marko/cnpg-postgres-containers
1
0
Fork 0
forked from repo-mirrors/cnpg-postgres-containers
Code Pull Requests Actions Activity
1,079 Commits 8 Branches 0 Tags
200ddfcd49f59e45190faa98dda76ca50e9adcdd
Commit Graph

22 Commits

Author SHA1 Message Date
renovate[bot]
200ddfcd49 chore(deps): update docker/setup-buildx-action digest to e468171 (#227) 
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2025-07-01 10:47:45 +02:00
renovate[bot]
f28b229607 chore(deps): update sigstore/cosign-installer digest to 398d4b0 (#229) 
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2025-06-27 10:31:09 +02:00
dependabot[bot]
aa0b85d71c Bump sigstore/cosign-installer from 3.8.2 to 3.9.0 (#225) 2025-06-17 17:54:19 +02:00
renovate[bot]
fcf3477cbe chore(deps): update docker/setup-buildx-action digest to 18ce135 (#223) 
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2025-06-16 16:03:55 +02:00
dependabot[bot]
369331af00 Bump github/codeql-action from 3.28.19 to 3.29.0 (#221) 2025-06-13 21:29:38 +02:00
renovate[bot]
a9d4ce92e5 chore(deps): update github/codeql-action digest to fca7ace (#216) 
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2025-06-05 14:18:48 +02:00
dependabot[bot]
160dee3646 Bump docker/bake-action from 6.7.0 to 6.8.0 (#212) 
Bumps [docker/bake-action](https://github.com/docker/bake-action) from 6.7.0 to 6.8.0.
- [Release notes](https://github.com/docker/bake-action/releases)
- [Commits](212c367396...37816e7475)

---
updated-dependencies:
- dependency-name: docker/bake-action
  dependency-version: 6.8.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-05-29 15:41:50 +02:00
Jonathan Gonzalez V.
5c35abd07e ci(security): reduce workflow permissions (#207) 
By default, set all the workflow permissions to read-all, then 
provide permissions one by one to each job requiring more
permissions.

Closes #206

Signed-off-by: Jonathan Gonzalez V <jonathan.gonzalez@enterprisedb.com>
Signed-off-by: Francesco Canovai <francesco.canovai@enterprisedb.com>
 2025-05-29 15:38:50 +02:00
renovate[bot]
8c598b2996 chore(deps): update github/codeql-action digest to ff0a06e (#199) 
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2025-05-16 15:12:53 +02:00
renovate[bot]
45bdcfd4ad chore(deps): update sigstore/cosign-installer digest to 3454372 (#194) 
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2025-05-16 15:12:38 +02:00
renovate[bot]
3eab60524c chore(deps): update docker/bake-action digest to 212c367 (#192) 
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2025-05-16 15:12:17 +02:00
renovate[bot]
44cb72b1e6 chore(deps): update sigstore/cosign-installer digest to d7d6bc7 (#183) 
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2025-05-15 14:49:56 +02:00
dependabot[bot]
1a8f19fd76 Bump sigstore/cosign-installer from 3.8.1 to 3.8.2 (#182) 
Bumps [sigstore/cosign-installer](https://github.com/sigstore/cosign-installer) from 3.8.1 to 3.8.2.
- [Release notes](https://github.com/sigstore/cosign-installer/releases)
- [Commits](d7d6bc7722...3454372f43)

---
updated-dependencies:
- dependency-name: sigstore/cosign-installer
  dependency-version: 3.8.2
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-05-07 09:44:05 +02:00
renovate[bot]
0fae613f7a chore(deps): update sigstore/cosign-installer digest to d7d6bc7 (#181) 
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2025-05-05 14:56:46 +02:00
renovate[bot]
acc0426450 chore(deps): update github/codeql-action digest to 60168ef (#179) 
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2025-05-05 14:54:21 +02:00
dependabot[bot]
8aae5cc080 Bump sigstore/cosign-installer from 3.8.1 to 3.8.2 (#178) 2025-05-05 14:50:28 +02:00
renovate[bot]
48b6e1b541 chore(deps): pin dependencies (#176) 
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2025-04-30 17:22:58 +02:00
Niccolò Fei
012f3b6677 chore: fix LZ4 builds on arm64 (#162) 
build-essential and python3-dev are required to build LZ4 on arm64 since there aren't pre-compiled wheel available for this architecture. 
Also, switch back to using the latest qemu image.

Signed-off-by: Niccolò Fei <niccolo.fei@enterprisedb.com>
 2025-03-11 16:42:03 +01:00
Niccolò Fei
4f2f2958be ci: workaround for segfault in the latest binfmt image (#156) 
Signed-off-by: Niccolò Fei <niccolo.fei@enterprisedb.com>
 2025-02-24 19:26:38 +01:00
Francesco Canovai
fbff03889c ci: copy and sign prod images (#143) 
Use skopeo to copy testing images to the production registry when they
pass the security tests, instead of rebuilding them. 
After that, we sign the production images too.

Signed-off-by: Francesco Canovai <francesco.canovai@enterprisedb.com>
Signed-off-by: Jonathan Gonzalez V <jonathan.gonzalez@enterprisedb.com>
Signed-off-by: Niccolò Fei <niccolo.fei@enterprisedb.com>
Co-authored-by: Jonathan Gonzalez V <jonathan.gonzalez@enterprisedb.com>
Co-authored-by: Niccolò Fei <niccolo.fei@enterprisedb.com>
 2025-01-27 14:37:52 +01:00
Jonathan Gonzalez V.
980c2fabc8 feat: add cosign to sign the images (#137) 
Using the output from the bake action, we sign every 
container image tag plus each specific digest using cosign.

Closes #136

Signed-off-by: Francesco Canovai <francesco.canovai@enterprisedb.com>
Signed-off-by: Jonathan Gonzalez V <jonathan.gonzalez@enterprisedb.com>
Signed-off-by: Gabriele Bartolini <gabriele.bartolini@enterprisedb.com>
Co-authored-by: Francesco Canovai <francesco.canovai@enterprisedb.com>
Co-authored-by: Gabriele Bartolini <gabriele.bartolini@enterprisedb.com>
 2025-01-22 15:02:22 +01:00
Francesco Canovai
c330729d7f ci: build minimal and standard images (#135) 
Build images without barman-cloud, to be used with backup plugins.

Other changes:

- Implement timestamp-based versioning for images
- Simplify build workflows for enhanced local testing and contribution
- Adopt OCI annotations and generate SBOMs for improved transparency

Closes #132

Signed-off-by: Francesco Canovai <francesco.canovai@enterprisedb.com>
Signed-off-by: Gabriele Bartolini <gabriele.bartolini@enterprisedb.com>
Signed-off-by: Marco Nenciarini <marco.nenciarini@enterprisedb.com>
Signed-off-by: Niccolò Fei <niccolo.fei@enterprisedb.com>
Co-authored-by: Gabriele Bartolini <gabriele.bartolini@enterprisedb.com>
Co-authored-by: Marco Nenciarini <marco.nenciarini@enterprisedb.com>
Co-authored-by: Niccolò Fei <niccolo.fei@enterprisedb.com>
 2025-01-16 14:03:20 +01:00