chore: cleaning up and triggering build

Author: samrose

.github/workflows/ami-release-nix.yml

@@ -40,54 +40,9 @@ jobs:
             exit 1
           fi
 
-      # - id: args
-      #   uses: mikefarah/yq@master
-      #   with:
-      #     cmd: yq 'to_entries | map(select(.value|type == "!!str")) |  map(.key + "=" + .value) | join("\n")' 'ansible/vars.yml'
-      # - run: docker context create builders
-      # - uses: docker/setup-buildx-action@v3
-      #   with:
-      #     endpoint: builders
-      # - uses: docker/build-push-action@v5
-      #   with:
-      #     build-args: |
-      #       ${{ steps.args.outputs.result }}
-      #     target: extensions
-      #     tags: supabase/postgres:extensions
-      #     platforms: linux/${{ matrix.arch }}
-      #     outputs: type=tar,dest=/tmp/extensions.tar
-      #     cache-from: type=gha,scope=${{ github.ref_name }}-latest-${{ matrix.arch }}
-      #     # No need to export extensions cache because latest depends on it
-
-      # - name: Extract built packages
-      #   run: |
-      #     mkdir -p ansible/files/extensions
-      #     tar xvf /tmp/extensions.tar -C ansible/files/extensions --strip-components 1
-      # TODO remove this block as extensions are build in nix prior to this step
-
-      # - id: version
-      #   run: echo "${{ steps.args.outputs.result }}" | grep "postgresql" >> "$GITHUB_OUTPUT"
-      # - name: Build Postgres deb
-      #   uses: docker/build-push-action@v5
-      #   with:
-      #     file: docker/Dockerfile
-      #     target: pg-deb
-      #     build-args: |
-      #       ubuntu_release=${{ matrix.ubuntu_release }}
-      #       ubuntu_release_no=${{ matrix.ubuntu_version }}
-      #       postgresql_major=${{ steps.version.outputs.postgresql_major }}
-      #       postgresql_release=${{ steps.version.outputs.postgresql_release }}
-      #       CPPFLAGS=-mcpu=${{ matrix.mcpu }}
-      #     tags: supabase/postgres:deb
-      #     platforms: linux/${{ matrix.arch }}
-      #     outputs: type=tar,dest=/tmp/pg-deb.tar
-      #     cache-from: type=gha,scope=${{ github.ref_name }}-deb
-      #     cache-to: type=gha,mode=max,scope=${{ github.ref_name }}-deb
-      # - name: Extract Postgres deb
-      #   run: |
-      #     mkdir -p ansible/files/postgres
-      #     tar xvf /tmp/pg-deb.tar -C ansible/files/postgres --strip-components 1
-      #TODO remove this block as deb is build in nix prior to this step
+      # extensions are build in nix prior to this step
+      # so we can just use the binaries from the nix store
+      # for postgres, extensions and wrappers
 
       - name: Build AMI stage 1
         run: |

ansible-nix/tasks/setup-postgres.yml

@@ -1,15 +1,3 @@
-# - name: Postgres - install commons
-#   apt:
-#     name: postgresql-common
-#     install_recommends: no
-
-# - name: Do not create main cluster
-#   shell:
-#     cmd: sed -ri 's/#(create_main_cluster) .*$/\1 = false/' /etc/postgresql-common/createcluster.conf
-#
-# TODO These lines appear to be installing and configuring https://launchpad.net/ubuntu/+source/postgresql-common 
-# as far as I can see, we don't need this now.
-
 - name: create ssl-cert group
   group:
     name: ssl-cert
@@ -23,15 +11,6 @@
     name: postgres
     state: present
 
-# - name: create users
-#   user:
-#     name: postgres 
-#     groups: postgres, ssl-cert
-#     createhome: yes
-#     append: no
-#     shell: /bin/bash  # Set shell if needed, default is /bin/bash
-#     password: ''
-
 - name: create postgres user
   shell: useradd -m -r -s /bin/bash -d /home/postgres postgres -g postgres
   args:
@@ -136,9 +115,8 @@
     group: postgres
 
 # # Install extensions before init
-# - name: Install Postgres extensions
-#   import_tasks: tasks/setup-docker.yml
-# TODO resolve in new build
+# (samrose) moved to tasks/stage2/setup-extensions.yml
+# now called from stage2/stage2-setup-postgres.yml
 
 
 # init DB

ansible-nix/tasks/stage2/optimizations.yml

@@ -1,17 +1,9 @@
-# - name: ensure services are stopped
-#   community.general.snap:
-#     name: amazon-ssm-agent
-#     state: absent
-# TODO taking this out as machine at this stage reports
-# that aws-ssm-agent is not installed at all
-
 - name: ensure services are stopped and disabled for first boot
   systemd:
     enabled: no
     name: '{{ item }}'
     state: stopped
   with_items:
-    #- snapd
     - postgresql
     - pgbouncer
     - fail2ban
@@ -24,17 +16,6 @@
     pkg:
       - snapd
 
-# - name: ensure services are stopped and disabled for first boot
-#   systemd:
-#     enabled: no
-#     name: '{{ item }}'
-#     state: stopped
-#     masked: yes
-#   with_items:
-#     - lvm2-monitor
-# machine at this stage reports this service is stopped and disabled
-
-
 - name: disable man-db
   become: yes
   file:

ansible-nix/tasks/stage2/setup-extensions.yml

@@ -1,21 +1,3 @@
-# - name: Copy extension packages
-#   copy:
-#     src: files/extensions/
-#     dest: /tmp/extensions/
-
-# # Builtin apt module does not support wildcard for deb paths
-# - name: Install extensions
-#   shell: |
-#     set -e
-#     apt-get update
-#     apt-get install -y --no-install-recommends /tmp/extensions/*.deb
-# TODO remove
-
-# The following tasks were moved to stage 2 from the original ansible/tasks/setup-docker.yml
-# due to these configurations being required to be applied at this stage, after the database package
-# has been installed and before the database is started.
-# These tasks are required to be run before the database is started, as they modify the database configuration
-
 - name: pg_cron - set cron.database_name
   become: yes
   lineinfile:
@@ -78,9 +60,3 @@
     path: /etc/postgresql/postgresql.conf
     regexp: "#include = '/etc/postgresql-custom/supautils.conf'"
     replace: "include = '/etc/postgresql-custom/supautils.conf'"
-
-# - name: Cleanup - extension packages
-#   file:
-#     path: /tmp/extensions
-#     state: absent
-# TODO remove extensions are already packaged in the nix build

ansible-nix/tasks/stage2/stage2-setup-postgres.yml

@@ -2,43 +2,13 @@
   become: yes
   shell: |
     sudo -u postgres bash -c ". /nix/var/nix/profiles/default/etc/profile.d/nix-daemon.sh && nix profile install github:supabase/postgres/sam/2-stage-ami-nix#psql_15/bin"
+#TODO (samrose) switch pg_prove sourcing to develop branch once PR is merged
 
 - name: Install pg_prove from nix binary cache
   become: yes
   shell: |
     sudo -u postgres bash -c ". /nix/var/nix/profiles/default/etc/profile.d/nix-daemon.sh && nix profile install github:supabase/postgres/sam/2-stage-ami-nix#pg_prove"
 
-#TODO switch pg_prove sourcing to develop branch once PR is merged
-
-# - name: Generate en_US.UTF-8 locale
-#   command: sudo localedef -i en_US -c -f UTF-8 -A /usr/share/locale/locale.alias en_US.UTF-8
-
-
-# - name: Add LOCALE_ARCHIVE to .bashrc
-#   ansible.builtin.lineinfile:
-#     dest: "/home/postgres/.bashrc"
-#     line: 'export LOCALE_ARCHIVE=/usr/lib/locale/locale-archive'
-#     create: yes
-#   become: yes
-#   become_user: postgres
-
-# - name: Add LANG items to .bashrc
-#   ansible.builtin.lineinfile:
-#     dest: "/home/postgres/.bashrc"
-#     line: "{{ item }}"
-    
-#   loop: 
-#     - 'export LANG="en_US.UTF-8"'
-#     - 'export LANGUAGE="en_US.UTF-8"'
-#     - 'export LC_ALL="en_US.UTF-8"'
-#     - 'export LANG="en_US.UTF-8"'
-#     - 'export LC_CTYPE="en_US.UTF-8"'
-#   become: yes
-#   become_user: postgres
-
-
-#TODO include ls $(nix profile list | grep glibc-locales | tail -n 1 | cut -d ':' -f 2 | sed 's/^[ \t]*//')/lib/locale-archive
-
 - name: Set ownership and permissions for /etc/ssl/private
   become: yes
   file:
@@ -146,7 +116,6 @@
     state: directory
     recurse: yes
 
-# TODO check that these dirs were created correctly in final AMI
 - name: Recursively create symbolic links and set permissions for the contrib/postgis-* dir
   shell: >
     sudo mkdir -p /usr/lib/postgresql/share/postgresql/contrib && \
@@ -186,12 +155,6 @@
     owner: postgres
     group: postgres
 
-# - name: Set LANG environment variable
-#   environment:
-#     LANG: en_US.UTF-8
-#   #become: yes
-#source /home/postgres/.bashrc &&
-
 - name: Initialize the database
   become: yes
   become_user: postgres

common-nix.vars.pkr.hcl

@@ -1 +1 @@
-postgres-version = "15.6.1.52-nix-staged"
+postgres-version = "15.6.1.53-nix-staged"

nix/ext/wrappers/default.nix

@@ -30,8 +30,6 @@ buildPgrxExtension_0_11_3 rec {
   CARGO="${cargo}/bin/cargo";
 
   cargoLock = {
-    #TODO when we move to newer versions this lockfile will need to be sourced
-    # from ${src}/Cargo.lock
     lockFile = "${src}/Cargo.lock";
     outputHashes = {
       "clickhouse-rs-1.0.0-alpha.1" = "sha256-0zmoUo/GLyCKDLkpBsnLAyGs1xz6cubJhn+eVqMEMaw=";