Update kubeapps-15.0.2

Signed-off-by: Andrei Kvapil <kvapss@gmail.com>

hack/gen_versions_map.sh

@@ -20,28 +20,9 @@ miss_map=$(echo "$new_map" | awk 'NR==FNR { new_map[$1 " " $2] = $3; next } { if
 resolved_miss_map=$(
   echo "$miss_map" | while read chart version commit; do
     if [ "$commit" = HEAD ]; then
-      line=$(awk '/^version:/ {print NR; exit}' "./$chart/Chart.yaml")
+      line=$(git show HEAD:"./$chart/Chart.yaml" | awk '/^version:/ {print NR; exit}')
-      change_commit=$(git --no-pager blame -L"$line",+1 -- "$chart/Chart.yaml" | awk '{print $1}')
+      change_commit=$(git --no-pager blame -L"$line",+1 HEAD -- "$chart/Chart.yaml" | awk '{print $1}')
-       
+      commit=$(git describe --always "$change_commit~1")
-      if [ "$change_commit" = "00000000" ]; then
-        # Not commited yet, use previus commit
-        line=$(git show HEAD:"./$chart/Chart.yaml" | awk '/^version:/ {print NR; exit}')
-        commit=$(git --no-pager blame -L"$line",+1 HEAD -- "$chart/Chart.yaml" | awk '{print $1}')
-        if [ $(echo $commit | cut -c1) = "^" ]; then
-          # Previus commit not exists
-          commit=$(echo $commit | cut -c2-)
-        fi
-      else
-        # Commited, but version_map wasn't updated
-        line=$(git show HEAD:"./$chart/Chart.yaml" | awk '/^version:/ {print NR; exit}')
-        change_commit=$(git --no-pager blame -L"$line",+1 HEAD -- "$chart/Chart.yaml" | awk '{print $1}')
-        if [ $(echo $change_commit | cut -c1) = "^" ]; then
-          # Previus commit not exists
-          commit=$(echo $change_commit | cut -c2-)
-        else
-          commit=$(git describe --always "$change_commit~1")
-        fi
-      fi
     fi
     echo "$chart $version $commit"
   done

manifests/cozystack-installer.yaml

@@ -63,7 +63,7 @@ spec:
       serviceAccountName: cozystack
       containers:
       - name: cozystack
-        image: "ghcr.io/aenix-io/cozystack/cozystack:v0.4.0"
+        image: "ghcr.io/aenix-io/cozystack/cozystack:v0.3.1"
         env:
         - name: KUBERNETES_SERVICE_HOST
           value: localhost
@@ -82,7 +82,7 @@ spec:
             fieldRef:
               fieldPath: metadata.name
       - name: darkhttpd
-        image: "ghcr.io/aenix-io/cozystack/cozystack:v0.4.0"
+        image: "ghcr.io/aenix-io/cozystack/cozystack:v0.3.1"
         command:
         - /usr/bin/darkhttpd
         - /cozystack/assets

packages/apps/Makefile

@@ -7,7 +7,7 @@ repo:
 	awk '$$3 != "HEAD" {print "mkdir -p $(TMP)/" $$1 "-" $$2}' versions_map | sh -ex
 	awk '$$3 != "HEAD" {print "git archive " $$3 " " $$1 " | tar -xf- --strip-components=1 -C $(TMP)/" $$1 "-" $$2 }' versions_map | sh -ex
 	helm package -d "$(OUT)" $$(find . $(TMP) -mindepth 2 -maxdepth 2 -name Chart.yaml | awk 'sub("/Chart.yaml", "")' | sort -V)
-	cd "$(OUT)" && helm repo index . --url http://cozystack.cozy-system.svc/repos/apps
+	cd "$(OUT)" && helm repo index .
 	rm -rf "$(TMP)"
 
 fix-chartnames:

packages/apps/clickhouse/Chart.yaml

@@ -16,10 +16,10 @@ type: application
 # This is the chart version. This version number should be incremented each time you make changes
 # to the chart and its templates, including the app version.
 # Versions are expected to follow Semantic Versioning (https://semver.org/)
-version: 0.2.0
+version: 0.1.0
 
 # This is the version number of the application being deployed. This version number should be
 # incremented each time you make changes to the application. Versions are not expected to
 # follow Semantic Versioning. They should reflect the version the application is using.
 # It is recommended to use it with quotes.
-appVersion: "24.3.0"
+appVersion: "1.16.0"

packages/apps/clickhouse/templates/clickhouse.yaml

@@ -21,8 +21,8 @@ spec:
     clusters:
       - name: "clickhouse"
         layout:
-          shardsCount: {{ .Values.shards }}
+          shardsCount: 1
-          replicasCount: {{ .Values.replicas }}
+          replicasCount: 2
   {{- with .Values.size }}
   templates:
     volumeClaimTemplates:

packages/apps/clickhouse/values.yaml

@@ -1,6 +1,4 @@
 size: 10Gi
-shards: 1
-replicas: 2
 
 users:
   user1:

packages/apps/http-cache/Chart.yaml

@@ -16,10 +16,10 @@ type: application
 # This is the chart version. This version number should be incremented each time you make changes
 # to the chart and its templates, including the app version.
 # Versions are expected to follow Semantic Versioning (https://semver.org/)
-version: 0.2.0
+version: 0.1.0
 
 # This is the version number of the application being deployed. This version number should be
 # incremented each time you make changes to the application. Versions are not expected to
 # follow Semantic Versioning. They should reflect the version the application is using.
 # It is recommended to use it with quotes.
-appVersion: "1.25.3"
+appVersion: "1.16.0"

packages/apps/http-cache/images/nginx-cache.json

@@ -1,4 +1,4 @@
 {
-  "containerimage.config.digest": "sha256:9eb68d2d503d7e22afc6fde2635f566fd3456bbdb3caad5dc9f887be1dc2b8ab",
+  "containerimage.config.digest": "sha256:e406d5ac59cc06bbab51e16ae9a520143ad4f54952ef8f8cca982dc89454d616",
-  "containerimage.digest": "sha256:1f44274dbc2c3be2a98e6cef83d68a041ae9ef31abb8ab069a525a2a92702bdd"
+  "containerimage.digest": "sha256:08e5063e65d2adc17278abee0ab43ce31cf37bc9bc7eb7988ef16f1f1c459862"
 }

packages/apps/http-cache/templates/haproxy/configmap.yaml

@@ -74,7 +74,7 @@ data:
         option redispatch 1
         default-server observe layer7 error-limit 10 on-error mark-down
 
-        {{- range $i, $e := until (int $.Values.nginx.replicas) }}
+        {{- range $i, $e := until (int $.Values.replicas) }}
         server cache{{ $i }} {{ $.Release.Name }}-nginx-cache-{{ $i }}:80 check
         {{- end }}
         {{- range $i, $e := $.Values.endpoints }} 

packages/apps/http-cache/templates/haproxy/deployment.yaml

@@ -7,7 +7,7 @@ metadata:
     app.kubernetes.io/instance: {{ .Release.Name }}
     app.kubernetes.io/managed-by: {{ .Release.Service }}
 spec:
-  replicas: {{ .Values.haproxy.replicas }}
+  replicas: 2
   selector:
     matchLabels:
       app: {{ .Release.Name }}-haproxy

packages/apps/http-cache/templates/nginx/deployment.yaml

@@ -11,7 +11,7 @@ spec:
   selector:
     matchLabels:
       app: {{ $.Release.Name }}-nginx-cache
-{{- range $i := until (int $.Values.nginx.replicas) }}
+{{- range $i := until 3 }}
 ---
 apiVersion: apps/v1
 kind: Deployment

packages/apps/http-cache/values.yaml

@@ -1,10 +1,4 @@
 external: false
-
-haproxy:
-  replicas: 2
-nginx:
-  replicas: 2
-
 size: 10Gi
 endpoints:
   - 10.100.3.1:80

packages/apps/kafka/Chart.yaml

@@ -22,4 +22,4 @@ version: 0.1.0
 # incremented each time you make changes to the application. Versions are not expected to
 # follow Semantic Versioning. They should reflect the version the application is using.
 # It is recommended to use it with quotes.
-appVersion: "3.7.0"
+appVersion: "1.16.0"

packages/apps/kafka/templates/kafka.yaml

@@ -7,7 +7,7 @@ metadata:
     app.kubernetes.io/managed-by: {{ .Release.Service }}
 spec:
   kafka:
-    replicas: {{ .Values.replicas }}
+    replicas: 3
     listeners:
       - name: plain
         port: 9092
@@ -41,7 +41,7 @@ spec:
         {{- end }}
         deleteClaim: true
   zookeeper:
-    replicas: {{ .Values.replicas }}
+    replicas: 3
     storage:
       type: persistent-claim
       {{- with .Values.zookeeper.size }}

packages/apps/kafka/values.yaml

@@ -1,10 +1,8 @@
 external: false
 kafka:
   size: 10Gi
-  replicas: 3
 zookeeper:
   size: 5Gi
-  replicas: 3
 
 topics:
   - name: Results

packages/apps/kubernetes/Chart.yaml

@@ -16,10 +16,10 @@ type: application
 # This is the chart version. This version number should be incremented each time you make changes
 # to the chart and its templates, including the app version.
 # Versions are expected to follow Semantic Versioning (https://semver.org/)
-version: 0.2.0
+version: 0.1.0
 
 # This is the version number of the application being deployed. This version number should be
 # incremented each time you make changes to the application. Versions are not expected to
 # follow Semantic Versioning. They should reflect the version the application is using.
 # It is recommended to use it with quotes.
-appVersion: "1.19.0"
+appVersion: "1.16.0"

packages/apps/kubernetes/images/ubuntu-container-disk.json

@@ -1,4 +1,4 @@
 {
-  "containerimage.config.digest": "sha256:a7e8e6e35ac07bcf6253c9cfcf21fd3c315bd0653ad0427dd5f0cae95ffd3722",
+  "containerimage.config.digest": "sha256:62baab666445d76498fb14cc1d0865fc82e4bdd5cb1d7ba80475dc5024184622",
-  "containerimage.digest": "sha256:c03bffeeb70fe7dd680d2eca3021d2405fbcd9961dd38437f5673560c31c72cc"
+  "containerimage.digest": "sha256:9363d717f966f4e7927da332eaaf17401b42203a2fcb493b428f94d096dae3a5"
 }

packages/apps/kubernetes/templates/cluster-autoscaler/deployment.yaml

@@ -15,12 +15,6 @@ spec:
       labels:
         app: {{ .Release.Name }}-cluster-autoscaler
     spec:
-      tolerations:
-        - key: CriticalAddonsOnly
-          operator: Exists
-        - key: node-role.kubernetes.io/control-plane
-          operator: Exists
-          effect: "NoSchedule"
       containers:
       - image: ghcr.io/kvaps/test:cluster-autoscaller
         name: cluster-autoscaler

packages/apps/kubernetes/templates/cluster.yaml

@@ -64,13 +64,12 @@ metadata:
     cluster.x-k8s.io/managed-by: kamaji
   name: {{ .Release.Name }}
   namespace: {{ .Release.Namespace }}
-{{- range $groupName, $group := .Values.nodeGroups }}
 ---
 apiVersion: bootstrap.cluster.x-k8s.io/v1beta1
 kind: KubeadmConfigTemplate
 metadata:
-  name: {{ $.Release.Name }}-{{ $groupName }}
+  name: {{ .Release.Name }}-md-0
-  namespace: {{ $.Release.Namespace }}
+  namespace: {{ .Release.Namespace }}
 spec:
   template:
     spec:
@@ -79,7 +78,7 @@ spec:
           kubeletExtraArgs: {}
         discovery:
           bootstrapToken:
-            apiServerEndpoint: {{ $.Release.Name }}.{{ $.Release.Namespace }}.svc:6443
+            apiServerEndpoint: {{ .Release.Name }}.{{ .Release.Namespace }}.svc:6443
       initConfiguration:
         skipPhases:
         - addon/kube-proxy
@@ -87,8 +86,8 @@ spec:
 apiVersion: infrastructure.cluster.x-k8s.io/v1alpha1
 kind: KubevirtMachineTemplate
 metadata:
-  name: {{ $.Release.Name }}-{{ $groupName }}
+  name: {{ .Release.Name }}-md-0
-  namespace: {{ $.Release.Namespace }}
+  namespace: {{ .Release.Namespace }}
 spec:
   template:
     spec:
@@ -96,7 +95,7 @@ spec:
         checkStrategy: ssh
       virtualMachineTemplate:
         metadata:
-          namespace: {{ $.Release.Namespace }}
+          namespace: {{ .Release.Namespace }}
         spec:
           runStrategy: Always
           template:
@@ -104,7 +103,7 @@ spec:
               domain:
                 cpu:
                   threads: 1
-                  cores: {{ $group.resources.cpu }}
+                  cores: 2
                   sockets: 1
                 devices:
                   disks:
@@ -113,7 +112,7 @@ spec:
                     name: containervolume
                   networkInterfaceMultiqueue: true
                 memory:
-                  guest: {{ $group.resources.memory }}
+                  guest: 1024Mi
               evictionStrategy: External
               volumes:
               - containerDisk:
@@ -123,28 +122,29 @@ spec:
 apiVersion: cluster.x-k8s.io/v1beta1
 kind: MachineDeployment
 metadata:
-  name: {{ $.Release.Name }}-{{ $groupName }}
+  name: {{ .Release.Name }}-md-0
-  namespace: {{ $.Release.Namespace }}
+  namespace: {{ .Release.Namespace }}
   annotations:
-    cluster.x-k8s.io/cluster-api-autoscaler-node-group-min-size: "{{ $group.minReplicas }}"
+    cluster.x-k8s.io/cluster-api-autoscaler-node-group-max-size: "2"
-    cluster.x-k8s.io/cluster-api-autoscaler-node-group-max-size: "{{ $group.maxReplicas }}"
+    cluster.x-k8s.io/cluster-api-autoscaler-node-group-min-size: "0"
-    capacity.cluster-autoscaler.kubernetes.io/memory: "{{ $group.resources.memory }}"
+    capacity.cluster-autoscaler.kubernetes.io/memory: "1024Mi"
-    capacity.cluster-autoscaler.kubernetes.io/cpu: "{{ $group.resources.cpu }}"
+    capacity.cluster-autoscaler.kubernetes.io/cpu: "2"
 spec:
-  clusterName: {{ $.Release.Name }}
+  clusterName: {{ .Release.Name }}
+  selector:
+    matchLabels: null
   template:
     spec:
       bootstrap:
         configRef:
           apiVersion: bootstrap.cluster.x-k8s.io/v1beta1
           kind: KubeadmConfigTemplate
-          name: {{ $.Release.Name }}-{{ $groupName }}
+          name: {{ .Release.Name }}-md-0
           namespace: default
-      clusterName: {{ $.Release.Name }}
+      clusterName: {{ .Release.Name }}
       infrastructureRef:
         apiVersion: infrastructure.cluster.x-k8s.io/v1alpha1
         kind: KubevirtMachineTemplate
-        name: {{ $.Release.Name }}-{{ $groupName }}
+        name: {{ .Release.Name }}-md-0
         namespace: default
-      version: v1.29.0
+      version: v1.23.10
-{{- end }}

packages/apps/kubernetes/templates/csi/deploy.yaml

@@ -16,10 +16,12 @@ spec:
     spec:
       serviceAccountName: {{ .Release.Name }}-kcsi
       priorityClassName: system-cluster-critical
+      nodeSelector:
+        node-role.kubernetes.io/control-plane: ""
       tolerations:
         - key: CriticalAddonsOnly
           operator: Exists
-        - key: node-role.kubernetes.io/control-plane
+        - key: node-role.kubernetes.io/master
           operator: Exists
           effect: "NoSchedule"
       containers:

packages/apps/kubernetes/templates/helmreleases/delete.yaml

@@ -12,12 +12,6 @@ spec:
     spec:
       serviceAccountName: {{ .Release.Name }}-flux-teardown
       restartPolicy: Never
-      tolerations:
-        - key: CriticalAddonsOnly
-          operator: Exists
-        - key: node-role.kubernetes.io/control-plane
-          operator: Exists
-          effect: "NoSchedule"
       containers:
         - name: kubectl
           image: docker.io/clastix/kubectl:v1.29.1

packages/apps/kubernetes/templates/kccm/manager.yaml

@@ -14,12 +14,6 @@ spec:
       labels:
         k8s-app: {{ .Release.Name }}-kccm
     spec:
-      tolerations:
-        - key: CriticalAddonsOnly
-          operator: Exists
-        - key: node-role.kubernetes.io/control-plane
-          operator: Exists
-          effect: "NoSchedule"
       containers:
       - name: kubevirt-cloud-controller-manager
         args:
@@ -50,4 +44,6 @@ spec:
       - secret:
           secretName: {{ .Release.Name }}-admin-kubeconfig
         name: kubeconfig
+      tolerations:
+      - operator: Exists
       serviceAccountName: {{ .Release.Name }}-kccm

packages/apps/kubernetes/values.schema.json

@@ -0,0 +1,11 @@
+{
+  "$schema": "http://json-schema.org/schema#",
+  "type": "object",
+  "properties": {
+    "host": {
+      "type": "string",
+      "title": "Domain name for this kubernetes cluster",
+      "description": "This host will be used for all apps deployed in this tenant"
+    }
+  }
+}

packages/apps/kubernetes/values.yaml

@@ -1,10 +1 @@
 host: ""
-controlPlane:
-  replicas: 2
-nodeGroups:
-  md0:
-    minReplicas: 0
-    maxReplicas: 10
-    resources:
-      cpu: 2
-      memory: 1024Mi

packages/apps/mysql/Chart.yaml

@@ -16,10 +16,10 @@ type: application
 # This is the chart version. This version number should be incremented each time you make changes
 # to the chart and its templates, including the app version.
 # Versions are expected to follow Semantic Versioning (https://semver.org/)
-version: 0.3.0
+version: 0.2.0
 
 # This is the version number of the application being deployed. This version number should be
 # incremented each time you make changes to the application. Versions are not expected to
 # follow Semantic Versioning. They should reflect the version the application is using.
 # It is recommended to use it with quotes.
-appVersion: "11.0.2"
+appVersion: "1.16.0"

packages/apps/mysql/templates/mariadb.yaml

@@ -12,7 +12,7 @@ spec:
 
   port: 3306
 
-  replicas: {{ .Values.replicas }}
+  replicas: 2
   affinity:
     podAntiAffinity:
       requiredDuringSchedulingIgnoredDuringExecution:
@@ -28,13 +28,11 @@ spec:
             - {{ .Release.Name }}
         topologyKey: "kubernetes.io/hostname"
 
-  {{- if gt (int .Values.replicas) 1 }}
   replication:
     enabled: true
     #primary:
     #  podIndex: 0
     #  automaticFailover: true
-  {{- end }}
 
   metrics:
     enabled: true

packages/apps/mysql/values.yaml

@@ -1,8 +1,6 @@
 external: false
 size: 10Gi
 
-replicas: 2
-
 users:
   root:
     password: strongpassword

packages/apps/postgres/Chart.yaml

@@ -16,10 +16,10 @@ type: application
 # This is the chart version. This version number should be incremented each time you make changes
 # to the chart and its templates, including the app version.
 # Versions are expected to follow Semantic Versioning (https://semver.org/)
-version: 0.2.0
+version: 0.1.0
 
 # This is the version number of the application being deployed. This version number should be
 # incremented each time you make changes to the application. Versions are not expected to
 # follow Semantic Versioning. They should reflect the version the application is using.
 # It is recommended to use it with quotes.
-appVersion: "16.2"
+appVersion: "1.16.0"

packages/apps/postgres/templates/db.yaml

@@ -4,7 +4,7 @@ kind: Cluster
 metadata:
   name: {{ .Release.Name }}
 spec:
-  instances: {{ .Values.replicas }}
+  instances: 2
   enableSuperuserAccess: true
 
   postgresql:

packages/apps/postgres/values.yaml

@@ -1,6 +1,5 @@
 external: false
 size: 10Gi
-replicas: 2
 
 users:
   user1:

packages/apps/rabbitmq/Chart.yaml

@@ -16,10 +16,10 @@ type: application
 # This is the chart version. This version number should be incremented each time you make changes
 # to the chart and its templates, including the app version.
 # Versions are expected to follow Semantic Versioning (https://semver.org/)
-version: 0.2.0
+version: 0.1.0
 
 # This is the version number of the application being deployed. This version number should be
 # incremented each time you make changes to the application. Versions are not expected to
 # follow Semantic Versioning. They should reflect the version the application is using.
 # It is recommended to use it with quotes.
-appVersion: "3.12.2"
+appVersion: "1.16.0"

packages/apps/rabbitmq/templates/rabbitmq.yaml

@@ -6,7 +6,7 @@ metadata:
     app.kubernetes.io/instance: {{ .Release.Name }}
     app.kubernetes.io/managed-by: {{ .Release.Service }}
 spec:
-  replicas: {{ .Values.replicas }}
+  replicas: 3
   {{- if .Values.external }}
   service:
     type: LoadBalancer

packages/apps/rabbitmq/values.schema.json

@@ -5,10 +5,6 @@
     "external": {
       "type": "boolean",
       "title": "Enable external Access"
-    },
-    "replicas": {
-      "type": "integer",
-      "title": "Replicas"
     }
   }
 }

packages/apps/rabbitmq/values.yaml

@@ -1,2 +1 @@
-replicas: 3
 external: false

packages/apps/redis/Chart.yaml

@@ -16,10 +16,10 @@ type: application
 # This is the chart version. This version number should be incremented each time you make changes
 # to the chart and its templates, including the app version.
 # Versions are expected to follow Semantic Versioning (https://semver.org/)
-version: 0.2.0
+version: 0.1.1
 
 # This is the version number of the application being deployed. This version number should be
 # incremented each time you make changes to the application. Versions are not expected to
 # follow Semantic Versioning. They should reflect the version the application is using.
 # It is recommended to use it with quotes.
-appVersion: "6.2.6"
+appVersion: "1.16.0"

packages/apps/redis/templates/redisfailover.yaml

@@ -14,7 +14,7 @@ spec:
       limits:
         memory: 100Mi
   redis:
-    replicas: {{ .Values.replicas }}
+    replicas: 3
     resources:
       requests:
         cpu: 150m

packages/apps/redis/values.schema.json

@@ -9,10 +9,6 @@
     "size": {
       "type": "string",
       "title": "Disk Size"
-    },
-    "replicas": {
-      "type": "integer",
-      "title": "Replicas"
     }
   }
 }

packages/apps/redis/values.yaml

@@ -1,3 +1,2 @@
-replicas: 2
 external: false
 size: 5Gi

packages/apps/tcp-balancer/Chart.yaml

@@ -16,10 +16,10 @@ type: application
 # This is the chart version. This version number should be incremented each time you make changes
 # to the chart and its templates, including the app version.
 # Versions are expected to follow Semantic Versioning (https://semver.org/)
-version: 0.2.0
+version: 0.1.0
 
 # This is the version number of the application being deployed. This version number should be
 # incremented each time you make changes to the application. Versions are not expected to
 # follow Semantic Versioning. They should reflect the version the application is using.
 # It is recommended to use it with quotes.
-appVersion: "2.9.7"
+appVersion: "1.16.0"

packages/apps/tcp-balancer/templates/deployment.yaml

@@ -7,7 +7,7 @@ metadata:
     app.kubernetes.io/instance: {{ .Release.Name }}
     app.kubernetes.io/managed-by: {{ .Release.Service }}
 spec:
-  replicas: {{ .Values.replicas }}
+  replicas: 2
   selector:
     matchLabels:
       app: {{ .Release.Name }}-haproxy

packages/apps/tcp-balancer/values.yaml

@@ -1,5 +1,4 @@
 external: false
-replicas: 2
 httpAndHttps:
   mode: tcp
   targetPorts:

packages/apps/versions_map

@@ -1,26 +1,17 @@
-clickhouse 0.1.0 ca79f72
+clickhouse 0.1.0 HEAD
-clickhouse 0.2.0 HEAD
+http-cache 0.1.0 HEAD
-http-cache 0.1.0 a956713
-http-cache 0.2.0 HEAD
 kafka 0.1.0 HEAD
-kubernetes 0.1.0 f642698
+kubernetes 0.1.0 HEAD
-kubernetes 0.2.0 HEAD
 mysql 0.1.0 f642698
-mysql 0.2.0 8b975ff0
+mysql 0.2.0 HEAD
-mysql 0.3.0 HEAD
+postgres 0.1.0 HEAD
-postgres 0.1.0 f642698
+rabbitmq 0.1.0 HEAD
-postgres 0.2.0 HEAD
+redis 0.1.1 HEAD
-rabbitmq 0.1.0 f642698
+tcp-balancer 0.1.0 HEAD
-rabbitmq 0.2.0 HEAD
-redis 0.1.1 f642698
-redis 0.2.0 HEAD
-tcp-balancer 0.1.0 f642698
-tcp-balancer 0.2.0 HEAD
 tenant 0.1.3 3d1b86c
 tenant 0.1.4 d200480
 tenant 0.1.5 e3ab858
 tenant 1.0.0 HEAD
 virtual-machine 0.1.4 f2015d6
 virtual-machine 0.1.5 HEAD
-vpn 0.1.0 f642698
+vpn 0.1.0 HEAD
-vpn 0.2.0 HEAD

packages/apps/vpn/Chart.yaml

@@ -1,6 +1,6 @@
 apiVersion: v2
 name: vpn
-description: Managed VPN service
+description: Establish a connection from your computer
 icon: https://upload.wikimedia.org/wikipedia/commons/thumb/6/60/Outline_VPN_icon.png/600px-Outline_VPN_icon.png
 
 # A chart can be either an 'application' or a 'library' chart.
@@ -16,10 +16,10 @@ type: application
 # This is the chart version. This version number should be incremented each time you make changes
 # to the chart and its templates, including the app version.
 # Versions are expected to follow Semantic Versioning (https://semver.org/)
-version: 0.2.0
+version: 0.1.0
 
 # This is the version number of the application being deployed. This version number should be
 # incremented each time you make changes to the application. Versions are not expected to
 # follow Semantic Versioning. They should reflect the version the application is using.
 # It is recommended to use it with quotes.
-appVersion: "1.8.1"
+appVersion: "1.16.0"

packages/apps/vpn/templates/deployment.yaml

@@ -4,7 +4,7 @@ kind: Deployment
 metadata:
   name: {{ .Release.Name }}-vpn
 spec:
-  replicas: {{ .Values.replicas }}
+  replicas: 2
   selector:
     matchLabels:
       app: {{ .Release.Name }}-vpn

packages/apps/vpn/values.yaml

@@ -1,5 +1,4 @@
 external: false
-replicas: 2
 
 users:
   user1:

packages/core/installer/images/cozystack.json

@@ -1,4 +1,4 @@
 {
-  "containerimage.config.digest": "sha256:aefc3ca9f56f69270d7ce6f56a1ce5b531332d5641481eb54c8e74b66b0f3341",
+  "containerimage.config.digest": "sha256:29b11ecbb92bae830f2e55cd4b6f7f3ada09b2f5514c0eeee395bd2dbd12fb81",
-  "containerimage.digest": "sha256:a2bf43cb7eb812166edfeb1a4fae6a76a4ddba93be2c0ba9040a804ccb53c261"
+  "containerimage.digest": "sha256:791df989ff37a76062c7c638dbfc93435df9ee0db48797f2045c80b6d6b937c0"
 }

packages/core/installer/images/cozystack.tag

@@ -1 +1 @@
-ghcr.io/aenix-io/cozystack/cozystack:v0.4.0
+ghcr.io/aenix-io/cozystack/cozystack:v0.3.1

packages/core/installer/images/matchbox.json

@@ -1,4 +1,4 @@
 {
-  "containerimage.config.digest": "sha256:68ea72fcc581352fabfd87fa6fd482968cc85ee520cab7a614f1244d7ae36eb0",
+  "containerimage.config.digest": "sha256:d63ac434876b4e47c130e6b99f0c9657e718f9d97f522f5ccd878eab75844122",
-  "containerimage.digest": "sha256:cea915e08a19eb6892f3facf3b3648368cd4a05abefc49bc2616ba3340c27e82"
+  "containerimage.digest": "sha256:9963580a02ac4ddccafb60f2411365910bcadd73f92d1c9187a278221306a4ed"
 }

packages/core/installer/images/matchbox.tag

@@ -1 +1 @@
-ghcr.io/aenix-io/cozystack/matchbox:v1.7.1
+ghcr.io/aenix-io/cozystack/matchbox:v1.6.4

packages/core/installer/images/talos/profiles/initramfs.yaml

@@ -3,25 +3,24 @@
 arch: amd64
 platform: metal
 secureboot: false
-version: v1.7.1
+version: v1.6.4
 input:
   kernel:
     path: /usr/install/amd64/vmlinuz
   initramfs:
     path: /usr/install/amd64/initramfs.xz
   baseInstaller:
-    imageRef: ghcr.io/siderolabs/installer:v1.7.1
+    imageRef: ghcr.io/siderolabs/installer:v1.6.4
   systemExtensions:
-    - imageRef: ghcr.io/siderolabs/amd-ucode:20240410
+    - imageRef: ghcr.io/siderolabs/amd-ucode:20240115
-    - imageRef: ghcr.io/siderolabs/amdgpu-firmware:20240410
+    - imageRef: ghcr.io/siderolabs/amdgpu-firmware:20240115
-    - imageRef: ghcr.io/siderolabs/bnx2-bnx2x:20240410
+    - imageRef: ghcr.io/siderolabs/bnx2-bnx2x:20240115
-    - imageRef: ghcr.io/siderolabs/i915-ucode:20240410
+    - imageRef: ghcr.io/siderolabs/i915-ucode:20240115
-    - imageRef: ghcr.io/siderolabs/intel-ice-firmware:20240410
+    - imageRef: ghcr.io/siderolabs/intel-ice-firmware:20240115
-    - imageRef: ghcr.io/siderolabs/intel-ucode:20240312
+    - imageRef: ghcr.io/siderolabs/intel-ucode:20231114
-    - imageRef: ghcr.io/siderolabs/qlogic-firmware:20240410
+    - imageRef: ghcr.io/siderolabs/qlogic-firmware:20240115
-    - imageRef: ghcr.io/siderolabs/drbd:9.2.8-v1.7.1
+    - imageRef: ghcr.io/siderolabs/drbd:9.2.6-v1.6.4
-    - imageRef: ghcr.io/siderolabs/zfs:2.2.3-v1.7.1
+    - imageRef: ghcr.io/siderolabs/zfs:2.1.14-v1.6.4
 output:
   kind: initramfs
-  imageOptions: {}
   outFormat: raw

packages/core/installer/images/talos/profiles/installer.yaml

@@ -3,25 +3,24 @@
 arch: amd64
 platform: metal
 secureboot: false
-version: v1.7.1
+version: v1.6.4
 input:
   kernel:
     path: /usr/install/amd64/vmlinuz
   initramfs:
     path: /usr/install/amd64/initramfs.xz
   baseInstaller:
-    imageRef: ghcr.io/siderolabs/installer:v1.7.1
+    imageRef: ghcr.io/siderolabs/installer:v1.6.4
   systemExtensions:
-    - imageRef: ghcr.io/siderolabs/amd-ucode:20240410
+    - imageRef: ghcr.io/siderolabs/amd-ucode:20240115
-    - imageRef: ghcr.io/siderolabs/amdgpu-firmware:20240410
+    - imageRef: ghcr.io/siderolabs/amdgpu-firmware:20240115
-    - imageRef: ghcr.io/siderolabs/bnx2-bnx2x:20240410
+    - imageRef: ghcr.io/siderolabs/bnx2-bnx2x:20240115
-    - imageRef: ghcr.io/siderolabs/i915-ucode:20240410
+    - imageRef: ghcr.io/siderolabs/i915-ucode:20240115
-    - imageRef: ghcr.io/siderolabs/intel-ice-firmware:20240410
+    - imageRef: ghcr.io/siderolabs/intel-ice-firmware:20240115
-    - imageRef: ghcr.io/siderolabs/intel-ucode:20240312
+    - imageRef: ghcr.io/siderolabs/intel-ucode:20231114
-    - imageRef: ghcr.io/siderolabs/qlogic-firmware:20240410
+    - imageRef: ghcr.io/siderolabs/qlogic-firmware:20240115
-    - imageRef: ghcr.io/siderolabs/drbd:9.2.8-v1.7.1
+    - imageRef: ghcr.io/siderolabs/drbd:9.2.6-v1.6.4
-    - imageRef: ghcr.io/siderolabs/zfs:2.2.3-v1.7.1
+    - imageRef: ghcr.io/siderolabs/zfs:2.1.14-v1.6.4
 output:
   kind: installer
-  imageOptions: {}
   outFormat: raw

packages/core/installer/images/talos/profiles/iso.yaml

@@ -3,25 +3,24 @@
 arch: amd64
 platform: metal
 secureboot: false
-version: v1.7.1
+version: v1.6.4
 input:
   kernel:
     path: /usr/install/amd64/vmlinuz
   initramfs:
     path: /usr/install/amd64/initramfs.xz
   baseInstaller:
-    imageRef: ghcr.io/siderolabs/installer:v1.7.1
+    imageRef: ghcr.io/siderolabs/installer:v1.6.4
   systemExtensions:
-    - imageRef: ghcr.io/siderolabs/amd-ucode:20240410
+    - imageRef: ghcr.io/siderolabs/amd-ucode:20240115
-    - imageRef: ghcr.io/siderolabs/amdgpu-firmware:20240410
+    - imageRef: ghcr.io/siderolabs/amdgpu-firmware:20240115
-    - imageRef: ghcr.io/siderolabs/bnx2-bnx2x:20240410
+    - imageRef: ghcr.io/siderolabs/bnx2-bnx2x:20240115
-    - imageRef: ghcr.io/siderolabs/i915-ucode:20240410
+    - imageRef: ghcr.io/siderolabs/i915-ucode:20240115
-    - imageRef: ghcr.io/siderolabs/intel-ice-firmware:20240410
+    - imageRef: ghcr.io/siderolabs/intel-ice-firmware:20240115
-    - imageRef: ghcr.io/siderolabs/intel-ucode:20240312
+    - imageRef: ghcr.io/siderolabs/intel-ucode:20231114
-    - imageRef: ghcr.io/siderolabs/qlogic-firmware:20240410
+    - imageRef: ghcr.io/siderolabs/qlogic-firmware:20240115
-    - imageRef: ghcr.io/siderolabs/drbd:9.2.8-v1.7.1
+    - imageRef: ghcr.io/siderolabs/drbd:9.2.6-v1.6.4
-    - imageRef: ghcr.io/siderolabs/zfs:2.2.3-v1.7.1
+    - imageRef: ghcr.io/siderolabs/zfs:2.1.14-v1.6.4
 output:
   kind: iso
-  imageOptions: {}
   outFormat: raw

packages/core/installer/images/talos/profiles/kernel.yaml

@@ -3,25 +3,24 @@
 arch: amd64
 platform: metal
 secureboot: false
-version: v1.7.1
+version: v1.6.4
 input:
   kernel:
     path: /usr/install/amd64/vmlinuz
   initramfs:
     path: /usr/install/amd64/initramfs.xz
   baseInstaller:
-    imageRef: ghcr.io/siderolabs/installer:v1.7.1
+    imageRef: ghcr.io/siderolabs/installer:v1.6.4
   systemExtensions:
-    - imageRef: ghcr.io/siderolabs/amd-ucode:20240410
+    - imageRef: ghcr.io/siderolabs/amd-ucode:20240115
-    - imageRef: ghcr.io/siderolabs/amdgpu-firmware:20240410
+    - imageRef: ghcr.io/siderolabs/amdgpu-firmware:20240115
-    - imageRef: ghcr.io/siderolabs/bnx2-bnx2x:20240410
+    - imageRef: ghcr.io/siderolabs/bnx2-bnx2x:20240115
-    - imageRef: ghcr.io/siderolabs/i915-ucode:20240410
+    - imageRef: ghcr.io/siderolabs/i915-ucode:20240115
-    - imageRef: ghcr.io/siderolabs/intel-ice-firmware:20240410
+    - imageRef: ghcr.io/siderolabs/intel-ice-firmware:20240115
-    - imageRef: ghcr.io/siderolabs/intel-ucode:20240312
+    - imageRef: ghcr.io/siderolabs/intel-ucode:20231114
-    - imageRef: ghcr.io/siderolabs/qlogic-firmware:20240410
+    - imageRef: ghcr.io/siderolabs/qlogic-firmware:20240115
-    - imageRef: ghcr.io/siderolabs/drbd:9.2.8-v1.7.1
+    - imageRef: ghcr.io/siderolabs/drbd:9.2.6-v1.6.4
-    - imageRef: ghcr.io/siderolabs/zfs:2.2.3-v1.7.1
+    - imageRef: ghcr.io/siderolabs/zfs:2.1.14-v1.6.4
 output:
   kind: kernel
-  imageOptions: {}
   outFormat: raw

packages/core/installer/images/talos/profiles/nocloud.yaml

@@ -3,25 +3,25 @@
 arch: amd64
 platform: metal
 secureboot: false
-version: v1.7.1
+version: v1.6.4
 input:
   kernel:
     path: /usr/install/amd64/vmlinuz
   initramfs:
     path: /usr/install/amd64/initramfs.xz
   baseInstaller:
-    imageRef: ghcr.io/siderolabs/installer:v1.7.1
+    imageRef: ghcr.io/siderolabs/installer:v1.6.4
   systemExtensions:
-    - imageRef: ghcr.io/siderolabs/amd-ucode:20240410
+    - imageRef: ghcr.io/siderolabs/amd-ucode:20240115
-    - imageRef: ghcr.io/siderolabs/amdgpu-firmware:20240410
+    - imageRef: ghcr.io/siderolabs/amdgpu-firmware:20240115
-    - imageRef: ghcr.io/siderolabs/bnx2-bnx2x:20240410
+    - imageRef: ghcr.io/siderolabs/bnx2-bnx2x:20240115
-    - imageRef: ghcr.io/siderolabs/i915-ucode:20240410
+    - imageRef: ghcr.io/siderolabs/i915-ucode:20240115
-    - imageRef: ghcr.io/siderolabs/intel-ice-firmware:20240410
+    - imageRef: ghcr.io/siderolabs/intel-ice-firmware:20240115
-    - imageRef: ghcr.io/siderolabs/intel-ucode:20240312
+    - imageRef: ghcr.io/siderolabs/intel-ucode:20231114
-    - imageRef: ghcr.io/siderolabs/qlogic-firmware:20240410
+    - imageRef: ghcr.io/siderolabs/qlogic-firmware:20240115
-    - imageRef: ghcr.io/siderolabs/drbd:9.2.8-v1.7.1
+    - imageRef: ghcr.io/siderolabs/drbd:9.2.6-v1.6.4
-    - imageRef: ghcr.io/siderolabs/zfs:2.2.3-v1.7.1
+    - imageRef: ghcr.io/siderolabs/zfs:2.1.14-v1.6.4
 output:
-  kind: nocloud
+  kind: image
   imageOptions: { diskSize: 1306525696, diskFormat: raw }
   outFormat: .xz

packages/core/platform/bundles/distro-full.yaml

@@ -52,12 +52,6 @@ releases:
   privileged: true
   dependsOn: [cilium]
 
-- name: etcd-operator
-  releaseName: etcd-operator
-  chart: cozy-etcd-operator
-  namespace: cozy-etcd-operator
-  dependsOn: [cilium,cert-manager]
-
 - name: grafana-operator
   releaseName: grafana-operator
   chart: cozy-grafana-operator

packages/core/platform/bundles/distro-hosted.yaml

@@ -26,12 +26,6 @@ releases:
   privileged: true
   dependsOn: [victoria-metrics-operator]
 
-- name: etcd-operator
-  releaseName: etcd-operator
-  chart: cozy-etcd-operator
-  namespace: cozy-etcd-operator
-  dependsOn: [cert-manager]
-
 - name: grafana-operator
   releaseName: grafana-operator
   chart: cozy-grafana-operator

packages/core/platform/bundles/paas-full.yaml

@@ -81,12 +81,6 @@ releases:
   privileged: true
   dependsOn: [cilium,kubeovn]
 
-- name: etcd-operator
-  releaseName: etcd-operator
-  chart: cozy-etcd-operator
-  namespace: cozy-etcd-operator
-  dependsOn: [cilium,kubeovn,cert-manager]
-
 - name: grafana-operator
   releaseName: grafana-operator
   chart: cozy-grafana-operator

packages/core/platform/bundles/paas-hosted.yaml

@@ -26,12 +26,6 @@ releases:
   privileged: true
   dependsOn: [victoria-metrics-operator]
 
-- name: etcd-operator
-  releaseName: etcd-operator
-  chart: cozy-etcd-operator
-  namespace: cozy-etcd-operator
-  dependsOn: [cert-manager]
-
 - name: grafana-operator
   releaseName: grafana-operator
   chart: cozy-grafana-operator

packages/core/platform/templates/helmreleases.yaml

@@ -23,11 +23,9 @@ spec:
   interval: 1m
   releaseName: {{ $x.releaseName | default $x.name }}
   install:
-    crds: CreateReplace
     remediation:
       retries: -1
   upgrade:
-    crds: CreateReplace
     remediation:
       retries: -1
   chart:

packages/extra/Makefile

@@ -7,7 +7,7 @@ repo:
 	awk '$$3 != "HEAD" {print "mkdir -p $(TMP)/" $$1 "-" $$2}' versions_map | sh -ex
 	awk '$$3 != "HEAD" {print "git archive " $$3 " " $$1 " | tar -xf- --strip-components=1 -C $(TMP)/" $$1 "-" $$2 }' versions_map | sh -ex
 	helm package -d "$(OUT)" $$(find . $(TMP) -mindepth 2 -maxdepth 2 -name Chart.yaml | awk 'sub("/Chart.yaml", "")' | sort -V)
-	cd "$(OUT)" && helm repo index . --url http://cozystack.cozy-system.svc/repos/extra
+	cd "$(OUT)" && helm repo index .
 	rm -rf "$(TMP)"
 
 fix-chartnames:

packages/extra/etcd/Chart.yaml

@@ -3,4 +3,4 @@ name: etcd
 description: Storage for Kubernetes clusters
 icon: https://www.svgrepo.com/show/353714/etcd.svg
 type: application
-version: 2.0.0
+version: 1.0.0

packages/extra/etcd/templates/datastore.yaml

@@ -1,50 +0,0 @@
----
-apiVersion: kamaji.clastix.io/v1alpha1
-kind: DataStore
-metadata:
-  name: {{ .Release.Namespace }}
-spec:
-  driver: etcd
-  endpoints:
-  - etcd-0.etcd-headless.{{ .Release.Namespace }}.svc:2379
-  - etcd-1.etcd-headless.{{ .Release.Namespace }}.svc:2379
-  - etcd-2.etcd-headless.{{ .Release.Namespace }}.svc:2379
-  tlsConfig:
-    certificateAuthority:
-      certificate:
-        secretReference:
-          keyPath: tls.crt
-          name: etcd-ca-tls
-          namespace: {{ .Release.Namespace }}
-      privateKey:
-        secretReference:
-          keyPath: tls.key
-          name: etcd-ca-tls
-          namespace: {{ .Release.Namespace }}
-    clientCertificate:
-      certificate:
-        secretReference:
-          keyPath: tls.crt
-          name: etcd-client-tls
-          namespace: {{ .Release.Namespace }}
-      privateKey:
-        secretReference:
-          keyPath: tls.key
-          name: etcd-client-tls
-          namespace: {{ .Release.Namespace }}
----
-apiVersion: v1
-kind: Secret
-metadata:
-  name: etcd-ca-tls
-  annotations:
-    helm.sh/hook: pre-install
-    helm.sh/resource-policy: keep
----
-apiVersion: v1
-kind: Secret
-metadata:
-  name: etcd-client-tls
-  annotations:
-    helm.sh/hook: pre-install
-    helm.sh/resource-policy: keep

packages/extra/etcd/templates/etcd-cluster.yaml

@@ -1,176 +0,0 @@
----
-apiVersion: etcd.aenix.io/v1alpha1
-kind: EtcdCluster
-metadata:
-  name: etcd
-spec:
-  storage: {}
-  security:
-    tls:
-      peerTrustedCASecret: etcd-peer-ca-tls
-      peerSecret: etcd-peer-tls
-      serverSecret: etcd-server-tls
-      clientTrustedCASecret: etcd-ca-tls
-      clientSecret: etcd-client-tls
-  podTemplate:
-    spec:
-      topologySpreadConstraints:
-      - maxSkew: 1
-        topologyKey: "kubernetes.io/hostname"
-        whenUnsatisfiable: ScheduleAnyway
-        labelSelector:
-          matchLabels:
-            app.kubernetes.io/instance: etcd
----
-apiVersion: cert-manager.io/v1
-kind: Issuer
-metadata:
-  name: etcd-selfsigning-issuer
-spec:
-  selfSigned: {}
----
-apiVersion: cert-manager.io/v1
-kind: Certificate
-metadata:
-  name: etcd-peer-ca
-spec:
-  isCA: true
-  usages:
-  - "signing"
-  - "key encipherment"
-  - "cert sign"
-  commonName: etcd-peer-ca
-  subject:
-    organizations:
-      - ACME Inc.
-    organizationalUnits:
-      - Widgets
-  secretName: etcd-peer-ca-tls
-  privateKey:
-    algorithm: RSA
-    size: 4096
-  issuerRef:
-    name: etcd-selfsigning-issuer
-    kind: Issuer
-    group: cert-manager.io
----
-apiVersion: cert-manager.io/v1
-kind: Certificate
-metadata:
-  name: etcd-ca
-spec:
-  isCA: true
-  usages:
-  - "signing"
-  - "key encipherment"
-  - "cert sign"
-  commonName: etcd-ca
-  subject:
-    organizations:
-      - ACME Inc.
-    organizationalUnits:
-      - Widgets
-  secretName: etcd-ca-tls
-  privateKey:
-    algorithm: RSA
-    size: 4096
-  issuerRef:
-    name: etcd-selfsigning-issuer
-    kind: Issuer
-    group: cert-manager.io
----
-apiVersion: cert-manager.io/v1
-kind: Issuer
-metadata:
-  name: etcd-peer-issuer
-spec:
-  ca:
-    secretName: etcd-peer-ca-tls
----
-apiVersion: cert-manager.io/v1
-kind: Issuer
-metadata:
-  name: etcd-issuer
-spec:
-  ca:
-    secretName: etcd-ca-tls
----
-apiVersion: cert-manager.io/v1
-kind: Certificate
-metadata:
-  name: etcd-server
-spec:
-  secretName: etcd-server-tls
-  isCA: false
-  usages:
-    - "server auth"
-    - "signing"
-    - "key encipherment"
-  dnsNames:
-  - etcd-0
-  - etcd-0.etcd-headless
-  - etcd-0.etcd-headless.{{ .Release.Namespace }}.svc
-  - etcd-1
-  - etcd-1.etcd-headless
-  - etcd-1.etcd-headless.{{ .Release.Namespace }}.svc
-  - etcd-2
-  - etcd-2.etcd-headless
-  - etcd-2.etcd-headless.{{ .Release.Namespace }}.svc
-  - localhost
-  - "127.0.0.1"
-  privateKey:
-    rotationPolicy: Always
-    algorithm: RSA
-    size: 4096
-  issuerRef:
-    name: etcd-issuer
----
-apiVersion: cert-manager.io/v1
-kind: Certificate
-metadata:
-  name: etcd-peer
-spec:
-  secretName: etcd-peer-tls
-  isCA: false
-  usages:
-    - "server auth"
-    - "client auth"
-    - "signing"
-    - "key encipherment"
-  dnsNames:
-  - etcd-0
-  - etcd-0.etcd-headless
-  - etcd-0.etcd-headless.{{ .Release.Namespace }}.svc
-  - etcd-1
-  - etcd-1.etcd-headless
-  - etcd-1.etcd-headless.{{ .Release.Namespace }}.svc
-  - etcd-2
-  - etcd-2.etcd-headless
-  - etcd-2.etcd-headless.{{ .Release.Namespace }}.svc
-  - localhost
-  - "127.0.0.1"
-  privateKey:
-    rotationPolicy: Always
-    algorithm: RSA
-    size: 4096
-  issuerRef:
-    name: etcd-peer-issuer
----
-apiVersion: cert-manager.io/v1
-kind: Certificate
-metadata:
-  name: etcd-client
-spec:
-  commonName: root
-  secretName: etcd-client-tls
-  usages:
-  - "signing"
-  - "key encipherment"
-  - "client auth"
-  privateKey:
-    rotationPolicy: Always
-    algorithm: RSA
-    size: 4096
-  issuerRef:
-    name: etcd-issuer
-    kind: Issuer

packages/extra/etcd/templates/kamaji-etcd.yaml

@@ -0,0 +1,19 @@
+apiVersion: helm.toolkit.fluxcd.io/v2beta1
+kind: HelmRelease
+metadata:
+  name: kamaji-etcd
+spec:
+  chart:
+    spec:
+      chart: cozy-kamaji-etcd
+      reconcileStrategy: Revision
+      sourceRef:
+        kind: HelmRepository
+        name: cozystack-system
+        namespace: cozy-system
+      version: '*'
+  interval: 1m0s
+  timeout: 5m0s
+  values:
+    kamaji-etcd:
+      fullnameOverride: etcd

packages/extra/versions_map

@@ -1,4 +1,3 @@
-etcd 1.0.0 f7eaab0
+etcd 1.0.0 HEAD
-etcd 2.0.0 HEAD
 ingress 1.0.0 HEAD
 monitoring 1.0.0 HEAD

packages/system/capi-providers/templates/providers.yaml

@@ -13,7 +13,7 @@ spec:
   deployment:
     containers:
     - name: manager
-      imageUrl: ghcr.io/kvaps/test:cluster-api-control-plane-provider-kamaji-v0.7.1-fix
+      imageUrl: ghcr.io/kvaps/test:cluster-api-control-plane-provider-kamaji-v0.6.0-fix7
 ---
 apiVersion: operator.cluster.x-k8s.io/v1alpha2
 kind: BootstrapProvider

packages/system/dashboard/images/dashboard.json

@@ -1,4 +1,4 @@
 {
-  "containerimage.config.digest": "sha256:78b413d1c9a4ecf3bec9383444b3e85c01d8b33bf903c6443bfa5bdfd8b5bc04",
+  "containerimage.config.digest": "sha256:ac9429d9bf66dd913a37fa9c22a6a2ccdc5d6bef50986bfef7868b5643ecaab2",
-  "containerimage.digest": "sha256:ddfaadb33e33123f553a36a3ee5857a1bf53f312043f91d76ad24316591fd26e"
+  "containerimage.digest": "sha256:b551704d07e93f9837d36bb610ae5d10508325c31e9bd98a019452eed12ed96f"
 }

packages/system/dashboard/images/dashboard.tag

@@ -1 +1 @@
-ghcr.io/aenix-io/cozystack/dashboard:v0.4.0
+ghcr.io/aenix-io/cozystack/dashboard:latest

packages/system/dashboard/images/dashboard/Dockerfile

@@ -35,12 +35,12 @@ RUN sed -i \
     -e 's/#cbd4d8/#b7bbc1/g' \
     -e 's/#aeb8bc/#989da3/g' \
     -e 's/#859399/#7b7f85/g' \
-    -e 's/#6a7a81/#5b686e/g' \
+    -e 's/#6a7a81/#63666b/g' \
     -e 's/#4f6169/#4f5256/g' \
     -e 's/#3a4d55/#3a3d41/g' \
     -e 's/#2d4048/#202124/g' \
-    -e 's/#21333b/#383d44/g' \
+    -e 's/#21333b/#1a1c1f/g' \
-    -e 's/#1b2b32/#2a2d2f/g' \
+    -e 's/#1b2b32/#141619/g' \
     $(grep -rl "#2d4048\|#25333d\|#fcfdfd\|#f1f6f8\|#e3eaed\|#cbd4d8\|#aeb8bc\|#859399\|#6a7a81\|#4f6169\|#3a4d55\|#2d4048\|#21333b\|#1b2b32")
 
 FROM bitnami/nginx:1.25.2

packages/system/dashboard/images/kubeapps-apis.json

@@ -1,4 +1,4 @@
 {
-  "containerimage.config.digest": "sha256:273a8e7055816068b2975d8ac10f0f7d114cafef74057680ffc60414d4d8cf4c",
+  "containerimage.config.digest": "sha256:ab059b6397905b2a2084def06582e61b49c4a8a3374747e87b08c82621357420",
-  "containerimage.digest": "sha256:5e111f09ee9c34281e2ef02cb0d41700943f8c036014110765bb002831148547"
+  "containerimage.digest": "sha256:9c1093da42482f116b27407edcdf8b24122885e295cbb632e565213c66fc07c0"
 }

packages/system/dashboard/images/kubeapps-apis.tag

@@ -1 +1 @@
-ghcr.io/aenix-io/cozystack/kubeapps-apis:v0.4.0
+ghcr.io/aenix-io/cozystack/kubeapps-apis:latest

packages/system/etcd-operator/.helmignore

@@ -1,3 +0,0 @@
-images
-hack
-.gitkeep

packages/system/etcd-operator/Chart.yaml

@@ -1,2 +0,0 @@
-name: cozy-etcd-operator
-version: 0.4.0

packages/system/etcd-operator/Makefile

@@ -1,8 +0,0 @@
-NAME=etcd-operator
-NAMESPACE=cozy-${NAME}
-
-include ../../../scripts/package-system.mk
-
-update:
-	rm -rf charts
-	helm pull oci://ghcr.io/aenix-io/charts/etcd-operator --untar --untardir charts

packages/system/etcd-operator/charts/etcd-operator/.helmignore

@@ -1,23 +0,0 @@
-# Patterns to ignore when building packages.
-# This supports shell glob matching, relative path matching, and
-# negation (prefixed with !). Only one pattern per line.
-.DS_Store
-# Common VCS dirs
-.git/
-.gitignore
-.bzr/
-.bzrignore
-.hg/
-.hgignore
-.svn/
-# Common backup files
-*.swp
-*.bak
-*.tmp
-*.orig
-*~
-# Various IDEs
-.project
-.idea/
-*.tmproj
-.vscode/

packages/system/etcd-operator/charts/etcd-operator/Chart.yaml

@@ -1,5 +0,0 @@
-apiVersion: v2
-appVersion: v0.2.0
-name: etcd-operator
-type: application
-version: 0.2.0

packages/system/etcd-operator/charts/etcd-operator/README.md

@@ -1,63 +0,0 @@
-# etcd-operator
-
-![Version: 0.0.0](https://img.shields.io/badge/Version-0.0.0-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: v0.0.0](https://img.shields.io/badge/AppVersion-v0.0.0-informational?style=flat-square)
-
-## Values
-
-| Key | Type | Default | Description |
-|-----|------|---------|-------------|
-| affinity | object | `{}` |  |
-| etcdOperator.args[0] | string | `"--health-probe-bind-address=:8081"` |  |
-| etcdOperator.args[1] | string | `"--metrics-bind-address=127.0.0.1:8080"` |  |
-| etcdOperator.args[2] | string | `"--leader-elect"` |  |
-| etcdOperator.envVars | object | `{}` |  |
-| etcdOperator.image.pullPolicy | string | `"IfNotPresent"` |  |
-| etcdOperator.image.repository | string | `"ghcr.io/aenix-io/etcd-operator"` |  |
-| etcdOperator.image.tag | string | `""` |  |
-| etcdOperator.livenessProbe.httpGet.path | string | `"/healthz"` |  |
-| etcdOperator.livenessProbe.httpGet.port | int | `8081` |  |
-| etcdOperator.livenessProbe.initialDelaySeconds | int | `15` |  |
-| etcdOperator.livenessProbe.periodSeconds | int | `20` |  |
-| etcdOperator.readinessProbe.httpGet.path | string | `"/readyz"` |  |
-| etcdOperator.readinessProbe.httpGet.port | int | `8081` |  |
-| etcdOperator.readinessProbe.initialDelaySeconds | int | `5` |  |
-| etcdOperator.readinessProbe.periodSeconds | int | `10` |  |
-| etcdOperator.resources.limits.cpu | string | `"500m"` |  |
-| etcdOperator.resources.limits.memory | string | `"128Mi"` |  |
-| etcdOperator.resources.requests.cpu | string | `"100m"` |  |
-| etcdOperator.resources.requests.memory | string | `"64Mi"` |  |
-| etcdOperator.securityContext.allowPrivilegeEscalation | bool | `false` |  |
-| etcdOperator.securityContext.capabilities.drop[0] | string | `"ALL"` |  |
-| etcdOperator.service.port | int | `9443` |  |
-| etcdOperator.service.type | string | `"ClusterIP"` |  |
-| fullnameOverride | string | `""` |  |
-| imagePullSecrets | list | `[]` |  |
-| kubeRbacProxy.args[0] | string | `"--secure-listen-address=0.0.0.0:8443"` |  |
-| kubeRbacProxy.args[1] | string | `"--upstream=http://127.0.0.1:8080/"` |  |
-| kubeRbacProxy.args[2] | string | `"--logtostderr=true"` |  |
-| kubeRbacProxy.args[3] | string | `"--v=0"` |  |
-| kubeRbacProxy.image.pullPolicy | string | `"IfNotPresent"` |  |
-| kubeRbacProxy.image.repository | string | `"gcr.io/kubebuilder/kube-rbac-proxy"` |  |
-| kubeRbacProxy.image.tag | string | `"v0.16.0"` |  |
-| kubeRbacProxy.livenessProbe | object | `{}` |  |
-| kubeRbacProxy.readinessProbe | object | `{}` |  |
-| kubeRbacProxy.resources.limits.cpu | string | `"500m"` |  |
-| kubeRbacProxy.resources.limits.memory | string | `"128Mi"` |  |
-| kubeRbacProxy.resources.requests.cpu | string | `"100m"` |  |
-| kubeRbacProxy.resources.requests.memory | string | `"64Mi"` |  |
-| kubeRbacProxy.securityContext.allowPrivilegeEscalation | bool | `false` |  |
-| kubeRbacProxy.securityContext.capabilities.drop[0] | string | `"ALL"` |  |
-| kubeRbacProxy.service.port | int | `8443` |  |
-| kubeRbacProxy.service.type | string | `"ClusterIP"` |  |
-| kubernetesClusterDomain | string | `"cluster.local"` |  |
-| nameOverride | string | `""` |  |
-| nodeSelector | object | `{}` |  |
-| podAnnotations | object | `{}` |  |
-| podLabels | object | `{}` |  |
-| podSecurityContext | object | `{}` |  |
-| replicaCount | int | `1` |  |
-| securityContext.runAsNonRoot | bool | `true` |  |
-| serviceAccount.annotations | object | `{}` |  |
-| serviceAccount.create | bool | `true` |  |
-| tolerations | list | `[]` |  |
-

packages/system/etcd-operator/charts/etcd-operator/templates/_helpers.tpl

@@ -1,51 +0,0 @@
-{{/*
-Expand the name of the chart.
-*/}}
-{{- define "etcd-operator.name" -}}
-{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }}
-{{- end }}
-
-{{/*
-Create a default fully qualified app name.
-We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
-If release name contains chart name it will be used as a full name.
-*/}}
-{{- define "etcd-operator.fullname" -}}
-{{- if .Values.fullnameOverride }}
-{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }}
-{{- else }}
-{{- $name := default .Chart.Name .Values.nameOverride }}
-{{- if contains $name .Release.Name }}
-{{- .Release.Name | trunc 63 | trimSuffix "-" }}
-{{- else }}
-{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }}
-{{- end }}
-{{- end }}
-{{- end }}
-
-{{/*
-Create chart name and version as used by the chart label.
-*/}}
-{{- define "etcd-operator.chart" -}}
-{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }}
-{{- end }}
-
-{{/*
-Common labels
-*/}}
-{{- define "etcd-operator.labels" -}}
-helm.sh/chart: {{ include "etcd-operator.chart" . }}
-{{ include "etcd-operator.selectorLabels" . }}
-{{- if .Chart.AppVersion }}
-app.kubernetes.io/version: {{ .Chart.AppVersion | quote }}
-{{- end }}
-app.kubernetes.io/managed-by: {{ .Release.Service }}
-{{- end }}
-
-{{/*
-Selector labels
-*/}}
-{{- define "etcd-operator.selectorLabels" -}}
-app.kubernetes.io/name: {{ include "etcd-operator.name" . }}
-app.kubernetes.io/instance: {{ .Release.Name }}
-{{- end }}

packages/system/etcd-operator/charts/etcd-operator/templates/cert-manager/certificate.yml

@@ -1,14 +0,0 @@
-apiVersion: cert-manager.io/v1
-kind: Certificate
-metadata:
-  labels:
-    {{- include "etcd-operator.labels" . | nindent 4 }}
-  name: {{ include "etcd-operator.fullname" . }}-serving-cert
-spec:
-  dnsNames:
-    - {{ include "etcd-operator.fullname" . }}-webhook-service.{{ .Release.Namespace }}.svc
-    - {{ include "etcd-operator.fullname" . }}-webhook-service.{{ .Release.Namespace }}.svc.{{ .Values.kubernetesClusterDomain }}
-  issuerRef:
-    kind: Issuer
-    name: {{ include "etcd-operator.fullname" . }}-selfsigned-issuer
-  secretName: webhook-server-cert

packages/system/etcd-operator/charts/etcd-operator/templates/cert-manager/issuer.yml

@@ -1,8 +0,0 @@
-apiVersion: cert-manager.io/v1
-kind: Issuer
-metadata:
-  labels:
-    {{- include "etcd-operator.labels" . | nindent 4 }}
-  name: {{ include "etcd-operator.fullname" . }}-selfsigned-issuer
-spec:
-  selfSigned: {}

packages/system/etcd-operator/charts/etcd-operator/templates/cert-manager/mutatingwebhookconfiguration.yml

@@ -1,29 +0,0 @@
-apiVersion: admissionregistration.k8s.io/v1
-kind: MutatingWebhookConfiguration
-metadata:
-  annotations:
-    cert-manager.io/inject-ca-from: {{ .Release.Namespace }}/{{ include "etcd-operator.fullname" . }}-serving-cert
-  labels:
-    {{- include "etcd-operator.labels" . | nindent 4 }}
-  name: {{ include "etcd-operator.fullname" . }}-mutating-webhook-configuration
-webhooks:
-  - admissionReviewVersions:
-      - v1
-    clientConfig:
-      service:
-        name: {{ include "etcd-operator.fullname" . }}-webhook-service
-        namespace: {{ .Release.Namespace }}
-        path: /mutate-etcd-aenix-io-v1alpha1-etcdcluster
-    failurePolicy: Fail
-    name: metcdcluster.kb.io
-    rules:
-      - apiGroups:
-          - etcd.aenix.io
-        apiVersions:
-          - v1alpha1
-        operations:
-          - CREATE
-          - UPDATE
-        resources:
-          - etcdclusters
-    sideEffects: None

packages/system/etcd-operator/charts/etcd-operator/templates/cert-manager/validatingwebhookconfiguration.yml

@@ -1,29 +0,0 @@
-apiVersion: admissionregistration.k8s.io/v1
-kind: ValidatingWebhookConfiguration
-metadata:
-  annotations:
-    cert-manager.io/inject-ca-from: {{ .Release.Namespace }}/{{ include "etcd-operator.fullname" . }}-serving-cert
-  labels:
-    {{- include "etcd-operator.labels" . | nindent 4 }}
-  name: {{ include "etcd-operator.fullname" . }}-validating-webhook-configuration
-webhooks:
-  - admissionReviewVersions:
-      - v1
-    clientConfig:
-      service:
-        name: {{ include "etcd-operator.fullname" . }}-webhook-service
-        namespace: {{ .Release.Namespace }}
-        path: /validate-etcd-aenix-io-v1alpha1-etcdcluster
-    failurePolicy: Fail
-    name: vetcdcluster.kb.io
-    rules:
-      - apiGroups:
-          - etcd.aenix.io
-        apiVersions:
-          - v1alpha1
-        operations:
-          - CREATE
-          - UPDATE
-        resources:
-          - etcdclusters
-    sideEffects: None

packages/system/etcd-operator/charts/etcd-operator/templates/rbac/clusterrole-manager-role.yml

@@ -1,81 +0,0 @@
-apiVersion: rbac.authorization.k8s.io/v1
-kind: ClusterRole
-metadata:
-  labels:
-    {{- include "etcd-operator.labels" . | nindent 4 }}
-  name: {{ include "etcd-operator.fullname" . }}-manager-role
-rules:
-  - apiGroups:
-      - ""
-    resources:
-      - configmaps
-    verbs:
-      - create
-      - delete
-      - get
-      - list
-      - patch
-      - update
-      - watch
-  - apiGroups:
-      - ""
-    resources:
-      - services
-    verbs:
-      - create
-      - delete
-      - get
-      - list
-      - patch
-      - update
-      - watch
-  - apiGroups:
-      - apps
-    resources:
-      - statefulsets
-    verbs:
-      - create
-      - delete
-      - get
-      - list
-      - patch
-      - update
-      - watch
-  - apiGroups:
-      - etcd.aenix.io
-    resources:
-      - etcdclusters
-    verbs:
-      - create
-      - delete
-      - get
-      - list
-      - patch
-      - update
-      - watch
-  - apiGroups:
-      - etcd.aenix.io
-    resources:
-      - etcdclusters/finalizers
-    verbs:
-      - update
-  - apiGroups:
-      - etcd.aenix.io
-    resources:
-      - etcdclusters/status
-    verbs:
-      - get
-      - patch
-      - update
-  - apiGroups:
-    - policy
-    resources:
-    - poddisruptionbudgets
-    verbs:
-    - create
-    - delete
-    - get
-    - list
-    - patch
-    - update
-    - watch

packages/system/etcd-operator/charts/etcd-operator/templates/rbac/clusterrole-metrics-reader.yml

@@ -1,11 +0,0 @@
-apiVersion: rbac.authorization.k8s.io/v1
-kind: ClusterRole
-metadata:
-  labels:
-    {{- include "etcd-operator.labels" . | nindent 4 }}
-  name: {{ include "etcd-operator.fullname" . }}-metrics-reader
-rules:
-  - nonResourceURLs:
-      - /metrics
-    verbs:
-      - get

packages/system/etcd-operator/charts/etcd-operator/templates/rbac/clusterrole-proxy-role.yml

@@ -1,19 +0,0 @@
-apiVersion: rbac.authorization.k8s.io/v1
-kind: ClusterRole
-metadata:
-  labels:
-    {{- include "etcd-operator.labels" . | nindent 4 }}
-  name: {{ include "etcd-operator.fullname" . }}-proxy-role
-rules:
-  - apiGroups:
-      - authentication.k8s.io
-    resources:
-      - tokenreviews
-    verbs:
-      - create
-  - apiGroups:
-      - authorization.k8s.io
-    resources:
-      - subjectaccessreviews
-    verbs:
-      - create

packages/system/etcd-operator/charts/etcd-operator/templates/rbac/clusterrolebinding-manager-rolebinding.yml

@@ -1,14 +0,0 @@
-apiVersion: rbac.authorization.k8s.io/v1
-kind: ClusterRoleBinding
-metadata:
-  labels:
-    {{- include "etcd-operator.labels" . | nindent 4 }}
-  name: {{ include "etcd-operator.fullname" . }}-manager-rolebinding
-roleRef:
-  apiGroup: rbac.authorization.k8s.io
-  kind: ClusterRole
-  name: {{ include "etcd-operator.fullname" . }}-manager-role
-subjects:
-  - kind: ServiceAccount
-    name: {{ include "etcd-operator.fullname" . }}-controller-manager
-    namespace: {{ .Release.Namespace }}

packages/system/etcd-operator/charts/etcd-operator/templates/rbac/clusterrolebinding-proxy-rolebinding.yml

@@ -1,14 +0,0 @@
-apiVersion: rbac.authorization.k8s.io/v1
-kind: ClusterRoleBinding
-metadata:
-  labels:
-    {{- include "etcd-operator.labels" . | nindent 4 }}
-  name: {{ include "etcd-operator.fullname" . }}-proxy-rolebinding
-roleRef:
-  apiGroup: rbac.authorization.k8s.io
-  kind: ClusterRole
-  name: {{ include "etcd-operator.fullname" . }}-proxy-role
-subjects:
-  - kind: ServiceAccount
-    name: {{ include "etcd-operator.fullname" . }}-controller-manager
-    namespace: {{ .Release.Namespace }}

packages/system/etcd-operator/charts/etcd-operator/templates/rbac/role-leader-election-role.yml

@@ -1,38 +0,0 @@
-apiVersion: rbac.authorization.k8s.io/v1
-kind: Role
-metadata:
-  labels:
-    {{- include "etcd-operator.labels" . | nindent 4 }}
-  name: {{ include "etcd-operator.fullname" . }}-leader-election-role
-rules:
-  - apiGroups:
-      - ""
-    resources:
-      - configmaps
-    verbs:
-      - get
-      - list
-      - watch
-      - create
-      - update
-      - patch
-      - delete
-  - apiGroups:
-      - coordination.k8s.io
-    resources:
-      - leases
-    verbs:
-      - get
-      - list
-      - watch
-      - create
-      - update
-      - patch
-      - delete
-  - apiGroups:
-      - ""
-    resources:
-      - events
-    verbs:
-      - create
-      - patch

packages/system/etcd-operator/charts/etcd-operator/templates/rbac/rolebinding-leader-election-rolebinding.yml

@@ -1,14 +0,0 @@
-apiVersion: rbac.authorization.k8s.io/v1
-kind: RoleBinding
-metadata:
-  labels:
-    {{- include "etcd-operator.labels" . | nindent 4 }}
-  name: {{ include "etcd-operator.fullname" . }}-leader-election-rolebinding
-roleRef:
-  apiGroup: rbac.authorization.k8s.io
-  kind: Role
-  name: {{ include "etcd-operator.fullname" . }}-leader-election-role
-subjects:
-  - kind: ServiceAccount
-    name: {{ include "etcd-operator.fullname" . }}-controller-manager
-    namespace: {{ .Release.Namespace }}

packages/system/etcd-operator/charts/etcd-operator/templates/workload/configmap-env.yaml

@@ -1,16 +0,0 @@
-{{- if .Values.etcdOperator.envVars }}
-apiVersion: v1
-kind: ConfigMap
-metadata:
-  name: {{ include "etcd-operator.labels" . }}-env
-  labels:
-    {{- include "etcd-operator.labels" . | nindent 4 }}
-data:
-  {{- range $k, $v := .Values.etcdOperator.envVars }}
-    {{- if typeOf $v | eq "string" }}
-      {{- print (tpl $k $) ": " (tpl $v $ | quote) | nindent 2 }}
-    {{- else }}
-      {{- print (tpl $k $) ": " ($v | quote) | nindent 2 }}
-    {{- end }}
-  {{- end }}
-{{- end }}

packages/system/etcd-operator/charts/etcd-operator/templates/workload/deployment.yml

@@ -1,114 +0,0 @@
-apiVersion: apps/v1
-kind: Deployment
-metadata:
-  name: {{ include "etcd-operator.fullname" . }}-controller-manager
-  labels:
-    {{- include "etcd-operator.labels" . | nindent 4 }}
-spec:
-  replicas: {{ .Values.replicaCount }}
-  selector:
-    matchLabels:
-      {{- include "etcd-operator.selectorLabels" . | nindent 6 }}
-  template:
-    metadata:
-      {{- with .Values.podAnnotations }}
-      annotations:
-        {{- toYaml . | nindent 8 }}
-      {{- end }}
-      labels:
-        {{- include "etcd-operator.labels" . | nindent 8 }}
-        {{- with .Values.podLabels }}
-        {{- toYaml . | nindent 8 }}
-        {{- end }}
-    spec:
-      {{- with .Values.imagePullSecrets }}
-      imagePullSecrets:
-        {{- toYaml . | nindent 8 }}
-      {{- end }}
-      containers:
-        - name: etcd-operator
-          image: {{ .Values.etcdOperator.image.repository }}:{{ .Values.etcdOperator.image.tag | default .Chart.AppVersion }}
-          imagePullPolicy: {{ .Values.etcdOperator.image.pullPolicy }}
-          {{- with .Values.etcdOperator.args }}
-          args:
-            {{- toYaml . | nindent 12 }}
-          {{- end }}
-          ports:
-            - containerPort: {{ .Values.etcdOperator.service.port }}
-              name: webhook-server
-              protocol: TCP
-          {{- with .Values.etcdOperator.livenessProbe }}
-          livenessProbe:
-            {{- toYaml . | nindent 12 }}
-          {{- end }}
-          {{- with .Values.etcdOperator.readinessProbe }}
-          readinessProbe:
-            {{- toYaml . | nindent 12 }}
-          {{- end }}
-          {{- with .Values.etcdOperator.resources }}
-          resources:
-            {{- toYaml . | nindent 12 }}
-          {{- end }}
-          {{- with .Values.etcdOperator.securityContext }}
-          securityContext:
-            {{- toYaml . | nindent 12 }}
-          {{- end }}
-          {{- if .Values.etcdOperator.envVars }}
-          envFrom:
-            - configMapRef:
-                name: {{ include "etcd-operator.fullname" . }}-env
-          {{- end }}
-          volumeMounts:
-            - mountPath: /tmp/k8s-webhook-server/serving-certs
-              name: cert
-              readOnly: true
-        - name: kube-rbac-proxy
-          image: {{ .Values.kubeRbacProxy.image.repository }}:{{ .Values.kubeRbacProxy.image.tag }}
-          imagePullPolicy: {{ .Values.kubeRbacProxy.image.pullPolicy }}
-          {{- with .Values.kubeRbacProxy.args }}
-          args:
-            {{- toYaml . | nindent 12 }}
-          {{- end }}
-          ports:
-            - containerPort: {{ .Values.kubeRbacProxy.service.port }}
-              name: https
-              protocol: TCP
-          {{- with .Values.kubeRbacProxy.livenessProbe }}
-          livenessProbe:
-            {{- toYaml . | nindent 12 }}
-          {{- end }}
-          {{- with .Values.kubeRbacProxy.readinessProbe }}
-          readinessProbe:
-            {{- toYaml . | nindent 12 }}
-          {{- end }}
-          {{- with .Values.kubeRbacProxy.resources }}
-          resources:
-            {{- toYaml . | nindent 12 }}
-          {{- end }}
-          {{- with .Values.kubeRbacProxy.securityContext }}
-          securityContext:
-            {{- toYaml . | nindent 12 }}
-          {{- end }}
-      {{- with .Values.podSecurityContext }}
-      securityContext:
-        {{- toYaml . | nindent 8 }}
-      {{- end }}
-      serviceAccountName: {{ include "etcd-operator.fullname" . }}-controller-manager
-      terminationGracePeriodSeconds: 10
-      volumes:
-        - name: cert
-          secret:
-            defaultMode: 420
-            secretName: webhook-server-cert
-      {{- with .Values.nodeSelector }}
-      nodeSelector:
-        {{- toYaml . | nindent 8 }}
-      {{- end }}
-      {{- with .Values.affinity }}
-      affinity:
-        {{- toYaml . | nindent 8 }}
-      {{- end }}
-      {{- with .Values.tolerations }}
-      tolerations:
-        {{- toYaml . | nindent 8 }}
-      {{- end }}

packages/system/etcd-operator/charts/etcd-operator/templates/workload/service-controller-manager-metrics-service.yml

@@ -1,15 +0,0 @@
-apiVersion: v1
-kind: Service
-metadata:
-  name: {{ include "etcd-operator.fullname" . }}-controller-manager-metrics-service
-  labels:
-    {{- include "etcd-operator.labels" . | nindent 4 }}
-spec:
-  type: {{ .Values.kubeRbacProxy.service.type }}
-  ports:
-    - name: https
-      port: {{ .Values.kubeRbacProxy.service.port }}
-      protocol: TCP
-      targetPort: https
-  selector:
-    {{- include "etcd-operator.selectorLabels" . | nindent 4 }}

packages/system/etcd-operator/charts/etcd-operator/templates/workload/service-webhook-service.yml

@@ -1,14 +0,0 @@
-apiVersion: v1
-kind: Service
-metadata:
-  labels:
-    {{- include "etcd-operator.labels" . | nindent 4 }}
-  name: {{ include "etcd-operator.fullname" . }}-webhook-service
-spec:
-  type: {{ .Values.etcdOperator.service.type }}
-  ports:
-    - port: 443
-      protocol: TCP
-      targetPort: {{ .Values.etcdOperator.service.port }}
-  selector:
-    {{- include "etcd-operator.selectorLabels" . | nindent 4 }}

packages/system/etcd-operator/charts/etcd-operator/templates/workload/serviceaccount.yml

@@ -1,12 +0,0 @@
-{{- if .Values.serviceAccount.create -}}
-apiVersion: v1
-kind: ServiceAccount
-metadata:
-  name: {{ include "etcd-operator.fullname" . }}-controller-manager
-  labels:
-    {{- include "etcd-operator.labels" . | nindent 4 }}
-  {{- with .Values.serviceAccount.annotations }}
-  annotations:
-    {{- toYaml . | nindent 4 }}
-  {{- end }}
-{{- end }}

packages/system/etcd-operator/charts/etcd-operator/values.schema.json

@@ -1,284 +0,0 @@
-{
-    "$schema": "https://json-schema.org/draft/2020-12/schema",
-    "properties": {
-        "affinity": {
-            "properties": {},
-            "type": "object"
-        },
-        "etcdOperator": {
-            "properties": {
-                "args": {
-                    "items": {
-                        "type": "string"
-                    },
-                    "type": "array"
-                },
-                "envVars": {
-                    "properties": {},
-                    "type": "object"
-                },
-                "image": {
-                    "properties": {
-                        "pullPolicy": {
-                            "type": "string"
-                        },
-                        "repository": {
-                            "type": "string"
-                        },
-                        "tag": {
-                            "type": "string"
-                        }
-                    },
-                    "type": "object"
-                },
-                "livenessProbe": {
-                    "properties": {
-                        "httpGet": {
-                            "properties": {
-                                "path": {
-                                    "type": "string"
-                                },
-                                "port": {
-                                    "type": "integer"
-                                }
-                            },
-                            "type": "object"
-                        },
-                        "initialDelaySeconds": {
-                            "type": "integer"
-                        },
-                        "periodSeconds": {
-                            "type": "integer"
-                        }
-                    },
-                    "type": "object"
-                },
-                "readinessProbe": {
-                    "properties": {
-                        "httpGet": {
-                            "properties": {
-                                "path": {
-                                    "type": "string"
-                                },
-                                "port": {
-                                    "type": "integer"
-                                }
-                            },
-                            "type": "object"
-                        },
-                        "initialDelaySeconds": {
-                            "type": "integer"
-                        },
-                        "periodSeconds": {
-                            "type": "integer"
-                        }
-                    },
-                    "type": "object"
-                },
-                "resources": {
-                    "properties": {
-                        "limits": {
-                            "properties": {
-                                "cpu": {
-                                    "type": "string"
-                                },
-                                "memory": {
-                                    "type": "string"
-                                }
-                            },
-                            "type": "object"
-                        },
-                        "requests": {
-                            "properties": {
-                                "cpu": {
-                                    "type": "string"
-                                },
-                                "memory": {
-                                    "type": "string"
-                                }
-                            },
-                            "type": "object"
-                        }
-                    },
-                    "type": "object"
-                },
-                "securityContext": {
-                    "properties": {
-                        "allowPrivilegeEscalation": {
-                            "type": "boolean"
-                        },
-                        "capabilities": {
-                            "properties": {
-                                "drop": {
-                                    "items": {
-                                        "type": "string"
-                                    },
-                                    "type": "array"
-                                }
-                            },
-                            "type": "object"
-                        }
-                    },
-                    "type": "object"
-                },
-                "service": {
-                    "properties": {
-                        "port": {
-                            "type": "integer"
-                        },
-                        "type": {
-                            "type": "string"
-                        }
-                    },
-                    "type": "object"
-                }
-            },
-            "type": "object"
-        },
-        "fullnameOverride": {
-            "type": "string"
-        },
-        "imagePullSecrets": {
-            "type": "array"
-        },
-        "kubeRbacProxy": {
-            "properties": {
-                "args": {
-                    "items": {
-                        "type": "string"
-                    },
-                    "type": "array"
-                },
-                "image": {
-                    "properties": {
-                        "pullPolicy": {
-                            "type": "string"
-                        },
-                        "repository": {
-                            "type": "string"
-                        },
-                        "tag": {
-                            "type": "string"
-                        }
-                    },
-                    "type": "object"
-                },
-                "livenessProbe": {
-                    "properties": {},
-                    "type": "object"
-                },
-                "readinessProbe": {
-                    "properties": {},
-                    "type": "object"
-                },
-                "resources": {
-                    "properties": {
-                        "limits": {
-                            "properties": {
-                                "cpu": {
-                                    "type": "string"
-                                },
-                                "memory": {
-                                    "type": "string"
-                                }
-                            },
-                            "type": "object"
-                        },
-                        "requests": {
-                            "properties": {
-                                "cpu": {
-                                    "type": "string"
-                                },
-                                "memory": {
-                                    "type": "string"
-                                }
-                            },
-                            "type": "object"
-                        }
-                    },
-                    "type": "object"
-                },
-                "securityContext": {
-                    "properties": {
-                        "allowPrivilegeEscalation": {
-                            "type": "boolean"
-                        },
-                        "capabilities": {
-                            "properties": {
-                                "drop": {
-                                    "items": {
-                                        "type": "string"
-                                    },
-                                    "type": "array"
-                                }
-                            },
-                            "type": "object"
-                        }
-                    },
-                    "type": "object"
-                },
-                "service": {
-                    "properties": {
-                        "port": {
-                            "type": "integer"
-                        },
-                        "type": {
-                            "type": "string"
-                        }
-                    },
-                    "type": "object"
-                }
-            },
-            "type": "object"
-        },
-        "kubernetesClusterDomain": {
-            "type": "string"
-        },
-        "nameOverride": {
-            "type": "string"
-        },
-        "nodeSelector": {
-            "properties": {},
-            "type": "object"
-        },
-        "podAnnotations": {
-            "properties": {},
-            "type": "object"
-        },
-        "podLabels": {
-            "properties": {},
-            "type": "object"
-        },
-        "podSecurityContext": {
-            "properties": {},
-            "type": "object"
-        },
-        "replicaCount": {
-            "type": "integer"
-        },
-        "securityContext": {
-            "properties": {
-                "runAsNonRoot": {
-                    "type": "boolean"
-                }
-            },
-            "type": "object"
-        },
-        "serviceAccount": {
-            "properties": {
-                "annotations": {
-                    "properties": {},
-                    "type": "object"
-                },
-                "create": {
-                    "type": "boolean"
-                }
-            },
-            "type": "object"
-        },
-        "tolerations": {
-            "type": "array"
-        }
-    },
-    "type": "object"
-}

packages/system/etcd-operator/charts/etcd-operator/values.yaml

@@ -1,98 +0,0 @@
-etcdOperator:
-  image:
-    repository: ghcr.io/aenix-io/etcd-operator
-    pullPolicy: IfNotPresent
-    # Overrides the image tag whose default is the chart appVersion.
-    tag: ""
-  args:
-    - --health-probe-bind-address=:8081
-    - --metrics-bind-address=127.0.0.1:8080
-    - --leader-elect
-  service:
-    type: ClusterIP
-    port: 9443
-  envVars: {}
-  livenessProbe:
-    httpGet:
-      path: /healthz
-      port: 8081
-    initialDelaySeconds: 15
-    periodSeconds: 20
-  readinessProbe:
-    httpGet:
-      path: /readyz
-      port: 8081
-    initialDelaySeconds: 5
-    periodSeconds: 10
-  resources:
-    limits:
-      cpu: 500m
-      memory: 128Mi
-    requests:
-      cpu: 100m
-      memory: 64Mi
-  securityContext:
-    allowPrivilegeEscalation: false
-    capabilities:
-      drop:
-        - ALL
-
-kubeRbacProxy:
-  image:
-    repository: gcr.io/kubebuilder/kube-rbac-proxy
-    pullPolicy: IfNotPresent
-    tag: v0.16.0
-  args:
-    - --secure-listen-address=0.0.0.0:8443
-    - --upstream=http://127.0.0.1:8080/
-    - --logtostderr=true
-    - --v=0
-  service:
-    type: ClusterIP
-    port: 8443
-  livenessProbe: {}
-  readinessProbe: {}
-  resources:
-    limits:
-      cpu: 500m
-      memory: 128Mi
-    requests:
-      cpu: 100m
-      memory: 64Mi
-  securityContext:
-    allowPrivilegeEscalation: false
-    capabilities:
-      drop:
-        - ALL
-
-kubernetesClusterDomain: cluster.local
-
-replicaCount: 1
-
-imagePullSecrets: []
-
-nameOverride: ""
-
-fullnameOverride: ""
-
-serviceAccount:
-  # Specifies whether a service account should be created
-  create: true
-  # Annotations to add to the service account
-  annotations: {}
-
-podAnnotations: {}
-
-podLabels: {}
-
-podSecurityContext: {}
-  # fsGroup: 2000
-
-securityContext:
-  runAsNonRoot: true
-
-nodeSelector: {}
-
-tolerations: []
-
-affinity: {}

packages/system/kamaji/charts/kamaji/Chart.yaml

@@ -3,22 +3,20 @@ annotations:
   catalog.cattle.io/display-name: Kamaji
   catalog.cattle.io/release-name: kamaji
 apiVersion: v2
-appVersion: v0.5.0
+appVersion: v0.4.1
-description: Kamaji is the Hosted Control Plane Manager for Kubernetes.
+description: Kamaji is a Kubernetes Control Plane Manager.
 home: https://github.com/clastix/kamaji
 icon: https://github.com/clastix/kamaji/raw/master/assets/logo-colored.png
 kubeVersion: '>=1.21.0-0'
 maintainers:
 - email: dario@tranchitella.eu
   name: Dario Tranchitella
-  url: https://clastix.io
 - email: me@maxgio.it
   name: Massimiliano Giovagnoli
 - email: me@bsctl.io
   name: Adriano Pezzuto
-  url: https://clastix.io
 name: kamaji
 sources:
 - https://github.com/clastix/kamaji
 type: application
-version: 0.15.2
+version: 0.14.1

packages/system/kamaji/charts/kamaji/README.md

@@ -1,16 +1,16 @@
 # kamaji
 
-![Version: 0.15.2](https://img.shields.io/badge/Version-0.15.2-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: v0.5.0](https://img.shields.io/badge/AppVersion-v0.5.0-informational?style=flat-square)
+![Version: 0.14.1](https://img.shields.io/badge/Version-0.14.1-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: v0.4.1](https://img.shields.io/badge/AppVersion-v0.4.1-informational?style=flat-square)
 
-Kamaji is the Hosted Control Plane Manager for Kubernetes.
+Kamaji is a Kubernetes Control Plane Manager.
 
 ## Maintainers
 
 | Name | Email | Url |
 | ---- | ------ | --- |
-| Dario Tranchitella | <dario@tranchitella.eu> | <https://clastix.io> |
+| Dario Tranchitella | <dario@tranchitella.eu> |  |
 | Massimiliano Giovagnoli | <me@maxgio.it> |  |
-| Adriano Pezzuto | <me@bsctl.io> | <https://clastix.io> |
+| Adriano Pezzuto | <me@bsctl.io> |  |
 
 ## Source Code
 
@@ -66,8 +66,6 @@ Here the values you can override:
 | Key | Type | Default | Description |
 |-----|------|---------|-------------|
 | affinity | object | `{}` | Kubernetes affinity rules to apply to Kamaji controller pods |
-| cfssl.image.repository | string | `"cfssl/cfssl"` |  |
-| cfssl.image.tag | string | `"latest"` |  |
 | datastore.basicAuth.passwordSecret.keyPath | string | `nil` | The Secret key where the data is stored. |
 | datastore.basicAuth.passwordSecret.name | string | `nil` | The name of the Secret containing the password used to connect to the relational database. |
 | datastore.basicAuth.passwordSecret.namespace | string | `nil` | The namespace of the Secret containing the password used to connect to the relational database. |

packages/system/kamaji/charts/kamaji/crds/datastore.yaml

@@ -30,19 +30,10 @@ spec:
           description: DataStore is the Schema for the datastores API.
           properties:
             apiVersion:
-              description: |-
+              description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
-                APIVersion defines the versioned schema of this representation of an object.
-                Servers should convert recognized schemas to the latest internal value, and
-                may reject unrecognized values.
-                More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
               type: string
             kind:
-              description: |-
+              description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
-                Kind is a string value representing the REST resource this object represents.
-                Servers may infer this from the endpoint the client submits requests to.
-                Cannot be updated.
-                In CamelCase.
-                More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
               type: string
             metadata:
               type: object
@@ -50,24 +41,18 @@ spec:
               description: DataStoreSpec defines the desired state of DataStore.
               properties:
                 basicAuth:
-                  description: |-
+                  description: In case of authentication enabled for the given data store, specifies the username and password pair. This value is optional.
-                    In case of authentication enabled for the given data store, specifies the username and password pair.
-                    This value is optional.
                   properties:
                     password:
                       properties:
                         content:
-                          description: |-
+                          description: Bare content of the file, base64 encoded. It has precedence over the SecretReference value.
-                            Bare content of the file, base64 encoded.
-                            It has precedence over the SecretReference value.
                           format: byte
                           type: string
                         secretReference:
                           properties:
                             keyPath:
-                              description: |-
+                              description: Name of the key for the given Secret reference where the content is stored. This value is mandatory.
-                                Name of the key for the given Secret reference where the content is stored.
-                                This value is mandatory.
                               minLength: 1
                               type: string
                             name:
@@ -84,17 +69,13 @@ spec:
                     username:
                       properties:
                         content:
-                          description: |-
+                          description: Bare content of the file, base64 encoded. It has precedence over the SecretReference value.
-                            Bare content of the file, base64 encoded.
-                            It has precedence over the SecretReference value.
                           format: byte
                           type: string
                         secretReference:
                           properties:
                             keyPath:
-                              description: |-
+                              description: Name of the key for the given Secret reference where the content is stored. This value is mandatory.
-                                Name of the key for the given Secret reference where the content is stored.
-                                This value is mandatory.
                               minLength: 1
                               type: string
                             name:
@@ -120,9 +101,7 @@ spec:
                     - PostgreSQL
                   type: string
                 endpoints:
-                  description: |-
+                  description: List of the endpoints to connect to the shared datastore. No need for protocol, just bare IP/FQDN and port.
-                    List of the endpoints to connect to the shared datastore.
-                    No need for protocol, just bare IP/FQDN and port.
                   items:
                     type: string
                   minItems: 1
@@ -131,24 +110,18 @@ spec:
                   description: Defines the TLS/SSL configuration required to connect to the data store in a secure way.
                   properties:
                     certificateAuthority:
-                      description: |-
+                      description: Retrieve the Certificate Authority certificate and private key, such as bare content of the file, or a SecretReference. The key reference is required since etcd authentication is based on certificates, and Kamaji is responsible in creating this.
-                        Retrieve the Certificate Authority certificate and private key, such as bare content of the file, or a SecretReference.
-                        The key reference is required since etcd authentication is based on certificates, and Kamaji is responsible in creating this.
                       properties:
                         certificate:
                           properties:
                             content:
-                              description: |-
+                              description: Bare content of the file, base64 encoded. It has precedence over the SecretReference value.
-                                Bare content of the file, base64 encoded.
-                                It has precedence over the SecretReference value.
                               format: byte
                               type: string
                             secretReference:
                               properties:
                                 keyPath:
-                                  description: |-
+                                  description: Name of the key for the given Secret reference where the content is stored. This value is mandatory.
-                                    Name of the key for the given Secret reference where the content is stored.
-                                    This value is mandatory.
                                   minLength: 1
                                   type: string
                                 name:
@@ -165,17 +138,13 @@ spec:
                         privateKey:
                           properties:
                             content:
-                              description: |-
+                              description: Bare content of the file, base64 encoded. It has precedence over the SecretReference value.
-                                Bare content of the file, base64 encoded.
-                                It has precedence over the SecretReference value.
                               format: byte
                               type: string
                             secretReference:
                               properties:
                                 keyPath:
-                                  description: |-
+                                  description: Name of the key for the given Secret reference where the content is stored. This value is mandatory.
-                                    Name of the key for the given Secret reference where the content is stored.
-                                    This value is mandatory.
                                   minLength: 1
                                   type: string
                                 name:
@@ -198,17 +167,13 @@ spec:
                         certificate:
                           properties:
                             content:
-                              description: |-
+                              description: Bare content of the file, base64 encoded. It has precedence over the SecretReference value.
-                                Bare content of the file, base64 encoded.
-                                It has precedence over the SecretReference value.
                               format: byte
                               type: string
                             secretReference:
                               properties:
                                 keyPath:
-                                  description: |-
+                                  description: Name of the key for the given Secret reference where the content is stored. This value is mandatory.
-                                    Name of the key for the given Secret reference where the content is stored.
-                                    This value is mandatory.
                                   minLength: 1
                                   type: string
                                 name:
@@ -225,17 +190,13 @@ spec:
                         privateKey:
                           properties:
                             content:
-                              description: |-
+                              description: Bare content of the file, base64 encoded. It has precedence over the SecretReference value.
-                                Bare content of the file, base64 encoded.
-                                It has precedence over the SecretReference value.
                               format: byte
                               type: string
                             secretReference:
                               properties:
                                 keyPath:
-                                  description: |-
+                                  description: Name of the key for the given Secret reference where the content is stored. This value is mandatory.
-                                    Name of the key for the given Secret reference where the content is stored.
-                                    This value is mandatory.
                                   minLength: 1
                                   type: string
                                 name: