feat: add migrations

[mikolajsobolewski]

Summary by CodeRabbit

• New Features
  • Introduced a new Helm chart for managing database migrations on Kubernetes, including customizable job configuration, image settings, and database connection details.
  • Added support for optional waiting for database readiness before running migrations.
• Documentation
  • Provided a README with usage instructions and a list of configurable values for the migrations chart.

[coderabbitai]

Walkthrough

A new Helm chart named "migrations" has been introduced under the charts/migrations directory. This addition includes chart metadata, documentation, helper templates, a configurable Kubernetes Job manifest for running migrations, and default values for deployment. The chart supports database readiness checks and environment variable sourcing from secrets.

Changes

File(s)	Change Summary
charts/migrations/.helmignore	Added ignore patterns for packaging Helm charts, excluding system, VCS, IDE, and temp files.
charts/migrations/Chart.yaml	Added chart metadata: name, version, description, maintainer, and app version.
charts/migrations/README.md	Added documentation with chart info, maintainer, and configurable values (autogenerated by helm-docs).
charts/migrations/templates/_helpers.tpl	Added Helm template helpers for naming and labeling resources.
charts/migrations/templates/job.yaml	Added a Job manifest template for running migrations with optional DB readiness check and env sourcing from secret.
charts/migrations/values.yaml	Added default values for image, command, job config, DB connection, and readiness options.

Sequence Diagram(s)

sequenceDiagram
    participant User
    participant Helm
    participant Kubernetes API
    participant Secret
    participant Database

    User->>Helm: Install/Upgrade migrations chart
    Helm->>Kubernetes API: Apply Job manifest
    Kubernetes API->>Job: Create migration Job
    alt waitForDb enabled
        Job->>Init Container: Start wait-for-db
        Init Container->>Database: Check connectivity (host:port)
        Init Container-->>Job: Exit when DB is ready
    end
    Job->>Migrator Container: Run migration command
    Migrator Container->>Secret: Load env vars (DB credentials)
    Migrator Container->>Database: Execute migrations
    Job-->>Kubernetes API: Complete Job

Loading

Poem

In the warren where Helm charts grow,
A migration job now joins the show.
With helpers, docs, and values set,
It waits for the database—no sweat!
Secrets whisper, containers run,
Migrations finish, work is done.
🐇✨

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

🪧 Tips

Chat

There are 3 ways to chat with CodeRabbit:

• Review comments: Directly reply to a review comment made by CodeRabbit. Example:
  • I pushed a fix in commit <commit_id>, please review it.
  • Explain this complex logic.
  • Open a follow-up GitHub issue for this discussion.
• Files and specific lines of code (under the "Files changed" tab): Tag @coderabbitai in a new review comment at the desired location with your query. Examples:
  • @coderabbitai explain this code block.
  • @coderabbitai modularize this function.
• PR comments: Tag @coderabbitai in a new PR comment to ask questions about the PR branch. For the best results, please provide a very specific query, as very limited context is provided in this mode. Examples:
  • @coderabbitai gather interesting stats about this repository and render them as a table. Additionally, render a pie chart showing the language distribution in the codebase.
  • @coderabbitai read src/utils.ts and explain its main purpose.
  • @coderabbitai read the files in the src/scheduler package and generate a class diagram using mermaid and a README in the markdown format.
  • @coderabbitai help me debug CodeRabbit configuration file.

Support

Need help? Create a ticket on our support page for assistance with any issues or questions.

Note: Be mindful of the bot's finite context window. It's strongly recommended to break down tasks such as reading entire modules into smaller chunks. For a focused discussion, use review comments to chat about specific files and their changes, instead of using the PR comments.

CodeRabbit Commands (Invoked using PR comments)

• @coderabbitai pause to pause the reviews on a PR.
• @coderabbitai resume to resume the paused reviews.
• @coderabbitai review to trigger an incremental review. This is useful when automatic reviews are disabled for the repository.
• @coderabbitai full review to do a full review from scratch and review all the files again.
• @coderabbitai summary to regenerate the summary of the PR.
• @coderabbitai generate docstrings to generate docstrings for this PR.
• @coderabbitai generate sequence diagram to generate a sequence diagram of the changes in this PR.
• @coderabbitai resolve resolve all the CodeRabbit review comments.
• @coderabbitai configuration to show the current CodeRabbit configuration for the repository.
• @coderabbitai help to get help.

Other keywords and placeholders

• Add @coderabbitai ignore anywhere in the PR description to prevent this PR from being reviewed.
• Add @coderabbitai summary to generate the high-level summary at a specific location in the PR description.
• Add @coderabbitai anywhere in the PR title to generate the title automatically.

CodeRabbit Configuration File (.coderabbit.yaml)

• You can programmatically configure CodeRabbit by adding a .coderabbit.yaml file to the root of your repository.
• Please see the configuration documentation for more information.
• If your editor has YAML language server enabled, you can add the path at the top of this file to enable auto-completion and validation: # yaml-language-server: $schema=https://coderabbit.ai/integrations/schema.v2.json

Documentation and Community

• Visit our Documentation for detailed information on how to use CodeRabbit.
• Join our Discord Community to get help, request features, and share feedback.
• Follow us on X/Twitter for updates and announcements.

[coderabbitai]

Actionable comments posted: 3

🧹 Nitpick comments (8)

charts/migrations/Chart.yaml (2)

3-3: Enhance chart description
The description field is too generic. Consider specifying that this chart runs database migrations, e.g.,

description: A Helm chart to run database migrations as a Kubernetes Job

---

6-7: Add maintainer contact details
Helm best practices recommend including email and/or URL for maintainers to facilitate communication and issue triage. For example:

maintainers:
  - name: "mikolajsobolewski"
    email: "you@example.com"
    url: "https://github.com/mikolajsobolewski"

charts/migrations/values.yaml (1)

12-13: Consider adding a hook delete policy
You’re using Helm hooks for pre-install and pre-upgrade, but without a delete policy old jobs may linger. You can enhance cleanup by adding:

job:
  annotations:
    helm.sh/hook: pre-install,pre-upgrade
    helm.sh/hook-weight: "0"
    helm.sh/hook-delete-policy: before-hook-creation,hook-succeeded

This ensures previous migration jobs are removed before new ones run.

charts/migrations/README.md (2)

11-11: Populate maintainer contact information
The maintainer table omits email and URL. Including these fields helps chart consumers know where to seek support.

---

33-33: Ensure final newline
Add a newline at the end of the file to adhere to POSIX text file conventions and avoid render inconsistencies.

charts/migrations/templates/_helpers.tpl (2)

5-9: Include recommended Kubernetes common labels
Enhance the labels helper by adding standard CNCF labels for better metadata consistency, for example:

 {{- define "migrations.labels" -}}
-helm.sh/chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
-app.kubernetes.io/name: {{ include "migrations.fullname" . }}
-app.kubernetes.io/instance: {{ .Release.Name }}
+helm.sh/chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+app.kubernetes.io/name: {{ include "migrations.fullname" . }}
+app.kubernetes.io/instance: {{ .Release.Name }}
+app.kubernetes.io/version: {{ .Chart.AppVersion }}
+app.kubernetes.io/managed-by: Helm
 {{- end -}}

---

15-15: Ensure trailing newline
Add a newline at the end of the file to prevent potential template rendering issues.

charts/migrations/templates/job.yaml (1)

35-38: Guard the database secret reference
If .Values.db.secretName is empty, envFrom will produce invalid YAML. Consider wrapping this block in an if check or defaulting db.secretName: "" to a required non-empty value.

Example:

-          envFrom:
-            - secretRef: 
-                name: {{ .Values.db.secretName }}
+          {{- if .Values.db.secretName }}
+          envFrom:
+            - secretRef:
+                name: {{ .Values.db.secretName }}
+          {{- end }}

📜 Review details

Configuration used: CodeRabbit UI
Review profile: CHILL
Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between c8dd350 and 24f5b9b.

📒 Files selected for processing (6)

• charts/migrations/.helmignore (1 hunks)
• charts/migrations/Chart.yaml (1 hunks)
• charts/migrations/README.md (1 hunks)
• charts/migrations/templates/_helpers.tpl (1 hunks)
• charts/migrations/templates/job.yaml (1 hunks)
• charts/migrations/values.yaml (1 hunks)

🧰 Additional context used

🪛 GitHub Check: test

charts/migrations/values.yaml

[failure] 2-2:
2:17 [trailing-spaces] trailing spaces

🪛 YAMLlint (1.37.1)

charts/migrations/values.yaml

[error] 2-2: trailing spaces

(trailing-spaces)

charts/migrations/templates/job.yaml

[error] 6-6: syntax error: expected the node content, but found '-'

(syntax)

🪛 GitHub Actions: charts/all

charts/migrations/values.yaml

[error] 2-2: trailing spaces detected (trailing-spaces)

🔇 Additional comments (7)

charts/migrations/Chart.yaml (1)

8-8: Review appVersion value
Using "latest" for appVersion may not reflect a fixed, repeatable release and can lead to unpredictability. Consider pinning to a specific semantic version or clarifying its intended usage.

charts/migrations/templates/job.yaml (6)

1-4: Metadata templating looks solid
The Helm helpers for fullname and labels ensure consistent naming and labeling across resources.

---

5-6: Ignore YAMLlint false-positive on Helm directives
The dash in {{- include ... }} is Helm’s whitespace control and not invalid YAML at render time. To catch real template issues, run helm lint charts/migrations.

🧰 Tools

🪛 YAMLlint (1.37.1)

[error] 6-6: syntax error: expected the node content, but found '-'

(syntax)

---

7-8: Ensure default annotations are defined
Guard against null or empty maps if .Values.job.annotations isn’t set in values.yaml. Make sure you default job.annotations: {} in values.yaml to avoid invalid YAML.

---

9-10: Dynamic backoffLimit is appropriate
Sourcing .Values.job.backoffLimit lets users tune retry behavior. Good flexibility.

---

17-20: Image pull secrets support is correct
The with .Values.imagePullSecrets block and toYaml indentation will render a valid imagePullSecrets array when populated.

---

25-34: Flexible command handling is well implemented
Supporting both string and list commands covers most use cases. The kindIs "string" guard and proper indentation via toYaml will render valid command: arrays.

[coderabbitai]

Actionable comments posted: 1

♻️ Duplicate comments (2)

charts/migrations/templates/job.yaml (2)

39-42: Include imagePullPolicy for the wait-for-db initContainer.
To ensure consistent pull behavior (e.g., Always vs IfNotPresent), source pullPolicy from values. Verify waitForDb.pullPolicy is defined in values.yaml.

-        - name: wait-for-db
-          image: {{ .Values.waitForDb.image }}
+        - name: wait-for-db
+          image: {{ .Values.waitForDb.image }}
+          imagePullPolicy: {{ .Values.waitForDb.pullPolicy }}

---

9-10: 🛠️ Refactor suggestion

Add TTL for automatic Job cleanup.
Completed or failed Jobs can accumulate indefinitely. Introduce ttlSecondsAfterFinished at the Job spec level to automatically purge old Job resources. Ensure you define a default in values.yaml under job.ttlSecondsAfterFinished.

 spec:
   backoffLimit: {{ .Values.job.backoffLimit }}
+  ttlSecondsAfterFinished: {{ .Values.job.ttlSecondsAfterFinished }}
   template:

🧹 Nitpick comments (2)

charts/migrations/templates/job.yaml (2)

7-8: Conditionalize the annotations block.
If .Values.job.annotations is empty or undefined, the rendered annotations: key will be left dangling, leading to invalid YAML. Wrap it in a with to render only when annotations are provided.

-  annotations:
-    {{- toYaml .Values.job.annotations | nindent 4 }}
+  {{- with .Values.job.annotations }}
+  annotations:
+    {{ toYaml . | nindent 4 }}
+  {{- end }}

---

21-24: Consider adding resource requests and limits.
It’s best practice to allow users to configure resource requests and limits for the migrator container to guard against noisy neighbors and ensure scheduling. For example:

       containers:
         - name: migrator
           image: "{{ .Values.image.repository }}:{{ .Values.image.tag }}"
           imagePullPolicy: {{ .Values.image.pullPolicy }}
+          resources:
+            {{ toYaml .Values.resources | nindent 12 }}

Ensure you define sensible defaults for resources in values.yaml.

📜 Review details

Configuration used: CodeRabbit UI
Review profile: CHILL
Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 24f5b9b and 25405b5.

📒 Files selected for processing (2)

• charts/migrations/templates/job.yaml (1 hunks)
• charts/migrations/values.yaml (1 hunks)

🚧 Files skipped from review as they are similar to previous changes (1)

• charts/migrations/values.yaml

🧰 Additional context used

🪛 YAMLlint (1.37.1)

charts/migrations/templates/job.yaml

[error] 6-6: syntax error: expected the node content, but found '-'

(syntax)

[coderabbitai]

Actionable comments posted: 0

♻️ Duplicate comments (1)

charts/migrations/templates/job.yaml (1)

5-6: ⚠️ Potential issue

Fix YAML syntax error in labels block
The leading dash in the include directive trims the preceding newline, causing a YAML syntax error during rendering. Remove the dash to preserve the required newline before the labels.

-  labels:
-    {{- include "migrations.labels" . | nindent 4 }}
+  labels:
+    {{ include "migrations.labels" . | nindent 4 }}

🧰 Tools

🪛 YAMLlint (1.37.1)

[error] 6-6: syntax error: expected the node content, but found '-'

(syntax)

🧹 Nitpick comments (1)

charts/migrations/templates/job.yaml (1)

13-14: Optional: Consistent whitespace control for selector labels
Similarly, consider removing the leading dash in the selectorLabels include to avoid trimming the newline and ensure proper indenting:

-      labels:
-        {{- include "migrations.selectorLabels" . | nindent 8 }}
+      labels:
+        {{ include "migrations.selectorLabels" . | nindent 8 }}

📜 Review details

Configuration used: CodeRabbit UI
Review profile: CHILL
Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 25405b5 and 69cc83f.

📒 Files selected for processing (4)

• charts/migrations/Chart.yaml (1 hunks)
• charts/migrations/README.md (1 hunks)
• charts/migrations/templates/job.yaml (1 hunks)
• charts/migrations/values.yaml (1 hunks)

✅ Files skipped from review due to trivial changes (1)

• charts/migrations/README.md

🚧 Files skipped from review as they are similar to previous changes (2)

• charts/migrations/Chart.yaml
• charts/migrations/values.yaml

🧰 Additional context used

🪛 YAMLlint (1.37.1)

charts/migrations/templates/job.yaml

[error] 6-6: syntax error: expected the node content, but found '-'

(syntax)

🔇 Additional comments (2)

charts/migrations/templates/job.yaml (2)

39-42: Image pull policy added to initContainer
Great job adding imagePullPolicy for the wait-for-db initContainer to ensure consistent pull behavior.

---

52-53: Automatic Job cleanup enabled
The addition of ttlSecondsAfterFinished is spot on for cleaning up succeeded or failed Jobs automatically.

[coderabbitai]

Actionable comments posted: 0

♻️ Duplicate comments (1)

charts/migrations/templates/job.yaml (1)

5-6: Fix YAML syntax error in the labels section.
The leading dash in the include directive strips the required newline and leads to a linter error. Change:

-  labels:
-    {{- include "migrations.labels" . | nindent 4 }}
+  labels:
+    {{ include "migrations.labels" . | nindent 4 }}

🧰 Tools

🪛 YAMLlint (1.37.1)

[error] 6-6: syntax error: expected the node content, but found '-'

(syntax)

🧹 Nitpick comments (3)

charts/migrations/templates/job.yaml (3)

7-8: Preserve indentation when rendering annotations.
Using {{- toYaml ... }} strips the leading whitespace and may produce invalid YAML if the block is empty. It’s safer to use:

-  annotations:
-    {{- toYaml .Values.job.annotations | nindent 4 }}
+  annotations:
+    {{ toYaml .Values.job.annotations | nindent 4 }}

---

9-15: Consider explicit selector and runtime bounds.
Currently the Job relies on default selectors and has no timeout guard. You could add:

spec:
  selector:
    matchLabels:
      {{ include "migrations.selectorLabels" . | nindent 6 }}
  activeDeadlineSeconds: {{ .Values.job.activeDeadlineSeconds }}
  backoffLimit: {{ .Values.job.backoffLimit }}

—where job.activeDeadlineSeconds is added to values.yaml. This locks down the Pod selector and bounds the job duration.

---

65-67: Separate resources for the init container.
Both the migrator and the wait-for-db initContainer share .Values.resources. Consider a dedicated .Values.waitForDb.resources block so you can tune the readiness probe separately:

 initContainers:
   - name: wait-for-db
     ...
-      resources:
-        {{- toYaml .Values.resources | nindent 12 }}
+      resources:
+        {{- toYaml .Values.waitForDb.resources | nindent 12 }}

📜 Review details

Configuration used: CodeRabbit UI
Review profile: CHILL
Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 69cc83f and 87dc1f0.

📒 Files selected for processing (3)

• charts/migrations/README.md (1 hunks)
• charts/migrations/templates/job.yaml (1 hunks)
• charts/migrations/values.yaml (1 hunks)

🚧 Files skipped from review as they are similar to previous changes (2)

• charts/migrations/values.yaml
• charts/migrations/README.md

🧰 Additional context used

🪛 YAMLlint (1.37.1)

charts/migrations/templates/job.yaml

[error] 6-6: syntax error: expected the node content, but found '-'

(syntax)

🔇 Additional comments (3)

charts/migrations/templates/job.yaml (3)

26-38: Main container configuration looks solid.
Good use of imagePullPolicy, conditional cmd handling, and templated resource injection.

---

45-63: DB readiness initContainer is well-implemented.
The retry loop with a configurable max_attempts, a clear failure path, and feedback logs is robust. Including imagePullPolicy for consistency is also good.

---

68-69: Automatic cleanup TTL is configured correctly.
The ttlSecondsAfterFinished at the Job spec level will ensure completed or failed jobs don’t linger.