docs: add platform licenses reference

[tym83]

Summary

• add a shared Licenses documentation include for Cozystack platform components
• publish the Licenses page for all documentation versions: v0, v1.0, v1.1, v1.2, v1.3, and next
• include upstream license source links for system packages and managed runtimes

Verification

• HUGO_ENV=production hugo --gc --minify --destination /tmp/cozystack-site-public-production-all --cacheDir /tmp/hugo-cache
• HUGO_ENV=preview hugo --gc --minify --buildFuture --destination /tmp/cozystack-site-public-preview-all --cacheDir /tmp/hugo-cache

Summary by CodeRabbit

• New Features

  • Added visual components for displaying open-source software information with license and upstream source details.
  • Introduced responsive OSS component cards featuring logos, versions, and metadata.

• Documentation

  • Added comprehensive license documentation pages for both current and previous platform versions.
  • Documented all shipped open-source components organized by platform role (Kubernetes, networking, storage, observability, autoscaling, GitOps, identity, and managed services).

[netlify]

✅ Deploy Preview for cozystack ready!

Name	Link
🔨 Latest commit	abcf0ac
🔍 Latest deploy log	https://app.netlify.com/projects/cozystack/deploys/6a01a2ac8338be0008219bf8
😎 Deploy Preview	https://deploy-preview-530--cozystack.netlify.app
📱 Preview on mobile	Toggle QR Code... Use your smartphone camera to open QR code link.

---

To edit notification comments on pull requests, go to your Netlify project configuration.

[coderabbitai]

📝 Walkthrough

Walkthrough

A new open-source software component licensing system was added to the website, including Hugo shortcodes for rendering card-based component catalogs, responsive SCSS styling with dark mode support, and complete license documentation pages for both the next and v1.3 versions listing Cozystack-shipped and upstream components grouped by platform role.

Changes

OSS Licenses Display System

Layer / File(s)	Summary
Shortcode Templates layouts/shortcodes/oss-cards.html, layouts/shortcodes/oss-card.html	New Hugo shortcodes: oss-cards wraps nested cards in a grid container; oss-card renders individual component cards with name, license, source link, version, description, logo (with initials badge fallback), and "used-in" link from named parameters.
Card Styling assets/scss/_oss_info.scss, assets/scss/main.scss	Responsive grid and card component styles with flex layout, spacing, borders, hover effects, logo sizing, typography, license badges, and dark-mode color overrides for all card sub-elements.
Next Version License Catalog content/en/docs/next/operations/configuration/licenses.md	Documentation page listing Cozystack-maintained Apache-2.0 licensed components and upstream OSS dependencies across 12 platform categories (OS/Kubernetes runtime, networking, storage, observability, autoscaling, GPU, GitOps, identity, databases, messaging, managed networking).
v1.3 Release License Catalog content/en/docs/v1.3/operations/configuration/licenses.md	Parallel documentation page for v1.3 release with the same component organization and licensing structure as the next version.

Estimated code review effort

🎯 2 (Simple) | ⏱️ ~10 minutes

Poem

🐰 A warren of cards, neat and bright,
Licensing stories in organized light,
Open-source blooms in a grid so fine,
Shortcodes and styles in perfect design!

🚥 Pre-merge checks | ✅ 5

✅ Passed checks (5 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title check	✅ Passed	The pull request title 'docs: add platform licenses reference' directly summarizes the main change: adding a licenses documentation page for Cozystack platform components. It is concise, clear, and accurately reflects the primary purpose of the changeset.
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.
Linked Issues check	✅ Passed	Check skipped because no linked issues were found for this pull request.
Out of Scope Changes check	✅ Passed	Check skipped because no linked issues were found for this pull request.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Commit unit tests in branch docs/licenses-reference

Tip

💬 Introducing Slack Agent: The best way for teams to turn conversations into code.

Slack Agent is built on CodeRabbit's deep understanding of your code, so your team can collaborate across the entire SDLC without losing context.

• Generate code and open pull requests
• Plan features and break down work
• Investigate incidents and troubleshoot customer tickets together
• Automate recurring tasks and respond to alerts with triggers
• Summarize progress and report instantly

Built for teams:

• Shared memory across your entire org—no repeating context
• Per-thread sandboxes to safely plan and execute work
• Governance built-in—scoped access, auditability, and budget controls

One agent for your entire SDLC. Right inside Slack.

👉 Get started

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[gemini-code-assist]

Code Review

This pull request introduces a comprehensive license reference page for Cozystack by adding a shared markdown file that lists licenses for core, system, and application packages, along with managed workload runtimes. This content is integrated into the documentation for both the current and upcoming versions. Feedback was provided to ensure consistency in the monitoring agents entry by including source links for all listed components rather than just one.

[gemini-code-assist]

The system/monitoring-agents entry lists three components (Fluent Bit, kube-state-metrics, and node-exporter) but only provides a source link for Fluent Bit. For completeness and consistency with other multi-component entries in this table (such as system/fluxcd or HTTP Cache), source links for all listed components should be included.

Suggested change

	| `system/monitoring-agents` | Fluent Bit; kube-state-metrics; node-exporter | Apache-2.0 | [source](https://github.com/fluent/fluent-bit/blob/master/LICENSE) |
	| system/monitoring-agents | Fluent Bit; kube-state-metrics; node-exporter | Apache-2.0 | [fluent-bit](https://github.com/fluent/fluent-bit/blob/master/LICENSE), [kube-state-metrics](https://github.com/kubernetes/kube-state-metrics/blob/main/LICENSE), [node-exporter](https://github.com/prometheus/node_exporter/blob/master/LICENSE) |

[myasnikovdaniil]

Thanks for putting this together — overall the data looks accurate and the per-version pages are clean. A few changes before this can land:

1. Scope: keep only next/ and v1.3/

Please drop the new files for v0/, v1.0/, v1.1/, and v1.2/.

The package list in this PR reflects the current (v1.3-era) set. v0 in particular is a different product snapshot — its applications/ tree had ferretdb and mysql, and didn't have foundationdb, harbor, mariadb, openbao, or qdrant. Backfilling the current list under v0/ would document components that release didn't ship.

For v1.0–v1.2 the application set matches v1.3, but the pinned upstream versions and operators differ across minor releases, and licenses can change between upstream versions (e.g. Redis, MongoDB-family). A license reference should be a per-release snapshot, not a single rolling document retro-applied to frozen versions.

The convention in this repo is that older vX.Y/ directories are frozen as-shipped — we shouldn't retrofit current state into them. If we want license data for older releases, that's worth a separate, version-accurate effort.

2. Include placement

The shared file currently lives at content/en/docs/_include/licenses.md and is transcluded from each per-version page. Two issues with this layout, even after scoping down to next/ + v1.3/:

• It's a new pattern. Existing {{< include >}} usages all live inside per-version _include/ directories (e.g. docs/v1.2/install/_include/hardware-config-tabs.md, docs/v1.2/operations/services/_include/monitoring-overview.md).
• Once v1.4 is released and v1.3/ is frozen, edits to the shared file would silently mutate the v1.3 snapshot.

Two reasonable options:

• (a) Inline the body into each version's licenses.md. Two copies, no shared include — matches how independent versions are supposed to work. Simplest.
• (b) Per-version include: docs/next/operations/configuration/_include/licenses.md and docs/v1.3/operations/configuration/_include/licenses.md. Matches the existing _include/ convention.

I'd lean toward (a) — there's only one consumer per version, so the indirection doesn't pay off. Either is fine.

3. Generator script — follow-up

This file is hand-curated, but the source of truth lives upstream in cozystack/cozystack (packages/{core,system,apps,extra}/*/Chart.yaml and the components they vendor). To keep the page from drifting at each release, can we add a generator alongside the existing hack/update_apps.sh / hack/download_openapi.sh?

Rough shape:

• hack/update_licenses.sh driven by make update-licenses (and rolled into update-all)
• enumerates packages under packages/{core,system,apps,extra}/ in the upstream repo at the requested ref
• reads license metadata — either a chart annotation (e.g. cozystack.io/license, cozystack.io/upstream-license, cozystack.io/upstream-source) or a small per-package metadata file maintained upstream
• emits the table into content/en/docs/<DOC_VERSION>/operations/configuration/licenses.md using the same RELEASE_TAG → DOC_VERSION routing as update-apps

Doesn't have to block this PR — happy to land hand-maintained content for v1.3 + next now and track the generator separately. But it shouldn't be the steady state; without it this page will drift silently.

Nit

• system/linstor-gui row links to the repo root rather than a LICENSE file — please update for consistency with the surrounding rows.

[tym83]

Thanks for the detailed review, Daniil — addressed all three blocks and the nit. Plus took the opportunity to rework the page into a card-grid layout inspired by Deckhouse's OSS-info page, since the flat-table view didn't scale well across this many components.

1. Scope: only next/ and v1.3/ ✅
Dropped license pages from v0/, v1.0/, v1.1/, v1.2/. Agreed — these are frozen per-release snapshots, and the current package set doesn't apply to those releases. If we want license data for specific older releases later, that's a separate version-accurate effort.

2. Include placement ✅
Went with option (a): dropped content/en/docs/_include/licenses.md and inlined the content into each per-version page. With only two consumers (next + v1.3) and the freeze-on-release concern, the indirection wasn't paying for itself.

3. Generator script — tracked as a follow-up
Will file a separate issue with the rough shape you outlined (hack/update_licenses.sh reading chart annotations like cozystack.io/upstream-source / cozystack.io/upstream-license), so this page can be regenerated at release time instead of drifting silently. Happy to land hand-maintained content for v1.3 + next now and tackle the generator separately.

Nit (system/linstor-gui) ✅
Folded LINSTOR GUI, LINSTOR server, LINSTOR CSI and Piraeus operator into a single LINSTOR / Piraeus card pointing to the Piraeus operator LICENSE. The old broken link to the linstor-gui repo root is gone.

While I was in there:

• Aggregated sub-components into top-level entries: one KubeVirt card instead of six packages, one Cluster API instead of five, one cert-manager instead of three, etc. Internal *-rd resource definition packages and Cozystack-maintained charts are no longer listed individually — that's covered by the page intro stating they're all Apache-2.0.
• Reorganized into thematic sections (Operating system & K8s runtime, Networking, Storage, Observability, Autoscaling, GPU, GitOps & automation, Identity/registry/admin UI, Managed database runtimes, Managed messaging/caching runtimes, Managed networking services).
• Addressed the gemini-code-assist note from earlier — Fluent Bit, kube-state-metrics, and node-exporter now have their own cards in the Observability section, each pointing at the right LICENSE.

New shortcode pair oss-card / oss-cards lives in layouts/shortcodes/ with styling in assets/scss/_oss_info.scss. Logos are optional — currently rendered as colored initials badges (deterministic hue per name); SVG logos can be added under static/img/logos/components/<name>.svg in a follow-up without touching the shortcode API.

Netlify deploy preview will rebuild once the push lands.

[coderabbitai]

Actionable comments posted: 1

🤖 Prompt for all review comments with AI agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

Inline comments:
In `@assets/scss/_oss_info.scss`:
- Line 73: Replace the deprecated CSS declaration `word-break: break-word` in
assets/scss/_oss_info.scss with the modern equivalent by using `overflow-wrap:
break-word` (remove or replace the `word-break: break-word` line); locate the
occurrence of `word-break: break-word` and update it to use `overflow-wrap:
break-word` to preserve the intended word-wrapping behavior.

🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

• Push a commit to this branch (recommended)
• Create a new PR with the fixes

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: defaults

Review profile: CHILL

Plan: Pro

Run ID: 04be0171-abb4-4f1d-a38c-1416b7248287

📥 Commits

Reviewing files that changed from the base of the PR and between 941da75 and abcf0ac.

⛔ Files ignored due to path filters (46)

• static/img/logos/components/cert-manager.svg is excluded by !**/*.svg
• static/img/logos/components/cilium.svg is excluded by !**/*.svg
• static/img/logos/components/clickhouse.svg is excluded by !**/*.svg
• static/img/logos/components/clusterapi.svg is excluded by !**/*.svg
• static/img/logos/components/coredns.svg is excluded by !**/*.svg
• static/img/logos/components/etcd.svg is excluded by !**/*.svg
• static/img/logos/components/external-secrets.svg is excluded by !**/*.svg
• static/img/logos/components/externaldns.png is excluded by !**/*.png
• static/img/logos/components/fluent-bit.svg is excluded by !**/*.svg
• static/img/logos/components/fluxcd.svg is excluded by !**/*.svg
• static/img/logos/components/foundationdb.svg is excluded by !**/*.svg
• static/img/logos/components/grafana.svg is excluded by !**/*.svg
• static/img/logos/components/hami.svg is excluded by !**/*.svg
• static/img/logos/components/haproxy.svg is excluded by !**/*.svg
• static/img/logos/components/harbor.svg is excluded by !**/*.svg
• static/img/logos/components/hetzner.svg is excluded by !**/*.svg
• static/img/logos/components/kafka.svg is excluded by !**/*.svg
• static/img/logos/components/kamaji.svg is excluded by !**/*.svg
• static/img/logos/components/keycloak.svg is excluded by !**/*.svg
• static/img/logos/components/kilo.svg is excluded by !**/*.svg
• static/img/logos/components/kubeovn.svg is excluded by !**/*.svg
• static/img/logos/components/kubernetes.svg is excluded by !**/*.svg
• static/img/logos/components/kubevirt.svg is excluded by !**/*.svg
• static/img/logos/components/linstor.svg is excluded by !**/*.svg
• static/img/logos/components/mariadb.svg is excluded by !**/*.svg
• static/img/logos/components/metallb.png is excluded by !**/*.png
• static/img/logos/components/mongodb.svg is excluded by !**/*.svg
• static/img/logos/components/multus.png is excluded by !**/*.png
• static/img/logos/components/nats.svg is excluded by !**/*.svg
• static/img/logos/components/nginx.svg is excluded by !**/*.svg
• static/img/logos/components/nvidia.svg is excluded by !**/*.svg
• static/img/logos/components/openbao.svg is excluded by !**/*.svg
• static/img/logos/components/opencost.svg is excluded by !**/*.svg
• static/img/logos/components/opensearch.svg is excluded by !**/*.svg
• static/img/logos/components/postgresql.svg is excluded by !**/*.svg
• static/img/logos/components/prometheus.svg is excluded by !**/*.svg
• static/img/logos/components/qdrant.svg is excluded by !**/*.svg
• static/img/logos/components/rabbitmq.svg is excluded by !**/*.svg
• static/img/logos/components/redis.svg is excluded by !**/*.svg
• static/img/logos/components/sap.svg is excluded by !**/*.svg
• static/img/logos/components/seaweedfs.png is excluded by !**/*.png
• static/img/logos/components/talos.svg is excluded by !**/*.svg
• static/img/logos/components/telepresence.png is excluded by !**/*.png
• static/img/logos/components/tinkerbell.svg is excluded by !**/*.svg
• static/img/logos/components/velero.svg is excluded by !**/*.svg
• static/img/logos/components/victoriametrics.svg is excluded by !**/*.svg

📒 Files selected for processing (6)

• assets/scss/_oss_info.scss
• assets/scss/main.scss
• content/en/docs/next/operations/configuration/licenses.md
• content/en/docs/v1.3/operations/configuration/licenses.md
• layouts/shortcodes/oss-card.html
• layouts/shortcodes/oss-cards.html

[coderabbitai]

⚠️ Potential issue | 🟡 Minor | ⚡ Quick win

Replace deprecated word-break: break-word property.

The value break-word for word-break is deprecated. Use overflow-wrap: break-word instead, which provides the same behavior (breaks long words at arbitrary points to prevent overflow).

🔧 Proposed fix

   color: inherit;
   text-decoration: none;
-  word-break: break-word;
+  overflow-wrap: break-word;

📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change

	word-break: break-word;
	overflow-wrap: break-word;

🧰 Tools

🪛 Stylelint (17.10.0)

[error] 73-73: Deprecated keyword "break-word" for property "word-break" (declaration-property-value-keyword-no-deprecated)

(declaration-property-value-keyword-no-deprecated)

🤖 Prompt for AI Agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In `@assets/scss/_oss_info.scss` at line 73, Replace the deprecated CSS
declaration `word-break: break-word` in assets/scss/_oss_info.scss with the
modern equivalent by using `overflow-wrap: break-word` (remove or replace the
`word-break: break-word` line); locate the occurrence of `word-break:
break-word` and update it to use `overflow-wrap: break-word` to preserve the
intended word-wrapping behavior.