2025-06-10 - 2026-06-10
Overview
6 Releases published by 1 user
Published
snapshot-latest
Latest Snapshot
Published
harmony-fleet-operator-v0.0.5
Published
harmony-fleet-operator-v0.0.4
Published
harmony-fleet-operator-v0.0.3
Published
harmony-fleet-operator-v0.0.2
Published
harmony-fleet-operator-v0.0.1
183 Pull requests merged by 7 users
Merged
#327 feat(fleet-auth): unify Zitadel role extraction + request roles via scope (Ch1)
Merged
#323 fix(fleet-operator): dashboard UI bugs (mostly CSP-blocked inline JS)
Merged
#322 feat(fleet-operator): real dashboard data from kube CRs + NATS KV
Merged
#321 feat(fleet): expose operator UI via cert-manager TLS ingress
Merged
#320 chore: Refactor FLEET_OPERATOR_CREDENTIALS string that appeared in multiple places into a constant shared across all consumers
Merged
#317 fix: fleet operator chart name was conflicting with the container name. Append -chart to the chart name
Merged
#315 refactor(fleet-deploy): rename harmony-fleet-release to harmony-fleet-publish
Merged
#314 refactor(fleet-deploy): rename HARMONY_SECRET_NAMESPACE to HARMONY_CONFIG_NAMESPACE
Merged
#310 feat/fleet-cd-staging-deploy
Merged
#312 refactor/openbao-instance
Merged
#304 feat(harmony_config): unified config layer (ADR-020) — ConfigClient, ConfigClass, masking
Merged
#302 feat(harmony_secret): SSO auth hardening — silent refresh, renewal, namespacing
Merged
#303 feat(harmony): harmony-sso deploy hardening (Zitadel + OpenBao Scores)
Merged
#309 docs(agents): lead with the minimalism / DRY / anti-bloat bar
Merged
#308 ci(fleet): release pipeline on tag (minimal)
Merged
#307 feat(fleet): release the operator from a tag (minimal)
Merged
#306 feat(fleet): harmony apply — deploy the published operator chart (minimal)
Merged
#305 feat(helm): roll-forward upgrades for pinned releases
Merged
#298 Upate HTML for fleet/ARCHITECTURE.html
Merged
#296 docs(fleet): v0.3 last-mile roadmap
Merged
#291 ci: fix Windows cross-compile by gating unix-only harmony code
Merged
#290 fix: Remove kvm from harmony default features as it comes with a hefty libvirt-dev dependency
Merged
#289 ci: Add libvirt-dev dependency to enable building new harmony kvm modules
Merged
#264 feat: scaffold IoT walking skeleton — podman module, operator, and agent
Merged
#283 feat/fleet-operator-web-frontend-maud
Merged
#284 add auth to frontend through lib
Merged
#268 wip feat/add-new-node
Merged
#278 refactor(fleet-operator): replace ScorePayload with ReconcileScore in Deployment CRD [NationTech/Team#186]
Merged
#279 feat/nats-auth-callout-e2e
Merged
#280 feat/prepare-rpi
Merged
#275 feat/iot-helm
Merged
#276 refactor: rebrand iot → fleet, operator/agent crates → harmony-fleet-*
Merged
#273 fix(opnsense): valid HAProxy config + From<&str> codegen cleanup
Merged
#271 refactor(operator): replace gen-crd yaml pipeline with a harmony Score
Merged
#270 refactor(iot): extract iot-contracts crate for cross-boundary types
Merged
#269 feat/iot-arm-vm
Merged
#267 feat: capture network intent at host discovery
Merged
#266 feat(monitoring): Datadog 15-key-metrics dashboard + Ceph "what's wrong" drilldown
Merged
#265 feat(monitoring): Ceph alerts integrated with OKD's native alerting stack
Merged
#263 feat: Disable ipv4 address conflict detection score. This is useful when setting up bonds as the wrong mac may get a dhcp offer and then the system will perceive it as a conflict when it sets up the bond correctly
Merged
#250 feat/cluster-dashboard
Merged
#262 feat: create score + example to create a machineconfig resource to configured system reserved parameters
Merged
#259 feat/arm-cross-compilation
Merged
#258 feat: Refactor load balancer to remove side effect and improve types
Merged
#256 feat/opnsense-codegen
Merged
#257 feat/opnsense-codegen-type-safe
Merged
#251 fix/cnpgInstallation
Merged
#248 fix: small details were preventing to re-save frontends,backends and healthchecks in opnsense UI
Merged
#234 fix/dynamically_get_public_domain
Merged
#229 fix: readded tokio retry to get ca cert for a nats cluster which was accidentally removed during a refactor
Merged
#249 feat: add priorityClass to node_health daemonset
Merged
#240 okdload balancer using 1936 port http healthcheck
Merged
#243 reafactor/k8sclient
Merged
#246 okd: add worker nodes to load balancer backend pool
Merged
#245 fix: change vlan definition from MaybeString to RawXml
Merged
#239 feat/openbao_secret_manager
Merged
#242 feat/node-health-score
Merged
#241 feat(k8s): Can now apply resources of any scope. Kind of a hack leveraging the dynamic type under the hood but this is due to a limitation of kube-rs
Merged
#237 feat: New harmony node readiness mini project what exposes health of a node on port 25001
Merged
#233 reafactor: brocade switch slight improvements
Merged
#232 feat/drain_k8s_node
Merged
#231 feat: improve output related to storage in the discovery process
Merged
#230 feat: integrate-brocade
Merged
#228 fix: use installation_device from host_config in bootstrap_okd_node
Merged
#220 feat/harmony_agent
Merged
#221 feat: created decentralized topology, capability nats and nats super cluster
Merged
#226 fix/nats-isp
Merged
#227 feat: support use-swap-file opnsense xml field
Merged
#225 feat: introduced crate tokio-retry to allow multiple attempts to get secret from k8s
Merged
#224 fix: support DiscoveryStrategy in OKDSetup01InventoryScore
Merged
#223 fix(deps): updating fqdn version as the one currently in use have been yanked
Merged
#222 feat/ask-for-main-disk
Merged
#207 feat/nats
Merged
#219 feat: use interactive_parse lib to query for secrets attributes values
Merged
#209 adr/nats-islands-of-trust
Merged
#218 fix: modified cert-manager ensure ready to check for existence of pods with labels matching cert-manager in kubernetes env. replaced deprecated olm subscription based install of cert-manager for supported helm-chart
Merged
#217 feat: Create st-test example, fix a couple new missing xml fields for opnsense, fix bad HostRole
Merged
#211 feat/cert_manager_crds
Merged
#205 fix: kubeconfig falls back to .kube if KUBECONFIG env variable is not set
Merged
#204 fix: modified nats box to use image tag non root for use in openshift environment
Merged
#203 fix: added missing functions to impl SwitchClient for unmanagedSwitch
Merged
#200 feat: PostgreSQLScore happy path using cnpg operator
Merged
#187 Unmanaged switch client
Merged
#184 feat: OPNSense Topology useful to interact with only an opnsense instance.
Merged
#179 feat/cluster_monitoring
Merged
#167 feat(application): Webapp feature with production dns
Merged
#202 adr: draft ADR proposing harmony agent and nats-jetstram for decentralized workload management
Merged
#173 feat: implementation for opnsense os-node_exporter
Merged
#193 feat/brocade_snmp
Merged
#165 doc for removing worker flag from cp on UPI
Merged
#166 doc to clone and transfer a coreos disk
Merged
#199 feat: cnpg operator score
Merged
#196 feat: Introducing FailoverTopology and OperatorHub Catalog Subscription with example
Merged
#191 fix: added fields missing for haproxy after most recent update
Merged
#198 feat(OKDInstallation): Implemented bootstrap of okd worker node, added features to allow both control plane and worker node to use the same bootstrap_okd_node score
Merged
#197 adr: Higher order topologies
Merged
#186 fix(host_network): remove extra fields from bond config to prevent clashes
Merged
#185 fix(host_network): skip configuration for host with only 1 interface/port
Merged
#183 refactor(host_network): extract NetworkManager as a reusable component
Merged
#182 fix(host_network): retrieve proper hostname and next available bond id
Merged
#180 feat(kube): Convert kube_openapi Resource to DynamicObject
Merged
#181 fix(opnsense-config): mark Interface::enable as optional
Merged
#175 fix(host_network): adjust bond & port-channel configuration (partial)
Merged
#170 feat/impl_installable_crd_prometheus
Merged
#174 refactor(ha_cluster): inject switch client for better testability
Merged
#171 feat: scrape targets to be able to get snmp alerts from machines to prometheus
Merged
#172 fix: fixed merge error that somehow got missed
Merged
#161 feat: K8sFlavour
Merged
#157 feat(cert-manager): add cluster issuer to okd cluster score
Merged
#120 fix: remove ceph osd deletes and purges osd from ceph osd tree\
Merged
#129 fix(opnsense-config): ensure load balancer service configuration is idempotent
Merged
#169 feat(host_network): configure bonds and port channels
Merged
#168 feat(switch/brocade): Implement client to interact with Brocade switches
Merged
#162 feat: Add openbao example, open-source fork of vault
Merged
#156 fix: added securityContext.runAsUser:null to argo-cd helm chart so that in okd user group will be randomly assigned within the uid range for the designated namespace
Merged
#155 fix: added routes to domain name for prometheus, grafana, alertmanageradded argo cd to the reporting after successfull build
Merged
#153 doc: Slides demo 10 sept
Merged
#154 fix: properly configured discord alert receiver corrected domain and topic name for ntfy
Merged
#152 fix: Various demo fixe and rename : RHOBMonitoring -> Monitoring, ContinuousDelivery -> PackagingDeployment, Fix bollard logs
Merged
#151 feat: Report execution outcome
Merged
#150 fix/connected_alert_receivers
Merged
#145 fix/ingress
Merged
#114 feat: okd installation
Merged
#130 feat(opnsense-config): dnsmasq dhcp static mappings
Merged
#131 demo: describe the storyline of the talk
Merged
#135 feat: add hurl! and local_folder! macros to make Url easier to create
Merged
#134 added a monitoring stack that works with openshift/okd. Okd needs to use the cluster observability operator in order to deploy namespaced prometheuses and alertmanagers
Merged
#133 fix/argo
Merged
#132 fix/grafana-operator
Merged
#124 feat(example): added an example of packaging a rust app from github
Merged
#125 feat: Inventory PhysicalHost persistence with sqlx and local sqlite db
Merged
#126 refact: Move basic types to harmony_types crate to avoid external dependencies.
Merged
#127 feat/discover_inventory
Merged
#117 doc/pxe_test_setup
Merged
#121 feat/ceph_validate_health
Merged
#119 feat/inventory_agent
Merged
#116 feat/ceph-osd-score
Merged
#115 feat: Harmony inventory agent crate that exposes an endpoint listing the host hardware. Has to be reviewed, generated 99% by GLM-4.5
Merged
#112 feat: Add iobench project and python dashboard
Merged
#111 feat/secrets
Merged
#110 fix: bring back the TUI
Merged
#109 fix: remove indicatif in harmony_cli to simplify logging and fixing interactions
Merged
#107 fix: make sure demo works on both local & remote target
Merged
#97 fix: apply different network policies based on current target
Merged
#101 fix: improve usage of indicatif for tracking progress
Merged
#102 fix: prevent instrumentation to run in test mode
Merged
#100 refactor: Interpret score with a provided method on Score
Merged
#99 refactor: Remove InterpretStatus/Error & Outcome from Topology
Merged
#96 chore: reformat & clippy cleanup
Merged
#86 Monitor an application within a tenant
Merged
#93 fix(cli): simplify running the CLI by hiding the maestro inside the implemtation
Merged
#91 fix(cli): reduce noise & better track progress within Harmony
Merged
#90 refactor(topo/k8s_anywhere): simplify local installation of k3d
Merged
#87 fix(apps/rust): build & push using image tag instead of local VS remote image name
Merged
#88 chore: cleanup of unnecessary files & adjust gitignores
Merged
#77 log(composer): Log check_path_str value when error
Merged
#85 fix: unjank the demo
Merged
#84 fix/argoApplication
Merged
#83 feat/monitoring-application-feature
Merged
#80 fix: try to properly append YAML in correct places in argoapplication
Merged
#81 refact: Make RustWebappScore generic, it is now Application score and takes an application and list of features to attach to the application
Merged
#76 feat: harmony now defaults to using local k3d cluster. Also created OCICompliant: Application trait to make building images cleaner
Merged
#79 feat/cd/localdeploymentdemo
Merged
#78 feat: WIP argocd_score
Merged
#74 refactor/ns
Merged
#75 feat: added default resource limit and request to k8s tenant
Merged
#69 feat: Add ntfy score
Merged
#66 feat: add service monitors support to prom
Merged
#73 feat: Introduce Application trait, not too sure how it will evolve but it makes sense, at the very least to identify the Application, also some minor refactoring
Merged
#72 feat: Application Interpret still WIP but now call ensure_installed on features, also introduced a rust app example, completed work on clone_box behavior
Merged
#71 fix(composer): spawn commands to allow interaction
Merged
#70 feat: Application module architecture and placeholder features
Merged
#68 feat: added webhook receiver to alertchannels
Merged
#62 feat: add dry-run functionality and similar dependency
Merged
#67 feat: added alert rule and impl for prometheus as well as a few preconfigured bmc alerts for dell server that are used in the monitoring example
Merged
#65 feat/publishComposer
Merged
#64 impl_monitoring_alerting_kube_prometheus
Merged
#61 feat/monitoring_alerting
Merged
#58 Create harmony_composer initial
Merged
#63 feat: add tenant credential management
Merged
#51 docs: Introduce project delivery automation ADR. This is still WIP
Merged
#59 docs: New README, two options to choose from right now
Merged
#60 feat: add support for custom CIDR ingress/egress rules
29 Pull requests proposed by 4 users
Proposed
#212 chore: added rust doc for certificate management trait
Proposed
#215 feat: Autoinstall docker
Proposed
#236 WIP: refactor: openshift monitoring
Proposed
#238 fix: modified alert receiver trait to allow install plan which provides the topology the ability to apply receiver specfici configurations as required by the underlying alert sender
Proposed
#247 WIP: feature/kvm-module
Proposed
#253 feat/config_sqlite
Proposed
#254 wip: vllm example
Proposed
#255 WIP: feat: brocade module now supports vlans
Proposed
#260 WIP: feat/agent-desired-state
Proposed
#261 feat(config): add named config instances API
Proposed
#277 feat: Add openwebui installation example
Proposed
#281 feat: iobench redpanda profile to run the recommended fio settings by redpanda on a k8s storage backend
Proposed
#285 feat/opnsense-bootstrap-score
Proposed
#292 feat(fleet-deploy): smoke-test contract as a Score companion
Proposed
#293 feat/v0-3-dashboard-role-enforcement
Proposed
#294 feat/v0-3-operator-restart-baseline
Proposed
#295 feat(fleet-deploy): log-tail contract as a Score companion
Proposed
#297 feat/ceph-score
Proposed
#299 refactor(fleet-deploy): collapse smoke companion to one trait, one method
Proposed
#300 ci/fleet-operator-release-pipeline
Proposed
#311 feat(example-harmony-sso): example aligned to AGENTS.md minimalism bar
Proposed
#313 feat/fleet-staging-openbao
Proposed
#316 Allow redirect url path when user signs in
Proposed
#319 docs: ADR on how to handle securely fleet device secrets with openbao + zitadel SSO
Proposed
#328 feat(fleet-operator): aggregator recovery signal + orphan GC + recovery e2e (Ch2)
Proposed
#329 feat(fleet-operator): live-tail device logs via 2s frontend polling (Ch3)
Proposed
#330 feat(fleet): agent self-upgrade + auto-rollback protocol, ADR-022 (Ch4)
Proposed
#331 feat(fleet): graceful roll-forward upgrade + container-ID identity (Ch5)
Proposed
#332 Use entity policies for secret store access instead of through jwt
3 Issues closed from 2 users
Closed
#143 opnsense-config parsing issues
Closed
#177 HAClusterTopology always asks for Brocade related secrets, even when no brocade switch present in the inventory
Closed
#94 Introduire un K3d/sTenantManager
36 Issues created by 4 users
Opened
#82 BUG : Argo Application wrong format
Opened
#89 Improve detection of available tools on the host
Opened
#92 K3D: better verification that the K8S Client was successfully created
Opened
#94 Introduire un K3d/sTenantManager
Opened
#95 Ensure that the tenant name and the application name are the same
Opened
#98 K8s Tenant Manager: ensure constraints applied for namespace
Opened
#103 Leverage Scores to implement the ApplicationFeatures
Opened
#104 [ContinousDelivery] Avoid rebuilding images if not needed
Opened
#105 [RustWebApp] Find binary name from Cargo.toml
Opened
#106 [ContinuousDelivery] Delegate deployment responsibilities to the Topology
Opened
#108 [K3D/K3S] Dynamically egress k3d harmony server IP range
Opened
#113 Epic: Fully Orchestrate OKD Installation with Automated Node Discovery and Network Provisioning
Opened
#118 pxe_vm_lab_setup.sh fails for virt-install --version 4.1.0
Opened
#123 connect to k3d cluster using env variable USE_LOCAL_K3D=true when cluster exists but kubectl config does not
Opened
#128 Better error handling for DiscoverInventoryAgentIntrepret
Opened
#136 Detect DNS used in OPNsense and apply the right configuration in the right place for the service
Opened
#137 fix: russh is way too slow to upload large files, find a better alternative
Opened
#138 Prevent subnet overflow in DHCP range calculation
Opened
#139 Rename okd template file to okd_node.ipxe.j2
Opened
#140 SecretManager::get_or_prompt broken pastes for large single line text
Opened
#141 Opnsense config: update hash on save to prevent version issues
Opened
#142 yaserde should crash in strict mode when encountering duplicate fields that are not vec
Opened
#143 opnsense-config parsing issues
Opened
#146 Check openshift operator status instead of replica count
Opened
#147 Implement correctly various k8s implementations
Opened
#148 Add logs when docker build & push failed
Opened
#149 RIP Bollard
Opened
#163 BUG OKD "tcp server port" check is not enough when a node is half broken
Opened
#176 As a private cloud owner, I want to receive alerts in my Discord server when something goes wrong with my cluster.
Opened
#177 HAClusterTopology always asks for Brocade related secrets, even when no brocade switch present in the inventory
Opened
#178 Alert receiver architecture simplification
Opened
#189 All installation of OPNsense package fail
Opened
#190 Toward easy installation of HACluster Topology
Opened
#206 RFC : Harmony agent versionning strategy
Opened
#214 [WIP] Applying Chaos Engineering to Harmony | Usage de Harmony par une startup DeepTech
Opened
#216 [WIP] [Feature Request] Support k3d + podman
5 Unresolved Conversations
Open
#7
ADR : Choose a default runtime for zero config deployments
Open
#3
Keycloack harmony integration POC
Open
#2
Refactor OKDDhcpScore to pass a struct instead of too many parameters
Open
#5
RFC : Authentication and secret management
Open
#35
Work on infrastructure abstractions for applications such as ingress