Signed-off-by: Andrei Kvapil <kvapss@gmail.com>
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
- **New Features**
- Added support for specifying a literal password in keystore
configurations, alongside existing secret reference options.
- Introduced a new optional tenant ID field for Azure DNS managed
identity in ACME DNS01 solver configuration.
- **Improvements**
- Updated cert-manager Helm chart and documentation to version 1.17.2.
- Expanded feature gate configuration options with detailed default
values and stability levels.
- Enhanced documentation and examples for templating service account
annotations.
- Improved conditional logic for resource creation and image pull
secrets handling in deployments and services.
- **Bug Fixes**
- Made password fields in keystore configurations mutually exclusive and
optional, improving flexibility and clarity.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
Add support for metallb multiarch build.
Part of #519 and a follow-up to PR #945 (issue #909)
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
- **Chores**
- Improved Docker build process for image-controller and image-speaker
to allow dynamic control over image loading and enhanced build
configuration consistency. No changes to user-facing features.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
Signed-off-by: Andrei Kvapil <kvapss@gmail.com>
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
- **New Features**
- Expanded support for prerelease tags to include "alpha" and "beta"
suffixes (e.g., `-alpha.1`, `-beta.2`) in addition to "rc".
- **Style**
- Improved formatting and consistency in comments and log messages.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
Signed-off-by: Andrei Kvapil <kvapss@gmail.com>
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
- **Chores**
- Improved the process for updating or creating maintenance branches to
ensure they always point to the latest tagged release commit.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
Signed-off-by: Andrei Kvapil <kvapss@gmail.com>
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
- **Bug Fixes**
- Improved configuration to automatically disable admission webhooks for
cert-manager when the cert-manager addon is not enabled, preventing
unnecessary webhook setup.
- **Chores**
- Updated Kubernetes chart version to 0.20.1.
- Updated version mapping for the Kubernetes package.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
remove specification:
```
pvc:
volumeMode: Block
accessModes:
- ReadWriteMany
```
with `storage` it will be filled automatcially from storageprofile for
specific storage provider
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
- **New Features**
- Updated the virtual machine app to version 0.9.2.
- **Refactor**
- Changed the data volume configuration to use a simplified storage
specification instead of a persistent volume claim.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
- **Documentation**
- Improved and reorganized tenant documentation for better clarity.
- Added explicit rules for tenant naming, including restrictions on
dashes and required alphanumeric names.
- Clarified how tenant domains are structured and inherited.
- Expanded explanations on nesting tenants and sharing parent services,
with updated examples and clearer formatting.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
It was updated:
4ecf492cd4
Then partially reverted during merge:
d550a67f19
Please take a look if it should be updated.
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
- **Chores**
- Updated the Kamaji component to use version edge-25.4.1.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
This patch introduces reusable library charts that provide
backward-compatibility for users that specify their resources as
explicit requests and limits for cpu, however this input is processed so
that limits are set equal to requests except for CPU which only gets
requests. Users can now embrace the new form by directly specifying
resources in the first level of nesting (e.g. resources.cpu=100m instead
of .resources.requests.cpu=100m). The order of precedence is top-level,
then requests, then limits, ensuring that nothing will break in terms of
scheduling, however workloads that specified limits much higher than
requests might get a performance hit, now that they cannot use all this
excess capacity. This should only affect memory-hungry workloads in
low-contention environments.
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
- **New Features**
- Introduced a reusable Helm library chart, "cozy-lib", providing common
templates and resource helpers for other charts.
- Added resource preset and sanitization templates to standardize
Kubernetes resource configurations.
- ClickHouse chart now depends on "cozy-lib" for improved resource
handling.
- Added a new packaging script and streamlined Helm chart packaging
processes across multiple packages.
- **Bug Fixes**
- Resource configuration logic in the ClickHouse deployment was updated
to use the new library templates, ensuring more consistent resource
definitions.
- **Chores**
- Added new Makefiles and version mapping for streamlined Helm chart
packaging and validation.
- Updated ClickHouse chart version to 0.9.0 and reflected this in
version mapping files.
- Refactored Makefile targets to consolidate packaging logic and improve
maintainability.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
This patch introduces reusable library charts that provide
backward-compatibility for users that specify their resources as
explicit requests and limits for cpu, however this input is processed so
that limits are set equal to requests except for CPU which only gets
requests. Users can now embrace the new form by directly specifying
resources in the first level of nesting (e.g. resources.cpu=100m instead
of .resources.requests.cpu=100m). The order of precedence is top-level,
then requests, then limits, ensuring that nothing will break in terms of
scheduling, however workloads that specified limits much higher than
requests might get a performance hit, now that they cannot use all this
excess capacity. This should only affect memory-hungry workloads in
low-contention environments.
Signed-off-by: Timofei Larkin <lllamnyp@gmail.com>
Components with existing dockerfiles will be updated in this PR.
Part of #519
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
- **New Features**
- Added support for multi-architecture and cross-platform Docker image
builds across various components, enabling builds for different
operating systems and CPU architectures.
- **Chores**
- Updated Docker build commands in multiple Makefiles to use
configurable builder and platform variables, improving build
flexibility.
- Standardized Dockerfile build arguments and environment variables for
cross-compilation.
- Improved package installation commands for quieter and more minimal
installs in Dockerfiles.
- Changed the default bucket name configuration to "cozystack" in system
bucket settings.
- Updated some maintenance targets and manual update reminders in
Makefiles.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
Reverts cozystack/cozystack#942
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
- **New Features**
- Added support for specifying manifest patches and additional manifests
for all provider types, enabling more flexible customization.
- Introduced an optional property to pass additional arguments to
provider controller managers.
- Added a JSON schema for validating chart values.
- **Enhancements**
- Provider configuration now uses structured maps instead of strings,
simplifying customization and reducing errors.
- Improved validation and descriptions for condition fields in resource
schemas.
- **Updates**
- Upgraded Cluster API Operator chart and app versions to 0.19.0.
- Updated default image tag for the manager container to v0.19.0.
- **Documentation**
- Added example configurations in the values file for easier setup.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
Signed-off-by: Andrei Kvapil <kvapss@gmail.com>
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
- **Chores**
- Updated the application version in the Kubernetes chart to 1.32.4.
- Made version fields in Kubernetes cluster templates dynamically
reference the chart's application version, ensuring consistency during
deployments.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
Signed-off-by: Andrei Kvapil <kvapss@gmail.com>
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
- **New Features**
- Added new validation rules to enforce stricter configuration
requirements for datastore drivers and authentication fields.
- Introduced a new field to specify stop signals for containers and a
new status field to track terminating pods.
- Added a new "Sleeping" status for version reporting.
- **Improvements**
- Updated and clarified field descriptions for environment variable
sources, volume types, and deployment status.
- Removed outdated beta feature gate notes from documentation.
- **Bug Fixes**
- Improved handling and validation of sensitive configuration fields
based on driver type.
- **Chores**
- Updated Go base image and Kamaji version in the Dockerfile.
- Changed Kamaji image tag to use the latest version.
- **Refactor**
- Moved imagePullSecrets configuration from the deployment to the
ServiceAccount manifest for better management.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
This PR fixes regression from
https://github.com/cozystack/cozystack/pull/867
We have updated Kamaji, removed workaround, but didn't return the port
specification
Signed-off-by: Andrei Kvapil <kvapss@gmail.com>
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
- **Refactor**
- Updated network configuration to explicitly include port 443 in
hostnames for ingress.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
