[ci] Use shared runners

Signed-off-by: Andrei Kvapil <kvapss@gmail.com>

.github/workflows/pull-requests.yaml

@@ -11,7 +11,7 @@ concurrency:
 jobs:
   build:
     name: Build
-    runs-on: [self-hosted]
+    runs-on: [oracle-4cpu-16gb-x86-64]
     permissions:
       contents: read
       packages: write
@@ -33,13 +33,23 @@ jobs:
           username: ${{ github.repository_owner }}
           password: ${{ secrets.GITHUB_TOKEN }}
           registry: ghcr.io
-        env:
-          DOCKER_CONFIG: ${{ runner.temp }}/.docker
+
+      - name: Install dependencies
+        run: |
+          set -e
+          sudo mkdir -p -m 755 /etc/apt/keyrings
+          sudo wget -O /etc/apt/keyrings/githubcli-archive-keyring.gpg https://cli.github.com/packages/githubcli-archive-keyring.gpg
+          sudo chmod go+r /etc/apt/keyrings/githubcli-archive-keyring.gpg
+          echo "deb [arch=$(dpkg --print-architecture) signed-by=/etc/apt/keyrings/githubcli-archive-keyring.gpg] https://cli.github.com/packages stable main" | sudo tee /etc/apt/sources.list.d/github-cli.list > /dev/null
+          sudo apt update
+          sudo apt install -y jq skopeo gh gawk
+          sudo wget -qO /usr/local/bin/yq https://github.com/mikefarah/yq/releases/latest/download/yq_linux_amd64
+          sudo chmod +x /usr/local/bin/yq
+          curl https://raw.githubusercontent.com/helm/helm/main/scripts/get-helm-3 | sudo bash
+          sudo modprobe loop
 
       - name: Build
         run: make build
-        env:
-          DOCKER_CONFIG: ${{ runner.temp }}/.docker
 
       - name: Build Talos image
         run: make -C packages/core/installer talos-nocloud

.github/workflows/tags.yaml

@@ -15,7 +15,7 @@ concurrency:
 jobs:
   prepare-release:
     name: Prepare Release
-    runs-on: [self-hosted]
+    runs-on: [oracle-4cpu-16gb-x86-64]
     permissions:
       contents: write
       packages: write
@@ -99,15 +99,11 @@ jobs:
           username: ${{ github.repository_owner }}
           password: ${{ secrets.GITHUB_TOKEN }}
           registry: ghcr.io
-        env:
-          DOCKER_CONFIG: ${{ runner.temp }}/.docker
 
       # Build project artifacts
       - name: Build
         if: steps.check_release.outputs.skip == 'false'
         run: make build
-        env:
-          DOCKER_CONFIG: ${{ runner.temp }}/.docker
 
       # Commit built artifacts
       - name: Commit release artifacts

hack/e2e-cluster.bats

@@ -26,8 +26,8 @@
 }
 
 @test "Clean previous VMs" {
- kill $(cat srv1/qemu.pid srv2/qemu.pid srv3/qemu.pid srv4/qemu.pid 2>/dev/null) 2>/dev/null || true
- rm -rf srv1 srv2 srv3 srv4
+ kill $(cat srv1/qemu.pid srv2/qemu.pid srv3/qemu.pid 2>/dev/null) 2>/dev/null || true
+ rm -rf srv1 srv2 srv3
 }
 
 @test "Prepare networking and masquerading" {
@@ -42,7 +42,7 @@
 }
 
 @test "Prepare cloud‑init drive for VMs" {
-  mkdir -p srv1 srv2 srv3 srv4
+  mkdir -p srv1 srv2 srv3
 
   # Generate cloud‑init ISOs
   for i in 1 2 3; do
@@ -70,39 +70,6 @@ EOF
         -volid cidata -rational-rock -joliet \
         user-data meta-data network-config )
   done
-
-  cat > "srv4/meta-data" <<EOT
-hostname: srv4
-instance-id: srv4
-local-hostname: srv4
-EOT
-
-  cat > "srv4/user-data" <<EOT
-#cloud-config
-password: mysecret
-chpasswd: { expire: False }
-ssh_pwauth: True
-EOT
-
-  cat > "srv4/network-config" <<EOT
-version: 2
-ethernets:
-  eth0:
-    dhcp4: false
-    addresses:
-      - "192.168.123.14/26"
-    gateway4: "192.168.123.1"
-    nameservers:
-      search: [cluster.local]
-      addresses: [8.8.8.8]
-EOT
-
-cd srv4 && genisoimage \
-      -output seed.img \
-      -volid cidata -rational-rock -joliet \
-      user-data meta-data network-config
-cd ..
-
 }
 
 @test "Use Talos NoCloud image from assets" {
@@ -117,12 +84,6 @@ cd ..
 }
 
 @test "Prepare VM disks" {
-
-  wget https://cloud-images.ubuntu.com/noble/current/noble-server-cloudimg-amd64.img -O ubuntu.img
-  qemu-img convert -f qcow2 -O raw ubuntu.img srv4/system.img
-  qemu-img resize srv4/system.img 20G
-  qemu-img create srv4/data.img 100G
-
   for i in 1 2 3; do
     cp nocloud-amd64.raw srv${i}/system.img
     qemu-img resize srv${i}/system.img 50G
@@ -131,7 +92,7 @@ cd ..
 }
 
 @test "Create tap devices" {
-  for i in 1 2 3 4; do
+  for i in 1 2 3; do
     ip link del cozy-srv${i} 2>/dev/null || true
     ip tuntap add dev cozy-srv${i} mode tap
     ip link set cozy-srv${i} up
@@ -140,7 +101,7 @@ cd ..
 }
 
 @test "Boot QEMU VMs" {
-  for i in 1 2 3 4; do
+  for i in 1 2 3; do
     qemu-system-x86_64 -machine type=pc,accel=kvm -cpu host -smp 8 -m 16384 \
       -device virtio-net,netdev=net0,mac=52:54:00:12:34:5${i} \
       -netdev tap,id=net0,ifname=cozy-srv${i},script=no,downscript=no \
@@ -384,7 +345,6 @@ EOF
 }
 
 @test "Configure Tenant and wait for applications" {
-  return 0
   # Patch root tenant and wait for its releases
   kubectl patch tenants/root -n tenant-root --type merge -p '{"spec":{"host":"example.org","ingress":true,"monitoring":true,"etcd":true,"isolated":true}}'
 
@@ -424,7 +384,6 @@ EOF
 }
 
 @test "Keycloak OIDC stack is healthy" {
-  return 0
   kubectl patch configmap/cozystack -n cozy-system --type merge -p '{"data":{"oidc-enabled":"true"}}'
 
   timeout 120 sh -ec 'until kubectl get hr -n cozy-keycloak keycloak keycloak-configure keycloak-operator >/dev/null 2>&1; do sleep 1; done'

packages/apps/clickhouse/Chart.yaml

@@ -16,7 +16,7 @@ type: application
 # This is the chart version. This version number should be incremented each time you make changes
 # to the chart and its templates, including the app version.
 # Versions are expected to follow Semantic Versioning (https://semver.org/)
-version: 0.9.1
+version: 0.9.0
 
 # This is the version number of the application being deployed. This version number should be
 # incremented each time you make changes to the application. Versions are not expected to

packages/apps/clickhouse/templates/clickhouse.yaml

@@ -92,9 +92,6 @@ spec:
   templates:
     volumeClaimTemplates:
       - name: data-volume-template
-        metadata:
-          labels:
-            app.kubernetes.io/instance: {{ .Release.Name }}
         spec:
           accessModes:
             - ReadWriteOnce
@@ -102,9 +99,6 @@ spec:
             requests:
               storage: {{ .Values.size }}
       - name: log-volume-template
-        metadata:
-          labels:
-            app.kubernetes.io/instance: {{ .Release.Name }}
         spec:
           accessModes:
             - ReadWriteOnce
@@ -113,9 +107,6 @@ spec:
               storage: {{ .Values.logStorageSize }}
     podTemplates:
       - name: clickhouse-per-host
-        metadata:
-          labels:
-            app.kubernetes.io/instance: {{ .Release.Name }}
         spec:
           affinity:
             podAntiAffinity:
@@ -142,9 +133,6 @@ spec:
                   mountPath: /var/log/clickhouse-server
     serviceTemplates:
       - name: svc-template
-        metadata:
-          labels:
-            app.kubernetes.io/instance: {{ .Release.Name }}
         generateName: chendpoint-{chi}
         spec:
           ports:

packages/apps/clickhouse/templates/workloadmonitor.yaml

@@ -9,5 +9,5 @@ spec:
   kind: clickhouse
   type: clickhouse
   selector:
-    app.kubernetes.io/instance: {{ $.Release.Name }}
+    clickhouse.altinity.com/chi: {{ $.Release.Name }}
   version: {{ $.Chart.Version }}

packages/apps/ferretdb/Chart.yaml

@@ -16,7 +16,7 @@ type: application
 # This is the chart version. This version number should be incremented each time you make changes
 # to the chart and its templates, including the app version.
 # Versions are expected to follow Semantic Versioning (https://semver.org/)
-version: 0.6.1
+version: 0.6.0
 
 # This is the version number of the application being deployed. This version number should be
 # incremented each time you make changes to the application. Versions are not expected to

packages/apps/ferretdb/charts/cozy-lib

@@ -1 +0,0 @@
-../../../library/cozy-lib

packages/apps/ferretdb/templates/external-svc.yaml

@@ -2,8 +2,6 @@ apiVersion: v1
 kind: Service
 metadata:
   name: {{ .Release.Name }}
-  labels:
-    app.kubernetes.io/instance: {{ .Release.Name }}
 spec:
   type: {{ ternary "LoadBalancer" "ClusterIP" .Values.external }}
   {{- if .Values.external }}

packages/apps/ferretdb/templates/ferretdb.yaml

@@ -12,7 +12,6 @@ spec:
     metadata:
       labels:
         app: {{ .Release.Name }}
-        app.kubernetes.io/instance: {{ .Release.Name }}
     spec:
       containers:
       - name: ferretdb

packages/apps/ferretdb/templates/postgres.yaml

@@ -19,9 +19,9 @@ spec:
   minSyncReplicas: {{ .Values.quorum.minSyncReplicas }}
   maxSyncReplicas: {{ .Values.quorum.maxSyncReplicas }}
   {{- if .Values.resources }}
-  resources: {{- include "cozy-lib.resources.sanitize" (list .Values.resources $) | nindent 4 }}
+  resources: {{- toYaml .Values.resources | nindent 4 }}
   {{- else if ne .Values.resourcesPreset "none" }}
-  resources: {{- include "cozy-lib.resources.preset" (list .Values.resourcesPreset $) | nindent 4 }}
+  resources: {{- include "resources.preset" (dict "type" .Values.resourcesPreset "Release" .Release) | nindent 4 }}
   {{- end }}
   monitoring:
     enablePodMonitor: true
@@ -35,7 +35,6 @@ spec:
   inheritedMetadata:
     labels:
       policy.cozystack.io/allow-to-apiserver: "true"
-      app.kubernetes.io/instance: {{ .Release.Name }}
 
   {{- if .Values.users }}
   managed:

packages/apps/ferretdb/templates/workloadmonitor.yaml

@@ -9,5 +9,5 @@ spec:
   kind: ferretdb
   type: ferretdb
   selector:
-    app.kubernetes.io/instance: {{ $.Release.Name }}
+    app: {{ $.Release.Name }}
   version: {{ $.Chart.Version }}

packages/apps/http-cache/Chart.yaml

@@ -16,7 +16,7 @@ type: application
 # This is the chart version. This version number should be incremented each time you make changes
 # to the chart and its templates, including the app version.
 # Versions are expected to follow Semantic Versioning (https://semver.org/)
-version: 0.5.1
+version: 0.5.0
 
 # This is the version number of the application being deployed. This version number should be
 # incremented each time you make changes to the application. Versions are not expected to

packages/apps/http-cache/charts/cozy-lib

@@ -1 +0,0 @@
-../../../library/cozy-lib

packages/apps/http-cache/templates/haproxy/deployment.yaml

@@ -34,9 +34,9 @@ spec:
       - image: haproxy:latest
         name: haproxy
         {{- if .Values.haproxy.resources }}
-        resources: {{- include "cozy-lib.resources.sanitize" (list .Values.haproxy.resources $) | nindent 10 }}
+        resources: {{- toYaml .Values.haproxy.resources | nindent 10 }}
         {{- else if ne .Values.haproxy.resourcesPreset "none" }}
-        resources: {{- include "cozy-lib.resources.preset" (list .Values.haproxy.resourcesPreset $) | nindent 10 }}
+        resources: {{- include "resources.preset" (dict "type" .Values.haproxy.resourcesPreset "Release" .Release) | nindent 10 }}
         {{- end }}
         ports:
         - containerPort: 8080

packages/apps/http-cache/templates/nginx/deployment.yaml

@@ -53,9 +53,9 @@ spec:
       containers:
       - name: nginx
         {{- if $.Values.nginx.resources }}
-        resources: {{- include "cozy-lib.resources.sanitize" (list $.Values.nginx.resources $) | nindent 10 }}
+        resources: {{- toYaml $.Values.nginx.resources | nindent 10 }}
         {{- else if ne $.Values.nginx.resourcesPreset "none" }}
-        resources: {{- include "cozy-lib.resources.preset" (list $.Values.nginx.resourcesPreset $) | nindent 10 }}
+        resources: {{- include "resources.preset" (dict "type" $.Values.nginx.resourcesPreset "Release" $.Release) | nindent 10 }}
         {{- end }}
         image: "{{ $.Files.Get "images/nginx-cache.tag" | trim }}"
         readinessProbe:

packages/apps/http-cache/templates/workloadmonitor.yaml

@@ -1,39 +0,0 @@
----
-apiVersion: cozystack.io/v1alpha1
-kind: WorkloadMonitor
-metadata:
-  name: {{ $.Release.Name }}-haproxy
-spec:
-  replicas: {{ .Values.haproxy.replicas }}
-  minReplicas: 1
-  kind: http-cache
-  type: http-cache
-  selector:
-    app: {{ $.Release.Name }}-haproxy
-  version: {{ $.Chart.Version }}
----
-apiVersion: cozystack.io/v1alpha1
-kind: WorkloadMonitor
-metadata:
-  name: {{ $.Release.Name }}-nginx
-spec:
-  replicas: {{ .Values.nginx.replicas }}
-  minReplicas: 1
-  kind: http-cache
-  type: http-cache
-  selector:
-    app: {{ $.Release.Name }}-nginx-cache
-  version: {{ $.Chart.Version }}
----
-apiVersion: cozystack.io/v1alpha1
-kind: WorkloadMonitor
-metadata:
-  name: {{ $.Release.Name }}
-spec:
-  replicas: {{ .Values.replicas }}
-  minReplicas: 1
-  kind: http-cache
-  type: http-cache
-  selector:
-    app.kubernetes.io/instance: {{ $.Release.Name }}
-  version: {{ $.Chart.Version }}

packages/apps/kafka/charts/cozy-lib

@@ -1 +0,0 @@
-../../../library/cozy-lib

packages/apps/kafka/templates/kafka.yaml

@@ -9,9 +9,9 @@ spec:
   kafka:
     replicas: {{ .Values.kafka.replicas }}
     {{- if .Values.kafka.resources }}
-    resources: {{- include "cozy-lib.resources.sanitize" (list .Values.kafka.resources $) | nindent 6 }}
+    resources: {{- toYaml .Values.kafka.resources | nindent 6 }}
     {{- else if ne .Values.kafka.resourcesPreset "none" }}
-    resources: {{- include "cozy-lib.resources.preset" (list .Values.kafka.resourcesPreset $) | nindent 6 }}
+    resources: {{- include "resources.preset" (dict "type" .Values.kafka.resourcesPreset "Release" .Release) | nindent 6 }}
     {{- end }}
     listeners:
       - name: plain
@@ -71,9 +71,9 @@ spec:
   zookeeper:
     replicas: {{ .Values.zookeeper.replicas }}
     {{- if .Values.zookeeper.resources }}
-    resources: {{- include "cozy-lib.resources.sanitize" (list .Values.zookeeper.resources $) | nindent 6 }}
+    resources: {{- toYaml .Values.zookeeper.resources | nindent 6 }}
     {{- else if ne .Values.zookeeper.resourcesPreset "none" }}
-    resources: {{- include "cozy-lib.resources.preset" (list .Values.zookeeper.resourcesPreset $) | nindent 6 }}
+    resources: {{- include "resources.preset" (dict "type" .Values.zookeeper.resourcesPreset "Release" .Release) | nindent 6 }}
     {{- end }}
     storage:
       type: persistent-claim

packages/apps/kubernetes/Chart.yaml

@@ -16,7 +16,7 @@ type: application
 # This is the chart version. This version number should be incremented each time you make changes
 # to the chart and its templates, including the app version.
 # Versions are expected to follow Semantic Versioning (https://semver.org/)
-version: 0.23.0
+version: 0.21.0
 
 # This is the version number of the application being deployed. This version number should be
 # incremented each time you make changes to the application. Versions are not expected to

packages/apps/kubernetes/README.md

@@ -81,13 +81,12 @@ See the reference for components utilized in this service:
 
 ### Common Parameters
 
-| Name                                | Description                                                                                                       | Value        |
-| ----------------------------------- | ----------------------------------------------------------------------------------------------------------------- | ------------ |
-| `host`                              | Hostname used to access the Kubernetes cluster externally. Defaults to `<cluster-name>.<tenant-host>` when empty. | `""`         |
-| `controlPlane.replicas`             | Number of replicas for Kubernetes control-plane components.                                                       | `2`          |
-| `storageClass`                      | StorageClass used to store user data.                                                                             | `replicated` |
-| `useCustomSecretForPatchContainerd` | if true, for patch containerd will be used secret: {{ .Release.Name }}-patch-containerd                           | `false`      |
-| `nodeGroups`                        | nodeGroups configuration                                                                                          | `{}`         |
+| Name                    | Description                                                                                                       | Value        |
+| ----------------------- | ----------------------------------------------------------------------------------------------------------------- | ------------ |
+| `host`                  | Hostname used to access the Kubernetes cluster externally. Defaults to `<cluster-name>.<tenant-host>` when empty. | `""`         |
+| `controlPlane.replicas` | Number of replicas for Kubernetes control-plane components.                                                       | `2`          |
+| `storageClass`          | StorageClass used to store user data.                                                                             | `replicated` |
+| `nodeGroups`            | nodeGroups configuration                                                                                          | `{}`         |
 
 ### Cluster Addons
 

packages/apps/kubernetes/templates/cluster.yaml

@@ -211,25 +211,12 @@ spec:
       - ["LABEL=ephemeral", "/ephemeral"]
       - ["/ephemeral/kubelet", "/var/lib/kubelet", "none", "bind,nofail"]
       - ["/ephemeral/containerd", "/var/lib/containerd", "none", "bind,nofail"]
-      {{- $sec := lookup "v1" "Secret" .Release.Namespace (printf "%s-patch-containerd" .Release.Name) }}
-      {{- if $sec }}
-      files:
-        {{- range $key, $_ := $sec.data }}
-        - path: /etc/containerd/certs.d/{{ trimSuffix ".toml" $key }}/hosts.toml
-          contentFrom:
-            secret:
-              name: {{ .Release.Name }}-patch-containerd
-              key: {{ $key }}
-          permissions: "0400"
-        {{- end }}
-      {{- end }}
       preKubeadmCommands:
       - sed -i 's|root:x:|root::|' /etc/passwd
       - systemctl stop containerd.service
       - mkdir -p /ephemeral/kubelet /ephemeral/containerd
       - mount -o bind /ephemeral/kubelet /var/lib/kubelet
       - mount -o bind /ephemeral/containerd /var/lib/containerd
-      - sudo sed -i '/\[plugins."io.containerd.grpc.v1.cri".registry\]/,/^\[/ s|^\(\s*config_path\s*=\s*\).*|\1"/etc/containerd/certs.d"|' /etc/containerd/config.toml
       - systemctl start containerd.service
       joinConfiguration:
         nodeRegistration:

packages/apps/kubernetes/templates/copy-patch-containerd.yaml

@@ -1,15 +0,0 @@
-{{- if not .Values.useCustomSecretForPatchContainerd }}
-{{- $sourceSecret := lookup "v1" "Secret" "cozy-system" "patch-containerd" }}
-{{- if $sourceSecret }}
-apiVersion: v1
-kind: Secret
-metadata:
-  name: {{ .Release.Name }}-patch-containerd
-  namespace: {{ .Release.Namespace }}
-type: {{ $sourceSecret.type }}
-data:
-{{- range $key, $value := $sourceSecret.data }}
-  {{ printf "%s: %s" $key ($value | quote) | indent 2 }}
-{{- end }}
-{{- end }}
-{{- end }}

packages/apps/kubernetes/templates/helmreleases/gateway-api-crds.yaml

@@ -17,7 +17,6 @@ spec:
         kind: HelmRepository
         name: cozystack-system
         namespace: cozy-system
-      version: '>= 0.0.0-0'
   kubeConfig:
     secretRef:
       name: {{ .Release.Name }}-admin-kubeconfig

packages/apps/kubernetes/values.schema.json

@@ -127,11 +127,6 @@
       "description": "StorageClass used to store user data.",
       "default": "replicated"
     },
-    "useCustomSecretForPatchContainerd": {
-      "type": "boolean",
-      "description": "if true, for patch containerd will be used secret: {{ .Release.Name }}-patch-containerd",
-      "default": false
-    },
     "addons": {
       "type": "object",
       "properties": {

packages/apps/kubernetes/values.yaml

@@ -3,11 +3,9 @@
 ## @param host Hostname used to access the Kubernetes cluster externally. Defaults to `<cluster-name>.<tenant-host>` when empty.
 ## @param controlPlane.replicas Number of replicas for Kubernetes control-plane components.
 ## @param storageClass StorageClass used to store user data.
-## @param useCustomSecretForPatchContainerd if true, for patch containerd will be used secret: {{ .Release.Name }}-patch-containerd
 ##
 host: ""
 storageClass: replicated
-useCustomSecretForPatchContainerd: false
 
 ## @param nodeGroups [object] nodeGroups configuration
 ##

packages/apps/mysql/Chart.yaml

@@ -16,7 +16,7 @@ type: application
 # This is the chart version. This version number should be incremented each time you make changes
 # to the chart and its templates, including the app version.
 # Versions are expected to follow Semantic Versioning (https://semver.org/)
-version: 0.7.1
+version: 0.7.0
 
 # This is the version number of the application being deployed. This version number should be
 # incremented each time you make changes to the application. Versions are not expected to

packages/apps/mysql/charts/cozy-lib

@@ -1 +0,0 @@
-../../../library/cozy-lib

packages/apps/mysql/templates/mariadb.yaml

@@ -57,11 +57,6 @@ spec:
     name: {{ .Release.Name }}-my-cnf
     key: config
 
-  service:
-    metadata:
-      labels:
-        app.kubernetes.io/instance: {{ $.Release.Name }}
-
   storage:
     size: {{ .Values.size }}
     resizeInUseVolumes: true
@@ -79,7 +74,7 @@ spec:
   #  type: LoadBalancer
 
   {{- if .Values.resources }}
-  resources: {{- include "cozy-lib.resources.sanitize" (list .Values.resources $) | nindent 4 }}
+  resources: {{- toYaml .Values.resources | nindent 4 }}
   {{- else if ne .Values.resourcesPreset "none" }}
-  resources: {{- include "cozy-lib.resources.preset" (list .Values.resourcesPreset $) | nindent 4 }}
+  resources: {{- include "resources.preset" (dict "type" .Values.resourcesPreset "Release" .Release) | nindent 4 }}
   {{- end }}

packages/apps/nats/charts/cozy-lib

@@ -1 +0,0 @@
-../../../library/cozy-lib

packages/apps/nats/templates/nats.yaml

@@ -45,9 +45,9 @@ spec:
               - name: nats
                 image: nats:2.10.17-alpine
                 {{- if .Values.resources }}
-                resources: {{- include "cozy-lib.resources.sanitize" (list .Values.resources $) | nindent 22 }}
+                resources: {{- toYaml .Values.resources | nindent 22 }}
                 {{- else if ne .Values.resourcesPreset "none" }}
-                resources: {{- include "cozy-lib.resources.preset" (list .Values.resourcesPreset $) | nindent 22 }}
+                resources: {{- include "resources.preset" (dict "type" .Values.resourcesPreset "Release" .Release) | nindent 22 }}
                 {{- end }}
       fullnameOverride: {{ .Release.Name }}
       config:

packages/apps/postgres/Chart.yaml

@@ -16,7 +16,7 @@ type: application
 # This is the chart version. This version number should be incremented each time you make changes
 # to the chart and its templates, including the app version.
 # Versions are expected to follow Semantic Versioning (https://semver.org/)
-version: 0.12.1
+version: 0.12.0
 
 # This is the version number of the application being deployed. This version number should be
 # incremented each time you make changes to the application. Versions are not expected to

packages/apps/postgres/charts/cozy-lib

@@ -1 +0,0 @@
-../../../library/cozy-lib

packages/apps/postgres/templates/db.yaml

@@ -6,9 +6,9 @@ metadata:
 spec:
   instances: {{ .Values.replicas }}
   {{- if .Values.resources }}
-  resources: {{- include "cozy-lib.resources.sanitize" (list .Values.resources $) | nindent 4 }}
+  resources: {{- toYaml .Values.resources | nindent 4 }}
   {{- else if ne .Values.resourcesPreset "none" }}
-  resources: {{- include "cozy-lib.resources.preset" (list .Values.resourcesPreset $) | nindent 4 }}
+  resources: {{- include "resources.preset" (dict "type" .Values.resourcesPreset "Release" .Release) | nindent 4 }}
   {{- end }}
 
   enableSuperuserAccess: true
@@ -44,8 +44,6 @@ spec:
   inheritedMetadata:
     labels:
       policy.cozystack.io/allow-to-apiserver: "true"
-      app.kubernetes.io/name: postgres.apps.cozystack.io
-      app.kubernets.io/instance: {{ $.Release.Name }}
 ---
 apiVersion: cozystack.io/v1alpha1
 kind: WorkloadMonitor
@@ -57,6 +55,6 @@ spec:
   kind: postgres
   type: postgres
   selector:
-    app.kubernetes.io/name: postgres.apps.cozystack.io
-    app.kubernets.io/instance: {{ $.Release.Name }}
+    cnpg.io/cluster: {{ .Release.Name }}
+    cnpg.io/podRole: instance
   version: {{ $.Chart.Version }}

packages/apps/rabbitmq/charts/cozy-lib

@@ -1 +0,0 @@
-../../../library/cozy-lib

packages/apps/rabbitmq/templates/rabbitmq.yaml

@@ -12,9 +12,9 @@ spec:
     type: LoadBalancer
   {{- end }}
   {{- if .Values.resources }}
-  resources: {{- include "cozy-lib.resources.sanitize" (list .Values.resources $) | nindent 4 }}
+  resources: {{- toYaml .Values.resources | nindent 4 }}
   {{- else if ne .Values.resourcesPreset "none" }}
-  resources: {{- include "cozy-lib.resources.preset" (list .Values.resourcesPreset $) | nindent 4 }}
+  resources: {{- include "resources.preset" (dict "type" .Values.resourcesPreset "Release" .Release) | nindent 4 }}
   {{- end }}
   override:
     statefulSet:

packages/apps/redis/Chart.yaml

@@ -16,7 +16,7 @@ type: application
 # This is the chart version. This version number should be incremented each time you make changes
 # to the chart and its templates, including the app version.
 # Versions are expected to follow Semantic Versioning (https://semver.org/)
-version: 0.7.1
+version: 0.7.0
 
 # This is the version number of the application being deployed. This version number should be
 # incremented each time you make changes to the application. Versions are not expected to

packages/apps/redis/charts/cozy-lib

@@ -1 +0,0 @@
-../../../library/cozy-lib

packages/apps/redis/templates/redisfailover.yaml

@@ -26,25 +26,22 @@ spec:
   sentinel:
     replicas: 3
     {{- if .Values.resources }}
-    resources: {{- include "cozy-lib.resources.sanitize" (list .Values.resources $) | nindent 6 }}
+    resources: {{- toYaml .Values.resources | nindent 6 }}
     {{- else if ne .Values.resourcesPreset "none" }}
-    resources: {{- include "cozy-lib.resources.preset" (list .Values.resourcesPreset $) | nindent 6 }}
+    resources: {{- include "resources.preset" (dict "type" .Values.resourcesPreset "Release" .Release) | nindent 6 }}
     {{- end }}
   redis:
     replicas: {{ .Values.replicas }}
     {{- if .Values.resources }}
-    resources: {{- include "cozy-lib.resources.sanitize" (list .Values.resources $) | nindent 6 }}
+    resources: {{- toYaml .Values.resources | nindent 6 }}
     {{- else if ne .Values.resourcesPreset "none" }}
-    resources: {{- include "cozy-lib.resources.preset" (list .Values.resourcesPreset $) | nindent 6 }}
+    resources: {{- include "resources.preset" (dict "type" .Values.resourcesPreset "Release" .Release) | nindent 6 }}
     {{- end }}
     {{- with .Values.size }}
     storage:
       persistentVolumeClaim:
         metadata:
           name: redisfailover-persistent-data
-          labels:
-            app.kubernetes.io/component: redis
-            app.kubernetes.io/instance: {{ $.Release.Name }}
         spec:
           accessModes:
             - ReadWriteOnce

packages/apps/tcp-balancer/Chart.yaml

@@ -16,7 +16,7 @@ type: application
 # This is the chart version. This version number should be incremented each time you make changes
 # to the chart and its templates, including the app version.
 # Versions are expected to follow Semantic Versioning (https://semver.org/)
-version: 0.4.1
+version: 0.4.0
 
 # This is the version number of the application being deployed. This version number should be
 # incremented each time you make changes to the application. Versions are not expected to

packages/apps/tcp-balancer/charts/cozy-lib

@@ -1 +0,0 @@
-../../../library/cozy-lib

packages/apps/tcp-balancer/templates/deployment.yaml

@@ -15,7 +15,6 @@ spec:
     metadata:
       labels:
         app: {{ .Release.Name }}-haproxy
-        app.kubernetes.io/instance: {{ .Release.Name }}
       annotations:
         checksum/config: {{ include (print $.Template.BasePath "/configmap.yaml") . | sha256sum }}
     spec:
@@ -35,9 +34,9 @@ spec:
       - image: haproxy:latest
         name: haproxy
         {{- if .Values.resources }}
-        resources: {{- include "cozy-lib.resources.sanitize" (list .Values.resources $) | nindent 10 }}
+        resources: {{- toYaml .Values.resources | nindent 10 }}
         {{- else if ne .Values.resourcesPreset "none" }}
-        resources: {{- include "cozy-lib.resources.preset" (list .Values.resourcesPreset $) | nindent 10 }}
+        resources: {{- include "resources.preset" (dict "type" .Values.resourcesPreset "Release" .Release) | nindent 10 }}
         {{- end }}
         ports:
         {{- with .Values.httpAndHttps }}

packages/apps/tcp-balancer/templates/workloadmonitor.yaml

@@ -1,13 +0,0 @@
----
-apiVersion: cozystack.io/v1alpha1
-kind: WorkloadMonitor
-metadata:
-  name: {{ $.Release.Name }}
-spec:
-  replicas: {{ .Values.replicas }}
-  minReplicas: 1
-  kind: tcp-balancer
-  type: haproxy
-  selector:
-    app.kubernetes.io/instance: {{ $.Release.Name }}
-  version: {{ $.Chart.Version }}

packages/apps/tenant/Chart.yaml

@@ -4,4 +4,4 @@ description: Separated tenant namespace
 icon: /logos/tenant.svg
 
 type: application
-version: 1.9.3
+version: 1.9.2

packages/apps/tenant/templates/tenant.yaml

@@ -184,12 +184,6 @@ rules:
     verbs:
     - get
     - list
-  - apiGroups: ["subresources.kubevirt.io"]
-    resources:
-      - virtualmachineinstances/portforward
-    verbs:
-      - get
-      - update
   - apiGroups:
     - cozystack.io
     resources:
@@ -259,12 +253,6 @@ rules:
     verbs:
     - get
     - list
-  - apiGroups: ["subresources.kubevirt.io"]
-    resources:
-      - virtualmachineinstances/portforward
-    verbs:
-      - get
-      - update
   - apiGroups: ["apps.cozystack.io"]
     resources:
     - buckets
@@ -361,12 +349,6 @@ rules:
     verbs:
     - get
     - list
-  - apiGroups: ["subresources.kubevirt.io"]
-    resources:
-      - virtualmachineinstances/portforward
-    verbs:
-      - get
-      - update
   - apiGroups: ["apps.cozystack.io"]
     resources:
     - '*'

packages/apps/versions_map

@@ -9,8 +9,7 @@ clickhouse 0.6.0 1ec10165
 clickhouse 0.6.1 c62a83a7
 clickhouse 0.6.2 8267072d
 clickhouse 0.7.0 93bdf411
-clickhouse 0.9.0 6130f43d
-clickhouse 0.9.1 HEAD
+clickhouse 0.9.0 HEAD
 ferretdb 0.1.0 e9716091
 ferretdb 0.1.1 91b0499a
 ferretdb 0.2.0 6c5cf5bf
@@ -19,15 +18,13 @@ ferretdb 0.4.0 b40e1b09
 ferretdb 0.4.1 1ec10165
 ferretdb 0.4.2 8267072d
 ferretdb 0.5.0 93bdf411
-ferretdb 0.6.0 6130f43d
-ferretdb 0.6.1 HEAD
+ferretdb 0.6.0 HEAD
 http-cache 0.1.0 263e47be
 http-cache 0.2.0 53f2365e
 http-cache 0.3.0 6c5cf5bf
 http-cache 0.3.1 0f312d5c
 http-cache 0.4.0 93bdf411
-http-cache 0.5.0 6130f43d
-http-cache 0.5.1 HEAD
+http-cache 0.5.0 HEAD
 kafka 0.1.0 f7eaab0a
 kafka 0.2.0 c0685f43
 kafka 0.2.1 dfbc210b
@@ -69,8 +66,7 @@ kubernetes 0.18.0 721c12a7
 kubernetes 0.19.0 93bdf411
 kubernetes 0.20.0 609e7ede
 kubernetes 0.20.1 f9f8bb2f
-kubernetes 0.21.0 6130f43d
-kubernetes 0.23.0 HEAD
+kubernetes 0.21.0 HEAD
 mysql 0.1.0 263e47be
 mysql 0.2.0 c24a103f
 mysql 0.3.0 53f2365e
@@ -80,8 +76,7 @@ mysql 0.5.1 0f312d5c
 mysql 0.5.2 1ec10165
 mysql 0.5.3 8267072d
 mysql 0.6.0 93bdf411
-mysql 0.7.0 6130f43d
-mysql 0.7.1 HEAD
+mysql 0.7.0 HEAD
 nats 0.1.0 e9716091
 nats 0.2.0 6c5cf5bf
 nats 0.3.0 78366f19
@@ -106,8 +101,7 @@ postgres 0.9.0 8267072d
 postgres 0.10.0 721c12a7
 postgres 0.10.1 93bdf411
 postgres 0.11.0 f9f8bb2f
-postgres 0.12.0 6130f43d
-postgres 0.12.1 HEAD
+postgres 0.12.0 HEAD
 rabbitmq 0.1.0 263e47be
 rabbitmq 0.2.0 53f2365e
 rabbitmq 0.3.0 6c5cf5bf
@@ -125,13 +119,11 @@ redis 0.3.1 c62a83a7
 redis 0.4.0 84f3ccc0
 redis 0.5.0 4e68e65c
 redis 0.6.0 93bdf411
-redis 0.7.0 6130f43d
-redis 0.7.1 HEAD
+redis 0.7.0 HEAD
 tcp-balancer 0.1.0 263e47be
 tcp-balancer 0.2.0 53f2365e
 tcp-balancer 0.3.0 93bdf411
-tcp-balancer 0.4.0 6130f43d
-tcp-balancer 0.4.1 HEAD
+tcp-balancer 0.4.0 HEAD
 tenant 0.1.4 afc997ef
 tenant 0.1.5 e3ab858a
 tenant 1.0.0 263e47be
@@ -154,8 +146,7 @@ tenant 1.7.0 24fa7222
 tenant 1.8.0 160e4e2a
 tenant 1.9.0 728743db
 tenant 1.9.1 721c12a7
-tenant 1.9.2 6130f43d
-tenant 1.9.3 HEAD
+tenant 1.9.2 HEAD
 virtual-machine 0.1.4 f2015d65
 virtual-machine 0.1.5 263e47be
 virtual-machine 0.2.0 c0685f43
@@ -170,11 +161,9 @@ virtual-machine 0.8.1 93c46161
 virtual-machine 0.8.2 de19450f
 virtual-machine 0.9.0 721c12a7
 virtual-machine 0.9.1 93bdf411
-virtual-machine 0.10.0 6130f43d
-virtual-machine 0.10.1 HEAD
+virtual-machine 0.10.0 HEAD
 vm-disk 0.1.0 d971f2ff
-vm-disk 0.1.1 6130f43d
-vm-disk 0.1.2 HEAD
+vm-disk 0.1.1 HEAD
 vm-instance 0.1.0 1ec10165
 vm-instance 0.2.0 84f3ccc0
 vm-instance 0.3.0 4e68e65c
@@ -183,12 +172,10 @@ vm-instance 0.4.1 0ab39f20
 vm-instance 0.5.0 3fa4dd3a
 vm-instance 0.5.1 de19450f
 vm-instance 0.6.0 721c12a7
-vm-instance 0.7.0 6130f43d
-vm-instance 0.7.1 HEAD
+vm-instance 0.7.0 HEAD
 vpn 0.1.0 263e47be
 vpn 0.2.0 53f2365e
 vpn 0.3.0 6c5cf5bf
 vpn 0.3.1 1ec10165
 vpn 0.4.0 93bdf411
-vpn 0.5.0 6130f43d
-vpn 0.5.1 HEAD
+vpn 0.5.0 HEAD

packages/apps/virtual-machine/Chart.yaml

@@ -17,7 +17,7 @@ type: application
 # This is the chart version. This version number should be incremented each time you make changes
 # to the chart and its templates, including the app version.
 # Versions are expected to follow Semantic Versioning (https://semver.org/)
-version: 0.10.1
+version: 0.10.0
 
 # This is the version number of the application being deployed. This version number should be
 # incremented each time you make changes to the application. Versions are not expected to

packages/apps/virtual-machine/templates/dashboard-resourcemap.yaml

@@ -21,5 +21,5 @@ spec:
   kind: virtual-machine
   type: virtual-machine
   selector:
-    app.kubernetes.io/instance: {{ .Release.Name }}
+    vm.kubevirt.io/name: {{ .Release.Name }}
   version: {{ $.Chart.Version }}

packages/apps/virtual-machine/templates/vm.yaml

@@ -13,7 +13,6 @@ metadata:
     {{- include "virtual-machine.labels" . | nindent 4 }}
 spec:
   running: {{ .Values.running | default "true" }}
-
   {{- with .Values.instanceType }}
   instancetype:
     kind: VirtualMachineClusterInstancetype
@@ -24,12 +23,9 @@ spec:
     kind: VirtualMachineClusterPreference
     name: {{ . }}
   {{- end }}
-
   dataVolumeTemplates:
   - metadata:
       name: {{ include "virtual-machine.fullname" . }}
-      labels:
-        app.kubernetes.io/instance: {{ .Release.Name }}
     spec:
       storage:
         resources:
@@ -79,25 +75,21 @@ spec:
             deviceName: {{ $gpu.name }}
           {{- end }}
           {{- end }}
-
           disks:
           - disk:
               bus: scsi
             name: systemdisk
-          {{- if .Values.sshKeys }}
+          {{- if or .Values.sshKeys .Values.cloudInit }}
           - disk:
               bus: virtio
             name: cloudinitdisk
           {{- end }}
-
           interfaces:
           - name: default
             bridge: {}
-
         machine:
           type: ""
-
-      {{- if .Values.sshKeys }}
+      {{- with .Values.sshKeys }}
       accessCredentials:
       - sshPublicKey:
           source:
@@ -107,37 +99,23 @@ spec:
             # keys will be injected into metadata part of cloud-init disk
             noCloud: {}
       {{- end }}
-
       terminationGracePeriodSeconds: 30
-
       volumes:
-        - name: systemdisk
-          dataVolume:
-            name: {{ include "virtual-machine.fullname" . }}
-
-        {{- if and .Values.sshKeys .Values.cloudInit }}
-        - name: cloudinitdisk
-          cloudInitNoCloud:
-            secretRef:
-              name: {{ include "virtual-machine.fullname" . }}-cloud-init
-        {{- else if .Values.sshKeys }}
-        - name: cloudinitdisk
-          cloudInitNoCloud:
-            userData: |
-              {{ printf "%s" "#cloud-config" }}
-              ssh_authorized_keys:
-                {{- range .Values.sshKeys }}
-                - {{ . }}
-                {{- end }}
-              chpasswd:
-                expire: false
+      - name: systemdisk
+        dataVolume:
+          name: {{ include "virtual-machine.fullname" . }}
+      {{- if or .Values.sshKeys .Values.cloudInit }}
+      - name: cloudinitdisk
+        cloudInitNoCloud:
+        {{- if .Values.cloudInit }}
+          secretRef:
+            name: {{ include "virtual-machine.fullname" . }}-cloud-init
         {{- else }}
-        - name: cloudinitdisk
-          cloudInitNoCloud:
-            userData: |
-              {{ printf "%s" "#cloud-config" }}
+          userData: |
+            #cloud-config
+            final_message: Cloud-init user-data was left blank intentionally.
         {{- end }}
-
+      {{- end }}
       networks:
       - name: default
         pod: {}

packages/apps/vm-disk/Chart.yaml

@@ -16,7 +16,7 @@ type: application
 # This is the chart version. This version number should be incremented each time you make changes
 # to the chart and its templates, including the app version.
 # Versions are expected to follow Semantic Versioning (https://semver.org/)
-version: 0.1.2
+version: 0.1.1
 
 # This is the version number of the application being deployed. This version number should be
 # incremented each time you make changes to the application. Versions are not expected to

packages/apps/vm-disk/templates/dv.yaml

@@ -7,8 +7,6 @@ metadata:
     cdi.kubevirt.io/storage.bind.immediate.requested: ""
     {{- end }}
     vm-disk.cozystack.io/optical: "{{ .Values.optical }}"
-  labels:
-    app.kubernetes.io/instance: {{ .Release.Name }}
   name: {{ .Release.Name }}
 spec:
   {{- if $existingDV }}

packages/apps/vm-disk/templates/workloadmonitor.yaml

@@ -1,12 +0,0 @@
-apiVersion: cozystack.io/v1alpha1
-kind: WorkloadMonitor
-metadata:
-  name: {{ $.Release.Name }}
-spec:
-  replicas: 0
-  minReplicas: 0
-  kind: vm-disk
-  type: vm-disk
-  selector:
-    app.kubernetes.io/instance: {{ .Release.Name }}
-  version: {{ $.Chart.Version }}

packages/apps/vm-instance/Chart.yaml

@@ -17,7 +17,7 @@ type: application
 # This is the chart version. This version number should be incremented each time you make changes
 # to the chart and its templates, including the app version.
 # Versions are expected to follow Semantic Versioning (https://semver.org/)
-version: 0.7.1
+version: 0.7.0
 
 # This is the version number of the application being deployed. This version number should be
 # incremented each time you make changes to the application. Versions are not expected to

packages/apps/vm-instance/templates/dashboard-resourcemap.yaml

@@ -22,5 +22,5 @@ spec:
   kind: virtual-machine
   type: virtual-machine
   selector:
-    app.kubernetes.io/instance: {{ .Release.Name }}
+    {{- include "virtual-machine.selectorLabels" . | nindent 4 }}
   version: {{ $.Chart.Version }}

packages/apps/vpn/Chart.yaml

@@ -16,7 +16,7 @@ type: application
 # This is the chart version. This version number should be incremented each time you make changes
 # to the chart and its templates, including the app version.
 # Versions are expected to follow Semantic Versioning (https://semver.org/)
-version: 0.5.1
+version: 0.5.0
 
 # This is the version number of the application being deployed. This version number should be
 # incremented each time you make changes to the application. Versions are not expected to

packages/apps/vpn/charts/cozy-lib

@@ -1 +0,0 @@
-../../../library/cozy-lib

packages/apps/vpn/templates/deployment.yaml

@@ -14,7 +14,6 @@ spec:
       labels:
         app: {{ .Release.Name }}-vpn
         name: {{ .Release.Name }}-vpn
-        app.kubernetes.io/instance: {{ .Release.Name }}
       annotations:
         checksum/config: {{ include (print $.Template.BasePath "/secret.yaml") . | sha256sum }}
     spec:
@@ -44,9 +43,9 @@ spec:
         - name: outline-vpn
           image: quay.io/outline/shadowbox:stable
           {{- if .Values.resources }}
-          resources: {{- include "cozy-lib.resources.sanitize" (list .Values.resources $) | nindent 12 }}
+          resources: {{- toYaml .Values.resources | nindent 10 }}
           {{- else if ne .Values.resourcesPreset "none" }}
-          resources: {{- include "cozy-lib.resources.preset" (list .Values.resourcesPreset $) | nindent 12 }}
+          resources: {{- include "resources.preset" (dict "type" .Values.resourcesPreset "Release" .Release) | nindent 10 }}
           {{- end }}
           ports:
             - containerPort: 40000

packages/apps/vpn/templates/service.yaml

@@ -5,7 +5,6 @@ metadata:
   name: {{ .Release.Name }}-vpn
   labels:
     app: {{ .Release.Name }}-vpn
-    app.kubernetes.io/instance: {{ .Release.Name }}
 spec:
   {{- if .Values.externalIPs }}
   externalIPs:

packages/apps/vpn/templates/workloadmonitor.yaml

@@ -1,12 +0,0 @@
-apiVersion: cozystack.io/v1alpha1
-kind: WorkloadMonitor
-metadata:
-  name: {{ $.Release.Name }}
-spec:
-  replicas: {{ .Values.replicas }}
-  minReplicas: 1
-  kind: vpn
-  type: vpn
-  selector:
-    app.kubernetes.io/instance: {{ .Release.Name }}
-  version: {{ $.Chart.Version }}

packages/core/installer/values.yaml

@@ -1,2 +1,2 @@
 cozystack:
-  image: ghcr.io/cozystack/cozystack/installer:latest@sha256:b7717793407a6ba64bb0cddddcc4cab0864e3ef1646c7d58d2359fbd163e7260
+  image: ghcr.io/cozystack/cozystack/installer:v0.31.1@sha256:b8f418e45dcbf351b13ce743f3528b195159753430d35c619dd82a1c676ae3bb

packages/core/platform/bundles/paas-full.yaml

@@ -284,30 +284,9 @@ releases:
   privileged: true
   dependsOn: [cilium,kubeovn,cert-manager]
 
-- name: capi-providers-bootstrap
-  releaseName: capi-providers-bootstrap
-  chart: cozy-capi-providers-bootstrap
-  namespace: cozy-cluster-api
-  privileged: true
-  dependsOn: [cilium,kubeovn,capi-operator]
-
-- name: capi-providers-core
-  releaseName: capi-providers-core
-  chart: cozy-capi-providers-core
-  namespace: cozy-cluster-api
-  privileged: true
-  dependsOn: [cilium,kubeovn,capi-operator]
-
-- name: capi-providers-cpprovider
-  releaseName: capi-providers-cpprovider
-  chart: cozy-capi-providers-cpprovider
-  namespace: cozy-cluster-api
-  privileged: true
-  dependsOn: [cilium,kubeovn,capi-operator]
-
-- name: capi-providers-infraprovider
-  releaseName: capi-providers-infraprovider
-  chart: cozy-capi-providers-infraprovider
+- name: capi-providers
+  releaseName: capi-providers
+  chart: cozy-capi-providers
   namespace: cozy-cluster-api
   privileged: true
   dependsOn: [cilium,kubeovn,capi-operator]

packages/core/testing/Makefile

@@ -2,7 +2,7 @@ NAMESPACE=cozy-e2e-tests
 NAME := sandbox
 CLEAN := 1
 TESTING_APPS := $(shell find ../../apps -maxdepth 1 -mindepth 1 -type d | awk -F/ '{print $$NF}')
-SANDBOX_NAME := cozy-e2e-sandbox-airgapped
+SANDBOX_NAME := cozy-e2e-sandbox-$(shell echo "$$(hostname):$$(pwd)" | sha256sum | cut -c -6)
 
 ROOT_DIR = $(dir $(abspath $(firstword $(MAKEFILE_LIST))/../../..))
 

packages/system/capi-providers-bootstrap/.helmignore

@@ -1 +0,0 @@
-files/.*-components.yaml

packages/system/capi-providers-bootstrap/Chart.yaml

@@ -1,3 +0,0 @@
-apiVersion: v2
-name: cozy-capi-providers-bootstrap
-version: 0.0.0 # Placeholder, the actual version will be automatically set during the build process

packages/system/capi-providers-bootstrap/files/metadata.yaml

@@ -1,41 +0,0 @@
-# maps release series of major.minor to cluster-api contract version
-# the contract version may change between minor or major versions, but *not*
-# between patch versions.
-#
-# update this file only when a new major or minor version is released
-apiVersion: clusterctl.cluster.x-k8s.io/v1alpha3
-kind: Metadata
-releaseSeries:
-  - major: 1
-    minor: 10
-    contract: v1beta1
-  - major: 1
-    minor: 9
-    contract: v1beta1
-  - major: 1
-    minor: 8
-    contract: v1beta1
-  - major: 1
-    minor: 7
-    contract: v1beta1
-  - major: 1
-    minor: 6
-    contract: v1beta1
-  - major: 1
-    minor: 5
-    contract: v1beta1
-  - major: 1
-    minor: 4
-    contract: v1beta1
-  - major: 1
-    minor: 3
-    contract: v1beta1
-  - major: 1
-    minor: 2
-    contract: v1beta1
-  - major: 1
-    minor: 1
-    contract: v1beta1
-  - major: 1
-    minor: 0
-    contract: v1beta1

packages/system/capi-providers-bootstrap/templates/configmaps.yaml

@@ -1,12 +0,0 @@
-apiVersion: v1
-kind: ConfigMap
-metadata:
-  name: v1.10.1-bootstrap
-  labels:
-    bootstrap-components: cozy
-  annotations:
-    provider.cluster.x-k8s.io/compressed: "true"
-binaryData:
-  components: {{ .Files.Get "files/components.gz" | b64enc | quote }}
-data:
-  metadata: {{ .Files.Get "files/metadata.yaml" | quote }}

packages/system/capi-providers-bootstrap/templates/providers.yaml

@@ -1,11 +0,0 @@
-apiVersion: operator.cluster.x-k8s.io/v1alpha2
-kind: BootstrapProvider
-metadata:
-  name: kubeadm
-spec:
-  # https://github.com/kubernetes-sigs/cluster-api
-  version: v1.10.1-bootstrap
-  fetchConfig:
-    selector:
-      matchLabels:
-        bootstrap-components: cozy

packages/system/capi-providers-core/.helmignore

@@ -1 +0,0 @@
-files/.*-components.yaml

packages/system/capi-providers-core/Makefile

@@ -1,4 +0,0 @@
-export NAME=capi-providers
-export NAMESPACE=cozy-cluster-api
-
-include ../../../scripts/package.mk

packages/system/capi-providers-core/files/metadata.yaml

@@ -1,41 +0,0 @@
-# maps release series of major.minor to cluster-api contract version
-# the contract version may change between minor or major versions, but *not*
-# between patch versions.
-#
-# update this file only when a new major or minor version is released
-apiVersion: clusterctl.cluster.x-k8s.io/v1alpha3
-kind: Metadata
-releaseSeries:
-  - major: 1
-    minor: 10
-    contract: v1beta1
-  - major: 1
-    minor: 9
-    contract: v1beta1
-  - major: 1
-    minor: 8
-    contract: v1beta1
-  - major: 1
-    minor: 7
-    contract: v1beta1
-  - major: 1
-    minor: 6
-    contract: v1beta1
-  - major: 1
-    minor: 5
-    contract: v1beta1
-  - major: 1
-    minor: 4
-    contract: v1beta1
-  - major: 1
-    minor: 3
-    contract: v1beta1
-  - major: 1
-    minor: 2
-    contract: v1beta1
-  - major: 1
-    minor: 1
-    contract: v1beta1
-  - major: 1
-    minor: 0
-    contract: v1beta1

packages/system/capi-providers-core/templates/configmaps.yaml

@@ -1,12 +0,0 @@
-apiVersion: v1
-kind: ConfigMap
-metadata:
-  name: v1.10.1-core
-  labels:
-    core-components: cozy
-  annotations:
-    provider.cluster.x-k8s.io/compressed: "true"
-binaryData:
-  components: {{ .Files.Get "files/components.gz" | b64enc | quote }}
-data:
-  metadata: {{ .Files.Get "files/metadata.yaml" | quote }}

packages/system/capi-providers-core/templates/providers.yaml

@@ -1,12 +0,0 @@
----
-apiVersion: operator.cluster.x-k8s.io/v1alpha2
-kind: CoreProvider
-metadata:
-  name: cluster-api
-spec:
-  # https://github.com/kubernetes-sigs/cluster-api
-  version: v1.10.1-core
-  fetchConfig:
-    selector:
-      matchLabels:
-        core-components: cozy

packages/system/capi-providers-cpprovider/.helmignore

@@ -1 +0,0 @@
-files/.*-components.yaml

packages/system/capi-providers-cpprovider/Chart.yaml

@@ -1,3 +0,0 @@
-apiVersion: v2
-name: cozy-capi-providers-cpprovider
-version: 0.0.0 # Placeholder, the actual version will be automatically set during the build process

packages/system/capi-providers-cpprovider/Makefile

@@ -1,4 +0,0 @@
-export NAME=capi-providers
-export NAMESPACE=cozy-cluster-api
-
-include ../../../scripts/package.mk

packages/system/capi-providers-cpprovider/files/metadata.yaml

@@ -1,52 +0,0 @@
-# maps release series of major.minor to cluster-api contract version
-# the contract version may change between minor or major versions, but *not*
-# between patch versions.
-#
-# update this file only when a new major or minor version is released
-apiVersion: clusterctl.cluster.x-k8s.io/v1alpha3
-releaseSeries:
-  - major: 0
-    minor: 15
-    contract: v1beta1
-  - major: 0
-    minor: 14
-    contract: v1beta1
-  - major: 0
-    minor: 13
-    contract: v1beta1
-  - major: 0
-    minor: 12
-    contract: v1beta1
-  - major: 0
-    minor: 11
-    contract: v1beta1
-  - major: 0
-    minor: 10
-    contract: v1beta1
-  - major: 0
-    minor: 9
-    contract: v1beta1
-  - major: 0
-    minor: 8
-    contract: v1beta1
-  - major: 0
-    minor: 7
-    contract: v1beta1
-  - major: 0
-    minor: 6
-    contract: v1beta1
-  - major: 0
-    minor: 5
-    contract: v1beta1
-  - major: 0
-    minor: 4
-    contract: v1beta1
-  - major: 0
-    minor: 3
-    contract: v1beta1
-  - major: 0
-    minor: 2
-    contract: v1beta1
-  - major: 0
-    minor: 1
-    contract: v1beta1

packages/system/capi-providers-cpprovider/templates/configmaps.yaml

@@ -1,12 +0,0 @@
-apiVersion: v1
-kind: ConfigMap
-metadata:
-  name: v0.15.1-cp
-  labels:
-    cp-components: cozy
-  annotations:
-    provider.cluster.x-k8s.io/compressed: "true"
-binaryData:
-  components: {{ .Files.Get "files/components.gz" | b64enc | quote }}
-data:
-  metadata: {{ .Files.Get "files/metadata.yaml" | quote }}

packages/system/capi-providers-cpprovider/templates/providers.yaml

@@ -1,21 +0,0 @@
-apiVersion: operator.cluster.x-k8s.io/v1alpha2
-kind: ControlPlaneProvider
-metadata:
-  name: kamaji
-spec:
-  # https://github.com/clastix/cluster-api-control-plane-provider-kamaji
-  version: v0.15.1-cp
-  fetchConfig:
-    selector:
-      matchLabels:
-        cp-components: cozy
-  deployment:
-    containers:
-    - name: manager
-      resources:
-        limits:
-          cpu: "1"
-          memory: 1024Mi
-        requests:
-          cpu: "10m"
-          memory: 128Mi

packages/system/capi-providers-infraprovider/.helmignore

@@ -1 +0,0 @@
-files/.*-components.yaml

packages/system/capi-providers-infraprovider/Chart.yaml

@@ -1,3 +0,0 @@
-apiVersion: v2
-name: cozy-capi-providers-infraprovider
-version: 0.0.0 # Placeholder, the actual version will be automatically set during the build process

packages/system/capi-providers-infraprovider/Makefile

@@ -1,4 +0,0 @@
-export NAME=capi-providers
-export NAMESPACE=cozy-cluster-api
-
-include ../../../scripts/package.mk

packages/system/capi-providers-infraprovider/files/metadata.yaml

@@ -1,11 +0,0 @@
-# maps release series of major.minor to cluster-api contract version
-# the contract version may change between minor or major versions, but *not*
-# between patch versions.
-#
-# update this file only when a new major or minor version is released
-apiVersion: clusterctl.cluster.x-k8s.io/v1alpha3
-kind: Metadata
-releaseSeries:
-  - major: 0
-    minor: 1
-    contract: v1beta1

packages/system/capi-providers-infraprovider/templates/configmaps.yaml

@@ -1,12 +0,0 @@
-apiVersion: v1
-kind: ConfigMap
-metadata:
-  name: v0.1.10-infraprovider
-  labels:
-    infraprovider-components: cozy
-  annotations:
-    provider.cluster.x-k8s.io/compressed: "true"
-binaryData:
-  components: {{ .Files.Get "files/components.gz" | b64enc | quote }}
-data:
-  metadata: {{ .Files.Get "files/metadata.yaml" | quote }}

packages/system/capi-providers-infraprovider/templates/providers.yaml

@@ -1,11 +0,0 @@
-apiVersion: operator.cluster.x-k8s.io/v1alpha2
-kind: InfrastructureProvider
-metadata:
-  name: kubevirt
-spec:
-  # https://github.com/kubernetes-sigs/cluster-api-provider-kubevirt
-  version: v0.1.10-infraprovider
-  fetchConfig:
-    selector:
-      matchLabels:
-        infraprovider-components: cozy

packages/system/capi-providers/Chart.yaml

@@ -1,3 +1,3 @@
 apiVersion: v2
-name: cozy-capi-providers-core
+name: cozy-capi-providers
 version: 0.0.0 # Placeholder, the actual version will be automatically set during the build process

packages/system/capi-providers/templates/providers.yaml

@@ -0,0 +1,42 @@
+---
+apiVersion: operator.cluster.x-k8s.io/v1alpha2
+kind: CoreProvider
+metadata:
+  name: cluster-api
+spec:
+  # https://github.com/kubernetes-sigs/cluster-api
+  version: v1.10.1
+---
+apiVersion: operator.cluster.x-k8s.io/v1alpha2
+kind: ControlPlaneProvider
+metadata:
+  name: kamaji
+spec:
+  # https://github.com/clastix/cluster-api-control-plane-provider-kamaji
+  version: v0.15.1
+  deployment:
+    containers:
+    - name: manager
+      resources:
+        limits:
+          cpu: "1"
+          memory: 1024Mi
+        requests:
+          cpu: "10m"
+          memory: 128Mi
+---
+apiVersion: operator.cluster.x-k8s.io/v1alpha2
+kind: BootstrapProvider
+metadata:
+  name: kubeadm
+spec:
+  # https://github.com/kubernetes-sigs/cluster-api
+  version: v1.10.1
+---
+apiVersion: operator.cluster.x-k8s.io/v1alpha2
+kind: InfrastructureProvider
+metadata:
+  name: kubevirt
+spec:
+  # https://github.com/kubernetes-sigs/cluster-api-provider-kubevirt
+  version: v0.1.10

packages/system/monitoring-agents/values.yaml

@@ -311,8 +311,6 @@ vmagent:
       - http://vminsert-longterm.tenant-root.svc:8480/insert/0/prometheus
 
 fluent-bit:
-  rbac:
-    eventsAccess: true
   readinessProbe:
     httpGet:
       path: /
@@ -330,42 +328,6 @@ fluent-bit:
       mountPath: /var/lib/docker/containers
       readOnly: true
   config:
-    inputs: |
-      [INPUT]
-          Name tail
-          Path /var/log/containers/*.log
-          multiline.parser docker, cri
-          Tag kube.*
-          Mem_Buf_Limit 5MB
-          Skip_Long_Lines On
-      [INPUT]
-          Name kubernetes_events
-          Tag events.*
-          Kube_url https://kubernetes.default.svc
-      [INPUT]
-          Name tail
-          Alias audit
-          Path /var/log/audit/kube/*.log
-          Parser audit
-          Tag audit.*
-    customParsers: |
-      [PARSER]
-          Name docker_no_time
-          Format json
-          Time_Keep Off
-          Time_Key time
-          Time_Format %Y-%m-%dT%H:%M:%S.%L
-      [PARSER]
-          Name          audit
-          Format        json
-          Time_Key      requestReceivedTimestamp
-          Time_Format   %Y-%m-%dT%H:%M:%S.%L%z
-      [PARSER]
-          Name          containerd
-          Format        regex
-          Regex         ^(?<time>[^ ]+) (?<stream>stdout|stderr) (?<logtag>[^ ]*) (?<event>.*)$
-          Time_Key      time
-          Time_Format   %Y-%m-%dT%H:%M:%S.%L%z
     outputs: |
       [OUTPUT]
           Name http
@@ -373,29 +335,7 @@ fluent-bit:
           Host vlogs-generic.tenant-root.svc
           port 9428
           compress gzip
-          uri /insert/jsonline?_stream_fields=log_source,stream,kubernetes_pod_name,kubernetes_container_name,kubernetes_namespace_name&_msg_field=log&_time_field=date
-          format json_lines
-          json_date_format iso8601
-          header AccountID 0
-          header ProjectID 0
-      [OUTPUT]
-          Name http
-          Match events.*
-          Host vlogs-generic.tenant-root.svc
-          port 9428
-          compress gzip
-          uri /insert/jsonline?_stream_fields=log_source,reason,meatdata_namespace,metadata_name&_msg_field=message&_time_field=date
-          format json_lines
-          json_date_format iso8601
-          header AccountID 0
-          header ProjectID 0
-      [OUTPUT]
-          Name http
-          Match audit.*
-          Host vlogs-generic.tenant-root.svc
-          port 9428
-          compress gzip
-          uri /insert/jsonline?_stream_fields=log_source,stage,user_username,verb,requestUri&_msg_field=requestURI&_time_field=date
+          uri /insert/jsonline?_stream_fields=stream,kubernetes_pod_name,kubernetes_container_name,kubernetes_namespace_name&_msg_field=log&_time_field=date
           format json_lines
           json_date_format iso8601
           header AccountID 0
@@ -409,38 +349,12 @@ fluent-bit:
           K8S-Logging.Parser On
           K8S-Logging.Exclude On
       [FILTER]
-          Name nest
-          Match kube.*
-          Wildcard pod_name
+          Name                nest
+          Match               *
+          Wildcard            pod_name
           Operation lift
           Nested_under kubernetes
           Add_prefix   kubernetes_
-      [FILTER]
-          Name modify
-          Match kube.*
-          Add log_source container_log
-      [FILTER]
-          Name nest
-          Match events.*
-          Wildcard metadata.*
-          Operation lift
-          Nested_under metadata
-          Add_prefix   metadata_
-      [FILTER]
-          Name nest
-          Match audit.*
-          Wildcard user.*
-          Operation lift
-          Nested_under user
-          Add_prefix   user_
-      [FILTER]
-          Name modify
-          Match events.*
-          Add log_source kube_events
-      [FILTER]
-          Name modify
-          Match audit.*
-          Add log_source audit_log
       [FILTER]
           Name modify
           Match *
@@ -449,6 +363,7 @@ fluent-bit:
           Name modify
           Match *
           Add cluster root-cluster
+
 scrapeRules:
   etcd:
     enabled: false

scripts/migrations/13

@@ -1,8 +0,0 @@
-#!/bin/sh
-# Migration 13 --> 14
-
-# Delete capi-providers
-kubectl delete hr capi-providers -n cozy-cluster-api
-
-# Write version to cozystack-version config
-kubectl create configmap -n cozy-system cozystack-version --from-literal=version=14 --dry-run=client -o yaml | kubectl apply -f-