..
01-cilium.yaml
feat(infra,cilium): wire Cilium ClusterMesh anchors via tofu→cloudinit→envsubst ( #1101 ) ( #1226 )
2026-05-10 00:19:53 +04:00
01a-gateway-api.yaml
fix(cloud-init): install Gateway API v1.1.0 CRDs before cilium so operator registers gateway controller ( #581 )
2026-05-02 13:23:32 +04:00
02-cert-manager.yaml
fix(provisioner): cloud-init bootstrap-kit path matches per-FQDN cluster dir ( resolves #218 ) ( #256 )
2026-04-30 17:11:44 +04:00
03-flux.yaml
fix(bp-flux): catalyst-cluster-reconciler ClusterRoleBinding overlay ( closes #338 ) ( #393 )
2026-05-01 15:56:45 +04:00
04-crossplane.yaml
fix(provisioner): cloud-init bootstrap-kit path matches per-FQDN cluster dir ( resolves #218 ) ( #256 )
2026-04-30 17:11:44 +04:00
05-sealed-secrets.yaml
fix(bp-*): event-driven HR install -- drop blanket timeout, use disableWait ( #250 )
2026-04-30 16:55:19 +04:00
05a-reflector.yaml
fix: bp-reflector + rename ghcr-pull-secret->ghcr-pull ( Closes #543 ) ( #554 )
2026-05-02 12:17:51 +04:00
06a-bp-self-sovereign-cutover.yaml
fix(cutover step-01): clone+push (regular repo) instead of pull-mirror ( #1033 )
2026-05-06 03:19:05 +04:00
07-nats-jetstream.yaml
fix(bootstrap-kit): remove empty dependsOn block in nats-jetstream HR ( #667 )
2026-05-03 14:08:32 +04:00
08-openbao.yaml
fix(bp-openbao): add BAO_TOKEN+NAMESPACE env to auth-bootstrap (chart 1.2.14) ( #666 )
2026-05-03 14:02:34 +04:00
09-keycloak.yaml
fix(bootstrap-kit): bump bp-keycloak to 1.4.0 for tenant-mode realm ( #915 ) ( #938 )
2026-05-05 14:44:37 +04:00
10-gitea.yaml
fix(bp-gitea): mirror gitea-admin-secret to catalyst ns via reflector annotations ( #844 )
2026-05-05 00:37:04 +04:00
11-powerdns.yaml
fix(bp-powerdns): zone-bootstrap Job needs /tmp emptyDir (curl -o + readOnlyRootFS) ( #843 )
2026-05-05 00:28:44 +04:00
12-external-dns.yaml
fix(bp-external-dns): apiserver Endpoints sync timeout — Cilium kube-apiserver entity required ( closes #770 ) ( #771 )
2026-05-04 19:27:17 +04:00
13-bp-catalyst-platform.yaml
fix(controllers): create per-Org/App Gitea repos as PUBLIC ( Fix #42 follow-up) ( #1260 )
2026-05-10 04:44:35 +04:00
14-crossplane-claims.yaml
fix(bp-crossplane-claims): event-driven HR install — disableWait, drop 15m timeout ( #327 )
2026-05-01 17:21:03 +04:00
15-external-secrets.yaml
fix(bp-external-secrets-stores): split ClusterSecretStore into separate chart per #247 pattern ( closes #331 ) ( #426 )
2026-05-01 17:33:47 +04:00
15a-external-secrets-stores.yaml
fix(bp-external-secrets-stores): split ClusterSecretStore into separate chart per #247 pattern ( closes #331 ) ( #426 )
2026-05-01 17:33:47 +04:00
16-cnpg.yaml
feat(bootstrap-kit): storage+DB foundation batch — slots 15-19 (W2.K1; resolves #254 ) ( #262 )
2026-04-30 17:18:12 +04:00
17-valkey.yaml
feat(bootstrap-kit): storage+DB foundation batch — slots 15-19 (W2.K1; resolves #254 ) ( #262 )
2026-04-30 17:18:12 +04:00
18-seaweedfs.yaml
fix(bp-seaweedfs): remove trailing slash in registry — fixes double-slash image ref ( Closes #568 ) ( #576 )
2026-05-02 13:02:48 +04:00
19-harbor.yaml
fix(bp-harbor): inline labels on admin Secret to drop duplicate keys ( #949 ) ( #950 )
2026-05-05 15:19:17 +04:00
20-opentelemetry.yaml
feat(bootstrap-kit): observability batch — slots 20-26 (W2.K2) ( #277 )
2026-04-30 17:21:26 +04:00
21-alloy.yaml
fix(bp-trivy): node-collector tolerates control-plane taint ( closes #769 ) ( #772 )
2026-05-04 17:38:29 +02:00
22-loki.yaml
feat(bootstrap-kit): observability batch — slots 20-26 (W2.K2) ( #277 )
2026-04-30 17:21:26 +04:00
23-mimir.yaml
fix: drop bp-langfuse from minimal + bp-mimir 1.0.2 push_grpc fix ( #664 )
2026-05-03 13:50:38 +04:00
24-tempo.yaml
feat(bootstrap-kit): observability batch — slots 20-26 (W2.K2) ( #277 )
2026-04-30 17:21:26 +04:00
25-grafana.yaml
fix(bootstrap-kit): install Gateway API CRDs ahead of HTTPRoute charts ( #503 ) ( #505 )
2026-05-02 01:30:50 +04:00
27-kyverno.yaml
feat(bootstrap-kit): security+policy batch — slots 27-34 (W2.K3) ( #276 )
2026-04-30 17:22:34 +04:00
28-reloader.yaml
feat(bootstrap-kit): security+policy batch — slots 27-34 (W2.K3) ( #276 )
2026-04-30 17:22:34 +04:00
29-vpa.yaml
fix(bp-vpa): drop registry.k8s.io/ prefix in repository (upstream prepends it) ( #641 )
2026-05-02 23:32:35 +04:00
30-trivy.yaml
fix(bp-trivy): node-collector tolerates control-plane taint ( closes #769 ) ( #772 )
2026-05-04 17:38:29 +02:00
31-falco.yaml
fix(bp-falco): rename rules_file → rules_files (Falco 0.36+ canonical key, Closes #570 ) ( #574 )
2026-05-02 12:59:29 +04:00
32-sigstore.yaml
feat(bootstrap-kit): security+policy batch — slots 27-34 (W2.K3) ( #276 )
2026-04-30 17:22:34 +04:00
33-syft-grype.yaml
feat(bootstrap-kit): security+policy batch — slots 27-34 (W2.K3) ( #276 )
2026-04-30 17:22:34 +04:00
34-velero.yaml
wip( #425 ): vendor-agnostic OS rename — partial (rate-limited mid-run) ( #435 )
2026-05-01 18:05:19 +04:00
35-coraza.yaml
feat(bootstrap-kit): edge + apps + AI batch — slot 35 (W2.K4) ( #261 )
2026-04-30 17:23:59 +04:00
49-bp-cert-manager-powerdns-webhook.yaml
fix(bp-cert-manager-powerdns-webhook): re-target to contabo PowerDNS, drop dynadot-webhook ( #681 )
2026-05-03 17:12:48 +04:00
50-cluster-autoscaler.yaml
fix(autoscaler+wizard): wire HCLOUD_CLOUD_INIT, validate SKU/region in catalyst-api ( #965 )
2026-05-05 16:21:59 +04:00
51-bp-k8s-ws-proxy.yaml
fix(chart,bootstrap-kit): default imagePullSecrets to ghcr-pull ( Fix #39 follow-up) ( #1240 )
2026-05-10 02:04:45 +04:00
52-bp-guacamole.yaml
fix(chart): bp-guacamole webapp /home/guacamole/.guacamole emptyDir mount ( Fix #39 follow-up) ( #1242 )
2026-05-10 02:13:11 +04:00
80-newapi.yaml
fix(bp-newapi+services-build): imagePullSecrets on Pod, sed bumps values.yaml smeTag ( #955 )
2026-05-05 15:47:37 +04:00
kustomization.yaml
fix(ci,charts,api): qa-loop iter-7 Fix #39 — bp-guacamole + bp-k8s-ws-proxy bootstrap-kit slots ( #1236 )
2026-05-10 01:48:25 +04:00
eeecc8b9c9