flagsmith-charts
flagsmith-charts copied to clipboard
Flagsmith
Update Postgres
On account of https://artifacthub.io/packages/helm/flagsmith/flagsmith?modal=security-report
gz#285
@dabeeeenster the official-est chart I can find is the Bitnami one - https://artifacthub.io/packages/helm/bitnami/postgresql - and this has the same security report rating.
That said, would still be worthwhile to update Postgres anyway (and move away from the deprecated "stable" helm chart repository), but it won't make that security rating any happier.
Righto. Yes agree we should upgrade the platform - we will just have to live with the security rating like everyone else.
Next steps:
- add more warnings about not using the bundled in-cluster postgres for storing data that you care about
- there is already a warning here https://docs.flagsmith.com/deployment/kubernetes#provided-database-configuration, but could also add one into https://github.com/Flagsmith/flagsmith-charts/blob/main/charts/flagsmith/templates/NOTES.txt
- this is because upgrading Postgres while preserving data is quite involved and requires manual steps, see https://docs.bitnami.com/kubernetes/infrastructure/postgresql/administration/upgrade/
- then a later change to upgrade the Postgres chart, with no allowance made for preserving data. Maybe also take this opportunity to rename the bundled in-cluster Postgres as "postgresDev" or something.
Hi @plumdog, I think we should go ahead with this - the warnings are in the docs already. Obviously we should include some additional large warnings in the release notes. Is this something that we should major version the chart for as well?
