Skip to content

feat: add Dockerfile-supabase and rework Dockerfile-multigres as layered images #2160

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
mkindahl wants to merge 1 commit into
base: develop
Choose a base branch
from
Open

feat: add Dockerfile-supabase and rework Dockerfile-multigres as layered images #2160

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
57 changes: 42 additions & 15 deletions .github/workflows/docker-image-test.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -61,11 +61,24 @@ jobs:
fail-fast: false
matrix:
include:
- { dockerfile: Dockerfile-15, target: "", name: 15 }
- { dockerfile: Dockerfile-17, target: "", name: 17 }
- { dockerfile: Dockerfile-orioledb-17, target: "", name: orioledb-17 }
- { dockerfile: Dockerfile-multigres, target: variant-17, name: multigres-17 }
- { dockerfile: Dockerfile-multigres, target: variant-orioledb-17, name: multigres-orioledb-17 }
# CHANGED: Dockerfile-15/17 replaced by parameterised Dockerfile-supabase.
# pg_version is passed as --build-arg PG_VERSION to select the PostgreSQL version.
- dockerfile: Dockerfile-supabase
name: 15
pg_version: "15"
- dockerfile: Dockerfile-supabase
name: 17
pg_version: "17"
- dockerfile: Dockerfile-orioledb-17
name: orioledb-17
pg_version: "17"
# CHANGED: base_dockerfile causes the build step to build the supabase base image
# locally first and pass it as SUPABASE_IMAGE. The variant-orioledb-17 entry was
# removed — that target does not exist in Dockerfile-multigres.
- dockerfile: Dockerfile-multigres
name: multigres-17
pg_version: "17"
base_dockerfile: Dockerfile-supabase
steps:
- name: Checkout Repo
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
Expand All @@ -89,32 +102,45 @@ jobs:
- name: Build Docker image
run: |
echo "Building ${{ matrix.name }}..."
TARGET_ARG=""
if [ -n "${{ matrix.target }}" ]; then
TARGET_ARG="--target ${{ matrix.target }}"
# CHANGED: pass PG_VERSION for Dockerfile-supabase and Dockerfile-multigres builds.
PG_VERSION_ARG=""
if [ -n "${{ matrix.pg_version }}" ]; then
PG_VERSION_ARG="--build-arg PG_VERSION=${{ matrix.pg_version }}"
fi
docker build -f "${{ matrix.dockerfile }}" $TARGET_ARG \
# CHANGED: layered images (multigres) need their base image available locally.
# Each matrix job runs on an isolated runner, so we build the base inline here
# and pass it as SUPABASE_IMAGE rather than pulling from a registry.
BASE_IMAGE_ARG=""
if [ -n "${{ matrix.base_dockerfile }}" ]; then
docker build -f "${{ matrix.base_dockerfile }}" \
--build-arg PG_VERSION=${{ matrix.pg_version }} \
--target production \
-t "pg-docker-test:base-${{ matrix.name }}" \
.
BASE_IMAGE_ARG="--build-arg SUPABASE_IMAGE=pg-docker-test:base-${{ matrix.name }}"
fi
docker build -f "${{ matrix.dockerfile }}" --target production $PG_VERSION_ARG $BASE_IMAGE_ARG \
-t "pg-docker-test:${{ matrix.name }}" \
-t "supabase-postgres:${{ matrix.name }}-analyze" \
.

- name: Run image size analysis
if: ${{ matrix.target == '' }}
if: ${{ matrix.base_dockerfile == '' }}
run: |
echo "=== Image Size Analysis for ${{ matrix.name }} ==="
nix run --accept-flake-config .#image-size-analyzer -- --image Dockerfile-${{ matrix.name }} --no-build
nix run --accept-flake-config .#image-size-analyzer -- --image ${{ matrix.dockerfile }} --pg-version ${{ matrix.pg_version }} --no-build

- name: Run Docker image tests
if: ${{ matrix.target == '' }}
if: ${{ matrix.base_dockerfile == '' }}
run: |
echo "=== Running tests for ${{ matrix.name }} ==="
nix run --accept-flake-config .#docker-image-test -- --no-build Dockerfile-${{ matrix.name }}
nix run --accept-flake-config .#docker-image-test -- --no-build --pg-version ${{ matrix.pg_version }} ${{ matrix.dockerfile }}

- name: Run multigres Docker image tests
if: ${{ matrix.target != '' }}
if: ${{ matrix.base_dockerfile != '' }}
run: |
echo "=== Running tests for ${{ matrix.name }} ==="
nix run --accept-flake-config .#docker-image-test -- --no-build --target ${{ matrix.target }} ${{ matrix.dockerfile }}
nix run --accept-flake-config .#docker-image-test -- --no-build --target production ${{ matrix.dockerfile }}

- name: Show container logs on failure
if: failure()
Expand All @@ -130,6 +156,7 @@ jobs:
run: |
docker ps -a --filter "name=pg-test-${{ matrix.name }}" -q | xargs -r docker rm -f || true
docker rmi "pg-docker-test:${{ matrix.name }}" || true
docker rmi "pg-docker-test:base-${{ matrix.name }}" || true # CHANGED: remove ephemeral base image built for layered builds
docker rmi "supabase-postgres:${{ matrix.name }}-analyze" || true

skip-notification:
Expand Down
148 changes: 58 additions & 90 deletions .github/workflows/dockerhub-release-matrix.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -19,52 +19,29 @@ jobs:
runs-on: blacksmith-4vcpu-ubuntu-2404
outputs:
matrix_config: ${{ steps.set-matrix.outputs.matrix_config }}
base_matrix: ${{ steps.set-matrix.outputs.base_matrix }}
layered_matrix: ${{ steps.set-matrix.outputs.layered_matrix }}
steps:
- name: Checkout Repo
uses: supabase/postgres/.github/actions/shared-checkout@HEAD
- uses: ./.github/actions/nix-install-ephemeral
- name: Generate build matrix
id: set-matrix
run: |
nix run nixpkgs#nushell -- -c 'let versions = (open ansible/vars.yml | get postgres_major)
let base_matrix = ($versions | each { |ver|
let version = ($ver | str trim)
let dockerfile = $"Dockerfile-($version)"
if ($dockerfile | path exists) {
{
version: $version,
dockerfile: $dockerfile,
target: "production"
}
} else {
null
}
} | compact)

# Discover multigres variants by checking for matching targets in Dockerfile-multigres
let multigres_matrix = ($versions | each { |ver|
let version = ($ver | str trim)
let mg_version = $"multigres-($version)"
let mg_dockerfile = "Dockerfile-multigres"
let mg_target = $"variant-($version)"
if ($mg_dockerfile | path exists) and (open --raw $mg_dockerfile | str contains $"AS ($mg_target)") {
{
version: $mg_version,
dockerfile: $mg_dockerfile,
target: $mg_target
}
} else {
null
}
} | compact)

let matrix = ($base_matrix | append $multigres_matrix)

let matrix_config = {
include: $matrix
}

$"matrix_config=($matrix_config | to json -r)" | save --append $env.GITHUB_OUTPUT'
nix run nixpkgs#nushell -- -c '
let releases = (open ansible/vars.yml | get postgres_release)
let base = (open ansible/vars.yml | get release_matrix_base
| each { |e| $e | insert tag ($releases | get $e.release_key) })
let layered = (open ansible/vars.yml | get release_matrix_layered
| each { |e|
let ver = ($releases | get $e.release_key)
$e | insert tag $"($ver)($e.tag_suffix)" | insert base_tag $ver
})
let combined = ($base | append $layered)
$"base_matrix=({include: $base} | to json -r)" | save --append $env.GITHUB_OUTPUT
$"layered_matrix=({include: $layered} | to json -r)" | save --append $env.GITHUB_OUTPUT
$"matrix_config=({include: $combined} | to json -r)" | save --append $env.GITHUB_OUTPUT
'
build:
needs: prepare
strategy:
Expand All @@ -89,11 +66,11 @@ jobs:
| str join "\n"
| save --append $env.GITHUB_OUTPUT
'
build_release_image:
build_base_images:
needs: [prepare, build]
strategy:
matrix:
postgres: ${{ fromJson(needs.prepare.outputs.matrix_config).include }}
postgres: ${{ fromJson(needs.prepare.outputs.base_matrix).include }}
arch: [amd64, arm64]
runs-on: ${{ matrix.arch == 'amd64' && 'large-linux-x86' || 'large-linux-arm' }}
timeout-minutes: 180
Expand All @@ -109,52 +86,56 @@ jobs:
with:
username: ${{ secrets.DOCKER_USERNAME }}
password: ${{ secrets.DOCKER_PASSWORD }}
- name: Get image tag
id: image
run: |
if [[ "${{ matrix.arch }}" == "arm64" ]]; then
pg_version=$(nix run nixpkgs#nushell -- -c '
let version = "${{ matrix.postgres.version }}"
let is_multigres = ($version | str starts-with "multigres-")
let base_version = if $is_multigres { $version | str replace "multigres-" "" } else { $version }
let release_key = if ($base_version | str contains "orioledb") {
$"postgresorioledb-17"
} else {
$"postgres($base_version)"
}
let base_tag = (open ansible/vars.yml | get postgres_release | get $release_key | str trim)
if $is_multigres { $"($base_tag)-multigres" } else { $base_tag }
')
echo "pg_version=supabase/postgres:$pg_version" >> $GITHUB_OUTPUT
else
pg_version=$(nix run nixpkgs#nushell -- -c '
let version = "${{ matrix.postgres.version }}"
let is_multigres = ($version | str starts-with "multigres-")
let base_version = if $is_multigres { $version | str replace "multigres-" "" } else { $version }
let release_key = if ($base_version | str contains "orioledb") {
$"postgresorioledb-17"
} else {
$"postgres($base_version)"
}
let base_tag = (open ansible/vars.yml | get postgres_release | get $release_key | str trim)
if $is_multigres { $"($base_tag)-multigres" } else { $base_tag }
')
echo "pg_version=supabase/postgres:$pg_version" >> $GITHUB_OUTPUT
fi
- id: build
uses: docker/build-push-action@ca052bb54ab0790a636c9b5f226502c73d547a25 # v5.4.0
with:
push: true
build-args: |
${{ needs.build.outputs.build_args }}
PG_VERSION=${{ matrix.postgres.pg_version }}
target: ${{ matrix.postgres.target }}
tags: ${{ steps.image.outputs.pg_version }}_${{ matrix.arch }}
tags: supabase/postgres:${{ matrix.postgres.tag }}_${{ matrix.arch }}
platforms: linux/${{ matrix.arch }}
cache-from: type=gha,scope=${{ github.ref_name }}-latest-${{ matrix.arch }}
cache-to: type=gha,mode=max,scope=${{ github.ref_name }}-latest-${{ matrix.arch }}
file: ${{ matrix.postgres.dockerfile }}

build_layered_images:
needs: [prepare, build, build_base_images]
strategy:
matrix:
postgres: ${{ fromJson(needs.prepare.outputs.layered_matrix).include }}
arch: [amd64, arm64]
runs-on: ${{ matrix.arch == 'amd64' && 'large-linux-x86' || 'large-linux-arm' }}
timeout-minutes: 180
steps:
- name: Checkout Repo
uses: supabase/postgres/.github/actions/shared-checkout@HEAD
- uses: ./.github/actions/nix-install-ephemeral
- run: docker context create builders
- uses: docker/setup-buildx-action@8d2750c68a42422c14e847fe6c8ac0403b4cbd6f # v3.12.0
with:
endpoint: builders
- uses: docker/login-action@465a07811f14bebb1938fbed4728c6a1ff8901fc # v2.2.0
with:
username: ${{ secrets.DOCKER_USERNAME }}
password: ${{ secrets.DOCKER_PASSWORD }}
- id: build
uses: docker/build-push-action@ca052bb54ab0790a636c9b5f226502c73d547a25 # v5.4.0
with:
push: true
build-args: |
${{ needs.build.outputs.build_args }}
PG_VERSION=${{ matrix.postgres.pg_version }}
SUPABASE_IMAGE=supabase/postgres:${{ matrix.postgres.base_tag }}_${{ matrix.arch }}
target: ${{ matrix.postgres.target }}
tags: supabase/postgres:${{ matrix.postgres.tag }}_${{ matrix.arch }}
platforms: linux/${{ matrix.arch }}
cache-from: type=gha,scope=${{ github.ref_name }}-latest-${{ matrix.arch }}
cache-to: type=gha,mode=max,scope=${{ github.ref_name }}-latest-${{ matrix.arch }}
file: ${{ matrix.postgres.dockerfile }}
merge_manifest:
needs: [prepare, build, build_release_image]
needs: [prepare, build, build_base_images, build_layered_images]
strategy:
matrix:
include: ${{ fromJson(needs.prepare.outputs.matrix_config).include }}
Expand All @@ -170,20 +151,7 @@ jobs:
password: ${{ secrets.DOCKER_PASSWORD }}
- name: Get image tag
id: get_version
run: |
nix run nixpkgs#nushell -- -c '
let version = "${{ matrix.version }}"
let is_multigres = ($version | str starts-with "multigres-")
let base_version = if $is_multigres { $version | str replace "multigres-" "" } else { $version }
let release_key = if ($base_version | str contains "orioledb") {
$"postgresorioledb-17"
} else {
$"postgres($base_version)"
}
let base_tag = (open ansible/vars.yml | get postgres_release | get $release_key | str trim)
let pg_version = if $is_multigres { $"($base_tag)-multigres" } else { $base_tag }
$"pg_version=supabase/postgres:($pg_version)" | save --append $env.GITHUB_OUTPUT
'
run: echo "pg_version=supabase/postgres:${{ matrix.tag }}" >> $GITHUB_OUTPUT
- name: Output version
id: output_version
run: |
Expand All @@ -195,7 +163,7 @@ jobs:
- name: Upload Results Artifact
uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4.6.2
with:
name: merge_results-${{ matrix.version }}
name: merge_results-${{ matrix.tag }}
path: results.txt
if-no-files-found: warn
- name: Merge multi-arch manifests
Expand Down
Loading
Loading