Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Upgrade postgres to 14.11-alpine #2975

Merged
merged 1 commit into from
Apr 19, 2024
Merged

Upgrade postgres to 14.11-alpine #2975

merged 1 commit into from
Apr 19, 2024

Conversation

mdtro
Copy link
Member

@mdtro mdtro commented Apr 19, 2024

The postgres:14.5 image has known vulnerabilities. This bumps us to 14.11-alpine where the vulnerabilities are patched and moves us to a lightweight container.

Sentry developer environments are currently on the alpine version of 14.9, but should be on 14.11 soon.

Copy link

codecov bot commented Apr 19, 2024

Codecov Report

All modified and coverable lines are covered by tests ✅

Project coverage is 99.01%. Comparing base (d59c0aa) to head (fecb3f2).

✅ All tests successful. No failed tests found ☺️

Additional details and impacted files
@@           Coverage Diff           @@
##           master    #2975   +/-   ##
=======================================
  Coverage   99.01%   99.01%           
=======================================
  Files           3        3           
  Lines         203      203           
=======================================
  Hits          201      201           
  Misses          2        2           

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

Copy link
Collaborator

@aldy505 aldy505 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

But when will we upgrade to a higher major version of Postgres?

@aldy505 aldy505 requested a review from azaslavsky April 19, 2024 14:00
@azaslavsky
Copy link
Contributor

The postgres version is closely tied to what we use on prod, and we try to be quite conservative about major version dependency bumps.

@mdtro mdtro merged commit 082903c into master Apr 19, 2024
12 checks passed
@mdtro mdtro deleted the mdtro/bump-postgres branch April 19, 2024 15:45
@mdtro mdtro changed the title Mdtro/bump postgres Upgrade postgres to 14.11-alpine Apr 19, 2024
ngudbhav added a commit to KingsGambitLab/self-hosted-sentry that referenced this pull request Apr 20, 2024
* feat: provide csrf settings information for sentry config (getsentry#2762)

* feat: provide csrf settings information for sentry config

* chore: trim trailing whitespace

* build(deps): bump actions/setup-python from 4 to 5 (getsentry#2644)

Bumps [actions/setup-python](https://github.com/actions/setup-python) from 4 to 5.
- [Release notes](https://github.com/actions/setup-python/releases)
- [Commits](actions/setup-python@v4...v5)

---
updated-dependencies:
- dependency-name: actions/setup-python
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Hubert Deng <[email protected]>

* Fix groupedmessage indexing error (getsentry#2777)

* fix groupedmessage indexing error

* Check memcached backend in Django (getsentry#2778)

Bail if using old memcached backend

* release: 24.1.2

* build: Set master version to nightly

#skip-changelog

* fix: DB migration script (getsentry#2779)

* use different approach to wait for postgres server

* Tweak postgres indexing fix (getsentry#2792)

* tweak postgres indexing fix

* add exists constraint

* build(deps): bump pre-commit/action from 3.0.0 to 3.0.1 (getsentry#2788)

Bumps [pre-commit/action](https://github.com/pre-commit/action) from 3.0.0 to 3.0.1.
- [Release notes](https://github.com/pre-commit/action/releases)
- [Commits](pre-commit/action@v3.0.0...v3.0.1)

---
updated-dependencies:
- dependency-name: pre-commit/action
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Bump nginx version (getsentry#2797)

bump nginx version

* release: 24.2.0

* build: Set master version to nightly

#skip-changelog

* use rust consumers in self-hosted

* revert changes in 3067683

* chore: Use django ORM to perform sql commands (getsentry#2827)

* use django orm

* chore: provide clearer csrf url example (getsentry#2833)

* Upgrade to FSL-1.1 (getsentry#2835)

* simplify if for open-ai-suggestion (getsentry#2732)

* simplify if for open-ai-suggestion

* Add snuba rust consumers (getsentry#2831)

* add snuba rust consumers

* Enable proxy buffering in nginx (getsentry#2844)

Enable proxy buffering

Setting the proxy_buffering directive to “off” is a common mistake because it can cause performance issues and unexpected behavior in NGINX. When proxy buffering is disabled, NGINX receives a response from the proxied server and immediately sends it to the client without storing it in a buffer. This can cause problems if the response is large or if the connection between NGINX and the client is slow, because it can result in increased memory usage and potentially lead to request timeouts.

To avoid this mistake, it is recommended to always enable proxy buffering in NGINX.

* deps: bump maxmind/geoipupdate to 6.1.0 (getsentry#2859)

https://github.com/maxmind/geoipupdate/releases/tag/v6.1.0

* increase postgres max_connections above 100 connections (getsentry#2740)

* use default value and env for postgres max_connections

* Integration test improvements (getsentry#2858)

* integration test improvements

* feat(spans): Ingest spans (getsentry#2861)

* release: 24.3.0

* build: Set master version to nightly

#skip-changelog

* Remove duplicate feature flags (getsentry#2899)

* feat: run outcomes-billing consumer (getsentry#2909)

* Integration tests in python (getsentry#2892)

* integration tests in python

* Fix defunct java processes (getsentry#2914)

revert kafka healthcheck change

* Port backup tests to python (getsentry#2907)

* port backup tests to python

* feat(clickhouse): Added max_suspicious_broken_parts to the config.xml (getsentry#2853)

* feat(clickhouse): Added max_suspicious_broken_parts to the config.xml

* refactor(clickhouse): Set default max_suspicious_bronken_parts and Issue reference

---------

Co-authored-by: Hubert Deng <[email protected]>

* Write Customization tests in python (getsentry#2918)

* port everything integration test related to python

* Bump ubuntu version for tests (getsentry#2923)

* bump ubuntu version used for testing

* get rid of codecov cli dependency

* fix(spans): Adds organizations:standalone-span-ingestion flag to default config (getsentry#2936)

Adds organizations:standalone-span-ingestion flag to default config

* feat: adds group attributes consumer (getsentry#2927)

adds group attributes consumer

* Use python for e2e tests (getsentry#2953)

* bump e2e action commit sha

* release: 24.4.0

* build: Set master version to nightly

#skip-changelog

* Port last integration tests to python (getsentry#2966)

* port custom ca cert test to python

* Add example to docker compose version in problem report (getsentry#2959)

* Use docker compose exec to create additional kafka topics (getsentry#2904)

* chore(deps): bump memcached and redis to latest patch versions (getsentry#2973)

* release: 24.4.1

* build: Set master version to nightly

#skip-changelog

* Add workstation configuration (getsentry#2968)

* Add workstation configuration

These are prebuilt docker images for spinning up a local self-hosted
image on the Google Cloud Workstation project. While primarily intended
for internal development at Sentry, in theory these can be used by
anyone with GCWS project to create a fresh workstation for developing
self-hosted via a remote VSCode connection.

Users who have GCWS properly configured will be able to use the
forthcoming `workstations ...` command in the `sentry` dev CLI to
create, manage, and destroy one-off or long-lived workstations in either
the pre-install or post-install configuration.

Note that the `sentry workstations ...` CLI has not yet landed in the
`sentry` repo - those changes are coming soon!

Issue: getsentry/team-ospo#240

* Fix shfmt complaints

* Upgrade postgres to 14.11 (getsentry#2975)

chore(deps): bump postgres to latest 14 alpine version

* Bump docker compose version in CI (getsentry#2980)

* only rerun tests on v2.0.1

* change from http error to request error

* use 3 retries like before

* fix: backport changes

---------

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: Reinaldy Rafli <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Hubert Deng <[email protected]>
Co-authored-by: Chad Whitacre <[email protected]>
Co-authored-by: getsentry-bot <[email protected]>
Co-authored-by: getsentry-bot <[email protected]>
Co-authored-by: hubertdeng123 <[email protected]>
Co-authored-by: Iven Schlenther <[email protected]>
Co-authored-by: RexTim <[email protected]>
Co-authored-by: Victor <[email protected]>
Co-authored-by: Erfan <[email protected]>
Co-authored-by: Pierre Massat <[email protected]>
Co-authored-by: Jann Kleen <[email protected]>
Co-authored-by: Lyn Nagara <[email protected]>
Co-authored-by: edwardgou-sentry <[email protected]>
Co-authored-by: Stephen Cefali <[email protected]>
Co-authored-by: Edgar Sanchez <[email protected]>
Co-authored-by: Steffen Zieger <[email protected]>
Co-authored-by: Matthew T <[email protected]>
Co-authored-by: Alex Zaslavsky <[email protected]>
@github-actions github-actions bot locked and limited conversation to collaborators May 5, 2024
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Labels
None yet
Projects
Archived in project
Development

Successfully merging this pull request may close these issues.

3 participants