sum $ISO_NAME.iso > $ISO_NAME.iso.sha256
     SAVE ARTIFACT /build/$ISO_NAME.iso iso AS LOCAL build/$ISO_NAME.iso
     SAVE ARTIFACT /build/$ISO_NAME.iso.sha256 sha256 AS LOCAL build/$ISO_NAME.iso.sha256
+
+lint:
+    BUILD +golint
+    BUILD +yamllint
+
+golint:
+    ARG GO_VERSION
+    FROM golang:$GO_VERSION
+    ARG GOLINT_VERSION
+    RUN wget -O- -nv https://raw.githubusercontent.com/golangci/golangci-lint/master/install.sh | sh -s v$GOLINT_VERSION
+    WORKDIR /build
+    COPY . .
+    RUN golangci-lint run
+
+yamllint:
+    FROM cytopia/yamllint
+    COPY . .
+    RUN yamllint .github/workflows/

README.md

@@ -0,0 +1,64 @@
+<h1 align="center">
+  <br>
+     <img width="184" alt="kairos-white-column 5bc2fe34" src="https://user-images.githubusercontent.com/2420543/193010398-72d4ba6e-7efe-4c2e-b7ba-d3a826a55b7d.png"><br>
+    Kcrypt
+<br>
+</h1>
+
+<h3 align="center">Cloud native guardian for persistent data in the edge</h3>
+<p align="center">
+  <a href="https://opensource.org/licenses/">
+    <img src="https://img.shields.io/badge/licence-APL2-brightgreen"
+         alt="license">
+  </a>
+  <a href="https://github.com/kairos-io/kcrypt/issues"><img src="https://img.shields.io/github/issues/kairos-io/kcrypt"></a>
+  <a href="https://kairos.io/docs/" target=_blank> <img src="https://img.shields.io/badge/Documentation-blue"
+         alt="docs"></a>
+  <img src="https://img.shields.io/badge/made%20with-Go-blue">
+  <img src="https://goreportcard.com/badge/github.com/kairos-io/kcrypt" alt="go report card" />
+</p>
+
+
+With Kairos you can build immutable, bootable Kubernetes and OS images for your edge devices as easily as writing a Dockerfile. Optional P2P mesh with distributed ledger automates node bootstrapping and coordination. Updating nodes is as easy as CI/CD: push a new image to your container registry and let secure, risk-free A/B atomic upgrades do the rest.
+
+
+<table>
+<tr>
+<th align="center">
+<img width="640" height="1px">
+<p> 
+<small>
+Documentation
+</small>
+</p>
+</th>
+<th align="center">
+<img width="640" height="1">
+<p> 
+<small>
+Contribute
+</small>
+</p>
+</th>
+</tr>
+<tr>
+<td>
+
+ 📚 [Getting started with Kairos](https://kairos.io/docs/getting-started) <br> :bulb: [Examples](https://kairos.io/docs/examples) <br> :movie_camera: [Video](https://kairos.io/docs/media/) <br> :open_hands:[Engage with the Community](https://kairos.io/community/)
+  
+</td>
+<td>
+  
+🙌[ CONTRIBUTING.md ]( https://github.com/kairos-io/kairos/blob/master/CONTRIBUTING.md ) <br> :raising_hand: [ GOVERNANCE ]( https://github.com/kairos-io/kairos/blob/master/GOVERNANCE.md ) <br>:construction_worker:[Code of conduct](https://github.com/kairos-io/kairos/blob/master/CODE_OF_CONDUCT.md) 
+  
+</td>
+</tr>
+</table>
+
+## Description
+
+This is the Kairos internal component which delegates encryption and decryption of partitions in a Kairos system.
+
+## Usage
+
+See the documentation in our website: https://kairos.io/docs/advanced/partition_encryption/.

dracut/29kcrypt/generator.sh

@@ -7,34 +7,46 @@ GENERATOR_DIR="$2"
 [ -z "$GENERATOR_DIR" ] && exit 1
 [ -d "$GENERATOR_DIR" ] || mkdir "$GENERATOR_DIR"
 
-if getargbool 0 rd.neednet; then
-    {
-        echo "[Unit]"
-        echo "DefaultDependencies=no"
-        echo "Description=kcrypt online mount"
-        echo "Before=cos-immutable-rootfs.service"
-        echo "After=network-online.target"
-        echo "Wants=network-online.target"
-        echo "[Service]"
-        echo "Type=oneshot"
-        echo "RemainAfterExit=no"
-        echo "ExecStart=/sbin/kcrypt-mount-local"
-    } > "$GENERATOR_DIR"/kcrypt.service
-else
-    {
-        echo "[Unit]"
-        echo "DefaultDependencies=no"
-        echo "Description=kcrypt mount"
-        echo "Before=cos-immutable-rootfs.service"
-        echo "[Service]"
-        echo "Type=oneshot"
-        echo "RemainAfterExit=no"
-        echo "ExecStart=/sbin/kcrypt-mount-local"
-    } > "$GENERATOR_DIR"/kcrypt.service
+oem_label=$(getarg rd.cos.oemlabel=)
+
+## Several things indicate booting from a different media so we should not do anything
+## rd.cos.disable is set on LIVECD and disables mounting of any type
+if getargbool 0 rd.cos.disable; then
+    exit 0
 fi
+## Netboot is set on...well, netboot obiously
+if getargbool 0 netboot; then
+    exit 0
+fi
+
+
+# See https://github.com/kairos-io/packages/blob/d12b12b043a71d8471454f7b4fc84c3181d2bf60/packages/system/dracut/immutable-rootfs/30cos-immutable-rootfs/cos-generator.sh#L29
+{
+    echo "[Unit]"
+    echo "DefaultDependencies=no"
+    echo "Before=immucore.service"
+    echo "Conflicts=initrd-switch-root.target"
+    if getargbool 0 rd.neednet; then
+        echo "Wants=network-online.target"
+        echo "After=network-online.target"
+        echo "Description=kcrypt online mount"
+    else
+        echo "Description=kcrypt mount"
+    fi
+    # OEM is special as kcrypt plugins might need that in order to unlock other partitions and plugins can reside in /oem as well and kcrypt needs to find them
+    if [ -n "${oem_label}" ]; then
+        echo "After=oem.mount"
+    fi
+    echo "After=sysroot.mount"
+    echo "[Service]"
+    echo "Type=oneshot"
+    echo "RemainAfterExit=no"
+    echo "ExecStart=/usr/bin/kcrypt unlock-all"
+} > "$GENERATOR_DIR"/kcrypt.service
+
 
 if [ ! -e "$GENERATOR_DIR/initrd-fs.target.requires/kcrypt.service" ]; then
     mkdir -p "$GENERATOR_DIR"/initrd-fs.target.requires
     ln -s "$GENERATOR_DIR"/kcrypt.service \
         "$GENERATOR_DIR"/initrd-fs.target.requires/kcrypt.service
-fi
+fi

dracut/29kcrypt/module-setup.sh

@@ -27,8 +27,7 @@ install() {
 
     inst_multiple \
         kcrypt
-    inst_script "${moddir}/mount-local.sh" "/sbin/kcrypt-mount-local"
-    #inst_hook pre-trigger 10 "$moddir/mount-local.sh"
+
     inst_script "${moddir}/generator.sh" \
         "${systemdutildir}/system-generators/dracut-kcrypt-generator"
 

dracut/29kcrypt/mount-local.sh

@@ -1,19 +0,0 @@
-#!/bin/sh
-# -*- mode: shell-script; indent-tabs-mode: nil; sh-basic-offset: 4; -*-
-# ex: ts=8 sw=4 sts=4 et filetype=sh
-
-type getarg > /dev/null 2>&1 || . /lib/dracut-lib.sh
-
-PATH=/usr/sbin:/usr/bin:/sbin:/bin
-
-OEM=$(blkid -L COS_OEM)
-if [ "$OEM" != "" ]; then
-    mkdir /oem
-    mount $OEM /oem
-fi
-
-kcrypt unlock-all
-
-if [ "$OEM" != "" ]; then
-umount /oem
-fi

earthly.sh

@@ -0,0 +1,3 @@
+#!/bin/bash
+
+docker run --privileged -v /var/run/docker.sock:/var/run/docker.sock --rm -t -v $(pwd):/workspace -v earthly-tmp:/tmp/earthly:rw earthly/earthly:v0.6.21 --allow-privileged $@

go.mod

@@ -1,38 +1,103 @@
 module github.com/kairos-io/kcrypt
 
-go 1.18
+go 1.19
 
-require (
-	github.com/anatol/luks.go v0.0.0-20220803222236-155595903818
-	github.com/hashicorp/go-multierror v1.1.1
-	github.com/jaypipes/ghw v0.9.0
-	github.com/mudler/go-pluggable v0.0.0-20220716112424-189d463e3ff3
-	github.com/onsi/ginkgo/v2 v2.5.0
-	github.com/onsi/gomega v1.24.0
-	github.com/otiai10/copy v1.7.0
-	github.com/pkg/errors v0.9.1
-	github.com/urfave/cli v1.22.9
-	gopkg.in/yaml.v3 v3.0.1
+replace (
+	github.com/onsi/ginkgo/v2 v2.17.1 => github.com/onsi/ginkgo/v2 v2.12.1
+	github.com/onsi/gomega v1.33.0 => github.com/onsi/gomega v1.28.0
 )
 
 require (
+	github.com/anatol/luks.go v0.0.0-20230423170605-fb3724ed7db7
+	github.com/gofrs/uuid v4.4.0+incompatible
+	github.com/jaypipes/ghw v0.12.0
+	github.com/kairos-io/kairos-sdk v0.1.1
+	github.com/mudler/go-pluggable v0.0.0-20230126220627-7710299a0ae5
+	github.com/onsi/ginkgo/v2 v2.17.1
+	github.com/onsi/gomega v1.33.0
+	github.com/otiai10/copy v1.14.0
+	github.com/pkg/errors v0.9.1
+	github.com/rs/zerolog v1.32.0
+	github.com/urfave/cli v1.22.14
+	gopkg.in/yaml.v1 v1.0.0-20140924161607-9f9df34309c0
+)
+
+require (
+	atomicgo.dev/cursor v0.1.3 // indirect
+	atomicgo.dev/keyboard v0.2.9 // indirect
+	atomicgo.dev/schedule v0.0.2 // indirect
+	github.com/Microsoft/go-winio v0.6.1 // indirect
+	github.com/Microsoft/hcsshim v0.11.4 // indirect
 	github.com/StackExchange/wmi v1.2.1 // indirect
-	github.com/anatol/devmapper.go v0.0.0-20220716012224-693a1447fc15 // indirect
+	github.com/anatol/devmapper.go v0.0.0-20220907161421-ba4de5fc0fd1 // indirect
+	github.com/avast/retry-go v3.0.0+incompatible // indirect
+	github.com/aybabtme/rgbterm v0.0.0-20170906152045-cc83f3b3ce59 // indirect
 	github.com/chuckpreslar/emission v0.0.0-20170206194824-a7ddd980baf9 // indirect
-	github.com/cpuguy83/go-md2man/v2 v2.0.0-20190314233015-f79a8a8ca69d // indirect
+	github.com/containerd/cgroups v1.1.0 // indirect
+	github.com/containerd/console v1.0.3 // indirect
+	github.com/containerd/containerd v1.7.11 // indirect
+	github.com/containerd/continuity v0.4.2 // indirect
+	github.com/containerd/log v0.1.0 // indirect
+	github.com/containerd/stargz-snapshotter/estargz v0.14.3 // indirect
+	github.com/cpuguy83/go-md2man/v2 v2.0.2 // indirect
+	github.com/denisbrodbeck/machineid v1.0.1 // indirect
+	github.com/dgryski/go-camellia v0.0.0-20191119043421-69a8a13fb23d // indirect
+	github.com/docker/cli v24.0.0+incompatible // indirect
+	github.com/docker/distribution v2.8.2+incompatible // indirect
+	github.com/docker/docker v24.0.9+incompatible // indirect
+	github.com/docker/docker-credential-helpers v0.7.0 // indirect
+	github.com/docker/go-connections v0.4.0 // indirect
+	github.com/docker/go-units v0.5.0 // indirect
 	github.com/ghodss/yaml v1.0.0 // indirect
-	github.com/go-logr/logr v1.2.3 // indirect
+	github.com/go-logr/logr v1.4.1 // indirect
 	github.com/go-ole/go-ole v1.2.6 // indirect
-	github.com/google/go-cmp v0.5.9 // indirect
-	github.com/hashicorp/errwrap v1.0.0 // indirect
+	github.com/go-task/slim-sprig v0.0.0-20230315185526-52ccab3ef572 // indirect
+	github.com/gogo/protobuf v1.3.2 // indirect
+	github.com/golang/groupcache v0.0.0-20210331224755-41bb18bfe9da // indirect
+	github.com/golang/protobuf v1.5.4 // indirect
+	github.com/google/go-cmp v0.6.0 // indirect
+	github.com/google/go-containerregistry v0.19.1 // indirect
+	github.com/google/pprof v0.0.0-20230228050547-1710fef4ab10 // indirect
+	github.com/google/shlex v0.0.0-20191202100458-e7afc7fbc510 // indirect
+	github.com/gookit/color v1.5.3 // indirect
+	github.com/hashicorp/errwrap v1.1.0 // indirect
+	github.com/hashicorp/go-multierror v1.1.1 // indirect
+	github.com/itchyny/gojq v0.12.15 // indirect
+	github.com/itchyny/timefmt-go v0.1.5 // indirect
 	github.com/jaypipes/pcidb v1.0.0 // indirect
+	github.com/joho/godotenv v1.5.1 // indirect
+	github.com/jzelinskie/whirlpool v0.0.0-20201016144138-0675e54bb004 // indirect
+	github.com/klauspost/compress v1.17.4 // indirect
+	github.com/lithammer/fuzzysearch v1.1.8 // indirect
+	github.com/mattn/go-colorable v0.1.13 // indirect
+	github.com/mattn/go-isatty v0.0.20 // indirect
+	github.com/mattn/go-runewidth v0.0.15 // indirect
 	github.com/mitchellh/go-homedir v1.1.0 // indirect
-	github.com/russross/blackfriday/v2 v2.0.1 // indirect
-	github.com/shurcooL/sanitized_anchor_name v1.0.0 // indirect
-	golang.org/x/crypto v0.0.0-20220722155217-630584e8d5aa // indirect
-	golang.org/x/net v0.1.0 // indirect
-	golang.org/x/sys v0.1.0 // indirect
-	golang.org/x/text v0.4.0 // indirect
+	github.com/moby/sys/sequential v0.5.0 // indirect
+	github.com/nfnt/resize v0.0.0-20180221191011-83c6a9932646 // indirect
+	github.com/opencontainers/go-digest v1.0.0 // indirect
+	github.com/opencontainers/image-spec v1.1.0-rc3 // indirect
+	github.com/pterm/pterm v0.12.63 // indirect
+	github.com/qeesung/image2ascii v1.0.1 // indirect
+	github.com/rivo/uniseg v0.4.7 // indirect
+	github.com/russross/blackfriday/v2 v2.1.0 // indirect
+	github.com/sirupsen/logrus v1.9.3 // indirect
+	github.com/vbatts/tar-split v0.11.3 // indirect
+	github.com/wayneashleyberry/terminal-dimensions v1.1.0 // indirect
+	github.com/xo/terminfo v0.0.0-20220910002029-abceb7e1c41e // indirect
+	go.opencensus.io v0.24.0 // indirect
+	golang.org/x/crypto v0.22.0 // indirect
+	golang.org/x/mod v0.15.0 // indirect
+	golang.org/x/net v0.23.0 // indirect
+	golang.org/x/sync v0.6.0 // indirect
+	golang.org/x/sys v0.19.0 // indirect
+	golang.org/x/term v0.19.0 // indirect
+	golang.org/x/text v0.14.0 // indirect
+	golang.org/x/tools v0.18.0 // indirect
+	google.golang.org/genproto/googleapis/rpc v0.0.0-20230711160842-782d3b101e98 // indirect
+	google.golang.org/grpc v1.58.3 // indirect
+	google.golang.org/protobuf v1.33.0 // indirect
 	gopkg.in/yaml.v2 v2.4.0 // indirect
+	gopkg.in/yaml.v3 v3.0.1 // indirect
 	howett.net/plist v1.0.0 // indirect
 )

go.sum

@@ -1,106 +1,314 @@
+atomicgo.dev/assert v0.0.2 h1:FiKeMiZSgRrZsPo9qn/7vmr7mCsh5SZyXY4YGYiYwrg=
+atomicgo.dev/cursor v0.1.3 h1:w8GcylMdZRyFzvDiGm3wy3fhZYYT7BwaqNjUFHxo0NU=
+atomicgo.dev/cursor v0.1.3/go.mod h1:Lr4ZJB3U7DfPPOkbH7/6TOtJ4vFGHlgj1nc+n900IpU=
+atomicgo.dev/keyboard v0.2.9 h1:tOsIid3nlPLZ3lwgG8KZMp/SFmr7P0ssEN5JUsm78K8=
+atomicgo.dev/keyboard v0.2.9/go.mod h1:BC4w9g00XkxH/f1HXhW2sXmJFOCWbKn9xrOunSFtExQ=
+atomicgo.dev/schedule v0.0.2 h1:2e/4KY6t3wokja01Cyty6qgkQM8MotJzjtqCH70oX2Q=
+atomicgo.dev/schedule v0.0.2/go.mod h1:xeUa3oAkiuHYh8bKiQBRojqAMq3PXXbJujjb0hw8pEU=
+cloud.google.com/go v0.26.0/go.mod h1:aQUYkXzVsufM+DwF1aE+0xfcU+56JwCaLick0ClmMTw=
+github.com/Azure/go-ansiterm v0.0.0-20230124172434-306776ec8161 h1:L/gRVlceqvL25UVaW/CKtUDjefjrs0SPonmDGUVOYP0=
 github.com/BurntSushi/toml v0.3.1/go.mod h1:xHWCNGjB5oqiDr8zfno3MHue2Ht5sIBksp03qcyfWMU=
+github.com/BurntSushi/toml v1.2.1/go.mod h1:CxXYINrC8qIiEnFrOxCa7Jy5BFHlXnUU2pbicEuybxQ=
+github.com/BurntSushi/toml v1.3.2/go.mod h1:CxXYINrC8qIiEnFrOxCa7Jy5BFHlXnUU2pbicEuybxQ=
+github.com/MarvinJWendt/testza v0.1.0/go.mod h1:7AxNvlfeHP7Z/hDQ5JtE3OKYT3XFUeLCDE2DQninSqs=
+github.com/MarvinJWendt/testza v0.2.1/go.mod h1:God7bhG8n6uQxwdScay+gjm9/LnO4D3kkcZX4hv9Rp8=
+github.com/MarvinJWendt/testza v0.2.8/go.mod h1:nwIcjmr0Zz+Rcwfh3/4UhBp7ePKVhuBExvZqnKYWlII=
+github.com/MarvinJWendt/testza v0.2.10/go.mod h1:pd+VWsoGUiFtq+hRKSU1Bktnn+DMCSrDrXDpX2bG66k=
+github.com/MarvinJWendt/testza v0.2.12/go.mod h1:JOIegYyV7rX+7VZ9r77L/eH6CfJHHzXjB69adAhzZkI=
+github.com/MarvinJWendt/testza v0.3.0/go.mod h1:eFcL4I0idjtIx8P9C6KkAuLgATNKpX4/2oUqKc6bF2c=
+github.com/MarvinJWendt/testza v0.4.2/go.mod h1:mSdhXiKH8sg/gQehJ63bINcCKp7RtYewEjXsvsVUPbE=
+github.com/MarvinJWendt/testza v0.5.2 h1:53KDo64C1z/h/d/stCYCPY69bt/OSwjq5KpFNwi+zB4=
+github.com/Microsoft/go-winio v0.6.1 h1:9/kr64B9VUZrLm5YYwbGtUJnMgqWVOdUAXu6Migciow=
+github.com/Microsoft/go-winio v0.6.1/go.mod h1:LRdKpFKfdobln8UmuiYcKPot9D2v6svN5+sAH+4kjUM=
+github.com/Microsoft/hcsshim v0.11.4 h1:68vKo2VN8DE9AdN4tnkWnmdhqdbpUFM8OF3Airm7fz8=
+github.com/Microsoft/hcsshim v0.11.4/go.mod h1:smjE4dvqPX9Zldna+t5FG3rnoHhaB7QYxPRqGcpAD9w=
 github.com/StackExchange/wmi v1.2.1 h1:VIkavFPXSjcnS+O8yTq7NI32k0R5Aj+v39y29VYDOSA=
 github.com/StackExchange/wmi v1.2.1/go.mod h1:rcmrprowKIVzvc+NUiLncP2uuArMWLCbu9SBzvHz7e8=
-github.com/anatol/devmapper.go v0.0.0-20220716012224-693a1447fc15 h1:741Z9HQjbLXe4SnZ6liQTYINeD559oFl/vOtzA21KM0=
-github.com/anatol/devmapper.go v0.0.0-20220716012224-693a1447fc15/go.mod h1:Ow7/kdG1m4K6UDTOwJeYJv9bkSLoL44qSu7S/Bxxi4Y=
-github.com/anatol/luks.go v0.0.0-20220803222236-155595903818 h1:IyYgXFMhnSIbkDnDrTnMrPDYlc/uYhG5UcGX6NVkO58=
-github.com/anatol/luks.go v0.0.0-20220803222236-155595903818/go.mod h1:1lE8PgTi0cS+3YsxbWcpfvGfjiPrRdcKJZc9j70OOTs=
+github.com/anatol/devmapper.go v0.0.0-20220907161421-ba4de5fc0fd1 h1:6ok4FQsJFooNYKiSmrVUv476cG/NYmbM0LxazuL4sZU=
+github.com/anatol/devmapper.go v0.0.0-20220907161421-ba4de5fc0fd1/go.mod h1:k5R4Ie9eQbP4muJljLeun3f1onpMKRSqG/aXMFdCWm4=
+github.com/anatol/luks.go v0.0.0-20230423170605-fb3724ed7db7 h1:Q9DsAuWcdvV/7nK8Vdfzd/JBuCaXJn6ON/1H4gYvw5U=
+github.com/anatol/luks.go v0.0.0-20230423170605-fb3724ed7db7/go.mod h1:Dg5siXjPlu/NB24ivNHK5cOms5u9dLc/GEWaGFb0t3I=
 github.com/anatol/vmtest v0.0.0-20220413190228-7a42f1f6d7b8 h1:t4JGeY9oaF5LB4Rdx9e2wARRRPAYt8Ow4eCf5SwO3fA=
+github.com/atomicgo/cursor v0.0.1/go.mod h1:cBON2QmmrysudxNBFthvMtN32r3jxVRIvzkUiF/RuIk=
+github.com/avast/retry-go v3.0.0+incompatible h1:4SOWQ7Qs+oroOTQOYnAHqelpCO0biHSxpiH9JdtuBj0=
+github.com/avast/retry-go v3.0.0+incompatible/go.mod h1:XtSnn+n/sHqQIpZ10K1qAevBhOOCWBLXXy3hyiqqBrY=
+github.com/aybabtme/rgbterm v0.0.0-20170906152045-cc83f3b3ce59 h1:WWB576BN5zNSZc/M9d/10pqEx5VHNhaQ/yOVAkmj5Yo=
+github.com/aybabtme/rgbterm v0.0.0-20170906152045-cc83f3b3ce59/go.mod h1:q/89r3U2H7sSsE2t6Kca0lfwTK8JdoNGS/yzM/4iH5I=
+github.com/census-instrumentation/opencensus-proto v0.2.1/go.mod h1:f6KPmirojxKA12rnyqOA5BBL4O983OfeGPqjHWSTneU=
 github.com/chuckpreslar/emission v0.0.0-20170206194824-a7ddd980baf9 h1:xz6Nv3zcwO2Lila35hcb0QloCQsc38Al13RNEzWRpX4=
 github.com/chuckpreslar/emission v0.0.0-20170206194824-a7ddd980baf9/go.mod h1:2wSM9zJkl1UQEFZgSd68NfCgRz1VL1jzy/RjCg+ULrs=
-github.com/cpuguy83/go-md2man/v2 v2.0.0-20190314233015-f79a8a8ca69d h1:U+s90UTSYgptZMwQh2aRr3LuazLJIa+Pg3Kc1ylSYVY=
-github.com/cpuguy83/go-md2man/v2 v2.0.0-20190314233015-f79a8a8ca69d/go.mod h1:maD7wRr/U5Z6m/iR4s+kqSMx2CaBsrgA7czyZG/E6dU=
+github.com/client9/misspell v0.3.4/go.mod h1:qj6jICC3Q7zFZvVWo7KLAzC3yx5G7kyvSDkc90ppPyw=
+github.com/cncf/udpa/go v0.0.0-20191209042840-269d4d468f6f/go.mod h1:M8M6+tZqaGXZJjfX53e64911xZQV5JYwmTeXPW+k8Sc=
+github.com/containerd/cgroups v1.1.0 h1:v8rEWFl6EoqHB+swVNjVoCJE8o3jX7e8nqBGPLaDFBM=
+github.com/containerd/cgroups v1.1.0/go.mod h1:6ppBcbh/NOOUU+dMKrykgaBnK9lCIBxHqJDGwsa1mIw=
+github.com/containerd/console v1.0.3 h1:lIr7SlA5PxZyMV30bDW0MGbiOPXwc63yRuCP0ARubLw=
+github.com/containerd/console v1.0.3/go.mod h1:7LqA/THxQ86k76b8c/EMSiaJ3h1eZkMkXar0TQ1gf3U=
+github.com/containerd/containerd v1.7.11 h1:lfGKw3eU35sjV0aG2eYZTiwFEY1pCzxdzicHP3SZILw=
+github.com/containerd/containerd v1.7.11/go.mod h1:5UluHxHTX2rdvYuZ5OJTC5m/KJNs0Zs9wVoJm9zf5ZE=
+github.com/containerd/continuity v0.4.2 h1:v3y/4Yz5jwnvqPKJJ+7Wf93fyWoCB3F5EclWG023MDM=
+github.com/containerd/continuity v0.4.2/go.mod h1:F6PTNCKepoxEaXLQp3wDAjygEnImnZ/7o4JzpodfroQ=
+github.com/containerd/log v0.1.0 h1:TCJt7ioM2cr/tfR8GPbGf9/VRAX8D2B4PjzCpfX540I=
+github.com/containerd/log v0.1.0/go.mod h1:VRRf09a7mHDIRezVKTRCrOq78v577GXq3bSa3EhrzVo=
+github.com/containerd/stargz-snapshotter/estargz v0.14.3 h1:OqlDCK3ZVUO6C3B/5FSkDwbkEETK84kQgEeFwDC+62k=
+github.com/containerd/stargz-snapshotter/estargz v0.14.3/go.mod h1:KY//uOCIkSuNAHhJogcZtrNHdKrA99/FCCRjE3HD36o=
+github.com/coreos/go-systemd/v22 v22.5.0/go.mod h1:Y58oyj3AT4RCenI/lSvhwexgC+NSVTIJ3seZv2GcEnc=
+github.com/cpuguy83/go-md2man/v2 v2.0.2 h1:p1EgwI/C7NhT0JmVkwCD2ZBK8j4aeHQX2pMHHBfMQ6w=
+github.com/cpuguy83/go-md2man/v2 v2.0.2/go.mod h1:tgQtvFlXSQOSOSIRvRPT7W67SCa46tRHOmNcaadrF8o=
+github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
 github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c=
+github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
+github.com/denisbrodbeck/machineid v1.0.1 h1:geKr9qtkB876mXguW2X6TU4ZynleN6ezuMSRhl4D7AQ=
+github.com/denisbrodbeck/machineid v1.0.1/go.mod h1:dJUwb7PTidGDeYyUBmXZ2GphQBbjJCrnectwCyxcUSI=
+github.com/dgryski/go-camellia v0.0.0-20191119043421-69a8a13fb23d h1:CPqTNIigGweVPT4CYb+OO2E6XyRKFOmvTHwWRLgCAlE=
+github.com/dgryski/go-camellia v0.0.0-20191119043421-69a8a13fb23d/go.mod h1:QX5ZVULjAfZJux/W62Y91HvCh9hyW6enAwcrrv/sLj0=
+github.com/docker/cli v24.0.0+incompatible h1:0+1VshNwBQzQAx9lOl+OYCTCEAD8fKs/qeXMx3O0wqM=
+github.com/docker/cli v24.0.0+incompatible/go.mod h1:JLrzqnKDaYBop7H2jaqPtU4hHvMKP+vjCwu2uszcLI8=
+github.com/docker/distribution v2.8.2+incompatible h1:T3de5rq0dB1j30rp0sA2rER+m322EBzniBPB6ZIzuh8=
+github.com/docker/distribution v2.8.2+incompatible/go.mod h1:J2gT2udsDAN96Uj4KfcMRqY0/ypR+oyYUYmja8H+y+w=
+github.com/docker/docker v24.0.9+incompatible h1:HPGzNmwfLZWdxHqK9/II92pyi1EpYKsAqcl4G0Of9v0=
+github.com/docker/docker v24.0.9+incompatible/go.mod h1:eEKB0N0r5NX/I1kEveEz05bcu8tLC/8azJZsviup8Sk=
+github.com/docker/docker-credential-helpers v0.7.0 h1:xtCHsjxogADNZcdv1pKUHXryefjlVRqWqIhk/uXJp0A=
+github.com/docker/docker-credential-helpers v0.7.0/go.mod h1:rETQfLdHNT3foU5kuNkFR1R1V12OJRRO5lzt2D1b5X0=
+github.com/docker/go-connections v0.4.0 h1:El9xVISelRB7BuFusrZozjnkIM5YnzCViNKohAFqRJQ=
+github.com/docker/go-connections v0.4.0/go.mod h1:Gbd7IOopHjR8Iph03tsViu4nIes5XhDvyHbTtUxmeec=
+github.com/docker/go-units v0.5.0 h1:69rxXcBk27SvSaaxTtLh/8llcHD8vYHT7WSdRZ/jvr4=
+github.com/docker/go-units v0.5.0/go.mod h1:fgPhTUdO+D/Jk86RDLlptpiXQzgHJF7gydDDbaIK4Dk=
+github.com/envoyproxy/go-control-plane v0.9.0/go.mod h1:YTl/9mNaCwkRvm6d1a2C3ymFceY/DCBVvsKhRF0iEA4=
+github.com/envoyproxy/go-control-plane v0.9.1-0.20191026205805-5f8ba28d4473/go.mod h1:YTl/9mNaCwkRvm6d1a2C3ymFceY/DCBVvsKhRF0iEA4=
+github.com/envoyproxy/go-control-plane v0.9.4/go.mod h1:6rpuAdCZL397s3pYoYcLgu1mIlRU8Am5FuJP05cCM98=
+github.com/envoyproxy/protoc-gen-validate v0.1.0/go.mod h1:iSmxcyjqTsJpI2R4NaDN7+kN2VEUnK/pcBlmesArF7c=
 github.com/fsnotify/fsnotify v1.4.7/go.mod h1:jwhsz4b93w/PPRr/qN1Yymfu8t87LnFCMoQvtojpjFo=
-github.com/fsnotify/fsnotify v1.4.9 h1:hsms1Qyu0jgnwNXIxa+/V/PDsU6CfLf6CNO8H7IWoS4=
 github.com/fsnotify/fsnotify v1.4.9/go.mod h1:znqG4EE+3YCdAaPaxE2ZRY/06pZUdp0tY4IgpuI1SZQ=
+github.com/fsnotify/fsnotify v1.6.0 h1:n+5WquG0fcWoWp6xPWfHdbskMCQaFnG6PfBrh1Ky4HY=
 github.com/ghodss/yaml v1.0.0 h1:wQHKEahhL6wmXdzwWG11gIVCkOv05bNOh+Rxn0yngAk=
 github.com/ghodss/yaml v1.0.0/go.mod h1:4dBDuWmgqj2HViK6kFavaiC9ZROes6MMH2rRYeMEF04=
-github.com/go-logr/logr v1.2.3 h1:2DntVwHkVopvECVRSlL5PSo9eG+cAkDCuckLubN+rq0=
-github.com/go-logr/logr v1.2.3/go.mod h1:jdQByPbusPIv2/zmleS9BjJVeZ6kBagPoEUsqbVz/1A=
+github.com/go-logr/logr v1.4.1 h1:pKouT5E8xu9zeFC39JXRDukb6JFQPXM5p5I91188VAQ=
+github.com/go-logr/logr v1.4.1/go.mod h1:9T104GzyrTigFIr8wt5mBrctHMim0Nb2HLGrmQ40KvY=
 github.com/go-ole/go-ole v1.2.5/go.mod h1:pprOEPIfldk/42T2oK7lQ4v4JSDwmV0As9GaiUsvbm0=
 github.com/go-ole/go-ole v1.2.6 h1:/Fpf6oFPoeFik9ty7siob0G6Ke8QvQEuVcuChpwXzpY=
 github.com/go-ole/go-ole v1.2.6/go.mod h1:pprOEPIfldk/42T2oK7lQ4v4JSDwmV0As9GaiUsvbm0=
+github.com/go-task/slim-sprig v0.0.0-20230315185526-52ccab3ef572 h1:tfuBGBXKqDEevZMzYi5KSi8KkcZtzBcTgAUUtapy0OI=
+github.com/go-task/slim-sprig v0.0.0-20230315185526-52ccab3ef572/go.mod h1:9Pwr4B2jHnOSGXyyzV8ROjYa2ojvAY6HCGYYfMoC3Ls=
+github.com/godbus/dbus/v5 v5.0.4/go.mod h1:xhWf0FNVPg57R7Z0UbKHbJfkEywrmjJnf7w5xrFpKfA=
+github.com/gofrs/uuid v4.4.0+incompatible h1:3qXRTX8/NbyulANqlc0lchS1gqAVxRgsuW1YrTJupqA=
+github.com/gofrs/uuid v4.4.0+incompatible/go.mod h1:b2aQJv3Z4Fp6yNu3cdSllBxTCLRxnplIgP/c0N/04lM=
+github.com/gogo/protobuf v1.3.2 h1:Ov1cvc58UF3b5XjBnZv7+opcTcQFZebYjWzi34vdm4Q=
+github.com/gogo/protobuf v1.3.2/go.mod h1:P1XiOD3dCwIKUDQYPy72D8LYyHL2YPYrpS2s69NZV8Q=
+github.com/golang/glog v0.0.0-20160126235308-23def4e6c14b/go.mod h1:SBH7ygxi8pfUlaOkMMuAQtPIUF8ecWP5IEl/CR7VP2Q=
+github.com/golang/groupcache v0.0.0-20200121045136-8c9f03a8e57e/go.mod h1:cIg4eruTrX1D+g88fzRXU5OdNfaM+9IcxsU14FzY7Hc=
+github.com/golang/groupcache v0.0.0-20210331224755-41bb18bfe9da h1:oI5xCqsCo564l8iNU+DwB5epxmsaqB+rhGL0m5jtYqE=
+github.com/golang/groupcache v0.0.0-20210331224755-41bb18bfe9da/go.mod h1:cIg4eruTrX1D+g88fzRXU5OdNfaM+9IcxsU14FzY7Hc=
+github.com/golang/mock v1.1.1/go.mod h1:oTYuIxOrZwtPieC+H1uAHpcLFnEyAGVDL/k47Jfbm0A=
 github.com/golang/protobuf v1.2.0/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U=
+github.com/golang/protobuf v1.3.2/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U=
 github.com/golang/protobuf v1.4.0-rc.1/go.mod h1:ceaxUfeHdC40wWswd/P6IGgMaK3YpKi5j83Wpe3EHw8=
 github.com/golang/protobuf v1.4.0-rc.1.0.20200221234624-67d41d38c208/go.mod h1:xKAWHe0F5eneWXFV3EuXVDTCmh+JuBKY0li0aMyXATA=
 github.com/golang/protobuf v1.4.0-rc.2/go.mod h1:LlEzMj4AhA7rCAGe4KMBDvJI+AwstrUpVNzEA03Pprs=
 github.com/golang/protobuf v1.4.0-rc.4.0.20200313231945-b860323f09d0/go.mod h1:WU3c8KckQ9AFe+yFwt9sWVRKCVIyN9cPHBJSNnbL67w=
 github.com/golang/protobuf v1.4.0/go.mod h1:jodUvKwWbYaEsadDk5Fwe5c77LiNKVO9IDvqG2KuDX0=
+github.com/golang/protobuf v1.4.1/go.mod h1:U8fpvMrcmy5pZrNK1lt4xCsGvpyWQ/VVv6QDs8UjoX8=
 github.com/golang/protobuf v1.4.2/go.mod h1:oDoupMAO8OvCJWAcko0GGGIgR6R6ocIYbsSw735rRwI=
-github.com/golang/protobuf v1.5.2 h1:ROPKBNFfQgOUMifHyP+KYbvpjbdoFNs+aK7DXlji0Tw=
+github.com/golang/protobuf v1.4.3/go.mod h1:oDoupMAO8OvCJWAcko0GGGIgR6R6ocIYbsSw735rRwI=
+github.com/golang/protobuf v1.5.4 h1:i7eJL8qZTpSEXOPTxNKhASYpMn+8e5Q6AdndVa1dWek=
+github.com/golang/protobuf v1.5.4/go.mod h1:lnTiLA8Wa4RWRcIUkrtSVa5nRhsEGBg48fD6rSs7xps=
+github.com/google/go-cmp v0.2.0/go.mod h1:oXzfMopK8JAjlY9xF4vHSVASa0yLyX7SntLO5aqRK0M=
 github.com/google/go-cmp v0.3.0/go.mod h1:8QqcDgzrUqlUb/G2PQTWiueGozuR1884gddMywk6iLU=
 github.com/google/go-cmp v0.3.1/go.mod h1:8QqcDgzrUqlUb/G2PQTWiueGozuR1884gddMywk6iLU=
 github.com/google/go-cmp v0.4.0/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE=
-github.com/google/go-cmp v0.5.9 h1:O2Tfq5qg4qc4AmwVlvv0oLiVAGB7enBSJ2x2DqQFi38=
-github.com/google/go-cmp v0.5.9/go.mod h1:17dUlkBOakJ0+DkrSSNjCkIjxS6bF9zb3elmeNGIjoY=
-github.com/hashicorp/errwrap v1.0.0 h1:hLrqtEDnRye3+sgx6z4qVLNuviH3MR5aQ0ykNJa/UYA=
+github.com/google/go-cmp v0.5.0/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE=
+github.com/google/go-cmp v0.5.3/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE=
+github.com/google/go-cmp v0.6.0 h1:ofyhxvXcZhMsU5ulbFiLKl/XBFqE1GSq7atu8tAmTRI=
+github.com/google/go-cmp v0.6.0/go.mod h1:17dUlkBOakJ0+DkrSSNjCkIjxS6bF9zb3elmeNGIjoY=
+github.com/google/go-containerregistry v0.19.1 h1:yMQ62Al6/V0Z7CqIrrS1iYoA5/oQCm88DeNujc7C1KY=
+github.com/google/go-containerregistry v0.19.1/go.mod h1:YCMFNQeeXeLF+dnhhWkqDItx/JSkH01j1Kis4PsjzFI=
+github.com/google/pprof v0.0.0-20230228050547-1710fef4ab10 h1:CqYfpuYIjnlNxM3msdyPRKabhXZWbKjf3Q8BWROFBso=
+github.com/google/pprof v0.0.0-20230228050547-1710fef4ab10/go.mod h1:79YE0hCXdHag9sBkw2o+N/YnZtTkXi0UT9Nnixa5eYk=
+github.com/google/shlex v0.0.0-20191202100458-e7afc7fbc510 h1:El6M4kTTCOh6aBiKaUGG7oYTSPP8MxqL4YI3kZKwcP4=
+github.com/google/shlex v0.0.0-20191202100458-e7afc7fbc510/go.mod h1:pupxD2MaaD3pAXIBCelhxNneeOaAeabZDe5s4K6zSpQ=
+github.com/google/uuid v1.1.2/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo=
+github.com/gookit/color v1.4.2/go.mod h1:fqRyamkC1W8uxl+lxCQxOT09l/vYfZ+QeiX3rKQHCoQ=
+github.com/gookit/color v1.5.0/go.mod h1:43aQb+Zerm/BWh2GnrgOQm7ffz7tvQXEKV6BFMl7wAo=
+github.com/gookit/color v1.5.3 h1:twfIhZs4QLCtimkP7MOxlF3A0U/5cDPseRT9M/+2SCE=
+github.com/gookit/color v1.5.3/go.mod h1:NUzwzeehUfl7GIb36pqId+UGmRfQcU/WiiyTTeNjHtE=
 github.com/hashicorp/errwrap v1.0.0/go.mod h1:YH+1FKiLXxHSkmPseP+kNlulaMuP3n2brvKWEqk/Jc4=
+github.com/hashicorp/errwrap v1.1.0 h1:OxrOeh75EUXMY8TBjag2fzXGZ40LB6IKw45YeGUDY2I=
+github.com/hashicorp/errwrap v1.1.0/go.mod h1:YH+1FKiLXxHSkmPseP+kNlulaMuP3n2brvKWEqk/Jc4=
 github.com/hashicorp/go-multierror v1.1.1 h1:H5DkEtf6CXdFp0N0Em5UCwQpXMWke8IA0+lD48awMYo=
 github.com/hashicorp/go-multierror v1.1.1/go.mod h1:iw975J/qwKPdAO1clOe2L8331t/9/fmwbPZ6JB6eMoM=
 github.com/hpcloud/tail v1.0.0/go.mod h1:ab1qPbhIpdTxEkNHXyeSf5vhxWSCs/tWer42PpOxQnU=
-github.com/inconshreveable/mousetrap v1.0.0/go.mod h1:PxqpIevigyE2G7u3NXJIT2ANytuPF1OarO4DADm73n8=
-github.com/jaypipes/ghw v0.9.0 h1:TWF4wNIGtZcgDJaiNcFgby5BR8s2ixcUe0ydxNO2McY=
-github.com/jaypipes/ghw v0.9.0/go.mod h1:dXMo19735vXOjpIBDyDYSp31sB2u4hrtRCMxInqQ64k=
+github.com/itchyny/gojq v0.12.15 h1:WC1Nxbx4Ifw5U2oQWACYz32JK8G9qxNtHzrvW4KEcqI=
+github.com/itchyny/gojq v0.12.15/go.mod h1:uWAHCbCIla1jiNxmeT5/B5mOjSdfkCq6p8vxWg+BM10=
+github.com/itchyny/timefmt-go v0.1.5 h1:G0INE2la8S6ru/ZI5JecgyzbbJNs5lG1RcBqa7Jm6GE=
+github.com/itchyny/timefmt-go v0.1.5/go.mod h1:nEP7L+2YmAbT2kZ2HfSs1d8Xtw9LY8D2stDBckWakZ8=
+github.com/jaypipes/ghw v0.12.0 h1:xU2/MDJfWmBhJnujHY9qwXQLs3DBsf0/Xa9vECY0Tho=
+github.com/jaypipes/ghw v0.12.0/go.mod h1:jeJGbkRB2lL3/gxYzNYzEDETV1ZJ56OKr+CSeSEym+g=
 github.com/jaypipes/pcidb v1.0.0 h1:vtZIfkiCUE42oYbJS0TAq9XSfSmcsgo9IdxSm9qzYU8=
 github.com/jaypipes/pcidb v1.0.0/go.mod h1:TnYUvqhPBzCKnH34KrIX22kAeEbDCSRJ9cqLRCuNDfk=
 github.com/jessevdk/go-flags v1.4.0/go.mod h1:4FA24M0QyGHXBuZZK/XkWh8h0e1EYbRYJSGM75WSRxI=
+github.com/joho/godotenv v1.5.1 h1:7eLL/+HRGLY0ldzfGMeQkb7vMd0as4CfYvUVzLqw0N0=
+github.com/joho/godotenv v1.5.1/go.mod h1:f4LDr5Voq0i2e/R5DDNOoa2zzDfwtkZa6DnEwAbqwq4=
+github.com/jzelinskie/whirlpool v0.0.0-20201016144138-0675e54bb004 h1:G+9t9cEtnC9jFiTxyptEKuNIAbiN5ZCQzX2a74lj3xg=
+github.com/jzelinskie/whirlpool v0.0.0-20201016144138-0675e54bb004/go.mod h1:KmHnJWQrgEvbuy0vcvj00gtMqbvNn1L+3YUZLK/B92c=
+github.com/kairos-io/kairos-sdk v0.1.1 h1:A9/bweW+Oy0Tmp3l7R4kL4NZXTJcKPXpp1/7u/tAluE=
+github.com/kairos-io/kairos-sdk v0.1.1/go.mod h1:sR1X4B3F1nkaECQ1vdsJ78OIkfLfyB22/aIpdRQJ/Mo=
 github.com/kballard/go-shellquote v0.0.0-20180428030007-95032a82bc51 h1:Z9n2FFNUXsshfwJMBgNA0RU6/i7WVaAegv3PtuIHPMs=
-github.com/kr/pretty v0.1.0 h1:L/CwN0zerZDmRFUapSPitk6f+Q3+0za1rQkzVuMiMFI=
+github.com/kisielk/errcheck v1.5.0/go.mod h1:pFxgyoBC7bSaBwPgfKdkLd5X25qrDl4LWUI2bnpBCr8=
+github.com/kisielk/gotool v1.0.0/go.mod h1:XhKaO+MFFWcvkIS/tQcRk01m1F5IRFswLeQ+oQHNcck=
+github.com/klauspost/compress v1.17.4 h1:Ej5ixsIri7BrIjBkRZLTo6ghwrEtHFk7ijlczPW4fZ4=
+github.com/klauspost/compress v1.17.4/go.mod h1:/dCuZOvVtNoHsyb+cuJD3itjs3NbnF6KH9zAO4BDxPM=
+github.com/klauspost/cpuid/v2 v2.0.9/go.mod h1:FInQzS24/EEf25PyTYn52gqo7WaD8xa0213Md/qVLRg=
+github.com/klauspost/cpuid/v2 v2.0.10/go.mod h1:g2LTdtYhdyuGPqyWyv7qRAmj1WBqxuObKfj5c0PQa7c=
+github.com/klauspost/cpuid/v2 v2.0.12/go.mod h1:g2LTdtYhdyuGPqyWyv7qRAmj1WBqxuObKfj5c0PQa7c=
+github.com/klauspost/cpuid/v2 v2.2.3 h1:sxCkb+qR91z4vsqw4vGGZlDgPz3G7gjaLyK3V8y70BU=
 github.com/kr/pretty v0.1.0/go.mod h1:dAy3ld7l9f0ibDNOQOHHMYYIIbhfbHSm3C4ZsoJORNo=
+github.com/kr/pretty v0.2.1 h1:Fmg33tUaq4/8ym9TJN1x7sLJnHVwhP33CNkpYV/7rwI=
 github.com/kr/pty v1.1.1/go.mod h1:pFQYn66WHrOpPYNljwOMqo10TkYh1fy3cYio2l3bCsQ=
-github.com/kr/text v0.1.0 h1:45sCR5RtlFHMR4UwH9sdQ5TC8v0qDQCHnXt+kaKSTVE=
 github.com/kr/text v0.1.0/go.mod h1:4Jbv+DJW3UT/LiOwJeYQe1efqtUx/iVham/4vfdArNI=
-github.com/mitchellh/go-homedir v1.0.0/go.mod h1:SfyaCUpYCn1Vlf4IUYiD9fPX4A5wJrkLzIz1N1q0pr0=
+github.com/kr/text v0.2.0 h1:5Nx0Ya0ZqY2ygV366QzturHI13Jq95ApcVaJBhpS+AY=
+github.com/lithammer/fuzzysearch v1.1.8 h1:/HIuJnjHuXS8bKaiTMeeDlW2/AyIWk2brx1V8LFgLN4=
+github.com/lithammer/fuzzysearch v1.1.8/go.mod h1:IdqeyBClc3FFqSzYq/MXESsS4S0FsZ5ajtkr5xPLts4=
+github.com/mattn/go-colorable v0.1.13 h1:fFA4WZxdEF4tXPZVKMLwD8oUnCTTo08duU7wxecdEvA=
+github.com/mattn/go-colorable v0.1.13/go.mod h1:7S9/ev0klgBDR4GtXTXX8a3vIGJpMovkB8vQcUbaXHg=
+github.com/mattn/go-isatty v0.0.16/go.mod h1:kYGgaQfpe5nmfYZH+SKPsOc2e4SrIfOl2e/yFXSvRLM=
+github.com/mattn/go-isatty v0.0.19/go.mod h1:W+V8PltTTMOvKvAeJH7IuucS94S2C6jfK/D7dTCTo3Y=
+github.com/mattn/go-isatty v0.0.20 h1:xfD0iDuEKnDkl03q4limB+vH+GxLEtL/jb4xVJSWWEY=
+github.com/mattn/go-isatty v0.0.20/go.mod h1:W+V8PltTTMOvKvAeJH7IuucS94S2C6jfK/D7dTCTo3Y=
+github.com/mattn/go-runewidth v0.0.13/go.mod h1:Jdepj2loyihRzMpdS35Xk/zdY8IAYHsh153qUoGf23w=
+github.com/mattn/go-runewidth v0.0.15 h1:UNAjwbU9l54TA3KzvqLGxwWjHmMgBUVhBiTjelZgg3U=
+github.com/mattn/go-runewidth v0.0.15/go.mod h1:Jdepj2loyihRzMpdS35Xk/zdY8IAYHsh153qUoGf23w=
 github.com/mitchellh/go-homedir v1.1.0 h1:lukF9ziXFxDFPkA1vsr5zpc1XuPDn/wFntq5mG+4E0Y=
 github.com/mitchellh/go-homedir v1.1.0/go.mod h1:SfyaCUpYCn1Vlf4IUYiD9fPX4A5wJrkLzIz1N1q0pr0=
-github.com/mudler/go-pluggable v0.0.0-20220716112424-189d463e3ff3 h1:t4X6t8WisUy5mExfS58RBOkzaEGmuor5kOUMQS8lT2g=
-github.com/mudler/go-pluggable v0.0.0-20220716112424-189d463e3ff3/go.mod h1:WmKcT8ONmhDQIqQ+HxU+tkGWjzBEyY/KFO8LTGCu4AI=
+github.com/moby/sys/mountinfo v0.6.2 h1:BzJjoreD5BMFNmD9Rus6gdd1pLuecOFPt8wC+Vygl78=
+github.com/moby/sys/sequential v0.5.0 h1:OPvI35Lzn9K04PBbCLW0g4LcFAJgHsvXsRyewg5lXtc=
+github.com/moby/sys/sequential v0.5.0/go.mod h1:tH2cOOs5V9MlPiXcQzRC+eEyab644PWKGRYaaV5ZZlo=
+github.com/moby/term v0.0.0-20221205130635-1aeaba878587 h1:HfkjXDfhgVaN5rmueG8cL8KKeFNecRCXFhaJ2qZ5SKA=
+github.com/morikuni/aec v1.0.0 h1:nP9CBfwrvYnBRgY6qfDQkygYDmYwOilePFkwzv4dU8A=
+github.com/mudler/go-pluggable v0.0.0-20230126220627-7710299a0ae5 h1:FaZD86+A9mVt7lh9glAryzQblMsbJYU2VnrdZ8yHlTs=
+github.com/mudler/go-pluggable v0.0.0-20230126220627-7710299a0ae5/go.mod h1:WmKcT8ONmhDQIqQ+HxU+tkGWjzBEyY/KFO8LTGCu4AI=
+github.com/nfnt/resize v0.0.0-20180221191011-83c6a9932646 h1:zYyBkD/k9seD2A7fsi6Oo2LfFZAehjjQMERAvZLEDnQ=
+github.com/nfnt/resize v0.0.0-20180221191011-83c6a9932646/go.mod h1:jpp1/29i3P1S/RLdc7JQKbRpFeM1dOBd8T9ki5s+AY8=
 github.com/nxadm/tail v1.4.4 h1:DQuhQpB1tVlglWS2hLQ5OV6B5r8aGxSrPc5Qo6uTN78=
 github.com/nxadm/tail v1.4.4/go.mod h1:kenIhsEOeOJmVchQTgglprH7qJGnHDVpk1VPCcaMI8A=
 github.com/onsi/ginkgo v1.6.0/go.mod h1:lLunBs/Ym6LB5Z9jYTR76FiuTmxDTDusOGeTQH+WWjE=
 github.com/onsi/ginkgo v1.12.1/go.mod h1:zj2OWP4+oCPe1qIXoGWkgMRwljMUYCdkwsT2108oapk=
 github.com/onsi/ginkgo v1.14.2 h1:8mVmC9kjFFmA8H4pKMUhcblgifdkOIXPvbhN1T36q1M=
 github.com/onsi/ginkgo v1.14.2/go.mod h1:iSB4RoI2tjJc9BBv4NKIKWKya62Rps+oPG/Lv9klQyY=
-github.com/onsi/ginkgo/v2 v2.5.0 h1:TRtrvv2vdQqzkwrQ1ke6vtXf7IK34RBUJafIy1wMwls=
-github.com/onsi/ginkgo/v2 v2.5.0/go.mod h1:Luc4sArBICYCS8THh8v3i3i5CuSZO+RaQRaJoeNwomw=
+github.com/onsi/ginkgo/v2 v2.12.1 h1:uHNEO1RP2SpuZApSkel9nEh1/Mu+hmQe7Q+Pepg5OYA=
+github.com/onsi/ginkgo/v2 v2.12.1/go.mod h1:TE309ZR8s5FsKKpuB1YAQYBzCaAfUgatB/xlT/ETL/o=
 github.com/onsi/gomega v1.7.1/go.mod h1:XdKZgCCFLUoM/7CFJVPcG8C1xQ1AJ0vpAezJrB7JYyY=
 github.com/onsi/gomega v1.10.1/go.mod h1:iN09h71vgCQne3DLsj+A5owkum+a2tYe+TOCB1ybHNo=
 github.com/onsi/gomega v1.10.3/go.mod h1:V9xEwhxec5O8UDM77eCW8vLymOMltsqPVYWrpDsH8xc=
-github.com/onsi/gomega v1.24.0 h1:+0glovB9Jd6z3VR+ScSwQqXVTIfJcGA9UBM8yzQxhqg=
-github.com/onsi/gomega v1.24.0/go.mod h1:Z/NWtiqwBrwUt4/2loMmHL63EDLnYHmVbuBpDr2vQAg=
-github.com/otiai10/copy v1.7.0 h1:hVoPiN+t+7d2nzzwMiDHPSOogsWAStewq3TwU05+clE=
-github.com/otiai10/copy v1.7.0/go.mod h1:rmRl6QPdJj6EiUqXQ/4Nn2lLXoNQjFCQbbNrxgc/t3U=
-github.com/otiai10/curr v0.0.0-20150429015615-9b4961190c95/go.mod h1:9qAhocn7zKJG+0mI8eUu6xqkFDYS2kb2saOteoSB3cE=
-github.com/otiai10/curr v1.0.0/go.mod h1:LskTG5wDwr8Rs+nNQ+1LlxRjAtTZZjtJW4rMXl6j4vs=
-github.com/otiai10/mint v1.3.0/go.mod h1:F5AjcsTsWUqX+Na9fpHb52P8pcRX2CI6A3ctIT91xUo=
-github.com/otiai10/mint v1.3.3 h1:7JgpsBaN0uMkyju4tbYHu0mnM55hNKVYLsXmwr15NQI=
-github.com/otiai10/mint v1.3.3/go.mod h1:/yxELlJQ0ufhjUwhshSj+wFjZ78CnZ48/1wtmBH1OTc=
+github.com/onsi/gomega v1.28.0 h1:i2rg/p9n/UqIDAMFUJ6qIUUMcsqOuUHgbpbu235Vr1c=
+github.com/onsi/gomega v1.28.0/go.mod h1:A1H2JE76sI14WIP57LMKj7FVfCHx3g3BcZVjJG8bjX8=
+github.com/opencontainers/go-digest v1.0.0 h1:apOUWs51W5PlhuyGyz9FCeeBIOUDA/6nW8Oi/yOhh5U=
+github.com/opencontainers/go-digest v1.0.0/go.mod h1:0JzlMkj0TRzQZfJkVvzbP0HBR3IKzErnv2BNG4W4MAM=
+github.com/opencontainers/image-spec v1.1.0-rc3 h1:fzg1mXZFj8YdPeNkRXMg+zb88BFV0Ys52cJydRwBkb8=
+github.com/opencontainers/image-spec v1.1.0-rc3/go.mod h1:X4pATf0uXsnn3g5aiGIsVnJBR4mxhKzfwmvK/B2NTm8=
+github.com/otiai10/copy v1.14.0 h1:dCI/t1iTdYGtkvCuBG2BgR6KZa83PTclw4U5n2wAllU=
+github.com/otiai10/copy v1.14.0/go.mod h1:ECfuL02W+/FkTWZWgQqXPWZgW9oeKCSQ5qVfSc4qc4w=
+github.com/otiai10/mint v1.5.1 h1:XaPLeE+9vGbuyEHem1JNk3bYc7KKqyI/na0/mLd/Kks=
 github.com/pkg/errors v0.9.1 h1:FEBLx1zS214owpjy7qsBeixbURkuhQAwrK5UwLGTwt4=
 github.com/pkg/errors v0.9.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0=
 github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM=
 github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4=
-github.com/russross/blackfriday/v2 v2.0.1 h1:lPqVAte+HuHNfhJ/0LC98ESWRz8afy9tM/0RK8m9o+Q=
-github.com/russross/blackfriday/v2 v2.0.1/go.mod h1:+Rmxgy9KzJVeS9/2gXHxylqXiyQDYRxCVz55jmeOWTM=
-github.com/shurcooL/sanitized_anchor_name v1.0.0 h1:PdmoCO6wvbs+7yrJyMORt4/BmY5IYyJwS/kOiWx8mHo=
-github.com/shurcooL/sanitized_anchor_name v1.0.0/go.mod h1:1NzhyTcUVG4SuEtjjoZeVRXNmyL/1OwPU0+IJeTBvfc=
-github.com/spf13/cobra v0.0.3/go.mod h1:1l0Ry5zgKvJasoi3XT1TypsSe7PqH0Sj9dhYf7v3XqQ=
-github.com/spf13/pflag v1.0.2/go.mod h1:DYY7MBk1bdzusC3SYhjObp+wFpr4gzcvqqNjLnInEg4=
-github.com/stretchr/testify v1.8.0 h1:pSgiaMZlXftHpm5L7V1+rVB+AZJydKsMxsQBIJw4PKk=
+github.com/prometheus/client_model v0.0.0-20190812154241-14fe0d1b01d4/go.mod h1:xMI15A0UPsDsEKsMN9yxemIoYk6Tm2C1GtYGdfGttqA=
+github.com/pterm/pterm v0.12.27/go.mod h1:PhQ89w4i95rhgE+xedAoqous6K9X+r6aSOI2eFF7DZI=
+github.com/pterm/pterm v0.12.29/go.mod h1:WI3qxgvoQFFGKGjGnJR849gU0TsEOvKn5Q8LlY1U7lg=
+github.com/pterm/pterm v0.12.30/go.mod h1:MOqLIyMOgmTDz9yorcYbcw+HsgoZo3BQfg2wtl3HEFE=
+github.com/pterm/pterm v0.12.31/go.mod h1:32ZAWZVXD7ZfG0s8qqHXePte42kdz8ECtRyEejaWgXU=
+github.com/pterm/pterm v0.12.33/go.mod h1:x+h2uL+n7CP/rel9+bImHD5lF3nM9vJj80k9ybiiTTE=
+github.com/pterm/pterm v0.12.36/go.mod h1:NjiL09hFhT/vWjQHSj1athJpx6H8cjpHXNAK5bUw8T8=
+github.com/pterm/pterm v0.12.40/go.mod h1:ffwPLwlbXxP+rxT0GsgDTzS3y3rmpAO1NMjUkGTYf8s=
+github.com/pterm/pterm v0.12.63 h1:fHlrpFiI9qLtEU0TWDWMU+tAt4qKJ/s157BEAPtGm8w=
+github.com/pterm/pterm v0.12.63/go.mod h1:Bq1eoUJ6BhUzzXG8WxA4l7T3s7d3Ogwg7v9VXlsVat0=
+github.com/qeesung/image2ascii v1.0.1 h1:Fe5zTnX/v/qNC3OC4P/cfASOXS501Xyw2UUcgrLgtp4=
+github.com/qeesung/image2ascii v1.0.1/go.mod h1:kZKhyX0h2g/YXa/zdJR3JnLnJ8avHjZ3LrvEKSYyAyU=
+github.com/rivo/uniseg v0.2.0/go.mod h1:J6wj4VEh+S6ZtnVlnTBMWIodfgj8LQOQFoIToxlJtxc=
+github.com/rivo/uniseg v0.4.7 h1:WUdvkW8uEhrYfLC4ZzdpI2ztxP1I582+49Oc5Mq64VQ=
+github.com/rivo/uniseg v0.4.7/go.mod h1:FN3SvrM+Zdj16jyLfmOkMNblXMcoc8DfTHruCPUcx88=
+github.com/rs/xid v1.5.0/go.mod h1:trrq9SKmegXys3aeAKXMUTdJsYXVwGY3RLcfgqegfbg=
+github.com/rs/zerolog v1.32.0 h1:keLypqrlIjaFsbmJOBdB/qvyF8KEtCWHwobLp5l/mQ0=
+github.com/rs/zerolog v1.32.0/go.mod h1:/7mN4D5sKwJLZQ2b/znpjC3/GQWY/xaDXUM0kKWRHss=
+github.com/russross/blackfriday/v2 v2.1.0 h1:JIOH55/0cWyOuilr9/qlrm0BSXldqnqwMsf35Ld67mk=
+github.com/russross/blackfriday/v2 v2.1.0/go.mod h1:+Rmxgy9KzJVeS9/2gXHxylqXiyQDYRxCVz55jmeOWTM=
+github.com/sergi/go-diff v1.2.0 h1:XU+rvMAioB0UC3q1MFrIQy4Vo5/4VsRDQQXHsEya6xQ=
+github.com/sergi/go-diff v1.2.0/go.mod h1:STckp+ISIX8hZLjrqAeVduY0gWCT9IjLuqbuNXdaHfM=
+github.com/sirupsen/logrus v1.9.0/go.mod h1:naHLuLoDiP4jHNo9R0sCBMtWGeIprob74mVsIT4qYEQ=
+github.com/sirupsen/logrus v1.9.3 h1:dueUQJ1C2q9oE3F7wvmSGAaVtTmUizReu6fjN8uqzbQ=
+github.com/sirupsen/logrus v1.9.3/go.mod h1:naHLuLoDiP4jHNo9R0sCBMtWGeIprob74mVsIT4qYEQ=
+github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME=
+github.com/stretchr/objx v0.4.0/go.mod h1:YvHI0jy2hoMjB+UWwv71VJQ9isScKT/TqJzVSSt89Yw=
+github.com/stretchr/objx v0.5.0 h1:1zr/of2m5FGMsad5YfcqgdqdWrIhu+EBEJRhR1U7z/c=
+github.com/stretchr/objx v0.5.0/go.mod h1:Yh+to48EsGEfYuaHDzXPcE3xhTkx73EhmCGUpEOglKo=
+github.com/stretchr/testify v1.4.0/go.mod h1:j7eGeouHqKxXV5pUuKE4zz7dFj8WfuZ+81PSLYec5m4=
+github.com/stretchr/testify v1.6.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg=
+github.com/stretchr/testify v1.7.0/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg=
+github.com/stretchr/testify v1.7.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg=
+github.com/stretchr/testify v1.8.0/go.mod h1:yNjHg4UonilssWZ8iaSj1OCr/vHnekPRkoO+kdMU+MU=
+github.com/stretchr/testify v1.8.1/go.mod h1:w2LPCIKwWwSfY2zedu0+kehJoqGctiVI29o6fzry7u4=
+github.com/stretchr/testify v1.8.4 h1:CcVxjf3Q8PM0mHUKJCdn+eZZtm5yQwehR5yeSVQQcUk=
+github.com/stretchr/testify v1.8.4/go.mod h1:sz/lmYIOXD/1dqDmKjjqLyZ2RngseejIcXlSw2iwfAo=
 github.com/tmc/scp v0.0.0-20170824174625-f7b48647feef h1:7D6Nm4D6f0ci9yttWaKjM1TMAXrH5Su72dojqYGntFY=
-github.com/urfave/cli v1.22.9 h1:cv3/KhXGBGjEXLC4bH0sLuJ9BewaAbpk5oyMOveu4pw=
-github.com/urfave/cli v1.22.9/go.mod h1:Gos4lmkARVdJ6EkW0WaNv/tZAAMe9V7XWyB60NtXRu0=
+github.com/urfave/cli v1.22.12/go.mod h1:sSBEIC79qR6OvcmsD4U3KABeOTxDqQtdDnaFuUN30b8=
+github.com/urfave/cli v1.22.14 h1:ebbhrRiGK2i4naQJr+1Xj92HXZCrK7MsyTS/ob3HnAk=
+github.com/urfave/cli v1.22.14/go.mod h1:X0eDS6pD6Exaclxm99NJ3FiCDRED7vIHpx2mDOHLvkA=
+github.com/vbatts/tar-split v0.11.3 h1:hLFqsOLQ1SsppQNTMpkpPXClLDfC2A3Zgy9OUU+RVck=
+github.com/vbatts/tar-split v0.11.3/go.mod h1:9QlHN18E+fEH7RdG+QAJJcuya3rqT7eXSTY7wGrAokY=
+github.com/wayneashleyberry/terminal-dimensions v1.1.0 h1:EB7cIzBdsOzAgmhTUtTTQXBByuPheP/Zv1zL2BRPY6g=
+github.com/wayneashleyberry/terminal-dimensions v1.1.0/go.mod h1:2lc/0eWCObmhRczn2SdGSQtgBooLUzIotkkEGXqghyg=
+github.com/xo/terminfo v0.0.0-20210125001918-ca9a967f8778/go.mod h1:2MuV+tbUrU1zIOPMxZ5EncGwgmMJsa+9ucAQZXxsObs=
+github.com/xo/terminfo v0.0.0-20220910002029-abceb7e1c41e h1:JVG44RsyaB9T2KIHavMF/ppJZNG9ZpyihvCd0w101no=
+github.com/xo/terminfo v0.0.0-20220910002029-abceb7e1c41e/go.mod h1:RbqR21r5mrJuqunuUZ/Dhy/avygyECGrLceyNeo4LiM=
+github.com/yuin/goldmark v1.1.27/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74=
+github.com/yuin/goldmark v1.2.1/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74=
+github.com/yuin/goldmark v1.4.13/go.mod h1:6yULJ656Px+3vBD8DxQVa3kxgyrAnzto9xy5taEt/CY=
+go.opencensus.io v0.24.0 h1:y73uSU6J157QMP2kn2r30vwW1A2W2WFwSCGnAVxeaD0=
+go.opencensus.io v0.24.0/go.mod h1:vNK8G9p7aAivkbmorf4v+7Hgx+Zs0yY+0fOtgBfjQKo=
 golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w=
+golang.org/x/crypto v0.0.0-20191011191535-87dc89f01550/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI=
 golang.org/x/crypto v0.0.0-20200622213623-75b288015ac9/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto=
-golang.org/x/crypto v0.0.0-20220722155217-630584e8d5aa h1:zuSxTR4o9y82ebqCUJYNGJbGPo6sKVl54f/TVDObg1c=
-golang.org/x/crypto v0.0.0-20220722155217-630584e8d5aa/go.mod h1:IxCIyHEi3zRg3s0A5j5BB6A9Jmi73HwBIUl50j+osU4=
+golang.org/x/crypto v0.0.0-20210921155107-089bfa567519/go.mod h1:GvvjBRRGRdwPK5ydBHafDWAxML/pGHZbMvKqRZ5+Abc=
+golang.org/x/crypto v0.22.0 h1:g1v0xeRhjcugydODzvb3mEM9SQ0HGp9s/nh3COQ/C30=
+golang.org/x/crypto v0.22.0/go.mod h1:vr6Su+7cTlO45qkww3VDJlzDn0ctJvRgYbC2NvXHt+M=
+golang.org/x/exp v0.0.0-20190121172915-509febef88a4/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA=
+golang.org/x/exp v0.0.0-20220909182711-5c715a9e8561 h1:MDc5xs78ZrZr3HMQugiXOAkSZtfTpbJLDr/lwfgO53E=
+golang.org/x/lint v0.0.0-20181026193005-c67002cb31c3/go.mod h1:UVdnD1Gm6xHRNCYTkRU2/jEulfH38KcIWyp/GAMgvoE=
+golang.org/x/lint v0.0.0-20190227174305-5b3e6a55c961/go.mod h1:wehouNa3lNwaWXcvxsM5YxQ5yQlVC4a0KAMCusXpPoU=
+golang.org/x/lint v0.0.0-20190313153728-d0100b6bd8b3/go.mod h1:6SW0HCj/g11FgYtHlgUYUwCkIfeOF89ocIRzGO/8vkc=
+golang.org/x/mod v0.2.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA=
+golang.org/x/mod v0.3.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA=
+golang.org/x/mod v0.6.0-dev.0.20220419223038-86c51ed26bb4/go.mod h1:jJ57K6gSWd91VN4djpZkiMVwK6gcyfeH4XE8wZrZaV4=
+golang.org/x/mod v0.8.0/go.mod h1:iBbtSCu2XBx23ZKBPSOrRkjjQPZFPuis4dIYUhu/chs=
+golang.org/x/mod v0.15.0 h1:SernR4v+D55NyBH2QiEQrlBAnj1ECL6AGrA5+dPaMY8=
+golang.org/x/mod v0.15.0/go.mod h1:hTbmBsO62+eylJbnUtE2MGJUyE7QWk4xUqPFrRgJ+7c=
+golang.org/x/net v0.0.0-20180724234803-3673e40ba225/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4=
+golang.org/x/net v0.0.0-20180826012351-8a410e7b638d/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4=
 golang.org/x/net v0.0.0-20180906233101-161cd47e91fd/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4=
+golang.org/x/net v0.0.0-20190213061140-3a22650c66bd/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4=
+golang.org/x/net v0.0.0-20190311183353-d8887717615a/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg=
 golang.org/x/net v0.0.0-20190404232315-eb5bcb51f2a3/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg=
+golang.org/x/net v0.0.0-20190620200207-3b0461eec859/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s=
+golang.org/x/net v0.0.0-20200226121028-0de0cce0169b/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s=
 golang.org/x/net v0.0.0-20200520004742-59133d7f0dd7/go.mod h1:qpuaurCH72eLCgpAm/N6yyVIVM9cpaDIP3A8BGJEC5A=
 golang.org/x/net v0.0.0-20201006153459-a7d1128ccaa0/go.mod h1:sp8m0HH+o8qH0wwXwYZr8TS3Oi6o0r6Gce1SSxlDquU=
-golang.org/x/net v0.1.0 h1:hZ/3BUoy5aId7sCpA/Tc5lt8DkFgdVS2onTpJsZ/fl0=
-golang.org/x/net v0.1.0/go.mod h1:Cx3nUiGt4eDBEyega/BKRp+/AlGL8hYe7U9odMt2Cco=
+golang.org/x/net v0.0.0-20201021035429-f5854403a974/go.mod h1:sp8m0HH+o8qH0wwXwYZr8TS3Oi6o0r6Gce1SSxlDquU=
+golang.org/x/net v0.0.0-20201110031124-69a78807bb2b/go.mod h1:sp8m0HH+o8qH0wwXwYZr8TS3Oi6o0r6Gce1SSxlDquU=
+golang.org/x/net v0.0.0-20210226172049-e18ecbb05110/go.mod h1:m0MpNAwzfU5UDzcl9v0D8zg8gWTRqZa9RBIspLL5mdg=
+golang.org/x/net v0.0.0-20220722155237-a158d28d115b/go.mod h1:XRhObCWvk6IyKnWLug+ECip1KBveYUHfp+8e9klMJ9c=
+golang.org/x/net v0.6.0/go.mod h1:2Tu9+aMcznHK/AK1HMvgo6xiTLG5rD5rZLDS+rp2Bjs=
+golang.org/x/net v0.23.0 h1:7EYJ93RZ9vYSZAIb2x3lnuvqO5zneoD6IvWjuhfxjTs=
+golang.org/x/net v0.23.0/go.mod h1:JKghWKKOSdJwpW2GEx0Ja7fmaKnMsbu+MWVZTokSYmg=
+golang.org/x/oauth2 v0.0.0-20180821212333-d2e6202438be/go.mod h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U=
 golang.org/x/sync v0.0.0-20180314180146-1d60e4601c6f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
+golang.org/x/sync v0.0.0-20181108010431-42b317875d0f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
+golang.org/x/sync v0.0.0-20190423024810-112230192c58/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
+golang.org/x/sync v0.0.0-20190911185100-cd5d95a43a6e/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
+golang.org/x/sync v0.0.0-20201020160332-67f06af15bc9/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
+golang.org/x/sync v0.0.0-20220722155255-886fb9371eb4/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
+golang.org/x/sync v0.1.0/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
+golang.org/x/sync v0.6.0 h1:5BMeUDZ7vkXGfEr1x9B4bRcTH4lpkTkpdh0T/J+qjbQ=
+golang.org/x/sync v0.6.0/go.mod h1:Czt+wKu1gCyEFDUtn0jG5QVvpJ6rzVqr5aXyt9drQfk=
+golang.org/x/sys v0.0.0-20180830151530-49385e6e1522/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
 golang.org/x/sys v0.0.0-20180909124046-d0be0721c37e/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
 golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
 golang.org/x/sys v0.0.0-20190412213103-97732733099d/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
@@ -111,36 +319,98 @@ golang.org/x/sys v0.0.0-20191120155948-bd437916bb0e/go.mod h1:h1NjWce9XRLGQEsW7w
 golang.org/x/sys v0.0.0-20200323222414-85ca7c5b95cd/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
 golang.org/x/sys v0.0.0-20200519105757-fe76b779f299/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
 golang.org/x/sys v0.0.0-20200930185726-fdedc70b468f/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
+golang.org/x/sys v0.0.0-20201119102817-f84b799fce68/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
+golang.org/x/sys v0.0.0-20210124154548-22da62e12c0c/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
+golang.org/x/sys v0.0.0-20210330210617-4fbd30eecc44/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
+golang.org/x/sys v0.0.0-20210615035016-665e8c7367d1/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
+golang.org/x/sys v0.0.0-20211013075003-97ac67df715c/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
 golang.org/x/sys v0.0.0-20220319134239-a9b59b0215f8/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
-golang.org/x/sys v0.1.0 h1:kunALQeHf1/185U1i0GOB/fy1IPRDDpuoOOqRReG57U=
-golang.org/x/sys v0.1.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
+golang.org/x/sys v0.0.0-20220520151302-bc2c85ada10a/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
+golang.org/x/sys v0.0.0-20220715151400-c0bba94af5f8/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
+golang.org/x/sys v0.0.0-20220722155257-8c9f86f7a55f/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
+golang.org/x/sys v0.0.0-20220811171246-fbc7d0a398ab/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
+golang.org/x/sys v0.0.0-20220906165534-d0df966e6959/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
+golang.org/x/sys v0.5.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
+golang.org/x/sys v0.6.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
+golang.org/x/sys v0.12.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
+golang.org/x/sys v0.19.0 h1:q5f1RH2jigJ1MoAWp2KTp3gm5zAGFUTarQZ5U386+4o=
+golang.org/x/sys v0.19.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA=
+golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo=
+golang.org/x/term v0.0.0-20210220032956-6a3ed077a48d/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo=
+golang.org/x/term v0.0.0-20210615171337-6886f2dfbf5b/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8=
+golang.org/x/term v0.0.0-20210927222741-03fcf44c2211/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8=
+golang.org/x/term v0.5.0/go.mod h1:jMB1sMXY+tzblOD4FWmEbocvup2/aLOaQEp7JmGp78k=
+golang.org/x/term v0.19.0 h1:+ThwsDv+tYfnJFhF4L8jITxu1tdTWRTZpdsWgEgjL6Q=
+golang.org/x/term v0.19.0/go.mod h1:2CuTdWZ7KHSQwUzKva0cbMg6q2DMI3Mmxp+gKJbskEk=
 golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
 golang.org/x/text v0.3.2/go.mod h1:bEr9sfX3Q8Zfm5fL9x+3itogRgK3+ptLWKqgva+5dAk=
 golang.org/x/text v0.3.3/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ=
-golang.org/x/text v0.4.0 h1:BrVqGRd7+k1DiOgtnFvAkoQEWQvBc25ouMJM6429SFg=
-golang.org/x/text v0.4.0/go.mod h1:mrYo+phRRbMaCq/xk9113O4dZlRixOauAjOtrjsXDZ8=
+golang.org/x/text v0.3.7/go.mod h1:u+2+/6zg+i71rQMx5EYifcz6MCKuco9NR6JIITiCfzQ=
+golang.org/x/text v0.7.0/go.mod h1:mrYo+phRRbMaCq/xk9113O4dZlRixOauAjOtrjsXDZ8=
+golang.org/x/text v0.9.0/go.mod h1:e1OnstbJyHTd6l/uOt8jFFHp6TRDWZR/bV3emEE/zU8=
+golang.org/x/text v0.14.0 h1:ScX5w1eTa3QqT8oi6+ziP7dTV1S2+ALU0bI+0zXKWiQ=
+golang.org/x/text v0.14.0/go.mod h1:18ZOQIKpY8NJVqYksKHtTdi31H5itFRjB5/qKTNYzSU=
+golang.org/x/time v0.0.0-20220210224613-90d013bbcef8 h1:vVKdlvoWBphwdxWKrFZEuM0kGgGLxUOYcY4U/2Vjg44=
 golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ=
+golang.org/x/tools v0.0.0-20190114222345-bf090417da8b/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ=
+golang.org/x/tools v0.0.0-20190226205152-f727befe758c/go.mod h1:9Yl7xja0Znq3iFh3HoIrodX9oNMXvdceNzlUR8zjMvY=
+golang.org/x/tools v0.0.0-20190311212946-11955173bddd/go.mod h1:LCzVGOaR6xXOjkQ3onu1FJEFr0SW1gC7cKk1uF8kGRs=
+golang.org/x/tools v0.0.0-20190524140312-2c0ae7006135/go.mod h1:RgjU9mgBXZiqYHBnxXauZ1Gv1EHHAz9KjViQ78xBX0Q=
+golang.org/x/tools v0.0.0-20191119224855-298f0cb1881e/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo=
+golang.org/x/tools v0.0.0-20200619180055-7c47624df98f/go.mod h1:EkVYQZoAsY45+roYkvgYkIh4xh/qjgUK9TdY2XT94GE=
+golang.org/x/tools v0.0.0-20210106214847-113979e3529a/go.mod h1:emZCQorbCU4vsT4fOWvOPXz4eW1wZW4PmDk9uLelYpA=
+golang.org/x/tools v0.1.12/go.mod h1:hNGJHUnrk76NpqgfD5Aqm5Crs+Hm0VOH/i9J2+nxYbc=
+golang.org/x/tools v0.6.0/go.mod h1:Xwgl3UAJ/d3gWutnCtw505GrjyAbvKui8lOU390QaIU=
+golang.org/x/tools v0.18.0 h1:k8NLag8AGHnn+PHbl7g43CtqZAwG60vZkLqgyZgIHgQ=
+golang.org/x/tools v0.18.0/go.mod h1:GL7B4CwcLLeo59yx/9UWWuNOW1n3VZ4f5axWfML7Lcg=
+golang.org/x/xerrors v0.0.0-20190717185122-a985d3407aa7/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
+golang.org/x/xerrors v0.0.0-20191011141410-1b5146add898/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
 golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
+golang.org/x/xerrors v0.0.0-20200804184101-5ec99f83aff1/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
+google.golang.org/appengine v1.1.0/go.mod h1:EbEs0AVv82hx2wNQdGPgUI5lhzA/G0D9YwlJXL52JkM=
+google.golang.org/appengine v1.4.0/go.mod h1:xpcJRLb0r/rnEns0DIKYYv+WjYCduHsrkT7/EB5XEv4=
+google.golang.org/genproto v0.0.0-20180817151627-c66870c02cf8/go.mod h1:JiN7NxoALGmiZfu7CAH4rXhgtRTLTxftemlI0sWmxmc=
+google.golang.org/genproto v0.0.0-20190819201941-24fa4b261c55/go.mod h1:DMBHOl98Agz4BDEuKkezgsaosCRResVns1a3J2ZsMNc=
+google.golang.org/genproto v0.0.0-20200526211855-cb27e3aa2013/go.mod h1:NbSheEEYHJ7i3ixzK3sjbqSGDJWnxyFXZblF3eUsNvo=
+google.golang.org/genproto/googleapis/rpc v0.0.0-20230711160842-782d3b101e98 h1:bVf09lpb+OJbByTj913DRJioFFAjf/ZGxEz7MajTp2U=
+google.golang.org/genproto/googleapis/rpc v0.0.0-20230711160842-782d3b101e98/go.mod h1:TUfxEVdsvPg18p6AslUXFoLdpED4oBnGwyqk3dV1XzM=
+google.golang.org/grpc v1.19.0/go.mod h1:mqu4LbDTu4XGKhr4mRzUsmM4RtVoemTSY81AxZiDr8c=
+google.golang.org/grpc v1.23.0/go.mod h1:Y5yQAOtifL1yxbo5wqy6BxZv8vAUGQwXBOALyacEbxg=
+google.golang.org/grpc v1.25.1/go.mod h1:c3i+UQWmh7LiEpx4sFZnkU36qjEYZ0imhYfXVyQciAY=
+google.golang.org/grpc v1.27.0/go.mod h1:qbnxyOmOxrQa7FizSgH+ReBfzJrCY1pSN7KXBS8abTk=
+google.golang.org/grpc v1.33.2/go.mod h1:JMHMWHQWaTccqQQlmk3MJZS+GWXOdAesneDmEnv2fbc=
+google.golang.org/grpc v1.58.3 h1:BjnpXut1btbtgN/6sp+brB2Kbm2LjNXnidYujAVbSoQ=
+google.golang.org/grpc v1.58.3/go.mod h1:tgX3ZQDlNJGU96V6yHh1T/JeoBQ2TXdr43YbYSsCJk0=
 google.golang.org/protobuf v0.0.0-20200109180630-ec00e32a8dfd/go.mod h1:DFci5gLYBciE7Vtevhsrf46CRTquxDuWsQurQQe4oz8=
 google.golang.org/protobuf v0.0.0-20200221191635-4d8936d0db64/go.mod h1:kwYJMbMJ01Woi6D6+Kah6886xMZcty6N08ah7+eCXa0=
 google.golang.org/protobuf v0.0.0-20200228230310-ab0ca4ff8a60/go.mod h1:cfTl7dwQJ+fmap5saPgwCLgHXTUD7jkjRqWcaiX5VyM=
 google.golang.org/protobuf v1.20.1-0.20200309200217-e05f789c0967/go.mod h1:A+miEFZTKqfCUM6K7xSMQL9OKL/b6hQv+e19PK+JZNE=
 google.golang.org/protobuf v1.21.0/go.mod h1:47Nbq4nVaFHyn7ilMalzfO3qCViNmqZ2kzikPIcrTAo=
+google.golang.org/protobuf v1.22.0/go.mod h1:EGpADcykh3NcUnDUJcl1+ZksZNG86OlYog2l/sGQquU=
 google.golang.org/protobuf v1.23.0/go.mod h1:EGpADcykh3NcUnDUJcl1+ZksZNG86OlYog2l/sGQquU=
-google.golang.org/protobuf v1.28.0 h1:w43yiav+6bVFTBQFZX0r7ipe9JQ1QsbMgHwbBziscLw=
+google.golang.org/protobuf v1.23.1-0.20200526195155-81db48ad09cc/go.mod h1:EGpADcykh3NcUnDUJcl1+ZksZNG86OlYog2l/sGQquU=
+google.golang.org/protobuf v1.25.0/go.mod h1:9JNX74DMeImyA3h4bdi1ymwjUzf21/xIlbajtzgsN7c=
+google.golang.org/protobuf v1.33.0 h1:uNO2rsAINq/JlFpSdYEKIZ0uKD/R9cpdv0T+yoGwGmI=
+google.golang.org/protobuf v1.33.0/go.mod h1:c6P6GXX6sHbq/GpV6MGZEdwhWPcYBgnhAHhKbcUYpos=
 gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
-gopkg.in/check.v1 v1.0.0-20180628173108-788fd7840127 h1:qIbj1fsPNlZgppZ+VLlY7N33q108Sa+fhmuc+sWQYwY=
-gopkg.in/check.v1 v1.0.0-20180628173108-788fd7840127/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
+gopkg.in/check.v1 v1.0.0-20190902080502-41f04d3bba15/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
+gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c h1:Hei/4ADfdWqJk1ZMxUNpqntNwaWcugrBjAiHlqqRiVk=
 gopkg.in/fsnotify.v1 v1.4.7/go.mod h1:Tz8NjZHkW78fSQdbUxIjBTcgA1z1m8ZHf0WmKUhAMys=
 gopkg.in/tomb.v1 v1.0.0-20141024135613-dd632973f1e7 h1:uRGJdciOHaEIrze2W8Q3AKkepLTh2hOroT7a+7czfdQ=
 gopkg.in/tomb.v1 v1.0.0-20141024135613-dd632973f1e7/go.mod h1:dt/ZhP58zS4L8KSrWDmTeBkI65Dw0HsyUHuEVlX15mw=
+gopkg.in/yaml.v1 v1.0.0-20140924161607-9f9df34309c0 h1:POO/ycCATvegFmVuPpQzZFJ+pGZeX22Ufu6fibxDVjU=
 gopkg.in/yaml.v1 v1.0.0-20140924161607-9f9df34309c0/go.mod h1:WDnlLJ4WF5VGsH/HVa3CI79GS0ol3YnhVnKP89i0kNg=
 gopkg.in/yaml.v2 v2.2.2/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI=
 gopkg.in/yaml.v2 v2.2.4/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI=
 gopkg.in/yaml.v2 v2.3.0/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI=
 gopkg.in/yaml.v2 v2.4.0 h1:D8xgwECY7CYvx+Y2n4sBz93Jn9JRvxdiyyo8CTfuKaY=
 gopkg.in/yaml.v2 v2.4.0/go.mod h1:RDklbk79AGWmwhnvt/jBztapEOGDOx6ZbXqjP6csGnQ=
+gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=
+gopkg.in/yaml.v3 v3.0.0-20210107192922-496545a6307b/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=
 gopkg.in/yaml.v3 v3.0.1 h1:fxVm/GzAzEWqLHuvctI91KS9hhNmmWOoWu0XTYJS7CA=
 gopkg.in/yaml.v3 v3.0.1/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=
+gotest.tools/v3 v3.4.0 h1:ZazjZUfuVeZGLAmlKKuyv3IKP5orXcwtOwDQH6YVr6o=
+honnef.co/go/tools v0.0.0-20190102054323-c2f93a96b099/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4=
+honnef.co/go/tools v0.0.0-20190523083050-ea95bdfd59fc/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4=
 howett.net/plist v1.0.0 h1:7CrbWYbPPO/PyNy38b2EB/+gYbjCe2DXBxgtOOZbSQM=
 howett.net/plist v1.0.0/go.mod h1:lqaXoTrLY4hg8tnEzNru53gicrbv7rrk+2xJA/7hw9g=

main.go

@@ -2,309 +2,14 @@ package main
 
 import (
 	"fmt"
-	"io/ioutil"
 	"os"
-	"os/exec"
-	"path/filepath"
-	"strings"
-	"time"
 
-	luks "github.com/anatol/luks.go"
-	multierror "github.com/hashicorp/go-multierror"
-	"github.com/jaypipes/ghw"
-	"github.com/jaypipes/ghw/pkg/block"
-	"github.com/kairos-io/kcrypt/pkg/bus"
-	"github.com/mudler/go-pluggable"
-	cp "github.com/otiai10/copy"
+	"github.com/kairos-io/kcrypt/pkg/lib"
 	"github.com/urfave/cli"
-
-	pi "github.com/kairos-io/kcrypt/pkg/partition_info"
 )
 
 var Version = "v0.0.0-dev"
 
-func waitdevice(device string, attempts int) error {
-	for tries := 0; tries < attempts; tries++ {
-		sh("udevadm settle")
-		_, err := os.Lstat(device)
-		if !os.IsNotExist(err) {
-			return nil
-		}
-		time.Sleep(1 * time.Second)
-	}
-	return fmt.Errorf("no device found")
-}
-
-// TODO: Ask to discovery a pass to unlock. keep waiting until we get it and a timeout is exhausted with retrials (exp backoff)
-func getPassword(b *block.Partition) (password string, err error) {
-	bus.Reload()
-
-	bus.Manager.Response(bus.EventDiscoveryPassword, func(p *pluggable.Plugin, r *pluggable.EventResponse) {
-		password = r.Data
-		if r.Errored() {
-			err = fmt.Errorf("failed discovery: %s", r.Error)
-		}
-	})
-	bus.Manager.Publish(bus.EventDiscoveryPassword, b)
-
-	if password == "" {
-		return password, fmt.Errorf("received empty password")
-	}
-
-	return
-}
-
-func luksUnlock(device, mapper, password string) error {
-	dev, err := luks.Open(device)
-	if err != nil {
-		// handle error
-		return err
-	}
-	defer dev.Close()
-
-	err = dev.Unlock(0, []byte(password), mapper)
-	if err != nil {
-		return err
-	}
-	return nil
-}
-
-func unlockDisk(b *block.Partition) error {
-	pass, err := getPassword(b)
-	if err != nil {
-		return fmt.Errorf("error retreiving password remotely: %w", err)
-	}
-
-	return luksUnlock(fmt.Sprintf("/dev/%s", b.Name), b.Name, pass)
-}
-
-func createLuks(dev, password, version string, cryptsetupArgs ...string) error {
-	if version == "" {
-		version = "luks2"
-	}
-	args := []string{"luksFormat", "--type", version, "--iter-time", "5", "-q", dev}
-	args = append(args, cryptsetupArgs...)
-	cmd := exec.Command("cryptsetup", args...)
-	cmd.Stdin = strings.NewReader(password)
-	cmd.Stdout = os.Stdout
-	cmd.Stderr = os.Stderr
-
-	if err := cmd.Run(); err != nil {
-		return err
-	}
-
-	return nil
-}
-
-func createDiskImage() (*os.File, error) {
-	disk, err := ioutil.TempFile("", "luksv2.go.disk")
-	if err != nil {
-		return nil, err
-	}
-
-	if err := disk.Truncate(24 * 1024 * 1024); err != nil {
-		return nil, err
-	}
-
-	return disk, err
-}
-
-// TODO: A crypt disk utility to call after install, that with discovery discoveries the password that should be used
-// this function should delete COS_PERSISTENT. delete the partition and create a luks+type in place.
-
-// Take a part label, and recreates it with LUKS. IT OVERWRITES DATA!
-// On success, it returns a machine parseable string with the partition information
-// (label:name:uuid) so that it can be stored by the caller for later use.
-// This is because the label of the encrypted partition is not accessible unless
-// the partition is decrypted first and the uuid changed after encryption so
-// any stored information needs to be updated (by the caller).
-func luksify(label string) (string, error) {
-	// blkid
-	persistent, b, err := findPartition(label)
-	if err != nil {
-		return "", err
-	}
-
-	pass, err := getPassword(b)
-	if err != nil {
-		return "", err
-	}
-
-	persistent = fmt.Sprintf("/dev/%s", persistent)
-	devMapper := fmt.Sprintf("/dev/mapper/%s", b.Name)
-
-	if err := createLuks(persistent, pass, "luks1"); err != nil {
-		return "", err
-	}
-
-	if err := luksUnlock(persistent, b.Name, pass); err != nil {
-		return "", err
-	}
-
-	if err := waitdevice(devMapper, 10); err != nil {
-		return "", err
-	}
-
-	out, err := sh(fmt.Sprintf("mkfs.ext4 -L %s %s", label, devMapper))
-
-	if err != nil {
-		return "", fmt.Errorf("err: %w, out: %s", err, out)
-	}
-
-	out2, err := sh(fmt.Sprintf("cryptsetup close %s", b.Name))
-	if err != nil {
-		return "", fmt.Errorf("err: %w, out: %s", err, out2)
-	}
-
-	return pi.PartitionToString(b), nil
-}
-
-func findPartition(label string) (string, *block.Partition, error) {
-	block, err := ghw.Block()
-	if err == nil {
-		for _, disk := range block.Disks {
-			for _, p := range disk.Partitions {
-				if p.Label == label {
-					return p.Name, p, nil
-				}
-
-			}
-		}
-	} else {
-		return "", nil, err
-	}
-
-	return "", nil, fmt.Errorf("not found")
-}
-
-func sh(c string) (string, error) {
-	o, err := exec.Command("/bin/sh", "-c", c).CombinedOutput()
-	return string(o), err
-}
-
-const (
-	GZType   = "gz"
-	XZType   = "xz"
-	LZMAType = "lzma"
-)
-
-// TODO: replace with golang native code
-func detect(archive string) (string, error) {
-	out, err := sh(fmt.Sprintf("file %s", archive))
-	if err != nil {
-		return "", err
-	}
-	out = strings.ToLower(out)
-	if strings.Contains(out, "xz") {
-		return XZType, nil
-
-	} else if strings.Contains(out, "lzma") {
-		return LZMAType, nil
-
-	} else if strings.Contains(out, "gz") {
-		return GZType, nil
-
-	}
-
-	return "", fmt.Errorf("Unknown")
-}
-
-// TODO: replace with golang native code
-func extractInitrd(initrd string, dst string) error {
-	os.MkdirAll(dst, os.ModePerm)
-	var out string
-	var err error
-	format, err := detect(initrd)
-	if err != nil {
-		return err
-	}
-	if format == XZType || format == LZMAType {
-		out, err = sh(fmt.Sprintf("cd %s && xz -dc <  %s | cpio -idmv", dst, initrd))
-	} else if format == GZType {
-		out, err = sh(fmt.Sprintf("cd %s && zcat %s | cpio -idmv", dst, initrd))
-	}
-	fmt.Println(out)
-
-	return err
-}
-
-func createInitrd(initrd string, src string, format string) error {
-	fmt.Printf("Creating '%s' from '%s' as '%s'\n", initrd, src, format)
-
-	if _, err := os.Stat(src); err != nil {
-		return err
-	}
-	var err error
-	var out string
-	if format == XZType {
-		out, err = sh(fmt.Sprintf("cd %s && find . 2>/dev/null | cpio -H newc --quiet --null -o -R root:root | xz -0 --check=crc32 > %s", src, initrd))
-	} else if format == GZType {
-		out, err = sh(fmt.Sprintf("cd %s && find . | cpio -H newc -o -R root:root | gzip -9 > %s", src, initrd))
-	} else if format == LZMAType {
-		out, err = sh(fmt.Sprintf("cd %s && find . 2>/dev/null | cpio -H newc -o -R root:root | xz -9 --format=lzma > %s", src, initrd))
-	}
-	fmt.Println(out)
-
-	return err
-}
-
-// TODO: A inject initramfs command to add the discovery e.g. to use inside Dockerfiles
-
-func injectInitrd(initrd string, file, dst string) error {
-
-	fmt.Printf("Injecting '%s' as '%s' into '%s'\n", file, dst, initrd)
-	format, err := detect(initrd)
-	if err != nil {
-		return err
-	}
-	tmp, err := ioutil.TempDir("", "kcrypt")
-	if err != nil {
-		return fmt.Errorf("cannot create tempdir, %s", err)
-	}
-	defer os.RemoveAll(tmp)
-
-	fmt.Printf("Extracting '%s' in '%s' ...\n", initrd, tmp)
-	if err := extractInitrd(initrd, tmp); err != nil {
-		return fmt.Errorf("cannot extract initrd, %s", err)
-	}
-
-	d := filepath.Join(tmp, dst)
-	fmt.Printf("Copying '%s' in '%s' ...\n", file, d)
-	if err := cp.Copy(file, d); err != nil {
-		return fmt.Errorf("cannot copy file, %s", err)
-	}
-
-	return createInitrd(initrd, tmp, format)
-}
-
-// TODO: a custom toolkit version, to build out initrd pre-built with this component
-func unlockAll() error {
-	bus.Manager.Initialize()
-
-	partitionInfo, _, err := pi.NewPartitionInfoFromFile(pi.DefaultPartitionInfoFile)
-	if err != nil {
-		return err
-	}
-
-	block, err := ghw.Block()
-	if err == nil {
-		for _, disk := range block.Disks {
-			for _, p := range disk.Partitions {
-				if p.Type == "crypto_LUKS" {
-					p.Label = partitionInfo.LookupLabelForUUID(p.UUID)
-					fmt.Printf("Unmounted Luks found at '%s' LABEL '%s' \n", p.Name, p.Label)
-					err = multierror.Append(err, unlockDisk(p))
-					if err != nil {
-						fmt.Printf("Unlocking failed: '%s'\n", err.Error())
-					}
-					time.Sleep(10 * time.Second)
-				}
-			}
-		}
-	}
-	return err
-}
-
 func main() {
 	app := &cli.App{
 		Name:        "kairos-kcrypt",
@@ -315,25 +20,28 @@ func main() {
 		UsageText:   ``,
 		Copyright:   "Ettore Di Giacinto",
 		Commands: []cli.Command{
-			{
-
-				Name: "extract-initrd",
-				Action: func(c *cli.Context) error {
-					if c.NArg() != 2 {
-						return fmt.Errorf("requires 3 args. initrd,, dst")
-					}
-					return extractInitrd(c.Args()[0], c.Args()[1])
-				},
-			},
 			{
 
 				Name:        "encrypt",
 				Description: "Encrypts a partition",
+				Usage:       "Encrypts a partition",
+				ArgsUsage:   "kcrypt [--version VERSION] [--tpm] LABEL",
+				Flags: []cli.Flag{
+					&cli.StringFlag{
+						Name:  "version",
+						Value: "luks1",
+						Usage: "luks version to use",
+					},
+					&cli.BoolFlag{
+						Name:  "tpm",
+						Usage: "Use TPM to lock the partition",
+					},
+				},
 				Action: func(c *cli.Context) error {
 					if c.NArg() != 1 {
 						return fmt.Errorf("requires 1 arg, the partition label")
 					}
-					out, err := luksify(c.Args().First())
+					out, err := lib.Luksify(c.Args().First(), c.String("version"), c.Bool("tpm"))
 					if err != nil {
 						return err
 					}
@@ -341,30 +49,42 @@ func main() {
 					return nil
 				},
 			},
+
+			{
+				Name:        "unlock-all",
+				UsageText:   "unlock-all",
+				Usage:       "Try to unlock all LUKS partitions",
+				Description: "Typically run during initrd to unlock all the LUKS partitions found",
+				ArgsUsage:   "kcrypt [--tpm] unlock-all",
+				Flags: []cli.Flag{
+					&cli.BoolFlag{
+						Name:  "tpm",
+						Usage: "Use TPM to unlock the partition",
+					},
+				},
+				Action: func(c *cli.Context) error {
+					return lib.UnlockAll(c.Bool("tpm"))
+				},
+			},
 			{
 
-				Name: "inject-initrd",
+				Name:   "extract-initrd",
+				Hidden: true,
+				Action: func(c *cli.Context) error {
+					if c.NArg() != 2 {
+						return fmt.Errorf("requires 3 args. initrd,, dst")
+					}
+					return lib.ExtractInitrd(c.Args()[0], c.Args()[1])
+				},
+			},
+			{
+				Name:   "inject-initrd",
+				Hidden: true,
 				Action: func(c *cli.Context) error {
 					if c.NArg() != 3 {
 						return fmt.Errorf("requires 3 args. initrd, srcfile, dst")
 					}
-					return injectInitrd(c.Args()[0], c.Args()[1], c.Args()[2])
-				},
-			},
-			{
-				Name:      "unlock-all",
-				UsageText: "unlock-all",
-				Usage:     "Try to unlock all LUKS partitions",
-				Description: `
-Typically run during initrd to unlock all the LUKS partitions found
-		`,
-				ArgsUsage: "kcrypt unlock-all",
-				Flags: []cli.Flag{
-
-					&cli.StringFlag{},
-				},
-				Action: func(c *cli.Context) error {
-					return unlockAll()
+					return lib.InjectInitrd(c.Args()[0], c.Args()[1], c.Args()[2])
 				},
 			},
 		},

pkg/bus/bus.go

@@ -28,7 +28,7 @@ type Bus struct {
 
 func (b *Bus) LoadProviders() {
 	wd, _ := os.Getwd()
-	b.Manager.Autoload("kcrypt-discovery", "/system/discovery", "/oem/kcrypt", "/oem/system/discovery", wd).Register()
+	b.Manager.Autoload("kcrypt-discovery", "/sysroot/system/discovery", "/system/discovery", "/oem/kcrypt", "/oem/system/discovery", wd).Register()
 }
 
 func (b *Bus) Initialize() {

pkg/config/config.go

@@ -0,0 +1,145 @@
+// package config contains all the logic around kcrypt config
+// This config includes everything below `kcrypt:` in the kairos config yaml
+package config
+
+import (
+	"fmt"
+	"os"
+	"strings"
+
+	"github.com/gofrs/uuid"
+	"github.com/jaypipes/ghw/pkg/block"
+	"github.com/kairos-io/kairos-sdk/collector"
+	"github.com/pkg/errors"
+	"gopkg.in/yaml.v1"
+)
+
+// There are the directories under which we expect to find kairos configuration.
+// When we are booted from an iso (during installation), configuration is expected
+// under `/oem`. When we are booting an installed system (in initramfs phase),
+// the path is `/sysroot/oem`.
+var ConfigScanDirs = []string{"/oem", "/sysroot/oem"}
+
+// This file is "hardcoded" to `/oem` because we only use this at install time
+// in which case the config is in `/oem`.
+var MappingsFile = "/oem/91-kcrypt-mappings.yaml"
+
+type Config struct {
+	Kcrypt struct {
+		UUIDLabelMappings map[string]string `yaml:"uuid_label_mappings,omitempty"`
+	}
+}
+
+func PartitionToString(p *block.Partition) string {
+	return fmt.Sprintf("%s:%s:%s", p.FilesystemLabel, p.Name, p.UUID)
+}
+
+// Takes a partition info string (as returned by PartitionToString) and return
+// the partition label and the UUID
+func partitionDataFromString(partitionStr string) (string, string, error) {
+	parts := strings.Split(partitionStr, ":")
+	if len(parts) != 3 {
+		return "", "", errors.New("partition string not valid")
+	}
+
+	return strings.TrimSpace(parts[0]), strings.TrimSpace(parts[2]), nil
+}
+
+func GetConfiguration(configDirs []string) (Config, error) {
+	var result Config
+
+	o := &collector.Options{MergeBootCMDLine: false}
+
+	if err := o.Apply(collector.Directories(configDirs...), collector.NoLogs); err != nil {
+		return result, err
+	}
+
+	c, err := collector.Scan(o, func(d []byte) ([]byte, error) {
+		return d, nil
+	})
+	if err != nil {
+		return result, err
+	}
+	configStr, err := c.String()
+	if err != nil {
+		return result, err
+	}
+	if err = yaml.Unmarshal([]byte(configStr), &result); err != nil {
+		return result, err
+	}
+
+	return result, nil
+}
+
+// SetMapping updates the Config with partition information for
+// one partition. This doesn't persist on the file. WriteMappings needs to
+// be called after all mapping are in the Config (possibly with multiple calls
+// to this function).
+func (c *Config) SetMapping(partitionInfo string) error {
+	label, uuid, err := partitionDataFromString(partitionInfo)
+	if err != nil {
+		return err
+	}
+	// Initialize map
+	if c.Kcrypt.UUIDLabelMappings == nil {
+		c.Kcrypt.UUIDLabelMappings = map[string]string{}
+	}
+	c.Kcrypt.UUIDLabelMappings[label] = uuid
+
+	return nil
+}
+
+// WriteMappings will create or replace the MappingsFile
+// It's called by kairos agent, at installation time, after the partitions
+// have been created (and we have the UUIDs available).
+func (c *Config) WriteMappings(fileName string) error {
+	data, err := yaml.Marshal(&c)
+	if err != nil {
+		return errors.Wrap(err, "marshalling the kcrypt configuration to yaml")
+	}
+
+	data = append([]byte(collector.DefaultHeader+"\n"), data...)
+
+	err = os.WriteFile(fileName, data, 0744)
+	if err != nil {
+		return errors.Wrap(err, "writing the kcrypt configuration file")
+	}
+
+	return nil
+}
+
+func (c Config) LookupUUIDForLabel(l string) string {
+	return c.Kcrypt.UUIDLabelMappings[l]
+}
+
+func (c Config) LookupLabelForUUID(uuid string) string {
+	for k, v := range c.Kcrypt.UUIDLabelMappings {
+		if v == uuid {
+			return k
+		}
+	}
+
+	return ""
+}
+
+// GetLabelForUUID returns the partition label for a known UUID
+// UUIDS are generated on luksify method
+// They are generated by setting the namespace to DNS and the name to the fs label, so they are always the same
+func (c Config) GetLabelForUUID(uuidCheck string) (string, error) {
+	persistent := uuid.NewV5(uuid.NamespaceURL, "COS_PERSISTENT")
+	oem := uuid.NewV5(uuid.NamespaceURL, "COS_OEM")
+	fmt.Printf("Checking uuid: %s\n", uuidCheck)
+	parsedUUID, err := uuid.FromString(uuidCheck)
+	if err != nil {
+		return "", err
+	}
+	switch parsedUUID {
+	case persistent:
+		return "COS_PERSISTENT", nil
+	case oem:
+		return "COS_OEM", nil
+	default:
+		return "", errors.New("no partition found with that uuid")
+
+	}
+}

pkg/config/config_test.go

@@ -0,0 +1,216 @@
+package config_test
+
+import (
+	"os"
+
+	. "github.com/onsi/ginkgo/v2"
+	. "github.com/onsi/gomega"
+
+	"github.com/kairos-io/kairos-sdk/collector"
+	configpkg "github.com/kairos-io/kcrypt/pkg/config"
+)
+
+var _ = Describe("Config", func() {
+	var tmpDir string
+	var err error
+
+	BeforeEach(func() {
+		tmpDir, err = os.MkdirTemp("", "kcrypt-configuration-*")
+		Expect(err).ToNot(HaveOccurred())
+	})
+
+	AfterEach(func() {
+		os.RemoveAll(tmpDir)
+	})
+
+	Describe("GetConfiguration", func() {
+		When("the no relevant block exists", func() {
+			It("returns empty Config", func() {
+				c, err := configpkg.GetConfiguration([]string{tmpDir})
+				Expect(err).ToNot(HaveOccurred())
+				Expect(c.Kcrypt.UUIDLabelMappings).To(BeEmpty())
+			})
+		})
+
+		When("a kcrypt block exists", func() {
+			var tmpFile *os.File
+
+			BeforeEach(func() {
+				tmpFile, err = os.CreateTemp(tmpDir, "config-*.yaml")
+				Expect(err).ToNot(HaveOccurred())
+				data := []byte(`#cloud-config
+kcrypt:
+  uuid_label_mappings:
+    COS_PERSISTENT: some_uuid_here
+`)
+				err := os.WriteFile(tmpFile.Name(), data, 0744)
+				Expect(err).ToNot(HaveOccurred())
+			})
+
+			It("returns the Config", func() {
+				c, err := configpkg.GetConfiguration([]string{tmpDir})
+				Expect(err).ToNot(HaveOccurred())
+				Expect(c.Kcrypt.UUIDLabelMappings["COS_PERSISTENT"]).To(Equal("some_uuid_here"))
+			})
+		})
+
+		When("multiple kcrypt block exist", func() {
+			var tmpFile1, tmpFile2 *os.File
+
+			BeforeEach(func() {
+				tmpFile1, err = os.CreateTemp(tmpDir, "config-*.yaml")
+				Expect(err).ToNot(HaveOccurred())
+				data := []byte(`#cloud-config
+kcrypt:
+  challenger_server: http://test.org:8082
+`)
+				err := os.WriteFile(tmpFile1.Name(), data, 0744)
+				Expect(err).ToNot(HaveOccurred())
+
+				tmpFile2, err = os.CreateTemp(tmpDir, "config-*.yaml")
+				Expect(err).ToNot(HaveOccurred())
+				data = []byte(`#cloud-config
+kcrypt:
+  uuid_label_mappings:
+    COS_PERSISTENT: some_uuid_here
+`)
+				err = os.WriteFile(tmpFile2.Name(), data, 0744)
+				Expect(err).ToNot(HaveOccurred())
+			})
+
+			It("returns the merged Config", func() {
+				c, err := configpkg.GetConfiguration([]string{tmpDir})
+				Expect(err).ToNot(HaveOccurred())
+				Expect(c.Kcrypt.UUIDLabelMappings["COS_PERSISTENT"]).To(Equal("some_uuid_here"))
+			})
+		})
+	})
+
+	Describe("SetMapping", func() {
+		var c configpkg.Config
+
+		BeforeEach(func() {
+			c, err = configpkg.GetConfiguration([]string{tmpDir})
+			Expect(err).ToNot(HaveOccurred())
+		})
+
+		It("adds partition information when empty and appends when not", func() {
+			Expect(c.Kcrypt.UUIDLabelMappings).To(BeNil())
+			err := c.SetMapping("some_label:some_name:some_uuid")
+			Expect(err).ToNot(HaveOccurred())
+			Expect(c.Kcrypt.UUIDLabelMappings["some_label"]).To(Equal("some_uuid"))
+
+			err = c.SetMapping("some_other_label:some_name:some_other_uuid")
+			Expect(err).ToNot(HaveOccurred())
+			Expect(c.Kcrypt.UUIDLabelMappings["some_label"]).To(Equal("some_uuid"))
+			Expect(c.Kcrypt.UUIDLabelMappings["some_other_label"]).To(Equal("some_other_uuid"))
+		})
+	})
+
+	Describe("WriteMappings", func() {
+		var tmpFile *os.File
+		var c configpkg.Config
+
+		When("mappings config file already exists", func() {
+			BeforeEach(func() {
+				tmpFile, err = os.CreateTemp(tmpDir, "config-*.yaml")
+				Expect(err).ToNot(HaveOccurred())
+				data := []byte(`kcrypt:
+  uuid_label_mappings:
+    COS_PERSISTENT: some_uuid_here
+`)
+				err := os.WriteFile(tmpFile.Name(), data, 0744)
+				Expect(err).ToNot(HaveOccurred())
+			})
+
+			It("replaces the file contents", func() {
+				err := c.SetMapping("COS_PERSISTENT:the_new_name:the_new_uuid")
+				Expect(err).ToNot(HaveOccurred())
+				err = c.WriteMappings(tmpFile.Name())
+				Expect(err).ToNot(HaveOccurred())
+				data, err := os.ReadFile(tmpFile.Name())
+				Expect(err).ToNot(HaveOccurred())
+				Expect(collector.HasValidHeader(string(data))).To(BeTrue())
+
+				newConfig, err := configpkg.GetConfiguration([]string{tmpDir})
+				Expect(err).ToNot(HaveOccurred())
+				Expect(newConfig.Kcrypt.UUIDLabelMappings["COS_PERSISTENT"]).To(Equal("the_new_uuid"))
+			})
+		})
+
+		When("a mappings configuration file doesn't exist", func() {
+			BeforeEach(func() {
+				tmpFile, err = os.CreateTemp(tmpDir, "config-*.yaml")
+				Expect(err).ToNot(HaveOccurred())
+				// We will reuse the same name but we make sure the file doesn't exist.
+				os.RemoveAll(tmpFile.Name())
+			})
+
+			It("creates the file with the given mappings", func() {
+				err := c.SetMapping("COS_PERSISTENT:the_new_name:the_new_uuid")
+				Expect(err).ToNot(HaveOccurred())
+				err = c.WriteMappings(tmpFile.Name())
+				Expect(err).ToNot(HaveOccurred())
+
+				newConfig, err := configpkg.GetConfiguration([]string{tmpDir})
+				Expect(err).ToNot(HaveOccurred())
+				Expect(newConfig.Kcrypt.UUIDLabelMappings["COS_PERSISTENT"]).To(Equal("the_new_uuid"))
+			})
+		})
+	})
+
+	Describe("LookupUUIDForLabel", func() {
+		var tmpFile *os.File
+		var c configpkg.Config
+
+		BeforeEach(func() {
+			tmpFile, err = os.CreateTemp(tmpDir, "config-*.yaml")
+			Expect(err).ToNot(HaveOccurred())
+			// Should trim the whitespace
+			err = c.SetMapping("COS_PERSISTENT:the_new_name:some_uuid_1\n")
+			Expect(err).ToNot(HaveOccurred())
+			err = c.WriteMappings(tmpFile.Name())
+			Expect(err).ToNot(HaveOccurred())
+		})
+
+		It("returns the correct UUID", func() {
+			uuid := c.LookupUUIDForLabel("COS_PERSISTENT")
+			Expect(uuid).To(Equal("some_uuid_1"))
+		})
+
+		It("returns an empty UUID when the label is not found", func() {
+			uuid := c.LookupUUIDForLabel("DOESNT_EXIST")
+			Expect(uuid).To(Equal(""))
+		})
+
+		It("returns an empty UUID when the UUIDLabelMappings is nil", func() {
+			c.Kcrypt.UUIDLabelMappings = nil
+			uuid := c.LookupUUIDForLabel("COS_PERSISTENT")
+			Expect(uuid).To(Equal(""))
+		})
+	})
+
+	Describe("LookupLabelForUUID", func() {
+		var tmpFile *os.File
+		var c configpkg.Config
+
+		BeforeEach(func() {
+			tmpFile, err = os.CreateTemp(tmpDir, "config-*.yaml")
+			Expect(err).ToNot(HaveOccurred())
+			err = c.SetMapping("COS_PERSISTENT:the_new_name:some_uuid_1")
+			Expect(err).ToNot(HaveOccurred())
+			err = c.WriteMappings(tmpFile.Name())
+			Expect(err).ToNot(HaveOccurred())
+		})
+
+		It("returns the correct label", func() {
+			uuid := c.LookupLabelForUUID("some_uuid_1")
+			Expect(uuid).To(Equal("COS_PERSISTENT"))
+		})
+
+		It("returns an empty label when UUID doesn't exist", func() {
+			uuid := c.LookupLabelForUUID("doesnt_exist")
+			Expect(uuid).To(Equal(""))
+		})
+	})
+})

pkg/config/suite_test.go

@@ -1,4 +1,4 @@
-package partition_info
+package config
 
 import (
 	"testing"
@@ -9,5 +9,5 @@ import (
 
 func TestPartitionINfo(t *testing.T) {
 	RegisterFailHandler(Fail)
-	RunSpecs(t, "PartitionInfo file parser test suite")
+	RunSpecs(t, "Kcrypt config test suite")
 }

pkg/lib/initrd.go

@@ -0,0 +1,104 @@
+package lib
+
+import (
+	"fmt"
+	"os"
+	"path/filepath"
+	"strings"
+
+	cp "github.com/otiai10/copy"
+)
+
+const (
+	GZType   = "gz"
+	XZType   = "xz"
+	LZMAType = "lzma"
+)
+
+func createInitrd(initrd string, src string, format string) error {
+	fmt.Printf("Creating '%s' from '%s' as '%s'\n", initrd, src, format)
+
+	if _, err := os.Stat(src); err != nil {
+		return err
+	}
+	var err error
+	var out string
+	if format == XZType {
+		out, err = SH(fmt.Sprintf("cd %s && find . 2>/dev/null | cpio -H newc --quiet --null -o -R root:root | xz -0 --check=crc32 > %s", src, initrd))
+	} else if format == GZType {
+		out, err = SH(fmt.Sprintf("cd %s && find . | cpio -H newc -o -R root:root | gzip -9 > %s", src, initrd))
+	} else if format == LZMAType {
+		out, err = SH(fmt.Sprintf("cd %s && find . 2>/dev/null | cpio -H newc -o -R root:root | xz -9 --format=lzma > %s", src, initrd))
+	}
+	fmt.Println(out)
+
+	return err
+}
+
+func InjectInitrd(initrd string, file, dst string) error {
+	fmt.Printf("Injecting '%s' as '%s' into '%s'\n", file, dst, initrd)
+	format, err := detect(initrd)
+	if err != nil {
+		return err
+	}
+	tmp, err := os.MkdirTemp("", "kcrypt")
+	if err != nil {
+		return fmt.Errorf("cannot create tempdir, %s", err)
+	}
+	defer os.RemoveAll(tmp)
+
+	fmt.Printf("Extracting '%s' in '%s' ...\n", initrd, tmp)
+	if err := ExtractInitrd(initrd, tmp); err != nil {
+		return fmt.Errorf("cannot extract initrd, %s", err)
+	}
+
+	d := filepath.Join(tmp, dst)
+	fmt.Printf("Copying '%s' in '%s' ...\n", file, d)
+	if err := cp.Copy(file, d); err != nil {
+		return fmt.Errorf("cannot copy file, %s", err)
+	}
+
+	return createInitrd(initrd, tmp, format)
+}
+
+func ExtractInitrd(initrd string, dst string) error {
+	var out string
+	var err error
+	err = os.MkdirAll(dst, os.ModePerm)
+	if err != nil {
+		return err
+	}
+
+	format, err := detect(initrd)
+	if err != nil {
+		return err
+	}
+	if format == XZType || format == LZMAType {
+		out, err = SH(fmt.Sprintf("cd %s && xz -dc <  %s | cpio -idmv", dst, initrd))
+	} else if format == GZType {
+		out, err = SH(fmt.Sprintf("cd %s && zcat %s | cpio -idmv", dst, initrd))
+	}
+	fmt.Println(out)
+
+	return err
+}
+
+func detect(archive string) (string, error) {
+	out, err := SH(fmt.Sprintf("file %s", archive))
+	if err != nil {
+		return "", err
+	}
+	out = strings.ToLower(out)
+	if strings.Contains(out, "xz") {
+		return XZType, nil
+
+	} else if strings.Contains(out, "lzma") {
+		return LZMAType, nil
+
+	} else if strings.Contains(out, "gz") {
+		return GZType, nil
+
+	}
+
+	return "", fmt.Errorf("Unknown")
+}

pkg/lib/lock.go

@@ -0,0 +1,159 @@
+package lib
+
+import (
+	"fmt"
+	"math/rand"
+	"os"
+	"os/exec"
+	"strings"
+	"syscall"
+	"time"
+
+	"github.com/gofrs/uuid"
+	"github.com/jaypipes/ghw"
+	"github.com/jaypipes/ghw/pkg/block"
+	configpkg "github.com/kairos-io/kcrypt/pkg/config"
+)
+
+func CreateLuks(dev, password, version string, cryptsetupArgs ...string) error {
+	if version == "" {
+		version = "luks2"
+	}
+	args := []string{"luksFormat", "--type", version, "--iter-time", "5", "-q", dev}
+	args = append(args, cryptsetupArgs...)
+	cmd := exec.Command("cryptsetup", args...)
+	cmd.Stdin = strings.NewReader(password)
+	cmd.Stdout = os.Stdout
+	cmd.Stderr = os.Stderr
+	err := cmd.Run()
+	if err != nil {
+		return err
+	}
+
+	return nil
+}
+
+var seededRand = rand.New(rand.NewSource(time.Now().UnixNano()))
+
+func getRandomString(length int) string {
+	const charset = "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789"
+	b := make([]byte, length)
+	for i := range b {
+		b[i] = charset[seededRand.Intn(len(charset))]
+	}
+	return string(b)
+}
+
+// Luksify Take a part label, and recreates it with LUKS. IT OVERWRITES DATA!
+// On success, it returns a machine parseable string with the partition information
+// (label:name:uuid) so that it can be stored by the caller for later use.
+// This is because the label of the encrypted partition is not accessible unless
+// the partition is decrypted first and the uuid changed after encryption so
+// any stored information needs to be updated (by the caller).
+func Luksify(label, version string, tpm bool) (string, error) {
+	var pass string
+	if version == "" {
+		version = "luks1"
+	}
+	if version != "luks1" && version != "luks2" {
+		return "", fmt.Errorf("version must be luks1 or luks2")
+	}
+
+	// Make sure ghw will see all partitions correctly.
+	// older versions don't have --type=all. Try the simpler version then.
+	out, err := SH("udevadm trigger --type=all || udevadm trigger")
+	if err != nil {
+		return "", fmt.Errorf("udevadm trigger failed: %w, out: %s", err, out)
+	}
+	syscall.Sync()
+
+	part, b, err := FindPartition(label)
+	if err != nil {
+		return "", err
+	}
+
+	if tpm {
+		// On TPM locking we generate a random password that will only be used here then discarded.
+		// only unlocking method will be PCR values
+		pass = getRandomString(32)
+	} else {
+		pass, err = GetPassword(b)
+		if err != nil {
+			return "", err
+		}
+	}
+
+	part = fmt.Sprintf("/dev/%s", part)
+	devMapper := fmt.Sprintf("/dev/mapper/%s", b.Name)
+	partUUID := uuid.NewV5(uuid.NamespaceURL, label)
+
+	extraArgs := []string{"--uuid", partUUID.String()}
+
+	if err := CreateLuks(part, pass, version, extraArgs...); err != nil {
+		return "", err
+	}
+	if tpm {
+		// Enroll PCR policy as a keyslot
+		// We pass the current signature of the booted system to confirm that we would be able to unlock with the current booted system
+		// That checks the policy against the signatures and fails if a UKI with those signatures wont be able to unlock the device
+		// Files are generated by systemd automatically and are extracted from the UKI binary directly
+		// public pem cert -> .pcrpkey section fo the elf file
+		// signatures -> .pcrsig section of the elf file
+		args := []string{"--tpm2-public-key=/run/systemd/tpm2-pcr-public-key.pem", "--tpm2-signature=/run/systemd/tpm2-pcr-signature.json", "--tpm2-device=auto", part}
+		cmd := exec.Command("systemd-cryptenroll", args...)
+		cmd.Env = append(cmd.Env, fmt.Sprintf("PASSWORD=%s", pass)) // cannot pass it via stdin
+		cmd.Stdout = os.Stdout
+		cmd.Stderr = os.Stderr
+		err := cmd.Run()
+		if err != nil {
+			return "", err
+		}
+	}
+
+	if err := LuksUnlock(part, b.Name, pass); err != nil {
+		return "", fmt.Errorf("unlock err: %w", err)
+	}
+
+	if err := Waitdevice(devMapper, 10); err != nil {
+		return "", fmt.Errorf("waitdevice err: %w", err)
+	}
+
+	cmd := fmt.Sprintf("mkfs.ext4 -L %s %s", label, devMapper)
+	out, err = SH(cmd)
+	if err != nil {
+		return "", fmt.Errorf("mkfs err: %w, out: %s", err, out)
+	}
+
+	out, err = SH(fmt.Sprintf("cryptsetup close %s", b.Name))
+	if err != nil {
+		return "", fmt.Errorf("lock err: %w, out: %s", err, out)
+	}
+
+	if tpm {
+		// Delete password slot from luks device
+		out, err := SH(fmt.Sprintf("systemd-cryptenroll --wipe-slot=password %s", part))
+		if err != nil {
+			return "", fmt.Errorf("err: %w, out: %s", err, out)
+		}
+	}
+
+	return configpkg.PartitionToString(b), nil
+}
+
+func FindPartition(label string) (string, *block.Partition, error) {
+	b, err := ghw.Block()
+	if err == nil {
+		for _, disk := range b.Disks {
+			for _, p := range disk.Partitions {
+				if p.FilesystemLabel == label {
+					return p.Name, p, nil
+				}
+
+			}
+		}
+	} else {
+		return "", nil, err
+	}
+
+	return "", nil, fmt.Errorf("not found")
+}

pkg/lib/unlock.go

@@ -0,0 +1,139 @@
+package lib
+
+import (
+	"fmt"
+	"path/filepath"
+	"strings"
+
+	"github.com/anatol/luks.go"
+	"github.com/jaypipes/ghw"
+	"github.com/jaypipes/ghw/pkg/block"
+	"github.com/kairos-io/kairos-sdk/utils"
+	"github.com/kairos-io/kcrypt/pkg/bus"
+	configpkg "github.com/kairos-io/kcrypt/pkg/config"
+	"github.com/mudler/go-pluggable"
+	"github.com/rs/zerolog"
+	"github.com/rs/zerolog/log"
+)
+
+// UnlockAll Unlocks all encrypted devices found in the system
+func UnlockAll(tpm bool) error {
+	logger := log.Logger
+
+	return UnlockAllWithLogger(tpm, logger)
+}
+
+func UnlockAllWithLogger(tpm bool, logger zerolog.Logger) error {
+	bus.Manager.Initialize()
+
+	config, err := configpkg.GetConfiguration(configpkg.ConfigScanDirs)
+	if err != nil {
+		logger.Info().Msgf("Warning: Could not read kcrypt configuration '%s'\n", err.Error())
+	}
+
+	blk, err := ghw.Block()
+	if err != nil {
+		logger.Warn().Msgf("Warning: Error reading partitions '%s \n", err.Error())
+
+		return nil
+	}
+
+	// Some versions of udevadm don't support --settle (e.g. alpine)
+	// and older versions don't have --type=all. Try the simpler version then.
+	logger.Info().Msgf("triggering udev to populate disk info")
+	_, err = utils.SH("udevadm trigger --type=all || udevadm trigger")
+	if err != nil {
+		return err
+	}
+
+	for _, disk := range blk.Disks {
+		for _, p := range disk.Partitions {
+			if p.Type == "crypto_LUKS" {
+				// Get the luks UUID directly from cryptsetup
+				volumeUUID, err := utils.SH(fmt.Sprintf("cryptsetup luksUUID %s", filepath.Join("/dev", p.Name)))
+				logger.Info().Msgf("Got luks UUID %s for partition %s\n", volumeUUID, p.Name)
+				if err != nil {
+					return err
+				}
+				volumeUUID = strings.TrimSpace(volumeUUID)
+				if volumeUUID == "" {
+					logger.Warn().Msgf("No uuid for %s, skipping\n", p.Name)
+					continue
+				}
+				// Check if device is already mounted
+				// We mount it under /dev/mapper/DEVICE, so It's pretty easy to check
+				if !utils.Exists(filepath.Join("/dev", "mapper", p.Name)) {
+					logger.Info().Msgf("Unmounted Luks found at '%s' \n", filepath.Join("/dev", p.Name))
+					if tpm {
+						out, err := utils.SH(fmt.Sprintf("/usr/lib/systemd/systemd-cryptsetup attach %s %s - tpm2-device=auto", p.Name, filepath.Join("/dev", p.Name)))
+						if err != nil {
+							logger.Warn().Msgf("Unlocking failed: '%s'\n", err.Error())
+							logger.Warn().Msgf("Unlocking failed, command output: '%s'\n", out)
+						}
+					} else {
+						p.FilesystemLabel, err = config.GetLabelForUUID(volumeUUID)
+						if err != nil {
+							return err
+						}
+						err = UnlockDisk(p)
+						if err != nil {
+							logger.Warn().Msgf("Unlocking failed: '%s'\n", err.Error())
+						}
+					}
+				} else {
+					logger.Info().Msgf("Device %s seems to be mounted at %s, skipping\n", filepath.Join("/dev", p.Name), filepath.Join("/dev", "mapper", p.Name))
+				}
+
+			}
+		}
+	}
+	return nil
+}
+
+// UnlockDisk unlocks a single block.Partition
+func UnlockDisk(b *block.Partition) error {
+	pass, err := GetPassword(b)
+	if err != nil {
+		return fmt.Errorf("error retreiving password remotely: %w", err)
+	}
+
+	return LuksUnlock(filepath.Join("/dev", b.Name), b.Name, pass)
+}
+
+// GetPassword gets the password for a block.Partition
+// TODO: Ask to discovery a pass to unlock. keep waiting until we get it and a timeout is exhausted with retrials (exp backoff)
+func GetPassword(b *block.Partition) (password string, err error) {
+	bus.Reload()
+
+	bus.Manager.Response(bus.EventDiscoveryPassword, func(p *pluggable.Plugin, r *pluggable.EventResponse) {
+		password = r.Data
+		if r.Errored() {
+			err = fmt.Errorf("failed discovery: %s", r.Error)
+		}
+	})
+	_, err = bus.Manager.Publish(bus.EventDiscoveryPassword, b)
+	if err != nil {
+		return password, err
+	}
+
+	if password == "" {
+		return password, fmt.Errorf("received empty password")
+	}
+
+	return
+}
+
+func LuksUnlock(device, mapper, password string) error {
+	dev, err := luks.Open(device)
+	if err != nil {
+		// handle error
+		return err
+	}
+	defer dev.Close()
+
+	err = dev.Unlock(0, []byte(password), mapper)
+	if err != nil {
+		return err
+	}
+	return nil
+}

pkg/lib/utils.go

@@ -0,0 +1,28 @@
+package lib
+
+import (
+	"fmt"
+	"os"
+	"os/exec"
+	"time"
+)
+
+func SH(c string) (string, error) {
+	o, err := exec.Command("/bin/sh", "-c", c).CombinedOutput()
+	return string(o), err
+}
+
+func Waitdevice(device string, attempts int) error {
+	for tries := 0; tries < attempts; tries++ {
+		_, err := SH("udevadm settle")
+		if err != nil {
+			return err
+		}
+		_, err = os.Lstat(device)
+		if !os.IsNotExist(err) {
+			return nil
+		}
+		time.Sleep(1 * time.Second)
+	}
+	return fmt.Errorf("no device found")
+}

pkg/partition_info/partition_info.go

@@ -1,125 +0,0 @@
-package partition_info
-
-import (
-	"fmt"
-	"io/ioutil"
-	"os"
-	"strings"
-
-	"github.com/jaypipes/ghw/pkg/block"
-	"github.com/pkg/errors"
-	"gopkg.in/yaml.v3"
-)
-
-const DefaultPartitionInfoFile = "/oem/partition_info.yaml"
-
-// PartitionInfo maps a partition label to a partition UUID.
-// It's used in order to be able to ask the kcrypt-challenger for the passphrase
-// using the partition label, even when the label is not accessible (e.g. before
-// decrypting the partition). The UUID can be used to lookup the partition label
-// and make the request.
-type PartitionInfo struct {
-	file    string
-	mapping map[string]string
-}
-
-// NewPartitionInfoFromFile reads the given partition info file (if one exists)
-// and returns a pointer to a PartitionInfo object.
-// If a file doesn't exist, the function will create one and return an "empty"
-// PartitionInfo object.
-// The boolean return value indicates whether a file existed or not (true means,
-// a file existed already).
-func NewPartitionInfoFromFile(file string) (*PartitionInfo, bool, error) {
-	existed, err := createInfoFileIfNotExists(file)
-	if err != nil {
-		return nil, existed, err
-	}
-
-	mapping, err := ParsePartitionInfoFile(file)
-	if err != nil {
-		return nil, existed, err
-	}
-
-	return &PartitionInfo{
-		file:    file,
-		mapping: mapping,
-	}, existed, nil
-}
-
-func (pi PartitionInfo) LookupUUIDForLabel(l string) string {
-	return pi.mapping[l]
-}
-
-func (pi PartitionInfo) LookupLabelForUUID(uuid string) string {
-	for k, v := range pi.mapping {
-		if v == uuid {
-			return k
-		}
-	}
-
-	return ""
-}
-
-// UpdatePartitionLabelMapping takes partition information as a string argument
-// the the form: `label:name:uuid` (that's what the `kcrypt encrypt` command returns
-// on success. This function stores it in the PartitionInfoFile yaml file for
-// later use.
-func (pi PartitionInfo) UpdateMapping(partitionData string) error {
-	label, uuid := PartitionDataFromString(partitionData)
-	pi.mapping[label] = uuid
-
-	return pi.save()
-}
-
-func (pi PartitionInfo) save() error {
-	data, err := yaml.Marshal(&pi.mapping)
-	if err != nil {
-		return errors.Wrap(err, "marshalling the new partition info to yaml")
-	}
-	err = ioutil.WriteFile(pi.file, data, 0)
-	if err != nil {
-		return errors.Wrap(err, "writing back the partition info file")
-	}
-	return nil
-}
-
-func PartitionToString(p *block.Partition) string {
-	return fmt.Sprintf("%s:%s:%s", p.Label, p.Name, p.UUID)
-}
-
-// Takes a partition info string (as returned by PartitionToString) and return
-// the partition label and the UUID
-func PartitionDataFromString(partitionStr string) (string, string) {
-	parts := strings.Split(partitionStr, ":")
-
-	return parts[0], parts[2]
-}
-
-func ParsePartitionInfoFile(file string) (map[string]string, error) {
-	var result map[string]string
-
-	yamlFile, err := ioutil.ReadFile(file)
-	if err != nil {
-		return result, errors.Wrap(err, "reading the partition info file")
-	}
-
-	err = yaml.Unmarshal(yamlFile, &result)
-	if err != nil {
-		return result, errors.Wrap(err, "unmarshalling partition info file")
-	}
-
-	return result, nil
-}
-
-// createInfoFileIfNotExists returns true if file already exists or creates the
-// the file if it doesn't exist and returns false.
-func createInfoFileIfNotExists(fileName string) (bool, error) {
-	_, err := os.Stat(fileName)
-	if errors.Is(err, os.ErrNotExist) {
-		if _, err := os.Create(fileName); err != nil {
-			return false, err
-		}
-		return false, nil
-	}
-	return true, nil
-}

pkg/partition_info/partition_info_test.go

@@ -1,179 +0,0 @@
-package partition_info_test
-
-import (
-	"fmt"
-	"io/ioutil"
-	"os"
-	"path"
-	"time"
-
-	"github.com/jaypipes/ghw/pkg/block"
-	. "github.com/onsi/ginkgo/v2"
-	. "github.com/onsi/gomega"
-
-	pi "github.com/kairos-io/kcrypt/pkg/partition_info"
-)
-
-var _ = Describe("Partition Info file parsing", func() {
-	Describe("NewPartitionInfoFromFile", func() {
-		var file string
-
-		BeforeEach(func() {
-			file = "../../tests/assets/partition_info.yaml"
-		})
-		When("the files exists already", func() {
-			It("returns 'true' and a PartitionInfo object", func() {
-				result, existed, err := pi.NewPartitionInfoFromFile(file)
-				Expect(err).ToNot(HaveOccurred())
-				Expect(result).ToNot(BeNil())
-				Expect(existed).To(BeTrue())
-			})
-		})
-
-		When("a file doesn't exist", func() {
-			var fileName string
-			BeforeEach(func() {
-				fileName = path.Join(
-					os.TempDir(),
-					fmt.Sprintf("partition-info-%d.yaml", time.Now().UnixNano()))
-			})
-
-			It("creates the file and returns 'false' and an (empty) mapping", func() {
-				result, existed, err := pi.NewPartitionInfoFromFile(fileName)
-				Expect(err).ToNot(HaveOccurred())
-				Expect(result).ToNot(BeNil())
-				Expect(existed).To(BeFalse())
-				_, err = os.Stat(fileName)
-				Expect(err).ToNot(HaveOccurred())
-			})
-		})
-	})
-
-	Describe("ParsePartitionInfoFile", func() {
-		var file string
-
-		BeforeEach(func() {
-			file = "../../tests/assets/partition_info.yaml"
-		})
-
-		It("parses the file correctly", func() {
-			info, err := pi.ParsePartitionInfoFile(file)
-			Expect(err).ToNot(HaveOccurred())
-			Expect(len(info)).To(Equal(2))
-			Expect(info["COS_PERSISTENT"]).To(Equal("some_uuid_1"))
-			Expect(info["COS_OTHER"]).To(Equal("some_uuid_2"))
-		})
-	})
-
-	Describe("PartitionToString", func() {
-		var partition *block.Partition
-
-		BeforeEach(func() {
-			partition = &block.Partition{
-				Disk:       nil,
-				Name:       "sda1",
-				Label:      "COS_PERSISTENT",
-				MountPoint: "/mnt/sda1",
-				UUID:       "some_uuid_here",
-			}
-		})
-
-		It("returns a string representation of the partition data", func() {
-			Expect(pi.PartitionToString(partition)).To(Equal("COS_PERSISTENT:sda1:some_uuid_here"))
-		})
-	})
-
-	Describe("PartitionDataFromString", func() {
-		var partitionData string
-
-		BeforeEach(func() {
-			partitionData = "THE_LABEL:the_name:the_uuid"
-		})
-
-		It("returns the label and the uuid", func() {
-			label, uuid := pi.PartitionDataFromString(partitionData)
-			Expect(label).To(Equal("THE_LABEL"))
-			Expect(uuid).To(Equal("the_uuid"))
-		})
-	})
-
-	Describe("UpdateMapping", func() {
-		var file *os.File
-		var err error
-		var partitionInfo *pi.PartitionInfo
-
-		BeforeEach(func() {
-			file, err = ioutil.TempFile("", "partition-info.*.yaml")
-			Expect(err).ToNot(HaveOccurred())
-
-			_, err = file.Write([]byte("TO_KEEP: old_uuid_1"))
-			Expect(err).ToNot(HaveOccurred())
-
-			partitionInfo, _, err = pi.NewPartitionInfoFromFile(file.Name())
-			Expect(err).ToNot(HaveOccurred())
-		})
-
-		AfterEach(func() {
-			os.Remove(file.Name())
-		})
-
-		It("Updates the file correctly from a `kcrypt encrypt` return value", func() {
-			partitionData := "TO_BE_ADDED:some_name:new_uuid"
-
-			err = partitionInfo.UpdateMapping(partitionData)
-			Expect(err).ToNot(HaveOccurred())
-
-			dat, err := os.ReadFile(file.Name())
-			Expect(err).ToNot(HaveOccurred())
-
-			expectedContent := `TO_BE_ADDED: new_uuid
-TO_KEEP: old_uuid_1
-`
-			Expect(string(dat)).To(Equal(expectedContent))
-		})
-	})
-
-	Describe("LookupUUIDForLabel", func() {
-		var file string
-		var partitionInfo *pi.PartitionInfo
-		var err error
-
-		BeforeEach(func() {
-			file = "../../tests/assets/partition_info.yaml"
-			partitionInfo, _, err = pi.NewPartitionInfoFromFile(file)
-			Expect(err).ToNot(HaveOccurred())
-		})
-
-		It("returns the correct UUID", func() {
-			uuid := partitionInfo.LookupUUIDForLabel("COS_PERSISTENT")
-			Expect(uuid).To(Equal("some_uuid_1"))
-		})
-
-		It("returns an empty UUID when the label is not found", func() {
-			uuid := partitionInfo.LookupUUIDForLabel("DOESNT_EXIST")
-			Expect(uuid).To(Equal(""))
-		})
-	})
-
-	Describe("LookupLabelForUUID", func() {
-		var file string
-		var partitionInfo *pi.PartitionInfo
-		var err error
-
-		BeforeEach(func() {
-			file = "../../tests/assets/partition_info.yaml"
-			partitionInfo, _, err = pi.NewPartitionInfoFromFile(file)
-			Expect(err).ToNot(HaveOccurred())
-		})
-
-		It("returns the correct label", func() {
-			uuid := partitionInfo.LookupLabelForUUID("some_uuid_1")
-			Expect(uuid).To(Equal("COS_PERSISTENT"))
-		})
-
-		It("returns an empty label when UUID doesn't exist", func() {
-			uuid := partitionInfo.LookupLabelForUUID("doesnt_exist")
-			Expect(uuid).To(Equal(""))
-		})
-	})
-})

renovate.json

@@ -0,0 +1,18 @@
+{
+  "$schema": "https://docs.renovatebot.com/renovate-schema.json",
+  "extends": [
+    "config:base"
+  ],
+  "schedule": [
+    "after 11pm every weekday",
+    "before 7am every weekday",
+    "every weekend"
+  ],
+  "timezone": "Europe/Brussels",
+  "packageRules": [
+    {
+      "matchUpdateTypes": ["patch"],
+      "automerge": true
+    }
+  ]
+}

tests/assets/partition_info.yaml

@@ -1,2 +0,0 @@
-COS_PERSISTENT: some_uuid_1
-COS_OTHER: some_uuid_2