Release v0.35.4 (#1394 )

This PR prepares the release `v0.35.4`.
Prepare release v0.35.4
2026-03-03 21:48:57 +00:00 · 2025-09-05 16:53:51 +02:00 · 2025-09-05 12:31:08 +00:00 · 2025-09-05 12:55:06 +02:00 · 2025-09-05 10:54:02 +00:00 · 2025-09-05 10:19:36 +02:00
39 changed files with 76 additions and 159 deletions
--- a/packages/apps/clickhouse/Makefile
+++ b/packages/apps/clickhouse/Makefile
@@ -8,16 +8,11 @@ generate:

 image:
 	docker buildx build images/clickhouse-backup \
-		--provenance false \
-		--builder=$(BUILDER) \
-		--platform=$(PLATFORM) \
 		--tag $(REGISTRY)/clickhouse-backup:$(call settag,$(CLICKHOUSE_BACKUP_TAG)) \
 		--cache-from type=registry,ref=$(REGISTRY)/clickhouse-backup:latest \
 		--cache-to type=inline \
 		--metadata-file images/clickhouse-backup.json \
-		--push=$(PUSH) \
-		--label "org.opencontainers.image.source=https://github.com/cozystack/cozystack" \
-		--load=$(LOAD)
+		$(BUILDX_ARGS)
 	echo "$(REGISTRY)/clickhouse-backup:$(call settag,$(CLICKHOUSE_BACKUP_TAG))@$$(yq e '."containerimage.digest"' images/clickhouse-backup.json -o json -r)" \
 		> images/clickhouse-backup.tag
 	rm -f images/clickhouse-backup.json
--- a/packages/apps/http-cache/Makefile
+++ b/packages/apps/http-cache/Makefile
@@ -7,16 +7,11 @@ image: image-nginx

 image-nginx:
 	docker buildx build images/nginx-cache \
-		--provenance false \
-		--builder=$(BUILDER) \
-		--platform=$(PLATFORM) \
 		--tag $(REGISTRY)/nginx-cache:$(call settag,$(NGINX_CACHE_TAG)) \
 		--cache-from type=registry,ref=$(REGISTRY)/nginx-cache:latest \
 		--cache-to type=inline \
 		--metadata-file images/nginx-cache.json \
-		--push=$(PUSH) \
-		--label "org.opencontainers.image.source=https://github.com/cozystack/cozystack" \
-		--load=$(LOAD)
+		$(BUILDX_ARGS)
 	echo "$(REGISTRY)/nginx-cache:$(call settag,$(NGINX_CACHE_TAG))@$$(yq e '."containerimage.digest"' images/nginx-cache.json -o json -r)" \
 		> images/nginx-cache.tag
 	rm -f images/nginx-cache.json
--- a/packages/apps/http-cache/images/nginx-cache.tag
+++ b/packages/apps/http-cache/images/nginx-cache.tag
@@ -1 +1 @@
-ghcr.io/cozystack/cozystack/nginx-cache:0.7.0@sha256:e0a07082bb6fc6aeaae2315f335386f1705a646c72f9e0af512aebbca5cb2b15
+ghcr.io/cozystack/cozystack/nginx-cache:0.7.0@sha256:50ac1581e3100bd6c477a71161cb455a341ffaf9e5e2f6086802e4e25271e8af
--- a/packages/apps/kubernetes/Makefile
+++ b/packages/apps/kubernetes/Makefile
@@ -12,52 +12,37 @@ image: image-ubuntu-container-disk image-kubevirt-cloud-provider image-kubevirt-

 image-ubuntu-container-disk:
 	docker buildx build images/ubuntu-container-disk \
-		--provenance false \
-		--builder=$(BUILDER) \
-		--platform=$(PLATFORM) \
 		--build-arg KUBERNETES_VERSION=${KUBERNETES_VERSION} \
 		--tag $(REGISTRY)/ubuntu-container-disk:$(call settag,$(KUBERNETES_VERSION)) \
 		--tag $(REGISTRY)/ubuntu-container-disk:$(call settag,$(KUBERNETES_VERSION)-$(TAG)) \
 		--cache-from type=registry,ref=$(REGISTRY)/ubuntu-container-disk:latest \
 		--cache-to type=inline \
 		--metadata-file images/ubuntu-container-disk.json \
-		--push=$(PUSH) \
-		--label "org.opencontainers.image.source=https://github.com/cozystack/cozystack" \
-		--load=$(LOAD)
+		$(BUILDX_ARGS)
 	echo "$(REGISTRY)/ubuntu-container-disk:$(call settag,$(KUBERNETES_VERSION))@$$(yq e '."containerimage.digest"' images/ubuntu-container-disk.json -o json -r)" \
 		> images/ubuntu-container-disk.tag
 	rm -f images/ubuntu-container-disk.json

 image-kubevirt-cloud-provider:
 	docker buildx build images/kubevirt-cloud-provider \
-		--provenance false \
-		--builder=$(BUILDER) \
-		--platform=$(PLATFORM) \
 		--tag $(REGISTRY)/kubevirt-cloud-provider:$(call settag,$(KUBERNETES_PKG_TAG)) \
 		--tag $(REGISTRY)/kubevirt-cloud-provider:$(call settag,$(KUBERNETES_PKG_TAG)-$(TAG)) \
 		--cache-from type=registry,ref=$(REGISTRY)/kubevirt-cloud-provider:latest \
 		--cache-to type=inline \
 		--metadata-file images/kubevirt-cloud-provider.json \
-		--push=$(PUSH) \
-		--label "org.opencontainers.image.source=https://github.com/cozystack/cozystack" \
-		--load=$(LOAD)
+		$(BUILDX_ARGS)
 	echo "$(REGISTRY)/kubevirt-cloud-provider:$(call settag,$(KUBERNETES_PKG_TAG))@$$(yq e '."containerimage.digest"' images/kubevirt-cloud-provider.json -o json -r)" \
 		> images/kubevirt-cloud-provider.tag
 	rm -f images/kubevirt-cloud-provider.json

 image-kubevirt-csi-driver:
 	docker buildx build images/kubevirt-csi-driver \
-		--provenance false \
-		--builder=$(BUILDER) \
-		--platform=$(PLATFORM) \
 		--tag $(REGISTRY)/kubevirt-csi-driver:$(call settag,$(KUBERNETES_PKG_TAG)) \
 		--tag $(REGISTRY)/kubevirt-csi-driver:$(call settag,$(KUBERNETES_PKG_TAG)-$(TAG)) \
 		--cache-from type=registry,ref=$(REGISTRY)/kubevirt-csi-driver:latest \
 		--cache-to type=inline \
 		--metadata-file images/kubevirt-csi-driver.json \
-		--push=$(PUSH) \
-		--label "org.opencontainers.image.source=https://github.com/cozystack/cozystack" \
-		--load=$(LOAD)
+		$(BUILDX_ARGS)
 	echo "$(REGISTRY)/kubevirt-csi-driver:$(call settag,$(KUBERNETES_PKG_TAG))@$$(yq e '."containerimage.digest"' images/kubevirt-csi-driver.json -o json -r)" \
 		> images/kubevirt-csi-driver.tag
 	IMAGE=$$(cat images/kubevirt-csi-driver.tag) \
@@ -67,17 +52,12 @@ image-kubevirt-csi-driver:

 image-cluster-autoscaler:
 	docker buildx build images/cluster-autoscaler \
-		--provenance false \
-		--builder=$(BUILDER) \
-		--platform=$(PLATFORM) \
 		--tag $(REGISTRY)/cluster-autoscaler:$(call settag,$(KUBERNETES_PKG_TAG)) \
 		--tag $(REGISTRY)/cluster-autoscaler:$(call settag,$(KUBERNETES_PKG_TAG)-$(TAG)) \
 		--cache-from type=registry,ref=$(REGISTRY)/cluster-autoscaler:latest \
 		--cache-to type=inline \
 		--metadata-file images/cluster-autoscaler.json \
-		--push=$(PUSH) \
-		--label "org.opencontainers.image.source=https://github.com/cozystack/cozystack" \
-		--load=$(LOAD)
+		$(BUILDX_ARGS)
 	echo "$(REGISTRY)/cluster-autoscaler:$(call settag,$(KUBERNETES_PKG_TAG))@$$(yq e '."containerimage.digest"' images/cluster-autoscaler.json -o json -r)" \
 		> images/cluster-autoscaler.tag
 	rm -f images/cluster-autoscaler.json
--- a/packages/apps/kubernetes/images/kubevirt-csi-driver.tag
+++ b/packages/apps/kubernetes/images/kubevirt-csi-driver.tag
@@ -1 +1 @@
-ghcr.io/cozystack/cozystack/kubevirt-csi-driver:0.27.0@sha256:c35987e8b37ad3b34a9a32fe6e80eee77b4c57b99090ca5cdbc3d16c25edb3b9
+ghcr.io/cozystack/cozystack/kubevirt-csi-driver:0.27.0@sha256:8eb9803aa1b38e1b2db98237bf0d1046f0ba90be0157c22da1efc3811bb25ecf
--- a/packages/apps/mysql/Makefile
+++ b/packages/apps/mysql/Makefile
@@ -8,16 +8,11 @@ generate:

 image:
 	docker buildx build images/mariadb-backup \
-		--provenance false \
-		--builder=$(BUILDER) \
-		--platform=$(PLATFORM) \
 		--tag $(REGISTRY)/mariadb-backup:$(call settag,$(MARIADB_BACKUP_TAG)) \
 		--cache-from type=registry,ref=$(REGISTRY)/mariadb-backup:latest \
 		--cache-to type=inline \
 		--metadata-file images/mariadb-backup.json \
-		--push=$(PUSH) \
-		--label "org.opencontainers.image.source=https://github.com/cozystack/cozystack" \
-		--load=$(LOAD)
+		$(BUILDX_ARGS)
 	echo "$(REGISTRY)/mariadb-backup:$(call settag,$(MARIADB_BACKUP_TAG))@$$(yq e '."containerimage.digest"' images/mariadb-backup.json -o json -r)" \
 		> images/mariadb-backup.tag
 	rm -f images/mariadb-backup.json
--- a/packages/apps/virtual-machine/templates/vm-update-hook.yaml
+++ b/packages/apps/virtual-machine/templates/vm-update-hook.yaml
@@ -64,14 +64,14 @@ spec:
            - |
              {{- if $needUpdateType }}
              echo "Patching VirtualMachine for instancetype update..."
-              kubectl patch virtualmachine {{ $vmName }} -n {{ $namespace }} \
+              kubectl patch virtualmachines.kubevirt.io {{ $vmName }} -n {{ $namespace }} \
                --type merge \
                -p '{"spec":{"instancetype":{"name": "{{ $instanceType }}", "revisionName": null}}}'
              {{- end }}
              
              {{- if $needUpdateProfile }}
              echo "Patching VirtualMachine for preference update..."
-              kubectl patch virtualmachine {{ $vmName }} -n {{ $namespace }} \
+              kubectl patch virtualmachines.kubevirt.io {{ $vmName }} -n {{ $namespace }} \
                --type merge \
                -p '{"spec":{"preference":{"name": "{{ $instanceProfile }}", "revisionName": null}}}'
              {{- end }}
--- a/packages/apps/vm-instance/templates/vm-update-hook.yaml
+++ b/packages/apps/vm-instance/templates/vm-update-hook.yaml
@@ -54,14 +54,14 @@ spec:
            - |
              {{- if $needUpdateType }}
              echo "Patching VirtualMachine for instancetype update..."
-              kubectl patch virtualmachine {{ $vmName }} -n {{ $namespace }} \
+              kubectl patch virtualmachines.kubevirt.io {{ $vmName }} -n {{ $namespace }} \
                --type merge \
                -p '{"spec":{"instancetype":{"name": "{{ $instanceType }}", "revisionName": null}}}'
              {{- end }}
              
              {{- if $needUpdateProfile }}
              echo "Patching VirtualMachine for preference update..."
-              kubectl patch virtualmachine {{ $vmName }} -n {{ $namespace }} \
+              kubectl patch virtualmachines.kubevirt.io {{ $vmName }} -n {{ $namespace }} \
                --type merge \
                -p '{"spec":{"preference":{"name": "{{ $instanceProfile }}", "revisionName": null}}}'
              {{- end }}
--- a/packages/core/installer/Makefile
+++ b/packages/core/installer/Makefile
@@ -24,15 +24,11 @@ image: pre-checks image-matchbox image-cozystack image-talos

 image-cozystack:
 	docker buildx build -f images/cozystack/Dockerfile ../../.. \
-		--provenance false \
 		--tag $(REGISTRY)/installer:$(call settag,$(TAG)) \
 		--cache-from type=registry,ref=$(REGISTRY)/installer:latest \
-		--platform linux/amd64 \
 		--cache-to type=inline \
 		--metadata-file images/installer.json \
-		--push=$(PUSH) \
-		--label "org.opencontainers.image.source=https://github.com/cozystack/cozystack" \
-		--load=$(LOAD)
+		$(BUILDX_ARGS)
 	IMAGE="$(REGISTRY)/installer:$(call settag,$(TAG))@$$(yq e '."containerimage.digest"' images/installer.json -o json -r)" \
 		yq -i '.cozystack.image = strenv(IMAGE)' values.yaml
 	rm -f images/installer.json
@@ -45,15 +41,12 @@ image-matchbox:
 	test -f ../../../_out/assets/kernel-amd64 || make talos-kernel
 	test -f ../../../_out/assets/initramfs-metal-amd64.xz || make talos-initramfs
 	docker buildx build -f images/matchbox/Dockerfile ../../.. \
-		--provenance false \
 		--tag $(REGISTRY)/matchbox:$(call settag,$(TAG)) \
 		--tag $(REGISTRY)/matchbox:$(call settag,$(TALOS_VERSION)-$(TAG)) \
 		--cache-from type=registry,ref=$(REGISTRY)/matchbox:latest \
 		--cache-to type=inline \
 		--metadata-file images/matchbox.json \
-		--push=$(PUSH) \
-		--label "org.opencontainers.image.source=https://github.com/cozystack/cozystack" \
-		--load=$(LOAD)
+		$(BUILDX_ARGS)
 	echo "$(REGISTRY)/matchbox:$(call settag,$(TAG))@$$(yq e '."containerimage.digest"' images/matchbox.json -o json -r)" \
 		> ../../extra/bootbox/images/matchbox.tag
 	rm -f images/matchbox.json
--- a/packages/core/installer/values.yaml
+++ b/packages/core/installer/values.yaml
@@ -1,2 +1,2 @@
 cozystack:
-  image: ghcr.io/cozystack/cozystack/installer:v0.35.2@sha256:1f1caa8b79869848e45b514c1bf29f96a196aa6cd439fa3c7212c30b0271638d
+  image: ghcr.io/cozystack/cozystack/installer:v0.35.4@sha256:c60b2026347aab1d13c12d1f6432aba0cc89025786502f82b5bc34eac746efdb
--- a/packages/core/platform/templates/helmreleases.yaml
+++ b/packages/core/platform/templates/helmreleases.yaml
@@ -77,7 +77,7 @@ spec:
  {{-   $values = merge . $values }}
  {{- end }}
  {{- with index $cozyConfig.data (printf "values-%s" $x.name) }}
-  {{-   $values = merge (fromYaml .) $values }}
+  {{-   $values = mergeOverwrite $values (fromYaml .) }}
  {{- end }}
  {{- with $values }}
  values:
--- a/packages/core/testing/Makefile
+++ b/packages/core/testing/Makefile
@@ -16,16 +16,11 @@ image: image-e2e-sandbox

 image-e2e-sandbox:
 	docker buildx build -f images/e2e-sandbox/Dockerfile images/e2e-sandbox \
-		--provenance false \
-		--builder=$(BUILDER) \
-		--platform=$(PLATFORM) \
 		--tag $(REGISTRY)/e2e-sandbox:$(call settag,$(TAG)) \
 		--cache-from type=registry,ref=$(REGISTRY)/e2e-sandbox:latest \
 		--cache-to type=inline \
 		--metadata-file images/e2e-sandbox.json \
-		--push=$(PUSH) \
-		--label "org.opencontainers.image.source=https://github.com/cozystack/cozystack" \
-		--load=$(LOAD)
+		$(BUILDX_ARGS)
 	IMAGE="$(REGISTRY)/e2e-sandbox:$(call settag,$(TAG))@$$(yq e '."containerimage.digest"' images/e2e-sandbox.json -o json -r)" \
 		yq -i '.e2e.image = strenv(IMAGE)' values.yaml
 	rm -f images/e2e-sandbox.json
--- a/packages/core/testing/values.yaml
+++ b/packages/core/testing/values.yaml
@@ -1,2 +1,2 @@
 e2e:
-  image: ghcr.io/cozystack/cozystack/e2e-sandbox:v0.35.2@sha256:aef4672d4d6c3f28b2fcab966ff76dd6dca1917d5c22bf23aff2f37d4d906245
+  image: ghcr.io/cozystack/cozystack/e2e-sandbox:v0.35.4@sha256:3906424ea24eec9043ac6781201bd912f833a9cfb646e48c0d451446e371025d
--- a/packages/extra/bootbox/images/matchbox.tag
+++ b/packages/extra/bootbox/images/matchbox.tag
@@ -1 +1 @@
-ghcr.io/cozystack/cozystack/matchbox:v0.35.2@sha256:83ec3d69d9e45bc964b803e6d52dc3c6902ebb1573efbc3fa1bd9adfdadf968b
+ghcr.io/cozystack/cozystack/matchbox:v0.35.4@sha256:d1ce10bb0be21d6b5a6d5aa734ec88b04b2979715f73fc083becd12791c1ea37
--- a/packages/extra/monitoring/Makefile
+++ b/packages/extra/monitoring/Makefile
@@ -10,16 +10,11 @@ generate:

 image:
 	docker buildx build images/grafana \
-		--provenance false \
-		--builder=$(BUILDER) \
-		--platform=$(PLATFORM) \
 		--tag $(REGISTRY)/grafana:$(call settag,$(GRAFANA_TAG)) \
 		--cache-from type=registry,ref=$(REGISTRY)/grafana:latest \
 		--cache-to type=inline \
 		--metadata-file images/grafana.json \
-		--push=$(PUSH) \
-		--label "org.opencontainers.image.source=https://github.com/cozystack/cozystack" \
-		--load=$(LOAD)
+		$(BUILDX_ARGS)
 	echo "$(REGISTRY)/grafana:$(call settag,$(GRAFANA_TAG))@$$(yq e '."containerimage.digest"' images/grafana.json -o json -r)" \
 		> images/grafana.tag
 	rm -f images/grafana.json
--- a/packages/extra/seaweedfs/images/objectstorage-sidecar.tag
+++ b/packages/extra/seaweedfs/images/objectstorage-sidecar.tag
@@ -1 +1 @@
-ghcr.io/cozystack/cozystack/objectstorage-sidecar:v0.35.2@sha256:93ffb888755b2914fbbfc402a1daf450d628bced71629c53627b1b759740df72
+ghcr.io/cozystack/cozystack/objectstorage-sidecar:v0.35.4@sha256:f59d7755c1e1a4e3ab24affc1a76f095c03e57a86986dc4059ba7c154f842a4c
--- a/packages/library/cozy-lib/templates/_resources.tpl
+++ b/packages/library/cozy-lib/templates/_resources.tpl
@@ -172,3 +172,15 @@
 {{-   $xmsMi := min (div $memoryLimitInt 4194304) (div $memoryRequestInt 1048576) }}
 {{-   printf `-Xms%dm -Xmx%dm` $xmsMi $xmxMi }}
 {{- end }}
+
+{{- define "cozy-lib.resources.flatten" -}}
+{{- $out := dict -}}
+{{- $res := include "cozy-lib.resources.sanitize" . | fromYaml -}}
+{{- range $section, $values := $res }}
+  {{- range $k, $v := $values }}
+    {{- $key := printf "%s.%s" $section $k }}
+    {{- $_ := set $out $key $v }}
+  {{- end }}
+{{- end }}
+{{- dict "resourceQuotas" $out | toYaml }}
+{{- end }}
--- a/packages/system/bucket/Makefile
+++ b/packages/system/bucket/Makefile
@@ -12,16 +12,11 @@ image: image-s3manager

 image-s3manager:
 	docker buildx build images/s3manager \
-		--provenance false \
-		--builder=$(BUILDER) \
-		--platform=$(PLATFORM) \
 		--tag $(REGISTRY)/s3manager:$(call settag,$(S3MANAGER_TAG)) \
 		--cache-from type=registry,ref=$(REGISTRY)/s3manager:latest \
 		--cache-to type=inline \
 		--metadata-file images/s3manager.json \
-		--push=$(PUSH) \
-		--label "org.opencontainers.image.source=https://github.com/cozystack/cozystack" \
-		--load=$(LOAD)
+		$(BUILDX_ARGS)
 	echo "$(REGISTRY)/s3manager:$(call settag,$(S3MANAGER_TAG))@$$(yq e '."containerimage.digest"' images/s3manager.json -o json -r)" \
 		> images/s3manager.tag
 	rm -f images/s3manager.json
--- a/packages/system/bucket/images/s3manager.tag
+++ b/packages/system/bucket/images/s3manager.tag
@@ -1 +1 @@
-ghcr.io/cozystack/cozystack/s3manager:v0.5.0@sha256:084c6e1665762cae38bac235c79c00d4ec61b5e73ad46ebf7eed596b2c5fcd0a
+ghcr.io/cozystack/cozystack/s3manager:v0.5.0@sha256:f4aa0e84ad934b1261f11c4e7f30ff20b6cbd9a0478430f768c21fa945bf9f8e
--- a/packages/system/cilium/Makefile
+++ b/packages/system/cilium/Makefile
@@ -17,17 +17,12 @@ update:

 image:
 	docker buildx build images/cilium \
-		--provenance false \
-		--builder=$(BUILDER) \
-		--platform=$(PLATFORM) \
 		--tag $(REGISTRY)/cilium:$(call settag,$(CILIUM_TAG)) \
 		--tag $(REGISTRY)/cilium:$(call settag,$(CILIUM_TAG)-$(TAG)) \
 		--cache-from type=registry,ref=$(REGISTRY)/cilium:latest \
 		--cache-to type=inline \
 		--metadata-file images/cilium.json \
-		--push=$(PUSH) \
-		--label "org.opencontainers.image.source=https://github.com/cozystack/cozystack" \
-		--load=$(LOAD)
+		$(BUILDX_ARGS)
 	REPOSITORY="$(REGISTRY)/cilium" \
 		yq -i '.cilium.image.repository = strenv(REPOSITORY)' values.yaml
 	TAG=$(call settag,$(CILIUM_TAG)) \
--- a/packages/system/cozystack-api/Makefile
+++ b/packages/system/cozystack-api/Makefile
@@ -8,16 +8,11 @@ image: image-cozystack-api

 image-cozystack-api:
 	docker buildx build -f images/cozystack-api/Dockerfile ../../.. \
-		--provenance false \
-		--builder=$(BUILDER) \
-		--platform=$(PLATFORM) \
 		--tag $(REGISTRY)/cozystack-api:$(call settag,$(TAG)) \
 		--cache-from type=registry,ref=$(REGISTRY)/cozystack-api:latest \
 		--cache-to type=inline \
 		--metadata-file images/cozystack-api.json \
-		--push=$(PUSH) \
-		--label "org.opencontainers.image.source=https://github.com/cozystack/cozystack" \
-		--load=$(LOAD)
+		$(BUILDX_ARGS)
 	IMAGE="$(REGISTRY)/cozystack-api:$(call settag,$(TAG))@$$(yq e '."containerimage.digest"' images/cozystack-api.json -o json -r)" \
 		yq -i '.cozystackAPI.image = strenv(IMAGE)' values.yaml
 	rm -f images/cozystack-api.json
--- a/packages/system/cozystack-api/values.yaml
+++ b/packages/system/cozystack-api/values.yaml
@@ -1,2 +1,2 @@
 cozystackAPI:
-  image: ghcr.io/cozystack/cozystack/cozystack-api:v0.35.2@sha256:c545ecf298ce5f70d947ba3b9cbdb4415d540e62b1e991984bc8847db8e1943c
+  image: ghcr.io/cozystack/cozystack/cozystack-api:v0.35.4@sha256:d9b3234f4bf405553bd1fcdc437e34e3a9d4c68c3fd022f034143172aef8fbc8
--- a/packages/system/cozystack-controller/Makefile
+++ b/packages/system/cozystack-controller/Makefile
@@ -8,16 +8,11 @@ image: image-cozystack-controller update-version

 image-cozystack-controller:
 	docker buildx build -f images/cozystack-controller/Dockerfile ../../.. \
-		--provenance false \
-		--builder=$(BUILDER) \
-		--platform=$(PLATFORM) \
 		--tag $(REGISTRY)/cozystack-controller:$(call settag,$(TAG)) \
 		--cache-from type=registry,ref=$(REGISTRY)/cozystack-controller:latest \
 		--cache-to type=inline \
 		--metadata-file images/cozystack-controller.json \
-		--push=$(PUSH) \
-		--label "org.opencontainers.image.source=https://github.com/cozystack/cozystack" \
-		--load=$(LOAD)
+		$(BUILDX_ARGS)
 	IMAGE="$(REGISTRY)/cozystack-controller:$(call settag,$(TAG))@$$(yq e '."containerimage.digest"' images/cozystack-controller.json -o json -r)" \
 		yq -i '.cozystackController.image = strenv(IMAGE)' values.yaml
 	rm -f images/cozystack-controller.json
--- a/packages/system/cozystack-controller/values.yaml
+++ b/packages/system/cozystack-controller/values.yaml
@@ -1,5 +1,5 @@
 cozystackController:
-  image: ghcr.io/cozystack/cozystack/cozystack-controller:v0.35.2@sha256:6052c5119485f3349aabde1950eedc847571cc8eefc62bc3bb3b3ac8202ea234
+  image: ghcr.io/cozystack/cozystack/cozystack-controller:v0.35.4@sha256:de846fba9c02a6cd8e19f69c523722b145493368ab03fa54e5ed5b3ef84940c5
  debug: false
  disableTelemetry: false
-  cozystackVersion: "v0.35.2"
+  cozystackVersion: "v0.35.4"
--- a/packages/system/dashboard/Makefile
+++ b/packages/system/dashboard/Makefile
@@ -28,16 +28,11 @@ update-dockerfiles:

 image-dashboard: update-version
 	docker buildx build images/dashboard \
-		--provenance false \
-		--builder=$(BUILDER) \
-		--platform=$(PLATFORM) \
 		--tag $(REGISTRY)/dashboard:$(call settag,$(TAG)) \
 		--cache-from type=registry,ref=$(REGISTRY)/dashboard:latest \
 		--cache-to type=inline \
 		--metadata-file images/dashboard.json \
-		--push=$(PUSH) \
-		--label "org.opencontainers.image.source=https://github.com/cozystack/cozystack" \
-		--load=$(LOAD)
+		$(BUILDX_ARGS)
 	REGISTRY="$(REGISTRY)" \
 		yq -i '.kubeapps.dashboard.image.registry = strenv(REGISTRY)' values.yaml
 	REPOSITORY="dashboard" \
@@ -50,16 +45,11 @@ image-dashboard: update-version

 image-kubeapps-apis: update-version
 	docker buildx build images/kubeapps-apis \
-		--provenance false \
-		--builder=$(BUILDER) \
-		--platform=$(PLATFORM) \
 		--tag $(REGISTRY)/kubeapps-apis:$(call settag,$(TAG)) \
 		--cache-from type=registry,ref=$(REGISTRY)/kubeapps-apis:latest \
 		--cache-to type=inline \
 		--metadata-file images/kubeapps-apis.json \
-		--push=$(PUSH) \
-		--label "org.opencontainers.image.source=https://github.com/cozystack/cozystack" \
-		--load=$(LOAD)
+		$(BUILDX_ARGS)
 	REGISTRY="$(REGISTRY)" \
 		yq -i '.kubeapps.kubeappsapis.image.registry = strenv(REGISTRY)' values.yaml
 	REPOSITORY="kubeapps-apis" \
--- a/packages/system/dashboard/charts/kubeapps/templates/dashboard/configmap.yaml
+++ b/packages/system/dashboard/charts/kubeapps/templates/dashboard/configmap.yaml
@@ -76,7 +76,7 @@ data:
      "kubeappsNamespace": {{ .Release.Namespace | quote }},
      "helmGlobalNamespace": {{ include "kubeapps.helmGlobalPackagingNamespace" . | quote }},
      "carvelGlobalNamespace": {{ .Values.kubeappsapis.pluginConfig.kappController.packages.v1alpha1.globalPackagingNamespace | quote }},
-      "appVersion": "v0.35.2",
+      "appVersion": "v0.35.4",
      "authProxyEnabled": {{ .Values.authProxy.enabled }},
      "oauthLoginURI": {{ .Values.authProxy.oauthLoginURI | quote }},
      "oauthLogoutURI": {{ .Values.authProxy.oauthLogoutURI | quote }},
--- a/packages/system/dashboard/values.yaml
+++ b/packages/system/dashboard/values.yaml
@@ -19,7 +19,7 @@ kubeapps:
    image:
      registry: ghcr.io/cozystack/cozystack
      repository: dashboard
-      tag: v0.35.2
+      tag: v0.35.4
      digest: "sha256:54906b3d2492c8603a347a5938b6db36e5ed5c4149111cae1804ac9110361947"
  redis:
    master:
@@ -37,8 +37,8 @@ kubeapps:
    image:
      registry: ghcr.io/cozystack/cozystack
      repository: kubeapps-apis
-      tag: v0.35.2
-      digest: "sha256:2bbf386d90e1a2d8acbf2e4bc92d20d0b72d71589c08843f98efc06eadb4cb69"
+      tag: v0.35.4
+      digest: "sha256:41d8ff62fca95119ee9137a0776b879ee7daf6aa22baaac072176098f675d777"
    pluginConfig:
      flux:
        packages:
--- a/packages/system/kamaji/Makefile
+++ b/packages/system/kamaji/Makefile
@@ -13,16 +13,11 @@ update:

 image:
 	docker buildx build images/kamaji \
-		--provenance false \
-		--builder=$(BUILDER) \
-		--platform=$(PLATFORM) \
 		--tag $(REGISTRY)/kamaji:$(call settag,$(TAG)) \
 		--cache-from type=registry,ref=$(REGISTRY)/kamaji:latest \
 		--cache-to type=inline \
 		--metadata-file images/kamaji.json \
-		--push=$(PUSH) \
-		--label "org.opencontainers.image.source=https://github.com/cozystack/cozystack"
-		--load=$(LOAD)
+		$(BUILDX_ARGS)
 	REPOSITORY="$(REGISTRY)/kamaji" \
 		yq -i '.kamaji.image.repository = strenv(REPOSITORY)' values.yaml
 	TAG=$(TAG)@$$(yq e '."containerimage.digest"' images/kamaji.json -o json -r) \
--- a/packages/system/kamaji/values.yaml
+++ b/packages/system/kamaji/values.yaml
@@ -3,7 +3,7 @@ kamaji:
    deploy: false
  image:
    pullPolicy: IfNotPresent
-    tag: v0.35.2@sha256:2b2c49d4f7dc649e3133b7f1dde3fc72f9d2f53004d99f9aa4051726e912d596
+    tag: v0.35.4@sha256:f901f5212e4883ee014dff3ac75a9ed91d136b71dd955b34c12539840e4454ea
    repository: ghcr.io/cozystack/cozystack/kamaji
  resources:
    limits:
@@ -13,4 +13,4 @@ kamaji:
      cpu: 100m
      memory: 100Mi
  extraArgs:
-    - --migrate-image=ghcr.io/cozystack/cozystack/kamaji:v0.35.2@sha256:2b2c49d4f7dc649e3133b7f1dde3fc72f9d2f53004d99f9aa4051726e912d596
+    - --migrate-image=ghcr.io/cozystack/cozystack/kamaji:v0.35.4@sha256:f901f5212e4883ee014dff3ac75a9ed91d136b71dd955b34c12539840e4454ea
--- a/packages/system/kubeovn-webhook/Makefile
+++ b/packages/system/kubeovn-webhook/Makefile
@@ -6,16 +6,11 @@ include ../../../scripts/package.mk

 image:
 	docker buildx build images/kubeovn-webhook \
-		--provenance false \
-		--builder=$(BUILDER) \
-		--platform=$(PLATFORM) \
 		--tag $(REGISTRY)/kubeovn-webhook:$(call settag,$(TAG)) \
 		--cache-from type=registry,ref=$(REGISTRY)/kubeovn-webhook:latest \
 		--cache-to type=inline \
 		--metadata-file images/kubeovn-webhook.json \
-		--push=$(PUSH) \
-		--label "org.opencontainers.image.source=https://github.com/cozystack/cozystack"
-		--load=$(LOAD)
+		$(BUILDX_ARGS)
 	IMAGE="$(REGISTRY)/kubeovn-webhook:$(call settag,$(TAG))@$$(yq e '."containerimage.digest"' images/kubeovn-webhook.json -o json -r)" \
 		yq -i '.image = strenv(IMAGE)' values.yaml
 	rm -f images/kubeovn-webhook.json
--- a/packages/system/kubeovn-webhook/values.yaml
+++ b/packages/system/kubeovn-webhook/values.yaml
@@ -1,3 +1,3 @@
 portSecurity: true
 routes: ""
-image: ghcr.io/cozystack/cozystack/kubeovn-webhook:v0.35.2@sha256:a2e6c6619270769d56beb1166d09fdc541a7754757d567ede558e8ebdeae397a
+image: ghcr.io/cozystack/cozystack/kubeovn-webhook:v0.35.4@sha256:a2cc2a66239bbe35db9e137abb07d0f2fa013ae33b46a91a18d61f0d21c8e15a
--- a/packages/system/kubeovn/Makefile
+++ b/packages/system/kubeovn/Makefile
@@ -19,17 +19,12 @@ update:

 image:
 	docker buildx build images/kubeovn \
-		--provenance false \
-		--builder=$(BUILDER) \
-		--platform=$(PLATFORM) \
 		--tag $(REGISTRY)/kubeovn:$(call settag,$(KUBEOVN_TAG)) \
 		--tag $(REGISTRY)/kubeovn:$(call settag,$(KUBEOVN_TAG)-$(TAG)) \
 		--cache-from type=registry,ref=$(REGISTRY)/kubeovn:latest \
 		--cache-to type=inline \
 		--metadata-file images/kubeovn.json \
-		--push=$(PUSH) \
-		--label "org.opencontainers.image.source=https://github.com/cozystack/cozystack" \
-		--load=$(LOAD)
+		$(BUILDX_ARGS)
 	REGISTRY="$(REGISTRY)" \
 		yq -i '.global.registry.address = strenv(REGISTRY)' values.yaml
 	REPOSITORY="kubeovn" \
--- a/packages/system/kubeovn/values.yaml
+++ b/packages/system/kubeovn/values.yaml
@@ -64,4 +64,4 @@ global:
  images:
    kubeovn:
      repository: kubeovn
-      tag: v1.13.14@sha256:26426fd9a61be17cc3a9431629e94cbe3c3570f9129f344120abe935a89b7291
+      tag: v1.13.14@sha256:ea9d2429de6cd2d983928882d415af6cbb926d426e7d42918661d22e9618c163
--- a/packages/system/kubevirt-csi-node/values.yaml
+++ b/packages/system/kubevirt-csi-node/values.yaml
@@ -1,3 +1,3 @@
 storageClass: replicated
 csiDriver:
-  image: ghcr.io/cozystack/cozystack/kubevirt-csi-driver:0.27.0@sha256:c35987e8b37ad3b34a9a32fe6e80eee77b4c57b99090ca5cdbc3d16c25edb3b9
+  image: ghcr.io/cozystack/cozystack/kubevirt-csi-driver:0.27.0@sha256:8eb9803aa1b38e1b2db98237bf0d1046f0ba90be0157c22da1efc3811bb25ecf
--- a/packages/system/metallb/Makefile
+++ b/packages/system/metallb/Makefile
@@ -15,18 +15,13 @@ image-controller image-speaker:
 	$(eval TARGET := $(subst image-,,$@))
 	$(eval VERSION := $(shell yq '.appVersion' charts/metallb/Chart.yaml))
 	docker buildx build images/metallb \
-		--provenance false \
-		--builder=$(BUILDER) \
-		--platform=$(PLATFORM) \
 		--target $(TARGET) \
 		--build-arg VERSION=$(VERSION) \
 		--tag $(REGISTRY)/metallb-$(TARGET):$(VERSION) \
 		--cache-from type=registry,ref=$(REGISTRY)/metallb-$(TARGET):latest \
 		--cache-to type=inline \
 		--metadata-file images/$(TARGET).json \
-		--push=$(PUSH) \
-		--label "org.opencontainers.image.source=https://github.com/cozystack/cozystack" \
-		--load=$(LOAD)
+		$(BUILDX_ARGS)
 	REPOSITORY="$(REGISTRY)/metallb-$(TARGET)" \
 		yq -i '.metallb.$(TARGET).image.repository = strenv(REPOSITORY)' values.yaml
 	TAG=$(VERSION)@$$(yq e '."containerimage.digest"' images/$(TARGET).json -o json -r) \
--- a/packages/system/objectstorage-controller/Makefile
+++ b/packages/system/objectstorage-controller/Makefile
@@ -22,8 +22,7 @@ image-controller image-sidecar:
 		--cache-from type=registry,ref=$(REGISTRY)/objectstorage-$(TARGET):latest \
 		--cache-to   type=inline \
 		--metadata-file images/$(TARGET).json \
-		--push=$(PUSH) --provenance=false --load=$(LOAD) \
-		--label "org.opencontainers.image.source=https://github.com/cozystack/cozystack"
+		$(BUILDX_ARGS)
 	IMAGE="$(REGISTRY)/objectstorage-$(TARGET):$(call settag,$(TAG))@$$(yq e '."containerimage.digest"' images/$(TARGET).json -r)" \
 		yq -i '$(YAML_PATH) = strenv(IMAGE)' $(VALUES_FILE)
 	rm -f images/$(TARGET).json
--- a/packages/system/objectstorage-controller/values.yaml
+++ b/packages/system/objectstorage-controller/values.yaml
@@ -1,3 +1,3 @@
 objectstorage:
  controller:
-    image: "ghcr.io/cozystack/cozystack/objectstorage-controller:v0.35.2@sha256:11343e5f0d7f1bd1ab1a56d5ff6ca9dba080eb5952c66da5b7c7dcdeb01fde38"
+    image: "ghcr.io/cozystack/cozystack/objectstorage-controller:v0.35.4@sha256:61111863bc66293d71e131bfa8fa91569a80885bf2805e7e21bb2c9d780848e5"
--- a/packages/system/seaweedfs/values.yaml
+++ b/packages/system/seaweedfs/values.yaml
@@ -84,6 +84,8 @@ seaweedfs:
    enableAuth: false
    readinessProbe:
      scheme: HTTPS
+    livenessProbe:
+      scheme: HTTPS
    logs:
      type: ""
    ingress:
@@ -95,6 +97,10 @@ seaweedfs:
        nginx.ingress.kubernetes.io/proxy-buffering: "off"
        nginx.ingress.kubernetes.io/proxy-request-buffering: "off"
        nginx.ingress.kubernetes.io/backend-protocol: "HTTPS"
+        nginx.ingress.kubernetes.io/proxy-read-timeout: "3600"
+        nginx.ingress.kubernetes.io/proxy-send-timeout: "3600"
+        nginx.ingress.kubernetes.io/client-body-timeout: "3600"
+        nginx.ingress.kubernetes.io/client-header-timeout: "120"
        acme.cert-manager.io/http01-ingress-class: tenant-root
        cert-manager.io/cluster-issuer: letsencrypt-prod
      tls:
@@ -116,7 +122,7 @@ seaweedfs:
    bucketClassName: "seaweedfs"
    region: ""
    sidecar:
-      image: "ghcr.io/cozystack/cozystack/objectstorage-sidecar:v0.35.2@sha256:93ffb888755b2914fbbfc402a1daf450d628bced71629c53627b1b759740df72"
+      image: "ghcr.io/cozystack/cozystack/objectstorage-sidecar:v0.35.4@sha256:f59d7755c1e1a4e3ab24affc1a76f095c03e57a86986dc4059ba7c154f842a4c"
  certificates:
    commonName: "SeaweedFS CA"
    ipAddresses: []
--- a/scripts/common-envs.mk
+++ b/scripts/common-envs.mk
@@ -1,8 +1,17 @@
 REGISTRY ?= ghcr.io/cozystack/cozystack
+TAG = $(shell git describe --tags --exact-match 2>/dev/null || echo latest)
 PUSH := 1
 LOAD := 0
+BUILDER ?=
+PLATFORM ?= 
+BUILDX_EXTRA_ARGS ?=
 COZYSTACK_VERSION = $(patsubst v%,%,$(shell git describe --tags))
-TAG = $(shell git describe --tags --exact-match 2>/dev/null || echo latest)
+
+BUILDX_ARGS := --provenance=false --push=$(PUSH) --load=$(LOAD) \
+  --label org.opencontainers.image.source=https://github.com/cozystack/cozystack \
+  $(if $(strip $(BUILDER)),--builder=$(BUILDER)) \
+  $(if $(strip $(PLATFORM)),--platform=$(PLATFORM)) \
+  $(BUILDX_EXTRA_ARGS)

 # Returns 'latest' if the git tag is not assigned, otherwise returns the provided value
 define settag
@@ -15,10 +24,3 @@ ifeq ($(COZYSTACK_VERSION),)
    COZYSTACK_VERSION = $(patsubst v%,%,$(shell git describe --tags))
 endif

-# Get the name of the selected docker buildx builder
-BUILDER ?= $(shell docker buildx inspect --bootstrap | head -n2 | awk '/^Name:/{print $$NF}')
-
-# Get platforms supported by the builder (only if PLATFORM is not provided)
-ifeq ($(origin PLATFORM), undefined)
-PLATFORM := $(shell docker buildx ls --format=json | jq -r 'select(.Name == "$(BUILDER)") | [.Nodes[].Platforms // []] | flatten | unique | map(select(test("^linux/amd64$$|^linux/arm64$$"))) | join(",")')
-endif
Author	SHA1	Message	Date
Andrei Kvapil	3dc2f1dbde	Release v0.35.4 (#1394 ) This PR prepares the release `v0.35.4`.	2025-09-05 16:53:51 +02:00
cozystack-bot	2b3e9b88a2	Prepare release v0.35.4 Signed-off-by: cozystack-bot <217169706+cozystack-bot@users.noreply.github.com>	2025-09-05 12:31:08 +00:00
Andrei Kvapil	e55a51b6b7	[Backport release-0.35] [dx] Remove BUILDER and PLATFORM autodetection logic (#1392 ) # Description Backport of #1391 to `release-0.35`.	2025-09-05 12:55:06 +02:00
Andrei Kvapil	b041d37082	[dx] Remove BUILDER and PLATFORM autodetection logic Signed-off-by: Andrei Kvapil <kvapss@gmail.com> (cherry picked from commit `9f2b98d364`)	2025-09-05 10:54:02 +00:00
Andrei Kvapil	2640ed5ce5	[Backport release-0.35] [seaweedfs] Fix connectivity issues for SeaweedFS (#1390 ) # Description Backport of #1386 to `release-0.35`.	2025-09-05 10:19:36 +02:00
Andrei Kvapil	d755f2cc8f	[seaweedfs] Fix connectivity issues for SeaweedFS Signed-off-by: Andrei Kvapil <kvapss@gmail.com> (cherry picked from commit `a291badbd4`)	2025-09-05 08:19:06 +00:00
Andrei Kvapil	f1eead18ac	[Backport release-0.35] [platform] Fix boolean override bug in Helm merge — ConfigMap values now correctly take precedence over bundle defaults (#1388 ) # Description Backport of #1385 to `release-0.35`.	2025-09-05 10:18:43 +02:00
Denis Yudin	e5872c9fd4	fix: use mergeOverwrite to properly override ConfigMap values Fixes an issue where boolean values from bundle files were not being properly overridden by values-<component> ConfigMap entries. The Helm merge function has a bug when merging boolean values where true from the first dict doesn't get overwritten by false from the second dict. Using mergeOverwrite ensures ConfigMap values take precedence over bundle values as intended. Example: - Bundle: autoDirectNodeRoutes: true - ConfigMap values-cilium: autoDirectNodeRoutes: false - Before: result was true (incorrect) - After: result is false (correct) This fix ensures that users can properly override any component configuration using the values-<component> pattern in the cozystack ConfigMap. Signed-off-by: Denis Yudin <dyudin@intermedia.com> (cherry picked from commit `52d749d46a`)	2025-09-04 15:31:38 +00:00
Andrei Kvapil	5c93d5b50d	[Backport release-0.35] [virtual-machine] Fix vm update hook (#1377 ) # Description Backport of #1376 to `release-0.35`.	2025-09-01 19:47:47 +02:00
Andrei Kvapil	52973ea2bb	Fix vm update hook Signed-off-by: Andrei Kvapil <kvapss@gmail.com> (cherry picked from commit `15b213b38b`)	2025-09-01 17:46:23 +00:00
Andrei Kvapil	b7bddbe107	[Backport release-0.35] Fix missing cozy-lib.resources.flatten template (#1375 ) # Description Backport of #1372 to `release-0.35`.	2025-09-01 13:11:11 +02:00
Andrei Kvapil	1a7589574c	Fix missing cozy-lib.resources.flatten template Signed-off-by: Andrei Kvapil <kvapss@gmail.com> (cherry picked from commit `fe869b97fd`)	2025-09-01 11:09:58 +00:00
Andrei Kvapil	fdb8293b36	Release v0.35.3 (#1369 ) This PR prepares the release `v0.35.3`.	2025-09-01 09:05:21 +02:00
cozystack-bot	b8fd151124	Prepare release v0.35.3 Signed-off-by: cozystack-bot <217169706+cozystack-bot@users.noreply.github.com>	2025-08-29 17:16:51 +00:00
Andrei Kvapil	78198cd7ee	fix seaweedfs s3 liveness probe scheme (#1368 ) <!-- Thank you for making a contribution! Here are some tips for you: - Start the PR title with the [label] of Cozystack component: - For system components: [platform], [system], [linstor], [cilium], [kube-ovn], [dashboard], [cluster-api], etc. - For managed apps: [apps], [tenant], [kubernetes], [postgres], [virtual-machine] etc. - For development and maintenance: [tests], [ci], [docs], [maintenance]. - If it's a work in progress, consider creating this PR as a draft. - Don't hesistate to ask for opinion and review in the community chats, even if it's still a draft. - Add the label `backport` if it's a bugfix that needs to be backported to a previous version. --> ## What this PR does ### Release note <!-- Write a release note: - Explain what has changed internally and for users. - Start with the same [label] as in the PR title - Follow the guidelines at https://github.com/kubernetes/community/blob/master/contributors/guide/release-notes.md. --> ```release-note fix seaweedfs s3 liveness probe scheme ``` <!-- This is an auto-generated comment: release notes by coderabbit.ai --> ## Summary by CodeRabbit * Chores * Added a liveness check for the SeaweedFS S3 endpoint (HTTPS). This improves health monitoring and enables automatic recovery if the service becomes unresponsive, enhancing stability and uptime while reducing manual intervention. Readiness behavior remains unchanged. No user action required. <!-- end of auto-generated comment: release notes by coderabbit.ai -->	2025-08-29 19:12:42 +02:00