Skip to content

feat(docs): add section about bumping Cluster imageName using renovate #330

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
gbartolini merged 5 commits into from
May 19, 2026
Merged

feat(docs): add section about bumping Cluster imageName using renovate #330

Changes from all commits
Commits
Show all changes
5 commits
Select commit Hold shift + click to select a range
347de9d
feat(docs): add section about bumping `Cluster` `imageName` using ren…
DerRockWolf Sep 27, 2025
2e19d15
update matchStrings regex to treat digest as optional
DerRockWolf Oct 5, 2025
987306b
clarify `compatibility` part
DerRockWolf Oct 22, 2025
4a662bb
fix autoReplaceStringTemplate to preserve `imageName:` prefix
mnencia May 15, 2026
63817c2
refine Renovate snippet: gate majors, anchor digest, polish prose
mnencia May 17, 2026
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
40 changes: 40 additions & 0 deletions README.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -261,6 +261,46 @@ vulnerabilities before they are published or deployed:
For detailed instructions on building PostgreSQL container images, refer to the
[BUILD.md](BUILD.md) file.

## Automated updates with Renovate

[Renovate](https://github.com/renovatebot/renovate) can be used to automatically update various dependencies.
As CloudNativePG's `Cluster` CRDs are not automatically picked up by Renovate, a custom regex manager must be configured.
The example below uses [JSON5](https://json5.org/); save it as `renovate.json5`, or convert keys/comments for use in `renovate.json`:

```json5
{
customManagers: [
{
// CloudNativePG Cluster imageName
customType: 'regex',
managerFilePatterns: [
'/\\.yaml$/',
],
matchStrings: [
'imageName: (?<depName>[^\\s:]+):(?<currentValue>[^\\s@]+)(?:@(?<currentDigest>sha256:[a-f0-9]{64}))?',
],
datasourceTemplate: 'docker',
// matches: 17.6-202509151215-minimal-trixie
versioningTemplate: 'regex:^(?<major>\\d+)\\.(?<minor>\\d+)-(?<patch>\\d+)-(?<compatibility>\\S+)$',
autoReplaceStringTemplate: 'imageName: {{{depName}}}:{{{newValue}}}{{#if newDigest}}@{{{newDigest}}}{{/if}}',
}
],
packageRules: [
{
matchPackageNames: ['ghcr.io/cloudnative-pg/postgresql'],
matchUpdateTypes: ['major'],
dependencyDashboardApproval: true,
}
]
}
```

Renovate will never change the `compatibility` part of the tag (image flavour and Debian base, e.g. `system-bookworm`), so upgrades stay on the same OS and glibc/ICU.
Switching to a different base (e.g. from `bookworm` to `trixie`) is a manual operation because of [PostgreSQL locale-data implications](https://wiki.postgresql.org/wiki/Locale_data_changes).
PostgreSQL major-version updates are routed through the [dependency dashboard](https://docs.renovatebot.com/key-concepts/dashboard/) so they can be planned and applied by a human.
To keep references fully reproducible, you can also enable [`pinDigests`](https://docs.renovatebot.com/configuration-options/#pindigests) scoped to the CloudNativePG image.
If your repository contains other YAML manifests, narrow `managerFilePatterns` to the directory holding your `Cluster` resources, e.g. `'/clusters/.*\\.yaml$/'`.

## License and copyright

This software is available under [Apache License 2.0](LICENSE).
Expand Down