-
Notifications
You must be signed in to change notification settings - Fork 1.1k
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Merge pull request #736 from simi/13beta1
Add PostgreSQL 13 beta 1.
- Loading branch information
Showing
6 changed files
with
1,029 additions
and
13 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,190 @@ | ||
# vim:set ft=dockerfile: | ||
FROM debian:buster-slim | ||
|
||
RUN set -ex; \ | ||
if ! command -v gpg > /dev/null; then \ | ||
apt-get update; \ | ||
apt-get install -y --no-install-recommends \ | ||
gnupg \ | ||
dirmngr \ | ||
; \ | ||
rm -rf /var/lib/apt/lists/*; \ | ||
fi | ||
|
||
# explicitly set user/group IDs | ||
RUN set -eux; \ | ||
groupadd -r postgres --gid=999; \ | ||
# https://salsa.debian.org/postgresql/postgresql-common/blob/997d842ee744687d99a2b2d95c1083a2615c79e8/debian/postgresql-common.postinst#L32-35 | ||
useradd -r -g postgres --uid=999 --home-dir=/var/lib/postgresql --shell=/bin/bash postgres; \ | ||
# also create the postgres user's home directory with appropriate permissions | ||
# see https://github.com/docker-library/postgres/issues/274 | ||
mkdir -p /var/lib/postgresql; \ | ||
chown -R postgres:postgres /var/lib/postgresql | ||
|
||
# grab gosu for easy step-down from root | ||
# https://github.com/tianon/gosu/releases | ||
ENV GOSU_VERSION 1.12 | ||
RUN set -eux; \ | ||
savedAptMark="$(apt-mark showmanual)"; \ | ||
apt-get update; \ | ||
apt-get install -y --no-install-recommends ca-certificates wget; \ | ||
rm -rf /var/lib/apt/lists/*; \ | ||
dpkgArch="$(dpkg --print-architecture | awk -F- '{ print $NF }')"; \ | ||
wget -O /usr/local/bin/gosu "https://github.com/tianon/gosu/releases/download/$GOSU_VERSION/gosu-$dpkgArch"; \ | ||
wget -O /usr/local/bin/gosu.asc "https://github.com/tianon/gosu/releases/download/$GOSU_VERSION/gosu-$dpkgArch.asc"; \ | ||
export GNUPGHOME="$(mktemp -d)"; \ | ||
gpg --batch --keyserver hkps://keys.openpgp.org --recv-keys B42F6819007F00F88E364FD4036A9C25BF357DD4; \ | ||
gpg --batch --verify /usr/local/bin/gosu.asc /usr/local/bin/gosu; \ | ||
gpgconf --kill all; \ | ||
rm -rf "$GNUPGHOME" /usr/local/bin/gosu.asc; \ | ||
apt-mark auto '.*' > /dev/null; \ | ||
[ -z "$savedAptMark" ] || apt-mark manual $savedAptMark > /dev/null; \ | ||
apt-get purge -y --auto-remove -o APT::AutoRemove::RecommendsImportant=false; \ | ||
chmod +x /usr/local/bin/gosu; \ | ||
gosu --version; \ | ||
gosu nobody true | ||
|
||
# make the "en_US.UTF-8" locale so postgres will be utf-8 enabled by default | ||
RUN set -eux; \ | ||
if [ -f /etc/dpkg/dpkg.cfg.d/docker ]; then \ | ||
# if this file exists, we're likely in "debian:xxx-slim", and locales are thus being excluded so we need to remove that exclusion (since we need locales) | ||
grep -q '/usr/share/locale' /etc/dpkg/dpkg.cfg.d/docker; \ | ||
sed -ri '/\/usr\/share\/locale/d' /etc/dpkg/dpkg.cfg.d/docker; \ | ||
! grep -q '/usr/share/locale' /etc/dpkg/dpkg.cfg.d/docker; \ | ||
fi; \ | ||
apt-get update; apt-get install -y --no-install-recommends locales; rm -rf /var/lib/apt/lists/*; \ | ||
localedef -i en_US -c -f UTF-8 -A /usr/share/locale/locale.alias en_US.UTF-8 | ||
ENV LANG en_US.utf8 | ||
|
||
RUN set -eux; \ | ||
apt-get update; \ | ||
apt-get install -y --no-install-recommends \ | ||
# install "nss_wrapper" in case we need to fake "/etc/passwd" and "/etc/group" (especially for OpenShift) | ||
# https://github.com/docker-library/postgres/issues/359 | ||
# https://cwrap.org/nss_wrapper.html | ||
libnss-wrapper \ | ||
# install "xz-utils" for .sql.xz docker-entrypoint-initdb.d files | ||
xz-utils \ | ||
; \ | ||
rm -rf /var/lib/apt/lists/* | ||
|
||
RUN mkdir /docker-entrypoint-initdb.d | ||
|
||
RUN set -ex; \ | ||
# pub 4096R/ACCC4CF8 2011-10-13 [expires: 2019-07-02] | ||
# Key fingerprint = B97B 0AFC AA1A 47F0 44F2 44A0 7FCC 7D46 ACCC 4CF8 | ||
# uid PostgreSQL Debian Repository | ||
key='B97B0AFCAA1A47F044F244A07FCC7D46ACCC4CF8'; \ | ||
export GNUPGHOME="$(mktemp -d)"; \ | ||
gpg --batch --keyserver ha.pool.sks-keyservers.net --recv-keys "$key"; \ | ||
gpg --batch --export "$key" > /etc/apt/trusted.gpg.d/postgres.gpg; \ | ||
command -v gpgconf > /dev/null && gpgconf --kill all; \ | ||
rm -rf "$GNUPGHOME"; \ | ||
apt-key list | ||
|
||
ENV PG_MAJOR 13 | ||
ENV PG_VERSION 13~beta1-1.pgdg100+1 | ||
|
||
RUN set -ex; \ | ||
\ | ||
# see note below about "*.pyc" files | ||
export PYTHONDONTWRITEBYTECODE=1; \ | ||
\ | ||
dpkgArch="$(dpkg --print-architecture)"; \ | ||
case "$dpkgArch" in \ | ||
amd64 | arm64 | i386 | ppc64el) \ | ||
# arches officialy built by upstream | ||
echo "deb http://apt.postgresql.org/pub/repos/apt/ buster-pgdg main $PG_MAJOR" > /etc/apt/sources.list.d/pgdg.list; \ | ||
apt-get update; \ | ||
;; \ | ||
*) \ | ||
# we're on an architecture upstream doesn't officially build for | ||
# let's build binaries from their published source packages | ||
echo "deb-src http://apt.postgresql.org/pub/repos/apt/ buster-pgdg main $PG_MAJOR" > /etc/apt/sources.list.d/pgdg.list; \ | ||
\ | ||
case "$PG_MAJOR" in \ | ||
9.* | 10 ) ;; \ | ||
*) \ | ||
# https://github.com/docker-library/postgres/issues/484 (clang-6.0 required, only available in stretch-backports) | ||
# TODO remove this once we hit buster+ | ||
echo 'deb http://deb.debian.org/debian buster-backports main' >> /etc/apt/sources.list.d/pgdg.list; \ | ||
;; \ | ||
esac; \ | ||
\ | ||
tempDir="$(mktemp -d)"; \ | ||
cd "$tempDir"; \ | ||
\ | ||
savedAptMark="$(apt-mark showmanual)"; \ | ||
\ | ||
# build .deb files from upstream's source packages (which are verified by apt-get) | ||
apt-get update; \ | ||
# we need DEBIAN_FRONTEND on postgresql-13 for slapd ("Please enter the password for the admin entry in your LDAP directory."); see https://bugs.debian.org/929417 | ||
DEBIAN_FRONTEND=noninteractive \ | ||
apt-get build-dep -y \ | ||
postgresql-common pgdg-keyring \ | ||
"postgresql-$PG_MAJOR=$PG_VERSION" \ | ||
; \ | ||
DEB_BUILD_OPTIONS="nocheck parallel=$(nproc)" \ | ||
apt-get source --compile \ | ||
postgresql-common pgdg-keyring \ | ||
"postgresql-$PG_MAJOR=$PG_VERSION" \ | ||
; \ | ||
# we don't remove APT lists here because they get re-downloaded and removed later | ||
\ | ||
# reset apt-mark's "manual" list so that "purge --auto-remove" will remove all build dependencies | ||
# (which is done after we install the built packages so we don't have to redownload any overlapping dependencies) | ||
apt-mark showmanual | xargs apt-mark auto > /dev/null; \ | ||
apt-mark manual $savedAptMark; \ | ||
\ | ||
# create a temporary local APT repo to install from (so that dependency resolution can be handled by APT, as it should be) | ||
ls -lAFh; \ | ||
dpkg-scanpackages . > Packages; \ | ||
grep '^Package: ' Packages; \ | ||
echo "deb [ trusted=yes ] file://$tempDir ./" > /etc/apt/sources.list.d/temp.list; \ | ||
# work around the following APT issue by using "Acquire::GzipIndexes=false" (overriding "/etc/apt/apt.conf.d/docker-gzip-indexes") | ||
# Could not open file /var/lib/apt/lists/partial/_tmp_tmp.ODWljpQfkE_._Packages - open (13: Permission denied) | ||
# ... | ||
# E: Failed to fetch store:/var/lib/apt/lists/partial/_tmp_tmp.ODWljpQfkE_._Packages Could not open file /var/lib/apt/lists/partial/_tmp_tmp.ODWljpQfkE_._Packages - open (13: Permission denied) | ||
apt-get -o Acquire::GzipIndexes=false update; \ | ||
;; \ | ||
esac; \ | ||
\ | ||
apt-get install -y --no-install-recommends postgresql-common; \ | ||
sed -ri 's/#(create_main_cluster) .*$/\1 = false/' /etc/postgresql-common/createcluster.conf; \ | ||
apt-get install -y --no-install-recommends \ | ||
"postgresql-$PG_MAJOR=$PG_VERSION" \ | ||
; \ | ||
\ | ||
rm -rf /var/lib/apt/lists/*; \ | ||
\ | ||
if [ -n "$tempDir" ]; then \ | ||
# if we have leftovers from building, let's purge them (including extra, unnecessary build deps) | ||
apt-get purge -y --auto-remove; \ | ||
rm -rf "$tempDir" /etc/apt/sources.list.d/temp.list; \ | ||
fi; \ | ||
\ | ||
# some of the steps above generate a lot of "*.pyc" files (and setting "PYTHONDONTWRITEBYTECODE" beforehand doesn't propagate properly for some reason), so we clean them up manually (as long as they aren't owned by a package) | ||
find /usr -name '*.pyc' -type f -exec bash -c 'for pyc; do dpkg -S "$pyc" &> /dev/null || rm -vf "$pyc"; done' -- '{}' + | ||
|
||
# make the sample config easier to munge (and "correct by default") | ||
RUN set -eux; \ | ||
dpkg-divert --add --rename --divert "/usr/share/postgresql/postgresql.conf.sample.dpkg" "/usr/share/postgresql/$PG_MAJOR/postgresql.conf.sample"; \ | ||
cp -v /usr/share/postgresql/postgresql.conf.sample.dpkg /usr/share/postgresql/postgresql.conf.sample; \ | ||
ln -sv ../postgresql.conf.sample "/usr/share/postgresql/$PG_MAJOR/"; \ | ||
sed -ri "s!^#?(listen_addresses)\s*=\s*\S+.*!\1 = '*'!" /usr/share/postgresql/postgresql.conf.sample; \ | ||
grep -F "listen_addresses = '*'" /usr/share/postgresql/postgresql.conf.sample | ||
|
||
RUN mkdir -p /var/run/postgresql && chown -R postgres:postgres /var/run/postgresql && chmod 2777 /var/run/postgresql | ||
|
||
ENV PATH $PATH:/usr/lib/postgresql/$PG_MAJOR/bin | ||
ENV PGDATA /var/lib/postgresql/data | ||
# this 777 will be replaced by 700 at runtime (allows semi-arbitrary "--user" values) | ||
RUN mkdir -p "$PGDATA" && chown -R postgres:postgres "$PGDATA" && chmod 777 "$PGDATA" | ||
VOLUME /var/lib/postgresql/data | ||
|
||
COPY docker-entrypoint.sh /usr/local/bin/ | ||
RUN ln -s usr/local/bin/docker-entrypoint.sh / # backwards compat | ||
ENTRYPOINT ["docker-entrypoint.sh"] | ||
|
||
EXPOSE 5432 | ||
CMD ["postgres"] |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,151 @@ | ||
# vim:set ft=dockerfile: | ||
FROM alpine:3.11 | ||
|
||
# 70 is the standard uid/gid for "postgres" in Alpine | ||
# https://git.alpinelinux.org/aports/tree/main/postgresql/postgresql.pre-install?h=3.11-stable | ||
RUN set -eux; \ | ||
addgroup -g 70 -S postgres; \ | ||
adduser -u 70 -S -D -G postgres -H -h /var/lib/postgresql -s /bin/sh postgres; \ | ||
mkdir -p /var/lib/postgresql; \ | ||
chown -R postgres:postgres /var/lib/postgresql | ||
|
||
# su-exec (gosu-compatible) is installed further down | ||
|
||
# make the "en_US.UTF-8" locale so postgres will be utf-8 enabled by default | ||
# alpine doesn't require explicit locale-file generation | ||
ENV LANG en_US.utf8 | ||
|
||
RUN mkdir /docker-entrypoint-initdb.d | ||
|
||
ENV PG_MAJOR 13 | ||
ENV PG_VERSION 13beta1 | ||
ENV PG_SHA256 249ba0d0227d5393b83d397f2543354bfee579276cb1e821e9b7d904a42039e1 | ||
|
||
RUN set -ex \ | ||
\ | ||
&& apk add --no-cache --virtual .fetch-deps \ | ||
ca-certificates \ | ||
openssl \ | ||
tar \ | ||
\ | ||
&& wget -O postgresql.tar.bz2 "https://ftp.postgresql.org/pub/source/v$PG_VERSION/postgresql-$PG_VERSION.tar.bz2" \ | ||
&& echo "$PG_SHA256 *postgresql.tar.bz2" | sha256sum -c - \ | ||
&& mkdir -p /usr/src/postgresql \ | ||
&& tar \ | ||
--extract \ | ||
--file postgresql.tar.bz2 \ | ||
--directory /usr/src/postgresql \ | ||
--strip-components 1 \ | ||
&& rm postgresql.tar.bz2 \ | ||
\ | ||
&& apk add --no-cache --virtual .build-deps \ | ||
bison \ | ||
coreutils \ | ||
dpkg-dev dpkg \ | ||
flex \ | ||
gcc \ | ||
# krb5-dev \ | ||
libc-dev \ | ||
libedit-dev \ | ||
libxml2-dev \ | ||
libxslt-dev \ | ||
linux-headers \ | ||
llvm9-dev clang g++ \ | ||
make \ | ||
# openldap-dev \ | ||
openssl-dev \ | ||
# configure: error: prove not found | ||
perl-utils \ | ||
# configure: error: Perl module IPC::Run is required to run TAP tests | ||
perl-ipc-run \ | ||
# perl-dev \ | ||
# python-dev \ | ||
# python3-dev \ | ||
# tcl-dev \ | ||
util-linux-dev \ | ||
zlib-dev \ | ||
icu-dev \ | ||
\ | ||
&& cd /usr/src/postgresql \ | ||
# update "DEFAULT_PGSOCKET_DIR" to "/var/run/postgresql" (matching Debian) | ||
# see https://anonscm.debian.org/git/pkg-postgresql/postgresql.git/tree/debian/patches/51-default-sockets-in-var.patch?id=8b539fcb3e093a521c095e70bdfa76887217b89f | ||
&& awk '$1 == "#define" && $2 == "DEFAULT_PGSOCKET_DIR" && $3 == "\"/tmp\"" { $3 = "\"/var/run/postgresql\""; print; next } { print }' src/include/pg_config_manual.h > src/include/pg_config_manual.h.new \ | ||
&& grep '/var/run/postgresql' src/include/pg_config_manual.h.new \ | ||
&& mv src/include/pg_config_manual.h.new src/include/pg_config_manual.h \ | ||
&& gnuArch="$(dpkg-architecture --query DEB_BUILD_GNU_TYPE)" \ | ||
# explicitly update autoconf config.guess and config.sub so they support more arches/libcs | ||
&& wget -O config/config.guess 'https://git.savannah.gnu.org/cgit/config.git/plain/config.guess?id=7d3d27baf8107b630586c962c057e22149653deb' \ | ||
&& wget -O config/config.sub 'https://git.savannah.gnu.org/cgit/config.git/plain/config.sub?id=7d3d27baf8107b630586c962c057e22149653deb' \ | ||
# configure options taken from: | ||
# https://anonscm.debian.org/cgit/pkg-postgresql/postgresql.git/tree/debian/rules?h=9.5 | ||
&& ./configure \ | ||
--build="$gnuArch" \ | ||
# "/usr/src/postgresql/src/backend/access/common/tupconvert.c:105: undefined reference to `libintl_gettext'" | ||
# --enable-nls \ | ||
--enable-integer-datetimes \ | ||
--enable-thread-safety \ | ||
--enable-tap-tests \ | ||
# skip debugging info -- we want tiny size instead | ||
# --enable-debug \ | ||
--disable-rpath \ | ||
--with-uuid=e2fs \ | ||
--with-gnu-ld \ | ||
--with-pgport=5432 \ | ||
--with-system-tzdata=/usr/share/zoneinfo \ | ||
--prefix=/usr/local \ | ||
--with-includes=/usr/local/include \ | ||
--with-libraries=/usr/local/lib \ | ||
\ | ||
# these make our image abnormally large (at least 100MB larger), which seems uncouth for an "Alpine" (ie, "small") variant :) | ||
# --with-krb5 \ | ||
# --with-gssapi \ | ||
# --with-ldap \ | ||
# --with-tcl \ | ||
# --with-perl \ | ||
# --with-python \ | ||
# --with-pam \ | ||
--with-openssl \ | ||
--with-libxml \ | ||
--with-libxslt \ | ||
--with-icu \ | ||
--with-llvm \ | ||
&& make -j "$(nproc)" world \ | ||
&& make install-world \ | ||
&& make -C contrib install \ | ||
\ | ||
&& runDeps="$( \ | ||
scanelf --needed --nobanner --format '%n#p' --recursive /usr/local \ | ||
| tr ',' '\n' \ | ||
| sort -u \ | ||
| awk 'system("[ -e /usr/local/lib/" $1 " ]") == 0 { next } { print "so:" $1 }' \ | ||
)" \ | ||
&& apk add --no-cache --virtual .postgresql-rundeps \ | ||
$runDeps \ | ||
bash \ | ||
su-exec \ | ||
# tzdata is optional, but only adds around 1Mb to image size and is recommended by Django documentation: | ||
# https://docs.djangoproject.com/en/1.10/ref/databases/#optimizing-postgresql-s-configuration | ||
tzdata \ | ||
&& apk del .fetch-deps .build-deps \ | ||
&& cd / \ | ||
&& rm -rf \ | ||
/usr/src/postgresql \ | ||
/usr/local/share/doc \ | ||
/usr/local/share/man \ | ||
&& find /usr/local -name '*.a' -delete | ||
|
||
# make the sample config easier to munge (and "correct by default") | ||
RUN sed -ri "s!^#?(listen_addresses)\s*=\s*\S+.*!\1 = '*'!" /usr/local/share/postgresql/postgresql.conf.sample | ||
|
||
RUN mkdir -p /var/run/postgresql && chown -R postgres:postgres /var/run/postgresql && chmod 2777 /var/run/postgresql | ||
|
||
ENV PGDATA /var/lib/postgresql/data | ||
# this 777 will be replaced by 700 at runtime (allows semi-arbitrary "--user" values) | ||
RUN mkdir -p "$PGDATA" && chown -R postgres:postgres "$PGDATA" && chmod 777 "$PGDATA" | ||
VOLUME /var/lib/postgresql/data | ||
|
||
COPY docker-entrypoint.sh /usr/local/bin/ | ||
ENTRYPOINT ["docker-entrypoint.sh"] | ||
|
||
EXPOSE 5432 | ||
CMD ["postgres"] |
Oops, something went wrong.