Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Support building and testing PostgreSQL-16 #548

Merged
merged 9 commits into from
Feb 12, 2024
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension


Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
26 changes: 23 additions & 3 deletions .github/workflows/build-and-push.yml
Original file line number Diff line number Diff line change
Expand Up @@ -28,6 +28,20 @@ jobs:
quayio_username: "QUAY_IMAGE_SCLORG_BUILDER_USERNAME"
quayio_token: "QUAY_IMAGE_SCLORG_BUILDER_TOKEN"
docker_context: 15
- dockerfile: "16/Dockerfile.c9s"
registry_namespace: "sclorg"
tag: "c9s"
image_name: "postgresql-16-c9s"
quayio_username: "QUAY_IMAGE_SCLORG_BUILDER_USERNAME"
quayio_token: "QUAY_IMAGE_SCLORG_BUILDER_TOKEN"
docker_context: 16
- dockerfile: "16/Dockerfile.c8s"
registry_namespace: "sclorg"
tag: "c8s"
image_name: "postgresql-16-c8s"
quayio_username: "QUAY_IMAGE_SCLORG_BUILDER_USERNAME"
quayio_token: "QUAY_IMAGE_SCLORG_BUILDER_TOKEN"
docker_context: 16
- dockerfile: "10/Dockerfile.c8s"
registry_namespace: "sclorg"
tag: "c8s"
Expand Down Expand Up @@ -84,10 +98,16 @@ jobs:
quayio_token: "QUAY_IMAGE_FEDORA_BUILDER_TOKEN"
image_name: "postgresql-15"
docker_context: 15

- dockerfile: "16/Dockerfile.fedora"
registry_namespace: "fedora"
tag: "16"
quayio_username: "QUAY_IMAGE_FEDORA_BUILDER_USERNAME"
quayio_token: "QUAY_IMAGE_FEDORA_BUILDER_TOKEN"
image_name: "postgresql-16"
docker_context: 16
steps:
- name: check if Dockerfile is c9s, then Build multi arch image and push to quay.io registry
if: matrix.dockerfile == '13/Dockerfile.c9s' || matrix.dockerfile == '15/Dockerfile.c9s'
if: matrix.dockerfile == '13/Dockerfile.c9s' || matrix.dockerfile == '15/Dockerfile.c9s' || matrix.dockerfile == '16/Dockerfile.c9s'
uses: sclorg/build-and-push-action@v4
with:
registry: "quay.io"
Expand All @@ -101,7 +121,7 @@ jobs:
archs: amd64, s390x, ppc64le, arm64

- name: Check if Dockerfile is not c9s, then Build and push to quay.io registry
if: matrix.dockerfile != '13/Dockerfile.c9s' && matrix.dockerfile != '15/Dockerfile.c9s'
if: matrix.dockerfile != '13/Dockerfile.c9s' && matrix.dockerfile != '15/Dockerfile.c9s' && matrix.dockerfile != '16/Dockerfile.c9s'
uses: sclorg/build-and-push-action@v4
with:
registry: "quay.io"
Expand Down
85 changes: 85 additions & 0 deletions 16/Dockerfile.c8s
Original file line number Diff line number Diff line change
@@ -0,0 +1,85 @@
FROM quay.io/sclorg/s2i-core-c8s:c8s

# PostgreSQL image for OpenShift.
# Volumes:
# * /var/lib/pgsql/data - Database cluster for PostgreSQL
# Environment:
# * $POSTGRESQL_USER - Database user name
# * $POSTGRESQL_PASSWORD - User's password
# * $POSTGRESQL_DATABASE - Name of the database to create
# * $POSTGRESQL_ADMIN_PASSWORD (Optional) - Password for the 'postgres'
# PostgreSQL administrative account

ENV POSTGRESQL_VERSION=16 \
POSTGRESQL_PREV_VERSION=15 \
HOME=/var/lib/pgsql \
PGUSER=postgres \
APP_DATA=/opt/app-root

ENV SUMMARY="PostgreSQL is an advanced Object-Relational database management system" \
DESCRIPTION="PostgreSQL is an advanced Object-Relational database management system (DBMS). \
The image contains the client and server programs that you'll need to \
create, run, maintain and access a PostgreSQL DBMS server."

LABEL summary="$SUMMARY" \
description="$DESCRIPTION" \
io.k8s.description="$DESCRIPTION" \
io.k8s.display-name="PostgreSQL 16" \
io.openshift.expose-services="5432:postgresql" \
io.openshift.tags="database,postgresql,postgresql16,postgresql-16" \
io.openshift.s2i.assemble-user="26" \
name="sclorg/postgresql-16-c8s" \
com.redhat.component="postgresql-16-container" \
version="1" \
usage="podman run -d --name postgresql_database -e POSTGRESQL_USER=user -e POSTGRESQL_PASSWORD=pass -e POSTGRESQL_DATABASE=db -p 5432:5432 sclorg/postgresql-16-c8s" \
maintainer="SoftwareCollections.org <[email protected]>"

EXPOSE 5432

COPY root/usr/libexec/fix-permissions /usr/libexec/fix-permissions

# This image must forever use UID 26 for postgres user so our volumes are
# safe in the future. This should *never* change, the last test is there
# to make sure of that.
RUN yum -y module enable postgresql:16 && \
INSTALL_PKGS="rsync tar gettext bind-utils nss_wrapper postgresql-server postgresql-contrib" && \
INSTALL_PKGS="$INSTALL_PKGS pgaudit" && \
yum -y --setopt=tsflags=nodocs install $INSTALL_PKGS && \
rpm -V $INSTALL_PKGS && \
postgres -V | grep -qe "$POSTGRESQL_VERSION\." && echo "Found VERSION $POSTGRESQL_VERSION" && \
yum -y reinstall tzdata && \
yum -y clean all --enablerepo='*' && \
localedef -f UTF-8 -i en_US en_US.UTF-8 && \
test "$(id postgres)" = "uid=26(postgres) gid=26(postgres) groups=26(postgres)" && \
mkdir -p /var/lib/pgsql/data && \
/usr/libexec/fix-permissions /var/lib/pgsql /var/run/postgresql

# Get prefix path and path to scripts rather than hard-code them in scripts
ENV CONTAINER_SCRIPTS_PATH=/usr/share/container-scripts/postgresql \
ENABLED_COLLECTIONS=

COPY root /
COPY ./s2i/bin/ $STI_SCRIPTS_PATH

# Not using VOLUME statement since it's not working in OpenShift Online:
# https://github.com/sclorg/httpd-container/issues/30
# VOLUME ["/var/lib/pgsql/data"]

# S2I permission fixes
# --------------------
# 1. unless specified otherwise (or - equivalently - we are in OpenShift), s2i
# build process would be executed as 'uid=26(postgres) gid=26(postgres)'.
# Such process wouldn't be able to execute the default 'assemble' script
# correctly (it transitively executes 'fix-permissions' script). So let's
# add the 'postgres' user into 'root' group here
#
# 2. we call fix-permissions on $APP_DATA here directly (UID=0 during build
# anyways) to assure that s2i process is actually able to _read_ the
# user-specified scripting.
RUN usermod -a -G root postgres && \
/usr/libexec/fix-permissions --read-only "$APP_DATA"

USER 26

ENTRYPOINT ["container-entrypoint"]
CMD ["run-postgresql"]
84 changes: 84 additions & 0 deletions 16/Dockerfile.c9s
Original file line number Diff line number Diff line change
@@ -0,0 +1,84 @@
FROM quay.io/sclorg/s2i-core-c9s:c9s

# PostgreSQL image for OpenShift.
# Volumes:
# * /var/lib/pgsql/data - Database cluster for PostgreSQL
# Environment:
# * $POSTGRESQL_USER - Database user name
# * $POSTGRESQL_PASSWORD - User's password
# * $POSTGRESQL_DATABASE - Name of the database to create
# * $POSTGRESQL_ADMIN_PASSWORD (Optional) - Password for the 'postgres'
# PostgreSQL administrative account

ENV POSTGRESQL_VERSION=16 \
POSTGRESQL_PREV_VERSION=15 \
HOME=/var/lib/pgsql \
PGUSER=postgres \
APP_DATA=/opt/app-root

ENV SUMMARY="PostgreSQL is an advanced Object-Relational database management system" \
DESCRIPTION="PostgreSQL is an advanced Object-Relational database management system (DBMS). \
The image contains the client and server programs that you'll need to \
create, run, maintain and access a PostgreSQL DBMS server."

LABEL summary="$SUMMARY" \
description="$DESCRIPTION" \
io.k8s.description="$DESCRIPTION" \
io.k8s.display-name="PostgreSQL 16" \
io.openshift.expose-services="5432:postgresql" \
io.openshift.tags="database,postgresql,postgresql16,postgresql-16" \
io.openshift.s2i.assemble-user="26" \
name="sclorg/postgresql-16-c9s" \
com.redhat.component="postgresql-16-container" \
version="1" \
usage="podman run -d --name postgresql_database -e POSTGRESQL_USER=user -e POSTGRESQL_PASSWORD=pass -e POSTGRESQL_DATABASE=db -p 5432:5432 sclorg/postgresql-16-c9s" \
maintainer="SoftwareCollections.org <[email protected]>"

EXPOSE 5432

COPY root/usr/libexec/fix-permissions /usr/libexec/fix-permissions

# This image must forever use UID 26 for postgres user so our volumes are
# safe in the future. This should *never* change, the last test is there
# to make sure of that.
RUN { yum -y module enable postgresql:16 || :; } && \
INSTALL_PKGS="rsync tar gettext bind-utils nss_wrapper postgresql-server postgresql-contrib" && \
INSTALL_PKGS="$INSTALL_PKGS pgaudit" && \
yum -y --setopt=tsflags=nodocs install $INSTALL_PKGS && \
rpm -V $INSTALL_PKGS && \
postgres -V | grep -qe "$POSTGRESQL_VERSION\." && echo "Found VERSION $POSTGRESQL_VERSION" && \
yum -y clean all --enablerepo='*' && \
localedef -f UTF-8 -i en_US en_US.UTF-8 && \
test "$(id postgres)" = "uid=26(postgres) gid=26(postgres) groups=26(postgres)" && \
mkdir -p /var/lib/pgsql/data && \
/usr/libexec/fix-permissions /var/lib/pgsql /var/run/postgresql

# Get prefix path and path to scripts rather than hard-code them in scripts
ENV CONTAINER_SCRIPTS_PATH=/usr/share/container-scripts/postgresql \
ENABLED_COLLECTIONS=

COPY root /
COPY ./s2i/bin/ $STI_SCRIPTS_PATH

# Not using VOLUME statement since it's not working in OpenShift Online:
# https://github.com/sclorg/httpd-container/issues/30
# VOLUME ["/var/lib/pgsql/data"]

# S2I permission fixes
# --------------------
# 1. unless specified otherwise (or - equivalently - we are in OpenShift), s2i
# build process would be executed as 'uid=26(postgres) gid=26(postgres)'.
# Such process wouldn't be able to execute the default 'assemble' script
# correctly (it transitively executes 'fix-permissions' script). So let's
# add the 'postgres' user into 'root' group here
#
# 2. we call fix-permissions on $APP_DATA here directly (UID=0 during build
# anyways) to assure that s2i process is actually able to _read_ the
# user-specified scripting.
RUN usermod -a -G root postgres && \
/usr/libexec/fix-permissions --read-only "$APP_DATA"

USER 26

ENTRYPOINT ["container-entrypoint"]
CMD ["run-postgresql"]
83 changes: 83 additions & 0 deletions 16/Dockerfile.fedora
Original file line number Diff line number Diff line change
@@ -0,0 +1,83 @@
FROM quay.io/fedora/s2i-core:39

# PostgreSQL image for OpenShift.
# Volumes:
# * /var/lib/psql/data - Database cluster for PostgreSQL
# Environment:
# * $POSTGRESQL_USER - Database user name
# * $POSTGRESQL_PASSWORD - User's password
# * $POSTGRESQL_DATABASE - Name of the database to create
# * $POSTGRESQL_ADMIN_PASSWORD (Optional) - Password for the 'postgres'
# PostgreSQL administrative account

ENV NAME=postgresql \
VERSION=0 \
ARCH=x86_64 \
\
POSTGRESQL_VERSION=16 \
POSTGRESQL_PREV_VERSION=15 \
HOME=/var/lib/pgsql \
PGUSER=postgres \
APP_DATA=/opt/app-root

ENV SUMMARY="PostgreSQL is an advanced Object-Relational database management system" \
DESCRIPTION="PostgreSQL is an advanced Object-Relational database management system (DBMS). \
The image contains the client and server programs that you'll need to \
create, run, maintain and access a PostgreSQL DBMS server."

LABEL summary="$SUMMARY" \
description="$DESCRIPTION" \
io.k8s.description="$DESCRIPTION" \
io.k8s.display-name="PostgreSQL 16" \
io.openshift.expose-services="5432:postgresql" \
io.openshift.tags="database,postgresql,postgresql16" \
com.redhat.component="$NAME" \
maintainer="SoftwareCollections.org <[email protected]>" \
name="fedora/$NAME-16" \
version="0" \
usage="docker run -d --name postgresql_database -e POSTGRESQL_USER=user -e POSTGRESQL_PASSWORD=pass -e POSTGRESQL_DATABASE=db -p 5432:5432 quay.io/fedora/$NAME-16"

EXPOSE 5432

COPY root/usr/libexec/fix-permissions /usr/libexec/fix-permissions

# This image must forever use UID 26 for postgres user so our volumes are
# safe in the future. This should *never* change, the last test is there
# to make sure of that.
RUN INSTALL_PKGS="rsync tar gettext bind-utils postgresql16-server postgresql16-contrib nss_wrapper " && \
INSTALL_PKGS+="findutils xz" && \
INSTALL_PKGS+=" postgresql16-pgaudit" && \
dnf -y --setopt=tsflags=nodocs install $INSTALL_PKGS && \
rpm -V $INSTALL_PKGS && \
postgres -V | grep -qe "$POSTGRESQL_VERSION\." && echo "Found VERSION $POSTGRESQL_VERSION" && \
dnf clean all && \
test "$(id postgres)" = "uid=26(postgres) gid=26(postgres) groups=26(postgres)" && \
mkdir -p /var/lib/pgsql/data && \
/usr/libexec/fix-permissions /var/lib/pgsql /var/run/postgresql

# Get prefix path and path to scripts rather than hard-code them in scripts
ENV CONTAINER_SCRIPTS_PATH=/usr/share/container-scripts/postgresql

COPY root /
COPY ./s2i/bin/ $STI_SCRIPTS_PATH

VOLUME ["/var/lib/pgsql/data"]

# S2I permission fixes
# --------------------
# 1. unless specified otherwise (or - equivalently - we are in OpenShift), s2i
# build process would be executed as 'uid=26(postgres) gid=26(postgres)'.
# Such process wouldn't be able to execute the default 'assemble' script
# correctly (it transitively executes 'fix-permissions' script). So let's
# add the 'postgres' user into 'root' group here
#
# 2. we call fix-permissions on $APP_DATA here directly (UID=0 during build
# anyways) to assure that s2i process is actually able to _read_ the
# user-specified scripting.
RUN usermod -a -G root postgres && \
/usr/libexec/fix-permissions --read-only "$APP_DATA"

USER 26

ENTRYPOINT ["container-entrypoint"]
CMD ["run-postgresql"]
86 changes: 86 additions & 0 deletions 16/Dockerfile.rhel8
Original file line number Diff line number Diff line change
@@ -0,0 +1,86 @@
FROM ubi8/s2i-core

# PostgreSQL image for OpenShift.
# Volumes:
# * /var/lib/pgsql/data - Database cluster for PostgreSQL
# Environment:
# * $POSTGRESQL_USER - Database user name
# * $POSTGRESQL_PASSWORD - User's password
# * $POSTGRESQL_DATABASE - Name of the database to create
# * $POSTGRESQL_ADMIN_PASSWORD (Optional) - Password for the 'postgres'
# PostgreSQL administrative account

ENV POSTGRESQL_VERSION=16 \
POSTGRESQL_PREV_VERSION=15 \
HOME=/var/lib/pgsql \
PGUSER=postgres \
APP_DATA=/opt/app-root

ENV SUMMARY="PostgreSQL is an advanced Object-Relational database management system" \
DESCRIPTION="PostgreSQL is an advanced Object-Relational database management system (DBMS). \
The image contains the client and server programs that you'll need to \
create, run, maintain and access a PostgreSQL DBMS server."

LABEL summary="$SUMMARY" \
description="$DESCRIPTION" \
io.k8s.description="$DESCRIPTION" \
io.k8s.display-name="PostgreSQL 16" \
io.openshift.expose-services="5432:postgresql" \
io.openshift.tags="database,postgresql,postgresql16,postgresql-16" \
io.openshift.s2i.assemble-user="26" \
name="rhel8/postgresql-16" \
com.redhat.component="postgresql-16-container" \
version="1" \
com.redhat.license_terms="https://www.redhat.com/en/about/red-hat-end-user-license-agreements#rhel" \
usage="podman run -d --name postgresql_database -e POSTGRESQL_USER=user -e POSTGRESQL_PASSWORD=pass -e POSTGRESQL_DATABASE=db -p 5432:5432 rhel8/postgresql-16" \
maintainer="SoftwareCollections.org <[email protected]>"

EXPOSE 5432

COPY root/usr/libexec/fix-permissions /usr/libexec/fix-permissions

# This image must forever use UID 26 for postgres user so our volumes are
# safe in the future. This should *never* change, the last test is there
# to make sure of that.
RUN yum -y module enable postgresql:16 && \
INSTALL_PKGS="rsync tar gettext bind-utils nss_wrapper postgresql-server postgresql-contrib" && \
INSTALL_PKGS="$INSTALL_PKGS pgaudit" && \
yum -y --setopt=tsflags=nodocs install $INSTALL_PKGS && \
rpm -V $INSTALL_PKGS && \
postgres -V | grep -qe "$POSTGRESQL_VERSION\." && echo "Found VERSION $POSTGRESQL_VERSION" && \
(yum -y reinstall tzdata || yum -y update tzdata ) && \
yum -y clean all --enablerepo='*' && \
localedef -f UTF-8 -i en_US en_US.UTF-8 && \
test "$(id postgres)" = "uid=26(postgres) gid=26(postgres) groups=26(postgres)" && \
mkdir -p /var/lib/pgsql/data && \
/usr/libexec/fix-permissions /var/lib/pgsql /var/run/postgresql

# Get prefix path and path to scripts rather than hard-code them in scripts
ENV CONTAINER_SCRIPTS_PATH=/usr/share/container-scripts/postgresql \
ENABLED_COLLECTIONS=

COPY root /
COPY ./s2i/bin/ $STI_SCRIPTS_PATH

# Not using VOLUME statement since it's not working in OpenShift Online:
# https://github.com/sclorg/httpd-container/issues/30
# VOLUME ["/var/lib/pgsql/data"]

# S2I permission fixes
# --------------------
# 1. unless specified otherwise (or - equivalently - we are in OpenShift), s2i
# build process would be executed as 'uid=26(postgres) gid=26(postgres)'.
# Such process wouldn't be able to execute the default 'assemble' script
# correctly (it transitively executes 'fix-permissions' script). So let's
# add the 'postgres' user into 'root' group here
#
# 2. we call fix-permissions on $APP_DATA here directly (UID=0 during build
# anyways) to assure that s2i process is actually able to _read_ the
# user-specified scripting.
RUN usermod -a -G root postgres && \
/usr/libexec/fix-permissions --read-only "$APP_DATA"

USER 26

ENTRYPOINT ["container-entrypoint"]
CMD ["run-postgresql"]
Loading