Skip to content

Commit

Permalink
t emp commit after update script is run
Browse files Browse the repository at this point in the history
Signed-off-by: John Long <[email protected]>
  • Loading branch information
jlong49 committed Jan 23, 2024
1 parent b34e4d6 commit 89ec24d
Show file tree
Hide file tree
Showing 56 changed files with 2,087 additions and 107 deletions.
4 changes: 2 additions & 2 deletions UBI/12/.versions-postgis.json
Original file line number Diff line number Diff line change
@@ -1,7 +1,7 @@
{
"BARMAN_VERSION": "3.9.0",
"IMAGE_RELEASE_VERSION": "3",
"IMAGE_RELEASE_VERSION": "4",
"POSTGIS_VERSION": "3.4.1",
"POSTGRES_VERSION": "12.17",
"UBI_VERSION": "8.9-1107"
"UBI_VERSION": "8.9-1107.1705420509"
}
4 changes: 3 additions & 1 deletion UBI/12/.versions.json
Original file line number Diff line number Diff line change
@@ -1,6 +1,8 @@
{
"BARMAN_VERSION": "3.9.0",
"IMAGE_RELEASE_VERSION": "3",
"IMAGE_RELEASE_VERSION": "4",
"POSTGRES_VERSION": "12.17",
"UBI8_VERSION": "8.9-1107.1705420509",
"UBI9_VERSION": "9.3-1476",
"UBI_VERSION": "8.9-1107"
}
Original file line number Diff line number Diff line change
@@ -1,12 +1,12 @@
# vim:set ft=dockerfile:
FROM quay.io/enterprisedb/edb-ubi:8.9-1107
FROM quay.io/enterprisedb/edb-ubi:8.9-1107.1705420509

# Do not split the description, otherwise we will see a blank space in the labels
LABEL name="PostgreSQL Container Images" \
vendor="EnterpriseDB" \
url="https://www.enterprisedb.com/" \
version="12.17" \
release="3" \
release="4" \
summary="PostgreSQL Container images." \
description="This Docker image contains PostgreSQL and Barman Cloud based on RedHat Universal Base Images (UBI) 8."

Expand Down
137 changes: 137 additions & 0 deletions UBI/12/Dockerfile.multiarch.ubi9
Original file line number Diff line number Diff line change
@@ -0,0 +1,137 @@
# vim:set ft=dockerfile:
FROM quay.io/enterprisedb/edb-ubi:9.3-1476

# Do not split the description, otherwise we will see a blank space in the labels
LABEL name="PostgreSQL Container Images" \
vendor="EnterpriseDB" \
url="https://www.enterprisedb.com/" \
version="12.17" \
release="4" \
summary="PostgreSQL Container images." \
description="This Docker image contains PostgreSQL and Barman Cloud based on RedHat Universal Base Images (UBI) 9."

COPY root/ /

ARG TARGETARCH
RUN --mount=type=secret,id=cs_token \
set -xe ; \
ARCH="${TARGETARCH}" ; \
base_url="https://download.postgresql.org/pub/repos/yum/reporpms" ; \
pg_failover_slots_pkg="pg_failover_slots_12" ; \
case $ARCH in \
amd64) \
yum -y install "${base_url}/EL-9-x86_64/pgdg-redhat-repo-latest.noarch.rpm" ; \
curl -u token:$(cat /run/secrets/cs_token) -1sLf https://downloads.enterprisedb.com/basic/enterprise/setup.rpm.sh | bash ;; \
arm64) \
yum -y install "${base_url}/EL-9-aarch64/pgdg-redhat-repo-latest.noarch.rpm" ; \
curl -u token:$(cat /run/secrets/cs_token) -1sLf https://downloads.enterprisedb.com/basic/enterprise/setup.rpm.sh | bash ;; \
ppc64le) \
curl -u token:$(cat /run/secrets/cs_token) -1sLf https://downloads.enterprisedb.com/basic/enterprise/setup.rpm.sh | bash ; \
pg_failover_slots_pkg="edb-pg12-pg-failover-slots1" ;; \
s390x) \
curl -u token:$(cat /run/secrets/cs_token) -1sLf https://downloads.enterprisedb.com/basic/edb/setup.rpm.sh | bash ; \
pg_failover_slots_pkg="edb-pg12-pg-failover-slots1" ;; \
*) \
exit 1 ;; \
esac ; \
yum -y upgrade glibc-common ; \
yum -y reinstall glibc-common ; \
rm -fr /etc/rpm/macros.image-language-conf ; \
yum -y install hostname rsync tar gettext bind-utils nss_wrapper glibc-locale-source glibc-langpack-en glibc-all-langpacks ; \
case 12 in \
11|12|13|14) \
yum -y --setopt=tsflags=nodocs install \
postgresql12-12.17 \
postgresql12-contrib-12.17 \
postgresql12-server-12.17 \
postgresql12-libs-12.17 \
pgaudit14_12 \
"$pg_failover_slots_pkg" \
;; \
15|16) \
yum -y --setopt=tsflags=nodocs install \
postgresql12-12.17 \
postgresql12-contrib-12.17 \
postgresql12-server-12.17 \
postgresql12-libs-12.17 \
;; \
*) \
exit 1 ;; \
esac ; \
rm -fr /etc/yum.repos.d/enterprisedb-*.repo ; \
rm -fr /tmp/* ; \
yum -y clean all --enablerepo='*'

# Install barman-cloud
RUN set -xe ; \
yum -y install python3.11-pip python3.11-psycopg2 ; \
pip3.11 install --upgrade pip ; \
pip3.11 install -r requirements.txt ; \
yum -y clean all --enablerepo='*'

# make the sample config easier to munge (and "correct by default")
RUN set -eux; \
sed -ri "s!^#?(listen_addresses)\s*=\s*\S+.*!\1 = '*'!" /usr/pgsql-12/share/postgresql.conf.sample; \
grep -F "listen_addresses = '*'" /usr/pgsql-12/share/postgresql.conf.sample

# prepare the environment and make sure postgres user has the correct UID
RUN set -xeu ; \
localedef -f UTF-8 -i en_US en_US.UTF-8 ; \
test "$(id postgres)" = "uid=26(postgres) gid=26(postgres) groups=26(postgres)" ; \
mkdir -p /var/run/postgresql ; \
chown postgres:postgres /var/run/postgresql ; \
chmod 0755 /var/run/postgresql

ENV PATH $PATH:/usr/pgsql-12/bin

RUN mkdir -p /var/run/postgresql && chown -R postgres:postgres /var/run/postgresql && chmod 2777 /var/run/postgresql

ENV PGDATA /var/lib/postgresql/data/pgdata
# this 777 will be replaced by 700 at runtime (allows semi-arbitrary "--user" values)
RUN mkdir -p "$PGDATA" && chown -R postgres:postgres "$PGDATA" && chmod 777 "$PGDATA"
VOLUME /var/lib/postgresql/data

RUN mkdir /docker-entrypoint-initdb.d

# Remove example certificates in pem and enc format from /usr/share/doc folder
RUN find /usr/share/doc -type f '(' -iname "*.pem" -o -iname "*.enc" ')' -exec rm -rf {} \; || true

# DoD 2.3 - remove setuid/setgid from any binary that not strictly requires it, and before doing that list them on the stdout
RUN find / -not -path "/proc/*" -perm /6000 -type f -exec ls -ld {} \; -exec chmod a-s {} \; || true

USER 26

ENTRYPOINT ["docker-entrypoint.sh"]

# We set the default STOPSIGNAL to SIGINT, which corresponds to what PostgreSQL
# calls "Fast Shutdown mode" wherein new connections are disallowed and any
# in-progress transactions are aborted, allowing PostgreSQL to stop cleanly and
# flush tables to disk, which is the best compromise available to avoid data
# corruption.
#
# Users who know their applications do not keep open long-lived idle connections
# may way to use a value of SIGTERM instead, which corresponds to "Smart
# Shutdown mode" in which any existing sessions are allowed to finish and the
# server stops when all sessions are terminated.
#
# See https://www.postgresql.org/docs/12/server-shutdown.html for more details
# about available PostgreSQL server shutdown signals.
#
# See also https://www.postgresql.org/docs/12/server-start.html for further
# justification of this as the default value, namely that the example (and
# shipped) systemd service files use the "Fast Shutdown mode" for service
# termination.
#
STOPSIGNAL SIGINT
#
# An additional setting that is recommended for all users regardless of this
# value is the runtime "--stop-timeout" (or your orchestrator/runtime's
# equivalent) for controlling how long to wait between sending the defined
# STOPSIGNAL and sending SIGKILL (which is likely to cause data corruption).
#
# The default in most runtimes (such as Docker) is 10 seconds, and the
# documentation at https://www.postgresql.org/docs/12/server-start.html notes
# that even 90 seconds may not be long enough in many instances.

EXPOSE 5432
CMD ["postgres"]
Original file line number Diff line number Diff line change
@@ -1,12 +1,12 @@
# vim:set ft=dockerfile:
FROM quay.io/enterprisedb/edb-ubi:8.9-1107
FROM quay.io/enterprisedb/edb-ubi:8.9-1107.1705420509

# Do not split the description, otherwise we will see a blank space in the labels
LABEL name="PostgreSQL Container Images" \
vendor="EnterpriseDB" \
url="https://www.enterprisedb.com/" \
version="12.17" \
release="3" \
release="4" \
summary="PostgreSQL Container images." \
description="This Docker image contains PostgreSQL and Barman Cloud based on RedHat Universal Base Images (UBI) 8."

Expand Down
129 changes: 129 additions & 0 deletions UBI/12/Dockerfile.multilang.ubi9
Original file line number Diff line number Diff line change
@@ -0,0 +1,129 @@
# vim:set ft=dockerfile:
FROM quay.io/enterprisedb/edb-ubi:9.3-1476

# Do not split the description, otherwise we will see a blank space in the labels
LABEL name="PostgreSQL Container Images" \
vendor="EnterpriseDB" \
url="https://www.enterprisedb.com/" \
version="12.17" \
release="4" \
summary="PostgreSQL Container images." \
description="This Docker image contains PostgreSQL and Barman Cloud based on RedHat Universal Base Images (UBI) 9."

COPY root/ /

ARG TARGETARCH
RUN --mount=type=secret,id=cs_token \
set -xe ; \
ARCH="${TARGETARCH}" ; \
base_url="https://download.postgresql.org/pub/repos/yum/reporpms" ; \
pg_failover_slots_pkg="pg_failover_slots_12" ; \
case $ARCH in \
amd64) \
yum -y install "${base_url}/EL-9-x86_64/pgdg-redhat-repo-latest.noarch.rpm" ; \
curl -u token:$(cat /run/secrets/cs_token) -1sLf https://downloads.enterprisedb.com/basic/enterprise/setup.rpm.sh | bash ;; \
arm64) \
yum -y install "${base_url}/EL-9-aarch64/pgdg-redhat-repo-latest.noarch.rpm" ; \
curl -u token:$(cat /run/secrets/cs_token) -1sLf https://downloads.enterprisedb.com/basic/enterprise/setup.rpm.sh | bash ;; \
ppc64le) \
curl -u token:$(cat /run/secrets/cs_token) -1sLf https://downloads.enterprisedb.com/basic/enterprise/setup.rpm.sh | bash ; \
pg_failover_slots_pkg="edb-pg12-pg-failover-slots1" ;; \
s390x) \
curl -u token:$(cat /run/secrets/cs_token) -1sLf https://downloads.enterprisedb.com/basic/edb/setup.rpm.sh | bash ; \
pg_failover_slots_pkg="edb-pg12-pg-failover-slots1" ;; \
*) \
exit 1 ;; \
esac ; \
yum -y upgrade glibc-common ; \
yum -y reinstall glibc-common ; \
rm -fr /etc/rpm/macros.image-language-conf ; \
yum -y install hostname rsync tar gettext bind-utils nss_wrapper glibc-locale-source glibc-langpack-en glibc-all-langpacks ; \
yum -y --setopt=tsflags=nodocs install \
postgresql12-12.17 \
postgresql12-contrib-12.17 \
postgresql12-server-12.17 \
postgresql12-libs-12.17 \
"$pg_failover_slots_pkg" \
; \
if [ "$PG_MAJOR" -lt "16" ]; then \
yum -y --setopt=tsflags=nodocs install \
pgaudit14_12 \
; \
fi; \
rm -fr /etc/yum.repos.d/enterprisedb-*.repo ; \
rm -fr /tmp/* ; \
yum -y clean all --enablerepo='*'

# Install barman-cloud
RUN set -xe ; \
yum -y install python3.11-pip python3.11-psycopg2 ; \
pip3.11 install --upgrade pip ; \
pip3.11 install -r requirements.txt ; \
yum -y clean all --enablerepo='*'

# make the sample config easier to munge (and "correct by default")
RUN set -eux; \
sed -ri "s!^#?(listen_addresses)\s*=\s*\S+.*!\1 = '*'!" /usr/pgsql-12/share/postgresql.conf.sample; \
grep -F "listen_addresses = '*'" /usr/pgsql-12/share/postgresql.conf.sample

# prepare the environment and make sure postgres user has the correct UID
RUN set -xeu ; \
localedef -f UTF-8 -i en_US en_US.UTF-8 ; \
test "$(id postgres)" = "uid=26(postgres) gid=26(postgres) groups=26(postgres)" ; \
mkdir -p /var/run/postgresql ; \
chown postgres:postgres /var/run/postgresql ; \
chmod 0755 /var/run/postgresql

ENV PATH $PATH:/usr/pgsql-12/bin

RUN mkdir -p /var/run/postgresql && chown -R postgres:postgres /var/run/postgresql && chmod 2777 /var/run/postgresql

ENV PGDATA /var/lib/postgresql/data/pgdata
# this 777 will be replaced by 700 at runtime (allows semi-arbitrary "--user" values)
RUN mkdir -p "$PGDATA" && chown -R postgres:postgres "$PGDATA" && chmod 777 "$PGDATA"
VOLUME /var/lib/postgresql/data

RUN mkdir /docker-entrypoint-initdb.d

# Remove example certificates in pem and enc format from /usr/share/doc folder
RUN find /usr/share/doc -type f '(' -iname "*.pem" -o -iname "*.enc" ')' -exec rm -rf {} \; || true

# DoD 2.3 - remove setuid/setgid from any binary that not strictly requires it, and before doing that list them on the stdout
RUN find / -not -path "/proc/*" -perm /6000 -type f -exec ls -ld {} \; -exec chmod a-s {} \; || true

USER 26

ENTRYPOINT ["docker-entrypoint.sh"]

# We set the default STOPSIGNAL to SIGINT, which corresponds to what PostgreSQL
# calls "Fast Shutdown mode" wherein new connections are disallowed and any
# in-progress transactions are aborted, allowing PostgreSQL to stop cleanly and
# flush tables to disk, which is the best compromise available to avoid data
# corruption.
#
# Users who know their applications do not keep open long-lived idle connections
# may way to use a value of SIGTERM instead, which corresponds to "Smart
# Shutdown mode" in which any existing sessions are allowed to finish and the
# server stops when all sessions are terminated.
#
# See https://www.postgresql.org/docs/12/server-shutdown.html for more details
# about available PostgreSQL server shutdown signals.
#
# See also https://www.postgresql.org/docs/12/server-start.html for further
# justification of this as the default value, namely that the example (and
# shipped) systemd service files use the "Fast Shutdown mode" for service
# termination.
#
STOPSIGNAL SIGINT
#
# An additional setting that is recommended for all users regardless of this
# value is the runtime "--stop-timeout" (or your orchestrator/runtime's
# equivalent) for controlling how long to wait between sending the defined
# STOPSIGNAL and sending SIGKILL (which is likely to cause data corruption).
#
# The default in most runtimes (such as Docker) is 10 seconds, and the
# documentation at https://www.postgresql.org/docs/12/server-start.html notes
# that even 90 seconds may not be long enough in many instances.

EXPOSE 5432
CMD ["postgres"]
4 changes: 2 additions & 2 deletions UBI/12/Dockerfile.postgis
Original file line number Diff line number Diff line change
@@ -1,13 +1,13 @@
# vim:set ft=dockerfile:
FROM quay.io/enterprisedb/edb-ubi:8.9-1107
FROM quay.io/enterprisedb/edb-ubi:8.9-1107.1705420509
ARG SUBSCRIPTION_NAME

# Do not split the description, otherwise we will see a blank space in the labels
LABEL name="PostgreSQL + PostGIS Container Images" \
vendor="EnterpriseDB" \
url="https://www.enterprisedb.com/" \
version="12.17" \
release="3" \
release="4" \
summary="PostgreSQL + PostGIS Container images." \
description="This Docker image contains PostgreSQL, PostGIS and Barman Cloud based on RedHat Universal Base Images (UBI) 8."

Expand Down
4 changes: 2 additions & 2 deletions UBI/12/Dockerfile.postgis-multilang
Original file line number Diff line number Diff line change
@@ -1,13 +1,13 @@
# vim:set ft=dockerfile:
FROM quay.io/enterprisedb/edb-ubi:8.9-1107
FROM quay.io/enterprisedb/edb-ubi:8.9-1107.1705420509
ARG SUBSCRIPTION_NAME

# Do not split the description, otherwise we will see a blank space in the labels
LABEL name="PostgreSQL + PostGIS Container Images" \
vendor="EnterpriseDB" \
url="https://www.enterprisedb.com/" \
version="12.17" \
release="3" \
release="4" \
summary="PostgreSQL + PostGIS Container images." \
description="This Docker image contains PostgreSQL, PostGIS and Barman Cloud based on RedHat Universal Base Images (UBI) 8."

Expand Down
4 changes: 2 additions & 2 deletions UBI/12/Dockerfile → UBI/12/Dockerfile.ubi8
Original file line number Diff line number Diff line change
@@ -1,12 +1,12 @@
# vim:set ft=dockerfile:
FROM quay.io/enterprisedb/edb-ubi:8.9-1107
FROM quay.io/enterprisedb/edb-ubi:8.9-1107.1705420509

# Do not split the description, otherwise we will see a blank space in the labels
LABEL name="PostgreSQL Container Images" \
vendor="EnterpriseDB" \
url="https://www.enterprisedb.com/" \
version="12.17" \
release="3" \
release="4" \
summary="PostgreSQL Container images." \
description="This Docker image contains PostgreSQL and Barman Cloud based on RedHat Universal Base Images (UBI) 8."

Expand Down
Loading

0 comments on commit 89ec24d

Please sign in to comment.