marko/cnpg-postgres-containers
1
0
Fork 0
forked from repo-mirrors/cnpg-postgres-containers
Code Pull Requests Actions Activity
1,056 Commits 8 Branches 0 Tags
5c35abd07e2a2f2f774e147c110002766843f702
Commit Graph

1056 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Jonathan Gonzalez V.
5c35abd07e ci(security): reduce workflow permissions (#207) 
By default, set all the workflow permissions to read-all, then 
provide permissions one by one to each job requiring more
permissions.

Closes #206

Signed-off-by: Jonathan Gonzalez V <jonathan.gonzalez@enterprisedb.com>
Signed-off-by: Francesco Canovai <francesco.canovai@enterprisedb.com>
 2025-05-29 15:38:50 +02:00
CloudNativePG Automated Updates
037a5d142f Automatic ClusterImageCatalog update 2025-05-26 15:41:19 +00:00
CloudNativePG Automated Updates
ab9be60860 Daily automatic update 2025-05-26 15:31:39 +00:00
Niccolò Fei
dc0d7b221b chore: workaround to fix dockle scan warning (#204) 
Dockle scans fail with an unrelated warning on dist-upgrade
if you use both apt & apt-get in the same RUN step.
As a workaround, let's use only apt-get.

Signed-off-by: Niccolò Fei <niccolo.fei@enterprisedb.com>
 2025-05-26 11:05:15 +02:00
CloudNativePG Automated Updates
09e421e06f Daily automatic update 2025-05-26 00:18:20 +00:00
Jonathan Gonzalez V.
23e1fa6181 chore: add support for PostgreSQL beta versions (#191) 
Now bake supports beta versions for the list and the building of the images

Closes #190

Signed-off-by: Jonathan Gonzalez V <jonathan.gonzalez@enterprisedb.com>
Signed-off-by: Niccolò Fei <niccolo.fei@enterprisedb.com>
Co-authored-by: Niccolò Fei <niccolo.fei@enterprisedb.com>
 2025-05-23 15:14:49 +02:00
Jonathan Gonzalez V.
b1421da867 fix: Dockerfile to reduce vulnerabilities (#201) 
The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-DEBIAN12-GCC12-5901316
- https://snyk.io/vuln/SNYK-DEBIAN12-GCC12-5901316
- https://snyk.io/vuln/SNYK-DEBIAN12-GCC12-5901316
- https://snyk.io/vuln/SNYK-DEBIAN12-SHADOW-5879156
- https://snyk.io/vuln/SNYK-DEBIAN12-SHADOW-5879156

Signed-off-by: Jonathan Gonzalez V <jonathan.gonzalez@enterprisedb.com>
Co-authored-by: snyk-bot <snyk-bot@snyk.io>
 2025-05-23 11:36:40 +02:00
renovate[bot]
860e6b8b0b chore(deps): update debian base images (#200) 
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2025-05-23 11:23:00 +02:00
CloudNativePG Automated Updates
d197c7bcdb Daily automatic update 2025-05-19 00:18:37 +00:00
renovate[bot]
8c598b2996 chore(deps): update github/codeql-action digest to ff0a06e (#199) 
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2025-05-16 15:12:53 +02:00
renovate[bot]
45bdcfd4ad chore(deps): update sigstore/cosign-installer digest to 3454372 (#194) 
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2025-05-16 15:12:38 +02:00
renovate[bot]
0c29118218 chore(deps): update docker/build-push-action digest to 1dc7386 (#193) 
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2025-05-16 15:12:30 +02:00
renovate[bot]
3eab60524c chore(deps): update docker/bake-action digest to 212c367 (#192) 
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2025-05-16 15:12:17 +02:00
renovate[bot]
44cb72b1e6 chore(deps): update sigstore/cosign-installer digest to d7d6bc7 (#183) 
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2025-05-15 14:49:56 +02:00
Niccolò Fei
a6a99ccb13 chore: update PostgreSQL versions (#188) 
Signed-off-by: Niccolò Fei <niccolo.fei@enterprisedb.com>
 2025-05-12 15:02:17 +02:00
Francesco Canovai
8010a5bab3 build: halt build if PG can have a minor upgrade (#187) 
When building a system image, we start from a community postgres image.
There is the chance that newer postgres packages are released, and they
could be upgraded when installing the supported extensions. We want to
prevent this scenario, as it could lead to unexpected versions in the
container image.

Closes #186

Signed-off-by: Francesco Canovai <francesco.canovai@enterprisedb.com>
 2025-05-12 15:01:06 +02:00
CloudNativePG Automated Updates
214e99eb6a Automatic ClusterImageCatalog update 2025-05-12 00:27:22 +00:00
CloudNativePG Automated Updates
db06c65e89 Daily automatic update 2025-05-12 00:18:51 +00:00
dependabot[bot]
1a8f19fd76 Bump sigstore/cosign-installer from 3.8.1 to 3.8.2 (#182) 
Bumps [sigstore/cosign-installer](https://github.com/sigstore/cosign-installer) from 3.8.1 to 3.8.2.
- [Release notes](https://github.com/sigstore/cosign-installer/releases)
- [Commits](d7d6bc7722...3454372f43)

---
updated-dependencies:
- dependency-name: sigstore/cosign-installer
  dependency-version: 3.8.2
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-05-07 09:44:05 +02:00
Niccolò Fei
462ea862f4 chore: update barman-cloud to version 3.13.3 (#177) 
Signed-off-by: Niccolò Fei <niccolo.fei@enterprisedb.com>
Signed-off-by: Francesco Canovai <francesco.canovai@enterprisedb.com>
Co-authored-by: Francesco Canovai <francesco.canovai@enterprisedb.com>
 2025-05-05 14:57:58 +02:00
renovate[bot]
0fae613f7a chore(deps): update sigstore/cosign-installer digest to d7d6bc7 (#181) 
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2025-05-05 14:56:46 +02:00
renovate[bot]
acc0426450 chore(deps): update github/codeql-action digest to 60168ef (#179) 
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2025-05-05 14:54:21 +02:00
dependabot[bot]
8aae5cc080 Bump sigstore/cosign-installer from 3.8.1 to 3.8.2 (#178) 2025-05-05 14:50:28 +02:00
CloudNativePG Automated Updates
b1bbb97c39 Automatic ClusterImageCatalog update 2025-05-05 00:27:10 +00:00
CloudNativePG Automated Updates
dc6a788c45 Daily automatic update 2025-05-05 00:18:32 +00:00
renovate[bot]
48b6e1b541 chore(deps): pin dependencies (#176) 
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2025-04-30 17:22:58 +02:00
Patrick Vickery
e223614400 Enable pinGitHubActionDigests for renovatebot (#165) 
Signed-off-by: Patrick Vickery <pvickery@paramountcommerce.com>
 2025-04-30 16:05:31 +02:00
renovate[bot]
6fb8ca3cfa chore(deps): update debian base images (#174) 
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2025-04-29 09:15:45 +02:00
CloudNativePG Automated Updates
931f87350e Automatic ClusterImageCatalog update 2025-04-28 12:03:46 +00:00
CloudNativePG Automated Updates
71fae91460 Daily automatic update 2025-04-28 11:53:39 +00:00
Francesco Canovai
2ebeecec48 ci: pin pip version (#171) 
Pip 25.1 breaks the creation of the requirements.txt. 
Pin to a lower version.

Closes #169

Signed-off-by: Francesco Canovai <francesco.canovai@enterprisedb.com>
 2025-04-28 13:50:15 +02:00
Francesco Canovai
af540b2c7d ci: stop on errors in subshells (#173) 
Define a trap that subshells can inherit through "set -E".

Closes #172

Signed-off-by: Francesco Canovai <francesco.canovai@enterprisedb.com>
 2025-04-28 13:08:38 +02:00
CloudNativePG Automated Updates
4189243a7a Automatic ClusterImageCatalog update 2025-04-28 00:24:35 +00:00
CloudNativePG Automated Updates
0f46041bf3 Daily automatic update 2025-04-28 00:17:57 +00:00
CloudNativePG Automated Updates
7bcc0c0e17 Automatic ClusterImageCatalog update 2025-04-21 00:26:40 +00:00
CloudNativePG Automated Updates
5997ebdea4 Daily automatic update 2025-04-21 00:18:23 +00:00
Jonathan Gonzalez V.
2d4666fbf3 fix: Dockerfile to reduce vulnerabilities (#167) 
The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-DEBIAN12-XZUTILS-9652973
- https://snyk.io/vuln/SNYK-DEBIAN12-ZLIB-6008963
- https://snyk.io/vuln/SNYK-DEBIAN12-GNUPG2-9486681
- https://snyk.io/vuln/SNYK-DEBIAN12-TAR-1560620
- https://snyk.io/vuln/SNYK-DEBIAN12-UTILLINUX-2401083

Signed-off-by: Jonathan Gonzalez V <jonathan.gonzalez@enterprisedb.com>
Co-authored-by: snyk-bot <snyk-bot@snyk.io>
 2025-04-15 15:00:41 +02:00
renovate[bot]
f34f395249 chore(deps): update debian base images (#166) 
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2025-04-15 10:47:59 +02:00
CloudNativePG Automated Updates
534f33b883 Automatic ClusterImageCatalog update 2025-04-14 00:26:35 +00:00
CloudNativePG Automated Updates
474b822886 Daily automatic update 2025-04-14 00:18:22 +00:00
CloudNativePG Automated Updates
7956084de2 Automatic ClusterImageCatalog update 2025-04-07 00:25:34 +00:00
CloudNativePG Automated Updates
f2f2e06073 Daily automatic update 2025-04-07 00:17:32 +00:00
CloudNativePG Automated Updates
e2c43ed738 Automatic ClusterImageCatalog update 2025-03-31 00:29:57 +00:00
CloudNativePG Automated Updates
9fe7bafd58 Daily automatic update 2025-03-31 00:17:53 +00:00
renovate[bot]
3b1ad1b6aa chore(deps): update debian base images (#163) 
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2025-03-28 09:41:45 +01:00
CloudNativePG Automated Updates
d8caea9a96 Automatic ClusterImageCatalog update 2025-03-24 00:29:10 +00:00
CloudNativePG Automated Updates
033a80ecc9 Daily automatic update 2025-03-24 00:17:01 +00:00
CloudNativePG Automated Updates
aff39bbb34 Daily automatic update 2025-03-17 00:17:05 +00:00
CloudNativePG Automated Updates
76c6e7de94 Automatic ClusterImageCatalog update 2025-03-11 17:02:19 +00:00
CloudNativePG Automated Updates
9727dcc359 Daily automatic update 2025-03-11 15:48:22 +00:00