diff --git a/.github/workflows/build-and-push.yml b/.github/workflows/build-and-push.yml index 90e931be..5dc7ee5f 100644 --- a/.github/workflows/build-and-push.yml +++ b/.github/workflows/build-and-push.yml @@ -38,6 +38,14 @@ jobs: quayio_token: "QUAY_IMAGE_SCLORG_BUILDER_TOKEN" docker_context: 16 + - dockerfile: "18/Dockerfile.c9s" + registry_namespace: "sclorg" + tag: "c9s" + image_name: "postgresql-18-c9s" + quayio_username: "QUAY_IMAGE_SCLORG_BUILDER_USERNAME" + quayio_token: "QUAY_IMAGE_SCLORG_BUILDER_TOKEN" + docker_context: 18 + - dockerfile: "16/Dockerfile.c10s" registry_namespace: "sclorg" tag: "c10s" diff --git a/.github/workflows/container-tests.yml b/.github/workflows/container-tests.yml index cc88d02b..383bea89 100644 --- a/.github/workflows/container-tests.yml +++ b/.github/workflows/container-tests.yml @@ -11,7 +11,7 @@ jobs: needs: check-readme uses: "sclorg/ci-actions/.github/workflows/container-tests.yml@main" with: - enabled-tests: '["container", "container-pytest", "openshift-4", "openshift-pytest"]' + enabled-tests: '["container", "container-pytest", "openshift-pytest"]' versions: '[ "12", "13", "15", "16", "18" ]' openshift-versions: '[ "12", "13", "15", "16", "18" ]' secrets: inherit diff --git a/18/Dockerfile.c9s b/18/Dockerfile.c9s new file mode 100644 index 00000000..12a008f9 --- /dev/null +++ b/18/Dockerfile.c9s @@ -0,0 +1,92 @@ +FROM quay.io/sclorg/s2i-core-c9s:c9s + +# PostgreSQL image for OpenShift. +# Volumes: +# * /var/lib/pgsql/data - Database cluster for PostgreSQL +# Environment: +# * $POSTGRESQL_USER - Database user name +# * $POSTGRESQL_PASSWORD - User's password +# * $POSTGRESQL_DATABASE - Name of the database to create +# * $POSTGRESQL_ADMIN_PASSWORD (Optional) - Password for the 'postgres' +# PostgreSQL administrative account + +ENV POSTGRESQL_VERSION=18 \ + POSTGRESQL_PREV_VERSION=16 \ + HOME=/var/lib/pgsql \ + PGUSER=postgres \ + APP_DATA=/opt/app-root + +ENV SUMMARY="PostgreSQL is an advanced Object-Relational database management system" \ + DESCRIPTION="PostgreSQL is an advanced Object-Relational database management system (DBMS). \ +The image contains the client and server programs that you'll need to \ +create, run, maintain and access a PostgreSQL DBMS server." + +LABEL summary="$SUMMARY" \ + description="$DESCRIPTION" \ + io.k8s.description="$DESCRIPTION" \ + io.k8s.display-name="PostgreSQL 18" \ + io.openshift.expose-services="5432:postgresql" \ + io.openshift.tags="database,postgresql,postgresql18,postgresql-18" \ + io.openshift.s2i.assemble-user="26" \ + name="sclorg/postgresql-18-c9s" \ + com.redhat.component="postgresql-18-container" \ + version="1" \ + usage="podman run -d --name postgresql_database -e POSTGRESQL_USER=user -e POSTGRESQL_PASSWORD=pass -e POSTGRESQL_DATABASE=db -p 5432:5432 sclorg/postgresql-18-c9s" \ + maintainer="SoftwareCollections.org " + +EXPOSE 5432 + +COPY root/usr/libexec/fix-permissions /usr/libexec/fix-permissions + +# This image must forever use UID 26 for postgres user so our volumes are +# safe in the future. This should *never* change, the last test is there +# to make sure of that. +RUN { yum -y module enable postgresql:18 || :; } && \ + INSTALL_PKGS="rsync tar gettext nss_wrapper-libs postgresql-server postgresql-contrib" && \ + INSTALL_PKGS="$INSTALL_PKGS pgaudit" && \ + INSTALL_PKGS="$INSTALL_PKGS procps-ng util-linux postgresql-upgrade" && \ + INSTALL_PKGS="$INSTALL_PKGS pgvector" && \ + yum -y --setopt=tsflags=nodocs install $INSTALL_PKGS && \ + rpm -V $INSTALL_PKGS && \ + postgres -V | grep -qe "$POSTGRESQL_VERSION\." && echo "Found VERSION $POSTGRESQL_VERSION" && \ + yum -y clean all --enablerepo='*' && \ + localedef -f UTF-8 -i en_US en_US.UTF-8 && \ + test "$(id postgres)" = "uid=26(postgres) gid=26(postgres) groups=26(postgres)" && \ + mkdir -p /var/lib/pgsql/data && \ + mkdir -p /run/postgresql && \ + /usr/libexec/fix-permissions /var/lib/pgsql /run/postgresql + +# Get prefix path and path to scripts rather than hard-code them in scripts +ENV CONTAINER_SCRIPTS_PATH=/usr/share/container-scripts/postgresql \ + ENABLED_COLLECTIONS= + +COPY root / +COPY ./s2i/bin/ $STI_SCRIPTS_PATH + +# Hard links are not supported in Testing Farm approach during sync to guest +# operation system. Therefore tests are failing on error +# /usr/libexec/s2i/run no such file or directory +RUN ln -s /usr/bin/run-postgresql $STI_SCRIPTS_PATH/run + +# Not using VOLUME statement since it's not working in OpenShift Online: +# https://github.com/sclorg/httpd-container/issues/30 +# VOLUME ["/var/lib/pgsql/data"] + +# S2I permission fixes +# -------------------- +# 1. unless specified otherwise (or - equivalently - we are in OpenShift), s2i +# build process would be executed as 'uid=26(postgres) gid=26(postgres)'. +# Such process wouldn't be able to execute the default 'assemble' script +# correctly (it transitively executes 'fix-permissions' script). So let's +# add the 'postgres' user into 'root' group here +# +# 2. we call fix-permissions on $APP_DATA here directly (UID=0 during build +# anyways) to assure that s2i process is actually able to _read_ the +# user-specified scripting. +RUN usermod -a -G root postgres && \ + /usr/libexec/fix-permissions --read-only "$APP_DATA" + +USER 26 + +ENTRYPOINT ["container-entrypoint"] +CMD ["run-postgresql"] diff --git a/README.md b/README.md index 5e89694c..18ef2627 100644 --- a/README.md +++ b/README.md @@ -20,7 +20,7 @@ Table start |13|
`quay.io/sclorg/postgresql-13-c9s`
|||
`registry.redhat.io/rhel8/postgresql-13`
|
`registry.redhat.io/rhel9/postgresql-13`
|| |15|
`quay.io/sclorg/postgresql-15-c9s`
||
`quay.io/fedora/postgresql-15`
|
`registry.redhat.io/rhel8/postgresql-15`
|
`registry.redhat.io/rhel9/postgresql-15`
|| |16|
`quay.io/sclorg/postgresql-16-c9s`
|
`quay.io/sclorg/postgresql-16-c10s`
|
`quay.io/fedora/postgresql-16`
|
`registry.redhat.io/rhel8/postgresql-16`
|
`registry.redhat.io/rhel9/postgresql-16`
|
`registry.redhat.io/rhel10/postgresql-16`
| -|18||
`quay.io/sclorg/postgresql-18-c10s`
|
`quay.io/fedora/postgresql-18`
||
`registry.redhat.io/rhel9/postgresql-18`
|
`registry.redhat.io/rhel10/postgresql-18`
| +|18|
`quay.io/sclorg/postgresql-18-c9s`
|
`quay.io/sclorg/postgresql-18-c10s`
|
`quay.io/fedora/postgresql-18`
||
`registry.redhat.io/rhel9/postgresql-18`
|
`registry.redhat.io/rhel10/postgresql-18`
| diff --git a/specs/multispec.yml b/specs/multispec.yml index 86d26284..6a629ab0 100644 --- a/specs/multispec.yml +++ b/specs/multispec.yml @@ -187,6 +187,7 @@ matrix: - version: "18" distros: - fedora-43-x86_64 + - centos-stream-9-x86_64 - centos-stream-10-x86_64 - rhel-9-x86_64 - rhel-10-x86_64 diff --git a/test/run-openshift-remote-cluster b/test/run-openshift-remote-cluster deleted file mode 100755 index 5b12f9ca..00000000 --- a/test/run-openshift-remote-cluster +++ /dev/null @@ -1,41 +0,0 @@ -#!/bin/bash -# -# Test the PostgreSQL image in OpenShift (remote cluster) -# -# IMAGE_NAME specifies a name of the candidate image used for testing. -# The image has to be available before this script is executed. -# VERSION specifies the major version of the PostgreSQL in format of X.Y -# OS specifies RHEL version (e.g. OS=rhel8) -# - -THISDIR=$(dirname ${BASH_SOURCE[0]}) - -source "${THISDIR}/test-lib-postgresql.sh" -source "${THISDIR}/test-lib-remote-openshift.sh" - -TEST_LIST="\ -test_postgresql_integration -test_postgresql_imagestream -run_latest_imagestreams_test -" - -trap ct_os_cleanup EXIT SIGINT - -ct_os_set_ocp4 || exit $OC_ERR - -ct_os_check_compulsory_vars || exit $OC_ERR - -ct_os_check_login || exit $OC_ERR - -ct_os_tag_image_for_cvp "postgresql" - -set -u - -# For testing on OpenShift 4 we use internal registry -export CT_OCP4_TEST=true - -TEST_SUMMARY='' -TEST_SET=${TESTS:-$TEST_LIST} ct_run_tests_from_testset "openshift-remote-cluster" - -# vim: set tabstop=2:shiftwidth=2:expandtab: - diff --git a/test/test-lib-openshift.sh b/test/test-lib-openshift.sh deleted file mode 120000 index f48003b8..00000000 --- a/test/test-lib-openshift.sh +++ /dev/null @@ -1 +0,0 @@ -../common/test-lib-openshift.sh \ No newline at end of file diff --git a/test/test-lib-postgresql.sh b/test/test-lib-postgresql.sh deleted file mode 100644 index 84f2af0f..00000000 --- a/test/test-lib-postgresql.sh +++ /dev/null @@ -1,87 +0,0 @@ -#!/bin/bash -# -# Functions for tests for the PostgreSQL image in OpenShift. -# -# IMAGE_NAME specifies a name of the candidate image used for testing. -# The image has to be available before this script is executed. -# - -THISDIR=$(dirname ${BASH_SOURCE[0]}) - -source "${THISDIR}"/test-lib.sh -source "${THISDIR}"/test-lib-openshift.sh -source "${THISDIR}"/test-lib-remote-openshift.sh - -function test_postgresql_integration() { - local service_name=postgresql - namespace_image="${OS}/postgresql-${VERSION}" - # Check if the current version is already GA - # This directory is cloned from TMT plan repo 'sclorg-tmt-plans' - local devel_file="/root/sclorg-tmt-plans/devel_images" - if [ -f "${devel_file}" ]; then - if grep -q "${OS}=postgresql-container=${VERSION}" "$devel_file" ; then - echo "This version is currently developed, so skipping this test." - return - fi - fi - TEMPLATES="postgresql-ephemeral-template.json - postgresql-persistent-template.json" - for template in $TEMPLATES; do - ct_os_test_template_app_func "${IMAGE_NAME}" \ - "${THISDIR}/examples/${template}" \ - "${service_name}" \ - "ct_os_check_cmd_internal 'registry.redhat.io/${namespace_image}' '${service_name}-testing' 'PGPASSWORD=testp pg_isready -t 15 -h -U testu -d testdb' 'accepting connections' 120" \ - "-p POSTGRESQL_VERSION=${VERSION} \ - -p DATABASE_SERVICE_NAME="${service_name}-testing" \ - -p POSTGRESQL_USER=testu \ - -p POSTGRESQL_PASSWORD=testp \ - -p POSTGRESQL_DATABASE=testdb" - done -} - -# Check the imagestream -function test_postgresql_imagestream() { - tag="-el8" - if [ "${OS}" == "rhel9" ]; then - tag="-el9" - elif [ "${OS}" == "rhel10" ]; then - tag="-el10" - fi - # Check if the current version is already GA - # This directory is cloned from TMT plan repo 'sclorg-tmt-plans' - local devel_file="/root/sclorg-tmt-plans/devel_images" - if [ -f "${devel_file}" ]; then - if grep -q "${OS}=postgresql-container=${VERSION}" "$devel_file" ; then - echo "This version is currently developed, so skipping this test." - return - fi - fi - TEMPLATES="postgresql-ephemeral-template.json - postgresql-persistent-template.json" - for template in $TEMPLATES; do - ct_os_test_image_stream_template "${THISDIR}/imagestreams/postgresql-${OS//[0-9]/}.json" "${THISDIR}/examples/${template}" postgresql "-p POSTGRESQL_VERSION=${VERSION}${tag}" - done -} - - -function run_latest_imagestreams_test() { - # Check if the current version is already GA - # This directory is cloned from TMT plan repo 'sclorg-tmt-plans' - local devel_file="/root/sclorg-tmt-plans/devel_images" - if [ -f "${devel_file}" ]; then - if grep -q "${OS}=postgresql-container=${VERSION}" "$devel_file" ; then - echo "This version is currently developed, so skipping this test." - return - fi - fi - local result=1 - # Switch to root directory of a container - echo "Testing the latest version in imagestreams" - pushd "${THISDIR}/../.." >/dev/null || return 1 - ct_check_latest_imagestreams - result=$? - popd >/dev/null || return 1 - return $result -} - -# vim: set tabstop=2:shiftwidth=2:expandtab: diff --git a/test/test-lib-remote-openshift.sh b/test/test-lib-remote-openshift.sh deleted file mode 120000 index 15003d84..00000000 --- a/test/test-lib-remote-openshift.sh +++ /dev/null @@ -1 +0,0 @@ -../common/test-lib-remote-openshift.sh \ No newline at end of file