this PR fixes problem
```
* admission webhook "vlinstorcluster.kb.io" denied the request: LinstorCluster.piraeus.io "linstorcluster" is invalid: spec.patches.0.patch: Invalid value: "apiVersion: apps/v1\nkind: Deployment\nmetadata:\n annotations:\n secret.reloader.stakater.com/auto: \"true\"\n": Failed to parse patch as either Strategic Merge Patch (missing metadata.name in object {{apps/v1 Deployment} {{ } map[] map[secret.reloader.stakater.com/auto:true]}}) or JSON Patch (json: cannot unmarshal object into Go value of type jsonpatch.Patch)
```
used solution from
-
https://github.com/piraeusdatastore/piraeus-operator/issues/701#issuecomment-2377702085
Signed-off-by: Andrei Kvapil <kvapss@gmail.com>
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
- **Chores**
- Streamlined the asset release process to automatically replace
existing files during uploads.
- **Container Image Updates**
- Upgraded versions across multiple components—including backup,
caching, autoscaling, API, dashboard, monitoring, and more—to align with
the latest release (e.g., updating from v0.28.0 to v0.29.0 and other
minor version increments).
- Updated specific images for Grafana, PostgreSQL, MariaDB, ClickHouse,
and others to their latest versions.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
---------
Signed-off-by: Nick Volynkin <nick.volynkin@gmail.com>
Signed-off-by: Andrei Kvapil <kvapss@gmail.com>
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
- **Chores**
- Enhanced version mapping with improved error reporting and clearer
version resolution, ensuring more accurate and reliable version
displays.
- Updated version references for multiple packages to maintain
consistency and stability across the system.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
Signed-off-by: Andrei Kvapil <kvapss@gmail.com>
Fixup to 116196b4d4
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
- **Chores**
- Upgraded the Bootbox package to the latest release, ensuring continued
stability and a solid foundation for future improvements.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
Signed-off-by: Nick Volynkin <nick.volynkin@gmail.com>
# Upload build assets with make upload_assets; keep image digests
* Keep image digests in cozystack-installer.yml
* Remove manifests/cozysаtack-installer.yaml, which is a build asset,
not source file.
* Requires `gh`, the GitHub CLI app.
Co-authored-by: Andrei Kvapil <kvapss@gmail.com>
Signed-off-by: Nick Volynkin <nick.volynkin@gmail.com>
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
- **New Features**
- Introduced an automated process that uploads release assets during
each update cycle, ensuring smoother and more reliable deployments.
- Added a new target for uploading assets in the build process.
- **Refactor**
- Streamlined the organization and generation of deployment artifacts to
improve efficiency and consistency in our release workflow.
- Adjusted output file management for better structure.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
Signed-off-by: Nick Volynkin <nick.volynkin@gmail.com>
Co-authored-by: Andrei Kvapil <kvapss@gmail.com>
This commit enables Cilium's host firewall feature and makes use of it
to deny external connections to two exporters running as daemonset pods
in the host network namespace.
Signed-off-by: Timofei Larkin <lllamnyp@gmail.com>
Co-authored-by: Timofei Larkin <lllamnyp@gmail.com>
This commit enables Cilium's host firewall feature and makes use of it
to deny external connections to two exporters running as daemonset pods
in the host network namespace.
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
- **New Features**
- Host firewall is now enabled by default, adding an extra layer of
security.
- Enhanced network traffic management with new policies:
- One policy tightens access to critical service ports.
- Another secures monitoring endpoints by restricting unauthorized
external access.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
Signed-off-by: Timofei Larkin <lllamnyp@gmail.com>
Signed-off-by: Andrei Kvapil <kvapss@gmail.com>
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
- **Chores**
- Updated the cloud provider’s container image to a new stable version.
- **New Features**
- Enhanced multi-cluster support to ensure services are correctly scoped
to their respective clusters.
- **Refactor**
- Removed legacy service management logic for streamlined processing.
- **Tests**
- Adjusted test coverage to validate the improved multi-cluster and
service filtering behaviors.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
Signed-off-by: Andrei Kvapil <kvapss@gmail.com>
This is a first draft of Cozystack project governance
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
- **Documentation**
- Introduced a new governance document outlining the project's community
roles and responsibilities.
- Clarified roles for various community members including users,
contributors, and leadership.
- Detailed the decision-making process and guidelines to promote
transparent engagement and active participation.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
Signed-off-by: Nick Volynkin <nick.volynkin@gmail.com>
Co-authored-by: Nick Volynkin <nick.volynkin@gmail.com>
* Add stakater/Reloader to the storage-enabled bundles.
* Add annotations to Linstor components to reload when secrets change.
Closes#456
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
- **New Features**
- Introduced a new reloader component that triggers automatic rolling
updates when configuration or secret changes are detected.
- Delivered a fully customizable Helm chart and configuration schema,
including a reload strategy based on annotations for enhanced deployment
control.
- **Tests**
- Added test cases to validate container security settings and
environment variable propagation, ensuring robust high-availability
configurations.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
Signed-off-by: Timofei Larkin <lllamnyp@gmail.com>
This PR fixes race condition when you have two clusters with two
services with simillar names, two eps-controllers might continiusly
conflict between each other.
Upstream issue
https://github.com/kubevirt/cloud-provider-kubevirt/pull/341
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
- **New Features**
- Introduced multi-cluster support with a new configuration option to
ensure that services and deployments are correctly scoped across
different environments.
- **Bug Fixes**
- Refined endpoint management by improving service port handling and
eliminating duplicate entries, resulting in more consistent and reliable
service routing.
- **Chores**
- Updated the image versioning strategy to a dynamic tag, streamlining
deployments and simplifying future upgrades.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
Signed-off-by: Andrei Kvapil <kvapss@gmail.com>
Signed-off-by: Andrei Kvapil <kvapss@gmail.com>
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
- **Bug Fixes**
- MAC addresses are now consistently displayed in lowercase for uniform
formatting.
- **Chores**
- Updated the package version to 0.1.1 and refined version tracking for
improved package management.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
Signed-off-by: Andrei Kvapil <kvapss@gmail.com>
Do not restart the container if something goes wrong while plunger tries
to fix the linstor state.
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
- **Bug Fixes**
- Improved error notifications during system operations to ensure any
issues are promptly reported.
- **Documentation**
- Updated descriptive information on secondary volume management to help
clarify operational conditions.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
Signed-off-by: Denis Seleznev <kto.3decb@gmail.com>
I just noticed that many devices are still attached to `/`, they are not
deleted but still blocking DRBD operations
Signed-off-by: Andrei Kvapil <kvapss@gmail.com>
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
- **Bug Fixes**
- Improved detection of inactive loop devices by broadening the
filtering criteria, ensuring more accurate identification in various
scenarios.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
Signed-off-by: Andrei Kvapil <kvapss@gmail.com>
Due to upstream compat issues we backport the security patches to
v1.11.2 of the ingress controller and do not rebuild the existing
protobuf exporter.
Signed-off-by: Timofei Larkin <lllamnyp@gmail.com>
Makefile was copied from VictoriaMetrics Operator, some lines were not
changed.
Follow-up to #676Resolves#705
Signed-off-by: Nick Volynkin <nick.volynkin@gmail.com>
The mounting of /run parts was fixed in a consistent way upstream.
fixes#699
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
- **Chores**
- Streamlined satellite configurations by removing an unnecessary volume
setting from a container.
- Eliminated an unneeded container entry along with its related
configuration, reducing overall complexity.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
Signed-off-by: Denis Seleznev <kto.3decb@gmail.com>
Released early this week
https://github.com/controlplaneio-fluxcd/flux-operator/releases/tag/v0.18.0
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
- **New Features**
- Upgraded the charts to version 0.18.0.
- Added options for custom pod scheduling using node selectors.
- Introduced a reporting configuration with a customizable interval
through an environment variable.
- **Documentation**
- Updated release information and configuration details to reflect the
new options and version update.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
Signed-off-by: Kingdon B <kingdon@urmanac.com>
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
- **New Features**
- Updated the remote write configuration to support multiple endpoints,
allowing data ingestion from both short-term and long-term services for
improved flexibility.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
Signed-off-by: kklinch0 <kklinch0@gmail.com>
We have common-instance-types deployed by kubevirt-operator and separate
helm-chart.
In this case operator always overrides the resource by default ones.
This PR disables common-instance-types deployment for kubevirt-operator
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
- **Chores**
- Updated the package’s internal identifier to enhance consistency
across integration points.
- **New Features**
- Introduced a new configuration option that enables a deployment toggle
for managing instance types (disabled by default).
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
The Linstor satellite creates problems with admin privileges, so the
plunger needs the same privileges to fix those problems.
Also, use the native `losetup`. The Linstor image has a wrapper with an
additional function that we do not need here.
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
- **Refactor**
- Improved the management of unused loop devices with clearer feedback
and refined error handling.
- **New Features**
- Enhanced container configuration by adding elevated system
permissions, allowing the container to perform higher-level operations.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
