apiVersion: apps/v1
kind: StatefulSet
metadata:
  name: app
spec:
  template:
    spec:
      securityContext:
        fsGroup: 999
      containers:
        - name: postgres
          image: postgres:17.4
          ports:
            - name: postgres
              containerPort: 5432
              protocol: TCP
          volumeMounts:
            - mountPath: /var/lib/postgresql/data
              name: postgres-data
              subPath: "data"
          env:
            - name: POSTGRES_USER
              value: postgres
            - name: POSTGRES_PASSWORD
              valueFrom:
                secretKeyRef:
                  key: ROOT_PASSWORD
                  name: postgres-secrets
          startupProbe:
            exec:
              command:
                - /bin/sh
                - -c
                - exec pg_isready -U ${POSTGRES_USER}
          livenessProbe:
            exec:
              command:
                - /bin/sh
                - -c
                - exec pg_isready -U ${POSTGRES_USER}
          readinessProbe:
            exec:
              command:
                - /bin/sh
                - -c
                - exec pg_isready -U ${POSTGRES_USER}