<!-- Thank you for making a contribution! Here are some tips for you:
- Start the PR title with the [label] of Cozystack component:
- For system components: [platform], [system], [linstor], [cilium],
[kube-ovn], [dashboard], [cluster-api], etc.
- For managed apps: [apps], [tenant], [kubernetes], [postgres],
[virtual-machine] etc.
- For development and maintenance: [tests], [ci], [docs], [maintenance].
- If it's a work in progress, consider creating this PR as a draft.
- Don't hesistate to ask for opinion and review in the community chats,
even if it's still a draft.
- Add the label `backport` if it's a bugfix that needs to be backported
to a previous version.
-->
## What this PR does
### Release note
<!-- Write a release note:
- Explain what has changed internally and for users.
- Start with the same [label] as in the PR title
- Follow the guidelines at
https://github.com/kubernetes/community/blob/master/contributors/guide/release-notes.md.
-->
```release-note
- vm and vmi add svc to dashboard
```
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
## Summary by CodeRabbit
* **New Features**
* Enhanced dashboard permissions to allow viewing and monitoring of
specific service resources in both the virtual-machine and vm-instance
applications.
* **Chores**
* Updated chart versions for virtual-machine (to 0.12.1) and vm-instance
(to 0.9.1).
* Refreshed version mappings for virtual-machine and vm-instance
components.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
This PR prepares the release `v0.33.1`.
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
* **Chores**
* Updated container image tags and digests across multiple components to
newer patch versions, including cluster-autoscaler,
kubevirt-cloud-provider, kubevirt-csi-driver, cozystack installer, e2e
testing service, matchbox, s3manager, cozystackAPI,
cozystack-controller, dashboard, kubeapps, Kamaji, kubeovn-webhook,
kubeovn, and kubevirt-csi-node.
* Updated related configuration files to reflect the new image versions
and digests.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
Restrict password change for user postgres
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
* **Chores**
* Updated the chart version for Postgres from 0.16.0 to 0.17.0.
* Updated the versions map to reference the latest commit and added the
new version.
* **Bug Fixes**
* Enhanced initialization script to forbid creating a user named
"postgres," providing clear error messaging.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
Following a [recent update](0171916b01),
the KubeVirt CSI controller now needs new permissions to manage volumes
for tenant k8s clusters.
Signed-off-by: Timofei Larkin <lllamnyp@gmail.com>
- Change wording for `resources` and `resourcesPreset` variables.
- Explain and give exampls of other object-type variables,
if their child fields are not annotated.
- Fix a few typos, improve wording.
- Bump all application charts to ensure that new texts are shown
immediately after updating Cozystack.
Co-authored-by: Andrei Kvapil <kvapss@gmail.com>
Signed-off-by: Nick Volynkin <nick.volynkin@gmail.com>
Signed-off-by: Andrei Kvapil <kvapss@gmail.com>
This patch removes the loophole to leave resource requests and limits
unspecified in managed apps. Any of cpu, memory, and ephemeral storage
are now filled in from the resource preset (default or user-specified)
if not explicitly specified in .Values.resources. "none" is no longer an
accepted value in resourcePresets and the primary resources now always
have some explicit value for proper billing and isolation.
Signed-off-by: Timofei Larkin <lllamnyp@gmail.com>
## What this PR does
This pr imports upstream fix for volume reattaching procedure
- https://github.com/kubevirt/csi-driver/pull/143
### Release note
<!-- Write a release note:
- Explain what has changed internally and for users.
- Start with the same [label] as in the PR title
- Follow the guidelines at
https://github.com/kubernetes/community/blob/master/contributors/guide/release-notes.md.
-->
```release-note
[kubernetes] Fix dead-lock while reattaching a KubeVirt-CSI volume
```
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
* **New Features**
* Improved volume management for virtual machines by adding checks to
skip unnecessary attach or detach operations when the volume is already
in the desired state.
* **Tests**
* Added new unit tests to verify optimized volume attach/detach
workflows and ensure fast-path logic is functioning correctly.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
<!-- Thank you for making a contribution! Here are some tips for you:
- Start the PR title with the [label] of Cozystack component:
- For system components: [platform], [system], [linstor], [cilium],
[kube-ovn], [dashboard], [cluster-api], etc.
- For managed apps: [apps], [tenant], [kubernetes], [postgres],
[virtual-machine] etc.
- For development and maintenance: [tests], [ci], [docs], [maintenance].
- If it's a work in progress, consider creating this PR as a draft.
- Don't hesistate to ask for opinion and review in the community chats,
even if it's still a draft.
- Add the label `backport` if it's a bugfix that needs to be backported
to a previous version.
-->
## What this PR does
### Release note
<!-- Write a release note:
- Explain what has changed internally and for users.
- Start with the same [label] as in the PR title
- Follow the guidelines at
https://github.com/kubernetes/community/blob/master/contributors/guide/release-notes.md.
-->
```release-note
[]
```
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
* **New Features**
* Added Velero integration as an optional addon for Kubernetes cluster
backup and restore.
* Introduced configurable parameters to enable Velero and override its
settings.
* Included a comprehensive Helm chart, manifests, and configuration
files for deploying Velero.
* Added support for Velero-related Kubernetes resources, including
backup, restore, schedule, and data mover management.
* Enabled Prometheus monitoring and metrics for Velero components with
PodMonitor and ServiceMonitor support.
* Provided customizable backup storage and volume snapshot location
settings.
* Added automated Helm hooks for CRD upgrades and cleanup jobs.
* Included node-agent DaemonSet deployment for Velero.
* **Documentation**
* Updated documentation to describe new Velero addon parameters,
installation, upgrade, and usage instructions.
* **Chores**
* Incremented Kubernetes app chart version to reflect new features.
* Updated version mapping and bundle configurations to include Velero.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
<!-- Thank you for making a contribution! Here are some tips for you:
- Start the PR title with the [label] of Cozystack component:
- For system components: [platform], [system], [linstor], [cilium],
[kube-ovn], [dashboard], [cluster-api], etc.
- For managed apps: [apps], [tenant], [kubernetes], [postgres],
[virtual-machine] etc.
- For development and maintenance: [tests], [ci], [docs], [maintenance].
- If it's a work in progress, consider creating this PR as a draft.
- Don't hesistate to ask for opinion and review in the community chats,
even if it's still a draft.
- Add the label `backport` if it's a bugfix that needs to be backported
to a previous version.
-->
## What this PR does
### Release note
<!-- Write a release note:
- Explain what has changed internally and for users.
- Start with the same [label] as in the PR title
- Follow the guidelines at
https://github.com/kubernetes/community/blob/master/contributors/guide/release-notes.md.
-->
```release-note
- Allow to set socket count for VM and VMI
```
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
* **New Features**
* Added support for specifying the number of CPU sockets
(resources.sockets) in virtual machine configurations for both
virtual-machine and vm-instance applications.
* **Documentation**
* Updated documentation to describe the new resources.sockets parameter
and its role in defining vCPU topology.
* **Chores**
* Incremented chart versions for virtual-machine (to 0.12.0) and
vm-instance (to 0.9.0).
* Updated version mappings to reflect the latest releases.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
Signed-off-by: Andrei Kvapil <kvapss@gmail.com>
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
- **New Features**
- Added a new configuration option to choose the method for exposing the
Ingress-NGINX controller: "Proxied" or "LoadBalancer".
- **Documentation**
- Updated documentation to describe the new `exposeMethod` option and
clarified the conditions under which domain names are used.
- **Bug Fixes**
- Improved conditional logic to ensure Ingress resources are only
created when the appropriate expose method is selected.
- **Chores**
- Incremented the chart version to 0.25.0.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
It was present in some apps, such as managed kubernetes, but was missing
in others.
bitnami/readme-generator removes enums after re-generating README, so
now we patch them back using `yq` in Makefiles.
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
- **New Features**
- Resource preset options are now strictly limited to a predefined set
of values across multiple apps, ensuring only valid selections such as
"none", "nano", "micro", "small", "medium", "large", "xlarge", and
"2xlarge" can be used.
- **Bug Fixes**
- Improved validation for resource presets to prevent invalid entries
and enhance consistency in configuration.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
It was present in some apps, such as managed kubernetes, but missing in others.
bitnami/readme-generator removes enums after re-generating README,
so now we patch them back using `yq` in Makefiles.
Signed-off-by: Nick Volynkin <nick.volynkin@gmail.com>
[mysql] Bugfix: external=true did not work for MySQL deployed with a
single replica, since the MariaDB operator does not create separate
primary and secondary services for a single-node DB. A special condition
is added to make the "all-node" service a LoadBalancer if external=true
and replicas=1.
Signed-off-by: Timofei Larkin <lllamnyp@gmail.com>
Signed-off-by: Andrei Kvapil <kvapss@gmail.com>
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
- **New Features**
- Pull request workflows now support release pull requests by fetching
artifacts from draft releases and running all jobs without label-based
exclusions.
- Test matrices are now generated dynamically, improving flexibility in
end-to-end application testing.
- Added a new end-to-end test verifying tenant creation with isolated
mode enabled.
- **Refactor**
- Workflow steps and job dependencies have been streamlined for improved
efficiency and maintainability.
- Workflow names and concurrency group names have been updated for
clarity.
- Environment preparation and artifact handling have been unified into
consolidated jobs.
- Release-related workflow simplified to a single finalize job.
- Makefile targets for asset copying and test execution have been
reorganized for better modularity.
- **Tests**
- End-to-end application and cluster test scripts have been removed.
- Removed collective end-to-end test target; individual app test targets
remain.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
Signed-off-by: Andrei Kvapil <kvapss@gmail.com>
There's no point in installing the CRDs if cert-manager itself is
disabled.
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
- **New Features**
- cert-manager CRDs are now only installed when the cert-manager addon
is enabled, providing more control over addon management.
- **Chores**
- Updated the Kubernetes chart version to 0.24.1.
- Adjusted version mapping to reflect the new chart version and
associated commit.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
- **New Features**
- Introduced support for cluster restoration from backup with new
bootstrap configuration options.
- Added a ScheduledBackup resource for automated PostgreSQL backups
using a more flexible backup configuration.
- **Improvements**
- Simplified and modernized backup configuration with new parameters for
retention policy, destination path, and endpoint URL.
- Updated backup scheduling to use a 6-field cron expression for more
precise timing.
- Changed default resource preset from "nano" to "micro" for improved
performance.
- **Removals**
- Removed legacy backup scripts, Docker image, and Kubernetes CronJob
templates related to the old backup system.
- **Documentation**
- Updated documentation to reflect the new backup and bootstrap
parameters, and revised backup instructions.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
- **New Features**
- Introduced advanced Helm template helpers for managing Kubernetes RBAC
(Role-Based Access Control), including access level mapping,
hierarchy-aware group subject generation, and tenant parsing.
- Added dynamic RoleBinding resources across multiple applications to
bind roles to appropriate subjects based on access levels and tenant
namespaces.
- **Bug Fixes**
- Refined tenant application roles by restricting resource permissions
to specific core Kubernetes resources, enhancing security and access
control granularity.
- **Chores**
- Updated chart versions across numerous applications to reflect new
releases.
- Added reference files linking to the shared library in multiple
application chart directories.
- Pinned package versions to specific commits for improved version
stability and tracking.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
- **New Features**
- Added default resource specifications for PostgreSQL jobs to ensure
consistent CPU and memory allocation.
- **Chores**
- Updated the chart version for the PostgreSQL application.
- Refreshed version mapping to reflect the latest release.
- Improved Node.js setup and package installation in the pre-commit
workflow.
- **Tests**
- Increased memory allocation for QEMU virtual machines in end-to-end
tests.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
