remove helmwave

packages/core/namespaces/Chart.yaml

@@ -0,0 +1,2 @@
+name: cozystack
+version: 0.0.0

packages/core/namespaces/Makefile

@@ -1,8 +1,11 @@
+NAMESPACE=cozy-system
+NAME=namespaces
+
 show:
-	cat namespaces.yaml
+	helm template -n $(NAMESPACE) $(NAME) .
 
 apply:
-	kubectl apply -f namespaces.yaml
+	helm template -n $(NAMESPACE) $(NAME) . | kubectl apply -f-
 
 diff:
-	kubectl diff -f namespaces.yaml
+	helm diff upgrade --allow-unreleased -n $(NAMESPACE) $(NAME) .

packages/core/namespaces/namespaces.yaml

@@ -1,97 +0,0 @@
----
-apiVersion: v1
-kind: Namespace
-metadata:
-  name: cozy-cert-manager
----
-apiVersion: v1
-kind: Namespace
-metadata:
-  labels:
-    pod-security.kubernetes.io/enforce: privileged
-  name: cozy-cilium
----
-apiVersion: v1
-kind: Namespace
-metadata:
-  name: cozy-fluxcd
----
-apiVersion: v1
-kind: Namespace
-metadata:
-  name: cozy-grafana-operator
----
-apiVersion: v1
-kind: Namespace
-metadata:
-  name: cozy-ingress-nginx
----
-apiVersion: v1
-kind: Namespace
-metadata:
-  name: cozy-kubeapps
----
-apiVersion: v1
-kind: Namespace
-metadata:
-  labels:
-    pod-security.kubernetes.io/enforce: privileged
-  name: cozy-kubeovn
----
-apiVersion: v1
-kind: Namespace
-metadata:
-  labels:
-    pod-security.kubernetes.io/enforce: privileged
-  name: cozy-kubevirt
----
-apiVersion: v1
-kind: Namespace
-metadata:
-  labels:
-    pod-security.kubernetes.io/enforce: privileged
-  name: cozy-linstor
----
-apiVersion: v1
-kind: Namespace
-metadata:
-  name: cozy-mariadb-operator
----
-apiVersion: v1
-kind: Namespace
-metadata:
-  labels:
-    pod-security.kubernetes.io/enforce: privileged
-  name: cozy-metallb
----
-apiVersion: v1
-kind: Namespace
-metadata:
-  labels:
-    pod-security.kubernetes.io/enforce: privileged
-  name: cozy-monitoring
----
-apiVersion: v1
-kind: Namespace
-metadata:
-  name: cozy-postgres-operator
----
-apiVersion: v1
-kind: Namespace
-metadata:
-  name: cozy-rabbitmq-operator
----
-apiVersion: v1
-kind: Namespace
-metadata:
-  name: cozy-redis-operator
----
-apiVersion: v1
-kind: Namespace
-metadata:
-  name: cozy-telepresence
----
-apiVersion: v1
-kind: Namespace
-metadata:
-  name: cozy-victoria-metrics-operator

packages/core/namespaces/templates/namespaces.yaml

@@ -0,0 +1,13 @@
+{{- range $ns := .Values.namespaces }}
+---
+apiVersion: v1
+kind: Namespace
+metadata:
+  annotations:
+    "helm.sh/resource-policy": keep
+  {{- if $ns.privileged }}
+  labels:
+    pod-security.kubernetes.io/enforce: privileged
+  {{- end }}
+  name: {{ $ns.name }}
+{{- end }}

packages/core/namespaces/values.yaml

@@ -0,0 +1,26 @@
+namespaces:
+- name: cozy-system
+  privileged: true
+- name: cozy-cert-manager
+- name: cozy-cilium
+  privileged: true
+- name: cozy-fluxcd
+- name: cozy-grafana-operator
+- name: cozy-ingress-nginx
+- name: cozy-kubeapps
+- name: cozy-kubeovn
+  privileged: true
+- name: cozy-kubevirt
+  privileged: true
+- name: cozy-linstor
+  privileged: true
+- name: cozy-mariadb-operator
+- name: cozy-metallb
+  privileged: true
+- name: cozy-monitoring
+  privileged: true
+- name: cozy-postgres-operator
+- name: cozy-rabbitmq-operator
+- name: cozy-redis-operator
+- name: cozy-telepresence
+- name: cozy-victoria-metrics-operator

packages/system/.gitignore

@@ -1 +0,0 @@
-.helmwave

packages/system/Makefile

@@ -0,0 +1,18 @@
+apply show diff prepare:
+	make -C cert-manager $@
+	make -C cert-manager-issuers $@
+	make -C victoria-metrics-operator $@
+	make -C monitoring $@
+	make -C kubevirt-operator $@
+	make -C kubevirt $@
+	make -C metallb $@
+	make -C grafana-operator $@
+	make -C mariadb-operator $@
+	make -C postgres-operator $@
+	make -C rabbitmq-operator $@
+	make -C redis-operator $@
+	make -C piraeus-operator $@
+	make -C linstor $@
+	make -C telepresence $@
+	make -C ingress-nginx $@
+	make -C kubeapps $@

packages/system/cert-manager-issuers/Makefile

@@ -0,0 +1,11 @@
+NAME=cert-manager-issuers
+NAMESPACE=cozy-cert-manager
+
+show:
+	helm template -n $(NAMESPACE) $(NAME) .
+
+apply:
+	helm upgrade -i -n $(NAMESPACE) $(NAME) .
+
+diff:
+	helm diff upgrade --allow-unreleased -n $(NAMESPACE) $(NAME) .

packages/system/cert-manager/Makefile

@@ -1,3 +1,15 @@
+NAME=cert-manager
+NAMESPACE=cozy-cert-manager
+
+show:
+	helm template -n $(NAMESPACE) $(NAME) .
+
+apply:
+	helm upgrade -i -n $(NAMESPACE) $(NAME) .
+
+diff:
+	helm diff upgrade --allow-unreleased -n $(NAMESPACE) $(NAME) .
+
 update:
 	rm -rf charts
 	helm repo add jetstack https://charts.jetstack.io

packages/system/grafana-operator/Makefile

@@ -1,3 +1,15 @@
+NAME=grafana-operator
+NAMESPACE=cozy-grafana-operator
+
+show:
+	helm template -n $(NAMESPACE) $(NAME) .
+
+apply:
+	helm upgrade -i -n $(NAMESPACE) $(NAME) .
+
+diff:
+	helm diff upgrade --allow-unreleased -n $(NAMESPACE) $(NAME) .
+
 update:
 	rm -rf charts
 	mkdir -p charts

packages/system/helmwave.yml

@@ -1,262 +0,0 @@
-project: cozystack
-version: "0.0.0"
-
-.options: &options
-  wait: true
-  wait_for_jobs: true
-  force: false
-  timeout: 10m
-  atomic: false
-  max_history: 3
-  create_namespace: true
-  offline_kube_version: 1.29.0
-  pending_release_strategy: rollback
-
-releases:
-  - name: cilium
-    chart: cilium
-    namespace: cozy-cilium
-    <<: *options
-    tags:
-      - cilium
-    values:
-      - cilium/values.yaml
-
-  - name: kubeovn
-    chart: kubeovn
-    namespace: cozy-kubeovn
-    <<: *options
-    reuse_values: true
-    tags:
-      - kubeovn
-    values:
-      - kubeovn/values.yaml
-      - kubeovn/values-runtime.yaml
-    depends_on:
-      - cilium@cozy-cilium
-
-  - name: fluxcd
-    chart: fluxcd
-    namespace: cozy-fluxcd
-    <<: *options
-    tags:
-      - fluxcd
-    values:
-      - fluxcd/values.yaml
-    depends_on:
-      - cilium@cozy-cilium
-      - kubeovn@cozy-kubeovn
-
-  - name: cert-manager
-    chart: cert-manager
-    namespace: cozy-cert-manager
-    <<: *options
-    tags:
-      - cert-manager
-    values:
-      - cert-manager/values.yaml
-    depends_on:
-      - cilium@cozy-cilium
-      - kubeovn@cozy-kubeovn
-
-  - name: cert-manager-issuers
-    chart: cert-manager-issuers
-    namespace: cozy-cert-manager
-    <<: *options
-    tags:
-      - cert-manager
-    values:
-      - cert-manager-issuers/values.yaml
-    depends_on:
-      - cilium@cozy-cilium
-      - kubeovn@cozy-kubeovn
-      - cert-manager@cozy-cert-manager
-
-  - name: victoria-metrics-operator
-    chart: victoria-metrics-operator
-    namespace: cozy-victoria-metrics-operator
-    <<: *options
-    tags:
-      - victoria-metrics-operator
-    values:
-      - victoria-metrics-operator/values.yaml
-    depends_on:
-      - cilium@cozy-cilium
-      - kubeovn@cozy-kubeovn
-      - cert-manager@cozy-cert-manager
-
-  - name: monitoring
-    chart: monitoring
-    namespace: cozy-monitoring
-    <<: *options
-    tags:
-      - monitoring
-    values:
-      - monitoring/values.yaml
-    depends_on:
-      - cilium@cozy-cilium
-      - kubeovn@cozy-kubeovn
-      - victoria-metrics-operator@cozy-victoria-metrics-operator
-
-  - name: kubevirt-operator
-    chart: kubevirt-operator
-    namespace: cozy-kubevirt
-    <<: *options
-    tags:
-      - kubevirt
-    values:
-      - kubevirt-operator/values.yaml
-    depends_on:
-      - cilium@cozy-cilium
-      - kubeovn@cozy-kubeovn
-
-  - name: kubevirt
-    chart: kubevirt
-    namespace: cozy-kubevirt
-    <<: *options
-    tags:
-      - kubevirt
-    values:
-      - kubevirt/values.yaml
-    depends_on:
-      - cilium@cozy-cilium
-      - kubeovn@cozy-kubeovn
-      - kubevirt-operator@cozy-kubevirt
-
-  - name: metallb
-    chart: metallb
-    namespace: cozy-metallb
-    <<: *options
-    tags:
-      - metallb
-    values:
-      - metallb/values.yaml
-    depends_on:
-      - cilium@cozy-cilium
-      - kubeovn@cozy-kubeovn
-
-  - name: grafana-operator
-    chart: grafana-operator
-    namespace: cozy-grafana-operator
-    <<: *options
-    tags:
-      - grafana-operator
-    values:
-      - grafana-operator/values.yaml
-    depends_on:
-      - cilium@cozy-cilium
-      - kubeovn@cozy-kubeovn
-
-  - name: mariadb-operator
-    chart: mariadb-operator
-    namespace: cozy-mariadb-operator
-    <<: *options
-    tags:
-      - mariadb-operator
-    values:
-      - mariadb-operator/values.yaml
-    depends_on:
-      - cilium@cozy-cilium
-      - kubeovn@cozy-kubeovn
-      - cert-manager@cozy-cert-manager
-      - victoria-metrics-operator@cozy-victoria-metrics-operator
-
-  - name: postgres-operator
-    chart: postgres-operator
-    namespace: cozy-postgres-operator
-    <<: *options
-    tags:
-      - postgres-operator
-    values:
-      - postgres-operator/values.yaml
-    depends_on:
-      - cilium@cozy-cilium
-      - kubeovn@cozy-kubeovn
-      - cert-manager@cozy-cert-manager
-
-  - name: rabbitmq-operator
-    chart: rabbitmq-operator
-    namespace: cozy-rabbitmq-operator
-    <<: *options
-    tags:
-      - rabbitmq-operator
-    values:
-      - rabbitmq-operator/values.yaml
-    depends_on:
-      - cilium@cozy-cilium
-      - kubeovn@cozy-kubeovn
-
-  - name: redis-operator
-    chart: redis-operator
-    namespace: cozy-redis-operator
-    <<: *options
-    tags:
-      - redis-operator
-    values:
-      - redis-operator/values.yaml
-    depends_on:
-      - cilium@cozy-cilium
-      - kubeovn@cozy-kubeovn
-
-  - name: piraeus-operator
-    chart: piraeus-operator
-    namespace: cozy-linstor
-    <<: *options
-    tags:
-      - piraeus-operator
-    values:
-      - piraeus-operator/values.yaml
-    depends_on:
-      - cilium@cozy-cilium
-      - kubeovn@cozy-kubeovn
-      - cert-manager@cozy-cert-manager
-
-  - name: linstor
-    chart: linstor
-    namespace: cozy-linstor
-    <<: *options
-    tags:
-      - linstor
-    values:
-      - linstor/values.yaml
-    depends_on:
-      - cilium@cozy-cilium
-      - kubeovn@cozy-kubeovn
-      - piraeus-operator@cozy-linstor
-
-  - name: traffic-manager
-    chart: telepresence
-    namespace: cozy-telepresence
-    <<: *options
-    tags:
-      - telepresence
-    values:
-      - telepresence/values.yaml
-    depends_on:
-      - cilium@cozy-cilium
-      - kubeovn@cozy-kubeovn
-
-  - name: ingress-nginx
-    chart: ingress-nginx
-    namespace: cozy-ingress-nginx
-    <<: *options
-    tags:
-      - ingress-nginx
-    values:
-      - ingress-nginx/values.yaml
-    depends_on:
-      - cilium@cozy-cilium
-      - kubeovn@cozy-kubeovn
-      - cert-manager@cozy-cert-manager
-
-  - name: kubeapps
-    chart: kubeapps
-    namespace: cozy-kubeapps
-    <<: *options
-    tags:
-      - kubeapps
-    values:
-      - kubeapps/values.yaml
-    depends_on:
-      - cilium@cozy-cilium
-      - kubeovn@cozy-kubeovn

packages/system/ingress-nginx/Makefile

@@ -1,3 +1,15 @@
+NAME=ingress-nginx
+NAMESPACE=cozy-ingress-nginx
+
+show:
+	helm template -n $(NAMESPACE) $(NAME) .
+
+apply:
+	helm upgrade -i -n $(NAMESPACE) $(NAME) .
+
+diff:
+	helm diff upgrade --allow-unreleased -n $(NAMESPACE) $(NAME) .
+
 update:
 	rm -rf charts
 	helm repo add ingress-nginx https://kubernetes.github.io/ingress-nginx

packages/system/kubeapps/Makefile

@@ -1,4 +1,17 @@
+NAME=kubeapps
+NAMESPACE=cozy-kubeapps
+
+show:
+	helm template -n $(NAMESPACE) $(NAME) .
+
+apply:
+	helm upgrade -i -n $(NAMESPACE) $(NAME) .
+
+diff:
+	helm diff upgrade --allow-unreleased -n $(NAMESPACE) $(NAME) .
+
 update: update-chart update-dockerfiles
+image: image-dashboard image-kubeapps-apis
 
 update-chart:
 	rm -rf charts

packages/system/kubevirt-operator/Makefile

@@ -1,3 +1,15 @@
+NAME=kubevirt-operator
+NAMESPACE=cozy-kubevirt
+
+show:
+	helm template -n $(NAMESPACE) $(NAME) .
+
+apply:
+	helm upgrade -i -n $(NAMESPACE) $(NAME) .
+
+diff:
+	helm diff upgrade --allow-unreleased -n $(NAMESPACE) $(NAME) .
+
 update:
 	rm -rf templates
 	mkdir templates

packages/system/kubevirt/Makefile

@@ -1,3 +1,15 @@
+NAME=kubevirt
+NAMESPACE=cozy-kubevirt
+
+show:
+	helm template -n $(NAMESPACE) $(NAME) .
+
+apply:
+	helm upgrade -i -n $(NAMESPACE) $(NAME) .
+
+diff:
+	helm diff upgrade --allow-unreleased -n $(NAMESPACE) $(NAME) .
+
 update:
 	rm -rf templates
 	mkdir templates

packages/system/linstor/Makefile

@@ -0,0 +1,11 @@
+NAME=linstor
+NAMESPACE=cozy-linstor
+
+show:
+	helm template -n $(NAMESPACE) $(NAME) .
+
+apply:
+	helm upgrade -i -n $(NAMESPACE) $(NAME) .
+
+diff:
+	helm diff upgrade --allow-unreleased -n $(NAMESPACE) $(NAME) .

packages/system/mariadb-operator/Makefile

@@ -1,3 +1,15 @@
+NAME=mariadb-operator
+NAMESPACE=cozy-mariadb-operator
+
+show:
+	helm template -n $(NAMESPACE) $(NAME) .
+
+apply:
+	helm upgrade -i -n $(NAMESPACE) $(NAME) .
+
+diff:
+	helm diff upgrade --allow-unreleased -n $(NAMESPACE) $(NAME) .
+
 update:
 	rm -rf charts
 	helm repo add mariadb-operator https://mariadb-operator.github.io/mariadb-operator

packages/system/metallb-addresses/Makefile

@@ -0,0 +1,11 @@
+NAME=metallb-addresses
+NAMESPACE=cozy-metallb
+
+show:
+	helm template -n $(NAMESPACE) $(NAME) .
+
+apply:
+	helm upgrade -i -n $(NAMESPACE) $(NAME) .
+
+diff:
+	helm diff upgrade --allow-unreleased -n $(NAMESPACE) $(NAME) .

packages/system/metallb/Makefile

@@ -1,3 +1,15 @@
+NAME=metallb
+NAMESPACE=cozy-metallb
+
+show:
+	helm template -n $(NAMESPACE) $(NAME) .
+
+apply:
+	helm upgrade -i -n $(NAMESPACE) $(NAME) .
+
+diff:
+	helm diff upgrade --allow-unreleased -n $(NAMESPACE) $(NAME) .
+
 update:
 	rm -rf charts
 	helm repo add metallb https://metallb.github.io/metallb

packages/system/monitoring/Makefile

@@ -1,3 +1,15 @@
+NAME=monitoring
+NAMESPACE=cozy-monitoring
+
+show:
+	helm template -n $(NAMESPACE) $(NAME) .
+
+apply:
+	helm upgrade -i -n $(NAMESPACE) $(NAME) .
+
+diff:
+	helm diff upgrade --allow-unreleased -n $(NAMESPACE) $(NAME) .
+
 update:
 	rm -rf charts
 	helm repo add prometheus-community https://prometheus-community.github.io/helm-charts

packages/system/piraeus-operator/Makefile

@@ -1,3 +1,15 @@
+NAME=piraeus-operator
+NAMESPACE=cozy-linstor
+
+show:
+	helm template -n $(NAMESPACE) $(NAME) .
+
+apply:
+	helm upgrade -i -n $(NAMESPACE) $(NAME) .
+
+diff:
+	helm diff upgrade --allow-unreleased -n $(NAMESPACE) $(NAME) .
+
 update:
 	rm -rf charts
 	tag=$$(git ls-remote --tags --sort="v:refname" https://github.com/piraeusdatastore/piraeus-operator  | awk -F'[/^]' 'END{print $$3}') && \

packages/system/postgres-operator/Makefile

@@ -1,3 +1,15 @@
+NAME=postgres-operator
+NAMESPACE=cozy-postgres-operator
+
+show:
+	helm template -n $(NAMESPACE) $(NAME) .
+
+apply:
+	helm upgrade -i -n $(NAMESPACE) $(NAME) .
+
+diff:
+	helm diff upgrade --allow-unreleased -n $(NAMESPACE) $(NAME) .
+
 update:
 	rm -rf charts
 	helm repo add cnpg https://cloudnative-pg.github.io/charts

packages/system/rabbitmq-operator/Makefile

@@ -1,3 +1,15 @@
+NAME=rabbitmq-operator
+NAMESPACE=cozy-rabbitmq-operator
+
+show:
+	helm template -n $(NAMESPACE) $(NAME) .
+
+apply:
+	helm upgrade -i -n $(NAMESPACE) $(NAME) .
+
+diff:
+	helm diff upgrade --allow-unreleased -n $(NAMESPACE) $(NAME) .
+
 update:
 	rm -rf templates/cluster-operator.yml
 	wget -O templates/cluster-operator.yml https://github.com/rabbitmq/cluster-operator/releases/latest/download/cluster-operator.yml

packages/system/reconcile.sh

@@ -1,39 +0,0 @@
-#!/bin/sh
-# The script reacts to changes in the number of IP addresses for master nodes, and then starts reconciliation.
-
-get_ips() {
-  kubectl get nodes -lnode-role.kubernetes.io/control-plane -o jsonpath='{.items[*].status.addresses[?(@.type=="InternalIP")].address}'
-}
-
-reconcile() {
-  kubectl apply -f namespaces.yaml
-  kubectl label node -lnode-role.kubernetes.io/control-plane kube-ovn/role=master --overwrite
-  
-  MASTER_NODES=$(kubectl get nodes -lnode-role.kubernetes.io/control-plane -o jsonpath='{.items[*].status.addresses[?(@.type=="InternalIP")].address}' | tr ' ' ',')
-  MASTER_COUNT=$(echo "$MASTER_NODES" | awk -F, '{ print NF }')
-  
-  echo "kube-ovn:
-    MASTER_NODES: \"${MASTER_NODES}\"
-    replicaCount: ${MASTER_COUNT}" > kubeovn/values-runtime.yaml
-  
-  helmwave --log-format text up --build || exit $?
-}
-
-wait_for_new_ips() {
-  OLD_MASTER_NODES="$MASTER_NODES"
-  MASTER_NODES=$(get_ips | tr ' ' ',')
-  if [ "$MASTER_NODES" != "$MASTER_NODES" ]; then
-    return
-  fi
-  kubectl get nodes --watch-only=true -w -lnode-role.kubernetes.io/control-plane -o jsonpath='{.status.addresses[?(@.type=="InternalIP")].address}{"\n"}' | \
-    while read address; do
-      if [ -n "$address" ] && ! echo ",$MASTER_NODES," | grep -q ",$address,"; then
-        return
-      fi
-    done
-}
-
-reconcile
-while wait_for_new_ips; do
-  reconcile
-done

packages/system/redis-operator/Makefile

@@ -1,3 +1,15 @@
+NAME=redis-operator
+NAMESPACE=cozy-redis-operator
+
+show:
+	helm template -n $(NAMESPACE) $(NAME) .
+
+apply:
+	helm upgrade -i -n $(NAMESPACE) $(NAME) .
+
+diff:
+	helm diff upgrade --allow-unreleased -n $(NAMESPACE) $(NAME) .
+
 update:
 	rm -rf charts
 	helm repo add redis-operator https://spotahome.github.io/redis-operator

packages/system/telepresence/Makefile

@@ -1,3 +1,15 @@
+NAME=traffic-manager
+NAMESPACE=cozy-telepresence
+
+show:
+	helm template -n $(NAMESPACE) $(NAME) .
+
+apply:
+	helm upgrade -i -n $(NAMESPACE) $(NAME) .
+
+diff:
+	helm diff upgrade --allow-unreleased -n $(NAMESPACE) $(NAME) .
+
 update:
 	rm -rf charts
 	helm repo add datawire https://app.getambassador.io

packages/system/victoria-metrics-operator/Makefile

@@ -1,3 +1,15 @@
+NAME=victoria-metrics-operator
+NAMESPACE=cozy-victoria-metrics-operator
+
+show:
+	helm template -n $(NAMESPACE) $(NAME) .
+
+apply:
+	helm upgrade -i -n $(NAMESPACE) $(NAME) .
+
+diff:
+	helm diff upgrade --allow-unreleased -n $(NAMESPACE) $(NAME) .
+
 update:
 	rm -rf charts
 	# VictoriaMetrics operator