From d3879702086140ee9d17f7081939ac0f1d9b2417 Mon Sep 17 00:00:00 2001
From: patrick-stephens <patrick-stephens@users.noreply.github.com>
Date: Fri, 24 Nov 2023 14:37:18 +0000
Subject: [PATCH] ci: update Calyptia Cloud Standalone chart from latest
 version internally

Signed-off-by: GitHub <noreply@github.com>
---
 calyptia-cloud-standalone.yaml                | 434 ++++--------------
 charts/calyptia-cloud-standalone/Chart.lock   |   8 +-
 charts/calyptia-cloud-standalone/Chart.yaml   |  11 +-
 charts/calyptia-cloud-standalone/README.md    |  66 ++-
 .../templates/NOTES.txt                       |  12 +-
 .../templates/_helpers.tpl                    |  42 +-
 .../templates/cloud/deployment-cloud.yaml     |  48 +-
 .../templates/cloud/hpa.yaml                  |  31 ++
 .../frontend/deployment-core-ui.yaml          |  24 +-
 .../templates/frontend/hpa.yaml               |  64 +++
 .../monitoring/configmap-deployment.yaml      |   8 -
 .../reloader/deployment-reloader.yaml         |  73 ---
 .../templates/reloader/rbac.yaml              |  63 ---
 .../templates/reloader/service-account.yaml   |  15 -
 .../templates/reloader/sevice-reloader.yaml   |  29 --
 charts/calyptia-cloud-standalone/values.yaml  |  82 ++--
 support.sh                                    |   8 +-
 17 files changed, 346 insertions(+), 672 deletions(-)
 create mode 100644 charts/calyptia-cloud-standalone/templates/cloud/hpa.yaml
 create mode 100644 charts/calyptia-cloud-standalone/templates/frontend/hpa.yaml
 delete mode 100644 charts/calyptia-cloud-standalone/templates/reloader/deployment-reloader.yaml
 delete mode 100644 charts/calyptia-cloud-standalone/templates/reloader/rbac.yaml
 delete mode 100644 charts/calyptia-cloud-standalone/templates/reloader/service-account.yaml
 delete mode 100644 charts/calyptia-cloud-standalone/templates/reloader/sevice-reloader.yaml

diff --git a/calyptia-cloud-standalone.yaml b/calyptia-cloud-standalone.yaml
index c6c88c5..37a30bd 100644
--- a/calyptia-cloud-standalone.yaml
+++ b/calyptia-cloud-standalone.yaml
@@ -5,10 +5,10 @@ kind: ServiceAccount
 metadata:
   labels:
     app.kubernetes.io/name: core-operator
-    helm.sh/chart: core-operator-2.0.4
+    helm.sh/chart: core-operator-2.0.8
     app.kubernetes.io/instance: calyptia-cloud-standalone
     app.kubernetes.io/managed-by: Helm
-    app.kubernetes.io/version: "v2.0.20"
+    app.kubernetes.io/version: "v2.0.24"
     app.kubernetes.io/component: rbac
     app.kubernetes.io/created-by: operator
     app.kubernetes.io/instance: controller-manager
@@ -51,10 +51,10 @@ kind: ServiceAccount
 metadata:
   labels:
     app.kubernetes.io/name: calyptia-standalone
-    helm.sh/chart: calyptia-standalone-2.0.1
+    helm.sh/chart: calyptia-standalone-2.1.0
     app.kubernetes.io/instance: calyptia-cloud-standalone
     app.kubernetes.io/managed-by: Helm
-    app.kubernetes.io/version: "v1.6.5"
+    app.kubernetes.io/version: "v1.6.8"
   name: calyptia-cloud-standalone-calyptia-standalone-cloud
   namespace: "calyptia"
 ---
@@ -64,37 +64,23 @@ kind: ServiceAccount
 metadata:
   labels:
     app.kubernetes.io/name: calyptia-standalone
-    helm.sh/chart: calyptia-standalone-2.0.1
+    helm.sh/chart: calyptia-standalone-2.1.0
     app.kubernetes.io/instance: calyptia-cloud-standalone
     app.kubernetes.io/managed-by: Helm
-    app.kubernetes.io/version: "v1.6.5"
+    app.kubernetes.io/version: "v1.6.8"
   name: calyptia-cloud-standalone-calyptia-standalone-frontend
   namespace: "calyptia"
 ---
-# Source: calyptia-standalone/templates/reloader/service-account.yaml
-# https://github.com/stakater/Reloader/blob/master/deployments/kubernetes/manifests/serviceaccount.yaml
-apiVersion: v1
-kind: ServiceAccount
-metadata:
-  labels:
-    app.kubernetes.io/name: calyptia-standalone
-    helm.sh/chart: calyptia-standalone-2.0.1
-    app.kubernetes.io/instance: calyptia-cloud-standalone
-    app.kubernetes.io/managed-by: Helm
-    app.kubernetes.io/version: "v1.6.5"
-  name: calyptia-cloud-standalone-calyptia-standalone-reloader
-  namespace: "calyptia"
----
 # Source: calyptia-standalone/templates/monitoring/configmap-daemonset.yaml
 apiVersion: v1
 kind: ConfigMap
 metadata:
   labels:
     app.kubernetes.io/name: calyptia-standalone
-    helm.sh/chart: calyptia-standalone-2.0.1
+    helm.sh/chart: calyptia-standalone-2.1.0
     app.kubernetes.io/instance: calyptia-cloud-standalone
     app.kubernetes.io/managed-by: Helm
-    app.kubernetes.io/version: "v1.6.5"
+    app.kubernetes.io/version: "v1.6.8"
     app.kubernetes.io/component: monitoring
   name: monitoring-daemonset
   namespace: "calyptia"
@@ -176,10 +162,10 @@ kind: ConfigMap
 metadata:
   labels:
     app.kubernetes.io/name: calyptia-standalone
-    helm.sh/chart: calyptia-standalone-2.0.1
+    helm.sh/chart: calyptia-standalone-2.1.0
     app.kubernetes.io/instance: calyptia-cloud-standalone
     app.kubernetes.io/managed-by: Helm
-    app.kubernetes.io/version: "v1.6.5"
+    app.kubernetes.io/version: "v1.6.8"
     app.kubernetes.io/component: monitoring
   name: monitoring-aggregator
   namespace: "calyptia"
@@ -220,14 +206,6 @@ data:
             metrics_path        /api/v2/metrics/prometheus
             scrape_interval     30s
 
-        [INPUT]
-            name                prometheus_scrape
-            tag                 metrics.reloader
-            host                reloader.calyptia
-            port                9090
-            metrics_path        /metrics
-            scrape_interval     30s
-
         [INPUT]
             name                prometheus_scrape
             tag                 metrics.operator
@@ -303,7 +281,7 @@ spec:
                 config:
                   type: string
                 fluentBitImage:
-                  default: 'ghcr.io/calyptia/core/calyptia-fluent-bit:23.11.1'
+                  default: 'ghcr.io/calyptia/core/calyptia-fluent-bit:23.11.3'
                   type: string
                 ingestCheckSidecarImage:
                   default: 'ghcr.io/calyptia/core/ingest-check:0.0.7'
@@ -489,7 +467,7 @@ spec:
                   default: 'ghcr.io/calyptia/configmap-reload:0.11.1'
                   type: string
                 image:
-                  default: 'ghcr.io/calyptia/core/calyptia-fluent-bit:23.11.1'
+                  default: 'ghcr.io/calyptia/core/calyptia-fluent-bit:23.11.3'
                   type: string
                 kind:
                   description: Enums
@@ -801,10 +779,10 @@ kind: ClusterRole
 metadata:
   labels:
     app.kubernetes.io/name: core-operator
-    helm.sh/chart: core-operator-2.0.4
+    helm.sh/chart: core-operator-2.0.8
     app.kubernetes.io/instance: calyptia-cloud-standalone
     app.kubernetes.io/managed-by: Helm
-    app.kubernetes.io/version: "v2.0.20"
+    app.kubernetes.io/version: "v2.0.24"
     calyptia.core: core-operator
   name: calyptia-core-manager-role
 rules:
@@ -858,10 +836,10 @@ kind: ClusterRole
 metadata:
   labels:
     app.kubernetes.io/name: core-operator
-    helm.sh/chart: core-operator-2.0.4
+    helm.sh/chart: core-operator-2.0.8
     app.kubernetes.io/instance: calyptia-cloud-standalone
     app.kubernetes.io/managed-by: Helm
-    app.kubernetes.io/version: "v2.0.20"
+    app.kubernetes.io/version: "v2.0.24"
     app.kubernetes.io/component: kube-rbac-proxy
     app.kubernetes.io/created-by: operator
     app.kubernetes.io/instance: metrics-reader
@@ -882,10 +860,10 @@ kind: ClusterRole
 metadata:
   labels:
     app.kubernetes.io/name: core-operator
-    helm.sh/chart: core-operator-2.0.4
+    helm.sh/chart: core-operator-2.0.8
     app.kubernetes.io/instance: calyptia-cloud-standalone
     app.kubernetes.io/managed-by: Helm
-    app.kubernetes.io/version: "v2.0.20"
+    app.kubernetes.io/version: "v2.0.24"
     calyptia.core: core-operator
   name: calyptia-core-pod-role
 rules:
@@ -930,10 +908,10 @@ kind: ClusterRole
 metadata:
   labels:
     app.kubernetes.io/name: core-operator
-    helm.sh/chart: core-operator-2.0.4
+    helm.sh/chart: core-operator-2.0.8
     app.kubernetes.io/instance: calyptia-cloud-standalone
     app.kubernetes.io/managed-by: Helm
-    app.kubernetes.io/version: "v2.0.20"
+    app.kubernetes.io/version: "v2.0.24"
     app.kubernetes.io/component: kube-rbac-proxy
     app.kubernetes.io/created-by: operator
     app.kubernetes.io/instance: proxy-role
@@ -1006,10 +984,10 @@ kind: ClusterRoleBinding
 metadata:
   labels:
     app.kubernetes.io/name: core-operator
-    helm.sh/chart: core-operator-2.0.4
+    helm.sh/chart: core-operator-2.0.8
     app.kubernetes.io/instance: calyptia-cloud-standalone
     app.kubernetes.io/managed-by: Helm
-    app.kubernetes.io/version: "v2.0.20"
+    app.kubernetes.io/version: "v2.0.24"
     app.kubernetes.io/component: rbac
     app.kubernetes.io/created-by: operator
     app.kubernetes.io/instance: manager-rolebinding
@@ -1033,10 +1011,10 @@ kind: ClusterRoleBinding
 metadata:
   labels:
     app.kubernetes.io/name: core-operator
-    helm.sh/chart: core-operator-2.0.4
+    helm.sh/chart: core-operator-2.0.8
     app.kubernetes.io/instance: calyptia-cloud-standalone
     app.kubernetes.io/managed-by: Helm
-    app.kubernetes.io/version: "v2.0.20"
+    app.kubernetes.io/version: "v2.0.24"
     app.kubernetes.io/component: kube-rbac-proxy
     app.kubernetes.io/created-by: operator
     app.kubernetes.io/instance: proxy-rolebinding
@@ -1116,53 +1094,6 @@ rules:
     resources: ["pods", "secrets"]
     verbs: ["get", "watch", "list"]
 ---
-# Source: calyptia-standalone/templates/reloader/rbac.yaml
-# https://github.com/stakater/Reloader/blob/master/deployments/kubernetes/manifests/clusterrole.yaml
-# https://github.com/stakater/Reloader/blob/master/deployments/kubernetes/manifests/clusterrolebinding.yaml
-apiVersion: rbac.authorization.k8s.io/v1
-kind: Role
-metadata:
-  name: reloader-reloader-role
-  namespace: "calyptia"
-rules:
-  - apiGroups:
-      - ""
-    resources:
-      - secrets
-      - configmaps
-    verbs:
-      - list
-      - get
-      - watch
-  - apiGroups:
-      - "apps"
-    resources:
-      - deployments
-      - daemonsets
-      - statefulsets
-    verbs:
-      - list
-      - get
-      - update
-      - patch
-  - apiGroups:
-      - "extensions"
-    resources:
-      - deployments
-      - daemonsets
-    verbs:
-      - list
-      - get
-      - update
-      - patch
-  - apiGroups:
-      - ""
-    resources:
-      - events
-    verbs:
-      - create
-      - patch
----
 # Source: calyptia-standalone/templates/cloud/rbac.yaml
 apiVersion: rbac.authorization.k8s.io/v1
 kind: RoleBinding
@@ -1193,21 +1124,6 @@ roleRef:
   kind: Role
   name: calyptia-read-role
 ---
-# Source: calyptia-standalone/templates/reloader/rbac.yaml
-apiVersion: rbac.authorization.k8s.io/v1
-kind: RoleBinding
-metadata:
-  name: reloader-reloader-role-binding
-  namespace: "calyptia"
-subjects:
-  - kind: ServiceAccount
-    name: calyptia-cloud-standalone-calyptia-standalone-reloader
-    namespace: "calyptia"
-roleRef:
-  apiGroup: rbac.authorization.k8s.io
-  kind: Role
-  name: reloader-reloader-role
----
 # Source: calyptia-standalone/charts/core-operator/templates/service.yaml
 apiVersion: v1
 kind: Service
@@ -1218,10 +1134,10 @@ metadata:
     prometheus.io/scrape: "true"
   labels:
     app.kubernetes.io/name: core-operator
-    helm.sh/chart: core-operator-2.0.4
+    helm.sh/chart: core-operator-2.0.8
     app.kubernetes.io/instance: calyptia-cloud-standalone
     app.kubernetes.io/managed-by: Helm
-    app.kubernetes.io/version: "v2.0.20"
+    app.kubernetes.io/version: "v2.0.24"
     app.kubernetes.io/component: kube-rbac-proxy
     app.kubernetes.io/created-by: operator
     app.kubernetes.io/instance: controller-manager-metrics-service
@@ -1321,10 +1237,10 @@ metadata:
     metrics.dynatrace.com/port: "5000"
   labels:
     app.kubernetes.io/name: calyptia-standalone
-    helm.sh/chart: calyptia-standalone-2.0.1
+    helm.sh/chart: calyptia-standalone-2.1.0
     app.kubernetes.io/instance: calyptia-cloud-standalone
     app.kubernetes.io/managed-by: Helm
-    app.kubernetes.io/version: "v1.6.5"
+    app.kubernetes.io/version: "v1.6.8"
     app.kubernetes.io/component: cloud-api
   name: cloud-api
   namespace: "calyptia"
@@ -1336,10 +1252,10 @@ spec:
       targetPort: 5000
   selector:
     app.kubernetes.io/name: calyptia-standalone
-    helm.sh/chart: calyptia-standalone-2.0.1
+    helm.sh/chart: calyptia-standalone-2.1.0
     app.kubernetes.io/instance: calyptia-cloud-standalone
     app.kubernetes.io/managed-by: Helm
-    app.kubernetes.io/version: "v1.6.5"
+    app.kubernetes.io/version: "v1.6.8"
     app.kubernetes.io/component: cloud-api
 ---
 # Source: calyptia-standalone/templates/cloud/service-influxdb.yaml
@@ -1348,10 +1264,10 @@ kind: Service
 metadata:
   labels:
     app.kubernetes.io/name: calyptia-standalone
-    helm.sh/chart: calyptia-standalone-2.0.1
+    helm.sh/chart: calyptia-standalone-2.1.0
     app.kubernetes.io/instance: calyptia-cloud-standalone
     app.kubernetes.io/managed-by: Helm
-    app.kubernetes.io/version: "v1.6.5"
+    app.kubernetes.io/version: "v1.6.8"
     app.kubernetes.io/component: influxdb
   name: influxdb
   namespace: "calyptia"
@@ -1363,10 +1279,10 @@ spec:
       targetPort: 8086
   selector:
     app.kubernetes.io/name: calyptia-standalone
-    helm.sh/chart: calyptia-standalone-2.0.1
+    helm.sh/chart: calyptia-standalone-2.1.0
     app.kubernetes.io/instance: calyptia-cloud-standalone
     app.kubernetes.io/managed-by: Helm
-    app.kubernetes.io/version: "v1.6.5"
+    app.kubernetes.io/version: "v1.6.8"
     app.kubernetes.io/component: influxdb
 ---
 # Source: calyptia-standalone/templates/cloud/service-postgres.yaml
@@ -1375,10 +1291,10 @@ kind: Service
 metadata:
   labels:
     app.kubernetes.io/name: calyptia-standalone
-    helm.sh/chart: calyptia-standalone-2.0.1
+    helm.sh/chart: calyptia-standalone-2.1.0
     app.kubernetes.io/instance: calyptia-cloud-standalone
     app.kubernetes.io/managed-by: Helm
-    app.kubernetes.io/version: "v1.6.5"
+    app.kubernetes.io/version: "v1.6.8"
     app.kubernetes.io/component: postgres
   name: postgres
   namespace: "calyptia"
@@ -1390,10 +1306,10 @@ spec:
       targetPort: 5432
   selector:
     app.kubernetes.io/name: calyptia-standalone
-    helm.sh/chart: calyptia-standalone-2.0.1
+    helm.sh/chart: calyptia-standalone-2.1.0
     app.kubernetes.io/instance: calyptia-cloud-standalone
     app.kubernetes.io/managed-by: Helm
-    app.kubernetes.io/version: "v1.6.5"
+    app.kubernetes.io/version: "v1.6.8"
     app.kubernetes.io/component: postgres
 ---
 # Source: calyptia-standalone/templates/frontend/service-core-ui.yaml
@@ -1402,10 +1318,10 @@ kind: Service
 metadata:
   labels:
     app.kubernetes.io/name: calyptia-standalone
-    helm.sh/chart: calyptia-standalone-2.0.1
+    helm.sh/chart: calyptia-standalone-2.1.0
     app.kubernetes.io/instance: calyptia-cloud-standalone
     app.kubernetes.io/managed-by: Helm
-    app.kubernetes.io/version: "v1.6.5"
+    app.kubernetes.io/version: "v1.6.8"
     app.kubernetes.io/component: core
   name: core
   namespace: "calyptia"
@@ -1417,10 +1333,10 @@ spec:
       targetPort: 3000
   selector:
     app.kubernetes.io/name: calyptia-standalone
-    helm.sh/chart: calyptia-standalone-2.0.1
+    helm.sh/chart: calyptia-standalone-2.1.0
     app.kubernetes.io/instance: calyptia-cloud-standalone
     app.kubernetes.io/managed-by: Helm
-    app.kubernetes.io/version: "v1.6.5"
+    app.kubernetes.io/version: "v1.6.8"
     app.kubernetes.io/component: core
 ---
 # Source: calyptia-standalone/templates/frontend/service-luasandbox.yaml
@@ -1429,10 +1345,10 @@ kind: Service
 metadata:
   labels:
     app.kubernetes.io/name: calyptia-standalone
-    helm.sh/chart: calyptia-standalone-2.0.1
+    helm.sh/chart: calyptia-standalone-2.1.0
     app.kubernetes.io/instance: calyptia-cloud-standalone
     app.kubernetes.io/managed-by: Helm
-    app.kubernetes.io/version: "v1.6.5"
+    app.kubernetes.io/version: "v1.6.8"
     app.kubernetes.io/component: cloud-lua-sandbox
   name: cloud-lua-sandbox
   namespace: "calyptia"
@@ -1444,47 +1360,12 @@ spec:
       targetPort: 5555
   selector:
     app.kubernetes.io/name: calyptia-standalone
-    helm.sh/chart: calyptia-standalone-2.0.1
+    helm.sh/chart: calyptia-standalone-2.1.0
     app.kubernetes.io/instance: calyptia-cloud-standalone
     app.kubernetes.io/managed-by: Helm
-    app.kubernetes.io/version: "v1.6.5"
+    app.kubernetes.io/version: "v1.6.8"
     app.kubernetes.io/component: cloud-lua-sandbox
 ---
-# Source: calyptia-standalone/templates/reloader/sevice-reloader.yaml
-apiVersion: v1
-kind: Service
-metadata:
-  annotations:
-    prometheus.io/scrape: "true"
-    prometheus.io/path: "/metrics"
-    prometheus.io/port: '9090'
-    # Set up Dynatrace scraping
-    metrics.dynatrace.com/scrape: "true"
-    metrics.dynatrace.com/path: "/metrics"
-    metrics.dynatrace.com/port: '9090'
-  labels:
-    app.kubernetes.io/name: calyptia-standalone
-    helm.sh/chart: calyptia-standalone-2.0.1
-    app.kubernetes.io/instance: calyptia-cloud-standalone
-    app.kubernetes.io/managed-by: Helm
-    app.kubernetes.io/version: "v1.6.5"
-    app.kubernetes.io/component: reloader
-  name: reloader
-  namespace: "calyptia"
-spec:
-  type: ClusterIP
-  ports:
-    - name: http
-      port: 9090
-      targetPort: 9090
-  selector:
-    app.kubernetes.io/name: calyptia-standalone
-    helm.sh/chart: calyptia-standalone-2.0.1
-    app.kubernetes.io/instance: calyptia-cloud-standalone
-    app.kubernetes.io/managed-by: Helm
-    app.kubernetes.io/version: "v1.6.5"
-    app.kubernetes.io/component: reloader
----
 # Source: calyptia-standalone/templates/vivo/service-vivo.yaml
 apiVersion: v1
 kind: Service
@@ -1499,10 +1380,10 @@ metadata:
     metrics.dynatrace.com/port: '2020'
   labels:
     app.kubernetes.io/name: calyptia-standalone
-    helm.sh/chart: calyptia-standalone-2.0.1
+    helm.sh/chart: calyptia-standalone-2.1.0
     app.kubernetes.io/instance: calyptia-cloud-standalone
     app.kubernetes.io/managed-by: Helm
-    app.kubernetes.io/version: "v1.6.5"
+    app.kubernetes.io/version: "v1.6.8"
     app.kubernetes.io/component: vivo
     calyptia.vivo.input.http: '9010'
     calyptia.vivo.input.forward: '9000'
@@ -1528,10 +1409,10 @@ spec:
       targetPort: 2020
   selector:
     app.kubernetes.io/name: calyptia-standalone
-    helm.sh/chart: calyptia-standalone-2.0.1
+    helm.sh/chart: calyptia-standalone-2.1.0
     app.kubernetes.io/instance: calyptia-cloud-standalone
     app.kubernetes.io/managed-by: Helm
-    app.kubernetes.io/version: "v1.6.5"
+    app.kubernetes.io/version: "v1.6.8"
     app.kubernetes.io/component: vivo
 ---
 # Source: calyptia-standalone/charts/monitoring-daemonset/templates/daemonset.yaml
@@ -1546,8 +1427,6 @@ metadata:
     app.kubernetes.io/instance: calyptia-cloud-standalone
     app.kubernetes.io/version: "2.2.0"
     app.kubernetes.io/managed-by: Helm
-  annotations:
-    reloader.stakater.com/auto: "true"
 spec:
   selector:
     matchLabels:
@@ -1576,7 +1455,7 @@ spec:
           securityContext:
             runAsNonRoot: false
             runAsUser: 0
-          image: "ghcr.io/calyptia/core/calyptia-fluent-bit:23.11.1"
+          image: "ghcr.io/calyptia/core/calyptia-fluent-bit:23.11.3"
           imagePullPolicy: IfNotPresent
           env:
             - name: NODE_NAME
@@ -1660,10 +1539,10 @@ metadata:
   labels:
   #
     app.kubernetes.io/name: core-operator
-    helm.sh/chart: core-operator-2.0.4
+    helm.sh/chart: core-operator-2.0.8
     app.kubernetes.io/instance: calyptia-cloud-standalone
     app.kubernetes.io/managed-by: Helm
-    app.kubernetes.io/version: "v2.0.20"
+    app.kubernetes.io/version: "v2.0.24"
     app.kubernetes.io/component: manager
     app.kubernetes.io/created-by: operator
     calyptia.core: core-operator
@@ -1683,10 +1562,10 @@ spec:
       labels:
       #
         app.kubernetes.io/name: core-operator
-        helm.sh/chart: core-operator-2.0.4
+        helm.sh/chart: core-operator-2.0.8
         app.kubernetes.io/instance: calyptia-cloud-standalone
         app.kubernetes.io/managed-by: Helm
-        app.kubernetes.io/version: "v2.0.20"
+        app.kubernetes.io/version: "v2.0.24"
       #
       #
         calyptia.core: core-operator
@@ -1695,7 +1574,7 @@ spec:
       containers:
         - command:
             - /manager
-          image: ghcr.io/calyptia/core-operator:2.0.21
+          image: ghcr.io/calyptia/core-operator:2.0.25
           imagePullPolicy: "IfNotPresent"
           livenessProbe:
             httpGet:
@@ -1747,8 +1626,6 @@ metadata:
     app.kubernetes.io/instance: calyptia-cloud-standalone
     app.kubernetes.io/version: "2.2.0"
     app.kubernetes.io/managed-by: Helm
-  annotations:
-    reloader.stakater.com/auto: "true"
 spec:
   replicas: 1
   selector:
@@ -1768,7 +1645,7 @@ spec:
       dnsPolicy: ClusterFirst
       containers:
         - name: monitoring-aggregator
-          image: "ghcr.io/calyptia/core/calyptia-fluent-bit:23.11.1"
+          image: "ghcr.io/calyptia/core/calyptia-fluent-bit:23.11.3"
           imagePullPolicy: IfNotPresent
           command:
             - /fluent-bit/bin/fluent-bit
@@ -1813,10 +1690,10 @@ metadata:
     kubectl.kubernetes.io/default-container: cloud-api
   labels:
     app.kubernetes.io/name: calyptia-standalone
-    helm.sh/chart: calyptia-standalone-2.0.1
+    helm.sh/chart: calyptia-standalone-2.1.0
     app.kubernetes.io/instance: calyptia-cloud-standalone
     app.kubernetes.io/managed-by: Helm
-    app.kubernetes.io/version: "v1.6.5"
+    app.kubernetes.io/version: "v1.6.8"
     app.kubernetes.io/component: cloud-api
   name: cloud-api
   namespace: "calyptia"
@@ -1832,10 +1709,10 @@ spec:
       annotations:
       labels:
         app.kubernetes.io/name: calyptia-standalone
-        helm.sh/chart: calyptia-standalone-2.0.1
+        helm.sh/chart: calyptia-standalone-2.1.0
         app.kubernetes.io/instance: calyptia-cloud-standalone
         app.kubernetes.io/managed-by: Helm
-        app.kubernetes.io/version: "v1.6.5"
+        app.kubernetes.io/version: "v1.6.8"
         app.kubernetes.io/component: cloud-api
     spec:
       serviceAccount: calyptia-cloud-standalone-calyptia-standalone-cloud
@@ -1843,7 +1720,7 @@ spec:
       imagePullSecrets:
         - name: regcreds
       containers:
-        - image: ghcr.io/calyptia/cloud:1.6.5
+        - image: ghcr.io/calyptia/cloud:1.6.8
           imagePullPolicy: "IfNotPresent"
           name: cloud-api
           ports:
@@ -1864,12 +1741,14 @@ spec:
             # - name: ALLOWED_ORIGINS
             #   # value: "https://config-viewer-ui-dev.herokuapp.com,https://visual-ui.herokuapp.com,https://cloud-api.calyptia.com,https://core-jet.vercel.app,https://core-git-*-calyptia.vercel.app"
             #   value: "*"
-            # Cross-mount a token file
+            # To enable secret export we have to specify a token file but we do not want to expose this
             - name: DEFAULT_TOKEN_FILE
-              value: /token/token.txt
+              value: /dev/null
+            - name: DEFAULT_TOKEN_K8S_SECRET_NAME
+              value: auth-secret
+            - name: DEFAULT_TOKEN_K8S_SECRET_NAMESPACE
+              value: "calyptia"
           volumeMounts:
-            - mountPath: /token
-              name: token
           startupProbe:
             failureThreshold: 30
             httpGet:
@@ -1888,45 +1767,7 @@ spec:
               path: /
               port: http
             periodSeconds: 60
-        - name: token-secret-creator
-          image: docker.io/bitnami/kubectl:1.25.12
-          imagePullPolicy: "IfNotPresent"
-          # Need access to the filesystem - cloud runs as root
-          securityContext:
-            runAsUser: 0
-          resources:
-            limits: {}
-            requests: {}
-          command: ["/bin/bash"]
-          args:
-            - "-c"
-            - |
-              if kubectl delete -n ${CORE_NAMESPACE} secret auth-secret ; then
-                echo 'Deleted existing token'
-              fi
-              until [[ -f /token/token.txt ]]; do
-                sleep 5
-              done
-              echo 'Token file found'
-              until kubectl create -n ${CORE_NAMESPACE} secret generic auth-secret --from-file=ONPREM_CLOUD_API_PROJECT_TOKEN=/token/token.txt ; do
-                sleep 5
-              done
-              echo 'Secret created - complete'
-              while true; do
-                sleep 5
-              done
-          env:
-            - name: CORE_NAMESPACE
-              valueFrom:
-                fieldRef:
-                  fieldPath: metadata.namespace
-          volumeMounts:
-            - name: token
-              mountPath: /token
       volumes:
-        - name: token
-          emptyDir:
-            sizeLimit: 1Mi
       restartPolicy: Always
 ---
 # Source: calyptia-standalone/templates/cloud/deployment-influxdb.yaml
@@ -1935,10 +1776,10 @@ kind: Deployment
 metadata:
   labels:
     app.kubernetes.io/name: calyptia-standalone
-    helm.sh/chart: calyptia-standalone-2.0.1
+    helm.sh/chart: calyptia-standalone-2.1.0
     app.kubernetes.io/instance: calyptia-cloud-standalone
     app.kubernetes.io/managed-by: Helm
-    app.kubernetes.io/version: "v1.6.5"
+    app.kubernetes.io/version: "v1.6.8"
     app.kubernetes.io/component: influxdb
   name: influxdb
   namespace: "calyptia"
@@ -1954,10 +1795,10 @@ spec:
       annotations:
       labels:
         app.kubernetes.io/name: calyptia-standalone
-        helm.sh/chart: calyptia-standalone-2.0.1
+        helm.sh/chart: calyptia-standalone-2.1.0
         app.kubernetes.io/instance: calyptia-cloud-standalone
         app.kubernetes.io/managed-by: Helm
-        app.kubernetes.io/version: "v1.6.5"
+        app.kubernetes.io/version: "v1.6.8"
         app.kubernetes.io/component: influxdb
     spec:
       
@@ -1997,10 +1838,10 @@ kind: Deployment
 metadata:
   labels:
     app.kubernetes.io/name: calyptia-standalone
-    helm.sh/chart: calyptia-standalone-2.0.1
+    helm.sh/chart: calyptia-standalone-2.1.0
     app.kubernetes.io/instance: calyptia-cloud-standalone
     app.kubernetes.io/managed-by: Helm
-    app.kubernetes.io/version: "v1.6.5"
+    app.kubernetes.io/version: "v1.6.8"
     app.kubernetes.io/component: postgres
   name: postgres
   namespace: "calyptia"
@@ -2016,10 +1857,10 @@ spec:
       annotations:
       labels:
         app.kubernetes.io/name: calyptia-standalone
-        helm.sh/chart: calyptia-standalone-2.0.1
+        helm.sh/chart: calyptia-standalone-2.1.0
         app.kubernetes.io/instance: calyptia-cloud-standalone
         app.kubernetes.io/managed-by: Helm
-        app.kubernetes.io/version: "v1.6.5"
+        app.kubernetes.io/version: "v1.6.8"
         app.kubernetes.io/component: postgres
     spec:
       
@@ -2047,14 +1888,12 @@ spec:
 apiVersion: apps/v1
 kind: Deployment
 metadata:
-  annotations:
-    reloader.stakater.com/auto: "true"
   labels:
     app.kubernetes.io/name: calyptia-standalone
-    helm.sh/chart: calyptia-standalone-2.0.1
+    helm.sh/chart: calyptia-standalone-2.1.0
     app.kubernetes.io/instance: calyptia-cloud-standalone
     app.kubernetes.io/managed-by: Helm
-    app.kubernetes.io/version: "v1.6.5"
+    app.kubernetes.io/version: "v1.6.8"
     app.kubernetes.io/component: core
   name: core
   namespace: "calyptia"
@@ -2069,10 +1908,10 @@ spec:
     metadata:
       labels:
         app.kubernetes.io/name: calyptia-standalone
-        helm.sh/chart: calyptia-standalone-2.0.1
+        helm.sh/chart: calyptia-standalone-2.1.0
         app.kubernetes.io/instance: calyptia-cloud-standalone
         app.kubernetes.io/managed-by: Helm
-        app.kubernetes.io/version: "v1.6.5"
+        app.kubernetes.io/version: "v1.6.8"
         app.kubernetes.io/component: core
     spec:
       serviceAccount: calyptia-cloud-standalone-calyptia-standalone-frontend
@@ -2091,16 +1930,19 @@ spec:
           args:
             - "-c"
             - |
-              until kubectl get secret -n ${CORE_NAMESPACE} auth-secret; do
-                sleep 30
+              until kubectl get secret -n "${DEFAULT_TOKEN_K8S_SECRET_NAMESPACE}" "${DEFAULT_TOKEN_K8S_SECRET_NAME}"; do
+                sleep 10
               done
+              kubectl get secret -n "${DEFAULT_TOKEN_K8S_SECRET_NAMESPACE}" "${DEFAULT_TOKEN_K8S_SECRET_NAME}" -o yaml
           env:
-            - name: CORE_NAMESPACE
+            - name: DEFAULT_TOKEN_K8S_SECRET_NAMESPACE
               valueFrom:
                 fieldRef:
                   fieldPath: metadata.namespace
+            - name: DEFAULT_TOKEN_K8S_SECRET_NAME
+              value: auth-secret
       containers:
-        - image: ghcr.io/calyptia/frontend:1.5.0
+        - image: ghcr.io/calyptia/frontend:1.5.3
           imagePullPolicy: "IfNotPresent"
           name: core
           ports:
@@ -2124,9 +1966,13 @@ spec:
               value: '1'
             - name: NEXT_TELEMETRY_DISABLED
               value: '1'
-          envFrom:
-            - secretRef:
-                name: auth-secret
+            # Extract the value for this from the secret specified
+            - name: ONPREM_CLOUD_API_PROJECT_TOKEN
+              valueFrom:
+                secretKeyRef:
+                  name: auth-secret
+                  # Fixed name generated by Cloud since >=1.6.8
+                  key: token
           resources:
             limits:
               cpu: 500m
@@ -2160,10 +2006,10 @@ kind: Deployment
 metadata:
   labels:
     app.kubernetes.io/name: calyptia-standalone
-    helm.sh/chart: calyptia-standalone-2.0.1
+    helm.sh/chart: calyptia-standalone-2.1.0
     app.kubernetes.io/instance: calyptia-cloud-standalone
     app.kubernetes.io/managed-by: Helm
-    app.kubernetes.io/version: "v1.6.5"
+    app.kubernetes.io/version: "v1.6.8"
     app.kubernetes.io/component: cloud-lua-sandbox
   name: cloud-lua-sandbox
   namespace: "calyptia"
@@ -2178,10 +2024,10 @@ spec:
     metadata:
       labels:
         app.kubernetes.io/name: calyptia-standalone
-        helm.sh/chart: calyptia-standalone-2.0.1
+        helm.sh/chart: calyptia-standalone-2.1.0
         app.kubernetes.io/instance: calyptia-cloud-standalone
         app.kubernetes.io/managed-by: Helm
-        app.kubernetes.io/version: "v1.6.5"
+        app.kubernetes.io/version: "v1.6.8"
         app.kubernetes.io/component: cloud-lua-sandbox
     spec:
       
@@ -2201,92 +2047,16 @@ spec:
           imagePullPolicy: "IfNotPresent"
       restartPolicy: Always
 ---
-# Source: calyptia-standalone/templates/reloader/deployment-reloader.yaml
-# https://github.com/stakater/Reloader/blob/master/deployments/kubernetes/manifests/deployment.yaml
-apiVersion: apps/v1
-kind: Deployment
-metadata:
-  labels:
-    app.kubernetes.io/name: calyptia-standalone
-    helm.sh/chart: calyptia-standalone-2.0.1
-    app.kubernetes.io/instance: calyptia-cloud-standalone
-    app.kubernetes.io/managed-by: Helm
-    app.kubernetes.io/version: "v1.6.5"
-    app.kubernetes.io/component: reloader
-  name: reloader
-  namespace: "calyptia"
-spec:
-  replicas: 1
-  selector:
-    matchLabels:
-      app.kubernetes.io/name: calyptia-standalone
-      app.kubernetes.io/instance: calyptia-cloud-standalone
-      app.kubernetes.io/component: reloader
-  template:
-    metadata:
-      labels:
-        app.kubernetes.io/name: calyptia-standalone
-        helm.sh/chart: calyptia-standalone-2.0.1
-        app.kubernetes.io/instance: calyptia-cloud-standalone
-        app.kubernetes.io/managed-by: Helm
-        app.kubernetes.io/version: "v1.6.5"
-        app.kubernetes.io/component: reloader
-    spec:
-      
-      imagePullSecrets:
-        - name: regcreds
-      containers:
-        - image: ghcr.io/calyptia/reloader:1.0.41
-          name: reloader
-          ports:
-            - name: http
-              containerPort: 9090
-          resources:
-            limits: {}
-            requests: {}
-          imagePullPolicy: "IfNotPresent"
-          readinessProbe:
-            failureThreshold: 5
-            httpGet:
-              path: /metrics
-              port: http
-            initialDelaySeconds: 10
-            periodSeconds: 10
-            successThreshold: 1
-            timeoutSeconds: 5
-          livenessProbe:
-            failureThreshold: 5
-            httpGet:
-              path: /live
-              port: http
-            initialDelaySeconds: 10
-            periodSeconds: 10
-            successThreshold: 1
-            timeoutSeconds: 5
-          env:
-            - name: KUBERNETES_NAMESPACE
-              valueFrom:
-                fieldRef:
-                  fieldPath: metadata.namespace
-          args:
-          - "--reload-on-create=true"
-          - "--sync-after-restart=true"
-      restartPolicy: Always
-      securityContext:
-        runAsNonRoot: true
-        runAsUser: 65534
-      serviceAccountName: calyptia-cloud-standalone-calyptia-standalone-reloader
----
 # Source: calyptia-standalone/templates/vivo/deployment-vivo.yaml
 apiVersion: apps/v1
 kind: Deployment
 metadata:
   labels:
     app.kubernetes.io/name: calyptia-standalone
-    helm.sh/chart: calyptia-standalone-2.0.1
+    helm.sh/chart: calyptia-standalone-2.1.0
     app.kubernetes.io/instance: calyptia-cloud-standalone
     app.kubernetes.io/managed-by: Helm
-    app.kubernetes.io/version: "v1.6.5"
+    app.kubernetes.io/version: "v1.6.8"
     app.kubernetes.io/component: vivo
   name: vivo
   namespace: "calyptia"
@@ -2301,10 +2071,10 @@ spec:
     metadata:
       labels:
         app.kubernetes.io/name: calyptia-standalone
-        helm.sh/chart: calyptia-standalone-2.0.1
+        helm.sh/chart: calyptia-standalone-2.1.0
         app.kubernetes.io/instance: calyptia-cloud-standalone
         app.kubernetes.io/managed-by: Helm
-        app.kubernetes.io/version: "v1.6.5"
+        app.kubernetes.io/version: "v1.6.8"
         app.kubernetes.io/component: vivo
     spec:
       
diff --git a/charts/calyptia-cloud-standalone/Chart.lock b/charts/calyptia-cloud-standalone/Chart.lock
index 3bbd839..02251d9 100644
--- a/charts/calyptia-cloud-standalone/Chart.lock
+++ b/charts/calyptia-cloud-standalone/Chart.lock
@@ -1,10 +1,10 @@
 dependencies:
 - name: core-operator
   repository: https://helm.calyptia.com
-  version: 2.0.4
+  version: 2.0.8
 - name: core-crd
   repository: https://helm.calyptia.com
-  version: 2.0.4
+  version: 2.0.8
 - name: common
   repository: oci://registry-1.docker.io/bitnamicharts
   version: 2.13.3
@@ -17,5 +17,5 @@ dependencies:
 - name: fluent-bit
   repository: https://fluent.github.io/helm-charts
   version: 0.40.0
-digest: sha256:9cfa57a9a7c6335dc0dfc6d7f712f0ddf0089802f1e8f5b7203c456840967102
-generated: "2023-11-20T17:15:52.049928985Z"
+digest: sha256:847acb545de6be43b49572875a879831eb59f5e3091ea2461b75fb47a502937a
+generated: "2023-11-23T12:07:35.001448206Z"
diff --git a/charts/calyptia-cloud-standalone/Chart.yaml b/charts/calyptia-cloud-standalone/Chart.yaml
index 3d07ffc..e534d8a 100644
--- a/charts/calyptia-cloud-standalone/Chart.yaml
+++ b/charts/calyptia-cloud-standalone/Chart.yaml
@@ -4,8 +4,8 @@ description: Umbrella chart to configure a Calyptia Core control plane and suppo
 home: https://calyptia.com/products/calyptia-core/
 icon: https://storage.googleapis.com/calyptia_public_resources_bucket/logo-darkmode.svg
 type: application
-version: 2.0.1
-appVersion: "v1.6.5"
+version: 2.1.0
+appVersion: "v1.6.8"
 maintainers:
   - name: Calyptia
     email: hello@calyptia.com
@@ -30,13 +30,6 @@ dependencies:
     version: 2.9.10
     alias: loki-stack
     condition: monitoring.grafana
-  # Cannot use the chart due to incompatible usage of global.imagePullSecrets
-  # Instead we embed it
-  # - name: reloader
-  #   version: 1.x.x
-  #   repository: https://stakater.github.io/stakater-charts
-  #   alias: reloader
-  #   condition: reloader.enabled
   # Use the OSS Fluent Bit chart for monitoring
   - name: fluent-bit
     version: 0.x.x
diff --git a/charts/calyptia-cloud-standalone/README.md b/charts/calyptia-cloud-standalone/README.md
index 1033a6e..ba1c151 100644
--- a/charts/calyptia-cloud-standalone/README.md
+++ b/charts/calyptia-cloud-standalone/README.md
@@ -47,10 +47,10 @@ helm upgrade --install \
 
 ## Upgrade
 
-To upgrade the chart, the two main things to ensure are:
+To upgrade the chart without service interruption, the two main things to ensure are:
 
 1. The Postgres database state does not change.
-1. The CRDs for the operator are not removed.
+1. The CRDs for the operator (if deployed with this chart) are not removed.
 
 The chart includes a Postgres database default deployment in-cluster but this is not recommended for production and provides no guarantees.
 An external database (external to this chart, it could be in-cluster) with high availability should be provided.
@@ -64,11 +64,18 @@ This includes CRD configuration but note Helm has caveats on managing existing C
 Any upgrade should first ensure the correct CRDs are installed via `kubectl replace -f crd.yaml`.
 The CRD YAML files are available on the specific release being installed here: <https://github.com/calyptia/core-operator-releases/>
 
-If CRDs are removed then all workloads associated with them will also be destroyed.
+If CRDs are removed then all workloads associated with them will also be destroyed (but will be recreated when the CRD is added again if the config is in the database).
+
 CRD removal can be prevented with the following annotation:
 
 ```shell
 kubectl annotate crd pipelines.core.calyptia.com helm.sh/resource-policy=keep --overwrite
+kubectl annotate crd ingestchecks.core.calyptia.com helm.sh/resource-policy=keep --overwrite
+```
+
+To upgrade from 1.x series chart to 2.x, also add these annotations to prevent replacement of the CRD:
+
+```shell
 kubectl annotate crd pipelines.core.calyptia.com meta.helm.sh/release-name=calyptia-cloud --overwrite
 kubectl annotate crd pipelines.core.calyptia.com meta.helm.sh/release-namespace="$CALYPTIA_NAMESPACE" --overwrite
 kubectl label crd pipelines.core.calyptia.com app.kubernetes.io/managed-by=Helm --overwrite
@@ -76,6 +83,26 @@ kubectl label crd pipelines.core.calyptia.com app.kubernetes.io/managed-by=Helm
 
 The recommendation would be to deploy the Core Operator separately and disable it in this chart to maintain full control over lifecycle.
 
+## Production deployment
+
+The default configuration for this chart is intended to provide a simple in-cluster working deployment and as such is not recommended for production.
+Specifically, for a production deployment the recommendations are:
+
+* Deploy Postgres (and Influx) separately and manage with high availability.
+* Deploy the Core Operator separately and manage the data plane independently of the control plane.
+
+```yaml
+operator:
+  enabled: false
+cloudApi:
+  postgres:
+    enabled: false
+    connectionString: <Postgres DNS provided here>
+  influxdb:
+    enabled: false
+    server: <URL for InfluxDB server>
+```
+
 ## Services
 
 The helm chart provides the following services:
@@ -231,6 +258,39 @@ operator:
 Once the operator is deployed, the [`core-instance`](https://github.com/calyptia/charts/tree/master/charts/core-instance) chart can be used to add workloads to the cluster.
 Alternatively the legacy [`core`](https://github.com/calyptia/charts/tree/master/charts/core) chart can also be used without operator support.
 
+### Autoscaling
+
+Each of the main services can be set up to use [Horizontal Pod Autoscaling (HPA)](https://kubernetes.io/docs/tasks/run-application/horizontal-pod-autoscale/), however this is disabled by default.
+
+To enable, set the `autoscaling.enabled=true` property in the appropriate sections below:
+
+```yaml
+cloudApi:
+  autoscaling:
+    enabled: false
+    minReplicas: 1
+    maxReplicas: 5
+    targetMemoryUtilizationPercentage: 50
+    targetCPUUtilizationPercentage: 50
+frontend:
+  autoscaling:
+    enabled: false
+    minReplicas: 1
+    maxReplicas: 5
+    targetMemoryUtilizationPercentage: 50
+    targetCPUUtilizationPercentage: 50
+  luaSandbox:
+    autoscaling:
+      enabled: false
+      minReplicas: 1
+      maxReplicas: 5
+      targetMemoryUtilizationPercentage: 50
+      targetCPUUtilizationPercentage: 50
+```
+
+Remember HPA requires a controller (as well as a metrics server and any other supporting infrastructure) in the cluster to actually implement and manage scaling.
+Ensure this is deployed as well in an appropriate fashion.
+
 ## Troubleshooting
 
 ### Calyptia Fluent Bit LTS
diff --git a/charts/calyptia-cloud-standalone/templates/NOTES.txt b/charts/calyptia-cloud-standalone/templates/NOTES.txt
index bc74d97..2be6ea1 100644
--- a/charts/calyptia-cloud-standalone/templates/NOTES.txt
+++ b/charts/calyptia-cloud-standalone/templates/NOTES.txt
@@ -5,7 +5,7 @@ Calyptia Core Operator correctly installed.
 
 To get the project token:
 
-kubectl get secret -n {{ .Release.Namespace }} auth-secret -o jsonpath='{.data.ONPREM_CLOUD_API_PROJECT_TOKEN}'| base64 --decode
+kubectl get secret -n {{ .Release.Namespace }} auth-secret -o jsonpath='{.data.token}'| base64 --decode
 
 To create an instance in the cluster run:
 
@@ -17,7 +17,7 @@ export INSTANCE_NAMESPACE=core-instance
 export INSTANCE_NAME=test
 {{- if .Values.operator.enabled }}
 helm upgrade --install --namespace "$INSTANCE_NAMESPACE" --create-namespace calyptia-core-instance calyptia/core-instance \
-    --set cloudToken="$(kubectl get secret -n "$CLOUD_NAMESPACE" auth-secret -o jsonpath='{.data.ONPREM_CLOUD_API_PROJECT_TOKEN}'| base64 --decode)" \
+    --set cloudToken="$(kubectl get secret -n "$CLOUD_NAMESPACE" auth-secret -o jsonpath='{.data.token}'| base64 --decode)" \
     --set coreInstance="$INSTANCE_NAME" --set cloudUrl="http://cloud-api.${CLOUD_NAMESPACE}:5000" \
     --debug --wait
 
@@ -51,7 +51,7 @@ This will spin up a pod to handle the pipeline as a test, however this should be
 export INSTANCE_TAG=test
 
 helm upgrade --install --namespace "$INSTANCE_NAMESPACE" --create-namespace calyptia-core calyptia/core \
-    --set project_token="$(kubectl get secret -n "$CLOUD_NAMESPACE" auth-secret -o jsonpath='{.data.ONPREM_CLOUD_API_PROJECT_TOKEN}'| base64 --decode)" \
+    --set project_token="$(kubectl get secret -n "$CLOUD_NAMESPACE" auth-secret -o jsonpath='{.data.token}'| base64 --decode)" \
     --set name="$INSTANCE_NAME" --set core_instance_tags="$INSTANCE_TAG" --set api_url="http://cloud-api.$CLOUD_NAMESPACE:5000" \
     --debug --wait
 
@@ -123,3 +123,9 @@ A different configuration can be provided via the '.monitoring-aggregator.existi
 
 Each of these provides Prometheus metrics via port 2021 `/metrics` endpoint.
 {{- end }}
+{{- if .Values.cloudApi.postgres.enabled }}
+WARNING: This is a non-production deployment as it is using an in-cluster Postgres database deployed by this chart.
+{{- end }}
+{{- if .Values.operator.enabled }}
+WARNING: This is a non-production deployment as it is using an in-cluster Core Operator deployed by this chart.
+{{- end }}
diff --git a/charts/calyptia-cloud-standalone/templates/_helpers.tpl b/charts/calyptia-cloud-standalone/templates/_helpers.tpl
index e75aa4b..50f9558 100644
--- a/charts/calyptia-cloud-standalone/templates/_helpers.tpl
+++ b/charts/calyptia-cloud-standalone/templates/_helpers.tpl
@@ -65,13 +65,6 @@ Return the proper ingress.image image name
 {{ include "common.images.image" (dict "imageRoot" .Values.ingress.images.nginx "global" .Values.global) }}
 {{- end -}}
 
-{{/*
-Return the proper reloader.image image name
-*/}}
-{{- define "reloader.image" -}}
-{{ include "common.images.image" (dict "imageRoot" .Values.reloader.images.reloader "global" .Values.global) }}
-{{- end -}}
-
 {{/*
 Returns the proper service account name depending if an explicit service account name is set
 in the values file. If the name is not set it will default to either common.names.fullname if serviceAccount.create
@@ -106,23 +99,6 @@ is true or default otherwise.
     {{- end -}}
 {{- end -}}
 
-{{/*
-Returns the proper service account name depending if an explicit service account name is set
-in the values file. If the name is not set it will default to either common.names.fullname if serviceAccount.create
-is true or default otherwise.
-*/}}
-{{- define "reloader.serviceAccountName" -}}
-    {{- if .Values.reloader.serviceAccount.create -}}
-        {{- if (empty .Values.reloader.serviceAccount.name) -}}
-          {{- printf "%s-reloader" (include "common.names.fullname" .) | trunc 63 | trimSuffix "-" -}}
-        {{- else -}}
-          {{ default "default" .Values.reloader.serviceAccount.name }}
-        {{- end -}}
-    {{- else -}}
-        {{ default "default" .Values.reloader.serviceAccount.name }}
-    {{- end -}}
-{{- end -}}
-
 {{/*
 Return the proper Container Registry Secret Names
 */}}
@@ -165,15 +141,19 @@ Return the proper Container Registry Secret Names
 {{ include "common.images.pullSecrets" (dict "images" (list .Values.vivo.images.vivo) "global" .Values.global) }}
 {{- end -}}
 
-{{/*
-Return the proper Container Registry Secret Names
-*/}}
-{{- define "reloader.imagePullSecrets" -}}
-{{ include "common.images.pullSecrets" (dict "images" (list .Values.reloader.images.reloader) "global" .Values.global) }}
-{{- end -}}
-
 {{- define "createImagePullSecret" -}}
 {{- with .Values.imageCredentials }}
 {{- printf "{\"auths\":{\"%s\":{\"username\":\"%s\",\"password\":\"%s\",\"email\":\"%s\",\"auth\":\"%s\"}}}" .registry .username .password .email (printf "%s:%s" .username .password | b64enc) | b64enc }}
 {{- end -}}
 {{- end -}}
+
+{{/*
+Return the proper name for the shared authentication secret
+*/}}
+{{- define "cloud.authSecretName" -}}
+  {{- if .Values.authentication -}}
+    {{- default "auth-secret" .Values.authentication.secret.name | trunc 63 | trimSuffix "-" -}}
+  {{- else -}}
+    {{- "auth-secret" | trunc 63 | trimSuffix "-" -}}
+  {{- end -}}
+{{- end -}}
diff --git a/charts/calyptia-cloud-standalone/templates/cloud/deployment-cloud.yaml b/charts/calyptia-cloud-standalone/templates/cloud/deployment-cloud.yaml
index 57dca1f..80a1dd8 100644
--- a/charts/calyptia-cloud-standalone/templates/cloud/deployment-cloud.yaml
+++ b/charts/calyptia-cloud-standalone/templates/cloud/deployment-cloud.yaml
@@ -65,12 +65,14 @@ spec:
             # - name: ALLOWED_ORIGINS
             #   # value: "https://config-viewer-ui-dev.herokuapp.com,https://visual-ui.herokuapp.com,https://cloud-api.calyptia.com,https://core-jet.vercel.app,https://core-git-*-calyptia.vercel.app"
             #   value: "*"
-            # Cross-mount a token file
+            # To enable secret export we have to specify a token file but we do not want to expose this
             - name: DEFAULT_TOKEN_FILE
-              value: /token/token.txt
+              value: /dev/null
+            - name: DEFAULT_TOKEN_K8S_SECRET_NAME
+              value: {{ template "cloud.authSecretName" . }}
+            - name: DEFAULT_TOKEN_K8S_SECRET_NAMESPACE
+              value: {{ .Release.Namespace | quote }}
           volumeMounts:
-            - mountPath: /token
-              name: token
           {{- if .Values.cloudApi.extraVolumeMounts }}
           {{- include "common.tplvalues.render" (dict "value" .Values.cloudApi.extraVolumeMounts "context" $) | nindent 12 }}
           {{- end }}
@@ -83,45 +85,7 @@ spec:
           {{- if .Values.cloudApi.livenessProbe }}
           livenessProbe: {{- toYaml .Values.cloudApi.livenessProbe | nindent 12 }}
           {{- end }}
-        - name: token-secret-creator
-          image: {{ template "cloud.kubectl.image" . }}
-          imagePullPolicy: {{ .Values.global.pullPolicy | quote }}
-          # Need access to the filesystem - cloud runs as root
-          securityContext:
-            runAsUser: 0
-          {{- if .Values.cloudApi.kubectl.resources }}
-          resources: {{- toYaml .Values.cloudApi.kubectl.resources | nindent 12 }}
-          {{- end }}
-          command: ["/bin/bash"]
-          args:
-            - "-c"
-            - |
-              if kubectl delete -n ${CORE_NAMESPACE} secret auth-secret ; then
-                echo 'Deleted existing token'
-              fi
-              until [[ -f /token/token.txt ]]; do
-                sleep 5
-              done
-              echo 'Token file found'
-              until kubectl create -n ${CORE_NAMESPACE} secret generic auth-secret --from-file=ONPREM_CLOUD_API_PROJECT_TOKEN=/token/token.txt ; do
-                sleep 5
-              done
-              echo 'Secret created - complete'
-              while true; do
-                sleep 5
-              done
-          env:
-            - name: CORE_NAMESPACE
-              valueFrom:
-                fieldRef:
-                  fieldPath: metadata.namespace
-          volumeMounts:
-            - name: token
-              mountPath: /token
       volumes:
-        - name: token
-          emptyDir:
-            sizeLimit: 1Mi
         {{- if .Values.cloudApi.extraVolumes }}
         {{- include "common.tplvalues.render" (dict "value" .Values.cloudApi.extraVolumes "context" $) | nindent 8 }}
         {{- end }}
diff --git a/charts/calyptia-cloud-standalone/templates/cloud/hpa.yaml b/charts/calyptia-cloud-standalone/templates/cloud/hpa.yaml
new file mode 100644
index 0000000..7a6bd69
--- /dev/null
+++ b/charts/calyptia-cloud-standalone/templates/cloud/hpa.yaml
@@ -0,0 +1,31 @@
+{{- if (and .Values.cloudApi.autoscaling .Values.cloudApi.autoscaling.enabled) }}
+apiVersion: autoscaling/v1
+kind: HorizontalPodAutoscaler
+metadata:
+  name: cloud-api
+  {{- if .Values.commonAnnotations }}
+  annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }}
+  {{- end }}
+  labels: {{- include "common.labels.standard" . | nindent 4 }}
+  namespace: {{ .Release.Namespace | quote }}
+spec:
+  scaleTargetRef:
+    apiVersion: apps/v1
+    kind: Deployment
+    name: cloud-api
+  minReplicas: {{ default 1 .Values.cloudApi.autoscaling.minReplicas }}
+  maxReplicas: {{ default 5 .Values.cloudApi.autoscaling.maxReplicas }}
+  metrics:
+    {{- if .Values.cloudApi.autoscaling.targetCPUUtilizationPercentage }}
+    - type: Resource
+      resource:
+        name: cpu
+        targetAverageUtilization: {{ .Values.cloudApi.autoscaling.targetCPUUtilizationPercentage }}
+    {{- end }}
+    {{- if .Values.cloudApi.autoscaling.targetMemoryUtilizationPercentage }}
+    - type: Resource
+      resource:
+        name: memory
+        targetAverageUtilization: {{ .Values.cloudApi.autoscaling.targetMemoryUtilizationPercentage }}
+    {{- end }}
+{{- end }}
diff --git a/charts/calyptia-cloud-standalone/templates/frontend/deployment-core-ui.yaml b/charts/calyptia-cloud-standalone/templates/frontend/deployment-core-ui.yaml
index 84d7e8a..76dd9bf 100644
--- a/charts/calyptia-cloud-standalone/templates/frontend/deployment-core-ui.yaml
+++ b/charts/calyptia-cloud-standalone/templates/frontend/deployment-core-ui.yaml
@@ -2,11 +2,10 @@
 apiVersion: {{ include "common.capabilities.deployment.apiVersion" . }}
 kind: Deployment
 metadata:
+  {{- if .Values.commonAnnotations }}
   annotations:
-    reloader.stakater.com/auto: "true"
-    {{- if .Values.commonAnnotations }}
     {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }}
-    {{- end }}
+  {{- end }}
   labels: {{- include "common.labels.standard" . | nindent 4 }}
     app.kubernetes.io/component: core
   name: core
@@ -47,14 +46,17 @@ spec:
           args:
             - "-c"
             - |
-              until kubectl get secret -n ${CORE_NAMESPACE} auth-secret; do
-                sleep 30
+              until kubectl get secret -n "${DEFAULT_TOKEN_K8S_SECRET_NAMESPACE}" "${DEFAULT_TOKEN_K8S_SECRET_NAME}"; do
+                sleep 10
               done
+              kubectl get secret -n "${DEFAULT_TOKEN_K8S_SECRET_NAMESPACE}" "${DEFAULT_TOKEN_K8S_SECRET_NAME}" -o yaml
           env:
-            - name: CORE_NAMESPACE
+            - name: DEFAULT_TOKEN_K8S_SECRET_NAMESPACE
               valueFrom:
                 fieldRef:
                   fieldPath: metadata.namespace
+            - name: DEFAULT_TOKEN_K8S_SECRET_NAME
+              value: {{ template "cloud.authSecretName" . }}
       containers:
         - image: {{ template "frontend.image" . }}
           imagePullPolicy: {{ .Values.global.pullPolicy | quote }}
@@ -80,9 +82,13 @@ spec:
               value: '1'
             - name: NEXT_TELEMETRY_DISABLED
               value: '1'
-          envFrom:
-            - secretRef:
-                name: auth-secret
+            # Extract the value for this from the secret specified
+            - name: ONPREM_CLOUD_API_PROJECT_TOKEN
+              valueFrom:
+                secretKeyRef:
+                  name: {{ template "cloud.authSecretName" . }}
+                  # Fixed name generated by Cloud since >=1.6.8
+                  key: token
           {{- if .Values.frontend.resources }}
           resources: {{- toYaml .Values.frontend.resources | nindent 12 }}
           {{- end }}
diff --git a/charts/calyptia-cloud-standalone/templates/frontend/hpa.yaml b/charts/calyptia-cloud-standalone/templates/frontend/hpa.yaml
new file mode 100644
index 0000000..97cdf71
--- /dev/null
+++ b/charts/calyptia-cloud-standalone/templates/frontend/hpa.yaml
@@ -0,0 +1,64 @@
+{{- if (and .Values.frontend.autoscaling .Values.frontend.autoscaling.enabled) }}
+---
+apiVersion: autoscaling/v1
+kind: HorizontalPodAutoscaler
+metadata:
+  name: core
+  {{- if .Values.commonAnnotations }}
+  annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }}
+  {{- end }}
+  labels: {{- include "common.labels.standard" . | nindent 4 }}
+  namespace: {{ .Release.Namespace | quote }}
+spec:
+  scaleTargetRef:
+    apiVersion: apps/v1
+    kind: Deployment
+    name: core
+  minReplicas: {{ default 1 .Values.frontend.autoscaling.minReplicas }}
+  maxReplicas: {{ default 5 .Values.frontend.autoscaling.maxReplicas }}
+  metrics:
+    {{- if .Values.frontend.autoscaling.targetCPUUtilizationPercentage }}
+    - type: Resource
+      resource:
+        name: cpu
+        targetAverageUtilization: {{ .Values.frontend.autoscaling.targetCPUUtilizationPercentage }}
+    {{- end }}
+    {{- if .Values.frontend.autoscaling.targetMemoryUtilizationPercentage }}
+    - type: Resource
+      resource:
+        name: memory
+        targetAverageUtilization: {{ .Values.frontend.autoscaling.targetMemoryUtilizationPercentage }}
+    {{- end }}
+{{- end }}
+{{- if (and .Values.frontend.luaSandbox.autoscaling .Values.frontend.luaSandbox.autoscaling.enabled) }}
+---
+apiVersion: autoscaling/v1
+kind: HorizontalPodAutoscaler
+metadata:
+  name: cloud-lua-sandbox
+  {{- if .Values.commonAnnotations }}
+  annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }}
+  {{- end }}
+  labels: {{- include "common.labels.standard" . | nindent 4 }}
+  namespace: {{ .Release.Namespace | quote }}
+spec:
+  scaleTargetRef:
+    apiVersion: apps/v1
+    kind: Deployment
+    name: cloud-lua-sandbox
+  minReplicas: {{ default 1 .Values.frontend.luaSandbox.autoscaling.minReplicas }}
+  maxReplicas: {{ default 5 .Values.frontend.luaSandbox.autoscaling.maxReplicas }}
+  metrics:
+    {{- if .Values.frontend.luaSandbox.autoscaling.targetCPUUtilizationPercentage }}
+    - type: Resource
+      resource:
+        name: cpu
+        targetAverageUtilization: {{ .Values.frontend.luaSandbox.autoscaling.targetCPUUtilizationPercentage }}
+    {{- end }}
+    {{- if .Values.frontend.luaSandbox.autoscaling.targetMemoryUtilizationPercentage }}
+    - type: Resource
+      resource:
+        name: memory
+        targetAverageUtilization: {{ .Values.frontend.luaSandbox.autoscaling.targetMemoryUtilizationPercentage }}
+    {{- end }}
+{{- end }}
diff --git a/charts/calyptia-cloud-standalone/templates/monitoring/configmap-deployment.yaml b/charts/calyptia-cloud-standalone/templates/monitoring/configmap-deployment.yaml
index ea66245..140156b 100644
--- a/charts/calyptia-cloud-standalone/templates/monitoring/configmap-deployment.yaml
+++ b/charts/calyptia-cloud-standalone/templates/monitoring/configmap-deployment.yaml
@@ -46,14 +46,6 @@ data:
             metrics_path        /api/v2/metrics/prometheus
             scrape_interval     30s
 
-        [INPUT]
-            name                prometheus_scrape
-            tag                 metrics.reloader
-            host                reloader.calyptia
-            port                9090
-            metrics_path        /metrics
-            scrape_interval     30s
-
         [INPUT]
             name                prometheus_scrape
             tag                 metrics.operator
diff --git a/charts/calyptia-cloud-standalone/templates/reloader/deployment-reloader.yaml b/charts/calyptia-cloud-standalone/templates/reloader/deployment-reloader.yaml
deleted file mode 100644
index 5d65988..0000000
--- a/charts/calyptia-cloud-standalone/templates/reloader/deployment-reloader.yaml
+++ /dev/null
@@ -1,73 +0,0 @@
-{{- if .Values.reloader.enabled -}}
----
-# https://github.com/stakater/Reloader/blob/master/deployments/kubernetes/manifests/deployment.yaml
-apiVersion: apps/v1
-kind: Deployment
-metadata:
-  {{- if .Values.commonAnnotations }}
-  annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }}
-  {{- end }}
-  labels: {{- include "common.labels.standard" . | nindent 4 }}
-    app.kubernetes.io/component: reloader
-  name: reloader
-  namespace: {{ .Release.Namespace | quote }}
-spec:
-  replicas: {{ default 1 .Values.reloader.replicas }}
-  selector:
-    matchLabels: {{- include "common.labels.matchLabels" . | nindent 6 }}
-      app.kubernetes.io/component: reloader
-  {{- if .Values.reloader.updateStrategy }}
-  strategy: {{- toYaml .Values.reloader.updateStrategy | nindent 4 }}
-  {{- end }}
-  template:
-    metadata:
-        {{- if .Values.reloader.podAnnotations }}
-        {{- include "common.tplvalues.render" (dict "value" .Values.reloader.podAnnotations "context" $) | nindent 8 }}
-        {{- end }}
-      labels: {{- include "common.labels.standard" . | nindent 8 }}
-        app.kubernetes.io/component: reloader
-        {{- if .Values.commonLabels }}
-        {{- include "common.tplvalues.render" ( dict "value" .Values.commonLabels "context" $ ) | nindent 8 }}
-        {{- end }}
-        {{- if .Values.reloader.podLabels }}
-        {{- include "common.tplvalues.render" (dict "value" .Values.frontend.podLabels "context" $) | nindent 8 }}
-        {{- end }}
-    spec:
-      {{- include "reloader.imagePullSecrets" . | nindent 6 }}
-      containers:
-        - image: {{ template "reloader.image" . }}
-          name: reloader
-          ports:
-            - name: http
-              containerPort: 9090
-          {{- if .Values.reloader.resources }}
-          resources: {{- toYaml .Values.reloader.resources | nindent 12 }}
-          {{- end }}
-          imagePullPolicy: {{ .Values.global.pullPolicy | quote }}
-          {{- if .Values.reloader.startupProbe }}
-          startupProbe: {{- toYaml .Values.reloader.startupProbe | nindent 12 }}
-          {{- end }}
-          {{- if .Values.reloader.readinessProbe }}
-          readinessProbe: {{- toYaml .Values.reloader.readinessProbe | nindent 12 }}
-          {{- end }}
-          {{- if .Values.reloader.livenessProbe }}
-          livenessProbe: {{- toYaml .Values.reloader.livenessProbe | nindent 12 }}
-          {{- end }}
-          env:
-            - name: KUBERNETES_NAMESPACE
-              valueFrom:
-                fieldRef:
-                  fieldPath: metadata.namespace
-          args:
-          {{- if eq .Values.reloader.reloadOnCreate true }}
-          - "--reload-on-create={{ .Values.reloader.reloadOnCreate }}"
-          {{- end }}
-          {{- if eq .Values.reloader.syncAfterRestart true }}
-          - "--sync-after-restart={{ .Values.reloader.syncAfterRestart }}"
-          {{- end }}
-      restartPolicy: {{ default "Always" .Values.reloader.restartPolicy }}
-      securityContext:
-        runAsNonRoot: true
-        runAsUser: 65534
-      serviceAccountName: {{ template "reloader.serviceAccountName" . }}
-{{- end -}}
diff --git a/charts/calyptia-cloud-standalone/templates/reloader/rbac.yaml b/charts/calyptia-cloud-standalone/templates/reloader/rbac.yaml
deleted file mode 100644
index ad4c2d6..0000000
--- a/charts/calyptia-cloud-standalone/templates/reloader/rbac.yaml
+++ /dev/null
@@ -1,63 +0,0 @@
-{{- if and (.Values.reloader.enabled) (.Values.reloader.rbac.create) }}
----
-# https://github.com/stakater/Reloader/blob/master/deployments/kubernetes/manifests/clusterrole.yaml
-# https://github.com/stakater/Reloader/blob/master/deployments/kubernetes/manifests/clusterrolebinding.yaml
-apiVersion: {{ include "common.capabilities.rbac.apiVersion" . }}
-kind: Role
-metadata:
-  name: reloader-reloader-role
-  namespace: {{ .Release.Namespace | quote }}
-rules:
-  - apiGroups:
-      - ""
-    resources:
-      - secrets
-      - configmaps
-    verbs:
-      - list
-      - get
-      - watch
-  - apiGroups:
-      - "apps"
-    resources:
-      - deployments
-      - daemonsets
-      - statefulsets
-    verbs:
-      - list
-      - get
-      - update
-      - patch
-  - apiGroups:
-      - "extensions"
-    resources:
-      - deployments
-      - daemonsets
-    verbs:
-      - list
-      - get
-      - update
-      - patch
-  - apiGroups:
-      - ""
-    resources:
-      - events
-    verbs:
-      - create
-      - patch
----
-apiVersion: {{ include "common.capabilities.rbac.apiVersion" . }}
-kind: RoleBinding
-metadata:
-  name: reloader-reloader-role-binding
-  namespace: {{ .Release.Namespace | quote }}
-subjects:
-  - kind: ServiceAccount
-    name: {{ template "reloader.serviceAccountName" . }}
-    namespace: {{ .Release.Namespace | quote }}
-roleRef:
-  apiGroup: rbac.authorization.k8s.io
-  kind: Role
-  name: reloader-reloader-role
----
-{{- end }}
diff --git a/charts/calyptia-cloud-standalone/templates/reloader/service-account.yaml b/charts/calyptia-cloud-standalone/templates/reloader/service-account.yaml
deleted file mode 100644
index 35cbac6..0000000
--- a/charts/calyptia-cloud-standalone/templates/reloader/service-account.yaml
+++ /dev/null
@@ -1,15 +0,0 @@
-{{- if and (.Values.reloader.enabled) (.Values.reloader.serviceAccount.create) }}
----
-# https://github.com/stakater/Reloader/blob/master/deployments/kubernetes/manifests/serviceaccount.yaml
-apiVersion: v1
-kind: ServiceAccount
-metadata:
-  labels:
-  {{- include "common.labels.standard" . | nindent 4 }}
-  name: {{ template "reloader.serviceAccountName" . }}
-  {{- $mergedAnnotations := merge .Values.reloader.serviceAccount.annotations .Values.commonAnnotations }}
-  {{- if $mergedAnnotations }}
-  annotations: {{- include "common.tplvalues.render" ( dict "value" $mergedAnnotations "context" $ ) | nindent 4 }}
-  {{- end }}
-  namespace: {{ .Release.Namespace | quote }}
-{{- end }}
diff --git a/charts/calyptia-cloud-standalone/templates/reloader/sevice-reloader.yaml b/charts/calyptia-cloud-standalone/templates/reloader/sevice-reloader.yaml
deleted file mode 100644
index f5e86ed..0000000
--- a/charts/calyptia-cloud-standalone/templates/reloader/sevice-reloader.yaml
+++ /dev/null
@@ -1,29 +0,0 @@
-{{- if .Values.reloader.enabled -}}
----
-apiVersion: v1
-kind: Service
-metadata:
-  annotations:
-    prometheus.io/scrape: "true"
-    prometheus.io/path: "/metrics"
-    prometheus.io/port: '9090'
-    # Set up Dynatrace scraping
-    metrics.dynatrace.com/scrape: "true"
-    metrics.dynatrace.com/path: "/metrics"
-    metrics.dynatrace.com/port: '9090'
-  {{- if .Values.commonAnnotations }}
-  {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }}
-  {{- end }}
-  labels: {{- include "common.labels.standard" . | nindent 4 }}
-    app.kubernetes.io/component: reloader
-  name: reloader
-  namespace: {{ .Release.Namespace | quote }}
-spec:
-  type: ClusterIP
-  ports:
-    - name: http
-      port: 9090
-      targetPort: 9090
-  selector: {{- include "common.labels.standard" . | nindent 4 }}
-    app.kubernetes.io/component: reloader
-{{- end -}}
diff --git a/charts/calyptia-cloud-standalone/values.yaml b/charts/calyptia-cloud-standalone/values.yaml
index cbc65dd..74b197c 100644
--- a/charts/calyptia-cloud-standalone/values.yaml
+++ b/charts/calyptia-cloud-standalone/values.yaml
@@ -37,6 +37,12 @@ global:
 #   password: <TOKEN>
 #   email: ci@calyptia.com
 #
+# Shared authentication for back and front ends
+authentication:
+  secret:
+    name: auth-secret
+    # Only supported mode is singleTenant
+    # mode: singleTenant
 cloudApi:
   enabled: true
   service:
@@ -70,7 +76,7 @@ cloudApi:
     cloud:
       registry: ghcr.io
       repository: calyptia/cloud
-      tag: 1.6.5
+      tag: 1.6.8
       pullSecrets: []
     kubectl:
       registry: docker.io
@@ -91,6 +97,12 @@ cloudApi:
     create: true
     name: ""
     annotations: {}
+  autoscaling:
+    enabled: false
+    minReplicas: 1
+    maxReplicas: 5
+    targetMemoryUtilizationPercentage: 50
+    targetCPUUtilizationPercentage: 50
   # All influx config
   influxdb:
     # Disable if providing separately
@@ -137,7 +149,7 @@ frontend:
     frontend:
       registry: ghcr.io
       repository: calyptia/frontend
-      tag: 1.5.0
+      tag: 1.5.3
       pullSecrets: []
     luaSandbox:
       registry: ghcr.io
@@ -171,6 +183,12 @@ frontend:
       port: http
     failureThreshold: 30
     periodSeconds: 60
+  autoscaling:
+    enabled: false
+    minReplicas: 1
+    maxReplicas: 5
+    targetMemoryUtilizationPercentage: 50
+    targetCPUUtilizationPercentage: 50
   luaSandbox:
     replicas: 1
     resources:
@@ -178,6 +196,12 @@ frontend:
         memory: 500Mi
         cpu: 500m
       requests: {}
+    autoscaling:
+      enabled: false
+      minReplicas: 1
+      maxReplicas: 5
+      targetMemoryUtilizationPercentage: 50
+      targetCPUUtilizationPercentage: 50
   kubectl:
     resources:
       limits: {}
@@ -251,44 +275,6 @@ ingress:
 monitoring:
   fluentBit: true
   grafana: false
-# Auto reload support
-reloader:
-  enabled: true
-  reloadOnCreate: true
-  syncAfterRestart: true
-  rbac:
-    create: true
-  serviceAccount:
-    create: true
-    name: ""
-    annotations: {}
-  images:
-    reloader:
-      registry: ghcr.io
-      repository: calyptia/reloader
-      tag: 1.0.41
-      pullSecrets: []
-  livenessProbe:
-    httpGet:
-      path: /live
-      port: http
-    timeoutSeconds: 5
-    failureThreshold: 5
-    periodSeconds: 10
-    successThreshold: 1
-    initialDelaySeconds: 10
-  readinessProbe:
-    httpGet:
-      path: /metrics
-      port: http
-    timeoutSeconds: 5
-    failureThreshold: 5
-    periodSeconds: 10
-    successThreshold: 1
-    initialDelaySeconds: 10
-  resources:
-    limits: {}
-    requests: {}
 #
 # Dependent chart config: https://github.com/calyptia/charts/tree/master/charts/core-crd
 core-crd:
@@ -301,7 +287,7 @@ core-crd:
     fluentBit:
       registry: ghcr.io
       repository: calyptia/core/calyptia-fluent-bit
-      tag: 23.11.1
+      tag: 23.11.3
       pullSecrets: []
     ingestCheck:
       registry: ghcr.io
@@ -315,7 +301,7 @@ core-operator:
     operator:
       registry: ghcr.io
       repository: calyptia/core-operator
-      tag: 2.0.21
+      tag: 2.0.25
       pullSecrets: []
     hotReload:
       registry: ghcr.io
@@ -326,12 +312,12 @@ core-operator:
     toCloud:
       registry: ghcr.io
       repository: calyptia/core-operator/sync-to-cloud
-      tag: 2.0.21
+      tag: 2.0.25
       pullSecrets: []
     fromCloud:
       registry: ghcr.io
       repository: calyptia/core-operator/sync-from-cloud
-      tag: 2.0.21
+      tag: 2.0.25
       pullSecrets: []
   annotations:
     prometheus.io/scrape: "true"
@@ -395,7 +381,7 @@ monitoring-daemonset:
   image:
     # Have to customise separately
     repository: ghcr.io/calyptia/core/calyptia-fluent-bit
-    tag: 23.11.1
+    tag: 23.11.3
     pullPolicy: IfNotPresent
   # Modify this to use any other CM you want
   existingConfigMap: monitoring-daemonset
@@ -470,8 +456,6 @@ monitoring-daemonset:
     - name: hostsys
       mountPath: /host/sys
       readOnly: true
-  annotations:
-    reloader.stakater.com/auto: "true"
 monitoring-aggregator:
   kind: Deployment
   replicaCount: 1
@@ -479,7 +463,7 @@ monitoring-aggregator:
     - regcreds
   image:
     repository: ghcr.io/calyptia/core/calyptia-fluent-bit
-    tag: 23.11.1
+    tag: 23.11.3
     pullPolicy: IfNotPresent
   # Modify this to use any other CM you want
   existingConfigMap: monitoring-aggregator
@@ -509,5 +493,3 @@ monitoring-aggregator:
       metrics.dynatrace.com/scrape: "true"
       metrics.dynatrace.com/path: "/metrics"
       metrics.dynatrace.com/port: '2021'
-  annotations:
-    reloader.stakater.com/auto: "true"
diff --git a/support.sh b/support.sh
index 52d5f77..a38fb25 100755
--- a/support.sh
+++ b/support.sh
@@ -38,6 +38,7 @@ mkdir -p "$OUTPUT_DIR"
 \kubectl get nodes -o yaml > "$OUTPUT_DIR"/kubectl-nodes.yaml
 \kubectl get pods --all-namespaces -o yaml > "$OUTPUT_DIR"/kubectl-all-pods.yaml
 \kubectl describe all --all-namespaces > "$OUTPUT_DIR"/kubectl-all.log
+\kubectl get -o yaml crd > "$OUTPUT_DIR"/kubectl-crds.yaml
 
 mkdir -p "$OUTPUT_DIR"/cluster
 \kubectl cluster-info dump --all-namespaces -o yaml --output-directory="$OUTPUT_DIR"/cluster
@@ -55,8 +56,13 @@ do
     # Attempt to discover token and url for cloud-api in cluster
     if [[ -z "$CALYPTIA_CLOUD_TOKEN" ]]; then
         if \kubectl get --namespace "$namespace" secret auth-secret &>/dev/null; then
-            CALYPTIA_CLOUD_TOKEN=$(kubectl get --namespace "$namespace" secret auth-secret -o jsonpath='{.data.ONPREM_CLOUD_API_PROJECT_TOKEN}'| base64 --decode)
+            CALYPTIA_CLOUD_TOKEN=$(kubectl get --namespace "$namespace" secret auth-secret -o jsonpath='{.data.token}'| base64 --decode)
             export CALYPTIA_CLOUD_TOKEN
+            if [[ -z "$CALYPTIA_CLOUD_TOKEN" ]]; then
+                # Use the old approach
+                CALYPTIA_CLOUD_TOKEN=$(kubectl get --namespace "$namespace" secret auth-secret -o jsonpath='{.data.ONPREM_CLOUD_API_PROJECT_TOKEN}'| base64 --decode)
+                export CALYPTIA_CLOUD_TOKEN
+            fi
             # Detain the token for comparison in the pod specs
             echo -n "$CALYPTIA_CLOUD_TOKEN" > "${OUTPUT_DIR}"/token.txt
         fi