..
01-cilium.yaml
fix(bp-cilium): upgrade upstream cilium 1.16.5 → 1.19.3 (1.2.0) ( #684 )
2026-05-03 17:20:54 +04:00
01a-gateway-api.yaml
fix(cloud-init): install Gateway API v1.1.0 CRDs before cilium so operator registers gateway controller ( #581 )
2026-05-02 13:23:32 +04:00
02-cert-manager.yaml
fix(provisioner): cloud-init bootstrap-kit path matches per-FQDN cluster dir ( resolves #218 ) ( #256 )
2026-04-30 17:11:44 +04:00
03-flux.yaml
fix(bp-flux): catalyst-cluster-reconciler ClusterRoleBinding overlay ( closes #338 ) ( #393 )
2026-05-01 15:56:45 +04:00
04-crossplane.yaml
fix(provisioner): cloud-init bootstrap-kit path matches per-FQDN cluster dir ( resolves #218 ) ( #256 )
2026-04-30 17:11:44 +04:00
05-sealed-secrets.yaml
fix(bp-*): event-driven HR install -- drop blanket timeout, use disableWait ( #250 )
2026-04-30 16:55:19 +04:00
05a-reflector.yaml
fix: bp-reflector + rename ghcr-pull-secret->ghcr-pull ( Closes #543 ) ( #554 )
2026-05-02 12:17:51 +04:00
06a-bp-self-sovereign-cutover.yaml
fix(cutover 0.1.20): Step-06 pushes YAML edit to local Gitea so patches survive Flux reconcile ( #970 ) ( #971 )
2026-05-05 18:55:22 +04:00
07-nats-jetstream.yaml
fix(bootstrap-kit): remove empty dependsOn block in nats-jetstream HR ( #667 )
2026-05-03 14:08:32 +04:00
08-openbao.yaml
fix(bp-openbao): add BAO_TOKEN+NAMESPACE env to auth-bootstrap (chart 1.2.14) ( #666 )
2026-05-03 14:02:34 +04:00
09-keycloak.yaml
fix(bootstrap-kit): bump bp-keycloak to 1.4.0 for tenant-mode realm ( #915 ) ( #938 )
2026-05-05 14:44:37 +04:00
10-gitea.yaml
fix(bp-gitea): mirror gitea-admin-secret to catalyst ns via reflector annotations ( #844 )
2026-05-05 00:37:04 +04:00
11-powerdns.yaml
fix(bp-powerdns): zone-bootstrap Job needs /tmp emptyDir (curl -o + readOnlyRootFS) ( #843 )
2026-05-05 00:28:44 +04:00
12-external-dns.yaml
fix(bp-external-dns): apiserver Endpoints sync timeout — Cilium kube-apiserver entity required ( closes #770 ) ( #771 )
2026-05-04 19:27:17 +04:00
13-bp-catalyst-platform.yaml
feat(catalyst-api): mother→child cutover data transfer at handover ( #977 )
2026-05-05 20:51:03 +04:00
14-crossplane-claims.yaml
fix(bp-crossplane-claims): event-driven HR install — disableWait, drop 15m timeout ( #327 )
2026-05-01 17:21:03 +04:00
15-external-secrets.yaml
fix(bp-external-secrets-stores): split ClusterSecretStore into separate chart per #247 pattern ( closes #331 ) ( #426 )
2026-05-01 17:33:47 +04:00
15a-external-secrets-stores.yaml
fix(bp-external-secrets-stores): split ClusterSecretStore into separate chart per #247 pattern ( closes #331 ) ( #426 )
2026-05-01 17:33:47 +04:00
16-cnpg.yaml
feat(bootstrap-kit): storage+DB foundation batch — slots 15-19 (W2.K1; resolves #254 ) ( #262 )
2026-04-30 17:18:12 +04:00
17-valkey.yaml
feat(bootstrap-kit): storage+DB foundation batch — slots 15-19 (W2.K1; resolves #254 ) ( #262 )
2026-04-30 17:18:12 +04:00
18-seaweedfs.yaml
fix(bp-seaweedfs): remove trailing slash in registry — fixes double-slash image ref ( Closes #568 ) ( #576 )
2026-05-02 13:02:48 +04:00
19-harbor.yaml
fix(bp-harbor): inline labels on admin Secret to drop duplicate keys ( #949 ) ( #950 )
2026-05-05 15:19:17 +04:00
20-opentelemetry.yaml
feat(bootstrap-kit): observability batch — slots 20-26 (W2.K2) ( #277 )
2026-04-30 17:21:26 +04:00
21-alloy.yaml
fix(bp-trivy): node-collector tolerates control-plane taint ( closes #769 ) ( #772 )
2026-05-04 17:38:29 +02:00
22-loki.yaml
feat(bootstrap-kit): observability batch — slots 20-26 (W2.K2) ( #277 )
2026-04-30 17:21:26 +04:00
23-mimir.yaml
fix: drop bp-langfuse from minimal + bp-mimir 1.0.2 push_grpc fix ( #664 )
2026-05-03 13:50:38 +04:00
24-tempo.yaml
feat(bootstrap-kit): observability batch — slots 20-26 (W2.K2) ( #277 )
2026-04-30 17:21:26 +04:00
25-grafana.yaml
fix(bootstrap-kit): install Gateway API CRDs ahead of HTTPRoute charts ( #503 ) ( #505 )
2026-05-02 01:30:50 +04:00
27-kyverno.yaml
feat(bootstrap-kit): security+policy batch — slots 27-34 (W2.K3) ( #276 )
2026-04-30 17:22:34 +04:00
28-reloader.yaml
feat(bootstrap-kit): security+policy batch — slots 27-34 (W2.K3) ( #276 )
2026-04-30 17:22:34 +04:00
29-vpa.yaml
fix(bp-vpa): drop registry.k8s.io/ prefix in repository (upstream prepends it) ( #641 )
2026-05-02 23:32:35 +04:00
30-trivy.yaml
fix(bp-trivy): node-collector tolerates control-plane taint ( closes #769 ) ( #772 )
2026-05-04 17:38:29 +02:00
31-falco.yaml
fix(bp-falco): rename rules_file → rules_files (Falco 0.36+ canonical key, Closes #570 ) ( #574 )
2026-05-02 12:59:29 +04:00
32-sigstore.yaml
feat(bootstrap-kit): security+policy batch — slots 27-34 (W2.K3) ( #276 )
2026-04-30 17:22:34 +04:00
33-syft-grype.yaml
feat(bootstrap-kit): security+policy batch — slots 27-34 (W2.K3) ( #276 )
2026-04-30 17:22:34 +04:00
34-velero.yaml
wip( #425 ): vendor-agnostic OS rename — partial (rate-limited mid-run) ( #435 )
2026-05-01 18:05:19 +04:00
35-coraza.yaml
feat(bootstrap-kit): edge + apps + AI batch — slot 35 (W2.K4) ( #261 )
2026-04-30 17:23:59 +04:00
49-bp-cert-manager-powerdns-webhook.yaml
fix(bp-cert-manager-powerdns-webhook): re-target to contabo PowerDNS, drop dynadot-webhook ( #681 )
2026-05-03 17:12:48 +04:00
50-cluster-autoscaler.yaml
fix(autoscaler+wizard): wire HCLOUD_CLOUD_INIT, validate SKU/region in catalyst-api ( #965 )
2026-05-05 16:21:59 +04:00
80-newapi.yaml
fix(bp-newapi+services-build): imagePullSecrets on Pod, sed bumps values.yaml smeTag ( #955 )
2026-05-05 15:47:37 +04:00
kustomization.yaml
chore(bootstrap-kit): remove slot 95 bp-stalwart-sovereign (Phase-2 deferred) ( #958 )
2026-05-05 15:55:30 +04:00
ed8872a15b