diff --git a/.github/workflows/ami-release-nix-single.yml b/.github/workflows/ami-release-nix-single.yml index d99939f1d..500bf26d5 100644 --- a/.github/workflows/ami-release-nix-single.yml +++ b/.github/workflows/ami-release-nix-single.yml @@ -103,6 +103,8 @@ jobs: - name: Upload nix flake revision to s3 staging run: | aws s3 cp /tmp/pg_binaries.tar.gz s3://${{ secrets.ARTIFACTS_BUCKET }}/upgrades/postgres/supabase-postgres-${{ steps.process_release_version.outputs.version }}/20.04.tar.gz + aws s3 cp /tmp/pg_binaries.tar.gz s3://${{ secrets.ARTIFACTS_BUCKET }}/upgrades/postgres/supabase-postgres-${{ steps.process_release_version.outputs.version }}/24.04.tar.gz + aws s3 cp /tmp/pg_binaries.tar.gz s3://${{ secrets.ARTIFACTS_BUCKET }}/upgrades/postgres/supabase-postgres-${{ steps.process_release_version.outputs.version }}/upgrade_bundle.tar.gz - name: configure aws credentials - prod uses: aws-actions/configure-aws-credentials@v4 @@ -122,6 +124,8 @@ jobs: - name: Upload nix flake revision to s3 prod run: | aws s3 cp /tmp/pg_binaries.tar.gz s3://${{ secrets.PROD_ARTIFACTS_BUCKET }}/upgrades/postgres/supabase-postgres-${{ steps.process_release_version.outputs.version }}/20.04.tar.gz + aws s3 cp /tmp/pg_binaries.tar.gz s3://${{ secrets.PROD_ARTIFACTS_BUCKET }}/upgrades/postgres/supabase-postgres-${{ steps.process_release_version.outputs.version }}/24.04.tar.gz + aws s3 cp /tmp/pg_binaries.tar.gz s3://${{ secrets.PROD_ARTIFACTS_BUCKET }}/upgrades/postgres/supabase-postgres-${{ steps.process_release_version.outputs.version }}/upgrade_bundle.tar.gz - name: Create release uses: softprops/action-gh-release@v2 diff --git a/.github/workflows/ami-release-nix.yml b/.github/workflows/ami-release-nix.yml index bf2df0c96..0c97d8374 100644 --- a/.github/workflows/ami-release-nix.yml +++ b/.github/workflows/ami-release-nix.yml @@ -125,6 +125,8 @@ jobs: - name: Upload nix flake revision to s3 staging run: | aws s3 cp /tmp/pg_binaries.tar.gz s3://${{ secrets.ARTIFACTS_BUCKET }}/upgrades/postgres/supabase-postgres-${{ steps.process_release_version.outputs.version }}/20.04.tar.gz + aws s3 cp /tmp/pg_binaries.tar.gz s3://${{ secrets.ARTIFACTS_BUCKET }}/upgrades/postgres/supabase-postgres-${{ steps.process_release_version.outputs.version }}/24.04.tar.gz + aws s3 cp /tmp/pg_binaries.tar.gz s3://${{ secrets.ARTIFACTS_BUCKET }}/upgrades/postgres/supabase-postgres-${{ steps.process_release_version.outputs.version }}/upgrade_bundle.tar.gz - name: configure aws credentials - prod uses: aws-actions/configure-aws-credentials@v4 @@ -144,6 +146,8 @@ jobs: - name: Upload nix flake revision to s3 prod run: | aws s3 cp /tmp/pg_binaries.tar.gz s3://${{ secrets.PROD_ARTIFACTS_BUCKET }}/upgrades/postgres/supabase-postgres-${{ steps.process_release_version.outputs.version }}/20.04.tar.gz + aws s3 cp /tmp/pg_binaries.tar.gz s3://${{ secrets.PROD_ARTIFACTS_BUCKET }}/upgrades/postgres/supabase-postgres-${{ steps.process_release_version.outputs.version }}/24.04.tar.gz + aws s3 cp /tmp/pg_binaries.tar.gz s3://${{ secrets.PROD_ARTIFACTS_BUCKET }}/upgrades/postgres/supabase-postgres-${{ steps.process_release_version.outputs.version }}/upgrade_bundle.tar.gz - name: Create release uses: softprops/action-gh-release@v2 diff --git a/.github/workflows/publish-nix-pgupgrade-bin-flake-version.yml b/.github/workflows/publish-nix-pgupgrade-bin-flake-version.yml index f816415b3..c8b3abe46 100644 --- a/.github/workflows/publish-nix-pgupgrade-bin-flake-version.yml +++ b/.github/workflows/publish-nix-pgupgrade-bin-flake-version.yml @@ -66,7 +66,9 @@ jobs: - name: Upload pg_upgrade scripts to s3 staging run: | - aws s3 cp /tmp/pg_upgrade_bin.tar.gz "s3://${{ secrets.ARTIFACTS_BUCKET }}/upgrades/postgres/supabase-postgres-${{ steps.process_release_version.outputs.version }}/20.04.tar.gz" + aws s3 cp /tmp/pg_upgrade_bin.tar.gz s3://${{ secrets.ARTIFACTS_BUCKET }}/upgrades/postgres/supabase-postgres-${{ steps.process_release_version.outputs.version }}/20.04.tar.gz + aws s3 cp /tmp/pg_upgrade_bin.tar.gz s3://${{ secrets.ARTIFACTS_BUCKET }}/upgrades/postgres/supabase-postgres-${{ steps.process_release_version.outputs.version }}/24.04.tar.gz + aws s3 cp /tmp/pg_upgrade_bin.tar.gz s3://${{ secrets.ARTIFACTS_BUCKET }}/upgrades/postgres/supabase-postgres-${{ steps.process_release_version.outputs.version }}/upgrade_bundle.tar.gz - name: Slack Notification on Failure if: ${{ failure() }} @@ -113,7 +115,9 @@ jobs: - name: Upload pg_upgrade scripts to s3 prod run: | - aws s3 cp /tmp/pg_upgrade_bin.tar.gz "s3://${{ secrets.PROD_ARTIFACTS_BUCKET }}/upgrades/postgres/supabase-postgres-${{ steps.process_release_version.outputs.version }}/20.04.tar.gz" + aws s3 cp /tmp/pg_upgrade_bin.tar.gz s3://${{ secrets.PROD_ARTIFACTS_BUCKET }}/upgrades/postgres/supabase-postgres-${{ steps.process_release_version.outputs.version }}/20.04.tar.gz + aws s3 cp /tmp/pg_upgrade_bin.tar.gz s3://${{ secrets.PROD_ARTIFACTS_BUCKET }}/upgrades/postgres/supabase-postgres-${{ steps.process_release_version.outputs.version }}/24.04.tar.gz + aws s3 cp /tmp/pg_upgrade_bin.tar.gz s3://${{ secrets.PROD_ARTIFACTS_BUCKET }}/upgrades/postgres/supabase-postgres-${{ steps.process_release_version.outputs.version }}/upgrade_bundle.tar.gz - name: Slack Notification on Failure if: ${{ failure() }} diff --git a/.github/workflows/testinfra-ami-build.yml b/.github/workflows/testinfra-ami-build.yml index 321430c86..5636a34c3 100644 --- a/.github/workflows/testinfra-ami-build.yml +++ b/.github/workflows/testinfra-ami-build.yml @@ -34,8 +34,8 @@ jobs: include: - runner: arm-runner arch: arm64 - ubuntu_release: focal - ubuntu_version: 20.04 + ubuntu_release: noble + ubuntu_version: 24.04 mcpu: neoverse-n1 runs-on: ${{ matrix.runner }} timeout-minutes: 150 diff --git a/Dockerfile-15 b/Dockerfile-15 index 6acf86037..68e9f4e59 100644 --- a/Dockerfile-15 +++ b/Dockerfile-15 @@ -38,7 +38,7 @@ ARG index_advisor_release=0.2.0 ARG supautils_release=2.2.0 ARG wal_g_release=2.0.1 -FROM ubuntu:focal as base +FROM ubuntu:noble as base RUN apt update -y && apt install -y \ curl \ diff --git a/Dockerfile-kubernetes b/Dockerfile-kubernetes index 2a5e1ca1e..7337ee152 100644 --- a/Dockerfile-kubernetes +++ b/Dockerfile-kubernetes @@ -1,6 +1,6 @@ FROM alpine:3.22 -ADD ./output-cloudimg/packer-cloudimg /disk/focal.qcow2 +ADD ./output-cloudimg/packer-cloudimg /disk/image.qcow2 RUN apk add --no-cache qemu-system-aarch64 qemu-img openssh-client aavmf virtiofsd \ && truncate -s 64M /root/varstore.img \ diff --git a/Dockerfile-orioledb-17 b/Dockerfile-orioledb-17 index 4a0413cb0..41254e4f7 100644 --- a/Dockerfile-orioledb-17 +++ b/Dockerfile-orioledb-17 @@ -39,7 +39,7 @@ ARG index_advisor_release=0.2.0 ARG supautils_release=2.2.0 ARG wal_g_release=3.0.5 -FROM ubuntu:focal as base +FROM ubuntu:noble as base RUN apt update -y && apt install -y \ curl \ diff --git a/Makefile b/Makefile index 5bef8a430..96a4925ef 100644 --- a/Makefile +++ b/Makefile @@ -7,10 +7,6 @@ init: qemu-arm64-nix.pkr.hcl output-cloudimg/packer-cloudimg: ansible qemu-arm64-nix.pkr.hcl packer build -var "git_sha=$(UPSTREAM_NIX_GIT_SHA)" qemu-arm64-nix.pkr.hcl -disk/focal-raw.img: output-cloudimg/packer-cloudimg - mkdir -p disk - sudo qemu-img convert -O raw output-cloudimg/packer-cloudimg disk/focal-raw.img - alpine-image: output-cloudimg/packer-cloudimg sudo nerdctl build . -t supabase-postgres-test:$(GIT_SHA) -f ./Dockerfile-kubernetes diff --git a/README.md b/README.md index edf245bc0..a176ccec5 100644 --- a/README.md +++ b/README.md @@ -6,7 +6,7 @@ Unmodified Postgres with some useful plugins. Our goal with this repo is not to - ✅ Postgres [postgresql-15.8](https://www.postgresql.org/docs/15/index.html) - ✅ Postgres [postgresql-17.4](https://www.postgresql.org/docs/17/index.html) - ✅ Postgres [orioledb-postgresql-17_6](https://github.com/orioledb/orioledb) -- ✅ Ubuntu 20.04 (Focal Fossa). +- ✅ Ubuntu 24.04 (Noble Numbat). - ✅ [wal_level](https://www.postgresql.org/docs/current/runtime-config-wal.html) = logical and [max_replication_slots](https://www.postgresql.org/docs/current/runtime-config-replication.html) = 5. Ready for replication. - ✅ [Large Systems Extensions](https://github.com/aws/aws-graviton-getting-started#building-for-graviton-and-graviton2). Enabled for ARM images. ## Extensions @@ -115,7 +115,7 @@ Unmodified Postgres with some useful plugins. Our goal with this repo is not to | Goodie | Version | Description | | ------------- | :-------------: | ------------- | | [PgBouncer](https://www.pgbouncer.org/) | [1.19.0](http://www.pgbouncer.org/changelog.html#pgbouncer-119x) | Set up Connection Pooling. | -| [PostgREST](https://postgrest.org/en/stable/) | [v12.2.3](https://github.com/PostgREST/postgrest/releases/tag/v12.2.3) | Instantly transform your database into an RESTful API. | +| [PostgREST](https://postgrest.org/en/stable/) | [v13.0.4](https://github.com/PostgREST/postgrest/releases/tag/v13.0.4) | Instantly transform your database into an RESTful API. | | [WAL-G](https://github.com/wal-g/wal-g#wal-g) | [v2.0.1](https://github.com/wal-g/wal-g/releases/tag/v2.0.1) | Tool for physical database backup and recovery. | --> ## Install diff --git a/amazon-arm64-nix.pkr.hcl b/amazon-arm64-nix.pkr.hcl index e460dfc72..f625ac4af 100644 --- a/amazon-arm64-nix.pkr.hcl +++ b/amazon-arm64-nix.pkr.hcl @@ -1,6 +1,6 @@ variable "ami" { type = string - default = "ubuntu/images/hvm-ssd/ubuntu-focal-20.04-arm64-server-*" + default = "ubuntu/images/hvm-ssd-gp3/ubuntu-noble-24.04-arm64-server-*" } variable "profile" { @@ -115,7 +115,7 @@ source "amazon-ebssurrogate" "source" { #secret_key = "${var.aws_secret_key}" force_deregister = var.force-deregister - # Use latest official ubuntu focal ami owned by Canonical. + # Use latest official ubuntu noble ami owned by Canonical. source_ami_filter { filters = { virtualization-type = "hvm" diff --git a/ansible/files/admin_api_scripts/pg_upgrade_scripts/complete.sh b/ansible/files/admin_api_scripts/pg_upgrade_scripts/complete.sh index e170482e8..3f6f8d3d9 100755 --- a/ansible/files/admin_api_scripts/pg_upgrade_scripts/complete.sh +++ b/ansible/files/admin_api_scripts/pg_upgrade_scripts/complete.sh @@ -266,6 +266,7 @@ function complete_pg_upgrade { echo "5.1. Restarting gotrue and postgrest" retry 3 service gotrue restart retry 3 service postgrest restart + else retry 3 CI_stop_postgres || true retry 3 CI_start_postgres diff --git a/ansible/files/adminapi.sudoers.conf b/ansible/files/adminapi.sudoers.conf index ae5537715..531d47ca1 100644 --- a/ansible/files/adminapi.sudoers.conf +++ b/ansible/files/adminapi.sudoers.conf @@ -23,6 +23,7 @@ Cmnd_Alias PGBOUNCER = /bin/systemctl start pgbouncer.service, /bin/systemctl st %adminapi ALL= NOPASSWD: /bin/systemctl restart services.slice %adminapi ALL= NOPASSWD: /usr/sbin/nft -f /etc/nftables/supabase_managed.conf %adminapi ALL= NOPASSWD: /usr/bin/admin-mgr +%adminapi ALL= NOPASSWD: /usr/sbin/netplan apply %adminapi ALL= NOPASSWD: ENVOY %adminapi ALL= NOPASSWD: KONG %adminapi ALL= NOPASSWD: POSTGREST diff --git a/ansible/files/permission_check.py b/ansible/files/permission_check.py index 46f458f9a..72a1a2fe2 100644 --- a/ansible/files/permission_check.py +++ b/ansible/files/permission_check.py @@ -40,7 +40,6 @@ "backup": [{"groupname": "backup", "username": "backup"}], "list": [{"groupname": "list", "username": "list"}], "irc": [{"groupname": "irc", "username": "irc"}], - "gnats": [{"groupname": "gnats", "username": "gnats"}], "nobody": [{"groupname": "nogroup", "username": "nobody"}], "systemd-network": [ {"groupname": "systemd-network", "username": "systemd-network"} @@ -224,7 +223,6 @@ def main(): "backup", "list", "irc", - "gnats", "nobody", "systemd-network", "systemd-resolve", diff --git a/ansible/files/systemd-networkd/systemd-networkd-check-and-fix.service b/ansible/files/systemd-networkd/systemd-networkd-check-and-fix.service index 5e7094388..939edc9ce 100644 --- a/ansible/files/systemd-networkd/systemd-networkd-check-and-fix.service +++ b/ansible/files/systemd-networkd/systemd-networkd-check-and-fix.service @@ -1,5 +1,6 @@ [Unit] Description=Check if systemd-networkd has broken NDisc routes and fix +# Remove Requisite to prevent being killed when restarting networkd Requisite=systemd-networkd.service After=systemd-networkd.service diff --git a/ansible/manifest-playbook.yml b/ansible/manifest-playbook.yml index d297e6ceb..ce02c805c 100644 --- a/ansible/manifest-playbook.yml +++ b/ansible/manifest-playbook.yml @@ -24,7 +24,7 @@ - name: PostgREST - download ubuntu binary archive (arm) get_url: - url: "https://github.com/PostgREST/postgrest/releases/download/v{{ postgrest_release }}/postgrest-v{{ postgrest_release }}-ubuntu-20.04-aarch64.tar.xz" + url: "https://github.com/PostgREST/postgrest/releases/download/v{{ postgrest_release }}/postgrest-v{{ postgrest_release }}-ubuntu-aarch64.tar.xz" dest: /tmp/postgrest-{{ postgrest_release }}-arm64.tar.xz checksum: "{{ postgrest_arm_release_checksum }}" timeout: 60 diff --git a/ansible/playbook.yml b/ansible/playbook.yml index bcd47ac9b..794b69895 100644 --- a/ansible/playbook.yml +++ b/ansible/playbook.yml @@ -78,8 +78,8 @@ - install-supabase-internal when: debpkg_mode or nixpkg_mode - - name: Fix IPv6 NDisc issues - import_tasks: tasks/fix_ipv6_ndisc.yml + - name: Fix IPv6 NDisc issues (disabled) + import_tasks: tasks/fix-ipv6-ndisc.yml tags: - install-supabase-internal when: (debpkg_mode or nixpkg_mode) and (qemu_mode is undefined) diff --git a/ansible/tasks/fix_ipv6_ndisc.yml b/ansible/tasks/fix-ipv6-ndisc.yml similarity index 87% rename from ansible/tasks/fix_ipv6_ndisc.yml rename to ansible/tasks/fix-ipv6-ndisc.yml index 7489a2fe1..8953fd880 100644 --- a/ansible/tasks/fix_ipv6_ndisc.yml +++ b/ansible/tasks/fix-ipv6-ndisc.yml @@ -25,9 +25,9 @@ - name: fix Network - reload systemd systemd: - daemon_reload: yes + daemon_reload: false -- name: fix Network - enable systemd timer +- name: fix Network - ensure systemd timer is installed but disabled systemd: name: systemd-networkd-check-and-fix.timer - enabled: true + enabled: false diff --git a/ansible/tasks/setup-postgres.yml b/ansible/tasks/setup-postgres.yml index a1b7e6c7f..2fe302488 100644 --- a/ansible/tasks/setup-postgres.yml +++ b/ansible/tasks/setup-postgres.yml @@ -23,7 +23,7 @@ - name: Postgres - install server apt: - name: postgresql-{{ postgresql_major }}={{ postgresql_release }}-1.pgdg20.04+1 + name: postgresql-{{ postgresql_major }}={{ postgresql_release }}-1.pgdg24.04+1 install_recommends: no when: debpkg_mode diff --git a/ansible/tasks/setup-postgrest.yml b/ansible/tasks/setup-postgrest.yml index b786ff3c9..df9fecb32 100644 --- a/ansible/tasks/setup-postgrest.yml +++ b/ansible/tasks/setup-postgrest.yml @@ -8,7 +8,7 @@ - name: PostgREST - add Postgres PPA main apt_repository: - repo: "deb http://apt.postgresql.org/pub/repos/apt/ focal-pgdg main" + repo: "deb http://apt.postgresql.org/pub/repos/apt/ noble-pgdg {{ postgresql_major }}" state: present filename: postgresql-pgdg @@ -36,7 +36,7 @@ - name: PostgREST - remove Postgres PPA apt_repository: - repo: "deb http://apt.postgresql.org/pub/repos/apt/ focal-pgdg main" + repo: "deb http://apt.postgresql.org/pub/repos/apt/ noble-pgdg {{ postgresql_major }}" state: absent - name: postgis - ensure dependencies do not get autoremoved @@ -48,7 +48,7 @@ - name: PostgREST - download ubuntu binary archive (arm) get_url: - url: "https://github.com/PostgREST/postgrest/releases/download/v{{ postgrest_release }}/postgrest-v{{ postgrest_release }}-ubuntu-20.04-aarch64.tar.xz" + url: "https://github.com/PostgREST/postgrest/releases/download/v{{ postgrest_release }}/postgrest-v{{ postgrest_release }}-ubuntu-aarch64.tar.xz" dest: /tmp/postgrest.tar.xz checksum: "{{ postgrest_arm_release_checksum }}" timeout: 60 diff --git a/ansible/vars.yml b/ansible/vars.yml index 927e81b0e..b30469bec 100644 --- a/ansible/vars.yml +++ b/ansible/vars.yml @@ -9,19 +9,20 @@ postgres_major: # Full version strings for each major version postgres_release: - postgresorioledb-17: "17.5.1.007-orioledb" - postgres17: "17.4.1.064" - postgres15: "15.8.1.121" + postgresorioledb-17: "17.5.1.008-orioledb" + postgres17: "17.4.1.065" + postgres15: "15.8.1.122" # Non Postgres Extensions pgbouncer_release: "1.19.0" pgbouncer_release_checksum: sha256:af0b05e97d0e1fd9ad45fe00ea6d2a934c63075f67f7e2ccef2ca59e3d8ce682 -# The checksum can be found under "Assets", in the GitHub release page for each version: +# The checksum can be found under "Assets", in the GitHub release page for each version. +# The binaries used are: ubuntu-aarch64 and linux-static. # https://github.com/PostgREST/postgrest/releases -postgrest_release: "12.2.12" -postgrest_arm_release_checksum: sha256:6b2eaa5759329e024df76f79d93f6bb3d87a93de11433acc5d66aa6c96f81f90 -postgrest_x86_release_checksum: sha256:5de4092f1719da3353c40bf96c8dec6913f2254a7cd0b61cc05f233153b557d5 +postgrest_release: "13.0.4" +postgrest_arm_release_checksum: sha256:2b400200fb15eb5849267e4375fbbc516dd727afadd8786815b48074ed8c03e1 +postgrest_x86_release_checksum: sha256:a0052c8d4726f52349e0298f98da51140ef4941855548590ee88331afa617811 gotrue_release: 2.177.0 gotrue_release_checksum: sha1:664a26237618c4bfb1e33e4f03a540c3cef3e3c8 @@ -30,16 +31,16 @@ aws_cli_release: "2.23.11" salt_minion_version: 3007 -golang_version: "1.19.3" +golang_version: "1.22.11" golang_version_checksum: - arm64: sha256:99de2fe112a52ab748fb175edea64b313a0c8d51d6157dba683a6be163fd5eab - amd64: sha256:74b9640724fd4e6bb0ed2a1bc44ae813a03f1e72a4c76253e2d5c015494430ba + arm64: sha256:0fc88d966d33896384fbde56e9a8d80a305dc17a9f48f1832e061724b1719991 + amd64: sha256:9ebfcab26801fa4cf0627c6439db7a4da4d3c6766142a3dd83508240e4f21031 envoy_release: 1.28.0 envoy_release_checksum: sha1:b0a06e9cfb170f1993f369beaa5aa9d7ec679ce5 envoy_hot_restarter_release_checksum: sha1:6d43b89d266fb2427a4b51756b649883b0617eda -kong_release_target: focal # if it works, it works +kong_release_target: focal kong_deb: kong_2.8.1_arm64.deb kong_deb_checksum: sha1:2086f6ccf8454fe64435252fea4d29d736d7ec61 diff --git a/docker/Dockerfile b/docker/Dockerfile index 116377b5d..53a96029e 100644 --- a/docker/Dockerfile +++ b/docker/Dockerfile @@ -1,8 +1,8 @@ -ARG ubuntu_release=focal +ARG ubuntu_release=noble FROM ubuntu:${ubuntu_release} as base ARG ubuntu_release=flocal -ARG ubuntu_release_no=20.04 +ARG ubuntu_release_no=24.04 ARG postgresql_major=15 ARG postgresql_release=${postgresql_major}.1 diff --git a/ebssurrogate/files/sources-arm64.cfg b/ebssurrogate/files/sources-arm64.cfg index a2363773e..eed6c0f16 100644 --- a/ebssurrogate/files/sources-arm64.cfg +++ b/ebssurrogate/files/sources-arm64.cfg @@ -1,10 +1,10 @@ -deb http://REGION.clouds.ports.ubuntu.com/ubuntu-ports/ focal main restricted -deb http://REGION.clouds.ports.ubuntu.com/ubuntu-ports/ focal-updates main restricted -deb http://REGION.clouds.ports.ubuntu.com/ubuntu-ports/ focal universe -deb http://REGION.clouds.ports.ubuntu.com/ubuntu-ports/ focal-updates universe -deb http://REGION.clouds.ports.ubuntu.com/ubuntu-ports/ focal multiverse -deb http://REGION.clouds.ports.ubuntu.com/ubuntu-ports/ focal-updates multiverse -deb http://REGION.clouds.ports.ubuntu.com/ubuntu-ports/ focal-backports main restricted universe multiverse -deb http://ports.ubuntu.com/ubuntu-ports focal-security main restricted -deb http://ports.ubuntu.com/ubuntu-ports focal-security universe -deb http://ports.ubuntu.com/ubuntu-ports focal-security multiverse +deb http://REGION.clouds.ports.ubuntu.com/ubuntu-ports/ noble main restricted +deb http://REGION.clouds.ports.ubuntu.com/ubuntu-ports/ noble-updates main restricted +deb http://REGION.clouds.ports.ubuntu.com/ubuntu-ports/ noble universe +deb http://REGION.clouds.ports.ubuntu.com/ubuntu-ports/ noble-updates universe +deb http://REGION.clouds.ports.ubuntu.com/ubuntu-ports/ noble multiverse +deb http://REGION.clouds.ports.ubuntu.com/ubuntu-ports/ noble-updates multiverse +deb http://REGION.clouds.ports.ubuntu.com/ubuntu-ports/ noble-backports main restricted universe multiverse +deb http://ports.ubuntu.com/ubuntu-ports noble-security main restricted +deb http://ports.ubuntu.com/ubuntu-ports noble-security universe +deb http://ports.ubuntu.com/ubuntu-ports noble-security multiverse diff --git a/ebssurrogate/files/sources.cfg b/ebssurrogate/files/sources.cfg index ec3011807..a27be052f 100644 --- a/ebssurrogate/files/sources.cfg +++ b/ebssurrogate/files/sources.cfg @@ -1,10 +1,10 @@ -deb http://REGION.ec2.archive.ubuntu.com/ubuntu/ focal main restricted -deb http://REGION.ec2.archive.ubuntu.com/ubuntu/ focal-updates main restricted -deb http://REGION.ec2.archive.ubuntu.com/ubuntu/ focal universe -deb http://REGION.ec2.archive.ubuntu.com/ubuntu/ focal-updates universe -deb http://REGION.ec2.archive.ubuntu.com/ubuntu/ focal multiverse -deb http://REGION.ec2.archive.ubuntu.com/ubuntu/ focal-updates multiverse -deb http://REGION.ec2.archive.ubuntu.com/ubuntu/ focal-backports main restricted universe multiverse -deb http://security.ubuntu.com/ubuntu focal-security main restricted -deb http://security.ubuntu.com/ubuntu focal-security universe -deb http://security.ubuntu.com/ubuntu focal-security multiverse +deb http://REGION.ec2.archive.ubuntu.com/ubuntu/ noble main restricted +deb http://REGION.ec2.archive.ubuntu.com/ubuntu/ noble-updates main restricted +deb http://REGION.ec2.archive.ubuntu.com/ubuntu/ noble universe +deb http://REGION.ec2.archive.ubuntu.com/ubuntu/ noble-updates universe +deb http://REGION.ec2.archive.ubuntu.com/ubuntu/ noble multiverse +deb http://REGION.ec2.archive.ubuntu.com/ubuntu/ noble-updates multiverse +deb http://REGION.ec2.archive.ubuntu.com/ubuntu/ noble-backports main restricted universe multiverse +deb http://security.ubuntu.com/ubuntu noble-security main restricted +deb http://security.ubuntu.com/ubuntu noble-security universe +deb http://security.ubuntu.com/ubuntu noble-security multiverse diff --git a/ebssurrogate/scripts/chroot-bootstrap-nix.sh b/ebssurrogate/scripts/chroot-bootstrap-nix.sh index cda6bd2aa..9a623eb12 100755 --- a/ebssurrogate/scripts/chroot-bootstrap-nix.sh +++ b/ebssurrogate/scripts/chroot-bootstrap-nix.sh @@ -58,7 +58,7 @@ function update_install_packages { apt-get upgrade -y # Install OpenSSH and other packages - sudo add-apt-repository universe + sudo add-apt-repository --yes universe apt-get update apt-get install -y --no-install-recommends \ openssh-server \ @@ -157,10 +157,21 @@ function disable_fsck { # Don't request hostname during boot but set hostname function setup_hostname { - sed -i 's/gethostname()/ubuntu /g' /etc/dhcp/dhclient.conf - sed -i 's/host-name,//g' /etc/dhcp/dhclient.conf + # Set the static hostname echo "ubuntu" > /etc/hostname chmod 644 /etc/hostname + # Update netplan configuration to not send hostname + cat << EOF > /etc/netplan/01-hostname.yaml +network: + version: 2 + ethernets: + eth0: + dhcp4: true + dhcp4-overrides: + send-hostname: false +EOF + # Set proper permissions for netplan security + chmod 600 /etc/netplan/01-hostname.yaml } # Set options for the default interface @@ -172,6 +183,8 @@ network: eth0: dhcp4: true EOF + # Set proper permissions for netplan security + chmod 600 /etc/netplan/eth0.yaml } function disable_sshd_passwd_auth { diff --git a/ebssurrogate/scripts/surrogate-bootstrap-nix.sh b/ebssurrogate/scripts/surrogate-bootstrap-nix.sh index 39b8f4e82..965b1e07b 100755 --- a/ebssurrogate/scripts/surrogate-bootstrap-nix.sh +++ b/ebssurrogate/scripts/surrogate-bootstrap-nix.sh @@ -148,7 +148,7 @@ EOF } function setup_chroot_environment { - UBUNTU_VERSION=$(lsb_release -cs) # 'focal' for Ubuntu 20.04 + UBUNTU_VERSION=$(lsb_release -cs) # 'noble' for Ubuntu 24.04 # Bootstrap Ubuntu into /mnt debootstrap --arch ${ARCH} --variant=minbase "$UBUNTU_VERSION" /mnt diff --git a/nix/tools/update_readme.nu b/nix/tools/update_readme.nu index bfb46ab0a..b19c266a3 100755 --- a/nix/tools/update_readme.nu +++ b/nix/tools/update_readme.nu @@ -153,7 +153,7 @@ def update_readme [] { # Update Primary Features section let features_content = [ ($pg_versions | each {|version| create_version_link $version} | str join "\n") - "- ✅ Ubuntu 20.04 (Focal Fossa)." + "- ✅ Ubuntu 24.04 (Noble Numbat)." "- ✅ [wal_level](https://www.postgresql.org/docs/current/runtime-config-wal.html) = logical and [max_replication_slots](https://www.postgresql.org/docs/current/runtime-config-replication.html) = 5. Ready for replication." "- ✅ [Large Systems Extensions](https://github.com/aws/aws-graviton-getting-started#building-for-graviton-and-graviton2). Enabled for ARM images." ] diff --git a/qemu-arm64-nix.pkr.hcl b/qemu-arm64-nix.pkr.hcl index 192796205..352ae5c38 100644 --- a/qemu-arm64-nix.pkr.hcl +++ b/qemu-arm64-nix.pkr.hcl @@ -74,8 +74,8 @@ source "qemu" "cloudimg" { format = "qcow2" headless = true http_directory = "http" - iso_checksum = "file:https://cloud-images.ubuntu.com/focal/current/SHA256SUMS" - iso_url = "https://cloud-images.ubuntu.com/focal/current/focal-server-cloudimg-arm64.img" + iso_checksum = "file:https://cloud-images.ubuntu.com/noble/current/SHA256SUMS" + iso_url = "https://cloud-images.ubuntu.com/noble/current/noble-server-cloudimg-arm64.img" memory = 40000 qemu_binary = "qemu-system-aarch64" qemuargs = [ diff --git a/scripts/90-cleanup-qemu.sh b/scripts/90-cleanup-qemu.sh index 50d8d956f..c70c1d246 100644 --- a/scripts/90-cleanup-qemu.sh +++ b/scripts/90-cleanup-qemu.sh @@ -24,10 +24,8 @@ elif [ -n "$(command -v apt-get)" ]; then autoconf \ autotools-dev \ cmake-data \ - cpp-8 \ cpp-9 \ cpp-10 \ - gcc-8 \ gcc-9 \ gcc-10 \ git \ @@ -44,10 +42,6 @@ elif [ -n "$(command -v apt-get)" ]; then source /etc/os-release - apt-mark manual libevent-2.1-7 # required for pgbouncer - apt-get -y remove --purge ansible-core apport appstream bash-completion bcache-tools bind9-dnsutils bind9-host bind9-libs bolt btrfs-progs byobu command-not-found console-setup distro-info eject fonts-ubuntu-console friendly-recovery ftp fwupd gawk gdisk keyboard-configuration libvolume-key1 libicu66 libssl-dev lvm2 lxd-agent-loader man-db mdadm modemmanager mtd-utils nano netcat-openbsd nfs-common ntfs-3g parted pastebinit screen strace thin-provisioning-tools tmux usb-modeswitch vim vim-runtime wget whiptail xfsprogs - apt remove -y --purge libc6-dev linux-libc-dev libevent-dev libpcre3-dev libsystemd-dev - apt-get -y update apt-get -y upgrade apt-get -y autoremove diff --git a/scripts/90-cleanup.sh b/scripts/90-cleanup.sh index f2e19686d..644e5f7f6 100644 --- a/scripts/90-cleanup.sh +++ b/scripts/90-cleanup.sh @@ -24,10 +24,8 @@ elif [ -n "$(command -v apt-get)" ]; then autoconf \ autotools-dev \ cmake-data \ - cpp-8 \ cpp-9 \ cpp-10 \ - gcc-8 \ gcc-9 \ gcc-10 \ git \ @@ -36,14 +34,12 @@ elif [ -n "$(command -v apt-get)" ]; then libicu-dev \ libcgal-dev \ libgcc-9-dev \ - libgcc-8-dev \ ansible add-apt-repository --yes --remove ppa:ansible/ansible source /etc/os-release - apt-get -y remove --purge linux-headers-5.11.0-1021-aws - + apt-get -y update apt-get -y upgrade apt-get -y autoremove diff --git a/scripts/99-img_check.sh b/scripts/99-img_check.sh index 00b547641..ac958a5fc 100755 --- a/scripts/99-img_check.sh +++ b/scripts/99-img_check.sh @@ -569,7 +569,7 @@ osv=0 if [[ $OS == "Ubuntu" ]]; then ost=1 - if [[ $VER == "20.04" ]]; then + if [[ $VER == "24.04" ]]; then osv=1 elif [[ $VER == "18.04" ]]; then osv=1 diff --git a/testinfra/README.md b/testinfra/README.md index 977043c3b..6ecdeadb5 100644 --- a/testinfra/README.md +++ b/testinfra/README.md @@ -32,8 +32,8 @@ for layer in /tmp/extensions/*/layer.tar; do tar xvf "$layer" -C ansible/files/extensions --strip-components 1 done docker buildx build \ - --build-arg ubuntu_release=focal \ - --build-arg ubuntu_release_no=20.04 \ + --build-arg ubuntu_release=noble \ + --build-arg ubuntu_release_no=24.04 \ --build-arg postgresql_major=15 \ --build-arg postgresql_release=15.1 \ --build-arg CPPFLAGS=-mcpu=neoverse-n1 \ diff --git a/testinfra/test_ami_nix.py b/testinfra/test_ami_nix.py index 864ab2861..d7b3ecca7 100644 --- a/testinfra/test_ami_nix.py +++ b/testinfra/test_ami_nix.py @@ -293,6 +293,9 @@ def gzip_then_base64_encode(s: str) -> str: )[0] instance.wait_until_running() + # Increase wait time before starting health checks + sleep(30) # Wait for 30 seconds to allow services to start + ec2logger = EC2InstanceConnectLogger(debug=False) temp_key = EC2InstanceConnectKey(ec2logger.get_logger()) ec2ic = boto3.client("ec2-instance-connect", region_name="ap-southeast-1") diff --git a/tests/pg_upgrade/debug.sh b/tests/pg_upgrade/debug.sh index b05d8941d..50fb9facc 100755 --- a/tests/pg_upgrade/debug.sh +++ b/tests/pg_upgrade/debug.sh @@ -24,7 +24,7 @@ if [ ! -f "$LATEST_VERSION_SCRIPTS" ]; then fi if [ ! -f "$LATEST_VERSION_BIN" ]; then - aws s3 cp "s3://${ARTIFACTS_BUCKET_NAME}/upgrades/postgres/supabase-postgres-${LATEST_PG_VERSION}/20.04.tar.gz" "$LATEST_VERSION_BIN" + aws s3 cp "s3://${ARTIFACTS_BUCKET_NAME}/upgrades/postgres/supabase-postgres-${LATEST_PG_VERSION}/24.04.tar.gz" "$LATEST_VERSION_BIN" fi rm -rf scripts/pg_upgrade_scripts