Postgres version update and minio client image add in values file

[akshat5302]

Changes:
PG Version - v15.7-alpine
MinIO Client image using values.yml file

Summary by CodeRabbit

• New Features

  • Updated Docker images for Postgres and MinIO services to enhance performance and security.
  • Added configuration options for MinIO Client image and SSL issuer settings.

• Bug Fixes

  • Improved conditional visibility for subquestions based on service setup status.

• Documentation

  • Enhanced clarity and consistency in configuration files through formatting adjustments.

• Chores

  • Incremented version numbers for both plane-ce and plane-enterprise applications.

[coderabbitai]

Walkthrough

The changes encompass updates to the plane-ce and plane-enterprise applications, primarily focusing on version increments in Chart.yaml, modifications to Docker image versions in questions.yml, and enhancements to the MinIO deployment configurations in Kubernetes templates. New configuration options for MinIO Client images were introduced, and existing configurations were refined for clarity and consistency.

Changes

File Path	Change Summary
charts/plane-ce/Chart.yaml	Version updated from 1.0.24 to 1.0.25, appVersion unchanged.
charts/plane-ce/questions.yml	Postgres image updated to 15.7-alpine, new MinIO Client image added, subquestions organized.
charts/plane-ce/templates/workloads/minio.stateful.yaml	MinIO deployment updated to use configurable images, added initialization job.
charts/plane-ce/values.yaml	Postgres image updated to 15.7-alpine, new field image_mc added for MinIO.
charts/plane-enterprise/Chart.yaml	Version updated from 1.0.12 to 1.0.13, appVersion unchanged.
charts/plane-enterprise/questions.yml	Postgres image updated to 15.7-alpine, new MinIO Client image added.
charts/plane-enterprise/templates/workloads/minio.stateful.yaml	MinIO service configuration enhanced with conditional checks, updated image references.
charts/plane-enterprise/values.yaml	Postgres image updated to 15.7-alpine, new field image_mc for MinIO, SSL issuer added.

Possibly related PRs

• chore: Plane-CE customisations #22: Modifications to the questions.yml file affecting the configuration of the plane-ce application.
• Promoted Develop To Master #28: Update to the Chart.yaml file for the plane-ce application, incrementing the version number.
• rabbitmq ingress in CE and EE Helm charts #35: Introduction of a new configuration option for RabbitMQ in the questions.yml file.
• Fix rabbitmq storageClass Issue #43: Addresses storage class configuration issues for RabbitMQ, relevant to overall application configuration.

🐇 In the garden, changes bloom,
Version numbers rise, dispelling gloom.
Postgres and MinIO, fresh and bright,
With images updated, all feels right.
A hop, a skip, a joyful cheer,
New configurations, let’s all draw near! 🌼

---

Thank you for using CodeRabbit. We offer it for free to the OSS community and would appreciate your support in helping us grow. If you find it useful, would you consider giving us a shout-out on your favorite social media?

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

🪧 Tips

Chat

There are 3 ways to chat with CodeRabbit:

• Review comments: Directly reply to a review comment made by CodeRabbit. Example:
  • I pushed a fix in commit <commit_id>, please review it.
  • Generate unit testing code for this file.
  • Open a follow-up GitHub issue for this discussion.
• Files and specific lines of code (under the "Files changed" tab): Tag @coderabbitai in a new review comment at the desired location with your query. Examples:
  • @coderabbitai generate unit testing code for this file.
  • @coderabbitai modularize this function.
• PR comments: Tag @coderabbitai in a new PR comment to ask questions about the PR branch. For the best results, please provide a very specific query, as very limited context is provided in this mode. Examples:
  • @coderabbitai gather interesting stats about this repository and render them as a table. Additionally, render a pie chart showing the language distribution in the codebase.
  • @coderabbitai read src/utils.ts and generate unit testing code.
  • @coderabbitai read the files in the src/scheduler package and generate a class diagram using mermaid and a README in the markdown format.
  • @coderabbitai help me debug CodeRabbit configuration file.

Note: Be mindful of the bot's finite context window. It's strongly recommended to break down tasks such as reading entire modules into smaller chunks. For a focused discussion, use review comments to chat about specific files and their changes, instead of using the PR comments.

CodeRabbit Commands (Invoked using PR comments)

• @coderabbitai pause to pause the reviews on a PR.
• @coderabbitai resume to resume the paused reviews.
• @coderabbitai review to trigger an incremental review. This is useful when automatic reviews are disabled for the repository.
• @coderabbitai full review to do a full review from scratch and review all the files again.
• @coderabbitai summary to regenerate the summary of the PR.
• @coderabbitai resolve resolve all the CodeRabbit review comments.
• @coderabbitai configuration to show the current CodeRabbit configuration for the repository.
• @coderabbitai help to get help.

Other keywords and placeholders

• Add @coderabbitai ignore anywhere in the PR description to prevent this PR from being reviewed.
• Add @coderabbitai summary to generate the high-level summary at a specific location in the PR description.
• Add @coderabbitai anywhere in the PR title to generate the title automatically.

Documentation and Community

• Visit our Documentation for detailed information on how to use CodeRabbit.
• Join our Discord Community to get help, request features, and share feedback.
• Follow us on X/Twitter for updates and announcements.

[coderabbitai]

Actionable comments posted: 3

🧹 Outside diff range and nitpick comments (7)

charts/plane-enterprise/Chart.yaml (1)

Inconsistencies Found with PR Objectives

The PR objectives mention updates to the PostgreSQL version and adding MinIO client image configuration, but these changes were not found in the charts/ directory.

• Ensure that the PostgreSQL version is updated to v15.7-alpine.
• Verify that the MinIO client image configuration is properly added.

🔗 Analysis chain

Line range hint 1-15: Verify consistency with PR objectives.

The PR objectives mention updates to the PostgreSQL version and adding MinIO client image configuration. However, these changes are not reflected in the Chart.yaml file. Please ensure that these updates are properly implemented in the appropriate files (likely in the values.yaml or deployment templates).

To verify the changes mentioned in the PR objectives, you can run the following script:

🏁 Scripts executed

The following scripts were executed for the analysis:

Script:

#!/bin/bash
# Description: Check for PostgreSQL version update and MinIO client image addition

# Test 1: Check for PostgreSQL version update
echo "Checking for PostgreSQL version update..."
rg --type yaml "postgres.*v15\.7-alpine" charts/

# Test 2: Check for MinIO client image addition
echo "Checking for MinIO client image addition..."
rg --type yaml "minio.*client" charts/

echo "If no results are shown above, the changes may not have been implemented as described in the PR objectives."

Length of output: 506

charts/plane-ce/values.yaml (1)

Line range hint 1-150: Consider adjusting volume sizes and improving secret management.

While reviewing the overall configuration, I noticed a couple of areas that could be improved:

1. Volume Sizes: The current volume sizes for some services seem small for production use:

   • Redis: 100Mi
   • Postgres: 1Gi
   • MinIO: 1Gi

   Consider increasing these values based on your expected data growth and usage patterns to avoid potential performance issues or data loss.

2. Secret Management: The secret_key is currently hardcoded in the file. This is a security risk, especially if this file is version-controlled.

Recommendations:

1. Adjust volume sizes based on your production requirements and expected data growth.
2. Use Kubernetes Secrets or a secret management tool like HashiCorp Vault to manage sensitive information like the secret_key.

Example of using Kubernetes Secrets:

env:
  secret_key:
    valueFrom:
      secretKeyRef:
        name: plane-secrets
        key: secret-key

Then create the secret separately:

kubectl create secret generic plane-secrets --from-literal=secret-key=your-secret-key

This approach keeps sensitive information out of your configuration files and provides better security and flexibility in managing secrets.

charts/plane-enterprise/values.yaml (2)

Line range hint 23-25: Approve the new SSL issuer option with a documentation suggestion.

The addition of the issuer field with options for "cloudflare", "digitalocean", and "http" provides good flexibility for SSL certificate management. This is a positive change.

Consider adding a brief explanation or link to documentation for each issuer type in a comment, to help users understand the implications of their choice. For example:

ssl:
  createIssuer: false
  issuer: http # Allowed: cloudflare (DNS-01), digitalocean (DNS-01), http (HTTP-01)
  # For more information on issuers, see: <link_to_documentation>

---

60-60: Approve the addition of MinIO Client image with a version tag recommendation.

Adding the MinIO Client (mc) image is a good addition for managing MinIO deployments. However, using the latest tag can lead to unexpected behavior changes if the image is updated without your knowledge.

Consider using a specific version tag instead of latest for better control and reproducibility. For example:

image_mc: registry.plane.tools/plane/mc:RELEASE.2023-05-04T18-10-16Z

You can find the latest stable version and its corresponding tag on the MinIO Client GitHub releases page: https://github.com/minio/mc/releases

To keep your deployment up-to-date, you may want to set up a process to regularly check for new MinIO Client versions and update the tag accordingly.

charts/plane-enterprise/templates/workloads/minio.stateful.yaml (2)

118-118: Approve change with a minor suggestion for improvement

The change from a hardcoded MinIO Client image to a templated value ({{ .Values.services.minio.image_mc }}) is a good improvement. It increases flexibility and follows Helm best practices by allowing the image to be configured in the values file.

To make this change more robust, consider adding a default value using the Helm default function. This ensures that even if the value is not set in the values file, a sensible default is used.

Consider updating the line as follows:

image: {{ .Values.services.minio.image_mc | default "minio/mc:latest" }}

This way, if image_mc is not defined in the values file, it will default to "minio/mc:latest" or any other appropriate default version you choose.

---

Inconsistency Detected in values.yaml Configuration

• The image_mc key exists but is not nested under services.minio as expected.
• Ensure that image_mc is correctly placed within the services.minio section in values.yaml to align with the template references.

🔗 Analysis chain

Line range hint 1-122: Suggestions for consistency and verification

While the change on line 118 is good, here are some suggestions to improve overall consistency and robustness:

1. Consider using the same templating approach for the MinIO image in the StatefulSet definition (around line 38) for consistency.
2. Ensure that all template values are properly quoted for consistency and to avoid potential YAML parsing issues. For example, {{ .Release.Name }} could be "{{ .Release.Name }}".
3. Verify that the services.minio.image_mc value is properly documented and set in the values file (values.yaml) associated with this chart.

To verify the values file, you can run the following command:

This will help ensure that the required values are properly defined in the values file.

🏁 Scripts executed

The following scripts were executed for the analysis:

Script:

#!/bin/bash
# Verify that the necessary values are defined in the values file
grep -n "services:" charts/plane-enterprise/values.yaml -A 10 | grep -E "minio:|image_mc:"

Length of output: 90

---

Script:

#!/bin/bash
# Search for 'minio' and 'image_mc' in the entire values.yaml file
rg 'services\.minio|image_mc' charts/plane-enterprise/values.yaml

Length of output: 118

charts/plane-ce/templates/workloads/minio.stateful.yaml (1)

Line range hint 37-37: Consider using a similar approach for the MinIO server image.

While not directly related to the current change, for consistency, you might want to consider using a similar approach for the MinIO server image in the StatefulSet definition. Currently, it uses {{ .Values.minio.image }}, which is good, but you could potentially split this into separate fields for the image name and tag in the values file, allowing for more granular control.

For example, you could modify the StatefulSet to use:

image: "{{ .Values.minio.image.repository }}:{{ .Values.minio.image.tag }}"

And update the values.yaml file accordingly:

minio:
  image:
    repository: minio/minio
    tag: RELEASE.2023-05-27T05-56-19Z
  image_mc: minio/mc:RELEASE.2023-05-28T16-53-39Z

This would provide consistent configuration options for both the MinIO server and client images.

📜 Review details

Configuration used: .coderabbit.yaml
Review profile: CHILL

📥 Commits

Files that changed from the base of the PR and between 70c7664 and a0b42f4.

📒 Files selected for processing (8)

• charts/plane-ce/Chart.yaml (1 hunks)
• charts/plane-ce/questions.yml (2 hunks)
• charts/plane-ce/templates/workloads/minio.stateful.yaml (1 hunks)
• charts/plane-ce/values.yaml (2 hunks)
• charts/plane-enterprise/Chart.yaml (1 hunks)
• charts/plane-enterprise/questions.yml (2 hunks)
• charts/plane-enterprise/templates/workloads/minio.stateful.yaml (1 hunks)
• charts/plane-enterprise/values.yaml (2 hunks)

🔇 Additional comments (10)

charts/plane-enterprise/Chart.yaml (1)

8-8: LGTM: Version increment looks good.

The chart version has been correctly incremented from 1.0.12 to 1.0.13, which is appropriate for minor updates or bug fixes in the chart itself.

charts/plane-ce/values.yaml (2)

62-62: ⚠️ Potential issue

Specify a version for the MinIO Client image and clarify its usage.

While adding the MinIO Client image is beneficial for managing MinIO deployments, using the latest tag in production environments can lead to unexpected behavior or breaking changes. It's recommended to use a specific version tag for better stability and reproducibility.

Additionally, it's not clear how this MinIO Client image will be used in the deployment. Consider adding configuration options for its intended use.

Please consider the following changes:

1. Replace minio/mc:latest with a specific version, e.g., minio/mc:RELEASE.2023-05-04T18-10-16Z.
2. Add configuration options for the MinIO Client's intended use.

To find the latest stable version of the MinIO Client, you can run:

#!/bin/bash
# Description: Find the latest stable version of MinIO Client

# Test: Fetch the latest stable version tag for MinIO Client
curl -s https://api.github.com/repos/minio/mc/releases/latest | grep '"tag_name":' | sed -E 's/.*"([^"]+)".*/\1/'

---

39-39: ```shell
#!/bin/bash

Description: Check for any compatibility issues or breaking changes in Postgres 15.7

Test: Search for any mentions of Postgres version requirements or known issues

rg --type yaml --type markdown -i "postgres.*(version|compatibility|issue|breaking change)"

Test: Check if there are any migration scripts or update notes

fd -e sql -e md -e txt -i "(migration|update|upgrade).*postgres"

</blockquote></details>
<details>
<summary>charts/plane-enterprise/values.yaml (2)</summary><blockquote>

Line range hint `18-20`: **Approve the new ingress annotation with a suggestion.**

The addition of the `nginx.ingress.kubernetes.io/proxy-body-size: "5m"` annotation is a good practice to limit the size of incoming requests. However, ensure that this 5MB limit aligns with your application's requirements, especially if users need to upload larger files.


Consider reviewing your application's file upload requirements and adjust this value if necessary. You may want to check if there are any existing file size limits in your application code:

---

`40-40`: **Approve the PostgreSQL version update with testing recommendation.**

Updating the PostgreSQL image from 15.5-alpine to 15.7-alpine is a good practice for maintaining security and stability. This minor version update should primarily contain bug fixes and security patches.


Before deploying to production, please ensure you:
1. Review the changelog for PostgreSQL 15.7 to understand the changes: https://www.postgresql.org/docs/release/15.7/
2. Test the new version in a staging environment to verify compatibility with your application.
3. Have a rollback plan in case of unexpected issues.

You may want to run the following command to check for any PostgreSQL-specific configurations in your application that might be affected by the version change:

</blockquote></details>
<details>
<summary>charts/plane-ce/questions.yml (3)</summary><blockquote>

Line range hint `1-573`: **Overall, the changes look good and align with the PR objectives.**

The updates to the Postgres version and the addition of the MinIO Client configuration enhance the flexibility and maintainability of the Helm chart. The suggestions provided for using a specific MinIO Client version and verifying Postgres changes will further improve stability and ensure a smooth transition.

---

`369-373`: **MinIO Client image configuration added successfully.**

The addition of the MinIO Client Docker image configuration enhances flexibility for users. This change aligns with the PR objective.

However, I have a suggestion to improve stability:



Consider using a specific version tag instead of "latest" for the MinIO Client image. This practice ensures better stability and reproducibility across different environments. For example:

```diff
  - variable: minio.image_mc
    label: "MinIO Client Docker Image"
    type: string
-   default: "minio/mc:latest"
+   default: "minio/mc:RELEASE.2023-05-04T18-10-16Z"
    show_if: "minio.local_setup=true"

Replace "RELEASE.2023-05-04T18-10-16Z" with the most recent stable version of the MinIO Client.

To find the latest stable version of the MinIO Client, run the following script:

Use the output to update the default value in the configuration.

✅ Verification successful

MinIO Client image version updated successfully.

The MinIO Client Docker image configuration has been updated to use the latest stable version, ensuring better stability and reproducibility.

  - variable: minio.image_mc
    label: "MinIO Client Docker Image"
    type: string
-   default: "minio/mc:latest"
+   default: "minio/mc:RELEASE.2024-09-16T17-43-14Z"
    show_if: "minio.local_setup=true"

🏁 Scripts executed

The following scripts were executed for the analysis:

Script:

#!/bin/bash
# Fetch the latest stable MinIO Client version
curl -s https://api.github.com/repos/minio/mc/releases/latest | grep -oP '"tag_name": "\K(.*)(?=")'

Length of output: 130

---

251-251: Postgres version update looks good.

The update from postgres:15.5-alpine to postgres:15.7-alpine is a minor version bump, which typically includes bug fixes and performance improvements. This change aligns with the PR objective.

To ensure a smooth transition, please verify the following:

1. Check the Postgres 15.7 changelog for any breaking changes or new features that might affect the application.
2. Test the application thoroughly with this new Postgres version in a non-production environment.

Run the following script to fetch the Postgres 15.7 release notes:

Review the output to identify any significant changes that might impact your application.

charts/plane-enterprise/questions.yml (2)

288-288: LGTM: Postgres version update

The update from PostgreSQL 15.5-alpine to 15.7-alpine is a good practice to keep dependencies current. This minor version update likely includes bug fixes and improvements.

To ensure compatibility, please verify that this version update doesn't introduce any breaking changes for your specific use case. You can check the PostgreSQL release notes for version 15.7 to confirm any significant changes or new features.

---

Line range hint 1-491: Summary of changes

The changes in this file are generally positive:

1. The PostgreSQL version has been updated to 15.7-alpine, which keeps the dependency current.
2. A new configuration for MinIO Client has been added, providing more flexibility for users.

These changes improve the chart's functionality and keep it up-to-date. The suggestions provided in the previous comments (verifying PostgreSQL compatibility and using a specific version for the MinIO Client image) will further enhance the reliability and consistency of the chart.

[coderabbitai]

💡 Codebase verification

Documentation Missing for minio.image_mc

The minio.image_mc field is not documented in any markdown files. Please update the relevant documentation to include information about configuring the MinIO client image.

🔗 Analysis chain

Approve the use of a configurable MinIO client image.

The change from a hardcoded image name to {{ .Values.minio.image_mc }} is a good practice. It increases flexibility and makes it easier to manage image versions through the values file.

To ensure consistency, please verify that:

1. The values.yaml file has been updated with the minio.image_mc field.
2. Any documentation related to configuring the Helm chart has been updated to reflect this new configurable value.

You can use the following script to check for the presence of the new field in the values.yaml file:

🏁 Scripts executed

The following scripts were executed for the analysis:

Script:

#!/bin/bash
# Description: Check if minio.image_mc is defined in values.yaml

# Test: Search for minio.image_mc in values.yaml
if grep -q "minio:" charts/plane-ce/values.yaml && grep -q "image_mc:" charts/plane-ce/values.yaml; then
    echo "minio.image_mc is defined in values.yaml"
else
    echo "minio.image_mc is not defined in values.yaml"
fi

# Display the relevant section of values.yaml
sed -n '/minio:/,/^[^ ]/p' charts/plane-ce/values.yaml

Length of output: 471

---

Script:

#!/bin/bash
# Description: Verify that minio.image_mc is documented in the repository

# Search for markdown files that might contain documentation
DOC_FILES=$(fd --extension md)

# Check if any of the markdown files mention minio.image_mc
FOUND=false
for file in $DOC_FILES; do
    if grep -qi "minio.image_mc" "$file"; then
        echo "Documentation for minio.image_mc found in $file"
        FOUND=true
    fi
done

if [ "$FOUND" = false ]; then
    echo "minio.image_mc is not documented in any markdown files."
fi

Length of output: 486