chore: upgrade pgautoupgrade to 18-alpine, pin PGDATA=/var/lib/postgresql/data #3

Open
autonomic-bot wants to merge 2 commits from upgrade-341922a into main

Upgrade the db sidecar to pgautoupgrade/pgautoupgrade:18-alpine (Postgres major 17→18, auto-upgraded in place by pgautoupgrade on container start). The app service (quay.io/hedgedoc/hedgedoc:1.11.0) is unchanged (up-to-date).

Extends this PR's existing 16→17 bump: the branch now carries 16→17 (prior) + 17→18 (this commit), so the diff vs main shows 16→18 as two incremental pgautoupgrade cycles.

Image-tag table

service image current (main) new notes
app quay.io/hedgedoc/hedgedoc 1.11.0 1.11.0 up-to-date (abra: no new versions) — unchanged
db pgautoupgrade/pgautoupgrade 17-alpine 18-alpine Postgres major 17→18; pgautoupgrade auto-upgrades data in place on first start

⚠️ Required config change: PGDATA pin (NOT a plain tag bump)

pgautoupgrade 18-alpine changed its default PGDATA from /var/lib/postgresql/data (17-alpine and earlier) to /var/lib/postgresql/18/docker. The recipe mounts the postgres volume at /var/lib/postgresql/data, so without an override 18-alpine ignores the mounted volume and fresh-inits an ephemeral cluster at /var/lib/postgresql/18/docker — i.e. the existing 17 data is not upgraded and is effectively abandoned (data loss from the app's perspective; the fresh cluster has no hedgedoc tables → "relation Sessions does not exist").

This PR therefore adds PGDATA=/var/lib/postgresql/data to the db service environment, pinning PGDATA back to the volume mount path. With the pin, pgautoupgrade 18-alpine correctly detects the 17 data on the volume and runs the in-place pg_upgrade 17→18 (verified below). This preserves existing deployments' data and the recipe's existing volume layout (no volume-path migration needed).

Operator action required

  • Back up the postgres data volume before deploying (pgautoupgrade does an in-place pg_upgrade --link; per upstream docs, backups are expected).
  • First deploy after this bump: the db container runs the one-shot 17→18 major upgrade, then starts postgres 18. Subsequent starts skip the upgrade.
  • HedgeDoc 1.11.0 + postgres 18: HedgeDoc's docker docs example uses postgres:17.7-alpine but states no max version; postgres 18 is wire/protocol-compatible with 17 for clients (Sequelize ORM). Verified serving below.

Verification (cc-ci direct deploy, --chaos)

Deployed dev-hedgedoc with the postgres override and observed the live upgrade path:

  1. 16-alpine (fresh init) → 17-alpine: pgautoupgrade ran pg_upgrade 16→17 cleanly ("Automatic upgrade process finished upgrading the data format to PostgreSQL 17.10").
  2. 17-alpine18-alpine with PGDATA=/var/lib/postgresql/data: pgautoupgrade ran pg_upgrade 17→18 cleanly — "Performing Consistency Checks → Performing Upgrade → Upgrade Complete → Automatic upgrade process finished upgrading the data format to PostgreSQL 18.4 → Upgrade to PostgreSQL 18.4 complete → database system is ready to accept connections".
  3. HedgeDoc 1.11.0 app came up 1/1, no db errors, landing page returned HTTP 200 on postgres 18.4.

(Without the PGDATA pin, step 2 instead fresh-init'd an empty cluster at /var/lib/postgresql/18/docker and the app errored on missing tables — hence the pin.)

Upstream release notes

This PR does NOT bump the coop-cloud.${STACK_NAME}.version label. After merge, the operator publishes with:

abra recipe release hedgedoc -y

(-y minor: new db major (18) via pgautoupgrade's non-breaking in-place mechanism + required PGDATA pin; app version unchanged.)

Tested green on the cc-ci recipe CI server (full suite, cold, against this PR head). NOT merged — for operator review.

cc @trav @notplants

Tested green on the cc-ci recipe CI server (full suite, cold, against this PR head). NOT merged — for operator review.

cc @trav @notplants

Upgrade the `db` sidecar to `pgautoupgrade/pgautoupgrade:18-alpine` (Postgres major 17→18, auto-upgraded in place by pgautoupgrade on container start). The `app` service (`quay.io/hedgedoc/hedgedoc:1.11.0`) is unchanged (up-to-date). Extends this PR's existing 16→17 bump: the branch now carries 16→17 (prior) + 17→18 (this commit), so the diff vs `main` shows 16→18 as two incremental pgautoupgrade cycles. ## Image-tag table | service | image | current (main) | new | notes | |---------|-------|----------------|-----|-------| | app | quay.io/hedgedoc/hedgedoc | 1.11.0 | 1.11.0 | up-to-date (abra: no new versions) — unchanged | | db | pgautoupgrade/pgautoupgrade | 17-alpine | 18-alpine | Postgres major 17→18; pgautoupgrade auto-upgrades data in place on first start | ## ⚠️ Required config change: `PGDATA` pin (NOT a plain tag bump) pgautoupgrade **18-alpine changed its default `PGDATA`** from `/var/lib/postgresql/data` (17-alpine and earlier) to **`/var/lib/postgresql/18/docker`**. The recipe mounts the `postgres` volume at `/var/lib/postgresql/data`, so without an override 18-alpine **ignores the mounted volume and fresh-inits an ephemeral cluster at `/var/lib/postgresql/18/docker`** — i.e. the existing 17 data is not upgraded and is effectively abandoned (data loss from the app's perspective; the fresh cluster has no hedgedoc tables → "relation Sessions does not exist"). This PR therefore adds `PGDATA=/var/lib/postgresql/data` to the `db` service environment, pinning PGDATA back to the volume mount path. With the pin, pgautoupgrade 18-alpine correctly detects the 17 data on the volume and runs the in-place `pg_upgrade` 17→18 (verified below). This preserves existing deployments' data and the recipe's existing volume layout (no volume-path migration needed). ## Operator action required - **Back up the postgres data volume before deploying** (pgautoupgrade does an in-place `pg_upgrade --link`; per upstream docs, backups are expected). - First deploy after this bump: the `db` container runs the one-shot 17→18 major upgrade, then starts postgres 18. Subsequent starts skip the upgrade. - HedgeDoc 1.11.0 + postgres 18: HedgeDoc's docker docs example uses `postgres:17.7-alpine` but states no max version; postgres 18 is wire/protocol-compatible with 17 for clients (Sequelize ORM). Verified serving below. ## Verification (cc-ci direct deploy, `--chaos`) Deployed `dev-hedgedoc` with the postgres override and observed the live upgrade path: 1. `16-alpine` (fresh init) → `17-alpine`: pgautoupgrade ran `pg_upgrade` 16→17 cleanly ("Automatic upgrade process finished upgrading the data format to PostgreSQL 17.10"). 2. `17-alpine` → `18-alpine` **with `PGDATA=/var/lib/postgresql/data`**: pgautoupgrade ran `pg_upgrade` 17→18 cleanly — "Performing Consistency Checks → Performing Upgrade → Upgrade Complete → Automatic upgrade process finished upgrading the data format to PostgreSQL 18.4 → Upgrade to PostgreSQL 18.4 complete → database system is ready to accept connections". 3. HedgeDoc 1.11.0 app came up 1/1, no db errors, landing page returned **HTTP 200** on postgres 18.4. (Without the `PGDATA` pin, step 2 instead fresh-init'd an empty cluster at `/var/lib/postgresql/18/docker` and the app errored on missing tables — hence the pin.) ## Upstream release notes - **db (pgautoupgrade) 17-alpine→18-alpine**: source repo https://github.com/pgautoupgrade/docker-pgautoupgrade (tag-only; no GitHub releases — changelog via commit history https://github.com/pgautoupgrade/docker-pgautoupgrade/commits/main). The `18-alpine`/`18.4-alpine` tags are published; NB the Docker Hub overview copy still says "Supports PG 9.5 thru 17.x" (stale text — the 18 tags exist and the in-place 17→18 upgrade is verified working above). **Breaking change in the image: default `PGDATA` moved to `/var/lib/postgresql/18/docker`** — hence the `PGDATA` pin in this PR. - **app (hedgedoc) 1.11.0**: unchanged. Release notes https://github.com/hedgedoc/hedgedoc/releases (1.11.0 fixed 4 security CVEs; no breaking changes/migrations/schema changes). ## Recommended release This PR does NOT bump the `coop-cloud.${STACK_NAME}.version` label. After merge, the operator publishes with: ``` abra recipe release hedgedoc -y ``` (`-y` minor: new db major (18) via pgautoupgrade's non-breaking in-place mechanism + required `PGDATA` pin; app version unchanged.) Tested green on the cc-ci recipe CI server (full suite, cold, against this PR head). NOT merged — for operator review. cc @trav @notplants Tested green on the cc-ci recipe CI server (full suite, cold, against this PR head). NOT merged — for operator review. cc @trav @notplants
autonomic-bot added 1 commit 2026-06-22 21:37:31 +00:00
chore: upgrade pgautoupgrade from 16-alpine to 17-alpine
All checks were successful
cc-ci/testme cc-ci: success
341922a2df
autonomic-bot requested review from trav 2026-06-22 21:37:32 +00:00
autonomic-bot requested review from notplants 2026-06-22 21:37:32 +00:00
Author
Owner

!testme

!testme
Author
Owner

🌻 cc-cihedgedoc @ 341922a2 passed

cc-ci result card

level

full logs · dashboard

<!-- cc-ci:testme --> 🌻 **cc-ci** — `hedgedoc` @ `341922a2` ✅ **passed** [![cc-ci result card](https://ci.commoninternet.net/runs/950/summary.png)](https://drone.ci.commoninternet.net/recipe-maintainers/cc-ci/950) [![level](https://ci.commoninternet.net/runs/950/badge.svg)](https://drone.ci.commoninternet.net/recipe-maintainers/cc-ci/950) [full logs](https://drone.ci.commoninternet.net/recipe-maintainers/cc-ci/950) · [dashboard](https://ci.commoninternet.net/)
autonomic-bot changed title from chore: upgrade pgautoupgrade from 16-alpine to 17-alpine to chore: upgrade pgautoupgrade to 18-alpine, pin PGDATA=/var/lib/postgresql/data 2026-07-03 04:38:53 +00:00
autonomic-bot added 1 commit 2026-07-03 04:38:54 +00:00
Author
Owner

!testme

!testme
Author
Owner

🌻 cc-cihedgedoc @ c236531d passed

cc-ci result card

level

full logs · dashboard

<!-- cc-ci:testme --> 🌻 **cc-ci** — `hedgedoc` @ `c236531d` ✅ **passed** [![cc-ci result card](https://ci.commoninternet.net/runs/977/summary.png)](https://drone.ci.commoninternet.net/recipe-maintainers/cc-ci/977) [![level](https://ci.commoninternet.net/runs/977/badge.svg)](https://drone.ci.commoninternet.net/recipe-maintainers/cc-ci/977) [full logs](https://drone.ci.commoninternet.net/recipe-maintainers/cc-ci/977) · [dashboard](https://ci.commoninternet.net/)
All checks were successful
cc-ci/testme cc-ci: success
This pull request can be merged automatically.
You are not authorized to merge this pull request.
View command line instructions

Checkout

From your project repository, check out a new branch and test the changes.
git fetch -u origin upgrade-341922a:upgrade-341922a
git checkout upgrade-341922a
Sign in to join this conversation.
No Reviewers
No Label
1 Participants
Notifications
Due Date
No due date set.
Dependencies

No dependencies set.

Reference: recipe-maintainers/hedgedoc#3
No description provided.