chore(deploy): remove v1 kubernetes-controller from chart, CI, scripts, docs

.github/workflows/release.yml

@@ -87,15 +87,14 @@ jobs:
 
           All images are available for both \`linux/amd64\` and \`linux/arm64\` platforms:
 
-          - Kubernetes Controller: \`ghcr.io/${{ github.repository_owner }}/streamspace-kubernetes-controller:${{ steps.version.outputs.VERSION }}\`
           - API: \`ghcr.io/${{ github.repository_owner }}/streamspace-api:${{ steps.version.outputs.VERSION }}\`
           - UI: \`ghcr.io/${{ github.repository_owner }}/streamspace-ui:${{ steps.version.outputs.VERSION }}\`
+          - K8s Agent: \`ghcr.io/${{ github.repository_owner }}/streamspace-k8s-agent:${{ steps.version.outputs.VERSION }}\`
 
           ## Documentation
 
           - [Installation Guide](https://github.com/${{ github.repository }}/blob/main/README.md)
           - [Architecture Docs](https://github.com/${{ github.repository }}/blob/main/docs/ARCHITECTURE.md)
-          - [Controller Guide](https://github.com/${{ github.repository }}/blob/main/docs/CONTROLLER_GUIDE.md)
           - [Helm Chart README](https://github.com/${{ github.repository }}/blob/main/chart/README.md)
 
           ## Upgrade Instructions
@@ -171,7 +170,7 @@ jobs:
     needs: release
     strategy:
       matrix:
-        component: [kubernetes-controller, api, ui]
+        component: [api, ui, k8s-agent]
     steps:
       - name: Extract version
         id: version

.github/workflows/security-scan.yml

@@ -21,7 +21,7 @@ jobs:
     runs-on: ubuntu-latest
     strategy:
       matrix:
-        component: [api, ui, kubernetes-controller]
+        component: [api, ui, k8s-agent, docker-agent]
     steps:
       - name: Checkout code
         uses: actions/checkout@v4
@@ -35,8 +35,10 @@ jobs:
             docker build -t streamspace-api:scan ./api
           elif [ "${{ matrix.component }}" = "ui" ]; then
             docker build -t streamspace-ui:scan ./ui
-          elif [ "${{ matrix.component }}" = "kubernetes-controller" ]; then
-            docker build -t streamspace-kubernetes-controller:scan ./k8s-controller
+          elif [ "${{ matrix.component }}" = "k8s-agent" ]; then
+            docker build -t streamspace-k8s-agent:scan ./agents/k8s-agent
+          elif [ "${{ matrix.component }}" = "docker-agent" ]; then
+            docker build -t streamspace-docker-agent:scan ./agents/docker-agent
           fi
 
       - name: Run Trivy vulnerability scanner

chart/templates/NOTES.txt

@@ -114,21 +114,8 @@ Connection Status:
   kubectl logs -n {{ .Release.Namespace }} -l app.kubernetes.io/component=api \
     | grep "Agent registered"
 
-The K8s Agent connects to the Control Plane via WebSocket for session management.
-This replaces the v1.x controller-based architecture.
-
-{{- else if .Values.controller.enabled }}
-
-⚙️  V1.X CONTROLLER ARCHITECTURE
-────────────────────────────────────────────────────────────────────────────
-
-StreamSpace is deployed with the v1.x Controller architecture.
-
-To upgrade to v2.0-beta agent architecture:
-  helm upgrade {{ .Release.Name }} {{ .Chart.Name }} \
-    --reuse-values \
-    --set k8sAgent.enabled=true \
-    --set controller.enabled=false
+The K8s Agent connects to the Control Plane via WebSocket for session
+management. (The v1.x controller-based architecture was removed in v2.0.)
 
 {{- end }}
 
@@ -147,7 +134,7 @@ To upgrade to v2.0-beta agent architecture:
 
 View metrics:
   kubectl port-forward -n {{ .Release.Namespace }} \
-    svc/{{ include "streamspace.fullname" . }}-controller 8080:8080
+    svc/{{ include "streamspace.fullname" . }}-api 8080:8080
 
   curl http://localhost:8080/metrics
 

chart/templates/_helpers.tpl

@@ -51,14 +51,6 @@ app.kubernetes.io/name: {{ include "streamspace.name" . }}
 app.kubernetes.io/instance: {{ .Release.Name }}
 {{- end }}
 
-{{/*
-Controller labels
-*/}}
-{{- define "streamspace.controller.labels" -}}
-{{ include "streamspace.labels" . }}
-app.kubernetes.io/component: controller
-{{- end }}
-
 {{/*
 API labels
 */}}
@@ -91,17 +83,6 @@ PostgreSQL labels
 app.kubernetes.io/component: database
 {{- end }}
 
-{{/*
-Create the name of the controller service account to use
-*/}}
-{{- define "streamspace.controller.serviceAccountName" -}}
-{{- if .Values.controller.serviceAccount.create }}
-{{- default (printf "%s-controller" (include "streamspace.fullname" .)) .Values.controller.serviceAccount.name }}
-{{- else }}
-{{- default "default" .Values.controller.serviceAccount.name }}
-{{- end }}
-{{- end }}
-
 {{/*
 Create the name of the API service account to use
 */}}
@@ -194,20 +175,6 @@ Get the PostgreSQL secret key for password
 {{- end }}
 {{- end }}
 
-{{/*
-Image name for controller
-*/}}
-{{- define "streamspace.controller.image" -}}
-{{- $registry := .Values.global.imageRegistry | default .Values.controller.image.registry }}
-{{- $repository := .Values.controller.image.repository }}
-{{- $tag := .Values.controller.image.tag | default .Chart.AppVersion }}
-{{- if $registry }}
-{{- printf "%s/%s:%s" $registry $repository $tag }}
-{{- else }}
-{{- printf "%s:%s" $repository $tag }}
-{{- end }}
-{{- end }}
-
 {{/*
 Image name for API
 */}}

chart/templates/networkpolicy.yaml

@@ -1,53 +1,4 @@
 {{- if .Values.networkPolicy.enabled }}
-{{- if .Values.controller.enabled }}
-apiVersion: networking.k8s.io/v1
-kind: NetworkPolicy
-metadata:
-  name: {{ include "streamspace.fullname" . }}-controller
-  namespace: {{ .Release.Namespace }}
-  labels:
-    {{- include "streamspace.controller.labels" . | nindent 4 }}
-spec:
-  podSelector:
-    matchLabels:
-      {{- include "streamspace.selectorLabels" . | nindent 6 }}
-      app.kubernetes.io/component: controller
-  policyTypes:
-    - Ingress
-    - Egress
-  ingress:
-    # Allow Prometheus to scrape metrics
-    - from:
-        - namespaceSelector:
-            matchLabels:
-              name: {{ .Values.networkPolicy.monitoring.namespace | default "observability" }}
-      ports:
-        - protocol: TCP
-          port: 8080
-  egress:
-    # Allow access to Kubernetes API
-    - to:
-        - namespaceSelector: {}
-          podSelector:
-            matchLabels:
-              component: apiserver
-      ports:
-        - protocol: TCP
-          port: 443
-    # Allow DNS
-    - to:
-        - namespaceSelector:
-            matchLabels:
-              name: kube-system
-      ports:
-        - protocol: UDP
-          port: 53
-    # Allow all egress if not restricted
-    {{- if not .Values.networkPolicy.controller.restrictEgress }}
-    - {}
-    {{- end }}
----
-{{- end }}
 {{- if .Values.api.enabled }}
 apiVersion: networking.k8s.io/v1
 kind: NetworkPolicy

chart/templates/pdb.yaml

@@ -1,24 +1,3 @@
-{{- if and .Values.controller.enabled .Values.controller.podDisruptionBudget.enabled }}
-apiVersion: policy/v1
-kind: PodDisruptionBudget
-metadata:
-  name: {{ include "streamspace.fullname" . }}-controller
-  namespace: {{ .Release.Namespace }}
-  labels:
-    {{- include "streamspace.controller.labels" . | nindent 4 }}
-spec:
-  {{- if .Values.controller.podDisruptionBudget.minAvailable }}
-  minAvailable: {{ .Values.controller.podDisruptionBudget.minAvailable }}
-  {{- end }}
-  {{- if .Values.controller.podDisruptionBudget.maxUnavailable }}
-  maxUnavailable: {{ .Values.controller.podDisruptionBudget.maxUnavailable }}
-  {{- end }}
-  selector:
-    matchLabels:
-      {{- include "streamspace.selectorLabels" . | nindent 6 }}
-      app.kubernetes.io/component: controller
----
-{{- end }}
 {{- if and .Values.api.enabled .Values.api.podDisruptionBudget.enabled }}
 apiVersion: policy/v1
 kind: PodDisruptionBudget