From af4dcd69a67bf0795f84a73a33f1448bf015457d Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Vin=C3=ADcius=20R=2E=20Miguel?= Date: Thu, 25 Jan 2024 17:52:56 -0300 Subject: [PATCH 1/5] workflows: change secrets used in `build_and_push_pg_slim` --- .github/workflows/build_images.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/build_images.yaml b/.github/workflows/build_images.yaml index 1c55763..eb753a8 100644 --- a/.github/workflows/build_images.yaml +++ b/.github/workflows/build_images.yaml @@ -126,8 +126,8 @@ jobs: uses: docker/login-action@v2 with: registry: quay.io - username: ${{ secrets.QUAY_USER }} - password: ${{ secrets.QUAY_PASSWORD }} + username: ${{ secrets.QUAY_USER_TEMBO }} + password: ${{ secrets.QUAY_PASSWORD_TEMBO }} - name: Build and push run: | set -xe From 28f9b57c82c6afb231040a88cc434f810cb76311 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Vin=C3=ADcius=20R=2E=20Miguel?= Date: Thu, 25 Jan 2024 20:23:09 -0300 Subject: [PATCH 2/5] workflows: build & push tembo-pg-cnpg for Pg14 & 16 --- .github/workflows/build_images.yaml | 49 +++++++++++++++++++++++++---- tembo-pg-cnpg/Dockerfile | 11 +++++-- 2 files changed, 51 insertions(+), 9 deletions(-) diff --git a/.github/workflows/build_images.yaml b/.github/workflows/build_images.yaml index eb753a8..a53488e 100644 --- a/.github/workflows/build_images.yaml +++ b/.github/workflows/build_images.yaml @@ -41,7 +41,7 @@ jobs: # in a pull request, and using all directories on the release # or main branches. changed_relative_to_ref: origin/${{ github.base_ref || 'not-a-branch' }} - ignore_dirs: ".tembo, tembo-pg-slim" + ignore_dirs: ".tembo, tembo-pg-slim, tembo-pg-cnpg" build_and_push: name: Build and push images @@ -116,10 +116,6 @@ jobs: steps: - name: Check out the repo uses: actions/checkout@v3 - - name: Set up QEMU - uses: docker/setup-qemu-action@v2 - with: - image: quay.io/coredb/binfmt:latest - name: Set up Docker Buildx uses: docker/setup-buildx-action@v2 - name: Login to Quay.io @@ -140,5 +136,46 @@ jobs: --build-arg PG_VERSION=${{ matrix.pg_version }} \ --build-arg PG_MAJOR=${{ matrix.pg_major }} \ --platform linux/amd64,linux/arm64 \ - --tag quay.io/tembo/tembo-pg-slim:pg${{ matrix.pg_version }} \ + --tag quay.io/tembo/tembo-pg-slim:pg${{ matrix.pg_major }} \ --pull ${PUSH_FLAG} ./tembo-pg-slim + + build_and_push_pg_cnpg: + name: Build and push tembo-pg-cnpg + runs-on: + - self-hosted + - dind + - large-8x8 + strategy: + fail-fast: false + matrix: + include: + - pg_version: "14" + - pg_version: "15" + - pg_version: "16" + steps: + - name: Check out the repo + uses: actions/checkout@v3 + - name: Set up Docker Buildx + uses: docker/setup-buildx-action@v2 + - name: Login to Quay.io + uses: docker/login-action@v2 + with: + registry: quay.io + username: ${{ secrets.QUAY_USER_TEMBO }} + password: ${{ secrets.QUAY_PASSWORD_TEMBO }} + - name: Get short SHA + id: sha + run: echo "::set-output name=sha::$(git rev-parse --short HEAD)" + - name: Build and push + run: | + set -xe + BRANCH_NAME=$(git rev-parse --abbrev-ref HEAD) + PUSH_FLAG="" + if [ "${BRANCH_NAME}" == "main" ]; then + PUSH_FLAG="--push" + fi + docker buildx build \ + --build-arg PG_VERSION=${{ matrix.pg_version }} \ + --platform linux/amd64,linux/arm64 \ + --tag quay.io/tembo/tembo-pg-cnpg:pg${{ matrix.pg_version }}-${{ steps.sha.outputs.sha }} \ + --pull ${PUSH_FLAG} ./tembo-pg-cnpg \ No newline at end of file diff --git a/tembo-pg-cnpg/Dockerfile b/tembo-pg-cnpg/Dockerfile index dbe7583..8e759f0 100644 --- a/tembo-pg-cnpg/Dockerfile +++ b/tembo-pg-cnpg/Dockerfile @@ -1,3 +1,5 @@ +ARG PG_VERSION=15 + FROM rust:1.70-bookworm as builder ARG TRUNK_VER=0.12.12 @@ -5,7 +7,8 @@ ARG TRUNK_VER=0.12.12 ENV CARGO_REGISTRIES_CRATES_IO_PROTOCOL sparse RUN cargo install --version $TRUNK_VER pg-trunk -FROM quay.io/tembo/tembo-pg-slim:722acc3 +FROM quay.io/tembo/tembo-pg-slim:pg${PG_VERSION} + USER root # Install trunk @@ -28,13 +31,15 @@ RUN set -xe; \ rm -rf /var/lib/apt/lists/*; # Install pg_stat_statements -RUN trunk install pg_stat_statements +RUN trunk install --registry https://trunk-registry.cdb-dev.com pg_stat_statements # Install auto_explain -RUN trunk install auto_explain +RUN trunk install --registry https://trunk-registry.cdb-dev.com auto_explain # cache pg_stat_statements and auto_explain and pg_stat_kcache to temp directory RUN set -eux; \ + mkdir /tmp/pg_pkglibdir; \ + mkdir /tmp/pg_sharedir; \ cp -r $(pg_config --pkglibdir)/* /tmp/pg_pkglibdir; \ cp -r $(pg_config --sharedir)/* /tmp/pg_sharedir From d70477c5031f92c25adc05e2474124eb6b879d1f Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Vin=C3=ADcius=20R=2E=20Miguel?= Date: Fri, 26 Jan 2024 13:46:48 -0300 Subject: [PATCH 3/5] workflows: skip linux/arm64 for tembo-pg-cnpg --- .github/workflows/build_images.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/build_images.yaml b/.github/workflows/build_images.yaml index a53488e..90f3db0 100644 --- a/.github/workflows/build_images.yaml +++ b/.github/workflows/build_images.yaml @@ -176,6 +176,6 @@ jobs: fi docker buildx build \ --build-arg PG_VERSION=${{ matrix.pg_version }} \ - --platform linux/amd64,linux/arm64 \ + --platform linux/amd64 \ --tag quay.io/tembo/tembo-pg-cnpg:pg${{ matrix.pg_version }}-${{ steps.sha.outputs.sha }} \ --pull ${PUSH_FLAG} ./tembo-pg-cnpg \ No newline at end of file From e440c1ba75f863c962cb625b9d59dcb86573e8c1 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Vin=C3=ADcius=20R=2E=20Miguel?= Date: Fri, 26 Jan 2024 15:28:45 -0300 Subject: [PATCH 4/5] workflows: update build_and_push with Nick's latest changes --- .github/workflows/build_images.yaml | 15 +++++++-------- 1 file changed, 7 insertions(+), 8 deletions(-) diff --git a/.github/workflows/build_images.yaml b/.github/workflows/build_images.yaml index 90f3db0..28af410 100644 --- a/.github/workflows/build_images.yaml +++ b/.github/workflows/build_images.yaml @@ -45,6 +45,9 @@ jobs: build_and_push: name: Build and push images + permissions: + id-token: write + contents: read runs-on: - self-hosted - dind @@ -63,12 +66,6 @@ jobs: id: versions run: | echo "SHORT_SHA=$(git rev-parse --short HEAD)" >> $GITHUB_OUTPUT - - name: Check out the tembo repo to reuse some actions - uses: actions/checkout@v3 - with: - repository: tembo-io/tembo - path: ./tembo - ref: 737713f5839bcd3f533644fe316540d890c611a8 - name: Determine which tags to publish id: tags run: | @@ -84,7 +81,7 @@ jobs: echo "tag_cargo=false" >> $GITHUB_OUTPUT fi - name: Build and upload image - uses: ./tembo/.github/actions/build-and-push-to-quay + uses: ./.github/actions/build-and-push-to-quay with: image_name: ${{ matrix.name }} docker_directory: ${{ matrix.path }} @@ -95,7 +92,9 @@ jobs: quay_user: ${{ secrets.QUAY_USER_TEMBO }} quay_password: ${{ secrets.QUAY_PASSWORD_TEMBO }} quay_user_tembo: ${{ secrets.QUAY_USER_TEMBO }} - quay_password_tembo: ${{ secrets.QUAY_PASSWORD_TEMBO }} + quay_password_tembo: ${{ secrets.QUAY_PASSWORD_TEMBO }} + gha_iam_role: ${{ secrets.GHA_IAM_ROLE }} + ecr_registry: ${{ secrets.ECR_REGISTRY }} build_and_push_pg_slim: name: Build and push tembo-pg-slim From da878937fb3f81238b44144769d8cfb6fc69f28f Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Vin=C3=ADcius=20R=2E=20Miguel?= Date: Fri, 26 Jan 2024 16:48:29 -0300 Subject: [PATCH 5/5] workflows: use prod registry --- tembo-pg-cnpg/Dockerfile | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/tembo-pg-cnpg/Dockerfile b/tembo-pg-cnpg/Dockerfile index 8e759f0..0f0f824 100644 --- a/tembo-pg-cnpg/Dockerfile +++ b/tembo-pg-cnpg/Dockerfile @@ -31,10 +31,10 @@ RUN set -xe; \ rm -rf /var/lib/apt/lists/*; # Install pg_stat_statements -RUN trunk install --registry https://trunk-registry.cdb-dev.com pg_stat_statements +RUN trunk install pg_stat_statements # Install auto_explain -RUN trunk install --registry https://trunk-registry.cdb-dev.com auto_explain +RUN trunk install auto_explain # cache pg_stat_statements and auto_explain and pg_stat_kcache to temp directory RUN set -eux; \