[cozystack-operator] Introduce API objects: packages and packagesources

[kvaps]

Signed-off-by: Andrei Kvapil kvapss@gmail.com

What this PR does

See the examples (not part of this PR)

PackageSource:

• https://github.com/cozystack/cozystack/blob/43cef5d50e31aaf21c7cdf39d741dabd959096f3/packages/core/platform/templates/sources/backup-controller.yaml

Package:

• https://github.com/cozystack/cozystack/blob/43cef5d50e31aaf21c7cdf39d741dabd959096f3/packages/core/platform/templates/packages/isp-full.yaml

Platform Package:

• https://github.com/cozystack/cozystack/blob/43cef5d50e31aaf21c7cdf39d741dabd959096f3/packages/core/installer/example/platform.yaml

Release note

[cozystack-operator] Introduce API objects: packages and packagesources

Summary by CodeRabbit

• New Features

  • Introduced Package and PackageSource custom resources to manage software packages and their configurations, with support for variants, components, library management, and dependency handling.

• Bug Fixes

  • Made the Chart field optional in CozystackResourceDefinitionRelease.

• Chores

  • Updated code generation tooling and CRD artifact management.

_{✏️ Tip: You can customize this high-level summary in your review settings.}

[coderabbitai]

Note

Other AI code review bot(s) detected

CodeRabbit has detected other AI code review bot(s) in this pull request and will avoid duplicating their findings in the review comments. This may lead to a less comprehensive review.

Walkthrough

The pull request introduces two new Kubernetes CustomResourceDefinitions: Package and PackageSource. It makes the Chart field optional in CozystackResourceDefinitionRelease, generates required deepcopy methods for new types, updates code generation scripts to organize CRD artifacts, and adds CRD schema YAML definitions.

Changes

Cohort / File(s)	Summary
API Type Definitions api/v1alpha1/package_types.go, api/v1alpha1/packagesource_types.go	Introduce new CRD root types Package/PackageList and PackageSource/PackageSourceList with corresponding Spec and Status types. PackageSpec includes Variant, IgnoreDependencies, and Components (mapping component overrides). PackageSourceSpec includes SourceRef and Variants array. Variant/Component structures define hierarchical package source structure with dependencies, libraries, and installation config.
Existing Type Modification api/v1alpha1/cozystackresourcedefinitions_types.go	Make Chart field in CozystackResourceDefinitionRelease optional by adding +optional marker and omitempty JSON tag. Update documentation formatting for CozystackResourceDefinitionResourceSelector example YAML block.
Generated Deepcopy Methods api/v1alpha1/zz_generated.deepcopy.go	Auto-generate DeepCopyInto, DeepCopy, and DeepCopyObject methods for 15 new/modified types (Package, PackageList, PackageSpec, PackageComponent, PackageStatus, PackageSource, PackageSourceList, PackageSourceSpec, PackageSourceRef, PackageSourceStatus, Component, ComponentInstall, Library, Variant). Add imports for apiextensionsv1 and metav1.
Build Configuration hack/update-codegen.sh	Add CRD directory variables (OPERATOR_CRDDIR, BACKUPSTRATEGY_CRDDIR, BACKUPS_CORE_CRDDIR) and introduce post-generation moves to organize generated CRD YAMLs into appropriate directories by type (packages, packagesources, cozystackresourcedefinitions, backups-related).
CRD Schema Definitions packages/core/installer/definitions/cozystack.io_packages.yaml, packages/core/installer/definitions/cozystack.io_packagesources.yaml	Define cluster-scoped CustomResourceDefinitions with OpenAPI v3 schemas. Package CRD includes spec fields for components (map), ignoreDependencies, variant; status conditions field. PackageSource CRD includes spec fields for sourceRef (GitRepository/OCIRepository), variants (complex nested structures with components, dependencies, libraries); status conditions and variants field. Both include printer columns and status subresources.
Template and Metadata packages/core/installer/templates/crds.yaml, packages/core/installer/definitions/.gitattributes	Add Helm template snippet (commented) for aggregating CRD YAMLs via .Files.Glob. Mark all YAML files in definitions directory as linguist-generated.

Estimated code review effort

🎯 3 (Moderate) | ⏱️ ~25 minutes

Pre-merge checks and finishing touches

❌ Failed checks (1 warning)

Check name	Status	Explanation	Resolution
Docstring Coverage	⚠️ Warning	Docstring coverage is 0.00% which is insufficient. The required threshold is 80.00%.	You can run @coderabbitai generate docstrings to improve docstring coverage.

✅ Passed checks (2 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title check	✅ Passed	The title accurately summarizes the main change: introduction of two new API objects (Package and PackageSource) to the cozystack-operator.

✨ Finishing touches

• 📝 Generate docstrings

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Post copyable unit tests in a comment
• Commit unit tests in branch cozystack-operator-api

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[gemini-code-assist]

Summary of Changes

Hello @kvaps, I'm Gemini Code Assist¹! I'm currently reviewing this pull request and will post my feedback shortly. In the meantime, here's a summary to help you and other reviewers quickly get up to speed!

This pull request lays the foundational groundwork for a robust package management system within the Cozystack operator. By introducing the Package and PackageSource API objects, it enables a declarative approach to defining, discovering, and deploying software components. This enhancement streamlines the process of managing Cozystack applications and their dependencies, leveraging Kubernetes-native constructs and integrating with Helm for component deployment and configuration.

Highlights

• New API Objects Introduced: This pull request introduces two new Kubernetes API objects: Package and PackageSource. These objects are designed to provide a declarative way to define and manage software packages within the Cozystack operator.
• Declarative Package Management: The Package object allows for specifying a desired package variant, ignoring certain dependencies, and overriding component configurations. The PackageSource object defines the source of packages, including variants, components (Helm releases), libraries, and dependencies.
• Automated Code Generation Updates: Standard boilerplate code, such as deepcopy methods for the new API types and their corresponding CustomResourceDefinition (CRD) YAMLs, has been automatically generated and included.

🧠 New Feature in Public Preview: You can now enable Memory to help Gemini Code Assist learn from your team's feedback. This makes future code reviews more consistent and personalized to your project's style. Click here to enable Memory in your admin console.

Using Gemini Code Assist

The full guide for Gemini Code Assist can be found on our documentation page, here are some quick tips.

Invoking Gemini

You can request assistance from Gemini at any point by creating a comment using either /gemini <command> or @gemini-code-assist <command>. Below is a summary of the supported commands on the current page.

Feature	Command	Description
Code Review	/gemini review	Performs a code review for the current pull request in its current state.
Pull Request Summary	/gemini summary	Provides a summary of the current pull request in its current state.
Comment	@gemini-code-assist	Responds in comments when explicitly tagged, both in pull request comments and review comments.
Help	/gemini help	Displays a list of available commands.

Customization

To customize Gemini Code Assist for GitHub experience, repository maintainers can create a configuration file and/or provide a custom code review style guide (such as PEP-8 for Python) by creating and adding files to a .gemini/ folder in the base of the repository. Detailed instructions can be found here.

Limitations & Feedback

Gemini Code Assist may make mistakes. Please leave feedback on any instances where its feedback is incorrect or counter productive. You can react with 👍 and 👎 on @gemini-code-assist comments. If you're interested in giving your feedback about your experience with Gemini Code Assist for Github and other Google products, sign up here.

You can also get AI-powered code generation, chat, as well as code reviews directly in the IDE at no cost with the Gemini Code Assist IDE Extension.

Footnotes

1. Review the Privacy Notices, Generative AI Prohibited Use Policy, Terms of Service, and learn how to configure Gemini Code Assist in GitHub here. Gemini can make mistakes, so double check it and use code with caution. ↩

[gemini-code-assist]

Code Review

This pull request introduces new Package and PackageSource API objects, which is a significant feature addition. The implementation is mostly solid, including the Go type definitions, generated deepcopy functions, and CRD YAMLs. However, I've identified a few areas for improvement to enhance API clarity, maintainability, and correctness. My feedback includes removing an unused struct, improving an API field's type, fixing a script with a duplicate variable definition, correcting a misleading comment, and fixing a broken Helm template. Addressing these points will strengthen the new API and its supporting components.

[coderabbitai]

Actionable comments posted: 2

Caution

Some comments are outside the diff and can’t be posted inline due to platform limitations.

⚠️ Outside diff range comments (1)

hack/update-codegen.sh (1)

27-32: Duplicate variable declaration: BACKUPSTRATEGY_CRDDIR is defined twice.

Line 28 and line 32 both define BACKUPSTRATEGY_CRDDIR with the same value. Remove the duplicate on line 28.

🔎 Proposed fix

 OPERATOR_CRDDIR=packages/core/installer/crds
-BACKUPSTRATEGY_CRDDIR=packages/system/backupstrategy-controller/definitions
 COZY_CONTROLLER_CRDDIR=packages/system/cozystack-controller/crds
 COZY_RD_CRDDIR=packages/system/cozystack-resource-definition-crd/definition
 BACKUPS_CORE_CRDDIR=packages/system/backup-controller/definitions
 BACKUPSTRATEGY_CRDDIR=packages/system/backupstrategy-controller/definitions

📜 Review details

Configuration used: defaults

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between fe7bdcf and f9d9248.

📒 Files selected for processing (8)

• api/v1alpha1/cozystackresourcedefinitions_types.go
• api/v1alpha1/package_types.go
• api/v1alpha1/packagesource_types.go
• api/v1alpha1/zz_generated.deepcopy.go
• hack/update-codegen.sh
• packages/core/installer/crds/cozystack.io_packages.yaml
• packages/core/installer/crds/cozystack.io_packagesources.yaml
• packages/core/installer/templates/crds.yaml

🧰 Additional context used

📓 Path-based instructions (2)

**/*.go

📄 CodeRabbit inference engine (AGENTS.md)

Use Controller-runtime patterns and kubebuilder style for Go code

Files:

• api/v1alpha1/package_types.go
• api/v1alpha1/packagesource_types.go
• api/v1alpha1/cozystackresourcedefinitions_types.go
• api/v1alpha1/zz_generated.deepcopy.go

**/zz_generated.*.go

📄 CodeRabbit inference engine (AGENTS.md)

Do not edit auto-generated Go files matching pattern zz_generated.*.go

Files:

• api/v1alpha1/zz_generated.deepcopy.go

🧠 Learnings (1)

📚 Learning: 2025-07-11T06:11:25.438Z

Learnt from: lllamnyp
Repo: cozystack/cozystack PR: 1130
File: hack/e2e-apps/kubernetes.bats:101-101
Timestamp: 2025-07-11T06:11:25.438Z
Learning: In cozystack, the plural form for the Kubernetes custom resource is `kuberneteses.apps.cozystack.io`, not `kubernetes.apps.cozystack.io`. This is defined in the API schema even though it's not grammatically perfect.

Applied to files:

• packages/core/installer/crds/cozystack.io_packages.yaml

🧬 Code graph analysis (3)

api/v1alpha1/package_types.go (1)

api/v1alpha1/packagesource_types.go (1)

• Variant (65-82)

api/v1alpha1/packagesource_types.go (2)

api/v1alpha1/cozystackresourcedefinitions_types.go (1)

• SourceRef (71-80)

pkg/apis/apps/install/install.go (1)

• Install (26-29)

api/v1alpha1/zz_generated.deepcopy.go (2)

api/v1alpha1/packagesource_types.go (9)

• Component (151-172)
• ComponentInstall (131-148)
• DependencyTarget (86-95)
• Library (98-106)
• PackageSource (31-37)
• PackageSourceList (42-46)
• PackageSourceSpec (53-62)
• Variant (65-82)
• PackageSourceStatus (175-184)

api/v1alpha1/package_types.go (5)

• Package (32-38)
• PackageComponent (72-82)
• PackageList (43-47)
• PackageSpec (54-69)
• PackageStatus (85-89)

🪛 YAMLlint (1.37.1)

packages/core/installer/templates/crds.yaml

[error] 2-2: syntax error: expected ',' or '}', but got '{'

(syntax)

⏰ Context from checks skipped due to timeout of 90000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (1)

• GitHub Check: Build

🔇 Additional comments (11)

api/v1alpha1/cozystackresourcedefinitions_types.go (1)

95-96: LGTM! Proper kubebuilder pattern for optional field.

The +optional marker paired with omitempty JSON tag follows controller-runtime conventions correctly.

packages/core/installer/templates/crds.yaml (1)

1-6: Template logic is commented out and will not render any CRDs.

The entire file is wrapped in Helm comment delimiters {{/* */}}, so the range loop will never execute. If you intend to include CRD YAMLs in the Helm chart output, remove the comment markers:

🔎 Proposed fix to activate the template

-{{/*
 {{- range $path, $_ := .Files.Glob "crds/*.yaml" }}
 ---
 {{ $.Files.Get $path }}
 {{- end }}
-*/}}

If this is intentionally disabled (e.g., CRDs are applied separately), consider adding an inline comment explaining why.

packages/core/installer/crds/cozystack.io_packages.yaml (1)

1-156: Well-structured CRD definition.

The Package CRD follows Kubernetes conventions correctly:

• Appropriate scope (Cluster), short names, and printer columns
• Standard conditions schema with proper validation constraints
• Use of x-kubernetes-preserve-unknown-fields for the Values field aligns with the apiextensionsv1.JSON type in Go

hack/update-codegen.sh (1)

67-68: LGTM! CRD artifacts routed to the new installer directory.

The move commands correctly place the new Package and PackageSource CRDs in the operator's CRD directory.

api/v1alpha1/package_types.go (3)

24-51: Well-structured kubebuilder CRD types.

The Package and PackageList types follow controller-runtime patterns correctly:

• Proper kubebuilder markers for scope, short names, status subresource, and printer columns
• Scheme registration in init()
• Standard embedding of TypeMeta and ObjectMeta

---

54-69: PackageSpec design looks good.

• Optional fields properly marked with +optional and omitempty
• Components as a map allows direct lookup by release name
• Clear documentation comments explaining each field's purpose

---

73-88: Good use of pointer types for optional semantics.

Using *bool for Enabled correctly distinguishes between "unset" (nil), "explicitly true", and "explicitly false". Using *apiextensionsv1.JSON for Values is the standard approach for arbitrary JSON in CRD specs.

packages/core/installer/crds/cozystack.io_packagesources.yaml (1)

1-251: Comprehensive PackageSource CRD definition.

The CRD is well-designed:

• Enum validation on sourceRef.kind ensures only valid source types
• Nested structures (variants → components → install) are properly defined with required fields
• Status includes both structured conditions and a display-friendly variants string for the printer column
• Short names (pkgsrc, pkgsrcs) follow the pattern established by Package (pkg, pkgs)

api/v1alpha1/packagesource_types.go (2)

1-50: LGTM: Well-structured CRD definitions following kubebuilder patterns.

The license header, imports, type definitions, and scheme registration are correctly implemented. The kubebuilder markers for scope, shortNames, status subresource, and print columns are appropriate for a cluster-scoped CRD.

---

52-183: LGTM: Spec and Status types are well-defined.

The type hierarchy is clear and follows kubebuilder conventions:

• Proper use of +required and +optional markers
• Enum validation on PackageSourceRef.Kind correctly constrains to GitRepository/OCIRepository
• Status uses standard metav1.Condition pattern for observability

api/v1alpha1/zz_generated.deepcopy.go (1)

1-28: Auto-generated file - no manual edits required.

This file is generated by controller-gen (as indicated by the build tag and header comment). The deepcopy implementations for the new CRD types appear correctly generated. As per coding guidelines, this file should not be manually edited.

[coderabbitai]

Actionable comments posted: 0

♻️ Duplicate comments (1)

packages/core/installer/templates/crds.yaml (1)

1-6: The entire Helm template is commented out and will render as empty.

This matches the previous review feedback. The CRD aggregation logic is wrapped in {{/* ... */}}, preventing any output when the template is rendered. If this template is intended to install the CRDs from the crds/ directory, remove the comment wrapper.

🔎 Proposed fix

-{{/*
 {{- range $path, $_ := .Files.Glob "crds/*.yaml" }}
 ---
 {{ $.Files.Get $path }}
 {{- end }}
-*/}}

🧹 Nitpick comments (1)

api/v1alpha1/packagesource_types.go (1)

161-171: Consider using []string for the Variants field.

The Variants field (line 166) is defined as a comma-separated string. For Kubernetes APIs, it's more idiomatic to use []string, which simplifies programmatic access for clients and controllers. The printer column can still display a comma-separated list using JSONPath formatting if needed.

🔎 Alternative implementation

 // PackageSourceStatus defines the observed state of PackageSource
 type PackageSourceStatus struct {
-	// Variants is a comma-separated list of package variant names
+	// Variants is a list of package variant names
 	// This field is populated by the controller based on spec.variants keys
 	// +optional
-	Variants string `json:"variants,omitempty"`
+	Variants []string `json:"variants,omitempty"`

 	// Conditions represents the latest available observations of a PackageSource's state
 	// +optional
 	Conditions []metav1.Condition `json:"conditions,omitempty"`
 }

The printer column at line 22-24 in the CRD would need slight adjustment to join the array:

jsonPath: ".status.variants"  # Or use custom formatting if needed

📜 Review details

Configuration used: defaults

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between f9d9248 and 2474150.

📒 Files selected for processing (8)

• api/v1alpha1/cozystackresourcedefinitions_types.go
• api/v1alpha1/package_types.go
• api/v1alpha1/packagesource_types.go
• api/v1alpha1/zz_generated.deepcopy.go
• hack/update-codegen.sh
• packages/core/installer/crds/cozystack.io_packages.yaml
• packages/core/installer/crds/cozystack.io_packagesources.yaml
• packages/core/installer/templates/crds.yaml

🚧 Files skipped from review as they are similar to previous changes (2)

• packages/core/installer/crds/cozystack.io_packages.yaml
• api/v1alpha1/cozystackresourcedefinitions_types.go

🧰 Additional context used

📓 Path-based instructions (2)

**/*.go

📄 CodeRabbit inference engine (AGENTS.md)

Use Controller-runtime patterns and kubebuilder style for Go code

Files:

• api/v1alpha1/package_types.go
• api/v1alpha1/packagesource_types.go
• api/v1alpha1/zz_generated.deepcopy.go

**/zz_generated.*.go

📄 CodeRabbit inference engine (AGENTS.md)

Do not edit auto-generated Go files matching pattern zz_generated.*.go

Files:

• api/v1alpha1/zz_generated.deepcopy.go

🧠 Learnings (3)

📓 Common learnings

Learnt from: CR
Repo: cozystack/cozystack PR: 0
File: AGENTS.md:0-0
Timestamp: 2025-11-27T11:21:45.808Z
Learning: Applies to **/Chart.yaml : Use Helm Charts with the umbrella pattern and vendor upstream charts in `charts/` directory

📚 Learning: 2025-07-11T06:11:25.438Z

Learnt from: lllamnyp
Repo: cozystack/cozystack PR: 1130
File: hack/e2e-apps/kubernetes.bats:101-101
Timestamp: 2025-07-11T06:11:25.438Z
Learning: In cozystack, the plural form for the Kubernetes custom resource is `kuberneteses.apps.cozystack.io`, not `kubernetes.apps.cozystack.io`. This is defined in the API schema even though it's not grammatically perfect.

Applied to files:

• packages/core/installer/crds/cozystack.io_packagesources.yaml

📚 Learning: 2025-07-11T06:28:13.696Z

Learnt from: lllamnyp
Repo: cozystack/cozystack PR: 1160
File: packages/system/hetzner-robotlb/charts/robotlb/templates/role.yaml:6-8
Timestamp: 2025-07-11T06:28:13.696Z
Learning: In Helm templates, the `{{-` directive chomps all leading whitespace including newlines back to the previous content, so `{{- toYaml .Values.something | nindent 2 }}` will render correctly even with apparent indentation issues. However, for better style, it's cleaner to put the template directive on the same line as the parent key (e.g., `rules: {{- toYaml .Values.serviceAccount.permissions | nindent 2 }}`).

Applied to files:

• packages/core/installer/templates/crds.yaml

🧬 Code graph analysis (3)

api/v1alpha1/package_types.go (1)

api/v1alpha1/packagesource_types.go (1)

• Variant (65-82)

api/v1alpha1/packagesource_types.go (2)

api/v1alpha1/cozystackresourcedefinitions_types.go (1)

• SourceRef (71-80)

pkg/apis/apps/install/install.go (1)

• Install (26-29)

api/v1alpha1/zz_generated.deepcopy.go (3)

api/v1alpha1/packagesource_types.go (5)

• Component (138-159)
• ComponentInstall (118-135)
• Library (85-93)
• PackageSource (31-37)
• Variant (65-82)

api/v1alpha1/package_types.go (5)

• Package (32-38)
• PackageComponent (72-82)
• PackageList (43-47)
• PackageSpec (54-69)
• PackageStatus (85-89)

api/v1alpha1/cozystackresourcedefinitions_types.go (1)

• SourceRef (71-80)

🪛 YAMLlint (1.37.1)

packages/core/installer/templates/crds.yaml

[error] 2-2: syntax error: expected ',' or '}', but got '{'

(syntax)

⏰ Context from checks skipped due to timeout of 90000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (1)

• GitHub Check: Build

🔇 Additional comments (5)

hack/update-codegen.sh (1)

27-27: LGTM! CRD organization follows the established pattern.

The new OPERATOR_CRDDIR variable and corresponding move commands correctly place the generated Package and PackageSource CRDs into the installer's CRD directory, consistent with the overall CRD artifact organization strategy.

Also applies to: 66-68

api/v1alpha1/package_types.go (1)

24-89: LGTM! Clean CRD design following Kubernetes conventions.

The Package API types are well-structured with:

• Proper kubebuilder markers for CRD generation (cluster-scoped, status subresource, printer columns)
• Standard use of metav1.Condition for status
• Flexible component overrides using apiextensionsv1.JSON for Helm values
• Clear documentation for all fields

packages/core/installer/crds/cozystack.io_packagesources.yaml (1)

1-251: Generated CRD file - no manual edits required.

This CRD manifest is auto-generated by controller-gen (as indicated by the annotation on line 6). Any necessary changes should be made to the source Go types in api/v1alpha1/packagesource_types.go, then regenerated using hack/update-codegen.sh.

api/v1alpha1/packagesource_types.go (1)

23-159: LGTM! Well-structured PackageSource API.

The type definitions follow Kubernetes and controller-runtime patterns effectively:

• Cluster-scoped resource with appropriate markers
• Clear separation between spec (desired) and status (observed)
• Flexible variant system with components, libraries, and dependencies
• Proper use of enum validation for source kinds (GitRepository, OCIRepository)
• Comprehensive field documentation

api/v1alpha1/zz_generated.deepcopy.go (1)

1-839: Auto-generated deepcopy implementations - no review needed.

This file is auto-generated by controller-gen as indicated by the header comment (line 19). Per the coding guidelines, files matching zz_generated.*.go should not be manually edited. The generated deepcopy methods correctly support the new Package and PackageSource API types.

[coderabbitai]

Actionable comments posted: 0

♻️ Duplicate comments (1)

api/v1alpha1/packagesource_types.go (1)

161-171: Consider using []string for Variants status field.

The Variants field is a comma-separated string, which works for the printer column but is less idiomatic for programmatic access. A []string would be easier for controllers and clients to work with. The printer column can still display comma-separated values using a custom formatter or JSONPath.

This was noted in a past review, so if this design choice is intentional (e.g., for simplicity or specific controller requirements), feel free to keep it as-is.

🧹 Nitpick comments (1)

packages/core/installer/definitions/cozystack.io_packagesources.yaml (1)

1-251: LGTM! CRD files are not currently marked as generated in .gitattributes.

The CRD definition is correctly structured and aligns with the Go types. However, verification confirms that CRD files in packages/core/installer/definitions/ are not yet marked as generated in .gitattributes, which was requested in a previous review. Consider adding a .gitattributes entry (e.g., definitions/**/*.yaml linguist-generated=true) to mark these auto-generated files consistently.

📜 Review details

Configuration used: defaults

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 2474150 and 9848810.

📒 Files selected for processing (9)

• api/v1alpha1/cozystackresourcedefinitions_types.go
• api/v1alpha1/package_types.go
• api/v1alpha1/packagesource_types.go
• api/v1alpha1/zz_generated.deepcopy.go
• hack/update-codegen.sh
• packages/core/installer/definitions/.gitattributes
• packages/core/installer/definitions/cozystack.io_packages.yaml
• packages/core/installer/definitions/cozystack.io_packagesources.yaml
• packages/core/installer/templates/crds.yaml

✅ Files skipped from review due to trivial changes (1)

• packages/core/installer/definitions/.gitattributes

🚧 Files skipped from review as they are similar to previous changes (2)

• hack/update-codegen.sh
• api/v1alpha1/cozystackresourcedefinitions_types.go

🧰 Additional context used

📓 Path-based instructions (2)

**/*.go

📄 CodeRabbit inference engine (AGENTS.md)

Use Controller-runtime patterns and kubebuilder style for Go code

Files:

• api/v1alpha1/packagesource_types.go
• api/v1alpha1/package_types.go
• api/v1alpha1/zz_generated.deepcopy.go

**/zz_generated.*.go

📄 CodeRabbit inference engine (AGENTS.md)

Do not edit auto-generated Go files matching pattern zz_generated.*.go

Files:

• api/v1alpha1/zz_generated.deepcopy.go

🧠 Learnings (7)

📓 Common learnings

Learnt from: lllamnyp
Repo: cozystack/cozystack PR: 1130
File: hack/e2e-apps/kubernetes.bats:101-101
Timestamp: 2025-07-11T06:11:25.438Z
Learning: In cozystack, the plural form for the Kubernetes custom resource is `kuberneteses.apps.cozystack.io`, not `kubernetes.apps.cozystack.io`. This is defined in the API schema even though it's not grammatically perfect.

📚 Learning: 2025-07-11T06:11:25.438Z

Learnt from: lllamnyp
Repo: cozystack/cozystack PR: 1130
File: hack/e2e-apps/kubernetes.bats:101-101
Timestamp: 2025-07-11T06:11:25.438Z
Learning: In cozystack, the plural form for the Kubernetes custom resource is `kuberneteses.apps.cozystack.io`, not `kubernetes.apps.cozystack.io`. This is defined in the API schema even though it's not grammatically perfect.

Applied to files:

• packages/core/installer/definitions/cozystack.io_packagesources.yaml
• packages/core/installer/definitions/cozystack.io_packages.yaml

📚 Learning: 2025-11-27T11:21:45.808Z

Learnt from: CR
Repo: cozystack/cozystack PR: 0
File: AGENTS.md:0-0
Timestamp: 2025-11-27T11:21:45.808Z
Learning: Applies to **/zz_generated.*.go : Do not edit auto-generated Go files matching pattern `zz_generated.*.go`

Applied to files:

• packages/core/installer/definitions/cozystack.io_packagesources.yaml

📚 Learning: 2025-07-11T06:28:13.696Z

Learnt from: lllamnyp
Repo: cozystack/cozystack PR: 1160
File: packages/system/hetzner-robotlb/charts/robotlb/templates/role.yaml:6-8
Timestamp: 2025-07-11T06:28:13.696Z
Learning: In Helm templates, the `{{-` directive chomps all leading whitespace including newlines back to the previous content, so `{{- toYaml .Values.something | nindent 2 }}` will render correctly even with apparent indentation issues. However, for better style, it's cleaner to put the template directive on the same line as the parent key (e.g., `rules: {{- toYaml .Values.serviceAccount.permissions | nindent 2 }}`).

Applied to files:

• packages/core/installer/templates/crds.yaml

📚 Learning: 2025-11-27T11:21:45.808Z

Learnt from: CR
Repo: cozystack/cozystack PR: 0
File: AGENTS.md:0-0
Timestamp: 2025-11-27T11:21:45.808Z
Learning: Applies to **/Chart.yaml : Use Helm Charts with the umbrella pattern and vendor upstream charts in `charts/` directory

Applied to files:

• packages/core/installer/templates/crds.yaml

📚 Learning: 2025-11-27T11:21:45.808Z

Learnt from: CR
Repo: cozystack/cozystack PR: 0
File: AGENTS.md:0-0
Timestamp: 2025-11-27T11:21:45.808Z
Learning: Applies to **/charts/** : Do not directly modify upstream charts; use vendoring approach instead

Applied to files:

• packages/core/installer/templates/crds.yaml

📚 Learning: 2025-07-23T09:15:09.658Z

Learnt from: lllamnyp
Repo: cozystack/cozystack PR: 1233
File: packages/system/hetzner-robotlb/charts/robotlb/templates/deployment.yaml:33-35
Timestamp: 2025-07-23T09:15:09.658Z
Learning: The `./charts/robotlb/` directory in the hetzner-robotlb package contains vendored code, and the team generally avoids modifying vendored code to maintain clean separation from upstream dependencies.

Applied to files:

• packages/core/installer/templates/crds.yaml

🧬 Code graph analysis (2)

api/v1alpha1/packagesource_types.go (2)

api/v1alpha1/cozystackresourcedefinitions_types.go (1)

• SourceRef (71-80)

pkg/apis/apps/install/install.go (1)

• Install (26-29)

api/v1alpha1/package_types.go (1)

api/v1alpha1/packagesource_types.go (1)

• Variant (65-82)

🪛 YAMLlint (1.37.1)

packages/core/installer/templates/crds.yaml

[error] 2-2: syntax error: expected ',' or '}', but got '{'

(syntax)

⏰ Context from checks skipped due to timeout of 90000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (1)

• GitHub Check: Build

🔇 Additional comments (5)

packages/core/installer/templates/crds.yaml (1)

1-6: Clarify: Commented-out template means CRDs won't be deployed via Helm.

The entire template is commented out ({{/* ... */}}), so this file renders as empty. Based on past review discussion, this is intentional to avoid conflicts with Helm's special crds/ directory handling. Please confirm that CRDs are deployed through an alternative mechanism (e.g., applied directly via kubectl, or managed by the operator itself).

The YAMLlint syntax error is a false positive—it doesn't understand Helm template syntax.

packages/core/installer/definitions/cozystack.io_packages.yaml (1)

1-156: LGTM!

The CRD definition is well-structured and follows Kubernetes conventions:

• Cluster-scoped with appropriate short names (pkg, pkgs)
• Printer columns provide useful at-a-glance information
• Status conditions follow the standard metav1.Condition pattern
• x-kubernetes-preserve-unknown-fields on values appropriately allows arbitrary Helm values

This appears to be auto-generated by controller-gen and aligns with the Go types in package_types.go.

api/v1alpha1/package_types.go (1)

1-89: LGTM!

The Go types follow kubebuilder/controller-runtime patterns correctly:

• Kubebuilder markers are properly configured for cluster-scoped CRD with status subresource
• Using *bool for Enabled and *apiextensionsv1.JSON for Values correctly handles optional/nullable semantics
• Doc comments now match type names (past review issue resolved)
• Registration with SchemeBuilder in init() follows conventions

api/v1alpha1/packagesource_types.go (1)

23-159: LGTM!

The PackageSource types are well-designed:

• Kubebuilder markers correctly configure cluster-scoped CRD with status subresource
• PackageSourceRef.Kind enum validation (GitRepository, OCIRepository) provides good API guardrails
• Hierarchical structure (Variants → Components → Install) is clear and well-documented
• The DependencyTarget type mentioned in past reviews has been removed as expected

api/v1alpha1/zz_generated.deepcopy.go (1)

1-28: Auto-generated file — skipping detailed review.

This file is generated by controller-gen and should not be manually edited. The deepcopy implementations for the new types (Package, PackageSource, and related structs) appear correctly generated based on the source types.

As per coding guidelines: "Do not edit auto-generated Go files matching pattern zz_generated.*.go"