From 88d855d92ee80aa953b5aea70782c6bedd269cf3 Mon Sep 17 00:00:00 2001
From: git_admin <gitea@local.domain>
Date: Mon, 27 Apr 2026 12:39:09 +0000
Subject: [PATCH] chart: PVC whenDeleted=Delete (no more leaked pgdata on
 instance delete)

---
 templates/postgres-statefulset.yaml | 11 +++++++++++
 1 file changed, 11 insertions(+)

diff --git a/templates/postgres-statefulset.yaml b/templates/postgres-statefulset.yaml
index 716a16f..52a5111 100644
--- a/templates/postgres-statefulset.yaml
+++ b/templates/postgres-statefulset.yaml
@@ -7,6 +7,17 @@ metadata:
 spec:
   serviceName: {{ include "instance.fullname" . }}-pg
   replicas: 1
+  # When the StatefulSet is deleted (e.g. ArgoCD prunes the
+  # Application after an instance is deleted from Tower), drop the
+  # PVCs too. Without this, K8s preserves the PVC for "data safety"
+  # — but in v3's model an instance delete IS a clean wipe, and
+  # leaking the PVC means a same-named recreate mounts the old PG
+  # data dir whose pg_authid carries the previous password. db-init
+  # then fails password auth even though the new K8s Secret has the
+  # correct hash. Setting Delete here prevents that whole class.
+  persistentVolumeClaimRetentionPolicy:
+    whenDeleted: Delete
+    whenScaled: Retain
   selector:
     matchLabels:
       app.kubernetes.io/instance: {{ .Values.instance.code | quote }}