Remove user-facing config of limits and requests

This patch introduces reusable library charts that provide
backward-compatibility for users that specify their resources as
explicit requests and limits for cpu, however this input is processed so
that limits are set equal to requests except for CPU which only gets
requests. Users can now embrace the new form by directly specifying
resources in the first level of nesting (e.g. resources.cpu=100m instead
of .resources.requests.cpu=100m). The order of precedence is top-level,
then requests, then limits, ensuring that nothing will break in terms of
scheduling, however workloads that specified limits much higher than
requests might get a performance hit, now that they cannot use all this
excess capacity. This should only affect memory-hungry workloads in
low-contention environments.

Signed-off-by: Timofei Larkin <lllamnyp@gmail.com>

.github/workflows/pre-commit.yml

@@ -3,8 +3,6 @@ name: Pre-Commit Checks
 on:
   pull_request:
     types: [labeled, opened, synchronize, reopened]
-    paths-ignore:
-      - '**.md'
 
 concurrency:
   group: pre-commit-${{ github.workflow }}-${{ github.event.pull_request.number }}

.github/workflows/pull-requests-release.yaml

@@ -3,11 +3,6 @@ name: Releasing PR
 on:
   pull_request:
     types: [labeled, opened, synchronize, reopened, closed]
-  workflow_dispatch:
-    inputs:
-      sha:
-        description: "Commit SHA to test"
-        required: true
 
 concurrency:
   group: pull-requests-release-${{ github.workflow }}-${{ github.event.pull_request.number }}
@@ -21,19 +16,15 @@ jobs:
       contents: read
       packages: write
 
-    # Run only when the PR carries the "release" label and not closed or via workflow_dispatch
+    # Run only when the PR carries the "release" label and not closed.
     if: |
-      (github.event_name == 'pull_request' &&
-       contains(github.event.pull_request.labels.*.name, 'release') &&
-       github.event.action != 'closed')
-      || github.event_name == 'workflow_dispatch'
+      contains(github.event.pull_request.labels.*.name, 'release') &&
+      github.event.action != 'closed'
 
     steps:
       - name: Checkout code
         uses: actions/checkout@v4
         with:
-          # for workflow_dispatch take a specific SHA, otherwise — head.sha PR
-          ref: ${{ github.event_name == 'pull_request' && github.event.pull_request.head.sha || inputs.sha }}
           fetch-depth: 0
           fetch-tags: true
 
@@ -145,13 +136,13 @@ jobs:
         uses: actions/github-script@v7
         with:
           script: |
-            const tag = '${{ steps.get_tag.outputs.tag }}';              // v0.31.5-rc1
-            const m = tag.match(/^v(\d+\.\d+\.\d+)(-rc\d+)?$/);
+            const tag = '${{ steps.get_tag.outputs.tag }}';              // v0.31.5-rc.1
+            const m = tag.match(/^v(\d+\.\d+\.\d+)(-rc\.\d+)?$/);
             if (!m) {
-              core.setFailed(`❌ tag '${tag}' must match 'vX.Y.Z' or 'vX.Y.Z-rcN'`);
+              core.setFailed(`❌ tag '${tag}' must match 'vX.Y.Z' or 'vX.Y.Z-rc.N'`);
               return;
             }
-            const version = m[1] + (m[2] ?? '');                         // 0.31.5‑rc1
+            const version = m[1] + (m[2] ?? '');                         // 0.31.5‑rc.1
             const isRc    = Boolean(m[2]);
             core.setOutput('is_rc',      isRc);
             const outdated = '${{ steps.semver.outputs.comparison-result }}' === '<';

.github/workflows/tags.yaml

@@ -225,25 +225,3 @@ jobs:
             } else {
               console.log(`PR already exists from ${head} to ${base}`);
             }
-
-      # Run tests
-      - name: Trigger release-verify tests
-        if: steps.check_release.outputs.skip == 'false'
-        uses: actions/github-script@v7
-        env:
-          GH_TOKEN:       ${{ secrets.GITHUB_TOKEN }}
-          DISPATCH_REF:   ${{ steps.get_base.outputs.branch }}  # main or release-X.Y
-          DISPATCH_SHA:   ${{ github.sha }}                     # commit for tests
-        with:
-          github-token: ${{ env.GH_TOKEN }}
-          script: |
-            await github.rest.actions.createWorkflowDispatch({
-              owner:       context.repo.owner,
-              repo:        context.repo.repo,
-              workflow_id: 'pull-requests-release.yaml',
-              ref:         process.env.DISPATCH_REF,
-              inputs: {
-                sha: process.env.DISPATCH_SHA
-              }
-            });
-            console.log(`🔔 verify-job triggered on ${process.env.DISPATCH_SHA}`);

.gitignore

@@ -1,6 +1,7 @@
 _out
 .git
 .idea
+.vscode
 
 # User-specific stuff
 .idea/**/workspace.xml
@@ -75,4 +76,4 @@ fabric.properties
 .idea/caches/build_file_checksums.ser
 
 .DS_Store
-**/.DS_Store
+**/.DS_Store

.pre-commit-config.yaml

@@ -18,6 +18,7 @@ repos:
               (cd "$dir" && make generate)
             fi
           done
+          git diff --color=always | cat
         '
       language: script
       files: ^.*$

Makefile

@@ -28,6 +28,7 @@ build: build-deps
 
 repos:
 	rm -rf _out
+	make -C packages/library check-version-map
 	make -C packages/apps check-version-map
 	make -C packages/extra check-version-map
 	make -C packages/system repo

cmd/cozystack-controller/main.go

@@ -39,6 +39,8 @@ import (
 	cozystackiov1alpha1 "github.com/cozystack/cozystack/api/v1alpha1"
 	"github.com/cozystack/cozystack/internal/controller"
 	"github.com/cozystack/cozystack/internal/telemetry"
+
+	helmv2 "github.com/fluxcd/helm-controller/api/v2"
 	// +kubebuilder:scaffold:imports
 )
 
@@ -51,6 +53,7 @@ func init() {
 	utilruntime.Must(clientgoscheme.AddToScheme(scheme))
 
 	utilruntime.Must(cozystackiov1alpha1.AddToScheme(scheme))
+	utilruntime.Must(helmv2.AddToScheme(scheme))
 	// +kubebuilder:scaffold:scheme
 }
 
@@ -182,6 +185,14 @@ func main() {
 	if err = (&controller.WorkloadReconciler{
 		Client: mgr.GetClient(),
 		Scheme: mgr.GetScheme(),
+	}).SetupWithManager(mgr); err != nil {
+		setupLog.Error(err, "unable to create controller", "controller", "WorkloadReconciler")
+		os.Exit(1)
+	}
+
+	if err = (&controller.TenantHelmReconciler{
+		Client: mgr.GetClient(),
+		Scheme: mgr.GetScheme(),
 	}).SetupWithManager(mgr); err != nil {
 		setupLog.Error(err, "unable to create controller", "controller", "Workload")
 		os.Exit(1)

docs/release.md

@@ -1,10 +1,37 @@
 # Release Workflow
 
-This section explains how Cozystack builds and releases are made.
+This document describes Cozystack’s release process.
+
+## Introduction
+
+Cozystack uses a staged release process to ensure stability and flexibility during development.
+
+There are three types of releases:
+
+- **Release Candidates (RC)** – Preview versions (e.g., `v0.42.0-rc.1`) used for final testing and validation.
+- **Regular Releases** – Final versions (e.g., `v0.42.0`) that are feature-complete and thoroughly tested.
+- **Patch Releases** – Bugfix-only updates (e.g., `v0.42.1`) made after a stable release, based on a dedicated release branch.
+
+Each type plays a distinct role in delivering reliable and tested updates while allowing ongoing development to continue smoothly.
+
+## Release Candidates
+
+Release candidates are Cozystack versions that introduce new features and are published before a stable release.
+Their purpose is to help validate stability before finalizing a new feature release.
+They allow for final rounds of testing and bug fixes without freezing development.
+
+Release candidates are given numbers `vX.Y.0-rc.N`, for example, `v0.42.0-rc.1`.
+They are created directly in the `main` branch.
+An RC is typically tagged when all major features for the upcoming release have been merged into main and the release enters its testing phase.
+However, new features and changes can still be added before the regular release `vX.Y.0`.
+
+Each RC contributes to a cumulative set of release notes that will be finalized when `vX.Y.0` is released.
+After testing, if no critical issues remain, the regular release (`vX.Y.0`) is tagged from the last RC or a later commit in main.
+This begins the regular release process, creates a dedicated `release-X.Y` branch, and opens the way for patch releases.
 
 ## Regular Releases
 
-When making regular releases, we take a commit in `main` and decide to make it a release `x.y.0`.
+When making a regular release, we tag the latest RC or a subsequent minimal-change commit as `vX.Y.0`.
 In this explanation, we'll use version `v0.42.0` as an example:
 
 ```mermaid

internal/controller/tenant_helm_reconciler.go

@@ -0,0 +1,158 @@
+package controller
+
+import (
+	"context"
+	"fmt"
+	"strings"
+	"time"
+
+	e "errors"
+
+	helmv2 "github.com/fluxcd/helm-controller/api/v2"
+	"gopkg.in/yaml.v2"
+	corev1 "k8s.io/api/core/v1"
+	apiextensionsv1 "k8s.io/apiextensions-apiserver/pkg/apis/apiextensions/v1"
+	"k8s.io/apimachinery/pkg/api/errors"
+	"k8s.io/apimachinery/pkg/runtime"
+	ctrl "sigs.k8s.io/controller-runtime"
+	"sigs.k8s.io/controller-runtime/pkg/client"
+	"sigs.k8s.io/controller-runtime/pkg/log"
+)
+
+type TenantHelmReconciler struct {
+	client.Client
+	Scheme *runtime.Scheme
+}
+
+func (r *TenantHelmReconciler) Reconcile(ctx context.Context, req ctrl.Request) (ctrl.Result, error) {
+	logger := log.FromContext(ctx)
+
+	hr := &helmv2.HelmRelease{}
+	if err := r.Get(ctx, req.NamespacedName, hr); err != nil {
+		if errors.IsNotFound(err) {
+			return ctrl.Result{}, nil
+		}
+		logger.Error(err, "unable to fetch HelmRelease")
+		return ctrl.Result{}, err
+	}
+
+	if !strings.HasPrefix(hr.Name, "tenant-") {
+		return ctrl.Result{}, nil
+	}
+
+	if len(hr.Status.Conditions) == 0 || hr.Status.Conditions[0].Type != "Ready" {
+		return ctrl.Result{}, nil
+	}
+
+	if len(hr.Status.History) == 0 {
+		logger.Info("no history in HelmRelease status", "name", hr.Name)
+		return ctrl.Result{}, nil
+	}
+
+	if hr.Status.History[0].Status != "deployed" {
+		return ctrl.Result{}, nil
+	}
+
+	newDigest := hr.Status.History[0].Digest
+	var hrList helmv2.HelmReleaseList
+	childNamespace := getChildNamespace(hr.Namespace, hr.Name)
+	if childNamespace == "tenant-root" && hr.Name == "tenant-root" {
+		if hr.Spec.Values == nil {
+			logger.Error(e.New("hr.Spec.Values is nil"), "cant annotate tenant-root ns")
+			return ctrl.Result{}, nil
+		}
+		err := annotateTenantRootNs(*hr.Spec.Values, r.Client)
+		if err != nil {
+			logger.Error(err, "cant annotate tenant-root ns")
+			return ctrl.Result{}, nil
+		}
+		logger.Info("namespace 'tenant-root' annotated")
+	}
+
+	if err := r.List(ctx, &hrList, client.InNamespace(childNamespace)); err != nil {
+		logger.Error(err, "unable to list HelmReleases in namespace", "namespace", hr.Name)
+		return ctrl.Result{}, err
+	}
+
+	for _, item := range hrList.Items {
+		if item.Name == hr.Name {
+			continue
+		}
+		oldDigest := item.GetAnnotations()["cozystack.io/tenant-config-digest"]
+		if oldDigest == newDigest {
+			continue
+		}
+		patchTarget := item.DeepCopy()
+
+		if patchTarget.Annotations == nil {
+			patchTarget.Annotations = map[string]string{}
+		}
+		ts := time.Now().Format(time.RFC3339Nano)
+
+		patchTarget.Annotations["cozystack.io/tenant-config-digest"] = newDigest
+		patchTarget.Annotations["reconcile.fluxcd.io/forceAt"] = ts
+		patchTarget.Annotations["reconcile.fluxcd.io/requestedAt"] = ts
+
+		patch := client.MergeFrom(item.DeepCopy())
+		if err := r.Patch(ctx, patchTarget, patch); err != nil {
+			logger.Error(err, "failed to patch HelmRelease", "name", patchTarget.Name)
+			continue
+		}
+
+		logger.Info("patched HelmRelease with new digest", "name", patchTarget.Name, "digest", newDigest, "version", hr.Status.History[0].Version)
+	}
+
+	return ctrl.Result{}, nil
+}
+
+func (r *TenantHelmReconciler) SetupWithManager(mgr ctrl.Manager) error {
+	return ctrl.NewControllerManagedBy(mgr).
+		For(&helmv2.HelmRelease{}).
+		Complete(r)
+}
+
+func getChildNamespace(currentNamespace, hrName string) string {
+	tenantName := strings.TrimPrefix(hrName, "tenant-")
+
+	switch {
+	case currentNamespace == "tenant-root" && hrName == "tenant-root":
+		// 1) root tenant inside root namespace
+		return "tenant-root"
+
+	case currentNamespace == "tenant-root":
+		// 2) any other tenant in root namespace
+		return fmt.Sprintf("tenant-%s", tenantName)
+
+	default:
+		// 3) tenant in a dedicated namespace
+		return fmt.Sprintf("%s-%s", currentNamespace, tenantName)
+	}
+}
+
+func annotateTenantRootNs(values apiextensionsv1.JSON, c client.Client) error {
+	var data map[string]interface{}
+	if err := yaml.Unmarshal(values.Raw, &data); err != nil {
+		return fmt.Errorf("failed to parse HelmRelease values: %w", err)
+	}
+
+	host, ok := data["host"].(string)
+	if !ok || host == "" {
+		return fmt.Errorf("host field not found or not a string")
+	}
+
+	var ns corev1.Namespace
+	if err := c.Get(context.TODO(), client.ObjectKey{Name: "tenant-root"}, &ns); err != nil {
+		return fmt.Errorf("failed to get namespace tenant-root: %w", err)
+	}
+
+	if ns.Annotations == nil {
+		ns.Annotations = map[string]string{}
+	}
+	ns.Annotations["namespace.cozystack.io/host"] = host
+
+	if err := c.Update(context.TODO(), &ns); err != nil {
+		return fmt.Errorf("failed to update namespace: %w", err)
+	}
+
+	return nil
+}

internal/controller/workload_controller.go

@@ -39,6 +39,15 @@ func (r *WorkloadReconciler) Reconcile(ctx context.Context, req ctrl.Request) (c
 	}
 
 	t := getMonitoredObject(w)
+
+	if t == nil {
+		err = r.Delete(ctx, w)
+		if err != nil {
+			logger.Error(err, "failed to delete workload")
+		}
+		return ctrl.Result{}, err
+	}
+
 	err = r.Get(ctx, types.NamespacedName{Name: t.GetName(), Namespace: t.GetNamespace()}, t)
 
 	// found object, nothing to do
@@ -68,20 +77,23 @@ func (r *WorkloadReconciler) SetupWithManager(mgr ctrl.Manager) error {
 }
 
 func getMonitoredObject(w *cozyv1alpha1.Workload) client.Object {
-	if strings.HasPrefix(w.Name, "pvc-") {
+	switch {
+	case strings.HasPrefix(w.Name, "pvc-"):
 		obj := &corev1.PersistentVolumeClaim{}
 		obj.Name = strings.TrimPrefix(w.Name, "pvc-")
 		obj.Namespace = w.Namespace
 		return obj
-	}
-	if strings.HasPrefix(w.Name, "svc-") {
+	case strings.HasPrefix(w.Name, "svc-"):
 		obj := &corev1.Service{}
 		obj.Name = strings.TrimPrefix(w.Name, "svc-")
 		obj.Namespace = w.Namespace
 		return obj
+	case strings.HasPrefix(w.Name, "pod-"):
+		obj := &corev1.Pod{}
+		obj.Name = strings.TrimPrefix(w.Name, "pod-")
+		obj.Namespace = w.Namespace
+		return obj
 	}
-	obj := &corev1.Pod{}
-	obj.Name = w.Name
-	obj.Namespace = w.Namespace
+	var obj client.Object
 	return obj
 }

internal/controller/workload_controller_test.go

@@ -0,0 +1,26 @@
+package controller
+
+import (
+	"testing"
+
+	cozyv1alpha1 "github.com/cozystack/cozystack/api/v1alpha1"
+	corev1 "k8s.io/api/core/v1"
+)
+
+func TestUnprefixedMonitoredObjectReturnsNil(t *testing.T) {
+	w := &cozyv1alpha1.Workload{}
+	w.Name = "unprefixed-name"
+	obj := getMonitoredObject(w)
+	if obj != nil {
+		t.Errorf(`getMonitoredObject(&Workload{Name: "%s"}) == %v, want nil`, w.Name, obj)
+	}
+}
+
+func TestPodMonitoredObject(t *testing.T) {
+	w := &cozyv1alpha1.Workload{}
+	w.Name = "pod-mypod"
+	obj := getMonitoredObject(w)
+	if pod, ok := obj.(*corev1.Pod); !ok || pod.Name != "mypod" {
+		t.Errorf(`getMonitoredObject(&Workload{Name: "%s"}) == %v, want &Pod{Name: "mypod"}`, w.Name, obj)
+	}
+}

internal/controller/workloadmonitor_controller.go

@@ -212,15 +212,12 @@ func (r *WorkloadMonitorReconciler) reconcilePodForMonitor(
 ) error {
 	logger := log.FromContext(ctx)
 
-	// Combine both init containers and normal containers to sum resources properly
-	combinedContainers := append(pod.Spec.InitContainers, pod.Spec.Containers...)
-
-	// totalResources will store the sum of all container resource limits
+	// totalResources will store the sum of all container resource requests
 	totalResources := make(map[string]resource.Quantity)
 
-	// Iterate over all containers to aggregate their Limits
-	for _, container := range combinedContainers {
-		for name, qty := range container.Resources.Limits {
+	// Iterate over all containers to aggregate their requests
+	for _, container := range pod.Spec.Containers {
+		for name, qty := range container.Resources.Requests {
 			if existing, exists := totalResources[name.String()]; exists {
 				existing.Add(qty)
 				totalResources[name.String()] = existing
@@ -249,7 +246,7 @@ func (r *WorkloadMonitorReconciler) reconcilePodForMonitor(
 
 	workload := &cozyv1alpha1.Workload{
 		ObjectMeta: metav1.ObjectMeta{
-			Name:      pod.Name,
+			Name:      fmt.Sprintf("pod-%s", pod.Name),
 			Namespace: pod.Namespace,
 		},
 	}

packages/apps/bucket/README.md

@@ -0,0 +1,3 @@
+# S3 bucket
+
+## Parameters

packages/apps/bucket/values.schema.json

@@ -0,0 +1,5 @@
+{
+    "title": "Chart Values",
+    "type": "object",
+    "properties": {}
+}

packages/apps/bucket/values.yaml

@@ -0,0 +1 @@
+{}

packages/apps/clickhouse/Chart.yaml

@@ -16,10 +16,15 @@ type: application
 # This is the chart version. This version number should be incremented each time you make changes
 # to the chart and its templates, including the app version.
 # Versions are expected to follow Semantic Versioning (https://semver.org/)
-version: 0.7.0
+version: 0.9.0
 
 # This is the version number of the application being deployed. This version number should be
 # incremented each time you make changes to the application. Versions are not expected to
 # follow Semantic Versioning. They should reflect the version the application is using.
 # It is recommended to use it with quotes.
 appVersion: "24.9.2"
+
+dependencies:
+  - name: cozy-lib
+    version: 0.1.0
+    repository: "http://cozystack.cozy-system.svc/repos/library"

packages/apps/clickhouse/charts/cozy-lib

@@ -0,0 +1 @@
+../../../library/cozy-lib

packages/apps/clickhouse/templates/_resources.tpl

@@ -11,35 +11,34 @@ These presets are for basic testing and not meant to be used in production
 {{ include "resources.preset" (dict "type" "nano") -}}
 */}}
 {{- define "resources.preset" -}}
-{{/* The limits are the requests increased by 50% (except ephemeral-storage and xlarge/2xlarge sizes)*/}}
 {{- $presets := dict 
   "nano" (dict 
       "requests" (dict "cpu" "100m" "memory" "128Mi" "ephemeral-storage" "50Mi")
-      "limits" (dict "cpu" "150m" "memory" "192Mi" "ephemeral-storage" "2Gi")
+      "limits" (dict "memory" "128Mi" "ephemeral-storage" "2Gi")
    )
   "micro" (dict 
       "requests" (dict "cpu" "250m" "memory" "256Mi" "ephemeral-storage" "50Mi")
-      "limits" (dict "cpu" "375m" "memory" "384Mi" "ephemeral-storage" "2Gi")
+      "limits" (dict "memory" "256Mi" "ephemeral-storage" "2Gi")
    )
   "small" (dict 
       "requests" (dict "cpu" "500m" "memory" "512Mi" "ephemeral-storage" "50Mi")
-      "limits" (dict "cpu" "750m" "memory" "768Mi" "ephemeral-storage" "2Gi")
+      "limits" (dict "memory" "512Mi" "ephemeral-storage" "2Gi")
    )
   "medium" (dict 
-      "requests" (dict "cpu" "500m" "memory" "1024Mi" "ephemeral-storage" "50Mi")
-      "limits" (dict "cpu" "750m" "memory" "1536Mi" "ephemeral-storage" "2Gi")
+      "requests" (dict "cpu" "500m" "memory" "1Gi" "ephemeral-storage" "50Mi")
+      "limits" (dict "memory" "1Gi" "ephemeral-storage" "2Gi")
    )
   "large" (dict 
-      "requests" (dict "cpu" "1.0" "memory" "2048Mi" "ephemeral-storage" "50Mi")
-      "limits" (dict "cpu" "1.5" "memory" "3072Mi" "ephemeral-storage" "2Gi")
+      "requests" (dict "cpu" "1" "memory" "2Gi" "ephemeral-storage" "50Mi")
+      "limits" (dict "memory" "2Gi" "ephemeral-storage" "2Gi")
    )
   "xlarge" (dict 
-      "requests" (dict "cpu" "1.0" "memory" "3072Mi" "ephemeral-storage" "50Mi")
-      "limits" (dict "cpu" "3.0" "memory" "6144Mi" "ephemeral-storage" "2Gi")
+      "requests" (dict "cpu" "2" "memory" "4Gi" "ephemeral-storage" "50Mi")
+      "limits" (dict "memory" "4Gi" "ephemeral-storage" "2Gi")
    )
   "2xlarge" (dict 
-      "requests" (dict "cpu" "1.0" "memory" "3072Mi" "ephemeral-storage" "50Mi")
-      "limits" (dict "cpu" "6.0" "memory" "12288Mi" "ephemeral-storage" "2Gi")
+      "requests" (dict "cpu" "4" "memory" "8Gi" "ephemeral-storage" "50Mi")
+      "limits" (dict "memory" "8Gi" "ephemeral-storage" "2Gi")
    )
  }}
 {{- if hasKey $presets .type -}}

packages/apps/clickhouse/templates/clickhouse.yaml

@@ -122,9 +122,9 @@ spec:
             - name: clickhouse
               image: clickhouse/clickhouse-server:24.9.2.42
               {{- if .Values.resources }}
-              resources: {{- toYaml .Values.resources | nindent 16 }}
+              resources: {{- include "cozy-lib.resources.sanitize" .Values.resources | nindent 16 }}
               {{- else if ne .Values.resourcesPreset "none" }}
-              resources: {{- include "resources.preset" (dict "type" .Values.resourcesPreset "Release" .Release) | nindent 16 }}
+              resources: {{- include "cozy-lib.resources.preset" .Values.resourcesPreset | nindent 16 }}
               {{- end }}
               volumeMounts:
                 - name: data-volume-template

packages/apps/ferretdb/Chart.yaml

@@ -16,7 +16,7 @@ type: application
 # This is the chart version. This version number should be incremented each time you make changes
 # to the chart and its templates, including the app version.
 # Versions are expected to follow Semantic Versioning (https://semver.org/)
-version: 0.5.0
+version: 0.6.0
 
 # This is the version number of the application being deployed. This version number should be
 # incremented each time you make changes to the application. Versions are not expected to

packages/apps/ferretdb/templates/_resources.tpl

@@ -11,35 +11,34 @@ These presets are for basic testing and not meant to be used in production
 {{ include "resources.preset" (dict "type" "nano") -}}
 */}}
 {{- define "resources.preset" -}}
-{{/* The limits are the requests increased by 50% (except ephemeral-storage and xlarge/2xlarge sizes)*/}}
 {{- $presets := dict 
   "nano" (dict 
       "requests" (dict "cpu" "100m" "memory" "128Mi" "ephemeral-storage" "50Mi")
-      "limits" (dict "cpu" "150m" "memory" "192Mi" "ephemeral-storage" "2Gi")
+      "limits" (dict "memory" "128Mi" "ephemeral-storage" "2Gi")
    )
   "micro" (dict 
       "requests" (dict "cpu" "250m" "memory" "256Mi" "ephemeral-storage" "50Mi")
-      "limits" (dict "cpu" "375m" "memory" "384Mi" "ephemeral-storage" "2Gi")
+      "limits" (dict "memory" "256Mi" "ephemeral-storage" "2Gi")
    )
   "small" (dict 
       "requests" (dict "cpu" "500m" "memory" "512Mi" "ephemeral-storage" "50Mi")
-      "limits" (dict "cpu" "750m" "memory" "768Mi" "ephemeral-storage" "2Gi")
+      "limits" (dict "memory" "512Mi" "ephemeral-storage" "2Gi")
    )
   "medium" (dict 
-      "requests" (dict "cpu" "500m" "memory" "1024Mi" "ephemeral-storage" "50Mi")
-      "limits" (dict "cpu" "750m" "memory" "1536Mi" "ephemeral-storage" "2Gi")
+      "requests" (dict "cpu" "500m" "memory" "1Gi" "ephemeral-storage" "50Mi")
+      "limits" (dict "memory" "1Gi" "ephemeral-storage" "2Gi")
    )
   "large" (dict 
-      "requests" (dict "cpu" "1.0" "memory" "2048Mi" "ephemeral-storage" "50Mi")
-      "limits" (dict "cpu" "1.5" "memory" "3072Mi" "ephemeral-storage" "2Gi")
+      "requests" (dict "cpu" "1" "memory" "2Gi" "ephemeral-storage" "50Mi")
+      "limits" (dict "memory" "2Gi" "ephemeral-storage" "2Gi")
    )
   "xlarge" (dict 
-      "requests" (dict "cpu" "1.0" "memory" "3072Mi" "ephemeral-storage" "50Mi")
-      "limits" (dict "cpu" "3.0" "memory" "6144Mi" "ephemeral-storage" "2Gi")
+      "requests" (dict "cpu" "2" "memory" "4Gi" "ephemeral-storage" "50Mi")
+      "limits" (dict "memory" "4Gi" "ephemeral-storage" "2Gi")
    )
   "2xlarge" (dict 
-      "requests" (dict "cpu" "1.0" "memory" "3072Mi" "ephemeral-storage" "50Mi")
-      "limits" (dict "cpu" "6.0" "memory" "12288Mi" "ephemeral-storage" "2Gi")
+      "requests" (dict "cpu" "4" "memory" "8Gi" "ephemeral-storage" "50Mi")
+      "limits" (dict "memory" "8Gi" "ephemeral-storage" "2Gi")
    )
  }}
 {{- if hasKey $presets .type -}}

packages/apps/http-cache/Chart.yaml

@@ -16,7 +16,7 @@ type: application
 # This is the chart version. This version number should be incremented each time you make changes
 # to the chart and its templates, including the app version.
 # Versions are expected to follow Semantic Versioning (https://semver.org/)
-version: 0.4.0
+version: 0.5.0
 
 # This is the version number of the application being deployed. This version number should be
 # incremented each time you make changes to the application. Versions are not expected to

packages/apps/http-cache/templates/_resources.tpl

@@ -11,35 +11,34 @@ These presets are for basic testing and not meant to be used in production
 {{ include "resources.preset" (dict "type" "nano") -}}
 */}}
 {{- define "resources.preset" -}}
-{{/* The limits are the requests increased by 50% (except ephemeral-storage and xlarge/2xlarge sizes)*/}}
 {{- $presets := dict 
   "nano" (dict 
       "requests" (dict "cpu" "100m" "memory" "128Mi" "ephemeral-storage" "50Mi")
-      "limits" (dict "cpu" "150m" "memory" "192Mi" "ephemeral-storage" "2Gi")
+      "limits" (dict "memory" "128Mi" "ephemeral-storage" "2Gi")
    )
   "micro" (dict 
       "requests" (dict "cpu" "250m" "memory" "256Mi" "ephemeral-storage" "50Mi")
-      "limits" (dict "cpu" "375m" "memory" "384Mi" "ephemeral-storage" "2Gi")
+      "limits" (dict "memory" "256Mi" "ephemeral-storage" "2Gi")
    )
   "small" (dict 
       "requests" (dict "cpu" "500m" "memory" "512Mi" "ephemeral-storage" "50Mi")
-      "limits" (dict "cpu" "750m" "memory" "768Mi" "ephemeral-storage" "2Gi")
+      "limits" (dict "memory" "512Mi" "ephemeral-storage" "2Gi")
    )
   "medium" (dict 
-      "requests" (dict "cpu" "500m" "memory" "1024Mi" "ephemeral-storage" "50Mi")
-      "limits" (dict "cpu" "750m" "memory" "1536Mi" "ephemeral-storage" "2Gi")
+      "requests" (dict "cpu" "500m" "memory" "1Gi" "ephemeral-storage" "50Mi")
+      "limits" (dict "memory" "1Gi" "ephemeral-storage" "2Gi")
    )
   "large" (dict 
-      "requests" (dict "cpu" "1.0" "memory" "2048Mi" "ephemeral-storage" "50Mi")
-      "limits" (dict "cpu" "1.5" "memory" "3072Mi" "ephemeral-storage" "2Gi")
+      "requests" (dict "cpu" "1" "memory" "2Gi" "ephemeral-storage" "50Mi")
+      "limits" (dict "memory" "2Gi" "ephemeral-storage" "2Gi")
    )
   "xlarge" (dict 
-      "requests" (dict "cpu" "1.0" "memory" "3072Mi" "ephemeral-storage" "50Mi")
-      "limits" (dict "cpu" "3.0" "memory" "6144Mi" "ephemeral-storage" "2Gi")
+      "requests" (dict "cpu" "2" "memory" "4Gi" "ephemeral-storage" "50Mi")
+      "limits" (dict "memory" "4Gi" "ephemeral-storage" "2Gi")
    )
   "2xlarge" (dict 
-      "requests" (dict "cpu" "1.0" "memory" "3072Mi" "ephemeral-storage" "50Mi")
-      "limits" (dict "cpu" "6.0" "memory" "12288Mi" "ephemeral-storage" "2Gi")
+      "requests" (dict "cpu" "4" "memory" "8Gi" "ephemeral-storage" "50Mi")
+      "limits" (dict "memory" "8Gi" "ephemeral-storage" "2Gi")
    )
  }}
 {{- if hasKey $presets .type -}}

packages/apps/kafka/Chart.yaml

@@ -16,7 +16,7 @@ type: application
 # This is the chart version. This version number should be incremented each time you make changes
 # to the chart and its templates, including the app version.
 # Versions are expected to follow Semantic Versioning (https://semver.org/)
-version: 0.5.0
+version: 0.6.0
 
 # This is the version number of the application being deployed. This version number should be
 # incremented each time you make changes to the application. Versions are not expected to

packages/apps/kafka/templates/_resources.tpl

@@ -11,35 +11,34 @@ These presets are for basic testing and not meant to be used in production
 {{ include "resources.preset" (dict "type" "nano") -}}
 */}}
 {{- define "resources.preset" -}}
-{{/* The limits are the requests increased by 50% (except ephemeral-storage and xlarge/2xlarge sizes)*/}}
 {{- $presets := dict 
   "nano" (dict 
       "requests" (dict "cpu" "100m" "memory" "128Mi" "ephemeral-storage" "50Mi")
-      "limits" (dict "cpu" "150m" "memory" "192Mi" "ephemeral-storage" "2Gi")
+      "limits" (dict "memory" "128Mi" "ephemeral-storage" "2Gi")
    )
   "micro" (dict 
       "requests" (dict "cpu" "250m" "memory" "256Mi" "ephemeral-storage" "50Mi")
-      "limits" (dict "cpu" "375m" "memory" "384Mi" "ephemeral-storage" "2Gi")
+      "limits" (dict "memory" "256Mi" "ephemeral-storage" "2Gi")
    )
   "small" (dict 
       "requests" (dict "cpu" "500m" "memory" "512Mi" "ephemeral-storage" "50Mi")
-      "limits" (dict "cpu" "750m" "memory" "768Mi" "ephemeral-storage" "2Gi")
+      "limits" (dict "memory" "512Mi" "ephemeral-storage" "2Gi")
    )
   "medium" (dict 
-      "requests" (dict "cpu" "500m" "memory" "1024Mi" "ephemeral-storage" "50Mi")
-      "limits" (dict "cpu" "750m" "memory" "1536Mi" "ephemeral-storage" "2Gi")
+      "requests" (dict "cpu" "500m" "memory" "1Gi" "ephemeral-storage" "50Mi")
+      "limits" (dict "memory" "1Gi" "ephemeral-storage" "2Gi")
    )
   "large" (dict 
-      "requests" (dict "cpu" "1.0" "memory" "2048Mi" "ephemeral-storage" "50Mi")
-      "limits" (dict "cpu" "1.5" "memory" "3072Mi" "ephemeral-storage" "2Gi")
+      "requests" (dict "cpu" "1" "memory" "2Gi" "ephemeral-storage" "50Mi")
+      "limits" (dict "memory" "2Gi" "ephemeral-storage" "2Gi")
    )
   "xlarge" (dict 
-      "requests" (dict "cpu" "1.0" "memory" "3072Mi" "ephemeral-storage" "50Mi")
-      "limits" (dict "cpu" "3.0" "memory" "6144Mi" "ephemeral-storage" "2Gi")
+      "requests" (dict "cpu" "2" "memory" "4Gi" "ephemeral-storage" "50Mi")
+      "limits" (dict "memory" "4Gi" "ephemeral-storage" "2Gi")
    )
   "2xlarge" (dict 
-      "requests" (dict "cpu" "1.0" "memory" "3072Mi" "ephemeral-storage" "50Mi")
-      "limits" (dict "cpu" "6.0" "memory" "12288Mi" "ephemeral-storage" "2Gi")
+      "requests" (dict "cpu" "4" "memory" "8Gi" "ephemeral-storage" "50Mi")
+      "limits" (dict "memory" "8Gi" "ephemeral-storage" "2Gi")
    )
  }}
 {{- if hasKey $presets .type -}}

packages/apps/kubernetes/Chart.yaml

@@ -16,10 +16,10 @@ type: application
 # This is the chart version. This version number should be incremented each time you make changes
 # to the chart and its templates, including the app version.
 # Versions are expected to follow Semantic Versioning (https://semver.org/)
-version: 0.19.0
+version: 0.20.0
 
 # This is the version number of the application being deployed. This version number should be
 # incremented each time you make changes to the application. Versions are not expected to
 # follow Semantic Versioning. They should reflect the version the application is using.
 # It is recommended to use it with quotes.
-appVersion: "1.30.1"
+appVersion: 1.31.0

packages/apps/kubernetes/README.md

@@ -44,6 +44,8 @@ kubectl get secret -n <namespace> kubernetes-<clusterName>-admin-kubeconfig -o g
 | --------------------------------------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------- |
 | `addons.certManager.enabled`                  | Enables the cert-manager                                                                                                                                          | `false` |
 | `addons.certManager.valuesOverride`           | Custom values to override                                                                                                                                         | `{}`    |
+| `addons.cilium.valuesOverride`                | Custom values to override                                                                                                                                         | `{}`    |
+| `addons.gatewayAPI.enabled`                   | Enables the Gateway API                                                                                                                                           | `false` |
 | `addons.ingressNginx.enabled`                 | Enable Ingress-NGINX controller (expect nodes with 'ingress-nginx' role)                                                                                          | `false` |
 | `addons.ingressNginx.valuesOverride`          | Custom values to override                                                                                                                                         | `{}`    |
 | `addons.ingressNginx.hosts`                   | List of domain names that should be passed through to the cluster by upper cluster                                                                                | `[]`    |

packages/apps/kubernetes/templates/_resources.tpl

@@ -11,35 +11,34 @@ These presets are for basic testing and not meant to be used in production
 {{ include "resources.preset" (dict "type" "nano") -}}
 */}}
 {{- define "resources.preset" -}}
-{{/* The limits are the requests increased by 50% (except ephemeral-storage and xlarge/2xlarge sizes)*/}}
 {{- $presets := dict 
   "nano" (dict 
       "requests" (dict "cpu" "100m" "memory" "128Mi" "ephemeral-storage" "50Mi")
-      "limits" (dict "cpu" "150m" "memory" "192Mi" "ephemeral-storage" "2Gi")
+      "limits" (dict "memory" "128Mi" "ephemeral-storage" "2Gi")
    )
   "micro" (dict 
       "requests" (dict "cpu" "250m" "memory" "256Mi" "ephemeral-storage" "50Mi")
-      "limits" (dict "cpu" "375m" "memory" "384Mi" "ephemeral-storage" "2Gi")
+      "limits" (dict "memory" "256Mi" "ephemeral-storage" "2Gi")
    )
   "small" (dict 
       "requests" (dict "cpu" "500m" "memory" "512Mi" "ephemeral-storage" "50Mi")
-      "limits" (dict "cpu" "750m" "memory" "768Mi" "ephemeral-storage" "2Gi")
+      "limits" (dict "memory" "512Mi" "ephemeral-storage" "2Gi")
    )
   "medium" (dict 
-      "requests" (dict "cpu" "500m" "memory" "1024Mi" "ephemeral-storage" "50Mi")
-      "limits" (dict "cpu" "750m" "memory" "1536Mi" "ephemeral-storage" "2Gi")
+      "requests" (dict "cpu" "500m" "memory" "1Gi" "ephemeral-storage" "50Mi")
+      "limits" (dict "memory" "1Gi" "ephemeral-storage" "2Gi")
    )
   "large" (dict 
-      "requests" (dict "cpu" "1.0" "memory" "2048Mi" "ephemeral-storage" "50Mi")
-      "limits" (dict "cpu" "1.5" "memory" "3072Mi" "ephemeral-storage" "2Gi")
+      "requests" (dict "cpu" "1" "memory" "2Gi" "ephemeral-storage" "50Mi")
+      "limits" (dict "memory" "2Gi" "ephemeral-storage" "2Gi")
    )
   "xlarge" (dict 
-      "requests" (dict "cpu" "1.0" "memory" "3072Mi" "ephemeral-storage" "50Mi")
-      "limits" (dict "cpu" "3.0" "memory" "6144Mi" "ephemeral-storage" "2Gi")
+      "requests" (dict "cpu" "2" "memory" "4Gi" "ephemeral-storage" "50Mi")
+      "limits" (dict "memory" "4Gi" "ephemeral-storage" "2Gi")
    )
   "2xlarge" (dict 
-      "requests" (dict "cpu" "1.0" "memory" "3072Mi" "ephemeral-storage" "50Mi")
-      "limits" (dict "cpu" "6.0" "memory" "12288Mi" "ephemeral-storage" "2Gi")
+      "requests" (dict "cpu" "4" "memory" "8Gi" "ephemeral-storage" "50Mi")
+      "limits" (dict "memory" "8Gi" "ephemeral-storage" "2Gi")
    )
  }}
 {{- if hasKey $presets .type -}}

packages/apps/kubernetes/templates/helmreleases/cilium.yaml

@@ -1,3 +1,18 @@
+{{- define "cozystack.defaultCiliumValues" -}}
+cilium:
+  k8sServiceHost: {{ .Release.Name }}.{{ .Release.Namespace }}.svc
+  k8sServicePort: 6443
+  routingMode: tunnel
+  enableIPv4Masquerade: true
+  ipv4NativeRoutingCIDR: ""
+  {{- if $.Values.addons.gatewayAPI.enabled }}
+  gatewayAPI:
+    enabled: true
+  envoy:
+    enabled: true
+  {{- end }}
+{{- end }}
+
 apiVersion: helm.toolkit.fluxcd.io/v2
 kind: HelmRelease
 metadata:
@@ -31,14 +46,13 @@ spec:
     remediation:
       retries: -1
   values:
-    cilium:
-      k8sServiceHost: {{ .Release.Name }}.{{ .Release.Namespace }}.svc
-      k8sServicePort: 6443
-      routingMode: tunnel
-      enableIPv4Masquerade: true
-      ipv4NativeRoutingCIDR: ""
+    {{- toYaml (deepCopy .Values.addons.cilium.valuesOverride | mergeOverwrite (fromYaml (include "cozystack.defaultCiliumValues" .))) | nindent 4 }}
   dependsOn:
   {{- if lookup "helm.toolkit.fluxcd.io/v2" "HelmRelease" .Release.Namespace .Release.Name }}
   - name: {{ .Release.Name }}
     namespace: {{ .Release.Namespace }}
   {{- end }}
+  {{- if $.Values.addons.gatewayAPI.enabled }}
+  - name: {{ .Release.Name }}-gateway-api-crds
+    namespace: {{ .Release.Namespace }}
+  {{- end }}

packages/apps/kubernetes/templates/helmreleases/delete.yaml

@@ -30,6 +30,7 @@ spec:
                 patch
                 helmrelease
                 {{ .Release.Name }}-cilium
+                {{ .Release.Name }}-gateway-api-crds
                 {{ .Release.Name }}-csi
                 {{ .Release.Name }}-cert-manager
                 {{ .Release.Name }}-cert-manager-crds

packages/apps/kubernetes/templates/helmreleases/gateway-api-crds.yaml

@@ -0,0 +1,38 @@
+{{- if $.Values.addons.gatewayAPI.enabled }}
+apiVersion: helm.toolkit.fluxcd.io/v2
+kind: HelmRelease
+metadata:
+  name: {{ .Release.Name }}-gateway-api-crds
+  labels:
+    cozystack.io/repository: system
+    cozystack.io/target-cluster-name: {{ .Release.Name }}
+spec:
+  interval: 5m
+  releaseName: gateway-api-crds
+  chart:
+    spec:
+      chart: cozy-gateway-api-crds
+      reconcileStrategy: Revision
+      sourceRef:
+        kind: HelmRepository
+        name: cozystack-system
+        namespace: cozy-system
+  kubeConfig:
+    secretRef:
+      name: {{ .Release.Name }}-admin-kubeconfig
+      key: super-admin.svc
+  targetNamespace: kube-system
+  storageNamespace: kube-system
+  install:
+    createNamespace: false
+    remediation:
+      retries: -1
+  upgrade:
+    remediation:
+      retries: -1
+  dependsOn:
+  {{- if lookup "helm.toolkit.fluxcd.io/v2" "HelmRelease" .Release.Namespace .Release.Name }}
+  - name: {{ .Release.Name }}
+    namespace: {{ .Release.Namespace }}
+  {{- end }}
+{{- end }}

packages/apps/kubernetes/values.schema.json

@@ -145,6 +145,26 @@
             }
           }
         },
+        "cilium": {
+          "type": "object",
+          "properties": {
+            "valuesOverride": {
+              "type": "object",
+              "description": "Custom values to override",
+              "default": {}
+            }
+          }
+        },
+        "gatewayAPI": {
+          "type": "object",
+          "properties": {
+            "enabled": {
+              "type": "boolean",
+              "description": "Enables the Gateway API",
+              "default": false
+            }
+          }
+        },
         "ingressNginx": {
           "type": "object",
           "properties": {

packages/apps/kubernetes/values.yaml

@@ -42,6 +42,18 @@ addons:
     enabled: false
     valuesOverride: {}
 
+  ## Cilium CNI plugin
+  ##
+  cilium:
+    ## @param addons.cilium.valuesOverride Custom values to override
+    valuesOverride: {}
+
+  ## Gateway API
+  ##
+  gatewayAPI:
+    ## @param addons.gatewayAPI.enabled Enables the Gateway API
+    enabled: false
+
   ## Ingress-NGINX Controller
   ##
   ingressNginx:

packages/apps/mysql/Chart.yaml

@@ -16,7 +16,7 @@ type: application
 # This is the chart version. This version number should be incremented each time you make changes
 # to the chart and its templates, including the app version.
 # Versions are expected to follow Semantic Versioning (https://semver.org/)
-version: 0.6.0
+version: 0.7.0
 
 # This is the version number of the application being deployed. This version number should be
 # incremented each time you make changes to the application. Versions are not expected to

packages/apps/mysql/templates/_resources.tpl

@@ -11,35 +11,34 @@ These presets are for basic testing and not meant to be used in production
 {{ include "resources.preset" (dict "type" "nano") -}}
 */}}
 {{- define "resources.preset" -}}
-{{/* The limits are the requests increased by 50% (except ephemeral-storage and xlarge/2xlarge sizes)*/}}
 {{- $presets := dict 
   "nano" (dict 
       "requests" (dict "cpu" "100m" "memory" "128Mi" "ephemeral-storage" "50Mi")
-      "limits" (dict "cpu" "150m" "memory" "192Mi" "ephemeral-storage" "2Gi")
+      "limits" (dict "memory" "128Mi" "ephemeral-storage" "2Gi")
    )
   "micro" (dict 
       "requests" (dict "cpu" "250m" "memory" "256Mi" "ephemeral-storage" "50Mi")
-      "limits" (dict "cpu" "375m" "memory" "384Mi" "ephemeral-storage" "2Gi")
+      "limits" (dict "memory" "256Mi" "ephemeral-storage" "2Gi")
    )
   "small" (dict 
       "requests" (dict "cpu" "500m" "memory" "512Mi" "ephemeral-storage" "50Mi")
-      "limits" (dict "cpu" "750m" "memory" "768Mi" "ephemeral-storage" "2Gi")
+      "limits" (dict "memory" "512Mi" "ephemeral-storage" "2Gi")
    )
   "medium" (dict 
-      "requests" (dict "cpu" "500m" "memory" "1024Mi" "ephemeral-storage" "50Mi")
-      "limits" (dict "cpu" "750m" "memory" "1536Mi" "ephemeral-storage" "2Gi")
+      "requests" (dict "cpu" "500m" "memory" "1Gi" "ephemeral-storage" "50Mi")
+      "limits" (dict "memory" "1Gi" "ephemeral-storage" "2Gi")
    )
   "large" (dict 
-      "requests" (dict "cpu" "1.0" "memory" "2048Mi" "ephemeral-storage" "50Mi")
-      "limits" (dict "cpu" "1.5" "memory" "3072Mi" "ephemeral-storage" "2Gi")
+      "requests" (dict "cpu" "1" "memory" "2Gi" "ephemeral-storage" "50Mi")
+      "limits" (dict "memory" "2Gi" "ephemeral-storage" "2Gi")
    )
   "xlarge" (dict 
-      "requests" (dict "cpu" "1.0" "memory" "3072Mi" "ephemeral-storage" "50Mi")
-      "limits" (dict "cpu" "3.0" "memory" "6144Mi" "ephemeral-storage" "2Gi")
+      "requests" (dict "cpu" "2" "memory" "4Gi" "ephemeral-storage" "50Mi")
+      "limits" (dict "memory" "4Gi" "ephemeral-storage" "2Gi")
    )
   "2xlarge" (dict 
-      "requests" (dict "cpu" "1.0" "memory" "3072Mi" "ephemeral-storage" "50Mi")
-      "limits" (dict "cpu" "6.0" "memory" "12288Mi" "ephemeral-storage" "2Gi")
+      "requests" (dict "cpu" "4" "memory" "8Gi" "ephemeral-storage" "50Mi")
+      "limits" (dict "memory" "8Gi" "ephemeral-storage" "2Gi")
    )
  }}
 {{- if hasKey $presets .type -}}

packages/apps/nats/Chart.yaml

@@ -16,7 +16,7 @@ type: application
 # This is the chart version. This version number should be incremented each time you make changes
 # to the chart and its templates, including the app version.
 # Versions are expected to follow Semantic Versioning (https://semver.org/)
-version: 0.5.0
+version: 0.6.0
 
 # This is the version number of the application being deployed. This version number should be
 # incremented each time you make changes to the application. Versions are not expected to

packages/apps/nats/templates/_resources.tpl

@@ -11,35 +11,34 @@ These presets are for basic testing and not meant to be used in production
 {{ include "resources.preset" (dict "type" "nano") -}}
 */}}
 {{- define "resources.preset" -}}
-{{/* The limits are the requests increased by 50% (except ephemeral-storage and xlarge/2xlarge sizes)*/}}
 {{- $presets := dict 
   "nano" (dict 
       "requests" (dict "cpu" "100m" "memory" "128Mi" "ephemeral-storage" "50Mi")
-      "limits" (dict "cpu" "150m" "memory" "192Mi" "ephemeral-storage" "2Gi")
+      "limits" (dict "memory" "128Mi" "ephemeral-storage" "2Gi")
    )
   "micro" (dict 
       "requests" (dict "cpu" "250m" "memory" "256Mi" "ephemeral-storage" "50Mi")
-      "limits" (dict "cpu" "375m" "memory" "384Mi" "ephemeral-storage" "2Gi")
+      "limits" (dict "memory" "256Mi" "ephemeral-storage" "2Gi")
    )
   "small" (dict 
       "requests" (dict "cpu" "500m" "memory" "512Mi" "ephemeral-storage" "50Mi")
-      "limits" (dict "cpu" "750m" "memory" "768Mi" "ephemeral-storage" "2Gi")
+      "limits" (dict "memory" "512Mi" "ephemeral-storage" "2Gi")
    )
   "medium" (dict 
-      "requests" (dict "cpu" "500m" "memory" "1024Mi" "ephemeral-storage" "50Mi")
-      "limits" (dict "cpu" "750m" "memory" "1536Mi" "ephemeral-storage" "2Gi")
+      "requests" (dict "cpu" "500m" "memory" "1Gi" "ephemeral-storage" "50Mi")
+      "limits" (dict "memory" "1Gi" "ephemeral-storage" "2Gi")
    )
   "large" (dict 
-      "requests" (dict "cpu" "1.0" "memory" "2048Mi" "ephemeral-storage" "50Mi")
-      "limits" (dict "cpu" "1.5" "memory" "3072Mi" "ephemeral-storage" "2Gi")
+      "requests" (dict "cpu" "1" "memory" "2Gi" "ephemeral-storage" "50Mi")
+      "limits" (dict "memory" "2Gi" "ephemeral-storage" "2Gi")
    )
   "xlarge" (dict 
-      "requests" (dict "cpu" "1.0" "memory" "3072Mi" "ephemeral-storage" "50Mi")
-      "limits" (dict "cpu" "3.0" "memory" "6144Mi" "ephemeral-storage" "2Gi")
+      "requests" (dict "cpu" "2" "memory" "4Gi" "ephemeral-storage" "50Mi")
+      "limits" (dict "memory" "4Gi" "ephemeral-storage" "2Gi")
    )
   "2xlarge" (dict 
-      "requests" (dict "cpu" "1.0" "memory" "3072Mi" "ephemeral-storage" "50Mi")
-      "limits" (dict "cpu" "6.0" "memory" "12288Mi" "ephemeral-storage" "2Gi")
+      "requests" (dict "cpu" "4" "memory" "8Gi" "ephemeral-storage" "50Mi")
+      "limits" (dict "memory" "8Gi" "ephemeral-storage" "2Gi")
    )
  }}
 {{- if hasKey $presets .type -}}

packages/apps/postgres/Chart.yaml

@@ -16,7 +16,7 @@ type: application
 # This is the chart version. This version number should be incremented each time you make changes
 # to the chart and its templates, including the app version.
 # Versions are expected to follow Semantic Versioning (https://semver.org/)
-version: 0.10.1
+version: 0.11.0
 
 # This is the version number of the application being deployed. This version number should be
 # incremented each time you make changes to the application. Versions are not expected to

packages/apps/postgres/templates/_resources.tpl

@@ -11,35 +11,34 @@ These presets are for basic testing and not meant to be used in production
 {{ include "resources.preset" (dict "type" "nano") -}}
 */}}
 {{- define "resources.preset" -}}
-{{/* The limits are the requests increased by 50% (except ephemeral-storage and xlarge/2xlarge sizes)*/}}
 {{- $presets := dict 
   "nano" (dict 
       "requests" (dict "cpu" "100m" "memory" "128Mi" "ephemeral-storage" "50Mi")
-      "limits" (dict "cpu" "150m" "memory" "192Mi" "ephemeral-storage" "2Gi")
+      "limits" (dict "memory" "128Mi" "ephemeral-storage" "2Gi")
    )
   "micro" (dict 
       "requests" (dict "cpu" "250m" "memory" "256Mi" "ephemeral-storage" "50Mi")
-      "limits" (dict "cpu" "375m" "memory" "384Mi" "ephemeral-storage" "2Gi")
+      "limits" (dict "memory" "256Mi" "ephemeral-storage" "2Gi")
    )
   "small" (dict 
       "requests" (dict "cpu" "500m" "memory" "512Mi" "ephemeral-storage" "50Mi")
-      "limits" (dict "cpu" "750m" "memory" "768Mi" "ephemeral-storage" "2Gi")
+      "limits" (dict "memory" "512Mi" "ephemeral-storage" "2Gi")
    )
   "medium" (dict 
-      "requests" (dict "cpu" "500m" "memory" "1024Mi" "ephemeral-storage" "50Mi")
-      "limits" (dict "cpu" "750m" "memory" "1536Mi" "ephemeral-storage" "2Gi")
+      "requests" (dict "cpu" "500m" "memory" "1Gi" "ephemeral-storage" "50Mi")
+      "limits" (dict "memory" "1Gi" "ephemeral-storage" "2Gi")
    )
   "large" (dict 
-      "requests" (dict "cpu" "1.0" "memory" "2048Mi" "ephemeral-storage" "50Mi")
-      "limits" (dict "cpu" "1.5" "memory" "3072Mi" "ephemeral-storage" "2Gi")
+      "requests" (dict "cpu" "1" "memory" "2Gi" "ephemeral-storage" "50Mi")
+      "limits" (dict "memory" "2Gi" "ephemeral-storage" "2Gi")
    )
   "xlarge" (dict 
-      "requests" (dict "cpu" "1.0" "memory" "3072Mi" "ephemeral-storage" "50Mi")
-      "limits" (dict "cpu" "3.0" "memory" "6144Mi" "ephemeral-storage" "2Gi")
+      "requests" (dict "cpu" "2" "memory" "4Gi" "ephemeral-storage" "50Mi")
+      "limits" (dict "memory" "4Gi" "ephemeral-storage" "2Gi")
    )
   "2xlarge" (dict 
-      "requests" (dict "cpu" "1.0" "memory" "3072Mi" "ephemeral-storage" "50Mi")
-      "limits" (dict "cpu" "6.0" "memory" "12288Mi" "ephemeral-storage" "2Gi")
+      "requests" (dict "cpu" "4" "memory" "8Gi" "ephemeral-storage" "50Mi")
+      "limits" (dict "memory" "8Gi" "ephemeral-storage" "2Gi")
    )
  }}
 {{- if hasKey $presets .type -}}

packages/apps/rabbitmq/Chart.yaml

@@ -16,7 +16,7 @@ type: application
 # This is the chart version. This version number should be incremented each time you make changes
 # to the chart and its templates, including the app version.
 # Versions are expected to follow Semantic Versioning (https://semver.org/)
-version: 0.5.0
+version: 0.6.0
 
 # This is the version number of the application being deployed. This version number should be
 # incremented each time you make changes to the application. Versions are not expected to

packages/apps/rabbitmq/templates/_resources.tpl

@@ -11,35 +11,34 @@ These presets are for basic testing and not meant to be used in production
 {{ include "resources.preset" (dict "type" "nano") -}}
 */}}
 {{- define "resources.preset" -}}
-{{/* The limits are the requests increased by 50% (except ephemeral-storage and xlarge/2xlarge sizes)*/}}
 {{- $presets := dict 
   "nano" (dict 
       "requests" (dict "cpu" "100m" "memory" "128Mi" "ephemeral-storage" "50Mi")
-      "limits" (dict "cpu" "150m" "memory" "192Mi" "ephemeral-storage" "2Gi")
+      "limits" (dict "memory" "128Mi" "ephemeral-storage" "2Gi")
    )
   "micro" (dict 
       "requests" (dict "cpu" "250m" "memory" "256Mi" "ephemeral-storage" "50Mi")
-      "limits" (dict "cpu" "375m" "memory" "384Mi" "ephemeral-storage" "2Gi")
+      "limits" (dict "memory" "256Mi" "ephemeral-storage" "2Gi")
    )
   "small" (dict 
       "requests" (dict "cpu" "500m" "memory" "512Mi" "ephemeral-storage" "50Mi")
-      "limits" (dict "cpu" "750m" "memory" "768Mi" "ephemeral-storage" "2Gi")
+      "limits" (dict "memory" "512Mi" "ephemeral-storage" "2Gi")
    )
   "medium" (dict 
-      "requests" (dict "cpu" "500m" "memory" "1024Mi" "ephemeral-storage" "50Mi")
-      "limits" (dict "cpu" "750m" "memory" "1536Mi" "ephemeral-storage" "2Gi")
+      "requests" (dict "cpu" "500m" "memory" "1Gi" "ephemeral-storage" "50Mi")
+      "limits" (dict "memory" "1Gi" "ephemeral-storage" "2Gi")
    )
   "large" (dict 
-      "requests" (dict "cpu" "1.0" "memory" "2048Mi" "ephemeral-storage" "50Mi")
-      "limits" (dict "cpu" "1.5" "memory" "3072Mi" "ephemeral-storage" "2Gi")
+      "requests" (dict "cpu" "1" "memory" "2Gi" "ephemeral-storage" "50Mi")
+      "limits" (dict "memory" "2Gi" "ephemeral-storage" "2Gi")
    )
   "xlarge" (dict 
-      "requests" (dict "cpu" "1.0" "memory" "3072Mi" "ephemeral-storage" "50Mi")
-      "limits" (dict "cpu" "3.0" "memory" "6144Mi" "ephemeral-storage" "2Gi")
+      "requests" (dict "cpu" "2" "memory" "4Gi" "ephemeral-storage" "50Mi")
+      "limits" (dict "memory" "4Gi" "ephemeral-storage" "2Gi")
    )
   "2xlarge" (dict 
-      "requests" (dict "cpu" "1.0" "memory" "3072Mi" "ephemeral-storage" "50Mi")
-      "limits" (dict "cpu" "6.0" "memory" "12288Mi" "ephemeral-storage" "2Gi")
+      "requests" (dict "cpu" "4" "memory" "8Gi" "ephemeral-storage" "50Mi")
+      "limits" (dict "memory" "8Gi" "ephemeral-storage" "2Gi")
    )
  }}
 {{- if hasKey $presets .type -}}

packages/apps/redis/Chart.yaml

@@ -16,7 +16,7 @@ type: application
 # This is the chart version. This version number should be incremented each time you make changes
 # to the chart and its templates, including the app version.
 # Versions are expected to follow Semantic Versioning (https://semver.org/)
-version: 0.6.0
+version: 0.7.0
 
 # This is the version number of the application being deployed. This version number should be
 # incremented each time you make changes to the application. Versions are not expected to

packages/apps/redis/templates/_resources.tpl

@@ -11,35 +11,34 @@ These presets are for basic testing and not meant to be used in production
 {{ include "resources.preset" (dict "type" "nano") -}}
 */}}
 {{- define "resources.preset" -}}
-{{/* The limits are the requests increased by 50% (except ephemeral-storage and xlarge/2xlarge sizes)*/}}
 {{- $presets := dict 
   "nano" (dict 
       "requests" (dict "cpu" "100m" "memory" "128Mi" "ephemeral-storage" "50Mi")
-      "limits" (dict "cpu" "150m" "memory" "192Mi" "ephemeral-storage" "2Gi")
+      "limits" (dict "memory" "128Mi" "ephemeral-storage" "2Gi")
    )
   "micro" (dict 
       "requests" (dict "cpu" "250m" "memory" "256Mi" "ephemeral-storage" "50Mi")
-      "limits" (dict "cpu" "375m" "memory" "384Mi" "ephemeral-storage" "2Gi")
+      "limits" (dict "memory" "256Mi" "ephemeral-storage" "2Gi")
    )
   "small" (dict 
       "requests" (dict "cpu" "500m" "memory" "512Mi" "ephemeral-storage" "50Mi")
-      "limits" (dict "cpu" "750m" "memory" "768Mi" "ephemeral-storage" "2Gi")
+      "limits" (dict "memory" "512Mi" "ephemeral-storage" "2Gi")
    )
   "medium" (dict 
-      "requests" (dict "cpu" "500m" "memory" "1024Mi" "ephemeral-storage" "50Mi")
-      "limits" (dict "cpu" "750m" "memory" "1536Mi" "ephemeral-storage" "2Gi")
+      "requests" (dict "cpu" "500m" "memory" "1Gi" "ephemeral-storage" "50Mi")
+      "limits" (dict "memory" "1Gi" "ephemeral-storage" "2Gi")
    )
   "large" (dict 
-      "requests" (dict "cpu" "1.0" "memory" "2048Mi" "ephemeral-storage" "50Mi")
-      "limits" (dict "cpu" "1.5" "memory" "3072Mi" "ephemeral-storage" "2Gi")
+      "requests" (dict "cpu" "1" "memory" "2Gi" "ephemeral-storage" "50Mi")
+      "limits" (dict "memory" "2Gi" "ephemeral-storage" "2Gi")
    )
   "xlarge" (dict 
-      "requests" (dict "cpu" "1.0" "memory" "3072Mi" "ephemeral-storage" "50Mi")
-      "limits" (dict "cpu" "3.0" "memory" "6144Mi" "ephemeral-storage" "2Gi")
+      "requests" (dict "cpu" "2" "memory" "4Gi" "ephemeral-storage" "50Mi")
+      "limits" (dict "memory" "4Gi" "ephemeral-storage" "2Gi")
    )
   "2xlarge" (dict 
-      "requests" (dict "cpu" "1.0" "memory" "3072Mi" "ephemeral-storage" "50Mi")
-      "limits" (dict "cpu" "6.0" "memory" "12288Mi" "ephemeral-storage" "2Gi")
+      "requests" (dict "cpu" "4" "memory" "8Gi" "ephemeral-storage" "50Mi")
+      "limits" (dict "memory" "8Gi" "ephemeral-storage" "2Gi")
    )
  }}
 {{- if hasKey $presets .type -}}

packages/apps/tcp-balancer/Chart.yaml

@@ -16,7 +16,7 @@ type: application
 # This is the chart version. This version number should be incremented each time you make changes
 # to the chart and its templates, including the app version.
 # Versions are expected to follow Semantic Versioning (https://semver.org/)
-version: 0.3.0
+version: 0.4.0
 
 # This is the version number of the application being deployed. This version number should be
 # incremented each time you make changes to the application. Versions are not expected to

packages/apps/tcp-balancer/templates/_resources.tpl

@@ -11,35 +11,34 @@ These presets are for basic testing and not meant to be used in production
 {{ include "resources.preset" (dict "type" "nano") -}}
 */}}
 {{- define "resources.preset" -}}
-{{/* The limits are the requests increased by 50% (except ephemeral-storage and xlarge/2xlarge sizes)*/}}
 {{- $presets := dict 
   "nano" (dict 
       "requests" (dict "cpu" "100m" "memory" "128Mi" "ephemeral-storage" "50Mi")
-      "limits" (dict "cpu" "150m" "memory" "192Mi" "ephemeral-storage" "2Gi")
+      "limits" (dict "memory" "128Mi" "ephemeral-storage" "2Gi")
    )
   "micro" (dict 
       "requests" (dict "cpu" "250m" "memory" "256Mi" "ephemeral-storage" "50Mi")
-      "limits" (dict "cpu" "375m" "memory" "384Mi" "ephemeral-storage" "2Gi")
+      "limits" (dict "memory" "256Mi" "ephemeral-storage" "2Gi")
    )
   "small" (dict 
       "requests" (dict "cpu" "500m" "memory" "512Mi" "ephemeral-storage" "50Mi")
-      "limits" (dict "cpu" "750m" "memory" "768Mi" "ephemeral-storage" "2Gi")
+      "limits" (dict "memory" "512Mi" "ephemeral-storage" "2Gi")
    )
   "medium" (dict 
-      "requests" (dict "cpu" "500m" "memory" "1024Mi" "ephemeral-storage" "50Mi")
-      "limits" (dict "cpu" "750m" "memory" "1536Mi" "ephemeral-storage" "2Gi")
+      "requests" (dict "cpu" "500m" "memory" "1Gi" "ephemeral-storage" "50Mi")
+      "limits" (dict "memory" "1Gi" "ephemeral-storage" "2Gi")
    )
   "large" (dict 
-      "requests" (dict "cpu" "1.0" "memory" "2048Mi" "ephemeral-storage" "50Mi")
-      "limits" (dict "cpu" "1.5" "memory" "3072Mi" "ephemeral-storage" "2Gi")
+      "requests" (dict "cpu" "1" "memory" "2Gi" "ephemeral-storage" "50Mi")
+      "limits" (dict "memory" "2Gi" "ephemeral-storage" "2Gi")
    )
   "xlarge" (dict 
-      "requests" (dict "cpu" "1.0" "memory" "3072Mi" "ephemeral-storage" "50Mi")
-      "limits" (dict "cpu" "3.0" "memory" "6144Mi" "ephemeral-storage" "2Gi")
+      "requests" (dict "cpu" "2" "memory" "4Gi" "ephemeral-storage" "50Mi")
+      "limits" (dict "memory" "4Gi" "ephemeral-storage" "2Gi")
    )
   "2xlarge" (dict 
-      "requests" (dict "cpu" "1.0" "memory" "3072Mi" "ephemeral-storage" "50Mi")
-      "limits" (dict "cpu" "6.0" "memory" "12288Mi" "ephemeral-storage" "2Gi")
+      "requests" (dict "cpu" "4" "memory" "8Gi" "ephemeral-storage" "50Mi")
+      "limits" (dict "memory" "8Gi" "ephemeral-storage" "2Gi")
    )
  }}
 {{- if hasKey $presets .type -}}

packages/apps/versions_map

@@ -8,7 +8,8 @@ clickhouse 0.5.0 0f312d5c
 clickhouse 0.6.0 1ec10165
 clickhouse 0.6.1 c62a83a7
 clickhouse 0.6.2 8267072d
-clickhouse 0.7.0 HEAD
+clickhouse 0.7.0 93bdf411
+clickhouse 0.9.0 HEAD
 ferretdb 0.1.0 e9716091
 ferretdb 0.1.1 91b0499a
 ferretdb 0.2.0 6c5cf5bf
@@ -16,12 +17,14 @@ ferretdb 0.3.0 b8e33d19
 ferretdb 0.4.0 b40e1b09
 ferretdb 0.4.1 1ec10165
 ferretdb 0.4.2 8267072d
-ferretdb 0.5.0 HEAD
+ferretdb 0.5.0 93bdf411
+ferretdb 0.6.0 HEAD
 http-cache 0.1.0 263e47be
 http-cache 0.2.0 53f2365e
 http-cache 0.3.0 6c5cf5bf
 http-cache 0.3.1 0f312d5c
-http-cache 0.4.0 HEAD
+http-cache 0.4.0 93bdf411
+http-cache 0.5.0 HEAD
 kafka 0.1.0 f7eaab0a
 kafka 0.2.0 c0685f43
 kafka 0.2.1 dfbc210b
@@ -32,7 +35,8 @@ kafka 0.3.1 c62a83a7
 kafka 0.3.2 93c46161
 kafka 0.3.3 8267072d
 kafka 0.4.0 85ec09b8
-kafka 0.5.0 HEAD
+kafka 0.5.0 93bdf411
+kafka 0.6.0 HEAD
 kubernetes 0.1.0 263e47be
 kubernetes 0.2.0 53f2365e
 kubernetes 0.3.0 007d414f
@@ -59,7 +63,8 @@ kubernetes 0.16.0 077045b0
 kubernetes 0.17.0 1fbbfcd0
 kubernetes 0.17.1 fd240701
 kubernetes 0.18.0 721c12a7
-kubernetes 0.19.0 HEAD
+kubernetes 0.19.0 93bdf411
+kubernetes 0.20.0 HEAD
 mysql 0.1.0 263e47be
 mysql 0.2.0 c24a103f
 mysql 0.3.0 53f2365e
@@ -68,14 +73,16 @@ mysql 0.5.0 b40e1b09
 mysql 0.5.1 0f312d5c
 mysql 0.5.2 1ec10165
 mysql 0.5.3 8267072d
-mysql 0.6.0 HEAD
+mysql 0.6.0 93bdf411
+mysql 0.7.0 HEAD
 nats 0.1.0 e9716091
 nats 0.2.0 6c5cf5bf
 nats 0.3.0 78366f19
 nats 0.3.1 c62a83a7
 nats 0.4.0 898374b5
 nats 0.4.1 8267072d
-nats 0.5.0 HEAD
+nats 0.5.0 93bdf411
+nats 0.6.0 HEAD
 postgres 0.1.0 263e47be
 postgres 0.2.0 53f2365e
 postgres 0.2.1 d7cfa53c
@@ -90,7 +97,8 @@ postgres 0.7.1 1ec10165
 postgres 0.8.0 4e68e65c
 postgres 0.9.0 8267072d
 postgres 0.10.0 721c12a7
-postgres 0.10.1 HEAD
+postgres 0.10.1 93bdf411
+postgres 0.11.0 HEAD
 rabbitmq 0.1.0 263e47be
 rabbitmq 0.2.0 53f2365e
 rabbitmq 0.3.0 6c5cf5bf
@@ -99,17 +107,20 @@ rabbitmq 0.4.1 1128d0cb
 rabbitmq 0.4.2 4b90bf5a
 rabbitmq 0.4.3 1ec10165
 rabbitmq 0.4.4 8267072d
-rabbitmq 0.5.0 HEAD
+rabbitmq 0.5.0 93bdf411
+rabbitmq 0.6.0 HEAD
 redis 0.1.1 263e47be
 redis 0.2.0 53f2365e
 redis 0.3.0 6c5cf5bf
 redis 0.3.1 c62a83a7
 redis 0.4.0 84f3ccc0
 redis 0.5.0 4e68e65c
-redis 0.6.0 HEAD
+redis 0.6.0 93bdf411
+redis 0.7.0 HEAD
 tcp-balancer 0.1.0 263e47be
 tcp-balancer 0.2.0 53f2365e
-tcp-balancer 0.3.0 HEAD
+tcp-balancer 0.3.0 93bdf411
+tcp-balancer 0.4.0 HEAD
 tenant 0.1.4 afc997ef
 tenant 0.1.5 e3ab858a
 tenant 1.0.0 263e47be
@@ -162,4 +173,5 @@ vpn 0.1.0 263e47be
 vpn 0.2.0 53f2365e
 vpn 0.3.0 6c5cf5bf
 vpn 0.3.1 1ec10165
-vpn 0.4.0 HEAD
+vpn 0.4.0 93bdf411
+vpn 0.5.0 HEAD

packages/apps/vpn/Chart.yaml

@@ -16,7 +16,7 @@ type: application
 # This is the chart version. This version number should be incremented each time you make changes
 # to the chart and its templates, including the app version.
 # Versions are expected to follow Semantic Versioning (https://semver.org/)
-version: 0.4.0
+version: 0.5.0
 
 # This is the version number of the application being deployed. This version number should be
 # incremented each time you make changes to the application. Versions are not expected to

packages/apps/vpn/templates/_resources.tpl

@@ -11,35 +11,34 @@ These presets are for basic testing and not meant to be used in production
 {{ include "resources.preset" (dict "type" "nano") -}}
 */}}
 {{- define "resources.preset" -}}
-{{/* The limits are the requests increased by 50% (except ephemeral-storage and xlarge/2xlarge sizes)*/}}
 {{- $presets := dict 
   "nano" (dict 
       "requests" (dict "cpu" "100m" "memory" "128Mi" "ephemeral-storage" "50Mi")
-      "limits" (dict "cpu" "150m" "memory" "192Mi" "ephemeral-storage" "2Gi")
+      "limits" (dict "memory" "128Mi" "ephemeral-storage" "2Gi")
    )
   "micro" (dict 
       "requests" (dict "cpu" "250m" "memory" "256Mi" "ephemeral-storage" "50Mi")
-      "limits" (dict "cpu" "375m" "memory" "384Mi" "ephemeral-storage" "2Gi")
+      "limits" (dict "memory" "256Mi" "ephemeral-storage" "2Gi")
    )
   "small" (dict 
       "requests" (dict "cpu" "500m" "memory" "512Mi" "ephemeral-storage" "50Mi")
-      "limits" (dict "cpu" "750m" "memory" "768Mi" "ephemeral-storage" "2Gi")
+      "limits" (dict "memory" "512Mi" "ephemeral-storage" "2Gi")
    )
   "medium" (dict 
-      "requests" (dict "cpu" "500m" "memory" "1024Mi" "ephemeral-storage" "50Mi")
-      "limits" (dict "cpu" "750m" "memory" "1536Mi" "ephemeral-storage" "2Gi")
+      "requests" (dict "cpu" "500m" "memory" "1Gi" "ephemeral-storage" "50Mi")
+      "limits" (dict "memory" "1Gi" "ephemeral-storage" "2Gi")
    )
   "large" (dict 
-      "requests" (dict "cpu" "1.0" "memory" "2048Mi" "ephemeral-storage" "50Mi")
-      "limits" (dict "cpu" "1.5" "memory" "3072Mi" "ephemeral-storage" "2Gi")
+      "requests" (dict "cpu" "1" "memory" "2Gi" "ephemeral-storage" "50Mi")
+      "limits" (dict "memory" "2Gi" "ephemeral-storage" "2Gi")
    )
   "xlarge" (dict 
-      "requests" (dict "cpu" "1.0" "memory" "3072Mi" "ephemeral-storage" "50Mi")
-      "limits" (dict "cpu" "3.0" "memory" "6144Mi" "ephemeral-storage" "2Gi")
+      "requests" (dict "cpu" "2" "memory" "4Gi" "ephemeral-storage" "50Mi")
+      "limits" (dict "memory" "4Gi" "ephemeral-storage" "2Gi")
    )
   "2xlarge" (dict 
-      "requests" (dict "cpu" "1.0" "memory" "3072Mi" "ephemeral-storage" "50Mi")
-      "limits" (dict "cpu" "6.0" "memory" "12288Mi" "ephemeral-storage" "2Gi")
+      "requests" (dict "cpu" "4" "memory" "8Gi" "ephemeral-storage" "50Mi")
+      "limits" (dict "memory" "8Gi" "ephemeral-storage" "2Gi")
    )
  }}
 {{- if hasKey $presets .type -}}

packages/core/platform/bundles/distro-full.yaml

@@ -161,7 +161,7 @@ releases:
   releaseName: piraeus-operator
   chart: cozy-piraeus-operator
   namespace: cozy-linstor
-  dependsOn: [cilium,cert-manager,victoria-metrics-operator]
+  dependsOn: [cilium,cert-manager]
 
 - name: snapshot-controller
   releaseName: snapshot-controller

packages/core/platform/bundles/paas-full.yaml

@@ -134,6 +134,11 @@ releases:
   namespace: cozy-kubevirt
   privileged: true
   dependsOn: [cilium,kubeovn,kubevirt-operator]
+  {{- $cpuAllocationRatio := index $cozyConfig.data "cpu-allocation-ratio" }}
+  {{- if $cpuAllocationRatio }}
+  values:
+    cpuAllocationRatio: {{ $cpuAllocationRatio }}
+  {{- end }}
 
 - name: kubevirt-instancetypes
   releaseName: kubevirt-instancetypes

packages/core/platform/templates/apps.yaml

@@ -8,7 +8,7 @@
     {{- $host = index $cozyConfig.data "root-host" }}
   {{- end }}
 {{- end }}
-{{- $tenantRoot := list }}
+{{- $tenantRoot := dict }}
 {{- if .Capabilities.APIVersions.Has "helm.toolkit.fluxcd.io/v2" }}
 {{- $tenantRoot = lookup "helm.toolkit.fluxcd.io/v2" "HelmRelease" "tenant-root" "tenant-root" }}
 {{- end }}
@@ -37,7 +37,7 @@ metadata:
   labels:
     cozystack.io/ui: "true"
 spec:
-  interval: 1m
+  interval: 0s
   releaseName: tenant-root
   install:
     remediation:

packages/extra/info/Chart.yaml

@@ -3,4 +3,4 @@ name: info
 description: Info
 icon: /logos/info.svg
 type: application
-version: 1.0.0
+version: 1.0.1

packages/extra/info/templates/kubeconfig.yaml

@@ -11,6 +11,13 @@
 {{- $k8sClient := index $k8sClientSecret.data "client-secret-key" | b64dec }}
 {{- $rootSaConfigMap := lookup "v1" "ConfigMap" "kube-system" "kube-root-ca.crt" }}
 {{- $k8sCa := index $rootSaConfigMap.data "ca.crt" | b64enc }}
+
+{{- if .Capabilities.APIVersions.Has "helm.toolkit.fluxcd.io/v2" }}
+{{- $tenantRoot := lookup "helm.toolkit.fluxcd.io/v2" "HelmRelease" "tenant-root" "tenant-root" }}
+{{- if and $tenantRoot $tenantRoot.spec $tenantRoot.spec.values $tenantRoot.spec.values.host }}
+{{- $host = $tenantRoot.spec.values.host }}
+{{- end }}
+{{- end }}
 ---
 apiVersion: v1
 kind: Secret

packages/extra/ingress/Chart.yaml

@@ -3,4 +3,4 @@ name: ingress
 description: NGINX Ingress Controller
 icon: /logos/ingress-nginx.svg
 type: application
-version: 1.5.0
+version: 1.5.1

packages/extra/ingress/templates/dashboard.yaml

@@ -4,6 +4,15 @@
 {{- $myNS := lookup "v1" "Namespace" "" .Release.Namespace }}
 {{- $host := index $myNS.metadata.annotations "namespace.cozystack.io/host" }}
 
+{{- $tenantRoot := dict }}
+{{- if .Capabilities.APIVersions.Has "helm.toolkit.fluxcd.io/v2" }}
+{{- $tenantRoot = lookup "helm.toolkit.fluxcd.io/v2" "HelmRelease" "tenant-root" "tenant-root" }}
+{{- end }}
+{{- if and $tenantRoot $tenantRoot.spec $tenantRoot.spec.values $tenantRoot.spec.values.host }}
+{{- $host = $tenantRoot.spec.values.host }}
+{{- else }}
+{{- end }}
+
 {{- if .Values.dashboard }}
 apiVersion: networking.k8s.io/v1
 kind: Ingress

packages/extra/versions_map

@@ -11,13 +11,15 @@ etcd 2.5.0 24fa7222
 etcd 2.6.0 8c460528
 etcd 2.6.1 45a7416c
 etcd 2.7.0 HEAD
-info 1.0.0 HEAD
+info 1.0.0 93bdf411
+info 1.0.1 HEAD
 ingress 1.0.0 d7cfa53c
 ingress 1.1.0 5bbc488e
 ingress 1.2.0 28fca4ef
 ingress 1.3.0 fde4bcfa
 ingress 1.4.0 fd240701
-ingress 1.5.0 HEAD
+ingress 1.5.0 93bdf411
+ingress 1.5.1 HEAD
 monitoring 1.0.0 d7cfa53c
 monitoring 1.1.0 25221fdc
 monitoring 1.2.0 f81be075

packages/library/Makefile

@@ -0,0 +1,21 @@
+OUT=../../_out/repos/library
+TMP=../../_out/repos/library/historical
+
+repo:
+	rm -rf "$(OUT)"
+	mkdir -p "$(OUT)"
+	awk '$$3 != "HEAD" {print "mkdir -p $(TMP)/" $$1 "-" $$2}' versions_map | sh -ex
+	awk '$$3 != "HEAD" {print "git archive " $$3 " " $$1 " | tar -xf- --strip-components=1 -C $(TMP)/" $$1 "-" $$2 }' versions_map | sh -ex
+	helm package -d "$(OUT)" $$(find . $(TMP) -mindepth 2 -maxdepth 2 -name Chart.yaml | awk 'sub("/Chart.yaml", "")' | sort -V)
+	cd "$(OUT)" && helm repo index . --url http://cozystack.cozy-system.svc/repos/library
+	rm -rf "$(TMP)"
+
+fix-chartnames:
+	find . -maxdepth 2 -name Chart.yaml  | awk -F/ '{print $$2}' | while read i; do sed -i "s/^name: .*/name: $$i/" "$$i/Chart.yaml"; done
+
+gen-versions-map: fix-chartnames
+	../../hack/gen_versions_map.sh
+
+check-version-map: gen-versions-map
+	git diff --exit-code -- versions_map
+

packages/library/cozy-lib/.helmignore

@@ -0,0 +1,23 @@
+# Patterns to ignore when building packages.
+# This supports shell glob matching, relative path matching, and
+# negation (prefixed with !). Only one pattern per line.
+.DS_Store
+# Common VCS dirs
+.git/
+.gitignore
+.bzr/
+.bzrignore
+.hg/
+.hgignore
+.svn/
+# Common backup files
+*.swp
+*.bak
+*.tmp
+*.orig
+*~
+# Various IDEs
+.project
+.idea/
+*.tmproj
+.vscode/

packages/library/cozy-lib/Chart.yaml

@@ -0,0 +1,18 @@
+apiVersion: v2
+name: cozy-lib
+description: Common Cozystack templates
+
+# A chart can be either an 'application' or a 'library' chart.
+#
+# Application charts are a collection of templates that can be packaged into versioned archives
+# to be deployed.
+#
+# Library charts provide useful utilities or functions for the chart developer. They're included as
+# a dependency of application charts to inject those utilities and functions into the rendering
+# pipeline. Library charts do not define any templates and therefore cannot be deployed.
+type: library
+
+# This is the chart version. This version number should be incremented each time you make changes
+# to the chart and its templates, including the app version.
+# Versions are expected to follow Semantic Versioning (https://semver.org/)
+version: 0.1.0

packages/library/cozy-lib/Makefile

@@ -0,0 +1,6 @@
+include ../../../scripts/common-envs.mk
+include ../../../scripts/package.mk
+
+generate:
+	readme-generator -v values.yaml -s values.schema.json -r README.md
+

packages/library/cozy-lib/README.md

@@ -0,0 +1 @@
+## Parameters

packages/library/cozy-lib/templates/_resourcepresets.tpl

@@ -0,0 +1,49 @@
+{{/*
+Copyright Broadcom, Inc. All Rights Reserved.
+SPDX-License-Identifier: APACHE-2.0
+*/}}
+
+{{/* vim: set filetype=mustache: */}}
+
+{{/*
+Return a resource request/limit object based on a given preset.
+These presets are for basic testing and not meant to be used in production
+{{ include "cozy-lib.resources.preset" "nano" -}}
+*/}}
+{{- define "cozy-lib.resources.preset" -}}
+{{- $presets := dict 
+  "nano" (dict 
+      "requests" (dict "cpu" "100m" "memory" "128Mi" "ephemeral-storage" "50Mi")
+      "limits" (dict "memory" "128Mi" "ephemeral-storage" "2Gi")
+   )
+  "micro" (dict 
+      "requests" (dict "cpu" "250m" "memory" "256Mi" "ephemeral-storage" "50Mi")
+      "limits" (dict "memory" "256Mi" "ephemeral-storage" "2Gi")
+   )
+  "small" (dict 
+      "requests" (dict "cpu" "500m" "memory" "512Mi" "ephemeral-storage" "50Mi")
+      "limits" (dict "memory" "512Mi" "ephemeral-storage" "2Gi")
+   )
+  "medium" (dict 
+      "requests" (dict "cpu" "500m" "memory" "1Gi" "ephemeral-storage" "50Mi")
+      "limits" (dict "memory" "1Gi" "ephemeral-storage" "2Gi")
+   )
+  "large" (dict 
+      "requests" (dict "cpu" "1" "memory" "2Gi" "ephemeral-storage" "50Mi")
+      "limits" (dict "memory" "2Gi" "ephemeral-storage" "2Gi")
+   )
+  "xlarge" (dict 
+      "requests" (dict "cpu" "2" "memory" "4Gi" "ephemeral-storage" "50Mi")
+      "limits" (dict "memory" "4Gi" "ephemeral-storage" "2Gi")
+   )
+  "2xlarge" (dict 
+      "requests" (dict "cpu" "4" "memory" "8Gi" "ephemeral-storage" "50Mi")
+      "limits" (dict "memory" "8Gi" "ephemeral-storage" "2Gi")
+   )
+ }}
+{{- if hasKey $presets . -}}
+{{- index $presets . | toYaml -}}
+{{- else -}}
+{{- printf "ERROR: Preset key '%s' invalid. Allowed values are %s" . (join "," (keys $presets)) | fail -}}
+{{- end -}}
+{{- end -}}

packages/library/cozy-lib/templates/_resources.tpl

@@ -0,0 +1,53 @@
+{{- /*
+  A sanitized resource map is a dict with resource-name => resource-quantity.
+  If not in such a form, requests are used, then limits. All resources are set
+  to have equal requests and limits, except CPU, that has only requests. The
+  template expects to receive a dict {"requests":{...}, "limits":{...}} as
+  input, e.g. {{ include "cozy-lib.resources.sanitize" .Values.resources }}.
+  Example input:
+  ==============
+  limits:
+    cpu: 100m
+    memory: 1024Mi
+  requests:
+    cpu: 200m
+    memory: 512Mi
+  memory: 256Mi
+  devices.com/nvidia: "1"
+
+  Example output:
+  ===============
+  limits:
+    devices.com/nvidia: "1"
+    memory: 256Mi
+  requests:
+    cpu: 200m
+    devices.com/nvidia: "1"
+    memory: 256Mi
+*/}}
+{{- define "cozy-lib.resources.sanitize" }}
+{{-   $sanitizedMap := dict }}
+{{-   if hasKey . "limits" }}
+{{-     range $k, $v := .limits }}
+{{-       $_ := set $sanitizedMap $k $v }}
+{{-     end }}
+{{-   end }}
+{{-   if hasKey . "requests" }}
+{{-     range $k, $v := .requests }}
+{{-       $_ := set $sanitizedMap $k $v }}
+{{-     end }}
+{{-   end }}
+{{-   range $k, $v := . }}
+{{-     if not (or (eq $k "requests") (eq $k "limits")) }}
+{{-       $_ := set $sanitizedMap $k $v }}
+{{-     end }}
+{{-   end }}
+{{-   $output := dict "requests" dict "limits" dict }}
+{{-   range $k, $v := $sanitizedMap }}
+{{-     $_ := set $output.requests $k $v }}
+{{-     if not (eq $k "cpu") }}
+{{-       $_ := set $output.limits $k $v }}
+{{-     end }}
+{{-   end }}
+{{-   $output | toYaml }}
+{{- end  }}

packages/library/cozy-lib/values.schema.json

@@ -0,0 +1,5 @@
+{
+    "title": "Chart Values",
+    "type": "object",
+    "properties": {}
+}

packages/library/cozy-lib/values.yaml

@@ -0,0 +1 @@
+{}

packages/library/versions_map

@@ -0,0 +1 @@
+cozy-lib 0.1.0 HEAD

packages/system/cozystack-controller/Makefile

@@ -9,6 +9,8 @@ image: image-cozystack-controller update-version
 image-cozystack-controller:
 	docker buildx build -f images/cozystack-controller/Dockerfile ../../.. \
 		--provenance false \
+		--builder=$(BUILDER) \
+		--platform=$(PLATFORM) \
 		--tag $(REGISTRY)/cozystack-controller:$(call settag,$(TAG)) \
 		--cache-from type=registry,ref=$(REGISTRY)/cozystack-controller:latest \
 		--cache-to type=inline \

packages/system/cozystack-controller/templates/rbac.yaml

@@ -9,3 +9,6 @@ rules:
 - apiGroups: ['cozystack.io']
   resources: ['*']
   verbs: ['*']
+- apiGroups: ["helm.toolkit.fluxcd.io"]
+  resources: ["helmreleases"]
+  verbs: ["get", "list", "watch", "patch", "update"]

packages/system/dashboard/values.yaml

@@ -21,6 +21,15 @@ kubeapps:
       repository: dashboard
       tag: v0.31.0-rc.1
       digest: "sha256:a83fe4654f547469cfa469a02bda1273c54bca103a41eb007fdb2e18a7a91e93"
+  redis:
+    master:
+      resourcesPreset: "none"
+      resources:
+        requests:
+          cpu: 200m
+          memory: 256Mi
+        limits:
+          memory: 256Mi
   kubeappsapis:
     resourcesPreset: "none"
     image:

packages/system/gateway-api-crds/Chart.yaml

@@ -0,0 +1,3 @@
+apiVersion: v2
+name: cozy-gateway-api-crds
+version: 0.0.0 # Placeholder, the actual version will be automatically set during the build process

packages/system/gateway-api-crds/Makefile

@@ -0,0 +1,9 @@
+export NAME=gateway-api-crds
+export NAMESPACE=cozy-$(NAME)
+
+include ../../../scripts/package.mk
+
+update:
+	rm -rf templates
+	mkdir templates
+	kubectl kustomize "github.com/kubernetes-sigs/gateway-api/config/crd/experimental?ref=v1.2.0" > templates/crds-experimental.yaml

packages/system/keycloak-configure/templates/configure-kk.yaml

@@ -4,6 +4,15 @@
 {{- $rootSaConfigMap := lookup "v1" "ConfigMap" "kube-system" "kube-root-ca.crt" }}
 {{- $k8sCa := index $rootSaConfigMap.data "ca.crt" | b64enc }}
 
+{{- $tenantRoot := dict }}
+{{- if .Capabilities.APIVersions.Has "helm.toolkit.fluxcd.io/v2" }}
+{{- $tenantRoot = lookup "helm.toolkit.fluxcd.io/v2" "HelmRelease" "tenant-root" "tenant-root" }}
+{{- end }}
+{{- if and $tenantRoot $tenantRoot.spec $tenantRoot.spec.values $tenantRoot.spec.values.host }}
+{{- $host = $tenantRoot.spec.values.host }}
+{{- else }}
+{{- end }}
+
 {{- $existingK8sSecret := lookup "v1" "Secret" .Release.Namespace "k8s-client" }}
 {{- $existingKubeappsSecret := lookup "v1" "Secret" .Release.Namespace "kubeapps-client" }}
 {{- $existingAuthConfig := lookup "v1" "Secret" "cozy-dashboard" "kubeapps-auth-config" }}

packages/system/keycloak/templates/ingress.yaml

@@ -5,6 +5,15 @@
 {{- $rootns := lookup "v1" "Namespace" "" "tenant-root" }}
 {{- $ingress := index $rootns.metadata.annotations "namespace.cozystack.io/ingress" }}
 
+{{- $tenantRoot := dict }}
+{{- if .Capabilities.APIVersions.Has "helm.toolkit.fluxcd.io/v2" }}
+{{- $tenantRoot = lookup "helm.toolkit.fluxcd.io/v2" "HelmRelease" "tenant-root" "tenant-root" }}
+{{- end }}
+{{- if and $tenantRoot $tenantRoot.spec $tenantRoot.spec.values $tenantRoot.spec.values.host }}
+{{- $host = $tenantRoot.spec.values.host }}
+{{- else }}
+{{- end }}
+
 apiVersion: networking.k8s.io/v1
 kind: Ingress
 metadata:

packages/system/keycloak/templates/sts.yaml

@@ -7,6 +7,15 @@
   {{- $password = index $existingPassword.data "password" | b64dec }}
 {{- end }}
 
+{{- $tenantRoot := dict }}
+{{- if .Capabilities.APIVersions.Has "helm.toolkit.fluxcd.io/v2" }}
+{{- $tenantRoot = lookup "helm.toolkit.fluxcd.io/v2" "HelmRelease" "tenant-root" "tenant-root" }}
+{{- end }}
+{{- if and $tenantRoot $tenantRoot.spec $tenantRoot.spec.values $tenantRoot.spec.values.host }}
+{{- $host = $tenantRoot.spec.values.host }}
+{{- else }}
+{{- end }}
+
 apiVersion: v1
 kind: Secret
 metadata:

packages/system/kubeovn/charts/kube-ovn/Chart.yaml

@@ -15,12 +15,12 @@ type: application
 # This is the chart version. This version number should be incremented each time you make changes
 # to the chart and its templates, including the app version.
 # Versions are expected to follow Semantic Versioning (https://semver.org/)
-version: v1.13.10
+version: v1.13.11
 
 # This is the version number of the application being deployed. This version number should be
 # incremented each time you make changes to the application. Versions are not expected to
 # follow Semantic Versioning. They should reflect the version the application is using.
 # It is recommended to use it with quotes.
-appVersion: "1.13.10"
+appVersion: "1.13.11"
 
 kubeVersion: ">= 1.23.0-0"

packages/system/kubeovn/charts/kube-ovn/templates/controller-deploy.yaml

@@ -83,6 +83,9 @@ spec:
           - --node-switch={{ .Values.networking.NODE_SUBNET }}
           - --node-switch-cidr={{ index $cozyConfig.data "ipv4-join-cidr" }}
           - --service-cluster-ip-range={{ index $cozyConfig.data "ipv4-svc-cidr" }}
+          {{- if .Values.global.logVerbosity }}
+          - --v={{ .Values.global.logVerbosity }}
+          {{- end }}
           - --network-type={{- .Values.networking.NETWORK_TYPE }}
           - --default-provider-name={{ .Values.networking.vlan.PROVIDER_NAME }}
           - --default-interface-name={{- .Values.networking.vlan.VLAN_INTERFACE_NAME }}

packages/system/kubeovn/charts/kube-ovn/templates/ovncni-ds.yaml

@@ -35,11 +35,7 @@ spec:
         command:
           - sh
           - -xec
-          - {{ if not .Values.DISABLE_MODULES_MANAGEMENT -}}
-            iptables -V
-            {{- else -}}
-            echo "nothing to do"
-            {{- end }}
+          - iptables -V
         securityContext:
           allowPrivilegeEscalation: true
           capabilities:
@@ -93,6 +89,9 @@ spec:
           - --node-switch={{ .Values.networking.NODE_SUBNET }}
           - --encap-checksum=true
           - --service-cluster-ip-range={{ index $cozyConfig.data "ipv4-svc-cidr" }}
+          {{- if .Values.global.logVerbosity }}
+          - --v={{ .Values.global.logVerbosity }}
+          {{- end }}
           {{- if eq .Values.networking.NETWORK_TYPE "vlan" }}
           - --iface=
           {{- else}}
@@ -125,9 +124,6 @@ spec:
               - NET_RAW
               - SYS_ADMIN
               - SYS_PTRACE
-              {{- if not .Values.DISABLE_MODULES_MANAGEMENT }}
-              - SYS_MODULE
-              {{- end }}
               - SYS_NICE
         env:
           - name: ENABLE_SSL

packages/system/kubeovn/charts/kube-ovn/templates/ovsovn-ds.yaml

@@ -49,8 +49,9 @@ spec:
             - -xec
             - |
               chown -R nobody: /var/run/ovn /var/log/ovn /etc/openvswitch /var/run/openvswitch /var/log/openvswitch
-              {{- if not .Values.DISABLE_MODULES_MANAGEMENT }}
               iptables -V
+              {{- if not .Values.DISABLE_MODULES_MANAGEMENT }}
+              /usr/share/openvswitch/scripts/ovs-ctl load-kmod
               {{- else }}
               ln -sf /bin/true /usr/local/sbin/modprobe
               ln -sf /bin/true /usr/local/sbin/modinfo
@@ -64,6 +65,9 @@ spec:
             privileged: true
             runAsUser: 0
           volumeMounts:
+            - mountPath: /lib/modules
+              name: host-modules
+              readOnly: true
             - mountPath: /usr/local/sbin
               name: usr-local-sbin
             - mountPath: /var/log/ovn
@@ -96,9 +100,7 @@ spec:
               add:
                 - NET_ADMIN
                 - NET_BIND_SERVICE
-                {{- if not .Values.DISABLE_MODULES_MANAGEMENT }}
-                - SYS_MODULE
-                {{- end }}
+                - NET_RAW
                 - SYS_NICE
                 - SYS_ADMIN
           env:

packages/system/kubeovn/charts/kube-ovn/values.yaml

@@ -10,7 +10,7 @@ global:
       repository: kube-ovn
       dpdkRepository: kube-ovn-dpdk
       vpcRepository: vpc-nat-gateway
-      tag: v1.13.10
+      tag: v1.13.11
       support_arm: true
       thirdparty: true
 

packages/system/kubeovn/images/kubeovn/Dockerfile

@@ -1,9 +1,2 @@
-ARG VERSION=v1.13.10
+ARG VERSION=v1.13.11
 FROM kubeovn/kube-ovn:${VERSION}
-
-# Fix https://github.com/kubeovn/kube-ovn/issues/4526
-RUN setcap CAP_NET_ADMIN,CAP_NET_BIND_SERVICE,CAP_SYS_ADMIN+eip /usr/lib/openvswitch-switch/ovs-vswitchd \
- && setcap CAP_NET_ADMIN,CAP_NET_BIND_SERVICE,CAP_SYS_ADMIN+eip /usr/sbin/xtables-legacy-multi \
- && setcap CAP_NET_ADMIN,CAP_NET_BIND_SERVICE,CAP_SYS_ADMIN+eip /usr/sbin/xtables-nft-multi \
- && setcap CAP_NET_ADMIN,CAP_NET_RAW,CAP_NET_BIND_SERVICE,CAP_SYS_ADMIN+eip /usr/sbin/ipset \
- && setcap CAP_NET_ADMIN,CAP_NET_RAW,CAP_SYS_ADMIN+eip /usr/bin/ip

packages/system/kubeovn/patches/cozyconfig.diff

@@ -3,7 +3,7 @@ diff --git a/packages/system/kubeovn/charts/kube-ovn/templates/ovncni-ds.yaml b/
 index d9a9a67..b2e12dd 100644
 --- a/packages/system/kubeovn/charts/kube-ovn/templates/ovncni-ds.yaml
 +++ b/packages/system/kubeovn/charts/kube-ovn/templates/ovncni-ds.yaml
-@@ -51,18 +51,12 @@ spec:
+@@ -51,18 +51,15 @@ spec:
            - bash
            - /kube-ovn/start-cniserver.sh
          args:
@@ -21,6 +21,9 @@ index d9a9a67..b2e12dd 100644
 -          {{ .Values.ipv6.SVC_CIDR }}
 -          {{- end }}
 +          - --service-cluster-ip-range={{ index $cozyConfig.data "ipv4-svc-cidr" }}
++          {{- if .Values.global.logVerbosity }}
++          - --v={{ .Values.global.logVerbosity }}
++          {{- end }}
            {{- if eq .Values.networking.NETWORK_TYPE "vlan" }}
            - --iface=
            {{- else}}
@@ -28,7 +31,7 @@ diff --git a/packages/system/kubeovn/charts/kube-ovn/templates/controller-deploy
 index 0e69494..756eb7c 100644
 --- a/packages/system/kubeovn/charts/kube-ovn/templates/controller-deploy.yaml
 +++ b/packages/system/kubeovn/charts/kube-ovn/templates/controller-deploy.yaml
-@@ -52,46 +52,19 @@ spec:
+@@ -52,46 +52,22 @@ spec:
            image: {{ .Values.global.registry.address }}/{{ .Values.global.images.kubeovn.repository }}:{{ .Values.global.images.kubeovn.tag }}
            imagePullPolicy: {{ .Values.image.pullPolicy }}
            args:
@@ -77,6 +80,9 @@ index 0e69494..756eb7c 100644
 -          {{- end }}
 +          - --node-switch-cidr={{ index $cozyConfig.data "ipv4-join-cidr" }}
 +          - --service-cluster-ip-range={{ index $cozyConfig.data "ipv4-svc-cidr" }}
++          {{- if .Values.global.logVerbosity }}
++          - --v={{ .Values.global.logVerbosity }}
++          {{- end }}
            - --network-type={{- .Values.networking.NETWORK_TYPE }}
            - --default-provider-name={{ .Values.networking.vlan.PROVIDER_NAME }}
            - --default-interface-name={{- .Values.networking.vlan.VLAN_INTERFACE_NAME }}

packages/system/kubevirt/templates/kubevirt-cr.yaml

@@ -10,6 +10,9 @@ spec:
     commonInstancetypesDeployment:
       enabled: false
     developerConfiguration:
+      {{- if .Values.cpuAllocationRatio }}
+      cpuAllocationRatio: {{ .Values.cpuAllocationRatio }}
+      {{- end }}
       featureGates:
       - HotplugVolumes
       - ExpandDisks

packages/system/linstor/templates/podscrape.yaml

@@ -1,3 +1,4 @@
+{{- if .Capabilities.APIVersions.Has "operator.victoriametrics.com/v1beta1" }}
 apiVersion: operator.victoriametrics.com/v1beta1
 kind: VMPodScrape
 metadata:
@@ -42,3 +43,4 @@ spec:
   selector:
     matchLabels:
       app.kubernetes.io/component: linstor-controller
+{{- end }}

packages/system/piraeus-operator/templates/alerts.yaml

@@ -1,7 +1,8 @@
 {{- $files := .Files.Glob "alerts/*.yaml" -}}
+{{- if .Capabilities.APIVersions.Has "monitoring.coreos.com/v1" }}
 {{- range $path, $file := $files }}
 ---
 # from: {{ $path }}
 {{ toString $file }}
-
+{{- end }}
 {{- end -}}

scripts/common-envs.mk

@@ -14,3 +14,9 @@ ifeq ($(COZYSTACK_VERSION),)
     $(shell git fetch upstream --tags)
     COZYSTACK_VERSION = $(patsubst v%,%,$(shell git describe --tags))
 endif
+
+# Get the name of the selected docker buildx builder
+BUILDER ?= $(shell docker buildx inspect --bootstrap | head -n2 | awk '/^Name:/{print $$NF}')
+# Get platforms supported by the builder
+PLATFORM ?= $(shell docker buildx ls --format=json | jq -r 'select(.Name == "$(BUILDER)") | [.Nodes[].Platforms // []] | flatten | unique | map(select(test("^linux/amd64$$|^linux/arm64$$"))) | join(",")')
+