This PR contains the following updates:
| Update | Change |
|---|---|
| lockFileMaintenance | All locks refreshed |
🔧 This Pull Request updates lock files to use the latest dependency
versions.
---
### Configuration
📅 **Schedule**: Branch creation - "before 4am on monday" (UTC),
Automerge - At any time (no schedule defined).
🚦 **Automerge**: Enabled.
♻ **Rebasing**: Never, or you tick the rebase/retry checkbox.
👻 **Immortal**: This PR will be recreated if closed unmerged. Get
[config
help](https://redirect.github.com/renovatebot/renovate/discussions) if
that's undesired.
---
- [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check
this box
---
This PR was generated by [Mend Renovate](https://mend.io/renovate/).
View the [repository job
log](https://developer.mend.io/github/cloudnative-pg/plugin-barman-cloud).
<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0My41OS4wIiwidXBkYXRlZEluVmVyIjoiNDMuNTkuMCIsInRhcmdldEJyYW5jaCI6Im1haW4iLCJsYWJlbHMiOlsiYXV0b21hdGVkIiwibm8taXNzdWUiXX0=-->
Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
The barman-cloud plugin experienced significant performance degradation
and memory growth compared to the embedded solution. WAL archiving was
noticeably slower and memory consumption grew over time.
Root cause: The sidecar uses a read-only filesystem which prevents
Python from creating bytecode at runtime. When Python finds missing or
stale bytecode (.pyc files), it attempts to recompile on every
invocation, causing high CPU usage and memory consumption. The previous
approach pre-compiled bytecode in a separate base image, but the
bytecode was marked as stale when copied between Docker stages,
triggering runtime recompilation attempts.
This change eliminates bytecode staleness by ensuring all Python
bytecode is properly compiled in the final image before the sidecar
starts. The image is now fully distroless and based on trixie
(previously it was distroless-based but copied unnecessary files from
the build stage), reducing size from 463MB to 270MB and package count
from 188 to 35, while maintaining zero HIGH/CRITICAL vulnerabilities.
Closes#656Closes#711Closes#735
Signed-off-by: Marco Nenciarini <marco.nenciarini@enterprisedb.com>
This PR contains the following updates:
| Package | Type | Update | Change |
|---|---|---|---|
| golang | | patch | `1.25.2` -> `1.25.3` |
| golang | stage | patch | `1.25.2` -> `1.25.3` |
---
### Configuration
📅 **Schedule**: Branch creation - At any time (no schedule defined),
Automerge - At any time (no schedule defined).
🚦 **Automerge**: Enabled.
♻ **Rebasing**: Never, or you tick the rebase/retry checkbox.
🔕 **Ignore**: Close this PR and you won't be reminded about these
updates again.
---
- [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check
this box
---
This PR was generated by [Mend Renovate](https://mend.io/renovate/).
View the [repository job
log](https://developer.mend.io/github/cloudnative-pg/plugin-barman-cloud).
<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0MS4xNDMuMSIsInVwZGF0ZWRJblZlciI6IjQxLjE0My4xIiwidGFyZ2V0QnJhbmNoIjoibWFpbiIsImxhYmVscyI6WyJhdXRvbWF0ZWQiLCJuby1pc3N1ZSJdfQ==-->
Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
The Renovate pip-compile provider is not running due to some options in
the requirements.txt that are set to `None`, which is the actual default.
```
DEBUG: pip-compile: extracted command from header (repository=local)
"fileName": "containers/sidecar-requirements.txt",
"argv": [
"pip-compile",
"--allow-unsafe",
"--cert=None",
"--client-cert=None",
"--generate-hashes",
"--index-url=None",
"--output-file=sidecar-requirements.txt",
"--pip-args=None",
"--strip-extras",
"sidecar-requirements.in"
],
"commandType": "pip-compile"
DEBUG: pip-compile: option not handled (repository=local)
"option": "--allow-unsafe"
WARN: pip-compile error (repository=local)
"matchedFile": "containers/sidecar-requirements.txt",
"errorMessage": "Option --cert=None not supported (yet)"
```
Removing the options fixes the run.
Signed-off-by: Marco Nenciarini <marco.nenciarini@enterprisedb.com>
Signed-off-by: Jonathan Gonzalez V. <jonathan.gonzalez@enterprisedb.com>
Signed-off-by: Niccolò Fei <niccolo.fei@enterprisedb.com>
Co-authored-by: Jonathan Gonzalez V. <jonathan.gonzalez@enterprisedb.com>
We build a new image every week with the necessary base packages
for the sidecar.
This aims to reduce the time required for each CI process to run.
Signed-off-by: Jonathan Gonzalez V. <jonathan.gonzalez@enterprisedb.com>
Signed-off-by: Niccolò Fei <niccolo.fei@enterprisedb.com>
Co-authored-by: Niccolò Fei <niccolo.fei@enterprisedb.com>
We were using debian trixie as a building environment for barman-cloud,
but we were still using bookworm as a base image. This caused
inconsistencies in the sidecar image.
Now we always use bookworm.
Signed-off-by: Leonardo Cecchi <leonardo.cecchi@enterprisedb.com>
The sidecar-requirements.txt was out-dated, after the update we close
a few security issues.
Closes#437
Signed-off-by: Jonathan Gonzalez V. <jonathan.gonzalez@enterprisedb.com>
Due to an issue with pip-tools invocation, renovate has failed to update setuptools to v80.4.0 in #341. This patch fixes the issue.
Signed-off-by: Marco Nenciarini <marco.nenciarini@enterprisedb.com>
