fix(core): make migration Job hooks stable across Helm + ArgoCD

README.md

@@ -4,15 +4,15 @@
 
 | Readme | Chart Version | App Version | Description | Hub |
 |--------|---------------|-------------|-------------|-----|
-| [Agent](./charts/agent/README.md) | 2.14.0 | v2.10.0 | Formance Membership Agent Helm Chart | [![Artifact HUB](https://img.shields.io/endpoint?url=https://artifacthub.io/badge/repository/agent)](https://artifacthub.io/packages/search?repo=agent) |
-| [Cloudprem](./charts/cloudprem/README.md) | 4.9.2 | latest | Formance control-plane | [![Artifact HUB](https://img.shields.io/endpoint?url=https://artifacthub.io/badge/repository/cloudprem)](https://artifacthub.io/packages/search?repo=cloudprem) |
-| [Console-V3](./charts/console-v3/README.md) | 3.6.2 | v2.6.2 | Formance Console | [![Artifact HUB](https://img.shields.io/endpoint?url=https://artifacthub.io/badge/repository/console-v3)](https://artifacthub.io/packages/search?repo=console-v3) |
-| [Core](./charts/core/README.md) | 1.5.1 | latest | Formance Core Library | [![Artifact HUB](https://img.shields.io/endpoint?url=https://artifacthub.io/badge/repository/core)](https://artifacthub.io/packages/search?repo=core) |
-| [Formance](./charts/formance/README.md) | 1.13.4 | latest | Formance Platform - Unified Helm Chart | [![Artifact HUB](https://img.shields.io/endpoint?url=https://artifacthub.io/badge/repository/formance)](https://artifacthub.io/packages/search?repo=formance) |
-| [Membership](./charts/membership/README.md) | 3.5.0 | v2.5.0 | Formance EE Membership API. Manage stacks, organizations, regions, invitations, users, roles, and permissions. | [![Artifact HUB](https://img.shields.io/endpoint?url=https://artifacthub.io/badge/repository/membership)](https://artifacthub.io/packages/search?repo=membership) |
-| [Portal](./charts/portal/README.md) | 3.6.2 | v2.6.2 | Formance Portal | [![Artifact HUB](https://img.shields.io/endpoint?url=https://artifacthub.io/badge/repository/portal)](https://artifacthub.io/packages/search?repo=portal) |
-| [Regions](./charts/regions/README.md) | 3.10.7 | latest | Formance Private Regions Helm Chart | [![Artifact HUB](https://img.shields.io/endpoint?url=https://artifacthub.io/badge/repository/regions)](https://artifacthub.io/packages/search?repo=regions) |
-| [Stargate](./charts/stargate/README.md) | 0.10.1 | latest | Formance EE Stargate gRPC Gateway | [![Artifact HUB](https://img.shields.io/endpoint?url=https://artifacthub.io/badge/repository/stargate)](https://artifacthub.io/packages/search?repo=stargate) |
+| [Agent](./charts/agent/README.md) | 2.15.0 | v2.10.0 | Formance Membership Agent Helm Chart | [![Artifact HUB](https://img.shields.io/endpoint?url=https://artifacthub.io/badge/repository/agent)](https://artifacthub.io/packages/search?repo=agent) |
+| [Cloudprem](./charts/cloudprem/README.md) | 4.10.0 | latest | Formance control-plane | [![Artifact HUB](https://img.shields.io/endpoint?url=https://artifacthub.io/badge/repository/cloudprem)](https://artifacthub.io/packages/search?repo=cloudprem) |
+| [Console-V3](./charts/console-v3/README.md) | 3.7.0 | v2.6.2 | Formance Console | [![Artifact HUB](https://img.shields.io/endpoint?url=https://artifacthub.io/badge/repository/console-v3)](https://artifacthub.io/packages/search?repo=console-v3) |
+| [Core](./charts/core/README.md) | 1.6.0 | latest | Formance Core Library | [![Artifact HUB](https://img.shields.io/endpoint?url=https://artifacthub.io/badge/repository/core)](https://artifacthub.io/packages/search?repo=core) |
+| [Formance](./charts/formance/README.md) | 1.14.0 | latest | Formance Platform - Unified Helm Chart | [![Artifact HUB](https://img.shields.io/endpoint?url=https://artifacthub.io/badge/repository/formance)](https://artifacthub.io/packages/search?repo=formance) |
+| [Membership](./charts/membership/README.md) | 3.6.0 | v2.5.0 | Formance EE Membership API. Manage stacks, organizations, regions, invitations, users, roles, and permissions. | [![Artifact HUB](https://img.shields.io/endpoint?url=https://artifacthub.io/badge/repository/membership)](https://artifacthub.io/packages/search?repo=membership) |
+| [Portal](./charts/portal/README.md) | 3.7.0 | v2.6.2 | Formance Portal | [![Artifact HUB](https://img.shields.io/endpoint?url=https://artifacthub.io/badge/repository/portal)](https://artifacthub.io/packages/search?repo=portal) |
+| [Regions](./charts/regions/README.md) | 3.11.0 | latest | Formance Private Regions Helm Chart | [![Artifact HUB](https://img.shields.io/endpoint?url=https://artifacthub.io/badge/repository/regions)](https://artifacthub.io/packages/search?repo=regions) |
+| [Stargate](./charts/stargate/README.md) | 0.11.0 | latest | Formance EE Stargate gRPC Gateway | [![Artifact HUB](https://img.shields.io/endpoint?url=https://artifacthub.io/badge/repository/stargate)](https://artifacthub.io/packages/search?repo=stargate) |
 
 ## How to contribute
 

charts/agent/Chart.lock

@@ -1,6 +1,6 @@
 dependencies:
 - name: core
   repository: file://../core
-  version: 1.5.1
-digest: sha256:29b6f82721cb8cb5ffc9fb8f4a15c0368bd43323551b1aec43c9d24f559ec24a
-generated: "2026-03-13T11:53:02.207688+01:00"
+  version: 1.6.0
+digest: sha256:6d15ce1c622425ece61bcf8f444d16ee5462059a286ef39b2cd78723e91b705f
+generated: "2026-06-22T09:26:38.333292+02:00"

charts/agent/Chart.yaml

@@ -12,7 +12,7 @@ maintainers:
 icon: "https://avatars.githubusercontent.com/u/84325077?s=200&v=4"
 
 type: application
-version: 2.14.0
+version: 2.15.0
 
 appVersion: "v2.10.0"
 

charts/agent/README.md

@@ -1,6 +1,6 @@
 # agent
 
-![Version: 2.14.0](https://img.shields.io/badge/Version-2.14.0-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: v2.10.0](https://img.shields.io/badge/AppVersion-v2.10.0-informational?style=flat-square)
+![Version: 2.15.0](https://img.shields.io/badge/Version-2.15.0-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: v2.10.0](https://img.shields.io/badge/AppVersion-v2.10.0-informational?style=flat-square)
 
 Formance Membership Agent Helm Chart
 

charts/cloudprem/Chart.lock

@@ -1,12 +1,12 @@
 dependencies:
 - name: membership
   repository: file://../membership
-  version: 3.5.0
+  version: 3.6.0
 - name: portal
   repository: file://../portal
-  version: 3.6.2
+  version: 3.7.0
 - name: console-v3
   repository: file://../console-v3
-  version: 3.6.2
-digest: sha256:44566bf3148e8cfc5b4e515caf5afcee42eb0f046b5d503ff16b3d70efa3eace
-generated: "2026-06-15T11:00:08.043908+02:00"
+  version: 3.7.0
+digest: sha256:daed3f4af5ace511de313180abe29e55726644ec51b9acd1a895b1e66ed41369
+generated: "2026-06-22T09:33:02.325748+02:00"

charts/cloudprem/Chart.yaml

@@ -31,7 +31,7 @@ type: application
 # This is the chart version. This version number should be incremented each time you make changes
 # to the chart and its templates, including the app version.
 # Versions are expected to follow Semantic Versioning (https://semver.org/)
-version: 4.9.2
+version: 4.10.0
 
 # This is the version number of the application being deployed. This version number should be
 # incremented each time you make changes to the application. Versions are not expected to

charts/cloudprem/README.md

@@ -1,7 +1,7 @@
 # Formance cloudprem Helm chart
 
 [![Artifact Hub](https://img.shields.io/endpoint?url=https://artifacthub.io/badge/repository/cloudprem)](https://artifacthub.io/packages/search?repo=cloudprem)
-![Version: 4.9.2](https://img.shields.io/badge/Version-4.9.2-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: latest](https://img.shields.io/badge/AppVersion-latest-informational?style=flat-square)
+![Version: 4.10.0](https://img.shields.io/badge/Version-4.10.0-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: latest](https://img.shields.io/badge/AppVersion-latest-informational?style=flat-square)
 
 Formance control-plane
 

charts/console-v3/Chart.lock

@@ -1,9 +1,9 @@
 dependencies:
 - name: core
   repository: file://../core
-  version: 1.5.1
+  version: 1.6.0
 - name: postgresql
   repository: oci://registry-1.docker.io/bitnamicharts
-  version: 18.7.3
-digest: sha256:94f58a97ea12e8fade08b77e895cd51c19428d0c026001235cedde428c76eb03
-generated: "2026-06-09T14:59:37.072444+02:00"
+  version: 18.7.6
+digest: sha256:2de666ebc52f71210ae299061f7d473e5ab0480dab96d22deb0ad4c348519066
+generated: "2026-06-22T09:26:55.92648+02:00"

charts/console-v3/Chart.yaml

@@ -29,7 +29,7 @@ type: application
 # This is the chart version. This version number should be incremented each time you make changes
 # to the chart and its templates, including the app version.
 # Versions are expected to follow Semantic Versioning (https://semver.org/)
-version: 3.6.2
+version: 3.7.0
 
 # This is the version number of the application being deployed. This version number should be
 # incremented each time you make changes to the application. Versions are not expected to

charts/console-v3/README.md

@@ -1,6 +1,6 @@
 # console-v3
 
-![Version: 3.6.2](https://img.shields.io/badge/Version-3.6.2-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: v2.6.2](https://img.shields.io/badge/AppVersion-v2.6.2-informational?style=flat-square)
+![Version: 3.7.0](https://img.shields.io/badge/Version-3.7.0-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: v2.6.2](https://img.shields.io/badge/AppVersion-v2.6.2-informational?style=flat-square)
 
 Formance Console
 

charts/core/Chart.yaml

@@ -15,5 +15,5 @@ sources:
 - "https://github.com/formancehq/helm/tree/main/charts/core"
 
 type: library
-version: 1.5.1
+version: 1.6.0
 appVersion: "latest"

charts/core/README.md

@@ -1,6 +1,6 @@
 # Formance core Library
 
-![Version: 1.5.1](https://img.shields.io/badge/Version-1.5.1-informational?style=flat-square) ![Type: library](https://img.shields.io/badge/Type-library-informational?style=flat-square) ![AppVersion: latest](https://img.shields.io/badge/AppVersion-latest-informational?style=flat-square)
+![Version: 1.6.0](https://img.shields.io/badge/Version-1.6.0-informational?style=flat-square) ![Type: library](https://img.shields.io/badge/Type-library-informational?style=flat-square) ![AppVersion: latest](https://img.shields.io/badge/AppVersion-latest-informational?style=flat-square)
 Formance Core Library
 
 **Homepage:** <https://formance.com>

charts/core/templates/_job.tpl

@@ -1,13 +1,28 @@
 {{/**
-
-    This way is only reliable when using helm install and helm upgrade.
-    ArgoCD use helm template
-
+    Hook annotations for a migration Job — works under plain `helm
+    install/upgrade` AND ArgoCD (which auto-translates Helm hook
+    annotations to its native PreSync/BeforeHookCreation/sync-wave).
+
+    Gated by `.Values.feature.migrationHooks` so consumers can opt
+    out (e.g. when running migrations via a separate orchestrator).
+
+    - `pre-install,pre-upgrade` keeps the Job's identity stable as a
+      hook in BOTH install and upgrade. The previous
+      `pre-upgrade`-only-on-upgrade gate meant the resource was a plain
+      release object on install and flipped to a hook on the next
+      upgrade, which produced "Job already exists" errors and orphans
+      on uninstall.
+
+    - `before-hook-creation` deletes the previous Job before recreating
+      so image bumps and other spec changes don't hit Job-spec
+      immutability. `hook-succeeded` is intentionally NOT here so
+      operators can `kubectl logs` post-success; cleanup is bounded by
+      `ttlSecondsAfterFinished` on the Job spec.
   **/}}
 {{- define "core.job.annotations" -}}
-{{- if and (not .Release.IsInstall) .Values.feature.migrationHooks }}
-helm.sh/hook: pre-upgrade
-helm.sh/hook-delete-policy: before-hook-creation,hook-succeeded,hook-failed
+{{- if .Values.feature.migrationHooks }}
+helm.sh/hook: pre-install,pre-upgrade
+helm.sh/hook-delete-policy: before-hook-creation
 helm.sh/hook-weight: "10"
 {{- end }}
 {{- end }}

charts/core/templates/_postgres.tpl

@@ -1,11 +1,23 @@
 
-{{- /**DEPRECATED **/}}
+{{- /**DEPRECATED — use `core.job.annotations` directly **/}}
 {{- define "core.postgres.job.annotations" -}}
 {{- include "core.job.annotations" . -}}
 {{- end }}
-{{- /**DEPRECATED **/}}
+
+{{/**
+    Hook annotations for the migration Job's ServiceAccount. Same
+    Helm hook semantics as `core.job.annotations` and gated by the
+    same `.Values.feature.migrationHooks` flag, but with a LOWER
+    `hook-weight` so the SA is created before the Job that references
+    it (otherwise the Job's pod fails to schedule with "ServiceAccount
+    not found"). ArgoCD auto-translates `hook-weight` to `sync-wave`.
+  **/}}
 {{- define "core.postgres.job.sa.annotations" -}}
-{{- include "core.job.annotations" . -}}
+{{- if .Values.feature.migrationHooks }}
+helm.sh/hook: pre-install,pre-upgrade
+helm.sh/hook-delete-policy: before-hook-creation
+helm.sh/hook-weight: "0"
+{{- end }}
 {{- end }}
 
 {{/** 

charts/formance/Chart.lock

@@ -1,12 +1,12 @@
 dependencies:
 - name: postgresql
   repository: oci://registry-1.docker.io/bitnamicharts
-  version: 18.7.3
+  version: 18.7.6
 - name: regions
   repository: file://../regions
-  version: 3.10.7
+  version: 3.11.0
 - name: cloudprem
   repository: file://../cloudprem
-  version: 4.9.2
-digest: sha256:ab00bb5977dbfacbd126cff2c1745fbd0e6110d197f74e273586f805cb5c33f2
-generated: "2026-06-15T11:54:47.440585+02:00"
+  version: 4.10.0
+digest: sha256:e6e6353c32fc72665265ce60d619cb75a12a10de216257d8a5629abefb57d658
+generated: "2026-06-22T09:33:03.509948+02:00"

charts/formance/Chart.yaml

@@ -10,7 +10,7 @@ maintainers:
 icon: "https://avatars.githubusercontent.com/u/84325077?s=200&v=4"
 
 type: application
-version: 1.13.4
+version: 1.14.0
 appVersion: "latest"
 # The "-0" suffix is required for GKE compatibility. GKE versions contain
 # build metadata like "v1.33.5-gke.2392000" which semver treats as pre-release.

charts/formance/README.md

@@ -1,6 +1,6 @@
 # formance
 
-![Version: 1.13.4](https://img.shields.io/badge/Version-1.13.4-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: latest](https://img.shields.io/badge/AppVersion-latest-informational?style=flat-square)
+![Version: 1.14.0](https://img.shields.io/badge/Version-1.14.0-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: latest](https://img.shields.io/badge/AppVersion-latest-informational?style=flat-square)
 
 Formance Platform - Unified Helm Chart
 

charts/membership/Chart.lock

@@ -1,12 +1,12 @@
 dependencies:
 - name: postgresql
   repository: oci://registry-1.docker.io/bitnamicharts
-  version: 18.7.3
+  version: 18.7.6
 - name: dex
   repository: https://charts.dexidp.io
   version: 0.24.1
 - name: core
   repository: file://../core
-  version: 1.5.1
-digest: sha256:f516e5a8711af3c7a57a609c043c3eb83aa8b5db56ccc4e8c449b66f09725253
-generated: "2026-06-09T14:59:33.302603+02:00"
+  version: 1.6.0
+digest: sha256:b130a654a9fd60d5f6da5bf73a0d9710e10060b2a54a163662392f1206835f9a
+generated: "2026-06-22T09:26:52.299904+02:00"

charts/membership/Chart.yaml

@@ -22,7 +22,7 @@ type: application
 # This is the chart version. This version number should be incremented each time you make changes
 # to the chart and its templates, including the app version.
 # Versions are expected to follow Semantic Versioning (https://semver.org/)
-version: 3.5.0
+version: 3.6.0
 
 # This is the version number of the application being deployed. This version number should be
 # incremented each time you make changes to the application. Versions are not expected to

charts/membership/README.md

@@ -1,6 +1,6 @@
 # Formance membership Helm chart
 
-![Version: 3.5.0](https://img.shields.io/badge/Version-3.5.0-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: v2.5.0](https://img.shields.io/badge/AppVersion-v2.5.0-informational?style=flat-square)
+![Version: 3.6.0](https://img.shields.io/badge/Version-3.6.0-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: v2.5.0](https://img.shields.io/badge/AppVersion-v2.5.0-informational?style=flat-square)
 Formance EE Membership API. Manage stacks, organizations, regions, invitations, users, roles, and permissions.
 
 ## Requirements

charts/portal/Chart.lock

@@ -1,9 +1,9 @@
 dependencies:
 - name: core
   repository: file://../core
-  version: 1.5.1
+  version: 1.6.0
 - name: postgresql
   repository: oci://registry-1.docker.io/bitnamicharts
-  version: 18.7.3
-digest: sha256:94f58a97ea12e8fade08b77e895cd51c19428d0c026001235cedde428c76eb03
-generated: "2026-06-09T14:59:22.340965+02:00"
+  version: 18.7.6
+digest: sha256:2de666ebc52f71210ae299061f7d473e5ab0480dab96d22deb0ad4c348519066
+generated: "2026-06-22T09:26:42.312172+02:00"

charts/portal/Chart.yaml

@@ -26,7 +26,7 @@ type: application
 # This is the chart version. This version number should be incremented each time you make changes
 # to the chart and its templates, including the app version.
 # Versions are expected to follow Semantic Versioning (https://semver.org/)
-version: 3.6.2
+version: 3.7.0
 
 # This is the version number of the application being deployed. This version number should be
 # incremented each time you make changes to the application. Versions are not expected to

charts/portal/README.md

@@ -1,6 +1,6 @@
 # portal
 
-![Version: 3.6.2](https://img.shields.io/badge/Version-3.6.2-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: v2.6.2](https://img.shields.io/badge/AppVersion-v2.6.2-informational?style=flat-square)
+![Version: 3.7.0](https://img.shields.io/badge/Version-3.7.0-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: v2.6.2](https://img.shields.io/badge/AppVersion-v2.6.2-informational?style=flat-square)
 
 Formance Portal
 

charts/regions/Chart.lock

@@ -1,12 +1,12 @@
 dependencies:
 - name: agent
   repository: file://../agent
-  version: 2.14.0
+  version: 2.15.0
 - name: operator
   repository: oci://ghcr.io/formancehq/helm
   version: 3.11.2
 - name: core
   repository: file://../core
-  version: 1.5.1
-digest: sha256:866749c40f0605be3ee16788b1a99cacc325faf749bafa44da87479d1092e164
-generated: "2026-06-12T12:28:48.576894+02:00"
+  version: 1.6.0
+digest: sha256:ac7f9226c98c82d59e82c848beb4021e1d26e13b33772d22f721f04f79c9967d
+generated: "2026-06-22T09:32:46.086595+02:00"

charts/regions/Chart.yaml

@@ -11,7 +11,7 @@ maintainers:
 icon: "https://avatars.githubusercontent.com/u/84325077?s=200&v=4"
 
 type: application
-version: 3.10.7
+version: 3.11.0
 appVersion: "latest"
 
 dependencies:

charts/regions/README.md

@@ -1,6 +1,6 @@
 # Formance regions Helm chart
 
-![Version: 3.10.7](https://img.shields.io/badge/Version-3.10.7-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: latest](https://img.shields.io/badge/AppVersion-latest-informational?style=flat-square)
+![Version: 3.11.0](https://img.shields.io/badge/Version-3.11.0-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: latest](https://img.shields.io/badge/AppVersion-latest-informational?style=flat-square)
 Formance Private Regions Helm Chart
 
 ## Requirements

charts/stargate/Chart.lock

@@ -1,9 +1,9 @@
 dependencies:
 - name: core
   repository: file://../core
-  version: 1.5.1
+  version: 1.6.0
 - name: postgresql
   repository: oci://registry-1.docker.io/bitnamicharts
   version: 15.5.38
-digest: sha256:663ca8c28a6de42337fb1f7a30d6588113b6c7150f0a053edf0886641da186e8
-generated: "2026-03-13T11:53:12.310361+01:00"
+digest: sha256:3487d243930e76ecf46e3ad85dffa3367623fa55d4755b20975f88ffac17aa7a
+generated: "2026-06-22T09:26:46.18892+02:00"

charts/stargate/Chart.yaml

@@ -22,7 +22,7 @@ type: application
 # This is the chart version. This version number should be incremented each time you make changes
 # to the chart and its templates, including the app version.
 # Versions are expected to follow Semantic Versioning (https://semver.org/)
-version: 0.10.1
+version: 0.11.0
 
 # This is the version number of the application being deployed. This version number should be
 # incremented each time you make changes to the application. Versions are not expected to