This patch separates the Test job of the PR workflow into several
smaller jobs: 1) create a testing sandbox and deploy Talos, 2) install
Cozystack and configure it, 3) install managed applications and run e2e
tests. This lets developers shorten the feedback loop if tests are
merely acting flaky and aren't really broken. It's not the right way,
but it's 80/20.
Signed-off-by: Timofei Larkin <lllamnyp@gmail.com>
This change includes the following commit
6856b66f92
Signed-off-by: Andrei Kvapil <kvapss@gmail.com>
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
- **Chores**
- Updated the version of a core dependency used in the dashboard and
related services to a newer commit. No user-facing changes.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
- **New Features**
- Introduced advanced Helm template helpers for managing Kubernetes RBAC
(Role-Based Access Control), including access level mapping,
hierarchy-aware group subject generation, and tenant parsing.
- Added dynamic RoleBinding resources across multiple applications to
bind roles to appropriate subjects based on access levels and tenant
namespaces.
- **Bug Fixes**
- Refined tenant application roles by restricting resource permissions
to specific core Kubernetes resources, enhancing security and access
control granularity.
- **Chores**
- Updated chart versions across numerous applications to reflect new
releases.
- Added reference files linking to the shared library in multiple
application chart directories.
- Pinned package versions to specific commits for improved version
stability and tracking.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
- **Documentation**
- Improved and clarified documentation for the Managed ClickHouse
Service, including enhanced introductory content and clearer backup
instructions.
- Updated and corrected parameter descriptions for accuracy, especially
regarding shards, replicas, storage sizes, and backup options.
- Expanded explanations and examples for resource configuration in
production environments.
- Reformatted tables and notes for better readability and usability.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
- **New Features**
- Added a new template to automatically create a self-signed
ClusterIssuer for certificate management if one does not already exist.
- **Chores**
- Updated dependency configuration for the snapshot-controller to
simplify its setup process.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
Signed-off-by: Andrei Kvapil <kvapss@gmail.com>
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
- **New Features**
- Introduced the use of the CozyPkg tool for package deployment and
management, replacing previous Helm-based workflows across installer,
platform, and system components.
- **Refactor**
- Updated Makefiles and scripts to use CozyPkg commands for showing,
applying, diffing, suspending, resuming, and deleting packages.
- Removed dynamic API version handling and simplified deployment command
structures.
- **Chores**
- Updated Docker images to newer base versions and included CozyPkg
installation steps.
- Changed installer image references to use the latest available build.
- Removed obsolete scripts and dependencies related to Helm and
Kustomize.
- Consolidated package installations and updated tooling in Dockerfiles
for improved efficiency.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
- **New Features**
- Added default resource specifications for PostgreSQL jobs to ensure
consistent CPU and memory allocation.
- **Chores**
- Updated the chart version for the PostgreSQL application.
- Refreshed version mapping to reflect the latest release.
- Improved Node.js setup and package installation in the pre-commit
workflow.
- **Tests**
- Increased memory allocation for QEMU virtual machines in end-to-end
tests.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
Signed-off-by: Andrei Kvapil <kvapss@gmail.com>
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
- **New Features**
- Added new configuration options to exclude specific address pools from
Prometheus alerts for address pool exhaustion and usage.
- Introduced a new CRD for ServiceBGPStatus to provide detailed BGP peer
status per service and node.
- Added new status fields to track assigned and available IPv4/IPv6
addresses in IPAddressPool.
- **Improvements**
- Updated Helm chart and dependency versions to the latest releases.
- Enhanced validation for speaker configuration to prevent invalid
settings.
- Clarified configuration descriptions for easier understanding.
- Increased file descriptor limits for FRR daemons to improve
reliability.
- Simplified Docker image handling by using pre-built MetalLB images
instead of local builds.
- **Bug Fixes**
- Updated RBAC roles to grant necessary permissions for new resources
and status updates.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
Signed-off-by: Andrei Kvapil <kvapss@gmail.com>
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
- **New Features**
- Added a new configuration option to require Kubernetes connectivity in
liveness probes.
- Enabled Kafka API key redaction by default in Hubble settings.
- **Bug Fixes**
- Improved conditional logic for resource creation to prevent
unnecessary resources during preflight mode.
- Corrected YAML indentation and formatting in configuration files.
- **Chores**
- Upgraded Cilium and related component images from version 1.17.3 to
1.17.4.
- Updated documentation and default configuration values to reflect new
versions and settings.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
This PR includes fixes and updates for cozystack dashboard:
### [fix client rate
limiter](b1467cecc1)
fixes the error `client rate limiter Wait returned an error: context
canceled`
The QPS and Burst options were set after the kubernetes client
initalized and had no effect
The limits are also increased fivefold:
```diff
- - --kube-api-qps=50.0
- - --kube-api-burst=100
+ - --kube-api-qps=250.0
+ - --kube-api-burst=500
```
### [fix relative
urls](e2153e26dd)
Fixes regression introduced in
https://github.com/cozystack/cozystack/pull/935 which suddenly removed
previus workaround https://github.com/cozystack/cozystack/pull/102
Now the proper fix prepared.
Related to upstream issue
https://github.com/vmware-tanzu/kubeapps/issues/7740
### [remove version
selector](f412a6aba4)
from both package insallation page and upgrading page
<img width="505" alt="Screenshot 2025-06-10 at 1 47 10"
src="https://github.com/user-attachments/assets/36068264-2878-4b82-a159-6c911f1c1eef"
/>
now it always will default to the latest package version
### [always fetch details from the latest
version](741a7ddb93)
If old package version installed it will display information from the
latest package in repository. This and previus fix actually remove the
need for having versions_map logic and pack multiple charts for the
release. But informs user about newer versions and allows to perform
upgrade on demand in specific time:
<img width="423" alt="Screenshot 2025-06-10 at 1 52 53"
src="https://github.com/user-attachments/assets/dd571c9f-c2bc-403f-9aa0-3d8853600241"
/>
### [Remove plugin name from
header]ffc0b0246b
We always use flux though
<img width="386" alt="Screenshot 2025-06-10 at 1 55 39"
src="https://github.com/user-attachments/assets/df6f52b5-82ab-4e7a-a973-2a82eb38ebfb"
/>
### [Fix switching context from app
view](d89e721fcb)
Fixes the error message while swtiching tenant from the application view
```
An error occurred while fetching the application: Unable to get installed package.
```
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
- **New Features**
- Added new configuration options for API request rate limits in the
dashboard settings.
- **Style**
- Updated dashboard appearance to hide version information and specific
label elements.
- **Chores**
- Updated internal references to the latest version of the dashboard
source code.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
Flux 2.6.1 is the latest Flux release now
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
- **New Features**
- Enhanced validation for custom resources to ensure consistent naming
and conditional field requirements.
- Added support for referencing input providers using label selectors,
and expanded input provider types.
- Extended reporting with new cluster information fields.
- **Bug Fixes**
- Improved schema constraints to prevent invalid or inconsistent
resource configurations.
- **Documentation**
- Updated version information in documentation and Helm chart metadata
to reflect the latest release.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
Made same changes as in
[PR](https://github.com/cozystack/cozystack/pull/1019)
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
- **New Features**
- Added support for defining a system disk with customizable storage and
image sources for virtual machines.
- **Improvements**
- Enhanced cloud-init configuration to require both SSH keys and
cloud-init data for certain volume setups, improving user data handling.
- Simplified disk configuration for virtual machines, making setup more
straightforward.
- Shortened and clarified error messages for missing configuration
fields.
- **Chores**
- Updated chart and package versions for virtual-machine and vm-instance
applications.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
Signed-off-by: Andrei Kvapil <kvapss@gmail.com>
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
- **New Features**
- Expanded permissions for managing namespaces, now allowing patch and
update actions in addition to viewing and listing.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
If ssh key provided - deploy
If cloudinit provided - deploy
If ssh key and cloudinit provided - deploy both
If none provided - init empty to avoid issues w/
network
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
- **Refactor**
- Improved handling of SSH keys and cloud-init data in the Virtual
Machine setup, clearly distinguishing cases when SSH keys, cloud-init,
or both are provided.
- Enhanced template readability with added spacing for better clarity.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
