chore(deps): update ghcr.io/cozystack/cozystack/cozy-installer docker tag to v1.4.0#42
Merged
lexfrei merged 4 commits intoMay 19, 2026
Conversation
![renovate-approve[bot]](https://avatars.githubusercontent.com/in/7394?s=60&v=4){kind=small}
Chart 1.4.0 dropped the Namespace cozy-system template and replaced it with a Helm pre-install,pre-upgrade hook (cozy-system-labeler Job) that patches PodSecurity labels onto an existing cozy-system namespace. The hook assumes the namespace was already created by the caller via helm install --create-namespace. With the previous default of cozystack_release_namespace=kube-system, --create-namespace would no-op on the already-existing kube-system and the labeler hook would loop on a missing cozy-system until the helm timeout, failing the install with "timed out waiting for the condition". Co-locate the helm release secret with the operator namespace (cozy-system) and pass create_namespace=true to kubernetes.core.helm so the release namespace is born just-in-time on a fresh cluster. The adopt-cozy-system pre-task still handles the out-of-band-namespace case so re-installs over a manually-created or remnant namespace work without the "invalid ownership metadata" failure. Existing 1.3.x installations must migrate the release secret from kube-system to cozy-system on upgrade; see CHANGELOG for the kubectl+sed recipe. Assisted-By: Claude <noreply@anthropic.com> Signed-off-by: Aleksei Sviridkin <f@lex.la>
…pace The helm release secret now lives in cozy-system, not kube-system. - "Simulate orphan cozy-system namespace": delete the release secret from cozy-system so the orphan re-install path actually exercises a clean-slate helm install. Previously the secret deletion was a no-op (wrong namespace) on the new layout, leaving the release record in place and short-circuiting the regression case. - "Verify cozy-system namespace was re-adopted": also assert that the meta.helm.sh/release-namespace annotation reads cozy-system. Catches silent regressions in the namespace-co-location invariant. - "Restore cozy-system ownership for cleanup": match the new release namespace so post-test state is internally consistent for any follow-up steps. Assisted-By: Claude <noreply@anthropic.com> Signed-off-by: Aleksei Sviridkin <f@lex.la>
Rename the Unreleased section to v1.4.0 (matching the galaxy.yml bump in the renovate commit at the base of this branch). Add an entry for the chart version bump and a detailed Breaking block describing the cozystack_release_namespace default change, the upstream chart 1.4.0 contract change behind it, and the kubectl-based migration path for existing 1.3.x installations. Assisted-By: Claude <noreply@anthropic.com> Signed-off-by: Aleksei Sviridkin <f@lex.la>
Contributor
Author
Edited/Blocked NotificationRenovate will not automatically rebase this PR, because it does not recognize the last commit author and assumes somebody else may have edited the PR. You can manually request rebase by checking the rebase/retry box above. |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
This PR contains the following updates:
1.3.3→1.4.0Configuration
📅 Schedule: (UTC)
🚦 Automerge: Enabled.
♻ Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.
🔕 Ignore: Close this PR and you won't be reminded about this update again.
This PR was generated by Mend Renovate. View the repository job log.