diff --git a/.github/workflows/publish.yml b/.github/workflows/publish.yml index 6992992..2b881ab 100644 --- a/.github/workflows/publish.yml +++ b/.github/workflows/publish.yml @@ -3,7 +3,6 @@ name: Publish Docker Image on: push: branches: ['master'] - tags: ['v*'] pull_request: branches: ['master'] workflow_dispatch: @@ -22,7 +21,7 @@ jobs: build-and-push: runs-on: ubuntu-latest permissions: - contents: read + contents: write packages: write security-events: write # Required for Trivy SARIF (if used) or just in case @@ -66,13 +65,17 @@ jobs: type=semver,pattern={{version}} type=semver,pattern={{major}}.{{minor}} type=raw,value=latest,enable={{is_default_branch}} - type=raw,value=${{ inputs.postgres_version || '18.1' }} + type=raw,value=${{ steps.version.outputs.VERSION }} type=sha - name: Extract first Docker tag id: extract_tag run: echo "tag=$(echo '${{ steps.meta.outputs.tags }}' | head -n 1)" >> $GITHUB_OUTPUT + - name: Read VERSION + id: version + run: echo "VERSION=$(cat VERSION)" >> $GITHUB_OUTPUT + - name: Build and push Docker image id: build uses: docker/build-push-action@v5 @@ -89,7 +92,7 @@ jobs: push: ${{ github.event_name != 'pull_request' }} platforms: ${{ github.event_name == 'pull_request' && 'linux/amd64' || 'linux/amd64,linux/arm64' }} build-args: | - POSTGRES_VERSION=${{ inputs.postgres_version || '18.1' }} + POSTGRES_VERSION=${{ steps.version.outputs.VERSION }} tags: ${{ steps.meta.outputs.tags }} labels: ${{ steps.meta.outputs.labels }} cache-from: type=gha @@ -106,3 +109,23 @@ jobs: vuln-type: 'os,library' severity: 'CRITICAL,HIGH' + - name: Create Git Tag + if: github.event_name == 'push' && github.ref == 'refs/heads/master' + run: | + VERSION="${{ steps.version.outputs.VERSION }}" + git tag "$VERSION" + git push origin "$VERSION" + + - name: Create GitHub Release + if: github.event_name == 'push' && github.ref == 'refs/heads/master' + uses: actions/create-release@v1 + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + with: + tag_name: ${{ steps.version.outputs.VERSION }} + release_name: PostgreSQL ${{ steps.version.outputs.VERSION }} + body: | + PostgreSQL ${{ steps.version.outputs.VERSION }} + draft: false + prerelease: false + diff --git a/Dockerfile b/Dockerfile index af6f556..7e3ee83 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,4 +1,4 @@ -ARG POSTGRES_VERSION=18.1 +ARG POSTGRES_VERSION=18.2 FROM postgres:${POSTGRES_VERSION} # ensure setpriv works as expected @@ -9,6 +9,7 @@ RUN set -eux; \ RUN set -eux; \ apt-get update; \ + apt-get -y upgrade; \ apt-get install -y --no-install-recommends pgbackrest gettext-base ca-certificates; \ rm -rf /var/lib/apt/lists/*; \ rm /usr/local/bin/gosu diff --git a/README.md b/README.md index 45a737b..687e13e 100644 --- a/README.md +++ b/README.md @@ -124,10 +124,15 @@ Common env vars referenced by the default template: ## Building -To build the image with a specific PostgreSQL version: +To build the image locally with a specific PostgreSQL version: ```bash -docker build --build-arg POSTGRES_VERSION=18.1 -t ethoslink/postgres-backrest:18.1 . +# Using update.sh (recommended) +./update.sh +docker build -t ethoslink/postgres-backrest: . + +# Or directly with build-arg +docker build --build-arg POSTGRES_VERSION=18.2 -t ethoslink/postgres-backrest:18.2 . ``` ## Security & Maintenance @@ -141,11 +146,36 @@ The image is based on the official Debian-based PostgreSQL image and installs `p The image is published to: -- **GitHub**: -- **Docker Hub**: -- **GitHub Container Registry**: +- **GitHub**: https://github.com/ethos-link/postgres-backrest +- **Docker Hub**: https://hub.docker.com/r/ethoslink/postgres-backrest +- **GitHub Container Registry**: https://ghcr.io/ethos-link/postgres-backrest + +## Creating a Release + +To bump the PostgreSQL version and create a new release: + +```bash +# Bump the version (updates Dockerfile + VERSION file) +./update.sh 18.3 + +# Commit and push +git add -A && git commit -m "Bump PostgreSQL to 18.3" +git push origin +``` + +Then create a PR and merge to `master`. GitHub Actions will: + +1. Build and push the Docker image with the new version tag +2. Create a git tag (e.g., `18.3`) +3. Create a GitHub Release with "PostgreSQL 18.3" -To update to a new PostgreSQL version, pass a different `POSTGRES_VERSION` build-arg (or change the Dockerfile default) and rebuild. +You can also pass a version manually to trigger a workflow dispatch: + +```bash +# Via GitHub UI to manually trigger a build +# Or via CLI: +gh workflow run publish.yml -f postgres_version=18.3 +``` ## License diff --git a/VERSION b/VERSION new file mode 100644 index 0000000..da1c69f --- /dev/null +++ b/VERSION @@ -0,0 +1 @@ +18.2 \ No newline at end of file diff --git a/update.sh b/update.sh index aa53db8..8f58304 100755 --- a/update.sh +++ b/update.sh @@ -14,5 +14,8 @@ NEW_VERSION="$1" # Update the default ARG in Dockerfile sed -i "s/ARG POSTGRES_VERSION=.*/ARG POSTGRES_VERSION=${NEW_VERSION}/" Dockerfile -echo "Updated Dockerfile to use PostgreSQL version ${NEW_VERSION}" +# Update VERSION file +echo "${NEW_VERSION}" > VERSION + +echo "Updated Dockerfile and VERSION file to use PostgreSQL version ${NEW_VERSION}" echo "You can now build and test the image." \ No newline at end of file