introduce extra packages

2026-01-28 10:18:42 +00:00 · 2024-01-29 12:50:39 +01:00
parent 8c2422c458
commit 3a32b87d2e
52 changed files with 351 additions and 179 deletions
--- a/packages/.gitignore
+++ b/packages/.gitignore
--- a/10
+++ b/10
@@ -1,4 +1,12 @@
-.PHONY: manifests
+.PHONY: manifests repos

 manifests:
 	(cd packages/core/installer/; helm template -n cozy-installer installer .) > manifests/cozystack-installer.yaml
+
+repos:
+	rm -rf _out
+	make -C packages/apps check-version-map
+	make -C packages/extra check-version-map
+	make -C packages/system repo
+	make -C packages/apps repo
+	make -C packages/extra repo
--- a/packages/apps/gen_versions_map.sh
+++ b/packages/apps/gen_versions_map.sh
--- a/manifests/cozystack-installer.yaml
+++ b/manifests/cozystack-installer.yaml
@@ -72,14 +72,14 @@ spec:
      serviceAccountName: cozystack
      containers:
      - name: cozystack
-        image: "ghcr.io/aenix-io/cozystack/installer:latest@sha256:48df6dbe544d907b020977627a0f3c7b1397eff74b4aea7c7b3b8dff6db9cf35"
+        image: "ghcr.io/aenix-io/cozystack/installer:latest@sha256:092089b46a3fac5eb389a2ff14553f72ea7665837e62722d23113f8cd772f1e7"
        env:
        - name: KUBERNETES_SERVICE_HOST
          value: localhost
        - name: KUBERNETES_SERVICE_PORT
          value: "7445"
      - name: darkhttpd
-        image: "ghcr.io/aenix-io/cozystack/installer:latest@sha256:48df6dbe544d907b020977627a0f3c7b1397eff74b4aea7c7b3b8dff6db9cf35"
+        image: "ghcr.io/aenix-io/cozystack/installer:latest@sha256:092089b46a3fac5eb389a2ff14553f72ea7665837e62722d23113f8cd772f1e7"
        command:
        - /usr/bin/darkhttpd
        - /cozystack/assets
--- a/packages/apps/Makefile
+++ b/packages/apps/Makefile
@@ -1,5 +1,5 @@
-OUT=../_out/apps
-TMP=../_out/apps/historical
+OUT=../../_out/repos/apps
+TMP=../../_out/repos/apps/historical

 repo:
 	rm -rf "$(OUT)"
@@ -14,11 +14,7 @@ fix-chartnames:
 	find . -name Chart.yaml -maxdepth 2 | awk -F/ '{print $$2}' | while read i; do sed -i "s/^name: .*/name: $$i/" "$$i/Chart.yaml"; done

 gen-versions-map: fix-chartnames
-	./gen_versions_map.sh
+	../../hack/gen_versions_map.sh

 check-version-map: gen-versions-map
 	git diff --exit-code -- versions_map
-
-
-aaa:
-	$(shell awk 'BEGIN{printf "mkdir -p"} $$3 != "HEAD" {printf " $(OUT)" $$1 "-" $$2}' versions_map)
--- a/packages/apps/observability/Makefile
+++ b/packages/apps/observability/Makefile
@@ -1,19 +0,0 @@
-update:
-	rm -rf charts
-	helm repo add grafana https://grafana.github.io/helm-charts
-	helm repo update grafana
-	helm pull grafana/oncall --untar --untardir charts
-	rm -rf charts/oncall/charts
-	patch -p4 < patches/1.diff
-	yq e -i '.database.type="postgresql"' charts/oncall/values.yaml
-	yq e -i '.broker.type="redis"' charts/oncall/values.yaml
-	yq e -i '.ingress.enabled=false' charts/oncall/values.yaml
-	yq e -i '.cert-manager.enabled=false' charts/oncall/values.yaml
-	yq e -i '.mariadb.enabled=false' charts/oncall/values.yaml
-	yq e -i '.postgresql.enabled=false' charts/oncall/values.yaml
-	yq e -i '.rabbitmq.enabled=false' charts/oncall/values.yaml
-	yq e -i '.redis.enabled=false' charts/oncall/values.yaml
-	yq e -i '.grafana.enabled=false' charts/oncall/values.yaml
-
-dashboards-list:
-	find ../../../dashboards -name '*.json' | awk -F/ '{sub(".json", ""); printf "%s/%s\n", $$(NF-1), $$NF}' > dashboards.list
--- a/packages/apps/observability/templates/_helpers.tpl
+++ b/packages/apps/observability/templates/_helpers.tpl
@@ -1,35 +0,0 @@
-{{- define "snippet.grafana.url" -}}
-{{ .Values.url }}
-{{- end }}
-
-{{- define "snippet.redis.host" -}}
-rfrm-{{ .Release.Name }}-grafana-oncall
-{{- end }}
-
-{{- define "snippet.redis.password.secret.name" -}}
-{{ .Release.Name }}-grafana-oncall-redis-password
-{{- end }}
-
-{{- define "snippet.redis.password.secret.key" -}}
-password
-{{- end }}
-
-{{- define "snippet.postgresql.host" -}}
-{{ .Release.Name }}-grafana-oncall-db-rw
-{{- end }}
-
-{{- define "snippet.postgresql.password.secret.name" -}}
-{{ .Release.Name }}-grafana-oncall-db-app
-{{- end }}
-
-{{- define "snippet.postgresql.user" -}}
-app
-{{- end }}
-
-{{- define "snippet.postgresql.db" -}}
-app
-{{- end }}
-
-{{- define "snippet.postgresql.password.secret.key" -}}
-password
-{{- end }}
--- a/packages/apps/observability/templates/oncall/oncall-db.yaml
+++ b/packages/apps/observability/templates/oncall/oncall-db.yaml
@@ -1,8 +1,11 @@
+{{- if .Values.oncall.enabled }}
+---
 apiVersion: postgresql.cnpg.io/v1
 kind: Cluster
 metadata:
-  name: {{ .Release.Name }}-grafana-oncall-db
+  name: {{ .Release.Name }}-oncall-db
 spec:
  instances: 2
  storage:
    size: 10Gi
+{{- end }}
--- a/packages/apps/observability/templates/oncall/oncall-redis.yaml
+++ b/packages/apps/observability/templates/oncall/oncall-redis.yaml
@@ -1,8 +1,9 @@
+{{- if .Values.oncall.enabled }}
 ---
 apiVersion: databases.spotahome.com/v1
 kind: RedisFailover
 metadata:
-  name: {{ .Release.Name }}-grafana-oncall
+  name: {{ .Release.Name }}-oncall
  labels:
    app.kubernetes.io/instance: {{ .Release.Name }}
    app.kubernetes.io/managed-by: {{ .Release.Service }}
@@ -46,19 +47,20 @@ spec:
      - tcp-keepalive 0
      - loglevel notice
  auth:
-    secretPath: {{ .Release.Name }}-grafana-oncall-redis-password
+    secretPath: {{ .Release.Name }}-oncall-redis-password
 ---
 apiVersion: v1
 kind: Secret
 metadata:
-  name: {{ .Release.Name }}-grafana-oncall-redis-password
+  name: {{ .Release.Name }}-oncall-redis-password
  labels:
    app.kubernetes.io/instance: {{ .Release.Name }}
    app.kubernetes.io/managed-by: {{ .Release.Service }}
 data:
-{{- $existingSecret := lookup "v1" "Secret" .Release.Namespace (printf "%s-grafana-oncall-redis-password" .Release.Name) }}
+{{- $existingSecret := lookup "v1" "Secret" .Release.Namespace (printf "%s-oncall-redis-password" .Release.Name) }}
  {{- if $existingSecret }}
  password: {{ index $existingSecret.data "password" }}
  {{- else }}
  password: {{ randAlphaNum 32 | b64enc }}
  {{- end }}
+{{- end }}
--- a/packages/apps/observability/templates/oncall/oncall-release.yaml
+++ b/packages/apps/observability/templates/oncall/oncall-release.yaml
@@ -0,0 +1,38 @@
+{{- if .Values.oncall.enabled }}
+apiVersion: helm.toolkit.fluxcd.io/v2beta1
+kind: HelmRelease
+metadata:
+  name: {{ .Release.Name }}-oncall
+  labels:
+    app.kubernetes.io/instance: {{ .Release.Name }}
+    app.kubernetes.io/managed-by: {{ .Release.Service }}
+spec:
+  chart:
+    spec:
+      chart: cozy-grafana-oncall
+      reconcileStrategy: Revision
+      sourceRef:
+        kind: HelmRepository
+        name: cozystack-extra
+        namespace: cozy-public
+      version: 0.1.0
+  interval: 1m0s
+  timeout: 5m0s
+  values:
+    oncall:
+      fullnameOverride: {{ .Release.Name }}-oncall
+      externalGrafana:
+        url: {{ .Values.url }}
+      
+      externalPostgresql:
+        host: {{ .Release.Name }}-oncall-db-rw
+        db_name: app
+        user: app
+        existingSecret: {{ .Release.Name }}-oncall-db-app
+        passwordKey: password
+      
+      externalRedis:
+        host: rfrm-{{ .Release.Name }}-oncall
+        existingSecret: {{ .Release.Name }}-oncall-redis-password
+        passwordKey: password
+{{- end }}
--- a/packages/apps/observability/templates/vm/grafana-datasource.yaml
+++ b/packages/apps/observability/templates/vm/grafana-datasource.yaml
@@ -1,5 +1,5 @@
 {{- $first := true }}
-{{- range .Values.storages }}
+{{- range .Values.metricsStorages }}
 ---
 apiVersion: grafana.integreatly.org/v1beta1
 kind: GrafanaDatasource
--- a/packages/apps/observability/templates/vm/vmcluster-scrape.yaml
+++ b/packages/apps/observability/templates/vm/vmcluster-scrape.yaml
@@ -1,4 +1,4 @@
-{{- range .Values.storages }}
+{{- range .Values.metricsStorages }}
 ---
 apiVersion: operator.victoriametrics.com/v1beta1
 kind: VMServiceScrape
--- a/packages/apps/observability/templates/vm/vmcluster.yaml
+++ b/packages/apps/observability/templates/vm/vmcluster.yaml
@@ -1,4 +1,4 @@
-{{- range .Values.storages }}
+{{- range .Values.metricsStorages }}
 ---
 apiVersion: operator.victoriametrics.com/v1beta1
 kind: VMCluster
--- a/packages/apps/observability/values.yaml
+++ b/packages/apps/observability/values.yaml
@@ -1,6 +1,6 @@
 url: "https://grafana.example.org/"

-storages:
+metricsStorages:
 - name: shortterm
  retentionPeriod: "3d"
  deduplicationInterval: "5m"
@@ -9,3 +9,6 @@ storages:
  retentionPeriod: "14d"
  deduplicationInterval: "15s"
  storage: 10Gi
+
+oncall:
+  enabled: false
--- a/packages/core/installer/images/installer.json
+++ b/packages/core/installer/images/installer.json
@@ -1,14 +1,14 @@
 {
-  "containerimage.config.digest": "sha256:395ce650726f4dc1578ea37f90c1646a37a67fbcf8a241c3abb2b7938b65574d",
+  "containerimage.config.digest": "sha256:ebdd696428a92af919a25f7c5027490ba40c81dfc171aa24017594daba0117b6",
  "containerimage.descriptor": {
    "mediaType": "application/vnd.docker.distribution.manifest.v2+json",
-    "digest": "sha256:48df6dbe544d907b020977627a0f3c7b1397eff74b4aea7c7b3b8dff6db9cf35",
+    "digest": "sha256:092089b46a3fac5eb389a2ff14553f72ea7665837e62722d23113f8cd772f1e7",
    "size": 2074,
    "platform": {
      "architecture": "amd64",
      "os": "linux"
    }
  },
-  "containerimage.digest": "sha256:48df6dbe544d907b020977627a0f3c7b1397eff74b4aea7c7b3b8dff6db9cf35",
+  "containerimage.digest": "sha256:092089b46a3fac5eb389a2ff14553f72ea7665837e62722d23113f8cd772f1e7",
  "image.name": "ghcr.io/aenix-io/cozystack/installer:latest"
 }
--- a/packages/core/installer/images/installer/Dockerfile
+++ b/packages/core/installer/images/installer/Dockerfile
@@ -7,10 +7,7 @@ COPY . /src/
 WORKDIR /src

 # Check that versions_map is not changed
-RUN make -C packages/apps check-version-map
-
-RUN make -C packages/system repo \
- && make -C packages/apps repo
+RUN make repos

 FROM alpine:3.19

@@ -20,7 +17,7 @@ RUN apk add helm kubectl --repository=https://dl-cdn.alpinelinux.org/alpine/edge
 COPY scripts /cozystack/scripts
 COPY --from=builder /src/packages/core /cozystack/packages/core
 COPY --from=builder /src/packages/system /cozystack/packages/system
-COPY --from=builder /src/packages/_out /cozystack/assets/repos
+COPY --from=builder /src/_out/repos /cozystack/assets/repos
 COPY dashboards /cozystack/assets/dashboards

 WORKDIR /cozystack
--- a/packages/core/platform/templates/helmreleases.yaml
+++ b/packages/core/platform/templates/helmreleases.yaml
@@ -3,13 +3,15 @@ kind: HelmRelease
 metadata:
  name: cilium
  namespace: cozy-cilium
+  labels:
+    cozystack.io/repository: system
 spec:
-  reconcileStrategy: Revision
  interval: 1m
  releaseName: cilium
  chart:
    spec:
      chart: cozy-cilium
+      reconcileStrategy: Revision
      sourceRef:
        kind: HelmRepository
        name: cozystack-system
@@ -20,13 +22,15 @@ kind: HelmRelease
 metadata:
  name: kubeovn
  namespace: cozy-kubeovn
+  labels:
+    cozystack.io/repository: system
 spec:
-  reconcileStrategy: Revision
  interval: 1m
  releaseName: kubeovn
  chart:
    spec:
      chart: cozy-kubeovn
+      reconcileStrategy: Revision
      sourceRef:
        kind: HelmRepository
        name: cozystack-system
@@ -44,13 +48,15 @@ kind: HelmRelease
 metadata:
  name: cozy-fluxcd
  namespace: cozy-fluxcd
+  labels:
+    cozystack.io/repository: system
 spec:
-  reconcileStrategy: Revision
  interval: 1m
  releaseName: fluxcd
  chart:
    spec:
      chart: cozy-fluxcd
+      reconcileStrategy: Revision
      sourceRef:
        kind: HelmRepository
        name: cozystack-system
@@ -66,13 +72,15 @@ kind: HelmRelease
 metadata:
  name: cert-manager
  namespace: cozy-cert-manager
+  labels:
+    cozystack.io/repository: system
 spec:
-  reconcileStrategy: Revision
  interval: 1m
  releaseName: cert-manager
  chart:
    spec:
      chart: cozy-cert-manager
+      reconcileStrategy: Revision
      sourceRef:
        kind: HelmRepository
        name: cozystack-system
@@ -88,13 +96,15 @@ kind: HelmRelease
 metadata:
  name: cert-manager-issuers
  namespace: cozy-cert-manager
+  labels:
+    cozystack.io/repository: system
 spec:
-  reconcileStrategy: Revision
  interval: 1m
  releaseName: cert-manager-issuers
  chart:
    spec:
      chart: cozy-cert-manager-issuers
+      reconcileStrategy: Revision
      sourceRef:
        kind: HelmRepository
        name: cozystack-system
@@ -112,13 +122,15 @@ kind: HelmRelease
 metadata:
  name: victoria-metrics-operator
  namespace: cozy-victoria-metrics-operator
+  labels:
+    cozystack.io/repository: system
 spec:
-  reconcileStrategy: Revision
  interval: 1m
  releaseName: victoria-metrics-operator
  chart:
    spec:
      chart: cozy-victoria-metrics-operator
+      reconcileStrategy: Revision
      sourceRef:
        kind: HelmRepository
        name: cozystack-system
@@ -136,13 +148,15 @@ kind: HelmRelease
 metadata:
  name: monitoring
  namespace: cozy-monitoring
+  labels:
+    cozystack.io/repository: system
 spec:
-  reconcileStrategy: Revision
  interval: 1m
  releaseName: monitoring
  chart:
    spec:
      chart: cozy-monitoring
+      reconcileStrategy: Revision
      sourceRef:
        kind: HelmRepository
        name: cozystack-system
@@ -164,13 +178,15 @@ kind: HelmRelease
 metadata:
  name: kubevirt-operator
  namespace: cozy-kubevirt
+  labels:
+    cozystack.io/repository: system
 spec:
-  reconcileStrategy: Revision
  interval: 1m
  releaseName: kubevirt-operator
  chart:
    spec:
      chart: cozy-kubevirt-operator
+      reconcileStrategy: Revision
      sourceRef:
        kind: HelmRepository
        name: cozystack-system
@@ -186,13 +202,15 @@ kind: HelmRelease
 metadata:
  name: kubevirt
  namespace: cozy-kubevirt
+  labels:
+    cozystack.io/repository: system
 spec:
-  reconcileStrategy: Revision
  interval: 1m
  releaseName: kubevirt
  chart:
    spec:
      chart: cozy-kubevirt
+      reconcileStrategy: Revision
      sourceRef:
        kind: HelmRepository
        name: cozystack-system
@@ -210,13 +228,15 @@ kind: HelmRelease
 metadata:
  name: kubevirt-cdi-operator
  namespace: cozy-kubevirt-cdi
+  labels:
+    cozystack.io/repository: system
 spec:
-  reconcileStrategy: Revision
  interval: 1m
  releaseName: kubevirt-cdi-operator
  chart:
    spec:
      chart: cozy-kubevirt-cdi-operator
+      reconcileStrategy: Revision
      sourceRef:
        kind: HelmRepository
        name: cozystack-system
@@ -232,13 +252,15 @@ kind: HelmRelease
 metadata:
  name: kubevirt-cdi
  namespace: cozy-kubevirt-cdi
+  labels:
+    cozystack.io/repository: system
 spec:
-  reconcileStrategy: Revision
  interval: 1m
  releaseName: kubevirt-cdi
  chart:
    spec:
      chart: cozy-kubevirt-cdi
+      reconcileStrategy: Revision
      sourceRef:
        kind: HelmRepository
        name: cozystack-system
@@ -256,13 +278,15 @@ kind: HelmRelease
 metadata:
  name: metallb
  namespace: cozy-metallb
+  labels:
+    cozystack.io/repository: system
 spec:
-  reconcileStrategy: Revision
  interval: 1m
  releaseName: metallb
  chart:
    spec:
      chart: cozy-metallb
+      reconcileStrategy: Revision
      sourceRef:
        kind: HelmRepository
        name: cozystack-system
@@ -278,13 +302,15 @@ kind: HelmRelease
 metadata:
  name: metallb-addresses
  namespace: cozy-metallb
+  labels:
+    cozystack.io/repository: system
 spec:
-  reconcileStrategy: Revision
  interval: 1m
  releaseName: metallb-addresses
  chart:
    spec:
      chart: cozy-metallb-addresses
+      reconcileStrategy: Revision
      sourceRef:
        kind: HelmRepository
        name: cozystack-system
@@ -306,13 +332,15 @@ kind: HelmRelease
 metadata:
  name: grafana-operator
  namespace: cozy-grafana-operator
+  labels:
+    cozystack.io/repository: system
 spec:
-  reconcileStrategy: Revision
  interval: 1m
  releaseName: grafana-operator
  chart:
    spec:
      chart: cozy-grafana-operator
+      reconcileStrategy: Revision
      sourceRef:
        kind: HelmRepository
        name: cozystack-system
@@ -328,13 +356,15 @@ kind: HelmRelease
 metadata:
  name: mariadb-operator
  namespace: cozy-mariadb-operator
+  labels:
+    cozystack.io/repository: system
 spec:
-  reconcileStrategy: Revision
  interval: 1m
  releaseName: mariadb-operator
  chart:
    spec:
      chart: cozy-mariadb-operator
+      reconcileStrategy: Revision
      sourceRef:
        kind: HelmRepository
        name: cozystack-system
@@ -354,13 +384,15 @@ kind: HelmRelease
 metadata:
  name: postgres-operator
  namespace: cozy-postgres-operator
+  labels:
+    cozystack.io/repository: system
 spec:
-  reconcileStrategy: Revision
  interval: 1m
  releaseName: postgres-operator
  chart:
    spec:
      chart: cozy-postgres-operator
+      reconcileStrategy: Revision
      sourceRef:
        kind: HelmRepository
        name: cozystack-system
@@ -378,13 +410,15 @@ kind: HelmRelease
 metadata:
  name: rabbitmq-operator
  namespace: cozy-rabbitmq-operator
+  labels:
+    cozystack.io/repository: system
 spec:
-  reconcileStrategy: Revision
  interval: 1m
  releaseName: rabbitmq-operator
  chart:
    spec:
      chart: cozy-rabbitmq-operator
+      reconcileStrategy: Revision
      sourceRef:
        kind: HelmRepository
        name: cozystack-system
@@ -400,13 +434,15 @@ kind: HelmRelease
 metadata:
  name: redis-operator
  namespace: cozy-redis-operator
+  labels:
+    cozystack.io/repository: system
 spec:
-  reconcileStrategy: Revision
  interval: 1m
  releaseName: redis-operator
  chart:
    spec:
      chart: cozy-redis-operator
+      reconcileStrategy: Revision
      sourceRef:
        kind: HelmRepository
        name: cozystack-system
@@ -422,13 +458,15 @@ kind: HelmRelease
 metadata:
  name: piraeus-operator
  namespace: cozy-linstor
+  labels:
+    cozystack.io/repository: system
 spec:
-  reconcileStrategy: Revision
  interval: 1m
  releaseName: piraeus-operator
  chart:
    spec:
      chart: cozy-piraeus-operator
+      reconcileStrategy: Revision
      sourceRef:
        kind: HelmRepository
        name: cozystack-system
@@ -446,13 +484,15 @@ kind: HelmRelease
 metadata:
  name: linstor
  namespace: cozy-linstor
+  labels:
+    cozystack.io/repository: system
 spec:
-  reconcileStrategy: Revision
  interval: 1m
  releaseName: linstor
  chart:
    spec:
      chart: cozy-linstor
+      reconcileStrategy: Revision
      sourceRef:
        kind: HelmRepository
        name: cozystack-system
@@ -472,13 +512,15 @@ kind: HelmRelease
 metadata:
  name: telepresence
  namespace: cozy-telepresence
+  labels:
+    cozystack.io/repository: system
 spec:
-  reconcileStrategy: Revision
  interval: 1m
  releaseName: traffic-manager
  chart:
    spec:
      chart: cozy-telepresence
+      reconcileStrategy: Revision
      sourceRef:
        kind: HelmRepository
        name: cozystack-system
@@ -494,13 +536,15 @@ kind: HelmRelease
 metadata:
  name: ingress-nginx
  namespace: cozy-ingress-nginx
+  labels:
+    cozystack.io/repository: system
 spec:
-  reconcileStrategy: Revision
  interval: 1m
  releaseName: ingress-nginx
  chart:
    spec:
      chart: cozy-ingress-nginx
+      reconcileStrategy: Revision
      sourceRef:
        kind: HelmRepository
        name: cozystack-system
@@ -518,13 +562,15 @@ kind: HelmRelease
 metadata:
  name: kubeapps
  namespace: cozy-kubeapps
+  labels:
+    cozystack.io/repository: system
 spec:
-  reconcileStrategy: Revision
  interval: 1m
  releaseName: kubeapps
  chart:
    spec:
      chart: cozy-kubeapps
+      reconcileStrategy: Revision
      sourceRef:
        kind: HelmRepository
        name: cozystack-system
@@ -540,13 +586,15 @@ kind: HelmRelease
 metadata:
  name: kamaji
  namespace: cozy-kamaji
+  labels:
+    cozystack.io/repository: system
 spec:
-  reconcileStrategy: Revision
  interval: 1m
  releaseName: kamaji
  chart:
    spec:
      chart: cozy-kamaji
+      reconcileStrategy: Revision
      sourceRef:
        kind: HelmRepository
        name: cozystack-system
@@ -562,13 +610,15 @@ kind: HelmRelease
 metadata:
  name: capi-operator
  namespace: cozy-cluster-api
+  labels:
+    cozystack.io/repository: system
 spec:
-  reconcileStrategy: Revision
  interval: 1m
  releaseName: capi-operator
  chart:
    spec:
      chart: cozy-capi-operator
+      reconcileStrategy: Revision
      sourceRef:
        kind: HelmRepository
        name: cozystack-system
@@ -584,13 +634,15 @@ kind: HelmRelease
 metadata:
  name: capi-providers
  namespace: cozy-cluster-api
+  labels:
+    cozystack.io/repository: system
 spec:
-  reconcileStrategy: Revision
  interval: 1m
  releaseName: capi-providers
  chart:
    spec:
      chart: cozy-capi-providers
+      reconcileStrategy: Revision
      sourceRef:
        kind: HelmRepository
        name: cozystack-system
--- a/packages/core/platform/templates/helmrepos.yaml
+++ b/packages/core/platform/templates/helmrepos.yaml
@@ -13,6 +13,17 @@ kind: HelmRepository
 metadata:
  name: cozystack-apps
  namespace: cozy-public
+  labels:
+    cozystack.io/ui: "true"
 spec:
  interval: 5m0s
  url: http://cozystack.cozy-system.svc/repos/apps
+---
+apiVersion: source.toolkit.fluxcd.io/v1beta2
+kind: HelmRepository
+metadata:
+  name: cozystack-extra
+  namespace: cozy-public
+spec:
+  interval: 5m0s
+  url: http://cozystack.cozy-system.svc/repos/extra
--- a/packages/extra/Makefile
+++ b/packages/extra/Makefile
@@ -0,0 +1,20 @@
+OUT=../../_out/repos/extra
+TMP=../../_out/repos/extra/historical
+
+repo:
+	rm -rf "$(OUT)"
+	mkdir -p "$(OUT)"
+	awk '$$3 != "HEAD" {print "mkdir -p $(TMP)/" $$1 "-" $$2}' versions_map | sh -ex
+	awk '$$3 != "HEAD" {print "git archive " $$3 " " $$1 " | tar -xf- --strip-components=1 -C $(TMP)/" $$1 "-" $$2 }' versions_map | sh -ex
+	helm package -d "$(OUT)" $$(find . $(TMP) -mindepth 2 -maxdepth 2 -name Chart.yaml | awk 'sub("/Chart.yaml", "")' | sort -V)
+	cd "$(OUT)" && helm repo index .
+	rm -rf "$(TMP)"
+
+fix-chartnames:
+	find . -name Chart.yaml -maxdepth 2 | awk -F/ '{print $$2}' | while read i; do sed -i "s/^name: .*/name: cozy-$$i/" "$$i/Chart.yaml"; done
+
+gen-versions-map: fix-chartnames
+	../../hack/gen_versions_map.sh
+
+check-version-map: gen-versions-map
+	git diff --exit-code -- versions_map
--- a/packages/extra/grafana-oncall/Chart.yaml
+++ b/packages/extra/grafana-oncall/Chart.yaml
@@ -0,0 +1,2 @@
+name: cozy-grafana-oncall
+version: 0.1.0
--- a/packages/extra/grafana-oncall/Makefile
+++ b/packages/extra/grafana-oncall/Makefile
@@ -0,0 +1,6 @@
+update:
+	rm -rf charts
+	helm repo add grafana https://grafana.github.io/helm-charts
+	helm repo update grafana
+	helm pull grafana/oncall --untar --untardir charts
+	rm -rf charts/oncall/charts
--- a/packages/extra/grafana-oncall/charts/oncall/.helmignore
+++ b/packages/extra/grafana-oncall/charts/oncall/.helmignore
--- a/packages/extra/grafana-oncall/charts/oncall/Chart.lock
+++ b/packages/extra/grafana-oncall/charts/oncall/Chart.lock
@@ -24,4 +24,4 @@ dependencies:
  repository: https://prometheus-community.github.io/helm-charts
  version: 25.8.2
 digest: sha256:edc9fef449a694cd319135e37ac84f8247ac9ad0c48ac86099dae4e428beb7b7
-generated: "2024-01-12T18:16:01.841174663Z"
+generated: "2024-01-26T17:54:48.132209769Z"
--- a/packages/extra/grafana-oncall/charts/oncall/Chart.yaml
+++ b/packages/extra/grafana-oncall/charts/oncall/Chart.yaml
@@ -1,5 +1,5 @@
 apiVersion: v2
-appVersion: v1.3.86
+appVersion: v1.3.94
 dependencies:
 - condition: cert-manager.enabled
  name: cert-manager
@@ -36,4 +36,4 @@ dependencies:
 description: Developer-friendly incident response with brilliant Slack integration
 name: oncall
 type: application
-version: 1.3.86
+version: 1.3.94
--- a/packages/extra/grafana-oncall/charts/oncall/README.md
+++ b/packages/extra/grafana-oncall/charts/oncall/README.md
--- a/packages/extra/grafana-oncall/charts/oncall/templates/NOTES.txt
+++ b/packages/extra/grafana-oncall/charts/oncall/templates/NOTES.txt
--- a/packages/extra/grafana-oncall/charts/oncall/templates/_env.tpl
+++ b/packages/extra/grafana-oncall/charts/oncall/templates/_env.tpl
--- a/packages/extra/grafana-oncall/charts/oncall/templates/_helpers.tpl
+++ b/packages/extra/grafana-oncall/charts/oncall/templates/_helpers.tpl
--- a/packages/extra/grafana-oncall/charts/oncall/templates/celery/_helpers.tpl
+++ b/packages/extra/grafana-oncall/charts/oncall/templates/celery/_helpers.tpl
--- a/packages/extra/grafana-oncall/charts/oncall/templates/celery/deployment.yaml
+++ b/packages/extra/grafana-oncall/charts/oncall/templates/celery/deployment.yaml
--- a/packages/extra/grafana-oncall/charts/oncall/templates/cert-issuer.yaml
+++ b/packages/extra/grafana-oncall/charts/oncall/templates/cert-issuer.yaml
--- a/packages/extra/grafana-oncall/charts/oncall/templates/engine/_helpers-engine.tpl
+++ b/packages/extra/grafana-oncall/charts/oncall/templates/engine/_helpers-engine.tpl
--- a/packages/extra/grafana-oncall/charts/oncall/templates/engine/deployment.yaml
+++ b/packages/extra/grafana-oncall/charts/oncall/templates/engine/deployment.yaml
--- a/packages/extra/grafana-oncall/charts/oncall/templates/engine/job-migrate.yaml
+++ b/packages/extra/grafana-oncall/charts/oncall/templates/engine/job-migrate.yaml
--- a/packages/extra/grafana-oncall/charts/oncall/templates/engine/service-external.yaml
+++ b/packages/extra/grafana-oncall/charts/oncall/templates/engine/service-external.yaml
--- a/packages/extra/grafana-oncall/charts/oncall/templates/engine/service-internal.yaml
+++ b/packages/extra/grafana-oncall/charts/oncall/templates/engine/service-internal.yaml
--- a/packages/extra/grafana-oncall/charts/oncall/templates/ingress-regular.yaml
+++ b/packages/extra/grafana-oncall/charts/oncall/templates/ingress-regular.yaml
--- a/packages/extra/grafana-oncall/charts/oncall/templates/integrations/_helpers.tpl
+++ b/packages/extra/grafana-oncall/charts/oncall/templates/integrations/_helpers.tpl
--- a/packages/extra/grafana-oncall/charts/oncall/templates/integrations/deployment.yaml
+++ b/packages/extra/grafana-oncall/charts/oncall/templates/integrations/deployment.yaml
--- a/packages/extra/grafana-oncall/charts/oncall/templates/integrations/service-external.yaml
+++ b/packages/extra/grafana-oncall/charts/oncall/templates/integrations/service-external.yaml
--- a/packages/extra/grafana-oncall/charts/oncall/templates/integrations/service-internal.yaml
+++ b/packages/extra/grafana-oncall/charts/oncall/templates/integrations/service-internal.yaml
--- a/packages/extra/grafana-oncall/charts/oncall/templates/secrets.yaml
+++ b/packages/extra/grafana-oncall/charts/oncall/templates/secrets.yaml
@@ -31,7 +31,7 @@ data:
  mariadb-root-password: {{ required "externalMysql.password is required if not mariadb.enabled and not externalMysql.existingSecret" .Values.externalMysql.password | b64enc | quote }}
 ---
 {{- end }}
-{{- if false }}
+{{- if and (not .Values.postgresql.enabled) (eq .Values.database.type "postgresql") (not .Values.externalPostgresql.existingSecret) }}
 apiVersion: v1
 kind: Secret
 metadata:
@@ -61,7 +61,7 @@ data:
  rabbitmq-password: {{ required "externalRabbitmq.password is required if not rabbitmq.enabled and not externalRabbitmq.existingSecret" .Values.externalRabbitmq.password | b64enc | quote }}
 ---
 {{- end }}
-{{- if false }}
+{{- if and (eq .Values.broker.type "redis") (not .Values.redis.enabled) (not .Values.externalRedis.existingSecret) }}
 apiVersion: v1
 kind: Secret
 metadata:
--- a/packages/extra/grafana-oncall/charts/oncall/templates/serviceaccount.yaml
+++ b/packages/extra/grafana-oncall/charts/oncall/templates/serviceaccount.yaml
--- a/packages/extra/grafana-oncall/charts/oncall/templates/telegram-polling/_helpers.tpl
+++ b/packages/extra/grafana-oncall/charts/oncall/templates/telegram-polling/_helpers.tpl
--- a/packages/extra/grafana-oncall/charts/oncall/templates/telegram-polling/deployment.yaml
+++ b/packages/extra/grafana-oncall/charts/oncall/templates/telegram-polling/deployment.yaml
--- a/packages/extra/grafana-oncall/charts/oncall/templates/ui/_helpers.tpl
+++ b/packages/extra/grafana-oncall/charts/oncall/templates/ui/_helpers.tpl
--- a/packages/extra/grafana-oncall/charts/oncall/templates/ui/deployment.yaml
+++ b/packages/extra/grafana-oncall/charts/oncall/templates/ui/deployment.yaml
--- a/packages/extra/grafana-oncall/charts/oncall/values.yaml
+++ b/packages/extra/grafana-oncall/charts/oncall/values.yaml
@@ -4,6 +4,7 @@
 # If you want to install grafana as a part of this release make sure to configure grafana.grafana.ini.server.domain too
 base_url: example.com
 base_url_protocol: https
+
 ## Optionally specify an array of imagePullSecrets.
 ## Secrets must be manually created in the namespace.
 ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/
@@ -11,11 +12,13 @@ base_url_protocol: https
 ## imagePullSecrets:
 ##   - name: myRegistryKeySecretName
 imagePullSecrets: []
+
 image:
  # Grafana OnCall docker image repository
  repository: grafana/oncall
  tag:
  pullPolicy: Always
+
 # Whether to create additional service for external connections
 # ClusterIP service is always created
 service:
@@ -23,19 +26,22 @@ service:
  type: LoadBalancer
  port: 8080
  annotations: {}
+
 # Engine pods configuration
 engine:
  replicaCount: 1
-  resources: {}
-  # limits:
-  #   cpu: 100m
-  #   memory: 128Mi
-  # requests:
-  #   cpu: 100m
-  #   memory: 128Mi
+  resources:
+    {}
+    # limits:
+    #   cpu: 100m
+    #   memory: 128Mi
+    # requests:
+    #   cpu: 100m
+    #   memory: 128Mi

  # Labels for engine pods
  podLabels: {}
+
  ## Deployment update strategy
  ## ref: https://kubernetes.io/docs/concepts/workloads/controllers/deployment/#strategy
  updateStrategy:
@@ -43,21 +49,27 @@ engine:
      maxSurge: 25%
      maxUnavailable: 0
    type: RollingUpdate
+
  ## Affinity for pod assignment
  ## ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#affinity-and-anti-affinity
  affinity: {}
+
  ## Node labels for pod assignment
  ## ref: https://kubernetes.io/docs/user-guide/node-selection/
  nodeSelector: {}
+
  ## Tolerations for pod assignment
  ## ref: https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/
  tolerations: []
+
  ## Topology spread constraints for pod assignment
  ## ref: https://kubernetes.io/docs/concepts/scheduling-eviction/topology-spread-constraints/
  topologySpreadConstraints: []
+
  ## Priority class for the pods
  ## ref: https://kubernetes.io/docs/concepts/scheduling-eviction/pod-priority-preemption/
  priorityClassName: ""
+
  # Extra containers which runs as sidecar
  extraContainers: ""
  # extraContainers: |
@@ -85,22 +97,25 @@ engine:
  #   configMap:
  #     name: my-redis-tls
  #     defaultMode: 0640
+
 detached_integrations_service:
  enabled: false
  type: LoadBalancer
  port: 8080
  annotations: {}
+
 # Integrations pods configuration
 detached_integrations:
  enabled: false
  replicaCount: 1
-  resources: {}
-  # limits:
-  #   cpu: 100m
-  #   memory: 128Mi
-  # requests:
-  #   cpu: 100m
-  #   memory: 128Mi
+  resources:
+    {}
+    # limits:
+    #   cpu: 100m
+    #   memory: 128Mi
+    # requests:
+    #   cpu: 100m
+    #   memory: 128Mi

  ## Deployment update strategy
  ## ref: https://kubernetes.io/docs/concepts/workloads/controllers/deployment/#strategy
@@ -109,21 +124,27 @@ detached_integrations:
      maxSurge: 25%
      maxUnavailable: 0
    type: RollingUpdate
+
  ## Affinity for pod assignment
  ## ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#affinity-and-anti-affinity
  affinity: {}
+
  ## Node labels for pod assignment
  ## ref: https://kubernetes.io/docs/user-guide/node-selection/
  nodeSelector: {}
+
  ## Tolerations for pod assignment
  ## ref: https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/
  tolerations: []
+
  ## Topology spread constraints for pod assignment
  ## ref: https://kubernetes.io/docs/concepts/scheduling-eviction/topology-spread-constraints/
  topologySpreadConstraints: []
+
  ## Priority class for the pods
  ## ref: https://kubernetes.io/docs/concepts/scheduling-eviction/pod-priority-preemption/
  priorityClassName: ""
+
  # Extra containers which runs as sidecar
  extraContainers: ""
  # extraContainers: |
@@ -151,6 +172,7 @@ detached_integrations:
  #   configMap:
  #     name: my-redis-tls
  #     defaultMode: 0640
+
 # Celery workers pods configuration
 celery:
  replicaCount: 1
@@ -169,31 +191,38 @@ celery:
    initialDelaySeconds: 30
    periodSeconds: 300
    timeoutSeconds: 10
-  resources: {}
-  # limits:
-  #   cpu: 100m
-  #   memory: 128Mi
-  # requests:
-  #   cpu: 100m
-  #   memory: 128Mi
+  resources:
+    {}
+    # limits:
+    #   cpu: 100m
+    #   memory: 128Mi
+    # requests:
+    #   cpu: 100m
+    #   memory: 128Mi

  # Labels for celery pods
  podLabels: {}
+
  ## Affinity for pod assignment
  ## ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#affinity-and-anti-affinity
  affinity: {}
+
  ## Node labels for pod assignment
  ## ref: https://kubernetes.io/docs/user-guide/node-selection/
  nodeSelector: {}
+
  ## Tolerations for pod assignment
  ## ref: https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/
  tolerations: []
+
  ## Topology spread constraints for pod assignment
  ## ref: https://kubernetes.io/docs/concepts/scheduling-eviction/topology-spread-constraints/
  topologySpreadConstraints: []
+
  ## Priority class for the pods
  ## ref: https://kubernetes.io/docs/concepts/scheduling-eviction/pod-priority-preemption/
  priorityClassName: ""
+
  # Extra containers which runs as sidecar
  extraContainers: ""
  # extraContainers: |
@@ -221,19 +250,22 @@ celery:
  #   configMap:
  #     name: my-redis-tls
  #     defaultMode: 0640
+
 # Telegram polling pod configuration
 telegramPolling:
  enabled: false
-  resources: {}
-  # limits:
-  #   cpu: 100m
-  #   memory: 128Mi
-  # requests:
-  #   cpu: 100m
-  #   memory: 128Mi
+  resources:
+    {}
+    # limits:
+    #   cpu: 100m
+    #   memory: 128Mi
+    # requests:
+    #   cpu: 100m
+    #   memory: 128Mi

  # Labels for telegram-polling pods
  podLabels: {}
+
  # Extra volume mounts for the main container
  extraVolumeMounts: []
  # - mountPath: /mnt/postgres-tls
@@ -251,11 +283,13 @@ telegramPolling:
  #   configMap:
  #     name: my-redis-tls
  #     defaultMode: 0640
+
 oncall:
  # this is intended to be used for local development. In short, it will mount the ./engine dir into
  # any backend related containers, to allow hot-reloading + also run the containers with slightly modified
  # startup commands (which configures the hot-reloading)
  devMode: false
+
  # Override default MIRAGE_CIPHER_IV (must be 16 bytes long)
  # For existing installation, this should not be changed.
  # mirageCipherIV: 1234567890abcdef
@@ -344,6 +378,7 @@ oncall:
    # Phone notifications limit (the only non-secret value).
    # TODO: rename to phoneNotificationLimit
    limitPhone:
+
 # Whether to run django database migrations automatically
 migrate:
  enabled: true
@@ -352,15 +387,19 @@ migrate:
  # use a helm hook to manage the migration job
  useHook: false
  annotations: {}
+
  ## Affinity for pod assignment
  ## ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#affinity-and-anti-affinity
  affinity: {}
+
  ## Node labels for pod assignment
  ## ref: https://kubernetes.io/docs/user-guide/node-selection/
  nodeSelector: {}
+
  ## Tolerations for pod assignment
  ## ref: https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/
  tolerations: []
+
  # Extra containers which runs as sidecar
  extraContainers: ""
  # extraContainers: |
@@ -370,13 +409,14 @@ migrate:
  #     - --private-ip
  #     - --port=5432
  #     - example:europe-west3:grafana-oncall-db
-  resources: {}
-  # limits:
-  #   cpu: 100m
-  #   memory: 128Mi
-  # requests:
-  #   cpu: 100m
-  #   memory: 128Mi
+  resources:
+    {}
+    # limits:
+    #   cpu: 100m
+    #   memory: 128Mi
+    # requests:
+    #   cpu: 100m
+    #   memory: 128Mi

  # Extra volume mounts for the main container
  extraVolumeMounts: []
@@ -395,17 +435,20 @@ migrate:
  #   configMap:
  #     name: my-redis-tls
  #     defaultMode: 0640
+
 # Sets environment variables with name capitalized and prefixed with UWSGI_,
 # and dashes are substituted with underscores.
 # see more: https://uwsgi-docs.readthedocs.io/en/latest/Configuration.html#environment-variables
 # Set null to disable all UWSGI environment variables
 uwsgi:
  listen: 1024
+
 # Additional env variables to add to deployments
 env: {}
+
 # Enable ingress object for external access to the resources
 ingress:
-  enabled: false
+  enabled: true
  #  className: ""
  annotations:
    kubernetes.io/ingress.class: "nginx"
@@ -429,12 +472,14 @@ ingress:
  #       name: ssl-redirect
  #       port:
  #         name: use-annotation
+
 # Whether to install ingress controller
 ingress-nginx:
  enabled: true
+
 # Install cert-manager as a part of the release
 cert-manager:
-  enabled: false
+  enabled: true
  # Instal CRD resources
  installCRDs: true
  webhook:
@@ -449,14 +494,16 @@ cert-manager:
    nameservers:
      - 8.8.8.8
      - 1.1.1.1
+
 database:
  # can be either mysql or postgresql
-  type: postgresql
+  type: mysql
+
 # MySQL is included into this release for the convenience.
 # It is recommended to host it separately from this release
 # Set mariadb.enabled = false and configure externalMysql
 mariadb:
-  enabled: false
+  enabled: true
  auth:
    database: oncall
    existingSecret:
@@ -472,6 +519,7 @@ mariadb:
        value: utf8mb4_unicode_ci
      - name: MARIADB_CHARACTER_SET
        value: utf8mb4
+
 # Make sure to create the database with the following parameters:
 # CREATE DATABASE oncall CHARACTER SET utf8mb4 COLLATE utf8mb4_unicode_ci;
 externalMysql:
@@ -495,6 +543,7 @@ externalMysql:
  #   ssl_ca=/mnt/mysql-tls/ca.crt
  #   ssl_cert=/mnt/mysql-tls/client.crt
  #   ssl_key=/mnt/mysql-tls/client.key
+
 # PostgreSQL is included into this release for the convenience.
 # It is recommended to host it separately from this release
 # Set postgresql.enabled = false and configure externalPostgresql
@@ -503,6 +552,7 @@ postgresql:
  auth:
    database: oncall
    existingSecret:
+
 # Make sure to create the database with the following parameters:
 # CREATE DATABASE oncall WITH ENCODING UTF8;
 externalPostgresql:
@@ -523,15 +573,18 @@ externalPostgresql:
  #   sslrootcert=/mnt/postgres-tls/ca.crt
  #   sslcert=/mnt/postgres-tls/client.crt
  #   sslkey=/mnt/postgres-tls/client.key
+
 # RabbitMQ is included into this release for the convenience.
 # It is recommended to host it separately from this release
 # Set rabbitmq.enabled = false and configure externalRabbitmq
 rabbitmq:
-  enabled: false
+  enabled: true
  auth:
    existingPasswordSecret:
+
 broker:
-  type: redis
+  type: rabbitmq
+
 externalRabbitmq:
  host:
  port:
@@ -545,12 +598,14 @@ externalRabbitmq:
  passwordKey: ""
  # The key in the secret containing the rabbitmq username
  usernameKey: username
+
 # Redis is included into this release for the convenience.
 # It is recommended to host it separately from this release
 redis:
-  enabled: false
+  enabled: true
  auth:
    existingSecret:
+
 externalRedis:
  protocol:
  host:
@@ -562,6 +617,7 @@ externalRedis:
  existingSecret:
  # The key in the secret containing the redis password
  passwordKey:
+
  # SSL options
  ssl_options:
    enabled: false
@@ -572,10 +628,11 @@ externalRedis:
    keyfile:
    # SSL verification mode: "cert_none" | "cert_optional" | "cert_required"
    cert_reqs:
+
 # Grafana is included into this release for the convenience.
 # It is recommended to host it separately from this release
 grafana:
-  enabled: false
+  enabled: true
  grafana.ini:
    server:
      domain: example.com
@@ -588,11 +645,14 @@ grafana:
    pspEnabled: false
  plugins:
    - grafana-oncall-app
+
 externalGrafana:
  # Example: https://grafana.mydomain.com
  url:
+
 nameOverride: ""
 fullnameOverride: ""
+
 serviceAccount:
  # Specifies whether a service account should be created
  create: true
@@ -601,37 +661,44 @@ serviceAccount:
  # The name of the service account to use.
  # If not set and create is true, a name is generated using the fullname template
  name: ""
+
 podAnnotations: {}
-podSecurityContext: {}
-# fsGroup: 2000

-securityContext: {}
-# capabilities:
-#   drop:
-#   - ALL
-# readOnlyRootFilesystem: true
-# runAsNonRoot: true
-# runAsGroup: 2000
-# runAsUser: 1000
+podSecurityContext:
+  {}
+  # fsGroup: 2000

-init:
-  securityContext: {}
-  # allowPrivilegeEscalation: false
+securityContext:
+  {}
  # capabilities:
  #   drop:
  #   - ALL
-  # privileged: false
  # readOnlyRootFilesystem: true
-  # runAsGroup: 2000
  # runAsNonRoot: true
+  # runAsGroup: 2000
  # runAsUser: 1000
-  resources: {}
-  # limits:
-  #   cpu: 100m
-  #   memory: 128Mi
-  # requests:
-  #   cpu: 100m
-  #   memory: 128Mi
+
+init:
+  securityContext:
+    {}
+    # allowPrivilegeEscalation: false
+    # capabilities:
+    #   drop:
+    #   - ALL
+    # privileged: false
+    # readOnlyRootFilesystem: true
+    # runAsGroup: 2000
+    # runAsNonRoot: true
+    # runAsUser: 1000
+  resources:
+    {}
+    # limits:
+    #   cpu: 100m
+    #   memory: 128Mi
+    # requests:
+    #   cpu: 100m
+    #   memory: 128Mi
+
 ui:
  # this is intended to be used for local development. In short, it will spin up an additional container
  # running the plugin frontend, such that hot reloading can be enabled
@@ -641,6 +708,7 @@ ui:
    tag: dev
  # Additional env vars for the ui container
  env: {}
+
 prometheus:
  enabled: false
  # extraScrapeConfigs: |
--- a/packages/extra/grafana-oncall/values.yaml
+++ b/packages/extra/grafana-oncall/values.yaml
@@ -0,0 +1,19 @@
+oncall:
+  database:
+    type: "postgresql"
+  broker:
+    type: "redis"
+  ingress:
+    enabled: false
+  cert-manager:
+    enabled: false
+  mariadb:
+    enabled: false
+  postgresql:
+    enabled: false
+  rabbitmq:
+    enabled: false
+  redis:
+    enabled: false
+  grafana:
+    enabled: false
--- a/packages/extra/versions_map
+++ b/packages/extra/versions_map
@@ -0,0 +1 @@
+cozy-grafana-oncall 0.1.0 HEAD
--- a/packages/system/Makefile
+++ b/packages/system/Makefile
@@ -1,4 +1,4 @@
-OUT=../_out/system
+OUT=../../_out/repos/system

 gen: fix-chartnames

--- a/scripts/installer.sh
+++ b/scripts/installer.sh
@@ -30,7 +30,7 @@ fi
 run_migrations

 # Reconcile Helm repositories
-kubectl annotate helmrepositories.source.toolkit.fluxcd.io -A --all reconcile.fluxcd.io/requestedAt=$(date +"%Y-%m-%dT%H:%M:%SZ") --overwrite
+kubectl annotate helmrepositories.source.toolkit.fluxcd.io -A -l cozystack.io/repository=system reconcile.fluxcd.io/requestedAt=$(date +"%Y-%m-%dT%H:%M:%SZ") --overwrite

 # Install platform chart
 make -C packages/core/platform apply