feat: remove wait-for-postgres init container from jobs (#586)

mridang · web-flow · commit c3d68add8860 · 2026-04-15T09:52:42.000+05:30
diff --git a/charts/zitadel/Chart.yaml b/charts/zitadel/Chart.yaml
@@ -3,7 +3,7 @@ name: zitadel
 description: A Helm chart for ZITADEL
 type: application
 appVersion: v4.13.0
-version: 9.30.0
+version: 9.31.0
 kubeVersion: '>= 1.30.0-0'
 home: https://zitadel.com
 sources:
diff --git a/charts/zitadel/README.md b/charts/zitadel/README.md
@@ -2,7 +2,7 @@
 
 # Zitadel
 
-![Version: 9.30.0](https://img.shields.io/badge/Version-9.30.0-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: v4.13.0](https://img.shields.io/badge/AppVersion-v4.13.0-informational?style=flat-square)
+![Version: 9.31.0](https://img.shields.io/badge/Version-9.31.0-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: v4.13.0](https://img.shields.io/badge/AppVersion-v4.13.0-informational?style=flat-square)
 
 ## A Better Identity and Access Management Solution
 
@@ -382,9 +382,6 @@ Kubernetes: `>= 1.30.0-0`
 | startupProbe.failureThreshold | int | `30` | Number of consecutive failures before marking startup as failed and restarting the container. With periodSeconds=1 and failureThreshold=30, the container has 30 seconds to start. |
 | startupProbe.periodSeconds | int | `1` | How often (in seconds) to perform the startup check. |
 | tolerations | []Toleration | `[]` | Tolerations allow pods to be scheduled on nodes with matching taints. Taints are used to repel pods from nodes; tolerations allow exceptions. Ref: https://kubernetes.io/docs/concepts/scheduling-eviction/taint-and-toleration/ |
-| tools.busybox.image.pullPolicy | string | `""` | Image pull policy. Defaults to the Kubernetes default for the given tag. |
-| tools.busybox.image.repository | string | `"busybox"` | The image repository for busybox. |
-| tools.busybox.image.tag | string | `"1.37"` | The busybox image tag. |
 | tools.kubectl.image.pullPolicy | string | `""` | The pull policy for the kubectl image. If left empty, Kubernetes applies its default policy depending on whether the tag is mutable or fixed. |
 | tools.kubectl.image.repository | string | `"alpine/k8s"` | The name of the image repository that contains the kubectl image. The chart automatically prepends the registry (docker.io by default) for compatibility with CRI-O v1.34+ which enforces fully qualified names. |
 | tools.kubectl.image.tag | string | `""` | The image tag to use for the kubectl image. It should be left empty to automatically default to the Kubernetes cluster version |
diff --git a/charts/zitadel/templates/job_init.yaml b/charts/zitadel/templates/job_init.yaml
@@ -34,23 +34,8 @@ spec:
         {{- toYaml .Values.podSecurityContext | nindent 8 }}
       enableServiceLinks: false
       restartPolicy: Never
-      {{- if or .Values.postgresql.enabled .Values.zitadel.initContainers .Values.initJob.initContainers }}
+      {{- if or .Values.zitadel.initContainers .Values.initJob.initContainers }}
       initContainers:
-      {{- if .Values.postgresql.enabled }}
-        - name: wait-for-postgresql
-          image: {{ .Values.tools.busybox.image.repository }}:{{ .Values.tools.busybox.image.tag }}
-          command:
-            - sh
-            - -c
-            - |
-              TIMEOUT=300; elapsed=0
-              until nc -z {{ include "zitadel.postgresqlHost" . }} 5432; do
-                if [ "$elapsed" -ge "$TIMEOUT" ]; then
-                  echo "ERROR: timed out waiting for postgresql after ${TIMEOUT}s"; exit 1
-                fi
-                echo "waiting for postgresql... (${elapsed}s elapsed)"; sleep 2; elapsed=$((elapsed + 2))
-              done
-      {{- end }}
       {{- with .Values.zitadel.initContainers }}
         {{- toYaml . | nindent 8 }}
       {{- end }}
@@ -114,6 +99,8 @@ spec:
             - name: ZITADEL_DATABASE_{{ $dbEnv }}_USER_SSL_KEY
               value: /db-ssl-user-crt/tls.key
             {{- end}}
+            - name: ZITADEL_DATABASE_{{ $dbEnv }}_AWAITINITIALCONN
+              value: "5m"
             {{- with .Values.env }}
               {{- toYaml . | nindent 12 }}
             {{- end }}
diff --git a/charts/zitadel/templates/job_setup.yaml b/charts/zitadel/templates/job_setup.yaml
@@ -49,23 +49,8 @@ spec:
         {{- toYaml .Values.podSecurityContext | nindent 8 }}
       enableServiceLinks: false
       restartPolicy: Never
-      {{- if or .Values.postgresql.enabled .Values.zitadel.initContainers .Values.setupJob.initContainers }}
+      {{- if or .Values.zitadel.initContainers .Values.setupJob.initContainers }}
       initContainers:
-      {{- if .Values.postgresql.enabled }}
-        - name: wait-for-postgresql
-          image: {{ .Values.tools.busybox.image.repository }}:{{ .Values.tools.busybox.image.tag }}
-          command:
-            - sh
-            - -c
-            - |
-              TIMEOUT=300; elapsed=0
-              until nc -z {{ include "zitadel.postgresqlHost" . }} 5432; do
-                if [ "$elapsed" -ge "$TIMEOUT" ]; then
-                  echo "ERROR: timed out waiting for postgresql after ${TIMEOUT}s"; exit 1
-                fi
-                echo "waiting for postgresql... (${elapsed}s elapsed)"; sleep 2; elapsed=$((elapsed + 2))
-              done
-      {{- end }}
       {{- with .Values.zitadel.initContainers }}
         {{- toYaml . | nindent 8 }}
       {{- end }}
@@ -137,6 +122,8 @@ spec:
             - name: ZITADEL_DATABASE_{{ $dbEnv }}_USER_SSL_KEY
               value: /db-ssl-user-crt/tls.key
             {{- end}}
+            - name: ZITADEL_DATABASE_{{ $dbEnv }}_AWAITINITIALCONN
+              value: "5m"
             {{- with .Values.env }}
               {{- toYaml . | nindent 12 }}
             {{- end }}
diff --git a/charts/zitadel/values.schema.json b/charts/zitadel/values.schema.json
@@ -1434,28 +1434,6 @@
         "tools": {
             "type": "object",
             "properties": {
-                "busybox": {
-                    "type": "object",
-                    "properties": {
-                        "image": {
-                            "type": "object",
-                            "properties": {
-                                "pullPolicy": {
-                                    "description": "Image pull policy. Defaults to the Kubernetes default for the given tag.",
-                                    "type": "string"
-                                },
-                                "repository": {
-                                    "description": "The image repository for busybox.",
-                                    "type": "string"
-                                },
-                                "tag": {
-                                    "description": "The busybox image tag.",
-                                    "type": "string"
-                                }
-                            }
-                        }
-                    }
-                },
                 "kubectl": {
                     "type": "object",
                     "properties": {
diff --git a/charts/zitadel/values.yaml b/charts/zitadel/values.yaml
@@ -1395,17 +1395,6 @@ tools:
       #   cpu: 50m
       #   memory: 32Mi
 
-  # Configuration for the busybox image used by the wait-for-postgresql initContainer.
-  # Override when running in air-gapped or restricted-registry environments.
-  busybox:
-    image:
-      # -- The image repository for busybox.
-      repository: "busybox"
-      # -- The busybox image tag.
-      tag: "1.37"
-      # -- Image pull policy. Defaults to the Kubernetes default for the given tag.
-      pullPolicy: ""
-
   # Configuration for the kubectl helper image used by init containers and jobs
   # for lightweight Kubernetes API operations. This image is used by the setup
   # job's machinekey containers and the cleanup job.
