Add built-in PostgreSQL & fix Redis security context

[Adri3nParra]

Salut,

Je propose l'ajout d'un PostgreSQL StatefulSet built-in.

PostgreSQL
Ajout de statefulset-psql.yaml : déploie un StatefulSet PostgreSQL + Service + PVC lorsque postgresql.deploy: true. Utile pour les environnements sans base externe. Désactivé par défaut, donc aucun impact sur les installations existantes.

Redis
Templating des resource requests/limits, je pense qu'il s'agissait d'un oubli. Sans ça, les policies d'admission qui forcent des resource constraints rejettent le pod.

Backend
Ajout d'un init container pour éviter la race condition quand PostgreSQL n'est pas encore prêt, ce qui évite les CrashLoopBackoffs au démarrage.

Merci pour votre travail sur Plumber !

-- EN --

Hi,

I'd like to propose a PR adding a built-in PostgreSQL StatefulSet.

PostgreSQL

Added statefulset-psql.yaml: deploys a PostgreSQL StatefulSet + Service + PVC when postgresql.deploy: true. Useful for environments without an external database. Disabled by default, so no impact on existing installations.

Redis
Templated resources requests/limits, I believe this was an oversight. Without it, admission policies that enforce resource constraints will reject the pod.

Backend
Added an init container to avoid the race condition when PostgreSQL isn't ready yet, preventing CrashLoopBackoffs on startup.

Thanks for your work on Plumber!

[thomasboni]

Hello @Adri3nParra, thanks a lot for this PR!

We are going to review and test it in the following days.

Are you using the platform?

[Adri3nParra]

Yes, I’m mainly testing it on the freemium version at the moment. I’m already using the GitLab Plumber component, which works perfectly.

Regarding Platform, I’ve deployed it on one of my company’s clusters, and at least on my side, everything is working well.

The templates are also nice, and the small Ask AI feature is really cool. Also, being able to fix issues directly from the UI using a gitlab token with some rights is really useful. We’re currently testing it on a few projects.

[thomasboni]

@Adri3nParra Nice, I'm happy to read this ! If you have any questions or remarks, let me know. I would love as well to hear your feedback on the platform usage if you're up to it :)

I've reviewed the PR and it's great ! Everything is good to me. To be able to merge, I need 3 actions from your side:

• Rebase on current main
• Reword your commit by following conventional commit (see examples in history: https://github.com/getplumber/platform/commits/main/)
• Bump the patch version of both version and appVersion (we are currently releasing both of them at the same value to simplify the process)

[Adri3nParra]

Hi, thanks for the review!

I've addressed the 3 points:

• Rebased on current main.
• Reworded the commit to feat(chart): add psql StatefulSet for no external database and template redis resources.
• Bumped both version and appVersion to 1.3.5.

Regarding platform feedback: I've only just set it up so I don't have enough hindsight yet. That said, Plumber on the CI/CD side is already integrated into our templating workflow — I had to tweak a few rules to align with our git policy.

On another note, we're working towards ISO 27001 certification, and I'm planning to present the web UI dashboard/reporting side to our CTO/CISO (DSI/RSSI maybe bad translation from french to english) to see if it could fit our governance needs. I'll keep you posted!

Let me know if anything else needs adjusting.

[thomasboni]

Everything is good :) Thanks again for your contribution !

[coconux3]

On another note, we're working towards ISO 27001 certification, and I'm planning to present the web UI dashboard/reporting side to our CTO/CISO (DSI/RSSI maybe bad translation from french to english) to see if it could fit our governance needs. I'll keep you posted!

Hi @Adri3nParra
Thanks a lot for the contribution.
Really cool to hear that Plumber is already integrated into your templating workflow on the CI/CD side.
Regarding ISO 27001 and the conversation with your CTO/CISO: it's a great direction. CI/CD compliance is still a blind spot for many security teams, so they will likely love your initiative.
If it can help, here are 2 testimonials from companies that needed to align with ISO 27001 and shared how Plumber helped them get there:

• https://getplumber.io/blog/fdi-use-case
• https://getplumber.io/blog/numspot-use-case

Hope this helps, and happy to answer any questions if your team digs in.
Aurel