Skip to content

Commit 3e26058

Browse files
Jared-PrimeJared-Prime
authored
Allow specifying separate CloudNative PG cluster for PostgREST (#7)
1 parent dc6ee79 commit 3e26058

File tree

14 files changed

+225
-183
lines changed

14 files changed

+225
-183
lines changed

.github/workflows/docker-publish.yml

Lines changed: 0 additions & 88 deletions
This file was deleted.

.github/workflows/helm-publish.yml

Lines changed: 0 additions & 28 deletions
This file was deleted.

.github/workflows/lint.yaml

Lines changed: 35 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,35 @@
1+
name: lint
2+
3+
on:
4+
pull_request: null
5+
push:
6+
branches:
7+
- main
8+
tags:
9+
- "v*.*.*"
10+
11+
permissions: {}
12+
13+
jobs:
14+
helm:
15+
runs-on: ubuntu-latest
16+
steps:
17+
- uses: actions/checkout@v6
18+
with:
19+
fetch-depth: '0'
20+
- uses: azure/[email protected]
21+
with:
22+
version: 'latest'
23+
- uses: actions/setup-python@v6
24+
with:
25+
python-version: '3.x'
26+
check-latest: true
27+
- uses: helm/[email protected]
28+
- id: list-changed
29+
run: |
30+
changed=$(ct list-changed)
31+
if [[ -n "$changed" ]]; then
32+
echo "changed=true" >> "$GITHUB_OUTPUT"
33+
fi
34+
- if: steps.list-changed.outputs.changed == 'true'
35+
run: ct lint --chart-repos cluster=https://cloudnative-pg.io/charts

.github/workflows/push.yaml

Lines changed: 78 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,78 @@
1+
name: Build and Publish Artifacts
2+
3+
on:
4+
pull_request: null
5+
push:
6+
branches:
7+
- main
8+
tags: [ "v*.*.*" ]
9+
10+
env:
11+
REGISTRY: ghcr.io
12+
GOOSE_IMAGE_NAME: pelotech/goose
13+
GOOSE_PACKAGE_VERSION: v3.26.0
14+
15+
jobs:
16+
charts:
17+
if: github.event_name != 'pull_request'
18+
runs-on: ubuntu-latest
19+
permissions:
20+
contents: read
21+
packages: write
22+
steps:
23+
- uses: actions/checkout@v6
24+
- uses: docker/login-action@v3
25+
with:
26+
registry: ${{ env.REGISTRY }}
27+
username: ${{ github.actor }}
28+
password: ${{ secrets.GITHUB_TOKEN }}
29+
- uses: appany/[email protected]
30+
if: ${{ github.event_name != 'pull_request' }}
31+
with:
32+
name: postgrest
33+
tag: ${{ github.ref }}
34+
repository: ${{ github.repository }}
35+
registry: ${{ env.REGISTRY }}
36+
registry_username: ${{ github.actor }}
37+
registry_password: ${{ secrets.GITHUB_TOKEN }}
38+
39+
images:
40+
runs-on: ubuntu-latest
41+
permissions:
42+
contents: read
43+
packages: write
44+
id-token: write
45+
steps:
46+
- uses: actions/checkout@v6
47+
- uses: sigstore/[email protected]
48+
if: ${{ github.event_name != 'pull_request' }}
49+
with:
50+
cosign-release: 'v2.2.4'
51+
- uses: docker/setup-qemu-action@v3
52+
- uses: docker/setup-buildx-action@v3
53+
- uses: docker/login-action@v3
54+
with:
55+
registry: ${{ env.REGISTRY }}
56+
username: ${{ github.actor }}
57+
password: ${{ secrets.GITHUB_TOKEN }}
58+
- uses: docker/metadata-action@v5
59+
id: metadata
60+
with:
61+
images: ${{ env.REGISTRY }}/${{ env.GOOSE_IMAGE_NAME }}
62+
- uses: docker/build-push-action@v6
63+
id: goose-image
64+
with:
65+
context: ./images
66+
file: ./images/goose.dockerfile
67+
push: ${{ github.event_name != 'pull_request' }}
68+
tags: ${{ steps.metadata.outputs.tags }}
69+
labels: ${{ steps.metadata.outputs.labels }}
70+
cache-from: type=gha
71+
cache-to: type=gha,mode=max
72+
platforms: linux/amd64,linux/arm64
73+
- name: sign the published image
74+
if: ${{ github.event_name != 'pull_request' }}
75+
env:
76+
TAGS: ${{ steps.metadata.outputs.tags }}
77+
DIGEST: ${{ steps.goose-image.outputs.digest }}
78+
run: echo "${TAGS}" | xargs -I {} cosign sign --yes {}@${DIGEST}

charts/postgrest/Chart.lock

Lines changed: 3 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -1,6 +1,6 @@
11
dependencies:
22
- name: cluster
3-
repository: https://cloudnative-pg.io/charts/
3+
repository: https://cloudnative-pg.io/charts
44
version: 0.5.0
5-
digest: sha256:b1926f62c6d6db85689a161c910e31e550970843d33aed3f01159f50d9bddc15
6-
generated: "2026-01-05T17:38:04.423244-05:00"
5+
digest: sha256:bd4115e6b9154294c12879f19116e015f1e98563d7f1324f103ed170e3dab69e
6+
generated: "2026-01-08T14:31:47.621461-05:00"

charts/postgrest/Chart.yaml

Lines changed: 6 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -1,10 +1,14 @@
11
apiVersion: v2
22
name: postgrest
3-
version: 0.2.1
3+
icon: https://docs.postgrest.org/en/v14/_images/postgrest.png
4+
version: 0.2.2
5+
maintainers:
6+
- name: jared-prime
7+
email: [email protected]
48
description: Helm chart for a PostgREST data api
59

610
dependencies:
711
- name: cluster
812
version: 0.5.0
9-
repository: https://cloudnative-pg.io/charts/
13+
repository: https://cloudnative-pg.io/charts
1014
condition: cluster.enabled

charts/postgrest/Quickstart.md

Lines changed: 1 addition & 24 deletions
Original file line numberDiff line numberDiff line change
@@ -1,32 +1,9 @@
11
# quickstart
22

3-
Login to the GitHub Container Registry
43

5-
```shell
6-
username="my user name"
7-
personal="my personal access token with package read / write permissions"
8-
docker login ghcr.io -u $username $personal
9-
```
104

115
```shell
12-
kind create cluster --name pelotech
13-
14-
docker build -t ghcr.io/pelotech/goose:example example/migrations
15-
16-
kind load docker-image ghcr.io/pelotech/goose:example --name pelotech
17-
18-
helm upgrade --install cnpg \
19-
--namespace cnpg-system \
20-
--create-namespace \
21-
--wait \
22-
--timeout 1m \
23-
cnpg/cloudnative-pg
24-
25-
helm dependency build ./charts/postgrest
26-
27-
helm upgrade --install postgrest \
28-
--namespace default \
29-
./charts/postgrest
6+
./example/build.sh
307
```
318

329
## usage

charts/postgrest/templates/_helpers.tpl

Lines changed: 14 additions & 14 deletions
Original file line numberDiff line numberDiff line change
@@ -1,15 +1,15 @@
1-
{{ define "database.connection" }}
2-
{{ $username := .Values.database.connection.username }}
3-
{{ $password := .Values.database.connection.password }}
4-
{{ $database := .Values.database.connection.database }}
5-
{{ $hostname := .Values.database.connection.hostname }}
6-
{{ printf "user=%s password=%s host=%s dbname=%s sslmode=disable" $username $password $hostname $database }}
7-
{{ end }}
1+
{{- define "database.connection" -}}
2+
{{- $username := .Values.database.connection.username }}
3+
{{- $password := .Values.database.connection.password }}
4+
{{- $database := .Values.database.connection.database }}
5+
{{- $hostname := .Values.database.connection.hostname }}
6+
{{- printf "user=%s password=%s host=%s dbname=%s sslmode=disable" $username $password $hostname $database }}
7+
{{- end -}}
88

9-
{{ define "database.migrations" }}
10-
{{ $username := .Values.database.migrations.username }}
11-
{{ $password := .Values.database.migrations.password }}
12-
{{ $database := .Values.database.migrations.database }}
13-
{{ $hostname := .Values.database.migrations.hostname }}
14-
{{ printf "user=%s password=%s host=%s dbname=%s sslmode=disable" $username $password $hostname $database }}
15-
{{ end }}
9+
{{- define "database.migrations" -}}
10+
{{- $username := .Values.database.migrations.username }}
11+
{{- $password := .Values.database.migrations.password }}
12+
{{- $database := .Values.database.migrations.database }}
13+
{{- $hostname := .Values.database.migrations.hostname }}
14+
{{- printf "user=%s password=%s host=%s dbname=%s sslmode=disable" $username $password $hostname $database }}
15+
{{- end -}}

charts/postgrest/templates/database.yaml

Lines changed: 12 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,12 @@
1+
{{- if (not .Values.cluster.enabled) }}
2+
{{- range $database := .Values.cluster.databases }}
3+
apiVersion: postgresql.cnpg.io/v1
4+
kind: Database
5+
metadata:
6+
name: postgrest
7+
namespace: "{{ .Release.Namespace }}"
8+
spec:
9+
{{ $database | toYaml | nindent 2 }}
10+
---
11+
{{- end }}
12+
{{- end }}

charts/postgrest/templates/deployment.yaml

Lines changed: 27 additions & 6 deletions
Original file line numberDiff line numberDiff line change
@@ -2,26 +2,43 @@ apiVersion: apps/v1
22
kind: Deployment
33
metadata:
44
name: postgrest
5-
5+
namespace: "{{ .Release.Namespace }}"
66
spec:
77
replicas: 1
88
selector:
99
matchLabels:
10-
name: postgrest
10+
app.kubernetes.io/component: postgrest
11+
app.kubernetes.io/instance: "{{ .Release.Namespace }}"
12+
app.kubernetes.io/name: postgrest
1113
template:
1214
metadata:
1315
labels:
14-
name: postgrest
16+
app.kubernetes.io/component: postgrest
17+
app.kubernetes.io/instance: "{{ .Release.Namespace }}"
18+
app.kubernetes.io/name: postgrest
1519
spec:
1620
initContainers:
21+
- name: wait-for-databases
22+
image: alpine:3.23
23+
imagePullPolicy: IfNotPresent
24+
command:
25+
- /bin/sh
26+
- -c
27+
- |
28+
apk add postgresql-client &&
29+
while ! psql {{ include "database.connection" . | quote }} -c "SELECT 1;" 2>/dev/null; do
30+
echo "awaiting connection - retrying in 5 seconds"
31+
sleep 5
32+
done
33+
echo "connection succeeded"
1734
{{ if not (empty .Values.application.jwk.public) }}
18-
- name: jwks
19-
image: alpine/curl
35+
- name: curl-the-jwks
36+
image: alpine:3.23
2037
imagePullPolicy: IfNotPresent
2138
command:
2239
- /bin/sh
2340
- -c
24-
- "curl --location {{ .Values.application.jwk.public }} > /etc/opt/postgrest/certificates/jwk.json"
41+
- curl --location {{ .Values.application.jwk.public | quote }} > /etc/opt/postgrest/certificates/jwk.json
2542
- volumeMounts:
2643
- mountPath: /etc/opt/postgrest/certificates
2744
name: certificates
@@ -44,6 +61,10 @@ spec:
4461
- name: postgrest
4562
image: postgrest/postgrest
4663
imagePullPolicy: IfNotPresent
64+
ports:
65+
- name: postgrest
66+
containerPort: 3000
67+
protocol: TCP
4768
env:
4869
- name: PGRST_DB_URI
4970
valueFrom:

0 commit comments

Comments
 (0)