diff --git a/.dockerignore b/.dockerignore new file mode 100644 index 0000000000..6ff2842b87 --- /dev/null +++ b/.dockerignore @@ -0,0 +1,6 @@ +# https://docs.docker.com/build/concepts/context/#dockerignore-files +# https://docs.podman.io/en/latest/markdown/podman-build.1.html#files +/.git +/bin +/hack +!/hack/tools/queries diff --git a/.github/workflows/test.yaml b/.github/workflows/test.yaml index 496dca00f5..1f6b754518 100644 --- a/.github/workflows/test.yaml +++ b/.github/workflows/test.yaml @@ -112,9 +112,6 @@ jobs: registry.developers.crunchydata.com/crunchydata/crunchy-postgres-gis:ubi9-16.9-3.4-2520 registry.developers.crunchydata.com/crunchydata/crunchy-upgrade:ubi9-17.5-2520 registry.developers.crunchydata.com/crunchydata/crunchy-postgres-gis:ubi9-17.5-3.4-2520 - - run: go mod download - - name: Build executable - run: PGO_VERSION='${{ github.sha }}' make build-postgres-operator - name: Get pgMonitor files. run: make get-pgmonitor @@ -123,13 +120,14 @@ jobs: QUERIES_CONFIG_DIR: "${{ github.workspace }}/hack/tools/queries" # Start a Docker container with the working directory mounted. + - run: make build BUILDAH=docker - name: Start PGO run: | kubectl apply --server-side -k ./config/namespace kubectl apply --server-side -k ./config/dev hack/create-kubeconfig.sh postgres-operator pgo docker run --detach --network host --read-only \ - --volume "$(pwd):/mnt" --workdir '/mnt' --env 'PATH=/mnt/bin' \ + --volume "$(pwd):/mnt" --workdir '/mnt' \ --env 'CHECK_FOR_UPGRADES=false' \ --env 'QUERIES_CONFIG_DIR=/mnt/hack/tools/queries' \ --env 'KUBECONFIG=hack/.kube/postgres-operator/pgo' \ @@ -145,8 +143,7 @@ jobs: --env 'RELATED_IMAGE_STANDALONE_PGADMIN=registry.developers.crunchydata.com/crunchydata/crunchy-pgadmin4:ubi9-9.2-2520' \ --env 'RELATED_IMAGE_COLLECTOR=registry.developers.crunchydata.com/crunchydata/postgres-operator:ubi9-5.8.2-0' \ --env 'PGO_FEATURE_GATES=TablespaceVolumes=true,OpenTelemetryLogs=true,OpenTelemetryMetrics=true' \ - --name 'postgres-operator' ubuntu \ - postgres-operator + --name 'postgres-operator' localhost/postgres-operator - name: Install kuttl run: | curl -Lo /usr/local/bin/kubectl-kuttl https://github.com/kudobuilder/kuttl/releases/download/v0.13.0/kubectl-kuttl_0.13.0_linux_x86_64 diff --git a/Dockerfile b/Dockerfile new file mode 100644 index 0000000000..a218dfe492 --- /dev/null +++ b/Dockerfile @@ -0,0 +1,23 @@ +# Copyright 2017 - 2025 Crunchy Data Solutions, Inc. +# +# SPDX-License-Identifier: Apache-2.0 + +FROM docker.io/library/golang:bookworm AS build + +COPY licenses /licenses +COPY hack/tools/queries /opt/crunchy/conf + +WORKDIR /usr/src/app +COPY . . +ENV GOCACHE=/var/cache/go +RUN --mount=type=cache,target=/var/cache/go go build ./cmd/postgres-operator + +FROM docker.io/library/debian:bookworm + +COPY --from=build /licenses /licenses +COPY --from=build /opt/crunchy/conf /opt/crunchy/conf +COPY --from=build /usr/src/app/postgres-operator /usr/local/bin + +USER 2 + +CMD ["postgres-operator"] diff --git a/Makefile b/Makefile index a2143e736a..92ee2e6188 100644 --- a/Makefile +++ b/Makefile @@ -1,19 +1,10 @@ -PGO_IMAGE_NAME ?= postgres-operator -PGO_IMAGE_MAINTAINER ?= Crunchy Data -PGO_IMAGE_SUMMARY ?= Crunchy PostgreSQL Operator -PGO_IMAGE_DESCRIPTION ?= $(PGO_IMAGE_SUMMARY) -PGO_IMAGE_URL ?= https://www.crunchydata.com/products/crunchy-postgresql-for-kubernetes -PGO_IMAGE_PREFIX ?= localhost PGMONITOR_DIR ?= hack/tools/pgmonitor PGMONITOR_VERSION ?= v5.2.1 QUERIES_CONFIG_DIR ?= hack/tools/queries -# Buildah's "build" used to be "bud". Use the alias to be compatible for a while. -BUILDAH_BUILD ?= buildah bud - +BUILDAH ?= buildah GO ?= go -GO_BUILD = $(GO) build GO_TEST ?= $(GO) test # Ensure modules imported by `postgres-operator` and `controller-gen` are compatible @@ -25,28 +16,12 @@ ENVTEST ?= $(GO) run sigs.k8s.io/controller-runtime/tools/setup-envtest@latest KUTTL ?= $(GO) run github.com/kudobuilder/kuttl/pkg/kuttlctl/cmd/kubectl-kuttl@latest KUTTL_TEST ?= $(KUTTL) test - ##@ General -# The help target prints out all targets with their descriptions organized -# beneath their categories. The categories are represented by '##@' and the -# target descriptions by '##'. The awk command is responsible for reading the -# entire set of makefiles included in this invocation, looking for lines of the -# file as xyz: ## something, and then pretty-formatting the target and help. Then, -# if there's a line with ##@ something, that gets pretty-printed as a category. -# More info on the usage of ANSI control characters for terminal formatting: -# https://en.wikipedia.org/wiki/ANSI_escape_code#SGR_parameters -# More info on the awk command: -# http://linuxcommand.org/lc3_adv_awk.php - .PHONY: help help: ## Display this help. @awk 'BEGIN {FS = ":.*##"; printf "\nUsage:\n make \033[36m\033[0m\n"} /^[a-zA-Z_0-9-]+:.*?##/ { printf " \033[36m%-15s\033[0m %s\n", $$1, $$2 } /^##@/ { printf "\n\033[1m%s\033[0m\n", substr($$0, 5) } ' $(MAKEFILE_LIST) -.PHONY: all -all: ## Build all images -all: build-postgres-operator-image - .PHONY: setup setup: ## Run Setup needed to build images setup: get-pgmonitor @@ -103,6 +78,7 @@ clean-deprecated: ## Clean deprecated resources ##@ Deployment + .PHONY: createnamespaces createnamespaces: ## Create operator and target namespaces kubectl apply -k ./config/namespace @@ -131,7 +107,6 @@ undeploy: ## Undeploy the PostgreSQL Operator deploy-dev: ## Deploy the PostgreSQL Operator locally deploy-dev: PGO_FEATURE_GATES ?= "AllAlpha=true" deploy-dev: get-pgmonitor -deploy-dev: build-postgres-operator deploy-dev: createnamespaces kubectl apply --server-side -k ./config/dev hack/create-kubeconfig.sh postgres-operator pgo @@ -150,54 +125,22 @@ deploy-dev: createnamespaces /RELATED_IMAGE_/ { N; s,.*\(RELATED_[^[:space:]]*\).*value:[[:space:]]*\([^[:space:]]*\),\1="\2",; p; }; \ }') \ $(foreach v,$(filter RELATED_IMAGE_%,$(.VARIABLES)),$(v)="$($(v))") \ - bin/postgres-operator - -##@ Build - Binary -.PHONY: build-postgres-operator -build-postgres-operator: ## Build the postgres-operator binary - $(GO_BUILD) $(\ - ) --ldflags '-X "main.versionString=$(PGO_VERSION)"' $(\ - ) --trimpath -o bin/postgres-operator ./cmd/postgres-operator - -##@ Build - Images -.PHONY: build-postgres-operator-image -build-postgres-operator-image: ## Build the postgres-operator image -build-postgres-operator-image: PGO_IMAGE_REVISION := $(shell git rev-parse HEAD) -build-postgres-operator-image: PGO_IMAGE_TIMESTAMP := $(shell date -u +%FT%TZ) -build-postgres-operator-image: build-postgres-operator -build-postgres-operator-image: build/postgres-operator/Dockerfile - $(if $(shell (echo 'buildah version 1.24'; $(word 1,$(BUILDAH_BUILD)) --version) | sort -Vc 2>&1), \ - $(warning WARNING: old buildah does not invalidate its cache for changed labels: \ - https://github.com/containers/buildah/issues/3517)) - $(if $(IMAGE_TAG),, $(error missing IMAGE_TAG)) - $(strip $(BUILDAH_BUILD)) \ - --tag $(BUILDAH_TRANSPORT)$(PGO_IMAGE_PREFIX)/$(PGO_IMAGE_NAME):$(IMAGE_TAG) \ - --label name='$(PGO_IMAGE_NAME)' \ - --label build-date='$(PGO_IMAGE_TIMESTAMP)' \ - --label description='$(PGO_IMAGE_DESCRIPTION)' \ - --label maintainer='$(PGO_IMAGE_MAINTAINER)' \ - --label summary='$(PGO_IMAGE_SUMMARY)' \ - --label url='$(PGO_IMAGE_URL)' \ - --label vcs-ref='$(PGO_IMAGE_REVISION)' \ - --label vendor='$(PGO_IMAGE_MAINTAINER)' \ - --label io.k8s.display-name='$(PGO_IMAGE_NAME)' \ - --label io.k8s.description='$(PGO_IMAGE_DESCRIPTION)' \ - --label io.openshift.tags="postgresql,postgres,sql,nosql,crunchy" \ - --annotation org.opencontainers.image.authors='$(PGO_IMAGE_MAINTAINER)' \ - --annotation org.opencontainers.image.vendor='$(PGO_IMAGE_MAINTAINER)' \ - --annotation org.opencontainers.image.created='$(PGO_IMAGE_TIMESTAMP)' \ - --annotation org.opencontainers.image.description='$(PGO_IMAGE_DESCRIPTION)' \ - --annotation org.opencontainers.image.revision='$(PGO_IMAGE_REVISION)' \ - --annotation org.opencontainers.image.title='$(PGO_IMAGE_SUMMARY)' \ - --annotation org.opencontainers.image.url='$(PGO_IMAGE_URL)' \ - $(if $(PGO_VERSION),$(strip \ - --label release='$(PGO_VERSION)' \ - --label version='$(PGO_VERSION)' \ - --annotation org.opencontainers.image.version='$(PGO_VERSION)' \ - )) \ - --file $< --format docker --layers . + $(GO) run ./cmd/postgres-operator + +##@ Build + +.PHONY: build +build: ## Build a postgres-operator image + $(BUILDAH) build --tag localhost/postgres-operator \ + --label org.opencontainers.image.authors='Crunchy Data' \ + --label org.opencontainers.image.description='Crunchy PostgreSQL Operator' \ + --label org.opencontainers.image.revision='$(shell git rev-parse HEAD)' \ + --label org.opencontainers.image.source='https://github.com/CrunchyData/postgres-operator' \ + --label org.opencontainers.image.title='Crunchy PostgreSQL Operator' \ + . ##@ Test + .PHONY: check check: ## Run basic go tests with coverage output check: get-pgmonitor @@ -301,23 +244,3 @@ generate-rbac: ## Generate RBAC rbac:roleName='postgres-operator' \ paths='./cmd/...' paths='./internal/...' \ output:dir='config/rbac' # {directory}/role.yaml - - -##@ Release - -.PHONY: license licenses -license: licenses -licenses: ## Aggregate license files - ./bin/license_aggregator.sh ./cmd/... - -.PHONY: release-postgres-operator-image release-postgres-operator-image-labels -release-postgres-operator-image: ## Build the postgres-operator image and all its prerequisites -release-postgres-operator-image: release-postgres-operator-image-labels -release-postgres-operator-image: licenses -release-postgres-operator-image: build-postgres-operator-image -release-postgres-operator-image-labels: - $(if $(PGO_IMAGE_DESCRIPTION),, $(error missing PGO_IMAGE_DESCRIPTION)) - $(if $(PGO_IMAGE_MAINTAINER),, $(error missing PGO_IMAGE_MAINTAINER)) - $(if $(PGO_IMAGE_NAME),, $(error missing PGO_IMAGE_NAME)) - $(if $(PGO_IMAGE_SUMMARY),, $(error missing PGO_IMAGE_SUMMARY)) - $(if $(PGO_VERSION),, $(error missing PGO_VERSION)) diff --git a/bin/license_aggregator.sh b/bin/license_aggregator.sh deleted file mode 100755 index 1d044039ec..0000000000 --- a/bin/license_aggregator.sh +++ /dev/null @@ -1,45 +0,0 @@ -#!/usr/bin/env bash - -# Copyright 2021 - 2025 Crunchy Data Solutions, Inc. -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -set -eu - -# Inputs / outputs -IN_PACKAGES=("$@") -OUT_DIR=licenses - -# Clean up before we start our work -rm -rf ${OUT_DIR:?}/*/ - -# Download dependencies of the requested packages, excluding the main module. -# - https://golang.org/ref/mod#glos-main-module -module=$(go list -m) -modules=$(go list -deps -f '{{with .Module}}{{.Path}}{{"\t"}}{{.Dir}}{{end}}' "${IN_PACKAGES[@]}") -dependencies=$(grep -v "^${module}" <<< "${modules}") - -while IFS=$'\t' read -r module directory; do - licenses=$(find "${directory}" -type f -ipath '*license*' -not -name '*.go') - [ -n "${licenses}" ] || continue - - while IFS= read -r license; do - # Replace the local module directory with the module path. - # - https://golang.org/ref/mod#module-path - relative="${module}${license:${#directory}}" - - # Copy the license file with the same layout as the module. - destination="${OUT_DIR}/${relative%/*}" - install -d "${destination}" - install -m 0644 "${license}" "${destination}" - done <<< "${licenses}" -done <<< "${dependencies}" diff --git a/build/postgres-operator/Dockerfile b/build/postgres-operator/Dockerfile deleted file mode 100644 index 69c5953761..0000000000 --- a/build/postgres-operator/Dockerfile +++ /dev/null @@ -1,15 +0,0 @@ -FROM registry.access.redhat.com/ubi8/ubi-minimal - -COPY licenses /licenses - -COPY bin/postgres-operator /usr/local/bin - -RUN mkdir -p /opt/crunchy/conf - -COPY hack/tools/queries /opt/crunchy/conf - -RUN chgrp -R 0 /opt/crunchy/conf && chmod -R g=u opt/crunchy/conf - -USER 2 - -CMD ["postgres-operator"] diff --git a/go.mod b/go.mod index 8f7ea6baf4..32ae43abe4 100644 --- a/go.mod +++ b/go.mod @@ -11,7 +11,7 @@ require ( github.com/kubernetes-csi/external-snapshotter/client/v8 v8.2.0 github.com/onsi/ginkgo/v2 v2.23.4 github.com/onsi/gomega v1.36.3 - github.com/pganalyze/pg_query_go/v5 v5.1.0 + github.com/pganalyze/pg_query_go/v6 v6.1.0 github.com/pkg/errors v0.9.1 github.com/sirupsen/logrus v1.9.3 github.com/xdg-go/stringprep v1.0.4 @@ -119,7 +119,7 @@ require ( google.golang.org/genproto/googleapis/api v0.0.0-20241104194629-dd2ea8efbc28 // indirect google.golang.org/genproto/googleapis/rpc v0.0.0-20241104194629-dd2ea8efbc28 // indirect google.golang.org/grpc v1.68.0 // indirect - google.golang.org/protobuf v1.36.5 // indirect + google.golang.org/protobuf v1.36.6 // indirect gopkg.in/evanphx/json-patch.v4 v4.12.0 // indirect gopkg.in/inf.v0 v0.9.1 // indirect gopkg.in/yaml.v2 v2.4.0 // indirect diff --git a/go.sum b/go.sum index 1c0ceb0b1e..bdb543f775 100644 --- a/go.sum +++ b/go.sum @@ -120,8 +120,8 @@ github.com/onsi/ginkgo/v2 v2.23.4 h1:ktYTpKJAVZnDT4VjxSbiBenUjmlL/5QkBEocaWXiQus github.com/onsi/ginkgo/v2 v2.23.4/go.mod h1:Bt66ApGPBFzHyR+JO10Zbt0Gsp4uWxu5mIOTusL46e8= github.com/onsi/gomega v1.36.3 h1:hID7cr8t3Wp26+cYnfcjR6HpJ00fdogN6dqZ1t6IylU= github.com/onsi/gomega v1.36.3/go.mod h1:8D9+Txp43QWKhM24yyOBEdpkzN8FvJyAwecBgsU4KU0= -github.com/pganalyze/pg_query_go/v5 v5.1.0 h1:MlxQqHZnvA3cbRQYyIrjxEjzo560P6MyTgtlaf3pmXg= -github.com/pganalyze/pg_query_go/v5 v5.1.0/go.mod h1:FsglvxidZsVN+Ltw3Ai6nTgPVcK2BPukH3jCDEqc1Ug= +github.com/pganalyze/pg_query_go/v6 v6.1.0 h1:jG5ZLhcVgL1FAw4C/0VNQaVmX1SUJx71wBGdtTtBvls= +github.com/pganalyze/pg_query_go/v6 v6.1.0/go.mod h1:nvTHIuoud6e1SfrUaFwHqT0i4b5Nr+1rPWVds3B5+50= github.com/pkg/errors v0.9.1 h1:FEBLx1zS214owpjy7qsBeixbURkuhQAwrK5UwLGTwt4= github.com/pkg/errors v0.9.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0= github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4= @@ -301,8 +301,8 @@ google.golang.org/grpc v1.68.0 h1:aHQeeJbo8zAkAa3pRzrVjZlbz6uSfeOXlJNQM0RAbz0= google.golang.org/grpc v1.68.0/go.mod h1:fmSPC5AsjSBCK54MyHRx48kpOti1/jRfOlwEWywNjWA= google.golang.org/protobuf v1.26.0-rc.1/go.mod h1:jlhhOSvTdKEhbULTjvd4ARK9grFBp09yW+WbY/TyQbw= google.golang.org/protobuf v1.31.0/go.mod h1:HV8QOd/L58Z+nl8r43ehVNZIU/HEI6OcFqwMG9pJV4I= -google.golang.org/protobuf v1.36.5 h1:tPhr+woSbjfYvY6/GPufUoYizxw1cF/yFoxJ2fmpwlM= -google.golang.org/protobuf v1.36.5/go.mod h1:9fA7Ob0pmnwhb644+1+CVWFRbNajQ6iRojtC/QF5bRE= +google.golang.org/protobuf v1.36.6 h1:z1NpPI8ku2WgiWnf+t9wTPsn6eP1L7ksHUlkfLvd9xY= +google.golang.org/protobuf v1.36.6/go.mod h1:jduwjTPXsFjZGTmRluh+L6NjiWu7pchiJ2/5YcXBHnY= gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c h1:Hei/4ADfdWqJk1ZMxUNpqntNwaWcugrBjAiHlqqRiVk= gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c/go.mod h1:JHkPIbrfpd72SG/EVd6muEfDQjcINNoR0C8j2r3qZ4Q= diff --git a/internal/collector/generate.go b/internal/collector/generate.go index 3593a96f9d..0225be782b 100644 --- a/internal/collector/generate.go +++ b/internal/collector/generate.go @@ -16,7 +16,7 @@ import ( "path/filepath" "strings" - pg_query "github.com/pganalyze/pg_query_go/v5" + pg_query "github.com/pganalyze/pg_query_go/v6" "sigs.k8s.io/yaml" ) diff --git a/internal/postgres/users.go b/internal/postgres/users.go index 0caa09cb42..163f494414 100644 --- a/internal/postgres/users.go +++ b/internal/postgres/users.go @@ -13,7 +13,7 @@ import ( "encoding/json" "strings" - pg_query "github.com/pganalyze/pg_query_go/v5" + pg_query "github.com/pganalyze/pg_query_go/v6" "github.com/crunchydata/postgres-operator/internal/feature" "github.com/crunchydata/postgres-operator/internal/logging"