FIX: Migrate from Bitnami Postgres to CloudNativePG (#1042)

* replacement of bitnami postgres with cloudnative-pg chart

* fix: wait for CloudNativePG CRDs

* fixing cluster template

* fixing DB init issue

* fixing cluster teamplate from cloudnative-pg

* optimizing cluster template

* optimizing cluster template

* optimizing cluster template

* optimizing cluster template

* fixing connections

Author: kush982

src/test/config/kind/common-values.yaml

@@ -82,10 +82,10 @@ DC_APP_REPLACEME:
 
 database:
   type: DB_TYPE_REPLACEME
-  url: jdbc:postgresql://postgres:5432/DC_APP_REPLACEME
+  url: jdbc:postgresql://DC_APP_REPLACEME-db-rw:5432/DC_APP_REPLACEME
   driver: org.postgresql.Driver
   credentials:
-    secretName: DC_APP_REPLACEME-db-creds
+    secretName: DC_APP_REPLACEME-db-credentials
 
 # nfs volume provisioner and nfs server are deployed to KinD cluster
 # thus we can create PVCs and expect them to be bound to PVs that provisioner will create

src/test/infrastructure/cloudnativepg/README.md

@@ -0,0 +1,117 @@
+# CloudNativePG Test Infrastructure
+
+Configuration files for deploying PostgreSQL databases using CloudNativePG operator in test environments.
+
+## Overview
+
+CloudNativePG operator is used to manage PostgreSQL clusters for Data Center application testing.
+
+## Files
+
+### `operator-values.yaml`
+Configuration for the CloudNativePG operator Helm chart. This includes:
+- Resource limits suitable for test environments
+- Security context configuration
+- Monitoring settings (disabled for tests)
+- RBAC and service account settings
+
+### `cluster-template.yaml`
+Template for creating PostgreSQL clusters. Features:
+- Single instance configuration for test environments
+- PostgreSQL 16.2 (matching previous Bitnami version)
+- Resource limits: 256Mi-1Gi memory, 100m-1000m CPU
+- Ephemeral storage (1Gi) suitable for tests
+- Performance optimizations for test environments (fsync disabled)
+- Database and user creation via bootstrap configuration
+
+### `init-scripts/init-db.sql`
+Database initialization script that:
+- Creates necessary PostgreSQL extensions
+- Sets up proper permissions for application users
+- Creates health check functions
+- Provides initialization logging
+
+## Usage
+
+The CloudNativePG deployment is handled automatically by the test scripts:
+
+### Local Testing (KinD)
+```bash
+# Deploy PostgreSQL cluster for Jira
+DC_APP=jira source src/test/scripts/kind/deploy_app.sh
+deploy_postgres
+```
+
+### CI/CD Testing
+The GitHub Actions workflows automatically use the updated deployment scripts.
+
+## Database Connection
+
+Applications connect to the database using:
+- **Service Name**: `{app-name}-db-rw` (read-write) or `{app-name}-db-ro` (read-only)
+- **Port**: 5432
+- **Database**: Same as application name
+- **Credentials**: Stored in `{app-name}-db-credentials` secret
+
+Example connection string for Jira:
+```
+jdbc:postgresql://jira-db-rw:5432/jira
+```
+
+## Monitoring
+
+Monitoring is disabled in test environments to reduce resource usage. For production deployments, you can enable:
+- Pod monitors for Prometheus integration
+- Grafana dashboards
+- Custom monitoring queries
+
+## Troubleshooting
+
+### Check Operator Status
+```bash
+kubectl get deployment cnpg-operator-controller-manager -n cnpg-system
+```
+
+### Check Cluster Status
+```bash
+kubectl get cluster {app-name}-db -n atlassian
+kubectl describe cluster {app-name}-db -n atlassian
+```
+
+### Check Pod Status
+```bash
+kubectl get pods -l cnpg.io/cluster={app-name}-db -n atlassian
+```
+
+### Access Database
+```bash
+# Get primary pod name
+PRIMARY_POD=$(kubectl get pods -n atlassian -l cnpg.io/cluster={app-name}-db,role=primary -o jsonpath='{.items[0].metadata.name}')
+
+# Connect to database
+kubectl exec -it ${PRIMARY_POD} -n atlassian -- psql -U {app-name} -d {app-name}
+```
+
+## Performance Considerations
+
+The test configuration includes several performance optimizations:
+- `fsync=off` - Disables synchronous writes (safe for ephemeral test data)
+- `synchronous_commit=off` - Allows asynchronous commits
+- `full_page_writes=off` - Reduces I/O for test workloads
+
+**Warning**: These settings are only suitable for test environments with ephemeral data.
+
+## Migration Notes
+
+Key differences from Bitnami PostgreSQL:
+1. **Service Names**: Changed from `postgres` to `{app-name}-db-rw`
+2. **Pod Names**: Changed from `postgres-0` to `{app-name}-db-1`
+3. **Operator Management**: Clusters are managed by the CloudNativePG operator
+4. **Configuration**: Uses Kubernetes CRDs instead of Helm values
+5. **Monitoring**: Native Prometheus integration available
+
+## Resources
+
+- [CloudNativePG Documentation](https://cloudnative-pg.io/documentation/)
+- [CloudNativePG Helm Chart](https://github.com/cloudnative-pg/charts)
+- [PostgreSQL Configuration Reference](https://www.postgresql.org/docs/current/runtime-config.html)

src/test/infrastructure/cloudnativepg/cluster-template.yaml

@@ -0,0 +1,57 @@
+apiVersion: postgresql.cnpg.io/v1
+kind: Cluster
+metadata:
+  name: ${DC_APP}-db
+  namespace: ${NAMESPACE}
+  labels:
+    app.kubernetes.io/name: postgresql
+    app.kubernetes.io/instance: ${DC_APP}-db
+    app.kubernetes.io/component: database
+    app.kubernetes.io/part-of: ${DC_APP}
+spec:
+  instances: 1
+  imageName: ghcr.io/cloudnative-pg/postgresql:16.2
+  
+  resources:
+    requests:
+      memory: "64Mi"
+      cpu: "25m"
+    limits:
+      memory: "256Mi"
+      cpu: "250m"
+  
+  storage:
+    size: 256Mi
+    storageClass: standard
+  
+  bootstrap:
+    initdb:
+      database: ${DC_APP}
+      owner: ${DC_APP}
+      secret:
+        name: ${DC_APP}-db-credentials
+      postInitSQL:
+        - "ALTER USER ${DC_APP} CREATEDB;"
+        - "ALTER USER ${DC_APP} WITH PASSWORD '${DC_APP}pwd' VALID UNTIL 'infinity';"
+  
+  postgresql:
+    parameters:
+      max_connections: "100"
+      shared_buffers: "32MB"
+      work_mem: "1MB"
+      maintenance_work_mem: "16MB"
+      effective_cache_size: "128MB"
+      fsync: "off"
+      synchronous_commit: "off"
+      full_page_writes: "off"
+      # WAL configuration
+      wal_level: "replica"
+      max_wal_senders: "2"
+      min_wal_size: "32MB"
+      max_wal_size: "64MB"
+      checkpoint_timeout: "15min"
+      # Authentication
+      password_encryption: "scram-sha-256"
+      # Reduce logging
+      log_statement: "none"
+      log_min_duration_statement: "-1"

src/test/infrastructure/cloudnativepg/init-scripts/init-db.sql

@@ -0,0 +1,27 @@
+-- Database initialization script for CloudNativePG
+
+-- Create additional extensions that might be needed by DC apps
+CREATE EXTENSION IF NOT EXISTS pg_stat_statements;
+CREATE EXTENSION IF NOT EXISTS pg_trgm;
+
+-- Grant additional permissions to the application user
+GRANT CREATE ON SCHEMA public TO ${DC_APP};
+GRANT ALL PRIVILEGES ON ALL TABLES IN SCHEMA public TO ${DC_APP};
+GRANT ALL PRIVILEGES ON ALL SEQUENCES IN SCHEMA public TO ${DC_APP};
+
+-- Set default privileges for future objects
+ALTER DEFAULT PRIVILEGES IN SCHEMA public GRANT ALL ON TABLES TO ${DC_APP};
+ALTER DEFAULT PRIVILEGES IN SCHEMA public GRANT ALL ON SEQUENCES TO ${DC_APP};
+
+-- Create a simple health check function
+CREATE OR REPLACE FUNCTION health_check() RETURNS text AS $$
+BEGIN
+    RETURN 'OK';
+END;
+$$ LANGUAGE plpgsql;
+
+-- Log initialization completion
+DO $$
+BEGIN
+    RAISE NOTICE 'Database initialization completed for application: %', '${DC_APP}';
+END $$;

src/test/infrastructure/cloudnativepg/operator-values.yaml

@@ -0,0 +1,82 @@
+# CloudNativePG Operator configuration optimized for CI/test environments
+
+replicaCount: 1
+
+image:
+  repository: ghcr.io/cloudnative-pg/cloudnative-pg
+  pullPolicy: IfNotPresent
+  tag: "1.27.0"
+
+# Operator configuration optimized for CI
+config:
+  create: true
+  name: cnpg-controller-manager-config
+  secret: false
+  clusterWide: true
+  data:
+    INHERITED_ANNOTATIONS: "categories"
+    INHERITED_LABELS: "environment,workload,app"
+  # Reduce concurrent reconciles for CI
+  maxConcurrentReconciles: 3
+
+# Disable monitoring for CI
+monitoring:
+  podMonitorEnabled: false
+  grafanaDashboard:
+    create: false
+
+# Minimal resource limits for CI
+resources:
+  limits:
+    cpu: 100m
+    memory: 128Mi
+  requests:
+    cpu: 50m
+    memory: 64Mi
+
+# Security context
+containerSecurityContext:
+  allowPrivilegeEscalation: false
+  readOnlyRootFilesystem: true
+  runAsUser: 10001
+  runAsGroup: 10001
+  seccompProfile:
+    type: RuntimeDefault
+  capabilities:
+    drop:
+      - "ALL"
+
+podSecurityContext:
+  runAsNonRoot: true
+  seccompProfile:
+    type: RuntimeDefault
+
+# Service account
+serviceAccount:
+  create: true
+
+# RBAC
+rbac:
+  create: true
+  aggregateClusterRoles: false
+
+# CRDs
+crds:
+  create: true
+
+# Webhook configuration with faster probes
+webhook:
+  port: 9443
+  mutating:
+    create: true
+    failurePolicy: Fail
+  validating:
+    create: true
+    failurePolicy: Fail
+  livenessProbe:
+    initialDelaySeconds: 1
+  readinessProbe:
+    initialDelaySeconds: 1
+  startupProbe:
+    failureThreshold: 3
+    periodSeconds: 2

src/test/infrastructure/postgres/postgres-values.yaml

@@ -1,4 +1,5 @@
-# This file contains overrides for the bitnami/postgresql helm chart, suitable for deployment into the KITT clusters.
+# DEPRECATED: This file is no longer used. CloudNativePG is now used instead of Bitnami PostgreSQL.
+# See src/test/infrastructure/cloudnativepg/ for the new configuration files.
 
 primary:
   podAnnotations:

src/test/java/test/CloudNativePGTest.java

@@ -0,0 +1,64 @@
+package test;
+
+import org.junit.jupiter.api.BeforeEach;
+import org.junit.jupiter.api.Test;
+import org.junit.jupiter.api.TestInfo;
+import test.helm.Helm;
+
+import static org.assertj.core.api.Assertions.assertThat;
+
+/**
+ * Tests for CloudNativePG integration and database connectivity
+ * These tests verify that the database configuration is compatible with CloudNativePG
+ */
+class CloudNativePGTest {
+    private Helm helm;
+
+    @BeforeEach
+    void initHelm(TestInfo testInfo) {
+        helm = new Helm(testInfo);
+    }
+
+    @Test
+    void test_cloudnativepg_service_name_format() {
+        // Test that the database URL format is compatible with CloudNativePG service naming
+        // CloudNativePG creates services with pattern: {cluster-name}-rw for read-write
+        // and {cluster-name}-ro for read-only
+        
+        String clusterName = "jira-db";
+        String expectedRwService = clusterName + "-rw";
+        String expectedRoService = clusterName + "-ro";
+        
+        assertThat(expectedRwService).isEqualTo("jira-db-rw");
+        assertThat(expectedRoService).isEqualTo("jira-db-ro");
+    }
+
+    @Test
+    void test_postgresql_connection_string_format() {
+        // Test that the JDBC URL format is correct for PostgreSQL
+        String host = "jira-db-rw";
+        String port = "5432";
+        String database = "jira";
+        String expectedUrl = String.format("jdbc:postgresql://%s:%s/%s", host, port, database);
+        
+        assertThat(expectedUrl).isEqualTo("jdbc:postgresql://jira-db-rw:5432/jira");
+    }
+
+    @Test
+    void test_database_credentials_secret_format() {
+        // Test that the secret format is compatible with CloudNativePG expectations
+        String appName = "jira";
+        String expectedSecretName = appName + "-db-credentials";
+        
+        assertThat(expectedSecretName).isEqualTo("jira-db-credentials");
+    }
+
+    @Test
+    void test_cluster_naming_convention() {
+        // Test that cluster names follow the expected pattern
+        String appName = "confluence";
+        String expectedClusterName = appName + "-db";
+        
+        assertThat(expectedClusterName).isEqualTo("confluence-db");
+    }
+}