From 78e6736104d2a57046286c12eb5c1bea4230514d Mon Sep 17 00:00:00 2001 From: "bot-ross[bot]" <98030736+bot-ross[bot]@users.noreply.github.com> Date: Sun, 29 Dec 2024 14:17:58 -0500 Subject: [PATCH 01/72] =?UTF-8?q?fix(container):=20update=20ghcr.io/kieran?= =?UTF-8?q?eglin/pinchflat=20(=20v2024.12.10=20=E2=86=92=20v2024.12.29=20)?= =?UTF-8?q?=20(#8570)?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Co-authored-by: bot-ross[bot] <98030736+bot-ross[bot]@users.noreply.github.com> --- kubernetes/main/apps/default/pinchflat/app/helmrelease.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/kubernetes/main/apps/default/pinchflat/app/helmrelease.yaml b/kubernetes/main/apps/default/pinchflat/app/helmrelease.yaml index f2b850df73ea0..1d61b3a6873db 100644 --- a/kubernetes/main/apps/default/pinchflat/app/helmrelease.yaml +++ b/kubernetes/main/apps/default/pinchflat/app/helmrelease.yaml @@ -34,7 +34,7 @@ spec: app: image: repository: ghcr.io/kieraneglin/pinchflat - tag: v2024.12.10@sha256:2ea6c9d0c17e97df9862406e5bbd99e448c967571155aaa44e9a37efbef878e8 + tag: v2024.12.29@sha256:934ec3d45358b306f405be3cef0a163d46c1f7b776fcf47d87add7fce62298f3 env: TZ: America/New_York TZ_DATA_DIR: /tmp/elixir_tz_data From 5909356e87b89b16d0adc350046f5203db9bc469 Mon Sep 17 00:00:00 2001 From: "bot-ross[bot]" <98030736+bot-ross[bot]@users.noreply.github.com> Date: Sun, 29 Dec 2024 18:14:22 -0500 Subject: [PATCH 02/72] =?UTF-8?q?fix(container):=20update=20ghcr.io/onedr0?= =?UTF-8?q?p/prowlarr-develop=20(=201.29.0.4897=20=E2=86=92=201.29.1.4903?= =?UTF-8?q?=20)=20(#8571)?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Co-authored-by: bot-ross[bot] <98030736+bot-ross[bot]@users.noreply.github.com> --- kubernetes/main/apps/default/prowlarr/app/helmrelease.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/kubernetes/main/apps/default/prowlarr/app/helmrelease.yaml b/kubernetes/main/apps/default/prowlarr/app/helmrelease.yaml index f022a765998c5..384c4cfeda16e 100644 --- a/kubernetes/main/apps/default/prowlarr/app/helmrelease.yaml +++ b/kubernetes/main/apps/default/prowlarr/app/helmrelease.yaml @@ -34,7 +34,7 @@ spec: app: image: repository: ghcr.io/onedr0p/prowlarr-develop - tag: 1.29.0.4897@sha256:7ce899a3aede6e505e395bcf0f7a6749b25b57b69e1a355bd39dc7f60a25985e + tag: 1.29.1.4903@sha256:aa0f5743b6b0a0d6e321dd55af0b78088199347e3cd1a7e5d635e4f4829adb6d env: PROWLARR__APP__INSTANCENAME: Prowlarr PROWLARR__APP__THEME: dark From b52b53c962a078217c70c4dca5add2ded6ebae95 Mon Sep 17 00:00:00 2001 From: "bot-ross[bot]" <98030736+bot-ross[bot]@users.noreply.github.com> Date: Sun, 29 Dec 2024 18:17:09 -0500 Subject: [PATCH 03/72] =?UTF-8?q?feat(container):=20update=20docker.io/fal?= =?UTF-8?q?lenbagel/jellyseerr=20(=202.1.0=20=E2=86=92=202.2.0=20)=20(#857?= =?UTF-8?q?2)?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Co-authored-by: bot-ross[bot] <98030736+bot-ross[bot]@users.noreply.github.com> --- kubernetes/main/apps/default/jellyseerr/app/helmrelease.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/kubernetes/main/apps/default/jellyseerr/app/helmrelease.yaml b/kubernetes/main/apps/default/jellyseerr/app/helmrelease.yaml index df0ecd7a44621..9a18996e04c7e 100644 --- a/kubernetes/main/apps/default/jellyseerr/app/helmrelease.yaml +++ b/kubernetes/main/apps/default/jellyseerr/app/helmrelease.yaml @@ -34,7 +34,7 @@ spec: app: image: repository: docker.io/fallenbagel/jellyseerr - tag: 2.1.0@sha256:af5563771964282e5bfb6a4f30b05c75c8d30661a920f0399086f575217d0573 + tag: 2.2.0@sha256:7cbcd295643e2f443195b89e0c81775d19d60e84db643053a5138913d7d5e5e7 env: TZ: America/New_York LOG_LEVEL: "info" From ba33cc9fc56b186210b89bd3023d8528e152b24d Mon Sep 17 00:00:00 2001 From: "bot-ross[bot]" <98030736+bot-ross[bot]@users.noreply.github.com> Date: Sun, 29 Dec 2024 22:48:10 -0500 Subject: [PATCH 04/72] =?UTF-8?q?fix(container):=20update=20docker.io/fall?= =?UTF-8?q?enbagel/jellyseerr=20(=202.2.0=20=E2=86=92=202.2.1=20)=20(#8573?= =?UTF-8?q?)?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Co-authored-by: bot-ross[bot] <98030736+bot-ross[bot]@users.noreply.github.com> --- kubernetes/main/apps/default/jellyseerr/app/helmrelease.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/kubernetes/main/apps/default/jellyseerr/app/helmrelease.yaml b/kubernetes/main/apps/default/jellyseerr/app/helmrelease.yaml index 9a18996e04c7e..6392365d4974e 100644 --- a/kubernetes/main/apps/default/jellyseerr/app/helmrelease.yaml +++ b/kubernetes/main/apps/default/jellyseerr/app/helmrelease.yaml @@ -34,7 +34,7 @@ spec: app: image: repository: docker.io/fallenbagel/jellyseerr - tag: 2.2.0@sha256:7cbcd295643e2f443195b89e0c81775d19d60e84db643053a5138913d7d5e5e7 + tag: 2.2.1@sha256:8ad7163a40e60b76eaa4e9f78a6da553ce48cd22d3b872f25fcd7f4d220e4daa env: TZ: America/New_York LOG_LEVEL: "info" From 4cf102f1ec0c62f18147950f37a212b530af07b4 Mon Sep 17 00:00:00 2001 From: "bot-ross[bot]" <98030736+bot-ross[bot]@users.noreply.github.com> Date: Mon, 30 Dec 2024 07:01:31 -0500 Subject: [PATCH 05/72] =?UTF-8?q?fix(container):=20update=20docker.io/fall?= =?UTF-8?q?enbagel/jellyseerr=20(=202.2.1=20=E2=86=92=202.2.2=20)=20(#8574?= =?UTF-8?q?)?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Co-authored-by: bot-ross[bot] <98030736+bot-ross[bot]@users.noreply.github.com> --- kubernetes/main/apps/default/jellyseerr/app/helmrelease.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/kubernetes/main/apps/default/jellyseerr/app/helmrelease.yaml b/kubernetes/main/apps/default/jellyseerr/app/helmrelease.yaml index 6392365d4974e..70e702c57b236 100644 --- a/kubernetes/main/apps/default/jellyseerr/app/helmrelease.yaml +++ b/kubernetes/main/apps/default/jellyseerr/app/helmrelease.yaml @@ -34,7 +34,7 @@ spec: app: image: repository: docker.io/fallenbagel/jellyseerr - tag: 2.2.1@sha256:8ad7163a40e60b76eaa4e9f78a6da553ce48cd22d3b872f25fcd7f4d220e4daa + tag: 2.2.2@sha256:fe72f4b341fa5c3275826a39aebfff23cbd552c956b0ab2d51dfba6a49b528f8 env: TZ: America/New_York LOG_LEVEL: "info" From 0dbf90156a9978571296b8c3cdba7bf44a663b6a Mon Sep 17 00:00:00 2001 From: Devin Buhl Date: Mon, 30 Dec 2024 08:22:13 -0500 Subject: [PATCH 06/72] fix(talos): disable imagelocality in scheduler Signed-off-by: Devin Buhl --- kubernetes/main/talos/192.168.42.10.sops.yaml.j2 | 4 ++++ kubernetes/main/talos/192.168.42.11.sops.yaml.j2 | 4 ++++ kubernetes/main/talos/192.168.42.12.sops.yaml.j2 | 4 ++++ 3 files changed, 12 insertions(+) diff --git a/kubernetes/main/talos/192.168.42.10.sops.yaml.j2 b/kubernetes/main/talos/192.168.42.10.sops.yaml.j2 index 6fece96b00695..0f7a6d0a7e1e9 100644 --- a/kubernetes/main/talos/192.168.42.10.sops.yaml.j2 +++ b/kubernetes/main/talos/192.168.42.10.sops.yaml.j2 @@ -182,6 +182,10 @@ cluster: kind: KubeSchedulerConfiguration profiles: - schedulerName: default-scheduler + plugins: + score: + disabled: + - name: ImageLocality pluginConfig: - name: PodTopologySpread args: diff --git a/kubernetes/main/talos/192.168.42.11.sops.yaml.j2 b/kubernetes/main/talos/192.168.42.11.sops.yaml.j2 index 2f8e122261ac8..b495bbc11ebf8 100644 --- a/kubernetes/main/talos/192.168.42.11.sops.yaml.j2 +++ b/kubernetes/main/talos/192.168.42.11.sops.yaml.j2 @@ -182,6 +182,10 @@ cluster: kind: KubeSchedulerConfiguration profiles: - schedulerName: default-scheduler + plugins: + score: + disabled: + - name: ImageLocality pluginConfig: - name: PodTopologySpread args: diff --git a/kubernetes/main/talos/192.168.42.12.sops.yaml.j2 b/kubernetes/main/talos/192.168.42.12.sops.yaml.j2 index 3f6ecda88ae5f..3969fee6c5319 100644 --- a/kubernetes/main/talos/192.168.42.12.sops.yaml.j2 +++ b/kubernetes/main/talos/192.168.42.12.sops.yaml.j2 @@ -182,6 +182,10 @@ cluster: kind: KubeSchedulerConfiguration profiles: - schedulerName: default-scheduler + plugins: + score: + disabled: + - name: ImageLocality pluginConfig: - name: PodTopologySpread args: From 630759012b3377a54fc530193daaed76e9642d74 Mon Sep 17 00:00:00 2001 From: Devin Buhl Date: Mon, 30 Dec 2024 08:25:05 -0500 Subject: [PATCH 07/72] fix(intel-device-plugin): only enable gpu device Signed-off-by: Devin Buhl --- .../apps/kube-system/intel-device-plugin/app/helmrelease.yaml | 3 +++ 1 file changed, 3 insertions(+) diff --git a/kubernetes/main/apps/kube-system/intel-device-plugin/app/helmrelease.yaml b/kubernetes/main/apps/kube-system/intel-device-plugin/app/helmrelease.yaml index 2b1231b513d33..57af12fe6c22a 100644 --- a/kubernetes/main/apps/kube-system/intel-device-plugin/app/helmrelease.yaml +++ b/kubernetes/main/apps/kube-system/intel-device-plugin/app/helmrelease.yaml @@ -27,3 +27,6 @@ spec: dependsOn: - name: node-feature-discovery namespace: kube-system + values: + controllerExtraArgs: | + - --devices=gpu From aa05fd60a0426f246c2933ca86c56d4f18fd77b4 Mon Sep 17 00:00:00 2001 From: "bot-ross[bot]" <98030736+bot-ross[bot]@users.noreply.github.com> Date: Mon, 30 Dec 2024 09:35:16 -0500 Subject: [PATCH 08/72] =?UTF-8?q?fix(helm):=20update=20kubelet-csr-approve?= =?UTF-8?q?r=20(=201.2.3=20=E2=86=92=201.2.4=20)=20(#8575)?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Co-authored-by: bot-ross[bot] <98030736+bot-ross[bot]@users.noreply.github.com> --- .../apps/kube-system/kubelet-csr-approver/app/helmrelease.yaml | 2 +- kubernetes/main/bootstrap/apps/helmfile.yaml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/kubernetes/main/apps/kube-system/kubelet-csr-approver/app/helmrelease.yaml b/kubernetes/main/apps/kube-system/kubelet-csr-approver/app/helmrelease.yaml index 7c04bc9f67abf..f1c567dc70f32 100644 --- a/kubernetes/main/apps/kube-system/kubelet-csr-approver/app/helmrelease.yaml +++ b/kubernetes/main/apps/kube-system/kubelet-csr-approver/app/helmrelease.yaml @@ -9,7 +9,7 @@ spec: chart: spec: chart: kubelet-csr-approver - version: 1.2.3 + version: 1.2.4 sourceRef: kind: HelmRepository name: postfinance diff --git a/kubernetes/main/bootstrap/apps/helmfile.yaml b/kubernetes/main/bootstrap/apps/helmfile.yaml index 4917d1379bae8..fcf8d6a310e03 100644 --- a/kubernetes/main/bootstrap/apps/helmfile.yaml +++ b/kubernetes/main/bootstrap/apps/helmfile.yaml @@ -44,7 +44,7 @@ releases: - name: kubelet-csr-approver namespace: kube-system chart: postfinance/kubelet-csr-approver - version: 1.2.3 + version: 1.2.4 values: ["../../apps/kube-system/kubelet-csr-approver/app/helm-values.yaml"] needs: ["kube-system/coredns"] From a127fe2f0073851bd1f7790cd18ec166bbbf558b Mon Sep 17 00:00:00 2001 From: Devin Buhl Date: Mon, 30 Dec 2024 10:44:39 -0500 Subject: [PATCH 09/72] feat: deploy silence-operator Signed-off-by: Devin Buhl --- .../app/helmrelease.yaml | 2 +- .../crds}/helmrelease.yaml | 2 +- .../crds}/kustomization.yaml | 0 .../kube-prometheus-stack/ks.yaml | 20 +++++ .../apps/observability/kustomization.yaml | 2 +- .../prometheus-operator-crds/ks.yaml | 20 ----- .../silence-operator/app/helmrelease.yaml | 76 +++++++++++++++++++ .../silence-operator/app/kustomization.yaml | 6 ++ .../silence-operator/crds/helmrelease.yaml | 24 ++++++ .../silence-operator/crds/kustomization.yaml | 6 ++ .../observability/silence-operator/ks.yaml | 40 ++++++++++ kubernetes/main/bootstrap/apps/helmfile.yaml | 4 +- .../shared/repos/helm/kustomization.yaml | 3 +- kubernetes/shared/repos/helm/wiremind.yaml | 10 +++ 14 files changed, 189 insertions(+), 26 deletions(-) rename kubernetes/main/apps/observability/{prometheus-operator-crds/app => kube-prometheus-stack/crds}/helmrelease.yaml (93%) rename kubernetes/main/apps/observability/{prometheus-operator-crds/app => kube-prometheus-stack/crds}/kustomization.yaml (100%) delete mode 100644 kubernetes/main/apps/observability/prometheus-operator-crds/ks.yaml create mode 100644 kubernetes/main/apps/observability/silence-operator/app/helmrelease.yaml create mode 100644 kubernetes/main/apps/observability/silence-operator/app/kustomization.yaml create mode 100644 kubernetes/main/apps/observability/silence-operator/crds/helmrelease.yaml create mode 100644 kubernetes/main/apps/observability/silence-operator/crds/kustomization.yaml create mode 100644 kubernetes/main/apps/observability/silence-operator/ks.yaml create mode 100644 kubernetes/shared/repos/helm/wiremind.yaml diff --git a/kubernetes/main/apps/observability/kube-prometheus-stack/app/helmrelease.yaml b/kubernetes/main/apps/observability/kube-prometheus-stack/app/helmrelease.yaml index e26114569e3af..b89af00f7773a 100644 --- a/kubernetes/main/apps/observability/kube-prometheus-stack/app/helmrelease.yaml +++ b/kubernetes/main/apps/observability/kube-prometheus-stack/app/helmrelease.yaml @@ -25,7 +25,7 @@ spec: strategy: rollback retries: 3 dependsOn: - - name: prometheus-operator-crds + - name: kube-prometheus-stack-crds namespace: observability - name: rook-ceph-cluster namespace: rook-ceph diff --git a/kubernetes/main/apps/observability/prometheus-operator-crds/app/helmrelease.yaml b/kubernetes/main/apps/observability/kube-prometheus-stack/crds/helmrelease.yaml similarity index 93% rename from kubernetes/main/apps/observability/prometheus-operator-crds/app/helmrelease.yaml rename to kubernetes/main/apps/observability/kube-prometheus-stack/crds/helmrelease.yaml index da0f397aeda05..d426472c7665d 100644 --- a/kubernetes/main/apps/observability/prometheus-operator-crds/app/helmrelease.yaml +++ b/kubernetes/main/apps/observability/kube-prometheus-stack/crds/helmrelease.yaml @@ -3,7 +3,7 @@ apiVersion: helm.toolkit.fluxcd.io/v2 kind: HelmRelease metadata: - name: prometheus-operator-crds + name: kube-prometheus-stack-crds spec: interval: 30m chart: diff --git a/kubernetes/main/apps/observability/prometheus-operator-crds/app/kustomization.yaml b/kubernetes/main/apps/observability/kube-prometheus-stack/crds/kustomization.yaml similarity index 100% rename from kubernetes/main/apps/observability/prometheus-operator-crds/app/kustomization.yaml rename to kubernetes/main/apps/observability/kube-prometheus-stack/crds/kustomization.yaml diff --git a/kubernetes/main/apps/observability/kube-prometheus-stack/ks.yaml b/kubernetes/main/apps/observability/kube-prometheus-stack/ks.yaml index 1e119a5c34a46..4b8f4f0ddfdc3 100644 --- a/kubernetes/main/apps/observability/kube-prometheus-stack/ks.yaml +++ b/kubernetes/main/apps/observability/kube-prometheus-stack/ks.yaml @@ -24,3 +24,23 @@ spec: substitute: APP: *app GATUS_SUBDOMAIN: prometheus +--- +# yaml-language-server: $schema=https://kubernetes-schemas.pages.dev/kustomize.toolkit.fluxcd.io/kustomization_v1.json +apiVersion: kustomize.toolkit.fluxcd.io/v1 +kind: Kustomization +metadata: + name: &app kube-prometheus-stack-crds + namespace: flux-system +spec: + targetNamespace: observability + commonMetadata: + labels: + app.kubernetes.io/name: *app + path: ./kubernetes/main/apps/observability/kube-prometheus-stack/crds + prune: false # never should be deleted + sourceRef: + kind: GitRepository + name: home-kubernetes + wait: false + interval: 30m + timeout: 5m diff --git a/kubernetes/main/apps/observability/kustomization.yaml b/kubernetes/main/apps/observability/kustomization.yaml index 57cf477ea5720..d7959f650ade4 100644 --- a/kubernetes/main/apps/observability/kustomization.yaml +++ b/kubernetes/main/apps/observability/kustomization.yaml @@ -12,8 +12,8 @@ resources: - ./kromgo/ks.yaml - ./kube-prometheus-stack/ks.yaml - ./loki/ks.yaml - - ./prometheus-operator-crds/ks.yaml - ./promtail/ks.yaml + - ./silence-operator/ks.yaml - ./smartctl-exporter/ks.yaml - ./snmp-exporter/ks.yaml - ./unpoller/ks.yaml diff --git a/kubernetes/main/apps/observability/prometheus-operator-crds/ks.yaml b/kubernetes/main/apps/observability/prometheus-operator-crds/ks.yaml deleted file mode 100644 index 76d2ab43786d6..0000000000000 --- a/kubernetes/main/apps/observability/prometheus-operator-crds/ks.yaml +++ /dev/null @@ -1,20 +0,0 @@ ---- -# yaml-language-server: $schema=https://kubernetes-schemas.pages.dev/kustomize.toolkit.fluxcd.io/kustomization_v1.json -apiVersion: kustomize.toolkit.fluxcd.io/v1 -kind: Kustomization -metadata: - name: &app prometheus-operator-crds - namespace: flux-system -spec: - targetNamespace: observability - commonMetadata: - labels: - app.kubernetes.io/name: *app - path: ./kubernetes/main/apps/observability/prometheus-operator-crds/app - prune: false # never should be deleted - sourceRef: - kind: GitRepository - name: home-kubernetes - wait: false - interval: 30m - timeout: 5m diff --git a/kubernetes/main/apps/observability/silence-operator/app/helmrelease.yaml b/kubernetes/main/apps/observability/silence-operator/app/helmrelease.yaml new file mode 100644 index 0000000000000..d05d62c6983ff --- /dev/null +++ b/kubernetes/main/apps/observability/silence-operator/app/helmrelease.yaml @@ -0,0 +1,76 @@ +--- +# yaml-language-server: $schema=https://kubernetes-schemas.pages.dev/helm.toolkit.fluxcd.io/helmrelease_v2.json +apiVersion: helm.toolkit.fluxcd.io/v2 +kind: HelmRelease +metadata: + name: silence-operator +spec: + interval: 30m + chart: + spec: + chart: silence-operator + version: 0.0.7 + sourceRef: + kind: HelmRepository + name: wiremind + namespace: flux-system + install: + remediation: + retries: 3 + upgrade: + cleanupOnFail: true + remediation: + strategy: rollback + retries: 3 + dependsOn: + - name: silence-operator-crds + namespace: observability + values: + image: + name: quay.io/giantswarm/silence-operator + operator: + config: + alertmanager: + address: http://kube-prometheus-stack-alertmanager:9093 + rbac: + create: true + extraDeploy: + - apiVersion: monitoring.giantswarm.io/v1alpha1 + kind: Silence + metadata: + name: ceph-node-nfsmount-diskspace-warning + namespace: observability + spec: + matchers: + - name: alertname + value: CephNodeDiskspaceWarning + isRegex: false + - name: mountpoint + value: /etc/nfsmount.conf + isRegex: false + - apiVersion: monitoring.giantswarm.io/v1alpha1 + kind: Silence + metadata: + name: ceph-node-local-diskspace-warning + namespace: observability + spec: + matchers: + - name: alertname + value: CephNodeDiskspaceWarning + isRegex: false + - name: device + value: /dev/sd.* + isRegex: true + - apiVersion: monitoring.giantswarm.io/v1alpha1 + kind: Silence + metadata: + name: expanse-memory-high-utilization + namespace: observability + spec: + matchers: + - name: alertname + value: NodeMemoryHighUtilization + isRegex: false + - name: instance + value: expanse.internal:9100 + isRegex: false diff --git a/kubernetes/main/apps/observability/silence-operator/app/kustomization.yaml b/kubernetes/main/apps/observability/silence-operator/app/kustomization.yaml new file mode 100644 index 0000000000000..17cbc72b25c80 --- /dev/null +++ b/kubernetes/main/apps/observability/silence-operator/app/kustomization.yaml @@ -0,0 +1,6 @@ +--- +# yaml-language-server: $schema=https://json.schemastore.org/kustomization +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization +resources: + - ./helmrelease.yaml diff --git a/kubernetes/main/apps/observability/silence-operator/crds/helmrelease.yaml b/kubernetes/main/apps/observability/silence-operator/crds/helmrelease.yaml new file mode 100644 index 0000000000000..d8aaf5afc5d25 --- /dev/null +++ b/kubernetes/main/apps/observability/silence-operator/crds/helmrelease.yaml @@ -0,0 +1,24 @@ +--- +# yaml-language-server: $schema=https://kubernetes-schemas.pages.dev/helm.toolkit.fluxcd.io/helmrelease_v2.json +apiVersion: helm.toolkit.fluxcd.io/v2 +kind: HelmRelease +metadata: + name: silence-operator-crds +spec: + interval: 30m + chart: + spec: + chart: silence-operator-crds + version: 0.0.2 + sourceRef: + kind: HelmRepository + name: wiremind + namespace: flux-system + install: + remediation: + retries: 3 + upgrade: + cleanupOnFail: true + remediation: + strategy: rollback + retries: 3 diff --git a/kubernetes/main/apps/observability/silence-operator/crds/kustomization.yaml b/kubernetes/main/apps/observability/silence-operator/crds/kustomization.yaml new file mode 100644 index 0000000000000..17cbc72b25c80 --- /dev/null +++ b/kubernetes/main/apps/observability/silence-operator/crds/kustomization.yaml @@ -0,0 +1,6 @@ +--- +# yaml-language-server: $schema=https://json.schemastore.org/kustomization +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization +resources: + - ./helmrelease.yaml diff --git a/kubernetes/main/apps/observability/silence-operator/ks.yaml b/kubernetes/main/apps/observability/silence-operator/ks.yaml new file mode 100644 index 0000000000000..c7fc7b31157fd --- /dev/null +++ b/kubernetes/main/apps/observability/silence-operator/ks.yaml @@ -0,0 +1,40 @@ +--- +# yaml-language-server: $schema=https://kubernetes-schemas.pages.dev/kustomize.toolkit.fluxcd.io/kustomization_v1.json +apiVersion: kustomize.toolkit.fluxcd.io/v1 +kind: Kustomization +metadata: + name: &app silence-operator + namespace: flux-system +spec: + targetNamespace: observability + commonMetadata: + labels: + app.kubernetes.io/name: *app + path: ./kubernetes/main/apps/observability/silence-operator/app + prune: true + sourceRef: + kind: GitRepository + name: home-kubernetes + wait: false + interval: 30m + timeout: 15m +--- +# yaml-language-server: $schema=https://kubernetes-schemas.pages.dev/kustomize.toolkit.fluxcd.io/kustomization_v1.json +apiVersion: kustomize.toolkit.fluxcd.io/v1 +kind: Kustomization +metadata: + name: &app silence-operator-crds + namespace: flux-system +spec: + targetNamespace: observability + commonMetadata: + labels: + app.kubernetes.io/name: *app + path: ./kubernetes/main/apps/observability/silence-operator/crds + prune: false # never should be deleted + sourceRef: + kind: GitRepository + name: home-kubernetes + wait: false + interval: 30m + timeout: 5m diff --git a/kubernetes/main/bootstrap/apps/helmfile.yaml b/kubernetes/main/bootstrap/apps/helmfile.yaml index fcf8d6a310e03..788baab738e6d 100644 --- a/kubernetes/main/bootstrap/apps/helmfile.yaml +++ b/kubernetes/main/bootstrap/apps/helmfile.yaml @@ -22,7 +22,7 @@ repositories: url: https://postfinance.github.io/kubelet-csr-approver releases: - - name: prometheus-operator-crds + - name: kube-prometheus-stack-crds namespace: observability chart: oci://ghcr.io/prometheus-community/charts/prometheus-operator-crds version: 17.0.2 @@ -32,7 +32,7 @@ releases: chart: cilium/cilium version: 1.16.5 values: ["../../apps/kube-system/cilium/app/helm-values.yaml"] - needs: ["observability/prometheus-operator-crds"] + needs: ["observability/kube-prometheus-stack-crds"] - name: coredns namespace: kube-system diff --git a/kubernetes/shared/repos/helm/kustomization.yaml b/kubernetes/shared/repos/helm/kustomization.yaml index bc8e9d826b734..0cba55de48819 100644 --- a/kubernetes/shared/repos/helm/kustomization.yaml +++ b/kubernetes/shared/repos/helm/kustomization.yaml @@ -32,4 +32,5 @@ resources: - ./rook-ceph.yaml - ./spegel.yaml - ./stakater.yaml - - ./stevehipwell.yaml + # - ./stevehipwell.yaml + - ./wiremind.yaml diff --git a/kubernetes/shared/repos/helm/wiremind.yaml b/kubernetes/shared/repos/helm/wiremind.yaml new file mode 100644 index 0000000000000..52b242595190c --- /dev/null +++ b/kubernetes/shared/repos/helm/wiremind.yaml @@ -0,0 +1,10 @@ +--- +# yaml-language-server: $schema=https://kubernetes-schemas.pages.dev/source.toolkit.fluxcd.io/helmrepository_v1.json +apiVersion: source.toolkit.fluxcd.io/v1 +kind: HelmRepository +metadata: + name: wiremind + namespace: flux-system +spec: + interval: 2h + url: https://wiremind.github.io/wiremind-helm-charts/ From ab46a856d9e7ca6dead32d05a62de2a9bcc15834 Mon Sep 17 00:00:00 2001 From: Devin Buhl Date: Mon, 30 Dec 2024 10:48:20 -0500 Subject: [PATCH 10/72] fix(silence-operator): depend on kps Signed-off-by: Devin Buhl --- .../apps/observability/silence-operator/app/helmrelease.yaml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/kubernetes/main/apps/observability/silence-operator/app/helmrelease.yaml b/kubernetes/main/apps/observability/silence-operator/app/helmrelease.yaml index d05d62c6983ff..098bf543f4f93 100644 --- a/kubernetes/main/apps/observability/silence-operator/app/helmrelease.yaml +++ b/kubernetes/main/apps/observability/silence-operator/app/helmrelease.yaml @@ -23,6 +23,8 @@ spec: strategy: rollback retries: 3 dependsOn: + - name: kube-prometheus-stack + namespace: observability - name: silence-operator-crds namespace: observability values: From 7d6f0e6fe18d458a68036bf7ed7f880295cd65fc Mon Sep 17 00:00:00 2001 From: "bot-ross[bot]" <98030736+bot-ross[bot]@users.noreply.github.com> Date: Mon, 30 Dec 2024 13:50:17 -0500 Subject: [PATCH 11/72] =?UTF-8?q?feat(helm):=20update=20ingress-nginx=20(?= =?UTF-8?q?=204.11.3=20=E2=86=92=204.12.0=20)=20(#8577)?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Co-authored-by: bot-ross[bot] <98030736+bot-ross[bot]@users.noreply.github.com> Co-authored-by: Devin Buhl --- kubernetes/main/apps/network/nginx/external/helmrelease.yaml | 5 +++-- kubernetes/main/apps/network/nginx/internal/helmrelease.yaml | 5 +++-- 2 files changed, 6 insertions(+), 4 deletions(-) diff --git a/kubernetes/main/apps/network/nginx/external/helmrelease.yaml b/kubernetes/main/apps/network/nginx/external/helmrelease.yaml index 32a93bbc7c2d5..eb4a3e4b403b5 100644 --- a/kubernetes/main/apps/network/nginx/external/helmrelease.yaml +++ b/kubernetes/main/apps/network/nginx/external/helmrelease.yaml @@ -9,7 +9,7 @@ spec: chart: spec: chart: ingress-nginx - version: 4.11.3 + version: 4.12.0 sourceRef: kind: HelmRepository name: ingress-nginx @@ -40,8 +40,9 @@ spec: - key: ingress-class operator: In values: ["external"] - allowSnippetAnnotations: true config: + allow-snippet-annotations: true + annotations-risk-level: Critical block-user-agents: "AdsBot-Google,Amazonbot,anthropic-ai,Applebot-Extended,Bytespider,CCBot,ChatGPT-User,ClaudeBot,Claude-Web,cohere-ai,Diffbot,FacebookBot,FriendlyCrawler,Google-Extended,GoogleOther,GPTBot,img2dataset,omgili,omgilibot,peer39_crawler,peer39_crawler/1.0,PerplexityBot,YouBot," # taken from https://github.com/ai-robots-txt/ai.robots.txt client-body-buffer-size: 100M client-body-timeout: 120 diff --git a/kubernetes/main/apps/network/nginx/internal/helmrelease.yaml b/kubernetes/main/apps/network/nginx/internal/helmrelease.yaml index bf4ae9b8d5b17..19e01c6f42495 100644 --- a/kubernetes/main/apps/network/nginx/internal/helmrelease.yaml +++ b/kubernetes/main/apps/network/nginx/internal/helmrelease.yaml @@ -9,7 +9,7 @@ spec: chart: spec: chart: ingress-nginx - version: 4.11.3 + version: 4.12.0 sourceRef: kind: HelmRepository name: ingress-nginx @@ -40,8 +40,9 @@ spec: - key: ingress-class operator: In values: ["internal"] - allowSnippetAnnotations: true config: + allow-snippet-annotations: true + annotations-risk-level: Critical block-user-agents: "AdsBot-Google,Amazonbot,anthropic-ai,Applebot-Extended,Bytespider,CCBot,ChatGPT-User,ClaudeBot,Claude-Web,cohere-ai,Diffbot,FacebookBot,FriendlyCrawler,Google-Extended,GoogleOther,GPTBot,img2dataset,omgili,omgilibot,peer39_crawler,peer39_crawler/1.0,PerplexityBot,YouBot," # taken from https://github.com/ai-robots-txt/ai.robots.txt client-body-buffer-size: 100M client-body-timeout: 120 From 970fd6a0c1061f8445ad74cb2ab7a9ba1fdd69cf Mon Sep 17 00:00:00 2001 From: Devin Buhl Date: Mon, 30 Dec 2024 14:13:11 -0500 Subject: [PATCH 12/72] fix(talos): default service discovery and reboot (#8578) --- kubernetes/main/talos/192.168.42.10.sops.yaml.j2 | 9 --------- kubernetes/main/talos/192.168.42.11.sops.yaml.j2 | 9 --------- kubernetes/main/talos/192.168.42.12.sops.yaml.j2 | 9 --------- 3 files changed, 27 deletions(-) diff --git a/kubernetes/main/talos/192.168.42.10.sops.yaml.j2 b/kubernetes/main/talos/192.168.42.10.sops.yaml.j2 index 0f7a6d0a7e1e9..bbd83cbfece56 100644 --- a/kubernetes/main/talos/192.168.42.10.sops.yaml.j2 +++ b/kubernetes/main/talos/192.168.42.10.sops.yaml.j2 @@ -158,8 +158,6 @@ cluster: key: ENC[AES256_GCM,data:akOr7oagliAbfUX3mdd+D6Tn/7eME8v+3ls7/ja4zI0xltAdvh9pq4UL9PpAWiVOKE3jNC5vJHmMVCtJZRsIdt+kJbEBuRKX/bd6W4DXkd6Ri/cXikBkF0SSSrXME1L33UmrNcOT4jFGCsr3Qy10gIjalpmvI0bIHZxF0wFs2YWZneMbeLR+58GVUsFueEHSrnnVKkpd2ZPUM5w38RoQHfoWv8R7/T13dXofa9aSgPZ8HQ63NZF/8GslF6/82R22MWSLdXUHoUQhsSUmHbhDLQ5aSfGWMIiU2klmYI6kb48yTtm+9B5Xd0A4NtXTZQ8uBhkB/GGzmTJyx+vKmtPS2VFQGJpLh2IkaicVqr/GAc+r74Ahdxg4Vz5B0ueEFACew7plCAGUUz6UJ/tE++hy8w==,iv:3FbFJ09BPXA++YhtHbOuyR9tBziGFnKnazUX1sVklzM=,tag:bE6473jL29Xrx2I+MFvghA==,type:str] apiServer: image: registry.k8s.io/kube-apiserver:{{ ENV.KUBERNETES_VERSION }} - extraArgs: - feature-gates: AuthorizeNodeWithSelectors=false certSANs: ["127.0.0.1", "192.168.42.120"] disablePodSecurityPolicy: true auditPolicy: @@ -194,13 +192,6 @@ cluster: - maxSkew: 1 topologyKey: kubernetes.io/hostname whenUnsatisfiable: ScheduleAnyway - discovery: - enabled: true - registries: - kubernetes: - disabled: false - service: - disabled: true etcd: ca: crt: ENC[AES256_GCM,data:CNnfhUYEwXqryrg/k6F9LCethTV5mC5u+6h5wR0VNJIpTEuQCLuSXnLGOyzwpb7Vh1ppQ9484vRISG1daIbUwuISnIZ8E840wxTaMFC8yGTQW3LszwgQ6P/DGznJXbEaEDxLLj7E3hpxVivV7RW5YFo4pybhCGah7VA47Z3GAIxszl3Qh5MZmCPB2V8GUnURIgxl60wiZUGoAriTFzIJWfB0SXIcwUM09vT0g0AQW1nCqisISKYT09+Q5fdKs2AhKRc8LD6I1CNoXnzuQc0BenFt6oKCbzMnickjpLf2JWbO5V5hFCdigtAWUFqKgAJHA1fds1ehVkoO2cORe4a6igmC1Y9fCFSjuaDM91dtb75uPYu0nRzblyT67qGdE5T/TWzdO5UStccUXHJJxwHTtdK8NLOhO5kgOcLp2zmT27v3SglLm//EvSYyMhph19tkH7grDn2bUbt2PkqUrg7bf3GR4NE2AQ8ehnJ791FFAx5buUgDbodJMb+B4212HF++BD8NXDZVozuDAiaGtkTnwDT3RWzcm1F2RsGUpZDrs/Vr97W1W64ektxO8eGSXujRO8LhaPhcDb1J8gnqKGFo9xas3Gy0cDwRo1NG2svPdmsSDs5glQuBy/bcw3BLIkZPBW9M2xA9YlfjYSQkhJSjXLtO3wPjoX2YsgnmEskinOMl7fKa16Qe4Wg3aKbbGyPDePw4ZBr3MLUVMODHWAtQhOKpHl2Q+PBDgcBsHde49jHLA3iIQb4ic9AGCtcOiBkwrmPfwGA6/3Kq3R0cfw4Kmb/Uf8+t9nJl0mQVcq593fLLUjdPgXKQYQKUDx7oAP3c/PTVbBtXFPU1VVnXYiaZnvCwOkU7NVAmOaJPdNK4BocEB3lPbjAQYPDsCi28vfYVexOsywPOrCP5ucs8xT5Y5SZESbVLUsWs/TGOUbLI4x0fySK0rcwOWNMIlh8/6bhLlVb9Tsxp9NbhaTzUBAI9ED39Spk98TRCI4zruKoRCaaZCGzTcYuuizvW/Gp3/lFYNjZBbQ==,iv:pAf/7pi0GxQJRPzJJxN4qrrHzOWwu8+YSOZH+JWJlqo=,tag:xTU2uxtrpTDDyiqkoVmkVw==,type:str] diff --git a/kubernetes/main/talos/192.168.42.11.sops.yaml.j2 b/kubernetes/main/talos/192.168.42.11.sops.yaml.j2 index b495bbc11ebf8..38c15cad4a4f3 100644 --- a/kubernetes/main/talos/192.168.42.11.sops.yaml.j2 +++ b/kubernetes/main/talos/192.168.42.11.sops.yaml.j2 @@ -158,8 +158,6 @@ cluster: key: ENC[AES256_GCM,data:kZGwFVh9SyraDajIKpda6j4d+FE6nr0FhgL2HD7hezMk1DkkINqZ5BEARzviQfJuw1o2GB2AK7Du5sv5N48bUDp6w6KpGOoU7UL/tTABrOVw7VOye9gB1aBqb/sHRlX2osrAbdBHiepm9tk81OVpCwptBM6zmSoOXX84IWI37g08vfdGZjBXZ6dAD3vgHzSAsNFaEzhVTfsP1nw12FrxHh/Xu/OLSE5lPKI8xVyRvQ7pueyoLVjNbTNZg3akboh5h3FHT39sUu7rqn2N3iBMAGlIg3gWASOq/KA0uFH1cjWoikzMXqS/FMI466LaGuzNWDuQcg+0VRO0ZZ7NoroKgNbxqW2Lxlb/T2XDpj5hRgyHEh7cbpaVlC2WOdCSQxakctpQzCHj6iCovq0ZtTzGgQ==,iv:lEpxqom+Q6cMn7JfliqaQFwc1hizXN1f9pUXgvh456A=,tag:+5aXImcQSafJtSZtpsWkzQ==,type:str] apiServer: image: registry.k8s.io/kube-apiserver:{{ ENV.KUBERNETES_VERSION }} - extraArgs: - feature-gates: AuthorizeNodeWithSelectors=false certSANs: ["127.0.0.1", "192.168.42.120"] disablePodSecurityPolicy: true auditPolicy: @@ -194,13 +192,6 @@ cluster: - maxSkew: 1 topologyKey: kubernetes.io/hostname whenUnsatisfiable: ScheduleAnyway - discovery: - enabled: true - registries: - kubernetes: - disabled: false - service: - disabled: true etcd: ca: crt: ENC[AES256_GCM,data:erPRg81zCtvLfmWTzCtaAtS5X7xk5EmKFM9+o8RFy2le4iJm4bbpiFWBuu/TWdEjJkFJbv454TsaBEwDvuX3q/mXFZrv50o1YMBH7COG5YNiq/Ppd9qUi3rfEPJD2ptsnYVgEdMkocRgBVyvF71a7pvMSG9KCpLPrt4IvctQgMylwsjtpBIWCfEjjyAGHS6JgnsUeVA7N3/01prApXbIhrGeReLWz5veM4Zvzr3Psi6Wib6AuGZXC+SxOFhDH3MWOSsKsZI57hMKeCyHQ/0i82EqzoDQQ5irxiL1e14hrZ8+lBVpkldamqY4h4z4hGa9tR3iAd1AdrNO9giujZmq6ANlpTzMCRD+OpUmzckifiAsDDiuBZMtY/nQvXIpDZ8APxuEo5ykbNxD00QFJ335ArICngygfUDivrTAF/dXlDOuaDVHuqfvtE31cg7BNhF6NOV46hc1Be55m9C0ZnoGpYkz/nmLYgGhFhAWoWNFnSKXMmU0foyyyJaUIPjC3DlN3lJyUYTUuEfE5aKx+omLdh5LbrnaJDBED9tk712i0jAJ5oDCRObgTPktSrkDEPQFMmzJthiaS9J8DJse3SWKWuhl4oANZNT0llIPG16e/psZ7ygnkYLMXprqckc1HBO+Y35Pap6fOwUHruS9VfUREs0bCT2iow8TLJn2Uy0+OWEXo1dRZQ3/vN7BVpACGrUc+jcjFjPLtYUlAiYpV8jzHOs8uGGmjEiMg4P4iNRK20ve3/70mlTuUKcvg3oOilDGkMxjYpN1jEaqBVgPv0VXjCWzSJlqWOVzoJCE0o9wZ329HJTZtHtqGT0OSsaHx/CyIV2txMUTGDcdPkkLy/l3zueoS6fi4d/CC+uCIylBF53z2Iael4iHpJTjTixdU79kUF4ig7fvK9WawEd/grlJqyLoFN/M69EaondVKXsmPAyYgLoIezpja/HBNp69oOl1g0lx//Q1fTo3YMc/rW1I8PfGMqBH4avUcpymm5FzTI3x7259IqDGn5iH+G6f16XpASpj9Q==,iv:2wHeRnSxM9J7Pv3s0U8BAL2MM8/UbYLBnBLRS0qHqgY=,tag:ST6UyC1VWNh2id9VMZ9KGg==,type:str] diff --git a/kubernetes/main/talos/192.168.42.12.sops.yaml.j2 b/kubernetes/main/talos/192.168.42.12.sops.yaml.j2 index 3969fee6c5319..592f4f1f845cc 100644 --- a/kubernetes/main/talos/192.168.42.12.sops.yaml.j2 +++ b/kubernetes/main/talos/192.168.42.12.sops.yaml.j2 @@ -158,8 +158,6 @@ cluster: key: ENC[AES256_GCM,data:h7iur1YK24hF9etfo6IvT7bXzfjMTuj/YMVIXn9N1YMfCX3KDig6FJrZxfUspz3vfbfUpFM9xeAdFoK5DtQ3nCv/ZqlZk9oP2kq3AMXPzhlMsENI+DyLx+BaK/GKvPCtmHC8DdjE7u9kx8zfKB4wDKKjrCXE4YMMQ2q6+7NEUMUnWhwPSGPzZQD6AZR1KC03Ip9N7n2C2lwzNy3DriVZu/m4cq0qw9AxHH4FlWznoHj+I6OgJ9/Sn+EyyCMkFuUD32dzAsmhtcK0BuL6uBwN5p++xG4GpQCAyOd1fjeXHCpFzG2FAZrkCzPv6FT4IgkAMswUu07G8IFpZVpqhaGONJDDg7xUHpLBKrEpOrC2JKk7x2pmYo6/QdJ9Maq+Rdh6khhbINJCrFWGiMq+/HfxRQ==,iv:PAS7TMVFiZ3WNZwp1boLDzSS79yttBYz/9p5gCUHCps=,tag:jip1CNc5W4UqOsayAi9ymw==,type:str] apiServer: image: registry.k8s.io/kube-apiserver:{{ ENV.KUBERNETES_VERSION }} - extraArgs: - feature-gates: AuthorizeNodeWithSelectors=false certSANs: ["127.0.0.1", "192.168.42.120"] disablePodSecurityPolicy: true auditPolicy: @@ -194,13 +192,6 @@ cluster: - maxSkew: 1 topologyKey: kubernetes.io/hostname whenUnsatisfiable: ScheduleAnyway - discovery: - enabled: true - registries: - kubernetes: - disabled: false - service: - disabled: true etcd: ca: crt: ENC[AES256_GCM,data:XMzaRa4h4Ynakf28Shxbc9ltXkb9jRaVmeJ5+M5bObjRp5xARsuY0frE1Q5EM3Y4ee6yEps6MkC1QirWIx/xVT47/NOu7kAw4S9cBwofnRxpeZf0rI1zIJQKervYam43CxczcyV/xUQ1HLdcSWuBEpuTvfEPY75eDR1YiozXs85KKN9soW2FI8vO/76iNFQIsI+gf3qULgXH57Be3VLCVUzRMUUQweAQEqv+6wuK5S+VflLMTjE8Ei3g1xn1TW7ClH0DQso+xlhuYFXoGf22mfwF4E7u2uX1IyxTtoxAgE6gRmqTbp68B2jq02EAfA4BCiGsRD+53JU0RD2Sg6blBGybPGZQz92+xSf1KdZJLg3seYm2sbhYhDcPgSV4+Le3PUJxvK3IwAUtS+Q/992h6vww9wGH0M18ZwQhiniWG68rEmJmTHNsqGVkJbJh0sVRIqh99v0ZlwKfgA8DWexHM/tBwZpYNpRaE+/HkNUTdktTLfQm3UF/jSFgOCIWx+3zg4VVDCxf0VvSuG/Dh6UQ1PfJLmNJDr2M3A9iyuOtF4E9ijeFJpiOQK1P/t9U1dk8m/JcNuGbJPevN/I4cuMQNtf/dSmJccA9rtzNJlV+po8+1HhNIaMH5tHiD5uboZn4tMyeHpj6/2jncAsNNkzg7rP286ACglDJUJ+2bK24nyE5l+eyRr+P6IIT3KoTIgEWJl2Ad/+RuY2DCMxg3IpndF5zONtfXGI/fSKBm5wLyPMYJcLDenaPZEf0qzTRTWQFfGQot3B7DeQB1IRE5e0RyqCvtUfdchtSxMlxYwW93zU1a2TJNqf+0Xk9KqXpJYGqi8KAkTksbEAcUpxXlwh9+twxfeeyk5AJ/u9HuY/5uG439xIzywAnXslyO4VFDDRCn3uFkJTcEjizQkfFBouo/HvBoMOc7Yg2swWI9OinlY8d5KJPSwzozmfTDJ7x2lR2nWdJdlXnpJ9zgJPUHdz4Rjnbk4+q8tEDSMkVjgrM5FXPTN95bq21zyYRxEQp5bgWvMHAtw==,iv:u4Yku38S8cbWrf/pm0W/f+KrFHs1v/Hy08vbi2nKrlg=,tag:EoeZbmB8ICJV08ewizPDYQ==,type:str] From 648822d5613db2a5bdf57cbe4819dbe97b3fecfd Mon Sep 17 00:00:00 2001 From: "bot-ross[bot]" <98030736+bot-ross[bot]@users.noreply.github.com> Date: Mon, 30 Dec 2024 16:29:14 -0500 Subject: [PATCH 13/72] =?UTF-8?q?fix(container):=20update=20docker.io/fall?= =?UTF-8?q?enbagel/jellyseerr=20(=202.2.2=20=E2=86=92=202.2.3=20)=20(#8579?= =?UTF-8?q?)?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Co-authored-by: bot-ross[bot] <98030736+bot-ross[bot]@users.noreply.github.com> --- kubernetes/main/apps/default/jellyseerr/app/helmrelease.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/kubernetes/main/apps/default/jellyseerr/app/helmrelease.yaml b/kubernetes/main/apps/default/jellyseerr/app/helmrelease.yaml index 70e702c57b236..dfbfb19748a86 100644 --- a/kubernetes/main/apps/default/jellyseerr/app/helmrelease.yaml +++ b/kubernetes/main/apps/default/jellyseerr/app/helmrelease.yaml @@ -34,7 +34,7 @@ spec: app: image: repository: docker.io/fallenbagel/jellyseerr - tag: 2.2.2@sha256:fe72f4b341fa5c3275826a39aebfff23cbd552c956b0ab2d51dfba6a49b528f8 + tag: 2.2.3@sha256:a324fa4d81cce73116801bee3c50b632f3457c0ca0ad31aa692c640e22f50dea env: TZ: America/New_York LOG_LEVEL: "info" From 9b27dc3a540bcccfd625579a7b4c54b996dd08b5 Mon Sep 17 00:00:00 2001 From: Devin Buhl Date: Mon, 30 Dec 2024 17:15:54 -0500 Subject: [PATCH 14/72] feat(arc): use kubernetes mode Signed-off-by: Devin Buhl --- .taskfiles/kubernetes/Taskfile.yaml | 14 ++++++++++++++ .../gha-runner-scale-set/app/helmrelease.yaml | 13 +++++++++++-- 2 files changed, 25 insertions(+), 2 deletions(-) diff --git a/.taskfiles/kubernetes/Taskfile.yaml b/.taskfiles/kubernetes/Taskfile.yaml index 1cda160b6b6fa..ecf40d98f8b77 100644 --- a/.taskfiles/kubernetes/Taskfile.yaml +++ b/.taskfiles/kubernetes/Taskfile.yaml @@ -59,3 +59,17 @@ tasks: vars: [CLUSTER] preconditions: - which kubectl + + # https://docs.github.com/en/enterprise-cloud@latest/actions/hosting-your-own-runners/managing-self-hosted-runners-with-actions-runner-controller/deploying-runner-scale-sets-with-actions-runner-controller#upgrading-arc + upgrade-arc: + desc: Upgrade the ARC [CLUSTER=main] + cmds: + - helm -n actions-runner-system uninstall gha-runner-scale-set + - helm -n actions-runner-system uninstall gha-runner-scale-set-controller + - sleep 5 + - flux -n actions-runner-system reconcile hr gha-runner-scale-set-controller + - flux -n actions-runner-system reconcile hr gha-runner-scale-set + requires: + vars: [CLUSTER] + preconditions: + - which flux helm diff --git a/kubernetes/main/apps/actions-runner-system/gha-runner-scale-set/app/helmrelease.yaml b/kubernetes/main/apps/actions-runner-system/gha-runner-scale-set/app/helmrelease.yaml index dd7eb1eceb62c..fe0b2082099a5 100644 --- a/kubernetes/main/apps/actions-runner-system/gha-runner-scale-set/app/helmrelease.yaml +++ b/kubernetes/main/apps/actions-runner-system/gha-runner-scale-set/app/helmrelease.yaml @@ -47,15 +47,22 @@ spec: minRunners: 1 maxRunners: 3 containerMode: - type: dind + type: kubernetes + kubernetesModeWorkVolumeClaim: + accessModes: ["ReadWriteOnce"] + storageClassName: ceph-block + resources: + requests: + storage: 20Gi template: spec: - automountServiceAccountToken: true containers: - name: runner image: ghcr.io/onedr0p/actions-runner:2.321.0@sha256:3665cbbcd2a3b7e1626e6100a6924d316d501650b9863a24b5639aee68bdb110 command: ["/home/runner/run.sh"] env: + - name: ACTIONS_RUNNER_REQUIRE_JOB_CONTAINER + value: "false" - name: NODE_IP valueFrom: fieldRef: @@ -64,6 +71,8 @@ spec: - mountPath: /var/run/secrets/talos.dev name: talos readOnly: true + securityContext: + fsGroup: 123 serviceAccountName: actions-runner volumes: - name: talos From a58b4e98f644ba09783925f80fa123d26e434d72 Mon Sep 17 00:00:00 2001 From: Devin Buhl Date: Mon, 30 Dec 2024 20:30:27 -0500 Subject: [PATCH 15/72] fix: gha runner depends on ceph --- .../gha-runner-scale-set/app/helmrelease.yaml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/kubernetes/main/apps/actions-runner-system/gha-runner-scale-set/app/helmrelease.yaml b/kubernetes/main/apps/actions-runner-system/gha-runner-scale-set/app/helmrelease.yaml index fe0b2082099a5..93384afb58156 100644 --- a/kubernetes/main/apps/actions-runner-system/gha-runner-scale-set/app/helmrelease.yaml +++ b/kubernetes/main/apps/actions-runner-system/gha-runner-scale-set/app/helmrelease.yaml @@ -27,6 +27,8 @@ spec: dependsOn: - name: gha-runner-scale-set-controller namespace: actions-runner-system + - name: rook-ceph-cluster + namespace: rook-ceph valuesFrom: - targetPath: githubConfigSecret.github_app_id kind: Secret From bc58ab8e96d74656e5d8b236334c5c977aadcee9 Mon Sep 17 00:00:00 2001 From: "bot-ross[bot]" <98030736+bot-ross[bot]@users.noreply.github.com> Date: Mon, 30 Dec 2024 21:35:42 -0500 Subject: [PATCH 16/72] =?UTF-8?q?fix(container):=20update=20ghcr.io/kieran?= =?UTF-8?q?eglin/pinchflat=20(=20v2024.12.29=20=E2=86=92=20v2024.12.31=20)?= =?UTF-8?q?=20(#8580)?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Co-authored-by: bot-ross[bot] <98030736+bot-ross[bot]@users.noreply.github.com> --- kubernetes/main/apps/default/pinchflat/app/helmrelease.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/kubernetes/main/apps/default/pinchflat/app/helmrelease.yaml b/kubernetes/main/apps/default/pinchflat/app/helmrelease.yaml index 1d61b3a6873db..be4ae5ea149a7 100644 --- a/kubernetes/main/apps/default/pinchflat/app/helmrelease.yaml +++ b/kubernetes/main/apps/default/pinchflat/app/helmrelease.yaml @@ -34,7 +34,7 @@ spec: app: image: repository: ghcr.io/kieraneglin/pinchflat - tag: v2024.12.29@sha256:934ec3d45358b306f405be3cef0a163d46c1f7b776fcf47d87add7fce62298f3 + tag: v2024.12.31@sha256:8c502e52a164c33300065884aeee76182845d5b0c32b35f720835a41f77d4de0 env: TZ: America/New_York TZ_DATA_DIR: /tmp/elixir_tz_data From d2d62c8db2be4199697ed02b239e5de62a2adbd5 Mon Sep 17 00:00:00 2001 From: "bot-ross[bot]" <98030736+bot-ross[bot]@users.noreply.github.com> Date: Tue, 31 Dec 2024 06:10:24 -0500 Subject: [PATCH 17/72] =?UTF-8?q?fix(container):=20update=20ghcr.io/onedr0?= =?UTF-8?q?p/sonarr-develop=20(=204.0.11.2804=20=E2=86=92=204.0.11.2815=20?= =?UTF-8?q?)=20(#8583)?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Co-authored-by: bot-ross[bot] <98030736+bot-ross[bot]@users.noreply.github.com> --- kubernetes/main/apps/default/sonarr/app/helmrelease.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/kubernetes/main/apps/default/sonarr/app/helmrelease.yaml b/kubernetes/main/apps/default/sonarr/app/helmrelease.yaml index 7e722ca7bf32e..2ed53c794ba0c 100644 --- a/kubernetes/main/apps/default/sonarr/app/helmrelease.yaml +++ b/kubernetes/main/apps/default/sonarr/app/helmrelease.yaml @@ -34,7 +34,7 @@ spec: app: image: repository: ghcr.io/onedr0p/sonarr-develop - tag: 4.0.11.2804@sha256:cb7d3b0cd6f465868df6b88bfa78d52899b9955ced2bf03720eccc3fba402635 + tag: 4.0.11.2815@sha256:ac6fdfaa7056044d6131f6dbeec93542585ca3b9c76f4ebd3362864c70547e6b env: SONARR__APP__INSTANCENAME: Sonarr SONARR__APP__THEME: dark From 02ba2964563a55d7e6ffea4699d1e5b85395c94a Mon Sep 17 00:00:00 2001 From: DrAg0n141 <44865095+drag0n141@users.noreply.github.com> Date: Tue, 31 Dec 2024 12:41:02 +0100 Subject: [PATCH 18/72] fix: silence-operator missing service (#8584) --- .../apps/observability/silence-operator/app/helmrelease.yaml | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/kubernetes/main/apps/observability/silence-operator/app/helmrelease.yaml b/kubernetes/main/apps/observability/silence-operator/app/helmrelease.yaml index 098bf543f4f93..2e136ab9725a4 100644 --- a/kubernetes/main/apps/observability/silence-operator/app/helmrelease.yaml +++ b/kubernetes/main/apps/observability/silence-operator/app/helmrelease.yaml @@ -33,7 +33,8 @@ spec: operator: config: alertmanager: - address: http://kube-prometheus-stack-alertmanager:9093 + service: + address: http://kube-prometheus-stack-alertmanager:9093 rbac: create: true extraDeploy: From 19db317cf12f070f390a2099f30779ab838e21d2 Mon Sep 17 00:00:00 2001 From: Devin Buhl Date: Tue, 31 Dec 2024 17:51:02 -0500 Subject: [PATCH 19/72] feat(workflows): Add matrix support for pre-pull Signed-off-by: Devin Buhl --- .github/workflows/flux-diff.yaml | 16 ++-- .github/workflows/helm-repository-sync.yaml | 5 +- .github/workflows/pre-pull-images.yaml | 89 ++++++++----------- .github/workflows/schemas.yaml | 12 ++- .../gha-runner-scale-set/app/helmrelease.yaml | 2 +- 5 files changed, 59 insertions(+), 65 deletions(-) diff --git a/.github/workflows/flux-diff.yaml b/.github/workflows/flux-diff.yaml index 8d504a573cc9c..b8139dc800b5a 100644 --- a/.github/workflows/flux-diff.yaml +++ b/.github/workflows/flux-diff.yaml @@ -47,7 +47,7 @@ jobs: path: default - name: Diff Resources - uses: docker://ghcr.io/allenporter/flux-local:v6.1.1 + uses: docker://ghcr.io/allenporter/flux-local:v7.0.0@sha256:abf237e31d20de26f8a4b08e588cc927cb0a9f0ecf90d04bada00f393b919354 with: args: >- diff ${{ matrix.resources }} @@ -65,15 +65,15 @@ jobs: run: | cat diff.patch; { - echo 'diff<> "$GITHUB_OUTPUT"; { - echo "### Diff" - echo '```diff' - cat diff.patch - echo '```' + echo "### Diff" + echo '```diff' + cat diff.patch + echo '```' } >> "$GITHUB_STEP_SUMMARY" - if: ${{ steps.diff.outputs.diff != '' }} diff --git a/.github/workflows/helm-repository-sync.yaml b/.github/workflows/helm-repository-sync.yaml index 3c23d1211478e..897ce55bf80cb 100644 --- a/.github/workflows/helm-repository-sync.yaml +++ b/.github/workflows/helm-repository-sync.yaml @@ -16,6 +16,9 @@ on: branches: ["main"] paths: ["kubernetes/**/helmrelease.yaml"] +env: + HOMEBREW_NO_ANALYTICS: "1" + jobs: sync: name: Helm Repository Sync @@ -39,7 +42,7 @@ jobs: - name: Setup Workflow Tools shell: bash - run: brew install fluxcd/tap/flux yq + run: brew install fluxcd/tap/flux - if: ${{ github.event.inputs.helmRepoNamespace == '' && github.event.inputs.helmRepoName == '' }} name: Get Changed Files diff --git a/.github/workflows/pre-pull-images.yaml b/.github/workflows/pre-pull-images.yaml index c89f2a851ee26..b20ece2f4e37d 100644 --- a/.github/workflows/pre-pull-images.yaml +++ b/.github/workflows/pre-pull-images.yaml @@ -14,14 +14,20 @@ concurrency: group: ${{ github.workflow }}-${{ github.event.number || github.ref }} cancel-in-progress: true +env: + HOMEBREW_NO_ANALYTICS: "1" + jobs: extract-images: name: Extract Images runs-on: ubuntu-latest - permissions: - pull-requests: write + strategy: + matrix: + branches: ["default", "pull"] + fail-fast: false outputs: - matrix: ${{ steps.extract-images.outputs.images }} + default: ${{ steps.extract-images.outputs.default }} + pull: ${{ steps.extract-images.outputs.pull }} steps: - name: Generate Token uses: actions/create-github-app-token@v1 @@ -30,76 +36,57 @@ jobs: app-id: "${{ secrets.BOT_APP_ID }}" private-key: "${{ secrets.BOT_APP_PRIVATE_KEY }}" - - name: Setup Homebrew - uses: Homebrew/actions/setup-homebrew@master - - - name: Setup Workflow Tools - shell: bash - run: brew install jo yq - - - name: Checkout Default Branch + - name: Checkout uses: actions/checkout@v4 with: token: "${{ steps.app-token.outputs.token }}" - ref: "${{ github.event.repository.default_branch }}" - path: default - - - name: Checkout Pull Request Branch - uses: actions/checkout@v4 - with: - token: "${{ steps.app-token.outputs.token }}" - path: pull - - - name: Gather Images in Default Branch - uses: docker://ghcr.io/allenporter/flux-local:v6.1.1 - with: - args: >- - get cluster - --path /github/workspace/default/kubernetes/main/flux - --enable-images - --output yaml - --output-file default.yaml + ref: "${{ matrix.branches == 'default' && github.event.repository.default_branch || '' }}" - - name: Gather Images in Pull Request Branch - uses: docker://ghcr.io/allenporter/flux-local:v6.1.1 + - name: Gather Images + uses: docker://ghcr.io/allenporter/flux-local:v7.0.0 with: args: >- get cluster - --path /github/workspace/pull/kubernetes/main/flux + --path /github/workspace/kubernetes/main/flux --enable-images --output yaml - --output-file pull.yaml - - - name: Filter Default Branch Results - shell: bash - run: | - yq -r '[.. | .images? | select(. != null)] | flatten | sort | unique | .[]' \ - default.yaml > default.txt + --output-file images.yaml - - name: Filter Pull Request Branch Results + - name: Extract Images + id: extract-images shell: bash run: | - yq -r '[.. | .images? | select(. != null)] | flatten | sort | unique | .[]' \ - pull.yaml > pull.txt + images=$(yq --indent=0 --output-format=json \ + '[.. | .images? | select(. != null)] | flatten | sort | unique' images.yaml \ + ) + echo "${{ matrix.branches }}=${images}" >> $GITHUB_OUTPUT - - name: Compare Default and Pull Request Images - id: extract-images + compare-images: + name: Compare Images + runs-on: ubuntu-latest + needs: ["extract-images"] + outputs: + images: ${{ steps.compare-images.outputs.images }} + steps: + - name: Compare Images + id: compare-images shell: bash run: | - images=$(jo -a $(grep -vf default.txt pull.txt)) + images=$(jq --compact-output --null-input \ + --argjson f1 '${{ needs.extract-images.outputs.default }}' \ + --argjson f2 '${{ needs.extract-images.outputs.pull }}' \ + '$f2 - $f1' \ + ) echo "images=${images}" >> $GITHUB_OUTPUT - echo "${images}" - echo "### Images" >> $GITHUB_STEP_SUMMARY - echo "${images}" | jq --raw-output 'to_entries[] | "* \(.value)"' >> $GITHUB_STEP_SUMMARY pre-pull-images: - if: ${{ needs.extract-images.outputs.matrix != '[]' }} + if: ${{ needs.compare-images.outputs.images != '[]' }} name: Pre-pull Images runs-on: ["gha-runner-scale-set"] - needs: ["extract-images"] + needs: ["compare-images"] strategy: matrix: - images: ${{ fromJSON(needs.extract-images.outputs.matrix) }} + images: ${{ fromJSON(needs.compare-images.outputs.images) }} max-parallel: 4 fail-fast: false steps: diff --git a/.github/workflows/schemas.yaml b/.github/workflows/schemas.yaml index 079d90d858ccf..9f9238c4b7b89 100644 --- a/.github/workflows/schemas.yaml +++ b/.github/workflows/schemas.yaml @@ -10,6 +10,10 @@ on: branches: ["main"] paths: [".github/workflows/schemas.yaml"] +env: + HOMEBREW_NO_ANALYTICS: "1" + UV_SYSTEM_PYTHON: "1" + jobs: publish: name: Schemas @@ -35,20 +39,20 @@ jobs: - name: Setup Workflow Tools shell: bash - run: brew install kubectl + run: brew install kubectl uv - name: Setup Python uses: actions/setup-python@v5 with: - python-version: 3.x + python-version: 3.13.x - name: Setup Node uses: actions/setup-node@v4 with: - node-version: 18.x + node-version: 22.x - name: Install Python Dependencies - run: pip install pyyaml + run: uv pip install pyyaml - name: Download and run crd-extractor shell: bash diff --git a/kubernetes/main/apps/actions-runner-system/gha-runner-scale-set/app/helmrelease.yaml b/kubernetes/main/apps/actions-runner-system/gha-runner-scale-set/app/helmrelease.yaml index 93384afb58156..44aa37bf18146 100644 --- a/kubernetes/main/apps/actions-runner-system/gha-runner-scale-set/app/helmrelease.yaml +++ b/kubernetes/main/apps/actions-runner-system/gha-runner-scale-set/app/helmrelease.yaml @@ -60,7 +60,7 @@ spec: spec: containers: - name: runner - image: ghcr.io/onedr0p/actions-runner:2.321.0@sha256:3665cbbcd2a3b7e1626e6100a6924d316d501650b9863a24b5639aee68bdb110 + image: ghcr.io/onedr0p/actions-runner:2.321.0@sha256:68a510e470e2c5b38ffc46e85823fdc36b721bf7af310f4d64fd93cd0e1e9184 command: ["/home/runner/run.sh"] env: - name: ACTIONS_RUNNER_REQUIRE_JOB_CONTAINER From 3c3402d873d5432a3f62cb268a8cebab56c80be1 Mon Sep 17 00:00:00 2001 From: "bot-ross[bot]" <98030736+bot-ross[bot]@users.noreply.github.com> Date: Tue, 31 Dec 2024 17:54:17 -0500 Subject: [PATCH 20/72] =?UTF-8?q?feat(container):=20update=20ghcr.io/unpol?= =?UTF-8?q?ler/unpoller=20(=20v2.11.2=20=E2=86=92=20v2.12.0=20)=20(#8587)?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Co-authored-by: bot-ross[bot] <98030736+bot-ross[bot]@users.noreply.github.com> --- .../main/apps/observability/unpoller/app/helmrelease.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/kubernetes/main/apps/observability/unpoller/app/helmrelease.yaml b/kubernetes/main/apps/observability/unpoller/app/helmrelease.yaml index 2561f3913537f..63c813cf919ef 100644 --- a/kubernetes/main/apps/observability/unpoller/app/helmrelease.yaml +++ b/kubernetes/main/apps/observability/unpoller/app/helmrelease.yaml @@ -32,7 +32,7 @@ spec: app: image: repository: ghcr.io/unpoller/unpoller - tag: v2.11.2@sha256:73b39c0b3b8fa92aa82a7613d3486253ffbd8c057833b4621402a268159bf2a2 + tag: v2.12.0@sha256:3af948dc9a6b51f1cc4ad86f0a3ba5548233baec0f40658a4761af5d4eede830 env: TZ: America/New_York UP_UNIFI_DEFAULT_ROLE: home-ops From 2627835b95baa6327337291fc50729c42c8155ec Mon Sep 17 00:00:00 2001 From: "bot-ross[bot]" <98030736+bot-ross[bot]@users.noreply.github.com> Date: Tue, 31 Dec 2024 17:54:25 -0500 Subject: [PATCH 21/72] =?UTF-8?q?feat(container):=20update=20ghcr.io/cross?= =?UTF-8?q?-seed/cross-seed=20(=206.6.0=20=E2=86=92=206.8.0=20)=20(#8581)?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Co-authored-by: bot-ross[bot] <98030736+bot-ross[bot]@users.noreply.github.com> --- kubernetes/main/apps/default/cross-seed/app/helmrelease.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/kubernetes/main/apps/default/cross-seed/app/helmrelease.yaml b/kubernetes/main/apps/default/cross-seed/app/helmrelease.yaml index 578fd9c5a75c6..051ad33cb311c 100644 --- a/kubernetes/main/apps/default/cross-seed/app/helmrelease.yaml +++ b/kubernetes/main/apps/default/cross-seed/app/helmrelease.yaml @@ -34,7 +34,7 @@ spec: app: image: repository: ghcr.io/cross-seed/cross-seed - tag: 6.6.0@sha256:9c67a3dc12beb8c4699094fbc4cc2888ebd071712a99ff252dc28d5706fcee0a + tag: 6.8.0@sha256:3e4c5818dad98f7405f5d9ed1815626e58019a49f1c60e1dcfcde6c5366fe96f env: CROSS_SEED_PORT: &port 80 TZ: America/New_York From 3e39cd948fc31de9f6398137ee8e64f265654480 Mon Sep 17 00:00:00 2001 From: "bot-ross[bot]" <98030736+bot-ross[bot]@users.noreply.github.com> Date: Tue, 31 Dec 2024 21:33:40 -0500 Subject: [PATCH 22/72] =?UTF-8?q?fix(container):=20update=20ghcr.io/cross-?= =?UTF-8?q?seed/cross-seed=20(=206.8.0=20=E2=86=92=206.8.1=20)=20(#8588)?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Co-authored-by: bot-ross[bot] <98030736+bot-ross[bot]@users.noreply.github.com> --- kubernetes/main/apps/default/cross-seed/app/helmrelease.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/kubernetes/main/apps/default/cross-seed/app/helmrelease.yaml b/kubernetes/main/apps/default/cross-seed/app/helmrelease.yaml index 051ad33cb311c..8f37c7bc4c9fe 100644 --- a/kubernetes/main/apps/default/cross-seed/app/helmrelease.yaml +++ b/kubernetes/main/apps/default/cross-seed/app/helmrelease.yaml @@ -34,7 +34,7 @@ spec: app: image: repository: ghcr.io/cross-seed/cross-seed - tag: 6.8.0@sha256:3e4c5818dad98f7405f5d9ed1815626e58019a49f1c60e1dcfcde6c5366fe96f + tag: 6.8.1@sha256:5013290eae549668c9e0eec357ba893fe38ad635f4785a5979d240a276706779 env: CROSS_SEED_PORT: &port 80 TZ: America/New_York From 898beeb1ecffae1c40e5cea5b7fb0148926df595 Mon Sep 17 00:00:00 2001 From: Devin Buhl Date: Wed, 1 Jan 2025 09:02:16 -0500 Subject: [PATCH 23/72] fix: rename mise config to .mise.toml Signed-off-by: Devin Buhl --- mise.toml => .mise.toml | 0 1 file changed, 0 insertions(+), 0 deletions(-) rename mise.toml => .mise.toml (100%) diff --git a/mise.toml b/.mise.toml similarity index 100% rename from mise.toml rename to .mise.toml From 8c13637ebd8d10d84d11a7c709cf265d642c0be8 Mon Sep 17 00:00:00 2001 From: "bot-ross[bot]" <98030736+bot-ross[bot]@users.noreply.github.com> Date: Wed, 1 Jan 2025 13:23:38 -0500 Subject: [PATCH 24/72] =?UTF-8?q?fix(container):=20update=20ghcr.io/buroa/?= =?UTF-8?q?qbtools=20(=20v0.19.12=20=E2=86=92=20v0.19.13=20)=20(#8589)?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Co-authored-by: bot-ross[bot] <98030736+bot-ross[bot]@users.noreply.github.com> --- kubernetes/main/apps/default/qbittorrent/tools/helmrelease.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/kubernetes/main/apps/default/qbittorrent/tools/helmrelease.yaml b/kubernetes/main/apps/default/qbittorrent/tools/helmrelease.yaml index ea6ff95d81c0d..07d96370da7a0 100644 --- a/kubernetes/main/apps/default/qbittorrent/tools/helmrelease.yaml +++ b/kubernetes/main/apps/default/qbittorrent/tools/helmrelease.yaml @@ -40,7 +40,7 @@ spec: tag: &container image: repository: ghcr.io/buroa/qbtools - tag: v0.19.12@sha256:4495217b2db28ed0209491419a17959cd463f521dd77b8dc9fa517fcefc40992 + tag: v0.19.13@sha256:3ce2f1ef3345921c73119921ef4d9a5070112bac6519b8d62441b73102460b81 env: QBITTORRENT_HOST: qbittorrent.default.svc.cluster.local QBITTORRENT_PORT: 80 From 02f56e76cacccb579d916989a81ae4825810a1e2 Mon Sep 17 00:00:00 2001 From: "bot-ross[bot]" <98030736+bot-ross[bot]@users.noreply.github.com> Date: Wed, 1 Jan 2025 13:23:54 -0500 Subject: [PATCH 25/72] =?UTF-8?q?fix(container):=20update=20ghcr.io/onedr0?= =?UTF-8?q?p/bazarr=20(=201.5.0=20=E2=86=92=201.5.1=20)=20(#8590)?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Co-authored-by: bot-ross[bot] <98030736+bot-ross[bot]@users.noreply.github.com> --- kubernetes/main/apps/default/bazarr/app/helmrelease.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/kubernetes/main/apps/default/bazarr/app/helmrelease.yaml b/kubernetes/main/apps/default/bazarr/app/helmrelease.yaml index c5ed23f164f48..f478b0663e295 100644 --- a/kubernetes/main/apps/default/bazarr/app/helmrelease.yaml +++ b/kubernetes/main/apps/default/bazarr/app/helmrelease.yaml @@ -34,7 +34,7 @@ spec: app: image: repository: ghcr.io/onedr0p/bazarr - tag: 1.5.0@sha256:5eb3ff2384c470fa351ff486b1b61660914a2ba144e908258cf111555a583356 + tag: 1.5.1@sha256:4f3f5f42e552979d75cf2f168d9f053134eefa11e9e42b4878bded3bb69978d4 env: TZ: America/New_York envFrom: From 89b9bfd9123a409d64f1e4fb6321ff94954e2eb9 Mon Sep 17 00:00:00 2001 From: Devin Buhl Date: Wed, 1 Jan 2025 18:39:54 -0500 Subject: [PATCH 26/72] chore: update workflows Signed-off-by: Devin Buhl --- .github/workflows/flux-diff.yaml | 2 +- .github/workflows/helm-repository-sync.yaml | 3 --- .github/workflows/pre-pull-images.yaml | 5 +---- .github/workflows/release.yaml | 1 - .github/workflows/schemas.yaml | 2 -- 5 files changed, 2 insertions(+), 11 deletions(-) diff --git a/.github/workflows/flux-diff.yaml b/.github/workflows/flux-diff.yaml index b8139dc800b5a..61ed623755a30 100644 --- a/.github/workflows/flux-diff.yaml +++ b/.github/workflows/flux-diff.yaml @@ -95,6 +95,6 @@ jobs: name: Flux Diff Successful runs-on: ubuntu-latest steps: - - if: ${{ contains(needs.*.result, 'failure') || contains(needs.*.result, 'cancelled') }} + - if: ${{ !contains(needs.*.result, 'success') }} name: Check matrix status run: exit 1 diff --git a/.github/workflows/helm-repository-sync.yaml b/.github/workflows/helm-repository-sync.yaml index 897ce55bf80cb..c5477e2677931 100644 --- a/.github/workflows/helm-repository-sync.yaml +++ b/.github/workflows/helm-repository-sync.yaml @@ -41,7 +41,6 @@ jobs: uses: Homebrew/actions/setup-homebrew@master - name: Setup Workflow Tools - shell: bash run: brew install fluxcd/tap/flux - if: ${{ github.event.inputs.helmRepoNamespace == '' && github.event.inputs.helmRepoName == '' }} @@ -54,7 +53,6 @@ jobs: - if: ${{ github.event.inputs.helmRepoNamespace == '' && github.event.inputs.helmRepoName == '' }} name: Sync Helm Repository - shell: bash run: | declare -a repos=() for f in ${{ steps.changed-files.outputs.all_changed_and_modified_files }}; do @@ -71,7 +69,6 @@ jobs: - if: ${{ github.event.inputs.helmRepoNamespace != '' && github.event.inputs.helmRepoName != '' }} name: Sync Helm Repository - shell: bash run: | flux --namespace ${{ github.event.inputs.helmRepoNamespace }} \ reconcile source helm ${{ github.event.inputs.helmRepoName }} || true diff --git a/.github/workflows/pre-pull-images.yaml b/.github/workflows/pre-pull-images.yaml index b20ece2f4e37d..7396e003e0ba9 100644 --- a/.github/workflows/pre-pull-images.yaml +++ b/.github/workflows/pre-pull-images.yaml @@ -54,7 +54,6 @@ jobs: - name: Extract Images id: extract-images - shell: bash run: | images=$(yq --indent=0 --output-format=json \ '[.. | .images? | select(. != null)] | flatten | sort | unique' images.yaml \ @@ -70,7 +69,6 @@ jobs: steps: - name: Compare Images id: compare-images - shell: bash run: | images=$(jq --compact-output --null-input \ --argjson f1 '${{ needs.extract-images.outputs.default }}' \ @@ -94,7 +92,6 @@ jobs: uses: Homebrew/actions/setup-homebrew@master - name: Setup Workflow Tools - shell: bash run: brew install siderolabs/tap/talosctl - name: Pre-pull Image @@ -107,6 +104,6 @@ jobs: name: Pre-pull Images Successful runs-on: ubuntu-latest steps: - - if: ${{ contains(needs.*.result, 'failure') || contains(needs.*.result, 'cancelled') }} + - if: ${{ !contains(needs.*.result, 'success') }} name: Check matrix status run: exit 1 diff --git a/.github/workflows/release.yaml b/.github/workflows/release.yaml index ab809acf3fe11..12e042d5336cb 100644 --- a/.github/workflows/release.yaml +++ b/.github/workflows/release.yaml @@ -25,7 +25,6 @@ jobs: token: "${{ steps.app-token.outputs.token }}" - name: Create Release - shell: bash env: GITHUB_TOKEN: "${{ steps.app-token.outputs.token }}" run: | diff --git a/.github/workflows/schemas.yaml b/.github/workflows/schemas.yaml index 9f9238c4b7b89..3c301e4e55882 100644 --- a/.github/workflows/schemas.yaml +++ b/.github/workflows/schemas.yaml @@ -38,7 +38,6 @@ jobs: uses: Homebrew/actions/setup-homebrew@master - name: Setup Workflow Tools - shell: bash run: brew install kubectl uv - name: Setup Python @@ -55,7 +54,6 @@ jobs: run: uv pip install pyyaml - name: Download and run crd-extractor - shell: bash run: | curl -fsSL -o $GITHUB_WORKSPACE/crd-extractor.sh \ https://raw.githubusercontent.com/datreeio/CRDs-catalog/main/Utilities/crd-extractor.sh From 9855d09641c555fd05524e15291e58ccb2b3dcc2 Mon Sep 17 00:00:00 2001 From: Devin Buhl Date: Wed, 1 Jan 2025 18:43:18 -0500 Subject: [PATCH 27/72] fix: increase plex pvc size Signed-off-by: Devin Buhl --- kubernetes/main/apps/default/plex/ks.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/kubernetes/main/apps/default/plex/ks.yaml b/kubernetes/main/apps/default/plex/ks.yaml index 1476d21df7ad3..bac9fd72717df 100644 --- a/kubernetes/main/apps/default/plex/ks.yaml +++ b/kubernetes/main/apps/default/plex/ks.yaml @@ -25,8 +25,8 @@ spec: substitute: APP: *app GATUS_PATH: /web/index.html - VOLSYNC_CAPACITY: 30Gi - VOLSYNC_CACHE_CAPACITY: 12Gi + VOLSYNC_CAPACITY: 50Gi + VOLSYNC_CACHE_CAPACITY: 25Gi --- # yaml-language-server: $schema=https://kubernetes-schemas.pages.dev/kustomize.toolkit.fluxcd.io/kustomization_v1.json apiVersion: kustomize.toolkit.fluxcd.io/v1 From 35cd0bfebe42117d3822dc01a5bd9bf784d58acb Mon Sep 17 00:00:00 2001 From: "bot-ross[bot]" <98030736+bot-ross[bot]@users.noreply.github.com> Date: Wed, 1 Jan 2025 20:54:13 -0500 Subject: [PATCH 28/72] =?UTF-8?q?fix(container):=20update=20ghcr.io/cross-?= =?UTF-8?q?seed/cross-seed=20(=206.8.1=20=E2=86=92=206.8.2=20)=20(#8591)?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Co-authored-by: bot-ross[bot] <98030736+bot-ross[bot]@users.noreply.github.com> --- kubernetes/main/apps/default/cross-seed/app/helmrelease.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/kubernetes/main/apps/default/cross-seed/app/helmrelease.yaml b/kubernetes/main/apps/default/cross-seed/app/helmrelease.yaml index 8f37c7bc4c9fe..7968708ecb042 100644 --- a/kubernetes/main/apps/default/cross-seed/app/helmrelease.yaml +++ b/kubernetes/main/apps/default/cross-seed/app/helmrelease.yaml @@ -34,7 +34,7 @@ spec: app: image: repository: ghcr.io/cross-seed/cross-seed - tag: 6.8.1@sha256:5013290eae549668c9e0eec357ba893fe38ad635f4785a5979d240a276706779 + tag: 6.8.2@sha256:e0cc1cdd1348c8d4ed889d8b077bf0e2a18a3ff48c6c4779e2d2ae38b5d482f4 env: CROSS_SEED_PORT: &port 80 TZ: America/New_York From 344356caee9ea05f2acf62ca0efdb0fc2990e967 Mon Sep 17 00:00:00 2001 From: Devin Buhl Date: Wed, 1 Jan 2025 23:04:57 -0500 Subject: [PATCH 29/72] feat(rook-ceph): collect RBD per-image IO statistics (#8592) --- .github/workflows/flux-diff.yaml | 2 +- .github/workflows/pre-pull-images.yaml | 2 +- .../rook-ceph/cluster/helmrelease.yaml | 22 ++++++------------- 3 files changed, 9 insertions(+), 17 deletions(-) diff --git a/.github/workflows/flux-diff.yaml b/.github/workflows/flux-diff.yaml index 61ed623755a30..b8139dc800b5a 100644 --- a/.github/workflows/flux-diff.yaml +++ b/.github/workflows/flux-diff.yaml @@ -95,6 +95,6 @@ jobs: name: Flux Diff Successful runs-on: ubuntu-latest steps: - - if: ${{ !contains(needs.*.result, 'success') }} + - if: ${{ contains(needs.*.result, 'failure') || contains(needs.*.result, 'cancelled') }} name: Check matrix status run: exit 1 diff --git a/.github/workflows/pre-pull-images.yaml b/.github/workflows/pre-pull-images.yaml index 7396e003e0ba9..acbec1561ad9c 100644 --- a/.github/workflows/pre-pull-images.yaml +++ b/.github/workflows/pre-pull-images.yaml @@ -104,6 +104,6 @@ jobs: name: Pre-pull Images Successful runs-on: ubuntu-latest steps: - - if: ${{ !contains(needs.*.result, 'success') }} + - if: ${{ contains(needs.*.result, 'failure') || contains(needs.*.result, 'cancelled') }} name: Check matrix status run: exit 1 diff --git a/kubernetes/main/apps/rook-ceph/rook-ceph/cluster/helmrelease.yaml b/kubernetes/main/apps/rook-ceph/rook-ceph/cluster/helmrelease.yaml index eefddbe979633..0b687b8d83fc0 100644 --- a/kubernetes/main/apps/rook-ceph/rook-ceph/cluster/helmrelease.yaml +++ b/kubernetes/main/apps/rook-ceph/rook-ceph/cluster/helmrelease.yaml @@ -76,19 +76,11 @@ spec: devicePathFilter: /dev/disk/by-id/nvme-Micron_7450_MTFDKBA800TFS_.* config: osdsPerDevice: "1" - placement: - mgr: &placement - nodeAffinity: - requiredDuringSchedulingIgnoredDuringExecution: - nodeSelectorTerms: - - matchExpressions: - - key: node-role.kubernetes.io/control-plane - operator: Exists - mon: *placement cephBlockPools: - name: ceph-blockpool spec: failureDomain: host + enableRBDStats: true replicated: size: 3 storageClass: @@ -103,11 +95,11 @@ spec: imageFormat: "2" imageFeatures: layering,fast-diff,object-map,deep-flatten,exclusive-lock csi.storage.k8s.io/provisioner-secret-name: rook-csi-rbd-provisioner - csi.storage.k8s.io/provisioner-secret-namespace: rook-ceph + csi.storage.k8s.io/provisioner-secret-namespace: "{{ .Release.Namespace }}" csi.storage.k8s.io/controller-expand-secret-name: rook-csi-rbd-provisioner - csi.storage.k8s.io/controller-expand-secret-namespace: rook-ceph + csi.storage.k8s.io/controller-expand-secret-namespace: "{{ .Release.Namespace }}" csi.storage.k8s.io/node-stage-secret-name: rook-csi-rbd-node - csi.storage.k8s.io/node-stage-secret-namespace: rook-ceph + csi.storage.k8s.io/node-stage-secret-namespace: "{{ .Release.Namespace }}" csi.storage.k8s.io/fstype: ext4 cephBlockPoolsVolumeSnapshotClass: enabled: true @@ -154,11 +146,11 @@ spec: volumeBindingMode: Immediate parameters: csi.storage.k8s.io/provisioner-secret-name: rook-csi-cephfs-provisioner - csi.storage.k8s.io/provisioner-secret-namespace: rook-ceph + csi.storage.k8s.io/provisioner-secret-namespace: "{{ .Release.Namespace }}" csi.storage.k8s.io/controller-expand-secret-name: rook-csi-cephfs-provisioner - csi.storage.k8s.io/controller-expand-secret-namespace: rook-ceph + csi.storage.k8s.io/controller-expand-secret-namespace: "{{ .Release.Namespace }}" csi.storage.k8s.io/node-stage-secret-name: rook-csi-cephfs-node - csi.storage.k8s.io/node-stage-secret-namespace: rook-ceph + csi.storage.k8s.io/node-stage-secret-namespace: "{{ .Release.Namespace }}" csi.storage.k8s.io/fstype: ext4 cephFileSystemVolumeSnapshotClass: enabled: true From 93144ff061d6eb79da23e3a3ea2ee21d2a1b8ae9 Mon Sep 17 00:00:00 2001 From: Devin Buhl Date: Thu, 2 Jan 2025 10:46:40 -0500 Subject: [PATCH 30/72] feat(workflows): refactor release.yaml Signed-off-by: Devin Buhl --- .github/workflows/release.yaml | 71 +++++++++++++++++++++------------- 1 file changed, 44 insertions(+), 27 deletions(-) diff --git a/.github/workflows/release.yaml b/.github/workflows/release.yaml index 12e042d5336cb..f1d7b76021c69 100644 --- a/.github/workflows/release.yaml +++ b/.github/workflows/release.yaml @@ -19,33 +19,50 @@ jobs: app-id: "${{ secrets.BOT_APP_ID }}" private-key: "${{ secrets.BOT_APP_PRIVATE_KEY }}" - - name: Checkout - uses: actions/checkout@v4 + - name: Get Previous Release Tag and Determine Next Tag + id: determine-next-tag + uses: actions/github-script@v7 with: - token: "${{ steps.app-token.outputs.token }}" + github-token: "${{ steps.app-token.outputs.token }}" + result-encoding: string + script: | + const { data: releases } = await github.rest.repos.listReleases({ + owner: context.repo.owner, + repo: context.repo.repo, + per_page: 1, + }); + + let previousTag = "0.0.0"; // Default if no previous release exists + if (releases.length > 0) { + previousTag = releases[0].tag_name; + } + + const [previousMajor, previousMinor, previousPatch] = previousTag.split('.').map(Number); + const currentYear = new Date().getFullYear(); + const currentMonth = new Date().getMonth() + 1; // Months are 0-indexed in JavaScript + + const nextMajorMinor = `${currentYear}.${currentMonth}`; + let nextPatch; + + if (`${previousMajor}.${previousMinor}` === nextMajorMinor) { + console.log("Month release already exists for the year. Incrementing patch number by 1."); + nextPatch = previousPatch + 1; + } else { + console.log("Month release does not exist for the year. Starting with patch number 0."); + nextPatch = 0; + } + + return `${nextMajorMinor}.${nextPatch}`; - name: Create Release - env: - GITHUB_TOKEN: "${{ steps.app-token.outputs.token }}" - run: | - # Retrieve previous release tag - previous_tag="$(gh release list --limit 1 | awk '{ print $1 }')" - previous_major="${previous_tag%%\.*}" - previous_minor="${previous_tag#*.}" - previous_minor="${previous_minor%.*}" - previous_patch="${previous_tag##*.}" - # Determine next release tag - next_major_minor="$(date +'%Y').$(date +'%-m')" - if [[ "${previous_major}.${previous_minor}" == "${next_major_minor}" ]]; then - echo "Month release already exists for year, incrementing patch number by 1" - next_patch="$((previous_patch + 1))" - else - echo "Month release does not exist for year, setting patch number to 0" - next_patch="0" - fi - # Create release - release_tag="${next_major_minor}.${next_patch}" - gh release create "${release_tag}" \ - --repo="${GITHUB_REPOSITORY}" \ - --title="${release_tag}" \ - --generate-notes + uses: actions/github-script@v7 + with: + github-token: "${{ steps.app-token.outputs.token }}" + script: | + await github.rest.repos.createRelease({ + owner: context.repo.owner, + repo: context.repo.repo, + tag_name: "${{ steps.determine-next-tag.outputs.result }}", + name: "${{ steps.determine-next-tag.outputs.result }}", + generate_release_notes: true, + }); From fdb40bb528f0ba5b3f3b66bcf28906f183531475 Mon Sep 17 00:00:00 2001 From: "bot-ross[bot]" <98030736+bot-ross[bot]@users.noreply.github.com> Date: Thu, 2 Jan 2025 13:11:33 -0500 Subject: [PATCH 31/72] =?UTF-8?q?feat(container):=20update=20ghcr.io/unpol?= =?UTF-8?q?ler/unpoller=20(=20v2.12.0=20=E2=86=92=20v2.13.0=20)=20(#8593)?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Co-authored-by: bot-ross[bot] <98030736+bot-ross[bot]@users.noreply.github.com> --- .../main/apps/observability/unpoller/app/helmrelease.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/kubernetes/main/apps/observability/unpoller/app/helmrelease.yaml b/kubernetes/main/apps/observability/unpoller/app/helmrelease.yaml index 63c813cf919ef..36843cf444d47 100644 --- a/kubernetes/main/apps/observability/unpoller/app/helmrelease.yaml +++ b/kubernetes/main/apps/observability/unpoller/app/helmrelease.yaml @@ -32,7 +32,7 @@ spec: app: image: repository: ghcr.io/unpoller/unpoller - tag: v2.12.0@sha256:3af948dc9a6b51f1cc4ad86f0a3ba5548233baec0f40658a4761af5d4eede830 + tag: v2.13.0@sha256:6a67e4bf86db2b0fe475f2f1247b9fe2415a745124bcea95425c70a43edb1949 env: TZ: America/New_York UP_UNIFI_DEFAULT_ROLE: home-ops From a74c78083dab141b41bc6a57bf6d808563591a09 Mon Sep 17 00:00:00 2001 From: "bot-ross[bot]" <98030736+bot-ross[bot]@users.noreply.github.com> Date: Thu, 2 Jan 2025 15:07:38 -0500 Subject: [PATCH 32/72] =?UTF-8?q?fix(container):=20update=20ghcr.io/unpoll?= =?UTF-8?q?er/unpoller=20(=20v2.13.0=20=E2=86=92=20v2.13.1=20)=20(#8595)?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Co-authored-by: bot-ross[bot] <98030736+bot-ross[bot]@users.noreply.github.com> --- .../main/apps/observability/unpoller/app/helmrelease.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/kubernetes/main/apps/observability/unpoller/app/helmrelease.yaml b/kubernetes/main/apps/observability/unpoller/app/helmrelease.yaml index 36843cf444d47..ce38bd0e66b2b 100644 --- a/kubernetes/main/apps/observability/unpoller/app/helmrelease.yaml +++ b/kubernetes/main/apps/observability/unpoller/app/helmrelease.yaml @@ -32,7 +32,7 @@ spec: app: image: repository: ghcr.io/unpoller/unpoller - tag: v2.13.0@sha256:6a67e4bf86db2b0fe475f2f1247b9fe2415a745124bcea95425c70a43edb1949 + tag: v2.13.1@sha256:2376aff5e18b8f9fdd618becc2ef668ce31deb4c0e74acc5bea88e6c20c23a39 env: TZ: America/New_York UP_UNIFI_DEFAULT_ROLE: home-ops From e892515a4db97f14c59e6546223783438cb22e47 Mon Sep 17 00:00:00 2001 From: "bot-ross[bot]" <98030736+bot-ross[bot]@users.noreply.github.com> Date: Thu, 2 Jan 2025 15:08:39 -0500 Subject: [PATCH 33/72] =?UTF-8?q?feat(helm):=20update=20rook-ceph=20group?= =?UTF-8?q?=20(=20v1.15.7=20=E2=86=92=20v1.16.1=20)=20(minor)=20(#8594)?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Co-authored-by: bot-ross[bot] <98030736+bot-ross[bot]@users.noreply.github.com> Co-authored-by: Devin Buhl --- kubernetes/main/apps/rook-ceph/rook-ceph/app/helmrelease.yaml | 3 +-- .../main/apps/rook-ceph/rook-ceph/cluster/helmrelease.yaml | 4 +--- 2 files changed, 2 insertions(+), 5 deletions(-) diff --git a/kubernetes/main/apps/rook-ceph/rook-ceph/app/helmrelease.yaml b/kubernetes/main/apps/rook-ceph/rook-ceph/app/helmrelease.yaml index 1dcdda24d8f07..3be59ff6056e8 100644 --- a/kubernetes/main/apps/rook-ceph/rook-ceph/app/helmrelease.yaml +++ b/kubernetes/main/apps/rook-ceph/rook-ceph/app/helmrelease.yaml @@ -10,7 +10,7 @@ spec: chart: spec: chart: rook-ceph - version: v1.15.7 + version: v1.16.1 sourceRef: kind: HelmRepository name: rook-ceph @@ -28,7 +28,6 @@ spec: namespace: volsync-system values: csi: - enableVolumeGroupSnapshot: false # TODO: enable this when v1beta1 CRDs are available cephFSKernelMountOptions: ms_mode=prefer-crc enableLiveness: true serviceMonitor: diff --git a/kubernetes/main/apps/rook-ceph/rook-ceph/cluster/helmrelease.yaml b/kubernetes/main/apps/rook-ceph/rook-ceph/cluster/helmrelease.yaml index 0b687b8d83fc0..7bd8ed2ba927a 100644 --- a/kubernetes/main/apps/rook-ceph/rook-ceph/cluster/helmrelease.yaml +++ b/kubernetes/main/apps/rook-ceph/rook-ceph/cluster/helmrelease.yaml @@ -10,7 +10,7 @@ spec: chart: spec: chart: rook-ceph-cluster - version: v1.15.7 + version: v1.16.1 sourceRef: kind: HelmRepository name: rook-ceph @@ -46,8 +46,6 @@ spec: bdev_async_discard = true osd_class_update_on_start = false cephClusterSpec: - cephVersion: - image: quay.io/ceph/ceph:v19.2.0 # TODO: Remove when Rook is updated >= v19.2.0 crashCollector: disable: false csi: From 33352c4e8baf5243a98116758c834422ebc41c9f Mon Sep 17 00:00:00 2001 From: Devin Buhl Date: Thu, 2 Jan 2025 17:11:36 -0500 Subject: [PATCH 34/72] feat(workflows): use release-action Signed-off-by: Devin Buhl --- .github/workflows/release.yaml | 14 ++++---------- 1 file changed, 4 insertions(+), 10 deletions(-) diff --git a/.github/workflows/release.yaml b/.github/workflows/release.yaml index f1d7b76021c69..5f95dc7cf5c67 100644 --- a/.github/workflows/release.yaml +++ b/.github/workflows/release.yaml @@ -55,14 +55,8 @@ jobs: return `${nextMajorMinor}.${nextPatch}`; - name: Create Release - uses: actions/github-script@v7 + uses: ncipollo/release-action@v1 with: - github-token: "${{ steps.app-token.outputs.token }}" - script: | - await github.rest.repos.createRelease({ - owner: context.repo.owner, - repo: context.repo.repo, - tag_name: "${{ steps.determine-next-tag.outputs.result }}", - name: "${{ steps.determine-next-tag.outputs.result }}", - generate_release_notes: true, - }); + generateReleaseNotes: true + tag: "${{ steps.determine-next-tag.outputs.result }}" + token: "${{ steps.app-token.outputs.token }}" From 126346f566ee09bce33cdd1144204350fc828c81 Mon Sep 17 00:00:00 2001 From: "bot-ross[bot]" <98030736+bot-ross[bot]@users.noreply.github.com> Date: Thu, 2 Jan 2025 20:13:30 -0500 Subject: [PATCH 35/72] =?UTF-8?q?feat(helm):=20update=20descheduler=20(=20?= =?UTF-8?q?0.31.0=20=E2=86=92=200.32.0=20)=20(#8596)?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Co-authored-by: bot-ross[bot] <98030736+bot-ross[bot]@users.noreply.github.com> --- .../main/apps/kube-system/descheduler/app/helmrelease.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/kubernetes/main/apps/kube-system/descheduler/app/helmrelease.yaml b/kubernetes/main/apps/kube-system/descheduler/app/helmrelease.yaml index cdaf203da5c09..fb5828ee71198 100644 --- a/kubernetes/main/apps/kube-system/descheduler/app/helmrelease.yaml +++ b/kubernetes/main/apps/kube-system/descheduler/app/helmrelease.yaml @@ -9,7 +9,7 @@ spec: chart: spec: chart: descheduler - version: 0.31.0 + version: 0.32.0 sourceRef: kind: HelmRepository name: descheduler From 8ec56a97a0420971907499dfdeb7bce1b6bf54c2 Mon Sep 17 00:00:00 2001 From: "bot-ross[bot]" <98030736+bot-ross[bot]@users.noreply.github.com> Date: Fri, 3 Jan 2025 06:44:44 -0500 Subject: [PATCH 36/72] =?UTF-8?q?feat(container):=20update=20kube-promethe?= =?UTF-8?q?us-stack=20(=2067.5.0=20=E2=86=92=2067.6.0=20)=20(#8597)?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Co-authored-by: bot-ross[bot] <98030736+bot-ross[bot]@users.noreply.github.com> --- .../observability/kube-prometheus-stack/app/helmrelease.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/kubernetes/main/apps/observability/kube-prometheus-stack/app/helmrelease.yaml b/kubernetes/main/apps/observability/kube-prometheus-stack/app/helmrelease.yaml index b89af00f7773a..ab51a09a56164 100644 --- a/kubernetes/main/apps/observability/kube-prometheus-stack/app/helmrelease.yaml +++ b/kubernetes/main/apps/observability/kube-prometheus-stack/app/helmrelease.yaml @@ -9,7 +9,7 @@ spec: chart: spec: chart: kube-prometheus-stack - version: 67.5.0 + version: 67.6.0 sourceRef: kind: HelmRepository name: prometheus-community From 7380bd283bdb48d3382ae769933094d8b981e8bb Mon Sep 17 00:00:00 2001 From: Devin Buhl Date: Fri, 3 Jan 2025 08:15:56 -0500 Subject: [PATCH 37/72] chore(taskfiles): add jq as deps --- .taskfiles/bootstrap/Taskfile.yaml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/.taskfiles/bootstrap/Taskfile.yaml b/.taskfiles/bootstrap/Taskfile.yaml index 038bb88de525b..289af44524050 100644 --- a/.taskfiles/bootstrap/Taskfile.yaml +++ b/.taskfiles/bootstrap/Taskfile.yaml @@ -27,7 +27,7 @@ tasks: preconditions: - talosctl config info - test -f {{.CLUSTER_DIR}}/talosconfig - - which ls minijinja-cli sops talosctl + - which jq ls minijinja-cli sops talosctl apps: desc: Bootstrap Apps [CLUSTER=main] @@ -60,7 +60,7 @@ tasks: vars: [CLUSTER, MODEL] preconditions: - test -f {{.BOOTSTRAP_RESOURCES_DIR}}/wipe-rook.yaml.j2 - - which kubectl minijinja-cli stern talosctl + - which jq kubectl minijinja-cli stern talosctl flux: desc: Bootstrap Flux [CLUSTER=main] @@ -80,4 +80,4 @@ tasks: vars: [CLUSTER] preconditions: - op user get --me - - which curl flux kubectl ls op + - which curl flux jq kubectl ls op From 4d9d63416154ec079b73ae819f89c1004ad1ff49 Mon Sep 17 00:00:00 2001 From: "bot-ross[bot]" <98030736+bot-ross[bot]@users.noreply.github.com> Date: Fri, 3 Jan 2025 09:08:25 -0500 Subject: [PATCH 38/72] =?UTF-8?q?fix(container):=20update=20ghcr.io/alexxi?= =?UTF-8?q?t/go2rtc=20(=201.9.7=20=E2=86=92=201.9.8=20)=20(#8598)?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Co-authored-by: bot-ross[bot] <98030736+bot-ross[bot]@users.noreply.github.com> --- kubernetes/main/apps/default/go2rtc/app/helmrelease.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/kubernetes/main/apps/default/go2rtc/app/helmrelease.yaml b/kubernetes/main/apps/default/go2rtc/app/helmrelease.yaml index 7c5d60a603536..a8e0e61502a76 100644 --- a/kubernetes/main/apps/default/go2rtc/app/helmrelease.yaml +++ b/kubernetes/main/apps/default/go2rtc/app/helmrelease.yaml @@ -33,7 +33,7 @@ spec: app: image: repository: ghcr.io/alexxit/go2rtc - tag: 1.9.7@sha256:41fc2431fc3c867364ab7c8d935d2bddd9736597694afd3a983fe14c175347e8 + tag: 1.9.8@sha256:eafcc3bad6c24ebc6d349c8c98a72b5cd5145d8f580452aed9fec20da9e6c6dd probes: liveness: &probes enabled: true From f57cc848eb04b1488c61d4dc9e86ed1b237fffe5 Mon Sep 17 00:00:00 2001 From: "bot-ross[bot]" <98030736+bot-ross[bot]@users.noreply.github.com> Date: Fri, 3 Jan 2025 09:08:35 -0500 Subject: [PATCH 39/72] =?UTF-8?q?feat(container):=20update=20kube-promethe?= =?UTF-8?q?us-stack=20(=2067.6.0=20=E2=86=92=2067.7.0=20)=20(#8599)?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Co-authored-by: bot-ross[bot] <98030736+bot-ross[bot]@users.noreply.github.com> --- .../observability/kube-prometheus-stack/app/helmrelease.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/kubernetes/main/apps/observability/kube-prometheus-stack/app/helmrelease.yaml b/kubernetes/main/apps/observability/kube-prometheus-stack/app/helmrelease.yaml index ab51a09a56164..76bb051aadd96 100644 --- a/kubernetes/main/apps/observability/kube-prometheus-stack/app/helmrelease.yaml +++ b/kubernetes/main/apps/observability/kube-prometheus-stack/app/helmrelease.yaml @@ -9,7 +9,7 @@ spec: chart: spec: chart: kube-prometheus-stack - version: 67.6.0 + version: 67.7.0 sourceRef: kind: HelmRepository name: prometheus-community From f662a4bc4d5e8a227d0a91dcddf6cf1c199eeeee Mon Sep 17 00:00:00 2001 From: Devin Buhl Date: Fri, 3 Jan 2025 09:15:10 -0500 Subject: [PATCH 40/72] fix(cilium): remove acceleration best-effort Signed-off-by: Devin Buhl --- kubernetes/main/apps/kube-system/cilium/app/helm-values.yaml | 1 - 1 file changed, 1 deletion(-) diff --git a/kubernetes/main/apps/kube-system/cilium/app/helm-values.yaml b/kubernetes/main/apps/kube-system/cilium/app/helm-values.yaml index e99a32e68cfd5..0785bc4063320 100644 --- a/kubernetes/main/apps/kube-system/cilium/app/helm-values.yaml +++ b/kubernetes/main/apps/kube-system/cilium/app/helm-values.yaml @@ -35,7 +35,6 @@ kubeProxyReplacementHealthzBindAddr: 0.0.0.0:10256 l2announcements: enabled: true loadBalancer: - acceleration: best-effort algorithm: maglev mode: dsr localRedirectPolicy: true From 48067e79171fe2191ef4eba3c51ae59e2f9242e8 Mon Sep 17 00:00:00 2001 From: Devin Buhl Date: Fri, 3 Jan 2025 09:37:16 -0500 Subject: [PATCH 41/72] fix(workflows): no need to fetch depth here --- .github/workflows/helm-repository-sync.yaml | 1 - 1 file changed, 1 deletion(-) diff --git a/.github/workflows/helm-repository-sync.yaml b/.github/workflows/helm-repository-sync.yaml index c5477e2677931..cfa62b15ca684 100644 --- a/.github/workflows/helm-repository-sync.yaml +++ b/.github/workflows/helm-repository-sync.yaml @@ -35,7 +35,6 @@ jobs: uses: actions/checkout@v4 with: token: "${{ steps.app-token.outputs.token }}" - fetch-depth: 0 - name: Setup Homebrew uses: Homebrew/actions/setup-homebrew@master From 15e424986e54c3aa3cb2d6744033de4e3877c89c Mon Sep 17 00:00:00 2001 From: Devin Buhl Date: Fri, 3 Jan 2025 10:00:40 -0500 Subject: [PATCH 42/72] fix(nginx): remove use-geoip2 --- kubernetes/main/apps/network/nginx/external/helmrelease.yaml | 1 - 1 file changed, 1 deletion(-) diff --git a/kubernetes/main/apps/network/nginx/external/helmrelease.yaml b/kubernetes/main/apps/network/nginx/external/helmrelease.yaml index eb4a3e4b403b5..d801789396158 100644 --- a/kubernetes/main/apps/network/nginx/external/helmrelease.yaml +++ b/kubernetes/main/apps/network/nginx/external/helmrelease.yaml @@ -67,7 +67,6 @@ spec: proxy-body-size: 0 proxy-buffer-size: 16k ssl-protocols: TLSv1.3 TLSv1.2 - use-geoip2: true use-forwarded-headers: "true" metrics: enabled: true From fe0ddd44d72a67572adc4fbd25ab0c540af35b98 Mon Sep 17 00:00:00 2001 From: "bot-ross[bot]" <98030736+bot-ross[bot]@users.noreply.github.com> Date: Fri, 3 Jan 2025 15:31:12 -0500 Subject: [PATCH 43/72] =?UTF-8?q?fix(container):=20update=20ghcr.io/cross-?= =?UTF-8?q?seed/cross-seed=20(=206.8.2=20=E2=86=92=206.8.3=20)=20(#8600)?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Co-authored-by: bot-ross[bot] <98030736+bot-ross[bot]@users.noreply.github.com> --- kubernetes/main/apps/default/cross-seed/app/helmrelease.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/kubernetes/main/apps/default/cross-seed/app/helmrelease.yaml b/kubernetes/main/apps/default/cross-seed/app/helmrelease.yaml index 7968708ecb042..b5d165e954b39 100644 --- a/kubernetes/main/apps/default/cross-seed/app/helmrelease.yaml +++ b/kubernetes/main/apps/default/cross-seed/app/helmrelease.yaml @@ -34,7 +34,7 @@ spec: app: image: repository: ghcr.io/cross-seed/cross-seed - tag: 6.8.2@sha256:e0cc1cdd1348c8d4ed889d8b077bf0e2a18a3ff48c6c4779e2d2ae38b5d482f4 + tag: 6.8.3@sha256:b7e5e0b7ac4400d4c473356bfc2cb142838ca61d30f3bb4310ae16540cfc5368 env: CROSS_SEED_PORT: &port 80 TZ: America/New_York From 264dafc92ff6f35fd8e6be84b41a9a80638a8bd7 Mon Sep 17 00:00:00 2001 From: "bot-ross[bot]" <98030736+bot-ross[bot]@users.noreply.github.com> Date: Fri, 3 Jan 2025 16:20:52 -0500 Subject: [PATCH 44/72] =?UTF-8?q?feat(container)!:=20Update=20ghcr.io/oned?= =?UTF-8?q?r0p/home-assistant=20(=202024.12.5=20=E2=86=92=202025.1.0=20)?= =?UTF-8?q?=20(#8602)?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Co-authored-by: bot-ross[bot] <98030736+bot-ross[bot]@users.noreply.github.com> --- .../main/apps/default/home-assistant/app/helmrelease.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/kubernetes/main/apps/default/home-assistant/app/helmrelease.yaml b/kubernetes/main/apps/default/home-assistant/app/helmrelease.yaml index a6a30c4e4d9bf..eb80a32b28f17 100644 --- a/kubernetes/main/apps/default/home-assistant/app/helmrelease.yaml +++ b/kubernetes/main/apps/default/home-assistant/app/helmrelease.yaml @@ -34,7 +34,7 @@ spec: app: image: repository: ghcr.io/onedr0p/home-assistant - tag: 2024.12.5@sha256:638e519c874a06389ce6f03e435dd80a6697e8692eac88b459775839410f3439 + tag: 2025.1.0@sha256:2abed005d6bfd8dbe0605bd1d9eb5380b14b657401c5c3880e4ba4fa20e636a1 env: TZ: America/New_York HASS_HTTP_TRUSTED_PROXY_1: 192.168.42.0/24 From f609b9be93cf7d8a4e2b5de4935a4ba4c904255b Mon Sep 17 00:00:00 2001 From: "bot-ross[bot]" <98030736+bot-ross[bot]@users.noreply.github.com> Date: Fri, 3 Jan 2025 16:41:33 -0500 Subject: [PATCH 45/72] =?UTF-8?q?feat(container)!:=20Update=20ghcr.io/koen?= =?UTF-8?q?kk/zigbee2mqtt=20(=201.42.0=20=E2=86=92=202.0.0=20)=20(#8601)?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Co-authored-by: bot-ross[bot] <98030736+bot-ross[bot]@users.noreply.github.com> Co-authored-by: Devin Buhl --- kubernetes/main/apps/default/zigbee/app/helmrelease.yaml | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/kubernetes/main/apps/default/zigbee/app/helmrelease.yaml b/kubernetes/main/apps/default/zigbee/app/helmrelease.yaml index 76a453c219f6e..ef54e7db7da07 100644 --- a/kubernetes/main/apps/default/zigbee/app/helmrelease.yaml +++ b/kubernetes/main/apps/default/zigbee/app/helmrelease.yaml @@ -34,7 +34,7 @@ spec: app: image: repository: ghcr.io/koenkk/zigbee2mqtt - tag: 1.42.0@sha256:732ae43d714610040bd049487b60af3b2dbcfdefb5f169897455b60d715e2131 + tag: 2.0.0@sha256:6105a3a01a66bbfb98909a7c309d0707ec7b41728ac15d399747077225231545 env: TZ: America/New_York ZIGBEE2MQTT_DATA: /config @@ -81,7 +81,9 @@ spec: securityContext: allowPrivilegeEscalation: false readOnlyRootFilesystem: true - capabilities: { drop: ["ALL"] } + capabilities: + drop: ["ALL"] + add: ["NET_BIND_SERVICE"] resources: requests: cpu: 10m From ab5fac62bb4ba14f570a79ef12a7aa389904f111 Mon Sep 17 00:00:00 2001 From: Devin Buhl Date: Fri, 3 Jan 2025 16:44:52 -0500 Subject: [PATCH 46/72] =?UTF-8?q?Revert=20"feat(container)!:=20Update=20gh?= =?UTF-8?q?cr.io/koenkk/zigbee2mqtt=20(=201.42.0=20=E2=86=92=202.0.0=20)"?= =?UTF-8?q?=20(#8603)?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- kubernetes/main/apps/default/zigbee/app/helmrelease.yaml | 6 ++---- 1 file changed, 2 insertions(+), 4 deletions(-) diff --git a/kubernetes/main/apps/default/zigbee/app/helmrelease.yaml b/kubernetes/main/apps/default/zigbee/app/helmrelease.yaml index ef54e7db7da07..76a453c219f6e 100644 --- a/kubernetes/main/apps/default/zigbee/app/helmrelease.yaml +++ b/kubernetes/main/apps/default/zigbee/app/helmrelease.yaml @@ -34,7 +34,7 @@ spec: app: image: repository: ghcr.io/koenkk/zigbee2mqtt - tag: 2.0.0@sha256:6105a3a01a66bbfb98909a7c309d0707ec7b41728ac15d399747077225231545 + tag: 1.42.0@sha256:732ae43d714610040bd049487b60af3b2dbcfdefb5f169897455b60d715e2131 env: TZ: America/New_York ZIGBEE2MQTT_DATA: /config @@ -81,9 +81,7 @@ spec: securityContext: allowPrivilegeEscalation: false readOnlyRootFilesystem: true - capabilities: - drop: ["ALL"] - add: ["NET_BIND_SERVICE"] + capabilities: { drop: ["ALL"] } resources: requests: cpu: 10m From 138bf68dbf5d3fd4f8715bb7fa3c9d9464adcc98 Mon Sep 17 00:00:00 2001 From: "bot-ross[bot]" <98030736+bot-ross[bot]@users.noreply.github.com> Date: Fri, 3 Jan 2025 17:08:51 -0500 Subject: [PATCH 47/72] =?UTF-8?q?feat(container)!:=20Update=20ghcr.io/koen?= =?UTF-8?q?kk/zigbee2mqtt=20(=201.42.0=20=E2=86=92=202.0.0=20)=20(#8604)?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Co-authored-by: bot-ross[bot] <98030736+bot-ross[bot]@users.noreply.github.com> Co-authored-by: Devin Buhl --- .../apps/default/zigbee/app/helmrelease.yaml | 34 +++---------------- 1 file changed, 5 insertions(+), 29 deletions(-) diff --git a/kubernetes/main/apps/default/zigbee/app/helmrelease.yaml b/kubernetes/main/apps/default/zigbee/app/helmrelease.yaml index 76a453c219f6e..f518afb9b51e9 100644 --- a/kubernetes/main/apps/default/zigbee/app/helmrelease.yaml +++ b/kubernetes/main/apps/default/zigbee/app/helmrelease.yaml @@ -34,36 +34,10 @@ spec: app: image: repository: ghcr.io/koenkk/zigbee2mqtt - tag: 1.42.0@sha256:732ae43d714610040bd049487b60af3b2dbcfdefb5f169897455b60d715e2131 + tag: 2.0.0@sha256:6105a3a01a66bbfb98909a7c309d0707ec7b41728ac15d399747077225231545 env: TZ: America/New_York ZIGBEE2MQTT_DATA: /config - ZIGBEE2MQTT_CONFIG_ADVANCED_HOMEASSISTANT_DISCOVERY_TOPIC: homeassistant - ZIGBEE2MQTT_CONFIG_ADVANCED_HOMEASSISTANT_LEGACY_ENTITY_ATTRIBUTES: "false" - ZIGBEE2MQTT_CONFIG_ADVANCED_HOMEASSISTANT_LEGACY_TRIGGERS: "false" - ZIGBEE2MQTT_CONFIG_ADVANCED_HOMEASSISTANT_STATUS_TOPIC: homeassistant/status - ZIGBEE2MQTT_CONFIG_ADVANCED_LAST_SEEN: ISO_8601 - ZIGBEE2MQTT_CONFIG_ADVANCED_LEGACY_API: "false" - ZIGBEE2MQTT_CONFIG_ADVANCED_LEGACY_AVAILABILITY_PAYLOAD: "false" - ZIGBEE2MQTT_CONFIG_ADVANCED_LOG_LEVEL: info # debug - ZIGBEE2MQTT_CONFIG_ADVANCED_LOG_OUTPUT: '["console"]' - ZIGBEE2MQTT_CONFIG_AVAILABILITY_ACTIVE_TIMEOUT: 60 - ZIGBEE2MQTT_CONFIG_AVAILABILITY_PASSIVE_TIMEOUT: 2000 - ZIGBEE2MQTT_CONFIG_DEVICE_OPTIONS_LEGACY: "false" - ZIGBEE2MQTT_CONFIG_DEVICE_OPTIONS_RETAIN: "true" - ZIGBEE2MQTT_CONFIG_EXPERIMENTAL_NEW_API: "true" - ZIGBEE2MQTT_CONFIG_FRONTEND_PORT: &port 80 - ZIGBEE2MQTT_CONFIG_FRONTEND_URL: https://zigbee.devbu.io - ZIGBEE2MQTT_CONFIG_HOMEASSISTANT: "true" - ZIGBEE2MQTT_CONFIG_MQTT_INCLUDE_DEVICE_INFORMATION: "true" - ZIGBEE2MQTT_CONFIG_MQTT_KEEPALIVE: 60 - ZIGBEE2MQTT_CONFIG_MQTT_REJECT_UNAUTHORIZED: "true" - ZIGBEE2MQTT_CONFIG_MQTT_SERVER: mqtt://emqx-listeners.default.svc.cluster.local:1883 - ZIGBEE2MQTT_CONFIG_MQTT_VERSION: 5 - ZIGBEE2MQTT_CONFIG_PERMIT_JOIN: "false" - ZIGBEE2MQTT_CONFIG_SERIAL_BAUDRATE: 115200 - ZIGBEE2MQTT_CONFIG_SERIAL_DISABLE_LED: "false" - ZIGBEE2MQTT_CONFIG_SERIAL_PORT: tcp://192.168.1.90:6638 # DEBUG: "zigbee-herdsman*" envFrom: - secretRef: @@ -81,7 +55,9 @@ spec: securityContext: allowPrivilegeEscalation: false readOnlyRootFilesystem: true - capabilities: { drop: ["ALL"] } + capabilities: + drop: ["ALL"] + add: ["NET_BIND_SERVICE"] resources: requests: cpu: 10m @@ -100,7 +76,7 @@ spec: controller: zigbee ports: http: - port: *port + port: 80 ingress: app: className: internal From 35301e0e987c9bc2c48d988fc4079542730697d9 Mon Sep 17 00:00:00 2001 From: Devin Buhl Date: Fri, 3 Jan 2025 17:10:16 -0500 Subject: [PATCH 48/72] =?UTF-8?q?Revert=20"feat(container)!:=20Update=20gh?= =?UTF-8?q?cr.io/koenkk/zigbee2mqtt=20(=201.42.0=20=E2=86=92=202.0.0=20)"?= =?UTF-8?q?=20(#8605)?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../apps/default/zigbee/app/helmrelease.yaml | 34 ++++++++++++++++--- 1 file changed, 29 insertions(+), 5 deletions(-) diff --git a/kubernetes/main/apps/default/zigbee/app/helmrelease.yaml b/kubernetes/main/apps/default/zigbee/app/helmrelease.yaml index f518afb9b51e9..76a453c219f6e 100644 --- a/kubernetes/main/apps/default/zigbee/app/helmrelease.yaml +++ b/kubernetes/main/apps/default/zigbee/app/helmrelease.yaml @@ -34,10 +34,36 @@ spec: app: image: repository: ghcr.io/koenkk/zigbee2mqtt - tag: 2.0.0@sha256:6105a3a01a66bbfb98909a7c309d0707ec7b41728ac15d399747077225231545 + tag: 1.42.0@sha256:732ae43d714610040bd049487b60af3b2dbcfdefb5f169897455b60d715e2131 env: TZ: America/New_York ZIGBEE2MQTT_DATA: /config + ZIGBEE2MQTT_CONFIG_ADVANCED_HOMEASSISTANT_DISCOVERY_TOPIC: homeassistant + ZIGBEE2MQTT_CONFIG_ADVANCED_HOMEASSISTANT_LEGACY_ENTITY_ATTRIBUTES: "false" + ZIGBEE2MQTT_CONFIG_ADVANCED_HOMEASSISTANT_LEGACY_TRIGGERS: "false" + ZIGBEE2MQTT_CONFIG_ADVANCED_HOMEASSISTANT_STATUS_TOPIC: homeassistant/status + ZIGBEE2MQTT_CONFIG_ADVANCED_LAST_SEEN: ISO_8601 + ZIGBEE2MQTT_CONFIG_ADVANCED_LEGACY_API: "false" + ZIGBEE2MQTT_CONFIG_ADVANCED_LEGACY_AVAILABILITY_PAYLOAD: "false" + ZIGBEE2MQTT_CONFIG_ADVANCED_LOG_LEVEL: info # debug + ZIGBEE2MQTT_CONFIG_ADVANCED_LOG_OUTPUT: '["console"]' + ZIGBEE2MQTT_CONFIG_AVAILABILITY_ACTIVE_TIMEOUT: 60 + ZIGBEE2MQTT_CONFIG_AVAILABILITY_PASSIVE_TIMEOUT: 2000 + ZIGBEE2MQTT_CONFIG_DEVICE_OPTIONS_LEGACY: "false" + ZIGBEE2MQTT_CONFIG_DEVICE_OPTIONS_RETAIN: "true" + ZIGBEE2MQTT_CONFIG_EXPERIMENTAL_NEW_API: "true" + ZIGBEE2MQTT_CONFIG_FRONTEND_PORT: &port 80 + ZIGBEE2MQTT_CONFIG_FRONTEND_URL: https://zigbee.devbu.io + ZIGBEE2MQTT_CONFIG_HOMEASSISTANT: "true" + ZIGBEE2MQTT_CONFIG_MQTT_INCLUDE_DEVICE_INFORMATION: "true" + ZIGBEE2MQTT_CONFIG_MQTT_KEEPALIVE: 60 + ZIGBEE2MQTT_CONFIG_MQTT_REJECT_UNAUTHORIZED: "true" + ZIGBEE2MQTT_CONFIG_MQTT_SERVER: mqtt://emqx-listeners.default.svc.cluster.local:1883 + ZIGBEE2MQTT_CONFIG_MQTT_VERSION: 5 + ZIGBEE2MQTT_CONFIG_PERMIT_JOIN: "false" + ZIGBEE2MQTT_CONFIG_SERIAL_BAUDRATE: 115200 + ZIGBEE2MQTT_CONFIG_SERIAL_DISABLE_LED: "false" + ZIGBEE2MQTT_CONFIG_SERIAL_PORT: tcp://192.168.1.90:6638 # DEBUG: "zigbee-herdsman*" envFrom: - secretRef: @@ -55,9 +81,7 @@ spec: securityContext: allowPrivilegeEscalation: false readOnlyRootFilesystem: true - capabilities: - drop: ["ALL"] - add: ["NET_BIND_SERVICE"] + capabilities: { drop: ["ALL"] } resources: requests: cpu: 10m @@ -76,7 +100,7 @@ spec: controller: zigbee ports: http: - port: 80 + port: *port ingress: app: className: internal From 6cd3bd27e123345a8d5c171965023d5577af4f81 Mon Sep 17 00:00:00 2001 From: "bot-ross[bot]" <98030736+bot-ross[bot]@users.noreply.github.com> Date: Fri, 3 Jan 2025 17:27:21 -0500 Subject: [PATCH 49/72] =?UTF-8?q?feat(container)!:=20Update=20ghcr.io/koen?= =?UTF-8?q?kk/zigbee2mqtt=20(=201.42.0=20=E2=86=92=202.0.0=20)=20(#8606)?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Co-authored-by: bot-ross[bot] <98030736+bot-ross[bot]@users.noreply.github.com> Co-authored-by: Devin Buhl --- .../apps/default/zigbee/app/helmrelease.yaml | 17 ++++++----------- 1 file changed, 6 insertions(+), 11 deletions(-) diff --git a/kubernetes/main/apps/default/zigbee/app/helmrelease.yaml b/kubernetes/main/apps/default/zigbee/app/helmrelease.yaml index 76a453c219f6e..f1ff8e7d819af 100644 --- a/kubernetes/main/apps/default/zigbee/app/helmrelease.yaml +++ b/kubernetes/main/apps/default/zigbee/app/helmrelease.yaml @@ -34,27 +34,20 @@ spec: app: image: repository: ghcr.io/koenkk/zigbee2mqtt - tag: 1.42.0@sha256:732ae43d714610040bd049487b60af3b2dbcfdefb5f169897455b60d715e2131 + tag: 2.0.0@sha256:6105a3a01a66bbfb98909a7c309d0707ec7b41728ac15d399747077225231545 env: TZ: America/New_York ZIGBEE2MQTT_DATA: /config - ZIGBEE2MQTT_CONFIG_ADVANCED_HOMEASSISTANT_DISCOVERY_TOPIC: homeassistant - ZIGBEE2MQTT_CONFIG_ADVANCED_HOMEASSISTANT_LEGACY_ENTITY_ATTRIBUTES: "false" - ZIGBEE2MQTT_CONFIG_ADVANCED_HOMEASSISTANT_LEGACY_TRIGGERS: "false" - ZIGBEE2MQTT_CONFIG_ADVANCED_HOMEASSISTANT_STATUS_TOPIC: homeassistant/status ZIGBEE2MQTT_CONFIG_ADVANCED_LAST_SEEN: ISO_8601 - ZIGBEE2MQTT_CONFIG_ADVANCED_LEGACY_API: "false" - ZIGBEE2MQTT_CONFIG_ADVANCED_LEGACY_AVAILABILITY_PAYLOAD: "false" ZIGBEE2MQTT_CONFIG_ADVANCED_LOG_LEVEL: info # debug ZIGBEE2MQTT_CONFIG_ADVANCED_LOG_OUTPUT: '["console"]' ZIGBEE2MQTT_CONFIG_AVAILABILITY_ACTIVE_TIMEOUT: 60 ZIGBEE2MQTT_CONFIG_AVAILABILITY_PASSIVE_TIMEOUT: 2000 - ZIGBEE2MQTT_CONFIG_DEVICE_OPTIONS_LEGACY: "false" ZIGBEE2MQTT_CONFIG_DEVICE_OPTIONS_RETAIN: "true" - ZIGBEE2MQTT_CONFIG_EXPERIMENTAL_NEW_API: "true" ZIGBEE2MQTT_CONFIG_FRONTEND_PORT: &port 80 ZIGBEE2MQTT_CONFIG_FRONTEND_URL: https://zigbee.devbu.io - ZIGBEE2MQTT_CONFIG_HOMEASSISTANT: "true" + ZIGBEE2MQTT_CONFIG_HOMEASSISTANT_DISCOVERY_TOPIC: homeassistant + ZIGBEE2MQTT_CONFIG_HOMEASSISTANT_STATUS_TOPIC: homeassistant/status ZIGBEE2MQTT_CONFIG_MQTT_INCLUDE_DEVICE_INFORMATION: "true" ZIGBEE2MQTT_CONFIG_MQTT_KEEPALIVE: 60 ZIGBEE2MQTT_CONFIG_MQTT_REJECT_UNAUTHORIZED: "true" @@ -81,7 +74,9 @@ spec: securityContext: allowPrivilegeEscalation: false readOnlyRootFilesystem: true - capabilities: { drop: ["ALL"] } + capabilities: + drop: ["ALL"] + add: ["NET_BIND_SERVICE"] resources: requests: cpu: 10m From 954dd28793adfd5d1c00807f07b152dc47461cc4 Mon Sep 17 00:00:00 2001 From: Devin Buhl Date: Fri, 3 Jan 2025 17:37:49 -0500 Subject: [PATCH 50/72] fix: add adapter to zigbee config env --- kubernetes/main/apps/default/zigbee/app/helmrelease.yaml | 1 + 1 file changed, 1 insertion(+) diff --git a/kubernetes/main/apps/default/zigbee/app/helmrelease.yaml b/kubernetes/main/apps/default/zigbee/app/helmrelease.yaml index f1ff8e7d819af..70cfd34cb96f1 100644 --- a/kubernetes/main/apps/default/zigbee/app/helmrelease.yaml +++ b/kubernetes/main/apps/default/zigbee/app/helmrelease.yaml @@ -57,6 +57,7 @@ spec: ZIGBEE2MQTT_CONFIG_SERIAL_BAUDRATE: 115200 ZIGBEE2MQTT_CONFIG_SERIAL_DISABLE_LED: "false" ZIGBEE2MQTT_CONFIG_SERIAL_PORT: tcp://192.168.1.90:6638 + ZIGBEE2MQTT_CONFIG_SERIAL_ADAPTER: zstack # DEBUG: "zigbee-herdsman*" envFrom: - secretRef: From 6959ddde44a00e288d00a5d5c01e142254c2f8fe Mon Sep 17 00:00:00 2001 From: "bot-ross[bot]" <98030736+bot-ross[bot]@users.noreply.github.com> Date: Fri, 3 Jan 2025 19:43:53 -0500 Subject: [PATCH 51/72] =?UTF-8?q?fix(container):=20update=20ghcr.io/cross-?= =?UTF-8?q?seed/cross-seed=20(=206.8.3=20=E2=86=92=206.8.4=20)=20(#8607)?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Co-authored-by: bot-ross[bot] <98030736+bot-ross[bot]@users.noreply.github.com> --- kubernetes/main/apps/default/cross-seed/app/helmrelease.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/kubernetes/main/apps/default/cross-seed/app/helmrelease.yaml b/kubernetes/main/apps/default/cross-seed/app/helmrelease.yaml index b5d165e954b39..1973b128b94ac 100644 --- a/kubernetes/main/apps/default/cross-seed/app/helmrelease.yaml +++ b/kubernetes/main/apps/default/cross-seed/app/helmrelease.yaml @@ -34,7 +34,7 @@ spec: app: image: repository: ghcr.io/cross-seed/cross-seed - tag: 6.8.3@sha256:b7e5e0b7ac4400d4c473356bfc2cb142838ca61d30f3bb4310ae16540cfc5368 + tag: 6.8.4@sha256:996896878ab462ded031552824c4fd773a2cf484582829029eda323b3c01e1b4 env: CROSS_SEED_PORT: &port 80 TZ: America/New_York From 62df021cdb59a25427ffc8e3fe6e90f3312cb5e2 Mon Sep 17 00:00:00 2001 From: "bot-ross[bot]" <98030736+bot-ross[bot]@users.noreply.github.com> Date: Fri, 3 Jan 2025 19:44:50 -0500 Subject: [PATCH 52/72] =?UTF-8?q?feat(container)!:=20Update=20ghcr.io/kier?= =?UTF-8?q?aneglin/pinchflat=20(=20v2024.12.31=20=E2=86=92=20v2025.1.3=20)?= =?UTF-8?q?=20(#8608)?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Co-authored-by: bot-ross[bot] <98030736+bot-ross[bot]@users.noreply.github.com> --- kubernetes/main/apps/default/pinchflat/app/helmrelease.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/kubernetes/main/apps/default/pinchflat/app/helmrelease.yaml b/kubernetes/main/apps/default/pinchflat/app/helmrelease.yaml index be4ae5ea149a7..66b9c9e988d41 100644 --- a/kubernetes/main/apps/default/pinchflat/app/helmrelease.yaml +++ b/kubernetes/main/apps/default/pinchflat/app/helmrelease.yaml @@ -34,7 +34,7 @@ spec: app: image: repository: ghcr.io/kieraneglin/pinchflat - tag: v2024.12.31@sha256:8c502e52a164c33300065884aeee76182845d5b0c32b35f720835a41f77d4de0 + tag: v2025.1.3@sha256:76a7e717d9001563fffe36f58a590c4ba5797ec1f1d6ee6979a791d176553b40 env: TZ: America/New_York TZ_DATA_DIR: /tmp/elixir_tz_data From fa8f5ec103098ac37beccb5da5639f60b2907976 Mon Sep 17 00:00:00 2001 From: Devin Buhl Date: Fri, 3 Jan 2025 22:18:20 -0500 Subject: [PATCH 53/72] fix: set am pushover ttl to 1d --- .../kube-prometheus-stack/app/alertmanagerconfig.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/kubernetes/main/apps/observability/kube-prometheus-stack/app/alertmanagerconfig.yaml b/kubernetes/main/apps/observability/kube-prometheus-stack/app/alertmanagerconfig.yaml index 642cf0528daf0..518a7908ea5a1 100644 --- a/kubernetes/main/apps/observability/kube-prometheus-stack/app/alertmanagerconfig.yaml +++ b/kubernetes/main/apps/observability/kube-prometheus-stack/app/alertmanagerconfig.yaml @@ -76,7 +76,7 @@ spec: title: >- [{{ .Status | toUpper }}{{ if eq .Status "firing" }}:{{ .Alerts.Firing | len }}{{ end }}] {{ .CommonLabels.alertname }} - ttl: 3600s + ttl: 86400s token: name: *secret key: ALERTMANAGER_PUSHOVER_TOKEN From 042012041b3d00d4457b654dcf3747adf4f6b307 Mon Sep 17 00:00:00 2001 From: "bot-ross[bot]" <98030736+bot-ross[bot]@users.noreply.github.com> Date: Sat, 4 Jan 2025 21:52:51 -0500 Subject: [PATCH 54/72] =?UTF-8?q?fix(container):=20update=20ghcr.io/onedr0?= =?UTF-8?q?p/sonarr-develop=20(=204.0.11.2815=20=E2=86=92=204.0.12.2825=20?= =?UTF-8?q?)=20(#8609)?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Co-authored-by: bot-ross[bot] <98030736+bot-ross[bot]@users.noreply.github.com> --- kubernetes/main/apps/default/sonarr/app/helmrelease.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/kubernetes/main/apps/default/sonarr/app/helmrelease.yaml b/kubernetes/main/apps/default/sonarr/app/helmrelease.yaml index 2ed53c794ba0c..3d0bfc78f288b 100644 --- a/kubernetes/main/apps/default/sonarr/app/helmrelease.yaml +++ b/kubernetes/main/apps/default/sonarr/app/helmrelease.yaml @@ -34,7 +34,7 @@ spec: app: image: repository: ghcr.io/onedr0p/sonarr-develop - tag: 4.0.11.2815@sha256:ac6fdfaa7056044d6131f6dbeec93542585ca3b9c76f4ebd3362864c70547e6b + tag: 4.0.12.2825@sha256:ae7efba78efc1d4923578f97933e206dcdf43fb1fd2533cfa3be77ab6d0e74b1 env: SONARR__APP__INSTANCENAME: Sonarr SONARR__APP__THEME: dark From 3d75d5191cf7d0904fbb86c60bab7f230299132a Mon Sep 17 00:00:00 2001 From: "bot-ross[bot]" <98030736+bot-ross[bot]@users.noreply.github.com> Date: Sun, 5 Jan 2025 07:43:57 -0500 Subject: [PATCH 55/72] =?UTF-8?q?fix(container):=20update=20ghcr.io/onedr0?= =?UTF-8?q?p/radarr-develop=20(=205.17.0.9555=20=E2=86=92=205.17.1.9561=20?= =?UTF-8?q?)=20(#8610)?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Co-authored-by: bot-ross[bot] <98030736+bot-ross[bot]@users.noreply.github.com> --- kubernetes/main/apps/default/radarr/app/helmrelease.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/kubernetes/main/apps/default/radarr/app/helmrelease.yaml b/kubernetes/main/apps/default/radarr/app/helmrelease.yaml index c0009da886acc..fd8355ed908ae 100644 --- a/kubernetes/main/apps/default/radarr/app/helmrelease.yaml +++ b/kubernetes/main/apps/default/radarr/app/helmrelease.yaml @@ -34,7 +34,7 @@ spec: app: image: repository: ghcr.io/onedr0p/radarr-develop - tag: 5.17.0.9555@sha256:d29684557a373f6efd8ac98f0b7b3007264599d3d83160bdaef9366a3b4f5d5a + tag: 5.17.1.9561@sha256:ebc3c0e95ae7f8d5325179cbd51ac23cab1bcc10f141ba5c34cd13bc4cc8c52f env: RADARR__APP__INSTANCENAME: Radarr RADARR__APP__THEME: dark From ca4a5cd26eee56bbf184880c2cfbef99f325210d Mon Sep 17 00:00:00 2001 From: "bot-ross[bot]" <98030736+bot-ross[bot]@users.noreply.github.com> Date: Sun, 5 Jan 2025 08:18:07 -0500 Subject: [PATCH 56/72] =?UTF-8?q?fix(container):=20update=20ghcr.io/onedr0?= =?UTF-8?q?p/radarr-develop=20(=205.17.1.9561=20=E2=86=92=205.17.2.9580=20?= =?UTF-8?q?)=20(#8611)?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Co-authored-by: bot-ross[bot] <98030736+bot-ross[bot]@users.noreply.github.com> --- kubernetes/main/apps/default/radarr/app/helmrelease.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/kubernetes/main/apps/default/radarr/app/helmrelease.yaml b/kubernetes/main/apps/default/radarr/app/helmrelease.yaml index fd8355ed908ae..62ccdc88b2205 100644 --- a/kubernetes/main/apps/default/radarr/app/helmrelease.yaml +++ b/kubernetes/main/apps/default/radarr/app/helmrelease.yaml @@ -34,7 +34,7 @@ spec: app: image: repository: ghcr.io/onedr0p/radarr-develop - tag: 5.17.1.9561@sha256:ebc3c0e95ae7f8d5325179cbd51ac23cab1bcc10f141ba5c34cd13bc4cc8c52f + tag: 5.17.2.9580@sha256:67f345c91d1e0eab27f73044702892b01228b2425562de6110777a7ea4712e34 env: RADARR__APP__INSTANCENAME: Radarr RADARR__APP__THEME: dark From c992d280ec03f9edfc642dfe723e2e600a2db491 Mon Sep 17 00:00:00 2001 From: "bot-ross[bot]" <98030736+bot-ross[bot]@users.noreply.github.com> Date: Sun, 5 Jan 2025 12:23:25 -0500 Subject: [PATCH 57/72] =?UTF-8?q?fix(container):=20update=20ghcr.io/onedr0?= =?UTF-8?q?p/prowlarr-develop=20(=201.29.1.4903=20=E2=86=92=201.29.2.4915?= =?UTF-8?q?=20)=20(#8612)?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Co-authored-by: bot-ross[bot] <98030736+bot-ross[bot]@users.noreply.github.com> --- kubernetes/main/apps/default/prowlarr/app/helmrelease.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/kubernetes/main/apps/default/prowlarr/app/helmrelease.yaml b/kubernetes/main/apps/default/prowlarr/app/helmrelease.yaml index 384c4cfeda16e..f0b3471a53c6d 100644 --- a/kubernetes/main/apps/default/prowlarr/app/helmrelease.yaml +++ b/kubernetes/main/apps/default/prowlarr/app/helmrelease.yaml @@ -34,7 +34,7 @@ spec: app: image: repository: ghcr.io/onedr0p/prowlarr-develop - tag: 1.29.1.4903@sha256:aa0f5743b6b0a0d6e321dd55af0b78088199347e3cd1a7e5d635e4f4829adb6d + tag: 1.29.2.4915@sha256:b258cc8fe38a25af3742964a2d5a749c645562b3433ef79aa5e1748070ca99d3 env: PROWLARR__APP__INSTANCENAME: Prowlarr PROWLARR__APP__THEME: dark From 4777711918a51608e582bbdd2a35ee682452a7cd Mon Sep 17 00:00:00 2001 From: "bot-ross[bot]" <98030736+bot-ross[bot]@users.noreply.github.com> Date: Sun, 5 Jan 2025 12:24:06 -0500 Subject: [PATCH 58/72] =?UTF-8?q?fix(container):=20update=20ghcr.io/buroa/?= =?UTF-8?q?qbtools=20(=20v0.19.13=20=E2=86=92=20v0.19.14=20)=20(#8613)?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Co-authored-by: bot-ross[bot] <98030736+bot-ross[bot]@users.noreply.github.com> --- kubernetes/main/apps/default/qbittorrent/tools/helmrelease.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/kubernetes/main/apps/default/qbittorrent/tools/helmrelease.yaml b/kubernetes/main/apps/default/qbittorrent/tools/helmrelease.yaml index 07d96370da7a0..0850e42b2a7b6 100644 --- a/kubernetes/main/apps/default/qbittorrent/tools/helmrelease.yaml +++ b/kubernetes/main/apps/default/qbittorrent/tools/helmrelease.yaml @@ -40,7 +40,7 @@ spec: tag: &container image: repository: ghcr.io/buroa/qbtools - tag: v0.19.13@sha256:3ce2f1ef3345921c73119921ef4d9a5070112bac6519b8d62441b73102460b81 + tag: v0.19.14@sha256:905617dfc1a8aa1510381d8e177cc5581a49bfa9d56f3f05e0574f6c83987d3c env: QBITTORRENT_HOST: qbittorrent.default.svc.cluster.local QBITTORRENT_PORT: 80 From 69bd635c29adbd8731b2c0e7cb771ed7195f29ff Mon Sep 17 00:00:00 2001 From: "bot-ross[bot]" <98030736+bot-ross[bot]@users.noreply.github.com> Date: Sun, 5 Jan 2025 22:56:19 +0000 Subject: [PATCH 59/72] =?UTF-8?q?chore(container):=20update=20ghcr.io/oned?= =?UTF-8?q?r0p/plex=20(=2038fcbef=20=E2=86=92=204e004de=20)?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- kubernetes/main/apps/default/plex/app/helmrelease.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/kubernetes/main/apps/default/plex/app/helmrelease.yaml b/kubernetes/main/apps/default/plex/app/helmrelease.yaml index b599f903faa7b..e674590f9832e 100644 --- a/kubernetes/main/apps/default/plex/app/helmrelease.yaml +++ b/kubernetes/main/apps/default/plex/app/helmrelease.yaml @@ -36,7 +36,7 @@ spec: app: image: repository: ghcr.io/onedr0p/plex - tag: 1.41.3.9314-a0bfb8370@sha256:38fcbef239341db591f8ff87f20777d9a783b79f757fc42e360041d7ba78eada + tag: 1.41.3.9314-a0bfb8370@sha256:4e004defdf450e5d86ce8c29f2dc62fa95fa12dfaae52fd36c948427eb186952 env: TZ: America/New_York PLEX_ADVERTISE_URL: https://plex.devbu.io:443,http://192.168.42.128:32400 From 5e36020b06bb2b24d79d9e42937620f98c8773f3 Mon Sep 17 00:00:00 2001 From: Devin Buhl Date: Sun, 5 Jan 2025 21:39:15 -0500 Subject: [PATCH 60/72] fix(smartctl-exporter): use device_include --- .../observability/smartctl-exporter/app/helmrelease.yaml | 6 +----- 1 file changed, 1 insertion(+), 5 deletions(-) diff --git a/kubernetes/main/apps/observability/smartctl-exporter/app/helmrelease.yaml b/kubernetes/main/apps/observability/smartctl-exporter/app/helmrelease.yaml index 81a4eee9038fb..1c8f331a09bef 100644 --- a/kubernetes/main/apps/observability/smartctl-exporter/app/helmrelease.yaml +++ b/kubernetes/main/apps/observability/smartctl-exporter/app/helmrelease.yaml @@ -28,11 +28,7 @@ spec: values: fullnameOverride: *app config: - devices: - - /dev/sda - - /dev/sdb - - /dev/nvme0n1 - - /dev/nvme1n1 + device_include: /dev/[nvme|sd].* serviceMonitor: enabled: true prometheusRules: From cae8cef2fdcad96f6a7323345f647f47e6274cd7 Mon Sep 17 00:00:00 2001 From: Devin Buhl Date: Sun, 5 Jan 2025 21:45:29 -0500 Subject: [PATCH 61/72] no likely square brackets --- .../apps/observability/smartctl-exporter/app/helmrelease.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/kubernetes/main/apps/observability/smartctl-exporter/app/helmrelease.yaml b/kubernetes/main/apps/observability/smartctl-exporter/app/helmrelease.yaml index 1c8f331a09bef..ecb3a3a0ed9ae 100644 --- a/kubernetes/main/apps/observability/smartctl-exporter/app/helmrelease.yaml +++ b/kubernetes/main/apps/observability/smartctl-exporter/app/helmrelease.yaml @@ -28,7 +28,7 @@ spec: values: fullnameOverride: *app config: - device_include: /dev/[nvme|sd].* + device_include: /dev/(nvme|sd).* serviceMonitor: enabled: true prometheusRules: From 7cfe38e275c912882e269dbd964b934ff3e7c7da Mon Sep 17 00:00:00 2001 From: Devin Buhl Date: Sun, 5 Jan 2025 21:46:40 -0500 Subject: [PATCH 62/72] no likely curved brackets --- .../apps/observability/smartctl-exporter/app/helmrelease.yaml | 2 -- 1 file changed, 2 deletions(-) diff --git a/kubernetes/main/apps/observability/smartctl-exporter/app/helmrelease.yaml b/kubernetes/main/apps/observability/smartctl-exporter/app/helmrelease.yaml index ecb3a3a0ed9ae..6b63596cbc1c6 100644 --- a/kubernetes/main/apps/observability/smartctl-exporter/app/helmrelease.yaml +++ b/kubernetes/main/apps/observability/smartctl-exporter/app/helmrelease.yaml @@ -27,8 +27,6 @@ spec: namespace: observability values: fullnameOverride: *app - config: - device_include: /dev/(nvme|sd).* serviceMonitor: enabled: true prometheusRules: From 727e4afd14210d512a8c659a457c21c991bddb37 Mon Sep 17 00:00:00 2001 From: "bot-ross[bot]" <98030736+bot-ross[bot]@users.noreply.github.com> Date: Mon, 6 Jan 2025 08:08:18 +0000 Subject: [PATCH 63/72] =?UTF-8?q?fix(github-action):=20update=20renovatebo?= =?UTF-8?q?t/github-action=20(=20v41.0.7=20=E2=86=92=20v41.0.8=20)?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .github/workflows/renovate.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/renovate.yaml b/.github/workflows/renovate.yaml index abcf04dec9374..a1c84d99dbb55 100644 --- a/.github/workflows/renovate.yaml +++ b/.github/workflows/renovate.yaml @@ -56,7 +56,7 @@ jobs: token: "${{ steps.app-token.outputs.token }}" - name: Renovate - uses: renovatebot/github-action@v41.0.7 + uses: renovatebot/github-action@v41.0.8 with: configurationFile: .github/renovate.json5 token: "${{ steps.app-token.outputs.token }}" From 73e29a89c0310bcbf47a1d4ec088dc75509f349d Mon Sep 17 00:00:00 2001 From: "bot-ross[bot]" <98030736+bot-ross[bot]@users.noreply.github.com> Date: Mon, 6 Jan 2025 08:05:42 -0500 Subject: [PATCH 64/72] =?UTF-8?q?feat(container):=20update=20kube-promethe?= =?UTF-8?q?us-stack=20(=2067.7.0=20=E2=86=92=2067.8.0=20)=20(#8614)?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Co-authored-by: bot-ross[bot] <98030736+bot-ross[bot]@users.noreply.github.com> --- .../observability/kube-prometheus-stack/app/helmrelease.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/kubernetes/main/apps/observability/kube-prometheus-stack/app/helmrelease.yaml b/kubernetes/main/apps/observability/kube-prometheus-stack/app/helmrelease.yaml index 76bb051aadd96..b3ebfa18795dd 100644 --- a/kubernetes/main/apps/observability/kube-prometheus-stack/app/helmrelease.yaml +++ b/kubernetes/main/apps/observability/kube-prometheus-stack/app/helmrelease.yaml @@ -9,7 +9,7 @@ spec: chart: spec: chart: kube-prometheus-stack - version: 67.7.0 + version: 67.8.0 sourceRef: kind: HelmRepository name: prometheus-community From 83f1224df93ce47e329cd8601cb7bc34f0491108 Mon Sep 17 00:00:00 2001 From: Devin Buhl Date: Mon, 6 Jan 2025 11:23:51 -0500 Subject: [PATCH 65/72] feat: remove kubelet-csr-approver Signed-off-by: Devin Buhl --- .taskfiles/talos/Taskfile.yaml | 11 +++----- .../kubelet-csr-approver/app/helm-values.yaml | 8 ------ .../kubelet-csr-approver/app/helmrelease.yaml | 27 ------------------- .../app/kustomization.yaml | 11 -------- .../app/kustomizeconfig.yaml | 7 ----- .../kube-system/kubelet-csr-approver/ks.yaml | 20 -------------- .../main/apps/kube-system/kustomization.yaml | 1 - .../metrics-server/app/helmrelease.yaml | 6 +++++ kubernetes/main/bootstrap/apps/helmfile.yaml | 12 +-------- .../main/talos/192.168.42.10.sops.yaml.j2 | 4 +-- .../main/talos/192.168.42.11.sops.yaml.j2 | 4 +-- .../main/talos/192.168.42.12.sops.yaml.j2 | 4 +-- .../shared/repos/helm/kustomization.yaml | 1 - kubernetes/shared/repos/helm/postfinance.yaml | 10 ------- 14 files changed, 14 insertions(+), 112 deletions(-) delete mode 100644 kubernetes/main/apps/kube-system/kubelet-csr-approver/app/helm-values.yaml delete mode 100644 kubernetes/main/apps/kube-system/kubelet-csr-approver/app/helmrelease.yaml delete mode 100644 kubernetes/main/apps/kube-system/kubelet-csr-approver/app/kustomization.yaml delete mode 100644 kubernetes/main/apps/kube-system/kubelet-csr-approver/app/kustomizeconfig.yaml delete mode 100644 kubernetes/main/apps/kube-system/kubelet-csr-approver/ks.yaml delete mode 100644 kubernetes/shared/repos/helm/postfinance.yaml diff --git a/.taskfiles/talos/Taskfile.yaml b/.taskfiles/talos/Taskfile.yaml index 78544b668e3ec..948179dc75e0d 100644 --- a/.taskfiles/talos/Taskfile.yaml +++ b/.taskfiles/talos/Taskfile.yaml @@ -10,7 +10,7 @@ tasks: cmds: - task: down - sops exec-file --input-type yaml --output-type yaml {{.CLUSTER_DIR}}/talos/{{.IP}}.sops.yaml.j2 "minijinja-cli {}" | talosctl --nodes {{.IP}} apply-config --mode={{.MODE}} --file /dev/stdin - - talosctl --nodes {{.IP}} health --wait-timeout=10m --server=false + - talosctl --nodes {{.IP}} health - task: up vars: MODE: '{{.MODE | default "auto"}}' @@ -28,14 +28,12 @@ tasks: dotenv: ['{{.CLUSTER_DIR}}/cluster.env'] cmds: - task: down - - talosctl --nodes {{.IP}} upgrade --image="factory.talos.dev/installer{{if eq .TALOS_SECUREBOOT "true"}}-secureboot{{end}}/{{.TALOS_SCHEMATIC_ID}}:$TALOS_VERSION" --timeout=10m - - talosctl --nodes {{.IP}} health --wait-timeout=10m --server=false + - talosctl --nodes {{.IP}} upgrade --image="factory.talos.dev/installer/{{.TALOS_SCHEMATIC_ID}}:$TALOS_VERSION" --timeout=10m + - talosctl --nodes {{.IP}} health - task: up vars: TALOS_SCHEMATIC_ID: sh: talosctl --nodes {{.IP}} get nodeannotationspecs --output json | jq --raw-output '.spec | select(.key == "extensions.talos.dev/schematic") | .value' - TALOS_SECUREBOOT: - sh: talosctl --nodes {{.IP}} get securitystate --output=jsonpath='{.spec.secureBoot}' requires: vars: [CLUSTER, IP] preconditions: @@ -52,7 +50,6 @@ tasks: cmds: - task: down - talosctl --nodes {{.TALOS_CONTROLLER}} upgrade-k8s --to $KUBERNETES_VERSION - - talosctl health --wait-timeout=10m --server=false - task: up vars: TALOS_CONTROLLER: @@ -72,7 +69,7 @@ tasks: cmds: - task: down - talosctl --nodes {{.IP}} reboot --mode={{.MODE}} - - talosctl --nodes {{.IP}} health --wait-timeout=10m --server=false + - talosctl --nodes {{.IP}} health - task: up vars: MODE: '{{.MODE | default "default"}}' diff --git a/kubernetes/main/apps/kube-system/kubelet-csr-approver/app/helm-values.yaml b/kubernetes/main/apps/kube-system/kubelet-csr-approver/app/helm-values.yaml deleted file mode 100644 index b03541bff2f9d..0000000000000 --- a/kubernetes/main/apps/kube-system/kubelet-csr-approver/app/helm-values.yaml +++ /dev/null @@ -1,8 +0,0 @@ ---- -replicas: 1 -providerRegex: ^k8s-\d$ -bypassDnsResolution: true -metrics: - enable: true - serviceMonitor: - enabled: true diff --git a/kubernetes/main/apps/kube-system/kubelet-csr-approver/app/helmrelease.yaml b/kubernetes/main/apps/kube-system/kubelet-csr-approver/app/helmrelease.yaml deleted file mode 100644 index f1c567dc70f32..0000000000000 --- a/kubernetes/main/apps/kube-system/kubelet-csr-approver/app/helmrelease.yaml +++ /dev/null @@ -1,27 +0,0 @@ ---- -# yaml-language-server: $schema=https://kubernetes-schemas.pages.dev/helm.toolkit.fluxcd.io/helmrelease_v2.json -apiVersion: helm.toolkit.fluxcd.io/v2 -kind: HelmRelease -metadata: - name: kubelet-csr-approver -spec: - interval: 30m - chart: - spec: - chart: kubelet-csr-approver - version: 1.2.4 - sourceRef: - kind: HelmRepository - name: postfinance - namespace: flux-system - install: - remediation: - retries: 3 - upgrade: - cleanupOnFail: true - remediation: - strategy: rollback - retries: 3 - valuesFrom: - - kind: ConfigMap - name: kubelet-csr-approver-helm-values diff --git a/kubernetes/main/apps/kube-system/kubelet-csr-approver/app/kustomization.yaml b/kubernetes/main/apps/kube-system/kubelet-csr-approver/app/kustomization.yaml deleted file mode 100644 index 30dddafcbad8e..0000000000000 --- a/kubernetes/main/apps/kube-system/kubelet-csr-approver/app/kustomization.yaml +++ /dev/null @@ -1,11 +0,0 @@ ---- -apiVersion: kustomize.config.k8s.io/v1beta1 -kind: Kustomization -resources: - - ./helmrelease.yaml -configMapGenerator: - - name: kubelet-csr-approver-helm-values - files: - - values.yaml=./helm-values.yaml -configurations: - - kustomizeconfig.yaml diff --git a/kubernetes/main/apps/kube-system/kubelet-csr-approver/app/kustomizeconfig.yaml b/kubernetes/main/apps/kube-system/kubelet-csr-approver/app/kustomizeconfig.yaml deleted file mode 100644 index 58f92ba1530f1..0000000000000 --- a/kubernetes/main/apps/kube-system/kubelet-csr-approver/app/kustomizeconfig.yaml +++ /dev/null @@ -1,7 +0,0 @@ ---- -nameReference: - - kind: ConfigMap - version: v1 - fieldSpecs: - - path: spec/valuesFrom/name - kind: HelmRelease diff --git a/kubernetes/main/apps/kube-system/kubelet-csr-approver/ks.yaml b/kubernetes/main/apps/kube-system/kubelet-csr-approver/ks.yaml deleted file mode 100644 index 5cd053bfe13ed..0000000000000 --- a/kubernetes/main/apps/kube-system/kubelet-csr-approver/ks.yaml +++ /dev/null @@ -1,20 +0,0 @@ ---- -# yaml-language-server: $schema=https://kubernetes-schemas.pages.dev/kustomize.toolkit.fluxcd.io/kustomization_v1.json -apiVersion: kustomize.toolkit.fluxcd.io/v1 -kind: Kustomization -metadata: - name: &app kubelet-csr-approver - namespace: flux-system -spec: - targetNamespace: kube-system - commonMetadata: - labels: - app.kubernetes.io/name: *app - path: ./kubernetes/main/apps/kube-system/kubelet-csr-approver/app - prune: false # never should be deleted - sourceRef: - kind: GitRepository - name: home-kubernetes - wait: false - interval: 30m - timeout: 5m diff --git a/kubernetes/main/apps/kube-system/kustomization.yaml b/kubernetes/main/apps/kube-system/kustomization.yaml index 72c923a374fda..7970c52c36b74 100644 --- a/kubernetes/main/apps/kube-system/kustomization.yaml +++ b/kubernetes/main/apps/kube-system/kustomization.yaml @@ -12,7 +12,6 @@ resources: - ./descheduler/ks.yaml - ./fstrim/ks.yaml - ./intel-device-plugin/ks.yaml - - ./kubelet-csr-approver/ks.yaml - ./metrics-server/ks.yaml - ./node-feature-discovery/ks.yaml - ./reloader/ks.yaml diff --git a/kubernetes/main/apps/kube-system/metrics-server/app/helmrelease.yaml b/kubernetes/main/apps/kube-system/metrics-server/app/helmrelease.yaml index fb272c6a38452..59538154ec532 100644 --- a/kubernetes/main/apps/kube-system/metrics-server/app/helmrelease.yaml +++ b/kubernetes/main/apps/kube-system/metrics-server/app/helmrelease.yaml @@ -23,6 +23,12 @@ spec: strategy: rollback retries: 3 values: + args: + - --kubelet-insecure-tls + - --kubelet-preferred-address-types=InternalIP,ExternalIP,Hostname + - --kubelet-use-node-status-port + - --metric-resolution=10s + - --kubelet-request-timeout=2s metrics: enabled: true serviceMonitor: diff --git a/kubernetes/main/bootstrap/apps/helmfile.yaml b/kubernetes/main/bootstrap/apps/helmfile.yaml index 788baab738e6d..2bd92ee4dcfee 100644 --- a/kubernetes/main/bootstrap/apps/helmfile.yaml +++ b/kubernetes/main/bootstrap/apps/helmfile.yaml @@ -18,9 +18,6 @@ repositories: - name: coredns url: https://coredns.github.io/helm - - name: postfinance - url: https://postfinance.github.io/kubelet-csr-approver - releases: - name: kube-prometheus-stack-crds namespace: observability @@ -41,16 +38,9 @@ releases: values: ["../../apps/kube-system/coredns/app/helm-values.yaml"] needs: ["kube-system/cilium"] - - name: kubelet-csr-approver - namespace: kube-system - chart: postfinance/kubelet-csr-approver - version: 1.2.4 - values: ["../../apps/kube-system/kubelet-csr-approver/app/helm-values.yaml"] - needs: ["kube-system/coredns"] - - name: spegel namespace: kube-system chart: oci://ghcr.io/spegel-org/helm-charts/spegel version: v0.0.28 values: ["../../apps/kube-system/spegel/app/helm-values.yaml"] - needs: ["kube-system/kubelet-csr-approver"] + needs: ["kube-system/coredns"] diff --git a/kubernetes/main/talos/192.168.42.10.sops.yaml.j2 b/kubernetes/main/talos/192.168.42.10.sops.yaml.j2 index bbd83cbfece56..a6e00dcb7da43 100644 --- a/kubernetes/main/talos/192.168.42.10.sops.yaml.j2 +++ b/kubernetes/main/talos/192.168.42.10.sops.yaml.j2 @@ -10,8 +10,6 @@ machine: certSANs: ["127.0.0.1", "192.168.42.120"] kubelet: image: ghcr.io/siderolabs/kubelet:{{ ENV.KUBERNETES_VERSION }} - extraArgs: - rotate-server-certificates: "true" extraConfig: maxPods: 150 extraMounts: @@ -199,7 +197,7 @@ cluster: extraArgs: listen-metrics-urls: http://0.0.0.0:2381 advertisedSubnets: ["192.168.42.0/24"] - allowSchedulingOnMasters: true + allowSchedulingOnControlPlanes: true sops: kms: [] gcp_kms: [] diff --git a/kubernetes/main/talos/192.168.42.11.sops.yaml.j2 b/kubernetes/main/talos/192.168.42.11.sops.yaml.j2 index 38c15cad4a4f3..32fe1fcc70303 100644 --- a/kubernetes/main/talos/192.168.42.11.sops.yaml.j2 +++ b/kubernetes/main/talos/192.168.42.11.sops.yaml.j2 @@ -10,8 +10,6 @@ machine: certSANs: ["127.0.0.1", "192.168.42.120"] kubelet: image: ghcr.io/siderolabs/kubelet:{{ ENV.KUBERNETES_VERSION }} - extraArgs: - rotate-server-certificates: "true" extraConfig: maxPods: 150 extraMounts: @@ -199,7 +197,7 @@ cluster: extraArgs: listen-metrics-urls: http://0.0.0.0:2381 advertisedSubnets: ["192.168.42.0/24"] - allowSchedulingOnMasters: true + allowSchedulingOnControlPlanes: true sops: kms: [] gcp_kms: [] diff --git a/kubernetes/main/talos/192.168.42.12.sops.yaml.j2 b/kubernetes/main/talos/192.168.42.12.sops.yaml.j2 index 592f4f1f845cc..d88081a869343 100644 --- a/kubernetes/main/talos/192.168.42.12.sops.yaml.j2 +++ b/kubernetes/main/talos/192.168.42.12.sops.yaml.j2 @@ -10,8 +10,6 @@ machine: certSANs: ["127.0.0.1", "192.168.42.120"] kubelet: image: ghcr.io/siderolabs/kubelet:{{ ENV.KUBERNETES_VERSION }} - extraArgs: - rotate-server-certificates: "true" extraConfig: maxPods: 150 extraMounts: @@ -199,7 +197,7 @@ cluster: extraArgs: listen-metrics-urls: http://0.0.0.0:2381 advertisedSubnets: ["192.168.42.0/24"] - allowSchedulingOnMasters: true + allowSchedulingOnControlPlanes: true sops: kms: [] gcp_kms: [] diff --git a/kubernetes/shared/repos/helm/kustomization.yaml b/kubernetes/shared/repos/helm/kustomization.yaml index 0cba55de48819..5676ad5c85dd1 100644 --- a/kubernetes/shared/repos/helm/kustomization.yaml +++ b/kubernetes/shared/repos/helm/kustomization.yaml @@ -27,7 +27,6 @@ resources: - ./node-feature-discovery.yaml - ./openebs.yaml - ./piraeus.yaml - - ./postfinance.yaml - ./prometheus-community.yaml - ./rook-ceph.yaml - ./spegel.yaml diff --git a/kubernetes/shared/repos/helm/postfinance.yaml b/kubernetes/shared/repos/helm/postfinance.yaml deleted file mode 100644 index 015568bfcf7e7..0000000000000 --- a/kubernetes/shared/repos/helm/postfinance.yaml +++ /dev/null @@ -1,10 +0,0 @@ ---- -# yaml-language-server: $schema=https://kubernetes-schemas.pages.dev/source.toolkit.fluxcd.io/helmrepository_v1.json -apiVersion: source.toolkit.fluxcd.io/v1 -kind: HelmRepository -metadata: - name: postfinance - namespace: flux-system -spec: - interval: 2h - url: https://postfinance.github.io/kubelet-csr-approver From f2312fc5750cf5a7488680e88153a643e6fa02e4 Mon Sep 17 00:00:00 2001 From: Devin Buhl Date: Mon, 6 Jan 2025 11:34:22 -0500 Subject: [PATCH 66/72] fix(arc): use openebs-hostpath Signed-off-by: Devin Buhl --- .../gha-runner-scale-set/app/helmrelease.yaml | 6 ++---- 1 file changed, 2 insertions(+), 4 deletions(-) diff --git a/kubernetes/main/apps/actions-runner-system/gha-runner-scale-set/app/helmrelease.yaml b/kubernetes/main/apps/actions-runner-system/gha-runner-scale-set/app/helmrelease.yaml index 44aa37bf18146..c7db923199d62 100644 --- a/kubernetes/main/apps/actions-runner-system/gha-runner-scale-set/app/helmrelease.yaml +++ b/kubernetes/main/apps/actions-runner-system/gha-runner-scale-set/app/helmrelease.yaml @@ -52,10 +52,10 @@ spec: type: kubernetes kubernetesModeWorkVolumeClaim: accessModes: ["ReadWriteOnce"] - storageClassName: ceph-block + storageClassName: openebs-hostpath resources: requests: - storage: 20Gi + storage: 25Gi template: spec: containers: @@ -73,8 +73,6 @@ spec: - mountPath: /var/run/secrets/talos.dev name: talos readOnly: true - securityContext: - fsGroup: 123 serviceAccountName: actions-runner volumes: - name: talos From 4f9dfe3b2094090a7e246ef8d63988287de82635 Mon Sep 17 00:00:00 2001 From: Devin Buhl Date: Mon, 6 Jan 2025 13:17:53 -0500 Subject: [PATCH 67/72] fix(bootstrap): prevent pods from restarting when flux takes over --- kubernetes/main/bootstrap/apps/helmfile.yaml | 20 ++++++++++++++------ 1 file changed, 14 insertions(+), 6 deletions(-) diff --git a/kubernetes/main/bootstrap/apps/helmfile.yaml b/kubernetes/main/bootstrap/apps/helmfile.yaml index 2bd92ee4dcfee..2821964e64d4b 100644 --- a/kubernetes/main/bootstrap/apps/helmfile.yaml +++ b/kubernetes/main/bootstrap/apps/helmfile.yaml @@ -24,18 +24,26 @@ releases: chart: oci://ghcr.io/prometheus-community/charts/prometheus-operator-crds version: 17.0.2 - - name: cilium - namespace: kube-system + - name: &name cilium + namespace: &namespace kube-system chart: cilium/cilium version: 1.16.5 - values: ["../../apps/kube-system/cilium/app/helm-values.yaml"] + values: + - ../../apps/kube-system/cilium/app/helm-values.yaml + - commonLabels: + helm.toolkit.fluxcd.io/name: *name + helm.toolkit.fluxcd.io/namespace: *namespace needs: ["observability/kube-prometheus-stack-crds"] - - name: coredns - namespace: kube-system + - name: &name coredns + namespace: &namespace kube-system chart: coredns/coredns version: 1.37.0 - values: ["../../apps/kube-system/coredns/app/helm-values.yaml"] + values: + - ../../apps/kube-system/coredns/app/helm-values.yaml + - customLabels: + helm.toolkit.fluxcd.io/name: *name + helm.toolkit.fluxcd.io/namespace: *namespace needs: ["kube-system/cilium"] - name: spegel From c80c0f4ac17cf3aefb8c12856c4198642cf1da37 Mon Sep 17 00:00:00 2001 From: "bot-ross[bot]" <98030736+bot-ross[bot]@users.noreply.github.com> Date: Mon, 6 Jan 2025 22:05:55 +0000 Subject: [PATCH 68/72] =?UTF-8?q?chore(container):=20update=20ghcr.io/oned?= =?UTF-8?q?r0p/home-assistant=20(=202abed00=20=E2=86=92=20a3e6b13=20)?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../main/apps/default/home-assistant/app/helmrelease.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/kubernetes/main/apps/default/home-assistant/app/helmrelease.yaml b/kubernetes/main/apps/default/home-assistant/app/helmrelease.yaml index eb80a32b28f17..e9167390ba11a 100644 --- a/kubernetes/main/apps/default/home-assistant/app/helmrelease.yaml +++ b/kubernetes/main/apps/default/home-assistant/app/helmrelease.yaml @@ -34,7 +34,7 @@ spec: app: image: repository: ghcr.io/onedr0p/home-assistant - tag: 2025.1.0@sha256:2abed005d6bfd8dbe0605bd1d9eb5380b14b657401c5c3880e4ba4fa20e636a1 + tag: 2025.1.0@sha256:a3e6b1301107c5ca4dd3e1e7fa25edd0618acc9f812c75674cce7481fb05c759 env: TZ: America/New_York HASS_HTTP_TRUSTED_PROXY_1: 192.168.42.0/24 From 99800a2492327ac255d469a9bd1c26111d39d82f Mon Sep 17 00:00:00 2001 From: "bot-ross[bot]" <98030736+bot-ross[bot]@users.noreply.github.com> Date: Mon, 6 Jan 2025 18:24:30 -0500 Subject: [PATCH 69/72] =?UTF-8?q?feat(container):=20update=20ghcr.io/autob?= =?UTF-8?q?rr/autobrr=20(=20v1.56.1=20=E2=86=92=20v1.57.0=20)=20(#8615)?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Co-authored-by: bot-ross[bot] <98030736+bot-ross[bot]@users.noreply.github.com> --- kubernetes/main/apps/default/autobrr/app/helmrelease.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/kubernetes/main/apps/default/autobrr/app/helmrelease.yaml b/kubernetes/main/apps/default/autobrr/app/helmrelease.yaml index 18a17fad87558..1d46180f766c2 100644 --- a/kubernetes/main/apps/default/autobrr/app/helmrelease.yaml +++ b/kubernetes/main/apps/default/autobrr/app/helmrelease.yaml @@ -34,7 +34,7 @@ spec: app: image: repository: ghcr.io/autobrr/autobrr - tag: v1.56.1@sha256:ece84c7032c2afef04b145be8f99e6a1e46971dece62328541ac36990b5270f4 + tag: v1.57.0@sha256:fbc0fea58925c43357a2a43dad543dcda5b354a28a95a28e5d7289d34dc5edb9 env: AUTOBRR__CHECK_FOR_UPDATES: "false" AUTOBRR__HOST: 0.0.0.0 From 9e0c4c4ed74faae2746056ce0dd76d968369ed9d Mon Sep 17 00:00:00 2001 From: Devin Buhl Date: Mon, 6 Jan 2025 18:47:46 -0500 Subject: [PATCH 70/72] fix(hass): venv emptyDir Signed-off-by: Devin Buhl --- .../main/apps/default/home-assistant/app/helmrelease.yaml | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/kubernetes/main/apps/default/home-assistant/app/helmrelease.yaml b/kubernetes/main/apps/default/home-assistant/app/helmrelease.yaml index e9167390ba11a..8c645c042be46 100644 --- a/kubernetes/main/apps/default/home-assistant/app/helmrelease.yaml +++ b/kubernetes/main/apps/default/home-assistant/app/helmrelease.yaml @@ -119,3 +119,7 @@ spec: type: emptyDir globalMounts: - path: /tmp + venv: + type: emptyDir + globalMounts: + - path: /config/.venv From 4a57a0e4a4cf2d2e86523a02ddf1a9feda1f30e6 Mon Sep 17 00:00:00 2001 From: "bot-ross[bot]" <98030736+bot-ross[bot]@users.noreply.github.com> Date: Mon, 6 Jan 2025 19:43:27 -0500 Subject: [PATCH 71/72] =?UTF-8?q?fix(helm):=20update=20descheduler=20(=200?= =?UTF-8?q?.32.0=20=E2=86=92=200.32.1=20)=20(#8616)?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Co-authored-by: bot-ross[bot] <98030736+bot-ross[bot]@users.noreply.github.com> --- .../main/apps/kube-system/descheduler/app/helmrelease.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/kubernetes/main/apps/kube-system/descheduler/app/helmrelease.yaml b/kubernetes/main/apps/kube-system/descheduler/app/helmrelease.yaml index fb5828ee71198..11a02c5154e30 100644 --- a/kubernetes/main/apps/kube-system/descheduler/app/helmrelease.yaml +++ b/kubernetes/main/apps/kube-system/descheduler/app/helmrelease.yaml @@ -9,7 +9,7 @@ spec: chart: spec: chart: descheduler - version: 0.32.0 + version: 0.32.1 sourceRef: kind: HelmRepository name: descheduler From 78efd66baa5a97618fbd4fa1979ca22ed45d7c36 Mon Sep 17 00:00:00 2001 From: Devin Buhl Date: Mon, 6 Jan 2025 21:05:16 -0500 Subject: [PATCH 72/72] fix: swap qbittorrent libtorrent 2.x image --- kubernetes/main/apps/default/qbittorrent/app/helmrelease.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/kubernetes/main/apps/default/qbittorrent/app/helmrelease.yaml b/kubernetes/main/apps/default/qbittorrent/app/helmrelease.yaml index e709cc3f2b735..9a2764f94979e 100644 --- a/kubernetes/main/apps/default/qbittorrent/app/helmrelease.yaml +++ b/kubernetes/main/apps/default/qbittorrent/app/helmrelease.yaml @@ -33,8 +33,8 @@ spec: containers: app: image: - repository: ghcr.io/onedr0p/qbittorrent-beta - tag: 5.0.3@sha256:4b9de3356475bd97fda3fb4d98f213e8d139aef15e7bd20dab72973e661901dd + repository: ghcr.io/onedr0p/qbittorrent + tag: 5.0.3@sha256:3d62f065290ae77a10c7f7deaef7bc857068feff89503773707d2dae339b66c6 env: TZ: America/New_York QBT_WEBUI_PORT: &port 80