diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml index 6d05ad6f..9f94db8e 100644 --- a/.pre-commit-config.yaml +++ b/.pre-commit-config.yaml @@ -18,6 +18,7 @@ repos: (cd "$dir" && make generate) fi done + git diff --color=always | cat ' language: script files: ^.*$ diff --git a/Makefile b/Makefile index 99309f4e..63f61458 100644 --- a/Makefile +++ b/Makefile @@ -20,6 +20,7 @@ build: build-deps make -C packages/system/kubeovn image make -C packages/system/kubeovn-webhook image make -C packages/system/dashboard image + make -C packages/system/metallb image make -C packages/system/kamaji image make -C packages/system/bucket image make -C packages/core/testing image diff --git a/hack/e2e.sh b/hack/e2e.sh index e7c66534..46c9ba5b 100755 --- a/hack/e2e.sh +++ b/hack/e2e.sh @@ -334,8 +334,8 @@ if ! kubectl wait --timeout=2m --for=condition=ready -n tenant-root hr monitorin kubectl wait --timeout=2m --for=condition=ready -n tenant-root hr monitoring fi -kubectl patch -n tenant-root ingresses.apps.cozystack.io ingress --type=merge -p '{"spec":{ - "dashboard": true +kubectl patch -n cozy-system cm cozystack --type=merge -p '{"data":{ + "expose-services": "api,dashboard,cdi-uploadproxy,vm-exportproxy,keycloak" }}' # Wait for nginx-ingress-controller diff --git a/packages/apps/clickhouse/Chart.yaml b/packages/apps/clickhouse/Chart.yaml index 0466800b..935cf6af 100644 --- a/packages/apps/clickhouse/Chart.yaml +++ b/packages/apps/clickhouse/Chart.yaml @@ -16,7 +16,7 @@ type: application # This is the chart version. This version number should be incremented each time you make changes # to the chart and its templates, including the app version. # Versions are expected to follow Semantic Versioning (https://semver.org/) -version: 0.7.0 +version: 0.8.0 # This is the version number of the application being deployed. This version number should be # incremented each time you make changes to the application. Versions are not expected to diff --git a/packages/apps/clickhouse/templates/_resources.tpl b/packages/apps/clickhouse/templates/_resources.tpl index 7ada56d4..6539c99a 100644 --- a/packages/apps/clickhouse/templates/_resources.tpl +++ b/packages/apps/clickhouse/templates/_resources.tpl @@ -11,35 +11,34 @@ These presets are for basic testing and not meant to be used in production {{ include "resources.preset" (dict "type" "nano") -}} */}} {{- define "resources.preset" -}} -{{/* The limits are the requests increased by 50% (except ephemeral-storage and xlarge/2xlarge sizes)*/}} {{- $presets := dict "nano" (dict "requests" (dict "cpu" "100m" "memory" "128Mi" "ephemeral-storage" "50Mi") - "limits" (dict "cpu" "150m" "memory" "192Mi" "ephemeral-storage" "2Gi") + "limits" (dict "memory" "128Mi" "ephemeral-storage" "2Gi") ) "micro" (dict "requests" (dict "cpu" "250m" "memory" "256Mi" "ephemeral-storage" "50Mi") - "limits" (dict "cpu" "375m" "memory" "384Mi" "ephemeral-storage" "2Gi") + "limits" (dict "memory" "256Mi" "ephemeral-storage" "2Gi") ) "small" (dict "requests" (dict "cpu" "500m" "memory" "512Mi" "ephemeral-storage" "50Mi") - "limits" (dict "cpu" "750m" "memory" "768Mi" "ephemeral-storage" "2Gi") + "limits" (dict "memory" "512Mi" "ephemeral-storage" "2Gi") ) "medium" (dict - "requests" (dict "cpu" "500m" "memory" "1024Mi" "ephemeral-storage" "50Mi") - "limits" (dict "cpu" "750m" "memory" "1536Mi" "ephemeral-storage" "2Gi") + "requests" (dict "cpu" "500m" "memory" "1Gi" "ephemeral-storage" "50Mi") + "limits" (dict "memory" "1Gi" "ephemeral-storage" "2Gi") ) "large" (dict - "requests" (dict "cpu" "1.0" "memory" "2048Mi" "ephemeral-storage" "50Mi") - "limits" (dict "cpu" "1.5" "memory" "3072Mi" "ephemeral-storage" "2Gi") + "requests" (dict "cpu" "1" "memory" "2Gi" "ephemeral-storage" "50Mi") + "limits" (dict "memory" "2Gi" "ephemeral-storage" "2Gi") ) "xlarge" (dict - "requests" (dict "cpu" "1.0" "memory" "3072Mi" "ephemeral-storage" "50Mi") - "limits" (dict "cpu" "3.0" "memory" "6144Mi" "ephemeral-storage" "2Gi") + "requests" (dict "cpu" "2" "memory" "4Gi" "ephemeral-storage" "50Mi") + "limits" (dict "memory" "4Gi" "ephemeral-storage" "2Gi") ) "2xlarge" (dict - "requests" (dict "cpu" "1.0" "memory" "3072Mi" "ephemeral-storage" "50Mi") - "limits" (dict "cpu" "6.0" "memory" "12288Mi" "ephemeral-storage" "2Gi") + "requests" (dict "cpu" "4" "memory" "8Gi" "ephemeral-storage" "50Mi") + "limits" (dict "memory" "8Gi" "ephemeral-storage" "2Gi") ) }} {{- if hasKey $presets .type -}} diff --git a/packages/apps/ferretdb/Chart.yaml b/packages/apps/ferretdb/Chart.yaml index fa41dcbd..273d9d97 100644 --- a/packages/apps/ferretdb/Chart.yaml +++ b/packages/apps/ferretdb/Chart.yaml @@ -16,7 +16,7 @@ type: application # This is the chart version. This version number should be incremented each time you make changes # to the chart and its templates, including the app version. # Versions are expected to follow Semantic Versioning (https://semver.org/) -version: 0.5.0 +version: 0.6.0 # This is the version number of the application being deployed. This version number should be # incremented each time you make changes to the application. Versions are not expected to diff --git a/packages/apps/ferretdb/templates/_resources.tpl b/packages/apps/ferretdb/templates/_resources.tpl index 7ada56d4..6539c99a 100644 --- a/packages/apps/ferretdb/templates/_resources.tpl +++ b/packages/apps/ferretdb/templates/_resources.tpl @@ -11,35 +11,34 @@ These presets are for basic testing and not meant to be used in production {{ include "resources.preset" (dict "type" "nano") -}} */}} {{- define "resources.preset" -}} -{{/* The limits are the requests increased by 50% (except ephemeral-storage and xlarge/2xlarge sizes)*/}} {{- $presets := dict "nano" (dict "requests" (dict "cpu" "100m" "memory" "128Mi" "ephemeral-storage" "50Mi") - "limits" (dict "cpu" "150m" "memory" "192Mi" "ephemeral-storage" "2Gi") + "limits" (dict "memory" "128Mi" "ephemeral-storage" "2Gi") ) "micro" (dict "requests" (dict "cpu" "250m" "memory" "256Mi" "ephemeral-storage" "50Mi") - "limits" (dict "cpu" "375m" "memory" "384Mi" "ephemeral-storage" "2Gi") + "limits" (dict "memory" "256Mi" "ephemeral-storage" "2Gi") ) "small" (dict "requests" (dict "cpu" "500m" "memory" "512Mi" "ephemeral-storage" "50Mi") - "limits" (dict "cpu" "750m" "memory" "768Mi" "ephemeral-storage" "2Gi") + "limits" (dict "memory" "512Mi" "ephemeral-storage" "2Gi") ) "medium" (dict - "requests" (dict "cpu" "500m" "memory" "1024Mi" "ephemeral-storage" "50Mi") - "limits" (dict "cpu" "750m" "memory" "1536Mi" "ephemeral-storage" "2Gi") + "requests" (dict "cpu" "500m" "memory" "1Gi" "ephemeral-storage" "50Mi") + "limits" (dict "memory" "1Gi" "ephemeral-storage" "2Gi") ) "large" (dict - "requests" (dict "cpu" "1.0" "memory" "2048Mi" "ephemeral-storage" "50Mi") - "limits" (dict "cpu" "1.5" "memory" "3072Mi" "ephemeral-storage" "2Gi") + "requests" (dict "cpu" "1" "memory" "2Gi" "ephemeral-storage" "50Mi") + "limits" (dict "memory" "2Gi" "ephemeral-storage" "2Gi") ) "xlarge" (dict - "requests" (dict "cpu" "1.0" "memory" "3072Mi" "ephemeral-storage" "50Mi") - "limits" (dict "cpu" "3.0" "memory" "6144Mi" "ephemeral-storage" "2Gi") + "requests" (dict "cpu" "2" "memory" "4Gi" "ephemeral-storage" "50Mi") + "limits" (dict "memory" "4Gi" "ephemeral-storage" "2Gi") ) "2xlarge" (dict - "requests" (dict "cpu" "1.0" "memory" "3072Mi" "ephemeral-storage" "50Mi") - "limits" (dict "cpu" "6.0" "memory" "12288Mi" "ephemeral-storage" "2Gi") + "requests" (dict "cpu" "4" "memory" "8Gi" "ephemeral-storage" "50Mi") + "limits" (dict "memory" "8Gi" "ephemeral-storage" "2Gi") ) }} {{- if hasKey $presets .type -}} diff --git a/packages/apps/http-cache/Chart.yaml b/packages/apps/http-cache/Chart.yaml index 2224053c..151b3b42 100644 --- a/packages/apps/http-cache/Chart.yaml +++ b/packages/apps/http-cache/Chart.yaml @@ -16,7 +16,7 @@ type: application # This is the chart version. This version number should be incremented each time you make changes # to the chart and its templates, including the app version. # Versions are expected to follow Semantic Versioning (https://semver.org/) -version: 0.4.0 +version: 0.5.0 # This is the version number of the application being deployed. This version number should be # incremented each time you make changes to the application. Versions are not expected to diff --git a/packages/apps/http-cache/templates/_resources.tpl b/packages/apps/http-cache/templates/_resources.tpl index 7ada56d4..6539c99a 100644 --- a/packages/apps/http-cache/templates/_resources.tpl +++ b/packages/apps/http-cache/templates/_resources.tpl @@ -11,35 +11,34 @@ These presets are for basic testing and not meant to be used in production {{ include "resources.preset" (dict "type" "nano") -}} */}} {{- define "resources.preset" -}} -{{/* The limits are the requests increased by 50% (except ephemeral-storage and xlarge/2xlarge sizes)*/}} {{- $presets := dict "nano" (dict "requests" (dict "cpu" "100m" "memory" "128Mi" "ephemeral-storage" "50Mi") - "limits" (dict "cpu" "150m" "memory" "192Mi" "ephemeral-storage" "2Gi") + "limits" (dict "memory" "128Mi" "ephemeral-storage" "2Gi") ) "micro" (dict "requests" (dict "cpu" "250m" "memory" "256Mi" "ephemeral-storage" "50Mi") - "limits" (dict "cpu" "375m" "memory" "384Mi" "ephemeral-storage" "2Gi") + "limits" (dict "memory" "256Mi" "ephemeral-storage" "2Gi") ) "small" (dict "requests" (dict "cpu" "500m" "memory" "512Mi" "ephemeral-storage" "50Mi") - "limits" (dict "cpu" "750m" "memory" "768Mi" "ephemeral-storage" "2Gi") + "limits" (dict "memory" "512Mi" "ephemeral-storage" "2Gi") ) "medium" (dict - "requests" (dict "cpu" "500m" "memory" "1024Mi" "ephemeral-storage" "50Mi") - "limits" (dict "cpu" "750m" "memory" "1536Mi" "ephemeral-storage" "2Gi") + "requests" (dict "cpu" "500m" "memory" "1Gi" "ephemeral-storage" "50Mi") + "limits" (dict "memory" "1Gi" "ephemeral-storage" "2Gi") ) "large" (dict - "requests" (dict "cpu" "1.0" "memory" "2048Mi" "ephemeral-storage" "50Mi") - "limits" (dict "cpu" "1.5" "memory" "3072Mi" "ephemeral-storage" "2Gi") + "requests" (dict "cpu" "1" "memory" "2Gi" "ephemeral-storage" "50Mi") + "limits" (dict "memory" "2Gi" "ephemeral-storage" "2Gi") ) "xlarge" (dict - "requests" (dict "cpu" "1.0" "memory" "3072Mi" "ephemeral-storage" "50Mi") - "limits" (dict "cpu" "3.0" "memory" "6144Mi" "ephemeral-storage" "2Gi") + "requests" (dict "cpu" "2" "memory" "4Gi" "ephemeral-storage" "50Mi") + "limits" (dict "memory" "4Gi" "ephemeral-storage" "2Gi") ) "2xlarge" (dict - "requests" (dict "cpu" "1.0" "memory" "3072Mi" "ephemeral-storage" "50Mi") - "limits" (dict "cpu" "6.0" "memory" "12288Mi" "ephemeral-storage" "2Gi") + "requests" (dict "cpu" "4" "memory" "8Gi" "ephemeral-storage" "50Mi") + "limits" (dict "memory" "8Gi" "ephemeral-storage" "2Gi") ) }} {{- if hasKey $presets .type -}} diff --git a/packages/apps/kafka/Chart.yaml b/packages/apps/kafka/Chart.yaml index d4e910d4..00213f83 100644 --- a/packages/apps/kafka/Chart.yaml +++ b/packages/apps/kafka/Chart.yaml @@ -16,7 +16,7 @@ type: application # This is the chart version. This version number should be incremented each time you make changes # to the chart and its templates, including the app version. # Versions are expected to follow Semantic Versioning (https://semver.org/) -version: 0.5.0 +version: 0.6.0 # This is the version number of the application being deployed. This version number should be # incremented each time you make changes to the application. Versions are not expected to diff --git a/packages/apps/kafka/templates/_resources.tpl b/packages/apps/kafka/templates/_resources.tpl index 7ada56d4..6539c99a 100644 --- a/packages/apps/kafka/templates/_resources.tpl +++ b/packages/apps/kafka/templates/_resources.tpl @@ -11,35 +11,34 @@ These presets are for basic testing and not meant to be used in production {{ include "resources.preset" (dict "type" "nano") -}} */}} {{- define "resources.preset" -}} -{{/* The limits are the requests increased by 50% (except ephemeral-storage and xlarge/2xlarge sizes)*/}} {{- $presets := dict "nano" (dict "requests" (dict "cpu" "100m" "memory" "128Mi" "ephemeral-storage" "50Mi") - "limits" (dict "cpu" "150m" "memory" "192Mi" "ephemeral-storage" "2Gi") + "limits" (dict "memory" "128Mi" "ephemeral-storage" "2Gi") ) "micro" (dict "requests" (dict "cpu" "250m" "memory" "256Mi" "ephemeral-storage" "50Mi") - "limits" (dict "cpu" "375m" "memory" "384Mi" "ephemeral-storage" "2Gi") + "limits" (dict "memory" "256Mi" "ephemeral-storage" "2Gi") ) "small" (dict "requests" (dict "cpu" "500m" "memory" "512Mi" "ephemeral-storage" "50Mi") - "limits" (dict "cpu" "750m" "memory" "768Mi" "ephemeral-storage" "2Gi") + "limits" (dict "memory" "512Mi" "ephemeral-storage" "2Gi") ) "medium" (dict - "requests" (dict "cpu" "500m" "memory" "1024Mi" "ephemeral-storage" "50Mi") - "limits" (dict "cpu" "750m" "memory" "1536Mi" "ephemeral-storage" "2Gi") + "requests" (dict "cpu" "500m" "memory" "1Gi" "ephemeral-storage" "50Mi") + "limits" (dict "memory" "1Gi" "ephemeral-storage" "2Gi") ) "large" (dict - "requests" (dict "cpu" "1.0" "memory" "2048Mi" "ephemeral-storage" "50Mi") - "limits" (dict "cpu" "1.5" "memory" "3072Mi" "ephemeral-storage" "2Gi") + "requests" (dict "cpu" "1" "memory" "2Gi" "ephemeral-storage" "50Mi") + "limits" (dict "memory" "2Gi" "ephemeral-storage" "2Gi") ) "xlarge" (dict - "requests" (dict "cpu" "1.0" "memory" "3072Mi" "ephemeral-storage" "50Mi") - "limits" (dict "cpu" "3.0" "memory" "6144Mi" "ephemeral-storage" "2Gi") + "requests" (dict "cpu" "2" "memory" "4Gi" "ephemeral-storage" "50Mi") + "limits" (dict "memory" "4Gi" "ephemeral-storage" "2Gi") ) "2xlarge" (dict - "requests" (dict "cpu" "1.0" "memory" "3072Mi" "ephemeral-storage" "50Mi") - "limits" (dict "cpu" "6.0" "memory" "12288Mi" "ephemeral-storage" "2Gi") + "requests" (dict "cpu" "4" "memory" "8Gi" "ephemeral-storage" "50Mi") + "limits" (dict "memory" "8Gi" "ephemeral-storage" "2Gi") ) }} {{- if hasKey $presets .type -}} diff --git a/packages/apps/kubernetes/Chart.yaml b/packages/apps/kubernetes/Chart.yaml index a74f0945..47494b96 100644 --- a/packages/apps/kubernetes/Chart.yaml +++ b/packages/apps/kubernetes/Chart.yaml @@ -22,4 +22,4 @@ version: 0.20.0 # incremented each time you make changes to the application. Versions are not expected to # follow Semantic Versioning. They should reflect the version the application is using. # It is recommended to use it with quotes. -appVersion: 1.31.0 +appVersion: 1.32.4 diff --git a/packages/apps/kubernetes/templates/_resources.tpl b/packages/apps/kubernetes/templates/_resources.tpl index 7ada56d4..6539c99a 100644 --- a/packages/apps/kubernetes/templates/_resources.tpl +++ b/packages/apps/kubernetes/templates/_resources.tpl @@ -11,35 +11,34 @@ These presets are for basic testing and not meant to be used in production {{ include "resources.preset" (dict "type" "nano") -}} */}} {{- define "resources.preset" -}} -{{/* The limits are the requests increased by 50% (except ephemeral-storage and xlarge/2xlarge sizes)*/}} {{- $presets := dict "nano" (dict "requests" (dict "cpu" "100m" "memory" "128Mi" "ephemeral-storage" "50Mi") - "limits" (dict "cpu" "150m" "memory" "192Mi" "ephemeral-storage" "2Gi") + "limits" (dict "memory" "128Mi" "ephemeral-storage" "2Gi") ) "micro" (dict "requests" (dict "cpu" "250m" "memory" "256Mi" "ephemeral-storage" "50Mi") - "limits" (dict "cpu" "375m" "memory" "384Mi" "ephemeral-storage" "2Gi") + "limits" (dict "memory" "256Mi" "ephemeral-storage" "2Gi") ) "small" (dict "requests" (dict "cpu" "500m" "memory" "512Mi" "ephemeral-storage" "50Mi") - "limits" (dict "cpu" "750m" "memory" "768Mi" "ephemeral-storage" "2Gi") + "limits" (dict "memory" "512Mi" "ephemeral-storage" "2Gi") ) "medium" (dict - "requests" (dict "cpu" "500m" "memory" "1024Mi" "ephemeral-storage" "50Mi") - "limits" (dict "cpu" "750m" "memory" "1536Mi" "ephemeral-storage" "2Gi") + "requests" (dict "cpu" "500m" "memory" "1Gi" "ephemeral-storage" "50Mi") + "limits" (dict "memory" "1Gi" "ephemeral-storage" "2Gi") ) "large" (dict - "requests" (dict "cpu" "1.0" "memory" "2048Mi" "ephemeral-storage" "50Mi") - "limits" (dict "cpu" "1.5" "memory" "3072Mi" "ephemeral-storage" "2Gi") + "requests" (dict "cpu" "1" "memory" "2Gi" "ephemeral-storage" "50Mi") + "limits" (dict "memory" "2Gi" "ephemeral-storage" "2Gi") ) "xlarge" (dict - "requests" (dict "cpu" "1.0" "memory" "3072Mi" "ephemeral-storage" "50Mi") - "limits" (dict "cpu" "3.0" "memory" "6144Mi" "ephemeral-storage" "2Gi") + "requests" (dict "cpu" "2" "memory" "4Gi" "ephemeral-storage" "50Mi") + "limits" (dict "memory" "4Gi" "ephemeral-storage" "2Gi") ) "2xlarge" (dict - "requests" (dict "cpu" "1.0" "memory" "3072Mi" "ephemeral-storage" "50Mi") - "limits" (dict "cpu" "6.0" "memory" "12288Mi" "ephemeral-storage" "2Gi") + "requests" (dict "cpu" "4" "memory" "8Gi" "ephemeral-storage" "50Mi") + "limits" (dict "memory" "8Gi" "ephemeral-storage" "2Gi") ) }} {{- if hasKey $presets .type -}} diff --git a/packages/apps/kubernetes/templates/cluster.yaml b/packages/apps/kubernetes/templates/cluster.yaml index 1b2f395c..1c688419 100644 --- a/packages/apps/kubernetes/templates/cluster.yaml +++ b/packages/apps/kubernetes/templates/cluster.yaml @@ -150,14 +150,14 @@ spec: ingress: extraAnnotations: nginx.ingress.kubernetes.io/ssl-passthrough: "true" - hostname: {{ .Values.host | default (printf "%s.%s" .Release.Name $host) }} + hostname: {{ .Values.host | default (printf "%s.%s" .Release.Name $host) }}:443 className: "{{ $ingress }}" deployment: podAdditionalMetadata: labels: policy.cozystack.io/allow-to-etcd: "true" replicas: 2 - version: 1.30.1 + version: {{ $.Chart.AppVersion }} --- apiVersion: cozystack.io/v1alpha1 kind: WorkloadMonitor @@ -283,7 +283,7 @@ spec: kind: KubevirtMachineTemplate name: {{ $.Release.Name }}-{{ $groupName }}-{{ $kubevirtmachinetemplateHash }} namespace: {{ $.Release.Namespace }} - version: v1.32.3 + version: v{{ $.Chart.AppVersion }} --- apiVersion: cluster.x-k8s.io/v1beta1 kind: MachineHealthCheck diff --git a/packages/apps/mysql/Chart.yaml b/packages/apps/mysql/Chart.yaml index d8d04d0c..f9dcb7c6 100644 --- a/packages/apps/mysql/Chart.yaml +++ b/packages/apps/mysql/Chart.yaml @@ -16,7 +16,7 @@ type: application # This is the chart version. This version number should be incremented each time you make changes # to the chart and its templates, including the app version. # Versions are expected to follow Semantic Versioning (https://semver.org/) -version: 0.6.0 +version: 0.7.0 # This is the version number of the application being deployed. This version number should be # incremented each time you make changes to the application. Versions are not expected to diff --git a/packages/apps/mysql/templates/_resources.tpl b/packages/apps/mysql/templates/_resources.tpl index 7ada56d4..6539c99a 100644 --- a/packages/apps/mysql/templates/_resources.tpl +++ b/packages/apps/mysql/templates/_resources.tpl @@ -11,35 +11,34 @@ These presets are for basic testing and not meant to be used in production {{ include "resources.preset" (dict "type" "nano") -}} */}} {{- define "resources.preset" -}} -{{/* The limits are the requests increased by 50% (except ephemeral-storage and xlarge/2xlarge sizes)*/}} {{- $presets := dict "nano" (dict "requests" (dict "cpu" "100m" "memory" "128Mi" "ephemeral-storage" "50Mi") - "limits" (dict "cpu" "150m" "memory" "192Mi" "ephemeral-storage" "2Gi") + "limits" (dict "memory" "128Mi" "ephemeral-storage" "2Gi") ) "micro" (dict "requests" (dict "cpu" "250m" "memory" "256Mi" "ephemeral-storage" "50Mi") - "limits" (dict "cpu" "375m" "memory" "384Mi" "ephemeral-storage" "2Gi") + "limits" (dict "memory" "256Mi" "ephemeral-storage" "2Gi") ) "small" (dict "requests" (dict "cpu" "500m" "memory" "512Mi" "ephemeral-storage" "50Mi") - "limits" (dict "cpu" "750m" "memory" "768Mi" "ephemeral-storage" "2Gi") + "limits" (dict "memory" "512Mi" "ephemeral-storage" "2Gi") ) "medium" (dict - "requests" (dict "cpu" "500m" "memory" "1024Mi" "ephemeral-storage" "50Mi") - "limits" (dict "cpu" "750m" "memory" "1536Mi" "ephemeral-storage" "2Gi") + "requests" (dict "cpu" "500m" "memory" "1Gi" "ephemeral-storage" "50Mi") + "limits" (dict "memory" "1Gi" "ephemeral-storage" "2Gi") ) "large" (dict - "requests" (dict "cpu" "1.0" "memory" "2048Mi" "ephemeral-storage" "50Mi") - "limits" (dict "cpu" "1.5" "memory" "3072Mi" "ephemeral-storage" "2Gi") + "requests" (dict "cpu" "1" "memory" "2Gi" "ephemeral-storage" "50Mi") + "limits" (dict "memory" "2Gi" "ephemeral-storage" "2Gi") ) "xlarge" (dict - "requests" (dict "cpu" "1.0" "memory" "3072Mi" "ephemeral-storage" "50Mi") - "limits" (dict "cpu" "3.0" "memory" "6144Mi" "ephemeral-storage" "2Gi") + "requests" (dict "cpu" "2" "memory" "4Gi" "ephemeral-storage" "50Mi") + "limits" (dict "memory" "4Gi" "ephemeral-storage" "2Gi") ) "2xlarge" (dict - "requests" (dict "cpu" "1.0" "memory" "3072Mi" "ephemeral-storage" "50Mi") - "limits" (dict "cpu" "6.0" "memory" "12288Mi" "ephemeral-storage" "2Gi") + "requests" (dict "cpu" "4" "memory" "8Gi" "ephemeral-storage" "50Mi") + "limits" (dict "memory" "8Gi" "ephemeral-storage" "2Gi") ) }} {{- if hasKey $presets .type -}} diff --git a/packages/apps/nats/Chart.yaml b/packages/apps/nats/Chart.yaml index 2bae5c73..38f429fb 100644 --- a/packages/apps/nats/Chart.yaml +++ b/packages/apps/nats/Chart.yaml @@ -16,7 +16,7 @@ type: application # This is the chart version. This version number should be incremented each time you make changes # to the chart and its templates, including the app version. # Versions are expected to follow Semantic Versioning (https://semver.org/) -version: 0.5.0 +version: 0.6.0 # This is the version number of the application being deployed. This version number should be # incremented each time you make changes to the application. Versions are not expected to diff --git a/packages/apps/nats/templates/_resources.tpl b/packages/apps/nats/templates/_resources.tpl index 7ada56d4..6539c99a 100644 --- a/packages/apps/nats/templates/_resources.tpl +++ b/packages/apps/nats/templates/_resources.tpl @@ -11,35 +11,34 @@ These presets are for basic testing and not meant to be used in production {{ include "resources.preset" (dict "type" "nano") -}} */}} {{- define "resources.preset" -}} -{{/* The limits are the requests increased by 50% (except ephemeral-storage and xlarge/2xlarge sizes)*/}} {{- $presets := dict "nano" (dict "requests" (dict "cpu" "100m" "memory" "128Mi" "ephemeral-storage" "50Mi") - "limits" (dict "cpu" "150m" "memory" "192Mi" "ephemeral-storage" "2Gi") + "limits" (dict "memory" "128Mi" "ephemeral-storage" "2Gi") ) "micro" (dict "requests" (dict "cpu" "250m" "memory" "256Mi" "ephemeral-storage" "50Mi") - "limits" (dict "cpu" "375m" "memory" "384Mi" "ephemeral-storage" "2Gi") + "limits" (dict "memory" "256Mi" "ephemeral-storage" "2Gi") ) "small" (dict "requests" (dict "cpu" "500m" "memory" "512Mi" "ephemeral-storage" "50Mi") - "limits" (dict "cpu" "750m" "memory" "768Mi" "ephemeral-storage" "2Gi") + "limits" (dict "memory" "512Mi" "ephemeral-storage" "2Gi") ) "medium" (dict - "requests" (dict "cpu" "500m" "memory" "1024Mi" "ephemeral-storage" "50Mi") - "limits" (dict "cpu" "750m" "memory" "1536Mi" "ephemeral-storage" "2Gi") + "requests" (dict "cpu" "500m" "memory" "1Gi" "ephemeral-storage" "50Mi") + "limits" (dict "memory" "1Gi" "ephemeral-storage" "2Gi") ) "large" (dict - "requests" (dict "cpu" "1.0" "memory" "2048Mi" "ephemeral-storage" "50Mi") - "limits" (dict "cpu" "1.5" "memory" "3072Mi" "ephemeral-storage" "2Gi") + "requests" (dict "cpu" "1" "memory" "2Gi" "ephemeral-storage" "50Mi") + "limits" (dict "memory" "2Gi" "ephemeral-storage" "2Gi") ) "xlarge" (dict - "requests" (dict "cpu" "1.0" "memory" "3072Mi" "ephemeral-storage" "50Mi") - "limits" (dict "cpu" "3.0" "memory" "6144Mi" "ephemeral-storage" "2Gi") + "requests" (dict "cpu" "2" "memory" "4Gi" "ephemeral-storage" "50Mi") + "limits" (dict "memory" "4Gi" "ephemeral-storage" "2Gi") ) "2xlarge" (dict - "requests" (dict "cpu" "1.0" "memory" "3072Mi" "ephemeral-storage" "50Mi") - "limits" (dict "cpu" "6.0" "memory" "12288Mi" "ephemeral-storage" "2Gi") + "requests" (dict "cpu" "4" "memory" "8Gi" "ephemeral-storage" "50Mi") + "limits" (dict "memory" "8Gi" "ephemeral-storage" "2Gi") ) }} {{- if hasKey $presets .type -}} diff --git a/packages/apps/postgres/Chart.yaml b/packages/apps/postgres/Chart.yaml index 36842881..7c262043 100644 --- a/packages/apps/postgres/Chart.yaml +++ b/packages/apps/postgres/Chart.yaml @@ -16,7 +16,7 @@ type: application # This is the chart version. This version number should be incremented each time you make changes # to the chart and its templates, including the app version. # Versions are expected to follow Semantic Versioning (https://semver.org/) -version: 0.10.1 +version: 0.11.0 # This is the version number of the application being deployed. This version number should be # incremented each time you make changes to the application. Versions are not expected to diff --git a/packages/apps/postgres/templates/_resources.tpl b/packages/apps/postgres/templates/_resources.tpl index 7ada56d4..6539c99a 100644 --- a/packages/apps/postgres/templates/_resources.tpl +++ b/packages/apps/postgres/templates/_resources.tpl @@ -11,35 +11,34 @@ These presets are for basic testing and not meant to be used in production {{ include "resources.preset" (dict "type" "nano") -}} */}} {{- define "resources.preset" -}} -{{/* The limits are the requests increased by 50% (except ephemeral-storage and xlarge/2xlarge sizes)*/}} {{- $presets := dict "nano" (dict "requests" (dict "cpu" "100m" "memory" "128Mi" "ephemeral-storage" "50Mi") - "limits" (dict "cpu" "150m" "memory" "192Mi" "ephemeral-storage" "2Gi") + "limits" (dict "memory" "128Mi" "ephemeral-storage" "2Gi") ) "micro" (dict "requests" (dict "cpu" "250m" "memory" "256Mi" "ephemeral-storage" "50Mi") - "limits" (dict "cpu" "375m" "memory" "384Mi" "ephemeral-storage" "2Gi") + "limits" (dict "memory" "256Mi" "ephemeral-storage" "2Gi") ) "small" (dict "requests" (dict "cpu" "500m" "memory" "512Mi" "ephemeral-storage" "50Mi") - "limits" (dict "cpu" "750m" "memory" "768Mi" "ephemeral-storage" "2Gi") + "limits" (dict "memory" "512Mi" "ephemeral-storage" "2Gi") ) "medium" (dict - "requests" (dict "cpu" "500m" "memory" "1024Mi" "ephemeral-storage" "50Mi") - "limits" (dict "cpu" "750m" "memory" "1536Mi" "ephemeral-storage" "2Gi") + "requests" (dict "cpu" "500m" "memory" "1Gi" "ephemeral-storage" "50Mi") + "limits" (dict "memory" "1Gi" "ephemeral-storage" "2Gi") ) "large" (dict - "requests" (dict "cpu" "1.0" "memory" "2048Mi" "ephemeral-storage" "50Mi") - "limits" (dict "cpu" "1.5" "memory" "3072Mi" "ephemeral-storage" "2Gi") + "requests" (dict "cpu" "1" "memory" "2Gi" "ephemeral-storage" "50Mi") + "limits" (dict "memory" "2Gi" "ephemeral-storage" "2Gi") ) "xlarge" (dict - "requests" (dict "cpu" "1.0" "memory" "3072Mi" "ephemeral-storage" "50Mi") - "limits" (dict "cpu" "3.0" "memory" "6144Mi" "ephemeral-storage" "2Gi") + "requests" (dict "cpu" "2" "memory" "4Gi" "ephemeral-storage" "50Mi") + "limits" (dict "memory" "4Gi" "ephemeral-storage" "2Gi") ) "2xlarge" (dict - "requests" (dict "cpu" "1.0" "memory" "3072Mi" "ephemeral-storage" "50Mi") - "limits" (dict "cpu" "6.0" "memory" "12288Mi" "ephemeral-storage" "2Gi") + "requests" (dict "cpu" "4" "memory" "8Gi" "ephemeral-storage" "50Mi") + "limits" (dict "memory" "8Gi" "ephemeral-storage" "2Gi") ) }} {{- if hasKey $presets .type -}} diff --git a/packages/apps/rabbitmq/Chart.yaml b/packages/apps/rabbitmq/Chart.yaml index 2218642f..3aa54260 100644 --- a/packages/apps/rabbitmq/Chart.yaml +++ b/packages/apps/rabbitmq/Chart.yaml @@ -16,7 +16,7 @@ type: application # This is the chart version. This version number should be incremented each time you make changes # to the chart and its templates, including the app version. # Versions are expected to follow Semantic Versioning (https://semver.org/) -version: 0.5.0 +version: 0.6.0 # This is the version number of the application being deployed. This version number should be # incremented each time you make changes to the application. Versions are not expected to diff --git a/packages/apps/rabbitmq/templates/_resources.tpl b/packages/apps/rabbitmq/templates/_resources.tpl index 7ada56d4..6539c99a 100644 --- a/packages/apps/rabbitmq/templates/_resources.tpl +++ b/packages/apps/rabbitmq/templates/_resources.tpl @@ -11,35 +11,34 @@ These presets are for basic testing and not meant to be used in production {{ include "resources.preset" (dict "type" "nano") -}} */}} {{- define "resources.preset" -}} -{{/* The limits are the requests increased by 50% (except ephemeral-storage and xlarge/2xlarge sizes)*/}} {{- $presets := dict "nano" (dict "requests" (dict "cpu" "100m" "memory" "128Mi" "ephemeral-storage" "50Mi") - "limits" (dict "cpu" "150m" "memory" "192Mi" "ephemeral-storage" "2Gi") + "limits" (dict "memory" "128Mi" "ephemeral-storage" "2Gi") ) "micro" (dict "requests" (dict "cpu" "250m" "memory" "256Mi" "ephemeral-storage" "50Mi") - "limits" (dict "cpu" "375m" "memory" "384Mi" "ephemeral-storage" "2Gi") + "limits" (dict "memory" "256Mi" "ephemeral-storage" "2Gi") ) "small" (dict "requests" (dict "cpu" "500m" "memory" "512Mi" "ephemeral-storage" "50Mi") - "limits" (dict "cpu" "750m" "memory" "768Mi" "ephemeral-storage" "2Gi") + "limits" (dict "memory" "512Mi" "ephemeral-storage" "2Gi") ) "medium" (dict - "requests" (dict "cpu" "500m" "memory" "1024Mi" "ephemeral-storage" "50Mi") - "limits" (dict "cpu" "750m" "memory" "1536Mi" "ephemeral-storage" "2Gi") + "requests" (dict "cpu" "500m" "memory" "1Gi" "ephemeral-storage" "50Mi") + "limits" (dict "memory" "1Gi" "ephemeral-storage" "2Gi") ) "large" (dict - "requests" (dict "cpu" "1.0" "memory" "2048Mi" "ephemeral-storage" "50Mi") - "limits" (dict "cpu" "1.5" "memory" "3072Mi" "ephemeral-storage" "2Gi") + "requests" (dict "cpu" "1" "memory" "2Gi" "ephemeral-storage" "50Mi") + "limits" (dict "memory" "2Gi" "ephemeral-storage" "2Gi") ) "xlarge" (dict - "requests" (dict "cpu" "1.0" "memory" "3072Mi" "ephemeral-storage" "50Mi") - "limits" (dict "cpu" "3.0" "memory" "6144Mi" "ephemeral-storage" "2Gi") + "requests" (dict "cpu" "2" "memory" "4Gi" "ephemeral-storage" "50Mi") + "limits" (dict "memory" "4Gi" "ephemeral-storage" "2Gi") ) "2xlarge" (dict - "requests" (dict "cpu" "1.0" "memory" "3072Mi" "ephemeral-storage" "50Mi") - "limits" (dict "cpu" "6.0" "memory" "12288Mi" "ephemeral-storage" "2Gi") + "requests" (dict "cpu" "4" "memory" "8Gi" "ephemeral-storage" "50Mi") + "limits" (dict "memory" "8Gi" "ephemeral-storage" "2Gi") ) }} {{- if hasKey $presets .type -}} diff --git a/packages/apps/redis/Chart.yaml b/packages/apps/redis/Chart.yaml index 07556e67..2a07e2c0 100644 --- a/packages/apps/redis/Chart.yaml +++ b/packages/apps/redis/Chart.yaml @@ -16,7 +16,7 @@ type: application # This is the chart version. This version number should be incremented each time you make changes # to the chart and its templates, including the app version. # Versions are expected to follow Semantic Versioning (https://semver.org/) -version: 0.6.0 +version: 0.7.0 # This is the version number of the application being deployed. This version number should be # incremented each time you make changes to the application. Versions are not expected to diff --git a/packages/apps/redis/templates/_resources.tpl b/packages/apps/redis/templates/_resources.tpl index 7ada56d4..6539c99a 100644 --- a/packages/apps/redis/templates/_resources.tpl +++ b/packages/apps/redis/templates/_resources.tpl @@ -11,35 +11,34 @@ These presets are for basic testing and not meant to be used in production {{ include "resources.preset" (dict "type" "nano") -}} */}} {{- define "resources.preset" -}} -{{/* The limits are the requests increased by 50% (except ephemeral-storage and xlarge/2xlarge sizes)*/}} {{- $presets := dict "nano" (dict "requests" (dict "cpu" "100m" "memory" "128Mi" "ephemeral-storage" "50Mi") - "limits" (dict "cpu" "150m" "memory" "192Mi" "ephemeral-storage" "2Gi") + "limits" (dict "memory" "128Mi" "ephemeral-storage" "2Gi") ) "micro" (dict "requests" (dict "cpu" "250m" "memory" "256Mi" "ephemeral-storage" "50Mi") - "limits" (dict "cpu" "375m" "memory" "384Mi" "ephemeral-storage" "2Gi") + "limits" (dict "memory" "256Mi" "ephemeral-storage" "2Gi") ) "small" (dict "requests" (dict "cpu" "500m" "memory" "512Mi" "ephemeral-storage" "50Mi") - "limits" (dict "cpu" "750m" "memory" "768Mi" "ephemeral-storage" "2Gi") + "limits" (dict "memory" "512Mi" "ephemeral-storage" "2Gi") ) "medium" (dict - "requests" (dict "cpu" "500m" "memory" "1024Mi" "ephemeral-storage" "50Mi") - "limits" (dict "cpu" "750m" "memory" "1536Mi" "ephemeral-storage" "2Gi") + "requests" (dict "cpu" "500m" "memory" "1Gi" "ephemeral-storage" "50Mi") + "limits" (dict "memory" "1Gi" "ephemeral-storage" "2Gi") ) "large" (dict - "requests" (dict "cpu" "1.0" "memory" "2048Mi" "ephemeral-storage" "50Mi") - "limits" (dict "cpu" "1.5" "memory" "3072Mi" "ephemeral-storage" "2Gi") + "requests" (dict "cpu" "1" "memory" "2Gi" "ephemeral-storage" "50Mi") + "limits" (dict "memory" "2Gi" "ephemeral-storage" "2Gi") ) "xlarge" (dict - "requests" (dict "cpu" "1.0" "memory" "3072Mi" "ephemeral-storage" "50Mi") - "limits" (dict "cpu" "3.0" "memory" "6144Mi" "ephemeral-storage" "2Gi") + "requests" (dict "cpu" "2" "memory" "4Gi" "ephemeral-storage" "50Mi") + "limits" (dict "memory" "4Gi" "ephemeral-storage" "2Gi") ) "2xlarge" (dict - "requests" (dict "cpu" "1.0" "memory" "3072Mi" "ephemeral-storage" "50Mi") - "limits" (dict "cpu" "6.0" "memory" "12288Mi" "ephemeral-storage" "2Gi") + "requests" (dict "cpu" "4" "memory" "8Gi" "ephemeral-storage" "50Mi") + "limits" (dict "memory" "8Gi" "ephemeral-storage" "2Gi") ) }} {{- if hasKey $presets .type -}} diff --git a/packages/apps/tcp-balancer/Chart.yaml b/packages/apps/tcp-balancer/Chart.yaml index 9d701dcd..5955c5be 100644 --- a/packages/apps/tcp-balancer/Chart.yaml +++ b/packages/apps/tcp-balancer/Chart.yaml @@ -16,7 +16,7 @@ type: application # This is the chart version. This version number should be incremented each time you make changes # to the chart and its templates, including the app version. # Versions are expected to follow Semantic Versioning (https://semver.org/) -version: 0.3.0 +version: 0.4.0 # This is the version number of the application being deployed. This version number should be # incremented each time you make changes to the application. Versions are not expected to diff --git a/packages/apps/tcp-balancer/templates/_resources.tpl b/packages/apps/tcp-balancer/templates/_resources.tpl index 7ada56d4..6539c99a 100644 --- a/packages/apps/tcp-balancer/templates/_resources.tpl +++ b/packages/apps/tcp-balancer/templates/_resources.tpl @@ -11,35 +11,34 @@ These presets are for basic testing and not meant to be used in production {{ include "resources.preset" (dict "type" "nano") -}} */}} {{- define "resources.preset" -}} -{{/* The limits are the requests increased by 50% (except ephemeral-storage and xlarge/2xlarge sizes)*/}} {{- $presets := dict "nano" (dict "requests" (dict "cpu" "100m" "memory" "128Mi" "ephemeral-storage" "50Mi") - "limits" (dict "cpu" "150m" "memory" "192Mi" "ephemeral-storage" "2Gi") + "limits" (dict "memory" "128Mi" "ephemeral-storage" "2Gi") ) "micro" (dict "requests" (dict "cpu" "250m" "memory" "256Mi" "ephemeral-storage" "50Mi") - "limits" (dict "cpu" "375m" "memory" "384Mi" "ephemeral-storage" "2Gi") + "limits" (dict "memory" "256Mi" "ephemeral-storage" "2Gi") ) "small" (dict "requests" (dict "cpu" "500m" "memory" "512Mi" "ephemeral-storage" "50Mi") - "limits" (dict "cpu" "750m" "memory" "768Mi" "ephemeral-storage" "2Gi") + "limits" (dict "memory" "512Mi" "ephemeral-storage" "2Gi") ) "medium" (dict - "requests" (dict "cpu" "500m" "memory" "1024Mi" "ephemeral-storage" "50Mi") - "limits" (dict "cpu" "750m" "memory" "1536Mi" "ephemeral-storage" "2Gi") + "requests" (dict "cpu" "500m" "memory" "1Gi" "ephemeral-storage" "50Mi") + "limits" (dict "memory" "1Gi" "ephemeral-storage" "2Gi") ) "large" (dict - "requests" (dict "cpu" "1.0" "memory" "2048Mi" "ephemeral-storage" "50Mi") - "limits" (dict "cpu" "1.5" "memory" "3072Mi" "ephemeral-storage" "2Gi") + "requests" (dict "cpu" "1" "memory" "2Gi" "ephemeral-storage" "50Mi") + "limits" (dict "memory" "2Gi" "ephemeral-storage" "2Gi") ) "xlarge" (dict - "requests" (dict "cpu" "1.0" "memory" "3072Mi" "ephemeral-storage" "50Mi") - "limits" (dict "cpu" "3.0" "memory" "6144Mi" "ephemeral-storage" "2Gi") + "requests" (dict "cpu" "2" "memory" "4Gi" "ephemeral-storage" "50Mi") + "limits" (dict "memory" "4Gi" "ephemeral-storage" "2Gi") ) "2xlarge" (dict - "requests" (dict "cpu" "1.0" "memory" "3072Mi" "ephemeral-storage" "50Mi") - "limits" (dict "cpu" "6.0" "memory" "12288Mi" "ephemeral-storage" "2Gi") + "requests" (dict "cpu" "4" "memory" "8Gi" "ephemeral-storage" "50Mi") + "limits" (dict "memory" "8Gi" "ephemeral-storage" "2Gi") ) }} {{- if hasKey $presets .type -}} diff --git a/packages/apps/versions_map b/packages/apps/versions_map index b7c09ab7..89d9990d 100644 --- a/packages/apps/versions_map +++ b/packages/apps/versions_map @@ -8,7 +8,8 @@ clickhouse 0.5.0 0f312d5c clickhouse 0.6.0 1ec10165 clickhouse 0.6.1 c62a83a7 clickhouse 0.6.2 8267072d -clickhouse 0.7.0 HEAD +clickhouse 0.7.0 93bdf411 +clickhouse 0.8.0 HEAD ferretdb 0.1.0 e9716091 ferretdb 0.1.1 91b0499a ferretdb 0.2.0 6c5cf5bf @@ -16,12 +17,14 @@ ferretdb 0.3.0 b8e33d19 ferretdb 0.4.0 b40e1b09 ferretdb 0.4.1 1ec10165 ferretdb 0.4.2 8267072d -ferretdb 0.5.0 HEAD +ferretdb 0.5.0 93bdf411 +ferretdb 0.6.0 HEAD http-cache 0.1.0 263e47be http-cache 0.2.0 53f2365e http-cache 0.3.0 6c5cf5bf http-cache 0.3.1 0f312d5c -http-cache 0.4.0 HEAD +http-cache 0.4.0 93bdf411 +http-cache 0.5.0 HEAD kafka 0.1.0 f7eaab0a kafka 0.2.0 c0685f43 kafka 0.2.1 dfbc210b @@ -32,7 +35,8 @@ kafka 0.3.1 c62a83a7 kafka 0.3.2 93c46161 kafka 0.3.3 8267072d kafka 0.4.0 85ec09b8 -kafka 0.5.0 HEAD +kafka 0.5.0 93bdf411 +kafka 0.6.0 HEAD kubernetes 0.1.0 263e47be kubernetes 0.2.0 53f2365e kubernetes 0.3.0 007d414f @@ -69,14 +73,16 @@ mysql 0.5.0 b40e1b09 mysql 0.5.1 0f312d5c mysql 0.5.2 1ec10165 mysql 0.5.3 8267072d -mysql 0.6.0 HEAD +mysql 0.6.0 93bdf411 +mysql 0.7.0 HEAD nats 0.1.0 e9716091 nats 0.2.0 6c5cf5bf nats 0.3.0 78366f19 nats 0.3.1 c62a83a7 nats 0.4.0 898374b5 nats 0.4.1 8267072d -nats 0.5.0 HEAD +nats 0.5.0 93bdf411 +nats 0.6.0 HEAD postgres 0.1.0 263e47be postgres 0.2.0 53f2365e postgres 0.2.1 d7cfa53c @@ -91,7 +97,8 @@ postgres 0.7.1 1ec10165 postgres 0.8.0 4e68e65c postgres 0.9.0 8267072d postgres 0.10.0 721c12a7 -postgres 0.10.1 HEAD +postgres 0.10.1 93bdf411 +postgres 0.11.0 HEAD rabbitmq 0.1.0 263e47be rabbitmq 0.2.0 53f2365e rabbitmq 0.3.0 6c5cf5bf @@ -100,17 +107,20 @@ rabbitmq 0.4.1 1128d0cb rabbitmq 0.4.2 4b90bf5a rabbitmq 0.4.3 1ec10165 rabbitmq 0.4.4 8267072d -rabbitmq 0.5.0 HEAD +rabbitmq 0.5.0 93bdf411 +rabbitmq 0.6.0 HEAD redis 0.1.1 263e47be redis 0.2.0 53f2365e redis 0.3.0 6c5cf5bf redis 0.3.1 c62a83a7 redis 0.4.0 84f3ccc0 redis 0.5.0 4e68e65c -redis 0.6.0 HEAD +redis 0.6.0 93bdf411 +redis 0.7.0 HEAD tcp-balancer 0.1.0 263e47be tcp-balancer 0.2.0 53f2365e -tcp-balancer 0.3.0 HEAD +tcp-balancer 0.3.0 93bdf411 +tcp-balancer 0.4.0 HEAD tenant 0.1.4 afc997ef tenant 0.1.5 e3ab858a tenant 1.0.0 263e47be @@ -163,4 +173,5 @@ vpn 0.1.0 263e47be vpn 0.2.0 53f2365e vpn 0.3.0 6c5cf5bf vpn 0.3.1 1ec10165 -vpn 0.4.0 HEAD +vpn 0.4.0 93bdf411 +vpn 0.5.0 HEAD diff --git a/packages/apps/vpn/Chart.yaml b/packages/apps/vpn/Chart.yaml index c82e77dd..4382233a 100644 --- a/packages/apps/vpn/Chart.yaml +++ b/packages/apps/vpn/Chart.yaml @@ -16,7 +16,7 @@ type: application # This is the chart version. This version number should be incremented each time you make changes # to the chart and its templates, including the app version. # Versions are expected to follow Semantic Versioning (https://semver.org/) -version: 0.4.0 +version: 0.5.0 # This is the version number of the application being deployed. This version number should be # incremented each time you make changes to the application. Versions are not expected to diff --git a/packages/apps/vpn/templates/_resources.tpl b/packages/apps/vpn/templates/_resources.tpl index 7ada56d4..6539c99a 100644 --- a/packages/apps/vpn/templates/_resources.tpl +++ b/packages/apps/vpn/templates/_resources.tpl @@ -11,35 +11,34 @@ These presets are for basic testing and not meant to be used in production {{ include "resources.preset" (dict "type" "nano") -}} */}} {{- define "resources.preset" -}} -{{/* The limits are the requests increased by 50% (except ephemeral-storage and xlarge/2xlarge sizes)*/}} {{- $presets := dict "nano" (dict "requests" (dict "cpu" "100m" "memory" "128Mi" "ephemeral-storage" "50Mi") - "limits" (dict "cpu" "150m" "memory" "192Mi" "ephemeral-storage" "2Gi") + "limits" (dict "memory" "128Mi" "ephemeral-storage" "2Gi") ) "micro" (dict "requests" (dict "cpu" "250m" "memory" "256Mi" "ephemeral-storage" "50Mi") - "limits" (dict "cpu" "375m" "memory" "384Mi" "ephemeral-storage" "2Gi") + "limits" (dict "memory" "256Mi" "ephemeral-storage" "2Gi") ) "small" (dict "requests" (dict "cpu" "500m" "memory" "512Mi" "ephemeral-storage" "50Mi") - "limits" (dict "cpu" "750m" "memory" "768Mi" "ephemeral-storage" "2Gi") + "limits" (dict "memory" "512Mi" "ephemeral-storage" "2Gi") ) "medium" (dict - "requests" (dict "cpu" "500m" "memory" "1024Mi" "ephemeral-storage" "50Mi") - "limits" (dict "cpu" "750m" "memory" "1536Mi" "ephemeral-storage" "2Gi") + "requests" (dict "cpu" "500m" "memory" "1Gi" "ephemeral-storage" "50Mi") + "limits" (dict "memory" "1Gi" "ephemeral-storage" "2Gi") ) "large" (dict - "requests" (dict "cpu" "1.0" "memory" "2048Mi" "ephemeral-storage" "50Mi") - "limits" (dict "cpu" "1.5" "memory" "3072Mi" "ephemeral-storage" "2Gi") + "requests" (dict "cpu" "1" "memory" "2Gi" "ephemeral-storage" "50Mi") + "limits" (dict "memory" "2Gi" "ephemeral-storage" "2Gi") ) "xlarge" (dict - "requests" (dict "cpu" "1.0" "memory" "3072Mi" "ephemeral-storage" "50Mi") - "limits" (dict "cpu" "3.0" "memory" "6144Mi" "ephemeral-storage" "2Gi") + "requests" (dict "cpu" "2" "memory" "4Gi" "ephemeral-storage" "50Mi") + "limits" (dict "memory" "4Gi" "ephemeral-storage" "2Gi") ) "2xlarge" (dict - "requests" (dict "cpu" "1.0" "memory" "3072Mi" "ephemeral-storage" "50Mi") - "limits" (dict "cpu" "6.0" "memory" "12288Mi" "ephemeral-storage" "2Gi") + "requests" (dict "cpu" "4" "memory" "8Gi" "ephemeral-storage" "50Mi") + "limits" (dict "memory" "8Gi" "ephemeral-storage" "2Gi") ) }} {{- if hasKey $presets .type -}} diff --git a/packages/core/installer/images/talos/profiles/initramfs.yaml b/packages/core/installer/images/talos/profiles/initramfs.yaml index af5f34cc..2898ed61 100644 --- a/packages/core/installer/images/talos/profiles/initramfs.yaml +++ b/packages/core/installer/images/talos/profiles/initramfs.yaml @@ -3,24 +3,24 @@ arch: amd64 platform: metal secureboot: false -version: v1.9.5 +version: v1.10.1 input: kernel: path: /usr/install/amd64/vmlinuz initramfs: path: /usr/install/amd64/initramfs.xz baseInstaller: - imageRef: ghcr.io/siderolabs/installer:v1.9.5 + imageRef: ghcr.io/siderolabs/installer:v1.10.1 systemExtensions: - - imageRef: ghcr.io/siderolabs/amd-ucode:20250311 + - imageRef: ghcr.io/siderolabs/amd-ucode:20250410 - imageRef: ghcr.io/siderolabs/amdgpu-firmware:20241110 - - imageRef: ghcr.io/siderolabs/bnx2-bnx2x:20250311 + - imageRef: ghcr.io/siderolabs/bnx2-bnx2x:20250410 - imageRef: ghcr.io/siderolabs/i915-ucode:20241110 - - imageRef: ghcr.io/siderolabs/intel-ice-firmware:20250311 + - imageRef: ghcr.io/siderolabs/intel-ice-firmware:20250410 - imageRef: ghcr.io/siderolabs/intel-ucode:20250211 - - imageRef: ghcr.io/siderolabs/qlogic-firmware:20250311 - - imageRef: ghcr.io/siderolabs/drbd:9.2.12-v1.9.5 - - imageRef: ghcr.io/siderolabs/zfs:2.2.7-v1.9.5 + - imageRef: ghcr.io/siderolabs/qlogic-firmware:20250410 + - imageRef: ghcr.io/siderolabs/drbd:9.2.13-v1.10.1 + - imageRef: ghcr.io/siderolabs/zfs:2.3.1-v1.10.1 output: kind: initramfs imageOptions: {} diff --git a/packages/core/installer/images/talos/profiles/installer.yaml b/packages/core/installer/images/talos/profiles/installer.yaml index b717ba3e..594c1e09 100644 --- a/packages/core/installer/images/talos/profiles/installer.yaml +++ b/packages/core/installer/images/talos/profiles/installer.yaml @@ -3,24 +3,24 @@ arch: amd64 platform: metal secureboot: false -version: v1.9.5 +version: v1.10.1 input: kernel: path: /usr/install/amd64/vmlinuz initramfs: path: /usr/install/amd64/initramfs.xz baseInstaller: - imageRef: ghcr.io/siderolabs/installer:v1.9.5 + imageRef: ghcr.io/siderolabs/installer:v1.10.1 systemExtensions: - - imageRef: ghcr.io/siderolabs/amd-ucode:20250311 + - imageRef: ghcr.io/siderolabs/amd-ucode:20250410 - imageRef: ghcr.io/siderolabs/amdgpu-firmware:20241110 - - imageRef: ghcr.io/siderolabs/bnx2-bnx2x:20250311 + - imageRef: ghcr.io/siderolabs/bnx2-bnx2x:20250410 - imageRef: ghcr.io/siderolabs/i915-ucode:20241110 - - imageRef: ghcr.io/siderolabs/intel-ice-firmware:20250311 + - imageRef: ghcr.io/siderolabs/intel-ice-firmware:20250410 - imageRef: ghcr.io/siderolabs/intel-ucode:20250211 - - imageRef: ghcr.io/siderolabs/qlogic-firmware:20250311 - - imageRef: ghcr.io/siderolabs/drbd:9.2.12-v1.9.5 - - imageRef: ghcr.io/siderolabs/zfs:2.2.7-v1.9.5 + - imageRef: ghcr.io/siderolabs/qlogic-firmware:20250410 + - imageRef: ghcr.io/siderolabs/drbd:9.2.13-v1.10.1 + - imageRef: ghcr.io/siderolabs/zfs:2.3.1-v1.10.1 output: kind: installer imageOptions: {} diff --git a/packages/core/installer/images/talos/profiles/iso.yaml b/packages/core/installer/images/talos/profiles/iso.yaml index c10d43c6..5a416e99 100644 --- a/packages/core/installer/images/talos/profiles/iso.yaml +++ b/packages/core/installer/images/talos/profiles/iso.yaml @@ -3,24 +3,24 @@ arch: amd64 platform: metal secureboot: false -version: v1.9.5 +version: v1.10.1 input: kernel: path: /usr/install/amd64/vmlinuz initramfs: path: /usr/install/amd64/initramfs.xz baseInstaller: - imageRef: ghcr.io/siderolabs/installer:v1.9.5 + imageRef: ghcr.io/siderolabs/installer:v1.10.1 systemExtensions: - - imageRef: ghcr.io/siderolabs/amd-ucode:20250311 + - imageRef: ghcr.io/siderolabs/amd-ucode:20250410 - imageRef: ghcr.io/siderolabs/amdgpu-firmware:20241110 - - imageRef: ghcr.io/siderolabs/bnx2-bnx2x:20250311 + - imageRef: ghcr.io/siderolabs/bnx2-bnx2x:20250410 - imageRef: ghcr.io/siderolabs/i915-ucode:20241110 - - imageRef: ghcr.io/siderolabs/intel-ice-firmware:20250311 + - imageRef: ghcr.io/siderolabs/intel-ice-firmware:20250410 - imageRef: ghcr.io/siderolabs/intel-ucode:20250211 - - imageRef: ghcr.io/siderolabs/qlogic-firmware:20250311 - - imageRef: ghcr.io/siderolabs/drbd:9.2.12-v1.9.5 - - imageRef: ghcr.io/siderolabs/zfs:2.2.7-v1.9.5 + - imageRef: ghcr.io/siderolabs/qlogic-firmware:20250410 + - imageRef: ghcr.io/siderolabs/drbd:9.2.13-v1.10.1 + - imageRef: ghcr.io/siderolabs/zfs:2.3.1-v1.10.1 output: kind: iso imageOptions: {} diff --git a/packages/core/installer/images/talos/profiles/kernel.yaml b/packages/core/installer/images/talos/profiles/kernel.yaml index 462aaaac..14f00f8b 100644 --- a/packages/core/installer/images/talos/profiles/kernel.yaml +++ b/packages/core/installer/images/talos/profiles/kernel.yaml @@ -3,24 +3,24 @@ arch: amd64 platform: metal secureboot: false -version: v1.9.5 +version: v1.10.1 input: kernel: path: /usr/install/amd64/vmlinuz initramfs: path: /usr/install/amd64/initramfs.xz baseInstaller: - imageRef: ghcr.io/siderolabs/installer:v1.9.5 + imageRef: ghcr.io/siderolabs/installer:v1.10.1 systemExtensions: - - imageRef: ghcr.io/siderolabs/amd-ucode:20250311 + - imageRef: ghcr.io/siderolabs/amd-ucode:20250410 - imageRef: ghcr.io/siderolabs/amdgpu-firmware:20241110 - - imageRef: ghcr.io/siderolabs/bnx2-bnx2x:20250311 + - imageRef: ghcr.io/siderolabs/bnx2-bnx2x:20250410 - imageRef: ghcr.io/siderolabs/i915-ucode:20241110 - - imageRef: ghcr.io/siderolabs/intel-ice-firmware:20250311 + - imageRef: ghcr.io/siderolabs/intel-ice-firmware:20250410 - imageRef: ghcr.io/siderolabs/intel-ucode:20250211 - - imageRef: ghcr.io/siderolabs/qlogic-firmware:20250311 - - imageRef: ghcr.io/siderolabs/drbd:9.2.12-v1.9.5 - - imageRef: ghcr.io/siderolabs/zfs:2.2.7-v1.9.5 + - imageRef: ghcr.io/siderolabs/qlogic-firmware:20250410 + - imageRef: ghcr.io/siderolabs/drbd:9.2.13-v1.10.1 + - imageRef: ghcr.io/siderolabs/zfs:2.3.1-v1.10.1 output: kind: kernel imageOptions: {} diff --git a/packages/core/installer/images/talos/profiles/metal.yaml b/packages/core/installer/images/talos/profiles/metal.yaml index e3f5a8e9..e559318a 100644 --- a/packages/core/installer/images/talos/profiles/metal.yaml +++ b/packages/core/installer/images/talos/profiles/metal.yaml @@ -3,24 +3,24 @@ arch: amd64 platform: metal secureboot: false -version: v1.9.5 +version: v1.10.1 input: kernel: path: /usr/install/amd64/vmlinuz initramfs: path: /usr/install/amd64/initramfs.xz baseInstaller: - imageRef: ghcr.io/siderolabs/installer:v1.9.5 + imageRef: ghcr.io/siderolabs/installer:v1.10.1 systemExtensions: - - imageRef: ghcr.io/siderolabs/amd-ucode:20250311 + - imageRef: ghcr.io/siderolabs/amd-ucode:20250410 - imageRef: ghcr.io/siderolabs/amdgpu-firmware:20241110 - - imageRef: ghcr.io/siderolabs/bnx2-bnx2x:20250311 + - imageRef: ghcr.io/siderolabs/bnx2-bnx2x:20250410 - imageRef: ghcr.io/siderolabs/i915-ucode:20241110 - - imageRef: ghcr.io/siderolabs/intel-ice-firmware:20250311 + - imageRef: ghcr.io/siderolabs/intel-ice-firmware:20250410 - imageRef: ghcr.io/siderolabs/intel-ucode:20250211 - - imageRef: ghcr.io/siderolabs/qlogic-firmware:20250311 - - imageRef: ghcr.io/siderolabs/drbd:9.2.12-v1.9.5 - - imageRef: ghcr.io/siderolabs/zfs:2.2.7-v1.9.5 + - imageRef: ghcr.io/siderolabs/qlogic-firmware:20250410 + - imageRef: ghcr.io/siderolabs/drbd:9.2.13-v1.10.1 + - imageRef: ghcr.io/siderolabs/zfs:2.3.1-v1.10.1 output: kind: image imageOptions: { diskSize: 1306525696, diskFormat: raw } diff --git a/packages/core/installer/images/talos/profiles/nocloud.yaml b/packages/core/installer/images/talos/profiles/nocloud.yaml index e781edc1..dab8ea38 100644 --- a/packages/core/installer/images/talos/profiles/nocloud.yaml +++ b/packages/core/installer/images/talos/profiles/nocloud.yaml @@ -3,24 +3,24 @@ arch: amd64 platform: nocloud secureboot: false -version: v1.9.5 +version: v1.10.1 input: kernel: path: /usr/install/amd64/vmlinuz initramfs: path: /usr/install/amd64/initramfs.xz baseInstaller: - imageRef: ghcr.io/siderolabs/installer:v1.9.5 + imageRef: ghcr.io/siderolabs/installer:v1.10.1 systemExtensions: - - imageRef: ghcr.io/siderolabs/amd-ucode:20250311 + - imageRef: ghcr.io/siderolabs/amd-ucode:20250410 - imageRef: ghcr.io/siderolabs/amdgpu-firmware:20241110 - - imageRef: ghcr.io/siderolabs/bnx2-bnx2x:20250311 + - imageRef: ghcr.io/siderolabs/bnx2-bnx2x:20250410 - imageRef: ghcr.io/siderolabs/i915-ucode:20241110 - - imageRef: ghcr.io/siderolabs/intel-ice-firmware:20250311 + - imageRef: ghcr.io/siderolabs/intel-ice-firmware:20250410 - imageRef: ghcr.io/siderolabs/intel-ucode:20250211 - - imageRef: ghcr.io/siderolabs/qlogic-firmware:20250311 - - imageRef: ghcr.io/siderolabs/drbd:9.2.12-v1.9.5 - - imageRef: ghcr.io/siderolabs/zfs:2.2.7-v1.9.5 + - imageRef: ghcr.io/siderolabs/qlogic-firmware:20250410 + - imageRef: ghcr.io/siderolabs/drbd:9.2.13-v1.10.1 + - imageRef: ghcr.io/siderolabs/zfs:2.3.1-v1.10.1 output: kind: image imageOptions: { diskSize: 1306525696, diskFormat: raw } diff --git a/packages/core/platform/bundles/paas-full.yaml b/packages/core/platform/bundles/paas-full.yaml index da5a0e8a..71191025 100644 --- a/packages/core/platform/bundles/paas-full.yaml +++ b/packages/core/platform/bundles/paas-full.yaml @@ -260,72 +260,15 @@ releases: releaseName: dashboard chart: cozy-dashboard namespace: cozy-dashboard - dependsOn: [cilium,kubeovn,keycloak-configure] values: - kubeapps: - {{- if .Capabilities.APIVersions.Has "source.toolkit.fluxcd.io/v1" }} - {{- with (lookup "source.toolkit.fluxcd.io/v1" "HelmRepository" "cozy-public" "").items }} - redis: - master: - podAnnotations: - {{- range $index, $repo := . }} - {{- with (($repo.status).artifact).revision }} - repository.cozystack.io/{{ $repo.metadata.name }}: {{ quote . }} - {{- end }} - {{- end }} - {{- end }} - {{- end }} - frontend: - resourcesPreset: "none" - dashboard: - resourcesPreset: "none" - {{- $cozystackBranding:= lookup "v1" "ConfigMap" "cozy-system" "cozystack-branding" }} - {{- $branding := dig "data" "branding" "" $cozystackBranding }} - {{- if $branding }} - customLocale: - "Kubeapps": {{ $branding }} - {{- end }} - customStyle: | - {{- $logoImage := dig "data" "logo" "" $cozystackBranding }} - {{- if $logoImage }} - .kubeapps-logo { - background-image: {{ $logoImage }} - } - {{- end }} - #serviceaccount-selector { - display: none; - } - .login-moreinfo { - display: none; - } - a[href="#/docs"] { - display: none; - } - .login-group .clr-form-control .clr-control-label { - display: none; - } - .appview-separator div.appview-first-row div.center { - display: none; - } - .appview-separator div.appview-first-row section[aria-labelledby="app-secrets"] { - display: none; - } - .appview-first-row section[aria-labelledby="access-urls-title"] { - width: 100%; - } - {{- $dashboardKCconfig := lookup "v1" "ConfigMap" "cozy-dashboard" "kubeapps-auth-config" }} - {{- $dashboardKCValues := dig "data" "values.yaml" "" $dashboardKCconfig }} - {{- if $dashboardKCValues }} - valuesFrom: - - kind: ConfigMap - name: kubeapps-auth-config - valuesKey: values.yaml - {{- end }} - + {{- $dashboardKCconfig := lookup "v1" "ConfigMap" "cozy-dashboard" "kubeapps-auth-config" }} + {{- $dashboardKCValues := dig "data" "values.yaml" "" $dashboardKCconfig | fromYaml }} + {{- toYaml (deepCopy $dashboardKCValues | mergeOverwrite (fromYaml (include "cozystack.defaultDashboardValues" .))) | nindent 4 }} + dependsOn: + - cilium + - kubeovn {{- if eq $oidcEnabled "true" }} - dependsOn: [keycloak-configure] - {{- else }} - dependsOn: [] + - keycloak-configure {{- end }} - name: kamaji diff --git a/packages/core/platform/bundles/paas-hosted.yaml b/packages/core/platform/bundles/paas-hosted.yaml index f082b3bb..12addedb 100644 --- a/packages/core/platform/bundles/paas-hosted.yaml +++ b/packages/core/platform/bundles/paas-hosted.yaml @@ -155,66 +155,9 @@ releases: chart: cozy-dashboard namespace: cozy-dashboard values: - kubeapps: - {{- if .Capabilities.APIVersions.Has "source.toolkit.fluxcd.io/v1" }} - {{- with (lookup "source.toolkit.fluxcd.io/v1" "HelmRepository" "cozy-public" "").items }} - redis: - master: - podAnnotations: - {{- range $index, $repo := . }} - {{- with (($repo.status).artifact).revision }} - repository.cozystack.io/{{ $repo.metadata.name }}: {{ quote . }} - {{- end }} - {{- end }} - {{- end }} - {{- end }} - frontend: - resourcesPreset: "none" - dashboard: - resourcesPreset: "none" - {{- $cozystackBranding:= lookup "v1" "ConfigMap" "cozy-system" "cozystack-branding" }} - {{- $branding := dig "data" "branding" "" $cozystackBranding }} - {{- if $branding }} - customLocale: - "Kubeapps": {{ $branding }} - {{- end }} - customStyle: | - {{- $logoImage := dig "data" "logo" "" $cozystackBranding }} - {{- if $logoImage }} - .kubeapps-logo { - background-image: {{ $logoImage }} - } - {{- end }} - #serviceaccount-selector { - display: none; - } - .login-moreinfo { - display: none; - } - a[href="#/docs"] { - display: none; - } - .login-group .clr-form-control .clr-control-label { - display: none; - } - .appview-separator div.appview-first-row div.center { - display: none; - } - .appview-separator div.appview-first-row section[aria-labelledby="app-secrets"] { - display: none; - } - .appview-first-row section[aria-labelledby="access-urls-title"] { - width: 100%; - } - {{- $dashboardKCconfig := lookup "v1" "ConfigMap" "cozy-dashboard" "kubeapps-auth-config" }} - {{- $dashboardKCValues := dig "data" "values.yaml" "" $dashboardKCconfig }} - {{- if $dashboardKCValues }} - valuesFrom: - - kind: ConfigMap - name: kubeapps-auth-config - valuesKey: values.yaml - {{- end }} - + {{- $dashboardKCconfig := lookup "v1" "ConfigMap" "cozy-dashboard" "kubeapps-auth-config" }} + {{- $dashboardKCValues := dig "data" "values.yaml" (dict) $dashboardKCconfig }} + {{- toYaml (deepCopy $dashboardKCValues | mergeOverwrite (fromYaml (include "cozystack.defaultDashboardValues" .))) | nindent 4 }} {{- if eq $oidcEnabled "true" }} dependsOn: [keycloak-configure] {{- else }} diff --git a/packages/core/platform/templates/_helpers.tpl b/packages/core/platform/templates/_helpers.tpl index b3ab6a86..94edb35b 100644 --- a/packages/core/platform/templates/_helpers.tpl +++ b/packages/core/platform/templates/_helpers.tpl @@ -16,3 +16,57 @@ Get IP-addresses of master nodes {{- end -}} {{ join "," $ips }} {{- end -}} + +{{- define "cozystack.defaultDashboardValues" -}} +kubeapps: +{{- if .Capabilities.APIVersions.Has "source.toolkit.fluxcd.io/v1" }} +{{- with (lookup "source.toolkit.fluxcd.io/v1" "HelmRepository" "cozy-public" "").items }} + redis: + master: + podAnnotations: + {{- range $index, $repo := . }} + {{- with (($repo.status).artifact).revision }} + repository.cozystack.io/{{ $repo.metadata.name }}: {{ quote . }} + {{- end }} + {{- end }} +{{- end }} +{{- end }} + frontend: + resourcesPreset: "none" + dashboard: + resourcesPreset: "none" + {{- $cozystackBranding:= lookup "v1" "ConfigMap" "cozy-system" "cozystack-branding" }} + {{- $branding := dig "data" "branding" "" $cozystackBranding }} + {{- if $branding }} + customLocale: + "Kubeapps": {{ $branding }} + {{- end }} + customStyle: | + {{- $logoImage := dig "data" "logo" "" $cozystackBranding }} + {{- if $logoImage }} + .kubeapps-logo { + background-image: {{ $logoImage }} + } + {{- end }} + #serviceaccount-selector { + display: none; + } + .login-moreinfo { + display: none; + } + a[href="#/docs"] { + display: none; + } + .login-group .clr-form-control .clr-control-label { + display: none; + } + .appview-separator div.appview-first-row div.center { + display: none; + } + .appview-separator div.appview-first-row section[aria-labelledby="app-secrets"] { + display: none; + } + .appview-first-row section[aria-labelledby="access-urls-title"] { + width: 100%; + } +{{- end }} diff --git a/packages/core/platform/templates/helmreleases.yaml b/packages/core/platform/templates/helmreleases.yaml index 1298d74b..17b373be 100644 --- a/packages/core/platform/templates/helmreleases.yaml +++ b/packages/core/platform/templates/helmreleases.yaml @@ -72,17 +72,6 @@ spec: {{- toYaml . | nindent 4}} {{- end }} - {{- if $x.valuesFrom }} - valuesFrom: - {{- range $source := $x.valuesFrom }} - - kind: {{ $source.kind }} - name: {{ $source.name }} - {{- if $source.valuesKey }} - valuesKey: {{ $source.valuesKey }} - {{- end }} - {{- end }} - {{- end }} - {{- with $x.dependsOn }} dependsOn: {{- range $dep := . }} diff --git a/packages/extra/ingress/Chart.yaml b/packages/extra/ingress/Chart.yaml index e6001cc8..93807c89 100644 --- a/packages/extra/ingress/Chart.yaml +++ b/packages/extra/ingress/Chart.yaml @@ -3,4 +3,4 @@ name: ingress description: NGINX Ingress Controller icon: /logos/ingress-nginx.svg type: application -version: 1.5.1 +version: 1.6.0 diff --git a/packages/extra/ingress/README.md b/packages/extra/ingress/README.md index af395dfe..ab4ed3d9 100644 --- a/packages/extra/ingress/README.md +++ b/packages/extra/ingress/README.md @@ -4,13 +4,10 @@ ### Common parameters -| Name | Description | Value | -| ----------------- | ----------------------------------------------------------------- | ------- | -| `replicas` | Number of ingress-nginx replicas | `2` | -| `externalIPs` | List of externalIPs for service. | `[]` | -| `whitelist` | List of client networks | `[]` | -| `clouflareProxy` | Restoring original visitor IPs when Cloudflare proxied is enabled | `false` | -| `dashboard` | Should ingress serve Cozystack service dashboard | `false` | -| `cdiUploadProxy` | Should ingress serve CDI upload proxy | `false` | -| `virtExportProxy` | Should ingress serve KubeVirt export proxy | `false` | +| Name | Description | Value | +| ---------------- | ----------------------------------------------------------------- | ------- | +| `replicas` | Number of ingress-nginx replicas | `2` | +| `externalIPs` | List of externalIPs for service. | `[]` | +| `whitelist` | List of client networks | `[]` | +| `clouflareProxy` | Restoring original visitor IPs when Cloudflare proxied is enabled | `false` | diff --git a/packages/extra/ingress/templates/cdi-uploadproxy.yaml b/packages/extra/ingress/templates/cdi-uploadproxy.yaml deleted file mode 100644 index e82e0d26..00000000 --- a/packages/extra/ingress/templates/cdi-uploadproxy.yaml +++ /dev/null @@ -1,37 +0,0 @@ -{{- $cozyConfig := lookup "v1" "ConfigMap" "cozy-system" "cozystack" }} -{{- $issuerType := (index $cozyConfig.data "clusterissuer") | default "http01" }} - -{{- $myNS := lookup "v1" "Namespace" "" .Release.Namespace }} -{{- $host := index $myNS.metadata.annotations "namespace.cozystack.io/host" }} - -{{- if .Values.cdiUploadProxy }} -apiVersion: networking.k8s.io/v1 -kind: Ingress -metadata: - annotations: - nginx.ingress.kubernetes.io/backend-protocol: HTTPS - cert-manager.io/cluster-issuer: letsencrypt-prod - {{- if eq $issuerType "cloudflare" }} - {{- else }} - acme.cert-manager.io/http01-ingress-class: {{ .Release.Namespace }} - {{- end }} - name: cdi-uploadproxy-{{ .Release.Namespace }} - namespace: cozy-kubevirt-cdi -spec: - ingressClassName: {{ .Release.Namespace }} - rules: - - host: cdi-uploadproxy.{{ $host }} - http: - paths: - - backend: - service: - name: cdi-uploadproxy - port: - number: 443 - path: / - pathType: Prefix - tls: - - hosts: - - cdi-uploadproxy.{{ $host }} - secretName: cdi-uploadproxy-{{ .Release.Namespace }}-tls -{{- end }} diff --git a/packages/extra/ingress/templates/nginx-ingress.yaml b/packages/extra/ingress/templates/nginx-ingress.yaml index cfc29d1f..88d98b74 100644 --- a/packages/extra/ingress/templates/nginx-ingress.yaml +++ b/packages/extra/ingress/templates/nginx-ingress.yaml @@ -1,3 +1,6 @@ +{{- $cozyConfig := lookup "v1" "ConfigMap" "cozy-system" "cozystack" }} +{{- $exposeIngress := index $cozyConfig.data "expose-ingress" | default "tenant-root" }} +{{- $exposeExternalIPs := (index $cozyConfig.data "expose-external-ips") | default "" }} apiVersion: helm.toolkit.fluxcd.io/v2 kind: HelmRelease metadata: @@ -31,9 +34,9 @@ spec: enabled: false {{- end }} service: - {{- if .Values.externalIPs }} + {{- if and (eq $exposeIngress .Release.Namespace) $exposeExternalIPs }} externalIPs: - {{- toYaml .Values.externalIPs | nindent 12 }} + {{- toYaml (splitList "," $exposeExternalIPs) | nindent 12 }} type: ClusterIP externalTrafficPolicy: Cluster {{- else }} diff --git a/packages/extra/ingress/values.schema.json b/packages/extra/ingress/values.schema.json index 8005ac24..c956bac3 100644 --- a/packages/extra/ingress/values.schema.json +++ b/packages/extra/ingress/values.schema.json @@ -25,21 +25,6 @@ "type": "boolean", "description": "Restoring original visitor IPs when Cloudflare proxied is enabled", "default": false - }, - "dashboard": { - "type": "boolean", - "description": "Should ingress serve Cozystack service dashboard", - "default": false - }, - "cdiUploadProxy": { - "type": "boolean", - "description": "Should ingress serve CDI upload proxy", - "default": false - }, - "virtExportProxy": { - "type": "boolean", - "description": "Should ingress serve KubeVirt export proxy", - "default": false } } } \ No newline at end of file diff --git a/packages/extra/ingress/values.yaml b/packages/extra/ingress/values.yaml index 41571db9..a5cee834 100644 --- a/packages/extra/ingress/values.yaml +++ b/packages/extra/ingress/values.yaml @@ -4,17 +4,6 @@ ## replicas: 2 -## @param externalIPs [array] List of externalIPs for service. -## Optional. If not specified will use LoadBalancer service by default. -## -## e.g: -## externalIPs: -## - "11.22.33.44" -## - "11.22.33.45" -## - "11.22.33.46" -## -externalIPs: [] - ## @param whitelist List of client networks ## Example: ## whitelist: @@ -24,12 +13,3 @@ whitelist: [] ## @param clouflareProxy Restoring original visitor IPs when Cloudflare proxied is enabled clouflareProxy: false - -## @param dashboard Should ingress serve Cozystack service dashboard -dashboard: false - -## @param cdiUploadProxy Should ingress serve CDI upload proxy -cdiUploadProxy: false - -## @param virtExportProxy Should ingress serve KubeVirt export proxy -virtExportProxy: false diff --git a/packages/extra/ingress/vm-exportproxy.yaml b/packages/extra/ingress/vm-exportproxy.yaml deleted file mode 100644 index 0984bf6c..00000000 --- a/packages/extra/ingress/vm-exportproxy.yaml +++ /dev/null @@ -1,37 +0,0 @@ -{{- $cozyConfig := lookup "v1" "ConfigMap" "cozy-system" "cozystack" }} -{{- $issuerType := (index $cozyConfig.data "clusterissuer") | default "http01" }} - -{{- $myNS := lookup "v1" "Namespace" "" .Release.Namespace }} -{{- $host := index $myNS.metadata.annotations "namespace.cozystack.io/host" }} - -{{- if .Values.virtExportProxy }} -apiVersion: networking.k8s.io/v1 -kind: Ingress -metadata: - annotations: - nginx.ingress.kubernetes.io/backend-protocol: HTTPS - cert-manager.io/cluster-issuer: letsencrypt-prod - {{- if eq $issuerType "cloudflare" }} - {{- else }} - acme.cert-manager.io/http01-ingress-class: {{ .Release.Namespace }} - {{- end }} - name: virt-exportproxy-{{ .Release.Namespace }} - namespace: cozy-kubevirt -spec: - ingressClassName: {{ .Release.Namespace }} - rules: - - host: virt-exportproxy.{{ $host }} - http: - paths: - - backend: - service: - name: virt-exportproxy - port: - number: 443 - path: / - pathType: ImplementationSpecific - tls: - - hosts: - virt-exportproxy.{{ $host }} - secretName: virt-exportproxy-{{ .Release.Namespace }}-tls -{{- end }} diff --git a/packages/extra/versions_map b/packages/extra/versions_map index a76418a5..a7accda5 100644 --- a/packages/extra/versions_map +++ b/packages/extra/versions_map @@ -19,7 +19,7 @@ ingress 1.2.0 28fca4ef ingress 1.3.0 fde4bcfa ingress 1.4.0 fd240701 ingress 1.5.0 93bdf411 -ingress 1.5.1 HEAD +ingress 1.6.0 HEAD monitoring 1.0.0 d7cfa53c monitoring 1.1.0 25221fdc monitoring 1.2.0 f81be075 diff --git a/packages/system/capi-operator/Makefile b/packages/system/capi-operator/Makefile index baa4a5fc..dc421cee 100644 --- a/packages/system/capi-operator/Makefile +++ b/packages/system/capi-operator/Makefile @@ -1,11 +1,11 @@ export NAME=capi-operator export NAMESPACE=cozy-cluster-api +export REPO_NAME=capi-operator +export REPO_URL=https://kubernetes-sigs.github.io/cluster-api-operator +export CHART_NAME=cluster-api-operator +export CHART_VERSION=^0.19 include ../../../scripts/package.mk -update: - rm -rf charts - helm repo add capi-operator https://kubernetes-sigs.github.io/cluster-api-operator - helm repo update capi-operator - helm pull capi-operator/cluster-api-operator --untar --untardir charts - rm -rf charts/cluster-api-operator/charts +update: clean capi-operator-update + rm -rf charts/cluster-api-operator/charts/ diff --git a/packages/system/capi-providers/templates/providers.yaml b/packages/system/capi-providers/templates/providers.yaml index 7cb59f3b..b2accf40 100644 --- a/packages/system/capi-providers/templates/providers.yaml +++ b/packages/system/capi-providers/templates/providers.yaml @@ -5,7 +5,7 @@ metadata: name: cluster-api spec: # https://github.com/kubernetes-sigs/cluster-api - version: v1.10.0 + version: v1.10.1 --- apiVersion: operator.cluster.x-k8s.io/v1alpha2 kind: ControlPlaneProvider @@ -13,7 +13,7 @@ metadata: name: kamaji spec: # https://github.com/clastix/cluster-api-control-plane-provider-kamaji - version: v0.14.2 + version: v0.15.1 deployment: containers: - name: manager @@ -31,7 +31,7 @@ metadata: name: kubeadm spec: # https://github.com/kubernetes-sigs/cluster-api - version: v1.10.0 + version: v1.10.1 --- apiVersion: operator.cluster.x-k8s.io/v1alpha2 kind: InfrastructureProvider diff --git a/packages/system/cozystack-api/templates/api-ingress.yaml b/packages/system/cozystack-api/templates/api-ingress.yaml new file mode 100644 index 00000000..d7670e71 --- /dev/null +++ b/packages/system/cozystack-api/templates/api-ingress.yaml @@ -0,0 +1,28 @@ +{{- $cozyConfig := lookup "v1" "ConfigMap" "cozy-system" "cozystack" }} +{{- $host := index $cozyConfig.data "root-host" }} +{{- $exposeServices := splitList "," ((index $cozyConfig.data "expose-services") | default "") }} +{{- $exposeIngress := index $cozyConfig.data "expose-ingress" | default "tenant-root" }} + +{{- if and (has "api" $exposeServices) }} +apiVersion: networking.k8s.io/v1 +kind: Ingress +metadata: + annotations: + nginx.ingress.kubernetes.io/backend-protocol: HTTPS + nginx.ingress.kubernetes.io/ssl-passthrough: "true" + name: kubernetes + namespace: default +spec: + ingressClassName: {{ $exposeIngress }} + rules: + - host: api.{{ $host }} + http: + paths: + - backend: + service: + name: kubernetes + port: + number: 443 + path: / + pathType: Prefix +{{- end }} diff --git a/packages/system/cozystack-controller/Makefile b/packages/system/cozystack-controller/Makefile index a1db9b0a..a75faea9 100644 --- a/packages/system/cozystack-controller/Makefile +++ b/packages/system/cozystack-controller/Makefile @@ -9,6 +9,8 @@ image: image-cozystack-controller update-version image-cozystack-controller: docker buildx build -f images/cozystack-controller/Dockerfile ../../.. \ --provenance false \ + --builder=$(BUILDER) \ + --platform=$(PLATFORM) \ --tag $(REGISTRY)/cozystack-controller:$(call settag,$(TAG)) \ --cache-from type=registry,ref=$(REGISTRY)/cozystack-controller:latest \ --cache-to type=inline \ diff --git a/packages/extra/ingress/templates/dashboard.yaml b/packages/system/dashboard/templates/dashboard-ingress.yaml similarity index 54% rename from packages/extra/ingress/templates/dashboard.yaml rename to packages/system/dashboard/templates/dashboard-ingress.yaml index 28b6722c..1fd7f85d 100644 --- a/packages/extra/ingress/templates/dashboard.yaml +++ b/packages/system/dashboard/templates/dashboard-ingress.yaml @@ -1,19 +1,10 @@ {{- $cozyConfig := lookup "v1" "ConfigMap" "cozy-system" "cozystack" }} {{- $issuerType := (index $cozyConfig.data "clusterissuer") | default "http01" }} +{{- $host := index $cozyConfig.data "root-host" }} +{{- $exposeServices := splitList "," ((index $cozyConfig.data "expose-services") | default "") }} +{{- $exposeIngress := index $cozyConfig.data "expose-ingress" | default "tenant-root" }} -{{- $myNS := lookup "v1" "Namespace" "" .Release.Namespace }} -{{- $host := index $myNS.metadata.annotations "namespace.cozystack.io/host" }} - -{{- $tenantRoot := dict }} -{{- if .Capabilities.APIVersions.Has "helm.toolkit.fluxcd.io/v2" }} -{{- $tenantRoot = lookup "helm.toolkit.fluxcd.io/v2" "HelmRelease" "tenant-root" "tenant-root" }} -{{- end }} -{{- if and $tenantRoot $tenantRoot.spec $tenantRoot.spec.values $tenantRoot.spec.values.host }} -{{- $host = $tenantRoot.spec.values.host }} -{{- else }} -{{- end }} - -{{- if .Values.dashboard }} +{{- if and (has "dashboard" $exposeServices) }} apiVersion: networking.k8s.io/v1 kind: Ingress metadata: @@ -21,16 +12,16 @@ metadata: cert-manager.io/cluster-issuer: letsencrypt-prod {{- if eq $issuerType "cloudflare" }} {{- else }} - acme.cert-manager.io/http01-ingress-class: {{ .Release.Namespace }} + acme.cert-manager.io/http01-ingress-class: {{ $exposeIngress }} + {{- end }} nginx.ingress.kubernetes.io/proxy-body-size: 100m nginx.ingress.kubernetes.io/proxy-buffer-size: 100m nginx.ingress.kubernetes.io/proxy-buffers-number: "4" nginx.ingress.kubernetes.io/client-max-body-size: 100m - {{- end }} - name: dashboard-{{ .Release.Namespace }} + name: dashboard namespace: cozy-dashboard spec: - ingressClassName: {{ .Release.Namespace }} + ingressClassName: {{ $exposeIngress }} rules: - host: dashboard.{{ $host }} http: @@ -45,5 +36,5 @@ spec: tls: - hosts: - dashboard.{{ $host }} - secretName: dashboard-{{ .Release.Namespace }}-tls + secretName: dashboard-tls {{- end }} diff --git a/packages/system/dashboard/values.yaml b/packages/system/dashboard/values.yaml index 3038124f..a7103fc4 100644 --- a/packages/system/dashboard/values.yaml +++ b/packages/system/dashboard/values.yaml @@ -21,6 +21,15 @@ kubeapps: repository: dashboard tag: v0.31.0-rc.1 digest: "sha256:a83fe4654f547469cfa469a02bda1273c54bca103a41eb007fdb2e18a7a91e93" + redis: + master: + resourcesPreset: "none" + resources: + requests: + cpu: 200m + memory: 256Mi + limits: + memory: 256Mi kubeappsapis: resourcesPreset: "none" image: diff --git a/packages/system/fluxcd-operator/charts/flux-operator/Chart.yaml b/packages/system/fluxcd-operator/charts/flux-operator/Chart.yaml index 95ce6ee5..43caa7d9 100644 --- a/packages/system/fluxcd-operator/charts/flux-operator/Chart.yaml +++ b/packages/system/fluxcd-operator/charts/flux-operator/Chart.yaml @@ -8,7 +8,7 @@ annotations: - name: Upstream Project url: https://github.com/controlplaneio-fluxcd/flux-operator apiVersion: v2 -appVersion: v0.19.0 +appVersion: v0.20.0 description: 'A Helm chart for deploying the Flux Operator. ' home: https://github.com/controlplaneio-fluxcd icon: https://raw.githubusercontent.com/cncf/artwork/main/projects/flux/icon/color/flux-icon-color.png @@ -25,4 +25,4 @@ sources: - https://github.com/controlplaneio-fluxcd/flux-operator - https://github.com/controlplaneio-fluxcd/charts type: application -version: 0.19.0 +version: 0.20.0 diff --git a/packages/system/fluxcd-operator/charts/flux-operator/README.md b/packages/system/fluxcd-operator/charts/flux-operator/README.md index 627a81ab..7cbbd492 100644 --- a/packages/system/fluxcd-operator/charts/flux-operator/README.md +++ b/packages/system/fluxcd-operator/charts/flux-operator/README.md @@ -1,6 +1,6 @@ # flux-operator -![Version: 0.19.0](https://img.shields.io/badge/Version-0.19.0-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: v0.19.0](https://img.shields.io/badge/AppVersion-v0.19.0-informational?style=flat-square) +![Version: 0.20.0](https://img.shields.io/badge/Version-0.20.0-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: v0.20.0](https://img.shields.io/badge/AppVersion-v0.20.0-informational?style=flat-square) The [Flux Operator](https://github.com/controlplaneio-fluxcd/flux-operator) provides a declarative API for the installation and upgrade of CNCF [Flux](https://fluxcd.io) and the diff --git a/packages/system/fluxcd/charts/flux-instance/Chart.yaml b/packages/system/fluxcd/charts/flux-instance/Chart.yaml index be942dd5..12d1d3b4 100644 --- a/packages/system/fluxcd/charts/flux-instance/Chart.yaml +++ b/packages/system/fluxcd/charts/flux-instance/Chart.yaml @@ -8,7 +8,7 @@ annotations: - name: Upstream Project url: https://github.com/controlplaneio-fluxcd/flux-operator apiVersion: v2 -appVersion: v0.19.0 +appVersion: v0.20.0 description: 'A Helm chart for deploying a Flux instance managed by Flux Operator. ' home: https://github.com/controlplaneio-fluxcd icon: https://raw.githubusercontent.com/cncf/artwork/main/projects/flux/icon/color/flux-icon-color.png @@ -25,4 +25,4 @@ sources: - https://github.com/controlplaneio-fluxcd/flux-operator - https://github.com/controlplaneio-fluxcd/charts type: application -version: 0.19.0 +version: 0.20.0 diff --git a/packages/system/fluxcd/charts/flux-instance/README.md b/packages/system/fluxcd/charts/flux-instance/README.md index ccd29096..b39c70fc 100644 --- a/packages/system/fluxcd/charts/flux-instance/README.md +++ b/packages/system/fluxcd/charts/flux-instance/README.md @@ -1,6 +1,6 @@ # flux-instance -![Version: 0.19.0](https://img.shields.io/badge/Version-0.19.0-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: v0.19.0](https://img.shields.io/badge/AppVersion-v0.19.0-informational?style=flat-square) +![Version: 0.20.0](https://img.shields.io/badge/Version-0.20.0-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: v0.20.0](https://img.shields.io/badge/AppVersion-v0.20.0-informational?style=flat-square) This chart is a thin wrapper around the `FluxInstance` custom resource, which is used by the [Flux Operator](https://github.com/controlplaneio-fluxcd/flux-operator) diff --git a/packages/system/kamaji/charts/kamaji/crds/kamaji.clastix.io_datastores.yaml b/packages/system/kamaji/charts/kamaji/crds/kamaji.clastix.io_datastores.yaml index f3071767..aeb221e2 100644 --- a/packages/system/kamaji/charts/kamaji/crds/kamaji.clastix.io_datastores.yaml +++ b/packages/system/kamaji/charts/kamaji/crds/kamaji.clastix.io_datastores.yaml @@ -120,6 +120,9 @@ spec: - PostgreSQL - NATS type: string + x-kubernetes-validations: + - message: Datastore driver is immutable + rule: self == oldSelf endpoints: description: |- List of the endpoints to connect to the shared datastore. @@ -263,6 +266,21 @@ spec: - driver - endpoints type: object + x-kubernetes-validations: + - message: certificateAuthority privateKey must have secretReference or content when driver is etcd + rule: '(self.driver == "etcd") ? (self.tlsConfig != null && (has(self.tlsConfig.certificateAuthority.privateKey.secretReference) || has(self.tlsConfig.certificateAuthority.privateKey.content))) : true' + - message: clientCertificate must have secretReference or content when driver is etcd + rule: '(self.driver == "etcd") ? (self.tlsConfig != null && (has(self.tlsConfig.clientCertificate.certificate.secretReference) || has(self.tlsConfig.clientCertificate.certificate.content))) : true' + - message: clientCertificate privateKey must have secretReference or content when driver is etcd + rule: '(self.driver == "etcd") ? (self.tlsConfig != null && (has(self.tlsConfig.clientCertificate.privateKey.secretReference) || has(self.tlsConfig.clientCertificate.privateKey.content))) : true' + - message: When driver is not etcd and tlsConfig exists, clientCertificate must be null or contain valid content + rule: '(self.driver != "etcd" && has(self.tlsConfig) && has(self.tlsConfig.clientCertificate)) ? (((has(self.tlsConfig.clientCertificate.certificate.secretReference) || has(self.tlsConfig.clientCertificate.certificate.content)))) : true' + - message: When driver is not etcd and basicAuth exists, username must have secretReference or content + rule: '(self.driver != "etcd" && has(self.basicAuth)) ? ((has(self.basicAuth.username.secretReference) || has(self.basicAuth.username.content))) : true' + - message: When driver is not etcd and basicAuth exists, password must have secretReference or content + rule: '(self.driver != "etcd" && has(self.basicAuth)) ? ((has(self.basicAuth.password.secretReference) || has(self.basicAuth.password.content))) : true' + - message: When driver is not etcd, either tlsConfig or basicAuth must be provided + rule: '(self.driver != "etcd") ? (has(self.tlsConfig) || has(self.basicAuth)) : true' status: description: DataStoreStatus defines the observed state of DataStore. properties: diff --git a/packages/system/kamaji/charts/kamaji/crds/kamaji.clastix.io_tenantcontrolplanes.yaml b/packages/system/kamaji/charts/kamaji/crds/kamaji.clastix.io_tenantcontrolplanes.yaml index bb26cdcc..b3d3b668 100644 --- a/packages/system/kamaji/charts/kamaji/crds/kamaji.clastix.io_tenantcontrolplanes.yaml +++ b/packages/system/kamaji/charts/kamaji/crds/kamaji.clastix.io_tenantcontrolplanes.yaml @@ -427,7 +427,7 @@ spec: Values defined by an Env with a duplicate key will take precedence. Cannot be updated. items: - description: EnvFromSource represents the source of a set of ConfigMaps + description: EnvFromSource represents the source of a set of ConfigMaps or Secrets properties: configMapRef: description: The ConfigMap to select from @@ -447,7 +447,7 @@ spec: type: object x-kubernetes-map-type: atomic prefix: - description: An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER. + description: Optional text to prepend to the name of each environment variable. Must be a C_IDENTIFIER. type: string secretRef: description: The Secret to select from @@ -696,6 +696,12 @@ spec: - port type: object type: object + stopSignal: + description: |- + StopSignal defines which signal will be sent to a container when it is being stopped. + If not specified, the default is defined by the container runtime in use. + StopSignal can only be set for Pods with a non-empty .spec.os.name + type: string type: object livenessProbe: description: |- @@ -1792,7 +1798,7 @@ spec: Values defined by an Env with a duplicate key will take precedence. Cannot be updated. items: - description: EnvFromSource represents the source of a set of ConfigMaps + description: EnvFromSource represents the source of a set of ConfigMaps or Secrets properties: configMapRef: description: The ConfigMap to select from @@ -1812,7 +1818,7 @@ spec: type: object x-kubernetes-map-type: atomic prefix: - description: An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER. + description: Optional text to prepend to the name of each environment variable. Must be a C_IDENTIFIER. type: string secretRef: description: The Secret to select from @@ -2061,6 +2067,12 @@ spec: - port type: object type: object + stopSignal: + description: |- + StopSignal defines which signal will be sent to a container when it is being stopped. + If not specified, the default is defined by the container runtime in use. + StopSignal can only be set for Pods with a non-empty .spec.os.name + type: string type: object livenessProbe: description: |- @@ -4087,7 +4099,7 @@ spec: The types of objects that may be mounted by this volume are defined by the container runtime implementation on a host machine and at minimum must include all valid types supported by the container image field. The OCI object gets mounted in a single directory (spec.containers[*].volumeMounts.mountPath) by merging the manifest layers in the same way as for container images. The volume will be mounted read-only (ro) and non-executable files (noexec). - Sub path mounts for containers are not supported (spec.containers[*].volumeMounts.subpath). + Sub path mounts for containers are not supported (spec.containers[*].volumeMounts.subpath) before 1.33. The field spec.securityContext.fsGroupChangePolicy has no effect on this volume type. properties: pullPolicy: @@ -5173,7 +5185,6 @@ spec: pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both matchLabelKeys and labelSelector. Also, matchLabelKeys cannot be set when labelSelector isn't set. - This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). items: type: string type: array @@ -5188,7 +5199,6 @@ spec: pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. Also, mismatchLabelKeys cannot be set when labelSelector isn't set. - This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). items: type: string type: array @@ -5349,7 +5359,6 @@ spec: pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both matchLabelKeys and labelSelector. Also, matchLabelKeys cannot be set when labelSelector isn't set. - This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). items: type: string type: array @@ -5364,7 +5373,6 @@ spec: pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. Also, mismatchLabelKeys cannot be set when labelSelector isn't set. - This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). items: type: string type: array @@ -5518,7 +5526,6 @@ spec: pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both matchLabelKeys and labelSelector. Also, matchLabelKeys cannot be set when labelSelector isn't set. - This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). items: type: string type: array @@ -5533,7 +5540,6 @@ spec: pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. Also, mismatchLabelKeys cannot be set when labelSelector isn't set. - This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). items: type: string type: array @@ -5694,7 +5700,6 @@ spec: pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both matchLabelKeys and labelSelector. Also, matchLabelKeys cannot be set when labelSelector isn't set. - This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). items: type: string type: array @@ -5709,7 +5714,6 @@ spec: pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. Also, mismatchLabelKeys cannot be set when labelSelector isn't set. - This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). items: type: string type: array @@ -6339,7 +6343,6 @@ spec: - Ignore: nodeAffinity/nodeSelector are ignored. All nodes are included in the calculations. If this value is nil, the behavior is equivalent to the Honor policy. - This is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag. type: string nodeTaintsPolicy: description: |- @@ -6350,7 +6353,6 @@ spec: - Ignore: node taints are ignored. All nodes are included. If this value is nil, the behavior is equivalent to the Ignore policy. - This is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag. type: string topologyKey: description: |- @@ -7071,7 +7073,7 @@ spec: description: KubernetesDeploymentStatus defines the status for the Tenant Control Plane Deployment in the management cluster. properties: availableReplicas: - description: Total number of available pods (ready for at least minReadySeconds) targeted by this deployment. + description: Total number of available non-terminating pods (ready for at least minReadySeconds) targeted by this deployment. format: int32 type: integer collisionCount: @@ -7129,16 +7131,24 @@ spec: format: int64 type: integer readyReplicas: - description: readyReplicas is the number of pods targeted by this Deployment with a Ready Condition. + description: Total number of non-terminating pods targeted by this Deployment with a Ready Condition. format: int32 type: integer replicas: - description: Total number of non-terminated pods targeted by this deployment (their labels match the selector). + description: Total number of non-terminating pods targeted by this deployment (their labels match the selector). format: int32 type: integer selector: description: Selector is the label selector used to group the Tenant Control Plane Pods used by the scale subresource. type: string + terminatingReplicas: + description: |- + Total number of terminating pods targeted by this deployment. Terminating pods have a non-null + .metadata.deletionTimestamp and have not yet reached the Failed or Succeeded .status.phase. + + This is an alpha field. Enable DeploymentReplicaSetTerminatingReplicas to be able to use this field. + format: int32 + type: integer unavailableReplicas: description: |- Total number of unavailable pods targeted by this deployment. This is the total number of @@ -7147,7 +7157,7 @@ spec: format: int32 type: integer updatedReplicas: - description: Total number of non-terminated pods targeted by this deployment that have the desired template spec. + description: Total number of non-terminating pods targeted by this deployment that have the desired template spec. format: int32 type: integer required: @@ -7379,6 +7389,7 @@ spec: - Migrating - Ready - NotReady + - Sleeping type: string version: description: Version is the running Kubernetes version of the Tenant Control Plane. diff --git a/packages/system/kamaji/charts/kamaji/templates/controller.yaml b/packages/system/kamaji/charts/kamaji/templates/controller.yaml index 38d635dd..63178382 100644 --- a/packages/system/kamaji/charts/kamaji/templates/controller.yaml +++ b/packages/system/kamaji/charts/kamaji/templates/controller.yaml @@ -19,10 +19,6 @@ spec: labels: {{- include "kamaji.selectorLabels" . | nindent 8 }} spec: - {{- with .Values.imagePullSecrets }} - imagePullSecrets: - {{- toYaml . | nindent 8 }} - {{- end }} securityContext: {{- toYaml .Values.podSecurityContext | nindent 8 }} serviceAccountName: {{ include "kamaji.serviceAccountName" . }} diff --git a/packages/system/kamaji/charts/kamaji/templates/rbac.yaml b/packages/system/kamaji/charts/kamaji/templates/rbac.yaml index aa4301db..43a1866f 100644 --- a/packages/system/kamaji/charts/kamaji/templates/rbac.yaml +++ b/packages/system/kamaji/charts/kamaji/templates/rbac.yaml @@ -9,6 +9,10 @@ metadata: {{- toYaml . | nindent 4 }} {{- end }} namespace: {{ .Release.Namespace }} +{{- with .Values.imagePullSecrets }} +imagePullSecrets: + {{- toYaml . | nindent 2 }} +{{- end }} --- apiVersion: rbac.authorization.k8s.io/v1 kind: Role diff --git a/packages/system/kamaji/images/kamaji/Dockerfile b/packages/system/kamaji/images/kamaji/Dockerfile index 08fcd02e..1646262a 100644 --- a/packages/system/kamaji/images/kamaji/Dockerfile +++ b/packages/system/kamaji/images/kamaji/Dockerfile @@ -1,5 +1,5 @@ # Build the manager binary -FROM golang:1.23 AS builder +FROM golang:1.24 as builder ARG VERSION=edge-25.3.2 ARG TARGETOS @@ -23,4 +23,4 @@ WORKDIR / COPY --from=builder /workspace/kamaji . USER 65532:65532 -ENTRYPOINT ["/kamaji"] +ENTRYPOINT ["/kamaji"] \ No newline at end of file diff --git a/packages/system/kamaji/values.yaml b/packages/system/kamaji/values.yaml index ee781d0e..f28c1408 100644 --- a/packages/system/kamaji/values.yaml +++ b/packages/system/kamaji/values.yaml @@ -3,7 +3,7 @@ kamaji: deploy: false image: pullPolicy: IfNotPresent - tag: v0.31.0-rc.1@sha256:3ae6f1b2e42dcb9dcfbf8213029eb731197ccdbf27fdc30539d975caf32184d4 + tag: latest@sha256:f6a33408df8d3c4223005392bcd8bae9d8c02fd73e2540bbaa911dedb7880ea8 repository: ghcr.io/cozystack/cozystack/kamaji resources: limits: diff --git a/packages/system/keycloak-configure/templates/configure-kk.yaml b/packages/system/keycloak-configure/templates/configure-kk.yaml index b2d8db5b..adee11b6 100644 --- a/packages/system/keycloak-configure/templates/configure-kk.yaml +++ b/packages/system/keycloak-configure/templates/configure-kk.yaml @@ -4,15 +4,6 @@ {{- $rootSaConfigMap := lookup "v1" "ConfigMap" "kube-system" "kube-root-ca.crt" }} {{- $k8sCa := index $rootSaConfigMap.data "ca.crt" | b64enc }} -{{- $tenantRoot := dict }} -{{- if .Capabilities.APIVersions.Has "helm.toolkit.fluxcd.io/v2" }} -{{- $tenantRoot = lookup "helm.toolkit.fluxcd.io/v2" "HelmRelease" "tenant-root" "tenant-root" }} -{{- end }} -{{- if and $tenantRoot $tenantRoot.spec $tenantRoot.spec.values $tenantRoot.spec.values.host }} -{{- $host = $tenantRoot.spec.values.host }} -{{- else }} -{{- end }} - {{- $existingK8sSecret := lookup "v1" "Secret" .Release.Namespace "k8s-client" }} {{- $existingKubeappsSecret := lookup "v1" "Secret" .Release.Namespace "kubeapps-client" }} {{- $existingAuthConfig := lookup "v1" "Secret" "cozy-dashboard" "kubeapps-auth-config" }} diff --git a/packages/system/keycloak/templates/ingress.yaml b/packages/system/keycloak/templates/ingress.yaml index 6ae1384a..30120619 100644 --- a/packages/system/keycloak/templates/ingress.yaml +++ b/packages/system/keycloak/templates/ingress.yaml @@ -1,18 +1,7 @@ {{- $cozyConfig := lookup "v1" "ConfigMap" "cozy-system" "cozystack" }} {{- $host := index $cozyConfig.data "root-host" }} {{- $issuerType := (index $cozyConfig.data "clusterissuer") | default "http01" }} - -{{- $rootns := lookup "v1" "Namespace" "" "tenant-root" }} -{{- $ingress := index $rootns.metadata.annotations "namespace.cozystack.io/ingress" }} - -{{- $tenantRoot := dict }} -{{- if .Capabilities.APIVersions.Has "helm.toolkit.fluxcd.io/v2" }} -{{- $tenantRoot = lookup "helm.toolkit.fluxcd.io/v2" "HelmRelease" "tenant-root" "tenant-root" }} -{{- end }} -{{- if and $tenantRoot $tenantRoot.spec $tenantRoot.spec.values $tenantRoot.spec.values.host }} -{{- $host = $tenantRoot.spec.values.host }} -{{- else }} -{{- end }} +{{- $exposeIngress := index $cozyConfig.data "expose-ingress" | default "tenant-root" }} apiVersion: networking.k8s.io/v1 kind: Ingress @@ -21,13 +10,13 @@ metadata: {{- with .Values.ingress.annotations }} annotations: {{- if ne $issuerType "cloudflare" }} - acme.cert-manager.io/http01-ingress-class: {{ $ingress }} + acme.cert-manager.io/http01-ingress-class: {{ $exposeIngress }} {{- end }} cert-manager.io/cluster-issuer: letsencrypt-prod {{- toYaml . | nindent 4 }} {{- end }} spec: - ingressClassName: {{ $ingress }} + ingressClassName: {{ $exposeIngress }} tls: - hosts: - keycloak.{{ $host }} diff --git a/packages/system/keycloak/templates/sts.yaml b/packages/system/keycloak/templates/sts.yaml index cecb17a1..e625859b 100644 --- a/packages/system/keycloak/templates/sts.yaml +++ b/packages/system/keycloak/templates/sts.yaml @@ -7,15 +7,6 @@ {{- $password = index $existingPassword.data "password" | b64dec }} {{- end }} -{{- $tenantRoot := dict }} -{{- if .Capabilities.APIVersions.Has "helm.toolkit.fluxcd.io/v2" }} -{{- $tenantRoot = lookup "helm.toolkit.fluxcd.io/v2" "HelmRelease" "tenant-root" "tenant-root" }} -{{- end }} -{{- if and $tenantRoot $tenantRoot.spec $tenantRoot.spec.values $tenantRoot.spec.values.host }} -{{- $host = $tenantRoot.spec.values.host }} -{{- else }} -{{- end }} - apiVersion: v1 kind: Secret metadata: diff --git a/packages/system/kubevirt-cdi/templates/cdi-uploadproxy-ingress.yaml b/packages/system/kubevirt-cdi/templates/cdi-uploadproxy-ingress.yaml new file mode 100644 index 00000000..58eef4fa --- /dev/null +++ b/packages/system/kubevirt-cdi/templates/cdi-uploadproxy-ingress.yaml @@ -0,0 +1,29 @@ +{{- $cozyConfig := lookup "v1" "ConfigMap" "cozy-system" "cozystack" }} +{{- $host := index $cozyConfig.data "root-host" }} +{{- $exposeServices := splitList "," ((index $cozyConfig.data "expose-services") | default "") }} +{{- $exposeIngress := index $cozyConfig.data "expose-ingress" | default "tenant-root" }} + + +{{- if and (has "cdi-uploadproxy" $exposeServices) }} +apiVersion: networking.k8s.io/v1 +kind: Ingress +metadata: + annotations: + nginx.ingress.kubernetes.io/backend-protocol: HTTPS + nginx.ingress.kubernetes.io/ssl-passthrough: "true" + name: cdi-uploadproxy + namespace: cozy-kubevirt-cdi +spec: + ingressClassName: {{ $exposeIngress }} + rules: + - host: cdi-uploadproxy.{{ $host }} + http: + paths: + - backend: + service: + name: cdi-uploadproxy + port: + number: 443 + path: / + pathType: Prefix +{{- end }} diff --git a/packages/system/kubevirt/templates/vm-exportproxy-ingress.yaml b/packages/system/kubevirt/templates/vm-exportproxy-ingress.yaml new file mode 100644 index 00000000..b77743d0 --- /dev/null +++ b/packages/system/kubevirt/templates/vm-exportproxy-ingress.yaml @@ -0,0 +1,28 @@ +{{- $cozyConfig := lookup "v1" "ConfigMap" "cozy-system" "cozystack" }} +{{- $host := index $cozyConfig.data "root-host" }} +{{- $exposeServices := splitList "," ((index $cozyConfig.data "expose-services") | default "") }} +{{- $exposeIngress := index $cozyConfig.data "expose-ingress" | default "tenant-root" }} + +{{- if and (has "vm-exportproxy" $exposeServices) }} +apiVersion: networking.k8s.io/v1 +kind: Ingress +metadata: + annotations: + nginx.ingress.kubernetes.io/backend-protocol: HTTPS + nginx.ingress.kubernetes.io/ssl-passthrough: "true" + name: vm-exportproxy + namespace: cozy-kubevirt +spec: + ingressClassName: {{ $exposeIngress }} + rules: + - host: vm-exportproxy.{{ $host }} + http: + paths: + - backend: + service: + name: vm-exportproxy + port: + number: 443 + path: / + pathType: ImplementationSpecific +{{- end }} diff --git a/packages/system/metallb/Makefile b/packages/system/metallb/Makefile index d01bf396..1cef5576 100644 --- a/packages/system/metallb/Makefile +++ b/packages/system/metallb/Makefile @@ -1,6 +1,7 @@ export NAME=metallb export NAMESPACE=cozy-$(NAME) +include ../../../scripts/common-envs.mk include ../../../scripts/package.mk update: @@ -9,3 +10,25 @@ update: helm repo update metallb helm pull metallb/metallb --untar --untardir charts rm -rf charts/metallb/charts/frr-k8s + +image-controller image-speaker: + $(eval TARGET := $(subst image-,,$@)) + $(eval VERSION := $(shell yq '.appVersion' charts/metallb/Chart.yaml)) + docker buildx build images/metallb \ + --provenance false \ + --target $(TARGET) \ + --build-arg VERSION=$(VERSION) \ + --tag $(REGISTRY)/metallb-$(TARGET):$(VERSION) \ + --cache-from type=registry,ref=$(REGISTRY)/metallb-$(TARGET):latest \ + --cache-to type=inline \ + --metadata-file images/$(TARGET).json \ + --push=$(PUSH) \ + --label "org.opencontainers.image.source=https://github.com/cozystack/cozystack" + --load=1 + REPOSITORY="$(REGISTRY)/metallb-$(TARGET)" \ + yq -i '.metallb.$(TARGET).image.repository = strenv(REPOSITORY)' values.yaml + TAG=$(VERSION)@$$(yq e '."containerimage.digest"' images/$(TARGET).json -o json -r) \ + yq -i '.metallb.$(TARGET).image.tag = strenv(TAG)' values.yaml + rm -f images/$(TARGET).json + +image: image-controller image-speaker diff --git a/packages/system/metallb/charts/metallb/Chart.lock b/packages/system/metallb/charts/metallb/Chart.lock index 81247366..79345580 100644 --- a/packages/system/metallb/charts/metallb/Chart.lock +++ b/packages/system/metallb/charts/metallb/Chart.lock @@ -1,9 +1,9 @@ dependencies: - name: crds repository: "" - version: 0.14.8 + version: 0.14.9 - name: frr-k8s repository: https://metallb.github.io/frr-k8s - version: 0.0.14 -digest: sha256:8dff488902a5b504a491bbd1a9ab0983a877ff214e163ed74106c73c939a9aa3 -generated: "2024-07-23T15:22:40.589621+03:00" + version: 0.0.16 +digest: sha256:20d9a53af12c82d35168e7524ae337341b2c7cb43e2169545185f750a718466e +generated: "2024-12-17T15:39:32.082324414+01:00" diff --git a/packages/system/metallb/charts/metallb/Chart.yaml b/packages/system/metallb/charts/metallb/Chart.yaml index a7f77b63..680ac9ba 100644 --- a/packages/system/metallb/charts/metallb/Chart.yaml +++ b/packages/system/metallb/charts/metallb/Chart.yaml @@ -1,14 +1,14 @@ apiVersion: v2 -appVersion: v0.14.8 +appVersion: v0.14.9 dependencies: - condition: crds.enabled name: crds repository: "" - version: 0.14.8 + version: 0.14.9 - condition: frrk8s.enabled name: frr-k8s repository: https://metallb.github.io/frr-k8s - version: 0.0.14 + version: 0.0.16 description: A network load-balancer implementation for Kubernetes using standard routing protocols home: https://metallb.universe.tf @@ -18,4 +18,4 @@ name: metallb sources: - https://github.com/metallb/metallb type: application -version: 0.14.8 +version: 0.14.9 diff --git a/packages/system/metallb/charts/metallb/README.md b/packages/system/metallb/charts/metallb/README.md index 202a9519..43f51ef7 100644 --- a/packages/system/metallb/charts/metallb/README.md +++ b/packages/system/metallb/charts/metallb/README.md @@ -17,7 +17,7 @@ Kubernetes: `>= 1.19.0-0` | Repository | Name | Version | |------------|------|---------| | | crds | 0.0.0 | -| https://metallb.github.io/frr-k8s | frr-k8s | 0.0.14 | +| https://metallb.github.io/frr-k8s | frr-k8s | 0.0.16 | ## Values @@ -79,17 +79,17 @@ Kubernetes: `>= 1.19.0-0` | prometheus.podMonitor.relabelings | list | `[]` | | | prometheus.prometheusRule.additionalLabels | object | `{}` | | | prometheus.prometheusRule.addressPoolExhausted.enabled | bool | `true` | | -| prometheus.prometheusRule.addressPoolExhausted.labels.severity | string | `"alert"` | | +| prometheus.prometheusRule.addressPoolExhausted.labels.severity | string | `"critical"` | | | prometheus.prometheusRule.addressPoolUsage.enabled | bool | `true` | | | prometheus.prometheusRule.addressPoolUsage.thresholds[0].labels.severity | string | `"warning"` | | | prometheus.prometheusRule.addressPoolUsage.thresholds[0].percent | int | `75` | | | prometheus.prometheusRule.addressPoolUsage.thresholds[1].labels.severity | string | `"warning"` | | | prometheus.prometheusRule.addressPoolUsage.thresholds[1].percent | int | `85` | | -| prometheus.prometheusRule.addressPoolUsage.thresholds[2].labels.severity | string | `"alert"` | | +| prometheus.prometheusRule.addressPoolUsage.thresholds[2].labels.severity | string | `"critical"` | | | prometheus.prometheusRule.addressPoolUsage.thresholds[2].percent | int | `95` | | | prometheus.prometheusRule.annotations | object | `{}` | | | prometheus.prometheusRule.bgpSessionDown.enabled | bool | `true` | | -| prometheus.prometheusRule.bgpSessionDown.labels.severity | string | `"alert"` | | +| prometheus.prometheusRule.bgpSessionDown.labels.severity | string | `"critical"` | | | prometheus.prometheusRule.configNotLoaded.enabled | bool | `true` | | | prometheus.prometheusRule.configNotLoaded.labels.severity | string | `"warning"` | | | prometheus.prometheusRule.enabled | bool | `false` | | diff --git a/packages/system/metallb/charts/metallb/charts/crds/Chart.yaml b/packages/system/metallb/charts/metallb/charts/crds/Chart.yaml index 613d3182..e9fec846 100644 --- a/packages/system/metallb/charts/metallb/charts/crds/Chart.yaml +++ b/packages/system/metallb/charts/metallb/charts/crds/Chart.yaml @@ -1,5 +1,5 @@ apiVersion: v2 -appVersion: v0.14.8 +appVersion: v0.14.9 description: MetalLB CRDs home: https://metallb.universe.tf icon: https://metallb.universe.tf/images/logo/metallb-white.png @@ -7,4 +7,4 @@ name: crds sources: - https://github.com/metallb/metallb type: application -version: 0.14.8 +version: 0.14.9 diff --git a/packages/system/metallb/charts/metallb/charts/crds/templates/crds.yaml b/packages/system/metallb/charts/metallb/charts/crds/templates/crds.yaml index 61f100ed..8f241477 100644 --- a/packages/system/metallb/charts/metallb/charts/crds/templates/crds.yaml +++ b/packages/system/metallb/charts/metallb/charts/crds/templates/crds.yaml @@ -2,7 +2,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.14.0 + controller-gen.kubebuilder.io/version: v0.16.3 name: bfdprofiles.metallb.io spec: group: metallb.io @@ -123,7 +123,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.14.0 + controller-gen.kubebuilder.io/version: v0.16.3 name: bgpadvertisements.metallb.io spec: group: metallb.io @@ -329,7 +329,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.14.0 + controller-gen.kubebuilder.io/version: v0.16.3 name: bgppeers.metallb.io spec: conversion: @@ -365,6 +365,8 @@ spec: - jsonPath: .spec.ebgpMultiHop name: Multi Hops type: string + deprecated: true + deprecationWarning: v1beta1 is deprecated, please use v1beta2 name: v1beta1 schema: openAPIV3Schema: @@ -526,15 +528,26 @@ spec: default: false description: To set if we want to disable MP BGP that will separate IPv4 and IPv6 route exchanges into distinct BGP sessions. type: boolean + dynamicASN: + description: |- + DynamicASN detects the AS number to use for the remote end of the session + without explicitly setting it via the ASN field. Limited to: + internal - if the neighbor's ASN is different than MyASN connection is denied. + external - if the neighbor's ASN is the same as MyASN the connection is denied. + ASN and DynamicASN are mutually exclusive and one of them must be specified. + enum: + - internal + - external + type: string ebgpMultiHop: description: To set if the BGPPeer is multi-hops away. Needed for FRR mode only. type: boolean enableGracefulRestart: description: |- - EnableGracefulRestart allows BGP peer to continue to forward data packets along - known routes while the routing protocol information is being restored. - This field is immutable because it requires restart of the BGP session - Supported for FRR mode only. + EnableGracefulRestart allows BGP peer to continue to forward data packets + along known routes while the routing protocol information is being + restored. This field is immutable because it requires restart of the BGP + session. Supported for FRR mode only. type: boolean x-kubernetes-validations: - message: EnableGracefulRestart cannot be changed after creation @@ -622,7 +635,9 @@ spec: type: object x-kubernetes-map-type: atomic peerASN: - description: AS number to expect from the remote end of the session. + description: |- + AS number to expect from the remote end of the session. + ASN and DynamicASN are mutually exclusive and one of them must be specified. format: int32 maximum: 4294967295 minimum: 0 @@ -649,7 +664,6 @@ spec: type: string required: - myASN - - peerASN - peerAddress type: object status: @@ -665,7 +679,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.14.0 + controller-gen.kubebuilder.io/version: v0.16.3 name: communities.metallb.io spec: group: metallb.io @@ -730,7 +744,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.14.0 + controller-gen.kubebuilder.io/version: v0.16.3 name: ipaddresspools.metallb.io spec: group: metallb.io @@ -940,7 +954,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.14.0 + controller-gen.kubebuilder.io/version: v0.16.3 name: l2advertisements.metallb.io spec: group: metallb.io @@ -1120,7 +1134,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.14.0 + controller-gen.kubebuilder.io/version: v0.16.3 name: servicel2statuses.metallb.io spec: group: metallb.io diff --git a/packages/system/metallb/charts/metallb/templates/controller.yaml b/packages/system/metallb/charts/metallb/templates/controller.yaml index 6129cd87..8fd9c477 100644 --- a/packages/system/metallb/charts/metallb/templates/controller.yaml +++ b/packages/system/metallb/charts/metallb/templates/controller.yaml @@ -84,7 +84,7 @@ spec: - name: METALLB_DEPLOYMENT value: {{ template "metallb.fullname" . }}-controller {{- end }} - {{- if .Values.speaker.frr.enabled }} + {{- if and .Values.speaker.enabled .Values.speaker.frr.enabled }} - name: METALLB_BGP_TYPE value: frr {{- end }} diff --git a/packages/system/metallb/charts/metallb/templates/podmonitor.yaml b/packages/system/metallb/charts/metallb/templates/podmonitor.yaml index 93a7fd69..42de8818 100644 --- a/packages/system/metallb/charts/metallb/templates/podmonitor.yaml +++ b/packages/system/metallb/charts/metallb/templates/podmonitor.yaml @@ -36,6 +36,7 @@ spec: relabelings: {{- toYaml .Values.prometheus.podMonitor.relabelings | nindent 4 }} {{- end }} +{{- if .Values.speaker.enabled }} --- apiVersion: monitoring.coreos.com/v1 kind: PodMonitor @@ -74,6 +75,7 @@ spec: relabelings: {{- toYaml .Values.prometheus.podMonitor.relabelings | nindent 4 }} {{- end }} +{{- end }} --- {{- if .Values.prometheus.rbacPrometheus }} apiVersion: rbac.authorization.k8s.io/v1 diff --git a/packages/system/metallb/charts/metallb/templates/prometheusrules.yaml b/packages/system/metallb/charts/metallb/templates/prometheusrules.yaml index e811ef13..64e44c60 100644 --- a/packages/system/metallb/charts/metallb/templates/prometheusrules.yaml +++ b/packages/system/metallb/charts/metallb/templates/prometheusrules.yaml @@ -19,8 +19,8 @@ spec: {{- if .Values.prometheus.prometheusRule.staleConfig.enabled }} - alert: MetalLBStaleConfig annotations: - message: {{`'{{ $labels.job }} - MetalLB {{ $labels.container }} on {{ $labels.pod - }} has a stale config for > 1 minute'`}} + summary: {{`'Stale config on {{ $labels.pod }}'`}} + description: {{`'{{ $labels.job }} - MetalLB {{ $labels.container }} on {{ $labels.pod }} has a stale config for > 1 minute'`}} expr: metallb_k8s_client_config_stale_bool{job=~"{{ template "metallb.fullname" . }}.*"} == 1 for: 1m {{- with .Values.prometheus.prometheusRule.staleConfig.labels }} @@ -31,8 +31,8 @@ spec: {{- if .Values.prometheus.prometheusRule.configNotLoaded.enabled }} - alert: MetalLBConfigNotLoaded annotations: - message: {{`'{{ $labels.job }} - MetalLB {{ $labels.container }} on {{ $labels.pod - }} has not loaded for > 1 minute'`}} + summary: {{`'Config on {{ $labels.pod }} has not been loaded'`}} + description: {{`'{{ $labels.job }} - MetalLB {{ $labels.container }} on {{ $labels.pod }} has not loaded for > 1 minute'`}} expr: metallb_k8s_client_config_loaded_bool{job=~"{{ template "metallb.fullname" . }}.*"} == 0 for: 1m {{- with .Values.prometheus.prometheusRule.configNotLoaded.labels }} @@ -43,8 +43,8 @@ spec: {{- if .Values.prometheus.prometheusRule.addressPoolExhausted.enabled }} - alert: MetalLBAddressPoolExhausted annotations: - message: {{`'{{ $labels.job }} - MetalLB {{ $labels.container }} on {{ $labels.pod - }} has exhausted address pool {{ $labels.pool }} for > 1 minute'`}} + summary: {{`'Exhausted address pool on {{ $labels.pod }}'`}} + description: {{`'{{ $labels.job }} - MetalLB {{ $labels.container }} on {{ $labels.pod }} has exhausted address pool {{ $labels.pool }} for > 1 minute'`}} expr: metallb_allocator_addresses_in_use_total >= on(pool) metallb_allocator_addresses_total for: 1m {{- with .Values.prometheus.prometheusRule.addressPoolExhausted.labels }} @@ -57,8 +57,8 @@ spec: {{- range .Values.prometheus.prometheusRule.addressPoolUsage.thresholds }} - alert: MetalLBAddressPoolUsage{{ .percent }}Percent annotations: - message: {{`'{{ $labels.job }} - MetalLB {{ $labels.container }} on {{ $labels.pod - }} has address pool {{ $labels.pool }} past `}}{{ .percent }}{{`% usage for > 1 minute'`}} + summary: {{`'Exhausted address pool on {{ $labels.pod }}'`}} + message: {{`'{{ $labels.job }} - MetalLB {{ $labels.container }} on {{ $labels.pod }} has address pool {{ $labels.pool }} past `}}{{ .percent }}{{`% usage for > 1 minute'`}} expr: ( metallb_allocator_addresses_in_use_total / on(pool) metallb_allocator_addresses_total ) * 100 > {{ .percent }} {{- with .labels }} labels: @@ -69,8 +69,8 @@ spec: {{- if .Values.prometheus.prometheusRule.bgpSessionDown.enabled }} - alert: MetalLBBGPSessionDown annotations: - message: {{`'{{ $labels.job }} - MetalLB {{ $labels.container }} on {{ $labels.pod - }} has BGP session {{ $labels.peer }} down for > 1 minute'`}} + summary: {{`'BGP session down on {{ $labels.pod }}'`}} + message: {{`'{{ $labels.job }} - MetalLB {{ $labels.container }} on {{ $labels.pod }} has BGP session {{ $labels.peer }} down for > 1 minute'`}} expr: metallb_bgp_session_up{job=~"{{ template "metallb.fullname" . }}.*"} == 0 for: 1m {{- with .Values.prometheus.prometheusRule.bgpSessionDown.labels }} diff --git a/packages/system/metallb/charts/metallb/templates/rbac.yaml b/packages/system/metallb/charts/metallb/templates/rbac.yaml index e7fc5d97..10ffbd8a 100644 --- a/packages/system/metallb/charts/metallb/templates/rbac.yaml +++ b/packages/system/metallb/charts/metallb/templates/rbac.yaml @@ -19,11 +19,11 @@ rules: resources: ["events"] verbs: ["create", "patch"] - apiGroups: ["admissionregistration.k8s.io"] - resources: ["validatingwebhookconfigurations", "mutatingwebhookconfigurations"] + resources: ["validatingwebhookconfigurations"] resourceNames: ["metallb-webhook-configuration"] verbs: ["create", "delete", "get", "list", "patch", "update", "watch"] - apiGroups: ["admissionregistration.k8s.io"] - resources: ["validatingwebhookconfigurations", "mutatingwebhookconfigurations"] + resources: ["validatingwebhookconfigurations"] verbs: ["list", "watch"] - apiGroups: ["apiextensions.k8s.io"] resources: ["customresourcedefinitions"] @@ -41,6 +41,7 @@ rules: resources: ["subjectaccessreviews"] verbs: ["create"] {{- end }} +{{- if .Values.speaker.enabled }} --- apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole @@ -72,7 +73,7 @@ rules: {{- if or .Values.frrk8s.enabled .Values.frrk8s.external }} - apiGroups: ["frrk8s.metallb.io"] resources: ["frrconfigurations"] - verbs: ["get", "list", "watch","create","update"] + verbs: ["get", "list", "watch","create","update","delete"] {{- end }} --- apiVersion: rbac.authorization.k8s.io/v1 @@ -109,6 +110,7 @@ rules: - apiGroups: ["metallb.io"] resources: ["communities"] verbs: ["get", "list", "watch"] +{{- end }} --- apiVersion: rbac.authorization.k8s.io/v1 kind: Role @@ -117,7 +119,7 @@ metadata: namespace: {{ .Release.Namespace | quote }} labels: {{- include "metallb.labels" . | nindent 4 }} rules: -{{- if .Values.speaker.memberlist.enabled }} +{{- if and .Values.speaker.enabled .Values.speaker.memberlist.enabled }} - apiGroups: [""] resources: ["secrets"] verbs: ["create", "get", "list", "watch"] @@ -166,6 +168,7 @@ roleRef: apiGroup: rbac.authorization.k8s.io kind: ClusterRole name: {{ template "metallb.fullname" . }}:controller +{{- if .Values.speaker.enabled }} --- apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRoleBinding @@ -195,6 +198,7 @@ roleRef: subjects: - kind: ServiceAccount name: {{ include "metallb.speaker.serviceAccountName" . }} +{{- end }} --- apiVersion: rbac.authorization.k8s.io/v1 kind: RoleBinding diff --git a/packages/system/metallb/charts/metallb/templates/service-accounts.yaml b/packages/system/metallb/charts/metallb/templates/service-accounts.yaml index 9615acf3..8d92a040 100644 --- a/packages/system/metallb/charts/metallb/templates/service-accounts.yaml +++ b/packages/system/metallb/charts/metallb/templates/service-accounts.yaml @@ -13,7 +13,7 @@ metadata: {{- toYaml . | nindent 4 }} {{- end }} {{- end }} -{{- if .Values.speaker.serviceAccount.create }} +{{- if and .Values.speaker.enabled .Values.speaker.serviceAccount.create }} --- apiVersion: v1 kind: ServiceAccount diff --git a/packages/system/metallb/charts/metallb/templates/servicemonitor.yaml b/packages/system/metallb/charts/metallb/templates/servicemonitor.yaml index 8be88dd3..2a92e48a 100644 --- a/packages/system/metallb/charts/metallb/templates/servicemonitor.yaml +++ b/packages/system/metallb/charts/metallb/templates/servicemonitor.yaml @@ -1,4 +1,9 @@ +{{- if and .Values.prometheus.serviceMonitor.enabled .Values.prometheus.podMonitor.enabled }} +{{- fail "prometheus.serviceMonitor.enabled and prometheus.podMonitor.enabled cannot both be set" }} +{{- end }} + {{- if .Values.prometheus.serviceMonitor.enabled }} +{{- if .Values.speaker.enabled }} apiVersion: monitoring.coreos.com/v1 kind: ServiceMonitor metadata: @@ -89,6 +94,7 @@ spec: {{- end }} sessionAffinity: None type: ClusterIP +{{- end }} --- apiVersion: monitoring.coreos.com/v1 kind: ServiceMonitor @@ -97,7 +103,6 @@ metadata: namespace: {{ .Release.Namespace | quote }} labels: {{- include "metallb.labels" . | nindent 4 }} - app.kubernetes.io/component: speaker {{- if .Values.prometheus.serviceMonitor.controller.additionalLabels }} {{ toYaml .Values.prometheus.serviceMonitor.controller.additionalLabels | indent 4 }} {{- end }} diff --git a/packages/system/metallb/charts/metallb/values.yaml b/packages/system/metallb/charts/metallb/values.yaml index bc96d355..50d26bca 100644 --- a/packages/system/metallb/charts/metallb/values.yaml +++ b/packages/system/metallb/charts/metallb/values.yaml @@ -42,7 +42,7 @@ prometheus: # certificate to be used. controllerMetricsTLSSecret: "" - # prometheus doens't have the permission to scrape all namespaces so we give it permission to scrape metallb's one + # prometheus doesn't have the permission to scrape all namespaces so we give it permission to scrape metallb's one rbacPrometheus: true # the service account used by prometheus @@ -64,7 +64,7 @@ prometheus: # enable support for Prometheus Operator enabled: false - # optional additionnal labels for podMonitors + # optional additional labels for podMonitors additionalLabels: {} # optional annotations for podMonitors @@ -143,7 +143,7 @@ prometheus: # enable alertmanager alerts enabled: false - # optional additionnal labels for prometheusRules + # optional additional labels for prometheusRules additionalLabels: {} # optional annotations for prometheusRules @@ -165,7 +165,7 @@ prometheus: addressPoolExhausted: enabled: true labels: - severity: alert + severity: critical addressPoolUsage: enabled: true @@ -178,13 +178,13 @@ prometheus: severity: warning - percent: 95 labels: - severity: alert + severity: critical # MetalLBBGPSessionDown bgpSessionDown: enabled: true labels: - severity: alert + severity: critical extraAlerts: [] diff --git a/packages/system/metallb/images/metallb/Dockerfile b/packages/system/metallb/images/metallb/Dockerfile new file mode 100644 index 00000000..477c3fc0 --- /dev/null +++ b/packages/system/metallb/images/metallb/Dockerfile @@ -0,0 +1,87 @@ +# syntax=docker/dockerfile:1.2 + +FROM --platform=$BUILDPLATFORM docker.io/golang:1.22.7 AS builder + +ARG VERSION +ARG GIT_COMMIT=dev +ARG GIT_BRANCH=dev +ARG TARGETARCH +ARG TARGETOS +ARG TARGETPLATFORM + +WORKDIR /go/go.universe.tf/metallb + +RUN --mount=type=cache,target=/go/pkg/mod \ + curl -sSL https://github.com/metallb/metallb/archive/refs/tags/${VERSION}.tar.gz \ + | tar -xzvf- --strip=1 + +RUN curl -sSLO https://github.com/metallb/metallb/pull/2726.diff && \ + git apply 2726.diff + +RUN --mount=type=cache,target=/go/pkg/mod \ + --mount=type=cache,target=/root/.cache/go-build \ + go mod download -x + +RUN case ${TARGETPLATFORM} in \ + "linux/arm/v6") export VARIANT="6" ;; \ + "linux/arm/v7") export VARIANT="7" ;; \ + *) export VARIANT="" ;; \ + esac && \ + CGO_ENABLED=0 GOOS=$TARGETOS GOARCH=$TARGETARCH GOARM=$VARIANT \ + go build -v -o /build/controller \ + -ldflags "-X 'go.universe.tf/metallb/internal/version.gitCommit=${GIT_COMMIT}' \ + -X 'go.universe.tf/metallb/internal/version.gitBranch=${GIT_BRANCH}'" \ + ./controller \ + && \ + CGO_ENABLED=0 GOOS=$TARGETOS GOARCH=$TARGETARCH GOARM=$VARIANT \ + go build -v -o /build/frr-metrics \ + -ldflags "-X 'go.universe.tf/metallb/internal/version.gitCommit=${GIT_COMMIT}' \ + -X 'go.universe.tf/metallb/internal/version.gitBranch=${GIT_BRANCH}'" \ + frr-tools/metrics/exporter.go \ + && \ + CGO_ENABLED=0 GOOS=$TARGETOS GOARCH=$TARGETARCH GOARM=$VARIANT \ + go build -v -o /build/cp-tool \ + -ldflags "-X 'go.universe.tf/metallb/internal/version.gitCommit=${GIT_COMMIT}' \ + -X 'go.universe.tf/metallb/internal/version.gitBranch=${GIT_BRANCH}'" \ + frr-tools/cp-tool/cp-tool.go \ + && \ + CGO_ENABLED=0 GOOS=$TARGETOS GOARCH=$TARGETARCH GOARM=$VARIANT \ + go build -v -o /build/speaker \ + -ldflags "-X 'go.universe.tf/metallb/internal/version.gitCommit=${GIT_COMMIT}' \ + -X 'go.universe.tf/metallb/internal/version.gitBranch=${GIT_BRANCH}'" \ + ./speaker + +FROM gcr.io/distroless/static:latest as controller + +COPY --from=builder /build/controller /controller + +LABEL org.opencontainers.image.authors="metallb" \ + org.opencontainers.image.url="https://github.com/metallb/metallb" \ + org.opencontainers.image.documentation="https://metallb.universe.tf" \ + org.opencontainers.image.source="https://github.com/cozystack/cozystack" \ + org.opencontainers.image.vendor="metallb" \ + org.opencontainers.image.licenses="Apache-2.0" \ + org.opencontainers.image.description="Metallb Controller" \ + org.opencontainers.image.title="controller" \ + org.opencontainers.image.base.name="gcr.io/distroless/static:latest" + +ENTRYPOINT ["/controller"] + +FROM gcr.io/distroless/static:latest as speaker + +COPY --from=builder /build/cp-tool /cp-tool +COPY --from=builder /build/speaker /speaker +COPY --from=builder /build/frr-metrics /frr-metrics +COPY --from=builder /go/go.universe.tf/metallb/frr-tools/reloader/frr-reloader.sh /frr-reloader.sh + +LABEL org.opencontainers.image.authors="metallb" \ + org.opencontainers.image.url="https://github.com/metallb/metallb" \ + org.opencontainers.image.documentation="https://metallb.universe.tf" \ + org.opencontainers.image.source="https://github.com/cozystack/cozystack" \ + org.opencontainers.image.vendor="metallb" \ + org.opencontainers.image.licenses="Apache-2.0" \ + org.opencontainers.image.description="Metallb speaker" \ + org.opencontainers.image.title="speaker" \ + org.opencontainers.image.base.name="gcr.io/distroless/static:latest" + +ENTRYPOINT ["/speaker"] diff --git a/packages/system/metallb/values.yaml b/packages/system/metallb/values.yaml index 737f17cf..04c3a710 100644 --- a/packages/system/metallb/values.yaml +++ b/packages/system/metallb/values.yaml @@ -2,5 +2,12 @@ metallb: crds: enabled: true - #speaker: - # tolerateMaster: false + controller: + image: + repository: ghcr.io/cozystack/cozystack/metallb/controller + tag: v0.14.9@sha256:c86418d1072d6037341d731917d11a2f281fb17559d5bb650962512f9894fd50 + + speaker: + image: + repository: ghcr.io/cozystack/cozystack/metallb/speaker + tag: v0.14.9@sha256:60fddc8fd6c125180186db31990993b4ebea5023ad410bf08ca9537a956e8279 diff --git a/scripts/common-envs.mk b/scripts/common-envs.mk index 99bc29eb..98f4652a 100644 --- a/scripts/common-envs.mk +++ b/scripts/common-envs.mk @@ -14,3 +14,9 @@ ifeq ($(COZYSTACK_VERSION),) $(shell git fetch upstream --tags) COZYSTACK_VERSION = $(patsubst v%,%,$(shell git describe --tags)) endif + +# Get the name of the selected docker buildx builder +BUILDER ?= $(shell docker buildx inspect --bootstrap | head -n2 | awk '/^Name:/{print $$NF}') +# Get platforms supported by the builder +PLATFORM ?= $(shell docker buildx ls --format=json | jq -r 'select(.Name == "$(BUILDER)") | [.Nodes[].Platforms // []] | flatten | unique | map(select(test("^linux/amd64$$|^linux/arm64$$"))) | join(",")') + diff --git a/scripts/migrations/11 b/scripts/migrations/11 old mode 100644 new mode 100755 diff --git a/scripts/migrations/12 b/scripts/migrations/12 new file mode 100755 index 00000000..fcb951bc --- /dev/null +++ b/scripts/migrations/12 @@ -0,0 +1,35 @@ +#!/bin/sh +# Migration 12 --> 13 + +# Copy configuration from ingress to cozystack configmap +if kubectl get hr -n tenant-root tenant-root > /dev/null; then + expose_services=$( + kubectl get hr -n tenant-root ingress -o go-template='{{ with .spec }}{{ with .values }}{{ if .dashboard }}dashboard,{{ end }}{{ if .cdiUploadProxy }}cdi-uploadproxy,{{ end }}{{ if .virtExportProxy }}vm-exportproxy,{{ end }}{{ end }}{{ end }}' + ) + expose_services=$(echo "$expose_services" | awk '{sub(/,$/,""); print}') + + expose_external_ips=$( + kubectl get hr -n tenant-root ingress -o go-template='{{ with .spec }}{{ with .values }}{{ if .externalIPs }}{{ range .externalIPs }}{{ . }},{{ end }}{{ end }}{{ end }}{{ end }}' + ) + expose_external_ips=$(echo "$expose_external_ips" | awk '{sub(/,$/,""); print}') + + existing_expose_external_ips=$(kubectl get cm -n cozy-system cozystack -o go-template='{{ index .data "expose-external-ips" }}') + existing_expose_services=$(kubectl get cm -n cozy-system cozystack -o go-template='{{ index .data "expose-services" }}') + + if [ "$existing_expose_external_ips" == "" ]; then + kubectl patch cm -n cozy-system cozystack --type merge -p="{\"data\":{\"expose-external-ips\":\"$expose_external_ips\"}}" + fi + + if [ "$existing_expose_services" == "" ]; then + kubectl patch cm -n cozy-system cozystack --type merge -p="{\"data\":{\"expose-services\":\"$expose_services\"}}" + fi + + kubectl patch hr -n tenant-root ingress --type json -p='[{"op": "remove", "path": "/spec/values/dashboard"}]' || true + kubectl patch hr -n tenant-root ingress --type json -p='[{"op": "remove", "path": "/spec/values/cdiUploadProxy"}]' || true + kubectl patch hr -n tenant-root ingress --type json -p='[{"op": "remove", "path": "/spec/values/virtExportProxy"}]' || true + kubectl patch hr -n tenant-root ingress --type json -p='[{"op": "remove", "path": "/spec/values/externalIPs"}]' || true + kubectl patch hr -n tenant-root ingress --type merge -p='{"spec":{"chart":{"spec":{"version":"1.6.0"}}}}' +fi + +# Write version to cozystack-version config +kubectl create configmap -n cozy-system cozystack-version --from-literal=version=13 --dry-run=client -o yaml | kubectl apply -f- diff --git a/scripts/package.mk b/scripts/package.mk index ca537213..62702321 100644 --- a/scripts/package.mk +++ b/scripts/package.mk @@ -29,3 +29,11 @@ delete: check suspend ## Delete Helm release from a Kubernetes cluster check: @if [ -z "$(NAME)" ]; then echo "env NAME is not set!" >&2; exit 1; fi @if [ -z "$(NAMESPACE)" ]; then echo "env NAMESPACE is not set!" >&2; exit 1; fi + +clean: + rm -rf charts/ + +%-update: + helm repo add $(REPO_NAME) $(REPO_URL) + helm repo update $(REPO_NAME) + helm pull $(REPO_NAME)/$(CHART_NAME) --untar --untardir charts --version "$(CHART_VERSION)"