Conversation
cozystack-bot
requested review from
klinch0,
kvaps and
lllamnyp
as code owners
|
Note Other AI code review bot(s) detectedCodeRabbit has detected other AI code review bot(s) in this pull request and will avoid duplicating their findings in the review comments. This may lead to a less comprehensive review. WalkthroughImage tags and digests were bumped across multiple packages from v0.36.0-alpha.1 to v0.36.0-alpha.2 and several tag files; includes nginx-cache, installer, testing, matchbox, objectstorage-sidecar, s3manager, cozystack components, dashboard, Kamaji, kubeovn-webhook, objectstorage-controller, and SeaweedFS sidecar. No structural, logic, or public API changes. Changes
Estimated code review effort🎯 2 (Simple) | ⏱️ ~10 minutes Possibly related PRs
Suggested reviewers
Poem
✨ Finishing Touches🧪 Generate unit tests
Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out. 🪧 TipsChatThere are 3 ways to chat with CodeRabbit:
SupportNeed help? Create a ticket on our support page for assistance with any issues or questions. CodeRabbit Commands (Invoked using PR/Issue comments)Type Other keywords and placeholders
CodeRabbit Configuration File (
|
![gemini-code-assist[bot]](proxy.php?url=https://avatars.githubusercontent.com/in/956858?s=60&v=4){kind=small}
There was a problem hiding this comment.
Summary of Changes
Hello @cozystack-bot, I'm Gemini Code Assist1! I'm currently reviewing this pull request and will post my feedback shortly. In the meantime, here's a summary to help you and other reviewers quickly get up to speed!
This pull request updates various component image tags and version strings across the codebase to prepare for the v0.36.0-alpha.2 release. It ensures that all dependent modules reference the correct new alpha version.
Highlights
- Version Bump: All relevant component images and internal version references have been updated from v0.36.0-alpha.1 to v0.36.0-alpha.2.
- Image Digest Updates: Corresponding SHA256 digests for the updated images have been refreshed across the configuration files to reflect the new alpha release.
Using Gemini Code Assist
The full guide for Gemini Code Assist can be found on our documentation page, here are some quick tips.
Invoking Gemini
You can request assistance from Gemini at any point in your pull request via creating an issue comment (i.e. comment on the pull request page) using either /gemini <command> or @gemini-code-assist <command>. Below is a summary of the supported commands.
| Feature | Command | Description |
|---|---|---|
| Code Review | /gemini review |
Performs a code review for the current pull request in its current state. |
| Pull Request Summary | /gemini summary |
Provides a summary of the current pull request in its current state. |
| Comment | @gemini-code-assist | Responds in comments when explicitly tagged, both in issue comments and review comments. |
| Help | /gemini help |
Displays a list of available commands. |
Customization
To customize Gemini Code Assist for GitHub experience, repository maintainers can create a configuration file and/or provide a custom code review style guide (such as PEP-8 for Python) by creating and adding files to a .gemini/ folder in the base of the repository. Detailed instructions can be found here.
Limitations & Feedback
Gemini Code Assist may make mistakes. Please leave feedback on any instances where its feedback is incorrect or counter productive. You can react with 👍 and 👎 on @gemini-code-assist comments. If you're interested in giving your feedback about your experience with Gemini Code Assist for Github and other Google products, sign up here.
You can also get AI-powered code generation, chat, as well as code reviews directly in the IDE at no cost with the Gemini Code Assist IDE Extension.
Footnotes
-
Review the Privacy Notices, Generative AI Prohibited Use Policy, Terms of Service, and learn how to configure Gemini Code Assist in GitHub here. Gemini can make mistakes, so double check it and use code with caution. ↩
There was a problem hiding this comment.
Code Review
This pull request prepares for the v0.36.0-alpha.2 release by updating various version numbers and image digests across the repository. The changes are mostly straightforward version bumps. However, I've identified two instances where image tags were updated but their corresponding SHA256 digests were not, which could lead to deploying outdated images. Please review the specific comments for details.
| @@ -1,2 +1,2 @@ | |||
| cozystackAPI: | |||
| image: ghcr.io/cozystack/cozystack/cozystack-api:v0.36.0-alpha.1@sha256:c545ecf298ce5f70d947ba3b9cbdb4415d540e62b1e991984bc8847db8e1943c | |||
| image: ghcr.io/cozystack/cozystack/cozystack-api:v0.36.0-alpha.2@sha256:c545ecf298ce5f70d947ba3b9cbdb4415d540e62b1e991984bc8847db8e1943c | |||
There was a problem hiding this comment.
The image tag has been updated to v0.36.0-alpha.2, but the SHA256 digest is unchanged from the previous version (v0.36.0-alpha.1). This will result in deploying the old image. Please ensure the digest is updated to match the new image version.
| registry: ghcr.io/cozystack/cozystack | ||
| repository: dashboard | ||
| tag: v0.36.0-alpha.1 | ||
| tag: v0.36.0-alpha.2 |
There was a problem hiding this comment.
The image tag has been updated to v0.36.0-alpha.2, but the digest on the following line (23) has not been updated. When a digest is specified, it takes precedence over the tag, which will cause the old image to be deployed. Please update the digest to match the new image version.
![coderabbitai[bot]](proxy.php?url=https://avatars.githubusercontent.com/in/347564?s=60&v=4){kind=small}
There was a problem hiding this comment.
Actionable comments posted: 1
🧹 Nitpick comments (3)
packages/system/objectstorage-controller/values.yaml (1)
3-3: LGTM: objectstorage-controller image moved to v0.36.0-alpha.2.Minor nit: other values files seem to use unquoted image strings; consider standardizing quoting style across charts for consistency.
packages/system/kamaji/values.yaml (1)
16-16: Migrate-image is in sync. No references to olderalpha.1tags were found in the codebase. Optionally add a CI check to enforce lockstep updates of--migrate-imageand the controller tag in future.packages/system/dashboard/charts/kubeapps/templates/dashboard/configmap.yaml (1)
79-79: Avoid hardcoding appVersion in config.json.
Derive from chart metadata to prevent future drift.Apply:
- "appVersion": "v0.36.0-alpha.2", + "appVersion": {{ .Chart.AppVersion | quote }},
📜 Review details
Configuration used: CodeRabbit UI
Review profile: CHILL
Plan: Pro
💡 Knowledge Base configuration:
- MCP integration is disabled by default for public repositories
- Jira integration is disabled by default for public repositories
- Linear integration is disabled by default for public repositories
You can enable these sources in your CodeRabbit configuration.
📒 Files selected for processing (14)
packages/apps/http-cache/images/nginx-cache.tag(1 hunks)packages/core/installer/values.yaml(1 hunks)packages/core/testing/values.yaml(1 hunks)packages/extra/bootbox/images/matchbox.tag(1 hunks)packages/extra/seaweedfs/images/objectstorage-sidecar.tag(1 hunks)packages/system/bucket/images/s3manager.tag(1 hunks)packages/system/cozystack-api/values.yaml(1 hunks)packages/system/cozystack-controller/values.yaml(1 hunks)packages/system/dashboard/charts/kubeapps/templates/dashboard/configmap.yaml(1 hunks)packages/system/dashboard/values.yaml(2 hunks)packages/system/kamaji/values.yaml(2 hunks)packages/system/kubeovn-webhook/values.yaml(1 hunks)packages/system/objectstorage-controller/values.yaml(1 hunks)packages/system/seaweedfs/values.yaml(1 hunks)
⏰ Context from checks skipped due to timeout of 90000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (1)
- GitHub Check: Prepare environment
🔇 Additional comments (12)
packages/system/cozystack-api/values.yaml (1)
2-2: Digest coherence verified—no update required.packages/system/cozystack-controller/values.yaml (1)
2-2: Bump to v0.36.0-alpha.2 is consistent across the repo.packages/apps/http-cache/images/nginx-cache.tag (1)
1-1: LGTM: digest pin updated for nginx-cache:0.7.0.Reproducible and secure; no further action.
packages/system/bucket/images/s3manager.tag (1)
1-1: LGTM: s3manager digest updated while keeping v0.5.0 tag.Pinned image improves supply-chain safety.
packages/core/testing/values.yaml (1)
2-2: CI cannot resolve the bumped sandbox image digest. The manifest fetch returned401 Unauthorized, so the tag+digest couldn’t be verified. Ensure thev0.36.0-alpha.2@sha256:…image is published and that CI supplies a validGH_TOKEN(or the image is public) with read access to ghcr.io, then confirm and update the digest as needed.packages/extra/bootbox/images/matchbox.tag (1)
1-1: Approve bump to v0.36.0-alpha.2
No leftoverv0.36.0-alpha.1references found in the repo.
Ensure the new image digest is available for all target platforms before cutting the release.packages/system/kubeovn-webhook/values.yaml (1)
3-3: LGTM: kubeovn-webhook image updated to v0.36.0-alpha.2.Values remain pinned by digest; portSecurity and routes unchanged. No chart drift implied.
packages/extra/seaweedfs/images/objectstorage-sidecar.tag (1)
1-1: LGTM: seaweedfs objectstorage-sidecar bumped to v0.36.0-alpha.2.Digest pin looks consistent with the system/seaweedfs values in this release train.
packages/system/seaweedfs/values.yaml (1)
121-121: Approve sidecar image bump
No leftoveralpha.1references found in the codebase.packages/system/kamaji/values.yaml (1)
6-6: Kamaji controller image updated to alpha.2 — OK.
Tag+digest pinning looks good.packages/system/dashboard/values.yaml (2)
40-41: kubeapps-apis tag+digest updated — LGTM.
Consistent with the alpha.2 release.
22-23: Verify dashboard digest matches v0.36.0-alpha.2
Pinned digest (sha256:54906b3d2492c8603a347a5938b6db36e5ed5c4149111cae1804ac9110361947) is unchanged and GHCR HEAD lookup returned no digest. Run:docker pull ghcr.io/cozystack/cozystack/dashboard:v0.36.0-alpha.2 docker inspect --format='{{index .RepoDigests 0}}' ghcr.io/cozystack/cozystack/dashboard:v0.36.0-alpha.2to confirm or update the digest.
packages/core/installer/values.yaml
Outdated
| @@ -1,2 +1,2 @@ | |||
| cozystack: | |||
| image: ghcr.io/cozystack/cozystack/installer:v0.36.0-alpha.1@sha256:5087325981ee293fb420e86a101c2211c4d68b37da8230e2d52e448c9578b6c5 | |||
| image: ghcr.io/cozystack/cozystack/installer:v0.36.0-alpha.2@sha256:9c6a6d8c16a833ca76b762450b5a7a8238d2f290f5ef7ee42dc78bd61296845f | |||
There was a problem hiding this comment.
💡 Verification agent
🧩 Analysis chain
LGTM: installer image updated to v0.36.0-alpha.2.
Release-blocker check: ensure every component in this PR points to alpha.2 and no alpha.1 references remain.
🏁 Script executed:
#!/bin/bash
# 1) No lingering alpha.1 references
rg -n 'v0\.36\.0-alpha\.1' -S || true
# 2) List all alpha.2 images and their digests for a quick eyeball
rg -nP 'ghcr\.io/.+?:v0\.36\.0-alpha\.2@sha256:[0-9a-f]+' -S
# 3) Ensure every alpha.2 tag is digest-pinned (expect 0 results)
rg -nP 'v0\.36\.0-alpha\.2(?!@sha256:)' -S || trueLength of output: 2356
Pin all v0.36.0-alpha.2 references with digests
- packages/system/cozystack-controller/values.yaml (line 5):
cozystackVersion: "v0.36.0-alpha.2" - packages/system/dashboard/values.yaml (lines 22, 40):
tag: v0.36.0-alpha.2 - packages/system/dashboard/charts/kubeapps/templates/dashboard/configmap.yaml (line 79):
"appVersion": "v0.36.0-alpha.2"
All alpha.2 image pulls must be pinned to a sha256 digest.
🤖 Prompt for AI Agents
In packages/core/installer/values.yaml line 2 and the listed files
(packages/system/cozystack-controller/values.yaml line 5,
packages/system/dashboard/values.yaml lines 22 and 40, and
packages/system/dashboard/charts/kubeapps/templates/dashboard/configmap.yaml
line 79), the v0.36.0-alpha.2 references are unpinned tags; update each
occurrence to pin the image to its corresponding sha256 digest (e.g., replace
tag-only references or cozystackVersion/appVersion strings with the exact
image@sha256 value used in packages/core/installer/values.yaml or the correct
image digest for that component), ensuring every v0.36.0-alpha.2 pull uses a
full image@sha256 form.
Signed-off-by: cozystack-bot <[email protected]>
cozystack-bot
force-pushed
the
release-0.36.0-alpha.2
branch
from
a88d4a7 to
29df1fd
Compare
There was a problem hiding this comment.
Actionable comments posted: 0
🧹 Nitpick comments (1)
packages/system/dashboard/charts/kubeapps/templates/dashboard/configmap.yaml (1)
73-91: Avoid hardcoding appVersion; derive it from the image/chart to prevent drift.Use the same source used for labels so future bumps don’t require manual edits in multiple places.
Apply:
- "appVersion": "v0.36.0-alpha.2", + "appVersion": {{ include "common.images.version" ( dict "imageRoot" .Values.dashboard.image "chart" .Chart ) | quote }},
📜 Review details
Configuration used: CodeRabbit UI
Review profile: CHILL
Plan: Pro
💡 Knowledge Base configuration:
- MCP integration is disabled by default for public repositories
- Jira integration is disabled by default for public repositories
- Linear integration is disabled by default for public repositories
You can enable these sources in your CodeRabbit configuration.
📒 Files selected for processing (14)
packages/apps/http-cache/images/nginx-cache.tag(1 hunks)packages/core/installer/values.yaml(1 hunks)packages/core/testing/values.yaml(1 hunks)packages/extra/bootbox/images/matchbox.tag(1 hunks)packages/extra/seaweedfs/images/objectstorage-sidecar.tag(1 hunks)packages/system/bucket/images/s3manager.tag(1 hunks)packages/system/cozystack-api/values.yaml(1 hunks)packages/system/cozystack-controller/values.yaml(1 hunks)packages/system/dashboard/charts/kubeapps/templates/dashboard/configmap.yaml(1 hunks)packages/system/dashboard/values.yaml(2 hunks)packages/system/kamaji/values.yaml(2 hunks)packages/system/kubeovn-webhook/values.yaml(1 hunks)packages/system/objectstorage-controller/values.yaml(1 hunks)packages/system/seaweedfs/values.yaml(1 hunks)
✅ Files skipped from review due to trivial changes (2)
- packages/extra/seaweedfs/images/objectstorage-sidecar.tag
- packages/extra/bootbox/images/matchbox.tag
🚧 Files skipped from review as they are similar to previous changes (11)
- packages/system/cozystack-controller/values.yaml
- packages/apps/http-cache/images/nginx-cache.tag
- packages/core/installer/values.yaml
- packages/system/objectstorage-controller/values.yaml
- packages/system/bucket/images/s3manager.tag
- packages/core/testing/values.yaml
- packages/system/seaweedfs/values.yaml
- packages/system/cozystack-api/values.yaml
- packages/system/kubeovn-webhook/values.yaml
- packages/system/kamaji/values.yaml
- packages/system/dashboard/values.yaml
⏰ Context from checks skipped due to timeout of 90000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (1)
- GitHub Check: Prepare environment
🔇 Additional comments (2)
packages/system/dashboard/charts/kubeapps/templates/dashboard/configmap.yaml (2)
79-79: LGTM: version bump is correct.The appVersion string reflects v0.36.0-alpha.2 as intended.
79-79: All alpha.1 references removed. No stalealpha.1tags found after repo-wide search.
2 participants
This PR prepares the release
v0.36.0-alpha.2.Summary by CodeRabbit