diff --git a/Makefile b/Makefile index 87796d5..54572a0 100644 --- a/Makefile +++ b/Makefile @@ -1,17 +1,17 @@ # Define Default if Values not exist -BASE_IMAGE ?= rockylinux:9 +BASE_IMAGE ?= rockylinux/rockylinux:9 BASEOS ?= rocky9 CONTAINERIMAGE ?= rockylinux/rockylinux:9-ubi-micro IMAGE_REPOSITORY ?= docker.io IMAGE_PATH ?= cybertec-pg-container PGVERSION ?= 17 -PGVERSION_FULL ?= 17.4 +PGVERSION_FULL ?= 17.6 OLD_PG_VERSIONS ?= 13 14 15 16 PATRONI_VERSION ?= multisite-4.0.5.1 -PGBACKREST_VERSION ?= 2.55.0 +PGBACKREST_VERSION ?= 2.56.0 POSTGIS_VERSION ?= 35 -ETCD_VERSION ?= 3.5.21 +ETCD_VERSION ?= 3.6.4 PGBOUNCER_VERSION ?= 1.24 PACKAGER ?= dnf BUILD ?= 1 @@ -20,8 +20,8 @@ IMAGE_TAG ?= $(BASEOS)-$(PGVERSION_FULL)-$(BUILD) POSTGIS_IMAGE_TAG ?= $(BASEOS)-$(PGVERSION_FULL)-$(POSTGIS_VERSION)-$(BUILD) # Public-Beta -PUBLICBETA ?= 2 -BETAVERSION ?= 17 +PUBLICBETA ?= 3 +BETAVERSION ?= 18 # Settings for the Build-Process BUILDWITH ?= docker diff --git a/docker/base/Dockerfile b/docker/base/Dockerfile index 0b7a795..8ffcbfb 100644 --- a/docker/base/Dockerfile +++ b/docker/base/Dockerfile @@ -1,6 +1,7 @@ ARG BASE_IMAGE ARG IMAGE_REPOSITORY ARG PATH +ARG BASEOS FROM $BASE_IMAGE ARG PACKAGER @@ -9,7 +10,6 @@ MAINTAINER CYBERTEC PostgreSQL International GmbH LABEL vendor="CYBERTEC PostgreSQL International GmbH" url="https://www.cybertec-postgresql.com" LABEL maintainer="Matthias Groemmer " -RUN ${PACKAGER} -y install --nodocs https://dl.fedoraproject.org/pub/epel/epel-release-latest-9.noarch.rpm vim && ${PACKAGER} -y upgrade RUN ${PACKAGER} -y install --nodocs --noplugins --setopt=install_weak_deps=0 \ bind-utils \ @@ -23,14 +23,15 @@ RUN ${PACKAGER} -y install --nodocs --noplugins --setopt=install_weak_deps=0 \ glibc-langpack-en \ openssh-clients \ openssh-server \ + dnf-plugin-config-manager \ && ${PACKAGER} -y clean all ; #Enable CRB-Repo (Powertools) RUN ${PACKAGER} -y config-manager --set-enabled crb +#Add Epel + RUN ${PACKAGER} -y install --nodocs https://dl.fedoraproject.org/pub/epel/epel-release-latest-$(rpm -E %{rhel}).noarch.rpm vim && ${PACKAGER} -y upgrade #Add PostgreSQL-Repo to Base -RUN ${PACKAGER} --nodocs --noplugins --setopt=install_weak_deps=0 install -y https://download.postgresql.org/pub/repos/yum/reporpms/EL-9-$(uname -i)/pgdg-redhat-repo-latest.noarch.rpm && ${PACKAGER} -y update && ${PACKAGER} -y clean all -RUN ${PACKAGER} -qy module disable postgresql - - - - +RUN ${PACKAGER} --nodocs --noplugins --setopt=install_weak_deps=0 install -y https://download.postgresql.org/pub/repos/yum/reporpms/EL-$(rpm -E %{rhel})-$(uname -m)/pgdg-redhat-repo-latest.noarch.rpm && ${PACKAGER} -y update && ${PACKAGER} -y clean all +RUN if [ "$BASEOS" = "rocky9" ]; then \ + ${PACKAGER} -qy module disable postgresql; \ + fi diff --git a/docker/exporter/Dockerfile b/docker/exporter/Dockerfile index de8cdbc..2b122b0 100644 --- a/docker/exporter/Dockerfile +++ b/docker/exporter/Dockerfile @@ -15,10 +15,10 @@ RUN ${PACKAGER} -y install --nodocs \ make \ && ${PACKAGER} -y clean all ; -RUN wget https://go.dev/dl/go1.23.6.linux-amd64.tar.gz && tar -xzf go1.23.6.linux-amd64.tar.gz && mv go /usr/local +RUN wget https://go.dev/dl/go1.24.4.linux-amd64.tar.gz && tar -xzf go1.24.4.linux-amd64.tar.gz && mv go /usr/local ENV PATH=$PATH:/usr/local/go/bin -RUN git clone https://github.com/cybertec-postgresql/postgres_exporter.git && cd postgres_exporter && make build; +RUN git clone https://github.com/prometheus-community/postgres_exporter.git && cd postgres_exporter && make build; FROM ${CONTAINERIMAGE} COPY --from=builder /usr/bin/dumb-init /usr/bin/dumb-init diff --git a/docker/pg-public-beta/Dockerfile b/docker/pg-public-beta/Dockerfile index 79e8d33..a346df1 100644 --- a/docker/pg-public-beta/Dockerfile +++ b/docker/pg-public-beta/Dockerfile @@ -18,7 +18,11 @@ ARG ARCH # Enable Beta-Repo RUN ${PACKAGER} config-manager --set-enabled pgdg${PGVERSION}-updates-testing \ - && ${PACKAGER} config-manager --set-enabled pgdg${PGVERSION}-source-updates-testing; + && ${PACKAGER} config-manager --set-enabled pgdg${PGVERSION}-updates-testing-source; + +# Spilo-specific +ENV PAM_OAUTH2=v1.0.1 \ + PG_PERMISSIONS=REL_1_3 # Get some Standard-Stuff RUN ${PACKAGER} -y update && ${PACKAGER} -y install --nodocs --noplugins --setopt=install_weak_deps=0 \ @@ -33,12 +37,12 @@ RUN ${PACKAGER} -y update && ${PACKAGER} -y install --nodocs --noplugins --setop python3-pip \ python3-psycopg2 \ git \ - clang \ patchutils \ binutils \ make \ cmake \ gcc \ + clang \ pam-devel \ wget \ mlocate \ @@ -53,6 +57,8 @@ RUN ${PACKAGER} -y update && ${PACKAGER} -y install --nodocs --noplugins --setop dumb-init \ libicu \ pgbackrest-${PGBACKREST_VERSION} \ + cronie \ + libcurl-devel \ && ${PACKAGER} -y clean all; # install etcdctl @@ -61,12 +67,27 @@ RUN curl -L https://github.com/coreos/etcd/releases/download/v${ETCD_VERSION}/et ENV PATHBACKUP = $PATH RUN wget https://smarden.org/runit/runit-2.1.2.tar.gz -P /package/ - -RUN pip3 install 'PyYAML<6.0' setuptools pystache loader kazoo meld3 boto python-etcd psutil requests cdiff ydiff --upgrade \ - && pip3 install patroni[kubernetes$EXTRAS]==$PATRONI_VERSION --upgrade \ +COPY cron_unprivileged.c /package/ + +RUN pip3 install 'PyYAML<6.0' setuptools pystache loader kazoo meld3 boto python-etcd psutil requests cdiff ydiff==1.4.2 --upgrade \ + && if [[ $PATRONI_VERSION == "multisite-"* ]]; then \ + git clone -b $PATRONI_VERSION https://github.com/cybertec-postgresql/patroni; \ + pip3 install ./patroni[kubernetes,etcd,etcd3]; \ + else \ + pip3 install patroni[kubernetes$EXTRAS]==$PATRONI_VERSION --upgrade; \ + fi \ && mkdir /usr/lib/postgresql \ + # Install pam_oauth2.so + && git clone -b $PAM_OAUTH2 --recurse-submodules https://github.com/zalando-pg/pam-oauth2.git && make -C pam-oauth2 install \ + && git clone -b $PG_PERMISSIONS https://github.com/cybertec-postgresql/pg_permissions.git \ + && git clone https://github.com/dimitri/pgextwlist.git \ + && git clone https://github.com/crunchydata/pgnodemx \ +\ && ${PACKAGER} -y install --nodocs --noplugins --setopt=install_weak_deps=0 postgresql${PGVERSION} libevent-devel brotli-devel libbrotli \ && ${PACKAGER} -y clean all \ +\ + # forbid creation of a main cluster when package is installed + #&& sed -ri 's/#(create_main_cluster) .*$/\1 = false/' /etc/postgresql-common/createcluster.conf \ \ # Install PostgreSQL && for version in $PG_SUPPORTED_VERSIONS; do \ @@ -75,18 +96,18 @@ RUN pip3 install 'PyYAML<6.0' setuptools pystache loader kazoo meld3 boto python # Install PostgreSQL binaries, contrib, plproxy and multiple pl's && ${PACKAGER} -y install -y postgresql${version}-contrib \ postgresql${version}-devel \ - \ # Modify for using origial-spilo scripts && ln -s /usr/pgsql-${version} /usr/lib/postgresql/${version} \ - && export PATH=$PATHBACKUP:/usr/pgsql-${version}/bin; \ + && export PATH=$PATHBACKUP:/usr/pgsql-${version}/bin; \ done \ && ${PACKAGER} -y install --nodocs --noplugins --setopt=install_weak_deps=0 glibc-static \ && ${PACKAGER} -y clean all; + RUN gcc -s -shared -fPIC -o /usr/local/lib/cron_unprivileged.so /package/cron_unprivileged.c RUN cd /package && tar -xvzf runit-2.1.2.tar.gz && rm runit-2.1.2.tar.gz \ && cd admin/runit-2.1.2 && package/install \ && ln -s /usr/local/bin/runsvdir /usr/bin/runsvdir \ - && rm -rf /pg_permissions* /pgextwlist /pg_stat_kcache /pgnodemx /timescaledb /set_user /pam-oauth2 \ + && rm -rf /pg_permissions /pgextwlist /pg_stat_kcache /pgnodemx /timescaledb /pam-oauth2 \ && rm /etc/pgbackrest.conf && rm -rf /var/spool/pgbackrest \ && ${PACKAGER} -y remove $(rpm -qa "*devel*") python3-pip python3-wheel python3-dev python3-setuptools git patchutils flatpak glibc-static gcc glibc-devel \ && ${PACKAGER} -y autoremove \ @@ -131,6 +152,7 @@ RUN rm -rf /etc/service && mkdir /home/postgres/pgdata && chown -R postgres:post chmod 755 $d/* \ && ln -s /run/supervise/$(basename $d) $d/supervise; \ done \ + && chmod +r /etc/motd \ && ln -snf $RW_DIR/service /etc/service \ #&& ln -s $RW_DIR/pam.d-postgresql /etc/pam.d/postgresql \ && ln -s $RW_DIR/postgres.yml $PGHOME/postgres.yml \ @@ -149,7 +171,7 @@ RUN rm -rf /etc/service && mkdir /home/postgres/pgdata && chown -R postgres:post do echo "export $e" >> /etc/bash.bashrc; \ done \ && ln -s /etc/skel/.bashrc $PGHOME/.bashrc \ - && echo "source /etc/motd" >> /root/.bashrc \ + && echo "source /etc/motd" >> /home/postgres/.bashrc \ # Allow users in the root group to access the following files and dirs && if [ "$COMPRESS" != "true" ]; then \ chmod 664 /etc/passwd \ @@ -165,6 +187,6 @@ COPY launcher/postgres/launch.sh / ENTRYPOINT ["/scripts/nss_wrapper/nss_wrapper.sh"] -USER 26 +USER postgres -CMD ["/bin/sh", "/launch.sh", "init"] \ No newline at end of file +CMD ["/bin/sh", "/launch.sh", "init"] diff --git a/docker/pgbackrest-public-beta/Dockerfile b/docker/pgbackrest-public-beta/Dockerfile index 669f8d4..bfc813f 100644 --- a/docker/pgbackrest-public-beta/Dockerfile +++ b/docker/pgbackrest-public-beta/Dockerfile @@ -11,11 +11,11 @@ ARG PGBACKREST_VERSION ARG PGVERSION ARG OLD_PG_VERSIONS ARG PG_SUPPORTED_VERSIONS="$OLD_PG_VERSIONS $PGVERSION" +ARG ARCH # Enable Beta-Repo RUN ${PACKAGER} config-manager --set-enabled pgdg${PGVERSION}-updates-testing \ - && ${PACKAGER} config-manager --set-enabled pgdg${PGVERSION}-source-updates-testing \ - && ${PACKAGER} -y update; + && ${PACKAGER} config-manager --set-enabled pgdg${PGVERSION}-updates-testing-source; RUN ${PACKAGER} -y install --nodocs \ --setopt=skip_missing_names_on_install=False \ @@ -42,7 +42,7 @@ RUN rm /etc/pgbackrest.conf RUN rm -rf /var/spool/pgbackrest # Add kubectl -RUN curl -LO https://dl.k8s.io/release/v1.30.0/bin/linux/amd64/kubectl && chmod +x kubectl +RUN curl -LO "https://dl.k8s.io/release/$(curl -L -s https://dl.k8s.io/release/stable.txt)/bin/linux/${ARCH}/kubectl" && chmod +x kubectl RUN mkdir -p /tmp/pgsql && cp -r /usr/pgsql* /tmp/pgsql RUN mkdir -p /tmp/pg && cp -r /usr/bin/pg* /tmp/pg @@ -158,6 +158,6 @@ VOLUME ["sshd", "/home/postgres/pgdata", "/backrestrepo"] ENTRYPOINT ["/scripts/nss_wrapper/nss_wrapper.sh"] -USER 26 +USER postgres CMD ["dumb-init", "/launch.sh", "init"] diff --git a/docker/pgbackrest/Dockerfile b/docker/pgbackrest/Dockerfile index 17d5c8d..37ea857 100644 --- a/docker/pgbackrest/Dockerfile +++ b/docker/pgbackrest/Dockerfile @@ -24,7 +24,7 @@ RUN ${PACKAGER} -y install --nodocs \ dumb-init \ jq \ pgbackrest-${PGBACKREST_VERSION} \ - && ${PACKAGER} -y clean all ; + && ${PACKAGER} -y clean all; # Install postgres-server RUN ${PACKAGER} -y update \