Chore: Upgrade to support latest kubevela 1.10.1 (#161 )

* Chore: Upgrade to support latest kubevela 1.10.0 fixes: https://github.com/kubevela/velad/issues/160 Signed-off-by: Anoop Gopalakrishnan <anoop2811@aol.in> * Fix: correct golang version and actions vesions Signed-off-by: Anoop Gopalakrishnan <anoop2811@aol.in> * Fix: Upgrade kubevela and velaux version Signed-off-by: Anoop Gopalakrishnan <anoop2811@aol.in> * Fix: upgrade golangci lint version Signed-off-by: Jerome Guionnet <jguionnet@guidewire.com> * Fix: uprgrade golangci lint version Signed-off-by: Anoop Gopalakrishnan <anoop2811@aol.in> * Fix: upgrade staticcheck version Signed-off-by: Jerome Guionnet <jguionnet@guidewire.com> * Fix: upgrade staticcheck version Signed-off-by: Anoop Gopalakrishnan <anoop2811@aol.in> --------- Signed-off-by: Anoop Gopalakrishnan <anoop2811@aol.in> Signed-off-by: Jerome Guionnet <jguionnet@guidewire.com> Co-authored-by: Jerome Guionnet <jguionnet@guidewire.com>
Chore: upgrade vela to v1.9.5 (#157 )
2025-02-20 05:10:00 -08:00 · 2023-08-02 19:16:51 +08:00 · 2023-07-28 10:15:26 +08:00 · 2023-07-27 17:37:11 +08:00 · 2023-07-27 14:24:22 +08:00 · 2023-05-06 12:12:28 +08:00
179 changed files with 7922 additions and 25741 deletions
--- a/.autorc
+++ b/.autorc
@ -0,0 +1,13 @@
+{
+  "plugins": [
+    "git-tag",
+    "all-contributors",
+    "first-time-contributor",
+    "released"
+  ],
+  "owner": "kubevela",
+  "repo": "velad",
+  "name": "chivalryq",
+  "email": "qiaozhongpei.qzp@alibaba-inc.com",
+  "onlyPublishWithReleaseLabel": true
+}
--- a/.github/CODEOWNERS
+++ b/.github/CODEOWNERS
@ -0,0 +1,3 @@
+# This file is a github code protect rule follow the codeowners https://docs.github.com/en/github/creating-cloning-and-archiving-repositories/creating-a-repository-on-github/about-code-owners#example-of-a-codeowners-file
+
+*                                  @chivalryq @wangyikewxgm
--- a/.github/workflows/auto-release.yaml
+++ b/.github/workflows/auto-release.yaml
@ -0,0 +1,30 @@
+name: Auto Release
+
+on:
+  push:
+    branches:
+      - main
+
+jobs:
+  auto-release:
+    runs-on: ubuntu-22.04
+    steps:
+      - name: Checkout source
+        uses: actions/checkout@v4
+        with:
+          fetch-depth: 0
+      - name: Download auto
+        run: |
+          wget -O- https://github.com/intuit/auto/releases/download/v10.37.1/auto-linux.gz | gunzip > ~/auto
+          chmod a+x ~/auto
+      - name: Check whether a release is due
+        id: auto-version
+        run: |
+          version="$(~/auto version)"
+          echo "::set-output name=version::$version"
+        env:
+          GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+      - name: auto release
+        env:
+          GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+        run: ~/auto shipit -v
--- a/.github/workflows/code-lint.yaml
+++ b/.github/workflows/code-lint.yaml
@ -0,0 +1,130 @@
+name: Go
+
+on:
+  push:
+    branches:
+      - main
+      - release-*
+  pull_request:
+    branches:
+      - main
+      - release-*
+  workflow_dispatch: {}
+permissions:
+  contents: read
+
+env:
+  # Common versions
+  GO_VERSION: "1.22"
+  GOLANGCI_VERSION: "v1.54.2"
+
+jobs:
+  staticcheck:
+    strategy:
+      matrix:
+        machines: ["ubuntu-22.04", "macos-12"]
+    runs-on: ${{ matrix.machines }}
+    steps:
+      - name: Setup Go
+        uses: actions/setup-go@v5
+        with:
+          go-version: ${{ env.GO_VERSION }}
+
+      - name: Checkout
+        uses: actions/checkout@v4
+        with:
+          submodules: true
+
+      - name: Setup Docker
+        uses: docker-practice/actions-setup-docker@master
+        with:
+          docker_version: "24.0.2"
+
+      - name: Download resources
+        run: |
+          make download_vela_images_addons
+          make download_k3s_images
+          make download_k3s_bin_script
+          make download_k3d
+
+      - name: Go Dependencies
+        run: |
+          go mod tidy
+
+      - uses: dominikh/staticcheck-action@v1.3.0
+        with:
+          version: "2024.1"
+          install-go: false
+
+  lint:
+    strategy:
+      matrix:
+        machines: ["ubuntu-22.04", "macos-12"]
+    runs-on: ${{ matrix.machines }}
+    steps:
+      - name: Setup Go
+        uses: actions/setup-go@v3
+        with:
+          go-version: ${{ env.GO_VERSION }}
+
+      - name: Checkout
+        uses: actions/checkout@v3
+        with:
+          submodules: true
+
+      - name: Setup Docker
+        uses: docker-practice/actions-setup-docker@master
+        with:
+          docker_version: "24.0.2"
+
+      - name: Download resources
+        run: |
+          make download_vela_images_addons
+          make download_k3s_images
+          make download_k3s_bin_script
+          make download_k3d
+
+      # This action uses its own setup-go, which always seems to use the latest
+      # stable version of Go. We could run 'make lint' to ensure our desired Go
+      # version, but we prefer this action because it leaves 'annotations' (i.e.
+      # it comments on PRs to point out linter violations).
+      - name: Lint
+        uses: golangci/golangci-lint-action@v3
+        with:
+          version: ${{ env.GOLANGCI_VERSION }}
+          args: --timeout 20m
+
+  go-check:
+    strategy:
+      matrix:
+        machines: ["ubuntu-22.04", "macos-12"]
+    runs-on: ${{ matrix.machines }}
+    steps:
+      - name: Setup Go
+        uses: actions/setup-go@v5
+        with:
+          go-version: ${{ env.GO_VERSION }}
+
+      - name: Checkout
+        uses: actions/checkout@v4
+        with:
+          submodules: true
+
+      - name: Go Dependencies
+        run: |
+          go mod tidy
+
+      - name: Setup Docker
+        uses: docker-practice/actions-setup-docker@master
+        with:
+          docker_version: "24.0.2"
+
+      - name: Download resources
+        run: |
+          make download_vela_images_addons
+          make download_k3s_images
+          make download_k3s_bin_script
+          make download_k3d
+
+      - name: Check Diff
+        run: make check-diff
--- a/.github/workflows/e2e-test.yaml
+++ b/.github/workflows/e2e-test.yaml
@ -0,0 +1,121 @@
+name: E2E Test
+
+on:
+  push:
+    tags:
+      - v*
+    branches:
+      - main
+      - release-*
+  pull_request:
+    branches:
+      - main
+      - release-*
+  workflow_dispatch: {}
+
+jobs:
+  build-artifact:
+    env:
+      VELAUX_VERSION_KEY: github.com/oam-dev/velad/version.VelaUXVersion
+    runs-on: ubuntu-22.04
+    strategy:
+      matrix:
+        TARGETS:
+          [linux/amd64, darwin/amd64, windows/amd64, linux/arm64, darwin/arm64]
+    steps:
+      - uses: actions/checkout@v3
+      - name: Install dependencies
+        uses: actions/setup-go@v3
+        with:
+          go-version: "1.22.0"
+      - name: Get matrix
+        id: get_matrix
+        run: |
+          TARGETS=${{matrix.TARGETS}}
+          echo ::set-output name=OS::${TARGETS%/*}
+          echo ::set-output name=ARCH::${TARGETS#*/}
+      - name: Build
+        run: |
+          make ${{ steps.get_matrix.outputs.OS }}-${{ steps.get_matrix.outputs.ARCH }}
+      - name: Upload artifacts
+        uses: actions/upload-artifact@v4
+        with:
+          path: bin/velad-${{ steps.get_matrix.outputs.OS }}-${{ steps.get_matrix.outputs.ARCH }}
+          name: velad-${{ steps.get_matrix.outputs.OS }}-${{ steps.get_matrix.outputs.ARCH }}
+  test-linux:
+    runs-on: ubuntu-22.04
+    needs: [build-artifact]
+    steps:
+      - uses: actions/checkout@v4
+      - name: Install dependencies
+        uses: actions/setup-go@v5
+        with:
+          go-version: "1.22.0"
+      - name: Install ginkgo
+        run: go install github.com/onsi/ginkgo/ginkgo@v1.16.5
+      - uses: actions/download-artifact@v4
+        with:
+          name: velad-linux-amd64
+      - run: |
+          chmod u+x velad-linux-amd64 && mv velad-linux-amd64 velad
+          sudo ./velad install --set image.pullPolicy=Never --set admissionWebhooks.patch.image.pullPolicy=Never --set multicluster.clusterGateway.image.pullPolicy=Never
+          sudo chmod a+r $(./velad kubeconfig --host)
+          kubectl wait --for=condition=Ready pod -l app.kubernetes.io/name=vela-core --timeout=180s -n vela-system --kubeconfig=$(./velad kubeconfig --host)
+          sudo vela addon enable /root/.vela/addons/velaux
+      - name: Run e2e test
+        run: ginkgo -v ./test/e2e-test
+  test-darwin:
+    runs-on: macos-12
+    needs: [build-artifact]
+    steps:
+      - uses: actions/checkout@v3
+      - name: Install dependencies
+        uses: actions/setup-go@v3
+        with:
+          go-version: "1.22.0"
+      - name: Install ginkgo
+        run: go install github.com/onsi/ginkgo/ginkgo@v1.16.5
+      - uses: actions/download-artifact@v4
+        with:
+          name: velad-darwin-amd64
+      - name: Setup Docker
+        uses: docker-practice/actions-setup-docker@master
+        with:
+          docker_version: "24.0.2"
+      - run: |
+          chmod u+x velad-darwin-amd64 && mv velad-darwin-amd64 velad
+          ./velad install --set image.pullPolicy=Never --set admissionWebhooks.patch.image.pullPolicy=Never --set multicluster.clusterGateway.image.pullPolicy=Never
+          export KUBECONFIG=$(./velad kubeconfig --host)
+          kubectl wait --for=condition=Ready pod -l app.kubernetes.io/name=vela-core --timeout=180s -n vela-system
+          vela addon enable ~/.vela/addons/velaux
+
+#      TODO(qiaozp): fix the issue of e2e test on darwin
+#      - name: Run e2e test
+#        run: ginkgo -v ./test/e2e-test
+
+#  test-linux-arm64:
+#    runs-on: ubuntu-22.04
+#    needs: [ build-artifact ]
+#    steps:
+#      - uses: actions/download-artifact@v3
+#        with:
+#          name: velad-darwin-amd64
+#      - run: chmod u+x velad-linux-amd64 && mv velad-linux-amd64 velad
+#      - name: pguyot/arm-runner-action@v2
+#        with:
+#          commands: |
+#            sudo ./velad install --set image.pullPolicy=Never --set admissionWebhooks.patch.image.pullPolicy=Never --set multicluster.clusterGateway.image.pullPolicy=Never
+#            sudo vela def list
+
+#  test-windows:
+#    runs-on: windows-2022
+#    needs: [ build-artifact ]
+#    steps:
+#      - uses: actions/download-artifact@v3
+#        with:
+#          name: velad-windows-amd64
+#      - name: Setup Docker
+#        uses: docker-practice/actions-setup-docker@master
+#      - run: chmod u+x velad-windows-amd64 && mv velad-windows-amd64 velad.exe
+#      - run: .\velad install --set image.pullPolicy=Never --set admissionWebhooks.patch.image.pullPolicy=Never --set multicluster.clusterGateway.image.pullPolicy=Never
+
--- a/.github/workflows/release.yml
+++ b/.github/workflows/release.yml
@ -0,0 +1,128 @@
+name: Release
+
+on:
+  push:
+    tags:
+      - "v*"
+  workflow_dispatch: {}
+
+env:
+  GITHUB_TOKEN: ${{ github.token }}
+  ENDPOINT: ${{ secrets.OSS_ENDPOINT }}
+  ACCESS_KEY: ${{ secrets.OSS_ACCESS_KEY }}
+  ACCESS_KEY_SECRET: ${{ secrets.OSS_ACCESS_KEY_SECRET }}
+
+jobs:
+  build:
+    runs-on: ubuntu-latest
+    name: build
+    strategy:
+      matrix:
+        TARGETS:
+          [linux/amd64, darwin/amd64, windows/amd64, linux/arm64, darwin/arm64]
+    env:
+      VELA_VERSION_KEY: github.com/oam-dev/velad/version.VelaVersion
+      VELAUX_VERSION_KEY: github.com/oam-dev/velad/version.VelaUXVersion
+      VELAD_VERSION_KEY: github.com/oam-dev/velad/version.VelaDVersion
+      VELA_GITVERSION_KEY: github.com/oam-dev/velad/version.VelaGitRevision
+      GO_BUILD_ENV: GO111MODULE=on CGO_ENABLED=0
+      DIST_DIRS: find * -type d -exec
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v4
+      - name: Set up Go
+        uses: actions/setup-go@v5
+        with:
+          go-version: "1.22"
+      - name: Get release
+        id: get_release
+        uses: bruceadams/get-release@v1.2.2
+        env:
+          GITHUB_TOKEN: ${{ github.token }}
+      - name: Get version
+        run: echo "VELAD_VERSION=${GITHUB_REF#refs/tags/}" >> $GITHUB_ENV
+      - name: Get Vela CLI git-revision
+        run: |
+          SHA_LONG=$(curl -s -H "Accept: application/vnd.github.v3+json" https://api.github.com/repos/kubevela/kubevela/git/refs/tags/${{ env.VELAD_VERSION }} |jq -r ".object.sha")
+          VELA_SHA_SHORT="${SHA_LONG:0:7}"
+          echo $VELA_SHA_SHORT
+          echo "VELA_SHA_SHORT=$VELA_SHA_SHORT" >> $GITHUB_ENV
+      - name: Get matrix
+        id: get_matrix
+        run: |
+          TARGETS=${{matrix.TARGETS}}
+          echo ::set-output name=OS::${TARGETS%/*}
+          echo ::set-output name=ARCH::${TARGETS#*/}
+      - name: Get ldflags
+        id: get_ldflags
+        run: |
+          VELAUX_VERSION=$(cat Makefile | grep "VELAUX_VERSION ?="|awk '{split($0,a," "); print a[3]}')
+          echo VELAUX_VERSION=$VELAUX_VERSION
+          LDFLAGS="-s -w -X ${{ env.VELA_VERSION_KEY }}=${{ env.VELAD_VERSION }} -X ${{ env.VELAUX_VERSION_KEY }}=$VELAUX_VERSION -X ${{ env.VELAD_VERSION_KEY }}=${{ env.VELAD_VERSION }} -X ${{ env.VELA_GITVERSION_KEY }}=git-${{ env.VELA_SHA_SHORT }}"
+          echo "LDFLAGS=${LDFLAGS}" >> $GITHUB_ENV
+      - name: Build
+        run: |
+          export OS=${{ steps.get_matrix.outputs.OS }}
+          export ARCH=${{ steps.get_matrix.outputs.ARCH }}
+          make download_vela_images_addons
+          make download_k3s_images
+          make download_k3s_bin_script
+          make download_k3d
+          ${{ env.GO_BUILD_ENV }} GOOS=${{ steps.get_matrix.outputs.OS }} GOARCH=${{ steps.get_matrix.outputs.ARCH }} \
+            go build -ldflags "${{ env.LDFLAGS }}" \
+            -o _bin/velad/${{ steps.get_matrix.outputs.OS }}-${{ steps.get_matrix.outputs.ARCH }}/velad -v \
+            cmd/velad/main.go
+      - name: Compress
+        run: |
+          echo "\n## Release Info\nVERSION: ${{ env.VELAD_VERSION }}" >> README.md && \
+          echo "GIT_COMMIT: ${GITHUB_SHA}\n" >> README.md && \
+          cd _bin/velad && \
+          ${{ env.DIST_DIRS }} cp ../../LICENSE {} \; && \
+          ${{ env.DIST_DIRS }} cp ../../README.md {} \; && \
+          ${{ env.DIST_DIRS }} tar -zcf velad-{}.tar.gz {} \; && \
+          ${{ env.DIST_DIRS }} zip -r velad-{}.zip {} \; && \
+          cd .. && \
+          sha256sum velad/velad-* >> sha256-${{ steps.get_matrix.outputs.OS }}-${{ steps.get_matrix.outputs.ARCH }}.txt \
+      - name: Upload VelaD tar.gz
+        uses: actions/upload-release-asset@v1.0.2
+        with:
+          upload_url: ${{ steps.get_release.outputs.upload_url }}
+          asset_path: ./_bin/velad/velad-${{ steps.get_matrix.outputs.OS }}-${{ steps.get_matrix.outputs.ARCH }}.tar.gz
+          asset_name: velad-${{ env.VELAD_VERSION }}-${{ steps.get_matrix.outputs.OS }}-${{ steps.get_matrix.outputs.ARCH }}.tar.gz
+          asset_content_type: binary/octet-stream
+      - name: Upload VelaD zip
+        uses: actions/upload-release-asset@v1.0.2
+        with:
+          upload_url: ${{ steps.get_release.outputs.upload_url }}
+          asset_path: ./_bin/velad/velad-${{ steps.get_matrix.outputs.OS }}-${{ steps.get_matrix.outputs.ARCH }}.zip
+          asset_name: velad-${{ env.VELAD_VERSION }}-${{ steps.get_matrix.outputs.OS }}-${{ steps.get_matrix.outputs.ARCH }}.zip
+          asset_content_type: binary/octet-stream
+      - name: Post sha256
+        uses: actions/upload-artifact@v4
+        with:
+          name: sha256sums
+          path: ./_bin/sha256-${{ steps.get_matrix.outputs.OS }}-${{ steps.get_matrix.outputs.ARCH }}.txt
+          retention-days: 1
+      - name: clear the asset
+        run: |
+          rm -rf ./_bin/velad/${{ steps.get_matrix.outputs.OS }}-${{ steps.get_matrix.outputs.ARCH }}
+          mv ./_bin/velad/velad-${{ steps.get_matrix.outputs.OS }}-${{ steps.get_matrix.outputs.ARCH }}.tar.gz ./_bin/velad/velad-${{ steps.get_matrix.outputs.OS }}-${{ steps.get_matrix.outputs.ARCH }}-${{ env.VELAD_VERSION }}.tar.gz
+          mv ./_bin/velad/velad-${{ steps.get_matrix.outputs.OS }}-${{ steps.get_matrix.outputs.ARCH }}.zip ./_bin/velad/velad-${{ steps.get_matrix.outputs.OS }}-${{ steps.get_matrix.outputs.ARCH }}-${{ env.VELAD_VERSION }}.zip
+      - name: Install ossutil
+        run: wget http://gosspublic.alicdn.com/ossutil/1.7.0/ossutil64 && chmod +x ossutil64 && mv ossutil64 ossutil
+      - name: Configure Alibaba Cloud OSSUTIL
+        run: ./ossutil --config-file .ossutilconfig config -i ${ACCESS_KEY} -k ${ACCESS_KEY_SECRET} -e ${ENDPOINT}
+      - name: Upload to OSS
+        run: |
+          ./ossutil --config-file .ossutilconfig --force sync \
+          ./_bin/velad oss://kubevela-docs/binary/velad/${{ env.VELAD_VERSION }}
+      - name: sync the velad latest version file
+        if: ${{ !contains(env.VELAD_VERSION,'alpha') && !contains(env.VELAD_VERSION,'beta') }}
+        run: |
+          LATEST_VERSION=$(curl -fsSl https://static.kubevela.net/binary/velad/latest_version)
+          verlte() {
+            [  "$1" = "`echo -e "$1\n$2" | sort -V | head -n1`" ]
+          }
+          verlte ${{ env.VELAD_VERSION }} $LATEST_VERSION && echo "${{ env.VELAD_VERSION }} <= $LATEST_VERSION, skip update" && exit 0
+          echo ${{ env.VELAD_VERSION }} > ./velad_latest_version
+          ./ossutil --config-file .ossutilconfig cp -u ./velad_latest_version oss://kubevela-docs/binary/velad/latest_version
--- a/.gitignore
+++ b/.gitignore
@ -28,6 +28,10 @@ _.yaml
 _tmp/
 tmp/

-pkg/static/k3s
-pkg/static/vela/images
-pkg/static/vela/charts/vela-core.tgz
+pkg/resources/static/k3s
+pkg/resources/static/k3d/
+pkg/resources/static/vela/images
+pkg/resources/static/vela/charts/vela-core.tgz
+pkg/resources/static/vela/addons
+
+.env
--- a/.golangci.yml
+++ b/.golangci.yml
@ -0,0 +1,204 @@
+run:
+  timeout: 10m
+
+  skip-files:
+    - ".*_test.go$"
+
+  skip-dirs:
+    - "hack"
+    - "e2e"
+
+output:
+  # colored-line-number|line-number|json|tab|checkstyle|code-climate, default is "colored-line-number"
+  format: colored-line-number
+
+linters-settings:
+  errcheck:
+    # report about not checking of errors in type assetions: `a := b.(MyStruct)`;
+    # default is false: such cases aren't reported by default.
+    check-type-assertions: false
+
+    # report about assignment of errors to blank identifier: `num, _ := strconv.Atoi(numStr)`;
+    # default is false: such cases aren't reported by default.
+    check-blank: false
+
+    # [deprecated] comma-separated list of pairs of the form pkg:regex
+    # the regex is used to ignore names within pkg. (default "fmt:.*").
+    # see https://github.com/kisielk/errcheck#the-deprecated-method for details
+    ignore: fmt:.*,io/ioutil:^Read.*,github.com/kyokomi/emoji/v2:.*
+
+  exhaustive:
+    # indicates that switch statements are to be considered exhaustive if a
+    # 'default' case is present, even if all enum members aren't listed in the
+    # switch
+    default-signifies-exhaustive: true
+
+  govet:
+    # report about shadowed variables
+    check-shadowing: false
+
+  gofmt:
+    # simplify code: gofmt with `-s` option, true by default
+    simplify: true
+
+  goimports:
+    # put imports beginning with prefix after 3rd-party packages;
+    # it's a comma-separated list of prefixes
+    local-prefixes: github.com/kubevela/velad
+
+  gocyclo:
+    # minimal code complexity to report, 30 by default (but we recommend 10-20)
+    min-complexity: 30
+
+  maligned:
+    # print struct with more effective memory layout or not, false by default
+    suggest-new: true
+
+  dupl:
+    # tokens count to trigger issue, 150 by default
+    threshold: 100
+
+  goconst:
+    # minimal length of string constant, 3 by default
+    min-len: 3
+    # minimal occurrences count to trigger, 3 by default
+    min-occurrences: 5
+
+  lll:
+    # tab width in spaces. Default to 1.
+    tab-width: 1
+
+  unused:
+    # treat code as a program (not a library) and report unused exported identifiers; default is false.
+    # XXX: if you enable this setting, unused will report a lot of false-positives in text editors:
+    # if it's called for subdir of a project it can't find funcs usages. All text editor integrations
+    # with golangci-lint call it on a directory with the changed file.
+    check-exported: false
+
+  unparam:
+    # Inspect exported functions, default is false. Set to true if no external program/library imports your code.
+    # XXX: if you enable this setting, unparam will report a lot of false-positives in text editors:
+    # if it's called for subdir of a project it can't find external interfaces. All text editor integrations
+    # with golangci-lint call it on a directory with the changed file.
+    check-exported: false
+
+  nakedret:
+    # make an issue if func has more lines of code than this setting and it has naked returns; default is 30
+    max-func-lines: 30
+
+  gocritic:
+    # Enable multiple checks by tags, run `GL_DEBUG=gocritic golangci-lint` run to see all tags and checks.
+    # Empty list by default. See https://github.com/go-critic/go-critic#usage -> section "Tags".
+    enabled-tags:
+      - performance
+
+    settings: # settings passed to gocritic
+      captLocal: # must be valid enabled check name
+        paramsOnly: true
+      rangeValCopy:
+        sizeThreshold: 32
+
+  makezero:
+    # Allow only slices initialized with a length of zero. Default is false.
+    always: false
+
+linters:
+  enable:
+    - megacheck
+    - govet
+    - gocyclo
+    - gocritic
+    - goconst
+    - goimports
+    - gofmt  # We enable this as well as goimports for its simplify mode.
+    - unconvert
+    - misspell
+    - nakedret
+    - exportloopref
+    # - revive
+
+  presets:
+    - bugs
+    - unused
+  fast: false
+
+
+issues:
+  # Excluding configuration per-path and per-linter
+  exclude-rules:
+    # Exclude some linters from running on tests files.
+    - path: _test(ing)?\.go
+      linters:
+        - gocyclo
+        - errcheck
+        - dupl
+        - gosec
+        - unparam
+
+    # Ease some gocritic warnings on test files.
+    - path: _test\.go
+      text: "(unnamedResult|exitAfterDefer)"
+      linters:
+        - gocritic
+
+    # These are performance optimisations rather than style issues per se.
+    # They warn when function arguments or range values copy a lot of memory
+    # rather than using a pointer.
+    - text: "(hugeParam|rangeValCopy):"
+      linters:
+        - gocritic
+
+    # This "TestMain should call os.Exit to set exit code" warning is not clever
+    # enough to notice that we call a helper method that calls os.Exit.
+    - text: "SA3000:"
+      linters:
+        - staticcheck
+
+    - text: "k8s.io/api/core/v1"
+      linters:
+        - goimports
+
+    # This is a "potential hardcoded credentials" warning. It's triggered by
+    # any variable with 'secret' in the same, and thus hits a lot of false
+    # positives in Kubernetes land where a Secret is an object type.
+    - text: "G101:"
+      linters:
+        - gosec
+        - gas
+
+    # This is an 'errors unhandled' warning that duplicates errcheck.
+    - text: "G104:"
+      linters:
+        - gosec
+        - gas
+
+    # The Azure AddToUserAgent method appends to the existing user agent string.
+    # It returns an error if you pass it an empty string lettinga you know the
+    # user agent did not change, making it more of a warning.
+    - text: \.AddToUserAgent
+      linters:
+        - errcheck
+
+    - text: "don't use an underscore"
+      linters:
+        - golint
+
+  # Independently from option `exclude` we use default exclude patterns,
+  # it can be disabled by this option. To list all
+  # excluded by default patterns execute `golangci-lint run --help`.
+  # Default value for this option is true.
+  exclude-use-default: false
+
+  # Show only new issues: if there are unstaged changes or untracked files,
+  # only those changes are analyzed, else only changes in HEAD~ are analyzed.
+  # It's a super-useful option for integration of golangci-lint into existing
+  # large codebase. It's not practical to fix all existing issues at the moment
+  # of integration: much better don't allow issues in new code.
+  # Default is false.
+  new: false
+
+  # Maximum issues count per one linter. Set to 0 to disable. Default is 50.
+  max-per-linter: 0
+
+  # Maximum count of issues with the same text. Set to 0 to disable. Default is 3.
+  max-same-issues: 0
--- a/108
+++ b/108
@ -1,21 +1,99 @@
-K3S_VERSION ?= v1.21.10+k3s1
-STATIC_DIR := pkg/static
-all: download_vela_images download_k3s pack_vela_chart
-	go build -o bin/velad github.com/oam-dev/velad
+include makefiles/dependency.mk

-download_vela_images:
-	./download_images.sh
+K3S_VERSION ?= v1.27.2+k3s1
+STATIC_DIR := pkg/resources/static
+VELA_VERSION ?= v1.10.1
+VELAUX_VERSION ?= v1.9.4
+VELA_VERSION_NO_V := $(subst v,,$(VELA_VERSION))
+VELAUX_IMAGE_VERSION ?= v1.9.4
+LDFLAGS= "-X github.com/oam-dev/velad/version.VelaUXVersion=${VELAUX_VERSION} -X github.com/oam-dev/velad/version.VelaVersion=${VELA_VERSION}"

-download_k3s:
-	mkdir -p ${STATIC_DIR}/k3s
-	curl -Lo ${STATIC_DIR}/k3s/k3s https://github.com/k3s-io/k3s/releases/download/${K3S_VERSION}/k3s
-	curl -Lo ${STATIC_DIR}/k3s/setup.sh https://get.k3s.io
-	curl -Lo ${STATIC_DIR}/k3s/k3s-airgap-images-amd64.tar.gz https://github.com/k3s-io/k3s/releases/download/${K3S_VERSION}/k3s-airgap-images-amd64.tar.gz
+UNAME_S := $(shell uname -s)
+ifeq ($(UNAME_S), Linux)
+OS ?= linux
+else
+OS ?= darwin
+endif
+UNAME_M := $(shell uname -m)
+ifeq ($(UNAME_M), arm64)
+ARCH ?= arm64
+else
+ARCH ?= amd64
+endif
+
+.DEFAULT_GOAL := build
+build:
+	echo "Building for ${OS}/${ARCH}"
+	OS=${OS} ARCH=${ARCH} make $(OS)-$(ARCH)
+
+
+linux-amd64 linux-arm64: download_vela_images_addons download_k3s_bin_script download_k3s_images
+	$(eval OS := $(word 1, $(subst -, ,$@)))
+	$(eval ARCH := $(word 2, $(subst -, ,$@)))
+	echo "Compiling for ${OS}/${ARCH}"
+
+	GOOS=${OS} GOARCH=${ARCH} \
+	go build -o bin/velad-${OS}-${ARCH} \
+	-ldflags=${LDFLAGS} \
+	github.com/oam-dev/velad/cmd/velad
+
+darwin-amd64 darwin-arm64 windows-amd64: download_vela_images_addons download_k3d  download_k3s_images
+	$(eval OS := $(word 1, $(subst -, ,$@)))
+	$(eval ARCH := $(word 2, $(subst -, ,$@)))
+	echo "Compiling for ${OS}/${ARCH}"
+
+	GOOS=${OS} GOARCH=${ARCH} \
+	go build -o bin/velad-${OS}-${ARCH} \
+	-ldflags=${LDFLAGS} \
+	github.com/oam-dev/velad/cmd/velad
+
+CHART_DIR := ${STATIC_DIR}/vela/charts
+download_vela_chart:
+	mkdir -p ${CHART_DIR}
+	curl -L -o ${CHART_DIR}/vela-core.tgz https://kubevela.github.io/charts/vela-core-${VELA_VERSION_NO_V}.tgz
+
+download_vela_images_addons: download_vela_chart
+	tar -xzf ${CHART_DIR}/vela-core.tgz -C ${CHART_DIR}
+	./hack/download_vela_images.sh ${VELA_VERSION} ${VELAUX_IMAGE_VERSION} ${ARCH}
+	./hack/download_addons.sh ${VELAUX_VERSION}
+	rm -rf ${CHART_DIR}/vela-core
+
+
+download_k3d:
+	./hack/download_k3d_images.sh ${ARCH}
+
+download_k3s_bin_script:
+	mkdir -p ${STATIC_DIR}/k3s/other
+	curl -Lo ${STATIC_DIR}/k3s/other/k3s https://github.com/k3s-io/k3s/releases/download/${K3S_VERSION}/k3s
+	curl -Lo ${STATIC_DIR}/k3s/other/setup.sh https://get.k3s.io
+
+download_k3s_images:
+	mkdir -p ${STATIC_DIR}/k3s/images
+	curl -Lo ${STATIC_DIR}/k3s/images/k3s-airgap-images.tar.gz https://github.com/k3s-io/k3s/releases/download/${K3S_VERSION}/k3s-airgap-images-${ARCH}.tar.gz

-pack_vela_chart:
-	tar -czf ${STATIC_DIR}/vela/charts/vela-core.tgz ${STATIC_DIR}/vela/charts/vela-core

 .PHONY: clean
 clean:
-	rm ${STATIC_DIR}/vela/charts/vela-core.tgz
-	rm bin/velad
+	rm -f ${CHART_DIR}/vela-core.tgz
+	rm -f bin/velad
+
+lint: golangci
+	$(GOLANGCILINT) run ./...
+
+staticcheck: staticchecktool
+	$(STATICCHECK) ./...
+
+fmt: goimports
+	$(GOIMPORTS) -local github.com/kubevela/velad -w $$(go list -f {{.Dir}} ./...)
+
+go-check:
+	go fmt ./...
+	go vet ./...
+
+reviewable: lint staticcheck fmt go-check
+	go mod tidy
+
+check-diff: reviewable
+	git --no-pager diff
+	git diff --quiet || (echo please run 'make reviewable' to include all changes && false)
+	echo branch is clean
--- a/README.md
+++ b/README.md
@ -1,40 +1,79 @@
-# velad
+# VelaD

-Setup KubeVela control plane airgapped with high availability of metadata
+Lightweight Deploy tool, helps setup [KubeVela](https://github.com/kubevela/kubevela) quickly。
+
+English | [简体中文](docs/readme-zh.md)
+
+![E2E Test](https://github.com/kubevela/velad/actions/workflows/e2e-test.yaml/badge.svg)
+
+## Introduction
+
+VelaD is lightweight deployment tool to set up [KubeVela](https://github.com/kubevela/kubevela).
+
+VelaD make it very easy to set up KubeVela environment, including a cluster with KubeVela installed, VelaUX/Vela CLI prepared.
+
+VelaD is the fastest way to get started with KubeVela.
+
+
+![demo](docs/resources/demo.gif)

 ## Features

-1. Air-gap install.
-2. High Availability with an External DB. (MySQL/MariaDB, PostgreSQL, ETCD)
- 
+1. Set up KubeVela air-gapped.
+2. Build KubeVela control plane with higher availability with more nodes and database(Optional).
+3. Experience KubeVela multi-cluster features in one computer.
+
 ## Prerequisites

- Linux
+If you are using Windows/macOS, docker is needed for run VelaD

 ## Quickstart

+### Installation
+
+- **Linux/macOS**
+```shell
+curl -fsSl https://static.kubevela.net/script/install-velad.sh | bash
+```
+
+- **Windows**
+> Only the official release version is supported.
+```shell
+powershell -Command "iwr -useb https://static.kubevela.net/script/install-velad.ps1 | iex"
+```
+
 ### Setup

-Only one command to setup KubeVela control plane
+To set up KubeVela you only need run `velad install`

 ```shell
 velad install
 ```
-```shell
-Preparing cluster setup script...
-Preparing k3s binary...
-Successfully place k3s binary to /usr/local/bin/k3s
-Preparing k3s images
-Successfully prepare k3s image
-Setting up cluster...
-...
-Successfully set up KubeVela control plane, run: export KUBECONFIG=$(velad kubeconfig) to access it
+```text
+INFO[0000] portmapping '8080:80' targets the loadbalancer: defaulting to [servers:*:proxy agents:*:proxy] 
+Preparing K3s images...
+...(omit for brevity)
+
+🚀  Successfully install KubeVela control plane
+💻  When using gateway trait, you can access with 127.0.0.1:8080
+🔭  See available commands with `vela help`
 ```

-And there you go.
+There you go! You have set up KubeVela. Behind the command, VelaD starts a K3d container(K3s when Linux), installs vela-core
+Helm chart and setup vela CLI for you.
+
+After install, you can follow this [example](./docs/01.simple.md) to deliver your first application.

 ### uninstall

 ```shell
 velad uninstall
-```
+```
+
+### More example
+
+Please check [docs](./docs/) for more VelaD example
+
+## Known issues
+
+- Installation on darwin-arm64 (Apple chip) machine isn't fully air-gapped. Please track #64 for more info.
--- a/cmd/velad/main.go
+++ b/cmd/velad/main.go
@ -17,19 +17,10 @@ limitations under the License.
 package main

 import (
-	"github.com/oam-dev/kubevela/pkg/utils/common"
-	cmdutil "github.com/oam-dev/kubevela/pkg/utils/util"
-	"github.com/oam-dev/velad/pkg"
-	"os"
+	"github.com/oam-dev/velad/pkg/cmd"
 )

 func main() {
-	ioStream := cmdutil.IOStreams{In: os.Stdin, Out: os.Stdout, ErrOut: os.Stderr}
-	commandArgs := common.Args{
-		Schema: common.Scheme,
-	}
-	cmd := pkg.NewVeladCommand(commandArgs, ioStream)
-	if err := cmd.Execute(); err != nil {
-		os.Exit(1)
-	}
+	app := cmd.NewApp()
+	app.Run()
 }
--- a/contribute/upgrade-vela.md
+++ b/contribute/upgrade-vela.md
@ -0,0 +1,22 @@
+# How to upgrade KubeVela version of VelaD
+
+VelaD embed one KubeVela Helm chart and VelaD's build process will cache some images(e.g. vela-core). 
+When KubeVela has a new release. Do these steps below to upgrade VelaD's embedded KubeVela version.
+
+1. Upgrade go.mod
+2. Upgrade vela version in makefile
+
+### Upgrade vela version in makefile
+
+In `Makefile`, find this two variables, upgrade them to right version.
+
+> VelaUX sometimes don't release new version together with KubeVela, make sure VelaUX version is right.
+
+```makefile
+VELAUX_VERSION ?= v1.6.0
+VELAUX_IMAGE_VERSION ?= ${VELAUX_VERSION}
+```
+
+### After upgrade
+
+Commit all changes and make a pull request.
--- a/docs/01.simple.md
+++ b/docs/01.simple.md
@ -0,0 +1,196 @@
+# Setup KubeVela and deliver your first app
+
+VelaD can help you set up KubeVela on your computer. In this article will focus on several points
+
+1. Install VelaD
+2. Use VelaD to setup KubeVela
+3. Install VelaUX
+4. Deliver your first app
+
+## Install VelaD
+
+This is quite easy. Depends on your system, run one of scripts below.
+
+- **Linux/macOS**
+```shell
+curl -fsSl https://static.kubevela.net/script/install-velad.sh | bash 
+```
+
+- **Windows**
+```shell
+powershell -Command "iwr -useb https://static.kubevela.net/script/install-velad.ps1 | iex"
+```
+
+After install, you can run `velad version` to check velad CLI installed
+
+```shell
+velad version
+```
+```text
+Core Version: v1.4.0
+VelaD Version: v1.4.0
+```
+
+## Use VelaD to setup KubeVela
+
+All you need is run `velad install`, that will help you do things below:
+
+1. start a cluster which needed by KubeVela
+2. install KubeVela in cluster
+3. install vela CLI on the machine
+4. place VelaUX(a web panel addon)resources
+
+```shell
+velad install
+```
+```text
+INFO[0000] portmapping '8080:80' targets the loadbalancer: defaulting to [servers:*:proxy agents:*:proxy] 
+Preparing K3s images...
+...(omit for brevity)
+
+KubeVela control plane has been successfully set up on your cluster.
+If you want to enable dashboard, please run "vela addon enable /Users/qiaozp/.vela/addons/velaux"
+
+Keep the token below if you want to restart the control plane
+K103585b6be41cc4160c795036d769b1aa2c249a8f046707ab0210c56dcc05e8957::server:kOcAPpOXfVfBbrMBinan..(omit for brevity)
+
+🚀  Successfully install KubeVela control plane
+💻  When using gateway trait, you can access with 127.0.0.1:8080
+🔭  See available commands with `vela help`
+```
+
+> Note: later we'll use gateway trait. Remember we can use 127.0.0.1:8080 to access application with gateway trait.
+
+Now you have KubeVela available in this computer. To verify install result, check if tools and resources ready,
+run `velad status`
+
+```shell
+velad status
+```
+```text
+Checking cluster status...
+K3d images status:
+ ✔ image rancher/k3d-tools:5.2.2 ready
+ ✔ image rancher/k3d-proxy:5.2.2 ready
+ ✔ image rancher/k3s:v1.21.10-k3s1 ready
+Cluster(K3d) status:
+ ✔ cluster [default] ready
+  ✔ kubevela status: deployed
+Checking KubeVela status...
+Vela status:
+ ✔ Vela CLI installed
+ ✔ Vela CLI path: /usr/local/bin/vela
+ ✔ VelaUX addon dir ready
+ ✔ VelaUX addon dir path: /Users/qiaozp/.vela/addons/velaux
+```
+
+You could use vela CLI now. try check all available component types. Later we'll use `webservice` type component when deploying first app
+```shell
+# optional because `velad install` create default cluster
+export KUBECONFIG=$(velad kubeconfig --host)
+```
+
+```shell
+vela comp
+```
+
+result:
+```text
+NAME                    DEFINITION
+config-image-registry   autodetects.core.oam.dev
+k8s-objects             autodetects.core.oam.dev
+cron-task               cronjobs.batch
+ref-objects             autodetects.core.oam.dev
+raw                     autodetects.core.oam.dev
+task                    jobs.batch
+worker                  deployments.apps
+webservice              deployments.apps
+```
+
+## Install VelaUX
+
+VelaUX is a dashboard including UI+API services, it enables you to do everything around application delivery and management.
+VelaUX isn't required for KubeVela, but it is an excellent entry to get started.
+
+VelaD has prepared all VelaUX resources (images, addon manifests) for you. Just like it hints when `velad install`, you can enable VelaUX by:
+
+```shell
+vela addon enable /Users/<user>/.vela/addons/velaux
+```
+
+Here, you have to replace <user> with your own username. After about half a minutes, you will see the output:
+
+```text
+Initialized admin username and password: admin / VelaUX12345
+To open the dashboard directly by port-forward:
+    vela port-forward -n vela-system addon-velaux 9082:80
+Select "Cluster: local | Namespace: vela-system | Kind: Service | Name: velaux" from the prompt.
+Please refer to https://kubevela.io/docs/reference/addons/velaux for more VelaUX addon installation and visiting method.
+```
+
+The default username and password is: `admin` / `VelaUX12345`.
+
+Do as the output says, port-forward velaux and choose "Cluster: local | Namespace: vela-system | Kind: Service | Name: velaux"
+
+```shell
+vela port-forward -n vela-system addon-velaux 9082:80
+? You have 4 deployed resources in your app. Please choose one: Cluster: local | Namespace: vela-system | Kind: Service | Name: velaux
+Forwarding from 127.0.0.1:9082 -> 80
+Forwarding from [::1]:9082 -> 80
+```
+
+You will see dashboard opened automatically. Use `admin` and password just got to log in and you'll see:
+
+![](./resources/dashbord.jpg)
+
+🎉 Congrats! You have successfully installed VelaUX.
+
+## Deliver your first app
+
+Now we'll use VelaUX to deliver your first app, just a Nginx for example.
+Notice that this example may be simple. However, you can use the same pattern to deliver more complicated app depends on your stack.
+
+1. Click the `New Application` in top-right of window.
+2. Input `first-app` for `Name` and choose `Default(default)` for `Bind Environments`. Click `Next Step`.
+
+![new-app](resources/01.new_app.jpg)
+
+3. Input `nginx` for `Container Image`. Click `Create`
+
+![image](resources/01.new_app_2.jpg)
+
+4. Click `first-app` in components panel
+
+![add_trait_1](resources/01.add_trait.jpg)
+
+5. Click the plus button in Traits panel. we'll add a gateway trait, so we can access it from localhost
+
+![add_trait_2](resources/01.add_trait_2.jpg)
+
+6. In the detail form, first choose `gateway` in `Type`. Arguments will show below. Then fill two arguments
+- Change `Class` to `traefik` to use Traefik packed with VelaD.
+- Add a route rule from `/` to `80`, which we'll use localhost:port without sub-path to access port 80 inside.
+ 
+Click the `Create` to add gateway trait to this app.
+
+![add_trait_3](resources/01.add_trait_3.jpg)
+
+7. Finally, we can click the `Deploy` button in the right-top of window. This will launch app to K8s Cluster where
+   KubeVela runs.
+
+After seven steps. You can check the application healthiness in `Default` tab. When it is running, we can access it with
+`127.0.0.1:8080`. That was mentioned when velad install.
+
+![result](resources/01.result.jpg)
+
+# Summary
+
+After follow this blog, you have known how to use VelaD to deploy KubeVela, VelaUX, and deploy application using VelaUX. 
+
+VelaD have more capabilities when getting hands on KubeVela.
+
+- Want to try KubeVela multicluster features? See [multicluster docs](02.multicluster.md)
+- Want to expose your cluster to other computer? See [Expose cluster](05.expose-cluster.md)
+- Want to apply origin K8s YAML and distribute them to multi-clusters? See [Apply & Distribute docs](03.apply-and-distribute.md)
+- Want to deploy KubeVela control plane with higher availability? See [Deploy by Multi-node and Database](04.ha.md)
+- Want to use VelaD help develop KubeVela locally? See [Develop KubeVela with VelaD](06.develop_kubevela.md)
--- a/docs/02.multicluster.md
+++ b/docs/02.multicluster.md
@ -0,0 +1,186 @@
+# Multicluster with VelaD
+
+There are many [scenarios](https://kubevela.net/docs/case-studies/multi-cluster#introduction) that developers may want 
+to deploy their application across multi-clusters.
+This article will introduce you to how make use of VelaD to try multi-cluster features of KubeVela.
+If you don't know the basic use of VelaD, you can follow this [document](01.simple.md)
+
+## Prerequisite
+
+Windows/macOS System.
+
+## Targets
+
+In this article, there are several targets:
+
+1. Create a cluster with KubeVela with VelaD as control plane of clusters.
+2. Create one cluster as managed cluster.
+3. Join managed cluster into KubeVela
+4. Deliver one multi-cluster application.
+
+## Architecture
+
+The three targets above will actually build two clusters within the same Docker network(so they can access each other).
+
+The image below shows how multi-cluster scenario works:
+
+![arch](resources/02.arch.jpg)
+
+When using VelaD, clusters are K3d which running in Docker container. Note that these clusters are in the same Docker 
+network, which enables the access between them.
+
+## Steps
+
+### Create control plane
+
+This step has nothing special, `velad install` is all you need which has benn shown in [01.simple](01.simple.md). Here 
+we just skip the output of install.
+
+```shell
+velad install
+```
+
+### Create managed cluster
+
+Create the second cluster, namely managed cluster. 
+
+```shell
+velad install --name sub-cluster --cluster-only
+```
+
+In this command, use `--name` flag to distinguish it from first cluster which name is `default`.
+use `--cluster-only` to tell VelaD not to install KubeVela in this cluster.
+
+**expcted output**
+
+```text
+...(omit for brevity)
+vela CLI is already installed, skip
+
+Keep the token below if you want to restart the control plane
+K10967ee649ab9910497b04c91ad9406e439736df46d1fee85e3451afb8d8cc1da3::server:fgwgYIwkmAQKnmyOIVXc
+
+🚀  Successfully install a pure cluster! 
+🔗  If you have a cluster with KubeVela, Join this as sub-cluster:
+    vela cluster join $(velad kubeconfig --name sub-cluster --internal)
+💻  When using gateway trait, you can access with 127.0.0.1:8082
+🔑  To access the cluster, set KUBECONFIG:
+    export KUBECONFIG=$(velad kubeconfig --name sub-cluster --host)
+```
+
+In the output, wee have seen lots of them. The second one is a new hint which tells how
+to join this cluster as managed cluster.
+
+### Join cluster into KubeVela
+
+As hint above, we can use this command to join the cluster
+
+```shell
+vela cluster join $(velad kubeconfig --name sub-cluster --internal)
+```
+
+Here `velad kubeconfig --name sub-cluster --internal` print a kubeconfig file path which
+`vela cluster join` need. The `--internal` flag means this is for docker network.
+
+> Note: all cluster created by VelaD are in docker network "k3d-velad"
+
+**expected output**
+
+```text
+Successfully add cluster , endpoint: https://172.31.0.5:6443.
+```
+
+Use `vela cluster list` to show clusters joined. The second one is the managed cluster.
+
+```shell
+CLUSTER                         ALIAS   TYPE            ENDPOINT                ACCEPTED        LABELS
+local                                   Internal        -                       true                  
+k3d-velad-cluster-sub-cluster           X509Certificate https://172.31.0.5:6443 true                  
+```
+
+### Deliver multi-cluster application.
+
+After join cluster into KubeVela, we can deliver applications to different clusters.
+
+Here is one multi-cluster app example, run:
+
+```shell
+cat <<EOF | vela up -f -
+apiVersion: core.oam.dev/v1beta1
+kind: Application
+metadata:
+  name: basic-topology
+spec:
+  components:
+    - name: nginx-basic
+      type: webservice
+      properties:
+        image: nginx
+      traits:
+        - type: expose
+          properties:
+            port: [80]
+  policies:
+    - name: topology-sub-cluster
+      type: topology
+      properties:
+        clusters: ["k3d-velad-cluster-sub-cluster"]
+EOF
+```
+
+This is the first example of KubeVela website for deploy application to multi-cluster.
+
+You can check the status with `vela status`
+
+```shell
+vela status basic-topology
+```
+
+**output**
+
+```text
+About:
+
+  Name:         basic-topology               
+  Namespace:    default                      
+  Created at:   2022-05-28 18:44:30 +0800 CST
+  Status:       running                      
+
+Workflow:
+
+  mode: DAG
+  finished: true
+  Suspend: false
+  Terminated: false
+  Steps
+  - id:92cn9mrqwm
+    name:deploy-topology-sub-cluster
+    type:deploy
+    phase:succeeded 
+    message:
+
+Services:
+
+  - Name: nginx-basic  
+    Cluster: k3d-velad-cluster-sub-cluster  Namespace: default
+    Type: webservice
+    Healthy Ready:1/1
+    Traits:
+      ✅ expose
+```
+
+There you go, you have deployed an application in multiple clusters with whole process is modeled as a declarative deployment
+plan. For more usage, check the KubeVela [document](https://kubevela.io/docs/case-studies/multi-cluster)
+
+### Tear down the environment
+
+To tear down the environment, just run `velad uninstall` to uninstall two cluster.
+```shell
+velad uninstall --name=default
+velad uninstall --name=sub-cluster
+```
+
+## Summary
+
+With VelaD, testing and developing application across the clusters become easy. No need for caring fee if you are using 
+true clusters or network/kubeconfig trivia if you are using kind/k3d/minikube.
--- a/docs/03.apply-and-distribute.md
+++ b/docs/03.apply-and-distribute.md
@ -0,0 +1,3 @@
+# Apply and Distribute
+
+TBD
--- a/docs/04.ha.md
+++ b/docs/04.ha.md
@ -0,0 +1,103 @@
+# Deploy by Multi-node and Database
+
+You can use VelaD to build KubeVela control plane with higher availability. It consists of:
+
+1. More than two nodes as server nodes.
+2. One database (Could be MySQL/MariaDB, PostgreSQL, etcd)
+3. One linux node as load balancer. (Or you can use a cloud load balancer)
+
+![arch](resources/04.arch.png)
+
+We only need run several commands on different nodes.
+
+## Setup server nodes
+
+### First node
+
+On the first server node, run
+
+```shell
+velad install --bind-ip=<LB_IP> --database-endpoint=<DB_ENNDPOINT> --token=<TOKEN> --node-ip=<IP>
+```
+
+`<LB_IP>` is IP of load balancer node. We'll setup it later. Passing it to `bind-ip` helps VelaD generate right
+kubeconfig.
+
+`<TOKEN>` is optional. Token will be generated if you don't use this argument. VelaD will print generated or given token
+after install.
+
+`<IP>` is optional. If the node have a public IP, you can pass it to `node-ip`.
+
+`<DB_ENDPOINT>` is the database connection string. The format is [here](db-connect-format.md).
+> You need to setup database before and make sure all your server nodes can access it.
+
+### Other nodes
+
+On the other node, you need to run `velad install` with the same arguments and **one more**: `--cluster-only`.
+`--cluster-only` means skip install KubeVela and only start node. These nodes belong to one cluster and don't install
+KubeVela repeatedly.
+
+```shell
+velad install --bind-ip=<LB_IP> --database-endpoint=<DB_ENNDPOINT>\
+              --token=<TOKEN> \
+              --cluster-only
+              --node-ip=<IP>
+```
+
+`<TOKEN>` should be the same with that in first node.
+`--node-ip=<IP>` is optional. If the node have a public IP, you can pass it to `node-ip`.
+
+## Setup load balancer
+
+On any master node, run
+
+```shell
+velad load-balancer wizard
+```
+
+It will show you the command to install nginx and setup it for forwarding the network traffic to master nodes. For
+example:
+
+```shell
+To setup load-balancer, run the following command on node acts as load-balancer:
+  velad load-balancer install --http-port 32196 --https-port 30297 --host=<IP1>,<IP2>
+```
+
+### Option1: Use another node as load balancer
+
+Paste the command to the load balancer node and run it.
+
+```shell
+velad load-balancer install --http-port 32196 --https-port 30297 --host=<IP1>,<IP2>
+```
+
+`<IPx>` is IPs of server nodes. It can be public IP or private IP. As long as the load balancer node can access it.
+
+This will call package manager of system to install nginx and setup it for forwarding the network traffic to server
+nodes.
+
+### Option2: Use cloud load balancer
+
+If you prefer to use cloud load balancer, you can configure it to forward the network traffic to server nodes. For
+example you can configure the port-forwarding of Alibaba Cloud SLB like this. The `6443` is required to access the
+cluster. The `80` and `443` are optional. You can pick other ports or don't forward them. They help to access the
+Ingress in the cluster. The `32196` and `30297` are the ports printed by `velad load-balancer wizard`. It's decided
+when `velad install` is called and can be different in different clusters.
+
+```text
+6443 -> 6443
+80 -> 32196
+443 -> 30297
+```
+
+## Access cluster
+
+Run command below on any server nodes. Copy the file to any computer which can access
+the load balancer.
+
+```shell
+velad kubeconfig --external
+```
+
+Boom! You can access the KubeVela control plane with this kubeconfig. Failure of any single server won't
+affect the availability of the control plane.
--- a/docs/05.expose-cluster.md
+++ b/docs/05.expose-cluster.md
@ -0,0 +1,38 @@
+# Expose Cluster
+
+Sometimes you want to use a remote server instead of a laptop to host VelaD cluster. You need to expose your cluster to
+the cluster so that you can access it from your computer. This document show you how to access a remote VelaD cluster.
+
+## How-to
+
+### Single-node Cluster
+
+> Note: If you are using a VM provided by cloud vendor (such as ECS in AliYun, EC2 in aws) , remember to expose 6443 
+> port from your security group.
+
+The simplest way to expose your cluster when you set-up a single-node cluster. 
+Just add `--bind-ip` argument when `velad install` like:
+
+```shell
+velad install --bind-ip=<IP_OF_SERVER>
+```
+
+VelaD will generate kubeconfig which can access this cluster for you. 
+Then print the generated kubeconfig for remote access.
+
+```shell
+velad kubeconfig --external
+```
+
+This will print a kubeconfig path. Copy that file to your local computer (or other server). Set it to `KUBECONFIG` var as
+other kubeconfig. Then you can access this VelaD cluster from remote.
+
+To summary:
+1. `velad install --bind-ip`
+2. `velad kubeconfig --external`
+3. Copy external kubeconfig file to other computer.
+4. export `KUBECONFIG` variable.
+
+### Multi-node Cluster
+
+Please follow this [high availability document](04.ha.md) to expose multi-node cluster.
--- a/docs/06.develop_kubevela.md
+++ b/docs/06.develop_kubevela.md
@ -0,0 +1,37 @@
+# Develop KubeVela with VelaD
+
+It's easy to use VelaD to get a local KubeVela development environment. This document will show you how to create a 
+KubeVela controller (vela-core) development environment.
+
+
+## Prerequisites
+
+1. No need for preparing a cluster. VelaD will take care of the cluster. 
+2. Other tools you need is listed in [contribution guide](https://kubevela.io/docs/contributor/code-contribute#prerequisites). 
+
+> Note the second item "Kubernetes ..." is NOT needed.
+> If you want to use cluster already exist as develop environment, please check [this doc](https://kubevela.io/docs/contributor/code-contribute#prerequisites) directly
+ 
+3. Docker (If you are using macOS or Windows)
+
+
+## Steps
+
+1. Setup Cluster and Helm Chart 
+```shell
+velad install --set admissionWebhooks.enabled=false --set replicaCount=0
+```
+This command setup k3d/k3s cluster and install vela-core with no running controller.
+
+2. Run Vela Core
+```shell
+export KUBECONFIG=$(velad kubeconfig --host)
+make core-run
+```
+This command will run KubeVela controller locally. There you go! you already have a KubeVela
+development environment.
+
+## Summary
+
+This guide shows how to create a KubeVela development environment and run KubeVela locally.
+For further guide (Testing, Create a PR, Formatting guide...), please return to [contribution guide](https://kubevela.io/docs/contributor/code-contribute#prerequisites)
--- a/docs/07.using-gateway-trait.md
+++ b/docs/07.using-gateway-trait.md
@ -0,0 +1,131 @@
+# Access Service in VelaD
+
+This document will show you how to access the service running in VelaD.
+
+## Background
+
+Typically, you can expose service in cluster in several ways.
+
+1. LoadBalancer type Service
+2. NodePort type Service
+3. Ingress API
+
+First two types both have some limitations. In VelaD cluster, exposing service through Ingress API is out of box.
+In KubeVela, we can use the `gateway` trait to expose service through Ingress API.
+
+## Using gateway trait
+
+In VelaD, we have installed a default Ingress Controller, which is needed to use Ingress API.
+The default Ingress controller is [**Traefik**](https://github.com/traefik/traefik). If you want to switch to other like
+Nginx Ingress Controller, see [Switch to Nginx Ingress Controller](#switch-to-nginx-ingress-controller).
+
+After running `velad install` command, there is one hint printed to the screen.
+
+```shell
+💻  When using gateway trait, you can access with 127.0.0.1:8090
+```
+
+It means you can access the Application with `gateway` trait through http://127.0.0.1:8090.
+
+For example, Run command below to apply app in VelaD cluster:
+```shell
+cat << EOF | vela up -f -
+apiVersion: core.oam.dev/v1beta1
+kind: Application
+metadata:
+  name: example
+spec:
+  components:
+    - name: hello-world
+      type: webservice
+      properties:
+        image: crccheck/hello-world
+      traits:
+        - type: gateway
+          properties:
+            domain: testsvc.example.com
+            class: traefik
+            http:
+              "/": 8000
+EOF
+```
+
+Then access this app by:
+```shell
+curl -H "Host: testsvc.example.com" http://localhost:8090/
+```
+
+The output like:
+
+```text
+<pre>
+Hello World
+
+
+                                       ##         .
+                                 ## ## ##        ==
+                              ## ## ## ## ##    ===
+                           /""""""""""""""""\___/ ===
+                      ~~~ {~~ ~~~~ ~~~ ~~~~ ~~ ~ /  ===- ~~~
+                           \______ o          _,/
+                            \      \       _,'
+                             `'--.._\..--''
+</pre>
+```
+
+## Switch To Nginx Ingress Controller
+
+There are three steps to switch to nginx ingress controller and using `gateway` trait.
+
+1. Uninstall Traefik
+
+> [Helm CLI](https://helm.sh/docs/intro/install/) is needed
+```shell
+helm uninstall traefik --namespace kube-system
+```
+
+2. Enable Ingress-nginx Addon and dependent FluxCD addon
+
+```shell
+vela addon enable fluxcd
+vela addon enable ingress-nginx
+```
+
+3. Port-forward Nginx Ingress Controller To Localhost
+
+```shell
+vela port-forward addon-ingress-nginx -n vela-system
+```
+
+> We don't need to do port-forwarding for Traefik in the last section because we when `velad install`, a container is created for that.
+
+Using the app above, only change `class: traefik` to `class: nginx` in the `gateway` trait section, run the command below:
+
+```shell
+cat << EOF | vela up -f -
+apiVersion: core.oam.dev/v1beta1
+kind: Application
+metadata:
+  name: example
+spec:
+  components:
+    - name: hello-world
+      type: webservice
+      properties:
+        image: crccheck/hello-world
+      traits:
+        - type: gateway
+          properties:
+            domain: testsvc.example.com
+            class: nginx
+            http:
+              "/": 8000
+EOF
+```
+
+
+Now you can access the services through Ingress like:
+
+```shell
+curl -H "Host: testsvc.example.com" http://localhost:8080/
+```
--- a/docs/08.join-worker-node.md
+++ b/docs/08.join-worker-node.md
@ -0,0 +1,34 @@
+# Joining a New Worker Node to VelaD Control Plane
+
+This guide describes the steps for joining a new worker node to an existing VelaD control plane.
+
+## Prerequisites
+
+Before proceeding with the steps below, ensure that:
+
+- Have a VelaD control plane running.
+- You have the token for the VelaD control plane. You can get the token by running the `velad token` command on the VelaD control plane master node.
+- New worker node is **Linux machine** and can access the VelaD control plane master node.
+- You have SSH access to the new worker node
+
+## Steps
+
+1. Download VelaD to the new worker node.
+```shell
+curl -fsSl https://static.kubevela.net/script/install-velad.sh | bash
+```
+
+2. Run the `velad join` command on the new worker node.
+    ```
+    velad join --master-ip <master-ip> --token <token> --worker-name <worker-name>
+    ```
+   - `<master-ip>` is the IP address of the VelaD control plane master node. (Required)
+   - `<token>` is the token for the VelaD control plane. (Required)
+   - `<worker-name>` is the name of the new worker node. (Optional) 
+
+3. Verify the new node has joined the control plane.
+    - Use `kubectl get nodes` to check the new worker node has joined the VelaD control plane.
+
+## Delete a Worker Node
+
+Run the `velad uninstall` command on the VelaD on the worker node to be deleted.
--- a/docs/contribute.md
+++ b/docs/contribute.md
@ -0,0 +1,82 @@
+# Contribution Guide
+
+This guild helps you get started developing VelaD
+
+### Prerequisites
+
+1. Golang version 1.19+
+2. Docker (for non-linux user)
+3. golangci-lint 1.38.0+, it will install automatically if you run make, you can install
+   it [manually](https://golangci-lint.run/usage/install/#local-installation) if the installation is too slow.
+
+### Build
+
+1. Clone this project
+
+```shell
+git clone https://github.com/kubevela/velad.git
+cd velad
+```
+
+2. Build VelaD
+
+```shell
+make
+```
+
+This will build the VelaD version corresponding to your machines architecture and OS by default. To cross build other
+version, you can the target. For example, you can build a darwin-amd64 version by:
+
+```shell
+make darwin-amd64
+```
+
+### Debug
+
+When use IDE to debug VelaD, you need to do several things
+
+1. Download resources needed
+
+If you want build linux version, run
+
+```shell
+VELAUX_VERSION=v1.x.y VELA_VERSION=v1.z.w make download_vela_images_addons 
+make download_k3s_bin_script 
+make download_k3s_images
+```
+
+If you want to build non-linux version, run
+
+```shell
+VELAUX_VERSION=v1.x.y VELA_VERSION=v1.z.w make download_vela_images_addons 
+make download_k3d 
+make download_k3s_images
+```
+
+`VELAUX_VERSION=v1.x.y VELA_VERSION=v1.z.w` is optional environment variables if you want to change the default version
+in makefile.
+
+2. Build VelaD
+
+If you are using macOS with intel chip, the complete build command is like:
+
+```shell
+OS=darwin ARCH=amd64 \
+go build -ldflags="-X github.com/oam-dev/velad/version.VelaVersion=v1.x.y -X github.com/oam-dev/velad/version.VelaUXVersion=v1.x.y"  \
+-o bin/velad \
+cmd/velad/main.go
+```
+
+> Ldflags can help to inject vela-core and VelaUX version. (Can be different)
+> If you are using IDE to debug, remember to add `-ldflags="-X github.com...` part to build option.
+
+### Create a pull request
+
+Before you submit a PR, run this command to ensure it is ready:
+
+```shell
+make reviewable
+```
+
+For other PR things you can check the
+document [here](https://kubevela.net/docs/contributor/code-contribute#create-a-pull-request).
--- a/docs/db-connect-format.md
+++ b/docs/db-connect-format.md
@ -0,0 +1,49 @@
+[comment]: <> (Thanks to k3s and the original version of this document is 
+https://rancher.com/docs/k3s/latest/en/installation/datastore/#datastore-endpoint-format-and-functionality)
+
+# Database endpoint format
+
+As mentioned in readme, the format of value passed to the datastore-endpoint parameter is dependent upon the datastore 
+backend. The following details this format and functionality for each supported external datastore.
+
+## PostgreSQL
+
+In its most common form, the datastore-endpoint parameter for PostgreSQL has the following format:
+
+`postgres://username:password@hostname:port/database-name`
+
+More advanced configuration parameters are available. For more information on these, please see 
+https://godoc.org/github.com/lib/pq.
+
+If you specify a database name and it does not exist, the server will attempt to create it.
+
+If you only supply `postgres://` as the endpoint, velad will attempt to do the following:
+
+- Connect to localhost using `postgres` as the username and password
+- Create a database named `kubernetes`
+
+## MySQL/MariaDB
+
+In its most common form, the datastore-endpoint parameter for MySQL and MariaDB has the following format:
+
+`mysql://username:password@tcp(hostname:3306)/database-name`
+
+More advanced configuration parameters are available. For more information on these, please see 
+https://github.com/go-sql-driver/mysql#dsn-data-source-name
+
+Note that due to a [known issue](https://github.com/rancher/k3s/issues/1093) in K3s, you cannot set the `tls` parameter. TLS communication is supported, but you cannot, for example, set this parameter to “skip-verify” to cause K3s to skip certificate verification.
+
+If you specify a database name and it does not exist, the server will attempt to create it.
+
+If you only supply `mysql://` as the endpoint, K3s will attempt to do the following:
+
+- Connect to the MySQL socket at `/var/run/mysqld/mysqld.sock` using the `root` user and no password
+- Create a database with the name `kubernetes`
+
+## etcd
+
+In its most common form, the datastore-endpoint parameter for etcd has the following format:
+
+`https://etcd-host-1:2379,https://etcd-host-2:2379,https://etcd-host-3:2379`
+
+The above assumes a typical three node etcd cluster. The parameter can accept one more comma separated etcd URLs.
--- a/docs/how-to-setup.md
+++ b/docs/how-to-setup.md
@ -0,0 +1,182 @@
+# 使用 VelaD 快速创建高可用的多集群控制平面
+
+本文将介绍如何从零开始快速创建一个多集群控制平面，并发布一个应用
+
+### 简介
+如今，在越来越多的场景下，开发者和系统运维人员开始将应用部署在多个集群中。如何管理不同集群中的应用，如何快速
+搭建一个好用的集群控制平面，成为了一个问题。
+
+下文将展示如何借助 VelaD 工具，从零开始五分钟内创建一个多集群控制平面，并发布一个应用。
+
+### 开始之前
+
+1. 准备一个 Linux 系统的机器
+2. 准备一个需要管理的子集群：以一个 kubeconfig 为 us-west 的子集群为例
+3. （可选）准备一个数据库，以MySQL为例，其他支持的数据库见[数据库支持文档](db-connect-format.md)
+
+### 下载 VelaD
+
+```shell
+curl -Lo velad.tar.gz https://kubevela-docs.oss-cn-beijing.aliyuncs.com/binary/velad/velad-linux-amd64-v1.3.1.tar.gz
+tar -xzvf velad.tar.gz
+cp linux-amd64/velad /usr/local/bin/velad
+```
+
+确认你已经安装成功：
+
+```shell
+velad version
+```
+
+### 创建多集群控制平面
+
+最简单的情况下，创建多集群控制平面，只需要一条命令：`velad install`。你还可以使用一个数据库来保证数据的更高可用性。
+
+该命令将为你在机器上创建一个单节点的 k3s 集群，并在其中安装 KubeVela。如果你还不熟悉 KubeVela，它
+是一个现代化的应用交付与管理平台，原生支持多集群应用交付。VelaD 还帮你设置好了操作该控制平面的命令行工具 vela。
+
+例子中 `--database-endpoint` 参数，用到了准备的数据库，将用户名、密码、以及数据库所在机器的IP地址替换为你的数据 ，
+以及你想要使用的数据库（以 VelaD 为例）如果使用了这个选项，你将可以将控制平面的全部数据存在其中。即使机器故障，你
+也能快速从其他机器重启控制平面。当然你也可以不使用该参数、所有的数据将存储于你的本地。
+
+```shell
+$ velad install --database-endpoint="mysql://user:password@tcp(IP:3306)/velad" 
+Preparing cluster setup script...
+Preparing k3s binary...
+Successfully place k3s binary to /usr/local/bin/k3s
+Preparing k3s images
+Successfully prepare k3s image
+Setting up cluster...
+...
+Successfully set up KubeVela control plane, run: export KUBECONFIG=$(velad kubeconfig --internal) to access it
+
+Keep the token below in case of restarting the control plane
+<TOKEN>
+```
+
+确认控制平面已经正常安装，根据 `velad install` 最后的提示：
+
+```shell
+export KUBECONFIG=$(velad kubeconfig --internal)
+vela components
+```
+
+这将列出可用的组件:
+
+```shell
+NAME            DEFINITION
+raw             autodetects.core.oam.dev
+cron-task       cronjobs.batch
+webservice      deployments.apps
+k8s-objects     autodetects.core.oam.dev
+ref-objects     autodetects.core.oam.dev
+task            jobs.batch
+worker          deployments.apps
+```
+ 
+### 连接子集群
+
+使用配套安装好的 vela 命令行工具，将子集群加入到控制平面的管控中来。
+
+```shell
+vela cluster join <your kubeconfig path>
+```
+
+子集群加入之后，你可以使用 `vela cluster list` 来查看被管控的所有集群。
+
+```shell
+$ vela cluster list
+CLUSTER                 TYPE            ENDPOINT                ACCEPTED        LABELS
+local                   Internal        -                       true                  
+cluster-us-west         X509Certificate <ENDPOINT_US_WEST>      true                  
+```
+
+### 部署多集群应用
+
+这是 KubeVela 1.3 中部署多集群应用的一个例子。 你只需要使用 topology 策略来声明要部署的集群，就可以部署多集群应用了。
+
+例如，你可以使用下面这个样例将 nginx webservice 部署在 us-west 集群中，
+
+```shell
+cat <<EOF | vela up -f -
+apiVersion: core.oam.dev/v1beta1
+kind: Application
+metadata:
+  name: basic-topology
+  namespace: examples
+spec:
+  components:
+    - name: nginx-basic
+      type: webservice
+      properties:
+        image: nginx
+      traits:
+        - type: expose
+          properties:
+            port: [80]
+  policies:
+    - name: topology-us-west-clusters
+      type: topology
+      properties:
+        clusters: ["us-west"]
+EOF
+```
+
+此时你已经成功部署了一个多集群的应用！你可以使用 `vela status` 来查看部署状态
+
+```shell
+$ vela status basic-topology -n examples
+About:
+
+  Name:         basic-topology               
+  Namespace:    examples                     
+  Created at:   2022-04-10 14:37:54 +0800 CST
+  Status:       workflowFinished             
+
+Workflow:
+
+  mode: DAG
+  finished: true
+  Suspend: false
+  Terminated: false
+  Steps
+  - id:3mvz5i8elj
+    name:deploy-topology-us-west-clusters
+    type:deploy
+    phase:succeeded 
+    message:
+
+Services:
+
+  - Name: nginx-basic  
+    Cluster: us-west  Namespace: examples
+    Type: webservice
+    Healthy Ready:1/1
+    Traits:
+      ✅ expose
+```
+
+当然你可以使用这个控制平面对多集群进行更多需求，例如：使用集群 labels 按组分发、在不同集群进行配置差异化等，你可以在 
+[KubeVela 文档](https://kubevela.io/zh/docs/case-studies/multi-cluster) 中找到这些更多用法
+
+### 进阶使用：提高控制平面的可用性
+
+上面介绍的 `velad install` 将会在你的机器中将k3s注册为服务并启动，当机器重启时，服务会自动启动。
+如果你在创建控制平面时，使用了一个数据库作为存储。那么当你遇到当出现更严重的问题或者其他情况时，你将拥有更高的数据可用性，例如：
+
+1. 机器出现物理故障，至少无法再重启
+2. 随着业务规模的提升，需要将控制平面迁移到更大规格的机器
+3. 你运行 `velad uninstall` 卸载了控制平面
+
+在你迁移控制平面的时候，不用担心子集群，其中所有的工作负载将不受任何影响，当控制平面迁移完毕，所有的子集群将自动回到管控当中
+假设你现在使用 `--database-endpoint` 参数安装了控制平面，并且希望迁移控制平面。你可以这样做：
+
+1. 在原机器上运行 `velad uninstall`
+2. 在新机器上运行 `velad install --database-endpoint=<ENDPOINT> --token=<TOKEN> --cluster-only`
+
+在新机器上运行的命令，需要使用与原机器上启动控制平面时相同的 `database-endpoint`，而且使用当时启动后，
+提示你保存的token。最后的 `--cluster-only` 参数表示仅启动，跳过 KubeVela 安装过程，因为在数据库所保存的控制平面元数据中，
+KubeVela 已经安装了，无需重复安装。
+
+以上就是本次的全部内容，感谢你的阅读和尝试。Velad 还在持续开发，下一步将支持在 Mac/Windows 上面启动
+控制平面，将给多集群管理带来更多灵活和便捷。
--- a/docs/readme-zh.md
+++ b/docs/readme-zh.md
@ -0,0 +1,63 @@
+# velad
+
+VelaD 是一个轻量级部署工具，能帮助你快速搭建 [KubeVela](https://github.com/kubevela/kubevela) 环境。
+
+使用 VelaD，能方便地搭建 KubeVela 环境，包括一个安装有 KubeVela 的集群、配套命令行工具 vela CLI、Web 控制面板 VelaUX
+
+VelaD 是上手 KubeVela 的最快方式。
+
+## 特性
+
+1. 离线搭建 KubeVela 环境。
+2. 可以连接数据库，搭建更高可用性多接点的 KubeVela 控制平面。
+3. 在一台机器上轻松体验 KubeVela 多集群特性。
+
+## 安装条件
+
+如果你的操作系统是Windows/macOS，VelaD的运行需要[Docker](https://www.docker.com/products/docker-desktop/) 。
+
+## 快速开始
+
+### 安装 VelaD
+
+- Linux/macOS
+```shell
+```shell
+curl -fsSl https://static.kubevela.net/script/install-velad.sh | bash
+```
+
+- Windows
+```shell
+powershell -Command "iwr -useb https://static.kubevela.net/script/install.ps1 | iex"
+```
+
+### 使用 VelaD 部署 KubeVela
+
+Only one command to setup KubeVela
+
+```shell
+velad install
+```
+```shell
+INFO[0000] portmapping '8080:80' targets the loadbalancer: defaulting to [servers:*:proxy agents:*:proxy] 
+Preparing K3s images...
+...(omit for brevity)
+
+🚀  Successfully install KubeVela control plane
+💻  When using gateway trait, you can access with 127.0.0.1:8080
+🔭  See available commands with `vela help`
+```
+恭喜！你已经搭建好一个 KubeVela 的环境了。在这条命令背后，VelaD启动了一个 K3s 容器（如果在 Linux 上，则是 K3s 进程），在其中安装了 vela-core，
+并在你的机器上设置了vela CLI。
+
+你可以查看这个[例子](01.simple.md)，使用 KubeVela 来部署你的第一个应用
+
+### 卸载 KubeVela
+
+```shell
+velad uninstall
+```
+
+### 更多案例
+
+查看[文档](../docs)获取更多 VelaD 的使用方法和案例。
--- a/docs/resources/01.add_trait.jpg
+++ b/docs/resources/01.add_trait.jpg
--- a/docs/resources/01.add_trait_2.jpg
+++ b/docs/resources/01.add_trait_2.jpg
--- a/docs/resources/01.add_trait_3.jpg
+++ b/docs/resources/01.add_trait_3.jpg
--- a/docs/resources/01.new_app.jpg
+++ b/docs/resources/01.new_app.jpg
--- a/docs/resources/01.new_app_2.jpg
+++ b/docs/resources/01.new_app_2.jpg
--- a/docs/resources/01.result.jpg
+++ b/docs/resources/01.result.jpg
--- a/docs/resources/02.arch.jpg
+++ b/docs/resources/02.arch.jpg
--- a/docs/resources/04.arch.png
+++ b/docs/resources/04.arch.png
--- a/docs/resources/dashbord.jpg
+++ b/docs/resources/dashbord.jpg
--- a/docs/resources/demo.gif
+++ b/docs/resources/demo.gif
--- a/download_images.sh
+++ b/download_images.sh
@ -1,15 +0,0 @@
-#!/bin/bash
-
-VELA_IMAGE_DIR=pkg/static/vela/images
-mkdir -p "$VELA_IMAGE_DIR"
-
-vela_images=("oamdev/vela-core:v1.3.0-alpha.1"
-  "oamdev/cluster-gateway:v1.1.7"
-  "oamdev/kube-webhook-certgen:v2.3")
-
-for IMG in ${vela_images[*]}; do
-	IMAGE_NAME=$(echo "$IMG" | cut -f1 -d: | cut -f2 -d/)
-  echo saving "$IMG" to "$VELA_IMAGE_DIR"/"$IMAGE_NAME".tar
-  docker pull "$IMG"
-  docker save -o "$VELA_IMAGE_DIR"/"$IMAGE_NAME".tar "$IMG"
-done
--- a/go.mod
+++ b/go.mod
@ -1,230 +1,334 @@
 module github.com/oam-dev/velad

-go 1.17
+go 1.22.0
+
+toolchain go1.22.4

 require (
-	github.com/oam-dev/kubevela v1.2.5
+	github.com/docker/docker v26.0.0+incompatible
+	github.com/docker/go-connections v0.5.0
+	github.com/fatih/color v1.16.0
+	github.com/k3d-io/k3d/v5 v5.4.7
+	github.com/oam-dev/kubevela v1.10.1
+	github.com/onsi/ginkgo v1.16.5
+	github.com/onsi/gomega v1.34.1
 	github.com/pkg/errors v0.9.1
-	github.com/spf13/cobra v1.2.1
+	github.com/spf13/cobra v1.8.0
+	github.com/stretchr/testify v1.10.0
+	github.com/tufanbarisyildirim/gonginx v0.0.0-20230104065106-9ae864d29eed
+	helm.sh/helm/v3 v3.14.4
+	k8s.io/api v0.29.2
+	k8s.io/apimachinery v0.29.2
+	k8s.io/client-go v0.29.2
+	k8s.io/klog/v2 v2.120.1
+	sigs.k8s.io/controller-runtime v0.17.6
 )

 require (
-	cloud.google.com/go v0.81.0 // indirect
-	cuelang.org/go v0.2.2 // indirect
+	github.com/ProtonMail/go-crypto v1.1.3 // indirect
+	github.com/cenkalti/backoff/v4 v4.2.1 // indirect
+	github.com/cloudflare/circl v1.3.7 // indirect
+	github.com/containerd/stargz-snapshotter/estargz v0.15.1 // indirect
+	github.com/go-git/gcfg v1.5.1-0.20230307220236-3a3c6141e376 // indirect
+	github.com/go-git/go-billy/v5 v5.6.1 // indirect
+	github.com/go-git/go-git/v5 v5.13.1 // indirect
+	github.com/go-logr/stdr v1.2.2 // indirect
+	github.com/google/cel-go v0.17.7 // indirect
+	github.com/google/go-containerregistry v0.18.0 // indirect
+	github.com/grpc-ecosystem/grpc-gateway/v2 v2.16.0 // indirect
+	github.com/invopop/yaml v0.1.0 // indirect
+	github.com/jellydator/ttlcache/v3 v3.0.1 // indirect
+	github.com/mohae/deepcopy v0.0.0-20170929034955-c48cc78d4826 // indirect
+	github.com/perimeterx/marshmallow v1.1.4 // indirect
+	github.com/pjbgf/sha1cd v0.3.0 // indirect
+	github.com/russross/blackfriday/v2 v2.1.0 // indirect
+	github.com/skeema/knownhosts v1.3.0 // indirect
+	github.com/stoewer/go-strcase v1.2.0 // indirect
+	github.com/vbatts/tar-split v0.11.5 // indirect
+	go.opentelemetry.io/otel/exporters/otlp/otlptrace v1.19.0 // indirect
+	go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracegrpc v1.19.0 // indirect
+	google.golang.org/genproto/googleapis/api v0.0.0-20240227224415-6ceb2ff114de // indirect
+	google.golang.org/genproto/googleapis/rpc v0.0.0-20240401170217-c3f982113cda // indirect
+	k8s.io/kms v0.29.3 // indirect
+)
+
+require (
+	cuelang.org/go v0.9.2 // indirect
+	dario.cat/mergo v1.0.0 // indirect
 	github.com/AlecAivazis/survey/v2 v2.1.1 // indirect
-	github.com/Azure/go-ansiterm v0.0.0-20210617225240-d185dfc1b5a1 // indirect
-	github.com/Azure/go-autorest v14.2.0+incompatible // indirect
-	github.com/Azure/go-autorest/autorest v0.11.18 // indirect
-	github.com/Azure/go-autorest/autorest/adal v0.9.13 // indirect
-	github.com/Azure/go-autorest/autorest/date v0.3.0 // indirect
-	github.com/Azure/go-autorest/logger v0.2.1 // indirect
-	github.com/Azure/go-autorest/tracing v0.6.0 // indirect
-	github.com/BurntSushi/toml v0.3.1 // indirect
-	github.com/MakeNowJust/heredoc v0.0.0-20170808103936-bb23615498cd // indirect
+	github.com/Azure/go-ansiterm v0.0.0-20230124172434-306776ec8161 // indirect
+	github.com/BurntSushi/toml v1.3.2 // indirect
+	github.com/FogDong/uitable v0.0.5 // indirect
+	github.com/MakeNowJust/heredoc v1.0.0 // indirect
 	github.com/Masterminds/goutils v1.1.1 // indirect
 	github.com/Masterminds/semver v1.5.0 // indirect
-	github.com/Masterminds/semver/v3 v3.1.1 // indirect
+	github.com/Masterminds/semver/v3 v3.2.1 // indirect
 	github.com/Masterminds/sprig v2.22.0+incompatible // indirect
-	github.com/Masterminds/sprig/v3 v3.2.2 // indirect
-	github.com/Masterminds/squirrel v1.5.0 // indirect
-	github.com/Microsoft/go-winio v0.4.16 // indirect
-	github.com/Microsoft/hcsshim v0.8.14 // indirect
-	github.com/PuerkitoBio/purell v1.1.1 // indirect
-	github.com/PuerkitoBio/urlesc v0.0.0-20170810143723-de5bf2ad4578 // indirect
-	github.com/agext/levenshtein v1.2.2 // indirect
-	github.com/alessio/shellescape v1.2.2 // indirect
+	github.com/Masterminds/sprig/v3 v3.2.3 // indirect
+	github.com/Masterminds/squirrel v1.5.4 // indirect
+	github.com/Microsoft/go-winio v0.6.1 // indirect
+	github.com/Microsoft/hcsshim v0.12.2 // indirect
+	github.com/NYTimes/gziphandler v1.1.1 // indirect
+	github.com/agext/levenshtein v1.2.3 // indirect
+	github.com/alessio/shellescape v1.4.1 // indirect
+	github.com/aliyun/alibaba-cloud-sdk-go v1.61.1704 // indirect
+	github.com/antlr/antlr4/runtime/Go/antlr/v4 v4.0.0-20230305170008-8188dc5388df // indirect
 	github.com/apparentlymart/go-textseg/v13 v13.0.0 // indirect
+	github.com/apparentlymart/go-textseg/v15 v15.0.0 // indirect
 	github.com/aryann/difflib v0.0.0-20210328193216-ff5ff6dc229b // indirect
-	github.com/asaskevich/govalidator v0.0.0-20200428143746-21a406dcc535 // indirect
+	github.com/asaskevich/govalidator v0.0.0-20230301143203-a9d515a09cc2 // indirect
 	github.com/beorn7/perks v1.0.1 // indirect
-	github.com/blang/semver v3.5.1+incompatible // indirect
-	github.com/briandowns/spinner v1.11.1 // indirect
-	github.com/cespare/xxhash/v2 v2.1.1 // indirect
-	github.com/chai2010/gettext-go v0.0.0-20160711120539-c6fed771bfd5 // indirect
-	github.com/cockroachdb/apd/v2 v2.0.1 // indirect
-	github.com/containerd/cgroups v0.0.0-20200531161412-0dbf7f05ba59 // indirect
-	github.com/containerd/containerd v1.4.12 // indirect
-	github.com/containerd/continuity v0.0.0-20201208142359-180525291bb7 // indirect
-	github.com/coreos/prometheus-operator v0.41.1 // indirect
-	github.com/crossplane/crossplane-runtime v0.14.1-0.20210722005935-0b469fcc77cd // indirect
-	github.com/cyphar/filepath-securejoin v0.2.2 // indirect
+	github.com/blang/semver/v4 v4.0.0 // indirect
+	github.com/bluele/gcache v0.0.2 // indirect
+	github.com/briandowns/spinner v1.23.0 // indirect
+	github.com/buger/jsonparser v1.1.1 // indirect
+	github.com/cespare/xxhash/v2 v2.2.0 // indirect
+	github.com/chai2010/gettext-go v1.0.2 // indirect
+	github.com/chartmuseum/helm-push v0.10.4 // indirect
+	github.com/cockroachdb/apd/v3 v3.2.1 // indirect
+	github.com/containerd/cgroups/v3 v3.0.2 // indirect
+	github.com/containerd/containerd v1.7.14 // indirect
+	github.com/containerd/errdefs v0.1.0 // indirect
+	github.com/coreos/go-semver v0.3.1 // indirect
+	github.com/coreos/go-systemd/v22 v22.5.0 // indirect
+	github.com/crossplane/crossplane-runtime v1.16.0 // indirect
+	github.com/cue-exp/kubevelafix v0.0.0-20220922150317-aead819d979d // indirect
+	github.com/cyphar/filepath-securejoin v0.3.6 // indirect
+	github.com/dave/jennifer v1.6.1 // indirect
 	github.com/davecgh/go-spew v1.1.1 // indirect
-	github.com/deckarep/golang-set v1.7.1 // indirect
-	github.com/deislabs/oras v0.11.1 // indirect
-	github.com/docker/cli v20.10.5+incompatible // indirect
-	github.com/docker/distribution v2.8.0-beta.1+incompatible // indirect
-	github.com/docker/docker v17.12.0-ce-rc1.0.20200618181300-9dc6525e6118+incompatible // indirect
-	github.com/docker/docker-credential-helpers v0.6.3 // indirect
-	github.com/docker/go-connections v0.4.0 // indirect
-	github.com/docker/go-metrics v0.0.0-20180209012529-399ea8c73916 // indirect
-	github.com/docker/go-units v0.4.0 // indirect
-	github.com/emicklei/go-restful v2.9.5+incompatible // indirect
-	github.com/emicklei/go-restful/v3 v3.0.0-rc2 // indirect
-	github.com/emirpasic/gods v1.12.0 // indirect
-	github.com/evanphx/json-patch v4.11.0+incompatible // indirect
-	github.com/evanphx/json-patch/v5 v5.1.0 // indirect
+	github.com/dimchansky/utfbom v1.1.1 // indirect
+	github.com/distribution/reference v0.5.0 // indirect
+	github.com/docker/cli v26.0.0+incompatible // indirect
+	github.com/docker/distribution v2.8.3+incompatible // indirect
+	github.com/docker/docker-credential-helpers v0.8.1 // indirect
+	github.com/docker/go v1.5.1-1.0.20160303222718-d30aec9fd63c // indirect
+	github.com/docker/go-metrics v0.0.1 // indirect
+	github.com/docker/go-units v0.5.0 // indirect
+	github.com/emicklei/go-restful/v3 v3.12.0 // indirect
+	github.com/emirpasic/gods v1.18.1 // indirect
+	github.com/ettle/strcase v0.2.0 // indirect
+	github.com/evanphx/json-patch v5.9.0+incompatible // indirect
+	github.com/evanphx/json-patch/v5 v5.8.0 // indirect
 	github.com/exponent-io/jsonpath v0.0.0-20151013193312-d6023ce2651d // indirect
 	github.com/fatih/camelcase v1.0.0 // indirect
-	github.com/fatih/color v1.12.0 // indirect
-	github.com/form3tech-oss/jwt-go v3.2.3+incompatible // indirect
-	github.com/fsnotify/fsnotify v1.5.1 // indirect
-	github.com/gertd/go-pluralize v0.1.7 // indirect
-	github.com/getkin/kin-openapi v0.34.0 // indirect
+	github.com/felixge/httpsnoop v1.0.4 // indirect
+	github.com/fluxcd/helm-controller/api v0.32.2 // indirect
+	github.com/fluxcd/pkg/apis/acl v0.0.3 // indirect
+	github.com/fluxcd/pkg/apis/kustomize v1.0.0 // indirect
+	github.com/fluxcd/pkg/apis/meta v1.0.0 // indirect
+	github.com/fluxcd/source-controller/api v0.24.4 // indirect
+	github.com/form3tech-oss/jwt-go v3.2.5+incompatible // indirect
+	github.com/fsnotify/fsnotify v1.7.0 // indirect
+	github.com/fvbommel/sortorder v1.1.0 // indirect
+	github.com/gdamore/encoding v1.0.0 // indirect
+	github.com/gdamore/tcell/v2 v2.6.0 // indirect
+	github.com/getkin/kin-openapi v0.118.0 // indirect
 	github.com/ghodss/yaml v1.0.0 // indirect
-	github.com/go-errors/errors v1.0.1 // indirect
-	github.com/go-logr/logr v0.4.0 // indirect
-	github.com/go-openapi/jsonpointer v0.19.5 // indirect
-	github.com/go-openapi/jsonreference v0.19.5 // indirect
-	github.com/go-openapi/spec v0.19.8 // indirect
-	github.com/go-openapi/swag v0.19.14 // indirect
-	github.com/go-resty/resty/v2 v2.7.0 // indirect
+	github.com/go-errors/errors v1.5.1 // indirect
+	github.com/go-gorp/gorp/v3 v3.1.0 // indirect
+	github.com/go-logr/logr v1.4.1 // indirect
+	github.com/go-openapi/jsonpointer v0.21.0 // indirect
+	github.com/go-openapi/jsonreference v0.21.0 // indirect
+	github.com/go-openapi/swag v0.23.0 // indirect
+	github.com/go-resty/resty/v2 v2.8.0 // indirect
+	github.com/go-stack/stack v1.8.1 // indirect
+	github.com/go-test/deep v1.1.0 // indirect
 	github.com/gobwas/glob v0.2.3 // indirect
 	github.com/gogo/protobuf v1.3.2 // indirect
 	github.com/golang/groupcache v0.0.0-20210331224755-41bb18bfe9da // indirect
-	github.com/golang/protobuf v1.5.2 // indirect
-	github.com/google/btree v1.0.1 // indirect
-	github.com/google/go-cmp v0.5.6 // indirect
+	github.com/golang/mock v1.6.0 // indirect
+	github.com/golang/protobuf v1.5.4 // indirect
+	github.com/goodhosts/hostsfile v0.1.1 // indirect
+	github.com/google/btree v1.1.2 // indirect
+	github.com/google/gnostic-models v0.6.9-0.20230804172637-c7be7c783f49 // indirect
+	github.com/google/go-cmp v0.6.0 // indirect
 	github.com/google/go-github/v32 v32.1.0 // indirect
-	github.com/google/go-querystring v1.0.0 // indirect
-	github.com/google/gofuzz v1.1.0 // indirect
+	github.com/google/go-querystring v1.1.0 // indirect
+	github.com/google/gofuzz v1.2.0 // indirect
+	github.com/google/safetext v0.0.0-20220905092116-b49f7bc46da2 // indirect
 	github.com/google/shlex v0.0.0-20191202100458-e7afc7fbc510 // indirect
-	github.com/google/uuid v1.1.2 // indirect
-	github.com/googleapis/gnostic v0.5.5 // indirect
-	github.com/gorilla/mux v1.8.0 // indirect
-	github.com/gosuri/uilive v0.0.4 // indirect
+	github.com/google/uuid v1.6.0 // indirect
+	github.com/gorilla/mux v1.8.1 // indirect
+	github.com/gorilla/websocket v1.5.0 // indirect
 	github.com/gosuri/uitable v0.0.4 // indirect
 	github.com/gregjones/httpcache v0.0.0-20190611155906-901d90724c79 // indirect
-	github.com/hashicorp/go-version v1.3.0 // indirect
+	github.com/grpc-ecosystem/go-grpc-prometheus v1.2.0 // indirect
+	github.com/hashicorp/errwrap v1.1.0 // indirect
+	github.com/hashicorp/go-cleanhttp v0.5.2 // indirect
+	github.com/hashicorp/go-multierror v1.1.1 // indirect
+	github.com/hashicorp/go-retryablehttp v0.7.2 // indirect
+	github.com/hashicorp/go-version v1.6.0 // indirect
 	github.com/hashicorp/hcl v1.0.0 // indirect
-	github.com/hashicorp/hcl/v2 v2.9.1 // indirect
-	github.com/huandu/xstrings v1.3.2 // indirect
-	github.com/imdario/mergo v0.3.12 // indirect
-	github.com/inconshreveable/mousetrap v1.0.0 // indirect
+	github.com/hashicorp/hcl/v2 v2.18.0 // indirect
+	github.com/huandu/xstrings v1.4.0 // indirect
+	github.com/imdario/mergo v0.3.16 // indirect
+	github.com/inconshreveable/mousetrap v1.1.0 // indirect
 	github.com/jbenet/go-context v0.0.0-20150711004518-d14ea06fba99 // indirect
-	github.com/jmoiron/sqlx v1.3.1 // indirect
+	github.com/jmespath/go-jmespath v0.4.0 // indirect
+	github.com/jmoiron/sqlx v1.3.5 // indirect
 	github.com/josharian/intern v1.0.0 // indirect
-	github.com/json-iterator/go v1.1.11 // indirect
+	github.com/json-iterator/go v1.1.12 // indirect
 	github.com/kballard/go-shellquote v0.0.0-20180428030007-95032a82bc51 // indirect
-	github.com/kevinburke/ssh_config v0.0.0-20201106050909-4977a11b4351 // indirect
+	github.com/kevinburke/ssh_config v1.2.0 // indirect
+	github.com/klauspost/compress v1.17.7 // indirect
+	github.com/kubevela/pkg v1.9.3-0.20241203070234-2cf98778c0a9 // indirect
+	github.com/kubevela/workflow v0.6.1-0.20241210074645-d8a85b26c862 // indirect
 	github.com/kyokomi/emoji v2.2.4+incompatible // indirect
 	github.com/lann/builder v0.0.0-20180802200727-47ae307949d0 // indirect
 	github.com/lann/ps v0.0.0-20150810152359-62de8c46ede0 // indirect
-	github.com/lib/pq v1.10.0 // indirect
+	github.com/lib/pq v1.10.9 // indirect
 	github.com/liggitt/tabwriter v0.0.0-20181228230101-89fcab3d43de // indirect
-	github.com/mailru/easyjson v0.7.6 // indirect
-	github.com/mattn/go-colorable v0.1.8 // indirect
-	github.com/mattn/go-isatty v0.0.12 // indirect
-	github.com/mattn/go-runewidth v0.0.9 // indirect
-	github.com/matttproud/golang_protobuf_extensions v1.0.2-0.20181231171920-c182affec369 // indirect
+	github.com/lucasb-eyer/go-colorful v1.2.0 // indirect
+	github.com/magiconair/properties v1.8.7 // indirect
+	github.com/mailru/easyjson v0.7.7 // indirect
+	github.com/mattn/go-colorable v0.1.13 // indirect
+	github.com/mattn/go-isatty v0.0.20 // indirect
+	github.com/mattn/go-runewidth v0.0.15 // indirect
+	github.com/matttproud/golang_protobuf_extensions/v2 v2.0.0 // indirect
 	github.com/mgutz/ansi v0.0.0-20170206155736-9520e82c474b // indirect
+	github.com/miekg/pkcs11 v1.1.1 // indirect
 	github.com/mitchellh/copystructure v1.2.0 // indirect
 	github.com/mitchellh/go-homedir v1.1.0 // indirect
-	github.com/mitchellh/go-wordwrap v1.0.0 // indirect
-	github.com/mitchellh/hashstructure/v2 v2.0.1 // indirect
+	github.com/mitchellh/go-wordwrap v1.0.1 // indirect
+	github.com/mitchellh/hashstructure/v2 v2.0.2 // indirect
+	github.com/mitchellh/mapstructure v1.5.0 // indirect
 	github.com/mitchellh/reflectwalk v1.0.2 // indirect
+	github.com/moby/locker v1.0.1 // indirect
 	github.com/moby/spdystream v0.2.0 // indirect
-	github.com/moby/term v0.0.0-20210610120745-9d4ed1856297 // indirect
+	github.com/moby/sys/mount v0.3.3 // indirect
+	github.com/moby/sys/mountinfo v0.6.2 // indirect
+	github.com/moby/term v0.5.0 // indirect
 	github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd // indirect
-	github.com/modern-go/reflect2 v1.0.1 // indirect
+	github.com/modern-go/reflect2 v1.0.2 // indirect
 	github.com/monochromegane/go-gitignore v0.0.0-20200626010858-205db1a8cc00 // indirect
 	github.com/morikuni/aec v1.0.0 // indirect
-	github.com/mpvl/unique v0.0.0-20150818121801-cbe035fff7de // indirect
 	github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822 // indirect
 	github.com/mxk/go-flowrate v0.0.0-20140419014527-cca7078d478f // indirect
-	github.com/oam-dev/cluster-gateway v1.1.6 // indirect
-	github.com/oam-dev/cluster-register v1.0.3 // indirect
+	github.com/nacos-group/nacos-sdk-go/v2 v2.2.2 // indirect
+	github.com/nxadm/tail v1.4.8 // indirect
+	github.com/oam-dev/cluster-gateway v1.9.1-0.20241120140625-33c8891b781c // indirect
+	github.com/oam-dev/cluster-register v1.0.4-0.20230424040021-147f7c1fefe5 // indirect
 	github.com/oam-dev/terraform-config-inspect v0.0.0-20210418082552-fc72d929aa28 // indirect
-	github.com/oam-dev/terraform-controller v0.2.12 // indirect
+	github.com/oam-dev/terraform-controller v0.8.0 // indirect
 	github.com/olekukonko/tablewriter v0.0.5 // indirect
-	github.com/onsi/gomega v1.17.0 // indirect
 	github.com/opencontainers/go-digest v1.0.0 // indirect
-	github.com/opencontainers/image-spec v1.0.2 // indirect
-	github.com/opencontainers/runc v1.0.3 // indirect
-	github.com/openkruise/kruise-api v0.9.0 // indirect
-	github.com/pelletier/go-toml v1.9.3 // indirect
+	github.com/opencontainers/image-spec v1.1.0 // indirect
+	github.com/opencontainers/runc v1.1.12 // indirect
+	github.com/openkruise/kruise-api v1.4.0 // indirect
+	github.com/openkruise/rollouts v0.3.0 // indirect
+	github.com/openshift/library-go v0.0.0-20230327085348-8477ec72b725 // indirect
+	github.com/pelletier/go-toml v1.9.5 // indirect
+	github.com/pelletier/go-toml/v2 v2.2.2 // indirect
 	github.com/peterbourgon/diskv v2.0.1+incompatible // indirect
 	github.com/pmezard/go-difflib v1.0.0 // indirect
-	github.com/prometheus/client_golang v1.11.0 // indirect
-	github.com/prometheus/client_model v0.2.0 // indirect
-	github.com/prometheus/common v0.26.0 // indirect
-	github.com/prometheus/procfs v0.6.0 // indirect
-	github.com/rubenv/sql-migrate v0.0.0-20200616145509-8d140a17f351 // indirect
-	github.com/russross/blackfriday v1.5.2 // indirect
-	github.com/sergi/go-diff v1.1.0 // indirect
-	github.com/shopspring/decimal v1.2.0 // indirect
-	github.com/sirupsen/logrus v1.8.1 // indirect
-	github.com/spf13/cast v1.3.1 // indirect
+	github.com/prometheus/client_golang v1.18.0 // indirect
+	github.com/prometheus/client_model v0.5.0 // indirect
+	github.com/prometheus/common v0.45.0 // indirect
+	github.com/prometheus/procfs v0.12.0 // indirect
+	github.com/rivo/tview v0.0.0-20221128165837-db36428c92d9 // indirect
+	github.com/rivo/uniseg v0.4.3 // indirect
+	github.com/robfig/cron/v3 v3.0.1 // indirect
+	github.com/rubenv/sql-migrate v1.5.2 // indirect
+	github.com/sergi/go-diff v1.3.2-0.20230802210424-5b0b94c5c0d3 // indirect
+	github.com/shopspring/decimal v1.3.1 // indirect
+	github.com/sirupsen/logrus v1.9.3 // indirect
+	github.com/spf13/afero v1.11.0 // indirect
+	github.com/spf13/cast v1.5.0 // indirect
+	github.com/spf13/jwalterweatherman v1.1.0 // indirect
 	github.com/spf13/pflag v1.0.5 // indirect
-	github.com/src-d/gcfg v1.4.0 // indirect
-	github.com/stretchr/testify v1.7.0 // indirect
+	github.com/spf13/viper v1.15.0 // indirect
+	github.com/subosito/gotenv v1.4.2 // indirect
+	github.com/theupdateframework/notary v0.7.0 // indirect
+	github.com/tidwall/gjson v1.14.4 // indirect
+	github.com/tidwall/match v1.1.1 // indirect
+	github.com/tidwall/pretty v1.2.0 // indirect
 	github.com/wercker/stern v0.0.0-20190705090245-4fa46dd6987f // indirect
-	github.com/wonderflow/cert-manager-api v1.0.3 // indirect
-	github.com/xanzy/ssh-agent v0.3.0 // indirect
-	github.com/xeipuuv/gojsonpointer v0.0.0-20180127040702-4e3ac2762d5f // indirect
+	github.com/xanzy/go-gitlab v0.91.1 // indirect
+	github.com/xanzy/ssh-agent v0.3.3 // indirect
+	github.com/xeipuuv/gojsonpointer v0.0.0-20190905194746-02993c407bfb // indirect
 	github.com/xeipuuv/gojsonreference v0.0.0-20180127040603-bd5ef7bd5415 // indirect
 	github.com/xeipuuv/gojsonschema v1.2.0 // indirect
-	github.com/xlab/treeprint v0.0.0-20181112141820-a009c3971eca // indirect
-	github.com/zclconf/go-cty v1.8.0 // indirect
-	go.opencensus.io v0.23.0 // indirect
-	go.starlark.net v0.0.0-20200306205701-8dd3e2ee1dd5 // indirect
-	go.uber.org/atomic v1.7.0 // indirect
-	go.uber.org/multierr v1.6.0 // indirect
-	go.uber.org/zap v1.18.1 // indirect
-	golang.org/x/crypto v0.0.0-20210711020723-a769d52b0f97 // indirect
-	golang.org/x/net v0.0.0-20211029224645-99673261e6eb // indirect
-	golang.org/x/oauth2 v0.0.0-20210402161424-2e8d93401602 // indirect
-	golang.org/x/sync v0.0.0-20210220032951-036812b2e83c // indirect
-	golang.org/x/sys v0.0.0-20210927094055-39ccf1dd6fa6 // indirect
-	golang.org/x/term v0.0.0-20210615171337-6886f2dfbf5b // indirect
-	golang.org/x/text v0.3.6 // indirect
-	golang.org/x/time v0.0.0-20210723032227-1f47c861a9ac // indirect
-	golang.org/x/xerrors v0.0.0-20200804184101-5ec99f83aff1 // indirect
-	gomodules.xyz/jsonpatch/v2 v2.2.0 // indirect
-	google.golang.org/appengine v1.6.7 // indirect
-	google.golang.org/genproto v0.0.0-20210602131652-f16073e35f0c // indirect
-	google.golang.org/grpc v1.38.0 // indirect
-	google.golang.org/protobuf v1.26.0 // indirect
+	github.com/xlab/treeprint v1.2.0 // indirect
+	github.com/zclconf/go-cty v1.13.0 // indirect
+	go.etcd.io/etcd/api/v3 v3.5.10 // indirect
+	go.etcd.io/etcd/client/pkg/v3 v3.5.10 // indirect
+	go.etcd.io/etcd/client/v3 v3.5.10 // indirect
+	go.opencensus.io v0.24.0 // indirect
+	go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc v0.45.0 // indirect
+	go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.45.0 // indirect
+	go.opentelemetry.io/otel v1.19.0 // indirect
+	go.opentelemetry.io/otel/metric v1.19.0 // indirect
+	go.opentelemetry.io/otel/sdk v1.19.0 // indirect
+	go.opentelemetry.io/otel/trace v1.19.0 // indirect
+	go.opentelemetry.io/proto/otlp v1.0.0 // indirect
+	go.starlark.net v0.0.0-20240329153429-e6e8e7ce1b7a // indirect
+	go.uber.org/automaxprocs v1.5.3 // indirect
+	go.uber.org/multierr v1.11.0 // indirect
+	go.uber.org/zap v1.26.0 // indirect
+	go4.org/intern v0.0.0-20220617035311-6925f38cc365 // indirect
+	go4.org/unsafe/assume-no-moving-gc v0.0.0-20231121144256-b99613f794b6 // indirect
+	golang.org/x/crypto v0.32.0 // indirect
+	golang.org/x/exp v0.0.0-20240719175910-8a7402abbf56 // indirect
+	golang.org/x/mod v0.19.0 // indirect
+	golang.org/x/net v0.33.0 // indirect
+	golang.org/x/oauth2 v0.20.0 // indirect
+	golang.org/x/sync v0.10.0 // indirect
+	golang.org/x/sys v0.29.0 // indirect
+	golang.org/x/term v0.28.0 // indirect
+	golang.org/x/text v0.21.0 // indirect
+	golang.org/x/time v0.5.0 // indirect
+	golang.org/x/tools v0.23.0 // indirect
+	gomodules.xyz/jsonpatch/v2 v2.4.0 // indirect
+	google.golang.org/genproto v0.0.0-20240227224415-6ceb2ff114de // indirect
+	google.golang.org/grpc v1.63.0 // indirect
+	google.golang.org/protobuf v1.34.1 // indirect
 	gopkg.in/alexcesaro/quotedprintable.v3 v3.0.0-20150716171945-2caba252f4dc // indirect
+	gopkg.in/evanphx/json-patch.v5 v5.9.0 // indirect
 	gopkg.in/gomail.v2 v2.0.0-20160411212932-81ebce5c23df // indirect
-	gopkg.in/gorp.v1 v1.7.2 // indirect
 	gopkg.in/inf.v0 v0.9.1 // indirect
-	gopkg.in/src-d/go-billy.v4 v4.3.2 // indirect
-	gopkg.in/src-d/go-git.v4 v4.13.1 // indirect
+	gopkg.in/ini.v1 v1.67.0 // indirect
+	gopkg.in/natefinch/lumberjack.v2 v2.2.1 // indirect
+	gopkg.in/tomb.v1 v1.0.0-20141024135613-dd632973f1e7 // indirect
 	gopkg.in/warnings.v0 v0.1.2 // indirect
 	gopkg.in/yaml.v2 v2.4.0 // indirect
-	gopkg.in/yaml.v3 v3.0.0-20210107192922-496545a6307b // indirect
-	helm.sh/helm/v3 v3.6.1 // indirect
-	istio.io/api v0.0.0-20210128181506-0c4b8e54850f // indirect
-	istio.io/client-go v0.0.0-20210128182905-ee2edd059e02 // indirect
-	istio.io/gogo-genproto v0.0.0-20190930162913-45029607206a // indirect
-	k8s.io/api v0.22.1 // indirect
-	k8s.io/apiextensions-apiserver v0.22.1 // indirect
-	k8s.io/apimachinery v0.22.1 // indirect
-	k8s.io/apiserver v0.22.1 // indirect
-	k8s.io/cli-runtime v0.21.0 // indirect
-	k8s.io/client-go v0.22.1 // indirect
-	k8s.io/component-base v0.22.1 // indirect
+	gopkg.in/yaml.v3 v3.0.1 // indirect
+	inet.af/netaddr v0.0.0-20220811202034-502d2d690317 // indirect
+	k8s.io/apiextensions-apiserver v0.29.2 // indirect
+	k8s.io/apiserver v0.29.2 // indirect
+	k8s.io/cli-runtime v0.29.2 // indirect
+	k8s.io/component-base v0.29.2 // indirect
+	k8s.io/helm v2.17.0+incompatible // indirect
 	k8s.io/klog v1.0.0 // indirect
-	k8s.io/klog/v2 v2.9.0 // indirect
-	k8s.io/kube-aggregator v0.22.1 // indirect
-	k8s.io/kube-openapi v0.0.0-20210421082810-95288971da7e // indirect
-	k8s.io/kubectl v0.21.0 // indirect
-	k8s.io/utils v0.0.0-20210802155522-efc7438f0176 // indirect
-	open-cluster-management.io/api v0.0.0-20210804091127-340467ff6239 // indirect
-	sigs.k8s.io/apiserver-network-proxy v0.0.24 // indirect
-	sigs.k8s.io/apiserver-network-proxy/konnectivity-client v0.0.24 // indirect
-	sigs.k8s.io/apiserver-runtime v1.0.3-0.20210913073608-0663f60bfee2 // indirect
-	sigs.k8s.io/controller-runtime v0.9.5 // indirect
-	sigs.k8s.io/kind v0.9.0 // indirect
-	sigs.k8s.io/kustomize/api v0.8.5 // indirect
-	sigs.k8s.io/kustomize/kyaml v0.10.15 // indirect
-	sigs.k8s.io/structured-merge-diff/v4 v4.1.2 // indirect
-	sigs.k8s.io/yaml v1.2.0 // indirect
+	k8s.io/kube-aggregator v0.27.2 // indirect
+	k8s.io/kube-openapi v0.0.0-20240403164606-bc84c2ddaf99 // indirect
+	k8s.io/kubectl v0.29.2 // indirect
+	k8s.io/metrics v0.29.2 // indirect
+	k8s.io/utils v0.0.0-20240310230437-4693a0247e57 // indirect
+	open-cluster-management.io/api v0.11.0 // indirect
+	oras.land/oras-go v1.2.5 // indirect
+	sigs.k8s.io/apiserver-network-proxy v0.0.30 // indirect
+	sigs.k8s.io/apiserver-network-proxy/konnectivity-client v0.28.0 // indirect
+	sigs.k8s.io/apiserver-runtime v1.1.2-0.20221118041430-0a6394f6dda3 // indirect
+	sigs.k8s.io/gateway-api v0.7.1 // indirect
+	sigs.k8s.io/json v0.0.0-20221116044647-bc3834ca7abd // indirect
+	sigs.k8s.io/kind v0.20.0 // indirect
+	sigs.k8s.io/kustomize/api v0.16.0 // indirect
+	sigs.k8s.io/kustomize/kyaml v0.16.0 // indirect
+	sigs.k8s.io/structured-merge-diff/v4 v4.4.1 // indirect
+	sigs.k8s.io/yaml v1.4.0 // indirect
 )

 replace (
+	cuelang.org/go => cuelang.org/go v0.9.2
 	github.com/docker/cli => github.com/docker/cli v20.10.9+incompatible
-	github.com/docker/docker => github.com/moby/moby v17.12.0-ce-rc1.0.20200618181300-9dc6525e6118+incompatible
+	github.com/docker/docker => github.com/moby/moby v20.10.25+incompatible
+	github.com/google/certificate-transparency-go => github.com/google/certificate-transparency-go v1.1.3
+	github.com/k3d-io/k3d/v5 => github.com/chivalryq/k3d/v5 v5.0.0-20230115105251-1b3833ce38cc
 	github.com/wercker/stern => github.com/oam-dev/stern v1.13.2
-	sigs.k8s.io/apiserver-network-proxy/konnectivity-client => sigs.k8s.io/apiserver-network-proxy/konnectivity-client v0.0.24
+	go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc => go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc v0.42.0
+	google.golang.org/grpc => google.golang.org/grpc v1.53.0
+	oras.land/oras-go => oras.land/oras-go v1.2.2
+	sigs.k8s.io/apiserver-runtime => github.com/kmodules/apiserver-runtime v1.1.2-0.20240303184316-6365e03bf9ac
 )
+
+replace github.com/containerd/containerd => github.com/containerd/containerd v1.6.18
--- a/go.sum
+++ b/go.sum
--- a/hack/download_addons.sh
+++ b/hack/download_addons.sh
@ -0,0 +1,24 @@
+#!/bin/bash
+
+set -e
+
+VELA_ADDON_DIR=pkg/resources/static/vela/addons
+rm -rf "$VELA_ADDON_DIR"
+mkdir -p "$VELA_ADDON_DIR"
+
+if [ -z "$1" ]; then
+  echo "No addon(VelaUX) version specified, exiting"
+  exit 1
+elif [[ $1 == v* ]]; then
+  velaux_version=$1
+else
+  velaux_version=v$1
+fi
+
+echo "downloading addons"
+
+addons=("velaux-$velaux_version.tgz")
+for addon in ${addons[*]}; do
+  echo saving "$addon" to "$VELA_ADDON_DIR"/"$addon"
+  curl -L "https://kubevela.github.io/catalog/official/$addon" -o "$VELA_ADDON_DIR"/"$addon"
+done
--- a/hack/download_k3d_images.sh
+++ b/hack/download_k3d_images.sh
@ -0,0 +1,34 @@
+#!/bin/bash
+
+set -e
+set -x
+
+K3D_IMAGE_DIR=pkg/resources/static/k3d/images
+mkdir -p "$K3D_IMAGE_DIR"
+
+ARCH=$1
+
+function download_k3d_images() {
+  k3d_images=(
+  "$(cat pkg/apis/types.go| grep "K3dImageK3s" |tail -n1 | cut -f2 -d'"')"
+  "$(cat pkg/apis/types.go| grep "K3dImageTools" |tail -n1 | cut -f2 -d'"')"
+  "$(cat pkg/apis/types.go| grep "K3dImageProxy" |tail -n1 | cut -f2 -d'"')"
+  )
+
+  for IMG in ${k3d_images[*]}; do
+    IMAGE_NAME=$(echo "$IMG" | cut -f1 -d: | awk -F '/' '{print $NF}')
+    echo saving "$IMG" to "$K3D_IMAGE_DIR"/"$IMAGE_NAME".tar
+    $DOCKER_PULL "$IMG"
+    docker save -o "$K3D_IMAGE_DIR"/"$IMAGE_NAME".tar "$IMG"
+    gzip -f "$K3D_IMAGE_DIR"/"$IMAGE_NAME".tar
+  done
+}
+
+function determine_pull_command() {
+  DOCKER_PULL="docker pull --platform=linux/amd64"
+  if [ "$1" == "arm64" ]; then
+      DOCKER_PULL="docker pull --platform=linux/arm64"
+  fi
+}
+determine_pull_command "$ARCH"
+download_k3d_images
--- a/hack/download_vela_images.sh
+++ b/hack/download_vela_images.sh
@ -0,0 +1,72 @@
+#!/bin/bash
+
+set -e
+set -x
+
+VELA_IMAGE_DIR=pkg/resources/static/vela/images
+rm -rf "$VELA_IMAGE_DIR"
+mkdir -p "$VELA_IMAGE_DIR"
+
+if [ -z "$1" ]; then
+  echo "No kubevela version specified, exiting"
+  exit 1
+elif [[ $1 == v* ]]; then
+  vela_version=$1
+else
+  vela_version=v$1
+fi
+
+if [ -z "$2" ]; then
+  echo "No VelaUX version specified, exiting"
+  exit 1
+elif [[ $2 == v* ]]; then
+  velaux_version=$2
+else
+  velaux_version=v$2
+fi
+
+# optional, amd64 if not set
+ARCH=$3
+
+function set_cluster_gateway_version() {
+    cluster_gateway_version=UNKNOWN
+    image_tag=$(cat pkg/resources/static/vela/charts/vela-core/values.yaml | grep -A 1 oamdev/cluster-gateway | grep tag)
+    cluster_gateway_version=$(echo $image_tag| cut -f2 -d:|xargs)
+    echo "cluster-gateway image version detected:" $cluster_gateway_version
+}
+
+function set_certgen_version() {
+    certgen_version=UNKNOWN
+    image_tag=$(cat pkg/resources/static/vela/charts/vela-core/values.yaml | grep -A 1 oamdev/kube-webhook-certgen | grep tag)
+    certgen_version=$(echo $image_tag| cut -f2 -d:|xargs)
+    echo "kube-webhook-certgen image version detected:" $certgen_version
+}
+
+function download_images() {
+  vela_images=("oamdev/vela-core:${vela_version}"
+    "oamdev/cluster-gateway:${cluster_gateway_version}"
+    "oamdev/kube-webhook-certgen:${certgen_version}"
+    "oamdev/velaux:${velaux_version}")
+
+  for IMG in ${vela_images[*]};
+    do
+      IMAGE_NAME=$(echo "$IMG" | cut -f1 -d: | cut -f2 -d/)
+      echo saving "$IMG" to "$VELA_IMAGE_DIR"/"$IMAGE_NAME".tar.gz
+      $DOCKER_PULL "$IMG"
+      docker save -o "$VELA_IMAGE_DIR"/"$IMAGE_NAME".tar "$IMG"
+      gzip -f "$VELA_IMAGE_DIR"/"$IMAGE_NAME".tar
+    done
+}
+
+function determine_pull_command() {
+  DOCKER_PULL="docker pull --platform=linux/amd64"
+  if [ "$1" == "arm64" ]; then
+      DOCKER_PULL="docker pull --platform=linux/arm64"
+  fi
+}
+
+
+determine_pull_command "$ARCH"
+set_cluster_gateway_version
+set_certgen_version
+download_images
--- a/hack/install-velad.ps1
+++ b/hack/install-velad.ps1
@ -0,0 +1,98 @@
+# Implemented based on Dapr Cli https://github.com/dapr/cli/tree/master/install
+
+param (
+    [string]$Version,
+    [string]$VelaRoot = "c:\vela"
+)
+
+Write-Output ""
+$ErrorActionPreference = 'stop'
+
+#Escape space of VelaRoot path
+$VelaRoot = $VelaRoot -replace ' ', '` '
+
+# Constants
+$VelaDBuildName = "velad"
+$VelaDFileName = "velad.exe"
+$VelaDFilePath = "${VelaRoot}\${VelaDFileName}"
+$RemoteURL = "https://static.kubevela.net/binary/velad"
+
+if ((Get-ExecutionPolicy) -gt 'RemoteSigned' -or (Get-ExecutionPolicy) -eq 'ByPass') {
+    Write-Output "PowerShell requires an execution policy of 'RemoteSigned'."
+    Write-Output "To make this change please run:"
+    Write-Output "'Set-ExecutionPolicy RemoteSigned -scope CurrentUser'"
+    break
+}
+
+# Change security protocol to support TLS 1.2 / 1.1 / 1.0 - old powershell uses TLS 1.0 as a default protocol
+[Net.ServicePointManager]::SecurityProtocol = "tls12, tls11, tls"
+
+# Check if VelaD is installed.
+if (Test-Path $VelaDFilePath -PathType Leaf) {
+    Write-Warning "velad is detected - $VelaDFilePath"
+    Invoke-Expression "$VelaDFilePath version"
+    Write-Output "Reinstalling VelaD..."
+}
+else {
+    Write-Output "Installing VelaD..."
+}
+
+# Create Vela Directory
+Write-Output "Creating $VelaRoot directory"
+New-Item -ErrorAction Ignore -Path $VelaRoot -ItemType "directory"
+if (!(Test-Path $VelaRoot -PathType Container)) {
+    throw "Cannot create $VelaRoot"
+}
+
+# Filter windows binary and download archive
+$os_arch = "windows-amd64"
+$vela_cli_filename = "vela"
+if (!$Version) {
+    $Version = Invoke-RestMethod -Headers $githubHeader -Uri "${RemoteURL}/latest_version" -Method Get
+    $Version = $Version.Trim()
+}
+if (!$Version.startswith("v")) {
+    $Version = "v" + $Version
+}
+
+$assetName = "${vela_cli_filename}-${os_arch}-${Version}.zip"
+$zipFileUrl = "${RemoteURL}/${Version}/${assetName}"
+
+$zipFilePath = $VelaRoot + "\" + $assetName
+Write-Output "Downloading $zipFileUrl ..."
+
+Invoke-WebRequest -Uri $zipFileUrl -OutFile $zipFilePath
+if (!(Test-Path $zipFilePath -PathType Leaf)) {
+    throw "Failed to download Vela Cli binary - $zipFilePath"
+}
+
+# Extract VelaD CLI to $VelaRoot
+Write-Output "Extracting $zipFilePath..."
+Microsoft.Powershell.Archive\Expand-Archive -Force -Path $zipFilePath -DestinationPath $VelaRoot
+$ExtractedVelaDFilePath = "${VelaRoot}\${os_arch}\${VelaDBuildName}"
+Copy-Item $ExtractedVelaDFilePath -Destination $VelaDFilePath
+if (!(Test-Path $VelaDFilePath -PathType Leaf)) {
+    throw "Failed to extract VelaD archive - $zipFilePath"
+}
+
+# Check the VelaD version
+Invoke-Expression "$VelaDFilePath version"
+
+# Clean up zipfile
+Write-Output "Clean up $zipFilePath..."
+Remove-Item $zipFilePath -Force
+
+# Add VelaRoot directory to User Path environment variable
+Write-Output "Try to add $VelaRoot to User Path Environment variable..."
+$UserPathEnvironmentVar = [Environment]::GetEnvironmentVariable("PATH", "User")
+if ($UserPathEnvironmentVar -like '*vela*') {
+    Write-Output "Skipping to add $VelaRoot to User Path - $UserPathEnvironmentVar"
+}
+else {
+    [System.Environment]::SetEnvironmentVariable("PATH", $UserPathEnvironmentVar + ";$VelaRoot", "User")
+    $UserPathEnvironmentVar = [Environment]::GetEnvironmentVariable("PATH", "User")
+    Write-Output "Added $VelaRoot to User Path - $UserPathEnvironmentVar"
+}
+
+Write-Output "`r`VelaD is installed successfully."
+Write-Output "To get started with KubeVela and VelaD, please visit https://kubevela.io."
--- a/hack/install-velad.sh
+++ b/hack/install-velad.sh
@ -0,0 +1,189 @@
+#!/usr/bin/env bash
+
+# Implemented based on Dapr Cli https://github.com/dapr/cli/tree/master/install
+
+# VelaD location
+: ${VELAD_INSTALL_DIR:="/usr/local/bin"}
+
+# sudo is required to copy binary to VELAD_INSTALL_DIR for linux
+: ${USE_SUDO:="false"}
+
+# Http request CLI
+VELAD_HTTP_REQUEST_CLI=curl
+
+# VelaD filename
+VELAD_CLI_FILENAME=velad
+
+VELAD_CLI_FILE="${VELAD_INSTALL_DIR}/${VELAD_CLI_FILENAME}"
+
+DOWNLOAD_BASE="https://static.kubevela.net/binary/velad"
+
+getSystemInfo() {
+    ARCH=$(uname -m)
+    case $ARCH in
+        armv7*) ARCH="arm";;
+        aarch64) ARCH="arm64";;
+        x86_64) ARCH="amd64";;
+    esac
+
+    OS=$(echo `uname`|tr '[:upper:]' '[:lower:]')
+
+    # Most linux distro needs root permission to copy the file to /usr/local/bin
+    if [ "$OS" == "linux" ] || [ "$OS" == "darwin" ]; then
+        if [ "$VELAD_INSTALL_DIR" == "/usr/local/bin" ]; then
+            USE_SUDO="true"
+        fi
+    fi
+}
+
+verifySupported() {
+    local supported=(darwin-amd64 linux-amd64 linux-arm64 darwin-arm64)
+    local current_osarch="${OS}-${ARCH}"
+
+    for osarch in "${supported[@]}"; do
+        if [ "$osarch" == "$current_osarch" ]; then
+            echo "Your system is ${OS}_${ARCH}"
+            return
+        fi
+    done
+
+    echo "No prebuilt binary for ${current_osarch}"
+    exit 1
+}
+
+runAsRoot() {
+    local CMD="$*"
+
+    if [ $EUID -ne 0 -a $USE_SUDO = "true" ]; then
+        CMD="sudo $CMD"
+    fi
+
+    $CMD
+}
+
+checkHttpRequestCLI() {
+    if type "curl" > /dev/null; then
+        VELAD_HTTP_REQUEST_CLI=curl
+    elif type "wget" > /dev/null; then
+        VELAD_HTTP_REQUEST_CLI=wget
+    else
+        echo "Either curl or wget is required"
+        exit 1
+    fi
+}
+
+checkExistingVelaD() {
+    if [ -f "$VELAD_CLI_FILE" ]; then
+        echo -e "\nVelaD is detected:"
+        $VELAD_CLI_FILE version
+        echo -e "Reinstalling VelaD - ${VELAD_CLI_FILE}...\n"
+    else
+        echo -e "Installing VelaD ...\n"
+    fi
+}
+
+getLatestRelease() {
+    local velaReleaseUrl="${DOWNLOAD_BASE}/latest_version"
+    local latest_release=""
+
+    if [ "$VELAD_HTTP_REQUEST_CLI" == "curl" ]; then
+        latest_release=$(curl -s $velaReleaseUrl)
+    else
+        latest_release=$(wget -q -O - $velaReleaseUrl)
+    fi
+
+    ret_val=$latest_release
+}
+
+downloadFile() {
+    LATEST_RELEASE_TAG=$1
+
+    VELA_CLI_ARTIFACT="${VELAD_CLI_FILENAME}-${OS}-${ARCH}-${LATEST_RELEASE_TAG}.tar.gz"
+    # convert `-` to `_` to let it work
+    DOWNLOAD_URL="${DOWNLOAD_BASE}/${LATEST_RELEASE_TAG}/${VELA_CLI_ARTIFACT}"
+
+    # Create the temp directory
+    VELAD_TMP_ROOT=$(mktemp -dt velad-install-XXXXXX)
+    ARTIFACT_TMP_FILE="$VELAD_TMP_ROOT/$VELA_CLI_ARTIFACT"
+
+    echo "Downloading $DOWNLOAD_URL ..."
+    if [ "$VELAD_HTTP_REQUEST_CLI" == "curl" ]; then
+        curl -SL "$DOWNLOAD_URL" -o "$ARTIFACT_TMP_FILE"
+    else
+        wget -O "$ARTIFACT_TMP_FILE" "$DOWNLOAD_URL"
+    fi
+
+    if [ ! -f "$ARTIFACT_TMP_FILE" ]; then
+        echo "failed to download $DOWNLOAD_URL ..."
+        exit 1
+    fi
+}
+
+installFile() {
+    tar xf "$ARTIFACT_TMP_FILE" -C "$VELAD_TMP_ROOT"
+    local tmp_root_velad="$VELAD_TMP_ROOT/${OS}-${ARCH}/$VELAD_CLI_FILENAME"
+
+    if [ ! -f "$tmp_root_velad" ]; then
+        echo "Failed to unpack VelaD executable."
+        exit 1
+    fi
+
+    chmod o+x "$tmp_root_velad"
+    runAsRoot cp "$tmp_root_velad" "$VELAD_INSTALL_DIR"
+
+    if [ $? -eq 0 ] && [ -f "$VELAD_CLI_FILE" ]; then
+        echo "VelaD installed into $VELAD_INSTALL_DIR/$VELAD_CLI_FILENAME successfully."
+        echo ""
+        $VELAD_CLI_FILE version
+    else
+        echo "Failed to install $VELAD_CLI_FILENAME"
+        exit 1
+    fi
+}
+
+fail_trap() {
+    result=$?
+    if [ "$result" != "0" ]; then
+        echo "Failed to install VelaD"
+        echo "Go to https://kubevela.io for more support."
+    fi
+    cleanup
+    exit $result
+}
+
+cleanup() {
+    if [[ -d "${VELAD_TMP_ROOT:-}" ]]; then
+        rm -rf "$VELAD_TMP_ROOT"
+    fi
+}
+
+installCompleted() {
+    echo -e "\nFor more information on how to started, please visit:"
+    echo -e "  https://kubevela.io"
+}
+
+# -----------------------------------------------------------------------------
+# main
+# -----------------------------------------------------------------------------
+trap "fail_trap" EXIT
+
+getSystemInfo
+verifySupported
+checkExistingVelaD
+checkHttpRequestCLI
+
+
+if [ -z "$1" ]; then
+    echo "Getting the latest VelaD..."
+    getLatestRelease
+elif [[ $1 == v* ]]; then
+    ret_val=$1
+else
+    ret_val=v$1
+fi
+
+downloadFile $ret_val
+installFile
+cleanup
+
+installCompleted
--- a/hack/upgrade_vela.sh
+++ b/hack/upgrade_vela.sh
@ -0,0 +1,41 @@
+#! /bin/bash
+
+# This script is for upgrade kubevela helm charts maintained in velad repo
+# Chart in this repo have one more argument(deployByPod) than that in kubevela repo.
+
+# usage: ./hack/upgrade_vela.sh version_upgrade_to
+# e.g. ./hack/upgrade_vela.sh v1.3.4
+
+set -e
+
+[ $# = 1 ] || { echo "Usage: "$0" version_to" >&2; exit 1; }
+
+VERSION_NOW=$(cat Makefile |grep "VELA_VERSION ?=" |grep -o "v.*")
+VERSION_TO=$1
+PATCH_FILE_NAME=$VERSION_NOW-$VERSION_TO.patch
+WORKDIR=pkg/resources/static/vela
+
+echo "Upgrading KubeVela version From: "$VERSION_NOW" --> TO: "$VERSION_TO
+
+echo "Upgrading go.mod version..."
+
+
+if [ "$(uname)" == "Darwin" ]; then
+    # macOS
+    sed -i "" -e "s/github.com\/oam-dev\/kubevela v.*/github.com\/oam-dev\/kubevela $VERSION_TO/g" go.mod
+else
+    # Linux
+    sed -i -e "s/github.com\/oam-dev\/kubevela v.*/github.com\/oam-dev\/kubevela $VERSION_TO/g" go.mod
+fi
+
+go mod tidy
+
+echo "Upgrading version variable in Makefile"
+
+if [ "$(uname)" == "Darwin" ]; then
+    # macOS
+    sed -i "" -e "s/VELA_VERSION ?= v.*/VELA_VERSION ?= $VERSION_TO/g" Makefile
+else
+     # Linux
+    sed -i -e "s/VELA_VERSION ?= v.*/VELA_VERSION ?= $VERSION_TO/g" Makefile
+fi
--- a/hack/upgrade_velaux.sh
+++ b/hack/upgrade_velaux.sh
@ -0,0 +1,47 @@
+#! /bin/bash
+
+# This script is for upgrade VelaUX
+
+set -e
+
+# If one parameter is passed, use it as the version to upgrade to.
+# If two parameters are passed, use the second one as VelaUX image version. Sometimes, we skip the VelaUX image, only upgrade the VelaUX addon.
+
+if [ $# = 1 ]; then
+    VERSION_TO=$1
+    IMAGE_VERSION=$1
+elif [ $# = 2 ]; then
+    VERSION_TO=$1
+    IMAGE_VERSION=$2
+else
+    echo "Usage: "$0" version_to [image_version]" >&2
+    exit 1
+fi
+
+VERION_TO=$1
+IMAGE_VERSION=$2
+
+
+VERSION_NOW=$(cat Makefile |grep "VELAUX_VERSION ?=" |grep -o "v.*")
+
+
+PATCH_FILE_NAME=$VERSION_NOW-$VERSION_TO.patch
+WORKDIR=pkg/resources/static/vela
+
+echo "Upgrading VelaUX version From: "$VERSION_NOW" --> TO: "$VERSION_TO,
+if [ -n "$IMAGE_VERSION" ]; then
+    echo "Upgrading VelaUX image version to: ""$IMAGE_VERSION"
+else
+    echo "VelaUX image version is the same as VelaUX addon version"
+    IMAGE_VERSION=$VERSION_TO
+fi
+
+if [ "$(uname)" == "Darwin" ]; then
+    # macOS
+    sed -i "" -e "s/VELAUX_VERSION ?= v.*/VELAUX_VERSION ?= $VERSION_TO/g" Makefile
+    sed -i "" -e "s/VELAUX_IMAGE_VERSION ?= .*/VELAUX_IMAGE_VERSION ?= $IMAGE_VERSION/g" Makefile
+else
+    # Linux
+    sed -i -e "s/VELAUX_VERSION ?= v.*/VELAUX_VERSION ?= $VERSION_TO/g" Makefile
+    sed -i -e "s/VELAUX_IMAGE_VERSION ?= .*/VELAUX_IMAGE_VERSION ?= $IMAGE_VERSION/g" Makefile
+fi
--- a/makefiles/dependency.mk
+++ b/makefiles/dependency.mk
@ -0,0 +1,52 @@
+# Get the currently used golang install path (in GOPATH/bin, unless GOBIN is set)
+ifeq (,$(shell go env GOBIN))
+GOBIN=$(shell go env GOPATH)/bin
+else
+GOBIN=$(shell go env GOBIN)
+endif
+
+
+GOLANGCILINT_VERSION ?= v1.54.2
+
+.PHONY: golangci
+golangci:
+ifneq ($(shell which golangci-lint),)
+	echo golangci-lint is already installed
+GOLANGCILINT=$(shell which golangci-lint)
+else ifeq (, $(shell which $(GOBIN)/golangci-lint))
+	@{ \
+	set -e ;\
+	echo 'installing golangci-lint-$(GOLANGCILINT_VERSION)' ;\
+	curl -sSfL https://raw.githubusercontent.com/golangci/golangci-lint/master/install.sh | sh -s -- -b $(GOBIN) $(GOLANGCILINT_VERSION) ;\
+	echo 'Successfully installed' ;\
+	}
+GOLANGCILINT=$(GOBIN)/golangci-lint
+else
+	echo golangci-lint is already installed
+GOLANGCILINT=$(GOBIN)/golangci-lint
+endif
+
+.PHONY: staticchecktool
+staticchecktool:
+ifeq (, $(shell which staticcheck))
+	@{ \
+	set -e ;\
+	echo 'installing honnef.co/go/tools/cmd/staticcheck ' ;\
+	go install honnef.co/go/tools/cmd/staticcheck@v0.5.1 ;\
+	}
+STATICCHECK=$(GOBIN)/staticcheck
+else
+STATICCHECK=$(shell which staticcheck)
+endif
+
+.PHONY: goimports
+goimports:
+ifeq (, $(shell which goimports))
+	@{ \
+	set -e ;\
+	go install golang.org/x/tools/cmd/goimports@latest ;\
+	}
+GOIMPORTS=$(GOBIN)/goimports
+else
+GOIMPORTS=$(shell which goimports)
+endif
--- a/pkg/apis/types.go
+++ b/pkg/apis/types.go
@ -0,0 +1,156 @@
+package apis
+
+import (
+	"github.com/oam-dev/kubevela/pkg/utils/common"
+	cmdutil "github.com/oam-dev/kubevela/pkg/utils/util"
+	"github.com/oam-dev/kubevela/references/cli"
+)
+
+// InstallArgs defines arguments for velad install command
+type InstallArgs struct {
+	BindIP       string
+	NodePublicIP string
+	MasterIP     string
+	DBEndpoint   string
+	ClusterOnly  bool
+	Token        string
+	Controllers  string
+	// InstallArgs is parameters passed to vela install command
+	InstallArgs cli.InstallArgs
+	Name        string
+	DryRun      bool
+	Worker      bool
+}
+
+// UninstallArgs defines arguments for velad uninstall command
+type UninstallArgs struct {
+	Name string
+}
+
+// KubeconfigArgs defines arguments for velad kubeconfig command
+type KubeconfigArgs struct {
+	Internal bool
+	External bool
+	Host     bool
+	Name     string
+}
+
+// TokenArgs defines arguments for velad token command
+type TokenArgs struct {
+	Name string
+}
+
+// JoinArgs defines arguments for velad join command
+type JoinArgs struct {
+	Token    string
+	Name     string
+	MasterIP string
+	DryRun   bool
+}
+
+// LoadBalancerArgs defines arguments for load balancer command
+type LoadBalancerArgs struct {
+	Hosts         []string
+	Configuration string
+	PortHTTP      int
+	PortHTTPS     int
+}
+
+// ControlPlaneStatus defines the status of control plane
+type ControlPlaneStatus struct {
+	Clusters []ClusterStatus
+	Vela     VelaStatus
+}
+
+// ClusterStatus defines the status of cluster, including k3s/k3d
+type ClusterStatus struct {
+	// K3dImages only works for non-linux
+	K3dImages
+	K3s K3sStatus
+	K3d K3dStatus
+}
+
+// K3sStatus defines the status of k3s
+type K3sStatus struct {
+	K3sBinary        bool
+	K3sServiceStatus string
+	VelaStatus       string
+	Reason           string
+}
+
+// K3dStatus defines the status of k3d
+type K3dStatus struct {
+	Reason       string
+	K3dContainer []K3dContainer
+}
+
+// K3dContainer defines the status of one k3d cluster
+type K3dContainer struct {
+	Name       string
+	Running    bool
+	VelaStatus string
+	Reason     string
+}
+
+// K3dImages defines the status of k3d images
+type K3dImages struct {
+	K3s      bool
+	K3dTools bool
+	K3dProxy bool
+	Reason   string
+}
+
+// VelaStatus is the status of vela in host machine
+type VelaStatus struct {
+	VelaUXAddonDirPresent bool
+	VelaUXAddonDirPath    string
+	VelaCLIInstalled      bool
+	VelaCLIPath           string
+	Reason                string
+}
+
+// Context keep some context for install progress
+type Context struct {
+	DryRun        bool
+	IOStreams     cmdutil.IOStreams
+	CommonArgs    common.Args
+	VelaChartPath string
+}
+
+var (
+	// K3sTokenPath is the path to k3s token
+	K3sTokenPath = "/var/lib/rancher/k3s/server/token"
+	// K3sKubeConfigLocation is default path of k3s kubeconfig
+	K3sKubeConfigLocation = "/etc/rancher/k3s/k3s.yaml"
+	// K3sExternalKubeConfigLocation is where to generate kubeconfig for external access
+	K3sExternalKubeConfigLocation = "/etc/rancher/k3s/k3s-external.yaml"
+	// VelaLinkPos is path to save vela symlink in linux/macos
+	VelaLinkPos = "/usr/local/bin/vela"
+	// VelaDDockerNetwork is docker network for k3d cluster when `velad install`
+	// all cluster will be created in this network, so they can communicate with each other
+	VelaDDockerNetwork = "k3d-velad"
+
+	// K3dImageK3s is k3s image tag
+	K3dImageK3s = "rancher/k3s:v1.29.13-k3s1"
+	// K3dImageTools is k3d tools image tag
+	K3dImageTools = "ghcr.io/k3d-io/k3d-tools:latest"
+	// K3dImageProxy is k3d proxy image tag
+	K3dImageProxy = "ghcr.io/k3d-io/k3d-proxy:5.5.1"
+
+	// KubeVelaHelmRelease is helm release name for vela
+	KubeVelaHelmRelease = "kubevela"
+	// StatusVelaNotInstalled is status for kubevela helm chart not installed
+	StatusVelaNotInstalled = "not installed"
+	// StatusVelaDeployed is success status for kubevela helm chart deployed
+	StatusVelaDeployed = "deployed"
+
+	// DefaultVelaDClusterName is default cluster name for velad install/token/kubeconfig/uninstall
+	DefaultVelaDClusterName = "default"
+
+	// GoosLinux is os.GOOS linux string
+	GoosLinux = "linux"
+	// GoosDarwin is os.GOOS darwin string
+	GoosDarwin = "darwin"
+	// GoosWindows is os.GOOS windows string
+	GoosWindows = "windows"
+)
--- a/pkg/apis/validate.go
+++ b/pkg/apis/validate.go
@ -0,0 +1,58 @@
+package apis
+
+import (
+	"runtime"
+
+	"github.com/pkg/errors"
+)
+
+var newErr = errors.New
+
+// Validate validates the `install` argument
+func (a *InstallArgs) Validate() error {
+	if a.NodePublicIP != "" && a.BindIP == "" {
+		a.BindIP = a.NodePublicIP
+	}
+	return nil
+}
+
+// Validate validates the `kubeconfig` argument
+func (a KubeconfigArgs) Validate() error {
+	if runtime.GOOS == GoosLinux {
+		if a.Name != DefaultVelaDClusterName {
+			return newErr("name flag not works in linux")
+		}
+		if a.Internal {
+			return newErr("internal flag not work in linux")
+		}
+	}
+	return nil
+}
+
+// Validate validates the uninstall arguments
+func (a UninstallArgs) Validate() error {
+	if runtime.GOOS == GoosLinux {
+		if a.Name != DefaultVelaDClusterName {
+			return newErr("name flag not works in linux")
+		}
+	}
+	return nil
+}
+
+// Validate validates the token arguments
+func (a TokenArgs) Validate() error {
+	if runtime.GOOS == GoosLinux {
+		if a.Name != DefaultVelaDClusterName {
+			return newErr("name flag not works in linux")
+		}
+	}
+	return nil
+}
+
+// Validate validates the join arguments
+func (a JoinArgs) Validate() error {
+	if runtime.GOOS != GoosLinux {
+		return newErr("join command only works in linux")
+	}
+	return nil
+}
--- a/pkg/cluster/common.go
+++ b/pkg/cluster/common.go
@ -0,0 +1,29 @@
+package cluster
+
+import (
+	"github.com/oam-dev/velad/pkg/apis"
+)
+
+// GetK3sServerArgs convert install args to ones passed to k3s server
+func GetK3sServerArgs(args apis.InstallArgs) []string {
+	var serverArgs []string
+	if args.DBEndpoint != "" {
+		serverArgs = append(serverArgs, "--datastore-endpoint="+args.DBEndpoint)
+	}
+	if args.BindIP != "" {
+		serverArgs = append(serverArgs, "--tls-san="+args.BindIP)
+	}
+	if args.NodePublicIP != "" {
+		serverArgs = append(serverArgs, "--node-external-ip="+args.NodePublicIP)
+	}
+	// K3s install script requires to provide token using K3S_TOKEN env var when install agent, so skip it here
+	if !args.Worker {
+		if args.Token != "" {
+			serverArgs = append(serverArgs, "--token="+args.Token)
+		}
+	}
+	if args.Name != "" {
+		serverArgs = append(serverArgs, "--node-name="+args.Name)
+	}
+	return serverArgs
+}
--- a/pkg/cluster/handler.go
+++ b/pkg/cluster/handler.go
@ -0,0 +1,14 @@
+package cluster
+
+import "github.com/oam-dev/velad/pkg/apis"
+
+// Handler defines the interface for handling the cluster(k3d/k3s) management
+type Handler interface {
+	Install(args apis.InstallArgs) error
+	Uninstall(name string) error
+	GenKubeconfig(ctx apis.Context, bindIP string) error
+	SetKubeconfig() error
+	LoadImage(image string) error
+	GetStatus() apis.ClusterStatus
+	Join(args apis.JoinArgs) error
+}
--- a/pkg/cluster/k3d.go
+++ b/pkg/cluster/k3d.go
@ -0,0 +1,577 @@
+//go:build !linux
+
+package cluster
+
+import (
+	"context"
+	"fmt"
+	"io"
+	"net"
+	"os"
+	"os/exec"
+	"path"
+	"path/filepath"
+	"regexp"
+	"strconv"
+	"strings"
+
+	"github.com/docker/docker/api/types"
+	"helm.sh/helm/v3/pkg/action"
+	"k8s.io/klog/v2"
+
+	"github.com/docker/docker/client"
+	"github.com/docker/go-connections/nat"
+	k3dClient "github.com/k3d-io/k3d/v5/pkg/client"
+	config "github.com/k3d-io/k3d/v5/pkg/config/v1alpha4"
+	"github.com/k3d-io/k3d/v5/pkg/runtimes"
+	k3d "github.com/k3d-io/k3d/v5/pkg/types"
+	"github.com/oam-dev/kubevela/pkg/utils/system"
+	"github.com/oam-dev/velad/pkg/apis"
+	"github.com/oam-dev/velad/pkg/resources"
+	"github.com/oam-dev/velad/pkg/utils"
+	"github.com/pkg/errors"
+	"k8s.io/client-go/tools/clientcmd"
+)
+
+var (
+	// DefaultHandler is the default handler for k3d cluster
+	DefaultHandler Handler = &K3dHandler{
+		ctx: context.Background(),
+	}
+	dockerCli client.APIClient
+	info      = utils.Info
+	infof     = utils.Infof
+	errf      = utils.Errf
+)
+
+type k3dSetupOptions struct {
+	dryRun bool
+}
+
+const (
+	// K3dImageTag is image tag of k3d
+	K3dImageTag = "v1.27.2-k3s1"
+)
+
+func init() {
+	var err error
+	dockerCli, err = client.NewClientWithOpts(client.FromEnv)
+	if err != nil {
+		panic(err)
+	}
+}
+
+// K3dHandler will handle the k3d cluster creation and management
+type K3dHandler struct {
+	ctx context.Context
+	cfg config.ClusterConfig
+}
+
+// Join -
+func (d *K3dHandler) Join(_ apis.JoinArgs) error {
+	return errors.New("not implemented")
+}
+
+// Install will install a k3d cluster
+func (d *K3dHandler) Install(args apis.InstallArgs) error {
+	var err error
+	d.cfg, err = GetClusterRunConfig(args)
+	if err != nil {
+		return err
+	}
+	o := k3dSetupOptions{
+		dryRun: args.DryRun,
+	}
+	err = o.setupK3d(d.ctx, d.cfg)
+	if err != nil {
+		return errors.Wrap(err, "failed to setup k3d")
+	}
+	info("Successfully setup cluster")
+	return nil
+}
+
+// Uninstall removes a k3d cluster of certain name
+func (d *K3dHandler) Uninstall(name string) error {
+	clusterList, err := k3dClient.ClusterList(d.ctx, runtimes.SelectedRuntime)
+	if err != nil {
+		return errors.Wrap(err, "failed to get cluster list")
+	}
+
+	if len(clusterList) == 0 {
+		return errors.New("no cluster found")
+	}
+
+	var veladCluster *k3d.Cluster
+
+	for _, c := range clusterList {
+		if c.Name == fmt.Sprintf("velad-cluster-%s", name) {
+			veladCluster = c
+		}
+	}
+
+	err = k3dClient.ClusterDelete(d.ctx, runtimes.SelectedRuntime, veladCluster, k3d.ClusterDeleteOpts{
+		SkipRegistryCheck: false,
+	})
+	if err != nil {
+		return errors.Wrap(err, "Fail to delete cluster")
+	}
+	// TODO: delete Kubeconfig
+	return nil
+}
+
+// GenKubeconfig generate three kinds of kubeconfig
+// 1. kubeconfig for access from host
+// 2. kubeconfig for access from other VelaD cluster
+// 3. kubeconfig for access from other machine (if bindIP provided)
+func (d *K3dHandler) GenKubeconfig(ctx apis.Context, bindIP string) error {
+	var err error
+	var cluster = d.cfg.Cluster.Name
+	// 1. kubeconfig for access from host
+	cfgHost := configPath(cluster)
+	info("Generating host kubeconfig into", cfgHost)
+	if !ctx.DryRun {
+		if _, err := k3dClient.KubeconfigGetWrite(context.Background(), runtimes.SelectedRuntime, &d.cfg.Cluster, cfgHost,
+			&k3dClient.WriteKubeConfigOptions{UpdateExisting: true, OverwriteExisting: false, UpdateCurrentContext: true}); err != nil {
+			return errors.Wrap(err, "failed to gen kubeconfig")
+		}
+	}
+	// #nosec
+	_cfgContent, err := os.ReadFile(cfgHost)
+	if err != nil {
+		return errors.Wrap(err, "read kubeconfig")
+	}
+
+	var (
+		hostToReplace string
+		kubeConfig    = string(_cfgContent)
+	)
+
+	if !ctx.DryRun {
+		switch {
+		case strings.Contains(kubeConfig, "0.0.0.0"):
+			hostToReplace = "0.0.0.0"
+		case strings.Contains(kubeConfig, "host.docker.internal"):
+			hostToReplace = "host.docker.internal"
+		default:
+			return errors.Wrap(err, "unrecognized kubeconfig format")
+		}
+	}
+
+	// Replace host config with loop back address
+	if !ctx.DryRun {
+		cfgHostContent := strings.ReplaceAll(kubeConfig, hostToReplace, "127.0.0.1")
+		err = os.WriteFile(cfgHost, []byte(cfgHostContent), 0600)
+		if err != nil {
+			errf("Fail to re-write host kubeconfig")
+		}
+	}
+
+	// 2. kubeconfig for access from other VelaD cluster
+	// Basically we replace the IP with IP inside the docker network
+	cfgIn := configPathInternal(cluster)
+	info("Generating internal kubeconfig into", cfgIn)
+	if !ctx.DryRun {
+		var containerIP string
+		networks, err := dockerCli.NetworkInspect(d.ctx, apis.VelaDDockerNetwork, types.NetworkInspectOptions{})
+		if err != nil {
+			klog.ErrorS(err, "inspect docker network")
+			return err
+		}
+		cs := networks.Containers
+		for _, c := range cs {
+			if c.Name == fmt.Sprintf("k3d-%s-server-0", d.cfg.Cluster.Name) {
+				containerIP = strings.TrimSuffix(c.IPv4Address, "/16")
+			}
+		}
+		re := regexp.MustCompile(hostToReplace + `:\d{4}`)
+		cfgInContent := re.ReplaceAllString(kubeConfig, fmt.Sprintf("%s:6443", containerIP))
+		err = os.WriteFile(cfgIn, []byte(cfgInContent), 0600)
+		if err != nil {
+			errf("Fail to write internal kubeconfig")
+		} else {
+			info("Successfully generate internal kubeconfig at", cfgIn)
+		}
+	}
+
+	// 3. kubeconfig for access from other machine
+	if bindIP != "" {
+		cfgOut := configPathExternal(cluster)
+		info("Generating external kubeconfig for remote access into ", cfgOut)
+		if !ctx.DryRun {
+			cfgOutContent := strings.Replace(kubeConfig, hostToReplace, bindIP, 1)
+			err = os.WriteFile(cfgOut, []byte(cfgOutContent), 0600)
+			if err != nil {
+				return err
+			}
+		}
+		info("Successfully generate external kubeconfig at", cfgOut)
+	}
+	return nil
+}
+
+// SetKubeconfig set kubeconfig environment of cluster stored in K3dHandler
+func (d *K3dHandler) SetKubeconfig() error {
+	info("Setting kubeconfig env for VelaD...")
+	return os.Setenv("KUBECONFIG", configPath(d.cfg.Cluster.Name))
+}
+
+// LoadImage loads image from local path
+func (d *K3dHandler) LoadImage(image string) error {
+	err := k3dClient.ImageImportIntoClusterMulti(d.ctx, runtimes.SelectedRuntime, []string{image}, &d.cfg.Cluster, k3d.ImageImportOpts{Mode: k3d.ImportModeAutoDetect})
+	return errors.Wrap(err, "failed to import image")
+}
+
+// GetStatus returns the status of the cluster
+func (d *K3dHandler) GetStatus() apis.ClusterStatus {
+	var status apis.ClusterStatus
+	list, err := dockerCli.ImageList(d.ctx, types.ImageListOptions{})
+
+	if err != nil {
+		status.K3dImages.Reason = fmt.Sprintf("Failed to get image list: %s", err.Error())
+		return status
+	}
+	for _, image := range list {
+		fillK3dImageStatus(image, &status)
+	}
+
+	clusters, err := k3dClient.ClusterList(d.ctx, runtimes.SelectedRuntime)
+	if err != nil {
+		status.K3d.Reason = fmt.Sprintf("Failed to get cluster list: %s", err.Error())
+		return status
+	}
+	status.K3d.K3dContainer = []apis.K3dContainer{}
+	for _, cluster := range clusters {
+		fillK3dCluster(d.ctx, cluster, &status)
+	}
+	return status
+}
+
+func fillK3dImageStatus(image types.ImageSummary, status *apis.ClusterStatus) {
+	if len(image.RepoTags) == 0 {
+		return
+	}
+	for _, tag := range image.RepoTags {
+		switch tag {
+		case apis.K3dImageK3s:
+			status.K3dImages.K3s = true
+		case apis.K3dImageTools:
+			status.K3dImages.K3dTools = true
+		case apis.K3dImageProxy:
+			status.K3dImages.K3dProxy = true
+		}
+	}
+}
+
+func fillK3dCluster(ctx context.Context, cluster *k3d.Cluster, status *apis.ClusterStatus) {
+	if strings.HasPrefix(cluster.Name, "velad-cluster-") {
+		container := apis.K3dContainer{
+			Name:    strings.TrimPrefix(cluster.Name, "velad-cluster-"),
+			Running: true,
+		}
+
+		// get k3d cluster kubeconfig
+		kubeconfig, err := k3dClient.KubeconfigGet(ctx, runtimes.SelectedRuntime, cluster)
+		if err != nil {
+			container.Reason = fmt.Sprintf("Failed to get kubeconfig: %s", err.Error())
+		}
+		restConfig, err := clientcmd.NewDefaultClientConfig(*kubeconfig, nil).ClientConfig()
+		if err != nil {
+			container.Reason = fmt.Sprintf("Failed to get rest kubeconfig: %s", err.Error())
+		}
+		cfg, err := utils.NewActionConfig(restConfig, false)
+		if err != nil {
+			container.Reason = fmt.Sprintf("Failed to get helm action config: %s", err.Error())
+		}
+		list := action.NewList(cfg)
+		list.SetStateMask()
+		releases, err := list.Run()
+		if err != nil {
+			container.Reason = fmt.Sprintf("Failed to get helm releases: %s", err.Error())
+		}
+		for _, release := range releases {
+			if release.Name == apis.KubeVelaHelmRelease {
+				container.VelaStatus = release.Info.Status.String()
+			}
+		}
+		if container.VelaStatus == "" {
+			container.VelaStatus = apis.StatusVelaNotInstalled
+		}
+
+		status.K3d.K3dContainer = append(status.K3d.K3dContainer, container)
+	}
+}
+
+func (o k3dSetupOptions) setupK3d(ctx context.Context, clusterConfig config.ClusterConfig) error {
+	info("Preparing K3s images...")
+	err := o.prepareK3sImages()
+	if err != nil {
+		return errors.Wrap(err, "failed to prepare k3d images")
+	}
+	info("Successfully prepare k3d images")
+
+	info("Loading k3d images...")
+	err = o.loadK3dImages()
+	if err != nil {
+		return errors.Wrap(err, "failed to extract k3d images")
+	}
+	info("Successfully load k3d images")
+
+	info("Creating k3d cluster...")
+	if err = o.runClusterIfNotExist(ctx, clusterConfig); err != nil {
+		return err
+	}
+	info("Successfully create k3d cluster")
+	return nil
+}
+
+// GetClusterRunConfig returns the run-config for the k3d cluster
+func GetClusterRunConfig(args apis.InstallArgs) (config.ClusterConfig, error) {
+	createOpts := getClusterCreateOpts()
+	cluster, err := getClusterConfig(args, createOpts)
+	if err != nil {
+		return config.ClusterConfig{}, err
+	}
+	kubeconfigOpts := getKubeconfigOptions()
+	runConfig := config.ClusterConfig{
+		Cluster:           cluster,
+		ClusterCreateOpts: createOpts,
+		KubeconfigOpts:    kubeconfigOpts,
+	}
+	return runConfig, nil
+}
+
+func getClusterCreateOpts() k3d.ClusterCreateOpts {
+	clusterCreateOpts := k3d.ClusterCreateOpts{
+		GlobalLabels: map[string]string{}, // empty init
+		GlobalEnv:    []string{},          // empty init
+		// Enable LoadBalancer for using Ingress to access services
+		DisableLoadBalancer: false,
+	}
+
+	// ensure, that we have the default object labels
+	for k, v := range k3d.DefaultRuntimeLabels {
+		clusterCreateOpts.GlobalLabels[k] = v
+	}
+
+	return clusterCreateOpts
+}
+
+// getClusterConfig will get different k3d.Cluster based on ordinal , storage for external storage, token is needed if storage is set
+func getClusterConfig(args apis.InstallArgs, ops k3d.ClusterCreateOpts) (k3d.Cluster, error) {
+	// Cluster will be created in one docker network
+	var universalK3dNetwork = k3d.ClusterNetwork{
+		Name:     apis.VelaDDockerNetwork,
+		External: false,
+	}
+	kubeAPIExposureOpts := k3d.ExposureOpts{
+		Host: k3d.DefaultAPIHost,
+	}
+	port, err := findAvailablePort(6443)
+	if err != nil {
+		panic(err)
+	}
+	kubeAPIExposureOpts.Port = k3d.DefaultAPIPort
+	kubeAPIExposureOpts.Binding = nat.PortBinding{
+		HostIP:   k3d.DefaultAPIHost,
+		HostPort: port,
+	}
+
+	// fill cluster config
+	clusterName := fmt.Sprintf("velad-cluster-%s", args.Name)
+	clusterConfig := k3d.Cluster{
+		Name:    clusterName,
+		Network: universalK3dNetwork,
+		KubeAPI: &kubeAPIExposureOpts,
+	}
+
+	// nodes
+	var nodes []*k3d.Node
+
+	// load-balancer for servers
+
+	clusterConfig.ServerLoadBalancer = prepareLoadbalancer(clusterConfig, ops)
+	nodes = append(nodes, clusterConfig.ServerLoadBalancer.Node)
+
+	k3sImageDir, err := getK3sImageDir()
+	if err != nil {
+		errf("failed to get k3s image dir: %v", err)
+	}
+	serverNode := k3d.Node{
+		Name:       k3dClient.GenerateNodeName(clusterConfig.Name, k3d.ServerRole, 0),
+		Role:       k3d.ServerRole,
+		Image:      fmt.Sprintf("rancher/k3s:%s", K3dImageTag),
+		ServerOpts: k3d.ServerOpts{},
+		Volumes:    []string{k3sImageDir + ":/var/lib/rancher/k3s/agent/images/"},
+	}
+
+	serverNode.Args = GetK3sServerArgs(args)
+	nodes = append(nodes, &serverNode)
+	clusterConfig.Nodes = nodes
+
+	clusterConfig.ServerLoadBalancer.Config.Ports[fmt.Sprintf("%s.tcp", k3d.DefaultAPIPort)] = append(clusterConfig.ServerLoadBalancer.Config.Ports[fmt.Sprintf("%s.tcp", k3d.DefaultAPIPort)], serverNode.Name)
+
+	// Other configurations
+	portWithFilter, err := getPortWithFilters()
+	if err != nil {
+		return clusterConfig, errors.Wrap(err, "failed to get http ports")
+	}
+	err = k3dClient.TransformPorts(context.Background(), runtimes.SelectedRuntime, &clusterConfig, []config.PortWithNodeFilters{portWithFilter})
+	if err != nil {
+		return clusterConfig, errors.Wrap(err, "failed to transform ports")
+	}
+
+	return clusterConfig, nil
+}
+
+func getKubeconfigOptions() config.SimpleConfigOptionsKubeconfig {
+	// TODO: this not working yet, we are updating kubeconfig manually
+	opts := config.SimpleConfigOptionsKubeconfig{
+		UpdateDefaultKubeconfig: true,
+		SwitchCurrentContext:    true,
+	}
+	return opts
+}
+
+func (o k3dSetupOptions) runClusterIfNotExist(ctx context.Context, cluster config.ClusterConfig) error {
+	var err error
+	info("Launching k3d cluster:", cluster.Cluster.Name)
+	if !o.dryRun {
+		if _, err = k3dClient.ClusterGet(ctx, runtimes.SelectedRuntime, &cluster.Cluster); err == nil {
+			info("Detect an existing cluster: ", cluster.Cluster.Name)
+			return nil
+		}
+		err = k3dClient.ClusterRun(ctx, runtimes.SelectedRuntime, &cluster)
+	}
+	return errors.Wrapf(err, "fail to create cluster: %s", cluster.Cluster.Name)
+}
+
+// prepareK3sImages extracts k3s images to ~/.vela/velad/k3s/images.tg
+func (o k3dSetupOptions) prepareK3sImages() error {
+	embedK3sImage, err := resources.K3sImage.Open("static/k3s/images/k3s-airgap-images.tar.gz")
+	if err != nil {
+		return err
+	}
+	defer utils.CloseQuietly(embedK3sImage)
+
+	k3sImagesDir, err := getK3sImageDir()
+	if err != nil {
+		return err
+	}
+	k3sImagesPath := filepath.Join(k3sImagesDir, "k3s-airgap-images.tgz")
+	info("Saving k3s image airgap install tarball to", k3sImagesPath)
+
+	if !o.dryRun {
+		// #nosec
+		k3sImagesFile, err := os.OpenFile(k3sImagesPath, os.O_CREATE|os.O_WRONLY|os.O_TRUNC, 0600)
+		if err != nil {
+			return err
+		}
+		defer utils.CloseQuietly(k3sImagesFile)
+		if _, err := io.Copy(k3sImagesFile, embedK3sImage); err != nil {
+			return err
+		}
+	}
+
+	/* #nosec */
+	info("Successfully prepare k3s image: ", k3sImagesPath)
+	return nil
+}
+
+func getK3sImageDir() (string, error) {
+	dir, err := system.GetVelaHomeDir()
+	if err != nil {
+		return "", err
+	}
+	k3sImagesDir := filepath.Join(dir, "velad", "k3s")
+	if err := os.MkdirAll(k3sImagesDir, 0700); err != nil {
+		return "", err
+	}
+	return k3sImagesDir, nil
+}
+
+// loadK3dImages loads local k3d images to docker
+func (o k3dSetupOptions) loadK3dImages() error {
+	dir, err := resources.K3dImage.ReadDir("static/k3d/images")
+	if err != nil {
+		return err
+	}
+	for _, entry := range dir {
+		file, err := resources.K3dImage.Open(path.Join("static/k3d/images", entry.Name()))
+		if err != nil {
+			return err
+		}
+		name := strings.Split(entry.Name(), ".")[0]
+		var (
+			format   = "k3d-image-" + name + "-*.tar.gz"
+			imageTgz string
+		)
+		if o.dryRun {
+			info("Saving and temporary image file:", format)
+		} else {
+			imageTgz, err = utils.SaveToTemp(file, format)
+			if err != nil {
+				return err
+			}
+		}
+
+		if o.dryRun {
+			infof("Importing image to docker using temporary file: %s\n", format)
+		} else {
+			// #nosec
+			importCmd := exec.Command("docker", "image", "load", "-i", imageTgz)
+			output, err := importCmd.CombinedOutput()
+			utils.InfoBytes(output)
+			if err != nil {
+				return err
+			}
+		}
+	}
+
+	return nil
+}
+
+// findAvailablePort find available port, start by default
+func findAvailablePort(start int) (string, error) {
+	for i := start; i < 65535; i++ {
+		listener, err := net.Listen("tcp", fmt.Sprintf(":%d", i))
+		if err != nil {
+			continue
+		}
+		utils.CloseQuietly(listener)
+		return strconv.Itoa(i), nil
+	}
+	return "", errors.New("no available port")
+}
+
+func prepareLoadbalancer(cluster k3d.Cluster, opts k3d.ClusterCreateOpts) *k3d.Loadbalancer {
+	lb := k3d.NewLoadbalancer()
+
+	labels := map[string]string{}
+	if opts.GlobalLabels == nil && len(opts.GlobalLabels) == 0 {
+		labels = opts.GlobalLabels
+	}
+
+	lb.Node.Name = fmt.Sprintf("%s-%s-serverlb", k3d.DefaultObjectNamePrefix, cluster.Name)
+	lb.Node.Image = apis.K3dImageProxy
+	lb.Node.Ports = nat.PortMap{
+		k3d.DefaultAPIPort: []nat.PortBinding{cluster.KubeAPI.Binding},
+	}
+	lb.Node.Networks = []string{cluster.Network.Name}
+
+	// fixed the lb image
+	lb.Node.RuntimeLabels = labels
+	lb.Node.Restart = true
+
+	return lb
+}
+
+func getPortWithFilters() (config.PortWithNodeFilters, error) {
+	var port config.PortWithNodeFilters
+	hostPort, err := findAvailablePort(8090)
+	if err != nil {
+		return port, err
+	}
+	port.Port = fmt.Sprintf("%s:80", hostPort)
+	port.NodeFilters = []string{"loadbalancer"}
+	return port, nil
+}
--- a/pkg/cluster/k3s.go
+++ b/pkg/cluster/k3s.go
@ -0,0 +1,354 @@
+//go:build linux
+
+package cluster
+
+import (
+	"fmt"
+	"io"
+	"os"
+	"os/exec"
+	"strings"
+
+	"github.com/oam-dev/velad/pkg/apis"
+	"github.com/oam-dev/velad/pkg/resources"
+	"github.com/oam-dev/velad/pkg/utils"
+	"github.com/pkg/errors"
+	"helm.sh/helm/v3/pkg/action"
+	config2 "sigs.k8s.io/controller-runtime/pkg/client/config"
+)
+
+var (
+	info  = utils.Info
+	infof = utils.Infof
+	// DefaultHandler is the default handler for k3s cluster
+	DefaultHandler Handler = &K3sHandler{}
+)
+
+// K3sHandler handle k3s in linux
+type K3sHandler struct{}
+
+// Join a worker node to k3s cluster
+func (l K3sHandler) Join(args apis.JoinArgs) error {
+	info("Join k3s cluster...")
+	// #nosec
+	err := SetupK3s(apis.InstallArgs{
+		Worker:   true,
+		DryRun:   args.DryRun,
+		Token:    args.Token,
+		Name:     args.Name,
+		MasterIP: args.MasterIP,
+	})
+	if err != nil {
+		return errors.Wrap(err, "fail to join k3s cluster")
+	}
+
+	info("🎉 Successfully join worker node")
+	return nil
+}
+
+var _ Handler = &K3sHandler{}
+
+type k3sSetupOptions struct {
+	DryRun   bool
+	Worker   bool
+	MasterIP string
+	Token    string
+}
+
+// Install install k3s cluster
+func (l K3sHandler) Install(args apis.InstallArgs) error {
+	err := SetupK3s(args)
+	if err != nil {
+		return errors.Wrap(err, "fail to setup k3s")
+	}
+	info("Successfully setup cluster")
+	return nil
+}
+
+// Uninstall uninstall k3s cluster
+func (l K3sHandler) Uninstall(name string) error {
+	info("Uninstall k3s...")
+	script, err := decideUninstallScript()
+	if err != nil {
+		return err
+	}
+	// #nosec
+	uCmd := exec.Command(script)
+	err = uCmd.Run()
+	if err != nil {
+		return errors.Wrap(err, "Fail to uninstall k3s")
+	}
+	info("Successfully uninstall k3s")
+	info("Uninstall vela CLI...")
+	// #nosec
+	dCmd := exec.Command("rm", apis.VelaLinkPos)
+	err = dCmd.Run()
+	if err != nil {
+		info("No vela in /usr/local/bin, skip uninstall")
+	}
+	info("Successfully uninstall vela CLI")
+	return nil
+}
+
+// SetKubeconfig set kubeconfig for k3s
+func (l K3sHandler) SetKubeconfig() error {
+	return os.Setenv("KUBECONFIG", apis.K3sKubeConfigLocation)
+}
+
+// LoadImage load imageTar to k3s cluster
+func (l K3sHandler) LoadImage(imageTar string) error {
+	// #nosec
+	importCmd := exec.Command("k3s", "ctr", "images", "import", "--all-platforms", imageTar)
+	output, err := importCmd.CombinedOutput()
+	utils.InfoBytes(output)
+	if err != nil {
+		return errors.Wrap(err, "Fail to import image")
+	}
+	infof("Successfully import image %s\n", imageTar)
+	return nil
+}
+
+// GetStatus get k3s status
+func (l K3sHandler) GetStatus() apis.ClusterStatus {
+	var status apis.ClusterStatus
+	fillK3sBinStatus(&status)
+	fillServiceStatus(&status)
+	fillVelaStatus(&status)
+	return status
+}
+
+func fillK3sBinStatus(status *apis.ClusterStatus) {
+	_, err := os.Stat(resources.K3sBinaryLocation)
+	if err == nil {
+		status.K3s.K3sBinary = true
+	} else {
+		status.K3s.K3sBinary = false
+	}
+}
+
+func fillServiceStatus(status *apis.ClusterStatus) {
+	if status.K3s.Reason != "" {
+		return
+	}
+	// #nosec
+	cmd := exec.Command("systemctl", "check", "k3s")
+	out, err := cmd.CombinedOutput()
+	status.K3s.K3sServiceStatus = string(out)
+	if err != nil {
+		extErr := new(exec.ExitError)
+		if ok := errors.As(err, &extErr); !ok {
+			status.K3s.Reason = fmt.Sprintf("fail to run systemctl: %v", extErr.Error())
+		}
+	}
+}
+
+func fillVelaStatus(status *apis.ClusterStatus) {
+	if status.K3s.Reason != "" {
+		return
+	}
+	err := os.Setenv("KUBECONFIG", apis.K3sKubeConfigLocation)
+	if err != nil {
+		status.K3s.Reason = fmt.Sprintf("fail to set kubeconfig: %v", err)
+		return
+	}
+	restConfig, err := config2.GetConfig()
+	if err != nil {
+		status.K3s.Reason = fmt.Sprintf("fail to get config: %v", err)
+		return
+	}
+	cfg, err := utils.NewActionConfig(restConfig, false)
+	if err != nil {
+		status.K3s.Reason = fmt.Sprintf("Failed to get helm action config: %s", err.Error())
+		return
+	}
+	list := action.NewList(cfg)
+	list.SetStateMask()
+	releases, err := list.Run()
+	if err != nil {
+		status.K3s.Reason = fmt.Sprintf("Failed to get helm releases: %s", err.Error())
+		return
+	}
+	for _, release := range releases {
+		if release.Name == apis.KubeVelaHelmRelease {
+			status.K3s.VelaStatus = release.Info.Status.String()
+		}
+	}
+	if status.K3s.VelaStatus == "" {
+		status.K3s.VelaStatus = apis.StatusVelaNotInstalled
+	}
+}
+
+// prepareK3sImages Write embed images
+func (o k3sSetupOptions) prepareK3sImages() error {
+	if o.Worker {
+		info("Skipping image unpacking on worker node")
+		return nil
+	}
+	embedK3sImage, err := resources.K3sImage.Open("static/k3s/images/k3s-airgap-images.tar.gz")
+	if err != nil {
+		return err
+	}
+	defer utils.CloseQuietly(embedK3sImage)
+	infof("Making directory %s\n", resources.K3sImageDir)
+	if !o.DryRun {
+		err = os.MkdirAll(resources.K3sImageDir, 0600)
+		if err != nil {
+			return err
+		}
+	}
+
+	infof("Saving K3s air-gap install images to %s\n", resources.K3sImageLocation)
+	if !o.DryRun {
+		/* #nosec */
+		bin, err := os.OpenFile(resources.K3sImageLocation, os.O_CREATE|os.O_WRONLY, 0700)
+		if err != nil {
+			return err
+		}
+		defer utils.CloseQuietly(bin)
+		_, err = io.Copy(bin, embedK3sImage)
+		if err != nil {
+			return err
+		}
+		// #nosec
+		unGzipCmd := exec.Command("gzip", "-f", "-d", resources.K3sImageLocation)
+		output, err := unGzipCmd.CombinedOutput()
+		fmt.Print(string(output))
+		if err != nil {
+			return err
+		}
+	}
+
+	info("Successfully prepare k3s image")
+	return nil
+}
+
+func (o k3sSetupOptions) prepareEnv(cmd *exec.Cmd) {
+	masterURL := fmt.Sprintf("https://%s:%d", o.MasterIP, 6443)
+	cmd.Env = os.Environ()
+	cmd.Env = append(cmd.Env, "INSTALL_K3S_SKIP_DOWNLOAD=true")
+	if o.Worker {
+		cmd.Env = append(cmd.Env, "K3S_URL="+masterURL, "K3S_TOKEN="+o.Token)
+	}
+
+}
+
+// prepareK3sScript Write k3s install script to local
+func (o k3sSetupOptions) prepareK3sScript() (string, error) {
+	var (
+		scriptName string
+		err        error
+	)
+	embedScript, err := resources.K3sDirectory.Open("static/k3s/other/setup.sh")
+	if err != nil {
+		return "", err
+	}
+	format := "k3s-setup-*.sh"
+	infof("Saving temporary file: %s\n", format)
+	if !o.DryRun {
+		scriptName, err = utils.SaveToTemp(embedScript, format)
+		if err != nil {
+			return "", err
+		}
+	}
+	return scriptName, nil
+}
+
+// prepareK3sBin prepare k3s bin
+func (o k3sSetupOptions) prepareK3sBin() error {
+	embedK3sBinary, err := resources.K3sDirectory.Open("static/k3s/other/k3s")
+	if err != nil {
+		return err
+	}
+	defer utils.CloseQuietly(embedK3sBinary)
+	infof("Saving k3s binary to %s\n", resources.K3sBinaryLocation)
+	if !o.DryRun {
+		/* #nosec */
+		bin, err := os.OpenFile(resources.K3sBinaryLocation, os.O_CREATE|os.O_WRONLY, 0700)
+		if err != nil {
+			return err
+		}
+		defer utils.CloseQuietly(bin)
+		_, err = io.Copy(bin, embedK3sBinary)
+		if err != nil {
+			return err
+		}
+	}
+	info("Successfully place k3s binary to " + resources.K3sBinaryLocation)
+	return nil
+}
+
+// SetupK3s will set up K3s as control plane.
+func SetupK3s(cArgs apis.InstallArgs) error {
+	o := k3sSetupOptions{
+		DryRun:   cArgs.DryRun,
+		Worker:   cArgs.Worker,
+		MasterIP: cArgs.MasterIP,
+		Token:    cArgs.Token,
+	}
+	info("Preparing cluster setup script...")
+	script, err := o.prepareK3sScript()
+	if err != nil {
+		return errors.Wrap(err, "fail to prepare k3s setup script")
+	}
+
+	info("Preparing k3s binary...")
+	err = o.prepareK3sBin()
+	if err != nil {
+		return errors.Wrap(err, "Fail to prepare k3s binary")
+	}
+
+	info("Preparing k3s images")
+	err = o.prepareK3sImages()
+	if err != nil {
+		return errors.Wrap(err, "Fail to prepare k3s images")
+	}
+
+	info("Setting up cluster")
+	args := []string{script}
+	other := GetK3sServerArgs(cArgs)
+	args = append(args, other...)
+	var output []byte
+	if !o.DryRun {
+		/* #nosec */
+		cmd := exec.Command("/bin/bash", args...)
+		o.prepareEnv(cmd)
+		info(cmd.String())
+		output, err = cmd.CombinedOutput()
+		infof(string(output))
+	}
+	return errors.Wrap(err, "K3s install script failed")
+}
+
+// GenKubeconfig generate kubeconfig for accessing from other machine
+func (l K3sHandler) GenKubeconfig(ctx apis.Context, bindIP string) error {
+	if bindIP == "" {
+		return nil
+	}
+	var (
+		err        error
+		originConf []byte
+	)
+	info("Generating kubeconfig for remote access into ", apis.K3sExternalKubeConfigLocation)
+	if !ctx.DryRun {
+		originConf, err = os.ReadFile(apis.K3sKubeConfigLocation)
+		if err != nil {
+			return err
+		}
+		newConf := strings.Replace(string(originConf), "127.0.0.1", bindIP, 1)
+		err = os.WriteFile(apis.K3sExternalKubeConfigLocation, []byte(newConf), 0600)
+	}
+	info("Successfully generate kubeconfig at ", apis.K3sExternalKubeConfigLocation)
+	return err
+}
+
+func decideUninstallScript() (string, error) {
+	serverUninstallFile := "/usr/local/bin/k3s-uninstall.sh"
+	agentUninstallFile := "/usr/local/bin/k3s-agent-uninstall.sh"
+	if _, err := os.Stat(serverUninstallFile); err == nil {
+		return serverUninstallFile, nil
+	}
+	if _, err := os.Stat(agentUninstallFile); err == nil {
+		return agentUninstallFile, nil
+	}
+	return "", errors.New("can not find k3s uninstall script")
+}
--- a/pkg/cluster/kubeconfig.go
+++ b/pkg/cluster/kubeconfig.go
@ -0,0 +1,77 @@
+package cluster
+
+import (
+	"fmt"
+	"os"
+	"path/filepath"
+	"runtime"
+
+	"github.com/oam-dev/velad/pkg/apis"
+	"github.com/oam-dev/velad/pkg/utils"
+)
+
+// PrintKubeConfig helps print kubeconfig locations
+func PrintKubeConfig(args apis.KubeconfigArgs) error {
+	switch runtime.GOOS {
+	case apis.GoosDarwin, apis.GoosWindows:
+		return printKubeConfigDocker(args)
+	case apis.GoosLinux:
+		return printKubeConfigLinux(args)
+	default:
+		utils.UnsupportedOS(runtime.GOOS)
+	}
+	return nil
+}
+
+func printKubeConfigLinux(args apis.KubeconfigArgs) error {
+	if args.Host {
+		info(apis.K3sKubeConfigLocation)
+		return nil
+	}
+	if args.External {
+		info(apis.K3sExternalKubeConfigLocation)
+		return nil
+	}
+	info("internal kubeconfig: ", apis.K3sKubeConfigLocation)
+	_, err := os.Stat(apis.K3sExternalKubeConfigLocation)
+	if err == nil {
+		info("external kubeconfig: ", apis.K3sKubeConfigLocation)
+	}
+	return nil
+}
+
+func printKubeConfigDocker(args apis.KubeconfigArgs) error {
+	clusterName := "velad-cluster-" + args.Name
+	if args.Host {
+		info(configPath(clusterName))
+		return nil
+	}
+	if args.Internal {
+		info(configPathInternal(clusterName))
+		return nil
+	}
+	if args.External {
+		info(configPathExternal(clusterName))
+		return nil
+	}
+	info("host kubeconfig:", configPath(clusterName), "(For accessing from host machine)")
+	info("internal kubeconfig:", configPathInternal(clusterName), "(For \"vela cluster join\")")
+	cfgExt := configPathExternal(clusterName)
+	_, err := os.Stat(cfgExt)
+	if err == nil {
+		info("external kubeconfig:", configPathExternal(clusterName), "(For accessing from other machines)")
+	}
+	return nil
+}
+
+func configPath(clusterName string) string {
+	return filepath.Join(utils.GetKubeconfigDir(), clusterName)
+}
+
+func configPathExternal(clusterName string) string {
+	return filepath.Join(utils.GetKubeconfigDir(), fmt.Sprintf("%s-external", clusterName))
+}
+
+func configPathInternal(clusterName string) string {
+	return filepath.Join(utils.GetKubeconfigDir(), fmt.Sprintf("%s-internal", clusterName))
+}
--- a/pkg/cmd/cli.go
+++ b/pkg/cmd/cli.go
@ -0,0 +1,47 @@
+package cmd
+
+import (
+	"fmt"
+	"os"
+
+	"github.com/oam-dev/kubevela/references/cli"
+	"github.com/oam-dev/kubevela/version"
+	"github.com/oam-dev/velad/pkg/utils"
+	veladVersion "github.com/oam-dev/velad/version"
+	"github.com/spf13/cobra"
+)
+
+// App is entry of all CLI, created by NewApp
+type App struct {
+	args []string
+}
+
+// NewApp create app
+func NewApp() App {
+	app := App{args: os.Args}
+	return app
+}
+
+// Run run the app, it can be vela or velad, depends on os.Args
+func (a App) Run() {
+	if len(a.args) == 0 {
+		fmt.Println("No args")
+		os.Exit(1)
+	}
+
+	var cmd *cobra.Command
+	if utils.IsVelaCommand(a.args[0]) {
+		_ = utils.SetDefaultKubeConfigEnv()
+		cmd = cli.NewCommand()
+		version.VelaVersion = veladVersion.VelaVersion
+		version.GitRevision = veladVersion.VelaGitRevision
+	} else {
+		cmd = NewVeladCommand()
+	}
+
+	utils.RemoveNetworkProxyEnv()
+	if err := cmd.Execute(); err != nil {
+		fmt.Println(err)
+		os.Exit(1)
+	}
+}
--- a/pkg/cmd/command.go
+++ b/pkg/cmd/command.go
@ -0,0 +1,187 @@
+package cmd
+
+import (
+	"fmt"
+	"os"
+
+	"github.com/oam-dev/kubevela/pkg/utils/common"
+	cmdutil "github.com/oam-dev/kubevela/pkg/utils/util"
+	"github.com/oam-dev/velad/pkg/apis"
+	"github.com/oam-dev/velad/pkg/cluster"
+	"github.com/oam-dev/velad/pkg/utils"
+	"github.com/oam-dev/velad/version"
+	"github.com/spf13/cobra"
+)
+
+var (
+	errf  = utils.Errf
+	info  = utils.Info
+	infoP = utils.InfoP
+	h     = cluster.DefaultHandler
+)
+
+// NewVeladCommand create velad command
+func NewVeladCommand() *cobra.Command {
+	ioStreams := cmdutil.IOStreams{In: os.Stdin, Out: os.Stdout, ErrOut: os.Stderr}
+	c := common.Args{
+		Schema: common.Scheme,
+	}
+	cmd := &cobra.Command{
+		Use:   "velad",
+		Short: "Setup a KubeVela control plane air-gapped",
+		Long:  "Setup a KubeVela control plane air-gapped, using K3s and only for Linux now",
+	}
+	cmd.AddCommand(
+		NewInstallCmd(c, ioStreams),
+		NewJoinCmd(),
+		NewStatusCmd(),
+		NewLoadBalancerCmd(),
+		NewKubeConfigCmd(),
+		NewTokenCmd(),
+		NewUninstallCmd(),
+		NewVersionCmd(),
+	)
+	return cmd
+}
+
+// NewTokenCmd create token command
+func NewTokenCmd() *cobra.Command {
+	var tokenArgs apis.TokenArgs
+	cmd := &cobra.Command{
+		Use:   "token",
+		Short: "Print control plane token",
+		Long:  "Print control plane token, only works if control plane has been set up",
+		RunE: func(cmd *cobra.Command, args []string) error {
+			return tokenCmd(cmd.Context(), tokenArgs)
+		},
+	}
+	cmd.Flags().StringVarP(&tokenArgs.Name, "name", "n", apis.DefaultVelaDClusterName, "which cluster token to print")
+	return cmd
+}
+
+// NewInstallCmd create install cmd
+func NewInstallCmd(c common.Args, ioStreams cmdutil.IOStreams) *cobra.Command {
+	iArgs := apis.InstallArgs{}
+	cmd := &cobra.Command{
+		Use:   "install",
+		Short: "Quickly setup a KubeVela control plane",
+		Long:  "Quickly setup a KubeVela control plane.",
+		Example: `
+# Simply install a control plane
+velad install
+
+# Install a high-availability control plane with external database. 
+# Requires at least 2 nodes.
+
+# 1. Setup first master node
+velad install --token=<TOKEN> --database-endpoint="mysql://<USER>:@tcp(<HOST>:<PORT>)/velad_ha" --bind-ip=<LB_IP> --node-ip=<FIRST_NODE_IP>
+
+# 2. Join other master nodes
+velad install --token=<TOKEN> --database-endpoint="mysql://<USER>:@tcp(<HOST>:<PORT>)/velad_ha" --bind-ip=<LB_IP> --node-ip=<SECOND_NODE_IP>
+
+# 3. On any master node, start wizard to get command to setup load balancer. Or you can use a load balancer service provided by cloud vendor.
+velad load-balancer wizard
+
+# 4. On another node, setup load balancer
+<Run command from step 3>
+`,
+		RunE: func(cmd *cobra.Command, args []string) error {
+			return installCmd(c, ioStreams, iArgs)
+		},
+	}
+	cmd.Flags().BoolVar(&iArgs.ClusterOnly, "cluster-only", false, "If set, start cluster without installing vela-core, typically used when restart a control plane where vela-core has been installed")
+	cmd.Flags().StringVar(&iArgs.DBEndpoint, "database-endpoint", "", "Use an external database to store control plane metadata, please ref https://rancher.com/docs/k3s/latest/en/installation/datastore/#datastore-endpoint-format-and-functionality for the format")
+	cmd.Flags().StringVar(&iArgs.BindIP, "bind-ip", "", "Bind additional hostname or IP to the cluster (e.g. IP of load balancer for multi-nodes VelaD cluster). This is used to generate kubeconfig access from remote (`velad kubeconfig --external`). If not set, will use node-ip")
+	cmd.Flags().StringVar(&iArgs.NodePublicIP, "node-ip", "", "Set the public IP of the node")
+	cmd.Flags().StringVar(&iArgs.Token, "token", "", "Token for identify the cluster. Can be used to restart the control plane or register other node. If not set, random token will be generated")
+	cmd.Flags().StringVar(&iArgs.Name, "name", apis.DefaultVelaDClusterName, "In Mac/Windows environment, use this to specify the name of the cluster. In Linux environment, use this to specify the name of node")
+	cmd.Flags().BoolVar(&iArgs.DryRun, "dry-run", false, "Dry run the install process")
+
+	// inherit args from `vela install`
+	cmd.Flags().StringArrayVarP(&iArgs.InstallArgs.Values, "set", "", []string{}, "Set values on the command line (can specify multiple or separate values with commas: key1=val1,key2=val2)")
+	cmd.Flags().StringVarP(&iArgs.InstallArgs.Namespace, "namespace", "n", "vela-system", "Namespace scope for installing KubeVela Core")
+	cmd.Flags().BoolVarP(&iArgs.InstallArgs.Detail, "detail", "d", true, "Show detail log of installation")
+	cmd.Flags().BoolVarP(&iArgs.InstallArgs.ReuseValues, "reuse", "r", true, "Will re-use the user's last supplied values.")
+
+	return cmd
+}
+
+// NewJoinCmd create join cmd
+func NewJoinCmd() *cobra.Command {
+	jArgs := apis.JoinArgs{}
+	cmd := &cobra.Command{
+		Use:   "join",
+		Short: "Join a worker node to a control plane, only works in linux environment",
+		Long:  "Join a worker node to a control plane, only works in linux environment",
+		RunE: func(cmd *cobra.Command, args []string) error {
+			return joinCmd(jArgs)
+		},
+	}
+	cmd.Flags().StringVar(&jArgs.Token, "token", "", "Token for identify the cluster. Can be used to restart the control plane or register other node. If not set, random token will be generated")
+	cmd.Flags().StringVarP(&jArgs.Name, "worker-name", "n", "", "The name of worker node, default to hostname")
+	cmd.Flags().StringVar(&jArgs.MasterIP, "master-ip", "", "Set the public IP of the master node")
+	cmd.Flags().BoolVar(&jArgs.DryRun, "dry-run", false, "Dry run the join process")
+	_ = cmd.MarkFlagRequired("token")
+	_ = cmd.MarkFlagRequired("master-ip")
+	return cmd
+}
+
+// NewStatusCmd create status command
+func NewStatusCmd() *cobra.Command {
+	cmd := &cobra.Command{
+		Use:   "status",
+		Short: "Show the status of the control plane",
+		Long:  "Show the status of the control plane",
+		Run: func(cmd *cobra.Command, args []string) {
+			statusCmd()
+		},
+	}
+	return cmd
+}
+
+// NewKubeConfigCmd create kubeconfig command for ctrl-plane
+func NewKubeConfigCmd() *cobra.Command {
+	kArgs := apis.KubeconfigArgs{}
+	cmd := &cobra.Command{
+		Use:   "kubeconfig",
+		Short: "print kubeconfig to access control plane",
+		RunE: func(cmd *cobra.Command, args []string) error {
+			return kubeconfigCmd(kArgs)
+		},
+	}
+	cmd.Flags().StringVarP(&kArgs.Name, "name", "n", apis.DefaultVelaDClusterName, "The name of cluster, Only works in macOS/Windows")
+	cmd.Flags().BoolVar(&kArgs.Internal, "internal", false, "Print kubeconfig that used in Docker network. Typically used in \"vela cluster join\". Only works in macOS/Windows. ")
+	cmd.Flags().BoolVar(&kArgs.External, "external", false, "Print kubeconfig that can be used on other machine")
+	cmd.Flags().BoolVar(&kArgs.Host, "host", false, "Print kubeconfig path that can be used in this machine")
+	return cmd
+}
+
+// NewUninstallCmd create uninstall command
+func NewUninstallCmd() *cobra.Command {
+	uArgs := apis.UninstallArgs{}
+	cmd := &cobra.Command{
+		Use:   "uninstall",
+		Short: "Uninstall control plane or detach worker node",
+		Long:  "Remove master node if it's the only one, or remove this worker node from the cluster",
+		RunE: func(cmd *cobra.Command, args []string) error {
+			return uninstallCmd(uArgs)
+		},
+	}
+	cmd.Flags().StringVarP(&uArgs.Name, "name", "n", apis.DefaultVelaDClusterName, "The name of the control plane. Only works when NOT in linux environment")
+	return cmd
+}
+
+// NewVersionCmd create version command
+func NewVersionCmd() *cobra.Command {
+	cmd := &cobra.Command{
+		Use:   "version",
+		Short: "Prints VelaD build version information",
+		Long:  "Prints VelaD build version information.",
+		Run: func(cmd *cobra.Command, args []string) {
+			fmt.Printf("Core Version: %s\n", version.VelaVersion)
+			fmt.Printf("VelaD Version: %s\n", version.VelaDVersion)
+		},
+	}
+	return cmd
+
+}
--- a/pkg/cmd/control.go
+++ b/pkg/cmd/control.go
@ -0,0 +1,164 @@
+package cmd
+
+import (
+	"context"
+	"fmt"
+	"os"
+	"runtime"
+
+	"github.com/oam-dev/kubevela/pkg/utils/common"
+	cmdutil "github.com/oam-dev/kubevela/pkg/utils/util"
+	"github.com/pkg/errors"
+
+	"github.com/oam-dev/velad/pkg/apis"
+	"github.com/oam-dev/velad/pkg/cluster"
+	"github.com/oam-dev/velad/pkg/utils"
+	"github.com/oam-dev/velad/pkg/vela"
+)
+
+func tokenCmd(ctx context.Context, args apis.TokenArgs) error {
+	err := args.Validate()
+	if err != nil {
+		return err
+	}
+	switch runtime.GOOS {
+	case apis.GoosLinux:
+		_, err := os.Stat(apis.K3sTokenPath)
+		if err != nil {
+			if os.IsNotExist(err) {
+				info("No token found, control plane not set up yet.")
+				return nil
+			}
+			return errors.Wrapf(err, "fail to stat token file: %s", apis.K3sTokenPath)
+		}
+		file, err := os.ReadFile("/var/lib/rancher/k3s/server/token")
+		if err != nil {
+			return errors.Wrapf(err, "fail to read token file: %s", apis.K3sTokenPath)
+		}
+		fmt.Println(string(file))
+		return nil
+
+	default:
+		token, err := utils.GetTokenFromCluster(ctx, args.Name)
+		if err != nil {
+			return err
+		}
+		info(token)
+	}
+	return nil
+}
+
+func installCmd(c common.Args, ioStreams cmdutil.IOStreams, args apis.InstallArgs) error {
+	ctx := &apis.Context{
+		DryRun:     args.DryRun,
+		CommonArgs: c,
+		IOStreams:  ioStreams,
+	}
+	var err error
+
+	err = args.Validate()
+	if err != nil {
+		return err
+	}
+
+	defer func() {
+		if args.DryRun {
+			return
+		}
+		err := utils.Cleanup()
+		if err != nil {
+			errf("Fail to clean up: %v\n", err)
+		}
+	}()
+
+	// Step.1 Set up K3s as control plane cluster
+	err = h.Install(args)
+	if err != nil {
+		return errors.Wrap(err, "Fail to set up cluster")
+	}
+
+	// Step.2 Deal with KUBECONFIG
+	err = h.GenKubeconfig(*ctx, args.BindIP)
+	if err != nil {
+		return errors.Wrap(err, "fail to generate kubeconfig")
+	}
+	err = h.SetKubeconfig()
+	if err != nil {
+		return errors.Wrap(err, "fail to set kubeconfig")
+	}
+
+	// Step.3 Install Vela CLI
+	err = vela.InstallVelaCLI(ctx)
+	if err != nil {
+		// not return because this is acceptable
+		errf("fail to install vela CLI: %v\n", err)
+	}
+
+	if !args.ClusterOnly {
+		// Step.4 load vela-core images
+		err = vela.LoadVelaImages(ctx)
+		if err != nil {
+			return errors.Wrap(err, "fail to load vela images")
+		}
+
+		// Step.5 save vela-core chart and velaUX addon
+		err := vela.PrepareVelaChart(ctx)
+		if err != nil {
+			return errors.Wrap(err, "fail to prepare vela chart")
+		}
+		err = vela.PrepareVelaUX(ctx)
+		if err != nil {
+			return errors.Wrap(err, "fail to prepare vela UX")
+		}
+		// Step.6 install vela-core
+		err = vela.InstallVelaChart(ctx, args)
+		if err != nil {
+			return errors.Wrap(err, "fail to install vela-core chart")
+		}
+	}
+
+	utils.PrintGuide(ctx, args)
+	return nil
+}
+
+func kubeconfigCmd(kArgs apis.KubeconfigArgs) error {
+	err := kArgs.Validate()
+	if err != nil {
+		return errors.Wrap(err, "validate kubeconfig args")
+	}
+	return cluster.PrintKubeConfig(kArgs)
+
+}
+
+func uninstallCmd(uArgs apis.UninstallArgs) error {
+	err := uArgs.Validate()
+	if err != nil {
+		return err
+	}
+	err = h.Uninstall(uArgs.Name)
+	if err != nil {
+		return errors.Wrap(err, "Failed to uninstall KubeVela control plane/worker node")
+	}
+	info("Successfully uninstall KubeVela control plane/worker node")
+	return nil
+}
+
+func statusCmd() {
+	info("Checking cluster status...")
+	status := h.GetStatus()
+	stop := PrintClusterStatus(status)
+	if stop {
+		return
+	}
+	info("Checking KubeVela status...")
+	vStatus := vela.GetStatus()
+	PrintVelaStatus(vStatus)
+}
+
+func joinCmd(args apis.JoinArgs) error {
+	if err := args.Validate(); err != nil {
+		return err
+	}
+	return h.Join(args)
+
+}
--- a/pkg/cmd/helpers.go
+++ b/pkg/cmd/helpers.go
@ -0,0 +1,116 @@
+package cmd
+
+import (
+	"runtime"
+
+	"github.com/fatih/color"
+	"github.com/oam-dev/velad/pkg/apis"
+)
+
+var (
+	red            = color.New(color.FgRed).SprintFunc()
+	green          = color.New(color.FgGreen).SprintFunc()
+	yellow         = color.New(color.FgYellow).SprintFunc()
+	k3dImageStatus = map[string]bool{}
+	x              = red("✘")
+	y              = green("✔")
+	ar             = yellow("➤")
+)
+
+// PrintClusterStatus helps print cluster status
+func PrintClusterStatus(status apis.ClusterStatus) bool {
+	switch runtime.GOOS {
+	case apis.GoosLinux:
+		return printClusterStatusK3s(status)
+	default:
+		return printClusterStatusK3d(status)
+	}
+
+}
+
+func printClusterStatusK3d(status apis.ClusterStatus) bool {
+	infoP(0, "K3d images status:")
+	if status.K3dImages.Reason != "" {
+		info(x, "K3d images:", status.K3dImages.Reason)
+		return true // k3d images not ready
+	}
+	k3dImageStatus[apis.K3dImageK3s] = status.K3dImages.K3s
+	k3dImageStatus[apis.K3dImageTools] = status.K3dImages.K3dTools
+	k3dImageStatus[apis.K3dImageProxy] = status.K3dImages.K3dProxy
+	stop := false
+	for i, imageStatus := range k3dImageStatus {
+		stop = stop || !imageStatus
+		if !imageStatus {
+			infoP(1, x, "image", i, "not ready")
+		} else {
+			infoP(1, y, "image", i, "ready")
+		}
+	}
+	if stop {
+		return stop
+	}
+	infoP(0, "Cluster(K3d) status:")
+	if status.K3d.Reason != "" {
+		info(x, "K3d:", status.K3d.Reason)
+		return true // k3d not ready
+	}
+	for _, c := range status.K3d.K3dContainer {
+		if c.Reason != "" {
+			infoP(1, x, "cluster", "["+c.Name+"]", "not ready:", c.Reason)
+			stop = true
+		} else {
+			infoP(1, y, "cluster", "["+c.Name+"]", "ready")
+			if c.VelaStatus != apis.StatusVelaDeployed {
+				infoP(2, ar, "kubevela status:", c.VelaStatus)
+			} else {
+				infoP(2, y, "kubevela status:", c.VelaStatus)
+			}
+		}
+	}
+	if stop {
+		return stop
+	}
+
+	return false
+}
+
+func printClusterStatusK3s(status apis.ClusterStatus) bool {
+	infoP(0, "K3s images status:")
+	if status.Reason != "" {
+		info(x, "Check K3s status:", status.Reason)
+	}
+	if status.K3s.K3sBinary {
+		infoP(1, y, "k3s binary:", "ready")
+	} else {
+		infoP(1, x, "k3s binary:", "not ready")
+		return true
+	}
+	if status.K3s.K3sServiceStatus != "" {
+		infoP(1, y, "k3s service status:", status.K3s.K3sServiceStatus)
+	} else {
+		infoP(1, x, "k3s service status:", "not found")
+		return true
+	}
+	return false
+}
+
+// PrintVelaStatus helps print kubevela status
+func PrintVelaStatus(status apis.VelaStatus) {
+	infoP(0, "Vela status:")
+	if status.VelaCLIInstalled {
+		infoP(1, y, "Vela CLI installed")
+		infoP(1, y, "Vela CLI path:", status.VelaCLIPath)
+	} else {
+		infoP(1, x, "Vela CLI not installed")
+	}
+	if status.VelaUXAddonDirPresent {
+		infoP(1, y, "VelaUX addon dir ready")
+		infoP(1, y, "VelaUX addon dir path:", status.VelaUXAddonDirPath)
+	} else {
+		infoP(1, x, "VelaUX addon dir not ready")
+	}
+	if status.Reason != "" {
+		info(x, "Check status err:", status.Reason)
+	}
+
+}
--- a/pkg/cmd/loadbalancer.go
+++ b/pkg/cmd/loadbalancer.go
@ -0,0 +1,112 @@
+package cmd
+
+import (
+	"os"
+	"runtime"
+
+	"github.com/pkg/errors"
+	"github.com/spf13/cobra"
+
+	"github.com/oam-dev/velad/pkg/apis"
+	lb "github.com/oam-dev/velad/pkg/loadbalancer"
+	"github.com/oam-dev/velad/pkg/utils"
+)
+
+// NewLoadBalancerCmd return loca-balancer command
+func NewLoadBalancerCmd() *cobra.Command {
+	cmd := &cobra.Command{
+		Use:   "load-balancer",
+		Short: "Configure load balancer between nodes set up by VelaD",
+		Long:  "Configure load balancer between nodes set up by VelaD",
+	}
+	cmd.AddCommand(
+		NewLBInstallCmd(),
+		NewLBUninstallCmd(),
+		NewLBWizardCmd(),
+	)
+	return cmd
+}
+
+// NewLBWizardCmd returns load-balancer wizard command
+func NewLBWizardCmd() *cobra.Command {
+	cmd := &cobra.Command{
+		Use:   "wizard",
+		Short: "Wizard for load-balancer install command",
+		Long:  "Wizard for load-balancer install command, run this on the node that you have run `velad install`. Or anywhere if you have set KUBECONFIG env",
+		RunE: func(cmd *cobra.Command, args []string) error {
+			err := utils.SetDefaultKubeConfigEnv()
+			if err != nil {
+				return errors.Wrap(err, "No KUBECONFIG env set and fail to get kubeconfig from default location, please set KUBECONFIG env")
+			}
+			return lb.Wizard()
+		},
+	}
+	return cmd
+}
+
+// NewLBInstallCmd returns load-balancer install command
+func NewLBInstallCmd() *cobra.Command {
+	var LBArgs apis.LoadBalancerArgs
+	cmd := &cobra.Command{
+		Use:   "install",
+		Short: "Setup load balancer between nodes set up by VelaD",
+		Long:  "Setup load balancer between nodes set up by VelaD",
+		PreRunE: func(cmd *cobra.Command, args []string) error {
+			if runtime.GOOS != apis.GoosLinux {
+				return errors.New("Installing load balancer is only supported on linux")
+			}
+			return nil
+		},
+
+		Run: func(cmd *cobra.Command, args []string) {
+			defer func() {
+				err := utils.Cleanup()
+				if err != nil {
+					errf("Fail to clean up: %v\n", err)
+				}
+			}()
+
+			if len(LBArgs.Hosts) == 0 {
+				errf("Must specify one host at least\n")
+				os.Exit(1)
+			}
+			err := lb.ConfigureNginx(LBArgs)
+			if err != nil {
+				errf("Fail to setup load balancer (nginx): %v\n", err)
+				os.Exit(1)
+			}
+			info("Successfully setup load balancer!")
+		},
+	}
+	cmd.Flags().StringSliceVar(&LBArgs.Hosts, "host", []string{}, "Host IPs of control plane node installed by velad, can be specified multiple or separate value by comma like: IP1,IP2")
+	cmd.Flags().StringVarP(&LBArgs.Configuration, "conf", "c", "", "(Optional) Specify the nginx configuration file place, this file will be overwrite")
+	cmd.Flags().IntVar(&LBArgs.PortHTTP, "http-port", 0, "Specify the ingress port for HTTP. See velad load-balancer get-port on master node to get the command ")
+	cmd.Flags().IntVar(&LBArgs.PortHTTPS, "https-port", 0, "Specify the ingress port for HTTPS. See velad load-balancer get-port on master node to get the command ")
+	return cmd
+}
+
+// NewLBUninstallCmd returns a cobra command for uninstalling load balancer
+func NewLBUninstallCmd() *cobra.Command {
+	cmd := &cobra.Command{
+		Use:   "uninstall",
+		Short: "Uninstall load balancer",
+		Long:  "Uninstall load balancer installed by VelaD",
+		PreRunE: func(cmd *cobra.Command, args []string) error {
+			if runtime.GOOS != apis.GoosLinux {
+				return errors.New("Uninstalling load balancer is only supported on linux")
+			}
+			return nil
+		},
+		Run: func(cmd *cobra.Command, args []string) {
+			err := lb.UninstallNginx()
+			if err != nil {
+				errf("Fail to uninstall load balancer (nginx): %v\n", err)
+			}
+			err = lb.KillNginx()
+			if err != nil {
+				errf("Fail to kill nginx process: %v\n", err)
+			}
+		},
+	}
+	return cmd
+}
--- a/pkg/command.go
+++ b/pkg/command.go
@ -1,273 +0,0 @@
-package pkg
-
-import (
-	"fmt"
-	"github.com/oam-dev/kubevela/pkg/utils/common"
-	cmdutil "github.com/oam-dev/kubevela/pkg/utils/util"
-	"github.com/oam-dev/kubevela/references/cli"
-	"github.com/oam-dev/velad/version"
-	"github.com/pkg/errors"
-	"github.com/spf13/cobra"
-	"os"
-	"os/exec"
-	"strings"
-)
-
-var (
-	cArgs                      CtrlPlaneArgs
-	kubeConfigLocation         = "/etc/rancher/k3s/k3s.yaml"
-	externalKubeConfigLocation = "/etc/rancher/k3s/k3s-external.yaml"
-)
-
-// NewVeladCommand create velad command
-func NewVeladCommand(c common.Args, ioStreams cmdutil.IOStreams) *cobra.Command {
-	cmd := &cobra.Command{
-		Use:   "velad",
-		Short: "Setup a KubeVela control plane air-gapped",
-		Long:  "Setup a KubeVela control plane air-gapped, using K3s and only for Linux now",
-	}
-	cmd.AddCommand(
-		NewInstallCmd(c, ioStreams),
-		NewKubeConfigCmd(),
-		NewTokenCmd(),
-		NewUninstallCmd(),
-		NewVersionCmd(),
-	)
-	return cmd
-}
-
-func NewTokenCmd() *cobra.Command {
-	cmd := &cobra.Command{
-		Use:   "token",
-		Short: "Print control plane token",
-		Long:  "Print control plane token, only works if control plane has been set up",
-		Run: func(cmd *cobra.Command, args []string) {
-			tokenLoc := "/var/lib/rancher/k3s/server/token"
-			_, err := os.Stat(tokenLoc)
-			if err == nil {
-				file, err := os.ReadFile("/var/lib/rancher/k3s/server/token")
-				if err != nil {
-					errf("Fail to read token file: %s: %v\n", tokenLoc, err)
-					return
-				}
-				fmt.Println(string(file))
-				return
-			}
-			info("No token found, control plane not set up yet.")
-		},
-	}
-	return cmd
-}
-
-// NewInstallCmd create install cmd
-func NewInstallCmd(c common.Args, ioStreams cmdutil.IOStreams) *cobra.Command {
-	cmd := &cobra.Command{
-		Use:   "install",
-		Short: "Quickly setup a KubeVela control plane",
-		Long:  "Quickly setup a KubeVela control plane, using K3s and only for Linux now",
-		Run: func(cmd *cobra.Command, args []string) {
-			var err error
-			//if runtime.GOOS != "linux" {
-			//	info("Launch control plane is not supported now in non-linux OS, exiting")
-			//	return
-			//}
-			defer func() {
-				err := Cleanup()
-				if err != nil {
-					errf("Fail to clean up install script: %v", err)
-				}
-			}()
-
-			// Step.1 Set up K3s as control plane cluster
-			err = SetupK3s(cArgs)
-			if err != nil {
-				errf("Fail to setup k3s: %v\n", err)
-				return
-			}
-			info("Successfully setup cluster")
-
-			// Step.2 Set KUBECONFIG
-			err = os.Setenv("KUBECONFIG", kubeConfigLocation)
-			if err != nil {
-				errf("Fail to set KUBECONFIG environment var: %v\n", err)
-				return
-			}
-
-			if !cArgs.IsStart {
-				// Step.3 load vela-core images
-				err = LoadVelaImages()
-				if err != nil {
-					errf("Fail to load vela images: %v\n", err)
-				}
-
-				// Step.4 save vela-core chart
-				chart, err := PrepareVelaChart()
-				if err != nil {
-					errf("Fail to prepare vela chart: %v\n", err)
-				}
-				// Step.5 install vela-core
-				info("Installing vela-core Helm chart...")
-				installCmd := cli.NewInstallCommand(c, "1", ioStreams)
-				installArgs := []string{"--file", chart, "--detail=false", "--version", version.VelaVersion}
-				if IfDeployByPod(cArgs.Controllers) {
-					installArgs = append(installArgs, "--set", "deployByPod=true")
-				}
-				userDefinedArgs := TransArgsToString(cArgs.InstallArgs)
-				installArgs = append(installArgs, userDefinedArgs...)
-				installCmd.SetArgs(installArgs)
-				err = installCmd.Execute()
-				if err != nil {
-					errf("Didn't install vela-core in control plane: %v. You can try \"vela install\" later\n", err)
-				}
-			}
-
-			// Step.6 Generate external kubeconfig
-			err = GenKubeconfig(cArgs.BindIP)
-			if err != nil {
-				return
-			}
-			WarnSaveToken(cArgs.Token)
-		},
-	}
-	cmd.Flags().BoolVar(&cArgs.IsStart, "start", false, "If set, start cluster without installing vela-core, typically used when restart a control plane where vela-core has been installed")
-	cmd.Flags().StringVar(&cArgs.DBEndpoint, "database-endpoint", "", "Use an external database to store control plane metadata, please ref https://rancher.com/docs/k3s/latest/en/installation/datastore/#datastore-endpoint-format-and-functionality for the format")
-	cmd.Flags().StringVar(&cArgs.BindIP, "bind-ip", "", "Bind additional hostname or IP in the kubeconfig TLS cert")
-	cmd.Flags().StringVar(&cArgs.Token, "token", "", "Token for identify the cluster. Can be used to restart the control plane or register other node. If not set, random token will be generated")
-	cmd.Flags().StringVar(&cArgs.Controllers, "controllers", "*", "A list of controllers to enable, check \"--controllers\" argument for more spec in https://kubernetes.io/docs/reference/command-line-tools-reference/kube-controller-manager/")
-
-	// inherit args from `vela install`
-	cmd.Flags().StringArrayVarP(&cArgs.InstallArgs.Values, "set", "", []string{}, "set values on the command line (can specify multiple or separate values with commas: key1=val1,key2=val2)")
-	cmd.Flags().StringVarP(&cArgs.InstallArgs.Namespace, "namespace", "n", "vela-system", "namespace scope for installing KubeVela Core")
-	cmd.Flags().BoolVarP(&cArgs.InstallArgs.Detail, "detail", "d", true, "show detail log of installation")
-	cmd.Flags().BoolVarP(&cArgs.InstallArgs.ReuseValues, "reuse", "r", true, "will re-use the user's last supplied values.")
-
-	return cmd
-}
-
-// GenKubeconfig will generate kubeconfig for remote access.
-// This won't modify the origin kubeconfig generated by k3s
-func GenKubeconfig(bindIP string) error {
-	var err error
-	if bindIP != "" {
-		info("Generating kubeconfig for remote access into ", externalKubeConfigLocation)
-		originConf, err := os.ReadFile(kubeConfigLocation)
-		if err != nil {
-			return err
-		}
-		newConf := strings.Replace(string(originConf), "127.0.0.1", bindIP, 1)
-		err = os.WriteFile(externalKubeConfigLocation, []byte(newConf), 600)
-	}
-	internalFlag := ""
-	if bindIP == "" {
-		internalFlag = " --internal"
-	}
-	info("Successfully set up KubeVela control plane, run: export KUBECONFIG=$(velad kubeconfig" + internalFlag + ") to access it")
-	return err
-}
-
-// SetupK3s will set up K3s as control plane.
-
-func SetupK3s(cArgs CtrlPlaneArgs) error {
-	info("Preparing cluster setup script...")
-	script, err := PrepareK3sScript()
-	if err != nil {
-		return errors.Wrap(err, "fail to prepare k3s setup script")
-	}
-
-	info("Preparing k3s binary...")
-	err = PrepareK3sBin()
-	if err != nil {
-		return errors.Wrap(err, "Fail to prepare k3s binary")
-	}
-
-	info("Preparing k3s images")
-	err = PrepareK3sImages()
-	if err != nil {
-		return errors.Wrap(err, "Fail to prepare k3s images")
-	}
-
-	info("Setting up cluster...")
-	args := []string{script}
-	other := composeArgs(cArgs)
-	args = append(args, other...)
-	/* #nosec */
-	cmd := exec.Command("/bin/bash", args...)
-
-	cmd.Env = os.Environ()
-	cmd.Env = append(cmd.Env, "INSTALL_K3S_SKIP_DOWNLOAD=true")
-	output, err := cmd.CombinedOutput()
-	fmt.Print(string(output))
-	return errors.Wrap(err, "K3s install script failed")
-}
-
-// composeArgs convert args from command to ones passed to k3s install script
-func composeArgs(args CtrlPlaneArgs) []string {
-	var shellArgs []string
-	if args.DBEndpoint != "" {
-		shellArgs = append(shellArgs, "--datastore-endpoint="+args.DBEndpoint)
-	}
-	if args.BindIP != "" {
-		shellArgs = append(shellArgs, "--tls-san="+args.BindIP)
-	}
-	if args.Token != "" {
-		shellArgs = append(shellArgs, "--token="+args.Token)
-	}
-	if args.Controllers != "*" {
-		shellArgs = append(shellArgs, "--kube-controller-manager-arg=controllers="+args.Controllers)
-		// TODO : deal with coredns/local-path-provisioner/metrics-server Deployment when no deployment controllers
-		if !HaveController(args.Controllers, "job") {
-			// Traefik use Job to install, which is impossible without Job Controller
-			shellArgs = append(shellArgs, "--disable", "traefik")
-		}
-	}
-	return shellArgs
-}
-
-// NewKubeConfigCmd create kubeconfig command for ctrl-plane
-func NewKubeConfigCmd() *cobra.Command {
-	var internal bool
-	cmd := &cobra.Command{
-		Use:   "kubeconfig",
-		Short: "print kubeconfig to access control plane",
-		Run: func(cmd *cobra.Command, args []string) {
-			configP := externalKubeConfigLocation
-			if internal {
-				configP = kubeConfigLocation
-			}
-			_, err := os.Stat(configP)
-			if err != nil {
-				return
-			}
-			fmt.Println(configP)
-		},
-	}
-	cmd.Flags().BoolVar(&internal, "internal", false, "If set, the kubeconfig printed can be only used in this machine")
-	return cmd
-}
-
-// NewUninstallCmd create uninstall command
-func NewUninstallCmd() *cobra.Command {
-	cmd := &cobra.Command{
-		Use:   "uninstall",
-		Short: "uninstall control plane",
-		RunE: func(cmd *cobra.Command, args []string) error {
-			// #nosec
-			uninstallCmd := exec.Command("/usr/local/bin/k3s-uninstall.sh")
-			return uninstallCmd.Run()
-		},
-	}
-	return cmd
-}
-
-func NewVersionCmd() *cobra.Command {
-	cmd := &cobra.Command{
-		Use:   "version",
-		Short: "Prints velad build version information",
-		Long:  "Prints velad build version information.",
-		Run: func(cmd *cobra.Command, args []string) {
-			fmt.Printf("Core Version: %s", version.VelaVersion)
-		},
-	}
-	return cmd
-
-}
--- a/pkg/loadbalancer/loadbalancer.go
+++ b/pkg/loadbalancer/loadbalancer.go
@ -0,0 +1,289 @@
+package loadbalancer
+
+import (
+	"fmt"
+	"os"
+	"os/exec"
+	"os/user"
+	"regexp"
+	"runtime"
+	"strings"
+	"time"
+
+	"github.com/pkg/errors"
+	g "github.com/tufanbarisyildirim/gonginx"
+
+	"github.com/oam-dev/velad/pkg/apis"
+	"github.com/oam-dev/velad/pkg/resources"
+	"github.com/oam-dev/velad/pkg/utils"
+)
+
+var (
+	errf = utils.Errf
+	info = utils.Info
+)
+
+// ConfigureNginx set nginx config file
+func ConfigureNginx(args apis.LoadBalancerArgs) error {
+	var err error
+	err = checkLBCondition()
+	if err != nil {
+		return err
+	}
+	err = installNginx()
+	if err != nil {
+		return err
+	}
+	confLocation, err := setNginxConf(args)
+	if err != nil {
+		return err
+	}
+	return startNginx(confLocation)
+}
+
+// UninstallNginx uninstall nginx using package manager
+func UninstallNginx() error {
+	file, err := resources.Nginx.Open("static/nginx/remove_nginx.sh")
+	if err != nil {
+		return err
+	}
+	scriptName, err := utils.SaveToTemp(file, "install_nginx-*.sh")
+	if err != nil {
+		return err
+	}
+	// #nosec
+	cmd := exec.Command("/bin/bash", scriptName)
+	output, err := cmd.CombinedOutput()
+	utils.InfoBytes(output)
+	if err != nil {
+		return err
+	}
+	return nil
+}
+
+func installNginx() error {
+	file, err := resources.Nginx.Open("static/nginx/install_nginx.sh")
+	if err != nil {
+		return err
+	}
+	scriptName, err := utils.SaveToTemp(file, "install_nginx-*.sh")
+	if err != nil {
+		return err
+	}
+	// #nosec
+	cmd := exec.Command("/bin/bash", scriptName)
+	output, err := cmd.CombinedOutput()
+	utils.InfoBytes(output)
+	return err
+}
+
+func setNginxConf(args apis.LoadBalancerArgs) (string, error) {
+	var conf strings.Builder
+	clause, err := getNginxStreamModClause()
+	if err != nil {
+		return "", err
+	}
+	conf.WriteString(clause)
+	other := getOther(args)
+	conf.WriteString(other)
+	loc, err := writeNginxConf(conf.String(), args.Configuration)
+	if err != nil {
+		return "", errors.Wrap(err, "write nginx conf")
+	}
+	return loc, nil
+}
+
+func startNginx(conf string) error {
+	info("Starting/Restarting nginx")
+	cmd := exec.Command("pkill", "-9", "nginx")
+	// pkill will return error if nginx is not running, so we ignore it
+	output, _ := cmd.CombinedOutput()
+	utils.InfoBytes(output)
+	// wait for nginx to stop
+	time.Sleep(1 * time.Second)
+	// #nosec
+	reloadCmd := exec.Command("nginx", "-c", conf)
+	output, err := reloadCmd.CombinedOutput()
+	utils.InfoBytes(output)
+	return errors.Wrap(err, "fail to start nginx")
+}
+
+func writeNginxConf(conf string, confLocation string) (string, error) {
+	var err error
+	loc := confLocation
+	if loc == "" {
+		loc, err = getNginxDefaultConfLoc()
+		if err != nil {
+			return "", errors.Wrap(err, "locate default config fail, please try specify with -c")
+		}
+	}
+	// #nosec
+	confFile, err := os.OpenFile(loc, os.O_RDWR|os.O_CREATE|os.O_TRUNC, 0644)
+	if err != nil {
+		return "", errors.Wrap(err, "open conf file")
+	}
+	_, err = confFile.WriteString(conf)
+	if err != nil {
+		return "", err
+	}
+	return loc, nil
+}
+
+func getNginxStreamModClause() (string, error) {
+	var modLoc string
+	for _, loc := range []string{
+		"/usr/lib/nginx/modules/ngx_stream_module.so",
+		"/usr/lib64/nginx/modules/ngx_stream_module.so",
+	} {
+		if _, err := os.Stat(loc); err == nil {
+			modLoc = loc
+			break
+		}
+	}
+	if modLoc != "" {
+		return fmt.Sprintf("load_module %s;\n", modLoc), nil
+	}
+	return "", errors.New("Nginx stream mod lib not found")
+}
+
+func getOther(args apis.LoadBalancerArgs) string {
+	hosts := args.Hosts
+	type streamPort struct {
+		from int
+		to   int
+	}
+	streamBlockMap := map[string]streamPort{
+		"rancher_servers_k3s": {from: 6443, to: 6443},
+	}
+	if args.PortHTTP != 0 {
+		streamBlockMap["ingress_http"] = streamPort{from: args.PortHTTP, to: 80}
+	}
+	if args.PortHTTPS != 0 {
+		streamBlockMap["ingress_https"] = streamPort{from: args.PortHTTPS, to: 443}
+	}
+	streamBlock := g.Block{
+		Directives: []g.IDirective{},
+	}
+	serversDis := func(port streamPort) []g.IDirective {
+		ds := make([]g.IDirective, 0)
+		for _, h := range hosts {
+			ds = append(ds, &g.Directive{
+				Name:       "server",
+				Parameters: []string{fmt.Sprintf("%s:%d", h, port.from)},
+			})
+		}
+		return ds
+	}
+	for name, port := range streamBlockMap {
+		sds := serversDis(port)
+		upstreamBlock := &g.Directive{
+			Name: "upstream",
+			Block: &g.Block{
+				Directives: func() []g.IDirective {
+					return append(sds, &g.Directive{
+						Name: "least_conn",
+					})
+				}(),
+			},
+			Parameters: []string{name},
+		}
+		serverBlock := &g.Directive{
+			Name: "server",
+			Block: &g.Block{
+				Directives: []g.IDirective{
+					&g.Directive{
+						Name:       "listen",
+						Parameters: []string{fmt.Sprintf("%d", port.to)},
+					},
+					&g.Directive{
+						Name:       "proxy_pass",
+						Parameters: []string{name},
+					},
+				},
+			},
+		}
+		streamBlock.Directives = append(streamBlock.Directives, upstreamBlock, serverBlock)
+	}
+
+	block := g.Block{
+		Directives: []g.IDirective{
+			&g.Directive{
+				Name:       "user",
+				Parameters: []string{"nginx"},
+			},
+			&g.Directive{
+				Name:       "worker_processes",
+				Parameters: []string{"auto"},
+			},
+			&g.Directive{
+				Name:       "error_log",
+				Parameters: []string{"/var/log/nginx/error.log"},
+			},
+			&g.Directive{
+				Name:       "pid",
+				Parameters: []string{"/run/nginx.pid"},
+			},
+			&g.Directive{
+				Name: "events",
+				Block: &g.Block{
+					Directives: []g.IDirective{
+						&g.Directive{
+							Name:       "worker_connections",
+							Parameters: []string{"1024"},
+						},
+					},
+				},
+			},
+			&g.Directive{
+				Name:  "stream",
+				Block: &streamBlock,
+			},
+		},
+	}
+	cfg := g.Config{
+		Block:    &block,
+		FilePath: "-",
+	}
+	return g.DumpConfig(&cfg, &g.Style{Indent: 2})
+}
+
+func getNginxDefaultConfLoc() (string, error) {
+	cmd := exec.Command("nginx", "-t")
+	output, err := cmd.CombinedOutput()
+	if err != nil {
+		return "", errors.Wrap(err, "run `nginx -t`")
+	}
+	// get default configuration file place
+	r := regexp.MustCompile("/.*/nginx.conf")
+	matchString := r.FindStringSubmatch(string(output))
+	if len(matchString) != 0 {
+		return matchString[0], nil
+	}
+	return "", errors.New("default nginx conf not found")
+}
+
+func checkLBCondition() error {
+	info("Checking system...")
+	if runtime.GOOS != apis.GoosLinux {
+		errf("Linux is required for Launching load balancer\n")
+		return errors.New("not linux")
+	}
+	info("Checking user...")
+	current, err := user.Current()
+	if err != nil {
+		return err
+	}
+	if current.Uid != "0" {
+		info("root user is required for launching load balancer")
+		return errors.New("not root")
+	}
+	return nil
+}
+
+// KillNginx kills nginx process
+func KillNginx() error {
+	kill := exec.Command("pkill", "-9", "nginx")
+	output, err := kill.CombinedOutput()
+	utils.InfoBytes(output)
+	return err
+}
--- a/pkg/loadbalancer/port.go
+++ b/pkg/loadbalancer/port.go
@ -0,0 +1,51 @@
+package loadbalancer
+
+import (
+	"context"
+	"strings"
+
+	v1 "k8s.io/api/core/v1"
+	"sigs.k8s.io/controller-runtime/pkg/client"
+
+	"github.com/oam-dev/velad/pkg/utils"
+)
+
+// Wizard for load balancer installation
+func Wizard() error {
+	cli, err := utils.GetClient()
+	if err != nil {
+		return err
+	}
+	svc := v1.Service{}
+	err = cli.Get(context.Background(), client.ObjectKey{
+		Namespace: "kube-system",
+		Name:      "traefik",
+	}, &svc)
+	if err != nil {
+		return err
+	}
+	portHTTP := 0
+	portHTTPS := 0
+	for _, port := range svc.Spec.Ports {
+		switch port.Port {
+		case 80:
+			portHTTP = int(port.NodePort)
+		case 443:
+			portHTTPS = int(port.NodePort)
+		}
+	}
+	if portHTTP == 0 {
+		utils.Errf("http port is not found\n")
+	}
+	if portHTTPS == 0 {
+		utils.Errf("https port is not found\n")
+	}
+	hosts := []string{}
+	for _, i := range svc.Status.LoadBalancer.Ingress {
+		// todo(chivalryq) support hostname
+		hosts = append(hosts, i.IP)
+	}
+	utils.Infof("To setup load-balancer, run the following command on node acts as load-balancer:\n")
+	utils.Infof("  velad load-balancer install --http-port %d --https-port %d --host=%s\n", portHTTP, portHTTPS, strings.Join(hosts, ","))
+	return nil
+}
--- a/pkg/prepare.go
+++ b/pkg/prepare.go
@ -1,150 +0,0 @@
-package pkg
-
-import (
-	"embed"
-	"fmt"
-	"io"
-	"os"
-	"os/exec"
-	"path"
-	"strings"
-)
-
-var (
-	k3sBinaryLocation = "/usr/local/bin/k3s"
-	k3sImageDir       = "/var/lib/rancher/k3s/agent/images/"
-	k3sImageLocation  = "/var/lib/rancher/k3s/agent/images/k3s-airgap-images-amd64.tar.gz"
-
-	info func(a ...interface{})
-	errf func(format string, a ...interface{})
-)
-
-var (
-	//go:embed static/k3s
-	K3sDirectory embed.FS
-
-	//go:embed static/vela/images
-	VelaImages embed.FS
-	//go:embed static/vela/charts
-	VelaChart embed.FS
-)
-
-func init() {
-	info = func(a ...interface{}) {
-		fmt.Println(a...)
-	}
-	errf = func(format string, a ...interface{}) {
-		fmt.Printf(format, a...)
-	}
-}
-
-func PrepareVelaChart() (string, error) {
-	charts, err := VelaChart.Open("static/vela/charts/vela-core.tgz")
-	if err != nil {
-		return "", err
-	}
-	chartFile, err := SaveToTemp(charts, "vela-core-*.tgz")
-	if err != nil {
-		return "", err
-	}
-	// open the tar to /var/charts/vela-core
-	untar := exec.Command("tar", "-xzf", chartFile, "-C", "/var")
-	err = untar.Run()
-	if err != nil {
-		return "", err
-	}
-	return "/var/charts/vela-core", nil
-}
-
-func LoadVelaImages() error {
-	dir, err := VelaImages.ReadDir("static/vela/images")
-	if err != nil {
-		return err
-	}
-	for _, entry := range dir {
-		file, err := VelaImages.Open(path.Join("static/vela/images", entry.Name()))
-		if err != nil {
-			return err
-		}
-		name := strings.Split(entry.Name(), ".")[0]
-		imageTar, err := SaveToTemp(file, "vela-image-"+name+"-*.tar")
-		if err != nil {
-			return err
-		}
-		importCmd := exec.Command("k3s", "ctr", "images", "import", imageTar)
-		output, err := importCmd.CombinedOutput()
-		fmt.Print(string(output))
-		if err != nil {
-			return err
-		}
-		fmt.Println("Successfully load image: ", imageTar)
-	}
-	return nil
-}
-
-// PrepareK3sImages Write embed images
-func PrepareK3sImages() error {
-	embedK3sImage, err := K3sDirectory.Open("static/k3s/k3s-airgap-images-amd64.tar.gz")
-	if err != nil {
-		return err
-	}
-	defer CloseQuietly(embedK3sImage)
-	err = os.MkdirAll(k3sImageDir, 600)
-	if err != nil {
-		return err
-	}
-	/* #nosec */
-	bin, err := os.OpenFile(k3sImageLocation, os.O_CREATE|os.O_WRONLY, 0700)
-	if err != nil {
-		return err
-	}
-	defer CloseQuietly(bin)
-	_, err = io.Copy(bin, embedK3sImage)
-	if err != nil {
-		return err
-	}
-	unGzipCmd := exec.Command("gzip", "-f", "-d", k3sImageLocation)
-	output, err := unGzipCmd.CombinedOutput()
-	fmt.Print(string(output))
-	if err != nil {
-		return err
-	}
-	info("Successfully prepare k3s image")
-	return nil
-}
-
-// PrepareK3sScript Write k3s install script to local
-func PrepareK3sScript() (string, error) {
-	embedScript, err := K3sDirectory.Open("static/k3s/setup.sh")
-	if err != nil {
-		return "", err
-	}
-	scriptName, err := SaveToTemp(embedScript, "k3s-setup-*.sh")
-	if err != nil {
-		return "", err
-	}
-	return scriptName, nil
-}
-
-// PrepareK3sBin prepare k3s bin
-func PrepareK3sBin() error {
-	embedK3sBinary, err := K3sDirectory.Open("static/k3s/k3s")
-	if err != nil {
-		return err
-	}
-	defer CloseQuietly(embedK3sBinary)
-	/* #nosec */
-	bin, err := os.OpenFile(k3sBinaryLocation, os.O_CREATE|os.O_WRONLY, 0700)
-	if err != nil {
-		return err
-	}
-	defer CloseQuietly(bin)
-	_, err = io.Copy(bin, embedK3sBinary)
-	if err != nil {
-		return err
-	}
-	info("Successfully place k3s binary to " + k3sBinaryLocation)
-	return nil
-}
-
-
--- a/pkg/resources/common.go
+++ b/pkg/resources/common.go
@ -0,0 +1,35 @@
+package resources
+
+import (
+	"embed"
+)
+
+var (
+	// K3sBinaryLocation is where to save k3s binary
+	K3sBinaryLocation = "/usr/local/bin/k3s"
+	// K3sImageDir is the directory to save the k3s air-gap image
+	K3sImageDir = "/var/lib/rancher/k3s/agent/images/"
+	// K3sImageLocation is where to save k3s air-gap images
+	K3sImageLocation = "/var/lib/rancher/k3s/agent/images/k3s-airgap-images.tar.gz"
+)
+
+var (
+	//go:embed static/k3s/images
+	// K3sImage see static/k3s/images
+	K3sImage embed.FS
+
+	//go:embed static/vela/images
+	// VelaImages see static/vela/images
+	VelaImages embed.FS
+	//go:embed static/vela/charts
+	// VelaChart see static/vela/charts
+	VelaChart embed.FS
+
+	//go:embed static/nginx
+	// Nginx see static/nginx/
+	Nginx embed.FS
+
+	//go:embed static/vela/addons
+	// VelaAddons see static/vela/addons/
+	VelaAddons embed.FS
+)
--- a/pkg/resources/k3d.go
+++ b/pkg/resources/k3d.go
@ -0,0 +1,13 @@
+//go:build !linux
+
+package resources
+
+import (
+	"embed"
+)
+
+var (
+	//go:embed static/k3d/images
+	// K3dImage see static/k3d/images for more information
+	K3dImage embed.FS
+)
--- a/pkg/resources/linux.go
+++ b/pkg/resources/linux.go
@ -0,0 +1,13 @@
+//go:build linux
+
+package resources
+
+import (
+	"embed"
+)
+
+var (
+	//go:embed static/k3s/other
+	// K3sDirectory is the directory containing the k3s binary and install script
+	K3sDirectory embed.FS
+)
--- a/pkg/resources/static/nginx/install_nginx.sh
+++ b/pkg/resources/static/nginx/install_nginx.sh
@ -0,0 +1,50 @@
+#!/bin/bash
+
+PRINT="echo -e"
+RED="\033[31m"
+GREEN="\033[32m"
+CNone="\033[0m"
+
+$PRINT "checking usable package manager..."
+
+if command -v yum >/dev/null; then
+  PKGM="yum"
+elif command -v apt-get >/dev/null; then
+  PKGM="apt-get"
+  $PKGM update -y
+else
+  echo "No support package manager was found"
+  exit 1
+fi
+$PRINT "${GREEN}package manager found: ${PKGM}${CNone}"
+
+$PRINT "Installing nginx by${PKGM}..."
+$PKGM install -y nginx
+ret=$?
+if [ $ret -ne 0 ]; then
+  $PRINT "${RED}Fail to install nginx${CNone}"
+else
+  $PRINT "${GREEN}Successfully install nginx${CNone}"
+fi
+
+STEAM_MOD="nginx-mod-stream"
+if [ $PKGM = "apt-get" ]; then
+  STEAM_MOD="libnginx-mod-stream"
+fi
+
+$PRINT "Installing nginx stream modules by ${PKGM}..."
+$PKGM install -y $STEAM_MOD
+ret=$?
+if [ $ret -ne 0 ]; then
+  $PRINT "${RED}Fail to install nginx stream mod${CNone}"
+else
+  $PRINT "${GREEN}Successfully install nginx stream mod${CNone}"
+fi
+
+$PRINT "Configuring nginx user..."
+if id "nginx" &>/dev/null; then
+  echo 'user nginx found'
+else
+  echo 'user nginx not found, creating...'
+  useradd nginx
+fi
--- a/pkg/resources/static/nginx/remove_nginx.sh
+++ b/pkg/resources/static/nginx/remove_nginx.sh
@ -0,0 +1,27 @@
+#!/bin/bash
+
+PRINT="echo -e"
+RED="\033[31m"
+GREEN="\033[32m"
+CNone="\033[0m"
+
+$PRINT "checking usable package manager"
+
+if command -v yum >/dev/null; then
+  PKGM="yum"
+elif command -v apt-get >/dev/null; then
+  PKGM="apt-get"
+else
+  echo "No support package manager was found"
+  exit 1
+fi
+$PRINT "${GREEN}package manager found: ${PKGM}${CNone}"
+
+$PRINT "Removing nginx by ${PKGM}..."
+$PKGM remove -y nginx
+ret=$?
+if [ $ret -ne 0 ]; then
+  $PRINT "${RED}Fail to remove nginx${CNone}"
+else
+  $PRINT "${GREEN}Successfully remove nginx${CNone}"
+fi
--- a/pkg/static/vela/charts/vela-core/.helmignore
+++ b/pkg/static/vela/charts/vela-core/.helmignore
@ -1,23 +0,0 @@
-# Patterns to ignore when building packages.
-# This supports shell glob matching, relative path matching, and
-# negation (prefixed with !). Only one pattern per line.
-.DS_Store
-# Common VCS dirs
-.git/
-.gitignore
-.bzr/
-.bzrignore
-.hg/
-.hgignore
-.svn/
-# Common backup files
-*.swp
-*.bak
-*.tmp
-*.orig
-*~
-# Various IDEs
-.project
-.idea/
-*.tmproj
-.vscode/
--- a/pkg/static/vela/charts/vela-core/Chart.yaml
+++ b/pkg/static/vela/charts/vela-core/Chart.yaml
@ -1,24 +0,0 @@
-apiVersion: v2
-name: vela-core
-description: A Helm chart for KubeVela core
-
-# A chart can be either an 'application' or a 'library' chart.
-#
-# Application charts are a collection of templates that can be packaged into versioned archives
-# to be deployed.
-#
-# Library charts provide useful utilities or functions for the chart developer. They're included as
-# a dependency of application charts to inject those utilities and functions into the rendering
-# pipeline. Library charts do not define any templates and therefore cannot be deployed.
-type: application
-
-# This is the chart version. This version number should be incremented each time you make changes
-# to the chart and its templates, including the app version.
-version: 0.1.0
-
-# This is the version number of the application being deployed. This version number should be
-# incremented each time you make changes to the application.
-appVersion: 0.1.0
-
-home: https://kubevela.io
-icon: https://kubevela.io/img/logo.svg
--- a/pkg/static/vela/charts/vela-core/README.md
+++ b/pkg/static/vela/charts/vela-core/README.md
@ -1,163 +0,0 @@
-<div style="text-align: center">
-  <p align="center">
-    <img src="https://raw.githubusercontent.com/oam-dev/kubevela.io/main/docs/resources/KubeVela-03.png">
-    <br><br>
-    <i>Make shipping applications more enjoyable.</i>
-  </p>
-</div>
-
-![Build status](https://github.com/oam-dev/kubevela/workflows/E2E/badge.svg)
-[![Go Report Card](https://goreportcard.com/badge/github.com/oam-dev/kubevela)](https://goreportcard.com/report/github.com/oam-dev/kubevela)
-![Docker Pulls](https://img.shields.io/docker/pulls/oamdev/vela-core)
-[![codecov](https://codecov.io/gh/oam-dev/kubevela/branch/master/graph/badge.svg)](https://codecov.io/gh/oam-dev/kubevela)
-[![LICENSE](https://img.shields.io/github/license/oam-dev/kubevela.svg?style=flat-square)](/LICENSE)
-[![Releases](https://img.shields.io/github/release/oam-dev/kubevela/all.svg?style=flat-square)](https://github.com/oam-dev/kubevela/releases)
-[![TODOs](https://img.shields.io/endpoint?url=https://api.tickgit.com/badge?repo=github.com/oam-dev/kubevela)](https://www.tickgit.com/browse?repo=github.com/oam-dev/kubevela)
-[![Twitter](https://img.shields.io/twitter/url?style=social&url=https%3A%2F%2Ftwitter.com%2Foam_dev)](https://twitter.com/oam_dev)
-[![Artifact HUB](https://img.shields.io/endpoint?url=https://artifacthub.io/badge/repository/kubevela)](https://artifacthub.io/packages/search?repo=kubevela)
-[![CII Best Practices](https://bestpractices.coreinfrastructure.org/projects/4602/badge)](https://bestpractices.coreinfrastructure.org/projects/4602)
-
-# KubeVela helm chart
-
-KubeVela is a modern application platform that makes it easier and faster to deliver and manage applications across hybrid,
-multi-cloud environments. At the mean time, it is highly extensible and programmable, which can adapt to your needs as they grow.
-
-## TL;DR
-
-```bash
-helm repo add kubevela https://charts.kubevela.net/core
-helm repo update
-helm install --create-namespace -n vela-system kubevela kubevela/vela-core --wait
-```
-
-## Prerequisites
-
- Kubernetes >= v1.19 && < v1.22
-  
-## Parameters
-
-### KubeVela core parameters
-
-| Name                          | Description                                                                                   | Value     |
-| ----------------------------- | --------------------------------------------------------------------------------------------- | --------- |
-| `systemDefinitionNamespace`   | System definition namespace, if unspecified, will use built-in variable `.Release.Namespace`. | `nil`     |
-| `applicationRevisionLimit`    | Application revision limit                                                                    | `10`      |
-| `definitionRevisionLimit`     | Definition revision limit                                                                     | `20`      |
-| `concurrentReconciles`        | concurrentReconciles is the concurrent reconcile number of the controller                     | `4`       |
-| `controllerArgs.reSyncPeriod` | The period for resync the applications                                                        | `5m`      |
-| `OAMSpecVer`                  | OAMSpecVer is the oam spec version controller want to setup                                   | `v0.3`    |
-| `disableCaps`                 | Disable capability                                                                            | `rollout` |
-| `enableFluxcdAddon`           | Whether to enable fluxcd addon                                                                | `false`   |
-| `dependCheckWait`             | dependCheckWait is the time to wait for ApplicationConfiguration's dependent-resource ready   | `30s`     |
-
-
-### KubeVela workflow parameters
-
-| Name                                   | Description                                            | Value |
-| -------------------------------------- | ------------------------------------------------------ | ----- |
-| `workflow.backoff.maxTime.waitState`   | The max backoff time of workflow in a wait condition   | `60`  |
-| `workflow.backoff.maxTime.failedState` | The max backoff time of workflow in a failed condition | `300` |
-| `workflow.step.errorRetryTimes`        | The max retry times of a failed workflow step          | `10`  |
-
-
-### KubeVela controller parameters
-
-| Name                        | Description                          | Value              |
-| --------------------------- | ------------------------------------ | ------------------ |
-| `replicaCount`              | KubeVela controller replica count    | `1`                |
-| `imageRegistry`             | Image registry                       | `""`               |
-| `image.repository`          | Image repository                     | `oamdev/vela-core` |
-| `image.tag`                 | Image tag                            | `latest`           |
-| `image.pullPolicy`          | Image pull policy                    | `Always`           |
-| `resources.limits.cpu`      | KubeVela controller's cpu limit      | `500m`             |
-| `resources.limits.memory`   | KubeVela controller's memory limit   | `1Gi`              |
-| `resources.requests.cpu`    | KubeVela controller's cpu request    | `50m`              |
-| `resources.requests.memory` | KubeVela controller's memory request | `20Mi`             |
-| `webhookService.type`       | KubeVela webhook service type        | `ClusterIP`        |
-| `webhookService.port`       | KubeVela webhook service port        | `9443`             |
-| `healthCheck.port`          | KubeVela health check port           | `9440`             |
-
-
-### MultiCluster parameters
-
-| Name                                                  | Description                      | Value                            |
-| ----------------------------------------------------- | -------------------------------- | -------------------------------- |
-| `multicluster.enabled`                                | Whether to enable multi-cluster  | `true`                           |
-| `multicluster.clusterGateway.replicaCount`            | ClusterGateway replica count     | `1`                              |
-| `multicluster.clusterGateway.port`                    | ClusterGateway port              | `9443`                           |
-| `multicluster.clusterGateway.image.repository`        | ClusterGateway image repository  | `oamdev/cluster-gateway`         |
-| `multicluster.clusterGateway.image.tag`               | ClusterGateway image tag         | `v1.1.7`                         |
-| `multicluster.clusterGateway.image.pullPolicy`        | ClusterGateway image pull policy | `IfNotPresent`                   |
-| `multicluster.clusterGateway.resources.limits.cpu`    | ClusterGateway cpu limit         | `100m`                           |
-| `multicluster.clusterGateway.resources.limits.memory` | ClusterGateway memory limit      | `200Mi`                          |
-| `multicluster.clusterGateway.secureTLS.enabled`       | Whether to enable secure TLS     | `true`                           |
-| `multicluster.clusterGateway.secureTLS.certPath`      | Path to the certificate file     | `/etc/k8s-cluster-gateway-certs` |
-
-
-### Test parameters
-
-| Name                  | Description         | Value                |
-| --------------------- | ------------------- | -------------------- |
-| `test.app.repository` | Test app repository | `oamdev/hello-world` |
-| `test.app.tag`        | Test app tag        | `v1`                 |
-| `test.k8s.repository` | Test k8s repository | `oamdev/alpine-k8s`  |
-| `test.k8s.tag`        | Test k8s tag        | `1.18.2`             |
-
-
-### Common parameters
-
-| Name                         | Description                                                                                                                | Value   |
-| ---------------------------- | -------------------------------------------------------------------------------------------------------------------------- | ------- |
-| `imagePullSecrets`           | Image pull secrets                                                                                                         | `[]`    |
-| `nameOverride`               | Override name                                                                                                              | `""`    |
-| `fullnameOverride`           | Fullname override                                                                                                          | `""`    |
-| `serviceAccount.create`      | Specifies whether a service account should be created                                                                      | `true`  |
-| `serviceAccount.annotations` | Annotations to add to the service account                                                                                  | `{}`    |
-| `serviceAccount.name`        | The name of the service account to use. If not set and create is true, a name is generated using the fullname template     | `nil`   |
-| `nodeSelector`               | Node selector                                                                                                              | `{}`    |
-| `tolerations`                | Tolerations                                                                                                                | `[]`    |
-| `affinity`                   | Affinity                                                                                                                   | `{}`    |
-| `rbac.create`                | Specifies whether a RBAC role should be created                                                                            | `true`  |
-| `logDebug`                   | Enable debug logs for development purpose                                                                                  | `false` |
-| `logFilePath`                | If non-empty, write log files in this path                                                                                 | `""`    |
-| `logFileMaxSize`             | Defines the maximum size a log file can grow to. Unit is megabytes. If the value is 0, the maximum file size is unlimited. | `1024`  |
-| `kubeClient.qps`             | The qps for reconcile clients, default is 50                                                                               | `50`    |
-| `kubeClient.burst`           | The burst for reconcile clients, default is 100                                                                            | `100`   |
-| `deployByPod`                | Use pod instead of Deployment to deploy vela-core                                                                          | `false` |
-
-
-## Uninstalling the Chart
-
-To uninstall/delete the KubeVela helm release
-
-```shell
-$ helm uninstall -n vela-system kubevela
-```
-
-The command removes all the Kubernetes components associated with kubevela and deletes the release.
-
-**Notice**: If you enable fluxcd addon  when install the chart by set `enableFluxcdAddon=true` .Uninstall wouldn't disable the fluxcd addon ,and it will be kept in the cluster.Please guarantee there is no application in cluster use this addon and disable it firstly before uninstall the helm chart. 
-You can use this script to disable all addons.
-```shell
-#! /bin/sh
-addon=$(vela addon list|grep enabled|awk {'print $1'})
-
-fluxcd=false
-for var in ${addon[*]}
-do
-  if [ $var == "fluxcd" ]; then
-      fluxcd=true
-      continue
-      else
-        vela addon disable $var
-  fi
-done
-if [ $fluxcd ]; then
-    vela addon disable fluxcd
-fi
-```
-
-
-
-
-
--- a/pkg/static/vela/charts/vela-core/crds/core.oam.dev_applicationrevisions.yaml
+++ b/pkg/static/vela/charts/vela-core/crds/core.oam.dev_applicationrevisions.yaml
--- a/pkg/static/vela/charts/vela-core/crds/core.oam.dev_applications.yaml
+++ b/pkg/static/vela/charts/vela-core/crds/core.oam.dev_applications.yaml
--- a/pkg/static/vela/charts/vela-core/crds/core.oam.dev_componentdefinitions.yaml
+++ b/pkg/static/vela/charts/vela-core/crds/core.oam.dev_componentdefinitions.yaml
@ -1,653 +0,0 @@
-
---
-apiVersion: apiextensions.k8s.io/v1
-kind: CustomResourceDefinition
-metadata:
-  annotations:
-    controller-gen.kubebuilder.io/version: v0.6.2
-  name: componentdefinitions.core.oam.dev
-spec:
-  group: core.oam.dev
-  names:
-    categories:
-    - oam
-    kind: ComponentDefinition
-    listKind: ComponentDefinitionList
-    plural: componentdefinitions
-    shortNames:
-    - comp
-    singular: componentdefinition
-  scope: Namespaced
-  versions:
-  - additionalPrinterColumns:
-    - jsonPath: .spec.workload.definition.kind
-      name: WORKLOAD-KIND
-      type: string
-    - jsonPath: .metadata.annotations.definition\.oam\.dev/description
-      name: DESCRIPTION
-      type: string
-    name: v1alpha2
-    schema:
-      openAPIV3Schema:
-        description: ComponentDefinition is the Schema for the componentdefinitions
-          API
-        properties:
-          apiVersion:
-            description: 'APIVersion defines the versioned schema of this representation
-              of an object. Servers should convert recognized schemas to the latest
-              internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
-            type: string
-          kind:
-            description: 'Kind is a string value representing the REST resource this
-              object represents. Servers may infer this from the endpoint the client
-              submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
-            type: string
-          metadata:
-            type: object
-          spec:
-            description: ComponentDefinitionSpec defines the desired state of ComponentDefinition
-            properties:
-              childResourceKinds:
-                description: ChildResourceKinds are the list of GVK of the child resources
-                  this workload generates
-                items:
-                  description: A ChildResourceKind defines a child Kubernetes resource
-                    kind with a selector
-                  properties:
-                    apiVersion:
-                      description: APIVersion of the child resource
-                      type: string
-                    kind:
-                      description: Kind of the child resource
-                      type: string
-                    selector:
-                      additionalProperties:
-                        type: string
-                      description: Selector to select the child resources that the
-                        workload wants to expose to traits
-                      type: object
-                  required:
-                  - apiVersion
-                  - kind
-                  type: object
-                type: array
-              extension:
-                description: Extension is used for extension needs by OAM platform
-                  builders
-                type: object
-                x-kubernetes-preserve-unknown-fields: true
-              podSpecPath:
-                description: PodSpecPath indicates where/if this workload has K8s
-                  podSpec field if one workload has podSpec, trait can do lot's of
-                  assumption such as port, env, volume fields.
-                type: string
-              revisionLabel:
-                description: RevisionLabel indicates which label for underlying resources(e.g.
-                  pods) of this workload can be used by trait to create resource selectors(e.g.
-                  label selector for pods).
-                type: string
-              schematic:
-                description: Schematic defines the data format and template of the
-                  encapsulation of the workload
-                properties:
-                  cue:
-                    description: CUE defines the encapsulation in CUE format
-                    properties:
-                      template:
-                        description: Template defines the abstraction template data
-                          of the capability, it will replace the old CUE template
-                          in extension field. Template is a required field if CUE
-                          is defined in Capability Definition.
-                        type: string
-                    required:
-                    - template
-                    type: object
-                  helm:
-                    description: A Helm represents resources used by a Helm module
-                    properties:
-                      release:
-                        description: Release records a Helm release used by a Helm
-                          module workload.
-                        type: object
-                        x-kubernetes-preserve-unknown-fields: true
-                      repository:
-                        description: HelmRelease records a Helm repository used by
-                          a Helm module workload.
-                        type: object
-                        x-kubernetes-preserve-unknown-fields: true
-                    required:
-                    - release
-                    - repository
-                    type: object
-                  kube:
-                    description: Kube defines the encapsulation in raw Kubernetes
-                      resource format
-                    properties:
-                      parameters:
-                        description: Parameters defines configurable parameters
-                        items:
-                          description: A KubeParameter defines a configurable parameter
-                            of a component.
-                          properties:
-                            description:
-                              description: Description of this parameter.
-                              type: string
-                            fieldPaths:
-                              description: "FieldPaths specifies an array of fields
-                                within this workload that will be overwritten by the
-                                value of this parameter. \tAll fields must be of the
-                                same type. Fields are specified as JSON field paths
-                                without a leading dot, for example 'spec.replicas'."
-                              items:
-                                type: string
-                              type: array
-                            name:
-                              description: Name of this parameter
-                              type: string
-                            required:
-                              default: false
-                              description: Required specifies whether or not a value
-                                for this parameter must be supplied when authoring
-                                an Application.
-                              type: boolean
-                            type:
-                              description: 'ValueType indicates the type of the parameter
-                                value, and only supports basic data types: string,
-                                number, boolean.'
-                              enum:
-                              - string
-                              - number
-                              - boolean
-                              type: string
-                          required:
-                          - fieldPaths
-                          - name
-                          - type
-                          type: object
-                        type: array
-                      template:
-                        description: Template defines the raw Kubernetes resource
-                        type: object
-                        x-kubernetes-preserve-unknown-fields: true
-                    required:
-                    - template
-                    type: object
-                  terraform:
-                    description: Terraform is the struct to describe cloud resources
-                      managed by Hashicorp Terraform
-                    properties:
-                      configuration:
-                        description: Configuration is Terraform Configuration
-                        type: string
-                      customRegion:
-                        description: Region is cloud provider's region. It will override
-                          the region in the region field of ProviderReference
-                        type: string
-                      deleteResource:
-                        default: true
-                        description: DeleteResource will determine whether provisioned
-                          cloud resources will be deleted when CR is deleted
-                        type: boolean
-                      path:
-                        description: Path is the sub-directory of remote git repository.
-                          It's valid when remote is set
-                        type: string
-                      providerRef:
-                        description: ProviderReference specifies the reference to
-                          Provider
-                        properties:
-                          name:
-                            description: Name of the referenced object.
-                            type: string
-                          namespace:
-                            default: default
-                            description: Namespace of the referenced object.
-                            type: string
-                        required:
-                        - name
-                        type: object
-                      type:
-                        default: hcl
-                        description: Type specifies which Terraform configuration
-                          it is, HCL or JSON syntax
-                        enum:
-                        - hcl
-                        - json
-                        - remote
-                        type: string
-                      writeConnectionSecretToRef:
-                        description: WriteConnectionSecretToReference specifies the
-                          namespace and name of a Secret to which any connection details
-                          for this managed resource should be written. Connection
-                          details frequently include the endpoint, username, and password
-                          required to connect to the managed resource.
-                        properties:
-                          name:
-                            description: Name of the secret.
-                            type: string
-                          namespace:
-                            description: Namespace of the secret.
-                            type: string
-                        required:
-                        - name
-                        type: object
-                    required:
-                    - configuration
-                    type: object
-                type: object
-              status:
-                description: Status defines the custom health policy and status message
-                  for workload
-                properties:
-                  customStatus:
-                    description: CustomStatus defines the custom status message that
-                      could display to user
-                    type: string
-                  healthPolicy:
-                    description: HealthPolicy defines the health check policy for
-                      the abstraction
-                    type: string
-                type: object
-              workload:
-                description: Workload is a workload type descriptor
-                properties:
-                  definition:
-                    description: Definition mutually exclusive to workload.type, a
-                      embedded WorkloadDefinition
-                    properties:
-                      apiVersion:
-                        type: string
-                      kind:
-                        type: string
-                    required:
-                    - apiVersion
-                    - kind
-                    type: object
-                  type:
-                    description: Type ref to a WorkloadDefinition via name
-                    type: string
-                type: object
-            required:
-            - workload
-            type: object
-          status:
-            description: ComponentDefinitionStatus is the status of ComponentDefinition
-            properties:
-              conditions:
-                description: Conditions of the resource.
-                items:
-                  description: A Condition that may apply to a resource.
-                  properties:
-                    lastTransitionTime:
-                      description: LastTransitionTime is the last time this condition
-                        transitioned from one status to another.
-                      format: date-time
-                      type: string
-                    message:
-                      description: A Message containing details about this condition's
-                        last transition from one status to another, if any.
-                      type: string
-                    reason:
-                      description: A Reason for this condition's last transition from
-                        one status to another.
-                      type: string
-                    status:
-                      description: Status of this condition; is it currently True,
-                        False, or Unknown?
-                      type: string
-                    type:
-                      description: Type of this condition. At most one of each condition
-                        type may apply to a resource at any point in time.
-                      type: string
-                  required:
-                  - lastTransitionTime
-                  - reason
-                  - status
-                  - type
-                  type: object
-                type: array
-              configMapRef:
-                description: ConfigMapRef refer to a ConfigMap which contains OpenAPI
-                  V3 JSON schema of Component parameters.
-                type: string
-              latestRevision:
-                description: LatestRevision of the component definition
-                properties:
-                  name:
-                    type: string
-                  revision:
-                    format: int64
-                    type: integer
-                  revisionHash:
-                    description: RevisionHash record the hash value of the spec of
-                      ApplicationRevision object.
-                    type: string
-                required:
-                - name
-                - revision
-                type: object
-            type: object
-        type: object
-    served: true
-    storage: false
-    subresources:
-      status: {}
-  - additionalPrinterColumns:
-    - jsonPath: .spec.workload.definition.kind
-      name: WORKLOAD-KIND
-      type: string
-    - jsonPath: .metadata.annotations.definition\.oam\.dev/description
-      name: DESCRIPTION
-      type: string
-    name: v1beta1
-    schema:
-      openAPIV3Schema:
-        description: ComponentDefinition is the Schema for the componentdefinitions
-          API
-        properties:
-          apiVersion:
-            description: 'APIVersion defines the versioned schema of this representation
-              of an object. Servers should convert recognized schemas to the latest
-              internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
-            type: string
-          kind:
-            description: 'Kind is a string value representing the REST resource this
-              object represents. Servers may infer this from the endpoint the client
-              submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
-            type: string
-          metadata:
-            type: object
-          spec:
-            description: ComponentDefinitionSpec defines the desired state of ComponentDefinition
-            properties:
-              childResourceKinds:
-                description: ChildResourceKinds are the list of GVK of the child resources
-                  this workload generates
-                items:
-                  description: A ChildResourceKind defines a child Kubernetes resource
-                    kind with a selector
-                  properties:
-                    apiVersion:
-                      description: APIVersion of the child resource
-                      type: string
-                    kind:
-                      description: Kind of the child resource
-                      type: string
-                    selector:
-                      additionalProperties:
-                        type: string
-                      description: Selector to select the child resources that the
-                        workload wants to expose to traits
-                      type: object
-                  required:
-                  - apiVersion
-                  - kind
-                  type: object
-                type: array
-              extension:
-                description: Extension is used for extension needs by OAM platform
-                  builders
-                type: object
-                x-kubernetes-preserve-unknown-fields: true
-              podSpecPath:
-                description: PodSpecPath indicates where/if this workload has K8s
-                  podSpec field if one workload has podSpec, trait can do lot's of
-                  assumption such as port, env, volume fields.
-                type: string
-              revisionLabel:
-                description: RevisionLabel indicates which label for underlying resources(e.g.
-                  pods) of this workload can be used by trait to create resource selectors(e.g.
-                  label selector for pods).
-                type: string
-              schematic:
-                description: Schematic defines the data format and template of the
-                  encapsulation of the workload
-                properties:
-                  cue:
-                    description: CUE defines the encapsulation in CUE format
-                    properties:
-                      template:
-                        description: Template defines the abstraction template data
-                          of the capability, it will replace the old CUE template
-                          in extension field. Template is a required field if CUE
-                          is defined in Capability Definition.
-                        type: string
-                    required:
-                    - template
-                    type: object
-                  helm:
-                    description: A Helm represents resources used by a Helm module
-                    properties:
-                      release:
-                        description: Release records a Helm release used by a Helm
-                          module workload.
-                        type: object
-                        x-kubernetes-preserve-unknown-fields: true
-                      repository:
-                        description: HelmRelease records a Helm repository used by
-                          a Helm module workload.
-                        type: object
-                        x-kubernetes-preserve-unknown-fields: true
-                    required:
-                    - release
-                    - repository
-                    type: object
-                  kube:
-                    description: Kube defines the encapsulation in raw Kubernetes
-                      resource format
-                    properties:
-                      parameters:
-                        description: Parameters defines configurable parameters
-                        items:
-                          description: A KubeParameter defines a configurable parameter
-                            of a component.
-                          properties:
-                            description:
-                              description: Description of this parameter.
-                              type: string
-                            fieldPaths:
-                              description: "FieldPaths specifies an array of fields
-                                within this workload that will be overwritten by the
-                                value of this parameter. \tAll fields must be of the
-                                same type. Fields are specified as JSON field paths
-                                without a leading dot, for example 'spec.replicas'."
-                              items:
-                                type: string
-                              type: array
-                            name:
-                              description: Name of this parameter
-                              type: string
-                            required:
-                              default: false
-                              description: Required specifies whether or not a value
-                                for this parameter must be supplied when authoring
-                                an Application.
-                              type: boolean
-                            type:
-                              description: 'ValueType indicates the type of the parameter
-                                value, and only supports basic data types: string,
-                                number, boolean.'
-                              enum:
-                              - string
-                              - number
-                              - boolean
-                              type: string
-                          required:
-                          - fieldPaths
-                          - name
-                          - type
-                          type: object
-                        type: array
-                      template:
-                        description: Template defines the raw Kubernetes resource
-                        type: object
-                        x-kubernetes-preserve-unknown-fields: true
-                    required:
-                    - template
-                    type: object
-                  terraform:
-                    description: Terraform is the struct to describe cloud resources
-                      managed by Hashicorp Terraform
-                    properties:
-                      configuration:
-                        description: Configuration is Terraform Configuration
-                        type: string
-                      customRegion:
-                        description: Region is cloud provider's region. It will override
-                          the region in the region field of ProviderReference
-                        type: string
-                      deleteResource:
-                        default: true
-                        description: DeleteResource will determine whether provisioned
-                          cloud resources will be deleted when CR is deleted
-                        type: boolean
-                      path:
-                        description: Path is the sub-directory of remote git repository.
-                          It's valid when remote is set
-                        type: string
-                      providerRef:
-                        description: ProviderReference specifies the reference to
-                          Provider
-                        properties:
-                          name:
-                            description: Name of the referenced object.
-                            type: string
-                          namespace:
-                            default: default
-                            description: Namespace of the referenced object.
-                            type: string
-                        required:
-                        - name
-                        type: object
-                      type:
-                        default: hcl
-                        description: Type specifies which Terraform configuration
-                          it is, HCL or JSON syntax
-                        enum:
-                        - hcl
-                        - json
-                        - remote
-                        type: string
-                      writeConnectionSecretToRef:
-                        description: WriteConnectionSecretToReference specifies the
-                          namespace and name of a Secret to which any connection details
-                          for this managed resource should be written. Connection
-                          details frequently include the endpoint, username, and password
-                          required to connect to the managed resource.
-                        properties:
-                          name:
-                            description: Name of the secret.
-                            type: string
-                          namespace:
-                            description: Namespace of the secret.
-                            type: string
-                        required:
-                        - name
-                        type: object
-                    required:
-                    - configuration
-                    type: object
-                type: object
-              status:
-                description: Status defines the custom health policy and status message
-                  for workload
-                properties:
-                  customStatus:
-                    description: CustomStatus defines the custom status message that
-                      could display to user
-                    type: string
-                  healthPolicy:
-                    description: HealthPolicy defines the health check policy for
-                      the abstraction
-                    type: string
-                type: object
-              workload:
-                description: Workload is a workload type descriptor
-                properties:
-                  definition:
-                    description: Definition mutually exclusive to workload.type, a
-                      embedded WorkloadDefinition
-                    properties:
-                      apiVersion:
-                        type: string
-                      kind:
-                        type: string
-                    required:
-                    - apiVersion
-                    - kind
-                    type: object
-                  type:
-                    description: Type ref to a WorkloadDefinition via name
-                    type: string
-                type: object
-            required:
-            - workload
-            type: object
-          status:
-            description: ComponentDefinitionStatus is the status of ComponentDefinition
-            properties:
-              conditions:
-                description: Conditions of the resource.
-                items:
-                  description: A Condition that may apply to a resource.
-                  properties:
-                    lastTransitionTime:
-                      description: LastTransitionTime is the last time this condition
-                        transitioned from one status to another.
-                      format: date-time
-                      type: string
-                    message:
-                      description: A Message containing details about this condition's
-                        last transition from one status to another, if any.
-                      type: string
-                    reason:
-                      description: A Reason for this condition's last transition from
-                        one status to another.
-                      type: string
-                    status:
-                      description: Status of this condition; is it currently True,
-                        False, or Unknown?
-                      type: string
-                    type:
-                      description: Type of this condition. At most one of each condition
-                        type may apply to a resource at any point in time.
-                      type: string
-                  required:
-                  - lastTransitionTime
-                  - reason
-                  - status
-                  - type
-                  type: object
-                type: array
-              configMapRef:
-                description: ConfigMapRef refer to a ConfigMap which contains OpenAPI
-                  V3 JSON schema of Component parameters.
-                type: string
-              latestRevision:
-                description: LatestRevision of the component definition
-                properties:
-                  name:
-                    type: string
-                  revision:
-                    format: int64
-                    type: integer
-                  revisionHash:
-                    description: RevisionHash record the hash value of the spec of
-                      ApplicationRevision object.
-                    type: string
-                required:
-                - name
-                - revision
-                type: object
-            type: object
-        type: object
-    served: true
-    storage: true
-    subresources:
-      status: {}
-status:
-  acceptedNames:
-    kind: ""
-    plural: ""
-  conditions: []
-  storedVersions: []
--- a/pkg/static/vela/charts/vela-core/crds/core.oam.dev_definitionrevisions.yaml
+++ b/pkg/static/vela/charts/vela-core/crds/core.oam.dev_definitionrevisions.yaml
--- a/pkg/static/vela/charts/vela-core/crds/core.oam.dev_envbindings.yaml
+++ b/pkg/static/vela/charts/vela-core/crds/core.oam.dev_envbindings.yaml
@ -1,319 +0,0 @@
-
---
-apiVersion: apiextensions.k8s.io/v1
-kind: CustomResourceDefinition
-metadata:
-  annotations:
-    controller-gen.kubebuilder.io/version: v0.6.2
-  name: envbindings.core.oam.dev
-spec:
-  group: core.oam.dev
-  names:
-    categories:
-    - oam
-    kind: EnvBinding
-    listKind: EnvBindingList
-    plural: envbindings
-    shortNames:
-    - envbind
-    singular: envbinding
-  scope: Namespaced
-  versions:
-  - additionalPrinterColumns:
-    - jsonPath: .spec.engine
-      name: ENGINE
-      type: string
-    - jsonPath: .status.phase
-      name: PHASE
-      type: string
-    - jsonPath: .metadata.creationTimestamp
-      name: AGE
-      type: date
-    name: v1alpha1
-    schema:
-      openAPIV3Schema:
-        description: EnvBinding is the Schema for the EnvBinding API
-        properties:
-          apiVersion:
-            description: 'APIVersion defines the versioned schema of this representation
-              of an object. Servers should convert recognized schemas to the latest
-              internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
-            type: string
-          kind:
-            description: 'Kind is a string value representing the REST resource this
-              object represents. Servers may infer this from the endpoint the client
-              submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
-            type: string
-          metadata:
-            type: object
-          spec:
-            description: A EnvBindingSpec defines the desired state of a EnvBinding.
-            properties:
-              appTemplate:
-                description: AppTemplate indicates the application template.
-                type: object
-                x-kubernetes-embedded-resource: true
-                x-kubernetes-preserve-unknown-fields: true
-              engine:
-                description: ClusterManagementEngine represents a multi-cluster management
-                  solution
-                type: string
-              envs:
-                items:
-                  description: EnvConfig is the configuration for different environments.
-                  properties:
-                    name:
-                      type: string
-                    patch:
-                      description: EnvPatch specify the parameter configuration for
-                        different environments
-                      properties:
-                        components:
-                          items:
-                            description: ApplicationComponent describe the component
-                              of application
-                            properties:
-                              dependsOn:
-                                items:
-                                  type: string
-                                type: array
-                              externalRevision:
-                                description: ExternalRevision specified the component
-                                  revisionName
-                                type: string
-                              inputs:
-                                description: StepInputs defines variable input of
-                                  WorkflowStep
-                                items:
-                                  properties:
-                                    from:
-                                      type: string
-                                    parameterKey:
-                                      type: string
-                                  required:
-                                  - from
-                                  - parameterKey
-                                  type: object
-                                type: array
-                              name:
-                                type: string
-                              outputs:
-                                description: StepOutputs defines output variable of
-                                  WorkflowStep
-                                items:
-                                  properties:
-                                    name:
-                                      type: string
-                                    valueFrom:
-                                      type: string
-                                  required:
-                                  - name
-                                  - valueFrom
-                                  type: object
-                                type: array
-                              properties:
-                                type: object
-                                x-kubernetes-preserve-unknown-fields: true
-                              scopes:
-                                additionalProperties:
-                                  type: string
-                                description: scopes in ApplicationComponent defines
-                                  the component-level scopes the format is <scope-type:scope-instance-name>
-                                  pairs, the key represents type of `ScopeDefinition`
-                                  while the value represent the name of scope instance.
-                                type: object
-                                x-kubernetes-preserve-unknown-fields: true
-                              traits:
-                                description: Traits define the trait of one component,
-                                  the type must be array to keep the order.
-                                items:
-                                  description: ApplicationTrait defines the trait
-                                    of application
-                                  properties:
-                                    properties:
-                                      type: object
-                                      x-kubernetes-preserve-unknown-fields: true
-                                    type:
-                                      type: string
-                                  required:
-                                  - type
-                                  type: object
-                                type: array
-                              type:
-                                type: string
-                            required:
-                            - name
-                            - type
-                            type: object
-                          type: array
-                      required:
-                      - components
-                      type: object
-                    placement:
-                      description: EnvPlacement defines the placement rules for an
-                        app.
-                      properties:
-                        clusterSelector:
-                          description: ClusterSelector defines the rules to select
-                            a Cluster resource. Either name or labels is needed.
-                          properties:
-                            labels:
-                              additionalProperties:
-                                type: string
-                              description: Labels defines the label selector to select
-                                the cluster.
-                              type: object
-                            name:
-                              description: Name is the name of the cluster.
-                              type: string
-                          type: object
-                        namespaceSelector:
-                          description: NamespaceSelector defines the rules to select
-                            a Namespace resource. Either name or labels is needed.
-                          properties:
-                            labels:
-                              additionalProperties:
-                                type: string
-                              description: Labels defines the label selector to select
-                                the namespace.
-                              type: object
-                            name:
-                              description: Name is the name of the namespace.
-                              type: string
-                          type: object
-                      type: object
-                    selector:
-                      description: EnvSelector defines which components should this
-                        env contains
-                      properties:
-                        components:
-                          items:
-                            type: string
-                          type: array
-                      type: object
-                  required:
-                  - name
-                  - patch
-                  type: object
-                type: array
-              outputResourcesTo:
-                description: OutputResourcesTo specifies the namespace and name of
-                  a ConfigMap which store the resources rendered after differentiated
-                  configuration
-                properties:
-                  name:
-                    description: Name of the secret.
-                    type: string
-                  namespace:
-                    description: Namespace of the secret.
-                    type: string
-                required:
-                - name
-                type: object
-            required:
-            - appTemplate
-            - envs
-            type: object
-          status:
-            description: A EnvBindingStatus is the status of EnvBinding
-            properties:
-              clusterDecisions:
-                items:
-                  description: ClusterDecision recorded the mapping of environment
-                    and cluster
-                  properties:
-                    cluster:
-                      type: string
-                    env:
-                      type: string
-                    namespace:
-                      type: string
-                  required:
-                  - env
-                  type: object
-                type: array
-              conditions:
-                description: Conditions of the resource.
-                items:
-                  description: A Condition that may apply to a resource.
-                  properties:
-                    lastTransitionTime:
-                      description: LastTransitionTime is the last time this condition
-                        transitioned from one status to another.
-                      format: date-time
-                      type: string
-                    message:
-                      description: A Message containing details about this condition's
-                        last transition from one status to another, if any.
-                      type: string
-                    reason:
-                      description: A Reason for this condition's last transition from
-                        one status to another.
-                      type: string
-                    status:
-                      description: Status of this condition; is it currently True,
-                        False, or Unknown?
-                      type: string
-                    type:
-                      description: Type of this condition. At most one of each condition
-                        type may apply to a resource at any point in time.
-                      type: string
-                  required:
-                  - lastTransitionTime
-                  - reason
-                  - status
-                  - type
-                  type: object
-                type: array
-              phase:
-                description: EnvBindingPhase is a label for the condition of a EnvBinding
-                  at the current time
-                type: string
-              resourceTracker:
-                description: ResourceTracker record the status of the ResourceTracker
-                properties:
-                  apiVersion:
-                    description: API version of the referent.
-                    type: string
-                  fieldPath:
-                    description: 'If referring to a piece of an object instead of
-                      an entire object, this string should contain a valid JSON/Go
-                      field access statement, such as desiredState.manifest.containers[2].
-                      For example, if the object reference is to a container within
-                      a pod, this would take on a value like: "spec.containers{name}"
-                      (where "name" refers to the name of the container that triggered
-                      the event) or if no container name is specified "spec.containers[2]"
-                      (container with index 2 in this pod). This syntax is chosen
-                      only to have some well-defined way of referencing a part of
-                      an object. TODO: this design is not final and this field is
-                      subject to change in the future.'
-                    type: string
-                  kind:
-                    description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
-                    type: string
-                  name:
-                    description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names'
-                    type: string
-                  namespace:
-                    description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/'
-                    type: string
-                  resourceVersion:
-                    description: 'Specific resourceVersion to which this reference
-                      is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency'
-                    type: string
-                  uid:
-                    description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids'
-                    type: string
-                type: object
-            type: object
-        type: object
-    served: true
-    storage: true
-    subresources:
-      status: {}
-status:
-  acceptedNames:
-    kind: ""
-    plural: ""
-  conditions: []
-  storedVersions: []
--- a/pkg/static/vela/charts/vela-core/crds/core.oam.dev_healthscopes.yaml
+++ b/pkg/static/vela/charts/vela-core/crds/core.oam.dev_healthscopes.yaml
@ -1,590 +0,0 @@
-
---
-apiVersion: apiextensions.k8s.io/v1
-kind: CustomResourceDefinition
-metadata:
-  annotations:
-    controller-gen.kubebuilder.io/version: v0.6.2
-  name: healthscopes.core.oam.dev
-spec:
-  group: core.oam.dev
-  names:
-    categories:
-    - oam
-    kind: HealthScope
-    listKind: HealthScopeList
-    plural: healthscopes
-    singular: healthscope
-  scope: Namespaced
-  versions:
-  - additionalPrinterColumns:
-    - jsonPath: .status.health
-      name: HEALTH
-      type: string
-    name: v1alpha2
-    schema:
-      openAPIV3Schema:
-        description: A HealthScope determines an aggregate health status based of
-          the health of components.
-        properties:
-          apiVersion:
-            description: 'APIVersion defines the versioned schema of this representation
-              of an object. Servers should convert recognized schemas to the latest
-              internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
-            type: string
-          kind:
-            description: 'Kind is a string value representing the REST resource this
-              object represents. Servers may infer this from the endpoint the client
-              submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
-            type: string
-          metadata:
-            type: object
-          spec:
-            description: A HealthScopeSpec defines the desired state of a HealthScope.
-            properties:
-              appReferences:
-                description: AppRefs records references of applications' components
-                items:
-                  description: AppReference records references of an application's
-                    components
-                  properties:
-                    appName:
-                      type: string
-                    compReferences:
-                      items:
-                        description: CompReference records references of a component's
-                          resources
-                        properties:
-                          compName:
-                            type: string
-                          traits:
-                            items:
-                              description: 'ObjectReference contains enough information
-                                to let you inspect or modify the referred object.
-                                --- New uses of this type are discouraged because
-                                of difficulty describing its usage when embedded in
-                                APIs.  1. Ignored fields.  It includes many fields
-                                which are not generally honored.  For instance, ResourceVersion
-                                and FieldPath are both very rarely valid in actual
-                                usage.  2. Invalid usage help.  It is impossible to
-                                add specific help for individual usage.  In most embedded
-                                usages, there are particular     restrictions like,
-                                "must refer only to types A and B" or "UID not honored"
-                                or "name must be restricted".     Those cannot be
-                                well described when embedded.  3. Inconsistent validation.  Because
-                                the usages are different, the validation rules are
-                                different by usage, which makes it hard for users
-                                to predict what will happen.  4. The fields are both
-                                imprecise and overly precise.  Kind is not a precise
-                                mapping to a URL. This can produce ambiguity     during
-                                interpretation and require a REST mapping.  In most
-                                cases, the dependency is on the group,resource tuple     and
-                                the version of the actual struct is irrelevant.  5.
-                                We cannot easily change it.  Because this type is
-                                embedded in many locations, updates to this type     will
-                                affect numerous schemas.  Don''t make new APIs embed
-                                an underspecified API type they do not control. Instead
-                                of using this type, create a locally provided and
-                                used type that is well-focused on your reference.
-                                For example, ServiceReferences for admission registration:
-                                https://github.com/kubernetes/api/blob/release-1.17/admissionregistration/v1/types.go#L533
-                                .'
-                              properties:
-                                apiVersion:
-                                  description: API version of the referent.
-                                  type: string
-                                fieldPath:
-                                  description: 'If referring to a piece of an object
-                                    instead of an entire object, this string should
-                                    contain a valid JSON/Go field access statement,
-                                    such as desiredState.manifest.containers[2]. For
-                                    example, if the object reference is to a container
-                                    within a pod, this would take on a value like:
-                                    "spec.containers{name}" (where "name" refers to
-                                    the name of the container that triggered the event)
-                                    or if no container name is specified "spec.containers[2]"
-                                    (container with index 2 in this pod). This syntax
-                                    is chosen only to have some well-defined way of
-                                    referencing a part of an object. TODO: this design
-                                    is not final and this field is subject to change
-                                    in the future.'
-                                  type: string
-                                kind:
-                                  description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
-                                  type: string
-                                name:
-                                  description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names'
-                                  type: string
-                                namespace:
-                                  description: 'Namespace of the referent. More info:
-                                    https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/'
-                                  type: string
-                                resourceVersion:
-                                  description: 'Specific resourceVersion to which
-                                    this reference is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency'
-                                  type: string
-                                uid:
-                                  description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids'
-                                  type: string
-                              type: object
-                            type: array
-                          workload:
-                            description: 'ObjectReference contains enough information
-                              to let you inspect or modify the referred object. ---
-                              New uses of this type are discouraged because of difficulty
-                              describing its usage when embedded in APIs.  1. Ignored
-                              fields.  It includes many fields which are not generally
-                              honored.  For instance, ResourceVersion and FieldPath
-                              are both very rarely valid in actual usage.  2. Invalid
-                              usage help.  It is impossible to add specific help for
-                              individual usage.  In most embedded usages, there are
-                              particular     restrictions like, "must refer only to
-                              types A and B" or "UID not honored" or "name must be
-                              restricted".     Those cannot be well described when
-                              embedded.  3. Inconsistent validation.  Because the
-                              usages are different, the validation rules are different
-                              by usage, which makes it hard for users to predict what
-                              will happen.  4. The fields are both imprecise and overly
-                              precise.  Kind is not a precise mapping to a URL. This
-                              can produce ambiguity     during interpretation and
-                              require a REST mapping.  In most cases, the dependency
-                              is on the group,resource tuple     and the version of
-                              the actual struct is irrelevant.  5. We cannot easily
-                              change it.  Because this type is embedded in many locations,
-                              updates to this type     will affect numerous schemas.  Don''t
-                              make new APIs embed an underspecified API type they
-                              do not control. Instead of using this type, create a
-                              locally provided and used type that is well-focused
-                              on your reference. For example, ServiceReferences for
-                              admission registration: https://github.com/kubernetes/api/blob/release-1.17/admissionregistration/v1/types.go#L533
-                              .'
-                            properties:
-                              apiVersion:
-                                description: API version of the referent.
-                                type: string
-                              fieldPath:
-                                description: 'If referring to a piece of an object
-                                  instead of an entire object, this string should
-                                  contain a valid JSON/Go field access statement,
-                                  such as desiredState.manifest.containers[2]. For
-                                  example, if the object reference is to a container
-                                  within a pod, this would take on a value like: "spec.containers{name}"
-                                  (where "name" refers to the name of the container
-                                  that triggered the event) or if no container name
-                                  is specified "spec.containers[2]" (container with
-                                  index 2 in this pod). This syntax is chosen only
-                                  to have some well-defined way of referencing a part
-                                  of an object. TODO: this design is not final and
-                                  this field is subject to change in the future.'
-                                type: string
-                              kind:
-                                description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
-                                type: string
-                              name:
-                                description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names'
-                                type: string
-                              namespace:
-                                description: 'Namespace of the referent. More info:
-                                  https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/'
-                                type: string
-                              resourceVersion:
-                                description: 'Specific resourceVersion to which this
-                                  reference is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency'
-                                type: string
-                              uid:
-                                description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids'
-                                type: string
-                            type: object
-                        type: object
-                      type: array
-                  type: object
-                type: array
-              probe-interval:
-                description: ProbeInterval is the amount of time in seconds between
-                  probing tries.
-                format: int32
-                type: integer
-              probe-timeout:
-                description: ProbeTimeout is the amount of time in seconds to wait
-                  when receiving a response before marked failure.
-                format: int32
-                type: integer
-              workloadRefs:
-                description: WorkloadReferences to the workloads that are in this
-                  scope.
-                items:
-                  description: 'ObjectReference contains enough information to let
-                    you inspect or modify the referred object. --- New uses of this
-                    type are discouraged because of difficulty describing its usage
-                    when embedded in APIs.  1. Ignored fields.  It includes many fields
-                    which are not generally honored.  For instance, ResourceVersion
-                    and FieldPath are both very rarely valid in actual usage.  2.
-                    Invalid usage help.  It is impossible to add specific help for
-                    individual usage.  In most embedded usages, there are particular     restrictions
-                    like, "must refer only to types A and B" or "UID not honored"
-                    or "name must be restricted".     Those cannot be well described
-                    when embedded.  3. Inconsistent validation.  Because the usages
-                    are different, the validation rules are different by usage, which
-                    makes it hard for users to predict what will happen.  4. The fields
-                    are both imprecise and overly precise.  Kind is not a precise
-                    mapping to a URL. This can produce ambiguity     during interpretation
-                    and require a REST mapping.  In most cases, the dependency is
-                    on the group,resource tuple     and the version of the actual
-                    struct is irrelevant.  5. We cannot easily change it.  Because
-                    this type is embedded in many locations, updates to this type     will
-                    affect numerous schemas.  Don''t make new APIs embed an underspecified
-                    API type they do not control. Instead of using this type, create
-                    a locally provided and used type that is well-focused on your
-                    reference. For example, ServiceReferences for admission registration:
-                    https://github.com/kubernetes/api/blob/release-1.17/admissionregistration/v1/types.go#L533
-                    .'
-                  properties:
-                    apiVersion:
-                      description: API version of the referent.
-                      type: string
-                    fieldPath:
-                      description: 'If referring to a piece of an object instead of
-                        an entire object, this string should contain a valid JSON/Go
-                        field access statement, such as desiredState.manifest.containers[2].
-                        For example, if the object reference is to a container within
-                        a pod, this would take on a value like: "spec.containers{name}"
-                        (where "name" refers to the name of the container that triggered
-                        the event) or if no container name is specified "spec.containers[2]"
-                        (container with index 2 in this pod). This syntax is chosen
-                        only to have some well-defined way of referencing a part of
-                        an object. TODO: this design is not final and this field is
-                        subject to change in the future.'
-                      type: string
-                    kind:
-                      description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
-                      type: string
-                    name:
-                      description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names'
-                      type: string
-                    namespace:
-                      description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/'
-                      type: string
-                    resourceVersion:
-                      description: 'Specific resourceVersion to which this reference
-                        is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency'
-                      type: string
-                    uid:
-                      description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids'
-                      type: string
-                  type: object
-                type: array
-            required:
-            - workloadRefs
-            type: object
-          status:
-            description: A HealthScopeStatus represents the observed state of a HealthScope.
-            properties:
-              appHealthConditions:
-                description: AppHealthConditions represents health condition of applications
-                  in the scope
-                items:
-                  description: AppHealthCondition represents health condition of an
-                    application
-                  properties:
-                    appName:
-                      type: string
-                    components:
-                      items:
-                        description: WorkloadHealthCondition represents informative
-                          health condition of a workload.
-                        properties:
-                          componentName:
-                            description: ComponentName represents the component name
-                              if target is a workload
-                            type: string
-                          customStatusMsg:
-                            type: string
-                          diagnosis:
-                            type: string
-                          healthStatus:
-                            description: HealthStatus represents health status strings.
-                            type: string
-                          targetWorkload:
-                            description: 'ObjectReference contains enough information
-                              to let you inspect or modify the referred object. ---
-                              New uses of this type are discouraged because of difficulty
-                              describing its usage when embedded in APIs.  1. Ignored
-                              fields.  It includes many fields which are not generally
-                              honored.  For instance, ResourceVersion and FieldPath
-                              are both very rarely valid in actual usage.  2. Invalid
-                              usage help.  It is impossible to add specific help for
-                              individual usage.  In most embedded usages, there are
-                              particular     restrictions like, "must refer only to
-                              types A and B" or "UID not honored" or "name must be
-                              restricted".     Those cannot be well described when
-                              embedded.  3. Inconsistent validation.  Because the
-                              usages are different, the validation rules are different
-                              by usage, which makes it hard for users to predict what
-                              will happen.  4. The fields are both imprecise and overly
-                              precise.  Kind is not a precise mapping to a URL. This
-                              can produce ambiguity     during interpretation and
-                              require a REST mapping.  In most cases, the dependency
-                              is on the group,resource tuple     and the version of
-                              the actual struct is irrelevant.  5. We cannot easily
-                              change it.  Because this type is embedded in many locations,
-                              updates to this type     will affect numerous schemas.  Don''t
-                              make new APIs embed an underspecified API type they
-                              do not control. Instead of using this type, create a
-                              locally provided and used type that is well-focused
-                              on your reference. For example, ServiceReferences for
-                              admission registration: https://github.com/kubernetes/api/blob/release-1.17/admissionregistration/v1/types.go#L533
-                              .'
-                            properties:
-                              apiVersion:
-                                description: API version of the referent.
-                                type: string
-                              fieldPath:
-                                description: 'If referring to a piece of an object
-                                  instead of an entire object, this string should
-                                  contain a valid JSON/Go field access statement,
-                                  such as desiredState.manifest.containers[2]. For
-                                  example, if the object reference is to a container
-                                  within a pod, this would take on a value like: "spec.containers{name}"
-                                  (where "name" refers to the name of the container
-                                  that triggered the event) or if no container name
-                                  is specified "spec.containers[2]" (container with
-                                  index 2 in this pod). This syntax is chosen only
-                                  to have some well-defined way of referencing a part
-                                  of an object. TODO: this design is not final and
-                                  this field is subject to change in the future.'
-                                type: string
-                              kind:
-                                description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
-                                type: string
-                              name:
-                                description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names'
-                                type: string
-                              namespace:
-                                description: 'Namespace of the referent. More info:
-                                  https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/'
-                                type: string
-                              resourceVersion:
-                                description: 'Specific resourceVersion to which this
-                                  reference is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency'
-                                type: string
-                              uid:
-                                description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids'
-                                type: string
-                            type: object
-                          traits:
-                            items:
-                              description: TraitHealthCondition represents informative
-                                health condition of a trait.
-                              properties:
-                                customStatusMsg:
-                                  type: string
-                                diagnosis:
-                                  type: string
-                                healthStatus:
-                                  description: HealthStatus represents health status
-                                    strings.
-                                  type: string
-                                resource:
-                                  type: string
-                                type:
-                                  type: string
-                              required:
-                              - healthStatus
-                              - resource
-                              - type
-                              type: object
-                            type: array
-                          workloadStatus:
-                            description: WorkloadStatus represents status of workloads
-                              whose HealthStatus is UNKNOWN.
-                            type: string
-                        required:
-                        - healthStatus
-                        type: object
-                      type: array
-                    envName:
-                      type: string
-                  required:
-                  - appName
-                  type: object
-                type: array
-              conditions:
-                description: Conditions of the resource.
-                items:
-                  description: A Condition that may apply to a resource.
-                  properties:
-                    lastTransitionTime:
-                      description: LastTransitionTime is the last time this condition
-                        transitioned from one status to another.
-                      format: date-time
-                      type: string
-                    message:
-                      description: A Message containing details about this condition's
-                        last transition from one status to another, if any.
-                      type: string
-                    reason:
-                      description: A Reason for this condition's last transition from
-                        one status to another.
-                      type: string
-                    status:
-                      description: Status of this condition; is it currently True,
-                        False, or Unknown?
-                      type: string
-                    type:
-                      description: Type of this condition. At most one of each condition
-                        type may apply to a resource at any point in time.
-                      type: string
-                  required:
-                  - lastTransitionTime
-                  - reason
-                  - status
-                  - type
-                  type: object
-                type: array
-              healthConditions:
-                description: WorkloadHealthConditions represents health condition
-                  of workloads in the scope Use AppHealthConditions to provide app
-                  level status
-                items:
-                  description: WorkloadHealthCondition represents informative health
-                    condition of a workload.
-                  properties:
-                    componentName:
-                      description: ComponentName represents the component name if
-                        target is a workload
-                      type: string
-                    customStatusMsg:
-                      type: string
-                    diagnosis:
-                      type: string
-                    healthStatus:
-                      description: HealthStatus represents health status strings.
-                      type: string
-                    targetWorkload:
-                      description: 'ObjectReference contains enough information to
-                        let you inspect or modify the referred object. --- New uses
-                        of this type are discouraged because of difficulty describing
-                        its usage when embedded in APIs.  1. Ignored fields.  It includes
-                        many fields which are not generally honored.  For instance,
-                        ResourceVersion and FieldPath are both very rarely valid in
-                        actual usage.  2. Invalid usage help.  It is impossible to
-                        add specific help for individual usage.  In most embedded
-                        usages, there are particular     restrictions like, "must
-                        refer only to types A and B" or "UID not honored" or "name
-                        must be restricted".     Those cannot be well described when
-                        embedded.  3. Inconsistent validation.  Because the usages
-                        are different, the validation rules are different by usage,
-                        which makes it hard for users to predict what will happen.  4.
-                        The fields are both imprecise and overly precise.  Kind is
-                        not a precise mapping to a URL. This can produce ambiguity     during
-                        interpretation and require a REST mapping.  In most cases,
-                        the dependency is on the group,resource tuple     and the
-                        version of the actual struct is irrelevant.  5. We cannot
-                        easily change it.  Because this type is embedded in many locations,
-                        updates to this type     will affect numerous schemas.  Don''t
-                        make new APIs embed an underspecified API type they do not
-                        control. Instead of using this type, create a locally provided
-                        and used type that is well-focused on your reference. For
-                        example, ServiceReferences for admission registration: https://github.com/kubernetes/api/blob/release-1.17/admissionregistration/v1/types.go#L533
-                        .'
-                      properties:
-                        apiVersion:
-                          description: API version of the referent.
-                          type: string
-                        fieldPath:
-                          description: 'If referring to a piece of an object instead
-                            of an entire object, this string should contain a valid
-                            JSON/Go field access statement, such as desiredState.manifest.containers[2].
-                            For example, if the object reference is to a container
-                            within a pod, this would take on a value like: "spec.containers{name}"
-                            (where "name" refers to the name of the container that
-                            triggered the event) or if no container name is specified
-                            "spec.containers[2]" (container with index 2 in this pod).
-                            This syntax is chosen only to have some well-defined way
-                            of referencing a part of an object. TODO: this design
-                            is not final and this field is subject to change in the
-                            future.'
-                          type: string
-                        kind:
-                          description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
-                          type: string
-                        name:
-                          description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names'
-                          type: string
-                        namespace:
-                          description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/'
-                          type: string
-                        resourceVersion:
-                          description: 'Specific resourceVersion to which this reference
-                            is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency'
-                          type: string
-                        uid:
-                          description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids'
-                          type: string
-                      type: object
-                    traits:
-                      items:
-                        description: TraitHealthCondition represents informative health
-                          condition of a trait.
-                        properties:
-                          customStatusMsg:
-                            type: string
-                          diagnosis:
-                            type: string
-                          healthStatus:
-                            description: HealthStatus represents health status strings.
-                            type: string
-                          resource:
-                            type: string
-                          type:
-                            type: string
-                        required:
-                        - healthStatus
-                        - resource
-                        - type
-                        type: object
-                      type: array
-                    workloadStatus:
-                      description: WorkloadStatus represents status of workloads whose
-                        HealthStatus is UNKNOWN.
-                      type: string
-                  required:
-                  - healthStatus
-                  type: object
-                type: array
-              scopeHealthCondition:
-                description: ScopeHealthCondition represents health condition summary
-                  of the scope
-                properties:
-                  healthStatus:
-                    description: HealthStatus represents health status strings.
-                    type: string
-                  healthyWorkloads:
-                    format: int64
-                    type: integer
-                  total:
-                    format: int64
-                    type: integer
-                  unhealthyWorkloads:
-                    format: int64
-                    type: integer
-                  unknownWorkloads:
-                    format: int64
-                    type: integer
-                required:
-                - healthStatus
-                type: object
-            required:
-            - scopeHealthCondition
-            type: object
-        type: object
-    served: true
-    storage: true
-    subresources:
-      status: {}
-status:
-  acceptedNames:
-    kind: ""
-    plural: ""
-  conditions: []
-  storedVersions: []
--- a/pkg/static/vela/charts/vela-core/crds/core.oam.dev_manualscalertraits.yaml
+++ b/pkg/static/vela/charts/vela-core/crds/core.oam.dev_manualscalertraits.yaml
@ -1,134 +0,0 @@
-
---
-apiVersion: apiextensions.k8s.io/v1
-kind: CustomResourceDefinition
-metadata:
-  annotations:
-    controller-gen.kubebuilder.io/version: v0.6.2
-  name: manualscalertraits.core.oam.dev
-spec:
-  group: core.oam.dev
-  names:
-    categories:
-    - oam
-    kind: ManualScalerTrait
-    listKind: ManualScalerTraitList
-    plural: manualscalertraits
-    singular: manualscalertrait
-  scope: Namespaced
-  versions:
-  - name: v1alpha2
-    schema:
-      openAPIV3Schema:
-        description: A ManualScalerTrait determines how many replicas a workload should
-          have.
-        properties:
-          apiVersion:
-            description: 'APIVersion defines the versioned schema of this representation
-              of an object. Servers should convert recognized schemas to the latest
-              internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
-            type: string
-          kind:
-            description: 'Kind is a string value representing the REST resource this
-              object represents. Servers may infer this from the endpoint the client
-              submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
-            type: string
-          metadata:
-            type: object
-          spec:
-            description: A ManualScalerTraitSpec defines the desired state of a ManualScalerTrait.
-            properties:
-              replicaCount:
-                description: ReplicaCount of the workload this trait applies to.
-                format: int32
-                type: integer
-              workloadRef:
-                description: WorkloadReference to the workload this trait applies
-                  to.
-                properties:
-                  apiVersion:
-                    description: API version of the referent.
-                    type: string
-                  fieldPath:
-                    description: 'If referring to a piece of an object instead of
-                      an entire object, this string should contain a valid JSON/Go
-                      field access statement, such as desiredState.manifest.containers[2].
-                      For example, if the object reference is to a container within
-                      a pod, this would take on a value like: "spec.containers{name}"
-                      (where "name" refers to the name of the container that triggered
-                      the event) or if no container name is specified "spec.containers[2]"
-                      (container with index 2 in this pod). This syntax is chosen
-                      only to have some well-defined way of referencing a part of
-                      an object. TODO: this design is not final and this field is
-                      subject to change in the future.'
-                    type: string
-                  kind:
-                    description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
-                    type: string
-                  name:
-                    description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names'
-                    type: string
-                  namespace:
-                    description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/'
-                    type: string
-                  resourceVersion:
-                    description: 'Specific resourceVersion to which this reference
-                      is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency'
-                    type: string
-                  uid:
-                    description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids'
-                    type: string
-                type: object
-            required:
-            - replicaCount
-            - workloadRef
-            type: object
-          status:
-            description: A ManualScalerTraitStatus represents the observed state of
-              a ManualScalerTrait.
-            properties:
-              conditions:
-                description: Conditions of the resource.
-                items:
-                  description: A Condition that may apply to a resource.
-                  properties:
-                    lastTransitionTime:
-                      description: LastTransitionTime is the last time this condition
-                        transitioned from one status to another.
-                      format: date-time
-                      type: string
-                    message:
-                      description: A Message containing details about this condition's
-                        last transition from one status to another, if any.
-                      type: string
-                    reason:
-                      description: A Reason for this condition's last transition from
-                        one status to another.
-                      type: string
-                    status:
-                      description: Status of this condition; is it currently True,
-                        False, or Unknown?
-                      type: string
-                    type:
-                      description: Type of this condition. At most one of each condition
-                        type may apply to a resource at any point in time.
-                      type: string
-                  required:
-                  - lastTransitionTime
-                  - reason
-                  - status
-                  - type
-                  type: object
-                type: array
-            type: object
-        type: object
-    served: true
-    storage: true
-    subresources:
-      status: {}
-status:
-  acceptedNames:
-    kind: ""
-    plural: ""
-  conditions: []
-  storedVersions: []
--- a/pkg/static/vela/charts/vela-core/crds/core.oam.dev_policies.yaml
+++ b/pkg/static/vela/charts/vela-core/crds/core.oam.dev_policies.yaml
@ -1,57 +0,0 @@
-
---
-apiVersion: apiextensions.k8s.io/v1
-kind: CustomResourceDefinition
-metadata:
-  annotations:
-    controller-gen.kubebuilder.io/version: v0.6.2
-  name: policies.core.oam.dev
-spec:
-  group: core.oam.dev
-  names:
-    categories:
-    - oam
-    kind: Policy
-    listKind: PolicyList
-    plural: policies
-    singular: policy
-  scope: Namespaced
-  versions:
-  - additionalPrinterColumns:
-    - jsonPath: .type
-      name: TYPE
-      type: string
-    name: v1alpha1
-    schema:
-      openAPIV3Schema:
-        description: Policy is the Schema for the policy API
-        properties:
-          apiVersion:
-            description: 'APIVersion defines the versioned schema of this representation
-              of an object. Servers should convert recognized schemas to the latest
-              internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
-            type: string
-          kind:
-            description: 'Kind is a string value representing the REST resource this
-              object represents. Servers may infer this from the endpoint the client
-              submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
-            type: string
-          metadata:
-            type: object
-          properties:
-            type: object
-            x-kubernetes-preserve-unknown-fields: true
-          type:
-            type: string
-        required:
-        - type
-        type: object
-    served: true
-    storage: true
-    subresources: {}
-status:
-  acceptedNames:
-    kind: ""
-    plural: ""
-  conditions: []
-  storedVersions: []
--- a/pkg/static/vela/charts/vela-core/crds/core.oam.dev_policydefinitions.yaml
+++ b/pkg/static/vela/charts/vela-core/crds/core.oam.dev_policydefinitions.yaml
@ -1,274 +0,0 @@
-
---
-apiVersion: apiextensions.k8s.io/v1
-kind: CustomResourceDefinition
-metadata:
-  annotations:
-    controller-gen.kubebuilder.io/version: v0.6.2
-  name: policydefinitions.core.oam.dev
-spec:
-  group: core.oam.dev
-  names:
-    categories:
-    - oam
-    kind: PolicyDefinition
-    listKind: PolicyDefinitionList
-    plural: policydefinitions
-    shortNames:
-    - def-policy
-    singular: policydefinition
-  scope: Namespaced
-  versions:
-  - name: v1beta1
-    schema:
-      openAPIV3Schema:
-        description: PolicyDefinition is the Schema for the policydefinitions API
-        properties:
-          apiVersion:
-            description: 'APIVersion defines the versioned schema of this representation
-              of an object. Servers should convert recognized schemas to the latest
-              internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
-            type: string
-          kind:
-            description: 'Kind is a string value representing the REST resource this
-              object represents. Servers may infer this from the endpoint the client
-              submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
-            type: string
-          metadata:
-            type: object
-          spec:
-            description: PolicyDefinitionSpec defines the desired state of PolicyDefinition
-            properties:
-              definitionRef:
-                description: Reference to the CustomResourceDefinition that defines
-                  this trait kind.
-                properties:
-                  name:
-                    description: Name of the referenced CustomResourceDefinition.
-                    type: string
-                  version:
-                    description: Version indicate which version should be used if
-                      CRD has multiple versions by default it will use the first one
-                      if not specified
-                    type: string
-                required:
-                - name
-                type: object
-              manageHealthCheck:
-                description: ManageHealthCheck means the policy will handle health
-                  checking and skip application controller built-in health checking.
-                type: boolean
-              schematic:
-                description: Schematic defines the data format and template of the
-                  encapsulation of the policy definition
-                properties:
-                  cue:
-                    description: CUE defines the encapsulation in CUE format
-                    properties:
-                      template:
-                        description: Template defines the abstraction template data
-                          of the capability, it will replace the old CUE template
-                          in extension field. Template is a required field if CUE
-                          is defined in Capability Definition.
-                        type: string
-                    required:
-                    - template
-                    type: object
-                  helm:
-                    description: A Helm represents resources used by a Helm module
-                    properties:
-                      release:
-                        description: Release records a Helm release used by a Helm
-                          module workload.
-                        type: object
-                        x-kubernetes-preserve-unknown-fields: true
-                      repository:
-                        description: HelmRelease records a Helm repository used by
-                          a Helm module workload.
-                        type: object
-                        x-kubernetes-preserve-unknown-fields: true
-                    required:
-                    - release
-                    - repository
-                    type: object
-                  kube:
-                    description: Kube defines the encapsulation in raw Kubernetes
-                      resource format
-                    properties:
-                      parameters:
-                        description: Parameters defines configurable parameters
-                        items:
-                          description: A KubeParameter defines a configurable parameter
-                            of a component.
-                          properties:
-                            description:
-                              description: Description of this parameter.
-                              type: string
-                            fieldPaths:
-                              description: "FieldPaths specifies an array of fields
-                                within this workload that will be overwritten by the
-                                value of this parameter. \tAll fields must be of the
-                                same type. Fields are specified as JSON field paths
-                                without a leading dot, for example 'spec.replicas'."
-                              items:
-                                type: string
-                              type: array
-                            name:
-                              description: Name of this parameter
-                              type: string
-                            required:
-                              default: false
-                              description: Required specifies whether or not a value
-                                for this parameter must be supplied when authoring
-                                an Application.
-                              type: boolean
-                            type:
-                              description: 'ValueType indicates the type of the parameter
-                                value, and only supports basic data types: string,
-                                number, boolean.'
-                              enum:
-                              - string
-                              - number
-                              - boolean
-                              type: string
-                          required:
-                          - fieldPaths
-                          - name
-                          - type
-                          type: object
-                        type: array
-                      template:
-                        description: Template defines the raw Kubernetes resource
-                        type: object
-                        x-kubernetes-preserve-unknown-fields: true
-                    required:
-                    - template
-                    type: object
-                  terraform:
-                    description: Terraform is the struct to describe cloud resources
-                      managed by Hashicorp Terraform
-                    properties:
-                      configuration:
-                        description: Configuration is Terraform Configuration
-                        type: string
-                      customRegion:
-                        description: Region is cloud provider's region. It will override
-                          the region in the region field of ProviderReference
-                        type: string
-                      deleteResource:
-                        default: true
-                        description: DeleteResource will determine whether provisioned
-                          cloud resources will be deleted when CR is deleted
-                        type: boolean
-                      path:
-                        description: Path is the sub-directory of remote git repository.
-                          It's valid when remote is set
-                        type: string
-                      providerRef:
-                        description: ProviderReference specifies the reference to
-                          Provider
-                        properties:
-                          name:
-                            description: Name of the referenced object.
-                            type: string
-                          namespace:
-                            default: default
-                            description: Namespace of the referenced object.
-                            type: string
-                        required:
-                        - name
-                        type: object
-                      type:
-                        default: hcl
-                        description: Type specifies which Terraform configuration
-                          it is, HCL or JSON syntax
-                        enum:
-                        - hcl
-                        - json
-                        - remote
-                        type: string
-                      writeConnectionSecretToRef:
-                        description: WriteConnectionSecretToReference specifies the
-                          namespace and name of a Secret to which any connection details
-                          for this managed resource should be written. Connection
-                          details frequently include the endpoint, username, and password
-                          required to connect to the managed resource.
-                        properties:
-                          name:
-                            description: Name of the secret.
-                            type: string
-                          namespace:
-                            description: Namespace of the secret.
-                            type: string
-                        required:
-                        - name
-                        type: object
-                    required:
-                    - configuration
-                    type: object
-                type: object
-            type: object
-          status:
-            description: PolicyDefinitionStatus is the status of PolicyDefinition
-            properties:
-              conditions:
-                description: Conditions of the resource.
-                items:
-                  description: A Condition that may apply to a resource.
-                  properties:
-                    lastTransitionTime:
-                      description: LastTransitionTime is the last time this condition
-                        transitioned from one status to another.
-                      format: date-time
-                      type: string
-                    message:
-                      description: A Message containing details about this condition's
-                        last transition from one status to another, if any.
-                      type: string
-                    reason:
-                      description: A Reason for this condition's last transition from
-                        one status to another.
-                      type: string
-                    status:
-                      description: Status of this condition; is it currently True,
-                        False, or Unknown?
-                      type: string
-                    type:
-                      description: Type of this condition. At most one of each condition
-                        type may apply to a resource at any point in time.
-                      type: string
-                  required:
-                  - lastTransitionTime
-                  - reason
-                  - status
-                  - type
-                  type: object
-                type: array
-              latestRevision:
-                description: LatestRevision of the component definition
-                properties:
-                  name:
-                    type: string
-                  revision:
-                    format: int64
-                    type: integer
-                  revisionHash:
-                    description: RevisionHash record the hash value of the spec of
-                      ApplicationRevision object.
-                    type: string
-                required:
-                - name
-                - revision
-                type: object
-            type: object
-        type: object
-    served: true
-    storage: true
-    subresources:
-      status: {}
-status:
-  acceptedNames:
-    kind: ""
-    plural: ""
-  conditions: []
-  storedVersions: []
--- a/pkg/static/vela/charts/vela-core/crds/core.oam.dev_resourcetrackers.yaml
+++ b/pkg/static/vela/charts/vela-core/crds/core.oam.dev_resourcetrackers.yaml
@ -1,181 +0,0 @@
-
---
-apiVersion: apiextensions.k8s.io/v1
-kind: CustomResourceDefinition
-metadata:
-  annotations:
-    controller-gen.kubebuilder.io/version: v0.6.2
-  name: resourcetrackers.core.oam.dev
-spec:
-  group: core.oam.dev
-  names:
-    categories:
-    - oam
-    kind: ResourceTracker
-    listKind: ResourceTrackerList
-    plural: resourcetrackers
-    shortNames:
-    - rt
-    singular: resourcetracker
-  scope: Cluster
-  versions:
-  - additionalPrinterColumns:
-    - jsonPath: .spec.type
-      name: TYPE
-      type: string
-    - jsonPath: .metadata.labels['app\.oam\.dev\/name']
-      name: APP
-      type: string
-    - jsonPath: .metadata.labels['app\.oam\.dev\/namespace']
-      name: APP-NS
-      type: string
-    - jsonPath: .spec.applicationGeneration
-      name: APP-GEN
-      type: number
-    name: v1beta1
-    schema:
-      openAPIV3Schema:
-        description: An ResourceTracker represents a tracker for track cross namespace
-          resources
-        properties:
-          apiVersion:
-            description: 'APIVersion defines the versioned schema of this representation
-              of an object. Servers should convert recognized schemas to the latest
-              internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
-            type: string
-          kind:
-            description: 'Kind is a string value representing the REST resource this
-              object represents. Servers may infer this from the endpoint the client
-              submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
-            type: string
-          metadata:
-            type: object
-          spec:
-            description: ResourceTrackerSpec define the spec of resourceTracker
-            properties:
-              applicationGeneration:
-                format: int64
-                type: integer
-              managedResources:
-                items:
-                  description: ManagedResource define the resource to be managed by
-                    ResourceTracker
-                  properties:
-                    apiVersion:
-                      description: API version of the referent.
-                      type: string
-                    cluster:
-                      type: string
-                    component:
-                      type: string
-                    creator:
-                      description: ResourceCreatorRole defines the resource creator.
-                      type: string
-                    deleted:
-                      description: Deleted marks the resource to be deleted
-                      type: boolean
-                    env:
-                      type: string
-                    fieldPath:
-                      description: 'If referring to a piece of an object instead of
-                        an entire object, this string should contain a valid JSON/Go
-                        field access statement, such as desiredState.manifest.containers[2].
-                        For example, if the object reference is to a container within
-                        a pod, this would take on a value like: "spec.containers{name}"
-                        (where "name" refers to the name of the container that triggered
-                        the event) or if no container name is specified "spec.containers[2]"
-                        (container with index 2 in this pod). This syntax is chosen
-                        only to have some well-defined way of referencing a part of
-                        an object. TODO: this design is not final and this field is
-                        subject to change in the future.'
-                      type: string
-                    kind:
-                      description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
-                      type: string
-                    name:
-                      description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names'
-                      type: string
-                    namespace:
-                      description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/'
-                      type: string
-                    raw:
-                      type: object
-                      x-kubernetes-preserve-unknown-fields: true
-                    resourceVersion:
-                      description: 'Specific resourceVersion to which this reference
-                        is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency'
-                      type: string
-                    trait:
-                      type: string
-                    uid:
-                      description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids'
-                      type: string
-                  type: object
-                type: array
-              type:
-                description: ResourceTrackerType defines the type of resourceTracker
-                type: string
-            required:
-            - applicationGeneration
-            type: object
-          status:
-            description: ResourceTrackerStatus define the status of resourceTracker
-              For backward-compatibility
-            properties:
-              trackedResources:
-                description: Deprecated
-                items:
-                  description: ClusterObjectReference defines the object reference
-                    with cluster.
-                  properties:
-                    apiVersion:
-                      description: API version of the referent.
-                      type: string
-                    cluster:
-                      type: string
-                    creator:
-                      description: ResourceCreatorRole defines the resource creator.
-                      type: string
-                    fieldPath:
-                      description: 'If referring to a piece of an object instead of
-                        an entire object, this string should contain a valid JSON/Go
-                        field access statement, such as desiredState.manifest.containers[2].
-                        For example, if the object reference is to a container within
-                        a pod, this would take on a value like: "spec.containers{name}"
-                        (where "name" refers to the name of the container that triggered
-                        the event) or if no container name is specified "spec.containers[2]"
-                        (container with index 2 in this pod). This syntax is chosen
-                        only to have some well-defined way of referencing a part of
-                        an object. TODO: this design is not final and this field is
-                        subject to change in the future.'
-                      type: string
-                    kind:
-                      description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
-                      type: string
-                    name:
-                      description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names'
-                      type: string
-                    namespace:
-                      description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/'
-                      type: string
-                    resourceVersion:
-                      description: 'Specific resourceVersion to which this reference
-                        is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency'
-                      type: string
-                    uid:
-                      description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids'
-                      type: string
-                  type: object
-                type: array
-            type: object
-        type: object
-    served: true
-    storage: true
-    subresources:
-      status: {}
-status:
-  acceptedNames:
-    kind: ""
-    plural: ""
-  conditions: []
-  storedVersions: []
--- a/pkg/static/vela/charts/vela-core/crds/core.oam.dev_scopedefinitions.yaml
+++ b/pkg/static/vela/charts/vela-core/crds/core.oam.dev_scopedefinitions.yaml
@ -1,153 +0,0 @@
-
---
-apiVersion: apiextensions.k8s.io/v1
-kind: CustomResourceDefinition
-metadata:
-  annotations:
-    controller-gen.kubebuilder.io/version: v0.6.2
-  name: scopedefinitions.core.oam.dev
-spec:
-  group: core.oam.dev
-  names:
-    categories:
-    - oam
-    kind: ScopeDefinition
-    listKind: ScopeDefinitionList
-    plural: scopedefinitions
-    shortNames:
-    - scope
-    singular: scopedefinition
-  scope: Namespaced
-  versions:
-  - additionalPrinterColumns:
-    - jsonPath: .spec.definitionRef.name
-      name: DEFINITION-NAME
-      type: string
-    name: v1alpha2
-    schema:
-      openAPIV3Schema:
-        description: A ScopeDefinition registers a kind of Kubernetes custom resource
-          as a valid OAM scope kind by referencing its CustomResourceDefinition. The
-          CRD is used to validate the schema of the scope when it is embedded in an
-          OAM ApplicationConfiguration.
-        properties:
-          apiVersion:
-            description: 'APIVersion defines the versioned schema of this representation
-              of an object. Servers should convert recognized schemas to the latest
-              internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
-            type: string
-          kind:
-            description: 'Kind is a string value representing the REST resource this
-              object represents. Servers may infer this from the endpoint the client
-              submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
-            type: string
-          metadata:
-            type: object
-          spec:
-            description: A ScopeDefinitionSpec defines the desired state of a ScopeDefinition.
-            properties:
-              allowComponentOverlap:
-                description: AllowComponentOverlap specifies whether an OAM component
-                  may exist in multiple instances of this kind of scope.
-                type: boolean
-              definitionRef:
-                description: Reference to the CustomResourceDefinition that defines
-                  this scope kind.
-                properties:
-                  name:
-                    description: Name of the referenced CustomResourceDefinition.
-                    type: string
-                  version:
-                    description: Version indicate which version should be used if
-                      CRD has multiple versions by default it will use the first one
-                      if not specified
-                    type: string
-                required:
-                - name
-                type: object
-              extension:
-                description: Extension is used for extension needs by OAM platform
-                  builders
-                type: object
-                x-kubernetes-preserve-unknown-fields: true
-              workloadRefsPath:
-                description: WorkloadRefsPath indicates if/where a scope accepts workloadRef
-                  objects
-                type: string
-            required:
-            - allowComponentOverlap
-            - definitionRef
-            type: object
-        type: object
-    served: true
-    storage: false
-    subresources: {}
-  - additionalPrinterColumns:
-    - jsonPath: .spec.definitionRef.name
-      name: DEFINITION-NAME
-      type: string
-    name: v1beta1
-    schema:
-      openAPIV3Schema:
-        description: A ScopeDefinition registers a kind of Kubernetes custom resource
-          as a valid OAM scope kind by referencing its CustomResourceDefinition. The
-          CRD is used to validate the schema of the scope when it is embedded in an
-          OAM ApplicationConfiguration.
-        properties:
-          apiVersion:
-            description: 'APIVersion defines the versioned schema of this representation
-              of an object. Servers should convert recognized schemas to the latest
-              internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
-            type: string
-          kind:
-            description: 'Kind is a string value representing the REST resource this
-              object represents. Servers may infer this from the endpoint the client
-              submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
-            type: string
-          metadata:
-            type: object
-          spec:
-            description: A ScopeDefinitionSpec defines the desired state of a ScopeDefinition.
-            properties:
-              allowComponentOverlap:
-                description: AllowComponentOverlap specifies whether an OAM component
-                  may exist in multiple instances of this kind of scope.
-                type: boolean
-              definitionRef:
-                description: Reference to the CustomResourceDefinition that defines
-                  this scope kind.
-                properties:
-                  name:
-                    description: Name of the referenced CustomResourceDefinition.
-                    type: string
-                  version:
-                    description: Version indicate which version should be used if
-                      CRD has multiple versions by default it will use the first one
-                      if not specified
-                    type: string
-                required:
-                - name
-                type: object
-              extension:
-                description: Extension is used for extension needs by OAM platform
-                  builders
-                type: object
-                x-kubernetes-preserve-unknown-fields: true
-              workloadRefsPath:
-                description: WorkloadRefsPath indicates if/where a scope accepts workloadRef
-                  objects
-                type: string
-            required:
-            - allowComponentOverlap
-            - definitionRef
-            type: object
-        type: object
-    served: true
-    storage: true
-    subresources: {}
-status:
-  acceptedNames:
-    kind: ""
-    plural: ""
-  conditions: []
-  storedVersions: []
--- a/pkg/static/vela/charts/vela-core/crds/core.oam.dev_traitdefinitions.yaml
+++ b/pkg/static/vela/charts/vela-core/crds/core.oam.dev_traitdefinitions.yaml
@ -1,645 +0,0 @@
-
---
-apiVersion: apiextensions.k8s.io/v1
-kind: CustomResourceDefinition
-metadata:
-  annotations:
-    controller-gen.kubebuilder.io/version: v0.6.2
-  name: traitdefinitions.core.oam.dev
-spec:
-  group: core.oam.dev
-  names:
-    categories:
-    - oam
-    kind: TraitDefinition
-    listKind: TraitDefinitionList
-    plural: traitdefinitions
-    shortNames:
-    - trait
-    singular: traitdefinition
-  scope: Namespaced
-  versions:
-  - additionalPrinterColumns:
-    - jsonPath: .spec.appliesToWorkloads
-      name: APPLIES-TO
-      type: string
-    - jsonPath: .metadata.annotations.definition\.oam\.dev/description
-      name: DESCRIPTION
-      type: string
-    name: v1alpha2
-    schema:
-      openAPIV3Schema:
-        description: A TraitDefinition registers a kind of Kubernetes custom resource
-          as a valid OAM trait kind by referencing its CustomResourceDefinition. The
-          CRD is used to validate the schema of the trait when it is embedded in an
-          OAM ApplicationConfiguration.
-        properties:
-          apiVersion:
-            description: 'APIVersion defines the versioned schema of this representation
-              of an object. Servers should convert recognized schemas to the latest
-              internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
-            type: string
-          kind:
-            description: 'Kind is a string value representing the REST resource this
-              object represents. Servers may infer this from the endpoint the client
-              submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
-            type: string
-          metadata:
-            type: object
-          spec:
-            description: A TraitDefinitionSpec defines the desired state of a TraitDefinition.
-            properties:
-              appliesToWorkloads:
-                description: AppliesToWorkloads specifies the list of workload kinds
-                  this trait applies to. Workload kinds are specified in kind.group/version
-                  format, e.g. server.core.oam.dev/v1alpha2. Traits that omit this
-                  field apply to all workload kinds.
-                items:
-                  type: string
-                type: array
-              conflictsWith:
-                description: 'ConflictsWith specifies the list of traits(CRD name,
-                  Definition name, CRD group) which could not apply to the same workloads
-                  with this trait. Traits that omit this field can work with any other
-                  traits. Example rules: "service" # Trait definition name "services.k8s.io"
-                  # API resource/crd name "*.networking.k8s.io" # API group "labelSelector:foo=bar"
-                  # label selector labelSelector format: https://pkg.go.dev/k8s.io/apimachinery/pkg/labels#Parse'
-                items:
-                  type: string
-                type: array
-              definitionRef:
-                description: Reference to the CustomResourceDefinition that defines
-                  this trait kind.
-                properties:
-                  name:
-                    description: Name of the referenced CustomResourceDefinition.
-                    type: string
-                  version:
-                    description: Version indicate which version should be used if
-                      CRD has multiple versions by default it will use the first one
-                      if not specified
-                    type: string
-                required:
-                - name
-                type: object
-              extension:
-                description: Extension is used for extension needs by OAM platform
-                  builders
-                type: object
-                x-kubernetes-preserve-unknown-fields: true
-              podDisruptive:
-                description: PodDisruptive specifies whether using the trait will
-                  cause the pod to restart or not.
-                type: boolean
-              revisionEnabled:
-                description: Revision indicates whether a trait is aware of component
-                  revision
-                type: boolean
-              schematic:
-                description: Schematic defines the data format and template of the
-                  encapsulation of the trait
-                properties:
-                  cue:
-                    description: CUE defines the encapsulation in CUE format
-                    properties:
-                      template:
-                        description: Template defines the abstraction template data
-                          of the capability, it will replace the old CUE template
-                          in extension field. Template is a required field if CUE
-                          is defined in Capability Definition.
-                        type: string
-                    required:
-                    - template
-                    type: object
-                  helm:
-                    description: A Helm represents resources used by a Helm module
-                    properties:
-                      release:
-                        description: Release records a Helm release used by a Helm
-                          module workload.
-                        type: object
-                        x-kubernetes-preserve-unknown-fields: true
-                      repository:
-                        description: HelmRelease records a Helm repository used by
-                          a Helm module workload.
-                        type: object
-                        x-kubernetes-preserve-unknown-fields: true
-                    required:
-                    - release
-                    - repository
-                    type: object
-                  kube:
-                    description: Kube defines the encapsulation in raw Kubernetes
-                      resource format
-                    properties:
-                      parameters:
-                        description: Parameters defines configurable parameters
-                        items:
-                          description: A KubeParameter defines a configurable parameter
-                            of a component.
-                          properties:
-                            description:
-                              description: Description of this parameter.
-                              type: string
-                            fieldPaths:
-                              description: "FieldPaths specifies an array of fields
-                                within this workload that will be overwritten by the
-                                value of this parameter. \tAll fields must be of the
-                                same type. Fields are specified as JSON field paths
-                                without a leading dot, for example 'spec.replicas'."
-                              items:
-                                type: string
-                              type: array
-                            name:
-                              description: Name of this parameter
-                              type: string
-                            required:
-                              default: false
-                              description: Required specifies whether or not a value
-                                for this parameter must be supplied when authoring
-                                an Application.
-                              type: boolean
-                            type:
-                              description: 'ValueType indicates the type of the parameter
-                                value, and only supports basic data types: string,
-                                number, boolean.'
-                              enum:
-                              - string
-                              - number
-                              - boolean
-                              type: string
-                          required:
-                          - fieldPaths
-                          - name
-                          - type
-                          type: object
-                        type: array
-                      template:
-                        description: Template defines the raw Kubernetes resource
-                        type: object
-                        x-kubernetes-preserve-unknown-fields: true
-                    required:
-                    - template
-                    type: object
-                  terraform:
-                    description: Terraform is the struct to describe cloud resources
-                      managed by Hashicorp Terraform
-                    properties:
-                      configuration:
-                        description: Configuration is Terraform Configuration
-                        type: string
-                      customRegion:
-                        description: Region is cloud provider's region. It will override
-                          the region in the region field of ProviderReference
-                        type: string
-                      deleteResource:
-                        default: true
-                        description: DeleteResource will determine whether provisioned
-                          cloud resources will be deleted when CR is deleted
-                        type: boolean
-                      path:
-                        description: Path is the sub-directory of remote git repository.
-                          It's valid when remote is set
-                        type: string
-                      providerRef:
-                        description: ProviderReference specifies the reference to
-                          Provider
-                        properties:
-                          name:
-                            description: Name of the referenced object.
-                            type: string
-                          namespace:
-                            default: default
-                            description: Namespace of the referenced object.
-                            type: string
-                        required:
-                        - name
-                        type: object
-                      type:
-                        default: hcl
-                        description: Type specifies which Terraform configuration
-                          it is, HCL or JSON syntax
-                        enum:
-                        - hcl
-                        - json
-                        - remote
-                        type: string
-                      writeConnectionSecretToRef:
-                        description: WriteConnectionSecretToReference specifies the
-                          namespace and name of a Secret to which any connection details
-                          for this managed resource should be written. Connection
-                          details frequently include the endpoint, username, and password
-                          required to connect to the managed resource.
-                        properties:
-                          name:
-                            description: Name of the secret.
-                            type: string
-                          namespace:
-                            description: Namespace of the secret.
-                            type: string
-                        required:
-                        - name
-                        type: object
-                    required:
-                    - configuration
-                    type: object
-                type: object
-              status:
-                description: Status defines the custom health policy and status message
-                  for trait
-                properties:
-                  customStatus:
-                    description: CustomStatus defines the custom status message that
-                      could display to user
-                    type: string
-                  healthPolicy:
-                    description: HealthPolicy defines the health check policy for
-                      the abstraction
-                    type: string
-                type: object
-              workloadRefPath:
-                description: WorkloadRefPath indicates where/if a trait accepts a
-                  workloadRef object
-                type: string
-            type: object
-          status:
-            description: TraitDefinitionStatus is the status of TraitDefinition
-            properties:
-              conditions:
-                description: Conditions of the resource.
-                items:
-                  description: A Condition that may apply to a resource.
-                  properties:
-                    lastTransitionTime:
-                      description: LastTransitionTime is the last time this condition
-                        transitioned from one status to another.
-                      format: date-time
-                      type: string
-                    message:
-                      description: A Message containing details about this condition's
-                        last transition from one status to another, if any.
-                      type: string
-                    reason:
-                      description: A Reason for this condition's last transition from
-                        one status to another.
-                      type: string
-                    status:
-                      description: Status of this condition; is it currently True,
-                        False, or Unknown?
-                      type: string
-                    type:
-                      description: Type of this condition. At most one of each condition
-                        type may apply to a resource at any point in time.
-                      type: string
-                  required:
-                  - lastTransitionTime
-                  - reason
-                  - status
-                  - type
-                  type: object
-                type: array
-              configMapRef:
-                description: ConfigMapRef refer to a ConfigMap which contains OpenAPI
-                  V3 JSON schema of Component parameters.
-                type: string
-              latestRevision:
-                description: LatestRevision of the trait definition
-                properties:
-                  name:
-                    type: string
-                  revision:
-                    format: int64
-                    type: integer
-                  revisionHash:
-                    description: RevisionHash record the hash value of the spec of
-                      ApplicationRevision object.
-                    type: string
-                required:
-                - name
-                - revision
-                type: object
-            type: object
-        type: object
-    served: true
-    storage: false
-    subresources:
-      status: {}
-  - additionalPrinterColumns:
-    - jsonPath: .spec.appliesToWorkloads
-      name: APPLIES-TO
-      type: string
-    - jsonPath: .metadata.annotations.definition\.oam\.dev/description
-      name: DESCRIPTION
-      type: string
-    name: v1beta1
-    schema:
-      openAPIV3Schema:
-        description: A TraitDefinition registers a kind of Kubernetes custom resource
-          as a valid OAM trait kind by referencing its CustomResourceDefinition. The
-          CRD is used to validate the schema of the trait when it is embedded in an
-          OAM ApplicationConfiguration.
-        properties:
-          apiVersion:
-            description: 'APIVersion defines the versioned schema of this representation
-              of an object. Servers should convert recognized schemas to the latest
-              internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
-            type: string
-          kind:
-            description: 'Kind is a string value representing the REST resource this
-              object represents. Servers may infer this from the endpoint the client
-              submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
-            type: string
-          metadata:
-            type: object
-          spec:
-            description: A TraitDefinitionSpec defines the desired state of a TraitDefinition.
-            properties:
-              appliesToWorkloads:
-                description: AppliesToWorkloads specifies the list of workload kinds
-                  this trait applies to. Workload kinds are specified in kind.group/version
-                  format, e.g. server.core.oam.dev/v1alpha2. Traits that omit this
-                  field apply to all workload kinds.
-                items:
-                  type: string
-                type: array
-              conflictsWith:
-                description: 'ConflictsWith specifies the list of traits(CRD name,
-                  Definition name, CRD group) which could not apply to the same workloads
-                  with this trait. Traits that omit this field can work with any other
-                  traits. Example rules: "service" # Trait definition name "services.k8s.io"
-                  # API resource/crd name "*.networking.k8s.io" # API group "labelSelector:foo=bar"
-                  # label selector labelSelector format: https://pkg.go.dev/k8s.io/apimachinery/pkg/labels#Parse'
-                items:
-                  type: string
-                type: array
-              definitionRef:
-                description: Reference to the CustomResourceDefinition that defines
-                  this trait kind.
-                properties:
-                  name:
-                    description: Name of the referenced CustomResourceDefinition.
-                    type: string
-                  version:
-                    description: Version indicate which version should be used if
-                      CRD has multiple versions by default it will use the first one
-                      if not specified
-                    type: string
-                required:
-                - name
-                type: object
-              extension:
-                description: Extension is used for extension needs by OAM platform
-                  builders
-                type: object
-                x-kubernetes-preserve-unknown-fields: true
-              manageWorkload:
-                description: ManageWorkload defines the trait would be responsible
-                  for creating the workload
-                type: boolean
-              podDisruptive:
-                description: PodDisruptive specifies whether using the trait will
-                  cause the pod to restart or not.
-                type: boolean
-              revisionEnabled:
-                description: Revision indicates whether a trait is aware of component
-                  revision
-                type: boolean
-              schematic:
-                description: Schematic defines the data format and template of the
-                  encapsulation of the trait
-                properties:
-                  cue:
-                    description: CUE defines the encapsulation in CUE format
-                    properties:
-                      template:
-                        description: Template defines the abstraction template data
-                          of the capability, it will replace the old CUE template
-                          in extension field. Template is a required field if CUE
-                          is defined in Capability Definition.
-                        type: string
-                    required:
-                    - template
-                    type: object
-                  helm:
-                    description: A Helm represents resources used by a Helm module
-                    properties:
-                      release:
-                        description: Release records a Helm release used by a Helm
-                          module workload.
-                        type: object
-                        x-kubernetes-preserve-unknown-fields: true
-                      repository:
-                        description: HelmRelease records a Helm repository used by
-                          a Helm module workload.
-                        type: object
-                        x-kubernetes-preserve-unknown-fields: true
-                    required:
-                    - release
-                    - repository
-                    type: object
-                  kube:
-                    description: Kube defines the encapsulation in raw Kubernetes
-                      resource format
-                    properties:
-                      parameters:
-                        description: Parameters defines configurable parameters
-                        items:
-                          description: A KubeParameter defines a configurable parameter
-                            of a component.
-                          properties:
-                            description:
-                              description: Description of this parameter.
-                              type: string
-                            fieldPaths:
-                              description: "FieldPaths specifies an array of fields
-                                within this workload that will be overwritten by the
-                                value of this parameter. \tAll fields must be of the
-                                same type. Fields are specified as JSON field paths
-                                without a leading dot, for example 'spec.replicas'."
-                              items:
-                                type: string
-                              type: array
-                            name:
-                              description: Name of this parameter
-                              type: string
-                            required:
-                              default: false
-                              description: Required specifies whether or not a value
-                                for this parameter must be supplied when authoring
-                                an Application.
-                              type: boolean
-                            type:
-                              description: 'ValueType indicates the type of the parameter
-                                value, and only supports basic data types: string,
-                                number, boolean.'
-                              enum:
-                              - string
-                              - number
-                              - boolean
-                              type: string
-                          required:
-                          - fieldPaths
-                          - name
-                          - type
-                          type: object
-                        type: array
-                      template:
-                        description: Template defines the raw Kubernetes resource
-                        type: object
-                        x-kubernetes-preserve-unknown-fields: true
-                    required:
-                    - template
-                    type: object
-                  terraform:
-                    description: Terraform is the struct to describe cloud resources
-                      managed by Hashicorp Terraform
-                    properties:
-                      configuration:
-                        description: Configuration is Terraform Configuration
-                        type: string
-                      customRegion:
-                        description: Region is cloud provider's region. It will override
-                          the region in the region field of ProviderReference
-                        type: string
-                      deleteResource:
-                        default: true
-                        description: DeleteResource will determine whether provisioned
-                          cloud resources will be deleted when CR is deleted
-                        type: boolean
-                      path:
-                        description: Path is the sub-directory of remote git repository.
-                          It's valid when remote is set
-                        type: string
-                      providerRef:
-                        description: ProviderReference specifies the reference to
-                          Provider
-                        properties:
-                          name:
-                            description: Name of the referenced object.
-                            type: string
-                          namespace:
-                            default: default
-                            description: Namespace of the referenced object.
-                            type: string
-                        required:
-                        - name
-                        type: object
-                      type:
-                        default: hcl
-                        description: Type specifies which Terraform configuration
-                          it is, HCL or JSON syntax
-                        enum:
-                        - hcl
-                        - json
-                        - remote
-                        type: string
-                      writeConnectionSecretToRef:
-                        description: WriteConnectionSecretToReference specifies the
-                          namespace and name of a Secret to which any connection details
-                          for this managed resource should be written. Connection
-                          details frequently include the endpoint, username, and password
-                          required to connect to the managed resource.
-                        properties:
-                          name:
-                            description: Name of the secret.
-                            type: string
-                          namespace:
-                            description: Namespace of the secret.
-                            type: string
-                        required:
-                        - name
-                        type: object
-                    required:
-                    - configuration
-                    type: object
-                type: object
-              skipRevisionAffect:
-                description: SkipRevisionAffect defines the update this trait will
-                  not generate a new application Revision
-                type: boolean
-              status:
-                description: Status defines the custom health policy and status message
-                  for trait
-                properties:
-                  customStatus:
-                    description: CustomStatus defines the custom status message that
-                      could display to user
-                    type: string
-                  healthPolicy:
-                    description: HealthPolicy defines the health check policy for
-                      the abstraction
-                    type: string
-                type: object
-              workloadRefPath:
-                description: WorkloadRefPath indicates where/if a trait accepts a
-                  workloadRef object
-                type: string
-            type: object
-          status:
-            description: TraitDefinitionStatus is the status of TraitDefinition
-            properties:
-              conditions:
-                description: Conditions of the resource.
-                items:
-                  description: A Condition that may apply to a resource.
-                  properties:
-                    lastTransitionTime:
-                      description: LastTransitionTime is the last time this condition
-                        transitioned from one status to another.
-                      format: date-time
-                      type: string
-                    message:
-                      description: A Message containing details about this condition's
-                        last transition from one status to another, if any.
-                      type: string
-                    reason:
-                      description: A Reason for this condition's last transition from
-                        one status to another.
-                      type: string
-                    status:
-                      description: Status of this condition; is it currently True,
-                        False, or Unknown?
-                      type: string
-                    type:
-                      description: Type of this condition. At most one of each condition
-                        type may apply to a resource at any point in time.
-                      type: string
-                  required:
-                  - lastTransitionTime
-                  - reason
-                  - status
-                  - type
-                  type: object
-                type: array
-              configMapRef:
-                description: ConfigMapRef refer to a ConfigMap which contains OpenAPI
-                  V3 JSON schema of Component parameters.
-                type: string
-              latestRevision:
-                description: LatestRevision of the component definition
-                properties:
-                  name:
-                    type: string
-                  revision:
-                    format: int64
-                    type: integer
-                  revisionHash:
-                    description: RevisionHash record the hash value of the spec of
-                      ApplicationRevision object.
-                    type: string
-                required:
-                - name
-                - revision
-                type: object
-            type: object
-        type: object
-    served: true
-    storage: true
-    subresources:
-      status: {}
-status:
-  acceptedNames:
-    kind: ""
-    plural: ""
-  conditions: []
-  storedVersions: []
--- a/pkg/static/vela/charts/vela-core/crds/core.oam.dev_workflows.yaml
+++ b/pkg/static/vela/charts/vela-core/crds/core.oam.dev_workflows.yaml
@ -1,149 +0,0 @@
-
---
-apiVersion: apiextensions.k8s.io/v1
-kind: CustomResourceDefinition
-metadata:
-  annotations:
-    controller-gen.kubebuilder.io/version: v0.6.2
-  name: workflows.core.oam.dev
-spec:
-  group: core.oam.dev
-  names:
-    categories:
-    - oam
-    kind: Workflow
-    listKind: WorkflowList
-    plural: workflows
-    singular: workflow
-  scope: Namespaced
-  versions:
-  - name: v1alpha1
-    schema:
-      openAPIV3Schema:
-        description: Workflow is the Schema for the policy API
-        properties:
-          apiVersion:
-            description: 'APIVersion defines the versioned schema of this representation
-              of an object. Servers should convert recognized schemas to the latest
-              internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
-            type: string
-          kind:
-            description: 'Kind is a string value representing the REST resource this
-              object represents. Servers may infer this from the endpoint the client
-              submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
-            type: string
-          metadata:
-            type: object
-          steps:
-            items:
-              description: WorkflowStep defines how to execute a workflow step.
-              properties:
-                dependsOn:
-                  items:
-                    type: string
-                  type: array
-                inputs:
-                  description: StepInputs defines variable input of WorkflowStep
-                  items:
-                    properties:
-                      from:
-                        type: string
-                      parameterKey:
-                        type: string
-                    required:
-                    - from
-                    - parameterKey
-                    type: object
-                  type: array
-                name:
-                  description: Name is the unique name of the workflow step.
-                  type: string
-                outputs:
-                  description: StepOutputs defines output variable of WorkflowStep
-                  items:
-                    properties:
-                      name:
-                        type: string
-                      valueFrom:
-                        type: string
-                    required:
-                    - name
-                    - valueFrom
-                    type: object
-                  type: array
-                properties:
-                  type: object
-                  x-kubernetes-preserve-unknown-fields: true
-                type:
-                  type: string
-              required:
-              - name
-              - type
-              type: object
-            type: array
-        type: object
-    served: true
-    storage: true
-  - name: v1beta1
-    schema:
-      openAPIV3Schema:
-        description: Workflow defines workflow steps and other attributes
-        properties:
-          ref:
-            type: string
-          steps:
-            items:
-              description: WorkflowStep defines how to execute a workflow step.
-              properties:
-                dependsOn:
-                  items:
-                    type: string
-                  type: array
-                inputs:
-                  description: StepInputs defines variable input of WorkflowStep
-                  items:
-                    properties:
-                      from:
-                        type: string
-                      parameterKey:
-                        type: string
-                    required:
-                    - from
-                    - parameterKey
-                    type: object
-                  type: array
-                name:
-                  description: Name is the unique name of the workflow step.
-                  type: string
-                outputs:
-                  description: StepOutputs defines output variable of WorkflowStep
-                  items:
-                    properties:
-                      name:
-                        type: string
-                      valueFrom:
-                        type: string
-                    required:
-                    - name
-                    - valueFrom
-                    type: object
-                  type: array
-                properties:
-                  type: object
-                  x-kubernetes-preserve-unknown-fields: true
-                type:
-                  type: string
-              required:
-              - name
-              - type
-              type: object
-            type: array
-        type: object
-    served: true
-    storage: false
-status:
-  acceptedNames:
-    kind: ""
-    plural: ""
-  conditions: []
-  storedVersions: []
--- a/pkg/static/vela/charts/vela-core/crds/core.oam.dev_workflowstepdefinitions.yaml
+++ b/pkg/static/vela/charts/vela-core/crds/core.oam.dev_workflowstepdefinitions.yaml
@ -1,275 +0,0 @@
-
---
-apiVersion: apiextensions.k8s.io/v1
-kind: CustomResourceDefinition
-metadata:
-  annotations:
-    controller-gen.kubebuilder.io/version: v0.6.2
-  name: workflowstepdefinitions.core.oam.dev
-spec:
-  group: core.oam.dev
-  names:
-    categories:
-    - oam
-    kind: WorkflowStepDefinition
-    listKind: WorkflowStepDefinitionList
-    plural: workflowstepdefinitions
-    shortNames:
-    - workflowstep
-    singular: workflowstepdefinition
-  scope: Namespaced
-  versions:
-  - name: v1beta1
-    schema:
-      openAPIV3Schema:
-        description: WorkflowStepDefinition is the Schema for the workflowstepdefinitions
-          API
-        properties:
-          apiVersion:
-            description: 'APIVersion defines the versioned schema of this representation
-              of an object. Servers should convert recognized schemas to the latest
-              internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
-            type: string
-          kind:
-            description: 'Kind is a string value representing the REST resource this
-              object represents. Servers may infer this from the endpoint the client
-              submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
-            type: string
-          metadata:
-            type: object
-          spec:
-            description: WorkflowStepDefinitionSpec defines the desired state of WorkflowStepDefinition
-            properties:
-              definitionRef:
-                description: Reference to the CustomResourceDefinition that defines
-                  this trait kind.
-                properties:
-                  name:
-                    description: Name of the referenced CustomResourceDefinition.
-                    type: string
-                  version:
-                    description: Version indicate which version should be used if
-                      CRD has multiple versions by default it will use the first one
-                      if not specified
-                    type: string
-                required:
-                - name
-                type: object
-              schematic:
-                description: Schematic defines the data format and template of the
-                  encapsulation of the workflow step definition
-                properties:
-                  cue:
-                    description: CUE defines the encapsulation in CUE format
-                    properties:
-                      template:
-                        description: Template defines the abstraction template data
-                          of the capability, it will replace the old CUE template
-                          in extension field. Template is a required field if CUE
-                          is defined in Capability Definition.
-                        type: string
-                    required:
-                    - template
-                    type: object
-                  helm:
-                    description: A Helm represents resources used by a Helm module
-                    properties:
-                      release:
-                        description: Release records a Helm release used by a Helm
-                          module workload.
-                        type: object
-                        x-kubernetes-preserve-unknown-fields: true
-                      repository:
-                        description: HelmRelease records a Helm repository used by
-                          a Helm module workload.
-                        type: object
-                        x-kubernetes-preserve-unknown-fields: true
-                    required:
-                    - release
-                    - repository
-                    type: object
-                  kube:
-                    description: Kube defines the encapsulation in raw Kubernetes
-                      resource format
-                    properties:
-                      parameters:
-                        description: Parameters defines configurable parameters
-                        items:
-                          description: A KubeParameter defines a configurable parameter
-                            of a component.
-                          properties:
-                            description:
-                              description: Description of this parameter.
-                              type: string
-                            fieldPaths:
-                              description: "FieldPaths specifies an array of fields
-                                within this workload that will be overwritten by the
-                                value of this parameter. \tAll fields must be of the
-                                same type. Fields are specified as JSON field paths
-                                without a leading dot, for example 'spec.replicas'."
-                              items:
-                                type: string
-                              type: array
-                            name:
-                              description: Name of this parameter
-                              type: string
-                            required:
-                              default: false
-                              description: Required specifies whether or not a value
-                                for this parameter must be supplied when authoring
-                                an Application.
-                              type: boolean
-                            type:
-                              description: 'ValueType indicates the type of the parameter
-                                value, and only supports basic data types: string,
-                                number, boolean.'
-                              enum:
-                              - string
-                              - number
-                              - boolean
-                              type: string
-                          required:
-                          - fieldPaths
-                          - name
-                          - type
-                          type: object
-                        type: array
-                      template:
-                        description: Template defines the raw Kubernetes resource
-                        type: object
-                        x-kubernetes-preserve-unknown-fields: true
-                    required:
-                    - template
-                    type: object
-                  terraform:
-                    description: Terraform is the struct to describe cloud resources
-                      managed by Hashicorp Terraform
-                    properties:
-                      configuration:
-                        description: Configuration is Terraform Configuration
-                        type: string
-                      customRegion:
-                        description: Region is cloud provider's region. It will override
-                          the region in the region field of ProviderReference
-                        type: string
-                      deleteResource:
-                        default: true
-                        description: DeleteResource will determine whether provisioned
-                          cloud resources will be deleted when CR is deleted
-                        type: boolean
-                      path:
-                        description: Path is the sub-directory of remote git repository.
-                          It's valid when remote is set
-                        type: string
-                      providerRef:
-                        description: ProviderReference specifies the reference to
-                          Provider
-                        properties:
-                          name:
-                            description: Name of the referenced object.
-                            type: string
-                          namespace:
-                            default: default
-                            description: Namespace of the referenced object.
-                            type: string
-                        required:
-                        - name
-                        type: object
-                      type:
-                        default: hcl
-                        description: Type specifies which Terraform configuration
-                          it is, HCL or JSON syntax
-                        enum:
-                        - hcl
-                        - json
-                        - remote
-                        type: string
-                      writeConnectionSecretToRef:
-                        description: WriteConnectionSecretToReference specifies the
-                          namespace and name of a Secret to which any connection details
-                          for this managed resource should be written. Connection
-                          details frequently include the endpoint, username, and password
-                          required to connect to the managed resource.
-                        properties:
-                          name:
-                            description: Name of the secret.
-                            type: string
-                          namespace:
-                            description: Namespace of the secret.
-                            type: string
-                        required:
-                        - name
-                        type: object
-                    required:
-                    - configuration
-                    type: object
-                type: object
-            type: object
-          status:
-            description: WorkflowStepDefinitionStatus is the status of WorkflowStepDefinition
-            properties:
-              conditions:
-                description: Conditions of the resource.
-                items:
-                  description: A Condition that may apply to a resource.
-                  properties:
-                    lastTransitionTime:
-                      description: LastTransitionTime is the last time this condition
-                        transitioned from one status to another.
-                      format: date-time
-                      type: string
-                    message:
-                      description: A Message containing details about this condition's
-                        last transition from one status to another, if any.
-                      type: string
-                    reason:
-                      description: A Reason for this condition's last transition from
-                        one status to another.
-                      type: string
-                    status:
-                      description: Status of this condition; is it currently True,
-                        False, or Unknown?
-                      type: string
-                    type:
-                      description: Type of this condition. At most one of each condition
-                        type may apply to a resource at any point in time.
-                      type: string
-                  required:
-                  - lastTransitionTime
-                  - reason
-                  - status
-                  - type
-                  type: object
-                type: array
-              configMapRef:
-                description: ConfigMapRef refer to a ConfigMap which contains OpenAPI
-                  V3 JSON schema of Component parameters.
-                type: string
-              latestRevision:
-                description: LatestRevision of the component definition
-                properties:
-                  name:
-                    type: string
-                  revision:
-                    format: int64
-                    type: integer
-                  revisionHash:
-                    description: RevisionHash record the hash value of the spec of
-                      ApplicationRevision object.
-                    type: string
-                required:
-                - name
-                - revision
-                type: object
-            type: object
-        type: object
-    served: true
-    storage: true
-    subresources:
-      status: {}
-status:
-  acceptedNames:
-    kind: ""
-    plural: ""
-  conditions: []
-  storedVersions: []
--- a/pkg/static/vela/charts/vela-core/crds/core.oam.dev_workloaddefinitions.yaml
+++ b/pkg/static/vela/charts/vela-core/crds/core.oam.dev_workloaddefinitions.yaml
@ -1,604 +0,0 @@
-
---
-apiVersion: apiextensions.k8s.io/v1
-kind: CustomResourceDefinition
-metadata:
-  annotations:
-    controller-gen.kubebuilder.io/version: v0.6.2
-  name: workloaddefinitions.core.oam.dev
-spec:
-  group: core.oam.dev
-  names:
-    categories:
-    - oam
-    kind: WorkloadDefinition
-    listKind: WorkloadDefinitionList
-    plural: workloaddefinitions
-    shortNames:
-    - workload
-    singular: workloaddefinition
-  scope: Namespaced
-  versions:
-  - additionalPrinterColumns:
-    - jsonPath: .spec.definitionRef.name
-      name: DEFINITION-NAME
-      type: string
-    name: v1alpha2
-    schema:
-      openAPIV3Schema:
-        description: A WorkloadDefinition registers a kind of Kubernetes custom resource
-          as a valid OAM workload kind by referencing its CustomResourceDefinition.
-          The CRD is used to validate the schema of the workload when it is embedded
-          in an OAM Component.
-        properties:
-          apiVersion:
-            description: 'APIVersion defines the versioned schema of this representation
-              of an object. Servers should convert recognized schemas to the latest
-              internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
-            type: string
-          kind:
-            description: 'Kind is a string value representing the REST resource this
-              object represents. Servers may infer this from the endpoint the client
-              submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
-            type: string
-          metadata:
-            type: object
-          spec:
-            description: A WorkloadDefinitionSpec defines the desired state of a WorkloadDefinition.
-            properties:
-              childResourceKinds:
-                description: ChildResourceKinds are the list of GVK of the child resources
-                  this workload generates
-                items:
-                  description: A ChildResourceKind defines a child Kubernetes resource
-                    kind with a selector
-                  properties:
-                    apiVersion:
-                      description: APIVersion of the child resource
-                      type: string
-                    kind:
-                      description: Kind of the child resource
-                      type: string
-                    selector:
-                      additionalProperties:
-                        type: string
-                      description: Selector to select the child resources that the
-                        workload wants to expose to traits
-                      type: object
-                  required:
-                  - apiVersion
-                  - kind
-                  type: object
-                type: array
-              definitionRef:
-                description: Reference to the CustomResourceDefinition that defines
-                  this workload kind.
-                properties:
-                  name:
-                    description: Name of the referenced CustomResourceDefinition.
-                    type: string
-                  version:
-                    description: Version indicate which version should be used if
-                      CRD has multiple versions by default it will use the first one
-                      if not specified
-                    type: string
-                required:
-                - name
-                type: object
-              extension:
-                description: Extension is used for extension needs by OAM platform
-                  builders
-                type: object
-                x-kubernetes-preserve-unknown-fields: true
-              podSpecPath:
-                description: PodSpecPath indicates where/if this workload has K8s
-                  podSpec field if one workload has podSpec, trait can do lot's of
-                  assumption such as port, env, volume fields.
-                type: string
-              revisionLabel:
-                description: RevisionLabel indicates which label for underlying resources(e.g.
-                  pods) of this workload can be used by trait to create resource selectors(e.g.
-                  label selector for pods).
-                type: string
-              schematic:
-                description: Schematic defines the data format and template of the
-                  encapsulation of the workload
-                properties:
-                  cue:
-                    description: CUE defines the encapsulation in CUE format
-                    properties:
-                      template:
-                        description: Template defines the abstraction template data
-                          of the capability, it will replace the old CUE template
-                          in extension field. Template is a required field if CUE
-                          is defined in Capability Definition.
-                        type: string
-                    required:
-                    - template
-                    type: object
-                  helm:
-                    description: A Helm represents resources used by a Helm module
-                    properties:
-                      release:
-                        description: Release records a Helm release used by a Helm
-                          module workload.
-                        type: object
-                        x-kubernetes-preserve-unknown-fields: true
-                      repository:
-                        description: HelmRelease records a Helm repository used by
-                          a Helm module workload.
-                        type: object
-                        x-kubernetes-preserve-unknown-fields: true
-                    required:
-                    - release
-                    - repository
-                    type: object
-                  kube:
-                    description: Kube defines the encapsulation in raw Kubernetes
-                      resource format
-                    properties:
-                      parameters:
-                        description: Parameters defines configurable parameters
-                        items:
-                          description: A KubeParameter defines a configurable parameter
-                            of a component.
-                          properties:
-                            description:
-                              description: Description of this parameter.
-                              type: string
-                            fieldPaths:
-                              description: "FieldPaths specifies an array of fields
-                                within this workload that will be overwritten by the
-                                value of this parameter. \tAll fields must be of the
-                                same type. Fields are specified as JSON field paths
-                                without a leading dot, for example 'spec.replicas'."
-                              items:
-                                type: string
-                              type: array
-                            name:
-                              description: Name of this parameter
-                              type: string
-                            required:
-                              default: false
-                              description: Required specifies whether or not a value
-                                for this parameter must be supplied when authoring
-                                an Application.
-                              type: boolean
-                            type:
-                              description: 'ValueType indicates the type of the parameter
-                                value, and only supports basic data types: string,
-                                number, boolean.'
-                              enum:
-                              - string
-                              - number
-                              - boolean
-                              type: string
-                          required:
-                          - fieldPaths
-                          - name
-                          - type
-                          type: object
-                        type: array
-                      template:
-                        description: Template defines the raw Kubernetes resource
-                        type: object
-                        x-kubernetes-preserve-unknown-fields: true
-                    required:
-                    - template
-                    type: object
-                  terraform:
-                    description: Terraform is the struct to describe cloud resources
-                      managed by Hashicorp Terraform
-                    properties:
-                      configuration:
-                        description: Configuration is Terraform Configuration
-                        type: string
-                      customRegion:
-                        description: Region is cloud provider's region. It will override
-                          the region in the region field of ProviderReference
-                        type: string
-                      deleteResource:
-                        default: true
-                        description: DeleteResource will determine whether provisioned
-                          cloud resources will be deleted when CR is deleted
-                        type: boolean
-                      path:
-                        description: Path is the sub-directory of remote git repository.
-                          It's valid when remote is set
-                        type: string
-                      providerRef:
-                        description: ProviderReference specifies the reference to
-                          Provider
-                        properties:
-                          name:
-                            description: Name of the referenced object.
-                            type: string
-                          namespace:
-                            default: default
-                            description: Namespace of the referenced object.
-                            type: string
-                        required:
-                        - name
-                        type: object
-                      type:
-                        default: hcl
-                        description: Type specifies which Terraform configuration
-                          it is, HCL or JSON syntax
-                        enum:
-                        - hcl
-                        - json
-                        - remote
-                        type: string
-                      writeConnectionSecretToRef:
-                        description: WriteConnectionSecretToReference specifies the
-                          namespace and name of a Secret to which any connection details
-                          for this managed resource should be written. Connection
-                          details frequently include the endpoint, username, and password
-                          required to connect to the managed resource.
-                        properties:
-                          name:
-                            description: Name of the secret.
-                            type: string
-                          namespace:
-                            description: Namespace of the secret.
-                            type: string
-                        required:
-                        - name
-                        type: object
-                    required:
-                    - configuration
-                    type: object
-                type: object
-              status:
-                description: Status defines the custom health policy and status message
-                  for workload
-                properties:
-                  customStatus:
-                    description: CustomStatus defines the custom status message that
-                      could display to user
-                    type: string
-                  healthPolicy:
-                    description: HealthPolicy defines the health check policy for
-                      the abstraction
-                    type: string
-                type: object
-            required:
-            - definitionRef
-            type: object
-          status:
-            description: WorkloadDefinitionStatus is the status of WorkloadDefinition
-            properties:
-              conditions:
-                description: Conditions of the resource.
-                items:
-                  description: A Condition that may apply to a resource.
-                  properties:
-                    lastTransitionTime:
-                      description: LastTransitionTime is the last time this condition
-                        transitioned from one status to another.
-                      format: date-time
-                      type: string
-                    message:
-                      description: A Message containing details about this condition's
-                        last transition from one status to another, if any.
-                      type: string
-                    reason:
-                      description: A Reason for this condition's last transition from
-                        one status to another.
-                      type: string
-                    status:
-                      description: Status of this condition; is it currently True,
-                        False, or Unknown?
-                      type: string
-                    type:
-                      description: Type of this condition. At most one of each condition
-                        type may apply to a resource at any point in time.
-                      type: string
-                  required:
-                  - lastTransitionTime
-                  - reason
-                  - status
-                  - type
-                  type: object
-                type: array
-            type: object
-        type: object
-    served: true
-    storage: false
-    subresources: {}
-  - additionalPrinterColumns:
-    - jsonPath: .spec.definitionRef.name
-      name: DEFINITION-NAME
-      type: string
-    - jsonPath: .metadata.annotations.definition\.oam\.dev/description
-      name: DESCRIPTION
-      type: string
-    name: v1beta1
-    schema:
-      openAPIV3Schema:
-        description: A WorkloadDefinition registers a kind of Kubernetes custom resource
-          as a valid OAM workload kind by referencing its CustomResourceDefinition.
-          The CRD is used to validate the schema of the workload when it is embedded
-          in an OAM Component.
-        properties:
-          apiVersion:
-            description: 'APIVersion defines the versioned schema of this representation
-              of an object. Servers should convert recognized schemas to the latest
-              internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
-            type: string
-          kind:
-            description: 'Kind is a string value representing the REST resource this
-              object represents. Servers may infer this from the endpoint the client
-              submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
-            type: string
-          metadata:
-            type: object
-          spec:
-            description: A WorkloadDefinitionSpec defines the desired state of a WorkloadDefinition.
-            properties:
-              childResourceKinds:
-                description: ChildResourceKinds are the list of GVK of the child resources
-                  this workload generates
-                items:
-                  description: A ChildResourceKind defines a child Kubernetes resource
-                    kind with a selector
-                  properties:
-                    apiVersion:
-                      description: APIVersion of the child resource
-                      type: string
-                    kind:
-                      description: Kind of the child resource
-                      type: string
-                    selector:
-                      additionalProperties:
-                        type: string
-                      description: Selector to select the child resources that the
-                        workload wants to expose to traits
-                      type: object
-                  required:
-                  - apiVersion
-                  - kind
-                  type: object
-                type: array
-              definitionRef:
-                description: Reference to the CustomResourceDefinition that defines
-                  this workload kind.
-                properties:
-                  name:
-                    description: Name of the referenced CustomResourceDefinition.
-                    type: string
-                  version:
-                    description: Version indicate which version should be used if
-                      CRD has multiple versions by default it will use the first one
-                      if not specified
-                    type: string
-                required:
-                - name
-                type: object
-              extension:
-                description: Extension is used for extension needs by OAM platform
-                  builders
-                type: object
-                x-kubernetes-preserve-unknown-fields: true
-              podSpecPath:
-                description: PodSpecPath indicates where/if this workload has K8s
-                  podSpec field if one workload has podSpec, trait can do lot's of
-                  assumption such as port, env, volume fields.
-                type: string
-              revisionLabel:
-                description: RevisionLabel indicates which label for underlying resources(e.g.
-                  pods) of this workload can be used by trait to create resource selectors(e.g.
-                  label selector for pods).
-                type: string
-              schematic:
-                description: Schematic defines the data format and template of the
-                  encapsulation of the workload
-                properties:
-                  cue:
-                    description: CUE defines the encapsulation in CUE format
-                    properties:
-                      template:
-                        description: Template defines the abstraction template data
-                          of the capability, it will replace the old CUE template
-                          in extension field. Template is a required field if CUE
-                          is defined in Capability Definition.
-                        type: string
-                    required:
-                    - template
-                    type: object
-                  helm:
-                    description: A Helm represents resources used by a Helm module
-                    properties:
-                      release:
-                        description: Release records a Helm release used by a Helm
-                          module workload.
-                        type: object
-                        x-kubernetes-preserve-unknown-fields: true
-                      repository:
-                        description: HelmRelease records a Helm repository used by
-                          a Helm module workload.
-                        type: object
-                        x-kubernetes-preserve-unknown-fields: true
-                    required:
-                    - release
-                    - repository
-                    type: object
-                  kube:
-                    description: Kube defines the encapsulation in raw Kubernetes
-                      resource format
-                    properties:
-                      parameters:
-                        description: Parameters defines configurable parameters
-                        items:
-                          description: A KubeParameter defines a configurable parameter
-                            of a component.
-                          properties:
-                            description:
-                              description: Description of this parameter.
-                              type: string
-                            fieldPaths:
-                              description: "FieldPaths specifies an array of fields
-                                within this workload that will be overwritten by the
-                                value of this parameter. \tAll fields must be of the
-                                same type. Fields are specified as JSON field paths
-                                without a leading dot, for example 'spec.replicas'."
-                              items:
-                                type: string
-                              type: array
-                            name:
-                              description: Name of this parameter
-                              type: string
-                            required:
-                              default: false
-                              description: Required specifies whether or not a value
-                                for this parameter must be supplied when authoring
-                                an Application.
-                              type: boolean
-                            type:
-                              description: 'ValueType indicates the type of the parameter
-                                value, and only supports basic data types: string,
-                                number, boolean.'
-                              enum:
-                              - string
-                              - number
-                              - boolean
-                              type: string
-                          required:
-                          - fieldPaths
-                          - name
-                          - type
-                          type: object
-                        type: array
-                      template:
-                        description: Template defines the raw Kubernetes resource
-                        type: object
-                        x-kubernetes-preserve-unknown-fields: true
-                    required:
-                    - template
-                    type: object
-                  terraform:
-                    description: Terraform is the struct to describe cloud resources
-                      managed by Hashicorp Terraform
-                    properties:
-                      configuration:
-                        description: Configuration is Terraform Configuration
-                        type: string
-                      customRegion:
-                        description: Region is cloud provider's region. It will override
-                          the region in the region field of ProviderReference
-                        type: string
-                      deleteResource:
-                        default: true
-                        description: DeleteResource will determine whether provisioned
-                          cloud resources will be deleted when CR is deleted
-                        type: boolean
-                      path:
-                        description: Path is the sub-directory of remote git repository.
-                          It's valid when remote is set
-                        type: string
-                      providerRef:
-                        description: ProviderReference specifies the reference to
-                          Provider
-                        properties:
-                          name:
-                            description: Name of the referenced object.
-                            type: string
-                          namespace:
-                            default: default
-                            description: Namespace of the referenced object.
-                            type: string
-                        required:
-                        - name
-                        type: object
-                      type:
-                        default: hcl
-                        description: Type specifies which Terraform configuration
-                          it is, HCL or JSON syntax
-                        enum:
-                        - hcl
-                        - json
-                        - remote
-                        type: string
-                      writeConnectionSecretToRef:
-                        description: WriteConnectionSecretToReference specifies the
-                          namespace and name of a Secret to which any connection details
-                          for this managed resource should be written. Connection
-                          details frequently include the endpoint, username, and password
-                          required to connect to the managed resource.
-                        properties:
-                          name:
-                            description: Name of the secret.
-                            type: string
-                          namespace:
-                            description: Namespace of the secret.
-                            type: string
-                        required:
-                        - name
-                        type: object
-                    required:
-                    - configuration
-                    type: object
-                type: object
-              status:
-                description: Status defines the custom health policy and status message
-                  for workload
-                properties:
-                  customStatus:
-                    description: CustomStatus defines the custom status message that
-                      could display to user
-                    type: string
-                  healthPolicy:
-                    description: HealthPolicy defines the health check policy for
-                      the abstraction
-                    type: string
-                type: object
-            required:
-            - definitionRef
-            type: object
-          status:
-            description: WorkloadDefinitionStatus is the status of WorkloadDefinition
-            properties:
-              conditions:
-                description: Conditions of the resource.
-                items:
-                  description: A Condition that may apply to a resource.
-                  properties:
-                    lastTransitionTime:
-                      description: LastTransitionTime is the last time this condition
-                        transitioned from one status to another.
-                      format: date-time
-                      type: string
-                    message:
-                      description: A Message containing details about this condition's
-                        last transition from one status to another, if any.
-                      type: string
-                    reason:
-                      description: A Reason for this condition's last transition from
-                        one status to another.
-                      type: string
-                    status:
-                      description: Status of this condition; is it currently True,
-                        False, or Unknown?
-                      type: string
-                    type:
-                      description: Type of this condition. At most one of each condition
-                        type may apply to a resource at any point in time.
-                      type: string
-                  required:
-                  - lastTransitionTime
-                  - reason
-                  - status
-                  - type
-                  type: object
-                type: array
-            type: object
-        type: object
-    served: true
-    storage: true
-    subresources: {}
-status:
-  acceptedNames:
-    kind: ""
-    plural: ""
-  conditions: []
-  storedVersions: []
--- a/pkg/static/vela/charts/vela-core/crds/standard.oam.dev_rollouts.yaml
+++ b/pkg/static/vela/charts/vela-core/crds/standard.oam.dev_rollouts.yaml
@ -1,482 +0,0 @@
-
---
-apiVersion: apiextensions.k8s.io/v1
-kind: CustomResourceDefinition
-metadata:
-  annotations:
-    controller-gen.kubebuilder.io/version: v0.6.2
-  name: rollouts.standard.oam.dev
-spec:
-  group: standard.oam.dev
-  names:
-    categories:
-    - oam
-    kind: Rollout
-    listKind: RolloutList
-    plural: rollouts
-    shortNames:
-    - rollout
-    singular: rollout
-  scope: Namespaced
-  versions:
-  - additionalPrinterColumns:
-    - jsonPath: .status.rolloutTargetSize
-      name: TARGET
-      type: string
-    - jsonPath: .status.upgradedReplicas
-      name: UPGRADED
-      type: string
-    - jsonPath: .status.upgradedReadyReplicas
-      name: READY
-      type: string
-    - jsonPath: .status.batchRollingState
-      name: BATCH-STATE
-      type: string
-    - jsonPath: .status.rollingState
-      name: ROLLING-STATE
-      type: string
-    - jsonPath: .metadata.creationTimestamp
-      name: AGE
-      type: date
-    name: v1alpha1
-    schema:
-      openAPIV3Schema:
-        description: Rollout is the Schema for the Rollout API
-        properties:
-          apiVersion:
-            description: 'APIVersion defines the versioned schema of this representation
-              of an object. Servers should convert recognized schemas to the latest
-              internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
-            type: string
-          kind:
-            description: 'Kind is a string value representing the REST resource this
-              object represents. Servers may infer this from the endpoint the client
-              submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
-            type: string
-          metadata:
-            type: object
-          spec:
-            description: RolloutSpec defines how to describe an update between different
-              compRevision
-            properties:
-              componentName:
-                description: ComponentName specify the component name
-                type: string
-              rolloutPlan:
-                description: RolloutPlan is the details on how to rollout the resources
-                properties:
-                  batchPartition:
-                    description: All pods in the batches up to the batchPartition
-                      (included) will have the target resource specification while
-                      the rest still have the source resource This is designed for
-                      the operators to manually rollout Default is the the number
-                      of batches which will rollout all the batches
-                    format: int32
-                    type: integer
-                  canaryMetric:
-                    description: CanaryMetric provides a way for the rollout process
-                      to automatically check certain metrics before complete the process
-                    items:
-                      description: CanaryMetric holds the reference to metrics used
-                        for canary analysis
-                      properties:
-                        interval:
-                          description: Interval represents the windows size
-                          type: string
-                        metricsRange:
-                          description: Range value accepted for this metric
-                          properties:
-                            max:
-                              anyOf:
-                              - type: integer
-                              - type: string
-                              description: Maximum value
-                              x-kubernetes-int-or-string: true
-                            min:
-                              anyOf:
-                              - type: integer
-                              - type: string
-                              description: Minimum value
-                              x-kubernetes-int-or-string: true
-                          type: object
-                        name:
-                          description: Name of the metric
-                          type: string
-                        templateRef:
-                          description: TemplateRef references a metric template object
-                          properties:
-                            apiVersion:
-                              description: API version of the referent.
-                              type: string
-                            fieldPath:
-                              description: 'If referring to a piece of an object instead
-                                of an entire object, this string should contain a
-                                valid JSON/Go field access statement, such as desiredState.manifest.containers[2].
-                                For example, if the object reference is to a container
-                                within a pod, this would take on a value like: "spec.containers{name}"
-                                (where "name" refers to the name of the container
-                                that triggered the event) or if no container name
-                                is specified "spec.containers[2]" (container with
-                                index 2 in this pod). This syntax is chosen only to
-                                have some well-defined way of referencing a part of
-                                an object. TODO: this design is not final and this
-                                field is subject to change in the future.'
-                              type: string
-                            kind:
-                              description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
-                              type: string
-                            name:
-                              description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names'
-                              type: string
-                            namespace:
-                              description: 'Namespace of the referent. More info:
-                                https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/'
-                              type: string
-                            resourceVersion:
-                              description: 'Specific resourceVersion to which this
-                                reference is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency'
-                              type: string
-                            uid:
-                              description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids'
-                              type: string
-                          type: object
-                      required:
-                      - name
-                      type: object
-                    type: array
-                  numBatches:
-                    description: The number of batches, default = 1
-                    format: int32
-                    type: integer
-                  paused:
-                    description: Paused the rollout, default is false
-                    type: boolean
-                  rolloutBatches:
-                    description: The exact distribution among batches. its size has
-                      to be exactly the same as the NumBatches (if set) The total
-                      number cannot exceed the targetSize or the size of the source
-                      resource We will IGNORE the last batch's replica field if it's
-                      a percentage since round errors can lead to inaccurate sum We
-                      highly recommend to leave the last batch's replica field empty
-                    items:
-                      description: RolloutBatch is used to describe how the each batch
-                        rollout should be
-                      properties:
-                        batchRolloutWebhooks:
-                          description: RolloutWebhooks provides a way for the batch
-                            rollout to interact with an external process
-                          items:
-                            description: RolloutWebhook holds the reference to external
-                              checks used for canary analysis
-                            properties:
-                              expectedStatus:
-                                description: ExpectedStatus contains all the expected
-                                  http status code that we will accept as success
-                                items:
-                                  type: integer
-                                type: array
-                              metadata:
-                                additionalProperties:
-                                  type: string
-                                description: Metadata (key-value pairs) for this webhook
-                                type: object
-                              method:
-                                description: Method the HTTP call method, default
-                                  is POST
-                                type: string
-                              name:
-                                description: Name of this webhook
-                                type: string
-                              type:
-                                description: Type of this webhook
-                                type: string
-                              url:
-                                description: URL address of this webhook
-                                type: string
-                            required:
-                            - name
-                            - type
-                            - url
-                            type: object
-                          type: array
-                        canaryMetric:
-                          description: CanaryMetric provides a way for the batch rollout
-                            process to automatically check certain metrics before
-                            moving to the next batch
-                          items:
-                            description: CanaryMetric holds the reference to metrics
-                              used for canary analysis
-                            properties:
-                              interval:
-                                description: Interval represents the windows size
-                                type: string
-                              metricsRange:
-                                description: Range value accepted for this metric
-                                properties:
-                                  max:
-                                    anyOf:
-                                    - type: integer
-                                    - type: string
-                                    description: Maximum value
-                                    x-kubernetes-int-or-string: true
-                                  min:
-                                    anyOf:
-                                    - type: integer
-                                    - type: string
-                                    description: Minimum value
-                                    x-kubernetes-int-or-string: true
-                                type: object
-                              name:
-                                description: Name of the metric
-                                type: string
-                              templateRef:
-                                description: TemplateRef references a metric template
-                                  object
-                                properties:
-                                  apiVersion:
-                                    description: API version of the referent.
-                                    type: string
-                                  fieldPath:
-                                    description: 'If referring to a piece of an object
-                                      instead of an entire object, this string should
-                                      contain a valid JSON/Go field access statement,
-                                      such as desiredState.manifest.containers[2].
-                                      For example, if the object reference is to a
-                                      container within a pod, this would take on a
-                                      value like: "spec.containers{name}" (where "name"
-                                      refers to the name of the container that triggered
-                                      the event) or if no container name is specified
-                                      "spec.containers[2]" (container with index 2
-                                      in this pod). This syntax is chosen only to
-                                      have some well-defined way of referencing a
-                                      part of an object. TODO: this design is not
-                                      final and this field is subject to change in
-                                      the future.'
-                                    type: string
-                                  kind:
-                                    description: 'Kind of the referent. More info:
-                                      https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
-                                    type: string
-                                  name:
-                                    description: 'Name of the referent. More info:
-                                      https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names'
-                                    type: string
-                                  namespace:
-                                    description: 'Namespace of the referent. More
-                                      info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/'
-                                    type: string
-                                  resourceVersion:
-                                    description: 'Specific resourceVersion to which
-                                      this reference is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency'
-                                    type: string
-                                  uid:
-                                    description: 'UID of the referent. More info:
-                                      https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids'
-                                    type: string
-                                type: object
-                            required:
-                            - name
-                            type: object
-                          type: array
-                        instanceInterval:
-                          description: The wait time, in seconds, between instances
-                            upgrades, default = 0
-                          format: int32
-                          type: integer
-                        maxUnavailable:
-                          anyOf:
-                          - type: integer
-                          - type: string
-                          description: MaxUnavailable is the max allowed number of
-                            pods that is unavailable during the upgrade. We will mark
-                            the batch as ready as long as there are less or equal
-                            number of pods unavailable than this number. default =
-                            0
-                          x-kubernetes-int-or-string: true
-                        podList:
-                          description: The list of Pods to get upgraded it is mutually
-                            exclusive with the Replicas field
-                          items:
-                            type: string
-                          type: array
-                        replicas:
-                          anyOf:
-                          - type: integer
-                          - type: string
-                          description: 'Replicas is the number of pods to upgrade
-                            in this batch it can be an absolute number (ex: 5) or
-                            a percentage of total pods we will ignore the percentage
-                            of the last batch to just fill the gap it is mutually
-                            exclusive with the PodList field'
-                          x-kubernetes-int-or-string: true
-                      type: object
-                    type: array
-                  rolloutStrategy:
-                    description: RolloutStrategy defines strategies for the rollout
-                      plan The default is IncreaseFirstRolloutStrategyType
-                    type: string
-                  rolloutWebhooks:
-                    description: RolloutWebhooks provide a way for the rollout to
-                      interact with an external process
-                    items:
-                      description: RolloutWebhook holds the reference to external
-                        checks used for canary analysis
-                      properties:
-                        expectedStatus:
-                          description: ExpectedStatus contains all the expected http
-                            status code that we will accept as success
-                          items:
-                            type: integer
-                          type: array
-                        metadata:
-                          additionalProperties:
-                            type: string
-                          description: Metadata (key-value pairs) for this webhook
-                          type: object
-                        method:
-                          description: Method the HTTP call method, default is POST
-                          type: string
-                        name:
-                          description: Name of this webhook
-                          type: string
-                        type:
-                          description: Type of this webhook
-                          type: string
-                        url:
-                          description: URL address of this webhook
-                          type: string
-                      required:
-                      - name
-                      - type
-                      - url
-                      type: object
-                    type: array
-                  targetSize:
-                    description: The size of the target resource. The default is the
-                      same as the size of the source resource.
-                    format: int32
-                    type: integer
-                type: object
-              sourceRevisionName:
-                description: SourceRevisionName contains the name of the componentRevisionName  that
-                  we need to upgrade from. it can be empty only when it's the first
-                  time to deploy the application
-                type: string
-              targetRevisionName:
-                description: TargetRevisionName contains the name of the componentRevisionName
-                  that we need to upgrade to.
-                type: string
-            required:
-            - componentName
-            - rolloutPlan
-            - targetRevisionName
-            type: object
-          status:
-            description: CompRolloutStatus defines the observed state of rollout
-            properties:
-              LastSourceRevision:
-                description: LastSourceRevision contains the name of the componentRevisionName
-                  that we need to upgrade from. We will restart the rollout if this
-                  is not the same as the spec
-                type: string
-              batchRollingState:
-                description: BatchRollingState only meaningful when the Status is
-                  rolling
-                type: string
-              conditions:
-                description: Conditions of the resource.
-                items:
-                  description: A Condition that may apply to a resource.
-                  properties:
-                    lastTransitionTime:
-                      description: LastTransitionTime is the last time this condition
-                        transitioned from one status to another.
-                      format: date-time
-                      type: string
-                    message:
-                      description: A Message containing details about this condition's
-                        last transition from one status to another, if any.
-                      type: string
-                    reason:
-                      description: A Reason for this condition's last transition from
-                        one status to another.
-                      type: string
-                    status:
-                      description: Status of this condition; is it currently True,
-                        False, or Unknown?
-                      type: string
-                    type:
-                      description: Type of this condition. At most one of each condition
-                        type may apply to a resource at any point in time.
-                      type: string
-                  required:
-                  - lastTransitionTime
-                  - reason
-                  - status
-                  - type
-                  type: object
-                type: array
-              currentBatch:
-                description: The current batch the rollout is working on/blocked it
-                  starts from 0
-                format: int32
-                type: integer
-              lastAppliedPodTemplateIdentifier:
-                description: lastAppliedPodTemplateIdentifier is a string that uniquely
-                  represent the last pod template each workload type could use different
-                  ways to identify that so we cannot compare between resources We
-                  update this field only after a successful rollout
-                type: string
-              lastTargetRevision:
-                description: LastUpgradedTargetRevision contains the name of the componentRevisionName
-                  that we upgraded to We will restart the rollout if this is not the
-                  same as the spec
-                type: string
-              rollingState:
-                description: RollingState is the Rollout State
-                type: string
-              rolloutOriginalSize:
-                description: RolloutTargetSize is the size of the target resources.
-                  This is determined once the initial spec verification and does not
-                  change until the rollout is restarted
-                format: int32
-                type: integer
-              rolloutTargetSize:
-                description: RolloutTargetSize is the size of the target resources.
-                  This is determined once the initial spec verification and does not
-                  change until the rollout is restarted
-                format: int32
-                type: integer
-              targetGeneration:
-                description: NewPodTemplateIdentifier is a string that uniquely represent
-                  the new pod template each workload type could use different ways
-                  to identify that so we cannot compare between resources
-                type: string
-              upgradedReadyReplicas:
-                description: UpgradedReadyReplicas is the number of Pods upgraded
-                  by the rollout controller that have a Ready Condition.
-                format: int32
-                type: integer
-              upgradedReplicas:
-                description: UpgradedReplicas is the number of Pods upgraded by the
-                  rollout controller
-                format: int32
-                type: integer
-            required:
-            - currentBatch
-            - lastTargetRevision
-            - rollingState
-            - upgradedReadyReplicas
-            - upgradedReplicas
-            type: object
-        type: object
-    served: true
-    storage: true
-    subresources:
-      status: {}
-status:
-  acceptedNames:
-    kind: ""
-    plural: ""
-  conditions: []
-  storedVersions: []
--- a/pkg/static/vela/charts/vela-core/templates/NOTES.txt
+++ b/pkg/static/vela/charts/vela-core/templates/NOTES.txt
@ -1,35 +0,0 @@
-Welcome to use the KubeVela! Enjoy your shipping application journey!
-
-                                   ,
-                                   //,
-                                   ////
-                               ./  /////*
-                             ,///  ///////
-                           ./////  ////////
-                          ///////  /////////
-                         ////////  //////////
-                       ,/////////  ///////////
-                      ,//////////  ///////////.
-                     .///////////  ////////////
-                     ////////////  ////////////.
-                    *////////////  ////////////*
-       #@@@@@@@@@@@*     ..,,***/  /////////////
-        /@@@@@@@@@@@#
-         *@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@&
-          .@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@.
-
-              @@@@@@@@@@@@@@@@@@@@@@@@@@@@@
-                .&@@@*    *@@@&    ,@@@&.
-
-       _  __       _          __     __     _
-      | |/ /_   _ | |__    ___\ \   / /___ | |  __ _
-      | ' /| | | || '_ \  / _ \\ \ / // _ \| | / _` |
-      | . \| |_| || |_) ||  __/ \ V /|  __/| || (_| |
-      |_|\_\\__,_||_.__/  \___|  \_/  \___||_| \__,_|
-
-** Please note before uninstalling **
-
-If you enable fluxcd addon when install the chart by set `enableFluxcdAddon=true` .
-Uninstall wouldn't disable the fluxcd addon ,and it will be kept in the cluster.
-Please guarantee there is no application in cluster using this addon and disable it firstly before uninstall the helm chart.
-And you can find the script of one-short disable all addons from the uninstalling section of https://github.com/oam-dev/kubevela/blob/master/charts/vela-core/README.md.
--- a/pkg/static/vela/charts/vela-core/templates/_helpers.tpl
+++ b/pkg/static/vela/charts/vela-core/templates/_helpers.tpl
@ -1,311 +0,0 @@
-{{/* vim: set filetype=mustache: */}}
-{{/*
-Expand the name of the chart.
-*/}}
-{{- define "kubevela.name" -}}
-{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" -}}
-{{- end -}}
-
-{{/*
-Create a default fully qualified app name.
-We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
-If release name contains chart name it will be used as a full name.
-*/}}
-{{- define "kubevela.fullname" -}}
-{{- if .Values.fullnameOverride -}}
-{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" -}}
-{{- else -}}
-{{- $name := default .Chart.Name .Values.nameOverride -}}
-{{- if contains $name .Release.Name -}}
-{{- .Release.Name | trunc 63 | trimSuffix "-" -}}
-{{- else -}}
-{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" -}}
-{{- end -}}
-{{- end -}}
-{{- end -}}
-
-{{/*
-Create chart name and version as used by the chart label.
-*/}}
-{{- define "kubevela.chart" -}}
-{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" -}}
-{{- end -}}
-
-{{/*
-Common labels
-*/}}
-{{- define "kubevela.labels" -}}
-helm.sh/chart: {{ include "kubevela.chart" . }}
-{{ include "kubevela.selectorLabels" . }}
-{{- if .Chart.AppVersion }}
-app.kubernetes.io/version: {{ .Chart.AppVersion | quote }}
-{{- end }}
-app.kubernetes.io/managed-by: {{ .Release.Service }}
-{{- end -}}
-
-{{/*
-Selector labels
-*/}}
-{{- define "kubevela.selectorLabels" -}}
-app.kubernetes.io/name: {{ include "kubevela.name" . }}
-app.kubernetes.io/instance: {{ .Release.Name }}
-{{- end -}}
-
-{{- define "kubevela-cluster-gateway.selectorLabels" -}}
-app.kubernetes.io/name: {{ include "kubevela.name" . }}-cluster-gateway
-app.kubernetes.io/instance: {{ .Release.Name }}-cluster-gateway
-{{- end -}}
-
-{{/*
-Create the name of the service account to use
-*/}}
-{{- define "kubevela.serviceAccountName" -}}
-{{- if .Values.serviceAccount.create -}}
-    {{ default (include "kubevela.fullname" .) .Values.serviceAccount.name }}
-{{- else -}}
-    {{ default "default" .Values.serviceAccount.name }}
-{{- end -}}
-{{- end -}}
-
-{{/*
-systemDefinitionNamespace value defaulter
-*/}}
-{{- define "systemDefinitionNamespace" -}}
-{{- if .Values.systemDefinitionNamespace -}}
-    {{ .Values.systemDefinitionNamespace }}
-{{- else -}}
-    {{ .Release.Namespace }}
-{{- end -}}
-{{- end -}}
-
-{{/*
-PodSpec for both Deployment and Pod
-*/}}
-{{- define "kubevela.podSpec" -}}
-{{- with .Values.imagePullSecrets -}}
-imagePullSecrets:
-{{- toYaml . | nindent 6 -}}
-{{- end -}}
-serviceAccountName: {{ include "kubevela.serviceAccountName" . }}
-securityContext:
-{{- toYaml .Values.podSecurityContext | nindent 2 }}
-containers:
- name: {{ .Release.Name }}
-  securityContext:
-  {{- toYaml .Values.securityContext | nindent 4 }}
-  args:
-    - "--metrics-addr=:8080"
-    - "--enable-leader-election"
-    {{- if ne .Values.logFilePath "" }}
-    - "--log-file-path={{ .Values.logFilePath }}"
-    - "--log-file-max-size={{ .Values.logFileMaxSize }}"
-    {{ end -}}
-    {{ if .Values.logDebug }}
-    - "--log-debug=true"
-    {{ end }}
-    {{ if .Values.admissionWebhooks.enabled }}
-    - "--use-webhook=true"
-    - "--webhook-port={{ .Values.webhookService.port }}"
-    - "--webhook-cert-dir={{ .Values.admissionWebhooks.certificate.mountPath }}"
-    {{ end }}
-    - "--health-addr=:{{ .Values.healthCheck.port }}"
-    {{ if ne .Values.disableCaps "" }}
-    - "--disable-caps={{ .Values.disableCaps }}"
-    {{ end }}
-    - "--system-definition-namespace={{ include "systemDefinitionNamespace" . }}"
-    - "--application-revision-limit={{ .Values.applicationRevisionLimit }}"
-    - "--definition-revision-limit={{ .Values.definitionRevisionLimit }}"
-    - "--oam-spec-ver={{ .Values.OAMSpecVer }}"
-    {{ if .Values.multicluster.enabled }}
-    - "--enable-cluster-gateway"
-    {{ end }}
-    - "--application-re-sync-period={{ .Values.controllerArgs.reSyncPeriod }}"
-    - "--concurrent-reconciles={{ .Values.concurrentReconciles }}"
-    - "--kube-api-qps={{ .Values.kubeClient.qps }}"
-    - "--kube-api-burst={{ .Values.kubeClient.burst }}"
-    - "--max-workflow-wait-backoff-time={{ .Values.workflow.backoff.maxTime.waitState }}"
-    - "--max-workflow-failed-backoff-time={{ .Values.workflow.backoff.maxTime.failedState }}"
-    - "--max-workflow-step-error-retry-times={{ .Values.workflow.step.errorRetryTimes }}"
-  image: {{ .Values.imageRegistry }}{{ .Values.image.repository }}:{{ .Values.image.tag }}
-  imagePullPolicy: {{ quote .Values.image.pullPolicy }}
-  resources:
-  {{- toYaml .Values.resources | nindent 4 -}}
-  {{ if .Values.admissionWebhooks.enabled }}
-  ports:
-    - containerPort: {{ .Values.webhookService.port }}
-      name: webhook-server
-      protocol: TCP
-    - containerPort: {{ .Values.healthCheck.port }}
-      name: healthz
-      protocol: TCP
-  readinessProbe:
-    httpGet:
-      path: /readyz
-      port: healthz
-    initialDelaySeconds: 30
-    periodSeconds: 5
-  livenessProbe:
-    httpGet:
-      path: /healthz
-      port: healthz
-    initialDelaySeconds: 90
-    periodSeconds: 5
-  volumeMounts:
-    - mountPath: {{ .Values.admissionWebhooks.certificate.mountPath }}
-      name: tls-cert-vol
-      readOnly: true
-  {{ end }}
-{{ if .Values.admissionWebhooks.enabled }}
-volumes:
- name: tls-cert-vol
-  secret:
-    defaultMode: 420
-    secretName: {{ template "kubevela.fullname" . }}-admission
-{{ end }}
-{{- with .Values.nodeSelector }}
-nodeSelector:
-{{- toYaml . | nindent 6 }}
-{{- end }}
-{{- with .Values.affinity }}
-affinity:
-{{- toYaml . | nindent 8 }}
-{{- end }}
-{{- with .Values.tolerations }}
-tolerations:
-{{- toYaml . | nindent 8 }}
-{{- end }}
-{{ end }}
-
-{{/*
-Cluster Gateway podSpec for both Deployment and Pod
-*/}}
-{{- define "kubevela-cluster-gateway.podSpec" -}}
-{{- with .Values.imagePullSecrets }}
-imagePullSecrets:
-{{- toYaml . | nindent 2 }}
-{{- end }}
-serviceAccountName: {{ include "kubevela.serviceAccountName" . }}
-securityContext:
-{{- toYaml .Values.podSecurityContext | nindent 2 }}
-containers:
- name: {{ include "kubevela.fullname" . }}-cluster-gateway
-  securityContext:
-  {{- toYaml .Values.securityContext | nindent 6 }}
-  args:
-    - "apiserver"
-    - "--secure-port={{ .Values.multicluster.clusterGateway.port }}"
-    - "--secret-namespace={{ .Release.Namespace }}"
-    - "--feature-gates=APIPriorityAndFairness=false"
-    {{ if .Values.multicluster.clusterGateway.secureTLS.enabled }}
-    - "--cert-dir={{ .Values.multicluster.clusterGateway.secureTLS.certPath }}"
-    {{ end }}
-  image: {{ .Values.imageRegistry }}{{ .Values.multicluster.clusterGateway.image.repository }}:{{ .Values.multicluster.clusterGateway.image.tag }}
-  imagePullPolicy: {{ .Values.multicluster.clusterGateway.image.pullPolicy }}
-  resources:
-  {{- toYaml .Values.multicluster.clusterGateway.resources | nindent 6 }}
-  ports:
-    - containerPort: {{ .Values.multicluster.clusterGateway.port }}
-  {{ if .Values.multicluster.clusterGateway.secureTLS.enabled }}
-  volumeMounts:
-    - mountPath: {{ .Values.multicluster.clusterGateway.secureTLS.certPath }}
-      name: tls-cert-vol
-      readOnly: true
-  {{- end }}
-{{ if .Values.multicluster.clusterGateway.secureTLS.enabled }}
-volumes:
- name: tls-cert-vol
-  secret:
-    defaultMode: 420
-    secretName: {{ template "kubevela.fullname" . }}-cluster-gateway-tls
-{{ end }}
-{{- with .Values.nodeSelector }}
-nodeSelector:
-{{- toYaml . | nindent 2 }}
-{{- end }}
-{{- with .Values.affinity }}
-affinity:
-{{- toYaml . | nindent 2 }}
-{{- end }}
-{{- with .Values.tolerations }}
-tolerations:
-{{- toYaml . | nindent 2 }}
-{{- end }}
-{{ end }}
-
-{{ define "kubevela-cluster-gateway-tls-secret-patch.name-labels" }}
-name: {{ template "kubevela.fullname" . }}-cluster-gateway-tls-secret-patch
-labels:
-  app: {{ template "kubevela.fullname" . }}-cluster-gateway-tls-secret-patch
-  {{- include "kubevela.labels" . | nindent 2 }}
-{{ end }}
-{{ define "kubevela-cluster-gateway-tls-secret-patch.annotations" }}
-annotations:
-  "helm.sh/hook": post-install,post-upgrade
-  "helm.sh/hook-delete-policy": before-hook-creation,hook-succeeded
-{{ end }}
-
-{{/*
-Cluster Gateway TLS secret patch podSpec for both Job and Pod
-*/}}
-{{ define "kubevela-cluster-gateway-tls-secret-patch.podSpec" }}
-{{- with .Values.imagePullSecrets }}
-imagePullSecrets:
-{{- toYaml . | nindent 2 }}
-{{- end }}
-containers:
- name: patch
-  image: {{ .Values.imageRegistry }}{{ .Values.multicluster.clusterGateway.image.repository }}:{{ .Values.multicluster.clusterGateway.image.tag }}
-  imagePullPolicy: {{ .Values.multicluster.clusterGateway.image.pullPolicy }}
-  command:
-    - /patch
-  args:
-    - --secret-namespace={{ .Release.Namespace }}
-    - --secret-name={{ template "kubevela.fullname" . }}-cluster-gateway-tls
-restartPolicy: OnFailure
-serviceAccountName: {{ include "kubevela.serviceAccountName" . }}
-securityContext:
-  runAsGroup: 2000
-  runAsNonRoot: true
-  runAsUser: 2000
-{{ end }}
-
-
-{{ define "kubevela-cluster-gateway-tls-secret-create.name-labels" }}
-name: {{ template "kubevela.fullname" . }}-cluster-gateway-tls-secret-create
-labels:
-  app: {{ template "kubevela.fullname" . }}-cluster-gateway-tls-secret-create
-  {{- include "kubevela.labels" . | nindent 2 }}
-{{ end }}
-
-{{ define "kubevela-cluster-gateway-tls-secret-create.annotations" }}
-annotations:
-  "helm.sh/hook": pre-install,pre-upgrade
-  "helm.sh/hook-delete-policy": before-hook-creation,hook-succeeded
-{{ end }}
-
-{{/*
-Cluster Gateway TLS secret create podSpec for both Job and Pod
-*/}}
-{{ define "kubevela-cluster-gateway-tls-secret-create.podSpec" }}
-{{- with .Values.imagePullSecrets }}
-imagePullSecrets:
-  {{- toYaml . | nindent 2 }}
-{{- end }}
-containers:
-  - name: create
-    image: {{ .Values.imageRegistry }}{{ .Values.admissionWebhooks.patch.image.repository }}:{{ .Values.admissionWebhooks.patch.image.tag }}
-    imagePullPolicy: {{ .Values.admissionWebhooks.patch.image.pullPolicy }}
-    args:
-      - create
-      - --host={{ .Release.Name }}-cluster-gateway-service,{{ .Release.Name }}-cluster-gateway-service.{{ .Release.Namespace }}.svc
-      - --namespace={{ .Release.Namespace }}
-      - --secret-name={{ template "kubevela.fullname" . }}-cluster-gateway-tls
-      - --key-name=apiserver.key
-      - --cert-name=apiserver.crt
-restartPolicy: OnFailure
-serviceAccountName: {{ template "kubevela.fullname" . }}-cluster-gateway-admission
-securityContext:
-  runAsGroup: 2000
-  runAsNonRoot: true
-  runAsUser: 2000
-{{ end }}
--- a/pkg/static/vela/charts/vela-core/templates/addon/fluxcd-def.yaml
+++ b/pkg/static/vela/charts/vela-core/templates/addon/fluxcd-def.yaml
@ -1,270 +0,0 @@
-{{- if .Values.enableFluxcdAddon -}}
-apiVersion: core.oam.dev/v1beta1
-kind: Application
-metadata:
-  labels:
-    addons.oam.dev/name: fluxcd-def
-  name: addon-fluxcd-def
-  namespace: {{ .Release.Namespace }}
-  annotations:
-    "helm.sh/resource-policy": keep
-spec:
-  components:
-    - name: fluxc-def-resources
-      properties:
-        objects:
-          - apiVersion: core.oam.dev/v1beta1
-            kind: ComponentDefinition
-            metadata:
-              annotations:
-                definition.oam.dev/description: helm release is a group of K8s resources
-                  from either git repository or helm repo
-              name: helm
-              namespace: {{.Values.systemDefinitionNamespace}}
-            spec:
-              schematic:
-                cue:
-                  template: "output: {\n\tapiVersion: \"source.toolkit.fluxcd.io/v1beta1\"\n\tmetadata:
-                {\n\t\tname: context.name\n\t}\n\tif parameter.repoType == \"git\"
-                {\n\t\tkind: \"GitRepository\"\n\t\tspec: {\n\t\t\turl: parameter.url\n\t\t\tif
-                parameter.git.branch != _|_ {\n\t\t\t\tref: branch: parameter.git.branch\n\t\t\t}\n\t\t\t_secret\n\t\t\t_sourceCommonArgs\n\t\t}\n\t}\n\tif
-                parameter.repoType == \"oss\" {\n\t\tkind: \"Bucket\"\n\t\tspec: {\n\t\t\tendpoint:
-                \  parameter.url\n\t\t\tbucketName: parameter.oss.bucketName\n\t\t\tprovider:
-                \  parameter.oss.provider\n\t\t\tif parameter.oss.region != _|_ {\n\t\t\t\tregion:
-                parameter.oss.region\n\t\t\t}\n\t\t\t_secret\n\t\t\t_sourceCommonArgs\n\t\t}\n\t}\n\tif
-                parameter.repoType == \"helm\" {\n\t\tkind: \"HelmRepository\"\n\t\tspec:
-                {\n\t\t\turl: parameter.url\n\t\t\t_secret\n\t\t\t_sourceCommonArgs\n\t\t}\n\t}\n}\n\noutputs:
-                release: {\n\tapiVersion: \"helm.toolkit.fluxcd.io/v2beta1\"\n\tkind:
-                \      \"HelmRelease\"\n\tmetadata: {\n\t\tname: context.name\n\t}\n\tspec:
-                {\n\t\ttimeout: parameter.installTimeout\n\t\tinterval: parameter.interval\n\t\tchart:
-                {\n\t\t\tspec: {\n\t\t\t\tchart:   parameter.chart\n\t\t\t\tversion:
-                parameter.version\n\t\t\t\tsourceRef: {\n\t\t\t\t\tif parameter.repoType
-                == \"git\" {\n\t\t\t\t\t\tkind: \"GitRepository\"\n\t\t\t\t\t}\n\t\t\t\t\tif
-                parameter.repoType == \"helm\" {\n\t\t\t\t\t\tkind: \"HelmRepository\"\n\t\t\t\t\t}\n\t\t\t\t\tif
-                parameter.repoType == \"oss\" {\n\t\t\t\t\t\tkind: \"Bucket\"\n\t\t\t\t\t}\n\t\t\t\t\tname:
-                \     context.name\n\t\t\t\t}\n\t\t\t\tinterval: parameter.interval\n\t\t\t}\n\t\t}\n\t\tif
-                parameter.targetNamespace != _|_ {\n\t\t\ttargetNamespace: parameter.targetNamespace\n\t\t}\n\t\tif
-                parameter.releaseName != _|_ {\n\t\t\treleaseName: parameter.releaseName\n\t\t}\n\t\tif
-                parameter.values != _|_ {\n\t\t\tvalues: parameter.values\n\t\t}\n\t}\n}\n\n_secret:
-                {\n\tif parameter.secretRef != _|_ {\n\t\tsecretRef: {\n\t\t\tname:
-                parameter.secretRef\n\t\t}\n\t}\n}\n\n_sourceCommonArgs: {\n\tinterval:
-                parameter.pullInterval\n\tif parameter.timeout != _|_ {\n\t\ttimeout:
-                parameter.timeout\n\t}\n}\n\nparameter: {\n\trepoType: *\"helm\" |
-                \"git\" | \"oss\"\n\t// +usage=The interval at which to check for
-                repository/bucket and relese updates, default to 5m\n\tpullInterval:
-                *\"5m\" | string\n        // +usage=The  Interval at which to reconcile
-                the Helm release, default to 30s\n        interval: *\"30s\" | string\n\t//
-                +usage=The Git or Helm repository URL, OSS endpoint, accept HTTP/S
-                or SSH address as git url,\n\turl: string\n\t// +usage=The name of
-                the secret containing authentication credentials\n\tsecretRef?: string\n\t//
-                +usage=The timeout for operations like download index/clone repository,
-                optional\n\ttimeout?: string\n\t// +usage=The timeout for operation
-                `helm install`, optional\n\tinstallTimeout: *\"10m\" | string\n\n\tgit?:
-                {\n\t\t// +usage=The Git reference to checkout and monitor for changes,
-                defaults to master branch\n\t\tbranch: string\n\t}\n\toss?: {\n\t\t//
-                +usage=The bucket's name, required if repoType is oss\n\t\tbucketName:
-                string\n\t\t// +usage=\"generic\" for Minio, Amazon S3, Google Cloud
-                Storage, Alibaba Cloud OSS, \"aws\" for retrieve credentials from
-                the EC2 service when credentials not specified, default \"generic\"\n\t\tprovider:
-                *\"generic\" | \"aws\"\n\t\t// +usage=The bucket region, optional\n\t\tregion?:
-                string\n\t}\n\n\t// +usage=1.The relative path to helm chart for git/oss
-                source. 2. chart name for helm resource 3. relative path for chart
-                package(e.g. ./charts/podinfo-1.2.3.tgz)\n\tchart: string\n\t// +usage=Chart
-                version\n\tversion: *\"*\" | string\n\t// +usage=The namespace for
-                helm chart, optional\n\ttargetNamespace?: string\n\t// +usage=The
-                release name\n\treleaseName?: string\n\t// +usage=Chart values\n\tvalues?:
-                #nestedmap\n}\n\n#nestedmap: {\n\t...\n}\n"
-              status:
-                customStatus: "repoMessage:    string\nreleaseMessage: string\nif context.output.status
-              == _|_ {\n\trepoMessage:    \"Fetching repository\"\n\treleaseMessage:
-              \"Wating repository ready\"\n}\nif context.output.status != _|_ {\n\trepoStatus:
-              context.output.status\n\tif repoStatus.conditions[0][\"type\"] != \"Ready\"
-              {\n\t\trepoMessage: \"Fetch repository fail\"\n\t}\n\tif repoStatus.conditions[0][\"type\"]
-              == \"Ready\" {\n\t\trepoMessage: \"Fetch repository successfully\"\n\t}\n\n\tif
-              context.outputs.release.status == _|_ {\n\t\treleaseMessage: \"Creating
-              helm release\"\n\t}\n\tif context.outputs.release.status != _|_ {\n\t\tif
-              context.outputs.release.status.conditions[0][\"message\"] == \"Release
-              reconciliation succeeded\" {\n\t\t\treleaseMessage: \"Create helm release
-              successfully\"\n\t\t}\n\t\tif context.outputs.release.status.conditions[0][\"message\"]
-              != \"Release reconciliation succeeded\" {\n\t\t\treleaseBasicMessage:
-              \"Delivery helm release in progress, message: \" + context.outputs.release.status.conditions[0][\"message\"]\n\t\t\tif
-              len(context.outputs.release.status.conditions) == 1 {\n\t\t\t\treleaseMessage:
-              releaseBasicMessage\n\t\t\t}\n\t\t\tif len(context.outputs.release.status.conditions)
-              > 1 {\n\t\t\t\treleaseMessage: releaseBasicMessage + \", \" + context.outputs.release.status.conditions[1][\"message\"]\n\t\t\t}\n\t\t}\n\t}\n\n}\nmessage:
-              repoMessage + \", \" + releaseMessage"
-                healthPolicy: 'isHealth: len(context.outputs.release.status.conditions)
-              != 0 && context.outputs.release.status.conditions[0]["status"]=="True"'
-              workload:
-                type: autodetects.core.oam.dev
-          - apiVersion: core.oam.dev/v1beta1
-            kind: TraitDefinition
-            metadata:
-              annotations:
-                definition.oam.dev/description: A list of JSON6902 patch to selected target
-              name: kustomize-json-patch
-              namespace: {{.Values.systemDefinitionNamespace}}
-            spec:
-              schematic:
-                cue:
-                  template: "patch: {\n\tspec: {\n\t\tpatchesJson6902: parameter.patchesJson\n\t}\n}\n\nparameter:
-                {\n\t// +usage=A list of JSON6902 patch.\n\tpatchesJson: [...#jsonPatchItem]\n}\n\n//
-                +usage=Contains a JSON6902 patch\n#jsonPatchItem: {\n\ttarget: #selector\n\tpatch:
-                [...{\n\t\t// +usage=operation to perform\n\t\top: string | \"add\"
-                | \"remove\" | \"replace\" | \"move\" | \"copy\" | \"test\"\n\t\t//
-                +usage=operate path e.g. /foo/bar\n\t\tpath: string\n\t\t// +usage=specify
-                source path when op is copy/move\n\t\tfrom?:  string\n\t\t// +usage=specify
-                opraation value when op is test/add/replace\n\t\tvalue?: string\n\t}]\n}\n\n//
-                +usage=Selector specifies a set of resources\n#selector: {\n\tgroup?:
-                \             string\n\tversion?:            string\n\tkind?:               string\n\tnamespace?:
-                \         string\n\tname?:               string\n\tannotationSelector?:
-                string\n\tlabelSelector?:      string\n}\n"
-          - apiVersion: core.oam.dev/v1beta1
-            kind: TraitDefinition
-            metadata:
-              annotations:
-                definition.oam.dev/description: A list of StrategicMerge or JSON6902 patch
-                  to selected target
-              name: kustomize-patch
-              namespace: {{.Values.systemDefinitionNamespace}}
-            spec:
-              schematic:
-                cue:
-                  template: "patch: {\n\tspec: {\n\t\tpatches: parameter.patches\n\t}\n}\nparameter:
-                {\n\t// +usage=a list of StrategicMerge or JSON6902 patch to selected
-                target\n\tpatches: [...#patchItem]\n}\n\n// +usage=Contains a strategicMerge
-                or JSON6902 patch\n#patchItem: {\n\t// +usage=Inline patch string,
-                in yaml style\n\tpatch: string\n\t// +usage=Specify the target the
-                patch should be applied to\n\ttarget: #selector\n}\n\n// +usage=Selector
-                specifies a set of resources\n#selector: {\n\tgroup?:              string\n\tversion?:
-                \           string\n\tkind?:               string\n\tnamespace?:          string\n\tname?:
-                \              string\n\tannotationSelector?: string\n\tlabelSelector?:
-                \     string\n}\n"
-          - apiVersion: core.oam.dev/v1beta1
-            kind: ComponentDefinition
-            metadata:
-              annotations:
-                definition.oam.dev/description: kustomize can fetching, building, updating
-                  and applying Kustomize manifests from git repo.
-              name: kustomize
-              namespace: {{.Values.systemDefinitionNamespace}}
-            spec:
-              schematic:
-                cue:
-                  template: "output: {\n\tapiVersion: \"kustomize.toolkit.fluxcd.io/v1beta1\"\n\tkind:
-                \      \"Kustomization\"\n\tmetadata: {\n\t\tname: context.name\n
-                \   namespace: context.namespace\n\t}\n\tspec: {\n\t\tinterval: parameter.pullInterval\n\t\tsourceRef:
-                {\n\t\t\tif parameter.repoType == \"git\" {\n\t\t\t\tkind: \"GitRepository\"\n\t\t\t}\n\t\t\tif
-                parameter.repoType == \"oss\" {\n\t\t\t\tkind: \"Bucket\"\n\t\t\t}\n\t\t\tname:
-                \     context.name\n\t\t\tnamespace: context.namespace\n\t\t}\n\t\tpath:
-                \      parameter.path\n\t\tprune:      true\n\t\tvalidation: \"client\"\n\t}\n}\n\noutputs:
-                {\n  repo: {\n\t  apiVersion: \"source.toolkit.fluxcd.io/v1beta1\"\n\t
-                \ metadata: {\n\t\t  name: context.name\n      namespace: context.namespace\n\t
-                \ }\n\t  if parameter.repoType == \"git\" {\n\t\t  kind: \"GitRepository\"\n\t\t
-                \ spec: {\n\t\t\t  url: parameter.url\n\t\t\t  if parameter.git.branch
-                != _|_ {\n\t\t\t\t  ref: branch: parameter.git.branch\n\t\t\t  }\n
-                \       if parameter.git.provider != _|_ {\n          if parameter.git.provider
-                == \"GitHub\" {\n            gitImplementation: \"go-git\"\n          }\n
-                \         if parameter.git.provider == \"AzureDevOps\" {\n            gitImplementation:
-                \"libgit2\"\n          }\n        }\n\t\t\t  _secret\n\t\t\t  _sourceCommonArgs\n\t\t
-                \ }\n\t  }\n\t  if parameter.repoType == \"oss\" {\n\t\t  kind: \"Bucket\"\n\t\t
-                \ spec: {\n\t\t\t  endpoint:   parameter.url\n\t\t\t  bucketName:
-                parameter.oss.bucketName\n\t\t\t  provider:   parameter.oss.provider\n\t\t\t
-                \ if parameter.oss.region != _|_ {\n\t\t\t\t  region: parameter.oss.region\n\t\t\t
-                \ }\n\t\t\t  _secret\n\t\t\t  _sourceCommonArgs\n\t\t  }\n\t  }\n
-                \ }\n\n  if parameter.imageRepository != _|_ {\n    imageRepo: {\n
-                \     apiVersion: \"image.toolkit.fluxcd.io/v1beta1\"\n      kind:
-                \"ImageRepository\"\n\t    metadata: {\n\t\t    name: context.name\n
-                \       namespace: context.namespace\n\t    }\n      spec: {\n        image:
-                parameter.imageRepository.image\n        interval: parameter.pullInterval\n
-                \       if parameter.imageRepository.secretRef != _|_ {\n          secretRef:
-                name: parameter.imageRepository.secretRef\n        }\n      }\n    }\n\n
-                \   imagePolicy: {\n      apiVersion: \"image.toolkit.fluxcd.io/v1beta1\"\n
-                \     kind: \"ImagePolicy\"\n\t    metadata: {\n\t\t    name: context.name\n
-                \       namespace: context.namespace\n\t    }\n      spec: {\n        imageRepositoryRef:
-                name: context.name\n        policy: parameter.imageRepository.policy\n
-                \       if parameter.imageRepository.filterTags != _|_ {\n          filterTags:
-                parameter.imageRepository.filterTags\n        }\n      }\n    }\n\n
-                \   imageUpdate: {\n      apiVersion: \"image.toolkit.fluxcd.io/v1beta1\"\n
-                \     kind: \"ImageUpdateAutomation\"\n\t    metadata: {\n\t\t    name:
-                context.name\n        namespace: context.namespace\n\t    }\n      spec:
-                {\n        interval: parameter.pullInterval\n        sourceRef: {\n
-                \         kind: \"GitRepository\"\n          name: context.name\n
-                \       }\n        git: {\n          checkout: ref: branch: parameter.git.branch\n
-                \         commit: {\n            author: {\n              email: \"kubevelabot@users.noreply.github.com\"\n
-                \             name: \"kubevelabot\"\n            }\n            if
-                parameter.imageRepository.commitMessage != _|_ {\n              messageTemplate:
-                \"Update image automatically.\\n\" + parameter.imageRepository.commitMessage\n
-                \           }\n            if parameter.imageRepository.commitMessage
-                == _|_ {\n              messageTemplate: \"Update image automatically.\"\n
-                \           }\n          }\n          push: branch: parameter.git.branch\n
-                \       }\n        update: {\n          path:\tparameter.path\n          strategy:
-                \"Setters\"\n        }\n      }\n    }\n  }\n}\n\n_secret: {\n\tif
-                parameter.secretRef != _|_ {\n\t\tsecretRef: {\n\t\t\tname: parameter.secretRef\n\t\t}\n\t}\n}\n\n_sourceCommonArgs:
-                {\n\tinterval: parameter.pullInterval\n\tif parameter.timeout != _|_
-                {\n\t\ttimeout: parameter.timeout\n\t}\n}\n\nparameter: {\n\trepoType:
-                *\"git\" | \"oss\"\n  // +usage=The image repository for automatically
-                update image to git\n  imageRepository?: {\n    // +usage=The image
-                url\n    image: string\n    // +usage=The name of the secret containing
-                authentication credentials\n    secretRef?: string\n    // +usage=Policy
-                gives the particulars of the policy to be followed in selecting the
-                most recent image.\n    policy: {\n      // +usage=Alphabetical set
-                of rules to use for alphabetical ordering of the tags.\n      alphabetical?:
-                {\n        // +usage=Order specifies the sorting order of the tags.\n
-                \       // +usage=Given the letters of the alphabet as tags, ascending
-                order would select Z, and descending order would select A.\n        order?:
-                \"asc\" | \"desc\"\n      }\n      // +usage=Numerical set of rules
-                to use for numerical ordering of the tags.\n      numerical?: {\n
-                \       // +usage=Order specifies the sorting order of the tags.\n
-                \       // +usage=Given the integer values from 0 to 9 as tags, ascending
-                order would select 9, and descending order would select 0.\n        order:
-                \"asc\" | \"desc\"\n      }\n      // +usage=SemVer gives a semantic
-                version range to check against the tags available.\n      semver?:
-                {\n        // +usage=Range gives a semver range for the image tag;
-                the highest version within the range that's a tag yields the latest
-                image.\n        range: string\n      }\n    }\n    // +usage=FilterTags
-                enables filtering for only a subset of tags based on a set of rules.
-                If no rules are provided, all the tags from the repository will be
-                ordered and compared.\n    filterTags?: {\n      // +usage=Extract
-                allows a capture group to be extracted from the specified regular
-                expression pattern, useful before tag evaluation.\n      extract?:
-                string\n      // +usage=Pattern specifies a regular expression pattern
-                used to filter for image tags.\n      pattern?: string\n    }\n    //
-                +usage=The image url\n    commitMessage?: string\n  }\n\t// +usage=The
-                interval at which to check for repository/bucket and release updates,
-                default to 5m\n\tpullInterval: *\"5m\" | string\n\t// +usage=The Git
-                or Helm repository URL, OSS endpoint, accept HTTP/S or SSH address
-                as git url,\n\turl: string\n\t// +usage=The name of the secret containing
-                authentication credentials\n\tsecretRef?: string\n\t// +usage=The
-                timeout for operations like download index/clone repository, optional\n\ttimeout?:
-                string\n\tgit?: {\n\t\t// +usage=The Git reference to checkout and
-                monitor for changes, defaults to master branch\n\t\tbranch: string\n
-                \   // +usage=Determines which git client library to use. Defaults
-                to GitHub, it will pick go-git. AzureDevOps will pick libgit2.\n    provider?:
-                *\"GitHub\" | \"AzureDevOps\"\n\t}\n\toss?: {\n\t\t// +usage=The bucket's
-                name, required if repoType is oss\n\t\tbucketName: string\n\t\t//
-                +usage=\"generic\" for Minio, Amazon S3, Google Cloud Storage, Alibaba
-                Cloud OSS, \"aws\" for retrieve credentials from the EC2 service when
-                credentials not specified, default \"generic\"\n\t\tprovider: *\"generic\"
-                | \"aws\"\n\t\t// +usage=The bucket region, optional\n\t\tregion?:
-                string\n\t}\n\t//+usage=Path to the directory containing the kustomization.yaml
-                file, or the set of plain YAMLs a kustomization.yaml should be generated
-                for.\n\tpath: string\n}"
-              workload:
-                type: autodetects.core.oam.dev
-          - apiVersion: core.oam.dev/v1beta1
-            kind: TraitDefinition
-            metadata:
-              annotations:
-                definition.oam.dev/description: A list of strategic merge to kustomize
-                  config
-              name: kustomize-strategy-merge
-              namespace: {{.Values.systemDefinitionNamespace}}
-            spec:
-              schematic:
-                cue:
-                  template: "patch: {\n\tspec: {\n\t\tpatchesStrategicMerge: parameter.patchesStrategicMerge\n\t}\n}\n\nparameter:
-                {\n\t// +usage=a list of strategicmerge, defined as inline yaml objects.\n\tpatchesStrategicMerge:
-                [...#nestedmap]\n}\n\n#nestedmap: {\n\t...\n}\n"
-      type: k8s-objects
-
-  {{- end }}
--- a/pkg/static/vela/charts/vela-core/templates/addon/fluxcd.yaml
+++ b/pkg/static/vela/charts/vela-core/templates/addon/fluxcd.yaml
--- a/pkg/static/vela/charts/vela-core/templates/addon_registry.yaml
+++ b/pkg/static/vela/charts/vela-core/templates/addon_registry.yaml
@ -1,16 +0,0 @@
-apiVersion: v1
-kind: ConfigMap
-metadata:
-  name: vela-addon-registry
-  namespace: {{ .Release.Namespace }}
-data:
-  registries: '{
-  "KubeVela":{
-    "name": "KubeVela",
-    "oss": {
-      "end_point": "https://addons.kubevela.net",
-      "bucket": "",
-      "path": ""
-    }
-  }
-}'
--- a/pkg/static/vela/charts/vela-core/templates/admission-webhooks/job-patch/_helper.tpl
+++ b/pkg/static/vela/charts/vela-core/templates/admission-webhooks/job-patch/_helper.tpl
@ -1,67 +0,0 @@
-{{ define "kubevela-admission-webhook-patch.Podspec" }}
-{{- with .Values.imagePullSecrets }}
-imagePullSecrets:
-{{- toYaml . | nindent 2 }}
-{{- end }}
-containers:
-  - name: patch
-    image: {{ .Values.imageRegistry }}{{ .Values.admissionWebhooks.patch.image.repository }}:{{ .Values.admissionWebhooks.patch.image.tag }}
-    imagePullPolicy: {{ .Values.admissionWebhooks.patch.image.pullPolicy }}
-    args:
-      - patch
-      - --webhook-name={{ template "kubevela.fullname" . }}-admission
-      - --namespace={{ .Release.Namespace }}
-      - --secret-name={{ template "kubevela.fullname" . }}-admission
-      - --patch-failure-policy={{ .Values.admissionWebhooks.failurePolicy }}
-      - --crds=applications.core.oam.dev
-restartPolicy: OnFailure
-serviceAccountName: {{ template "kubevela.fullname" . }}-admission
-{{- with .Values.admissionWebhooks.patch.affinity }}
-affinity:
-{{ toYaml . | indent 2 }}
-{{- end }}
-{{- with .Values.admissionWebhooks.patch.tolerations }}
-tolerations:
-{{ toYaml . | indent 2 }}
-{{- end }}
-securityContext:
-  runAsGroup: 2000
-  runAsNonRoot: true
-  runAsUser: 2000
-{{ end }}
-
-{{ define "kubevela-admission-webhook-create.podSpec" }}
-{{- with .Values.imagePullSecrets }}
-imagePullSecrets:
-{{- toYaml . | nindent 2 }}
-{{- end }}
-containers:
-  - name: create
-    image: {{ .Values.imageRegistry }}{{ .Values.admissionWebhooks.patch.image.repository }}:{{ .Values.admissionWebhooks.patch.image.tag }}
-    imagePullPolicy: {{ .Values.admissionWebhooks.patch.image.pullPolicy }}
-    args:
-      - create
-      - --host={{ template "kubevela.name" . }}-webhook,{{ template "kubevela.name" . }}-webhook.{{ .Release.Namespace }}.svc
-      - --namespace={{ .Release.Namespace }}
-      - --secret-name={{ template "kubevela.fullname" . }}-admission
-      - --key-name=tls.key
-      - --cert-name=tls.crt
-restartPolicy: OnFailure
-serviceAccountName: {{ template "kubevela.fullname" . }}-admission
-{{- with .Values.admissionWebhooks.patch.nodeSelector }}
-nodeSelector:
-{{- toYaml . | nindent 2 }}
-{{- end }}
-{{- with .Values.admissionWebhooks.patch.affinity }}
-affinity:
-{{ toYaml . | indent 2 }}
-{{- end }}
-{{- with .Values.admissionWebhooks.patch.tolerations }}
-tolerations:
-{{ toYaml . | indent 2 }}
-{{- end }}
-securityContext:
-  runAsGroup: 2000
-  runAsNonRoot: true
-  runAsUser: 2000
-{{ end }}
--- a/pkg/static/vela/charts/vela-core/templates/admission-webhooks/job-patch/clusterrole.yaml
+++ b/pkg/static/vela/charts/vela-core/templates/admission-webhooks/job-patch/clusterrole.yaml
@ -1,28 +0,0 @@
-{{- if and .Values.admissionWebhooks.enabled .Values.admissionWebhooks.patch.enabled .Values.rbac.create (not .Values.admissionWebhooks.certManager.enabled) }}
-apiVersion: rbac.authorization.k8s.io/v1
-kind: ClusterRole
-metadata:
-  name:  {{ template "kubevela.fullname" . }}-admission
-  annotations:
-    "helm.sh/hook": pre-install,pre-upgrade,post-install,post-upgrade
-    "helm.sh/hook-delete-policy": before-hook-creation,hook-succeeded
-  labels:
-    app: {{ template "kubevela.name" . }}-admission
-    {{- include "kubevela.labels" . | nindent 4 }}
-rules:
-  - apiGroups:
-      - admissionregistration.k8s.io
-    resources:
-      - validatingwebhookconfigurations
-      - mutatingwebhookconfigurations
-    verbs:
-      - get
-      - update
-  - apiGroups:
-      - apiextensions.k8s.io
-    resources:
-      - customresourcedefinitions
-    verbs:
-      - get
-      - update
-{{- end }}
--- a/pkg/static/vela/charts/vela-core/templates/admission-webhooks/job-patch/clusterrolebinding.yaml
+++ b/pkg/static/vela/charts/vela-core/templates/admission-webhooks/job-patch/clusterrolebinding.yaml
@ -1,20 +0,0 @@
-{{- if and .Values.admissionWebhooks.enabled .Values.admissionWebhooks.patch.enabled .Values.rbac.create (not .Values.admissionWebhooks.certManager.enabled) }}
-apiVersion: rbac.authorization.k8s.io/v1
-kind: ClusterRoleBinding
-metadata:
-  name:  {{ template "kubevela.fullname" . }}-admission
-  annotations:
-    "helm.sh/hook": pre-install,pre-upgrade,post-install,post-upgrade
-    "helm.sh/hook-delete-policy": before-hook-creation,hook-succeeded
-  labels:
-    app: {{ template "kubevela.name" . }}-admission
-    {{- include "kubevela.labels" . | nindent 4 }}
-roleRef:
-  apiGroup: rbac.authorization.k8s.io
-  kind: ClusterRole
-  name: {{ template "kubevela.fullname" . }}-admission
-subjects:
-  - kind: ServiceAccount
-    name: {{ template "kubevela.fullname" . }}-admission
-    namespace: {{ .Release.Namespace }}
-{{- end }}
--- a/pkg/static/vela/charts/vela-core/templates/admission-webhooks/job-patch/job-createSecret.yaml
+++ b/pkg/static/vela/charts/vela-core/templates/admission-webhooks/job-patch/job-createSecret.yaml
@ -1,28 +0,0 @@
-{{- if and .Values.admissionWebhooks.enabled .Values.admissionWebhooks.patch.enabled (not .Values.admissionWebhooks.certManager.enabled) }}
-{{ if not .Values.deployByPod }}
-apiVersion: batch/v1
-kind: Job
-metadata:
-  name: {{ template "kubevela.fullname" . }}-admission-create
-  namespace: {{ .Release.Namespace }}
-  annotations:
-    "helm.sh/hook": pre-install,pre-upgrade
-    "helm.sh/hook-delete-policy": before-hook-creation,hook-succeeded
-  labels:
-    app: {{ template "kubevela.name" . }}-admission-create
-    {{- include "kubevela.labels" . | nindent 4 }}
-spec:
-  {{- if .Capabilities.APIVersions.Has "batch/v1alpha1" }}
-  # Alpha feature since k8s 1.12
-  ttlSecondsAfterFinished: 0
-  {{- end }}
-  template:
-    metadata:
-      name:  {{ template "kubevela.fullname" . }}-admission-create
-      labels:
-        app: {{ template "kubevela.name" . }}-admission-create
-        {{- include "kubevela.labels" . | nindent 8 }}
-    spec:
-  {{ include "kubevela-admission-webhook-create.podSpec" . | indent 6 }}
-{{- end }}
-  {{ end }}
--- a/pkg/static/vela/charts/vela-core/templates/admission-webhooks/job-patch/job-patchWebhook.yaml
+++ b/pkg/static/vela/charts/vela-core/templates/admission-webhooks/job-patch/job-patchWebhook.yaml
@ -1,28 +0,0 @@
-{{- if and .Values.admissionWebhooks.enabled .Values.admissionWebhooks.patch.enabled (not .Values.admissionWebhooks.certManager.enabled) }}
-{{ if not .Values.deployByPod }}
-apiVersion: batch/v1
-kind: Job
-metadata:
-  name: {{ template "kubevela.fullname" . }}-admission-patch
-  namespace: {{ .Release.Namespace }}
-  annotations:
-    "helm.sh/hook": post-install,post-upgrade
-    "helm.sh/hook-delete-policy": before-hook-creation,hook-succeeded
-  labels:
-    app: {{ template "kubevela.name" . }}-admission-patch
-    {{- include "kubevela.labels" . | nindent 4 }}
-spec:
-  {{- if .Capabilities.APIVersions.Has "batch/v1alpha1" }}
-  # Alpha feature since k8s 1.12
-  ttlSecondsAfterFinished: 0
-  {{- end }}
-  template:
-    metadata:
-      name: {{ template "kubevela.fullname" . }}-admission-patch
-      labels:
-        app: {{ template "kubevela.name" . }}-admission-patch
-    {{- include "kubevela.labels" . | nindent 8 }}
-    spec:
-  {{ include "kubevela-admission-webhook-patch.Podspec" . | indent 6 }}
-  {{ end }}
-{{- end }}
--- a/pkg/static/vela/charts/vela-core/templates/admission-webhooks/job-patch/role.yaml
+++ b/pkg/static/vela/charts/vela-core/templates/admission-webhooks/job-patch/role.yaml
@ -1,21 +0,0 @@
-{{- if and .Values.admissionWebhooks.enabled .Values.admissionWebhooks.patch.enabled .Values.rbac.create (not .Values.admissionWebhooks.certManager.enabled) }}
-apiVersion: rbac.authorization.k8s.io/v1
-kind: Role
-metadata:
-  name:  {{ template "kubevela.fullname" . }}-admission
-  namespace: {{ .Release.Namespace }}
-  annotations:
-    "helm.sh/hook": pre-install,pre-upgrade,post-install,post-upgrade
-    "helm.sh/hook-delete-policy": before-hook-creation,hook-succeeded
-  labels:
-    app: {{ template "kubevela.name" . }}-admission
-    {{- include "kubevela.labels" . | nindent 4 }}
-rules:
-  - apiGroups:
-      - ""
-    resources:
-      - secrets
-    verbs:
-      - get
-      - create
-{{- end }}
--- a/pkg/static/vela/charts/vela-core/templates/admission-webhooks/job-patch/rolebinding.yaml
+++ b/pkg/static/vela/charts/vela-core/templates/admission-webhooks/job-patch/rolebinding.yaml
@ -1,21 +0,0 @@
-{{- if and .Values.admissionWebhooks.enabled .Values.admissionWebhooks.patch.enabled .Values.rbac.create (not .Values.admissionWebhooks.certManager.enabled) }}
-apiVersion: rbac.authorization.k8s.io/v1
-kind: RoleBinding
-metadata:
-  name:  {{ template "kubevela.fullname" . }}-admission
-  namespace: {{ .Release.Namespace }}
-  annotations:
-    "helm.sh/hook": pre-install,pre-upgrade,post-install,post-upgrade
-    "helm.sh/hook-delete-policy": before-hook-creation,hook-succeeded
-  labels:
-    app: {{ template "kubevela.name" . }}-admission
-    {{- include "kubevela.labels" . | nindent 4 }}
-roleRef:
-  apiGroup: rbac.authorization.k8s.io
-  kind: Role
-  name: {{ template "kubevela.fullname" . }}-admission
-subjects:
-  - kind: ServiceAccount
-    name: {{ template "kubevela.fullname" . }}-admission
-    namespace: {{ .Release.Namespace }}
-{{- end }}
--- a/pkg/static/vela/charts/vela-core/templates/admission-webhooks/job-patch/serviceaccount.yaml
+++ b/pkg/static/vela/charts/vela-core/templates/admission-webhooks/job-patch/serviceaccount.yaml
@ -1,13 +0,0 @@
-{{- if and .Values.admissionWebhooks.enabled .Values.admissionWebhooks.patch.enabled .Values.rbac.create (not .Values.admissionWebhooks.certManager.enabled) }}
-apiVersion: v1
-kind: ServiceAccount
-metadata:
-  name:  {{ template "kubevela.fullname" . }}-admission
-  namespace: {{ .Release.Namespace }}
-  annotations:
-    "helm.sh/hook": pre-install,pre-upgrade,post-install,post-upgrade
-    "helm.sh/hook-delete-policy": before-hook-creation,hook-succeeded
-  labels:
-    app: {{ template "kubevela.name" . }}-admission
-    {{- include "kubevela.labels" . | nindent 4 }}
-{{- end }}
--- a/pkg/static/vela/charts/vela-core/templates/admission-webhooks/mutatingWebhookConfiguration.yaml
+++ b/pkg/static/vela/charts/vela-core/templates/admission-webhooks/mutatingWebhookConfiguration.yaml
@ -1,150 +0,0 @@
-{{- if .Values.admissionWebhooks.enabled -}}
-apiVersion: admissionregistration.k8s.io/v1
-kind: MutatingWebhookConfiguration
-metadata:
-  name: {{ template "kubevela.fullname" . }}-admission
-  namespace: {{ .Release.Namespace }}
-  {{- if .Values.admissionWebhooks.certManager.enabled }}
-  annotations:
-    cert-manager.io/inject-ca-from: {{ printf "%s/%s-root-cert" .Release.Namespace (include "kubevela.fullname" .) | quote }}
-  {{- end }}
-webhooks:
-  {{- if eq .Values.OAMSpecVer "all"}}
-  - clientConfig:
-      caBundle: Cg==
-      service:
-        name: {{ template "kubevela.name" . }}-webhook
-        namespace: {{ .Release.Namespace }}
-        path: /mutating-core-oam-dev-v1alpha2-applicationconfigurations
-    {{- if .Values.admissionWebhooks.patch.enabled  }}
-    failurePolicy: Ignore
-    {{- else }}
-    failurePolicy: Fail
-    {{- end }}
-    name: mutating.core.oam.dev.v1alpha2.applicationconfigurations
-    sideEffects: None
-    rules:
-      - apiGroups:
-          - core.oam.dev
-        apiVersions:
-          - v1alpha2
-        operations:
-          - CREATE
-          - UPDATE
-        resources:
-          - applicationconfigurations
-        scope: Namespaced
-    admissionReviewVersions:
-      - v1beta1
-      - v1
-    timeoutSeconds: 5
-  - clientConfig:
-      caBundle: Cg==
-      service:
-        name: {{ template "kubevela.name" . }}-webhook
-        namespace: {{ .Release.Namespace }}
-        path: /mutating-core-oam-dev-v1alpha2-components
-    {{- if .Values.admissionWebhooks.patch.enabled  }}
-    failurePolicy: Ignore
-    {{- else }}
-    failurePolicy: Fail
-    {{- end }}
-    name: mutating.core.oam-dev.v1alpha2.components
-    sideEffects: None
-    rules:
-      - apiGroups:
-          - core.oam.dev
-        apiVersions:
-          - v1alpha2
-        operations:
-          - CREATE
-          - UPDATE
-        resources:
-          - components
-        scope: Namespaced
-    admissionReviewVersions:
-      - v1beta1
-      - v1
-    timeoutSeconds: 5
-  {{- end }}
-  - clientConfig:
-      caBundle: Cg==
-      service:
-        name: {{ template "kubevela.name" . }}-webhook
-        namespace: {{ .Release.Namespace }}
-        path: /mutating-core-oam-dev-v1beta1-approllout
-    {{- if .Values.admissionWebhooks.patch.enabled  }}
-    failurePolicy: Ignore
-    {{- else }}
-    failurePolicy: Fail
-    {{- end }}
-    name: mutating.core.oam.dev.v1beta1.approllouts
-    sideEffects: None
-    rules:
-      - apiGroups:
-          - core.oam.dev
-        apiVersions:
-          - v1beta1
-        operations:
-          - CREATE
-          - UPDATE
-        resources:
-          - approllouts
-        scope: Namespaced
-    admissionReviewVersions:
-      - v1beta1
-      - v1
-    timeoutSeconds: 5
-  - clientConfig:
-      caBundle: Cg==
-      service:
-        name: {{ template "kubevela.name" . }}-webhook
-        namespace: {{ .Release.Namespace }}
-        path: /mutate-standard-oam-dev-v1alpha1-podspecworkload
-    {{- if .Values.admissionWebhooks.patch.enabled  }}
-    failurePolicy: Ignore
-    {{- else }}
-    failurePolicy: Fail
-    {{- end }}
-    name: mcontainerized.kb.io
-    sideEffects: None
-    admissionReviewVersions:
-    - v1beta1
-    rules:
-      - apiGroups:
-          - standard.oam.dev
-        apiVersions:
-          - v1alpha1
-        operations:
-          - CREATE
-          - UPDATE
-        resources:
-          - podspecworkloads
-  - clientConfig:
-      caBundle: Cg==
-      service:
-        name: {{ template "kubevela.name" . }}-webhook
-        namespace: {{ .Release.Namespace }}
-        path: /mutating-core-oam-dev-v1beta1-componentdefinitions
-    {{- if .Values.admissionWebhooks.patch.enabled  }}
-    failurePolicy: Ignore
-    {{- else }}
-    failurePolicy: Fail
-    {{- end }}
-    name: mutating.core.oam-dev.v1beta1.componentdefinitions
-    sideEffects: None
-    admissionReviewVersions:
-      - v1beta1
-      - v1
-    rules:
-      - apiGroups:
-          - core.oam.dev
-        apiVersions:
-          - v1beta1
-        operations:
-          - CREATE
-          - UPDATE
-        resources:
-          - componentdefinitions
-
-{{- end -}}
--- a/pkg/static/vela/charts/vela-core/templates/admission-webhooks/validatingWebhookConfiguration.yaml
+++ b/pkg/static/vela/charts/vela-core/templates/admission-webhooks/validatingWebhookConfiguration.yaml
@ -1,227 +0,0 @@
-{{- if .Values.admissionWebhooks.enabled -}}
-apiVersion: admissionregistration.k8s.io/v1
-kind: ValidatingWebhookConfiguration
-metadata:
-  name: {{ template "kubevela.fullname" . }}-admission
-  namespace: {{ .Release.Namespace }}
-  {{- if .Values.admissionWebhooks.certManager.enabled }}
-  annotations:
-    cert-manager.io/inject-ca-from: {{ printf "%s/%s-root-cert" .Release.Namespace (include "kubevela.fullname" .) | quote }}
-  {{- end }}
-webhooks:
-  {{- if eq .Values.OAMSpecVer "all"}}
-  - clientConfig:
-      caBundle: Cg==
-      service:
-        name: {{ template "kubevela.name" . }}-webhook
-        namespace: {{ .Release.Namespace }}
-        path: /validating-core-oam-dev-v1alpha2-applicationconfigurations
-    {{- if .Values.admissionWebhooks.patch.enabled  }}
-    failurePolicy: Ignore
-    {{- else }}
-    failurePolicy: {{ .Values.admissionWebhooks.failurePolicy }}
-    {{- end }}
-    name: validating.core.oam.dev.v1alpha2.applicationconfigurations
-    sideEffects: None
-    rules:
-      - apiGroups:
-          - core.oam.dev
-        apiVersions:
-          - v1alpha2
-        operations:
-          - CREATE
-          - UPDATE
-        resources:
-          - applicationconfigurations
-        scope: Namespaced
-    admissionReviewVersions:
-      - v1beta1
-      - v1
-    timeoutSeconds: 5
-  - clientConfig:
-      caBundle: Cg==
-      service:
-        name: {{ template "kubevela.name" . }}-webhook
-        namespace: {{ .Release.Namespace }}
-        path: /validating-core-oam-dev-v1alpha2-components
-    {{- if .Values.admissionWebhooks.patch.enabled  }}
-    failurePolicy: Ignore
-    {{- else }}
-    failurePolicy: {{ .Values.admissionWebhooks.failurePolicy }}
-    {{- end }}
-    name: validating.core.oam.dev.v1alpha2.components
-    sideEffects: None
-    rules:
-      - apiGroups:
-          - core.oam.dev
-        apiVersions:
-          - v1alpha2
-        operations:
-          - CREATE
-          - UPDATE
-        resources:
-          - components
-        scope: Namespaced
-    admissionReviewVersions:
-      - v1beta1
-      - v1
-    timeoutSeconds: 5
-  {{- end }}
-  - clientConfig:
-      caBundle: Cg==
-      service:
-        name: {{ template "kubevela.name" . }}-webhook
-        namespace: {{ .Release.Namespace }}
-        path: /validating-core-oam-dev-v1beta1-approllout
-    {{- if .Values.admissionWebhooks.patch.enabled  }}
-    failurePolicy: Ignore
-    {{- else }}
-    failurePolicy: {{ .Values.admissionWebhooks.failurePolicy }}
-    {{- end }}
-    name: validating.core.oam.dev.v1beta1.approllouts
-    sideEffects: None
-    rules:
-      - apiGroups:
-          - core.oam.dev
-        apiVersions:
-          - v1beta1
-        operations:
-          - CREATE
-          - UPDATE
-        resources:
-          - approllouts
-        scope: Namespaced
-    admissionReviewVersions:
-      - v1beta1
-      - v1
-    timeoutSeconds: 5
-  - clientConfig:
-      caBundle: Cg==
-      service:
-        name: {{ template "kubevela.name" . }}-webhook
-        namespace: {{ .Release.Namespace }}
-        path: /validating-core-oam-dev-v1alpha2-traitdefinitions
-    {{- if .Values.admissionWebhooks.patch.enabled  }}
-    failurePolicy: Ignore
-    {{- else }}
-    failurePolicy: {{ .Values.admissionWebhooks.failurePolicy }}
-    {{- end }}
-    name: validating.core.oam.dev.v1alpha2.traitdefinitions
-    sideEffects: None
-    admissionReviewVersions:
-      - v1beta1
-      - v1
-    rules:
-      - apiGroups:
-          - core.oam.dev
-        apiVersions:
-          - v1alpha2
-        operations:
-          - CREATE
-          - UPDATE
-        resources:
-          - traitdefinitions
-        scope: Cluster
-    timeoutSeconds: 5
-  - clientConfig:
-      caBundle: Cg==
-      service:
-        name: {{ template "kubevela.name" . }}-webhook
-        namespace: {{ .Release.Namespace }}
-        path: /validate-standard-oam-dev-v1alpha1-podspecworkload
-    failurePolicy: Fail
-    name: vcontainerized.kb.io
-    admissionReviewVersions:
-      - v1beta1
-      - v1
-    sideEffects: None
-    rules:
-      - apiGroups:
-          - standard.oam.dev
-        apiVersions:
-          - v1alpha1
-        operations:
-          - CREATE
-          - UPDATE
-        resources:
-          - podspecworkloads
-  - clientConfig:
-      caBundle: Cg==
-      service:
-        name: {{ template "kubevela.name" . }}-webhook
-        namespace: {{ .Release.Namespace }}
-        path: /validating-core-oam-dev-v1beta1-applications
-    {{- if .Values.admissionWebhooks.patch.enabled  }}
-    failurePolicy: Ignore
-    {{- else }}
-    failurePolicy: {{ .Values.admissionWebhooks.failurePolicy }}
-    {{- end }}
-    name: validating.core.oam.dev.v1beta1.applications
-    admissionReviewVersions:
-      - v1beta1
-      - v1
-    sideEffects: None
-    rules:
-      - apiGroups:
-          - core.oam.dev
-        apiVersions:
-          - v1beta1
-        operations:
-          - CREATE
-          - UPDATE
-        resources:
-          - applications
-  - clientConfig:
-      caBundle: Cg==
-      service:
-        name: {{ template "kubevela.name" . }}-webhook
-        namespace: {{ .Release.Namespace }}
-        path: /validating-core-oam-dev-v1beta1-componentdefinitions
-    {{- if .Values.admissionWebhooks.patch.enabled  }}
-    failurePolicy: Ignore
-    {{- else }}
-    failurePolicy: Fail
-    {{- end }}
-    name: validating.core.oam-dev.v1beta1.componentdefinitions
-    sideEffects: None
-    admissionReviewVersions:
-      - v1beta1
-      - v1
-    rules:
-      - apiGroups:
-          - core.oam.dev
-        apiVersions:
-          - v1beta1
-        operations:
-          - CREATE
-          - UPDATE
-        resources:
-          - componentdefinitions
-  - clientConfig:
-      caBundle: Cg==
-      service:
-        name: {{ template "kubevela.name" . }}-webhook
-        namespace: {{ .Release.Namespace }}
-        path: /validating-core-oam-dev-v1beta1-initializers
-    {{- if .Values.admissionWebhooks.patch.enabled  }}
-    failurePolicy: Ignore
-    {{- else }}
-    failurePolicy: Fail
-    {{- end }}
-    name: validating.core.oam-dev.v1beta1.initializers
-    sideEffects: None
-    admissionReviewVersions:
-      - v1beta1
-      - v1
-    rules:
-      - apiGroups:
-          - core.oam.dev
-        apiVersions:
-          - v1beta1
-        operations:
-          - CREATE
-          - UPDATE
-          - DELETE
-        resources:
-          - initializers
-{{- end -}}
--- a/Show More
+++ b/Show More