netreconlab · cbaker6 · Dec 24, 2022 · Dec 24, 2022 · Dec 24, 2022 · Dec 24, 2022
diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml
@@ -52,7 +52,53 @@ jobs:
           push: ${{ github.event_name != 'pull_request' && github.event_name != 'merge_group' }}
           tags: ${{ steps.meta.outputs.tags }}
           labels: ${{ steps.meta.outputs.labels }}
-
+  docker-alpine:
+    runs-on: ubuntu-latest
+    permissions:
+      contents: read
+      packages: write
+
+    steps:
+      - name: Checkout repository
+        uses: actions/checkout@v3
+
+      - name: Set up QEMU
+        id: qemu
+        uses: docker/setup-qemu-action@v2
+
+      - name: Set up Docker Buildx
+        uses: docker/setup-buildx-action@v2
+
+      # Login against a Docker registry except on PR
+      # https://github.com/docker/login-action
+      - name: Log into dockerhub
+        if: github.event_name != 'pull_request'
+        uses: docker/login-action@v2
+        with:
+          username: ${{ secrets.DOCKERHUB_USERNAME }}
+          password: ${{ secrets.DOCKERHUB_TOKEN }}
+
+      # Extract metadata (tags, labels) for Docker
+      # https://github.com/docker/metadata-action
+      - name: Extract Docker metadata
+        id: meta
+        uses: docker/metadata-action@v4
+        with:
+          images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}
+          flavor: |
+            suffix=alpine,onlatest=true
+
+      # Build and push Docker image with Buildx (don't push on PR)
+      # https://github.com/docker/build-push-action
+      - name: Build and push Docker image
+        uses: docker/build-push-action@v3
+        with:
+          file: alpine/Dockerfile
+          context: ./
+          platforms: linux/amd64, linux/arm64/v8, linux/ppc64le
+          push: ${{ github.event_name != 'pull_request' }}
+          tags: ${{ steps.meta.outputs.tags }}
+          labels: ${{ steps.meta.outputs.labels }}
   singularity:
     needs: docker
     runs-on: ubuntu-latest

diff --git a/Dockerfile b/Dockerfile
@@ -1,4 +1,5 @@
 FROM postgres:15-bullseye
+LABEL maintainer="Network Reconnaissance Lab [email protected]"
 
 ENV POSTGIS_MAJOR 3
 ENV POSTGIS_VERSION 3.3.3+dfsg-1.pgdg110+1

diff --git a/alpine/Dockerfile b/alpine/Dockerfile
@@ -0,0 +1,168 @@
+FROM postgres:15-alpine3.17
+
+LABEL maintainer="Network Reconnaissance Lab [email protected]"
+
+ENV POSTGIS_VERSION 3.3.2
+ENV POSTGIS_SHA256 2a6858d1df06de1c5f85a5b780773e92f6ba3a5dc09ac31120ac895242f5a77b
+
+RUN set -eux \
+    \
+    &&  if   [ $(printf %.1s "$POSTGIS_VERSION") == 3 ]; then \
+            set -eux ; \
+            #
+            # using only v3.17
+            #
+            #GEOS: https://pkgs.alpinelinux.org/packages?name=geos&branch=v3.17 \
+            export GEOS_ALPINE_VER=3.11 ; \
+            #GDAL: https://pkgs.alpinelinux.org/packages?name=gdal&branch=v3.17 \
+            export GDAL_ALPINE_VER=3.5 ; \
+            #PROJ: https://pkgs.alpinelinux.org/packages?name=proj&branch=v3.17 \
+            export PROJ_ALPINE_VER=9.1 ; \
+            #
+        elif [ $(printf %.1s "$POSTGIS_VERSION") == 2 ]; then \
+            set -eux ; \
+            #
+            # using older branches v3.13; v3.14 for GEOS,GDAL,PROJ
+            #
+            #GEOS: https://pkgs.alpinelinux.org/packages?name=geos&branch=v3.13 \
+            export GEOS_ALPINE_VER=3.8 ; \
+            #GDAL: https://pkgs.alpinelinux.org/packages?name=gdal&branch=v3.14 \
+            export GDAL_ALPINE_VER=3.2 ; \
+            #PROJ: https://pkgs.alpinelinux.org/packages?name=proj&branch=v3.14 \
+            export PROJ_ALPINE_VER=7.2 ; \
+            #
+            \
+            echo 'https://dl-cdn.alpinelinux.org/alpine/v3.14/main'      >> /etc/apk/repositories ; \
+            echo 'https://dl-cdn.alpinelinux.org/alpine/v3.14/community' >> /etc/apk/repositories ; \
+            echo 'https://dl-cdn.alpinelinux.org/alpine/v3.13/main'      >> /etc/apk/repositories ; \
+            echo 'https://dl-cdn.alpinelinux.org/alpine/v3.13/community' >> /etc/apk/repositories ; \
+            \
+        else \
+            set -eux ; \
+            echo ".... unknown \$POSTGIS_VERSION ...." ; \
+            exit 1 ; \
+        fi \
+    \
+    && apk add --no-cache --virtual .fetch-deps \
+        ca-certificates \
+        openssl \
+        tar \
+    \
+    && wget -O postgis.tar.gz "https://github.com/postgis/postgis/archive/${POSTGIS_VERSION}.tar.gz" \
+    && echo "${POSTGIS_SHA256} *postgis.tar.gz" | sha256sum -c - \
+    && mkdir -p /usr/src/postgis \
+    && tar \
+        --extract \
+        --file postgis.tar.gz \
+        --directory /usr/src/postgis \
+        --strip-components 1 \
+    && rm postgis.tar.gz \
+    \
+    && apk add --no-cache --virtual .build-deps \
+        \
+        gdal-dev~=${GDAL_ALPINE_VER} \
+        geos-dev~=${GEOS_ALPINE_VER} \
+        proj-dev~=${PROJ_ALPINE_VER} \
+        \
+        autoconf \
+        automake \
+        clang-dev \
+        file \
+        g++ \
+        gcc \
+        gettext-dev \
+        json-c-dev \
+        libtool \
+        libxml2-dev \
+        llvm-dev \
+        make \
+        pcre-dev \
+        perl \
+        protobuf-c-dev \
+    \
+# build PostGIS
+    \
+    && cd /usr/src/postgis \
+    && gettextize \
+    && ./autogen.sh \
+    && ./configure \
+        --with-pcredir="$(pcre-config --prefix)" \
+    && make -j$(nproc) \
+    && make install \
+    \
+# buildx platform check for debug.
+     && uname -a && uname -m && cat /proc/cpuinfo \
+     \
+# regress check
+    && mkdir /tempdb \
+    && chown -R postgres:postgres /tempdb \
+    && su postgres -c 'pg_ctl -D /tempdb init' \
+    \
+    # QEMU7.0/BUILDX - JIT workaround
+    && if [[ "$(uname -m)" == "aarch64" && "15" != "10" ]] || \
+          [[ "$(uname -m)" == "ppc64le" && "15" != "10" ]]; then \
+            set -eux \
+            # for the buildx/qemu workflow
+            #   with (aarch64 ppc64le) and PG>10 .. we are testing with JIT=OFF to avoid QEMU7.0/BUILDX error
+            && echo "WARNING: JIT=OFF testing (aarch64 ppc64le)!" \
+            && echo "## WARNING: tested with JIT=OFF (aarch64 ppc64le)!" >> /_pgis_full_version.txt \
+            && su postgres -c 'pg_ctl -o "--jit=off" -D /tempdb start' \
+            && su postgres -c 'psql -c "SHOW JIT;"' \
+            ; \
+        else \
+            set -eux \
+            # default test .. no problem expected.
+            && su postgres -c 'pg_ctl -D /tempdb start' \
+            ; \
+        fi \
+    \
+    && cd regress \
+    && make -j$(nproc) check RUNTESTFLAGS=--extension   PGUSER=postgres \
+    #&& make -j$(nproc) check RUNTESTFLAGS=--dumprestore PGUSER=postgres \
+    #&& make garden                                      PGUSER=postgres \
+    \
+    && su postgres -c 'psql    -c "CREATE EXTENSION IF NOT EXISTS postgis;"' \
+    && su postgres -c 'psql -t -c "SELECT version();"'              >> /_pgis_full_version.txt \
+    && su postgres -c 'psql -t -c "SELECT PostGIS_Full_Version();"' >> /_pgis_full_version.txt \
+    \
+    && su postgres -c 'pg_ctl -D /tempdb --mode=immediate stop' \
+    && rm -rf /tempdb \
+    && rm -rf /tmp/pgis_reg \
+# add .postgis-rundeps
+    && apk add --no-cache --virtual .postgis-rundeps \
+        \
+        gdal~=${GDAL_ALPINE_VER} \
+        geos~=${GEOS_ALPINE_VER} \
+        proj~=${PROJ_ALPINE_VER} \
+        \
+        json-c \
+        libstdc++ \
+        pcre \
+        protobuf-c \
+        \
+        # ca-certificates: for accessing remote raster files
+        #   fix https://github.com/postgis/docker-postgis/issues/307
+        ca-certificates \
+# clean
+    && cd / \
+    && rm -rf /usr/src/postgis \
+    && apk del .fetch-deps .build-deps \
+# print PostGIS_Full_Version() for the log. ( experimental & internal )
+    && cat /_pgis_full_version.txt
+
+COPY ../scripts/initdb-postgis.sh /docker-entrypoint-initdb.d/10_postgis.sh
+COPY ../scripts/update-postgis.sh /usr/local/bin
+
+#Install additional scripts. These are run in abc order during initial start
+COPY ../scripts/setup-0-pgaudit.sh /docker-entrypoint-initdb.d/setup-0-pgaudit.sh
+COPY ../scripts/setup-dbs.sh /docker-entrypoint-initdb.d/setup-dbs.sh
+RUN chmod +x /docker-entrypoint-initdb.d/setup-0-pgaudit.sh /docker-entrypoint-initdb.d/setup-dbs.sh
+
+#Install script for ParseCareKit to be run after first run
+RUN mkdir parseScripts
+COPY ../scripts/setup-parse-index.sh ./parseScripts/setup-parse-index.sh
+RUN chmod +x ./parseScripts/setup-parse-index.sh
+
+ENV POSTGRES_INITDB_ARGS "--data-checksums"
+
+CMD ["postgres", "-c", "shared_preload_libraries=pgaudit"]