diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index daa62b6..ab623f5 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -52,7 +52,53 @@ jobs: push: ${{ github.event_name != 'pull_request' && github.event_name != 'merge_group' }} tags: ${{ steps.meta.outputs.tags }} labels: ${{ steps.meta.outputs.labels }} - + docker-alpine: + runs-on: ubuntu-latest + permissions: + contents: read + packages: write + + steps: + - name: Checkout repository + uses: actions/checkout@v3 + + - name: Set up QEMU + id: qemu + uses: docker/setup-qemu-action@v2 + + - name: Set up Docker Buildx + uses: docker/setup-buildx-action@v2 + + # Login against a Docker registry except on PR + # https://github.com/docker/login-action + - name: Log into dockerhub + if: github.event_name != 'pull_request' + uses: docker/login-action@v2 + with: + username: ${{ secrets.DOCKERHUB_USERNAME }} + password: ${{ secrets.DOCKERHUB_TOKEN }} + + # Extract metadata (tags, labels) for Docker + # https://github.com/docker/metadata-action + - name: Extract Docker metadata + id: meta + uses: docker/metadata-action@v4 + with: + images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }} + flavor: | + suffix=alpine,onlatest=true + + # Build and push Docker image with Buildx (don't push on PR) + # https://github.com/docker/build-push-action + - name: Build and push Docker image + uses: docker/build-push-action@v3 + with: + file: alpine/Dockerfile + context: ./ + platforms: linux/amd64, linux/arm64/v8, linux/ppc64le + push: ${{ github.event_name != 'pull_request' }} + tags: ${{ steps.meta.outputs.tags }} + labels: ${{ steps.meta.outputs.labels }} singularity: needs: docker runs-on: ubuntu-latest diff --git a/Dockerfile b/Dockerfile index e119230..23dd2dc 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,4 +1,5 @@ FROM postgres:15-bullseye +LABEL maintainer="Network Reconnaissance Lab baker@cs.uky.edu" ENV POSTGIS_MAJOR 3 ENV POSTGIS_VERSION 3.3.3+dfsg-1.pgdg110+1 diff --git a/alpine/Dockerfile b/alpine/Dockerfile new file mode 100644 index 0000000..95d2de3 --- /dev/null +++ b/alpine/Dockerfile @@ -0,0 +1,168 @@ +FROM postgres:15-alpine3.17 + +LABEL maintainer="Network Reconnaissance Lab baker@cs.uky.edu" + +ENV POSTGIS_VERSION 3.3.2 +ENV POSTGIS_SHA256 2a6858d1df06de1c5f85a5b780773e92f6ba3a5dc09ac31120ac895242f5a77b + +RUN set -eux \ + \ + && if [ $(printf %.1s "$POSTGIS_VERSION") == 3 ]; then \ + set -eux ; \ + # + # using only v3.17 + # + #GEOS: https://pkgs.alpinelinux.org/packages?name=geos&branch=v3.17 \ + export GEOS_ALPINE_VER=3.11 ; \ + #GDAL: https://pkgs.alpinelinux.org/packages?name=gdal&branch=v3.17 \ + export GDAL_ALPINE_VER=3.5 ; \ + #PROJ: https://pkgs.alpinelinux.org/packages?name=proj&branch=v3.17 \ + export PROJ_ALPINE_VER=9.1 ; \ + # + elif [ $(printf %.1s "$POSTGIS_VERSION") == 2 ]; then \ + set -eux ; \ + # + # using older branches v3.13; v3.14 for GEOS,GDAL,PROJ + # + #GEOS: https://pkgs.alpinelinux.org/packages?name=geos&branch=v3.13 \ + export GEOS_ALPINE_VER=3.8 ; \ + #GDAL: https://pkgs.alpinelinux.org/packages?name=gdal&branch=v3.14 \ + export GDAL_ALPINE_VER=3.2 ; \ + #PROJ: https://pkgs.alpinelinux.org/packages?name=proj&branch=v3.14 \ + export PROJ_ALPINE_VER=7.2 ; \ + # + \ + echo 'https://dl-cdn.alpinelinux.org/alpine/v3.14/main' >> /etc/apk/repositories ; \ + echo 'https://dl-cdn.alpinelinux.org/alpine/v3.14/community' >> /etc/apk/repositories ; \ + echo 'https://dl-cdn.alpinelinux.org/alpine/v3.13/main' >> /etc/apk/repositories ; \ + echo 'https://dl-cdn.alpinelinux.org/alpine/v3.13/community' >> /etc/apk/repositories ; \ + \ + else \ + set -eux ; \ + echo ".... unknown \$POSTGIS_VERSION ...." ; \ + exit 1 ; \ + fi \ + \ + && apk add --no-cache --virtual .fetch-deps \ + ca-certificates \ + openssl \ + tar \ + \ + && wget -O postgis.tar.gz "https://github.com/postgis/postgis/archive/${POSTGIS_VERSION}.tar.gz" \ + && echo "${POSTGIS_SHA256} *postgis.tar.gz" | sha256sum -c - \ + && mkdir -p /usr/src/postgis \ + && tar \ + --extract \ + --file postgis.tar.gz \ + --directory /usr/src/postgis \ + --strip-components 1 \ + && rm postgis.tar.gz \ + \ + && apk add --no-cache --virtual .build-deps \ + \ + gdal-dev~=${GDAL_ALPINE_VER} \ + geos-dev~=${GEOS_ALPINE_VER} \ + proj-dev~=${PROJ_ALPINE_VER} \ + \ + autoconf \ + automake \ + clang-dev \ + file \ + g++ \ + gcc \ + gettext-dev \ + json-c-dev \ + libtool \ + libxml2-dev \ + llvm-dev \ + make \ + pcre-dev \ + perl \ + protobuf-c-dev \ + \ +# build PostGIS + \ + && cd /usr/src/postgis \ + && gettextize \ + && ./autogen.sh \ + && ./configure \ + --with-pcredir="$(pcre-config --prefix)" \ + && make -j$(nproc) \ + && make install \ + \ +# buildx platform check for debug. + && uname -a && uname -m && cat /proc/cpuinfo \ + \ +# regress check + && mkdir /tempdb \ + && chown -R postgres:postgres /tempdb \ + && su postgres -c 'pg_ctl -D /tempdb init' \ + \ + # QEMU7.0/BUILDX - JIT workaround + && if [[ "$(uname -m)" == "aarch64" && "15" != "10" ]] || \ + [[ "$(uname -m)" == "ppc64le" && "15" != "10" ]]; then \ + set -eux \ + # for the buildx/qemu workflow + # with (aarch64 ppc64le) and PG>10 .. we are testing with JIT=OFF to avoid QEMU7.0/BUILDX error + && echo "WARNING: JIT=OFF testing (aarch64 ppc64le)!" \ + && echo "## WARNING: tested with JIT=OFF (aarch64 ppc64le)!" >> /_pgis_full_version.txt \ + && su postgres -c 'pg_ctl -o "--jit=off" -D /tempdb start' \ + && su postgres -c 'psql -c "SHOW JIT;"' \ + ; \ + else \ + set -eux \ + # default test .. no problem expected. + && su postgres -c 'pg_ctl -D /tempdb start' \ + ; \ + fi \ + \ + && cd regress \ + && make -j$(nproc) check RUNTESTFLAGS=--extension PGUSER=postgres \ + #&& make -j$(nproc) check RUNTESTFLAGS=--dumprestore PGUSER=postgres \ + #&& make garden PGUSER=postgres \ + \ + && su postgres -c 'psql -c "CREATE EXTENSION IF NOT EXISTS postgis;"' \ + && su postgres -c 'psql -t -c "SELECT version();"' >> /_pgis_full_version.txt \ + && su postgres -c 'psql -t -c "SELECT PostGIS_Full_Version();"' >> /_pgis_full_version.txt \ + \ + && su postgres -c 'pg_ctl -D /tempdb --mode=immediate stop' \ + && rm -rf /tempdb \ + && rm -rf /tmp/pgis_reg \ +# add .postgis-rundeps + && apk add --no-cache --virtual .postgis-rundeps \ + \ + gdal~=${GDAL_ALPINE_VER} \ + geos~=${GEOS_ALPINE_VER} \ + proj~=${PROJ_ALPINE_VER} \ + \ + json-c \ + libstdc++ \ + pcre \ + protobuf-c \ + \ + # ca-certificates: for accessing remote raster files + # fix https://github.com/postgis/docker-postgis/issues/307 + ca-certificates \ +# clean + && cd / \ + && rm -rf /usr/src/postgis \ + && apk del .fetch-deps .build-deps \ +# print PostGIS_Full_Version() for the log. ( experimental & internal ) + && cat /_pgis_full_version.txt + +COPY ../scripts/initdb-postgis.sh /docker-entrypoint-initdb.d/10_postgis.sh +COPY ../scripts/update-postgis.sh /usr/local/bin + +#Install additional scripts. These are run in abc order during initial start +COPY ../scripts/setup-0-pgaudit.sh /docker-entrypoint-initdb.d/setup-0-pgaudit.sh +COPY ../scripts/setup-dbs.sh /docker-entrypoint-initdb.d/setup-dbs.sh +RUN chmod +x /docker-entrypoint-initdb.d/setup-0-pgaudit.sh /docker-entrypoint-initdb.d/setup-dbs.sh + +#Install script for ParseCareKit to be run after first run +RUN mkdir parseScripts +COPY ../scripts/setup-parse-index.sh ./parseScripts/setup-parse-index.sh +RUN chmod +x ./parseScripts/setup-parse-index.sh + +ENV POSTGRES_INITDB_ARGS "--data-checksums" + +CMD ["postgres", "-c", "shared_preload_libraries=pgaudit"]