From 80eae995cf283a456c48b54253814c33603d7371 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Wed, 18 Jun 2025 17:26:59 +0200 Subject: [PATCH 01/18] deps: bump sigstore/cosign-installer from 3.8.2 to 3.9.0 (#490) Bumps [sigstore/cosign-installer](https://github.com/sigstore/cosign-installer) from 3.8.2 to 3.9.0. - [Release notes](https://github.com/sigstore/cosign-installer/releases) - [Commits](https://github.com/sigstore/cosign-installer/compare/v3.8.2...v3.9.0) --- updated-dependencies: - dependency-name: sigstore/cosign-installer dependency-version: 3.9.0 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- .github/workflows/release.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 59f225c..094faa9 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -87,7 +87,7 @@ jobs: IMAGE_DIGEST: ${{ needs.build.outputs.image-digest }} steps: - name: Install Cosign - uses: sigstore/cosign-installer@v3.8.2 + uses: sigstore/cosign-installer@v3.9.0 - name: Log into container registry uses: redhat-actions/podman-login@v1.7 From aa87df0901ff323b968370939eb401be1c5d101a Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Thu, 17 Jul 2025 22:25:31 +0200 Subject: [PATCH 02/18] deps: bump sigstore/cosign-installer from 3.9.0 to 3.9.1 (#491) Bumps [sigstore/cosign-installer](https://github.com/sigstore/cosign-installer) from 3.9.0 to 3.9.1. - [Release notes](https://github.com/sigstore/cosign-installer/releases) - [Commits](https://github.com/sigstore/cosign-installer/compare/v3.9.0...v3.9.1) --- updated-dependencies: - dependency-name: sigstore/cosign-installer dependency-version: 3.9.1 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- .github/workflows/release.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 094faa9..80e2c0c 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -87,7 +87,7 @@ jobs: IMAGE_DIGEST: ${{ needs.build.outputs.image-digest }} steps: - name: Install Cosign - uses: sigstore/cosign-installer@v3.9.0 + uses: sigstore/cosign-installer@v3.9.1 - name: Log into container registry uses: redhat-actions/podman-login@v1.7 From 6b7eccf0dba627158fc90ed2fa5c66ead65d7263 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Fri, 18 Jul 2025 07:30:09 +0200 Subject: [PATCH 03/18] deps: bump sigstore/cosign-installer from 3.9.1 to 3.9.2 (#492) --- .github/workflows/release.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 80e2c0c..50294ba 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -87,7 +87,7 @@ jobs: IMAGE_DIGEST: ${{ needs.build.outputs.image-digest }} steps: - name: Install Cosign - uses: sigstore/cosign-installer@v3.9.1 + uses: sigstore/cosign-installer@v3.9.2 - name: Log into container registry uses: redhat-actions/podman-login@v1.7 From 30928d921edab4ba405417468593160ca65ffaf8 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Tue, 12 Aug 2025 17:04:59 +0200 Subject: [PATCH 04/18] deps: bump actions/checkout from 4.2.2 to 5.0.0 (#493) Bumps [actions/checkout](https://github.com/actions/checkout) from 4.2.2 to 5.0.0. - [Release notes](https://github.com/actions/checkout/releases) - [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md) - [Commits](https://github.com/actions/checkout/compare/v4.2.2...v5.0.0) --- updated-dependencies: - dependency-name: actions/checkout dependency-version: 5.0.0 dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- .github/workflows/release.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 50294ba..267b2c4 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -19,7 +19,7 @@ jobs: image-digest: ${{ steps.image-info.outputs.image_digest }} steps: - name: Checkout source code - uses: actions/checkout@v4.2.2 + uses: actions/checkout@v5.0.0 - name: Set up Carvel uses: carvel-dev/setup-action@v2.0.1 From dcdcdbe7b375d26f6542bb00c5f620b0af4f19cb Mon Sep 17 00:00:00 2001 From: Thomas Vitale Date: Thu, 14 Aug 2025 19:12:12 +0200 Subject: [PATCH 05/18] Update Kyverno metadata and add version 1.15.0 (#494) Co-authored-by: github-actions --- .../kyverno.packages.kadras.io/1.15.0.yml | 182 ++++++++++++++++++ 1 file changed, 182 insertions(+) create mode 100644 repo/packages/kyverno.packages.kadras.io/1.15.0.yml diff --git a/repo/packages/kyverno.packages.kadras.io/1.15.0.yml b/repo/packages/kyverno.packages.kadras.io/1.15.0.yml new file mode 100644 index 0000000..853fdc0 --- /dev/null +++ b/repo/packages/kyverno.packages.kadras.io/1.15.0.yml @@ -0,0 +1,182 @@ +apiVersion: data.packaging.carvel.dev/v1alpha1 +kind: Package +metadata: + creationTimestamp: null + name: kyverno.packages.kadras.io.1.15.0 +spec: + licenses: + - Apache 2.0 + refName: kyverno.packages.kadras.io + releaseNotes: https://github.com/kadras-io/package-for-kyverno/releases + releasedAt: "2025-08-14T17:02:37Z" + template: + spec: + deploy: + - kapp: {} + fetch: + - imgpkgBundle: + image: ghcr.io/kadras-io/package-for-kyverno@sha256:8790305444f5ccc2cd5715aca7ef9c596db45a4edd3e891b9b5c752dfa22e4ec + template: + - ytt: + paths: + - config + - kbld: + paths: + - '-' + - .imgpkg/images.yml + valuesSchema: + openAPIv3: + additionalProperties: false + properties: + admission_controller: + additionalProperties: false + description: Settings for the Admission Controller component. + properties: + replicas: + default: 1 + description: The number of replicas for the Admission Controller. In + order to enable high availability, it should be at least 3 (2 is not + permitted). + minimum: 1 + type: integer + type: object + background_controller: + additionalProperties: false + description: Settings for the Background Controller component. + properties: + replicas: + default: 1 + description: The number of replicas for the Background Controller. In + order to enable high availability, it should be greater than 1. + minimum: 1 + type: integer + type: object + ca_cert_data: + default: "" + description: PEM-encoded certificate data to trust TLS connections with + a custom CA. + type: string + cleanup_controller: + additionalProperties: false + description: Settings for the Cleanup Controller component. + properties: + replicas: + default: 1 + description: The number of replicas for the Cleanup Controller. In order + to enable high availability, it should be greater than 1. + minimum: 1 + type: integer + type: object + logging: + additionalProperties: false + description: Settings for logging. + properties: + encoding: + default: text + description: 'Log encoding format. Options: `text`, `json`.' + enum: + - text + - json + type: string + level: + default: 2 + description: Number of the log level verbosity (from `1` to `6`). + maximum: 6 + minimum: 1 + type: integer + type: object + metrics: + additionalProperties: false + description: Settings for metrics via Prometheus or OpenTelemetry. + properties: + collector: + default: "" + description: The endpoint where the OpenTelemetry-based collector receives + telemetry data. + type: string + type: + default: prometheus + description: Whether to use OpenTelemetry (`grpc`) or Prometheus (`prometheus`) + for exporting metrics. + enum: + - grpc + - prometheus + type: string + type: object + optional_components: + additionalProperties: false + description: Settings for which Kyverno optional components to deploy. + properties: + background_controller: + default: true + description: Whether to deploy the Background Controller, responsible + for processing of generate and mutate-existing rules. + type: boolean + cleanup_controller: + default: true + description: Whether to deploy the Cleanup Controller, responsible for + processing `CleanupPolicy` resources. + type: boolean + reports_controller: + default: true + description: Whether to deploy the Reports Controller, responsible for + handling `PolicyReport` resources. + type: boolean + type: object + proxy: + additionalProperties: false + description: Settings for the corporate proxy. + properties: + http_proxy: + default: "" + description: The HTTP proxy to use for network traffic. + type: string + https_proxy: + default: "" + description: The HTTPS proxy to use for network traffic. + type: string + no_proxy: + default: "" + description: A comma-separated list of hostnames, IP addresses, or IP + ranges in CIDR format that should not use the proxy. + type: string + type: object + reports_controller: + additionalProperties: false + description: Settings for the Reports Controller component. + properties: + replicas: + default: 1 + description: The number of replicas for the Reports Controller. In order + to enable high availability, it should be greater than 1. + minimum: 1 + type: integer + type: object + tracing: + additionalProperties: false + description: Settings for tracing via OpenTelemetry. + properties: + ca_cert_secret: + default: "" + description: The Secret containing the certificate which is used by + the Opentelemetry Tracing Client. If empty string is set, an insecure + connection will be used. + type: string + enabled: + default: false + description: Whether to configure Kyverno to export OpenTelemetry traces + to a distributed tracing backend. + type: boolean + endpoint: + default: "" + description: The endpoint where the distributed tracing backend accepts + OpenTelemetry traces. + type: string + port: + default: 4317 + description: The port exposed by the distributed tracing backend to + accept OpenTelemetry traces. + type: integer + type: object + type: object + version: 1.15.0 From 17adf788b3ba163bd28f0c7c83f84f656276256c Mon Sep 17 00:00:00 2001 From: Thomas Vitale Date: Thu, 14 Aug 2025 19:26:21 +0200 Subject: [PATCH 06/18] Update Workspace Provisioner metadata and add version 0.4.0 (#495) Co-authored-by: github-actions --- .../0.4.0.yml | 115 ++++++++++++++++++ 1 file changed, 115 insertions(+) create mode 100644 repo/packages/workspace-provisioner.packages.kadras.io/0.4.0.yml diff --git a/repo/packages/workspace-provisioner.packages.kadras.io/0.4.0.yml b/repo/packages/workspace-provisioner.packages.kadras.io/0.4.0.yml new file mode 100644 index 0000000..4cf6ff9 --- /dev/null +++ b/repo/packages/workspace-provisioner.packages.kadras.io/0.4.0.yml @@ -0,0 +1,115 @@ +apiVersion: data.packaging.carvel.dev/v1alpha1 +kind: Package +metadata: + creationTimestamp: null + name: workspace-provisioner.packages.kadras.io.0.4.0 +spec: + licenses: + - Apache 2.0 + refName: workspace-provisioner.packages.kadras.io + releaseNotes: https://github.com/kadras-io/workspace-provisioner/releases + releasedAt: "2025-08-14T17:24:09Z" + template: + spec: + deploy: + - kapp: {} + fetch: + - imgpkgBundle: + image: ghcr.io/kadras-io/workspace-provisioner@sha256:9efab8fd3c86a7e8cfd5f1cff17ab5a881a0d37b13af5e971f2e1b23ac6c2dde + template: + - ytt: + paths: + - config + - kbld: + paths: + - '-' + - .imgpkg/images.yml + valuesSchema: + openAPIv3: + additionalProperties: false + properties: + cosign: + additionalProperties: false + description: Settings for Cosign, used for signing and verifying OCI artifacts. + properties: + secret: + additionalProperties: false + description: Configuration for the Secret holding the Cosign key pair. + properties: + name: + default: "" + description: The name of the Secret holding the Cosign key pair. + type: string + namespace: + default: "" + description: The namespace of the Secret holding the Cosign key + pair. + type: string + type: object + type: object + git: + additionalProperties: false + description: Configuration to access the Git repositories used in the GitOps + workflows. + properties: + secret: + additionalProperties: false + description: Configuration for the Secret holding the Git credentials. + properties: + name: + default: "" + description: The name of the Secret holding the Git credentials. + type: string + namespace: + default: "" + description: The namespace of the Secret holding the Git credentials. + type: string + type: object + server: + default: https://github.com + description: The Git server hosting the Git repositories used in the + GitOps workflows. + type: string + type: object + namespaces: + default: [] + description: Configuration for the namespaces the platform will provision + and manage. + items: + additionalProperties: false + description: Details about the namespace to configure. + properties: + name: + default: "" + type: string + type: object + type: array + oci: + additionalProperties: false + description: Settings for accessing the OCI registry that the workspace + will use. + properties: + pull_secret: + additionalProperties: false + description: Configuration for the Secret holding the credentials to + pull images from the OCI registry. + properties: + name: + default: "" + description: The name of the Secret holding the credentials to pull + images from the OCI registry. + type: string + namespace: + default: "" + description: The namespace of the Secret holding the credentials + to pull images from the OCI registry. + type: string + type: object + type: object + service_account: + default: supply-chain + description: The `ServiceAccount` to be configured with credentials and + roles in each workspace. + type: string + type: object + version: 0.4.0 From b8fc7b1bcf7acdb58a13f10ccc733a2fe3d9e2ca Mon Sep 17 00:00:00 2001 From: Thomas Vitale Date: Thu, 14 Aug 2025 19:38:33 +0200 Subject: [PATCH 07/18] Update cert-manager metadata and add version 1.18.2 (#496) Co-authored-by: github-actions --- .../1.18.2.yml | 231 ++++++++++++++++++ 1 file changed, 231 insertions(+) create mode 100644 repo/packages/cert-manager.packages.kadras.io/1.18.2.yml diff --git a/repo/packages/cert-manager.packages.kadras.io/1.18.2.yml b/repo/packages/cert-manager.packages.kadras.io/1.18.2.yml new file mode 100644 index 0000000..5cce3c3 --- /dev/null +++ b/repo/packages/cert-manager.packages.kadras.io/1.18.2.yml @@ -0,0 +1,231 @@ +apiVersion: data.packaging.carvel.dev/v1alpha1 +kind: Package +metadata: + creationTimestamp: null + name: cert-manager.packages.kadras.io.1.18.2 +spec: + licenses: + - Apache 2.0 + refName: cert-manager.packages.kadras.io + releaseNotes: https://github.com/kadras-io/package-for-cert-manager/releases + releasedAt: "2025-08-14T17:36:11Z" + template: + spec: + deploy: + - kapp: {} + fetch: + - imgpkgBundle: + image: ghcr.io/kadras-io/package-for-cert-manager@sha256:84afdbe2e4b2d84ef5f9774b4608ffb100029c7e0a97bc0568aec9401c8c652b + template: + - ytt: + paths: + - config + - kbld: + paths: + - '-' + - .imgpkg/images.yml + valuesSchema: + openAPIv3: + additionalProperties: false + properties: + cainjector: + additionalProperties: false + description: Settings for the cainjector controller. + properties: + loglevel: + default: 2 + description: Number of the log level verbosity. + maximum: 5 + minimum: 1 + type: integer + replicas: + default: 1 + description: The number of replicas. In order to enable high availability, + 2 replicas are recommended. + minimum: 1 + type: integer + type: object + controller: + additionalProperties: false + description: Settings for the cert-manager controller. + properties: + dns01: + additionalProperties: false + description: Configures the behaviour of the ACME DNS01 challenge solver. + properties: + recursive_nameservers: + default: [] + description: Each nameserver can be either the IP address and port + of a standard recursive DNS server, or the endpoint to an RFC + 8484 DNS over HTTPS endpoint. + items: + default: "" + type: string + type: array + recursive_nameservers_only: + default: false + description: When true, cert-manager will only ever query the configured + DNS resolvers to perform the ACME DNS01 self check. This is useful + in DNS constrained environments, where access to authoritative + nameservers is restricted. Enabling this option could cause the + DNS01 self check to take longer due to caching performed by the + recursive nameservers. + type: boolean + type: object + loglevel: + default: 2 + description: Number of the log level verbosity. + maximum: 5 + minimum: 1 + type: integer + replicas: + default: 1 + description: The number of replicas. In order to enable high availability, + 2 replicas are recommended. + minimum: 1 + type: integer + type: object + leader_election: + additionalProperties: false + description: Leader election configuration for the cert-manager and cert-manager-cainjector + Deployments. + properties: + namespace: + default: kube-system + description: 'Namespace used to perform leader election. The default + namespace needs changing in environments like GKE. More information: + https://cert-manager.io/docs/installation/compatibility.' + minLength: 1 + type: string + type: object + letsencrypt: + additionalProperties: false + description: Settings for Let's Encrypt. + properties: + challenge: + additionalProperties: false + properties: + dns_provider: + default: digital_ocean + description: 'The DNS provider to use for the ACME dns01 challenge. + Valid options: `cloudflare`, `digital_ocean`.' + enum: + - cloudflare + - digital_ocean + type: string + secret: + additionalProperties: false + properties: + key: + default: "" + description: The key within the Secret that contains the credentials + needed for the dns01 challenge. + type: string + name: + default: "" + description: Name of the Secret containing the credentials needed + for the dns01 challenge. + type: string + namespace: + default: kadras-system + description: Namespace containing the Secret with the credentials + needed for the dns01 challenge. + type: string + type: object + type: + default: http01 + description: 'The type of challenge used by the ACME CA Server. + Valid options: `http01`, `dns01`.' + enum: + - http01 + - dns01 + type: string + type: object + email: + default: "" + description: The email address that Let's Encrypt will use to send info + on expiring certificates or other issues. + type: string + include: + default: false + description: Whether to include a ClusterIssuer for Let's Encrypt. + type: boolean + production: + default: false + description: Whether to use Let's Encrypt staging (recommended for non-production + environments) or production. + type: boolean + type: object + namespace: + default: cert-manager + description: The namespace in which to deploy cert-manager. + minLength: 1 + type: string + policies: + additionalProperties: false + description: Settings for the Kyverno policies. + properties: + include: + default: false + description: Whether to include the out-of-the-box Kyverno policies + to validate and secure the package installation. + type: boolean + type: object + private_pki: + additionalProperties: false + description: Settings for the built-in, private PKI + properties: + include: + default: true + description: Whether to include a ClusterIssuer for a private PKI. + type: boolean + type: object + proxy: + additionalProperties: false + description: Settings for the corporate proxy. + properties: + http_proxy: + default: "" + description: The HTTP proxy to use for network traffic. + type: string + https_proxy: + default: "" + description: The HTTPS proxy to use for network traffic. + type: string + no_proxy: + default: "" + description: A comma-separated list of hostnames, IP addresses, or IP + ranges in CIDR format that should not use the proxy. + type: string + type: object + webhook: + additionalProperties: false + description: Settings for the cert-manager webhook. + properties: + host_network: + default: false + description: 'Whether to run the webhook in the host network so that + it can be reached by the cert-manager controller in environments like + AWS EKS. More information: https://cert-manager.io/docs/installation/compatibility.' + type: boolean + loglevel: + default: 2 + description: Number of the log level verbosity. + maximum: 5 + minimum: 1 + type: integer + replicas: + default: 1 + description: The number of replicas. In order to enable high availability, + at least 3 replicas are recommended. + minimum: 1 + type: integer + secure_port: + default: 6443 + description: 'The port where the webhook is exposed. The default port + needs changing in environments like AWS EKS and AWS Fargate. More + information: https://cert-manager.io/docs/installation/compatibility.' + type: integer + type: object + type: object + version: 1.18.2 From aee01e00f9098f3f5d90aaac55df56d736f0af5d Mon Sep 17 00:00:00 2001 From: Thomas Vitale Date: Thu, 14 Aug 2025 19:44:17 +0200 Subject: [PATCH 08/18] Update Flux metadata and add version 2.6.4 (#497) Co-authored-by: github-actions --- .../flux.packages.kadras.io/2.6.4.yml | 107 ++++++++++++++++++ 1 file changed, 107 insertions(+) create mode 100644 repo/packages/flux.packages.kadras.io/2.6.4.yml diff --git a/repo/packages/flux.packages.kadras.io/2.6.4.yml b/repo/packages/flux.packages.kadras.io/2.6.4.yml new file mode 100644 index 0000000..105657e --- /dev/null +++ b/repo/packages/flux.packages.kadras.io/2.6.4.yml @@ -0,0 +1,107 @@ +apiVersion: data.packaging.carvel.dev/v1alpha1 +kind: Package +metadata: + creationTimestamp: null + name: flux.packages.kadras.io.2.6.4 +spec: + licenses: + - Apache 2.0 + refName: flux.packages.kadras.io + releaseNotes: https://github.com/kadras-io/package-for-flux/releases + releasedAt: "2025-08-14T17:42:46Z" + template: + spec: + deploy: + - kapp: {} + fetch: + - imgpkgBundle: + image: ghcr.io/kadras-io/package-for-flux@sha256:71304d88eb8251a0db355dc64676d7fd5c1c738d57a3d52b20662e1f0e108d5a + template: + - ytt: + paths: + - config + - kbld: + paths: + - '-' + - .imgpkg/images.yml + valuesSchema: + openAPIv3: + additionalProperties: false + properties: + logging: + additionalProperties: false + description: Settings for logging. + properties: + encoding: + default: json + description: 'Log encoding format. Options: `console`, `json`.' + enum: + - console + - json + type: string + level: + default: info + description: 'Log verbosity level. Options: `trace`, `debug`, `info`, + `error`.' + enum: + - trace + - debug + - info + - error + type: string + type: object + optional_components: + additionalProperties: false + description: Settings for which Flux optional components to deploy. + properties: + helm_controller: + default: false + description: Whether to deploy the Helm Controller. + type: boolean + image_automation_controller: + default: false + description: Whether to deploy the Image Automation Controller. + type: boolean + image_reflector_controller: + default: false + description: Whether to deploy the Image Reflector Controller. + type: boolean + kustomize_controller: + default: true + description: Whether to deploy the Kustomize Controller. + type: boolean + notification_controller: + default: false + description: Whether to deploy the Notification Controller. + type: boolean + type: object + policies: + additionalProperties: false + description: Settings for the Kyverno policies. + properties: + include: + default: false + description: Whether to include the out-of-the-box Kyverno policies + to validate and secure the package installation. + type: boolean + type: object + proxy: + additionalProperties: false + description: Settings for the corporate proxy. + properties: + http_proxy: + default: "" + description: The HTTP proxy to use for network traffic. + type: string + https_proxy: + default: "" + description: The HTTPS proxy to use for network traffic. + type: string + no_proxy: + default: "" + description: A comma-separated list of hostnames, IP addresses, or IP + ranges in CIDR format that should not use the proxy. + type: string + type: object + type: object + version: 2.6.4 From ff368c0cfc1b91dbb3d5806858006a35cca77d31 Mon Sep 17 00:00:00 2001 From: Thomas Vitale Date: Thu, 14 Aug 2025 19:46:49 +0200 Subject: [PATCH 09/18] Update Metrics Server metadata and add version 0.8.0 (#498) Co-authored-by: github-actions --- .../0.8.0.yml | 148 ++++++++++++++++++ 1 file changed, 148 insertions(+) create mode 100644 repo/packages/metrics-server.packages.kadras.io/0.8.0.yml diff --git a/repo/packages/metrics-server.packages.kadras.io/0.8.0.yml b/repo/packages/metrics-server.packages.kadras.io/0.8.0.yml new file mode 100644 index 0000000..10b6dd8 --- /dev/null +++ b/repo/packages/metrics-server.packages.kadras.io/0.8.0.yml @@ -0,0 +1,148 @@ +apiVersion: data.packaging.carvel.dev/v1alpha1 +kind: Package +metadata: + creationTimestamp: null + name: metrics-server.packages.kadras.io.0.8.0 +spec: + licenses: + - Apache 2.0 + refName: metrics-server.packages.kadras.io + releaseNotes: https://github.com/kadras-io/package-for-metrics-server/releases + releasedAt: "2025-08-14T17:45:10Z" + template: + spec: + deploy: + - kapp: {} + fetch: + - imgpkgBundle: + image: ghcr.io/kadras-io/package-for-metrics-server@sha256:907424062bd661d214af87933d935b36b2a8d4a7d36d640c26a1dda0c0aeb271 + template: + - ytt: + paths: + - config + - kbld: + paths: + - '-' + - .imgpkg/images.yml + valuesSchema: + openAPIv3: + additionalProperties: false + properties: + daemonset: + additionalProperties: false + properties: + updateStrategy: + default: null + description: Update strategy of daemonsets + nullable: true + type: string + type: object + deployment: + additionalProperties: false + properties: + rollingUpdate: + additionalProperties: false + properties: + maxSurge: + default: null + description: The maxSurge of rollingUpdate. Applied only if RollingUpdate + is used as updateStrategy + nullable: true + type: integer + maxUnavailable: + default: null + description: The maxUnavailable of rollingUpdate. Applied only if + RollingUpdate is used as updateStrategy + nullable: true + type: integer + type: object + updateStrategy: + default: null + description: Update strategy of deployments + nullable: true + type: string + type: object + metricsServer: + additionalProperties: false + properties: + config: + additionalProperties: false + properties: + apiServiceInsecureTLS: + default: true + description: Whether to enable insecure TLS for metrics-server api + service + type: boolean + args: + default: [] + description: Arguments passed into metrics-server container + items: + default: "" + type: string + type: array + probe: + additionalProperties: false + properties: + failureThreshold: + default: 3 + description: Probe failureThreshold of metrics-server deployment + type: integer + periodSeconds: + default: 10 + description: Probe period of metrics-server deployment + type: integer + type: object + securePort: + default: 4443 + description: The HTTPS secure port used by metrics-server + type: integer + tolerations: + default: [] + description: Metrics-server deployment tolerations + nullable: true + updateStrategy: + default: RollingUpdate + description: The update strategy of the metrics-server deployment + type: string + type: object + createNamespace: + default: true + description: Whether to create namespace specified for metrics-server + type: boolean + image: + additionalProperties: false + properties: + name: + default: "" + description: The path of image + type: string + pullPolicy: + default: IfNotPresent + description: The pull policy of image + type: string + repository: + default: "" + description: The repository of metrics-server image + type: string + tag: + default: "" + description: The image tag + type: string + type: object + namespace: + default: null + description: The namespace value used by older templates, will be overwriten + if top level namespace is present, kept for backward compatibility + nullable: true + type: string + type: object + namespace: + default: kube-system + description: The namespace in which metrics-server is deployed + type: string + nodeSelector: + default: null + description: NodeSelector configuration applied to all the deployments + nullable: true + type: object + version: 0.8.0 From 653ba7fc13ad1e4eb7a53dc7d154235299d4975c Mon Sep 17 00:00:00 2001 From: Thomas Vitale Date: Thu, 14 Aug 2025 19:55:36 +0200 Subject: [PATCH 10/18] Update PostgreSQL Operator metadata and add version 1.27.0 (#499) Co-authored-by: github-actions --- .../1.27.0.yml | 31 +++++++++++++++++++ 1 file changed, 31 insertions(+) create mode 100644 repo/packages/postgresql-operator.packages.kadras.io/1.27.0.yml diff --git a/repo/packages/postgresql-operator.packages.kadras.io/1.27.0.yml b/repo/packages/postgresql-operator.packages.kadras.io/1.27.0.yml new file mode 100644 index 0000000..054ae8e --- /dev/null +++ b/repo/packages/postgresql-operator.packages.kadras.io/1.27.0.yml @@ -0,0 +1,31 @@ +apiVersion: data.packaging.carvel.dev/v1alpha1 +kind: Package +metadata: + creationTimestamp: null + name: postgresql-operator.packages.kadras.io.1.27.0 +spec: + licenses: + - Apache 2.0 + refName: postgresql-operator.packages.kadras.io + releaseNotes: https://github.com/kadras-io/package-for-postgresql-operator/releases + releasedAt: "2025-08-14T17:53:47Z" + template: + spec: + deploy: + - kapp: {} + fetch: + - imgpkgBundle: + image: ghcr.io/kadras-io/package-for-postgresql-operator@sha256:7ba0b9f3ab4414eecd25540f29d5176abd8290c2850c3c85115c78ea2d9b25b8 + template: + - ytt: + paths: + - config + - kbld: + paths: + - '-' + - .imgpkg/images.yml + valuesSchema: + openAPIv3: + default: null + nullable: true + version: 1.27.0 From 17f0b06fd3db02b77df93f16100e991d877b5e3a Mon Sep 17 00:00:00 2001 From: Thomas Vitale Date: Thu, 14 Aug 2025 20:02:18 +0200 Subject: [PATCH 11/18] Update RabbitMQ Operator metadata and add version 2.16.0 (#500) Co-authored-by: github-actions --- .../2.16.0.yml | 44 +++++++++++++++++++ 1 file changed, 44 insertions(+) create mode 100644 repo/packages/rabbitmq-operator.packages.kadras.io/2.16.0.yml diff --git a/repo/packages/rabbitmq-operator.packages.kadras.io/2.16.0.yml b/repo/packages/rabbitmq-operator.packages.kadras.io/2.16.0.yml new file mode 100644 index 0000000..25f9a79 --- /dev/null +++ b/repo/packages/rabbitmq-operator.packages.kadras.io/2.16.0.yml @@ -0,0 +1,44 @@ +apiVersion: data.packaging.carvel.dev/v1alpha1 +kind: Package +metadata: + creationTimestamp: null + name: rabbitmq-operator.packages.kadras.io.2.16.0 +spec: + licenses: + - Apache 2.0 + refName: rabbitmq-operator.packages.kadras.io + releaseNotes: https://github.com/kadras-io/package-for-rabbitmq-operator/releases + releasedAt: "2025-08-14T17:59:56Z" + template: + spec: + deploy: + - kapp: {} + fetch: + - imgpkgBundle: + image: ghcr.io/kadras-io/package-for-rabbitmq-operator@sha256:8b6e5549a49b6ec947878770d4fa317c1f90a12b655db7c838cf84df9e6f0b11 + template: + - ytt: + paths: + - config + - kbld: + paths: + - '-' + - .imgpkg/images.yml + valuesSchema: + openAPIv3: + additionalProperties: false + properties: + logging: + additionalProperties: false + description: Logging configuration. + properties: + level: + default: info + description: The Operator log level. Valid options are `info` and `debug`. + enum: + - info + - debug + type: string + type: object + type: object + version: 2.16.0 From 91bf5d6965a2a5cf8b42c92632b74607ee750b09 Mon Sep 17 00:00:00 2001 From: Thomas Vitale Date: Thu, 14 Aug 2025 20:09:39 +0200 Subject: [PATCH 12/18] Update Dependency Track metadata and add version 4.13.3 (#501) Co-authored-by: github-actions --- .../4.13.3.yml | 211 ++++++++++++++++++ 1 file changed, 211 insertions(+) create mode 100644 repo/packages/dependency-track.packages.kadras.io/4.13.3.yml diff --git a/repo/packages/dependency-track.packages.kadras.io/4.13.3.yml b/repo/packages/dependency-track.packages.kadras.io/4.13.3.yml new file mode 100644 index 0000000..2635b0c --- /dev/null +++ b/repo/packages/dependency-track.packages.kadras.io/4.13.3.yml @@ -0,0 +1,211 @@ +apiVersion: data.packaging.carvel.dev/v1alpha1 +kind: Package +metadata: + creationTimestamp: null + name: dependency-track.packages.kadras.io.4.13.3 +spec: + licenses: + - Apache 2.0 + refName: dependency-track.packages.kadras.io + releaseNotes: https://github.com/kadras-io/package-for-dependency-track/releases + releasedAt: "2025-08-14T18:07:53Z" + template: + spec: + deploy: + - kapp: {} + fetch: + - imgpkgBundle: + image: ghcr.io/kadras-io/package-for-dependency-track@sha256:7e997d3514792da849ef9ad483ee574f34de4f19115d0c4395f81690f55d8015 + template: + - ytt: + paths: + - config + - kbld: + paths: + - '-' + - .imgpkg/images.yml + valuesSchema: + openAPIv3: + additionalProperties: false + properties: + api_server: + additionalProperties: false + description: Settings for the API Server component. + properties: + logging: + additionalProperties: false + description: Settings for logging. + properties: + format: + default: console + description: 'Log encoding format. Options: `console`, `json`.' + enum: + - console + - json + type: string + level: + default: info + description: 'Log verbosity level. Options: `trace`, `debug`, `info`, + `warn`, `error`.' + enum: + - trace + - debug + - info + - warn + - error + type: string + type: object + metrics: + additionalProperties: false + description: Settings for metrics. + properties: + enabled: + default: true + description: Whether to enable the generation of Prometheus metrics. + type: boolean + type: object + resources: + additionalProperties: false + description: Resource configuration for the API Server component. + properties: + limits: + additionalProperties: false + properties: + cpu: + default: "4" + description: CPU limits configuration for the API Server component. + type: string + memory: + default: 5Gi + description: Memory limits configuration for the API Server + component. + type: string + type: object + requests: + additionalProperties: false + properties: + cpu: + default: "0.5" + description: CPU requests configuration for the API Server component. + type: string + memory: + default: 5Gi + description: Memory requests configuration for the API Server + component. + type: string + type: object + type: object + storage: + additionalProperties: false + description: Storage configuration for the API Server component. + properties: + class_name: + default: "" + description: Class name for the PersistenceVolume to create. + type: string + size: + default: 1Gi + description: Size of the PersistenceVolume to create. + type: string + type: object + type: object + domain_name: + default: "" + description: Domain name for Dependency Track. It must be a valid DNS name. + minLength: 4 + type: string + frontend: + additionalProperties: false + description: Settings for the Frontend component. + properties: + replicas: + default: 1 + description: The number of Frontend replicas. In order to enable high + availability, it should be greater than 1. + minimum: 1 + type: integer + resources: + additionalProperties: false + description: Resource configuration for the Frontend component. + properties: + limits: + additionalProperties: false + properties: + cpu: + default: 500m + description: CPU limits configuration for the Frontend component. + type: string + memory: + default: 128Mi + description: Memory limits configuration for the Frontend component. + type: string + type: object + requests: + additionalProperties: false + properties: + cpu: + default: 150m + description: CPU requests configuration for the Frontend component. + type: string + memory: + default: 64Mi + description: Memory requests configuration for the Frontend + component. + type: string + type: object + type: object + type: object + ingress_issuer: + default: "" + description: A reference to the ClusterIssuer to use for enabling TLS in + Dependency Track. + example: kadras-ca-issuer + minLength: 4 + type: string + x-example-description: Kadras private CA + postgresql: + additionalProperties: false + description: Settings for the PostgreSQL database. + properties: + instances: + default: 1 + description: Number of instances for the PostgreSQL database cluster. + Define at least 3 for production scenarios. + minimum: 1 + type: integer + storage: + additionalProperties: false + description: Storage configuration for each PostgreSQL instance. + properties: + size: + default: 1Gi + description: Size of the PersistenceVolume to create for each PostgreSQL + instance. + type: string + type: object + type: object + proxy: + additionalProperties: false + description: Settings for the corporate proxy. + properties: + http_proxy: + default: "" + description: The HTTP proxy to use for network traffic. + type: string + https_proxy: + default: "" + description: The HTTPS proxy to use for network traffic. + type: string + no_proxy: + default: "" + description: A comma-separated list of hostnames, IP addresses, or IP + ranges in CIDR format that should not use the proxy. + type: string + type: object + system_requirement_check: + default: true + description: Whether Dependency Track will check for memory and CPU requirements + at startup time. + type: boolean + type: object + version: 4.13.3 From 5981ae273963377e14427955c7b23aad567a1785 Mon Sep 17 00:00:00 2001 From: Thomas Vitale Date: Thu, 14 Aug 2025 20:22:55 +0200 Subject: [PATCH 13/18] Update Tempo Operator metadata and add version 0.17.1 (#502) Co-authored-by: github-actions --- .../0.17.1.yml | 293 ++++++++++++++++++ 1 file changed, 293 insertions(+) create mode 100644 repo/packages/tempo-operator.packages.kadras.io/0.17.1.yml diff --git a/repo/packages/tempo-operator.packages.kadras.io/0.17.1.yml b/repo/packages/tempo-operator.packages.kadras.io/0.17.1.yml new file mode 100644 index 0000000..3d610f9 --- /dev/null +++ b/repo/packages/tempo-operator.packages.kadras.io/0.17.1.yml @@ -0,0 +1,293 @@ +apiVersion: data.packaging.carvel.dev/v1alpha1 +kind: Package +metadata: + creationTimestamp: null + name: tempo-operator.packages.kadras.io.0.17.1 +spec: + licenses: + - Apache 2.0 + refName: tempo-operator.packages.kadras.io + releaseNotes: https://github.com/kadras-io/package-for-tempo-operator/releases + releasedAt: "2025-08-14T18:19:45Z" + template: + spec: + deploy: + - kapp: {} + fetch: + - imgpkgBundle: + image: ghcr.io/kadras-io/package-for-tempo-operator@sha256:3af49f0336f722e4e8cb9adbb0b48e0c821178e1fbf04cde0ce87621ccf62f57 + template: + - ytt: + paths: + - config + - kbld: + paths: + - '-' + - .imgpkg/images.yml + valuesSchema: + openAPIv3: + additionalProperties: false + properties: + configMapData: + default: {} + description: The YAML contents of the `tempo-operator-manager-config` ConfigMap. + See https://github.com/grafana/tempo-operator/blob/main/docs/operator/config.yaml + for more information. + nullable: true + controller: + additionalProperties: false + description: Settings for the Tempo Operator controller. + properties: + replicas: + default: 1 + description: The number of replicas for this Deployment. In order to + enable high availability, it should be greater than 1. + minimum: 1 + type: integer + type: object + tempo: + additionalProperties: false + description: Settings for Tempo. + properties: + extraConfig: + default: {} + description: Additional configuration for Tempo that will be merged + with the one generated by the Operator. It has higher precedence than + the Operator. + nullable: true + jaegerui: + additionalProperties: false + description: Settings for Jaeger UI. + properties: + enabled: + default: false + description: Whether to enable the Jaeger UI to visualize traces. + type: boolean + type: object + namespace: + default: default + description: Namespace where to provision a Tempo installation, stack + or monolithic. + type: string + observability: + additionalProperties: false + description: Settings for observability. + properties: + grafana: + additionalProperties: false + properties: + createDatasource: + default: false + description: Whether a Datasource managed by Grafana Operator + should be created for Tempo. + type: boolean + type: object + metrics: + additionalProperties: false + properties: + createPrometheusRules: + default: false + description: Whether PrometheusRules for alerts managed by Prometheus + Operator should be created for Tempo. + type: boolean + createServiceMonitors: + default: false + description: Whether ServiceMonitors managed by Prometheus Operator + should be created for Tempo. + type: boolean + type: object + tracing: + additionalProperties: false + properties: + otlpHttpEndpoint: + default: "" + description: The OTLP HTTP endpoint where to send traces. Only + for TempoStack. + type: string + samplingFraction: + default: "" + description: Sampling frequence for Tempo traces. Only for TempoStack. + type: string + type: object + type: object + resources: + additionalProperties: false + description: Settings for total resources. + properties: + limits: + additionalProperties: false + properties: + cpu: + default: 750m + type: string + memory: + default: 2Gi + type: string + type: object + requests: + additionalProperties: false + properties: + cpu: + default: 500m + type: string + memory: + default: 1Gi + type: string + type: object + type: object + storage: + additionalProperties: false + description: Settings for storage. + properties: + backend: + additionalProperties: false + description: Tracing backend object storage configuration. + properties: + secret: + additionalProperties: false + properties: + name: + default: "" + description: Name of the Secret containing the credentials + to access the configured object storage. + type: string + namespace: + default: kadras-system + description: Namespace containing the Secret with the credentials + to access the configured object storage. + type: string + type: object + type: + default: memory + description: 'Type of object storage that should be used. Valid + options: `azure`, `gcs`, `s3`, `memory` (only for TempoMonolithic).' + enum: + - azure + - gcs + - s3 + - memory + type: string + type: object + size: + default: 10Gi + description: The size of the storage used by Tempo. + type: string + type: object + tempoMonolithic: + additionalProperties: false + description: Settings for the built-in TempoMonolithic instance. + properties: + enabled: + default: false + description: Whether to deploy the built-in TempoMonolithic instance. + type: boolean + type: object + tempoStack: + additionalProperties: false + description: Settings for the built-in TempoStack instance. + properties: + compactor: + additionalProperties: false + description: Settings for the Tempo Compactor. + properties: + replicas: + default: 1 + description: Number of replicas to deploy for the Compactor + component. In order to enable high availability, it should + be greater than 1. + type: integer + type: object + distributor: + additionalProperties: false + description: Settings for the Tempo Distributor. + properties: + replicas: + default: 1 + description: Number of replicas to deploy for the Distributor + component. In order to enable high availability, it should + be greater than 1. + type: integer + type: object + enabled: + default: false + description: Whether to deploy the built-in TempoStack instance. + type: boolean + gateway: + additionalProperties: false + description: Settings for the Tempo Gateway. + properties: + enabled: + default: false + description: Whether to enable the Tempo Gateway. + type: boolean + ingress: + additionalProperties: false + description: Ingress for the Tempo Gateway. + properties: + annotations: + additionalProperties: false + description: The annotations for the Ingress object. + properties: {} + type: object + host: + default: "" + description: The hostname of the Ingress object. + type: string + ingressClassName: + default: contour + description: The class of the Ingress Controller to use + for the Tempo Gateway. + type: string + type: + default: null + description: 'Type of Ingress for the Tempo Gateway. Valid + options: `ingress`, `route`.' + enum: + - ingress + - route + nullable: true + type: string + type: object + type: object + ingester: + additionalProperties: false + description: Settings for the Tempo Ingester. + properties: + podSecurityContext: + additionalProperties: false + description: PodSecurityContext for the Ingester component. + properties: {} + type: object + replicas: + default: 1 + description: Number of replicas to deploy for the Ingester component. + In order to enable high availability, it should be greater + than 1. + type: integer + type: object + querier: + additionalProperties: false + description: Settings for the Tempo Querier. + properties: + replicas: + default: 1 + description: Number of replicas to deploy for the Querier component. + In order to enable high availability, it should be greater + than 1. + type: integer + type: object + queryFrontend: + additionalProperties: false + description: Settings for the Tempo Query Frontend. + properties: + replicas: + default: 1 + description: Number of replicas to deploy for the Query Frontend + component. In order to enable high availability, it should + be greater than 1. + type: integer + type: object + type: object + type: object + type: object + version: 0.17.1 From 58a1ad113baca98d97a8e98ea38ba0bc319a455f Mon Sep 17 00:00:00 2001 From: Thomas Vitale Date: Thu, 14 Aug 2025 21:59:16 +0200 Subject: [PATCH 14/18] Update Knative Serving metadata and add version 1.19.0 (#503) Co-authored-by: github-actions --- .../1.19.0.yml | 310 ++++++++++++++++++ 1 file changed, 310 insertions(+) create mode 100644 repo/packages/knative-serving.packages.kadras.io/1.19.0.yml diff --git a/repo/packages/knative-serving.packages.kadras.io/1.19.0.yml b/repo/packages/knative-serving.packages.kadras.io/1.19.0.yml new file mode 100644 index 0000000..7cfbbb5 --- /dev/null +++ b/repo/packages/knative-serving.packages.kadras.io/1.19.0.yml @@ -0,0 +1,310 @@ +apiVersion: data.packaging.carvel.dev/v1alpha1 +kind: Package +metadata: + creationTimestamp: null + name: knative-serving.packages.kadras.io.1.19.0 +spec: + capacityRequirementsDescription: For prototyping purposes, one-node cluster that + has at least 3 CPUs and 4 GB of memory. For production purposes, if you have only + one node, at least 6 CPUs, 6 GB of memory, and 30 GB of disk storage. If you have + multiple nodes, for each node at least 2 CPUs, 4 GB of memory, and 20 GB of disk + storage. + licenses: + - Apache 2.0 + refName: knative-serving.packages.kadras.io + releaseNotes: https://github.com/kadras-io/package-for-knative-serving/releases + releasedAt: "2025-08-14T19:57:25Z" + template: + spec: + deploy: + - kapp: + rawOptions: + - --wait-timeout=5m + fetch: + - imgpkgBundle: + image: ghcr.io/kadras-io/package-for-knative-serving@sha256:d722be4e836dcd0eca222196d795e92a3f51e6c3b0357011e7ce2ece425f424a + template: + - ytt: + paths: + - config + - kbld: + paths: + - '-' + - .imgpkg/images.yml + valuesSchema: + openAPIv3: + additionalProperties: false + properties: + ca_cert_data: + default: "" + description: PEM-encoded certificate data to trust TLS connections with + a custom CA. + type: string + config: + additionalProperties: false + description: Settings for the Knative Serving ConfigMaps. + properties: + deployment: + additionalProperties: false + description: Deployment configuration stored in the `config-deployment` + ConfigMap. + properties: + progress-deadline: + default: 600s + description: The duration to wait for the deployment to be ready + before considering it failed. + type: string + queue-sidecar-cpu-limit: + default: 1000m + description: The queue proxy's CPU limit. If omitted, a default + value (currently `1000m`), is used when `queueproxy.resource-defaults` + is set to `Enabled`. + type: string + queue-sidecar-cpu-request: + default: 25m + description: The queue proxy's CPU request. If omitted, a default + value (currently '25m'), is used. + type: string + queue-sidecar-memory-limit: + default: 200Mi + description: The queue proxy's memory limit. If omitted, a default + value (currently `800Mi`), is used when `queueproxy.resource-defaults` + is set to `Enabled`. + type: string + queue-sidecar-memory-request: + default: 50Mi + description: The queue proxy's memory request. If omitted, a default + value (currently `400Mi`), is used when `queueproxy.resource-defaults` + is set to `Enabled`. + type: string + type: object + network: + additionalProperties: false + description: Network configuration stored in the `config-network` ConfigMap. + properties: + default-external-scheme: + default: http + description: Defines the scheme used for external URLs if autoTLS + is not enabled. This can be used for making Knative report all + URLs as `https`, for example, if you're fronting Knative with + an external loadbalancer that deals with TLS termination and Knative + doesn't know about that otherwise. + enum: + - http + - https + type: string + domain-template: + default: '{{.Name}}.{{.Namespace}}.{{.Domain}}' + description: The golang text template string to use when constructing + the Knative Service's DNS name. + type: string + http-protocol: + default: Redirected + description: 'Controls the behavior of the HTTP endpoint for the + Knative ingress. `Enabled`: The Knative ingress will be able to + serve HTTP connection. `Redirected`: The Knative ingress will + send a 301 redirect for all http connections, asking the clients + to use HTTPS.' + enum: + - Enabled + - Redirected + type: string + namespace-wildcard-cert-selector: + default: "" + description: A LabelSelector which determines which namespaces should + have a wildcard certificate provisioned. + type: string + rollout-duration: + default: 0 + description: The minimal duration in seconds over which the Configuration + traffic targets are rolled out to the newest revision. + minimum: 0 + type: integer + type: object + tracing: + additionalProperties: false + description: Network configuration stored in the `config-tracing` ConfigMap. + properties: + backend: + default: none + description: The type of distributed tracing backend. + enum: + - zipkin + - none + type: string + debug: + default: "false" + description: Enable the Zipkin debug mode. This allows all spans + to be sent to the server bypassing sampling. + enum: + - "true" + - "false" + type: string + sample-rate: + default: "0.1" + description: The percentage (0-1) of requests to trace. + maxLength: 3 + minLength: 1 + type: string + zipkin-endpoint: + default: http://tempo.observability-system.svc.cluster.local:9411/api/v2/spans + description: The Zipkin collector endpoint where traces are sent. + type: string + type: object + type: object + domain_name: + default: "" + description: Domain name for Knative Services. It must be a valid DNS name. + Stored in the `config-domain` ConfigMap. + minLength: 4 + type: string + ingress: + additionalProperties: false + description: Settings for the Ingress controller. + properties: + contour: + additionalProperties: false + description: Ingress configuration stored in the `config-contour` ConfigMap. + properties: + default-tls-secret: + default: "" + description: If auto-TLS is disabled, fallback to this certificate. + An operator is required to setup a TLSCertificateDelegation for + this Secret to be used. + type: string + external: + additionalProperties: false + description: Configuration for the external Ingress controller + properties: + namespace: + default: projectcontour + description: The namespace where the external Ingress controller + is installed. + minLength: 1 + type: string + type: object + internal: + additionalProperties: false + description: Configuration for the internal Ingress controller + properties: + namespace: + default: projectcontour + description: The namespace where the internal Ingress controller + is installed. + minLength: 1 + type: string + type: object + type: object + type: object + ingress_issuer: + default: "" + description: A reference to the ClusterIssuer to use if you want to enable + autoTLS. Stored in the `config-certmanager` ConfigMap. + example: kadras-ca-issuer + type: string + x-example-description: Kadras private CA + min_kubernetes_version: + default: "" + description: The minimum Kubernetes version that this package will accept + as valid. If not set, Knative Serving will accept the last 3 minor versions + of Kubernetes. + type: string + policies: + additionalProperties: false + description: Settings for the Kyverno policies. + properties: + include: + default: false + description: Whether to include the out-of-the-box Kyverno policies + to validate and secure the package installation. + type: boolean + type: object + proxy: + additionalProperties: false + description: Settings for the corporate proxy. + properties: + http_proxy: + default: "" + description: The HTTP proxy to use for network traffic. + type: string + https_proxy: + default: "" + description: The HTTPS proxy to use for network traffic. + type: string + no_proxy: + default: "" + description: A comma-separated list of hostnames, IP addresses, or IP + ranges in CIDR format that should not use a proxy. + type: string + type: object + workloads: + additionalProperties: false + description: Settings for the Knative Serving workloads. + properties: + activator: + additionalProperties: false + properties: + minReplicas: + default: 1 + description: The minimum number of replicas as controlled by a HorizontalPodAutoscaler. + In order to enable high availability, it should be greater than + 1. + maximum: 20 + minimum: 1 + type: integer + type: object + autoscaler: + additionalProperties: false + properties: + replicas: + default: 1 + description: The number of replicas for this Deployment. In order + to enable high availability, it should be greater than 1. + minimum: 1 + type: integer + type: object + controller: + additionalProperties: false + properties: + replicas: + default: 1 + description: The number of replicas for this Deployment. In order + to enable high availability, it should be greater than 1. + minimum: 1 + type: integer + type: object + domain_mapping: + additionalProperties: false + properties: + replicas: + default: 1 + description: The number of replicas for this Deployment. In order + to enable high availability, it should be greater than 1. + minimum: 1 + type: integer + type: object + domain_mapping_webhook: + additionalProperties: false + properties: + replicas: + default: 1 + description: The number of replicas for this Deployment. In order + to enable high availability, it should be greater than 1. + minimum: 1 + type: integer + type: object + webhook: + additionalProperties: false + properties: + minReplicas: + default: 1 + description: The minimum number of replicas as controlled by a HorizontalPodAutoscaler. + In order to enable high availability, it should be greater than + 1. + maximum: 5 + minimum: 1 + type: integer + type: object + type: object + type: object + version: 1.19.0 From 95609c99ea852650e52d6918cc5359c105f10af5 Mon Sep 17 00:00:00 2001 From: Thomas Vitale Date: Thu, 14 Aug 2025 22:05:50 +0200 Subject: [PATCH 15/18] Update Crossplane metadata and add version 2.0.2 (#504) Co-authored-by: github-actions --- .../crossplane.packages.kadras.io/2.0.2.yml | 487 ++++++++++++++++++ 1 file changed, 487 insertions(+) create mode 100644 repo/packages/crossplane.packages.kadras.io/2.0.2.yml diff --git a/repo/packages/crossplane.packages.kadras.io/2.0.2.yml b/repo/packages/crossplane.packages.kadras.io/2.0.2.yml new file mode 100644 index 0000000..2d66683 --- /dev/null +++ b/repo/packages/crossplane.packages.kadras.io/2.0.2.yml @@ -0,0 +1,487 @@ +apiVersion: data.packaging.carvel.dev/v1alpha1 +kind: Package +metadata: + creationTimestamp: null + name: crossplane.packages.kadras.io.2.0.2 +spec: + refName: crossplane.packages.kadras.io + releasedAt: "2025-08-14T20:03:47Z" + template: + spec: + deploy: + - kapp: + intoNs: crossplane-system + fetch: + - imgpkgBundle: + image: ghcr.io/kadras-io/package-for-crossplane@sha256:764e5de98ade05c75454843952d324a9a7aa66c5e27be8930d9e29d144c36bf7 + template: + - helmTemplate: + name: crossplane + namespace: crossplane-system + path: config/helm/upstream/crossplane + valuesFrom: + - path: config/helm/values.yml + - ytt: + ignoreUnknownComments: true + paths: + - '-' + - config/carvel + - kbld: + paths: + - '-' + - .imgpkg/images.yml + valuesSchema: + openAPIv3: + properties: + affinity: + default: {} + description: Add `affinities` to the Crossplane pod deployment. + type: object + args: + default: [] + description: Add custom arguments to the Crossplane pod. + items: {} + type: array + configuration: + properties: + packages: + default: [] + description: A list of Configuration packages to install. + items: {} + type: array + type: object + customAnnotations: + default: {} + description: Add custom `annotations` to the Crossplane pod deployment. + type: object + customLabels: + default: {} + description: Add custom `labels` to the Crossplane pod deployment. + type: object + deploymentStrategy: + default: RollingUpdate + description: The deployment strategy for the Crossplane and RBAC Manager + pods. + type: string + dnsPolicy: + default: "" + description: Specify the `dnsPolicy` to be used by the Crossplane pod. + type: string + extraEnvVarsCrossplane: + default: {} + description: Add custom environmental variables to the Crossplane pod deployment + application container. Replaces any `.` in a variable name with `_`. For + example, `SAMPLE.KEY=value1` becomes `SAMPLE_KEY=value1`. + type: object + extraEnvVarsCrossplaneInit: + default: {} + description: Add custom environmental variables to the Crossplane pod deployment + init container. Replaces any `.` in a variable name with `_`. For example, + `SAMPLE.KEY=value1` becomes `SAMPLE_KEY=value1`. + type: object + extraEnvVarsRBACManager: + default: {} + description: Add custom environmental variables to the RBAC Manager pod + deployment. Replaces any `.` in a variable name with `_`. For example, + `SAMPLE.KEY=value1` becomes `SAMPLE_KEY=value1`. + type: object + extraObjects: + default: [] + description: To add arbitrary Kubernetes Objects during a Helm Install + items: {} + type: array + extraVolumeMountsCrossplane: + default: {} + description: Add custom `volumeMounts` to the Crossplane pod. + type: object + extraVolumesCrossplane: + default: {} + description: Add custom `volumes` to the Crossplane pod. + type: object + function: + properties: + packages: + default: [] + description: A list of Function packages to install + items: {} + type: array + type: object + functionCache: + properties: + medium: + default: "" + description: Set to `Memory` to hold the function cache in a RAM backed + file system. Useful for Crossplane development. + type: string + pvc: + default: "" + description: The name of a PersistentVolumeClaim to use as the function + cache. Disables the default function cache `emptyDir` Volume. + type: string + sizeLimit: + default: 512Mi + description: The size limit for the function cache. If medium is `Memory` + the `sizeLimit` can't exceed Node memory. + type: string + type: object + hostNetwork: + default: false + description: 'Enable `hostNetwork` for the Crossplane deployment. Caution: + enabling `hostNetwork` grants the Crossplane Pod access to the host network + namespace. Consider setting `dnsPolicy` to `ClusterFirstWithHostNet`.' + type: boolean + image: + properties: + ignoreTag: + default: false + description: Do not use the {{ .image.tag }} value to compute the image + uri. + type: boolean + pullPolicy: + default: IfNotPresent + description: The image pull policy used for Crossplane and RBAC Manager + pods. + type: string + repository: + default: xpkg.crossplane.io/crossplane/crossplane + description: Repository for the Crossplane pod image. + type: string + tag: + default: "" + description: The Crossplane image tag. Defaults to the value of `appVersion` + in `Chart.yaml`. + type: string + type: object + imagePullSecrets: + default: [] + description: The imagePullSecret names to add to the Crossplane ServiceAccount. + items: {} + type: array + leaderElection: + default: true + description: Enable [leader election](https://docs.crossplane.io/latest/concepts/pods/#leader-election) + for the Crossplane pod. + type: boolean + metrics: + properties: + enabled: + default: false + description: Enable Prometheus path, port and scrape annotations and + expose port 8080 for both the Crossplane and RBAC Manager pods. + type: boolean + port: + default: "" + description: The port the metrics server listens on. + type: string + type: object + nodeSelector: + default: {} + description: Add `nodeSelectors` to the Crossplane pod deployment. + type: object + packageCache: + properties: + configMap: + default: "" + description: The name of a ConfigMap to use as the package cache. Disables + the default package cache `emptyDir` Volume. + type: string + medium: + default: "" + description: Set to `Memory` to hold the package cache in a RAM backed + file system. Useful for Crossplane development. + type: string + pvc: + default: "" + description: The name of a PersistentVolumeClaim to use as the package + cache. Disables the default package cache `emptyDir` Volume. + type: string + sizeLimit: + default: 20Mi + description: The size limit for the package cache. If medium is `Memory` + the `sizeLimit` can't exceed Node memory. + type: string + type: object + podSecurityContextCrossplane: + default: {} + description: Add a custom `securityContext` to the Crossplane pod. + type: object + podSecurityContextRBACManager: + default: {} + description: Add a custom `securityContext` to the RBAC Manager pod. + type: object + priorityClassName: + default: "" + description: The PriorityClass name to apply to the Crossplane and RBAC + Manager pods. + type: string + provider: + properties: + defaultActivations: + default: [] + description: Define entries for the default managed resource activation + policy. If defined, a default MRAP will contain these activations. + items: + default: '*' + type: string + type: array + packages: + default: [] + description: A list of Provider packages to install. + items: {} + type: array + type: object + rbacManager: + properties: + affinity: + default: {} + description: Add `affinities` to the RBAC Manager pod deployment. + type: object + args: + default: [] + description: Add custom arguments to the RBAC Manager pod. + items: {} + type: array + deploy: + default: true + description: Deploy the RBAC Manager pod and its required roles. + type: boolean + leaderElection: + default: true + description: Enable [leader election](https://docs.crossplane.io/latest/concepts/pods/#leader-election) + for the RBAC Manager pod. + type: boolean + nodeSelector: + default: {} + description: Add `nodeSelectors` to the RBAC Manager pod deployment. + type: object + replicas: + default: 1 + description: The number of RBAC Manager pod `replicas` to deploy. + type: integer + revisionHistoryLimit: + description: The number of RBAC Manager ReplicaSets to retain. + oneOf: + - default: null + nullable: true + type: integer + - default: null + nullable: true + type: number + - default: null + nullable: true + type: boolean + - default: null + nullable: true + type: string + - default: null + nullable: true + type: object + - default: null + items: {} + nullable: true + type: array + skipAggregatedClusterRoles: + default: false + description: Don't install aggregated Crossplane ClusterRoles. + type: boolean + tolerations: + default: [] + description: Add `tolerations` to the RBAC Manager pod deployment. + items: {} + type: array + topologySpreadConstraints: + default: [] + description: Add `topologySpreadConstraints` to the RBAC Manager pod + deployment. + items: {} + type: array + type: object + readiness: + properties: + port: + default: "" + description: The port the readyz server listens on. + type: string + type: object + registryCaBundleConfig: + properties: + key: + default: "" + description: The ConfigMap key containing a custom CA bundle to enable + fetching packages from registries with unknown or untrusted certificates. + type: string + name: + default: "" + description: The ConfigMap name containing a custom CA bundle to enable + fetching packages from registries with unknown or untrusted certificates. + type: string + type: object + replicas: + default: 1 + description: helm-docs renders these comments into markdown. Use markdown + formatting where appropiate. -- The number of Crossplane pod `replicas` + to deploy. + type: integer + resourcesCrossplane: + properties: + limits: + properties: + cpu: + default: 500m + description: CPU resource limits for the Crossplane pod. + type: string + memory: + default: 1024Mi + description: Memory resource limits for the Crossplane pod. + type: string + type: object + requests: + properties: + cpu: + default: 100m + description: CPU resource requests for the Crossplane pod. + type: string + memory: + default: 256Mi + description: Memory resource requests for the Crossplane pod. + type: string + type: object + type: object + resourcesRBACManager: + properties: + limits: + properties: + cpu: + default: 100m + description: CPU resource limits for the RBAC Manager pod. + type: string + memory: + default: 512Mi + description: Memory resource limits for the RBAC Manager pod. + type: string + type: object + requests: + properties: + cpu: + default: 100m + description: CPU resource requests for the RBAC Manager pod. + type: string + memory: + default: 256Mi + description: Memory resource requests for the RBAC Manager pod. + type: string + type: object + type: object + revisionHistoryLimit: + description: The number of Crossplane ReplicaSets to retain. + oneOf: + - default: null + nullable: true + type: integer + - default: null + nullable: true + type: number + - default: null + nullable: true + type: boolean + - default: null + nullable: true + type: string + - default: null + nullable: true + type: object + - default: null + items: {} + nullable: true + type: array + runtimeClassName: + default: "" + description: The runtimeClassName name to apply to the Crossplane and RBAC + Manager pods. + type: string + securityContextCrossplane: + properties: + allowPrivilegeEscalation: + default: false + description: Enable `allowPrivilegeEscalation` for the Crossplane pod. + type: boolean + readOnlyRootFilesystem: + default: true + description: Set the Crossplane pod root file system as read-only. + type: boolean + runAsGroup: + default: 65532 + description: The group ID used by the Crossplane pod. + type: integer + runAsUser: + default: 65532 + description: The user ID used by the Crossplane pod. + type: integer + type: object + securityContextRBACManager: + properties: + allowPrivilegeEscalation: + default: false + description: Enable `allowPrivilegeEscalation` for the RBAC Manager + pod. + type: boolean + readOnlyRootFilesystem: + default: true + description: Set the RBAC Manager pod root file system as read-only. + type: boolean + runAsGroup: + default: 65532 + description: The group ID used by the RBAC Manager pod. + type: integer + runAsUser: + default: 65532 + description: The user ID used by the RBAC Manager pod. + type: integer + type: object + service: + properties: + customAnnotations: + default: {} + description: Configure annotations on the service object. Only enabled + when webhooks.enabled = true + type: object + type: object + serviceAccount: + properties: + create: + default: true + description: Specifies whether Crossplane ServiceAccount should be created + type: boolean + customAnnotations: + default: {} + description: Add custom `annotations` to the Crossplane ServiceAccount. + type: object + name: + default: "" + description: Provide the name of an already created Crossplane ServiceAccount. + Required when `serviceAccount.create` is `false` + type: string + type: object + tolerations: + default: [] + description: Add `tolerations` to the Crossplane pod deployment. + items: {} + type: array + topologySpreadConstraints: + default: [] + description: Add `topologySpreadConstraints` to the Crossplane pod deployment. + items: {} + type: array + webhooks: + properties: + enabled: + default: true + description: Enable webhooks for Crossplane and installed Provider packages. + type: boolean + port: + default: "" + description: The port the webhook server listens on. + type: string + type: object + type: object + version: 2.0.2 From e71b9fa7463887dccff9ce6986b4dac9101e95f4 Mon Sep 17 00:00:00 2001 From: Thomas Vitale Date: Thu, 14 Aug 2025 22:32:20 +0200 Subject: [PATCH 16/18] Update Kadras Engineering Platform metadata and add version 0.26.0 (#505) Co-authored-by: github-actions --- .../0.26.0.yml | 255 ++++++++++++++++++ 1 file changed, 255 insertions(+) create mode 100644 repo/packages/engineering-platform.packages.kadras.io/0.26.0.yml diff --git a/repo/packages/engineering-platform.packages.kadras.io/0.26.0.yml b/repo/packages/engineering-platform.packages.kadras.io/0.26.0.yml new file mode 100644 index 0000000..5ae1ee7 --- /dev/null +++ b/repo/packages/engineering-platform.packages.kadras.io/0.26.0.yml @@ -0,0 +1,255 @@ +apiVersion: data.packaging.carvel.dev/v1alpha1 +kind: Package +metadata: + creationTimestamp: null + name: engineering-platform.packages.kadras.io.0.26.0 +spec: + licenses: + - Apache 2.0 + refName: engineering-platform.packages.kadras.io + releaseNotes: https://github.com/kadras-io/kadras-engineering-platform/releases + releasedAt: "2025-08-14T20:30:27Z" + template: + spec: + deploy: + - kapp: {} + fetch: + - imgpkgBundle: + image: ghcr.io/kadras-io/kadras-engineering-platform@sha256:10ef8428a059b359334656a85aa593192686a6422f44d90fcfcf9d850f27f254 + template: + - ytt: + paths: + - config + - kbld: + paths: + - '-' + - .imgpkg/images.yml + valuesSchema: + openAPIv3: + additionalProperties: false + properties: + cert_manager: + default: {} + description: Configuration for the Cert Manager package. + nullable: true + contour: + default: {} + description: Configuration for the Contour package. + nullable: true + crossplane: + default: {} + description: Configuration for the Crossplane package. + nullable: true + dependency_track: + default: {} + description: Configuration for the Dependency Track package. + nullable: true + developer_portal: + default: {} + description: Configuration for the Developer Portal package. + nullable: true + flux: + default: {} + description: Configuration for the Flux package. + nullable: true + gitops_configurer: + default: {} + description: Configuration for the GitOps Configurer package. + nullable: true + knative: + additionalProperties: false + description: Configuration for Knative related packages. + properties: + serving: + default: {} + description: Configuration for the Knative Serving package. + nullable: true + type: object + kyverno: + additionalProperties: false + description: Configuration for the Kyverno related packages. + properties: + core: + default: {} + description: Configuration for the Kyverno package. + nullable: true + type: object + metrics_server: + default: {} + description: Configuration for the Metrics Server package. + nullable: true + platform: + additionalProperties: false + description: Configuration for the platform packages. + properties: + additional_packages: + default: [] + description: A list of packages to include in the installation. + items: + default: "" + type: string + type: array + ca_cert_data: + default: "" + description: PEM-encoded certificate data to trust TLS connections with + a custom CA. + type: string + cosign: + additionalProperties: false + description: Settings for Cosign, used for signing and verifying OCI + artifacts. + properties: + secret: + additionalProperties: false + description: Configuration for the Secret holding the Cosign key + pair. + properties: + name: + default: "" + description: The name of the Secret holding the Cosign key pair. + type: string + namespace: + default: kadras-system + description: The namespace of the Secret holding the Cosign + key pair. + type: string + type: object + type: object + excluded_packages: + default: [] + description: A list of packages to exclude from being installed. + items: + default: "" + type: string + type: array + git: + additionalProperties: false + description: Settings for the Git server that the platform will use. + properties: + secret: + additionalProperties: false + description: Configuration for the Secret holding the credentials + to access the Git server. + properties: + name: + default: "" + description: 'The name of the Secret holding the credentials + to access the Git server. The credentials should provide read-only + access to the Git server except when installing the platform + with one of these profiles: `standalone`, `build`.' + type: string + namespace: + default: kadras-system + description: The namespace of the Secret holding the credentials + to access the Git server. + type: string + type: object + server: + default: https://github.com + description: The server hosting the Git repositories used by the + plaform. + example: https://github.com + type: string + x-example-description: GitHub + type: object + ingress: + additionalProperties: false + description: Setting for the Ingress controller that the platform will + use. + properties: + domain: + default: "" + description: The base domain name the platform will use to configure + the Ingress controller. It must be a valid DNS name. + type: string + issuer: + additionalProperties: false + description: A reference to the ClusterIssuer the platform will + use to enable TLS communications. + properties: + email: + default: "" + description: The email address that Let's Encrypt will use to + send info on expiring certificates or other issues. Required + when the type is `letsencrypt_staging` or `letsencrypt`. + type: string + name: + default: "" + description: A reference to a custom ClusterIssuer previously + created on the cluster where the platform will be installed. + Required when the type is `custom`. + type: string + type: + default: private + description: 'The type of ClusterIssuer the platform will use + to enable TLS communications. Options: `private`, `letsencrypt_staging`, + `letsencrypt`, `custom`.' + enum: + - private + - letsencrypt_staging + - letsencrypt + - custom + type: string + type: object + type: object + namespace: + default: kadras-system + description: The namespace where to install the platform. + type: string + oci: + additionalProperties: false + description: Settings for accessing the OCI registry that the platform + will use. + properties: + pull_secret: + additionalProperties: false + description: Configuration for the Secret holding the credentials + to pull images from the OCI registry. + properties: + name: + default: "" + description: The name of the Secret holding the credentials + to pull images from the OCI registry. + type: string + namespace: + default: kadras-system + description: The namespace of the Secret holding the credentials + to pull images from the OCI registry. + type: string + type: object + type: object + profile: + default: run + description: 'The platform profile to install. Options: `standalone`, + `run`.' + enum: + - standalone + - run + type: string + type: object + postgresql_operator: + default: {} + description: Configuration for the PostgreSQL Operator package. + nullable: true + rabbitmq_operator: + default: {} + description: Configuration for the RabbitMQ Operator package. + nullable: true + secretgen_controller: + default: {} + description: Configuration for the Secretgen Controller package. + nullable: true + service_binding: + default: {} + description: Configuration for the Service Binding package. + nullable: true + tempo_operator: + default: {} + description: Configuration for the Tempo Operator package. + nullable: true + workspace_provisioner: + default: {} + description: Configuration for the Workspace Provisioner package. + nullable: true + type: object + version: 0.26.0 From f4a8a5fc4904fca53e348d5a29c4a3c379f725e6 Mon Sep 17 00:00:00 2001 From: Thomas Vitale Date: Thu, 14 Aug 2025 22:34:15 +0200 Subject: [PATCH 17/18] chore: Remove deprecated packages --- README.md | 1 - .../1.17.2.yml | 231 --------- .../crossplane.packages.kadras.io/1.20.0.yml | 468 ------------------ .../dapr.packages.kadras.io/1.15.5.yml | 208 -------- .../dapr.packages.kadras.io/metadata.yml | 20 - .../4.13.2.yml | 211 -------- .../0.25.0.yml | 276 ----------- .../flux.packages.kadras.io/2.6.0.yml | 107 ---- .../1.18.0.yml | 304 ------------ .../kyverno.packages.kadras.io/1.14.1.yml | 182 ------- .../0.7.2.yml | 148 ------ .../1.26.0.yml | 31 -- .../2.13.0.yml | 44 -- .../0.15.3.yml | 293 ----------- .../0.3.0.yml | 114 ----- 15 files changed, 2638 deletions(-) delete mode 100644 repo/packages/cert-manager.packages.kadras.io/1.17.2.yml delete mode 100644 repo/packages/crossplane.packages.kadras.io/1.20.0.yml delete mode 100644 repo/packages/dapr.packages.kadras.io/1.15.5.yml delete mode 100644 repo/packages/dapr.packages.kadras.io/metadata.yml delete mode 100644 repo/packages/dependency-track.packages.kadras.io/4.13.2.yml delete mode 100644 repo/packages/engineering-platform.packages.kadras.io/0.25.0.yml delete mode 100644 repo/packages/flux.packages.kadras.io/2.6.0.yml delete mode 100644 repo/packages/knative-serving.packages.kadras.io/1.18.0.yml delete mode 100644 repo/packages/kyverno.packages.kadras.io/1.14.1.yml delete mode 100644 repo/packages/metrics-server.packages.kadras.io/0.7.2.yml delete mode 100644 repo/packages/postgresql-operator.packages.kadras.io/1.26.0.yml delete mode 100644 repo/packages/rabbitmq-operator.packages.kadras.io/2.13.0.yml delete mode 100644 repo/packages/tempo-operator.packages.kadras.io/0.15.3.yml delete mode 100644 repo/packages/workspace-provisioner.packages.kadras.io/0.3.0.yml diff --git a/README.md b/README.md index 613291c..9cd220b 100644 --- a/README.md +++ b/README.md @@ -16,7 +16,6 @@ This repository contains the following Carvel packages. | [cert-manager](https://github.com/kadras-io/package-for-cert-manager) | A cloud-native solution to automatically provision and manage X.509 certificates. | | [contour](https://github.com/kadras-io/package-for-contour) | An Envoy-based ingress controller that supports dynamic configuration updates and multi-team ingress delegation. | | [crossplane](https://github.com/kadras-io/package-for-crossplane) | A Kubernetes extension that transforms your Kubernetes cluster into a universal control plane. | -| [dapr](https://github.com/kadras-io/package-for-dapr) | A Kubernetes extension that provides integrated APIs for communication, state, and workflow. | | [dependency-track](https://github.com/kadras-io/package-for-dependency-track) | OWASP Dependency Track is a continuous SBOM Analysis Platform for managing software supply chain security risks. | | [developer-portal](https://github.com/kadras-io/package-for-developer-portal) | Kadras Developer Portal, based on Backstage. It supports application developers with paved paths to production on Kubernetes. | | [engineering-platform](https://github.com/kadras-io/engineering-platform) | A curated set of Carvel packages to build an engineering platform supporting application developers with paved paths to production on Kubernetes. | diff --git a/repo/packages/cert-manager.packages.kadras.io/1.17.2.yml b/repo/packages/cert-manager.packages.kadras.io/1.17.2.yml deleted file mode 100644 index 55aff47..0000000 --- a/repo/packages/cert-manager.packages.kadras.io/1.17.2.yml +++ /dev/null @@ -1,231 +0,0 @@ -apiVersion: data.packaging.carvel.dev/v1alpha1 -kind: Package -metadata: - creationTimestamp: null - name: cert-manager.packages.kadras.io.1.17.2 -spec: - licenses: - - Apache 2.0 - refName: cert-manager.packages.kadras.io - releaseNotes: https://github.com/kadras-io/package-for-cert-manager/releases - releasedAt: "2025-05-30T19:24:22Z" - template: - spec: - deploy: - - kapp: {} - fetch: - - imgpkgBundle: - image: ghcr.io/kadras-io/package-for-cert-manager@sha256:95a278e351c04d81ea080013372a10e7e17bc99d739527ac27bcedf286710b33 - template: - - ytt: - paths: - - config - - kbld: - paths: - - '-' - - .imgpkg/images.yml - valuesSchema: - openAPIv3: - additionalProperties: false - properties: - cainjector: - additionalProperties: false - description: Settings for the cainjector controller. - properties: - loglevel: - default: 2 - description: Number of the log level verbosity. - maximum: 5 - minimum: 1 - type: integer - replicas: - default: 1 - description: The number of replicas. In order to enable high availability, - 2 replicas are recommended. - minimum: 1 - type: integer - type: object - controller: - additionalProperties: false - description: Settings for the cert-manager controller. - properties: - dns01: - additionalProperties: false - description: Configures the behaviour of the ACME DNS01 challenge solver. - properties: - recursive_nameservers: - default: [] - description: Each nameserver can be either the IP address and port - of a standard recursive DNS server, or the endpoint to an RFC - 8484 DNS over HTTPS endpoint. - items: - default: "" - type: string - type: array - recursive_nameservers_only: - default: false - description: When true, cert-manager will only ever query the configured - DNS resolvers to perform the ACME DNS01 self check. This is useful - in DNS constrained environments, where access to authoritative - nameservers is restricted. Enabling this option could cause the - DNS01 self check to take longer due to caching performed by the - recursive nameservers. - type: boolean - type: object - loglevel: - default: 2 - description: Number of the log level verbosity. - maximum: 5 - minimum: 1 - type: integer - replicas: - default: 1 - description: The number of replicas. In order to enable high availability, - 2 replicas are recommended. - minimum: 1 - type: integer - type: object - leader_election: - additionalProperties: false - description: Leader election configuration for the cert-manager and cert-manager-cainjector - Deployments. - properties: - namespace: - default: kube-system - description: 'Namespace used to perform leader election. The default - namespace needs changing in environments like GKE. More information: - https://cert-manager.io/docs/installation/compatibility.' - minLength: 1 - type: string - type: object - letsencrypt: - additionalProperties: false - description: Settings for Let's Encrypt. - properties: - challenge: - additionalProperties: false - properties: - dns_provider: - default: digital_ocean - description: 'The DNS provider to use for the ACME dns01 challenge. - Valid options: `cloudflare`, `digital_ocean`.' - enum: - - cloudflare - - digital_ocean - type: string - secret: - additionalProperties: false - properties: - key: - default: "" - description: The key within the Secret that contains the credentials - needed for the dns01 challenge. - type: string - name: - default: "" - description: Name of the Secret containing the credentials needed - for the dns01 challenge. - type: string - namespace: - default: kadras-system - description: Namespace containing the Secret with the credentials - needed for the dns01 challenge. - type: string - type: object - type: - default: http01 - description: 'The type of challenge used by the ACME CA Server. - Valid options: `http01`, `dns01`.' - enum: - - http01 - - dns01 - type: string - type: object - email: - default: "" - description: The email address that Let's Encrypt will use to send info - on expiring certificates or other issues. - type: string - include: - default: false - description: Whether to include a ClusterIssuer for Let's Encrypt. - type: boolean - production: - default: false - description: Whether to use Let's Encrypt staging (recommended for non-production - environments) or production. - type: boolean - type: object - namespace: - default: cert-manager - description: The namespace in which to deploy cert-manager. - minLength: 1 - type: string - policies: - additionalProperties: false - description: Settings for the Kyverno policies. - properties: - include: - default: false - description: Whether to include the out-of-the-box Kyverno policies - to validate and secure the package installation. - type: boolean - type: object - private_pki: - additionalProperties: false - description: Settings for the built-in, private PKI - properties: - include: - default: true - description: Whether to include a ClusterIssuer for a private PKI. - type: boolean - type: object - proxy: - additionalProperties: false - description: Settings for the corporate proxy. - properties: - http_proxy: - default: "" - description: The HTTP proxy to use for network traffic. - type: string - https_proxy: - default: "" - description: The HTTPS proxy to use for network traffic. - type: string - no_proxy: - default: "" - description: A comma-separated list of hostnames, IP addresses, or IP - ranges in CIDR format that should not use the proxy. - type: string - type: object - webhook: - additionalProperties: false - description: Settings for the cert-manager webhook. - properties: - host_network: - default: false - description: 'Whether to run the webhook in the host network so that - it can be reached by the cert-manager controller in environments like - AWS EKS. More information: https://cert-manager.io/docs/installation/compatibility.' - type: boolean - loglevel: - default: 2 - description: Number of the log level verbosity. - maximum: 5 - minimum: 1 - type: integer - replicas: - default: 1 - description: The number of replicas. In order to enable high availability, - at least 3 replicas are recommended. - minimum: 1 - type: integer - secure_port: - default: 6443 - description: 'The port where the webhook is exposed. The default port - needs changing in environments like AWS EKS and AWS Fargate. More - information: https://cert-manager.io/docs/installation/compatibility.' - type: integer - type: object - type: object - version: 1.17.2 diff --git a/repo/packages/crossplane.packages.kadras.io/1.20.0.yml b/repo/packages/crossplane.packages.kadras.io/1.20.0.yml deleted file mode 100644 index 6c0428c..0000000 --- a/repo/packages/crossplane.packages.kadras.io/1.20.0.yml +++ /dev/null @@ -1,468 +0,0 @@ -apiVersion: data.packaging.carvel.dev/v1alpha1 -kind: Package -metadata: - creationTimestamp: null - name: crossplane.packages.kadras.io.1.20.0 -spec: - refName: crossplane.packages.kadras.io - releasedAt: "2025-05-30T20:10:40Z" - template: - spec: - deploy: - - kapp: - intoNs: crossplane-system - fetch: - - imgpkgBundle: - image: ghcr.io/kadras-io/package-for-crossplane@sha256:e50bcaa46d5bbe691ed6cb9cefe2940113840334b0079951634e4b4541be05cf - template: - - helmTemplate: - name: crossplane - namespace: crossplane-system - path: config/helm/upstream/crossplane - valuesFrom: - - path: config/helm/values.yml - - ytt: - ignoreUnknownComments: true - paths: - - '-' - - config/carvel - - kbld: - paths: - - '-' - - .imgpkg/images.yml - valuesSchema: - openAPIv3: - properties: - affinity: - default: {} - description: Add `affinities` to the Crossplane pod deployment. - type: object - args: - default: [] - description: Add custom arguments to the Crossplane pod. - items: {} - type: array - configuration: - properties: - packages: - default: [] - description: A list of Configuration packages to install. - items: {} - type: array - type: object - customAnnotations: - default: {} - description: Add custom `annotations` to the Crossplane pod deployment. - type: object - customLabels: - default: {} - description: Add custom `labels` to the Crossplane pod deployment. - type: object - deploymentStrategy: - default: RollingUpdate - description: The deployment strategy for the Crossplane and RBAC Manager - pods. - type: string - dnsPolicy: - default: "" - description: Specify the `dnsPolicy` to be used by the Crossplane pod. - type: string - extraEnvVarsCrossplane: - default: {} - description: Add custom environmental variables to the Crossplane pod deployment. - Replaces any `.` in a variable name with `_`. For example, `SAMPLE.KEY=value1` - becomes `SAMPLE_KEY=value1`. - type: object - extraEnvVarsRBACManager: - default: {} - description: Add custom environmental variables to the RBAC Manager pod - deployment. Replaces any `.` in a variable name with `_`. For example, - `SAMPLE.KEY=value1` becomes `SAMPLE_KEY=value1`. - type: object - extraObjects: - default: [] - description: To add arbitrary Kubernetes Objects during a Helm Install - items: {} - type: array - extraVolumeMountsCrossplane: - default: {} - description: Add custom `volumeMounts` to the Crossplane pod. - type: object - extraVolumesCrossplane: - default: {} - description: Add custom `volumes` to the Crossplane pod. - type: object - function: - properties: - packages: - default: [] - description: A list of Function packages to install - items: {} - type: array - type: object - functionCache: - properties: - medium: - default: "" - description: Set to `Memory` to hold the function cache in a RAM backed - file system. Useful for Crossplane development. - type: string - pvc: - default: "" - description: The name of a PersistentVolumeClaim to use as the function - cache. Disables the default function cache `emptyDir` Volume. - type: string - sizeLimit: - default: 512Mi - description: The size limit for the function cache. If medium is `Memory` - the `sizeLimit` can't exceed Node memory. - type: string - type: object - hostNetwork: - default: false - description: 'Enable `hostNetwork` for the Crossplane deployment. Caution: - enabling `hostNetwork` grants the Crossplane Pod access to the host network - namespace. Consider setting `dnsPolicy` to `ClusterFirstWithHostNet`.' - type: boolean - image: - properties: - pullPolicy: - default: IfNotPresent - description: The image pull policy used for Crossplane and RBAC Manager - pods. - type: string - repository: - default: xpkg.crossplane.io/crossplane/crossplane - description: Repository for the Crossplane pod image. - type: string - tag: - default: "" - description: The Crossplane image tag. Defaults to the value of `appVersion` - in `Chart.yaml`. - type: string - type: object - imagePullSecrets: - default: [] - description: The imagePullSecret names to add to the Crossplane ServiceAccount. - items: {} - type: array - leaderElection: - default: true - description: Enable [leader election](https://docs.crossplane.io/latest/concepts/pods/#leader-election) - for the Crossplane pod. - type: boolean - metrics: - properties: - enabled: - default: false - description: Enable Prometheus path, port and scrape annotations and - expose port 8080 for both the Crossplane and RBAC Manager pods. - type: boolean - port: - default: "" - description: The port the metrics server listens on. - type: string - type: object - nodeSelector: - default: {} - description: Add `nodeSelectors` to the Crossplane pod deployment. - type: object - packageCache: - properties: - configMap: - default: "" - description: The name of a ConfigMap to use as the package cache. Disables - the default package cache `emptyDir` Volume. - type: string - medium: - default: "" - description: Set to `Memory` to hold the package cache in a RAM backed - file system. Useful for Crossplane development. - type: string - pvc: - default: "" - description: The name of a PersistentVolumeClaim to use as the package - cache. Disables the default package cache `emptyDir` Volume. - type: string - sizeLimit: - default: 20Mi - description: The size limit for the package cache. If medium is `Memory` - the `sizeLimit` can't exceed Node memory. - type: string - type: object - podSecurityContextCrossplane: - default: {} - description: Add a custom `securityContext` to the Crossplane pod. - type: object - podSecurityContextRBACManager: - default: {} - description: Add a custom `securityContext` to the RBAC Manager pod. - type: object - priorityClassName: - default: "" - description: The PriorityClass name to apply to the Crossplane and RBAC - Manager pods. - type: string - provider: - properties: - packages: - default: [] - description: A list of Provider packages to install. - items: {} - type: array - type: object - rbacManager: - properties: - affinity: - default: {} - description: Add `affinities` to the RBAC Manager pod deployment. - type: object - args: - default: [] - description: Add custom arguments to the RBAC Manager pod. - items: {} - type: array - deploy: - default: true - description: Deploy the RBAC Manager pod and its required roles. - type: boolean - leaderElection: - default: true - description: Enable [leader election](https://docs.crossplane.io/latest/concepts/pods/#leader-election) - for the RBAC Manager pod. - type: boolean - nodeSelector: - default: {} - description: Add `nodeSelectors` to the RBAC Manager pod deployment. - type: object - replicas: - default: 1 - description: The number of RBAC Manager pod `replicas` to deploy. - type: integer - revisionHistoryLimit: - description: The number of RBAC Manager ReplicaSets to retain. - oneOf: - - default: null - nullable: true - type: integer - - default: null - nullable: true - type: number - - default: null - nullable: true - type: boolean - - default: null - nullable: true - type: string - - default: null - nullable: true - type: object - - default: null - items: {} - nullable: true - type: array - skipAggregatedClusterRoles: - default: false - description: Don't install aggregated Crossplane ClusterRoles. - type: boolean - tolerations: - default: [] - description: Add `tolerations` to the RBAC Manager pod deployment. - items: {} - type: array - topologySpreadConstraints: - default: [] - description: Add `topologySpreadConstraints` to the RBAC Manager pod - deployment. - items: {} - type: array - type: object - readiness: - properties: - port: - default: "" - description: The port the readyz server listens on. - type: string - type: object - registryCaBundleConfig: - properties: - key: - default: "" - description: The ConfigMap key containing a custom CA bundle to enable - fetching packages from registries with unknown or untrusted certificates. - type: string - name: - default: "" - description: The ConfigMap name containing a custom CA bundle to enable - fetching packages from registries with unknown or untrusted certificates. - type: string - type: object - replicas: - default: 1 - description: helm-docs renders these comments into markdown. Use markdown - formatting where appropiate. -- The number of Crossplane pod `replicas` - to deploy. - type: integer - resourcesCrossplane: - properties: - limits: - properties: - cpu: - default: 500m - description: CPU resource limits for the Crossplane pod. - type: string - memory: - default: 1024Mi - description: Memory resource limits for the Crossplane pod. - type: string - type: object - requests: - properties: - cpu: - default: 100m - description: CPU resource requests for the Crossplane pod. - type: string - memory: - default: 256Mi - description: Memory resource requests for the Crossplane pod. - type: string - type: object - type: object - resourcesRBACManager: - properties: - limits: - properties: - cpu: - default: 100m - description: CPU resource limits for the RBAC Manager pod. - type: string - memory: - default: 512Mi - description: Memory resource limits for the RBAC Manager pod. - type: string - type: object - requests: - properties: - cpu: - default: 100m - description: CPU resource requests for the RBAC Manager pod. - type: string - memory: - default: 256Mi - description: Memory resource requests for the RBAC Manager pod. - type: string - type: object - type: object - revisionHistoryLimit: - description: The number of Crossplane ReplicaSets to retain. - oneOf: - - default: null - nullable: true - type: integer - - default: null - nullable: true - type: number - - default: null - nullable: true - type: boolean - - default: null - nullable: true - type: string - - default: null - nullable: true - type: object - - default: null - items: {} - nullable: true - type: array - runtimeClassName: - default: "" - description: The runtimeClassName name to apply to the Crossplane and RBAC - Manager pods. - type: string - securityContextCrossplane: - properties: - allowPrivilegeEscalation: - default: false - description: Enable `allowPrivilegeEscalation` for the Crossplane pod. - type: boolean - readOnlyRootFilesystem: - default: true - description: Set the Crossplane pod root file system as read-only. - type: boolean - runAsGroup: - default: 65532 - description: The group ID used by the Crossplane pod. - type: integer - runAsUser: - default: 65532 - description: The user ID used by the Crossplane pod. - type: integer - type: object - securityContextRBACManager: - properties: - allowPrivilegeEscalation: - default: false - description: Enable `allowPrivilegeEscalation` for the RBAC Manager - pod. - type: boolean - readOnlyRootFilesystem: - default: true - description: Set the RBAC Manager pod root file system as read-only. - type: boolean - runAsGroup: - default: 65532 - description: The group ID used by the RBAC Manager pod. - type: integer - runAsUser: - default: 65532 - description: The user ID used by the RBAC Manager pod. - type: integer - type: object - service: - properties: - customAnnotations: - default: {} - description: Configure annotations on the service object. Only enabled - when webhooks.enabled = true - type: object - type: object - serviceAccount: - properties: - create: - default: true - description: Specifies whether Crossplane ServiceAccount should be created - type: boolean - customAnnotations: - default: {} - description: Add custom `annotations` to the Crossplane ServiceAccount. - type: object - name: - default: "" - description: Provide the name of an already created Crossplane ServiceAccount. - Required when `serviceAccount.create` is `false` - type: string - type: object - tolerations: - default: [] - description: Add `tolerations` to the Crossplane pod deployment. - items: {} - type: array - topologySpreadConstraints: - default: [] - description: Add `topologySpreadConstraints` to the Crossplane pod deployment. - items: {} - type: array - webhooks: - properties: - enabled: - default: true - description: Enable webhooks for Crossplane and installed Provider packages. - type: boolean - port: - default: "" - description: The port the webhook server listens on. - type: string - type: object - type: object - version: 1.20.0 diff --git a/repo/packages/dapr.packages.kadras.io/1.15.5.yml b/repo/packages/dapr.packages.kadras.io/1.15.5.yml deleted file mode 100644 index bfa768f..0000000 --- a/repo/packages/dapr.packages.kadras.io/1.15.5.yml +++ /dev/null @@ -1,208 +0,0 @@ -apiVersion: data.packaging.carvel.dev/v1alpha1 -kind: Package -metadata: - creationTimestamp: null - name: dapr.packages.kadras.io.1.15.5 -spec: - refName: dapr.packages.kadras.io - releasedAt: "2025-05-30T20:15:30Z" - template: - spec: - deploy: - - kapp: - intoNs: dapr-system - fetch: - - imgpkgBundle: - image: ghcr.io/kadras-io/package-for-dapr@sha256:2a01f0fe18ba0eb064b1f671ee0ef8b8183d70875386219abc12fc664404b9a3 - template: - - helmTemplate: - name: dapr - namespace: dapr-system - path: config/helm/upstream/dapr - valuesFrom: - - path: config/helm/values.yml - - ytt: - ignoreUnknownComments: true - paths: - - '-' - - config/carvel - - kbld: - paths: - - '-' - - .imgpkg/images.yml - valuesSchema: - openAPIv3: - properties: - global: - properties: - actors: - properties: - enabled: - default: true - description: Enables actor functionality in the cluster - type: boolean - serviceName: - default: placement - description: Name of the service that provides actor placement services - type: string - type: object - argoRolloutServiceReconciler: - description: 'the issuerFilenames dictionary, if setup, have to contain - 3 keys: ca,cert,key issuerFilenames: ca: "ca.crt" cert: "tls.crt" key: - "tls.key"' - properties: - enabled: - default: false - type: boolean - type: object - daprControlPlaneOs: - default: linux - type: string - dnsSuffix: - default: .cluster.local - type: string - extraVolumeMounts: - default: {} - description: 'sentry: placement: operator: injector: scheduler:' - type: object - extraVolumes: - default: {} - description: and extraVolumeMounts are used to mount additional volumes - to the Dapr control plane pods. Useful for using alternative authentication - credentials to sentry. - type: object - ha: - properties: - disruption: - properties: - maximumUnavailable: - default: 25% - type: string - minimumAvailable: - default: "" - type: string - type: object - enabled: - default: false - type: boolean - replicaCount: - default: 3 - type: integer - type: object - imagePullPolicy: - default: IfNotPresent - type: string - imagePullSecrets: - default: "" - description: 'To help compatibility with other charts which use global.imagePullSecrets. - Allow either a string with single imagepullsecret or an array of {name: - pullSecret} maps (k8s-style) or an array of strings (more common helm-style). - global: imagePullSecrets: "pullSecret" or global: imagePullSecrets: - - name: pullSecret1 - name: pullSecret2 or global: imagePullSecrets: - - pullSecret1 - pullSecret2' - type: string - issuerFilenames: - default: {} - type: object - k8sLabels: - properties: - app.kubernetes.io/component: - default: '{{ .Values.component }}' - type: string - app.kubernetes.io/managed-by: - default: '{{ .Release.Service }}' - type: string - app.kubernetes.io/name: - default: '{{ .Release.Name }}' - type: string - app.kubernetes.io/part-of: - default: dapr - type: string - app.kubernetes.io/version: - default: '{{ .Values.global.tag }}' - type: string - type: object - labels: - default: {} - type: object - logAsJson: - default: false - type: boolean - mtls: - properties: - allowedClockSkew: - default: 15m - type: string - controlPlaneTrustDomain: - default: cluster.local - type: string - enabled: - default: true - type: boolean - mountSentryVolume: - default: true - description: If set to true, a bound service account token will - be mounted and used to authenticate to Sentry. - type: boolean - workloadCertTTL: - default: 24h - type: string - type: object - nodeSelector: - default: {} - type: object - operator: - properties: - watchdogCanPatchPodLabels: - default: false - type: boolean - type: object - priorityClassName: - default: "" - type: string - prometheus: - properties: - enabled: - default: true - type: boolean - port: - default: 9090 - type: integer - type: object - rbac: - properties: - namespaced: - default: false - type: boolean - type: object - registry: - default: ghcr.io/dapr - type: string - reminders: - properties: - serviceName: - default: "" - description: Name of the service that provides reminders If empty, - uses the built-in reminders capabilities in Dapr sidecars - type: string - type: object - scheduler: - properties: - enabled: - default: true - description: Enables scheduler functionality in the cluster - type: boolean - type: object - seccompProfile: - default: "" - type: string - tag: - default: 1.15.5 - type: string - tolerations: - default: [] - items: {} - type: array - type: object - type: object - version: 1.15.5 diff --git a/repo/packages/dapr.packages.kadras.io/metadata.yml b/repo/packages/dapr.packages.kadras.io/metadata.yml deleted file mode 100644 index 6f2379a..0000000 --- a/repo/packages/dapr.packages.kadras.io/metadata.yml +++ /dev/null @@ -1,20 +0,0 @@ -apiVersion: data.packaging.carvel.dev/v1alpha1 -kind: PackageMetadata -metadata: - creationTimestamp: null - name: dapr.packages.kadras.io -spec: - categories: - - apis - - microservices - displayName: dapr - iconSVGBase64: PHN2ZyBpZD0iTGF5ZXJfMSIgZGF0YS1uYW1lPSJMYXllciAxIiB4bWxucz0iaHR0cDovL3d3dy53My5vcmcvMjAwMC9zdmciIHZpZXdCb3g9IjAgMCA0ODAgMjU1LjYwODc5Ij48ZGVmcz48c3R5bGU+LmNscy0xe2ZpbGw6IzBkMjE5Mjt9LmNscy0ye2ZpbGw6I2ZmZjtpc29sYXRpb246aXNvbGF0ZTtvcGFjaXR5OjAuMDg7fTwvc3R5bGU+PC9kZWZzPjxyZWN0IGlkPSJSZWN0YW5nbGUtNCIgY2xhc3M9ImNscy0xIiB4PSI5OS43ODA0MiIgeT0iMTEuMTg5MzgiIHdpZHRoPSIyODIuMTUxNjgiIGhlaWdodD0iMTk4LjU3Mjc0IiByeD0iNS40OTM0NyIvPjxyZWN0IGlkPSJSZWN0YW5nbGUtNC0yIiBkYXRhLW5hbWU9IlJlY3RhbmdsZS00IiBjbGFzcz0iY2xzLTIiIHg9Ijk5Ljc4MDQyIiB5PSIxMS4xODkzOCIgd2lkdGg9IjEwNC4zNjkzNiIgaGVpZ2h0PSIxOTguNTcyNzQiLz48cmVjdCBpZD0iUmVjdGFuZ2xlLTMiIGNsYXNzPSJjbHMtMSIgeD0iMTAuNjc5ODciIHk9IjE5Ni45NTA5MyIgd2lkdGg9IjQ1Ni42NDAyNyIgaGVpZ2h0PSI0Ny42NTk1MiIgcng9IjEwLjIxODI3Ii8+PHJlY3QgaWQ9IlJlY3RhbmdsZS00LTMiIGRhdGEtbmFtZT0iUmVjdGFuZ2xlLTQiIGNsYXNzPSJjbHMtMiIgeD0iMTAuNjc5ODciIHk9IjE5Ni45NTA5MyIgd2lkdGg9IjE0MS4yODUyMSIgaGVpZ2h0PSI1OC42NTc4NiIvPjwvc3ZnPg== - longDescription: Dapr provides integrated APIs for communication, state, and workflow. - Dapr leverages industry best practices for security, resiliency, and observability, - so you can focus on your code. - maintainers: - - name: Thomas Vitale - providerName: Kadras - shortDescription: APIs for Building Secure and Reliable Microservices. - supportDescription: Go to https://kadras.io for documentation and https://github.com/kadras-io/package-for-dapr - for community support. diff --git a/repo/packages/dependency-track.packages.kadras.io/4.13.2.yml b/repo/packages/dependency-track.packages.kadras.io/4.13.2.yml deleted file mode 100644 index 324e9f3..0000000 --- a/repo/packages/dependency-track.packages.kadras.io/4.13.2.yml +++ /dev/null @@ -1,211 +0,0 @@ -apiVersion: data.packaging.carvel.dev/v1alpha1 -kind: Package -metadata: - creationTimestamp: null - name: dependency-track.packages.kadras.io.4.13.2 -spec: - licenses: - - Apache 2.0 - refName: dependency-track.packages.kadras.io - releaseNotes: https://github.com/kadras-io/package-for-dependency-track/releases - releasedAt: "2025-05-30T20:13:17Z" - template: - spec: - deploy: - - kapp: {} - fetch: - - imgpkgBundle: - image: ghcr.io/kadras-io/package-for-dependency-track@sha256:82ef90789ee3eec8ed5fa36b149175c8f782d3774487ab905c4c0d35c07ce397 - template: - - ytt: - paths: - - config - - kbld: - paths: - - '-' - - .imgpkg/images.yml - valuesSchema: - openAPIv3: - additionalProperties: false - properties: - api_server: - additionalProperties: false - description: Settings for the API Server component. - properties: - logging: - additionalProperties: false - description: Settings for logging. - properties: - format: - default: console - description: 'Log encoding format. Options: `console`, `json`.' - enum: - - console - - json - type: string - level: - default: info - description: 'Log verbosity level. Options: `trace`, `debug`, `info`, - `warn`, `error`.' - enum: - - trace - - debug - - info - - warn - - error - type: string - type: object - metrics: - additionalProperties: false - description: Settings for metrics. - properties: - enabled: - default: true - description: Whether to enable the generation of Prometheus metrics. - type: boolean - type: object - resources: - additionalProperties: false - description: Resource configuration for the API Server component. - properties: - limits: - additionalProperties: false - properties: - cpu: - default: "4" - description: CPU limits configuration for the API Server component. - type: string - memory: - default: 5Gi - description: Memory limits configuration for the API Server - component. - type: string - type: object - requests: - additionalProperties: false - properties: - cpu: - default: "0.5" - description: CPU requests configuration for the API Server component. - type: string - memory: - default: 5Gi - description: Memory requests configuration for the API Server - component. - type: string - type: object - type: object - storage: - additionalProperties: false - description: Storage configuration for the API Server component. - properties: - class_name: - default: "" - description: Class name for the PersistenceVolume to create. - type: string - size: - default: 1Gi - description: Size of the PersistenceVolume to create. - type: string - type: object - type: object - domain_name: - default: "" - description: Domain name for Dependency Track. It must be a valid DNS name. - minLength: 4 - type: string - frontend: - additionalProperties: false - description: Settings for the Frontend component. - properties: - replicas: - default: 1 - description: The number of Frontend replicas. In order to enable high - availability, it should be greater than 1. - minimum: 1 - type: integer - resources: - additionalProperties: false - description: Resource configuration for the Frontend component. - properties: - limits: - additionalProperties: false - properties: - cpu: - default: 500m - description: CPU limits configuration for the Frontend component. - type: string - memory: - default: 128Mi - description: Memory limits configuration for the Frontend component. - type: string - type: object - requests: - additionalProperties: false - properties: - cpu: - default: 150m - description: CPU requests configuration for the Frontend component. - type: string - memory: - default: 64Mi - description: Memory requests configuration for the Frontend - component. - type: string - type: object - type: object - type: object - ingress_issuer: - default: "" - description: A reference to the ClusterIssuer to use for enabling TLS in - Dependency Track. - example: kadras-ca-issuer - minLength: 4 - type: string - x-example-description: Kadras private CA - postgresql: - additionalProperties: false - description: Settings for the PostgreSQL database. - properties: - instances: - default: 1 - description: Number of instances for the PostgreSQL database cluster. - Define at least 3 for production scenarios. - minimum: 1 - type: integer - storage: - additionalProperties: false - description: Storage configuration for each PostgreSQL instance. - properties: - size: - default: 1Gi - description: Size of the PersistenceVolume to create for each PostgreSQL - instance. - type: string - type: object - type: object - proxy: - additionalProperties: false - description: Settings for the corporate proxy. - properties: - http_proxy: - default: "" - description: The HTTP proxy to use for network traffic. - type: string - https_proxy: - default: "" - description: The HTTPS proxy to use for network traffic. - type: string - no_proxy: - default: "" - description: A comma-separated list of hostnames, IP addresses, or IP - ranges in CIDR format that should not use the proxy. - type: string - type: object - system_requirement_check: - default: true - description: Whether Dependency Track will check for memory and CPU requirements - at startup time. - type: boolean - type: object - version: 4.13.2 diff --git a/repo/packages/engineering-platform.packages.kadras.io/0.25.0.yml b/repo/packages/engineering-platform.packages.kadras.io/0.25.0.yml deleted file mode 100644 index a973378..0000000 --- a/repo/packages/engineering-platform.packages.kadras.io/0.25.0.yml +++ /dev/null @@ -1,276 +0,0 @@ -apiVersion: data.packaging.carvel.dev/v1alpha1 -kind: Package -metadata: - creationTimestamp: null - name: engineering-platform.packages.kadras.io.0.25.0 -spec: - licenses: - - Apache 2.0 - refName: engineering-platform.packages.kadras.io - releaseNotes: https://github.com/kadras-io/kadras-engineering-platform/releases - releasedAt: "2025-06-01T13:02:19Z" - template: - spec: - deploy: - - kapp: {} - fetch: - - imgpkgBundle: - image: ghcr.io/kadras-io/kadras-engineering-platform@sha256:31f410957c88b52c62d0a56b09f2f4a37994c5e2fc589c58821d75bb520bc639 - template: - - ytt: - paths: - - config - - kbld: - paths: - - '-' - - .imgpkg/images.yml - valuesSchema: - openAPIv3: - additionalProperties: false - properties: - cert_manager: - default: {} - description: Configuration for the Cert Manager package. - nullable: true - contour: - default: {} - description: Configuration for the Contour package. - nullable: true - crossplane: - default: {} - description: Configuration for the Crossplane package. - nullable: true - dapr: - default: {} - description: Configuration for the Dapr package. - nullable: true - dependency_track: - default: {} - description: Configuration for the Dependency Track package. - nullable: true - developer_portal: - default: {} - description: Configuration for the Developer Portal package. - nullable: true - flux: - default: {} - description: Configuration for the Flux package. - nullable: true - gitops_configurer: - default: {} - description: Configuration for the GitOps Configurer package. - nullable: true - knative: - additionalProperties: false - description: Configuration for Knative related packages. - properties: - serving: - default: {} - description: Configuration for the Knative Serving package. - nullable: true - type: object - kyverno: - additionalProperties: false - description: Configuration for the Kyverno related packages. - properties: - core: - default: {} - description: Configuration for the Kyverno package. - nullable: true - type: object - metrics_server: - default: {} - description: Configuration for the Metrics Server package. - nullable: true - platform: - additionalProperties: false - description: Configuration for the platform packages. - properties: - additional_packages: - default: [] - description: A list of packages to include in the installation. - items: - default: "" - type: string - type: array - ca_cert_data: - default: "" - description: PEM-encoded certificate data to trust TLS connections with - a custom CA. - type: string - cosign: - additionalProperties: false - description: Settings for Cosign, used for signing and verifying OCI - artifacts. - properties: - secret: - additionalProperties: false - description: Configuration for the Secret holding the Cosign key - pair. - properties: - name: - default: "" - description: The name of the Secret holding the Cosign key pair. - type: string - namespace: - default: kadras-system - description: The namespace of the Secret holding the Cosign - key pair. - type: string - type: object - type: object - excluded_packages: - default: [] - description: A list of packages to exclude from being installed. - items: - default: "" - type: string - type: array - git: - additionalProperties: false - description: Settings for the Git server that the platform will use. - properties: - secret: - additionalProperties: false - description: Configuration for the Secret holding the credentials - to access the Git server. - properties: - name: - default: "" - description: 'The name of the Secret holding the credentials - to access the Git server. The credentials should provide read-only - access to the Git server except when installing the platform - with one of these profiles: `standalone`, `build`.' - type: string - namespace: - default: kadras-system - description: The namespace of the Secret holding the credentials - to access the Git server. - type: string - type: object - server: - default: https://github.com - description: The server hosting the Git repositories used by the - plaform. - example: https://github.com - type: string - x-example-description: GitHub - type: object - ingress: - additionalProperties: false - description: Setting for the Ingress controller that the platform will - use. - properties: - domain: - default: "" - description: The base domain name the platform will use to configure - the Ingress controller. It must be a valid DNS name. - type: string - issuer: - additionalProperties: false - description: A reference to the ClusterIssuer the platform will - use to enable TLS communications. - properties: - email: - default: "" - description: The email address that Let's Encrypt will use to - send info on expiring certificates or other issues. Required - when the type is `letsencrypt_staging` or `letsencrypt`. - type: string - name: - default: "" - description: A reference to a custom ClusterIssuer previously - created on the cluster where the platform will be installed. - Required when the type is `custom`. - type: string - type: - default: private - description: 'The type of ClusterIssuer the platform will use - to enable TLS communications. Options: `private`, `letsencrypt_staging`, - `letsencrypt`, `custom`.' - enum: - - private - - letsencrypt_staging - - letsencrypt - - custom - type: string - type: object - type: object - namespace: - default: kadras-system - description: The namespace where to install the platform. - type: string - oci_registry: - additionalProperties: false - description: Settings for the OCI registry that the platform will use. - properties: - repository: - default: "" - description: The repository in the OCI Registry where the platform - will publish OCI images. - example: my-org - type: string - x-example-description: Repository on GitHub Container Registry - secret: - additionalProperties: false - description: Configuration for the Secret holding the credentials - to access the OCI registry. - properties: - name: - default: "" - description: 'The name of the Secret holding the credentials - to access the OCI registry. The credentials should provide - read-only access to the OCI registry except when installing - the platform with one of these profiles: `standalone`, `dev`, - `build`.' - type: string - namespace: - default: kadras-system - description: The namespace of the Secret holding the credentials - to access the OCI registry. - type: string - type: object - server: - default: "" - description: The server of the OCI Registry where the platform will - publish OCI images. - example: ghcr.io - type: string - x-example-description: GitHub Container Registry - type: object - profile: - default: run - description: 'The platform profile to install. Options: `standalone`, - `build`, `run`.' - enum: - - standalone - - build - - run - type: string - type: object - postgresql_operator: - default: {} - description: Configuration for the PostgreSQL Operator package. - nullable: true - rabbitmq_operator: - default: {} - description: Configuration for the RabbitMQ Operator package. - nullable: true - secretgen_controller: - default: {} - description: Configuration for the Secretgen Controller package. - nullable: true - service_binding: - default: {} - description: Configuration for the Service Binding package. - nullable: true - tempo_operator: - default: {} - description: Configuration for the Tempo Operator package. - nullable: true - workspace_provisioner: - default: {} - description: Configuration for the Workspace Provisioner package. - nullable: true - type: object - version: 0.25.0 diff --git a/repo/packages/flux.packages.kadras.io/2.6.0.yml b/repo/packages/flux.packages.kadras.io/2.6.0.yml deleted file mode 100644 index 539db0e..0000000 --- a/repo/packages/flux.packages.kadras.io/2.6.0.yml +++ /dev/null @@ -1,107 +0,0 @@ -apiVersion: data.packaging.carvel.dev/v1alpha1 -kind: Package -metadata: - creationTimestamp: null - name: flux.packages.kadras.io.2.6.0 -spec: - licenses: - - Apache 2.0 - refName: flux.packages.kadras.io - releaseNotes: https://github.com/kadras-io/package-for-flux/releases - releasedAt: "2025-05-30T19:49:58Z" - template: - spec: - deploy: - - kapp: {} - fetch: - - imgpkgBundle: - image: ghcr.io/kadras-io/package-for-flux@sha256:a34b67ff57b00d97e426a5935f93d58e26cbca04a602e365d43149e70d10e8ec - template: - - ytt: - paths: - - config - - kbld: - paths: - - '-' - - .imgpkg/images.yml - valuesSchema: - openAPIv3: - additionalProperties: false - properties: - logging: - additionalProperties: false - description: Settings for logging. - properties: - encoding: - default: json - description: 'Log encoding format. Options: `console`, `json`.' - enum: - - console - - json - type: string - level: - default: info - description: 'Log verbosity level. Options: `trace`, `debug`, `info`, - `error`.' - enum: - - trace - - debug - - info - - error - type: string - type: object - optional_components: - additionalProperties: false - description: Settings for which Flux optional components to deploy. - properties: - helm_controller: - default: false - description: Whether to deploy the Helm Controller. - type: boolean - image_automation_controller: - default: false - description: Whether to deploy the Image Automation Controller. - type: boolean - image_reflector_controller: - default: false - description: Whether to deploy the Image Reflector Controller. - type: boolean - kustomize_controller: - default: true - description: Whether to deploy the Kustomize Controller. - type: boolean - notification_controller: - default: false - description: Whether to deploy the Notification Controller. - type: boolean - type: object - policies: - additionalProperties: false - description: Settings for the Kyverno policies. - properties: - include: - default: false - description: Whether to include the out-of-the-box Kyverno policies - to validate and secure the package installation. - type: boolean - type: object - proxy: - additionalProperties: false - description: Settings for the corporate proxy. - properties: - http_proxy: - default: "" - description: The HTTP proxy to use for network traffic. - type: string - https_proxy: - default: "" - description: The HTTPS proxy to use for network traffic. - type: string - no_proxy: - default: "" - description: A comma-separated list of hostnames, IP addresses, or IP - ranges in CIDR format that should not use the proxy. - type: string - type: object - type: object - version: 2.6.0 diff --git a/repo/packages/knative-serving.packages.kadras.io/1.18.0.yml b/repo/packages/knative-serving.packages.kadras.io/1.18.0.yml deleted file mode 100644 index 5949496..0000000 --- a/repo/packages/knative-serving.packages.kadras.io/1.18.0.yml +++ /dev/null @@ -1,304 +0,0 @@ -apiVersion: data.packaging.carvel.dev/v1alpha1 -kind: Package -metadata: - creationTimestamp: null - name: knative-serving.packages.kadras.io.1.18.0 -spec: - capacityRequirementsDescription: For prototyping purposes, one-node cluster that - has at least 3 CPUs and 4 GB of memory. For production purposes, if you have only - one node, at least 6 CPUs, 6 GB of memory, and 30 GB of disk storage. If you have - multiple nodes, for each node at least 2 CPUs, 4 GB of memory, and 20 GB of disk - storage. - licenses: - - Apache 2.0 - refName: knative-serving.packages.kadras.io - releaseNotes: https://github.com/kadras-io/package-for-knative-serving/releases - releasedAt: "2025-05-30T19:38:47Z" - template: - spec: - deploy: - - kapp: - rawOptions: - - --wait-timeout=5m - fetch: - - imgpkgBundle: - image: ghcr.io/kadras-io/package-for-knative-serving@sha256:e2b14d7b0b9e44591f899914491992cb3c9b749fac63795dfffae18a1952dc8d - template: - - ytt: - paths: - - config - - kbld: - paths: - - '-' - - .imgpkg/images.yml - valuesSchema: - openAPIv3: - additionalProperties: false - properties: - ca_cert_data: - default: "" - description: PEM-encoded certificate data to trust TLS connections with - a custom CA. - type: string - config: - additionalProperties: false - description: Settings for the Knative Serving ConfigMaps. - properties: - deployment: - additionalProperties: false - description: Deployment configuration stored in the `config-deployment` - ConfigMap. - properties: - progress-deadline: - default: 600s - description: The duration to wait for the deployment to be ready - before considering it failed. - type: string - queue-sidecar-cpu-limit: - default: 1000m - description: The queue proxy's CPU limit. If omitted, a default - value (currently `1000m`), is used when `queueproxy.resource-defaults` - is set to `Enabled`. - type: string - queue-sidecar-cpu-request: - default: 25m - description: The queue proxy's CPU request. If omitted, a default - value (currently '25m'), is used. - type: string - queue-sidecar-memory-limit: - default: 200Mi - description: The queue proxy's memory limit. If omitted, a default - value (currently `800Mi`), is used when `queueproxy.resource-defaults` - is set to `Enabled`. - type: string - queue-sidecar-memory-request: - default: 50Mi - description: The queue proxy's memory request. If omitted, a default - value (currently `400Mi`), is used when `queueproxy.resource-defaults` - is set to `Enabled`. - type: string - type: object - network: - additionalProperties: false - description: Network configuration stored in the `config-network` ConfigMap. - properties: - default-external-scheme: - default: http - description: Defines the scheme used for external URLs if autoTLS - is not enabled. This can be used for making Knative report all - URLs as `https`, for example, if you're fronting Knative with - an external loadbalancer that deals with TLS termination and Knative - doesn't know about that otherwise. - enum: - - http - - https - type: string - domain-template: - default: '{{.Name}}.{{.Namespace}}.{{.Domain}}' - description: The golang text template string to use when constructing - the Knative Service's DNS name. - type: string - http-protocol: - default: Redirected - description: 'Controls the behavior of the HTTP endpoint for the - Knative ingress. `Enabled`: The Knative ingress will be able to - serve HTTP connection. `Redirected`: The Knative ingress will - send a 301 redirect for all http connections, asking the clients - to use HTTPS.' - enum: - - Enabled - - Redirected - type: string - namespace-wildcard-cert-selector: - default: "" - description: A LabelSelector which determines which namespaces should - have a wildcard certificate provisioned. - type: string - rollout-duration: - default: 0 - description: The minimal duration in seconds over which the Configuration - traffic targets are rolled out to the newest revision. - minimum: 0 - type: integer - type: object - tracing: - additionalProperties: false - description: Network configuration stored in the `config-tracing` ConfigMap. - properties: - backend: - default: none - description: The type of distributed tracing backend. - enum: - - zipkin - - none - type: string - debug: - default: "false" - description: Enable the Zipkin debug mode. This allows all spans - to be sent to the server bypassing sampling. - enum: - - "true" - - "false" - type: string - sample-rate: - default: "0.1" - description: The percentage (0-1) of requests to trace. - maxLength: 3 - minLength: 1 - type: string - zipkin-endpoint: - default: http://tempo.observability-system.svc.cluster.local:9411/api/v2/spans - description: The Zipkin collector endpoint where traces are sent. - type: string - type: object - type: object - domain_name: - default: "" - description: Domain name for Knative Services. It must be a valid DNS name. - Stored in the `config-domain` ConfigMap. - minLength: 4 - type: string - ingress: - additionalProperties: false - description: Settings for the Ingress controller. - properties: - contour: - additionalProperties: false - description: Ingress configuration stored in the `config-contour` ConfigMap. - properties: - default-tls-secret: - default: "" - description: If auto-TLS is disabled, fallback to this certificate. - An operator is required to setup a TLSCertificateDelegation for - this Secret to be used. - type: string - external: - additionalProperties: false - description: Configuration for the external Ingress controller - properties: - namespace: - default: projectcontour - description: The namespace where the external Ingress controller - is installed. - minLength: 1 - type: string - type: object - internal: - additionalProperties: false - description: Configuration for the internal Ingress controller - properties: - namespace: - default: projectcontour - description: The namespace where the internal Ingress controller - is installed. - minLength: 1 - type: string - type: object - type: object - type: object - ingress_issuer: - default: "" - description: A reference to the ClusterIssuer to use if you want to enable - autoTLS. Stored in the `config-certmanager` ConfigMap. - example: kadras-ca-issuer - type: string - x-example-description: Kadras private CA - policies: - additionalProperties: false - description: Settings for the Kyverno policies. - properties: - include: - default: false - description: Whether to include the out-of-the-box Kyverno policies - to validate and secure the package installation. - type: boolean - type: object - proxy: - additionalProperties: false - description: Settings for the corporate proxy. - properties: - http_proxy: - default: "" - description: The HTTP proxy to use for network traffic. - type: string - https_proxy: - default: "" - description: The HTTPS proxy to use for network traffic. - type: string - no_proxy: - default: "" - description: A comma-separated list of hostnames, IP addresses, or IP - ranges in CIDR format that should not use a proxy. - type: string - type: object - workloads: - additionalProperties: false - description: Settings for the Knative Serving workloads. - properties: - activator: - additionalProperties: false - properties: - minReplicas: - default: 1 - description: The minimum number of replicas as controlled by a HorizontalPodAutoscaler. - In order to enable high availability, it should be greater than - 1. - maximum: 20 - minimum: 1 - type: integer - type: object - autoscaler: - additionalProperties: false - properties: - replicas: - default: 1 - description: The number of replicas for this Deployment. In order - to enable high availability, it should be greater than 1. - minimum: 1 - type: integer - type: object - controller: - additionalProperties: false - properties: - replicas: - default: 1 - description: The number of replicas for this Deployment. In order - to enable high availability, it should be greater than 1. - minimum: 1 - type: integer - type: object - domain_mapping: - additionalProperties: false - properties: - replicas: - default: 1 - description: The number of replicas for this Deployment. In order - to enable high availability, it should be greater than 1. - minimum: 1 - type: integer - type: object - domain_mapping_webhook: - additionalProperties: false - properties: - replicas: - default: 1 - description: The number of replicas for this Deployment. In order - to enable high availability, it should be greater than 1. - minimum: 1 - type: integer - type: object - webhook: - additionalProperties: false - properties: - minReplicas: - default: 1 - description: The minimum number of replicas as controlled by a HorizontalPodAutoscaler. - In order to enable high availability, it should be greater than - 1. - maximum: 5 - minimum: 1 - type: integer - type: object - type: object - type: object - version: 1.18.0 diff --git a/repo/packages/kyverno.packages.kadras.io/1.14.1.yml b/repo/packages/kyverno.packages.kadras.io/1.14.1.yml deleted file mode 100644 index dd23be7..0000000 --- a/repo/packages/kyverno.packages.kadras.io/1.14.1.yml +++ /dev/null @@ -1,182 +0,0 @@ -apiVersion: data.packaging.carvel.dev/v1alpha1 -kind: Package -metadata: - creationTimestamp: null - name: kyverno.packages.kadras.io.1.14.1 -spec: - licenses: - - Apache 2.0 - refName: kyverno.packages.kadras.io - releaseNotes: https://github.com/kadras-io/package-for-kyverno/releases - releasedAt: "2025-05-30T18:47:37Z" - template: - spec: - deploy: - - kapp: {} - fetch: - - imgpkgBundle: - image: ghcr.io/kadras-io/package-for-kyverno@sha256:1bfaf0b5211db5c1fbd199abf4312ea58a38e096d58b10ec55ffc98e84b602db - template: - - ytt: - paths: - - config - - kbld: - paths: - - '-' - - .imgpkg/images.yml - valuesSchema: - openAPIv3: - additionalProperties: false - properties: - admission_controller: - additionalProperties: false - description: Settings for the Admission Controller component. - properties: - replicas: - default: 1 - description: The number of replicas for the Admission Controller. In - order to enable high availability, it should be at least 3 (2 is not - permitted). - minimum: 1 - type: integer - type: object - background_controller: - additionalProperties: false - description: Settings for the Background Controller component. - properties: - replicas: - default: 1 - description: The number of replicas for the Background Controller. In - order to enable high availability, it should be greater than 1. - minimum: 1 - type: integer - type: object - ca_cert_data: - default: "" - description: PEM-encoded certificate data to trust TLS connections with - a custom CA. - type: string - cleanup_controller: - additionalProperties: false - description: Settings for the Cleanup Controller component. - properties: - replicas: - default: 1 - description: The number of replicas for the Cleanup Controller. In order - to enable high availability, it should be greater than 1. - minimum: 1 - type: integer - type: object - logging: - additionalProperties: false - description: Settings for logging. - properties: - encoding: - default: text - description: 'Log encoding format. Options: `text`, `json`.' - enum: - - text - - json - type: string - level: - default: 2 - description: Number of the log level verbosity (from `1` to `6`). - maximum: 6 - minimum: 1 - type: integer - type: object - metrics: - additionalProperties: false - description: Settings for metrics via Prometheus or OpenTelemetry. - properties: - collector: - default: "" - description: The endpoint where the OpenTelemetry-based collector receives - telemetry data. - type: string - type: - default: prometheus - description: Whether to use OpenTelemetry (`grpc`) or Prometheus (`prometheus`) - for exporting metrics. - enum: - - grpc - - prometheus - type: string - type: object - optional_components: - additionalProperties: false - description: Settings for which Kyverno optional components to deploy. - properties: - background_controller: - default: true - description: Whether to deploy the Background Controller, responsible - for processing of generate and mutate-existing rules. - type: boolean - cleanup_controller: - default: true - description: Whether to deploy the Cleanup Controller, responsible for - processing `CleanupPolicy` resources. - type: boolean - reports_controller: - default: true - description: Whether to deploy the Reports Controller, responsible for - handling `PolicyReport` resources. - type: boolean - type: object - proxy: - additionalProperties: false - description: Settings for the corporate proxy. - properties: - http_proxy: - default: "" - description: The HTTP proxy to use for network traffic. - type: string - https_proxy: - default: "" - description: The HTTPS proxy to use for network traffic. - type: string - no_proxy: - default: "" - description: A comma-separated list of hostnames, IP addresses, or IP - ranges in CIDR format that should not use the proxy. - type: string - type: object - reports_controller: - additionalProperties: false - description: Settings for the Reports Controller component. - properties: - replicas: - default: 1 - description: The number of replicas for the Reports Controller. In order - to enable high availability, it should be greater than 1. - minimum: 1 - type: integer - type: object - tracing: - additionalProperties: false - description: Settings for tracing via OpenTelemetry. - properties: - ca_cert_secret: - default: "" - description: The Secret containing the certificate which is used by - the Opentelemetry Tracing Client. If empty string is set, an insecure - connection will be used. - type: string - enabled: - default: false - description: Whether to configure Kyverno to export OpenTelemetry traces - to a distributed tracing backend. - type: boolean - endpoint: - default: "" - description: The endpoint where the distributed tracing backend accepts - OpenTelemetry traces. - type: string - port: - default: 4317 - description: The port exposed by the distributed tracing backend to - accept OpenTelemetry traces. - type: integer - type: object - type: object - version: 1.14.1 diff --git a/repo/packages/metrics-server.packages.kadras.io/0.7.2.yml b/repo/packages/metrics-server.packages.kadras.io/0.7.2.yml deleted file mode 100644 index c2b500a..0000000 --- a/repo/packages/metrics-server.packages.kadras.io/0.7.2.yml +++ /dev/null @@ -1,148 +0,0 @@ -apiVersion: data.packaging.carvel.dev/v1alpha1 -kind: Package -metadata: - creationTimestamp: null - name: metrics-server.packages.kadras.io.0.7.2 -spec: - licenses: - - Apache 2.0 - refName: metrics-server.packages.kadras.io - releaseNotes: https://github.com/kadras-io/package-for-metrics-server/releases - releasedAt: "2024-09-01T11:51:51Z" - template: - spec: - deploy: - - kapp: {} - fetch: - - imgpkgBundle: - image: ghcr.io/kadras-io/package-for-metrics-server@sha256:ee9771dfe5dd1f1aa725eccddca870cc707c523fe0e60d11533d2412be616381 - template: - - ytt: - paths: - - config - - kbld: - paths: - - '-' - - .imgpkg/images.yml - valuesSchema: - openAPIv3: - additionalProperties: false - properties: - daemonset: - additionalProperties: false - properties: - updateStrategy: - default: null - description: Update strategy of daemonsets - nullable: true - type: string - type: object - deployment: - additionalProperties: false - properties: - rollingUpdate: - additionalProperties: false - properties: - maxSurge: - default: null - description: The maxSurge of rollingUpdate. Applied only if RollingUpdate - is used as updateStrategy - nullable: true - type: integer - maxUnavailable: - default: null - description: The maxUnavailable of rollingUpdate. Applied only if - RollingUpdate is used as updateStrategy - nullable: true - type: integer - type: object - updateStrategy: - default: null - description: Update strategy of deployments - nullable: true - type: string - type: object - metricsServer: - additionalProperties: false - properties: - config: - additionalProperties: false - properties: - apiServiceInsecureTLS: - default: true - description: Whether to enable insecure TLS for metrics-server api - service - type: boolean - args: - default: [] - description: Arguments passed into metrics-server container - items: - default: "" - type: string - type: array - probe: - additionalProperties: false - properties: - failureThreshold: - default: 3 - description: Probe failureThreshold of metrics-server deployment - type: integer - periodSeconds: - default: 10 - description: Probe period of metrics-server deployment - type: integer - type: object - securePort: - default: 4443 - description: The HTTPS secure port used by metrics-server - type: integer - tolerations: - default: [] - description: Metrics-server deployment tolerations - nullable: true - updateStrategy: - default: RollingUpdate - description: The update strategy of the metrics-server deployment - type: string - type: object - createNamespace: - default: true - description: Whether to create namespace specified for metrics-server - type: boolean - image: - additionalProperties: false - properties: - name: - default: "" - description: The path of image - type: string - pullPolicy: - default: IfNotPresent - description: The pull policy of image - type: string - repository: - default: "" - description: The repository of metrics-server image - type: string - tag: - default: "" - description: The image tag - type: string - type: object - namespace: - default: null - description: The namespace value used by older templates, will be overwriten - if top level namespace is present, kept for backward compatibility - nullable: true - type: string - type: object - namespace: - default: kube-system - description: The namespace in which metrics-server is deployed - type: string - nodeSelector: - default: null - description: NodeSelector configuration applied to all the deployments - nullable: true - type: object - version: 0.7.2 diff --git a/repo/packages/postgresql-operator.packages.kadras.io/1.26.0.yml b/repo/packages/postgresql-operator.packages.kadras.io/1.26.0.yml deleted file mode 100644 index cc2b422..0000000 --- a/repo/packages/postgresql-operator.packages.kadras.io/1.26.0.yml +++ /dev/null @@ -1,31 +0,0 @@ -apiVersion: data.packaging.carvel.dev/v1alpha1 -kind: Package -metadata: - creationTimestamp: null - name: postgresql-operator.packages.kadras.io.1.26.0 -spec: - licenses: - - Apache 2.0 - refName: postgresql-operator.packages.kadras.io - releaseNotes: https://github.com/kadras-io/package-for-postgresql-operator/releases - releasedAt: "2025-05-30T19:55:50Z" - template: - spec: - deploy: - - kapp: {} - fetch: - - imgpkgBundle: - image: ghcr.io/kadras-io/package-for-postgresql-operator@sha256:ed88afe9d2728ff37959c5c7ee4d26b40b4fc5d33258243fb85eed4f52719800 - template: - - ytt: - paths: - - config - - kbld: - paths: - - '-' - - .imgpkg/images.yml - valuesSchema: - openAPIv3: - default: null - nullable: true - version: 1.26.0 diff --git a/repo/packages/rabbitmq-operator.packages.kadras.io/2.13.0.yml b/repo/packages/rabbitmq-operator.packages.kadras.io/2.13.0.yml deleted file mode 100644 index f1066d6..0000000 --- a/repo/packages/rabbitmq-operator.packages.kadras.io/2.13.0.yml +++ /dev/null @@ -1,44 +0,0 @@ -apiVersion: data.packaging.carvel.dev/v1alpha1 -kind: Package -metadata: - creationTimestamp: null - name: rabbitmq-operator.packages.kadras.io.2.13.0 -spec: - licenses: - - Apache 2.0 - refName: rabbitmq-operator.packages.kadras.io - releaseNotes: https://github.com/kadras-io/package-for-rabbitmq-operator/releases - releasedAt: "2025-05-30T19:52:33Z" - template: - spec: - deploy: - - kapp: {} - fetch: - - imgpkgBundle: - image: ghcr.io/kadras-io/package-for-rabbitmq-operator@sha256:5055748f058a71d03389a18b7f0a5c3c2dc00d5797c6aaa24b2fb6680eb8ab0f - template: - - ytt: - paths: - - config - - kbld: - paths: - - '-' - - .imgpkg/images.yml - valuesSchema: - openAPIv3: - additionalProperties: false - properties: - logging: - additionalProperties: false - description: Logging configuration. - properties: - level: - default: info - description: The Operator log level. Valid options are `info` and `debug`. - enum: - - info - - debug - type: string - type: object - type: object - version: 2.13.0 diff --git a/repo/packages/tempo-operator.packages.kadras.io/0.15.3.yml b/repo/packages/tempo-operator.packages.kadras.io/0.15.3.yml deleted file mode 100644 index 8b5ac0d..0000000 --- a/repo/packages/tempo-operator.packages.kadras.io/0.15.3.yml +++ /dev/null @@ -1,293 +0,0 @@ -apiVersion: data.packaging.carvel.dev/v1alpha1 -kind: Package -metadata: - creationTimestamp: null - name: tempo-operator.packages.kadras.io.0.15.3 -spec: - licenses: - - Apache 2.0 - refName: tempo-operator.packages.kadras.io - releaseNotes: https://github.com/kadras-io/package-for-tempo-operator/releases - releasedAt: "2025-03-30T09:56:13Z" - template: - spec: - deploy: - - kapp: {} - fetch: - - imgpkgBundle: - image: ghcr.io/kadras-io/package-for-tempo-operator@sha256:3daff7e08c4d5f8deaa7c1b854b88ce764dc5628c92d1fbde4bb95548cd0754f - template: - - ytt: - paths: - - config - - kbld: - paths: - - '-' - - .imgpkg/images.yml - valuesSchema: - openAPIv3: - additionalProperties: false - properties: - configMapData: - default: {} - description: The YAML contents of the `tempo-operator-manager-config` ConfigMap. - See https://github.com/grafana/tempo-operator/blob/main/docs/operator/config.yaml - for more information. - nullable: true - controller: - additionalProperties: false - description: Settings for the Tempo Operator controller. - properties: - replicas: - default: 1 - description: The number of replicas for this Deployment. In order to - enable high availability, it should be greater than 1. - minimum: 1 - type: integer - type: object - tempo: - additionalProperties: false - description: Settings for Tempo. - properties: - extraConfig: - default: {} - description: Additional configuration for Tempo that will be merged - with the one generated by the Operator. It has higher precedence than - the Operator. - nullable: true - jaegerui: - additionalProperties: false - description: Settings for Jaeger UI. - properties: - enabled: - default: false - description: Whether to enable the Jaeger UI to visualize traces. - type: boolean - type: object - namespace: - default: default - description: Namespace where to provision a Tempo installation, stack - or monolithic. - type: string - observability: - additionalProperties: false - description: Settings for observability. - properties: - grafana: - additionalProperties: false - properties: - createDatasource: - default: false - description: Whether a Datasource managed by Grafana Operator - should be created for Tempo. - type: boolean - type: object - metrics: - additionalProperties: false - properties: - createPrometheusRules: - default: false - description: Whether PrometheusRules for alerts managed by Prometheus - Operator should be created for Tempo. - type: boolean - createServiceMonitors: - default: false - description: Whether ServiceMonitors managed by Prometheus Operator - should be created for Tempo. - type: boolean - type: object - tracing: - additionalProperties: false - properties: - otlpHttpEndpoint: - default: "" - description: The OTLP HTTP endpoint where to send traces. Only - for TempoStack. - type: string - samplingFraction: - default: "" - description: Sampling frequence for Tempo traces. Only for TempoStack. - type: string - type: object - type: object - resources: - additionalProperties: false - description: Settings for total resources. - properties: - limits: - additionalProperties: false - properties: - cpu: - default: 750m - type: string - memory: - default: 2Gi - type: string - type: object - requests: - additionalProperties: false - properties: - cpu: - default: 500m - type: string - memory: - default: 1Gi - type: string - type: object - type: object - storage: - additionalProperties: false - description: Settings for storage. - properties: - backend: - additionalProperties: false - description: Tracing backend object storage configuration. - properties: - secret: - additionalProperties: false - properties: - name: - default: "" - description: Name of the Secret containing the credentials - to access the configured object storage. - type: string - namespace: - default: kadras-system - description: Namespace containing the Secret with the credentials - to access the configured object storage. - type: string - type: object - type: - default: memory - description: 'Type of object storage that should be used. Valid - options: `azure`, `gcs`, `s3`, `memory` (only for TempoMonolithic).' - enum: - - azure - - gcs - - s3 - - memory - type: string - type: object - size: - default: 10Gi - description: The size of the storage used by Tempo. - type: string - type: object - tempoMonolithic: - additionalProperties: false - description: Settings for the built-in TempoMonolithic instance. - properties: - enabled: - default: false - description: Whether to deploy the built-in TempoMonolithic instance. - type: boolean - type: object - tempoStack: - additionalProperties: false - description: Settings for the built-in TempoStack instance. - properties: - compactor: - additionalProperties: false - description: Settings for the Tempo Compactor. - properties: - replicas: - default: 1 - description: Number of replicas to deploy for the Compactor - component. In order to enable high availability, it should - be greater than 1. - type: integer - type: object - distributor: - additionalProperties: false - description: Settings for the Tempo Distributor. - properties: - replicas: - default: 1 - description: Number of replicas to deploy for the Distributor - component. In order to enable high availability, it should - be greater than 1. - type: integer - type: object - enabled: - default: false - description: Whether to deploy the built-in TempoStack instance. - type: boolean - gateway: - additionalProperties: false - description: Settings for the Tempo Gateway. - properties: - enabled: - default: false - description: Whether to enable the Tempo Gateway. - type: boolean - ingress: - additionalProperties: false - description: Ingress for the Tempo Gateway. - properties: - annotations: - additionalProperties: false - description: The annotations for the Ingress object. - properties: {} - type: object - host: - default: "" - description: The hostname of the Ingress object. - type: string - ingressClassName: - default: contour - description: The class of the Ingress Controller to use - for the Tempo Gateway. - type: string - type: - default: null - description: 'Type of Ingress for the Tempo Gateway. Valid - options: `ingress`, `route`.' - enum: - - ingress - - route - nullable: true - type: string - type: object - type: object - ingester: - additionalProperties: false - description: Settings for the Tempo Ingester. - properties: - podSecurityContext: - additionalProperties: false - description: PodSecurityContext for the Ingester component. - properties: {} - type: object - replicas: - default: 1 - description: Number of replicas to deploy for the Ingester component. - In order to enable high availability, it should be greater - than 1. - type: integer - type: object - querier: - additionalProperties: false - description: Settings for the Tempo Querier. - properties: - replicas: - default: 1 - description: Number of replicas to deploy for the Querier component. - In order to enable high availability, it should be greater - than 1. - type: integer - type: object - queryFrontend: - additionalProperties: false - description: Settings for the Tempo Query Frontend. - properties: - replicas: - default: 1 - description: Number of replicas to deploy for the Query Frontend - component. In order to enable high availability, it should - be greater than 1. - type: integer - type: object - type: object - type: object - type: object - version: 0.15.3 diff --git a/repo/packages/workspace-provisioner.packages.kadras.io/0.3.0.yml b/repo/packages/workspace-provisioner.packages.kadras.io/0.3.0.yml deleted file mode 100644 index 32bc1cc..0000000 --- a/repo/packages/workspace-provisioner.packages.kadras.io/0.3.0.yml +++ /dev/null @@ -1,114 +0,0 @@ -apiVersion: data.packaging.carvel.dev/v1alpha1 -kind: Package -metadata: - creationTimestamp: null - name: workspace-provisioner.packages.kadras.io.0.3.0 -spec: - licenses: - - Apache 2.0 - refName: workspace-provisioner.packages.kadras.io - releaseNotes: https://github.com/kadras-io/workspace-provisioner/releases - releasedAt: "2023-09-08T16:33:23Z" - template: - spec: - deploy: - - kapp: {} - fetch: - - imgpkgBundle: - image: ghcr.io/kadras-io/workspace-provisioner@sha256:b852990e1cf32796e852880ed1d5eccbbef709f2f58d5fd3e342540667633ac3 - template: - - ytt: - paths: - - config - - kbld: - paths: - - '-' - - .imgpkg/images.yml - valuesSchema: - openAPIv3: - additionalProperties: false - properties: - cosign: - additionalProperties: false - description: Settings for Cosign, used for signing and verifying OCI artifacts. - properties: - secret: - additionalProperties: false - description: Configuration for the Secret holding the Cosign key pair. - properties: - name: - default: "" - description: The name of the Secret holding the Cosign key pair. - type: string - namespace: - default: "" - description: The namespace of the Secret holding the Cosign key - pair. - type: string - type: object - type: object - git: - additionalProperties: false - description: Configuration to access the Git repositories used in the GitOps - workflows. - properties: - secret: - additionalProperties: false - description: Configuration for the Secret holding the Git credentials. - properties: - name: - default: "" - description: The name of the Secret holding the Git credentials. - type: string - namespace: - default: "" - description: The namespace of the Secret holding the Git credentials. - type: string - type: object - server: - default: https://github.com - description: The Git server hosting the Git repositories used in the - GitOps workflows. - type: string - type: object - namespaces: - default: [] - description: Configuration for the namespaces the platform will provision - and manage. - items: - additionalProperties: false - description: Details about the namespace to configure. - properties: - name: - default: "" - type: string - type: object - type: array - oci_registry: - additionalProperties: false - description: Settings for the OCI registry that the workspace will use. - properties: - secret: - additionalProperties: false - description: Configuration for the Secret holding the credentials to - access the OCI registry. - properties: - name: - default: "" - description: The name of the Secret holding the credentials to access - the OCI registry. - type: string - namespace: - default: "" - description: The namespace of the Secret holding the credentials - to access the OCI registry. - type: string - type: object - type: object - service_account: - default: supply-chain - description: The `ServiceAccount` to be configured with credentials and - roles in each workspace. - type: string - type: object - version: 0.3.0 From b21cf193c407a8963cd5fffae88e6f8928647c29 Mon Sep 17 00:00:00 2001 From: Thomas Vitale Date: Thu, 14 Aug 2025 22:34:36 +0200 Subject: [PATCH 18/18] Release version 0.26.0 --- .github/workflows/release.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 267b2c4..fbac509 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -5,7 +5,7 @@ on: env: REGISTRY: ghcr.io IMAGE_NAME: ${{ github.repository }} - VERSION: 0.25.0 + VERSION: 0.26.0 jobs: build: