github-personal/cozystack
1
0
Fork 0
mirror of https://github.com/outbackdingo/cozystack.git synced 2026-01-27 18:18:41 +00:00
Code Issues Packages Projects Releases Wiki Activity

Merge branch 'main' into clickhouse-add-ch-keeper

Browse Source 
Signed-off-by: klinch0 <68821526+klinch0@users.noreply.github.com>
This commit is contained in:
klinch0
2025-08-07 14:11:22 +03:00
committed by GitHub
parent 896209a004 c6bceff54b
commit 39adc16015
75 changed files with 5242 additions and 806 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
.github/workflows/pre-commit.yml vendored
View File

@@ -29,6 +29,7 @@ jobs:
- name: Install generate
run: |
curl -sSL https://github.com/cozystack/readme-generator-for-helm/releases/download/v1.0.0/readme-generator-for-helm-linux-amd64.tar.gz | tar -xzvf- -C /usr/local/bin/ readme-generator-for-helm
curl -sSL https://github.com/cozystack/cozyvalues-gen/releases/download/v0.7.0/cozyvalues-gen-linux-amd64.tar.gz | tar -xzvf- -C /usr/local/bin/ cozyvalues-gen
- name: Run pre-commit hooks
run: |

23
.github/workflows/tags.yaml vendored
View File

@@ -149,36 +149,35 @@ jobs:
version: ${{ steps.tag.outputs.tag }} # A
compare-to: ${{ steps.latest_release.outputs.tag }} # B
# Create or reuse DRAFT GitHub Release
# Create or reuse draft release
- name: Create / reuse draft release
if: steps.check_release.outputs.skip == 'false'
id: release
uses: actions/github-script@v7
with:
script: |
const tag = '${{ steps.tag.outputs.tag }}';
const isRc = ${{ steps.tag.outputs.is_rc }};
const outdated = '${{ steps.semver.outputs.comparison-result }}' === '<';
const makeLatest = outdated ? false : 'legacy';
const releases = await github.rest.repos.listReleases({
const tag = '${{ steps.tag.outputs.tag }}';
const isRc = ${{ steps.tag.outputs.is_rc }};
const releases = await github.rest.repos.listReleases({
owner: context.repo.owner,
repo: context.repo.repo
});
let rel = releases.data.find(r => r.tag_name === tag);
let rel = releases.data.find(r => r.tag_name === tag);
if (!rel) {
rel = await github.rest.repos.createRelease({
owner: context.repo.owner,
repo: context.repo.repo,
tag_name: tag,
name: tag,
draft: true,
prerelease: isRc,
make_latest: makeLatest
tag_name: tag,
name: tag,
draft: true,
prerelease: isRc // no make_latest for drafts
});
console.log(`Draft release created for ${tag}`);
} else {
console.log(`Re-using existing release ${tag}`);
}
core.setOutput('upload_url', rel.upload_url);
# Build + upload assets (optional)

3359
dashboards/seaweedfs/seaweedfs.json Normal file
View File

File diff suppressed because it is too large Load Diff

1
hack/download-dashboards.sh
View File

@@ -81,6 +81,7 @@ modules/340-monitoring-kubernetes/monitoring/grafana-dashboards//main/capacity-p
modules/340-monitoring-kubernetes/monitoring/grafana-dashboards//flux/flux-control-plane.json
modules/340-monitoring-kubernetes/monitoring/grafana-dashboards//flux/flux-stats.json
modules/340-monitoring-kubernetes/monitoring/grafana-dashboards//kafka/strimzi-kafka.json
modules/340-monitoring-kubernetes/monitoring/grafana-dashboards//seaweedfs/seaweedfs.json
modules/340-monitoring-kubernetes/monitoring/grafana-dashboards//goldpinger/goldpinger.json
EOT

47
hack/e2e-apps/bucket.bats Normal file
View File

@@ -0,0 +1,47 @@
#!/usr/bin/env bats
@test "Create and Verify Seeweedfs Bucket" {
# Create the bucket resource
name='test'
kubectl apply -f - <<EOF
apiVersion: apps.cozystack.io/v1alpha1
kind: Bucket
metadata:
name: ${name}
namespace: tenant-test
spec: {}
EOF
# Wait for the bucket to be ready
kubectl -n tenant-test wait hr bucket-${name} --timeout=100s --for=condition=ready
kubectl -n tenant-test wait bucketclaims.objectstorage.k8s.io bucket-${name} --timeout=300s --for=jsonpath='{.status.bucketReady}'
kubectl -n tenant-test wait bucketaccesses.objectstorage.k8s.io bucket-${name} --timeout=300s --for=jsonpath='{.status.accessGranted}'
# Get and decode credentials
kubectl -n tenant-test get secret bucket-${name} -ojsonpath='{.data.BucketInfo}' | base64 -d > bucket-test-credentials.json
# Get credentials from the secret
ACCESS_KEY=$(jq -r '.spec.secretS3.accessKeyID' bucket-test-credentials.json)
SECRET_KEY=$(jq -r '.spec.secretS3.accessSecretKey' bucket-test-credentials.json)
BUCKET_NAME=$(jq -r '.spec.bucketName' bucket-test-credentials.json)
# Start port-forwarding
bash -c 'timeout 100s kubectl port-forward service/seaweedfs-s3 -n tenant-root 8333:8333 > /dev/null 2>&1 &'
# Wait for port-forward to be ready
timeout 30 sh -ec 'until nc -z localhost 8333; do sleep 1; done'
# Set up MinIO alias with error handling
mc alias set local https://localhost:8333 $ACCESS_KEY $SECRET_KEY --insecure
# Upload file to bucket
mc cp bucket-test-credentials.json $BUCKET_NAME/bucket-test-credentials.json
# Verify file was uploaded
mc ls $BUCKET_NAME/bucket-test-credentials.json
# Clean up uploaded file
mc rm $BUCKET_NAME/bucket-test-credentials.json
kubectl -n tenant-test delete bucket.apps.cozystack.io ${name}
}

4
hack/e2e-apps/virtualmachine.bats
View File

@@ -20,9 +20,7 @@ spec:
storage: 5Gi
storageClass: replicated
gpus: []
resources:
cpu: ""
memory: ""
resources: {}
sshKeys:
- ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPht0dPk5qQ+54g1hSX7A6AUxXJW5T6n/3d7Ga2F8gTF
test@test

6
hack/e2e-install-cozystack.bats
View File

@@ -123,10 +123,10 @@ EOF
@test "Configure Tenant and wait for applications" {
# Patch root tenant and wait for its releases
kubectl patch tenants/root -n tenant-root --type merge -p '{"spec":{"host":"example.org","ingress":true,"monitoring":true,"etcd":true,"isolated":true}}'
kubectl patch tenants/root -n tenant-root --type merge -p '{"spec":{"host":"example.org","ingress":true,"monitoring":true,"etcd":true,"isolated":true, "seaweedfs": true}}'
timeout 60 sh -ec 'until kubectl get hr -n tenant-root etcd ingress monitoring tenant-root >/dev/null 2>&1; do sleep 1; done'
kubectl wait hr/etcd hr/ingress hr/tenant-root -n tenant-root --timeout=2m --for=condition=ready
timeout 60 sh -ec 'until kubectl get hr -n tenant-root etcd ingress monitoring seaweedfs tenant-root >/dev/null 2>&1; do sleep 1; done'
kubectl wait hr/etcd hr/ingress hr/tenant-root hr/seaweedfs -n tenant-root --timeout=4m --for=condition=ready
if ! kubectl wait hr/monitoring -n tenant-root --timeout=2m --for=condition=ready; then
flux reconcile hr monitoring -n tenant-root --force

1
packages/apps/clickhouse/README.md
View File

@@ -62,6 +62,7 @@ For more details, read [Restic: Effective Backup from Stdin](https://blog.aenix.
| `clickhouseKeeper.resourcesPreset` | Default sizing preset used when `resources` is omitted. Allowed values: nano, micro, small, medium, large, xlarge, 2xlarge. | `micro` |
| `clickhouseKeeper.replicas` | Number of keeper replicas | `3` |
## Parameter examples and reference
### resources and resourcesPreset

2
packages/apps/http-cache/images/nginx-cache.tag
View File

@@ -1 +1 @@
ghcr.io/cozystack/cozystack/nginx-cache:0.6.1@sha256:50ac1581e3100bd6c477a71161cb455a341ffaf9e5e2f6086802e4e25271e8af
ghcr.io/cozystack/cozystack/nginx-cache:0.6.1@sha256:b7633717cd7449c0042ae92d8ca9b36e4d69566561f5c7d44e21058e7d05c6d5

2
packages/apps/kubernetes/Chart.yaml
View File

@@ -16,7 +16,7 @@ type: application
# This is the chart version. This version number should be incremented each time you make changes
# to the chart and its templates, including the app version.
# Versions are expected to follow Semantic Versioning (https://semver.org/)
version: 0.26.2
version: 0.26.3
# This is the version number of the application being deployed. This version number should be
# incremented each time you make changes to the application. Versions are not expected to

2
packages/apps/kubernetes/images/cluster-autoscaler.tag
View File

@@ -1 +1 @@
ghcr.io/cozystack/cozystack/cluster-autoscaler:0.26.1@sha256:3a8170433e1632e5cc2b6d9db34d0605e8e6c63c158282c38450415e700e932e
ghcr.io/cozystack/cozystack/cluster-autoscaler:0.26.2@sha256:3a8170433e1632e5cc2b6d9db34d0605e8e6c63c158282c38450415e700e932e

2
packages/apps/kubernetes/images/kubevirt-cloud-provider.tag
View File

@@ -1 +1 @@
ghcr.io/cozystack/cozystack/kubevirt-cloud-provider:0.26.1@sha256:5335c044313b69ee13b30ca4941687e509005e55f4ae25723861edbf2fbd6dd2
ghcr.io/cozystack/cozystack/kubevirt-cloud-provider:0.26.2@sha256:5335c044313b69ee13b30ca4941687e509005e55f4ae25723861edbf2fbd6dd2

2
packages/apps/kubernetes/images/kubevirt-csi-driver.tag
View File

@@ -1 +1 @@
ghcr.io/cozystack/cozystack/kubevirt-csi-driver:0.26.1@sha256:445c2727b04ac68595b43c988ff17b3d69a7b22b0644fde3b10c65b47a7bc036
ghcr.io/cozystack/cozystack/kubevirt-csi-driver:0.26.2@sha256:761e7235ff9cb7f6f223f00954943e6a5af32ed6624ee592a8610122f96febb0

1
packages/apps/kubernetes/templates/helmreleases/vertical-pod-autoscaler.yaml
View File

@@ -3,6 +3,7 @@
{{- $clusterDomain := (index $cozyConfig.data "cluster-domain") | default "cozy.local" }}
{{- $myNS := lookup "v1" "Namespace" "" .Release.Namespace }}
{{- $targetTenant := index $myNS.metadata.annotations "namespace.cozystack.io/monitoring" }}
vpaForVPA: false
vertical-pod-autoscaler:
recommender:
extraArgs:

4
packages/apps/postgres/Makefile
View File

@@ -1,6 +1,4 @@
include ../../../scripts/package.mk
PRESET_ENUM := ["nano","micro","small","medium","large","xlarge","2xlarge"]
generate:
readme-generator-for-helm -v values.yaml -s values.schema.json -r README.md
yq -i -o json --indent 4 '.properties.resourcesPreset.enum = $(PRESET_ENUM)' values.schema.json
cozyvalues-gen -v values.yaml -s values.schema.json -r README.md

75
packages/apps/postgres/README.md
View File

@@ -66,44 +66,61 @@ See:
### Common parameters
| Name | Description | Value |
| ----------------- | --------------------------------------------------------------------------------------------------------------------------------------- | ------- |
| `replicas` | Number of Postgres replicas | `2` |
| `resources` | Explicit CPU and memory configuration for each PostgreSQL replica. When left empty, the preset defined in `resourcesPreset` is applied. | `{}` |
| `resourcesPreset` | Default sizing preset used when `resources` is omitted. Allowed values: nano, micro, small, medium, large, xlarge, 2xlarge. | `micro` |
| `size` | Persistent Volume size | `10Gi` |
| `storageClass` | StorageClass used to store the data | `""` |
| `external` | Enable external access from outside the cluster | `false` |
| Name | Description | Type | Value |
| ------------------ | ----------------------------------------------------------------------------------------------------------------------------------------- | --------- | ------- |
| `replicas` | Number of Postgres replicas | `int` | `2` |
| `resources` | Explicit CPU and memory configuration for each PostgreSQL replica. When left empty, the preset defined in `resourcesPreset` is applied. | `*object` | `{}` |
| `resources.cpu` | CPU | `*string` | `null` |
| `resources.memory` | Memory | `*string` | `null` |
| `resourcesPreset` | Default sizing preset used when `resources` is omitted. Allowed values: `nano`, `micro`, `small`, `medium`, `large`, `xlarge`, `2xlarge`. | `string` | `{}` |
| `size` | Persistent Volume Claim size, available for application data | `string` | `10Gi` |
| `storageClass` | StorageClass used to store the data | `string` | `""` |
| `external` | Enable external access from outside the cluster | `bool` | `false` |
### Application-specific parameters
| Name | Description | Value |
| --------------------------------------- | ------------------------------------------------------------------------------------------------------------------------ | ----- |
| `postgresql.parameters.max_connections` | Determines the maximum number of concurrent connections to the database server. The default is typically 100 connections | `100` |
| `quorum.minSyncReplicas` | Minimum number of synchronous replicas that must acknowledge a transaction before it is considered committed. | `0` |
| `quorum.maxSyncReplicas` | Maximum number of synchronous replicas that can acknowledge a transaction (must be lower than the number of instances). | `0` |
| `users` | Users configuration | `{}` |
| `databases` | Databases configuration | `{}` |
| Name | Description | Type | Value |
| --------------------------------------- | ------------------------------------------------------------------------------------------------------------------------ | ------------------- | ------- |
| `postgresql` | PostgreSQL server configuration | `object` | `{}` |
| `postgresql.parameters` | PostgreSQL server parameters | `object` | `{}` |
| `postgresql.parameters.max_connections` | Determines the maximum number of concurrent connections to the database server. The default is typically 100 connections | `int` | `100` |
| `quorum` | Quorum configuration for synchronous replication | `object` | `{}` |
| `quorum.minSyncReplicas` | Minimum number of synchronous replicas that must acknowledge a transaction before it is considered committed. | `int` | `0` |
| `quorum.maxSyncReplicas` | Maximum number of synchronous replicas that can acknowledge a transaction (must be lower than the number of instances). | `int` | `0` |
| `users` | Users configuration | `map[string]object` | `{...}` |
| `users[name].password` | Password for the user | `*string` | `null` |
| `users[name].replication` | Whether the user has replication privileges | `*bool` | `null` |
| `databases` | Databases configuration | `map[string]object` | `{...}` |
| `databases[name].roles` | Roles for the database | `*object` | `null` |
| `databases[name].roles.admin` | List of users with admin privileges | `[]string` | `[]` |
| `databases[name].roles.readonly` | List of users with read-only privileges | `[]string` | `[]` |
| `databases[name].extensions` | Extensions enabled for the database | `[]string` | `[]` |
### Backup parameters
| Name | Description | Value |
| ------------------------ | ---------------------------------------------------------- | ----------------------------------- |
| `backup.enabled` | Enable regular backups | `false` |
| `backup.schedule` | Cron schedule for automated backups | `0 2 * * * *` |
| `backup.retentionPolicy` | Retention policy | `30d` |
| `backup.destinationPath` | Path to store the backup (i.e. s3://bucket/path/to/folder) | `s3://bucket/path/to/folder/` |
| `backup.endpointURL` | S3 Endpoint used to upload data to the cloud | `http://minio-gateway-service:9000` |
| `backup.s3AccessKey` | Access key for S3, used for authentication | `oobaiRus9pah8PhohL1ThaeTa4UVa7gu` |
| `backup.s3SecretKey` | Secret key for S3, used for authentication | `ju3eum4dekeich9ahM1te8waeGai0oog` |
| Name | Description | Type | Value |
| ------------------------ | ---------------------------------------------------------- | -------- | ----------------------------------- |
| `backup` | Backup configuration | `object` | `{}` |
| `backup.enabled` | Enable regular backups | `bool` | `false` |
| `backup.schedule` | Cron schedule for automated backups | `string` | `0 2 * * * *` |
| `backup.retentionPolicy` | Retention policy | `string` | `30d` |
| `backup.destinationPath` | Path to store the backup (i.e. s3://bucket/path/to/folder) | `string` | `s3://bucket/path/to/folder/` |
| `backup.endpointURL` | S3 Endpoint used to upload data to the cloud | `string` | `http://minio-gateway-service:9000` |
| `backup.s3AccessKey` | Access key for S3, used for authentication | `string` | `<access key>` |
| `backup.s3SecretKey` | Secret key for S3, used for authentication | `string` | `<secret key>` |
### Bootstrap (recovery) parameters
| Name | Description | Value |
| ------------------------ | -------------------------------------------------------------------------------------------------------------------- | ------- |
| `bootstrap.enabled` | Restore database cluster from a backup | `false` |
| `bootstrap.recoveryTime` | Timestamp (PITR) up to which recovery will proceed, expressed in RFC 3339 format. If left empty, will restore latest | `""` |
| `bootstrap.oldName` | Name of database cluster before deleting | `""` |
| Name | Description | Type | Value |
| ------------------------ | -------------------------------------------------------------------------------------------------------------------- | --------- | ------- |
| `bootstrap` | Bootstrap configuration | `object` | `{}` |
| `bootstrap.enabled` | Restore database cluster from a backup | `bool` | `false` |
| `bootstrap.recoveryTime` | Timestamp (PITR) up to which recovery will proceed, expressed in RFC 3339 format. If left empty, will restore latest | `*string` | `""` |
| `bootstrap.oldName` | Name of database cluster before deleting | `string` | `""` |
## Parameter examples and reference

379
packages/apps/postgres/values.schema.json
View File

@@ -1,140 +1,257 @@
{
"properties": {
"backup": {
"properties": {
"destinationPath": {
"default": "s3://bucket/path/to/folder/",
"description": "Path to store the backup (i.e. s3://bucket/path/to/folder)",
"type": "string"
},
"enabled": {
"default": false,
"description": "Enable regular backups",
"type": "boolean"
},
"endpointURL": {
"default": "http://minio-gateway-service:9000",
"description": "S3 Endpoint used to upload data to the cloud",
"type": "string"
},
"retentionPolicy": {
"default": "30d",
"description": "Retention policy",
"type": "string"
},
"s3AccessKey": {
"default": "oobaiRus9pah8PhohL1ThaeTa4UVa7gu",
"description": "Access key for S3, used for authentication",
"type": "string"
},
"s3SecretKey": {
"default": "ju3eum4dekeich9ahM1te8waeGai0oog",
"description": "Secret key for S3, used for authentication",
"type": "string"
},
"schedule": {
"default": "0 2 * * * *",
"description": "Cron schedule for automated backups",
"type": "string"
}
},
"type": "object"
"title": "Chart Values",
"type": "object",
"properties": {
"backup": {
"description": "Backup configuration",
"type": "object",
"default": {
"destinationPath": "s3://bucket/path/to/folder/",
"enabled": false,
"endpointURL": "http://minio-gateway-service:9000",
"retentionPolicy": "30d",
"s3AccessKey": "\u003caccess key\u003e",
"s3SecretKey": "\u003csecret key\u003e",
"schedule": "0 2 * * * *"
},
"required": [
"destinationPath",
"enabled",
"endpointURL",
"retentionPolicy",
"s3AccessKey",
"s3SecretKey",
"schedule"
],
"properties": {
"destinationPath": {
"description": "Path to store the backup (i.e. s3://bucket/path/to/folder)",
"type": "string",
"default": "s3://bucket/path/to/folder/"
},
"bootstrap": {
"properties": {
"enabled": {
"default": false,
"description": "Restore database cluster from a backup",
"type": "boolean"
},
"oldName": {
"default": "",
"description": "Name of database cluster before deleting",
"type": "string"
},
"recoveryTime": {
"default": "",
"description": "Timestamp (PITR) up to which recovery will proceed, expressed in RFC 3339 format. If left empty, will restore latest",
"type": "string"
}
},
"type": "object"
"enabled": {
"description": "Enable regular backups",
"type": "boolean",
"default": false
},
"databases": {
"default": {},
"description": "Databases configuration",
"type": "object"
"endpointURL": {
"description": "S3 Endpoint used to upload data to the cloud",
"type": "string",
"default": "http://minio-gateway-service:9000"
},
"external": {
"default": false,
"description": "Enable external access from outside the cluster",
"type": "boolean"
"retentionPolicy": {
"description": "Retention policy",
"type": "string",
"default": "30d"
},
"postgresql": {
"properties": {
"parameters": {
"properties": {
"max_connections": {
"default": 100,
"description": "Determines the maximum number of concurrent connections to the database server. The default is typically 100 connections",
"type": "number"
}
},
"type": "object"
}
},
"type": "object"
"s3AccessKey": {
"description": "Access key for S3, used for authentication",
"type": "string",
"default": "\u003caccess key\u003e"
},
"quorum": {
"properties": {
"maxSyncReplicas": {
"default": 0,
"description": "Maximum number of synchronous replicas that can acknowledge a transaction (must be lower than the number of instances).",
"type": "number"
},
"minSyncReplicas": {
"default": 0,
"description": "Minimum number of synchronous replicas that must acknowledge a transaction before it is considered committed.",
"type": "number"
}
},
"type": "object"
"s3SecretKey": {
"description": "Secret key for S3, used for authentication",
"type": "string",
"default": "\u003csecret key\u003e"
},
"replicas": {
"default": 2,
"description": "Number of Postgres replicas",
"type": "number"
},
"resources": {
"default": {},
"description": "Explicit CPU and memory configuration for each PostgreSQL replica. When left empty, the preset defined in `resourcesPreset` is applied.",
"type": "object"
},
"resourcesPreset": {
"default": "micro",
"description": "Default sizing preset used when `resources` is omitted. Allowed values: nano, micro, small, medium, large, xlarge, 2xlarge.",
"type": "string",
"enum": [
"nano",
"micro",
"small",
"medium",
"large",
"xlarge",
"2xlarge"
]
},
"size": {
"default": "10Gi",
"description": "Persistent Volume size",
"type": "string"
},
"storageClass": {
"default": "",
"description": "StorageClass used to store the data",
"type": "string"
"schedule": {
"description": "Cron schedule for automated backups",
"type": "string",
"default": "0 2 * * * *"
}
}
},
"title": "Chart Values",
"type": "object"
}
"bootstrap": {
"description": "Bootstrap configuration",
"type": "object",
"default": {
"enabled": false,
"oldName": "",
"recoveryTime": ""
},
"required": [
"enabled",
"oldName"
],
"properties": {
"enabled": {
"description": "Restore database cluster from a backup",
"type": "boolean",
"default": false
},
"oldName": {
"description": "Name of database cluster before deleting",
"type": "string"
},
"recoveryTime": {
"description": "Timestamp (PITR) up to which recovery will proceed, expressed in RFC 3339 format. If left empty, will restore latest",
"type": "string"
}
}
},
"databases": {
"description": "Databases configuration",
"type": "object",
"default": {},
"additionalProperties": {
"type": "object",
"properties": {
"extensions": {
"description": "Extensions enabled for the database",
"type": "array",
"items": {
"type": "string"
}
},
"roles": {
"description": "Roles for the database",
"type": "object",
"properties": {
"admin": {
"description": "List of users with admin privileges",
"type": "array",
"items": {
"type": "string"
}
},
"readonly": {
"description": "List of users with read-only privileges",
"type": "array",
"items": {
"type": "string"
}
}
}
}
}
}
},
"external": {
"description": "Enable external access from outside the cluster",
"type": "boolean",
"default": false
},
"postgresql": {
"description": "PostgreSQL server configuration",
"type": "object",
"default": {
"parameters": {
"max_connections": 100
}
},
"required": [
"parameters"
],
"properties": {
"parameters": {
"description": "PostgreSQL server parameters",
"type": "object",
"default": {
"max_connections": 100
},
"required": [
"max_connections"
],
"properties": {
"max_connections": {
"description": "Determines the maximum number of concurrent connections to the database server. The default is typically 100 connections",
"type": "integer",
"default": 100
}
}
}
}
},
"quorum": {
"description": "Quorum configuration for synchronous replication",
"type": "object",
"default": {
"maxSyncReplicas": 0,
"minSyncReplicas": 0
},
"required": [
"maxSyncReplicas",
"minSyncReplicas"
],
"properties": {
"maxSyncReplicas": {
"description": "Maximum number of synchronous replicas that can acknowledge a transaction (must be lower than the number of instances).",
"type": "integer",
"default": 0
},
"minSyncReplicas": {
"description": "Minimum number of synchronous replicas that must acknowledge a transaction before it is considered committed.",
"type": "integer",
"default": 0
}
}
},
"replicas": {
"description": "Number of Postgres replicas",
"type": "integer",
"default": 2
},
"resources": {
"description": "Explicit CPU and memory configuration for each PostgreSQL replica. When left empty, the preset defined in `resourcesPreset` is applied.",
"type": "object",
"default": {},
"properties": {
"cpu": {
"description": "CPU",
"type": "string",
"pattern": "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$",
"x-kubernetes-int-or-string": true
},
"memory": {
"description": "Memory",
"type": "string",
"pattern": "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$",
"x-kubernetes-int-or-string": true
}
}
},
"resourcesPreset": {
"description": "Default sizing preset used when `resources` is omitted. Allowed values: `nano`, `micro`, `small`, `medium`, `large`, `xlarge`, `2xlarge`.",
"type": "string",
"default": "micro",
"enum": [
"nano",
"micro",
"small",
"medium",
"large",
"xlarge",
"2xlarge"
]
},
"size": {
"description": "Persistent Volume Claim size, available for application data",
"type": "string",
"default": "10Gi",
"pattern": "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$",
"x-kubernetes-int-or-string": true
},
"storageClass": {
"description": "StorageClass used to store the data",
"type": "string"
},
"users": {
"description": "Users configuration",
"type": "object",
"default": {},
"additionalProperties": {
"type": "object",
"properties": {
"password": {
"description": "Password for the user",
"type": "string"
},
"replication": {
"description": "Whether the user has replication privileges",
"type": "boolean"
}
}
}
}
}
}

67
packages/apps/postgres/values.yaml
View File

@@ -1,36 +1,44 @@
## @section Common parameters
##
## @param replicas Number of Postgres replicas
## @param replicas {int} Number of Postgres replicas
replicas: 2
## @param resources Explicit CPU and memory configuration for each PostgreSQL replica. When left empty, the preset defined in `resourcesPreset` is applied.
## @param resources {*resources} Explicit CPU and memory configuration for each PostgreSQL replica. When left empty, the preset defined in `resourcesPreset` is applied.
## @field resources.cpu {*quantity} CPU
## @field resources.memory {*quantity} Memory
resources: {}
# resources:
# cpu: 4000m
# memory: 4Gi
## @param resourcesPreset Default sizing preset used when `resources` is omitted. Allowed values: nano, micro, small, medium, large, xlarge, 2xlarge.
## @param resourcesPreset {string enum:"nano,micro,small,medium,large,xlarge,2xlarge"} Default sizing preset used when `resources` is omitted. Allowed values: `nano`, `micro`, `small`, `medium`, `large`, `xlarge`, `2xlarge`.
resourcesPreset: "micro"
## @param size Persistent Volume size
## @param size {quantity} Persistent Volume Claim size, available for application data
size: 10Gi
## @param storageClass StorageClass used to store the data
## @param storageClass {string} StorageClass used to store the data
storageClass: ""
## @param external Enable external access from outside the cluster
## @param external {bool} Enable external access from outside the cluster
external: false
## @section Application-specific parameters
## @param postgresql {postgresql} PostgreSQL server configuration
## @field postgresql.parameters {postgresqlParameters} PostgreSQL server parameters
## @field postgresqlParameters.max_connections {int} Determines the maximum number of concurrent connections to the database server. The default is typically 100 connections
##
## @param postgresql.parameters.max_connections Determines the maximum number of concurrent connections to the database server. The default is typically 100 connections
postgresql:
parameters:
max_connections: 100
## @param quorum.minSyncReplicas Minimum number of synchronous replicas that must acknowledge a transaction before it is considered committed.
## @param quorum.maxSyncReplicas Maximum number of synchronous replicas that can acknowledge a transaction (must be lower than the number of instances).
## Configuration for the quorum-based synchronous replication
## @param quorum {quorum} Quorum configuration for synchronous replication
## @field quorum.minSyncReplicas {int} Minimum number of synchronous replicas that must acknowledge a transaction before it is considered committed.
## @field quorum.maxSyncReplicas {int} Maximum number of synchronous replicas that can acknowledge a transaction (must be lower than the number of instances).
quorum:
minSyncReplicas: 0
maxSyncReplicas: 0
## @param users [object] Users configuration
## @param users {map[string]user} Users configuration
## @field user.password {*string} Password for the user
## @field user.replication {*bool} Whether the user has replication privileges
##
## Example:
## users:
## user1:
@@ -44,7 +52,12 @@ quorum:
##
users: {}
## @param databases Databases configuration
## @param databases {map[string]database} Databases configuration
## @field database.roles {*databaseRoles} Roles for the database
## @field databaseRoles.admin {[]string} List of users with admin privileges
## @field databaseRoles.readonly {[]string} List of users with read-only privileges
## @field database.extensions {[]string} Extensions enabled for the database
##
## Example:
## databases:
## myapp:
@@ -64,27 +77,29 @@ databases: {}
## @section Backup parameters
## @param backup.enabled Enable regular backups
## @param backup.schedule Cron schedule for automated backups
## @param backup.retentionPolicy Retention policy
## @param backup.destinationPath Path to store the backup (i.e. s3://bucket/path/to/folder)
## @param backup.endpointURL S3 Endpoint used to upload data to the cloud
## @param backup.s3AccessKey Access key for S3, used for authentication
## @param backup.s3SecretKey Secret key for S3, used for authentication
## @param backup {backup} Backup configuration
## @field backup.enabled {bool} Enable regular backups
## @field backup.schedule {string} Cron schedule for automated backups
## @field backup.retentionPolicy {string} Retention policy
## @field backup.destinationPath {string} Path to store the backup (i.e. s3://bucket/path/to/folder)
## @field backup.endpointURL {string} S3 Endpoint used to upload data to the cloud
## @field backup.s3AccessKey {string} Access key for S3, used for authentication
## @field backup.s3SecretKey {string} Secret key for S3, used for authentication
backup:
enabled: false
retentionPolicy: 30d
destinationPath: s3://bucket/path/to/folder/
endpointURL: http://minio-gateway-service:9000
destinationPath: "s3://bucket/path/to/folder/"
endpointURL: "http://minio-gateway-service:9000"
schedule: "0 2 * * * *"
s3AccessKey: oobaiRus9pah8PhohL1ThaeTa4UVa7gu
s3SecretKey: ju3eum4dekeich9ahM1te8waeGai0oog
s3AccessKey: "<access key>"
s3SecretKey: "<secret key>"
## @section Bootstrap (recovery) parameters
## @param bootstrap.enabled Restore database cluster from a backup
## @param bootstrap.recoveryTime Timestamp (PITR) up to which recovery will proceed, expressed in RFC 3339 format. If left empty, will restore latest
## @param bootstrap.oldName Name of database cluster before deleting
## @param bootstrap {bootstrap} Bootstrap configuration
## @field bootstrap.enabled {bool} Restore database cluster from a backup
## @field bootstrap.recoveryTime {*string} Timestamp (PITR) up to which recovery will proceed, expressed in RFC 3339 format. If left empty, will restore latest
## @field bootstrap.oldName {string} Name of database cluster before deleting
##
bootstrap:
enabled: false

2
packages/apps/tenant/Makefile
View File

@@ -1,4 +1,4 @@
include ../../../scripts/package.mk
generate:
readme-generator-for-helm -v values.yaml -s values.schema.json -r README.md
cozyvalues-gen -v values.yaml -s values.schema.json -r README.md

19
packages/apps/tenant/README.md
View File

@@ -69,12 +69,13 @@ tenant-u1
### Common parameters
| Name | Description | Value |
| ---------------- | --------------------------------------------------------------------------------------------------------------------------- | ------- |
| `host` | The hostname used to access tenant services (defaults to using the tenant name as a subdomain for it's parent tenant host). | `""` |
| `etcd` | Deploy own Etcd cluster | `false` |
| `monitoring` | Deploy own Monitoring Stack | `false` |
| `ingress` | Deploy own Ingress Controller | `false` |
| `seaweedfs` | Deploy own SeaweedFS | `false` |
| `isolated` | Enforce tenant namespace with network policies | `true` |
| `resourceQuotas` | Define resource quotas for the tenant | `{}` |
| Name | Description | Type | Value |
| ---------------- | --------------------------------------------------------------------------------------------------------------------------- | --------- | ------- |
| `host` | The hostname used to access tenant services (defaults to using the tenant name as a subdomain for it's parent tenant host). | `*string` | `""` |
| `etcd` | Deploy own Etcd cluster | `bool` | `false` |
| `monitoring` | Deploy own Monitoring Stack | `bool` | `false` |
| `ingress` | Deploy own Ingress Controller | `bool` | `false` |
| `seaweedfs` | Deploy own SeaweedFS | `bool` | `false` |
| `isolated` | Enforce tenant namespace with network policies, `true` by default | `bool` | `true` |
| `resourceQuotas` | Define resource quotas for the tenant | `string` | `{}` |

8
packages/apps/tenant/templates/monitoring.yaml
View File

@@ -17,6 +17,12 @@ spec:
kind: HelmRepository
name: cozystack-extra
namespace: cozy-public
install:
remediation:
retries: 10
upgrade:
remediation:
retries: 10
interval: 1m0s
timeout: 5m0s
timeout: 10m0s
{{- end }}

80
packages/apps/tenant/values.schema.json
View File

@@ -1,41 +1,45 @@
{
"properties": {
"etcd": {
"default": false,
"description": "Deploy own Etcd cluster",
"type": "boolean"
},
"host": {
"default": "",
"description": "The hostname used to access tenant services (defaults to using the tenant name as a subdomain for it's parent tenant host).",
"type": "string"
},
"ingress": {
"default": false,
"description": "Deploy own Ingress Controller",
"type": "boolean"
},
"isolated": {
"default": true,
"description": "Enforce tenant namespace with network policies",
"type": "boolean"
},
"monitoring": {
"default": false,
"description": "Deploy own Monitoring Stack",
"type": "boolean"
},
"resourceQuotas": {
"default": {},
"description": "Define resource quotas for the tenant",
"type": "object"
},
"seaweedfs": {
"default": false,
"description": "Deploy own SeaweedFS",
"type": "boolean"
}
"title": "Chart Values",
"type": "object",
"properties": {
"etcd": {
"description": "Deploy own Etcd cluster",
"type": "boolean",
"default": false
},
"title": "Chart Values",
"type": "object"
"host": {
"description": "The hostname used to access tenant services (defaults to using the tenant name as a subdomain for it's parent tenant host).",
"type": "string"
},
"ingress": {
"description": "Deploy own Ingress Controller",
"type": "boolean",
"default": false
},
"isolated": {
"description": "Enforce tenant namespace with network policies, `true` by default",
"type": "boolean",
"default": true
},
"monitoring": {
"description": "Deploy own Monitoring Stack",
"type": "boolean",
"default": false
},
"resourceQuotas": {
"description": "Define resource quotas for the tenant",
"type": "object",
"default": {},
"additionalProperties": {
"type": "string",
"pattern": "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$",
"x-kubernetes-int-or-string": true
}
},
"seaweedfs": {
"description": "Deploy own SeaweedFS",
"type": "boolean",
"default": false
}
}
}

14
packages/apps/tenant/values.yaml
View File

@@ -1,18 +1,18 @@
## @section Common parameters
## @param host The hostname used to access tenant services (defaults to using the tenant name as a subdomain for it's parent tenant host).
## @param etcd Deploy own Etcd cluster
## @param monitoring Deploy own Monitoring Stack
## @param ingress Deploy own Ingress Controller
## @param seaweedfs Deploy own SeaweedFS
## @param isolated Enforce tenant namespace with network policies
## @param resourceQuotas Define resource quotas for the tenant
## @param host {*string} The hostname used to access tenant services (defaults to using the tenant name as a subdomain for it's parent tenant host).
## @param etcd {bool} Deploy own Etcd cluster
## @param monitoring {bool} Deploy own Monitoring Stack
## @param ingress {bool} Deploy own Ingress Controller
## @param seaweedfs {bool} Deploy own SeaweedFS
## @param isolated {bool} Enforce tenant namespace with network policies, `true` by default
host: ""
etcd: false
monitoring: false
ingress: false
seaweedfs: false
isolated: true
## @param resourceQuotas {map[string]quantity} Define resource quotas for the tenant
resourceQuotas: {}
# resourceQuotas:
# cpu: "1"

9
packages/apps/versions_map
View File

@@ -64,7 +64,8 @@ kubernetes 0.25.1 acd4663a
kubernetes 0.25.2 08cb7c0f
kubernetes 0.26.0 9584e5f5
kubernetes 0.26.1 0e47e1e8
kubernetes 0.26.2 HEAD
kubernetes 0.26.2 8ddbe32e
kubernetes 0.26.3 HEAD
mysql 0.1.0 263e47be
mysql 0.2.0 c24a103f
mysql 0.3.0 53f2365e
@@ -175,7 +176,8 @@ virtual-machine 0.10.2 632224a3
virtual-machine 0.11.0 4369b031
virtual-machine 0.12.0 acd4663a
virtual-machine 0.12.1 909208ba
virtual-machine 0.12.2 HEAD
virtual-machine 0.12.2 8ddbe32e
virtual-machine 0.12.3 HEAD
vm-disk 0.1.0 d971f2ff
vm-disk 0.1.1 6130f43d
vm-disk 0.1.2 632224a3
@@ -194,7 +196,8 @@ vm-instance 0.7.2 632224a3
vm-instance 0.8.0 4369b031
vm-instance 0.9.0 acd4663a
vm-instance 0.10.0 909208ba
vm-instance 0.10.1 HEAD
vm-instance 0.10.1 8ddbe32e
vm-instance 0.10.2 HEAD
vpn 0.1.0 263e47be
vpn 0.2.0 53f2365e
vpn 0.3.0 6c5cf5bf

2
packages/apps/virtual-machine/Chart.yaml
View File

@@ -17,7 +17,7 @@ type: application
# This is the chart version. This version number should be incremented each time you make changes
# to the chart and its templates, including the app version.
# Versions are expected to follow Semantic Versioning (https://semver.org/)
version: 0.12.2
version: 0.12.3
# This is the version number of the application being deployed. This version number should be
# incremented each time you make changes to the application. Versions are not expected to

9
packages/apps/virtual-machine/Makefile
View File

@@ -1,12 +1,9 @@
include ../../../scripts/package.mk
generate:
readme-generator-for-helm -v values.yaml -s values.schema.json -r README.md
cozyvalues-gen -v values.yaml -s values.schema.json -r README.md
yq -o json -i '.properties.gpus.items.type = "object" | .properties.gpus.default = []' values.schema.json
INSTANCE_TYPES=$$(yq e '.metadata.name' -o=json -r ../../system/kubevirt-instancetypes/templates/instancetypes.yaml | yq 'split(" ") | . + [""]' -o json) \
&& yq -i -o json ".properties.instanceType.enum = $${INSTANCE_TYPES}" values.schema.json
# INSTANCE_TYPES=$$(yq e '.metadata.name' -o=json -r ../../system/kubevirt-instancetypes/templates/instancetypes.yaml | yq 'split(" ") | . + [""]' -o json) \
# && yq -i -o json ".properties.instanceType.enum = $${INSTANCE_TYPES}" values.schema.json
PREFERENCES=$$(yq e '.metadata.name' -o=json -r ../../system/kubevirt-instancetypes/templates/preferences.yaml | yq 'split(" ") | . + [""]' -o json) \
&& yq -i -o json ".properties.instanceProfile.enum = $${PREFERENCES}" values.schema.json
yq -i -o json '.properties.externalPorts.items.type = "integer"' values.schema.json
yq -i -o json '.properties.systemDisk.properties.image.enum = ["ubuntu", "cirros", "alpine", "fedora", "talos"]' values.schema.json
yq -i -o json '.properties.externalMethod.enum = ["PortList", "WholeIP"]' values.schema.json

40
packages/apps/virtual-machine/README.md
View File

@@ -36,24 +36,28 @@ virtctl ssh <user>@<vm>
### Common parameters
| Name | Description | Value |
| ------------------------- | ---------------------------------------------------------------------------------------------------------- | ------------ |
| `external` | Enable external access from outside the cluster | `false` |
| `externalMethod` | specify method to passthrough the traffic to the virtual machine. Allowed values: `WholeIP` and `PortList` | `PortList` |
| `externalPorts` | Specify ports to forward from outside the cluster | `[]` |
| `running` | Determines if the virtual machine should be running | `true` |
| `instanceType` | Virtual Machine instance type | `u1.medium` |
| `instanceProfile` | Virtual Machine preferences profile | `ubuntu` |
| `systemDisk.image` | The base image for the virtual machine. Allowed values: `ubuntu`, `cirros`, `alpine`, `fedora` and `talos` | `ubuntu` |
| `systemDisk.storage` | The size of the disk allocated for the virtual machine | `5Gi` |
| `systemDisk.storageClass` | StorageClass used to store the data | `replicated` |
| `gpus` | List of GPUs to attach | `[]` |
| `resources.cpu` | The number of CPU cores allocated to the virtual machine | `""` |
| `resources.memory` | The amount of memory allocated to the virtual machine | `""` |
| `resources.sockets` | The number of CPU sockets allocated to the virtual machine (used to define vCPU topology) | `""` |
| `sshKeys` | List of SSH public keys for authentication. Can be a single key or a list of keys. | `[]` |
| `cloudInit` | cloud-init user data config. See cloud-init documentation for more details. | `""` |
| `cloudInitSeed` | A seed string to generate an SMBIOS UUID for the VM. | `""` |
| Name | Description | Type | Value |
| ------------------------- | ----------------------------------------------------------------------------------------------------------- | ---------- | ------------ |
| `external` | Enable external access from outside the cluster | `bool` | `false` |
| `externalMethod` | Specify method to pass through the traffic to the virtual machine. Allowed values: `WholeIP` and `PortList` | `string` | `{}` |
| `externalPorts` | Specify ports to forward from outside the cluster | `[]int` | `[22]` |
| `running` | if the virtual machine should be running | `bool` | `true` |
| `instanceType` | Virtual Machine instance type | `string` | `u1.medium` |
| `instanceProfile` | Virtual Machine preferences profile | `string` | `ubuntu` |
| `systemDisk` | System disk configuration | `object` | `{}` |
| `systemDisk.image` | The base image for the virtual machine. Allowed values: `ubuntu`, `cirros`, `alpine`, `fedora` and `talos` | `string` | `ubuntu` |
| `systemDisk.storage` | The size of the disk allocated for the virtual machine | `string` | `5Gi` |
| `systemDisk.storageClass` | StorageClass used to store the data | `*string` | `replicated` |
| `gpus` | List of GPUs to attach | `[]object` | `[]` |
| `gpus[i].name` | The name of the GPU to attach. This should match the GPU resource name in the cluster. | `string` | `""` |
| `resources` | Resources | `object` | `{}` |
| `resources.cpu` | The number of CPU cores allocated to the virtual machine | `*string` | `null` |
| `resources.sockets` | The number of CPU sockets allocated to the virtual machine (used to define vCPU topology) | `*string` | `null` |
| `resources.memory` | The amount of memory allocated to the virtual machine | `*string` | `null` |
| `sshKeys` | List of SSH public keys for authentication. Can be a single key or a list of keys. | `[]string` | `[]` |
| `cloudInit` | cloud-init user data config. See cloud-init documentation for more details. | `string` | `""` |
| `cloudInitSeed` | A seed string to generate an SMBIOS UUID for the VM. | `string` | `""` |
## U Series

155
packages/apps/virtual-machine/values.schema.json
View File

@@ -1,49 +1,60 @@
{
"title": "Chart Values",
"type": "object",
"properties": {
"cloudInit": {
"default": "",
"description": "cloud-init user data config. See cloud-init documentation for more details.",
"type": "string"
},
"cloudInitSeed": {
"default": "",
"description": "A seed string to generate an SMBIOS UUID for the VM.",
"type": "string"
},
"external": {
"default": false,
"description": "Enable external access from outside the cluster",
"type": "boolean"
"type": "boolean",
"default": false
},
"externalMethod": {
"default": "PortList",
"description": "specify method to passthrough the traffic to the virtual machine. Allowed values: `WholeIP` and `PortList`",
"description": "Specify method to pass through the traffic to the virtual machine. Allowed values: `WholeIP` and `PortList`",
"type": "string",
"default": "PortList",
"enum": [
"PortList",
"WholeIP"
]
},
"externalPorts": {
"default": [],
"description": "Specify ports to forward from outside the cluster",
"type": "array",
"default": [
22
],
"items": {
"type": "integer"
},
"type": "array"
}
},
"gpus": {
"default": [],
"description": "List of GPUs to attach",
"type": "array",
"default": [],
"items": {
"type": "object"
},
"type": "array"
"type": "object",
"required": [
"name"
],
"properties": {
"name": {
"description": "The name of the GPU to attach. This should match the GPU resource name in the cluster.",
"type": "string"
}
}
}
},
"instanceProfile": {
"default": "ubuntu",
"description": "Virtual Machine preferences profile",
"type": "string",
"default": "ubuntu",
"enum": [
"alpine",
"centos.7",
@@ -91,98 +102,65 @@
]
},
"instanceType": {
"default": "u1.medium",
"description": "Virtual Machine instance type",
"type": "string",
"enum": [
"cx1.2xlarge",
"cx1.4xlarge",
"cx1.8xlarge",
"cx1.large",
"cx1.medium",
"cx1.xlarge",
"gn1.2xlarge",
"gn1.4xlarge",
"gn1.8xlarge",
"gn1.xlarge",
"m1.2xlarge",
"m1.4xlarge",
"m1.8xlarge",
"m1.large",
"m1.xlarge",
"n1.2xlarge",
"n1.4xlarge",
"n1.8xlarge",
"n1.large",
"n1.medium",
"n1.xlarge",
"o1.2xlarge",
"o1.4xlarge",
"o1.8xlarge",
"o1.large",
"o1.medium",
"o1.micro",
"o1.nano",
"o1.small",
"o1.xlarge",
"rt1.2xlarge",
"rt1.4xlarge",
"rt1.8xlarge",
"rt1.large",
"rt1.medium",
"rt1.micro",
"rt1.small",
"rt1.xlarge",
"u1.2xlarge",
"u1.2xmedium",
"u1.4xlarge",
"u1.8xlarge",
"u1.large",
"u1.medium",
"u1.micro",
"u1.nano",
"u1.small",
"u1.xlarge",
""
]
"default": "u1.medium"
},
"resources": {
"description": "Resources",
"type": "object",
"default": {},
"properties": {
"cpu": {
"default": "",
"description": "The number of CPU cores allocated to the virtual machine",
"type": "string"
"type": "string",
"pattern": "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$",
"x-kubernetes-int-or-string": true
},
"memory": {
"default": "",
"description": "The amount of memory allocated to the virtual machine",
"type": "string"
"type": "string",
"pattern": "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$",
"x-kubernetes-int-or-string": true
},
"sockets": {
"default": "",
"description": "The number of CPU sockets allocated to the virtual machine (used to define vCPU topology)",
"type": "string"
"type": "string",
"pattern": "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$",
"x-kubernetes-int-or-string": true
}
},
"type": "object"
}
},
"running": {
"default": true,
"description": "Determines if the virtual machine should be running",
"type": "boolean"
"description": "if the virtual machine should be running",
"type": "boolean",
"default": true
},
"sshKeys": {
"default": [],
"description": "List of SSH public keys for authentication. Can be a single key or a list of keys.",
"items": {},
"type": "array"
"type": "array",
"default": [],
"items": {
"type": "string"
}
},
"systemDisk": {
"description": "System disk configuration",
"type": "object",
"default": {
"image": "ubuntu",
"storage": "5Gi",
"storageClass": "replicated"
},
"required": [
"image",
"storage"
],
"properties": {
"image": {
"default": "ubuntu",
"description": "The base image for the virtual machine. Allowed values: `ubuntu`, `cirros`, `alpine`, `fedora` and `talos`",
"type": "string",
"default": "ubuntu",
"enum": [
"ubuntu",
"cirros",
@@ -192,19 +170,16 @@
]
},
"storage": {
"default": "5Gi",
"description": "The size of the disk allocated for the virtual machine",
"type": "string"
"type": "string",
"default": "5Gi"
},
"storageClass": {
"default": "replicated",
"description": "StorageClass used to store the data",
"type": "string"
"type": "string",
"default": "replicated"
}
},
"type": "object"
}
}
},
"title": "Chart Values",
"type": "object"
}
}

57
packages/apps/virtual-machine/values.yaml
View File

@@ -1,46 +1,53 @@
## @section Common parameters
## @param external Enable external access from outside the cluster
## @param externalMethod specify method to passthrough the traffic to the virtual machine. Allowed values: `WholeIP` and `PortList`
## @param externalPorts [array] Specify ports to forward from outside the cluster
##
## @param external {bool} Enable external access from outside the cluster
external: false
externalMethod: PortList
## @param externalMethod {string enum:"PortList,WholeIP"} Specify method to pass through the traffic to the virtual machine. Allowed values: `WholeIP` and `PortList`
externalMethod: "PortList"
## @param externalPorts {[]int} Specify ports to forward from outside the cluster
externalPorts:
- 22
- 22
## @param running Determines if the virtual machine should be running
## @param running {bool} if the virtual machine should be running
running: true
## @param instanceType Virtual Machine instance type
## @param instanceProfile Virtual Machine preferences profile
## @param instanceType {string} Virtual Machine instance type
## @param instanceProfile {string} Virtual Machine preferences profile
##
instanceType: "u1.medium"
instanceProfile: ubuntu
## @param systemDisk.image The base image for the virtual machine. Allowed values: `ubuntu`, `cirros`, `alpine`, `fedora` and `talos`
## @param systemDisk.storage The size of the disk allocated for the virtual machine
## @param systemDisk.storageClass StorageClass used to store the data
##
## @param systemDisk {systemDisk} System disk configuration
## @field systemDisk.image {string enum:"ubuntu,cirros,alpine,fedora,talos"} The base image for the virtual machine. Allowed values: `ubuntu`, `cirros`, `alpine`, `fedora` and `talos`
## @field systemDisk.storage {string} The size of the disk allocated for the virtual machine
## @field systemDisk.storageClass {*string} StorageClass used to store the data
##
systemDisk:
image: ubuntu
storage: 5Gi
storageClass: replicated
## @param gpus [array] List of GPUs to attach
## @param gpus {[]gpu} List of GPUs to attach
## @field gpu.name {string} The name of the GPU to attach. This should match the GPU resource name in the cluster.
## Example:
## gpus:
## - name: nvidia.com/GA102GL_A10
gpus: []
## @param resources.cpu The number of CPU cores allocated to the virtual machine
## @param resources.memory The amount of memory allocated to the virtual machine
## @param resources.sockets The number of CPU sockets allocated to the virtual machine (used to define vCPU topology)
resources:
cpu: ""
memory: ""
sockets: ""
## @param sshKeys [array] List of SSH public keys for authentication. Can be a single key or a list of keys.
## @param resources {resources} Resources
## @field resources.cpu {*quantity} The number of CPU cores allocated to the virtual machine
## @field resources.sockets {*quantity} The number of CPU sockets allocated to the virtual machine (used to define vCPU topology)
## @field resources.memory {*quantity} The amount of memory allocated to the virtual machine
## Example:
## resources:
## cpu: "4"
## sockets: "1"
## memory: "8Gi"
resources: {}
## @param sshKeys {[]string} List of SSH public keys for authentication. Can be a single key or a list of keys.
## Example:
## sshKeys:
## - ssh-rsa ...
@@ -48,7 +55,7 @@ resources:
##
sshKeys: []
## @param cloudInit cloud-init user data config. See cloud-init documentation for more details.
## @param cloudInit {string} cloud-init user data config. See cloud-init documentation for more details.
## - https://cloudinit.readthedocs.io/en/latest/explanation/format.html
## - https://cloudinit.readthedocs.io/en/latest/reference/examples.html
## Example:
@@ -59,11 +66,11 @@ sshKeys: []
##
cloudInit: ""
## @param cloudInitSeed A seed string to generate an SMBIOS UUID for the VM.
cloudInitSeed: ""
## @param cloudInitSeed {string} A seed string to generate an SMBIOS UUID for the VM.
## Change it to any new value to force a full cloud-init reconfiguration. Change it when you want to apply
## to an existing VM settings that are usually written only once, like new SSH keys or new network configuration.
## An empty value does nothing (and the existing UUID is not reverted). Please note that changing this value
## does not trigger a VM restart. You must perform the restart separately.
## Example:
## cloudInitSeed: "upd1"
cloudInitSeed: ""

2
packages/apps/vm-instance/Chart.yaml
View File

@@ -17,7 +17,7 @@ type: application
# This is the chart version. This version number should be incremented each time you make changes
# to the chart and its templates, including the app version.
# Versions are expected to follow Semantic Versioning (https://semver.org/)
version: 0.10.1
version: 0.10.2
# This is the version number of the application being deployed. This version number should be
# incremented each time you make changes to the application. Versions are not expected to

4
packages/apps/vm-instance/Makefile
View File

@@ -4,8 +4,8 @@ generate:
readme-generator-for-helm -v values.yaml -s values.schema.json -r README.md
yq -o json -i '.properties.disks.items.type = "object" | .properties.disks.default = []' values.schema.json
yq -o json -i '.properties.gpus.items.type = "object" | .properties.gpus.default = []' values.schema.json
INSTANCE_TYPES=$$(yq e '.metadata.name' -o=json -r ../../system/kubevirt-instancetypes/templates/instancetypes.yaml | yq 'split(" ") | . + [""]' -o json) \
&& yq -i -o json ".properties.instanceType.enum = $${INSTANCE_TYPES}" values.schema.json
#INSTANCE_TYPES=$$(yq e '.metadata.name' -o=json -r ../../system/kubevirt-instancetypes/templates/instancetypes.yaml | yq 'split(" ") | . + [""]' -o json) \
# && yq -i -o json ".properties.instanceType.enum = $${INSTANCE_TYPES}" values.schema.json
PREFERENCES=$$(yq e '.metadata.name' -o=json -r ../../system/kubevirt-instancetypes/templates/preferences.yaml | yq 'split(" ") | . + [""]' -o json) \
&& yq -i -o json ".properties.instanceProfile.enum = $${PREFERENCES}" values.schema.json
yq -i -o json '.properties.externalPorts.items.type = "integer"' values.schema.json

53
packages/apps/vm-instance/values.schema.json
View File

@@ -101,58 +101,7 @@
"instanceType": {
"default": "u1.medium",
"description": "Virtual Machine instance type",
"type": "string",
"enum": [
"cx1.2xlarge",
"cx1.4xlarge",
"cx1.8xlarge",
"cx1.large",
"cx1.medium",
"cx1.xlarge",
"gn1.2xlarge",
"gn1.4xlarge",
"gn1.8xlarge",
"gn1.xlarge",
"m1.2xlarge",
"m1.4xlarge",
"m1.8xlarge",
"m1.large",
"m1.xlarge",
"n1.2xlarge",
"n1.4xlarge",
"n1.8xlarge",
"n1.large",
"n1.medium",
"n1.xlarge",
"o1.2xlarge",
"o1.4xlarge",
"o1.8xlarge",
"o1.large",
"o1.medium",
"o1.micro",
"o1.nano",
"o1.small",
"o1.xlarge",
"rt1.2xlarge",
"rt1.4xlarge",
"rt1.8xlarge",
"rt1.large",
"rt1.medium",
"rt1.micro",
"rt1.small",
"rt1.xlarge",
"u1.2xlarge",
"u1.2xmedium",
"u1.4xlarge",
"u1.8xlarge",
"u1.large",
"u1.medium",
"u1.micro",
"u1.nano",
"u1.small",
"u1.xlarge",
""
]
"type": "string"
},
"resources": {
"properties": {

2
packages/core/installer/values.yaml
View File

@@ -1,2 +1,2 @@
cozystack:
image: ghcr.io/cozystack/cozystack/installer:v0.35.0-alpha.2@sha256:ecdda158d9f8e1b83fb75e129c33abb0763f3ba32920e9e9192e1ac6946f4048
image: ghcr.io/cozystack/cozystack/installer:v0.35.0-alpha.3@sha256:b43615350697dbbc377d31152b290722c2bba7a053fd7c69403d666e6c7d53ee

3
packages/core/testing/images/e2e-sandbox/Dockerfile
View File

@@ -19,6 +19,7 @@ RUN curl -sSL "https://github.com/mikefarah/yq/releases/download/v4.44.3/yq_${TA
&& chmod +x /usr/local/bin/yq
RUN curl -sSL "https://fluxcd.io/install.sh" | bash
RUN curl -sSL "https://github.com/cozystack/cozypkg/raw/refs/heads/main/hack/install.sh" | sh -s -- -v "${COZYPKG_VERSION}"
RUN curl https://dl.min.io/client/mc/release/${TARGETOS}-${TARGETARCH}/mc --create-dirs -o /usr/local/bin/mc \
&& chmod +x /usr/local/bin/mc
COPY entrypoint.sh /usr/local/bin/entrypoint.sh
ENTRYPOINT ["/usr/local/bin/entrypoint.sh"]

2
packages/core/testing/values.yaml
View File

@@ -1,2 +1,2 @@
e2e:
image: ghcr.io/cozystack/cozystack/e2e-sandbox:v0.35.0-alpha.2@sha256:dd0b7d231ad8d332b00ef69000ffa570d1d96c6443a2dd9a0b31678657f624f5
image: ghcr.io/cozystack/cozystack/e2e-sandbox:v0.35.0-alpha.3@sha256:cd6d65230150171c0e3934f71fcc270718f2bfec7509989b9d4d996ddef916d9

2
packages/extra/bootbox/images/matchbox.tag
View File

@@ -1 +1 @@
ghcr.io/cozystack/cozystack/matchbox:v0.35.0-alpha.2@sha256:61684ddd5ca56c6031176e4b6aef6c979dbe54ad873172dda3a25a63aca22dbb
ghcr.io/cozystack/cozystack/matchbox:v0.35.0-alpha.3@sha256:043051d7c368b73943051b51bacfb3e383541b53190f74452d552ea2f30e420e

2
packages/extra/monitoring/Chart.yaml
View File

@@ -3,4 +3,4 @@ name: monitoring
description: Monitoring and observability stack
icon: /logos/monitoring.svg
type: application
version: 1.12.0
version: 1.12.1

6
packages/extra/monitoring/Makefile
View File

@@ -6,11 +6,7 @@ include ../../../scripts/common-envs.mk
include ../../../scripts/package.mk
generate:
readme-generator-for-helm -v values.yaml -s values.schema.json.tmp -r README.md
cat values.schema.json.tmp | \
jq '.properties.metricsStorages.items.type = "object" | .properties.logsStorages.items.type = "object"' \
> values.schema.json
rm -f values.schema.json.tmp
cozyvalues-gen -v values.yaml -s values.schema.json -r README.md
image:
docker buildx build images/grafana \

104
packages/extra/monitoring/README.md
View File

@@ -4,22 +4,88 @@
### Common parameters
| Name | Description | Value |
| ----------------------------------------- | --------------------------------------------------------------------------------------------------------- | ------- |
| `host` | The hostname used to access the grafana externally (defaults to 'grafana' subdomain for the tenant host). | `""` |
| `metricsStorages` | Configuration of metrics storage instances | `[]` |
| `logsStorages` | Configuration of logs storage instances | `[]` |
| `alerta.storage` | Persistent Volume size for alerta database | `10Gi` |
| `alerta.storageClassName` | StorageClass used to store the data | `""` |
| `alerta.resources.requests.cpu` | The minimum amount of CPU required for alerta | `100m` |
| `alerta.resources.requests.memory` | The minimum amount of memory required for alerta | `256Mi` |
| `alerta.resources.limits.cpu` | The maximum amount of CPU allowed for alerta | `1` |
| `alerta.resources.limits.memory` | The maximum amount of memory allowed for alerta | `1Gi` |
| `alerta.alerts.telegram.token` | telegram token for your bot | `""` |
| `alerta.alerts.telegram.chatID` | specify multiple ID's separated by comma. Get yours in https://t.me/chatid_echo_bot | `""` |
| `alerta.alerts.telegram.disabledSeverity` | list of severity without alerts, separated comma like: "informational,warning" | `""` |
| `grafana.db.size` | Persistent Volume size for grafana database | `10Gi` |
| `grafana.resources.requests.cpu` | The minimum amount of CPU required for grafana | `100m` |
| `grafana.resources.requests.memory` | The minimum amount of memory required for grafana | `256Mi` |
| `grafana.resources.limits.cpu` | The maximum amount of CPU allowed for grafana | `1` |
| `grafana.resources.limits.memory` | The maximum amount of memory allowed for grafana | `1Gi` |
| Name | Description | Type | Value |
| ------ | --------------------------------------------------------------------------------------------------------- | -------- | ----- |
| `host` | The hostname used to access the grafana externally (defaults to 'grafana' subdomain for the tenant host). | `string` | `""` |
### Metrics storage configuration
| Name | Description | Type | Value |
| ------------------------------------------------ | -------------------------------------------------------------- | ---------- | ------- |
| `metricsStorages` | Configuration of metrics storage instances | `[]object` | `[...]` |
| `metricsStorages[i].name` | Name of the storage instance | `string` | `""` |
| `metricsStorages[i].retentionPeriod` | Retention period for the metrics in the storage instance | `string` | `""` |
| `metricsStorages[i].deduplicationInterval` | Deduplication interval for the metrics in the storage instance | `string` | `""` |
| `metricsStorages[i].storage` | Persistent Volume size for the storage instance | `string` | `""` |
| `metricsStorages[i].storageClassName` | StorageClass used to store the data | `*string` | `null` |
| `metricsStorages[i].vminsert` | Configuration for vminsert component of the storage instance | `*object` | `null` |
| `metricsStorages[i].vminsert.minAllowed` | Requests (minimum allowed/available resources) | `*object` | `null` |
| `metricsStorages[i].vminsert.minAllowed.cpu` | CPU request (minimum available CPU) | `*string` | `null` |
| `metricsStorages[i].vminsert.minAllowed.memory` | Memory request (minimum available memory) | `*string` | `null` |
| `metricsStorages[i].vminsert.maxAllowed` | Limits (maximum allowed/available resources ) | `*object` | `null` |
| `metricsStorages[i].vminsert.maxAllowed.cpu` | CPU limit (maximum available CPU) | `*string` | `null` |
| `metricsStorages[i].vminsert.maxAllowed.memory` | Memory limit (maximum available memory) | `*string` | `null` |
| `metricsStorages[i].vmselect` | Configuration for vmselect component of the storage instance | `*object` | `null` |
| `metricsStorages[i].vmselect.minAllowed` | Requests (minimum allowed/available resources) | `*object` | `null` |
| `metricsStorages[i].vmselect.minAllowed.cpu` | CPU request (minimum available CPU) | `*string` | `null` |
| `metricsStorages[i].vmselect.minAllowed.memory` | Memory request (minimum available memory) | `*string` | `null` |
| `metricsStorages[i].vmselect.maxAllowed` | Limits (maximum allowed/available resources ) | `*object` | `null` |
| `metricsStorages[i].vmselect.maxAllowed.cpu` | CPU limit (maximum available CPU) | `*string` | `null` |
| `metricsStorages[i].vmselect.maxAllowed.memory` | Memory limit (maximum available memory) | `*string` | `null` |
| `metricsStorages[i].vmstorage` | Configuration for vmstorage component of the storage instance | `*object` | `null` |
| `metricsStorages[i].vmstorage.minAllowed` | Requests (minimum allowed/available resources) | `*object` | `null` |
| `metricsStorages[i].vmstorage.minAllowed.cpu` | CPU request (minimum available CPU) | `*string` | `null` |
| `metricsStorages[i].vmstorage.minAllowed.memory` | Memory request (minimum available memory) | `*string` | `null` |
| `metricsStorages[i].vmstorage.maxAllowed` | Limits (maximum allowed/available resources ) | `*object` | `null` |
| `metricsStorages[i].vmstorage.maxAllowed.cpu` | CPU limit (maximum available CPU) | `*string` | `null` |
| `metricsStorages[i].vmstorage.maxAllowed.memory` | Memory limit (maximum available memory) | `*string` | `null` |
### Logs storage configuration
| Name | Description | Type | Value |
| ---------------------------------- | ----------------------------------------------------- | ---------- | ------- |
| `logsStorages` | Configuration of logs storage instances | `[]object` | `[...]` |
| `logsStorages[i].name` | Name of the storage instance | `string` | `""` |
| `logsStorages[i].retentionPeriod` | Retention period for the logs in the storage instance | `string` | `""` |
| `logsStorages[i].storage` | Persistent Volume size for the storage instance | `string` | `""` |
| `logsStorages[i].storageClassName` | StorageClass used to store the data | `*string` | `null` |
### Alerta configuration
| Name | Description | Type | Value |
| ----------------------------------------- | ----------------------------------------------------------------------------------- | --------- | ------- |
| `alerta` | Configuration for Alerta service | `object` | `{}` |
| `alerta.storage` | Persistent Volume size for the database | `string` | `10Gi` |
| `alerta.storageClassName` | StorageClass used to store the data | `string` | `""` |
| `alerta.resources` | Resources configuration | `*object` | `null` |
| `alerta.resources.requests` | | `*object` | `null` |
| `alerta.resources.requests.cpu` | CPU request (minimum available CPU) | `*string` | `100m` |
| `alerta.resources.requests.memory` | Memory request (minimum available memory) | `*string` | `256Mi` |
| `alerta.resources.limits` | | `*object` | `null` |
| `alerta.resources.limits.cpu` | CPU limit (maximum available CPU) | `*string` | `1` |
| `alerta.resources.limits.memory` | Memory limit (maximum available memory) | `*string` | `1Gi` |
| `alerta.alerts` | Configuration for alerts | `object` | `{}` |
| `alerta.alerts.telegram` | Configuration for Telegram alerts | `object` | `{}` |
| `alerta.alerts.telegram.token` | Telegram token for your bot | `string` | `""` |
| `alerta.alerts.telegram.chatID` | Specify multiple ID's separated by comma. Get yours in https://t.me/chatid_echo_bot | `string` | `""` |
| `alerta.alerts.telegram.disabledSeverity` | List of severity without alerts, separated by comma like: "informational,warning" | `string` | `""` |
### Grafana configuration
| Name | Description | Type | Value |
| ----------------------------------- | ----------------------------------------- | --------- | ------- |
| `grafana` | Configuration for Grafana | `object` | `{}` |
| `grafana.db` | Database configuration | `object` | `{}` |
| `grafana.db.size` | Persistent Volume size for the database | `string` | `10Gi` |
| `grafana.resources` | Resources configuration | `*object` | `null` |
| `grafana.resources.requests` | | `*object` | `null` |
| `grafana.resources.requests.cpu` | CPU request (minimum available CPU) | `*string` | `100m` |
| `grafana.resources.requests.memory` | Memory request (minimum available memory) | `*string` | `256Mi` |
| `grafana.resources.limits` | | `*object` | `null` |
| `grafana.resources.limits.cpu` | CPU limit (maximum available CPU) | `*string` | `1` |
| `grafana.resources.limits.memory` | Memory limit (maximum available memory) | `*string` | `1Gi` |

3
packages/extra/monitoring/dashboards.list
View File

@@ -37,4 +37,5 @@ flux/flux-stats
kafka/strimzi-kafka
goldpinger/goldpinger
clickhouse/altinity-clickhouse-operator-dashboard
storage/linstor
storage/linstor
seaweedfs/seaweedfs

2
packages/extra/monitoring/images/grafana.tag
View File

@@ -1 +1 @@
ghcr.io/cozystack/cozystack/grafana:1.12.0@sha256:c63978e1ed0304e8518b31ddee56c4e8115541b997d8efbe1c0a74da57140399
ghcr.io/cozystack/cozystack/grafana:1.12.1@sha256:c63978e1ed0304e8518b31ddee56c4e8115541b997d8efbe1c0a74da57140399

533
packages/extra/monitoring/values.schema.json
View File

@@ -1,152 +1,487 @@
{
"title": "Chart Values",
"type": "object",
"properties": {
"alerta": {
"description": "Configuration for Alerta service",
"type": "object",
"default": {
"alerts": {
"telegram": {
"chatID": "",
"disabledSeverity": "",
"token": ""
}
},
"resources": {
"limits": {
"cpu": "1",
"memory": "1Gi"
},
"requests": {
"cpu": "100m",
"memory": "256Mi"
}
},
"storage": "10Gi",
"storageClassName": ""
},
"required": [
"alerts",
"storage",
"storageClassName"
],
"properties": {
"alerts": {
"description": "Configuration for alerts",
"type": "object",
"default": {
"telegram": {
"chatID": "",
"disabledSeverity": "",
"token": ""
}
},
"required": [
"telegram"
],
"properties": {
"telegram": {
"description": "Configuration for Telegram alerts",
"type": "object",
"default": {
"chatID": "",
"disabledSeverity": "",
"token": ""
},
"required": [
"chatID",
"disabledSeverity",
"token"
],
"properties": {
"chatID": {
"default": "",
"description": "specify multiple ID's separated by comma. Get yours in https://t.me/chatid_echo_bot",
"description": "Specify multiple ID's separated by comma. Get yours in https://t.me/chatid_echo_bot",
"type": "string"
},
"disabledSeverity": {
"default": "",
"description": "list of severity without alerts, separated comma like: \"informational,warning\"",
"description": "List of severity without alerts, separated by comma like: \"informational,warning\"",
"type": "string"
},
"token": {
"default": "",
"description": "telegram token for your bot",
"description": "Telegram token for your bot",
"type": "string"
}
},
"type": "object"
}
}
},
"type": "object"
}
},
"resources": {
"properties": {
"description": "Resources configuration",
"type": "object",
"default": {
"limits": {
"properties": {
"cpu": {
"default": "1",
"description": "The maximum amount of CPU allowed for alerta",
"type": "string"
},
"memory": {
"default": "1Gi",
"description": "The maximum amount of memory allowed for alerta",
"type": "string"
}
},
"type": "object"
"cpu": "1",
"memory": "1Gi"
},
"requests": {
"properties": {
"cpu": {
"default": "100m",
"description": "The minimum amount of CPU required for alerta",
"type": "string"
},
"memory": {
"default": "256Mi",
"description": "The minimum amount of memory required for alerta",
"type": "string"
}
},
"type": "object"
"cpu": "100m",
"memory": "256Mi"
}
},
"type": "object"
"properties": {
"limits": {
"type": "object",
"default": {
"cpu": "1",
"memory": "1Gi"
},
"properties": {
"cpu": {
"description": "CPU limit (maximum available CPU)",
"type": "string",
"default": "1",
"pattern": "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$",
"x-kubernetes-int-or-string": true
},
"memory": {
"description": "Memory limit (maximum available memory)",
"type": "string",
"default": "1Gi",
"pattern": "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$",
"x-kubernetes-int-or-string": true
}
}
},
"requests": {
"type": "object",
"default": {
"cpu": "100m",
"memory": "256Mi"
},
"properties": {
"cpu": {
"description": "CPU request (minimum available CPU)",
"type": "string",
"default": "100m",
"pattern": "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$",
"x-kubernetes-int-or-string": true
},
"memory": {
"description": "Memory request (minimum available memory)",
"type": "string",
"default": "256Mi",
"pattern": "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$",
"x-kubernetes-int-or-string": true
}
}
}
}
},
"storage": {
"default": "10Gi",
"description": "Persistent Volume size for alerta database",
"type": "string"
"description": "Persistent Volume size for the database",
"type": "string",
"default": "10Gi"
},
"storageClassName": {
"default": "",
"description": "StorageClass used to store the data",
"type": "string"
}
},
"type": "object"
}
},
"grafana": {
"properties": {
"description": "Configuration for Grafana",
"type": "object",
"default": {
"db": {
"properties": {
"size": {
"default": "10Gi",
"description": "Persistent Volume size for grafana database",
"type": "string"
}
},
"type": "object"
"size": "10Gi"
},
"resources": {
"properties": {
"limits": {
"properties": {
"cpu": {
"default": "1",
"description": "The maximum amount of CPU allowed for grafana",
"type": "string"
},
"memory": {
"default": "1Gi",
"description": "The maximum amount of memory allowed for grafana",
"type": "string"
}
},
"type": "object"
},
"requests": {
"properties": {
"cpu": {
"default": "100m",
"description": "The minimum amount of CPU required for grafana",
"type": "string"
},
"memory": {
"default": "256Mi",
"description": "The minimum amount of memory required for grafana",
"type": "string"
}
},
"type": "object"
}
"limits": {
"cpu": "1",
"memory": "1Gi"
},
"type": "object"
"requests": {
"cpu": "100m",
"memory": "256Mi"
}
}
},
"type": "object"
"required": [
"db"
],
"properties": {
"db": {
"description": "Database configuration",
"type": "object",
"default": {
"size": "10Gi"
},
"required": [
"size"
],
"properties": {
"size": {
"description": "Persistent Volume size for the database",
"type": "string",
"default": "10Gi"
}
}
},
"resources": {
"description": "Resources configuration",
"type": "object",
"default": {
"limits": {
"cpu": "1",
"memory": "1Gi"
},
"requests": {
"cpu": "100m",
"memory": "256Mi"
}
},
"properties": {
"limits": {
"type": "object",
"default": {
"cpu": "1",
"memory": "1Gi"
},
"properties": {
"cpu": {
"description": "CPU limit (maximum available CPU)",
"type": "string",
"default": "1",
"pattern": "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$",
"x-kubernetes-int-or-string": true
},
"memory": {
"description": "Memory limit (maximum available memory)",
"type": "string",
"default": "1Gi",
"pattern": "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$",
"x-kubernetes-int-or-string": true
}
}
},
"requests": {
"type": "object",
"default": {
"cpu": "100m",
"memory": "256Mi"
},
"properties": {
"cpu": {
"description": "CPU request (minimum available CPU)",
"type": "string",
"default": "100m",
"pattern": "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$",
"x-kubernetes-int-or-string": true
},
"memory": {
"description": "Memory request (minimum available memory)",
"type": "string",
"default": "256Mi",
"pattern": "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$",
"x-kubernetes-int-or-string": true
}
}
}
}
}
}
},
"host": {
"default": "",
"description": "The hostname used to access the grafana externally (defaults to 'grafana' subdomain for the tenant host).",
"type": "string"
},
"logsStorages": {
"default": [],
"description": "Configuration of logs storage instances",
"type": "array",
"default": [
{
"name": "generic",
"retentionPeriod": "1",
"storage": "10Gi",
"storageClassName": "replicated"
}
],
"items": {
"type": "object"
},
"type": "array"
"type": "object",
"required": [
"name",
"retentionPeriod",
"storage"
],
"properties": {
"name": {
"description": "Name of the storage instance",
"type": "string"
},
"retentionPeriod": {
"description": "Retention period for the logs in the storage instance",
"type": "string"
},
"storage": {
"description": "Persistent Volume size for the storage instance",
"type": "string"
},
"storageClassName": {
"description": "StorageClass used to store the data",
"type": "string"
}
}
}
},
"metricsStorages": {
"default": [],
"description": "Configuration of metrics storage instances",
"type": "array",
"default": [
{
"deduplicationInterval": "15s",
"name": "shortterm",
"retentionPeriod": "3d",
"storage": "10Gi",
"storageClassName": ""
},
{
"deduplicationInterval": "5m",
"name": "longterm",
"retentionPeriod": "14d",
"storage": "10Gi",
"storageClassName": ""
}
],
"items": {
"type": "object"
},
"type": "array"
"type": "object",
"required": [
"deduplicationInterval",
"name",
"retentionPeriod",
"storage"
],
"properties": {
"deduplicationInterval": {
"description": "Deduplication interval for the metrics in the storage instance",
"type": "string"
},
"name": {
"description": "Name of the storage instance",
"type": "string"
},
"retentionPeriod": {
"description": "Retention period for the metrics in the storage instance",
"type": "string"
},
"storage": {
"description": "Persistent Volume size for the storage instance",
"type": "string"
},
"storageClassName": {
"description": "StorageClass used to store the data",
"type": "string"
},
"vminsert": {
"description": "Configuration for vminsert component of the storage instance",
"type": "object",
"properties": {
"maxAllowed": {
"description": "Limits (maximum allowed/available resources )",
"type": "object",
"properties": {
"cpu": {
"description": "CPU limit (maximum available CPU)",
"type": "string",
"default": "1",
"pattern": "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$",
"x-kubernetes-int-or-string": true
},
"memory": {
"description": "Memory limit (maximum available memory)",
"type": "string",
"default": "1Gi",
"pattern": "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$",
"x-kubernetes-int-or-string": true
}
}
},
"minAllowed": {
"description": "Requests (minimum allowed/available resources)",
"type": "object",
"properties": {
"cpu": {
"description": "CPU request (minimum available CPU)",
"type": "string",
"default": "100m",
"pattern": "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$",
"x-kubernetes-int-or-string": true
},
"memory": {
"description": "Memory request (minimum available memory)",
"type": "string",
"default": "256Mi",
"pattern": "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$",
"x-kubernetes-int-or-string": true
}
}
}
}
},
"vmselect": {
"description": "Configuration for vmselect component of the storage instance",
"type": "object",
"properties": {
"maxAllowed": {
"description": "Limits (maximum allowed/available resources )",
"type": "object",
"properties": {
"cpu": {
"description": "CPU limit (maximum available CPU)",
"type": "string",
"default": "1",
"pattern": "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$",
"x-kubernetes-int-or-string": true
},
"memory": {
"description": "Memory limit (maximum available memory)",
"type": "string",
"default": "1Gi",
"pattern": "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$",
"x-kubernetes-int-or-string": true
}
}
},
"minAllowed": {
"description": "Requests (minimum allowed/available resources)",
"type": "object",
"properties": {
"cpu": {
"description": "CPU request (minimum available CPU)",
"type": "string",
"default": "100m",
"pattern": "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$",
"x-kubernetes-int-or-string": true
},
"memory": {
"description": "Memory request (minimum available memory)",
"type": "string",
"default": "256Mi",
"pattern": "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$",
"x-kubernetes-int-or-string": true
}
}
}
}
},
"vmstorage": {
"description": "Configuration for vmstorage component of the storage instance",
"type": "object",
"properties": {
"maxAllowed": {
"description": "Limits (maximum allowed/available resources )",
"type": "object",
"properties": {
"cpu": {
"description": "CPU limit (maximum available CPU)",
"type": "string",
"default": "1",
"pattern": "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$",
"x-kubernetes-int-or-string": true
},
"memory": {
"description": "Memory limit (maximum available memory)",
"type": "string",
"default": "1Gi",
"pattern": "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$",
"x-kubernetes-int-or-string": true
}
}
},
"minAllowed": {
"description": "Requests (minimum allowed/available resources)",
"type": "object",
"properties": {
"cpu": {
"description": "CPU request (minimum available CPU)",
"type": "string",
"default": "100m",
"pattern": "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$",
"x-kubernetes-int-or-string": true
},
"memory": {
"description": "Memory request (minimum available memory)",
"type": "string",
"default": "256Mi",
"pattern": "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$",
"x-kubernetes-int-or-string": true
}
}
}
}
}
}
}
}
},
"title": "Chart Values",
"type": "object"
}
}
}

69
packages/extra/monitoring/values.yaml
View File

@@ -1,10 +1,29 @@
## @section Common parameters
## @param host The hostname used to access the grafana externally (defaults to 'grafana' subdomain for the tenant host).
## @param host {string} The hostname used to access the grafana externally (defaults to 'grafana' subdomain for the tenant host).
host: ""
## @param metricsStorages [array] Configuration of metrics storage instances
##
## @section Metrics storage configuration
## @param metricsStorages {[]metricsStorage} Configuration of metrics storage instances
## @field metricsStorage.name {string} Name of the storage instance
## @field metricsStorage.retentionPeriod {string} Retention period for the metrics in the storage instance
## @field metricsStorage.deduplicationInterval {string} Deduplication interval for the metrics in the storage instance
## @field metricsStorage.storage {string} Persistent Volume size for the storage instance
## @field metricsStorage.storageClassName {*string} StorageClass used to store the data
## @field metricsStorage.vminsert {*vmcomponent} Configuration for vminsert component of the storage instance
## @field metricsStorage.vmselect {*vmcomponent} Configuration for vmselect component of the storage instance
## @field metricsStorage.vmstorage {*vmcomponent} Configuration for vmstorage component of the storage instance
## @field request.cpu {*quantity} CPU request (minimum available CPU)
## @field request.memory {*quantity} Memory request (minimum available memory)
## @field limit.cpu {*quantity} CPU limit (maximum available CPU)
## @field limit.memory {*quantity} Memory limit (maximum available memory)
## @field vmcomponent.minAllowed {*request} Requests (minimum allowed/available resources)
## @field vmcomponent.maxAllowed {*limit} Limits (maximum allowed/available resources )
## @field resources.requests {*request}
## @field resources.limits {*limit}
## Example:
## metricsStorages:
## - name: shortterm
@@ -46,7 +65,13 @@ metricsStorages:
storage: 10Gi
storageClassName: ""
## @param logsStorages [array] Configuration of logs storage instances
## @section Logs storage configuration
## @param logsStorages {[]logsStorage} Configuration of logs storage instances
## @field logsStorage.name {string} Name of the storage instance
## @field logsStorage.retentionPeriod {string} Retention period for the logs in the storage instance
## @field logsStorage.storage {string} Persistent Volume size for the storage instance
## @field logsStorage.storageClassName {*string} StorageClass used to store the data
##
logsStorages:
- name: generic
@@ -54,14 +79,17 @@ logsStorages:
storage: 10Gi
storageClassName: replicated
## Configuration for Alerta
## @param alerta.storage Persistent Volume size for alerta database
## @param alerta.storageClassName StorageClass used to store the data
## @param alerta.resources.requests.cpu The minimum amount of CPU required for alerta
## @param alerta.resources.requests.memory The minimum amount of memory required for alerta
## @param alerta.resources.limits.cpu The maximum amount of CPU allowed for alerta
## @param alerta.resources.limits.memory The maximum amount of memory allowed for alerta
##
## @section Alerta configuration
## @param alerta {alerta} Configuration for Alerta service
## @field alerta.storage {string} Persistent Volume size for the database
## @field alerta.storageClassName {string} StorageClass used to store the data
## @field alerta.resources {*resources} Resources configuration
## @field alerta.alerts {alerts} Configuration for alerts
## @field alerts.telegram {telegramAlerts} Configuration for Telegram alerts
## @field telegramAlerts.token {string} Telegram token for your bot
## @field telegramAlerts.chatID {string} Specify multiple ID's separated by comma. Get yours in https://t.me/chatid_echo_bot
## @field telegramAlerts.disabledSeverity {string} List of severity without alerts, separated by comma like: "informational,warning"
alerta:
storage: 10Gi
storageClassName: ""
@@ -73,9 +101,6 @@ alerta:
cpu: 100m
memory: 256Mi
alerts:
## @param alerta.alerts.telegram.token telegram token for your bot
## @param alerta.alerts.telegram.chatID specify multiple ID's separated by comma. Get yours in https://t.me/chatid_echo_bot
## @param alerta.alerts.telegram.disabledSeverity list of severity without alerts, separated comma like: "informational,warning"
## example:
## telegram:
## token: "7262461387:AAGtwq16iwuVtWtzoN6TUEMpF00fpC9Xz34"
@@ -87,12 +112,14 @@ alerta:
chatID: ""
disabledSeverity: ""
## Configuration for Grafana
## @param grafana.db.size Persistent Volume size for grafana database
## @param grafana.resources.requests.cpu The minimum amount of CPU required for grafana
## @param grafana.resources.requests.memory The minimum amount of memory required for grafana
## @param grafana.resources.limits.cpu The maximum amount of CPU allowed for grafana
## @param grafana.resources.limits.memory The maximum amount of memory allowed for grafana
## @section Grafana configuration
## @param grafana {grafana} Configuration for Grafana
## @field grafana.db {grafanaDB} Database configuration
## @field grafanaDB.size {string} Persistent Volume size for the database
## @field grafana.resources {*resources} Resources configuration
grafana:
db:
size: 10Gi

2
packages/extra/seaweedfs/images/objectstorage-sidecar.tag
View File

@@ -1 +1 @@
ghcr.io/cozystack/cozystack/objectstorage-sidecar:v0.35.0-alpha.2@sha256:e751c20edbefb1e458d9272ec5faea011e41bb828c067a562d8ddbd8d9da7242
ghcr.io/cozystack/cozystack/objectstorage-sidecar:v0.35.0-alpha.3@sha256:4a67ec40c13bf912151957dc0e7409f7e01a2859905285c98c20baae7b667ae2

3
packages/extra/versions_map
View File

@@ -47,7 +47,8 @@ monitoring 1.9.2 f9f8bb2f
monitoring 1.10.0 632224a3
monitoring 1.10.1 8c86905b
monitoring 1.11.0 4369b031
monitoring 1.12.0 HEAD
monitoring 1.12.0 0e47e1e8
monitoring 1.12.1 HEAD
seaweedfs 0.1.0 71514249
seaweedfs 0.2.0 5fb9cfe3
seaweedfs 0.2.1 fde4bcfa

2
packages/system/cozystack-api/values.yaml
View File

@@ -1,2 +1,2 @@
cozystackAPI:
image: ghcr.io/cozystack/cozystack/cozystack-api:v0.35.0-alpha.2@sha256:677b5af99f2b7d1adb4c25d5637f2fa5a1baffb423269fa166d2ea15a0028864
image: ghcr.io/cozystack/cozystack/cozystack-api:v0.35.0-alpha.3@sha256:d4cfc2afacc30d383f7b5454e97bb77f2e9bfc33dbc3dc512bfe671300e3ad51

4
packages/system/cozystack-controller/values.yaml
View File

@@ -1,5 +1,5 @@
cozystackController:
image: ghcr.io/cozystack/cozystack/cozystack-controller:v0.35.0-alpha.2@sha256:678c07ca658bbde551ba487537e483615019ea161a849243139399faa73740cf
image: ghcr.io/cozystack/cozystack/cozystack-controller:v0.35.0-alpha.3@sha256:98d0b945630c3dd7c39adc7a5326f0e0e0b49a18641bec911aeb6c62beca4e1f
debug: false
disableTelemetry: false
cozystackVersion: "v0.35.0-alpha.2"
cozystackVersion: "v0.35.0-alpha.3"

2
packages/system/dashboard/charts/kubeapps/templates/dashboard/configmap.yaml
View File

@@ -76,7 +76,7 @@ data:
"kubeappsNamespace": {{ .Release.Namespace | quote }},
"helmGlobalNamespace": {{ include "kubeapps.helmGlobalPackagingNamespace" . | quote }},
"carvelGlobalNamespace": {{ .Values.kubeappsapis.pluginConfig.kappController.packages.v1alpha1.globalPackagingNamespace | quote }},
"appVersion": "v0.35.0-alpha.2",
"appVersion": "v0.35.0-alpha.3",
"authProxyEnabled": {{ .Values.authProxy.enabled }},
"oauthLoginURI": {{ .Values.authProxy.oauthLoginURI | quote }},
"oauthLogoutURI": {{ .Values.authProxy.oauthLogoutURI | quote }},

2
packages/system/dashboard/images/dashboard/Dockerfile
View File

@@ -1,7 +1,7 @@
FROM bitnami/node:20.15.1 AS build
WORKDIR /app
ARG COMMIT_REF=cdf9095f50c74505870de337725d2a9d0bd20947
ARG COMMIT_REF=4926bc68fabb0914afab574006643c85a597b371
RUN wget -O- https://github.com/cozystack/kubeapps/archive/${COMMIT_REF}.tar.gz | tar xzf - --strip-components=2 kubeapps-${COMMIT_REF}/dashboard
RUN yarn install --frozen-lockfile

2
packages/system/dashboard/images/kubeapps-apis/Dockerfile
View File

@@ -4,7 +4,7 @@
# syntax = docker/dockerfile:1
FROM alpine AS source
ARG COMMIT_REF=cdf9095f50c74505870de337725d2a9d0bd20947
ARG COMMIT_REF=4926bc68fabb0914afab574006643c85a597b371
RUN apk add --no-cache patch
WORKDIR /source
RUN wget -O- https://github.com/cozystack/kubeapps/archive/${COMMIT_REF}.tar.gz | tar xzf - --strip-components=1

8
packages/system/dashboard/values.yaml
View File

@@ -19,8 +19,8 @@ kubeapps:
image:
registry: ghcr.io/cozystack/cozystack
repository: dashboard
tag: v0.35.0-alpha.2
digest: "sha256:84c333ce0ecddb153a6886b1c633e4480c78690fb0b49cc0f4cb980bee565134"
tag: v0.35.0-alpha.3
digest: "sha256:ad4b95660b6c5c1b9736ca4768a3f9648705c2855d0a08880d570b4e480dba78"
redis:
master:
resourcesPreset: "none"
@@ -37,8 +37,8 @@ kubeapps:
image:
registry: ghcr.io/cozystack/cozystack
repository: kubeapps-apis
tag: v0.35.0-alpha.2
digest: "sha256:69887cc50059330a8b05c443102e3dedd5cff1543be59066b31f0ad97a727c23"
tag: v0.35.0-alpha.3
digest: "sha256:55b1aacdcb8f7e96b75396e461fbba612498095515b9a437b8f925802f06c485"
pluginConfig:
flux:
packages:

4
packages/system/fluxcd-operator/charts/flux-operator/Chart.yaml
View File

@@ -8,7 +8,7 @@ annotations:
- name: Upstream Project
url: https://github.com/controlplaneio-fluxcd/flux-operator
apiVersion: v2
appVersion: v0.24.1
appVersion: v0.27.0
description: 'A Helm chart for deploying the Flux Operator. '
home: https://github.com/controlplaneio-fluxcd
icon: https://raw.githubusercontent.com/cncf/artwork/main/projects/flux/icon/color/flux-icon-color.png
@@ -25,4 +25,4 @@ sources:
- https://github.com/controlplaneio-fluxcd/flux-operator
- https://github.com/controlplaneio-fluxcd/charts
type: application
version: 0.24.1
version: 0.27.0

4
packages/system/fluxcd-operator/charts/flux-operator/README.md
View File

@@ -1,6 +1,6 @@
# flux-operator
![Version: 0.24.1](https://img.shields.io/badge/Version-0.24.1-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: v0.24.1](https://img.shields.io/badge/AppVersion-v0.24.1-informational?style=flat-square)
![Version: 0.27.0](https://img.shields.io/badge/Version-0.27.0-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: v0.27.0](https://img.shields.io/badge/AppVersion-v0.27.0-informational?style=flat-square)
The [Flux Operator](https://github.com/controlplaneio-fluxcd/flux-operator) provides a
declarative API for the installation and upgrade of CNCF [Flux](https://fluxcd.io) and the
@@ -56,7 +56,7 @@ see the Flux Operator [documentation](https://fluxcd.control-plane.io/operator/)
| rbac.createAggregation | bool | `true` | Grant the Kubernetes view, edit and admin roles access to ResourceSet APIs. |
| readinessProbe | object | `{"httpGet":{"path":"/readyz","port":8081},"initialDelaySeconds":5,"periodSeconds":10}` | Container readiness probe settings. |
| reporting | object | `{"interval":"5m"}` | Flux [reporting](https://fluxcd.control-plane.io/operator/fluxreport/) settings. |
| resources | object | `{"limits":{"cpu":"1000m","memory":"1Gi"},"requests":{"cpu":"100m","memory":"64Mi"}}` | Container resources requests and limits settings. |
| resources | object | `{"limits":{"cpu":"2000m","memory":"1Gi"},"requests":{"cpu":"100m","memory":"64Mi"}}` | Container resources requests and limits settings. |
| securityContext | object | `{"allowPrivilegeEscalation":false,"capabilities":{"drop":["ALL"]},"readOnlyRootFilesystem":true,"runAsNonRoot":true,"seccompProfile":{"type":"RuntimeDefault"}}` | Container security context settings. The default is compliant with the pod security restricted profile. |
| serviceAccount | object | `{"automount":true,"create":true,"name":""}` | Pod service account settings. The name of the service account defaults to the release name. |
| serviceMonitor | object | `{"create":false,"interval":"60s","labels":{},"scrapeTimeout":"30s"}` | Prometheus Operator scraping settings. |

10
packages/system/fluxcd-operator/charts/flux-operator/templates/crds.yaml
View File

@@ -85,6 +85,16 @@ spec:
required for object-level workload identity.
This feature is only available in Flux v2.6.0 and later.
type: boolean
size:
description: |-
Size defines the vertical scaling profile of the Flux controllers.
The size is used to determine the concurrency and CPU/Memory limits for the Flux controllers.
Accepted values are: 'small', 'medium' and 'large'.
enum:
- small
- medium
- large
type: string
tenantDefaultServiceAccount:
description: |-
TenantDefaultServiceAccount is the name of the service account

193
packages/system/fluxcd-operator/charts/flux-operator/values.schema.json
View File

@@ -1,5 +1,10 @@
{
"$schema": "https://json-schema.org/draft/2019-09/schema",
"type": "object",
"required": [
"resources",
"securityContext"
],
"properties": {
"affinity": {
"default": {
@@ -21,16 +26,23 @@
}
}
},
"type": "object",
"properties": {
"nodeAffinity": {
"type": "object",
"properties": {
"requiredDuringSchedulingIgnoredDuringExecution": {
"type": "object",
"properties": {
"nodeSelectorTerms": {
"type": "array",
"items": {
"type": "object",
"properties": {
"matchExpressions": {
"type": "array",
"items": {
"type": "object",
"properties": {
"key": {
"type": "string"
@@ -39,29 +51,22 @@
"type": "string"
},
"values": {
"type": "array",
"items": {
"type": "string"
},
"type": "array"
}
}
},
"type": "object"
},
"type": "array"
}
}
}
},
"type": "object"
},
"type": "array"
}
}
}
},
"type": "object"
}
}
},
"type": "object"
}
}
},
"type": "object"
}
},
"apiPriority": {
"default": {
@@ -69,6 +74,7 @@
"extraServiceAccounts": [],
"level": "workload-high"
},
"type": "object",
"properties": {
"enabled": {
"type": "boolean"
@@ -79,30 +85,41 @@
"level": {
"type": "string"
}
},
"type": "object"
}
},
"commonAnnotations": {
"properties": {},
"type": "object"
},
"commonLabels": {
"properties": {},
"type": "object"
},
"extraArgs": {
"type": "array",
"uniqueItems": true,
"items": {
"type": "string"
},
"type": "array",
"uniqueItems": true
}
},
"extraEnvs": {
"type": "array",
"uniqueItems": true,
"items": {
"type": "object"
},
}
},
"extraVolumeMounts": {
"type": "array",
"uniqueItems": true
"uniqueItems": true,
"items": {
"type": "object"
}
},
"extraVolumes": {
"type": "array",
"uniqueItems": true,
"items": {
"type": "object"
}
},
"fullnameOverride": {
"type": "string"
@@ -112,21 +129,25 @@
"type": "boolean"
},
"image": {
"type": "object",
"required": [
"repository"
],
"properties": {
"imagePullPolicy": {
"type": "string",
"enum": [
"IfNotPresent",
"Always",
"Never"
],
"type": "string"
]
},
"pullSecrets": {
"type": "array",
"uniqueItems": true,
"items": {
"type": "object"
},
"type": "array",
"uniqueItems": true
}
},
"repository": {
"type": "string"
@@ -134,11 +155,7 @@
"tag": {
"type": "string"
}
},
"required": [
"repository"
],
"type": "object"
}
},
"installCRDs": {
"default": true,
@@ -153,8 +170,10 @@
"initialDelaySeconds": 15,
"periodSeconds": 20
},
"type": "object",
"properties": {
"httpGet": {
"type": "object",
"properties": {
"path": {
"type": "string"
@@ -162,8 +181,7 @@
"port": {
"type": "integer"
}
},
"type": "object"
}
},
"initialDelaySeconds": {
"type": "integer"
@@ -171,18 +189,18 @@
"periodSeconds": {
"type": "integer"
}
},
"type": "object"
}
},
"logLevel": {
"type": "string",
"enum": [
"debug",
"info",
"error"
],
"type": "string"
]
},
"marketplace": {
"type": "object",
"properties": {
"account": {
"type": "string"
@@ -193,10 +211,13 @@
"type": {
"type": "string"
}
},
"type": "object"
}
},
"multitenancy": {
"type": "object",
"required": [
"defaultServiceAccount"
],
"properties": {
"defaultServiceAccount": {
"type": "string"
@@ -204,26 +225,18 @@
"enabled": {
"type": "boolean"
}
},
"required": [
"defaultServiceAccount"
],
"type": "object"
}
},
"nameOverride": {
"type": "string"
},
"nodeSelector": {
"properties": {},
"type": [
"object"
]
"type": "object"
},
"podSecurityContext": {
"default": {
"fsGroup": 1337
},
"properties": {},
"type": "object"
},
"priorityClassName": {
@@ -231,6 +244,7 @@
"type": "string"
},
"rbac": {
"type": "object",
"properties": {
"create": {
"type": "boolean"
@@ -238,8 +252,7 @@
"createAggregation": {
"type": "boolean"
}
},
"type": "object"
}
},
"readinessProbe": {
"default": {
@@ -250,8 +263,10 @@
"initialDelaySeconds": 5,
"periodSeconds": 10
},
"type": "object",
"properties": {
"httpGet": {
"type": "object",
"properties": {
"path": {
"type": "string"
@@ -259,8 +274,7 @@
"port": {
"type": "integer"
}
},
"type": "object"
}
},
"initialDelaySeconds": {
"type": "integer"
@@ -268,23 +282,24 @@
"periodSeconds": {
"type": "integer"
}
},
"type": "object"
}
},
"reporting": {
"type": "object",
"required": [
"interval"
],
"properties": {
"interval": {
"type": "string"
}
},
"required": [
"interval"
],
"type": "object"
}
},
"resources": {
"type": "object",
"properties": {
"limits": {
"type": "object",
"properties": {
"cpu": {
"type": "string"
@@ -292,14 +307,14 @@
"memory": {
"type": "string"
}
},
"type": "object"
}
},
"requests": {
"default": {
"cpu": "100m",
"memory": "64Mi"
},
"type": "object",
"properties": {
"cpu": {
"type": "string"
@@ -307,13 +322,12 @@
"memory": {
"type": "string"
}
},
"type": "object"
}
}
},
"type": "object"
}
},
"securityContext": {
"type": "object",
"properties": {
"allowPrivilegeEscalation": {
"default": false,
@@ -325,16 +339,16 @@
"ALL"
]
},
"type": "object",
"properties": {
"drop": {
"type": "array",
"uniqueItems": true,
"items": {
"type": "string"
},
"type": "array",
"uniqueItems": true
}
}
},
"type": "object"
}
},
"readOnlyRootFilesystem": {
"default": true,
@@ -348,15 +362,14 @@
"default": {
"type": "RuntimeDefault"
},
"type": "object",
"properties": {
"type": {
"type": "string"
}
},
"type": "object"
}
}
},
"type": "object"
}
},
"serviceAccount": {
"default": {
@@ -364,6 +377,7 @@
"create": true,
"name": ""
},
"type": "object",
"properties": {
"automount": {
"type": "boolean"
@@ -374,8 +388,7 @@
"name": {
"type": "string"
}
},
"type": "object"
}
},
"serviceMonitor": {
"default": {
@@ -383,6 +396,7 @@
"interval": "60s",
"scrapeTimeout": "30s"
},
"type": "object",
"properties": {
"create": {
"type": "boolean"
@@ -391,26 +405,19 @@
"type": "string"
},
"labels": {
"properties": {},
"type": "object"
},
"scrapeTimeout": {
"type": "string"
}
},
"type": "object"
}
},
"tolerations": {
"type": "array",
"uniqueItems": true,
"items": {
"type": "object"
},
"type": "array",
"uniqueItems": true
}
}
},
"required": [
"resources",
"securityContext"
],
"type": "object"
}
}

2
packages/system/fluxcd-operator/charts/flux-operator/values.yaml
View File

@@ -46,7 +46,7 @@ apiPriority: # @schema default: {"enabled":false,"level":"workload-high","extraS
# -- Container resources requests and limits settings.
resources: # @schema required: true
limits:
cpu: 1000m
cpu: 2000m
memory: 1Gi
requests: # @schema default: {"cpu":"100m","memory":"64Mi"}
cpu: 100m

4
packages/system/fluxcd/charts/flux-instance/Chart.yaml
View File

@@ -8,7 +8,7 @@ annotations:
- name: Upstream Project
url: https://github.com/controlplaneio-fluxcd/flux-operator
apiVersion: v2
appVersion: v0.24.1
appVersion: v0.27.0
description: 'A Helm chart for deploying a Flux instance managed by Flux Operator. '
home: https://github.com/controlplaneio-fluxcd
icon: https://raw.githubusercontent.com/cncf/artwork/main/projects/flux/icon/color/flux-icon-color.png
@@ -25,4 +25,4 @@ sources:
- https://github.com/controlplaneio-fluxcd/flux-operator
- https://github.com/controlplaneio-fluxcd/charts
type: application
version: 0.24.1
version: 0.27.0

6
packages/system/fluxcd/charts/flux-instance/README.md
View File

@@ -1,6 +1,6 @@
# flux-instance
![Version: 0.24.1](https://img.shields.io/badge/Version-0.24.1-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: v0.24.1](https://img.shields.io/badge/AppVersion-v0.24.1-informational?style=flat-square)
![Version: 0.27.0](https://img.shields.io/badge/Version-0.27.0-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: v0.27.0](https://img.shields.io/badge/AppVersion-v0.27.0-informational?style=flat-square)
This chart is a thin wrapper around the `FluxInstance` custom resource, which is
used by the [Flux Operator](https://github.com/controlplaneio-fluxcd/flux-operator)
@@ -37,7 +37,9 @@ helm -n flux-system uninstall flux
| commonAnnotations | object | `{}` | Common annotations to add to all deployed objects including pods. |
| commonLabels | object | `{}` | Common labels to add to all deployed objects including pods. |
| fullnameOverride | string | `"flux"` | |
| instance.cluster | object | `{"domain":"cluster.local","multitenant":false,"networkPolicy":true,"tenantDefaultServiceAccount":"default","type":"kubernetes"}` | Cluster https://fluxcd.control-plane.io/operator/fluxinstance/#cluster-configuration |
| healthcheck.enabled | bool | `false` | Enable post-install and post-upgrade health checks. |
| healthcheck.timeout | string | `"5m"` | Health check timeout in Go duration format. |
| instance.cluster | object | `{"domain":"cluster.local","multitenant":false,"networkPolicy":true,"size":"","tenantDefaultServiceAccount":"default","type":"kubernetes"}` | Cluster https://fluxcd.control-plane.io/operator/fluxinstance/#cluster-configuration |
| instance.commonMetadata | object | `{"annotations":{},"labels":{}}` | Common metadata https://fluxcd.control-plane.io/operator/fluxinstance/#common-metadata |
| instance.components | list | `["source-controller","kustomize-controller","helm-controller","notification-controller"]` | Components https://fluxcd.control-plane.io/operator/fluxinstance/#components-configuration |
| instance.distribution | object | `{"artifact":"oci://ghcr.io/controlplaneio-fluxcd/flux-operator-manifests:latest","artifactPullSecret":"","imagePullSecret":"","registry":"ghcr.io/fluxcd","version":"2.x"}` | Distribution https://fluxcd.control-plane.io/operator/fluxinstance/#distribution-configuration |

78
packages/system/fluxcd/charts/flux-instance/templates/healthcheck.yaml Normal file
View File

@@ -0,0 +1,78 @@
{{- if .Values.healthcheck.enabled }}
apiVersion: batch/v1
kind: Job
metadata:
name: "{{ .Release.Name }}-healthcheck"
labels:
app.kubernetes.io/managed-by: {{ .Release.Service | quote }}
app.kubernetes.io/instance: {{ .Release.Name | quote }}
app.kubernetes.io/version: {{ .Chart.AppVersion }}
helm.sh/chart: "{{ .Chart.Name }}-{{ .Chart.Version }}"
annotations:
helm.sh/hook: post-install,post-upgrade
helm.sh/hook-weight: "-5"
helm.sh/hook-delete-policy: before-hook-creation,hook-succeeded
spec:
template:
metadata:
name: "{{ .Release.Name }}"
labels:
app.kubernetes.io/managed-by: {{ .Release.Service | quote }}
app.kubernetes.io/instance: {{ .Release.Name | quote }}
helm.sh/chart: "{{ .Chart.Name }}-{{ .Chart.Version }}"
spec:
restartPolicy: Never
{{- with .Values.healthcheck.image.pullSecrets }}
imagePullSecrets:
{{- toYaml . | nindent 8 }}
{{- end }}
serviceAccountName: {{ .Values.healthcheck.serviceAccount.name }}
{{- with .Values.healthcheck.podSecurityContext }}
securityContext:
{{- toYaml . | nindent 8 }}
{{- end }}
{{- if .Values.healthcheck.hostNetwork }}
hostNetwork: true
{{- end }}
containers:
- name: healthcheck
image: "{{ .Values.healthcheck.image.repository }}:{{ .Values.healthcheck.image.tag | default .Chart.AppVersion }}"
imagePullPolicy: "{{ .Values.healthcheck.image.imagePullPolicy }}"
args:
- wait
- instance
- {{ include "flux-instance.fullname" . }}
- --namespace={{ .Release.Namespace }}
- --timeout={{ .Values.healthcheck.timeout }}
{{- range .Values.healthcheck.extraArgs }}
- {{ . }}
{{- end }}
{{- with .Values.healthcheck.envs }}
env:
{{- toYaml . | nindent 12 }}
{{- end }}
securityContext:
{{- toYaml .Values.healthcheck.securityContext | nindent 12 }}
resources:
{{- toYaml .Values.healthcheck.resources | nindent 12 }}
{{- with .Values.healthcheck.volumeMounts }}
volumeMounts:
{{- toYaml . | nindent 12 }}
{{- end }}
{{- with .Values.healthcheck.affinity }}
affinity:
{{- toYaml . | nindent 8 }}
{{- end }}
{{- with .Values.healthcheck.tolerations }}
tolerations:
{{- toYaml . | nindent 8 }}
{{- end }}
{{- with .Values.healthcheck.nodeSelector }}
nodeSelector:
{{- toYaml . | nindent 8 }}
{{- end }}
{{- with .Values.healthcheck.volumes }}
volumes:
{{- toYaml . | nindent 8 }}
{{- end }}
{{- end }}

7
packages/system/fluxcd/charts/flux-instance/templates/instance.yaml
View File

@@ -24,7 +24,12 @@ spec:
imagePullSecret: {{ .Values.instance.distribution.imagePullSecret }}
{{- end }}
components: {{ .Values.instance.components | toYaml | nindent 4 }}
cluster: {{ .Values.instance.cluster | toYaml | nindent 4 }}
cluster:
{{- range $key, $value := .Values.instance.cluster }}
{{- if not (and (kindIs "string" $value) (eq $value "")) }}
{{ $key }}: {{ $value }}
{{- end }}
{{- end }}
{{- if or .Values.instance.commonMetadata.annotations .Values.instance.commonMetadata.labels }}
commonMetadata:
{{- with .Values.instance.commonMetadata.annotations }}

17
packages/system/fluxcd/charts/flux-instance/templates/serviceaccount.yaml Normal file
View File

@@ -0,0 +1,17 @@
{{- if .Values.healthcheck.serviceAccount.create }}
apiVersion: v1
kind: ServiceAccount
metadata:
name: {{ .Values.healthcheck.serviceAccount.name }}
namespace: {{ .Release.Namespace }}
labels:
{{- include "flux-instance.labels" . | nindent 4 }}
{{- with .Values.commonLabels }}
{{- toYaml . | nindent 4 }}
{{- end }}
{{- with .Values.commonAnnotations }}
annotations:
{{- toYaml . | nindent 4 }}
{{- end }}
automountServiceAccountToken: {{ .Values.healthcheck.serviceAccount.automount }}
{{- end }}

341
packages/system/fluxcd/charts/flux-instance/values.schema.json
View File

@@ -1,20 +1,275 @@
{
"$schema": "https://json-schema.org/draft/2019-09/schema",
"type": "object",
"properties": {
"commonAnnotations": {
"properties": {},
"type": "object"
},
"commonLabels": {
"properties": {},
"type": "object"
},
"fullnameOverride": {
"type": "string"
},
"healthcheck": {
"type": "object",
"required": [
"resources",
"securityContext"
],
"properties": {
"affinity": {
"default": {
"nodeAffinity": {
"requiredDuringSchedulingIgnoredDuringExecution": {
"nodeSelectorTerms": [
{
"matchExpressions": [
{
"key": "kubernetes.io/os",
"operator": "In",
"values": [
"linux"
]
}
]
}
]
}
}
},
"type": "object",
"properties": {
"nodeAffinity": {
"type": "object",
"properties": {
"requiredDuringSchedulingIgnoredDuringExecution": {
"type": "object",
"properties": {
"nodeSelectorTerms": {
"type": "array",
"items": {
"type": "object",
"properties": {
"matchExpressions": {
"type": "array",
"items": {
"type": "object",
"properties": {
"key": {
"type": "string"
},
"operator": {
"type": "string"
},
"values": {
"type": "array",
"items": {
"type": "string"
}
}
}
}
}
}
}
}
}
}
}
}
}
},
"enabled": {
"type": "boolean"
},
"envs": {
"type": "array",
"uniqueItems": true,
"items": {
"type": "object"
}
},
"extraArgs": {
"type": "array",
"uniqueItems": true,
"items": {
"type": "string"
}
},
"hostNetwork": {
"default": false,
"type": "boolean"
},
"image": {
"type": "object",
"required": [
"repository"
],
"properties": {
"imagePullPolicy": {
"type": "string",
"enum": [
"IfNotPresent",
"Always",
"Never"
]
},
"pullSecrets": {
"type": "array",
"uniqueItems": true,
"items": {
"type": "object"
}
},
"repository": {
"type": "string"
},
"tag": {
"type": "string"
}
}
},
"nodeSelector": {
"type": "object"
},
"podSecurityContext": {
"default": {
"fsGroup": 1337
},
"type": "object"
},
"resources": {
"type": "object",
"properties": {
"limits": {
"type": "object",
"properties": {
"cpu": {
"type": "string"
},
"memory": {
"type": "string"
}
}
},
"requests": {
"default": {
"cpu": "100m",
"memory": "64Mi"
},
"type": "object",
"properties": {
"cpu": {
"type": "string"
},
"memory": {
"type": "string"
}
}
}
}
},
"securityContext": {
"type": "object",
"properties": {
"allowPrivilegeEscalation": {
"default": false,
"type": "boolean"
},
"capabilities": {
"default": {
"drop": [
"ALL"
]
},
"type": "object",
"properties": {
"drop": {
"type": "array",
"uniqueItems": true,
"items": {
"type": "string"
}
}
}
},
"readOnlyRootFilesystem": {
"default": true,
"type": "boolean"
},
"runAsNonRoot": {
"default": true,
"type": "boolean"
},
"seccompProfile": {
"default": {
"type": "RuntimeDefault"
},
"type": "object",
"properties": {
"type": {
"type": "string"
}
}
}
}
},
"serviceAccount": {
"default": {
"automount": true,
"create": false,
"name": "flux-operator"
},
"type": "object",
"properties": {
"automount": {
"type": "boolean"
},
"create": {
"type": "boolean"
},
"name": {
"type": "string"
}
}
},
"timeout": {
"default": "5m",
"type": "string"
},
"tolerations": {
"type": "array",
"uniqueItems": true,
"items": {
"type": "object"
}
},
"volumeMounts": {
"type": "array",
"uniqueItems": true,
"items": {
"type": "object"
}
},
"volumes": {
"type": "array",
"uniqueItems": true,
"items": {
"type": "object"
}
}
}
},
"instance": {
"type": "object",
"required": [
"distribution",
"cluster"
],
"properties": {
"cluster": {
"type": "object",
"properties": {
"domain": {
"type": "string"
@@ -25,37 +280,46 @@
"networkPolicy": {
"type": "boolean"
},
"size": {
"type": "string",
"enum": [
"",
"small",
"medium",
"large"
]
},
"tenantDefaultServiceAccount": {
"type": "string"
},
"type": {
"type": "string",
"enum": [
"kubernetes",
"openshift",
"aws",
"azure",
"gcp"
],
"type": "string"
]
}
},
"type": "object"
}
},
"commonMetadata": {
"type": "object",
"properties": {
"annotations": {
"properties": {},
"type": "object"
},
"labels": {
"properties": {},
"type": "object"
}
},
"type": "object"
}
},
"components": {
"type": "array",
"uniqueItems": true,
"items": {
"type": "string",
"enum": [
"source-controller",
"kustomize-controller",
@@ -63,13 +327,15 @@
"notification-controller",
"image-reflector-controller",
"image-automation-controller"
],
"type": "string"
},
"type": "array",
"uniqueItems": true
]
}
},
"distribution": {
"type": "object",
"required": [
"version",
"registry"
],
"properties": {
"artifact": {
"type": "string"
@@ -86,39 +352,35 @@
"version": {
"type": "string"
}
},
"required": [
"version",
"registry"
],
"type": "object"
}
},
"kustomize": {
"type": "object",
"properties": {
"patches": {
"type": "array",
"items": {
"type": "object"
},
"type": "array"
}
}
},
"type": "object"
}
},
"sharding": {
"type": "object",
"properties": {
"key": {
"type": "string"
},
"shards": {
"type": "array",
"items": {
"type": "string"
},
"type": "array"
}
}
},
"type": "object"
}
},
"storage": {
"type": "object",
"properties": {
"class": {
"type": "string"
@@ -126,21 +388,21 @@
"size": {
"type": "string"
}
},
"type": "object"
}
},
"sync": {
"type": "object",
"properties": {
"interval": {
"type": "string"
},
"kind": {
"type": "string",
"enum": [
"GitRepository",
"OCIRepository",
"Bucket"
],
"type": "string"
]
},
"name": {
"type": "string"
@@ -160,19 +422,12 @@
"url": {
"type": "string"
}
},
"type": "object"
}
}
},
"required": [
"distribution",
"cluster"
],
"type": "object"
}
},
"nameOverride": {
"type": "string"
}
},
"type": "object"
}
}

96
packages/system/fluxcd/charts/flux-instance/values.yaml
View File

@@ -20,6 +20,7 @@ instance:
# -- Cluster https://fluxcd.control-plane.io/operator/fluxinstance/#cluster-configuration
cluster: # @schema required: true
type: kubernetes # @schema enum:[kubernetes,openshift,aws,azure,gcp]
size: "" # @schema enum:['',small,medium,large]
domain: "cluster.local"
networkPolicy: true
multitenant: false
@@ -35,7 +36,7 @@ instance:
# -- Sharding https://fluxcd.control-plane.io/operator/fluxinstance/#sharding-configuration
sharding: # @schema required: false
key: "sharding.fluxcd.io/key"
shards: [] # @schema item: string
shards: [ ] # @schema item: string
# -- Sync https://fluxcd.control-plane.io/operator/fluxinstance/#sync-configuration
sync: # @schema required: false
interval: 1m
@@ -48,10 +49,101 @@ instance:
provider: ""
kustomize: # @schema required: false
# -- Kustomize patches https://fluxcd.control-plane.io/operator/fluxinstance/#kustomize-patches
patches: [] # @schema item: object
patches: [ ] # @schema item: object
# -- Common annotations to add to all deployed objects including pods.
commonAnnotations: { }
# -- Common labels to add to all deployed objects including pods.
commonLabels: { }
# Healthcheck job settings.
healthcheck:
# -- Enable post-install and post-upgrade health checks.
enabled: false
# -- Health check timeout in Go duration format.
timeout: 5m # @schema default: "5m"
# Container image settings.
# The image tag defaults to the chart appVersion.
# @ignore
image:
repository: ghcr.io/controlplaneio-fluxcd/flux-operator-cli # @schema required: true
tag: ""
pullSecrets: [ ] # @schema item: object ; uniqueItems: true
imagePullPolicy: IfNotPresent # @schema enum:[IfNotPresent, Always, Never]
# Container resources requests and limits settings.
# @ignore
resources: # @schema required: true
limits:
cpu: 1000m
memory: 1Gi
requests: # @schema default: {"cpu":"100m","memory":"64Mi"}
cpu: 100m
memory: 64Mi
# Pod service account settings.
# The name of the service account defaults to the release name.
# @ignore
serviceAccount: # @schema default: {"create":false,"automount":true,"name":"flux-operator"}
create: false
automount: true
name: "flux-operator"
# Pod security context settings.
# @ignore
podSecurityContext: { } # @schema default: {"fsGroup":1337}
# Container security context settings.
# The default is compliant with the pod security restricted profile.
# @ignore
securityContext: # @schema required: true
runAsNonRoot: true # @schema default: true
readOnlyRootFilesystem: true # @schema default: true
allowPrivilegeEscalation: false # @schema default: false
capabilities: # @schema default: {"drop":["ALL"]}
drop: # @schema item: string ; uniqueItems: true
- "ALL"
seccompProfile: # @schema default: {"type":"RuntimeDefault"}
type: "RuntimeDefault"
# Pod affinity and anti-affinity settings.
# @ignore
affinity: # @schema default: {"nodeAffinity":{"requiredDuringSchedulingIgnoredDuringExecution":{"nodeSelectorTerms":[{"matchExpressions":[{"key":"kubernetes.io/os","operator":"In","values":["linux"]}]}]}}}
nodeAffinity:
requiredDuringSchedulingIgnoredDuringExecution:
nodeSelectorTerms:
- matchExpressions:
- key: kubernetes.io/os
operator: In
values:
- linux
# Pod tolerations settings.
# @ignore
tolerations: [ ] # @schema item: object ; uniqueItems: true
# Pod Node Selector settings.
# @ignore
nodeSelector: { } # @schema type: object
# If `true`, the container ports (`8080` and `8081`) are exposed on the host network.
# @ignore
hostNetwork: false # @schema default: false
# Pod extra volumes.
# @ignore
volumes: [ ] # @schema item: object ; uniqueItems: true
# Container extra volume mounts.
# @ignore
volumeMounts: [ ] # @schema item: object ; uniqueItems: true
# Container extra environment variables.
# @ignore
envs: [ ] # @schema item: object ; uniqueItems: true
# Container extra arguments.
# @ignore
extraArgs: [ ] # @schema item: string ; uniqueItems: true

2
packages/system/kamaji/values.yaml
View File

@@ -3,7 +3,7 @@ kamaji:
deploy: false
image:
pullPolicy: IfNotPresent
tag: v0.35.0-alpha.2@sha256:dd662e320f44342fe5f10d63545bf1915e97de380c1685e7b28f7a7fce87512e
tag: v0.35.0-alpha.3@sha256:34500654751ceef7a57562fb1edc6928d91245ad8e41da732788dcf10ec330b5
repository: ghcr.io/cozystack/cozystack/kamaji
resources:
limits:

5
packages/system/keycloak-configure/templates/configure-kk.yaml
View File

@@ -200,7 +200,7 @@ spec:
- groups
- kubernetes-client
redirectUris:
- "http://dashboard.{{ $host }}/oauth2/callback/*"
- "https://dashboard.{{ $host }}/oauth2/callback/*"
{{- range $i, $v := $extraRedirectUris }}
- "{{ $v }}"
{{- end }}
@@ -223,8 +223,7 @@ data:
clientSecret: {{ $kubeappsClient }}
cookieSecret: {{ $cookieSecret }}
extraFlags:
- --ssl-insecure-skip-verify
- --cookie-secure=false
- --cookie-secure
- --scope=openid email groups
- --oidc-issuer-url=https://keycloak.{{ $host }}/realms/cozy

2
packages/system/kubeovn-webhook/values.yaml
View File

@@ -1,3 +1,3 @@
portSecurity: true
routes: ""
image: ghcr.io/cozystack/cozystack/kubeovn-webhook:v0.35.0-alpha.2@sha256:782a84c9afa5dcea2208f71987d019d573a23676a3e9df6df0cfcd639cf4d7a0
image: ghcr.io/cozystack/cozystack/kubeovn-webhook:v0.35.0-alpha.3@sha256:ad4e506065458b039a86c7f03a35dbb6918756e117ce74dd931089383cfd91f8

2
packages/system/kubeovn/values.yaml
View File

@@ -64,4 +64,4 @@ global:
images:
kubeovn:
repository: kubeovn
tag: v1.13.14@sha256:5cce383ac38e56b1e3acb2fc29d9ae042afa269035b4f57e6737265e42ea2ef8
tag: v1.13.14@sha256:bacd68243ee9fd94f5f0e377801ed3e99cd0762ff5df0d0ec73a73130180d8ca

2
packages/system/kubevirt-csi-node/values.yaml
View File

@@ -1,3 +1,3 @@
storageClass: replicated
csiDriver:
image: ghcr.io/cozystack/cozystack/kubevirt-csi-driver:0.26.1@sha256:445c2727b04ac68595b43c988ff17b3d69a7b22b0644fde3b10c65b47a7bc036
image: ghcr.io/cozystack/cozystack/kubevirt-csi-driver:0.26.2@sha256:761e7235ff9cb7f6f223f00954943e6a5af32ed6624ee592a8610122f96febb0

2
packages/system/objectstorage-controller/values.yaml
View File

@@ -1,3 +1,3 @@
objectstorage:
controller:
image: "ghcr.io/cozystack/cozystack/objectstorage-controller:v0.35.0-alpha.2@sha256:f57500d935d89ceb76241bf1257be64fd6624f4881df7a5390ff7149667eb62c"
image: "ghcr.io/cozystack/cozystack/objectstorage-controller:v0.35.0-alpha.3@sha256:4d3f20ae946736d9260193dd1ce0e72114ad6bd6f78fb6528a68efffa2092b07"

1
packages/system/seaweedfs/Makefile
View File

@@ -8,4 +8,5 @@ update:
curl -sSL https://github.com/seaweedfs/seaweedfs/archive/refs/heads/master.tar.gz | \
tar xzvf - --strip 3 -C charts seaweedfs-master/k8s/charts/seaweedfs
patch --no-backup-if-mismatch -p4 < patches/resize-api-server-annotation.diff
patch --no-backup-if-mismatch -p4 < patches/fix-volume-servicemonitor.patch
#patch --no-backup-if-mismatch -p4 < patches/retention-policy-delete.yaml

4
packages/system/seaweedfs/charts/seaweedfs/templates/volume-servicemonitor.yaml
View File

@@ -21,9 +21,9 @@ metadata:
{{- with $.Values.global.monitoring.additionalLabels }}
{{- toYaml . | nindent 4 }}
{{- end }}
{{- if .Values.volume.annotations }}
{{- if $.Values.volume.annotations }}
annotations:
{{- toYaml .Values.volume.annotations | nindent 4 }}
{{- toYaml $.Values.volume.annotations | nindent 4 }}
{{- end }}
spec:
endpoints:

15
packages/system/seaweedfs/patches/fix-volume-servicemonitor.patch Normal file
View File

@@ -0,0 +1,15 @@
diff --git a/packages/system/seaweedfs/charts/seaweedfs/templates/volume-servicemonitor.yaml b/packages/system/seaweedfs/charts/seaweedfs/templates/volume-servicemonitor.yaml
--- a/packages/system/seaweedfs/charts/seaweedfs/templates/volume-servicemonitor.yaml (revision 8951bc13d7d02b5e6982a239570ed58ed7cb025a)
+++ b/packages/system/seaweedfs/charts/seaweedfs/templates/volume-servicemonitor.yaml (revision fa4fff2292c4b79a92db5cd654a3c6bf590252a6)
@@ -21,9 +21,9 @@
{{- with $.Values.global.monitoring.additionalLabels }}
{{- toYaml . | nindent 4 }}
{{- end }}
-{{- if .Values.volume.annotations }}
+{{- if $.Values.volume.annotations }}
annotations:
- {{- toYaml .Values.volume.annotations | nindent 4 }}
+ {{- toYaml $.Values.volume.annotations | nindent 4 }}
{{- end }}
spec:
endpoints:

14
packages/system/seaweedfs/values.yaml
View File

@@ -4,6 +4,8 @@ global:
extraEnvironmentVars:
WEED_CLUSTER_SW_MASTER: "seaweedfs-master:9333"
WEED_CLUSTER_SW_FILER: "seaweedfs-filer-client:8888"
monitoring:
enabled: true
seaweedfs:
master:
replicas: 3
@@ -78,7 +80,10 @@ seaweedfs:
existingConfigSecret: null
auditLogConfig: {}
s3:
enabled: true
enableAuth: true
readinessProbe:
scheme: HTTPS
logs:
type: ""
ingress:
@@ -94,6 +99,13 @@ seaweedfs:
- hosts:
- seaweedfs.demo.cozystack.io
secretName: seaweedfs-s3-ingress-tls
resources:
limits:
cpu: "2"
memory: "2Gi"
requests:
cpu: "500m"
memory: "1Gi"
cosi:
enabled: true
podLabels:
@@ -102,7 +114,7 @@ seaweedfs:
bucketClassName: "seaweedfs"
region: ""
sidecar:
image: "ghcr.io/cozystack/cozystack/objectstorage-sidecar:v0.35.0-alpha.2@sha256:e751c20edbefb1e458d9272ec5faea011e41bb828c067a562d8ddbd8d9da7242"
image: "ghcr.io/cozystack/cozystack/objectstorage-sidecar:v0.35.0-alpha.3@sha256:4a67ec40c13bf912151957dc0e7409f7e01a2859905285c98c20baae7b667ae2"
certificates:
commonName: "SeaweedFS CA"
ipAddresses: []

46
pkg/registry/apps/application/rest.go
View File

@@ -271,7 +271,6 @@ func (r *REST) List(ctx context.Context, options *metainternalversion.ListOption
klog.Errorf("Invalid field selector: %v", err)
return nil, fmt.Errorf("invalid field selector: %v", err)
}
// Check if selector is for metadata.name
if name, exists := fs.RequiresExactMatch("metadata.name"); exists {
// Convert Application name to HelmRelease name
@@ -321,17 +320,8 @@ func (r *REST) List(ctx context.Context, options *metainternalversion.ListOption
return nil, err
}
// Initialize empty Application list
appList := &appsv1alpha1.ApplicationList{
TypeMeta: metav1.TypeMeta{
APIVersion: "apps.cozystack.io/v1alpha1",
Kind: "ApplicationList",
},
ListMeta: metav1.ListMeta{
ResourceVersion: hrList.GetResourceVersion(),
},
Items: []appsv1alpha1.Application{},
}
// Initialize unstructured items array
items := make([]unstructured.Unstructured, 0)
// Iterate over HelmReleases and convert to Applications
for _, hr := range hrList.Items {
@@ -369,7 +359,6 @@ func (r *REST) List(ctx context.Context, options *metainternalversion.ListOption
klog.Errorf("Invalid field selector: %v", err)
continue
}
fieldsSet := fields.Set{
"metadata.name": app.Name,
"metadata.namespace": app.Namespace,
@@ -379,10 +368,23 @@ func (r *REST) List(ctx context.Context, options *metainternalversion.ListOption
}
}
appList.Items = append(appList.Items, app)
// Convert Application to unstructured
unstructuredApp, err := runtime.DefaultUnstructuredConverter.ToUnstructured(&app)
if err != nil {
klog.Errorf("Error converting Application %s to unstructured: %v", app.Name, err)
continue
}
items = append(items, unstructured.Unstructured{Object: unstructuredApp})
}
klog.V(6).Infof("Successfully listed %d Application resources in namespace %s", len(appList.Items), namespace)
// Explicitly set apiVersion and kind in unstructured object
appList := &unstructured.UnstructuredList{}
appList.SetAPIVersion("apps.cozystack.io/v1alpha1")
appList.SetKind(r.kindName + "List")
appList.SetResourceVersion(hrList.GetResourceVersion())
appList.Items = items
klog.V(6).Infof("Successfully listed %d Application resources in namespace %s", len(items), namespace)
return appList, nil
}
@@ -1036,6 +1038,19 @@ func (r *REST) ConvertToTable(ctx context.Context, object runtime.Object, tableO
case *appsv1alpha1.Application:
table = r.buildTableFromApplication(*obj)
table.ListMeta.ResourceVersion = obj.GetResourceVersion()
case *unstructured.UnstructuredList:
apps := make([]appsv1alpha1.Application, 0, len(obj.Items))
for _, u := range obj.Items {
var a appsv1alpha1.Application
err := runtime.DefaultUnstructuredConverter.FromUnstructured(u.Object, &a)
if err != nil {
klog.Errorf("Failed to convert Unstructured to Application: %v", err)
continue
}
apps = append(apps, a)
}
table = r.buildTableFromApplications(apps)
table.ListMeta.ResourceVersion = obj.GetResourceVersion()
case *unstructured.Unstructured:
var app appsv1alpha1.Application
err := runtime.DefaultUnstructuredConverter.FromUnstructured(obj.UnstructuredContent(), &app)
@@ -1067,7 +1082,6 @@ func (r *REST) ConvertToTable(ctx context.Context, object runtime.Object, tableO
}
klog.V(6).Infof("ConvertToTable: returning table with %d rows", len(table.Rows))
return &table, nil
}

6
scripts/common-envs.mk
View File

@@ -17,6 +17,8 @@ endif
# Get the name of the selected docker buildx builder
BUILDER ?= $(shell docker buildx inspect --bootstrap | head -n2 | awk '/^Name:/{print $$NF}')
# Get platforms supported by the builder
PLATFORM ?= $(shell docker buildx ls --format=json | jq -r 'select(.Name == "$(BUILDER)") | [.Nodes[].Platforms // []] | flatten | unique | map(select(test("^linux/amd64$$|^linux/arm64$$"))) | join(",")')
# Get platforms supported by the builder (only if PLATFORM is not provided)
ifeq ($(origin PLATFORM), undefined)
PLATFORM := $(shell docker buildx ls --format=json | jq -r 'select(.Name == "$(BUILDER)") | [.Nodes[].Platforms // []] | flatten | unique | map(select(test("^linux/amd64$$|^linux/arm64$$"))) | join(",")')
endif