Fix: The apply failure error is ignored when the workflow is executed (#4462)

Signed-off-by: yangsoon <songyang.song@alibaba-inc.com>
(cherry picked from commit b1d8e6c88b)

Co-authored-by: yangsoon <songyang.song@alibaba-inc.com>

.github/CODEOWNERS

@@ -1,14 +1,14 @@
 # This file is a github code protect rule follow the codeowners https://docs.github.com/en/github/creating-cloning-and-archiving-repositories/creating-a-repository-on-github/about-code-owners#example-of-a-codeowners-file
 
-*                                  @barnettZQG @wonderflow @leejanee
-design/                            @barnettZQG @leejanee @wonderflow
+*                                  @barnettZQG @wonderflow @leejanee @Somefive
+design/                            @barnettZQG @leejanee @wonderflow @Somefive
 
 # Owner of CUE
-pkg/cue                            @leejanee @FogDong
-pkg/stdlib                         @leejanee @FogDong
+pkg/cue                            @leejanee @FogDong @Somefive
+pkg/stdlib                         @leejanee @FogDong @Somefive
 
 # Owner of Workflow
-pkg/workflow                       @leejanee @FogDong
+pkg/workflow                       @leejanee @FogDong @Somefive
 
 # Owner of rollout
 pkg/controller/common/rollout/                              @wangyikewxgm @wonderflow
@@ -17,20 +17,20 @@ pkg/controller/standard.oam.dev/v1alpha1/rollout            @wangyikewxgm @wonde
 runtime/rollout                                             @wangyikewxgm @wonderflow
 
 # Owner of definition controller
-pkg/controller/core.oam.dev/v1alpha2/core/workflow/workflowstepdefinition  @yangsoon @Somefive
-pkg/controller/core.oam.dev/v1alpha2/core/policies/policydefinition        @yangsoon @Somefive
-pkg/controller/core.oam.dev/v1alpha2/core/components/componentdefinition   @yangsoon @zzxwill
-pkg/controller/core.oam.dev/v1alpha2/core/traits/traitdefinition           @yangsoon @zzxwill
+pkg/controller/core.oam.dev/v1alpha2/core/workflow/workflowstepdefinition  @yangsoon @Somefive @FogDong
+pkg/controller/core.oam.dev/v1alpha2/core/policies/policydefinition        @yangsoon @Somefive @FogDong
+pkg/controller/core.oam.dev/v1alpha2/core/components/componentdefinition   @yangsoon @zzxwill @Somefive
+pkg/controller/core.oam.dev/v1alpha2/core/traits/traitdefinition           @yangsoon @zzxwill @Somefive
 
 # Owner of health scope controller
-pkg/controller/core.oam.dev/v1alpha2/core/scopes/healthscope     @captainroy-hy @zzxwill
+pkg/controller/core.oam.dev/v1alpha2/core/scopes/healthscope     @captainroy-hy @zzxwill @yangsoon
 
 # Owner of vela templates
 vela-templates/                     @Somefive @barnettZQG @wonderflow
 
 # Owner of vela CLI
-references/cli/                     @Somefive @zzxwill 
+references/cli/                     @Somefive @zzxwill @StevenLeiZhang
 
 # Owner of vela APIServer
-pkg/apiserver/                     @barnettZQG @yangsoon
+pkg/apiserver/                     @barnettZQG @yangsoon @FogDong
 

.github/workflows/apiserver-test.yaml

@@ -1,4 +1,4 @@
-name: APIServer Unit Test & E2E Test
+name: VelaUX APIServer Test
 
 on:
   push:
@@ -32,7 +32,7 @@ jobs:
     steps:
       - name: Detect No-op Changes
         id: noop
-        uses: fkirc/skip-duplicate-actions@v3.3.0
+        uses: fkirc/skip-duplicate-actions@v4.0.0
         with:
           github_token: ${{ secrets.GITHUB_TOKEN }}
           paths_ignore: '["**.md", "**.mdx", "**.png", "**.jpg"]'
@@ -53,9 +53,59 @@ jobs:
             echo "::set-output name=matrix::${{ env.KIND_IMAGE_VERSION }}"
           fi
 
-
   apiserver-unit-tests:
-    runs-on: aliyun-legacy
+    runs-on: ubuntu-20.04
+    needs: detect-noop
+    if: needs.detect-noop.outputs.noop != 'true'
+
+    steps:
+      - name: Set up Go
+        uses: actions/setup-go@v1
+        with:
+          go-version: ${{ env.GO_VERSION }}
+        id: go
+
+      - name: Check out code into the Go module directory
+        uses: actions/checkout@v2
+        with:
+          submodules: true
+
+      - name: Cache Go Dependencies
+        uses: actions/cache@v2
+        with:
+          path: .work/pkg
+          key: ${{ runner.os }}-pkg-${{ hashFiles('**/go.sum') }}
+          restore-keys: ${{ runner.os }}-pkg-
+
+      - name: Install ginkgo
+        run: |
+          sudo apt-get install -y golang-ginkgo-dev
+
+      - name: Start MongoDB
+        uses: supercharge/mongodb-github-action@1.7.0
+        with:
+          mongodb-version: '5.0'
+
+      - name: install Kubebuilder
+        uses: RyanSiu1995/kubebuilder-action@v1.2
+        with:
+          version: 3.1.0
+          kubebuilderOnly: false
+          kubernetesVersion: v1.21.2
+
+      - name: Run api server unit test
+        run: make unit-test-apiserver
+
+      - name: Upload coverage report
+        uses: codecov/codecov-action@v1
+        with:
+          token: ${{ secrets.CODECOV_TOKEN }}
+          file: ./coverage.txt
+          flags: apiserver-unittests
+          name: codecov-umbrella
+
+  apiserver-e2e-tests:
+    runs-on: aliyun
     needs: [ detect-noop,set-k8s-matrix ]
     if: needs.detect-noop.outputs.noop != 'true'
     strategy:
@@ -99,9 +149,6 @@ jobs:
           kind create cluster --image kindest/node:${{ matrix.k8s-version }}
           kubectl version
           kubectl cluster-info
-      
-      - name: Run api server unit test
-        run: make unit-test-apiserver
 
       - name: Load Image to kind cluster
         run: make kind-load
@@ -131,8 +178,8 @@ jobs:
         uses: codecov/codecov-action@v1
         with:
           token: ${{ secrets.CODECOV_TOKEN }}
-          files: ./coverage.txt,/tmp/e2e_apiserver_test.out
-          flags: apiserver-unittests
+          files: /tmp/e2e_apiserver_test.out
+          flags: apiserver-e2etests
           name: codecov-umbrella
 
       - name: Clean e2e profile

.github/workflows/e2e-multicluster-test.yml

@@ -30,7 +30,7 @@ jobs:
     steps:
       - name: Detect No-op Changes
         id: noop
-        uses: fkirc/skip-duplicate-actions@v3.3.0
+        uses: fkirc/skip-duplicate-actions@v4.0.0
         with:
           github_token: ${{ secrets.GITHUB_TOKEN }}
           paths_ignore: '["**.md", "**.mdx", "**.png", "**.jpg"]'
@@ -53,7 +53,7 @@ jobs:
 
 
   e2e-multi-cluster-tests:
-    runs-on: aliyun-legacy
+    runs-on: aliyun
     needs: [ detect-noop,set-k8s-matrix ]
     if: needs.detect-noop.outputs.noop != 'true'
     strategy:
@@ -97,9 +97,7 @@ jobs:
           kubectl cluster-info
 
       - name: Load Image to kind cluster (Hub)
-        run: |
-          make kind-load
-          make kind-load-runtime-cluster
+        run: make kind-load
 
       - name: Cleanup for e2e tests
         run: |

.github/workflows/e2e-rollout-test.yml

@@ -30,7 +30,7 @@ jobs:
     steps:
       - name: Detect No-op Changes
         id: noop
-        uses: fkirc/skip-duplicate-actions@v3.3.0
+        uses: fkirc/skip-duplicate-actions@v4.0.0
         with:
           github_token: ${{ secrets.GITHUB_TOKEN }}
           paths_ignore: '["**.md", "**.mdx", "**.png", "**.jpg"]'
@@ -52,7 +52,7 @@ jobs:
           fi
 
   e2e-rollout-tests:
-    runs-on: aliyun-legacy
+    runs-on: aliyun
     needs: [ detect-noop,set-k8s-matrix ]
     if: needs.detect-noop.outputs.noop != 'true'
     strategy:

.github/workflows/e2e-test.yml

@@ -30,7 +30,7 @@ jobs:
     steps:
       - name: Detect No-op Changes
         id: noop
-        uses: fkirc/skip-duplicate-actions@v3.3.0
+        uses: fkirc/skip-duplicate-actions@v4.0.0
         with:
           github_token: ${{ secrets.GITHUB_TOKEN }}
           paths_ignore: '["**.md", "**.mdx", "**.png", "**.jpg"]'
@@ -52,7 +52,7 @@ jobs:
           fi
 
   e2e-tests:
-    runs-on: aliyun-legacy
+    runs-on: aliyun
     needs: [ detect-noop,set-k8s-matrix ]
     if: needs.detect-noop.outputs.noop != 'true'
     strategy:

.github/workflows/go.yml

@@ -26,7 +26,7 @@ jobs:
     steps:
       - name: Detect No-op Changes
         id: noop
-        uses: fkirc/skip-duplicate-actions@v3.3.0
+        uses: fkirc/skip-duplicate-actions@v4.0.0
         with:
           github_token: ${{ secrets.GITHUB_TOKEN }}
           paths_ignore: '["**.md", "**.mdx", "**.png", "**.jpg"]'
@@ -98,7 +98,7 @@ jobs:
           version: ${{ env.GOLANGCI_VERSION }}
 
   check-diff:
-    runs-on: aliyun-legacy
+    runs-on: aliyun
     needs: detect-noop
     if: needs.detect-noop.outputs.noop != 'true'
 

.github/workflows/issue-commands.yml

@@ -7,7 +7,7 @@ on:
 
 jobs:
   bot:
-    runs-on: ubuntu-latest
+    runs-on: ubuntu-20.04
     steps:
       - name: Checkout Actions
         uses: actions/checkout@v2
@@ -15,7 +15,13 @@ jobs:
           repository: "oam-dev/kubevela-github-actions"
           path: ./actions
           ref: v0.4.2
-      - name: Install Actions
+      - name: Setup Node.js
+        uses: actions/setup-node@v3
+        with:
+          node-version: '14'
+          cache: 'npm'
+          cache-dependency-path: ./actions/package-lock.json
+      - name: Install Dependencies
         run: npm ci --production --prefix ./actions
       - name: Run Commands
         uses: ./actions/commands

.github/workflows/registry.yml

@@ -167,6 +167,25 @@ jobs:
             docker.io/oamdev/vela-rollout:${{ steps.get_version.outputs.VERSION }}
             ghcr.io/${{ github.repository_owner }}/oamdev/vela-rollout:${{ steps.get_version.outputs.VERSION }}
             ${{ secrets.ACR_DOMAIN }}/oamdev/vela-rollout:${{ steps.get_version.outputs.VERSION }}
+      
+      - uses: docker/build-push-action@v2
+        name: Build & Pushing CloudShell for Dockerhub, GHCR and ACR
+        with:
+          context: .
+          file: Dockerfile.cloudshell
+          labels: |-
+            org.opencontainers.image.source=https://github.com/${{ github.repository }}
+            org.opencontainers.image.revision=${{ github.sha }}
+          platforms: linux/amd64,linux/arm64
+          push: ${{ github.event_name != 'pull_request' }}
+          build-args: |
+            GITVERSION=git-${{ steps.vars.outputs.git_revision }}
+            VERSION=${{ steps.get_version.outputs.VERSION }}
+            GOPROXY=https://proxy.golang.org
+          tags: |-
+            docker.io/oamdev/cloudshell:${{ steps.get_version.outputs.VERSION }}
+            ghcr.io/${{ github.repository_owner }}/oamdev/cloudshell:${{ steps.get_version.outputs.VERSION }}
+            ${{ secrets.ACR_DOMAIN }}/oamdev/cloudshell:${{ steps.get_version.outputs.VERSION }}
 
   publish-capabilities:
     env:

.github/workflows/timed-task.yml

@@ -4,7 +4,7 @@ on:
     - cron: '* * * * *'
 jobs:
   clean-image:
-    runs-on: aliyun-legacy
+    runs-on: aliyun
     steps:
       - name: Cleanup image
         run: docker image prune -f

.github/workflows/unit-test.yml

@@ -26,7 +26,7 @@ jobs:
     steps:
       - name: Detect No-op Changes
         id: noop
-        uses: fkirc/skip-duplicate-actions@v3.3.0
+        uses: fkirc/skip-duplicate-actions@v4.0.0
         with:
           github_token: ${{ secrets.GITHUB_TOKEN }}
           paths_ignore: '["**.md", "**.mdx", "**.png", "**.jpg"]'

.gitignore

@@ -1,4 +1,4 @@
-# Binaries for programs and plugins
+# Binaries for programs and docgen
 *.exe
 *.exe~
 *.dll
@@ -7,6 +7,7 @@
 bin
 _bin
 e2e/vela
+vela
 
 # Test binary, build with `go test -c`
 *.test
@@ -49,4 +50,5 @@ tmp/
 git-page/
 
 # e2e rollout runtime image build
-runtime/rollout/e2e/tmp
+runtime/rollout/e2e/tmp
+vela.json

CHANGELOG/CHANGELOG-1.0.md

@@ -15,7 +15,7 @@ This is a minor fix for release-1.0, please refer to release-1.1.x for the lates
 # v1.0.5
 
 1. Fix Terraform application status issue (#1611)
-2. applicaiton supports specifying different versions of Definition (#1597)
+2. application supports specifying different versions of Definition (#1597)
 3. Enable Dynamic Admission Control for Application (#1619)
 4. Update inner samples for "vela show xxx --web" (#1616)
 5. fix empty rolloutBatch will panic whole controller bug (#1646)

CHANGELOG/CHANGELOG-1.2.md

@@ -31,7 +31,7 @@
 ## What's Changed
 
 * Fix: can't query data from the MongoDB by @barnettZQG in https://github.com/oam-dev/kubevela/pull/3095
-* Fix: use personel token of vela-bot instead of github token for homebrew update by @wonderflow in https://github.com/oam-dev/kubevela/pull/3096
+* Fix: use personal token of vela-bot instead of github token for homebrew update by @wonderflow in https://github.com/oam-dev/kubevela/pull/3096
 * Fix: acr image no version by @wangyikewxgm in https://github.com/oam-dev/kubevela/pull/3100
 * Fix: support generate cloud resource docs in Chinese by @zzxwill in https://github.com/oam-dev/kubevela/pull/3079
 * Fix: clear old data in mongodb unit test case by @barnettZQG in https://github.com/oam-dev/kubevela/pull/3103

Dockerfile.cli

@@ -40,4 +40,5 @@ WORKDIR /
 
 ARG TARGETARCH
 COPY --from=builder /workspace/vela-${TARGETARCH} /vela
+COPY /vela /bin/
 ENTRYPOINT ["/vela"]

Dockerfile.cloudshell

@@ -0,0 +1,31 @@
+ARG BASE_IMAGE
+# Build the cli binary
+FROM --platform=${BUILDPLATFORM:-linux/amd64} golang:1.17-alpine as builder
+ARG GOPROXY
+ENV GOPROXY=${GOPROXY:-https://goproxy.cn}
+WORKDIR /workspace
+# Copy the Go Modules manifests
+COPY go.mod go.mod
+COPY go.sum go.sum
+# cache deps before building and copying source so that we don't need to re-download as much
+# and so that source changes don't invalidate our downloaded layer
+RUN go mod download
+
+# Copy the go source
+COPY apis/ apis/
+COPY pkg/ pkg/
+COPY version/ version/
+COPY references/ references/
+
+# Build
+ARG VERSION
+ARG GITVERSION
+
+RUN GO111MODULE=on CGO_ENABLED=0 GOOS=linux GOARCH=amd64 \
+    go build -a -ldflags "-s -w -X github.com/oam-dev/kubevela/version.VelaVersion=${VERSION:-undefined} -X github.com/oam-dev/kubevela/version.GitRevision=${GITVERSION:-undefined}" \
+    -o vela ./references/cmd/cli/main.go
+
+FROM ghcr.io/cloudtty/cloudshell:v0.2.0
+RUN apt-get install -y vim
+ENV API_TOKEN_PATH=/usr/local/kubeconfig/token
+COPY --from=builder /workspace/vela  /usr/local/bin/vela

Makefile

@@ -14,7 +14,7 @@ test: vet lint staticcheck unit-test-core test-cli-gen
 
 test-cli-gen: 
 	mkdir -p ./bin/doc
-	go run ./hack/docgen/gen.go ./bin/doc
+	go run ./hack/docgen/cli/gen.go ./bin/doc
 unit-test-core:
 	go test -coverprofile=coverage.txt $(shell go list ./pkg/... ./cmd/... ./apis/... | grep -v apiserver | grep -v applicationconfiguration)
 	go test $(shell go list ./references/... | grep -v apiserver)
@@ -83,17 +83,15 @@ endif
 
 
 # load docker image to the kind cluster
-kind-load: kind-load-rollout
+kind-load: kind-load-runtime-cluster
 	docker build -t $(VELA_CORE_TEST_IMAGE) -f Dockerfile.e2e .
 	kind load docker-image $(VELA_CORE_TEST_IMAGE) || { echo >&2 "kind not installed or error loading image: $(VELA_CORE_TEST_IMAGE)"; exit 1; }
 
-kind-load-rollout:
+kind-load-runtime-cluster:
 	/bin/sh hack/e2e/build_runtime_rollout.sh
 	docker build -t $(VELA_RUNTIME_ROLLOUT_TEST_IMAGE) -f runtime/rollout/e2e/Dockerfile.e2e runtime/rollout/e2e/
 	rm -rf runtime/rollout/e2e/tmp
 	kind load docker-image $(VELA_RUNTIME_ROLLOUT_TEST_IMAGE)  || { echo >&2 "kind not installed or error loading image: $(VELA_RUNTIME_ROLLOUT_TEST_IMAGE)"; exit 1; }
-
-kind-load-runtime-cluster:
 	kind load docker-image $(VELA_RUNTIME_ROLLOUT_TEST_IMAGE) --name=$(RUNTIME_CLUSTER_NAME)  || { echo >&2 "kind not installed or error loading image: $(VELA_RUNTIME_ROLLOUT_TEST_IMAGE)"; exit 1; }
 
 # Run tests

README.md

@@ -21,23 +21,29 @@
 
 KubeVela is a modern application delivery platform that makes deploying and operating applications across today's hybrid, multi-cloud environments easier, faster and more reliable.
 
-![](docs/resources/what-is-kubevela.png)
+![kubevela](docs/resources/what-is-kubevela.png)
 
 ## Highlights
 
 KubeVela practices the "render, orchestrate, deploy" workflow with below highlighted values added to existing ecosystem:
 
-- *Application Centric* - KubeVela introduces [Open Application Model (OAM)](https://oam.dev/) as the consistent yet higher level API to capture and render a full deployment of microservices on top of hybrid environments. Placement strategy, traffic shifting and rolling update are declared at application level. No infrastructure level concern, simply deploy.
+* Deployment as Code
 
-- *Programmable Workflow* - KubeVela models application delivery as DAG (Directed Acyclic Graph) and expresses it with [CUE](https://cuelang.org/) - a modern data configuration language. This allows you to design application deployment steps per needs and orchestrate them in programmable approach. No restrictions, natively extensible.
+Declare your deployment plan as workflow, run it automatically with any CI/CD or GitOps system, extend or re-program the workflow steps with CUE. No add-hoc scripts, no dirty glue code, just deploy. The deployment workflow in KubeVela is powered by [Open Application Model](https://oam.dev/).
 
-- *Infrastructure Agnostic* - KubeVela works as an application delivery control plane that is fully decoupled from runtime infrastructure. It can deploy any workload types including containers, cloud services, databases, or even VM instances to any cloud or Kubernetes cluster, following the workflow designed by you.
+* Built-in security and compliance building blocks
+
+Choose from the wide range of LDAP integrations we provided out-of-box, enjoy multi-cluster authorization that is fully automated, pick and apply fine-grained RBAC modules and customize them per your own supply chain requirements.
+
+* Multi-cloud/hybrid-environments app delivery as first-class citizen
+
+Progressive rollout across test/staging/production environments, automatic canary, blue-green and continuous verification, rich placement strategy across clusters and clouds, fully managed cloud environments provision.
 
 ## Getting Started
 
-- [Introduction](https://kubevela.io/docs)
-- [Installation](https://kubevela.io/docs/install)
-- [Design Your First Deployment Plan](https://kubevela.io/docs/quick-start)
+* [Introduction](https://kubevela.io/docs)
+* [Installation](https://kubevela.io/docs/install)
+* [Deploy Your Application](https://kubevela.io/docs/quick-start)
 
 ## Documentation
 
@@ -49,7 +55,7 @@ Official blog is available on [KubeVela blog](https://kubevela.io/blog).
 
 ## Community
 
-We want your contributions and suggestions! 
+We want your contributions and suggestions!
 One of the easiest ways to contribute is to participate in discussions on the Github Issues/Discussion, chat on IM or the bi-weekly community calls.
 For more information on the community engagement, developer and contributing guidelines and more, head over to the [KubeVela community repo](https://github.com/kubevela/community).
 
@@ -69,23 +75,17 @@ Every two weeks we host a community call to showcase new features, review upcomi
 
 - Bi-weekly Community Call:
   - [Meeting Notes](https://docs.google.com/document/d/1nqdFEyULekyksFHtFvgvFAYE-0AMHKoS3RMnaKsarjs).
-  - [Video Records](https://kubevela.io/videos/meetings/en/meetings).
+  - [Video Records](https://www.youtube.com/channel/UCSCTHhGI5XJ0SEhDHVakPAA/videos).
 - Bi-weekly Chinese Community Call:
-  - [Video Records](https://kubevela.io/videos/meetings/cn/v1.3).
+  - [Video Records](https://space.bilibili.com/180074935/channel/seriesdetail?sid=1842207).
 
 ## Talks and Conferences
 
-| Engagement | Link        |
-|:-----------|:------------|
-| 🎤  Talks | - [KubeVela - The Modern App Delivery System in Alibaba](https://docs.google.com/presentation/d/1CWCLcsKpDQB3bBDTfdv2BZ8ilGGJv2E8L-iOA5HMrV0/edit?usp=sharing) |
-| 🌎 KubeCon | - [ [NA 2020] Standardizing Cloud Native Application Delivery Across Different Clouds](https://www.youtube.com/watch?v=0yhVuBIbHcI) <br> - [ [EU 2021] Zero Pain Microservice Development and Deployment with Dapr and KubeVela](https://sched.co/iE4S) |
-| 📺 Conferences | - [Dapr, Rudr, OAM: Mark Russinovich presents next gen app development & deployment](https://www.youtube.com/watch?v=eJCu6a-x9uo) <br> - [Mark Russinovich presents "The Future of Cloud Native Applications with OAM and Dapr"](https://myignite.techcommunity.microsoft.com/sessions/82059)|
-
-For more talks, please checkout [KubeVela Talks](https://kubevela.io/videos/talks/en/standardizing-app).
+Check out [KubeVela videos](https://kubevela.io/videos/talks/en/oam-dapr) for these talks and conferences.
 
 ## Contributing
 
-Check out [CONTRIBUTING](./CONTRIBUTING.md) to see how to develop with KubeVela.
+Check out [CONTRIBUTING](https://kubevela.io/docs/contributor/overview) to see how to develop with KubeVela.
 
 ## Report Vulnerability
 

apis/core.oam.dev/common/types.go

@@ -216,19 +216,19 @@ type WorkflowState string
 
 const (
 	// WorkflowStateInitializing means the workflow is in initial state
-	WorkflowStateInitializing WorkflowState = "initializing"
+	WorkflowStateInitializing WorkflowState = "Initializing"
 	// WorkflowStateTerminated means workflow is terminated manually, and it won't be started unless the spec changed.
-	WorkflowStateTerminated WorkflowState = "terminated"
+	WorkflowStateTerminated WorkflowState = "Terminated"
 	// WorkflowStateSuspended means workflow is suspended manually, and it can be resumed.
-	WorkflowStateSuspended WorkflowState = "suspended"
+	WorkflowStateSuspended WorkflowState = "Suspended"
 	// WorkflowStateSucceeded means workflow is running successfully, all steps finished.
 	WorkflowStateSucceeded WorkflowState = "Succeeded"
 	// WorkflowStateFinished means workflow is end.
-	WorkflowStateFinished WorkflowState = "finished"
+	WorkflowStateFinished WorkflowState = "Finished"
 	// WorkflowStateExecuting means workflow is still running or waiting some steps.
-	WorkflowStateExecuting WorkflowState = "executing"
+	WorkflowStateExecuting WorkflowState = "Executing"
 	// WorkflowStateSkipping means it will skip this reconcile and let next reconcile to handle it.
-	WorkflowStateSkipping WorkflowState = "skipping"
+	WorkflowStateSkipping WorkflowState = "Skipping"
 )
 
 // ApplicationComponentStatus record the health status of App component
@@ -342,6 +342,8 @@ type WorkflowStep struct {
 
 	Type string `json:"type"`
 
+	Meta *WorkflowStepMeta `json:"meta,omitempty"`
+
 	// +kubebuilder:pruning:PreserveUnknownFields
 	Properties *runtime.RawExtension `json:"properties,omitempty"`
 
@@ -349,6 +351,8 @@ type WorkflowStep struct {
 
 	If string `json:"if,omitempty"`
 
+	Timeout string `json:"timeout,omitempty"`
+
 	DependsOn []string `json:"dependsOn,omitempty"`
 
 	Inputs StepInputs `json:"inputs,omitempty"`
@@ -356,6 +360,11 @@ type WorkflowStep struct {
 	Outputs StepOutputs `json:"outputs,omitempty"`
 }
 
+// WorkflowStepMeta contains the meta data of a workflow step
+type WorkflowStepMeta struct {
+	Alias string `json:"alias,omitempty"`
+}
+
 // WorkflowSubStep defines how to execute a workflow subStep.
 type WorkflowSubStep struct {
 	// Name is the unique name of the workflow step.
@@ -363,11 +372,15 @@ type WorkflowSubStep struct {
 
 	Type string `json:"type"`
 
+	Meta *WorkflowStepMeta `json:"meta,omitempty"`
+
 	// +kubebuilder:pruning:PreserveUnknownFields
 	Properties *runtime.RawExtension `json:"properties,omitempty"`
 
 	If string `json:"if,omitempty"`
 
+	Timeout string `json:"timeout,omitempty"`
+
 	DependsOn []string `json:"dependsOn,omitempty"`
 
 	Inputs StepInputs `json:"inputs,omitempty"`
@@ -407,6 +420,8 @@ const (
 	WorkflowStepPhaseStopped WorkflowStepPhase = "stopped"
 	// WorkflowStepPhaseRunning will make the controller continue the workflow.
 	WorkflowStepPhaseRunning WorkflowStepPhase = "running"
+	// WorkflowStepPhasePending will make the controller wait for the step to run.
+	WorkflowStepPhasePending WorkflowStepPhase = "pending"
 )
 
 // DefinitionType describes the type of DefinitionRevision.

apis/core.oam.dev/common/zz_generated.deepcopy.go

@@ -684,6 +684,11 @@ func (in *WorkflowStatus) DeepCopy() *WorkflowStatus {
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
 func (in *WorkflowStep) DeepCopyInto(out *WorkflowStep) {
 	*out = *in
+	if in.Meta != nil {
+		in, out := &in.Meta, &out.Meta
+		*out = new(WorkflowStepMeta)
+		**out = **in
+	}
 	if in.Properties != nil {
 		in, out := &in.Properties, &out.Properties
 		*out = new(runtime.RawExtension)
@@ -723,6 +728,21 @@ func (in *WorkflowStep) DeepCopy() *WorkflowStep {
 	return out
 }
 
+// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
+func (in *WorkflowStepMeta) DeepCopyInto(out *WorkflowStepMeta) {
+	*out = *in
+}
+
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new WorkflowStepMeta.
+func (in *WorkflowStepMeta) DeepCopy() *WorkflowStepMeta {
+	if in == nil {
+		return nil
+	}
+	out := new(WorkflowStepMeta)
+	in.DeepCopyInto(out)
+	return out
+}
+
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
 func (in *WorkflowStepStatus) DeepCopyInto(out *WorkflowStepStatus) {
 	*out = *in
@@ -749,6 +769,11 @@ func (in *WorkflowStepStatus) DeepCopy() *WorkflowStepStatus {
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
 func (in *WorkflowSubStep) DeepCopyInto(out *WorkflowSubStep) {
 	*out = *in
+	if in.Meta != nil {
+		in, out := &in.Meta, &out.Meta
+		*out = new(WorkflowStepMeta)
+		**out = **in
+	}
 	if in.Properties != nil {
 		in, out := &in.Properties, &out.Properties
 		*out = new(runtime.RawExtension)

apis/core.oam.dev/v1alpha1/component_types.go

@@ -25,6 +25,8 @@ const (
 type RefObjectsComponentSpec struct {
 	// Objects the referrers to the Kubernetes objects
 	Objects []ObjectReferrer `json:"objects,omitempty"`
+	// URLs are the links that stores the referred objects
+	URLs []string `json:"urls,omitempty"`
 }
 
 // ObjectReferrer selects Kubernetes objects

apis/core.oam.dev/v1alpha1/garbagecollect_types.go

@@ -18,6 +18,7 @@ package v1alpha1
 
 import (
 	"k8s.io/apimachinery/pkg/apis/meta/v1/unstructured"
+	"k8s.io/utils/strings/slices"
 
 	"github.com/oam-dev/kubevela/pkg/oam"
 )
@@ -66,6 +67,29 @@ type ResourcePolicyRuleSelector struct {
 	OAMResourceTypes []string `json:"oamTypes"`
 	TraitTypes       []string `json:"traitTypes"`
 	ResourceTypes    []string `json:"resourceTypes"`
+	ResourceNames    []string `json:"resourceNames"`
+}
+
+// Match check if current rule selector match the target resource
+func (in *ResourcePolicyRuleSelector) Match(manifest *unstructured.Unstructured) bool {
+	var compName, compType, oamType, traitType, resourceType, resourceName string
+	if labels := manifest.GetLabels(); labels != nil {
+		compName = labels[oam.LabelAppComponent]
+		compType = labels[oam.WorkloadTypeLabel]
+		oamType = labels[oam.LabelOAMResourceType]
+		traitType = labels[oam.TraitTypeLabel]
+	}
+	resourceType = manifest.GetKind()
+	resourceName = manifest.GetName()
+	match := func(src []string, val string) (found bool) {
+		return val != "" && slices.Contains(src, val)
+	}
+	return match(in.CompNames, compName) ||
+		match(in.CompTypes, compType) ||
+		match(in.OAMResourceTypes, oamType) ||
+		match(in.TraitTypes, traitType) ||
+		match(in.ResourceTypes, resourceType) ||
+		match(in.ResourceNames, resourceName)
 }
 
 // GarbageCollectStrategy the strategy for target resource to recycle
@@ -84,23 +108,7 @@ const (
 // FindStrategy find gc strategy for target resource
 func (in GarbageCollectPolicySpec) FindStrategy(manifest *unstructured.Unstructured) *GarbageCollectStrategy {
 	for _, rule := range in.Rules {
-		var compName, compType, oamType, traitType string
-		if labels := manifest.GetLabels(); labels != nil {
-			compName = labels[oam.LabelAppComponent]
-			compType = labels[oam.WorkloadTypeLabel]
-			oamType = labels[oam.LabelOAMResourceType]
-			traitType = labels[oam.TraitTypeLabel]
-		}
-		match := func(src []string, val string) (found bool) {
-			for _, _val := range src {
-				found = found || _val == val
-			}
-			return val != "" && found
-		}
-		if match(rule.Selector.CompNames, compName) ||
-			match(rule.Selector.CompTypes, compType) ||
-			match(rule.Selector.OAMResourceTypes, oamType) ||
-			match(rule.Selector.TraitTypes, traitType) {
+		if rule.Selector.Match(manifest) {
 			return &rule.Strategy
 		}
 	}

apis/core.oam.dev/v1alpha1/policy_types.go

@@ -16,6 +16,8 @@ limitations under the License.
 
 package v1alpha1
 
+import "k8s.io/apimachinery/pkg/apis/meta/v1/unstructured"
+
 const (
 	// TopologyPolicyType refers to the type of topology policy
 	TopologyPolicyType = "topology"
@@ -23,6 +25,8 @@ const (
 	OverridePolicyType = "override"
 	// DebugPolicyType refers to the type of debug policy
 	DebugPolicyType = "debug"
+	// SharedResourcePolicyType refers to the type of shared resource policy
+	SharedResourcePolicyType = "shared-resource"
 )
 
 // TopologyPolicySpec defines the spec of topology policy
@@ -53,3 +57,23 @@ type OverridePolicySpec struct {
 	Components []EnvComponentPatch `json:"components,omitempty"`
 	Selector   []string            `json:"selector,omitempty"`
 }
+
+// SharedResourcePolicySpec defines the spec of shared-resource policy
+type SharedResourcePolicySpec struct {
+	Rules []SharedResourcePolicyRule `json:"rules"`
+}
+
+// SharedResourcePolicyRule defines the rule for sharing resources
+type SharedResourcePolicyRule struct {
+	Selector ResourcePolicyRuleSelector `json:"selector"`
+}
+
+// FindStrategy return if the target resource should be shared
+func (in SharedResourcePolicySpec) FindStrategy(manifest *unstructured.Unstructured) bool {
+	for _, rule := range in.Rules {
+		if rule.Selector.Match(manifest) {
+			return true
+		}
+	}
+	return false
+}

apis/core.oam.dev/v1alpha1/policy_types_test.go

@@ -0,0 +1,69 @@
+/*
+Copyright 2022 The KubeVela Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+	http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package v1alpha1
+
+import (
+	"testing"
+
+	"github.com/stretchr/testify/require"
+	"k8s.io/apimachinery/pkg/apis/meta/v1/unstructured"
+)
+
+func TestSharedResourcePolicySpec_FindStrategy(t *testing.T) {
+	testCases := map[string]struct {
+		rules   []SharedResourcePolicyRule
+		input   *unstructured.Unstructured
+		matched bool
+	}{
+		"shared resource rule resourceName match": {
+			rules: []SharedResourcePolicyRule{{
+				Selector: ResourcePolicyRuleSelector{ResourceNames: []string{"example"}},
+			}},
+			input: &unstructured.Unstructured{Object: map[string]interface{}{
+				"metadata": map[string]interface{}{
+					"name": "example",
+				},
+			}},
+			matched: true,
+		},
+		"shared resource rule resourceType match": {
+			rules: []SharedResourcePolicyRule{{
+				Selector: ResourcePolicyRuleSelector{ResourceTypes: []string{"ConfigMap", "Namespace"}},
+			}},
+			input: &unstructured.Unstructured{Object: map[string]interface{}{
+				"kind": "Namespace",
+			}},
+			matched: true,
+		},
+		"shared resource rule mismatch": {
+			rules: []SharedResourcePolicyRule{{
+				Selector: ResourcePolicyRuleSelector{ResourceNames: []string{"mismatch"}},
+			}},
+			input: &unstructured.Unstructured{Object: map[string]interface{}{
+				"kind": "Namespace",
+			}},
+			matched: false,
+		},
+	}
+	for name, tc := range testCases {
+		t.Run(name, func(t *testing.T) {
+			r := require.New(t)
+			spec := SharedResourcePolicySpec{Rules: tc.rules}
+			r.Equal(tc.matched, spec.FindStrategy(tc.input))
+		})
+	}
+}

apis/core.oam.dev/v1alpha1/zz_generated.deepcopy.go

@@ -595,6 +595,11 @@ func (in *RefObjectsComponentSpec) DeepCopyInto(out *RefObjectsComponentSpec) {
 			(*in)[i].DeepCopyInto(&(*out)[i])
 		}
 	}
+	if in.URLs != nil {
+		in, out := &in.URLs, &out.URLs
+		*out = make([]string, len(*in))
+		copy(*out, *in)
+	}
 }
 
 // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new RefObjectsComponentSpec.
@@ -635,6 +640,11 @@ func (in *ResourcePolicyRuleSelector) DeepCopyInto(out *ResourcePolicyRuleSelect
 		*out = make([]string, len(*in))
 		copy(*out, *in)
 	}
+	if in.ResourceNames != nil {
+		in, out := &in.ResourceNames, &out.ResourceNames
+		*out = make([]string, len(*in))
+		copy(*out, *in)
+	}
 }
 
 // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ResourcePolicyRuleSelector.
@@ -647,6 +657,44 @@ func (in *ResourcePolicyRuleSelector) DeepCopy() *ResourcePolicyRuleSelector {
 	return out
 }
 
+// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
+func (in *SharedResourcePolicyRule) DeepCopyInto(out *SharedResourcePolicyRule) {
+	*out = *in
+	in.Selector.DeepCopyInto(&out.Selector)
+}
+
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new SharedResourcePolicyRule.
+func (in *SharedResourcePolicyRule) DeepCopy() *SharedResourcePolicyRule {
+	if in == nil {
+		return nil
+	}
+	out := new(SharedResourcePolicyRule)
+	in.DeepCopyInto(out)
+	return out
+}
+
+// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
+func (in *SharedResourcePolicySpec) DeepCopyInto(out *SharedResourcePolicySpec) {
+	*out = *in
+	if in.Rules != nil {
+		in, out := &in.Rules, &out.Rules
+		*out = make([]SharedResourcePolicyRule, len(*in))
+		for i := range *in {
+			(*in)[i].DeepCopyInto(&(*out)[i])
+		}
+	}
+}
+
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new SharedResourcePolicySpec.
+func (in *SharedResourcePolicySpec) DeepCopy() *SharedResourcePolicySpec {
+	if in == nil {
+		return nil
+	}
+	out := new(SharedResourcePolicySpec)
+	in.DeepCopyInto(out)
+	return out
+}
+
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
 func (in *TopologyPolicySpec) DeepCopyInto(out *TopologyPolicySpec) {
 	*out = *in

apis/core.oam.dev/v1beta1/application_types.go

@@ -54,8 +54,15 @@ type WorkflowStep common.WorkflowStep
 
 // Workflow defines workflow steps and other attributes
 type Workflow struct {
-	Ref   string         `json:"ref,omitempty"`
-	Steps []WorkflowStep `json:"steps,omitempty"`
+	Ref   string               `json:"ref,omitempty"`
+	Mode  *WorkflowExecuteMode `json:"mode,omitempty"`
+	Steps []WorkflowStep       `json:"steps,omitempty"`
+}
+
+// WorkflowExecuteMode defines the mode of workflow execution
+type WorkflowExecuteMode struct {
+	Steps    common.WorkflowMode `json:"steps,omitempty"`
+	SubSteps common.WorkflowMode `json:"subSteps,omitempty"`
 }
 
 // ApplicationSpec is the spec of Application

apis/core.oam.dev/v1beta1/zz_generated.deepcopy.go

@@ -927,6 +927,11 @@ func (in *TraitDefinitionStatus) DeepCopy() *TraitDefinitionStatus {
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
 func (in *Workflow) DeepCopyInto(out *Workflow) {
 	*out = *in
+	if in.Mode != nil {
+		in, out := &in.Mode, &out.Mode
+		*out = new(WorkflowExecuteMode)
+		**out = **in
+	}
 	if in.Steps != nil {
 		in, out := &in.Steps, &out.Steps
 		*out = make([]WorkflowStep, len(*in))
@@ -946,9 +951,29 @@ func (in *Workflow) DeepCopy() *Workflow {
 	return out
 }
 
+// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
+func (in *WorkflowExecuteMode) DeepCopyInto(out *WorkflowExecuteMode) {
+	*out = *in
+}
+
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new WorkflowExecuteMode.
+func (in *WorkflowExecuteMode) DeepCopy() *WorkflowExecuteMode {
+	if in == nil {
+		return nil
+	}
+	out := new(WorkflowExecuteMode)
+	in.DeepCopyInto(out)
+	return out
+}
+
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
 func (in *WorkflowStep) DeepCopyInto(out *WorkflowStep) {
 	*out = *in
+	if in.Meta != nil {
+		in, out := &in.Meta, &out.Meta
+		*out = new(common.WorkflowStepMeta)
+		**out = **in
+	}
 	if in.Properties != nil {
 		in, out := &in.Properties, &out.Properties
 		*out = new(runtime.RawExtension)

apis/types/capability.go

@@ -80,6 +80,8 @@ const (
 	OpenapiV3JSONSchema string = "openapi-v3-json-schema"
 	// UISchema is the key to store ui custom schema
 	UISchema string = "ui-schema"
+	// VelaQLConfigmapKey is the key to store velaql view
+	VelaQLConfigmapKey string = "template"
 )
 
 // CapabilityCategory defines the category of a capability
@@ -163,6 +165,7 @@ type Capability struct {
 	Center         string             `json:"center,omitempty"`
 	Status         string             `json:"status,omitempty"`
 	Description    string             `json:"description,omitempty"`
+	Example        string             `json:"example,omitempty"`
 	Labels         map[string]string  `json:"labels,omitempty"`
 	Category       CapabilityCategory `json:"category,omitempty"`
 

apis/types/types.go

@@ -48,6 +48,8 @@ var DefaultKubeVelaNS = "vela-system"
 const (
 	// AnnoDefinitionDescription is the annotation which describe what is the capability used for in a WorkloadDefinition/TraitDefinition Object
 	AnnoDefinitionDescription = "definition.oam.dev/description"
+	// AnnoDefinitionExampleURL is the annotation which describe url of usage examples of the capability, it will be loaded in documentation generate.
+	AnnoDefinitionExampleURL = "definition.oam.dev/example-url"
 	// AnnoDefinitionAlias is the annotation for definition alias
 	AnnoDefinitionAlias = "definition.oam.dev/alias"
 	// AnnoDefinitionIcon is the annotation which describe the icon url
@@ -70,6 +72,8 @@ const (
 	AnnoIngressControllerHTTPSPort = "ingress.controller/https-port"
 	// AnnoIngressControllerHTTPPort define ingress controller listen port for http
 	AnnoIngressControllerHTTPPort = "ingress.controller/http-port"
+	// AnnoIngressControllerHost define ingress controller externally host
+	AnnoIngressControllerHost = "ingress.controller/host"
 	// LabelConfigType is the label for config type
 	LabelConfigType = "config.oam.dev/type"
 	// LabelConfigCatalog is the label for config catalog

charts/vela-core/README.md

@@ -93,6 +93,7 @@ helm install --create-namespace -n vela-system kubevela kubevela/vela-core --wai
 | `optimize.enableInMemoryWorkflowContext`          | Optimize workflow by use in-memory context.                                                                                                       | `false` |
 | `optimize.disableResourceApplyDoubleCheck`        | Optimize workflow by ignoring resource double check after apply.                                                                                  | `false` |
 | `optimize.enableResourceTrackerDeleteOnlyTrigger` | Optimize resourcetracker by only trigger reconcile when resourcetracker is deleted.                                                               | `true`  |
+| `featureGates.enableLegacyComponentRevision`      | if disabled, only component with rollout trait will create component revisions                                                                    | `false` |
 
 
 ### MultiCluster parameters

charts/vela-core/crds/core.oam.dev_applicationrevisions.yaml

@@ -2198,6 +2198,17 @@ spec:
                           a context in annotation. - should mark "finish" phase in
                           status.conditions.'
                         properties:
+                          mode:
+                            description: WorkflowExecuteMode defines the mode of workflow
+                              execution
+                            properties:
+                              steps:
+                                description: WorkflowMode describes the mode of workflow
+                                type: string
+                              subSteps:
+                                description: WorkflowMode describes the mode of workflow
+                                type: string
+                            type: object
                           ref:
                             type: string
                           steps:
@@ -2225,6 +2236,13 @@ spec:
                                     - parameterKey
                                     type: object
                                   type: array
+                                meta:
+                                  description: WorkflowStepMeta contains the meta
+                                    data of a workflow step
+                                  properties:
+                                    alias:
+                                      type: string
+                                  type: object
                                 name:
                                   description: Name is the unique name of the workflow
                                     step.
@@ -2271,6 +2289,13 @@ spec:
                                           - parameterKey
                                           type: object
                                         type: array
+                                      meta:
+                                        description: WorkflowStepMeta contains the
+                                          meta data of a workflow step
+                                        properties:
+                                          alias:
+                                            type: string
+                                        type: object
                                       name:
                                         description: Name is the unique name of the
                                           workflow step.
@@ -2292,6 +2317,8 @@ spec:
                                       properties:
                                         type: object
                                         x-kubernetes-preserve-unknown-fields: true
+                                      timeout:
+                                        type: string
                                       type:
                                         type: string
                                     required:
@@ -2299,6 +2326,8 @@ spec:
                                     - type
                                     type: object
                                   type: array
+                                timeout:
+                                  type: string
                                 type:
                                   type: string
                               required:
@@ -3973,6 +4002,13 @@ spec:
                             - parameterKey
                             type: object
                           type: array
+                        meta:
+                          description: WorkflowStepMeta contains the meta data of
+                            a workflow step
+                          properties:
+                            alias:
+                              type: string
+                          type: object
                         name:
                           description: Name is the unique name of the workflow step.
                           type: string
@@ -4017,6 +4053,13 @@ spec:
                                   - parameterKey
                                   type: object
                                 type: array
+                              meta:
+                                description: WorkflowStepMeta contains the meta data
+                                  of a workflow step
+                                properties:
+                                  alias:
+                                    type: string
+                                type: object
                               name:
                                 description: Name is the unique name of the workflow
                                   step.
@@ -4038,6 +4081,8 @@ spec:
                               properties:
                                 type: object
                                 x-kubernetes-preserve-unknown-fields: true
+                              timeout:
+                                type: string
                               type:
                                 type: string
                             required:
@@ -4045,6 +4090,8 @@ spec:
                             - type
                             type: object
                           type: array
+                        timeout:
+                          type: string
                         type:
                           type: string
                       required:

charts/vela-core/crds/core.oam.dev_applications.yaml

@@ -1009,6 +1009,17 @@ spec:
                   order, and each step: - will have a context in annotation. - should
                   mark "finish" phase in status.conditions.'
                 properties:
+                  mode:
+                    description: WorkflowExecuteMode defines the mode of workflow
+                      execution
+                    properties:
+                      steps:
+                        description: WorkflowMode describes the mode of workflow
+                        type: string
+                      subSteps:
+                        description: WorkflowMode describes the mode of workflow
+                        type: string
+                    type: object
                   ref:
                     type: string
                   steps:
@@ -1035,6 +1046,13 @@ spec:
                             - parameterKey
                             type: object
                           type: array
+                        meta:
+                          description: WorkflowStepMeta contains the meta data of
+                            a workflow step
+                          properties:
+                            alias:
+                              type: string
+                          type: object
                         name:
                           description: Name is the unique name of the workflow step.
                           type: string
@@ -1079,6 +1097,13 @@ spec:
                                   - parameterKey
                                   type: object
                                 type: array
+                              meta:
+                                description: WorkflowStepMeta contains the meta data
+                                  of a workflow step
+                                properties:
+                                  alias:
+                                    type: string
+                                type: object
                               name:
                                 description: Name is the unique name of the workflow
                                   step.
@@ -1100,6 +1125,8 @@ spec:
                               properties:
                                 type: object
                                 x-kubernetes-preserve-unknown-fields: true
+                              timeout:
+                                type: string
                               type:
                                 type: string
                             required:
@@ -1107,6 +1134,8 @@ spec:
                             - type
                             type: object
                           type: array
+                        timeout:
+                          type: string
                         type:
                           type: string
                       required:

charts/vela-core/crds/core.oam.dev_workflows.yaml

@@ -57,6 +57,13 @@ spec:
                     - parameterKey
                     type: object
                   type: array
+                meta:
+                  description: WorkflowStepMeta contains the meta data of a workflow
+                    step
+                  properties:
+                    alias:
+                      type: string
+                  type: object
                 name:
                   description: Name is the unique name of the workflow step.
                   type: string
@@ -100,6 +107,13 @@ spec:
                           - parameterKey
                           type: object
                         type: array
+                      meta:
+                        description: WorkflowStepMeta contains the meta data of a
+                          workflow step
+                        properties:
+                          alias:
+                            type: string
+                        type: object
                       name:
                         description: Name is the unique name of the workflow step.
                         type: string
@@ -119,6 +133,8 @@ spec:
                       properties:
                         type: object
                         x-kubernetes-preserve-unknown-fields: true
+                      timeout:
+                        type: string
                       type:
                         type: string
                     required:
@@ -126,6 +142,8 @@ spec:
                     - type
                     type: object
                   type: array
+                timeout:
+                  type: string
                 type:
                   type: string
               required:
@@ -141,6 +159,16 @@ spec:
       openAPIV3Schema:
         description: Workflow defines workflow steps and other attributes
         properties:
+          mode:
+            description: WorkflowExecuteMode defines the mode of workflow execution
+            properties:
+              steps:
+                description: WorkflowMode describes the mode of workflow
+                type: string
+              subSteps:
+                description: WorkflowMode describes the mode of workflow
+                type: string
+            type: object
           ref:
             type: string
           steps:
@@ -166,6 +194,13 @@ spec:
                     - parameterKey
                     type: object
                   type: array
+                meta:
+                  description: WorkflowStepMeta contains the meta data of a workflow
+                    step
+                  properties:
+                    alias:
+                      type: string
+                  type: object
                 name:
                   description: Name is the unique name of the workflow step.
                   type: string
@@ -209,6 +244,13 @@ spec:
                           - parameterKey
                           type: object
                         type: array
+                      meta:
+                        description: WorkflowStepMeta contains the meta data of a
+                          workflow step
+                        properties:
+                          alias:
+                            type: string
+                        type: object
                       name:
                         description: Name is the unique name of the workflow step.
                         type: string
@@ -228,6 +270,8 @@ spec:
                       properties:
                         type: object
                         x-kubernetes-preserve-unknown-fields: true
+                      timeout:
+                        type: string
                       type:
                         type: string
                     required:
@@ -235,6 +279,8 @@ spec:
                     - type
                     type: object
                   type: array
+                timeout:
+                  type: string
                 type:
                   type: string
               required:

charts/vela-core/templates/defwithtemplate/apply-application-in-parallel.yaml

@@ -6,6 +6,7 @@ metadata:
   annotations:
     definition.oam.dev/description: Apply components of an application in parallel for your workflow steps
   labels:
+    custom.definition.oam.dev/deprecated: "true"
     custom.definition.oam.dev/ui-hidden: "true"
   name: apply-application-in-parallel
   namespace: {{ include "systemDefinitionNamespace" . }}

charts/vela-core/templates/defwithtemplate/apply-application.yaml

@@ -4,8 +4,9 @@ apiVersion: core.oam.dev/v1beta1
 kind: WorkflowStepDefinition
 metadata:
   annotations:
-    definition.oam.dev/description: Apply application for your workflow steps
+    definition.oam.dev/description: Apply application for your workflow steps, it has no arguments, should be used for custom steps before or after application applied.
   labels:
+    custom.definition.oam.dev/deprecated: "true"
     custom.definition.oam.dev/ui-hidden: "true"
   name: apply-application
   namespace: {{ include "systemDefinitionNamespace" . }}

charts/vela-core/templates/defwithtemplate/apply-object.yaml

@@ -22,9 +22,9 @@ spec:
         	cluster: parameter.cluster
         }
         parameter: {
-        	// +usage=Specify the value of the object
+        	// +usage=Specify Kubernetes native resource object to be applied
         	value: {...}
-        	// +usage=Specify the cluster of the object
+        	// +usage=The cluster you want to apply the resource to, default is the current control plane cluster
         	cluster: *"" | string
         }
 

charts/vela-core/templates/defwithtemplate/apply-once.yaml

@@ -0,0 +1,44 @@
+# Code generated by KubeVela templates. DO NOT EDIT. Please edit the original cue file.
+# Definition source cue file: vela-templates/definitions/internal/apply-once.cue
+apiVersion: core.oam.dev/v1beta1
+kind: PolicyDefinition
+metadata:
+  annotations:
+    definition.oam.dev/description: Allow configuration drift for applied resources, delivery the resource without continuously reconciliation.
+  name: apply-once
+  namespace: {{ include "systemDefinitionNamespace" . }}
+spec:
+  schematic:
+    cue:
+      template: |
+        #ApplyOnceStrategy: {
+        	// +usage=Specify the path of the resource that allow configuration drift
+        	path: [...string]
+        }
+        #ApplyOncePolicyRule: {
+        	// +usage=Specify how to select the targets of the rule
+        	selector?: #ResourcePolicyRuleSelector
+        	// +usage=Specify the strategy for configuring the resource level configuration drift behaviour
+        	strategy: #ApplyOnceStrategy
+        }
+        #ResourcePolicyRuleSelector: {
+        	// +usage=Select resources by component names
+        	componentNames?: [...string]
+        	// +usage=Select resources by component types
+        	componentTypes?: [...string]
+        	// +usage=Select resources by oamTypes (COMPONENT or TRAIT)
+        	oamTypes?: [...string]
+        	// +usage=Select resources by trait types
+        	traitTypes?: [...string]
+        	// +usage=Select resources by resource types (like Deployment)
+        	resourceTypes?: [...string]
+        	// +usage=Select resources by their names
+        	resourceNames?: [...string]
+        }
+        parameter: {
+        	// +usage=Whether to enable apply-once for the whole application
+        	enable: *false | bool
+        	// +usage=Specify the rules for configuring apply-once policy in resource level
+        	rules?: [...#ApplyOncePolicyRule]
+        }
+

charts/vela-core/templates/defwithtemplate/apply-remaining.yaml

@@ -6,6 +6,7 @@ metadata:
   annotations:
     definition.oam.dev/description: Apply remaining components and traits
   labels:
+    custom.definition.oam.dev/deprecated: "true"
     custom.definition.oam.dev/ui-hidden: "true"
   name: apply-remaining
   namespace: {{ include "systemDefinitionNamespace" . }}

charts/vela-core/templates/defwithtemplate/config-image-registry.yaml

@@ -4,13 +4,13 @@ apiVersion: core.oam.dev/v1beta1
 kind: ComponentDefinition
 metadata:
   annotations:
-    custom.definition.oam.dev/alias.config.oam.dev: Image Registry
+    alias.config.oam.dev: Image Registry
     definition.oam.dev/description: Config information to authenticate image registry
   labels:
-    custom.definition.oam.dev/catalog.config.oam.dev: velacore-config
-    custom.definition.oam.dev/multi-cluster.config.oam.dev: "true"
-    custom.definition.oam.dev/type.config.oam.dev: image-registry
+    catalog.config.oam.dev: velacore-config
     custom.definition.oam.dev/ui-hidden: "true"
+    multi-cluster.config.oam.dev: "true"
+    type.config.oam.dev: image-registry
   name: config-image-registry
   namespace: {{ include "systemDefinitionNamespace" . }}
 spec:

charts/vela-core/templates/defwithtemplate/daemon.yaml

@@ -0,0 +1,574 @@
+# Code generated by KubeVela templates. DO NOT EDIT. Please edit the original cue file.
+# Definition source cue file: vela-templates/definitions/internal/daemon.cue
+apiVersion: core.oam.dev/v1beta1
+kind: ComponentDefinition
+metadata:
+  annotations:
+    definition.oam.dev/description: Describes daemonset services in Kubernetes.
+  name: daemon
+  namespace: {{ include "systemDefinitionNamespace" . }}
+spec:
+  schematic:
+    cue:
+      template: |
+        import (
+        	"strconv"
+        )
+
+        mountsArray: {
+        	pvc: *[
+        		for v in parameter.volumeMounts.pvc {
+        			{
+        				mountPath: v.mountPath
+        				name:      v.name
+        			}
+        		},
+        	] | []
+
+        	configMap: *[
+        			for v in parameter.volumeMounts.configMap {
+        			{
+        				mountPath: v.mountPath
+        				name:      v.name
+        			}
+        		},
+        	] | []
+
+        	secret: *[
+        		for v in parameter.volumeMounts.secret {
+        			{
+        				mountPath: v.mountPath
+        				name:      v.name
+        			}
+        		},
+        	] | []
+
+        	emptyDir: *[
+        			for v in parameter.volumeMounts.emptyDir {
+        			{
+        				mountPath: v.mountPath
+        				name:      v.name
+        			}
+        		},
+        	] | []
+
+        	hostPath: *[
+        			for v in parameter.volumeMounts.hostPath {
+        			{
+        				mountPath: v.mountPath
+        				if v.mountPropagation != _|_ {
+        					mountPropagation: v.mountPropagation
+        				}
+        				name: v.name
+        				if v.readOnly != _|_ {
+        					readOnly: v.readOnly
+        				}
+        			}
+        		},
+        	] | []
+        }
+        volumesArray: {
+        	pvc: *[
+        		for v in parameter.volumeMounts.pvc {
+        			{
+        				name: v.name
+        				persistentVolumeClaim: claimName: v.claimName
+        			}
+        		},
+        	] | []
+
+        	configMap: *[
+        			for v in parameter.volumeMounts.configMap {
+        			{
+        				name: v.name
+        				configMap: {
+        					defaultMode: v.defaultMode
+        					name:        v.cmName
+        					if v.items != _|_ {
+        						items: v.items
+        					}
+        				}
+        			}
+        		},
+        	] | []
+
+        	secret: *[
+        		for v in parameter.volumeMounts.secret {
+        			{
+        				name: v.name
+        				secret: {
+        					defaultMode: v.defaultMode
+        					secretName:  v.secretName
+        					if v.items != _|_ {
+        						items: v.items
+        					}
+        				}
+        			}
+        		},
+        	] | []
+
+        	emptyDir: *[
+        			for v in parameter.volumeMounts.emptyDir {
+        			{
+        				name: v.name
+        				emptyDir: medium: v.medium
+        			}
+        		},
+        	] | []
+
+        	hostPath: *[
+        			for v in parameter.volumeMounts.hostPath {
+        			{
+        				name: v.name
+        				hostPath: path: v.path
+        			}
+        		},
+        	] | []
+        }
+        output: {
+        	apiVersion: "apps/v1"
+        	kind:       "DaemonSet"
+        	spec: {
+        		selector: matchLabels: "app.oam.dev/component": context.name
+
+        		template: {
+        			metadata: {
+        				labels: {
+        					if parameter.labels != _|_ {
+        						parameter.labels
+        					}
+        					if parameter.addRevisionLabel {
+        						"app.oam.dev/revision": context.revision
+        					}
+        					"app.oam.dev/name":      context.appName
+        					"app.oam.dev/component": context.name
+        				}
+        				if parameter.annotations != _|_ {
+        					annotations: parameter.annotations
+        				}
+        			}
+
+        			spec: {
+        				containers: [{
+        					name:  context.name
+        					image: parameter.image
+        					if parameter["port"] != _|_ && parameter["ports"] == _|_ {
+        						ports: [{
+        							containerPort: parameter.port
+        						}]
+        					}
+        					if parameter["ports"] != _|_ {
+        						ports: [ for v in parameter.ports {
+        							{
+        								containerPort: v.port
+        								protocol:      v.protocol
+        								if v.name != _|_ {
+        									name: v.name
+        								}
+        								if v.name == _|_ {
+        									name: "port-" + strconv.FormatInt(v.port, 10)
+        								}
+        							}}]
+        					}
+
+        					if parameter["imagePullPolicy"] != _|_ {
+        						imagePullPolicy: parameter.imagePullPolicy
+        					}
+
+        					if parameter["cmd"] != _|_ {
+        						command: parameter.cmd
+        					}
+
+        					if parameter["env"] != _|_ {
+        						env: parameter.env
+        					}
+
+        					if context["config"] != _|_ {
+        						env: context.config
+        					}
+
+        					if parameter["cpu"] != _|_ {
+        						resources: {
+        							limits: cpu:   parameter.cpu
+        							requests: cpu: parameter.cpu
+        						}
+        					}
+
+        					if parameter["memory"] != _|_ {
+        						resources: {
+        							limits: memory:   parameter.memory
+        							requests: memory: parameter.memory
+        						}
+        					}
+
+        					if parameter["volumes"] != _|_ && parameter["volumeMounts"] == _|_ {
+        						volumeMounts: [ for v in parameter.volumes {
+        							{
+        								mountPath: v.mountPath
+        								name:      v.name
+        							}}]
+        					}
+
+        					if parameter["volumeMounts"] != _|_ {
+        						volumeMounts: mountsArray.pvc + mountsArray.configMap + mountsArray.secret + mountsArray.emptyDir + mountsArray.hostPath
+        					}
+
+        					if parameter["livenessProbe"] != _|_ {
+        						livenessProbe: parameter.livenessProbe
+        					}
+
+        					if parameter["readinessProbe"] != _|_ {
+        						readinessProbe: parameter.readinessProbe
+        					}
+
+        				}]
+
+        				if parameter["hostAliases"] != _|_ {
+        					// +patchKey=ip
+        					hostAliases: parameter.hostAliases
+        				}
+
+        				if parameter["imagePullSecrets"] != _|_ {
+        					imagePullSecrets: [ for v in parameter.imagePullSecrets {
+        						name: v
+        					},
+        					]
+        				}
+
+        				if parameter["volumes"] != _|_ && parameter["volumeMounts"] == _|_ {
+        					volumes: [ for v in parameter.volumes {
+        						{
+        							name: v.name
+        							if v.type == "pvc" {
+        								persistentVolumeClaim: claimName: v.claimName
+        							}
+        							if v.type == "configMap" {
+        								configMap: {
+        									defaultMode: v.defaultMode
+        									name:        v.cmName
+        									if v.items != _|_ {
+        										items: v.items
+        									}
+        								}
+        							}
+        							if v.type == "secret" {
+        								secret: {
+        									defaultMode: v.defaultMode
+        									secretName:  v.secretName
+        									if v.items != _|_ {
+        										items: v.items
+        									}
+        								}
+        							}
+        							if v.type == "emptyDir" {
+        								emptyDir: medium: v.medium
+        							}
+        						}
+        					}]
+        				}
+
+        				if parameter["volumeMounts"] != _|_ {
+        					volumes: volumesArray.pvc + volumesArray.configMap + volumesArray.secret + volumesArray.emptyDir + volumesArray.hostPath
+        				}
+        			}
+        		}
+        	}
+        }
+        exposePorts: [
+        	for v in parameter.ports if v.expose == true {
+        		port:       v.port
+        		targetPort: v.port
+        		if v.name != _|_ {
+        			name: v.name
+        		}
+        		if v.name == _|_ {
+        			name: "port-" + strconv.FormatInt(v.port, 10)
+        		}
+        	},
+        ]
+        outputs: {
+        	if len(exposePorts) != 0 {
+        		webserviceExpose: {
+        			apiVersion: "v1"
+        			kind:       "Service"
+        			metadata: name: context.name
+        			spec: {
+        				selector: "app.oam.dev/component": context.name
+        				ports: exposePorts
+        				type:  parameter.exposeType
+        			}
+        		}
+        	}
+        }
+        parameter: {
+        	// +usage=Specify the labels in the workload
+        	labels?: [string]: string
+
+        	// +usage=Specify the annotations in the workload
+        	annotations?: [string]: string
+
+        	// +usage=Which image would you like to use for your service
+        	// +short=i
+        	image: string
+
+        	// +usage=Specify image pull policy for your service
+        	imagePullPolicy?: "Always" | "Never" | "IfNotPresent"
+
+        	// +usage=Specify image pull secrets for your service
+        	imagePullSecrets?: [...string]
+
+        	// +ignore
+        	// +usage=Deprecated field, please use ports instead
+        	// +short=p
+        	port?: int
+
+        	// +usage=Which ports do you want customer traffic sent to, defaults to 80
+        	ports?: [...{
+        		// +usage=Number of port to expose on the pod's IP address
+        		port: int
+        		// +usage=Name of the port
+        		name?: string
+        		// +usage=Protocol for port. Must be UDP, TCP, or SCTP
+        		protocol: *"TCP" | "UDP" | "SCTP"
+        		// +usage=Specify if the port should be exposed
+        		expose: *false | bool
+        	}]
+
+        	// +ignore
+        	// +usage=Specify what kind of Service you want. options: "ClusterIP", "NodePort", "LoadBalancer", "ExternalName"
+        	exposeType: *"ClusterIP" | "NodePort" | "LoadBalancer" | "ExternalName"
+
+        	// +ignore
+        	// +usage=If addRevisionLabel is true, the revision label will be added to the underlying pods
+        	addRevisionLabel: *false | bool
+
+        	// +usage=Commands to run in the container
+        	cmd?: [...string]
+
+        	// +usage=Define arguments by using environment variables
+        	env?: [...{
+        		// +usage=Environment variable name
+        		name: string
+        		// +usage=The value of the environment variable
+        		value?: string
+        		// +usage=Specifies a source the value of this var should come from
+        		valueFrom?: {
+        			// +usage=Selects a key of a secret in the pod's namespace
+        			secretKeyRef?: {
+        				// +usage=The name of the secret in the pod's namespace to select from
+        				name: string
+        				// +usage=The key of the secret to select from. Must be a valid secret key
+        				key: string
+        			}
+        			// +usage=Selects a key of a config map in the pod's namespace
+        			configMapKeyRef?: {
+        				// +usage=The name of the config map in the pod's namespace to select from
+        				name: string
+        				// +usage=The key of the config map to select from. Must be a valid secret key
+        				key: string
+        			}
+        		}
+        	}]
+
+        	// +usage=Number of CPU units for the service, like `0.5` (0.5 CPU core), `1` (1 CPU core)
+        	cpu?: string
+
+        	// +usage=Specifies the attributes of the memory resource required for the container.
+        	memory?: string
+
+        	volumeMounts?: {
+        		// +usage=Mount PVC type volume
+        		pvc?: [...{
+        			name:      string
+        			mountPath: string
+        			// +usage=The name of the PVC
+        			claimName: string
+        		}]
+        		// +usage=Mount ConfigMap type volume
+        		configMap?: [...{
+        			name:        string
+        			mountPath:   string
+        			defaultMode: *420 | int
+        			cmName:      string
+        			items?: [...{
+        				key:  string
+        				path: string
+        				mode: *511 | int
+        			}]
+        		}]
+        		// +usage=Mount Secret type volume
+        		secret?: [...{
+        			name:        string
+        			mountPath:   string
+        			defaultMode: *420 | int
+        			secretName:  string
+        			items?: [...{
+        				key:  string
+        				path: string
+        				mode: *511 | int
+        			}]
+        		}]
+        		// +usage=Mount EmptyDir type volume
+        		emptyDir?: [...{
+        			name:      string
+        			mountPath: string
+        			medium:    *"" | "Memory"
+        		}]
+        		// +usage=Mount HostPath type volume
+        		hostPath?: [...{
+        			name:              string
+        			mountPath:         string
+        			mountPropagation?: "None" | "HostToContainer" | "Bidirectional"
+        			path:              string
+        			readOnly?:         bool
+        		}]
+        	}
+
+        	// +usage=Deprecated field, use volumeMounts instead.
+        	volumes?: [...{
+        		name:      string
+        		mountPath: string
+        		// +usage=Specify volume type, options: "pvc","configMap","secret","emptyDir"
+        		type: "pvc" | "configMap" | "secret" | "emptyDir"
+        		if type == "pvc" {
+        			claimName: string
+        		}
+        		if type == "configMap" {
+        			defaultMode: *420 | int
+        			cmName:      string
+        			items?: [...{
+        				key:  string
+        				path: string
+        				mode: *511 | int
+        			}]
+        		}
+        		if type == "secret" {
+        			defaultMode: *420 | int
+        			secretName:  string
+        			items?: [...{
+        				key:  string
+        				path: string
+        				mode: *511 | int
+        			}]
+        		}
+        		if type == "emptyDir" {
+        			medium: *"" | "Memory"
+        		}
+        	}]
+
+        	// +usage=Instructions for assessing whether the container is alive.
+        	livenessProbe?: #HealthProbe
+
+        	// +usage=Instructions for assessing whether the container is in a suitable state to serve traffic.
+        	readinessProbe?: #HealthProbe
+
+        	// +usage=Specify the hostAliases to add
+        	hostAliases?: [...{
+        		ip: string
+        		hostnames: [...string]
+        	}]
+        }
+        #HealthProbe: {
+
+        	// +usage=Instructions for assessing container health by executing a command. Either this attribute or the httpGet attribute or the tcpSocket attribute MUST be specified. This attribute is mutually exclusive with both the httpGet attribute and the tcpSocket attribute.
+        	exec?: {
+        		// +usage=A command to be executed inside the container to assess its health. Each space delimited token of the command is a separate array element. Commands exiting 0 are considered to be successful probes, whilst all other exit codes are considered failures.
+        		command: [...string]
+        	}
+
+        	// +usage=Instructions for assessing container health by executing an HTTP GET request. Either this attribute or the exec attribute or the tcpSocket attribute MUST be specified. This attribute is mutually exclusive with both the exec attribute and the tcpSocket attribute.
+        	httpGet?: {
+        		// +usage=The endpoint, relative to the port, to which the HTTP GET request should be directed.
+        		path: string
+        		// +usage=The TCP socket within the container to which the HTTP GET request should be directed.
+        		port:    int
+        		host?:   string
+        		scheme?: *"HTTP" | string
+        		httpHeaders?: [...{
+        			name:  string
+        			value: string
+        		}]
+        	}
+
+        	// +usage=Instructions for assessing container health by probing a TCP socket. Either this attribute or the exec attribute or the httpGet attribute MUST be specified. This attribute is mutually exclusive with both the exec attribute and the httpGet attribute.
+        	tcpSocket?: {
+        		// +usage=The TCP socket within the container that should be probed to assess container health.
+        		port: int
+        	}
+
+        	// +usage=Number of seconds after the container is started before the first probe is initiated.
+        	initialDelaySeconds: *0 | int
+
+        	// +usage=How often, in seconds, to execute the probe.
+        	periodSeconds: *10 | int
+
+        	// +usage=Number of seconds after which the probe times out.
+        	timeoutSeconds: *1 | int
+
+        	// +usage=Minimum consecutive successes for the probe to be considered successful after having failed.
+        	successThreshold: *1 | int
+
+        	// +usage=Number of consecutive failures required to determine the container is not alive (liveness probe) or not ready (readiness probe).
+        	failureThreshold: *3 | int
+        }
+  status:
+    customStatus: |-
+      ready: {
+      	replicas: *0 | int
+      } & {
+      	if context.output.status.numberReady != _|_ {
+      		replicas: context.output.status.numberReady
+      	}
+      }
+      desired: {
+      	replicas: *0 | int
+      } & {
+      	if context.output.status.desiredNumberScheduled != _|_ {
+      		replicas: context.output.status.desiredNumberScheduled
+      	}
+      }
+      message: "Ready:\(ready.replicas)/\(desired.replicas)"
+    healthPolicy: |-
+      ready: {
+      	replicas: *0 | int
+      } & {
+      	if context.output.status.numberReady != _|_ {
+      		replicas: context.output.status.numberReady
+      	}
+      }
+      desired: {
+      	replicas: *0 | int
+      } & {
+      	if context.output.status.desiredNumberScheduled != _|_ {
+      		replicas: context.output.status.desiredNumberScheduled
+      	}
+      }
+      current: {
+      	replicas: *0 | int
+      } & {
+      	if context.output.status.currentNumberScheduled != _|_ {
+      		replicas: context.output.status.currentNumberScheduled
+      	}
+      }
+      updated: {
+      	replicas: *0 | int
+      } & {
+      	if context.output.status.updatedNumberScheduled != _|_ {
+      		replicas: context.output.status.updatedNumberScheduled
+      	}
+      }
+      generation: {
+      	metadata: context.output.metadata.generation
+      	observed: *0 | int
+      } & {
+      	if context.output.status.observedGeneration != _|_ {
+      		observed: context.output.status.observedGeneration
+      	}
+      }
+      isHealth: (desired.replicas == ready.replicas) && (desired.replicas == updated.replicas) && (desired.replicas == current.replicas) && (generation.observed == generation.metadata || generation.observed > generation.metadata)
+  workload:
+    definition:
+      apiVersion: apps/v1
+      kind: DaemonSet
+    type: daemonsets.apps
+

charts/vela-core/templates/defwithtemplate/depends-on-app.yaml

@@ -4,7 +4,7 @@ apiVersion: core.oam.dev/v1beta1
 kind: WorkflowStepDefinition
 metadata:
   annotations:
-    definition.oam.dev/description: check or install depends-on Application
+    definition.oam.dev/description: Wait for the specified Application to complete.
   labels:
     custom.definition.oam.dev/ui-hidden: "true"
   name: depends-on-app

charts/vela-core/templates/defwithtemplate/deploy-cloud-resource.yaml

@@ -4,7 +4,7 @@ apiVersion: core.oam.dev/v1beta1
 kind: WorkflowStepDefinition
 metadata:
   annotations:
-    definition.oam.dev/description: Deploy cloud resource and bind secret to clusters
+    definition.oam.dev/description: Deploy cloud resource and deliver secret to multi clusters.
   name: deploy-cloud-resource
   namespace: {{ include "systemDefinitionNamespace" . }}
 spec:

charts/vela-core/templates/defwithtemplate/deploy.yaml

@@ -4,7 +4,7 @@ apiVersion: core.oam.dev/v1beta1
 kind: WorkflowStepDefinition
 metadata:
   annotations:
-    definition.oam.dev/description: Deploy components with policies.
+    definition.oam.dev/description: A powerful and unified deploy step for components multi-cluster delivery with policies.
   name: deploy
   namespace: {{ include "systemDefinitionNamespace" . }}
 spec:
@@ -21,9 +21,9 @@ spec:
         	ignoreTerraformComponent: parameter.ignoreTerraformComponent
         }
         parameter: {
-        	//+usage=If set false, the workflow will be suspend before this step.
+        	//+usage=If set to false, the workflow will suspend automatically before this step, default to be true.
         	auto: *true | bool
-        	//+usage=Declare the policies used for this step.
+        	//+usage=Declare the policies that used for this deployment. If not specified, the components will be deployed to the hub cluster.
         	policies?: [...string]
         	//+usage=Maximum number of concurrent delivered components.
         	parallelism: *5 | int

charts/vela-core/templates/defwithtemplate/deploy2env.yaml

@@ -6,6 +6,7 @@ metadata:
   annotations:
     definition.oam.dev/description: Deploy env binding component to target env
   labels:
+    custom.definition.oam.dev/deprecated: "true"
     custom.definition.oam.dev/ui-hidden: "true"
   name: deploy2env
   namespace: {{ include "systemDefinitionNamespace" . }}

charts/vela-core/templates/defwithtemplate/deploy2runtime.yaml

@@ -6,6 +6,7 @@ metadata:
   annotations:
     definition.oam.dev/description: Deploy application to runtime clusters
   labels:
+    custom.definition.oam.dev/deprecated: "true"
     custom.definition.oam.dev/ui-hidden: "true"
   name: deploy2runtime
   namespace: {{ include "systemDefinitionNamespace" . }}

charts/vela-core/templates/defwithtemplate/envbinding.yaml

@@ -22,7 +22,7 @@ spec:
         	traits?: [...{
         		type: string
         		properties?: {...}
-        		// +usage=Specify if the trait shoued be remove, default false
+        		// +usage=Specify if the trait should be remove, default false
         		disable: *false | bool
         	}]
         }

charts/vela-core/templates/defwithtemplate/export2config.yaml

@@ -4,7 +4,7 @@ apiVersion: core.oam.dev/v1beta1
 kind: WorkflowStepDefinition
 metadata:
   annotations:
-    definition.oam.dev/description: Export data to config map for your workflow steps
+    definition.oam.dev/description: Export data to specified Kubernetes ConfigMap in your workflow.
   labels:
     custom.definition.oam.dev/ui-hidden: "true"
   name: export2config

charts/vela-core/templates/defwithtemplate/export2secret.yaml

@@ -4,7 +4,7 @@ apiVersion: core.oam.dev/v1beta1
 kind: WorkflowStepDefinition
 metadata:
   annotations:
-    definition.oam.dev/description: Export data to secret for your workflow steps
+    definition.oam.dev/description: Export data to Kubernetes Secret in your workflow.
   labels:
     custom.definition.oam.dev/ui-hidden: "true"
   name: export2secret
@@ -46,7 +46,7 @@ spec:
         	type?: string
         	// +usage=Specify the data of secret
         	data: {}
-        	// +usage=Specify the cluster of the config map
+        	// +usage=Specify the cluster of the secret
         	cluster: *"" | string
         }
 

charts/vela-core/templates/defwithtemplate/expose.yaml

@@ -14,14 +14,20 @@ spec:
   schematic:
     cue:
       template: |
+        import (
+        	"strconv"
+        )
+
         outputs: service: {
         	apiVersion: "v1"
         	kind:       "Service"
-        	metadata: name: context.name
+        	metadata: name:        context.name
+        	metadata: annotations: parameter.annotations
         	spec: {
         		selector: "app.oam.dev/component": context.name
         		ports: [
         			for p in parameter.port {
+        				name:       "port-" + strconv.FormatInt(p, 10)
         				port:       p
         				targetPort: p
         			},
@@ -32,7 +38,33 @@ spec:
         parameter: {
         	// +usage=Specify the exposion ports
         	port: [...int]
+        	// +usage=Specify the annotaions of the exposed service
+        	annotations: [string]: string
         	// +usage=Specify what kind of Service you want. options: "ClusterIP","NodePort","LoadBalancer","ExternalName"
         	type: *"ClusterIP" | "NodePort" | "LoadBalancer" | "ExternalName"
         }
+  status:
+    customStatus: |-
+      message: *"" | string
+      service: context.outputs.service
+      if service.spec.type == "ClusterIP" {
+      	message: "ClusterIP: \(service.spec.clusterIP)"
+      }
+      if service.spec.type == "LoadBalancer" {
+      	status: service.status
+      	isHealth: status != _|_ && status.loadBalancer != _|_ && status.loadBalancer.ingress != _|_ && len(status.loadBalancer.ingress) > 0
+      	if !isHealth {
+      		message: "ExternalIP: Pending"
+      	}
+      	if isHealth {
+      		message: "ExternalIP: \(status.loadBalancer.ingress[0].ip)"
+      	}
+      }
+    healthPolicy: |-
+      isHealth: *true | bool
+      service: context.outputs.service
+      if service.spec.type == "LoadBalancer" {
+      	status: service.status
+      	isHealth: status != _|_ && status.loadBalancer != _|_ && status.loadBalancer.ingress != _|_ && len(status.loadBalancer.ingress) > 0
+      }
 

charts/vela-core/templates/defwithtemplate/garbage-collect.yaml

@@ -0,0 +1,40 @@
+# Code generated by KubeVela templates. DO NOT EDIT. Please edit the original cue file.
+# Definition source cue file: vela-templates/definitions/internal/garbage-collect.cue
+apiVersion: core.oam.dev/v1beta1
+kind: PolicyDefinition
+metadata:
+  annotations:
+    definition.oam.dev/description: Configure the garbage collect behaviour for the application.
+  name: garbage-collect
+  namespace: {{ include "systemDefinitionNamespace" . }}
+spec:
+  schematic:
+    cue:
+      template: |
+        #GarbageCollectPolicyRule: {
+        	// +usage=Specify how to select the targets of the rule
+        	selector: [...#ResourcePolicyRuleSelector]
+        	// +usage=Specify the strategy for target resource to recycle
+        	strategy: *"onAppUpdate" | "onAppDelete" | "never"
+        }
+        #ResourcePolicyRuleSelector: {
+        	// +usage=Select resources by component names
+        	componentNames?: [...string]
+        	// +usage=Select resources by component types
+        	componentTypes?: [...string]
+        	// +usage=Select resources by oamTypes (COMPONENT or TRAIT)
+        	oamTypes?: [...string]
+        	// +usage=Select resources by trait types
+        	traitTypes?: [...string]
+        	// +usage=Select resources by resource types (like Deployment)
+        	resourceTypes?: [...string]
+        	// +usage=Select resources by their names
+        	resourceNames?: [...string]
+        }
+        parameter: {
+        	// +usage=If is set, outdated versioned resourcetracker will not be recycled automatically, outdated resources will be kept until resourcetracker be deleted manually
+        	keepLegacyResource: *false | bool
+        	// +usage=Specify the list of rules to control gc strategy at resource level, if one resource is controlled by multiple rules, first rule will be used
+        	rules?: [...#GarbageCollectPolicyRule]
+        }
+

charts/vela-core/templates/defwithtemplate/gateway.yaml

@@ -38,6 +38,9 @@ spec:
         			if !parameter.classInSpec {
         				"kubernetes.io/ingress.class": parameter.class
         			}
+        			if parameter.gatewayHost != _|_ {
+        				"ingress.controller/host": parameter.gatewayHost
+        			}
         		}
         	}
         	spec: {
@@ -84,6 +87,9 @@ spec:
 
         	// +usage=Specify the secret name you want to quote.
         	secretName?: string
+
+        	// +usage=Specify the host of the ingress gateway, which is used to generate the endpoints when the host is empty.
+        	gatewayHost?: string
         }
   status:
     customStatus: |-

charts/vela-core/templates/defwithtemplate/notification.yaml

@@ -4,7 +4,7 @@ apiVersion: core.oam.dev/v1beta1
 kind: WorkflowStepDefinition
 metadata:
   annotations:
-    definition.oam.dev/description: Send message to webhook
+    definition.oam.dev/description: Send notifications to Email, DingTalk, Slack, Lark or webhook in your workflow.
   name: notification
   namespace: {{ include "systemDefinitionNamespace" . }}
 spec:
@@ -17,9 +17,11 @@ spec:
         )
 
         parameter: {
+        	// +usage=Please fulfill its url and message if you want to send Lark messages
         	lark?: {
         		// +usage=Specify the the lark url, you can either sepcify it in value or use secretRef
         		url: {
+        			// +usage=the url address content in string
         			value: string
         		} | {
         			secretRef: {
@@ -29,7 +31,7 @@ spec:
         				key: string
         			}
         		}
-        		// +useage=Specify the message that you want to sent
+        		// +usage=Specify the message that you want to sent, refer to [Lark messaging](https://open.feishu.cn/document/ukTMukTMukTM/ucTM5YjL3ETO24yNxkjN#8b0f2a1b).
         		message: {
         			// +usage=msg_type can be text, post, image, interactive, share_chat, share_user, audio, media, file, sticker
         			msg_type: string
@@ -37,10 +39,11 @@ spec:
         			content: string
         		}
         	}
-
+        	// +usage=Please fulfill its url and message if you want to send DingTalk messages
         	dingding?: {
         		// +usage=Specify the the dingding url, you can either sepcify it in value or use secretRef
         		url: {
+        			// +usage=the url address content in string
         			value: string
         		} | {
         			secretRef: {
@@ -50,8 +53,9 @@ spec:
         				key: string
         			}
         		}
-        		// +useage=Specify the message that you want to sent
+        		// +usage=Specify the message that you want to sent, refer to [dingtalk messaging](https://developers.dingtalk.com/document/robots/custom-robot-access/title-72m-8ag-pqw)
         		message: {
+        			// +usage=Specify the message content of dingtalk notification
         			text?: *null | {
         				content: string
         			}
@@ -93,10 +97,11 @@ spec:
         			}
         		}
         	}
-
+        	// +usage=Please fulfill its url and message if you want to send Slack messages
         	slack?: {
         		// +usage=Specify the the slack url, you can either sepcify it in value or use secretRef
         		url: {
+        			// +usage=the url address content in string
         			value: string
         		} | {
         			secretRef: {
@@ -106,8 +111,9 @@ spec:
         				key: string
         			}
         		}
-        		// +useage=Specify the message that you want to sent
+        		// +usage=Specify the message that you want to sent, refer to [slack messaging](https://api.slack.com/reference/messaging/payload)
         		message: {
+        			// +usage=Specify the message text for slack notification
         			text:         string
         			blocks?:      *null | [...block]
         			attachments?: *null | {
@@ -115,10 +121,11 @@ spec:
         				color?:  string
         			}
         			thread_ts?: string
-        			mrkdwn?:    *true | bool
+        			// +usage=Specify the message text format in markdown for slack notification
+        			mrkdwn?: *true | bool
         		}
         	}
-
+        	// +usage=Please fulfill its from, to and content if you want to send email
         	email?: {
         		// +usage=Specify the email info that you want to send from
         		from: {
@@ -128,6 +135,7 @@ spec:
         			alias?: string
         			// +usage=Specify the password of the email, you can either sepcify it in value or use secretRef
         			password: {
+        				// +usage=the password content in string
         				value: string
         			} | {
         				secretRef: {

charts/vela-core/templates/defwithtemplate/override.yaml

@@ -4,7 +4,7 @@ apiVersion: core.oam.dev/v1beta1
 kind: PolicyDefinition
 metadata:
   annotations:
-    definition.oam.dev/description: Override configuration when deploying resources
+    definition.oam.dev/description: Describe the configuration to override when deploying resources, it only works with specified `deploy` step in workflow.
   name: override
   namespace: {{ include "systemDefinitionNamespace" . }}
 spec:
@@ -16,11 +16,15 @@ spec:
         	name?: string
         	// +usage=Specify the type of the patch component.
         	type?: string
+        	// +usage=Specify the properties to override.
         	properties?: {...}
+        	// +usage=Specify the traits to override.
         	traits?: [...{
+        		// +usage=Specify the type of the trait to be patched.
         		type: string
+        		// +usage=Specify the properties to override.
         		properties?: {...}
-        		// +usage=Specify if the trait shoued be remove, default false
+        		// +usage=Specify if the trait should be remove, default false
         		disable: *false | bool
         	}]
         }

charts/vela-core/templates/defwithtemplate/read-object.yaml

@@ -4,7 +4,7 @@ apiVersion: core.oam.dev/v1beta1
 kind: WorkflowStepDefinition
 metadata:
   annotations:
-    definition.oam.dev/description: Read objects for your workflow steps
+    definition.oam.dev/description: Read Kubernetes objects from cluster for your workflow steps
   labels:
     custom.definition.oam.dev/ui-hidden: "true"
   name: read-object
@@ -50,15 +50,15 @@ spec:
         	}
         }
         parameter: {
-        	// +usage=Specify the apiVersion of the object, defaults to core.oam.dev/v1beta1
+        	// +usage=Specify the apiVersion of the object, defaults to 'core.oam.dev/v1beta1'
         	apiVersion?: string
         	// +usage=Specify the kind of the object, defaults to Application
         	kind?: string
         	// +usage=Specify the name of the object
         	name: string
-        	// +usage=Specify the namespace of the object
-        	namespace?: string
-        	// +usage=Specify the cluster of the object
+        	// +usage=The namespace of the resource you want to read
+        	namespace?: *"default" | string
+        	// +usage=The cluster you want to apply the resource to, default is the current control plane cluster
         	cluster: *"" | string
         }
 

charts/vela-core/templates/defwithtemplate/ref-objects.yaml

@@ -28,7 +28,12 @@ spec:
         	labelSelector?: [string]: string
         	...
         }
-        output: parameter.objects[0]
+        output: {
+        	if len(parameter.objects) > 0 {
+        		parameter.objects[0]
+        	}
+        	...
+        }
         outputs: {
         	for i, v in parameter.objects {
         		if i > 0 {

charts/vela-core/templates/defwithtemplate/step-group.yaml

@@ -4,7 +4,7 @@ apiVersion: core.oam.dev/v1beta1
 kind: WorkflowStepDefinition
 metadata:
   annotations:
-    definition.oam.dev/description: step group
+    definition.oam.dev/description: A special step that you can declare 'subSteps' in it, 'subSteps' is an array containing any step type whose valid parameters do not include the `step-group` step type itself. The sub steps were executed in parallel.
   labels:
     custom.definition.oam.dev/ui-hidden: "true"
   name: step-group
@@ -13,6 +13,6 @@ spec:
   schematic:
     cue:
       template: |
-        // no parameters
-        parameter: {}
+        // no parameters, the nop only to make the template not empty or it's invalid
+        nop: {}
 

charts/vela-core/templates/defwithtemplate/suspend.yaml

@@ -4,7 +4,7 @@ apiVersion: core.oam.dev/v1beta1
 kind: WorkflowStepDefinition
 metadata:
   annotations:
-    definition.oam.dev/description: Suspend your workflow
+    definition.oam.dev/description: Suspend the current workflow, it can be resumed by 'vela workflow resume' command.
   name: suspend
   namespace: {{ include "systemDefinitionNamespace" . }}
 spec:

charts/vela-core/templates/defwithtemplate/topology.yaml

@@ -4,7 +4,7 @@ apiVersion: core.oam.dev/v1beta1
 kind: PolicyDefinition
 metadata:
   annotations:
-    definition.oam.dev/description: Determining the destination where components should be deployed to.
+    definition.oam.dev/description: Describe the destination where components should be deployed to.
   name: topology
   namespace: {{ include "systemDefinitionNamespace" . }}
 spec:

charts/vela-core/templates/defwithtemplate/webhook.yaml

@@ -4,7 +4,7 @@ apiVersion: core.oam.dev/v1beta1
 kind: WorkflowStepDefinition
 metadata:
   annotations:
-    definition.oam.dev/description: Send webhook request to the url
+    definition.oam.dev/description: Send a request to the specified Webhook URL. If no request body is specified, the current Application body will be sent by default.
   name: webhook
   namespace: {{ include "systemDefinitionNamespace" . }}
 spec:

charts/vela-core/templates/defwithtemplate/webservice.yaml

@@ -357,8 +357,8 @@ spec:
         	}]
 
         	// +ignore
-        	// +usage=Specify what kind of Service you want. options: "ClusterIP", "NodePort", "LoadBalancer", "ExternalName"
-        	exposeType: *"ClusterIP" | "NodePort" | "LoadBalancer" | "ExternalName"
+        	// +usage=Specify what kind of Service you want. options: "ClusterIP", "NodePort", "LoadBalancer"
+        	exposeType: *"ClusterIP" | "NodePort" | "LoadBalancer"
 
         	// +ignore
         	// +usage=If addRevisionLabel is true, the revision label will be added to the underlying pods

charts/vela-core/templates/kubevela-controller.yaml

@@ -217,6 +217,7 @@ spec:
             - "--max-workflow-step-error-retry-times={{ .Values.workflow.step.errorRetryTimes }}"
             - "--feature-gates=EnableSuspendOnFailure={{- .Values.workflow.enableSuspendOnFailure | toString -}}"
             - "--feature-gates=AuthenticateApplication={{- .Values.authentication.enabled | toString -}}"
+            - "--feature-gates=LegacyComponentRevision={{- .Values.featureGates.enableLegacyComponentRevision | toString -}}"
             {{ if .Values.authentication.enabled }}
             {{ if .Values.authentication.withUser }}
             - "--authentication-with-user"

charts/vela-core/values.yaml

@@ -109,6 +109,10 @@ optimize:
   disableResourceApplyDoubleCheck: false
   enableResourceTrackerDeleteOnlyTrigger: true
 
+##@param featureGates.enableLegacyComponentRevision if disabled, only component with rollout trait will create component revisions
+featureGates:
+  enableLegacyComponentRevision: false
+
 ## @section MultiCluster parameters
 
 ## @param multicluster.enabled Whether to enable multi-cluster

charts/vela-minimal/crds/core.oam.dev_applicationrevisions.yaml

@@ -2198,6 +2198,17 @@ spec:
                           a context in annotation. - should mark "finish" phase in
                           status.conditions.'
                         properties:
+                          mode:
+                            description: WorkflowExecuteMode defines the mode of workflow
+                              execution
+                            properties:
+                              steps:
+                                description: WorkflowMode describes the mode of workflow
+                                type: string
+                              subSteps:
+                                description: WorkflowMode describes the mode of workflow
+                                type: string
+                            type: object
                           ref:
                             type: string
                           steps:
@@ -2225,6 +2236,13 @@ spec:
                                     - parameterKey
                                     type: object
                                   type: array
+                                meta:
+                                  description: WorkflowStepMeta contains the meta
+                                    data of a workflow step
+                                  properties:
+                                    alias:
+                                      type: string
+                                  type: object
                                 name:
                                   description: Name is the unique name of the workflow
                                     step.
@@ -2271,6 +2289,13 @@ spec:
                                           - parameterKey
                                           type: object
                                         type: array
+                                      meta:
+                                        description: WorkflowStepMeta contains the
+                                          meta data of a workflow step
+                                        properties:
+                                          alias:
+                                            type: string
+                                        type: object
                                       name:
                                         description: Name is the unique name of the
                                           workflow step.
@@ -2292,6 +2317,8 @@ spec:
                                       properties:
                                         type: object
                                         x-kubernetes-preserve-unknown-fields: true
+                                      timeout:
+                                        type: string
                                       type:
                                         type: string
                                     required:
@@ -2299,6 +2326,8 @@ spec:
                                     - type
                                     type: object
                                   type: array
+                                timeout:
+                                  type: string
                                 type:
                                   type: string
                               required:
@@ -3973,6 +4002,13 @@ spec:
                             - parameterKey
                             type: object
                           type: array
+                        meta:
+                          description: WorkflowStepMeta contains the meta data of
+                            a workflow step
+                          properties:
+                            alias:
+                              type: string
+                          type: object
                         name:
                           description: Name is the unique name of the workflow step.
                           type: string
@@ -4017,6 +4053,13 @@ spec:
                                   - parameterKey
                                   type: object
                                 type: array
+                              meta:
+                                description: WorkflowStepMeta contains the meta data
+                                  of a workflow step
+                                properties:
+                                  alias:
+                                    type: string
+                                type: object
                               name:
                                 description: Name is the unique name of the workflow
                                   step.
@@ -4038,6 +4081,8 @@ spec:
                               properties:
                                 type: object
                                 x-kubernetes-preserve-unknown-fields: true
+                              timeout:
+                                type: string
                               type:
                                 type: string
                             required:
@@ -4045,6 +4090,8 @@ spec:
                             - type
                             type: object
                           type: array
+                        timeout:
+                          type: string
                         type:
                           type: string
                       required:

charts/vela-minimal/crds/core.oam.dev_applications.yaml

@@ -1009,6 +1009,17 @@ spec:
                   order, and each step: - will have a context in annotation. - should
                   mark "finish" phase in status.conditions.'
                 properties:
+                  mode:
+                    description: WorkflowExecuteMode defines the mode of workflow
+                      execution
+                    properties:
+                      steps:
+                        description: WorkflowMode describes the mode of workflow
+                        type: string
+                      subSteps:
+                        description: WorkflowMode describes the mode of workflow
+                        type: string
+                    type: object
                   ref:
                     type: string
                   steps:
@@ -1035,6 +1046,13 @@ spec:
                             - parameterKey
                             type: object
                           type: array
+                        meta:
+                          description: WorkflowStepMeta contains the meta data of
+                            a workflow step
+                          properties:
+                            alias:
+                              type: string
+                          type: object
                         name:
                           description: Name is the unique name of the workflow step.
                           type: string
@@ -1079,6 +1097,13 @@ spec:
                                   - parameterKey
                                   type: object
                                 type: array
+                              meta:
+                                description: WorkflowStepMeta contains the meta data
+                                  of a workflow step
+                                properties:
+                                  alias:
+                                    type: string
+                                type: object
                               name:
                                 description: Name is the unique name of the workflow
                                   step.
@@ -1100,6 +1125,8 @@ spec:
                               properties:
                                 type: object
                                 x-kubernetes-preserve-unknown-fields: true
+                              timeout:
+                                type: string
                               type:
                                 type: string
                             required:
@@ -1107,6 +1134,8 @@ spec:
                             - type
                             type: object
                           type: array
+                        timeout:
+                          type: string
                         type:
                           type: string
                       required:

charts/vela-minimal/templates/defwithtemplate/apply-application-in-parallel.yaml

@@ -6,6 +6,7 @@ metadata:
   annotations:
     definition.oam.dev/description: Apply components of an application in parallel for your workflow steps
   labels:
+    custom.definition.oam.dev/deprecated: "true"
     custom.definition.oam.dev/ui-hidden: "true"
   name: apply-application-in-parallel
   namespace: {{ include "systemDefinitionNamespace" . }}

charts/vela-minimal/templates/defwithtemplate/apply-application.yaml

@@ -4,8 +4,9 @@ apiVersion: core.oam.dev/v1beta1
 kind: WorkflowStepDefinition
 metadata:
   annotations:
-    definition.oam.dev/description: Apply application for your workflow steps
+    definition.oam.dev/description: Apply application for your workflow steps, it has no arguments, should be used for custom steps before or after application applied.
   labels:
+    custom.definition.oam.dev/deprecated: "true"
     custom.definition.oam.dev/ui-hidden: "true"
   name: apply-application
   namespace: {{ include "systemDefinitionNamespace" . }}

charts/vela-minimal/templates/defwithtemplate/apply-object.yaml

@@ -22,9 +22,9 @@ spec:
         	cluster: parameter.cluster
         }
         parameter: {
-        	// +usage=Specify the value of the object
+        	// +usage=Specify Kubernetes native resource object to be applied
         	value: {...}
-        	// +usage=Specify the cluster of the object
+        	// +usage=The cluster you want to apply the resource to, default is the current control plane cluster
         	cluster: *"" | string
         }
 

charts/vela-minimal/templates/defwithtemplate/apply-once.yaml

@@ -0,0 +1,44 @@
+# Code generated by KubeVela templates. DO NOT EDIT. Please edit the original cue file.
+# Definition source cue file: vela-templates/definitions/internal/apply-once.cue
+apiVersion: core.oam.dev/v1beta1
+kind: PolicyDefinition
+metadata:
+  annotations:
+    definition.oam.dev/description: Allow configuration drift for applied resources, delivery the resource without continuously reconciliation.
+  name: apply-once
+  namespace: {{ include "systemDefinitionNamespace" . }}
+spec:
+  schematic:
+    cue:
+      template: |
+        #ApplyOnceStrategy: {
+        	// +usage=Specify the path of the resource that allow configuration drift
+        	path: [...string]
+        }
+        #ApplyOncePolicyRule: {
+        	// +usage=Specify how to select the targets of the rule
+        	selector?: #ResourcePolicyRuleSelector
+        	// +usage=Specify the strategy for configuring the resource level configuration drift behaviour
+        	strategy: #ApplyOnceStrategy
+        }
+        #ResourcePolicyRuleSelector: {
+        	// +usage=Select resources by component names
+        	componentNames?: [...string]
+        	// +usage=Select resources by component types
+        	componentTypes?: [...string]
+        	// +usage=Select resources by oamTypes (COMPONENT or TRAIT)
+        	oamTypes?: [...string]
+        	// +usage=Select resources by trait types
+        	traitTypes?: [...string]
+        	// +usage=Select resources by resource types (like Deployment)
+        	resourceTypes?: [...string]
+        	// +usage=Select resources by their names
+        	resourceNames?: [...string]
+        }
+        parameter: {
+        	// +usage=Whether to enable apply-once for the whole application
+        	enable: *false | bool
+        	// +usage=Specify the rules for configuring apply-once policy in resource level
+        	rules?: [...#ApplyOncePolicyRule]
+        }
+

charts/vela-minimal/templates/defwithtemplate/apply-remaining.yaml

@@ -6,6 +6,7 @@ metadata:
   annotations:
     definition.oam.dev/description: Apply remaining components and traits
   labels:
+    custom.definition.oam.dev/deprecated: "true"
     custom.definition.oam.dev/ui-hidden: "true"
   name: apply-remaining
   namespace: {{ include "systemDefinitionNamespace" . }}

charts/vela-minimal/templates/defwithtemplate/config-image-registry.yaml

@@ -4,13 +4,13 @@ apiVersion: core.oam.dev/v1beta1
 kind: ComponentDefinition
 metadata:
   annotations:
-    custom.definition.oam.dev/alias.config.oam.dev: Image Registry
+    alias.config.oam.dev: Image Registry
     definition.oam.dev/description: Config information to authenticate image registry
   labels:
-    custom.definition.oam.dev/catalog.config.oam.dev: velacore-config
-    custom.definition.oam.dev/multi-cluster.config.oam.dev: "true"
-    custom.definition.oam.dev/type.config.oam.dev: image-registry
+    catalog.config.oam.dev: velacore-config
     custom.definition.oam.dev/ui-hidden: "true"
+    multi-cluster.config.oam.dev: "true"
+    type.config.oam.dev: image-registry
   name: config-image-registry
   namespace: {{ include "systemDefinitionNamespace" . }}
 spec:

charts/vela-minimal/templates/defwithtemplate/daemon.yaml

@@ -0,0 +1,574 @@
+# Code generated by KubeVela templates. DO NOT EDIT. Please edit the original cue file.
+# Definition source cue file: vela-templates/definitions/internal/daemon.cue
+apiVersion: core.oam.dev/v1beta1
+kind: ComponentDefinition
+metadata:
+  annotations:
+    definition.oam.dev/description: Describes daemonset services in Kubernetes.
+  name: daemon
+  namespace: {{ include "systemDefinitionNamespace" . }}
+spec:
+  schematic:
+    cue:
+      template: |
+        import (
+        	"strconv"
+        )
+
+        mountsArray: {
+        	pvc: *[
+        		for v in parameter.volumeMounts.pvc {
+        			{
+        				mountPath: v.mountPath
+        				name:      v.name
+        			}
+        		},
+        	] | []
+
+        	configMap: *[
+        			for v in parameter.volumeMounts.configMap {
+        			{
+        				mountPath: v.mountPath
+        				name:      v.name
+        			}
+        		},
+        	] | []
+
+        	secret: *[
+        		for v in parameter.volumeMounts.secret {
+        			{
+        				mountPath: v.mountPath
+        				name:      v.name
+        			}
+        		},
+        	] | []
+
+        	emptyDir: *[
+        			for v in parameter.volumeMounts.emptyDir {
+        			{
+        				mountPath: v.mountPath
+        				name:      v.name
+        			}
+        		},
+        	] | []
+
+        	hostPath: *[
+        			for v in parameter.volumeMounts.hostPath {
+        			{
+        				mountPath: v.mountPath
+        				if v.mountPropagation != _|_ {
+        					mountPropagation: v.mountPropagation
+        				}
+        				name: v.name
+        				if v.readOnly != _|_ {
+        					readOnly: v.readOnly
+        				}
+        			}
+        		},
+        	] | []
+        }
+        volumesArray: {
+        	pvc: *[
+        		for v in parameter.volumeMounts.pvc {
+        			{
+        				name: v.name
+        				persistentVolumeClaim: claimName: v.claimName
+        			}
+        		},
+        	] | []
+
+        	configMap: *[
+        			for v in parameter.volumeMounts.configMap {
+        			{
+        				name: v.name
+        				configMap: {
+        					defaultMode: v.defaultMode
+        					name:        v.cmName
+        					if v.items != _|_ {
+        						items: v.items
+        					}
+        				}
+        			}
+        		},
+        	] | []
+
+        	secret: *[
+        		for v in parameter.volumeMounts.secret {
+        			{
+        				name: v.name
+        				secret: {
+        					defaultMode: v.defaultMode
+        					secretName:  v.secretName
+        					if v.items != _|_ {
+        						items: v.items
+        					}
+        				}
+        			}
+        		},
+        	] | []
+
+        	emptyDir: *[
+        			for v in parameter.volumeMounts.emptyDir {
+        			{
+        				name: v.name
+        				emptyDir: medium: v.medium
+        			}
+        		},
+        	] | []
+
+        	hostPath: *[
+        			for v in parameter.volumeMounts.hostPath {
+        			{
+        				name: v.name
+        				hostPath: path: v.path
+        			}
+        		},
+        	] | []
+        }
+        output: {
+        	apiVersion: "apps/v1"
+        	kind:       "DaemonSet"
+        	spec: {
+        		selector: matchLabels: "app.oam.dev/component": context.name
+
+        		template: {
+        			metadata: {
+        				labels: {
+        					if parameter.labels != _|_ {
+        						parameter.labels
+        					}
+        					if parameter.addRevisionLabel {
+        						"app.oam.dev/revision": context.revision
+        					}
+        					"app.oam.dev/name":      context.appName
+        					"app.oam.dev/component": context.name
+        				}
+        				if parameter.annotations != _|_ {
+        					annotations: parameter.annotations
+        				}
+        			}
+
+        			spec: {
+        				containers: [{
+        					name:  context.name
+        					image: parameter.image
+        					if parameter["port"] != _|_ && parameter["ports"] == _|_ {
+        						ports: [{
+        							containerPort: parameter.port
+        						}]
+        					}
+        					if parameter["ports"] != _|_ {
+        						ports: [ for v in parameter.ports {
+        							{
+        								containerPort: v.port
+        								protocol:      v.protocol
+        								if v.name != _|_ {
+        									name: v.name
+        								}
+        								if v.name == _|_ {
+        									name: "port-" + strconv.FormatInt(v.port, 10)
+        								}
+        							}}]
+        					}
+
+        					if parameter["imagePullPolicy"] != _|_ {
+        						imagePullPolicy: parameter.imagePullPolicy
+        					}
+
+        					if parameter["cmd"] != _|_ {
+        						command: parameter.cmd
+        					}
+
+        					if parameter["env"] != _|_ {
+        						env: parameter.env
+        					}
+
+        					if context["config"] != _|_ {
+        						env: context.config
+        					}
+
+        					if parameter["cpu"] != _|_ {
+        						resources: {
+        							limits: cpu:   parameter.cpu
+        							requests: cpu: parameter.cpu
+        						}
+        					}
+
+        					if parameter["memory"] != _|_ {
+        						resources: {
+        							limits: memory:   parameter.memory
+        							requests: memory: parameter.memory
+        						}
+        					}
+
+        					if parameter["volumes"] != _|_ && parameter["volumeMounts"] == _|_ {
+        						volumeMounts: [ for v in parameter.volumes {
+        							{
+        								mountPath: v.mountPath
+        								name:      v.name
+        							}}]
+        					}
+
+        					if parameter["volumeMounts"] != _|_ {
+        						volumeMounts: mountsArray.pvc + mountsArray.configMap + mountsArray.secret + mountsArray.emptyDir + mountsArray.hostPath
+        					}
+
+        					if parameter["livenessProbe"] != _|_ {
+        						livenessProbe: parameter.livenessProbe
+        					}
+
+        					if parameter["readinessProbe"] != _|_ {
+        						readinessProbe: parameter.readinessProbe
+        					}
+
+        				}]
+
+        				if parameter["hostAliases"] != _|_ {
+        					// +patchKey=ip
+        					hostAliases: parameter.hostAliases
+        				}
+
+        				if parameter["imagePullSecrets"] != _|_ {
+        					imagePullSecrets: [ for v in parameter.imagePullSecrets {
+        						name: v
+        					},
+        					]
+        				}
+
+        				if parameter["volumes"] != _|_ && parameter["volumeMounts"] == _|_ {
+        					volumes: [ for v in parameter.volumes {
+        						{
+        							name: v.name
+        							if v.type == "pvc" {
+        								persistentVolumeClaim: claimName: v.claimName
+        							}
+        							if v.type == "configMap" {
+        								configMap: {
+        									defaultMode: v.defaultMode
+        									name:        v.cmName
+        									if v.items != _|_ {
+        										items: v.items
+        									}
+        								}
+        							}
+        							if v.type == "secret" {
+        								secret: {
+        									defaultMode: v.defaultMode
+        									secretName:  v.secretName
+        									if v.items != _|_ {
+        										items: v.items
+        									}
+        								}
+        							}
+        							if v.type == "emptyDir" {
+        								emptyDir: medium: v.medium
+        							}
+        						}
+        					}]
+        				}
+
+        				if parameter["volumeMounts"] != _|_ {
+        					volumes: volumesArray.pvc + volumesArray.configMap + volumesArray.secret + volumesArray.emptyDir + volumesArray.hostPath
+        				}
+        			}
+        		}
+        	}
+        }
+        exposePorts: [
+        	for v in parameter.ports if v.expose == true {
+        		port:       v.port
+        		targetPort: v.port
+        		if v.name != _|_ {
+        			name: v.name
+        		}
+        		if v.name == _|_ {
+        			name: "port-" + strconv.FormatInt(v.port, 10)
+        		}
+        	},
+        ]
+        outputs: {
+        	if len(exposePorts) != 0 {
+        		webserviceExpose: {
+        			apiVersion: "v1"
+        			kind:       "Service"
+        			metadata: name: context.name
+        			spec: {
+        				selector: "app.oam.dev/component": context.name
+        				ports: exposePorts
+        				type:  parameter.exposeType
+        			}
+        		}
+        	}
+        }
+        parameter: {
+        	// +usage=Specify the labels in the workload
+        	labels?: [string]: string
+
+        	// +usage=Specify the annotations in the workload
+        	annotations?: [string]: string
+
+        	// +usage=Which image would you like to use for your service
+        	// +short=i
+        	image: string
+
+        	// +usage=Specify image pull policy for your service
+        	imagePullPolicy?: "Always" | "Never" | "IfNotPresent"
+
+        	// +usage=Specify image pull secrets for your service
+        	imagePullSecrets?: [...string]
+
+        	// +ignore
+        	// +usage=Deprecated field, please use ports instead
+        	// +short=p
+        	port?: int
+
+        	// +usage=Which ports do you want customer traffic sent to, defaults to 80
+        	ports?: [...{
+        		// +usage=Number of port to expose on the pod's IP address
+        		port: int
+        		// +usage=Name of the port
+        		name?: string
+        		// +usage=Protocol for port. Must be UDP, TCP, or SCTP
+        		protocol: *"TCP" | "UDP" | "SCTP"
+        		// +usage=Specify if the port should be exposed
+        		expose: *false | bool
+        	}]
+
+        	// +ignore
+        	// +usage=Specify what kind of Service you want. options: "ClusterIP", "NodePort", "LoadBalancer", "ExternalName"
+        	exposeType: *"ClusterIP" | "NodePort" | "LoadBalancer" | "ExternalName"
+
+        	// +ignore
+        	// +usage=If addRevisionLabel is true, the revision label will be added to the underlying pods
+        	addRevisionLabel: *false | bool
+
+        	// +usage=Commands to run in the container
+        	cmd?: [...string]
+
+        	// +usage=Define arguments by using environment variables
+        	env?: [...{
+        		// +usage=Environment variable name
+        		name: string
+        		// +usage=The value of the environment variable
+        		value?: string
+        		// +usage=Specifies a source the value of this var should come from
+        		valueFrom?: {
+        			// +usage=Selects a key of a secret in the pod's namespace
+        			secretKeyRef?: {
+        				// +usage=The name of the secret in the pod's namespace to select from
+        				name: string
+        				// +usage=The key of the secret to select from. Must be a valid secret key
+        				key: string
+        			}
+        			// +usage=Selects a key of a config map in the pod's namespace
+        			configMapKeyRef?: {
+        				// +usage=The name of the config map in the pod's namespace to select from
+        				name: string
+        				// +usage=The key of the config map to select from. Must be a valid secret key
+        				key: string
+        			}
+        		}
+        	}]
+
+        	// +usage=Number of CPU units for the service, like `0.5` (0.5 CPU core), `1` (1 CPU core)
+        	cpu?: string
+
+        	// +usage=Specifies the attributes of the memory resource required for the container.
+        	memory?: string
+
+        	volumeMounts?: {
+        		// +usage=Mount PVC type volume
+        		pvc?: [...{
+        			name:      string
+        			mountPath: string
+        			// +usage=The name of the PVC
+        			claimName: string
+        		}]
+        		// +usage=Mount ConfigMap type volume
+        		configMap?: [...{
+        			name:        string
+        			mountPath:   string
+        			defaultMode: *420 | int
+        			cmName:      string
+        			items?: [...{
+        				key:  string
+        				path: string
+        				mode: *511 | int
+        			}]
+        		}]
+        		// +usage=Mount Secret type volume
+        		secret?: [...{
+        			name:        string
+        			mountPath:   string
+        			defaultMode: *420 | int
+        			secretName:  string
+        			items?: [...{
+        				key:  string
+        				path: string
+        				mode: *511 | int
+        			}]
+        		}]
+        		// +usage=Mount EmptyDir type volume
+        		emptyDir?: [...{
+        			name:      string
+        			mountPath: string
+        			medium:    *"" | "Memory"
+        		}]
+        		// +usage=Mount HostPath type volume
+        		hostPath?: [...{
+        			name:              string
+        			mountPath:         string
+        			mountPropagation?: "None" | "HostToContainer" | "Bidirectional"
+        			path:              string
+        			readOnly?:         bool
+        		}]
+        	}
+
+        	// +usage=Deprecated field, use volumeMounts instead.
+        	volumes?: [...{
+        		name:      string
+        		mountPath: string
+        		// +usage=Specify volume type, options: "pvc","configMap","secret","emptyDir"
+        		type: "pvc" | "configMap" | "secret" | "emptyDir"
+        		if type == "pvc" {
+        			claimName: string
+        		}
+        		if type == "configMap" {
+        			defaultMode: *420 | int
+        			cmName:      string
+        			items?: [...{
+        				key:  string
+        				path: string
+        				mode: *511 | int
+        			}]
+        		}
+        		if type == "secret" {
+        			defaultMode: *420 | int
+        			secretName:  string
+        			items?: [...{
+        				key:  string
+        				path: string
+        				mode: *511 | int
+        			}]
+        		}
+        		if type == "emptyDir" {
+        			medium: *"" | "Memory"
+        		}
+        	}]
+
+        	// +usage=Instructions for assessing whether the container is alive.
+        	livenessProbe?: #HealthProbe
+
+        	// +usage=Instructions for assessing whether the container is in a suitable state to serve traffic.
+        	readinessProbe?: #HealthProbe
+
+        	// +usage=Specify the hostAliases to add
+        	hostAliases?: [...{
+        		ip: string
+        		hostnames: [...string]
+        	}]
+        }
+        #HealthProbe: {
+
+        	// +usage=Instructions for assessing container health by executing a command. Either this attribute or the httpGet attribute or the tcpSocket attribute MUST be specified. This attribute is mutually exclusive with both the httpGet attribute and the tcpSocket attribute.
+        	exec?: {
+        		// +usage=A command to be executed inside the container to assess its health. Each space delimited token of the command is a separate array element. Commands exiting 0 are considered to be successful probes, whilst all other exit codes are considered failures.
+        		command: [...string]
+        	}
+
+        	// +usage=Instructions for assessing container health by executing an HTTP GET request. Either this attribute or the exec attribute or the tcpSocket attribute MUST be specified. This attribute is mutually exclusive with both the exec attribute and the tcpSocket attribute.
+        	httpGet?: {
+        		// +usage=The endpoint, relative to the port, to which the HTTP GET request should be directed.
+        		path: string
+        		// +usage=The TCP socket within the container to which the HTTP GET request should be directed.
+        		port:    int
+        		host?:   string
+        		scheme?: *"HTTP" | string
+        		httpHeaders?: [...{
+        			name:  string
+        			value: string
+        		}]
+        	}
+
+        	// +usage=Instructions for assessing container health by probing a TCP socket. Either this attribute or the exec attribute or the httpGet attribute MUST be specified. This attribute is mutually exclusive with both the exec attribute and the httpGet attribute.
+        	tcpSocket?: {
+        		// +usage=The TCP socket within the container that should be probed to assess container health.
+        		port: int
+        	}
+
+        	// +usage=Number of seconds after the container is started before the first probe is initiated.
+        	initialDelaySeconds: *0 | int
+
+        	// +usage=How often, in seconds, to execute the probe.
+        	periodSeconds: *10 | int
+
+        	// +usage=Number of seconds after which the probe times out.
+        	timeoutSeconds: *1 | int
+
+        	// +usage=Minimum consecutive successes for the probe to be considered successful after having failed.
+        	successThreshold: *1 | int
+
+        	// +usage=Number of consecutive failures required to determine the container is not alive (liveness probe) or not ready (readiness probe).
+        	failureThreshold: *3 | int
+        }
+  status:
+    customStatus: |-
+      ready: {
+      	replicas: *0 | int
+      } & {
+      	if context.output.status.numberReady != _|_ {
+      		replicas: context.output.status.numberReady
+      	}
+      }
+      desired: {
+      	replicas: *0 | int
+      } & {
+      	if context.output.status.desiredNumberScheduled != _|_ {
+      		replicas: context.output.status.desiredNumberScheduled
+      	}
+      }
+      message: "Ready:\(ready.replicas)/\(desired.replicas)"
+    healthPolicy: |-
+      ready: {
+      	replicas: *0 | int
+      } & {
+      	if context.output.status.numberReady != _|_ {
+      		replicas: context.output.status.numberReady
+      	}
+      }
+      desired: {
+      	replicas: *0 | int
+      } & {
+      	if context.output.status.desiredNumberScheduled != _|_ {
+      		replicas: context.output.status.desiredNumberScheduled
+      	}
+      }
+      current: {
+      	replicas: *0 | int
+      } & {
+      	if context.output.status.currentNumberScheduled != _|_ {
+      		replicas: context.output.status.currentNumberScheduled
+      	}
+      }
+      updated: {
+      	replicas: *0 | int
+      } & {
+      	if context.output.status.updatedNumberScheduled != _|_ {
+      		replicas: context.output.status.updatedNumberScheduled
+      	}
+      }
+      generation: {
+      	metadata: context.output.metadata.generation
+      	observed: *0 | int
+      } & {
+      	if context.output.status.observedGeneration != _|_ {
+      		observed: context.output.status.observedGeneration
+      	}
+      }
+      isHealth: (desired.replicas == ready.replicas) && (desired.replicas == updated.replicas) && (desired.replicas == current.replicas) && (generation.observed == generation.metadata || generation.observed > generation.metadata)
+  workload:
+    definition:
+      apiVersion: apps/v1
+      kind: DaemonSet
+    type: daemonsets.apps
+

charts/vela-minimal/templates/defwithtemplate/depends-on-app.yaml

@@ -4,7 +4,7 @@ apiVersion: core.oam.dev/v1beta1
 kind: WorkflowStepDefinition
 metadata:
   annotations:
-    definition.oam.dev/description: check or install depends-on Application
+    definition.oam.dev/description: Wait for the specified Application to complete.
   labels:
     custom.definition.oam.dev/ui-hidden: "true"
   name: depends-on-app

charts/vela-minimal/templates/defwithtemplate/deploy-cloud-resource.yaml

@@ -4,7 +4,7 @@ apiVersion: core.oam.dev/v1beta1
 kind: WorkflowStepDefinition
 metadata:
   annotations:
-    definition.oam.dev/description: Deploy cloud resource and bind secret to clusters
+    definition.oam.dev/description: Deploy cloud resource and deliver secret to multi clusters.
   name: deploy-cloud-resource
   namespace: {{ include "systemDefinitionNamespace" . }}
 spec:

charts/vela-minimal/templates/defwithtemplate/deploy.yaml

@@ -4,7 +4,7 @@ apiVersion: core.oam.dev/v1beta1
 kind: WorkflowStepDefinition
 metadata:
   annotations:
-    definition.oam.dev/description: Deploy components with policies.
+    definition.oam.dev/description: A powerful and unified deploy step for components multi-cluster delivery with policies.
   name: deploy
   namespace: {{ include "systemDefinitionNamespace" . }}
 spec:
@@ -21,9 +21,9 @@ spec:
         	ignoreTerraformComponent: parameter.ignoreTerraformComponent
         }
         parameter: {
-        	//+usage=If set false, the workflow will be suspend before this step.
+        	//+usage=If set to false, the workflow will suspend automatically before this step, default to be true.
         	auto: *true | bool
-        	//+usage=Declare the policies used for this step.
+        	//+usage=Declare the policies that used for this deployment. If not specified, the components will be deployed to the hub cluster.
         	policies?: [...string]
         	//+usage=Maximum number of concurrent delivered components.
         	parallelism: *5 | int

charts/vela-minimal/templates/defwithtemplate/deploy2runtime.yaml

@@ -6,6 +6,7 @@ metadata:
   annotations:
     definition.oam.dev/description: Deploy application to runtime clusters
   labels:
+    custom.definition.oam.dev/deprecated: "true"
     custom.definition.oam.dev/ui-hidden: "true"
   name: deploy2runtime
   namespace: {{ include "systemDefinitionNamespace" . }}

charts/vela-minimal/templates/defwithtemplate/export2config.yaml

@@ -4,7 +4,7 @@ apiVersion: core.oam.dev/v1beta1
 kind: WorkflowStepDefinition
 metadata:
   annotations:
-    definition.oam.dev/description: Export data to config map for your workflow steps
+    definition.oam.dev/description: Export data to specified Kubernetes ConfigMap in your workflow.
   labels:
     custom.definition.oam.dev/ui-hidden: "true"
   name: export2config

charts/vela-minimal/templates/defwithtemplate/export2secret.yaml

@@ -4,7 +4,7 @@ apiVersion: core.oam.dev/v1beta1
 kind: WorkflowStepDefinition
 metadata:
   annotations:
-    definition.oam.dev/description: Export data to secret for your workflow steps
+    definition.oam.dev/description: Export data to Kubernetes Secret in your workflow.
   labels:
     custom.definition.oam.dev/ui-hidden: "true"
   name: export2secret
@@ -46,7 +46,7 @@ spec:
         	type?: string
         	// +usage=Specify the data of secret
         	data: {}
-        	// +usage=Specify the cluster of the config map
+        	// +usage=Specify the cluster of the secret
         	cluster: *"" | string
         }
 

charts/vela-minimal/templates/defwithtemplate/expose.yaml

@@ -14,14 +14,20 @@ spec:
   schematic:
     cue:
       template: |
+        import (
+        	"strconv"
+        )
+
         outputs: service: {
         	apiVersion: "v1"
         	kind:       "Service"
-        	metadata: name: context.name
+        	metadata: name:        context.name
+        	metadata: annotations: parameter.annotations
         	spec: {
         		selector: "app.oam.dev/component": context.name
         		ports: [
         			for p in parameter.port {
+        				name:       "port-" + strconv.FormatInt(p, 10)
         				port:       p
         				targetPort: p
         			},
@@ -32,7 +38,33 @@ spec:
         parameter: {
         	// +usage=Specify the exposion ports
         	port: [...int]
+        	// +usage=Specify the annotaions of the exposed service
+        	annotations: [string]: string
         	// +usage=Specify what kind of Service you want. options: "ClusterIP","NodePort","LoadBalancer","ExternalName"
         	type: *"ClusterIP" | "NodePort" | "LoadBalancer" | "ExternalName"
         }
+  status:
+    customStatus: |-
+      message: *"" | string
+      service: context.outputs.service
+      if service.spec.type == "ClusterIP" {
+      	message: "ClusterIP: \(service.spec.clusterIP)"
+      }
+      if service.spec.type == "LoadBalancer" {
+      	status: service.status
+      	isHealth: status != _|_ && status.loadBalancer != _|_ && status.loadBalancer.ingress != _|_ && len(status.loadBalancer.ingress) > 0
+      	if !isHealth {
+      		message: "ExternalIP: Pending"
+      	}
+      	if isHealth {
+      		message: "ExternalIP: \(status.loadBalancer.ingress[0].ip)"
+      	}
+      }
+    healthPolicy: |-
+      isHealth: *true | bool
+      service: context.outputs.service
+      if service.spec.type == "LoadBalancer" {
+      	status: service.status
+      	isHealth: status != _|_ && status.loadBalancer != _|_ && status.loadBalancer.ingress != _|_ && len(status.loadBalancer.ingress) > 0
+      }
 

charts/vela-minimal/templates/defwithtemplate/garbage-collect.yaml

@@ -0,0 +1,40 @@
+# Code generated by KubeVela templates. DO NOT EDIT. Please edit the original cue file.
+# Definition source cue file: vela-templates/definitions/internal/garbage-collect.cue
+apiVersion: core.oam.dev/v1beta1
+kind: PolicyDefinition
+metadata:
+  annotations:
+    definition.oam.dev/description: Configure the garbage collect behaviour for the application.
+  name: garbage-collect
+  namespace: {{ include "systemDefinitionNamespace" . }}
+spec:
+  schematic:
+    cue:
+      template: |
+        #GarbageCollectPolicyRule: {
+        	// +usage=Specify how to select the targets of the rule
+        	selector: [...#ResourcePolicyRuleSelector]
+        	// +usage=Specify the strategy for target resource to recycle
+        	strategy: *"onAppUpdate" | "onAppDelete" | "never"
+        }
+        #ResourcePolicyRuleSelector: {
+        	// +usage=Select resources by component names
+        	componentNames?: [...string]
+        	// +usage=Select resources by component types
+        	componentTypes?: [...string]
+        	// +usage=Select resources by oamTypes (COMPONENT or TRAIT)
+        	oamTypes?: [...string]
+        	// +usage=Select resources by trait types
+        	traitTypes?: [...string]
+        	// +usage=Select resources by resource types (like Deployment)
+        	resourceTypes?: [...string]
+        	// +usage=Select resources by their names
+        	resourceNames?: [...string]
+        }
+        parameter: {
+        	// +usage=If is set, outdated versioned resourcetracker will not be recycled automatically, outdated resources will be kept until resourcetracker be deleted manually
+        	keepLegacyResource: *false | bool
+        	// +usage=Specify the list of rules to control gc strategy at resource level, if one resource is controlled by multiple rules, first rule will be used
+        	rules?: [...#GarbageCollectPolicyRule]
+        }
+

charts/vela-minimal/templates/defwithtemplate/gateway.yaml

@@ -38,6 +38,9 @@ spec:
         			if !parameter.classInSpec {
         				"kubernetes.io/ingress.class": parameter.class
         			}
+        			if parameter.gatewayHost != _|_ {
+        				"ingress.controller/host": parameter.gatewayHost
+        			}
         		}
         	}
         	spec: {
@@ -84,6 +87,9 @@ spec:
 
         	// +usage=Specify the secret name you want to quote.
         	secretName?: string
+
+        	// +usage=Specify the host of the ingress gateway, which is used to generate the endpoints when the host is empty.
+        	gatewayHost?: string
         }
   status:
     customStatus: |-

charts/vela-minimal/templates/defwithtemplate/notification.yaml

@@ -4,7 +4,7 @@ apiVersion: core.oam.dev/v1beta1
 kind: WorkflowStepDefinition
 metadata:
   annotations:
-    definition.oam.dev/description: Send message to webhook
+    definition.oam.dev/description: Send notifications to Email, DingTalk, Slack, Lark or webhook in your workflow.
   name: notification
   namespace: {{ include "systemDefinitionNamespace" . }}
 spec:
@@ -17,9 +17,11 @@ spec:
         )
 
         parameter: {
+        	// +usage=Please fulfill its url and message if you want to send Lark messages
         	lark?: {
         		// +usage=Specify the the lark url, you can either sepcify it in value or use secretRef
         		url: {
+        			// +usage=the url address content in string
         			value: string
         		} | {
         			secretRef: {
@@ -29,7 +31,7 @@ spec:
         				key: string
         			}
         		}
-        		// +useage=Specify the message that you want to sent
+        		// +usage=Specify the message that you want to sent, refer to [Lark messaging](https://open.feishu.cn/document/ukTMukTMukTM/ucTM5YjL3ETO24yNxkjN#8b0f2a1b).
         		message: {
         			// +usage=msg_type can be text, post, image, interactive, share_chat, share_user, audio, media, file, sticker
         			msg_type: string
@@ -37,10 +39,11 @@ spec:
         			content: string
         		}
         	}
-
+        	// +usage=Please fulfill its url and message if you want to send DingTalk messages
         	dingding?: {
         		// +usage=Specify the the dingding url, you can either sepcify it in value or use secretRef
         		url: {
+        			// +usage=the url address content in string
         			value: string
         		} | {
         			secretRef: {
@@ -50,8 +53,9 @@ spec:
         				key: string
         			}
         		}
-        		// +useage=Specify the message that you want to sent
+        		// +usage=Specify the message that you want to sent, refer to [dingtalk messaging](https://developers.dingtalk.com/document/robots/custom-robot-access/title-72m-8ag-pqw)
         		message: {
+        			// +usage=Specify the message content of dingtalk notification
         			text?: *null | {
         				content: string
         			}
@@ -93,10 +97,11 @@ spec:
         			}
         		}
         	}
-
+        	// +usage=Please fulfill its url and message if you want to send Slack messages
         	slack?: {
         		// +usage=Specify the the slack url, you can either sepcify it in value or use secretRef
         		url: {
+        			// +usage=the url address content in string
         			value: string
         		} | {
         			secretRef: {
@@ -106,8 +111,9 @@ spec:
         				key: string
         			}
         		}
-        		// +useage=Specify the message that you want to sent
+        		// +usage=Specify the message that you want to sent, refer to [slack messaging](https://api.slack.com/reference/messaging/payload)
         		message: {
+        			// +usage=Specify the message text for slack notification
         			text:         string
         			blocks?:      *null | [...block]
         			attachments?: *null | {
@@ -115,10 +121,11 @@ spec:
         				color?:  string
         			}
         			thread_ts?: string
-        			mrkdwn?:    *true | bool
+        			// +usage=Specify the message text format in markdown for slack notification
+        			mrkdwn?: *true | bool
         		}
         	}
-
+        	// +usage=Please fulfill its from, to and content if you want to send email
         	email?: {
         		// +usage=Specify the email info that you want to send from
         		from: {
@@ -128,6 +135,7 @@ spec:
         			alias?: string
         			// +usage=Specify the password of the email, you can either sepcify it in value or use secretRef
         			password: {
+        				// +usage=the password content in string
         				value: string
         			} | {
         				secretRef: {

charts/vela-minimal/templates/defwithtemplate/override.yaml

@@ -4,7 +4,7 @@ apiVersion: core.oam.dev/v1beta1
 kind: PolicyDefinition
 metadata:
   annotations:
-    definition.oam.dev/description: Override configuration when deploying resources
+    definition.oam.dev/description: Describe the configuration to override when deploying resources, it only works with specified `deploy` step in workflow.
   name: override
   namespace: {{ include "systemDefinitionNamespace" . }}
 spec:
@@ -16,11 +16,15 @@ spec:
         	name?: string
         	// +usage=Specify the type of the patch component.
         	type?: string
+        	// +usage=Specify the properties to override.
         	properties?: {...}
+        	// +usage=Specify the traits to override.
         	traits?: [...{
+        		// +usage=Specify the type of the trait to be patched.
         		type: string
+        		// +usage=Specify the properties to override.
         		properties?: {...}
-        		// +usage=Specify if the trait shoued be remove, default false
+        		// +usage=Specify if the trait should be remove, default false
         		disable: *false | bool
         	}]
         }

charts/vela-minimal/templates/defwithtemplate/read-object.yaml

@@ -4,7 +4,7 @@ apiVersion: core.oam.dev/v1beta1
 kind: WorkflowStepDefinition
 metadata:
   annotations:
-    definition.oam.dev/description: Read objects for your workflow steps
+    definition.oam.dev/description: Read Kubernetes objects from cluster for your workflow steps
   labels:
     custom.definition.oam.dev/ui-hidden: "true"
   name: read-object
@@ -50,15 +50,15 @@ spec:
         	}
         }
         parameter: {
-        	// +usage=Specify the apiVersion of the object, defaults to core.oam.dev/v1beta1
+        	// +usage=Specify the apiVersion of the object, defaults to 'core.oam.dev/v1beta1'
         	apiVersion?: string
         	// +usage=Specify the kind of the object, defaults to Application
         	kind?: string
         	// +usage=Specify the name of the object
         	name: string
-        	// +usage=Specify the namespace of the object
-        	namespace?: string
-        	// +usage=Specify the cluster of the object
+        	// +usage=The namespace of the resource you want to read
+        	namespace?: *"default" | string
+        	// +usage=The cluster you want to apply the resource to, default is the current control plane cluster
         	cluster: *"" | string
         }
 

charts/vela-minimal/templates/defwithtemplate/ref-objects.yaml

@@ -28,7 +28,12 @@ spec:
         	labelSelector?: [string]: string
         	...
         }
-        output: parameter.objects[0]
+        output: {
+        	if len(parameter.objects) > 0 {
+        		parameter.objects[0]
+        	}
+        	...
+        }
         outputs: {
         	for i, v in parameter.objects {
         		if i > 0 {

charts/vela-minimal/templates/defwithtemplate/step-group.yaml

@@ -4,7 +4,7 @@ apiVersion: core.oam.dev/v1beta1
 kind: WorkflowStepDefinition
 metadata:
   annotations:
-    definition.oam.dev/description: step group
+    definition.oam.dev/description: A special step that you can declare 'subSteps' in it, 'subSteps' is an array containing any step type whose valid parameters do not include the `step-group` step type itself. The sub steps were executed in parallel.
   labels:
     custom.definition.oam.dev/ui-hidden: "true"
   name: step-group
@@ -13,6 +13,6 @@ spec:
   schematic:
     cue:
       template: |
-        // no parameters
-        parameter: {}
+        // no parameters, the nop only to make the template not empty or it's invalid
+        nop: {}
 

charts/vela-minimal/templates/defwithtemplate/suspend.yaml

@@ -4,7 +4,7 @@ apiVersion: core.oam.dev/v1beta1
 kind: WorkflowStepDefinition
 metadata:
   annotations:
-    definition.oam.dev/description: Suspend your workflow
+    definition.oam.dev/description: Suspend the current workflow, it can be resumed by 'vela workflow resume' command.
   name: suspend
   namespace: {{ include "systemDefinitionNamespace" . }}
 spec:

charts/vela-minimal/templates/defwithtemplate/topology.yaml

@@ -4,7 +4,7 @@ apiVersion: core.oam.dev/v1beta1
 kind: PolicyDefinition
 metadata:
   annotations:
-    definition.oam.dev/description: Determining the destination where components should be deployed to.
+    definition.oam.dev/description: Describe the destination where components should be deployed to.
   name: topology
   namespace: {{ include "systemDefinitionNamespace" . }}
 spec:

charts/vela-minimal/templates/defwithtemplate/webhook.yaml

@@ -4,7 +4,7 @@ apiVersion: core.oam.dev/v1beta1
 kind: WorkflowStepDefinition
 metadata:
   annotations:
-    definition.oam.dev/description: Send webhook request to the url
+    definition.oam.dev/description: Send a request to the specified Webhook URL. If no request body is specified, the current Application body will be sent by default.
   name: webhook
   namespace: {{ include "systemDefinitionNamespace" . }}
 spec:

charts/vela-minimal/templates/defwithtemplate/webservice.yaml

@@ -357,8 +357,8 @@ spec:
         	}]
 
         	// +ignore
-        	// +usage=Specify what kind of Service you want. options: "ClusterIP", "NodePort", "LoadBalancer", "ExternalName"
-        	exposeType: *"ClusterIP" | "NodePort" | "LoadBalancer" | "ExternalName"
+        	// +usage=Specify what kind of Service you want. options: "ClusterIP", "NodePort", "LoadBalancer"
+        	exposeType: *"ClusterIP" | "NodePort" | "LoadBalancer"
 
         	// +ignore
         	// +usage=If addRevisionLabel is true, the revision label will be added to the underlying pods

cmd/core/main.go

@@ -19,7 +19,6 @@ package main
 import (
 	"context"
 	"errors"
-	goflag "flag"
 	"fmt"
 	"io"
 	"net/http"
@@ -37,6 +36,7 @@ import (
 	ctrl "sigs.k8s.io/controller-runtime"
 	"sigs.k8s.io/controller-runtime/pkg/healthz"
 
+	"github.com/oam-dev/kubevela/apis/core.oam.dev/v1beta1"
 	"github.com/oam-dev/kubevela/apis/types"
 	"github.com/oam-dev/kubevela/pkg/auth"
 	ctrlClient "github.com/oam-dev/kubevela/pkg/client"
@@ -47,6 +47,7 @@ import (
 	"github.com/oam-dev/kubevela/pkg/controller/utils"
 	"github.com/oam-dev/kubevela/pkg/cue/packages"
 	_ "github.com/oam-dev/kubevela/pkg/monitor/metrics"
+	"github.com/oam-dev/kubevela/pkg/monitor/watcher"
 	"github.com/oam-dev/kubevela/pkg/multicluster"
 	"github.com/oam-dev/kubevela/pkg/oam"
 	"github.com/oam-dev/kubevela/pkg/oam/discoverymapper"
@@ -55,8 +56,7 @@ import (
 	"github.com/oam-dev/kubevela/pkg/utils/system"
 	"github.com/oam-dev/kubevela/pkg/utils/util"
 	oamwebhook "github.com/oam-dev/kubevela/pkg/webhook/core.oam.dev"
-	"github.com/oam-dev/kubevela/pkg/workflow"
-	"github.com/oam-dev/kubevela/pkg/workflow/tasks/custom"
+	wfTypes "github.com/oam-dev/kubevela/pkg/workflow/types"
 	"github.com/oam-dev/kubevela/version"
 )
 
@@ -139,19 +139,17 @@ func main() {
 	flag.DurationVar(&clusterMetricsInterval, "cluster-metrics-interval", 15*time.Second, "The interval that ClusterMetricsMgr will collect metrics from clusters, default value is 15 seconds.")
 	flag.BoolVar(&controllerArgs.EnableCompatibility, "enable-asi-compatibility", false, "enable compatibility for asi")
 	flag.BoolVar(&controllerArgs.IgnoreAppWithoutControllerRequirement, "ignore-app-without-controller-version", false, "If true, application controller will not process the app without 'app.oam.dev/controller-version-require' annotation")
-	flag.BoolVar(&controllerArgs.IgnoreDefinitionWithoutControllerRequirement, "ignore-definition-without-controller-version", false, "If true, trait/component/workflowstep definition controller will not process the definition without 'definition.oam.dev/controller-version-require' annotation")
 	standardcontroller.AddOptimizeFlags()
 	standardcontroller.AddAdmissionFlags()
 	flag.IntVar(&resourcekeeper.MaxDispatchConcurrent, "max-dispatch-concurrent", 10, "Set the max dispatch concurrent number, default is 10")
-	flag.IntVar(&workflow.MaxWorkflowWaitBackoffTime, "max-workflow-wait-backoff-time", 60, "Set the max workflow wait backoff time, default is 60")
-	flag.IntVar(&workflow.MaxWorkflowFailedBackoffTime, "max-workflow-failed-backoff-time", 300, "Set the max workflow wait backoff time, default is 300")
-	flag.IntVar(&custom.MaxWorkflowStepErrorRetryTimes, "max-workflow-step-error-retry-times", 10, "Set the max workflow step error retry times, default is 10")
+	flag.IntVar(&wfTypes.MaxWorkflowWaitBackoffTime, "max-workflow-wait-backoff-time", 60, "Set the max workflow wait backoff time, default is 60")
+	flag.IntVar(&wfTypes.MaxWorkflowFailedBackoffTime, "max-workflow-failed-backoff-time", 300, "Set the max workflow wait backoff time, default is 300")
+	flag.IntVar(&wfTypes.MaxWorkflowStepErrorRetryTimes, "max-workflow-step-error-retry-times", 10, "Set the max workflow step error retry times, default is 10")
 	utilfeature.DefaultMutableFeatureGate.AddFlag(flag.CommandLine)
 
+	flag.Parse()
 	// setup logging
 	klog.InitFlags(nil)
-	flag.CommandLine.AddGoFlagSet(goflag.CommandLine)
-	flag.Parse()
 	if logDebug {
 		_ = flag.Set("v", strconv.Itoa(int(commonconfig.LogDebug)))
 	}
@@ -326,6 +324,13 @@ func main() {
 	}
 	klog.InfoS("Use storage driver", "storageDriver", os.Getenv(system.StorageDriverEnv))
 
+	klog.Info("Start the vela application monitor")
+	informer, err := mgr.GetCache().GetInformer(context.Background(), &v1beta1.Application{})
+	if err != nil {
+		klog.ErrorS(err, "Unable to get informer for application")
+	}
+	watcher.StartApplicationMetricsWatcher(informer)
+
 	klog.Info("Start the vela controller manager")
 
 	if err := mgr.Start(ctrl.SetupSignalHandler()); err != nil {

design/vela-core/shared-resource.md

@@ -0,0 +1,47 @@
+# Shared Resource
+
+### Background
+
+In KubeVela, by default, application **owns** resources.
+It means that resources create by the application should only be controlled by the application that creates it.
+
+So there are basically two requirements for application creating resources:
+1. The resource must not exist before the application creating it. It exists, there will be a resource conflict error.
+2. The resource is expected to be only manageable through its creator. "Others" should not be able to modify it or edit it.
+
+While dispatching resources, the application will
+1. Check if resource exists. If exists, check its labels. 
+If "app.oam.dev/name" and "app.oam.dev/namespace" equals to the application's name and namespace, it means this resource is previously created by the same application and the dispatching operation now will become an update operation.
+The two labels identify the owner of the resource.
+2. If resource exists, but no label found, then this resource is created before this application. At this time, the application will report a resource conflict error.
+3. If resource exists, and the labels point to another application, then this resource is managed by other applications. At this time, the current application will also report a resource conflict error.
+
+With these checks, different applications cannot manage the same resource. 
+
+### Usage
+
+However, there are scenarios that these two requirements are not met. One of the scenarios is sharing across different Applications.
+For example, each application wants to create a ConfigMap, but their ConfigMaps are the same.
+
+To achieve that, KubeVela application could utilize the `shared-resource` policy to make it possible.
+
+#### create
+
+When one resource is created as sharing resource, one special annotation `app.oam.dev/shared-by` will be added to the resource.
+It will record the "sharer" of the resource in time order. The application that firstly creates the resource will set its owner labels to itself.
+Then it will add itself to the sharer annotation.
+
+#### share
+
+When another application comes and wants to share the resource, it will check if the resource is sharable, aka there is at least one sharer in the sharer annotation.
+If it is sharable, it will add itself to the sharer annotation, but not modify the content of the resource.
+
+#### delete
+
+With this mechanism, only the owner of the resource can modify the resource (including updating and state-keeping). Other sharer can only see that resource.
+When the owner of the resource is gone (application is deleted or do not use this resource anymore), it will give the owner of the application to the next sharer. If no sharer exists, it will finally delete that resource.
+
+See the following figures for details.
+
+![shared-resource-1](./shared-resource-1.png)
+![shared-resource-2](./shared-resource-2.png)

docs/examples/app-with-policy/shared-resource-policy/shared-resource.md

@@ -0,0 +1,91 @@
+## How to share resources across applications
+
+Sometimes, you may want different applications to share the same resource.
+For example, you might have various applications that needs the same namespace to exist.
+In this case, you can use the `shared-resource` policy to declare which resources should be shared.
+
+### Usage
+
+```yaml
+apiVersion: core.oam.dev/v1beta1
+kind: Application
+metadata:
+  name: app1
+spec:
+  components:
+    - name: ns1
+      type: k8s-objects
+      properties:
+        objects:
+          - apiVersion: v1
+            kind: Namespace
+            metadata:
+              name: example
+    - name: cm1
+      type: k8s-objects
+      properties:
+        objects:
+          - apiVersion: v1
+            kind: ConfigMap
+            metadata:
+              name: cm1
+              namespace: example
+            data:
+              key: value1
+  policies:
+    - name: shared-resource
+      type: shared-resource
+      properties:
+        rules:
+          - selector:
+              resourceTypes: ["Namespace"]
+```
+
+```yaml
+apiVersion: core.oam.dev/v1beta1
+kind: Application
+metadata:
+  name: app2
+spec:
+  components:
+    - name: ns2
+      type: k8s-objects
+      properties:
+        objects:
+          - apiVersion: v1
+            kind: Namespace
+            metadata:
+              name: example
+    - name: cm2
+      type: k8s-objects
+      properties:
+        objects:
+          - apiVersion: v1
+            kind: ConfigMap
+            metadata:
+              name: cm2
+              namespace: example
+            data:
+              key: value2
+  policies:
+    - name: shared-resource
+      type: shared-resource
+      properties:
+        rules:
+          - selector:
+              resourceTypes: ["Namespace"]
+```
+
+The above two applications will dispatch the same namespace "example".
+They will create two different ConfigMap inside namespace "example" respectively.
+
+Both application use the `shared-resource` policy and declared the namespace resource as shared.
+In this way, there will be no conflict for creating the same namespace.
+If the `shared-resource` policy is not used, the second application will report error after it finds that the namespace "example" is managed by the first application. 
+
+The namespace will only be recycled when both applications are removed.
+
+### Working Detail
+
+One of the problem for sharing resource is that what will happen if different application holds different configuration for the shared resource.
+In the `shared-resource` policy, all sharers will be recorded by time order. The first sharer will be able to write the resource while other sharers can only read it. After the first sharer is deleted, it will give the control of the resource to the next sharer. If no sharer is handling it, the resource will be finally removed.

docs/examples/config/image-registry/README.md

@@ -2,9 +2,9 @@
 
 ## General
 
-- list all configuration types
+- list all configuration types. Note before vela v1.5, the key is "custom.definition.oam.dev/catalog.config.oam.dev"
 ```shell
-$ vela components --label custom.definition.oam.dev/catalog.config.oam.dev=velacore-config
+$ vela components --label catalog.config.oam.dev=velacore-config
 NAME                  	DEFINITION
 config-dex-connector  	autodetects.core.oam.dev
 config-helm-repository	autodetects.core.oam.dev

docs/examples/terraform/cloud-resource-provision-and-consume/application-oss-deploy-website.yaml

@@ -0,0 +1,38 @@
+apiVersion: core.oam.dev/v1beta1
+kind: Application
+metadata:
+  name: a-static-website
+spec:
+  components:
+    - name: create-bucket
+      type: alibaba-oss-website
+      properties:
+        bucket: oss-website-20220302-2135
+        acl: public-read
+        index_document: index.html
+        error_document: error/index.html
+        writeConnectionSecretToRef:
+          name: oss-website-conn
+      outputs:
+        - name: bucket
+          valueFrom: output.status.apply.outputs.BUCKET_NAME.value
+        - name: endpoint
+          valueFrom: output.status.apply.outputs.EXTERNAL_ENDPOINT.value
+        - name: index_document
+          valueFrom: properties.index_document
+#          valueFrom: output.spec.variable.index_document
+
+    - name: deploy-website
+      type: deploy-website
+      inputs:
+        - from: bucket
+          parameterKey: properties.bucket
+        - from: endpoint
+          parameterKey: properties.endpoint
+        - from: index_document
+          parameterKey: properties.index_document
+      properties:
+        static_web_url: "https://github.com/cloudacademy/static-website-example.git"
+
+
+

docs/examples/terraform/cloud-resource-provision-and-consume/application-rds-data-outputs.yaml

@@ -0,0 +1,44 @@
+apiVersion: core.oam.dev/v1beta1
+kind: Application
+metadata:
+  name: webapp
+spec:
+  components:
+    - name: express-server
+      type: webservice
+      properties:
+        image: zzxwill/flask-web-application:v0.3.1-crossplane
+        ports: 80
+      traits:
+        - type: service-binding
+          properties:
+            envMappings:
+              # environments refer to db-conn secret
+              DB_PASSWORD:
+                secret: db-conn                                   # 1) If the env name is the same as the secret key, secret key can be omitted.
+              endpoint:
+                secret: db-conn
+                key: DB_HOST                                      # 2) If the env name is different from secret key, secret key has to be set.
+              username:
+                secret: db-conn
+                key: DB_USER
+              # environments refer to oss-conn secret
+              BUCKET_NAME:
+                secret: oss-conn
+
+    - name: sample-db
+      type: alibaba-rds
+      properties:
+        instance_name: sample-db
+        account_name: oamtest
+        password: U34rfwefwefffaked
+        writeConnectionSecretToRef:
+          name: db-conn
+
+    - name: sample-oss
+      type: alibaba-oss
+      properties:
+        bucket: vela-website
+        acl: private
+        writeConnectionSecretToRef:
+          name: oss-conn

docs/examples/velaql-views/usage.md

@@ -83,7 +83,7 @@ component-pod-view{appName=demo,appNs=default,cluster=prod,clusterNs=default,nam
 
 #### describe
 
-Query the pods detail infomation
+Query the pods detail information
 
 #### parameter
 

docs/examples/workflow/app-with-if/README.md

@@ -0,0 +1,130 @@
+# Steps with if
+
+Every step can specify a `if`, you can use the `if` to determine whether the step should be executed or not.
+
+## Always
+
+If you want to execute the step no matter what, for example, send a notification after the component is deployed even it's failed, you can use the `if` with the value `always` like:
+
+```yaml
+apiVersion: core.oam.dev/v1beta1
+kind: Application
+metadata:
+  name: if-always-with-err
+  namespace: default
+spec:
+  components:
+  - name: err-component
+    type: k8s-objects
+    properties:
+      objects:
+        - err: "error case"
+  workflow:
+    steps:
+    - name: apply-err-comp
+      type: apply-component
+      properties:
+        component: err-component
+    - name: notification
+      type: notification
+      if: always
+      properties:
+        slack:
+          url:
+            value: <your slack webhook url>
+          message:
+            text: always
+```
+
+## Custom Judgement
+
+You can also write your own judgement logic to determine whether the step should be executed or not, note that the values of `if` will be executed as cue code. We support some built-in variables to use in `if`, they are:
+
+* `status`: in this value, you can get the status of the step for judgement like `status.<step-name>.phase == "succeeded"`, or you can use the simplify way `status.<step-name>.succeeded`.
+* `inputs`: in this value, you can get the inputs of the step for judgement like `inputs.<input-name> == "value"`.
+
+### Status Example
+
+If you want to control the step by the status of another step, you can follow the example:
+
+```yaml
+apiVersion: core.oam.dev/v1beta1
+kind: Application
+metadata:
+  name: if-timeout
+  namespace: default
+spec:
+  components:
+  - name: comp-custom-timeout
+    type: webservice
+    properties:
+      image: crccheck/hello-world
+      port: 8000
+  workflow:
+    steps:
+    - name: suspend
+      timeout: 5s
+      type: suspend
+    - name: suspend2
+      # or `status.suspend.reason == "Timeout"`
+      if: status.suspend.timeout
+      type: suspend
+      timeout: 5s
+    - name: notification-1
+      type: notification
+      if: suspend.timeout
+      properties:
+        slack:
+          url:
+            value: <your slack webhook url>
+          message:
+            text: suspend is timeout
+    - name: notification-2
+      type: notification
+      if: status["notification-1"].succeeded
+      properties:
+        slack:
+          url:
+            value: <your slack webhook url>
+          message:
+            text: notification-1 is succeeded
+```
+
+### Inputs example
+
+If you want to control the step by the inputs of another step, you can follow the example:
+
+```yaml
+apiVersion: core.oam.dev/v1beta1
+kind: Application
+metadata:
+  name: if-input
+  namespace: default
+spec:
+  components:
+  - name: comp-custom-timeout
+    type: webservice
+    properties:
+      image: crccheck/hello-world
+      port: 8000
+  workflow:
+    steps:
+    - name: suspend
+      type: suspend
+      timeout: 5s
+      outputs:
+        - name: test
+          valueFrom: context.name + " message"
+    - name: notification
+      type: notification
+      inputs:
+        - from: test
+          parameterKey: slack.message.text
+      if: inputs.test == "if-input message"
+      properties:
+        slack:
+          url:
+            value: <your slack webhook url>
+          message:
+            text: from input
+```

docs/examples/workflow/app-with-timeout/README.md

@@ -0,0 +1,62 @@
+# Timeout steps
+
+Every step can specify a `timeout`, if the timeout expires and the step has not succeeded, the step will fail with the reason `Timeout`.
+
+Here is an example:
+
+```yaml
+apiVersion: core.oam.dev/v1beta1
+kind: Application
+metadata:
+  name: app-with-timeout
+  namespace: default
+spec:
+  components:
+  - name: comp
+    type: webservice
+    properties:
+      image: crccheck/hello-world
+      port: 8000
+    traits:
+    - type: scaler
+      properties:
+        replicas: 10
+  workflow:
+    steps:
+    - name: apply
+      timeout: 1m
+      type: apply-component
+      properties:
+        component: comp
+    - name: suspend
+      type: suspend
+      timeout: 5s
+```
+
+If the first step is succeeded in the time of `1m`, the second step will be executed. If the second step is not resumed in the time of `5s`, the suspend step will be failed with the reason `Timeout`, and the application will end up with the status of `WorkflowTerminated` like:
+
+```yaml
+status:
+  status: workflowTerminated
+  workflow:
+    ...
+    finished: true
+    message: Terminated
+    mode: StepByStep
+    steps:
+    - firstExecuteTime: "2022-06-22T09:19:42Z"
+      id: gdcwh929ih
+      lastExecuteTime: "2022-06-22T09:20:08Z"
+      name: apply
+      phase: succeeded
+      type: apply-component
+    - firstExecuteTime: "2022-06-22T09:20:08Z"
+      id: rloz8axnju
+      lastExecuteTime: "2022-06-22T09:20:13Z"
+      name: suspend
+      phase: failed
+      reason: Timeout
+      type: suspend
+    suspend: false
+    terminated: true
+```