Add pgaudit Extension Support with Automated CI/CD Infrastructure

[shusaan]

This PR establishes the foundation for PostgreSQL extension container images by implementing pgaudit as the first supported extension, complete with automated build, testing, and release infrastructure.

🎯 Objectives Achieved
✅ Implement pgaudit extension following established patterns

✅ Create automated CI/CD pipeline with comprehensive testing

✅ Establish architecture for future extensions

✅ Provide real-world usage examples

🏗️ Architecture & Design
Extension Structure:

pgaudit/
├── Dockerfile # Multi-stage build
├── docker-bake.hcl # Build configuration with proper tagging
└── README.md # Extension-specific documentation

Copy
CI/CD Pipeline:

Release Monitoring: Nightly checks for new pgaudit releases

Automated Builds: Triggered on new releases or code changes

Comprehensive Testing: Kind + CNPG operator + real extension verification

Multi-branch Support: Feature branches get isolated testing

🧪 Testing Strategy
Smoke Tests Include:

Kind cluster with ImageVolume feature

CNPG operator installation & verification

PostgreSQL cluster creation with extension volumes

Extension availability verification (pg_available_extensions)

Extension creation testing (CREATE EXTENSION pgaudit)

📦 Container Images
Tagging Convention:

pgaudit:18-18.0-202510030210-bookworm (timestamped)

pgaudit:18-18.0-bookworm (rolling)

Supported Combinations:

PostgreSQL 18 + bookworm

PostgreSQL 18 + trixie

🔄 Workflow Design
Main Branch:

Builds all distro combinations

Runs full smoke tests

Tags successful releases

Pushes to production registry

Feature Branches:

Builds single combination for testing

Runs same smoke tests

Uses branch-specific tags

No production tagging

📋 Files Added/Modified
New Files:

pgaudit/Dockerfile - Multi-stage build for pgaudit

pgaudit/docker-bake.hcl - Build configuration

pgaudit/README.md - Extension documentation

.github/workflows/build-pgaudit.yml - Main CI/CD pipeline

.github/workflows/pgaudit-release-monitor.yml - Release monitoring

kind-config.yaml - Kind cluster configuration

Modified Files:

README.md - Updated with pgaudit support and usage examples

🚀 Usage Example
apiVersion: postgresql.cnpg.io/v1
kind: Cluster
metadata:
name: postgres-with-pgaudit
spec:
instances: 3
imageName: ghcr.io/cloudnative-pg/postgresql:18-bookworm
postgresql:
extensions:
- name: pgaudit
image:
reference: ghcr.io/cloudnative-pg/pgaudit:18-18.0-bookworm
parameters:
shared_preload_libraries: "pgaudit"
pgaudit.log: "all"
storage:
size: 1Gi

Copy
yaml
🔮 Future Roadmap
This implementation establishes patterns for:

Adding new extensions (pgvector, PostGIS, etc.)

Supporting multiple PostgreSQL versions

Community contributions

Extension-specific release cycles

✅ Testing
Docker builds succeed for all combinations
Kind cluster creates successfully with ImageVolume
CNPG operator installs and functions
PostgreSQL cluster starts with extension volumes
pgaudit extension is available and functional
CI/CD pipeline runs end-to-end
This PR provides a solid foundation for the PostgreSQL extensions ecosystem while maintaining high quality standards through comprehensive automated testing.

[shusaan]

Hi @NiccoloFei @gbartolini ,
Hope you're doing well! Just checking in on this PR. I'm excited to move forward with adding pgaudit support and the CI/CD foundation. Planning to add other extensions like TimescaleDB to this as well. Would love any feedback when you have a moment. Thank You