cdi: specify scratchSpaceStorageClass=local

2026-02-05 08:17:59 +00:00 · 2024-10-11 13:26:00 +02:00
33 changed files with 38 additions and 402 deletions
--- a/.github/workflows/pre-commit.yml
+++ b/.github/workflows/pre-commit.yml
@@ -1,35 +0,0 @@
 name: Pre-Commit Checks
 on: [push, pull_request]
 jobs:
  pre-commit:
    runs-on: ubuntu-22.04
    steps:
      - name: Checkout code
        uses: actions/checkout@v3
      - name: Set up Python
        uses: actions/setup-python@v4
        with:
          python-version: '3.11'
      - name: Install pre-commit
        run: pip install pre-commit
      - name: Run pre-commit hooks
        run: |
          git fetch origin main || git fetch origin master
          base_commit=$(git rev-parse --verify origin/main || git rev-parse --verify origin/master || echo "")
          if [ -z "$base_commit" ]; then
            files=$(git ls-files '*.yaml' '*.md')
          else
            files=$(git diff --name-only "$base_commit" -- '*.yaml' '*.md')
          fi
          if [ -n "$files" ]; then
            echo "$files" | xargs pre-commit run --files
          else
            echo "No YAML or Markdown files to lint"
          fi
--- a/.pre-commit-config.yaml
+++ b/.pre-commit-config.yaml
@@ -1,25 +0,0 @@
 repos:
 - repo: https://github.com/pre-commit/pre-commit-hooks
  rev: v4.5.0
  hooks:
    - id: end-of-file-fixer
    - id: trailing-whitespace
    - id: mixed-line-ending
      args: [--fix=lf]
    - id: check-yaml
      exclude: .*/init-script\.yaml$
      args: [--unsafe]
 - repo: https://github.com/igorshubovych/markdownlint-cli
  rev: v0.41.0
  hooks:
    - id: markdownlint
      args: [--fix, --disable, MD013, MD041, --]
 -   repo: local
    hooks:
    - id: gen-versions-map
      name: Generate versions map and check for changes
      entry: bash -c 'cd packages/apps && make check-version-map'
      language: system
      types: [file]
      pass_filenames: false
      description: Run the script and fail if it generates changes
--- a/hack/Makefile
+++ b/hack/Makefile
@@ -1,16 +0,0 @@
 .PHONY: test clean help
 SCRIPT=./e2e.applications.sh
 PRECHECKS=./pre-checks.sh
 help:
 	@echo "Usage: make {test|clean}"
 	@echo "  test  - Run the end-to-end tests."
 	@echo "  clean - Clean up resources."
 test:
 	@bash $(PRECHECKS) test
 	@bash $(SCRIPT) test
 clean:
 	@bash $(SCRIPT) clean
--- a/hack/e2e.applications.sh
+++ b/hack/e2e.applications.sh
@@ -1,47 +0,0 @@
 for file in ./modules/*.sh; do
    source "$file"
 done
 ROOT_NS="tenant-root"
 TEST_TENANT="tenant-e2e"
 function test() {
    install_tenant $TEST_TENANT $ROOT_NS
    check_helmrelease_status $TEST_TENANT $ROOT_NS
    install_all_apps "../packages/apps" "$TEST_TENANT" cozystack-apps cozy-public
    if true; then
        echo -e "${GREEN}All tests passed!${RESET}"
        return 0
    else
        echo -e "${RED}Some tests failed!${RESET}"
        return 1
    fi
 }
 function clean() {
    kubectl delete helmrelease.helm.toolkit.fluxcd.io $TEST_TENANT -n $ROOT_NS
    if true; then
        echo -e "${GREEN}Cleanup successful!${RESET}"
        return 0
    else
        echo -e "${RED}Cleanup failed!${RESET}"
        return 1
    fi
 }
 case "$1" in
    test)
        echo -e "${YELLOW}Running tests...${RESET}"
        test
        ;;
    clean)
        echo -e "${YELLOW}Cleaning up...${RESET}"
        clean
        ;;
    *)
        echo -e "${RED}Usage: $0 {test|clean}${RESET}"
        exit 1
        ;;
 esac
--- a/hack/modules/check_helmrelease_status.sh
+++ b/hack/modules/check_helmrelease_status.sh
@@ -1,32 +0,0 @@
 #!/bin/bash
 source ./modules/colors.sh
 function check_helmrelease_status() {
    local release_name="$1"
    local namespace="$2"
    local timeout=300  # Timeout in seconds
    local interval=5   # Interval between checks in seconds
    local elapsed=0
    while [[ $elapsed -lt $timeout ]]; do
        local status_output
        status_output=$(kubectl get helmrelease "$release_name" -n "$namespace" -o json | jq -r '.status.conditions[-1].reason')
        if [[ "$status_output" == "InstallSucceeded" ]]; then
            echo -e "${GREEN}Helm release '$release_name' is ready.${RESET}"
            return 0
        elif [[ "$status_output" == "InstallFailed" ]]; then
          echo -e "${RED}Helm release '$release_name': InstallFailed${RESET}"
          exit 1
        else
            echo -e "${YELLOW}Helm release '$release_name' is not ready. Current status: $status_output${RESET}"
        fi
        sleep "$interval"
        elapsed=$((elapsed + interval))
    done
    echo -e "${RED}Timeout reached. Helm release '$release_name' is still not ready after $timeout seconds.${RESET}"
    exit 1
 }
--- a/hack/modules/colors.sh
+++ b/hack/modules/colors.sh
@@ -1,6 +0,0 @@
 #!/bin/bash
 RED='\033[0;31m'
 GREEN='\033[0;32m'
 RESET='\033[0m'
 YELLOW='\033[0;33m'
--- a/hack/modules/ignored_charts
+++ b/hack/modules/ignored_charts
@@ -1,6 +0,0 @@
 tenant
 http-cache
 mysql
 rabbitmq
 virtual-machine
 vpn
--- a/hack/modules/install_all_apps.sh
+++ b/hack/modules/install_all_apps.sh
@@ -1,66 +0,0 @@
 #!/bin/bash
 source ./modules/colors.sh
 # Function to load ignored charts from a file
 function load_ignored_charts() {
    local ignore_file="$1"
    local ignored_charts=()
    if [[ -f "$ignore_file" ]]; then
        while IFS= read -r chart; do
            ignored_charts+=("$chart")
        done < "$ignore_file"
    else
        echo "Ignore file not found: $ignore_file"
    fi
    # Return the array of ignored charts
    echo "${ignored_charts[@]}"
 }
 # Function to check if a chart is in the ignored list
 function is_chart_ignored() {
    local chart_name="$1"
    shift
    local ignored_charts=("$@")
    for ignored_chart in "${ignored_charts[@]}"; do
        if [[ "$ignored_chart" == "$chart_name" ]]; then
            return 0
        fi
    done
    return 1
 }
 function install_all_apps() {
    local charts_dir="$1"
    local namespace="$2"
    local repo_name="$3"
    local repo_ns="$4"
    local ignore_file="./modules/ignored_charts"
    local ignored_charts
    ignored_charts=($(load_ignored_charts "$ignore_file"))
    for chart_path in "$charts_dir"/*; do
        if [[ -d "$chart_path" ]]; then
            local chart_name
            chart_name=$(basename "$chart_path")
            # Check if the chart is in the ignored list
            if is_chart_ignored "$chart_name" "${ignored_charts[@]}"; then
                echo "Skipping chart: $chart_name (listed in ignored charts)"
                continue
            fi
            release_name="$chart_name-e2e"
            echo "Installing release: $release_name"
            install_helmrelease "$release_name" "$namespace" "$chart_name" "$repo_name" "$repo_ns"
            echo "Checking status for HelmRelease: $release_name"
            check_helmrelease_status "$release_name" "$namespace"
        else
            echo "$chart_path is not a directory. Skipping."
        fi
    done
 }
--- a/hack/modules/install_chart.sh
+++ b/hack/modules/install_chart.sh
@@ -1,60 +0,0 @@
 #!/bin/bash
 source ./modules/colors.sh
 function install_helmrelease() {
    local release_name="$1"
    local namespace="$2"
    local chart_path="$3"
    local repo_name="$4"
    local repo_ns="$5"
    local values_file="$6"
    if [[ -z "$release_name" ]]; then
        echo -e "${RED}Error: Release name is required.${RESET}"
        exit 1
    fi
    if [[ -z "$namespace" ]]; then
        echo -e "${RED}Error: Namespace name is required.${RESET}"
        exit 1
    fi
    if [[ -z "$chart_path" ]]; then
        echo -e "${RED}Error: Chart path name is required.${RESET}"
        exit 1
    fi
    local helmrelease_file=$(mktemp /tmp/HelmRelease.XXXXXX.yaml)
    {
        echo "apiVersion: helm.toolkit.fluxcd.io/v2"
        echo "kind: HelmRelease"
        echo "metadata:"
        echo "  labels:"
        echo "    cozystack.io/ui: \"true\""
        echo "  name: \"$release_name\""
        echo "  namespace: \"$namespace\""
        echo "spec:"
        echo "  chart:"
        echo "    spec:"
        echo "      chart: \"$chart_path\""
        echo "      reconcileStrategy: Revision"
        echo "      sourceRef:"
        echo "        kind: HelmRepository"
        echo "        name: \"$repo_name\""
        echo "        namespace: \"$repo_ns\""
        echo "      version: '*'"
        echo "  interval: 1m0s"
        echo "  timeout: 5m0s"
        if [[ -n "$values_file" && -f "$values_file" ]]; then
            echo "  values:"
            cat "$values_file" | sed 's/^/    /'
        fi
    } > "$helmrelease_file"
    kubectl apply -f "$helmrelease_file"
    rm -f "$helmrelease_file"
 }
--- a/hack/modules/install_tenant.sh
+++ b/hack/modules/install_tenant.sh
@@ -1,11 +0,0 @@
 #!/bin/bash
 function install_tenant (){
    local release_name="$1"
    local namespace="$2"
    local values_file="${3:-tenant.yaml}"
    local repo_name="cozystack-apps"
    local repo_ns="cozy-public"
    install_helmrelease "$release_name" "$namespace" "tenant" "$repo_name" "$repo_ns" "$values_file"
 }
--- a/hack/pre-checks.sh
+++ b/hack/pre-checks.sh
@@ -1,23 +0,0 @@
 #!/bin/bash
 YQ_VERSION="v4.35.1"
 RED='\033[31m'
 RESET='\033[0m'
 check-yq-version() {
    current_version=$(yq -V | awk '$(NF-1) == "version" {print $NF}')
    if [ -z "$current_version" ]; then
        echo "yq is not installed or version cannot be determined."
        exit 1
    fi
    echo "Current yq version: $current_version"
    if [ "$(printf '%s\n' "$YQ_VERSION" "$current_version" | sort -V | head -n1)" = "$YQ_VERSION" ]; then
        echo "Greater than or equal to $YQ_VERSION"
    else
        echo -e "${RED}ERROR: yq version less than $YQ_VERSION${RESET}"
        exit 1
    fi
 }
 check-yq-version
--- a/hack/values/tenant.yaml
+++ b/hack/values/tenant.yaml
@@ -1,6 +0,0 @@
 host: ""
 etcd: false
 monitoring: true
 ingress: false
 seaweedfs: true
 isolated: true
--- a/manifests/cozystack-installer.yaml
+++ b/manifests/cozystack-installer.yaml
@@ -68,7 +68,7 @@ spec:
      serviceAccountName: cozystack
      containers:
      - name: cozystack
-        image: "ghcr.io/aenix-io/cozystack/cozystack:v0.16.5"
+        image: "ghcr.io/aenix-io/cozystack/cozystack:v0.16.4"
        env:
        - name: KUBERNETES_SERVICE_HOST
          value: localhost
@@ -87,7 +87,7 @@ spec:
            fieldRef:
              fieldPath: metadata.name
      - name: darkhttpd
-        image: "ghcr.io/aenix-io/cozystack/cozystack:v0.16.5"
+        image: "ghcr.io/aenix-io/cozystack/cozystack:v0.16.4"
        command:
        - /usr/bin/darkhttpd
        - /cozystack/assets
--- a/packages/apps/README.md
+++ b/packages/apps/README.md
@@ -1,9 +0,0 @@
 ### How to test packages local
 ```bash
 cd packages/core/installer
 make image-cozystack REGISTRY=YOUR_CUSTOM_REGISTRY
 make apply
 kubectl delete pod dashboard-redis-master-0 -n cozy-dashboard
 kubectl delete po -l app=source-controller -n cozy-fluxcd
 ```
--- a/packages/apps/ferretdb/Chart.yaml
+++ b/packages/apps/ferretdb/Chart.yaml
@@ -16,7 +16,7 @@ type: application
 # This is the chart version. This version number should be incremented each time you make changes
 # to the chart and its templates, including the app version.
 # Versions are expected to follow Semantic Versioning (https://semver.org/)
-version: 0.4.1
+version: 0.4.0
 # This is the version number of the application being deployed. This version number should be
 # incremented each time you make changes to the application. Versions are not expected to
--- a/packages/apps/ferretdb/templates/init-script.yaml
+++ b/packages/apps/ferretdb/templates/init-script.yaml
@@ -34,9 +34,6 @@ stringData:
  init.sh: |
    #!/bin/bash
    set -e
    until pg_isready ; do sleep 5; done
    echo "== create users"
    {{- if .Values.users }}
    psql -v ON_ERROR_STOP=1 <<\EOT
@@ -63,7 +60,7 @@ stringData:
    DROP USER $user;
    EOT
    done
-
+    
    echo "== create roles"
    psql -v ON_ERROR_STOP=1 --echo-all <<\EOT
    SELECT 'CREATE ROLE app_admin NOINHERIT;'
@@ -83,7 +80,7 @@ stringData:
        FOR schema_record IN SELECT schema_name FROM information_schema.schemata WHERE schema_name NOT IN ('pg_catalog', 'information_schema') LOOP
            -- Changing Schema Ownership
            EXECUTE format('ALTER SCHEMA %I OWNER TO %I', schema_record.schema_name, 'app_admin');
-
+    
            -- Add rights for the admin role
            EXECUTE format('GRANT ALL ON SCHEMA %I TO %I', schema_record.schema_name, 'app_admin');
            EXECUTE format('GRANT ALL ON ALL TABLES IN SCHEMA %I TO %I', schema_record.schema_name, 'app_admin');
--- a/packages/apps/kubernetes/Chart.yaml
+++ b/packages/apps/kubernetes/Chart.yaml
@@ -16,7 +16,7 @@ type: application
 # This is the chart version. This version number should be incremented each time you make changes
 # to the chart and its templates, including the app version.
 # Versions are expected to follow Semantic Versioning (https://semver.org/)
-version: 0.12.1
+version: 0.12.0
 # This is the version number of the application being deployed. This version number should be
 # incremented each time you make changes to the application. Versions are not expected to
--- a/packages/apps/kubernetes/images/cluster-autoscaler.tag
+++ b/packages/apps/kubernetes/images/cluster-autoscaler.tag
@@ -1 +1 @@
-ghcr.io/aenix-io/cozystack/cluster-autoscaler:0.12.1@sha256:7f617de5a24de790a15d9e97c6287ff2b390922e6e74c7a665cbf498f634514d
+ghcr.io/aenix-io/cozystack/cluster-autoscaler:0.12.0@sha256:7f617de5a24de790a15d9e97c6287ff2b390922e6e74c7a665cbf498f634514d
--- a/packages/apps/kubernetes/images/kubevirt-cloud-provider.tag
+++ b/packages/apps/kubernetes/images/kubevirt-cloud-provider.tag
@@ -1 +1 @@
-ghcr.io/aenix-io/cozystack/kubevirt-cloud-provider:0.12.1@sha256:ca606d6039ed43a48d4dfd98a91fd3cec120f08c1e221cd4e99ea94239389742
+ghcr.io/aenix-io/cozystack/kubevirt-cloud-provider:0.12.0@sha256:df4a937b6fb2b345110174227170691d48189ffe1900c3f848cd5085990a58df
--- a/packages/apps/kubernetes/images/kubevirt-csi-driver.tag
+++ b/packages/apps/kubernetes/images/kubevirt-csi-driver.tag
@@ -1 +1 @@
-ghcr.io/aenix-io/cozystack/kubevirt-csi-driver:0.12.1@sha256:86029548078960feecca116087b2135230d676b83c503f292eb50e1199be2790
+ghcr.io/aenix-io/cozystack/kubevirt-csi-driver:0.12.0@sha256:86029548078960feecca116087b2135230d676b83c503f292eb50e1199be2790
--- a/packages/apps/kubernetes/templates/cluster.yaml
+++ b/packages/apps/kubernetes/templates/cluster.yaml
@@ -229,7 +229,7 @@ spec:
    timeout: 30s
  - type: Ready
    status: "False"
-    timeout: 300s
+    timeout: 30s
 {{- end }}
 ---
 {{- /*
--- a/packages/apps/postgres/Chart.yaml
+++ b/packages/apps/postgres/Chart.yaml
@@ -16,7 +16,7 @@ type: application
 # This is the chart version. This version number should be incremented each time you make changes
 # to the chart and its templates, including the app version.
 # Versions are expected to follow Semantic Versioning (https://semver.org/)
-version: 0.7.1
+version: 0.7.0
 # This is the version number of the application being deployed. This version number should be
 # incremented each time you make changes to the application. Versions are not expected to
--- a/packages/apps/postgres/README.md
+++ b/packages/apps/postgres/README.md
@@ -6,34 +6,30 @@ PostgreSQL is currently the leading choice among relational databases, known for
 This managed service is controlled by the CloudNativePG operator, ensuring efficient management and seamless operation.
- Docs: <https://cloudnative-pg.io/docs/>
+- Docs: https://cloudnative-pg.io/docs/
- Github: <https://github.com/cloudnative-pg/cloudnative-pg>
+- Github: https://github.com/cloudnative-pg/cloudnative-pg
 ## HowTos
 ### How to switch master/slave replica
 See:
 - https://cloudnative-pg.io/documentation/1.15/rolling_update/#manual-updates-supervised
- <https://cloudnative-pg.io/documentation/1.15/rolling_update/#manual-updates-supervised>
+### How to restore backup:
 ### How to restore backup
 find snapshot:
-
+```
 ```bash
 restic -r s3:s3.example.org/postgres-backups/database_name snapshots
 ```
 restore:
-
+```
 ```bash
 restic -r s3:s3.example.org/postgres-backups/database_name restore latest --target /tmp/
 ```
 more details:
-
+- https://itnext.io/restic-effective-backup-from-stdin-4bc1e8f083c1
 - <https://itnext.io/restic-effective-backup-from-stdin-4bc1e8f083c1>
 ## Parameters
@@ -68,3 +64,5 @@ more details:
 | `backup.s3AccessKey`     | The access key for S3, used for authentication | `oobaiRus9pah8PhohL1ThaeTa4UVa7gu`                     |
 | `backup.s3SecretKey`     | The secret key for S3, used for authentication | `ju3eum4dekeich9ahM1te8waeGai0oog`                     |
 | `backup.resticPassword`  | The password for Restic backup encryption      | `ChaXoveekoh6eigh4siesheeda2quai0`                     |
--- a/packages/apps/postgres/templates/init-script.yaml
+++ b/packages/apps/postgres/templates/init-script.yaml
@@ -34,9 +34,6 @@ stringData:
  init.sh: |
    #!/bin/bash
    set -e
    until pg_isready ; do sleep 5; done
    echo "== create users"
    {{- if .Values.users }}
    psql -v ON_ERROR_STOP=1 <<\EOT
@@ -63,7 +60,7 @@ stringData:
    DROP USER $user;
    EOT
    done
-
+    
    echo "== create databases and roles"
    {{- if .Values.databases }}
    psql -v ON_ERROR_STOP=1 --echo-all <<\EOT
@@ -95,7 +92,7 @@ stringData:
        FOR schema_record IN SELECT schema_name FROM information_schema.schemata WHERE schema_name NOT IN ('pg_catalog', 'information_schema') LOOP
            -- Changing Schema Ownership
            EXECUTE format('ALTER SCHEMA %I OWNER TO %I', schema_record.schema_name, '{{ $database }}_admin');
-
+    
            -- Add rights for the admin role
            EXECUTE format('GRANT ALL ON SCHEMA %I TO %I', schema_record.schema_name, '{{ $database }}_admin');
            EXECUTE format('GRANT ALL ON ALL TABLES IN SCHEMA %I TO %I', schema_record.schema_name, '{{ $database }}_admin');
@@ -104,7 +101,7 @@ stringData:
            EXECUTE format('ALTER DEFAULT PRIVILEGES IN SCHEMA %I GRANT ALL ON TABLES TO %I', schema_record.schema_name, '{{ $database }}_admin');
            EXECUTE format('ALTER DEFAULT PRIVILEGES IN SCHEMA %I GRANT ALL ON SEQUENCES TO %I', schema_record.schema_name, '{{ $database }}_admin');
            EXECUTE format('ALTER DEFAULT PRIVILEGES IN SCHEMA %I GRANT ALL ON FUNCTIONS TO %I', schema_record.schema_name, '{{ $database }}_admin');
-
+    
            -- Add rights for the readonly role
            EXECUTE format('GRANT USAGE ON SCHEMA %I TO %I', schema_record.schema_name, '{{ $database }}_readonly');
            EXECUTE format('GRANT SELECT ON ALL TABLES IN SCHEMA %I TO %I', schema_record.schema_name, '{{ $database }}_readonly');
@@ -122,9 +119,9 @@ stringData:
    CREATE OR REPLACE FUNCTION auto_grant_schema_privileges()
    RETURNS event_trigger LANGUAGE plpgsql AS $$
    DECLARE
-        obj record;
+      obj record;
    BEGIN
-        FOR obj IN SELECT * FROM pg_event_trigger_ddl_commands() WHERE command_tag = 'CREATE SCHEMA' LOOP
+      FOR obj IN SELECT * FROM pg_event_trigger_ddl_commands() WHERE command_tag = 'CREATE SCHEMA' LOOP
        EXECUTE format('ALTER SCHEMA %I OWNER TO %I', obj.object_identity, '{{ $database }}_admin');
        EXECUTE format('GRANT ALL ON SCHEMA %I TO %I', obj.object_identity, '{{ $database }}_admin');
        EXECUTE format('GRANT USAGE ON SCHEMA %I TO %I', obj.object_identity, '{{ $database }}_readonly');
@@ -149,7 +146,7 @@ stringData:
        EXECUTE format('ALTER DEFAULT PRIVILEGES IN SCHEMA %I GRANT SELECT ON TABLES TO %I', obj.object_identity, '{{ $database }}_readonly');
        EXECUTE format('ALTER DEFAULT PRIVILEGES IN SCHEMA %I GRANT USAGE ON SEQUENCES TO %I', obj.object_identity, '{{ $database }}_readonly');
        EXECUTE format('ALTER DEFAULT PRIVILEGES IN SCHEMA %I GRANT EXECUTE ON FUNCTIONS TO %I', obj.object_identity, '{{ $database }}_readonly');
-        END LOOP;
+      END LOOP;
    END;
    $$;
--- a/packages/apps/versions_map
+++ b/packages/apps/versions_map
@@ -9,8 +9,7 @@ ferretdb 0.1.0 4ffa8615
 ferretdb 0.1.1 5ca8823
 ferretdb 0.2.0 adaf603
 ferretdb 0.3.0 aa2f553
-ferretdb 0.4.0 def2eb0f
+ferretdb 0.4.0 HEAD
 ferretdb 0.4.1 HEAD
 http-cache 0.1.0 a956713
 http-cache 0.2.0 5ca8823
 http-cache 0.3.0 fab5940
@@ -35,8 +34,7 @@ kubernetes 0.9.0 9b6dd19
 kubernetes 0.10.0 ac5c38b
 kubernetes 0.11.0 4eaca42
 kubernetes 0.11.1 4f430a90
-kubernetes 0.12.0 74649f8
+kubernetes 0.12.0 HEAD
 kubernetes 0.12.1 HEAD
 mysql 0.1.0 f642698
 mysql 0.2.0 8b975ff0
 mysql 0.3.0 5ca8823
@@ -54,8 +52,7 @@ postgres 0.4.1 5ca8823
 postgres 0.5.0 c07c4bbd
 postgres 0.6.0 2a4768a
 postgres 0.6.2 54fd61c
-postgres 0.7.0 dc9d8bb
+postgres 0.7.0 HEAD
 postgres 0.7.1 HEAD
 rabbitmq 0.1.0 f642698
 rabbitmq 0.2.0 5ca8823
 rabbitmq 0.3.0 9e33dc0
--- a/packages/core/installer/Makefile
+++ b/packages/core/installer/Makefile
@@ -5,9 +5,6 @@ TALOS_VERSION=$(shell awk '/^version:/ {print $$2}' images/talos/profiles/instal
 include ../../../scripts/common-envs.mk
 pre-checks:
 	../../../hack/pre-checks.sh
 show:
 	helm template -n $(NAMESPACE) $(NAME) .
@@ -20,7 +17,7 @@ diff:
 update:
 	hack/gen-profiles.sh
-image: pre-checks image-cozystack image-talos image-matchbox
+image: image-cozystack image-talos image-matchbox
 image-cozystack:
 	make -C ../../.. repos
--- a/packages/core/installer/values.yaml
+++ b/packages/core/installer/values.yaml
@@ -1,2 +1,2 @@
 cozystack:
-  image: ghcr.io/aenix-io/cozystack/cozystack:v0.16.5@sha256:5bd08ec86b8392d31a1df7cb496d7c861142771c323c302729f7728da9b49ae2
+  image: ghcr.io/aenix-io/cozystack/cozystack:v0.16.4@sha256:e2de79d1dd00a95a6876f6e4daf281eb27e8cc9d57fa2e9ea137192b544d38a7
--- a/packages/core/testing/values.yaml
+++ b/packages/core/testing/values.yaml
@@ -1,2 +1,2 @@
 e2e:
-  image: ghcr.io/aenix-io/cozystack/e2e-sandbox:v0.16.5@sha256:25b298d621ec79431d106184d59849bbae634588742583d111628126ad8615c5
+  image: ghcr.io/aenix-io/cozystack/e2e-sandbox:v0.16.4@sha256:25b298d621ec79431d106184d59849bbae634588742583d111628126ad8615c5
--- a/packages/system/bucket/templates/ingress.yaml
+++ b/packages/system/bucket/templates/ingress.yaml
@@ -1,7 +1,6 @@
 {{- $myNS := lookup "v1" "Namespace" "" .Release.Namespace }}
 {{- $host := index $myNS.metadata.annotations "namespace.cozystack.io/host" }}
 {{- $ingress := index $myNS.metadata.annotations "namespace.cozystack.io/ingress" }}
 {{- $issuerType := (index $cozyConfig.data "clusterissuer") | default "http01" }}
 apiVersion: networking.k8s.io/v1
 kind: Ingress
@@ -14,16 +13,8 @@ metadata:
    nginx.ingress.kubernetes.io/proxy-body-size: "0"
    nginx.ingress.kubernetes.io/proxy-read-timeout: "99999"
    nginx.ingress.kubernetes.io/proxy-send-timeout: "99999"
    {{- if ne $issuerType "cloudflare" }}
    acme.cert-manager.io/http01-ingress-class: {{ $ingress }}
    {{- end }}
    cert-manager.io/cluster-issuer: letsencrypt-prod
 spec:
  ingressClassName: {{ $ingress }}
  tls:
    - hosts:
        - "{{ .Values.bucketName }}.{{ $host }}"
      secretName: {{ .Values.bucketName }}-ui-tls
  rules:
  - host: {{ .Values.bucketName }}.{{ $host }}
    http:
--- a/packages/system/dashboard/values.yaml
+++ b/packages/system/dashboard/values.yaml
@@ -33,11 +33,11 @@ kubeapps:
    image:
      registry: ghcr.io/aenix-io/cozystack
      repository: dashboard
-      tag: v0.16.5
+      tag: v0.16.4
      digest: "sha256:4818712e9fc9c57cc321512760c3226af564a04e69d4b3ec9229ab91fd39abeb"
  kubeappsapis:
    image:
      registry: ghcr.io/aenix-io/cozystack
      repository: kubeapps-apis
-      tag: v0.16.5
+      tag: v0.16.4
-      digest: "sha256:126bb6955ff142e7e00e712c037f3e97bd39b360641fba0b8ca8bc083d5e8224"
+      digest: "sha256:55bc8e2495933112c7cb4bb9e3b1fcb8df46aa14e27fa007f78388a9757e3238"
--- a/packages/system/kamaji/values.yaml
+++ b/packages/system/kamaji/values.yaml
@@ -3,7 +3,7 @@ kamaji:
    deploy: false
  image:
    pullPolicy: IfNotPresent
-    tag: v0.16.5@sha256:95a9658cbbe1cbfbc42b9ab1df4f2a39342d7a8f1ff10a10b81b8656f3744c39
+    tag: v0.16.4@sha256:95a9658cbbe1cbfbc42b9ab1df4f2a39342d7a8f1ff10a10b81b8656f3744c39
    repository: ghcr.io/aenix-io/cozystack/kamaji
  resources:
    limits:
--- a/packages/system/kubeovn/values.yaml
+++ b/packages/system/kubeovn/values.yaml
@@ -22,4 +22,4 @@ global:
  images:
    kubeovn:
      repository: kubeovn
-      tag: v1.13.0@sha256:ba4e98866295db13d88b10984c230e1cb0db86782767c5b9aff452865cdd1012
+      tag: v1.13.0@sha256:d13ac4f916cd88d33d1d64c949978165272998d6594441a9dd4be5e6892caf4e
--- a/packages/system/kubevirt-cdi/templates/cdi-cr.yaml
+++ b/packages/system/kubevirt-cdi/templates/cdi-cr.yaml
@@ -4,6 +4,7 @@ metadata:
  name: cdi
 spec:
  config:
    scratchSpaceStorageClass: "local"
    featureGates:
    - HonorWaitForFirstConsumer
    - ExpandDisks
`@@ -1 +1 @@`
	`ghcr.io/aenix-io/cozystack/cluster-autoscaler:0.12.1@sha256:7f617de5a24de790a15d9e97c6287ff2b390922e6e74c7a665cbf498f634514d`	`ghcr.io/aenix-io/cozystack/cluster-autoscaler:0.12.0@sha256:7f617de5a24de790a15d9e97c6287ff2b390922e6e74c7a665cbf498f634514d`
		`@@ -1 +1 @@`
			`ghcr.io/aenix-io/cozystack/kubevirt-cloud-provider:0.12.1@sha256:ca606d6039ed43a48d4dfd98a91fd3cec120f08c1e221cd4e99ea94239389742`				`ghcr.io/aenix-io/cozystack/kubevirt-cloud-provider:0.12.0@sha256:df4a937b6fb2b345110174227170691d48189ffe1900c3f848cd5085990a58df`
`@@ -1 +1 @@`
	`ghcr.io/aenix-io/cozystack/kubevirt-csi-driver:0.12.1@sha256:86029548078960feecca116087b2135230d676b83c503f292eb50e1199be2790`	`ghcr.io/aenix-io/cozystack/kubevirt-csi-driver:0.12.0@sha256:86029548078960feecca116087b2135230d676b83c503f292eb50e1199be2790`
`@@ -1,2 +1,2 @@`
	`cozystack:`	`cozystack:`
	`image: ghcr.io/aenix-io/cozystack/cozystack:v0.16.5@sha256:5bd08ec86b8392d31a1df7cb496d7c861142771c323c302729f7728da9b49ae2`	`image: ghcr.io/aenix-io/cozystack/cozystack:v0.16.4@sha256:e2de79d1dd00a95a6876f6e4daf281eb27e8cc9d57fa2e9ea137192b544d38a7`
`@@ -1,2 +1,2 @@`
	`e2e:`	`e2e:`
	`image: ghcr.io/aenix-io/cozystack/e2e-sandbox:v0.16.5@sha256:25b298d621ec79431d106184d59849bbae634588742583d111628126ad8615c5`	`image: ghcr.io/aenix-io/cozystack/e2e-sandbox:v0.16.4@sha256:25b298d621ec79431d106184d59849bbae634588742583d111628126ad8615c5`