You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@airflow.apache.org by po...@apache.org on 2023/03/04 17:24:31 UTC
[airflow] branch main updated: fix: update pgbouncer and pgbouncer-exporter images (#29792)
This is an automated email from the ASF dual-hosted git repository.
potiuk pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/airflow.git
The following commit(s) were added to refs/heads/main by this push:
new 97006910a3 fix: update pgbouncer and pgbouncer-exporter images (#29792)
97006910a3 is described below
commit 97006910a384579c9f0601a72410223f9b6a0830
Author: evanasse <et...@outlook.com>
AuthorDate: Sat Mar 4 17:24:20 2023 +0000
fix: update pgbouncer and pgbouncer-exporter images (#29792)
---
chart/dockerfiles/pgbouncer-exporter/Dockerfile | 6 ++++--
chart/dockerfiles/pgbouncer-exporter/build_and_push.sh | 6 +++---
chart/dockerfiles/pgbouncer/Dockerfile | 6 ++++--
chart/dockerfiles/pgbouncer/build_and_push.sh | 8 ++++++--
4 files changed, 17 insertions(+), 9 deletions(-)
diff --git a/chart/dockerfiles/pgbouncer-exporter/Dockerfile b/chart/dockerfiles/pgbouncer-exporter/Dockerfile
index 121c15cff8..b2a3926e6e 100644
--- a/chart/dockerfiles/pgbouncer-exporter/Dockerfile
+++ b/chart/dockerfiles/pgbouncer-exporter/Dockerfile
@@ -12,7 +12,7 @@
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
-ARG ALPINE_VERSION="3.12"
+ARG ALPINE_VERSION="3.17"
ARG GO_VERSION
FROM golang:${GO_VERSION} AS builder
@@ -33,7 +33,7 @@ FROM alpine:${ALPINE_VERSION} AS final
# We want to make sure this one includes latest security fixes.
# "Pin versions in apk add" https://github.com/hadolint/hadolint/wiki/DL3018
# hadolint ignore=DL3018
-RUN apk --no-cache add libressl libressl-dev
+RUN apk --no-cache add libressl libressl-dev openssl
COPY --from=builder /usr/src/myapp/pgbouncer_exporter /bin
@@ -51,5 +51,7 @@ LABEL org.apache.airflow.component="pgbouncer-exporter" \
HEALTHCHECK CMD ["/bin/pgbouncer_exporter", "health"]
+USER nobody
+
ENTRYPOINT ["/bin/pgbouncer_exporter"]
CMD ["server"]
diff --git a/chart/dockerfiles/pgbouncer-exporter/build_and_push.sh b/chart/dockerfiles/pgbouncer-exporter/build_and_push.sh
index 9e0216d959..369a643d91 100755
--- a/chart/dockerfiles/pgbouncer-exporter/build_and_push.sh
+++ b/chart/dockerfiles/pgbouncer-exporter/build_and_push.sh
@@ -21,13 +21,13 @@ readonly DOCKERHUB_USER
DOCKERHUB_REPO=${DOCKERHUB_REPO:="airflow"}
readonly DOCKERHUB_REPO
-PGBOUNCER_EXPORTER_VERSION="0.5.0"
+PGBOUNCER_EXPORTER_VERSION="0.14.0"
readonly PGBOUNCER_EXPORTER_VERSION
-AIRFLOW_PGBOUNCER_EXPORTER_VERSION="2021.04.28"
+AIRFLOW_PGBOUNCER_EXPORTER_VERSION="2023.02.21"
readonly AIRFLOW_PGBOUNCER_EXPORTER_VERSION
-EXPECTED_GO_VERSION="1.15.1"
+EXPECTED_GO_VERSION="1.19.6"
readonly EXPECTED_GO_VERSION
COMMIT_SHA=$(git rev-parse HEAD)
diff --git a/chart/dockerfiles/pgbouncer/Dockerfile b/chart/dockerfiles/pgbouncer/Dockerfile
index a2f7e3d72e..f561fadc3e 100644
--- a/chart/dockerfiles/pgbouncer/Dockerfile
+++ b/chart/dockerfiles/pgbouncer/Dockerfile
@@ -14,14 +14,14 @@
# KIND, either express or implied. See the License for the
# specific language governing permissions and limitations
# under the License.
-ARG ALPINE_VERSION="3.12"
+ARG ALPINE_VERSION="3.14"
FROM alpine:${ALPINE_VERSION} AS builder
SHELL ["/bin/ash", "-e", "-x", "-c", "-o", "pipefail"]
ARG PGBOUNCER_VERSION
ARG AIRFLOW_PGBOUNCER_VERSION
-ARG PGBOUNCER_SHA256="a0c13d10148f557e36ff7ed31793abb7a49e1f8b09aa2d4695d1c28fa101fee7"
+ARG PGBOUNCER_SHA256
# Those are build deps only but still we want the latest versions of those
# "Pin versions in apk add" https://github.com/hadolint/hadolint/wiki/DL3018
@@ -71,5 +71,7 @@ HEALTHCHECK --interval=10s --timeout=3s CMD stat /tmp/.s.PGSQL.*
EXPOSE 6432
+USER nobody
+
# pgbouncer can't run as root, so let's drop to 'nobody'
ENTRYPOINT ["/usr/bin/pgbouncer", "-u", "nobody", "/etc/pgbouncer/pgbouncer.ini" ]
diff --git a/chart/dockerfiles/pgbouncer/build_and_push.sh b/chart/dockerfiles/pgbouncer/build_and_push.sh
index dbe8be0f08..23e0b9d57c 100755
--- a/chart/dockerfiles/pgbouncer/build_and_push.sh
+++ b/chart/dockerfiles/pgbouncer/build_and_push.sh
@@ -22,10 +22,13 @@ readonly DOCKERHUB_USER
DOCKERHUB_REPO=${DOCKERHUB_REPO:="airflow"}
readonly DOCKERHUB_REPO
-PGBOUNCER_VERSION="1.14.0"
+PGBOUNCER_VERSION="1.16.1"
readonly PGBOUNCER_VERSION
-AIRFLOW_PGBOUNCER_VERSION="2021.04.28"
+PGBOUNCER_SHA256="087477e9e4766d032b04b7b006c0c8d64160a54141a7bfc2c6e5ae7ae11bf7fc"
+readonly PGBOUNCER_SHA256
+
+AIRFLOW_PGBOUNCER_VERSION="2023.02.24"
readonly AIRFLOW_PGBOUNCER_VERSION
COMMIT_SHA=$(git rev-parse HEAD)
@@ -47,6 +50,7 @@ docker build . \
--pull \
--build-arg "PGBOUNCER_VERSION=${PGBOUNCER_VERSION}" \
--build-arg "AIRFLOW_PGBOUNCER_VERSION=${AIRFLOW_PGBOUNCER_VERSION}"\
+ --build-arg "PGBOUNCER_SHA256=${PGBOUNCER_SHA256}"\
--build-arg "COMMIT_SHA=${COMMIT_SHA}" \
--tag "${TAG}"