Prepare release v0.18.0

[kvaps]

Summary by CodeRabbit

Release Notes

• New Features

  • Expanded build process to include the cozystack-api component.
  • Updated image versions for cozystack, darkhttpd, and other components to improve performance and stability.

• Bug Fixes

  • Updated image digests for various components, ensuring the latest updates and security patches are applied.

• Documentation

  • Incremented version numbers across multiple configuration files for clarity and consistency.

• Chores

  • Updated various package versions in the version map for better dependency management.

[coderabbitai]

Caution

Review failed

The pull request is closed.

Walkthrough

The pull request introduces several updates across various files, primarily focusing on version upgrades for images and modifications to build and deployment configurations. Key changes include the integration of the cozystack-api into the build process via the Makefile, updates to container images in Kubernetes manifests, and adjustments to image digests across multiple components. Additionally, the versioning for several packages has been refined, reflecting a consistent approach to managing dependencies and ensuring compatibility.

Changes

File Path	Change Summary
Makefile	Added command to build cozystack-api, replaced delete command with test command in test target.
manifests/cozystack-installer.yaml	Updated container images for cozystack and darkhttpd from v0.17.1 to v0.18.0.
packages/apps/http-cache/images/nginx-cache.tag	Updated image digest for nginx-cache.
packages/apps/kubernetes/Chart.yaml	Incremented chart version from 0.13.0 to 0.14.0.
packages/apps/kubernetes/images/cluster-autoscaler.tag	Updated image tag and digest for cluster-autoscaler from 0.13.0 to 0.14.0.
packages/apps/kubernetes/images/kubevirt-cloud-provider.tag	Updated image tag for kubevirt-cloud-provider from 0.13.0 to 0.14.0.
packages/apps/kubernetes/images/kubevirt-csi-driver.tag	Updated image tag for kubevirt-csi-driver from 0.13.0 to 0.14.0.
packages/apps/kubernetes/images/ubuntu-container-disk.tag	Updated image digest for ubuntu-container-disk.
packages/apps/versions_map	Updated versions for multiple packages including kubernetes, clickhouse, ferretdb, and others.
packages/core/installer/values.yaml	Updated image version for cozystack from v0.17.1 to v0.18.0.
packages/core/testing/values.yaml	Changed image tag from latest to v0.18.0.
packages/system/bucket/images/s3manager.tag	Updated image digest for s3manager.
packages/system/cozystack-api/values.yaml	Changed image tag from latest to v0.18.0 and updated the digest.
packages/system/dashboard/values.yaml	Updated image tags and digests for dashboard and kubeapps-apis.
packages/system/kamaji/values.yaml	Updated image tag from v0.17.1 to v0.18.0.
packages/system/kubeovn/values.yaml	Updated image digest for kubeovn.
hack/e2e.sh	Updated Talos image from v1.8.1 to v1.8.2, streamlined VM management and configuration.
pkg/registry/apps/application/rest.go	Added AppVersion field to Application struct in conversion logic.
scripts/installer.sh	Updated VERSION variable from 6 to 7.
scripts/migrations/6	Added command to suspend Helm release for cert-manager and modified deletion command for cozy-monitoring.

Possibly related PRs

• Prepare release v0.13.0 #321: The changes in the main PR regarding the Makefile and build processes are related to the updates in the manifests/cozystack-installer.yaml file in this PR, which also involves changes to the container images and deployment configurations.
• Prepare release v0.14.1 #338: The updates to the Makefile in the main PR are relevant to the changes in the manifests/cozystack-installer.yaml file in this PR, which includes modifications to the container images used in the deployment.
• Prepare release v0.16.1 #390: The changes in the main PR regarding the Makefile and build processes are related to the updates in the manifests/cozystack-installer.yaml file in this PR, which involves changes to the container images and deployment configurations.
• Prepare release v0.17.0 #444: The modifications in the main PR to the Makefile are connected to the updates in the manifests/cozystack-installer.yaml file in this PR, which also involves changes to the container images used in the deployment.
• Prepare release v0.17.1 #450: The changes in the main PR regarding the Makefile and build processes are related to the updates in the manifests/cozystack-installer.yaml file in this PR, which includes modifications to the container images and deployment configurations.
• Prepare release v0.18.0 #462: The changes in the main PR regarding the Makefile and build processes are relevant to the updates in the manifests/cozystack-installer.yaml file in this PR, which also involves changes to the container images used in the deployment.

Suggested labels

lgtm

Suggested reviewers

• kvaps

🐇 In the meadow, changes bloom,
With versions new, we make room.
From cozystack to kubeapps bright,
Our code hops forward, taking flight!
With every tag and digest clear,
A brighter future draws near! 🌼

---

Thank you for using CodeRabbit. We offer it for free to the OSS community and would appreciate your support in helping us grow. If you find it useful, would you consider giving us a shout-out on your favorite social media?

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

🪧 Tips

Chat

There are 3 ways to chat with CodeRabbit:

• Review comments: Directly reply to a review comment made by CodeRabbit. Example:
  • I pushed a fix in commit <commit_id>, please review it.
  • Generate unit testing code for this file.
  • Open a follow-up GitHub issue for this discussion.
• Files and specific lines of code (under the "Files changed" tab): Tag @coderabbitai in a new review comment at the desired location with your query. Examples:
  • @coderabbitai generate unit testing code for this file.
  • @coderabbitai modularize this function.
• PR comments: Tag @coderabbitai in a new PR comment to ask questions about the PR branch. For the best results, please provide a very specific query, as very limited context is provided in this mode. Examples:
  • @coderabbitai gather interesting stats about this repository and render them as a table. Additionally, render a pie chart showing the language distribution in the codebase.
  • @coderabbitai read src/utils.ts and generate unit testing code.
  • @coderabbitai read the files in the src/scheduler package and generate a class diagram using mermaid and a README in the markdown format.
  • @coderabbitai help me debug CodeRabbit configuration file.

Note: Be mindful of the bot's finite context window. It's strongly recommended to break down tasks such as reading entire modules into smaller chunks. For a focused discussion, use review comments to chat about specific files and their changes, instead of using the PR comments.

CodeRabbit Commands (Invoked using PR comments)

• @coderabbitai pause to pause the reviews on a PR.
• @coderabbitai resume to resume the paused reviews.
• @coderabbitai review to trigger an incremental review. This is useful when automatic reviews are disabled for the repository.
• @coderabbitai full review to do a full review from scratch and review all the files again.
• @coderabbitai summary to regenerate the summary of the PR.
• @coderabbitai resolve resolve all the CodeRabbit review comments.
• @coderabbitai configuration to show the current CodeRabbit configuration for the repository.
• @coderabbitai help to get help.

Other keywords and placeholders

• Add @coderabbitai ignore anywhere in the PR description to prevent this PR from being reviewed.
• Add @coderabbitai summary to generate the high-level summary at a specific location in the PR description.
• Add @coderabbitai anywhere in the PR title to generate the title automatically.

CodeRabbit Configuration File (.coderabbit.yaml)

• You can programmatically configure CodeRabbit by adding a .coderabbit.yaml file to the root of your repository.
• Please see the configuration documentation for more information.
• If your editor has YAML language server enabled, you can add the path at the top of this file to enable auto-completion and validation: # yaml-language-server: $schema=https://coderabbit.ai/integrations/schema.v2.json

Documentation and Community

• Visit our Documentation for detailed information on how to use CodeRabbit.
• Join our Discord Community to get help, request features, and share feedback.
• Follow us on X/Twitter for updates and announcements.

[coderabbitai]

Actionable comments posted: 3

🧹 Outside diff range and nitpick comments (4)

packages/core/installer/images/talos/profiles/iso.yaml (1)

Line range hint 1-2: Note: This is an auto-generated file

As indicated in the header comment, this file is generated by hack/gen-profiles.sh. Any changes should be made through the generation script rather than direct edits.

packages/core/installer/images/talos/profiles/initramfs.yaml (1)

Line range hint 1-2: Note: This is an auto-generated file

Remember that manual changes to this file will be overwritten as it's generated by hack/gen-profiles.sh.

Makefile (1)

9-9: Consider documenting build requirements.

Since this is a release preparation PR, it would be helpful to document any specific build requirements or dependencies for cozystack-api in the component's README or documentation.

packages/apps/versions_map (1)

Line range hint 1-150: Consider using commit hashes instead of HEAD for release versioning

Several packages are marked with HEAD which could affect reproducibility of builds. For a release (v0.18.0), it's recommended to use specific commit hashes for all packages to ensure consistent and reproducible builds.

Consider:

1. Using specific commit hashes for all packages in this release
2. Only using HEAD in development branches
3. Adding a comment at the top of the file explaining the versioning strategy

📜 Review details

Configuration used: CodeRabbit UI
Review profile: CHILL

📥 Commits

Reviewing files that changed from the base of the PR and between 3c27a1e and 6d2f544.

📒 Files selected for processing (22)

• Makefile (1 hunks)
• manifests/cozystack-installer.yaml (2 hunks)
• packages/apps/http-cache/images/nginx-cache.tag (1 hunks)
• packages/apps/kubernetes/Chart.yaml (1 hunks)
• packages/apps/kubernetes/images/cluster-autoscaler.tag (1 hunks)
• packages/apps/kubernetes/images/kubevirt-cloud-provider.tag (1 hunks)
• packages/apps/kubernetes/images/kubevirt-csi-driver.tag (1 hunks)
• packages/apps/kubernetes/images/ubuntu-container-disk.tag (1 hunks)
• packages/apps/versions_map (1 hunks)
• packages/core/installer/images/talos/profiles/initramfs.yaml (1 hunks)
• packages/core/installer/images/talos/profiles/installer.yaml (1 hunks)
• packages/core/installer/images/talos/profiles/iso.yaml (1 hunks)
• packages/core/installer/images/talos/profiles/kernel.yaml (1 hunks)
• packages/core/installer/images/talos/profiles/metal.yaml (1 hunks)
• packages/core/installer/images/talos/profiles/nocloud.yaml (1 hunks)
• packages/core/installer/values.yaml (1 hunks)
• packages/core/testing/values.yaml (1 hunks)
• packages/system/bucket/images/s3manager.tag (1 hunks)
• packages/system/cozystack-api/values.yaml (1 hunks)
• packages/system/dashboard/values.yaml (1 hunks)
• packages/system/kamaji/values.yaml (1 hunks)
• packages/system/kubeovn/values.yaml (1 hunks)

✅ Files skipped from review due to trivial changes (15)

• packages/apps/http-cache/images/nginx-cache.tag
• packages/apps/kubernetes/images/cluster-autoscaler.tag
• packages/apps/kubernetes/images/kubevirt-cloud-provider.tag
• packages/apps/kubernetes/images/kubevirt-csi-driver.tag
• packages/apps/kubernetes/images/ubuntu-container-disk.tag
• packages/core/installer/images/talos/profiles/installer.yaml
• packages/core/installer/images/talos/profiles/kernel.yaml
• packages/core/installer/images/talos/profiles/metal.yaml
• packages/core/installer/images/talos/profiles/nocloud.yaml
• packages/core/installer/values.yaml
• packages/core/testing/values.yaml
• packages/system/bucket/images/s3manager.tag
• packages/system/cozystack-api/values.yaml
• packages/system/kamaji/values.yaml
• packages/system/kubeovn/values.yaml

🔇 Additional comments (11)

packages/core/installer/images/talos/profiles/iso.yaml (2)

6-6: LGTM: Version bump to v1.8.2

The version increment is consistent with the PR objective and matches the version referenced in other image tags.

---

13-13: Verify base installer image availability

The base installer image version has been updated to match the profile version.

packages/core/installer/images/talos/profiles/initramfs.yaml (3)

6-6: LGTM: Version bump to v1.8.2

The version increment is consistent with the release preparation.

---

13-13: LGTM: Base installer image aligned with profile version

The base installer image version is correctly synchronized with the profile version.

---

20-23: LGTM: System extensions properly updated

Updates include:

• Intel microcode security update (20241029)
• DRBD and ZFS versions aligned with profile version v1.8.2

Let's verify the Intel microcode version is the latest available:

✅ Verification successful

Intel microcode version 20241029 is up-to-date

The version used in the profile matches the latest release (20241029) from Intel's official repository, released on October 29, 2024.

🏁 Scripts executed

The following scripts were executed for the analysis:

Script:

#!/bin/bash
# Description: Verify Intel microcode version is current
# Expected: Should show no newer versions than 20241029

# Check if there are any newer Intel microcode releases in the repository
gh release list --repo intel/Intel-Linux-Processor-Microcode-Data-Files --limit 1

Length of output: 157

packages/system/dashboard/values.yaml (1)

42-43: LGTM! Version and digest updates are consistent.

The kubeapps-apis image updates look correct, with both the tag and digest being updated for the new version.

packages/apps/kubernetes/Chart.yaml (2)

19-19: LGTM: Version increment follows semantic versioning.

The minor version bump from 0.13.0 to 0.14.0 is appropriate for introducing new features or non-breaking changes.

---

19-19: Verify version alignment with v0.18.0 release.

The PR title indicates this is preparing for release v0.18.0, but this chart is being updated to v0.14.0. Please confirm if this version difference is intentional and aligns with the overall versioning strategy.

Makefile (1)

9-9: Verify build dependencies for cozystack-api.

The addition of cozystack-api to the build sequence looks correct, but let's verify if there are any build dependencies that might require a specific build order.

✅ Verification successful

Build order for cozystack-api is correctly placed

The verification shows that cozystack-api:

• Is a standalone Go application with no dependencies on other components in the build process
• Uses a multi-stage Dockerfile that builds from scratch
• Is appropriately placed in the Makefile's build sequence among other system components

The build order is not critical as this component is self-contained and doesn't depend on artifacts from other builds.

🏁 Scripts executed

The following scripts were executed for the analysis:

Script:

#!/bin/bash
# Description: Check for potential build dependencies in cozystack-api
# Look for references to other components in the cozystack-api directory

# Check for dependencies in Dockerfile or other build files
rg -l "FROM|COPY|ADD" packages/system/cozystack-api/

# Check for references to other components in source files
rg -l "import|require" packages/system/cozystack-api/

Length of output: 172

---

Script:

#!/bin/bash
# Let's examine the Dockerfile content to understand dependencies
cat packages/system/cozystack-api/images/cozystack-api/Dockerfile

# Let's also check the Makefile structure to understand the build order
cat Makefile

# Check if there are any package.json or similar dependency files
fd package.json packages/system/cozystack-api/

Length of output: 1679

manifests/cozystack-installer.yaml (2)

90-90: Verify if using the cozystack image for darkhttpd is intentional.

While the version update is correct, it's unusual to see the cozystack image being used to run darkhttpd. Please verify if this is intentional or if a dedicated darkhttpd image should be used instead.

Let's check if this is a common pattern:

#!/bin/bash
# Description: Check how darkhttpd is typically deployed in the codebase

# Test 1: Look for other darkhttpd container definitions
echo "Checking other darkhttpd container definitions:"
rg -A 5 "name: darkhttpd"

# Test 2: Check if cozystack image contains darkhttpd
echo -e "\nChecking if Dockerfile includes darkhttpd:"
fd Dockerfile | xargs rg "darkhttpd"

---

71-71: LGTM: Image version update aligns with release.

The image version update from v0.17.1 to v0.18.0 for the cozystack container is consistent with the PR objective.

Let's verify version consistency across related configurations:

✅ Verification successful

Version update is consistent across the codebase

The version update from v0.17.1 to v0.18.0 has been properly applied across all relevant configurations:

• No remaining references to v0.17.1 were found
• v0.18.0 is consistently used in:
  • manifests/cozystack-installer.yaml
  • packages/core/installer/values.yaml
  • packages/system/cozystack-api/values.yaml
  • packages/system/dashboard/values.yaml
  • packages/system/kamaji/values.yaml

The version update is complete and consistent.

🏁 Scripts executed

The following scripts were executed for the analysis:

Script:

#!/bin/bash
# Description: Check for any remaining v0.17.1 references and ensure v0.18.0 is used consistently

# Test 1: Search for any remaining v0.17.1 references
echo "Checking for any remaining v0.17.1 references:"
rg "v0.17.1"

# Test 2: Verify v0.18.0 is used consistently
echo -e "\nVerifying v0.18.0 usage:"
rg "v0.18.0"

Length of output: 1206

---

Script:

#!/bin/bash
# Let's verify version consistency more thoroughly

# Check for v0.17.1 references
echo "Checking for v0.17.1 references:"
rg "v0.17.1"

# Check for v0.18.0 references
echo -e "\nChecking for v0.18.0 references:"
rg "v0.18.0"

# Check image references in template files
echo -e "\nChecking image references in templates:"
rg "image: .*cozystack" -A 1

# Check version references in other potential config files
echo -e "\nChecking version references in configs:"
fd -e yaml -e json | xargs rg "version|v0.18.0|v0.17.1"

Length of output: 282244

[coderabbitai]

💡 Codebase verification

System extension images not accessible or not yet published

The verification attempts show that none of the updated system extension images are currently accessible in the container registry:

• ghcr.io/siderolabs/intel-ucode:20241029
• ghcr.io/siderolabs/drbd:9.2.11-v1.8.2
• ghcr.io/siderolabs/zfs:2.2.6-v1.8.2

Please ensure these images are published to the registry before merging this change to prevent potential system failures during installation.

🔗 Analysis chain

Verify system extensions updates

The updates include:

• Intel microcode update to 20241029 (potentially security-related)
• DRBD and ZFS image versions aligned with v1.8.2

---

Let me try a different approach to verify the images using the GitHub Container Registry API directly.

---

Let me try one final verification approach using direct container registry checks.

🏁 Scripts executed

The following scripts were executed for the analysis:

Script:

#!/bin/bash
# Description: Verify that all updated system extension images exist
# Expected: All images should be available in the registry

echo "Checking intel-ucode image..."
gh api \
  -H "Accept: application/vnd.oci.image.index.v1+json" \
  /repos/siderolabs/intel-ucode/container/20241029 \
  --jq '.digest' || echo "Intel ucode image not found"

echo "Checking DRBD image..."
gh api \
  -H "Accept: application/vnd.oci.image.index.v1+json" \
  /repos/siderolabs/drbd/container/9.2.11-v1.8.2 \
  --jq '.digest' || echo "DRBD image not found"

echo "Checking ZFS image..."
gh api \
  -H "Accept: application/vnd.oci.image.index.v1+json" \
  /repos/siderolabs/zfs/container/2.2.6-v1.8.2 \
  --jq '.digest' || echo "ZFS image not found"

Length of output: 1625

---

Script:

#!/bin/bash
# Description: Verify system extension images using GHCR API
# Note: Using standard JSON accept header as required by the API

echo "Checking intel-ucode image..."
curl -s -H "Accept: application/json" \
     -H "Authorization: Bearer $GITHUB_TOKEN" \
     "https://api.github.com/user/packages/container/intel-ucode/versions" | \
     jq '.[] | select(.metadata.container.tags[] | contains("20241029"))'

echo "Checking DRBD image..."
curl -s -H "Accept: application/json" \
     -H "Authorization: Bearer $GITHUB_TOKEN" \
     "https://api.github.com/user/packages/container/drbd/versions" | \
     jq '.[] | select(.metadata.container.tags[] | contains("9.2.11-v1.8.2"))'

echo "Checking ZFS image..."
curl -s -H "Accept: application/json" \
     -H "Authorization: Bearer $GITHUB_TOKEN" \
     "https://api.github.com/user/packages/container/zfs/versions" | \
     jq '.[] | select(.metadata.container.tags[] | contains("2.2.6-v1.8.2"))'

Length of output: 998

---

Script:

#!/bin/bash
# Description: Verify system extension images using skopeo
# This will check if the images are accessible in the container registry

for img in \
    "ghcr.io/siderolabs/intel-ucode:20241029" \
    "ghcr.io/siderolabs/drbd:9.2.11-v1.8.2" \
    "ghcr.io/siderolabs/zfs:2.2.6-v1.8.2"; do
    echo "Checking $img..."
    skopeo inspect "docker://$img" 2>/dev/null || echo "Image not found: $img"
done

Length of output: 1274

[coderabbitai]

💡 Codebase verification

The dashboard image digest needs to be updated for v0.18.0

The git history shows that the same digest sha256:4818712e9fc9c57cc321512760c3226af564a04e69d4b3ec9229ab91fd39abeb is being reused from v0.17.1, while other components like kubeapps-apis have received new digests for v0.18.0. This strongly indicates that the dashboard image digest wasn't updated properly.

• The digest should be updated to match the new v0.18.0 image to ensure the correct version is being deployed
• Note that the kubeapps-apis component has already received a new digest for v0.18.0 (sha256:af2af34e6717847d9b963c0cf3cfc555e16cb7dfba590b88192c09cea31a31a7)

🔗 Analysis chain

Verify the dashboard image digest.

The image tag has been updated to v0.18.0, but the digest remains unchanged from the previous version. This is unusual and might indicate an oversight.

Let's verify the correct digest for the v0.18.0 image:

🏁 Scripts executed

The following scripts were executed for the analysis:

Script:

#!/bin/bash
# Description: Verify the image digest matches the tag
# Note: Using GitHub Container Registry API to fetch the digest

gh api \
  -H "Accept: application/vnd.oci.image.index.v1+json" \
  /v2/aenix-io/cozystack/dashboard/manifests/v0.18.0 \
  --jq '.digest'

Length of output: 431

---

Script:

#!/bin/bash
# Let's try a different approach to verify the image digest changes
# First, let's check the git history for the previous version's digest

# Find the previous version's digest
git log -p packages/system/dashboard/values.yaml | grep -B1 "tag: v0.17" | grep "digest:"

# Also check if there are any recent changes to the dashboard component
git log --since="3 months ago" -p packages/system/dashboard/ | grep -B2 "digest:"

Length of output: 2395

[coderabbitai]

💡 Codebase verification

Invalid commit hash in versions_map file

The commit hash ced8e5b9 specified for kubernetes 0.13.0 does not exist in the repository. Additionally:

• The git history shows only recent commits related to v0.18.0 preparation
• The commit hash cannot be found or verified in any way
• This could lead to reproducibility issues when trying to build or deploy version 0.13.0

🔗 Analysis chain

Verify the commit hash for kubernetes 0.13.0

The commit hash ced8e5b9 has been assigned to kubernetes 0.13.0. Let's verify its existence and validity.

🏁 Scripts executed

The following scripts were executed for the analysis:

Script:

#!/bin/bash
# Description: Verify the commit hash exists in the repository
# Expected: The commit hash should exist and be related to kubernetes package

# Test 1: Check if the commit exists
git rev-parse --quiet --verify ced8e5b9 || echo "Commit not found"

# Test 2: Check commit message and changed files to verify it's kubernetes-related
git show --no-patch --format=%B ced8e5b9
git show --name-only ced8e5b9 | grep -i kubernetes

Length of output: 558

---

Script:

#!/bin/bash
# Let's try to understand the repository structure and kubernetes-related files
# to get more context about version management

# Find kubernetes-related files and directories
fd kubernetes

# Check the content of versions_map file
cat packages/apps/versions_map

# Look for any kubernetes-related package.json files
fd package.json --exec grep -l kubernetes {} \;

# Look for any documentation about versioning
fd -e md | xargs grep -l -i "version\|kubernetes" 2>/dev/null

Length of output: 5984

---

Script:

#!/bin/bash
# Let's check the kubernetes package directory for version information
# and recent commits to validate the version mapping

# Check package.json for version info
cat packages/apps/kubernetes/package.json

# Get recent commits affecting the kubernetes package
git log --oneline packages/apps/kubernetes/

# Check if there are any tags related to kubernetes versions
git tag -l "*kubernetes*"

Length of output: 253