Add nats-operator

Makefile

@@ -6,7 +6,6 @@ build:
 	make -C packages/system/cilium image
 	make -C packages/system/kubeovn image
 	make -C packages/system/dashboard image
-	make -C packages/system/kamaji image
 	make -C packages/core/installer image
 	make manifests
 
@@ -21,8 +20,6 @@ repos:
 	make -C packages/system repo
 	make -C packages/apps repo
 	make -C packages/extra repo
-	mkdir -p _out/logos
-	cp ./packages/apps/*/logos/*.svg ./packages/extra/*/logos/*.svg _out/logos/
 
 assets:
 	make -C packages/core/installer/ assets

manifests/cozystack-installer.yaml

@@ -68,7 +68,7 @@ spec:
       serviceAccountName: cozystack
       containers:
       - name: cozystack
-        image: "ghcr.io/aenix-io/cozystack/cozystack:v0.10.4"
+        image: "ghcr.io/aenix-io/cozystack/cozystack:v0.9.0"
         env:
         - name: KUBERNETES_SERVICE_HOST
           value: localhost
@@ -87,7 +87,7 @@ spec:
             fieldRef:
               fieldPath: metadata.name
       - name: darkhttpd
-        image: "ghcr.io/aenix-io/cozystack/cozystack:v0.10.4"
+        image: "ghcr.io/aenix-io/cozystack/cozystack:v0.9.0"
         command:
         - /usr/bin/darkhttpd
         - /cozystack/assets

packages/apps/clickhouse/.helmignore

@@ -1,3 +0,0 @@
-.helmignore
-/logos
-/Makefile

packages/apps/clickhouse/Chart.yaml

@@ -1,7 +1,7 @@
 apiVersion: v2
 name: clickhouse
 description: Managed ClickHouse service
-icon: /logos/clickhouse.svg
+icon: https://cdn.worldvectorlogo.com/logos/clickhouse.svg
 
 # A chart can be either an 'application' or a 'library' chart.
 #

packages/apps/clickhouse/logos/clickhouse.svg

@@ -1 +0,0 @@
-<svg height="2222" viewBox="0 0 9 8" width="2500" xmlns="http://www.w3.org/2000/svg"><path d="m0 7h1v1h-1z" fill="#f00"/><path d="m0 0h1v7h-1zm2 0h1v8h-1zm2 0h1v8h-1zm2 0h1v8h-1zm2 3.25h1v1.5h-1z" fill="#fc0"/></svg>

packages/apps/ferretdb/.helmignore

@@ -1,3 +0,0 @@
-.helmignore
-/logos
-/Makefile

packages/apps/ferretdb/Chart.yaml

@@ -1,7 +1,7 @@
 apiVersion: v2
 name: ferretdb
 description: Managed FerretDB service
-icon: /logos/ferretdb.svg
+icon: ferretdb.svg
 
 # A chart can be either an 'application' or a 'library' chart.
 #
@@ -16,7 +16,7 @@ type: application
 # This is the chart version. This version number should be incremented each time you make changes
 # to the chart and its templates, including the app version.
 # Versions are expected to follow Semantic Versioning (https://semver.org/)
-version: 0.1.1
+version: 0.1.0
 
 # This is the version number of the application being deployed. This version number should be
 # incremented each time you make changes to the application. Versions are not expected to

packages/apps/ferretdb/templates/init-script.yaml

@@ -74,6 +74,9 @@ stringData:
       obj record;
     BEGIN
       FOR obj IN SELECT * FROM pg_event_trigger_ddl_commands() WHERE command_tag = 'CREATE SCHEMA' LOOP
+        EXECUTE format('ALTER SCHEMA %I OWNER TO %I', obj.object_identity, 'app_admin');
+        EXECUTE format('GRANT ALL ON SCHEMA %I TO %I', obj.object_identity, 'app_admin');
+
         -- Set owner for schema
         EXECUTE format('ALTER SCHEMA %I OWNER TO %I', obj.object_identity, 'app_admin');
 

packages/apps/ferretdb/templates/postgres.yaml

@@ -16,10 +16,6 @@ spec:
   storage:
     size: {{ required ".Values.size is required" .Values.size }}
 
-  inheritedMetadata:
-    labels:
-      policy.cozystack.io/allow-to-apiserver: "true"
-
   {{- if .Values.users }}
   managed:
     roles:

packages/apps/ferretdb/values2.yaml

@@ -1,56 +0,0 @@
-## @section Common parameters
-
-## @param external Enable external access from outside the cluster
-## @param size Persistent Volume size
-## @param replicas Number of Postgres replicas
-##
-external: false
-size: 10Gi
-replicas: 1
-
-## Configuration for the quorum-based synchronous replication
-## @param quorum.minSyncReplicas Minimum number of synchronous replicas that must acknowledge a transaction before it is considered committed.
-## @param quorum.maxSyncReplicas Maximum number of synchronous replicas that can acknowledge a transaction (must be lower than the number of instances).
-quorum:
-  minSyncReplicas: 0
-  maxSyncReplicas: 0
-
-## @section Configuration parameters
-
-## @param users [object] Users configuration
-## Example:
-## users:
-##   user1:
-##     password: strongpassword
-##   user2:
-##     password: hackme
-##
-users:
-  foo:
-    password: asd
-  bar:
-    password: asd
-  baz:
-    password: asd
-  boo:
-    password: asd
-
-## @section Backup parameters
-
-## @param backup.enabled Enable pereiodic backups
-## @param backup.s3Region The AWS S3 region where backups are stored
-## @param backup.s3Bucket The S3 bucket used for storing backups
-## @param backup.schedule Cron schedule for automated backups
-## @param backup.cleanupStrategy The strategy for cleaning up old backups
-## @param backup.s3AccessKey The access key for S3, used for authentication
-## @param backup.s3SecretKey The secret key for S3, used for authentication
-## @param backup.resticPassword The password for Restic backup encryption
-backup:
-  enabled: false
-  s3Region: us-east-1
-  s3Bucket: s3.example.org/postgres-backups
-  schedule: "0 2 * * *"
-  cleanupStrategy: "--keep-last=3 --keep-daily=3 --keep-within-weekly=1m"
-  s3AccessKey: oobaiRus9pah8PhohL1ThaeTa4UVa7gu
-  s3SecretKey: ju3eum4dekeich9ahM1te8waeGai0oog
-  resticPassword: ChaXoveekoh6eigh4siesheeda2quai0

packages/apps/http-cache/.helmignore

@@ -1,3 +1,23 @@
-.helmignore
-/logos
-/Makefile
+# Patterns to ignore when building packages.
+# This supports shell glob matching, relative path matching, and
+# negation (prefixed with !). Only one pattern per line.
+.DS_Store
+# Common VCS dirs
+.git/
+.gitignore
+.bzr/
+.bzrignore
+.hg/
+.hgignore
+.svn/
+# Common backup files
+*.swp
+*.bak
+*.tmp
+*.orig
+*~
+# Various IDEs
+.project
+.idea/
+*.tmproj
+.vscode/

packages/apps/http-cache/Chart.yaml

@@ -1,7 +1,7 @@
 apiVersion: v2
 name: http-cache
 description: Layer7 load balacner and caching service
-icon: /logos/nginx.svg
+icon: https://www.svgrepo.com/show/373924/nginx.svg
 
 # A chart can be either an 'application' or a 'library' chart.
 #

packages/apps/http-cache/images/nginx-cache.json

@@ -32,17 +32,7 @@
       }
     }
   },
-  "buildx.build.ref": "buildkit/buildkit0/u67issjnvf8mayitrr0yjhyvg",
-  "containerimage.config.digest": "sha256:4bfe7bdc746d0f7db6d8fccb4ef68c8b1dc2306c27e2716f589dee951bf86a03",
-  "containerimage.descriptor": {
-    "mediaType": "application/vnd.docker.distribution.manifest.v2+json",
-    "digest": "sha256:6b5dbb5319ddcf9f545ba0f7b8b3f2117e85bc96e684b5e3adf23e0fef5dde8d",
-    "size": 1094,
-    "platform": {
-      "architecture": "amd64",
-      "os": "linux"
-    }
-  },
-  "containerimage.digest": "sha256:6b5dbb5319ddcf9f545ba0f7b8b3f2117e85bc96e684b5e3adf23e0fef5dde8d",
-  "image.name": "ghcr.io/aenix-io/cozystack/nginx-cache:v0.1.0,ghcr.io/aenix-io/cozystack/nginx-cache:v0.1.0-v0.10.4"
+  "buildx.build.ref": "amd64/amd64/gaibgudlqaxqxufa236q5ffdk",
+  "containerimage.config.digest": "sha256:677b0b84d7a11a31971857863a6a83b5bb863583eca86a2c2b1b89c61659e549",
+  "containerimage.digest": "sha256:7f864e2c9c86b77e08953258521117503309f84783ea11c617db8c2534f8b545"
 }

packages/apps/http-cache/logos/nginx.svg

@@ -1,2 +0,0 @@
-<?xml version="1.0" encoding="utf-8"?><!-- Uploaded to: SVG Repo, www.svgrepo.com, Generator: SVG Repo Mixer Tools -->
-<svg width="800px" height="800px" viewBox="0 0 32 32" xmlns="http://www.w3.org/2000/svg"><title>file_type_nginx</title><path d="M15.948,2h.065a10.418,10.418,0,0,1,.972.528Q22.414,5.65,27.843,8.774a.792.792,0,0,1,.414.788c-.008,4.389,0,8.777-.005,13.164a.813.813,0,0,1-.356.507q-5.773,3.324-11.547,6.644a.587.587,0,0,1-.657.037Q9.912,26.6,4.143,23.274a.7.7,0,0,1-.4-.666q0-6.582,0-13.163a.693.693,0,0,1,.387-.67Q9.552,5.657,14.974,2.535c.322-.184.638-.379.974-.535" style="fill:#019639"/><path d="M8.767,10.538q0,5.429,0,10.859a1.509,1.509,0,0,0,.427,1.087,1.647,1.647,0,0,0,2.06.206,1.564,1.564,0,0,0,.685-1.293c0-2.62-.005-5.24,0-7.86q3.583,4.29,7.181,8.568a2.833,2.833,0,0,0,2.6.782,1.561,1.561,0,0,0,1.251-1.371q.008-5.541,0-11.081a1.582,1.582,0,0,0-3.152,0c0,2.662-.016,5.321,0,7.982-2.346-2.766-4.663-5.556-7-8.332A2.817,2.817,0,0,0,10.17,9.033,1.579,1.579,0,0,0,8.767,10.538Z" style="fill:#fff"/></svg>

packages/apps/kafka/.helmignore

@@ -1,3 +0,0 @@
-.helmignore
-/logos
-/Makefile

packages/apps/kafka/Chart.yaml

@@ -1,7 +1,7 @@
 apiVersion: v2
 name: kafka
 description: Managed Kafka service
-icon: /logos/kafka.svg
+icon: https://upload.wikimedia.org/wikipedia/commons/0/05/Apache_kafka.svg
 
 # A chart can be either an 'application' or a 'library' chart.
 #
@@ -16,7 +16,7 @@ type: application
 # This is the chart version. This version number should be incremented each time you make changes
 # to the chart and its templates, including the app version.
 # Versions are expected to follow Semantic Versioning (https://semver.org/)
-version: 0.2.3
+version: 0.2.1
 
 # This is the version number of the application being deployed. This version number should be
 # incremented each time you make changes to the application. Versions are not expected to

packages/apps/kafka/logos/kafka.svg

@@ -1 +0,0 @@
-<svg width="154" height="250" viewBox="0 0 256 416" xmlns="http://www.w3.org/2000/svg" preserveAspectRatio="xMidYMid"><path d="M201.816 230.216c-16.186 0-30.697 7.171-40.634 18.461l-25.463-18.026c2.703-7.442 4.255-15.433 4.255-23.797 0-8.219-1.498-16.076-4.112-23.408l25.406-17.835c9.936 11.233 24.409 18.365 40.548 18.365 29.875 0 54.184-24.305 54.184-54.184 0-29.879-24.309-54.184-54.184-54.184-29.875 0-54.184 24.305-54.184 54.184 0 5.348.808 10.505 2.258 15.389l-25.423 17.844c-10.62-13.175-25.911-22.374-43.333-25.182v-30.64c24.544-5.155 43.037-26.962 43.037-53.019C124.171 24.305 99.862 0 69.987 0 40.112 0 15.803 24.305 15.803 54.184c0 25.708 18.014 47.246 42.067 52.769v31.038C25.044 143.753 0 172.401 0 206.854c0 34.621 25.292 63.374 58.355 68.94v32.774c-24.299 5.341-42.552 27.011-42.552 52.894 0 29.879 24.309 54.184 54.184 54.184 29.875 0 54.184-24.305 54.184-54.184 0-25.883-18.253-47.553-42.552-52.894v-32.775a69.965 69.965 0 0 0 42.6-24.776l25.633 18.143c-1.423 4.84-2.22 9.946-2.22 15.24 0 29.879 24.309 54.184 54.184 54.184 29.875 0 54.184-24.305 54.184-54.184 0-29.879-24.309-54.184-54.184-54.184zm0-126.695c14.487 0 26.27 11.788 26.27 26.271s-11.783 26.27-26.27 26.27-26.27-11.787-26.27-26.27c0-14.483 11.783-26.271 26.27-26.271zm-158.1-49.337c0-14.483 11.784-26.27 26.271-26.27s26.27 11.787 26.27 26.27c0 14.483-11.783 26.27-26.27 26.27s-26.271-11.787-26.271-26.27zm52.541 307.278c0 14.483-11.783 26.27-26.27 26.27s-26.271-11.787-26.271-26.27c0-14.483 11.784-26.27 26.271-26.27s26.27 11.787 26.27 26.27zm-26.272-117.97c-20.205 0-36.642-16.434-36.642-36.638 0-20.205 16.437-36.642 36.642-36.642 20.204 0 36.641 16.437 36.641 36.642 0 20.204-16.437 36.638-36.641 36.638zm131.831 67.179c-14.487 0-26.27-11.788-26.27-26.271s11.783-26.27 26.27-26.27 26.27 11.787 26.27 26.27c0 14.483-11.783 26.271-26.27 26.271z" style="fill:#231f20"/></svg>

packages/apps/kafka/templates/kafka.yaml

@@ -26,25 +26,11 @@ spec:
         {{- end }}
         tls: false
     config:
-      {{- if eq (int .Values.kafka.replicas) 1 }}
-      offsets.topic.replication.factor: 1
-      transaction.state.log.replication.factor: 1
-      transaction.state.log.min.isr: 1
-      default.replication.factor: 1
-      min.insync.replicas: 1
-      {{- else if eq (int .Values.kafka.replicas) 2 }}
-      offsets.topic.replication.factor: 2
-      transaction.state.log.replication.factor: 2
-      transaction.state.log.min.isr: 2
-      default.replication.factor: 2
-      min.insync.replicas: 2
-      {{- else }}
       offsets.topic.replication.factor: 3
       transaction.state.log.replication.factor: 3
       transaction.state.log.min.isr: 2
       default.replication.factor: 3
       min.insync.replicas: 2
-      {{- end }}
     storage:
       type: jbod
       volumes:
@@ -65,8 +51,3 @@ spec:
   entityOperator:
     topicOperator: {}
     userOperator: {}
-    template:
-      pod:
-        metadata:
-         labels:
-           policy.cozystack.io/allow-to-apiserver: "true"

packages/apps/kafka/templates/topics.yaml

@@ -9,10 +9,10 @@ metadata:
 spec:
   topicName: "{{ $topic.name }}"
   {{- with $topic.partitions }}
-  partitions: {{ . }}
+  partitions: "{{ . }}"
   {{- end }}
   {{- with $topic.replicas }}
-  replicas: {{ . }}
+  replicas: "{{ . }}"
   {{- end }}
   {{- with $topic.config }}
   config:

packages/apps/kubernetes/.helmignore

@@ -1,3 +1,23 @@
-.helmignore
-/logos
-/Makefile
+# Patterns to ignore when building packages.
+# This supports shell glob matching, relative path matching, and
+# negation (prefixed with !). Only one pattern per line.
+.DS_Store
+# Common VCS dirs
+.git/
+.gitignore
+.bzr/
+.bzrignore
+.hg/
+.hgignore
+.svn/
+# Common backup files
+*.swp
+*.bak
+*.tmp
+*.orig
+*~
+# Various IDEs
+.project
+.idea/
+*.tmproj
+.vscode/

packages/apps/kubernetes/Chart.yaml

@@ -1,7 +1,7 @@
 apiVersion: v2
 name: kubernetes
 description: Managed Kubernetes service
-icon: /logos/kubernetes.svg
+icon: https://upload.wikimedia.org/wikipedia/commons/thumb/3/39/Kubernetes_logo_without_workmark.svg/723px-Kubernetes_logo_without_workmark.svg.png
 
 # A chart can be either an 'application' or a 'library' chart.
 #
@@ -16,7 +16,7 @@ type: application
 # This is the chart version. This version number should be incremented each time you make changes
 # to the chart and its templates, including the app version.
 # Versions are expected to follow Semantic Versioning (https://semver.org/)
-version: 0.8.2
+version: 0.6.0
 
 # This is the version number of the application being deployed. This version number should be
 # incremented each time you make changes to the application. Versions are not expected to

packages/apps/kubernetes/images/ubuntu-container-disk.json

@@ -32,17 +32,7 @@
       }
     }
   },
-  "buildx.build.ref": "buildkit/buildkit0/h1ysl3ux1rjq5dtblsuuc54l9",
-  "containerimage.config.digest": "sha256:c144c5f12a47af7880ee5f056b14177c07b585b8ab1e68b7e7900e1c923083cf",
-  "containerimage.descriptor": {
-    "mediaType": "application/vnd.docker.distribution.manifest.v2+json",
-    "digest": "sha256:81caf89efe252ae2ca1990d08a3a314552d70ff36bcd4022b173c7150fbec805",
-    "size": 506,
-    "platform": {
-      "architecture": "amd64",
-      "os": "linux"
-    }
-  },
-  "containerimage.digest": "sha256:81caf89efe252ae2ca1990d08a3a314552d70ff36bcd4022b173c7150fbec805",
-  "image.name": "ghcr.io/aenix-io/cozystack/ubuntu-container-disk:v1.30.1,ghcr.io/aenix-io/cozystack/ubuntu-container-disk:v1.30.1-v0.10.4"
+  "buildx.build.ref": "amd64/amd64/kk2drcq44gorgb3xwa8908pfc",
+  "containerimage.config.digest": "sha256:363589eb47379eb7548f047aae24045278f14db0b2026022b6bec33a04370f15",
+  "containerimage.digest": "sha256:f242fd77903f5f5a94ed157e98b0c4532e5ba91734d9653eaf26cfe4b23b017b"
 }

packages/apps/kubernetes/templates/cluster-autoscaler/deployment.yaml

@@ -14,7 +14,6 @@ spec:
     metadata:
       labels:
         app: {{ .Release.Name }}-cluster-autoscaler
-        policy.cozystack.io/allow-to-apiserver: "true"
     spec:
       tolerations:
         - key: CriticalAddonsOnly

packages/apps/kubernetes/templates/cluster.yaml

@@ -17,11 +17,6 @@ spec:
     spec:
       runStrategy: Always
       template:
-        metadata:
-          labels:
-            {{- range .group.roles }}
-            node-role.kubernetes.io/{{ . }}: ""
-            {{- end }}
         spec:
           domain:
             cpu:
@@ -34,10 +29,14 @@ spec:
                 disk:
                   bus: virtio
                   pciAddress: 0000:07:00.0
-              - name: ephemeral
+              - name: containerd
                 disk:
                   bus: virtio
                   pciAddress: 0000:08:00.0
+              - name: kubelet
+                disk:
+                  bus: virtio
+                  pciAddress: 0000:09:00.0
               networkInterfaceMultiqueue: true
             memory:
               guest: {{ .group.resources.memory }}
@@ -46,10 +45,15 @@ spec:
           - name: system
             containerDisk:
               image: "{{ $.Files.Get "images/ubuntu-container-disk.tag" | trim }}@{{ index ($.Files.Get "images/ubuntu-container-disk.json" | fromJson) "containerimage.digest" }}"
-          - name: ephemeral
+          - name: containerd
             emptyDisk:
-              capacity: {{ .group.ephemeralStorage | default "20Gi" }}
+              capacity: 20Gi
+          - name: kubelet
+            emptyDisk:
+              capacity: 20Gi
 {{- end }}
+
+
 ---
 apiVersion: cluster.x-k8s.io/v1beta1
 kind: Cluster
@@ -104,9 +108,6 @@ spec:
       hostname: {{ .Values.host | default (printf "%s.%s" .Release.Name $host) }}:443
       className: "{{ $ingress }}"
   deployment:
-    podAdditionalMetadata:
-      labels:
-        policy.cozystack.io/allow-to-etcd: "true"
   replicas: 2
   version: 1.30.1
 ---
@@ -131,19 +132,17 @@ spec:
         filesystems:
         - device: /dev/vdb
           filesystem: xfs
-          label: ephemeral
+          label: containerd
+          partition: "none"
+        - device: /dev/vdc
+          filesystem: xfs
+          label: kubelet
           partition: "none"
       mounts:
-      - ["LABEL=ephemeral", "/ephemeral"]
-      - ["/ephemeral/kubelet", "/var/lib/kubelet", "none", "bind,nofail"]
-      - ["/ephemeral/containerd", "/var/lib/containerd", "none", "bind,nofail"]
+      - ["LABEL=containerd", "/var/lib/containerd"]
+      - ["LABEL=kubelet", "/var/lib/kubelet"]
       preKubeadmCommands:
       - sed -i 's|root:x:|root::|' /etc/passwd
-      - systemctl stop containerd.service
-      - mkdir -p /ephemeral/kubelet /ephemeral/containerd
-      - mount -o bind /ephemeral/kubelet /var/lib/kubelet
-      - mount -o bind /ephemeral/containerd /var/lib/containerd
-      - systemctl start containerd.service
       joinConfiguration:
         nodeRegistration:
           kubeletExtraArgs: {}

packages/apps/kubernetes/templates/csi/deploy.yaml

@@ -13,7 +13,6 @@ spec:
     metadata:
       labels:
         app: {{ .Release.Name }}-kcsi-driver
-        policy.cozystack.io/allow-to-apiserver: "true"
     spec:
       serviceAccountName: {{ .Release.Name }}-kcsi
       priorityClassName: system-cluster-critical

packages/apps/kubernetes/templates/ingress.yaml

@@ -7,14 +7,8 @@ kind: Ingress
 metadata:
   name: {{ .Release.Name }}-ingress-nginx
   annotations:
-    nginx.ingress.kubernetes.io/backend-protocol: AUTO_HTTP
-    nginx.ingress.kubernetes.io/configuration-snippet: |
-      if ($scheme = http) {
-        set $proxy_upstream_name "{{ .Release.Namespace }}-{{ .Release.Name }}-ingress-nginx-80";
-        set $proxy_host $proxy_upstream_name;
-      }
-    nginx.ingress.kubernetes.io/ssl-passthrough: "true"
     nginx.ingress.kubernetes.io/ssl-redirect: "false"
+    nginx.ingress.kubernetes.io/ssl-passthrough: "true"
 spec:
   ingressClassName: "{{ $ingress }}"
   rules:
@@ -29,13 +23,6 @@ spec:
             name: {{ $.Release.Name }}-ingress-nginx
             port:
               number: 443
-      - path: /
-        pathType: ImplementationSpecific
-        backend:
-          service:
-            name: {{ $.Release.Name }}-ingress-nginx
-            port:
-              number: 80
   {{- end }}
 ---
 apiVersion: v1

packages/apps/kubernetes/templates/kccm/manager.yaml

@@ -13,7 +13,6 @@ spec:
     metadata:
       labels:
         k8s-app: {{ .Release.Name }}-kccm
-        policy.cozystack.io/allow-to-apiserver: "true"
     spec:
       tolerations:
         - key: CriticalAddonsOnly

packages/apps/kubernetes/values.yaml

@@ -16,7 +16,6 @@ nodeGroups:
     resources:
       cpu: 2
       memory: 1024Mi
-    ephemeralStorage: 20Gi
     roles:
     - ingress-nginx
 

packages/apps/mysql/.helmignore

@@ -1,3 +1,23 @@
-.helmignore
-/logos
-/Makefile
+# Patterns to ignore when building packages.
+# This supports shell glob matching, relative path matching, and
+# negation (prefixed with !). Only one pattern per line.
+.DS_Store
+# Common VCS dirs
+.git/
+.gitignore
+.bzr/
+.bzrignore
+.hg/
+.hgignore
+.svn/
+# Common backup files
+*.swp
+*.bak
+*.tmp
+*.orig
+*~
+# Various IDEs
+.project
+.idea/
+*.tmproj
+.vscode/

packages/apps/mysql/Chart.yaml

@@ -1,7 +1,7 @@
 apiVersion: v2
 name: mysql
 description: Managed MariaDB service
-icon: /logos/mariadb.svg
+icon: https://static-00.iconduck.com/assets.00/mariadb-icon-512x340-txozryr2.png
 
 # A chart can be either an 'application' or a 'library' chart.
 #

packages/apps/mysql/logos/mariadb.svg

@@ -1,12 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<!-- Uploaded to: SVG Repo, www.svgrepo.com, Generator: SVG Repo Mixer Tools -->
-<svg width="800px" height="800px" viewBox="0 -43 256 256" version="1.1" xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink" preserveAspectRatio="xMidYMid">
-    <g>
-        <path d="M250.382523,0.00447241672 C246.426131,0.130891567 247.677353,1.27087056 239.128415,3.37469592 C230.495553,5.49917829 219.950359,4.84773528 210.654095,8.74649903 C182.903099,20.3847485 177.335232,60.1626339 152.106938,74.4118517 C133.249415,85.0635193 114.223916,85.9130759 97.1188786,91.2730771 C85.8778244,94.7980074 73.5811418,102.026905 63.3964279,110.803626 C55.49096,117.618586 55.2845466,123.610697 47.0245784,132.158212 C38.1894743,141.300822 11.9101646,132.312705 0,146.305625 C3.83670733,150.185042 5.51875114,151.271649 13.0796841,150.265122 C11.5142932,153.232113 2.28663486,155.732479 4.09296236,160.097129 C5.99360595,164.689675 28.3022154,167.802917 48.5816837,155.559279 C58.0261053,149.857249 65.5486285,141.638595 80.2576532,139.676806 C99.2917078,137.139881 121.218611,141.30404 143.253683,144.481588 C139.986431,154.22355 133.426672,160.702176 128.172006,168.461009 C126.544787,170.213508 131.440311,170.409956 137.025262,169.350783 C147.071883,166.866533 154.312169,164.86632 161.894457,160.453039 C171.209327,155.030397 172.62088,141.127864 184.04984,138.119701 C190.417778,147.907219 207.737102,150.219223 218.48411,142.390618 C209.053925,139.721295 206.447626,119.648695 209.630855,110.803626 C212.646122,102.431204 215.625486,89.0383196 218.662065,77.9709494 C221.922199,66.0849867 223.124932,51.1038191 227.070434,45.0492956 C233.00651,35.9401552 239.565643,32.81205 245.260156,27.675489 C250.954656,22.538928 256.166954,17.538894 255.995904,5.78538669 C255.940809,1.99964564 253.983391,-0.11060033 250.382523,0.00447241672 L250.382523,0.00447241672 Z" fill="#002B64">
-
-</path>
-        <path d="M241.905484,6.96809574 C242.853676,10.2001831 244.337002,11.6835082 250.750076,12.2768382 C249.813239,20.407447 244.389521,24.8545834 238.308598,29.1214497 C232.957272,32.8744751 227.094944,36.4883945 223.327724,42.3507224 C219.46824,48.3564147 217.01827,68.9100487 211.033869,89.2081817 C205.861394,106.746904 198.050161,124.088323 184.409248,131.686638 C182.98412,128.099688 184.590937,121.479374 181.756296,119.303358 C179.922367,124.53403 177.848551,129.524816 175.419872,134.163578 C167.415594,149.462409 155.564607,160.917369 135.760443,164.414894 C145.157201,151.699462 154.142319,138.568131 154.336783,116.651825 C147.723566,118.082631 147.864092,133.703676 141.069185,137.879698 C136.712894,138.353794 132.299824,138.350955 127.858366,138.084099 C109.618435,136.991122 90.9072468,131.509207 73.84404,136.984025 C62.2258429,140.71292 52.7240456,149.509251 42.8858386,153.776117 C31.323,158.791033 22.5664139,160.853494 8.16751449,158.791033 C6.33926307,156.328288 18.7055102,153.150139 17.9659769,147.803072 C12.3307609,147.179933 9.058929,148.545444 4.16040754,146.319747 C4.70121793,145.323293 5.49610985,144.492915 6.49682201,143.801643 C15.4748424,137.587291 40.9766785,142.333932 47.8013935,135.632709 C52.0143206,131.499271 54.7779895,127.172788 57.6396004,122.966958 C60.4146249,118.886039 63.2833331,114.918677 67.6538192,111.343083 C69.2677337,110.022994 71.0221737,108.71852 72.8844919,107.445273 C80.3323453,102.348029 89.5459944,97.7248808 98.6134401,94.5382159 C110.965493,90.1961188 123.482202,89.8384174 136.647599,84.8078871 C144.781047,81.6992919 153.625639,77.8596801 160.835025,72.4870623 C162.546881,71.2095575 164.166473,69.8483051 165.663993,68.3891106 C186.250274,48.3209285 190.331193,12.9212684 222.449085,9.62246697 C226.3327,9.22360156 229.512267,9.3527715 232.406525,9.26476561 C235.742233,9.16540412 238.694688,8.77789431 241.905484,6.96809574 Z M202.75118,120.267107 C203.134432,126.40197 206.695831,138.573752 209.839913,141.531886 C203.682339,143.029405 193.074791,140.555304 190.353705,136.211788 C191.751863,129.940658 199.027963,124.2075 202.75118,120.267107 Z" fill="#C49A6C" fill-rule="nonzero">
-
-</path>
-        <path d="M244.218787,13.8370641 C242.980829,16.4335799 240.610981,19.7812981 240.610981,26.3910072 C240.60081,27.5258023 239.749351,28.3031588 239.734821,26.5537435 C239.798753,20.0936937 241.508937,17.3010225 243.32519,13.6307377 C244.169385,12.12688 244.677936,12.7473121 244.218787,13.8370641 Z M242.972111,12.8591933 C241.511843,15.3365629 237.995576,19.8554012 237.414375,26.4404093 C237.306853,27.5693924 236.388555,28.2682867 236.528044,26.5232305 C237.161553,20.0951467 239.97166,16.0717822 242.104668,12.5744048 C243.072368,11.1519152 243.527158,11.8144844 242.972111,12.8591933 Z M241.835862,11.5631149 C240.172174,13.9082613 234.759739,19.3352263 233.62785,25.8490372 C233.42443,26.9634903 232.450918,27.5853754 232.73716,25.8577553 C233.90828,19.5037746 238.573871,14.5098044 240.993121,11.2071293 C242.077061,9.86891382 242.473731,10.5678081 241.835862,11.5631149 Z M240.821667,10.1173773 L240.274318,10.6995682 C237.854262,13.2941372 232.232203,19.6224619 230.358594,25.4145894 C229.99825,26.4898114 228.947729,26.9693023 229.475169,25.2983492 C231.526809,19.17249 237.177536,12.5744048 240.037045,9.64515141 C241.299704,8.47257825 241.593211,9.22087463 240.821667,10.1173773 Z M211.771784,23.2321794 C213.025725,17.8458985 217.214732,15.391777 224.446326,15.9904141 C226.191383,24.0298779 216.425752,27.2729799 211.771784,23.2321794 Z" fill="#002B64">
-

packages/apps/nats/.helmignore

@@ -1,3 +0,0 @@
-.helmignore
-/logos
-/Makefile

packages/apps/nats/Chart.yaml

@@ -1,25 +0,0 @@
-apiVersion: v2
-name: nats
-description: Managed NATS service
-icon: /logos/nats.svg
-
-# A chart can be either an 'application' or a 'library' chart.
-#
-# Application charts are a collection of templates that can be packaged into versioned archives
-# to be deployed.
-#
-# Library charts provide useful utilities or functions for the chart developer. They're included as
-# a dependency of application charts to inject those utilities and functions into the rendering
-# pipeline. Library charts do not define any templates and therefore cannot be deployed.
-type: application
-
-# This is the chart version. This version number should be incremented each time you make changes
-# to the chart and its templates, including the app version.
-# Versions are expected to follow Semantic Versioning (https://semver.org/)
-version: 0.1.0
-
-# This is the version number of the application being deployed. This version number should be
-# incremented each time you make changes to the application. Versions are not expected to
-# follow Semantic Versioning. They should reflect the version the application is using.
-# It is recommended to use it with quotes.
-appVersion: "1.4.1"

packages/apps/nats/Makefile

@@ -1,2 +0,0 @@
-generate:
-	readme-generator -v values.yaml -s values.schema.json -r README.md

packages/apps/nats/README.md

@@ -1,11 +0,0 @@
-# Managed NATS Service
-
-## Parameters
-
-### Common parameters
-
-| Name       | Description                                     | Value   |
-| ---------- | ----------------------------------------------- | ------- |
-| `external` | Enable external access from outside the cluster | `false` |
-| `replicas` | Persistent Volume size for NATS                 | `3`     |
-

packages/apps/nats/logos/nats.svg

@@ -1,76 +0,0 @@
-<?xml version="1.0" encoding="UTF-8" standalone="no"?>
-<!-- Generator: Adobe Illustrator 24.3.0, SVG Export Plug-In . SVG Version: 6.00 Build 0)  -->
-
-<svg
-   version="1.0"
-   id="katman_1"
-   x="0px"
-   y="0px"
-   viewBox="0 0 440.79001 456.32996"
-   xml:space="preserve"
-   sodipodi:docname="NATS.io.svg"
-   width="440.79001"
-   height="456.32999"
-   inkscape:version="1.1.1 (c3084ef, 2021-09-22)"
-   xmlns:inkscape="http://www.inkscape.org/namespaces/inkscape"
-   xmlns:sodipodi="http://sodipodi.sourceforge.net/DTD/sodipodi-0.dtd"
-   xmlns="http://www.w3.org/2000/svg"
-   xmlns:svg="http://www.w3.org/2000/svg"><defs
-   id="defs843" /><sodipodi:namedview
-   id="namedview841"
-   pagecolor="#ffffff"
-   bordercolor="#666666"
-   borderopacity="1.0"
-   inkscape:pageshadow="2"
-   inkscape:pageopacity="0.0"
-   inkscape:pagecheckerboard="0"
-   showgrid="false"
-   width="440.79px"
-   height="456.32999px"
-   inkscape:zoom="0.27371294"
-   inkscape:cx="524.2719"
-   inkscape:cy="823.85584"
-   inkscape:window-width="1312"
-   inkscape:window-height="969"
-   inkscape:window-x="0"
-   inkscape:window-y="25"
-   inkscape:window-maximized="0"
-   inkscape:current-layer="katman_1" />
-<style
-   type="text/css"
-   id="style824">
-	.st0{fill:#32A574;}
-	.st1{fill:#2AAAE1;}
-	.st2{fill:#8EC044;}
-	.st3{fill:#385C93;}
-	.st4{fill:#FFFFFF;}
-</style>
-<path
-   class="st0"
-   d="M 220.4,0 H 440.79 V 178.67 H 220.4 Z"
-   id="path826" />
-<path
-   class="st1"
-   d="M 0,0 H 220.39 V 178.67 H 0 Z"
-   id="path828" />
-<path
-   class="st2"
-   d="M 220.4,178.83 H 440.79 V 357.5 H 220.4 Z"
-   id="path830" />
-<path
-   class="st3"
-   d="M 0,178.83 H 220.39 V 357.5 H 0 Z"
-   id="path832" />
-<path
-   class="st2"
-   d="m 188,356.52 107.82,99.81 v -99.81 z"
-   id="path834" />
-<path
-   class="st3"
-   d="m 220.4,356.52 1.15,31.41 -34.52,-32.23 z"
-   id="path836" />
-<path
-   class="st4"
-   d="M 311.7,231.03 V 83.12 h 52.69 V 274.39 H 284.54 L 123.37,123.86 V 274.55 H 70.52 V 83.12 h 82.63 z"
-   id="path838" />
-</svg>

packages/apps/nats/templates/nats.yaml

@@ -1,43 +0,0 @@
-apiVersion: helm.toolkit.fluxcd.io/v2
-kind: HelmRelease
-metadata:
-  name: {{ .Release.Name }}-system
-spec:
-  chart:
-    spec:
-      chart: cozy-nats
-      reconcileStrategy: Revision
-      sourceRef:
-        kind: HelmRepository
-        name: cozystack-system
-        namespace: cozy-system
-      version: '*'
-  interval: 1m0s
-  timeout: 5m0s
-  values:
-    nats:
-      fullnameOverride: {{ .Release.Name }}
-      config:
-        cluster:
-          enabled: true
-          replicas: {{ .Values.replicas }}
-        monitor:
-          enabled: true
-        jetstream:
-          enabled: true
-          fileStore:
-            enabled: true
-            pvc:
-              enabled: true
-              size: 10Gi
-              storageClassName: local
-      promExporter:
-        enabled: true
-        podMonitor:
-          enabled: true
-      {{- if .Values.external }}
-      service:
-        merge:
-          spec:
-            type: LoadBalancer
-      {{- end }}

packages/apps/nats/values.schema.json

@@ -1,16 +0,0 @@
-{
-    "title": "Chart Values",
-    "type": "object",
-    "properties": {
-        "external": {
-            "type": "boolean",
-            "description": "Enable external access from outside the cluster",
-            "default": false
-        },
-        "replicas": {
-            "type": "number",
-            "description": "Persistent Volume size for NATS",
-            "default": 3
-        }
-    }
-}

packages/apps/nats/values.yaml

@@ -1,8 +0,0 @@
-
-## @section Common parameters
-
-## @param external Enable external access from outside the cluster
-## @param replicas Persistent Volume size for NATS
-##
-external: false
-replicas: 2

packages/apps/postgres/.helmignore

@@ -1,3 +1,23 @@
-.helmignore
-/logos
-/Makefile
+# Patterns to ignore when building packages.
+# This supports shell glob matching, relative path matching, and
+# negation (prefixed with !). Only one pattern per line.
+.DS_Store
+# Common VCS dirs
+.git/
+.gitignore
+.bzr/
+.bzrignore
+.hg/
+.hgignore
+.svn/
+# Common backup files
+*.swp
+*.bak
+*.tmp
+*.orig
+*~
+# Various IDEs
+.project
+.idea/
+*.tmproj
+.vscode/

packages/apps/postgres/Chart.yaml

@@ -1,7 +1,7 @@
 apiVersion: v2
 name: postgres
 description: Managed PostgreSQL service
-icon: /logos/postgres.svg
+icon: https://cdn-icons-png.flaticon.com/512/5968/5968342.png
 
 # A chart can be either an 'application' or a 'library' chart.
 #
@@ -16,7 +16,7 @@ type: application
 # This is the chart version. This version number should be incremented each time you make changes
 # to the chart and its templates, including the app version.
 # Versions are expected to follow Semantic Versioning (https://semver.org/)
-version: 0.4.1
+version: 0.3.0
 
 # This is the version number of the application being deployed. This version number should be
 # incremented each time you make changes to the application. Versions are not expected to

packages/apps/postgres/logos/postgres.svg

@@ -1,22 +0,0 @@
-<?xml version="1.0"?>
-<!DOCTYPE svg PUBLIC "-//W3C//DTD SVG 1.1//EN"
-  "http://www.w3.org/Graphics/SVG/1.1/DTD/svg11.dtd">
-
-<svg width="432.071pt" height="445.383pt" viewBox="0 0 432.071 445.383" xml:space="preserve" xmlns="http://www.w3.org/2000/svg">
-<g id="orginal" style="fill-rule:nonzero;clip-rule:nonzero;stroke:#000000;stroke-miterlimit:4;">
-	</g>
-<g id="Layer_x0020_3" style="fill-rule:nonzero;clip-rule:nonzero;fill:none;stroke:#FFFFFF;stroke-width:12.4651;stroke-linecap:round;stroke-linejoin:round;stroke-miterlimit:4;">
-<path style="fill:#000000;stroke:#000000;stroke-width:37.3953;stroke-linecap:butt;stroke-linejoin:miter;" d="M323.205,324.227c2.833-23.601,1.984-27.062,19.563-23.239l4.463,0.392c13.517,0.615,31.199-2.174,41.587-7c22.362-10.376,35.622-27.7,13.572-23.148c-50.297,10.376-53.755-6.655-53.755-6.655c53.111-78.803,75.313-178.836,56.149-203.322    C352.514-5.534,262.036,26.049,260.522,26.869l-0.482,0.089c-9.938-2.062-21.06-3.294-33.554-3.496c-22.761-0.374-40.032,5.967-53.133,15.904c0,0-161.408-66.498-153.899,83.628c1.597,31.936,45.777,241.655,98.47,178.31    c19.259-23.163,37.871-42.748,37.871-42.748c9.242,6.14,20.307,9.272,31.912,8.147l0.897-0.765c-0.281,2.876-0.157,5.689,0.359,9.019c-13.572,15.167-9.584,17.83-36.723,23.416c-27.457,5.659-11.326,15.734-0.797,18.367c12.768,3.193,42.305,7.716,62.268-20.224    l-0.795,3.188c5.325,4.26,4.965,30.619,5.72,49.452c0.756,18.834,2.017,36.409,5.856,46.771c3.839,10.36,8.369,37.05,44.036,29.406c29.809-6.388,52.6-15.582,54.677-101.107"/>
-<path style="fill:#336791;stroke:none;" d="M402.395,271.23c-50.302,10.376-53.76-6.655-53.76-6.655c53.111-78.808,75.313-178.843,56.153-203.326c-52.27-66.785-142.752-35.2-144.262-34.38l-0.486,0.087c-9.938-2.063-21.06-3.292-33.56-3.496c-22.761-0.373-40.026,5.967-53.127,15.902    c0,0-161.411-66.495-153.904,83.63c1.597,31.938,45.776,241.657,98.471,178.312c19.26-23.163,37.869-42.748,37.869-42.748c9.243,6.14,20.308,9.272,31.908,8.147l0.901-0.765c-0.28,2.876-0.152,5.689,0.361,9.019c-13.575,15.167-9.586,17.83-36.723,23.416    c-27.459,5.659-11.328,15.734-0.796,18.367c12.768,3.193,42.307,7.716,62.266-20.224l-0.796,3.188c5.319,4.26,9.054,27.711,8.428,48.969c-0.626,21.259-1.044,35.854,3.147,47.254c4.191,11.4,8.368,37.05,44.042,29.406c29.809-6.388,45.256-22.942,47.405-50.555    c1.525-19.631,4.976-16.729,5.194-34.28l2.768-8.309c3.192-26.611,0.507-35.196,18.872-31.203l4.463,0.392c13.517,0.615,31.208-2.174,41.591-7c22.358-10.376,35.618-27.7,13.573-23.148z"/>
-<path d="M215.866,286.484c-1.385,49.516,0.348,99.377,5.193,111.495c4.848,12.118,15.223,35.688,50.9,28.045c29.806-6.39,40.651-18.756,45.357-46.051c3.466-20.082,10.148-75.854,11.005-87.281"/>
-<path d="M173.104,38.256c0,0-161.521-66.016-154.012,84.109c1.597,31.938,45.779,241.664,98.473,178.316c19.256-23.166,36.671-41.335,36.671-41.335"/>
-<path d="M260.349,26.207c-5.591,1.753,89.848-34.889,144.087,34.417c19.159,24.484-3.043,124.519-56.153,203.329"/>
-<path style="stroke-linejoin:bevel;" d="M348.282,263.953c0,0,3.461,17.036,53.764,6.653c22.04-4.552,8.776,12.774-13.577,23.155c-18.345,8.514-59.474,10.696-60.146-1.069c-1.729-30.355,21.647-21.133,19.96-28.739c-1.525-6.85-11.979-13.573-18.894-30.338    c-6.037-14.633-82.796-126.849,21.287-110.183c3.813-0.789-27.146-99.002-124.553-100.599c-97.385-1.597-94.19,119.762-94.19,119.762"/>
-<path d="M188.604,274.334c-13.577,15.166-9.584,17.829-36.723,23.417c-27.459,5.66-11.326,15.733-0.797,18.365c12.768,3.195,42.307,7.718,62.266-20.229c6.078-8.509-0.036-22.086-8.385-25.547c-4.034-1.671-9.428-3.765-16.361,3.994z"/>
-<path d="M187.715,274.069c-1.368-8.917,2.93-19.528,7.536-31.942c6.922-18.626,22.893-37.255,10.117-96.339c-9.523-44.029-73.396-9.163-73.436-3.193c-0.039,5.968,2.889,30.26-1.067,58.548c-5.162,36.913,23.488,68.132,56.479,64.938"/>
-<path style="fill:#FFFFFF;stroke-width:4.155;stroke-linecap:butt;stroke-linejoin:miter;" d="M172.517,141.7c-0.288,2.039,3.733,7.48,8.976,8.207c5.234,0.73,9.714-3.522,9.998-5.559c0.284-2.039-3.732-4.285-8.977-5.015c-5.237-0.731-9.719,0.333-9.996,2.367z"/>
-<path style="fill:#FFFFFF;stroke-width:2.0775;stroke-linecap:butt;stroke-linejoin:miter;" d="M331.941,137.543c0.284,2.039-3.732,7.48-8.976,8.207c-5.238,0.73-9.718-3.522-10.005-5.559c-0.277-2.039,3.74-4.285,8.979-5.015c5.239-0.73,9.718,0.333,10.002,2.368z"/>
-<path d="M350.676,123.432c0.863,15.994-3.445,26.888-3.988,43.914c-0.804,24.748,11.799,53.074-7.191,81.435"/>
-<path style="stroke-width:3;" d="M0,60.232"/>
-</g>
-</svg>

packages/apps/postgres/templates/db.yaml

@@ -19,7 +19,3 @@ spec:
 
   storage:
     size: {{ required ".Values.size is required" .Values.size }}
-
-  inheritedMetadata:
-    labels:
-      policy.cozystack.io/allow-to-apiserver: "true"

packages/apps/postgres/templates/init-script.yaml

@@ -53,80 +53,47 @@ stringData:
 
     echo "== grant privileges on databases to roles"
     {{- range $database, $d := .Values.databases }}
-    psql -v ON_ERROR_STOP=1 --echo-all -d "{{ $database }}" <<\EOT
-    ALTER DATABASE {{ $database }} OWNER TO {{ $database }}_admin;
-    GRANT CONNECT ON DATABASE {{ $database }} TO {{ $database }}_readonly;
 
-    DO $$
+    # admin
+    psql -v ON_ERROR_STOP=1 --echo-all -d "{{ $database }}" <<\EOT
+    DO $$DECLARE r record;
     DECLARE
-        schema_record record;
+        v_schema varchar := 'public';
+        v_new_owner varchar := '{{ $database }}_admin';
     BEGIN
-        -- Loop over all schemas
-        FOR schema_record IN SELECT schema_name FROM information_schema.schemata WHERE schema_name NOT IN ('pg_catalog', 'information_schema') LOOP
-            -- Changing Schema Ownership
-            EXECUTE format('ALTER SCHEMA %I OWNER TO %I', schema_record.schema_name, '{{ $database }}_admin');
-    
-            -- Add rights for the admin role
-            EXECUTE format('GRANT ALL ON SCHEMA %I TO %I', schema_record.schema_name, '{{ $database }}_admin');
-            EXECUTE format('GRANT ALL ON ALL TABLES IN SCHEMA %I TO %I', schema_record.schema_name, '{{ $database }}_admin');
-            EXECUTE format('GRANT ALL ON ALL SEQUENCES IN SCHEMA %I TO %I', schema_record.schema_name, '{{ $database }}_admin');
-            EXECUTE format('GRANT ALL ON ALL FUNCTIONS IN SCHEMA %I TO %I', schema_record.schema_name, '{{ $database }}_admin');
-            EXECUTE format('ALTER DEFAULT PRIVILEGES IN SCHEMA %I GRANT ALL ON TABLES TO %I', schema_record.schema_name, '{{ $database }}_admin');
-            EXECUTE format('ALTER DEFAULT PRIVILEGES IN SCHEMA %I GRANT ALL ON SEQUENCES TO %I', schema_record.schema_name, '{{ $database }}_admin');
-            EXECUTE format('ALTER DEFAULT PRIVILEGES IN SCHEMA %I GRANT ALL ON FUNCTIONS TO %I', schema_record.schema_name, '{{ $database }}_admin');
-    
-            -- Add rights for the readonly role
-            EXECUTE format('GRANT USAGE ON SCHEMA %I TO %I', schema_record.schema_name, '{{ $database }}_readonly');
-            EXECUTE format('GRANT SELECT ON ALL TABLES IN SCHEMA %I TO %I', schema_record.schema_name, '{{ $database }}_readonly');
-            EXECUTE format('GRANT USAGE ON ALL SEQUENCES IN SCHEMA %I TO %I', schema_record.schema_name, '{{ $database }}_readonly');
-            EXECUTE format('GRANT EXECUTE ON ALL FUNCTIONS IN SCHEMA %I TO %I', schema_record.schema_name, '{{ $database }}_readonly');
-            EXECUTE format('ALTER DEFAULT PRIVILEGES IN SCHEMA %I GRANT SELECT ON TABLES TO %I', schema_record.schema_name, '{{ $database }}_readonly');
-            EXECUTE format('ALTER DEFAULT PRIVILEGES IN SCHEMA %I GRANT USAGE ON SEQUENCES TO %I', schema_record.schema_name, '{{ $database }}_readonly');
-            EXECUTE format('ALTER DEFAULT PRIVILEGES IN SCHEMA %I GRANT EXECUTE ON FUNCTIONS TO %I', schema_record.schema_name, '{{ $database }}_readonly');
+        FOR r IN
+            select 'ALTER TABLE "' || table_schema || '"."' || table_name || '" OWNER TO ' || v_new_owner || ';' as a from information_schema.tables where table_schema = v_schema
+            union all
+            select 'ALTER TABLE "' || sequence_schema || '"."' || sequence_name || '" OWNER TO ' || v_new_owner || ';' as a from information_schema.sequences where sequence_schema = v_schema
+            union all
+            select 'ALTER TABLE "' || table_schema || '"."' || table_name || '" OWNER TO ' || v_new_owner || ';' as a from information_schema.views where table_schema = v_schema
+            union all
+            select 'ALTER FUNCTION "'||nsp.nspname||'"."'||p.proname||'"('||pg_get_function_identity_arguments(p.oid)||') OWNER TO ' || v_new_owner || ';' as a from pg_proc p join pg_namespace nsp ON p.pronamespace = nsp.oid where nsp.nspname = v_schema
+        LOOP
+            EXECUTE r.a;
         END LOOP;
     END$$;
+    ALTER DATABASE {{ $database }} OWNER TO {{ $database }}_admin;
+    ALTER SCHEMA public OWNER TO {{ $database }}_admin;
+    GRANT ALL ON SCHEMA public TO {{ $database }}_admin;
+    GRANT ALL ON ALL TABLES IN SCHEMA public TO {{ $database }}_admin;
+    GRANT ALL ON ALL SEQUENCES IN SCHEMA public TO {{ $database }}_admin;
+    GRANT ALL ON ALL FUNCTIONS IN SCHEMA public TO {{ $database }}_admin;
+    ALTER DEFAULT PRIVILEGES IN SCHEMA public GRANT ALL ON TABLES TO {{ $database }}_admin;
+    ALTER DEFAULT PRIVILEGES IN SCHEMA public GRANT ALL ON SEQUENCES TO {{ $database }}_admin;
+    ALTER DEFAULT PRIVILEGES IN SCHEMA public GRANT ALL ON FUNCTIONS TO {{ $database }}_admin;
     EOT
 
-    echo "== setup event trigger for schema creation"
+    # readonly
     psql -v ON_ERROR_STOP=1 --echo-all -d "{{ $database }}" <<\EOT
-    CREATE OR REPLACE FUNCTION auto_grant_schema_privileges()
-    RETURNS event_trigger LANGUAGE plpgsql AS $$
-    DECLARE
-      obj record;
-    BEGIN
-      FOR obj IN SELECT * FROM pg_event_trigger_ddl_commands() WHERE command_tag = 'CREATE SCHEMA' LOOP
-        EXECUTE format('ALTER SCHEMA %I OWNER TO %I', obj.object_identity, '{{ $database }}_admin');
-        EXECUTE format('GRANT ALL ON SCHEMA %I TO %I', obj.object_identity, '{{ $database }}_admin');
-        EXECUTE format('GRANT USAGE ON SCHEMA %I TO %I', obj.object_identity, '{{ $database }}_readonly');
-        EXECUTE format('GRANT SELECT ON ALL TABLES IN SCHEMA %I TO %I', obj.object_identity, '{{ $database }}_readonly');
-        EXECUTE format('GRANT USAGE ON ALL SEQUENCES IN SCHEMA %I TO %I', obj.object_identity, '{{ $database }}_readonly');
-        EXECUTE format('GRANT EXECUTE ON ALL FUNCTIONS IN SCHEMA %I TO %I', obj.object_identity, '{{ $database }}_readonly');
-
-        -- Set owner for schema
-        EXECUTE format('ALTER SCHEMA %I OWNER TO %I', obj.object_identity, '{{ $database }}_admin');
-
-        -- Set privileges for admin role
-        EXECUTE format('GRANT ALL ON SCHEMA %I TO %I', obj.object_identity, '{{ $database }}_admin');
-        EXECUTE format('ALTER DEFAULT PRIVILEGES IN SCHEMA %I GRANT ALL ON TABLES TO %I', obj.object_identity, '{{ $database }}_admin');
-        EXECUTE format('ALTER DEFAULT PRIVILEGES IN SCHEMA %I GRANT ALL ON SEQUENCES TO %I', obj.object_identity, '{{ $database }}_admin');
-        EXECUTE format('ALTER DEFAULT PRIVILEGES IN SCHEMA %I GRANT ALL ON FUNCTIONS TO %I', obj.object_identity, '{{ $database }}_admin');
-
-        -- Set privileges for readonly role
-        EXECUTE format('GRANT USAGE ON SCHEMA %I TO %I', obj.object_identity, '{{ $database }}_readonly');
-        EXECUTE format('GRANT SELECT ON ALL TABLES IN SCHEMA %I TO %I', obj.object_identity, '{{ $database }}_readonly');
-        EXECUTE format('GRANT USAGE ON ALL SEQUENCES IN SCHEMA %I TO %I', obj.object_identity, '{{ $database }}_readonly');
-        EXECUTE format('GRANT EXECUTE ON ALL FUNCTIONS IN SCHEMA %I TO %I', obj.object_identity, '{{ $database }}_readonly');
-        EXECUTE format('ALTER DEFAULT PRIVILEGES IN SCHEMA %I GRANT SELECT ON TABLES TO %I', obj.object_identity, '{{ $database }}_readonly');
-        EXECUTE format('ALTER DEFAULT PRIVILEGES IN SCHEMA %I GRANT USAGE ON SEQUENCES TO %I', obj.object_identity, '{{ $database }}_readonly');
-        EXECUTE format('ALTER DEFAULT PRIVILEGES IN SCHEMA %I GRANT EXECUTE ON FUNCTIONS TO %I', obj.object_identity, '{{ $database }}_readonly');
-      END LOOP;
-    END;
-    $$;
-
-    DROP EVENT TRIGGER IF EXISTS trigger_auto_grant;
-    CREATE EVENT TRIGGER trigger_auto_grant ON ddl_command_end
-    WHEN TAG IN ('CREATE SCHEMA')
-    EXECUTE PROCEDURE auto_grant_schema_privileges();
+    GRANT CONNECT ON DATABASE {{ $database }} TO {{ $database }}_readonly;
+    GRANT USAGE ON SCHEMA public TO {{ $database }}_readonly;
+    GRANT SELECT ON ALL TABLES IN SCHEMA public TO {{ $database }}_readonly;
+    GRANT USAGE ON ALL SEQUENCES IN SCHEMA public TO {{ $database }}_readonly;
+    GRANT EXECUTE ON ALL FUNCTIONS IN SCHEMA public TO {{ $database }}_readonly;
+    ALTER DEFAULT PRIVILEGES IN SCHEMA public GRANT SELECT ON TABLES TO {{ $database }}_readonly;
+    ALTER DEFAULT PRIVILEGES IN SCHEMA public GRANT USAGE ON SEQUENCES TO {{ $database }}_readonly;
+    ALTER DEFAULT PRIVILEGES IN SCHEMA public GRANT EXECUTE ON FUNCTIONS TO {{ $database }}_readonly;
     EOT
     {{- end }}
 

packages/apps/rabbitmq/.helmignore

@@ -1,3 +1,23 @@
-.helmignore
-/logos
-/Makefile
+# Patterns to ignore when building packages.
+# This supports shell glob matching, relative path matching, and
+# negation (prefixed with !). Only one pattern per line.
+.DS_Store
+# Common VCS dirs
+.git/
+.gitignore
+.bzr/
+.bzrignore
+.hg/
+.hgignore
+.svn/
+# Common backup files
+*.swp
+*.bak
+*.tmp
+*.orig
+*~
+# Various IDEs
+.project
+.idea/
+*.tmproj
+.vscode/

packages/apps/rabbitmq/Chart.yaml

@@ -1,7 +1,7 @@
 apiVersion: v2
 name: rabbitmq
 description: Managed RabbitMQ service
-icon: /logos/rabbitmq.svg
+icon: https://static-00.iconduck.com/assets.00/rabbitmq-icon-484x512-s9lfaapn.png
 
 # A chart can be either an 'application' or a 'library' chart.
 #

packages/apps/rabbitmq/logos/rabbitmq.svg

@@ -1,2 +0,0 @@
-<?xml version="1.0" encoding="utf-8"?><!-- Uploaded to: SVG Repo, www.svgrepo.com, Generator: SVG Repo Mixer Tools -->
-<svg width="800px" height="800px" viewBox="-7.5 0 271 271" xmlns="http://www.w3.org/2000/svg" preserveAspectRatio="xMidYMid"><path d="M245.44 108.308h-85.09a7.738 7.738 0 0 1-7.735-7.734v-88.68C152.615 5.327 147.29 0 140.726 0h-30.375c-6.568 0-11.89 5.327-11.89 11.894v88.143c0 4.573-3.697 8.29-8.27 8.31l-27.885.133c-4.612.025-8.359-3.717-8.35-8.325l.173-88.241C54.144 5.337 48.817 0 42.24 0H11.89C5.321 0 0 5.327 0 11.894V260.21c0 5.834 4.726 10.56 10.555 10.56H245.44c5.834 0 10.56-4.726 10.56-10.56V118.868c0-5.834-4.726-10.56-10.56-10.56zm-39.902 93.233c0 7.645-6.198 13.844-13.843 13.844H167.69c-7.646 0-13.844-6.199-13.844-13.844v-24.005c0-7.646 6.198-13.844 13.844-13.844h24.005c7.645 0 13.843 6.198 13.843 13.844v24.005z" fill="#F60"/></svg>

packages/apps/redis/.helmignore

@@ -1,3 +1,23 @@
-.helmignore
-/logos
-/Makefile
+# Patterns to ignore when building packages.
+# This supports shell glob matching, relative path matching, and
+# negation (prefixed with !). Only one pattern per line.
+.DS_Store
+# Common VCS dirs
+.git/
+.gitignore
+.bzr/
+.bzrignore
+.hg/
+.hgignore
+.svn/
+# Common backup files
+*.swp
+*.bak
+*.tmp
+*.orig
+*~
+# Various IDEs
+.project
+.idea/
+*.tmproj
+.vscode/

packages/apps/redis/Chart.yaml

@@ -1,7 +1,7 @@
 apiVersion: v2
 name: redis
 description: Managed Redis service
-icon: /logos/redis.svg
+icon: https://cdn4.iconfinder.com/data/icons/redis-2/1451/Untitled-2-512.png
 
 # A chart can be either an 'application' or a 'library' chart.
 #

packages/apps/redis/logos/redis.svg

@@ -1,2 +0,0 @@
-<?xml version="1.0" encoding="utf-8"?><!-- Uploaded to: SVG Repo, www.svgrepo.com, Generator: SVG Repo Mixer Tools -->
-<svg width="800px" height="800px" viewBox="0 -18 256 256" xmlns="http://www.w3.org/2000/svg" preserveAspectRatio="xMinYMin meet"><path d="M245.97 168.943c-13.662 7.121-84.434 36.22-99.501 44.075-15.067 7.856-23.437 7.78-35.34 2.09-11.902-5.69-87.216-36.112-100.783-42.597C3.566 169.271 0 166.535 0 163.951v-25.876s98.05-21.345 113.879-27.024c15.828-5.679 21.32-5.884 34.79-.95 13.472 4.936 94.018 19.468 107.331 24.344l-.006 25.51c.002 2.558-3.07 5.364-10.024 8.988" fill="#912626"/><path d="M245.965 143.22c-13.661 7.118-84.431 36.218-99.498 44.072-15.066 7.857-23.436 7.78-35.338 2.09-11.903-5.686-87.214-36.113-100.78-42.594-13.566-6.485-13.85-10.948-.524-16.166 13.326-5.22 88.224-34.605 104.055-40.284 15.828-5.677 21.319-5.884 34.789-.948 13.471 4.934 83.819 32.935 97.13 37.81 13.316 4.881 13.827 8.9.166 16.02" fill="#C6302B"/><path d="M245.97 127.074c-13.662 7.122-84.434 36.22-99.501 44.078-15.067 7.853-23.437 7.777-35.34 2.087-11.903-5.687-87.216-36.112-100.783-42.597C3.566 127.402 0 124.67 0 122.085V96.206s98.05-21.344 113.879-27.023c15.828-5.679 21.32-5.885 34.79-.95C162.142 73.168 242.688 87.697 256 92.574l-.006 25.513c.002 2.557-3.07 5.363-10.024 8.987" fill="#912626"/><path d="M245.965 101.351c-13.661 7.12-84.431 36.218-99.498 44.075-15.066 7.854-23.436 7.777-35.338 2.087-11.903-5.686-87.214-36.112-100.78-42.594-13.566-6.483-13.85-10.947-.524-16.167C23.151 83.535 98.05 54.148 113.88 48.47c15.828-5.678 21.319-5.884 34.789-.949 13.471 4.934 83.819 32.933 97.13 37.81 13.316 4.88 13.827 8.9.166 16.02" fill="#C6302B"/><path d="M245.97 83.653c-13.662 7.12-84.434 36.22-99.501 44.078-15.067 7.854-23.437 7.777-35.34 2.087-11.903-5.687-87.216-36.113-100.783-42.595C3.566 83.98 0 81.247 0 78.665v-25.88s98.05-21.343 113.879-27.021c15.828-5.68 21.32-5.884 34.79-.95C162.142 29.749 242.688 44.278 256 49.155l-.006 25.512c.002 2.555-3.07 5.361-10.024 8.986" fill="#912626"/><path d="M245.965 57.93c-13.661 7.12-84.431 36.22-99.498 44.074-15.066 7.854-23.436 7.777-35.338 2.09C99.227 98.404 23.915 67.98 10.35 61.497-3.217 55.015-3.5 50.55 9.825 45.331 23.151 40.113 98.05 10.73 113.88 5.05c15.828-5.679 21.319-5.883 34.789-.948 13.471 4.935 83.819 32.934 97.13 37.811 13.316 4.876 13.827 8.897.166 16.017" fill="#C6302B"/><path d="M159.283 32.757l-22.01 2.285-4.927 11.856-7.958-13.23-25.415-2.284 18.964-6.839-5.69-10.498 17.755 6.944 16.738-5.48-4.524 10.855 17.067 6.391M131.032 90.275L89.955 73.238l58.86-9.035-17.783 26.072M74.082 39.347c17.375 0 31.46 5.46 31.46 12.194 0 6.736-14.085 12.195-31.46 12.195s-31.46-5.46-31.46-12.195c0-6.734 14.085-12.194 31.46-12.194" fill="#FFF"/><path d="M185.295 35.998l34.836 13.766-34.806 13.753-.03-27.52" fill="#621B1C"/><path d="M146.755 51.243l38.54-15.245.03 27.519-3.779 1.478-34.791-13.752" fill="#9A2928"/></svg>

packages/apps/tcp-balancer/.helmignore

@@ -1,3 +1,23 @@
-.helmignore
-/logos
-/Makefile
+# Patterns to ignore when building packages.
+# This supports shell glob matching, relative path matching, and
+# negation (prefixed with !). Only one pattern per line.
+.DS_Store
+# Common VCS dirs
+.git/
+.gitignore
+.bzr/
+.bzrignore
+.hg/
+.hgignore
+.svn/
+# Common backup files
+*.swp
+*.bak
+*.tmp
+*.orig
+*~
+# Various IDEs
+.project
+.idea/
+*.tmproj
+.vscode/

packages/apps/tcp-balancer/Chart.yaml

@@ -1,7 +1,7 @@
 apiVersion: v2
 name: tcp-balancer
 description: Layer4 load balancer service
-icon: /logos/haproxy.svg
+icon: https://cdn.icon-icons.com/icons2/2699/PNG/512/haproxy_logo_icon_171017.png
 
 # A chart can be either an 'application' or a 'library' chart.
 #

packages/apps/tcp-balancer/logos/haproxy.svg

@@ -1,165 +0,0 @@
-<?xml version="1.0" encoding="utf-8"?>
-<!-- Generator: Adobe Illustrator 23.0.1, SVG Export Plug-In . SVG Version: 6.00 Build 0)  -->
-<svg version="1.1" id="Layer_1" xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink" x="0px" y="0px"
-	 viewBox="0 0 1000 1000" style="enable-background:new 0 0 1000 1000;" xml:space="preserve">
-<style type="text/css">
-	.st0{fill:none;stroke:#284B6B;stroke-width:0.26;stroke-miterlimit:10;}
-	.st1{fill:none;stroke:#284B6B;stroke-width:0.13;stroke-miterlimit:10;}
-	.st2{fill:none;stroke:#25415E;stroke-width:0.101;stroke-miterlimit:10;}
-	.st3{fill:#286EA5;}
-	.st4{fill:#3579BC;}
-	.st5{fill:#199BD6;}
-	.st6{fill:#00A8DA;}
-</style>
-<g>
-	<g>
-		<g>
-			<path class="st0" d="M499.6,370.8L396.2,253.9"/>
-			<path class="st1" d="M173.5,280.9l80.9,118.2"/>
-			<g>
-				<path class="st0" d="M499.6,371l102.3-118.2 M623.2,501.4l121.4-102.3 M623.2,501.2L744.6,608 M603,742.9L499.6,628.2
-					 M396.2,742.9l103.4-114.6 M254.5,603.5l116.9-102.3 M254.6,398.9l116.9,102.3 M499.6,370.8l-245,28.1 M499.6,370.8l245,28.1"/>
-				<path class="st0" d="M623.2,501.2l-21.4-248.4 M623.2,501.2L603,742.8"/>
-				<path class="st0" d="M744.6,608l-245,20.2 M254.5,603.5l245,24.9"/>
-				<path class="st0" d="M396.2,742.9l-24.9-241.6 M396.2,253.9l-24.9,247.3"/>
-			</g>
-			<g>
-				<path class="st1" d="M142.1,430.4l112.4-31.5 M278.1,169.6l118.2,84.3 M423.1,116.8l-27,137.1 M423.1,116.8l178.7,136"/>
-				<path class="st1" d="M574.9,116.8l27,136 M719.9,169.6l-118.2,83.2 M825.5,280.9l-223.7-28.1 M744.6,398.9l80.9-118.2
-					 M744.6,398.9l114.6,31.5"/>
-				<path class="st1" d="M744.6,398.9L857,569.7 M574.9,116.8L396.2,253.9"/>
-				<path class="st1" d="M744.6,398.9l-24.9-229.3 M744.6,608L857,569.7"/>
-				<path class="st1" d="M744.6,608l114.6-177.6 M744.6,608l80.9,109 M744.6,608l-24.9,220.3 M603,742.9l116.9,85.4"/>
-				<path class="st1" d="M603,742.9L825.5,717 M603,742.9l-26.8,138.1 M603,742.9L423.1,880.9 M396.2,742.9l27,138.4"/>
-				<path class="st1" d="M396.2,742.9l180,138.1 M396.3,742.9l-118.2,85.4 M396.3,742.9l-222.9-24.8 M254.5,603.5l-81.1,114.6"/>
-				<path class="st1" d="M254.5,603.5l23.6,224.8 M254.5,603.5L141,568.6 M254.5,398.9L141,568.6"/>
-				<path class="st1" d="M254.5,603.5L142.1,430.4 M278.1,169.6l-23.6,229.3"/>
-				<path class="st1" d="M173.5,280.9l222.5-27"/>
-			</g>
-		</g>
-		<g>
-			<path class="st2" d="M278.1,169.6l-86.5-40.5 M278.1,169.6l-6.7-94.4 M423.1,116.8L271.4,75.2"/>
-			<path class="st2" d="M423.1,116.8L358,37 M423.1,116.8l27-95.7 M278.1,169.6L357.9,37 M574.9,116.8L450.1,21.1"/>
-			<path class="st2" d="M574.9,116.8l-28.2-98.9 M423,116.8l123.6-98.9 M574.9,116.8L640.1,37 M719.9,169.6L639.9,37"/>
-			<path class="st2" d="M719.9,169.6l7.9-94.4 M574.9,116.8l152.8-41.6 M719.9,169.6l88.6-45 M719.9,169.6l154,23.6"/>
-			<path class="st2" d="M825.5,280.9l48.3-87.7 M825.5,280.9l-16.9-156.2 M825.5,280.9l101.2-7.9 M825.5,280.9l138.4,78.7"/>
-			<path class="st2" d="M859.2,430.4L926.7,273 M859.2,430.4l104.5-70.8 M859.2,430.4L976.1,454 M857,569.7L976.1,454"/>
-			<path class="st2" d="M857,569.7l122.5-22.5 M859.2,430.4l120.3,116.9 M857,569.7l104.5,69.7 M825.5,717l136-77.6"/>
-			<path class="st2" d="M825.5,717l100,10.1 M857.1,569.7l68.4,157.3 M825.7,717l47.2,88.6 M825.7,717l-18,155.1"/>
-			<path class="st2" d="M807.5,872.1l-87.7-43.8 M719.9,828.3l6.7,98 M719.9,828.3l152.8-22.5 M719.9,828.3l-79.9,134.9"/>
-			<path class="st2" d="M576.2,880.9l63.7,82 M576.2,880.9l150.6,45 M576.2,880.9l-29.5,101.2 M576.2,880.9L450.3,982.1"/>
-			<path class="st2" d="M423.1,880.9l27,101.2 M423.1,880.9l123.5,101.2 M423.1,880.9l-64.1,82 M278.1,828.3l80.9,134.9"/>
-			<path class="st2" d="M423.1,880.9l-152.8,47.2 M278.1,828.3l-7.9,100 M278.1,828.3l-87.7,48.3 M173.5,718.1l16.9,158.5"/>
-			<path class="st2" d="M278.1,828.3l-154-21.3 M173.5,718.1L124,806.7 M173.5,718.1L72.3,728.2 M173.5,718.1L34.3,640.6 M141,568.6
-				L34.3,640.6 M141,568.6L19.6,547.3"/>
-			<path class="st2" d="M141,568.6L72.6,728.2 M142.1,430.4L19.6,547.3"/>
-			<path class="st2" d="M141,568.6L19.6,454 M142.2,430.4L37.6,360.7"/>
-			<path class="st2" d="M142.1,430.4L19.6,454 M142.1,430.4L72.5,273"/>
-			<path class="st2" d="M173.5,280.9L72.3,273 M173.5,280.9L37.6,360.7 M173.5,280.9l-48.2-83.2 M173.5,280.9l18-151.7"/>
-			<path class="st2" d="M278.1,169.6l-152.9,28.1"/>
-		</g>
-	</g>
-	<path class="st3" d="M311.3,559.6l0.8-118.2l118.2,0.8l-0.8,118.2L311.3,559.6z M439.2,429.5l0.8-118.2l118.2,0.8l-0.8,118.2
-		L439.2,429.5z M439.2,688.6l0.8-118.2l118.2,0.8l-0.8,118.2L439.2,688.6z M568.2,558.5l0.8-118.2l118.2,0.8l-0.8,118.2L568.2,558.5
-		z"/>
-	<path class="st4" d="M561.4,293.9l0.6-82l82.4,0.6l-0.6,82L561.4,293.9z M355.4,293.9l0.6-82l82.4,0.6l-0.6,82L355.4,293.9z
-		 M212.8,440l0.6-82l82.4,0.6l-0.6,82L212.8,440z M212.7,646.2l0.9-82l82.4,0.9l-0.9,82L212.7,646.2z M704,644.6l0.6-82l82.4,0.6
-		l-0.6,82L704,644.6z M705.6,440.6l0.9-82l82.4,0.9l-0.9,82L705.6,440.6z"/>
-	<path class="st5" d="M146,307.7l0.4-54l53.8,0.4l-0.4,54L146,307.7z M251.3,197.9l0.4-54l53.8,0.4l-0.4,54L251.3,197.9z
-		 M396.2,143.6l0.4-54l53.8,0.4l-0.4,54L396.2,143.6z M114.3,457.1l0.4-54l53.5,0.4l-0.4,54L114.3,457.1z M798.3,254.5l54-0.4
-		l0.4,53.8l-54,0.4L798.3,254.5z M693,142.8l54-0.4l0.4,53.8l-54,0.4L693,142.8z M547.6,89.9l54-0.4l0.4,53.8l-54,0.4L547.6,89.9z
-		 M829.7,403.7l54-0.4l0.4,53.8l-54,0.4L829.7,403.7z"/>
-	<path class="st4" d="M354.3,786.1l0.6-82l82.4,0.6l-0.6,82L354.3,786.1z M560.3,786.1l0.6-82l82.4,0.6l-0.6,82L560.3,786.1z"/>
-	<path class="st5" d="M797.9,744.6l0.4-54l53.8,0.4l-0.4,54L797.9,744.6z M693.8,855.5l0.4-54l53.8,0.4l-0.4,54L693.8,855.5z
-		 M548.9,908.7l0.4-54l53.8,0.4l-0.4,54L548.9,908.7z M829.6,595.2l0.4-54l53.8,0.4l-0.4,54L829.6,595.2z M146.1,690.6l54-0.4
-		l0.4,53.8l-54,0.4L146.1,690.6z M251.4,801.1l54-0.4l0.4,53.8l-54,0.4L251.4,801.1z M395.6,854.1l54-0.4l0.4,53.8l-54,0.4
-		L395.6,854.1z M114.7,541.4l54-0.4l0.4,53.8l-54,0.4L114.7,541.4z"/>
-	<g>
-		<g>
-			<path id="B" class="st6" d="M911.1,287.5l0.2-29.2l29.8,0.2l-0.2,29.2L911.1,287.5z"/>
-		</g>
-		<g>
-			<path class="st6" d="M949.6,375.8l0.2-29.2l29.8,0.2l-0.2,29.2L949.6,375.8z"/>
-		</g>
-		<g>
-			<path class="st6" d="M859.1,209.4l0.2-29.2l29.8,0.2l-0.2,29.2L859.1,209.4z"/>
-		</g>
-		<g>
-			<path class="st6" d="M176.6,142.6l0.2-29.2l29.8,0.2l-0.2,29.2L176.6,142.6z"/>
-		</g>
-		<g>
-			<path class="st6" d="M5.7,468.5l0.2-29.2l29.8,0.2l-0.2,29.2L5.7,468.5z"/>
-		</g>
-		<g>
-			<path class="st6" d="M793.4,142.6l0.2-29.2l29.8,0.2l-0.2,29.2L793.4,142.6z"/>
-		</g>
-		<g>
-			<path class="st6" d="M22.7,375.7l0.2-29.2l29.8,0.2l-0.2,29.2L22.7,375.7z"/>
-		</g>
-		<g>
-			<path class="st6" d="M344.1,52.1l0.2-29.2l29.8,0.2l-0.2,29.2L344.1,52.1z"/>
-		</g>
-		<g>
-			<path class="st6" d="M58.9,287.5l0.2-29.2l29.8,0.2l-0.2,29.2L58.9,287.5z"/>
-		</g>
-		<g>
-			<path class="st6" d="M112.1,208.3l0.2-29.2l29.8,0.2l-0.2,29.2L112.1,208.3z"/>
-		</g>
-		<path class="st6" d="M256.3,60.5l29.2-0.2l0.2,29.8l-29.2,0.2L256.3,60.5z M436.9,3l29.2-0.2l0.2,29.8l-29.2,0.2L436.9,3z"/>
-		<g>
-			<path class="st6" d="M714.2,90.5l0.2-29.2l29.8,0.2L744,90.7L714.2,90.5z"/>
-		</g>
-		<g>
-			<path class="st6" d="M964.3,467.4l0.2-29.2l29.8,0.2l-0.2,29.2L964.3,467.4z"/>
-		</g>
-		<path class="st6" d="M532,31.7l0.2-29.2L562,2.7l-0.2,29.2L532,31.7z"/>
-		<g>
-			<path class="st6" d="M624.8,50.9l0.2-29.2l29.8,0.2l-0.2,29.2L624.8,50.9z"/>
-		</g>
-		<g>
-			<path class="st6" d="M793.4,887.3l0.2-29.2l29.8,0.2l-0.2,29.2L793.4,887.3z"/>
-		</g>
-		<g>
-			<path class="st6" d="M964.3,561.4l0.2-29.2l29.8,0.2l-0.2,29.2L964.3,561.4z"/>
-		</g>
-		<g>
-			<path class="st6" d="M176.6,887.3l0.2-29.2l29.8,0.2l-0.2,29.2L176.6,887.3z"/>
-		</g>
-		<g>
-			<path class="st6" d="M949.6,655.5l0.2-29.2l29.8,0.2l-0.2,29.2L949.6,655.5z"/>
-		</g>
-		<g>
-			<path class="st6" d="M624.8,979l0.2-29.2l29.8,0.2l-0.2,29.2L624.8,979z"/>
-		</g>
-		<g>
-			<path class="st6" d="M911.1,743.6l0.2-29.2l29.8,0.2l-0.2,29.2L911.1,743.6z"/>
-		</g>
-		<g>
-			<path class="st6" d="M859.1,822.8l0.2-29.2l29.8,0.2l-0.2,29.2L859.1,822.8z"/>
-		</g>
-		<path class="st6" d="M713,912.6l29.2-0.2l0.2,29.8l-29.2,0.2L713,912.6z M533.5,967.7l29.2-0.2l0.2,29.8l-29.2,0.2L533.5,967.7z"
-			/>
-		<g>
-			<path class="st6" d="M256.9,942.8l0.2-29.2l29.8,0.2l-0.2,29.2L256.9,942.8z"/>
-		</g>
-		<g>
-			<path class="st6" d="M57.7,742.5l0.2-29.2l29.8,0.2l-0.2,29.2L57.7,742.5z"/>
-		</g>
-		<g>
-			<path class="st6" d="M22.6,655.3l0.2-29.2l29.8,0.2l-0.2,29.2L22.6,655.3z"/>
-		</g>
-		<g>
-			<path class="st6" d="M110.9,822.8l0.2-29.2l29.8,0.2l-0.2,29.2L110.9,822.8z"/>
-		</g>
-		<g>
-			<path class="st6" d="M5.7,561.4l0.2-29.2l29.8,0.2l-0.2,29.2L5.7,561.4z"/>
-		</g>
-		<g>
-			<path class="st6" d="M438,997.1l0.2-29.2l29.8,0.2l-0.2,29.2L438,997.1z"/>
-		</g>
-		<g>
-			<path class="st6" d="M342.9,977.9l0.2-29.2l29.8,0.2l-0.2,29.2L342.9,977.9z"/>
-		</g>
-	</g>
-</g>
-</svg>

packages/apps/tenant/.helmignore

@@ -1,3 +0,0 @@
-.helmignore
-/logos
-/Makefile

packages/apps/tenant/Chart.yaml

@@ -1,7 +1,7 @@
 apiVersion: v2
 name: tenant
 description: Separated tenant namespace
-icon: /logos/tenant.svg
+icon: https://upload.wikimedia.org/wikipedia/commons/0/04/User_icon_1.svg
 
 type: application
-version: 1.3.1
+version: 1.2.0

packages/apps/tenant/README.md

@@ -56,4 +56,3 @@ tenant-u1
 | `etcd`       | Deploy own Etcd cluster                                                                                                     | `false` |
 | `monitoring` | Deploy own Monitoring Stack                                                                                                 | `false` |
 | `ingress`    | Deploy own Ingress Controller                                                                                               | `false` |
-| `isolated`   | Enforce tenant namespace with network policies                                                                              | `false` |

packages/apps/tenant/logos/tenant.svg

@@ -1,351 +0,0 @@
-<?xml version="1.0" encoding="UTF-8" standalone="no"?>
-<!-- Created with Inkscape (http://www.inkscape.org/) -->
-<svg
-   xmlns:svg="http://www.w3.org/2000/svg"
-   xmlns="http://www.w3.org/2000/svg"
-   xmlns:xlink="http://www.w3.org/1999/xlink"
-   xmlns:sodipodi="http://sodipodi.sourceforge.net/DTD/sodipodi-0.dtd"
-   xmlns:inkscape="http://www.inkscape.org/namespaces/inkscape"
-   width="48px"
-   height="48px"
-   id="svg2108"
-   sodipodi:version="0.32"
-   inkscape:version="0.44.1"
-   sodipodi:docbase="/Users/bdesham/Downloads"
-   sodipodi:docname="System-users.svg">
-  <defs
-     id="defs3">
-    <linearGradient
-       inkscape:collect="always"
-       id="linearGradient4356">
-      <stop
-         style="stop-color:#000000;stop-opacity:1;"
-         offset="0"
-         id="stop4358" />
-      <stop
-         style="stop-color:#000000;stop-opacity:0;"
-         offset="1"
-         id="stop4360" />
-    </linearGradient>
-    <linearGradient
-       id="linearGradient4344">
-      <stop
-         style="stop-color:#727e0a;stop-opacity:1;"
-         offset="0"
-         id="stop4346" />
-      <stop
-         style="stop-color:#5b6508;stop-opacity:1.0000000;"
-         offset="1.0000000"
-         id="stop4348" />
-    </linearGradient>
-    <linearGradient
-       id="linearGradient4338">
-      <stop
-         id="stop4340"
-         offset="0.0000000"
-         style="stop-color:#e9b15e;stop-opacity:1.0000000;" />
-      <stop
-         id="stop4342"
-         offset="1.0000000"
-         style="stop-color:#966416;stop-opacity:1.0000000;" />
-    </linearGradient>
-    <linearGradient
-       id="linearGradient4163">
-      <stop
-         style="stop-color:#3b74bc;stop-opacity:1.0000000;"
-         offset="0.0000000"
-         id="stop4165" />
-      <stop
-         style="stop-color:#2d5990;stop-opacity:1.0000000;"
-         offset="1.0000000"
-         id="stop4167" />
-    </linearGradient>
-    <linearGradient
-       id="linearGradient3824">
-      <stop
-         style="stop-color:#ffffff;stop-opacity:1;"
-         offset="0"
-         id="stop3826" />
-      <stop
-         style="stop-color:#c9c9c9;stop-opacity:1.0000000;"
-         offset="1.0000000"
-         id="stop3828" />
-    </linearGradient>
-    <linearGradient
-       inkscape:collect="always"
-       id="linearGradient3816">
-      <stop
-         style="stop-color:#000000;stop-opacity:1;"
-         offset="0"
-         id="stop3818" />
-      <stop
-         style="stop-color:#000000;stop-opacity:0;"
-         offset="1"
-         id="stop3820" />
-    </linearGradient>
-    <linearGradient
-       id="linearGradient3800">
-      <stop
-         style="stop-color:#f4d9b1;stop-opacity:1.0000000;"
-         offset="0.0000000"
-         id="stop3802" />
-      <stop
-         style="stop-color:#df9725;stop-opacity:1.0000000;"
-         offset="1.0000000"
-         id="stop3804" />
-    </linearGradient>
-    <radialGradient
-       inkscape:collect="always"
-       xlink:href="#linearGradient3800"
-       id="radialGradient3806"
-       cx="29.344931"
-       cy="17.064077"
-       fx="29.344931"
-       fy="17.064077"
-       r="9.1620579"
-       gradientUnits="userSpaceOnUse" />
-    <linearGradient
-       inkscape:collect="always"
-       xlink:href="#linearGradient3824"
-       id="linearGradient4175"
-       gradientUnits="userSpaceOnUse"
-       x1="30.935921"
-       y1="29.553486"
-       x2="30.935921"
-       y2="35.803486"
-       gradientTransform="translate(0.707108,0.000000)" />
-    <linearGradient
-       inkscape:collect="always"
-       xlink:href="#linearGradient3824"
-       id="linearGradient4326"
-       gradientUnits="userSpaceOnUse"
-       gradientTransform="translate(-12.41789,-7.000000)"
-       x1="30.935921"
-       y1="29.553486"
-       x2="30.935921"
-       y2="35.803486" />
-    <linearGradient
-       inkscape:collect="always"
-       xlink:href="#linearGradient3824"
-       id="linearGradient4332"
-       gradientUnits="userSpaceOnUse"
-       x1="30.935921"
-       y1="29.553486"
-       x2="30.935921"
-       y2="35.803486"
-       gradientTransform="translate(-13.12500,-7.000000)" />
-    <radialGradient
-       inkscape:collect="always"
-       xlink:href="#linearGradient4344"
-       id="radialGradient4350"
-       cx="16.214741"
-       cy="19.836468"
-       fx="16.214741"
-       fy="19.836468"
-       r="13.565360"
-       gradientTransform="matrix(1.000000,0.000000,0.000000,0.681917,0.000000,8.233773)"
-       gradientUnits="userSpaceOnUse" />
-    <linearGradient
-       inkscape:collect="always"
-       xlink:href="#linearGradient4356"
-       id="linearGradient4372"
-       gradientUnits="userSpaceOnUse"
-       gradientTransform="matrix(0.983375,0.181588,-0.181588,0.983375,-7.072120,-9.824920)"
-       x1="20.661695"
-       y1="35.817974"
-       x2="22.626925"
-       y2="36.217758" />
-    <linearGradient
-       inkscape:collect="always"
-       xlink:href="#linearGradient4356"
-       id="linearGradient4374"
-       gradientUnits="userSpaceOnUse"
-       gradientTransform="matrix(-0.977685,0.210075,0.210075,0.977685,41.80576,-11.11866)"
-       x1="22.686766"
-       y1="36.390400"
-       x2="21.408455"
-       y2="35.739632" />
-    <radialGradient
-       inkscape:collect="always"
-       xlink:href="#linearGradient3816"
-       id="radialGradient2058"
-       gradientUnits="userSpaceOnUse"
-       cx="31.112698"
-       cy="19.008621"
-       fx="31.112698"
-       fy="19.008621"
-       r="8.6620579" />
-    <radialGradient
-       inkscape:collect="always"
-       xlink:href="#linearGradient4344"
-       id="radialGradient2060"
-       gradientUnits="userSpaceOnUse"
-       gradientTransform="matrix(1,0,0,0.681917,0,8.233773)"
-       cx="16.214741"
-       cy="19.836468"
-       fx="16.214741"
-       fy="19.836468"
-       r="13.565360" />
-    <radialGradient
-       inkscape:collect="always"
-       xlink:href="#linearGradient3816"
-       id="radialGradient2062"
-       gradientUnits="userSpaceOnUse"
-       cx="31.112698"
-       cy="19.008621"
-       fx="31.112698"
-       fy="19.008621"
-       r="8.6620579" />
-    <radialGradient
-       inkscape:collect="always"
-       xlink:href="#linearGradient4338"
-       id="radialGradient2064"
-       gradientUnits="userSpaceOnUse"
-       gradientTransform="matrix(0.787998,0,0,0.787998,6.221198,3.617627)"
-       cx="29.344931"
-       cy="17.064077"
-       fx="29.344931"
-       fy="17.064077"
-       r="9.1620579" />
-    <linearGradient
-       inkscape:collect="always"
-       xlink:href="#linearGradient3824"
-       id="linearGradient2066"
-       gradientUnits="userSpaceOnUse"
-       gradientTransform="translate(-12.41789,-7)"
-       x1="30.935921"
-       y1="29.553486"
-       x2="30.935921"
-       y2="35.803486" />
-    <linearGradient
-       inkscape:collect="always"
-       xlink:href="#linearGradient4356"
-       id="linearGradient2068"
-       gradientUnits="userSpaceOnUse"
-       gradientTransform="matrix(0.983375,0.181588,-0.181588,0.983375,-7.07212,-9.82492)"
-       x1="20.661695"
-       y1="35.817974"
-       x2="22.626925"
-       y2="36.217758" />
-    <linearGradient
-       inkscape:collect="always"
-       xlink:href="#linearGradient4356"
-       id="linearGradient2070"
-       gradientUnits="userSpaceOnUse"
-       gradientTransform="matrix(-0.977685,0.210075,0.210075,0.977685,41.80576,-11.11866)"
-       x1="22.686766"
-       y1="36.390400"
-       x2="21.408455"
-       y2="35.739632" />
-  </defs>
-  <sodipodi:namedview
-     inkscape:showpageshadow="false"
-     id="base"
-     pagecolor="#ffffff"
-     bordercolor="#666666"
-     borderopacity="1.0"
-     inkscape:pageopacity="0.0"
-     inkscape:pageshadow="2"
-     inkscape:zoom="12.770833"
-     inkscape:cx="24"
-     inkscape:cy="24"
-     inkscape:current-layer="layer1"
-     showgrid="false"
-     inkscape:grid-bbox="true"
-     inkscape:document-units="px"
-     fill="#9db029"
-     stroke="#727e0a"
-     inkscape:window-width="1440"
-     inkscape:window-height="785"
-     inkscape:window-x="0"
-     inkscape:window-y="22" />
-  <g
-     id="layer1"
-     inkscape:label="cipek"
-     inkscape:groupmode="layer"
-     style="display:inline">
-    <g
-       id="g2045"
-       transform="matrix(1.235405,0,0,1.235405,1.932349,-1.424226)">
-      <path
-         d="M 39.774755 19.008621 A 8.6620579 8.6620579 0 1 1  22.45064,19.008621 A 8.6620579 8.6620579 0 1 1  39.774755 19.008621 z"
-         sodipodi:ry="8.6620579"
-         sodipodi:rx="8.6620579"
-         sodipodi:cy="19.008621"
-         sodipodi:cx="31.112698"
-         id="path4177"
-         style="opacity:1;color:black;fill:url(#radialGradient2058);fill-opacity:1;fill-rule:evenodd;stroke:none;stroke-width:1px;stroke-linecap:round;stroke-linejoin:round;marker:none;marker-start:none;marker-mid:none;marker-end:none;stroke-miterlimit:4;stroke-dasharray:none;stroke-dashoffset:0;stroke-opacity:1;visibility:visible;display:inline;overflow:visible"
-         sodipodi:type="arc"
-         transform="matrix(1.77551,0,0,0.959183,-37.37822,11.77153)" />
-      <path
-         sodipodi:nodetypes="cczcczc"
-         id="path2329"
-         d="M 12.861174,34.636039 L 23.467776,34.636039 C 26.47298,34.636039 29.44826,33.534107 30.538843,30.393398 C 31.574482,27.410922 30.71562,21.73134 23.998106,17.135146 L 11.44696,17.135146 C 4.729446,21.377786 3.889969,27.179977 5.436553,30.570174 C 7.012148,34.023964 9.679193,34.636039 12.861174,34.636039 z "
-         style="opacity:1;color:black;fill:url(#radialGradient2060);fill-opacity:1;fill-rule:evenodd;stroke:#404604;stroke-width:1px;stroke-linecap:round;stroke-linejoin:round;marker:none;marker-start:none;marker-mid:none;marker-end:none;stroke-miterlimit:4;stroke-dasharray:none;stroke-dashoffset:0;stroke-opacity:1;visibility:visible;display:inline;overflow:visible" />
-      <path
-         style="opacity:1;color:black;fill:#9db029;fill-opacity:1;fill-rule:evenodd;stroke:none;stroke-width:1px;stroke-linecap:round;stroke-linejoin:round;marker:none;marker-start:none;marker-mid:none;marker-end:none;stroke-miterlimit:4;stroke-dasharray:none;stroke-dashoffset:0;stroke-opacity:1;visibility:visible;display:inline;overflow:visible"
-         d="M 17.932367,19.786797 C 17.932367,19.786797 15.781044,21.447132 15.966376,23.44733 C 13.92515,21.646536 13.866503,18.195806 13.866503,18.195806 L 17.932367,19.786797 z "
-         id="path3812"
-         sodipodi:nodetypes="cccc" />
-      <path
-         style="opacity:0.21518986;color:black;fill:none;fill-opacity:1;fill-rule:evenodd;stroke:white;stroke-width:0.99999976px;stroke-linecap:round;stroke-linejoin:round;marker:none;marker-start:none;marker-mid:none;marker-end:none;stroke-miterlimit:4;stroke-dasharray:none;stroke-dashoffset:0;stroke-opacity:1;visibility:visible;display:inline;overflow:visible"
-         d="M 12.966639,33.571836 L 23.283309,33.571836 C 25.923032,33.571836 28.53647,32.603917 29.494421,29.845169 C 30.40411,27.225409 29.399699,22.236555 23.499142,18.199332 L 11.974417,18.199332 C 6.07386,21.925999 5.086477,27.022551 6.444971,30.000446 C 7.828949,33.0342 10.171638,33.571836 12.966639,33.571836 z "
-         id="path3838"
-         sodipodi:nodetypes="cczcczc" />
-      <path
-         sodipodi:nodetypes="cccc"
-         id="path3810"
-         d="M 18.910795,19.786797 C 18.910795,19.786797 21.062118,21.447132 20.876786,23.44733 C 22.918012,21.646536 22.976659,18.195806 22.976659,18.195806 L 18.910795,19.786797 z "
-         style="opacity:1;color:black;fill:#9db029;fill-opacity:1;fill-rule:evenodd;stroke:none;stroke-width:1px;stroke-linecap:round;stroke-linejoin:round;marker:none;marker-start:none;marker-mid:none;marker-end:none;stroke-miterlimit:4;stroke-dasharray:none;stroke-dashoffset:0;stroke-opacity:1;visibility:visible;display:inline;overflow:visible" />
-      <path
-         transform="translate(-13.25,-3.5)"
-         sodipodi:type="arc"
-         style="opacity:1;color:black;fill:url(#radialGradient2062);fill-opacity:1;fill-rule:evenodd;stroke:none;stroke-width:1px;stroke-linecap:round;stroke-linejoin:round;marker:none;marker-start:none;marker-mid:none;marker-end:none;stroke-miterlimit:4;stroke-dasharray:none;stroke-dashoffset:0;stroke-opacity:1;visibility:visible;display:inline;overflow:visible"
-         id="path3814"
-         sodipodi:cx="31.112698"
-         sodipodi:cy="19.008621"
-         sodipodi:rx="8.6620579"
-         sodipodi:ry="8.6620579"
-         d="M 39.774755 19.008621 A 8.6620579 8.6620579 0 1 1  22.45064,19.008621 A 8.6620579 8.6620579 0 1 1  39.774755 19.008621 z" />
-      <path
-         transform="translate(-13.125,-7)"
-         d="M 39.774755 19.008621 A 8.6620579 8.6620579 0 1 1  22.45064,19.008621 A 8.6620579 8.6620579 0 1 1  39.774755 19.008621 z"
-         sodipodi:ry="8.6620579"
-         sodipodi:rx="8.6620579"
-         sodipodi:cy="19.008621"
-         sodipodi:cx="31.112698"
-         id="path2327"
-         style="opacity:1;color:black;fill:url(#radialGradient2064);fill-opacity:1;fill-rule:evenodd;stroke:#6f4709;stroke-width:1px;stroke-linecap:round;stroke-linejoin:round;marker:none;marker-start:none;marker-mid:none;marker-end:none;stroke-miterlimit:4;stroke-dasharray:none;stroke-dashoffset:0;stroke-opacity:1;visibility:visible;display:inline;overflow:visible"
-         sodipodi:type="arc" />
-      <path
-         transform="matrix(0.877095,0,0,0.877095,-9.301073,-4.663733)"
-         sodipodi:type="arc"
-         style="opacity:0.12658231;color:black;fill:none;fill-opacity:1;fill-rule:evenodd;stroke:white;stroke-width:1.14012825px;stroke-linecap:round;stroke-linejoin:round;marker:none;marker-start:none;marker-mid:none;marker-end:none;stroke-miterlimit:4;stroke-dasharray:none;stroke-dashoffset:0;stroke-opacity:1;visibility:visible;display:inline;overflow:visible"
-         id="path3834"
-         sodipodi:cx="31.112698"
-         sodipodi:cy="19.008621"
-         sodipodi:rx="8.6620579"
-         sodipodi:ry="8.6620579"
-         d="M 39.774755 19.008621 A 8.6620579 8.6620579 0 1 1  22.45064,19.008621 A 8.6620579 8.6620579 0 1 1  39.774755 19.008621 z" />
-      <path
-         id="path4173"
-         d="M 22.583894,27.034641 L 26.826534,27.034641 L 24.351661,24.736544 L 23.821331,25.443651 L 23.291,24.913321 L 22.583894,27.034641 z "
-         style="opacity:1;color:black;fill:url(#linearGradient2066);fill-opacity:1;fill-rule:evenodd;stroke:none;stroke-width:1px;stroke-linecap:round;stroke-linejoin:round;marker:none;marker-start:none;marker-mid:none;marker-end:none;stroke-miterlimit:4;stroke-dasharray:none;stroke-dashoffset:0;stroke-opacity:1;visibility:visible;display:inline;overflow:visible" />
-      <path
-         sodipodi:nodetypes="cccc"
-         id="path4368"
-         d="M 8.5479535,33.601747 C 7.3003465,33.056778 6.7419595,31.74347 6.7419595,31.74347 C 7.5832405,27.674334 10.461885,24.697254 10.461885,24.697254 C 10.461885,24.697254 8.1825635,31.108768 8.5479535,33.601747 z "
-         style="opacity:0.22784807;color:black;fill:url(#linearGradient2068);fill-opacity:1;fill-rule:evenodd;stroke:none;stroke-width:1px;stroke-linecap:round;stroke-linejoin:round;marker:none;marker-start:none;marker-mid:none;marker-end:none;stroke-miterlimit:4;stroke-dasharray:none;stroke-dashoffset:0;stroke-opacity:1;visibility:visible;display:inline;overflow:visible" />
-      <path
-         style="opacity:0.22784807;color:black;fill:url(#linearGradient2070);fill-opacity:1;fill-rule:evenodd;stroke:none;stroke-width:1px;stroke-linecap:round;stroke-linejoin:round;marker:none;marker-start:none;marker-mid:none;marker-end:none;stroke-miterlimit:4;stroke-dasharray:none;stroke-dashoffset:0;stroke-opacity:1;visibility:visible;display:inline;overflow:visible"
-         d="M 27.453661,32.743396 C 28.684912,32.162418 29.258041,30.741075 29.258041,30.741075 C 28.298921,26.698092 25.281892,23.898254 25.281892,23.898254 C 25.281892,23.898254 27.746485,30.240856 27.453661,32.743396 z "
-         id="path4370"
-         sodipodi:nodetypes="cccc" />
-    </g>
-  </g>
-  <g
-     inkscape:groupmode="layer"
-     id="layer2"
-     inkscape:label="dalsi cipek"
-     style="display:inline" />
-</svg>

packages/apps/tenant/templates/namespace.yaml

@@ -1,20 +1,3 @@
-{{- define "cozystack.namespace-anotations" }}
-{{- $context := index . 0 }}
-{{- $existingNS := index . 1 }}
-{{- range $x := list "etcd" "monitoring" "ingress" }}
-{{- if (index $context.Values $x) }}
-namespace.cozystack.io/{{ $x }}: "{{ include "tenant.name" $context }}"
-{{- else }}
-namespace.cozystack.io/{{ $x }}: "{{ index $existingNS.metadata.annotations (printf "namespace.cozystack.io/%s" $x) | required (printf "namespace %s has no namespace.cozystack.io/%s annotation" $context.Release.Namespace $x) }}"
-{{- end }}
-{{- end }}
-{{- end }}
-
-{{- $existingNS := lookup "v1" "Namespace" "" .Release.Namespace }}
-{{- if not $existingNS }}
-{{- fail (printf "error lookup existing namespace: %s" .Release.Namespace) }}
-{{- end }}
-
 {{- if ne (include "tenant.name" .) "tenant-root" }}
 ---
 apiVersion: v1
@@ -22,25 +5,22 @@ kind: Namespace
 metadata:
   name: {{ include "tenant.name" . }}
   {{- if hasPrefix "tenant-" .Release.Namespace }}
+  {{- $existingNS := lookup "v1" "Namespace" "" .Release.Namespace }}
+  {{- if $existingNS }}
   annotations:
     {{- if .Values.host }}
     namespace.cozystack.io/host: "{{ .Values.host }}"
     {{- else }}
-    {{ $parentHost := index $existingNS.metadata.annotations "namespace.cozystack.io/host" | required (printf "namespace %s has no namespace.cozystack.io/host annotation" .Release.Namespace) }}
+    {{ $parentHost := index $existingNS.metadata.annotations "namespace.cozystack.io/host" | required (printf "namespace %s has no namespace.cozystack.io/host annotation" $.Release.Namespace) }}
     namespace.cozystack.io/host: "{{ splitList "-" (include "tenant.name" .) | last }}.{{ $parentHost }}"
     {{- end }}
-    {{- include "cozystack.namespace-anotations" (list . $existingNS) | nindent 4 }}
-  labels:
-    tenant.cozystack.io/{{ include "tenant.name" $ }}: ""
-    {{- if hasPrefix "tenant-" .Release.Namespace }}
-    {{- $parts := splitList "-" .Release.Namespace }}
-    {{- range $i, $v := $parts }}
-    {{- if ne $i 0 }}
-    tenant.cozystack.io/{{ join "-" (slice $parts 0 (add $i 1)) }}: ""
+    {{- range $x := list "etcd" "monitoring" "ingress" }}
+    {{- if (index $.Values $x) }}
+    namespace.cozystack.io/{{ $x }}: "{{ include "tenant.name" $ }}"
+    {{- else }}
+    namespace.cozystack.io/{{ $x }}: "{{ index $existingNS.metadata.annotations (printf "namespace.cozystack.io/%s" $x) | required (printf "namespace %s has no namespace.cozystack.io/%s annotation" $.Release.Namespace $x) }}"
     {{- end }}
     {{- end }}
-    {{- end }}
-    {{- include "cozystack.namespace-anotations" (list $ $existingNS) | nindent 4 }}
   ownerReferences:
   - apiVersion: v1
     blockOwnerDeletion: true
@@ -48,5 +28,8 @@ metadata:
     kind: Namespace
     name: {{ .Release.Namespace }}
     uid: {{ $existingNS.metadata.uid }}
+  {{- else }}
+  {{- fail (printf "error lookup exiting namespace: %s" .Release.Namespace) }}
+  {{- end }}
   {{- end }}
 {{- end }}

packages/apps/tenant/templates/networkpolicy.yaml

@@ -1,156 +0,0 @@
-{{- if .Values.isolated }}
----
-apiVersion: cilium.io/v2
-kind: CiliumNetworkPolicy
-metadata:
-  name: allow-internal-communication
-  namespace: {{ include "tenant.name" . }}
-spec:
-  endpointSelector: {}
-  ingress:
-  - fromEndpoints:
-    - {}
-  egress:
-  - toEndpoints:
-    - {}
----
-apiVersion: cilium.io/v2
-kind: CiliumNetworkPolicy
-metadata:
-  name: allow-external-communication
-  namespace: {{ include "tenant.name" . }}
-spec:
-  endpointSelector: {}
-  ingress:
-  - fromEntities:
-      - world
-  egress:
-  - toEntities:
-      - world
----
-apiVersion: cilium.io/v2
-kind: CiliumClusterwideNetworkPolicy
-metadata:
-  name: {{ include "tenant.name" . }}-egress
-spec:
-  endpointSelector:
-    matchLabels:
-      "k8s:io.kubernetes.pod.namespace": "{{ include "tenant.name" . }}"
-  egress:
-  - toEndpoints:
-    - matchLabels:
-        "k8s:io.cilium.k8s.namespace.labels.tenant.cozystack.io/{{ include "tenant.name" . }}": ""
-  {{- if ne (include "tenant.name" .) "tenant-root" }}
-  - toEndpoints:
-    {{- if hasPrefix "tenant-" .Release.Namespace }}
-    {{- $parts := splitList "-" .Release.Namespace }}
-    {{- range $i, $v := $parts }}
-    {{- if ne $i 0 }}
-    - matchLabels:
-        "k8s:io.kubernetes.pod.namespace": {{ join "-" (slice $parts 0 (add $i 1)) }}
-    {{- end }}
-    {{- end }}
-    {{- end }}
-  {{- end }}
----
-apiVersion: cilium.io/v2
-kind: CiliumClusterwideNetworkPolicy
-metadata:
-  name: {{ include "tenant.name" . }}-ingress
-spec:
-  endpointSelector:
-    matchLabels:
-      "k8s:io.kubernetes.pod.namespace": "{{ include "tenant.name" . }}"
-  ingress:
-  - fromEntities:
-    - kube-apiserver
-  - fromEndpoints:
-      - matchLabels:
-          "k8s:io.cilium.k8s.namespace.labels.cozystack.io/system": "true"
-  - fromEndpoints:
-      - matchLabels:
-          "k8s:io.kubernetes.pod.namespace": kube-system
-  {{- if ne (include "tenant.name" .) "tenant-root" }}
-  - fromEndpoints:
-    {{- if hasPrefix "tenant-" .Release.Namespace }}
-    {{- $parts := splitList "-" .Release.Namespace }}
-    {{- range $i, $v := $parts }}
-    {{- if ne $i 0 }}
-    - matchLabels:
-        "k8s:io.kubernetes.pod.namespace": {{ join "-" (slice $parts 0 (add $i 1)) }}
-    {{- end }}
-    {{- end }}
-    {{- end }}
-  {{- end }}
----
-{{- if .Values.etcd }}
-apiVersion: cilium.io/v2
-kind: CiliumClusterwideNetworkPolicy
-metadata:
-  name: {{ include "tenant.name" . }}-ingress-etcd
-spec:
-  endpointSelector:
-    matchLabels:
-      "k8s:io.kubernetes.pod.namespace": "{{ include "tenant.name" . }}"
-      cozystack.io/service: etcd
-  ingress:
-  - fromEndpoints:
-    - matchLabels:
-        "k8s:io.cilium.k8s.namespace.labels.namespace.cozystack.io/etcd": "{{ include "tenant.name" . }}"
-        policy.cozystack.io/allow-to-etcd: "true"
-{{- end }}
----
-apiVersion: cilium.io/v2
-kind: CiliumNetworkPolicy
-metadata:
-  name: allow-to-apiserver
-  namespace: {{ include "tenant.name" . }}
-spec:
-  endpointSelector:
-    matchLabels:
-      policy.cozystack.io/allow-to-apiserver: "true"
-  egress:
-  - toEntities:
-    - kube-apiserver
-  - toPorts:
-    - ports:
-      - port: "6443"
-        protocol: TCP
----
-apiVersion: cilium.io/v2
-kind: CiliumNetworkPolicy
-metadata:
-  name: allow-to-dns
-  namespace: {{ include "tenant.name" . }}
-spec:
-  endpointSelector: {}
-  egress:
-  - toEndpoints:
-    - matchLabels:
-        "k8s:io.kubernetes.pod.namespace": kube-system
-        k8s-app: kube-dns
----
-apiVersion: cilium.io/v2
-kind: CiliumNetworkPolicy
-metadata:
-  name: allow-to-dashboard
-  namespace: {{ include "tenant.name" . }}
-spec:
-  endpointSelector: {}
-  egress:
-  - toEndpoints:
-      - matchLabels:
-          "k8s:io.kubernetes.pod.namespace": cozy-dashboard
----
-apiVersion: cilium.io/v2
-kind: CiliumNetworkPolicy
-metadata:
-  name: allow-to-ingress
-  namespace: {{ include "tenant.name" . }}
-spec:
-  endpointSelector: {}
-  egress:
-  - toEndpoints:
-    - matchLabels:
-        cozystack.io/service: ingress
-{{- end }}

packages/apps/tenant/values.schema.json

@@ -21,11 +21,6 @@
             "type": "boolean",
             "description": "Deploy own Ingress Controller",
             "default": false
-        },
-        "isolated": {
-            "type": "boolean",
-            "description": "Enforce tenant namespace with network policies",
-            "default": false
         }
     }
 }

packages/apps/tenant/values.yaml

@@ -4,9 +4,7 @@
 ## @param etcd Deploy own Etcd cluster
 ## @param monitoring Deploy own Monitoring Stack
 ## @param ingress Deploy own Ingress Controller
-## @param isolated Enforce tenant namespace with network policies
 host: ""
 etcd: false
 monitoring: false
 ingress: false
-isolated: false

packages/apps/versions_map

@@ -1,35 +1,25 @@
 clickhouse 0.1.0 ca79f72
 clickhouse 0.2.0 7cd7de73
 clickhouse 0.2.1 HEAD
-ferretdb 0.1.0 4ffa8615
-ferretdb 0.1.1 HEAD
+ferretdb 0.1.0 HEAD
 http-cache 0.1.0 a956713
 http-cache 0.2.0 HEAD
 kafka 0.1.0 760f86d2
 kafka 0.2.0 a2cc83d
-kafka 0.2.1 3ac17018
-kafka 0.2.2 d0758692
-kafka 0.2.3 HEAD
+kafka 0.2.1 HEAD
 kubernetes 0.1.0 f642698
 kubernetes 0.2.0 7cd7de73
 kubernetes 0.3.0 7caccec1
 kubernetes 0.4.0 6cae6ce8
 kubernetes 0.5.0 6bd2d455
-kubernetes 0.6.0 4cbc8a2c
-kubernetes 0.7.0 ceefae03
-kubernetes 0.8.0 ac11056e
-kubernetes 0.8.1 e54608d8
-kubernetes 0.8.2 HEAD
+kubernetes 0.6.0 HEAD
 mysql 0.1.0 f642698
 mysql 0.2.0 8b975ff0
 mysql 0.3.0 HEAD
-nats 0.1.0 HEAD
 postgres 0.1.0 f642698
 postgres 0.2.0 7cd7de73
 postgres 0.2.1 4a97e297
-postgres 0.3.0 995dea6f
-postgres 0.4.0 ec283c33
-postgres 0.4.1 HEAD
+postgres 0.3.0 HEAD
 rabbitmq 0.1.0 f642698
 rabbitmq 0.2.0 HEAD
 redis 0.1.1 f642698
@@ -41,9 +31,7 @@ tenant 0.1.4 d200480
 tenant 0.1.5 e3ab858
 tenant 1.0.0 7cd7de7
 tenant 1.1.0 4da8ac3b
-tenant 1.2.0 15478a88
-tenant 1.3.0 ceefae03
-tenant 1.3.1 HEAD
+tenant 1.2.0 HEAD
 virtual-machine 0.1.4 f2015d6
 virtual-machine 0.1.5 7cd7de7
 virtual-machine 0.2.0 HEAD

packages/apps/virtual-machine/.helmignore

@@ -1,3 +1,23 @@
-.helmignore
-/logos
-/Makefile
+# Patterns to ignore when building packages.
+# This supports shell glob matching, relative path matching, and
+# negation (prefixed with !). Only one pattern per line.
+.DS_Store
+# Common VCS dirs
+.git/
+.gitignore
+.bzr/
+.bzrignore
+.hg/
+.hgignore
+.svn/
+# Common backup files
+*.swp
+*.bak
+*.tmp
+*.orig
+*~
+# Various IDEs
+.project
+.idea/
+*.tmproj
+.vscode/

packages/apps/virtual-machine/Chart.yaml

@@ -2,7 +2,7 @@ apiVersion: v2
 #name: Virtual Machine
 name: virtual-machine
 description: Virtual machine instance
-icon: /logos/vm.svg
+icon: https://www.svgrepo.com/show/448273/azure-vms.svg
 
 # A chart can be either an 'application' or a 'library' chart.
 #

packages/apps/virtual-machine/logos/vm.svg

@@ -1,2 +0,0 @@
-<?xml version="1.0" encoding="utf-8"?><!-- Uploaded to: SVG Repo, www.svgrepo.com, Generator: SVG Repo Mixer Tools -->
-<svg width="800px" height="800px" viewBox="0 0 16 16" xmlns="http://www.w3.org/2000/svg" fill="none"><path fill="url(#azure-vms-color-16__paint0_linear_2372_267)" d="M14.533 2H1.467A.467.467 0 001 2.467v8.4c0 .257.209.466.467.466h13.066a.467.467 0 00.467-.466v-8.4A.467.467 0 0014.533 2z"/><path fill="#50E6FF" d="M10.333 5.306V8.02L8 9.389V6.667l2.333-1.361z"/><path fill="#C3F1FF" d="M10.333 5.306L8 6.674 5.667 5.306 8 3.944l2.333 1.362z"/><path fill="#9CEBFF" d="M8 6.674V9.39L5.667 8.02V5.306L8 6.674z"/><path fill="#C3F1FF" d="M5.667 8.02L8 6.667v2.722L5.667 8.02z"/><path fill="#9CEBFF" d="M10.333 8.02L8 6.667v2.722l2.333-1.369z"/><path fill="url(#azure-vms-color-16__paint1_linear_2372_267)" d="M10.808 14.157c-1.385-.218-1.44-1.214-1.44-2.824H6.624c0 1.61-.046 2.606-1.43 2.824a.778.778 0 00-.693.777h7a.777.777 0 00-.692-.777z"/><defs><linearGradient id="azure-vms-color-16__paint0_linear_2372_267" x1="8" x2="8" y1="11.333" y2="2" gradientUnits="userSpaceOnUse"><stop stop-color="#0078D4"/><stop offset=".82" stop-color="#5EA0EF"/></linearGradient><linearGradient id="azure-vms-color-16__paint1_linear_2372_267" x1="8" x2="8" y1="14.934" y2="11.333" gradientUnits="userSpaceOnUse"><stop offset=".15" stop-color="#CCC"/><stop offset="1" stop-color="#707070"/></linearGradient></defs></svg>

packages/apps/vpn/.helmignore

@@ -1,3 +1,23 @@
-.helmignore
-/logos
-/Makefile
+# Patterns to ignore when building packages.
+# This supports shell glob matching, relative path matching, and
+# negation (prefixed with !). Only one pattern per line.
+.DS_Store
+# Common VCS dirs
+.git/
+.gitignore
+.bzr/
+.bzrignore
+.hg/
+.hgignore
+.svn/
+# Common backup files
+*.swp
+*.bak
+*.tmp
+*.orig
+*~
+# Various IDEs
+.project
+.idea/
+*.tmproj
+.vscode/

packages/apps/vpn/Chart.yaml

@@ -1,7 +1,7 @@
 apiVersion: v2
 name: vpn
 description: Managed VPN service
-icon: /logos/outline.svg
+icon: https://upload.wikimedia.org/wikipedia/commons/thumb/6/60/Outline_VPN_icon.png/600px-Outline_VPN_icon.png
 
 # A chart can be either an 'application' or a 'library' chart.
 #

packages/apps/vpn/logos/outline.svg

@@ -1,64 +0,0 @@
-<?xml version="1.0" encoding="UTF-8" standalone="no"?>
-<svg
-   id="Layer_1"
-   data-name="Layer 1"
-   viewBox="0 0 143.508 144"
-   version="1.1"
-   sodipodi:docname="outline.svg"
-   width="143.508"
-   height="144"
-   inkscape:version="1.1.1 (c3084ef, 2021-09-22)"
-   xmlns:inkscape="http://www.inkscape.org/namespaces/inkscape"
-   xmlns:sodipodi="http://sodipodi.sourceforge.net/DTD/sodipodi-0.dtd"
-   xmlns="http://www.w3.org/2000/svg"
-   xmlns:svg="http://www.w3.org/2000/svg"
-   xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"
-   xmlns:cc="http://creativecommons.org/ns#"
-   xmlns:dc="http://purl.org/dc/elements/1.1/">
-  <sodipodi:namedview
-     id="namedview852"
-     pagecolor="#ffffff"
-     bordercolor="#666666"
-     borderopacity="1.0"
-     inkscape:pageshadow="2"
-     inkscape:pageopacity="0.0"
-     inkscape:pagecheckerboard="0"
-     showgrid="false"
-     inkscape:zoom="1.9719816"
-     inkscape:cx="138.18587"
-     inkscape:cy="77.840481"
-     inkscape:window-width="3440"
-     inkscape:window-height="1387"
-     inkscape:window-x="0"
-     inkscape:window-y="25"
-     inkscape:window-maximized="1"
-     inkscape:current-layer="Layer_1" />
-  <defs
-     id="defs826">
-    <style
-       id="style824">.cls-1{fill:#183729;}.cls-2{fill:#fff;}.cls-3{fill:#5bb193;}</style>
-  </defs>
-  <title
-     id="title828">Outline web assets</title>
-  <path
-     class="cls-1"
-     d="m 143.78,30.5 c 0,-1.11 0,-2.21 0,-3.31 A 48.29,48.29 0 0 0 143.1,20 24,24 0 0 0 140.87,13.17 22.94,22.94 0 0 0 136.63,7.35 l -5.8,-4.23 A 24.37,24.37 0 0 0 124,0.87 46.61,46.61 0 0 0 116.8,0.24 c -1.1,0 -88.47,0 -89.58,0 A 47.07,47.07 0 0 0 20,0.87 23.94,23.94 0 0 0 13.2,3.12 23.28,23.28 0 0 0 7.39,7.35 22.67,22.67 0 0 0 3.16,13.17 24,24 0 0 0 0.92,20 47,47 0 0 0 0.28,27.19 c 0,1.1 0,88.47 0,89.58 a 46.86,46.86 0 0 0 0.64,7.23 23.82,23.82 0 0 0 2.24,6.83 22.57,22.57 0 0 0 4.23,5.8 22.79,22.79 0 0 0 5.81,4.23 24,24 0 0 0 6.8,2.22 48.38,48.38 0 0 0 7.19,0.64 c 1.11,0 88.48,0 89.58,0 a 47.9,47.9 0 0 0 7.18,-0.64 24.4,24.4 0 0 0 6.85,-2.26 22.57,22.57 0 0 0 5.8,-4.23 22.84,22.84 0 0 0 4.24,-5.8 23.8,23.8 0 0 0 2.26,-6.79 48.17,48.17 0 0 0 0.66,-7.19 c 0.02,-1.15 0.04,-85.01 0.02,-86.31 z"
-     id="path830" />
-  <path
-     class="cls-2"
-     d="M 115.84,67.42 A 42.49,42.49 0 0 0 78.68,29.7 v 17.15 a 25.47,25.47 0 0 1 0,50 v 17.2 a 42.5,42.5 0 0 0 37.16,-46.63 z"
-     id="path832" />
-  <path
-     class="cls-3"
-     d="m 28.2,76.33 a 42.5,42.5 0 0 0 37.16,37.72 V 29.7 A 42.5,42.5 0 0 0 28.2,76.33 Z"
-     id="path834" />
-  <metadata
-     id="metadata934">
-    <rdf:RDF>
-      <cc:Work
-         rdf:about="">
-        <dc:title>Outline web assets</dc:title>
-      </cc:Work>
-    </rdf:RDF>
-  </metadata>
-</svg>

packages/core/installer/Makefile

@@ -26,7 +26,7 @@ image-cozystack:
 		--tag $(REGISTRY)/cozystack:$(call settag,$(TAG)) \
 		--cache-from type=registry,ref=$(REGISTRY)/cozystack:latest \
 		--platform linux/amd64,linux/arm64 \
-		--cache-to type=inline,mode=max \
+		--cache-to type=inline \
 		--metadata-file images/cozystack.json \
 		--push=$(PUSH) \
 		--load=$(LOAD)
@@ -46,7 +46,7 @@ image-matchbox:
 		--tag $(REGISTRY)/matchbox:$(call settag,$(TAG)) \
 		--tag $(REGISTRY)/matchbox:$(call settag,$(TALOS_VERSION)-$(TAG)) \
 		--cache-from type=registry,ref=$(REGISTRY)/matchbox:latest \
-		--cache-to type=inline,mode=max \
+		--cache-to type=inline \
 		--metadata-file images/matchbox.json \
 		--push=$(PUSH) \
 		--load=$(LOAD)

packages/core/installer/images/cozystack.json

@@ -1,10 +1,10 @@
 {
-  "buildx.build.ref": "buildkit/buildkit0/n6lhtwop5zjb6wsgfaxvgm7wi",
+  "buildx.build.ref": "priceless_leavitt/priceless_leavitt0/ta5cc9q3mqtwjyuvg8fviqhe6",
   "containerimage.descriptor": {
     "mediaType": "application/vnd.docker.distribution.manifest.list.v2+json",
-    "digest": "sha256:629ce818af1441896a499120f62471934faf2fb8f7e9f922631f51c877de7b44",
+    "digest": "sha256:bcaef325861d91b955f536bdd57ae3a6099d8657f081054a6dee3c027cfce97f",
     "size": 685
   },
-  "containerimage.digest": "sha256:629ce818af1441896a499120f62471934faf2fb8f7e9f922631f51c877de7b44",
-  "image.name": "ghcr.io/aenix-io/cozystack/cozystack:v0.10.4"
+  "containerimage.digest": "sha256:bcaef325861d91b955f536bdd57ae3a6099d8657f081054a6dee3c027cfce97f",
+  "image.name": "ghcr.io/aenix-io/cozystack/cozystack:v0.9.0"
 }

packages/core/installer/images/cozystack.tag

@@ -1 +1 @@
-ghcr.io/aenix-io/cozystack/cozystack:v0.10.4
+ghcr.io/aenix-io/cozystack/cozystack:v0.9.0

packages/core/installer/images/cozystack/Dockerfile

@@ -33,7 +33,6 @@ COPY scripts /cozystack/scripts
 COPY --from=builder /src/packages/core /cozystack/packages/core
 COPY --from=builder /src/packages/system /cozystack/packages/system
 COPY --from=builder /src/_out/repos /cozystack/assets/repos
-COPY --from=builder /src/_out/logos /cozystack/assets/logos
 COPY --from=k8s-await-election-builder /k8s-await-election /usr/bin/k8s-await-election
 COPY dashboards /cozystack/assets/dashboards
 

packages/core/installer/images/matchbox.json

@@ -29,17 +29,17 @@
       }
     }
   },
-  "buildx.build.ref": "buildkit/buildkit0/bloh5mrl9qylqab5x8nsx7c3w",
-  "containerimage.config.digest": "sha256:82ae30cc8115b1ff19eeaf9e99130268f25e4440ae285208aa48321da285c5ac",
+  "buildx.build.ref": "priceless_leavitt/priceless_leavitt0/k5n5is33n6zu6an3nmlnylejx",
+  "containerimage.config.digest": "sha256:4676a205eae74f1b16a9065921c612ee85e123ab6566a238edb4bbaf79b2e148",
   "containerimage.descriptor": {
     "mediaType": "application/vnd.docker.distribution.manifest.v2+json",
-    "digest": "sha256:22a4a0d40c9101af9c934425438ac39ca8312456d8b22ddd8b92d506b15e3517",
+    "digest": "sha256:7aa044756c40c2a222668f735ad9490b52341b57dca27e57b98f5de235d87ad7",
     "size": 1488,
     "platform": {
       "architecture": "amd64",
       "os": "linux"
     }
   },
-  "containerimage.digest": "sha256:22a4a0d40c9101af9c934425438ac39ca8312456d8b22ddd8b92d506b15e3517",
-  "image.name": "ghcr.io/aenix-io/cozystack/matchbox:v0.10.4,ghcr.io/aenix-io/cozystack/matchbox:v1.7.1-v0.10.4"
+  "containerimage.digest": "sha256:7aa044756c40c2a222668f735ad9490b52341b57dca27e57b98f5de235d87ad7",
+  "image.name": "ghcr.io/aenix-io/cozystack/matchbox:v0.9.0,ghcr.io/aenix-io/cozystack/matchbox:v1.7.1-v0.9.0"
 }

packages/core/platform/bundles/distro-full.yaml

@@ -93,13 +93,13 @@ releases:
   releaseName: kafka-operator
   chart: cozy-kafka-operator
   namespace: cozy-kafka-operator
-  dependsOn: [cilium]
+  dependsOn: [cilium,kubeovn]
 
 - name: clickhouse-operator
   releaseName: clickhouse-operator
   chart: cozy-clickhouse-operator
   namespace: cozy-clickhouse-operator
-  dependsOn: [cilium]
+  dependsOn: [cilium,kubeovn]
 
 - name: rabbitmq-operator
   releaseName: rabbitmq-operator

packages/core/platform/templates/helmreleases.yaml

@@ -19,7 +19,6 @@ metadata:
   namespace: {{ $x.namespace }}
   labels:
     cozystack.io/repository: system
-    cozystack.io/system-app: "true"
 spec:
   interval: 5m
   releaseName: {{ $x.releaseName | default $x.name }}

packages/core/platform/templates/namespaces.yaml

@@ -15,7 +15,6 @@
 {{- end }}
 
 {{/* Add extra namespaces */}}
-{{- $_ := set $namespaces "cozy-system" true }}
 {{- $_ := set $namespaces "cozy-public" false }}
 
 {{- range $namespace, $privileged := $namespaces }}
@@ -25,10 +24,9 @@ kind: Namespace
 metadata:
   annotations:
     "helm.sh/resource-policy": keep
+  {{- if $privileged }}
   labels:
-    cozystack.io/system: "true"
-    {{- if $privileged }}
     pod-security.kubernetes.io/enforce: privileged
-    {{- end }}
+  {{- end }}
   name: {{ $namespace }}
 {{- end }}

packages/extra/etcd/.helmignore

@@ -1,3 +0,0 @@
-.helmignore
-/logos
-/Makefile

packages/extra/etcd/Chart.yaml

@@ -1,6 +1,6 @@
 apiVersion: v2
 name: etcd
 description: Storage for Kubernetes clusters
-icon: /logos/etcd.svg
+icon: https://www.svgrepo.com/show/353714/etcd.svg
 type: application
-version: 2.2.0
+version: 2.1.0

packages/extra/etcd/logos/etcd.svg

@@ -1,8 +0,0 @@
-<?xml version="1.0" encoding="UTF-8" standalone="no"?>
-<!-- Uploaded to: SVG Repo, www.svgrepo.com, Generator: SVG Repo Mixer Tools -->
-<svg width="800px" height="800px" viewBox="0 -4 256 256" version="1.1" xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink" preserveAspectRatio="xMidYMid">
-    <g>
-        <path d="M252.386416,128.063547 C251.184178,128.164306 249.976215,128.21125 248.692682,128.21125 C241.246821,128.21125 234.023088,126.465143 227.505812,123.267189 C229.675566,110.820018 230.598427,98.2801018 230.356834,85.7859855 C223.291109,75.5658167 215.215504,65.9227222 206.100249,57.0387552 C210.05504,49.6238086 215.901352,43.2439318 223.19951,38.7200816 L226.333344,36.7827608 L223.891083,34.029063 C211.309948,19.8621183 196.294566,8.90915678 179.270875,1.47703537 L175.875983,0 L175.013807,3.58839447 C172.983742,11.9513917 168.740414,19.4957219 162.914712,25.550422 C151.717868,19.5987709 140.020663,14.7886736 127.958208,11.1453196 C115.924377,14.7806586 104.247783,19.5770161 93.0555185,25.5195073 C87.253861,19.4728222 83.0208379,11.9468117 80.9987879,3.60785927 L80.1308865,0.0206097959 L76.74859,1.49077524 C59.9390115,8.81526771 44.5102892,20.0647813 32.1352518,34.0210481 L29.686121,36.7804708 L32.81652,38.7177916 C40.091778,43.224467 45.9220603,49.5665592 49.8699812,56.9414311 C40.7822062,65.7910485 32.715761,75.4032283 25.6557609,85.5764526 C25.3809637,98.0648439 26.25688,110.696359 28.4369384,123.315279 C21.9517226,126.483463 14.7680638,128.210105 7.37143701,128.210105 C6.07301986,128.210105 4.85818689,128.163161 3.67770358,128.064692 L0,127.78417 L0.344641587,131.456148 C2.14685374,150.033589 7.91530662,167.703054 17.4988617,183.979068 L19.3697732,187.155267 L22.1784304,184.7714 C28.6876909,179.250265 36.552618,175.594316 44.9156152,174.120716 C50.4287356,185.393129 56.9631859,195.984274 64.3758425,205.817437 C76.2035754,209.954281 88.5270884,213.042315 101.253637,214.880022 C102.474195,223.296834 101.5021,232.002183 98.1816328,240.051453 L96.7813116,243.462374 L100.382301,244.254706 C109.602895,246.282481 118.904783,247.315261 128.013167,247.315261 L155.636019,244.254706 L159.240443,243.462374 L157.836687,240.044583 C154.52538,231.995313 153.553284,223.279659 154.773842,214.861702 C167.450012,213.022851 179.727725,209.941686 191.511949,205.817437 C198.931475,195.976259 205.47165,185.378244 210.993931,174.090946 C219.383263,175.555387 227.292844,179.213625 233.842179,184.750791 L236.650837,187.131222 L238.512588,183.963038 C248.113318,167.666415 253.880626,149.998095 255.655358,131.450423 L256,127.785315 L252.386416,128.063547 L252.386416,128.063547 Z M167.490086,172.959697 C154.422331,176.513742 141.150767,178.307939 127.958208,178.307939 C114.730154,178.307939 101.47462,176.514887 88.3954147,172.959697 C81.2197707,161.809798 75.5463519,149.865276 71.4633223,137.289866 C67.3974676,124.772849 65.0181812,111.659294 64.327753,98.156443 C72.7743344,87.7130014 82.3796442,78.564542 92.9925442,70.8633483 C103.777192,63.019031 115.509891,56.6460241 127.958208,51.8519565 C140.385915,56.6471691 152.096859,63.011016 162.856317,70.8221287 C173.510437,78.564542 183.158111,87.7839907 191.645912,98.2926967 C190.922279,111.718834 188.514368,124.75682 184.441644,137.253226 C180.368919,149.826346 174.67718,161.808653 167.490086,172.959697 L167.490086,172.959697 Z M138.750871,109.962421 C138.750871,119.194465 146.232227,126.662081 155.451676,126.662081 C164.668834,126.662081 172.142175,119.19561 172.142175,109.962421 C172.142175,100.765872 164.668834,93.2696314 155.451676,93.2696314 C146.232227,93.2696314 138.750871,100.765872 138.750871,109.962421 L138.750871,109.962421 Z M117.172415,109.962421 C117.172415,119.194465 109.692204,126.662081 100.472755,126.662081 C91.2464364,126.662081 83.7868353,119.19561 83.7868353,109.962421 C83.7868353,100.769307 91.2475814,93.2730664 100.472755,93.2730664 C109.692204,93.2730664 117.172415,100.769307 117.172415,109.962421 L117.172415,109.962421 Z" fill="#419EDA">
-
-</path>
-    </g>

packages/extra/etcd/templates/etcd-cluster.yaml

@@ -33,9 +33,6 @@ spec:
       clientTrustedCASecret: etcd-ca-tls
       clientSecret: etcd-client-tls
   podTemplate:
-    metadata:
-      labels:
-        cozystack.io/service: etcd
     spec:
       topologySpreadConstraints:
       - maxSkew: 1
@@ -44,7 +41,6 @@ spec:
         labelSelector:
           matchLabels:
             app.kubernetes.io/instance: etcd
-  podDisruptionBudgetTemplate: {}
 ---
 apiVersion: cert-manager.io/v1
 kind: Issuer

packages/extra/ingress/.helmignore

@@ -1,3 +0,0 @@
-.helmignore
-/logos
-/Makefile

packages/extra/ingress/Chart.yaml

@@ -1,6 +1,6 @@
 apiVersion: v2
 name: ingress
 description: NGINX Ingress Controller
-icon: /logos/ingress-nginx.svg
+icon: https://docs.nginx.com/nginx-ingress-controller/images/icons/NGINX-Ingress-Controller-product-icon.svg
 type: application
 version: 1.2.0

packages/extra/ingress/Makefile

@@ -1,7 +1,2 @@
-update: get-cloudflare-ips
-
-get-cloudflare-ips:
-	printf '{{- define "ingress.cloudflare-ips" -}}\n%s,%s\n{{- end }}\n' "$$(curl -s https://www.cloudflare.com/ips-v4/ | tr '\n' ,)" "$$(curl -s https://www.cloudflare.com/ips-v6/ | tr '\n' ,)" > templates/_cloudflare-ips.tpl
-
 generate:
 	readme-generator -v values.yaml -s values.schema.json -r README.md

packages/extra/ingress/README.md

@@ -4,11 +4,7 @@
 
 ### Common parameters
 
-| Name             | Description                                                       | Value   |
-| ---------------- | ----------------------------------------------------------------- | ------- |
-| `replicas`       | Number of ingress-nginx replicas                                  | `2`     |
-| `externalIPs`    | List of externalIPs for service.                                  | `[]`    |
-| `whitelist`      | List of client networks                                           | `[]`    |
-| `clouflareProxy` | Restoring original visitor IPs when Cloudflare proxied is enabled | `false` |
-| `dashboard`      | Should ingress serve Cozystack service dashboard                  | `false` |
-
+| Name          | Description                      | Value |
+| ------------- | -------------------------------- | ----- |
+| `replicas`    | Number of ingress-nginx replicas | `2`   |
+| `externalIPs` | List of externalIPs for service. | `[]`  |

packages/extra/ingress/logos/ingress-nginx.svg

@@ -1,57 +0,0 @@
-<?xml version="1.0" encoding="utf-8"?>
-<!-- Generator: Adobe Illustrator 24.1.0, SVG Export Plug-In . SVG Version: 6.00 Build 0)  -->
-<svg version="1.1" xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink" x="0px" y="0px"
-	 viewBox="0 0 318 361" style="enable-background:new 0 0 318 361;" xml:space="preserve">
-<style type="text/css">
-	.st0{fill:#FFFFFF;}
-	.st1{fill:#989898;}
-	.st2{fill:#009639;}
-	.st3{fill:none;stroke:#FFFFFF;stroke-width:12.0483;stroke-linecap:round;stroke-linejoin:round;stroke-miterlimit:10;}
-	.st4{fill:none;stroke:#FFFFFF;stroke-width:8.0121;stroke-linecap:round;stroke-linejoin:round;stroke-miterlimit:10;}
-</style>
-<g id="Art">
-</g>
-<g id="Layer_1">
-</g>
-<g id="_x3C_Layer_x3E_">
-	<g>
-		<path class="st1" d="M300.4747,326.5712h2.2967v-5.1155h1.8168c1.201,0,2.0626,0.1171,2.5518,0.4261
-			c0.803,0.4706,1.2128,1.4796,1.2128,2.9756v1.0489l0.0515,0.391c0.0281,0.0866,0.0281,0.1217,0.0352,0.1639
-			c0.0117,0.0632,0.0164,0.0819,0.0515,0.11h2.1281l-0.0773-0.1452c-0.0632-0.0983-0.0983-0.3207-0.103-0.6649
-			c-0.0305-0.3676-0.0305-0.6813-0.0305-0.9716v-0.9692c0-0.6508-0.2434-1.3157-0.7117-2.0275
-			c-0.4823-0.6859-1.2408-1.0933-2.2663-1.2736c0.8101-0.1358,1.4469-0.3512,1.8893-0.6134
-			c0.8686-0.5478,1.2689-1.4375,1.2689-2.5753c0-1.6365-0.6461-2.7556-2.0087-3.3034c-0.7515-0.3091-1.9291-0.4659-3.5609-0.4659
-			h-4.5442V326.5712z M307.0066,319.5571c-0.4612,0.199-1.194,0.2903-2.1843,0.2903h-2.0508v-4.7362h1.9572
-			c1.2689,0,2.189,0.1803,2.7603,0.508c0.5829,0.3254,0.8639,0.9552,0.8639,1.8987
-			C308.3528,318.5246,307.9149,319.1848,307.0066,319.5571 M313.6766,311.7375c-2.3365-2.3061-5.1319-3.4485-8.4353-3.4485
-			c-3.2332,0-6.0543,1.1425-8.3369,3.4485c-2.3365,2.3131-3.4673,5.1108-3.4673,8.3954c0,3.28,1.1191,6.0894,3.4251,8.3908
-			c2.2896,2.3365,5.1154,3.4954,8.3791,3.4954c3.3034,0,6.0988-1.1589,8.4353-3.4954c2.2897-2.3131,3.4719-5.1342,3.4719-8.3908
-			C317.1485,316.8249,315.9663,314.0506,313.6766,311.7375 M312.4709,312.9152c1.9993,1.9525,2.9779,4.3874,2.9779,7.2178
-			c0,2.8024-0.9786,5.2559-2.9779,7.253c-1.969,1.9876-4.3874,3.0084-7.2296,3.0084c-2.8211,0-5.2255-1.0208-7.2202-3.0084
-			c-1.9572-1.997-2.9639-4.4506-2.9639-7.253c0-2.8305,1.0067-5.2653,2.9639-7.2178c2.0228-2.0321,4.4178-3.0295,7.2202-3.0295
-			C308.0718,309.8857,310.4785,310.883,312.4709,312.9152"/>
-		<g>
-			<g>
-				<path class="st2" d="M3.1127,270.0055c1.6927,2.9361,4.0792,5.2265,6.8321,6.7797l139.7648,80.6932l0.0044-0.0044
-					c2.7267,1.6055,5.8984,2.526,9.2883,2.526c3.3899,0,6.5659-0.9205,9.2883-2.526l139.7691-80.6932
-					c2.7529-1.5531,5.1306-3.8392,6.8277-6.7753c1.6971-2.9361,2.4868-6.1427,2.4562-9.3057V99.3134l-0.0044-0.0044
-					c0.0262-3.1586-0.7635-6.3696-2.4562-9.3057c-1.6971-2.9361-4.0835-5.2222-6.832-6.7797L168.2817,2.5304V2.526
-					C165.5594,0.9205,162.3877,0,158.9978,0c-3.3855,0-6.5572,0.9205-9.2796,2.526v0.0044L9.9535,83.2236
-					c-2.7529,1.5575-5.1393,3.8436-6.8364,6.7797c-1.6927,2.9361-2.4824,6.1471-2.4562,9.3057l-0.0044,0.0044v161.3864
-					c-0.0305,3.163,0.7591,6.3696,2.4519,9.3057"/>
-			</g>
-			<g>
-				<rect x="61.8437" y="119.0382" class="st3" width="122.8067" height="122.8067"/>
-				<rect x="220.7016" y="104.7989" class="st4" width="35.4548" height="35.4548"/>
-				<rect x="220.7016" y="162.2726" class="st4" width="35.4548" height="35.4548"/>
-				<rect x="220.7016" y="219.7462" class="st4" width="35.4548" height="35.4548"/>
-				<g>
-					<line class="st4" x1="187.4357" y1="180.4416" x2="218.6188" y2="180.4416"/>
-					<line class="st4" x1="185.7747" y1="195.1123" x2="221.1852" y2="222.0801"/>
-					<line class="st4" x1="185.7747" y1="165.7709" x2="221.1852" y2="138.803"/>
-				</g>
-			</g>
-		</g>
-	</g>
-</g>
-</svg>

packages/extra/ingress/templates/_cloudflare-ips.tpl

@@ -1,3 +0,0 @@
-{{- define "ingress.cloudflare-ips" -}}
-173.245.48.0/20,103.21.244.0/22,103.22.200.0/22,103.31.4.0/22,141.101.64.0/18,108.162.192.0/18,190.93.240.0/20,188.114.96.0/20,197.234.240.0/22,198.41.128.0/17,162.158.0.0/15,104.16.0.0/13,104.24.0.0/14,172.64.0.0/13,131.0.72.0/22,2400:cb00::/32,2606:4700::/32,2803:f800::/32,2405:b500::/32,2405:8100::/32,2a06:98c0::/29,2c0f:f248::/32
-{{- end }}

packages/extra/ingress/templates/dashboard.yaml

@@ -1,29 +0,0 @@
-{{- $myNS := lookup "v1" "Namespace" "" .Release.Namespace }}
-{{- $host := index $myNS.metadata.annotations "namespace.cozystack.io/host" }}
-{{- if .Values.dashboard }}
-apiVersion: networking.k8s.io/v1
-kind: Ingress
-metadata:
-  annotations:
-    cert-manager.io/cluster-issuer: letsencrypt-prod
-    acme.cert-manager.io/http01-ingress-class: tenant-root
-  name: dashboard-{{ .Release.Namespace }}
-  namespace: cozy-dashboard
-spec:
-  ingressClassName: {{ .Release.Namespace }}
-  rules:
-  - host: dashboard.{{ $host }}
-    http:
-      paths:
-      - backend:
-          service:
-            name: dashboard
-            port:
-              number: 80
-        path: /
-        pathType: Prefix
-  tls:
-  - hosts:
-    - dashboard.{{ $host }}
-    secretName: dashboard-{{ .Release.Namespace }}-tls
-{{- end }}

packages/extra/ingress/templates/nginx-ingress.yaml

@@ -1,7 +1,7 @@
 apiVersion: helm.toolkit.fluxcd.io/v2
 kind: HelmRelease
 metadata:
-  name: ingress-nginx-system
+  name: ingress-nginx
 spec:
   chart:
     spec:
@@ -23,9 +23,6 @@ spec:
         ingressClassResource:
           name: {{ .Release.Namespace }}
           controllerValue: k8s.io/ingress-nginx-{{ .Release.Namespace }}
-        podLabels:
-          cozystack.io/service: ingress
-          policy.cozystack.io/allow-to-apiserver: "true"
         {{- if not (eq .Release.Namespace "tenant-root") }}
         admissionWebhooks:
           enabled: false
@@ -40,14 +37,3 @@ spec:
           type: LoadBalancer
           externalTrafficPolicy: Local
           {{- end }}
-        {{- if or .Values.whitelist .Values.clouflareProxy }}
-        config:
-          {{- with .Values.whitelist }}
-          whitelist-source-range: "{{ join "," . }}"
-          {{- end }}
-          {{- if .Values.clouflareProxy }}
-          set_real_ip_from: "{{ include "ingress.cloudflare-ips" . }}"
-          use-forwarded-headers: "true"
-          server-snippet: "real_ip_header CF-Connecting-IP;"
-          {{- end }}
-        {{- end }}

packages/extra/ingress/values.schema.json

@@ -14,22 +14,6 @@
             "items": {
                 "type": "string"
             }
-        },
-        "whitelist": {
-            "type": "array",
-            "description": "List of client networks",
-            "default": [],
-            "items": {}
-        },
-        "clouflareProxy": {
-            "type": "boolean",
-            "description": "Restoring original visitor IPs when Cloudflare proxied is enabled",
-            "default": false
-        },
-        "dashboard": {
-            "type": "boolean",
-            "description": "Should ingress serve Cozystack service dashboard",
-            "default": false
         }
     }
 }

packages/extra/ingress/values.yaml

@@ -14,16 +14,3 @@ replicas: 2
 ##   - "11.22.33.46"
 ##
 externalIPs: []
-
-## @param whitelist List of client networks
-## Example:
-## whitelist:
-## - "1.2.3.4"
-## - "10.100.0.0/16"
-whitelist: []
-
-## @param clouflareProxy Restoring original visitor IPs when Cloudflare proxied is enabled
-clouflareProxy: false
-
-## @param dashboard Should ingress serve Cozystack service dashboard
-dashboard: false

packages/extra/monitoring/.helmignore

@@ -1,3 +0,0 @@
-.helmignore
-/logos
-/Makefile

packages/extra/monitoring/Chart.yaml

@@ -1,6 +1,6 @@
 apiVersion: v2
 name: monitoring
 description: Monitoring and observability stack
-icon: /logos/monitoring.svg
+icon: https://www.svgrepo.com/download/184787/analytics-laptop.svg
 type: application
-version: 1.2.1
+version: 1.1.0

packages/extra/monitoring/logos/monitoring.svg

@@ -1,51 +0,0 @@
-<?xml version="1.0" encoding="iso-8859-1"?>
-<!-- Uploaded to: SVG Repo, www.svgrepo.com, Generator: SVG Repo Mixer Tools -->
-<svg height="800px" width="800px" version="1.1" id="Layer_1" xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink" 
-	 viewBox="0 0 512 512" xml:space="preserve">
-<path style="fill:#B0B6BB;" d="M351.338,472.276H160.662c-1.766,0-2.648-2.648-0.883-3.531l15.89-11.476
-	c16.772-12.359,25.6-34.428,20.303-55.614h120.055l0,0c-5.297,21.186,3.531,43.255,20.303,55.614l15.89,11.476
-	C353.986,469.628,353.103,472.276,351.338,472.276"/>
-<path style="fill:#E8EDEE;" d="M481.103,401.655H30.897C14.124,401.655,0,387.531,0,370.759V44.138
-	c0-16.772,14.124-30.897,30.897-30.897h450.207c16.772,0,30.897,14.124,30.897,30.897v326.621
-	C512,387.531,497.876,401.655,481.103,401.655"/>
-<path style="fill:#38454F;" d="M512,322.207H0V44.138c0-16.772,14.124-30.897,30.897-30.897h450.207
-	c16.772,0,30.897,14.124,30.897,30.897V322.207z"/>
-<path style="fill:#E8EDEE;" d="M357.517,498.759H154.483c-7.062,0-13.241-6.179-13.241-13.241s6.179-13.241,13.241-13.241h203.034
-	c7.062,0,13.241,6.179,13.241,13.241S364.579,498.759,357.517,498.759"/>
-<path style="fill:#DD342E;" d="M158.897,75.034H44.138c-5.297,0-8.828-3.531-8.828-8.828c0-5.297,3.531-8.828,8.828-8.828h114.759
-	c5.297,0,8.828,3.531,8.828,8.828C167.724,71.503,164.193,75.034,158.897,75.034"/>
-<path style="fill:#7383BF;" d="M211.862,110.345H88.276c-5.297,0-8.828-3.531-8.828-8.828s3.531-8.828,8.828-8.828h123.586
-	c5.297,0,8.828,3.531,8.828,8.828S217.159,110.345,211.862,110.345"/>
-<path style="fill:#42B05C;" d="M52.966,110.345h-8.828c-5.297,0-8.828-3.531-8.828-8.828s3.531-8.828,8.828-8.828h8.828
-	c5.297,0,8.828,3.531,8.828,8.828S58.262,110.345,52.966,110.345"/>
-<path style="fill:#ECBA16;" d="M211.862,75.034h-17.655c-5.297,0-8.828-3.531-8.828-8.828c0-5.297,3.531-8.828,8.828-8.828h17.655
-	c5.297,0,8.828,3.531,8.828,8.828C220.69,71.503,217.159,75.034,211.862,75.034"/>
-<path style="fill:#DD342E;" d="M123.586,145.655H44.138c-5.297,0-8.828-3.531-8.828-8.828S38.841,128,44.138,128h79.448
-	c5.297,0,8.828,3.531,8.828,8.828S128.883,145.655,123.586,145.655"/>
-<path style="fill:#ECBA16;" d="M211.862,145.655h-52.966c-5.297,0-8.828-3.531-8.828-8.828S153.6,128,158.897,128h52.966
-	c5.297,0,8.828,3.531,8.828,8.828S217.159,145.655,211.862,145.655"/>
-<path style="fill:#42B05C;" d="M158.897,180.966H44.138c-5.297,0-8.828-3.531-8.828-8.828s3.531-8.828,8.828-8.828h114.759
-	c5.297,0,8.828,3.531,8.828,8.828S164.193,180.966,158.897,180.966"/>
-<path style="fill:#ECBA16;" d="M211.862,216.276H88.276c-5.297,0-8.828-3.531-8.828-8.828s3.531-8.828,8.828-8.828h123.586
-	c5.297,0,8.828,3.531,8.828,8.828S217.159,216.276,211.862,216.276"/>
-<path style="fill:#DD342E;" d="M52.966,216.276h-8.828c-5.297,0-8.828-3.531-8.828-8.828s3.531-8.828,8.828-8.828h8.828
-	c5.297,0,8.828,3.531,8.828,8.828S58.262,216.276,52.966,216.276"/>
-<path style="fill:#42B05C;" d="M123.586,251.586H44.138c-5.297,0-8.828-3.531-8.828-8.828s3.531-8.828,8.828-8.828h79.448
-	c5.297,0,8.828,3.531,8.828,8.828S128.883,251.586,123.586,251.586"/>
-<path style="fill:#7383BF;" d="M211.862,251.586h-52.966c-5.297,0-8.828-3.531-8.828-8.828s3.531-8.828,8.828-8.828h52.966
-	c5.297,0,8.828,3.531,8.828,8.828S217.159,251.586,211.862,251.586"/>
-<path style="fill:#ECBA16;" d="M158.897,286.897H44.138c-5.297,0-8.828-3.531-8.828-8.828c0-5.297,3.531-8.828,8.828-8.828h114.759
-	c5.297,0,8.828,3.531,8.828,8.828C167.724,283.366,164.193,286.897,158.897,286.897"/>
-<path style="fill:#42B05C;" d="M211.862,286.897h-17.655c-5.297,0-8.828-3.531-8.828-8.828c0-5.297,3.531-8.828,8.828-8.828h17.655
-	c5.297,0,8.828,3.531,8.828,8.828C220.69,283.366,217.159,286.897,211.862,286.897"/>
-<path style="fill:#DD342E;" d="M414.897,286.897H300.138c-5.297,0-8.828-3.531-8.828-8.828c0-5.297,3.531-8.828,8.828-8.828h114.759
-	c5.297,0,8.828,3.531,8.828,8.828C423.724,283.366,420.193,286.897,414.897,286.897"/>
-<path style="fill:#42B05C;" d="M467.862,286.897h-17.655c-5.297,0-8.828-3.531-8.828-8.828c0-5.297,3.531-8.828,8.828-8.828h17.655
-	c5.297,0,8.828,3.531,8.828,8.828C476.69,283.366,473.159,286.897,467.862,286.897"/>
-<path style="fill:#7383BF;" d="M211.862,180.966h-17.655c-5.297,0-8.828-3.531-8.828-8.828s3.531-8.828,8.828-8.828h17.655
-	c5.297,0,8.828,3.531,8.828,8.828S217.159,180.966,211.862,180.966"/>
-<path style="fill:#ECBA16;" d="M476.69,145.655c0,48.552-39.724,88.276-88.276,88.276s-88.276-39.724-88.276-88.276
-	s39.724-88.276,88.276-88.276S476.69,97.103,476.69,145.655"/>
-<path style="fill:#42B05C;" d="M300.138,145.655c0,2.648,0,6.179,0,8.828h88.276V57.379
-	C339.862,57.379,300.138,97.103,300.138,145.655"/>
-</svg>

packages/extra/monitoring/templates/grafana/db.yaml

@@ -6,7 +6,3 @@ spec:
   instances: 2
   storage:
     size: 10Gi
-
-  inheritedMetadata:
-    labels:
-      policy.cozystack.io/allow-to-apiserver: "true"

packages/extra/monitoring/templates/oncall/oncall-db.yaml

@@ -8,8 +8,4 @@ spec:
   instances: 2
   storage:
     size: 10Gi
-
-  inheritedMetadata:
-    labels:
-      policy.cozystack.io/allow-to-apiserver: "true"
 {{- end }}

packages/extra/monitoring/templates/oncall/oncall-release.yaml

@@ -4,7 +4,7 @@
 apiVersion: helm.toolkit.fluxcd.io/v2
 kind: HelmRelease
 metadata:
-  name: grafana-oncall-system
+  name: grafana-oncall
   labels:
     app.kubernetes.io/instance: {{ .Release.Name }}
     app.kubernetes.io/managed-by: {{ .Release.Service }}

packages/extra/versions_map

@@ -1,12 +1,9 @@
 etcd 1.0.0 f7eaab0
 etcd 2.0.0 a6d0f7cf
 etcd 2.0.1 6fc1cc7d
-etcd 2.1.0 2b00fcf8
-etcd 2.2.0 HEAD
+etcd 2.1.0 HEAD
 ingress 1.0.0 f642698
 ingress 1.1.0 838bee5d
 ingress 1.2.0 HEAD
 monitoring 1.0.0 f642698
-monitoring 1.1.0 15478a88
-monitoring 1.2.0 c9e0d63b
-monitoring 1.2.1 HEAD
+monitoring 1.1.0 HEAD

packages/system/capi-providers/templates/providers.yaml

@@ -28,5 +28,5 @@ kind: InfrastructureProvider
 metadata:
   name: kubevirt
 spec:
-  # https://github.com/kubernetes-sigs/cluster-api-provider-kubevirt
-  version: v0.1.8
+  # https://github.com/kubevirt/cloud-provider-kubevirt
+  version: v0.5.1