You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@airflow.apache.org by po...@apache.org on 2023/03/04 17:24:31 UTC

[airflow] branch main updated: fix: update pgbouncer and pgbouncer-exporter images (#29792)

This is an automated email from the ASF dual-hosted git repository.

potiuk pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/airflow.git


The following commit(s) were added to refs/heads/main by this push:
     new 97006910a3 fix: update pgbouncer and pgbouncer-exporter images (#29792)
97006910a3 is described below

commit 97006910a384579c9f0601a72410223f9b6a0830
Author: evanasse <et...@outlook.com>
AuthorDate: Sat Mar 4 17:24:20 2023 +0000

    fix: update pgbouncer and pgbouncer-exporter images (#29792)
---
 chart/dockerfiles/pgbouncer-exporter/Dockerfile        | 6 ++++--
 chart/dockerfiles/pgbouncer-exporter/build_and_push.sh | 6 +++---
 chart/dockerfiles/pgbouncer/Dockerfile                 | 6 ++++--
 chart/dockerfiles/pgbouncer/build_and_push.sh          | 8 ++++++--
 4 files changed, 17 insertions(+), 9 deletions(-)

diff --git a/chart/dockerfiles/pgbouncer-exporter/Dockerfile b/chart/dockerfiles/pgbouncer-exporter/Dockerfile
index 121c15cff8..b2a3926e6e 100644
--- a/chart/dockerfiles/pgbouncer-exporter/Dockerfile
+++ b/chart/dockerfiles/pgbouncer-exporter/Dockerfile
@@ -12,7 +12,7 @@
 # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 # See the License for the specific language governing permissions and
 # limitations under the License.
-ARG ALPINE_VERSION="3.12"
+ARG ALPINE_VERSION="3.17"
 ARG GO_VERSION
 
 FROM golang:${GO_VERSION} AS builder
@@ -33,7 +33,7 @@ FROM alpine:${ALPINE_VERSION} AS final
 # We want to make sure this one includes latest security fixes.
 # "Pin versions in apk add" https://github.com/hadolint/hadolint/wiki/DL3018
 # hadolint ignore=DL3018
-RUN apk --no-cache add libressl libressl-dev
+RUN apk --no-cache add libressl libressl-dev openssl
 
 COPY --from=builder /usr/src/myapp/pgbouncer_exporter /bin
 
@@ -51,5 +51,7 @@ LABEL org.apache.airflow.component="pgbouncer-exporter" \
 
 HEALTHCHECK CMD ["/bin/pgbouncer_exporter", "health"]
 
+USER nobody
+
 ENTRYPOINT ["/bin/pgbouncer_exporter"]
 CMD ["server"]
diff --git a/chart/dockerfiles/pgbouncer-exporter/build_and_push.sh b/chart/dockerfiles/pgbouncer-exporter/build_and_push.sh
index 9e0216d959..369a643d91 100755
--- a/chart/dockerfiles/pgbouncer-exporter/build_and_push.sh
+++ b/chart/dockerfiles/pgbouncer-exporter/build_and_push.sh
@@ -21,13 +21,13 @@ readonly DOCKERHUB_USER
 DOCKERHUB_REPO=${DOCKERHUB_REPO:="airflow"}
 readonly DOCKERHUB_REPO
 
-PGBOUNCER_EXPORTER_VERSION="0.5.0"
+PGBOUNCER_EXPORTER_VERSION="0.14.0"
 readonly PGBOUNCER_EXPORTER_VERSION
 
-AIRFLOW_PGBOUNCER_EXPORTER_VERSION="2021.04.28"
+AIRFLOW_PGBOUNCER_EXPORTER_VERSION="2023.02.21"
 readonly AIRFLOW_PGBOUNCER_EXPORTER_VERSION
 
-EXPECTED_GO_VERSION="1.15.1"
+EXPECTED_GO_VERSION="1.19.6"
 readonly EXPECTED_GO_VERSION
 
 COMMIT_SHA=$(git rev-parse HEAD)
diff --git a/chart/dockerfiles/pgbouncer/Dockerfile b/chart/dockerfiles/pgbouncer/Dockerfile
index a2f7e3d72e..f561fadc3e 100644
--- a/chart/dockerfiles/pgbouncer/Dockerfile
+++ b/chart/dockerfiles/pgbouncer/Dockerfile
@@ -14,14 +14,14 @@
 # KIND, either express or implied.  See the License for the
 # specific language governing permissions and limitations
 # under the License.
-ARG ALPINE_VERSION="3.12"
+ARG ALPINE_VERSION="3.14"
 FROM alpine:${ALPINE_VERSION} AS builder
 SHELL ["/bin/ash", "-e", "-x", "-c", "-o", "pipefail"]
 
 ARG PGBOUNCER_VERSION
 ARG AIRFLOW_PGBOUNCER_VERSION
 
-ARG PGBOUNCER_SHA256="a0c13d10148f557e36ff7ed31793abb7a49e1f8b09aa2d4695d1c28fa101fee7"
+ARG PGBOUNCER_SHA256
 
 # Those are build deps only but still we want the latest versions of those
 # "Pin versions in apk add" https://github.com/hadolint/hadolint/wiki/DL3018
@@ -71,5 +71,7 @@ HEALTHCHECK --interval=10s --timeout=3s CMD stat /tmp/.s.PGSQL.*
 
 EXPOSE 6432
 
+USER nobody
+
 # pgbouncer can't run as root, so let's drop to 'nobody'
 ENTRYPOINT ["/usr/bin/pgbouncer", "-u", "nobody", "/etc/pgbouncer/pgbouncer.ini" ]
diff --git a/chart/dockerfiles/pgbouncer/build_and_push.sh b/chart/dockerfiles/pgbouncer/build_and_push.sh
index dbe8be0f08..23e0b9d57c 100755
--- a/chart/dockerfiles/pgbouncer/build_and_push.sh
+++ b/chart/dockerfiles/pgbouncer/build_and_push.sh
@@ -22,10 +22,13 @@ readonly DOCKERHUB_USER
 DOCKERHUB_REPO=${DOCKERHUB_REPO:="airflow"}
 readonly DOCKERHUB_REPO
 
-PGBOUNCER_VERSION="1.14.0"
+PGBOUNCER_VERSION="1.16.1"
 readonly PGBOUNCER_VERSION
 
-AIRFLOW_PGBOUNCER_VERSION="2021.04.28"
+PGBOUNCER_SHA256="087477e9e4766d032b04b7b006c0c8d64160a54141a7bfc2c6e5ae7ae11bf7fc"
+readonly PGBOUNCER_SHA256
+
+AIRFLOW_PGBOUNCER_VERSION="2023.02.24"
 readonly AIRFLOW_PGBOUNCER_VERSION
 
 COMMIT_SHA=$(git rev-parse HEAD)
@@ -47,6 +50,7 @@ docker build . \
     --pull \
     --build-arg "PGBOUNCER_VERSION=${PGBOUNCER_VERSION}" \
     --build-arg "AIRFLOW_PGBOUNCER_VERSION=${AIRFLOW_PGBOUNCER_VERSION}"\
+    --build-arg "PGBOUNCER_SHA256=${PGBOUNCER_SHA256}"\
     --build-arg "COMMIT_SHA=${COMMIT_SHA}" \
     --tag "${TAG}"