mongodb: vendor chart via git subtree from bitnami/charts

[delthas]

Summary

Switch solution-base/mongodb/Makefile from helm fetch against charts.bitnami.com to vendoring the chart sources from the bitnami/charts GitHub repository via git subtree, mirroring the pattern that ZENKO-5110 already established for vendored Bitnami images in solution-base/images/Makefile. All local modifications previously expressed as .patch files now live as ordinary git commits on top of the subtree merge, ordered chronologically by when each was originally introduced.

Why

Bitnami stopped publishing the mongodb-sharded chart OCI artifact in August 2025 (bitnami/charts#35164). The last published version is 9.4.12 and any future commit merged into bitnami/charts main — including our upstream pgrep -x liveness probe fix in bitnami/charts#36488 — will never reach the Helm registry. The chart source on GitHub is still updated and tagged for every release, so it is now the authoritative place to pull from.

Using git subtree (over a curl | tar snapshot) gives us:

• Real three-way merge conflicts when bumping — git subtree merge --squash surfaces upstream-vs-local conflicts directly, instead of silent patch overwrites or stale .patch files.
• One mental model with solution-base/images/Makefile, which already uses the same pattern for the Bitnami container-image vendoring under ZENKO-5110.
• Subsequent bumps (e.g. ZENKO-5276 → mongodb-sharded/9.4.14) become a single CHART_VERSION change + make vendor-sync.

What changes

• solution-base/mongodb/Makefile — full rewrite. New targets create-remote, fetch-remote, update-vendor-branch, vendor-sync, deps. The single maintainer command is make -C solution-base/mongodb vendor-sync (~4 minutes — fetches bitnami/charts history, runs git subtree split, merges as squash, re-resolves common).
• solution-base/mongodb/charts/mongodb-sharded/ — re-introduced as a git subtree --squash of upstream tag mongodb-sharded/9.4.4. The common library chart is resolved via helm dependency build and extracted into charts/common/ so solution-base/build.sh's helm template finds it as a sub-chart.
• 11 patch files migrated to 11 individual commits, ordered chronologically (oldest local-tweak first → newest at top), so future git log archaeology under the prefix reflects the actual evolution of these tweaks. Each commit message cites the original patch filename for traceability.
• solution-base/mongodb/patches/ deleted entirely.
• solution-base/mongodb/how_to_upgrade.md rewritten to describe the new flow.
• .github/workflows/end2end.yaml — check-mongo-patches job removed (it verified make fetch + make patch produced no drift; with patches gone there is nothing to verify, and conflicts now surface as ordinary git merge conflicts during make vendor-sync).
• .github/copilot-instructions.md — Chart upgrade-path row now points at Makefile + make vendor-sync instead of patches/ + make patch.

What does NOT change

• Pinned chart version stays at 9.4.4 — pure infrastructure switch. ZENKO-5276 becomes a CHART_VERSION bump + make vendor-sync whose merge brings in upstream's pgrep -x liveness probe fix.
• solution-base/deps.yaml is untouched — image references are independent and addressed under ZENKO-5110.
• solution-base/build.sh is untouched — it expects charts/common/ as an extracted directory, which the new Makefile preserves.

Verification

• helm template against this branch produces manifests equivalent to those of the previous helm fetch 9.4.4 + make patch flow (modulo helm-generated random Secret values per invocation).
• make -C solution-base/mongodb vendor-sync is idempotent against mongodb-sharded/9.4.4: re-running on a clean tree produces no diff.
• Each of the 17 commits is reviewable in isolation.

Costs

• Maintainer-side make vendor-sync is a ~4-minute coffee break (subtree split walks 36 599 upstream commits).
• One-time .git growth of ~41 MB in the maintainer's clone from the synthesized subdir commits; not pushed to origin.
• bitnami-charts remote needs to be configured (Makefile does this automatically on first run).

History

The PR's earlier revisions implemented the same goal via curl | tar of the GitHub release tarball. After discussion with @francoisferrand, switched to git subtree to match the solution-base/images/ precedent and to make future upstream merges produce real merge conflicts rather than silent overwrites. The subtree variant was first explored on a parallel draft PR (#2423, now closed); this PR was force-pushed with the subtree commits.

Issue: ZENKO-5281

[bert-e]

Hello delthas,

My role is to assist you with the merge of this
pull request. Please type @bert-e help to get information
on this process, or consult the user documentation.

Available options

name	description	privileged	authored
/after_pull_request	Wait for the given pull request id to be merged before continuing with the current one.
/bypass_author_approval	Bypass the pull request author's approval	⭐
/bypass_build_status	Bypass the build and test status	⭐
/bypass_commit_size	Bypass the check on the size of the changeset TBA	⭐
/bypass_incompatible_branch	Bypass the check on the source branch prefix	⭐
/bypass_jira_check	Bypass the Jira issue check	⭐
/bypass_peer_approval	Bypass the pull request peers' approval	⭐
/bypass_leader_approval	Bypass the pull request leaders' approval	⭐
/approve	Instruct Bert-E that the author has approved the pull request.		✍️
/create_pull_requests	Allow the creation of integration pull requests.
/create_integration_branches	Allow the creation of integration branches.
/no_octopus	Prevent Wall-E from doing any octopus merge and use multiple consecutive merge instead
/unanimity	Change review acceptance criteria from one reviewer at least to all reviewers
/wait	Instruct Bert-E not to run until further notice.

Available commands

name	description	privileged
/help	Print Bert-E's manual in the pull request.
/status	Print Bert-E's current status in the pull request TBA
/clear	Remove all comments from Bert-E from the history TBA
/retry	Re-start a fresh build TBA
/build	Re-start a fresh build TBA
/force_reset	Delete integration branches & pull requests, and restart merge process from the beginning.
/reset	Try to remove integration branches unless there are commits on them which do not appear on the source branch.

Status report is not available.

[bert-e]

Request integration branches

Waiting for integration branch creation to be requested by the user.

To request integration branches, please comment on this pull request with the following command:

/create_integration_branches

Alternatively, the /approve and /create_pull_requests commands will automatically
create the integration branches.

[delthas]

Moved from vendoring from git download, to actual git subtree.

[delthas]

First commits are setting up the subtree, then each commit is literally moving the patch to a commit, then last commit is cleaning up patches.