From 4cf4337ec4d9215339497c9e491b871bd013e909 Mon Sep 17 00:00:00 2001 From: RockWolf Date: Sat, 27 Sep 2025 18:09:09 +0200 Subject: [PATCH 1/3] feat(docs): add section about bumping `Cluster` `imageName` using renovate Signed-off-by: RockWolf --- README.md | 27 +++++++++++++++++++++++++++ 1 file changed, 27 insertions(+) diff --git a/README.md b/README.md index 323dac85f..956fd597c 100644 --- a/README.md +++ b/README.md @@ -261,6 +261,33 @@ vulnerabilities before they are published or deployed: For detailed instructions on building PostgreSQL container images, refer to the [BUILD.md](BUILD.md) file. +## Automatic Updating using Renovate + +[Renovate](https://github.com/renovatebot/renovate) can be used to automatically update various dependencies. +As CloudNativePG's `Cluster` CRDs are not automatically picked up by renovate a custom regex manager must be configured: + +```json5 +{ + customManagers: [ + { + // cloudnative-pg instance version + customType: 'regex', + managerFilePatterns: [ + '/\\.yaml$/', + ], + matchStrings: [ + 'imageName: (?\\S+):(?\\S+)@(?sha256:[a-f0-9]+)', + ], + datasourceTemplate: 'docker', + // matches: 17.6-202509151215-minimal-trixie + versioningTemplate: 'regex:^(?\\d+)\\.(?\\d+)-(?\\d+)-(?\\S+)$', + } + ] +} +``` + +Renovate will never change the `compatibility` part of the tag! So bumping from e.g., `trixie` to the next debian release must be done manually. + ## License and copyright This software is available under [Apache License 2.0](LICENSE). From 3d9008049e9aae48361e524a75e82b6957871315 Mon Sep 17 00:00:00 2001 From: RockWolf Date: Sun, 5 Oct 2025 13:20:42 +0200 Subject: [PATCH 2/3] update matchStrings regex to treat digest as optional Signed-off-by: RockWolf --- README.md | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/README.md b/README.md index 956fd597c..bdec3c96d 100644 --- a/README.md +++ b/README.md @@ -276,11 +276,12 @@ As CloudNativePG's `Cluster` CRDs are not automatically picked up by renovate a '/\\.yaml$/', ], matchStrings: [ - 'imageName: (?\\S+):(?\\S+)@(?sha256:[a-f0-9]+)', + 'imageName: (?[^\\s:]+):(?[^\\s@]+)(?:@(?sha256:[a-f0-9]+))?', ], datasourceTemplate: 'docker', // matches: 17.6-202509151215-minimal-trixie versioningTemplate: 'regex:^(?\\d+)\\.(?\\d+)-(?\\d+)-(?\\S+)$', + autoReplaceStringTemplate: '{{{newValue}}}{{#if newDigest}}@{{{newDigest}}}{{/if}}', } ] } From b27b57799f556596ed912010a181d484dac30bdb Mon Sep 17 00:00:00 2001 From: DerRockWolf <50499906+DerRockWolf@users.noreply.github.com> Date: Wed, 22 Oct 2025 13:06:16 +0200 Subject: [PATCH 3/3] clarify `compatibility` part Co-authored-by: Marco Nenciarini Signed-off-by: DerRockWolf <50499906+DerRockWolf@users.noreply.github.com> --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index bdec3c96d..b6d096bf4 100644 --- a/README.md +++ b/README.md @@ -287,7 +287,7 @@ As CloudNativePG's `Cluster` CRDs are not automatically picked up by renovate a } ``` -Renovate will never change the `compatibility` part of the tag! So bumping from e.g., `trixie` to the next debian release must be done manually. +Renovate will never change the `compatibility` part of the tag, ensuring that the upgraded images will remain compatible. ## License and copyright