add permits-os to all charts that needed it

packages/harvester/harvester-cloud-provider/generated-changes/patch/Chart.yaml.patch

@@ -0,0 +1,10 @@
+--- charts-original/Chart.yaml
++++ charts/Chart.yaml
+@@ -4,6 +4,7 @@
+   catalog.cattle.io/kube-version: '>= 1.18'
+   catalog.cattle.io/namespace: kube-system
+   catalog.cattle.io/os: linux
++  catalog.cattle.io/permits-os: linux,windows
+   catalog.cattle.io/rancher-version: '>= 2.6.1-0 <= 2.6.99-0'
+   catalog.cattle.io/release-name: harvester-cloud-provider
+   catalog.cattle.io/ui-component: harvester-cloud-provider

packages/harvester/harvester-cloud-provider/package.yaml

@@ -1,2 +1,2 @@
 url: https://github.com/harvester/charts/releases/download/harvester-cloud-provider-0.1.8/harvester-cloud-provider-0.1.8.tgz
-version: 100.0.0
+version: 100.0.1

packages/harvester/harvester-csi-driver/generated-changes/patch/Chart.yaml.patch

@@ -0,0 +1,10 @@
+--- charts-original/Chart.yaml
++++ charts/Chart.yaml
+@@ -4,6 +4,7 @@
+   catalog.cattle.io/kube-version: '>= 1.18'
+   catalog.cattle.io/namespace: kube-system
+   catalog.cattle.io/os: linux
++  catalog.cattle.io/permits-os: linux,windows
+   catalog.cattle.io/rancher-version: '>= 2.6.1-0 <= 2.6.99-0'
+   catalog.cattle.io/release-name: harvester-csi-driver
+   catalog.cattle.io/ui-component: harvester-csi-driver

packages/harvester/harvester-csi-driver/package.yaml

@@ -1,2 +1,2 @@
 url: https://github.com/harvester/charts/releases/download/harvester-csi-driver-0.1.9/harvester-csi-driver-0.1.9.tgz
-version: 100.0.0
+version: 100.0.1

packages/longhorn/longhorn-1.1/generated-changes/patch/Chart.yaml.patch

@@ -1,6 +1,6 @@
 --- charts-original/Chart.yaml
 +++ charts/Chart.yaml
-@@ -1,3 +1,16 @@
+@@ -1,3 +1,17 @@
 +annotations:
 +  catalog.cattle.io/auto-install: longhorn-crd=match
 +  catalog.cattle.io/certified: rancher
@@ -8,6 +8,7 @@
 +  catalog.cattle.io/kube-version: '>= v1.16.0-0, < v1.22.0-0'
 +  catalog.cattle.io/namespace: longhorn-system
 +  catalog.cattle.io/os: linux
++  catalog.cattle.io/permits-os: linux,windows
 +  catalog.cattle.io/provides-gvr: longhorn.io/v1beta1
 +  catalog.cattle.io/rancher-version: '>= 2.6.0-0'
 +  catalog.cattle.io/release-name: longhorn

packages/longhorn/longhorn-1.1/package.yaml

@@ -1,7 +1,7 @@
 url: https://github.com/longhorn/charts.git
 subdirectory: charts/longhorn
 commit: b7c0b7177f8bddcfc4b338c20ed46632973ba8e9
-version: 100.0.1
+version: 100.0.2
 additionalCharts:
   - workingDir: charts-crd
     crdOptions:

packages/longhorn/longhorn-1.2/generated-changes/patch/Chart.yaml.patch

@@ -1,6 +1,6 @@
 --- charts-original/Chart.yaml
 +++ charts/Chart.yaml
-@@ -1,3 +1,16 @@
+@@ -1,3 +1,17 @@
 +annotations:
 +  catalog.cattle.io/auto-install: longhorn-crd=match
 +  catalog.cattle.io/certified: rancher
@@ -8,6 +8,7 @@
 +  catalog.cattle.io/kube-version: '>=1.18.0-0'
 +  catalog.cattle.io/namespace: longhorn-system
 +  catalog.cattle.io/os: linux
++  catalog.cattle.io/permits-os: linux,windows
 +  catalog.cattle.io/provides-gvr: longhorn.io/v1beta1
 +  catalog.cattle.io/rancher-version: '>= 2.6.0-0'
 +  catalog.cattle.io/release-name: longhorn

packages/longhorn/longhorn-1.2/package.yaml

@@ -1,7 +1,7 @@
 url: https://github.com/longhorn/charts.git
 subdirectory: charts/longhorn
 commit: d699089b1a62011c9cdeb6e8dacba203f30655a8
-version: 100.1.1
+version: 100.1.2
 additionalCharts:
 - workingDir: charts-crd
   crdOptions:

packages/rancher-alerting/rancher-alerting-drivers/charts/Chart.yaml

@@ -3,6 +3,7 @@ annotations:
   catalog.cattle.io/display-name: Alerting Drivers
   catalog.cattle.io/kube-version: '>= 1.16.0-0'
   catalog.cattle.io/os: linux
+  catalog.cattle.io/permits-os: linux,windows
   catalog.cattle.io/rancher-version: '>= 2.6.0-0 <=2.6.99-0'
   catalog.cattle.io/release-name: rancher-alerting-drivers
   catalog.cattle.io/type: cluster-tool

packages/rancher-alerting/rancher-alerting-drivers/package.yaml

@@ -1,2 +1,2 @@
 url: local
-version: 100.0.1
+version: 100.0.2

packages/rancher-alerting/rancher-prom2teams/generated-changes/patch/values.yaml.patch

@@ -31,13 +31,17 @@
    connectors: {}
    # group_alerts_by can be one of
    # ("name" | "description" | "instance" | "severity" | "status" | "summary" | "fingerprint" | "runbook_url")
-@@ -44,3 +54,9 @@
+@@ -44,3 +54,13 @@
    fsGroup: 65534
    # readOnlyRootFilesystem is a flag to enable readOnlyRootFilesystem for the Hazelcast security context
    readOnlyRootFilesystem: true
 +
-+nodeSelector: {}
-+
-+tolerations: []
++nodeSelector:
++  kubernetes.io/os: linux
 +
++tolerations:
++  - key: cattle.io/os
++    operator: "Equal"
++    value: "linux"
++    effect: NoSchedule
 +affinity: {}

packages/rancher-alerting/rancher-sachet/charts/values.yaml

@@ -56,8 +56,13 @@ resources: {}
   #   cpu: 100m
   #   memory: 128Mi
 
-nodeSelector: {}
+nodeSelector:
+  kubernetes.io/os: linux
 
-tolerations: []
+tolerations:
+  - key: cattle.io/os
+    operator: "Equal"
+    value: "linux"
+    effect: NoSchedule
 
 affinity: {}

packages/rancher-backup/rancher-backup/generated-changes/patch/Chart.yaml.patch

@@ -1,14 +1,16 @@
 --- charts-original/Chart.yaml
 +++ charts/Chart.yaml
-@@ -2,6 +2,7 @@
+@@ -2,14 +2,17 @@
    catalog.cattle.io/auto-install: rancher-backup-crd=match
    catalog.cattle.io/certified: rancher
    catalog.cattle.io/display-name: Rancher Backups
 +  catalog.cattle.io/kube-version: '>= 1.16.0-0'
    catalog.cattle.io/namespace: cattle-resources-system
    catalog.cattle.io/os: linux
++  catalog.cattle.io/permits-os: linux,windows
    catalog.cattle.io/provides-gvr: resources.cattle.io.resourceset/v1
-@@ -10,6 +11,7 @@
+   catalog.cattle.io/rancher-version: '>=2.6.0-0'
+   catalog.cattle.io/release-name: rancher-backup
    catalog.cattle.io/scope: management
    catalog.cattle.io/type: cluster-tool
    catalog.cattle.io/ui-component: rancher-backup
@@ -16,7 +18,7 @@
  apiVersion: v2
  appVersion: 2.1.1-rc1
  description: Provides ability to back up and restore the Rancher application running
-@@ -18,5 +20,6 @@
+@@ -18,5 +21,6 @@
  keywords:
  - applications
  - infrastructure

packages/rancher-cis-benchmark/charts/Chart.yaml

@@ -5,6 +5,7 @@ annotations:
   catalog.cattle.io/kube-version: '>=1.16.0-0'
   catalog.cattle.io/namespace: cis-operator-system
   catalog.cattle.io/os: linux
+  catalog.cattle.io/permits-os: linux,windows
   catalog.cattle.io/provides-gvr: cis.cattle.io.clusterscans/v1
   catalog.cattle.io/rancher-version: '>= 2.6.0-0'
   catalog.cattle.io/release-name: rancher-cis-benchmark

packages/rancher-cis-benchmark/charts/templates/patch_default_serviceaccount.yaml

@@ -10,6 +10,14 @@ spec:
   template:
     spec:
       serviceAccountName: cis-operator-serviceaccount
+      {{- with .Values.tolerations }}
+      tolerations:
+        {{- toYaml . | nindent 8 }}
+      {{- end }}
+      {{- with .Values.nodeSelector }}
+      nodeSelector:
+        {{- toYaml . | nindent 8 }}
+      {{- end }}
       restartPolicy: Never
       containers:
       - name: sa
@@ -17,4 +25,5 @@ spec:
         imagePullPolicy: {{ .Values.global.imagePullPolicy }}
         command: ["kubectl", "patch", "serviceaccount", "default", "-p", "{\"automountServiceAccountToken\": false}"]
         args: ["-n", {{ template "cis.namespace" . }}]
+
   backoffLimit: 1

packages/rancher-cis-benchmark/charts/values.yaml

@@ -25,9 +25,14 @@ resources: {}
   #   cpu: 100m
   #   memory: 128Mi
 
-nodeSelector: {}
+nodeSelector:
+  kubernetes.io/os: linux
 
-tolerations: []
+tolerations:
+  - key: cattle.io/os
+    operator: "Equal"
+    value: "linux"
+    effect: NoSchedule
 
 affinity: {}
 

packages/rancher-external-ip-webhook/generated-changes/patch/Chart.yaml.patch

@@ -1,11 +1,12 @@
 --- charts-original/Chart.yaml
 +++ charts/Chart.yaml
-@@ -4,12 +4,14 @@
+@@ -4,12 +4,15 @@
    catalog.cattle.io/kube-version: < 1.22.0
    catalog.cattle.io/namespace: cattle-externalip-system
    catalog.cattle.io/os: linux
 -  catalog.cattle.io/release-name: rancher-externalip-webhook
 -  catalog.cattle.io/ui-component: rancher-externalip-webhook
++  catalog.cattle.io/permits-os: linux,windows
 +  catalog.cattle.io/rancher-version: '>= 2.6.0-0 <=2.6.99-0'
 +  catalog.cattle.io/release-name: rancher-external-ip-webhook
 +  catalog.cattle.io/ui-component: rancher-external-ip-webhook
@@ -18,7 +19,7 @@
  home: https://github.com/rancher/externalip-webhook
  keywords:
  - cve
-@@ -20,7 +22,7 @@
+@@ -20,7 +23,7 @@
  maintainers:
  - email: raul@rancher.com
    name: rawmind0

packages/rancher-external-ip-webhook/package.yaml

@@ -1,2 +1,2 @@
 url: https://github.com/rancher/externalip-webhook/releases/download/v1.0.1/rancher-externalip-webhook-1.0.1.tgz
-version: 100.0.1
+version: 100.0.2

packages/rancher-gatekeeper/generated-changes/patch/Chart.yaml.patch

@@ -1,12 +1,13 @@
 --- charts-original/Chart.yaml
 +++ charts/Chart.yaml
-@@ -1,10 +1,23 @@
+@@ -1,10 +1,24 @@
 +annotations:
 +  catalog.cattle.io/auto-install: rancher-gatekeeper-crd=match
 +  catalog.cattle.io/certified: rancher
 +  catalog.cattle.io/display-name: OPA Gatekeeper
 +  catalog.cattle.io/namespace: cattle-gatekeeper-system
 +  catalog.cattle.io/os: linux
++  catalog.cattle.io/permits-os: linux,windows
 +  catalog.cattle.io/provides-gvr: config.gatekeeper.sh.config/v1alpha1
 +  catalog.cattle.io/release-name: rancher-gatekeeper
 +  catalog.cattle.io/type: cluster-tool

packages/rancher-gatekeeper/templates/crd-template/templates/jobs.yaml

@@ -16,6 +16,14 @@ spec:
         app: {{ .Chart.Name }}
     spec:
       serviceAccountName: {{ .Chart.Name }}-manager
+      {{- with .Values.tolerations }}
+      tolerations:
+        {{- toYaml . | nindent 8 }}
+      {{- end }}
+      {{- with .Values.nodeSelector }}
+      nodeSelector:
+        {{- toYaml . | nindent 8 }}
+      {{- end }}
       securityContext:
         runAsNonRoot: true
         runAsUser: 1000
@@ -56,6 +64,14 @@ spec:
         app: {{ .Chart.Name }}
     spec:
       serviceAccountName: {{ .Chart.Name }}-manager
+      {{- with .Values.tolerations }}
+      tolerations:
+        {{- toYaml . | nindent 8 }}
+      {{- end }}
+      {{- with .Values.nodeSelector }}
+      nodeSelector:
+        {{- toYaml . | nindent 8 }}
+      {{- end }}
       securityContext:
         runAsNonRoot: true
         runAsUser: 1000

packages/rancher-gatekeeper/templates/crd-template/values.yaml

@@ -9,3 +9,12 @@ global:
 image:
   repository: rancher/kubectl
   tag: v1.20.2
+
+nodeSelector:
+  kubernetes.io/os: linux
+
+tolerations:
+  - key: cattle.io/os
+    operator: "Equal"
+    value: "linux"
+    effect: NoSchedule

packages/rancher-gke-operator/rancher-gke-operator-crd/package.yaml

@@ -1,2 +1,2 @@
-url: https://github.com/rancher/gke-operator/releases/download/v1.1.3-rc1/rancher-gke-operator-crd-1.1.3-rc1.tgz
+url: https://github.com/rancher/gke-operator/releases/download/v1.1.3-rc2/rancher-gke-operator-crd-1.1.3-rc2.tgz
 version: 100.0.2

packages/rancher-gke-operator/rancher-gke-operator/package.yaml

@@ -1,2 +1,2 @@
-url: https://github.com/rancher/gke-operator/releases/download/v1.1.3-rc1/rancher-gke-operator-1.1.3-rc1.tgz
+url: https://github.com/rancher/gke-operator/releases/download/v1.1.3-rc2/rancher-gke-operator-1.1.3-rc2.tgz
 version: 100.0.2

packages/rancher-istio/rancher-istio/charts/Chart.yaml

@@ -4,6 +4,7 @@ annotations:
   catalog.cattle.io/kube-version: 1.19 - 1.22
   catalog.cattle.io/namespace: istio-system
   catalog.cattle.io/os: linux
+  catalog.cattle.io/permits-os: linux,windows
   catalog.cattle.io/provides-gvr: networking.istio.io.virtualservice/v1beta1
   catalog.cattle.io/rancher-version: '>= 2.6.0-0 <= 2.6.99-0'
   catalog.cattle.io/release-name: rancher-istio

packages/rancher-istio/rancher-istio/charts/templates/istio-install-job.yaml

@@ -52,6 +52,14 @@ spec:
             name: istio-installer-overlay
         {{- end }}
       serviceAccountName: istio-installer
+      {{- with .Values.tolerations }}
+      tolerations:
+        {{- toYaml . | nindent 8 }}
+      {{- end }}
+      {{- with .Values.nodeSelector }}
+      nodeSelector:
+        {{- toYaml . | nindent 8 }}
+      {{- end }}
       securityContext:
         runAsUser: 499
         runAsGroup: 487

packages/rancher-istio/rancher-istio/charts/templates/istio-uninstall-job.yaml

@@ -39,6 +39,14 @@ spec:
             name: istio-installer-overlay
         {{ end }}
       serviceAccountName: istio-installer
+      {{- with .Values.tolerations }}
+      tolerations:
+        {{- toYaml . | nindent 8 }}
+      {{- end }}
+      {{- with .Values.nodeSelector }}
+      nodeSelector:
+        {{- toYaml . | nindent 8 }}
+      {{- end }}
       securityContext:
         runAsUser: 101
         runAsGroup: 101

packages/rancher-istio/rancher-istio/charts/values.yaml

@@ -88,3 +88,12 @@ kiali:
 tracing:
   enabled: false
   contextPath: "/jaeger"
+
+nodeSelector:
+  kubernetes.io/os: linux
+
+tolerations:
+  - key: cattle.io/os
+    operator: "Equal"
+    value: "linux"
+    effect: NoSchedule

packages/rancher-istio/rancher-tracing/charts/templates/deployment.yaml

@@ -74,6 +74,10 @@ spec:
         runAsUser: 1000
       serviceAccountName: {{ include "tracing.fullname" . }}
       {{- end }}
+      {{- with .Values.tolerations }}
+      tolerations:
+        {{- toYaml . | nindent 8 }}
+      {{- end }}
 {{- if eq .Values.jaeger.spanStorageType "badger" }}
       volumes:
       - name: data

packages/rancher-istio/rancher-tracing/charts/values.yaml

@@ -1,6 +1,12 @@
 provider: jaeger
 contextPath: ""
-nodeSelector: {}
+nodeSelector:
+  kubernetes.io/os: linux
+tolerations:
+  - key: cattle.io/os
+    operator: "Equal"
+    value: "linux"
+    effect: NoSchedule
 podAntiAffinityLabelSelector: []
 podAntiAffinityTermLabelSelector: []
 nameOverride: ""
@@ -16,7 +22,8 @@ global:
     amd64: 2
     s390x: 2
     ppc64le: 2
-  defaultNodeSelector: {}
+  defaultNodeSelector:
+    kubernetes.io/os: linux
   rbac:
     pspEnabled: false
 

packages/rancher-logging/generated-changes/patch/Chart.yaml.patch

@@ -1,12 +1,14 @@
 --- charts-original/Chart.yaml
 +++ charts/Chart.yaml
-@@ -1,5 +1,23 @@
+@@ -1,5 +1,25 @@
 +annotations:
 +  catalog.cattle.io/auto-install: rancher-logging-crd=match
 +  catalog.cattle.io/certified: rancher
++  catalog.cattle.io/deploys-on-os: windows
 +  catalog.cattle.io/display-name: Logging
 +  catalog.cattle.io/kube-version: '>=1.16.0-0'
 +  catalog.cattle.io/namespace: cattle-logging-system
++  catalog.cattle.io/permits-os: linux,windows
 +  catalog.cattle.io/provides-gvr: logging.banzaicloud.io.clusterflow/v1beta1
 +  catalog.cattle.io/rancher-version: '> 2.6.0-0'
 +  catalog.cattle.io/release-name: rancher-logging

packages/rancher-logging/package.yaml

@@ -1,5 +1,5 @@
 url: https://kubernetes-charts.banzaicloud.com/charts/logging-operator-3.15.0.tgz
-version: 100.0.1
+version: 100.0.2
 additionalCharts:
   - workingDir: charts-crd
     crdOptions:

packages/rancher-monitoring/rancher-monitoring/generated-changes/patch/Chart.yaml.patch

@@ -1,14 +1,16 @@
 --- charts-original/Chart.yaml
 +++ charts/Chart.yaml
-@@ -5,6 +5,19 @@
+@@ -5,6 +5,21 @@
      - name: Upstream Project
        url: https://github.com/prometheus-operator/kube-prometheus
    artifacthub.io/operator: "true"
 +  catalog.cattle.io/auto-install: rancher-monitoring-crd=match
 +  catalog.cattle.io/certified: rancher
++  catalog.cattle.io/deploys-on-os: windows
 +  catalog.cattle.io/display-name: Monitoring
 +  catalog.cattle.io/kube-version: '>=1.16.0-0'
 +  catalog.cattle.io/namespace: cattle-monitoring-system
++  catalog.cattle.io/permits-os: linux,windows
 +  catalog.cattle.io/provides-gvr: monitoring.coreos.com.prometheus/v1
 +  catalog.cattle.io/rancher-version: '>= 2.6.0-0 <=2.6.99-0'
 +  catalog.cattle.io/release-name: rancher-monitoring

packages/rancher-sriov/generated-changes/patch/Chart.yaml.patch

@@ -1,6 +1,6 @@
 --- charts-original/Chart.yaml
 +++ charts/Chart.yaml
-@@ -1,13 +1,28 @@
+@@ -1,13 +1,29 @@
 +annotations:
 +  catalog.cattle.io/auto-install: sriov-crd=match
 +  catalog.cattle.io/certified: rancher
@@ -8,6 +8,7 @@
 +  catalog.cattle.io/kube-version: '>= 1.16.0-0'
 +  catalog.cattle.io/namespace: cattle-sriov-system
 +  catalog.cattle.io/os: linux
++  catalog.cattle.io/permits-os: linux,windows
 +  catalog.cattle.io/rancher-version: '>= 2.6.0-0'
 +  catalog.cattle.io/release-name: sriov
 +  catalog.cattle.io/upstream-version: 0.1.0

packages/rancher-sriov/package.yaml

@@ -1,7 +1,7 @@
 url: https://github.com/k8snetworkplumbingwg/sriov-network-operator.git
 subdirectory: deployment/sriov-network-operator
 commit: c5c943cc214f4113b6f6be8d7c48ac837aa1669c
-version: 100.0.1
+version: 100.0.2
 additionalCharts:
   - workingDir: charts-crd
     crdOptions:

packages/rancher-sriov/templates/crd-template/Chart.yaml

@@ -9,3 +9,4 @@ annotations:
   catalog.cattle.io/namespace: cattle-sriov-system
   catalog.cattle.io/certified: rancher
   catalog.cattle.io/hidden: "true"
+  catalog.cattle.io/permits-os: linux,windows

packages/rancher-vsphere/rancher-vsphere-cpi/generated-changes/patch/Chart.yaml.patch

@@ -0,0 +1,10 @@
+--- charts-original/Chart.yaml
++++ charts/Chart.yaml
+@@ -3,6 +3,7 @@
+   catalog.cattle.io/display-name: vSphere CPI
+   catalog.cattle.io/namespace: kube-system
+   catalog.cattle.io/os: linux
++  catalog.cattle.io/permits-os: linux,windows
+   catalog.cattle.io/rancher-version: '>= 2.6.0-0 <= 2.6.99-0'
+   catalog.cattle.io/release-name: vsphere-cpi
+ apiVersion: v1

packages/rancher-vsphere/rancher-vsphere-cpi/generated-changes/patch/templates/daemonset.yaml.patch

@@ -0,0 +1,14 @@
+--- charts-original/templates/daemonset.yaml
++++ charts/templates/daemonset.yaml
+@@ -44,6 +44,11 @@
+                 operator: In
+                 values:
+                 - "true"
++            - matchExpressions:
++              - key: kubernetes.io/os
++                operator: NotIn
++                values:
++                - "windows"
+       {{- end }}
+       {{- if .Values.cloudControllerManager.tolerations }}
+       tolerations:

packages/rancher-vsphere/rancher-vsphere-csi/generated-changes/patch/Chart.yaml.patch

@@ -0,0 +1,10 @@
+--- charts-original/Chart.yaml
++++ charts/Chart.yaml
+@@ -3,6 +3,7 @@
+   catalog.cattle.io/display-name: vSphere CSI
+   catalog.cattle.io/namespace: kube-system
+   catalog.cattle.io/os: linux
++  catalog.cattle.io/permits-os: linux,windows
+   catalog.cattle.io/rancher-version: '>= 2.6.0-0 <= 2.6.99-0'
+   catalog.cattle.io/release-name: vsphere-csi
+ apiVersion: v1

packages/rancher-vsphere/rancher-vsphere-csi/generated-changes/patch/templates/controller/deployment.yaml.patch

@@ -0,0 +1,15 @@
+--- charts-original/templates/controller/deployment.yaml
++++ charts/templates/controller/deployment.yaml
+@@ -38,6 +38,12 @@
+                 operator: In
+                 values:
+                 - "true"
++            - matchExpressions:
++              # Rancher node selector label
++              - key: kubernetes.io/os
++                operator: NotIn
++                values:
++                - "windows"
+       {{- end }}
+       {{- if .Values.csiController.tolerations }}
+       tolerations:

packages/rancher-vsphere/rancher-vsphere-csi/generated-changes/patch/templates/node/daemonset.yaml.patch

@@ -0,0 +1,47 @@
+--- charts-original/templates/node/daemonset.yaml
++++ charts/templates/node/daemonset.yaml
+@@ -8,6 +8,44 @@
+   selector:
+     matchLabels:
+       app: vsphere-csi-node
++  {{- if .Values.csiNode.nodeSelector }}
++  nodeSelector:
++  {{- with .Values.csiNode.nodeSelector }}
++    {{- toYaml . | nindent 6 }}
++  {{- end }}
++  {{- else }}
++  affinity:
++    nodeAffinity:
++      requiredDuringSchedulingIgnoredDuringExecution:
++        nodeSelectorTerms:
++        - matchExpressions:
++          # Rancher node selector label
++          - key: kubernetes.io/os
++            operator: NotIn
++            values:
++            - "windows"
++  {{- end }}
++  {{- if .Values.csiNode.tolerations }}
++  tolerations:
++  {{- with .Values.csiNode.tolerations }}
++    {{- toYaml . | nindent 6 }}
++  {{- end }}
++  {{- else }}
++  tolerations:
++    - key: node-role.kubernetes.io/master
++      operator: Exists
++      effect: NoSchedule
++    # Rancher specific change: These tolerations are added to account for RKE1 and RKE2 taints
++    - key: node-role.kubernetes.io/controlplane
++      effect: NoSchedule
++      value: "true"
++    - key: node-role.kubernetes.io/control-plane
++      effect: NoSchedule
++      value: "true"
++    - key: node-role.kubernetes.io/etcd
++      effect: NoSchedule
++      value: "true"
++  {{- end }}
+   updateStrategy:
+     type: "RollingUpdate"
+     rollingUpdate:

packages/rancher-vsphere/rancher-vsphere-csi/generated-changes/patch/values.yaml.patch

@@ -0,0 +1,25 @@
+--- charts-original/values.yaml
++++ charts/values.yaml
+@@ -41,6 +41,9 @@
+     csiProvisioner:
+       repository: rancher/mirrored-sig-storage-csi-provisioner
+       tag: v2.2.0
++  ## Node labels for pod assignment
++  ## Ref: https://kubernetes.io/docs/user-guide/node-selection/
++  ##
+   nodeSelector: {}
+   # Uncomment below toleration if you need an aggressive pod eviction in case when
+   # node becomes not-ready or unreachable. Default is 300 seconds if not specified.
+@@ -71,6 +74,12 @@
+   enabled: false
+ 
+ csiNode:
++  ## Node labels for pod assignment
++  ## Ref: https://kubernetes.io/docs/user-guide/node-selection/
++  ##
++  nodeSelector: {}
++  ## List of node taints to tolerate (requires Kubernetes >= 1.6)
++  tolerations: []
+   prefixPath: ""
+   image:
+     repository: rancher/mirrored-cloud-provider-vsphere-csi-release-driver

packages/rancher-webhook/generated-changes/patch/Chart.yaml.patch

@@ -0,0 +1,10 @@
+--- charts-original/Chart.yaml
++++ charts/Chart.yaml
+@@ -3,6 +3,7 @@
+   catalog.cattle.io/hidden: "true"
+   catalog.cattle.io/namespace: cattle-system
+   catalog.cattle.io/os: linux
++  catalog.cattle.io/permits-os: linux,windows
+   catalog.cattle.io/release-name: rancher-webhook
+ apiVersion: v2
+ appVersion: 0.2.5-rc1

packages/rancher-windows-gmsa/charts/Chart.yaml

@@ -6,6 +6,7 @@ annotations:
   catalog.cattle.io/kube-version: '>= 1.21.0-0'
   catalog.cattle.io/namespace: cattle-windows-gmsa-system
   catalog.cattle.io/os: windows
+  catalog.cattle.io/permits-os: linux,windows
   catalog.cattle.io/provides-gvr: windows.k8s.io.gmsacredentialspecs/v1
   catalog.cattle.io/rancher-version: '>= 2.6.4-0 < 2.6.99-0'
   catalog.cattle.io/release-name: rancher-windows-gmsa

packages/rancher-wins-upgrader/package.yaml

@@ -1,4 +1,4 @@
 url: https://github.com/rancher/wins.git
 subdirectory: charts/rancher-wins-upgrader
-commit: 036e27d9a3254471868e29e165710f5a6ba24546
-version: 100.0.0
+commit: f9cd77eb9e9262a94bb76635b2ee03334770695a
+version: 100.0.1

packages/system-upgrade-controller/generated-changes/patch/Chart.yaml.patch

@@ -1,12 +1,13 @@
 --- charts-original/Chart.yaml
 +++ charts/Chart.yaml
-@@ -1,11 +1,17 @@
+@@ -1,11 +1,18 @@
 +annotations:
 +  catalog.cattle.io/certified: rancher
 +  catalog.cattle.io/hidden: "true"
 +  catalog.cattle.io/kube-version: '>=1.18.0-0'
 +  catalog.cattle.io/namespace: cattle-system
 +  catalog.cattle.io/os: linux
++  catalog.cattle.io/permits-os: linux,windows
 +  catalog.cattle.io/rancher-version: '>= 2.6.3-alpha'
 +  catalog.cattle.io/release-name: system-upgrade-controller
  apiVersion: v1