feat(kdl-server): improves

* chore(kdl): [KDL6-93] remove drone
* chore(kdl): bump components
* chore(kdl): disable vscode
* chore(kdl): encode old values
* chore(kdl): improve operators
* chore(kdl): parametrize vscode
* chore(kdl): remove env ref on knowledge-galaxy
* chore(kdl): set default configmap ref
* ci: [KDL6-66] configure updatecli.io on deps
* feat(kdl) remove gitea-oauth2
* feat(kdl): add dependencies and allow optional services
* feat(kdl): update storageclassname reference
* feat(kdl): update vscode crd ref
* feat(operators): change files name
* fix: keep legacy templates
* fix(kdl): deployment container duplicate port
* fix(kdl): fullnameOverride keycloak subchart
* fix(kdl): minio configmap reference
* fix(kdl): readyChecker

feat(konstellation-base): improves
* secrets preference
* feat: add envFrom with files
* feat: add networkpolicy
* fix: remove duplicate image

.github/ct.yaml → .github/ct.yml

@@ -1,6 +1,6 @@
 # See https://github.com/helm/chart-testing#configuration
 chart-dirs: charts
-check-version-increment: true
+check-version-increment: false
 debug: false
 remote: origin
 target-branch: main

.github/updatecli/helm-kdl-server-appversion.yaml

@@ -0,0 +1,17 @@
+sources:
+  kdl-server:
+    kind: dockerimage
+    spec:
+      image: konstellation/kdl-server
+      architecture: linux/amd64
+      versionFilter:
+        kind: semver
+conditions: {}
+targets:
+  kdl-server:
+    name: bump chart appversion
+    kind: yaml
+    spec:
+      file: charts/kdl-server/Chart.yaml
+      key: $.appVersion
+    sourceid: kdl-server

.github/updatecli/helm-kdl-server-dependencies.yaml

@@ -0,0 +1,83 @@
+sources:
+  konstellation-base:
+    kind: helmchart
+    spec:
+      url: https://charts.konstellation.io
+      name: konstellation-base
+      versionFilter:
+        kind: semver
+        pattern: '*' # replace with CI/CD updatecli
+    sourceid: konstellation-base
+  minio:
+    kind: helmchart
+    spec:
+      url: https://charts.bitnami.com/bitnami
+      name: minio
+      versionFilter:
+        kind: semver
+        pattern: '*' # replace with CI/CD updatecli
+    sourceid: minio
+  mongodb:
+    kind: helmchart
+    spec:
+      url: https://charts.bitnami.com/bitnami
+      name: mongodb
+      versionFilter:
+        kind: semver
+        pattern: '*' # replace with CI/CD updatecli
+    sourceid: mongodb
+  oauth2-proxy:
+    kind: helmchart
+    spec:
+      url: https://oauth2-proxy.github.io/manifests
+      name: oauth2-proxy
+      versionFilter:
+        kind: semver
+        pattern: '*' # replace with CI/CD updatecli
+    sourceid: oauth2-proxy
+  postgresql:
+    kind: helmchart
+    spec:
+      url: https://charts.bitnami.com/bitnami
+      name: postgresql
+      versionFilter:
+        kind: semver
+        pattern: '*' # replace with CI/CD updatecli
+    sourceid: postgresql
+conditions: {}
+targets:
+  konstellation-base:
+    name: bump chart dependencies
+    kind: yaml
+    spec:
+      file: charts/kdl-server/Chart.yaml
+      key: $.dependencies[0].version
+    sourceid: konstellation-base
+  minio:
+    name: bump chart dependencies
+    kind: yaml
+    spec:
+      file: charts/kdl-server/Chart.yaml
+      key: $.dependencies[1].version
+    sourceid: minio
+  mongodb:
+    name: bump chart dependencies
+    kind: yaml
+    spec:
+      file: charts/kdl-server/Chart.yaml
+      key: $.dependencies[2].version
+    sourceid: mongodb
+  oauth2-proxy:
+    name: bump chart dependencies
+    kind: yaml
+    spec:
+      file: charts/kdl-server/Chart.yaml
+      key: $.dependencies[3].version
+    sourceid: oauth2-proxy
+  postgresql:
+    name: bump chart dependencies
+    kind: yaml
+    spec:
+      file: charts/kdl-server/Chart.yaml
+      key: $.dependencies[4].version
+    sourceid: postgresql

.github/workflows/README.md

@@ -0,0 +1,17 @@
+# GitHub Actions
+
+* [`[GitHub] Auto-assign`](./github-auto-assign.yml): automatically assigns reviewers to pull requests when they are opened or marked as ready for review.
+
+* [`[GitHub] Mark release as pre-release"`](./github-set-prerelease.yml): marks a release as a pre-release if its tag indicates it's a release candidate (example: `-rc.x`). This workflow ensures proper labeling of release candidates and integrates seamlessly with Helm Releaser actions.
+
+* [`[GitHub] Stale issues and PRs`](./github-stale-issues-pr.yml): runs daily to identify and label issues or pull requests as stale if there has been no activity for 60 days. Stale items are optionally closed after a specified period, keeping the repository organized.
+
+* [`[Helm] Check KDL Server major dependencies releases`](./helm-check-kdl-server-major-dependencies.yml): scheduled monthly or manually triggered, this workflow checks and updates the KDL Server Helm chart's major dependencies. It ensures the latest versions are applied and creates a pull request for the updates and improving dependency management.
+
+* [`[Helm] Check KDL Server minor dependencies releases`](./helm-check-kdl-server-minor-dependencies.yml): runs weekly or manually to check and update minor dependencies for the KDL Server Helm chart. It adheres to semantic versioning rules and creates pull requests for updates, keeping the chart up-to-date.
+
+* [`[Helm] Check KDL Server new releases`](./helm-check-kdl-server-release.yml): executed daily or manually to detect new KDL Server releases. If a new version is found, it updates the Helm chart and creates a pull request to reflect the change, including details about the release.
+
+* [`[Helm Charts] Lint and test PR`](./helm-lint-test.yml): triggered by pull requests or manually to validate Helm charts. It performs linting, dependency checks and testing on Kubernetes clusters to ensure charts meet quality standards before merging.
+
+* [`[Helm Charts] Releases`](./helm-release.yml): automatically generates and publishes Helm chart releases when changes are pushed to the main branch. The workflow signs and publishes OCI-compliant charts to the GitHub Container Registry, ensuring secure and traceable releases.

.github/workflows/github-set-prerelease.yml

@@ -0,0 +1,31 @@
+# TODO: this action fix the issue with the helm-releaser action
+# not marking the release as pre-release
+name: "[GitHub] Mark release as pre-release"
+
+on:
+  release:
+    types:
+      - published
+
+jobs:
+  mark_prerelease:
+    runs-on: ubuntu-latest
+    steps:
+      - name: Check if release is a candidate (RC)
+        id: check_rc
+        run: |
+          if [[ "${GITHUB_REF_NAME}" == *-rc.* ]]; then
+            echo "IS_RC=true" >> $GITHUB_ENV
+          else
+            echo "IS_RC=false" >> $GITHUB_ENV
+          fi
+
+      - name: Mark as pre-release
+        if: env.IS_RC == 'true'
+        run: |
+          curl \
+            -X PATCH \
+            -H "Accept: application/vnd.github+json" \
+            -H "Authorization: Bearer ${{ secrets.PAT }}" \
+            https://api.github.com/repos/${{ github.repository }}/releases/${{ github.event.release.id }} \
+            -d '{"prerelease": true}'

.github/workflows/helm-check-kdl-server-major-dependencies.yml

@@ -0,0 +1,81 @@
+name: "[Helm] Check KDL Server major dependencies releases"
+
+on:
+  workflow_dispatch:
+  schedule:
+    - cron: '0 0 1 * *' # first day of month
+
+jobs:
+  check-and-update-major-dependencies:
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout repository
+        uses: actions/checkout@v4
+        with:
+          fetch-depth: 0
+          persist-credentials: false
+
+      - name: Prepare updatecli configuration
+        id: dependencies
+        run: |
+          # get name dependencies
+          dependencies=($(yq eval -o=json '.dependencies[] | .name' charts/kdl-server/Chart.yaml | xargs))
+
+          # replace version
+          for dependency in "${dependencies[@]}"; do
+            yq eval -i ".sources.${dependency}.spec.versionFilter.pattern = \"*\"" .github/updatecli/helm-kdl-server-dependencies.yaml
+          done
+
+      - name: Install updatecli
+        uses: updatecli/updatecli-action@v2
+
+      - name: Update dependencies
+        run: |
+          updatecli apply --config .github/updatecli/helm-kdl-server-dependencies.yaml --commit=false 2>&1 | tee > $GITHUB_WORKSPACE/major-output.log
+
+          # show PR body
+          cat major-output.log
+        shell: bash
+        env:
+          GITHUB_TOKEN: "${{ secrets.GITHUB_TOKEN }}"
+
+      - name: Update README.md Helm Chart
+        uses: losisin/helm-docs-github-action@v1
+        with:
+          chart-search-root: charts/kdl-server
+
+      - name: Get current date
+        id: date
+        run: |
+          echo "date=$(date -I)" >> $GITHUB_OUTPUT
+
+      - name: Create PR with changes (dry-run)
+        uses: peter-evans/create-pull-request@v7
+        if: github.event_name == 'workflow_dispatch'
+        with:
+          add-paths: charts/kdl-server
+          token: ${{ secrets.PAT }}
+          commit-message: "fix: update major dependencies version"
+          signoff: false
+          branch: chore/upgrade-kdl-server-major-dependencies-${{ steps.date.outputs.date }}
+          delete-branch: true
+          title: '[kdl-server] upgrade major dependencies (${{ steps.date.outputs.date }})'
+          body-path: major-output.log
+          draft: true
+          labels: |
+            auto-pr-bump-version
+
+      - name: Create PR with changes
+        uses: peter-evans/create-pull-request@v7
+        if: github.event_name == 'schedule'
+        with:
+          add-paths: charts/kdl-server
+          token: ${{ secrets.PAT }}
+          commit-message: "fix: update major dependencies version"
+          signoff: false
+          branch: chore/upgrade-kdl-server-major-dependencies-${{ steps.date.outputs.date }}
+          delete-branch: true
+          title: '[kdl-server] upgrade major dependencies (${{ steps.date.outputs.date }})'
+          body-path: major-output.log
+          labels: |
+            auto-pr-bump-version

.github/workflows/helm-check-kdl-server-minor-dependencies.yml

@@ -0,0 +1,79 @@
+name: "[Helm] Check KDL Server minor dependencies releases"
+
+on:
+  workflow_dispatch:
+  schedule:
+    - cron: '0 0 * * 1' # every monday
+
+jobs:
+  check-and-update-minor-dependencies:
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout repository
+        uses: actions/checkout@v4
+        with:
+          fetch-depth: 0
+          persist-credentials: false
+
+      - name: Prepare updatecli configuration
+        id: dependencies
+        run: |
+          # get name dependencies
+          dependencies=($(yq eval -o=json '.dependencies[] | .name' charts/kdl-server/Chart.yaml | xargs))
+
+          # replace version
+          for dependency in "${dependencies[@]}"; do
+            version="~$(yq eval -r ".dependencies[] | select(.name == \"${dependency}\") | .version" charts/kdl-server/Chart.yaml | cut -d'.' -f1)"
+            yq eval -i ".sources.${dependency}.spec.versionFilter.pattern = \"${version}\"" .github/updatecli/helm-kdl-server-dependencies.yaml
+          done
+
+      - name: Install updatecli
+        uses: updatecli/updatecli-action@v2
+
+      - name: Update dependencies
+        run: |
+          updatecli apply --config .github/updatecli/helm-kdl-server-dependencies.yaml --commit=false 2>&1 | tee > $GITHUB_WORKSPACE/minor-output.log
+        shell: bash
+        env:
+          GITHUB_TOKEN: "${{ secrets.GITHUB_TOKEN }}"
+
+      - name: Update README.md Helm Chart
+        uses: losisin/helm-docs-github-action@v1
+        with:
+          chart-search-root: charts/kdl-server
+
+      - name: Get current date
+        id: date
+        run: |
+          echo "date=$(date -I)" >> $GITHUB_OUTPUT
+
+      - name: Create PR with changes (dry-run)
+        uses: peter-evans/create-pull-request@v7
+        if: github.event_name == 'workflow_dispatch'
+        with:
+          add-paths: charts/kdl-server
+          token: ${{ secrets.PAT }}
+          commit-message: "fix: update minor dependencies version"
+          signoff: false
+          branch: chore/upgrade-kdl-server-minor-dependencies-${{ steps.date.outputs.date }}
+          delete-branch: true
+          title: '[kdl-server] upgrade minor dependencies (${{ steps.date.outputs.date }})'
+          body-path: minor-output.log
+          draft: true
+          labels: |
+            auto-pr-bump-version
+
+      - name: Create PR with changes
+        uses: peter-evans/create-pull-request@v7
+        if: github.event_name == 'schedule'
+        with:
+          add-paths: charts/kdl-server
+          token: ${{ secrets.PAT }}
+          commit-message: "fix: update minor dependencies version"
+          signoff: false
+          branch: chore/upgrade-kdl-server-minor-dependencies-${{ steps.date.outputs.date }}
+          delete-branch: true
+          title: '[kdl-server] upgrade minor dependencies (${{ steps.date.outputs.date }})'
+          body-path: minor-output.log
+          labels: |
+            auto-pr-bump-version

.github/workflows/helm-check-kdl-server-release.yml

@@ -0,0 +1,67 @@
+name: "[Helm] Check KDL Server new releases"
+
+on:
+  workflow_dispatch:
+  schedule:
+    - cron: '0 0 * * *' # every day
+
+jobs:
+  check-and-update-kdl-server:
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout repository
+        uses: actions/checkout@v4
+        with:
+          fetch-depth: 0
+          persist-credentials: false
+
+      - name: Get current release
+        id: current_release
+        run: |
+          current_release=$(grep appVersion charts/kdl-server/Chart.yaml | awk '{ print $2 }')
+          echo "current_release=$current_release" >> $GITHUB_OUTPUT
+
+      - name: Install updatecli
+        uses: updatecli/updatecli-action@v2
+
+      - name: Update dependencies
+        run: |
+          updatecli apply --config .github/updatecli/helm-kdl-server-appversion.yaml --commit=false
+
+      - name: Get latest release
+        id: latest_release
+        run: |
+          latest_release=$(grep appVersion charts/kdl-server/Chart.yaml | awk '{ print $2 }')
+          echo "latest_release=$latest_release" >> $GITHUB_OUTPUT
+
+      - name: Check if release changed
+        id: check_changes
+        run: |
+          if [ ${{ steps.latest_release.outputs.latest_release }} != ${{ steps.current_release.outputs.current_release }} ]; then
+            echo "release_changed=true" >> $GITHUB_OUTPUT
+          fi
+
+      - name: Update README.md Helm Chart
+        if: steps.check_changes.outputs.release_changed == 'true'
+        uses: losisin/helm-docs-github-action@v1
+        with:
+          chart-search-root: charts/kdl-server
+
+      - name: Create PR with changes
+        if: steps.check_changes.outputs.release_changed == 'true'
+        uses: peter-evans/create-pull-request@v7
+        with:
+          token: ${{ secrets.PAT }}
+          commit-message: "fix: update KDL Server version to ${{ steps.latest_release.outputs.latest_release }}"
+          signoff: false
+          branch: chore/upgrade-kdl-server-appversion-${{ steps.latest_release.outputs.latest_release }}
+          delete-branch: true
+          title: '[kdl-server] new release: ${{ steps.latest_release.outputs.latest_release }}'
+          body: |
+            KDL Server version:
+            - :information_source: Current: `${{ steps.current_release.outputs.current_release }}`
+            - :up: Upgrade: `${{ steps.latest_release.outputs.latest_release }}`
+
+            Changelog: https://github.com/konstellation-io/kdl-server/releases/tag/${{ steps.latest_release.outputs.latest_release }}
+          labels: |
+            auto-pr-bump-version