feat: initial Ansible collection for Cozystack installation

Ansible collection cozystack.installer that deploys Cozystack on
generic Kubernetes clusters (k3s, kubeadm, RKE2) using the official
cozy-installer Helm chart via kubernetes.core.helm module.

Features:
- Automatic Helm 3.17.3 + helm-diff 3.12.5 installation
- Two-stage install: operator chart + Platform Package CR
- Full idempotency with helm-diff and kubectl diff
- Detailed prerequisites documentation (node + controller)
- CI pipeline: lint, sanity tests, E2E with idempotency check
- GitHub PR and issue templates

Co-Authored-By: Claude <noreply@anthropic.com>
Signed-off-by: Aleksei Sviridkin <f@lex.la>

Author: lexfrei

.ansible-lint

@@ -0,0 +1,20 @@
+---
+# Prevent ansible-lint from auto-installing requirements.yml
+# (git commit hash versions crash ansible-galaxy's LooseVersion parser).
+# CI installs dependencies in a separate step before running lint.
+offline: true
+
+skip_list:
+  # All collection variables use cozystack_ prefix (collection namespace),
+  # not individual role prefixes.
+  - var-naming[no-role-prefix]
+
+# Roles inside the collection cannot be resolved by ansible-lint
+# during local development (known issue: ansible-lint#2487).
+mock_roles:
+  - cozystack.installer.cozystack
+
+# examples/site.yml imports external playbooks (k3s.orchestration.site)
+# that may not be installed during linting.
+exclude_paths:
+  - examples/site.yml

.github/CODEOWNERS

@@ -0,0 +1 @@
+* @lexfrei

.github/ISSUE_TEMPLATE/bug_report.md

@@ -0,0 +1,25 @@
+---
+name: Bug report
+about: Report an issue with the collection
+labels: bug
+---
+
+## Environment
+
+- Ansible version:
+- Collection version:
+- Kubernetes distribution (k3s/kubeadm/RKE2):
+- OS:
+
+## Expected behavior
+
+## Actual behavior
+
+## Steps to reproduce
+
+1.
+
+## Relevant logs
+
+```text
+```

.github/ISSUE_TEMPLATE/feature_request.md

@@ -0,0 +1,13 @@
+---
+name: Feature request
+about: Suggest an enhancement
+labels: enhancement
+---
+
+## Use case
+
+<!-- What problem does this solve? -->
+
+## Proposed solution
+
+## Alternatives considered

.github/pull_request_template.md

@@ -0,0 +1,14 @@
+## Summary
+
+<!-- Brief description of what this PR does and why -->
+
+## Changes
+
+-
+
+## Test plan
+
+- [ ] `ansible-lint` passes
+- [ ] `ansible-test sanity` passes
+- [ ] Tested on a live cluster (describe environment)
+- [ ] Idempotency verified (second run: changed=0)

.github/workflows/test.yml

@@ -0,0 +1,110 @@
+---
+name: Test
+
+on:
+  push:
+    branches: [main]
+  pull_request:
+    branches: [main]
+
+jobs:
+  lint:
+    name: Lint
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v4
+
+      - name: Set up Python
+        uses: actions/setup-python@v5
+        with:
+          python-version: "3.12"
+
+      - name: Install dependencies
+        run: pip install ansible-core ansible-lint
+
+      - name: Build and install collection
+        run: |
+          ansible-galaxy collection build
+          ansible-galaxy collection install cozystack-installer-*.tar.gz --force
+
+      - name: Install collection dependencies
+        run: ansible-galaxy collection install --requirements-file requirements.yml
+
+      - name: Run ansible-lint
+        run: ansible-lint
+
+  sanity:
+    name: Sanity
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v4
+        with:
+          path: ansible_collections/cozystack/installer
+
+      - name: Set up Python
+        uses: actions/setup-python@v5
+        with:
+          python-version: "3.12"
+
+      - name: Install ansible-core
+        run: pip install ansible-core
+
+      - name: Run sanity tests
+        working-directory: ansible_collections/cozystack/installer
+        run: ansible-test sanity --color
+
+  e2e:
+    name: E2E
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v4
+
+      - name: Set up Python
+        uses: actions/setup-python@v5
+        with:
+          python-version: "3.12"
+
+      - name: Install Ansible
+        run: pip install ansible-core
+
+      - name: Build and install collection
+        run: |
+          ansible-galaxy collection build
+          ansible-galaxy collection install cozystack-installer-*.tar.gz --force
+
+      - name: Install collection dependencies
+        run: ansible-galaxy collection install --requirements-file requirements.yml
+
+      - name: Run full pipeline
+        run: >-
+          sudo env "PATH=$PATH" "HOME=$HOME" ansible-playbook examples/site.yml
+          --inventory tests/ci-inventory.yml
+
+      - name: Verify operator is running
+        run: |
+          sudo kubectl --kubeconfig /etc/rancher/k3s/k3s.yaml \
+            wait deployment/cozystack-operator \
+            --namespace cozy-system \
+            --timeout=120s \
+            --for=condition=Available
+
+      - name: Verify CRDs are established
+        run: |
+          sudo kubectl --kubeconfig /etc/rancher/k3s/k3s.yaml \
+            wait crd/packages.cozystack.io \
+            --for=condition=Established \
+            --timeout=60s
+
+      - name: Verify Platform Package exists
+        run: |
+          sudo kubectl --kubeconfig /etc/rancher/k3s/k3s.yaml \
+            get package cozystack.cozystack-platform \
+            --namespace cozy-system
+
+      - name: Test idempotency (second run)
+        run: >-
+          sudo env "PATH=$PATH" "HOME=$HOME" ansible-playbook examples/site.yml
+          --inventory tests/ci-inventory.yml

.gitignore

@@ -0,0 +1,8 @@
+*.tar.gz
+.DS_Store
+*.retry
+.ansible/
+__pycache__/
+*.pyc
+FILES.json
+MANIFEST.json

CHANGELOG.rst

@@ -0,0 +1,21 @@
+============================
+cozystack.installer Release Notes
+============================
+
+v1.0.0-rc.1
+============
+
+First release as a standalone collection. Synced with Cozystack v1.0.0-rc.1.
+
+Breaking changes from pre-release development:
+
+- Switched from custom chart (``lexfrei/cozystack-installer``) to official
+  Cozystack installer chart (``ghcr.io/cozystack/cozystack/cozy-installer``)
+- Two-stage install: Helm chart deploys operator, Platform Package CR
+  is applied separately via ``kubectl apply``
+- Role ``prepare`` removed from collection — moved to ``examples/prepare-ubuntu.yml``
+- ``k3s.orchestration`` removed from dependencies — users compose their own pipeline
+- New variables: ``cozystack_operator_variant``, ``cozystack_platform_variant``,
+  ``cozystack_create_platform_package``, ``cozystack_pod_cidr``, etc.
+- ``cozystack_root_host`` is no longer required for chart install
+  (used in Platform Package CR)