diff --git a/tests/docker/Dockerfile-base.el9 b/tests/docker/Dockerfile-base.el9 index 7c3ec0fa..b9068f9b 100644 --- a/tests/docker/Dockerfile-base.el9 +++ b/tests/docker/Dockerfile-base.el9 @@ -1,37 +1,94 @@ # ############################################################################## # -# Transient docker image to avoid unnecessary actions. +# Base test image for pgEdge Spock development and testing. # -# Includes fresh updates of the base OS plus all extra packages needed to -# Postgres, Spock and testing facilities. +# This image includes: +# - Rocky Linux 9 base with development tools +# - PostgreSQL build dependencies (LLVM, ICU, SSL, etc.) +# - Testing tools (Perl Test::More, SSH) +# - pgedge user with sudo access +# +# Built and published to: ghcr.io/pgedge/base-test-image:latest # # ############################################################################## FROM rockylinux:9 -RUN dnf -y update && dnf -y upgrade && dnf -y install sudo && dnf -y groupinstall "Development Tools" +# Update system and install base development tools +RUN dnf -y update && \ + dnf -y upgrade && \ + dnf -y install sudo && \ + dnf -y groupinstall "Development Tools" +# Create pgedge user with sudo privileges RUN useradd -m pgedge -s /bin/bash && \ echo pgedge:asdf | chpasswd && \ echo "pgedge ALL=(ALL) NOPASSWD:ALL" > /etc/sudoers.d/pgedge && \ chmod 0440 /etc/sudoers.d/pgedge && \ chown -R pgedge:pgedge /home/pgedge -COPY tests/docker/lib-list.txt /home/pgedge/ - -RUN dnf install --allowerasing --enablerepo=crb -y $(cat /home/pgedge/lib-list.txt) +# Install PostgreSQL build dependencies and testing tools +# Note: List inlined to avoid requiring build context with external files +RUN dnf install --allowerasing --enablerepo=crb -y \ + bison \ + clang \ + curl \ + cyrus-sasl-gssapi \ + dnsutils \ + flex \ + jansson-devel \ + krb5-devel \ + libicu-devel \ + libpq \ + libpq-devel \ + libuuid \ + libuuid-devel \ + libxslt \ + libxslt-devel \ + llvm \ + llvm-devel \ + lz4 \ + lz4-devel \ + nc \ + openldap \ + openldap-devel \ + openssh-clients \ + openssh-server \ + openssl-devel \ + pam-devel \ + perl \ + perl-App-cpanminus \ + perl-devel \ + perl-IPC-Run \ + pkgconfig \ + procps \ + python3 \ + python3-devel \ + sudo \ + systemd-devel \ + unzip \ + uuid \ + uuid-devel \ + vim \ + zlib \ + zlib-devel && \ + dnf clean all -# Install perl dependencies for running tap tests +# Install Perl testing dependencies RUN cpanm Test::More -RUN ssh-keygen -t ed25519 -N "" -f ~/.ssh/id_ed25519 && \ - cat ~/.ssh/*.pub >> ~/.ssh/authorized_keys - - -RUN mkdir -p /home/pgedge/spock -RUN chown -R pgedge:pgedge /home/pgedge/spock -#----------------------------------------- +# Setup SSH for pgedge user (not root!) +# This allows SSH-based testing as the pgedge user USER pgedge +RUN mkdir -p ~/.ssh && \ + ssh-keygen -t ed25519 -N "" -f ~/.ssh/id_ed25519 && \ + cat ~/.ssh/*.pub >> ~/.ssh/authorized_keys && \ + chmod 700 ~/.ssh && \ + chmod 600 ~/.ssh/authorized_keys + +# Set default working directory +WORKDIR /home/pgedge -# Just to ensure that community members could find the person they should complain to. +# Metadata LABEL maintainer="andrei.lepikhov@pgedge.com" +LABEL description="Base image for pgEdge Spock PostgreSQL extension development and testing" diff --git a/tests/docker/Dockerfile-step-1.el9 b/tests/docker/Dockerfile-step-1.el9 index 0df56fe3..060ef0ad 100644 --- a/tests/docker/Dockerfile-step-1.el9 +++ b/tests/docker/Dockerfile-step-1.el9 @@ -1,13 +1,23 @@ FROM ghcr.io/pgedge/base-test-image:latest +# Base image ends as USER pgedge, but we need root for installation +USER root + ARG PGVER +ARG MAKE_JOBS=4 ENV PGVER=$PGVER +ENV PATH="/home/pgedge/pgedge/pg${PGVER}/bin:${PATH}" +ENV LD_LIBRARY_PATH="/home/pgedge/pgedge/pg${PGVER}/lib:${LD_LIBRARY_PATH}" +ENV PG_CONFIG="/home/pgedge/pgedge/pg${PGVER}/bin/pg_config" +# Copy spock source code and set proper ownership COPY . /home/pgedge/spock +RUN chown -R pgedge:pgedge /home/pgedge/spock + WORKDIR /home/pgedge -RUN echo "Determine PostgreSQL tag" +# Determine PostgreSQL version and clone repository RUN LATEST_TAG=$(git ls-remote --tags https://github.com/postgres/postgres.git | \ grep "refs/tags/REL_${PGVER}_" | \ sed 's|.*refs/tags/||' | \ @@ -15,16 +25,15 @@ RUN LATEST_TAG=$(git ls-remote --tags https://github.com/postgres/postgres.git | sort -V | \ tail -n 1 | \ tr '.' '_') && \ - echo "Using tag $LATEST_TAG" && \ - git clone --branch $LATEST_TAG --depth 1 https://github.com/postgres/postgres /home/pgedge/postgres - + echo "Using PostgreSQL tag: $LATEST_TAG" && \ + git clone --branch $LATEST_TAG --depth 1 https://github.com/postgres/postgres /home/pgedge/postgres && \ + chmod -R a+w /home/pgedge/postgres -RUN sudo chmod -R a+w ~/postgres - -RUN echo "Setting up pgedge..." -WORKDIR /home/pgedge -RUN curl -fsSL https://pgedge-download.s3.amazonaws.com/REPO/install.py > /home/pgedge/install.py -RUN sudo -u pgedge python3 /home/pgedge/install.py +# Install pgedge (run as pgedge user, not root) +RUN echo "Setting up pgedge..." && \ + curl -fsSL https://pgedge-download.s3.amazonaws.com/REPO/install.py -o /home/pgedge/install.py && \ + chown pgedge:pgedge /home/pgedge/install.py && \ + su - pgedge -c "python3 /home/pgedge/install.py" WORKDIR /home/pgedge/postgres @@ -32,25 +41,50 @@ RUN for patchfile in /home/pgedge/spock/patches/${PGVER}/*; do \ patch -p1 --verbose < $patchfile; \ done -RUN echo "==========Compiling Modified PostgreSQL==========" -RUN options="'--prefix=/home/pgedge/pgedge/pg$PGVER' '--disable-rpath' '--with-zstd' '--with-lz4' '--with-icu' '--with-libxslt' '--with-libxml' '--with-uuid=ossp' '--with-gssapi' '--with-ldap' '--with-pam' '--enable-debug' '--enable-dtrace' '--with-llvm' 'LLVM_CONFIG=/usr/bin/llvm-config-64' '--with-openssl' '--with-systemd' '--enable-tap-tests' '--with-python' '--enable-cassert' 'PYTHON=/usr/bin/python3.9' 'BITCODE_CFLAGS=-gdwarf-5 -O0 -fforce-dwarf-frame' 'CFLAGS=-g -O0'" && eval ./configure $options && make -j4 && make -C contrib -j4 && make install && make -C contrib install - -WORKDIR /home/pgedge - -RUN echo "export LD_LIBRARY_PATH=/home/pgedge/pgedge/pg$PGVER/lib/:$LD_LIBRARY_PATH" >> /home/pgedge/.bashrc -RUN echo "export PATH=/home/pgedge/pgedge/pg$PGVER/bin:$PATH" >> /home/pgedge/.bashrc - -RUN echo "==========Recompiling Spock==========" +# Compile PostgreSQL +RUN echo "==========Compiling Modified PostgreSQL==========" && \ + ./configure \ + --prefix="/home/pgedge/pgedge/pg${PGVER}" \ + --disable-rpath \ + --with-zstd \ + --with-lz4 \ + --with-icu \ + --with-libxslt \ + --with-libxml \ + --with-uuid=ossp \ + --with-gssapi \ + --with-ldap \ + --with-pam \ + --enable-debug \ + --enable-dtrace \ + --with-llvm \ + --with-openssl \ + --with-systemd \ + --enable-tap-tests \ + --with-python \ + --enable-cassert \ + PYTHON=/usr/bin/python3.9 \ + BITCODE_CFLAGS="-gdwarf-5 -O0 -fforce-dwarf-frame" \ + CFLAGS="-g -O0" && \ + make -j${MAKE_JOBS} && \ + make -C contrib -j${MAKE_JOBS} && \ + make install && \ + make -C contrib install + +# Compile Spock WORKDIR /home/pgedge/spock -RUN . /home/pgedge/.bashrc && export PG_CONFIG=/home/pgedge/pgedge/pg$PGVER/bin/pg_config && export PATH=/home/pgedge/pgedge/pg$PGVER/bin:$PATH && make clean && make -j16 && make install - -RUN echo "==========Built Spock==========" +RUN echo "==========Compiling Spock==========" && \ + make clean && \ + make -j${MAKE_JOBS} && \ + make install && \ + echo "==========Spock build complete==========" #----------------------------------------- -COPY tests/docker/*.sh /home/pgedge/ -RUN sudo chmod +x /home/pgedge/*.sh +# Copy test scripts and switch to pgedge user for runtime +COPY --chmod=755 tests/docker/*.sh /home/pgedge/ WORKDIR /home/pgedge/ +# Switch back to pgedge user for container runtime (testing, etc.) USER pgedge CMD ["/home/pgedge/entrypoint.sh"]