Commit graph

134 commits

Author SHA1 Message Date
Andrei Kvapil
52a16dc518
fix(ci): force-update API subtag on re-runs
Always force-create and force-push the API submodule tag so it stays
in sync with the main version tag, even when re-tagging.

Co-Authored-By: Claude <noreply@anthropic.com>
Signed-off-by: Andrei Kvapil <kvapss@gmail.com>
2026-03-31 13:25:26 +02:00
Andrei Kvapil
d68f56ae19
fix(ci): make tags workflow idempotent on re-runs
- Remove broken `git push origin HEAD` in detached HEAD state (commit
  artifacts are already pushed via the "Create release branch" step)
- Make subtag push idempotent: use explicit refs/tags/ prefix and
  tolerate already-existing remote tags after verifying they point to
  the correct commit

Co-Authored-By: Claude <noreply@anthropic.com>
Signed-off-by: Andrei Kvapil <kvapss@gmail.com>
2026-03-31 13:25:26 +02:00
Kirill Ilin
dfe16ed9b4
[tests] Stabilize E2E kubernetes tests (#2262)
## What this PR does

Reduces flakiness in E2E tests by addressing the most common failure
modes.

### Kubernetes tenant tests (`run-kubernetes.sh`)

- Increase node Ready timeout from 2m to 5m — CI runners are shared and
resource-constrained
- Fail fast when nodes are not Ready — saves ~7 minutes per failed
attempt by not running LB/NFS tests that will also fail
- Delete stale Kubernetes resources at test start — retries provision
from scratch instead of patching stuck state
- Wait for port-forward to be ready before using it (fixes race
condition)
- Reduce version check polling interval from 5s to 1s

### All app tests (postgres, redis, kafka, clickhouse, mariadb, mongodb,
qdrant, foundationdb, openbao, vminstance, bucket)

- Add pre-cleanup of stale resources from previous failed retries so
each attempt starts clean

### Test runner (`cozytest.sh`)

- Clean up temp directory on test failure (was only cleaned on success,
leaking `/tmp` dirs)

### Release note

```release-note
NONE
```

<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit

* **Tests**
* Improved e2e robustness by deleting stale resources before creation
(ignore-if-missing, bounded time) and killing leftover port-forwards.
* Added an exit cleanup to consistently remove temporary artifacts and
teardown port-forwards on any exit.
* Added readiness polling for forwarded endpoints (curl with timeout);
made API/version retries more responsive.
* Extended node readiness wait (2m → 5m), dump debug info and fail fast
if unready.
  * Made load‑balancer reachability checking explicit and more reliable.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
2026-03-26 18:57:14 +05:00
Myasnikov Daniil
fe6b81ea03
[docs] Update cozyvalues-gen
Signed-off-by: Myasnikov Daniil <myasnikovdaniil2001@gmail.com>
2026-03-25 15:59:22 +05:00
Myasnikov Daniil
9e55552910
[docs] Updated app go types
Signed-off-by: Myasnikov Daniil <myasnikovdaniil2001@gmail.com>
2026-03-25 15:57:25 +05:00
Myasnikov Daniil
1b3fe9d8fc
[docs] Changed update website docs job to push model
Signed-off-by: Myasnikov Daniil <myasnikovdaniil2001@gmail.com>
2026-03-25 15:57:25 +05:00
Myasnikov Daniil
e090e2f317
[docs] Added go types codegeneration for managed apps
Signed-off-by: Myasnikov Daniil <myasnikovdaniil2001@gmail.com>
2026-03-25 15:57:13 +05:00
Aleksei Sviridkin
8477e72ad2
[ci] Add timeout-minutes to Build and E2E jobs
Without explicit timeouts, stuck jobs use the GitHub Actions
default of 360 minutes (6 hours). This blocks the concurrency
group and prevents new runs from starting.

Set reasonable limits:
- Build: 30 minutes (normally ~5 min)
- E2E: 120 minutes (normally ~60 min)

Assisted-By: Claude <noreply@anthropic.com>
Signed-off-by: Aleksei Sviridkin <f@lex.la>
2026-03-23 20:40:45 +03:00
IvanHunters
4b166e788a
fix(ci): unblock docs-only PRs by moving path filtering to job level
The pull-requests workflow used paths-ignore at the trigger level, which
prevented the entire workflow from running on docs-only PRs. This meant
the required "E2E Tests" check was never created, blocking merge for
non-admin users.

Replace trigger-level paths-ignore with a detect-changes job using
dorny/paths-filter. The workflow now always triggers (so checks are
always reported), but build and downstream jobs are skipped when only
docs files change.

Signed-off-by: IvanHunters <xorokhotnikov@gmail.com>
2026-03-10 12:41:48 +01:00
Kirill Ilin
4c73ac54a0
chore: add @sircthulhu to CODEOWNERS
Co-Authored-By: Claude <noreply@anthropic.com>
Signed-off-by: Kirill Ilin <stitch14@yandex.ru>
2026-02-25 13:09:21 +05:00
Aleksei Sviridkin
153d2c48ae
refactor(e2e): use helm install instead of kubectl apply for cozystack installation
Replace pre-rendered static YAML application with direct helm chart
installation in e2e tests. The chart directory with correct values is
already present in the sandbox after pr.patch application.

- Remove CRD/operator artifact upload/download from CI workflow
- Remove copy-installer-manifest target from testing Makefile
- Use helm upgrade --install from local chart in e2e-install-cozystack.bats

Co-Authored-By: Claude <noreply@anthropic.com>
Signed-off-by: Aleksei Sviridkin <f@lex.la>
2026-02-18 00:49:55 +03:00
Andrei Kvapil
3971e9cb39
[installer] Rename talos asset to cozystack-operator-talos.yaml
Add -talos suffix to the default variant output file for consistency
with -generic and -hosted variants. Update all references in CI
workflows, e2e tests, upload scripts, and testing Makefile.

Co-Authored-By: Claude <noreply@anthropic.com>
Signed-off-by: Andrei Kvapil <kvapss@gmail.com>
2026-02-11 22:05:37 +01:00
IvanHunters
1d3deab3f3
Add @IvanHunters to CODEOWNERS
Signed-off-by: IvanHunters <49371933+IvanHunters@users.noreply.github.com>
2026-02-10 14:47:50 +03:00
Timofei Larkin
1e293995de [ci] Choose runner conditional on label
## What this PR does

This patch adds a conditional for running on a statically defined VM the
maintainers have SSH access to if the pull request has a `debug` label.
This is useful for debugging failing workflows when the diagnostic info
from the pipeline is insufficient.

### Release note

```release-note
[ci] Run builds on a static VM with SSH access if the PR has a debug
label.
```

Signed-off-by: Timofei Larkin <lllamnyp@gmail.com>
2026-02-06 18:38:53 +03:00
Andrei Kvapil
3c75e88190
ci: remove unused base_branch computation from changelog job
Co-Authored-By: Claude <noreply@anthropic.com>
Signed-off-by: Andrei Kvapil <kvapss@gmail.com>
2026-02-05 22:00:38 +01:00
Andrei Kvapil
90a5d534cf
[ci] Use GitHub Copilot CLI for changelog generation (#1753)
## What this PR does

Use GitHub Copilot CLI for automatic changelog generation on tagged
releases.

### How it works

When a new version tag is pushed, the `generate-changelog` job in
`tags.yaml`:

1. Checks out the `main` branch with full history and tags
2. Verifies that a changelog file doesn't already exist in
`docs/changelogs/`
3. Installs GitHub Copilot CLI (`@github/copilot` npm package)
4. Runs Copilot CLI in non-interactive mode (`-p` flag) with
`--allow-all-tools --allow-all-paths` to generate the changelog
following the instructions in `docs/agents/changelog.md`
5. Commits the generated file to a `changelog-vX.Y.Z` branch and opens a
PR to `main`

### Authentication

- `COPILOT_GITHUB_TOKEN` secret — fine-grained PAT with **"Copilot
Requests: Read"** account permission, used to authenticate Copilot CLI
- `GH_PAT` secret — used by `gh` CLI inside the Copilot session to query
PR authors via GitHub API

### Release note

```release-note
[ci] Replaced Gemini with GitHub Copilot CLI for automatic changelog generation on release tags
```
2026-02-05 21:49:08 +01:00
Andrei Kvapil
976b0011ac
ci: replace Gemini with GitHub Copilot CLI for changelog generation
Co-Authored-By: Claude <noreply@anthropic.com>
Signed-off-by: Andrei Kvapil <kvapss@gmail.com>
2026-02-05 21:39:31 +01:00
Timofei Larkin
3cdf031da6 Update codeowners
Signed-off-by: Timofei Larkin <lllamnyp@gmail.com>
2026-02-03 22:57:22 +03:00
Andrei Kvapil
505b693c35
[ci] Run e2e tests on shared runners
Signed-off-by: Andrei Kvapil <kvapss@gmail.com>
2026-01-20 22:13:16 +01:00
Andrei Kvapil
6dbfcbb93e
feat(cozypkg): add cross-platform build targets with version injection
- Add pattern rule for building cozypkg binaries per platform
  (assets-cozypkg-<os>-<arch>) with checksums generation
- Add Version variable to cozypkg CLI injected via ldflags
- Split manifests into separate cozystack-crds.yaml and
  cozystack-operator.yaml files
- Update CI workflow to handle CRDs and operator as separate artifacts
- Update e2e tests and upload script for new manifest structure
- Suppress git describe stderr when no tags exist

Co-Authored-By: Claude <noreply@anthropic.com>
Signed-off-by: Andrei Kvapil <kvapss@gmail.com>
2026-01-15 17:18:01 +01:00
Andrei Kvapil
66a756b606
fix(ci): ensure correct latest release after backport publishing
Replace unreliable getLatestRelease() API with semver-based max version
detection. After publishing a backport release, explicitly restore the
latest flag on the highest semver release to handle cases where GitHub
API ignores make_latest: 'false'.

Also remove dead code (unused steps) from tags.yaml workflow.

Co-Authored-By: Claude <noreply@anthropic.com>
Signed-off-by: Andrei Kvapil <kvapss@gmail.com>
2026-01-04 10:31:31 +01:00
Andrei Kvapil
bbeaaccd0c
feat(ci): add /retest command to rerun tests from Prepare environment
Allows maintainers to trigger test rerun by commenting /retest on a PR.
The workflow finds the latest run for the PR and reruns starting from
the "Prepare environment" job, skipping the build step.

Co-Authored-By: Claude <noreply@anthropic.com>
Signed-off-by: Andrei Kvapil <kvapss@gmail.com>
2026-01-02 21:23:27 +01:00
Andrei Kvapil
08e5a25ce7
fix(ci): remove GITHUB_TOKEN extraheader to trigger workflows
actions/checkout configures http.extraheader with GITHUB_TOKEN which
takes priority over URL credentials. This caused tag pushes to
authenticate as github-actions instead of cozystack-bot, preventing
the Versioned Tag workflow from being triggered.

Co-Authored-By: Claude <noreply@anthropic.com>
Signed-off-by: Andrei Kvapil <kvapss@gmail.com>
2026-01-02 21:10:12 +01:00
Andrei Kvapil
2d6e50bbeb
[ci] Fix auto-release workflow
Signed-off-by: Andrei Kvapil <kvapss@gmail.com>
2025-12-30 12:20:40 +01:00
Andrei Kvapil
0697c0221b
[workflow] Push tags as cozystack-bot to trigger GitHub workflows
Signed-off-by: Andrei Kvapil <kvapss@gmail.com>
2025-12-25 10:39:21 +01:00
Andrei Kvapil
59f62b7834
[workflows] Add auto patch release workflow (#1754)
This PR adds a new GitHub workflow that automatically creates patch
releases for maintenance branches.

## What it does

- Runs daily at 2:00 AM CET (1:00 UTC)
- Checks all `release-X.Y` branches
- For each branch, finds the latest published release with tag `vX.Y.Z`
(without suffixes like -rc, -alpha, -beta)
- If new commits exist after the release, creates a new tag `vX.Y.Z+1`
and force-pushes it
- This triggers the existing tag workflow to build and create a release
PR

## Why releases instead of tags

The workflow checks published releases (not just tags) because if a
release PR hasn't been merged yet, the workflow should run again the
next day and move the tag to newer commits if they exist.

<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->

## Summary by CodeRabbit

* **Chores**
* Automated patch release workflow configured for release branches,
enabling automatic version tagging when new commits are detected.

<sub>✏️ Tip: You can customize this high-level summary in your review
settings.</sub>

<!-- end of auto-generated comment: release notes by coderabbit.ai -->
2025-12-24 21:11:07 +01:00
Andrei Kvapil
f28b53d8dc
[workflow] Add GitHub Action to update release notes from changelogs (#1752)
This PR adds a GitHub Actions workflow that automatically updates
release notes from changelog files when changes are merged to main.

The workflow:
- Triggers on push to main branch
- Processes up to 30 releases from the first page
- For each release, checks if a corresponding changelog file exists in
`docs/changelogs/`
- Updates the release notes with the changelog content if it exists and
differs from the current content
- Skips releases that are already up to date to avoid unnecessary API
calls

This automates the process of keeping release notes synchronized with
changelog files.

<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit

* **Chores**
* Automated workflow added to synchronize GitHub releases with local
changelog files, updating release notes only when content differs.

* **Documentation**
* Changelogs and release notes reorganized and expanded with improved
sectioning and new tooling/documentation entries.

* **New Features**
  * Added VM disk SVG icon entry under Features/Improvements.

* **Bug Fixes**
  * Pinned CoreDNS image tag for reproducible deployments.
* Fixed a documentation typo that prevented a component from displaying
in the web UI.

<sub>✏️ Tip: You can customize this high-level summary in your review
settings.</sub>
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
2025-12-24 21:10:53 +01:00
Andrei Kvapil
9d85cfb647
[workflow] Add GitHub Action to update release notes from changelogs
Signed-off-by: Andrei Kvapil <kvapss@gmail.com>
2025-12-24 15:02:04 +01:00
Andrei Kvapil
db800b510e
[workflows] Add auto patch release workflow
Signed-off-by: Andrei Kvapil <kvapss@gmail.com>
2025-12-24 14:52:40 +01:00
Andrey Kolkov
656e00d182 ci: add used gemini action for changelog generations
Signed-off-by: Andrey Kolkov <androndo@gmail.com>
2025-12-24 17:47:34 +04:00
Andrei Kvapil
c0e0ef0f7c
[core] Extract Talos package from installer
Move Talos-related functionality from packages/core/installer to a separate packages/core/talos package:
- Move Talos profiles, matchbox configuration and build scripts
- Update installer Makefile to remove Talos-related targets
- Update root Makefile to build talos package separately
- Update matchbox Dockerfile paths to reference talos package

Signed-off-by: Andrei Kvapil <kvapss@gmail.com>
2025-12-15 08:04:41 +01:00
Andrei Kvapil
d079dd4731
[ci] Update korthout/backport-action@v3.2.1
Signed-off-by: Andrei Kvapil <kvapss@gmail.com>
2025-12-09 14:34:37 +01:00
Andrei Kvapil
650e5290ea
[ci] Improve backport workflow with merge_commits skip and conflict resolution
Signed-off-by: Andrei Kvapil <kvapss@gmail.com>
2025-12-09 14:25:06 +01:00
Andrei Kvapil
33128748e6
[mariadb] Add version management system with automated version updates
Signed-off-by: Andrei Kvapil <kvapss@gmail.com>
2025-12-02 00:36:00 +01:00
Timofei Larkin
1c9ae2bec5 [ci,dx] Add unit tests for cozy-lib
## What this PR does

The cozy-lib library package got complicated enough to warrant its own
unit tests. Since unit tests are a "good thing" (tm), a somewhat generic
framework for running all kinds of unit tests was introduced into the CI
pipeline and Makefile targets. For now all it runs is `make test`
against the `packages/{library,apps,system,extra}/*` directories,
wherever a `test` target is present in the Makefile, and for now this is
only for the `cozy-lib` Helm library chart.

### Release note

```release-note
[ci,dx] Introduce a scaffold for running unit tests locally and in CI
and add the first unit tests for the cozy-lib helper Helm chart.
```

Signed-off-by: Timofei Larkin <lllamnyp@gmail.com>
2025-11-19 17:56:17 +03:00
Andrei Kvapil
9632772337
[dx] JSDoc compatible syntax for values.yaml
Signed-off-by: Andrei Kvapil <kvapss@gmail.com>
2025-10-29 08:57:26 +05:00
Nikita
840c264e86
Update CODEOWNERS
- klinch0
+ nbykov0

Signed-off-by: Nikita <166552198+nbykov0@users.noreply.github.com>
2025-10-20 14:46:10 +03:00
Andrei Kvapil
1a977bd4b4
[ci] Fix build from external forks
Signed-off-by: Andrei Kvapil <kvapss@gmail.com>
2025-10-16 20:17:28 +02:00
Timofei Larkin
a1fd97f2d7
Update issue templates (#1408)
Add an issue template for bug reports.
2025-10-08 18:31:55 +04:00
Timofei Larkin
8076f120d8
Update .github/ISSUE_TEMPLATE/bug_report.md
Signed-off-by: Timofei Larkin <lllamnyp@gmail.com>
2025-10-08 17:30:56 +03:00
Andrei Kvapil
8c6fc68367
[cozystack-api] Update defaulting API schemas
Signed-off-by: Andrei Kvapil <kvapss@gmail.com>
2025-09-18 04:49:50 +02:00
Timofei Larkin
07384c3605 [ci] Get REGISTRY from vars, not secrets
This patch sources the REGISTRY env var from GitHub actions variables
instead of secrets, so pull requests from forked repos work correctly.

```release-note
[ci] Source the REGISTRY env var from actions' variables, not secrets,
so external pull requests can work.
```

Signed-off-by: Timofei Larkin <lllamnyp@gmail.com>
2025-09-16 11:36:00 +03:00
Marian Koreniuk
16a700dabf
Fix bug_report.md
Signed-off-by: Marian Koreniuk <moriarti@cp.if.ua>
2025-09-11 16:26:20 +02:00
Marian Koreniuk
7f8b673dbc
Update bug_report.md
Signed-off-by: Marian Koreniuk <moriarti@cp.if.ua>
2025-09-10 22:01:37 +02:00
Marian Koreniuk
24482d958b
Update issue templates 2025-09-10 21:55:24 +02:00
Andrei Kvapil
89a74f653a
[ci] use host buildx config
Signed-off-by: Andrei Kvapil <kvapss@gmail.com>
2025-09-05 11:56:51 +02:00
Andrei Kvapil
a2134ecce7
Add test for openapi schema
Signed-off-by: Andrei Kvapil <kvapss@gmail.com>
2025-08-21 16:51:21 +02:00
Nick Volynkin
f864b40a85
[apps] Use new OpenAPI schema and README generator for packages/apps
- clickhouse
- ferretdb
- http-cache
- kafka
- kubernetes
- mysql
- nats
- rabbitmq
- redis
- tcp-balancer
- vm-disk
- vm-instance
- vpn

Signed-off-by: Nick Volynkin <nick.volynkin@gmail.com>
Signed-off-by: Andrei Kvapil <kvapss@gmail.com>
2025-08-11 12:59:50 +03:00
Nick Volynkin
634b77edad
[ci] Continue application tests after one of them fails
The purpose of this change is to:
1. Provide more information to the developer who goes to look at CI results.
2. Help CI workflows complete faster, taking into account that we often restart these workflows.

Default strategy is `fail-fast: true`, so when one of app test fails,
all running jobs are canceled. This way we don't know if they would
succeed or not. And when we restart them, all progress is lost.

Reference:
* https://docs.github.com/en/actions/how-tos/write-workflows/choose-what-workflows-do/run-job-variations#handling-failures
* https://docs.github.com/en/actions/reference/workflows-and-actions/workflow-syntax#jobsjob_idstrategyfail-fast

Signed-off-by: Nick Volynkin <nick.volynkin@gmail.com>
2025-08-11 11:10:25 +03:00
Andrei Kvapil
5359c6d991
Update cozyvalues-gen
Signed-off-by: Andrei Kvapil <kvapss@gmail.com>
2025-08-08 00:26:51 +02:00