Update the version to 18.2

.github/workflows/publish.yml

@@ -3,7 +3,6 @@ name: Publish Docker Image
 on:
   push:
     branches: ['master']
-    tags: ['v*']
   pull_request:
     branches: ['master']
   workflow_dispatch:
@@ -22,7 +21,7 @@ jobs:
   build-and-push:
     runs-on: ubuntu-latest
     permissions:
-      contents: read
+      contents: write
       packages: write
       security-events: write # Required for Trivy SARIF (if used) or just in case
 
@@ -66,13 +65,17 @@ jobs:
             type=semver,pattern={{version}}
             type=semver,pattern={{major}}.{{minor}}
             type=raw,value=latest,enable={{is_default_branch}}
-            type=raw,value=${{ inputs.postgres_version || '18.1' }}
+            type=raw,value=${{ steps.version.outputs.VERSION }}
             type=sha
 
       - name: Extract first Docker tag
         id: extract_tag
         run: echo "tag=$(echo '${{ steps.meta.outputs.tags }}' | head -n 1)" >> $GITHUB_OUTPUT
 
+      - name: Read VERSION
+        id: version
+        run: echo "VERSION=$(cat VERSION)" >> $GITHUB_OUTPUT
+
       - name: Build and push Docker image
         id: build
         uses: docker/build-push-action@v5
@@ -89,7 +92,7 @@ jobs:
           push: ${{ github.event_name != 'pull_request' }}
           platforms: ${{ github.event_name == 'pull_request' && 'linux/amd64' || 'linux/amd64,linux/arm64' }}
           build-args: |
-            POSTGRES_VERSION=${{ inputs.postgres_version || '18.1' }}
+            POSTGRES_VERSION=${{ steps.version.outputs.VERSION }}
           tags: ${{ steps.meta.outputs.tags }}
           labels: ${{ steps.meta.outputs.labels }}
           cache-from: type=gha
@@ -106,3 +109,23 @@ jobs:
           vuln-type: 'os,library'
           severity: 'CRITICAL,HIGH'
 
+      - name: Create Git Tag
+        if: github.event_name == 'push' && github.ref == 'refs/heads/master'
+        run: |
+          VERSION="${{ steps.version.outputs.VERSION }}"
+          git tag "$VERSION"
+          git push origin "$VERSION"
+
+      - name: Create GitHub Release
+        if: github.event_name == 'push' && github.ref == 'refs/heads/master'
+        uses: actions/create-release@v1
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+        with:
+          tag_name: ${{ steps.version.outputs.VERSION }}
+          release_name: PostgreSQL ${{ steps.version.outputs.VERSION }}
+          body: |
+            PostgreSQL ${{ steps.version.outputs.VERSION }}
+          draft: false
+          prerelease: false
+

Dockerfile

@@ -1,4 +1,4 @@
-ARG POSTGRES_VERSION=18.1
+ARG POSTGRES_VERSION=18.2
 FROM postgres:${POSTGRES_VERSION}
 
 # ensure setpriv works as expected
@@ -9,6 +9,7 @@ RUN set -eux; \
 
 RUN set -eux; \
     apt-get update; \
+    apt-get -y upgrade; \
     apt-get install -y --no-install-recommends pgbackrest gettext-base ca-certificates; \
     rm -rf /var/lib/apt/lists/*; \
     rm /usr/local/bin/gosu 

README.md

@@ -124,10 +124,15 @@ Common env vars referenced by the default template:
 
 ## Building
 
-To build the image with a specific PostgreSQL version:
+To build the image locally with a specific PostgreSQL version:
 
 ```bash
-docker build --build-arg POSTGRES_VERSION=18.1 -t ethoslink/postgres-backrest:18.1 .
+# Using update.sh (recommended)
+./update.sh <version>
+docker build -t ethoslink/postgres-backrest:<version> .
+
+# Or directly with build-arg
+docker build --build-arg POSTGRES_VERSION=18.2 -t ethoslink/postgres-backrest:18.2 .
 ```
 
 ## Security & Maintenance
@@ -141,11 +146,36 @@ The image is based on the official Debian-based PostgreSQL image and installs `p
 
 The image is published to:
 
-- **GitHub**: <https://github.com/ethos-link/postgres-backrest>
-- **Docker Hub**: <https://hub.docker.com/r/ethoslink/postgres-backrest>
-- **GitHub Container Registry**: <https://ghcr.io/ethos-link/postgres-backrest>
+- **GitHub**: https://github.com/ethos-link/postgres-backrest
+- **Docker Hub**: https://hub.docker.com/r/ethoslink/postgres-backrest
+- **GitHub Container Registry**: https://ghcr.io/ethos-link/postgres-backrest
+
+## Creating a Release
+
+To bump the PostgreSQL version and create a new release:
+
+```bash
+# Bump the version (updates Dockerfile + VERSION file)
+./update.sh 18.3
+
+# Commit and push
+git add -A && git commit -m "Bump PostgreSQL to 18.3"
+git push origin <branch>
+```
+
+Then create a PR and merge to `master`. GitHub Actions will:
+
+1. Build and push the Docker image with the new version tag
+2. Create a git tag (e.g., `18.3`)
+3. Create a GitHub Release with "PostgreSQL 18.3"
 
-To update to a new PostgreSQL version, pass a different `POSTGRES_VERSION` build-arg (or change the Dockerfile default) and rebuild.
+You can also pass a version manually to trigger a workflow dispatch:
+
+```bash
+# Via GitHub UI to manually trigger a build
+# Or via CLI:
+gh workflow run publish.yml -f postgres_version=18.3
+```
 
 ## License
 

VERSION

@@ -0,0 +1 @@
+18.2

update.sh

@@ -14,5 +14,8 @@ NEW_VERSION="$1"
 # Update the default ARG in Dockerfile
 sed -i "s/ARG POSTGRES_VERSION=.*/ARG POSTGRES_VERSION=${NEW_VERSION}/" Dockerfile
 
-echo "Updated Dockerfile to use PostgreSQL version ${NEW_VERSION}"
+# Update VERSION file
+echo "${NEW_VERSION}" > VERSION
+
+echo "Updated Dockerfile and VERSION file to use PostgreSQL version ${NEW_VERSION}"
 echo "You can now build and test the image."