Skip to content

Unable to upgrade Postgres minor version #6

New issue
New issue
Open
Open
Unable to upgrade Postgres minor version#6
Assignees
doulikecookiedough
Labels
bugSomething isn't working
@doulikecookiedough

Description

@doulikecookiedough
doulikecookiedough
opened on Jan 5, 2026

I am attempting to perform an in-place upgrade by adding the following below to my values-cnpg.yaml override file:

## @section CNPG spec - Specifications for the CNPG cluster
spec:
  ## @param spec.imageName Adjust this value to your desired postgres version
  ## To see available versions, see: https://github.com/cloudnative-pg/postgres-containers/pkgs/container/postgresql
  imageName: ghcr.io/cloudnative-pg/postgresql:17.6

However, this new values.spec.imageName does not get rendered in the deployment, see logs below for helm template... command:

$ helm template vegbankdb18 oci://ghcr.io/dataoneorg/charts/cnpg -f '/Users/doumok/Code/vegbank2/helm/values-cnpg.yaml' --debug
install.go:222: [debug] Original chart version: ""
DEBU[0000] resolving                                     host=ghcr.io
DEBU[0000] do request                                    host=ghcr.io request.header.accept="application/vnd.docker.distribution.manifest.v2+json, application/vnd.docker.distribution.manifest.list.v2+json, application/vnd.oci.image.manifest.v1+json, application/vnd.oci.image.index.v1+json, */*" request.header.user-agent=Helm/3.15.3 request.method=HEAD url="https://ghcr.io/v2/dataoneorg/charts/cnpg/manifests/1.0.0"
DEBU[0000] fetch response received                       host=ghcr.io response.header.content-length=73 response.header.content-type=application/json response.header.date="Mon, 05 Jan 2026 20:52:34 GMT" response.header.www-authenticate="Bearer realm=\"https://ghcr.io/token\",service=\"ghcr.io\",scope=\"repository:dataoneorg/charts/cnpg:pull\"" response.header.x-github-request-id="D650:2A886E:72919A:858D3F:695C2491" response.status="401 Unauthorized" url="https://ghcr.io/v2/dataoneorg/charts/cnpg/manifests/1.0.0"
DEBU[0000] Unauthorized                                  header="Bearer realm=\"https://ghcr.io/token\",service=\"ghcr.io\",scope=\"repository:dataoneorg/charts/cnpg:pull\"" host=ghcr.io
DEBU[0001] do request                                    host=ghcr.io request.header.accept="application/vnd.docker.distribution.manifest.v2+json, application/vnd.docker.distribution.manifest.list.v2+json, application/vnd.oci.image.manifest.v1+json, application/vnd.oci.image.index.v1+json, */*" request.header.user-agent=Helm/3.15.3 request.method=HEAD url="https://ghcr.io/v2/dataoneorg/charts/cnpg/manifests/1.0.0"
DEBU[0001] fetch response received                       host=ghcr.io response.header.content-length=707 response.header.content-type=application/vnd.oci.image.manifest.v1+json response.header.date="Mon, 05 Jan 2026 20:52:34 GMT" response.header.docker-content-digest="sha256:b9b257d51280309b12720285d7dbfbbf631c88f2dd7af34a2fa9f4c372e97a27" response.header.docker-distribution-api-version=registry/2.0 response.header.etag="\"sha256:b9b257d51280309b12720285d7dbfbbf631c88f2dd7af34a2fa9f4c372e97a27\"" response.header.strict-transport-security="max-age=63072000; includeSubDomains; preload" response.header.x-github-request-id="D650:2A886E:7291DF:858D89:695C2492" response.status="200 OK" url="https://ghcr.io/v2/dataoneorg/charts/cnpg/manifests/1.0.0"
DEBU[0001] resolved                                      desc.digest="sha256:b9b257d51280309b12720285d7dbfbbf631c88f2dd7af34a2fa9f4c372e97a27" host=ghcr.io
DEBU[0001] do request                                    digest="sha256:b9b257d51280309b12720285d7dbfbbf631c88f2dd7af34a2fa9f4c372e97a27" request.header.accept="application/vnd.oci.image.manifest.v1+json, */*" request.header.user-agent=Helm/3.15.3 request.method=GET url="https://ghcr.io/v2/dataoneorg/charts/cnpg/manifests/sha256:b9b257d51280309b12720285d7dbfbbf631c88f2dd7af34a2fa9f4c372e97a27"
DEBU[0001] fetch response received                       digest="sha256:b9b257d51280309b12720285d7dbfbbf631c88f2dd7af34a2fa9f4c372e97a27" response.header.content-length=707 response.header.content-type=application/vnd.oci.image.manifest.v1+json response.header.date="Mon, 05 Jan 2026 20:52:34 GMT" response.header.docker-content-digest="sha256:b9b257d51280309b12720285d7dbfbbf631c88f2dd7af34a2fa9f4c372e97a27" response.header.docker-distribution-api-version=registry/2.0 response.header.etag="\"sha256:b9b257d51280309b12720285d7dbfbbf631c88f2dd7af34a2fa9f4c372e97a27\"" response.header.strict-transport-security="max-age=63072000; includeSubDomains; preload" response.header.x-github-request-id="D650:2A886E:72920E:858DB8:695C2492" response.status="200 OK" url="https://ghcr.io/v2/dataoneorg/charts/cnpg/manifests/sha256:b9b257d51280309b12720285d7dbfbbf631c88f2dd7af34a2fa9f4c372e97a27"
DEBU[0001] do request                                    digest="sha256:fc7182128d3275b19271bdf202dc9355631aad9ef225bd1caea43557a19c714f" request.header.accept="application/vnd.cncf.helm.chart.content.v1.tar+gzip, */*" request.header.user-agent=Helm/3.15.3 request.method=GET url="https://ghcr.io/v2/dataoneorg/charts/cnpg/blobs/sha256:fc7182128d3275b19271bdf202dc9355631aad9ef225bd1caea43557a19c714f"
DEBU[0001] do request                                    digest="sha256:2b0443b821657f8c345b693fe2ee69197f4ba05aa49e2762bb824ebfcb9470cf" request.header.accept="application/vnd.cncf.helm.config.v1+json, */*" request.header.user-agent=Helm/3.15.3 request.method=GET url="https://ghcr.io/v2/dataoneorg/charts/cnpg/blobs/sha256:2b0443b821657f8c345b693fe2ee69197f4ba05aa49e2762bb824ebfcb9470cf"
DEBU[0001] fetch response received                       digest="sha256:fc7182128d3275b19271bdf202dc9355631aad9ef225bd1caea43557a19c714f" response.header.accept-ranges=bytes response.header.age=0 response.header.content-disposition= response.header.content-length=21640 response.header.content-type=application/octet-stream response.header.date="Mon, 05 Jan 2026 20:52:35 GMT" response.header.etag="\"0x8DE311B88B4BA05\"" response.header.last-modified="Mon, 01 Dec 2025 20:52:26 GMT" response.header.server="Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0" response.header.strict-transport-security="max-age=31536000" response.header.via="1.1 varnish, 1.1 varnish" response.header.x-cache="MISS, MISS" response.header.x-cache-hits="0, 0" response.header.x-fastly-request-id=57b8cb484175576e60383789d0b0c0ca7322976e response.header.x-ms-blob-type=BlockBlob response.header.x-ms-copy-completion-time="Mon, 01 Dec 2025 20:52:26 GMT" response.header.x-ms-copy-id=40692f86-5645-46eb-88b9-1857547c749b response.header.x-ms-copy-progress=21640/21640 response.header.x-ms-copy-status=success response.header.x-ms-creation-time="Mon, 01 Dec 2025 20:52:26 GMT" response.header.x-ms-last-access-time="Mon, 05 Jan 2026 17:38:22 GMT" response.header.x-ms-lease-state=available response.header.x-ms-lease-status=unlocked response.header.x-ms-request-id=7f6f94e0-b01e-00c7-2a85-7e2112000000 response.header.x-ms-server-encrypted=true response.header.x-ms-version=2025-01-05 response.header.x-served-by="cache-iad-kjyo7100158-IAD, cache-bur-kbur8200032-BUR" response.status="200 OK" url="https://ghcr.io/v2/dataoneorg/charts/cnpg/blobs/sha256:fc7182128d3275b19271bdf202dc9355631aad9ef225bd1caea43557a19c714f"
DEBU[0001] fetch response received                       digest="sha256:2b0443b821657f8c345b693fe2ee69197f4ba05aa49e2762bb824ebfcb9470cf" response.header.accept-ranges=bytes response.header.age=0 response.header.content-disposition= response.header.content-length=216 response.header.content-type=application/octet-stream response.header.date="Mon, 05 Jan 2026 20:52:35 GMT" response.header.etag="\"0x8DE2D475807AD91\"" response.header.last-modified="Wed, 26 Nov 2025 23:55:57 GMT" response.header.server="Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0" response.header.strict-transport-security="max-age=31536000" response.header.via="1.1 varnish, 1.1 varnish" response.header.x-cache="MISS, MISS" response.header.x-cache-hits="0, 0" response.header.x-fastly-request-id=6a89744b06af4f8c3bbb12d71f9ff248e743166f response.header.x-ms-blob-type=BlockBlob response.header.x-ms-copy-completion-time="Wed, 26 Nov 2025 23:55:57 GMT" response.header.x-ms-copy-id=248ec1e0-d358-4ed0-94f0-bdeb8b5318fa response.header.x-ms-copy-progress=216/216 response.header.x-ms-copy-status=success response.header.x-ms-creation-time="Wed, 26 Nov 2025 23:55:57 GMT" response.header.x-ms-last-access-time="Mon, 05 Jan 2026 17:38:22 GMT" response.header.x-ms-lease-state=available response.header.x-ms-lease-status=unlocked response.header.x-ms-request-id=1a65b6db-d01e-00c4-7a85-7eec6d000000 response.header.x-ms-server-encrypted=true response.header.x-ms-version=2025-01-05 response.header.x-served-by="cache-iad-kcgs7200176-IAD, cache-bur-kbur8200032-BUR" response.status="200 OK" url="https://ghcr.io/v2/dataoneorg/charts/cnpg/blobs/sha256:2b0443b821657f8c345b693fe2ee69197f4ba05aa49e2762bb824ebfcb9470cf"
DEBU[0001] encountered unknown type application/vnd.cncf.helm.chart.content.v1.tar+gzip; children may not be fetched 
DEBU[0001] encountered unknown type application/vnd.cncf.helm.config.v1+json; children may not be fetched 
Pulled: ghcr.io/dataoneorg/charts/cnpg:1.0.0
Digest: sha256:b9b257d51280309b12720285d7dbfbbf631c88f2dd7af34a2fa9f4c372e97a27
install.go:239: [debug] CHART PATH: /Users/doumok/Library/Caches/helm/repository/cnpg-1.0.0.tgz

---
# Source: cnpg/templates/scheduled-backup.yaml
# Create a custom CNPG Resource for Scheduled Backups
# Scheduled backups are enabled via 'values.yaml'
---
# Source: cnpg/templates/pg_cluster.yaml
## Create a PostgreSQL cluster using the CloudNative-PG operator
## (https://github.com/cloudnative-pg/cloudnative-pg)
##

apiVersion: postgresql.cnpg.io/v1
kind: Cluster
metadata:
  name: vegbankdb18-cnpg
  namespace: vegbank-dev
spec:
  instances: 3
  postgresql:
    parameters:
        max_connections: "250"
        max_wal_senders: "16"
        shared_buffers: "128MB"
    pg_hba:
      - host        vegbank       vegbank       0.0.0.0/0       password
      - host        vegbank       vegbank       ::0/0           password
      - local       all           all                           trust
      - host        all           all           127.0.0.1/32    trust
      - host        postgres      postgres      0.0.0.0/0       password
    pg_ident:
      - local    postgres    vegbank
  resources:
    limits:
      cpu: 750m
      memory: 2Gi
    requests:
      cpu: 750m
      memory: 2Gi
  storage:
    storageClass: csi-cephfs-sc
    size: 100Gi
  backup:
    enabled: false
    schedule: 0 0 21 * * *
    volumeSnapshot:
      className: csi-cephfsplugin-snapclass

To resolve, I believe we need to add the following to the pg_cluster.yaml template file for our cnpg clusters:

# pg_cluster.yaml
...
spec:
  {{- if .Values.postgresql.cnpgImageOverideEnabled }}
  imageName: {{ .Values.postgresql.cnpgImageSpec }}
  {{- end }}

And this to the values.yaml

# values.yaml
postgresql:
  cnpgImageOverideEnabled: false
  ## @param postgresql.cnpgImageSpec Adjust this value to your desired postgres version
  ## To see available versions, see: https://github.com/cloudnative-pg/postgres-containers/pkgs/container/postgresql
  cnpgImageSpec: ""

This has been tested locally, and appears to be working. I will open a pull request after testing some more.

Metadata

Metadata

Assignees

Labels

bugSomething isn't working

Type

No type

Projects

No projects

Milestone

No milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions