feat: supporting postgres 18rc1

Author: samrose

Dockerfile-18

@@ -0,0 +1,233 @@
+# syntax=docker/dockerfile:1.6
+ARG postgresql_major=18
+ARG postgresql_release=${postgresql_major}.0
+
+# Bump default build arg to build a package from source
+# Bump vars.yml to specify runtime package version
+ARG sfcgal_release=1.3.10
+ARG postgis_release=3.3.2
+ARG pgrouting_release=3.4.1
+ARG pgtap_release=1.2.0
+ARG pg_cron_release=1.6.7
+ARG pgaudit_release=1.7.0
+ARG pgjwt_release=9742dab1b2f297ad3811120db7b21451bca2d3c9
+ARG pgsql_http_release=1.5.0
+ARG plpgsql_check_release=2.2.5
+ARG pg_safeupdate_release=1.4
+ARG timescaledb_release=2.9.1
+ARG wal2json_release=2_5
+ARG pljava_release=1.6.4
+ARG plv8_release=3.1.5
+ARG pg_plan_filter_release=5081a7b5cb890876e67d8e7486b6a64c38c9a492
+ARG pg_net_release=0.7.1
+ARG rum_release=1.3.13
+ARG pg_hashids_release=cd0e1b31d52b394a0df64079406a14a4f7387cd6
+ARG libsodium_release=1.0.18
+ARG pgsodium_release=3.1.6
+ARG pg_graphql_release=1.5.11
+ARG pg_stat_monitor_release=1.1.1
+ARG pg_jsonschema_release=0.1.4
+ARG pg_repack_release=1.4.8
+ARG vault_release=0.2.8
+ARG groonga_release=12.0.8
+ARG pgroonga_release=2.4.0
+ARG wrappers_release=0.5.4
+ARG hypopg_release=1.3.1
+ARG pgvector_release=0.4.0
+ARG pg_tle_release=1.3.2
+ARG index_advisor_release=0.2.0
+ARG supautils_release=2.2.0
+ARG wal_g_release=3.0.5
+
+FROM ubuntu:noble as base
+
+RUN apt update -y && apt install -y \
+    curl \
+    gnupg \
+    lsb-release \
+    software-properties-common \
+    wget \
+    sudo \
+    tree \
+    && apt clean
+
+
+RUN adduser --system  --home /var/lib/postgresql --no-create-home --shell /bin/bash --group --gecos "PostgreSQL administrator" postgres
+RUN adduser --system  --no-create-home --shell /bin/bash --group  wal-g
+RUN curl --proto '=https' --tlsv1.2 -sSf -L https://install.determinate.systems/nix | sh -s -- install linux \
+--init none \
+--no-confirm \
+--extra-conf "substituters = https://cache.nixos.org https://nix-postgres-artifacts.s3.amazonaws.com" \
+--extra-conf "trusted-public-keys = nix-postgres-artifacts:dGZlQOvKcNEjvT7QEAJbcV6b6uk7VF/hWMjhYleiaLI=% cache.nixos.org-1:6NCHdD59X431o0gWypbMrAURkbJ16ZPMQFGspcDShjY="
+
+ENV PATH="${PATH}:/nix/var/nix/profiles/default/bin"
+
+COPY . /nixpg
+
+WORKDIR /nixpg
+
+RUN nix profile install .#psql_18/bin
+
+RUN nix store gc
+
+WORKDIR /
+
+
+RUN mkdir -p /usr/lib/postgresql/bin \
+    /usr/lib/postgresql/share/postgresql \
+    /usr/share/postgresql \
+    /var/lib/postgresql \
+    && chown -R postgres:postgres /usr/lib/postgresql \
+    && chown -R postgres:postgres /var/lib/postgresql \
+    && chown -R postgres:postgres /usr/share/postgresql
+
+# Create symbolic links
+RUN ln -s /nix/var/nix/profiles/default/bin/* /usr/lib/postgresql/bin/ \
+    && ln -s /nix/var/nix/profiles/default/bin/* /usr/bin/ \
+    && chown -R postgres:postgres /usr/bin
+
+# Create symbolic links for PostgreSQL shares
+RUN ln -s /nix/var/nix/profiles/default/share/postgresql/* /usr/lib/postgresql/share/postgresql/
+RUN ln -s /nix/var/nix/profiles/default/share/postgresql/* /usr/share/postgresql/
+RUN chown -R postgres:postgres /usr/lib/postgresql/share/postgresql/
+RUN chown -R postgres:postgres /usr/share/postgresql/
+# Create symbolic links for contrib directory
+RUN tree /nix > /tmp/tree.txt && cat /tmp/tree.txt && cat /tmp/tree.txt >&2
+
+RUN chown -R postgres:postgres /usr/lib/postgresql
+
+RUN ln -sf /usr/lib/postgresql/share/postgresql/timezonesets /usr/share/postgresql/timezonesets
+
+
+RUN apt-get update && \
+    apt-get install -y --no-install-recommends tzdata
+
+RUN ln -fs /usr/share/zoneinfo/Etc/UTC /etc/localtime && \
+    dpkg-reconfigure --frontend noninteractive tzdata
+
+RUN apt-get update && \
+    apt-get install -y --no-install-recommends \
+    build-essential \
+    checkinstall \
+    cmake
+
+ENV PGDATA=/var/lib/postgresql/data
+
+####################
+# setup-wal-g.yml
+####################
+FROM base as walg
+ARG wal_g_release
+
+WORKDIR /nixpg
+
+RUN nix profile install .#wal-g-3 && \
+    ln -s /nix/var/nix/profiles/default/bin/wal-g-3 /tmp/wal-g
+
+RUN nix store gc
+
+WORKDIR /
+# ####################
+# # Download gosu for easy step-down from root
+# ####################
+FROM base as gosu
+ARG TARGETARCH
+# Install dependencies
+RUN apt-get update && apt-get install -y --no-install-recommends \
+   gnupg \
+   ca-certificates \
+   && rm -rf /var/lib/apt/lists/*
+# Download binary
+ARG GOSU_VERSION=1.16
+ARG GOSU_GPG_KEY=B42F6819007F00F88E364FD4036A9C25BF357DD4
+ADD https://github.com/tianon/gosu/releases/download/$GOSU_VERSION/gosu-$TARGETARCH \
+    /usr/local/bin/gosu
+ADD https://github.com/tianon/gosu/releases/download/$GOSU_VERSION/gosu-$TARGETARCH.asc \
+    /usr/local/bin/gosu.asc
+# Verify checksum
+RUN gpg --batch --keyserver hkps://keys.openpgp.org --recv-keys $GOSU_GPG_KEY && \
+    gpg --batch --verify /usr/local/bin/gosu.asc /usr/local/bin/gosu && \
+    gpgconf --kill all && \
+    chmod +x /usr/local/bin/gosu
+
+# ####################
+# # Build final image
+# ####################
+FROM gosu as production
+RUN id postgres || (echo "postgres user does not exist" && exit 1)
+# # Setup extensions
+COPY --from=walg /tmp/wal-g /usr/local/bin/
+
+# # Initialise configs
+COPY --chown=postgres:postgres ansible/files/postgresql_config/postgresql.conf.j2 /etc/postgresql/postgresql.conf
+COPY --chown=postgres:postgres ansible/files/postgresql_config/pg_hba.conf.j2 /etc/postgresql/pg_hba.conf
+COPY --chown=postgres:postgres ansible/files/postgresql_config/pg_ident.conf.j2 /etc/postgresql/pg_ident.conf
+COPY --chown=postgres:postgres ansible/files/postgresql_config/postgresql-stdout-log.conf /etc/postgresql/logging.conf
+COPY --chown=postgres:postgres ansible/files/postgresql_config/supautils.conf.j2 /etc/postgresql-custom/supautils.conf
+COPY --chown=postgres:postgres ansible/files/postgresql_extension_custom_scripts /etc/postgresql-custom/extension-custom-scripts
+COPY --chown=postgres:postgres ansible/files/pgsodium_getkey_urandom.sh.j2 /usr/lib/postgresql/bin/pgsodium_getkey.sh
+COPY --chown=postgres:postgres ansible/files/postgresql_config/custom_read_replica.conf.j2 /etc/postgresql-custom/read-replica.conf
+COPY --chown=postgres:postgres ansible/files/postgresql_config/custom_walg.conf.j2 /etc/postgresql-custom/wal-g.conf
+COPY --chown=postgres:postgres ansible/files/walg_helper_scripts/wal_fetch.sh /home/postgres/wal_fetch.sh
+COPY ansible/files/walg_helper_scripts/wal_change_ownership.sh /root/wal_change_ownership.sh
+
+RUN sed -i \
+    -e "s|#unix_socket_directories = '/tmp'|unix_socket_directories = '/var/run/postgresql'|g" \
+    -e "s|#session_preload_libraries = ''|session_preload_libraries = 'supautils'|g" \
+    -e "s|#include = '/etc/postgresql-custom/supautils.conf'|include = '/etc/postgresql-custom/supautils.conf'|g" \
+    -e "s|#include = '/etc/postgresql-custom/wal-g.conf'|include = '/etc/postgresql-custom/wal-g.conf'|g" /etc/postgresql/postgresql.conf && \
+    echo "cron.database_name = 'postgres'" >> /etc/postgresql/postgresql.conf && \
+    #echo "pljava.libjvm_location = '/usr/lib/jvm/java-11-openjdk-${TARGETARCH}/lib/server/libjvm.so'" >> /etc/postgresql/postgresql.conf && \
+    echo "pgsodium.getkey_script= '/usr/lib/postgresql/bin/pgsodium_getkey.sh'" >> /etc/postgresql/postgresql.conf && \
+    echo "vault.getkey_script= '/usr/lib/postgresql/bin/pgsodium_getkey.sh'" >> /etc/postgresql/postgresql.conf && \
+    echo 'auto_explain.log_min_duration = 10s' >> /etc/postgresql/postgresql.conf && \
+    usermod -aG postgres wal-g && \
+    mkdir -p /etc/postgresql-custom && \
+    chown postgres:postgres /etc/postgresql-custom
+
+    # Remove items from postgresql.conf for PG 18 (remove unsupported extensions)
+RUN sed -i 's/ timescaledb,//g;' "/etc/postgresql/postgresql.conf"
+    #as of pg 16.4 + this db_user_namespace totally deprecated and will break the server if setting is present
+RUN sed -i 's/db_user_namespace = off/#db_user_namespace = off/g;' "/etc/postgresql/postgresql.conf"
+# Remove more extensions that don't support PG 18 yet
+RUN sed -i 's/ timescaledb,//g; s/ plv8,//g; s/ pgjwt,//g; s/ pgaudit,//g' "/etc/postgresql-custom/supautils.conf"
+
+
+
+# # Include schema migrations
+COPY migrations/db /docker-entrypoint-initdb.d/
+COPY ansible/files/pgbouncer_config/pgbouncer_auth_schema.sql /docker-entrypoint-initdb.d/init-scripts/00-schema.sql
+COPY ansible/files/stat_extension.sql /docker-entrypoint-initdb.d/migrations/00-extension.sql
+
+# # Add upstream entrypoint script pinned for now to last tested version
+COPY --from=gosu /usr/local/bin/gosu /usr/local/bin/gosu
+ADD --chmod=0755 \
+    https://github.com/docker-library/postgres/raw/889f9447cd2dfe21cccfbe9bb7945e3b037e02d8/17/bullseye/docker-entrypoint.sh \
+    /usr/local/bin/docker-entrypoint.sh
+
+RUN mkdir -p /var/run/postgresql && chown postgres:postgres /var/run/postgresql
+
+ENTRYPOINT ["docker-entrypoint.sh"]
+
+HEALTHCHECK --interval=2s --timeout=2s --retries=10 CMD pg_isready -U postgres -h localhost
+STOPSIGNAL SIGINT
+EXPOSE 5432
+
+ENV POSTGRES_HOST=/var/run/postgresql
+ENV POSTGRES_USER=supabase_admin
+ENV POSTGRES_DB=postgres
+ENV POSTGRES_INITDB_ARGS="--allow-group-access --locale-provider=icu --encoding=UTF-8 --icu-locale=en_US.UTF-8"
+RUN apt-get update && apt-get install -y --no-install-recommends \
+    locales \
+    && rm -rf /var/lib/apt/lists/* && \
+    localedef -i en_US -c -f UTF-8 -A /usr/share/locale/locale.alias en_US.UTF-8 \
+    && localedef -i C -c -f UTF-8 -A /usr/share/locale/locale.alias C.UTF-8
+RUN echo "C.UTF-8 UTF-8" > /etc/locale.gen && echo "en_US.UTF-8 UTF-8" >> /etc/locale.gen && locale-gen
+ENV LANG en_US.UTF-8
+ENV LANGUAGE en_US:en
+ENV LC_ALL en_US.UTF-8
+ENV LOCALE_ARCHIVE /usr/lib/locale/locale-archive
+RUN mkdir -p /usr/share/postgresql/extension/ && \
+    ln -s /usr/lib/postgresql/bin/pgsodium_getkey.sh /usr/share/postgresql/extension/pgsodium_getkey && \
+    chmod +x /usr/lib/postgresql/bin/pgsodium_getkey.sh
+CMD ["postgres", "-D", "/etc/postgresql"]

ansible/vars.yml

@@ -5,13 +5,15 @@ async_mode: true
 postgres_major:
   - "15"
   - "17"
+  - "18"
   - "orioledb-17"
 
 # Full version strings for each major version
 postgres_release:
-  postgresorioledb-17: "17.5.1.026-orioledb"
-  postgres17: "17.6.1.005"
-  postgres15: "15.14.1.005"
+  postgresorioledb-17: "17.5.1.026-orioledb-rc-1"
+  postgres17: "17.6.1.005-rc-1"
+  postgres18: "18.0.1.000-rc-1"
+  postgres15: "15.14.1.005-rc-1"
 
 # Non Postgres Extensions
 pgbouncer_release: "1.19.0"

nix/checks.nix

@@ -12,6 +12,7 @@
       pkgs-lib = pkgs.callPackage ./packages/lib.nix {
         psql_15 = self'.packages."psql_15/bin";
         psql_17 = self'.packages."psql_17/bin";
+        psql_18 = self'.packages."psql_18/bin";
         psql_orioledb-17 = self'.packages."psql_orioledb-17/bin";
         pgroonga = self'.packages."psql_15/exts/pgroonga";
         inherit (self.supabase) defaults;
@@ -87,6 +88,8 @@
                   "15"
                 else if builtins.match "17.*" name != null then
                   "17"
+                else if builtins.match "18.*" name != null then
+                  "18"
                 else if builtins.match "orioledb-17.*" name != null then
                   "orioledb-17"
                 else
@@ -107,6 +110,8 @@
                             builtins.match "z_orioledb-17_.*" name != null
                           else if version == "17" then
                             builtins.match "z_17_.*" name != null
+                          else if version == "18" then
+                            builtins.match "z_18_.*" name != null
                           else
                             builtins.match "z_15_.*" name != null
                         else
@@ -122,11 +127,14 @@
                   version = builtins.trace "pgpkg.version is: ${pgpkg.version}" pgpkg.version;
                   isOrioledbMatch = builtins.match "^17_[0-9]+$" version != null;
                   isSeventeenMatch = builtins.match "^17[.][0-9]+$" version != null;
+                  isEighteenMatch = builtins.match "^18[.][0-9]+$" version != null;
                   result =
                     if isOrioledbMatch then
                       "orioledb-17"
                     else if isSeventeenMatch then
                       "17"
+                    else if isEighteenMatch then
+                      "18"
                     else
                       "15";
                 in
@@ -140,6 +148,8 @@
                   "5535"
                 else if (majorVersion == "15") then
                   "5536"
+                else if (majorVersion == "18") then
+                  "5538"
                 else
                   "5537";
 
@@ -181,7 +191,7 @@
                 grep -rn "shared_preload_libraries" "$PGTAP_CLUSTER"/postgresql.conf
                 # Remove timescaledb if running orioledb-17 check
                 echo "I AM ${pgpkg.version}===================================================="
-                if [[ "${pgpkg.version}" == *"17"* ]]; then
+                if [[ "${pgpkg.version}" == *"17"* ]] || [[ "${pgpkg.version}" == *"18"* ]]; then
                   perl -pi -e 's/ timescaledb,//g' "$PGTAP_CLUSTER/postgresql.conf"
                 fi
                 #NOTE in the future we may also need to add the orioledb extension to the cluster when cluster is oriole
@@ -289,6 +299,7 @@
         {
           psql_15 = makeCheckHarness self'.packages."psql_15/bin";
           psql_17 = makeCheckHarness self'.packages."psql_17/bin";
+          psql_18 = makeCheckHarness self'.packages."psql_18/bin";
           psql_orioledb-17 = makeCheckHarness self'.packages."psql_orioledb-17/bin";
           inherit (self'.packages)
             wal-g-2

nix/config.nix

@@ -50,8 +50,8 @@ in
             hash = "sha256-4GMKNgCuonURcVVjJZ7CERzV9DU6SwQOC+gn+UzXqLA=";
           };
           "18" = {
-            version = "18beta3";
-            hash = "sha256-IdhuVe6hEwDDoiEmR9w9SL2ES4MBfPbOVoRjmtj5Ung=";
+            version = "18rc1";
+            hash = "sha256-saTNwO1ul9EX8ETaZ4FYKdVgACyCEpCp3uhuXkmbL0w=";
           };
         };
         orioledb = {

nix/ext/supautils.nix renamed to nix/ext/supautils/default.nix

@@ -7,17 +7,22 @@
 
 stdenv.mkDerivation rec {
   pname = "supautils";
-  version = "2.9.4";
+  version = "2.10.0";
 
   buildInputs = [ postgresql ];
 
   src = fetchFromGitHub {
     owner = "supabase";
     repo = pname;
     rev = "refs/tags/v${version}";
-    hash = "sha256-qP9fOEWXw+wY49GopTizwxSBEGS0UoseJHVBtKS/BdI=";
+    hash = "sha256-jhTLC7aoodjHl98nnKxh6TuznrCg28/6b++6OM05WIs=";
   };
 
+  # Fix PostgreSQL 18 compatibility by making log_skipped_evtrigs static
+  postPatch = lib.optionalString (lib.versionAtLeast postgresql.version "18") ''
+    sed -i 's/^bool log_skipped_evtrigs = false;/static bool log_skipped_evtrigs = false;/' src/supautils.c
+  '';
+
   installPhase = ''
     mkdir -p $out/lib
 

nix/ext/supautils/supautils-pg18-compat.patch

@@ -0,0 +1,13 @@
+diff --git a/src/supautils.c b/src/supautils.c
+index 1234567..abcdefg 100644
+--- a/src/supautils.c
++++ b/src/supautils.c
+@@ -64,7 +64,7 @@ typedef struct EvictCacheState
+ } EvictCacheState;
+
+ /* GUC to control whether to log an event when an event trigger is skipped */
+-bool log_skipped_evtrigs = false;
++static bool log_skipped_evtrigs = false;
+
+ /* GUC to save the list of constrained extensions */
+ char *supabase_reserved_extensions = "";

nix/overlays/default.nix

@@ -9,6 +9,7 @@
     inherit (self.packages.${final.system})
       postgresql_15
       postgresql_17
+      postgresql_18
       postgresql_orioledb-17
       supabase-groonga
       switch-ext-version

nix/packages/default.nix

@@ -22,6 +22,7 @@
       pkgs-lib = pkgs.callPackage ./lib.nix {
         psql_15 = self'.packages."psql_15/bin";
         psql_17 = self'.packages."psql_17/bin";
+        psql_18 = self'.packages."psql_18/bin";
         psql_orioledb-17 = self'.packages."psql_orioledb-17/bin";
         pgroonga = self'.packages."psql_15/exts/pgroonga";
         inherit (self.supabase) defaults;
@@ -47,6 +48,7 @@
           start-client = pkgs.callPackage ./start-client.nix {
             psql_15 = self'.packages."psql_15/bin";
             psql_17 = self'.packages."psql_17/bin";
+            psql_18 = self'.packages."psql_18/bin";
             psql_orioledb-17 = self'.packages."psql_orioledb-17/bin";
             inherit (self.supabase) defaults;
           };