fix(pvc): prevent PV rebinding on upgrade and fix missing annotations block

[fatmcgav]

Add helm.sh/resource-policy: keep unconditionally so the PVC survives
helm uninstall, fix the annotations block which was previously absent when
no custom annotations were set, and use lookup to pin volumeName on
upgrades to prevent the PVC from being re-bound to a different PV.

Also add some test coverage.

Fixes #74

Summary by CodeRabbit

Release Notes

• New Features

  • Enhanced persistent volume handling with automatic detection and preservation of existing volume bindings
  • Added resource protection annotation to prevent accidental data loss during updates

• Tests

  • Added validation tests for persistence annotations and resource protection behavior

[coderabbitai]

Warning

Rate limit exceeded

@fatmcgav has exceeded the limit for the number of commits that can be reviewed per hour. Please wait 52 minutes and 46 seconds before requesting another review.

Your organization is not enrolled in usage-based pricing. Contact your admin to enable usage-based pricing to continue reviews beyond the rate limit, or try again in 52 minutes and 46 seconds.

⌛ How to resolve this issue?

After the wait time has elapsed, a review can be triggered using the @coderabbitai review command as a PR comment. Alternatively, push new commits to this PR.

We recommend that you space out your commits to avoid hitting the rate limit.

🚦 How do rate limits work?

CodeRabbit enforces hourly rate limits for each developer per organization.

Our paid plans have higher rate limits than the trial, open-source and free plans. In all cases, we re-allow further reviews after a brief timeout.

Please see our FAQ for further information.

ℹ️ Review info

⚙️ Run configuration

Configuration used: Organization UI

Review profile: CHILL

Plan: Pro

Run ID: 95b38f6d-fa7b-4109-a7d6-0114bec015cf

📥 Commits

Reviewing files that changed from the base of the PR and between 1b6e36f and f4b119c.

📒 Files selected for processing (1)

• charts/sourcebot/templates/pvc.yaml

Walkthrough

The PVC template now includes a helm.sh/resource-policy: keep annotation to prevent Helm from replacing the PVC during upgrades. User-specified persistence annotations are preserved, and the template attempts to preserve existing volume bindings. Tests validate annotation rendering behavior.

Changes

Cohort / File(s)	Summary
PVC Template Implementation charts/sourcebot/templates/pvc.yaml	Added helm.sh/resource-policy: keep annotation to prevent PVC replacement during Helm upgrades. Preserved conditional rendering of user-specified persistence annotations. Attempts to preserve existing volume bindings by querying prior PersistentVolumeClaim resources.
PVC Template Tests charts/sourcebot/tests/basic_test.yaml	Added test coverage for PVC annotation behavior, verifying that helm.sh/resource-policy annotation is always present with value "keep" and that user-provided annotations are correctly rendered alongside the resource policy annotation.

Estimated code review effort

🎯 2 (Simple) | ⏱️ ~10 minutes

🚥 Pre-merge checks | ✅ 5

✅ Passed checks (5 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title check	✅ Passed	The title accurately describes the main changes: adding resource-policy annotation and fixing the missing annotations block syntax.
Linked Issues check	✅ Passed	The PR fully implements the objectives from issue #74: adds helm.sh/resource-policy: keep annotation to prevent PVC replacement, fixes annotations block syntax, uses lookup to preserve volumeName on upgrades, and includes test coverage.
Out of Scope Changes check	✅ Passed	All changes are directly related to resolving issue #74: PVC template modifications and test additions are within scope.
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[coderabbitai]

Caution

Some comments are outside the diff and can’t be posted inline due to platform limitations.

⚠️ Outside diff range comments (1)

charts/sourcebot/templates/pvc.yaml (1)

24-34: ⚠️ Potential issue | 🔴 Critical

Critical: volumeName pinning is dead code for default installations.

The volumeName lookup block (lines 30–32) is nested inside the {{- if .Values.sourcebot.persistence.storageClass }} guard opened on line 24 and closed on line 33. Since sourcebot.persistence.storageClass defaults to "" (empty string, falsy — see charts/sourcebot/values.yaml), the lookup will be skipped on the default path and the PVC will render without volumeName, defeating the primary objective of this PR (issue #74). It only takes effect when a user explicitly sets a storage class.

Move the volumeName block outside the storageClass conditional.

🛠️ Proposed fix

   {{- if .Values.sourcebot.persistence.storageClass }}
   {{- if (eq "-" .Values.sourcebot.persistence.storageClass) }}
   storageClassName: ""
   {{- else }}
   storageClassName: {{ .Values.sourcebot.persistence.storageClass }}
   {{- end }}
-  {{- if (lookup "v1" "PersistentVolumeClaim" $.Release.Namespace $volumeName) }}
-  volumeName: {{ (lookup "v1" "PersistentVolumeClaim" $.Release.Namespace $volumeName).spec.volumeName }}
-  {{- end }}
   {{- end }}
+  {{- $existingPvc := lookup "v1" "PersistentVolumeClaim" $.Release.Namespace $volumeName }}
+  {{- if and $existingPvc $existingPvc.spec.volumeName }}
+  volumeName: {{ $existingPvc.spec.volumeName }}
+  {{- end }}

Notes incorporated in the diff:

• Caches the lookup result instead of calling it twice on consecutive lines.
• Guards on $existingPvc.spec.volumeName being non-empty, otherwise a pending/unbound PVC would render volumeName: with an empty value and break the spec.

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In `@charts/sourcebot/templates/pvc.yaml` around lines 24 - 34, The volumeName
lookup block is incorrectly nested inside the storageClass guard so it never
runs when .Values.sourcebot.persistence.storageClass is empty; move the
lookup/volumeName logic out of the {{- if
.Values.sourcebot.persistence.storageClass }}...{{- end }} block so it always
executes, use lookup("v1","PersistentVolumeClaim",$
.Release.Namespace,$volumeName) once and store it in a variable (e.g.
$existingPvc) instead of calling lookup twice, and only render volumeName: {{
$existingPvc.spec.volumeName }} when $existingPvc and
$existingPvc.spec.volumeName are non-empty to avoid emitting an empty volumeName
field.

🧹 Nitpick comments (1)

charts/sourcebot/templates/pvc.yaml (1)

2-2: Rename $volumeName — it holds the PVC name, not a volume name.

$volumeName is computed as <fullname>-data and is used as the PVC name passed to lookup "v1" "PersistentVolumeClaim" .... The actual PV name is read from .spec.volumeName of that PVC. Renaming improves readability and avoids confusion when the block is revisited.

✏️ Proposed rename

-{{- $volumeName := printf "%s-%s" (include "sourcebot.fullname" .) "data" -}}
+{{- $pvcName := printf "%s-%s" (include "sourcebot.fullname" .) "data" -}}

…and update the lookup references accordingly.

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In `@charts/sourcebot/templates/pvc.yaml` at line 2, The variable $volumeName is
misnamed — it actually holds the PVC name computed as printf "%s-%s" (include
"sourcebot.fullname" .) "data"; rename it to something like $pvcName across the
template (in charts/sourcebot/templates/pvc.yaml) and update every usage,
specifically the lookup call lookup "v1" "PersistentVolumeClaim" ... that
expects the PVC name, while the actual PV name remains .spec.volumeName; ensure
all references formerly using $volumeName are changed to $pvcName for clarity.

🤖 Prompt for all review comments with AI agents

Verify each finding against the current code and only fix it if needed.

Outside diff comments:
In `@charts/sourcebot/templates/pvc.yaml`:
- Around line 24-34: The volumeName lookup block is incorrectly nested inside
the storageClass guard so it never runs when
.Values.sourcebot.persistence.storageClass is empty; move the lookup/volumeName
logic out of the {{- if .Values.sourcebot.persistence.storageClass }}...{{- end
}} block so it always executes, use lookup("v1","PersistentVolumeClaim",$
.Release.Namespace,$volumeName) once and store it in a variable (e.g.
$existingPvc) instead of calling lookup twice, and only render volumeName: {{
$existingPvc.spec.volumeName }} when $existingPvc and
$existingPvc.spec.volumeName are non-empty to avoid emitting an empty volumeName
field.

---

Nitpick comments:
In `@charts/sourcebot/templates/pvc.yaml`:
- Line 2: The variable $volumeName is misnamed — it actually holds the PVC name
computed as printf "%s-%s" (include "sourcebot.fullname" .) "data"; rename it to
something like $pvcName across the template (in
charts/sourcebot/templates/pvc.yaml) and update every usage, specifically the
lookup call lookup "v1" "PersistentVolumeClaim" ... that expects the PVC name,
while the actual PV name remains .spec.volumeName; ensure all references
formerly using $volumeName are changed to $pvcName for clarity.

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: Organization UI

Review profile: CHILL

Plan: Pro

Run ID: abdc00d1-a6db-4e87-abf8-983ef8eb677f

📥 Commits

Reviewing files that changed from the base of the PR and between 5fcd99d and 1b6e36f.

📒 Files selected for processing (2)

• charts/sourcebot/templates/pvc.yaml
• charts/sourcebot/tests/basic_test.yaml

[fatmcgav]

@brendan-kellam If you can take a look at this one would appreciate it, as the Helm release failure is our last deployment niggle 😄