K8s: Migrate subchart Postgres to cloudpirates/postgres from bitnami/postgresql

[VietND96]

PR Summary by Qodo

Helm: Switch Selenium Grid Postgres subchart from Bitnami to cloudpirates/postgres
⚙️ Configuration changes 📝 Documentation 🕐 20-40 Minutes

Walkthroughs

User Description

Thanks for contributing to the Docker-Selenium project!
A PR well described will help maintainers to quickly review and merge it

Before submitting your PR, please check our contributing guidelines, applied for this repository.
Avoid large PRs, help reviewers by making them as simple and short as possible.

Description

Motivation and Context

Types of changes

• Bug fix (non-breaking change which fixes an issue)
• New feature (non-breaking change which adds functionality)
• Breaking change (fix or feature that would cause existing functionality to change)

Checklist

• I have read the contributing document.
• My change requires a change to the documentation.
• I have updated the documentation accordingly.
• I have added tests to cover my changes.
• All new and existing tests passed.

AI Description

• Replace Bitnami PostgreSQL dependency with cloudpirates/postgres Helm subchart.
• Rename chart values from postgresql.* to postgres.* and adjust initdb structure.
• Update JDBC service hostname defaults/docs to match the new subchart resource names.

Diagram

graph TD
  A["selenium-grid chart"] --> B["Chart.yaml deps"] --> C["postgres subchart"] --> D[("Postgres Service")]
  A --> E["values.yaml"] --> F["SessionMap JDBC config"] --> D
  A --> G["CONFIGURATION.md"]
  subgraph Legend
    direction LR
    _mod["Chart/module"] ~~~ _cfg["Config/doc"] ~~~ _db[("Database/service")]
  end

Loading

High-Level Assessment

The following are alternative approaches to this PR:

1. Add backward-compatible alias for `postgresql.*`

• ➕ Avoids breaking existing user values files and automation
• ➕ Eases upgrade path while still moving to cloudpirates/postgres
• ➖ Adds maintenance overhead and conditional logic/templating to support both keys
• ➖ Delays full cleanup/removal of the old key path

2. Keep Bitnami subchart and only bump versions

• ➕ Minimizes upgrade risk and avoids values key rename
• ➕ Retains widely-used chart defaults and documentation baseline
• ➖ Does not achieve the intended migration away from bitnami/postgresql
• ➖ May not address the underlying motivation for switching vendors (image policy, maintenance, licensing, etc.)

3. Make the change explicitly breaking with an upgrade note/check

• ➕ Clear contract: users must update from postgresql.* to postgres.*
• ➕ Can add a template-time fail message when postgresql.enabled=true is set
• ➖ Still breaks consumers; requires strong release communication
• ➖ Slight extra effort to add guardrails and docs/tests updates

Recommendation: Proceed with the cloudpirates/postgres migration, but treat the postgresql.* -> postgres.* rename as a breaking configuration change: add an explicit upgrade note and/or template guardrail, and ensure ancillary references (e.g., chart test scripts and README examples) are updated to use postgres.enabled to prevent confusing failures.

File Changes

Documentation (1)

CONFIGURATION.md Document new Postgres subchart and updated JDBC service name +5/-6

Document new Postgres subchart and updated JDBC service name

• Updates the dependency table to reference 'cloudpirates/postgres' instead of 'bitnami/postgresql'. Adjusts the example JDBC URL host from '{{ .Release.Name }}-postgresql' to '{{ .Release.Name }}-postgres' and renames configuration keys from 'postgresql.*' to 'postgres.*' (including initdb nesting).

charts/selenium-grid/CONFIGURATION.md

---

Other (2)

Chart.yaml Swap Helm dependency from bitnami/postgresql to cloudpirates/postgres +4/-4

Swap Helm dependency from bitnami/postgresql to cloudpirates/postgres

• Replaces the PostgreSQL dependency entry with 'cloudpirates/postgres' at version '^0.19.0'. Updates the enablement condition from 'postgresql.enabled' to 'postgres.enabled' to match the new values key.

charts/selenium-grid/Chart.yaml

---

values.yaml Rename Postgres values block and align initdb + JDBC URL defaults +14/-17

Rename Postgres values block and align initdb + JDBC URL defaults

• Updates the default SessionMap JDBC URL hostname to the new '-postgres' service name. Renames the values section from 'postgresql:' to 'postgres:' and adjusts initdb configuration from 'primary.initdb.scripts' to 'initdb.scripts' to match cloudpirates/postgres chart structure.

charts/selenium-grid/values.yaml

---

[qodo-code-review]

Code Review by Qodo

🐞 Bugs (1) 📘 Rule violations (1)

1. postgres chart version unpinned 📘 Rule violation ⛨ Security

Description

The Helm dependency on cloudpirates/postgres uses a caret semver range (^0.19.0), allowing
automatic upgrades to newer compatible releases and reducing supply-chain reproducibility. This
violates the requirement to pin versions in build/release automation to prevent drift.

Code

charts/selenium-grid/Chart.yaml[R25-28]

+- repository: https://cloudpirates-io.github.io/helm-charts
+  version: ^0.19.0
+  name: postgres
+  condition: postgres.enabled

Evidence

PR Compliance ID 2 requires pinned versions for automation/dependency management. The changed
dependency in charts/selenium-grid/Chart.yaml sets version: ^0.19.0, which is not an exact pin
and allows upgrades within the compatible range.

charts/selenium-grid/Chart.yaml[25-28]
Best Practice: Learned patterns

Agent prompt

The issue below was found during a code review. Follow the provided context and guidance below and implement a solution

## Issue description
The `postgres` dependency version is specified as a semver range (`^0.19.0`), which permits drift to newer releases and reduces reproducibility.

## Issue Context
The compliance requirement for build/release automation mandates explicit version pinning to reduce supply-chain drift risk.

## Fix Focus Areas
- charts/selenium-grid/Chart.yaml[25-28]

## Suggested approach
- Replace `version: ^0.19.0` with an exact pinned version (e.g., `version: 0.19.0`).
- (Optional but recommended) Run `helm dependency update` and commit the resulting `Chart.lock` so dependency resolution is locked with a digest.

ⓘ Copy this prompt and use it to remediate the issue with your preferred AI generation tools

---

2. Old enable key still used 🐞 Bug ≡ Correctness

Description

The chart now enables the Postgres dependency via postgres.enabled, so any existing configuration
(and the repo’s own chart test script / README example) that sets postgresql.enabled=true will not
install Postgres. This can break the external Session Map Postgres setup and will also break
tests/charts/make/chart_test.sh because it sets a values path the chart no longer reads.

Code

charts/selenium-grid/Chart.yaml[R25-28]

+- repository: https://cloudpirates-io.github.io/helm-charts
+  version: ^0.19.0
+  name: postgres
+  condition: postgres.enabled

Evidence

The dependency condition switch to postgres.enabled means Helm will ignore postgresql.enabled;
however, both the README and the chart test script still reference postgresql.enabled, which will
no longer enable the dependency and can cause test failures and user misconfiguration.

charts/selenium-grid/Chart.yaml[25-28]
tests/charts/make/chart_test.sh[235-240]
charts/selenium-grid/README.md[1137-1149]

Agent prompt

The issue below was found during a code review. Follow the provided context and guidance below and implement a solution

## Issue description
The Postgres subchart dependency condition was changed to `postgres.enabled`, but repo docs/tests still instruct/set `postgresql.enabled`. This leads to Postgres not being installed when users follow the README or when the chart test script runs.

## Issue Context
- `charts/selenium-grid/Chart.yaml` now uses `condition: postgres.enabled` for the Postgres dependency.
- `charts/selenium-grid/README.md` still shows `postgresql:\n  enabled: true` in the external datastore example.
- `tests/charts/make/chart_test.sh` still runs Helm with `--set postgresql.enabled=true`.

## Fix Focus Areas
- charts/selenium-grid/README.md[1137-1149]
- tests/charts/make/chart_test.sh[235-240]
- charts/selenium-grid/Chart.yaml[25-28]

## Suggested fix
1. Update the README example to use:
  ```yaml
  postgres:
    enabled: true
  ```
2. Update the chart test script to set `--set postgres.enabled=true`.
3. If backward compatibility is desired for existing users, add a clear migration note (or implement a compatibility mechanism) so `postgresql.enabled` users don’t silently lose the dependency on upgrade.

ⓘ Copy this prompt and use it to remediate the issue with your preferred AI generation tools

---

[qodo-code-review]

1. postgres chart version unpinned 📘 Rule violation ⛨ Security

The Helm dependency on cloudpirates/postgres uses a caret semver range (^0.19.0), allowing
automatic upgrades to newer compatible releases and reducing supply-chain reproducibility. This
violates the requirement to pin versions in build/release automation to prevent drift.

Agent Prompt

## Issue description
The `postgres` dependency version is specified as a semver range (`^0.19.0`), which permits drift to newer releases and reduces reproducibility.

## Issue Context
The compliance requirement for build/release automation mandates explicit version pinning to reduce supply-chain drift risk.

## Fix Focus Areas
- charts/selenium-grid/Chart.yaml[25-28]

## Suggested approach
- Replace `version: ^0.19.0` with an exact pinned version (e.g., `version: 0.19.0`).
- (Optional but recommended) Run `helm dependency update` and commit the resulting `Chart.lock` so dependency resolution is locked with a digest.

ⓘ Copy this prompt and use it to remediate the issue with your preferred AI generation tools

[qodo-code-review]

2. Old enable key still used 🐞 Bug ≡ Correctness

The chart now enables the Postgres dependency via postgres.enabled, so any existing configuration
(and the repo’s own chart test script / README example) that sets postgresql.enabled=true will not
install Postgres. This can break the external Session Map Postgres setup and will also break
tests/charts/make/chart_test.sh because it sets a values path the chart no longer reads.

Agent Prompt

## Issue description
The Postgres subchart dependency condition was changed to `postgres.enabled`, but repo docs/tests still instruct/set `postgresql.enabled`. This leads to Postgres not being installed when users follow the README or when the chart test script runs.

## Issue Context
- `charts/selenium-grid/Chart.yaml` now uses `condition: postgres.enabled` for the Postgres dependency.
- `charts/selenium-grid/README.md` still shows `postgresql:\n  enabled: true` in the external datastore example.
- `tests/charts/make/chart_test.sh` still runs Helm with `--set postgresql.enabled=true`.

## Fix Focus Areas
- charts/selenium-grid/README.md[1137-1149]
- tests/charts/make/chart_test.sh[235-240]
- charts/selenium-grid/Chart.yaml[25-28]

## Suggested fix
1. Update the README example to use:
   ```yaml
   postgres:
     enabled: true
   ```
2. Update the chart test script to set `--set postgres.enabled=true`.
3. If backward compatibility is desired for existing users, add a clear migration note (or implement a compatibility mechanism) so `postgresql.enabled` users don’t silently lose the dependency on upgrade.

ⓘ Copy this prompt and use it to remediate the issue with your preferred AI generation tools