diff --git a/images/postgres-helm-compat/tests/main.tf b/images/postgres-helm-compat/tests/main.tf
index 95aec1b4e7..1b7628eb7e 100644
--- a/images/postgres-helm-compat/tests/main.tf
+++ b/images/postgres-helm-compat/tests/main.tf
@@ -1,152 +1,142 @@
 terraform {
   required_providers {
-    oci = { source = "chainguard-dev/oci" }
+    oci       = { source = "chainguard-dev/oci" }
+    imagetest = { source = "chainguard-dev/imagetest" }
   }
 }
 
+variable "target_repository" {}
+
 variable "digest" {
   description = "The image digest to run tests over."
 }
 
 locals { parsed = provider::oci::parse(var.digest) }
 
-// We rely on base image ("postgresql") tests and just just run the helm test here
-
-resource "random_id" "hex" { byte_length = 4 }
-
-resource "helm_release" "bitnami" {
-  name       = "postgres-${random_id.hex.hex}"
-  repository = "oci://registry-1.docker.io/bitnamicharts"
-  chart      = "postgresql"
+data "imagetest_inventory" "this" {}
 
-  namespace        = "postgres-${random_id.hex.hex}"
-  create_namespace = true
+module "cluster_harness" {
+  source = "../../../tflib/imagetest/harnesses/k3s/"
 
-  // Point the chart at our Postgres image
-  set {
-    name  = "image.registry"
-    value = local.parsed.registry
-  }
-  set {
-    name  = "image.repository"
-    value = local.parsed.repo
-  }
-  set {
-    name  = "image.digest"
-    value = local.parsed.digest
-  }
+  inventory         = data.imagetest_inventory.this
+  name              = basename(path.module)
+  target_repository = var.target_repository
+  cwd               = path.module
+}
 
-  set {
-    name  = "primary.containerSecurityContext.runAsUser"
-    value = "1001"
-  }
+// We rely on base image ("postgresql") tests and just just run the helm test here
+module "helm" {
+  source = "../../../tflib/imagetest/helm"
 
-  # https://artifacthub.io/packages/helm/bitnami/postgresql#securing-traffic-using-tls
-  values = [
-    jsonencode({
-      volumePermissions = {
-        enabled = true,
-      },
-      tls = {
-        enabled       = true,
-        autoGenerated = true,
-      },
-    }),
-  ]
-}
+  chart = "oci://registry-1.docker.io/bitnamicharts/postgresql"
 
-resource "kubernetes_job" "test_tls" {
-  metadata {
-    name      = "psqlc"
-    namespace = helm_release.bitnami.namespace
-  }
-  spec {
-    backoff_limit = 4
-    template {
-      metadata {
-        labels = {
-          app = "psqlc"
-        }
-      }
-      spec {
-        init_container {
-          name    = "chown"
-          image   = "cgr.dev/chainguard/busybox:latest"
-          command = ["sh", "-c", "cp /tmp/certs/* /certs && chown -R 1001:1001 /certs && chmod 0600 /certs/*"]
-          volume_mount {
-            name       = "raw-certificates"
-            mount_path = "/tmp/certs"
-          }
-          volume_mount {
-            name       = "certs"
-            mount_path = "/certs"
-          }
-          security_context {
-            run_as_user = 0
-          }
-        }
-        container {
-          name  = "client"
-          image = var.digest
-          security_context {
-            allow_privilege_escalation = false
-            capabilities {
-              drop = ["ALL"]
-            }
-            privileged                = false
-            read_only_root_filesystem = false
-            run_as_non_root           = true
-            run_as_user               = 1001
-            seccomp_profile {
-              type = "RuntimeDefault"
-            }
-          }
-          command = [
-            "psql",
-            "host=${helm_release.bitnami.id}-postgresql.${helm_release.bitnami.id}.svc.cluster.local port=5432 sslmode=require sslcert=/certs/tls.crt sslkey=/certs/tls.key sslrootcert=/certs/ca.crt",
-            "-c",
-            "SELECT 1",
-          ]
-          env {
-            name = "PGPASSWORD"
-            value_from {
-              secret_key_ref {
-                name = "${helm_release.bitnami.id}-postgresql"
-                key  = "postgres-password"
-              }
-            }
-          }
-          volume_mount {
-            name       = "certs"
-            mount_path = "/certs"
-          }
-          volume_mount {
-            name       = "raw-certificates"
-            mount_path = "/tmp/certs"
-          }
-        }
-        volume {
-          name = "raw-certificates"
-          secret {
-            default_mode = "0644"
-            secret_name  = "${helm_release.bitnami.id}-postgresql-crt"
-          }
-        }
-        volume {
-          name = "certs"
-          empty_dir {}
-        }
-        restart_policy = "Never"
+  values = {
+    image = {
+      registry   = local.parsed.registry
+      repository = local.parsed.repo
+      digest     = local.parsed.digest
+    }
+    primary = {
+      containerSecurityContext = {
+        runAsUser = 1001
       }
     }
+    volumePermissions = {
+      enabled = true
+    }
+    tls = {
+      enabled       = true
+      autoGenerated = true
+    }
   }
-
 }
 
-module "helm_cleanup_bitnami" {
-  source    = "../../../tflib/helm-cleanup"
-  name      = helm_release.bitnami.id
-  namespace = helm_release.bitnami.namespace
+resource "imagetest_feature" "basic" {
+  name        = "basic"
+  description = "Basic installation"
+  harness     = module.cluster_harness.harness
 
-  depends_on = [kubernetes_job.test_tls]
-}
+  steps = [
+    {
+      name = "Helm Install"
+      cmd  = module.helm.install_cmd
+    },
+    {
+      name = "Test TLS"
+      cmd  = <<EOF
+        cat <<EOF2 | kubectl apply -f -
+          apiVersion: batch/v1
+          kind: Job
+          metadata:
+            name: test-tls
+            labels:
+              test: test-tls
+              app: psqlc
+          spec:
+            template:
+              spec:
+                initContainers:
+                - name: chown
+                  image: cgr.dev/chainguard/busybox:latest
+                  workingDir: /workspace
+                  command:
+                  - sh
+                  - -c
+                  - 'cp /tmp/certs/* certs && chown -R 1001:1001 /certs && chmod 0600 /certs/*'
+                  volumeMounts:
+                  - name: raw-certificates
+                    mountPath: /tmp/certs
+                  - name: certs
+                    mountPath: /certs
+                  securityContext:
+                    runAsUser: 0
+
+                containers:
+                - name: client
+                  image: ${var.digest}
+                  securityContext:
+                    allowPrivilegeEscalation: false
+                    capabilities:
+                      drop: ["ALL"]
+                    privileged: false
+                    readOnlyRootFilesystem: false
+                    runAsNonRoot: true
+                    runAsUser: 1001
+                    seccompProfile:
+                      type: RuntimeDefault
+                  command:
+                  - psql
+                  - host=${module.helm.release_name}-postgresql.${module.helm.release_name}.svc.cluster.local port=5432 sslmode=require sslcert=/certs/tls.crt sslkeys=/certs/tls.key sslrootcert=/certs/ca.cert
+                  - -c
+                  - SELECT 1
+                  env:
+                  - name: PGPASSWORD
+                    valueFrom:
+                      secretKeyRef:
+                        name: ${module.helm.release_name}-postgresql
+                        key: postgres-password
+                  volumeMounts:
+                  - name: raw-certificates
+                    mountPath: /tmp/certs
+                  - name: certs
+                    mountPath: /certs
+
+                volumes:
+                - name: certs
+                  emptyDir: {}
+                - name: raw-certificates
+                  secret:
+                    defaultMode: 0644
+                    secretName: ${module.helm.release_name}-postgresql-crt
+
+                restartPolicy: Never
+        EOF2
+        kubectl wait --for=condition=complete --timeout=120s job/test-tls
+      EOF
+    }
+  ]
+
+  labels = {
+    type = "k8s"
+  }
+}
\ No newline at end of file