From 6b0d4673a146b57b8dbd970726e9ae821567993e Mon Sep 17 00:00:00 2001
From: chgl <chgl@users.noreply.github.com>
Date: Sat, 24 Aug 2024 22:31:35 +0200
Subject: [PATCH] Updated helm chart dependencies (#724)

---
 .github/workflows/chart-test.yaml                      |  4 ++--
 charts/hapi-fhir-jpaserver/Chart.lock                  |  6 +++---
 charts/hapi-fhir-jpaserver/Chart.yaml                  | 10 ++++------
 charts/hapi-fhir-jpaserver/README.md                   |  8 ++++----
 charts/hapi-fhir-jpaserver/templates/deployment.yaml   |  2 +-
 .../templates/tests/test-endpoints.yaml                |  1 +
 charts/hapi-fhir-jpaserver/values.yaml                 |  7 +++----
 7 files changed, 18 insertions(+), 20 deletions(-)

diff --git a/.github/workflows/chart-test.yaml b/.github/workflows/chart-test.yaml
index a6daf0e..fd97356 100644
--- a/.github/workflows/chart-test.yaml
+++ b/.github/workflows/chart-test.yaml
@@ -15,7 +15,7 @@ jobs:
       - name: Install helm-docs
         working-directory: /tmp
         env:
-          HELM_DOCS_URL: https://github.com/norwoodj/helm-docs/releases/download/v1.13.0/helm-docs_1.13.0_Linux_x86_64.tar.gz
+          HELM_DOCS_URL: https://github.com/norwoodj/helm-docs/releases/download/v1.14.2/helm-docs_1.14.2_Linux_x86_64.tar.gz
         run: |
           curl -LSs $HELM_DOCS_URL | tar xz && \
           mv ./helm-docs /usr/local/bin/helm-docs && \
@@ -41,7 +41,7 @@ jobs:
     runs-on: ubuntu-22.04
     strategy:
       matrix:
-        k8s-version: [1.25.11, 1.26.6, 1.27.3, 1.28.0, 1.29.0]
+        k8s-version: [1.29.8, 1.30.4, 1.31.0]
     needs:
       - lint
     steps:
diff --git a/charts/hapi-fhir-jpaserver/Chart.lock b/charts/hapi-fhir-jpaserver/Chart.lock
index ff1845e..a0b19f1 100644
--- a/charts/hapi-fhir-jpaserver/Chart.lock
+++ b/charts/hapi-fhir-jpaserver/Chart.lock
@@ -1,6 +1,6 @@
 dependencies:
 - name: postgresql
   repository: oci://registry-1.docker.io/bitnamicharts
-  version: 14.3.1
-digest: sha256:fb1d56a00b544bb2ad5691553cadf6384f499652acb9ff5ad625ef36a1b8979e
-generated: "2024-03-10T14:43:22.395381351+01:00"
+  version: 15.5.22
+digest: sha256:513750151f1497acfe6ba07fb1833b8d945ca19094f83018d34b339b666a2d56
+generated: "2024-08-18T18:30:23.392457144+02:00"
diff --git a/charts/hapi-fhir-jpaserver/Chart.yaml b/charts/hapi-fhir-jpaserver/Chart.yaml
index e990983..6c974dc 100644
--- a/charts/hapi-fhir-jpaserver/Chart.yaml
+++ b/charts/hapi-fhir-jpaserver/Chart.yaml
@@ -7,11 +7,11 @@ sources:
   - https://github.com/hapifhir/hapi-fhir-jpaserver-starter
 dependencies:
   - name: postgresql
-    version: 14.3.1
+    version: 15.5.22
     repository: oci://registry-1.docker.io/bitnamicharts
     condition: postgresql.enabled
 appVersion: 7.2.0
-version: 0.17.0
+version: 0.17.1
 annotations:
   artifacthub.io/license: Apache-2.0
   artifacthub.io/containsSecurityUpdates: "false"
@@ -24,8 +24,6 @@ annotations:
     # When using the list of objects option the valid supported kinds are
     # added, changed, deprecated, removed, fixed, and security.
     - kind: changed
-      description: updated starter image to v7.2.0
+      description: updated curlimages/curl to 8.9.1
     - kind: changed
-      description: updated curlimages/curl to 8.6.0
-    - kind: changed
-      description: "updated postgresql sub-chart to 14.3.1."
+      description: "updated postgresql sub-chart to 15.5.22."
diff --git a/charts/hapi-fhir-jpaserver/README.md b/charts/hapi-fhir-jpaserver/README.md
index 0f95585..439def9 100644
--- a/charts/hapi-fhir-jpaserver/README.md
+++ b/charts/hapi-fhir-jpaserver/README.md
@@ -1,6 +1,6 @@
 # HAPI FHIR JPA Server Starter Helm Chart
 
-![Version: 0.17.0](https://img.shields.io/badge/Version-0.17.0-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 7.2.0](https://img.shields.io/badge/AppVersion-7.2.0-informational?style=flat-square)
+![Version: 0.17.1](https://img.shields.io/badge/Version-0.17.1-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 7.2.0](https://img.shields.io/badge/AppVersion-7.2.0-informational?style=flat-square)
 
 This helm chart will help you install the HAPI FHIR JPA Server in a Kubernetes environment.
 
@@ -15,7 +15,7 @@ helm install hapi-fhir-jpaserver hapifhir/hapi-fhir-jpaserver
 
 | Repository | Name | Version |
 |------------|------|---------|
-| oci://registry-1.docker.io/bitnamicharts | postgresql | 14.3.1 |
+| oci://registry-1.docker.io/bitnamicharts | postgresql | 15.5.22 |
 
 ## Values
 
@@ -57,7 +57,6 @@ helm install hapi-fhir-jpaserver hapifhir/hapi-fhir-jpaserver
 | postgresql.auth.database | string | `"fhir"` | name for a custom database to create |
 | postgresql.auth.existingSecret | string | `""` | Name of existing secret to use for PostgreSQL credentials `auth.postgresPassword`, `auth.password`, and `auth.replicationPassword` will be ignored and picked up from this secret The secret must contain the keys `postgres-password` (which is the password for "postgres" admin user), `password` (which is the password for the custom user to create when `auth.username` is set), and `replication-password` (which is the password for replication user). The secret might also contains the key `ldap-password` if LDAP is enabled. `ldap.bind_password` will be ignored and picked from this secret in this case. The value is evaluated as a template. |
 | postgresql.enabled | bool | `true` | enable an included PostgreSQL DB. see <https://github.com/bitnami/charts/tree/master/bitnami/postgresql> for details if set to `false`, the values under `externalDatabase` are used |
-| postgresql.primary.containerSecurityContext.readOnlyRootFilesystem | bool | `true` |  |
 | replicaCount | int | `1` | number of replicas to deploy |
 | resources | object | `{}` | configure the FHIR server's resource requests and limits |
 | securityContext.allowPrivilegeEscalation | bool | `false` |  |
@@ -74,6 +73,7 @@ helm install hapi-fhir-jpaserver hapifhir/hapi-fhir-jpaserver
 | serviceAccount.automount | bool | `true` | Automatically mount a ServiceAccount's API credentials? |
 | serviceAccount.create | bool | `false` | Specifies whether a service account should be created. |
 | serviceAccount.name | string | `""` | The name of the service account to use. If not set and create is true, a name is generated using the fullname template |
+| tests.automountServiceAccountToken | bool | `false` | whether the service account token should be auto-mounted for the test pods |
 | tests.resources | object | `{}` | configure the test pods resource requests and limits |
 | tolerations | list | `[]` | pod tolerations |
 | topologySpreadConstraints | list | `[]` | pod topology spread configuration see: https://kubernetes.io/docs/concepts/workloads/pods/pod-topology-spread-constraints/#api |
@@ -140,4 +140,4 @@ kubectl port-forward -n observability service/simplest-query 16686:16686
 and opening <http://localhost:16686/> in your browser.
 
 ----------------------------------------------
-Autogenerated from chart metadata using [helm-docs v1.13.0](https://github.com/norwoodj/helm-docs/releases/v1.13.0)
+Autogenerated from chart metadata using [helm-docs v1.14.2](https://github.com/norwoodj/helm-docs/releases/v1.14.2)
diff --git a/charts/hapi-fhir-jpaserver/templates/deployment.yaml b/charts/hapi-fhir-jpaserver/templates/deployment.yaml
index fac0f60..c91ce03 100644
--- a/charts/hapi-fhir-jpaserver/templates/deployment.yaml
+++ b/charts/hapi-fhir-jpaserver/templates/deployment.yaml
@@ -31,7 +31,7 @@ spec:
         {{- toYaml .Values.podSecurityContext | nindent 8 }}
       initContainers:
         - name: wait-for-db-to-be-ready
-          image: docker.io/bitnami/postgresql:16.2.0-debian-12-r6@sha256:ea55532b6f75afbc97f617d91ec5efae17609c8eb825a31845fa9cb9e4aa13e1
+          image: docker.io/bitnami/postgresql:16.4.0-debian-12-r1@sha256:fb3d0a34e7b9f3e59442aa1fa2e6377857147c09ae754ddd5d4bb3fc0dd137da
           imagePullPolicy: IfNotPresent
           {{- with .Values.restrictedContainerSecurityContext }}
           securityContext:
diff --git a/charts/hapi-fhir-jpaserver/templates/tests/test-endpoints.yaml b/charts/hapi-fhir-jpaserver/templates/tests/test-endpoints.yaml
index bd81c4a..d2e4630 100644
--- a/charts/hapi-fhir-jpaserver/templates/tests/test-endpoints.yaml
+++ b/charts/hapi-fhir-jpaserver/templates/tests/test-endpoints.yaml
@@ -9,6 +9,7 @@ metadata:
     "helm.sh/hook": test
 spec:
   restartPolicy: Never
+  automountServiceAccountToken: {{ .Values.tests.automountServiceAccountToken }}
   containers:
     - name: test-metadata-endpoint
       image: "{{ .Values.curl.image.registry }}/{{ .Values.curl.image.repository }}:{{ .Values.curl.image.tag }}"
diff --git a/charts/hapi-fhir-jpaserver/values.yaml b/charts/hapi-fhir-jpaserver/values.yaml
index 98f6f14..0e2d882 100644
--- a/charts/hapi-fhir-jpaserver/values.yaml
+++ b/charts/hapi-fhir-jpaserver/values.yaml
@@ -109,9 +109,6 @@ postgresql:
   # see <https://github.com/bitnami/charts/tree/master/bitnami/postgresql> for details
   # if set to `false`, the values under `externalDatabase` are used
   enabled: true
-  primary:
-    containerSecurityContext:
-      readOnlyRootFilesystem: true
   auth:
     # -- name for a custom database to create
     database: "fhir"
@@ -234,9 +231,11 @@ curl:
   image:
     registry: docker.io
     repository: curlimages/curl
-    tag: 8.6.0@sha256:c3b8bee303c6c6beed656cfc921218c529d65aa61114eb9e27c62047a1271b9b
+    tag: 8.9.1@sha256:8addc281f0ea517409209f76832b6ddc2cabc3264feb1ebbec2a2521ffad24e4
 
 tests:
+  # -- whether the service account token should be auto-mounted for the test pods
+  automountServiceAccountToken: false
   # -- configure the test pods resource requests and limits
   resources: {}
   # limits: