Commit Graph

10 Commits

Author SHA1 Message Date
renovate[bot]
a5717b1658
chore(deps): update golangci/golangci-lint docker tag to v2.12.0 (#881)
This PR contains the following updates:

| Package | Update | Change |
|---|---|---|
|
[golangci/golangci-lint](https://redirect.github.com/golangci/golangci-lint)
| minor | `v2.11.4` → `v2.12.0` |

---

### Release Notes

<details>
<summary>golangci/golangci-lint (golangci/golangci-lint)</summary>

###
[`v2.12.0`](https://redirect.github.com/golangci/golangci-lint/blob/HEAD/CHANGELOG.md#v2120)

[Compare
Source](https://redirect.github.com/golangci/golangci-lint/compare/v2.11.4...v2.12.0)

*Released on 2026-05-01*

1. New linters
- Add `clickhouselint` linter
<https://github.com/ClickHouse/clickhouse-go-linter>
2. Linters new features or changes
- `dupl`: from
[`f665c8d`](https://redirect.github.com/golangci/golangci-lint/commit/f665c8d69b32)
to
[`c99c5cf`](https://redirect.github.com/golangci/golangci-lint/commit/c99c5cf5c202)
(extended detection)
   - `funcorder`: from 0.5.0 to 0.6.0 (new option: `function`)
   - `goconst`: add an option to ignore strings from tests
   - `goconst`: from 1.8.2 to 1.10.0 (extended detection)
- `gomodguard_v2`: from 1.4.1 to 2.1.0 (major version with new
configuration)
- `gosec`: from
[`619ce21`](https://redirect.github.com/golangci/golangci-lint/commit/619ce2117e08)
to 2.26.1 (new checks: `G124`, `G708`, `G709`, `G710`)
   - `govet`: add `inline` analyzer
   - `makezero`: from 2.1.0 to 2.2.1 (support slice type aliases)
   - `paralleltest`: expose `checkcleanup` option
- `sloglint`: from 0.11.1 to 0.12.0 (new options: `allowed-keys`,
`custom-funcs`)
- `wsl_v5`: from 5.6.0 to 5.8.0 (new option: `cuddle-max-statements`;
new checks: `after-decl`, `after-defer`, `after-expr`, `after-go`,
`cuddle-group`)
3. Linters bug fixes
   - `forbidigo`: from 2.3.0 to 2.3.1
   - `godot`: from 1.5.4 to 1.5.6
   - `govet-modernize`: from 0.43.0 to 0.44.0
   - `ireturn`: from 0.4.0 to 0.4.1
- `rowserrcheck`: from 1.1.1 to
[`c5f79b8`](https://redirect.github.com/golangci/golangci-lint/commit/c5f79b8)
4. Misc.
   - Decrease cache entropy
   - Embed the JSON schema in the binary
- Filter env vars when cloning the repository with the `custom` command

</details>

---

### Configuration

📅 **Schedule**: (UTC)

- Branch creation
  - At any time (no schedule defined)
- Automerge
  - At any time (no schedule defined)

🚦 **Automerge**: Enabled.

♻ **Rebasing**: Never, or you tick the rebase/retry checkbox.

🔕 **Ignore**: Close this PR and you won't be reminded about this update
again.

---

- [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check
this box

---

This PR was generated by [Mend Renovate](https://mend.io/renovate/).
View the [repository job
log](https://developer.mend.io/github/cloudnative-pg/plugin-barman-cloud).

<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0My4xNTkuMiIsInVwZGF0ZWRJblZlciI6IjQzLjE1OS4yIiwidGFyZ2V0QnJhbmNoIjoibWFpbiIsImxhYmVscyI6WyJhdXRvbWF0ZWQiLCJuby1pc3N1ZSJdfQ==-->

---------

Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Signed-off-by: Leonardo Cecchi <leonardo.cecchi@gmail.com>
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: Leonardo Cecchi <leonardo.cecchi@gmail.com>
2026-05-04 16:01:21 +02:00
Gabriele Fedi
4bbaf18cd3
feat: configure k8s recommended labels on subresources (#865)
Some checks failed
release-please / release-please (push) Failing after 5s
Add [Kubernetes recommended
labels](https://kubernetes.io/docs/concepts/overview/working-with-objects/common-labels/#labels)
to Role and RoleBinding managed Objects.

Closes #545

Signed-off-by: Gabriele Fedi <gabriele.fedi@enterprisedb.com>
Signed-off-by: Armando Ruocco <armando.ruocco@enterprisedb.com>
Signed-off-by: Leonardo Cecchi <leonardo.cecchi@enterprisedb.com>
Co-authored-by: Armando Ruocco <armando.ruocco@enterprisedb.com>
Co-authored-by: Leonardo Cecchi <leonardo.cecchi@enterprisedb.com>
2026-04-29 14:35:43 +02:00
Armando Ruocco
8971a397f4
fix(rbac): reconcile Role when ObjectStore spec changes (#823)
When an ObjectStore's credentials change (e.g., secret rename), the
RBAC Role granting the Cluster's ServiceAccount access to those
secrets was not updated because nothing triggered a Cluster
reconciliation.

Implement the ObjectStore controller's Reconcile to detect affected
Roles and update their rules directly, without needing access to
Cluster objects. The controller lists Roles by a label set by the
Pre hook, inspects their rules to find which ObjectStores they
reference, fetches those ObjectStores, and patches the rules to
match the current specs.

Replace the custom setOwnerReference helper with
controllerutil.SetControllerReference. Add dynamic CNPG scheme
registration (internal/scheme) to the operator, instance, and
restore managers.

Signed-off-by: Armando Ruocco <armando.ruocco@enterprisedb.com>
Signed-off-by: Marco Nenciarini <marco.nenciarini@enterprisedb.com>
Signed-off-by: Gabriele Quaresima <gabriele.quaresima@enterprisedb.com>
Co-authored-by: Marco Nenciarini <marco.nenciarini@enterprisedb.com>
Co-authored-by: Gabriele Quaresima <gabriele.quaresima@enterprisedb.com>
2026-04-13 15:48:35 +02:00
Armando Ruocco
2c134eafe4
feat: add support for DefaultAzureCredential authentication mechanism (#681)
Some checks failed
Deploy Docusaurus to GitHub Pages / build (push) Failing after 2s
Deploy Docusaurus to GitHub Pages / deploy (push) Has been skipped
release-please / release-please (push) Failing after 1s
This commit adds support for the DefaultAzureCredential authentication
mechanism in Azure Blob Storage. Users can now use the
`useDefaultAzureCredentials` option to enable Azure's default credential
chain, which automatically discovers and uses available credentials in
the following order

1. Environment Variables (Service Principal)
2. Managed Identity
3. Azure CLI
4. Azure PowerShell

This is particularly useful when running on Azure Kubernetes Service
(AKS) with Workload Identity, eliminating the need to explicitly store
credentials in Kubernetes Secrets.

Signed-off-by: Armando Ruocco <armando.ruocco@enterprisedb.com>
Signed-off-by: Gabriele Fedi <gabriele.fedi@enterprisedb.com>
Signed-off-by: Marco Nenciarini <marco.nenciarini@enterprisedb.com>
Co-authored-by: Gabriele Fedi <gabriele.fedi@enterprisedb.com>
Co-authored-by: Marco Nenciarini <marco.nenciarini@enterprisedb.com>
2026-01-08 14:58:27 +01:00
Marco Nenciarini
1be34fe13e
feat(ip): assign copyright to the Linux Foundation (#571)
Adopt the new attribution information for contributions to
CloudNativePG:

```
Copyright © contributors to CloudNativePG, established as
CloudNativePG a Series of LF Projects, LLC.
```

Adopt the SPDX format for Apache License 2.0

Signed-off-by: Marco Nenciarini <marco.nenciarini@enterprisedb.com>
Signed-off-by: Leonardo Cecchi <leonardo.cecchi@enterprisedb.com>
Co-authored-by: Leonardo Cecchi <leonardo.cecchi@enterprisedb.com>
2025-10-07 18:06:06 +02:00
Leonardo Cecchi
fecd1e9513
feat: retention policy (#191)
This commit makes the Barman cloud plugin support the enforcement of
retention policy as provided by the barman-cloud tool suite.

The first recoverability point and the last successful backup are
shown in the status of the ObjectStore resource for each involved
server name.

Signed-off-by: Leonardo Cecchi <leonardo.cecchi@enterprisedb.com>
Signed-off-by: Armando Ruocco <armando.ruocco@enterprisedb.com>
Signed-off-by: Marco Nenciarini <marco.nenciarini@enterprisedb.com>
Co-authored-by: Armando Ruocco <armando.ruocco@enterprisedb.com>
Co-authored-by: Marco Nenciarini <marco.nenciarini@enterprisedb.com>
2025-03-18 17:35:22 +01:00
Leonardo Cecchi
e4735a2f85
feat: separate recovery object store from replica source (#83)
Signed-off-by: Leonardo Cecchi <leonardo.cecchi@enterprisedb.com>
Signed-off-by: Francesco Canovai <francesco.canovai@enterprisedb.com>
Signed-off-by: Armando Ruocco <armando.ruocco@enterprisedb.com>
Co-authored-by: Francesco Canovai <francesco.canovai@enterprisedb.com>
Co-authored-by: Armando Ruocco <armando.ruocco@enterprisedb.com>
2024-12-09 13:29:20 +01:00
Leonardo Cecchi
e30edd2318
feat: separate recovery and cluster object store (#76)
Signed-off-by: Leonardo Cecchi <leonardo.cecchi@enterprisedb.com>
Signed-off-by: Francesco Canovai <francesco.canovai@enterprisedb.com>
Co-authored-by: Francesco Canovai <francesco.canovai@enterprisedb.com>
2024-12-05 12:05:14 +01:00
Armando Ruocco
240077c771
feat(spike): restore (#29)
Signed-off-by: Armando Ruocco <armando.ruocco@enterprisedb.com>
Signed-off-by: Francesco Canovai <francesco.canovai@enterprisedb.com>
Signed-off-by: Marco Nenciarini <marco.nenciarini@enterprisedb.com>
Signed-off-by: Leonardo Cecchi <leonardo.cecchi@enterprisedb.com>
Co-authored-by: Francesco Canovai <francesco.canovai@enterprisedb.com>
Co-authored-by: Marco Nenciarini <marco.nenciarini@enterprisedb.com>
Co-authored-by: Leonardo Cecchi <leonardo.cecchi@enterprisedb.com>
2024-11-06 16:01:56 +01:00
Leonardo Cecchi
76383a30af
feat: grant permissions to read secrets (#25)
Signed-off-by: Leonardo Cecchi <leonardo.cecchi@enterprisedb.com>
2024-10-03 16:58:56 +02:00