[apps] Update the backup and restore documentation for managed apps

Signed-off-by: Nick Volynkin <nick.volynkin@gmail.com>

.github/workflows/pre-commit.yml

@@ -2,7 +2,7 @@ name: Pre-Commit Checks
 
 on:
   pull_request:
-    types: [opened, synchronize, reopened]
+    types: [labeled, opened, synchronize, reopened]
 
 concurrency:
   group: pre-commit-${{ github.workflow }}-${{ github.event.pull_request.number }}

.github/workflows/pull-requests-release.yaml

@@ -3,8 +3,6 @@ name: "Releasing PR"
 on:
   pull_request:
     types: [closed]
-    paths-ignore:
-      - 'docs/**/*'
 
 # Cancel in‑flight runs for the same PR when a new push arrives.
 concurrency:

.github/workflows/pull-requests.yaml

@@ -2,9 +2,7 @@ name: Pull Request
 
 on:
   pull_request:
-    types: [opened, synchronize, reopened]
-    paths-ignore:
-      - 'docs/**/*'
+    types: [labeled, opened, synchronize, reopened]
 
 # Cancel in‑flight runs for the same PR when a new push arrives.
 concurrency:
@@ -46,17 +44,6 @@ jobs:
 
       - name: Build Talos image
         run: make -C packages/core/installer talos-nocloud
-
-      - name: Save git diff as patch
-        if: "!contains(github.event.pull_request.labels.*.name, 'release')"
-        run: git diff HEAD > _out/assets/pr.patch
-
-      - name: Upload git diff patch
-        if: "!contains(github.event.pull_request.labels.*.name, 'release')"
-        uses: actions/upload-artifact@v4
-        with:
-          name: pr-patch
-          path: _out/assets/pr.patch
      
       - name: Upload installer
         uses: actions/upload-artifact@v4
@@ -139,10 +126,6 @@ jobs:
     if: ${{ always() && (needs.build.result == 'success' || needs.resolve_assets.result == 'success') }}
 
     steps:
-      # ▸ Checkout and prepare the codebase
-      - name: Checkout code
-        uses: actions/checkout@v4
-
       # ▸ Regular PR path – download artefacts produced by the *build* job
       - name: "Download Talos image (regular PR)"
         if: "!contains(github.event.pull_request.labels.*.name, 'release')"
@@ -151,51 +134,38 @@ jobs:
           name: talos-image
           path: _out/assets
 
-      - name: Download PR patch
-        if: "!contains(github.event.pull_request.labels.*.name, 'release')"
-        uses: actions/download-artifact@v4
-        with:
-          name: pr-patch
-          path: _out/assets
-
-      - name: Apply patch
-        if: "!contains(github.event.pull_request.labels.*.name, 'release')"
-        run: |
-          git apply _out/assets/pr.patch
 
       # ▸ Release PR path – fetch artefacts from the corresponding draft release
       - name: Download assets from draft release (release PR)
         if: contains(github.event.pull_request.labels.*.name, 'release')
         run: |
-          mkdir -p _out/assets
           curl -sSL -H "Authorization: token ${GH_PAT}" -H "Accept: application/octet-stream" \
             -o _out/assets/nocloud-amd64.raw.xz \
             "https://api.github.com/repos/${GITHUB_REPOSITORY}/releases/assets/${{ needs.resolve_assets.outputs.disk_id }}"
         env:
           GH_PAT: ${{ secrets.GH_PAT }}
 
+      # ▸ Start actual job steps
       - name: Set sandbox ID
         run: echo "SANDBOX_NAME=cozy-e2e-sandbox-$(echo "${GITHUB_REPOSITORY}:${GITHUB_WORKFLOW}:${GITHUB_REF}" | sha256sum | cut -c1-10)" >> $GITHUB_ENV
 
-      # ▸ Start actual job steps
       - name: Prepare workspace
         run: |
+          cd ..
           rm -rf /tmp/$SANDBOX_NAME
-          cp -r ${{ github.workspace }} /tmp/$SANDBOX_NAME
-
+          cp -r cozystack /tmp/$SANDBOX_NAME
+          sudo systemctl stop "rm-workspace-$SANDBOX_NAME.timer" "rm-workspace-$SANDBOX_NAME.service" 2>/dev/null || true
+          sudo systemctl reset-failed "rm-workspace-$SANDBOX_NAME.timer" "rm-workspace-$SANDBOX_NAME.service" 2>/dev/null || true
+          sudo systemctl daemon-reexec
+          sudo systemd-run \
+            --on-calendar="$(date -d 'now + 24 hours' '+%Y-%m-%d %H:%M:%S')" \
+            --unit=rm-workspace-$SANDBOX_NAME \
+            rm -rf /tmp/$SANDBOX_NAME
+            
       - name: Prepare environment
         run: |
           cd /tmp/$SANDBOX_NAME
-          attempt=0
-          until make SANDBOX_NAME=$SANDBOX_NAME prepare-env; do
-            attempt=$((attempt + 1))
-            if [ $attempt -ge 3 ]; then
-              echo "❌ Attempt $attempt failed, exiting..."
-              exit 1
-            fi
-            echo "❌ Attempt $attempt failed, retrying..."
-          done
-          echo "✅ The task completed successfully after $attempt attempts"
+          make SANDBOX_NAME=$SANDBOX_NAME prepare-env
 
   install_cozystack:
     name: "Install Cozystack"
@@ -222,7 +192,6 @@ jobs:
       - name: Download assets from draft release (release PR)
         if: contains(github.event.pull_request.labels.*.name, 'release')
         run: |
-          mkdir -p _out/assets
           curl -sSL -H "Authorization: token ${GH_PAT}" -H "Accept: application/octet-stream" \
             -o _out/assets/cozystack-installer.yaml \
             "https://api.github.com/repos/${GITHUB_REPOSITORY}/releases/assets/${{ needs.resolve_assets.outputs.installer_id }}"
@@ -233,24 +202,10 @@ jobs:
       - name: Set sandbox ID
         run: echo "SANDBOX_NAME=cozy-e2e-sandbox-$(echo "${GITHUB_REPOSITORY}:${GITHUB_WORKFLOW}:${GITHUB_REF}" | sha256sum | cut -c1-10)" >> $GITHUB_ENV
 
-      - name: Sync _out/assets directory
-        run: |
-          mkdir -p /tmp/$SANDBOX_NAME/_out/assets
-          mv _out/assets/* /tmp/$SANDBOX_NAME/_out/assets/
-
       - name: Install Cozystack into sandbox
         run: |
           cd /tmp/$SANDBOX_NAME
-          attempt=0
-          until make -C packages/core/testing SANDBOX_NAME=$SANDBOX_NAME install-cozystack; do
-            attempt=$((attempt + 1))
-            if [ $attempt -ge 3 ]; then
-              echo "❌ Attempt $attempt failed, exiting..."
-              exit 1
-            fi
-            echo "❌ Attempt $attempt failed, retrying..."
-          done
-          echo "✅ The task completed successfully after $attempt attempts."
+          make -C packages/core/testing SANDBOX_NAME=$SANDBOX_NAME install-cozystack
 
   detect_test_matrix:
     name: "Detect e2e test matrix"
@@ -281,55 +236,12 @@ jobs:
       - name: E2E Apps
         run: |
           cd /tmp/$SANDBOX_NAME
-          attempt=0
-          until make -C packages/core/testing SANDBOX_NAME=$SANDBOX_NAME test-apps-${{ matrix.app }}; do
-            attempt=$((attempt + 1))
-            if [ $attempt -ge 3 ]; then
-              echo "❌ Attempt $attempt failed, exiting..."
-              exit 1
-            fi
-            echo "❌ Attempt $attempt failed, retrying..."
-          done
-          echo "✅ The task completed successfully after $attempt attempts"
-
-  collect_debug_information:
-    name: Collect debug information
-    runs-on: [self-hosted]
-    needs: [test_apps]
-    if: ${{ always() }}
-    steps:
-      - name: Checkout code
-        uses: actions/checkout@v4
-
-      - name: Set sandbox ID
-        run: echo "SANDBOX_NAME=cozy-e2e-sandbox-$(echo "${GITHUB_REPOSITORY}:${GITHUB_WORKFLOW}:${GITHUB_REF}" | sha256sum | cut -c1-10)" >> $GITHUB_ENV
-
-      - name: Collect report
-        run: |
-          cd /tmp/$SANDBOX_NAME
-          make -C packages/core/testing SANDBOX_NAME=$SANDBOX_NAME collect-report
-
-      - name: Upload cozyreport.tgz
-        uses: actions/upload-artifact@v4
-        with:
-          name: cozyreport
-          path: /tmp/${{ env.SANDBOX_NAME }}/_out/cozyreport.tgz
-
-      - name: Collect images list
-        run: |
-          cd /tmp/$SANDBOX_NAME
-          make -C packages/core/testing SANDBOX_NAME=$SANDBOX_NAME collect-images
-
-      - name: Upload image list
-        uses: actions/upload-artifact@v4
-        with:
-          name: image-list
-          path: /tmp/${{ env.SANDBOX_NAME }}/_out/images.txt
+          make -C packages/core/testing SANDBOX_NAME=$SANDBOX_NAME test-apps-${{ matrix.app }}
 
   cleanup:
     name: Tear down environment
     runs-on: [self-hosted]
-    needs: [collect_debug_information]
+    needs: test_apps
     if: ${{ always() && needs.test_apps.result == 'success' }}
 
     steps:
@@ -348,4 +260,10 @@ jobs:
       - name: Remove workspace
         run: rm -rf /tmp/$SANDBOX_NAME
 
-
+      - name: Tear down timers
+        run: |
+          sudo systemctl stop "rm-workspace-$SANDBOX_NAME.timer" "rm-workspace-$SANDBOX_NAME.service" 2>/dev/null || true
+          sudo systemctl reset-failed "rm-workspace-$SANDBOX_NAME.timer" "rm-workspace-$SANDBOX_NAME.service" 2>/dev/null || true
+          sudo systemctl stop "teardown-$SANDBOX_NAME.timer" "teardown-$SANDBOX_NAME.service" 2>/dev/null || true
+          sudo systemctl reset-failed "teardown-$SANDBOX_NAME.timer" "teardown-$SANDBOX_NAME.service" 2>/dev/null || true
+          sudo systemctl daemon-reexec

.github/workflows/tags.yaml

@@ -112,12 +112,9 @@ jobs:
       # Commit built artifacts
       - name: Commit release artifacts
         if: steps.check_release.outputs.skip == 'false'
-        env:
-          GH_PAT: ${{ secrets.GH_PAT }}
         run: |
-          git config user.name  "cozystack-bot"
-          git config user.email "217169706+cozystack-bot@users.noreply.github.com"
-          git remote set-url origin https://cozystack-bot:${GH_PAT}@github.com/${GITHUB_REPOSITORY}
+          git config user.name  "github-actions"
+          git config user.email "github-actions@github.com"
           git add .
           git commit -m "Prepare release ${GITHUB_REF#refs/tags/}" -s || echo "No changes to commit"
           git push origin HEAD || true
@@ -192,12 +189,7 @@ jobs:
       # Create release-X.Y.Z branch and push (force-update)
       - name: Create release branch
         if: steps.check_release.outputs.skip == 'false'
-        env:
-          GH_PAT: ${{ secrets.GH_PAT }}
         run: |
-          git config user.name  "cozystack-bot"
-          git config user.email "217169706+cozystack-bot@users.noreply.github.com"
-          git remote set-url origin https://cozystack-bot:${GH_PAT}@github.com/${GITHUB_REPOSITORY}
           BRANCH="release-${GITHUB_REF#refs/tags/v}"
           git branch -f "$BRANCH"
           git push -f origin "$BRANCH"
@@ -207,7 +199,6 @@ jobs:
         if: steps.check_release.outputs.skip == 'false'
         uses: actions/github-script@v7
         with:
-          github-token: ${{ secrets.GH_PAT }}
           script: |
             const version = context.ref.replace('refs/tags/v', '');
             const base    = '${{ steps.get_base.outputs.branch }}';

Makefile

@@ -57,6 +57,3 @@ generate:
 
 upload_assets: manifests
 	hack/upload-assets.sh
-
-controller-gen:
-	controller-gen object:headerFile="hack/boilerplate.go.txt" paths="./internal/controller/" paths="./api/v1alpha1/"

api/v1alpha1/cozystack_types.go

@@ -1,26 +0,0 @@
-package v1alpha1
-
-import metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
-
-// +kubebuilder:object:root=true
-
-// Cozystack is the Schema for the Cozystack API
-type Cozystack struct {
-	metav1.TypeMeta   `json:",inline"`
-	metav1.ObjectMeta `json:"metadata,omitempty"`
-
-	//Status CozystackStatus `json:"status,omitempty"`
-}
-
-// +kubebuilder:object:root=true
-
-// WorkloadList contains a list of Workload
-type CozystackList struct {
-	metav1.TypeMeta `json:",inline"`
-	metav1.ListMeta `json:"metadata,omitempty"`
-	Items           []Cozystack `json:"items"`
-}
-
-func init() {
-	SchemeBuilder.Register(&Cozystack{}, &CozystackList{})
-}

api/v1alpha1/zz_generated.deepcopy.go

@@ -25,63 +25,6 @@ import (
 	runtime "k8s.io/apimachinery/pkg/runtime"
 )
 
-// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
-func (in *Cozystack) DeepCopyInto(out *Cozystack) {
-	*out = *in
-	out.TypeMeta = in.TypeMeta
-	in.ObjectMeta.DeepCopyInto(&out.ObjectMeta)
-}
-
-// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Cozystack.
-func (in *Cozystack) DeepCopy() *Cozystack {
-	if in == nil {
-		return nil
-	}
-	out := new(Cozystack)
-	in.DeepCopyInto(out)
-	return out
-}
-
-// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.
-func (in *Cozystack) DeepCopyObject() runtime.Object {
-	if c := in.DeepCopy(); c != nil {
-		return c
-	}
-	return nil
-}
-
-// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
-func (in *CozystackList) DeepCopyInto(out *CozystackList) {
-	*out = *in
-	out.TypeMeta = in.TypeMeta
-	in.ListMeta.DeepCopyInto(&out.ListMeta)
-	if in.Items != nil {
-		in, out := &in.Items, &out.Items
-		*out = make([]Cozystack, len(*in))
-		for i := range *in {
-			(*in)[i].DeepCopyInto(&(*out)[i])
-		}
-	}
-}
-
-// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CozystackList.
-func (in *CozystackList) DeepCopy() *CozystackList {
-	if in == nil {
-		return nil
-	}
-	out := new(CozystackList)
-	in.DeepCopyInto(out)
-	return out
-}
-
-// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.
-func (in *CozystackList) DeepCopyObject() runtime.Object {
-	if c := in.DeepCopy(); c != nil {
-		return c
-	}
-	return nil
-}
-
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
 func (in Selector) DeepCopyInto(out *Selector) {
 	{

cmd/cozystack-controller/main.go

@@ -206,14 +206,6 @@ func main() {
 		os.Exit(1)
 	}
 
-	if err = (&controller.CozystackReconciler{
-		Client: mgr.GetClient(),
-		Scheme: mgr.GetScheme(),
-	}).SetupWithManager(mgr); err != nil {
-		setupLog.Error(err, "unable to create controller", "controller", "CozystackConfigReconciler")
-		os.Exit(1)
-	}
-
 	// +kubebuilder:scaffold:builder
 
 	if err := mgr.AddHealthzCheck("healthz", healthz.Ping); err != nil {

hack/cdi_golden_image_create.sh

@@ -1,32 +0,0 @@
-#!/bin/bash
-
-set -e
-
-name="$1"
-url="$2"
-
-if [ -z "$name" ] || [ -z "$url" ]; then
-  echo "Usage: <name> <url>"
-  echo "Example: 'ubuntu' 'https://cloud-images.ubuntu.com/noble/current/noble-server-cloudimg-amd64.img'"
-  exit 1
-fi
-
-#### create DV ubuntu source for CDI image cloning
-kubectl create -f - <<EOF
-apiVersion: cdi.kubevirt.io/v1beta1
-kind: DataVolume
-metadata:
-  name: "vm-image-$name"
-  namespace: cozy-public
-  annotations:
-    cdi.kubevirt.io/storage.bind.immediate.requested: "true"
-spec:
-  source:
-    http:
-      url: "$url"
-  storage:
-    resources:
-      requests:
-        storage: 5Gi
-    storageClassName: replicated
-EOF

hack/collect-images.sh

@@ -1,8 +0,0 @@
-#!/bin/sh
-
-for node in 11 12 13; do
-  talosctl -n 192.168.123.${node} -e 192.168.123.${node} images ls >> images.tmp
-  talosctl -n 192.168.123.${node} -e 192.168.123.${node} images --namespace system ls >> images.tmp
-done
-
-while read _ name sha _ ; do echo $sha $name ; done < images.tmp | sort -u > images.txt

hack/cozyreport.sh

@@ -1,147 +0,0 @@
-#!/bin/sh
-REPORT_DATE=$(date +%Y-%m-%d_%H-%M-%S)
-REPORT_NAME=${1:-cozyreport-$REPORT_DATE}
-REPORT_PDIR=$(mktemp -d)
-REPORT_DIR=$REPORT_PDIR/$REPORT_NAME
-
-# -- check dependencies
-command -V kubectl >/dev/null || exit $?
-command -V tar >/dev/null || exit $?
-
-# -- cozystack module
-
-echo "Collecting Cozystack information..."
-mkdir -p $REPORT_DIR/cozystack
-kubectl get deploy -n cozy-system cozystack -o jsonpath='{.spec.template.spec.containers[0].image}' > $REPORT_DIR/cozystack/image.txt 2>&1
-kubectl get cm -n cozy-system --no-headers | awk '$1 ~ /^cozystack/' |
-  while read NAME _; do
-    DIR=$REPORT_DIR/cozystack/configs
-    mkdir -p $DIR
-    kubectl get cm -n cozy-system $NAME -o yaml > $DIR/$NAME.yaml 2>&1
-  done
-
-# -- kubernetes module
-
-echo "Collecting Kubernetes information..."
-mkdir -p $REPORT_DIR/kubernetes
-kubectl version > $REPORT_DIR/kubernetes/version.txt 2>&1
-
-echo "Collecting nodes..."
-kubectl get nodes -o wide > $REPORT_DIR/kubernetes/nodes.txt 2>&1
-kubectl get nodes --no-headers | awk '$2 != "Ready"' |
-  while read NAME _; do
-    DIR=$REPORT_DIR/kubernetes/nodes/$NAME
-    mkdir -p $DIR
-    kubectl get node $NAME -o yaml > $DIR/node.yaml 2>&1
-    kubectl describe node $NAME > $DIR/describe.txt 2>&1
-  done
-
-echo "Collecting namespaces..."
-kubectl get ns -o wide > $REPORT_DIR/kubernetes/namespaces.txt 2>&1
-kubectl get ns --no-headers | awk '$2 != "Active"' |
-  while read NAME _; do
-    DIR=$REPORT_DIR/kubernetes/namespaces/$NAME
-    mkdir -p $DIR
-    kubectl get ns $NAME -o yaml > $DIR/namespace.yaml 2>&1
-    kubectl describe ns $NAME > $DIR/describe.txt 2>&1
-  done
-
-echo "Collecting helmreleases..."
-kubectl get hr -A > $REPORT_DIR/kubernetes/helmreleases.txt 2>&1
-kubectl get hr -A | awk '$4 != "True"' | \
-  while read NAMESPACE NAME _; do
-    DIR=$REPORT_DIR/kubernetes/helmreleases/$NAMESPACE/$NAME
-    mkdir -p $DIR
-    kubectl get hr -n $NAMESPACE $NAME -o yaml > $DIR/hr.yaml 2>&1
-    kubectl describe hr -n $NAMESPACE $NAME > $DIR/describe.txt 2>&1
-  done
-
-echo "Collecting pods..."
-kubectl get pod -A -o wide > $REPORT_DIR/kubernetes/pods.txt 2>&1
-kubectl get pod -A --no-headers | awk '$4 !~ /Running|Succeeded|Completed/' |
-  while read NAMESPACE NAME _ STATE _; do
-    DIR=$REPORT_DIR/kubernetes/pods/$NAMESPACE/$NAME
-    mkdir -p $DIR
-    CONTAINERS=$(kubectl get pod -o jsonpath='{.spec.containers[*].name}' -n $NAMESPACE $NAME)
-    kubectl get pod -n $NAMESPACE $NAME -o yaml > $DIR/pod.yaml 2>&1
-    kubectl describe pod -n $NAMESPACE $NAME > $DIR/describe.txt 2>&1
-    if [ "$STATE" != "Pending" ]; then
-      for CONTAINER in $CONTAINERS; do
-        kubectl logs -n $NAMESPACE $NAME $CONTAINER > $DIR/logs-$CONTAINER.txt 2>&1
-        kubectl logs -n $NAMESPACE $NAME $CONTAINER --previous > $DIR/logs-$CONTAINER-previous.txt 2>&1
-      done
-    fi
-  done
-
-echo "Collecting virtualmachines..."
-kubectl get vm -A > $REPORT_DIR/kubernetes/vms.txt 2>&1
-kubectl get vm -A --no-headers | awk '$5 != "True"' |
-  while read NAMESPACE NAME _; do
-    DIR=$REPORT_DIR/kubernetes/vm/$NAMESPACE/$NAME
-    mkdir -p $DIR
-    kubectl get vm -n $NAMESPACE $NAME -o yaml > $DIR/vm.yaml 2>&1
-    kubectl describe vm -n $NAMESPACE $NAME > $DIR/describe.txt 2>&1
-  done
-
-echo "Collecting virtualmachine instances..."
-kubectl get vmi -A > $REPORT_DIR/kubernetes/vmis.txt 2>&1
-kubectl get vmi -A --no-headers | awk '$4 != "Running"' |
-  while read NAMESPACE NAME _; do
-    DIR=$REPORT_DIR/kubernetes/vmi/$NAMESPACE/$NAME
-    mkdir -p $DIR
-    kubectl get vmi -n $NAMESPACE $NAME -o yaml > $DIR/vmi.yaml 2>&1
-    kubectl describe vmi -n $NAMESPACE $NAME > $DIR/describe.txt 2>&1
-  done
-
-echo "Collecting services..."
-kubectl get svc -A > $REPORT_DIR/kubernetes/services.txt 2>&1
-kubectl get svc -A --no-headers | awk '$4 == "<pending>"' |
-  while read NAMESPACE NAME _; do
-    DIR=$REPORT_DIR/kubernetes/services/$NAMESPACE/$NAME
-    mkdir -p $DIR
-    kubectl get svc -n $NAMESPACE $NAME -o yaml > $DIR/service.yaml 2>&1
-    kubectl describe svc -n $NAMESPACE $NAME > $DIR/describe.txt 2>&1
-  done
-
-echo "Collecting pvcs..."
-kubectl get pvc -A > $REPORT_DIR/kubernetes/pvcs.txt 2>&1
-kubectl get pvc -A | awk '$3 != "Bound"'  |
-  while read NAMESPACE NAME _; do
-    DIR=$REPORT_DIR/kubernetes/pvc/$NAMESPACE/$NAME
-    mkdir -p $DIR
-    kubectl get pvc -n $NAMESPACE $NAME -o yaml > $DIR/pvc.yaml 2>&1
-    kubectl describe pvc -n $NAMESPACE $NAME > $DIR/describe.txt 2>&1
-  done
-
-# -- kamaji module
-
-if kubectl get deploy -n cozy-linstor linstor-controller >/dev/null 2>&1; then
-  echo "Collecting kamaji resources..."
-  DIR=$REPORT_DIR/kamaji
-  mkdir -p $DIR
-  kubectl logs -n cozy-kamaji deployment/kamaji > $DIR/kamaji-controller.log 2>&1
-  kubectl get kamajicontrolplanes.controlplane.cluster.x-k8s.io -A > $DIR/kamajicontrolplanes.txt 2>&1
-  kubectl get kamajicontrolplanes.controlplane.cluster.x-k8s.io -A -o yaml > $DIR/kamajicontrolplanes.yaml 2>&1
-  kubectl get tenantcontrolplanes.kamaji.clastix.io -A > $DIR/tenantcontrolplanes.txt 2>&1
-  kubectl get tenantcontrolplanes.kamaji.clastix.io -A -o yaml > $DIR/tenantcontrolplanes.yaml 2>&1
-fi
-
-# -- linstor module
-
-if kubectl get deploy -n cozy-linstor linstor-controller >/dev/null 2>&1; then
-  echo "Collecting linstor resources..."
-  DIR=$REPORT_DIR/linstor
-  mkdir -p $DIR
-  kubectl exec -n cozy-linstor deploy/linstor-controller -- linstor --no-color n l > $DIR/nodes.txt 2>&1
-  kubectl exec -n cozy-linstor deploy/linstor-controller -- linstor --no-color sp l > $DIR/storage-pools.txt 2>&1
-  kubectl exec -n cozy-linstor deploy/linstor-controller -- linstor --no-color r l > $DIR/resources.txt 2>&1
-fi
-
-# -- finalization
-
-echo "Creating archive..."
-tar -czf $REPORT_NAME.tgz -C $REPORT_PDIR .
-echo "Report created: $REPORT_NAME.tgz"
-
-echo "Cleaning up..."
-rm -rf $REPORT_PDIR

hack/e2e-apps/clickhouse.bats

@@ -2,7 +2,8 @@
 
 @test "Create DB ClickHouse" {
   name='test'
-  kubectl apply -f- <<EOF
+  kubectl -n tenant-test get clickhouses.apps.cozystack.io $name || 
+  kubectl create -f- <<EOF
 apiVersion: apps.cozystack.io/v1alpha1
 kind: ClickHouse
 metadata:

hack/e2e-apps/kafka.bats

@@ -2,7 +2,7 @@
 
 @test "Create Kafka" {
   name='test'
-  kubectl apply -f- <<EOF
+  kubectl create -f- <<EOF
 apiVersion: apps.cozystack.io/v1alpha1
 kind: Kafka
 metadata:

hack/e2e-apps/kubernetes.bats

@@ -1,7 +1,8 @@
 #!/usr/bin/env bats
 
 @test "Create a tenant Kubernetes control plane" {
-  kubectl apply -f - <<EOF
+  kubectl -n tenant-test get kuberneteses.apps.cozystack.io test || 
+  kubectl create -f - <<EOF
 apiVersion: apps.cozystack.io/v1alpha1
 kind: Kubernetes
 metadata:

hack/e2e-apps/mysql.bats

@@ -2,7 +2,8 @@
 
 @test "Create DB MySQL" {
   name='test'
-  kubectl apply -f- <<EOF
+  kubectl -n tenant-test get mysqls.apps.cozystack.io $name || 
+  kubectl create -f- <<EOF
 apiVersion: apps.cozystack.io/v1alpha1
 kind: MySQL
 metadata:

hack/e2e-apps/postgres.bats

@@ -2,7 +2,8 @@
 
 @test "Create DB PostgreSQL" {
   name='test'
-  kubectl apply -f - <<EOF
+  kubectl -n tenant-test get postgreses.apps.cozystack.io $name || 
+  kubectl create -f - <<EOF
 apiVersion: apps.cozystack.io/v1alpha1
 kind: Postgres
 metadata:

hack/e2e-apps/redis.bats

@@ -2,7 +2,7 @@
 
 @test "Create Redis" {
   name='test'
-  kubectl apply -f- <<EOF
+  kubectl create -f- <<EOF
 apiVersion: apps.cozystack.io/v1alpha1
 kind: Redis
 metadata:

hack/e2e-apps/virtualmachine.bats

@@ -2,7 +2,8 @@
 
 @test "Create a Virtual Machine" {
   name='test'
-  kubectl apply -f - <<EOF
+  kubectl -n tenant-test get virtualmachines.apps.cozystack.io $name || 
+  kubectl create -f - <<EOF
 apiVersion: apps.cozystack.io/v1alpha1
 kind: VirtualMachine
 metadata:

hack/e2e-apps/vminstance.bats

@@ -2,7 +2,8 @@
 
 @test "Create a VM Disk" {
   name='test'
-  kubectl apply -f - <<EOF
+  kubectl -n tenant-test get vmdisks.apps.cozystack.io $name || 
+  kubectl create -f - <<EOF
 apiVersion: apps.cozystack.io/v1alpha1
 kind: VMDisk
 metadata:
@@ -25,7 +26,8 @@ EOF
 @test "Create a VM Instance" {
   diskName='test'
   name='test'
-  kubectl apply -f - <<EOF
+  kubectl -n tenant-test get vminstances.apps.cozystack.io $name || 
+  kubectl create -f - <<EOF
 apiVersion: apps.cozystack.io/v1alpha1
 kind: VMInstance
 metadata:

hack/e2e-install-cozystack.bats

@@ -1,12 +1,5 @@
 #!/usr/bin/env bats
 
-@test "Required installer assets exist" {
-  if [ ! -f _out/assets/cozystack-installer.yaml ]; then
-    echo "Missing: _out/assets/cozystack-installer.yaml" >&2
-    exit 1
-  fi
-}
-
 @test "Install Cozystack" {
   # Create namespace & configmap required by installer
   kubectl create namespace cozy-system --dry-run=client -o yaml | kubectl apply -f -
@@ -34,7 +27,7 @@
   # Fail the test if any HelmRelease is not Ready
   if kubectl get hr -A | grep -v " True " | grep -v NAME; then
     kubectl get hr -A
-    echo "Some HelmReleases failed to reconcile" >&2
+    fail "Some HelmReleases failed to reconcile"
   fi
 }
 

hack/e2e-prepare-cluster.bats

@@ -4,6 +4,11 @@
 # -----------------------------------------------------------------------------
 
 @test "Required installer assets exist" {
+  if [ ! -f _out/assets/cozystack-installer.yaml ]; then
+    echo "Missing: _out/assets/cozystack-installer.yaml" >&2
+    exit 1
+  fi
+
   if [ ! -f _out/assets/nocloud-amd64.raw.xz ]; then
     echo "Missing: _out/assets/nocloud-amd64.raw.xz" >&2
     exit 1

internal/controller/cozystack_controller.go

@@ -1,52 +0,0 @@
-package controller
-
-import (
-	"context"
-
-	apierrors "k8s.io/apimachinery/pkg/api/errors"
-	"k8s.io/apimachinery/pkg/runtime"
-	ctrl "sigs.k8s.io/controller-runtime"
-	"sigs.k8s.io/controller-runtime/pkg/client"
-	"sigs.k8s.io/controller-runtime/pkg/log"
-
-	cozyv1alpha1 "github.com/cozystack/cozystack/api/v1alpha1"
-)
-
-type CozystackReconciler struct {
-	client.Client
-	Scheme *runtime.Scheme
-}
-
-func (r *CozystackReconciler) Reconcile(ctx context.Context, req ctrl.Request) (ctrl.Result, error) {
-	l := log.FromContext(ctx)
-	c := &cozyv1alpha1.Cozystack{}
-
-	if err := r.Get(ctx, req.NamespacedName, c); err != nil {
-		if apierrors.IsNotFound(err) {
-			return ctrl.Result{}, nil
-		}
-		l.Error(err, "Unable to fetch Cozystack")
-		return ctrl.Result{}, err
-	}
-
-	if !c.DeletionTimestamp.IsZero() {
-		return ctrl.Result{}, nil
-	}
-
-	if c.Name != "cozystack" || c.Namespace != "cozy-system" {
-		l.Info("only cozy-system/cozystack Cozystack is allowed in a cluster")
-		err := r.Delete(ctx, c)
-		if err != nil {
-			l.Error(err, "Unable to delete invalid Cozystack")
-		}
-		return ctrl.Result{}, err
-	}
-
-	panic("not implemented")
-}
-
-func (r *CozystackReconciler) SetupWithManager(mgr ctrl.Manager) error {
-	return ctrl.NewControllerManagedBy(mgr).
-		For(&cozyv1alpha1.Cozystack{}).
-		Complete(r)
-}

packages/apps/clickhouse/Chart.yaml

@@ -16,7 +16,7 @@ type: application
 # This is the chart version. This version number should be incremented each time you make changes
 # to the chart and its templates, including the app version.
 # Versions are expected to follow Semantic Versioning (https://semver.org/)
-version: 0.11.0
+version: 0.10.1
 
 # This is the version number of the application being deployed. This version number should be
 # incremented each time you make changes to the application. Versions are not expected to

packages/apps/clickhouse/README.md

@@ -66,15 +66,15 @@ resources:
   memory: 4Gi
 ```
 
-`resourcesPreset` sets named CPU and memory configurations for each replica.
+`resourcePreset` sets named CPU and memory configurations for each replica.
 This setting is ignored if the corresponding `resources` value is set.
 
 | Preset name | CPU    | memory  |
 |-------------|--------|---------|
-| `nano`      | `250m` | `128Mi` |
-| `micro`     | `500m` | `256Mi` |
-| `small`     | `1`    | `512Mi` |
-| `medium`    | `1`    | `1Gi`   |
-| `large`     | `3`    | `2Gi`   |
-| `xlarge`    | `4`    | `4Gi`   |
-| `2xlarge`   | `8`    | `8Gi`   |
+| `nano`      | `100m` | `128Mi` |
+| `micro`     | `250m` | `256Mi` |
+| `small`     | `500m` | `512Mi` |
+| `medium`    | `500m` | `1Gi`   |
+| `large`     | `1`    | `2Gi`   |
+| `xlarge`    | `2`    | `4Gi`   |
+| `2xlarge`   | `4`    | `8Gi`   |

packages/apps/clickhouse/images/clickhouse-backup.tag

@@ -1 +1 @@
-ghcr.io/cozystack/cozystack/clickhouse-backup:0.11.0@sha256:3faf7a4cebf390b9053763107482de175aa0fdb88c1e77424fd81100b1c3a205
+ghcr.io/cozystack/cozystack/clickhouse-backup:0.10.1@sha256:3faf7a4cebf390b9053763107482de175aa0fdb88c1e77424fd81100b1c3a205

packages/apps/clickhouse/templates/clickhouse.yaml

@@ -132,7 +132,11 @@ spec:
           containers:
             - name: clickhouse
               image: clickhouse/clickhouse-server:24.9.2.42
-              resources: {{- include "cozy-lib.resources.defaultingSanitize" (list .Values.resourcesPreset .Values.resources $) | nindent 16 }}
+              {{- if .Values.resources }}
+              resources: {{- include "cozy-lib.resources.sanitize" (list .Values.resources $) | nindent 16 }}
+              {{- else if ne .Values.resourcesPreset "none" }}
+              resources: {{- include "cozy-lib.resources.preset" (list .Values.resourcesPreset $) | nindent 16 }}
+              {{- end }}
               volumeMounts:
                 - name: data-volume-template
                   mountPath: /var/lib/clickhouse

packages/apps/ferretdb/Chart.yaml

@@ -16,7 +16,7 @@ type: application
 # This is the chart version. This version number should be incremented each time you make changes
 # to the chart and its templates, including the app version.
 # Versions are expected to follow Semantic Versioning (https://semver.org/)
-version: 0.8.0
+version: 0.7.1
 
 # This is the version number of the application being deployed. This version number should be
 # incremented each time you make changes to the application. Versions are not expected to

packages/apps/ferretdb/README.md

@@ -53,15 +53,15 @@ resources:
   memory: 4Gi
 ```
 
-`resourcesPreset` sets named CPU and memory configurations for each replica.
+`resourcePreset` sets named CPU and memory configurations for each replica.
 This setting is ignored if the corresponding `resources` value is set.
 
 | Preset name | CPU    | memory  |
 |-------------|--------|---------|
-| `nano`      | `250m` | `128Mi` |
-| `micro`     | `500m` | `256Mi` |
-| `small`     | `1`    | `512Mi` |
-| `medium`    | `1`    | `1Gi`   |
-| `large`     | `3`    | `2Gi`   |
-| `xlarge`    | `4`    | `4Gi`   |
-| `2xlarge`   | `8`    | `8Gi`   |
+| `nano`      | `100m` | `128Mi` |
+| `micro`     | `250m` | `256Mi` |
+| `small`     | `500m` | `512Mi` |
+| `medium`    | `500m` | `1Gi`   |
+| `large`     | `1`    | `2Gi`   |
+| `xlarge`    | `2`    | `4Gi`   |
+| `2xlarge`   | `4`    | `8Gi`   |

packages/apps/ferretdb/templates/postgres.yaml

@@ -18,7 +18,11 @@ spec:
   {{- end }}
   minSyncReplicas: {{ .Values.quorum.minSyncReplicas }}
   maxSyncReplicas: {{ .Values.quorum.maxSyncReplicas }}
-  resources: {{- include "cozy-lib.resources.defaultingSanitize" (list .Values.resourcesPreset .Values.resources $) | nindent 4 }}
+  {{- if .Values.resources }}
+  resources: {{- include "cozy-lib.resources.sanitize" (list .Values.resources $) | nindent 4 }}
+  {{- else if ne .Values.resourcesPreset "none" }}
+  resources: {{- include "cozy-lib.resources.preset" (list .Values.resourcesPreset $) | nindent 4 }}
+  {{- end }}
   monitoring:
     enablePodMonitor: true
 

packages/apps/http-cache/Chart.yaml

@@ -16,7 +16,7 @@ type: application
 # This is the chart version. This version number should be incremented each time you make changes
 # to the chart and its templates, including the app version.
 # Versions are expected to follow Semantic Versioning (https://semver.org/)
-version: 0.6.0
+version: 0.5.2
 
 # This is the version number of the application being deployed. This version number should be
 # incremented each time you make changes to the application. Versions are not expected to

packages/apps/http-cache/README.md

@@ -91,18 +91,18 @@ resources:
   memory: 4Gi
 ```
 
-`resourcesPreset` sets named CPU and memory configurations for each replica.
+`resourcePreset` sets named CPU and memory configurations for each replica.
 This setting is ignored if the corresponding `resources` value is set.
 
 | Preset name | CPU    | memory  |
 |-------------|--------|---------|
-| `nano`      | `250m` | `128Mi` |
-| `micro`     | `500m` | `256Mi` |
-| `small`     | `1`    | `512Mi` |
-| `medium`    | `1`    | `1Gi`   |
-| `large`     | `3`    | `2Gi`   |
-| `xlarge`    | `4`    | `4Gi`   |
-| `2xlarge`   | `8`    | `8Gi`   |
+| `nano`      | `100m` | `128Mi` |
+| `micro`     | `250m` | `256Mi` |
+| `small`     | `500m` | `512Mi` |
+| `medium`    | `500m` | `1Gi`   |
+| `large`     | `1`    | `2Gi`   |
+| `xlarge`    | `2`    | `4Gi`   |
+| `2xlarge`   | `4`    | `8Gi`   |
 
 
 ### endpoints

packages/apps/http-cache/images/nginx-cache.tag

@@ -1 +1 @@
-ghcr.io/cozystack/cozystack/nginx-cache:0.6.0@sha256:b7633717cd7449c0042ae92d8ca9b36e4d69566561f5c7d44e21058e7d05c6d5
+ghcr.io/cozystack/cozystack/nginx-cache:0.5.2@sha256:e0a07082bb6fc6aeaae2315f335386f1705a646c72f9e0af512aebbca5cb2b15

packages/apps/http-cache/templates/haproxy/deployment.yaml

@@ -33,7 +33,11 @@ spec:
       containers:
       - image: haproxy:latest
         name: haproxy
-        resources: {{- include "cozy-lib.resources.defaultingSanitize" (list .Values.haproxy.resourcesPreset .Values.haproxy.resources $) | nindent 10 }}
+        {{- if .Values.haproxy.resources }}
+        resources: {{- include "cozy-lib.resources.sanitize" (list .Values.haproxy.resources $) | nindent 10 }}
+        {{- else if ne .Values.haproxy.resourcesPreset "none" }}
+        resources: {{- include "cozy-lib.resources.preset" (list .Values.haproxy.resourcesPreset $) | nindent 10 }}
+        {{- end }}
         ports:
         - containerPort: 8080
           name: http

packages/apps/http-cache/templates/nginx/deployment.yaml

@@ -52,7 +52,11 @@ spec:
       shareProcessNamespace: true
       containers:
       - name: nginx
-        resources: {{- include "cozy-lib.resources.defaultingSanitize" (list $.Values.nginx.resourcesPreset $.Values.nginx.resources $) | nindent 10 }}
+        {{- if $.Values.nginx.resources }}
+        resources: {{- include "cozy-lib.resources.sanitize" (list $.Values.nginx.resources $) | nindent 10 }}
+        {{- else if ne $.Values.nginx.resourcesPreset "none" }}
+        resources: {{- include "cozy-lib.resources.preset" (list $.Values.nginx.resourcesPreset $) | nindent 10 }}
+        {{- end }}
         image: "{{ $.Files.Get "images/nginx-cache.tag" | trim }}"
         readinessProbe:
           httpGet:

packages/apps/kafka/Chart.yaml

@@ -16,7 +16,7 @@ type: application
 # This is the chart version. This version number should be incremented each time you make changes
 # to the chart and its templates, including the app version.
 # Versions are expected to follow Semantic Versioning (https://semver.org/)
-version: 0.8.0
+version: 0.7.1
 
 # This is the version number of the application being deployed. This version number should be
 # incremented each time you make changes to the application. Versions are not expected to

packages/apps/kafka/README.md

@@ -37,18 +37,19 @@ resources:
   memory: 4Gi
 ```
 
-`resourcesPreset` sets named CPU and memory configurations for each replica.
+`resourcePreset` sets named CPU and memory configurations for each replica.
 This setting is ignored if the corresponding `resources` value is set.
 
 | Preset name | CPU    | memory  |
 |-------------|--------|---------|
-| `nano`      | `250m` | `128Mi` |
-| `micro`     | `500m` | `256Mi` |
-| `small`     | `1`    | `512Mi` |
-| `medium`    | `1`    | `1Gi`   |
-| `large`     | `3`    | `2Gi`   |
-| `xlarge`    | `4`    | `4Gi`   |
-| `2xlarge`   | `8`    | `8Gi`   |
+| `nano`      | `100m` | `128Mi` |
+| `micro`     | `250m` | `256Mi` |
+| `small`     | `500m` | `512Mi` |
+| `medium`    | `500m` | `1Gi`   |
+| `large`     | `1`    | `2Gi`   |
+| `xlarge`    | `2`    | `4Gi`   |
+| `2xlarge`   | `4`    | `8Gi`   |
+
 
 ### topics
 

packages/apps/kafka/templates/kafka.yaml

@@ -8,7 +8,11 @@ metadata:
 spec:
   kafka:
     replicas: {{ .Values.kafka.replicas }}
-    resources: {{- include "cozy-lib.resources.defaultingSanitize" (list .Values.kafka.resourcesPreset .Values.kafka.resources $) | nindent 6 }}
+    {{- if .Values.kafka.resources }}
+    resources: {{- include "cozy-lib.resources.sanitize" (list .Values.kafka.resources $) | nindent 6 }}
+    {{- else if ne .Values.kafka.resourcesPreset "none" }}
+    resources: {{- include "cozy-lib.resources.preset" (list .Values.kafka.resourcesPreset $) | nindent 6 }}
+    {{- end }}
     listeners:
       - name: plain
         port: 9092
@@ -66,7 +70,11 @@ spec:
           key: kafka-metrics-config.yml
   zookeeper:
     replicas: {{ .Values.zookeeper.replicas }}
-    resources: {{- include "cozy-lib.resources.defaultingSanitize" (list .Values.zookeeper.resourcesPreset .Values.zookeeper.resources $) | nindent 6 }}
+    {{- if .Values.zookeeper.resources }}
+    resources: {{- include "cozy-lib.resources.sanitize" (list .Values.zookeeper.resources $) | nindent 6 }}
+    {{- else if ne .Values.zookeeper.resourcesPreset "none" }}
+    resources: {{- include "cozy-lib.resources.preset" (list .Values.zookeeper.resourcesPreset $) | nindent 6 }}
+    {{- end }}
     storage:
       type: persistent-claim
       {{- with .Values.zookeeper.size }}

packages/apps/kubernetes/Chart.yaml

@@ -16,7 +16,7 @@ type: application
 # This is the chart version. This version number should be incremented each time you make changes
 # to the chart and its templates, including the app version.
 # Versions are expected to follow Semantic Versioning (https://semver.org/)
-version: 0.25.0
+version: 0.24.2
 
 # This is the version number of the application being deployed. This version number should be
 # incremented each time you make changes to the application. Versions are not expected to

packages/apps/kubernetes/Makefile

@@ -6,7 +6,6 @@ include ../../../scripts/package.mk
 
 generate:
 	readme-generator -v values.yaml -s values.schema.json -r README.md
-	yq -o json -i '.properties.addons.properties.ingressNginx.properties.exposeMethod.enum = ["Proxied","LoadBalancer"]' values.schema.json
 	yq -o json -i '.properties.controlPlane.properties.apiServer.properties.resourcesPreset.enum = ["none","nano","micro","small","medium","large","xlarge","2xlarge"]' values.schema.json
 	yq -o json -i '.properties.controlPlane.properties.controllerManager.properties.resourcesPreset.enum = ["none","nano","micro","small","medium","large","xlarge","2xlarge"]' values.schema.json
 	yq -o json -i '.properties.controlPlane.properties.scheduler.properties.resourcesPreset.enum = ["none","nano","micro","small","medium","large","xlarge","2xlarge"]' values.schema.json

packages/apps/kubernetes/README.md

@@ -90,25 +90,22 @@ See the reference for components utilized in this service:
 
 ### Cluster Addons
 
-| Name                                          | Description                                                                                                                                                                       | Value     |
-| --------------------------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | --------- |
-| `addons.certManager.enabled`                  | Enable cert-manager, which automatically creates and manages SSL/TLS certificates.                                                                                                | `false`   |
-| `addons.certManager.valuesOverride`           | Custom values to override                                                                                                                                                         | `{}`      |
-| `addons.cilium.valuesOverride`                | Custom values to override                                                                                                                                                         | `{}`      |
-| `addons.gatewayAPI.enabled`                   | Enable the Gateway API                                                                                                                                                            | `false`   |
-| `addons.ingressNginx.enabled`                 | Enable the Ingress-NGINX controller (requires nodes labeled with the 'ingress-nginx' role).                                                                                       | `false`   |
-| `addons.ingressNginx.valuesOverride`          | Custom values to override                                                                                                                                                         | `{}`      |
-| `addons.ingressNginx.exposeMethod`            | Method to expose the Ingress-NGINX controller. (allowed values: Proxied, LoadBalancer)                                                                                            | `Proxied` |
-| `addons.ingressNginx.hosts`                   | List of domain names that the parent cluster should route to this tenant cluster. Taken into account only when `exposeMethod` is set to `Proxied`.                                | `[]`      |
-| `addons.gpuOperator.enabled`                  | Enable the GPU-operator                                                                                                                                                           | `false`   |
-| `addons.gpuOperator.valuesOverride`           | Custom values to override                                                                                                                                                         | `{}`      |
-| `addons.fluxcd.enabled`                       | Enable FluxCD                                                                                                                                                                     | `false`   |
-| `addons.fluxcd.valuesOverride`                | Custom values to override                                                                                                                                                         | `{}`      |
-| `addons.monitoringAgents.enabled`             | Enable monitoring agents (Fluent Bit and VMAgents) to send logs and metrics. If tenant monitoring is enabled, data is sent to tenant storage; otherwise, it goes to root storage. | `false`   |
-| `addons.monitoringAgents.valuesOverride`      | Custom values to override                                                                                                                                                         | `{}`      |
-| `addons.verticalPodAutoscaler.valuesOverride` | Custom values to override                                                                                                                                                         | `{}`      |
-| `addons.velero.enabled`                       | Enable velero for backup and restore k8s cluster.                                                                                                                                 | `false`   |
-| `addons.velero.valuesOverride`                | Custom values to override                                                                                                                                                         | `{}`      |
+| Name                                          | Description                                                                                                                                                                       | Value   |
+| --------------------------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------- |
+| `addons.certManager.enabled`                  | Enable cert-manager, which automatically creates and manages SSL/TLS certificates.                                                                                                | `false` |
+| `addons.certManager.valuesOverride`           | Custom values to override                                                                                                                                                         | `{}`    |
+| `addons.cilium.valuesOverride`                | Custom values to override                                                                                                                                                         | `{}`    |
+| `addons.gatewayAPI.enabled`                   | Enable the Gateway API                                                                                                                                                            | `false` |
+| `addons.ingressNginx.enabled`                 | Enable the Ingress-NGINX controller (requires nodes labeled with the 'ingress-nginx' role).                                                                                       | `false` |
+| `addons.ingressNginx.valuesOverride`          | Custom values to override                                                                                                                                                         | `{}`    |
+| `addons.ingressNginx.hosts`                   | List of domain names that the parent cluster should route to this tenant cluster.                                                                                                 | `[]`    |
+| `addons.gpuOperator.enabled`                  | Enable the GPU-operator                                                                                                                                                           | `false` |
+| `addons.gpuOperator.valuesOverride`           | Custom values to override                                                                                                                                                         | `{}`    |
+| `addons.fluxcd.enabled`                       | Enable FluxCD                                                                                                                                                                     | `false` |
+| `addons.fluxcd.valuesOverride`                | Custom values to override                                                                                                                                                         | `{}`    |
+| `addons.monitoringAgents.enabled`             | Enable monitoring agents (Fluent Bit and VMAgents) to send logs and metrics. If tenant monitoring is enabled, data is sent to tenant storage; otherwise, it goes to root storage. | `false` |
+| `addons.monitoringAgents.valuesOverride`      | Custom values to override                                                                                                                                                         | `{}`    |
+| `addons.verticalPodAutoscaler.valuesOverride` | Custom values to override                                                                                                                                                         | `{}`    |
 
 ### Kubernetes Control Plane Configuration
 
@@ -137,18 +134,19 @@ resources:
   memory: 4Gi
 ```
 
-`resourcesPreset` sets named CPU and memory configurations for each replica.
+`resourcePreset` sets named CPU and memory configurations for each replica.
 This setting is ignored if the corresponding `resources` value is set.
 
 | Preset name | CPU    | memory  |
 |-------------|--------|---------|
-| `nano`      | `250m` | `128Mi` |
-| `micro`     | `500m` | `256Mi` |
-| `small`     | `1`    | `512Mi` |
-| `medium`    | `1`    | `1Gi`   |
-| `large`     | `3`    | `2Gi`   |
-| `xlarge`    | `4`    | `4Gi`   |
-| `2xlarge`   | `8`    | `8Gi`   |
+| `nano`      | `100m` | `128Mi` |
+| `micro`     | `250m` | `256Mi` |
+| `small`     | `500m` | `512Mi` |
+| `medium`    | `500m` | `1Gi`   |
+| `large`     | `1`    | `2Gi`   |
+| `xlarge`    | `2`    | `4Gi`   |
+| `2xlarge`   | `4`    | `8Gi`   |
+
 
 ### instanceType Resources
 
@@ -312,3 +310,4 @@ Specific characteristics of this series are:
   workload.
 - *vCPU-To-Memory Ratio (1:4)* - A vCPU-to-Memory ratio of 1:4 starting from
   the medium size.
+

packages/apps/kubernetes/images/cluster-autoscaler.tag

@@ -1 +1 @@
-ghcr.io/cozystack/cozystack/cluster-autoscaler:0.25.0@sha256:3a8170433e1632e5cc2b6d9db34d0605e8e6c63c158282c38450415e700e932e
+ghcr.io/cozystack/cozystack/cluster-autoscaler:0.24.2@sha256:3a8170433e1632e5cc2b6d9db34d0605e8e6c63c158282c38450415e700e932e

packages/apps/kubernetes/images/kubevirt-cloud-provider.tag

@@ -1 +1 @@
-ghcr.io/cozystack/cozystack/kubevirt-cloud-provider:0.25.0@sha256:412ed2b3c77249bd1b973e6dc9c87976d31863717fb66ba74ccda573af737eb1
+ghcr.io/cozystack/cozystack/kubevirt-cloud-provider:0.24.2@sha256:b478952fab735f85c3ba15835012b1de8af5578b33a8a2670eaf532ffc17681e

packages/apps/kubernetes/images/kubevirt-csi-driver.tag

@@ -1 +1 @@
-ghcr.io/cozystack/cozystack/kubevirt-csi-driver:0.25.0@sha256:445c2727b04ac68595b43c988ff17b3d69a7b22b0644fde3b10c65b47a7bc036
+ghcr.io/cozystack/cozystack/kubevirt-csi-driver:0.24.2@sha256:598ab20550dbf495717e8e123e6b626bb36298f88dde851664301d393ac06ca3

packages/apps/kubernetes/images/kubevirt-csi-driver/Dockerfile

@@ -3,7 +3,7 @@ ARG builder_image=docker.io/library/golang:1.22.5
 FROM ${builder_image} AS builder
 RUN git clone https://github.com/kubevirt/csi-driver /src/kubevirt-csi-driver \
  && cd /src/kubevirt-csi-driver \
- && git checkout a8d6605bc9997bcfda3fb9f1f82ba6445b4984cc
+ && git checkout 35836e0c8b68d9916d29a838ea60cdd3fc6199cf
 
 ARG TARGETOS
 ARG TARGETARCH
@@ -11,7 +11,6 @@ ENV GOOS=$TARGETOS
 ENV GOARCH=$TARGETARCH
 
 WORKDIR /src/kubevirt-csi-driver
-
 RUN make build
 
 FROM quay.io/centos/centos:stream9

packages/apps/kubernetes/templates/cluster.yaml

@@ -120,11 +120,23 @@ metadata:
     kamaji.clastix.io/kubeconfig-secret-key: "super-admin.svc"
 spec:
   apiServer:
-    resources: {{- include "cozy-lib.resources.defaultingSanitize" (list .Values.controlPlane.apiServer.resourcesPreset .Values.controlPlane.apiServer.resources $) | nindent 6 }}
+    {{- if .Values.controlPlane.apiServer.resources }}
+    resources: {{- include "cozy-lib.resources.sanitize" (list .Values.controlPlane.apiServer.resources $) | nindent 6 }}
+    {{- else if ne .Values.controlPlane.apiServer.resourcesPreset "none" }}
+    resources: {{- include "cozy-lib.resources.preset" (list .Values.controlPlane.apiServer.resourcesPreset $) | nindent 6 }}
+    {{- end }}
   controllerManager:
-    resources: {{- include "cozy-lib.resources.defaultingSanitize" (list .Values.controlPlane.controllerManager.resourcesPreset .Values.controlPlane.controllerManager.resources $) | nindent 6 }}
+    {{- if .Values.controlPlane.controllerManager.resources }}
+    resources: {{- include "cozy-lib.resources.sanitize" (list .Values.controlPlane.controllerManager.resources $) | nindent 6 }}
+    {{- else if ne .Values.controlPlane.controllerManager.resourcesPreset "none" }}
+    resources: {{- include "cozy-lib.resources.preset" (list .Values.controlPlane.controllerManager.resourcesPreset $) | nindent 6 }}
+    {{- end }}
   scheduler:
-    resources: {{- include "cozy-lib.resources.defaultingSanitize" (list .Values.controlPlane.scheduler.resourcesPreset .Values.controlPlane.scheduler.resources $) | nindent 6 }}
+    {{- if .Values.controlPlane.scheduler.resources }}
+    resources: {{- include "cozy-lib.resources.sanitize" (list .Values.controlPlane.scheduler.resources $) | nindent 6 }}
+    {{- else if ne .Values.controlPlane.scheduler.resourcesPreset "none" }}
+    resources: {{- include "cozy-lib.resources.preset" (list .Values.controlPlane.scheduler.resourcesPreset $) | nindent 6 }}
+    {{- end }}
   dataStoreName: "{{ $etcd }}"
   addons:
     coreDNS:
@@ -133,7 +145,11 @@ spec:
     konnectivity:
       server:
         port: 8132
-        resources: {{- include "cozy-lib.resources.defaultingSanitize" (list .Values.controlPlane.konnectivity.server.resourcesPreset .Values.controlPlane.konnectivity.server.resources $) | nindent 10 }}
+        {{- if .Values.controlPlane.konnectivity.server.resources }}
+        resources: {{- include "cozy-lib.resources.sanitize" (list .Values.controlPlane.konnectivity.server.resources $) | nindent 10 }}
+        {{- else if ne .Values.controlPlane.konnectivity.server.resourcesPreset "none" }}
+        resources: {{- include "cozy-lib.resources.preset" (list .Values.controlPlane.konnectivity.server.resourcesPreset $) | nindent 10 }}
+        {{- end }}
   kubelet:
     cgroupfs: systemd
     preferredAddressTypes:

packages/apps/kubernetes/templates/helmreleases/ingress-nginx.yaml

@@ -3,11 +3,9 @@ ingress-nginx:
   fullnameOverride: ingress-nginx
   controller:
     kind: DaemonSet
-    {{- if eq .Values.addons.ingressNginx.exposeMethod "Proxied" }}
     hostNetwork: true
     service:
       enabled: false
-    {{- end }}
     {{- if not .Values.addons.certManager.enabled }}
     admissionWebhooks:
       certManager:

packages/apps/kubernetes/templates/helmreleases/velero.yaml

@@ -1,46 +0,0 @@
-{{- if .Values.addons.velero.enabled }}
-apiVersion: helm.toolkit.fluxcd.io/v2
-kind: HelmRelease
-metadata:
-  name: {{ .Release.Name }}-velero
-  labels:
-    cozystack.io/repository: system
-    cozystack.io/target-cluster-name: {{ .Release.Name }}
-spec:
-  interval: 5m
-  releaseName: velero
-  chart:
-    spec:
-      chart: cozy-velero
-      reconcileStrategy: Revision
-      sourceRef:
-        kind: HelmRepository
-        name: cozystack-system
-        namespace: cozy-system
-      version: '>= 0.0.0-0'
-  kubeConfig:
-    secretRef:
-      name: {{ .Release.Name }}-admin-kubeconfig
-      key: super-admin.svc
-  targetNamespace: cozy-velero
-  storageNamespace: cozy-velero
-  install:
-    createNamespace: true
-    remediation:
-      retries: -1
-  upgrade:
-    remediation:
-      retries: -1
-  {{- with .Values.addons.velero.valuesOverride }}
-  values:
-    {{- toYaml . | nindent 4 }}
-  {{- end }}
-
-  dependsOn:
-  {{- if lookup "helm.toolkit.fluxcd.io/v2" "HelmRelease" .Release.Namespace .Release.Name }}
-  - name: {{ .Release.Name }}
-    namespace: {{ .Release.Namespace }}
-  {{- end }}
-  - name: {{ .Release.Name }}-cilium
-    namespace: {{ .Release.Namespace }}
-{{- end }}

packages/apps/kubernetes/templates/ingress.yaml

@@ -1,6 +1,6 @@
 {{- $myNS := lookup "v1" "Namespace" "" .Release.Namespace }}
 {{- $ingress := index $myNS.metadata.annotations "namespace.cozystack.io/ingress" }}
-{{- if and (eq .Values.addons.ingressNginx.exposeMethod "Proxied") .Values.addons.ingressNginx.hosts }}
+{{- if .Values.addons.ingressNginx.hosts }}
 ---
 apiVersion: networking.k8s.io/v1
 kind: Ingress

packages/apps/kubernetes/values.schema.json

@@ -178,18 +178,9 @@
               "description": "Custom values to override",
               "default": {}
             },
-            "exposeMethod": {
-              "type": "string",
-              "description": "Method to expose the Ingress-NGINX controller. (allowed values: Proxied, LoadBalancer)",
-              "default": "Proxied",
-              "enum": [
-                "Proxied",
-                "LoadBalancer"
-              ]
-            },
             "hosts": {
               "type": "array",
-              "description": "List of domain names that the parent cluster should route to this tenant cluster. Taken into account only when `exposeMethod` is set to `Proxied`.",
+              "description": "List of domain names that the parent cluster should route to this tenant cluster.",
               "default": [],
               "items": {}
             }
@@ -249,21 +240,6 @@
               "default": {}
             }
           }
-        },
-        "velero": {
-          "type": "object",
-          "properties": {
-            "enabled": {
-              "type": "boolean",
-              "description": "Enable velero for backup and restore k8s cluster.",
-              "default": false
-            },
-            "valuesOverride": {
-              "type": "object",
-              "description": "Custom values to override",
-              "default": {}
-            }
-          }
         }
       }
     }

packages/apps/kubernetes/values.yaml

@@ -61,14 +61,12 @@ addons:
     ## @param addons.ingressNginx.valuesOverride Custom values to override
     ##
     enabled: false
-    ## @param addons.ingressNginx.exposeMethod Method to expose the Ingress-NGINX controller. (allowed values: Proxied, LoadBalancer)
-    ## @param addons.ingressNginx.hosts List of domain names that the parent cluster should route to this tenant cluster. Taken into account only when `exposeMethod` is set to `Proxied`.
+    ## @param addons.ingressNginx.hosts List of domain names that the parent cluster should route to this tenant cluster.
     ## e.g:
     ## hosts:
     ## - example.org
     ## - foo.example.net
     ##
-    exposeMethod: Proxied
     hosts: []
     valuesOverride: {}
 
@@ -105,15 +103,6 @@ addons:
     ##
     valuesOverride: {}
 
-  ## Velero
-  ##
-  velero:
-    ## @param addons.velero.enabled Enable velero for backup and restore k8s cluster.
-    ## @param addons.velero.valuesOverride Custom values to override
-    ##
-    enabled: false
-    valuesOverride: {}
-
 ## @section Kubernetes Control Plane Configuration
 ##
 

packages/apps/mysql/Chart.yaml

@@ -16,7 +16,7 @@ type: application
 # This is the chart version. This version number should be incremented each time you make changes
 # to the chart and its templates, including the app version.
 # Versions are expected to follow Semantic Versioning (https://semver.org/)
-version: 0.9.0
+version: 0.8.2
 
 # This is the version number of the application being deployed. This version number should be
 # incremented each time you make changes to the application. Versions are not expected to

packages/apps/mysql/README.md

@@ -110,18 +110,19 @@ resources:
   memory: 4Gi
 ```
 
-`resourcesPreset` sets named CPU and memory configurations for each replica.
+`resourcePreset` sets named CPU and memory configurations for each replica.
 This setting is ignored if the corresponding `resources` value is set.
 
 | Preset name | CPU    | memory  |
 |-------------|--------|---------|
-| `nano`      | `250m` | `128Mi` |
-| `micro`     | `500m` | `256Mi` |
-| `small`     | `1`    | `512Mi` |
-| `medium`    | `1`    | `1Gi`   |
-| `large`     | `3`    | `2Gi`   |
-| `xlarge`    | `4`    | `4Gi`   |
-| `2xlarge`   | `8`    | `8Gi`   |
+| `nano`      | `100m` | `128Mi` |
+| `micro`     | `250m` | `256Mi` |
+| `small`     | `500m` | `512Mi` |
+| `medium`    | `500m` | `1Gi`   |
+| `large`     | `1`    | `2Gi`   |
+| `xlarge`    | `2`    | `4Gi`   |
+| `2xlarge`   | `4`    | `8Gi`   |
+
 
 ### users
 

packages/apps/mysql/images/mariadb-backup.tag

@@ -1 +1 @@
-ghcr.io/cozystack/cozystack/mariadb-backup:0.9.0@sha256:cfd1c37d8ad24e10681d82d6e6ce8a641b4602c1b0ffa8516ae15b4958bb12d4
+ghcr.io/cozystack/cozystack/mariadb-backup:0.8.1@sha256:cfd1c37d8ad24e10681d82d6e6ce8a641b4602c1b0ffa8516ae15b4958bb12d4

packages/apps/mysql/templates/mariadb.yaml

@@ -80,4 +80,8 @@ spec:
   #secondaryService:
   #  type: LoadBalancer
 
-  resources: {{- include "cozy-lib.resources.defaultingSanitize" (list .Values.resourcesPreset .Values.resources $) | nindent 4 }}
+  {{- if .Values.resources }}
+  resources: {{- include "cozy-lib.resources.sanitize" (list .Values.resources $) | nindent 4 }}
+  {{- else if ne .Values.resourcesPreset "none" }}
+  resources: {{- include "cozy-lib.resources.preset" (list .Values.resourcesPreset $) | nindent 4 }}
+  {{- end }}

packages/apps/nats/Chart.yaml

@@ -16,7 +16,7 @@ type: application
 # This is the chart version. This version number should be incremented each time you make changes
 # to the chart and its templates, including the app version.
 # Versions are expected to follow Semantic Versioning (https://semver.org/)
-version: 0.8.0
+version: 0.7.1
 
 # This is the version number of the application being deployed. This version number should be
 # incremented each time you make changes to the application. Versions are not expected to

packages/apps/nats/README.md

@@ -33,16 +33,16 @@ resources:
   memory: 4Gi
 ```
 
-`resourcesPreset` sets named CPU and memory configurations for each replica.
+`resourcePreset` sets named CPU and memory configurations for each replica.
 This setting is ignored if the corresponding `resources` value is set.
 
 | Preset name | CPU    | memory  |
 |-------------|--------|---------|
-| `nano`      | `250m` | `128Mi` |
-| `micro`     | `500m` | `256Mi` |
-| `small`     | `1`    | `512Mi` |
-| `medium`    | `1`    | `1Gi`   |
-| `large`     | `3`    | `2Gi`   |
-| `xlarge`    | `4`    | `4Gi`   |
-| `2xlarge`   | `8`    | `8Gi`   |
+| `nano`      | `100m` | `128Mi` |
+| `micro`     | `250m` | `256Mi` |
+| `small`     | `500m` | `512Mi` |
+| `medium`    | `500m` | `1Gi`   |
+| `large`     | `1`    | `2Gi`   |
+| `xlarge`    | `2`    | `4Gi`   |
+| `2xlarge`   | `4`    | `8Gi`   |
 

packages/apps/nats/templates/nats.yaml

@@ -46,7 +46,11 @@ spec:
             containers:
               - name: nats
                 image: nats:2.10.17-alpine
-                resources: {{- include "cozy-lib.resources.defaultingSanitize" (list .Values.resourcesPreset .Values.resources $) | nindent 22 }}
+                {{- if .Values.resources }}
+                resources: {{- include "cozy-lib.resources.sanitize" (list .Values.resources $) | nindent 22 }}
+                {{- else if ne .Values.resourcesPreset "none" }}
+                resources: {{- include "cozy-lib.resources.preset" (list .Values.resourcesPreset $) | nindent 22 }}
+                {{- end }}
       fullnameOverride: {{ .Release.Name }}
       config:
         cluster:

packages/apps/postgres/Chart.yaml

@@ -16,7 +16,7 @@ type: application
 # This is the chart version. This version number should be incremented each time you make changes
 # to the chart and its templates, including the app version.
 # Versions are expected to follow Semantic Versioning (https://semver.org/)
-version: 0.16.0
+version: 0.15.1
 
 # This is the version number of the application being deployed. This version number should be
 # incremented each time you make changes to the application. Versions are not expected to

packages/apps/postgres/README.md

@@ -15,27 +15,8 @@ This managed service is controlled by the CloudNativePG operator, ensuring effic
 
 ### How to switch primary/secondary replica
 
-See:
+See the CloudNativePG docs, [Rolling Updates, section Manual Updates](https://cloudnative-pg.io/documentation/1.15/rolling_update/#manual-updates-supervised).
 
-- <https://cloudnative-pg.io/documentation/1.15/rolling_update/#manual-updates-supervised>
-
-### How to restore backup
-
-find snapshot:
-
-```bash
-restic -r s3:s3.example.org/postgres-backups/database_name snapshots
-```
-
-restore:
-
-```bash
-restic -r s3:s3.example.org/postgres-backups/database_name restore latest --target /tmp/
-```
-
-more details:
-
-- <https://blog.aenix.io/restic-effective-backup-from-stdin-4bc1e8f083c1>
 
 ## Parameters
 
@@ -94,18 +75,20 @@ resources:
   memory: 4Gi
 ```
 
-`resourcesPreset` sets named CPU and memory configurations for each replica.
+`resourcePreset` sets named CPU and memory configurations for each replica.
 This setting is ignored if the corresponding `resources` value is set.
 
 | Preset name | CPU    | memory  |
 |-------------|--------|---------|
-| `nano`      | `250m` | `128Mi` |
-| `micro`     | `500m` | `256Mi` |
-| `small`     | `1`    | `512Mi` |
-| `medium`    | `1`    | `1Gi`   |
-| `large`     | `3`    | `2Gi`   |
-| `xlarge`    | `4`    | `4Gi`   |
-| `2xlarge`   | `8`    | `8Gi`   |
+| `nano`      | `100m` | `128Mi` |
+| `micro`     | `250m` | `256Mi` |
+| `small`     | `500m` | `512Mi` |
+| `medium`    | `500m` | `1Gi`   |
+| `large`     | `1`    | `2Gi`   |
+| `xlarge`    | `2`    | `4Gi`   |
+| `2xlarge`   | `4`    | `8Gi`   |
+
+
 
 ### users
 

packages/apps/postgres/templates/db.yaml

@@ -42,7 +42,11 @@ spec:
             key: AWS_SECRET_ACCESS_KEY
   {{- end }}
 
-  resources: {{- include "cozy-lib.resources.defaultingSanitize" (list .Values.resourcesPreset .Values.resources $) | nindent 4 }}
+  {{- if .Values.resources }}
+  resources: {{- include "cozy-lib.resources.sanitize" (list .Values.resources $) | nindent 4 }}
+  {{- else if ne .Values.resourcesPreset "none" }}
+  resources: {{- include "cozy-lib.resources.preset" (list .Values.resourcesPreset $) | nindent 4 }}
+  {{- end }}
 
   enableSuperuserAccess: true
   {{- $configMap := lookup "v1" "ConfigMap" "cozy-system" "cozystack-scheduling" }}

packages/apps/rabbitmq/Chart.yaml

@@ -16,7 +16,7 @@ type: application
 # This is the chart version. This version number should be incremented each time you make changes
 # to the chart and its templates, including the app version.
 # Versions are expected to follow Semantic Versioning (https://semver.org/)
-version: 0.8.0
+version: 0.7.1
 
 # This is the version number of the application being deployed. This version number should be
 # incremented each time you make changes to the application. Versions are not expected to

packages/apps/rabbitmq/README.md

@@ -42,7 +42,7 @@ resources:
   memory: 4Gi
 ```
 
-`resourcesPreset` sets named CPU and memory configurations for each replica.
+`resourcePreset` sets named CPU and memory configurations for each replica.
 This setting is ignored if the corresponding `resources` value is set.
 
 | Preset name | CPU    | memory  |

packages/apps/rabbitmq/templates/rabbitmq.yaml

@@ -11,7 +11,11 @@ spec:
   service:
     type: LoadBalancer
   {{- end }}
-  resources: {{- include "cozy-lib.resources.defaultingSanitize" (list .Values.resourcesPreset .Values.resources $) | nindent 4 }}
+  {{- if .Values.resources }}
+  resources: {{- include "cozy-lib.resources.sanitize" (list .Values.resources $) | nindent 4 }}
+  {{- else if ne .Values.resourcesPreset "none" }}
+  resources: {{- include "cozy-lib.resources.preset" (list .Values.resourcesPreset $) | nindent 4 }}
+  {{- end }}
   override:
     statefulSet:
       spec:

packages/apps/redis/Chart.yaml

@@ -16,7 +16,7 @@ type: application
 # This is the chart version. This version number should be incremented each time you make changes
 # to the chart and its templates, including the app version.
 # Versions are expected to follow Semantic Versioning (https://semver.org/)
-version: 0.9.0
+version: 0.8.1
 
 # This is the version number of the application being deployed. This version number should be
 # incremented each time you make changes to the application. Versions are not expected to

packages/apps/redis/README.md

@@ -36,15 +36,16 @@ resources:
   memory: 4Gi
 ```
 
-`resourcesPreset` sets named CPU and memory configurations for each replica.
+`resourcePreset` sets named CPU and memory configurations for each replica.
 This setting is ignored if the corresponding `resources` value is set.
 
 | Preset name | CPU    | memory  |
 |-------------|--------|---------|
-| `nano`      | `250m` | `128Mi` |
-| `micro`     | `500m` | `256Mi` |
-| `small`     | `1`    | `512Mi` |
-| `medium`    | `1`    | `1Gi`   |
-| `large`     | `3`    | `2Gi`   |
-| `xlarge`    | `4`    | `4Gi`   |
-| `2xlarge`   | `8`    | `8Gi`   |
+| `nano`      | `100m` | `128Mi` |
+| `micro`     | `250m` | `256Mi` |
+| `small`     | `500m` | `512Mi` |
+| `medium`    | `500m` | `1Gi`   |
+| `large`     | `1`    | `2Gi`   |
+| `xlarge`    | `2`    | `4Gi`   |
+| `2xlarge`   | `4`    | `8Gi`   |
+

packages/apps/redis/templates/redisfailover.yaml

@@ -25,10 +25,18 @@ metadata:
 spec:
   sentinel:
     replicas: 3
-    resources: {{- include "cozy-lib.resources.defaultingSanitize" (list .Values.resourcesPreset .Values.resources $) | nindent 6 }}
+    {{- if .Values.resources }}
+    resources: {{- include "cozy-lib.resources.sanitize" (list .Values.resources $) | nindent 6 }}
+    {{- else if ne .Values.resourcesPreset "none" }}
+    resources: {{- include "cozy-lib.resources.preset" (list .Values.resourcesPreset $) | nindent 6 }}
+    {{- end }}
   redis:
-    resources: {{- include "cozy-lib.resources.defaultingSanitize" (list .Values.resourcesPreset .Values.resources $) | nindent 6 }}
     replicas: {{ .Values.replicas }}
+    {{- if .Values.resources }}
+    resources: {{- include "cozy-lib.resources.sanitize" (list .Values.resources $) | nindent 6 }}
+    {{- else if ne .Values.resourcesPreset "none" }}
+    resources: {{- include "cozy-lib.resources.preset" (list .Values.resourcesPreset $) | nindent 6 }}
+    {{- end }}
     {{- with .Values.size }}
     storage:
       persistentVolumeClaim:

packages/apps/tcp-balancer/Chart.yaml

@@ -16,7 +16,7 @@ type: application
 # This is the chart version. This version number should be incremented each time you make changes
 # to the chart and its templates, including the app version.
 # Versions are expected to follow Semantic Versioning (https://semver.org/)
-version: 0.5.0
+version: 0.4.2
 
 # This is the version number of the application being deployed. This version number should be
 # incremented each time you make changes to the application. Versions are not expected to

packages/apps/tcp-balancer/README.md

@@ -43,15 +43,16 @@ resources:
   memory: 4Gi
 ```
 
-`resourcesPreset` sets named CPU and memory configurations for each replica.
+`resourcePreset` sets named CPU and memory configurations for each replica.
 This setting is ignored if the corresponding `resources` value is set.
 
 | Preset name | CPU    | memory  |
 |-------------|--------|---------|
-| `nano`      | `250m` | `128Mi` |
-| `micro`     | `500m` | `256Mi` |
-| `small`     | `1`    | `512Mi` |
-| `medium`    | `1`    | `1Gi`   |
-| `large`     | `3`    | `2Gi`   |
-| `xlarge`    | `4`    | `4Gi`   |
-| `2xlarge`   | `8`    | `8Gi`   |
+| `nano`      | `100m` | `128Mi` |
+| `micro`     | `250m` | `256Mi` |
+| `small`     | `500m` | `512Mi` |
+| `medium`    | `500m` | `1Gi`   |
+| `large`     | `1`    | `2Gi`   |
+| `xlarge`    | `2`    | `4Gi`   |
+| `2xlarge`   | `4`    | `8Gi`   |
+

packages/apps/tcp-balancer/templates/deployment.yaml

@@ -34,7 +34,11 @@ spec:
       containers:
       - image: haproxy:latest
         name: haproxy
-        resources: {{- include "cozy-lib.resources.defaultingSanitize" (list .Values.resourcesPreset .Values.resources $) | nindent 10 }}
+        {{- if .Values.resources }}
+        resources: {{- include "cozy-lib.resources.sanitize" (list .Values.resources $) | nindent 10 }}
+        {{- else if ne .Values.resourcesPreset "none" }}
+        resources: {{- include "cozy-lib.resources.preset" (list .Values.resourcesPreset $) | nindent 10 }}
+        {{- end }}
         ports:
         {{- with .Values.httpAndHttps }}
         - containerPort: 8080

packages/apps/tenant/Chart.yaml

@@ -4,4 +4,4 @@ description: Separated tenant namespace
 icon: /logos/tenant.svg
 
 type: application
-version: 1.11.0
+version: 1.10.0

packages/apps/tenant/templates/quota.yaml

@@ -6,5 +6,5 @@ metadata:
   namespace: {{ include "tenant.name" . }}
 spec:
   hard:
-    {{- include "cozy-lib.resources.flatten" (list .Values.resourceQuotas $) | nindent 6 }}
+    {{- toYaml .Values.resourceQuotas | nindent 4 }}
 {{- end }}

packages/apps/tenant/values.yaml

@@ -15,7 +15,9 @@ seaweedfs: false
 isolated: true
 resourceQuotas: {}
 # resourceQuotas:
-#   cpu: "1"
-#   memory: "1Gi"
-#   nvidia.com/gpu: 4
-#   storage: 100Gi
+#   requests.cpu: "1"
+#   requests.memory: "1Gi"
+#   limits.cpu: "2"
+#   limits.memory: "2Gi"
+#   requests.nvidia.com/gpu: 4
+#   requests.storage: 100Gi

packages/apps/versions_map

@@ -13,8 +13,7 @@ clickhouse 0.7.0 93bdf411
 clickhouse 0.9.0 6130f43d
 clickhouse 0.9.2 632224a3
 clickhouse 0.10.0 6358fd7a
-clickhouse 0.10.1 4369b031
-clickhouse 0.11.0 HEAD
+clickhouse 0.10.1 HEAD
 ferretdb 0.1.0 e9716091
 ferretdb 0.1.1 91b0499a
 ferretdb 0.2.0 6c5cf5bf
@@ -26,8 +25,7 @@ ferretdb 0.5.0 93bdf411
 ferretdb 0.6.0 6130f43d
 ferretdb 0.6.1 632224a3
 ferretdb 0.7.0 62cb694d
-ferretdb 0.7.1 4369b031
-ferretdb 0.8.0 HEAD
+ferretdb 0.7.1 HEAD
 http-cache 0.1.0 263e47be
 http-cache 0.2.0 53f2365e
 http-cache 0.3.0 6c5cf5bf
@@ -35,8 +33,7 @@ http-cache 0.3.1 0f312d5c
 http-cache 0.4.0 93bdf411
 http-cache 0.5.0 6130f43d
 http-cache 0.5.1 62cb694d
-http-cache 0.5.2 4369b031
-http-cache 0.6.0 HEAD
+http-cache 0.5.2 HEAD
 kafka 0.1.0 f7eaab0a
 kafka 0.2.0 c0685f43
 kafka 0.2.1 dfbc210b
@@ -51,10 +48,9 @@ kafka 0.5.0 93bdf411
 kafka 0.6.0 6130f43d
 kafka 0.6.1 632224a3
 kafka 0.7.0 6358fd7a
-kafka 0.7.1 4369b031
-kafka 0.8.0 HEAD
+kafka 0.7.1 HEAD
 kubernetes 0.24.0 62cb694d
-kubernetes 0.25.0 HEAD
+kubernetes 0.24.2 HEAD
 mysql 0.1.0 263e47be
 mysql 0.2.0 c24a103f
 mysql 0.3.0 53f2365e
@@ -68,7 +64,7 @@ mysql 0.7.0 6130f43d
 mysql 0.7.1 632224a3
 mysql 0.8.0 62cb694d
 mysql 0.8.1 4369b031
-mysql 0.9.0 HEAD
+mysql 0.8.2 HEAD
 nats 0.1.0 e9716091
 nats 0.2.0 6c5cf5bf
 nats 0.3.0 78366f19
@@ -79,8 +75,7 @@ nats 0.5.0 93bdf411
 nats 0.6.0 6130f43d
 nats 0.6.1 632224a3
 nats 0.7.0 62cb694d
-nats 0.7.1 4369b031
-nats 0.8.0 HEAD
+nats 0.7.1 HEAD
 postgres 0.1.0 263e47be
 postgres 0.2.0 53f2365e
 postgres 0.2.1 d7cfa53c
@@ -100,8 +95,7 @@ postgres 0.11.0 f9f8bb2f
 postgres 0.12.0 6130f43d
 postgres 0.12.1 632224a3
 postgres 0.14.0 62cb694d
-postgres 0.15.1 4369b031
-postgres 0.16.0 HEAD
+postgres 0.15.1 HEAD
 rabbitmq 0.1.0 263e47be
 rabbitmq 0.2.0 53f2365e
 rabbitmq 0.3.0 6c5cf5bf
@@ -113,8 +107,7 @@ rabbitmq 0.4.4 8267072d
 rabbitmq 0.5.0 93bdf411
 rabbitmq 0.6.0 632224a3
 rabbitmq 0.7.0 62cb694d
-rabbitmq 0.7.1 4369b031
-rabbitmq 0.8.0 HEAD
+rabbitmq 0.7.1 HEAD
 redis 0.1.1 263e47be
 redis 0.2.0 53f2365e
 redis 0.3.0 6c5cf5bf
@@ -125,17 +118,14 @@ redis 0.6.0 93bdf411
 redis 0.7.0 6130f43d
 redis 0.7.1 632224a3
 redis 0.8.0 62cb694d
-redis 0.8.1 4369b031
-redis 0.9.0 HEAD
+redis 0.8.1 HEAD
 tcp-balancer 0.1.0 263e47be
 tcp-balancer 0.2.0 53f2365e
 tcp-balancer 0.3.0 93bdf411
 tcp-balancer 0.4.0 6130f43d
 tcp-balancer 0.4.1 62cb694d
-tcp-balancer 0.4.2 4369b031
-tcp-balancer 0.5.0 HEAD
-tenant 1.10.0 4369b031
-tenant 1.11.0 HEAD
+tcp-balancer 0.4.2 HEAD
+tenant 1.10.0 HEAD
 virtual-machine 0.1.4 f2015d65
 virtual-machine 0.1.5 263e47be
 virtual-machine 0.2.0 c0685f43
@@ -152,13 +142,11 @@ virtual-machine 0.9.0 721c12a7
 virtual-machine 0.9.1 93bdf411
 virtual-machine 0.10.0 6130f43d
 virtual-machine 0.10.2 632224a3
-virtual-machine 0.11.0 4369b031
-virtual-machine 0.12.0 HEAD
+virtual-machine 0.11.0 HEAD
 vm-disk 0.1.0 d971f2ff
 vm-disk 0.1.1 6130f43d
 vm-disk 0.1.2 632224a3
-vm-disk 0.2.0 4369b031
-vm-disk 0.3.0 HEAD
+vm-disk 0.2.0 HEAD
 vm-instance 0.1.0 1ec10165
 vm-instance 0.2.0 84f3ccc0
 vm-instance 0.3.0 4e68e65c
@@ -169,8 +157,7 @@ vm-instance 0.5.1 de19450f
 vm-instance 0.6.0 721c12a7
 vm-instance 0.7.0 6130f43d
 vm-instance 0.7.2 632224a3
-vm-instance 0.8.0 4369b031
-vm-instance 0.9.0 HEAD
+vm-instance 0.8.0 HEAD
 vpn 0.1.0 263e47be
 vpn 0.2.0 53f2365e
 vpn 0.3.0 6c5cf5bf
@@ -179,5 +166,4 @@ vpn 0.4.0 93bdf411
 vpn 0.5.0 6130f43d
 vpn 0.5.1 632224a3
 vpn 0.6.1 62cb694d
-vpn 0.6.2 4369b031
-vpn 0.7.0 HEAD
+vpn 0.6.2 HEAD

packages/apps/virtual-machine/Chart.yaml

@@ -17,10 +17,10 @@ type: application
 # This is the chart version. This version number should be incremented each time you make changes
 # to the chart and its templates, including the app version.
 # Versions are expected to follow Semantic Versioning (https://semver.org/)
-version: 0.12.0
+version: 0.11.0
 
 # This is the version number of the application being deployed. This version number should be
 # incremented each time you make changes to the application. Versions are not expected to
 # follow Semantic Versioning. They should reflect the version the application is using.
 # It is recommended to use it with quotes.
-appVersion: 0.12.0
+appVersion: 0.11.0

packages/apps/virtual-machine/README.md

@@ -50,7 +50,6 @@ virtctl ssh <user>@<vm>
 | `gpus`                    | List of GPUs to attach                                                                                     | `[]`         |
 | `resources.cpu`           | The number of CPU cores allocated to the virtual machine                                                   | `""`         |
 | `resources.memory`        | The amount of memory allocated to the virtual machine                                                      | `""`         |
-| `resources.sockets`       | The number of CPU sockets allocated to the virtual machine (used to define vCPU topology)                  | `""`         |
 | `sshKeys`                 | List of SSH public keys for authentication. Can be a single key or a list of keys.                         | `[]`         |
 | `cloudInit`               | cloud-init user data config. See cloud-init documentation for more details.                                | `""`         |
 | `cloudInitSeed`           | A seed string to generate an SMBIOS UUID for the VM.                                                       | `""`         |

packages/apps/virtual-machine/templates/vm.yaml

@@ -39,12 +39,6 @@ spec:
         storageClassName: {{ . }}
         {{- end }}
       source:
-        {{- $dv := lookup "cdi.kubevirt.io/v1beta1" "DataVolume" "cozy-public" (printf "vm-image-%s" .Values.systemDisk.image) }}
-        {{- if $dv }}
-        pvc:
-          name: vm-image-{{ .Values.systemDisk.image }}
-          namespace: cozy-public
-        {{- else }}
         http:
           {{- if eq .Values.systemDisk.image "cirros" }}
           url: https://download.cirros-cloud.net/0.6.2/cirros-0.6.2-x86_64-disk.img
@@ -57,7 +51,6 @@ spec:
           {{- else if eq .Values.systemDisk.image "talos" }}
           url: https://github.com/siderolabs/talos/releases/download/v1.7.6/nocloud-amd64.raw.xz
           {{- end }}
-        {{- end }}
 
   template:
     metadata:
@@ -67,10 +60,9 @@ spec:
         {{- include "virtual-machine.labels" . | nindent 8 }}
     spec:
       domain:
-        {{- if and .Values.resources .Values.resources.cpu .Values.resources.sockets }}
+        {{- if and .Values.resources .Values.resources.cpu }}
         cpu:
           cores: {{ .Values.resources.cpu }}
-          sockets: {{ .Values.resources.sockets }}
         {{- end }}
         {{- if and .Values.resources .Values.resources.memory }}
         resources:

packages/apps/virtual-machine/values.schema.json

@@ -184,11 +184,6 @@
           "type": "string",
           "description": "The amount of memory allocated to the virtual machine",
           "default": ""
-        },
-        "sockets": {
-          "type": "string",
-          "description": "The number of CPU sockets allocated to the virtual machine (used to define vCPU topology)",
-          "default": ""
         }
       }
     },

packages/apps/virtual-machine/values.yaml

@@ -34,11 +34,9 @@ gpus: []
 
 ## @param resources.cpu The number of CPU cores allocated to the virtual machine
 ## @param resources.memory The amount of memory allocated to the virtual machine
-## @param resources.sockets The number of CPU sockets allocated to the virtual machine (used to define vCPU topology)
 resources:
   cpu: ""
   memory: ""
-  sockets: ""
 
 ## @param sshKeys [array] List of SSH public keys for authentication. Can be a single key or a list of keys.
 ## Example:

packages/apps/vm-disk/Chart.yaml

@@ -16,10 +16,10 @@ type: application
 # This is the chart version. This version number should be incremented each time you make changes
 # to the chart and its templates, including the app version.
 # Versions are expected to follow Semantic Versioning (https://semver.org/)
-version: 0.3.0
+version: 0.2.0
 
 # This is the version number of the application being deployed. This version number should be
 # incremented each time you make changes to the application. Versions are not expected to
 # follow Semantic Versioning. They should reflect the version the application is using.
 # It is recommended to use it with quotes.
-appVersion: 0.3.0
+appVersion: 0.2.0

packages/apps/vm-disk/templates/dv.yaml

@@ -20,12 +20,7 @@ spec:
     {{- fail "Exactly one type of source is expected!" }}
   {{- end }}
   source:
-    {{- if hasKey .Values.source "image" }}
-    {{- $dv := lookup "cdi.kubevirt.io/v1beta1" "DataVolume" "cozy-public" (printf "vm-image-%s" .Values.source.image.name) }}
-    pvc:
-      name: vm-image-{{ required "A valid .Values.source.image.name entry required!" .Values.source.image.name }}
-      namespace: cozy-public
-    {{- else if hasKey .Values.source "http" }}
+    {{- if hasKey .Values.source "http" }}
     http:
       url: {{ required "A valid .Values.source.http.url entry required!" .Values.source.http.url }}
     {{- else if hasKey .Values.source "upload" }}

packages/apps/vm-disk/values.yaml

@@ -1,11 +1,6 @@
 ## @section Common parameters
 
 ## @param source The source image location used to create a disk
-## Example using golden image:
-## source:
-##   image:
-##     name: ubuntu
-##
 ## Example upload local image:
 ## source:
 ##   upload: {}

packages/apps/vm-instance/Chart.yaml

@@ -17,7 +17,7 @@ type: application
 # This is the chart version. This version number should be incremented each time you make changes
 # to the chart and its templates, including the app version.
 # Versions are expected to follow Semantic Versioning (https://semver.org/)
-version: 0.9.0
+version: 0.8.0
 
 # This is the version number of the application being deployed. This version number should be
 # incremented each time you make changes to the application. Versions are not expected to

packages/apps/vm-instance/README.md

@@ -36,22 +36,21 @@ virtctl ssh <user>@<vm>
 
 ### Common parameters
 
-| Name                | Description                                                                                                | Value       |
-| ------------------- | ---------------------------------------------------------------------------------------------------------- | ----------- |
-| `external`          | Enable external access from outside the cluster                                                            | `false`     |
-| `externalMethod`    | specify method to passthrough the traffic to the virtual machine. Allowed values: `WholeIP` and `PortList` | `PortList`  |
-| `externalPorts`     | Specify ports to forward from outside the cluster                                                          | `[]`        |
-| `running`           | Determines if the virtual machine should be running                                                        | `true`      |
-| `instanceType`      | Virtual Machine instance type                                                                              | `u1.medium` |
-| `instanceProfile`   | Virtual Machine preferences profile                                                                        | `ubuntu`    |
-| `disks`             | List of disks to attach                                                                                    | `[]`        |
-| `gpus`              | List of GPUs to attach                                                                                     | `[]`        |
-| `resources.cpu`     | The number of CPU cores allocated to the virtual machine                                                   | `""`        |
-| `resources.memory`  | The amount of memory allocated to the virtual machine                                                      | `""`        |
-| `resources.sockets` | The number of CPU sockets allocated to the virtual machine (used to define vCPU topology)                  | `""`        |
-| `sshKeys`           | List of SSH public keys for authentication. Can be a single key or a list of keys.                         | `[]`        |
-| `cloudInit`         | cloud-init user data config. See cloud-init documentation for more details.                                | `""`        |
-| `cloudInitSeed`     | A seed string to generate an SMBIOS UUID for the VM.                                                       | `""`        |
+| Name               | Description                                                                                                | Value       |
+| ------------------ | ---------------------------------------------------------------------------------------------------------- | ----------- |
+| `external`         | Enable external access from outside the cluster                                                            | `false`     |
+| `externalMethod`   | specify method to passthrough the traffic to the virtual machine. Allowed values: `WholeIP` and `PortList` | `PortList`  |
+| `externalPorts`    | Specify ports to forward from outside the cluster                                                          | `[]`        |
+| `running`          | Determines if the virtual machine should be running                                                        | `true`      |
+| `instanceType`     | Virtual Machine instance type                                                                              | `u1.medium` |
+| `instanceProfile`  | Virtual Machine preferences profile                                                                        | `ubuntu`    |
+| `disks`            | List of disks to attach                                                                                    | `[]`        |
+| `gpus`             | List of GPUs to attach                                                                                     | `[]`        |
+| `resources.cpu`    | The number of CPU cores allocated to the virtual machine                                                   | `""`        |
+| `resources.memory` | The amount of memory allocated to the virtual machine                                                      | `""`        |
+| `sshKeys`          | List of SSH public keys for authentication. Can be a single key or a list of keys.                         | `[]`        |
+| `cloudInit`        | cloud-init user data config. See cloud-init documentation for more details.                                | `""`        |
+| `cloudInitSeed`    | A seed string to generate an SMBIOS UUID for the VM.                                                       | `""`        |
 
 ## U Series
 

packages/apps/vm-instance/templates/vm.yaml

@@ -31,10 +31,9 @@ spec:
         {{- include "virtual-machine.labels" . | nindent 8 }}
     spec:
       domain:
-        {{- if and .Values.resources .Values.resources.cpu .Values.resources.sockets }}
+        {{- if and .Values.resources .Values.resources.cpu }}
         cpu:
           cores: {{ .Values.resources.cpu }}
-          sockets: {{ .Values.resources.sockets }}
         {{- end }}
         {{- if and .Values.resources .Values.resources.memory }}
         resources:

packages/apps/vm-instance/values.schema.json

@@ -165,11 +165,6 @@
           "type": "string",
           "description": "The amount of memory allocated to the virtual machine",
           "default": ""
-        },
-        "sockets": {
-          "type": "string",
-          "description": "The number of CPU sockets allocated to the virtual machine (used to define vCPU topology)",
-          "default": ""
         }
       }
     },

packages/apps/vm-instance/values.yaml

@@ -32,11 +32,9 @@ gpus: []
 
 ## @param resources.cpu The number of CPU cores allocated to the virtual machine
 ## @param resources.memory The amount of memory allocated to the virtual machine
-## @param resources.sockets The number of CPU sockets allocated to the virtual machine (used to define vCPU topology)
 resources:
   cpu: ""
   memory: ""
-  sockets: ""
 
 ## @param sshKeys [array] List of SSH public keys for authentication. Can be a single key or a list of keys.
 ## Example:

packages/apps/vpn/Chart.yaml

@@ -16,7 +16,7 @@ type: application
 # This is the chart version. This version number should be incremented each time you make changes
 # to the chart and its templates, including the app version.
 # Versions are expected to follow Semantic Versioning (https://semver.org/)
-version: 0.7.0
+version: 0.6.2
 
 # This is the version number of the application being deployed. This version number should be
 # incremented each time you make changes to the application. Versions are not expected to

packages/apps/vpn/README.md

@@ -47,18 +47,18 @@ resources:
   memory: 4Gi
 ```
 
-`resourcesPreset` sets named CPU and memory configurations for each replica.
+`resourcePreset` sets named CPU and memory configurations for each replica.
 This setting is ignored if the corresponding `resources` value is set.
 
 | Preset name | CPU    | memory  |
 |-------------|--------|---------|
-| `nano`      | `250m` | `128Mi` |
-| `micro`     | `500m` | `256Mi` |
-| `small`     | `1`    | `512Mi` |
-| `medium`    | `1`    | `1Gi`   |
-| `large`     | `3`    | `2Gi`   |
-| `xlarge`    | `4`    | `4Gi`   |
-| `2xlarge`   | `8`    | `8Gi`   |
+| `nano`      | `100m` | `128Mi` |
+| `micro`     | `250m` | `256Mi` |
+| `small`     | `500m` | `512Mi` |
+| `medium`    | `500m` | `1Gi`   |
+| `large`     | `1`    | `2Gi`   |
+| `xlarge`    | `2`    | `4Gi`   |
+| `2xlarge`   | `4`    | `8Gi`   |
 
 
 ### users

packages/apps/vpn/templates/deployment.yaml

@@ -43,7 +43,11 @@ spec:
       containers:
         - name: outline-vpn
           image: quay.io/outline/shadowbox:stable
-          resources: {{- include "cozy-lib.resources.defaultingSanitize" (list .Values.resourcesPreset .Values.resources $) | nindent 12 }}
+          {{- if .Values.resources }}
+          resources: {{- include "cozy-lib.resources.sanitize" (list .Values.resources $) | nindent 12 }}
+          {{- else if ne .Values.resourcesPreset "none" }}
+          resources: {{- include "cozy-lib.resources.preset" (list .Values.resourcesPreset $) | nindent 12 }}
+          {{- end }}
           ports:
             - containerPort: 40000
               protocol: TCP

packages/core/installer/values.yaml

@@ -1,2 +1,2 @@
 cozystack:
-  image: ghcr.io/cozystack/cozystack/installer:v0.33.0@sha256:6cdc5d9062b536929152214e8a6a6b8096b64a17592e04a3633f58d21ff43a63
+  image: ghcr.io/cozystack/cozystack/installer:v0.32.1@sha256:9eb11a1c396d63e4235f398f5f01ec6aedea2316d6a7a9294d88191d25af309c

packages/core/platform/bundles/distro-full.yaml

@@ -195,14 +195,6 @@ releases:
   privileged: true
   dependsOn: [piraeus-operator,cilium,cert-manager,snapshot-controller]
 
-- name: nfs-driver
-  releaseName: nfs-driver
-  chart: cozy-nfs-driver
-  namespace: cozy-nfs-driver
-  privileged: true
-  dependsOn: [cilium]
-  optional: true
-
 - name: telepresence
   releaseName: traffic-manager
   chart: cozy-telepresence
@@ -250,11 +242,3 @@ releases:
   releaseName: reloader
   chart: cozy-reloader
   namespace: cozy-reloader
-
-- name: velero
-  releaseName: velero
-  chart: cozy-velero
-  namespace: cozy-velero
-  privileged: true
-  optional: true
-  dependsOn: [cilium]

packages/core/platform/bundles/distro-hosted.yaml

@@ -30,6 +30,7 @@ releases:
   releaseName: cozystack-controller
   chart: cozy-cozystack-controller
   namespace: cozy-system
+  dependsOn: [cilium]
   {{- if eq (index $cozyConfig.data "telemetry-enabled") "false" }}
   values:
     cozystackController:
@@ -164,10 +165,3 @@ releases:
   namespace: cozy-keycloak
   optional: true
   dependsOn: [keycloak]
-
-- name: velero
-  releaseName: velero
-  chart: cozy-velero
-  namespace: cozy-velero
-  privileged: true
-  optional: true

packages/core/platform/bundles/paas-full.yaml

@@ -249,14 +249,6 @@ releases:
   privileged: true
   dependsOn: [piraeus-operator,cilium,kubeovn,cert-manager,snapshot-controller]
 
-- name: nfs-driver
-  releaseName: nfs-driver
-  chart: cozy-nfs-driver
-  namespace: cozy-nfs-driver
-  privileged: true
-  dependsOn: [cilium,kubeovn]
-  optional: true
-
 - name: snapshot-controller
   releaseName: snapshot-controller
   chart: cozy-snapshot-controller
@@ -407,11 +399,3 @@ releases:
   releaseName: reloader
   chart: cozy-reloader
   namespace: cozy-reloader
-
-- name: velero
-  releaseName: velero
-  chart: cozy-velero
-  namespace: cozy-velero
-  privileged: true
-  optional: true
-  dependsOn: [monitoring-agents]

packages/core/platform/bundles/paas-hosted.yaml

@@ -230,11 +230,3 @@ releases:
   namespace: cozy-vertical-pod-autoscaler
   privileged: true
   dependsOn: []
-
-- name: velero
-  releaseName: velero
-  chart: cozy-velero
-  namespace: cozy-velero
-  privileged: true
-  optional: true
-  dependsOn: [monitoring-agents]

packages/core/testing/Makefile

@@ -15,7 +15,7 @@ help: ## Show this help.
 image: image-e2e-sandbox
 
 image-e2e-sandbox:
-	docker buildx build -f images/e2e-sandbox/Dockerfile images/e2e-sandbox \
+	docker buildx build -f images/e2e-sandbox/Dockerfile ../../.. \
 		--provenance false \
 		--builder=$(BUILDER) \
 		--platform=$(PLATFORM) \
@@ -50,16 +50,6 @@ test-cluster: copy-nocloud-image copy-installer-manifest ## Run the end-to-end f
 test-apps-%:
 	docker exec "${SANDBOX_NAME}" sh -c 'cd /workspace && hack/cozytest.sh hack/e2e-apps/$*.bats'
 
-collect-report: ## Collect the test report from the sandbox.
-	docker exec "${SANDBOX_NAME}" sh -c 'cd /workspace && hack/cozyreport.sh cozyreport'
-	mkdir -p ../../../_out
-	docker cp "${SANDBOX_NAME}:/workspace/cozyreport.tgz" ../../../_out/cozyreport.tgz
-
-collect-images: ## Collect the list of images used in the sandbox.
-	docker exec "${SANDBOX_NAME}" sh -c 'cd /workspace && hack/collect-images.sh'
-	mkdir -p ../../../_out
-	docker cp "${SANDBOX_NAME}":/workspace/images.txt ../../../_out/images.txt
-
 delete: ## Remove sandbox from existing Kubernetes cluster.
 	docker rm -f "${SANDBOX_NAME}" || true
 
@@ -67,13 +57,10 @@ exec:  ## Opens an interactive shell in the sandbox container.
 	docker exec -ti "${SANDBOX_NAME}" bash
 
 apply: delete
-	mkdir -p /tmp/${SANDBOX_NAME}
-	chmod 777 /tmp/${SANDBOX_NAME}
 	docker run \
 		-d --rm --name "${SANDBOX_NAME}" --privileged \
 		-e TALOSCONFIG=/workspace/talosconfig \
 		-e KUBECONFIG=/workspace/kubeconfig \
-		-e SANDBOX_NAME=${SANDBOX_NAME} \
 		"$$(yq .e2e.image values.yaml)" \
-		--timeout 30m
-	docker cp "${ROOT_DIR}/." "${SANDBOX_NAME}":/workspace
+		sleep infinity
+	docker cp "${ROOT_DIR}" "${SANDBOX_NAME}":/workspace

packages/core/testing/images/e2e-sandbox/Dockerfile

@@ -9,7 +9,7 @@ ARG TARGETOS
 ARG TARGETARCH
 
 RUN apt update -q
-RUN apt install -yq --no-install-recommends psmisc genisoimage ca-certificates qemu-kvm qemu-utils iproute2 iptables wget xz-utils netcat curl jq make git
+RUN apt install -yq --no-install-recommends genisoimage ca-certificates qemu-kvm qemu-utils iproute2 iptables wget xz-utils netcat curl jq make git
 RUN curl -sSL "https://github.com/siderolabs/talos/releases/download/v${TALOSCTL_VERSION}/talosctl-${TARGETOS}-${TARGETARCH}" -o /usr/local/bin/talosctl \
  && chmod +x /usr/local/bin/talosctl
 RUN curl -sSL "https://dl.k8s.io/release/v${KUBECTL_VERSION}/bin/${TARGETOS}/${TARGETARCH}/kubectl" -o /usr/local/bin/kubectl \
@@ -19,6 +19,3 @@ RUN curl -sSL "https://github.com/mikefarah/yq/releases/download/v4.44.3/yq_${TA
  && chmod +x /usr/local/bin/yq
 RUN curl -sSL "https://fluxcd.io/install.sh" | bash
 RUN curl -sSL "https://github.com/cozystack/cozypkg/raw/refs/heads/main/hack/install.sh" | sh -s -- -v "${COZYPKG_VERSION}"
-
-COPY entrypoint.sh /usr/local/bin/entrypoint.sh
-ENTRYPOINT ["/usr/local/bin/entrypoint.sh"]

packages/core/testing/images/e2e-sandbox/entrypoint.sh

@@ -1,60 +0,0 @@
-#!/bin/sh
-set -eu
-
-SELF_PID="$$"
-INTERVAL=30m
-
-while [ $# -gt 0 ]; do
-  case "$1" in
-    --timeout)
-      INTERVAL="$2"
-      shift 2
-      ;;
-    *)
-      echo "Usage: $0 [--timeout SECONDS]"
-      exit 1
-      ;;
-  esac
-done
-
-check_once() {
-  ALL_PROCS=$(ps -eo pid=,comm=)
-  OWN_PIDS=$(pstree -p $$ | grep -o '[0-9]\+' | sort -u)
-
-  EXTERNAL_PIDS=$(
-    echo "$ALL_PROCS" | while read -r PID CMD; do
-      PID=$(echo "$PID" | tr -d ' ')
-      CMD=$(echo "$CMD" | tr -d ' ')
-
-      echo "$OWN_PIDS" | grep -q -x "$PID" && continue
-
-      case "$CMD" in
-        *qemu*|ps) continue ;;
-      esac
-
-      echo "PID=$PID CMD=$CMD"
-    done
-  )
-
-  COUNT=$(echo "$EXTERNAL_PIDS" | wc -w)
-  echo "$EXTERNAL_PIDS"
-  [ "$COUNT" -eq 0 ]
-}
-
-check_loop() {
-  while :; do
-    ALL_PROCS=$(ps -eo pid=,ppid=,comm=)
-
-    if check_once; then
-      echo "No external processes, exiting..."
-      exit 0
-    fi
-
-    echo "External processes still running, next check in ${INTERVAL}..."
-    sleep "$INTERVAL"
-  done
-}
-
-echo "Waiting for external processes to be started, next check in ${INTERVAL}..."
-sleep "$INTERVAL"
-check_loop

packages/core/testing/values.yaml

@@ -1,2 +1,2 @@
 e2e:
-  image: ghcr.io/cozystack/cozystack/e2e-sandbox:v0.33.0@sha256:fd169ae7ee7b0b10ee34f02353ae96c182ca7b6cede771c8fc6539894416104f
+  image: ghcr.io/cozystack/cozystack/e2e-sandbox:v0.32.1@sha256:b15f85e58be54529d74ab7056d5d47960944abde28f14611e88156989a19c789

packages/extra/bootbox/images/matchbox.tag

@@ -1 +1 @@
-ghcr.io/cozystack/cozystack/matchbox:v0.33.0@sha256:adc133234a48f3496441334348aeab400ee29b8514129c110b892fa1e0dff1d8
+ghcr.io/cozystack/cozystack/matchbox:v0.32.1@sha256:a01a26c4fa437bb2082c9d242661cddb0a8ce98a2ee66858a971f141bbe0fd35

packages/extra/etcd/Chart.yaml

@@ -3,4 +3,4 @@ name: etcd
 description: Storage for Kubernetes clusters
 icon: /logos/etcd.svg
 type: application
-version: 2.9.0
+version: 2.8.0