Feat: revert ci to kind (#6035)

* Feat: revert ci to kind

Signed-off-by: Somefive <yd219913@alibaba-inc.com>

* feat: use internal runner

Signed-off-by: Somefive <yd219913@alibaba-inc.com>

* fix test bug

Signed-off-by: Somefive <yd219913@alibaba-inc.com>

---------

Signed-off-by: Somefive <yd219913@alibaba-inc.com>

.github/CODEOWNERS

@@ -1,39 +1,39 @@
 # This file is a github code protect rule follow the codeowners https://docs.github.com/en/github/creating-cloning-and-archiving-repositories/creating-a-repository-on-github/about-code-owners#example-of-a-codeowners-file
 
-*                                  @barnettZQG @wonderflow @leejanee @Somefive @jefree-cat @FogDong
+*                                  @barnettZQG @wonderflow @leejanee @Somefive @jefree-cat @FogDong @wangyikewxgm @chivalryq
 design/                            @barnettZQG @leejanee @wonderflow @Somefive @jefree-cat @FogDong
 
 # Owner of Core Controllers
-pkg/controller/core.oam.dev       @Somefive @FogDong @barnettZQG @wonderflow
+pkg/controller/core.oam.dev       @Somefive @FogDong @barnettZQG @wonderflow @wangyikewxgm @chivalryq
 
 # Owner of Standard Controllers
-pkg/controller/standard.oam.dev   @wangyikewxgm @barnettZQG @wonderflow
+pkg/controller/standard.oam.dev   @wangyikewxgm @barnettZQG @wonderflow @Somefive
 
 # Owner of CUE
 pkg/cue                            @leejanee @FogDong @Somefive
 pkg/stdlib                         @leejanee @FogDong @Somefive
 
 # Owner of Workflow
-pkg/workflow                       @leejanee @FogDong @Somefive
+pkg/workflow                       @leejanee @FogDong @Somefive @wangyikewxgm @chivalryq
 
 # Owner of rollout
 pkg/controller/common/rollout/     @wangyikewxgm @wonderflow
 runtime/rollout                    @wangyikewxgm @wonderflow
 
 # Owner of vela templates
-vela-templates/                     @Somefive @barnettZQG @wonderflow @FogDong
+vela-templates/                     @Somefive @barnettZQG @wonderflow @FogDong @wangyikewxgm @chivalryq
 
 # Owner of vela CLI
-references/cli/                     @Somefive @zzxwill @StevenLeiZhang @charlie0129 @chivalryq
+references/cli/                     @Somefive @zzxwill @StevenLeiZhang @charlie0129 @wangyikewxgm @chivalryq
 
 # Owner of vela addon framework
 pkg/addon/                         @wangyikewxgm @wonderflow @charlie0129
 
 # Owner of resource keeper and tracker
-pkg/resourcekeeper                 @Somefive @FogDong
-pkg/resourcetracker                @Somefive @FogDong
+pkg/resourcekeeper                 @Somefive @FogDong @chivalryq
+pkg/resourcetracker                @Somefive @FogDong @chivalryq
 
-.github/                           @chivalryq @wonderflow
-makefiles                          @chivalryq @wonderflow
-go.*                               @chivalryq @wonderflow
+.github/                           @chivalryq @wonderflow @Somefive @FogDong @wangyikewxgm
+makefiles                          @chivalryq @wonderflow @Somefive @FogDong @wangyikewxgm
+go.*                               @chivalryq @wonderflow @Somefive @FogDong @wangyikewxgm
 

.github/PULL_REQUEST_TEMPLATE.md

@@ -1,6 +1,8 @@
 
 ### Description of your changes
 
+copilot:all
+
 <!--
 
 Briefly describe what this pull request does. We love pull requests that resolve an open KubeVela issue. If yours does, you

.github/dependabot.yml

@@ -8,10 +8,12 @@ updates:
   - package-ecosystem: "gomod" # See documentation for possible values
     directory: "/" # Location of package manifests
     schedule:
-      interval: "daily"
+      interval: "weekly"
     commit-message:
       prefix: "Chore: "
       include: "scope"
+    ignore:
+      - dependency-name: k8s.io/*
   - package-ecosystem: "github-actions"
     directory: "/"
     schedule:

.github/workflows/back-port.yml

@@ -10,14 +10,14 @@ permissions:
 jobs:
   # align with crossplane's choice https://github.com/crossplane/crossplane/blob/master/.github/workflows/backport.yml
   open-pr:
-    runs-on: ubuntu-20.04
+    runs-on: ubuntu-22.04
     if: github.event.pull_request.merged
     permissions:
       contents: write
       pull-requests: write
     steps:
       - name: Checkout
-        uses: actions/checkout@24cb9080177205b6e8c946b17badbe402adc938f
+        uses: actions/checkout@8e5e7e5ab8b370d6c329ec480221332ada57f0ab
         with:
           fetch-depth: 0
 

.github/workflows/chart.yml

@@ -21,17 +21,15 @@ jobs:
     env:
       HELM_CHARTS_DIR: charts
       HELM_CHART: charts/vela-core
-      MINIMAL_HELM_CHART: charts/vela-minimal
       LEGACY_HELM_CHART: legacy/charts/vela-core-legacy
       VELA_ROLLOUT_HELM_CHART: runtime/rollout/charts
       LOCAL_OSS_DIRECTORY: .oss
       HELM_CHART_NAME: vela-core
-      MINIMAL_HELM_CHART_NAME: vela-minimal
       LEGACY_HELM_CHART_NAME: vela-core-legacy
       VELA_ROLLOUT_HELM_CHART_NAME: vela-rollout
-    runs-on: ubuntu-20.04
+    runs-on: ubuntu-22.04
     steps:
-      - uses: actions/checkout@24cb9080177205b6e8c946b17badbe402adc938f
+      - uses: actions/checkout@8e5e7e5ab8b370d6c329ec480221332ada57f0ab
       - name: Get git revision
         id: vars
         shell: bash
@@ -65,12 +63,10 @@ jobs:
           image_tag=${{ steps.get_version.outputs.VERSION }}
           chart_version=${{ steps.get_version.outputs.VERSION }}
           sed -i "s/latest/${image_tag}/g" $HELM_CHART/values.yaml
-          sed -i "s/latest/${image_tag}/g" $MINIMAL_HELM_CHART/values.yaml
           sed -i "s/latest/${image_tag}/g" $LEGACY_HELM_CHART/values.yaml
           sed -i "s/latest/${image_tag}/g" $VELA_ROLLOUT_HELM_CHART/values.yaml
           chart_smever=${chart_version#"v"}
           sed -i "s/0.1.0/$chart_smever/g" $HELM_CHART/Chart.yaml
-          sed -i "s/0.1.0/$chart_smever/g" $MINIMAL_HELM_CHART/Chart.yaml
           sed -i "s/0.1.0/$chart_smever/g" $LEGACY_HELM_CHART/Chart.yaml
           sed -i "s/0.1.0/$chart_smever/g" $VELA_ROLLOUT_HELM_CHART/Chart.yaml
       - name: Install ossutil
@@ -88,7 +84,6 @@ jobs:
       - name: Package helm charts
         run: |
           helm package $HELM_CHART --destination $LOCAL_OSS_DIRECTORY
-          helm package $MINIMAL_HELM_CHART --destination $LOCAL_OSS_DIRECTORY
           helm package $LEGACY_HELM_CHART --destination $LOCAL_OSS_DIRECTORY
           helm package $VELA_ROLLOUT_HELM_CHART --destination $LOCAL_OSS_DIRECTORY
           helm repo index --url https://$BUCKET.$ENDPOINT/core $LOCAL_OSS_DIRECTORY
@@ -98,6 +93,5 @@ jobs:
           chart_semver=${image_tag#"v"}
           ./ossutil --config-file .ossutilconfig cp -f $LOCAL_OSS_DIRECTORY/index.yaml oss://$BUCKET/core/index.yaml
           ./ossutil --config-file .ossutilconfig cp -f $LOCAL_OSS_DIRECTORY/$HELM_CHART_NAME-${chart_semver}.tgz oss://$BUCKET/core/$HELM_CHART_NAME-${chart_semver}.tgz 
-          ./ossutil --config-file .ossutilconfig cp -f $LOCAL_OSS_DIRECTORY/$MINIMAL_HELM_CHART_NAME-${chart_semver}.tgz oss://$BUCKET/core/$MINIMAL_HELM_CHART_NAME-${chart_semver}.tgz
           ./ossutil --config-file .ossutilconfig cp -f $LOCAL_OSS_DIRECTORY/$LEGACY_HELM_CHART_NAME-${chart_semver}.tgz oss://$BUCKET/core/$LEGACY_HELM_CHART_NAME-${chart_semver}.tgz
           ./ossutil --config-file .ossutilconfig cp -f $LOCAL_OSS_DIRECTORY/$VELA_ROLLOUT_HELM_CHART_NAME-${chart_semver}.tgz oss://$BUCKET/core/$VELA_ROLLOUT_HELM_CHART_NAME-${chart_semver}.tgz

.github/workflows/codeql-analysis.yml

@@ -10,7 +10,7 @@ permissions:
 jobs:
   analyze:
     name: Analyze
-    runs-on: ubuntu-latest
+    runs-on: ubuntu-22.04
 
     permissions:
       actions: read  # for github/codeql-action/init to get workflow details
@@ -23,7 +23,7 @@ jobs:
 
     steps:
       - name: Checkout repository
-        uses: actions/checkout@24cb9080177205b6e8c946b17badbe402adc938f
+        uses: actions/checkout@8e5e7e5ab8b370d6c329ec480221332ada57f0ab
 
       - name: Initialize CodeQL
         uses: github/codeql-action/init@959cbb7472c4d4ad70cdfe6f4976053fe48ab394 # v2.1.37

.github/workflows/commit-lint.yml

@@ -13,7 +13,7 @@ permissions:
 
 jobs:
   check:
-    runs-on: ubuntu-latest
+    runs-on: ubuntu-22.04
     steps:
       - uses: thehanimo/pr-title-checker@v1.3.7
         with:

.github/workflows/core-api-test.yml

@@ -14,10 +14,10 @@ permissions:
 
 jobs:
   core-api-test:
-    runs-on: ubuntu-20.04
+    runs-on: ubuntu-22.04
     steps:
       - name: Set up Go 1.19
-        uses: actions/setup-go@4d34df0c2316fe8122ab82dc22947d607c0c91f9
+        uses: actions/setup-go@fac708d6674e30b6ba41289acaab6d4b75aa0753
         env:
           GO_VERSION: '1.19'
         with:
@@ -25,7 +25,7 @@ jobs:
         id: go
 
       - name: Check out code into the Go module directory
-        uses: actions/checkout@24cb9080177205b6e8c946b17badbe402adc938f
+        uses: actions/checkout@8e5e7e5ab8b370d6c329ec480221332ada57f0ab
 
       - name: Get the version
         id: get_version

.github/workflows/definition-lint.yml

@@ -20,23 +20,22 @@ env:
 
 jobs:
   definition-doc:
-    runs-on: ubuntu-latest
+    runs-on: ubuntu-22.04
     steps:
       - name: Setup Go
-        uses: actions/setup-go@4d34df0c2316fe8122ab82dc22947d607c0c91f9
+        uses: actions/setup-go@fac708d6674e30b6ba41289acaab6d4b75aa0753
         with:
           go-version: ${{ env.GO_VERSION }}
 
       - name: Checkout
-        uses: actions/checkout@24cb9080177205b6e8c946b17badbe402adc938f
+        uses: actions/checkout@8e5e7e5ab8b370d6c329ec480221332ada57f0ab
         with:
           submodules: true
 
-      - name: Setup K3d
-        uses: nolar/setup-k3d-k3s@293b8e5822a20bc0d5bcdd4826f1a665e72aba96
-        with:
-          version: v1.20
-          github-token: ${{ secrets.GITHUB_TOKEN }}
+      - uses: Setup KinD
+        run: |
+          go install sigs.k8s.io/kind@v0.19.0
+          kind create cluster
 
       - name: Definition Doc generate check
         run: |

.github/workflows/e2e-multicluster-test.yml

@@ -25,7 +25,7 @@ jobs:
   detect-noop:
     permissions:
       actions: write
-    runs-on: ubuntu-20.04
+    runs-on: ubuntu-22.04
     outputs:
       noop: ${{ steps.noop.outputs.should_skip }}
     steps:
@@ -39,23 +39,29 @@ jobs:
         continue-on-error: true
 
   e2e-multi-cluster-tests:
-    runs-on: aliyun
+    runs-on: self-hosted
     needs: [ detect-noop ]
     if: needs.detect-noop.outputs.noop != 'true'
     strategy:
       matrix:
-        k8s-version: ["v1.20","v1.24"]
+        k8s-version: ["v1.26"]
     concurrency:
       group: ${{ github.workflow }}-${{ github.ref }}-${{ matrix.k8s-version }}
       cancel-in-progress: true
 
-
     steps:
       - name: Check out code into the Go module directory
-        uses: actions/checkout@24cb9080177205b6e8c946b17badbe402adc938f
+        uses: actions/checkout@8e5e7e5ab8b370d6c329ec480221332ada57f0ab
+
+      - name: Install tools
+        run: |
+          sudo apt-get update
+          sudo apt-get install make gcc jq ca-certificates curl gnupg -y
+          sudo snap install kubectl --classic
+          sudo snap install helm --classic
 
       - name: Setup Go
-        uses: actions/setup-go@4d34df0c2316fe8122ab82dc22947d607c0c91f9
+        uses: actions/setup-go@fac708d6674e30b6ba41289acaab6d4b75aa0753
         with:
           go-version: ${{ env.GO_VERSION }}
 
@@ -63,50 +69,25 @@ jobs:
         run: |
           go get -v -t -d ./...
 
-      - name: Tear down K3d if exist
+      - name: Setup KinD
         run: |
-          k3d cluster delete || true
-          k3d cluster delete worker || true
+          go install sigs.k8s.io/kind@v0.19.0
+          kind delete cluster --name worker || true
+          kind create cluster --name worker --image=kindest/node:v1.26.4
+          kind export kubeconfig --internal --name worker --kubeconfig /tmp/worker.kubeconfig
+          kind delete cluster || true
+          kind create cluster --image=kindest/node:v1.26.4
 
-      - name: Calculate K3d args
+      - name: Load image
         run: |
-          EGRESS_ARG=""
-          if [[ "${{ matrix.k8s-version }}" == v1.24 ]]; then
-            EGRESS_ARG="--k3s-arg --egress-selector-mode=disabled@server:0"
-          fi
-          echo "EGRESS_ARG=${EGRESS_ARG}" >> $GITHUB_ENV 
-
-      - name: Setup K3d (Hub)
-        uses: nolar/setup-k3d-k3s@293b8e5822a20bc0d5bcdd4826f1a665e72aba96
-        with:
-          version: ${{ matrix.k8s-version }}
-          github-token: ${{ secrets.GITHUB_TOKEN }}
-          k3d-args: ${{ env.EGRESS_ARG }}
-
-      - name: Setup K3d (Worker)
-        uses: nolar/setup-k3d-k3s@293b8e5822a20bc0d5bcdd4826f1a665e72aba96
-        with:
-          version: ${{ matrix.k8s-version }}
-          github-token: ${{ secrets.GITHUB_TOKEN }}
-          k3d-name: worker
-          k3d-args: --kubeconfig-update-default=false --network=k3d-k3s-default ${{ env.EGRESS_ARG }}
-
-      - name: Generating internal worker kubeconfig
-        run: |
-          internal_ip=$(docker network inspect k3d-k3s-default|jq ".[0].Containers"| jq -r '.[]| select(.Name=="k3d-worker-server-0")|.IPv4Address' | cut -d/ -f1)
-          k3d kubeconfig get worker > /tmp/worker.client.kubeconfig
-          cp /tmp/worker.client.kubeconfig /tmp/worker.kubeconfig
-          sed -i "s/0.0.0.0:[0-9]\+/$internal_ip:6443/"  /tmp/worker.kubeconfig
-
-      - name: Load image to k3d cluster (hub and worker)
-        run: make image-load image-load-runtime-cluster
+          mkdir -p $HOME/tmp/ 
+          TMPDIR=$HOME/tmp/ make image-load
 
       - name: Cleanup for e2e tests
         run: |
           make vela-cli
           make e2e-cleanup
           make e2e-setup-core-auth
-          make setup-runtime-e2e-cluster
 
       - name: Run e2e multicluster tests
         run: |
@@ -118,7 +99,7 @@ jobs:
           make end-e2e-core-shards
 
       - name: Upload coverage report
-        uses: codecov/codecov-action@d9f34f8cd5cb3b3eb79b3e4b5dae3a16df499a70
+        uses: codecov/codecov-action@eaaf4bedf32dbdc6b720b63067d99c4d77d6047d
         with:
           token: ${{ secrets.CODECOV_TOKEN }}
           files: /tmp/e2e-profile.out,/tmp/e2e_multicluster_test.out
@@ -130,4 +111,6 @@ jobs:
 
       - name: Cleanup image
         if: ${{ always() }}
-        run: make image-cleanup
+        run: |
+          make image-cleanup
+          docker image prune -f --filter "until=24h"

.github/workflows/e2e-rollout-test.yml

@@ -1,17 +1,17 @@
 name: E2E Rollout Test
 
 on:
-  push:
-    branches:
-      - master
-      - release-*
-    tags:
-      - v*
+#  push:
+#    branches:
+#      - master
+#      - release-*
+#    tags:
+#      - v*
   workflow_dispatch: {}
-  pull_request:
-    branches:
-      - master
-      - release-*
+#  pull_request:
+#    branches:
+#      - master
+#      - release-*
 
 permissions:
   contents: read
@@ -25,7 +25,7 @@ jobs:
   detect-noop:
     permissions:
       actions: write
-    runs-on: ubuntu-20.04
+    runs-on: ubuntu-22.04
     outputs:
       noop: ${{ steps.noop.outputs.should_skip }}
     steps:
@@ -39,12 +39,12 @@ jobs:
         continue-on-error: true
 
   e2e-rollout-tests:
-    runs-on: aliyun
+    runs-on: self-hosted
     needs: [ detect-noop ]
     if: needs.detect-noop.outputs.noop != 'true'
     strategy:
       matrix:
-        k8s-version: ["v1.20","v1.24"]
+        k8s-version: ["v1.26"]
     concurrency:
       group: ${{ github.workflow }}-${{ github.ref }}-${{ matrix.k8s-version }}
       cancel-in-progress: true
@@ -52,10 +52,10 @@ jobs:
 
     steps:
       - name: Check out code into the Go module directory
-        uses: actions/checkout@24cb9080177205b6e8c946b17badbe402adc938f
+        uses: actions/checkout@8e5e7e5ab8b370d6c329ec480221332ada57f0ab
 
       - name: Setup Go
-        uses: actions/setup-go@4d34df0c2316fe8122ab82dc22947d607c0c91f9
+        uses: actions/setup-go@fac708d6674e30b6ba41289acaab6d4b75aa0753
         with:
           go-version: ${{ env.GO_VERSION }}
 
@@ -63,6 +63,11 @@ jobs:
         run: |
           go get -v -t -d ./...
 
+      - name: Get Ginkgo
+        run: |
+          go install github.com/onsi/ginkgo/v2/ginkgo
+          go get github.com/onsi/gomega/...
+
       - name: Tear down K3d if exist
         run: |
           k3d cluster delete || true
@@ -71,7 +76,7 @@ jobs:
       - name: Calculate K3d args
         run: |
           EGRESS_ARG=""
-          if [[ "${{ matrix.k8s-version }}" == v1.24 ]]; then
+          if [[ "${{ matrix.k8s-version }}" == v1.26 ]]; then
             EGRESS_ARG="--k3s-arg --egress-selector-mode=disabled@server:0"
           fi
           echo "EGRESS_ARG=${EGRESS_ARG}" >> $GITHUB_ENV 
@@ -101,7 +106,7 @@ jobs:
         run: make end-e2e
 
       - name: Upload coverage report
-        uses: codecov/codecov-action@d9f34f8cd5cb3b3eb79b3e4b5dae3a16df499a70
+        uses: codecov/codecov-action@eaaf4bedf32dbdc6b720b63067d99c4d77d6047d
         with:
           token: ${{ secrets.CODECOV_TOKEN }}
           files: /tmp/e2e-profile.out
@@ -113,4 +118,7 @@ jobs:
 
       - name: Cleanup image
         if: ${{ always() }}
-        run: make image-cleanup
+        run: |
+          make image-cleanup
+          docker image prune -a -f --filter "until=24h"
+

.github/workflows/e2e-test.yml

@@ -25,7 +25,7 @@ jobs:
   detect-noop:
     permissions:
       actions: write
-    runs-on: ubuntu-20.04
+    runs-on: ubuntu-22.04
     outputs:
       noop: ${{ steps.noop.outputs.should_skip }}
     steps:
@@ -39,23 +39,29 @@ jobs:
         continue-on-error: true
 
   e2e-tests:
-    runs-on: aliyun
+    runs-on: self-hosted
     needs: [ detect-noop ]
     if: needs.detect-noop.outputs.noop != 'true'
     strategy:
       matrix:
-        k8s-version: ["v1.20","v1.24"]
+        k8s-version: ["v1.26"]
     concurrency:
       group: ${{ github.workflow }}-${{ github.ref }}-${{ matrix.k8s-version }}
       cancel-in-progress: true
 
-
     steps:
       - name: Check out code into the Go module directory
-        uses: actions/checkout@24cb9080177205b6e8c946b17badbe402adc938f
+        uses: actions/checkout@8e5e7e5ab8b370d6c329ec480221332ada57f0ab
+
+      - name: Install tools
+        run: |
+          sudo apt-get update
+          sudo apt-get install make gcc jq ca-certificates curl gnupg -y
+          sudo snap install kubectl --classic
+          sudo snap install helm --classic
 
       - name: Setup Go
-        uses: actions/setup-go@4d34df0c2316fe8122ab82dc22947d607c0c91f9
+        uses: actions/setup-go@fac708d6674e30b6ba41289acaab6d4b75aa0753
         with:
           go-version: ${{ env.GO_VERSION }}
 
@@ -63,28 +69,27 @@ jobs:
         run: |
           go get -v -t -d ./...
 
-      - name: Tear down K3d if exist
+      - name: Setup KinD
         run: |
-          k3d cluster delete || true
-          k3d cluster delete worker || true
+          go install sigs.k8s.io/kind@v0.19.0
+          kind delete cluster || true
+          kind create cluster
 
-      - name: Calculate K3d args
+      - name: Get Ginkgo
         run: |
-          EGRESS_ARG=""
-          if [[ "${{ matrix.k8s-version }}" == v1.24 ]]; then
-            EGRESS_ARG="--k3s-arg --egress-selector-mode=disabled@server:0"
-          fi
-          echo "EGRESS_ARG=${EGRESS_ARG}" >> $GITHUB_ENV 
+          go install github.com/onsi/ginkgo/v2/ginkgo
+          go get github.com/onsi/gomega/...
 
-      - name: Setup K3d
-        uses: nolar/setup-k3d-k3s@293b8e5822a20bc0d5bcdd4826f1a665e72aba96
-        with:
-          version: ${{ matrix.k8s-version }}
-          github-token: ${{ secrets.GITHUB_TOKEN }}
-          k3d-args: ${{ env.EGRESS_ARG }}
+      - name: Setup KinD
+        run: |
+          go install sigs.k8s.io/kind@v0.19.0
+          kind delete cluster --name kind || true
+          kind create cluster --name kind --image=kindest/node:v1.26.4
 
-      - name: Load image to k3d cluster
-        run: make image-load
+      - name: Load image
+        run: |
+          mkdir -p $HOME/tmp/
+          TMPDIR=$HOME/tmp/ make image-load
 
       - name: Run Make
         run: make
@@ -108,7 +113,7 @@ jobs:
         run: make end-e2e
 
       - name: Upload coverage report
-        uses: codecov/codecov-action@d9f34f8cd5cb3b3eb79b3e4b5dae3a16df499a70
+        uses: codecov/codecov-action@eaaf4bedf32dbdc6b720b63067d99c4d77d6047d
         with:
           token: ${{ secrets.CODECOV_TOKEN }}
           files: /tmp/e2e-profile.out
@@ -120,4 +125,6 @@ jobs:
 
       - name: Cleanup image
         if: ${{ always() }}
-        run: make image-cleanup
+        run: |
+          make image-cleanup
+          docker image prune -f --filter "until=24h"

.github/workflows/go.yml

@@ -22,7 +22,7 @@ env:
 jobs:
 
   detect-noop:
-    runs-on: ubuntu-20.04
+    runs-on: ubuntu-22.04
     outputs:
       noop: ${{ steps.noop.outputs.should_skip }}
     permissions:
@@ -38,18 +38,18 @@ jobs:
         continue-on-error: true
 
   staticcheck:
-    runs-on: ubuntu-20.04
+    runs-on: ubuntu-22.04
     needs: detect-noop
     if: needs.detect-noop.outputs.noop != 'true'
 
     steps:
       - name: Setup Go
-        uses: actions/setup-go@4d34df0c2316fe8122ab82dc22947d607c0c91f9
+        uses: actions/setup-go@fac708d6674e30b6ba41289acaab6d4b75aa0753
         with:
           go-version: ${{ env.GO_VERSION }}
 
       - name: Checkout
-        uses: actions/checkout@24cb9080177205b6e8c946b17badbe402adc938f
+        uses: actions/checkout@8e5e7e5ab8b370d6c329ec480221332ada57f0ab
         with:
           submodules: true
 
@@ -60,7 +60,7 @@ jobs:
         run: make check-license-header
 
   lint:
-    runs-on: ubuntu-20.04
+    runs-on: ubuntu-22.04
     needs: detect-noop
     if: needs.detect-noop.outputs.noop != 'true'
     permissions:
@@ -69,12 +69,12 @@ jobs:
 
     steps:
       - name: Setup Go
-        uses: actions/setup-go@4d34df0c2316fe8122ab82dc22947d607c0c91f9
+        uses: actions/setup-go@fac708d6674e30b6ba41289acaab6d4b75aa0753
         with:
           go-version: ${{ env.GO_VERSION }}
 
       - name: Checkout
-        uses: actions/checkout@24cb9080177205b6e8c946b17badbe402adc938f
+        uses: actions/checkout@8e5e7e5ab8b370d6c329ec480221332ada57f0ab
         with:
           submodules: true
 
@@ -88,18 +88,18 @@ jobs:
           version: ${{ env.GOLANGCI_VERSION }}
 
   check-diff:
-    runs-on: aliyun
+    runs-on: ubuntu-22.04
     needs: detect-noop
     if: needs.detect-noop.outputs.noop != 'true'
 
     steps:
       - name: Checkout
-        uses: actions/checkout@24cb9080177205b6e8c946b17badbe402adc938f
+        uses: actions/checkout@8e5e7e5ab8b370d6c329ec480221332ada57f0ab
         with:
           submodules: true
 
       - name: Setup Go
-        uses: actions/setup-go@4d34df0c2316fe8122ab82dc22947d607c0c91f9
+        uses: actions/setup-go@fac708d6674e30b6ba41289acaab6d4b75aa0753
         with:
           go-version: ${{ env.GO_VERSION }}
 
@@ -115,6 +115,12 @@ jobs:
           key: ${{ runner.os }}-pkg-${{ hashFiles('**/go.sum') }}
           restore-keys: ${{ runner.os }}-pkg-
 
+      - name: Setup KinD
+        run: |
+          go install sigs.k8s.io/kind@v0.19.0
+          kind delete cluster --name kind || true
+          kind create cluster --name kind --image=kindest/node:v1.26.4 --kubeconfig ~/.kube/config
+
       - name: Run cross-build
         run: make cross-build
 
@@ -133,12 +139,12 @@ jobs:
 
     steps:
       - name: Checkout
-        uses: actions/checkout@24cb9080177205b6e8c946b17badbe402adc938f
+        uses: actions/checkout@8e5e7e5ab8b370d6c329ec480221332ada57f0ab
         with:
           submodules: true
 
       - name: Setup Go
-        uses: actions/setup-go@4d34df0c2316fe8122ab82dc22947d607c0c91f9
+        uses: actions/setup-go@fac708d6674e30b6ba41289acaab6d4b75aa0753
         with:
           go-version: ${{ env.GO_VERSION }}
 
@@ -159,12 +165,12 @@ jobs:
           .\bin\vela.exe version
 
   check-core-image-build:
-    runs-on: ubuntu-latest
+    runs-on: ubuntu-22.04
     needs: detect-noop
     if: needs.detect-noop.outputs.noop != 'true'
     steps:
       - name: Checkout
-        uses: actions/checkout@24cb9080177205b6e8c946b17badbe402adc938f
+        uses: actions/checkout@8e5e7e5ab8b370d6c329ec480221332ada57f0ab
         with:
           submodules: true
       - name: Set up QEMU
@@ -179,12 +185,12 @@ jobs:
           platforms: linux/amd64,linux/arm64
 
   check-cli-image-build:
-    runs-on: ubuntu-latest
+    runs-on: ubuntu-22.04
     needs: detect-noop
     if: needs.detect-noop.outputs.noop != 'true'
     steps:
       - name: Checkout
-        uses: actions/checkout@24cb9080177205b6e8c946b17badbe402adc938f
+        uses: actions/checkout@8e5e7e5ab8b370d6c329ec480221332ada57f0ab
         with:
           submodules: true
       - name: Set up QEMU

.github/workflows/issue-commands.yml

@@ -1,4 +1,4 @@
-name: Run commands when issues are labeled or comments added
+name: Run commands for issues and pull requetss
 on:
   issues:
     types: [labeled, opened]
@@ -10,10 +10,10 @@ permissions:
 
 jobs:
   bot:
-    runs-on: ubuntu-20.04
+    runs-on: ubuntu-22.04
     steps:
       - name: Checkout Actions
-        uses: actions/checkout@24cb9080177205b6e8c946b17badbe402adc938f
+        uses: actions/checkout@8e5e7e5ab8b370d6c329ec480221332ada57f0ab
         with:
           repository: "oam-dev/kubevela-github-actions"
           path: ./actions
@@ -51,7 +51,7 @@ jobs:
           allow-edits: "false"
           permission-level: read
       - name: Handle Command
-        uses: actions/github-script@98814c53be79b1d30f795b907e553d8679345975
+        uses: actions/github-script@d7906e4ad0b1822421a7e6a35d5ca353c962f410
         env:
           VERSION: ${{ steps.command.outputs.command-arguments }}
         with:
@@ -72,7 +72,7 @@ jobs:
             })
             console.log("Added '" + label + "' label.")
       - name: Checkout
-        uses: actions/checkout@24cb9080177205b6e8c946b17badbe402adc938f
+        uses: actions/checkout@8e5e7e5ab8b370d6c329ec480221332ada57f0ab
         with:
           fetch-depth: 0
       - name: Open Backport PR
@@ -80,3 +80,61 @@ jobs:
         with:
           github_token: ${{ secrets.GITHUB_TOKEN }}
           github_workspace: ${{ github.workspace }}
+
+  retest:
+    runs-on: ubuntu-22.04
+    if: github.event.issue.pull_request && contains(github.event.comment.body, '/retest')
+    permissions:
+      actions: write
+      contents: write
+      pull-requests: write
+      issues: write
+    steps:
+      - name: Retest the current pull request
+        uses: actions/github-script@d7906e4ad0b1822421a7e6a35d5ca353c962f410
+        env:
+          PULL_REQUEST_ID: ${{ github.event.issue.number }}
+          COMMENT_ID: ${{ github.event.comment.id }}
+          COMMENT_BODY: ${{ github.event.comment.body }}
+        with:
+          github-token: ${{ secrets.GITHUB_TOKEN }}
+          script: |
+            const pull_request_id = process.env.PULL_REQUEST_ID
+            const comment_id = process.env.COMMENT_ID
+            const comment_body = process.env.COMMENT_BODY
+            console.log("retest pr: #" + pull_request_id + " comment: " + comment_body)
+            const {data: pr} = await github.rest.pulls.get({
+              owner: context.repo.owner,
+              repo: context.repo.repo,
+              pull_number: pull_request_id,
+            })
+            console.log("pr: " + JSON.stringify(pr))
+            const action = comment_body.split(" ")[0]
+            let workflow_ids = comment_body.split(" ").slice(1).filter(line => line.length > 0).map(line => line + ".yml")
+            if (workflow_ids.length == 0) workflow_ids = ["go.yml", "unit-test.yml", "e2e-test.yml", "e2e-multicluster-test.yml"]
+            for (let i = 0; i < workflow_ids.length; i++) {
+              const workflow_id = workflow_ids[i]
+              const {data: runs} = await github.rest.actions.listWorkflowRuns({
+                owner: context.repo.owner,
+                repo: context.repo.repo,
+                workflow_id: workflow_id,
+                head_sha: pr.head.sha,
+              })
+              console.log("runs for " + workflow_id + ": ", JSON.stringify(runs))
+              runs.workflow_runs.forEach((workflow_run) => {
+                if (workflow_run.status === "in_progress") return
+                let handler = github.rest.actions.reRunWorkflow
+                if (action === "/retest-failed") handler = github.rest.actions.reRunWorkflowFailedJobs
+                handler({
+                  owner: context.repo.owner,
+                  repo: context.repo.repo,
+                  run_id: workflow_run.id
+                })
+              })
+            }
+            github.rest.reactions.createForIssueComment({
+              owner: context.repo.owner,
+              repo: context.repo.repo,
+              comment_id: comment_id,
+              content: "eyes",
+            });

.github/workflows/license.yml

@@ -15,10 +15,10 @@ permissions:
 
 jobs:
   license_check:
-    runs-on: ubuntu-latest
+    runs-on: ubuntu-22.04
     name: Check for unapproved licenses
     steps:
-      - uses: actions/checkout@24cb9080177205b6e8c946b17badbe402adc938f
+      - uses: actions/checkout@8e5e7e5ab8b370d6c329ec480221332ada57f0ab
       - name: Set up Ruby
         uses: ruby/setup-ruby@v1
         with:

.github/workflows/registry.yml

@@ -18,9 +18,9 @@ jobs:
   publish-core-images:
     permissions:
       packages: write
-    runs-on: ubuntu-latest
+    runs-on: ubuntu-22.04
     steps:
-      - uses: actions/checkout@24cb9080177205b6e8c946b17badbe402adc938f
+      - uses: actions/checkout@8e5e7e5ab8b370d6c329ec480221332ada57f0ab
       - name: Get the version
         id: get_version
         run: |
@@ -98,9 +98,9 @@ jobs:
   publish-addon-images:
     permissions:
       packages: write
-    runs-on: ubuntu-latest
+    runs-on: ubuntu-22.04
     steps:
-      - uses: actions/checkout@24cb9080177205b6e8c946b17badbe402adc938f
+      - uses: actions/checkout@8e5e7e5ab8b370d6c329ec480221332ada57f0ab
       - name: Get the version
         id: get_version
         run: |
@@ -161,9 +161,9 @@ jobs:
       CAPABILITY_BUCKET: kubevela-registry
       CAPABILITY_DIR: capabilities
       CAPABILITY_ENDPOINT: oss-cn-beijing.aliyuncs.com
-    runs-on: ubuntu-20.04
+    runs-on: ubuntu-22.04
     steps:
-      - uses: actions/checkout@24cb9080177205b6e8c946b17badbe402adc938f
+      - uses: actions/checkout@8e5e7e5ab8b370d6c329ec480221332ada57f0ab
       - name: Install ossutil
         run: wget http://gosspublic.alicdn.com/ossutil/1.7.0/ossutil64 && chmod +x ossutil64 && mv ossutil64 ossutil
       - name: Configure Alibaba Cloud OSSUTIL

.github/workflows/release.yml

@@ -26,16 +26,16 @@ jobs:
       pull-requests: read
       repository-projects: read
       statuses: read
-    runs-on: ubuntu-latest
+    runs-on: ubuntu-22.04
     name: goreleaser
     steps:
       - name: Checkout
-        uses: actions/checkout@24cb9080177205b6e8c946b17badbe402adc938f
+        uses: actions/checkout@8e5e7e5ab8b370d6c329ec480221332ada57f0ab
         with:
           fetch-depth: 0
       - run: git fetch --force --tags
       - name: Set up Go
-        uses: actions/setup-go@4d34df0c2316fe8122ab82dc22947d607c0c91f9
+        uses: actions/setup-go@fac708d6674e30b6ba41289acaab6d4b75aa0753
         with:
           go-version: 1.19
           cache: true
@@ -78,16 +78,16 @@ jobs:
       repository-projects: read
       statuses: read
     needs: build
-    runs-on: ubuntu-latest
+    runs-on: ubuntu-22.04
     if: ${{ !contains(github.ref, 'alpha') && !contains(github.ref, 'beta') && !contains(github.ref, 'rc') }}
     name: upload-sha256sums
     steps:
       - name: Checkout
-        uses: actions/checkout@24cb9080177205b6e8c946b17badbe402adc938f
+        uses: actions/checkout@8e5e7e5ab8b370d6c329ec480221332ada57f0ab
       - name: Update kubectl plugin version in krew-index
-        uses: rajatjindal/krew-release-bot@92da038bbf995803124a8e50ebd438b2f37bbbb0 # v0.0.43
+        uses: rajatjindal/krew-release-bot@df3eb197549e3568be8b4767eec31c5e8e8e6ad8 # v0.0.46
       - name: Update Homebrew formula
-        uses: dawidd6/action-homebrew-bump-formula@e9b43cd30eec6ea80777e7e22e1526beb1675c18 # v3.9.0
+        uses: dawidd6/action-homebrew-bump-formula@d3667e5ae14df19579e4414897498e3e88f2f458 # v3.10.0
         with:
           token: ${{ secrets.HOMEBREW_TOKEN }}
           formula: kubevela

.github/workflows/scorecards.yml

@@ -12,7 +12,7 @@ permissions: read-all
 jobs:
   analysis:
     name: Scorecards analysis
-    runs-on: ubuntu-latest
+    runs-on: ubuntu-22.04
     permissions:
       # Needed to upload the results to code-scanning dashboard.
       security-events: write
@@ -23,12 +23,12 @@ jobs:
 
     steps:
       - name: "Checkout code"
-        uses: actions/checkout@24cb9080177205b6e8c946b17badbe402adc938f
+        uses: actions/checkout@8e5e7e5ab8b370d6c329ec480221332ada57f0ab
         with:
           persist-credentials: false
 
       - name: "Run analysis"
-        uses: ossf/scorecard-action@e38b1902ae4f44df626f11ba0734b14fb91f8f86 # tag=v2.1.2
+        uses: ossf/scorecard-action@80e868c13c90f172d68d1f4501dee99e2479f7af # tag=v2.1.3
         with:
           results_file: results.sarif
           results_format: sarif

.github/workflows/sdk-test.yml

@@ -23,13 +23,13 @@ env:
 
 jobs:
   sdk-tests:
-    runs-on: ubuntu-20.04
+    runs-on: ubuntu-22.04
     steps:
       - name: Check out code into the Go module directory
-        uses: actions/checkout@24cb9080177205b6e8c946b17badbe402adc938f
+        uses: actions/checkout@8e5e7e5ab8b370d6c329ec480221332ada57f0ab
 
       - name: Setup Go
-        uses: actions/setup-go@4d34df0c2316fe8122ab82dc22947d607c0c91f9
+        uses: actions/setup-go@fac708d6674e30b6ba41289acaab6d4b75aa0753
         with:
           go-version: ${{ env.GO_VERSION }}
 
@@ -42,10 +42,10 @@ jobs:
         run: make vela-cli
 
       - name: Build SDK
-        run: bin/vela def gen-api -f vela-templates/definitions/internal/ -o ./kubevela-go-sdk --package=github.com/kubevela-contrib/kubevela-go-sdk
+        run: bin/vela def gen-api -f vela-templates/definitions/internal/ -o ./kubevela-go-sdk --package=github.com/kubevela-contrib/kubevela-go-sdk --init
 
       - name: Validate SDK
         run: |
           cd kubevela-go-sdk
           go mod tidy
-          golangci-lint run --timeout 5m ./...
+          golangci-lint run --timeout 5m -e "exported:" -e "dot-imports" ./...

.github/workflows/sync-api.yml

@@ -15,15 +15,15 @@ env:
 
 jobs:
   sync-core-api:
-    runs-on: ubuntu-20.04
+    runs-on: ubuntu-22.04
     steps:
       - name: Set up Go
-        uses: actions/setup-go@4d34df0c2316fe8122ab82dc22947d607c0c91f9
+        uses: actions/setup-go@fac708d6674e30b6ba41289acaab6d4b75aa0753
         with:
           go-version: ${{ env.GO_VERSION }}
 
       - name: Check out code into the Go module directory
-        uses: actions/checkout@24cb9080177205b6e8c946b17badbe402adc938f
+        uses: actions/checkout@8e5e7e5ab8b370d6c329ec480221332ada57f0ab
 
       - name: Get the version
         id: get_version

.github/workflows/sync-sdk.yaml

@@ -19,15 +19,15 @@ env:
 
 jobs:
   sync_sdk:
-    runs-on: ubuntu-20.04
+    runs-on: ubuntu-22.04
     steps:
       - name: Set up Go
-        uses: actions/setup-go@4d34df0c2316fe8122ab82dc22947d607c0c91f9
+        uses: actions/setup-go@fac708d6674e30b6ba41289acaab6d4b75aa0753
         with:
           go-version: ${{ env.GO_VERSION }}
 
       - name: Check out code into the Go module directory
-        uses: actions/checkout@24cb9080177205b6e8c946b17badbe402adc938f
+        uses: actions/checkout@8e5e7e5ab8b370d6c329ec480221332ada57f0ab
 
       - name: Get the version
         id: get_version

.github/workflows/timed-task.yml

@@ -1,14 +0,0 @@
-name: Timed Task
-on:
-  schedule:
-    - cron: '* * * * *'
-
-permissions:
-  contents: read
-
-jobs:
-  clean-image:
-    runs-on: aliyun
-    steps:
-      - name: Cleanup image
-        run: docker image prune -f

.github/workflows/trivy-scan.yml

@@ -10,10 +10,10 @@ permissions:
 jobs:
   images:
     name: Image Scan
-    runs-on: ubuntu-latest
+    runs-on: ubuntu-22.04
     steps:
       - name: Checkout code
-        uses: actions/checkout@24cb9080177205b6e8c946b17badbe402adc938f
+        uses: actions/checkout@8e5e7e5ab8b370d6c329ec480221332ada57f0ab
 
       - name: Build Vela Core image from Dockerfile
         run: |

.github/workflows/unit-test.yml

@@ -23,7 +23,7 @@ jobs:
   detect-noop:
     permissions:
       actions: write  # for fkirc/skip-duplicate-actions to skip or stop workflow runs
-    runs-on: ubuntu-20.04
+    runs-on: ubuntu-22.04
     outputs:
       noop: ${{ steps.noop.outputs.should_skip }}
     steps:
@@ -37,18 +37,18 @@ jobs:
         continue-on-error: true
 
   unit-tests:
-    runs-on: ubuntu-20.04
+    runs-on: ubuntu-22.04
     needs: detect-noop
     if: needs.detect-noop.outputs.noop != 'true'
 
     steps:
       - name: Set up Go
-        uses: actions/setup-go@4d34df0c2316fe8122ab82dc22947d607c0c91f9
+        uses: actions/setup-go@fac708d6674e30b6ba41289acaab6d4b75aa0753
         with:
           go-version: ${{ env.GO_VERSION }}
 
       - name: Check out code into the Go module directory
-        uses: actions/checkout@24cb9080177205b6e8c946b17badbe402adc938f
+        uses: actions/checkout@8e5e7e5ab8b370d6c329ec480221332ada57f0ab
         with:
           submodules: true
 
@@ -65,25 +65,23 @@ jobs:
           sudo apt-get update
           sudo apt-get install -y golang-ginkgo-dev
 
-      - name: Setup K3d
-        uses: nolar/setup-k3d-k3s@293b8e5822a20bc0d5bcdd4826f1a665e72aba96
-        with:
-          version: v1.20
-          github-token: ${{ secrets.GITHUB_TOKEN }}
+      - name: Setup KinD
+        run: |
+          go install sigs.k8s.io/kind@v0.19.0
+          kind create cluster
 
-        # TODO need update action version to resolve node 12 deprecated.
       - name: install Kubebuilder
-        uses: RyanSiu1995/kubebuilder-action@ff52bff1bae252239223476e5ab0d71d6ba02343
+        uses: RyanSiu1995/kubebuilder-action@ed0e300b13152c2c2bfb104475665c7bf609332f
         with:
-          version: 3.1.0
+          version: 3.9.1
           kubebuilderOnly: false
-          kubernetesVersion: v1.21.2
+          kubernetesVersion: v1.26.2
 
       - name: Run Make test
         run: make test
 
       - name: Upload coverage report
-        uses: codecov/codecov-action@d9f34f8cd5cb3b3eb79b3e4b5dae3a16df499a70
+        uses: codecov/codecov-action@eaaf4bedf32dbdc6b720b63067d99c4d77d6047d
         with:
           token: ${{ secrets.CODECOV_TOKEN }}
           file: ./coverage.txt

Makefile

@@ -8,25 +8,33 @@ include makefiles/e2e.mk
 .DEFAULT_GOAL := all
 all: build
 
-# Run tests
+# ==============================================================================
+# Targets
+
+## test: Run tests
 test: unit-test-core test-cli-gen
 	@$(OK) unit-tests pass
 
+## test-cli-gen: Run the unit tests for cli gen
 test-cli-gen: 
-	mkdir -p ./bin/doc
-	go run ./hack/docgen/cli/gen.go ./bin/doc
+	@mkdir -p ./bin/doc
+	@go run ./hack/docgen/cli/gen.go ./bin/doc
+
+## unit-test-core: Run the unit tests for core
 unit-test-core:
 	go test -coverprofile=coverage.txt $(shell go list ./pkg/... ./cmd/... ./apis/... | grep -v apiserver | grep -v applicationconfiguration)
 	go test $(shell go list ./references/... | grep -v apiserver)
 
-# Build vela cli binary
+## build: Build vela cli binary
 build: vela-cli kubectl-vela
 	@$(OK) build succeed
 
+## build-cli: Clean build
 build-cleanup:
-	rm -rf _bin
+	@echo "===========> Cleaning all build output"
+	@rm -rf _bin
 
-# Run go fmt against code
+## fmt: Run go fmt against code
 fmt: goimports installcue
 	go fmt ./...
 	$(GOIMPORTS) -local github.com/oam-dev/kubevela -w $$(go list -f {{.Dir}} ./...)
@@ -36,38 +44,42 @@ fmt: goimports installcue
 	$(CUE) fmt ./pkg/stdlib/pkgs/*
 	$(CUE) fmt ./pkg/stdlib/op.cue
 	$(CUE) fmt ./pkg/workflow/tasks/template/static/*
-# Run go vet against code
 
+## sdk_fmt: Run go fmt against code
 sdk_fmt:
 	./hack/sdk/reviewable.sh
 
+## vet: Run go vet against code
 vet:
 	@$(INFO) go vet
 	@go vet $(shell go list ./...|grep -v scaffold)
 
+## staticcheck: Run the staticcheck
 staticcheck: staticchecktool
 	@$(INFO) staticcheck
 	@$(STATICCHECK) $(shell go list ./...|grep -v scaffold)
 
+## lint: Run the golangci-lint
 lint: golangci
 	@$(INFO) lint
 	@$(GOLANGCILINT) run --skip-dirs 'scaffold'
 
+## reviewable: Run the reviewable
 reviewable: manifests fmt vet lint staticcheck helm-doc-gen sdk_fmt
 	go mod tidy
 
-# Execute auto-gen code commands and ensure branch is clean.
+# check-diff: Execute auto-gen code commands and ensure branch is clean.
 check-diff: reviewable
 	git --no-pager diff
 	git diff --quiet || ($(ERR) please run 'make reviewable' to include all changes && false)
 	@$(OK) branch is clean
 
-# Push the docker image
+## docker-push: Push the docker image
 docker-push:
-	docker push $(VELA_CORE_IMAGE)
-
-
+	@echo "===========> Pushing docker image"
+	@docker push $(VELA_CORE_IMAGE)
 
+## image-cleanup: Delete Docker images
 image-cleanup:
 ifneq (, $(shell which docker))
 # Delete Docker images
@@ -82,38 +94,38 @@ endif
 
 endif
 
-
-
-# load docker image to the k3d cluster
+## image-load: load docker image to the kind cluster
 image-load:
 	docker build -t $(VELA_CORE_TEST_IMAGE) -f Dockerfile.e2e .
-	k3d image import $(VELA_CORE_TEST_IMAGE) || { echo >&2 "kind not installed or error loading image: $(VELA_CORE_TEST_IMAGE)"; exit 1; }
+	kind load docker-image $(VELA_CORE_TEST_IMAGE) || { echo >&2 "kind not installed or error loading image: $(VELA_CORE_TEST_IMAGE)"; exit 1; }
 
+## image-load-runtime-cluster: Load the run-time cluster image
 image-load-runtime-cluster:
 	/bin/sh hack/e2e/build_runtime_rollout.sh
 	docker build -t $(VELA_RUNTIME_ROLLOUT_TEST_IMAGE) -f runtime/rollout/e2e/Dockerfile.e2e runtime/rollout/e2e/
 	rm -rf runtime/rollout/e2e/tmp
-	k3d image import $(VELA_RUNTIME_ROLLOUT_TEST_IMAGE)  || { echo >&2 "kind not installed or error loading image: $(VELA_RUNTIME_ROLLOUT_TEST_IMAGE)"; exit 1; }
-	k3d cluster get $(RUNTIME_CLUSTER_NAME) && k3d image import $(VELA_RUNTIME_ROLLOUT_TEST_IMAGE) --cluster=$(RUNTIME_CLUSTER_NAME) || echo "no worker cluster"
+	kind load docker-image $(VELA_RUNTIME_ROLLOUT_TEST_IMAGE)  || { echo >&2 "kind not installed or error loading image: $(VELA_RUNTIME_ROLLOUT_TEST_IMAGE)"; exit 1; }
+	kind load docker-image $(VELA_RUNTIME_ROLLOUT_TEST_IMAGE) --name=$(RUNTIME_CLUSTER_NAME) || echo "no worker cluster"
 
-# Run tests
+## core-test: Run tests
 core-test:
 	go test ./pkg/... -coverprofile cover.out
 
-# Build vela core manager binary
+## manager: Build vela core manager binary
 manager:
 	$(GOBUILD_ENV) go build -o bin/manager -a -ldflags $(LDFLAGS) ./cmd/core/main.go
 
+## vela-runtime-rollout-manager: Build vela runtime rollout manager binary
 vela-runtime-rollout-manager:
 	$(GOBUILD_ENV) go build -o ./runtime/rollout/bin/manager -a -ldflags $(LDFLAGS) ./runtime/rollout/cmd/main.go
 
-# Generate manifests e.g. CRD, RBAC etc.
+## manifests: Generate manifests e.g. CRD, RBAC etc.
 manifests: installcue kustomize
 	go generate $(foreach t,pkg apis,./$(t)/...)
 	# TODO(yangsoon): kustomize will merge all CRD into a whole file, it may not work if we want patch more than one CRD in this way
 	$(KUSTOMIZE) build config/crd -o config/crd/base/core.oam.dev_applications.yaml
 	./hack/crd/cleanup.sh
-	go run ./hack/crd/dispatch/dispatch.go config/crd/base charts/vela-core/crds runtime/ charts/vela-minimal/crds
+	go run ./hack/crd/dispatch/dispatch.go config/crd/base charts/vela-core/crds
 	rm -f config/crd/base/*
 	./vela-templates/gen_definitions.sh
 
@@ -125,12 +137,26 @@ HOSTARCH := amd64
 endif
 
 
+## check-license-header: Check license header
 check-license-header:
 	./hack/licence/header-check.sh
 
+## def-gen: Install definitions
 def-install:
 	./hack/utils/installdefinition.sh
 
+## helm-doc-gen: Generate helm chart README.md
 helm-doc-gen: helmdoc
 	readme-generator -v charts/vela-core/values.yaml -r charts/vela-core/README.md
-	readme-generator -v charts/vela-minimal/values.yaml -r charts/vela-minimal/README.md
+
+## help: Display help information
+help: Makefile
+	@echo ""
+	@echo "Usage:"
+	@echo ""
+	@echo "  make [target]"
+	@echo ""
+	@echo "Targets:"
+	@echo ""
+	@awk -F ':|##' '/^[^\.%\t][^\t]*:.*##/{printf "  \033[36m%-20s\033[0m %s\n", $$1, $$NF}' $(MAKEFILE_LIST) | sort
+	@sed -n 's/^##//p' ${MAKEFILE_LIST} | column -t -s ':' |  sed -e 's/^/ /'

apis/core.oam.dev/common/zz_generated.deepcopy.go

@@ -2,7 +2,7 @@
 // +build !ignore_autogenerated
 
 /*
-Copyright 2021 The KubeVela Authors.
+Copyright 2023 The KubeVela Authors.
 
 Licensed under the Apache License, Version 2.0 (the "License");
 you may not use this file except in compliance with the License.

apis/core.oam.dev/condition/zz_generated.deepcopy.go

@@ -2,7 +2,7 @@
 // +build !ignore_autogenerated
 
 /*
-Copyright 2021 The KubeVela Authors.
+Copyright 2023 The KubeVela Authors.
 
 Licensed under the Apache License, Version 2.0 (the "License");
 you may not use this file except in compliance with the License.

apis/core.oam.dev/v1alpha1/garbagecollect_policy_types.go

@@ -27,10 +27,17 @@ const (
 
 // GarbageCollectPolicySpec defines the spec of configuration drift
 type GarbageCollectPolicySpec struct {
+	// ApplicationRevisionLimit if set, this application will use this number for application revision instead of
+	// the global configuration
+	ApplicationRevisionLimit *int `json:"applicationRevisionLimit,omitempty"`
+
 	// KeepLegacyResource if is set, outdated versioned resourcetracker will not be recycled automatically
 	// outdated resources will be kept until resourcetracker be deleted manually
 	KeepLegacyResource bool `json:"keepLegacyResource,omitempty"`
 
+	// ContinueOnFailure if is set, continue to execute gc when the workflow fails, by default gc will be executed only after the workflow succeeds
+	ContinueOnFailure bool `json:"continueOnFailure,omitempty"`
+
 	// Order defines the order of garbage collect
 	Order GarbageCollectOrder `json:"order,omitempty"`
 

apis/core.oam.dev/v1alpha1/resource_update_policy_types.go

@@ -0,0 +1,70 @@
+/*
+Copyright 2023 The KubeVela Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+	http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package v1alpha1
+
+import "k8s.io/apimachinery/pkg/apis/meta/v1/unstructured"
+
+const (
+	// ResourceUpdatePolicyType refers to the type of resource-update policy
+	ResourceUpdatePolicyType = "resource-update"
+)
+
+// ResourceUpdatePolicySpec defines the spec of resource-update policy
+type ResourceUpdatePolicySpec struct {
+	Rules []ResourceUpdatePolicyRule `json:"rules"`
+}
+
+// Type the type name of the policy
+func (in *ResourceUpdatePolicySpec) Type() string {
+	return ResourceUpdatePolicyType
+}
+
+// ResourceUpdatePolicyRule defines the rule for resource-update resources
+type ResourceUpdatePolicyRule struct {
+	// Selector picks which resources should be affected
+	Selector ResourcePolicyRuleSelector `json:"selector"`
+	// Strategy the strategy for updating resources
+	Strategy ResourceUpdateStrategy `json:"strategy,omitempty"`
+}
+
+// ResourceUpdateStrategy the update strategy for resource
+type ResourceUpdateStrategy struct {
+	// Op the update op for selected resources
+	Op ResourceUpdateOp `json:"op,omitempty"`
+	// RecreateFields the field path which will trigger recreate if changed
+	RecreateFields []string `json:"recreateFields,omitempty"`
+}
+
+// ResourceUpdateOp update op for resource
+type ResourceUpdateOp string
+
+const (
+	// ResourceUpdateStrategyPatch patch the target resource (three-way patch)
+	ResourceUpdateStrategyPatch ResourceUpdateOp = "patch"
+	// ResourceUpdateStrategyReplace update the target resource
+	ResourceUpdateStrategyReplace ResourceUpdateOp = "replace"
+)
+
+// FindStrategy return if the target resource is read-only
+func (in *ResourceUpdatePolicySpec) FindStrategy(manifest *unstructured.Unstructured) *ResourceUpdateStrategy {
+	for _, rule := range in.Rules {
+		if rule.Selector.Match(manifest) {
+			return &rule.Strategy
+		}
+	}
+	return nil
+}

apis/core.oam.dev/v1alpha1/zz_generated.deepcopy.go

@@ -2,7 +2,7 @@
 // +build !ignore_autogenerated
 
 /*
-Copyright 2021 The KubeVela Authors.
+Copyright 2023 The KubeVela Authors.
 
 Licensed under the Apache License, Version 2.0 (the "License");
 you may not use this file except in compliance with the License.
@@ -329,6 +329,11 @@ func (in *GarbageCollectPolicyRule) DeepCopy() *GarbageCollectPolicyRule {
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
 func (in *GarbageCollectPolicySpec) DeepCopyInto(out *GarbageCollectPolicySpec) {
 	*out = *in
+	if in.ApplicationRevisionLimit != nil {
+		in, out := &in.ApplicationRevisionLimit, &out.ApplicationRevisionLimit
+		*out = new(int)
+		**out = **in
+	}
 	if in.Rules != nil {
 		in, out := &in.Rules, &out.Rules
 		*out = make([]GarbageCollectPolicyRule, len(*in))
@@ -720,6 +725,65 @@ func (in *ResourcePolicyRuleSelector) DeepCopy() *ResourcePolicyRuleSelector {
 	return out
 }
 
+// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
+func (in *ResourceUpdatePolicyRule) DeepCopyInto(out *ResourceUpdatePolicyRule) {
+	*out = *in
+	in.Selector.DeepCopyInto(&out.Selector)
+	in.Strategy.DeepCopyInto(&out.Strategy)
+}
+
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ResourceUpdatePolicyRule.
+func (in *ResourceUpdatePolicyRule) DeepCopy() *ResourceUpdatePolicyRule {
+	if in == nil {
+		return nil
+	}
+	out := new(ResourceUpdatePolicyRule)
+	in.DeepCopyInto(out)
+	return out
+}
+
+// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
+func (in *ResourceUpdatePolicySpec) DeepCopyInto(out *ResourceUpdatePolicySpec) {
+	*out = *in
+	if in.Rules != nil {
+		in, out := &in.Rules, &out.Rules
+		*out = make([]ResourceUpdatePolicyRule, len(*in))
+		for i := range *in {
+			(*in)[i].DeepCopyInto(&(*out)[i])
+		}
+	}
+}
+
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ResourceUpdatePolicySpec.
+func (in *ResourceUpdatePolicySpec) DeepCopy() *ResourceUpdatePolicySpec {
+	if in == nil {
+		return nil
+	}
+	out := new(ResourceUpdatePolicySpec)
+	in.DeepCopyInto(out)
+	return out
+}
+
+// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
+func (in *ResourceUpdateStrategy) DeepCopyInto(out *ResourceUpdateStrategy) {
+	*out = *in
+	if in.RecreateFields != nil {
+		in, out := &in.RecreateFields, &out.RecreateFields
+		*out = make([]string, len(*in))
+		copy(*out, *in)
+	}
+}
+
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ResourceUpdateStrategy.
+func (in *ResourceUpdateStrategy) DeepCopy() *ResourceUpdateStrategy {
+	if in == nil {
+		return nil
+	}
+	out := new(ResourceUpdateStrategy)
+	in.DeepCopyInto(out)
+	return out
+}
+
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
 func (in *SharedResourcePolicyRule) DeepCopyInto(out *SharedResourcePolicyRule) {
 	*out = *in

apis/core.oam.dev/v1alpha2/zz_generated.deepcopy.go

@@ -2,7 +2,7 @@
 // +build !ignore_autogenerated
 
 /*
-Copyright 2021 The KubeVela Authors.
+Copyright 2023 The KubeVela Authors.
 
 Licensed under the Apache License, Version 2.0 (the "License");
 you may not use this file except in compliance with the License.

apis/core.oam.dev/v1beta1/application_types.go

@@ -44,8 +44,9 @@ const (
 // AppPolicy defines a global policy for all components in the app.
 type AppPolicy struct {
 	// Name is the unique name of the policy.
-	Name string `json:"name"`
-
+	// +optional
+	Name string `json:"name,omitempty"`
+	// Type is the type of the policy
 	Type string `json:"type"`
 	// +kubebuilder:pruning:PreserveUnknownFields
 	Properties *runtime.RawExtension `json:"properties,omitempty"`

apis/core.oam.dev/v1beta1/resourcetracker_types_test.go

@@ -200,11 +200,8 @@ func TestResourceTrackerCompression(t *testing.T) {
 		"../../../charts/vela-core/crds/core.oam.dev_applicationrevisions.yaml",
 		"../../../charts/vela-core/crds/core.oam.dev_applications.yaml",
 		"../../../charts/vela-core/crds/core.oam.dev_definitionrevisions.yaml",
-		"../../../charts/vela-core/crds/core.oam.dev_healthscopes.yaml",
 		"../../../charts/vela-core/crds/core.oam.dev_traitdefinitions.yaml",
 		"../../../charts/vela-core/crds/core.oam.dev_componentdefinitions.yaml",
-		"../../../charts/vela-core/crds/core.oam.dev_workloaddefinitions.yaml",
-		"../../../charts/vela-core/crds/standard.oam.dev_rollouts.yaml",
 		"../../../charts/vela-core/templates/kubevela-controller.yaml",
 		"../../../charts/vela-core/README.md",
 		"../../../pkg/velaql/providers/query/testdata/machinelearning.seldon.io_seldondeployments.yaml",

apis/core.oam.dev/v1beta1/zz_generated.deepcopy.go

@@ -2,7 +2,7 @@
 // +build !ignore_autogenerated
 
 /*
-Copyright 2021 The KubeVela Authors.
+Copyright 2023 The KubeVela Authors.
 
 Licensed under the Apache License, Version 2.0 (the "License");
 you may not use this file except in compliance with the License.

apis/standard.oam.dev/v1alpha1/zz_generated.deepcopy.go

@@ -2,7 +2,7 @@
 // +build !ignore_autogenerated
 
 /*
-Copyright 2021 The KubeVela Authors.
+Copyright 2023 The KubeVela Authors.
 
 Licensed under the Apache License, Version 2.0 (the "License");
 you may not use this file except in compliance with the License.

apis/types/capability.go

@@ -176,9 +176,8 @@ type Capability struct {
 	Namespace string `json:"namespace,omitempty"`
 
 	// Plugin Source
-	Source  *Source       `json:"source,omitempty"`
-	Install *Installation `json:"install,omitempty"`
-	CrdInfo *CRDInfo      `json:"crdInfo,omitempty"`
+	Source  *Source  `json:"source,omitempty"`
+	CrdInfo *CRDInfo `json:"crdInfo,omitempty"`
 
 	// Terraform
 	TerraformConfiguration string `json:"terraformConfiguration,omitempty"`

apis/types/multicluster.go

@@ -37,9 +37,6 @@ const (
 )
 
 var (
-	// AnnotationClusterAlias the annotation key for cluster alias
-	AnnotationClusterAlias = config.MetaApiGroupName + "/cluster-alias"
-
 	// AnnotationClusterVersion the annotation key for cluster version
 	AnnotationClusterVersion = config.MetaApiGroupName + "/cluster-version"
 )

apis/types/types.go

@@ -137,13 +137,19 @@ const (
 	TypeCD = "Continuous Delivery"
 
 	// TypeExtension defines one category
-	TypeExtension = "Managing Extension"
+	TypeExtension = "Managing Extensions"
 
 	// TypeSystem defines one category
-	TypeSystem = "Others"
+	TypeSystem = "System Tools"
 
-	// TypePlugin defines one category used in Kubectl Plugin
-	TypePlugin = "Plugin Command"
+	// TypeAuxiliary defines auxiliary commands
+	TypeAuxiliary = "Auxiliary Tools"
+
+	// TypePlatform defines platform management commands
+	TypePlatform = "Managing Platform"
+
+	// TypeLegacy defines legacy commands
+	TypeLegacy = "Legacy Commands"
 )
 
 // LabelArg is the argument `label` of a definition

charts/vela-core/README.md

@@ -38,17 +38,16 @@ helm install --create-namespace -n vela-system kubevela kubevela/vela-core --wai
 
 ### KubeVela core parameters
 
-| Name                          | Description                                                                                   | Value     |
-| ----------------------------- | --------------------------------------------------------------------------------------------- | --------- |
-| `systemDefinitionNamespace`   | System definition namespace, if unspecified, will use built-in variable `.Release.Namespace`. | `nil`     |
-| `applicationRevisionLimit`    | Application revision limit                                                                    | `2`       |
-| `definitionRevisionLimit`     | Definition revision limit                                                                     | `2`       |
-| `concurrentReconciles`        | concurrentReconciles is the concurrent reconcile number of the controller                     | `4`       |
-| `controllerArgs.reSyncPeriod` | The period for resync the applications                                                        | `5m`      |
-| `OAMSpecVer`                  | OAMSpecVer is the oam spec version controller want to setup                                   | `v0.3`    |
-| `disableCaps`                 | Disable capability                                                                            | `rollout` |
-| `dependCheckWait`             | dependCheckWait is the time to wait for ApplicationConfiguration's dependent-resource ready   | `30s`     |
-
+| Name                          | Description                                                                                   | Value  |
+| ----------------------------- | --------------------------------------------------------------------------------------------- | ------ |
+| `systemDefinitionNamespace`   | System definition namespace, if unspecified, will use built-in variable `.Release.Namespace`. | `nil`  |
+| `applicationRevisionLimit`    | Application revision limit                                                                    | `2`    |
+| `definitionRevisionLimit`     | Definition revision limit                                                                     | `2`    |
+| `concurrentReconciles`        | concurrentReconciles is the concurrent reconcile number of the controller                     | `4`    |
+| `controllerArgs.reSyncPeriod` | The period for resync the applications                                                        | `5m`   |
+| `OAMSpecVer`                  | OAMSpecVer is the oam spec version controller want to setup                                   | `v0.3` |
+| `disableCaps`                 | Disable capability                                                                            | `all`  |
+| `dependCheckWait`             | dependCheckWait is the time to wait for ApplicationConfiguration's dependent-resource ready   | `30s`  |
 
 ### KubeVela workflow parameters
 
@@ -59,7 +58,6 @@ helm install --create-namespace -n vela-system kubevela kubevela/vela-core --wai
 | `workflow.backoff.maxTime.failedState` | The max backoff time of workflow in a failed condition | `300`   |
 | `workflow.step.errorRetryTimes`        | The max retry times of a failed workflow step          | `10`    |
 
-
 ### KubeVela controller parameters
 
 | Name                        | Description                          | Value              |
@@ -77,7 +75,6 @@ helm install --create-namespace -n vela-system kubevela kubevela/vela-core --wai
 | `webhookService.port`       | KubeVela webhook service port        | `9443`             |
 | `healthCheck.port`          | KubeVela health check port           | `9440`             |
 
-
 ### KubeVela controller optimization parameters
 
 | Name                                                         | Description                                                                                                                                                                                                                      | Value   |
@@ -104,7 +101,6 @@ helm install --create-namespace -n vela-system kubevela kubevela/vela-core --wai
 | `featureGates.sharedDefinitionStorageForApplicationRevision` | use definition cache to reduce duplicated definition storage for application revision, must be used with InformerCacheFilterUnnecessaryFields                                                                                    | `true`  |
 | `featureGates.disableWorkflowContextConfigMapCache`          | disable the workflow context's configmap informer cache                                                                                                                                                                          | `true`  |
 
-
 ### MultiCluster parameters
 
 | Name                                                        | Description                                                                                 | Value                            |
@@ -115,7 +111,7 @@ helm install --create-namespace -n vela-system kubevela kubevela/vela-core --wai
 | `multicluster.clusterGateway.replicaCount`                  | ClusterGateway replica count                                                                | `1`                              |
 | `multicluster.clusterGateway.port`                          | ClusterGateway port                                                                         | `9443`                           |
 | `multicluster.clusterGateway.image.repository`              | ClusterGateway image repository                                                             | `oamdev/cluster-gateway`         |
-| `multicluster.clusterGateway.image.tag`                     | ClusterGateway image tag                                                                    | `v1.8.0`                         |
+| `multicluster.clusterGateway.image.tag`                     | ClusterGateway image tag                                                                    | `v1.9.0-alpha.2`                 |
 | `multicluster.clusterGateway.image.pullPolicy`              | ClusterGateway image pull policy                                                            | `IfNotPresent`                   |
 | `multicluster.clusterGateway.resources.requests.cpu`        | ClusterGateway cpu request                                                                  | `50m`                            |
 | `multicluster.clusterGateway.resources.requests.memory`     | ClusterGateway memory request                                                               | `20Mi`                           |
@@ -125,7 +121,6 @@ helm install --create-namespace -n vela-system kubevela kubevela/vela-core --wai
 | `multicluster.clusterGateway.secureTLS.certPath`            | Path to the certificate file                                                                | `/etc/k8s-cluster-gateway-certs` |
 | `multicluster.clusterGateway.secureTLS.certManager.enabled` | Whether to enable cert-manager                                                              | `false`                          |
 
-
 ### Test parameters
 
 | Name                  | Description         | Value                |
@@ -135,7 +130,6 @@ helm install --create-namespace -n vela-system kubevela kubevela/vela-core --wai
 | `test.k8s.repository` | Test k8s repository | `oamdev/alpine-k8s`  |
 | `test.k8s.tag`        | Test k8s tag        | `1.18.2`             |
 
-
 ### Common parameters
 
 | Name                          | Description                                                                                                                                                        | Value                |
@@ -202,4 +196,4 @@ To uninstall the KubeVela helm release:
 $ helm uninstall -n vela-system kubevela
 ```
 
-Finally, this command will remove all the Kubernetes resources associated with KubeVela and remove this chart release.
+Finally, this command will remove all the Kubernetes resources associated with KubeVela and remove this chart release.

charts/vela-core/crds/core.oam.dev_applicationrevisions.yaml

@@ -3,7 +3,7 @@ apiVersion: apiextensions.k8s.io/v1
 kind: CustomResourceDefinition
 metadata:
   annotations:
-    controller-gen.kubebuilder.io/version: v0.9.2
+    controller-gen.kubebuilder.io/version: v0.11.4
   name: applicationrevisions.core.oam.dev
 spec:
   group: core.oam.dev
@@ -2243,9 +2243,9 @@ spec:
                               type: object
                               x-kubernetes-preserve-unknown-fields: true
                             type:
+                              description: Type is the type of the policy
                               type: string
                           required:
-                          - name
                           - type
                           type: object
                         type: array
@@ -2306,6 +2306,11 @@ spec:
                                     alias:
                                       type: string
                                   type: object
+                                mode:
+                                  description: Mode is only valid for sub steps, it
+                                    defines the mode of the sub steps
+                                  nullable: true
+                                  type: string
                                 name:
                                   description: Name is the unique name of the workflow
                                     step.
@@ -4168,6 +4173,11 @@ spec:
                             alias:
                               type: string
                           type: object
+                        mode:
+                          description: Mode is only valid for sub steps, it defines
+                            the mode of the sub steps
+                          nullable: true
+                          type: string
                         name:
                           description: Name is the unique name of the workflow step.
                           type: string

charts/vela-core/crds/core.oam.dev_applications.yaml

@@ -3,7 +3,7 @@ kind: CustomResourceDefinition
 metadata:
   annotations:
     cert-manager.io/inject-ca-from: vela-system/kubevela-vela-core-root-cert
-    controller-gen.kubebuilder.io/version: v0.9.2
+    controller-gen.kubebuilder.io/version: v0.11.4
   name: applications.core.oam.dev
 spec:
   group: core.oam.dev
@@ -1010,9 +1010,9 @@ spec:
                       type: object
                       x-kubernetes-preserve-unknown-fields: true
                     type:
+                      description: Type is the type of the policy
                       type: string
                   required:
-                  - name
                   - type
                   type: object
                 type: array
@@ -1068,6 +1068,11 @@ spec:
                             alias:
                               type: string
                           type: object
+                        mode:
+                          description: Mode is only valid for sub steps, it defines
+                            the mode of the sub steps
+                          nullable: true
+                          type: string
                         name:
                           description: Name is the unique name of the workflow step.
                           type: string

charts/vela-core/crds/core.oam.dev_componentdefinitions.yaml

@@ -3,7 +3,7 @@ apiVersion: apiextensions.k8s.io/v1
 kind: CustomResourceDefinition
 metadata:
   annotations:
-    controller-gen.kubebuilder.io/version: v0.9.2
+    controller-gen.kubebuilder.io/version: v0.11.4
   name: componentdefinitions.core.oam.dev
 spec:
   group: core.oam.dev

charts/vela-core/crds/core.oam.dev_definitionrevisions.yaml

@@ -3,7 +3,7 @@ apiVersion: apiextensions.k8s.io/v1
 kind: CustomResourceDefinition
 metadata:
   annotations:
-    controller-gen.kubebuilder.io/version: v0.9.2
+    controller-gen.kubebuilder.io/version: v0.11.4
   name: definitionrevisions.core.oam.dev
 spec:
   group: core.oam.dev

charts/vela-core/crds/core.oam.dev_healthscopes.yaml

@@ -3,7 +3,7 @@ apiVersion: apiextensions.k8s.io/v1
 kind: CustomResourceDefinition
 metadata:
   annotations:
-    controller-gen.kubebuilder.io/version: v0.9.2
+    controller-gen.kubebuilder.io/version: v0.11.3
   name: healthscopes.core.oam.dev
 spec:
   group: core.oam.dev

charts/vela-core/crds/core.oam.dev_policies.yaml

@@ -3,7 +3,7 @@ apiVersion: apiextensions.k8s.io/v1
 kind: CustomResourceDefinition
 metadata:
   annotations:
-    controller-gen.kubebuilder.io/version: v0.9.2
+    controller-gen.kubebuilder.io/version: v0.11.4
   name: policies.core.oam.dev
 spec:
   group: core.oam.dev

charts/vela-core/crds/core.oam.dev_policydefinitions.yaml

@@ -3,7 +3,7 @@ apiVersion: apiextensions.k8s.io/v1
 kind: CustomResourceDefinition
 metadata:
   annotations:
-    controller-gen.kubebuilder.io/version: v0.9.2
+    controller-gen.kubebuilder.io/version: v0.11.4
   name: policydefinitions.core.oam.dev
 spec:
   group: core.oam.dev

charts/vela-core/crds/core.oam.dev_resourcetrackers.yaml

@@ -3,7 +3,7 @@ apiVersion: apiextensions.k8s.io/v1
 kind: CustomResourceDefinition
 metadata:
   annotations:
-    controller-gen.kubebuilder.io/version: v0.9.2
+    controller-gen.kubebuilder.io/version: v0.11.4
   name: resourcetrackers.core.oam.dev
 spec:
   group: core.oam.dev

charts/vela-core/crds/core.oam.dev_scopedefinitions.yaml

@@ -1,146 +0,0 @@
----
-apiVersion: apiextensions.k8s.io/v1
-kind: CustomResourceDefinition
-metadata:
-  annotations:
-    controller-gen.kubebuilder.io/version: v0.9.2
-  name: scopedefinitions.core.oam.dev
-spec:
-  group: core.oam.dev
-  names:
-    categories:
-    - oam
-    kind: ScopeDefinition
-    listKind: ScopeDefinitionList
-    plural: scopedefinitions
-    shortNames:
-    - scope
-    singular: scopedefinition
-  scope: Namespaced
-  versions:
-  - additionalPrinterColumns:
-    - jsonPath: .spec.definitionRef.name
-      name: DEFINITION-NAME
-      type: string
-    name: v1alpha2
-    schema:
-      openAPIV3Schema:
-        description: A ScopeDefinition registers a kind of Kubernetes custom resource
-          as a valid OAM scope kind by referencing its CustomResourceDefinition. The
-          CRD is used to validate the schema of the scope when it is embedded in an
-          OAM ApplicationConfiguration.
-        properties:
-          apiVersion:
-            description: 'APIVersion defines the versioned schema of this representation
-              of an object. Servers should convert recognized schemas to the latest
-              internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
-            type: string
-          kind:
-            description: 'Kind is a string value representing the REST resource this
-              object represents. Servers may infer this from the endpoint the client
-              submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
-            type: string
-          metadata:
-            type: object
-          spec:
-            description: A ScopeDefinitionSpec defines the desired state of a ScopeDefinition.
-            properties:
-              allowComponentOverlap:
-                description: AllowComponentOverlap specifies whether an OAM component
-                  may exist in multiple instances of this kind of scope.
-                type: boolean
-              definitionRef:
-                description: Reference to the CustomResourceDefinition that defines
-                  this scope kind.
-                properties:
-                  name:
-                    description: Name of the referenced CustomResourceDefinition.
-                    type: string
-                  version:
-                    description: Version indicate which version should be used if
-                      CRD has multiple versions by default it will use the first one
-                      if not specified
-                    type: string
-                required:
-                - name
-                type: object
-              extension:
-                description: Extension is used for extension needs by OAM platform
-                  builders
-                type: object
-                x-kubernetes-preserve-unknown-fields: true
-              workloadRefsPath:
-                description: WorkloadRefsPath indicates if/where a scope accepts workloadRef
-                  objects
-                type: string
-            required:
-            - allowComponentOverlap
-            - definitionRef
-            type: object
-        type: object
-    served: true
-    storage: false
-    subresources: {}
-  - additionalPrinterColumns:
-    - jsonPath: .spec.definitionRef.name
-      name: DEFINITION-NAME
-      type: string
-    name: v1beta1
-    schema:
-      openAPIV3Schema:
-        description: A ScopeDefinition registers a kind of Kubernetes custom resource
-          as a valid OAM scope kind by referencing its CustomResourceDefinition. The
-          CRD is used to validate the schema of the scope when it is embedded in an
-          OAM ApplicationConfiguration.
-        properties:
-          apiVersion:
-            description: 'APIVersion defines the versioned schema of this representation
-              of an object. Servers should convert recognized schemas to the latest
-              internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
-            type: string
-          kind:
-            description: 'Kind is a string value representing the REST resource this
-              object represents. Servers may infer this from the endpoint the client
-              submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
-            type: string
-          metadata:
-            type: object
-          spec:
-            description: A ScopeDefinitionSpec defines the desired state of a ScopeDefinition.
-            properties:
-              allowComponentOverlap:
-                description: AllowComponentOverlap specifies whether an OAM component
-                  may exist in multiple instances of this kind of scope.
-                type: boolean
-              definitionRef:
-                description: Reference to the CustomResourceDefinition that defines
-                  this scope kind.
-                properties:
-                  name:
-                    description: Name of the referenced CustomResourceDefinition.
-                    type: string
-                  version:
-                    description: Version indicate which version should be used if
-                      CRD has multiple versions by default it will use the first one
-                      if not specified
-                    type: string
-                required:
-                - name
-                type: object
-              extension:
-                description: Extension is used for extension needs by OAM platform
-                  builders
-                type: object
-                x-kubernetes-preserve-unknown-fields: true
-              workloadRefsPath:
-                description: WorkloadRefsPath indicates if/where a scope accepts workloadRef
-                  objects
-                type: string
-            required:
-            - allowComponentOverlap
-            - definitionRef
-            type: object
-        type: object
-    served: true
-    storage: true
-    subresources: {}

charts/vela-core/crds/core.oam.dev_traitdefinitions.yaml

@@ -3,7 +3,7 @@ apiVersion: apiextensions.k8s.io/v1
 kind: CustomResourceDefinition
 metadata:
   annotations:
-    controller-gen.kubebuilder.io/version: v0.9.2
+    controller-gen.kubebuilder.io/version: v0.11.4
   name: traitdefinitions.core.oam.dev
 spec:
   group: core.oam.dev

charts/vela-core/crds/core.oam.dev_workflowstepdefinitions.yaml

@@ -3,7 +3,7 @@ apiVersion: apiextensions.k8s.io/v1
 kind: CustomResourceDefinition
 metadata:
   annotations:
-    controller-gen.kubebuilder.io/version: v0.9.2
+    controller-gen.kubebuilder.io/version: v0.11.4
   name: workflowstepdefinitions.core.oam.dev
 spec:
   group: core.oam.dev

charts/vela-core/crds/core.oam.dev_workloaddefinitions.yaml

@@ -3,7 +3,7 @@ apiVersion: apiextensions.k8s.io/v1
 kind: CustomResourceDefinition
 metadata:
   annotations:
-    controller-gen.kubebuilder.io/version: v0.9.2
+    controller-gen.kubebuilder.io/version: v0.11.3
   name: workloaddefinitions.core.oam.dev
 spec:
   group: core.oam.dev

charts/vela-core/crds/standard.oam.dev_rollouts.yaml

@@ -1,477 +0,0 @@
----
-apiVersion: apiextensions.k8s.io/v1
-kind: CustomResourceDefinition
-metadata:
-  annotations:
-    controller-gen.kubebuilder.io/version: v0.9.2
-  name: rollouts.standard.oam.dev
-spec:
-  group: standard.oam.dev
-  names:
-    categories:
-    - oam
-    kind: Rollout
-    listKind: RolloutList
-    plural: rollouts
-    shortNames:
-    - rollout
-    singular: rollout
-  scope: Namespaced
-  versions:
-  - additionalPrinterColumns:
-    - jsonPath: .status.rolloutTargetSize
-      name: TARGET
-      type: string
-    - jsonPath: .status.upgradedReplicas
-      name: UPGRADED
-      type: string
-    - jsonPath: .status.upgradedReadyReplicas
-      name: READY
-      type: string
-    - jsonPath: .status.batchRollingState
-      name: BATCH-STATE
-      type: string
-    - jsonPath: .status.rollingState
-      name: ROLLING-STATE
-      type: string
-    - jsonPath: .metadata.creationTimestamp
-      name: AGE
-      type: date
-    name: v1alpha1
-    schema:
-      openAPIV3Schema:
-        description: Rollout is the Schema for the Rollout API
-        properties:
-          apiVersion:
-            description: 'APIVersion defines the versioned schema of this representation
-              of an object. Servers should convert recognized schemas to the latest
-              internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
-            type: string
-          kind:
-            description: 'Kind is a string value representing the REST resource this
-              object represents. Servers may infer this from the endpoint the client
-              submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
-            type: string
-          metadata:
-            type: object
-          spec:
-            description: RolloutSpec defines how to describe an update between different
-              compRevision
-            properties:
-              componentName:
-                description: ComponentName specify the component name
-                type: string
-              rolloutPlan:
-                description: RolloutPlan is the details on how to rollout the resources
-                properties:
-                  batchPartition:
-                    description: All pods in the batches up to the batchPartition
-                      (included) will have the target resource specification while
-                      the rest still have the source resource This is designed for
-                      the operators to manually rollout Default is the the number
-                      of batches which will rollout all the batches
-                    format: int32
-                    type: integer
-                  canaryMetric:
-                    description: CanaryMetric provides a way for the rollout process
-                      to automatically check certain metrics before complete the process
-                    items:
-                      description: CanaryMetric holds the reference to metrics used
-                        for canary analysis
-                      properties:
-                        interval:
-                          description: Interval represents the windows size
-                          type: string
-                        metricsRange:
-                          description: Range value accepted for this metric
-                          properties:
-                            max:
-                              anyOf:
-                              - type: integer
-                              - type: string
-                              description: Maximum value
-                              x-kubernetes-int-or-string: true
-                            min:
-                              anyOf:
-                              - type: integer
-                              - type: string
-                              description: Minimum value
-                              x-kubernetes-int-or-string: true
-                          type: object
-                        name:
-                          description: Name of the metric
-                          type: string
-                        templateRef:
-                          description: TemplateRef references a metric template object
-                          properties:
-                            apiVersion:
-                              description: API version of the referent.
-                              type: string
-                            fieldPath:
-                              description: 'If referring to a piece of an object instead
-                                of an entire object, this string should contain a
-                                valid JSON/Go field access statement, such as desiredState.manifest.containers[2].
-                                For example, if the object reference is to a container
-                                within a pod, this would take on a value like: "spec.containers{name}"
-                                (where "name" refers to the name of the container
-                                that triggered the event) or if no container name
-                                is specified "spec.containers[2]" (container with
-                                index 2 in this pod). This syntax is chosen only to
-                                have some well-defined way of referencing a part of
-                                an object. TODO: this design is not final and this
-                                field is subject to change in the future.'
-                              type: string
-                            kind:
-                              description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
-                              type: string
-                            name:
-                              description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names'
-                              type: string
-                            namespace:
-                              description: 'Namespace of the referent. More info:
-                                https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/'
-                              type: string
-                            resourceVersion:
-                              description: 'Specific resourceVersion to which this
-                                reference is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency'
-                              type: string
-                            uid:
-                              description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids'
-                              type: string
-                          type: object
-                          x-kubernetes-map-type: atomic
-                      required:
-                      - name
-                      type: object
-                    type: array
-                  numBatches:
-                    description: The number of batches, default = 1
-                    format: int32
-                    type: integer
-                  paused:
-                    description: Paused the rollout, default is false
-                    type: boolean
-                  rolloutBatches:
-                    description: The exact distribution among batches. its size has
-                      to be exactly the same as the NumBatches (if set) The total
-                      number cannot exceed the targetSize or the size of the source
-                      resource We will IGNORE the last batch's replica field if it's
-                      a percentage since round errors can lead to inaccurate sum We
-                      highly recommend to leave the last batch's replica field empty
-                    items:
-                      description: RolloutBatch is used to describe how the each batch
-                        rollout should be
-                      properties:
-                        batchRolloutWebhooks:
-                          description: RolloutWebhooks provides a way for the batch
-                            rollout to interact with an external process
-                          items:
-                            description: RolloutWebhook holds the reference to external
-                              checks used for canary analysis
-                            properties:
-                              expectedStatus:
-                                description: ExpectedStatus contains all the expected
-                                  http status code that we will accept as success
-                                items:
-                                  type: integer
-                                type: array
-                              metadata:
-                                additionalProperties:
-                                  type: string
-                                description: Metadata (key-value pairs) for this webhook
-                                type: object
-                              method:
-                                description: Method the HTTP call method, default
-                                  is POST
-                                type: string
-                              name:
-                                description: Name of this webhook
-                                type: string
-                              type:
-                                description: Type of this webhook
-                                type: string
-                              url:
-                                description: URL address of this webhook
-                                type: string
-                            required:
-                            - name
-                            - type
-                            - url
-                            type: object
-                          type: array
-                        canaryMetric:
-                          description: CanaryMetric provides a way for the batch rollout
-                            process to automatically check certain metrics before
-                            moving to the next batch
-                          items:
-                            description: CanaryMetric holds the reference to metrics
-                              used for canary analysis
-                            properties:
-                              interval:
-                                description: Interval represents the windows size
-                                type: string
-                              metricsRange:
-                                description: Range value accepted for this metric
-                                properties:
-                                  max:
-                                    anyOf:
-                                    - type: integer
-                                    - type: string
-                                    description: Maximum value
-                                    x-kubernetes-int-or-string: true
-                                  min:
-                                    anyOf:
-                                    - type: integer
-                                    - type: string
-                                    description: Minimum value
-                                    x-kubernetes-int-or-string: true
-                                type: object
-                              name:
-                                description: Name of the metric
-                                type: string
-                              templateRef:
-                                description: TemplateRef references a metric template
-                                  object
-                                properties:
-                                  apiVersion:
-                                    description: API version of the referent.
-                                    type: string
-                                  fieldPath:
-                                    description: 'If referring to a piece of an object
-                                      instead of an entire object, this string should
-                                      contain a valid JSON/Go field access statement,
-                                      such as desiredState.manifest.containers[2].
-                                      For example, if the object reference is to a
-                                      container within a pod, this would take on a
-                                      value like: "spec.containers{name}" (where "name"
-                                      refers to the name of the container that triggered
-                                      the event) or if no container name is specified
-                                      "spec.containers[2]" (container with index 2
-                                      in this pod). This syntax is chosen only to
-                                      have some well-defined way of referencing a
-                                      part of an object. TODO: this design is not
-                                      final and this field is subject to change in
-                                      the future.'
-                                    type: string
-                                  kind:
-                                    description: 'Kind of the referent. More info:
-                                      https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
-                                    type: string
-                                  name:
-                                    description: 'Name of the referent. More info:
-                                      https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names'
-                                    type: string
-                                  namespace:
-                                    description: 'Namespace of the referent. More
-                                      info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/'
-                                    type: string
-                                  resourceVersion:
-                                    description: 'Specific resourceVersion to which
-                                      this reference is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency'
-                                    type: string
-                                  uid:
-                                    description: 'UID of the referent. More info:
-                                      https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids'
-                                    type: string
-                                type: object
-                                x-kubernetes-map-type: atomic
-                            required:
-                            - name
-                            type: object
-                          type: array
-                        instanceInterval:
-                          description: The wait time, in seconds, between instances
-                            upgrades, default = 0
-                          format: int32
-                          type: integer
-                        maxUnavailable:
-                          anyOf:
-                          - type: integer
-                          - type: string
-                          description: MaxUnavailable is the max allowed number of
-                            pods that is unavailable during the upgrade. We will mark
-                            the batch as ready as long as there are less or equal
-                            number of pods unavailable than this number. default =
-                            0
-                          x-kubernetes-int-or-string: true
-                        podList:
-                          description: The list of Pods to get upgraded it is mutually
-                            exclusive with the Replicas field
-                          items:
-                            type: string
-                          type: array
-                        replicas:
-                          anyOf:
-                          - type: integer
-                          - type: string
-                          description: 'Replicas is the number of pods to upgrade
-                            in this batch it can be an absolute number (ex: 5) or
-                            a percentage of total pods we will ignore the percentage
-                            of the last batch to just fill the gap it is mutually
-                            exclusive with the PodList field'
-                          x-kubernetes-int-or-string: true
-                      type: object
-                    type: array
-                  rolloutStrategy:
-                    description: RolloutStrategy defines strategies for the rollout
-                      plan The default is IncreaseFirstRolloutStrategyType
-                    type: string
-                  rolloutWebhooks:
-                    description: RolloutWebhooks provide a way for the rollout to
-                      interact with an external process
-                    items:
-                      description: RolloutWebhook holds the reference to external
-                        checks used for canary analysis
-                      properties:
-                        expectedStatus:
-                          description: ExpectedStatus contains all the expected http
-                            status code that we will accept as success
-                          items:
-                            type: integer
-                          type: array
-                        metadata:
-                          additionalProperties:
-                            type: string
-                          description: Metadata (key-value pairs) for this webhook
-                          type: object
-                        method:
-                          description: Method the HTTP call method, default is POST
-                          type: string
-                        name:
-                          description: Name of this webhook
-                          type: string
-                        type:
-                          description: Type of this webhook
-                          type: string
-                        url:
-                          description: URL address of this webhook
-                          type: string
-                      required:
-                      - name
-                      - type
-                      - url
-                      type: object
-                    type: array
-                  targetSize:
-                    description: The size of the target resource. The default is the
-                      same as the size of the source resource.
-                    format: int32
-                    type: integer
-                type: object
-              sourceRevisionName:
-                description: SourceRevisionName contains the name of the componentRevisionName  that
-                  we need to upgrade from. it can be empty only when it's the first
-                  time to deploy the application
-                type: string
-              targetRevisionName:
-                description: TargetRevisionName contains the name of the componentRevisionName
-                  that we need to upgrade to.
-                type: string
-            required:
-            - componentName
-            - rolloutPlan
-            - targetRevisionName
-            type: object
-          status:
-            description: CompRolloutStatus defines the observed state of rollout
-            properties:
-              LastSourceRevision:
-                description: LastSourceRevision contains the name of the componentRevisionName
-                  that we need to upgrade from. We will restart the rollout if this
-                  is not the same as the spec
-                type: string
-              batchRollingState:
-                description: BatchRollingState only meaningful when the Status is
-                  rolling
-                type: string
-              conditions:
-                description: Conditions of the resource.
-                items:
-                  description: A Condition that may apply to a resource.
-                  properties:
-                    lastTransitionTime:
-                      description: LastTransitionTime is the last time this condition
-                        transitioned from one status to another.
-                      format: date-time
-                      type: string
-                    message:
-                      description: A Message containing details about this condition's
-                        last transition from one status to another, if any.
-                      type: string
-                    reason:
-                      description: A Reason for this condition's last transition from
-                        one status to another.
-                      type: string
-                    status:
-                      description: Status of this condition; is it currently True,
-                        False, or Unknown?
-                      type: string
-                    type:
-                      description: Type of this condition. At most one of each condition
-                        type may apply to a resource at any point in time.
-                      type: string
-                  required:
-                  - lastTransitionTime
-                  - reason
-                  - status
-                  - type
-                  type: object
-                type: array
-              currentBatch:
-                description: The current batch the rollout is working on/blocked it
-                  starts from 0
-                format: int32
-                type: integer
-              lastAppliedPodTemplateIdentifier:
-                description: lastAppliedPodTemplateIdentifier is a string that uniquely
-                  represent the last pod template each workload type could use different
-                  ways to identify that so we cannot compare between resources We
-                  update this field only after a successful rollout
-                type: string
-              lastTargetRevision:
-                description: LastUpgradedTargetRevision contains the name of the componentRevisionName
-                  that we upgraded to We will restart the rollout if this is not the
-                  same as the spec
-                type: string
-              rollingState:
-                description: RollingState is the Rollout State
-                type: string
-              rolloutOriginalSize:
-                description: RolloutTargetSize is the size of the target resources.
-                  This is determined once the initial spec verification and does not
-                  change until the rollout is restarted
-                format: int32
-                type: integer
-              rolloutTargetSize:
-                description: RolloutTargetSize is the size of the target resources.
-                  This is determined once the initial spec verification and does not
-                  change until the rollout is restarted
-                format: int32
-                type: integer
-              targetGeneration:
-                description: NewPodTemplateIdentifier is a string that uniquely represent
-                  the new pod template each workload type could use different ways
-                  to identify that so we cannot compare between resources
-                type: string
-              upgradedReadyReplicas:
-                description: UpgradedReadyReplicas is the number of Pods upgraded
-                  by the rollout controller that have a Ready Condition.
-                format: int32
-                type: integer
-              upgradedReplicas:
-                description: UpgradedReplicas is the number of Pods upgraded by the
-                  rollout controller
-                format: int32
-                type: integer
-            required:
-            - currentBatch
-            - lastTargetRevision
-            - rollingState
-            - upgradedReadyReplicas
-            - upgradedReplicas
-            type: object
-        type: object
-    served: true
-    storage: true
-    subresources:
-      status: {}

charts/vela-core/templates/definitions/autodetect.yaml

@@ -1,10 +0,0 @@
-apiVersion: core.oam.dev/v1beta1
-kind: WorkloadDefinition
-metadata:
-  annotations:
-    definition.oam.dev/description: "autodetects.core.oam.dev is the default workload type of ComponentDefinition"
-  name: autodetects.core.oam.dev
-  namespace: {{ include "systemDefinitionNamespace" . }}
-spec:
-  definitionRef:
-    name: autodetects.core.oam.dev

charts/vela-core/templates/definitions/healthscopes.yaml

@@ -1,10 +0,0 @@
-apiVersion: core.oam.dev/v1beta1
-kind: ScopeDefinition
-metadata:
-  name: healthscopes.core.oam.dev
-  namespace: {{ include "systemDefinitionNamespace" . }}
-spec:
-  workloadRefsPath: spec.workloadRefs
-  allowComponentOverlap: true
-  definitionRef:
-    name: healthscopes.core.oam.dev

charts/vela-core/templates/defwithtemplate/affinity.yaml

@@ -113,6 +113,7 @@ spec:
         			}]
         	}
         }
+
         #labelSelector: {
         	matchLabels?: [string]: string
         	matchExpressions?: [...{
@@ -121,21 +122,25 @@ spec:
         		values?: [...string]
         	}]
         }
+
         #podAffinityTerm: {
         	labelSelector?: #labelSelector
         	namespaces?: [...string]
         	topologyKey:        string
         	namespaceSelector?: #labelSelector
         }
+
         #nodeSelecor: {
         	key:      string
         	operator: *"In" | "NotIn" | "Exists" | "DoesNotExist" | "Gt" | "Lt"
         	values?: [...string]
         }
+
         #nodeSelectorTerm: {
         	matchExpressions?: [...#nodeSelecor]
         	matchFields?: [...#nodeSelecor]
         }
+
         parameter: {
         	// +usage=Specify the pod affinity scheduling rules
         	podAffinity?: {

charts/vela-core/templates/defwithtemplate/apply-once.yaml

@@ -17,12 +17,14 @@ spec:
         	// +usage=Specify the path of the resource that allow configuration drift
         	path: [...string]
         }
+
         #ApplyOncePolicyRule: {
         	// +usage=Specify how to select the targets of the rule
         	selector?: #ResourcePolicyRuleSelector
         	// +usage=Specify the strategy for configuring the resource level configuration drift behaviour
         	strategy: #ApplyOnceStrategy
         }
+
         #ResourcePolicyRuleSelector: {
         	// +usage=Select resources by component names
         	componentNames?: [...string]
@@ -37,6 +39,7 @@ spec:
         	// +usage=Select resources by their names
         	resourceNames?: [...string]
         }
+
         parameter: {
         	// +usage=Whether to enable apply-once for the whole application
         	enable: *false | bool

charts/vela-core/templates/defwithtemplate/apply-remaining.yaml

@@ -24,6 +24,7 @@ spec:
         apply: op.#ApplyRemaining & {
         	parameter
         }
+
         parameter: {
         	// +usage=Declare the name of the component
         	exceptions?: [...string]

charts/vela-core/templates/defwithtemplate/apply-terraform-config.yaml

@@ -85,7 +85,7 @@ spec:
         	region?: string
         	// +usage=the envs for job
         	jobEnv?: {...}
-        	// +usae=forceDelete will force delete Configuration no matter which state it is or whether it has provisioned some resources
+        	// +usage=forceDelete will force delete Configuration no matter which state it is or whether it has provisioned some resources
         	forceDelete: *false | bool
         }
 

charts/vela-core/templates/defwithtemplate/check-metrics.yaml

@@ -0,0 +1,59 @@
+# Code generated by KubeVela templates. DO NOT EDIT. Please edit the original cue file.
+# Definition source cue file: vela-templates/definitions/internal/check-metrics.cue
+apiVersion: core.oam.dev/v1beta1
+kind: WorkflowStepDefinition
+metadata:
+  annotations:
+    custom.definition.oam.dev/category: Application Delivery
+    definition.oam.dev/description: Verify application's metrics
+  labels:
+    custom.definition.oam.dev/catalog: Delivery
+  name: check-metrics
+  namespace: {{ include "systemDefinitionNamespace" . }}
+spec:
+  schematic:
+    cue:
+      template: |
+        import (
+        	"vela/op"
+        )
+
+        check: op.#PromCheck & {
+        	query:          parameter.query
+        	metricEndpoint: parameter.metricEndpoint
+        	condition:      parameter.condition
+        	stepID:         context.stepSessionID
+        	duration:       parameter.duration
+        	failDuration:   parameter.failDuration
+        }
+
+        fail: op.#Steps & {
+        	if check.failed != _|_ {
+        		if check.failed == true {
+        			breakWorkflow: op.#Fail & {
+        				message: check.message
+        			}
+        		}
+        	}
+        }
+
+        wait: op.#ConditionalWait & {
+        	continue: check.result
+        	if check.message != _|_ {
+        		message: check.message
+        	}
+        }
+
+        parameter: {
+        	// +usage=Query is a raw prometheus query to perform
+        	query: string
+        	// +usage=The HTTP address and port of the prometheus server
+        	metricEndpoint?: "http://prometheus-server.o11y-system.svc:9090" | string
+        	// +usage=Condition is an expression which determines if a measurement is considered successful. eg: >=0.95
+        	condition: string
+        	// +usage=Duration defines the duration of time required for this step to be considered successful.
+        	duration?: *"5m" | string
+        	// +usage=FailDuration is the duration of time that, if the check fails, will result in the step being marked as failed.
+        	failDuration?: *"2m" | string
+        }
+

charts/vela-core/templates/defwithtemplate/clean-jobs.yaml

@@ -20,6 +20,7 @@ spec:
         	labelselector?: {...}
         	namespace: *context.namespace | string
         }
+
         cleanJobs: op.#Delete & {
         	value: {
         		apiVersion: "batch/v1"
@@ -39,6 +40,7 @@ spec:
         		}
         	}
         }
+
         cleanPods: op.#Delete & {
         	value: {
         		apiVersion: "v1"

charts/vela-core/templates/defwithtemplate/collect-service-endpoints.yaml

@@ -35,6 +35,7 @@ spec:
         		}
         	}
         } @step(1)
+
         outputs: {
         	eps_port_name_filtered: *[] | [...]
         	if parameter.portName == _|_ {
@@ -69,9 +70,11 @@ spec:
         		endpoints: eps_port_filtered
         	}
         }
+
         wait: op.#ConditionalWait & {
         	continue: len(outputs.endpoints) > 0
         } @step(2)
+
         value: {
         	if len(outputs.endpoints) > 0 {
         		endpoint: outputs.endpoints[0].endpoint
@@ -79,6 +82,7 @@ spec:
         		url:      "\(parameter.protocal)://\(endpoint.host):\(_portStr)"
         	}
         }
+
         parameter: {
         	// +usage=Specify the name of the application
         	name?: string

charts/vela-core/templates/defwithtemplate/command.yaml

@@ -107,9 +107,11 @@ spec:
         		}]
         	}
         }
+
         parameter: *#PatchParams | close({
         	// +usage=Specify the commands for multiple containers
         	containers: [...#PatchParams]
         })
+
         errs: [ for c in patch.spec.template.spec.containers if c.err != _|_ {c.err}]
 

charts/vela-core/templates/defwithtemplate/container-image.yaml

@@ -72,9 +72,11 @@ spec:
         		}]
         	}
         }
+
         parameter: #PatchParams | close({
         	// +usage=Specify the container image for multiple containers
         	containers: [...#PatchParams]
         })
+
         errs: [ for c in patch.spec.template.spec.containers if c.err != _|_ {c.err}]
 

charts/vela-core/templates/defwithtemplate/cpuscaler.yaml

@@ -29,6 +29,7 @@ spec:
         		targetCPUUtilizationPercentage: parameter.cpuUtil
         	}
         }
+
         parameter: {
         	// +usage=Specify the minimal number of replicas to which the autoscaler can scale down
         	min: *1 | int

charts/vela-core/templates/defwithtemplate/cron-task.yaml

@@ -147,6 +147,7 @@ spec:
         		}
         	}
         }
+
         parameter: {
         	// +usage=Specify the labels in the workload
         	labels?: [string]: string
@@ -276,6 +277,7 @@ spec:
         	// +usage=Instructions for assessing whether the container is in a suitable state to serve traffic.
         	readinessProbe?: #HealthProbe
         }
+
         #HealthProbe: {
 
         	// +usage=Instructions for assessing container health by executing a command. Either this attribute or the httpGet attribute or the tcpSocket attribute MUST be specified. This attribute is mutually exclusive with both the httpGet attribute and the tcpSocket attribute.
@@ -318,8 +320,5 @@ spec:
         	failureThreshold: *3 | int
         }
   workload:
-    definition:
-      apiVersion: batch/v1beta1
-      kind: CronJob
-    type: cronjobs.batch
+    type: autodetects.core.oam.dev
 

charts/vela-core/templates/defwithtemplate/daemon.yaml

@@ -66,6 +66,7 @@ spec:
         		}
         	},
         ]
+
         volumesList: [
         	if parameter.volumeMounts != _|_ && parameter.volumeMounts.pvc != _|_ for v in parameter.volumeMounts.pvc {
         		{
@@ -114,6 +115,7 @@ spec:
         		}
         	},
         ]
+
         deDupVolumesArray: [
         	for val in [
         		for i, vi in volumesList {
@@ -126,6 +128,7 @@ spec:
         		val
         	},
         ]
+
         output: {
         	apiVersion: "apps/v1"
         	kind:       "DaemonSet"
@@ -275,6 +278,7 @@ spec:
         		}
         	}
         }
+
         exposePorts: [
         	if parameter.ports != _|_ for v in parameter.ports if v.expose == true {
         		port:       v.port
@@ -287,6 +291,7 @@ spec:
         		}
         	},
         ]
+
         outputs: {
         	if len(exposePorts) != 0 {
         		webserviceExpose: {
@@ -301,6 +306,7 @@ spec:
         		}
         	}
         }
+
         parameter: {
         	// +usage=Specify the labels in the workload
         	labels?: [string]: string
@@ -469,6 +475,7 @@ spec:
         		hostnames: [...string]
         	}]
         }
+
         #HealthProbe: {
 
         	// +usage=Instructions for assessing container health by executing a command. Either this attribute or the httpGet attribute or the tcpSocket attribute MUST be specified. This attribute is mutually exclusive with both the httpGet attribute and the tcpSocket attribute.

charts/vela-core/templates/defwithtemplate/deploy-cloud-resource.yaml

@@ -26,6 +26,7 @@ spec:
         	// context.namespace indicates the name of the app
         	name: context.name
         }
+
         parameter: {
         	// +usage=Declare the name of the env-binding policy, if empty, the first env-binding policy will be used
         	policy: *"" | string

charts/vela-core/templates/defwithtemplate/deploy.yaml

@@ -18,6 +18,9 @@ spec:
         	"vela/op"
         )
 
+        if parameter.auto == false {
+        	suspend: op.#Suspend & {message: "Waiting approval to the deploy step \"\(context.stepName)\""}
+        }
         deploy: op.#Deploy & {
         	policies:                 parameter.policies
         	parallelism:              parameter.parallelism

charts/vela-core/templates/defwithtemplate/deploy2env.yaml

@@ -27,6 +27,7 @@ spec:
         	// context.namespace indicates the namespace of the app
         	namespace: context.namespace
         }
+
         parameter: {
         	// +usage=Declare the name of the env-binding policy, if empty, the first env-binding policy will be used
         	policy: *"" | string

charts/vela-core/templates/defwithtemplate/deploy2runtime.yaml

@@ -41,6 +41,7 @@ spec:
         		}
         	}
         }
+
         parameter: {
         	// +usage=Declare the runtime clusters to apply, if empty, all runtime clusters will be used
         	clusters?: [...string]

charts/vela-core/templates/defwithtemplate/env.yaml

@@ -98,9 +98,11 @@ spec:
         		}]
         	}
         }
+
         parameter: *#PatchParams | close({
         	// +usage=Specify the environment variables for multiple containers
         	containers: [...#PatchParams]
         })
+
         errs: [ for c in patch.spec.template.spec.containers if c.err != _|_ {c.err}]
 

charts/vela-core/templates/defwithtemplate/envbinding.yaml

@@ -26,6 +26,7 @@ spec:
         		disable: *false | bool
         	}]
         }
+
         parameter: envs: [...{
         	name: string
         	placement?: {

charts/vela-core/templates/defwithtemplate/export-data.yaml

@@ -38,12 +38,14 @@ spec:
         		stringData: parameter.data
         	}
         } @step(1)
+
         getPlacements: op.#GetPlacementsFromTopologyPolicies & {
         	policies: *[] | [...string]
         	if parameter.topology != _|_ {
         		policies: [parameter.topology]
         	}
-        }      @step(2)
+        } @step(2)
+
         apply: op.#Steps & {
         	for p in getPlacements.placements {
         		(p.cluster): op.#Apply & {
@@ -52,6 +54,7 @@ spec:
         		}
         	}
         } @step(3)
+
         parameter: {
         	// +usage=Specify the name of the export destination
         	name?: string

charts/vela-core/templates/defwithtemplate/export-service.yaml

@@ -49,12 +49,14 @@ spec:
         		ports: [{port: parameter.targetPort}]
         	}]
         }] @step(1)
+
         getPlacements: op.#GetPlacementsFromTopologyPolicies & {
         	policies: *[] | [...string]
         	if parameter.topology != _|_ {
         		policies: [parameter.topology]
         	}
-        }      @step(2)
+        } @step(2)
+
         apply: op.#Steps & {
         	for p in getPlacements.placements {
         		for o in objects {
@@ -65,6 +67,7 @@ spec:
         		}
         	}
         } @step(3)
+
         parameter: {
         	// +usage=Specify the name of the export destination
         	name?: string

charts/vela-core/templates/defwithtemplate/expose.yaml

@@ -17,6 +17,7 @@ spec:
       template: |
         import (
         	"strconv"
+        	"strings"
         )
 
         outputs: service: {
@@ -25,22 +26,70 @@ spec:
         	metadata: name:        context.name
         	metadata: annotations: parameter.annotations
         	spec: {
-        		selector: "app.oam.dev/component": context.name
-        		ports: [
-        			for p in parameter.port {
-        				name:       "port-" + strconv.FormatInt(p, 10)
-        				port:       p
-        				targetPort: p
+        		if parameter["matchLabels"] == _|_ {
+        			selector: "app.oam.dev/component": context.name
+        		}
+        		if parameter["matchLabels"] != _|_ {
+        			selector: parameter["matchLabels"]
+        		}
+
+        		// compatible with the old way
+        		if parameter["port"] != _|_ if parameter["ports"] == _|_ {
+        			ports: [
+        				for p in parameter.port {
+        					name:       "port-" + strconv.FormatInt(p, 10)
+        					port:       p
+        					targetPort: p
+        				},
+        			]
+        		}
+        		if parameter["ports"] != _|_ {
+        			ports: [ for v in parameter.ports {
+        				port:       v.port
+        				targetPort: v.port
+        				if v.name != _|_ {
+        					name: v.name
+        				}
+        				if v.name == _|_ {
+        					_name: "port-" + strconv.FormatInt(v.port, 10)
+        					name:  *_name | string
+        					if v.protocol != "TCP" {
+        						name: _name + "-" + strings.ToLower(v.protocol)
+        					}
+        				}
+        				if v.nodePort != _|_ if parameter.type == "NodePort" {
+        					nodePort: v.nodePort
+        				}
+        				if v.protocol != _|_ {
+        					protocol: v.protocol
+        				}
         			},
-        		]
+        			]
+        		}
         		type: parameter.type
         	}
         }
         parameter: {
-        	// +usage=Specify the exposion ports
-        	port: [...int]
-        	// +usage=Specify the annotaions of the exposed service
+        	// +usage=Deprecated, the old way to specify the exposion ports
+        	port?: [...int]
+
+        	// +usage=Specify portsyou want customer traffic sent to
+        	ports?: [...{
+        		// +usage=Number of port to expose on the pod's IP address
+        		port: int
+        		// +usage=Name of the port
+        		name?: string
+        		// +usage=Protocol for port. Must be UDP, TCP, or SCTP
+        		protocol: *"TCP" | "UDP" | "SCTP"
+        		// +usage=exposed node port. Only Valid when exposeType is NodePort
+        		nodePort?: int
+        	}]
+
+        	// +usage=Specify the annotations of the exposed service
         	annotations: [string]: string
+
+        	matchLabels?: [string]: string
+
         	// +usage=Specify what kind of Service you want. options: "ClusterIP","NodePort","LoadBalancer","ExternalName"
         	type: *"ClusterIP" | "NodePort" | "LoadBalancer" | "ExternalName"
         }

charts/vela-core/templates/defwithtemplate/garbage-collect.yaml

@@ -13,10 +13,11 @@ spec:
       template: |
         #GarbageCollectPolicyRule: {
         	// +usage=Specify how to select the targets of the rule
-        	selector: [...#ResourcePolicyRuleSelector]
+        	selector: #ResourcePolicyRuleSelector
         	// +usage=Specify the strategy for target resource to recycle
         	strategy: *"onAppUpdate" | "onAppDelete" | "never"
         }
+
         #ResourcePolicyRuleSelector: {
         	// +usage=Select resources by component names
         	componentNames?: [...string]
@@ -31,9 +32,14 @@ spec:
         	// +usage=Select resources by their names
         	resourceNames?: [...string]
         }
+
         parameter: {
+        	// +usage=If set, it will override the default revision limit number and customize this number for the current application
+        	applicationRevisionLimit?: int
         	// +usage=If is set, outdated versioned resourcetracker will not be recycled automatically, outdated resources will be kept until resourcetracker be deleted manually
         	keepLegacyResource: *false | bool
+        	// +usage=If is set, continue to execute gc when the workflow fails, by default gc will be executed only after the workflow succeeds
+        	continueOnFailure: *false | bool
         	// +usage=Specify the list of rules to control gc strategy at resource level, if one resource is controlled by multiple rules, first rule will be used
         	rules?: [...#GarbageCollectPolicyRule]
         }

charts/vela-core/templates/defwithtemplate/gateway.yaml

@@ -14,12 +14,18 @@ spec:
   podDisruptive: false
   schematic:
     cue:
-      template: |
-        // trait template can have multiple outputs in one trait
-        outputs: service: {
+      template: |2
+        let nameSuffix = {
+        	if parameter.name != _|_ {"-" + parameter.name}
+        	if parameter.name == _|_ {""}
+        }
+        let serviceOutputName = "service" + nameSuffix
+        let serviceMetaName = context.name + nameSuffix
+
+        outputs: (serviceOutputName): {
         	apiVersion: "v1"
         	kind:       "Service"
-        	metadata: name: context.name
+        	metadata: name: "\(serviceMetaName)"
         	spec: {
         		selector: "app.oam.dev/component": context.name
         		ports: [
@@ -30,8 +36,12 @@ spec:
         		]
         	}
         }
+
+        let ingressOutputName = "ingress" + nameSuffix
+        let ingressMetaName = context.name + nameSuffix
         legacyAPI: context.clusterVersion.minor < 19
-        outputs: ingress: {
+
+        outputs: (ingressOutputName): {
         	if legacyAPI {
         		apiVersion: "networking.k8s.io/v1beta1"
         	}
@@ -40,7 +50,7 @@ spec:
         	}
         	kind: "Ingress"
         	metadata: {
-        		name: context.name
+        		name: "\(ingressMetaName)"
         		annotations: {
         			if !parameter.classInSpec {
         				"kubernetes.io/ingress.class": parameter.class
@@ -69,7 +79,7 @@ spec:
         			http: paths: [
         				for k, v in parameter.http {
         					path:     k
-        					pathType: "ImplementationSpecific"
+        					pathType: parameter.pathType
         					backend: {
         						if legacyAPI {
         							serviceName: context.name
@@ -87,6 +97,7 @@ spec:
         		}]
         	}
         }
+
         parameter: {
         	// +usage=Specify the domain you want to expose
         	domain?: string
@@ -105,30 +116,56 @@ spec:
 
         	// +usage=Specify the host of the ingress gateway, which is used to generate the endpoints when the host is empty.
         	gatewayHost?: string
+
+        	// +usage=Specify a unique name for this gateway, required to support multiple gateway traits on a component
+        	name?: string
+
+        	// +usage=Specify a pathType for the ingress rules, defaults to "ImplementationSpecific"
+        	pathType: *"ImplementationSpecific" | "Prefix" | "Exact"
         }
   status:
     customStatus: |-
-      if context.outputs.ingress.status.loadBalancer.ingress == _|_ {
+      let nameSuffix = {
+        if parameter.name != _|_ { "-" + parameter.name }
+        if parameter.name == _|_ { "" }
+      }
+      let ingressMetaName = context.name + nameSuffix
+      let ig  = [for i in context.outputs if (i.kind == "Ingress") && (i.metadata.name == ingressMetaName) {i}][0]
+      igs: *null | string
+      if ig != _|_ if ig.status != _|_ if ig.status.loadbalancer != _|_ {
+        igs: ig.status.loadbalancer.ingress[0]
+      }
+      igr: *null | string
+      if ig != _|_ if ig.spec != _|_  {
+        igr: ig.spec.rules[0]
+      }
+      if igs == _|_ {
         message: "No loadBalancer found, visiting by using 'vela port-forward " + context.appName + "'\n"
       }
-      if context.outputs.ingress.status.loadBalancer.ingress != _|_ {
-      	let igs = context.outputs.ingress.status.loadBalancer.ingress
-        if igs[0].ip != _|_ {
-        	if igs[0].host != _|_ {
-      	    message: "Visiting URL: " + context.outputs.ingress.spec.rules[0].host + ", IP: " + igs[0].ip
-        	}
-        	if igs[0].host == _|_ {
-      	    message: "Host not specified, visit the cluster or load balancer in front of the cluster with IP: " + igs[0].ip
-        	}
+      if igs != _|_ {
+        if igs.ip != _|_ {
+          if igr.host != _|_ {
+            message: "Visiting URL: " + igr.host + ", IP: " + igs.ip + "\n"
+          }
+          if igr.host == _|_ {
+            message: "Host not specified, visit the cluster or load balancer in front of the cluster, IP: " + igs.ip + "\n"
+          }
         }
-        if igs[0].ip == _|_ {
-        	if igs[0].host != _|_ {
-      		  message: "Visiting URL: " + context.outputs.ingress.spec.rules[0].host
-      		}
-        	if igs[0].host != _|_ {
-      	    message: "Host not specified, visit the cluster or load balancer in front of the cluster"
-      		}
+        if igs.ip == _|_ {
+          if igr.host != _|_ {
+            message: "Visiting URL: " + igr.host + "\n"
+          }
+          if igs.host == _|_ {
+            message: "Host not specified, visit the cluster or load balancer in front of the cluster\n"
+          }
         }
       }
-    healthPolicy: 'isHealth: len(context.outputs.service.spec.clusterIP) > 0'
+    healthPolicy: |-
+      let nameSuffix = {
+        if parameter.name != _|_ { "-" + parameter.name }
+        if parameter.name == _|_ { "" }
+      }
+      let ingressMetaName = context.name + nameSuffix
+      let igstat  = len([for i in context.outputs if (i.kind == "Ingress") && (i.metadata.name == ingressMetaName) {i}]) > 0
+      isHealth: igstat
 

charts/vela-core/templates/defwithtemplate/generate-jdbc-connection.yaml

@@ -34,11 +34,13 @@ spec:
         dbName:   op.#ConvertString & {bt: base64.Decode(null, output.value.data["DB_NAME"])}
         username: op.#ConvertString & {bt: base64.Decode(null, output.value.data["DB_USER"])}
         password: op.#ConvertString & {bt: base64.Decode(null, output.value.data["DB_PASSWORD"])}
+
         env: [
         	{name: "url", value:      "jdbc://" + dbHost.str + ":" + dbPort.str + "/" + dbName.str + "?characterEncoding=utf8&useSSL=false"},
         	{name: "username", value: username.str},
         	{name: "password", value: password.str},
         ]
+
         parameter: {
         	// +usage=Specify the name of the secret generated by database component
         	name: string

charts/vela-core/templates/defwithtemplate/health.yaml

@@ -1,34 +0,0 @@
-# Code generated by KubeVela templates. DO NOT EDIT. Please edit the original cue file.
-# Definition source cue file: vela-templates/definitions/internal/health.cue
-apiVersion: core.oam.dev/v1beta1
-kind: PolicyDefinition
-metadata:
-  annotations:
-    definition.oam.dev/description: Apply periodical health checking to the application.
-  name: health
-  namespace: {{ include "systemDefinitionNamespace" . }}
-spec:
-  manageHealthCheck: true
-  schematic:
-    cue:
-      template: |
-        output: {
-        	apiVersion: "core.oam.dev/v1alpha2"
-        	kind:       "HealthScope"
-        	spec: {
-        		"probe-timeout":  parameter.probeTimeout
-        		"probe-interval": parameter.probeInterval
-        		appReferences: [{
-        			appName: context.appName
-        		}]
-        		workloadRefs: []
-        		manageHealthCheck: true
-        	}
-        }
-        parameter: {
-        	// +usage=Specify health checking timeout(seconds), default 10s
-        	probeTimeout: *10 | int
-        	// +usage=Specify health checking interval(seconds), default 30s
-        	probeInterval: *30 | int
-        }
-

charts/vela-core/templates/defwithtemplate/ingress-1-20.yaml

@@ -29,6 +29,7 @@ spec:
         		]
         	}
         }
+
         outputs: ingress: {
         	apiVersion: "networking.k8s.io/v1"
         	kind:       "Ingress"
@@ -50,6 +51,7 @@ spec:
         		]
         	}]
         }
+
         parameter: {
         	// +usage=Specify the domain you want to expose
         	domain: string

charts/vela-core/templates/defwithtemplate/ingress.yaml

@@ -29,6 +29,7 @@ spec:
         		]
         	}
         }
+
         outputs: ingress: {
         	apiVersion: "networking.k8s.io/v1beta1"
         	kind:       "Ingress"
@@ -46,6 +47,7 @@ spec:
         		]
         	}]
         }
+
         parameter: {
         	// +usage=Specify the domain you want to expose
         	domain: string

charts/vela-core/templates/defwithtemplate/k8s-objects.yaml

@@ -12,6 +12,7 @@ spec:
     cue:
       template: |
         output: parameter.objects[0]
+
         outputs: {
         	for i, v in parameter.objects {
         		if i > 0 {

charts/vela-core/templates/defwithtemplate/nocalhost.yaml

@@ -38,6 +38,7 @@ spec:
         		type: "ClusterIP"
         	}
         }
+
         patch: metadata: annotations: {
         	"dev.nocalhost/application-name":      context.appName
         	"dev.nocalhost/application-namespace": context.namespace

charts/vela-core/templates/defwithtemplate/notification.yaml

@@ -159,6 +159,7 @@ spec:
         		}
         	}
         }
+
         block: {
         	type:      string
         	block_id?: string
@@ -192,18 +193,21 @@ spec:
         		initial_time?: string
         	}]
         }
+
         textType: {
         	type:      string
         	text:      string
         	emoji?:    bool
         	verbatim?: bool
         }
+
         option: {
         	text:         textType
         	value:        string
         	description?: textType
         	url?:         string
         }
+
         // send webhook notification
         ding: op.#Steps & {
         	if parameter.dingding != _|_ {
@@ -233,6 +237,7 @@ spec:
         		}
         	}
         }
+
         lark: op.#Steps & {
         	if parameter.lark != _|_ {
         		if parameter.lark.url.value != _|_ {
@@ -261,6 +266,7 @@ spec:
         		}
         	}
         }
+
         slack: op.#Steps & {
         	if parameter.slack != _|_ {
         		if parameter.slack.url.value != _|_ {
@@ -289,6 +295,7 @@ spec:
         		}
         	}
         }
+
         email: op.#Steps & {
         	if parameter.email != _|_ {
         		if parameter.email.from.password.value != _|_ {

charts/vela-core/templates/defwithtemplate/override.yaml

@@ -28,6 +28,7 @@ spec:
         		disable: *false | bool
         	}]
         }
+
         parameter: {
         	// +usage=Specify the overridden component configuration.
         	components: [...#PatchParams]

charts/vela-core/templates/defwithtemplate/print-message-in-status.yaml

@@ -17,6 +17,7 @@ spec:
         )
 
         parameter: message: string
+
         msg: op.#Message & {
         	message: parameter.message
         }

charts/vela-core/templates/defwithtemplate/read-only.yaml

@@ -15,6 +15,7 @@ spec:
         	// +usage=Specify how to select the targets of the rule
         	selector: #RuleSelector
         }
+
         #RuleSelector: {
         	// +usage=Select resources by component names
         	componentNames?: [...string]
@@ -29,6 +30,7 @@ spec:
         	// +usage=Select resources by their names
         	resourceNames?: [...string]
         }
+
         parameter: {
         	// +usage=Specify the list of rules to control read only strategy at resource level.
         	// The selected resource will be read-only to the current application. If the target resource does

charts/vela-core/templates/defwithtemplate/ref-objects.yaml

@@ -28,12 +28,14 @@ spec:
         	labelSelector?: [string]: string
         	...
         }
+
         output: {
         	if len(parameter.objects) > 0 {
         		parameter.objects[0]
         	}
         	...
         }
+
         outputs: {
         	for i, v in parameter.objects {
         		if i > 0 {

charts/vela-core/templates/defwithtemplate/resource-update.yaml

@@ -1,11 +1,11 @@
 # Code generated by KubeVela templates. DO NOT EDIT. Please edit the original cue file.
-# Definition source cue file: vela-templates/definitions/internal/read-only.cue
+# Definition source cue file: vela-templates/definitions/internal/resource-update.cue
 apiVersion: core.oam.dev/v1beta1
 kind: PolicyDefinition
 metadata:
   annotations:
-    definition.oam.dev/description: Configure the resources to be read-only in the application (no update / state-keep).
-  name: read-only
+    definition.oam.dev/description: Configure the update strategy for selected resources.
+  name: resource-update
   namespace: {{ include "systemDefinitionNamespace" . }}
 spec:
   schematic:
@@ -14,7 +14,17 @@ spec:
         #PolicyRule: {
         	// +usage=Specify how to select the targets of the rule
         	selector: #RuleSelector
+        	// +usage=The update strategy for the target resources
+        	strategy: #Strategy
         }
+
+        #Strategy: {
+        	// +usage=Specify the op for updating target resources
+        	op: *"patch" | "replace"
+        	// +usage=Specify which fields would trigger recreation when updated
+        	recreateFields?: [...string]
+        }
+
         #RuleSelector: {
         	// +usage=Select resources by component names
         	componentNames?: [...string]
@@ -29,10 +39,9 @@ spec:
         	// +usage=Select resources by their names
         	resourceNames?: [...string]
         }
+
         parameter: {
-        	// +usage=Specify the list of rules to control read only strategy at resource level.
-        	// The selected resource will be read-only to the current application. If the target resource does
-        	// not exist, error will be raised.
+        	// +usage=Specify the list of rules to control resource update strategy at resource level.
         	rules?: [...#PolicyRule]
         }
 

charts/vela-core/templates/defwithtemplate/resource.yaml

@@ -51,6 +51,7 @@ spec:
         		}
         	}]
         }
+
         parameter: {
         	// +usage=Specify the amount of cpu for requests and limits
         	cpu?: *1 | number | string

charts/vela-core/templates/defwithtemplate/service-account.yaml

@@ -41,6 +41,7 @@ spec:
         }
         // +patchStrategy=retainKeys
         patch: spec: template: spec: serviceAccountName: parameter.name
+
         _clusterPrivileges: [ if parameter.privileges != _|_ for p in parameter.privileges if p.scope == "cluster" {p}]
         _namespacePrivileges: [ if parameter.privileges != _|_ for p in parameter.privileges if p.scope == "namespace" {p}]
         outputs: {

charts/vela-core/templates/defwithtemplate/service-binding.yaml

@@ -39,6 +39,7 @@ spec:
         		]
         	}]
         }
+
         parameter: {
         	// +usage=The mapping of environment variables to secret
         	envMappings: [string]: #KeySecret

charts/vela-core/templates/defwithtemplate/share-cloud-resource.yaml

@@ -27,6 +27,7 @@ spec:
         	// context.namespace indicates the name of the app
         	name: context.name
         }
+
         parameter: {
         	// +usage=Declare the location to bind
         	placements: [...{

charts/vela-core/templates/defwithtemplate/shared-resource.yaml

@@ -13,8 +13,9 @@ spec:
       template: |
         #SharedResourcePolicyRule: {
         	// +usage=Specify how to select the targets of the rule
-        	selector: [...#ResourcePolicyRuleSelector]
+        	selector: #ResourcePolicyRuleSelector
         }
+
         #ResourcePolicyRuleSelector: {
         	// +usage=Select resources by component names
         	componentNames?: [...string]
@@ -29,6 +30,7 @@ spec:
         	// +usage=Select resources by their names
         	resourceNames?: [...string]
         }
+
         parameter: {
         	// +usage=Specify the list of rules to control shared-resource strategy at resource level.
         	// The selected resource will be sharable across applications. (That means multiple applications

charts/vela-core/templates/defwithtemplate/sidecar.yaml

@@ -103,6 +103,7 @@ spec:
         	// +usage=Instructions for assessing whether the container is in a suitable state to serve traffic.
         	readinessProbe?: #HealthProbe
         }
+
         #HealthProbe: {
 
         	// +usage=Instructions for assessing container health by executing a command. Either this attribute or the httpGet attribute or the tcpSocket attribute MUST be specified. This attribute is mutually exclusive with both the httpGet attribute and the tcpSocket attribute.

charts/vela-core/templates/defwithtemplate/startup-probe.yaml

@@ -116,6 +116,7 @@ spec:
         		}
         	}
         }
+
         patch: spec: template: spec: {
         	if parameter.probes == _|_ {
         		// +patchKey=name
@@ -160,9 +161,11 @@ spec:
         		}]
         	}
         }
+
         parameter: *#StartupProbeParams | close({
         	// +usage=Specify the startup probe for multiple containers
         	probes: [...#StartupProbeParams]
         })
+
         errs: [ for c in patch.spec.template.spec.containers if c.err != _|_ {c.err}]
 

charts/vela-core/templates/defwithtemplate/storage.yaml

@@ -61,6 +61,7 @@ spec:
         		}
         	},
         ]
+
         volumeMountsList: [
         	if parameter.pvc != _|_ for v in parameter.pvc {
         		if v.volumeMode == "Filesystem" {
@@ -107,6 +108,7 @@ spec:
         		}
         	},
         ]
+
         envList: [
         	if parameter.configMap != _|_ for v in parameter.configMap if v.mountToEnv != _|_ {
         		{
@@ -145,6 +147,7 @@ spec:
         		}
         	},
         ]
+
         volumeDevicesList: *[
         			for v in parameter.pvc if v.volumeMode == "Block" {
         		{
@@ -156,6 +159,7 @@ spec:
         		}
         	},
         ] | []
+
         deDupVolumesArray: [
         	for val in [
         		for i, vi in volumesList {
@@ -168,6 +172,7 @@ spec:
         		val
         	},
         ]
+
         patch: spec: template: spec: {
         	// +patchKey=name
         	volumes: deDupVolumesArray
@@ -182,6 +187,7 @@ spec:
         	}, ...]
 
         }
+
         outputs: {
         	for v in parameter.pvc {
         		if v.mountOnly == false {
@@ -252,6 +258,7 @@ spec:
         	}
 
         }
+
         parameter: {
         	// +usage=Declare pvc type storage
         	pvc?: [...{

charts/vela-core/templates/defwithtemplate/suspend.yaml

@@ -24,6 +24,7 @@ spec:
         		message: parameter.message
         	}
         }
+
         parameter: {
         	// +usage=Specify the wait duration time to resume workflow such as "30s", "1min" or "2m15s"
         	duration?: string

charts/vela-core/templates/defwithtemplate/take-over.yaml

@@ -13,8 +13,9 @@ spec:
       template: |
         #PolicyRule: {
         	// +usage=Specify how to select the targets of the rule
-        	selector: [...#RuleSelector]
+        	selector: #RuleSelector
         }
+
         #RuleSelector: {
         	// +usage=Select resources by component names
         	componentNames?: [...string]
@@ -29,6 +30,7 @@ spec:
         	// +usage=Select resources by their names
         	resourceNames?: [...string]
         }
+
         parameter: {
         	// +usage=Specify the list of rules to control take over strategy at resource level.
         	// The selected resource will be able to be taken over by the current application when the resource belongs to no

charts/vela-core/templates/defwithtemplate/task.yaml

@@ -113,6 +113,7 @@ spec:
         		}
         	}
         }
+
         parameter: {
         	// +usage=Specify the labels in the workload
         	labels?: [string]: string
@@ -209,6 +210,7 @@ spec:
         	// +usage=Instructions for assessing whether the container is in a suitable state to serve traffic.
         	readinessProbe?: #HealthProbe
         }
+
         #HealthProbe: {
 
         	// +usage=Instructions for assessing container health by executing a command. Either this attribute or the httpGet attribute or the tcpSocket attribute MUST be specified. This attribute is mutually exclusive with both the httpGet attribute and the tcpSocket attribute.