---
apiVersion: helm.toolkit.fluxcd.io/v2
kind: HelmRelease
metadata:
  name: cloudnative-pg
  namespace: postgresql-system
spec:
  interval: 5m
  chart:
    spec:
      chart: cloudnative-pg
      version: ">=0.20.0"
      sourceRef:
        kind: HelmRepository
        name: cnpg-repo
        namespace: postgresql-system
      interval: 1m
  values:
    # Operator configuration
    operator:
      resources:
        requests:
          cpu: 100m
          memory: 200Mi
        limits:
          cpu: 500m
          memory: 500Mi
    
    # Enable webhook for better cluster management
    webhook:
      enabled: true
      resources:
        requests:
          cpu: 50m
          memory: 100Mi
        limits:
          cpu: 200m
          memory: 200Mi
      # Fix webhook certificate trust issue via cert-manager CA injection
      validatingWebhookConfiguration:
        annotations:
          cert-manager.io/inject-apiserver-ca: "true"
      mutatingWebhookConfiguration:
        annotations:
          cert-manager.io/inject-apiserver-ca: "true"
    
    # Monitoring configuration (for future OpenObserve integration)
    monitoring:
      enabled: true
      createPodMonitor: true
    
    # Allow scheduling on control plane nodes
    tolerations:
    - effect: NoSchedule
      key: node-role.kubernetes.io/control-plane
      operator: Exists