diff --git a/ansible/playbook.yml b/ansible/playbook.yml index 0991a813a..f31e9d525 100644 --- a/ansible/playbook.yml +++ b/ansible/playbook.yml @@ -34,7 +34,7 @@ tags: - install-pgbouncer - install-supabase-internal - when: debpkg_mode or nixpkg_mode + when: debpkg_mode or nixpkg_mode or stage2_nix - name: Install WAL-G import_tasks: tasks/setup-wal-g.yml diff --git a/ansible/tasks/setup-pgbouncer.yml b/ansible/tasks/setup-pgbouncer.yml index 576061302..e33e1ae7a 100644 --- a/ansible/tasks/setup-pgbouncer.yml +++ b/ansible/tasks/setup-pgbouncer.yml @@ -76,6 +76,7 @@ - 'custom-overrides.ini' - 'generated-optimizations.ini' - 'ssl-config.ini' + when: nixpkg_mode - name: PgBouncer - adjust pgbouncer.ini ansible.builtin.copy: diff --git a/ansible/vars.yml b/ansible/vars.yml index 33ea789d2..35b9679b0 100644 --- a/ansible/vars.yml +++ b/ansible/vars.yml @@ -10,13 +10,13 @@ postgres_major: # Full version strings for each major version postgres_release: - postgresorioledb-17: "17.5.1.050-orioledb" - postgres17: "17.6.1.029" - postgres15: "15.14.1.029" + postgresorioledb-17: "17.5.1.050-orioledb-pgbouncer-124" + postgres17: "17.6.1.029-pgbouncer-124" + postgres15: "15.14.1.029-pgbouncer-124" # Non Postgres Extensions -pgbouncer_release: 1.19.0 -pgbouncer_release_checksum: sha256:af0b05e97d0e1fd9ad45fe00ea6d2a934c63075f67f7e2ccef2ca59e3d8ce682 +pgbouncer_release: 1.24.1 +pgbouncer_release_checksum: sha256:da72a3aba13072876d055a3e58dd4aba4a5de4ed6148e73033185245598fd3e0 # The checksum can be found under "Assets", in the GitHub release page for each version. # The binaries used are: ubuntu-aarch64 and linux-static. diff --git a/nix/packages/default.nix b/nix/packages/default.nix index 5aed24af9..021d78f66 100644 --- a/nix/packages/default.nix +++ b/nix/packages/default.nix @@ -33,6 +33,7 @@ cleanup-ami = pkgs.callPackage ./cleanup-ami.nix { }; dbmate-tool = pkgs.callPackage ./dbmate-tool.nix { inherit (self.supabase) defaults; }; docs = pkgs.callPackage ./docs.nix { }; + pgbouncer = pkgs.callPackage ../pgbouncer.nix { }; supabase-groonga = pkgs.callPackage ./groonga { }; http-mock-server = pkgs.callPackage ./http-mock-server.nix { }; local-infra-bootstrap = pkgs.callPackage ./local-infra-bootstrap.nix { }; diff --git a/nix/pgbouncer.nix b/nix/pgbouncer.nix new file mode 100644 index 000000000..af6b31cd4 --- /dev/null +++ b/nix/pgbouncer.nix @@ -0,0 +1,46 @@ +{ + lib, + stdenv, + fetchurl, + openssl, + libevent, + c-ares, + pkg-config, + systemd, + nixosTests, +}: + +stdenv.mkDerivation rec { + pname = "pgbouncer"; + version = "1.24.1"; + + src = fetchurl { + url = "https://www.pgbouncer.org/downloads/files/${version}/${pname}-${version}.tar.gz"; + hash = "sha256-2nKjq6EwcodtBVo+WN1Kukpd5O1hSOcwMxhSRVmP0+A="; + }; + + nativeBuildInputs = [ pkg-config ]; + buildInputs = [ + libevent + openssl + c-ares + ] ++ lib.optional stdenv.hostPlatform.isLinux systemd; + enableParallelBuilding = true; + configureFlags = lib.optional stdenv.hostPlatform.isLinux "--with-systemd"; + + passthru.tests = { + pgbouncer = nixosTests.pgbouncer; + }; + + meta = with lib; { + homepage = "https://www.pgbouncer.org/"; + mainProgram = "pgbouncer"; + description = "Lightweight connection pooler for PostgreSQL"; + changelog = "https://github.com/pgbouncer/pgbouncer/releases/tag/pgbouncer_${ + replaceStrings [ "." ] [ "_" ] version + }"; + license = licenses.isc; + maintainers = with maintainers; [ _1000101 ]; + platforms = platforms.all; + }; +} diff --git a/testinfra/test_ami_nix.py b/testinfra/test_ami_nix.py index 42442de18..0b864acc1 100644 --- a/testinfra/test_ami_nix.py +++ b/testinfra/test_ami_nix.py @@ -10,6 +10,7 @@ from ec2instanceconnectcli.EC2InstanceConnectKey import EC2InstanceConnectKey from time import sleep import paramiko +from pathlib import Path # if EXECUTION_ID is not set, use a default value that includes the user and hostname RUN_ID = os.environ.get( @@ -144,6 +145,34 @@ anon_key = "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJzdXBhYmFzZSIsInJlZiI6ImFhYWFhYWFhYWFhYWFhYWFhYWFhIiwicm9sZSI6ImFub24iLCJpYXQiOjE2OTYyMjQ5NjYsImV4cCI6MjAxMTgwMDk2Nn0.QW95aRPA-4QuLzuvaIeeoFKlJP9J2hvAIpJ3WJ6G5zo" service_role_key = "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJzdXBhYmFzZSIsInJlZiI6ImFhYWFhYWFhYWFhYWFhYWFhYWFhIiwicm9sZSI6InNlcnZpY2Vfcm9sZSIsImlhdCI6MTY5NjIyNDk2NiwiZXhwIjoyMDExODAwOTY2fQ.Om7yqv15gC3mLGitBmvFRB3M4IsLsX9fXzTQnFM7lu0" supabase_admin_key = "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJzdXBhYmFzZSIsInJlZiI6ImFhYWFhYWFhYWFhYWFhYWFhYWFhIiwicm9sZSI6InN1cGFiYXNlX2FkbWluIiwiaWF0IjoxNjk2MjI0OTY2LCJleHAiOjIwMTE4MDA5NjZ9.jrD3j2rBWiIx0vhVZzd1CXFv7qkAP392nBMadvXxk1c" + + +def load_expected_pgbouncer_version() -> str: + repo_root = Path(__file__).resolve().parent.parent + ansible_vars = repo_root / "ansible" / "vars.yml" + if ansible_vars.exists(): + with ansible_vars.open() as f: + for raw_line in f: + line = raw_line.strip() + if line.startswith("pgbouncer_release:"): + return line.split(":", 1)[1].strip().strip('"') + + nix_file = repo_root / "nix" / "pgbouncer.nix" + if nix_file.exists(): + with nix_file.open() as f: + for raw_line in f: + line = raw_line.strip() + if line.startswith("version ="): + value = line.split("=", 1)[1].strip() + return value.strip(";").strip('"') + + raise RuntimeError( + "Could not determine expected PgBouncer version from configuration files" + ) + + +EXPECTED_PGBOUNCER_VERSION = load_expected_pgbouncer_version() +PGBOUNCER_BINARY = "/nix/var/nix/profiles/per-user/pgbouncer/profile/bin/pgbouncer" init_json_content = f""" {{ "jwt_secret": "my_jwt_secret_which_is_not_so_secret", @@ -199,7 +228,7 @@ def get_ssh_connection(instance_ip, ssh_identity_file, max_retries=10): else: raise Exception("SSH test command failed") - except Exception as e: + except Exception: if attempt == max_retries - 1: raise logger.warning(