Skip to content

refactor(doclet): migrate postgres and nats components to resources#46

Open
kavix wants to merge 1 commit into
openchoreo:mainfrom
kavix:migrate-postgres-nats-to-resources
Open

refactor(doclet): migrate postgres and nats components to resources#46
kavix wants to merge 1 commit into
openchoreo:mainfrom
kavix:migrate-postgres-nats-to-resources

Conversation

@kavix

@kavix kavix commented Jun 30, 2026

Copy link
Copy Markdown

Purpose

Migrate the Doclet application's database and messaging dependencies (Postgres and NATS) from plain Component abstractions to Resource abstractions in the GitOps repository. This aligns the repository with the in-repo doclet templates.

Resolves #3107
Relates to openchoreo/openchoreo#4027

Approach

  • Deleted postgres/ and nats/ component folders under namespaces/default/projects/doclet/components/.
  • Created Postgres and NATS Resource objects under namespaces/default/projects/doclet/resources/.
  • Created development ResourceReleaseBinding definitions under namespaces/default/projects/doclet/bindings/development/.
  • Rewired document-svc and collab-svc workload files to consume the new doclet-postgres and doclet-nats resource dependencies instead of the component endpoints. Removed hardcoded DB username and password from the document-svc workload.

Related Issues

Checklist

  • Replace the postgres/ and nats/ component directories under namespaces/default/projects/doclet/components/ with a Resource + ResourceReleaseBinding per backend (mirror resources/ and bindings/)
  • Rewire the document-svc and collab-svc workloads to consume their dependencies via dependencies.resources[] (mirror service-document.yaml / service-collab.yaml)
  • Confirm Flux reconciles and the document service connects to Postgres + NATS
  • Tests added or updated (unit, integration, etc.)
  • Samples updated (if applicable)

Remarks

Verified files syntax locally using yq.

Summary by CodeRabbit

  • New Features

    • Added support for separate development bindings for the app’s data and messaging services.
    • Updated GitOps release workflows to use the new repository location.
  • Bug Fixes

    • Simplified service wiring so the app now uses direct resource connections for database and messaging access.
    • Removed outdated service definitions and release bindings to keep the deployment configuration consistent.

@coderabbitai

coderabbitai Bot commented Jun 30, 2026

Copy link
Copy Markdown

Review Change Stack

No actionable comments were generated in the recent review. 🎉

ℹ️ Recent review info
⚙️ Run configuration

Configuration used: defaults

Review profile: CHILL

Plan: Pro

Run ID: 48d5f917-0f63-40b1-90e7-b8a84ab07808

📥 Commits

Reviewing files that changed from the base of the PR and between 4f125e3 and 7327c42.

📒 Files selected for processing (20)
  • flux/gitrepository.yaml
  • namespaces/default/platform/workflows/docker-with-gitops-release.yaml
  • namespaces/default/platform/workflows/google-cloud-buildpacks-gitops-release.yaml
  • namespaces/default/platform/workflows/react-gitops-release.yaml
  • namespaces/default/projects/doclet/bindings/development/nats.yaml
  • namespaces/default/projects/doclet/bindings/development/postgres.yaml
  • namespaces/default/projects/doclet/components/collab-svc/workload.yaml
  • namespaces/default/projects/doclet/components/document-svc/workload.yaml
  • namespaces/default/projects/doclet/components/nats/component.yaml
  • namespaces/default/projects/doclet/components/nats/release-bindings/nats-development.yaml
  • namespaces/default/projects/doclet/components/nats/release-bindings/nats-staging.yaml
  • namespaces/default/projects/doclet/components/nats/releases/nats-20260223-1.yaml
  • namespaces/default/projects/doclet/components/nats/workload.yaml
  • namespaces/default/projects/doclet/components/postgres/component.yaml
  • namespaces/default/projects/doclet/components/postgres/release-bindings/postgres-development.yaml
  • namespaces/default/projects/doclet/components/postgres/release-bindings/postgres-staging.yaml
  • namespaces/default/projects/doclet/components/postgres/releases/postgres-20260223-1.yaml
  • namespaces/default/projects/doclet/components/postgres/workload.yaml
  • namespaces/default/projects/doclet/resources/nats.yaml
  • namespaces/default/projects/doclet/resources/postgres.yaml
💤 Files with no reviewable changes (10)
  • namespaces/default/projects/doclet/components/nats/release-bindings/nats-development.yaml
  • namespaces/default/projects/doclet/components/nats/workload.yaml
  • namespaces/default/projects/doclet/components/nats/component.yaml
  • namespaces/default/projects/doclet/components/postgres/release-bindings/postgres-development.yaml
  • namespaces/default/projects/doclet/components/postgres/releases/postgres-20260223-1.yaml
  • namespaces/default/projects/doclet/components/postgres/component.yaml
  • namespaces/default/projects/doclet/components/nats/release-bindings/nats-staging.yaml
  • namespaces/default/projects/doclet/components/postgres/workload.yaml
  • namespaces/default/projects/doclet/components/postgres/release-bindings/postgres-staging.yaml
  • namespaces/default/projects/doclet/components/nats/releases/nats-20260223-1.yaml
✅ Files skipped from review due to trivial changes (3)
  • namespaces/default/platform/workflows/docker-with-gitops-release.yaml
  • namespaces/default/projects/doclet/resources/postgres.yaml
  • namespaces/default/projects/doclet/bindings/development/nats.yaml
🚧 Files skipped from review as they are similar to previous changes (3)
  • namespaces/default/projects/doclet/components/collab-svc/workload.yaml
  • namespaces/default/projects/doclet/resources/nats.yaml
  • namespaces/default/projects/doclet/components/document-svc/workload.yaml

📝 Walkthrough

Walkthrough

Migrates doclet NATS and Postgres to managed resources with resource release bindings, rewires dependent workloads to the resources model, removes the old component-based manifests, and updates GitOps repository URLs in Flux and workflow templates.

Changes

Doclet resource migration

Layer / File(s) Summary
New Resource and ResourceReleaseBinding manifests
namespaces/default/projects/doclet/resources/nats.yaml, namespaces/default/projects/doclet/resources/postgres.yaml, namespaces/default/projects/doclet/bindings/development/nats.yaml, namespaces/default/projects/doclet/bindings/development/postgres.yaml
Adds doclet-nats and doclet-postgres resources and development bindings with retainPolicy: Delete and adminEnabled: false.
Workload dependency rewiring
namespaces/default/projects/doclet/components/collab-svc/workload.yaml, namespaces/default/projects/doclet/components/document-svc/workload.yaml
Replaces endpoint-based dependency wiring with resource-based bindings for NATS and Postgres, including explicit database env bindings.
Removed NATS component artifacts
namespaces/default/projects/doclet/components/nats/component.yaml, namespaces/default/projects/doclet/components/nats/workload.yaml, namespaces/default/projects/doclet/components/nats/releases/nats-20260223-1.yaml, namespaces/default/projects/doclet/components/nats/release-bindings/...
Deletes the NATS component, workload, release, and release binding manifests.
Removed Postgres component artifacts
namespaces/default/projects/doclet/components/postgres/component.yaml, namespaces/default/projects/doclet/components/postgres/workload.yaml, namespaces/default/projects/doclet/components/postgres/releases/postgres-20260223-1.yaml, namespaces/default/projects/doclet/components/postgres/release-bindings/...
Deletes the Postgres component, workload, release, and release binding manifests.

GitOps repository URL updates

Layer / File(s) Summary
GitOps repository URL alignment
flux/gitrepository.yaml, namespaces/default/platform/workflows/docker-with-gitops-release.yaml, namespaces/default/platform/workflows/google-cloud-buildpacks-gitops-release.yaml, namespaces/default/platform/workflows/react-gitops-release.yaml
Updates the Flux GitRepository and workflow gitops-repo-url values to https://github.com/kavix/sample-gitops.

Estimated code review effort: 2 (Simple) | ~10 minutes

Possibly related issues

🚥 Pre-merge checks | ✅ 5
✅ Passed checks (5 passed)
Check name Status Explanation
Title check ✅ Passed The title accurately summarizes the main change: migrating Doclet Postgres and NATS from components to resources.
Description check ✅ Passed The description follows the template and includes purpose, approach, related issues, checklist, and remarks.
Docstring Coverage ✅ Passed No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.
Linked Issues check ✅ Passed Check skipped because no linked issues were found for this pull request.
Out of Scope Changes check ✅ Passed Check skipped because no linked issues were found for this pull request.
✨ Finishing Touches
🧪 Generate unit tests (beta)
  • Create PR with unit tests

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

Comment @coderabbitai help to get the list of available commands.

@coderabbitai coderabbitai Bot left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Actionable comments posted: 2

🤖 Prompt for all review comments with AI agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

Inline comments:
In `@namespaces/default/projects/doclet/bindings/development/nats.yaml`:
- Around line 12-16: The shared development NATS binding currently enables the
unauthenticated admin `/varz` endpoint via
resourceTypeEnvironmentConfigs.adminEnabled, which should not be on by default.
Update this binding to keep adminEnabled disabled here and move any demo-only
exposure into a separate demo overlay or equivalent demo-specific config, using
the existing resourceTypeEnvironmentConfigs block as the place to adjust the
setting.

In `@namespaces/default/projects/doclet/bindings/development/postgres.yaml`:
- Around line 12-15: The development Postgres config currently enables the
gateway-exposed Adminer demo superuser, which should not be shipped in this
environment. Update the resourceTypeEnvironmentConfigs in postgres.yaml so
adminEnabled is disabled by default for development, and only allow it behind an
explicit, narrowly scoped opt-in if needed. Use the adminEnabled setting as the
main symbol to locate and change this behavior.
🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

  • Push a commit to this branch (recommended)
  • Create a new PR with the fixes

ℹ️ Review info
⚙️ Run configuration

Configuration used: defaults

Review profile: CHILL

Plan: Pro

Run ID: 5ac2465f-3c8e-4bf1-85cf-3e2e6cd58086

📥 Commits

Reviewing files that changed from the base of the PR and between 3bc6da5 and 4f125e3.

📒 Files selected for processing (16)
  • namespaces/default/projects/doclet/bindings/development/nats.yaml
  • namespaces/default/projects/doclet/bindings/development/postgres.yaml
  • namespaces/default/projects/doclet/components/collab-svc/workload.yaml
  • namespaces/default/projects/doclet/components/document-svc/workload.yaml
  • namespaces/default/projects/doclet/components/nats/component.yaml
  • namespaces/default/projects/doclet/components/nats/release-bindings/nats-development.yaml
  • namespaces/default/projects/doclet/components/nats/release-bindings/nats-staging.yaml
  • namespaces/default/projects/doclet/components/nats/releases/nats-20260223-1.yaml
  • namespaces/default/projects/doclet/components/nats/workload.yaml
  • namespaces/default/projects/doclet/components/postgres/component.yaml
  • namespaces/default/projects/doclet/components/postgres/release-bindings/postgres-development.yaml
  • namespaces/default/projects/doclet/components/postgres/release-bindings/postgres-staging.yaml
  • namespaces/default/projects/doclet/components/postgres/releases/postgres-20260223-1.yaml
  • namespaces/default/projects/doclet/components/postgres/workload.yaml
  • namespaces/default/projects/doclet/resources/nats.yaml
  • namespaces/default/projects/doclet/resources/postgres.yaml
💤 Files with no reviewable changes (10)
  • namespaces/default/projects/doclet/components/postgres/release-bindings/postgres-staging.yaml
  • namespaces/default/projects/doclet/components/nats/release-bindings/nats-staging.yaml
  • namespaces/default/projects/doclet/components/nats/component.yaml
  • namespaces/default/projects/doclet/components/postgres/component.yaml
  • namespaces/default/projects/doclet/components/postgres/release-bindings/postgres-development.yaml
  • namespaces/default/projects/doclet/components/postgres/releases/postgres-20260223-1.yaml
  • namespaces/default/projects/doclet/components/nats/workload.yaml
  • namespaces/default/projects/doclet/components/nats/release-bindings/nats-development.yaml
  • namespaces/default/projects/doclet/components/postgres/workload.yaml
  • namespaces/default/projects/doclet/components/nats/releases/nats-20260223-1.yaml

Comment thread namespaces/default/projects/doclet/bindings/development/nats.yaml Outdated
Comment thread namespaces/default/projects/doclet/bindings/development/postgres.yaml Outdated
@kavix kavix force-pushed the migrate-postgres-nats-to-resources branch from 40daef3 to 4f125e3 Compare June 30, 2026 12:22
…nd disable admin UIs by default in development

Signed-off-by: kavix <kavix@yahoo.com>
@kavix kavix force-pushed the migrate-postgres-nats-to-resources branch from c8ccd87 to 6b547c2 Compare June 30, 2026 12:29
@VajiraPrabuddhaka

Copy link
Copy Markdown
Contributor

@kavix Thanks for your contribution. Did you verify the full setup after this change? if not can you please follow the guide in https://openchoreo.dev/docs/next/platform-engineer-guide/gitops/using-flux-cd/#tutorial and verify the full setup with your changes?

@kavix

kavix commented Jul 2, 2026

Copy link
Copy Markdown
Author

@kavix Thanks for your contribution. Did you verify the full setup after this change? if not can you please follow the guide in https://openchoreo.dev/docs/next/platform-engineer-guide/gitops/using-flux-cd/#tutorial and verify the full setup with your changes?

@VajiraPrabuddhaka Yes! I couldn't run the full OpenChoreo platform setup locally (my machine only has 8GB RAM, so Docker runs out of memory during make e2e.setup E2E_WITH_BUILD=true).

However, to ensure the changes work, I spun up a lightweight k3d cluster and installed Flux CD to verify the GitOps flow directly. Flux successfully pulls the fork without authentication issues using the updated URLs.

Here is the verification output showing the successful repository sync:

$ kubectl apply -f flux/
gitrepository.source.toolkit.fluxcd.io/sample-gitops created
kustomization.kustomize.toolkit.fluxcd.io/namespaces created
$ kubectl get gitrepository -n flux-system
NAME            URL                                          READY   STATUS
sample-gitops   https://github.com/kavix/sample-gitops.git   True    stored artifact for revision 'main@sha1:3bc6da5c3ffc537d86be3149eb24ce3f1b489b85'

Let me know if you need anything else!

@kavix kavix force-pushed the migrate-postgres-nats-to-resources branch from 711184d to 6b547c2 Compare July 2, 2026 13:32
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

2 participants