OP#496 update Jenkinsfile and remove from mirror

OP#496 update Readme
2026-03-14 19:01:32 +01:00 · 2026-03-14 18:56:34 +01:00 · 2026-03-14 18:54:30 +01:00 · 2026-03-14 18:49:49 +01:00 · 2026-03-14 18:37:20 +01:00 · 2026-03-14 18:32:43 +01:00
3 changed files with 169 additions and 102 deletions
--- a/99
+++ b/99
@@ -1,99 +0,0 @@
 pipeline {
    agent any
    post {
        always {
            deleteDir() /* clean up our workspace */
        }
        success {
            updateGitlabCommitStatus state: 'success'
        }
        failure {
            updateGitlabCommitStatus state: 'failed'
            step([$class: 'Mailer', notifyEveryUnstableBuild: true, recipients: 'support@confdroid.com', sendToIndividuals: true])
        }
    }
    options {
          gitLabConnection('gitlab.confdroid.com')
    }
    stages {
            stage('SonarScan') {
         steps {
            withCredentials([string(credentialsId: 'sonar-token', variable: 'SONAR_TOKEN')]) {
              sh '''
              /opt/sonar-scanner/bin/sonar-scanner \
                -Dsonar.projectKey=confdroid_pgbouncer \
                -Dsonar.sources=. \
                -Dsonar.host.url=https://sonarqube.confdroid.com \
                -Dsonar.token=$SONAR_TOKEN
                '''
              }
            }
          }
 stage('build and push image to gitlab') {
            steps {
            withCredentials([usernamePassword(credentialsId: 'jenkins-gitlab-registry-token-2026', passwordVariable: 'pw', usernameVariable: 'un')]) {
                sh '''
                set +xe
                docker login gitlab.confdroid.com:5050 -u $un -p $pw
                docker build --network=host -t gitlab.confdroid.com:5050/containers/confdroid_pgbouncer:1.1.4 .
                docker build --network=host -t gitlab.confdroid.com:5050/containers/confdroid_pgbouncer:latest .
                docker push gitlab.confdroid.com:5050/containers/confdroid_pgbouncer:1.1.4
                docker push gitlab.confdroid.com:5050/containers/confdroid_pgbouncer:latest
                                '''
            }
          }
        }
        stage('build and push image to gitea') {
            steps {
            withCredentials([usernamePassword(credentialsId: 'Gitea-package-token', passwordVariable: 'pw', usernameVariable: 'un')]) {
                sh '''
                set +xe
                docker login sourcecode.confdroid.com -u $un -p $pw
                docker build --network=host -t sourcecode.confdroid.com/confdroid/confdroid_pgbouncer:1.1.4 .
                docker push sourcecode.confdroid.com/confdroid/confdroid_pgbouncer:1.1.4
                docker build --network=host -t sourcecode.confdroid.com/confdroid/confdroid_pgbouncer:latest .
                docker push sourcecode.confdroid.com/confdroid/confdroid_pgbouncer:latest
                '''
            }
          }
        }
      stage('update repo') {
        steps {
          sshagent(['edd05eb6-26b5-4c7b-a5cc-ea2ab899f4fa']) {
            sh '''
                 git config user.name "Jenkins Server"
                    git config user.email jenkins@confdroid.com
                    git add -A && git commit -am "Recommit for updates in build $BUILD_NUMBER" || echo "No changes to commit"
                    git push origin HEAD:master
            '''
        }
      }
    }
         stage('Mirror to Gitea') {
             steps {
                withCredentials([usernamePassword(
                credentialsId: 'Jenkins-gitea',
                usernameVariable: 'GITEA_USER',
                passwordVariable: 'GITEA_TOKEN')]) {
                script {
                    // Checkout from GitLab (already done implicitly)
                    sh '''
                        git checkout master
                        git pull origin master
                        git remote add master https://sourcecode.confdroid.com/confdroid/confdroid_pgbouncer.git
                        git -c credential.helper="!f() { echo username=${GITEA_USER}; echo password=${GITEA_TOKEN}; }; f" \
                        push master --mirror
                    '''
 					}
 				}
 			}
 		}
  }
 }
--- a/README.md
+++ b/README.md
@@ -4,10 +4,28 @@
 [![Security Hotspots](https://sonarqube.confdroid.com/api/project_badges/measure?project=confdroid_pgbouncer&metric=security_hotspots&token=sqb_14b3b9e1feb1a04243c8e2bbef2a7db64824068a)](https://sonarqube.confdroid.com/dashboard?id=confdroid_pgbouncer)
 - [README](#readme)
- [Purpose](#purpose)
+  - [Purpose](#purpose)
  - [Download](#download)
  - [Configuration](#configuration)
  - [Contact Us](#contact-us)
-# Purpose
+## Purpose
 `Pgbouncer` is a loadbalancer for postgresql connections and very helpful in managing aspects of postgresql performance through the reuse of connections.
-`confdroid_pgbouncer`is a standalone container suitable for running on kubernetes etc to facilitate loadbalancer deployments.
+`confdroid_pgbouncer`is a standalone container suitable for running on kubernetes etc to facilitate loadbalancer deployments. It can and should run with multiple instances. Each  instance will take the configuration from the same source and works independently.
 ## Download
 [confdroid_pgbouncer:latest](https://sourcecode.confdroid.com/confdroid/-/packages/container/confdroid_pgbouncer/latest)
 ## Configuration
 The container takes its configuration via config map and secrets.
 - see [example config](docs/example_config.yaml)
 ## Contact Us
 - [contact form](https://confdroid.com/contact/)
 - [feedback portal](https://feedback.confdroid.com/)
--- a/docs/example_config.yaml
+++ b/docs/example_config.yaml
@@ -0,0 +1,148 @@
 ---
 apiVersion: v1
 kind: Namespace
 metadata:
  name: pgbouncer
 ---
 apiVersion: v1
 kind: Secret
 metadata:
  name: pgbouncer-users
  namespace: pgbouncer
 type: Opaque
 stringData:
  userlist.txt: |
    "example_user "md535412bdc28167fbcdcef2c25bafd2f21"
 ---
 apiVersion: v1
 kind: Secret
 metadata:
  name: pgbouncer-tls
  namespace: pgbouncer
 type: Opaque
 data:
  data:
  ca.crt: <encrypted cert>
  client.crt: <encrypted cert>
  client.key: <encrypted key>
  server.crt: <encrypted cert>
  server.key: <encrypted key>
 ---
 apiVersion: v1
 kind: ConfigMap
 metadata:
  name: pgbouncer-config
  namespace: pgbouncer
 data:
  pgbouncer.ini: |
    [pgbouncer]
    listen_addr = 0.0.0.0
    listen_port = 6432
    auth_type = md5
    auth_file = /etc/pgbouncer/userlist.txt
    # admin_users = admin
    pool_mode = transaction
    max_client_conn = 100
    default_pool_size = 20
    ignore_startup_parameters = extra_float_digits
    log_connections = 1
    log_disconnections = 1
    log_pooler_errors = 1
    log_stats = 1
    verbose = 0
    pidfile = /var/run/pgbouncer/pgbouncer.pid
    # TLS backend: PgBouncer → PostgreSQL
    server_tls_sslmode = verify-ca
    server_tls_ca_file = /etc/pgbouncer/tls/ca.crt
    server_tls_cert_file = /etc/pgbouncer/tls/client.crt
    server_tls_key_file = /etc/pgbouncer/tls/client.key
    server_tls_protocols = secure
    # TLS frontend
    client_tls_sslmode = require
    client_tls_key_file = /etc/pgbouncer/tls/server.key
    client_tls_cert_file = /etc/pgbouncer/tls/server.crt
    client_tls_ca_file = /etc/pgbouncer/tls/ca.crt
    client_tls_protocols = secure
    [databases]
    <example_db> = host=<example_host> port=5432 pool_mode=session dbname=<example_db> auth_user="<example_user>"
 ---
 apiVersion: apps/v1
 kind: Deployment
 metadata:
  name: pgbouncer-deployment
  namespace: pgbouncer
 spec:
  replicas: 2
  selector:
    matchLabels:
      app: pgbouncer
  template:
    metadata:
      labels:
        app: pgbouncer
    spec:
      containers:
      - name: pgbouncer
        image: sourcecode.confdroid.com/confdroid/confdroid_pgbouncer:latest
        imagePullPolicy: IfNotPresent
        ports:
          - containerPort: 6432
        volumeMounts:
          - name: config
            mountPath: /etc/pgbouncer/pgbouncer.ini
            subPath: pgbouncer.ini
            readOnly: true
          - name: users
            mountPath: /etc/pgbouncer/userlist.txt
            subPath: userlist.txt
            readOnly: true
          - name: tls
            mountPath: /etc/pgbouncer/tls
            readOnly: true
        livenessProbe:
          tcpSocket:
            port: 6432
          initialDelaySeconds: 5
          periodSeconds: 10
        readinessProbe:
          tcpSocket:
            port: 6432
          initialDelaySeconds: 5
          periodSeconds: 10
      volumes:
        - name: config
          configMap:
            name: pgbouncer-config
        - name: users
          secret:
            secretName: pgbouncer-users
        - name: tls
          secret:
            secretName: pgbouncer-tls
 ---
 apiVersion: v1
 kind: Service
 metadata:
  name: pgbouncer-service
  namespace: pgbouncer
 spec:
  selector:
    app: pgbouncer
  ports:
    - name: pgbouncer_port
      port: 6432 
      targetPort: 6432
      protocol: TCP
Author	SHA1	Message	Date
12ww1160	5f74877156	OP#496 update Jenkinsfile and remove from mirror	2026-03-14 19:01:32 +01:00
12ww1160	b20faf66fa	OP#496 update Readme	2026-03-14 18:56:34 +01:00
12ww1160	8a5a5d8389	OP#496 update Readme	2026-03-14 18:54:30 +01:00
12ww1160	8043111d71	OP#496 update Readme	2026-03-14 18:49:49 +01:00
12ww1160	8433d068a4	OP#496 update Readme	2026-03-14 18:37:20 +01:00
12ww1160	4904e75e75	OP#496 add config example and update Readme	2026-03-14 18:32:43 +01:00
12ww1160	bc8c2ed89f	update Readme	2026-03-13 16:23:15 +01:00