fix: clickhouse-operator watch namespaces

Signed-off-by: Andrei Kvapil <kvapss@gmail.com>

hack/gen_versions_map.sh

@@ -20,28 +20,9 @@ miss_map=$(echo "$new_map" | awk 'NR==FNR { new_map[$1 " " $2] = $3; next } { if
 resolved_miss_map=$(
   echo "$miss_map" | while read chart version commit; do
     if [ "$commit" = HEAD ]; then
-      line=$(awk '/^version:/ {print NR; exit}' "./$chart/Chart.yaml")
+      line=$(git show HEAD:"./$chart/Chart.yaml" | awk '/^version:/ {print NR; exit}')
-      change_commit=$(git --no-pager blame -L"$line",+1 -- "$chart/Chart.yaml" | awk '{print $1}')
+      change_commit=$(git --no-pager blame -L"$line",+1 HEAD -- "$chart/Chart.yaml" | awk '{print $1}')
-       
+      commit=$(git describe --always "$change_commit~1")
-      if [ "$change_commit" = "00000000" ]; then
-        # Not commited yet, use previus commit
-        line=$(git show HEAD:"./$chart/Chart.yaml" | awk '/^version:/ {print NR; exit}')
-        commit=$(git --no-pager blame -L"$line",+1 HEAD -- "$chart/Chart.yaml" | awk '{print $1}')
-        if [ $(echo $commit | cut -c1) = "^" ]; then
-          # Previus commit not exists
-          commit=$(echo $commit | cut -c2-)
-        fi
-      else
-        # Commited, but version_map wasn't updated
-        line=$(git show HEAD:"./$chart/Chart.yaml" | awk '/^version:/ {print NR; exit}')
-        change_commit=$(git --no-pager blame -L"$line",+1 HEAD -- "$chart/Chart.yaml" | awk '{print $1}')
-        if [ $(echo $change_commit | cut -c1) = "^" ]; then
-          # Previus commit not exists
-          commit=$(echo $change_commit | cut -c2-)
-        else
-          commit=$(git describe --always "$change_commit~1")
-        fi
-      fi
     fi
     echo "$chart $version $commit"
   done

hack/prepare_release.sh

@@ -0,0 +1,25 @@
+#!/bin/sh
+set -e
+
+if [ -e $1 ]; then
+  echo "Please pass version in the first argument"
+  echo "Example: $0 0.2.0"
+  exit 1
+fi
+
+version=$1
+talos_version=$(awk '/^version:/ {print $2}' packages/core/installer/images/talos/profiles/installer.yaml)
+
+set -x
+
+sed -i "/^TAG / s|=.*|= v${version}|" \
+  packages/apps/http-cache/Makefile \
+  packages/apps/kubernetes/Makefile \
+  packages/core/installer/Makefile \
+  packages/system/dashboard/Makefile
+
+sed -i "/^VERSION / s|=.*|= ${version}|" \
+  packages/core/Makefile \
+  packages/system/Makefile
+make -C packages/core fix-chartnames
+make -C packages/system fix-chartnames

manifests/cozystack-installer.yaml

@@ -15,6 +15,13 @@ metadata:
   namespace: cozy-system
 ---
 # Source: cozy-installer/templates/cozystack.yaml
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+  name: cozystack
+  namespace: cozy-system
+---
+# Source: cozy-installer/templates/cozystack.yaml
 apiVersion: rbac.authorization.k8s.io/v1
 kind: ClusterRoleBinding
 metadata:
@@ -63,7 +70,7 @@ spec:
       serviceAccountName: cozystack
       containers:
       - name: cozystack
-        image: "ghcr.io/aenix-io/cozystack/cozystack:v0.4.0"
+        image: "ghcr.io/aenix-io/cozystack/cozystack:v0.2.0"
         env:
         - name: KUBERNETES_SERVICE_HOST
           value: localhost
@@ -82,7 +89,7 @@ spec:
             fieldRef:
               fieldPath: metadata.name
       - name: darkhttpd
-        image: "ghcr.io/aenix-io/cozystack/cozystack:v0.4.0"
+        image: "ghcr.io/aenix-io/cozystack/cozystack:v0.2.0"
         command:
         - /usr/bin/darkhttpd
         - /cozystack/assets

packages/apps/Makefile

@@ -7,7 +7,7 @@ repo:
 	awk '$$3 != "HEAD" {print "mkdir -p $(TMP)/" $$1 "-" $$2}' versions_map | sh -ex
 	awk '$$3 != "HEAD" {print "git archive " $$3 " " $$1 " | tar -xf- --strip-components=1 -C $(TMP)/" $$1 "-" $$2 }' versions_map | sh -ex
 	helm package -d "$(OUT)" $$(find . $(TMP) -mindepth 2 -maxdepth 2 -name Chart.yaml | awk 'sub("/Chart.yaml", "")' | sort -V)
-	cd "$(OUT)" && helm repo index . --url http://cozystack.cozy-system.svc/repos/apps
+	cd "$(OUT)" && helm repo index .
 	rm -rf "$(TMP)"
 
 fix-chartnames:

packages/apps/clickhouse/Chart.yaml

@@ -16,10 +16,10 @@ type: application
 # This is the chart version. This version number should be incremented each time you make changes
 # to the chart and its templates, including the app version.
 # Versions are expected to follow Semantic Versioning (https://semver.org/)
-version: 0.2.0
+version: 0.1.0
 
 # This is the version number of the application being deployed. This version number should be
 # incremented each time you make changes to the application. Versions are not expected to
 # follow Semantic Versioning. They should reflect the version the application is using.
 # It is recommended to use it with quotes.
-appVersion: "24.3.0"
+appVersion: "1.16.0"

packages/apps/clickhouse/templates/clickhouse.yaml

@@ -3,27 +3,16 @@ kind: "ClickHouseInstallation"
 metadata:
   name: "{{ .Release.Name }}"
 spec:
-  {{- with .Values.size }}
   defaults:
     templates:
       dataVolumeClaimTemplate: data-volume-template
-  {{- end }}
+      logVolumeClaimTemplate: log-volume-template
   configuration:
-    {{- with .Values.users }}
-    users:
-      {{- range $name, $u := . }}
-      {{ $name }}/password_sha256_hex: {{ sha256sum $u.password }}
-      {{ $name }}/profile: {{ ternary "readonly" "default" (index $u "readonly" | default false) }}
-      {{- end }}
-    {{- end }}
-    profiles:
-      readonly/readonly: "1"
     clusters:
       - name: "clickhouse"
         layout:
-          shardsCount: {{ .Values.shards }}
+          shardsCount: 1
-          replicasCount: {{ .Values.replicas }}
+          replicasCount: 2
-  {{- with .Values.size }}
   templates:
     volumeClaimTemplates:
       - name: data-volume-template
@@ -32,5 +21,11 @@ spec:
             - ReadWriteOnce
           resources:
             requests:
-              storage: {{ . }}
+              storage: {{ .Values.data.size }}
-  {{- end }}
+      - name: log-volume-template
+        spec:
+          accessModes:
+            - ReadWriteOnce
+          resources:
+            requests:
+              storage: {{ .Values.log.size }}

packages/apps/clickhouse/values.yaml

@@ -1,10 +1,4 @@
-size: 10Gi
+data:
-shards: 1
+  size: 10Gi
-replicas: 2
+log:
-
+  size: 1Gi
-users:
-  user1:
-    password: strongpassword
-  user2:
-    readonly: true
-    password: hackme

packages/apps/http-cache/Chart.yaml

@@ -16,10 +16,10 @@ type: application
 # This is the chart version. This version number should be incremented each time you make changes
 # to the chart and its templates, including the app version.
 # Versions are expected to follow Semantic Versioning (https://semver.org/)
-version: 0.2.0
+version: 0.1.0
 
 # This is the version number of the application being deployed. This version number should be
 # incremented each time you make changes to the application. Versions are not expected to
 # follow Semantic Versioning. They should reflect the version the application is using.
 # It is recommended to use it with quotes.
-appVersion: "1.25.3"
+appVersion: "1.16.0"

packages/apps/http-cache/Makefile

@@ -1,20 +1,22 @@
+PUSH := 1
+LOAD := 0
+REGISTRY := ghcr.io/aenix-io/cozystack
 NGINX_CACHE_TAG = v0.1.0
-
+TAG := v0.2.0
-include ../../../scripts/common-envs.mk
 
 image: image-nginx
 
 image-nginx:
 	docker buildx build --platform linux/amd64 --build-arg ARCH=amd64 images/nginx-cache \
 		--provenance false \
-		--tag $(REGISTRY)/nginx-cache:$(call settag,$(NGINX_CACHE_TAG)) \
+		--tag $(REGISTRY)/nginx-cache:$(NGINX_CACHE_TAG) \
-		--tag $(REGISTRY)/nginx-cache:$(call settag,$(NGINX_CACHE_TAG)-$(TAG)) \
+		--tag $(REGISTRY)/nginx-cache:$(NGINX_CACHE_TAG)-$(TAG) \
-		--cache-from type=registry,ref=$(REGISTRY)/nginx-cache:latest \
+		--cache-from type=registry,ref=$(REGISTRY)/nginx-cache:$(NGINX_CACHE_TAG) \
 		--cache-to type=inline \
 		--metadata-file images/nginx-cache.json \
 		--push=$(PUSH) \
 		--load=$(LOAD)
-	echo "$(REGISTRY)/nginx-cache:$(call settag,$(NGINX_CACHE_TAG))" > images/nginx-cache.tag
+	echo "$(REGISTRY)/nginx-cache:$(NGINX_CACHE_TAG)" > images/nginx-cache.tag
 
 update:
 	tag=$$(git ls-remote --tags --sort="v:refname" https://github.com/chrislim2888/IP2Location-C-Library | awk -F'[/^]' 'END{print $$3}') && \

packages/apps/http-cache/images/nginx-cache.json

@@ -1,4 +1,4 @@
 {
-  "containerimage.config.digest": "sha256:9eb68d2d503d7e22afc6fde2635f566fd3456bbdb3caad5dc9f887be1dc2b8ab",
+  "containerimage.config.digest": "sha256:0487fc50bb5f870720b05e947185424a400fad38b682af8f1ca4b418ed3c5b4b",
-  "containerimage.digest": "sha256:1f44274dbc2c3be2a98e6cef83d68a041ae9ef31abb8ab069a525a2a92702bdd"
+  "containerimage.digest": "sha256:be12f3834be0e2f129685f682fab83c871610985fc43668ce6a294c9de603798"
 }

packages/apps/http-cache/templates/haproxy/configmap.yaml

@@ -74,7 +74,7 @@ data:
         option redispatch 1
         default-server observe layer7 error-limit 10 on-error mark-down
 
-        {{- range $i, $e := until (int $.Values.nginx.replicas) }}
+        {{- range $i, $e := until (int $.Values.replicas) }}
         server cache{{ $i }} {{ $.Release.Name }}-nginx-cache-{{ $i }}:80 check
         {{- end }}
         {{- range $i, $e := $.Values.endpoints }} 

packages/apps/http-cache/templates/haproxy/deployment.yaml

@@ -7,7 +7,7 @@ metadata:
     app.kubernetes.io/instance: {{ .Release.Name }}
     app.kubernetes.io/managed-by: {{ .Release.Service }}
 spec:
-  replicas: {{ .Values.haproxy.replicas }}
+  replicas: 2
   selector:
     matchLabels:
       app: {{ .Release.Name }}-haproxy

packages/apps/http-cache/templates/nginx/deployment.yaml

@@ -11,7 +11,7 @@ spec:
   selector:
     matchLabels:
       app: {{ $.Release.Name }}-nginx-cache
-{{- range $i := until (int $.Values.nginx.replicas) }}
+{{- range $i := until 3 }}
 ---
 apiVersion: apps/v1
 kind: Deployment

packages/apps/http-cache/values.yaml

@@ -1,10 +1,4 @@
 external: false
-
-haproxy:
-  replicas: 2
-nginx:
-  replicas: 2
-
 size: 10Gi
 endpoints:
   - 10.100.3.1:80

packages/apps/kafka/Chart.yaml

@@ -1,25 +0,0 @@
-apiVersion: v2
-name: kafka
-description: Managed Kafka service
-icon: https://upload.wikimedia.org/wikipedia/commons/0/05/Apache_kafka.svg
-
-# A chart can be either an 'application' or a 'library' chart.
-#
-# Application charts are a collection of templates that can be packaged into versioned archives
-# to be deployed.
-#
-# Library charts provide useful utilities or functions for the chart developer. They're included as
-# a dependency of application charts to inject those utilities and functions into the rendering
-# pipeline. Library charts do not define any templates and therefore cannot be deployed.
-type: application
-
-# This is the chart version. This version number should be incremented each time you make changes
-# to the chart and its templates, including the app version.
-# Versions are expected to follow Semantic Versioning (https://semver.org/)
-version: 0.1.0
-
-# This is the version number of the application being deployed. This version number should be
-# incremented each time you make changes to the application. Versions are not expected to
-# follow Semantic Versioning. They should reflect the version the application is using.
-# It is recommended to use it with quotes.
-appVersion: "3.7.0"

packages/apps/kafka/templates/kafka.yaml

@@ -1,53 +0,0 @@
-apiVersion: kafka.strimzi.io/v1beta2
-kind: Kafka
-metadata:
-  name: {{ .Release.Name }}
-  labels:
-    app.kubernetes.io/instance: {{ .Release.Name }}
-    app.kubernetes.io/managed-by: {{ .Release.Service }}
-spec:
-  kafka:
-    replicas: {{ .Values.replicas }}
-    listeners:
-      - name: plain
-        port: 9092
-        type: internal
-        tls: false
-      - name: tls
-        port: 9093
-        type: internal
-        tls: true
-      - name: external
-        port: 9094
-        {{- if .Values.external }}
-        type: loadbalancer
-        {{- else }}
-        type: internal
-        {{- end }}
-        tls: false
-    config:
-      offsets.topic.replication.factor: 3
-      transaction.state.log.replication.factor: 3
-      transaction.state.log.min.isr: 2
-      default.replication.factor: 3
-      min.insync.replicas: 2
-    storage:
-      type: jbod
-      volumes:
-      - id: 0
-        type: persistent-claim
-        {{- with .Values.kafka.size }}
-        size: {{ . }}
-        {{- end }}
-        deleteClaim: true
-  zookeeper:
-    replicas: {{ .Values.replicas }}
-    storage:
-      type: persistent-claim
-      {{- with .Values.zookeeper.size }}
-      size: {{ . }}
-      {{- end }}
-      deleteClaim: false
-  entityOperator:
-    topicOperator: {}
-    userOperator: {}

packages/apps/kafka/templates/topics.yaml

@@ -1,17 +0,0 @@
-{{- range $topic := .Values.topics }}
----
-apiVersion: kafka.strimzi.io/v1beta2
-kind: KafkaTopic
-metadata:
-  name: "{{ $.Release.Name }}-{{ kebabcase $topic.name }}"
-  labels:
-    strimzi.io/cluster: "{{ $.Release.Name }}"
-spec:
-  topicName: "{{ $topic.name }}"
-  partitions: 10
-  replicas: 3
-  {{- with $topic.config }}
-  config:
-    {{- toYaml . | nindent 4 }}
-  {{- end }}
-{{- end }}

packages/apps/kafka/values.yaml

@@ -1,22 +0,0 @@
-external: false
-kafka:
-  size: 10Gi
-  replicas: 3
-zookeeper:
-  size: 5Gi
-  replicas: 3
-
-topics:
-  - name: Results
-    partitions: 1
-    replicas: 3
-    config:
-      min.insync.replicas: 2
-  - name: Orders
-    config:
-      cleanup.policy: compact
-      segment.ms: 3600000
-      max.compaction.lag.ms: 5400000
-      min.insync.replicas: 2
-    partitions: 1
-    replicationFactor: 3

packages/apps/kubernetes/Chart.yaml

@@ -16,10 +16,10 @@ type: application
 # This is the chart version. This version number should be incremented each time you make changes
 # to the chart and its templates, including the app version.
 # Versions are expected to follow Semantic Versioning (https://semver.org/)
-version: 0.2.0
+version: 0.1.0
 
 # This is the version number of the application being deployed. This version number should be
 # incremented each time you make changes to the application. Versions are not expected to
 # follow Semantic Versioning. They should reflect the version the application is using.
 # It is recommended to use it with quotes.
-appVersion: "1.19.0"
+appVersion: "1.16.0"

packages/apps/kubernetes/Makefile

@@ -1,17 +1,19 @@
+PUSH := 1
+LOAD := 0
+REGISTRY := ghcr.io/aenix-io/cozystack
+TAG := v0.2.0
 UBUNTU_CONTAINER_DISK_TAG = v1.29.1
 
-include ../../../scripts/common-envs.mk
-
 image: image-ubuntu-container-disk
 
 image-ubuntu-container-disk:
 	docker buildx build --platform linux/amd64 --build-arg ARCH=amd64 images/ubuntu-container-disk \
 		--provenance false \
-		--tag $(REGISTRY)/ubuntu-container-disk:$(call settag,$(UBUNTU_CONTAINER_DISK_TAG)) \
+		--tag $(REGISTRY)/ubuntu-container-disk:$(UBUNTU_CONTAINER_DISK_TAG) \
-		--tag $(REGISTRY)/ubuntu-container-disk:$(call settag,$(UBUNTU_CONTAINER_DISK_TAG)-$(TAG)) \
+		--tag $(REGISTRY)/ubuntu-container-disk:$(UBUNTU_CONTAINER_DISK_TAG)-$(TAG) \
-		--cache-from type=registry,ref=$(REGISTRY)/ubuntu-container-disk:latest \
+		--cache-from type=registry,ref=$(REGISTRY)/ubuntu-container-disk:$(UBUNTU_CONTAINER_DISK_TAG) \
 		--cache-to type=inline \
 		--metadata-file images/ubuntu-container-disk.json \
 		--push=$(PUSH) \
 		--load=$(LOAD)
-	echo "$(REGISTRY)/ubuntu-container-disk:$(call settag,$(UBUNTU_CONTAINER_DISK_TAG))" > images/ubuntu-container-disk.tag
+	echo "$(REGISTRY)/ubuntu-container-disk:$(UBUNTU_CONTAINER_DISK_TAG)" > images/ubuntu-container-disk.tag

packages/apps/kubernetes/images/ubuntu-container-disk.json

@@ -1,4 +1,4 @@
 {
-  "containerimage.config.digest": "sha256:a7e8e6e35ac07bcf6253c9cfcf21fd3c315bd0653ad0427dd5f0cae95ffd3722",
+  "containerimage.config.digest": "sha256:43d0bfd01c5e364ba961f1e3dc2c7ccd7fd4ca65bd26bc8c4a5298d7ff2c9f4f",
-  "containerimage.digest": "sha256:c03bffeeb70fe7dd680d2eca3021d2405fbcd9961dd38437f5673560c31c72cc"
+  "containerimage.digest": "sha256:908b3c186bee86f1c9476317eb6582d07f19776b291aa068e5642f8fd08fa9e7"
 }

packages/apps/kubernetes/templates/cluster-autoscaler/deployment.yaml

@@ -15,12 +15,6 @@ spec:
       labels:
         app: {{ .Release.Name }}-cluster-autoscaler
     spec:
-      tolerations:
-        - key: CriticalAddonsOnly
-          operator: Exists
-        - key: node-role.kubernetes.io/control-plane
-          operator: Exists
-          effect: "NoSchedule"
       containers:
       - image: ghcr.io/kvaps/test:cluster-autoscaller
         name: cluster-autoscaler

packages/apps/kubernetes/templates/cluster.yaml

@@ -64,13 +64,12 @@ metadata:
     cluster.x-k8s.io/managed-by: kamaji
   name: {{ .Release.Name }}
   namespace: {{ .Release.Namespace }}
-{{- range $groupName, $group := .Values.nodeGroups }}
 ---
 apiVersion: bootstrap.cluster.x-k8s.io/v1beta1
 kind: KubeadmConfigTemplate
 metadata:
-  name: {{ $.Release.Name }}-{{ $groupName }}
+  name: {{ .Release.Name }}-md-0
-  namespace: {{ $.Release.Namespace }}
+  namespace: {{ .Release.Namespace }}
 spec:
   template:
     spec:
@@ -79,7 +78,7 @@ spec:
           kubeletExtraArgs: {}
         discovery:
           bootstrapToken:
-            apiServerEndpoint: {{ $.Release.Name }}.{{ $.Release.Namespace }}.svc:6443
+            apiServerEndpoint: {{ .Release.Name }}.{{ .Release.Namespace }}.svc:6443
       initConfiguration:
         skipPhases:
         - addon/kube-proxy
@@ -87,8 +86,8 @@ spec:
 apiVersion: infrastructure.cluster.x-k8s.io/v1alpha1
 kind: KubevirtMachineTemplate
 metadata:
-  name: {{ $.Release.Name }}-{{ $groupName }}
+  name: {{ .Release.Name }}-md-0
-  namespace: {{ $.Release.Namespace }}
+  namespace: {{ .Release.Namespace }}
 spec:
   template:
     spec:
@@ -96,7 +95,7 @@ spec:
         checkStrategy: ssh
       virtualMachineTemplate:
         metadata:
-          namespace: {{ $.Release.Namespace }}
+          namespace: {{ .Release.Namespace }}
         spec:
           runStrategy: Always
           template:
@@ -104,7 +103,7 @@ spec:
               domain:
                 cpu:
                   threads: 1
-                  cores: {{ $group.resources.cpu }}
+                  cores: 2
                   sockets: 1
                 devices:
                   disks:
@@ -113,7 +112,7 @@ spec:
                     name: containervolume
                   networkInterfaceMultiqueue: true
                 memory:
-                  guest: {{ $group.resources.memory }}
+                  guest: 1024Mi
               evictionStrategy: External
               volumes:
               - containerDisk:
@@ -123,28 +122,29 @@ spec:
 apiVersion: cluster.x-k8s.io/v1beta1
 kind: MachineDeployment
 metadata:
-  name: {{ $.Release.Name }}-{{ $groupName }}
+  name: {{ .Release.Name }}-md-0
-  namespace: {{ $.Release.Namespace }}
+  namespace: {{ .Release.Namespace }}
   annotations:
-    cluster.x-k8s.io/cluster-api-autoscaler-node-group-min-size: "{{ $group.minReplicas }}"
+    cluster.x-k8s.io/cluster-api-autoscaler-node-group-max-size: "2"
-    cluster.x-k8s.io/cluster-api-autoscaler-node-group-max-size: "{{ $group.maxReplicas }}"
+    cluster.x-k8s.io/cluster-api-autoscaler-node-group-min-size: "0"
-    capacity.cluster-autoscaler.kubernetes.io/memory: "{{ $group.resources.memory }}"
+    capacity.cluster-autoscaler.kubernetes.io/memory: "1024Mi"
-    capacity.cluster-autoscaler.kubernetes.io/cpu: "{{ $group.resources.cpu }}"
+    capacity.cluster-autoscaler.kubernetes.io/cpu: "2"
 spec:
-  clusterName: {{ $.Release.Name }}
+  clusterName: {{ .Release.Name }}
+  selector:
+    matchLabels: null
   template:
     spec:
       bootstrap:
         configRef:
           apiVersion: bootstrap.cluster.x-k8s.io/v1beta1
           kind: KubeadmConfigTemplate
-          name: {{ $.Release.Name }}-{{ $groupName }}
+          name: {{ .Release.Name }}-md-0
           namespace: default
-      clusterName: {{ $.Release.Name }}
+      clusterName: {{ .Release.Name }}
       infrastructureRef:
         apiVersion: infrastructure.cluster.x-k8s.io/v1alpha1
         kind: KubevirtMachineTemplate
-        name: {{ $.Release.Name }}-{{ $groupName }}
+        name: {{ .Release.Name }}-md-0
         namespace: default
-      version: v1.29.0
+      version: v1.23.10
-{{- end }}

packages/apps/kubernetes/templates/csi/deploy.yaml

@@ -16,10 +16,12 @@ spec:
     spec:
       serviceAccountName: {{ .Release.Name }}-kcsi
       priorityClassName: system-cluster-critical
+      nodeSelector:
+        node-role.kubernetes.io/control-plane: ""
       tolerations:
         - key: CriticalAddonsOnly
           operator: Exists
-        - key: node-role.kubernetes.io/control-plane
+        - key: node-role.kubernetes.io/master
           operator: Exists
           effect: "NoSchedule"
       containers:

packages/apps/kubernetes/templates/helmreleases/delete.yaml

@@ -12,12 +12,6 @@ spec:
     spec:
       serviceAccountName: {{ .Release.Name }}-flux-teardown
       restartPolicy: Never
-      tolerations:
-        - key: CriticalAddonsOnly
-          operator: Exists
-        - key: node-role.kubernetes.io/control-plane
-          operator: Exists
-          effect: "NoSchedule"
       containers:
         - name: kubectl
           image: docker.io/clastix/kubectl:v1.29.1

packages/apps/kubernetes/templates/kccm/manager.yaml

@@ -14,12 +14,6 @@ spec:
       labels:
         k8s-app: {{ .Release.Name }}-kccm
     spec:
-      tolerations:
-        - key: CriticalAddonsOnly
-          operator: Exists
-        - key: node-role.kubernetes.io/control-plane
-          operator: Exists
-          effect: "NoSchedule"
       containers:
       - name: kubevirt-cloud-controller-manager
         args:
@@ -50,4 +44,6 @@ spec:
       - secret:
           secretName: {{ .Release.Name }}-admin-kubeconfig
         name: kubeconfig
+      tolerations:
+      - operator: Exists
       serviceAccountName: {{ .Release.Name }}-kccm

packages/apps/kubernetes/values.schema.json

@@ -0,0 +1,11 @@
+{
+  "$schema": "http://json-schema.org/schema#",
+  "type": "object",
+  "properties": {
+    "host": {
+      "type": "string",
+      "title": "Domain name for this kubernetes cluster",
+      "description": "This host will be used for all apps deployed in this tenant"
+    }
+  }
+}

packages/apps/kubernetes/values.yaml

@@ -1,10 +1 @@
 host: ""
-controlPlane:
-  replicas: 2
-nodeGroups:
-  md0:
-    minReplicas: 0
-    maxReplicas: 10
-    resources:
-      cpu: 2
-      memory: 1024Mi

packages/apps/mysql/Chart.yaml

@@ -16,10 +16,10 @@ type: application
 # This is the chart version. This version number should be incremented each time you make changes
 # to the chart and its templates, including the app version.
 # Versions are expected to follow Semantic Versioning (https://semver.org/)
-version: 0.3.0
+version: 0.2.0
 
 # This is the version number of the application being deployed. This version number should be
 # incremented each time you make changes to the application. Versions are not expected to
 # follow Semantic Versioning. They should reflect the version the application is using.
 # It is recommended to use it with quotes.
-appVersion: "11.0.2"
+appVersion: "1.16.0"

packages/apps/mysql/templates/mariadb.yaml

@@ -12,7 +12,7 @@ spec:
 
   port: 3306
 
-  replicas: {{ .Values.replicas }}
+  replicas: 2
   affinity:
     podAntiAffinity:
       requiredDuringSchedulingIgnoredDuringExecution:
@@ -28,13 +28,11 @@ spec:
             - {{ .Release.Name }}
         topologyKey: "kubernetes.io/hostname"
 
-  {{- if gt (int .Values.replicas) 1 }}
   replication:
     enabled: true
     #primary:
     #  podIndex: 0
     #  automaticFailover: true
-  {{- end }}
 
   metrics:
     enabled: true

packages/apps/mysql/values.yaml

@@ -1,8 +1,6 @@
 external: false
 size: 10Gi
 
-replicas: 2
-
 users:
   root:
     password: strongpassword

packages/apps/postgres/Chart.yaml

@@ -16,10 +16,10 @@ type: application
 # This is the chart version. This version number should be incremented each time you make changes
 # to the chart and its templates, including the app version.
 # Versions are expected to follow Semantic Versioning (https://semver.org/)
-version: 0.2.0
+version: 0.1.0
 
 # This is the version number of the application being deployed. This version number should be
 # incremented each time you make changes to the application. Versions are not expected to
 # follow Semantic Versioning. They should reflect the version the application is using.
 # It is recommended to use it with quotes.
-appVersion: "16.2"
+appVersion: "1.16.0"

packages/apps/postgres/templates/db.yaml

@@ -4,7 +4,7 @@ kind: Cluster
 metadata:
   name: {{ .Release.Name }}
 spec:
-  instances: {{ .Values.replicas }}
+  instances: 2
   enableSuperuserAccess: true
 
   postgresql:

packages/apps/postgres/values.yaml

@@ -1,6 +1,5 @@
 external: false
 size: 10Gi
-replicas: 2
 
 users:
   user1:

packages/apps/rabbitmq/Chart.yaml

@@ -16,10 +16,10 @@ type: application
 # This is the chart version. This version number should be incremented each time you make changes
 # to the chart and its templates, including the app version.
 # Versions are expected to follow Semantic Versioning (https://semver.org/)
-version: 0.2.0
+version: 0.1.0
 
 # This is the version number of the application being deployed. This version number should be
 # incremented each time you make changes to the application. Versions are not expected to
 # follow Semantic Versioning. They should reflect the version the application is using.
 # It is recommended to use it with quotes.
-appVersion: "3.12.2"
+appVersion: "1.16.0"

packages/apps/rabbitmq/templates/rabbitmq.yaml

@@ -6,7 +6,7 @@ metadata:
     app.kubernetes.io/instance: {{ .Release.Name }}
     app.kubernetes.io/managed-by: {{ .Release.Service }}
 spec:
-  replicas: {{ .Values.replicas }}
+  replicas: 3
   {{- if .Values.external }}
   service:
     type: LoadBalancer

packages/apps/rabbitmq/values.schema.json

@@ -5,10 +5,6 @@
     "external": {
       "type": "boolean",
       "title": "Enable external Access"
-    },
-    "replicas": {
-      "type": "integer",
-      "title": "Replicas"
     }
   }
 }

packages/apps/rabbitmq/values.yaml

@@ -1,2 +1 @@
-replicas: 3
 external: false

packages/apps/redis/Chart.yaml

@@ -16,10 +16,10 @@ type: application
 # This is the chart version. This version number should be incremented each time you make changes
 # to the chart and its templates, including the app version.
 # Versions are expected to follow Semantic Versioning (https://semver.org/)
-version: 0.2.0
+version: 0.1.1
 
 # This is the version number of the application being deployed. This version number should be
 # incremented each time you make changes to the application. Versions are not expected to
 # follow Semantic Versioning. They should reflect the version the application is using.
 # It is recommended to use it with quotes.
-appVersion: "6.2.6"
+appVersion: "1.16.0"

packages/apps/redis/templates/redisfailover.yaml

@@ -14,7 +14,7 @@ spec:
       limits:
         memory: 100Mi
   redis:
-    replicas: {{ .Values.replicas }}
+    replicas: 3
     resources:
       requests:
         cpu: 150m

packages/apps/redis/values.schema.json

@@ -9,10 +9,6 @@
     "size": {
       "type": "string",
       "title": "Disk Size"
-    },
-    "replicas": {
-      "type": "integer",
-      "title": "Replicas"
     }
   }
 }

packages/apps/redis/values.yaml

@@ -1,3 +1,2 @@
-replicas: 2
 external: false
 size: 5Gi

packages/apps/tcp-balancer/Chart.yaml

@@ -16,10 +16,10 @@ type: application
 # This is the chart version. This version number should be incremented each time you make changes
 # to the chart and its templates, including the app version.
 # Versions are expected to follow Semantic Versioning (https://semver.org/)
-version: 0.2.0
+version: 0.1.0
 
 # This is the version number of the application being deployed. This version number should be
 # incremented each time you make changes to the application. Versions are not expected to
 # follow Semantic Versioning. They should reflect the version the application is using.
 # It is recommended to use it with quotes.
-appVersion: "2.9.7"
+appVersion: "1.16.0"

packages/apps/tcp-balancer/templates/deployment.yaml

@@ -7,7 +7,7 @@ metadata:
     app.kubernetes.io/instance: {{ .Release.Name }}
     app.kubernetes.io/managed-by: {{ .Release.Service }}
 spec:
-  replicas: {{ .Values.replicas }}
+  replicas: 2
   selector:
     matchLabels:
       app: {{ .Release.Name }}-haproxy

packages/apps/tcp-balancer/values.yaml

@@ -1,5 +1,4 @@
 external: false
-replicas: 2
 httpAndHttps:
   mode: tcp
   targetPorts:

packages/apps/versions_map

@@ -1,26 +1,16 @@
-clickhouse 0.1.0 ca79f72
+clickhouse 0.1.0 HEAD
-clickhouse 0.2.0 HEAD
+http-cache 0.1.0 HEAD
-http-cache 0.1.0 a956713
+kubernetes 0.1.0 HEAD
-http-cache 0.2.0 HEAD
-kafka 0.1.0 HEAD
-kubernetes 0.1.0 f642698
-kubernetes 0.2.0 HEAD
 mysql 0.1.0 f642698
-mysql 0.2.0 8b975ff0
+mysql 0.2.0 HEAD
-mysql 0.3.0 HEAD
+postgres 0.1.0 HEAD
-postgres 0.1.0 f642698
+rabbitmq 0.1.0 HEAD
-postgres 0.2.0 HEAD
+redis 0.1.1 HEAD
-rabbitmq 0.1.0 f642698
+tcp-balancer 0.1.0 HEAD
-rabbitmq 0.2.0 HEAD
-redis 0.1.1 f642698
-redis 0.2.0 HEAD
-tcp-balancer 0.1.0 f642698
-tcp-balancer 0.2.0 HEAD
 tenant 0.1.3 3d1b86c
 tenant 0.1.4 d200480
 tenant 0.1.5 e3ab858
 tenant 1.0.0 HEAD
 virtual-machine 0.1.4 f2015d6
 virtual-machine 0.1.5 HEAD
-vpn 0.1.0 f642698
+vpn 0.1.0 HEAD
-vpn 0.2.0 HEAD

packages/apps/vpn/Chart.yaml

@@ -1,6 +1,6 @@
 apiVersion: v2
 name: vpn
-description: Managed VPN service
+description: Establish a connection from your computer
 icon: https://upload.wikimedia.org/wikipedia/commons/thumb/6/60/Outline_VPN_icon.png/600px-Outline_VPN_icon.png
 
 # A chart can be either an 'application' or a 'library' chart.
@@ -16,10 +16,10 @@ type: application
 # This is the chart version. This version number should be incremented each time you make changes
 # to the chart and its templates, including the app version.
 # Versions are expected to follow Semantic Versioning (https://semver.org/)
-version: 0.2.0
+version: 0.1.0
 
 # This is the version number of the application being deployed. This version number should be
 # incremented each time you make changes to the application. Versions are not expected to
 # follow Semantic Versioning. They should reflect the version the application is using.
 # It is recommended to use it with quotes.
-appVersion: "1.8.1"
+appVersion: "1.16.0"

packages/apps/vpn/templates/deployment.yaml

@@ -4,7 +4,7 @@ kind: Deployment
 metadata:
   name: {{ .Release.Name }}-vpn
 spec:
-  replicas: {{ .Values.replicas }}
+  replicas: 2
   selector:
     matchLabels:
       app: {{ .Release.Name }}-vpn

packages/apps/vpn/values.yaml

@@ -1,5 +1,4 @@
 external: false
-replicas: 2
 
 users:
   user1:

packages/core/Makefile

@@ -0,0 +1,6 @@
+VERSION := 0.2.0
+
+gen: fix-chartnames
+	
+fix-chartnames:
+	find . -name Chart.yaml -maxdepth 2 | awk -F/ '{print $$2}' | while read i; do printf "name: cozy-%s\nversion: $(VERSION)\n" "$$i" > "$$i/Chart.yaml"; done

packages/core/fluxcd/Chart.yaml

@@ -1,3 +1,2 @@
-apiVersion: v2
 name: cozy-fluxcd
-version: 0.0.0 # Placeholder, the actual version will be automatically set during the build process
+version: 0.2.0

packages/core/fluxcd/Makefile

@@ -1,5 +1,5 @@
+NAMESPACE=cozy-fluxcd
 NAME=fluxcd
-NAMESPACE=cozy-$(NAME)
 
 API_VERSIONS_FLAGS=$(addprefix -a ,$(shell kubectl api-versions))
 

packages/core/installer/Chart.yaml

@@ -1,3 +1,2 @@
-apiVersion: v2
 name: cozy-installer
-version: 0.0.0 # Placeholder, the actual version will be automatically set during the build process
+version: 0.2.0

packages/core/installer/Makefile

@@ -1,10 +1,11 @@
-NAME=installer
 NAMESPACE=cozy-system
-
+NAME=installer
+PUSH := 1
+LOAD := 0
+REGISTRY := ghcr.io/aenix-io/cozystack
+TAG := v0.2.0
 TALOS_VERSION=$(shell awk '/^version:/ {print $$2}' images/talos/profiles/installer.yaml)
 
-include ../../../scripts/common-envs.mk
-
 show:
 	helm template -n $(NAMESPACE) $(NAME) .
 
@@ -23,33 +24,33 @@ image-cozystack:
 	make -C ../../.. repos
 	docker buildx build -f images/cozystack/Dockerfile ../../.. \
 		--provenance false \
-		--tag $(REGISTRY)/cozystack:$(call settag,$(TAG)) \
+		--tag $(REGISTRY)/cozystack:$(TAG) \
-		--cache-from type=registry,ref=$(REGISTRY)/cozystack:latest \
+		--cache-from type=registry,ref=$(REGISTRY)/cozystack:$(TAG) \
 		--cache-to type=inline \
 		--metadata-file images/cozystack.json \
 		--push=$(PUSH) \
 		--load=$(LOAD)
-	echo "$(REGISTRY)/cozystack:$(call settag,$(TAG))" > images/cozystack.tag
+	echo "$(REGISTRY)/cozystack:$(TAG)" > images/cozystack.tag
 
 image-talos:
 	test -f ../../../_out/assets/installer-amd64.tar || make talos-installer
 	docker load -i ../../../_out/assets/installer-amd64.tar
-	docker tag ghcr.io/siderolabs/installer:$(TALOS_VERSION) ghcr.io/aenix-io/cozystack/talos:$(call settag,$(TALOS_VERSION))
+	docker tag ghcr.io/siderolabs/installer:$(TALOS_VERSION) ghcr.io/aenix-io/cozystack/talos:$(TALOS_VERSION)
-	docker push ghcr.io/aenix-io/cozystack/talos:$(call settag,$(TALOS_VERSION))
+	docker push ghcr.io/aenix-io/cozystack/talos:$(TALOS_VERSION)
 
 image-matchbox:
 	test -f ../../../_out/assets/kernel-amd64 || make talos-kernel
 	test -f ../../../_out/assets/initramfs-metal-amd64.xz || make talos-initramfs
 	docker buildx build -f images/matchbox/Dockerfile ../../.. \
 		--provenance false \
-		--tag $(REGISTRY)/matchbox:$(call settag,$(TAG)) \
+		--tag $(REGISTRY)/matchbox:$(TAG) \
-		--tag $(REGISTRY)/matchbox:$(call settag,$(TALOS_VERSION)-$(TAG)) \
+		--tag $(REGISTRY)/matchbox:$(TALOS_VERSION)-$(TAG) \
-		--cache-from type=registry,ref=$(REGISTRY)/matchbox:latest \
+		--cache-from type=registry,ref=$(REGISTRY)/matchbox:$(TALOS_VERSION) \
 		--cache-to type=inline \
 		--metadata-file images/matchbox.json \
 		--push=$(PUSH) \
 		--load=$(LOAD)
-	echo "$(REGISTRY)/matchbox:$(call settag,$(TALOS_VERSION))" > images/matchbox.tag
+	echo "$(REGISTRY)/matchbox:$(TALOS_VERSION)" > images/matchbox.tag
 
 assets: talos-iso talos-nocloud
 

packages/core/installer/images/cozystack.json

@@ -1,4 +1,4 @@
 {
-  "containerimage.config.digest": "sha256:aefc3ca9f56f69270d7ce6f56a1ce5b531332d5641481eb54c8e74b66b0f3341",
+  "containerimage.config.digest": "sha256:326a169fb5d4277a5c3b0359e0c885b31d1360b58475bbc316be1971c710cd8d",
-  "containerimage.digest": "sha256:a2bf43cb7eb812166edfeb1a4fae6a76a4ddba93be2c0ba9040a804ccb53c261"
+  "containerimage.digest": "sha256:a608bdb75b3e06f6365f5f0b3fea82ac93c564d11f316f17e3d46e8a497a321d"
 }

packages/core/installer/images/cozystack.tag

@@ -1 +1 @@
-ghcr.io/aenix-io/cozystack/cozystack:v0.4.0
+ghcr.io/aenix-io/cozystack/cozystack:v0.2.0

packages/core/installer/images/matchbox.json

@@ -1,4 +1,4 @@
 {
-  "containerimage.config.digest": "sha256:68ea72fcc581352fabfd87fa6fd482968cc85ee520cab7a614f1244d7ae36eb0",
+  "containerimage.config.digest": "sha256:dc584f743bb73e04dcbebca7ab4f602f2c067190fd9609c3fd84412e83c20445",
-  "containerimage.digest": "sha256:cea915e08a19eb6892f3facf3b3648368cd4a05abefc49bc2616ba3340c27e82"
+  "containerimage.digest": "sha256:39ab0bf769b269a8082eeb31a9672e39caa61dd342ba2157b954c642f54a32ff"
 }

packages/core/installer/images/matchbox.tag

@@ -1 +1 @@
-ghcr.io/aenix-io/cozystack/matchbox:v1.7.1
+ghcr.io/aenix-io/cozystack/matchbox:v1.6.4

packages/core/installer/images/talos/profiles/initramfs.yaml

@@ -3,25 +3,24 @@
 arch: amd64
 platform: metal
 secureboot: false
-version: v1.7.1
+version: v1.6.4
 input:
   kernel:
     path: /usr/install/amd64/vmlinuz
   initramfs:
     path: /usr/install/amd64/initramfs.xz
   baseInstaller:
-    imageRef: ghcr.io/siderolabs/installer:v1.7.1
+    imageRef: ghcr.io/siderolabs/installer:v1.6.4
   systemExtensions:
-    - imageRef: ghcr.io/siderolabs/amd-ucode:20240410
+    - imageRef: ghcr.io/siderolabs/amd-ucode:20240115
-    - imageRef: ghcr.io/siderolabs/amdgpu-firmware:20240410
+    - imageRef: ghcr.io/siderolabs/amdgpu-firmware:20240115
-    - imageRef: ghcr.io/siderolabs/bnx2-bnx2x:20240410
+    - imageRef: ghcr.io/siderolabs/bnx2-bnx2x:20240115
-    - imageRef: ghcr.io/siderolabs/i915-ucode:20240410
+    - imageRef: ghcr.io/siderolabs/i915-ucode:20240115
-    - imageRef: ghcr.io/siderolabs/intel-ice-firmware:20240410
+    - imageRef: ghcr.io/siderolabs/intel-ice-firmware:20240115
-    - imageRef: ghcr.io/siderolabs/intel-ucode:20240312
+    - imageRef: ghcr.io/siderolabs/intel-ucode:20231114
-    - imageRef: ghcr.io/siderolabs/qlogic-firmware:20240410
+    - imageRef: ghcr.io/siderolabs/qlogic-firmware:20240115
-    - imageRef: ghcr.io/siderolabs/drbd:9.2.8-v1.7.1
+    - imageRef: ghcr.io/siderolabs/drbd:9.2.6-v1.6.4
-    - imageRef: ghcr.io/siderolabs/zfs:2.2.3-v1.7.1
+    - imageRef: ghcr.io/siderolabs/zfs:2.1.14-v1.6.4
 output:
   kind: initramfs
-  imageOptions: {}
   outFormat: raw

packages/core/installer/images/talos/profiles/installer.yaml

@@ -3,25 +3,24 @@
 arch: amd64
 platform: metal
 secureboot: false
-version: v1.7.1
+version: v1.6.4
 input:
   kernel:
     path: /usr/install/amd64/vmlinuz
   initramfs:
     path: /usr/install/amd64/initramfs.xz
   baseInstaller:
-    imageRef: ghcr.io/siderolabs/installer:v1.7.1
+    imageRef: ghcr.io/siderolabs/installer:v1.6.4
   systemExtensions:
-    - imageRef: ghcr.io/siderolabs/amd-ucode:20240410
+    - imageRef: ghcr.io/siderolabs/amd-ucode:20240115
-    - imageRef: ghcr.io/siderolabs/amdgpu-firmware:20240410
+    - imageRef: ghcr.io/siderolabs/amdgpu-firmware:20240115
-    - imageRef: ghcr.io/siderolabs/bnx2-bnx2x:20240410
+    - imageRef: ghcr.io/siderolabs/bnx2-bnx2x:20240115
-    - imageRef: ghcr.io/siderolabs/i915-ucode:20240410
+    - imageRef: ghcr.io/siderolabs/i915-ucode:20240115
-    - imageRef: ghcr.io/siderolabs/intel-ice-firmware:20240410
+    - imageRef: ghcr.io/siderolabs/intel-ice-firmware:20240115
-    - imageRef: ghcr.io/siderolabs/intel-ucode:20240312
+    - imageRef: ghcr.io/siderolabs/intel-ucode:20231114
-    - imageRef: ghcr.io/siderolabs/qlogic-firmware:20240410
+    - imageRef: ghcr.io/siderolabs/qlogic-firmware:20240115
-    - imageRef: ghcr.io/siderolabs/drbd:9.2.8-v1.7.1
+    - imageRef: ghcr.io/siderolabs/drbd:9.2.6-v1.6.4
-    - imageRef: ghcr.io/siderolabs/zfs:2.2.3-v1.7.1
+    - imageRef: ghcr.io/siderolabs/zfs:2.1.14-v1.6.4
 output:
   kind: installer
-  imageOptions: {}
   outFormat: raw

packages/core/installer/images/talos/profiles/iso.yaml

@@ -3,25 +3,24 @@
 arch: amd64
 platform: metal
 secureboot: false
-version: v1.7.1
+version: v1.6.4
 input:
   kernel:
     path: /usr/install/amd64/vmlinuz
   initramfs:
     path: /usr/install/amd64/initramfs.xz
   baseInstaller:
-    imageRef: ghcr.io/siderolabs/installer:v1.7.1
+    imageRef: ghcr.io/siderolabs/installer:v1.6.4
   systemExtensions:
-    - imageRef: ghcr.io/siderolabs/amd-ucode:20240410
+    - imageRef: ghcr.io/siderolabs/amd-ucode:20240115
-    - imageRef: ghcr.io/siderolabs/amdgpu-firmware:20240410
+    - imageRef: ghcr.io/siderolabs/amdgpu-firmware:20240115
-    - imageRef: ghcr.io/siderolabs/bnx2-bnx2x:20240410
+    - imageRef: ghcr.io/siderolabs/bnx2-bnx2x:20240115
-    - imageRef: ghcr.io/siderolabs/i915-ucode:20240410
+    - imageRef: ghcr.io/siderolabs/i915-ucode:20240115
-    - imageRef: ghcr.io/siderolabs/intel-ice-firmware:20240410
+    - imageRef: ghcr.io/siderolabs/intel-ice-firmware:20240115
-    - imageRef: ghcr.io/siderolabs/intel-ucode:20240312
+    - imageRef: ghcr.io/siderolabs/intel-ucode:20231114
-    - imageRef: ghcr.io/siderolabs/qlogic-firmware:20240410
+    - imageRef: ghcr.io/siderolabs/qlogic-firmware:20240115
-    - imageRef: ghcr.io/siderolabs/drbd:9.2.8-v1.7.1
+    - imageRef: ghcr.io/siderolabs/drbd:9.2.6-v1.6.4
-    - imageRef: ghcr.io/siderolabs/zfs:2.2.3-v1.7.1
+    - imageRef: ghcr.io/siderolabs/zfs:2.1.14-v1.6.4
 output:
   kind: iso
-  imageOptions: {}
   outFormat: raw

packages/core/installer/images/talos/profiles/kernel.yaml

@@ -3,25 +3,24 @@
 arch: amd64
 platform: metal
 secureboot: false
-version: v1.7.1
+version: v1.6.4
 input:
   kernel:
     path: /usr/install/amd64/vmlinuz
   initramfs:
     path: /usr/install/amd64/initramfs.xz
   baseInstaller:
-    imageRef: ghcr.io/siderolabs/installer:v1.7.1
+    imageRef: ghcr.io/siderolabs/installer:v1.6.4
   systemExtensions:
-    - imageRef: ghcr.io/siderolabs/amd-ucode:20240410
+    - imageRef: ghcr.io/siderolabs/amd-ucode:20240115
-    - imageRef: ghcr.io/siderolabs/amdgpu-firmware:20240410
+    - imageRef: ghcr.io/siderolabs/amdgpu-firmware:20240115
-    - imageRef: ghcr.io/siderolabs/bnx2-bnx2x:20240410
+    - imageRef: ghcr.io/siderolabs/bnx2-bnx2x:20240115
-    - imageRef: ghcr.io/siderolabs/i915-ucode:20240410
+    - imageRef: ghcr.io/siderolabs/i915-ucode:20240115
-    - imageRef: ghcr.io/siderolabs/intel-ice-firmware:20240410
+    - imageRef: ghcr.io/siderolabs/intel-ice-firmware:20240115
-    - imageRef: ghcr.io/siderolabs/intel-ucode:20240312
+    - imageRef: ghcr.io/siderolabs/intel-ucode:20231114
-    - imageRef: ghcr.io/siderolabs/qlogic-firmware:20240410
+    - imageRef: ghcr.io/siderolabs/qlogic-firmware:20240115
-    - imageRef: ghcr.io/siderolabs/drbd:9.2.8-v1.7.1
+    - imageRef: ghcr.io/siderolabs/drbd:9.2.6-v1.6.4
-    - imageRef: ghcr.io/siderolabs/zfs:2.2.3-v1.7.1
+    - imageRef: ghcr.io/siderolabs/zfs:2.1.14-v1.6.4
 output:
   kind: kernel
-  imageOptions: {}
   outFormat: raw

packages/core/installer/images/talos/profiles/nocloud.yaml

@@ -3,25 +3,25 @@
 arch: amd64
 platform: metal
 secureboot: false
-version: v1.7.1
+version: v1.6.4
 input:
   kernel:
     path: /usr/install/amd64/vmlinuz
   initramfs:
     path: /usr/install/amd64/initramfs.xz
   baseInstaller:
-    imageRef: ghcr.io/siderolabs/installer:v1.7.1
+    imageRef: ghcr.io/siderolabs/installer:v1.6.4
   systemExtensions:
-    - imageRef: ghcr.io/siderolabs/amd-ucode:20240410
+    - imageRef: ghcr.io/siderolabs/amd-ucode:20240115
-    - imageRef: ghcr.io/siderolabs/amdgpu-firmware:20240410
+    - imageRef: ghcr.io/siderolabs/amdgpu-firmware:20240115
-    - imageRef: ghcr.io/siderolabs/bnx2-bnx2x:20240410
+    - imageRef: ghcr.io/siderolabs/bnx2-bnx2x:20240115
-    - imageRef: ghcr.io/siderolabs/i915-ucode:20240410
+    - imageRef: ghcr.io/siderolabs/i915-ucode:20240115
-    - imageRef: ghcr.io/siderolabs/intel-ice-firmware:20240410
+    - imageRef: ghcr.io/siderolabs/intel-ice-firmware:20240115
-    - imageRef: ghcr.io/siderolabs/intel-ucode:20240312
+    - imageRef: ghcr.io/siderolabs/intel-ucode:20231114
-    - imageRef: ghcr.io/siderolabs/qlogic-firmware:20240410
+    - imageRef: ghcr.io/siderolabs/qlogic-firmware:20240115
-    - imageRef: ghcr.io/siderolabs/drbd:9.2.8-v1.7.1
+    - imageRef: ghcr.io/siderolabs/drbd:9.2.6-v1.6.4
-    - imageRef: ghcr.io/siderolabs/zfs:2.2.3-v1.7.1
+    - imageRef: ghcr.io/siderolabs/zfs:2.1.14-v1.6.4
 output:
-  kind: nocloud
+  kind: image
   imageOptions: { diskSize: 1306525696, diskFormat: raw }
   outFormat: .xz

packages/core/installer/templates/cozystack.yaml

@@ -12,6 +12,12 @@ metadata:
   name: cozystack
   namespace: cozy-system
 ---
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+  name: cozystack
+  namespace: cozy-system
+---
 apiVersion: rbac.authorization.k8s.io/v1
 kind: ClusterRoleBinding
 metadata:

packages/core/platform/Chart.yaml

@@ -1,3 +1,2 @@
-apiVersion: v2
 name: cozy-platform
-version: 0.0.0 # Placeholder, the actual version will be automatically set during the build process
+version: 0.2.0

packages/core/platform/Makefile

@@ -1,5 +1,5 @@
-NAME=platform
 NAMESPACE=cozy-system
+NAME=platform
 
 API_VERSIONS_FLAGS=$(addprefix -a ,$(shell kubectl api-versions))
 

packages/core/platform/bundles/distro-full.yaml

@@ -52,12 +52,6 @@ releases:
   privileged: true
   dependsOn: [cilium]
 
-- name: etcd-operator
-  releaseName: etcd-operator
-  chart: cozy-etcd-operator
-  namespace: cozy-etcd-operator
-  dependsOn: [cilium,cert-manager]
-
 - name: grafana-operator
   releaseName: grafana-operator
   chart: cozy-grafana-operator

packages/core/platform/bundles/distro-hosted.yaml

@@ -26,12 +26,6 @@ releases:
   privileged: true
   dependsOn: [victoria-metrics-operator]
 
-- name: etcd-operator
-  releaseName: etcd-operator
-  chart: cozy-etcd-operator
-  namespace: cozy-etcd-operator
-  dependsOn: [cert-manager]
-
 - name: grafana-operator
   releaseName: grafana-operator
   chart: cozy-grafana-operator

packages/core/platform/bundles/paas-full.yaml

@@ -81,12 +81,6 @@ releases:
   privileged: true
   dependsOn: [cilium,kubeovn]
 
-- name: etcd-operator
-  releaseName: etcd-operator
-  chart: cozy-etcd-operator
-  namespace: cozy-etcd-operator
-  dependsOn: [cilium,kubeovn,cert-manager]
-
 - name: grafana-operator
   releaseName: grafana-operator
   chart: cozy-grafana-operator

packages/core/platform/bundles/paas-hosted.yaml

@@ -26,12 +26,6 @@ releases:
   privileged: true
   dependsOn: [victoria-metrics-operator]
 
-- name: etcd-operator
-  releaseName: etcd-operator
-  chart: cozy-etcd-operator
-  namespace: cozy-etcd-operator
-  dependsOn: [cert-manager]
-
 - name: grafana-operator
   releaseName: grafana-operator
   chart: cozy-grafana-operator

packages/core/platform/templates/helmreleases.yaml

@@ -23,11 +23,9 @@ spec:
   interval: 1m
   releaseName: {{ $x.releaseName | default $x.name }}
   install:
-    crds: CreateReplace
     remediation:
       retries: -1
   upgrade:
-    crds: CreateReplace
     remediation:
       retries: -1
   chart:

packages/extra/Makefile

@@ -7,7 +7,7 @@ repo:
 	awk '$$3 != "HEAD" {print "mkdir -p $(TMP)/" $$1 "-" $$2}' versions_map | sh -ex
 	awk '$$3 != "HEAD" {print "git archive " $$3 " " $$1 " | tar -xf- --strip-components=1 -C $(TMP)/" $$1 "-" $$2 }' versions_map | sh -ex
 	helm package -d "$(OUT)" $$(find . $(TMP) -mindepth 2 -maxdepth 2 -name Chart.yaml | awk 'sub("/Chart.yaml", "")' | sort -V)
-	cd "$(OUT)" && helm repo index . --url http://cozystack.cozy-system.svc/repos/extra
+	cd "$(OUT)" && helm repo index .
 	rm -rf "$(TMP)"
 
 fix-chartnames:

packages/extra/etcd/Chart.yaml

@@ -3,4 +3,4 @@ name: etcd
 description: Storage for Kubernetes clusters
 icon: https://www.svgrepo.com/show/353714/etcd.svg
 type: application
-version: 2.0.0
+version: 1.0.0

packages/extra/etcd/templates/datastore.yaml

@@ -1,50 +0,0 @@
----
-apiVersion: kamaji.clastix.io/v1alpha1
-kind: DataStore
-metadata:
-  name: {{ .Release.Namespace }}
-spec:
-  driver: etcd
-  endpoints:
-  - etcd-0.etcd-headless.{{ .Release.Namespace }}.svc:2379
-  - etcd-1.etcd-headless.{{ .Release.Namespace }}.svc:2379
-  - etcd-2.etcd-headless.{{ .Release.Namespace }}.svc:2379
-  tlsConfig:
-    certificateAuthority:
-      certificate:
-        secretReference:
-          keyPath: tls.crt
-          name: etcd-ca-tls
-          namespace: {{ .Release.Namespace }}
-      privateKey:
-        secretReference:
-          keyPath: tls.key
-          name: etcd-ca-tls
-          namespace: {{ .Release.Namespace }}
-    clientCertificate:
-      certificate:
-        secretReference:
-          keyPath: tls.crt
-          name: etcd-client-tls
-          namespace: {{ .Release.Namespace }}
-      privateKey:
-        secretReference:
-          keyPath: tls.key
-          name: etcd-client-tls
-          namespace: {{ .Release.Namespace }}
----
-apiVersion: v1
-kind: Secret
-metadata:
-  name: etcd-ca-tls
-  annotations:
-    helm.sh/hook: pre-install
-    helm.sh/resource-policy: keep
----
-apiVersion: v1
-kind: Secret
-metadata:
-  name: etcd-client-tls
-  annotations:
-    helm.sh/hook: pre-install
-    helm.sh/resource-policy: keep

packages/extra/etcd/templates/etcd-cluster.yaml

@@ -1,176 +0,0 @@
----
-apiVersion: etcd.aenix.io/v1alpha1
-kind: EtcdCluster
-metadata:
-  name: etcd
-spec:
-  storage: {}
-  security:
-    tls:
-      peerTrustedCASecret: etcd-peer-ca-tls
-      peerSecret: etcd-peer-tls
-      serverSecret: etcd-server-tls
-      clientTrustedCASecret: etcd-ca-tls
-      clientSecret: etcd-client-tls
-  podTemplate:
-    spec:
-      topologySpreadConstraints:
-      - maxSkew: 1
-        topologyKey: "kubernetes.io/hostname"
-        whenUnsatisfiable: ScheduleAnyway
-        labelSelector:
-          matchLabels:
-            app.kubernetes.io/instance: etcd
----
-apiVersion: cert-manager.io/v1
-kind: Issuer
-metadata:
-  name: etcd-selfsigning-issuer
-spec:
-  selfSigned: {}
----
-apiVersion: cert-manager.io/v1
-kind: Certificate
-metadata:
-  name: etcd-peer-ca
-spec:
-  isCA: true
-  usages:
-  - "signing"
-  - "key encipherment"
-  - "cert sign"
-  commonName: etcd-peer-ca
-  subject:
-    organizations:
-      - ACME Inc.
-    organizationalUnits:
-      - Widgets
-  secretName: etcd-peer-ca-tls
-  privateKey:
-    algorithm: RSA
-    size: 4096
-  issuerRef:
-    name: etcd-selfsigning-issuer
-    kind: Issuer
-    group: cert-manager.io
----
-apiVersion: cert-manager.io/v1
-kind: Certificate
-metadata:
-  name: etcd-ca
-spec:
-  isCA: true
-  usages:
-  - "signing"
-  - "key encipherment"
-  - "cert sign"
-  commonName: etcd-ca
-  subject:
-    organizations:
-      - ACME Inc.
-    organizationalUnits:
-      - Widgets
-  secretName: etcd-ca-tls
-  privateKey:
-    algorithm: RSA
-    size: 4096
-  issuerRef:
-    name: etcd-selfsigning-issuer
-    kind: Issuer
-    group: cert-manager.io
----
-apiVersion: cert-manager.io/v1
-kind: Issuer
-metadata:
-  name: etcd-peer-issuer
-spec:
-  ca:
-    secretName: etcd-peer-ca-tls
----
-apiVersion: cert-manager.io/v1
-kind: Issuer
-metadata:
-  name: etcd-issuer
-spec:
-  ca:
-    secretName: etcd-ca-tls
----
-apiVersion: cert-manager.io/v1
-kind: Certificate
-metadata:
-  name: etcd-server
-spec:
-  secretName: etcd-server-tls
-  isCA: false
-  usages:
-    - "server auth"
-    - "signing"
-    - "key encipherment"
-  dnsNames:
-  - etcd-0
-  - etcd-0.etcd-headless
-  - etcd-0.etcd-headless.{{ .Release.Namespace }}.svc
-  - etcd-1
-  - etcd-1.etcd-headless
-  - etcd-1.etcd-headless.{{ .Release.Namespace }}.svc
-  - etcd-2
-  - etcd-2.etcd-headless
-  - etcd-2.etcd-headless.{{ .Release.Namespace }}.svc
-  - localhost
-  - "127.0.0.1"
-  privateKey:
-    rotationPolicy: Always
-    algorithm: RSA
-    size: 4096
-  issuerRef:
-    name: etcd-issuer
----
-apiVersion: cert-manager.io/v1
-kind: Certificate
-metadata:
-  name: etcd-peer
-spec:
-  secretName: etcd-peer-tls
-  isCA: false
-  usages:
-    - "server auth"
-    - "client auth"
-    - "signing"
-    - "key encipherment"
-  dnsNames:
-  - etcd-0
-  - etcd-0.etcd-headless
-  - etcd-0.etcd-headless.{{ .Release.Namespace }}.svc
-  - etcd-1
-  - etcd-1.etcd-headless
-  - etcd-1.etcd-headless.{{ .Release.Namespace }}.svc
-  - etcd-2
-  - etcd-2.etcd-headless
-  - etcd-2.etcd-headless.{{ .Release.Namespace }}.svc
-  - localhost
-  - "127.0.0.1"
-  privateKey:
-    rotationPolicy: Always
-    algorithm: RSA
-    size: 4096
-  issuerRef:
-    name: etcd-peer-issuer
----
-apiVersion: cert-manager.io/v1
-kind: Certificate
-metadata:
-  name: etcd-client
-spec:
-  commonName: root
-  secretName: etcd-client-tls
-  usages:
-  - "signing"
-  - "key encipherment"
-  - "client auth"
-  privateKey:
-    rotationPolicy: Always
-    algorithm: RSA
-    size: 4096
-  issuerRef:
-    name: etcd-issuer
-    kind: Issuer

packages/extra/etcd/templates/kamaji-etcd.yaml

@@ -0,0 +1,19 @@
+apiVersion: helm.toolkit.fluxcd.io/v2beta1
+kind: HelmRelease
+metadata:
+  name: kamaji-etcd
+spec:
+  chart:
+    spec:
+      chart: cozy-kamaji-etcd
+      reconcileStrategy: Revision
+      sourceRef:
+        kind: HelmRepository
+        name: cozystack-system
+        namespace: cozy-system
+      version: '*'
+  interval: 1m0s
+  timeout: 5m0s
+  values:
+    kamaji-etcd:
+      fullnameOverride: etcd

packages/extra/monitoring/templates/grafana/grafana.yaml

@@ -67,7 +67,7 @@ spec:
   ingress:
     metadata:
       annotations:
-        acme.cert-manager.io/http01-ingress-class: "{{ $ingress }}"
+        kubernetes.io/ingress.class: "{{ $ingress }}"
         cert-manager.io/cluster-issuer: letsencrypt-prod
     spec:
       ingressClassName: "{{ $ingress }}"

packages/extra/versions_map

@@ -1,4 +1,3 @@
-etcd 1.0.0 f7eaab0
+etcd 1.0.0 HEAD
-etcd 2.0.0 HEAD
 ingress 1.0.0 HEAD
 monitoring 1.0.0 HEAD

packages/system/Makefile

@@ -1,12 +1,13 @@
 OUT=../../_out/repos/system
+VERSION := 0.2.0
 
-include ../../scripts/common-envs.mk
+gen: fix-chartnames
 
-repo:
+repo: fix-chartnames
 	rm -rf "$(OUT)"
 	mkdir -p "$(OUT)"
-	helm package -d "$(OUT)" $$(find . -mindepth 2 -maxdepth 2 -name Chart.yaml | awk 'sub("/Chart.yaml", "")') --version $(VERSION)
+	helm package -d "$(OUT)" $$(find . -mindepth 2 -maxdepth 2 -name Chart.yaml | awk 'sub("/Chart.yaml", "")')
 	cd "$(OUT)" && helm repo index .
 
 fix-chartnames:
-	find . -name Chart.yaml -maxdepth 2 | awk -F/ '{print $$2}' | while read i; do sed -i "s/^name: .*/name: cozy-$$i/" "$$i/Chart.yaml"; done
+	find . -name Chart.yaml -maxdepth 2 | awk -F/ '{print $$2}' | while read i; do printf "name: cozy-%s\nversion: $(VERSION)\n" "$$i" > "$$i/Chart.yaml"; done

packages/system/capi-operator/Chart.yaml

@@ -1,3 +1,2 @@
-apiVersion: v2
 name: cozy-capi-operator
-version: 0.0.0 # Placeholder, the actual version will be automatically set during the build process
+version: 0.2.0

packages/system/capi-operator/Makefile

@@ -1,7 +1,14 @@
 NAME=capi-operator
 NAMESPACE=cozy-cluster-api
 
-include ../../../scripts/package-system.mk
+show:
+	helm template --dry-run=server -n $(NAMESPACE) $(NAME) .
+
+apply:
+	helm upgrade -i -n $(NAMESPACE) $(NAME) .
+
+diff:
+	helm diff upgrade --allow-unreleased --normalize-manifests -n $(NAMESPACE) $(NAME) .
 
 update:
 	rm -rf charts

packages/system/capi-providers/Chart.yaml

@@ -1,3 +1,2 @@
-apiVersion: v2
 name: cozy-capi-providers
-version: 0.0.0 # Placeholder, the actual version will be automatically set during the build process
+version: 0.2.0

packages/system/capi-providers/Makefile

@@ -1,4 +1,11 @@
 NAME=capi-providers
 NAMESPACE=cozy-cluster-api
 
-include ../../../scripts/package-system.mk
+show:
+	helm template --dry-run=server -n $(NAMESPACE) $(NAME) .
+
+apply:
+	helm upgrade -i -n $(NAMESPACE) $(NAME) .
+
+diff:
+	helm diff upgrade --allow-unreleased --normalize-manifests -n $(NAMESPACE) $(NAME) .

packages/system/capi-providers/templates/providers.yaml

@@ -13,7 +13,7 @@ spec:
   deployment:
     containers:
     - name: manager
-      imageUrl: ghcr.io/kvaps/test:cluster-api-control-plane-provider-kamaji-v0.7.1-fix
+      imageUrl: ghcr.io/kvaps/test:cluster-api-control-plane-provider-kamaji-v0.6.0-fix7
 ---
 apiVersion: operator.cluster.x-k8s.io/v1alpha2
 kind: BootstrapProvider

packages/system/cert-manager-issuers/Chart.yaml

@@ -1,3 +1,2 @@
-apiVersion: v2
 name: cozy-cert-manager-issuers
-version: 0.0.0 # Placeholder, the actual version will be automatically set during the build process
+version: 0.2.0

packages/system/cert-manager-issuers/Makefile

@@ -1,4 +1,11 @@
 NAME=cert-manager-issuers
 NAMESPACE=cozy-cert-manager
 
-include ../../../scripts/package-system.mk
+show:
+	helm template --dry-run=server -n $(NAMESPACE) $(NAME) .
+
+apply:
+	helm upgrade -i -n $(NAMESPACE) $(NAME) .
+
+diff:
+	helm diff upgrade --allow-unreleased --normalize-manifests -n $(NAMESPACE) $(NAME) .

packages/system/cert-manager/Chart.yaml

@@ -1,3 +1,2 @@
-apiVersion: v2
 name: cozy-cert-manager
-version: 0.0.0 # Placeholder, the actual version will be automatically set during the build process
+version: 0.2.0

packages/system/cert-manager/Makefile

@@ -1,7 +1,14 @@
 NAME=cert-manager
-NAMESPACE=cozy-$(NAME)
+NAMESPACE=cozy-cert-manager
 
-include ../../../scripts/package-system.mk
+show:
+	helm template --dry-run=server -n $(NAMESPACE) $(NAME) .
+
+apply:
+	helm upgrade -i -n $(NAMESPACE) $(NAME) .
+
+diff:
+	helm diff upgrade --allow-unreleased --normalize-manifests -n $(NAMESPACE) $(NAME) .
 
 update:
 	rm -rf charts

packages/system/cilium/Chart.yaml

@@ -1,3 +1,2 @@
-apiVersion: v2
 name: cozy-cilium
-version: 0.0.0 # Placeholder, the actual version will be automatically set during the build process
+version: 0.2.0

packages/system/cilium/Makefile

@@ -1,7 +1,14 @@
+NAMESPACE=cozy-cilium
 NAME=cilium
-NAMESPACE=cozy-$(NAME)
 
-include ../../../scripts/package-system.mk
+show:
+	kubectl get hr -n cozy-cilium cilium -o jsonpath='{.spec.values}' | helm template --dry-run=server -n $(NAMESPACE) $(NAME) . -f -
+
+apply:
+	kubectl get hr -n cozy-cilium cilium -o jsonpath='{.spec.values}' | helm upgrade -i -n $(NAMESPACE) $(NAME) . -f -
+
+diff:
+	kubectl get hr -n cozy-cilium cilium -o jsonpath='{.spec.values}' | helm diff upgrade --allow-unreleased --normalize-manifests -n $(NAMESPACE) $(NAME) . -f -
 
 update:
 	rm -rf charts

packages/system/clickhouse-operator/Chart.yaml

@@ -1,3 +1,2 @@
-apiVersion: v2
 name: cozy-clickhouse-operator
-version: 0.0.0 # Placeholder, the actual version will be automatically set during the build process
+version: 0.3.0

packages/system/clickhouse-operator/Makefile

@@ -1,7 +1,14 @@
 NAME=clickhouse-operator
 NAMESPACE=cozy-clickhouse-operator
 
-include ../../../scripts/package-system.mk
+show:
+	helm template --dry-run=server -n $(NAMESPACE) $(NAME) .
+
+apply:
+	helm upgrade -i -n $(NAMESPACE) $(NAME) .
+
+diff:
+	helm diff upgrade --allow-unreleased --normalize-manifests -n $(NAMESPACE) $(NAME) .
 
 update:
 	rm -rf charts

packages/system/clickhouse-operator/values.yaml

@@ -3,4 +3,4 @@ altinity-clickhouse-operator:
     files:
       config.yaml:
         watch:
-          namespaces: [".*"]
+          namespaces: ["*"]

packages/system/dashboard/Chart.yaml

@@ -1,3 +1,2 @@
-apiVersion: v2
 name: cozy-dashboard
-version: 0.0.0 # Placeholder, the actual version will be automatically set during the build process
+version: 0.2.0

packages/system/dashboard/Makefile

@@ -1,8 +1,18 @@
 NAME=dashboard
-NAMESPACE=cozy-$(NAME)
+NAMESPACE=cozy-dashboard
+PUSH := 1
+LOAD := 0
+REPOSITORY := ghcr.io/aenix-io/cozystack
+TAG := v0.2.0
 
-include ../../../scripts/common-envs.mk
+show:
-include ../../../scripts/package-system.mk
+	helm template --dry-run=server -n $(NAMESPACE) $(NAME) .
+
+apply:
+	helm upgrade -i -n $(NAMESPACE) $(NAME) .
+
+diff:
+	helm diff upgrade --allow-unreleased --normalize-manifests -n $(NAMESPACE) $(NAME) .
 
 update: update-chart update-dockerfiles
 image: image-dashboard image-kubeapps-apis
@@ -27,21 +37,21 @@ update-dockerfiles:
 image-dashboard:
 	docker buildx build images/dashboard \
 		--provenance false \
-		--tag $(REGISTRY)/dashboard:$(call settag,$(TAG)) \
+		--tag $(REPOSITORY)/dashboard:$(TAG) \
-		--cache-from type=registry,ref=$(REGISTRY)/dashboard:latest \
+		--cache-from type=registry,ref=$(REPOSITORY)/dashboard:$(TAG) \
 		--cache-to type=inline \
 		--metadata-file images/dashboard.json \
 		--push=$(PUSH) \
 		--load=$(LOAD)
-	echo "$(REGISTRY)/dashboard:$(call settag,$(TAG))" > images/dashboard.tag
+	echo "$(REPOSITORY)/dashboard:$(TAG)" > images/dashboard.tag
 
 image-kubeapps-apis:
 	docker buildx build images/kubeapps-apis \
 		--provenance false \
-		--tag $(REGISTRY)/kubeapps-apis:$(call settag,$(TAG)) \
+		--tag $(REPOSITORY)/kubeapps-apis:$(TAG) \
-		--cache-from type=registry,ref=$(REGISTRY)/kubeapps-apis:latest \
+		--cache-from type=registry,ref=$(REPOSITORY)/kubeapps-apis:$(TAG) \
 		--cache-to type=inline \
 		--metadata-file images/kubeapps-apis.json \
 		--push=$(PUSH) \
 		--load=$(LOAD)
-	echo "$(REGISTRY)/kubeapps-apis:$(call settag,$(TAG))" > images/kubeapps-apis.tag
+	echo "$(REPOSITORY)/kubeapps-apis:$(TAG)" > images/kubeapps-apis.tag

packages/system/dashboard/charts/kubeapps/Chart.lock

@@ -1,12 +1,12 @@
 dependencies:
 - name: redis
   repository: oci://registry-1.docker.io/bitnamicharts
-  version: 19.0.2
+  version: 18.19.2
 - name: postgresql
   repository: oci://registry-1.docker.io/bitnamicharts
-  version: 15.2.4
+  version: 13.4.6
 - name: common
   repository: oci://registry-1.docker.io/bitnamicharts
-  version: 2.19.1
+  version: 2.19.0
-digest: sha256:2ff034d67cb1b9c11f0243b3ab9a6a8642bf12142df2f86043f9006adf6dbba1
+digest: sha256:b4965a22517e61212e78abb8d1cbe86e800c8664b3139e2047f4bd62b3e55b24
-generated: "2024-04-08T09:01:34.727544997Z"
+generated: "2024-03-13T11:51:34.216594+01:00"

packages/system/dashboard/charts/kubeapps/Chart.yaml

@@ -2,33 +2,33 @@ annotations:
   category: Infrastructure
   images: |
     - name: kubeapps-apis
-      image: docker.io/bitnami/kubeapps-apis:2.10.0-debian-12-r0
+      image: docker.io/bitnami/kubeapps-apis:2.9.0-debian-12-r19
     - name: kubeapps-apprepository-controller
-      image: docker.io/bitnami/kubeapps-apprepository-controller:2.10.0-debian-12-r0
+      image: docker.io/bitnami/kubeapps-apprepository-controller:2.9.0-debian-12-r18
     - name: kubeapps-asset-syncer
-      image: docker.io/bitnami/kubeapps-asset-syncer:2.10.0-debian-12-r0
+      image: docker.io/bitnami/kubeapps-asset-syncer:2.9.0-debian-12-r19
     - name: kubeapps-dashboard
-      image: docker.io/bitnami/kubeapps-dashboard:2.10.0-debian-12-r0
+      image: docker.io/bitnami/kubeapps-dashboard:2.9.0-debian-12-r18
     - name: kubeapps-oci-catalog
-      image: docker.io/bitnami/kubeapps-oci-catalog:2.10.0-debian-12-r0
+      image: docker.io/bitnami/kubeapps-oci-catalog:2.9.0-debian-12-r17
     - name: kubeapps-pinniped-proxy
-      image: docker.io/bitnami/kubeapps-pinniped-proxy:2.10.0-debian-12-r0
+      image: docker.io/bitnami/kubeapps-pinniped-proxy:2.9.0-debian-12-r17
     - name: nginx
-      image: docker.io/bitnami/nginx:1.25.4-debian-12-r7
+      image: docker.io/bitnami/nginx:1.25.4-debian-12-r3
     - name: oauth2-proxy
-      image: docker.io/bitnami/oauth2-proxy:7.6.0-debian-12-r7
+      image: docker.io/bitnami/oauth2-proxy:7.6.0-debian-12-r4
   licenses: Apache-2.0
 apiVersion: v2
-appVersion: 2.10.0
+appVersion: 2.9.0
 dependencies:
 - condition: packaging.flux.enabled
   name: redis
   repository: oci://registry-1.docker.io/bitnamicharts
-  version: 19.x.x
+  version: 18.x.x
 - condition: packaging.helm.enabled
   name: postgresql
   repository: oci://registry-1.docker.io/bitnamicharts
-  version: 15.x.x
+  version: 13.x.x
 - name: common
   repository: oci://registry-1.docker.io/bitnamicharts
   tags:
@@ -51,4 +51,4 @@ maintainers:
 name: kubeapps
 sources:
 - https://github.com/bitnami/charts/tree/main/bitnami/kubeapps
-version: 15.0.2
+version: 14.7.2

packages/system/dashboard/charts/kubeapps/charts/common/Chart.yaml

@@ -2,7 +2,7 @@ annotations:
   category: Infrastructure
   licenses: Apache-2.0
 apiVersion: v2
-appVersion: 2.19.1
+appVersion: 2.19.0
 description: A Library Helm Chart for grouping common logic between bitnami charts.
   This chart is not deployable by itself.
 home: https://bitnami.com
@@ -20,4 +20,4 @@ name: common
 sources:
 - https://github.com/bitnami/charts
 type: library
-version: 2.19.1
+version: 2.19.0

packages/system/dashboard/charts/kubeapps/charts/common/templates/_resources.tpl

@@ -11,7 +11,7 @@ These presets are for basic testing and not meant to be used in production
 {{ include "common.resources.preset" (dict "type" "nano") -}}
 */}}
 {{- define "common.resources.preset" -}}
-{{/* The limits are the requests increased by 50% (except ephemeral-storage and xlarge/2xlarge sizes)*/}}
+{{/* The limits are the requests increased by 50% (except ephemeral-storage)*/}}
 {{- $presets := dict 
   "nano" (dict 
       "requests" (dict "cpu" "100m" "memory" "128Mi" "ephemeral-storage" "50Mi")
@@ -34,11 +34,11 @@ These presets are for basic testing and not meant to be used in production
       "limits" (dict "cpu" "1.5" "memory" "3072Mi" "ephemeral-storage" "1024Mi")
    )
   "xlarge" (dict 
-      "requests" (dict "cpu" "1.5" "memory" "4096Mi" "ephemeral-storage" "50Mi")
+      "requests" (dict "cpu" "2.0" "memory" "4096Mi" "ephemeral-storage" "50Mi")
       "limits" (dict "cpu" "3.0" "memory" "6144Mi" "ephemeral-storage" "1024Mi")
    )
   "2xlarge" (dict 
-      "requests" (dict "cpu" "1.5" "memory" "4096Mi" "ephemeral-storage" "50Mi")
+      "requests" (dict "cpu" "4.0" "memory" "8192Mi" "ephemeral-storage" "50Mi")
       "limits" (dict "cpu" "6.0" "memory" "12288Mi" "ephemeral-storage" "1024Mi")
    )
  }}