marko/cnpg-postgres-containers
1
0
Fork 0
forked from repo-mirrors/cnpg-postgres-containers
Code Pull Requests Actions Activity
1,153 Commits 8 Branches 0 Tags
bbff9cb63da92dad77903d3004faf95653e24214
Commit Graph

95 Commits

Author SHA1 Message Date
Marco Nenciarini
bbff9cb63d ci(catalog): improve diff step (#306) 
Signed-off-by: Marco Nenciarini <marco.nenciarini@enterprisedb.com>
 2025-09-10 17:09:42 +02:00
Niccolò Fei
b20e75e8cd feat: generate image catalogs for bake images (#305) 
Generate default cluster image catalogs for all combinations of types and OS  
versions, including all supported PostgreSQL versions. The catalogs also include  
predefined labels to easily identify the type, OS version, date, and origin of  
the catalog.

Closes cloudnative-pg/artifacts#1

Signed-off-by: Niccolò Fei <niccolo.fei@enterprisedb.com>
Signed-off-by: Marco Nenciarini <marco.nenciarini@enterprisedb.com>
Co-authored-by: Marco Nenciarini <marco.nenciarini@enterprisedb.com>
 2025-09-10 16:53:41 +02:00
renovate[bot]
b5bfa9183d chore(deps): update github/codeql-action digest to f1f6e5f (#292) 
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2025-09-09 14:49:12 +02:00
renovate[bot]
c40b88ceb7 chore(deps): pin docker/bake-action action to 3acf805 (#295) 
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2025-09-09 14:48:53 +02:00
Niccolò Fei
96aa7b129c ci: support preview versions in bake.yaml (#300) 
Signed-off-by: Niccolò Fei <niccolo.fei@enterprisedb.com>
 2025-09-09 14:31:48 +02:00
Marco Nenciarini
017b1da1ae ci: attempt to fix arm64 segfault (#301) 
Signed-off-by: Marco Nenciarini <marco.nenciarini@enterprisedb.com>
 2025-09-09 14:29:53 +02:00
Marco Nenciarini
c597e6de06 fix: increase cosign timeout to 5 minutes (#298) 
Signed-off-by: Marco Nenciarini <marco.nenciarini@enterprisedb.com>
 2025-09-08 16:22:14 +02:00
Jonathan Gonzalez V.
fdc8010750 chore: add system images to docker-bake.hcl (#282) 
This change extends the bake build process by introducing the system image flavour.
The system image is derived from the existing standard image and includes Barman Cloud support.

Closes #283
Closes #286

Signed-off-by: Jonathan Gonzalez V <jonathan.gonzalez@enterprisedb.com>
Signed-off-by: Niccolò Fei <niccolo.fei@enterprisedb.com>
Signed-off-by: Gabriele Bartolini <gabriele.bartolini@enterprisedb.com>
Signed-off-by: Marco Nenciarini <marco.nenciarini@enterprisedb.com>
Co-authored-by: Niccolò Fei <niccolo.fei@enterprisedb.com>
Co-authored-by: Gabriele Bartolini <gabriele.bartolini@enterprisedb.com>
Co-authored-by: Marco Nenciarini <marco.nenciarini@enterprisedb.com>
 2025-09-08 12:07:22 +02:00
renovate[bot]
b3b4b7bae7 chore(deps): update actions/setup-python action to v6 (#289) 2025-09-04 13:28:23 +02:00
renovate[bot]
7125c19f98 chore(deps): update github/codeql-action digest to 2d92b76 (#281) 
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2025-09-02 09:50:21 +02:00
renovate[bot]
ec93eb65ec chore(deps): update github/codeql-action digest to 3c3833e (#273) 
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2025-09-01 15:14:09 +02:00
renovate[bot]
a574c0b64f chore(deps): update docker/bake-action digest to 3acf805 (#272) 
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2025-09-01 08:27:28 +02:00
Jonathan Gonzalez V.
424e519da9 chore: automatically update available PostgreSQL versions (#269) 
Automatically update PostgreSQL versions in the Bake file; this will retrieve
the information from the official PostgreSQL website.

Closes #153

Signed-off-by: Jonathan Gonzalez V <jonathan.gonzalez@enterprisedb.com>
Signed-off-by: Niccolò Fei <niccolo.fei@enterprisedb.com>
Co-authored-by: Niccolò Fei <niccolo.fei@enterprisedb.com>
 2025-08-22 13:32:31 +02:00
renovate[bot]
d9c834a88b chore(deps): update github/codeql-action digest to 96f518a (#270) 
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2025-08-19 11:03:40 +02:00
renovate[bot]
28f659d12d chore(deps): update actions/checkout action to v5 (#265) 
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2025-08-18 09:52:05 +02:00
renovate[bot]
89a0080c16 chore(deps): update github/codeql-action digest to df55935 (#266) 
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2025-08-18 09:50:36 +02:00
renovate[bot]
822419220c chore(deps): update github/codeql-action digest to 76621b6 (#262) 
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2025-08-11 10:16:38 +02:00
renovate[bot]
10990abce7 chore(deps): update actions/download-artifact action to v5 (#260) 
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2025-08-06 13:56:51 +02:00
renovate[bot]
f2c3daa6e8 chore(deps): update docker/login-action digest to 184bdaa (#259) 
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2025-08-06 13:52:47 +02:00
renovate[bot]
2cffad0334 chore(deps): update github/codeql-action digest to 51f7732 (#258) 
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2025-08-04 15:14:13 +02:00
renovate[bot]
fa7bed4348 chore(deps): update github/codeql-action digest to 4e828ff (#256) 
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2025-07-29 18:57:30 +02:00
renovate[bot]
a3bec0e68d chore(deps): update github/codeql-action digest to d6bbdef (#253) 
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2025-07-22 13:59:38 +02:00
renovate[bot]
9e33f54c73 chore(deps): update github/codeql-action digest to 181d5ee (#232) 
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2025-07-01 13:45:31 +02:00
renovate[bot]
200ddfcd49 chore(deps): update docker/setup-buildx-action digest to e468171 (#227) 
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2025-07-01 10:47:45 +02:00
renovate[bot]
f28b229607 chore(deps): update sigstore/cosign-installer digest to 398d4b0 (#229) 
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2025-06-27 10:31:09 +02:00
dependabot[bot]
aa0b85d71c Bump sigstore/cosign-installer from 3.8.2 to 3.9.0 (#225) 2025-06-17 17:54:19 +02:00
renovate[bot]
fcf3477cbe chore(deps): update docker/setup-buildx-action digest to 18ce135 (#223) 
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2025-06-16 16:03:55 +02:00
dependabot[bot]
369331af00 Bump github/codeql-action from 3.28.19 to 3.29.0 (#221) 2025-06-13 21:29:38 +02:00
renovate[bot]
a9d4ce92e5 chore(deps): update github/codeql-action digest to fca7ace (#216) 
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2025-06-05 14:18:48 +02:00
dependabot[bot]
160dee3646 Bump docker/bake-action from 6.7.0 to 6.8.0 (#212) 
Bumps [docker/bake-action](https://github.com/docker/bake-action) from 6.7.0 to 6.8.0.
- [Release notes](https://github.com/docker/bake-action/releases)
- [Commits](212c367396...37816e7475)

---
updated-dependencies:
- dependency-name: docker/bake-action
  dependency-version: 6.8.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-05-29 15:41:50 +02:00
dependabot[bot]
dcb26cb5a3 Bump docker/build-push-action from 6.17.0 to 6.18.0 (#213) 
Bumps [docker/build-push-action](https://github.com/docker/build-push-action) from 6.17.0 to 6.18.0.
- [Release notes](https://github.com/docker/build-push-action/releases)
- [Commits](1dc7386353...263435318d)

---
updated-dependencies:
- dependency-name: docker/build-push-action
  dependency-version: 6.18.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-05-29 15:41:19 +02:00
Jonathan Gonzalez V.
5c35abd07e ci(security): reduce workflow permissions (#207) 
By default, set all the workflow permissions to read-all, then 
provide permissions one by one to each job requiring more
permissions.

Closes #206

Signed-off-by: Jonathan Gonzalez V <jonathan.gonzalez@enterprisedb.com>
Signed-off-by: Francesco Canovai <francesco.canovai@enterprisedb.com>
 2025-05-29 15:38:50 +02:00
renovate[bot]
8c598b2996 chore(deps): update github/codeql-action digest to ff0a06e (#199) 
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2025-05-16 15:12:53 +02:00
renovate[bot]
45bdcfd4ad chore(deps): update sigstore/cosign-installer digest to 3454372 (#194) 
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2025-05-16 15:12:38 +02:00
renovate[bot]
0c29118218 chore(deps): update docker/build-push-action digest to 1dc7386 (#193) 
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2025-05-16 15:12:30 +02:00
renovate[bot]
3eab60524c chore(deps): update docker/bake-action digest to 212c367 (#192) 
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2025-05-16 15:12:17 +02:00
renovate[bot]
44cb72b1e6 chore(deps): update sigstore/cosign-installer digest to d7d6bc7 (#183) 
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2025-05-15 14:49:56 +02:00
dependabot[bot]
1a8f19fd76 Bump sigstore/cosign-installer from 3.8.1 to 3.8.2 (#182) 
Bumps [sigstore/cosign-installer](https://github.com/sigstore/cosign-installer) from 3.8.1 to 3.8.2.
- [Release notes](https://github.com/sigstore/cosign-installer/releases)
- [Commits](d7d6bc7722...3454372f43)

---
updated-dependencies:
- dependency-name: sigstore/cosign-installer
  dependency-version: 3.8.2
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-05-07 09:44:05 +02:00
renovate[bot]
0fae613f7a chore(deps): update sigstore/cosign-installer digest to d7d6bc7 (#181) 
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2025-05-05 14:56:46 +02:00
renovate[bot]
acc0426450 chore(deps): update github/codeql-action digest to 60168ef (#179) 
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2025-05-05 14:54:21 +02:00
dependabot[bot]
8aae5cc080 Bump sigstore/cosign-installer from 3.8.1 to 3.8.2 (#178) 2025-05-05 14:50:28 +02:00
renovate[bot]
48b6e1b541 chore(deps): pin dependencies (#176) 
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2025-04-30 17:22:58 +02:00
Francesco Canovai
2ebeecec48 ci: pin pip version (#171) 
Pip 25.1 breaks the creation of the requirements.txt. 
Pin to a lower version.

Closes #169

Signed-off-by: Francesco Canovai <francesco.canovai@enterprisedb.com>
 2025-04-28 13:50:15 +02:00
Niccolò Fei
012f3b6677 chore: fix LZ4 builds on arm64 (#162) 
build-essential and python3-dev are required to build LZ4 on arm64 since there aren't pre-compiled wheel available for this architecture. 
Also, switch back to using the latest qemu image.

Signed-off-by: Niccolò Fei <niccolo.fei@enterprisedb.com>
 2025-03-11 16:42:03 +01:00
Niccolò Fei
4f2f2958be ci: workaround for segfault in the latest binfmt image (#156) 
Signed-off-by: Niccolò Fei <niccolo.fei@enterprisedb.com>
 2025-02-24 19:26:38 +01:00
Francesco Canovai
fbff03889c ci: copy and sign prod images (#143) 
Use skopeo to copy testing images to the production registry when they
pass the security tests, instead of rebuilding them. 
After that, we sign the production images too.

Signed-off-by: Francesco Canovai <francesco.canovai@enterprisedb.com>
Signed-off-by: Jonathan Gonzalez V <jonathan.gonzalez@enterprisedb.com>
Signed-off-by: Niccolò Fei <niccolo.fei@enterprisedb.com>
Co-authored-by: Jonathan Gonzalez V <jonathan.gonzalez@enterprisedb.com>
Co-authored-by: Niccolò Fei <niccolo.fei@enterprisedb.com>
 2025-01-27 14:37:52 +01:00
renovate[bot]
058205b63e chore(deps): update dependency ubuntu to v24 (#146) 
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2025-01-23 10:47:17 +01:00
Jonathan Gonzalez V.
980c2fabc8 feat: add cosign to sign the images (#137) 
Using the output from the bake action, we sign every 
container image tag plus each specific digest using cosign.

Closes #136

Signed-off-by: Francesco Canovai <francesco.canovai@enterprisedb.com>
Signed-off-by: Jonathan Gonzalez V <jonathan.gonzalez@enterprisedb.com>
Signed-off-by: Gabriele Bartolini <gabriele.bartolini@enterprisedb.com>
Co-authored-by: Francesco Canovai <francesco.canovai@enterprisedb.com>
Co-authored-by: Gabriele Bartolini <gabriele.bartolini@enterprisedb.com>
 2025-01-22 15:02:22 +01:00
Francesco Canovai
c330729d7f ci: build minimal and standard images (#135) 
Build images without barman-cloud, to be used with backup plugins.

Other changes:

- Implement timestamp-based versioning for images
- Simplify build workflows for enhanced local testing and contribution
- Adopt OCI annotations and generate SBOMs for improved transparency

Closes #132

Signed-off-by: Francesco Canovai <francesco.canovai@enterprisedb.com>
Signed-off-by: Gabriele Bartolini <gabriele.bartolini@enterprisedb.com>
Signed-off-by: Marco Nenciarini <marco.nenciarini@enterprisedb.com>
Signed-off-by: Niccolò Fei <niccolo.fei@enterprisedb.com>
Co-authored-by: Gabriele Bartolini <gabriele.bartolini@enterprisedb.com>
Co-authored-by: Marco Nenciarini <marco.nenciarini@enterprisedb.com>
Co-authored-by: Niccolò Fei <niccolo.fei@enterprisedb.com>
 2025-01-16 14:03:20 +01:00
Jonathan Gonzalez V.
47d165dfe8 ci: run the update workflow every Mon (#127) 
Signed-off-by: Jonathan Gonzalez V <jonathan.gonzalez@enterprisedb.com>
Signed-off-by: Marco Nenciarini <marco.nenciarini@enterprisedb.com>
Signed-off-by: Gabriele Bartolini <gabriele.bartolini@enterprisedb.com>
Co-authored-by: Marco Nenciarini <marco.nenciarini@enterprisedb.com>
Co-authored-by: Gabriele Bartolini <gabriele.bartolini@enterprisedb.com>
 2024-12-27 11:37:33 +01:00