Skip to content

[apps] Update application READMEs #1333

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 2 commits into from
Aug 18, 2025
Merged

[apps] Update application READMEs #1333

merged 2 commits into from
Aug 18, 2025

Conversation

NickVolynkin
Copy link
Collaborator

@NickVolynkin NickVolynkin commented Aug 11, 2025
edited by coderabbitai bot
Loading

[apps,extra] Update all app versions after updating OpenAPI schemas

[apps] Update application READMEs

  • Remove duplicate values from rabbitmq README
  • Use placeholders for passwords and secrets
  • Fix copy-pasted postgres reference in mysql
  • Fix links to cloud-init docs
  • Explain CPU and memory consistently

What this PR does

Release note

[]

Summary by CodeRabbit

  • Documentation
    • Clarified per‑replica CPU/Memory descriptions across many apps.
    • Updated Cloud‑init docs/links for Virtual Machine and VM Instance.
    • Replaced sample credentials with placeholders; improved tables/formatting and examples.
  • Chores
    • Bumped chart versions across apps; added/updated appVersion for several (e.g., ClickHouse, Redis, VPN, VM Disk, VM Instance).
    • Updated versions maps to pin HEADs to a commit and add next-version HEAD entries.
    • RabbitMQ: removed legacy single vhost in favor of plural vhosts in schema/docs.
    • ClickHouse: set default Keeper preset and replicas in values.

@coderabbitai coderabbitai
Copy link
Contributor

coderabbitai bot commented Aug 11, 2025
edited
Loading

Warning

Rate limit exceeded

@NickVolynkin has exceeded the limit for the number of commits or files that can be reviewed per hour. Please wait 0 minutes and 37 seconds before requesting another review.

⌛ How to resolve this issue?

After the wait time has elapsed, a review can be triggered using the @coderabbitai review command as a PR comment. Alternatively, push new commits to this PR.

We recommend that you space out your commits to avoid hitting the rate limit.

🚦 How do rate limits work?

CodeRabbit enforces hourly rate limits for each developer per organization.

Our paid plans have higher rate limits than the trial, open-source and free plans. In all cases, we re-allow further reviews after a brief timeout.

Please see our FAQ for further information.

📥 Commits

Reviewing files that changed from the base of the PR and between 7573952 and e3a4e28.

📒 Files selected for processing (22)
  • packages/apps/clickhouse/Chart.yaml (1 hunks)
  • packages/apps/ferretdb/Chart.yaml (1 hunks)
  • packages/apps/http-cache/Chart.yaml (1 hunks)
  • packages/apps/kubernetes/Chart.yaml (1 hunks)
  • packages/apps/mysql/Chart.yaml (1 hunks)
  • packages/apps/nats/Chart.yaml (1 hunks)
  • packages/apps/postgres/Chart.yaml (1 hunks)
  • packages/apps/rabbitmq/Chart.yaml (1 hunks)
  • packages/apps/redis/Chart.yaml (1 hunks)
  • packages/apps/tcp-balancer/Chart.yaml (1 hunks)
  • packages/apps/tenant/Chart.yaml (1 hunks)
  • packages/apps/versions_map (12 hunks)
  • packages/apps/virtual-machine/Chart.yaml (1 hunks)
  • packages/apps/vm-disk/Chart.yaml (1 hunks)
  • packages/apps/vm-instance/Chart.yaml (1 hunks)
  • packages/apps/vpn/Chart.yaml (1 hunks)
  • packages/extra/bootbox/Chart.yaml (1 hunks)
  • packages/extra/etcd/Chart.yaml (1 hunks)
  • packages/extra/info/Chart.yaml (1 hunks)
  • packages/extra/ingress/Chart.yaml (1 hunks)
  • packages/extra/monitoring/Chart.yaml (1 hunks)
  • packages/extra/versions_map (3 hunks)

Walkthrough

Bumps multiple Helm chart versions and adds/updates appVersion fields. Standardizes resource descriptions to “CPU/Memory available to each replica” (or worker node) across READMEs, schemas, and values. Redacts backup credentials and updates placeholders. Adjusts ClickHouse Keeper defaults, removes RabbitMQ top-level vhost from schema, enhances Cloud-init docs, and pins versions_map entries.

Changes

Cohort / File(s) Summary of changes
Chart metadata bumps
packages/apps/*/Chart.yaml (clickhouse, ferretdb, http-cache, kubernetes, mysql, nats, postgres, rabbitmq, redis, tcp-balancer, tenant, virtual-machine, vm-disk, vm-instance, vpn), packages/extra/*/Chart.yaml (bootbox, etcd, info, ingress, monitoring)		 Version increments across charts; new/updated appVersion in clickhouse, redis, vpn, vm-disk, vm-instance.
Per-replica resource description updates
packages/apps/*/README.md, .../values.schema.json, .../values.yaml (clickhouse, ferretdb, http-cache, kafka, kubernetes, mysql, nats, postgres, rabbitmq, redis, tcp-balancer, vpn)		 Textual clarifications for CPU/Memory to per-replica (or per worker node) across docs, schemas, and comments; no structural changes.
Backup credential redactions & placeholders
packages/apps/clickhouse/* (README.md, values.schema.json, values.yaml), packages/apps/ferretdb/* (README.md, values.schema.json, values.yaml), packages/apps/mysql/* (README.md, values.schema.json, values.yaml), packages/apps/postgres/* (README.md, values.schema.json, values.yaml)		 Replace sample credentials with placeholders; MySQL updates s3Bucket to mysql-backups; Postgres refines placeholder wording.
ClickHouse Keeper adjustments
packages/apps/clickhouse/values.yaml, .../values.schema.json, .../README.md		 Adds clickhouseKeeper.resourcesPreset: micro and replicas: 3; formatting/description tweaks (including code ticks and capitalization).
Kubernetes docs/format updates
packages/apps/kubernetes/README.md, .../values.schema.json, .../values.yaml		 Reword resources to “available to each worker node”; add backticks for resourcesPreset allowed values; table formatting updates.
RabbitMQ schema and docs alignment
packages/apps/rabbitmq/values.schema.json, .../values.yaml, .../README.md		 Removes top-level vhost from schema; updates resource descriptions; drops vhost doc entry.
Cloud-init documentation enhancement
`packages/apps/virtual-machine/(README.md		 values.schema.json
Version maps pinned
packages/apps/versions_map, packages/extra/versions_map		 Replace HEAD aliases with specific commit (c02a381); add new HEAD entries for next versions.

Sequence Diagram(s)

(Skipped)

Estimated code review effort

🎯 2 (Simple) | ⏱️ ~10 minutes

Possibly related PRs

Suggested labels

ok-to-test

Suggested reviewers

  • lllamnyp
  • klinch0
  • kvaps

Poem

In charts I hop, version bumps in tow,
Secrets burrowed, placeholders now show.
Keeper counts three, machines cloud-init bright,
Worker nodes munch CPU just right.
Maps are pinned—no HEADs to chase—
A tidy warren, a well-marked place. 🐇✨

✨ Finishing Touches
🧪 Generate unit tests
  • Create PR with unit tests
  • Post copyable unit tests in a comment
  • Commit unit tests in branch update-app-docs

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share
🪧 Tips

Chat

There are 3 ways to chat with CodeRabbit:

  • Review comments: Directly reply to a review comment made by CodeRabbit. Example:
    • I pushed a fix in commit <commit_id>, please review it.
    • Open a follow-up GitHub issue for this discussion.
  • Files and specific lines of code (under the "Files changed" tab): Tag @coderabbitai in a new review comment at the desired location with your query.
  • PR comments: Tag @coderabbitai in a new PR comment to ask questions about the PR branch. For the best results, please provide a very specific query, as very limited context is provided in this mode. Examples:
    • @coderabbitai gather interesting stats about this repository and render them as a table. Additionally, render a pie chart showing the language distribution in the codebase.
    • @coderabbitai read the files in the src/scheduler package and generate a class diagram using mermaid and a README in the markdown format.

Support

Need help? Create a ticket on our support page for assistance with any issues or questions.

CodeRabbit Commands (Invoked using PR/Issue comments)

Type @coderabbitai help to get the list of available commands.

Other keywords and placeholders

  • Add @coderabbitai ignore anywhere in the PR description to prevent this PR from being reviewed.
  • Add @coderabbitai summary to generate the high-level summary at a specific location in the PR description.
  • Add @coderabbitai anywhere in the PR title to generate the title automatically.

CodeRabbit Configuration File (.coderabbit.yaml)

  • You can programmatically configure CodeRabbit by adding a .coderabbit.yaml file to the root of your repository.
  • Please see the configuration documentation for more information.
  • If your editor has YAML language server enabled, you can add the path at the top of this file to enable auto-completion and validation: # yaml-language-server: $schema=https://coderabbit.ai/integrations/schema.v2.json

Status, Documentation and Community

  • Visit our Status Page to check the current availability of CodeRabbit.
  • Visit our Documentation for detailed information on how to use CodeRabbit.
  • Join our Discord Community to get help, request features, and share feedback.
  • Follow us on X/Twitter for updates and announcements.

gemini-code-assist[bot]
gemini-code-assist bot reviewed Aug 11, 2025
View reviewed changes
Copy link

@gemini-code-assist gemini-code-assist bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Summary of Changes

Hello @NickVolynkin, I'm Gemini Code Assist1! I'm currently reviewing this pull request and will post my feedback shortly. In the meantime, here's a summary to help you and other reviewers quickly get up to speed!

This pull request focuses on enhancing the clarity, consistency, and security of application documentation across various apps packages. It standardizes resource descriptions, replaces sensitive hardcoded values with placeholders, corrects documentation links, and refines existing README content.

Highlights

  • Standardized Resource Descriptions: Updated CPU and memory resource descriptions in READMEs and schema files for numerous applications (e.g., Clickhouse, FerretDB, Kafka, Kubernetes, MySQL, NATS, Postgres, RabbitMQ, Redis, TCP-Balancer, VPN) to consistently specify "CPU available to each replica" or "Memory (RAM) available to each replica/worker node".
  • Improved Security for Credentials: Replaced hardcoded S3 access keys, secret keys, and Restic passwords with generic placeholders (, , ) in the documentation and default schema values for Clickhouse, FerretDB, MySQL, and Postgres.
  • Corrected Cloud-init Documentation Links: Updated the cloudInit parameter descriptions for virtual-machine and vm-instance applications to point to more precise and comprehensive cloud-init documentation links for format and examples.
  • Refined RabbitMQ Documentation: Removed redundant vhost parameter entries from the RabbitMQ README and its corresponding schema definition, streamlining the documentation.
  • Enhanced MySQL README Readability: Improved the MySQL README by adding bash syntax highlighting to code blocks and correcting minor typos related to replication issues.
Using Gemini Code Assist

The full guide for Gemini Code Assist can be found on our documentation page, here are some quick tips.

Invoking Gemini

You can request assistance from Gemini at any point in your pull request via creating an issue comment (i.e. comment on the pull request page) using either /gemini <command> or @gemini-code-assist <command>. Below is a summary of the supported commands.

Feature Command Description
Code Review /gemini review Performs a code review for the current pull request in its current state.
Pull Request Summary /gemini summary Provides a summary of the current pull request in its current state.
Comment @gemini-code-assist Responds in comments when explicitly tagged, both in issue comments and review comments.
Help /gemini help Displays a list of available commands.

Customization

To customize Gemini Code Assist for GitHub experience, repository maintainers can create a configuration file and/or provide a custom code review style guide (such as PEP-8 for Python) by creating and adding files to a .gemini/ folder in the base of the repository. Detailed instructions can be found here.

Limitations & Feedback

Gemini Code Assist may make mistakes. Please leave feedback on any instances where its feedback is incorrect or counter productive. You can react with 👍 and 👎 on @gemini-code-assist comments. If you're interested in giving your feedback about your experience with Gemini Code Assist for Github and other Google products, sign up here.

You can also get AI-powered code generation, chat, as well as code reviews directly in the IDE at no cost with the Gemini Code Assist IDE Extension.

Footnotes

  1. Review the Privacy Notices, Generative AI Prohibited Use Policy, Terms of Service, and learn how to configure Gemini Code Assist in GitHub here. Gemini can make mistakes, so double check it and use code with caution.

gemini-code-assist[bot]
gemini-code-assist bot reviewed Aug 11, 2025
View reviewed changes
Copy link

@gemini-code-assist gemini-code-assist bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Code Review

This pull request provides a comprehensive update to the documentation and configuration files for several applications. The changes include removing duplicate values from the RabbitMQ README, using placeholders for passwords and secrets for enhanced security, fixing links to cloud-init documentation, and ensuring consistent explanations for CPU and memory resources across all relevant files. These updates improve the clarity, security, and consistency of the application configurations. The changes are well-implemented and improve the overall quality of the documentation.

@NickVolynkin NickVolynkin force-pushed the update-app-docs branch 3 times, most recently from c12fcfc to d0ebbc2 Compare August 11, 2025 16:40
NickVolynkin
NickVolynkin commented Aug 11, 2025
View reviewed changes
packages/apps/rabbitmq/values.schema.json
Comment on lines -94 to -122
"vhost": {
"description": "Virtual Host",
"type": "object",
"required": [
"roles"
],
"properties": {
"roles": {
"description": "Virtual host roles list",
"type": "object",
"properties": {
"admin": {
"description": "List of admin users",
"type": "array",
"items": {
"type": "string"
}
},
"readonly": {
"description": "List of readonly users",
"type": "array",
"items": {
"type": "string"
}
}
}
}
}
},
Copy link
Collaborator Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@kvaps, this is the only part that affects specs. This block was a duplicate.

@NickVolynkin NickVolynkin self-assigned this Aug 12, 2025
@NickVolynkin
[apps] Update application READMEs
2ef11ff 
- Remove duplicate values from rabbitmq README
- Use placeholders for passwords and secrets
- Fix copy-pasted postgres reference in mysql
- Fix links to cloud-init docs
- Explain CPU and memory consistently

Signed-off-by: Nick Volynkin <nick.volynkin@gmail.com>
coderabbitai[bot]
coderabbitai bot reviewed Aug 18, 2025
View reviewed changes
Copy link
Contributor

@coderabbitai coderabbitai bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Actionable comments posted: 3

🔭 Outside diff range comments (4)
packages/apps/redis/Chart.yaml (1)

19-25: Add app.kubernetes.io/version label in your templates

I ran a search for .Chart.AppVersion and app.kubernetes.io/version under packages/apps/redis/** and found no matches—so the new appVersion in Chart.yaml isn’t being injected into any rendered resources. To fix this:

• Update your chart’s templates (under packages/apps/redis/templates/)—for example in your Deployment or StatefulSet YAML—to include the label, e.g.:

metadata:
  labels:
    app.kubernetes.io/version: {{ .Chart.AppVersion }}

This ensures the appVersion value from Chart.yaml propagates into your Kubernetes objects.

packages/apps/vm-instance/README.md (3)

88-88: Fix heading typo: “UO Series” → “O Series”.

Section title should match the “O Series” introduced above.

Apply:

-### UO Series Characteristics
+### O Series Characteristics

123-123: Typo: “emaulation” → “emulation”.

User-facing docs: correct misspelling.

Apply:

-  from the vCPUs in order to reduce emaulation related impact on the
+  from the vCPUs in order to reduce emulation related impact on the

165-165: Typo: “emaulation” → “emulation”.

Same misspelling appears again in the RT series section.

Apply:

-  from the vCPUs in order to reduce emaulation related impact on the
+  from the vCPUs in order to reduce emulation related impact on the
♻️ Duplicate comments (1)
packages/apps/rabbitmq/values.schema.json (1)

94-126: Ack: Duplicate singular vhost removed.

Removing the duplicate aligns schema and README. Thanks for cleaning this up.

🧹 Nitpick comments (27)
packages/apps/kafka/values.yaml (1)

40-41: Consistent per-replica resource phrasing — looks good

Clarifies CPU/Memory as “available to each replica,” aligning with the repo-wide standardization.

For consistency within this file, consider adding similar per-field lines for ZooKeeper (resources.cpu/resources.memory) as done for Kafka. Not required, but keeps sections uniform.

packages/apps/http-cache/values.yaml (1)

31-32: Docs clarify per-replica resources — approved

The CPU/Memory descriptions now clearly indicate per-replica scope.

Optional: mirror these explicit per-field lines for nginx.resources (cpu/memory) to match the HAProxy section’s detail.

packages/apps/vm-disk/Chart.yaml (1)

19-25: Quote appVersion values in all Chart.yaml files for consistency

To follow the recommended convention (and avoid YAML parsing quirks), wrap the version strings in quotes. The following charts currently have unquoted appVersion fields:

  • packages/apps/vm-instance/Chart.yaml (line 26)
  • packages/apps/virtual-machine/Chart.yaml (line 26)
  • packages/apps/vm-disk/Chart.yaml (line 25)
  • packages/apps/kubernetes/Chart.yaml (line 25)
  • packages/apps/ferretdb/Chart.yaml (line 25)

Apply this diff to each:

-packages/apps/vm-instance/Chart.yaml
-appVersion: 0.11.0
+packages/apps/vm-instance/Chart.yaml
+appVersion: "0.11.0"
-packages/apps/virtual-machine/Chart.yaml
-appVersion: 0.12.0
+packages/apps/virtual-machine/Chart.yaml
+appVersion: "0.12.0"
-packages/apps/vm-disk/Chart.yaml
-appVersion: 0.4.0
+packages/apps/vm-disk/Chart.yaml
+appVersion: "0.4.0"
-packages/apps/kubernetes/Chart.yaml
-appVersion: 1.32.6
+packages/apps/kubernetes/Chart.yaml
+appVersion: "1.32.6"
-packages/apps/ferretdb/Chart.yaml
-appVersion: 2.4.0
+packages/apps/ferretdb/Chart.yaml
+appVersion: "2.4.0"

Please ensure this quoting convention is applied consistently across all Helm charts in this PR.

packages/apps/redis/README.md (1)

20-21: Nit: end sentences with periods for consistency in the table

Other descriptions in the same table end with a period. Consider aligning for polish.

Apply this minimal tweak:

-| `resources.cpu`    | CPU available to each replica                                                                                                             | `*quantity` | `null`  |
-| `resources.memory` | Memory (RAM) available to each replica                                                                                                    | `*quantity` | `null`  |
+| `resources.cpu`    | CPU available to each replica.                                                                                                            | `*quantity` | `null`  |
+| `resources.memory` | Memory (RAM) available to each replica.                                                                                                   | `*quantity` | `null`  |
packages/apps/rabbitmq/values.yaml (1)

27-35: Redact example passwords to placeholders for consistency

These examples still show hard-coded example passwords. Switching to placeholders aligns with the PR goal to avoid real-looking secrets in docs and examples.

Apply this diff to the examples:

-##     password: strongpassword
+##     password: <your-password-1>
-##   user2:
-##     password: hackme
+##   user2:
+##     password: <your-password-2>
-##   user3:
-##     password: testtest
+##   user3:
+##     password: <your-password-3>
packages/apps/ferretdb/values.schema.json (1)

47-56: Add minimal length validation for access/secret keys

To prevent empty strings from passing schema validation (especially when UIs prefill defaults), add minLength to these fields.

Apply this diff:

         "s3AccessKey": {
           "description": "Access key for S3, used for authentication",
-          "type": "string",
-          "default": "\u003cyour-access-key\u003e"
+          "type": "string",
+          "minLength": 1,
+          "default": "\u003cyour-access-key\u003e"
         },
         "s3SecretKey": {
           "description": "Secret key for S3, used for authentication",
-          "type": "string",
-          "default": "\u003cyour-secret-key\u003e"
+          "type": "string",
+          "minLength": 1,
+          "default": "\u003cyour-secret-key\u003e"
         },
packages/apps/virtual-machine/values.yaml (1)

58-60: Avoid duplicated links after inlining them in the description.

Line 58 now contains the links; lines 59–60 repeat them, making the block redundant.

Apply this diff to remove the duplicate bullets:

 ## @param cloudInit {string} Cloud-init user data config. See cloud-init documentation for more details: [format](https://cloudinit.readthedocs.io/en/latest/explanation/format.html), [examples](https://cloudinit.readthedocs.io/en/latest/reference/examples.html).
-## - https://cloudinit.readthedocs.io/en/latest/explanation/format.html
-## - https://cloudinit.readthedocs.io/en/latest/reference/examples.html
packages/apps/virtual-machine/README.md (2)

44-44: Tighten wording: make the sentence standalone and polished.

Use “Whether …” instead of a lowercase “if …” for better style in the table:

-| `running`                 | if the virtual machine should be running                                                                                                                                                                                                  | `bool`      | `true`       |
+| `running`                 | Whether the virtual machine should be running                                                                                                                                                                                             | `bool`      | `true`       |

57-57: Grammar nit: complete the sentence in the SSH keys description.

“Can be a single key…” is a fragment; adding “It” makes it a complete sentence.

-| `sshKeys`                 | List of SSH public keys for authentication. Can be a single key or a list of keys.                                                                                                                                                        | `[]string`  | `[]`         |
+| `sshKeys`                 | List of SSH public keys for authentication. It can be a single key or a list of keys.                                                                                                                                                     | `[]string`  | `[]`         |
packages/apps/kafka/README.md (1)

44-45: Nit: Use canonical “ZooKeeper” capitalization for brand consistency.

Elsewhere it’s often written “ZooKeeper.” Consider updating “Zookeeper” to “ZooKeeper” across the doc for consistency.

-| `zookeeper.resources.cpu`    | CPU available to each replica
-| `zookeeper.resources.memory` | Memory (RAM) available to each replica
+| `zookeeper.resources.cpu`    | CPU available to each replica
+| `zookeeper.resources.memory` | Memory (RAM) available to each replica
packages/apps/rabbitmq/values.schema.json (1)

94-126: Confirm and document removal of the singular vhost property (potential breaking change).

AI summary notes the top-level singular vhost was removed as a duplicate. If users previously set vhost, this is a breaking schema change. Ensure:

  • Chart release notes/changelog include a migration note (use vhosts[<name>] instead).
  • Template logic doesn’t reference the removed key.
  • Version bump is appropriate per your chart versioning policy (Helm SemVer typically reserves MAJOR for breaking changes).

I can draft a short migration note if helpful.

packages/apps/virtual-machine/values.schema.json (1)

6-6: Good: Adds direct links to Cloud-init docs. Minor style nit on capitalization.

Consider using consistent casing (“Cloud-init” vs “cloud-init”) within the sentence.

- "description": "Cloud-init user data config. See cloud-init documentation for more details: [format](https://cloudinit.readthedocs.io/en/latest/explanation/format.html), [examples](https://cloudinit.readthedocs.io/en/latest/reference/examples.html).",
+ "description": "Cloud-init user data config. See Cloud-init documentation for more details: [format](https://cloudinit.readthedocs.io/en/latest/explanation/format.html), [examples](https://cloudinit.readthedocs.io/en/latest/reference/examples.html).",
packages/apps/clickhouse/values.schema.json (1)

11-16: Good security hygiene: secrets redacted. Consider guarding against placeholder use when backups are enabled.

Nice job replacing defaults with placeholders. To prevent accidental deployments with <password>/<your-access-key>/<your-secret-key> when backup.enabled is true, add conditional schema validation to forbid placeholders.

Example JSON Schema snippet to add under the backup object (sibling to "properties"), enforcing real credentials when enabled:

"allOf": [
  {
    "if": { "properties": { "enabled": { "const": true } }, "required": ["enabled"] },
    "then": {
      "allOf": [
        { "properties": { "resticPassword": { "not": { "const": "<password>" } } }, "required": ["resticPassword"] },
        { "properties": { "s3AccessKey":    { "not": { "const": "<your-access-key>" } } }, "required": ["s3AccessKey"] },
        { "properties": { "s3SecretKey":    { "not": { "const": "<your-secret-key>" } } }, "required": ["s3SecretKey"] }
      ]
    }
  }
]

Also applies to: 42-43, 47-48, 62-63

packages/apps/kubernetes/values.schema.json (1)

332-346: Use "replica" (not "worker node") for control plane resource descriptions

Control plane components (apiServer, controllerManager, scheduler, konnectivity server) run as replicas/pods, not worker nodes. Using “worker node” here is misleading and inconsistent with other apps in this PR that use “each replica.”

Apply this diff to align wording:

--- a/packages/apps/kubernetes/values.schema.json
+++ b/packages/apps/kubernetes/values.schema.json
@@
-                  "description": "CPU available to each worker node",
+                  "description": "CPU available to each replica",
@@
-                  "description": "Memory (RAM) available to each worker node",
+                  "description": "Memory (RAM) available to each replica",
@@
-                  "description": "CPU available to each worker node",
+                  "description": "CPU available to each replica",
@@
-                  "description": "Memory (RAM) available to each worker node",
+                  "description": "Memory (RAM) available to each replica",
@@
-                      "description": "CPU available to each worker node",
+                      "description": "CPU available to each replica",
@@
-                      "description": "Memory (RAM) available to each worker node",
+                      "description": "Memory (RAM) available to each replica",
@@
-                  "description": "CPU available to each worker node",
+                  "description": "CPU available to each replica",
@@
-                  "description": "Memory (RAM) available to each worker node",
+                  "description": "Memory (RAM) available to each replica",

Also applies to: 393-407, 467-481, 535-549

packages/apps/kubernetes/README.md (1)

146-171: Replace “worker node” with “replica” for control plane resources

These fields describe resources per control-plane replica, not worker nodes. Align wording to “each replica” for consistency and accuracy.

-| `controlPlane.apiServer.resources.cpu`              | CPU available to each worker node                                                                                                         | `*quantity` | `null`   |
-| `controlPlane.apiServer.resources.memory`           | Memory (RAM) available to each worker node                                                                                                | `*quantity` | `null`   |
+| `controlPlane.apiServer.resources.cpu`              | CPU available to each replica                                                                                                             | `*quantity` | `null`   |
+| `controlPlane.apiServer.resources.memory`           | Memory (RAM) available to each replica                                                                                                    | `*quantity` | `null`   |
@@
-| `controlPlane.controllerManager.resources.cpu`      | CPU available to each worker node                                                                                                         | `*quantity` | `null`   |
-| `controlPlane.controllerManager.resources.memory`   | Memory (RAM) available to each worker node                                                                                                | `*quantity` | `null`   |
+| `controlPlane.controllerManager.resources.cpu`      | CPU available to each replica                                                                                                             | `*quantity` | `null`   |
+| `controlPlane.controllerManager.resources.memory`   | Memory (RAM) available to each replica                                                                                                    | `*quantity` | `null`   |
@@
-| `controlPlane.scheduler.resources.cpu`              | CPU available to each worker node                                                                                                         | `*quantity` | `null`   |
-| `controlPlane.scheduler.resources.memory`           | Memory (RAM) available to each worker node                                                                                                | `*quantity` | `null`   |
+| `controlPlane.scheduler.resources.cpu`              | CPU available to each replica                                                                                                             | `*quantity` | `null`   |
+| `controlPlane.scheduler.resources.memory`           | Memory (RAM) available to each replica                                                                                                    | `*quantity` | `null`   |
@@
-| `controlPlane.konnectivity.server.resources.cpu`    | CPU available to each worker node                                                                                                         | `*quantity` | `null`   |
-| `controlPlane.konnectivity.server.resources.memory` | Memory (RAM) available to each worker node                                                                                                | `*quantity` | `null`   |
+| `controlPlane.konnectivity.server.resources.cpu`    | CPU available to each replica                                                                                                             | `*quantity` | `null`   |
+| `controlPlane.konnectivity.server.resources.memory` | Memory (RAM) available to each replica                                                                                                    | `*quantity` | `null`   |
packages/apps/postgres/values.schema.json (1)

38-47: Mark secret-like fields as writeOnly for better UX and safety.

Consider hinting UIs and tooling that these are sensitive. Many JSON Schema consumers respect writeOnly and/or password formats.

Apply this minimal enhancement:

         "s3AccessKey": {
           "description": "Access key for S3, used for authentication",
           "type": "string",
+          "writeOnly": true,
           "default": "\u003cyour-access-key\u003e"
         },
         "s3SecretKey": {
           "description": "Secret key for S3, used for authentication",
           "type": "string",
+          "writeOnly": true,
           "default": "\u003cyour-secret-key\u003e"
         },
packages/apps/mysql/values.schema.json (1)

39-63: Hint UIs that these fields are sensitive (writeOnly).

Optional but useful: mark password/keys as writeOnly to avoid echoing them in UIs or generated docs.

Suggested tweak:

         "resticPassword": {
           "description": "Password for Restic backup encryption",
           "type": "string",
+          "writeOnly": true,
           "default": "\u003cpassword\u003e"
         },
         "s3AccessKey": {
           "description": "Access key for S3, used for authentication",
           "type": "string",
+          "writeOnly": true,
           "default": "\u003cyour-access-key\u003e"
         },
         "s3Bucket": {
           "description": "S3 bucket used for storing backups",
           "type": "string",
           "default": "s3.example.org/mysql-backups"
         },
         "s3Region": {
           "description": "AWS S3 region where backups are stored",
           "type": "string",
           "default": "us-east-1"
         },
         "s3SecretKey": {
           "description": "Secret key for S3, used for authentication",
           "type": "string",
+          "writeOnly": true,
           "default": "\u003cyour-secret-key\u003e"
         },
packages/apps/ferretdb/Chart.yaml (1)

25-25: Optional: quote appVersion for consistency with other charts.

Helm recommends quoting appVersion; several charts in this PR already do that. Not critical, just consistency.

Apply:

-appVersion: 2.4.0
+appVersion: "2.4.0"
packages/apps/mysql/values.yaml (1)

67-67: Use a bucket-name placeholder (slashes are invalid in S3 bucket names)

Current example looks like a URL/path. S3 bucket names cannot include slashes; suggest a neutral placeholder to avoid confusion.

-  s3Bucket: "s3.example.org/mysql-backups"
+  s3Bucket: "<your-bucket>"
packages/apps/clickhouse/values.yaml (1)

59-65: Good redaction of credentials; consider empty defaults to prevent accidental deployments with placeholders.

Placeholders are better than real secrets in git. As a minor improvement, you could use empty strings by default so charts fail early if users forget to set them.

Here’s an optional tweak:

-  s3Bucket: "s3.example.org/clickhouse-backups"
+  s3Bucket: "s3.example.org/clickhouse-backups"
   schedule: "0 2 * * *"
   cleanupStrategy: "--keep-last=3 --keep-daily=3 --keep-within-weekly=1m"
-  s3AccessKey: "<your-access-key>"
-  s3SecretKey: "<your-secret-key>"
-  resticPassword: "<password>"
+  s3AccessKey: ""
+  s3SecretKey: ""
+  resticPassword: ""
packages/apps/clickhouse/README.md (1)

66-73: Capitalize “ClickHouse” consistently.

Minor nit for brand/style consistency.

Apply:

-| `clickhouseKeeper`                 | Clickhouse Keeper configuration                                                                                                           | `*object`   | `{}`    |
-| `clickhouseKeeper.enabled`         | Deploy ClickHouse Keeper for cluster coordination                                                                                         | `*bool`     | `true`  |
-| `clickhouseKeeper.size`            | Persistent Volume Claim size, available for application data                                                                              | `*quantity` | `1Gi`   |
+| `clickhouseKeeper`                 | ClickHouse Keeper configuration                                                                                                           | `*object`   | `{}`    |
+| `clickhouseKeeper.enabled`         | Deploy ClickHouse Keeper for cluster coordination                                                                                         | `*bool`     | `true`  |
+| `clickhouseKeeper.size`            | Persistent Volume Claim size, available for application data                                                                              | `*quantity` | `1Gi`   |
packages/apps/mysql/README.md (6)

17-19: Fix typo in placeholder.

-kubectl edit mariadb <instnace>
+kubectl edit mariadb <instance>

39-41: Align S3 path with parameter table (“mysql-backups” vs “mariadb-backups”).

The parameter table uses mysql-backups, but the example uses mariadb-backups. Align to avoid confusion.

-restic -r s3:s3.example.org/mariadb-backups/database_name snapshots
+restic -r s3:s3.example.org/mysql-backups/database_name snapshots

46-47: Align restore example S3 path with parameter table.

-restic -r s3:s3.example.org/mariadb-backups/database_name restore latest --target /tmp/
+restic -r s3:s3.example.org/mysql-backups/database_name restore latest --target /tmp/

54-58: Fix minor grammar.

-  Until `mariadbbackup` is not used to bootstrap a node by mariadb-operator (this feature is not inmplemented yet), follow these manual steps to fix it:
+  Until `mariadbbackup` is used to bootstrap a node by mariadb-operator (this feature is not implemented yet), follow these manual steps to fix it:

Optional: consider modern terminology (“primary/replica”) throughout the doc for consistency with the earlier example.

63-66: Optional: prefer “primary/replica” terminology in examples.

Matches the earlier “primary” example and modernizes terminology.

-  mysqldump -h <slave> -P 3306 -u<user> -p<password> --column-statistics=0 <database> <table> ~/tmp/fix-table.sql
-  mysql -h <master> -P 3306 -u<user> -p<password> <database> < ~/tmp/fix-table.sql
+  mysqldump -h <replica> -P 3306 -u<user> -p<password> --column-statistics=0 <database> <table> ~/tmp/fix-table.sql
+  mysql -h <primary> -P 3306 -u<user> -p<password> <database> < ~/tmp/fix-table.sql

104-109: Credential placeholders LGTM; consider redacting example passwords below as well.

The table is cleaned up. As a follow-up, consider changing the users example passwords (hackme) later in the doc to placeholders for consistency.

I can submit a follow-up patch to replace example passwords with <password> and unify “primary/replica” terminology throughout. Want me to draft it?

📜 Review details

Configuration used: CodeRabbit UI
Review profile: CHILL
Plan: Pro

💡 Knowledge Base configuration:

  • MCP integration is disabled by default for public repositories
  • Jira integration is disabled by default for public repositories
  • Linear integration is disabled by default for public repositories

You can enable these sources in your CodeRabbit configuration.

📥 Commits

Reviewing files that changed from the base of the PR and between 41c0c6d and 7573952.

📒 Files selected for processing (64)
  • packages/apps/clickhouse/Chart.yaml (1 hunks)
  • packages/apps/clickhouse/README.md (2 hunks)
  • packages/apps/clickhouse/values.schema.json (6 hunks)
  • packages/apps/clickhouse/values.yaml (2 hunks)
  • packages/apps/ferretdb/Chart.yaml (1 hunks)
  • packages/apps/ferretdb/README.md (2 hunks)
  • packages/apps/ferretdb/values.schema.json (4 hunks)
  • packages/apps/ferretdb/values.yaml (2 hunks)
  • packages/apps/http-cache/Chart.yaml (1 hunks)
  • packages/apps/http-cache/README.md (2 hunks)
  • packages/apps/http-cache/values.schema.json (4 hunks)
  • packages/apps/http-cache/values.yaml (1 hunks)
  • packages/apps/kafka/README.md (2 hunks)
  • packages/apps/kafka/values.schema.json (4 hunks)
  • packages/apps/kafka/values.yaml (1 hunks)
  • packages/apps/kubernetes/Chart.yaml (1 hunks)
  • packages/apps/kubernetes/README.md (2 hunks)
  • packages/apps/kubernetes/values.schema.json (14 hunks)
  • packages/apps/kubernetes/values.yaml (3 hunks)
  • packages/apps/mysql/Chart.yaml (1 hunks)
  • packages/apps/mysql/README.md (5 hunks)
  • packages/apps/mysql/values.schema.json (5 hunks)
  • packages/apps/mysql/values.yaml (2 hunks)
  • packages/apps/nats/Chart.yaml (1 hunks)
  • packages/apps/nats/README.md (1 hunks)
  • packages/apps/nats/values.schema.json (2 hunks)
  • packages/apps/nats/values.yaml (1 hunks)
  • packages/apps/postgres/Chart.yaml (1 hunks)
  • packages/apps/postgres/README.md (2 hunks)
  • packages/apps/postgres/values.schema.json (4 hunks)
  • packages/apps/postgres/values.yaml (2 hunks)
  • packages/apps/rabbitmq/Chart.yaml (1 hunks)
  • packages/apps/rabbitmq/README.md (1 hunks)
  • packages/apps/rabbitmq/values.schema.json (2 hunks)
  • packages/apps/rabbitmq/values.yaml (1 hunks)
  • packages/apps/redis/Chart.yaml (1 hunks)
  • packages/apps/redis/README.md (1 hunks)
  • packages/apps/redis/values.schema.json (2 hunks)
  • packages/apps/redis/values.yaml (1 hunks)
  • packages/apps/tcp-balancer/Chart.yaml (1 hunks)
  • packages/apps/tcp-balancer/README.md (1 hunks)
  • packages/apps/tcp-balancer/values.schema.json (2 hunks)
  • packages/apps/tcp-balancer/values.yaml (1 hunks)
  • packages/apps/tenant/Chart.yaml (1 hunks)
  • packages/apps/versions_map (12 hunks)
  • packages/apps/virtual-machine/Chart.yaml (1 hunks)
  • packages/apps/virtual-machine/README.md (1 hunks)
  • packages/apps/virtual-machine/values.schema.json (1 hunks)
  • packages/apps/virtual-machine/values.yaml (1 hunks)
  • packages/apps/vm-disk/Chart.yaml (1 hunks)
  • packages/apps/vm-instance/Chart.yaml (1 hunks)
  • packages/apps/vm-instance/README.md (1 hunks)
  • packages/apps/vm-instance/values.schema.json (1 hunks)
  • packages/apps/vm-instance/values.yaml (1 hunks)
  • packages/apps/vpn/Chart.yaml (1 hunks)
  • packages/apps/vpn/README.md (1 hunks)
  • packages/apps/vpn/values.schema.json (2 hunks)
  • packages/apps/vpn/values.yaml (1 hunks)
  • packages/extra/bootbox/Chart.yaml (1 hunks)
  • packages/extra/etcd/Chart.yaml (1 hunks)
  • packages/extra/info/Chart.yaml (1 hunks)
  • packages/extra/ingress/Chart.yaml (1 hunks)
  • packages/extra/monitoring/Chart.yaml (1 hunks)
  • packages/extra/versions_map (3 hunks)
🧰 Additional context used
🪛 LanguageTool
packages/apps/kafka/README.md

[grammar] ~30-~30: There might be a mistake here.
Context: ... | *quantity | null | | kafka.resources.memory | Memory (RAM...

(QB_NEW_EN)

[grammar] ~31-~31: There might be a mistake here.
Context: ... | *quantity | null | | kafka.resourcesPreset | Default siz...

(QB_NEW_EN)

[grammar] ~44-~44: There might be a mistake here.
Context: ... | *quantity | null | | zookeeper.resources.memory | Memory ...

(QB_NEW_EN)

[grammar] ~45-~45: There might be a mistake here.
Context: ... | *quantity | null | | zookeeper.resourcesPreset | Default...

(QB_NEW_EN)

packages/apps/ferretdb/README.md

[grammar] ~15-~15: There might be a mistake here.
Context: ... | *quantity | null | | resources.memory | Memory (RAM) avai...

(QB_NEW_EN)

[grammar] ~16-~16: There might be a mistake here.
Context: ... | *quantity | null | | resourcesPreset | Default sizing pr...

(QB_NEW_EN)

packages/apps/vpn/README.md

[grammar] ~26-~26: There might be a mistake here.
Context: ... | *quantity | null | | resources.memory | Memory (RAM) avai...

(QB_NEW_EN)

[grammar] ~27-~27: There might be a mistake here.
Context: ... | *quantity | null | | resourcesPreset | Default sizing pr...

(QB_NEW_EN)

packages/apps/rabbitmq/README.md

[grammar] ~20-~20: There might be a mistake here.
Context: ... | *quantity | null | | resources.memory | Memory (RAM) avai...

(QB_NEW_EN)

[grammar] ~21-~21: There might be a mistake here.
Context: ... | *quantity | null | | resourcesPreset | Default sizing pr...

(QB_NEW_EN)

packages/apps/nats/README.md

[grammar] ~14-~14: There might be a mistake here.
Context: ... | *quantity | null | | resources.memory | Memory (RAM) avai...

(QB_NEW_EN)

[grammar] ~15-~15: There might be a mistake here.
Context: ... | *quantity | null | | resourcesPreset | Default sizing pr...

(QB_NEW_EN)

packages/apps/http-cache/README.md

[grammar] ~84-~84: There might be a mistake here.
Context: ... | *quantity | null | | haproxy.resources.memory | Memory (R...

(QB_NEW_EN)

[grammar] ~85-~85: There might be a mistake here.
Context: ... | *quantity | null | | haproxy.resourcesPreset | Default s...

(QB_NEW_EN)

[grammar] ~96-~96: There might be a mistake here.
Context: ... | *quantity | null | | nginx.resources.memory | Memory (RAM...

(QB_NEW_EN)

[grammar] ~97-~97: There might be a mistake here.
Context: ... | *quantity | null | | nginx.resourcesPreset | Default siz...

(QB_NEW_EN)

packages/apps/redis/README.md

[grammar] ~20-~20: There might be a mistake here.
Context: ... | *quantity | null | | resources.memory | Memory (RAM) avai...

(QB_NEW_EN)

[grammar] ~21-~21: There might be a mistake here.
Context: ... | *quantity | null | | resourcesPreset | Default sizing pr...

(QB_NEW_EN)

packages/apps/virtual-machine/README.md

[style] ~57-~57: To form a complete sentence, be sure to include a subject or ‘there’.
Context: ... of SSH public keys for authentication. Can be a single key or a list of keys. ...

(MISSING_IT_THERE)

[grammar] ~57-~57: There might be a mistake here.
Context: ... | []string | [] | | cloudInit | Cloud-init...

(QB_NEW_EN)

packages/apps/mysql/README.md

[grammar] ~57-~57: Ensure spelling is correct
Context: ...y mariadb-operator (this feature is not inmplemented yet), follow these manual steps to fix ...

(QB_NEW_EN_ORTHOGRAPHY_ERROR_IDS_1)

[grammar] ~60-~60: Ensure spelling is correct
Context: ...#issuecomment-1804760231 - Corrupted indicies Sometimes some indecies can be corr...

(QB_NEW_EN_ORTHOGRAPHY_ERROR_IDS_1)

[grammar] ~61-~61: Ensure spelling is correct
Context: ...Corrupted indicies Sometimes some indecies can be corrupted on master replica, you...

(QB_NEW_EN_ORTHOGRAPHY_ERROR_IDS_1)

[grammar] ~61-~61: There might be a mistake here.
Context: ...ometimes some indecies can be corrupted on master replica, you can recover them fr...

(QB_NEW_EN)

[grammar] ~61-~61: There might be a mistake here.
Context: ...on master replica, you can recover them from slave: ```bash mysqldump -h <slave...

(QB_NEW_EN)

[grammar] ~76-~76: There might be a mistake here.
Context: ... | *quantity | null | | resources.memory | Memory (RAM) avai...

(QB_NEW_EN)

[grammar] ~77-~77: There might be a mistake here.
Context: ... | *quantity | null | | resourcesPreset | Default sizing pr...

(QB_NEW_EN)

packages/apps/clickhouse/README.md

[grammar] ~71-~71: There might be a mistake here.
Context: ...e, 2xlarge. | string |micro| |clickhouseKeeper.replicas` | N...

(QB_NEW_EN)

packages/apps/kubernetes/README.md

[grammar] ~149-~149: There might be a mistake here.
Context: ... | int | 2 | | controlPlane.apiServer ...

(QB_NEW_EN)

[grammar] ~150-~150: There might be a mistake here.
Context: ... | object | {} | | controlPlane.apiServer.resources ...

(QB_NEW_EN)

[grammar] ~151-~151: There might be a mistake here.
Context: ...d. | object | {} | | controlPlane.apiServer.resources.cpu...

(QB_NEW_EN)

[grammar] ~152-~152: There might be a mistake here.
Context: ... | *quantity | null | | `controlPlane.apiServer.resources.memo...

(QB_NEW_EN)

[grammar] ~153-~153: There might be a mistake here.
Context: ... | *quantity | null | | `controlPlane.apiServer.resourcesPrese...

(QB_NEW_EN)

[grammar] ~155-~155: There might be a mistake here.
Context: ... | object | {} | | `controlPlane.controllerManager.resour...

(QB_NEW_EN)

[grammar] ~156-~156: There might be a mistake here.
Context: ...s applied. | object | {} | | `controlPlane.controllerManager.resour...

(QB_NEW_EN)

[grammar] ~157-~157: There might be a mistake here.
Context: ... | *quantity | null | | `controlPlane.controllerManager.resour...

(QB_NEW_EN)

[grammar] ~158-~158: There might be a mistake here.
Context: ... | *quantity | null | | `controlPlane.controllerManager.resour...

(QB_NEW_EN)

[grammar] ~160-~160: There might be a mistake here.
Context: ... | object | {} | | controlPlane.scheduler.resources ...

(QB_NEW_EN)

[grammar] ~161-~161: There might be a mistake here.
Context: .... | object | {} | | controlPlane.scheduler.resources.cpu...

(QB_NEW_EN)

[grammar] ~162-~162: There might be a mistake here.
Context: ... | *quantity | null | | `controlPlane.scheduler.resources.memo...

(QB_NEW_EN)

[grammar] ~163-~163: There might be a mistake here.
Context: ... | *quantity | null | | `controlPlane.scheduler.resourcesPrese...

(QB_NEW_EN)

[grammar] ~165-~165: There might be a mistake here.
Context: ... | object | {} | | controlPlane.konnectivity.server ...

(QB_NEW_EN)

[grammar] ~166-~166: There might be a mistake here.
Context: ... | object | {} | | `controlPlane.konnectivity.server.reso...

(QB_NEW_EN)

[grammar] ~167-~167: There might be a mistake here.
Context: ... | object | {} | | `controlPlane.konnectivity.server.reso...

(QB_NEW_EN)

[grammar] ~168-~168: There might be a mistake here.
Context: ... | *quantity | null | | `controlPlane.konnectivity.server.reso...

(QB_NEW_EN)

[grammar] ~169-~169: There might be a mistake here.
Context: ... | *quantity | null | | `controlPlane.konnectivity.server.reso...

(QB_NEW_EN)

🪛 markdownlint-cli2 (0.17.2)
packages/apps/mysql/README.md

19-19: Fenced code blocks should have a language specified

(MD040, fenced-code-language)

31-31: Fenced code blocks should have a language specified

(MD040, fenced-code-language)

⏰ Context from checks skipped due to timeout of 90000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (1)
  • GitHub Check: Build
🔇 Additional comments (68)
packages/extra/bootbox/Chart.yaml (1)

6-6: LGTM: version bump to 0.3.0 looks consistent with repo-wide doc/schema updates.
No issues spotted.

packages/apps/http-cache/Chart.yaml (1)

19-19: LGTM: chart version bumped to 0.7.0; appVersion unchanged.
Looks correct for documentation/values wording updates.

packages/extra/info/Chart.yaml (1)

6-6: LGTM: version bumped to 1.2.0.
Change aligns with PR scope.

packages/extra/etcd/Chart.yaml (1)

6-6: LGTM: version bumped to 2.10.0; no versions_map file found under packages/extra, so no additional pinning is required.

Likely an incorrect or invalid review comment.

packages/apps/virtual-machine/Chart.yaml (1)

20-20: LGTM: version bump to 0.13.0.
No further changes needed here.

packages/extra/ingress/Chart.yaml (1)

6-6: Chart version bump looks good

Minor version increment to 1.8.0 is consistent with the PR’s documentation updates across charts.

packages/apps/kubernetes/Chart.yaml (1)

19-19: Version bump approved

Chart version updated to 0.27.0. No other changes; aligns with the PR’s batch of metadata bumps.

packages/apps/rabbitmq/Chart.yaml (1)

19-19: Version bump approved; ensure schema/docs changes are captured

Bumping to 0.9.0 aligns with the RabbitMQ README/schema cleanups described in the PR.

If not already done in this PR, please verify:

  • values.schema.json changes (e.g., vhost-related adjustments) are included in the same version bump.
  • README and values.yaml placeholders for credentials match the current schema.
packages/apps/postgres/Chart.yaml (1)

19-19: LGTM on the version bump

Chart version 0.18.0 is a straightforward metadata update; appVersion remains unchanged.

packages/apps/tcp-balancer/Chart.yaml (1)

19-19: Approved: chart metadata update

Chart version increased to 0.6.0; no functional changes indicated.

packages/apps/nats/Chart.yaml (1)

19-19: LGTM: Chart version bumped to 0.9.0 without appVersion change.

Change is scoped and consistent with the PR’s README-focused intent. No further action needed.

packages/apps/tenant/Chart.yaml (1)

7-7: LGTM: Chart version updated to 1.12.0.

Straightforward version bump. Looks good.

packages/apps/vm-instance/Chart.yaml (2)

20-20: LGTM: Chart version bumped to 0.11.0.

Matches the appVersion update below.

26-26: LGTM: appVersion updated to 0.11.0.

Change is clear and consistent. Ensure any referenced images/tags (if any) align with this appVersion elsewhere in the chart.

packages/apps/nats/README.md (1)

14-15: LGTM: Clarified per-replica resource descriptions.

“CPU available to each replica” and “Memory (RAM) available to each replica” improve clarity and align with the PR goal of consistent phrasing across READMEs.

packages/apps/tcp-balancer/README.md (1)

19-20: LGTM: Consistent per-replica resource wording.

Matches the standardized phrasing used across other READMEs in this PR.

packages/apps/tcp-balancer/values.yaml (1)

6-7: Per-replica resource description standardization — good update

Matches the project-wide phrasing; no functional changes introduced.

packages/apps/postgres/values.yaml (1)

6-7: Per-replica resource descriptions clarified — LGTM

Wording is consistent with the broader effort across apps.

packages/apps/tcp-balancer/values.schema.json (1)

79-93: Per-replica CPU/Memory descriptions — LGTM

Schema text aligns with the consistency pass; no validation changes introduced.

Also applies to: 92-103

packages/apps/clickhouse/Chart.yaml (1)

19-25: Image tag alignment verified
appVersion is set to “24.9.2” in Chart.yaml and no explicit image.tag override was found in packages/apps/clickhouse/values.yaml, so the chart will default to using .Chart.AppVersion for the image tag. Everything lines up as expected.

packages/apps/vpn/values.schema.json (1)

33-47: Per-replica CPU/Memory descriptions — LGTM

Text-only improvement; schema semantics unchanged.

Also applies to: 46-57

packages/apps/rabbitmq/values.yaml (1)

6-7: Standardized per-replica CPU/Memory wording — LGTM

The updated resource descriptions are clear and consistent with the PR objective.

packages/apps/versions_map (2)

141-142: LGTM on version pinning and new HEAD placeholders

The mapping updates look consistent and support deterministic resolution.

19-21: Pinning HEAD validated: commit c02a381 exists and all HEAD entries point to the latest version

All checks passed for packages/apps/versions_map:

  • c02a3818 is a valid commit in the repo
  • ✅ Each package has exactly one HEAD entry, and it’s on its highest version

No further action required.

packages/apps/redis/values.yaml (1)

6-7: Per-replica CPU/Memory descriptions — LGTM

Consistent wording, matches the broader cleanup across apps.

packages/apps/ferretdb/values.schema.json (2)

13-15: Good redaction of credentials to placeholders

Replacing hard-coded credentials with placeholders both in defaults and property defaults is the right call and aligns with PR objectives.

Also applies to: 50-56

128-129: Per-replica resource descriptions — LGTM

Clearer descriptions for CPU and RAM; consistent with the cross-repo standardization.

Also applies to: 141-142

packages/apps/nats/values.schema.json (1)

75-90: Consistent per-replica CPU/Memory phrasing — LGTM

Matches the convention used across other charts in this PR.

packages/apps/nats/values.yaml (1)

6-7: Per-replica resource wording is clear and consistent.

The updated descriptions precisely convey per-replica CPU and memory. Aligned with the PR objective to standardize resource phrasing.

packages/apps/redis/values.schema.json (1)

26-26: Schema descriptions aligned to per-replica wording.

Descriptions for cpu/memory now clearly indicate per-replica scope. No validation changes introduced. Looks good.

Also applies to: 39-39

packages/apps/http-cache/values.schema.json (1)

43-43: Per-replica resource descriptions for HAProxy and Nginx look good.

Clear, consistent phrasing with no schema logic changes. Matches the broader PR standardization.

Also applies to: 56-56, 110-110, 123-123

packages/apps/kafka/README.md (1)

30-31: Per-replica resource wording is clear and consistent.

The CPU/Memory descriptions now align with the pattern used across apps. Looks good.

Also applies to: 44-45

packages/apps/rabbitmq/values.schema.json (1)

21-21: Per-replica CPU/Memory descriptions: LGTM.

The updated descriptions match the repo-wide convention and improve clarity.

Also applies to: 34-34

packages/apps/rabbitmq/README.md (1)

20-21: Per-replica CPU/Memory wording: LGTM.

The updated descriptions are consistent and clearer for users configuring per-replica resources.

packages/apps/clickhouse/values.schema.json (3)

90-93: Capitalization fix for Keeper: LGTM.

“Keeper” capitalization reads better and matches docs.

95-107: Formatting of allowed preset values: LGTM.

Using code ticks for the enum list improves readability.

154-168: Per-replica CPU/Memory descriptions: LGTM.

Consistent with the rest of the repo and clearer for users.

packages/apps/kubernetes/values.schema.json (1)

652-670: LGTM on nodeGroups resource wording

“Resources available to each worker node” is correct for node groups, and matches the intent.

packages/apps/http-cache/README.md (1)

84-85: LGTM: clarified per-replica resource descriptions

Switching to “CPU available to each replica” and “Memory (RAM) available to each replica” improves clarity and aligns with the rest of the repository.

Also applies to: 96-97

packages/apps/kubernetes/values.yaml (2)

19-21: LGTM: nodeGroups per-worker resource docs

The per-worker node phrasing here is correct for VM-based worker nodes.

140-140: LGTM: presets list formatting

Backticks around preset names improve readability and are consistently applied across sections.

Also applies to: 146-147, 153-154, 162-163

packages/apps/kafka/values.schema.json (1)

38-52: LGTM: per-replica resource wording for Kafka and ZooKeeper

“CPU/Memory available to each replica” is clear and consistent with the rest of the PR.

Also applies to: 160-174

packages/apps/kubernetes/README.md (1)

104-106: LGTM: nodeGroups per-worker resource docs

The updated descriptions for nodeGroups correctly use “each worker node.”

packages/apps/postgres/values.schema.json (2)

13-14: Good redaction of backup credentials defaults.

Using placeholders for s3AccessKey/s3SecretKey in defaults prevents accidental leakage.

191-205: Per-replica CPU/Memory descriptions — aligned and clear.

The updated text clarifies scope per replica without altering validation.

packages/apps/postgres/README.md (1)

73-74: Per-replica resource descriptions are clear and consistent.

Nice alignment with schema/values.

packages/apps/mysql/values.schema.json (2)

11-16: Credentials switched to placeholders — good.

Redaction and MySQL-specific bucket path look correct.

117-141: Per-replica resource descriptions — consistent and accurate.

The wording matches the intent across apps.

packages/apps/mysql/Chart.yaml (1)

19-19: Chart version bump looks good.

No other metadata changes; appVersion unchanged.

packages/extra/monitoring/Chart.yaml (1)

6-6: Chart version updated — LGTM.

Straightforward version bump; no other changes.

packages/apps/vpn/README.md (1)

26-27: Per-replica wording looks good and aligns with the PR’s objective.

The updated descriptions for CPU and Memory are clear and consistent with other READMEs in the PR.

packages/apps/vpn/Chart.yaml (1)

19-25: ✅ versions_map updated; verify image tag matches appVersion

  • packages/apps/versions_map
    • Entry 226: vpn 0.8.0 HEAD confirmed.
  • packages/apps/vpn/Chart.yaml
    appVersion: "1.8.1" set correctly.
  • packages/apps/vpn/templates/deployment.yaml
    • Image still pinned to quay.io/outline/shadowbox:stable
    • No tag: override found in values

Please confirm that the stable tag indeed corresponds to v1.8.1, or consider templating the image tag using .Chart.AppVersion for consistency.

packages/apps/ferretdb/Chart.yaml (1)

19-19: Chart version bump LGTM.

No functional changes in this file; the semantic bump aligns with repo-wide updates.

packages/apps/vm-instance/README.md (1)

57-57: Cloud-init link and capitalization update LGTM.

The updated link to the examples page and “Cloud-init” capitalization improve clarity.

packages/apps/vm-instance/values.yaml (1)

55-55: Cloud-init docs reference update LGTM.

The parameter description now points to the correct “examples” page and uses consistent capitalization.

packages/apps/mysql/values.yaml (2)

6-7: Per-replica resource wording — LGTM

Consistent with the PR objective to clarify CPU/Memory per replica.

70-72: Credentials redacted with placeholders — LGTM

Good move replacing secrets with placeholders.

packages/apps/ferretdb/values.yaml (2)

6-7: Per-replica resource wording — LGTM

Matches the standardized phrasing across apps.

61-62: Backup credentials redacted — LGTM

Placeholders remove hard-coded secrets as intended.

packages/apps/ferretdb/README.md (2)

15-16: Per-replica CPU/Memory descriptions — LGTM

Clear, concise, and consistent with values and schema.

44-45: Backup credential placeholders — LGTM

Removes sensitive defaults from docs.

packages/extra/versions_map (1)

3-4: Pinned commit c02a381 verified
All Chart.yaml versions match the expected values at commit c02a381:

• packages/extra/bootbox/Chart.yaml → 0.2.0
• packages/extra/etcd/Chart.yaml → 2.9.1
• packages/extra/info/Chart.yaml → 1.1.0
• packages/extra/ingress/Chart.yaml → 1.7.0
• packages/extra/monitoring/Chart.yaml → 1.12.1

No further changes needed here.

packages/apps/vpn/values.yaml (1)

6-7: Per-replica resource wording — LGTM

Consistent with other apps; clearer for users.

packages/apps/clickhouse/values.yaml (2)

8-9: Per-replica resource wording LGTM.

Clearer description; aligns with README and schema.

71-73: Keeper defaults changed (replicas: 3, preset: micro) — confirm intended impact on small clusters.

Moving Keeper to 3 replicas is a good HA default but can surprise single-node users and increase resource footprint. Please confirm this is intentional and documented as a behavioral change.

Suggested checks:

  • Verify templates render correctly when users keep defaults on single-node clusters (e.g., scheduling/anti-affinity).
  • Note the change in the release notes and README to set expectations for resource usage and the odd-number requirement for quorum.

Also applies to: 76-77

packages/apps/clickhouse/README.md (2)

31-32: Per-replica resource wording LGTM.

Matches values.yaml and schema updates.

59-61: Credential placeholders LGTM.

Consistent with values.yaml and avoids leaking sample secrets.

packages/apps/mysql/README.md (1)

76-77: Per-replica resource wording LGTM.

Consistent with other apps.

packages/apps/postgres/README.md
Comment on lines +111 to +112
| `backup.s3AccessKey` | Access key for S3, used for authentication | `*string` | `<your-access-key>` |
| `backup.s3SecretKey` | Secret key for S3, used for authentication | `*string` | `<your-secret-key>` |
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

⚠️ Potential issue

Secrets still exposed earlier in the README example — replace with placeholders.

Lines 36–37 show concrete s3AccessKey/s3SecretKey values, which contradict the PR objective and should be redacted.

Replace that example with placeholders, e.g.:

backup:
  enabled: false
  retentionPolicy: 30d
  destinationPath: s3://bucket/path/to/folder/
  endpointURL: http://minio-gateway-service:9000
  schedule: "0 2 * * * *"
  s3AccessKey: <your-access-key>
  s3SecretKey: <your-secret-key>
🤖 Prompt for AI Agents 
In packages/apps/postgres/README.md around lines 111-112 (and earlier example
lines 36–37) the README contains concrete s3AccessKey/s3SecretKey values;
replace those literal secret values with placeholders to avoid exposing secrets.
Edit the YAML example to use placeholder tokens like <your-access-key> and
<your-secret-key> (and ensure the table entries match those placeholders), and
verify there are no other occurrences of real keys elsewhere in the README.

packages/apps/postgres/values.yaml
Comment on lines +94 to +95
s3AccessKey: "<your-access-key>"
s3SecretKey: "<your-secret-key>"
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

💡 Verification agent

🧩 Analysis chain

Placeholders for S3 credentials — good; verify no hard-coded secrets remain elsewhere

Nice redaction. As a follow-up, scan the repo to ensure no non-placeholder S3 keys or Restic passwords slipped in other files.

Run this script from the repo root:

🏁 Script executed:

#!/bin/bash
set -euo pipefail

echo "Checking for non-placeholder s3AccessKey..."
rg -nP -C2 --hidden --glob '!.git' $'s3AccessKey:\\s*"(?!<your-access-key>)' || true
rg -nP -C2 --hidden --glob '!.git' $'s3AccessKey:\\s*(?!<your-access-key>)[^"\'\\s#]+' || true
rg -nP -C2 --hidden --glob '!.git' $'s3AccessKey:\\s*\'(?!<your-access-key>)' || true

echo
echo "Checking for non-placeholder s3SecretKey..."
rg -nP -C2 --hidden --glob '!.git' $'s3SecretKey:\\s*"(?!<your-secret-key>)' || true
rg -nP -C2 --hidden --glob '!.git' $'s3SecretKey:\\s*(?!<your-secret-key>)[^"\'\\s#]+' || true
rg -nP -C2 --hidden --glob '!.git' $'s3SecretKey:\\s*\'(?!<your-secret-key>)' || true

echo
echo "Checking for non-placeholder resticPassword..."
rg -nP -C2 --hidden --glob '!.git' $'resticPassword:\\s*"(?!<password>)' || true
rg -nP -C2 --hidden --glob '!.git' $'resticPassword:\\s*(?!<password>)[^"\'\\s#]+' || true
rg -nP -C2 --hidden --glob '!.git' $'resticPassword:\\s*\'(?!<password>)' || true

echo
echo "Done. If no lines printed above, you should be good."

Length of output: 8715

Remove hard-coded S3 & Restic credentials from tests and docs

A repo scan uncovered real credentials still embedded in your e2e tests and documentation. Please replace these with placeholders or environment-sourced values:

• hack/e2e-apps/postgres.bats (lines ~36–38):
­ s3AccessKey: oobaiRus9pah8PhohL1ThaeTa4UVa7gu
­ s3SecretKey: ju3eum4dekeich9ahM1te8waeGai0oog
­ resticPassword: ChaXoveekoh6eigh4siesheeda2quai0

• hack/e2e-apps/mysql.bats (lines ~31–33):
­ s3AccessKey: oobaiRus9pah8PhohL1ThaeTa4UVa7gu
­ s3SecretKey: ju3eum4dekeich9ahM1te8waeGai0oog
­ resticPassword: ChaXoveekoh6eigh4siesheeda2quai0

• hack/e2e-apps/clickhouse.bats (lines ~27–29):
­ s3AccessKey: oobaiRus9pah8PhohL1ThaeTa4UVa7gu
­ s3SecretKey: ju3eum4dekeich9ahM1te8waeGai0oog
­ resticPassword: ChaXoveekoh6eigh4siesheeda2quai0

• packages/apps/postgres/README.md (lines 36–37):
­ s3AccessKey: oobaiRus9pah8PhohL1ThaeTa4UVa7gu
­ s3SecretKey: ju3eum4dekeich9ahM1te8waeGai0oog

Updating these to use placeholders (e.g. <your-access-key>) or pulling from secure environment variables will prevent accidental credential leaks.

packages/apps/vm-instance/values.schema.json
@@ -3,7 +3,7 @@
"type": "object",
"properties": {
"cloudInit": {
"description": "cloud-init user data config. See cloud-init documentation for more details: [format](https://cloudinit.readthedocs.io/en/latest/explanation/format.html), [examples](https://cloudinit.readthedocs.io/en/latest/explanation/format.html).",
"description": "Cloud-init user data config. See cloud-init documentation for more details: [format](https://cloudinit.readthedocs.io/en/latest/explanation/format.html), [examples](https://cloudinit.readthedocs.io/en/latest/reference/examples.html).",
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

💡 Verification agent

🧩 Analysis chain

Cloud-init docs link update looks good; verify target URLs are correct and stable.

Nice improvement and capitalization. Please double-check that both links point to the intended pages and are stable long term.

🌐 Web query:

What are the canonical URLs for Cloud-init user-data format documentation and examples on readthedocs?

💡 Result:

Here are the Read the Docs canonical pages:

Note: Read the Docs is versioned; those non‑versioned URLs resolve to the project’s default (latest/stable) build. If you need a specific released version, let me know which and I’ll give the versioned URLs.

Citations:

Update Cloud-init documentation links to the canonical stable URLs

Please replace the existing ReadTheDocs links with the non-versioned “topics” URLs so they resolve to the project’s default (latest/stable) build:

In packages/apps/vm-instance/values.schema.json:

-   "description": "Cloud-init user data config. See cloud-init documentation for more details: [format](https://cloudinit.readthedocs.io/en/latest/explanation/format.html), [examples](https://cloudinit.readthedocs.io/en/latest/reference/examples.html).",
+   "description": "Cloud-init user data config. See cloud-init documentation for more details: [format](https://cloudinit.readthedocs.io/topics/format.html), [examples](https://cloudinit.readthedocs.io/topics/examples.html).",

These URLs are canonical and will always point at the latest stable content.

📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change
"description": "Cloud-init user data config. See cloud-init documentation for more details: [format](https://cloudinit.readthedocs.io/en/latest/explanation/format.html), [examples](https://cloudinit.readthedocs.io/en/latest/reference/examples.html).",
"description": "Cloud-init user data config. See cloud-init documentation for more details: [format](https://cloudinit.readthedocs.io/topics/format.html), [examples](https://cloudinit.readthedocs.io/topics/examples.html).",
🤖 Prompt for AI Agents 
In packages/apps/vm-instance/values.schema.json around line 6, the cloud-init
ReadTheDocs links in the description should use the canonical non-versioned
"topics" URLs; update the two URLs to their project-level topics endpoints (for
example replace the current /explanation/format.html link with the topics/format
URL and the /reference/examples.html link with the topics/examples URL) so the
description points to the non-versioned canonical pages that resolve to the
project's default/stable build.

@NickVolynkin
[apps,extra] Update all app versions after updating OpenAPI schemas
e3a4e28 
Signed-off-by: Nick Volynkin <nick.volynkin@gmail.com>
NickVolynkin added a commit to cozystack/website that referenced this pull request Aug 18, 2025
@NickVolynkin
[docs] Update managed apps reference
5f26768 
Changes from cozystack/cozystack#1333

Signed-off-by: Nick Volynkin <nick.volynkin@gmail.com>
@NickVolynkin NickVolynkin mentioned this pull request Aug 18, 2025
Merged
@kvaps kvaps merged commit 1743b5d into main Aug 18, 2025
20 checks passed
@kvaps kvaps deleted the update-app-docs branch August 18, 2025 17:06
NickVolynkin added a commit to cozystack/website that referenced this pull request Aug 21, 2025
@NickVolynkin
[docs] Update managed apps reference
2eb326c 
Changes from cozystack/cozystack#1333

Signed-off-by: Nick Volynkin <nick.volynkin@gmail.com>
NickVolynkin added a commit to cozystack/website that referenced this pull request Aug 21, 2025
@NickVolynkin
[docs] Update managed apps reference
e7ddc0f 
Changes from cozystack/cozystack#1333

Signed-off-by: Nick Volynkin <nick.volynkin@gmail.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@coderabbitai coderabbitai[bot] coderabbitai[bot] left review comments

@kvaps kvaps kvaps approved these changes

@lllamnyp lllamnyp Awaiting requested review from lllamnyp lllamnyp is a code owner

@klinch0 klinch0 Awaiting requested review from klinch0 klinch0 is a code owner

+1 more reviewer

@gemini-code-assist gemini-code-assist[bot] gemini-code-assist[bot] left review comments

Reviewers whose approvals may not affect merge requirements
Assignees

@NickVolynkin NickVolynkin

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@NickVolynkin @kvaps