Add postgres chart for helm deployment

Remove mariadb helm chart

Issue-ID: POLICY-5252
Signed-off-by: rameshiyer27 <ramesh.murugan.iyer@est.tech>
Change-Id: I84307deb5e5a93dd50078d768673d4f02171653c

39 files changed, 404 insertions, 1450 deletions

diff --git a/compose/config/xacml-pdp/xacml-postgres.properties b/compose/config/xacml-pdp/xacml-postgres.properties
index a3446c4c..4dc66bfd 100644
--- a/compose/config/xacml-pdp/xacml-postgres.properties
+++ b/compose/config/xacml-pdp/xacml-postgres.properties
@@ -47,8 +47,8 @@ xacml.pip.engines=count-recent-operations,get-operation-outcome
 #
 # JPA Properties
 #
-eclipselink.target-database=PostgreSQL
 jakarta.persistence.jdbc.driver=org.postgresql.Driver
 jakarta.persistence.jdbc.url=jdbc:postgresql://postgres:5432/operationshistory
 jakarta.persistence.jdbc.user=policy_user
 jakarta.persistence.jdbc.password=policy_user
+
diff --git a/helm/policy/Chart.yaml b/helm/policy/Chart.yaml
index 8caccf55..d3d268ac 100755..100644
--- a/helm/policy/Chart.yaml
+++ b/helm/policy/Chart.yaml
@@ -1,4 +1,4 @@
-# Copyright © 2022-2024 Nordix Foundation
+# Copyright © 2022-2025 Nordix Foundation
 #
 # Modifications Copyright © 2024 Deutsche Telekom
 #
@@ -8,6 +8,7 @@
 #
 #       http://www.apache.org/licenses/LICENSE-2.0
 #
+#       SPDX-License-Identifier: Apache-2.0
 # Unless required by applicable law or agreed to in writing, software
 # distributed under the License is distributed on an "AS IS" BASIS,
 # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
@@ -20,10 +21,10 @@ name: policy
 version: 11.0.1
 
 dependencies:
-  - name: mariadb-galera
+  - name: postgres
     version: ~11.x-0
-    repository: 'file://components/mariadb-galera'
-    condition: mariadb-galera.enabled
+    repository: 'file://components/postgres'
+    condition: postgres.enabled
   - name: policy-clamp-ac-k8s-ppnt
     version: ~11.x-0
     repository: 'file://components/policy-clamp-ac-k8s-ppnt'
diff --git a/helm/policy/components/mariadb-galera/.helmignore b/helm/policy/components/mariadb-galera/.helmignore
deleted file mode 100644
index f0c13194..00000000
--- a/helm/policy/components/mariadb-galera/.helmignore
+++ /dev/null
@@ -1,21 +0,0 @@
-# Patterns to ignore when building packages.
-# This supports shell glob matching, relative path matching, and
-# negation (prefixed with !). Only one pattern per line.
-.DS_Store
-# Common VCS dirs
-.git/
-.gitignore
-.bzr/
-.bzrignore
-.hg/
-.hgignore
-.svn/
-# Common backup files
-*.swp
-*.bak
-*.tmp
-*~
-# Various IDEs
-.project
-.idea/
-*.tmproj
diff --git a/helm/policy/components/mariadb-galera/templates/configmap.yaml b/helm/policy/components/mariadb-galera/templates/configmap.yaml
deleted file mode 100644
index e0b33086..00000000
--- a/helm/policy/components/mariadb-galera/templates/configmap.yaml
+++ /dev/null
@@ -1,30 +0,0 @@
-{{/*
-# Copyright © 2022 Nordix Foundation
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-#       http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-*/}}
-
-{{ if .Values.mariadbConfiguration }}
-apiVersion: v1
-kind: ConfigMap
-metadata:
-  name: {{ .Chart.Name }}-configuration
-  namespace: default
-  labels:
-    app.kubernetes.io/name: {{ .Chart.Name }}
-    helm.sh/chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
-    app.kubernetes.io/managed-by: Helm
-data:
-  my.cnf: |
-{{ .Values.mariadbConfiguration | indent 4 }}
-{{- end }}
diff --git a/helm/policy/components/mariadb-galera/templates/pdb.yaml b/helm/policy/components/mariadb-galera/templates/pdb.yaml
deleted file mode 100644
index e4f7e5c3..00000000
--- a/helm/policy/components/mariadb-galera/templates/pdb.yaml
+++ /dev/null
@@ -1,37 +0,0 @@
-{{/*
-# Copyright © 2022 Nordix Foundation
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-#       http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-*/}}
-
-{{- if .Values.podDisruptionBudget.create }}
-apiVersion: policy/v1
-kind: PodDisruptionBudget
-metadata:
-  name: {{ .Chart.Name }}
-  namespace: default
-  labels:
-    app.kubernetes.io/name: {{ .Chart.Name }}
-    helm.sh/chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
-    app.kubernetes.io/managed-by: Helm
-spec:
-{{- if .Values.podDisruptionBudget.minAvailable }}
-  minAvailable: {{ .Values.podDisruptionBudget.minAvailable }}
-{{- end }}
-{{- if .Values.podDisruptionBudget.maxUnavailable }}
-  maxUnavailable: {{ .Values.podDisruptionBudget.maxUnavailable }}
-{{- end }}
-  selector:
-    matchLabels:
-      app.kubernetes.io/name: {{ .Chart.Name }}
-{{- end }}
diff --git a/helm/policy/components/mariadb-galera/templates/pv.yaml b/helm/policy/components/mariadb-galera/templates/pv.yaml
deleted file mode 100644
index 3790c78a..00000000
--- a/helm/policy/components/mariadb-galera/templates/pv.yaml
+++ /dev/null
@@ -1,81 +0,0 @@
-{{/*
-# Copyright © 2022 Nordix Foundation
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-#       http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-*/}}
-
-kind: PersistentVolume
-apiVersion: v1
-metadata:
-  name: {{ .Chart.Name }}--0
-  namespace: default
-  labels:
-    app.kubernetes.io/name: {{ .Chart.Name }}
-    helm.sh/chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
-    app.kubernetes.io/managed-by: Helm
-
-spec:
-  capacity:
-    storage: {{ .Values.persistence.size }}
-  accessModes:
-    - {{ .Values.persistence.accessMode }}
-  persistentVolumeReclaimPolicy:
-  storageClassName: "mariadb-galera-data"
-  hostPath:
-    path: /dockerdata-nfs/mariadb-galera/data-0
-
----
-
-kind: PersistentVolume
-apiVersion: v1
-metadata:
-  name: {{ .Chart.Name }}--1
-  namespace: default
-  labels:
-    app.kubernetes.io/name: {{ .Chart.Name }}
-    helm.sh/chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
-    app.kubernetes.io/managed-by: Helm
-
-spec:
-  capacity:
-    storage: {{ .Values.persistence.size }}
-  accessModes:
-    - {{ .Values.persistence.accessMode }}
-  persistentVolumeReclaimPolicy:
-  storageClassName: "mariadb-galera-data"
-  hostPath:
-    path: /dockerdata-nfs/mariadb-galera/data-1
-
----
-
-kind: PersistentVolume
-apiVersion: v1
-metadata:
-  name: {{ .Chart.Name }}--2
-  namespace: default
-  labels:
-    app.kubernetes.io/name: {{ .Chart.Name }}
-
-    helm.sh/chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
-    app.kubernetes.io/managed-by: Helm
-
-spec:
-  capacity:
-    storage: {{ .Values.persistence.size }}
-  accessModes:
-    - {{ .Values.persistence.accessMode }}
-  persistentVolumeReclaimPolicy:
-  storageClassName: "mariadb-galera-data"
-  hostPath:
-    path: /dockerdata-nfs/mariadb-galera/data-2
-
diff --git a/helm/policy/components/mariadb-galera/templates/role-binding.yaml b/helm/policy/components/mariadb-galera/templates/role-binding.yaml
deleted file mode 100644
index c06b1950..00000000
--- a/helm/policy/components/mariadb-galera/templates/role-binding.yaml
+++ /dev/null
@@ -1,29 +0,0 @@
-{{/*
-# Copyright © 2022 Nordix Foundation
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-#       http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-*/}}
-
-apiVersion: rbac.authorization.k8s.io/v1
-kind: RoleBinding
-metadata:
-  name: {{ .Chart.Name }}-read
-  namespace: default
-subjects:
-- kind: ServiceAccount
-  name: {{ .Chart.Name }}-read
-roleRef:
-  kind: Role
-  name: read
-  apiGroup: rbac.authorization.k8s.io
-
diff --git a/helm/policy/components/mariadb-galera/templates/secrets.yaml b/helm/policy/components/mariadb-galera/templates/secrets.yaml
deleted file mode 100644
index 7a134928..00000000
--- a/helm/policy/components/mariadb-galera/templates/secrets.yaml
+++ /dev/null
@@ -1,59 +0,0 @@
-{{/*
-# Copyright © 2022 Nordix Foundation
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-#       http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-*/}}
-
-apiVersion: v1
-kind: Secret
-metadata:
-  name: mariadb-galera-db-backup-credentials
-  namespace: default
-  labels:
-    app: {{ .Chart.Name }}
-    chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
-    heritage: Helm
-type: Opaque
-stringData:
-  login: {{ .Values.galera.mariabackup.user }}
-  password: {{ .Values.galera.mariabackup.password }}
-
----
-apiVersion: v1
-kind: Secret
-metadata:
-  name: mariadb-galera-db-root-password
-  namespace: default
-  labels:
-    app: {{ .Chart.Name }}
-    chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
-    heritage: Helm
-type: Opaque
-stringData:
-  password: {{ .Values.rootUser.password }}
-
----
-apiVersion: v1
-kind: Secret
-metadata:
-  name: mariadb-galera-db-user-credentials
-  namespace: default
-  labels:
-    app: {{ .Chart.Name }}
-    chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
-    heritage: Helm
-type: Opaque
-stringData:
-  login: {{ .Values.db.user }}
-  password: {{ .Values.db.password }}
-
diff --git a/helm/policy/components/mariadb-galera/templates/service-account.yaml b/helm/policy/components/mariadb-galera/templates/service-account.yaml
deleted file mode 100644
index 417938a6..00000000
--- a/helm/policy/components/mariadb-galera/templates/service-account.yaml
+++ /dev/null
@@ -1,20 +0,0 @@
-{{/*
-# Copyright © 2022 Nordix Foundation
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-#       http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-*/}}
-
-apiVersion: v1
-kind: ServiceAccount
-metadata:
-  name: {{ .Chart.Name }}-read
diff --git a/helm/policy/components/mariadb-galera/templates/service.yaml b/helm/policy/components/mariadb-galera/templates/service.yaml
deleted file mode 100644
index 0494f7d8..00000000
--- a/helm/policy/components/mariadb-galera/templates/service.yaml
+++ /dev/null
@@ -1,68 +0,0 @@
-{{/*
-# Copyright © 2022 Nordix Foundation
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-#       http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-*/}}
-
-apiVersion: v1
-kind: Service
-metadata:
-  name: {{ .Chart.Name }}
-  namespace: default
-  labels:
-    app.kubernetes.io/name: {{ .Chart.Name }}
-    helm.sh/chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
-    app.kubernetes.io/managed-by: Helm
-spec:
-  ports:
-    - port: 3306
-      targetPort: tcp-mysql
-      protocol: TCP
-      name: tcp-mysql
-  ipFamilyPolicy: PreferDualStack
-  type: ClusterIP
-  selector:
-    app.kubernetes.io/name: {{ .Chart.Name }}
-  sessionAffinity: None
-
----
-
-apiVersion: v1
-kind: Service
-metadata:
-  name: {{ .Chart.Name }}-headless
-  namespace: default
-  labels:
-    app.kubernetes.io/name: {{ .Chart.Name }}
-    helm.sh/chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
-    app.kubernetes.io/managed-by: Helm
-spec:
-  clusterIP: None
-  ports:
-    - port: 4567
-      targetPort: tcp-galera
-      protocol: TCP
-      name: tcp-galera
-    - port: 4568
-      targetPort: tcp-ist
-      protocol: TCP
-      name: tcp-ist
-    - port: 4444
-      targetPort: tcp-sst
-      protocol: TCP
-      name: tcp-sst
-  ipFamilyPolicy: PreferDualStack
-  type: ClusterIP
-  selector:
-    app.kubernetes.io/name: {{ .Chart.Name }}
-  sessionAffinity: None
diff --git a/helm/policy/components/mariadb-galera/templates/statefulset.yaml b/helm/policy/components/mariadb-galera/templates/statefulset.yaml
deleted file mode 100644
index a606088e..00000000
--- a/helm/policy/components/mariadb-galera/templates/statefulset.yaml
+++ /dev/null
@@ -1,292 +0,0 @@
-{{/*
-# Copyright © 2022 Nordix Foundation
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-#       http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-*/}}
-
-apiVersion: apps/v1
-kind: StatefulSet
-metadata:
-  name: {{ .Chart.Name }}
-  namespace: default
-  labels:
-    app.kubernetes.io/name: {{ .Chart.Name }}
-    helm.sh/chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
-    app.kubernetes.io/managed-by: Helm
-
-spec:
-  podManagementPolicy: {{ .Values.podManagementPolicy }}
-  replicas: {{ .Values.replicaCount }}
-  selector:
-    matchLabels:
-      app.kubernetes.io/name: {{ .Chart.Name }}
-
-  serviceName: {{ .Chart.Name }}-headless
-  updateStrategy:
-    type: {{ .Values.updateStrategy.type }}
-    {{- if (eq "Recreate" .Values.updateStrategy.type) }}
-    rollingUpdate: null
-    {{- end }}
-  template:
-    metadata:
-      annotations:
-        traffic.sidecar.istio.io/excludeInboundPorts: 4444,4567,4568
-        traffic.sidecar.istio.io/excludeOutboundPorts: 4444,4567,4568
-        traffic.sidecar.istio.io/includeInboundPorts: '*'
-      labels:
-        app.kubernetes.io/name: {{ .Chart.Name }}
-        helm.sh/chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
-        app.kubernetes.io/managed-by: Helm
-      name: {{ .Chart.Name }}
-
-    spec:
-      securityContext:
-        runAsUser: 10001
-        runAsGroup: 10001
-        fsGroup: 10001
-      initContainers:
-        # we shouldn't need this but for unknown reason, it's fsGroup is not
-        # applied
-        - name: fix-permission
-          command:
-            - /bin/sh
-          args:
-            - -c
-            - |
-              chown -R {{ .Values.securityContext.user_id }}:{{ .Values.securityContext.group_id }} /data
-              chown -R {{ .Values.securityContext.user_id }}:{{ .Values.securityContext.group_id }} /bootstrap/
-              chown -R {{ .Values.securityContext.user_id }}:{{ .Values.securityContext.group_id }} /tmp/
-              {{- if .Values.mariadbConfiguration }}
-              cp /config/my.cnf /actual/my.cnf
-              chown -R {{ .Values.securityContext.user_id }}:{{ .Values.securityContext.group_id }} /actual
-              {{- end }}
-          image: docker.io/library/busybox:1.34.1
-          imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
-          securityContext:
-            runAsUser: 0
-          volumeMounts:
-            - name: previous-boot
-              mountPath: /bootstrap
-            - name: mariadb-tmp-folder
-              mountPath: /tmp
-            - name: {{ .Chart.Name }}
-              mountPath: /data
-            {{- if .Values.mariadbConfiguration }}
-            - name: mariadb-galera-starting-config
-              mountPath: /config/my.cnf
-              subPath: my.cnf
-            - name: mariadb-galera-actual-config
-              mountPath: /actual
-            {{- end }}
-      containers:
-        - name: {{ .Chart.Name }}
-          image: {{ .Values.global.dockerRepository }}/{{ .Values.global.image.mariadb }}
-          imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy | quote}}
-          command:
-            - bash
-            - -ec
-            - |
-                {{- if (not (empty (.Values.galera.bootstrap.bootstrapFromNode | quote)))}}
-                {{- $fullname := "mariadb-galera" }}
-                {{- $bootstrapFromNode := int .Values.galera.bootstrap.bootstrapFromNode }}
-                # Bootstrap from the indicated node
-                NODE_ID="${MY_POD_NAME#"{{ $fullname }}-"}"
-                if [[ "$NODE_ID" -eq "{{ $bootstrapFromNode }}" ]]; then
-                    export MARIADB_GALERA_CLUSTER_BOOTSTRAP=yes
-                    export MARIADB_GALERA_FORCE_SAFETOBOOTSTRAP={{ ternary "yes" "no" .Values.galera.bootstrap.forceSafeToBootstrap }}
-                fi
-                {{- end }}
-                exec /opt/bitnami/scripts/mariadb-galera/entrypoint.sh /opt/bitnami/scripts/mariadb-galera/run.sh
-          env:
-            - name: MY_POD_NAME
-              valueFrom:
-                fieldRef:
-                  fieldPath: metadata.name
-            - name: BITNAMI_DEBUG
-              value: {{ ternary "true" "false" .Values.debug | quote }}
-            - name: MARIADB_INIT_SLEEP_TIME
-              value: {{ .Values.init_sleep_time | quote }}
-            - name: MARIADB_GALERA_CLUSTER_NAME
-              value: {{ .Values.galera.name | quote }}
-            - name: MARIADB_GALERA_CLUSTER_ADDRESS
-              value: "gcomm://{{ .Chart.Name }}-headless.default.svc.{{ .Values.global.clusterDomain }}"
-            # Bitnami init script don't behave well in dual stack env.
-            # set it here as long as https://github.com/bitnami/charts/issues/4077 is not solved.
-            - name: MARIADB_GALERA_NODE_ADDRESS
-              valueFrom:
-                fieldRef:
-                  fieldPath: status.podIP
-            - name: MARIADB_ROOT_USER
-              value: {{ .Values.rootUser.user | quote }}
-            - name: MARIADB_ROOT_PASSWORD
-              valueFrom:
-                secretKeyRef:
-                  name: mariadb-galera-db-root-password
-                  key: password
-            - name: MARIADB_USER
-              valueFrom:
-                secretKeyRef:
-                  name: mariadb-galera-db-user-credentials
-                  key: login
-            - name: MARIADB_PASSWORD
-              valueFrom:
-                secretKeyRef:
-                  name: mariadb-galera-db-user-credentials
-                  key: password
-            - name: MARIADB_DATABASE
-              value: {{ .Values.db.name | quote }}
-            - name: MARIADB_GALERA_MARIABACKUP_USER
-              valueFrom:
-                secretKeyRef:
-                  name: mariadb-galera-db-backup-credentials
-                  key: login
-            - name: MARIADB_GALERA_MARIABACKUP_PASSWORD
-              valueFrom:
-                secretKeyRef:
-                  name: mariadb-galera-db-backup-credentials
-                  key: password
-            {{- if .Values.extraFlags }}
-            - name: MARIADB_EXTRA_FLAGS
-              value: {{ .Values.extraFlags | quote }}
-            {{- end }}
-          ports:
-            - containerPort: 3306
-              name: tcp-mysql
-            - containerPort: 4567
-              name: tcp-galera
-            - containerPort: 4568
-              name: tcp-ist
-            - containerPort: 4444
-              name: tcp-sst
-          {{- if .Values.livenessProbe.enabled }}
-          livenessProbe:
-            exec:
-              command:
-                - sh
-                - -ec
-                - |
-                  exec mysqladmin status -u$MARIADB_ROOT_USER -p$MARIADB_ROOT_PASSWORD
-            initialDelaySeconds: {{ .Values.livenessProbe.initialDelaySeconds }}
-            periodSeconds: {{ .Values.livenessProbe.periodSeconds }}
-            timeoutSeconds: {{ .Values.livenessProbe.timeoutSeconds }}
-            successThreshold: {{ .Values.livenessProbe.successThreshold }}
-            failureThreshold: {{ .Values.livenessProbe.failureThreshold }}
-          {{- end }}
-          {{- if .Values.readinessProbe.enabled }}
-          readinessProbe:
-            exec:
-              command:
-                - sh
-                - -ec
-                - |
-                  exec mysqladmin status -u$MARIADB_ROOT_USER -p$MARIADB_ROOT_PASSWORD
-            initialDelaySeconds: {{ .Values.readinessProbe.initialDelaySeconds }}
-            periodSeconds: {{ .Values.readinessProbe.periodSeconds }}
-            timeoutSeconds: {{ .Values.readinessProbe.timeoutSeconds }}
-            successThreshold: {{ .Values.readinessProbe.successThreshold }}
-            failureThreshold: {{ .Values.readinessProbe.failureThreshold }}
-          {{- end }}
-          {{- if .Values.startupProbe.enabled }}
-          startupProbe:
-            exec:
-              command:
-                - sh
-                - -ec
-                - |
-                  exec mysqladmin status -u$MARIADB_ROOT_USER -p$MARIADB_ROOT_PASSWORD
-            initialDelaySeconds: {{ .Values.startupProbe.initialDelaySeconds }}
-            periodSeconds: {{ .Values.startupProbe.periodSeconds }}
-            timeoutSeconds: {{ .Values.startupProbe.timeoutSeconds }}
-            successThreshold: {{ .Values.startupProbe.successThreshold }}
-            failureThreshold: {{ .Values.startupProbe.failureThreshold }}
-          {{- end }}
-          resources: 
-{{ toYaml .Values.resources.small | indent 12 }}
-          volumeMounts:
-            - name: previous-boot
-              mountPath: /opt/bitnami/mariadb/.bootstrap
-            - name: {{ .Chart.Name }}
-              mountPath: /bitnami/mariadb
-            - name: mariadb-tmp-folder
-              mountPath: /opt/bitnami/mariadb/tmp
-            {{- if .Values.mariadbConfiguration }}
-            - name: mariadb-galera-actual-config
-              mountPath: /opt/bitnami/mariadb/conf
-            {{- end }}
-      imagePullSecrets:
-        - name: default-docker-registry-key
-      {{- if .Values.schedulerName }}
-      schedulerName: {{ .Values.schedulerName | quote }}
-      {{- end }}
-      {{- if .Values.priorityClassName }}
-      priorityClassName: {{ .Values.priorityClassName }}
-      {{- end }}
-      serviceAccountName: mariadb-galera-read
-      affinity:
-        podAffinity: {}
-        podAntiAffinity:
-          preferredDuringSchedulingIgnoredDuringExecution:
-            - podAffinityTerm:
-                labelSelector:
-                  matchLabels:
-                    app.kubernetes.io/name: {{ .Chart.Name }}
-                namespaces:
-                  - default
-                topologyKey: kubernetes.io/hostname
-              weight: 1
-        nodeAffinity: {}
-      {{- if .Values.nodeSelector }}
-      nodeSelector:
-{{ toYaml .Values.nodeSelector | indent 10 }}
-      {{- end }}
-      {{- if .Values.tolerations }}
-      tolerations:
-{{ toYaml .Values.tolerations | indent 10 }}
-      {{- end }}
-      volumes:
-        - name: previous-boot
-          emptyDir: {}
-        - name: mariadb-tmp-folder
-          emptyDir: {}
-        {{- if .Values.mariadbConfiguration  }}
-        - name:  mariadb-galera-actual-config
-          emptyDir: {}
-        - name: mariadb-galera-starting-config
-          configMap:
-            name: {{ .Chart.Name }}-configuration
-        {{- end }}
-{{- if and .Values.persistence.enabled .Values.persistence.existingClaim }}
-        - name: {{ .Chart.Name }}
-          persistentVolumeClaim:
-            claimName: {{ .Values.persistence.existingClaim }}
-{{- else if not .Values.persistence.enabled }}
-        - name: {{ .Chart.Name }}
-          emptyDir: {}
-{{- else if and .Values.persistence.enabled (not .Values.persistence.existingClaim) }}
-  volumeClaimTemplates:
-    - metadata:
-        name: {{ .Chart.Name }}
-        namespace: default
-        labels:
-          app.kubernetes.io/name: {{ .Chart.Name }}
-          helm.sh/chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
-          app.kubernetes.io/managed-by: Helm
-
-      spec:
-        accessModes:
-        - {{ .Values.persistence.accessMode }}
-        storageClassName: mariadb-galera-data
-        resources:
-          requests:
-            storage: {{ .Values.persistence.size }}
-{{- end }}
diff --git a/helm/policy/components/mariadb-galera/values.yaml b/helm/policy/components/mariadb-galera/values.yaml
deleted file mode 100644
index f0a21386..00000000
--- a/helm/policy/components/mariadb-galera/values.yaml
+++ /dev/null
@@ -1,606 +0,0 @@
-# Copyright © 2022 Nordix Foundation
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-#       http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-#################################################################
-# Global configuration defaults.
-#################################################################
-global:
-  nodePortPrefix: 302
-  persistence:
-    mountPath: /dockerdata-nfs
-    backup:
-      mountPath: /dockerdata-nfs/backup
-  clusterDomain: cluster.local
-  metrics: {}
-  dockerHubRepository: &dockerHubRepository docker.io
-
-passwordStrengthOverride: basic
-
-## Specify a imagePullPolicy
-## Defaults to 'Always' if image tag is 'latest', else set to 'IfNotPresent'
-## ref: http://kubernetes.io/docs/user-guide/images/#pre-pulling-images
-##
-pullPolicy: Always
-
-## Set to true if you would like to see extra information on logs
-## It turns BASH debugging in minideb-extras-base
-##
-debug: true
-
-## Sometimes, especially when a lot of pods are created at the same time,
-## actions performed on the databases are tried to be done before actual start.
-init_sleep_time: 5
-
-## String to partially override common.names.fullname template (will maintain the release name)
-##
-nameOverride: mariadb-galera
-
-## Use an alternate scheduler, e.g. "stork".
-## ref: https://kubernetes.io/docs/tasks/administer-cluster/configure-multiple-schedulers/
-##
-# schedulerName:
-
-## StatefulSet controller supports relax its ordering guarantees while preserving its uniqueness and identity guarantees. There are two valid pod management policies: OrderedReady and Parallel
-## ref: https://kubernetes.io/docs/tutorials/stateful-application/basic-stateful-set/#pod-management-policy
-##
-podManagementPolicy: OrderedReady
-
-
-## Pods Service Account
-## ref: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/
-##
-serviceAccount:
-  nameOverride: mariadb-galera
-  roles:
-    - read
-
-## Pod Security Context
-## ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/
-##
-securityContext:
-  enabled: true
-  user_id: 10001
-  group_id: 10001
-
-## Database credentials for root (admin) user
-##
-rootUser:
-  ## MariaDB admin user
-  user: root
-  ## MariaDB admin password
-  ## Password is ignored if externalSecret is specified.
-  ## If not set, password will be "randomly" generated
-  ## ref: https://github.com/bitnami/bitnami-docker-mariadb-galera#setting-the-root-password-on-first-run
-  ##
-  password: dOM39tQX
-  # externalSecret:
-
-## Custom db configuration
-##
-db:
-  ## MariaDB username and password
-  ## Password is ignored if externalSecret is specified.
-  ## If not set, password will be "randomly" generated
-  ## ref: https://github.com/bitnami/bitnami-docker-mariadb-galera#creating-a-database-user-on-first-run
-  ##
-  user: policy-user
-  password: policy-user
-  # externalSecret:
-  ## Database to create
-  ## ref: https://github.com/bitnami/bitnami-docker-mariadb-galera#creating-a-database-on-first-run
-  ##
-  # name: my_database
-
-## Galera configuration
-##
-galera:
-  ## Galera cluster name
-  ##
-  name: galera
-
-  ## Bootstraping options
-  ## ref: https://github.com/bitnami/bitnami-docker-mariadb-galera#bootstraping
-  bootstrap:
-    ## Node to bootstrap from, you will need to change this parameter incase you want to bootstrap from other node
-    ##
-    bootstrapFromNode: 0
-    ## Force safe_to_bootstrap in grastate.date file.
-    ## This will set safe_to_bootstrap=1 in the node indicated by bootstrapFromNode.
-    forceSafeToBootstrap: true
-
-  ## Credentials to perform backups
-  ##
-  mariabackup:
-    ## MariaBackup username and password
-    ## Password is ignored if externalSecret is specified.
-    ## If not set, password will be "randomly" generated
-    ## ref: https://github.com/bitnami/bitnami-docker-mariadb-galera#setting-up-a-multi-master-cluster
-    ##
-    user: mariabackup
-    password: pt49gEq7
-    # externalSecret:
-
-## The backup job will mount the mariadb data pvc in order to run mariabackup.
-## For this reason the db data pvc needs to have accessMode: ReadWriteMany.
-backup:
-  enabled: false
-  cron: "00 00 * * *"
-  retentionPeriod: 3
-  persistence:
-    ## If true, use a Persistent Volume Claim, If false, use emptyDir
-    ##
-    enabled: true
-    # Enable persistence using an existing PVC
-    # existingClaim:
-    ## selector can be used to match an existing PersistentVolume
-    ## selector:
-    ##   matchLabels:
-    ##     app: my-app
-    selector: {}
-    ## Persistent Volume Storage Class
-    ## If defined, storageClassName: <storageClass>
-    ## If set to "-", storageClassName: "", which disables dynamic provisioning
-    ## If undefined (the default) or set to null, no storageClassName spec is
-    ##   set, choosing the default provisioner.  (gp2 on AWS, standard on
-    ##   GKE, AWS & OpenStack)
-    ##
-    # storageClass: "-"
-    ## Persistent Volume Claim annotations
-    ##
-    annotations:
-    ## Persistent Volume Access Mode
-    ##
-    accessMode: ReadWriteOnce
-    ## Persistent Volume size
-    ##
-    size: 2Gi
-
-## TLS configuration
-##
-tls:
-  ## Enable TLS
-  ##
-  enabled: false
-  ## Name of the secret that contains the certificates
-  ##
-  # certificatesSecret:
-  ## Certificate filename
-  ##
-  # certFilename:
-  ## Certificate Key filename
-  ##
-  # certKeyFilename:
-  ## CA Certificate filename
-  ##
-  # certCAFilename:
-
-## Configure MariaDB with a custom my.cnf file
-## ref: https://mysql.com/kb/en/mysql/configuring-mysql-with-mycnf/#example-of-configuration-file
-## Alternatively, you can put your my.cnf under the files/ directory
-##
-mariadbConfiguration: |-
-  [client]
-  port=3306
-  socket=/opt/bitnami/mariadb/tmp/mysql.sock
-  plugin_dir=/opt/bitnami/mariadb/plugin
-
-  [mysqld]
-  lower_case_table_names = 1
-  default_storage_engine=InnoDB
-  basedir=/opt/bitnami/mariadb
-  datadir=/bitnami/mariadb/data
-  plugin_dir=/opt/bitnami/mariadb/plugin
-  tmpdir=/opt/bitnami/mariadb/tmp
-  socket=/opt/bitnami/mariadb/tmp/mysql.sock
-  pid_file=/opt/bitnami/mariadb/tmp/mysqld.pid
-  bind_address=0.0.0.0
-
-  ## Character set
-  collation_server=utf8_unicode_ci
-  init_connect='SET NAMES utf8'
-  character_set_server=utf8
-
-  ## MyISAM
-  key_buffer_size=32M
-  myisam_recover_options=FORCE,BACKUP
-
-  ## Safety
-  skip_host_cache
-  skip_name_resolve
-  max_allowed_packet=16M
-  max_connect_errors=1000000
-  sql_mode=STRICT_TRANS_TABLES,ERROR_FOR_DIVISION_BY_ZERO,NO_AUTO_CREATE_USER,NO_AUTO_VALUE_ON_ZERO,NO_ENGINE_SUBSTITUTION,NO_ZERO_DATE,NO_ZERO_IN_DATE,ONLY_FULL_GROUP_BY
-  sysdate_is_now=1
-
-  ## Binary Logging
-  log_bin=mysql-bin
-  expire_logs_days=14
-  # Disabling for performance per http://severalnines.com/blog/9-tips-going-production-galera-cluster-mysql
-  sync_binlog=0
-  # Required for Galera
-  binlog_format=row
-
-  ## Caches and Limits
-  tmp_table_size=32M
-  max_heap_table_size=32M
-  # Re-enabling as now works with Maria 10.1.2
-  query_cache_type=1
-  query_cache_limit=4M
-  query_cache_size=256M
-  max_connections=500
-  thread_cache_size=50
-  open_files_limit=65535
-  table_definition_cache=4096
-  table_open_cache=4096
-
-  ## InnoDB
-  innodb=FORCE
-  innodb_strict_mode=1
-  # Mandatory per https://github.com/codership/documentation/issues/25
-  innodb_autoinc_lock_mode=2
-  # Per https://www.percona.com/blog/2006/08/04/innodb-double-write/
-  innodb_doublewrite=1
-  innodb_flush_method=O_DIRECT
-  innodb_log_files_in_group=2
-  innodb_log_file_size=128M
-  innodb_flush_log_at_trx_commit=1
-  innodb_file_per_table=1
-  # 80% Memory is default reco.
-  # Need to re-evaluate when DB size grows
-  innodb_buffer_pool_size=2G
-  innodb_file_format=Barracuda
-
-  ## Logging
-  log_error=/opt/bitnami/mariadb/logs/mysqld.log
-  slow_query_log_file=/opt/bitnami/mariadb/logs/mysqld.log
-  log_queries_not_using_indexes=1
-  slow_query_log=1
-
-  ## SSL
-  ## Use extraVolumes and extraVolumeMounts to mount /certs filesystem
-  # ssl_ca=/certs/ca.pem
-  # ssl_cert=/certs/server-cert.pem
-  # ssl_key=/certs/server-key.pem
-
-  [galera]
-  wsrep_on=ON
-  wsrep_provider=/opt/bitnami/mariadb/lib/libgalera_smm.so
-  wsrep_sst_method=mariabackup
-  wsrep_slave_threads=4
-  wsrep_cluster_address=gcomm://
-  wsrep_cluster_name=galera
-  wsrep_sst_auth="root:"
-  # Enabled for performance per https://mariadb.com/kb/en/innodb-system-variables/#innodb_flush_log_at_trx_commit
-  innodb_flush_log_at_trx_commit=2
-  # MYISAM REPLICATION SUPPORT #
-  wsrep_replicate_myisam=ON
-  binlog_format=row
-  default_storage_engine=InnoDB
-  innodb_autoinc_lock_mode=2
-  transaction-isolation=READ-COMMITTED
-  wsrep_causal_reads=1
-  wsrep_sync_wait=7
-
-  [mariadb]
-  plugin_load_add=auth_pam
-
-  ## Data-at-Rest Encryption
-  ## Use extraVolumes and extraVolumeMounts to mount /encryption filesystem
-  # plugin_load_add=file_key_management
-  # file_key_management_filename=/encryption/keyfile.enc
-  # file_key_management_filekey=FILE:/encryption/keyfile.key
-  # file_key_management_encryption_algorithm=AES_CTR
-  # encrypt_binlog=ON
-  # encrypt_tmp_files=ON
-
-  ## InnoDB/XtraDB Encryption
-  # innodb_encrypt_tables=ON
-  # innodb_encrypt_temporary_tables=ON
-  # innodb_encrypt_log=ON
-  # innodb_encryption_threads=4
-  # innodb_encryption_rotate_key_age=1
-
-  ## Aria Encryption
-  # aria_encrypt_tables=ON
-  # encrypt_tmp_disk_tables=ON
-
-## MariaDB additional command line flags
-## Can be used to specify command line flags, for example:
-##
-## extraFlags: "--max-connect-errors=1000 --max_connections=155"
-
-## Desired number of cluster nodes
-##
-replicaCount: 1
-
-## updateStrategy for MariaDB Master StatefulSet
-## ref: https://kubernetes.io/docs/concepts/workloads/controllers/statefulset/#update-strategies
-##
-updateStrategy:
-  type: RollingUpdate
-
-## Additional pod annotations for MariaDB Galera pods
-## ref: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/
-## -> here required to enable mariadb-galera in istio
-##
-podAnnotations:
-  #  sidecar.istio.io/inject: "false"
-  traffic.sidecar.istio.io/excludeInboundPorts: "4444,4567,4568"
-  traffic.sidecar.istio.io/includeInboundPorts: '*'
-  traffic.sidecar.istio.io/excludeOutboundPorts: "4444,4567,4568"
-
-## Pod affinity preset
-## ref: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#inter-pod-affinity-and-anti-affinity
-## Allowed values: soft, hard
-##
-podAffinityPreset: ""
-
-## Pod anti-affinity preset
-## Ref: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#inter-pod-affinity-and-anti-affinity
-## Allowed values: soft, hard
-##
-podAntiAffinityPreset: soft
-
-## Node affinity preset
-## Ref: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#node-affinity
-## Allowed values: soft, hard
-##
-nodeAffinityPreset:
-  ## Node affinity type
-  ## Allowed values: soft, hard
-  type: ""
-  ## Node label key to match
-  ## E.g.
-  ## key: "kubernetes.io/e2e-az-name"
-  ##
-  key: ""
-  ## Node label values to match
-  ## E.g.
-  ## values:
-  ##   - e2e-az1
-  ##   - e2e-az2
-  ##
-  values: []
-
-## Affinity for pod assignment. Evaluated as a template.
-## Ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#affinity-and-anti-affinity
-## Note: podAffinityPreset, podAntiAffinityPreset, and nodeAffinityPreset will be ignored when it's set
-##
-affinity: {}
-
-## Node labels for pod assignment. Evaluated as a template.
-## ref: https://kubernetes.io/docs/user-guide/node-selection/
-##
-nodeSelector: {}
-
-## Tolerations for pod assignment. Evaluated as a template.
-## ref: https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/
-##
-tolerations: []
-
-## Enable persistence using Persistent Volume Claims
-## ref: http://kubernetes.io/docs/user-guide/persistent-volumes/
-##
-persistence:
-  ## If true, use a Persistent Volume Claim, If false, use emptyDir
-  ##
-  enabled: true
-  # Enable persistence using an existing PVC
-  # existingClaim:
-  mountPath: /dockerdata-nfs
-  mountSubPath: "mariadb-galera/data"
-  ## selector can be used to match an existing PersistentVolume
-  ## selector:
-  ##   matchLabels:
-  ##     app: my-app
-  selector: {}
-  ## Persistent Volume Storage Class
-  ## If defined, storageClassName: <storageClass>
-  ## If set to "-", storageClassName: "", which disables dynamic provisioning
-  ## If undefined (the default) or set to null, no storageClassName spec is
-  ##   set, choosing the default provisioner.  (gp2 on AWS, standard on
-  ##   GKE, AWS & OpenStack)
-  ##
-  # storageClass: "-"
-  ## Persistent Volume Claim annotations
-  ##
-  annotations:
-  ## Persistent Volume Access Mode
-  ## Use ReadWriteMany if backup is enabled, see backup section.
-  ##
-  accessMode: ReadWriteOnce
-  ## Persistent Volume size
-  ##
-  size: 3Gi
-
-## Additional pod labels
-##
-# podLabels:
-#   extraLabel: extraValue
-
-## Priority Class Name
-#
-# priorityClassName: 'priorityClass'
-
-## MariaDB Galera containers' resource requests and limits
-## ref: http://kubernetes.io/docs/user-guide/compute-resources/
-##
-flavor: small
-resources:
-  small:
-    limits:
-      cpu: 1
-      memory: 4Gi
-    requests:
-      cpu: 500m
-      memory: 2Gi
-  unlimited: {}
-
-## MariaDB Galera containers' liveness and readiness probes
-## ref: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#container-probes
-##
-livenessProbe:
-  enabled: true
-  initialDelaySeconds: 1
-  periodSeconds: 10
-  timeoutSeconds: 180
-  successThreshold: 1
-  failureThreshold: 3
-readinessProbe:
-  enabled: true
-  initialDelaySeconds: 1
-  periodSeconds: 10
-  timeoutSeconds: 180
-  successThreshold: 1
-  failureThreshold: 3
-startupProbe:
-  ## Initializing the database could take some time
-  ##
-  enabled: true
-  initialDelaySeconds: 10
-  periodSeconds: 10
-  timeoutSeconds: 180
-  successThreshold: 1
-  # will wait up for initialDelaySeconds + failureThreshold*periodSeconds before
-  # stating startup wasn't good (910s per default)
-  failureThreshold: 90
-
-## Pod disruption budget configuration
-##
-podDisruptionBudget:
-  ## Specifies whether a Pod disruption budget should be created
-  ##
-  create: true
-  minAvailable: 1
-  # maxUnavailable: 1
-
-## Prometheus exporter configuration
-##
-metrics:
-  ## Bitnami MySQL Prometheus exporter image
-  ## ref: https://hub.docker.com/r/bitnami/mysqld-exporter/tags/
-  ##
-  image: docker.io/bitnami/mysqld-exporter:0.12.1-debian-10-r264
-  pullPolicy: Always
-  ## MySQL exporter additional command line flags
-  ## Can be used to specify command line flags
-  ## E.g.:
-  ## extraFlags:
-  ##   - --collect.binlog_size
-  ##
-  extraFlags: []
-  ## MySQL Prometheus exporter containers' resource requests and limits
-  ## ref: http://kubernetes.io/docs/user-guide/compute-resources/
-  ##
-  resources:
-    # We usually recommend not to specify default resources and to leave this as a conscious
-    # choice for the user. This also increases chances charts run on environments with little
-    # resources, such as Minikube. If you do want to specify resources, uncomment the following
-    # lines, adjust them as necessary, and remove the curly braces after 'resources:'.
-    limits:
-      cpu: 0.5
-      memory: 256Mi
-    requests:
-      cpu: 0.5
-      memory: 256Mi
-  ## MariaDB Galera metrics container's liveness and readiness probes
-  ## ref: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#container-probes
-  ##
-  livenessProbe:
-    enabled: true
-    initialDelaySeconds: 30
-    periodSeconds: 10
-    timeoutSeconds: 5
-    successThreshold: 1
-    failureThreshold: 3
-  readinessProbe:
-    enabled: true
-    initialDelaySeconds: 5
-    periodSeconds: 10
-    timeoutSeconds: 5
-    successThreshold: 1
-    failureThreshold: 3
-  ## MySQL Prometheus exporter service parameters
-  ##
-  service:
-    type: ClusterIP
-    port: 9104
-    annotations:
-      prometheus.io/scrape: "true"
-      prometheus.io/port: "9104"
-
-  ## Prometheus Operator ServiceMonitor configuration
-  ##
-  serviceMonitor:
-    enabled: false
-    ## Namespace in which Prometheus is running
-    ##
-    # namespace: monitoring
-
-    ## Interval at which metrics should be scraped.
-    ## ref: https://github.com/coreos/prometheus-operator/blob/master/Documentation/api.md#endpoint
-    ##
-    # interval: 10s
-
-    ## Timeout after which the scrape is ended
-    ## ref: https://github.com/coreos/prometheus-operator/blob/master/Documentation/api.md#endpoint
-    ##
-    # scrapeTimeout: 10s
-
-    ## ServiceMonitor selector labels
-    ## ref: https://github.com/bitnami/charts/tree/master/bitnami/prometheus-operator#prometheus-configuration
-    ##
-    # selector:
-    #   prometheus: kube-prometheus
-
-    ## RelabelConfigs to apply to samples before scraping
-    ## ref: https://github.com/coreos/prometheus-operator/blob/master/Documentation/api.md#relabelconfig
-    ## Value is evalued as a template
-    ##
-    relabelings: []
-
-    ## MetricRelabelConfigs to apply to samples before ingestion
-    ## ref: https://github.com/coreos/prometheus-operator/blob/master/Documentation/api.md#relabelconfig
-    ## Value is evalued as a template
-    ##
-    metricRelabelings: []
-    #  - sourceLabels:
-    #      - "__name__"
-    #    targetLabel: "__name__"
-    #    action: replace
-    #    regex: '(.*)'
-    #    replacement: 'example_prefix_$1'
-
-  ## Prometheus Operator PrometheusRule configuration
-  ##
-  prometheusRules:
-    enabled: false
-
-    ## Additional labels to add to the PrometheusRule so it is picked up by the operator.
-    ## If using the [Helm Chart](https://github.com/helm/charts/tree/master/stable/prometheus-operator) this is the name of the Helm release and 'app: prometheus-operator'
-    selector:
-      app: prometheus-operator
-      release: prometheus
-
-    ## Rules as a map.
-    rules: []
-    #  - alert: MariaDB-Down
-    #    annotations:
-    #      message: 'MariaDB instance {{ $labels.instance }} is down'
-    #      summary: MariaDB instance is down
-    #    expr: absent(up{job="mariadb-galera"} == 1)
-    #    labels:
-    #      severity: warning
-    #      service: mariadb-galera
-    #    for: 5m
diff --git a/helm/policy/components/policy-api/resources/config/apiParameters.yaml b/helm/policy/components/policy-api/resources/config/apiParameters.yaml
index cd804bc9..ef3369f1 100644
--- a/helm/policy/components/policy-api/resources/config/apiParameters.yaml
+++ b/helm/policy/components/policy-api/resources/config/apiParameters.yaml
@@ -1,5 +1,5 @@
 #  ============LICENSE_START=======================================================
-#   Copyright (C) 2023 Nordix Foundation. All rights reserved.
+#   Copyright (C) 2023,2025 Nordix Foundation. All rights reserved.
 #  ================================================================================
 #  Licensed under the Apache License, Version 2.0 (the "License");
 #  you may not use this file except in compliance with the License.
@@ -29,8 +29,8 @@ spring:
     password: "${RESTSERVER_PASSWORD}"
   mvc.converters.preferred-json-mapper: gson
   datasource:
-    url: jdbc:mariadb://{{ .Values.db.service.name }}/policyadmin
-    driverClassName: org.mariadb.jdbc.Driver
+    url: jdbc:postgresql://{{ .Values.db.service.name }}/policyadmin
+    driverClassName: org.postgresql.Driver
     username: "${SQL_USER}"
     password: "${SQL_PASSWORD}"
     hikari:
@@ -52,8 +52,8 @@ policy-api:
 database:
   name: PolicyProviderParameterGroup
   implementation: org.onap.policy.models.provider.impl.DatabasePolicyModelsProviderImpl
-  driver: org.mariadb.jdbc.Driver
-  url: jdbc:mariadb://{{ .Values.db.service.name }}/policyadmin
+  driver: org.postgresql.Driver
+  url: jdbc:postgresql://{{ .Values.db.service.name }}/policyadmin
   user: "${SQL_USER}"
   password: "${SQL_PASSWORD}"
   persistenceUnit: PolicyDb
diff --git a/helm/policy/components/policy-api/templates/deployment.yaml b/helm/policy/components/policy-api/templates/deployment.yaml
index e6c9223d..9b77ebf2 100755..100644
--- a/helm/policy/components/policy-api/templates/deployment.yaml
+++ b/helm/policy/components/policy-api/templates/deployment.yaml
@@ -1,6 +1,6 @@
 {{/*
 #  ============LICENSE_START=======================================================
-#   Copyright (C) 2023 Nordix Foundation.
+#   Copyright (C) 2023,2025 Nordix Foundation.
 #  ================================================================================
 #  Licensed under the Apache License, Version 2.0 (the "License");
 #  you may not use this file except in compliance with the License.
@@ -42,7 +42,7 @@ spec:
           - /app/ready.py
           args:
           - --job-name
-          - policy-galera-config
+          - policy-pg-config
           env:
           - name: NAMESPACE
             valueFrom:
@@ -146,4 +146,4 @@ spec:
           emptyDir:
             medium: Memory
       imagePullSecrets:
-      - name: "default-docker-registry-key"
\ No newline at end of file
+      - name: "default-docker-registry-key"
diff --git a/helm/policy/components/policy-api/values.yaml b/helm/policy/components/policy-api/values.yaml
index b5ce0824..8ceb475a 100644
--- a/helm/policy/components/policy-api/values.yaml
+++ b/helm/policy/components/policy-api/values.yaml
@@ -1,5 +1,5 @@
 #  ============LICENSE_START=======================================================
-#   Copyright (C) 2023 Nordix Foundation. All rights reserved.
+#   Copyright (C) 2023,2025 Nordix Foundation. All rights reserved.
 #  ================================================================================
 #  Licensed under the Apache License, Version 2.0 (the "License");
 #  you may not use this file except in compliance with the License.
@@ -38,8 +38,8 @@ db:
   user: policy-user
   password: policy-user
   service:
-    name: mariadb-galera
-    internalPort: 3306
+    name: postgres-service
+    internalPort: 5432
 
 restServer:
   user: policyadmin
diff --git a/helm/policy/components/policy-clamp-runtime-acm/resources/config/acRuntimeParameters.yaml b/helm/policy/components/policy-clamp-runtime-acm/resources/config/acRuntimeParameters.yaml
index 7b8ceea7..644d86a7 100755..100644
--- a/helm/policy/components/policy-clamp-runtime-acm/resources/config/acRuntimeParameters.yaml
+++ b/helm/policy/components/policy-clamp-runtime-acm/resources/config/acRuntimeParameters.yaml
@@ -1,5 +1,5 @@
 #  ============LICENSE_START=======================================================
-#   Copyright (C) 2022,2024 Nordix Foundation.
+#   Copyright (C) 2022,2024-2025 Nordix Foundation.
 #  ================================================================================
 #  Licensed under the Apache License, Version 2.0 (the "License");
 #  you may not use this file except in compliance with the License.
@@ -27,8 +27,8 @@ spring:
     converters:
       preferred-json-mapper: gson
   datasource:
-    url: jdbc:mariadb://{{ .Values.db.service.name }}:{{ .Values.db.service.internalPort }}/clampacm
-    driverClassName: org.mariadb.jdbc.Driver
+    url: jdbc:postgresql://{{ .Values.db.service.name }}:{{ .Values.db.service.internalPort }}/clampacm
+    driverClassName: org.postgresql.Driver
     username: ${SQL_USER}
     password: ${SQL_PASSWORD}
     hikari:
@@ -121,4 +121,4 @@ tracing:
     protocol: {{ .Values.jaeger.collector.protocol }}
   sampler:
     jaeger-remote:
-      endpoint: {{ .Values.jaeger.collector.host }}:{{ .Values.jaeger.collector.portJaegerGrpc }}
\ No newline at end of file
+      endpoint: {{ .Values.jaeger.collector.host }}:{{ .Values.jaeger.collector.portJaegerGrpc }}
diff --git a/helm/policy/components/policy-clamp-runtime-acm/templates/deployment.yaml b/helm/policy/components/policy-clamp-runtime-acm/templates/deployment.yaml
index 9175c433..a67fdcde 100644
--- a/helm/policy/components/policy-clamp-runtime-acm/templates/deployment.yaml
+++ b/helm/policy/components/policy-clamp-runtime-acm/templates/deployment.yaml
@@ -1,6 +1,6 @@
 {{/*
 #  ============LICENSE_START=======================================================
-#   Copyright (C) 2022-2024 Nordix Foundation.
+#   Copyright (C) 2022-2025 Nordix Foundation.
 #  ================================================================================
 #  Licensed under the Apache License, Version 2.0 (the "License");
 #  you may not use this file except in compliance with the License.
@@ -42,7 +42,7 @@ spec:
         - /app/ready.py
         args:
         - --job-name
-        - policy-galera-init
+        - policy-pg-init
         env:
         - name: NAMESPACE
           valueFrom:
diff --git a/helm/policy/components/policy-clamp-runtime-acm/values.yaml b/helm/policy/components/policy-clamp-runtime-acm/values.yaml
index 82487e69..ceb369c4 100644
--- a/helm/policy/components/policy-clamp-runtime-acm/values.yaml
+++ b/helm/policy/components/policy-clamp-runtime-acm/values.yaml
@@ -1,5 +1,5 @@
 #  ============LICENSE_START=======================================================
-#   Copyright (C) 2022,2024 Nordix Foundation.
+#   Copyright (C) 2022,2024-2025 Nordix Foundation.
 #  ================================================================================
 #  Licensed under the Apache License, Version 2.0 (the "License");
 #  you may not use this file except in compliance with the License.
@@ -35,8 +35,8 @@ db:
   user: policy-user
   password: policy-user
   service:
-    name: mariadb-galera
-    internalPort: 3306
+    name: postgres-service
+    internalPort: 5432
 
 # default number of instances
 replicaCount: 1
@@ -110,4 +110,4 @@ jaeger:
     portOtlpHttp: 4318
     portJaegerGrpc: 14250
 
-applicationName: acm-r
\ No newline at end of file
+applicationName: acm-r
diff --git a/helm/policy/components/policy-drools-pdp/resources/configmaps/base.conf b/helm/policy/components/policy-drools-pdp/resources/configmaps/base.conf
index 1b976c60..6b1164d7 100755..100644
--- a/helm/policy/components/policy-drools-pdp/resources/configmaps/base.conf
+++ b/helm/policy/components/policy-drools-pdp/resources/configmaps/base.conf
@@ -1,5 +1,5 @@
 {{/*
-# Copyright © 2023-2024 Nordix Foundation.
+# Copyright © 2023-2025 Nordix Foundation.
 #
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.
@@ -7,6 +7,7 @@
 #
 #       http://www.apache.org/licenses/LICENSE-2.0
 #
+#       SPDX-License-Identifier: Apache-2.0
 # Unless required by applicable law or agreed to in writing, software
 # distributed under the License is distributed on an "AS IS" BASIS,
 # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
@@ -39,8 +40,8 @@ REPOSITORY_OFFLINE={{.Values.nexus.offline}}
 # Relational (SQL) DB access
 
 SQL_HOST={{ .Values.db.name }}
-SQL_PORT=3306
-JDBC_URL=jdbc:mariadb://{{ .Values.db.name }}:3306/
+SQL_PORT=5432
+JDBC_URL=jdbc:postgresql://{{ .Values.db.name }}:5432/
 JDBC_OPTS=
 MYSQL_CMD=
 
diff --git a/helm/policy/components/policy-drools-pdp/templates/statefulset.yaml b/helm/policy/components/policy-drools-pdp/templates/statefulset.yaml
index 7ada63ad..5877f2bd 100644
--- a/helm/policy/components/policy-drools-pdp/templates/statefulset.yaml
+++ b/helm/policy/components/policy-drools-pdp/templates/statefulset.yaml
@@ -1,6 +1,6 @@
 {{/*
 #  ============LICENSE_START=======================================================
-#   Copyright (C) 2023 Nordix Foundation.
+#   Copyright (C) 2023,2025 Nordix Foundation.
 #  ================================================================================
 #  Licensed under the Apache License, Version 2.0 (the "License");
 #  you may not use this file except in compliance with the License.
@@ -45,7 +45,7 @@ spec:
             - /app/ready.py
           args:
             - --job-name
-            - policy-galera-config
+            - policy-pg-config
           env:
             - name: NAMESPACE
               valueFrom:
diff --git a/helm/policy/components/policy-drools-pdp/values.yaml b/helm/policy/components/policy-drools-pdp/values.yaml
index db61a719..61b76871 100644
--- a/helm/policy/components/policy-drools-pdp/values.yaml
+++ b/helm/policy/components/policy-drools-pdp/values.yaml
@@ -1,5 +1,5 @@
 #  ============LICENSE_START=======================================================
-#   Copyright (C) 2023 Nordix Foundation. All rights reserved.
+#   Copyright (C) 2023,2025 Nordix Foundation. All rights reserved.
 #  ================================================================================
 #  Licensed under the Apache License, Version 2.0 (the "License");
 #  you may not use this file except in compliance with the License.
@@ -102,7 +102,7 @@ nexus:
   offline: true
 
 db:
-  name: mariadb-galera
+  name: postgres-service
   user: policy-user
   password: policy-user
 
diff --git a/helm/policy/components/policy-pap/resources/config/papParameters.yaml b/helm/policy/components/policy-pap/resources/config/papParameters.yaml
index 85315a17..d888bf7a 100644
--- a/helm/policy/components/policy-pap/resources/config/papParameters.yaml
+++ b/helm/policy/components/policy-pap/resources/config/papParameters.yaml
@@ -1,5 +1,5 @@
 #  ============LICENSE_START=======================================================
-#   Copyright (C) 2023-2024 Nordix Foundation. All rights reserved.
+#   Copyright (C) 2023-2025 Nordix Foundation. All rights reserved.
 #  ================================================================================
 #  Licensed under the Apache License, Version 2.0 (the "License");
 #  you may not use this file except in compliance with the License.
@@ -25,8 +25,8 @@ spring:
     converters:
       preferred-json-mapper: gson
   datasource:
-    url: jdbc:mariadb://{{ .Values.db.service.name }}:{{ .Values.db.service.internalPort}}/policyadmin
-    driverClassName: org.mariadb.jdbc.Driver
+    url: jdbc:postgresql://{{ .Values.db.service.name }}:{{ .Values.db.service.internalPort}}/policyadmin
+    driverClassName: org.postgresql.Driver
     username: "${SQL_USER}"
     password: "${SQL_PASSWORD}"
     hikari:
diff --git a/helm/policy/components/policy-pap/templates/deployment.yaml b/helm/policy/components/policy-pap/templates/deployment.yaml
index ad7c632b..91f44ce0 100755..100644
--- a/helm/policy/components/policy-pap/templates/deployment.yaml
+++ b/helm/policy/components/policy-pap/templates/deployment.yaml
@@ -1,6 +1,6 @@
 {{/*
 #  ============LICENSE_START=======================================================
-#   Copyright (C) 2023 Nordix Foundation.
+#   Copyright (C) 2023,2025 Nordix Foundation.
 #  ================================================================================
 #  Licensed under the Apache License, Version 2.0 (the "License");
 #  you may not use this file except in compliance with the License.
@@ -48,7 +48,7 @@ spec:
         - /app/ready.py
         args:
         - --job-name
-        - policy-galera-config
+        - policy-pg-config
         env:
         - name: NAMESPACE
           valueFrom:
diff --git a/helm/policy/components/policy-pap/values.yaml b/helm/policy/components/policy-pap/values.yaml
index ffab46aa..8b1f6069 100755..100644
--- a/helm/policy/components/policy-pap/values.yaml
+++ b/helm/policy/components/policy-pap/values.yaml
@@ -1,5 +1,5 @@
 #  ============LICENSE_START=======================================================
-#   Copyright (C) 2023 Nordix Foundation.
+#   Copyright (C) 2023,2025 Nordix Foundation.
 #  ================================================================================
 #  Licensed under the Apache License, Version 2.0 (the "License");
 #  you may not use this file except in compliance with the License.
@@ -39,8 +39,8 @@ db:
   user: policy-user
   password: policy-user
   service:
-    name: mariadb-galera
-    internalPort: 3306
+    name: postgres-service
+    internalPort: 5432
 
 restServer:
   user: policyadmin
diff --git a/helm/policy/components/policy-xacml-pdp/resources/config/xacml.properties b/helm/policy/components/policy-xacml-pdp/resources/config/xacml.properties
index d2e9c62e..f03a4811 100755..100644
--- a/helm/policy/components/policy-xacml-pdp/resources/config/xacml.properties
+++ b/helm/policy/components/policy-xacml-pdp/resources/config/xacml.properties
@@ -49,8 +49,7 @@ xacml.pip.engines=count-recent-operations,get-operation-outcome
 #
 # JPA Properties
 #
-eclipselink.target-database=MySQL
-javax.persistence.jdbc.driver=org.mariadb.jdbc.Driver
-javax.persistence.jdbc.url=jdbc:mariadb://{{ .Values.db.service.name }}:{{ .Values.db.service.internalPort }}/operationshistory
-javax.persistence.jdbc.user=${SQL_USER}
-javax.persistence.jdbc.password=${SQL_PASSWORD}
+jakarta.persistence.jdbc.driver=org.postgresql.Driver
+jakarta.persistence.jdbc.url=jdbc:postgresql://{{ .Values.db.service.name }}:{{ .Values.db.service.internalPort }}/operationshistory
+jakarta.persistence.jdbc.user=${SQL_USER}
+jakarta.persistence.jdbc.password=${SQL_PASSWORD}
diff --git a/helm/policy/components/policy-xacml-pdp/templates/deployment.yaml b/helm/policy/components/policy-xacml-pdp/templates/deployment.yaml
index eb478740..799b1fbf 100755..100644
--- a/helm/policy/components/policy-xacml-pdp/templates/deployment.yaml
+++ b/helm/policy/components/policy-xacml-pdp/templates/deployment.yaml
@@ -1,6 +1,6 @@
 {{/*
 #  ============LICENSE_START=======================================================
-#   Copyright (C) 2023 Nordix Foundation.
+#   Copyright (C) 2023,2025 Nordix Foundation.
 #  ================================================================================
 #  Licensed under the Apache License, Version 2.0 (the "License");
 #  you may not use this file except in compliance with the License.
@@ -44,7 +44,7 @@ spec:
         - /app/ready.py
         args:
         - --job-name
-        - policy-galera-config
+        - policy-pg-config
         env:
         - name: NAMESPACE
           valueFrom:
diff --git a/helm/policy/components/policy-xacml-pdp/values.yaml b/helm/policy/components/policy-xacml-pdp/values.yaml
index 753a9d64..3cd90c0d 100644
--- a/helm/policy/components/policy-xacml-pdp/values.yaml
+++ b/helm/policy/components/policy-xacml-pdp/values.yaml
@@ -1,5 +1,5 @@
 #  ============LICENSE_START=======================================================
-#   Copyright (C) 2023-2024 Nordix Foundation. All rights reserved.
+#   Copyright (C) 2023-2025 Nordix Foundation. All rights reserved.
 #  ================================================================================
 #  Licensed under the Apache License, Version 2.0 (the "License");
 #  you may not use this file except in compliance with the License.
@@ -62,8 +62,8 @@ db:
   user: policy-user
   password: policy-user
   service:
-    name: mariadb-galera
-    internalPort: 3306
+    name: postgres-service
+    internalPort: 5432
 
 restServer:
   user: policyadmin
diff --git a/helm/policy/components/mariadb-galera/Chart.yaml b/helm/policy/components/postgres/Chart.yaml
index 63b04a03..364fca64 100644
--- a/helm/policy/components/mariadb-galera/Chart.yaml
+++ b/helm/policy/components/postgres/Chart.yaml
@@ -1,4 +1,4 @@
-# Copyright © 2022 Nordix Foundation
+# Copyright © 2025 Nordix Foundation
 #
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.
@@ -6,6 +6,7 @@
 #
 #       http://www.apache.org/licenses/LICENSE-2.0
 #
+#       SPDX-License-Identifier: Apache-2.0
 # Unless required by applicable law or agreed to in writing, software
 # distributed under the License is distributed on an "AS IS" BASIS,
 # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
@@ -13,13 +14,6 @@
 # limitations under the License.
 
 apiVersion: v2
-description: Chart for MariaDB Galera cluster
-name: mariadb-galera
+description: Chart for Postgres database
+name: postgres
 version: 11.0.0
-keywords:
-  - mariadb
-  - mysql
-  - database
-  - sql
-  - galera
-  - cluster
diff --git a/helm/policy/components/postgres/templates/configmap.yaml b/helm/policy/components/postgres/templates/configmap.yaml
new file mode 100644
index 00000000..9e252cc0
--- /dev/null
+++ b/helm/policy/components/postgres/templates/configmap.yaml
@@ -0,0 +1,28 @@
+{{/*
+  # Copyright © 2025 Nordix Foundation
+  #
+  # Licensed under the Apache License, Version 2.0 (the "License");
+  # you may not use this file except in compliance with the License.
+  # You may obtain a copy of the License at
+  #
+  #       http://www.apache.org/licenses/LICENSE-2.0
+  #
+  #       SPDX-License-Identifier: Apache-2.0
+  # Unless required by applicable law or agreed to in writing, software
+  # distributed under the License is distributed on an "AS IS" BASIS,
+  # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+  # See the License for the specific language governing permissions and
+  # limitations under the License.
+  */}}
+
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: {{ .Chart.Name }}-secret
+  labels:
+    app: {{ .Chart.Name }}
+data:
+  POSTGRES_DB: {{ .Values.config.pgDatabase }}
+  POSTGRES_USER: {{ .Values.config.pgUserName }}
+  POSTGRES_PASSWORD: {{ .Values.config.pgUserPassword }}
+
diff --git a/helm/policy/components/postgres/templates/deployment.yaml b/helm/policy/components/postgres/templates/deployment.yaml
new file mode 100644
index 00000000..1488b961
--- /dev/null
+++ b/helm/policy/components/postgres/templates/deployment.yaml
@@ -0,0 +1,48 @@
+{{/*
+  # Copyright © 2025 Nordix Foundation
+  #
+  # Licensed under the Apache License, Version 2.0 (the "License");
+  # you may not use this file except in compliance with the License.
+  # You may obtain a copy of the License at
+  #
+  #       http://www.apache.org/licenses/LICENSE-2.0
+  #
+  #       SPDX-License-Identifier: Apache-2.0
+  # Unless required by applicable law or agreed to in writing, software
+  # distributed under the License is distributed on an "AS IS" BASIS,
+  # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+  # See the License for the specific language governing permissions and
+  # limitations under the License.
+  */}}
+
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: {{ .Chart.Name }}
+spec:
+  replicas: 1
+  selector:
+    matchLabels:
+      app: {{ .Chart.Name }}
+  template:
+    metadata:
+      labels:
+        app: {{ .Chart.Name }}
+    spec:
+      containers:
+        - name: {{ .Chart.Name }}
+          image: {{ .Values.global.repository }}/{{ .Values.global.image.postgres }}
+          imagePullPolicy: {{ .Values.pullPolicy }}
+          ports:
+            - containerPort: {{ .Values.service.internalPort }}
+          envFrom:
+            - configMapRef:
+                name: {{ .Chart.Name }}-secret
+          volumeMounts:
+            - mountPath: /var/lib/postgresql/data
+              name: postgresdata
+      volumes:
+        - name: postgresdata
+          persistentVolumeClaim:
+            claimName: postgres-volume-claim
+
diff --git a/helm/policy/components/postgres/templates/pv.yaml b/helm/policy/components/postgres/templates/pv.yaml
new file mode 100644
index 00000000..23d8e752
--- /dev/null
+++ b/helm/policy/components/postgres/templates/pv.yaml
@@ -0,0 +1,33 @@
+{{/*
+  # Copyright © 2025 Nordix Foundation
+  #
+  # Licensed under the Apache License, Version 2.0 (the "License");
+  # you may not use this file except in compliance with the License.
+  # You may obtain a copy of the License at
+  #
+  #       http://www.apache.org/licenses/LICENSE-2.0
+  # 
+  #       SPDX-License-Identifier: Apache-2.0
+  # Unless required by applicable law or agreed to in writing, software
+  # distributed under the License is distributed on an "AS IS" BASIS,
+  # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+  # See the License for the specific language governing permissions and
+  # limitations under the License.
+  */}}
+
+apiVersion: v1
+kind: PersistentVolume
+metadata:
+  name: {{ .Chart.Name }}-volume
+  labels:
+    type: local
+    app: {{ .Chart.Name }}
+spec:
+  storageClassName: manual
+  capacity:
+    storage: {{ .Values.persistence.size }}
+  accessModes:
+    - {{ .Values.persistence.accessMode }}
+  hostPath:
+    path: {{ .Values.persistence.mountPath }}
+
diff --git a/helm/policy/components/postgres/templates/pvc.yaml b/helm/policy/components/postgres/templates/pvc.yaml
new file mode 100644
index 00000000..8b0a2435
--- /dev/null
+++ b/helm/policy/components/postgres/templates/pvc.yaml
@@ -0,0 +1,31 @@
+{{/*
+  # Copyright © 2025 Nordix Foundation
+  #
+  # Licensed under the Apache License, Version 2.0 (the "License");
+  # you may not use this file except in compliance with the License.
+  # You may obtain a copy of the License at
+  #
+  #       http://www.apache.org/licenses/LICENSE-2.0
+  #
+  #       SPDX-License-Identifier: Apache-2.0
+  # Unless required by applicable law or agreed to in writing, software
+  # distributed under the License is distributed on an "AS IS" BASIS,
+  # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+  # See the License for the specific language governing permissions and
+  # limitations under the License.
+  */}}
+
+apiVersion: v1
+kind: PersistentVolumeClaim
+metadata:
+  name: {{ .Chart.Name }}-volume-claim
+  labels:
+    app: {{ .Chart.Name }}
+spec:
+  storageClassName: manual
+  accessModes:
+    - {{ .Values.persistence.accessMode }}
+  resources:
+    requests:
+      storage: {{ .Values.persistence.size }}
+
diff --git a/helm/policy/components/postgres/templates/service.yaml b/helm/policy/components/postgres/templates/service.yaml
new file mode 100644
index 00000000..e417df5d
--- /dev/null
+++ b/helm/policy/components/postgres/templates/service.yaml
@@ -0,0 +1,30 @@
+{{/*
+  # Copyright © 2025 Nordix Foundation
+  #
+  # Licensed under the Apache License, Version 2.0 (the "License");
+  # you may not use this file except in compliance with the License.
+  # You may obtain a copy of the License at
+  #
+  #       http://www.apache.org/licenses/LICENSE-2.0
+  #
+  #       SPDX-License-Identifier: Apache-2.0
+  # Unless required by applicable law or agreed to in writing, software
+  # distributed under the License is distributed on an "AS IS" BASIS,
+  # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+  # See the License for the specific language governing permissions and
+  # limitations under the License.
+  */}}
+
+apiVersion: v1
+kind: Service
+metadata:
+  name: {{ .Chart.Name }}-service
+  labels:
+    app: {{ .Chart.Name }}
+spec:
+  type: {{ .Values.service.type }}
+  ports:
+    - port: {{ .Values.service.internalPort }}
+  selector:
+    app: {{ .Chart.Name }}
+
diff --git a/helm/policy/components/postgres/values.yaml b/helm/policy/components/postgres/values.yaml
new file mode 100644
index 00000000..f3079d34
--- /dev/null
+++ b/helm/policy/components/postgres/values.yaml
@@ -0,0 +1,57 @@
+# Copyright © 2025 Nordix Foundation
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#       http://www.apache.org/licenses/LICENSE-2.0
+#
+#       SPDX-License-Identifier: Apache-2.0
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+#################################################################
+# Global configuration defaults.
+#################################################################
+global:
+  nodePortPrefix: 302
+  persistence: {}
+
+
+#################################################################
+# Application configuration defaults.
+#################################################################
+
+# bitnami image doesn't support well single quote in password
+passwordStrengthOverride: basic
+
+pullPolicy: Always
+
+# application configuration
+config:
+  pgUserName: policy-user
+  pgUserPassword: policy-user
+  pgDatabase: userdb
+  pgDataPath: data
+
+nodeSelector: {}
+
+affinity: {}
+
+## Persist data to a persitent volume
+persistence:
+  volumeReclaimPolicy: Retain
+  accessMode: ReadWriteMany
+  size: 1Gi
+  mountPath: /dockerdata-nfs/postgres/data
+  mountInitPath: postgres
+
+service:
+  type: NodePort
+  name: pgsvc
+  externalPort: 5432
+  internalPort: 5432
+
diff --git a/helm/policy/resources/config/db-pg.sh b/helm/policy/resources/config/db-pg.sh
new file mode 100644
index 00000000..32195d3f
--- /dev/null
+++ b/helm/policy/resources/config/db-pg.sh
@@ -0,0 +1,34 @@
+#!/bin/bash -xv
+# Copyright (C) 2025 Nordix Foundation. All rights reserved
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#         http://www.apache.org/licenses/LICENSE-2.0
+#
+#         SPDX-License-Identifier: Apache-2.0
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+
+export PGPASSWORD=${PG_PASSWORD}  # Set the password
+
+psql -h ${PG_HOST} -p ${PG_PORT} -U "${PG_USER}" -d postgres --command "CREATE USER \"${PG_USER}\" WITH PASSWORD '${PG_PASSWORD}';"
+
+# Loop through the databases to create and set permissions
+for db in migration pooling policyadmin policyclamp operationshistory clampacm
+do
+    # Create the database
+    psql -h ${PG_HOST} -p ${PG_PORT} -U "${PG_USER}" -d postgres --command "CREATE DATABASE ${db};"
+
+    # Alter database owner
+    psql -h ${PG_HOST} -p ${PG_PORT} -U "${PG_USER}" -d postgres --command "ALTER DATABASE ${db} OWNER TO \"${PG_USER}\";"
+
+    # Grant all privileges on the database
+    psql -h ${PG_HOST} -p ${PG_PORT} -U "${PG_USER}" -d postgres --command "GRANT ALL PRIVILEGES ON DATABASE ${db} TO \"${PG_USER}\";"
+done
+
diff --git a/helm/policy/resources/config/db_migrator_policy_init.sh b/helm/policy/resources/config/db_migrator_policy_init.sh
deleted file mode 100644
index cd6181d4..00000000
--- a/helm/policy/resources/config/db_migrator_policy_init.sh
+++ /dev/null
@@ -1,22 +0,0 @@
-#!/bin/sh
-{{/*
-# ============LICENSE_START====================================================
-#  Copyright (C) 2022 Nordix Foundation.
-# =============================================================================
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-#      http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-*/}}
-/opt/app/policy/bin/prepare_upgrade.sh ${SQL_DB}
-/opt/app/policy/bin/db-migrator -s ${SQL_DB} -o upgrade
-rc=$?
-/opt/app/policy/bin/db-migrator -s ${SQL_DB} -o report
-exit $rc
diff --git a/helm/policy/resources/config/db.sh b/helm/policy/resources/config/init_pg.sh
index 8c68c6ba..7586a12b 100755..100644
--- a/helm/policy/resources/config/db.sh
+++ b/helm/policy/resources/config/init_pg.sh
@@ -1,8 +1,6 @@
-#!/bin/bash
-{{/*
-#
+#!/bin/sh
 # ============LICENSE_START====================================================
-#  Copyright (C) 2022 Nordix Foundation.
+#  Copyright (C) 2025 Nordix Foundation.
 # =============================================================================
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.
@@ -18,13 +16,22 @@
 #
 # SPDX-License-Identifier: Apache-2.0
 # ============LICENSE_END======================================================
-*/}}
-mysql() { /usr/bin/mysql  -h ${MYSQL_HOST} -P ${MYSQL_USER} "$@"; };
 
-for db in migration pooling policyadmin policyclamp operationshistory clampacm
-do
-    mysql -uroot -p"${MYSQL_ROOT_PASSWORD}" --execute "CREATE DATABASE IF NOT EXISTS ${db};"
-    mysql -uroot -p"${MYSQL_ROOT_PASSWORD}" --execute "GRANT ALL PRIVILEGES ON \`${db}\`.* TO '${MYSQL_USER}'@'%' ;"
+
+for schema in ${SQL_DB}; do
+    echo "Initializing $schema..."
+    /opt/app/policy/bin/prepare_upgrade.sh ${schema}
+
+    /opt/app/policy/bin/db-migrator-pg -s ${schema} -o report
+
+    /opt/app/policy/bin/db-migrator-pg -s ${schema} -o upgrade
+    rc=$?
+
+    /opt/app/policy/bin/db-migrator-pg -s ${schema} -o report
+
+    if [ "$rc" != 0 ]; then
+        break
+    fi
 done
 
-mysql -uroot -p"${MYSQL_ROOT_PASSWORD}" --execute "FLUSH PRIVILEGES;"
+exit $rc
diff --git a/helm/policy/templates/job.yaml b/helm/policy/templates/job-pg.yaml
index 7d3656cd..186bbfc5 100755..100644
--- a/helm/policy/templates/job.yaml
+++ b/helm/policy/templates/job-pg.yaml
@@ -1,5 +1,5 @@
 {{/*
-# Copyright (C) 2022 Nordix Foundation.
+# Copyright (C) 2025 Nordix Foundation.
 #
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.
@@ -7,6 +7,7 @@
 #
 #       http://www.apache.org/licenses/LICENSE-2.0
 #
+#       SPDX-License-Identifier: Apache-2.0
 # Unless required by applicable law or agreed to in writing, software
 # distributed under the License is distributed on an "AS IS" BASIS,
 # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
@@ -18,27 +19,25 @@
 apiVersion: batch/v1
 kind: Job
 metadata:
-  name: policy-galera-init
+  name: policy-pg-init
   namespace: default
   labels:
-    app: policy-galera-init
+    app: policy-pg-init
 spec:
   template:
     metadata:
       labels:
-        app: policy-galera-init
-      name: policy-galera-init
+        app: policy-pg-init
+      name: policy-pg-init
     spec:
-      imagePullSecrets:
-      - name: "default-docker-registry-key"
       initContainers:
-      - name: policy-mariadb-readiness
+      - name: policy-pg-readiness
         image: {{ .Values.global.repository }}/{{ .Values.global.image.readiness }}
         imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
         command:
         - /app/ready.py
         - --container-name
-        - {{ index .Values "mariadb-galera" "service" "name" }}
+        - postgres
         env:
         - name: NAMESPACE
           valueFrom:
@@ -46,39 +45,31 @@ spec:
               apiVersion: v1
               fieldPath: metadata.namespace
       containers:
-      - name: policy-galera-config
-        image: {{ .Values.global.dockerRepository }}/{{ .Values.mariadb.image }}
+      - name: policy-pg-config
+        image: {{ .Values.global.repository }}/{{ .Values.global.image.postgres}}
         imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
         volumeMounts:
-        - mountPath: /dbcmd-config/db.sh
+        - mountPath: /dbcmd-config/db-pg.sh
           name: {{ .Chart.Name }}-config
-          subPath: db.sh
+          subPath: db-pg.sh
         command:
         - /bin/sh
         - -cx
         - |
-           /dbcmd-config/db.sh
+           /dbcmd-config/db-pg.sh
         env:
-        - name: MYSQL_ROOT_PASSWORD
-          valueFrom:
-            secretKeyRef:
-              name: mariadb-galera-db-root-password
-              key: password
-              optional: false
-        - name: MYSQL_HOST
-          value: "{{ index .Values "mariadb-galera" "service" "name" }}"
-        - name: MYSQL_USER
-          valueFrom:
-            secretKeyRef:
-              name: mariadb-galera-db-user-credentials
-              key: login
-              optional: false
-        - name: MYSQL_PORT
-          value: "{{ index .Values "mariadb-galera" "service" "internalPort" }}"
+        - name: PG_PASSWORD
+          value: {{ .Values.dbConfig.postgres.password }} 
+        - name: PG_HOST
+          value: {{ .Values.dbConfig.postgres.service }}
+        - name: PG_USER
+          value: {{ .Values.dbConfig.postgres.user }}
+        - name: PG_PORT
+          value: "{{ .Values.dbConfig.postgres.port }}"
         resources:
           limits:
             cpu: 1
-            memory: 4Gi
+            memory: 2Gi
           requests:
             cpu: 100m
             memory: 1Gi
@@ -91,26 +82,24 @@ spec:
             name: {{ .Chart.Name }}-db-configmap
             defaultMode: 0755
             items:
-              - key: db.sh
-                path: db.sh
+              - key: db-pg.sh
+                path: db-pg.sh
 
 ---
 apiVersion: batch/v1
 kind: Job
 metadata:
-  name: policy-galera-config
+  name: policy-pg-config
   namespace: default
   labels:
-    app: policy-galera-config
+    app: policy-pg-config
 spec:
   template:
     metadata:
       labels:
-        app: policy-galera-config
-      name: policy-galera-config
+        app: policy-pg-config
+      name: policy-pg-config
     spec:
-      imagePullSecrets:
-      - name: "default-docker-registry-key"
       initContainers:
         - name: policy-init-readiness
           image: {{ .Values.global.repository }}/{{ .Values.global.image.readiness }}
@@ -119,7 +108,7 @@ spec:
           - /app/ready.py
           args:
           - --job-name
-          - policy-galera-init
+          - policy-pg-init
           env:
           - name: NAMESPACE
             valueFrom:
@@ -127,39 +116,33 @@ spec:
                 apiVersion: v1
                 fieldPath: metadata.namespace
       containers:
-      - name: policy-galera-db-migrator-policy
+      - name: policy-pg-db-migrator-policy
         image: {{ .Values.global.repository }}/{{ .Values.dbmigrator.image }}
         imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
         volumeMounts:
-          - mountPath: /dbcmd-config/db_migrator_policy_init.sh
+          - mountPath: /dbcmd-config/init_pg.sh
             name: {{ .Chart.Name }}-policy-config
-            subPath: db_migrator_policy_init.sh
+            subPath: init_pg.sh
         command:
           - /bin/sh
           - -cx
           - |
-            /dbcmd-config/db_migrator_policy_init.sh
+            /dbcmd-config/init_pg.sh
         env:
           - name: SQL_HOST
-            value: "{{ index .Values "mariadb-galera" "service" "name" }}"
+            value: {{ .Values.dbConfig.postgres.service }}
           - name: SQL_USER
-            valueFrom:
-              secretKeyRef:
-                name: mariadb-galera-db-user-credentials
-                key: login
-                optional: false
+            value: {{ .Values.dbConfig.postgres.user }}
           - name: SQL_PASSWORD
-            valueFrom:
-              secretKeyRef:
-                name: mariadb-galera-db-user-credentials
-                key: password
-                optional: false
+            value: {{ .Values.dbConfig.postgres.password }}
           - name: SQL_DB
             value: {{ .Values.dbmigrator.policyadmin.schema }}
           - name: POLICY_HOME
             value: {{ .Values.dbmigrator.policy_home }}
           - name: SCRIPT_DIRECTORY
-            value: "sql"
+            value: "postgres"
+          - name: PGPASSWORD
+            value: {{ .Values.dbConfig.postgres.password }}
         resources:
           limits:
             cpu: 1
@@ -175,26 +158,24 @@ spec:
             name: {{ .Chart.Name }}-db-configmap
             defaultMode: 0755
             items:
-              - key: db_migrator_policy_init.sh
-                path: db_migrator_policy_init.sh
+              - key: init_pg.sh
+                path: init_pg.sh
 
 ---
 apiVersion: batch/v1
 kind: Job
 metadata:
-  name: policy-galera-config-clamp
+  name: policy-pg-config-clamp
   namespace: default
   labels:
-    app: policy-galera-config-clamp
+    app: policy-pg-config-clamp
 spec:
   template:
     metadata:
       labels:
-        app: policy-galera-config-clamp
-      name: policy-galera-config-clamp
+        app: policy-pg-config-clamp
+      name: policy-pg-config-clamp
     spec:
-      imagePullSecrets:
-      - name: "default-docker-registry-key"
       initContainers:
         - name: policy-init-readiness
           image: {{ .Values.global.repository }}/{{ .Values.global.image.readiness }}
@@ -203,7 +184,7 @@ spec:
           - /app/ready.py
           args:
           - --job-name
-          - policy-galera-config
+          - policy-pg-config
           env:
           - name: NAMESPACE
             valueFrom:
@@ -211,39 +192,33 @@ spec:
                 apiVersion: v1
                 fieldPath: metadata.namespace
       containers:
-      - name: policy-galera-db-migrator-clamp
+      - name: policy-pg-db-migrator-clamp
         image: {{ .Values.global.repository }}/{{ .Values.global.image.dbMigrator }}
         imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
         volumeMounts:
-        - mountPath: /dbcmd-config/db_migrator_policy_init.sh
+        - mountPath: /dbcmd-config/init_pg.sh
           name: {{ .Chart.Name }}-clamp-config
-          subPath: db_migrator_policy_init.sh
+          subPath: init_pg.sh
         command:
         - /bin/sh
         - -cx
         - |
-           /dbcmd-config/db_migrator_policy_init.sh
+           /dbcmd-config/init_pg.sh
         env:
         - name: SQL_HOST
-          value: "{{ index .Values "mariadb-galera" "service" "name" }}"
+          value: {{ .Values.dbConfig.postgres.service }}
         - name: SQL_USER
-          valueFrom:
-            secretKeyRef:
-              name: mariadb-galera-db-user-credentials
-              key: login
-              optional: false
+          value: {{ .Values.dbConfig.postgres.user }}
         - name: SQL_PASSWORD
-          valueFrom:
-            secretKeyRef:
-              name: mariadb-galera-db-user-credentials
-              key: password
-              optional: false
+          value: {{ .Values.dbConfig.postgres.password }}
         - name: SQL_DB
           value: {{ .Values.dbmigrator.clampacm.schema }}
         - name: POLICY_HOME
           value: {{ .Values.dbmigrator.policy_home }}
         - name: SCRIPT_DIRECTORY
-          value: "sql"
+          value: "postgres"
+        - name: PGPASSWORD
+          value: {{ .Values.dbConfig.postgres.password }}
         resources:
           limits:
             cpu: 1
@@ -259,5 +234,5 @@ spec:
             name: {{ .Chart.Name }}-db-configmap
             defaultMode: 0755
             items:
-              - key: db_migrator_policy_init.sh
-                path: db_migrator_policy_init.sh
+              - key: init_pg.sh
+                path: init_pg.sh
diff --git a/helm/policy/values.yaml b/helm/policy/values.yaml
index 13f1f903..ecb06e73 100755..100644
--- a/helm/policy/values.yaml
+++ b/helm/policy/values.yaml
@@ -1,11 +1,12 @@
-# Copyright © 2022-2024 Nordix Foundation
+# Copyright © 2022-2025 Nordix Foundation
 #
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.
 # You may obtain a copy of the License at
 #
 #       http://www.apache.org/licenses/LICENSE-2.0
-#
+# 
+#       SPDX-License-Identifier: Apache-2.0
 # Unless required by applicable law or agreed to in writing, software
 # distributed under the License is distributed on an "AS IS" BASIS,
 # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
@@ -18,14 +19,6 @@
 
 global:
   aafEnabled: false
-  mariadb:
-    # '&mariadbConfig' means we "store" the values for  later use in the file
-    # with '*mariadbConfig' pointer.
-    config: &mariadbConfig
-      mysqlDatabase: policyadmin
-    service: &mariadbService
-      name: &mariadb-galera mariadb-galera
-      internalPort: 3306
   prometheusEnabled: false
   kafkaServer: kafka
   repository: nexus3.onap.org:10001
@@ -34,7 +27,7 @@ global:
 
   image:
     readiness: onap/oom/readiness:3.0.1
-    mariadb: bitnami/mariadb-galera:10.5.8
+    postgres: library/postgres:16.4
     api: onap/policy-api:$tag
     pap: onap/policy-pap:$tag
     apex: onap/policy-apex-pdp:$tag
@@ -52,7 +45,7 @@ global:
     a1pmsparticipant: onap/policy-clamp-ac-a1pms-ppnt:$tag
     dbMigrator: onap/policy-db-migrator:$tag
 
-policy-mariadb-galera:
+postgres:
   enabled: true
 policy-models-simulator:
   enabled: true
@@ -92,9 +85,12 @@ jaeger:
 # DB configuration defaults.
 #################################################################
 
-
-mariadb:
-  image: mariadb:10.5.8
+dbConfig:
+  postgres:
+    user: "policy-user"
+    service: "postgres-service"
+    port: "5432"
+    password: "policy-user"
 
 dbmigrator:
   image: onap/policy-db-migrator:$tag
@@ -117,21 +113,6 @@ nodeSelector: {}
 
 affinity: {}
 
-mariadb-galera:
-  # mariadb-galera.config and global.mariadb.config must be equals
-  db:
-    user: policy-user
-    # password:
-    name: &mysqlDbName policyadmin
-  nameOverride: *mariadb-galera
-  # mariadb-galera.service and global.mariadb.service must be equals
-  service: *mariadbService
-  #replicaCount: 1
-  persistence:
-    enabled: true
-    mountSubPath: policy/maria/data
-  serviceAccount:
-    nameOverride: *mariadb-galera
 
 # Resource Limit flavor -By Default using small
 # Segregation for Different environment (small, large, or unlimited)