fix(cert-manager): make enableGatewayAPI conditional on gateway.gatewayAPI

Previously enableGatewayAPI was hardcoded to true in cert-manager values,
causing startup failures in isp-hosted variant where Gateway API CRDs
are not installed. Now passed via component override only when
gateway.gatewayAPI is enabled.

Co-Authored-By: Claude <noreply@anthropic.com>
Signed-off-by: Kirill Ilin <stitch14@yandex.ru>

docs/changelogs/v1.0.5.md

@@ -1,29 +0,0 @@
-<!--
-https://github.com/cozystack/cozystack/releases/tag/v1.0.5
--->
-
-## Fixes
-
-* **[api] Fix spurious OpenAPI post-processing errors for non-apps group versions**: The API server no longer logs false errors while generating OpenAPI specs for core and other non-`apps.cozystack.io` group versions. The post-processor now exits early when the base `Application` schemas are absent, reducing noisy startup logs without affecting application schema generation ([**@kvaps**](https://github.com/kvaps) in #2212, #2216).
-
-## Documentation
-
-* **[website] Add `DependenciesNotReady` troubleshooting and correct packages management build target**: Added a troubleshooting guide for packages stuck in `DependenciesNotReady`, including how to inspect operator logs and identify missing dependencies, and fixed the outdated `make image-cozystack` command to `make image-packages` in the packages management guide ([**@kvaps**](https://github.com/kvaps) in cozystack/website#450).
-
-* **[website] Clarify operator-first installation order**: Reordered the platform installation guide and tutorial so users install the Cozystack operator before preparing and applying the Platform Package, matching the rest of the installation docs and reducing setup confusion during fresh installs ([**@sircthulhu**](https://github.com/sircthulhu) in cozystack/website#449).
-
-* **[website] Add automated installation guide for Ansible**: Added end-to-end documentation for deploying Cozystack with the `cozystack.installer` Ansible collection, including inventory examples, distro-specific playbooks, configuration reference, verification steps, and explicit version pinning guidance to help operators automate installs safely ([**@lexfrei**](https://github.com/lexfrei) in cozystack/website#442).
-
-* **[website] Expand CA rotation operations guide**: Completed the CA rotation documentation with separate Talos and Kubernetes certificate rotation procedures, dry-run preview steps, and post-rotation guidance for fetching updated `talosconfig` and `kubeconfig` files after certificate changes ([**@kvaps**](https://github.com/kvaps) in cozystack/website#406).
-
-* **[website] Improve backup operations documentation**: Enhanced the operator backup and recovery guide with clearer Velero enablement steps, concrete provider and bucket examples, and more useful commands for inspecting backups, schedules, restores, CRD status, and logs ([**@androndo**](https://github.com/androndo) in cozystack/website#440).
-
-* **[website] Add custom metrics collection guide**: Added a monitoring guide showing how tenants can expose their own Prometheus exporters through `VMServiceScrape` and `VMPodScrape`, including namespace labeling requirements, example manifests, verification steps, and troubleshooting advice ([**@IvanHunters**](https://github.com/IvanHunters) in cozystack/website#444).
-
-* **[website] Document PackageSource and Package architecture**: Added a Key Concepts reference covering `PackageSource` and `Package` reconciliation flow, dependency handling, update propagation, rollback behavior, FluxPlunger recovery, and the `cozypkg` CLI for package management ([**@IvanHunters**](https://github.com/IvanHunters) in cozystack/website#445).
-
-* **[website] Refresh v1 application and platform documentation**: Fixed the documentation auto-update flow and published a broad v1 documentation refresh covering newly documented applications, updated naming and navigation, virtualization and platform content updates, and reorganized versioned docs pages ([**@myasnikovdaniil**](https://github.com/myasnikovdaniil) in cozystack/website#439).
-
----
-
-**Full Changelog**: https://github.com/cozystack/cozystack/compare/v1.0.4...v1.0.5

packages/apps/kubernetes/Makefile

@@ -1,4 +1,4 @@
-KUBERNETES_VERSIONS = $(shell awk -F'"' '{print $$2}' files/versions.yaml)
+KUBERNETES_VERSION = v1.35
 KUBERNETES_PKG_TAG = $(shell awk '$$1 == "version:" {print $$2}' Chart.yaml)
 
 include ../../../hack/common-envs.mk
@@ -15,19 +15,17 @@ update:
 image: image-ubuntu-container-disk image-kubevirt-cloud-provider image-kubevirt-csi-driver image-cluster-autoscaler
 
 image-ubuntu-container-disk:
-	$(foreach ver,$(KUBERNETES_VERSIONS), \
-		docker buildx build images/ubuntu-container-disk \
-			--build-arg KUBERNETES_VERSION=$(ver) \
-			--tag $(REGISTRY)/ubuntu-container-disk:$(call settag,$(ver)) \
-			--tag $(REGISTRY)/ubuntu-container-disk:$(call settag,$(ver)-$(TAG)) \
-			--cache-from type=registry,ref=$(REGISTRY)/ubuntu-container-disk:$(call settag,$(ver)) \
-			--cache-to type=inline \
-			--metadata-file images/ubuntu-container-disk-$(ver).json \
-			$(BUILDX_ARGS) && \
-		echo "$(REGISTRY)/ubuntu-container-disk:$(call settag,$(ver))@$$(yq e '."containerimage.digest"' images/ubuntu-container-disk-$(ver).json -o json -r)" \
-			> images/ubuntu-container-disk-$(ver).tag && \
-		rm -f images/ubuntu-container-disk-$(ver).json; \
-	)
+	docker buildx build images/ubuntu-container-disk \
+		--build-arg KUBERNETES_VERSION=${KUBERNETES_VERSION} \
+		--tag $(REGISTRY)/ubuntu-container-disk:$(call settag,$(KUBERNETES_VERSION)) \
+		--tag $(REGISTRY)/ubuntu-container-disk:$(call settag,$(KUBERNETES_VERSION)-$(TAG)) \
+		--cache-from type=registry,ref=$(REGISTRY)/ubuntu-container-disk:latest \
+		--cache-to type=inline \
+		--metadata-file images/ubuntu-container-disk.json \
+		$(BUILDX_ARGS)
+	echo "$(REGISTRY)/ubuntu-container-disk:$(call settag,$(KUBERNETES_VERSION))@$$(yq e '."containerimage.digest"' images/ubuntu-container-disk.json -o json -r)" \
+		> images/ubuntu-container-disk.tag
+	rm -f images/ubuntu-container-disk.json
 
 image-kubevirt-cloud-provider:
 	docker buildx build images/kubevirt-cloud-provider \

packages/apps/kubernetes/images/ubuntu-container-disk-v1.30.tag

@@ -1 +0,0 @@
-ttl.sh/rjfkdsjflsk/ubuntu-container-disk:v1.30@sha256:8c2276f68beb67edf5bf76d6c97b271dd9303b336e1d5850ae2b91a590c9bb57

packages/apps/kubernetes/images/ubuntu-container-disk-v1.31.tag

@@ -1 +0,0 @@
-ttl.sh/rjfkdsjflsk/ubuntu-container-disk:v1.31@sha256:2b631cd227bc9b1bae16de033830e756cd6590b512dc0d2b13367ee626f3e4ca

packages/apps/kubernetes/images/ubuntu-container-disk-v1.32.tag

@@ -1 +0,0 @@
-ttl.sh/rjfkdsjflsk/ubuntu-container-disk:v1.32@sha256:600d6ce7df4eaa8cc79c7d6d1b01ecac43e7696beb84eafce752d9210a16455f

packages/apps/kubernetes/images/ubuntu-container-disk-v1.33.tag

@@ -1 +0,0 @@
-ttl.sh/rjfkdsjflsk/ubuntu-container-disk:v1.33@sha256:243e55d6f2887a4f6ce8526de52fd083b7b88194d5c7f3eaa51b87efb557ac88

packages/apps/kubernetes/images/ubuntu-container-disk-v1.34.tag

@@ -1 +0,0 @@
-ttl.sh/rjfkdsjflsk/ubuntu-container-disk:v1.34@sha256:ad8377d5644ba51729dc69dff4c9f6b4a48957075d054a58c61a45d0bb41f6af

packages/apps/kubernetes/images/ubuntu-container-disk-v1.35.tag

@@ -1 +0,0 @@
-ttl.sh/rjfkdsjflsk/ubuntu-container-disk:v1.35@sha256:1c2f2430383a9b9882358c60c194465c1b6092b4aa77536a0343cf74155c0067

packages/apps/kubernetes/images/ubuntu-container-disk.tag

@@ -0,0 +1 @@
+ghcr.io/cozystack/cozystack/ubuntu-container-disk:v1.35@sha256:39f626c802dd84f95720ffb54fcd80dfb8a58ac280498870d0a1aa30d4252f94

packages/apps/kubernetes/templates/cluster.yaml

@@ -74,7 +74,7 @@ spec:
           volumes:
           - name: system
             containerDisk:
-              image: "{{ $.Files.Get (printf "images/ubuntu-container-disk-%s.tag" $.Values.version) | trim }}"
+              image: "{{ $.Files.Get "images/ubuntu-container-disk.tag" | trim }}"
           - name: ephemeral
             emptyDisk:
               capacity: {{ .group.ephemeralStorage | default "20Gi" }}
@@ -249,9 +249,6 @@ spec:
       joinConfiguration:
         nodeRegistration:
           kubeletExtraArgs: {}
-          # Ignore this for 1.31
-          ignorePreflightErrors:
-          - FileExisting-conntrack
         discovery:
           bootstrapToken:
             apiServerEndpoint: {{ $.Release.Name }}.{{ $.Release.Namespace }}.svc:6443

packages/core/platform/sources/cozystack-scheduler.yaml

@@ -1,19 +0,0 @@
----
-apiVersion: cozystack.io/v1alpha1
-kind: PackageSource
-metadata:
-  name: cozystack.cozystack-scheduler
-spec:
-  sourceRef:
-    kind: OCIRepository
-    name: cozystack-packages
-    namespace: cozy-system
-    path: /
-  variants:
-  - name: default
-    components:
-    - name: cozystack-scheduler
-      path: system/cozystack-scheduler
-      install:
-        namespace: kube-system
-        releaseName: cozystack-scheduler

packages/core/platform/sources/networking.yaml

@@ -15,6 +15,12 @@ spec:
   - name: cilium
     dependsOn: []
     components:
+    - name: gateway-api-crds
+      path: system/gateway-api-crds
+      install:
+        namespace: cozy-gateway-api-crds
+        releaseName: gateway-api-crds
+        dependsOn: []
     - name: cilium
       path: system/cilium
       valuesFiles:
@@ -24,7 +30,8 @@ spec:
         privileged: true
         namespace: cozy-cilium
         releaseName: cilium
-        dependsOn: []
+        dependsOn:
+        - gateway-api-crds
     - name: cilium-networkpolicy
       path: system/cilium-networkpolicy
       install:
@@ -36,6 +43,12 @@ spec:
   - name: cilium-kilo
     dependsOn: []
     components:
+    - name: gateway-api-crds
+      path: system/gateway-api-crds
+      install:
+        namespace: cozy-gateway-api-crds
+        releaseName: gateway-api-crds
+        dependsOn: []
     - name: cilium
       path: system/cilium
       valuesFiles:
@@ -46,7 +59,8 @@ spec:
         privileged: true
         namespace: cozy-cilium
         releaseName: cilium
-        dependsOn: []
+        dependsOn:
+        - gateway-api-crds
     - name: kilo
       path: system/kilo
       valuesFiles:
@@ -62,6 +76,12 @@ spec:
   - name: cilium-generic
     dependsOn: []
     components:
+    - name: gateway-api-crds
+      path: system/gateway-api-crds
+      install:
+        namespace: cozy-gateway-api-crds
+        releaseName: gateway-api-crds
+        dependsOn: []
     - name: cilium
       path: system/cilium
       valuesFiles:
@@ -70,7 +90,8 @@ spec:
         privileged: true
         namespace: cozy-cilium
         releaseName: cilium
-        dependsOn: []
+        dependsOn:
+        - gateway-api-crds
     - name: cilium-networkpolicy
       path: system/cilium-networkpolicy
       install:
@@ -82,6 +103,12 @@ spec:
   - name: kubeovn-cilium
     dependsOn: []
     components:
+    - name: gateway-api-crds
+      path: system/gateway-api-crds
+      install:
+        namespace: cozy-gateway-api-crds
+        releaseName: gateway-api-crds
+        dependsOn: []
     - name: cilium
       path: system/cilium
       valuesFiles:
@@ -92,7 +119,8 @@ spec:
         privileged: true
         namespace: cozy-cilium
         releaseName: cilium
-        dependsOn: []
+        dependsOn:
+        - gateway-api-crds
     - name: cilium-networkpolicy
       path: system/cilium-networkpolicy
       install:
@@ -113,6 +141,12 @@ spec:
   - name: kubeovn-cilium-generic
     dependsOn: []
     components:
+    - name: gateway-api-crds
+      path: system/gateway-api-crds
+      install:
+        namespace: cozy-gateway-api-crds
+        releaseName: gateway-api-crds
+        dependsOn: []
     - name: cilium
       path: system/cilium
       valuesFiles:
@@ -122,7 +156,8 @@ spec:
         privileged: true
         namespace: cozy-cilium
         releaseName: cilium
-        dependsOn: []
+        dependsOn:
+        - gateway-api-crds
     - name: cilium-networkpolicy
       path: system/cilium-networkpolicy
       install:

packages/core/platform/templates/bundles/system.yaml

@@ -16,10 +16,14 @@
 {{- $kubeovnValues := dict "kube-ovn" $kubeovnDict -}}
 {{- $_ := set $networkingComponents "kubeovn" (dict "values" $kubeovnValues) -}}
 {{- /* For Talos (isp-full): use KubePrism endpoint and disable cgroup autoMount */ -}}
-{{- $ciliumValues := dict "cilium" (dict
+{{- $ciliumDict := dict
   "k8sServiceHost" "localhost"
   "k8sServicePort" "7445"
-  "cgroup" (dict "autoMount" (dict "enabled" false))) -}}
+  "cgroup" (dict "autoMount" (dict "enabled" false)) -}}
+{{- if .Values.gateway.gatewayAPI -}}
+{{- $_ := set $ciliumDict "gatewayAPI" (dict "enabled" true) -}}
+{{- end -}}
+{{- $ciliumValues := dict "cilium" $ciliumDict -}}
 {{- $_ := set $networkingComponents "cilium" (dict "values" $ciliumValues) -}}
 {{- end -}}
 {{include "cozystack.platform.package" (list "cozystack.networking" "kubeovn-cilium" $ $networkingComponents) }}
@@ -83,10 +87,14 @@
 {{- $kubeovnValues := dict "kube-ovn" $kubeovnDict -}}
 {{- $_ := set $networkingComponents "kubeovn" (dict "values" $kubeovnValues) -}}
 {{- /* Cilium configuration - for generic k8s, always enable cgroup autoMount */ -}}
-{{- $ciliumValues := dict "cilium" (dict
+{{- $ciliumDict := dict
   "k8sServiceHost" $apiHost
   "k8sServicePort" $apiPort
-  "cgroup" (dict "autoMount" (dict "enabled" true))) -}}
+  "cgroup" (dict "autoMount" (dict "enabled" true)) -}}
+{{- if .Values.gateway.gatewayAPI -}}
+{{- $_ := set $ciliumDict "gatewayAPI" (dict "enabled" true) -}}
+{{- end -}}
+{{- $ciliumValues := dict "cilium" $ciliumDict -}}
 {{- $_ := set $networkingComponents "cilium" (dict "values" $ciliumValues) -}}
 {{- end -}}
 {{- /* Use kubeovn-cilium-generic variant (no values-talos.yaml) */ -}}
@@ -118,7 +126,12 @@
 {{- end }}
 
 # Common Packages
-{{include "cozystack.platform.package.default" (list "cozystack.cert-manager" $) }}
+{{- $certManagerComponents := dict -}}
+{{- if .Values.gateway.gatewayAPI -}}
+{{- $certManagerValues := dict "cert-manager" (dict "config" (dict "enableGatewayAPI" true)) -}}
+{{- $_ := set $certManagerComponents "cert-manager" (dict "values" $certManagerValues) -}}
+{{- end -}}
+{{include "cozystack.platform.package" (list "cozystack.cert-manager" "default" $ $certManagerComponents) }}
 {{include "cozystack.platform.package.default" (list "cozystack.flux-plunger" $) }}
 {{include "cozystack.platform.package.default" (list "cozystack.victoria-metrics-operator" $) }}
 {{- $tenantComponents := dict -}}
@@ -148,7 +161,16 @@
 # Optional System Packages (controlled via bundles.enabledPackages)
 {{include "cozystack.platform.package.optional.default" (list "cozystack.nfs-driver" $) }}
 {{include "cozystack.platform.package.optional.default" (list "cozystack.telepresence" $) }}
-{{include "cozystack.platform.package.optional.default" (list "cozystack.external-dns" $) }}
+{{- $externalDnsComponents := dict -}}
+{{- if .Values.gateway.gatewayAPI -}}
+{{- $externalDnsValues := dict "external-dns" (dict "sources" (list "service" "ingress" "gateway-httproute")) -}}
+{{- $_ := set $externalDnsComponents "external-dns" (dict "values" $externalDnsValues) -}}
+{{- end -}}
+{{- $disabled := default (list) .Values.bundles.disabledPackages -}}
+{{- $enabled := default (list) .Values.bundles.enabledPackages -}}
+{{- if and (has "cozystack.external-dns" $enabled) (not (has "cozystack.external-dns" $disabled)) -}}
+{{include "cozystack.platform.package" (list "cozystack.external-dns" "default" $ $externalDnsComponents) }}
+{{- end }}
 {{include "cozystack.platform.package.optional.default" (list "cozystack.external-dns-application" $) }}
 {{include "cozystack.platform.package.optional.default" (list "cozystack.external-secrets-operator" $) }}
 {{- if has "cozystack.bootbox" (default (list) .Values.bundles.enabledPackages) }}
@@ -156,6 +178,5 @@
 {{include "cozystack.platform.package.default" (list "cozystack.bootbox" $) }}
 {{- end }}
 {{include "cozystack.platform.package.optional.default" (list "cozystack.hetzner-robotlb" $) }}
-{{include "cozystack.platform.package.optional.default" (list "cozystack.cozystack-scheduler" $) }}
 
 {{- end }}

packages/core/platform/values.yaml

@@ -34,6 +34,12 @@ networking:
   # Set this to comma-separated list of master node IPs to override.
   kubeovn:
     MASTER_NODES: ""
+# Gateway configuration
+# ingress and gatewayAPI can be enabled independently;
+# future work will wire gateway.ingress into ingress controller selection
+gateway:
+  ingress: true
+  gatewayAPI: false
 # Service publishing and ingress configuration
 publishing:
   host: "example.org"

packages/system/bucket/templates/deployment.yaml

@@ -1,12 +1,3 @@
-{{- $endpoint := printf "s3.%s" .Values._namespace.host }}
-{{- range $name, $user := .Values.users }}
-  {{- $secretName := printf "%s-%s" $.Values.bucketName $name }}
-  {{- $existingSecret := lookup "v1" "Secret" $.Release.Namespace $secretName }}
-  {{- if $existingSecret }}
-    {{- $bucketInfo := fromJson (b64dec (index $existingSecret.data "BucketInfo")) }}
-    {{- $endpoint = trimPrefix "https://" (index $bucketInfo.spec.secretS3 "endpoint") }}
-  {{- end }}
-{{- end }}
 apiVersion: apps/v1
 kind: Deployment
 metadata:
@@ -26,6 +17,6 @@ spec:
         image: "{{ $.Files.Get "images/s3manager.tag" | trim }}"
         env:
         - name: ENDPOINT
-          value: {{ $endpoint | quote }}
+          value: "s3.{{ .Values._namespace.host }}"
         - name: SKIP_SSL_VERIFICATION
           value: "true"

packages/system/cert-manager/values.yaml

@@ -0,0 +1 @@
+cert-manager: {}

packages/system/cozystack-scheduler/Chart.yaml

@@ -1,3 +0,0 @@
-apiVersion: v2
-name: cozy-cozystack-scheduler
-version: 0.1.0

packages/system/cozystack-scheduler/Makefile

@@ -1,10 +0,0 @@
-export NAME=cozystack-scheduler
-export NAMESPACE=kube-system
-
-include ../../../hack/package.mk
-
-update:
-	rm -rf crds templates values.yaml Chart.yaml
-	tag=$$(git ls-remote --tags --sort="v:refname" https://github.com/cozystack/cozystack-scheduler | awk -F'[/^]' 'END{print $$3}') && \
-	curl -sSL https://github.com/cozystack/cozystack-scheduler/archive/refs/tags/$${tag}.tar.gz | \
-	tar xzvf - --strip 2 cozystack-scheduler-$${tag#*v}/chart

packages/system/cozystack-scheduler/templates/clusterrole.yaml

@@ -1,9 +0,0 @@
-apiVersion: rbac.authorization.k8s.io/v1
-kind: ClusterRole
-metadata:
-  name: cozystack-scheduler
-rules:
-  - apiGroups: ["cozystack.io"]
-    resources:
-      - schedulingclasses
-    verbs: ["get", "list", "watch"]

packages/system/cozystack-scheduler/templates/clusterrolebinding.yaml

@@ -1,38 +0,0 @@
-apiVersion: rbac.authorization.k8s.io/v1
-kind: ClusterRoleBinding
-metadata:
-  name: cozystack-scheduler:kube-scheduler
-roleRef:
-  apiGroup: rbac.authorization.k8s.io
-  kind: ClusterRole
-  name: system:kube-scheduler
-subjects:
-  - kind: ServiceAccount
-    name: cozystack-scheduler
-    namespace: {{ .Release.Namespace }}
----
-apiVersion: rbac.authorization.k8s.io/v1
-kind: ClusterRoleBinding
-metadata:
-  name: cozystack-scheduler:volume-scheduler
-roleRef:
-  apiGroup: rbac.authorization.k8s.io
-  kind: ClusterRole
-  name: system:volume-scheduler
-subjects:
-  - kind: ServiceAccount
-    name: cozystack-scheduler
-    namespace: {{ .Release.Namespace }}
----
-apiVersion: rbac.authorization.k8s.io/v1
-kind: ClusterRoleBinding
-metadata:
-  name: cozystack-scheduler
-roleRef:
-  apiGroup: rbac.authorization.k8s.io
-  kind: ClusterRole
-  name: cozystack-scheduler
-subjects:
-  - kind: ServiceAccount
-    name: cozystack-scheduler
-    namespace: {{ .Release.Namespace }}

packages/system/cozystack-scheduler/templates/configmap.yaml

@@ -1,54 +0,0 @@
-apiVersion: v1
-kind: ConfigMap
-metadata:
-  name: cozystack-scheduler-config
-  namespace: {{ .Release.Namespace }}
-data:
-  scheduler-config.yaml: |
-    apiVersion: kubescheduler.config.k8s.io/v1
-    kind: KubeSchedulerConfiguration
-    leaderElection:
-      leaderElect: true
-      resourceNamespace: {{ .Release.Namespace }}
-      resourceName: cozystack-scheduler
-    profiles:
-      - schedulerName: cozystack-scheduler
-        plugins:
-          preFilter:
-            disabled:
-              - name: InterPodAffinity
-              - name: NodeAffinity
-              - name: PodTopologySpread
-            enabled:
-              - name: CozystackInterPodAffinity
-              - name: CozystackNodeAffinity
-              - name: CozystackPodTopologySpread
-              - name: CozystackSchedulingClass
-          filter:
-            disabled:
-              - name: InterPodAffinity
-              - name: NodeAffinity
-              - name: PodTopologySpread
-            enabled:
-              - name: CozystackInterPodAffinity
-              - name: CozystackNodeAffinity
-              - name: CozystackPodTopologySpread
-              - name: CozystackSchedulingClass
-          preScore:
-            disabled:
-              - name: InterPodAffinity
-              - name: NodeAffinity
-              - name: PodTopologySpread
-            enabled:
-              - name: CozystackInterPodAffinity
-              - name: CozystackNodeAffinity
-              - name: CozystackPodTopologySpread
-          score:
-            disabled:
-              - name: InterPodAffinity
-              - name: NodeAffinity
-              - name: PodTopologySpread
-            enabled:
-              - name: CozystackInterPodAffinity
-              - name: CozystackNodeAffinity
-              - name: CozystackPodTopologySpread

packages/system/cozystack-scheduler/templates/deployment.yaml

@@ -1,37 +0,0 @@
-apiVersion: apps/v1
-kind: Deployment
-metadata:
-  name: cozystack-scheduler
-  namespace: {{ .Release.Namespace }}
-spec:
-  replicas: {{ .Values.replicas }}
-  selector:
-    matchLabels:
-      app: cozystack-scheduler
-  template:
-    metadata:
-      labels:
-        app: cozystack-scheduler
-    spec:
-      serviceAccountName: cozystack-scheduler
-      containers:
-        - name: cozystack-scheduler
-          image: {{ .Values.image }}
-          command:
-            - /cozystack-scheduler
-            - --config=/etc/kubernetes/scheduler-config.yaml
-          livenessProbe:
-            httpGet:
-              path: /healthz
-              port: 10259
-              scheme: HTTPS
-            initialDelaySeconds: 15
-          volumeMounts:
-            - name: config
-              mountPath: /etc/kubernetes/scheduler-config.yaml
-              subPath: scheduler-config.yaml
-              readOnly: true
-      volumes:
-        - name: config
-          configMap:
-            name: cozystack-scheduler-config

packages/system/cozystack-scheduler/templates/rolebinding.yaml

@@ -1,40 +0,0 @@
-apiVersion: rbac.authorization.k8s.io/v1
-kind: RoleBinding
-metadata:
-  name: cozystack-scheduler:extension-apiserver-authentication-reader
-  namespace: kube-system
-roleRef:
-  apiGroup: rbac.authorization.k8s.io
-  kind: Role
-  name: extension-apiserver-authentication-reader
-subjects:
-  - kind: ServiceAccount
-    name: cozystack-scheduler
-    namespace: {{ .Release.Namespace }}
----
-apiVersion: rbac.authorization.k8s.io/v1
-kind: Role
-metadata:
-  name: cozystack-scheduler:leader-election
-  namespace: {{ .Release.Namespace }}
-rules:
-  - apiGroups: ["coordination.k8s.io"]
-    resources: ["leases"]
-    verbs: ["create", "get", "list", "update", "watch"]
-  - apiGroups: ["coordination.k8s.io"]
-    resources: ["leasecandidates"]
-    verbs: ["create", "get", "list", "update", "watch"]
----
-apiVersion: rbac.authorization.k8s.io/v1
-kind: RoleBinding
-metadata:
-  name: cozystack-scheduler:leader-election
-  namespace: {{ .Release.Namespace }}
-roleRef:
-  apiGroup: rbac.authorization.k8s.io
-  kind: Role
-  name: cozystack-scheduler:leader-election
-subjects:
-  - kind: ServiceAccount
-    name: cozystack-scheduler
-    namespace: {{ .Release.Namespace }}

packages/system/cozystack-scheduler/templates/serviceaccount.yaml

@@ -1,5 +0,0 @@
-apiVersion: v1
-kind: ServiceAccount
-metadata:
-  name: cozystack-scheduler
-  namespace: {{ .Release.Namespace }}

packages/system/cozystack-scheduler/values.yaml

@@ -1,2 +0,0 @@
-image: ghcr.io/cozystack/cozystack/cozystack-scheduler:v0.1.0@sha256:5f7150c82177478467ff80628acb5a400291aff503364aa9e26fc346d79a73cf
-replicas: 1

packages/system/gateway-api-crds/Makefile

@@ -6,4 +6,4 @@ include ../../../hack/package.mk
 update:
 	rm -rf templates
 	mkdir templates
-	kubectl kustomize "github.com/kubernetes-sigs/gateway-api/config/crd/experimental?ref=v1.2.0" > templates/crds-experimental.yaml
+	kubectl kustomize "github.com/kubernetes-sigs/gateway-api/config/crd/experimental?ref=v1.5.0" > templates/crds-experimental.yaml

pkg/cmd/server/openapi.go

@@ -224,8 +224,8 @@ func buildPostProcessV3(kindSchemas map[string]string) func(*spec3.OpenAPI) (*sp
 		base, ok1 := doc.Components.Schemas[baseRef]
 		list, ok2 := doc.Components.Schemas[baseListRef]
 		stat, ok3 := doc.Components.Schemas[baseStatusRef]
-		if !(ok1 && ok2 && ok3) {
-			return doc, nil // not the apps GV — nothing to patch
+		if !(ok1 && ok2 && ok3) && len(kindSchemas) > 0 {
+			return doc, fmt.Errorf("base Application* schemas not found")
 		}
 
 		// Clone base schemas for each kind
@@ -339,8 +339,8 @@ func buildPostProcessV2(kindSchemas map[string]string) func(*spec.Swagger) (*spe
 		base, ok1 := defs[baseRef]
 		list, ok2 := defs[baseListRef]
 		stat, ok3 := defs[baseStatusRef]
-		if !(ok1 && ok2 && ok3) {
-			return sw, nil // not the apps GV — nothing to patch
+		if !(ok1 && ok2 && ok3) && len(kindSchemas) > 0 {
+			return sw, fmt.Errorf("base Application* schemas not found")
 		}
 
 		for kind, raw := range kindSchemas {