diff --git a/.github/renovate.json5 b/.github/renovate.json5 index 4b8946906e..9a84690fb9 100644 --- a/.github/renovate.json5 +++ b/.github/renovate.json5 @@ -3,7 +3,6 @@ "extends": [ "config:recommended", "docker:enableMajor", - "helpers:pinGitHubActionDigests", "replacements:k8s-registry-move", ":automergeBranch", ":disableRateLimiting", diff --git a/.github/workflows/flux-diff.yaml b/.github/workflows/flux-diff.yaml index 9a9215dc9a..b3ce2d901e 100644 --- a/.github/workflows/flux-diff.yaml +++ b/.github/workflows/flux-diff.yaml @@ -1,71 +1,129 @@ --- +# yaml-language-server: $schema=https://json.schemastore.org/github-workflow.json name: "Flux Diff" on: pull_request: branches: ["main"] - paths: ["kubernetes/**.yaml"] + paths: ["kubernetes/**"] -env: - DEBCONF_NONINTERACTIVE_SEEN: "true" - DEBIAN_FRONTEND: noninteractive - APT_KEY_DONT_WARN_ON_DANGEROUS_USAGE: DontWarn - NIX_FLAKE_PATH: ./.github/workflows/resources/nix +concurrency: + group: ${{ github.workflow }}-${{ github.event.number || github.ref }} + cancel-in-progress: true jobs: + changed-files: + name: Get Changed Files + runs-on: ubuntu-latest + outputs: + matrix: ${{ steps.changed-files.outputs.all_changed_and_modified_files }} + steps: + - name: Generate Token + uses: actions/create-github-app-token@v1 + id: app-token + with: + app-id: "${{ secrets.BOT_APP_ID }}" + private-key: "${{ secrets.BOT_APP_PRIVATE_KEY }}" + + - name: Checkout + uses: actions/checkout@v4 + with: + token: "${{ steps.app-token.outputs.token }}" + fetch-depth: 0 + + - name: Get changed files + id: changed-files + uses: tj-actions/changed-files@v40 + with: + files: kubernetes/** + dir_names: true + dir_names_max_depth: 2 + json: true + quotepath: false + escape_json: false + + - name: List all changed files + run: echo "${{ steps.changed-files.outputs.all_changed_and_modified_files }}" + flux-diff: name: Flux Diff runs-on: ubuntu-latest + needs: ["changed-files"] permissions: pull-requests: write strategy: matrix: - path: ["kubernetes/kyak", "kubernetes/sol"] - resource: ["helmrelease", "kustomization"] + paths: ${{ fromJSON(needs.changed-files.outputs.matrix) }} + resources: ["helmrelease", "kustomization"] + max-parallel: 4 + fail-fast: false steps: - name: Generate Token - uses: actions/create-github-app-token@2986852ad836768dfea7781f31828eb3e17990fa # v1.6.2 + uses: actions/create-github-app-token@v1 id: app-token with: app-id: "${{ secrets.BOT_APP_ID }}" private-key: "${{ secrets.BOT_APP_PRIVATE_KEY }}" - - name: Checkout - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 - with: - token: "${{ steps.app-token.outputs.token }}" - - - name: Install OS Deps + - name: Setup System Tools shell: bash - run: sudo apt-get update && sudo apt-get install -y curl git xz-utils + run: sudo apt-get -qq update && sudo apt-get -qq install --no-install-recommends -y curl git - - name: Install Nix - uses: cachix/install-nix-action@7ac1ec25491415c381d9b62f0657c7a028df52a7 # v24 + - name: Checkout Live Branch + uses: actions/checkout@v4 with: - github_access_token: "${{ steps.app-token.outputs.token }}" + token: "${{ steps.app-token.outputs.token }}" + ref: main + path: default - - name: Switch to Nix devShell - uses: nicknovitski/nix-develop@a2060d116a50b36dfab02280af558e73ab52427d # v1.1.0 + - name: Checkout PR branch + uses: actions/checkout@v4 with: - arguments: "${{ env.NIX_FLAKE_PATH }}" + token: "${{ steps.app-token.outputs.token }}" + path: pull - name: Diff Resources - # uses: allenporter/flux-local/action/diff@19bfc6920e8964a479363bc230e6c329120ead02 # 3.2.0 - uses: allenporter/flux-local/action/diff@flux-build - id: diff + uses: docker://ghcr.io/allenporter/flux-local:v4.2.0 with: - sources: home-kubernetes - path: "${{ matrix.path }}" - resource: "${{ matrix.resource }}" + args: >- + --log-level DEBUG + diff ${{ matrix.resources }} + --unified 6 + --path-orig /github/workspace/default/${{ matrix.paths }} + --path /github/workspace/pull/${{ matrix.paths }} + --strip-attrs "helm.sh/chart,checksum/config,app.kubernetes.io/version,chart" + --limit-bytes 10000 + --all-namespaces + --sources "home-kubernetes" + --output-file diff.patch + + - name: Generate Diff + id: diff + run: | + cat diff.patch + echo "diff<> $GITHUB_OUTPUT + cat diff.patch >> $GITHUB_OUTPUT + echo "EOF" >> $GITHUB_OUTPUT - if: ${{ steps.diff.outputs.diff != '' }} name: Add comment - uses: mshick/add-pr-comment@7c0890544fb33b0bdd2e59467fbacb62e028a096 # v2.8.1 + uses: mshick/add-pr-comment@v2.8.1 with: repo-token: "${{ steps.app-token.outputs.token }}" - message-id: "${{ github.event.pull_request.number }}/${{ matrix.path }}/${{ matrix.resource }}" + message-id: "${{ github.event.pull_request.number }}/${{ matrix.paths }}/${{ matrix.resources }}" message-failure: Diff was not successful message: | ```diff ${{ steps.diff.outputs.diff }} ``` + + # Summarize matrix https://github.community/t/status-check-for-a-matrix-jobs/127354/7 + flux-diff-success: + if: ${{ always() }} + needs: ["flux-diff"] + name: Flux diff successful + runs-on: ubuntu-latest + steps: + - if: ${{ contains(needs.*.result, 'failure') || contains(needs.*.result, 'cancelled') }} + name: Check matrix status + run: exit 1 diff --git a/.github/workflows/flux-hr-image-test.yaml b/.github/workflows/flux-hr-image-test.yaml new file mode 100644 index 0000000000..4bc09c748f --- /dev/null +++ b/.github/workflows/flux-hr-image-test.yaml @@ -0,0 +1,119 @@ +--- +# yaml-language-server: $schema=https://json.schemastore.org/github-workflow.json +name: "Flux Helm Release Image Test" + +on: + pull_request: + branches: ["main"] + paths: ["kubernetes/**/helmrelease.yaml"] + +env: + WORKFLOW_KUBERNETES_DIR: ./kubernetes + +concurrency: + group: ${{ github.workflow }}-${{ github.event.number || github.ref }} + cancel-in-progress: true + +jobs: + changed-files: + name: Get Changed Files + runs-on: ubuntu-latest + outputs: + matrix: ${{ steps.changed-files.outputs.all_changed_and_modified_files }} + steps: + - name: Generate Token + uses: actions/create-github-app-token@v1 + id: app-token + with: + app-id: "${{ secrets.BOT_APP_ID }}" + private-key: "${{ secrets.BOT_APP_PRIVATE_KEY }}" + + - name: Checkout + uses: actions/checkout@v4 + with: + token: "${{ steps.app-token.outputs.token }}" + fetch-depth: 0 + + - name: Get changed files + id: changed-files + uses: tj-actions/changed-files@v40 + with: + files: kubernetes/**/helmrelease.yaml + json: true + quotepath: false + escape_json: false + + - name: List all changed files + run: echo "${{ steps.changed-files.outputs.all_changed_and_modified_files }}" + + extract-images: + if: ${{ needs.changed-files.outputs.matrix != '[]' }} + name: Extract images from Helm Release + runs-on: ubuntu-latest + needs: ["changed-files"] + strategy: + matrix: + files: ${{ fromJSON(needs.changed-files.outputs.matrix) }} + max-parallel: 4 + fail-fast: false + outputs: + matrix: ${{ steps.extract-images.outputs.images }} + steps: + - name: Generate Token + uses: actions/create-github-app-token@v1 + id: app-token + with: + app-id: "${{ secrets.BOT_APP_ID }}" + private-key: "${{ secrets.BOT_APP_PRIVATE_KEY }}" + + - name: Checkout + uses: actions/checkout@v4 + with: + token: "${{ steps.app-token.outputs.token }}" + fetch-depth: 0 + + - name: Setup System Tools + shell: bash + run: sudo apt-get -qq update && sudo apt-get -qq install --no-install-recommends -y curl git + + - name: Setup Workflow Tools + uses: jdx/rtx-action@v1 + with: + install: true + cache: true + rtx_toml: | + [tools] + helm = "latest" + kustomize = "latest" + + - name: Extract Images from Helm Release + id: extract-images + run: | + images=$(npx zx ./.github/scripts/extract-images.mjs --kubernetes-dir "${{ env.WORKFLOW_KUBERNETES_DIR }}" --helmrelease "${{ matrix.files }}") + echo "images=${images}" >> $GITHUB_OUTPUT + echo "${images}" + + test-images: + if: ${{ needs.extract-images.outputs.matrix != '[]' }} + name: Test images from Helm Release + runs-on: ubuntu-latest + needs: ["extract-images"] + strategy: + matrix: + images: ${{ fromJSON(needs.extract-images.outputs.matrix) }} + max-parallel: 4 + fail-fast: false + steps: + - name: Test Images from Helm Release + run: docker pull ${{ matrix.images }} + + # Summarize matrix https://github.community/t/status-check-for-a-matrix-jobs/127354/7 + test-images-success: + if: ${{ always() }} + needs: ["test-images"] + name: Test images from Helm Release successful + runs-on: ubuntu-latest + steps: + - if: ${{ contains(needs.*.result, 'failure') || contains(needs.*.result, 'cancelled') }} + name: Check matrix status + run: exit 1 diff --git a/.github/workflows/flux-hr-sync.yaml b/.github/workflows/flux-hr-sync.yaml index c16c1a5a06..4ec835f03c 100644 --- a/.github/workflows/flux-hr-sync.yaml +++ b/.github/workflows/flux-hr-sync.yaml @@ -1,4 +1,5 @@ --- +# yaml-language-server: $schema=https://json.schemastore.org/github-workflow.json name: "Flux Helm Repository Sync" on: @@ -6,7 +7,7 @@ on: inputs: clusterName: description: Cluster Name - default: kyak + default: main required: true helmRepoNamespace: description: Helm Repository Namespace @@ -19,47 +20,41 @@ on: branches: ["main"] paths: ["kubernetes/**/helmrelease.yaml"] -env: - DEBCONF_NONINTERACTIVE_SEEN: "true" - DEBIAN_FRONTEND: noninteractive - APT_KEY_DONT_WARN_ON_DANGEROUS_USAGE: DontWarn - NIX_FLAKE_PATH: ./.github/workflows/resources/nix - jobs: sync: name: Flux Helm Repository Sync runs-on: ["arc-runner-set-home-ops"] steps: - name: Generate Token - uses: actions/create-github-app-token@2986852ad836768dfea7781f31828eb3e17990fa # v1.6.2 + uses: actions/create-github-app-token@v1 id: app-token with: app-id: "${{ secrets.BOT_APP_ID }}" private-key: "${{ secrets.BOT_APP_PRIVATE_KEY }}" - name: Checkout - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 + uses: actions/checkout@v4 with: token: "${{ steps.app-token.outputs.token }}" fetch-depth: 0 - - name: Install OS Deps + - name: Setup System Tools shell: bash - run: sudo apt-get update && sudo apt-get install -y curl git xz-utils - - - name: Install Nix - uses: cachix/install-nix-action@7ac1ec25491415c381d9b62f0657c7a028df52a7 # v24 - with: - github_access_token: "${{ steps.app-token.outputs.token }}" + run: sudo apt-get -qq update && sudo apt-get -qq install --no-install-recommends -y curl git - - name: Switch to Nix devShell - uses: nicknovitski/nix-develop@a2060d116a50b36dfab02280af558e73ab52427d # v1.1.0 + - name: Setup Workflow Tools + uses: jdx/rtx-action@v1 with: - arguments: "${{ env.NIX_FLAKE_PATH }}" + install: true + cache: true + rtx_toml: | + [tools] + flux2 = "latest" + yq = "latest" - name: Write kubeconfig id: kubeconfig - uses: timheuer/base64-to-file@784a1a4a994315802b7d8e2084e116e783d157be # v1.2.4 + uses: timheuer/base64-to-file@v1 with: encodedString: "${{ secrets.KUBECONFIG }}" fileName: kubeconfig @@ -67,7 +62,7 @@ jobs: - if: ${{ github.event.inputs.clusterName == '' && github.event.inputs.helmRepoNamespace == '' && github.event.inputs.helmRepoName == '' }} name: Get changed files id: changed-files - uses: tj-actions/changed-files@56284d80811fb5963a972b438f2870f175e5b7c8 # v40.2.3 + uses: tj-actions/changed-files@v40 with: files: kubernetes/**/helmrelease.yaml @@ -80,8 +75,8 @@ jobs: declare -a repos=() for f in ${{ steps.changed-files.outputs.all_changed_and_modified_files }}; do cluster_name=$(echo "${f}" | awk -F'/' '{print $2}') - repo_namespace="$(yq '.spec.chart.spec.sourceRef.namespace' "${f}")" - repo_name="$(yq '.spec.chart.spec.sourceRef.name' "${f}")" + repo_namespace="$(yq -r '.spec.chart.spec.sourceRef.namespace' "${f}")" + repo_name="$(yq -r '.spec.chart.spec.sourceRef.name' "${f}")" repos+=("${cluster_name}:${repo_namespace}:${repo_name}") done mapfile -t repos < <(printf "%s\n" "${repos[@]}" | sort -u) diff --git a/.github/workflows/flux-ks-sync.yaml b/.github/workflows/flux-ks-sync.yaml index 78d751faaa..6bacaaa346 100644 --- a/.github/workflows/flux-ks-sync.yaml +++ b/.github/workflows/flux-ks-sync.yaml @@ -1,4 +1,5 @@ --- +# yaml-language-server: $schema=https://json.schemastore.org/github-workflow.json name: "Flux Kustomization Sync" on: @@ -6,12 +7,6 @@ on: branches: ["main"] paths: ["kubernetes/sol/**"] -env: - DEBCONF_NONINTERACTIVE_SEEN: "true" - DEBIAN_FRONTEND: noninteractive - APT_KEY_DONT_WARN_ON_DANGEROUS_USAGE: DontWarn - NIX_FLAKE_PATH: ./.github/workflows/resources/nix - jobs: sync: name: Flux Kustomization Sync @@ -21,35 +16,34 @@ jobs: cluster: ["sol"] steps: - name: Generate Token - uses: actions/create-github-app-token@2986852ad836768dfea7781f31828eb3e17990fa # v1.6.2 + uses: actions/create-github-app-token@v1 id: app-token with: app-id: "${{ secrets.BOT_APP_ID }}" private-key: "${{ secrets.BOT_APP_PRIVATE_KEY }}" - name: Checkout - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 + uses: actions/checkout@v4 with: token: "${{ steps.app-token.outputs.token }}" fetch-depth: 0 - - name: Install OS Deps + - name: Setup System Tools shell: bash - run: sudo apt-get update && sudo apt-get install -y curl git xz-utils - - - name: Install Nix - uses: cachix/install-nix-action@7ac1ec25491415c381d9b62f0657c7a028df52a7 # v24 - with: - github_access_token: "${{ steps.app-token.outputs.token }}" + run: sudo apt-get -qq update && sudo apt-get -qq install --no-install-recommends -y curl git - - name: Switch to Nix devShell - uses: nicknovitski/nix-develop@a2060d116a50b36dfab02280af558e73ab52427d # v1.1.0 + - name: Setup Workflow Tools + uses: jdx/rtx-action@v1 with: - arguments: "${{ env.NIX_FLAKE_PATH }}" + install: true + cache: true + rtx_toml: | + [tools] + flux2 = "latest" - name: Write kubeconfig id: kubeconfig - uses: timheuer/base64-to-file@784a1a4a994315802b7d8e2084e116e783d157be # v1.2.4 + uses: timheuer/base64-to-file@v1 with: encodedString: "${{ secrets.KUBECONFIG }}" fileName: kubeconfig diff --git a/.github/workflows/kubeconform.yaml b/.github/workflows/kubeconform.yaml deleted file mode 100644 index 4f5300d89a..0000000000 --- a/.github/workflows/kubeconform.yaml +++ /dev/null @@ -1,74 +0,0 @@ ---- -name: "Kubeconform" - -on: - workflow_dispatch: - pull_request: - branches: ["main"] - paths: - - "kubernetes/kyak/**" - - "kubernetes/sol/**" - -env: - DEBCONF_NONINTERACTIVE_SEEN: "true" - DEBIAN_FRONTEND: noninteractive - APT_KEY_DONT_WARN_ON_DANGEROUS_USAGE: DontWarn - NIX_FLAKE_PATH: ./.github/workflows/resources/nix - SCHEMA_DIR: /home/runner/crds - -jobs: - kubeconform: - name: Kubeconform - runs-on: ubuntu-latest - strategy: - matrix: - path: ["kubernetes/kyak", "kubernetes/sol"] - steps: - - name: Generate Token - uses: actions/create-github-app-token@2986852ad836768dfea7781f31828eb3e17990fa # v1.6.2 - id: app-token - with: - app-id: "${{ secrets.BOT_APP_ID }}" - private-key: "${{ secrets.BOT_APP_PRIVATE_KEY }}" - - - name: Checkout - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 - with: - token: "${{ steps.app-token.outputs.token }}" - - - name: Install OS Deps - shell: bash - run: sudo apt-get update && sudo apt-get install -y curl git xz-utils - - - name: Install Nix - uses: cachix/install-nix-action@7ac1ec25491415c381d9b62f0657c7a028df52a7 # v24 - with: - github_access_token: "${{ steps.app-token.outputs.token }}" - - - name: Switch to Nix devShell - uses: nicknovitski/nix-develop@a2060d116a50b36dfab02280af558e73ab52427d # v1.1.0 - with: - arguments: "${{ env.NIX_FLAKE_PATH }}" - - - name: Setup QEMU - uses: docker/setup-qemu-action@68827325e0b33c7199eb31dd4e31fbe9023e06e3 # v3.0.0 - - - name: Setup Docker Buildx - uses: docker/setup-buildx-action@f95db51fddba0c2d1ec667646a06c2ce06100226 # v3.0.0 - with: - platforms: linux/amd64,linux/arm64 - - - name: Extract files from container image - shell: bash - run: | - mkdir -p ${{ env.SCHEMA_DIR }} - docker run --rm \ - -v ${{ env.SCHEMA_DIR }}:/crds \ - -u $(id -u) \ - --entrypoint /bin/sh \ - ghcr.io/onedr0p/kubernetes-schemas:latest \ - -c "cp -r /usr/share/nginx/html/* /crds" - - - name: Run kubeconform - shell: bash - run: bash ./.github/scripts/kubeconform.sh ${{ matrix.path }} ${{ env.SCHEMA_DIR }} diff --git a/.github/workflows/label-sync.yaml b/.github/workflows/label-sync.yaml index 1f74d0bef4..73724ef17c 100644 --- a/.github/workflows/label-sync.yaml +++ b/.github/workflows/label-sync.yaml @@ -1,4 +1,5 @@ --- +# yaml-language-server: $schema=https://json.schemastore.org/github-workflow.json name: "Label Sync" on: @@ -13,19 +14,19 @@ jobs: runs-on: ubuntu-latest steps: - name: Generate Token - uses: actions/create-github-app-token@2986852ad836768dfea7781f31828eb3e17990fa # v1.6.2 + uses: actions/create-github-app-token@v1 id: app-token with: app-id: "${{ secrets.BOT_APP_ID }}" private-key: "${{ secrets.BOT_APP_PRIVATE_KEY }}" - name: Checkout - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 + uses: actions/checkout@v4 with: token: "${{ steps.app-token.outputs.token }}" - name: Sync Labels - uses: EndBug/label-sync@da00f2c11fdb78e4fae44adac2fdd713778ea3e8 # renovate: tag=v2.3.2 + uses: EndBug/label-sync@v2 with: config-file: .github/labels.yaml token: "${{ steps.app-token.outputs.token }}" diff --git a/.github/workflows/lychee.yaml b/.github/workflows/lychee.yaml index 3d36132c95..3b8f2d8859 100644 --- a/.github/workflows/lychee.yaml +++ b/.github/workflows/lychee.yaml @@ -1,13 +1,14 @@ --- +# yaml-language-server: $schema=https://json.schemastore.org/github-workflow.json name: "Lychee" on: workflow_dispatch: schedule: - - cron: "0 0 * * 0" + - cron: "0 0 * * *" env: - ISSUE_LABEL: lint/lychee + WORKFLOW_ISSUE_NUMBER: 3776 jobs: lychee: @@ -15,38 +16,29 @@ jobs: runs-on: ubuntu-latest steps: - name: Generate Token - uses: actions/create-github-app-token@2986852ad836768dfea7781f31828eb3e17990fa # v1.6.2 + uses: actions/create-github-app-token@v1 id: app-token with: app-id: "${{ secrets.BOT_APP_ID }}" private-key: "${{ secrets.BOT_APP_PRIVATE_KEY }}" - name: Checkout - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 + uses: actions/checkout@v4 with: token: "${{ steps.app-token.outputs.token }}" - name: Scan for broken links - uses: lycheeverse/lychee-action@ec3ed119d4f44ad2673a7232460dc7dff59d2421 # v1.8.0 + uses: lycheeverse/lychee-action@v1 id: lychee - env: - GITHUB_TOKEN: "${{ steps.app-token.outputs.token }}" - with: - args: --verbose --no-progress --exclude-mail './**/*.md' - - - name: Find Link Checker Issue - id: issue-number - uses: micalevisk/last-issue-action@f5661581217cc78cc282d1351aa65bd8bd155003 # v2.2.1 with: token: "${{ steps.app-token.outputs.token }}" - state: open - labels: "${{ env.ISSUE_LABEL }}" + args: --verbose --no-progress --exclude-mail './**/*.md' + output: /tmp/results.md - name: Update Issue - uses: peter-evans/create-issue-from-file@433e51abf769039ee20ba1293a088ca19d573b7f # v4.0.1 + uses: peter-evans/create-issue-from-file@v4 with: token: "${{ steps.app-token.outputs.token }}" title: Link Checker Dashboard 🔗 - issue-number: "${{ steps.issue-number.outputs.issue-number }}" - content-filepath: ./lychee/out.md - labels: "${{ env.ISSUE_LABEL }}" + issue-number: "${{ env.WORKFLOW_ISSUE_NUMBER }}" + content-filepath: /tmp/results.md diff --git a/.github/workflows/publish-schemas.yaml b/.github/workflows/publish-schemas.yaml index aabe635f09..9c15f179b7 100644 --- a/.github/workflows/publish-schemas.yaml +++ b/.github/workflows/publish-schemas.yaml @@ -1,4 +1,5 @@ --- +# yaml-language-server: $schema=https://json.schemastore.org/github-workflow.json name: "Publish Schemas" on: @@ -9,12 +10,6 @@ on: branches: ["main"] paths: [".github/workflows/publish-schemas.yaml"] -env: - DEBCONF_NONINTERACTIVE_SEEN: "true" - DEBIAN_FRONTEND: noninteractive - APT_KEY_DONT_WARN_ON_DANGEROUS_USAGE: DontWarn - NIX_FLAKE_PATH: ./.github/workflows/resources/nix - jobs: publish-schemas: name: Publish Schemas @@ -24,95 +19,56 @@ jobs: packages: write steps: - name: Generate Token - uses: actions/create-github-app-token@2986852ad836768dfea7781f31828eb3e17990fa # v1.6.2 + uses: actions/create-github-app-token@v1 id: app-token with: app-id: "${{ secrets.BOT_APP_ID }}" private-key: "${{ secrets.BOT_APP_PRIVATE_KEY }}" - name: Checkout - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 + uses: actions/checkout@v4 with: token: "${{ steps.app-token.outputs.token }}" - - name: Install OS Deps + - name: Setup System Tools shell: bash - run: sudo apt-get update && sudo apt-get install -y curl git xz-utils - - - name: Install Nix - uses: cachix/install-nix-action@7ac1ec25491415c381d9b62f0657c7a028df52a7 # v24 - with: - github_access_token: "${{ steps.app-token.outputs.token }}" - - - name: Switch to Nix devShell - uses: nicknovitski/nix-develop@a2060d116a50b36dfab02280af558e73ab52427d # v1.1.0 - with: - arguments: "${{ env.NIX_FLAKE_PATH }}" + run: sudo apt-get -qq update && sudo apt-get -qq install --no-install-recommends -y curl git - name: Setup Python - uses: actions/setup-python@0a5c61591373683505ea898e09a3ea4f39ef2b9c # v5.0.0 + uses: actions/setup-python@v5 with: python-version: 3.x - - name: Setup QEMU - uses: docker/setup-qemu-action@68827325e0b33c7199eb31dd4e31fbe9023e06e3 # v3.0.0 - - - name: Setup Docker Buildx - uses: docker/setup-buildx-action@f95db51fddba0c2d1ec667646a06c2ce06100226 # v3.0.0 + - name: Setup Node + uses: actions/setup-node@v4 with: - platforms: linux/amd64,linux/arm64 + node-version: 18.x - - name: Generate container metadata - id: meta - uses: docker/metadata-action@9dc751fe249ad99385a2583ee0d084c400eee04e # v5.4.0 - with: - images: | - ghcr.io/${{ github.repository_owner }}/kubernetes-schemas - tags: | - type=sha - type=raw,value=latest,enable={{is_default_branch}} - - - name: Login to GitHub Container Registry - uses: docker/login-action@343f7c4344506bcbf9b4de18042ae17996df046d # v3.0.0 - with: - registry: ghcr.io - username: "${{ github.actor }}" - password: "${{ secrets.GITHUB_TOKEN }}" + - name: Setup kubectl + uses: azure/setup-kubectl@v3 - name: Write kubeconfig id: kubeconfig - uses: timheuer/base64-to-file@784a1a4a994315802b7d8e2084e116e783d157be # v1.2.4 + uses: timheuer/base64-to-file@v1 with: - encodedString: ${{ secrets.KUBECONFIG }} + encodedString: "${{ secrets.KUBECONFIG }}" fileName: kubeconfig - name: Download and run crd-extractor env: - KUBECONFIG: ${{ steps.kubeconfig.outputs.filePath }} + KUBECONFIG: "${{ steps.kubeconfig.outputs.filePath }}" shell: bash run: | - mkdir -p /home/runner/crds curl -fsSL -o $GITHUB_WORKSPACE/crd-extractor.sh \ https://raw.githubusercontent.com/datreeio/CRDs-catalog/main/Utilities/crd-extractor.sh chmod +x $GITHUB_WORKSPACE/crd-extractor.sh bash $GITHUB_WORKSPACE/crd-extractor.sh - mv /home/runner/.datree/crdSchemas/* /home/runner/crds - - name: Write Dockerfile - shell: bash - run: | - cat < Dockerfile - FROM docker.io/nginxinc/nginx-unprivileged:latest - COPY --chown=nginx:nginx --chmod=755 . /usr/share/nginx/html - USER nginx - EOF - - name: Build and publish container - uses: docker/build-push-action@4a13e500e55cf31b7a5d59a38ab2040ab0f42f56 # v5.1.0 + - name: Deploy to Cloudflare Pages + uses: cloudflare/wrangler-action@v3 with: - context: /home/runner/crds - file: ./Dockerfile - platforms: linux/amd64,linux/arm64 - push: true - tags: "${{ steps.meta.outputs.tags }}" - labels: "${{ steps.meta.outputs.labels }}" + apiToken: "${{ secrets.CLOUDFLARE_API_TOKEN }}" + accountId: "${{ secrets.CLOUDFLARE_ACCOUNT_ID }}" + workingDirectory: /home/runner/.datree/crdSchemas + command: pages deploy --project-name=kubernetes-schemas --branch main . diff --git a/.github/workflows/release.yaml b/.github/workflows/release.yaml index 2427a0d0a0..4e0d34a9c9 100644 --- a/.github/workflows/release.yaml +++ b/.github/workflows/release.yaml @@ -1,4 +1,5 @@ --- +# yaml-language-server: $schema=https://json.schemastore.org/github-workflow.json name: "Release" on: @@ -12,14 +13,14 @@ jobs: runs-on: ubuntu-latest steps: - name: Generate Token - uses: actions/create-github-app-token@2986852ad836768dfea7781f31828eb3e17990fa # v1.6.2 + uses: actions/create-github-app-token@v1 id: app-token with: app-id: "${{ secrets.BOT_APP_ID }}" private-key: "${{ secrets.BOT_APP_PRIVATE_KEY }}" - name: Checkout - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 + uses: actions/checkout@v4 with: token: "${{ steps.app-token.outputs.token }}" diff --git a/.github/workflows/renovate.yaml b/.github/workflows/renovate.yaml index b1e4b1d458..b9803bc799 100644 --- a/.github/workflows/renovate.yaml +++ b/.github/workflows/renovate.yaml @@ -1,4 +1,5 @@ --- +# yaml-language-server: $schema=https://json.schemastore.org/github-workflow.json name: "Renovate" on: @@ -30,9 +31,6 @@ concurrency: # Retrieve BOT_USER_ID via `curl -s "https://api.github.com/users/${BOT_USERNAME}%5Bbot%5D" | jq .id` env: - WORKFLOW_DRY_RUN: false - WORKFLOW_LOG_LEVEL: debug - WORKFLOW_VERSION: latest # 37.59.8 RENOVATE_PLATFORM: github RENOVATE_PLATFORM_COMMIT: true RENOVATE_ONBOARDING_CONFIG_FILE_NAME: .github/renovate.json5 @@ -40,6 +38,9 @@ env: RENOVATE_AUTODISCOVER_FILTER: "${{ github.repository }}" RENOVATE_USERNAME: "${{ secrets.BOT_USERNAME }}[bot]" RENOVATE_GIT_AUTHOR: "${{ secrets.BOT_USERNAME }} <${{ secrets.BOT_USER_ID }}+${{ secrets.BOT_USERNAME }}[bot]@users.noreply.github.com>" + WORKFLOW_RENOVATE_DRY_RUN: false + WORKFLOW_RENOVATE_LOG_LEVEL: debug + WORKFLOW_RENOVATE_VERSION: latest jobs: renovate: @@ -47,26 +48,26 @@ jobs: runs-on: ubuntu-latest steps: - name: Generate Token - uses: actions/create-github-app-token@2986852ad836768dfea7781f31828eb3e17990fa # v1.6.2 + uses: actions/create-github-app-token@v1 id: app-token with: app-id: "${{ secrets.BOT_APP_ID }}" private-key: "${{ secrets.BOT_APP_PRIVATE_KEY }}" - name: Checkout - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 + uses: actions/checkout@v4 with: token: "${{ steps.app-token.outputs.token }}" - name: Override default config from dispatch variables shell: bash run: | - echo "RENOVATE_DRY_RUN=${{ github.event.inputs.dryRun || env.WORKFLOW_DRY_RUN }}" >> "${GITHUB_ENV}" - echo "LOG_LEVEL=${{ github.event.inputs.logLevel || env.WORKFLOW_LOG_LEVEL }}" >> "${GITHUB_ENV}" + echo "RENOVATE_DRY_RUN=${{ github.event.inputs.dryRun || env.WORKFLOW_RENOVATE_DRY_RUN }}" >> "${GITHUB_ENV}" + echo "LOG_LEVEL=${{ github.event.inputs.logLevel || env.WORKFLOW_RENOVATE_LOG_LEVEL }}" >> "${GITHUB_ENV}" - name: Renovate - uses: renovatebot/github-action@b8ce565a2e98de1fec9696a76fba7beb01ec29b2 # v39.2.3 + uses: renovatebot/github-action@v39.2.3 with: configurationFile: "${{ env.RENOVATE_ONBOARDING_CONFIG_FILE_NAME }}" token: "${{ steps.app-token.outputs.token }}" - renovate-version: "${{ github.event.inputs.version || env.WORKFLOW_VERSION }}" + renovate-version: "${{ github.event.inputs.version || env.WORKFLOW_RENOVATE_VERSION }}" diff --git a/.gitignore b/.gitignore index 81458c4bd7..5d42b78853 100644 --- a/.gitignore +++ b/.gitignore @@ -1,23 +1,15 @@ -# trash .DS_Store Thumbs.db -# temp folders .private/ .venv/ -# ansible -xanmanning.k3s* -# terraform +.task/ .terraform *.tfvars -# sops .decrypted~* *.agekey *.pub *.key *.pem -# kubernetes kubeconfig* -kubernetes/schemas -# extras config.xml charts/ diff --git a/aqua.yaml b/aqua.yaml new file mode 100644 index 0000000000..7f3001a748 --- /dev/null +++ b/aqua.yaml @@ -0,0 +1,12 @@ +--- +# aqua - Declarative CLI Version Manager +# https://aquaproj.github.io/ +# checksum: +# enabled: true +# require_checksum: true +# supported_envs: +# - all +registries: +- type: standard + ref: v4.107.0 # renovate: depName=aquaproj/aqua-registry +packages: diff --git a/kubernetes/cobra/apps/cert-manager/cert-manager/app/helmrelease.yaml b/kubernetes/cobra/apps/cert-manager/cert-manager/app/helmrelease.yaml index a43e9836d7..b3f2ae20e1 100644 --- a/kubernetes/cobra/apps/cert-manager/cert-manager/app/helmrelease.yaml +++ b/kubernetes/cobra/apps/cert-manager/cert-manager/app/helmrelease.yaml @@ -10,7 +10,7 @@ spec: chart: spec: chart: cert-manager - version: v1.13.2 + version: v1.13.3 sourceRef: kind: HelmRepository name: jetstack diff --git a/kubernetes/cobra/apps/kube-system/reloader/app/helmrelease.yaml b/kubernetes/cobra/apps/kube-system/reloader/app/helmrelease.yaml index 3e26bc5199..8241550fa8 100644 --- a/kubernetes/cobra/apps/kube-system/reloader/app/helmrelease.yaml +++ b/kubernetes/cobra/apps/kube-system/reloader/app/helmrelease.yaml @@ -10,7 +10,7 @@ spec: chart: spec: chart: reloader - version: 1.0.54 + version: 1.0.56 sourceRef: kind: HelmRepository name: stakater diff --git a/kubernetes/cobra/apps/networking/nginx/internal/helmrelease.yaml b/kubernetes/cobra/apps/networking/nginx/internal/helmrelease.yaml index 476ffd7c7e..a6eefcf9d1 100644 --- a/kubernetes/cobra/apps/networking/nginx/internal/helmrelease.yaml +++ b/kubernetes/cobra/apps/networking/nginx/internal/helmrelease.yaml @@ -10,7 +10,7 @@ spec: chart: spec: chart: ingress-nginx - version: 4.8.4 + version: 4.9.0 sourceRef: kind: HelmRepository name: ingress-nginx diff --git a/kubernetes/cobra/apps/rook-ceph/rook-ceph/app/helmrelease.yaml b/kubernetes/cobra/apps/rook-ceph/rook-ceph/app/helmrelease.yaml index fa3a12bc0e..540451ebb3 100644 --- a/kubernetes/cobra/apps/rook-ceph/rook-ceph/app/helmrelease.yaml +++ b/kubernetes/cobra/apps/rook-ceph/rook-ceph/app/helmrelease.yaml @@ -10,7 +10,7 @@ spec: chart: spec: chart: rook-ceph - version: v1.13.0 + version: v1.13.1 sourceRef: kind: HelmRepository name: rook-ceph diff --git a/kubernetes/cobra/apps/rook-ceph/rook-ceph/cluster/helmrelease.yaml b/kubernetes/cobra/apps/rook-ceph/rook-ceph/cluster/helmrelease.yaml index 546c922037..d183e22b12 100644 --- a/kubernetes/cobra/apps/rook-ceph/rook-ceph/cluster/helmrelease.yaml +++ b/kubernetes/cobra/apps/rook-ceph/rook-ceph/cluster/helmrelease.yaml @@ -10,7 +10,7 @@ spec: chart: spec: chart: rook-ceph-cluster - version: v1.13.0 + version: v1.13.1 sourceRef: kind: HelmRepository name: rook-ceph diff --git a/kubernetes/cobra/apps/system-upgrade/system-upgrade-controller/app/helmrelease.yaml b/kubernetes/cobra/apps/system-upgrade/system-upgrade-controller/app/helmrelease.yaml index 66f2876650..957cc6ed66 100644 --- a/kubernetes/cobra/apps/system-upgrade/system-upgrade-controller/app/helmrelease.yaml +++ b/kubernetes/cobra/apps/system-upgrade/system-upgrade-controller/app/helmrelease.yaml @@ -39,7 +39,7 @@ spec: SYSTEM_UPGRADE_JOB_ACTIVE_DEADLINE_SECONDS: 900 SYSTEM_UPGRADE_JOB_BACKOFF_LIMIT: 99 SYSTEM_UPGRADE_JOB_IMAGE_PULL_POLICY: IfNotPresent - SYSTEM_UPGRADE_JOB_KUBECTL_IMAGE: docker.io/rancher/kubectl:v1.28.4 + SYSTEM_UPGRADE_JOB_KUBECTL_IMAGE: docker.io/rancher/kubectl:v1.29.0 SYSTEM_UPGRADE_JOB_PRIVILEGED: true SYSTEM_UPGRADE_JOB_TTL_SECONDS_AFTER_FINISH: 900 SYSTEM_UPGRADE_PLAN_POLLING_INTERVAL: 15m diff --git a/kubernetes/kyak/apps/actions-runner-system/actions-runner-controller/app/helmrelease.yaml b/kubernetes/kyak/apps/actions-runner-system/actions-runner-controller/app/helmrelease.yaml index 6b4287532d..bff93b7e73 100644 --- a/kubernetes/kyak/apps/actions-runner-system/actions-runner-controller/app/helmrelease.yaml +++ b/kubernetes/kyak/apps/actions-runner-system/actions-runner-controller/app/helmrelease.yaml @@ -9,7 +9,7 @@ spec: chart: spec: chart: gha-runner-scale-set-controller - version: 0.7.0 + version: 0.8.1 sourceRef: kind: HelmRepository name: actions-runner-controller diff --git a/kubernetes/kyak/apps/actions-runner-system/actions-runner-controller/runners/helmrelease.yaml b/kubernetes/kyak/apps/actions-runner-system/actions-runner-controller/runners/helmrelease.yaml index 123b617f14..564f1aaa37 100644 --- a/kubernetes/kyak/apps/actions-runner-system/actions-runner-controller/runners/helmrelease.yaml +++ b/kubernetes/kyak/apps/actions-runner-system/actions-runner-controller/runners/helmrelease.yaml @@ -9,7 +9,7 @@ spec: chart: spec: chart: gha-runner-scale-set - version: 0.7.0 + version: 0.8.1 sourceRef: kind: HelmRepository name: actions-runner-controller diff --git a/kubernetes/kyak/apps/auth/authelia/app/helmrelease.yaml b/kubernetes/kyak/apps/auth/authelia/app/helmrelease.yaml index 4de5fbab3e..22484f9638 100644 --- a/kubernetes/kyak/apps/auth/authelia/app/helmrelease.yaml +++ b/kubernetes/kyak/apps/auth/authelia/app/helmrelease.yaml @@ -1,6 +1,6 @@ --- # yaml-language-server: $schema=https://kubernetes-schemas.devbu.io/helm.toolkit.fluxcd.io/helmrelease_v2beta1.json -apiVersion: helm.toolkit.fluxcd.io/v2beta1 +apiVersion: helm.toolkit.fluxcd.io/v2beta2 kind: HelmRelease metadata: name: &app authelia @@ -49,7 +49,7 @@ spec: main: image: repository: ghcr.io/authelia/authelia - tag: v4.38.0-beta3@sha256:05b25a05109800cbfe969bb8634034749391e429bdf0f3d1be55f00ff421750f + tag: v4.38.0-beta3@sha256:9ad7df91dfec75d2f46d544e3128215b755ee78550b4ed0ed995b5a3fad35458 env: AUTHELIA_SERVER_ADDRESS: tcp://0.0.0.0:80 AUTHELIA_SERVER_DISABLE_HEALTHCHECK: "true" diff --git a/kubernetes/kyak/apps/auth/lldap/app/helmrelease.yaml b/kubernetes/kyak/apps/auth/lldap/app/helmrelease.yaml index ab18110334..4b6caf7a0e 100644 --- a/kubernetes/kyak/apps/auth/lldap/app/helmrelease.yaml +++ b/kubernetes/kyak/apps/auth/lldap/app/helmrelease.yaml @@ -1,6 +1,6 @@ --- # yaml-language-server: $schema=https://kubernetes-schemas.devbu.io/helm.toolkit.fluxcd.io/helmrelease_v2beta1.json -apiVersion: helm.toolkit.fluxcd.io/v2beta1 +apiVersion: helm.toolkit.fluxcd.io/v2beta2 kind: HelmRelease metadata: name: &app lldap diff --git a/kubernetes/kyak/apps/database/cloudnative-pg/app/helmrelease.yaml b/kubernetes/kyak/apps/database/cloudnative-pg/app/helmrelease.yaml index e745ca83dc..130d1cc151 100644 --- a/kubernetes/kyak/apps/database/cloudnative-pg/app/helmrelease.yaml +++ b/kubernetes/kyak/apps/database/cloudnative-pg/app/helmrelease.yaml @@ -9,7 +9,7 @@ spec: chart: spec: chart: cloudnative-pg - version: 0.19.1 + version: 0.20.0 sourceRef: kind: HelmRepository name: cloudnative-pg diff --git a/kubernetes/kyak/apps/database/cloudnative-pg/cluster/cluster16.yaml b/kubernetes/kyak/apps/database/cloudnative-pg/cluster/cluster16.yaml index b18b381f20..be5c3b6f95 100644 --- a/kubernetes/kyak/apps/database/cloudnative-pg/cluster/cluster16.yaml +++ b/kubernetes/kyak/apps/database/cloudnative-pg/cluster/cluster16.yaml @@ -6,7 +6,7 @@ metadata: name: postgres16 spec: instances: 3 - imageName: ghcr.io/cloudnative-pg/postgresql:16.1-9 + imageName: ghcr.io/cloudnative-pg/postgresql:16.1-12 primaryUpdateStrategy: unsupervised storage: size: 20Gi diff --git a/kubernetes/kyak/apps/database/redis/app/helmrelease.yaml b/kubernetes/kyak/apps/database/redis/app/helmrelease.yaml index 21613051d7..340a182652 100644 --- a/kubernetes/kyak/apps/database/redis/app/helmrelease.yaml +++ b/kubernetes/kyak/apps/database/redis/app/helmrelease.yaml @@ -1,6 +1,6 @@ --- # yaml-language-server: $schema=https://kubernetes-schemas.devbu.io/helm.toolkit.fluxcd.io/helmrelease_v2beta1.json -apiVersion: helm.toolkit.fluxcd.io/v2beta1 +apiVersion: helm.toolkit.fluxcd.io/v2beta2 kind: HelmRelease metadata: name: redis @@ -10,7 +10,7 @@ spec: chart: spec: chart: redis - version: 18.5.0 + version: 18.6.1 sourceRef: kind: HelmRepository name: bitnami diff --git a/kubernetes/kyak/apps/flux-system/weave-gitops/app/helmrelease.yaml b/kubernetes/kyak/apps/flux-system/weave-gitops/app/helmrelease.yaml index 72f53b32fa..1b914a7bfd 100644 --- a/kubernetes/kyak/apps/flux-system/weave-gitops/app/helmrelease.yaml +++ b/kubernetes/kyak/apps/flux-system/weave-gitops/app/helmrelease.yaml @@ -1,6 +1,6 @@ --- # yaml-language-server: $schema=https://kubernetes-schemas.devbu.io/helm.toolkit.fluxcd.io/helmrelease_v2beta1.json -apiVersion: helm.toolkit.fluxcd.io/v2beta1 +apiVersion: helm.toolkit.fluxcd.io/v2beta2 kind: HelmRelease metadata: name: weave-gitops diff --git a/kubernetes/kyak/apps/gpu-system/intel-device-plugin/app/helmrelease.yaml b/kubernetes/kyak/apps/gpu-system/intel-device-plugin/app/helmrelease.yaml index 2f1f3e0017..51bffec92d 100644 --- a/kubernetes/kyak/apps/gpu-system/intel-device-plugin/app/helmrelease.yaml +++ b/kubernetes/kyak/apps/gpu-system/intel-device-plugin/app/helmrelease.yaml @@ -1,6 +1,6 @@ --- # yaml-language-server: $schema=https://kubernetes-schemas.devbu.io/helm.toolkit.fluxcd.io/helmrelease_v2beta1.json -apiVersion: helm.toolkit.fluxcd.io/v2beta1 +apiVersion: helm.toolkit.fluxcd.io/v2beta2 kind: HelmRelease metadata: name: intel-device-plugin-operator @@ -9,7 +9,7 @@ spec: chart: spec: chart: intel-device-plugins-operator - version: 0.28.0 + version: 0.29.0 sourceRef: kind: HelmRepository name: intel diff --git a/kubernetes/kyak/apps/gpu-system/intel-device-plugin/gpu/helmrelease.yaml b/kubernetes/kyak/apps/gpu-system/intel-device-plugin/gpu/helmrelease.yaml index 81232f6f7c..1398226633 100644 --- a/kubernetes/kyak/apps/gpu-system/intel-device-plugin/gpu/helmrelease.yaml +++ b/kubernetes/kyak/apps/gpu-system/intel-device-plugin/gpu/helmrelease.yaml @@ -1,6 +1,6 @@ --- # yaml-language-server: $schema=https://kubernetes-schemas.devbu.io/helm.toolkit.fluxcd.io/helmrelease_v2beta1.json -apiVersion: helm.toolkit.fluxcd.io/v2beta1 +apiVersion: helm.toolkit.fluxcd.io/v2beta2 kind: HelmRelease metadata: name: intel-device-plugin-gpu @@ -9,7 +9,7 @@ spec: chart: spec: chart: intel-device-plugins-gpu - version: 0.28.1-helm.0 + version: 0.29.0 sourceRef: kind: HelmRepository name: intel diff --git a/kubernetes/kyak/apps/gpu-system/nvidia-device-plugin/app/helmrelease.yaml b/kubernetes/kyak/apps/gpu-system/nvidia-device-plugin/app/helmrelease.yaml index a4a3d2cb8a..091d0e018b 100644 --- a/kubernetes/kyak/apps/gpu-system/nvidia-device-plugin/app/helmrelease.yaml +++ b/kubernetes/kyak/apps/gpu-system/nvidia-device-plugin/app/helmrelease.yaml @@ -1,6 +1,6 @@ --- # yaml-language-server: $schema=https://kubernetes-schemas.devbu.io/helm.toolkit.fluxcd.io/helmrelease_v2beta1.json -apiVersion: helm.toolkit.fluxcd.io/v2beta1 +apiVersion: helm.toolkit.fluxcd.io/v2beta2 kind: HelmRelease metadata: name: nvidia-device-plugin diff --git a/kubernetes/kyak/apps/istio-system/base/app/helmrelease.yaml b/kubernetes/kyak/apps/istio-system/base/app/helmrelease.yaml index 4e6a7360d8..a34285bc9d 100644 --- a/kubernetes/kyak/apps/istio-system/base/app/helmrelease.yaml +++ b/kubernetes/kyak/apps/istio-system/base/app/helmrelease.yaml @@ -1,6 +1,6 @@ --- # yaml-language-server: $schema=https://kubernetes-schemas.devbu.io/helm.toolkit.fluxcd.io/helmrelease_v2beta1.json -apiVersion: helm.toolkit.fluxcd.io/v2beta1 +apiVersion: helm.toolkit.fluxcd.io/v2beta2 kind: HelmRelease metadata: name: &app istio-base diff --git a/kubernetes/kyak/apps/istio-system/gateway/app/helmrelease.yaml b/kubernetes/kyak/apps/istio-system/gateway/app/helmrelease.yaml index 033e1aa945..cd7efe69c2 100644 --- a/kubernetes/kyak/apps/istio-system/gateway/app/helmrelease.yaml +++ b/kubernetes/kyak/apps/istio-system/gateway/app/helmrelease.yaml @@ -1,6 +1,6 @@ --- # yaml-language-server: $schema=https://kubernetes-schemas.devbu.io/helm.toolkit.fluxcd.io/helmrelease_v2beta1.json -apiVersion: helm.toolkit.fluxcd.io/v2beta1 +apiVersion: helm.toolkit.fluxcd.io/v2beta2 kind: HelmRelease metadata: name: &app gateway diff --git a/kubernetes/kyak/apps/istio-system/istiod/app/helmrelease.yaml b/kubernetes/kyak/apps/istio-system/istiod/app/helmrelease.yaml index 223913d1a4..e6f6e2bd21 100644 --- a/kubernetes/kyak/apps/istio-system/istiod/app/helmrelease.yaml +++ b/kubernetes/kyak/apps/istio-system/istiod/app/helmrelease.yaml @@ -1,6 +1,6 @@ --- # yaml-language-server: $schema=https://kubernetes-schemas.devbu.io/helm.toolkit.fluxcd.io/helmrelease_v2beta1.json -apiVersion: helm.toolkit.fluxcd.io/v2beta1 +apiVersion: helm.toolkit.fluxcd.io/v2beta2 kind: HelmRelease metadata: name: &app istiod diff --git a/kubernetes/kyak/apps/kube-guardian/kube-guardian/app/helmrelease.yaml b/kubernetes/kyak/apps/kube-guardian/kube-guardian/app/helmrelease.yaml index 029f71c4f3..5dc492baaa 100644 --- a/kubernetes/kyak/apps/kube-guardian/kube-guardian/app/helmrelease.yaml +++ b/kubernetes/kyak/apps/kube-guardian/kube-guardian/app/helmrelease.yaml @@ -1,6 +1,6 @@ --- # yaml-language-server: $schema=https://kubernetes-schemas.devbu.io/helm.toolkit.fluxcd.io/helmrelease_v2beta1.json -apiVersion: helm.toolkit.fluxcd.io/v2beta1 +apiVersion: helm.toolkit.fluxcd.io/v2beta2 kind: HelmRelease metadata: name: kube-guardian diff --git a/kubernetes/kyak/apps/kube-system/cilium/app/helmrelease.yaml b/kubernetes/kyak/apps/kube-system/cilium/app/helmrelease.yaml index 9c99d75e09..4972b6ab2f 100644 --- a/kubernetes/kyak/apps/kube-system/cilium/app/helmrelease.yaml +++ b/kubernetes/kyak/apps/kube-system/cilium/app/helmrelease.yaml @@ -1,6 +1,6 @@ --- # yaml-language-server: $schema=https://kubernetes-schemas.devbu.io/helm.toolkit.fluxcd.io/helmrelease_v2beta1.json -apiVersion: helm.toolkit.fluxcd.io/v2beta1 +apiVersion: helm.toolkit.fluxcd.io/v2beta2 kind: HelmRelease metadata: name: cilium diff --git a/kubernetes/kyak/apps/kube-system/coredns/app/helmrelease.yaml b/kubernetes/kyak/apps/kube-system/coredns/app/helmrelease.yaml index 6905b107c3..24eb6b844a 100644 --- a/kubernetes/kyak/apps/kube-system/coredns/app/helmrelease.yaml +++ b/kubernetes/kyak/apps/kube-system/coredns/app/helmrelease.yaml @@ -1,6 +1,6 @@ --- # yaml-language-server: $schema=https://kubernetes-schemas.devbu.io/helm.toolkit.fluxcd.io/helmrelease_v2beta1.json -apiVersion: helm.toolkit.fluxcd.io/v2beta1 +apiVersion: helm.toolkit.fluxcd.io/v2beta2 kind: HelmRelease metadata: name: coredns diff --git a/kubernetes/kyak/apps/kube-system/kubelet-csr-approver/app/helmrelease.yaml b/kubernetes/kyak/apps/kube-system/kubelet-csr-approver/app/helmrelease.yaml index a516e5b862..c008a3adf2 100644 --- a/kubernetes/kyak/apps/kube-system/kubelet-csr-approver/app/helmrelease.yaml +++ b/kubernetes/kyak/apps/kube-system/kubelet-csr-approver/app/helmrelease.yaml @@ -1,6 +1,6 @@ --- # yaml-language-server: $schema=https://kubernetes-schemas.devbu.io/helm.toolkit.fluxcd.io/helmrelease_v2beta1.json -apiVersion: helm.toolkit.fluxcd.io/v2beta1 +apiVersion: helm.toolkit.fluxcd.io/v2beta2 kind: HelmRelease metadata: name: &app kubelet-csr-approver @@ -9,7 +9,7 @@ spec: chart: spec: chart: *app - version: 1.0.5 + version: 1.0.6 sourceRef: kind: HelmRepository name: postfinance diff --git a/kubernetes/kyak/apps/kube-system/metrics-server/app/helmrelease.yaml b/kubernetes/kyak/apps/kube-system/metrics-server/app/helmrelease.yaml index b937c77e14..cb48ba7f9d 100644 --- a/kubernetes/kyak/apps/kube-system/metrics-server/app/helmrelease.yaml +++ b/kubernetes/kyak/apps/kube-system/metrics-server/app/helmrelease.yaml @@ -1,6 +1,6 @@ --- # yaml-language-server: $schema=https://kubernetes-schemas.devbu.io/helm.toolkit.fluxcd.io/helmrelease_v2beta1.json -apiVersion: helm.toolkit.fluxcd.io/v2beta1 +apiVersion: helm.toolkit.fluxcd.io/v2beta2 kind: HelmRelease metadata: name: metrics-server diff --git a/kubernetes/kyak/apps/media/autobrr/app/helmrelease.yaml b/kubernetes/kyak/apps/media/autobrr/app/helmrelease.yaml index 46398d68a3..eb953e5896 100644 --- a/kubernetes/kyak/apps/media/autobrr/app/helmrelease.yaml +++ b/kubernetes/kyak/apps/media/autobrr/app/helmrelease.yaml @@ -1,6 +1,6 @@ --- # yaml-language-server: $schema=https://kubernetes-schemas.devbu.io/helm.toolkit.fluxcd.io/helmrelease_v2beta1.json -apiVersion: helm.toolkit.fluxcd.io/v2beta1 +apiVersion: helm.toolkit.fluxcd.io/v2beta2 kind: HelmRelease metadata: name: autobrr diff --git a/kubernetes/kyak/apps/media/jellyfin/app/helmrelease.yaml b/kubernetes/kyak/apps/media/jellyfin/app/helmrelease.yaml index 1f836770ae..c65d8313a0 100644 --- a/kubernetes/kyak/apps/media/jellyfin/app/helmrelease.yaml +++ b/kubernetes/kyak/apps/media/jellyfin/app/helmrelease.yaml @@ -1,6 +1,6 @@ --- # yaml-language-server: $schema=https://kubernetes-schemas.devbu.io/helm.toolkit.fluxcd.io/helmrelease_v2beta1.json -apiVersion: helm.toolkit.fluxcd.io/v2beta1 +apiVersion: helm.toolkit.fluxcd.io/v2beta2 kind: HelmRelease metadata: name: jellyfin diff --git a/kubernetes/kyak/apps/media/overseerr/app/helmrelease.yaml b/kubernetes/kyak/apps/media/overseerr/app/helmrelease.yaml index d7212217ec..eaf1465831 100644 --- a/kubernetes/kyak/apps/media/overseerr/app/helmrelease.yaml +++ b/kubernetes/kyak/apps/media/overseerr/app/helmrelease.yaml @@ -1,6 +1,6 @@ --- # yaml-language-server: $schema=https://kubernetes-schemas.devbu.io/helm.toolkit.fluxcd.io/helmrelease_v2beta1.json -apiVersion: helm.toolkit.fluxcd.io/v2beta1 +apiVersion: helm.toolkit.fluxcd.io/v2beta2 kind: HelmRelease metadata: name: overseerr diff --git a/kubernetes/kyak/apps/media/prowlarr/app/helmrelease.yaml b/kubernetes/kyak/apps/media/prowlarr/app/helmrelease.yaml index ff77960117..06dda92a2f 100644 --- a/kubernetes/kyak/apps/media/prowlarr/app/helmrelease.yaml +++ b/kubernetes/kyak/apps/media/prowlarr/app/helmrelease.yaml @@ -1,6 +1,6 @@ --- # yaml-language-server: $schema=https://kubernetes-schemas.devbu.io/helm.toolkit.fluxcd.io/helmrelease_v2beta1.json -apiVersion: helm.toolkit.fluxcd.io/v2beta1 +apiVersion: helm.toolkit.fluxcd.io/v2beta2 kind: HelmRelease metadata: name: prowlarr @@ -42,7 +42,7 @@ spec: main: image: repository: ghcr.io/onedr0p/prowlarr-develop - tag: 1.11.1.4146@sha256:c7ad70aaf1dae541ec0fdae0a449cbfcab1e2dd31c46e92f758b4006bfef4a53 + tag: 1.11.2.4160@sha256:12c58192e978bf04695cab64abd071ba323b9967b25abf51f79ab0e57f782cb6 env: TZ: America/New_York PROWLARR__INSTANCE_NAME: Prowlarr diff --git a/kubernetes/kyak/apps/media/qbittorrent/app/helmrelease.yaml b/kubernetes/kyak/apps/media/qbittorrent/app/helmrelease.yaml index fd7e3c752b..13980a1c0e 100644 --- a/kubernetes/kyak/apps/media/qbittorrent/app/helmrelease.yaml +++ b/kubernetes/kyak/apps/media/qbittorrent/app/helmrelease.yaml @@ -1,6 +1,6 @@ --- # yaml-language-server: $schema=https://kubernetes-schemas.devbu.io/helm.toolkit.fluxcd.io/helmrelease_v2beta1.json -apiVersion: helm.toolkit.fluxcd.io/v2beta1 +apiVersion: helm.toolkit.fluxcd.io/v2beta2 kind: HelmRelease metadata: name: qbittorrent diff --git a/kubernetes/kyak/apps/media/qbittorrent/tools/manage/helmrelease.yaml b/kubernetes/kyak/apps/media/qbittorrent/tools/manage/helmrelease.yaml index d9eb153384..14fa1cd9ba 100644 --- a/kubernetes/kyak/apps/media/qbittorrent/tools/manage/helmrelease.yaml +++ b/kubernetes/kyak/apps/media/qbittorrent/tools/manage/helmrelease.yaml @@ -1,6 +1,6 @@ --- # yaml-language-server: $schema=https://kubernetes-schemas.devbu.io/helm.toolkit.fluxcd.io/helmrelease_v2beta1.json -apiVersion: helm.toolkit.fluxcd.io/v2beta1 +apiVersion: helm.toolkit.fluxcd.io/v2beta2 kind: HelmRelease metadata: name: qbittorrent-manage diff --git a/kubernetes/kyak/apps/media/qbittorrent/tools/orphaned/helmrelease.yaml b/kubernetes/kyak/apps/media/qbittorrent/tools/orphaned/helmrelease.yaml index 67f9d56892..3fb348238d 100644 --- a/kubernetes/kyak/apps/media/qbittorrent/tools/orphaned/helmrelease.yaml +++ b/kubernetes/kyak/apps/media/qbittorrent/tools/orphaned/helmrelease.yaml @@ -1,6 +1,6 @@ --- # yaml-language-server: $schema=https://kubernetes-schemas.devbu.io/helm.toolkit.fluxcd.io/helmrelease_v2beta1.json -apiVersion: helm.toolkit.fluxcd.io/v2beta1 +apiVersion: helm.toolkit.fluxcd.io/v2beta2 kind: HelmRelease metadata: name: qbittorrent-orphaned diff --git a/kubernetes/kyak/apps/media/qbittorrent/tools/reannounce/helmrelease.yaml b/kubernetes/kyak/apps/media/qbittorrent/tools/reannounce/helmrelease.yaml index dd3638e8a2..b0e1aeafbb 100644 --- a/kubernetes/kyak/apps/media/qbittorrent/tools/reannounce/helmrelease.yaml +++ b/kubernetes/kyak/apps/media/qbittorrent/tools/reannounce/helmrelease.yaml @@ -1,6 +1,6 @@ --- # yaml-language-server: $schema=https://kubernetes-schemas.devbu.io/helm.toolkit.fluxcd.io/helmrelease_v2beta1.json -apiVersion: helm.toolkit.fluxcd.io/v2beta1 +apiVersion: helm.toolkit.fluxcd.io/v2beta2 kind: HelmRelease metadata: name: qbittorrent-reannounce diff --git a/kubernetes/kyak/apps/media/radarr/app/helmrelease.yaml b/kubernetes/kyak/apps/media/radarr/app/helmrelease.yaml index 4b3c3153aa..815376cc71 100644 --- a/kubernetes/kyak/apps/media/radarr/app/helmrelease.yaml +++ b/kubernetes/kyak/apps/media/radarr/app/helmrelease.yaml @@ -1,6 +1,6 @@ --- # yaml-language-server: $schema=https://kubernetes-schemas.devbu.io/helm.toolkit.fluxcd.io/helmrelease_v2beta1.json -apiVersion: helm.toolkit.fluxcd.io/v2beta1 +apiVersion: helm.toolkit.fluxcd.io/v2beta2 kind: HelmRelease metadata: name: radarr @@ -45,7 +45,7 @@ spec: main: image: repository: ghcr.io/onedr0p/radarr-develop - tag: 5.2.4.8328@sha256:9908d5e7ef16122cfdf80fa0d1fefef743cc598346bc12c3408e645d99012c74 + tag: 5.2.5.8361@sha256:c6b3d06ce98faacdd2e91e70763d0c96ab1421aa4858f45957a14d91ff9490a0 env: TZ: America/New_York PUSHOVER_DEBUG: "false" diff --git a/kubernetes/kyak/apps/media/recyclarr/app/helmrelease.yaml b/kubernetes/kyak/apps/media/recyclarr/app/helmrelease.yaml index 6c0b8d5ce1..68e195aff0 100644 --- a/kubernetes/kyak/apps/media/recyclarr/app/helmrelease.yaml +++ b/kubernetes/kyak/apps/media/recyclarr/app/helmrelease.yaml @@ -1,6 +1,6 @@ --- # yaml-language-server: $schema=https://kubernetes-schemas.devbu.io/helm.toolkit.fluxcd.io/helmrelease_v2beta1.json -apiVersion: helm.toolkit.fluxcd.io/v2beta1 +apiVersion: helm.toolkit.fluxcd.io/v2beta2 kind: HelmRelease metadata: name: recyclarr diff --git a/kubernetes/kyak/apps/media/sabnzbd/app/helmrelease.yaml b/kubernetes/kyak/apps/media/sabnzbd/app/helmrelease.yaml index aa21d20f7b..687df67393 100644 --- a/kubernetes/kyak/apps/media/sabnzbd/app/helmrelease.yaml +++ b/kubernetes/kyak/apps/media/sabnzbd/app/helmrelease.yaml @@ -1,6 +1,6 @@ --- # yaml-language-server: $schema=https://kubernetes-schemas.devbu.io/helm.toolkit.fluxcd.io/helmrelease_v2beta1.json -apiVersion: helm.toolkit.fluxcd.io/v2beta1 +apiVersion: helm.toolkit.fluxcd.io/v2beta2 kind: HelmRelease metadata: name: sabnzbd diff --git a/kubernetes/kyak/apps/media/sonarr/app/helmrelease.yaml b/kubernetes/kyak/apps/media/sonarr/app/helmrelease.yaml index 27e75922e5..1ae113cfe9 100644 --- a/kubernetes/kyak/apps/media/sonarr/app/helmrelease.yaml +++ b/kubernetes/kyak/apps/media/sonarr/app/helmrelease.yaml @@ -1,6 +1,6 @@ --- # yaml-language-server: $schema=https://kubernetes-schemas.devbu.io/helm.toolkit.fluxcd.io/helmrelease_v2beta1.json -apiVersion: helm.toolkit.fluxcd.io/v2beta1 +apiVersion: helm.toolkit.fluxcd.io/v2beta2 kind: HelmRelease metadata: name: sonarr diff --git a/kubernetes/kyak/apps/media/unpackerr/app/helmrelease.yaml b/kubernetes/kyak/apps/media/unpackerr/app/helmrelease.yaml index 9e9d30d8e2..4dcbdbba43 100644 --- a/kubernetes/kyak/apps/media/unpackerr/app/helmrelease.yaml +++ b/kubernetes/kyak/apps/media/unpackerr/app/helmrelease.yaml @@ -1,6 +1,6 @@ --- # yaml-language-server: $schema=https://kubernetes-schemas.devbu.io/helm.toolkit.fluxcd.io/helmrelease_v2beta1.json -apiVersion: helm.toolkit.fluxcd.io/v2beta1 +apiVersion: helm.toolkit.fluxcd.io/v2beta2 kind: HelmRelease metadata: name: unpackerr diff --git a/kubernetes/kyak/apps/monitoring/gatus/app/helmrelease.yaml b/kubernetes/kyak/apps/monitoring/gatus/app/helmrelease.yaml index 89223f3df4..0cf3b85956 100644 --- a/kubernetes/kyak/apps/monitoring/gatus/app/helmrelease.yaml +++ b/kubernetes/kyak/apps/monitoring/gatus/app/helmrelease.yaml @@ -1,6 +1,6 @@ --- # yaml-language-server: $schema=https://kubernetes-schemas.devbu.io/helm.toolkit.fluxcd.io/helmrelease_v2beta1.json -apiVersion: helm.toolkit.fluxcd.io/v2beta1 +apiVersion: helm.toolkit.fluxcd.io/v2beta2 kind: HelmRelease metadata: name: gatus diff --git a/kubernetes/kyak/apps/monitoring/grafana/app/helmrelease.yaml b/kubernetes/kyak/apps/monitoring/grafana/app/helmrelease.yaml index 123d5896e4..5c511a5d8d 100644 --- a/kubernetes/kyak/apps/monitoring/grafana/app/helmrelease.yaml +++ b/kubernetes/kyak/apps/monitoring/grafana/app/helmrelease.yaml @@ -1,6 +1,6 @@ --- # yaml-language-server: $schema=https://kubernetes-schemas.devbu.io/helm.toolkit.fluxcd.io/helmrelease_v2beta1.json -apiVersion: helm.toolkit.fluxcd.io/v2beta1 +apiVersion: helm.toolkit.fluxcd.io/v2beta2 kind: HelmRelease metadata: name: grafana @@ -9,7 +9,7 @@ spec: chart: spec: chart: grafana - version: 7.0.18 + version: 7.0.19 sourceRef: kind: HelmRepository name: grafana diff --git a/kubernetes/kyak/apps/monitoring/kube-prometheus-stack/app/helmrelease.yaml b/kubernetes/kyak/apps/monitoring/kube-prometheus-stack/app/helmrelease.yaml index 66c418c167..ed25fc3342 100644 --- a/kubernetes/kyak/apps/monitoring/kube-prometheus-stack/app/helmrelease.yaml +++ b/kubernetes/kyak/apps/monitoring/kube-prometheus-stack/app/helmrelease.yaml @@ -1,6 +1,6 @@ --- # yaml-language-server: $schema=https://kubernetes-schemas.devbu.io/helm.toolkit.fluxcd.io/helmrelease_v2beta1.json -apiVersion: helm.toolkit.fluxcd.io/v2beta1 +apiVersion: helm.toolkit.fluxcd.io/v2beta2 kind: HelmRelease metadata: name: kube-prometheus-stack diff --git a/kubernetes/kyak/apps/monitoring/loki/app/helmrelease.yaml b/kubernetes/kyak/apps/monitoring/loki/app/helmrelease.yaml index d66132c2d6..31c94c7605 100644 --- a/kubernetes/kyak/apps/monitoring/loki/app/helmrelease.yaml +++ b/kubernetes/kyak/apps/monitoring/loki/app/helmrelease.yaml @@ -1,6 +1,6 @@ --- # yaml-language-server: $schema=https://kubernetes-schemas.devbu.io/helm.toolkit.fluxcd.io/helmrelease_v2beta1.json -apiVersion: helm.toolkit.fluxcd.io/v2beta1 +apiVersion: helm.toolkit.fluxcd.io/v2beta2 kind: HelmRelease metadata: name: loki diff --git a/kubernetes/kyak/apps/monitoring/smartctl-exporter/app/helmrelease.yaml b/kubernetes/kyak/apps/monitoring/smartctl-exporter/app/helmrelease.yaml index bc112b41cb..2754b8176c 100644 --- a/kubernetes/kyak/apps/monitoring/smartctl-exporter/app/helmrelease.yaml +++ b/kubernetes/kyak/apps/monitoring/smartctl-exporter/app/helmrelease.yaml @@ -1,6 +1,6 @@ --- # yaml-language-server: $schema=https://kubernetes-schemas.devbu.io/helm.toolkit.fluxcd.io/helmrelease_v2beta1.json -apiVersion: helm.toolkit.fluxcd.io/v2beta1 +apiVersion: helm.toolkit.fluxcd.io/v2beta2 kind: HelmRelease metadata: name: &app smartctl-exporter diff --git a/kubernetes/kyak/apps/monitoring/snmp-exporter/app/dell-idrac/helmrelease.yaml b/kubernetes/kyak/apps/monitoring/snmp-exporter/app/dell-idrac/helmrelease.yaml index 8bd63179b8..75586f7e80 100644 --- a/kubernetes/kyak/apps/monitoring/snmp-exporter/app/dell-idrac/helmrelease.yaml +++ b/kubernetes/kyak/apps/monitoring/snmp-exporter/app/dell-idrac/helmrelease.yaml @@ -1,6 +1,6 @@ --- # yaml-language-server: $schema=https://kubernetes-schemas.devbu.io/helm.toolkit.fluxcd.io/helmrelease_v2beta1.json -apiVersion: helm.toolkit.fluxcd.io/v2beta1 +apiVersion: helm.toolkit.fluxcd.io/v2beta2 kind: HelmRelease metadata: name: &app snmp-exporter-dell-idrac diff --git a/kubernetes/kyak/apps/monitoring/tempo/app/helmrelease.yaml b/kubernetes/kyak/apps/monitoring/tempo/app/helmrelease.yaml index 496bc2ea0d..3ac10c9d2b 100644 --- a/kubernetes/kyak/apps/monitoring/tempo/app/helmrelease.yaml +++ b/kubernetes/kyak/apps/monitoring/tempo/app/helmrelease.yaml @@ -1,6 +1,6 @@ --- # yaml-language-server: $schema=https://kubernetes-schemas.devbu.io/helm.toolkit.fluxcd.io/helmrelease_v2beta1.json -apiVersion: helm.toolkit.fluxcd.io/v2beta1 +apiVersion: helm.toolkit.fluxcd.io/v2beta2 kind: HelmRelease metadata: name: tempo diff --git a/kubernetes/kyak/apps/monitoring/thanos/app/helmrelease.yaml b/kubernetes/kyak/apps/monitoring/thanos/app/helmrelease.yaml index 20345d698a..26665460ed 100644 --- a/kubernetes/kyak/apps/monitoring/thanos/app/helmrelease.yaml +++ b/kubernetes/kyak/apps/monitoring/thanos/app/helmrelease.yaml @@ -1,6 +1,6 @@ --- # yaml-language-server: $schema=https://kubernetes-schemas.devbu.io/helm.toolkit.fluxcd.io/helmrelease_v2beta1.json -apiVersion: helm.toolkit.fluxcd.io/v2beta1 +apiVersion: helm.toolkit.fluxcd.io/v2beta2 kind: HelmRelease metadata: name: thanos @@ -10,7 +10,7 @@ spec: chart: spec: chart: thanos - version: 12.19.0 + version: 12.20.1 sourceRef: kind: HelmRepository name: bitnami diff --git a/kubernetes/kyak/apps/monitoring/vector/app/agent/helmrelease.yaml b/kubernetes/kyak/apps/monitoring/vector/app/agent/helmrelease.yaml index 844cc105c9..a206fdc943 100644 --- a/kubernetes/kyak/apps/monitoring/vector/app/agent/helmrelease.yaml +++ b/kubernetes/kyak/apps/monitoring/vector/app/agent/helmrelease.yaml @@ -1,6 +1,6 @@ --- # yaml-language-server: $schema=https://kubernetes-schemas.devbu.io/helm.toolkit.fluxcd.io/helmrelease_v2beta1.json -apiVersion: helm.toolkit.fluxcd.io/v2beta1 +apiVersion: helm.toolkit.fluxcd.io/v2beta2 kind: HelmRelease metadata: name: vector-agent diff --git a/kubernetes/kyak/apps/monitoring/vector/app/aggregator/helmrelease.yaml b/kubernetes/kyak/apps/monitoring/vector/app/aggregator/helmrelease.yaml index ff073c29bf..b318113159 100644 --- a/kubernetes/kyak/apps/monitoring/vector/app/aggregator/helmrelease.yaml +++ b/kubernetes/kyak/apps/monitoring/vector/app/aggregator/helmrelease.yaml @@ -1,6 +1,6 @@ --- # yaml-language-server: $schema=https://kubernetes-schemas.devbu.io/helm.toolkit.fluxcd.io/helmrelease_v2beta1.json -apiVersion: helm.toolkit.fluxcd.io/v2beta1 +apiVersion: helm.toolkit.fluxcd.io/v2beta2 kind: HelmRelease metadata: name: &app vector-aggregator diff --git a/kubernetes/kyak/apps/networking/cloudflared/app/helmrelease.yaml b/kubernetes/kyak/apps/networking/cloudflared/app/helmrelease.yaml index 117621ac7c..df8d205d69 100644 --- a/kubernetes/kyak/apps/networking/cloudflared/app/helmrelease.yaml +++ b/kubernetes/kyak/apps/networking/cloudflared/app/helmrelease.yaml @@ -1,6 +1,6 @@ --- # yaml-language-server: $schema=https://kubernetes-schemas.devbu.io/helm.toolkit.fluxcd.io/helmrelease_v2beta1.json -apiVersion: helm.toolkit.fluxcd.io/v2beta1 +apiVersion: helm.toolkit.fluxcd.io/v2beta2 kind: HelmRelease metadata: name: &app cloudflared diff --git a/kubernetes/kyak/apps/networking/echo-server/app/helmrelease.yaml b/kubernetes/kyak/apps/networking/echo-server/app/helmrelease.yaml index 0516c4579b..adba2e70fe 100644 --- a/kubernetes/kyak/apps/networking/echo-server/app/helmrelease.yaml +++ b/kubernetes/kyak/apps/networking/echo-server/app/helmrelease.yaml @@ -1,6 +1,6 @@ --- # yaml-language-server: $schema=https://kubernetes-schemas.devbu.io/helm.toolkit.fluxcd.io/helmrelease_v2beta1.json -apiVersion: helm.toolkit.fluxcd.io/v2beta1 +apiVersion: helm.toolkit.fluxcd.io/v2beta2 kind: HelmRelease metadata: name: &app echo-server diff --git a/kubernetes/kyak/apps/networking/external-dns/app/bind/helmrelease.yaml b/kubernetes/kyak/apps/networking/external-dns/app/bind/helmrelease.yaml index 89ca05708c..545c0acd4b 100644 --- a/kubernetes/kyak/apps/networking/external-dns/app/bind/helmrelease.yaml +++ b/kubernetes/kyak/apps/networking/external-dns/app/bind/helmrelease.yaml @@ -1,6 +1,6 @@ --- # yaml-language-server: $schema=https://kubernetes-schemas.devbu.io/helm.toolkit.fluxcd.io/helmrelease_v2beta1.json -apiVersion: helm.toolkit.fluxcd.io/v2beta1 +apiVersion: helm.toolkit.fluxcd.io/v2beta2 kind: HelmRelease metadata: name: &app external-dns-bind diff --git a/kubernetes/kyak/apps/networking/external-dns/app/cloudflare/helmrelease.yaml b/kubernetes/kyak/apps/networking/external-dns/app/cloudflare/helmrelease.yaml index 0933458655..afafb24563 100644 --- a/kubernetes/kyak/apps/networking/external-dns/app/cloudflare/helmrelease.yaml +++ b/kubernetes/kyak/apps/networking/external-dns/app/cloudflare/helmrelease.yaml @@ -1,6 +1,6 @@ --- # yaml-language-server: $schema=https://kubernetes-schemas.devbu.io/helm.toolkit.fluxcd.io/helmrelease_v2beta1.json -apiVersion: helm.toolkit.fluxcd.io/v2beta1 +apiVersion: helm.toolkit.fluxcd.io/v2beta2 kind: HelmRelease metadata: name: &app external-dns-cloudflare diff --git a/kubernetes/kyak/apps/networking/nginx/external/helmrelease.yaml b/kubernetes/kyak/apps/networking/nginx/external/helmrelease.yaml index 56d25e4c7e..5fcfeadc4b 100644 --- a/kubernetes/kyak/apps/networking/nginx/external/helmrelease.yaml +++ b/kubernetes/kyak/apps/networking/nginx/external/helmrelease.yaml @@ -1,6 +1,6 @@ --- # yaml-language-server: $schema=https://kubernetes-schemas.devbu.io/helm.toolkit.fluxcd.io/helmrelease_v2beta1.json -apiVersion: helm.toolkit.fluxcd.io/v2beta1 +apiVersion: helm.toolkit.fluxcd.io/v2beta2 kind: HelmRelease metadata: name: nginx-external @@ -10,7 +10,7 @@ spec: chart: spec: chart: ingress-nginx - version: 4.8.4 + version: 4.9.0 sourceRef: kind: HelmRepository name: ingress-nginx diff --git a/kubernetes/kyak/apps/networking/nginx/internal/helmrelease.yaml b/kubernetes/kyak/apps/networking/nginx/internal/helmrelease.yaml index 2a817d02a3..b58418fe29 100644 --- a/kubernetes/kyak/apps/networking/nginx/internal/helmrelease.yaml +++ b/kubernetes/kyak/apps/networking/nginx/internal/helmrelease.yaml @@ -1,6 +1,6 @@ --- # yaml-language-server: $schema=https://kubernetes-schemas.devbu.io/helm.toolkit.fluxcd.io/helmrelease_v2beta1.json -apiVersion: helm.toolkit.fluxcd.io/v2beta1 +apiVersion: helm.toolkit.fluxcd.io/v2beta2 kind: HelmRelease metadata: name: nginx-internal @@ -10,7 +10,7 @@ spec: chart: spec: chart: ingress-nginx - version: 4.8.4 + version: 4.9.0 sourceRef: kind: HelmRepository name: ingress-nginx diff --git a/kubernetes/kyak/apps/rook-ceph/rook-ceph/app/helmrelease.yaml b/kubernetes/kyak/apps/rook-ceph/rook-ceph/app/helmrelease.yaml index 18c562bf9d..ea98081eb3 100644 --- a/kubernetes/kyak/apps/rook-ceph/rook-ceph/app/helmrelease.yaml +++ b/kubernetes/kyak/apps/rook-ceph/rook-ceph/app/helmrelease.yaml @@ -10,7 +10,7 @@ spec: chart: spec: chart: rook-ceph - version: v1.13.0 + version: v1.13.1 sourceRef: kind: HelmRepository name: rook-ceph diff --git a/kubernetes/kyak/apps/rook-ceph/rook-ceph/cluster/helmrelease.yaml b/kubernetes/kyak/apps/rook-ceph/rook-ceph/cluster/helmrelease.yaml index 1963c445cb..5fd99b12c2 100644 --- a/kubernetes/kyak/apps/rook-ceph/rook-ceph/cluster/helmrelease.yaml +++ b/kubernetes/kyak/apps/rook-ceph/rook-ceph/cluster/helmrelease.yaml @@ -10,7 +10,7 @@ spec: chart: spec: chart: rook-ceph-cluster - version: v1.13.0 + version: v1.13.1 sourceRef: kind: HelmRepository name: rook-ceph diff --git a/kubernetes/kyak/apps/tetragon-system/tetragon/app/helmrelease.yaml b/kubernetes/kyak/apps/tetragon-system/tetragon/app/helmrelease.yaml index 968d252a53..0a137b7c32 100644 --- a/kubernetes/kyak/apps/tetragon-system/tetragon/app/helmrelease.yaml +++ b/kubernetes/kyak/apps/tetragon-system/tetragon/app/helmrelease.yaml @@ -1,6 +1,6 @@ --- # yaml-language-server: $schema=https://kubernetes-schemas.devbu.io/helm.toolkit.fluxcd.io/helmrelease_v2beta1.json -apiVersion: helm.toolkit.fluxcd.io/v2beta1 +apiVersion: helm.toolkit.fluxcd.io/v2beta2 kind: HelmRelease metadata: name: &app tetragon diff --git a/kubernetes/kyak/apps/tools/descheduler/app/helmrelease.yaml b/kubernetes/kyak/apps/tools/descheduler/app/helmrelease.yaml index 8b6d436635..cc303a790f 100644 --- a/kubernetes/kyak/apps/tools/descheduler/app/helmrelease.yaml +++ b/kubernetes/kyak/apps/tools/descheduler/app/helmrelease.yaml @@ -1,6 +1,6 @@ --- # yaml-language-server: $schema=https://kubernetes-schemas.devbu.io/helm.toolkit.fluxcd.io/helmrelease_v2beta1.json -apiVersion: helm.toolkit.fluxcd.io/v2beta1 +apiVersion: helm.toolkit.fluxcd.io/v2beta2 kind: HelmRelease metadata: name: descheduler diff --git a/kubernetes/kyak/apps/tools/kubernetes-schemas/app/helmrelease.yaml b/kubernetes/kyak/apps/tools/kubernetes-schemas/app/helmrelease.yaml index a0f66e24f5..582147caf5 100644 --- a/kubernetes/kyak/apps/tools/kubernetes-schemas/app/helmrelease.yaml +++ b/kubernetes/kyak/apps/tools/kubernetes-schemas/app/helmrelease.yaml @@ -1,6 +1,6 @@ --- # yaml-language-server: $schema=https://kubernetes-schemas.devbu.io/helm.toolkit.fluxcd.io/helmrelease_v2beta1.json -apiVersion: helm.toolkit.fluxcd.io/v2beta1 +apiVersion: helm.toolkit.fluxcd.io/v2beta2 kind: HelmRelease metadata: name: &app kubernetes-schemas diff --git a/kubernetes/kyak/apps/tools/node-feature-discovery/app/helmrelease.yaml b/kubernetes/kyak/apps/tools/node-feature-discovery/app/helmrelease.yaml index fcffcd7534..c06bbb192d 100644 --- a/kubernetes/kyak/apps/tools/node-feature-discovery/app/helmrelease.yaml +++ b/kubernetes/kyak/apps/tools/node-feature-discovery/app/helmrelease.yaml @@ -1,6 +1,6 @@ --- # yaml-language-server: $schema=https://kubernetes-schemas.devbu.io/helm.toolkit.fluxcd.io/helmrelease_v2beta1.json -apiVersion: helm.toolkit.fluxcd.io/v2beta1 +apiVersion: helm.toolkit.fluxcd.io/v2beta2 kind: HelmRelease metadata: name: node-feature-discovery @@ -9,7 +9,7 @@ spec: chart: spec: chart: node-feature-discovery - version: 0.14.3 + version: 0.15.0 sourceRef: kind: HelmRepository name: node-feature-discovery diff --git a/kubernetes/kyak/apps/tools/reloader/app/helmrelease.yaml b/kubernetes/kyak/apps/tools/reloader/app/helmrelease.yaml index 3e26bc5199..419266e458 100644 --- a/kubernetes/kyak/apps/tools/reloader/app/helmrelease.yaml +++ b/kubernetes/kyak/apps/tools/reloader/app/helmrelease.yaml @@ -1,6 +1,6 @@ --- # yaml-language-server: $schema=https://kubernetes-schemas.devbu.io/helm.toolkit.fluxcd.io/helmrelease_v2beta1.json -apiVersion: helm.toolkit.fluxcd.io/v2beta1 +apiVersion: helm.toolkit.fluxcd.io/v2beta2 kind: HelmRelease metadata: name: reloader @@ -10,7 +10,7 @@ spec: chart: spec: chart: reloader - version: 1.0.54 + version: 1.0.56 sourceRef: kind: HelmRepository name: stakater diff --git a/kubernetes/kyak/flux/config/flux.yaml b/kubernetes/kyak/flux/config/flux.yaml index bd9c7071d0..8ac7dced97 100644 --- a/kubernetes/kyak/flux/config/flux.yaml +++ b/kubernetes/kyak/flux/config/flux.yaml @@ -9,7 +9,7 @@ spec: interval: 10m url: oci://ghcr.io/fluxcd/flux-manifests ref: - tag: v2.2.1 + tag: v2.2.2 --- # yaml-language-server: $schema=https://kubernetes-schemas.devbu.io/kustomize.toolkit.fluxcd.io/kustomization_v1.json apiVersion: kustomize.toolkit.fluxcd.io/v1 diff --git a/kubernetes/kyak/flux/repositories/git/kubernetes-csi-addons.yaml b/kubernetes/kyak/flux/repositories/git/kubernetes-csi-addons.yaml index 0ead8b8ed1..1032bccb22 100644 --- a/kubernetes/kyak/flux/repositories/git/kubernetes-csi-addons.yaml +++ b/kubernetes/kyak/flux/repositories/git/kubernetes-csi-addons.yaml @@ -9,7 +9,7 @@ spec: interval: 30m url: https://github.com/csi-addons/kubernetes-csi-addons ref: - tag: v0.7.0 + tag: v0.8.0 ignore: | # exclude all /* diff --git a/kubernetes/sol/apps/cert-manager/cert-manager/app/helmrelease.yaml b/kubernetes/sol/apps/cert-manager/cert-manager/app/helmrelease.yaml index 061398246f..d104a63491 100644 --- a/kubernetes/sol/apps/cert-manager/cert-manager/app/helmrelease.yaml +++ b/kubernetes/sol/apps/cert-manager/cert-manager/app/helmrelease.yaml @@ -9,7 +9,7 @@ spec: chart: spec: chart: cert-manager - version: v1.13.2 + version: v1.13.3 sourceRef: kind: HelmRepository name: jetstack diff --git a/kubernetes/sol/apps/default/minio/app/helmrelease.yaml b/kubernetes/sol/apps/default/minio/app/helmrelease.yaml index 1e5563abd6..8a89cdd214 100644 --- a/kubernetes/sol/apps/default/minio/app/helmrelease.yaml +++ b/kubernetes/sol/apps/default/minio/app/helmrelease.yaml @@ -33,7 +33,7 @@ spec: main: image: repository: quay.io/minio/minio - tag: RELEASE.2023-12-14T18-51-57Z + tag: RELEASE.2023-12-20T01-00-02Z env: MINIO_API_CORS_ALLOW_ORIGIN: https://minio.286k.co,https://s3.286k.co MINIO_BROWSER_REDIRECT_URL: https://minio.286k.co diff --git a/kubernetes/sol/apps/default/zot/app/helmrelease.yaml b/kubernetes/sol/apps/default/zot/app/helmrelease.yaml index 513481156e..30b1942391 100644 --- a/kubernetes/sol/apps/default/zot/app/helmrelease.yaml +++ b/kubernetes/sol/apps/default/zot/app/helmrelease.yaml @@ -33,7 +33,7 @@ spec: main: image: repository: ghcr.io/project-zot/zot-linux-amd64 - tag: v1.4.3 + tag: v2.0.0 probes: liveness: &probes enabled: true diff --git a/kubernetes/sol/apps/kube-system/reloader/app/helmrelease.yaml b/kubernetes/sol/apps/kube-system/reloader/app/helmrelease.yaml index 3e26bc5199..8241550fa8 100644 --- a/kubernetes/sol/apps/kube-system/reloader/app/helmrelease.yaml +++ b/kubernetes/sol/apps/kube-system/reloader/app/helmrelease.yaml @@ -10,7 +10,7 @@ spec: chart: spec: chart: reloader - version: 1.0.54 + version: 1.0.56 sourceRef: kind: HelmRepository name: stakater diff --git a/kubernetes/sol/apps/networking/nginx/internal/helmrelease.yaml b/kubernetes/sol/apps/networking/nginx/internal/helmrelease.yaml index 2b7a13b2f5..5ebd36d665 100644 --- a/kubernetes/sol/apps/networking/nginx/internal/helmrelease.yaml +++ b/kubernetes/sol/apps/networking/nginx/internal/helmrelease.yaml @@ -10,7 +10,7 @@ spec: chart: spec: chart: ingress-nginx - version: 4.8.4 + version: 4.9.0 sourceRef: kind: HelmRepository name: ingress-nginx diff --git a/kubernetes/sol/apps/system-upgrade/system-upgrade-controller/app/helmrelease.yaml b/kubernetes/sol/apps/system-upgrade/system-upgrade-controller/app/helmrelease.yaml index 66f2876650..957cc6ed66 100644 --- a/kubernetes/sol/apps/system-upgrade/system-upgrade-controller/app/helmrelease.yaml +++ b/kubernetes/sol/apps/system-upgrade/system-upgrade-controller/app/helmrelease.yaml @@ -39,7 +39,7 @@ spec: SYSTEM_UPGRADE_JOB_ACTIVE_DEADLINE_SECONDS: 900 SYSTEM_UPGRADE_JOB_BACKOFF_LIMIT: 99 SYSTEM_UPGRADE_JOB_IMAGE_PULL_POLICY: IfNotPresent - SYSTEM_UPGRADE_JOB_KUBECTL_IMAGE: docker.io/rancher/kubectl:v1.28.4 + SYSTEM_UPGRADE_JOB_KUBECTL_IMAGE: docker.io/rancher/kubectl:v1.29.0 SYSTEM_UPGRADE_JOB_PRIVILEGED: true SYSTEM_UPGRADE_JOB_TTL_SECONDS_AFTER_FINISH: 900 SYSTEM_UPGRADE_PLAN_POLLING_INTERVAL: 15m diff --git a/pulumi/cloudflare/package-lock.json b/pulumi/cloudflare/package-lock.json index 6a7da14b10..8fb874d6cb 100644 --- a/pulumi/cloudflare/package-lock.json +++ b/pulumi/cloudflare/package-lock.json @@ -302,9 +302,9 @@ } }, "node_modules/@pulumi/pulumi": { - "version": "3.98.0", - "resolved": "https://registry.npmjs.org/@pulumi/pulumi/-/pulumi-3.98.0.tgz", - "integrity": "sha512-G5LpwM7CvR5hLvyscgWp5TVVJYTOJqeLSL0uTUtHSBz/Tpiqv1lgygW8oUIUD4gPm33UfcK1cVejCASdQk+74Q==", + "version": "3.99.0", + "resolved": "https://registry.npmjs.org/@pulumi/pulumi/-/pulumi-3.99.0.tgz", + "integrity": "sha512-bS186PU6pfNKU8T7S91aDUSlvYpohcwJmnbQ+kStz6IZaGeZzu8iZoAZ+nM266dydeYxCaanK3Kjkp/iuxUBcg==", "dependencies": { "@grpc/grpc-js": "1.9.6", "@logdna/tail-file": "^2.0.6", @@ -373,9 +373,9 @@ "integrity": "sha512-40um9QqwHjRS92qnOaDpL7RmDK15NuZYo9HihiJRbYkMQZlWnuH8AdvbMy8/o6lgLmKbDUKa+OALCltHdbOTpQ==" }, "node_modules/@types/node": { - "version": "20.10.4", - "resolved": "https://registry.npmjs.org/@types/node/-/node-20.10.4.tgz", - "integrity": "sha512-D08YG6rr8X90YB56tSIuBaddy/UXAA9RKJoFvrsnogAum/0pmjkgi4+2nx96A330FmioegBWmEYQ+syqCFaveg==", + "version": "20.10.5", + "resolved": "https://registry.npmjs.org/@types/node/-/node-20.10.5.tgz", + "integrity": "sha512-nNPsNE65wjMxEKI93yOP+NPGGBJz/PoN3kZsVLee0XMiJolxSekEVD8wRwBUBqkwc7UWop0edW50yrCQW4CyRw==", "dependencies": { "undici-types": "~5.26.4" } diff --git a/pulumi/sol/package-lock.json b/pulumi/sol/package-lock.json index 85e265ea4b..b58678f73d 100644 --- a/pulumi/sol/package-lock.json +++ b/pulumi/sol/package-lock.json @@ -295,9 +295,9 @@ "integrity": "sha512-Vvn3zZrhQZkkBE8LSuW3em98c0FwgO4nxzv6OdSxPKJIEKY2bGbHn+mhGIPerzI4twdxaP8/0+06HBpwf345Lw==" }, "node_modules/@pulumi/aws": { - "version": "6.14.0", - "resolved": "https://registry.npmjs.org/@pulumi/aws/-/aws-6.14.0.tgz", - "integrity": "sha512-dOTdUkRdV0IU7HCHpMDRMF2co4d4iBWeGmuxq/mLYt0PdVMsUsVsMJ87xAIP2S3g0kTVLNOzL1l8EP24OS1vlg==", + "version": "6.17.0", + "resolved": "https://registry.npmjs.org/@pulumi/aws/-/aws-6.17.0.tgz", + "integrity": "sha512-mouN/IufNJQd2O0dNBscWWGkOv4iY7eS4A2b7wh1e3GQqU5Vl8PeLJBS2s29ElGaFfNiLwSjG16U88iemrp0RQ==", "dependencies": { "@pulumi/pulumi": "^3.0.0", "builtin-modules": "3.0.0", @@ -315,9 +315,9 @@ } }, "node_modules/@pulumi/pulumi": { - "version": "3.98.0", - "resolved": "https://registry.npmjs.org/@pulumi/pulumi/-/pulumi-3.98.0.tgz", - "integrity": "sha512-G5LpwM7CvR5hLvyscgWp5TVVJYTOJqeLSL0uTUtHSBz/Tpiqv1lgygW8oUIUD4gPm33UfcK1cVejCASdQk+74Q==", + "version": "3.99.0", + "resolved": "https://registry.npmjs.org/@pulumi/pulumi/-/pulumi-3.99.0.tgz", + "integrity": "sha512-bS186PU6pfNKU8T7S91aDUSlvYpohcwJmnbQ+kStz6IZaGeZzu8iZoAZ+nM266dydeYxCaanK3Kjkp/iuxUBcg==", "dependencies": { "@grpc/grpc-js": "1.9.6", "@logdna/tail-file": "^2.0.6", diff --git a/pulumi/vault/package-lock.json b/pulumi/vault/package-lock.json index 5cee55b338..17b405844d 100644 --- a/pulumi/vault/package-lock.json +++ b/pulumi/vault/package-lock.json @@ -297,9 +297,9 @@ "integrity": "sha512-Vvn3zZrhQZkkBE8LSuW3em98c0FwgO4nxzv6OdSxPKJIEKY2bGbHn+mhGIPerzI4twdxaP8/0+06HBpwf345Lw==" }, "node_modules/@pulumi/aws": { - "version": "6.14.0", - "resolved": "https://registry.npmjs.org/@pulumi/aws/-/aws-6.14.0.tgz", - "integrity": "sha512-dOTdUkRdV0IU7HCHpMDRMF2co4d4iBWeGmuxq/mLYt0PdVMsUsVsMJ87xAIP2S3g0kTVLNOzL1l8EP24OS1vlg==", + "version": "6.17.0", + "resolved": "https://registry.npmjs.org/@pulumi/aws/-/aws-6.17.0.tgz", + "integrity": "sha512-mouN/IufNJQd2O0dNBscWWGkOv4iY7eS4A2b7wh1e3GQqU5Vl8PeLJBS2s29ElGaFfNiLwSjG16U88iemrp0RQ==", "dependencies": { "@pulumi/pulumi": "^3.0.0", "builtin-modules": "3.0.0", @@ -325,9 +325,9 @@ } }, "node_modules/@pulumi/pulumi": { - "version": "3.98.0", - "resolved": "https://registry.npmjs.org/@pulumi/pulumi/-/pulumi-3.98.0.tgz", - "integrity": "sha512-G5LpwM7CvR5hLvyscgWp5TVVJYTOJqeLSL0uTUtHSBz/Tpiqv1lgygW8oUIUD4gPm33UfcK1cVejCASdQk+74Q==", + "version": "3.99.0", + "resolved": "https://registry.npmjs.org/@pulumi/pulumi/-/pulumi-3.99.0.tgz", + "integrity": "sha512-bS186PU6pfNKU8T7S91aDUSlvYpohcwJmnbQ+kStz6IZaGeZzu8iZoAZ+nM266dydeYxCaanK3Kjkp/iuxUBcg==", "dependencies": { "@grpc/grpc-js": "1.9.6", "@logdna/tail-file": "^2.0.6", @@ -393,9 +393,9 @@ "integrity": "sha512-K0VQKziLUWkVKiRVrx4a40iPaxTUefQmjtkQofBkYRcoaaL/8rhwDWww9qWbrgicNOgnpIsMxyNIUM4+n6dUIA==" }, "node_modules/@types/node": { - "version": "20.10.4", - "resolved": "https://registry.npmjs.org/@types/node/-/node-20.10.4.tgz", - "integrity": "sha512-D08YG6rr8X90YB56tSIuBaddy/UXAA9RKJoFvrsnogAum/0pmjkgi4+2nx96A330FmioegBWmEYQ+syqCFaveg==", + "version": "20.10.5", + "resolved": "https://registry.npmjs.org/@types/node/-/node-20.10.5.tgz", + "integrity": "sha512-nNPsNE65wjMxEKI93yOP+NPGGBJz/PoN3kZsVLee0XMiJolxSekEVD8wRwBUBqkwc7UWop0edW50yrCQW4CyRw==", "dependencies": { "undici-types": "~5.26.4" }