Merge pull request 'Update ghcr.io/squat/generic-device-plugin:latest Docker digest to ef5deb0' (#145) from renovate/ghcr.io-squat-generic-device-plugin-latest into main

Reviewed-on: #144

.gitea/workflows/lint-test.yaml

@@ -5,10 +5,10 @@ on:
 
 jobs:
   lint-test:
-    runs-on: ubuntu-latest
+    runs-on: ubuntu-js
     steps:
       - name: Checkout
-        uses: actions/checkout@v4
+        uses: actions/checkout@v6
         with:
           fetch-depth: 0
 
@@ -18,13 +18,14 @@ jobs:
           version: latest
 
       - name: Set up Python
-        uses: actions/setup-python@v5
+        uses: actions/setup-python@v6
         with:
-          python-version: "3.13"
-          check-latest: true
+          python-version: '3.14'
 
       - name: Set up Chart Testing
         uses: helm/chart-testing-action@v2.7.0
+        with:
+          yamale_version: "6.0.0"
 
       - name: Run Chart Testing (list-changed)
         id: list-changed
@@ -37,3 +38,18 @@ jobs:
       - name: Run Chart Testing (lint)
         if: steps.list-changed.outputs.changed == 'true'
         run: ct lint --validate-maintainers=false --target-branch ${{ gitea.event.repository.default_branch }}
+
+      - name: ntfy Failed
+        uses: niniyas/ntfy-action@master
+        if: failure()
+        with:
+          url: '${{ secrets.NTFY_URL }}'
+          topic: '${{ secrets.NTFY_TOPIC }}'
+          title: 'Test Failure - Helm Charts'
+          priority: 3
+          headers: '{"Authorization": "Bearer ${{ secrets.NTFY_CRED }}"}'
+          tags: action,failed
+          details: 'Tests have failed for Helm Charts'
+          icon: 'https://cdn.jsdelivr.net/gh/selfhst/icons/png/gitea.png'
+          actions: '[{"action": "view", "label": "Open Gitea", "url": "https://gitea.alexlebens.dev/alexlebens/helm-charts/actions?workflow=lint-test.yaml", "clear": true}]'
+          image: true

.gitea/workflows/release-charts-cloudflared.yml

@@ -14,10 +14,10 @@ env:
 
 jobs:
   release:
-    runs-on: ubuntu-latest
+    runs-on: ubuntu-js
     steps:
       - name: Checkout
-        uses: actions/checkout@v4
+        uses: actions/checkout@v6
 
       - name: Set up Helm
         uses: azure/setup-helm@v4
@@ -62,11 +62,11 @@ jobs:
         with:
           url: '${{ secrets.NTFY_URL }}'
           topic: '${{ secrets.NTFY_TOPIC }}'
-          title: 'Gitea Action'
+          title: 'Release Success - ${{ env.CHART_NAME }}'
           priority: 3
           headers: '{"Authorization": "Bearer ${{ secrets.NTFY_CRED }}"}'
           tags: action,successfully,completed
-          details: 'Helm Chart for cloudflared release workflow has successfully completed!'
+          details: 'Helm Chart ${{ env.CHART_NAME }}-${{ env.CHART_VERSION }} has been released!'
           icon: 'https://cdn.jsdelivr.net/gh/selfhst/icons/png/gitea.png'
 
       - name: ntfy Failed
@@ -75,11 +75,11 @@ jobs:
         with:
           url: '${{ secrets.NTFY_URL }}'
           topic: '${{ secrets.NTFY_TOPIC }}'
-          title: 'Gitea Action'
+          title: 'Release Failure - ${{ env.CHART_NAME }}'
           priority: 4
           headers: '{"Authorization": "Bearer ${{ secrets.NTFY_CRED }}"}'
           tags: action,failed
-          details: 'Helm Chart for cloudflared release workflow has failed!'
+          details: 'Helm Chart ${{ env.CHART_NAME }}-${{ env.CHART_VERSION }} has failed to be released.'
           icon: 'https://cdn.jsdelivr.net/gh/selfhst/icons/png/gitea.png'
-          actions: '[{"action": "view", "label": "Open Gitea", "url": "https://gitea.alexlebens.dev/alexlebens/site-profile/actions?workflow=release-image.yml", "clear": true}]'
+          actions: '[{"action": "view", "label": "Open Gitea", "url": "https://gitea.alexlebens.dev/alexlebens/helm-charts/actions?workflow=release-charts-cloudflared.yml", "clear": true}]'
           image: true

.gitea/workflows/release-charts-generic-device-plugin.yml

@@ -14,10 +14,10 @@ env:
 
 jobs:
   release:
-    runs-on: ubuntu-latest
+    runs-on: ubuntu-js
     steps:
       - name: Checkout
-        uses: actions/checkout@v4
+        uses: actions/checkout@v6
 
       - name: Set up Helm
         uses: azure/setup-helm@v4
@@ -62,11 +62,11 @@ jobs:
         with:
           url: '${{ secrets.NTFY_URL }}'
           topic: '${{ secrets.NTFY_TOPIC }}'
-          title: 'Gitea Action'
+          title: 'Release Success - ${{ env.CHART_NAME }}'
           priority: 3
           headers: '{"Authorization": "Bearer ${{ secrets.NTFY_CRED }}"}'
           tags: action,successfully,completed
-          details: 'Helm Chart for generic-device-plugin release workflow has successfully completed!'
+          details: 'Helm Chart ${{ env.CHART_NAME }}-${{ env.CHART_VERSION }} has been released!'
           icon: 'https://cdn.jsdelivr.net/gh/selfhst/icons/png/gitea.png'
 
       - name: ntfy Failed
@@ -75,11 +75,11 @@ jobs:
         with:
           url: '${{ secrets.NTFY_URL }}'
           topic: '${{ secrets.NTFY_TOPIC }}'
-          title: 'Gitea Action'
+          title: 'Release Failure - ${{ env.CHART_NAME }}'
           priority: 4
           headers: '{"Authorization": "Bearer ${{ secrets.NTFY_CRED }}"}'
           tags: action,failed
-          details: 'Helm Chart for generic-device-plugin release workflow has failed!'
+          details: 'Helm Chart ${{ env.CHART_NAME }}-${{ env.CHART_VERSION }} has failed to be released.'
           icon: 'https://cdn.jsdelivr.net/gh/selfhst/icons/png/gitea.png'
-          actions: '[{"action": "view", "label": "Open Gitea", "url": "https://gitea.alexlebens.dev/alexlebens/site-profile/actions?workflow=release-image.yml", "clear": true}]'
+          actions: '[{"action": "view", "label": "Open Gitea", "url": "https://gitea.alexlebens.dev/alexlebens/helm-charts/actions?workflow=release-charts-generic-device-plugin.yml", "clear": true}]'
           image: true

.gitea/workflows/release-charts-gitea-actions.yml

@@ -14,10 +14,10 @@ env:
 
 jobs:
   release:
-    runs-on: ubuntu-latest
+    runs-on: ubuntu-js
     steps:
       - name: Checkout
-        uses: actions/checkout@v4
+        uses: actions/checkout@v6
 
       - name: Set up Helm
         uses: azure/setup-helm@v4
@@ -62,11 +62,11 @@ jobs:
         with:
           url: '${{ secrets.NTFY_URL }}'
           topic: '${{ secrets.NTFY_TOPIC }}'
-          title: 'Gitea Action'
+          title: 'Release Success - ${{ env.CHART_NAME }}'
           priority: 3
           headers: '{"Authorization": "Bearer ${{ secrets.NTFY_CRED }}"}'
           tags: action,successfully,completed
-          details: 'Helm Chart for gitea-actions release workflow has successfully completed!'
+          details: 'Helm Chart ${{ env.CHART_NAME }}-${{ env.CHART_VERSION }} has been released!'
           icon: 'https://cdn.jsdelivr.net/gh/selfhst/icons/png/gitea.png'
 
       - name: ntfy Failed
@@ -75,11 +75,11 @@ jobs:
         with:
           url: '${{ secrets.NTFY_URL }}'
           topic: '${{ secrets.NTFY_TOPIC }}'
-          title: 'Gitea Action'
+          title: 'Release Failure - ${{ env.CHART_NAME }}'
           priority: 4
           headers: '{"Authorization": "Bearer ${{ secrets.NTFY_CRED }}"}'
           tags: action,failed
-          details: 'Helm Chart for gitea-actions release workflow has failed!'
+          details: 'Helm Chart ${{ env.CHART_NAME }}-${{ env.CHART_VERSION }} has failed to be released.'
           icon: 'https://cdn.jsdelivr.net/gh/selfhst/icons/png/gitea.png'
-          actions: '[{"action": "view", "label": "Open Gitea", "url": "https://gitea.alexlebens.dev/alexlebens/site-profile/actions?workflow=release-image.yml", "clear": true}]'
+          actions: '[{"action": "view", "label": "Open Gitea", "url": "https://gitea.alexlebens.dev/alexlebens/helm-charts/actions?workflow=release-charts-gitea-actions.yml", "clear": true}]'
           image: true

.gitea/workflows/release-charts-postgres-cluster.yml

@@ -14,10 +14,10 @@ env:
 
 jobs:
   release:
-    runs-on: ubuntu-latest
+    runs-on: ubuntu-js
     steps:
       - name: Checkout
-        uses: actions/checkout@v4
+        uses: actions/checkout@v6
 
       - name: Set up Helm
         uses: azure/setup-helm@v4
@@ -62,11 +62,11 @@ jobs:
         with:
           url: '${{ secrets.NTFY_URL }}'
           topic: '${{ secrets.NTFY_TOPIC }}'
-          title: 'Gitea Action'
+          title: 'Release Success - ${{ env.CHART_NAME }}'
           priority: 3
           headers: '{"Authorization": "Bearer ${{ secrets.NTFY_CRED }}"}'
           tags: action,successfully,completed
-          details: 'Helm Chart for postgres-cluster release workflow has successfully completed!'
+          details: 'Helm Chart ${{ env.CHART_NAME }}-${{ env.CHART_VERSION }} has been released!'
           icon: 'https://cdn.jsdelivr.net/gh/selfhst/icons/png/gitea.png'
 
       - name: ntfy Failed
@@ -75,11 +75,11 @@ jobs:
         with:
           url: '${{ secrets.NTFY_URL }}'
           topic: '${{ secrets.NTFY_TOPIC }}'
-          title: 'Gitea Action'
+          title: 'Release Failure - ${{ env.CHART_NAME }}'
           priority: 4
           headers: '{"Authorization": "Bearer ${{ secrets.NTFY_CRED }}"}'
           tags: action,failed
-          details: 'Helm Chart for postgres-cluster release workflow has failed!'
+          details: 'Helm Chart ${{ env.CHART_NAME }}-${{ env.CHART_VERSION }} has failed to be released.'
           icon: 'https://cdn.jsdelivr.net/gh/selfhst/icons/png/gitea.png'
-          actions: '[{"action": "view", "label": "Open Gitea", "url": "https://gitea.alexlebens.dev/alexlebens/site-profile/actions?workflow=release-image.yml", "clear": true}]'
+          actions: '[{"action": "view", "label": "Open Gitea", "url": "https://gitea.alexlebens.dev/alexlebens/helm-charts/actions?workflow=release-charts-postgres-cluster.yml", "clear": true}]'
           image: true

.gitea/workflows/renovate.yaml

@@ -13,10 +13,10 @@ on:
 jobs:
   renovate:
     runs-on: ubuntu-latest
-    container: ghcr.io/renovatebot/renovate:41
+    container: ghcr.io/renovatebot/renovate:42
     steps:
       - name: Checkout
-        uses: actions/checkout@v4
+        uses: actions/checkout@v6
 
       - name: Renovate
         run: renovate

.github/workflows/release-charts.yml

@@ -14,7 +14,7 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: Checkout
-        uses: actions/checkout@v4
+        uses: actions/checkout@v6
         with:
           fetch-depth: 0
 

charts/cloudflared/Chart.yaml

@@ -1,6 +1,6 @@
 apiVersion: v2
 name: cloudflared
-version: 1.21.1
+version: 1.23.0
 description: Cloudflared Tunnel
 keywords:
   - cloudflare
@@ -13,6 +13,6 @@ maintainers:
 dependencies:
   - name: common
     repository: https://bjw-s-labs.github.io/helm-charts/
-    version: 4.3.0
+    version: 4.4.0
 icon: https://avatars.githubusercontent.com/u/314135?s=48&v=4
-appVersion: "2025.8.1"
+appVersion: "2025.10.0"

charts/cloudflared/README.md

@@ -1,6 +1,6 @@
 # cloudflared
 
-![Version: 1.21.1](https://img.shields.io/badge/Version-1.21.1-informational?style=flat-square) ![AppVersion: 2025.8.1](https://img.shields.io/badge/AppVersion-2025.8.1-informational?style=flat-square)
+![Version: 1.22.1](https://img.shields.io/badge/Version-1.22.1-informational?style=flat-square) ![AppVersion: 2025.10.0](https://img.shields.io/badge/AppVersion-2025.10.0-informational?style=flat-square)
 
 Cloudflared Tunnel
 
@@ -19,7 +19,7 @@ Cloudflared Tunnel
 
 | Repository | Name | Version |
 |------------|------|---------|
-| https://bjw-s-labs.github.io/helm-charts/ | common | 4.3.0 |
+| https://bjw-s-labs.github.io/helm-charts/ | common | 4.4.0 |
 
 ## Values
 
@@ -27,7 +27,7 @@ Cloudflared Tunnel
 |-----|------|---------|-------------|
 | existingSecretKey | string | `"cf-tunnel-token"` | Name of key that contains the token in the existingSecret |
 | existingSecretName | string | `"cloudflared-secret"` | Name of existing secret that contains Cloudflare token |
-| image | object | `{"pullPolicy":"IfNotPresent","repository":"cloudflare/cloudflared","tag":"2025.9.1"}` | Default image |
+| image | object | `{"pullPolicy":"IfNotPresent","repository":"cloudflare/cloudflared","tag":"2025.10.0"}` | Default image |
 | name | string | `"cloudflared"` | Name override of release |
 | resources | object | `{"requests":{"cpu":"10m","memory":"128Mi"}}` | Default resources |
 

charts/cloudflared/values.yaml

@@ -10,7 +10,7 @@ existingSecretKey: cf-tunnel-token
 # -- Default image
 image:
   repository: cloudflare/cloudflared
-  tag: "2025.9.1"
+  tag: "2025.11.1"
   pullPolicy: IfNotPresent
 
 # -- Default resources

charts/generic-device-plugin/Chart.yaml

@@ -1,6 +1,6 @@
 apiVersion: v2
 name: generic-device-plugin
-version: 0.12.0
+version: 0.20.1
 description: Generic Device Plugin
 keywords:
   - generic-device-plugin
@@ -14,5 +14,5 @@ maintainers:
 dependencies:
   - name: common
     repository: https://bjw-s-labs.github.io/helm-charts/
-    version: 4.3.0
-appVersion: 0.10.0
+    version: 4.4.0
+appVersion: 0.15.0

charts/generic-device-plugin/README.md

@@ -1,6 +1,6 @@
 # generic-device-plugin
 
-![Version: 0.12.0](https://img.shields.io/badge/Version-0.12.0-informational?style=flat-square) ![AppVersion: 0.10.0](https://img.shields.io/badge/AppVersion-0.10.0-informational?style=flat-square)
+![Version: 0.16.0](https://img.shields.io/badge/Version-0.16.0-informational?style=flat-square) ![AppVersion: 0.15.0](https://img.shields.io/badge/AppVersion-0.15.0-informational?style=flat-square)
 
 Generic Device Plugin
 
@@ -19,7 +19,7 @@ Generic Device Plugin
 
 | Repository | Name | Version |
 |------------|------|---------|
-| https://bjw-s-labs.github.io/helm-charts/ | common | 4.3.0 |
+| https://bjw-s-labs.github.io/helm-charts/ | common | 4.4.0 |
 
 ## Values
 
@@ -28,7 +28,7 @@ Generic Device Plugin
 | config | object | `{"data":"devices:\n  - name: serial\n    groups:\n      - paths:\n          - path: /dev/ttyUSB*\n      - paths:\n          - path: /dev/ttyACM*\n      - paths:\n          - path: /dev/tty.usb*\n      - paths:\n          - path: /dev/cu.*\n      - paths:\n          - path: /dev/cuaU*\n      - paths:\n          - path: /dev/rfcomm*\n  - name: video\n    groups:\n      - paths:\n          - path: /dev/video0\n  - name: fuse\n    groups:\n      - count: 10\n        paths:\n          - path: /dev/fuse\n  - name: audio\n    groups:\n      - count: 10\n        paths:\n          - path: /dev/snd\n  - name: capture\n    groups:\n      - paths:\n          - path: /dev/snd/controlC0\n          - path: /dev/snd/pcmC0D0c\n      - paths:\n          - path: /dev/snd/controlC1\n            mountPath: /dev/snd/controlC0\n          - path: /dev/snd/pcmC1D0c\n            mountPath: /dev/snd/pcmC0D0c\n      - paths:\n          - path: /dev/snd/controlC2\n            mountPath: /dev/snd/controlC0\n          - path: /dev/snd/pcmC2D0c\n            mountPath: /dev/snd/pcmC0D0c\n      - paths:\n          - path: /dev/snd/controlC3\n            mountPath: /dev/snd/controlC0\n          - path: /dev/snd/pcmC3D0c\n            mountPath: /dev/snd/pcmC0D0c\n","enabled":true}` | Config map |
 | config.data | string | See [values.yaml](./values.yaml) | generic-device-plugin config file [[ref]](https://github.com/squat/generic-device-plugin#usage) |
 | deviceDomain | string | `"devic.es"` | Domain used by devices for identifcation |
-| image | object | `{"pullPolicy":"Always","repository":"ghcr.io/squat/generic-device-plugin","tag":"latest@sha256:359bcdd5c7b45a815a50e2f69c5942d85de6db03ff4a3923462af06161bead08"}` | Default image |
+| image | object | `{"pullPolicy":"Always","repository":"ghcr.io/squat/generic-device-plugin","tag":"latest@sha256:62dda74362cc607b00d1ade291c192ea894d8bdc53a969ed5328b866b2988597"}` | Default image |
 | name | string | `"generic-device-plugin"` | Name override of release |
 | resources | object | `{"requests":{"cpu":"50m","memory":"10Mi"}}` | Default resources |
 | service | object | `{"listenPort":8080}` | Service port |

charts/generic-device-plugin/values.yaml

@@ -4,7 +4,7 @@ name: generic-device-plugin
 # -- Default image
 image:
   repository: ghcr.io/squat/generic-device-plugin
-  tag: latest@sha256:359bcdd5c7b45a815a50e2f69c5942d85de6db03ff4a3923462af06161bead08
+  tag: latest@sha256:ef5deb09dcf7e577c8603857ae56ef479d91be6ab6f40dd2427166d510b0745f
   pullPolicy: Always
 
 # -- Domain used by devices for identifcation

charts/postgres-cluster/Chart.yaml

@@ -1,6 +1,6 @@
 apiVersion: v2
 name: postgres-cluster
-version: 6.8.0
+version: 6.16.0
 description: Cloudnative-pg Cluster
 keywords:
   - database
@@ -11,4 +11,4 @@ sources:
 maintainers:
   - name: alexlebens
 icon: https://avatars.githubusercontent.com/u/100373852?s=48&v=4
-appVersion: v1.26.0
+appVersion: v1.27.0

charts/postgres-cluster/README.md

@@ -1,6 +1,6 @@
 # postgres-cluster
 
-![Version: 6.8.0](https://img.shields.io/badge/Version-6.8.0-informational?style=flat-square) ![AppVersion: v1.26.0](https://img.shields.io/badge/AppVersion-v1.26.0-informational?style=flat-square)
+![Version: 6.15.0](https://img.shields.io/badge/Version-6.15.0-informational?style=flat-square) ![AppVersion: v1.27.0](https://img.shields.io/badge/AppVersion-v1.27.0-informational?style=flat-square)
 
 Cloudnative-pg Cluster
 
@@ -23,17 +23,17 @@ Cloudnative-pg Cluster
 | backup.method | string | `"objectStore"` | Method to create backups, options currently are only objectStore |
 | backup.objectStore | list | `[]` | Options for object store backups |
 | backup.scheduledBackups | list | `[]` | List of scheduled backups |
-| cluster | object | `{"additionalLabels":{},"affinity":{"enablePodAntiAffinity":true,"topologyKey":"kubernetes.io/hostname"},"annotations":{},"certificates":{},"enablePDB":true,"enableSuperuserAccess":false,"image":{"repository":"ghcr.io/cloudnative-pg/postgresql","tag":"17.5-1-bullseye"},"imagePullPolicy":"IfNotPresent","imagePullSecrets":[],"initdb":{},"instances":3,"logLevel":"info","monitoring":{"customQueries":[],"customQueriesSecret":[],"disableDefaultQueries":false,"enabled":false,"podMonitor":{"enabled":true,"metricRelabelings":[],"relabelings":[]},"prometheusRule":{"enabled":false,"excludeRules":[]}},"postgresGID":-1,"postgresUID":-1,"postgresql":{"ldap":{},"parameters":{"hot_standby_feedback":"on","max_slot_wal_keep_size":"2000MB","shared_buffers":"128MB"},"pg_hba":[],"pg_ident":[],"shared_preload_libraries":[],"synchronous":{}},"primaryUpdateMethod":"switchover","primaryUpdateStrategy":"unsupervised","priorityClassName":"","resources":{"limits":{"hugepages-2Mi":"256Mi"},"requests":{"cpu":"100m","memory":"256Mi"}},"roles":[],"serviceAccountTemplate":{},"services":{},"storage":{"size":"10Gi","storageClass":""},"superuserSecret":"","walStorage":{"enabled":true,"size":"2Gi","storageClass":""}}` | Cluster settings |
+| cluster | object | `{"additionalLabels":{},"affinity":{"enablePodAntiAffinity":true,"topologyKey":"kubernetes.io/hostname"},"annotations":{},"certificates":{},"enablePDB":true,"enableSuperuserAccess":false,"image":{"repository":"ghcr.io/cloudnative-pg/postgresql","tag":"17.6-standard-trixie"},"imagePullPolicy":"IfNotPresent","imagePullSecrets":[],"initdb":{},"instances":3,"logLevel":"info","monitoring":{"customQueries":[],"customQueriesSecret":[],"disableDefaultQueries":false,"enabled":false,"podMonitor":{"enabled":true,"metricRelabelings":[],"relabelings":[]},"prometheusRule":{"enabled":false,"excludeRules":["CNPGClusterLastFailedArchiveTimeWarning"]}},"postgresGID":-1,"postgresUID":-1,"postgresql":{"ldap":{},"parameters":{"hot_standby_feedback":"on","max_slot_wal_keep_size":"2000MB","shared_buffers":"128MB"},"pg_hba":[],"pg_ident":[],"shared_preload_libraries":[],"synchronous":{}},"primaryUpdateMethod":"switchover","primaryUpdateStrategy":"unsupervised","priorityClassName":"","resources":{"limits":{"hugepages-2Mi":"256Mi"},"requests":{"cpu":"100m","memory":"256Mi"}},"roles":[],"serviceAccountTemplate":{},"services":{},"storage":{"size":"10Gi","storageClass":""},"superuserSecret":"","walStorage":{"enabled":true,"size":"2Gi","storageClass":""}}` | Cluster settings |
 | cluster.affinity | object | `{"enablePodAntiAffinity":true,"topologyKey":"kubernetes.io/hostname"}` | Affinity/Anti-affinity rules for Pods. See: https://cloudnative-pg.io/documentation/current/cloudnative-pg.v1/#postgresql-cnpg-io-v1-AffinityConfiguration |
 | cluster.certificates | object | `{}` | The configuration for the CA and related certificates. See: https://cloudnative-pg.io/documentation/current/cloudnative-pg.v1/#postgresql-cnpg-io-v1-CertificatesConfiguration |
 | cluster.enablePDB | bool | `true` | Allow to disable PDB, mainly useful for upgrade of single-instance clusters or development purposes See: https://cloudnative-pg.io/documentation/current/kubernetes_upgrade/#pod-disruption-budgets |
 | cluster.enableSuperuserAccess | bool | `false` | When this option is enabled, the operator will use the SuperuserSecret to update the postgres user password. If the secret is not present, the operator will automatically create one. When this option is disabled, the operator will ignore the SuperuserSecret content, delete it when automatically created, and then blank the password of the postgres user by setting it to NULL. |
-| cluster.image | object | `{"repository":"ghcr.io/cloudnative-pg/postgresql","tag":"17.5-1-bullseye"}` | Default image |
+| cluster.image | object | `{"repository":"ghcr.io/cloudnative-pg/postgresql","tag":"17.6-standard-trixie"}` | Default image |
 | cluster.imagePullPolicy | string | `"IfNotPresent"` | Image pull policy. One of Always, Never or IfNotPresent. If not defined, it defaults to IfNotPresent. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images |
 | cluster.imagePullSecrets | list | `[]` | The list of pull secrets to be used to pull the images. See: https://cloudnative-pg.io/documentation/current/cloudnative-pg.v1/#postgresql-cnpg-io-v1-LocalObjectReference |
 | cluster.initdb | object | `{}` | Bootstrap is the configuration of the bootstrap process when initdb is used. See: https://cloudnative-pg.io/documentation/current/bootstrap/ See: https://cloudnative-pg.io/documentation/current/cloudnative-pg.v1/#postgresql-cnpg-io-v1-bootstrapinitdb |
 | cluster.logLevel | string | `"info"` | The instances' log level, one of the following values: error, warning, info (default), debug, trace |
-| cluster.monitoring | object | `{"customQueries":[],"customQueriesSecret":[],"disableDefaultQueries":false,"enabled":false,"podMonitor":{"enabled":true,"metricRelabelings":[],"relabelings":[]},"prometheusRule":{"enabled":false,"excludeRules":[]}}` | Enable default monitoring and alert rules |
+| cluster.monitoring | object | `{"customQueries":[],"customQueriesSecret":[],"disableDefaultQueries":false,"enabled":false,"podMonitor":{"enabled":true,"metricRelabelings":[],"relabelings":[]},"prometheusRule":{"enabled":false,"excludeRules":["CNPGClusterLastFailedArchiveTimeWarning"]}}` | Enable default monitoring and alert rules |
 | cluster.monitoring.customQueries | list | `[]` | Custom Prometheus metrics Will be stored in the ConfigMap |
 | cluster.monitoring.customQueriesSecret | list | `[]` | The list of secrets containing the custom queries |
 | cluster.monitoring.disableDefaultQueries | bool | `false` | Whether the default queries should be injected. Set it to true if you don't want to inject default queries into the cluster. |
@@ -42,7 +42,7 @@ Cloudnative-pg Cluster
 | cluster.monitoring.podMonitor.metricRelabelings | list | `[]` | The list of metric relabelings for the PodMonitor. Applied to samples before ingestion. |
 | cluster.monitoring.podMonitor.relabelings | list | `[]` | The list of relabelings for the PodMonitor. Applied to samples before scraping. |
 | cluster.monitoring.prometheusRule.enabled | bool | `false` | Whether to enable the PrometheusRule automated alerts |
-| cluster.monitoring.prometheusRule.excludeRules | list | `[]` | Exclude specified rules |
+| cluster.monitoring.prometheusRule.excludeRules | list | `["CNPGClusterLastFailedArchiveTimeWarning"]` | Exclude specified rules |
 | cluster.postgresUID | int | `-1` | The UID and GID of the postgres user inside the image, defaults to 26 |
 | cluster.postgresql | object | `{"ldap":{},"parameters":{"hot_standby_feedback":"on","max_slot_wal_keep_size":"2000MB","shared_buffers":"128MB"},"pg_hba":[],"pg_ident":[],"shared_preload_libraries":[],"synchronous":{}}` | Parameters to be set for the database itself See: https://cloudnative-pg.io/documentation/current/cloudnative-pg.v1/#postgresql-cnpg-io-v1-PostgresConfiguration |
 | cluster.postgresql.ldap | object | `{}` | PostgreSQL LDAP configuration (see https://cloudnative-pg.io/documentation/current/postgresql_conf/#ldap-configuration) |
@@ -108,7 +108,7 @@ Cloudnative-pg Cluster
 | recovery.pgBaseBackup.source.passwordSecret.key | string | `"password"` | The key in the secret containing the password |
 | recovery.pgBaseBackup.source.passwordSecret.name | string | `""` | Name of the secret containing the password |
 | recovery.pgBaseBackup.source.passwordSecret.value | string | `""` | The password value to use when creating the secret |
-| type | string | `"postgresql"` | Type of the CNPG database. Available types: * `postgresql` * `tensorchord` |
+| type | string | `"postgresql"` | Type of the CNPG database. Available types: * `postgresql` |
 
 ----------------------------------------------
 Autogenerated from chart metadata using [helm-docs v1.14.2](https://github.com/norwoodj/helm-docs/releases/v1.14.2)

charts/postgres-cluster/prometheus_rules/cluster-last_failed_archive_time-warning.yaml

@@ -6,7 +6,7 @@ annotations:
   description: |-
     Archiving failed for {{`{{`}} $labels.pod {{`}}`}}
 expr: |
-  (cnpg_pg_stat_archiver_last_failed_time - cnpg_pg_stat_archiver_last_archived_time) > 1
+  (cnpg_pg_stat_archiver_last_failed_time - cnpg_pg_stat_archiver_last_archived_time) > 2
 for: 1m
 labels:
   severity: warning

charts/postgres-cluster/templates/_bootstrap.tpl

@@ -11,21 +11,8 @@ bootstrap:
     {{- if .Values.cluster.initdb.owner }}
     owner: {{ tpl .Values.cluster.initdb.owner . }}
     {{- end }}
-    {{- if eq .Values.type "tensorchord" }}
-    dataChecksums: true
-    {{- end }}
-    {{- if or (eq .Values.type "tensorchord") (.Values.cluster.initdb.postInitApplicationSQL) }}
+    {{- if (.Values.cluster.initdb.postInitApplicationSQL) }}
     postInitApplicationSQL:
-      {{- if eq .Values.type "tensorchord" }}
-      - ALTER SYSTEM SET search_path TO "$user", public, vectors;
-      - SET search_path TO "$user", public, vectors;
-      - CREATE EXTENSION IF NOT EXISTS "vectors";
-      - CREATE EXTENSION IF NOT EXISTS "cube";
-      - CREATE EXTENSION IF NOT EXISTS "earthdistance";
-      - ALTER SCHEMA vectors OWNER TO "app";
-      - GRANT ALL PRIVILEGES ON ALL TABLES IN SCHEMA vectors TO "app";
-      - GRANT ALL PRIVILEGES ON ALL TABLES IN SCHEMA public TO "app";
-      {{- end }}
       {{- with .Values.cluster.initdb }}
         {{- range .postInitApplicationSQL }}
           {{- printf "- %s" . | nindent 6 }}

charts/postgres-cluster/templates/_helpers.tpl

@@ -83,17 +83,3 @@ Generate recovery server name
     {{- printf "%s-backup-%s" (include "cluster.name" .) (toString .Values.recovery.objectStore.index) | trunc 63 | trimSuffix "-" -}}
   {{- end }}
 {{- end }}
-
-{{/*
-Generate name for recovery object store credentials
-*/}}
-{{- define "cluster.recoveryCredentials" -}}
-  {{- printf "%s-cluster-backup-secret" (include "cluster.name" .) | trunc 63 | trimSuffix "-" -}}
-{{- end }}
-
-{{/*
-Generate name for backup object store credentials
-*/}}
-{{- define "cluster.backupCredentials" -}}
-  {{- printf "%s-cluster-backup-secret" (include "cluster.name" .) | trunc 63 | trimSuffix "-" -}}
-{{- end }}

charts/postgres-cluster/templates/cluster.yaml

@@ -19,13 +19,15 @@ spec:
   {{- end }}
   postgresUID: {{ include "cluster.postgresUID" . }}
   postgresGID: {{ include "cluster.postgresGID" . }}
-  {{ if (eq .Values.backup.method "objectStore") }}
-    plugins:
-  {{ end }}
+  plugins:
   {{- range $objectStore := .Values.backup.objectStore }}
     - name: barman-cloud.cloudnative-pg.io
       enabled: true
-      isWALArchiver: {{ $objectStore.isWALArchiver | default true }}
+      {{- if $objectStore.isWALArchiver }}
+      isWALArchiver: true
+      {{- else }}
+      isWALArchiver: false
+      {{- end }}
       parameters:
         barmanObjectName: "{{ include "cluster.name" $ }}-{{ $objectStore.name }}-backup"
         {{- if $objectStore.clusterName }}
@@ -34,7 +36,7 @@ spec:
         serverName: "{{ include "cluster.name" $ }}-backup-{{ $objectStore.index }}"
         {{- end }}
   {{- end }}
-  {{ if eq .Values.recovery.method "objectStore" }}
+  {{ if (eq .Values.recovery.method "objectStore") }}
   externalClusters:
     - name: recovery
       plugin:
@@ -82,11 +84,8 @@ spec:
   enablePDB: {{ .Values.cluster.enablePDB }}
 
   postgresql:
-    {{- if or (eq .Values.type "tensorchord") (not (empty .Values.cluster.postgresql.shared_preload_libraries)) }}
+    {{- if .Values.cluster.postgresql.shared_preload_libraries }}
     shared_preload_libraries:
-      {{- if eq .Values.type "tensorchord" }}
-      - vectors.so
-      {{- end }}
       {{- with .Values.cluster.postgresql.shared_preload_libraries }}
       {{- toYaml . | nindent 6 }}
       {{- end }}

charts/postgres-cluster/templates/object-store.yaml

@@ -37,11 +37,16 @@ spec:
     {{- end }}
     s3Credentials:
       accessKeyId:
-        name: {{ .endpointCredentials }}
+        name: {{ .endpointCredentials | default (printf "%s-cluster-backup-secret" (include "cluster.name" $context) | trunc 63 | trimSuffix "-") }}
         key: ACCESS_KEY_ID
       secretAccessKey:
-        name: {{ .endpointCredentials }}
+        name: {{ .endpointCredentials | default (printf "%s-cluster-backup-secret" (include "cluster.name" $context) | trunc 63 | trimSuffix "-") }}
         key: ACCESS_SECRET_KEY
+    {{- if .endpointCredentialsIncludeRegion }}
+      region:
+        name: {{ .endpointCredentials | default (printf "%s-cluster-backup-secret" (include "cluster.name" $context) | trunc 63 | trimSuffix "-") }}
+        key: ACCESS_REGION
+    {{- end }}
 {{ end -}}
 {{ end }}
 
@@ -77,9 +82,9 @@ spec:
       jobs: {{ .Values.recovery.objectStore.data.jobs }}
     s3Credentials:
       accessKeyId:
-        name: {{ .Values.recovery.objectStore.endpointCredentials }}
+        name: {{ .Values.recovery.objectStore.endpointCredentials | default (printf "%s-cluster-backup-secret" (include "cluster.name" .) | trunc 63 | trimSuffix "-") }}
         key: ACCESS_KEY_ID
       secretAccessKey:
-        name: {{ .Values.recovery.objectStore.endpointCredentials }}
+        name: {{ .Values.recovery.objectStore.endpointCredentials | default (printf "%s-cluster-backup-secret" (include "cluster.name" .) | trunc 63 | trimSuffix "-") }}
         key: ACCESS_SECRET_KEY
 {{ end }}

charts/postgres-cluster/templates/scheduled-backup.yaml

@@ -9,7 +9,7 @@ metadata:
   labels:
     {{- include "cluster.labels" $context | nindent 4 }}
 spec:
-  immediate: {{ .immediate | default true }}
+  immediate: {{ .immediate | default false }}
   suspend: {{ .suspend | default false }}
   schedule: {{ .schedule | quote | required "Schedule is required" }}
   backupOwnerReference: {{ .backupOwnerReference | default "self" }}

charts/postgres-cluster/values.yaml

@@ -6,7 +6,6 @@ namespaceOverride: ""
 
 # -- Type of the CNPG database. Available types:
 # * `postgresql`
-# * `tensorchord`
 type: postgresql
 
 # -- Cluster mode of operation. Available modes:
@@ -21,7 +20,7 @@ cluster:
   # -- Default image
   image:
     repository: ghcr.io/cloudnative-pg/postgresql
-    tag: "17.5-1-bullseye"
+    tag: 17.7-standard-trixie
 
   # -- Image pull policy. One of Always, Never or IfNotPresent. If not defined, it defaults to IfNotPresent. Cannot be updated.
   # More info: https://kubernetes.io/docs/concepts/containers/images#updating-images
@@ -131,7 +130,8 @@ cluster:
       enabled: false
 
       # -- Exclude specified rules
-      excludeRules: []
+      excludeRules:
+        - CNPGClusterLastFailedArchiveTimeWarning
 
     # -- Whether the default queries should be injected.
     # Set it to true if you don't want to inject default queries into the cluster.

renovate.json

@@ -1,70 +1,57 @@
 {
-    "$schema": "https://docs.renovatebot.com/renovate-schema.json",
-    "extends": [
-        "config:recommended",
-        "mergeConfidence:all-badges",
-        ":rebaseStalePrs"
-    ],
-    "timezone": "US/Central",
-    "schedule": [ "* */1 * * *" ],
-    "labels": [],
-    "prHourlyLimit": 0,
-    "prConcurrentLimit": 0,
-    "packageRules": [
+  "$schema": "https://docs.renovatebot.com/renovate-schema.json",
+  "extends": [
+    "config:recommended",
+    "mergeConfidence:all-badges",
+    ":rebaseStalePrs"
+  ],
+  "timezone": "US/Central",
+  "schedule": ["* */1 * * *"],
+  "labels": [],
+  "prHourlyLimit": 0,
+  "prConcurrentLimit": 0,
+  "packageRules": [
+    {
+      "description": "Label charts",
+      "matchDatasources": ["helm"],
+      "addLabels": ["chart"],
+      "automerge": false,
+      "bumpVersions": [
         {
-            "description": "Label charts",
-            "matchDatasources": [
-                "helm"
-            ],
-            "addLabels": [
-                "chart"
-            ],
-            "automerge": false,
-            "bumpVersions": [
-                {
-                "filePatterns": ["{{packageFileDir}}/Chart.{yaml,yml}"],
-                "matchStrings": ["version:\\s(?<version>[^\\s]+)"],
-                "bumpType": "{{#if isPatch}}patch{{else}}minor{{/if}}"
-                }
-            ]
-        },
-        {
-            "description": "Label images",
-            "matchDatasources": [
-                "docker"
-            ],
-            "addLabels": [
-                "image"
-            ],
-            "automerge": false,
-            "bumpVersions": [
-                {
-                "filePatterns": ["{{packageFileDir}}/Chart.{yaml,yml}"],
-                "matchStrings": ["version:\\s(?<version>[^\\s]+)"],
-                "bumpType": "{{#if isPatch}}patch{{else}}minor{{/if}}"
-                }
-            ]
-        },
-        {
-            "description": "CNPG image",
-            "matchDepNames": [
-                "ghcr.io/cloudnative-pg/postgresql"
-            ],
-            "matchDatasources": [
-                "docker"
-            ],
-            "addLabels": [
-                "image"
-            ],
-            "automerge": false,
-            "versioning": "deb",
-            "bumpVersions": [
-                {
-                "filePatterns": ["{{packageFileDir}}/Chart.{yaml,yml}"],
-                "matchStrings": ["version:\\s(?<version>[^\\s]+)"],
-                "bumpType": "{{#if isPatch}}patch{{else}}minor{{/if}}"
-                }
-            ]
+          "filePatterns": ["{{packageFileDir}}/Chart.{yaml,yml}"],
+          "matchStrings": ["version:\\s(?<version>[^\\s]+)"],
+          "bumpType": "{{#if isPatch}}patch{{else}}minor{{/if}}"
         }
-    ]
+      ]
+    },
+    {
+      "description": "Label images",
+      "matchDatasources": ["docker"],
+      "addLabels": ["image"],
+      "automerge": false,
+      "bumpVersions": [
+        {
+          "filePatterns": ["{{packageFileDir}}/Chart.{yaml,yml}"],
+          "matchStrings": ["version:\\s(?<version>[^\\s]+)"],
+          "bumpType": "{{#if isPatch}}patch{{else}}minor{{/if}}"
+        }
+      ]
+    },
+    {
+      "description": "Automerge generic-device-plugin image on digest",
+      "matchDatasources": ["docker"],
+      "matchDepNames": ["ghcr.io/squat/generic-device-plugin"],
+      "matchUpdateTypes": ["digest"],
+      "addLabels": ["image", "automerge"],
+      "automerge": true,
+      "minimumReleaseAge": "1 days",
+      "bumpVersions": [
+        {
+          "filePatterns": ["{{packageFileDir}}/Chart.{yaml,yml}"],
+          "matchStrings": ["version:\\s(?<version>[^\\s]+)"],
+          "bumpType": "patch"
+        }
+      ]
+    }
+  ]
 }