From 25b3034e9b0155c3e71acaf650243e7d12a571c1 Mon Sep 17 00:00:00 2001
From: Tianon Gravi <admwiggin@gmail.com>
Date: Fri, 10 Mar 2023 16:05:06 -0800
Subject: [PATCH 001/115] Update permissions from 777 to 1777
This still supports the "arbitrary user" use case but with slightly tighter permissions on the end result.
This one is a little bit more "special" other images (due to the existing runtime/entrypoint modification of the directory modes) so I've tried to pick reasonable values for both halves.
---
11/alpine/Dockerfile | 4 ++--
11/alpine/docker-entrypoint.sh | 4 ++--
11/bullseye/docker-entrypoint.sh | 4 ++--
12/alpine/Dockerfile | 4 ++--
12/alpine/docker-entrypoint.sh | 4 ++--
12/bullseye/docker-entrypoint.sh | 4 ++--
13/alpine/Dockerfile | 4 ++--
13/alpine/docker-entrypoint.sh | 4 ++--
13/bullseye/docker-entrypoint.sh | 4 ++--
14/alpine/Dockerfile | 4 ++--
14/alpine/docker-entrypoint.sh | 4 ++--
14/bullseye/docker-entrypoint.sh | 4 ++--
15/alpine/Dockerfile | 4 ++--
15/alpine/docker-entrypoint.sh | 4 ++--
15/bullseye/docker-entrypoint.sh | 4 ++--
Dockerfile-alpine.template | 4 ++--
docker-entrypoint.sh | 4 ++--
17 files changed, 34 insertions(+), 34 deletions(-)
diff --git a/11/alpine/Dockerfile b/11/alpine/Dockerfile
index 26b8786583..51c03ad1ed 100644
--- a/11/alpine/Dockerfile
+++ b/11/alpine/Dockerfile
@@ -149,11 +149,11 @@ RUN set -eux; \
sed -ri "s!^#?(listen_addresses)\s*=\s*\S+.*!\1 = '*'!" /usr/local/share/postgresql/postgresql.conf.sample; \
grep -F "listen_addresses = '*'" /usr/local/share/postgresql/postgresql.conf.sample
-RUN mkdir -p /var/run/postgresql && chown -R postgres:postgres /var/run/postgresql && chmod 2777 /var/run/postgresql
+RUN mkdir -p /var/run/postgresql && chown -R postgres:postgres /var/run/postgresql && chmod 3777 /var/run/postgresql
ENV PGDATA /var/lib/postgresql/data
# this 777 will be replaced by 700 at runtime (allows semi-arbitrary "--user" values)
-RUN mkdir -p "$PGDATA" && chown -R postgres:postgres "$PGDATA" && chmod 777 "$PGDATA"
+RUN mkdir -p "$PGDATA" && chown -R postgres:postgres "$PGDATA" && chmod 1777 "$PGDATA"
VOLUME /var/lib/postgresql/data
COPY docker-entrypoint.sh /usr/local/bin/
diff --git a/11/alpine/docker-entrypoint.sh b/11/alpine/docker-entrypoint.sh
index d34886ea14..a383a36487 100755
--- a/11/alpine/docker-entrypoint.sh
+++ b/11/alpine/docker-entrypoint.sh
@@ -38,11 +38,11 @@ docker_create_db_directories() {
mkdir -p "$PGDATA"
# ignore failure since there are cases where we can't chmod (and PostgreSQL might fail later anyhow - it's picky about permissions of this directory)
- chmod 700 "$PGDATA" || :
+ chmod 00700 "$PGDATA" || :
# ignore failure since it will be fine when using the image provided directory; see also https://github.com/docker-library/postgres/pull/289
mkdir -p /var/run/postgresql || :
- chmod 775 /var/run/postgresql || :
+ chmod 03775 /var/run/postgresql || :
# Create the transaction log directory before initdb is run so the directory is owned by the correct user
if [ -n "${POSTGRES_INITDB_WALDIR:-}" ]; then
diff --git a/11/bullseye/docker-entrypoint.sh b/11/bullseye/docker-entrypoint.sh
index 749445d218..0ae0ecf8c2 100755
--- a/11/bullseye/docker-entrypoint.sh
+++ b/11/bullseye/docker-entrypoint.sh
@@ -38,11 +38,11 @@ docker_create_db_directories() {
mkdir -p "$PGDATA"
# ignore failure since there are cases where we can't chmod (and PostgreSQL might fail later anyhow - it's picky about permissions of this directory)
- chmod 700 "$PGDATA" || :
+ chmod 00700 "$PGDATA" || :
# ignore failure since it will be fine when using the image provided directory; see also https://github.com/docker-library/postgres/pull/289
mkdir -p /var/run/postgresql || :
- chmod 775 /var/run/postgresql || :
+ chmod 03775 /var/run/postgresql || :
# Create the transaction log directory before initdb is run so the directory is owned by the correct user
if [ -n "${POSTGRES_INITDB_WALDIR:-}" ]; then
diff --git a/12/alpine/Dockerfile b/12/alpine/Dockerfile
index f63728a701..a96a546e71 100644
--- a/12/alpine/Dockerfile
+++ b/12/alpine/Dockerfile
@@ -149,11 +149,11 @@ RUN set -eux; \
sed -ri "s!^#?(listen_addresses)\s*=\s*\S+.*!\1 = '*'!" /usr/local/share/postgresql/postgresql.conf.sample; \
grep -F "listen_addresses = '*'" /usr/local/share/postgresql/postgresql.conf.sample
-RUN mkdir -p /var/run/postgresql && chown -R postgres:postgres /var/run/postgresql && chmod 2777 /var/run/postgresql
+RUN mkdir -p /var/run/postgresql && chown -R postgres:postgres /var/run/postgresql && chmod 3777 /var/run/postgresql
ENV PGDATA /var/lib/postgresql/data
# this 777 will be replaced by 700 at runtime (allows semi-arbitrary "--user" values)
-RUN mkdir -p "$PGDATA" && chown -R postgres:postgres "$PGDATA" && chmod 777 "$PGDATA"
+RUN mkdir -p "$PGDATA" && chown -R postgres:postgres "$PGDATA" && chmod 1777 "$PGDATA"
VOLUME /var/lib/postgresql/data
COPY docker-entrypoint.sh /usr/local/bin/
diff --git a/12/alpine/docker-entrypoint.sh b/12/alpine/docker-entrypoint.sh
index d34886ea14..a383a36487 100755
--- a/12/alpine/docker-entrypoint.sh
+++ b/12/alpine/docker-entrypoint.sh
@@ -38,11 +38,11 @@ docker_create_db_directories() {
mkdir -p "$PGDATA"
# ignore failure since there are cases where we can't chmod (and PostgreSQL might fail later anyhow - it's picky about permissions of this directory)
- chmod 700 "$PGDATA" || :
+ chmod 00700 "$PGDATA" || :
# ignore failure since it will be fine when using the image provided directory; see also https://github.com/docker-library/postgres/pull/289
mkdir -p /var/run/postgresql || :
- chmod 775 /var/run/postgresql || :
+ chmod 03775 /var/run/postgresql || :
# Create the transaction log directory before initdb is run so the directory is owned by the correct user
if [ -n "${POSTGRES_INITDB_WALDIR:-}" ]; then
diff --git a/12/bullseye/docker-entrypoint.sh b/12/bullseye/docker-entrypoint.sh
index 749445d218..0ae0ecf8c2 100755
--- a/12/bullseye/docker-entrypoint.sh
+++ b/12/bullseye/docker-entrypoint.sh
@@ -38,11 +38,11 @@ docker_create_db_directories() {
mkdir -p "$PGDATA"
# ignore failure since there are cases where we can't chmod (and PostgreSQL might fail later anyhow - it's picky about permissions of this directory)
- chmod 700 "$PGDATA" || :
+ chmod 00700 "$PGDATA" || :
# ignore failure since it will be fine when using the image provided directory; see also https://github.com/docker-library/postgres/pull/289
mkdir -p /var/run/postgresql || :
- chmod 775 /var/run/postgresql || :
+ chmod 03775 /var/run/postgresql || :
# Create the transaction log directory before initdb is run so the directory is owned by the correct user
if [ -n "${POSTGRES_INITDB_WALDIR:-}" ]; then
diff --git a/13/alpine/Dockerfile b/13/alpine/Dockerfile
index 3006bd0fd9..4cd84cdc74 100644
--- a/13/alpine/Dockerfile
+++ b/13/alpine/Dockerfile
@@ -149,11 +149,11 @@ RUN set -eux; \
sed -ri "s!^#?(listen_addresses)\s*=\s*\S+.*!\1 = '*'!" /usr/local/share/postgresql/postgresql.conf.sample; \
grep -F "listen_addresses = '*'" /usr/local/share/postgresql/postgresql.conf.sample
-RUN mkdir -p /var/run/postgresql && chown -R postgres:postgres /var/run/postgresql && chmod 2777 /var/run/postgresql
+RUN mkdir -p /var/run/postgresql && chown -R postgres:postgres /var/run/postgresql && chmod 3777 /var/run/postgresql
ENV PGDATA /var/lib/postgresql/data
# this 777 will be replaced by 700 at runtime (allows semi-arbitrary "--user" values)
-RUN mkdir -p "$PGDATA" && chown -R postgres:postgres "$PGDATA" && chmod 777 "$PGDATA"
+RUN mkdir -p "$PGDATA" && chown -R postgres:postgres "$PGDATA" && chmod 1777 "$PGDATA"
VOLUME /var/lib/postgresql/data
COPY docker-entrypoint.sh /usr/local/bin/
diff --git a/13/alpine/docker-entrypoint.sh b/13/alpine/docker-entrypoint.sh
index d34886ea14..a383a36487 100755
--- a/13/alpine/docker-entrypoint.sh
+++ b/13/alpine/docker-entrypoint.sh
@@ -38,11 +38,11 @@ docker_create_db_directories() {
mkdir -p "$PGDATA"
# ignore failure since there are cases where we can't chmod (and PostgreSQL might fail later anyhow - it's picky about permissions of this directory)
- chmod 700 "$PGDATA" || :
+ chmod 00700 "$PGDATA" || :
# ignore failure since it will be fine when using the image provided directory; see also https://github.com/docker-library/postgres/pull/289
mkdir -p /var/run/postgresql || :
- chmod 775 /var/run/postgresql || :
+ chmod 03775 /var/run/postgresql || :
# Create the transaction log directory before initdb is run so the directory is owned by the correct user
if [ -n "${POSTGRES_INITDB_WALDIR:-}" ]; then
diff --git a/13/bullseye/docker-entrypoint.sh b/13/bullseye/docker-entrypoint.sh
index 749445d218..0ae0ecf8c2 100755
--- a/13/bullseye/docker-entrypoint.sh
+++ b/13/bullseye/docker-entrypoint.sh
@@ -38,11 +38,11 @@ docker_create_db_directories() {
mkdir -p "$PGDATA"
# ignore failure since there are cases where we can't chmod (and PostgreSQL might fail later anyhow - it's picky about permissions of this directory)
- chmod 700 "$PGDATA" || :
+ chmod 00700 "$PGDATA" || :
# ignore failure since it will be fine when using the image provided directory; see also https://github.com/docker-library/postgres/pull/289
mkdir -p /var/run/postgresql || :
- chmod 775 /var/run/postgresql || :
+ chmod 03775 /var/run/postgresql || :
# Create the transaction log directory before initdb is run so the directory is owned by the correct user
if [ -n "${POSTGRES_INITDB_WALDIR:-}" ]; then
diff --git a/14/alpine/Dockerfile b/14/alpine/Dockerfile
index 895c57a15e..532ff95e2b 100644
--- a/14/alpine/Dockerfile
+++ b/14/alpine/Dockerfile
@@ -152,11 +152,11 @@ RUN set -eux; \
sed -ri "s!^#?(listen_addresses)\s*=\s*\S+.*!\1 = '*'!" /usr/local/share/postgresql/postgresql.conf.sample; \
grep -F "listen_addresses = '*'" /usr/local/share/postgresql/postgresql.conf.sample
-RUN mkdir -p /var/run/postgresql && chown -R postgres:postgres /var/run/postgresql && chmod 2777 /var/run/postgresql
+RUN mkdir -p /var/run/postgresql && chown -R postgres:postgres /var/run/postgresql && chmod 3777 /var/run/postgresql
ENV PGDATA /var/lib/postgresql/data
# this 777 will be replaced by 700 at runtime (allows semi-arbitrary "--user" values)
-RUN mkdir -p "$PGDATA" && chown -R postgres:postgres "$PGDATA" && chmod 777 "$PGDATA"
+RUN mkdir -p "$PGDATA" && chown -R postgres:postgres "$PGDATA" && chmod 1777 "$PGDATA"
VOLUME /var/lib/postgresql/data
COPY docker-entrypoint.sh /usr/local/bin/
diff --git a/14/alpine/docker-entrypoint.sh b/14/alpine/docker-entrypoint.sh
index d34886ea14..a383a36487 100755
--- a/14/alpine/docker-entrypoint.sh
+++ b/14/alpine/docker-entrypoint.sh
@@ -38,11 +38,11 @@ docker_create_db_directories() {
mkdir -p "$PGDATA"
# ignore failure since there are cases where we can't chmod (and PostgreSQL might fail later anyhow - it's picky about permissions of this directory)
- chmod 700 "$PGDATA" || :
+ chmod 00700 "$PGDATA" || :
# ignore failure since it will be fine when using the image provided directory; see also https://github.com/docker-library/postgres/pull/289
mkdir -p /var/run/postgresql || :
- chmod 775 /var/run/postgresql || :
+ chmod 03775 /var/run/postgresql || :
# Create the transaction log directory before initdb is run so the directory is owned by the correct user
if [ -n "${POSTGRES_INITDB_WALDIR:-}" ]; then
diff --git a/14/bullseye/docker-entrypoint.sh b/14/bullseye/docker-entrypoint.sh
index 749445d218..0ae0ecf8c2 100755
--- a/14/bullseye/docker-entrypoint.sh
+++ b/14/bullseye/docker-entrypoint.sh
@@ -38,11 +38,11 @@ docker_create_db_directories() {
mkdir -p "$PGDATA"
# ignore failure since there are cases where we can't chmod (and PostgreSQL might fail later anyhow - it's picky about permissions of this directory)
- chmod 700 "$PGDATA" || :
+ chmod 00700 "$PGDATA" || :
# ignore failure since it will be fine when using the image provided directory; see also https://github.com/docker-library/postgres/pull/289
mkdir -p /var/run/postgresql || :
- chmod 775 /var/run/postgresql || :
+ chmod 03775 /var/run/postgresql || :
# Create the transaction log directory before initdb is run so the directory is owned by the correct user
if [ -n "${POSTGRES_INITDB_WALDIR:-}" ]; then
diff --git a/15/alpine/Dockerfile b/15/alpine/Dockerfile
index db702b19f8..90b2988f4e 100644
--- a/15/alpine/Dockerfile
+++ b/15/alpine/Dockerfile
@@ -155,11 +155,11 @@ RUN set -eux; \
sed -ri "s!^#?(listen_addresses)\s*=\s*\S+.*!\1 = '*'!" /usr/local/share/postgresql/postgresql.conf.sample; \
grep -F "listen_addresses = '*'" /usr/local/share/postgresql/postgresql.conf.sample
-RUN mkdir -p /var/run/postgresql && chown -R postgres:postgres /var/run/postgresql && chmod 2777 /var/run/postgresql
+RUN mkdir -p /var/run/postgresql && chown -R postgres:postgres /var/run/postgresql && chmod 3777 /var/run/postgresql
ENV PGDATA /var/lib/postgresql/data
# this 777 will be replaced by 700 at runtime (allows semi-arbitrary "--user" values)
-RUN mkdir -p "$PGDATA" && chown -R postgres:postgres "$PGDATA" && chmod 777 "$PGDATA"
+RUN mkdir -p "$PGDATA" && chown -R postgres:postgres "$PGDATA" && chmod 1777 "$PGDATA"
VOLUME /var/lib/postgresql/data
COPY docker-entrypoint.sh /usr/local/bin/
diff --git a/15/alpine/docker-entrypoint.sh b/15/alpine/docker-entrypoint.sh
index d34886ea14..a383a36487 100755
--- a/15/alpine/docker-entrypoint.sh
+++ b/15/alpine/docker-entrypoint.sh
@@ -38,11 +38,11 @@ docker_create_db_directories() {
mkdir -p "$PGDATA"
# ignore failure since there are cases where we can't chmod (and PostgreSQL might fail later anyhow - it's picky about permissions of this directory)
- chmod 700 "$PGDATA" || :
+ chmod 00700 "$PGDATA" || :
# ignore failure since it will be fine when using the image provided directory; see also https://github.com/docker-library/postgres/pull/289
mkdir -p /var/run/postgresql || :
- chmod 775 /var/run/postgresql || :
+ chmod 03775 /var/run/postgresql || :
# Create the transaction log directory before initdb is run so the directory is owned by the correct user
if [ -n "${POSTGRES_INITDB_WALDIR:-}" ]; then
diff --git a/15/bullseye/docker-entrypoint.sh b/15/bullseye/docker-entrypoint.sh
index 749445d218..0ae0ecf8c2 100755
--- a/15/bullseye/docker-entrypoint.sh
+++ b/15/bullseye/docker-entrypoint.sh
@@ -38,11 +38,11 @@ docker_create_db_directories() {
mkdir -p "$PGDATA"
# ignore failure since there are cases where we can't chmod (and PostgreSQL might fail later anyhow - it's picky about permissions of this directory)
- chmod 700 "$PGDATA" || :
+ chmod 00700 "$PGDATA" || :
# ignore failure since it will be fine when using the image provided directory; see also https://github.com/docker-library/postgres/pull/289
mkdir -p /var/run/postgresql || :
- chmod 775 /var/run/postgresql || :
+ chmod 03775 /var/run/postgresql || :
# Create the transaction log directory before initdb is run so the directory is owned by the correct user
if [ -n "${POSTGRES_INITDB_WALDIR:-}" ]; then
diff --git a/Dockerfile-alpine.template b/Dockerfile-alpine.template
index 84769baef9..57807bc851 100644
--- a/Dockerfile-alpine.template
+++ b/Dockerfile-alpine.template
@@ -161,11 +161,11 @@ RUN set -eux; \
sed -ri "s!^#?(listen_addresses)\s*=\s*\S+.*!\1 = '*'!" /usr/local/share/postgresql/postgresql.conf.sample; \
grep -F "listen_addresses = '*'" /usr/local/share/postgresql/postgresql.conf.sample
-RUN mkdir -p /var/run/postgresql && chown -R postgres:postgres /var/run/postgresql && chmod 2777 /var/run/postgresql
+RUN mkdir -p /var/run/postgresql && chown -R postgres:postgres /var/run/postgresql && chmod 3777 /var/run/postgresql
ENV PGDATA /var/lib/postgresql/data
# this 777 will be replaced by 700 at runtime (allows semi-arbitrary "--user" values)
-RUN mkdir -p "$PGDATA" && chown -R postgres:postgres "$PGDATA" && chmod 777 "$PGDATA"
+RUN mkdir -p "$PGDATA" && chown -R postgres:postgres "$PGDATA" && chmod 1777 "$PGDATA"
VOLUME /var/lib/postgresql/data
COPY docker-entrypoint.sh /usr/local/bin/
diff --git a/docker-entrypoint.sh b/docker-entrypoint.sh
index 749445d218..0ae0ecf8c2 100755
--- a/docker-entrypoint.sh
+++ b/docker-entrypoint.sh
@@ -38,11 +38,11 @@ docker_create_db_directories() {
mkdir -p "$PGDATA"
# ignore failure since there are cases where we can't chmod (and PostgreSQL might fail later anyhow - it's picky about permissions of this directory)
- chmod 700 "$PGDATA" || :
+ chmod 00700 "$PGDATA" || :
# ignore failure since it will be fine when using the image provided directory; see also https://github.com/docker-library/postgres/pull/289
mkdir -p /var/run/postgresql || :
- chmod 775 /var/run/postgresql || :
+ chmod 03775 /var/run/postgresql || :
# Create the transaction log directory before initdb is run so the directory is owned by the correct user
if [ -n "${POSTGRES_INITDB_WALDIR:-}" ]; then
From 9b2559be2f13d24554516da5217950b2d41c447b Mon Sep 17 00:00:00 2001
From: Docker Library Bot <doi+docker-library-bot@docker.com>
Date: Mon, 24 Apr 2023 17:04:38 -0700
Subject: [PATCH 002/115] Update 11
---
11/bullseye/Dockerfile | 2 +-
versions.json | 3 ++-
2 files changed, 3 insertions(+), 2 deletions(-)
diff --git a/11/bullseye/Dockerfile b/11/bullseye/Dockerfile
index 53fe1d791d..dc21b05058 100644
--- a/11/bullseye/Dockerfile
+++ b/11/bullseye/Dockerfile
@@ -97,7 +97,7 @@ RUN set -ex; \
dpkgArch="$(dpkg --print-architecture)"; \
aptRepo="[ signed-by=/usr/local/share/keyrings/postgres.gpg.asc ] http://apt.postgresql.org/pub/repos/apt/ bullseye-pgdg main $PG_MAJOR"; \
case "$dpkgArch" in \
- amd64 | arm64 | ppc64el) \
+ amd64 | arm64 | ppc64el | s390x) \
# arches officialy built by upstream
echo "deb $aptRepo" > /etc/apt/sources.list.d/pgdg.list; \
apt-get update; \
diff --git a/versions.json b/versions.json
index d214443618..fa4916cb86 100644
--- a/versions.json
+++ b/versions.json
@@ -5,7 +5,8 @@
"arches": [
"amd64",
"arm64",
- "ppc64el"
+ "ppc64el",
+ "s390x"
],
"version": "11.19-1.pgdg110+1"
},
From dd68d91377a3631b36a23f2e4795f6189db4ba12 Mon Sep 17 00:00:00 2001
From: Tianon Gravi <admwiggin@gmail.com>
Date: Fri, 28 Apr 2023 15:09:00 -0700
Subject: [PATCH 003/115] Remove explicit `dirmngr` reference
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
This is pulled in automatically via `gnupg`, and moved from `Recommends` to `Depends` in https://salsa.debian.org/debian/gnupg2/-/commit/99474ad900a8bcdd0e7b68f986fec0013fc01470, which has been part of `src:gnupg2` since 2.1.21-4 (and every supported version of both Debian _and_ Ubuntu have 2.2.x 😇).
---
11/bullseye/Dockerfile | 19 ++++++++-----------
12/bullseye/Dockerfile | 19 ++++++++-----------
13/bullseye/Dockerfile | 19 ++++++++-----------
14/bullseye/Dockerfile | 19 ++++++++-----------
15/bullseye/Dockerfile | 19 ++++++++-----------
Dockerfile-debian.template | 19 ++++++++-----------
6 files changed, 48 insertions(+), 66 deletions(-)
diff --git a/11/bullseye/Dockerfile b/11/bullseye/Dockerfile
index dc21b05058..9249ab20dc 100644
--- a/11/bullseye/Dockerfile
+++ b/11/bullseye/Dockerfile
@@ -6,16 +6,6 @@
FROM debian:bullseye-slim
-RUN set -ex; \
- if ! command -v gpg > /dev/null; then \
- apt-get update; \
- apt-get install -y --no-install-recommends \
- gnupg \
- dirmngr \
- ; \
- rm -rf /var/lib/apt/lists/*; \
- fi
-
# explicitly set user/group IDs
RUN set -eux; \
groupadd -r postgres --gid=999; \
@@ -26,6 +16,13 @@ RUN set -eux; \
mkdir -p /var/lib/postgresql; \
chown -R postgres:postgres /var/lib/postgresql
+RUN set -ex; \
+ apt-get update; \
+ apt-get install -y --no-install-recommends \
+ gnupg \
+ ; \
+ rm -rf /var/lib/apt/lists/*
+
# grab gosu for easy step-down from root
# https://github.com/tianon/gosu/releases
ENV GOSU_VERSION 1.16
@@ -81,7 +78,7 @@ RUN set -ex; \
mkdir -p /usr/local/share/keyrings/; \
gpg --batch --keyserver keyserver.ubuntu.com --recv-keys "$key"; \
gpg --batch --export --armor "$key" > /usr/local/share/keyrings/postgres.gpg.asc; \
- command -v gpgconf > /dev/null && gpgconf --kill all; \
+ gpgconf --kill all; \
rm -rf "$GNUPGHOME"
ENV PG_MAJOR 11
diff --git a/12/bullseye/Dockerfile b/12/bullseye/Dockerfile
index 41d75da7a6..28efe8845b 100644
--- a/12/bullseye/Dockerfile
+++ b/12/bullseye/Dockerfile
@@ -6,16 +6,6 @@
FROM debian:bullseye-slim
-RUN set -ex; \
- if ! command -v gpg > /dev/null; then \
- apt-get update; \
- apt-get install -y --no-install-recommends \
- gnupg \
- dirmngr \
- ; \
- rm -rf /var/lib/apt/lists/*; \
- fi
-
# explicitly set user/group IDs
RUN set -eux; \
groupadd -r postgres --gid=999; \
@@ -26,6 +16,13 @@ RUN set -eux; \
mkdir -p /var/lib/postgresql; \
chown -R postgres:postgres /var/lib/postgresql
+RUN set -ex; \
+ apt-get update; \
+ apt-get install -y --no-install-recommends \
+ gnupg \
+ ; \
+ rm -rf /var/lib/apt/lists/*
+
# grab gosu for easy step-down from root
# https://github.com/tianon/gosu/releases
ENV GOSU_VERSION 1.16
@@ -81,7 +78,7 @@ RUN set -ex; \
mkdir -p /usr/local/share/keyrings/; \
gpg --batch --keyserver keyserver.ubuntu.com --recv-keys "$key"; \
gpg --batch --export --armor "$key" > /usr/local/share/keyrings/postgres.gpg.asc; \
- command -v gpgconf > /dev/null && gpgconf --kill all; \
+ gpgconf --kill all; \
rm -rf "$GNUPGHOME"
ENV PG_MAJOR 12
diff --git a/13/bullseye/Dockerfile b/13/bullseye/Dockerfile
index 733f6dde47..2ebe3b3ad8 100644
--- a/13/bullseye/Dockerfile
+++ b/13/bullseye/Dockerfile
@@ -6,16 +6,6 @@
FROM debian:bullseye-slim
-RUN set -ex; \
- if ! command -v gpg > /dev/null; then \
- apt-get update; \
- apt-get install -y --no-install-recommends \
- gnupg \
- dirmngr \
- ; \
- rm -rf /var/lib/apt/lists/*; \
- fi
-
# explicitly set user/group IDs
RUN set -eux; \
groupadd -r postgres --gid=999; \
@@ -26,6 +16,13 @@ RUN set -eux; \
mkdir -p /var/lib/postgresql; \
chown -R postgres:postgres /var/lib/postgresql
+RUN set -ex; \
+ apt-get update; \
+ apt-get install -y --no-install-recommends \
+ gnupg \
+ ; \
+ rm -rf /var/lib/apt/lists/*
+
# grab gosu for easy step-down from root
# https://github.com/tianon/gosu/releases
ENV GOSU_VERSION 1.16
@@ -81,7 +78,7 @@ RUN set -ex; \
mkdir -p /usr/local/share/keyrings/; \
gpg --batch --keyserver keyserver.ubuntu.com --recv-keys "$key"; \
gpg --batch --export --armor "$key" > /usr/local/share/keyrings/postgres.gpg.asc; \
- command -v gpgconf > /dev/null && gpgconf --kill all; \
+ gpgconf --kill all; \
rm -rf "$GNUPGHOME"
ENV PG_MAJOR 13
diff --git a/14/bullseye/Dockerfile b/14/bullseye/Dockerfile
index 5bfaee23c0..81dc615de1 100644
--- a/14/bullseye/Dockerfile
+++ b/14/bullseye/Dockerfile
@@ -6,16 +6,6 @@
FROM debian:bullseye-slim
-RUN set -ex; \
- if ! command -v gpg > /dev/null; then \
- apt-get update; \
- apt-get install -y --no-install-recommends \
- gnupg \
- dirmngr \
- ; \
- rm -rf /var/lib/apt/lists/*; \
- fi
-
# explicitly set user/group IDs
RUN set -eux; \
groupadd -r postgres --gid=999; \
@@ -26,6 +16,13 @@ RUN set -eux; \
mkdir -p /var/lib/postgresql; \
chown -R postgres:postgres /var/lib/postgresql
+RUN set -ex; \
+ apt-get update; \
+ apt-get install -y --no-install-recommends \
+ gnupg \
+ ; \
+ rm -rf /var/lib/apt/lists/*
+
# grab gosu for easy step-down from root
# https://github.com/tianon/gosu/releases
ENV GOSU_VERSION 1.16
@@ -81,7 +78,7 @@ RUN set -ex; \
mkdir -p /usr/local/share/keyrings/; \
gpg --batch --keyserver keyserver.ubuntu.com --recv-keys "$key"; \
gpg --batch --export --armor "$key" > /usr/local/share/keyrings/postgres.gpg.asc; \
- command -v gpgconf > /dev/null && gpgconf --kill all; \
+ gpgconf --kill all; \
rm -rf "$GNUPGHOME"
ENV PG_MAJOR 14
diff --git a/15/bullseye/Dockerfile b/15/bullseye/Dockerfile
index a9480e325c..125077db9b 100644
--- a/15/bullseye/Dockerfile
+++ b/15/bullseye/Dockerfile
@@ -6,16 +6,6 @@
FROM debian:bullseye-slim
-RUN set -ex; \
- if ! command -v gpg > /dev/null; then \
- apt-get update; \
- apt-get install -y --no-install-recommends \
- gnupg \
- dirmngr \
- ; \
- rm -rf /var/lib/apt/lists/*; \
- fi
-
# explicitly set user/group IDs
RUN set -eux; \
groupadd -r postgres --gid=999; \
@@ -26,6 +16,13 @@ RUN set -eux; \
mkdir -p /var/lib/postgresql; \
chown -R postgres:postgres /var/lib/postgresql
+RUN set -ex; \
+ apt-get update; \
+ apt-get install -y --no-install-recommends \
+ gnupg \
+ ; \
+ rm -rf /var/lib/apt/lists/*
+
# grab gosu for easy step-down from root
# https://github.com/tianon/gosu/releases
ENV GOSU_VERSION 1.16
@@ -81,7 +78,7 @@ RUN set -ex; \
mkdir -p /usr/local/share/keyrings/; \
gpg --batch --keyserver keyserver.ubuntu.com --recv-keys "$key"; \
gpg --batch --export --armor "$key" > /usr/local/share/keyrings/postgres.gpg.asc; \
- command -v gpgconf > /dev/null && gpgconf --kill all; \
+ gpgconf --kill all; \
rm -rf "$GNUPGHOME"
ENV PG_MAJOR 15
diff --git a/Dockerfile-debian.template b/Dockerfile-debian.template
index 49b412d55e..dc301a7d13 100644
--- a/Dockerfile-debian.template
+++ b/Dockerfile-debian.template
@@ -1,15 +1,5 @@
FROM debian:{{ env.variant }}-slim
-RUN set -ex; \
- if ! command -v gpg > /dev/null; then \
- apt-get update; \
- apt-get install -y --no-install-recommends \
- gnupg \
- dirmngr \
- ; \
- rm -rf /var/lib/apt/lists/*; \
- fi
-
# explicitly set user/group IDs
RUN set -eux; \
groupadd -r postgres --gid=999; \
@@ -20,6 +10,13 @@ RUN set -eux; \
mkdir -p /var/lib/postgresql; \
chown -R postgres:postgres /var/lib/postgresql
+RUN set -ex; \
+ apt-get update; \
+ apt-get install -y --no-install-recommends \
+ gnupg \
+ ; \
+ rm -rf /var/lib/apt/lists/*
+
# grab gosu for easy step-down from root
# https://github.com/tianon/gosu/releases
ENV GOSU_VERSION 1.16
@@ -75,7 +72,7 @@ RUN set -ex; \
mkdir -p /usr/local/share/keyrings/; \
gpg --batch --keyserver keyserver.ubuntu.com --recv-keys "$key"; \
gpg --batch --export --armor "$key" > /usr/local/share/keyrings/postgres.gpg.asc; \
- command -v gpgconf > /dev/null && gpgconf --kill all; \
+ gpgconf --kill all; \
rm -rf "$GNUPGHOME"
ENV PG_MAJOR {{ env.version }}
From 6efe206eaa4fe9a77d7abc7a4b72415bf80ae39b Mon Sep 17 00:00:00 2001
From: J0WI <J0WI@users.noreply.github.com>
Date: Wed, 10 May 2023 19:56:30 +0200
Subject: [PATCH 004/115] Alpine 3.18
---
11/alpine/Dockerfile | 2 +-
12/alpine/Dockerfile | 2 +-
13/alpine/Dockerfile | 2 +-
14/alpine/Dockerfile | 2 +-
15/alpine/Dockerfile | 2 +-
versions.json | 10 +++++-----
versions.sh | 2 +-
7 files changed, 11 insertions(+), 11 deletions(-)
diff --git a/11/alpine/Dockerfile b/11/alpine/Dockerfile
index 51c03ad1ed..ac5df059f1 100644
--- a/11/alpine/Dockerfile
+++ b/11/alpine/Dockerfile
@@ -4,7 +4,7 @@
# PLEASE DO NOT EDIT IT DIRECTLY.
#
-FROM alpine:3.17
+FROM alpine:3.18
# 70 is the standard uid/gid for "postgres" in Alpine
# https://git.alpinelinux.org/aports/tree/main/postgresql/postgresql.pre-install?h=3.12-stable
diff --git a/12/alpine/Dockerfile b/12/alpine/Dockerfile
index a96a546e71..29acb91143 100644
--- a/12/alpine/Dockerfile
+++ b/12/alpine/Dockerfile
@@ -4,7 +4,7 @@
# PLEASE DO NOT EDIT IT DIRECTLY.
#
-FROM alpine:3.17
+FROM alpine:3.18
# 70 is the standard uid/gid for "postgres" in Alpine
# https://git.alpinelinux.org/aports/tree/main/postgresql/postgresql.pre-install?h=3.12-stable
diff --git a/13/alpine/Dockerfile b/13/alpine/Dockerfile
index 4cd84cdc74..9384b01ddc 100644
--- a/13/alpine/Dockerfile
+++ b/13/alpine/Dockerfile
@@ -4,7 +4,7 @@
# PLEASE DO NOT EDIT IT DIRECTLY.
#
-FROM alpine:3.17
+FROM alpine:3.18
# 70 is the standard uid/gid for "postgres" in Alpine
# https://git.alpinelinux.org/aports/tree/main/postgresql/postgresql.pre-install?h=3.12-stable
diff --git a/14/alpine/Dockerfile b/14/alpine/Dockerfile
index 532ff95e2b..974f1bc864 100644
--- a/14/alpine/Dockerfile
+++ b/14/alpine/Dockerfile
@@ -4,7 +4,7 @@
# PLEASE DO NOT EDIT IT DIRECTLY.
#
-FROM alpine:3.17
+FROM alpine:3.18
# 70 is the standard uid/gid for "postgres" in Alpine
# https://git.alpinelinux.org/aports/tree/main/postgresql/postgresql.pre-install?h=3.12-stable
diff --git a/15/alpine/Dockerfile b/15/alpine/Dockerfile
index 90b2988f4e..959048fcc4 100644
--- a/15/alpine/Dockerfile
+++ b/15/alpine/Dockerfile
@@ -4,7 +4,7 @@
# PLEASE DO NOT EDIT IT DIRECTLY.
#
-FROM alpine:3.17
+FROM alpine:3.18
# 70 is the standard uid/gid for "postgres" in Alpine
# https://git.alpinelinux.org/aports/tree/main/postgresql/postgresql.pre-install?h=3.12-stable
diff --git a/versions.json b/versions.json
index fa4916cb86..62b523751e 100644
--- a/versions.json
+++ b/versions.json
@@ -1,6 +1,6 @@
{
"11": {
- "alpine": "3.17",
+ "alpine": "3.18",
"bullseye": {
"arches": [
"amd64",
@@ -19,7 +19,7 @@
"version": "11.19"
},
"12": {
- "alpine": "3.17",
+ "alpine": "3.18",
"bullseye": {
"arches": [
"amd64",
@@ -37,7 +37,7 @@
"version": "12.14"
},
"13": {
- "alpine": "3.17",
+ "alpine": "3.18",
"bullseye": {
"arches": [
"amd64",
@@ -55,7 +55,7 @@
"version": "13.10"
},
"14": {
- "alpine": "3.17",
+ "alpine": "3.18",
"bullseye": {
"arches": [
"amd64",
@@ -73,7 +73,7 @@
"version": "14.7"
},
"15": {
- "alpine": "3.17",
+ "alpine": "3.18",
"bullseye": {
"arches": [
"amd64",
diff --git a/versions.sh b/versions.sh
index e0bead30d2..ff29867cfb 100755
--- a/versions.sh
+++ b/versions.sh
@@ -9,7 +9,7 @@ declare -A debianSuites=(
allDebianSuites=(
bullseye
)
-defaultAlpineVersion='3.17'
+defaultAlpineVersion='3.18'
declare -A alpineVersions=(
#[14]='3.16'
)
From ee629b1e31754d3aeed529a1a3610ac180f20e0b Mon Sep 17 00:00:00 2001
From: Docker Library Bot <doi+docker-library-bot@docker.com>
Date: Thu, 11 May 2023 11:02:16 -0700
Subject: [PATCH 005/115] Update 11 to 11.20, bullseye 11.20-1.pgdg110+1
---
11/alpine/Dockerfile | 4 ++--
11/bullseye/Dockerfile | 2 +-
versions.json | 6 +++---
3 files changed, 6 insertions(+), 6 deletions(-)
diff --git a/11/alpine/Dockerfile b/11/alpine/Dockerfile
index ac5df059f1..94dc99cd7e 100644
--- a/11/alpine/Dockerfile
+++ b/11/alpine/Dockerfile
@@ -23,8 +23,8 @@ ENV LANG en_US.utf8
RUN mkdir /docker-entrypoint-initdb.d
ENV PG_MAJOR 11
-ENV PG_VERSION 11.19
-ENV PG_SHA256 13109e2b71f1139405c27201da3733a61ace72ee1c228d9c9f0320e06aee14c2
+ENV PG_VERSION 11.20
+ENV PG_SHA256 3d7c8882f64a7e98534a044257dfee7abad77a5b7da12508d85d722b98b5acce
RUN set -eux; \
\
diff --git a/11/bullseye/Dockerfile b/11/bullseye/Dockerfile
index 9249ab20dc..017d2155f4 100644
--- a/11/bullseye/Dockerfile
+++ b/11/bullseye/Dockerfile
@@ -84,7 +84,7 @@ RUN set -ex; \
ENV PG_MAJOR 11
ENV PATH $PATH:/usr/lib/postgresql/$PG_MAJOR/bin
-ENV PG_VERSION 11.19-1.pgdg110+1
+ENV PG_VERSION 11.20-1.pgdg110+1
RUN set -ex; \
\
diff --git a/versions.json b/versions.json
index 62b523751e..20c5a22534 100644
--- a/versions.json
+++ b/versions.json
@@ -8,15 +8,15 @@
"ppc64el",
"s390x"
],
- "version": "11.19-1.pgdg110+1"
+ "version": "11.20-1.pgdg110+1"
},
"debian": "",
"debianSuites": [
"bullseye"
],
"major": 11,
- "sha256": "13109e2b71f1139405c27201da3733a61ace72ee1c228d9c9f0320e06aee14c2",
- "version": "11.19"
+ "sha256": "3d7c8882f64a7e98534a044257dfee7abad77a5b7da12508d85d722b98b5acce",
+ "version": "11.20"
},
"12": {
"alpine": "3.18",
From d681c1da2faebccc790fffd3e71514548b458d50 Mon Sep 17 00:00:00 2001
From: Docker Library Bot <doi+docker-library-bot@docker.com>
Date: Thu, 11 May 2023 11:08:18 -0700
Subject: [PATCH 006/115] Update 12 to 12.15, bullseye 12.15-1.pgdg110+1
---
12/alpine/Dockerfile | 4 ++--
12/bullseye/Dockerfile | 4 ++--
versions.json | 9 +++++----
3 files changed, 9 insertions(+), 8 deletions(-)
diff --git a/12/alpine/Dockerfile b/12/alpine/Dockerfile
index 29acb91143..110257f91f 100644
--- a/12/alpine/Dockerfile
+++ b/12/alpine/Dockerfile
@@ -23,8 +23,8 @@ ENV LANG en_US.utf8
RUN mkdir /docker-entrypoint-initdb.d
ENV PG_MAJOR 12
-ENV PG_VERSION 12.14
-ENV PG_SHA256 785610237d382c842d356e347138e58c06ffeae240e6cc0b52ac5ebcc30d043e
+ENV PG_VERSION 12.15
+ENV PG_SHA256 bb5206e2864c1c4579938b96ea6096d155f22abf2d2cc2aa57571e3c4cb12b36
RUN set -eux; \
\
diff --git a/12/bullseye/Dockerfile b/12/bullseye/Dockerfile
index 28efe8845b..dd41897d86 100644
--- a/12/bullseye/Dockerfile
+++ b/12/bullseye/Dockerfile
@@ -84,7 +84,7 @@ RUN set -ex; \
ENV PG_MAJOR 12
ENV PATH $PATH:/usr/lib/postgresql/$PG_MAJOR/bin
-ENV PG_VERSION 12.14-1.pgdg110+1
+ENV PG_VERSION 12.15-1.pgdg110+1
RUN set -ex; \
\
@@ -94,7 +94,7 @@ RUN set -ex; \
dpkgArch="$(dpkg --print-architecture)"; \
aptRepo="[ signed-by=/usr/local/share/keyrings/postgres.gpg.asc ] http://apt.postgresql.org/pub/repos/apt/ bullseye-pgdg main $PG_MAJOR"; \
case "$dpkgArch" in \
- amd64 | arm64 | ppc64el) \
+ amd64 | arm64 | ppc64el | s390x) \
# arches officialy built by upstream
echo "deb $aptRepo" > /etc/apt/sources.list.d/pgdg.list; \
apt-get update; \
diff --git a/versions.json b/versions.json
index 20c5a22534..056956cb11 100644
--- a/versions.json
+++ b/versions.json
@@ -24,17 +24,18 @@
"arches": [
"amd64",
"arm64",
- "ppc64el"
+ "ppc64el",
+ "s390x"
],
- "version": "12.14-1.pgdg110+1"
+ "version": "12.15-1.pgdg110+1"
},
"debian": "bullseye",
"debianSuites": [
"bullseye"
],
"major": 12,
- "sha256": "785610237d382c842d356e347138e58c06ffeae240e6cc0b52ac5ebcc30d043e",
- "version": "12.14"
+ "sha256": "bb5206e2864c1c4579938b96ea6096d155f22abf2d2cc2aa57571e3c4cb12b36",
+ "version": "12.15"
},
"13": {
"alpine": "3.18",
From 43d17d5ced92f230fa8c196e746f2e2aa288e5e8 Mon Sep 17 00:00:00 2001
From: Docker Library Bot <doi+docker-library-bot@docker.com>
Date: Thu, 11 May 2023 11:13:14 -0700
Subject: [PATCH 007/115] Update 13 to 13.11, bullseye 13.11-1.pgdg110+1
---
13/alpine/Dockerfile | 4 ++--
13/bullseye/Dockerfile | 4 ++--
versions.json | 9 +++++----
3 files changed, 9 insertions(+), 8 deletions(-)
diff --git a/13/alpine/Dockerfile b/13/alpine/Dockerfile
index 9384b01ddc..c8d8063edf 100644
--- a/13/alpine/Dockerfile
+++ b/13/alpine/Dockerfile
@@ -23,8 +23,8 @@ ENV LANG en_US.utf8
RUN mkdir /docker-entrypoint-initdb.d
ENV PG_MAJOR 13
-ENV PG_VERSION 13.10
-ENV PG_SHA256 5bbcf5a56d85c44f3a8b058fb46862ff49cbc91834d07e295d02e6de3c216df2
+ENV PG_VERSION 13.11
+ENV PG_SHA256 4992ff647203566b670d4e54dc5317499a26856c93576d0ea951bdf6bee50bfb
RUN set -eux; \
\
diff --git a/13/bullseye/Dockerfile b/13/bullseye/Dockerfile
index 2ebe3b3ad8..86b4109bdc 100644
--- a/13/bullseye/Dockerfile
+++ b/13/bullseye/Dockerfile
@@ -84,7 +84,7 @@ RUN set -ex; \
ENV PG_MAJOR 13
ENV PATH $PATH:/usr/lib/postgresql/$PG_MAJOR/bin
-ENV PG_VERSION 13.10-1.pgdg110+1
+ENV PG_VERSION 13.11-1.pgdg110+1
RUN set -ex; \
\
@@ -94,7 +94,7 @@ RUN set -ex; \
dpkgArch="$(dpkg --print-architecture)"; \
aptRepo="[ signed-by=/usr/local/share/keyrings/postgres.gpg.asc ] http://apt.postgresql.org/pub/repos/apt/ bullseye-pgdg main $PG_MAJOR"; \
case "$dpkgArch" in \
- amd64 | arm64 | ppc64el) \
+ amd64 | arm64 | ppc64el | s390x) \
# arches officialy built by upstream
echo "deb $aptRepo" > /etc/apt/sources.list.d/pgdg.list; \
apt-get update; \
diff --git a/versions.json b/versions.json
index 056956cb11..4adb710048 100644
--- a/versions.json
+++ b/versions.json
@@ -43,17 +43,18 @@
"arches": [
"amd64",
"arm64",
- "ppc64el"
+ "ppc64el",
+ "s390x"
],
- "version": "13.10-1.pgdg110+1"
+ "version": "13.11-1.pgdg110+1"
},
"debian": "bullseye",
"debianSuites": [
"bullseye"
],
"major": 13,
- "sha256": "5bbcf5a56d85c44f3a8b058fb46862ff49cbc91834d07e295d02e6de3c216df2",
- "version": "13.10"
+ "sha256": "4992ff647203566b670d4e54dc5317499a26856c93576d0ea951bdf6bee50bfb",
+ "version": "13.11"
},
"14": {
"alpine": "3.18",
From 8ff11cd5ae43e73fd84d0b2bc8aa88537fe18649 Mon Sep 17 00:00:00 2001
From: Docker Library Bot <doi+docker-library-bot@docker.com>
Date: Thu, 11 May 2023 11:18:26 -0700
Subject: [PATCH 008/115] Update 14 to 14.8, bullseye 14.8-1.pgdg110+1
---
14/alpine/Dockerfile | 4 ++--
14/bullseye/Dockerfile | 4 ++--
versions.json | 9 +++++----
3 files changed, 9 insertions(+), 8 deletions(-)
diff --git a/14/alpine/Dockerfile b/14/alpine/Dockerfile
index 974f1bc864..0d0dd7f3aa 100644
--- a/14/alpine/Dockerfile
+++ b/14/alpine/Dockerfile
@@ -23,8 +23,8 @@ ENV LANG en_US.utf8
RUN mkdir /docker-entrypoint-initdb.d
ENV PG_MAJOR 14
-ENV PG_VERSION 14.7
-ENV PG_SHA256 cef60f0098fa8101c1546f4254e45b722af5431337945b37af207007630db331
+ENV PG_VERSION 14.8
+ENV PG_SHA256 39d38f0030737ed03835debeefee3b37d335462ce4995e2497bc38d621ebe45a
RUN set -eux; \
\
diff --git a/14/bullseye/Dockerfile b/14/bullseye/Dockerfile
index 81dc615de1..7ceffde11b 100644
--- a/14/bullseye/Dockerfile
+++ b/14/bullseye/Dockerfile
@@ -84,7 +84,7 @@ RUN set -ex; \
ENV PG_MAJOR 14
ENV PATH $PATH:/usr/lib/postgresql/$PG_MAJOR/bin
-ENV PG_VERSION 14.7-1.pgdg110+1
+ENV PG_VERSION 14.8-1.pgdg110+1
RUN set -ex; \
\
@@ -94,7 +94,7 @@ RUN set -ex; \
dpkgArch="$(dpkg --print-architecture)"; \
aptRepo="[ signed-by=/usr/local/share/keyrings/postgres.gpg.asc ] http://apt.postgresql.org/pub/repos/apt/ bullseye-pgdg main $PG_MAJOR"; \
case "$dpkgArch" in \
- amd64 | arm64 | ppc64el) \
+ amd64 | arm64 | ppc64el | s390x) \
# arches officialy built by upstream
echo "deb $aptRepo" > /etc/apt/sources.list.d/pgdg.list; \
apt-get update; \
diff --git a/versions.json b/versions.json
index 4adb710048..a9d838c63d 100644
--- a/versions.json
+++ b/versions.json
@@ -62,17 +62,18 @@
"arches": [
"amd64",
"arm64",
- "ppc64el"
+ "ppc64el",
+ "s390x"
],
- "version": "14.7-1.pgdg110+1"
+ "version": "14.8-1.pgdg110+1"
},
"debian": "bullseye",
"debianSuites": [
"bullseye"
],
"major": 14,
- "sha256": "cef60f0098fa8101c1546f4254e45b722af5431337945b37af207007630db331",
- "version": "14.7"
+ "sha256": "39d38f0030737ed03835debeefee3b37d335462ce4995e2497bc38d621ebe45a",
+ "version": "14.8"
},
"15": {
"alpine": "3.18",
From a23c0e97980edae5be2cd4eb68ff1f0762d031cd Mon Sep 17 00:00:00 2001
From: Docker Library Bot <doi+docker-library-bot@docker.com>
Date: Thu, 11 May 2023 11:23:40 -0700
Subject: [PATCH 009/115] Update 15 to 15.3, bullseye 15.3-1.pgdg110+1
---
15/alpine/Dockerfile | 4 ++--
15/bullseye/Dockerfile | 4 ++--
versions.json | 9 +++++----
3 files changed, 9 insertions(+), 8 deletions(-)
diff --git a/15/alpine/Dockerfile b/15/alpine/Dockerfile
index 959048fcc4..eaa64bc7ae 100644
--- a/15/alpine/Dockerfile
+++ b/15/alpine/Dockerfile
@@ -23,8 +23,8 @@ ENV LANG en_US.utf8
RUN mkdir /docker-entrypoint-initdb.d
ENV PG_MAJOR 15
-ENV PG_VERSION 15.2
-ENV PG_SHA256 99a2171fc3d6b5b5f56b757a7a3cb85d509a38e4273805def23941ed2b8468c7
+ENV PG_VERSION 15.3
+ENV PG_SHA256 ffc7d4891f00ffbf5c3f4eab7fbbced8460b8c0ee63c5a5167133b9e6599d932
RUN set -eux; \
\
diff --git a/15/bullseye/Dockerfile b/15/bullseye/Dockerfile
index 125077db9b..3a1ef4eefa 100644
--- a/15/bullseye/Dockerfile
+++ b/15/bullseye/Dockerfile
@@ -84,7 +84,7 @@ RUN set -ex; \
ENV PG_MAJOR 15
ENV PATH $PATH:/usr/lib/postgresql/$PG_MAJOR/bin
-ENV PG_VERSION 15.2-1.pgdg110+1
+ENV PG_VERSION 15.3-1.pgdg110+1
RUN set -ex; \
\
@@ -94,7 +94,7 @@ RUN set -ex; \
dpkgArch="$(dpkg --print-architecture)"; \
aptRepo="[ signed-by=/usr/local/share/keyrings/postgres.gpg.asc ] http://apt.postgresql.org/pub/repos/apt/ bullseye-pgdg main $PG_MAJOR"; \
case "$dpkgArch" in \
- amd64 | arm64 | ppc64el) \
+ amd64 | arm64 | ppc64el | s390x) \
# arches officialy built by upstream
echo "deb $aptRepo" > /etc/apt/sources.list.d/pgdg.list; \
apt-get update; \
diff --git a/versions.json b/versions.json
index a9d838c63d..0125a3470e 100644
--- a/versions.json
+++ b/versions.json
@@ -81,16 +81,17 @@
"arches": [
"amd64",
"arm64",
- "ppc64el"
+ "ppc64el",
+ "s390x"
],
- "version": "15.2-1.pgdg110+1"
+ "version": "15.3-1.pgdg110+1"
},
"debian": "bullseye",
"debianSuites": [
"bullseye"
],
"major": 15,
- "sha256": "99a2171fc3d6b5b5f56b757a7a3cb85d509a38e4273805def23941ed2b8468c7",
- "version": "15.2"
+ "sha256": "ffc7d4891f00ffbf5c3f4eab7fbbced8460b8c0ee63c5a5167133b9e6599d932",
+ "version": "15.3"
}
}
From 1c1e4ffa71909489fe7bf5ca0d8a775fcd28d9da Mon Sep 17 00:00:00 2001
From: Tianon Gravi <admwiggin@gmail.com>
Date: Fri, 12 May 2023 13:57:19 -0700
Subject: [PATCH 010/115] Add the ability for us to manually trigger GitHub
tests
---
.github/workflows/ci.yml | 1 +
.github/workflows/verify-templating.yml | 1 +
2 files changed, 2 insertions(+)
diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
index 7bc4fdff0b..d898fd2763 100644
--- a/.github/workflows/ci.yml
+++ b/.github/workflows/ci.yml
@@ -5,6 +5,7 @@ on:
push:
schedule:
- cron: 0 0 * * 0
+ workflow_dispatch:
defaults:
run:
diff --git a/.github/workflows/verify-templating.yml b/.github/workflows/verify-templating.yml
index 14497bec68..1631af9935 100644
--- a/.github/workflows/verify-templating.yml
+++ b/.github/workflows/verify-templating.yml
@@ -3,6 +3,7 @@ name: Verify Templating
on:
pull_request:
push:
+ workflow_dispatch:
defaults:
run:
From a3b0bb68faed03c6edd3978b8dd34ca67881f7c7 Mon Sep 17 00:00:00 2001
From: Joseph Ferguson <yosifkit@gmail.com>
Date: Fri, 12 May 2023 11:54:42 -0700
Subject: [PATCH 011/115] Downgrade llvm to 15 to fix jit support
---
11/alpine/Dockerfile | 13 ++++++++++++-
12/alpine/Dockerfile | 13 ++++++++++++-
13/alpine/Dockerfile | 13 ++++++++++++-
14/alpine/Dockerfile | 13 ++++++++++++-
15/alpine/Dockerfile | 13 ++++++++++++-
Dockerfile-alpine.template | 21 +++++++++++++--------
Dockerfile-debian.template | 3 ---
7 files changed, 73 insertions(+), 16 deletions(-)
diff --git a/11/alpine/Dockerfile b/11/alpine/Dockerfile
index 94dc99cd7e..6dad831545 100644
--- a/11/alpine/Dockerfile
+++ b/11/alpine/Dockerfile
@@ -26,6 +26,10 @@ ENV PG_MAJOR 11
ENV PG_VERSION 11.20
ENV PG_SHA256 3d7c8882f64a7e98534a044257dfee7abad77a5b7da12508d85d722b98b5acce
+ENV DOCKER_PG_LLVM_DEPS \
+ llvm15-dev \
+ clang15
+
RUN set -eux; \
\
wget -O postgresql.tar.bz2 "https://ftp.postgresql.org/pub/source/v$PG_VERSION/postgresql-$PG_VERSION.tar.bz2"; \
@@ -40,10 +44,12 @@ RUN set -eux; \
rm postgresql.tar.bz2; \
\
apk add --no-cache --virtual .build-deps \
+ $DOCKER_PG_LLVM_DEPS \
bison \
coreutils \
dpkg-dev dpkg \
flex \
+ g++ \
gcc \
krb5-dev \
libc-dev \
@@ -51,7 +57,6 @@ RUN set -eux; \
libxml2-dev \
libxslt-dev \
linux-headers \
- llvm-dev clang g++ \
make \
openldap-dev \
openssl-dev \
@@ -76,6 +81,12 @@ RUN set -eux; \
# explicitly update autoconf config.guess and config.sub so they support more arches/libcs
wget -O config/config.guess 'https://git.savannah.gnu.org/cgit/config.git/plain/config.guess?id=7d3d27baf8107b630586c962c057e22149653deb'; \
wget -O config/config.sub 'https://git.savannah.gnu.org/cgit/config.git/plain/config.sub?id=7d3d27baf8107b630586c962c057e22149653deb'; \
+ \
+# https://git.alpinelinux.org/aports/tree/community/postgresql12/APKBUILD?h=3.18-stable&id=a470294e6d6ca7059e41c54769b7c3c26ec901d4#n158
+ export LLVM_CONFIG="/usr/lib/llvm15/bin/llvm-config"; \
+# https://git.alpinelinux.org/aports/tree/community/postgresql12/APKBUILD?h=3.18-stable&id=a470294e6d6ca7059e41c54769b7c3c26ec901d4#n163
+ export CLANG=clang-15; \
+ \
# configure options taken from:
# https://anonscm.debian.org/cgit/pkg-postgresql/postgresql.git/tree/debian/rules?h=9.5
./configure \
diff --git a/12/alpine/Dockerfile b/12/alpine/Dockerfile
index 110257f91f..4698d75fc9 100644
--- a/12/alpine/Dockerfile
+++ b/12/alpine/Dockerfile
@@ -26,6 +26,10 @@ ENV PG_MAJOR 12
ENV PG_VERSION 12.15
ENV PG_SHA256 bb5206e2864c1c4579938b96ea6096d155f22abf2d2cc2aa57571e3c4cb12b36
+ENV DOCKER_PG_LLVM_DEPS \
+ llvm15-dev \
+ clang15
+
RUN set -eux; \
\
wget -O postgresql.tar.bz2 "https://ftp.postgresql.org/pub/source/v$PG_VERSION/postgresql-$PG_VERSION.tar.bz2"; \
@@ -40,10 +44,12 @@ RUN set -eux; \
rm postgresql.tar.bz2; \
\
apk add --no-cache --virtual .build-deps \
+ $DOCKER_PG_LLVM_DEPS \
bison \
coreutils \
dpkg-dev dpkg \
flex \
+ g++ \
gcc \
krb5-dev \
libc-dev \
@@ -51,7 +57,6 @@ RUN set -eux; \
libxml2-dev \
libxslt-dev \
linux-headers \
- llvm-dev clang g++ \
make \
openldap-dev \
openssl-dev \
@@ -76,6 +81,12 @@ RUN set -eux; \
# explicitly update autoconf config.guess and config.sub so they support more arches/libcs
wget -O config/config.guess 'https://git.savannah.gnu.org/cgit/config.git/plain/config.guess?id=7d3d27baf8107b630586c962c057e22149653deb'; \
wget -O config/config.sub 'https://git.savannah.gnu.org/cgit/config.git/plain/config.sub?id=7d3d27baf8107b630586c962c057e22149653deb'; \
+ \
+# https://git.alpinelinux.org/aports/tree/community/postgresql12/APKBUILD?h=3.18-stable&id=a470294e6d6ca7059e41c54769b7c3c26ec901d4#n158
+ export LLVM_CONFIG="/usr/lib/llvm15/bin/llvm-config"; \
+# https://git.alpinelinux.org/aports/tree/community/postgresql12/APKBUILD?h=3.18-stable&id=a470294e6d6ca7059e41c54769b7c3c26ec901d4#n163
+ export CLANG=clang-15; \
+ \
# configure options taken from:
# https://anonscm.debian.org/cgit/pkg-postgresql/postgresql.git/tree/debian/rules?h=9.5
./configure \
diff --git a/13/alpine/Dockerfile b/13/alpine/Dockerfile
index c8d8063edf..29262473d4 100644
--- a/13/alpine/Dockerfile
+++ b/13/alpine/Dockerfile
@@ -26,6 +26,10 @@ ENV PG_MAJOR 13
ENV PG_VERSION 13.11
ENV PG_SHA256 4992ff647203566b670d4e54dc5317499a26856c93576d0ea951bdf6bee50bfb
+ENV DOCKER_PG_LLVM_DEPS \
+ llvm15-dev \
+ clang15
+
RUN set -eux; \
\
wget -O postgresql.tar.bz2 "https://ftp.postgresql.org/pub/source/v$PG_VERSION/postgresql-$PG_VERSION.tar.bz2"; \
@@ -40,10 +44,12 @@ RUN set -eux; \
rm postgresql.tar.bz2; \
\
apk add --no-cache --virtual .build-deps \
+ $DOCKER_PG_LLVM_DEPS \
bison \
coreutils \
dpkg-dev dpkg \
flex \
+ g++ \
gcc \
krb5-dev \
libc-dev \
@@ -51,7 +57,6 @@ RUN set -eux; \
libxml2-dev \
libxslt-dev \
linux-headers \
- llvm-dev clang g++ \
make \
openldap-dev \
openssl-dev \
@@ -76,6 +81,12 @@ RUN set -eux; \
# explicitly update autoconf config.guess and config.sub so they support more arches/libcs
wget -O config/config.guess 'https://git.savannah.gnu.org/cgit/config.git/plain/config.guess?id=7d3d27baf8107b630586c962c057e22149653deb'; \
wget -O config/config.sub 'https://git.savannah.gnu.org/cgit/config.git/plain/config.sub?id=7d3d27baf8107b630586c962c057e22149653deb'; \
+ \
+# https://git.alpinelinux.org/aports/tree/community/postgresql12/APKBUILD?h=3.18-stable&id=a470294e6d6ca7059e41c54769b7c3c26ec901d4#n158
+ export LLVM_CONFIG="/usr/lib/llvm15/bin/llvm-config"; \
+# https://git.alpinelinux.org/aports/tree/community/postgresql12/APKBUILD?h=3.18-stable&id=a470294e6d6ca7059e41c54769b7c3c26ec901d4#n163
+ export CLANG=clang-15; \
+ \
# configure options taken from:
# https://anonscm.debian.org/cgit/pkg-postgresql/postgresql.git/tree/debian/rules?h=9.5
./configure \
diff --git a/14/alpine/Dockerfile b/14/alpine/Dockerfile
index 0d0dd7f3aa..5c216546ce 100644
--- a/14/alpine/Dockerfile
+++ b/14/alpine/Dockerfile
@@ -26,6 +26,10 @@ ENV PG_MAJOR 14
ENV PG_VERSION 14.8
ENV PG_SHA256 39d38f0030737ed03835debeefee3b37d335462ce4995e2497bc38d621ebe45a
+ENV DOCKER_PG_LLVM_DEPS \
+ llvm15-dev \
+ clang15
+
RUN set -eux; \
\
wget -O postgresql.tar.bz2 "https://ftp.postgresql.org/pub/source/v$PG_VERSION/postgresql-$PG_VERSION.tar.bz2"; \
@@ -40,10 +44,12 @@ RUN set -eux; \
rm postgresql.tar.bz2; \
\
apk add --no-cache --virtual .build-deps \
+ $DOCKER_PG_LLVM_DEPS \
bison \
coreutils \
dpkg-dev dpkg \
flex \
+ g++ \
gcc \
krb5-dev \
libc-dev \
@@ -51,7 +57,6 @@ RUN set -eux; \
libxml2-dev \
libxslt-dev \
linux-headers \
- llvm-dev clang g++ \
make \
openldap-dev \
openssl-dev \
@@ -78,6 +83,12 @@ RUN set -eux; \
# explicitly update autoconf config.guess and config.sub so they support more arches/libcs
wget -O config/config.guess 'https://git.savannah.gnu.org/cgit/config.git/plain/config.guess?id=7d3d27baf8107b630586c962c057e22149653deb'; \
wget -O config/config.sub 'https://git.savannah.gnu.org/cgit/config.git/plain/config.sub?id=7d3d27baf8107b630586c962c057e22149653deb'; \
+ \
+# https://git.alpinelinux.org/aports/tree/community/postgresql12/APKBUILD?h=3.18-stable&id=a470294e6d6ca7059e41c54769b7c3c26ec901d4#n158
+ export LLVM_CONFIG="/usr/lib/llvm15/bin/llvm-config"; \
+# https://git.alpinelinux.org/aports/tree/community/postgresql12/APKBUILD?h=3.18-stable&id=a470294e6d6ca7059e41c54769b7c3c26ec901d4#n163
+ export CLANG=clang-15; \
+ \
# configure options taken from:
# https://anonscm.debian.org/cgit/pkg-postgresql/postgresql.git/tree/debian/rules?h=9.5
./configure \
diff --git a/15/alpine/Dockerfile b/15/alpine/Dockerfile
index eaa64bc7ae..ef886cc3ab 100644
--- a/15/alpine/Dockerfile
+++ b/15/alpine/Dockerfile
@@ -26,6 +26,10 @@ ENV PG_MAJOR 15
ENV PG_VERSION 15.3
ENV PG_SHA256 ffc7d4891f00ffbf5c3f4eab7fbbced8460b8c0ee63c5a5167133b9e6599d932
+ENV DOCKER_PG_LLVM_DEPS \
+ llvm15-dev \
+ clang15
+
RUN set -eux; \
\
wget -O postgresql.tar.bz2 "https://ftp.postgresql.org/pub/source/v$PG_VERSION/postgresql-$PG_VERSION.tar.bz2"; \
@@ -40,10 +44,12 @@ RUN set -eux; \
rm postgresql.tar.bz2; \
\
apk add --no-cache --virtual .build-deps \
+ $DOCKER_PG_LLVM_DEPS \
bison \
coreutils \
dpkg-dev dpkg \
flex \
+ g++ \
gcc \
krb5-dev \
libc-dev \
@@ -51,7 +57,6 @@ RUN set -eux; \
libxml2-dev \
libxslt-dev \
linux-headers \
- llvm-dev clang g++ \
make \
openldap-dev \
openssl-dev \
@@ -80,6 +85,12 @@ RUN set -eux; \
# explicitly update autoconf config.guess and config.sub so they support more arches/libcs
wget -O config/config.guess 'https://git.savannah.gnu.org/cgit/config.git/plain/config.guess?id=7d3d27baf8107b630586c962c057e22149653deb'; \
wget -O config/config.sub 'https://git.savannah.gnu.org/cgit/config.git/plain/config.sub?id=7d3d27baf8107b630586c962c057e22149653deb'; \
+ \
+# https://git.alpinelinux.org/aports/tree/community/postgresql12/APKBUILD?h=3.18-stable&id=a470294e6d6ca7059e41c54769b7c3c26ec901d4#n158
+ export LLVM_CONFIG="/usr/lib/llvm15/bin/llvm-config"; \
+# https://git.alpinelinux.org/aports/tree/community/postgresql12/APKBUILD?h=3.18-stable&id=a470294e6d6ca7059e41c54769b7c3c26ec901d4#n163
+ export CLANG=clang-15; \
+ \
# configure options taken from:
# https://anonscm.debian.org/cgit/pkg-postgresql/postgresql.git/tree/debian/rules?h=9.5
./configure \
diff --git a/Dockerfile-alpine.template b/Dockerfile-alpine.template
index 57807bc851..deae2546c1 100644
--- a/Dockerfile-alpine.template
+++ b/Dockerfile-alpine.template
@@ -20,6 +20,11 @@ ENV PG_MAJOR {{ env.version }}
ENV PG_VERSION {{ .version }}
ENV PG_SHA256 {{ .sha256 }}
+{{ def llvmver: "15" -}}
+ENV DOCKER_PG_LLVM_DEPS \
+ llvm{{ llvmver }}-dev \
+ clang{{ llvmver }}
+
RUN set -eux; \
\
wget -O postgresql.tar.bz2 "https://ftp.postgresql.org/pub/source/v$PG_VERSION/postgresql-$PG_VERSION.tar.bz2"; \
@@ -34,10 +39,12 @@ RUN set -eux; \
rm postgresql.tar.bz2; \
\
apk add --no-cache --virtual .build-deps \
+ $DOCKER_PG_LLVM_DEPS \
bison \
coreutils \
dpkg-dev dpkg \
flex \
+ g++ \
gcc \
krb5-dev \
libc-dev \
@@ -45,9 +52,6 @@ RUN set -eux; \
libxml2-dev \
libxslt-dev \
linux-headers \
-{{ if .major >= 11 then ( -}}
- llvm-dev clang g++ \
-{{ ) else "" end -}}
make \
openldap-dev \
openssl-dev \
@@ -80,6 +84,12 @@ RUN set -eux; \
# explicitly update autoconf config.guess and config.sub so they support more arches/libcs
wget -O config/config.guess 'https://git.savannah.gnu.org/cgit/config.git/plain/config.guess?id=7d3d27baf8107b630586c962c057e22149653deb'; \
wget -O config/config.sub 'https://git.savannah.gnu.org/cgit/config.git/plain/config.sub?id=7d3d27baf8107b630586c962c057e22149653deb'; \
+ \
+# https://git.alpinelinux.org/aports/tree/community/postgresql12/APKBUILD?h=3.18-stable&id=a470294e6d6ca7059e41c54769b7c3c26ec901d4#n158
+ export LLVM_CONFIG="/usr/lib/llvm{{ llvmver }}/bin/llvm-config"; \
+# https://git.alpinelinux.org/aports/tree/community/postgresql12/APKBUILD?h=3.18-stable&id=a470294e6d6ca7059e41c54769b7c3c26ec901d4#n163
+ export CLANG=clang-{{ llvmver }}; \
+ \
# configure options taken from:
# https://anonscm.debian.org/cgit/pkg-postgresql/postgresql.git/tree/debian/rules?h=9.5
./configure \
@@ -110,9 +120,7 @@ RUN set -eux; \
--with-libxml \
--with-libxslt \
--with-icu \
-{{ if .major >= 11 then ( -}}
--with-llvm \
-{{ ) else "" end -}}
{{ if .major >= 14 then ( -}}
--with-lz4 \
{{ ) else "" end -}}
@@ -169,9 +177,6 @@ RUN mkdir -p "$PGDATA" && chown -R postgres:postgres "$PGDATA" && chmod 1777 "$P
VOLUME /var/lib/postgresql/data
COPY docker-entrypoint.sh /usr/local/bin/
-{{ if .major >= 11 then "" else ( -}}
-RUN ln -s usr/local/bin/docker-entrypoint.sh / # backwards compat
-{{ ) end -}}
ENTRYPOINT ["docker-entrypoint.sh"]
# We set the default STOPSIGNAL to SIGINT, which corresponds to what PostgreSQL
diff --git a/Dockerfile-debian.template b/Dockerfile-debian.template
index dc301a7d13..aeca3d8d32 100644
--- a/Dockerfile-debian.template
+++ b/Dockerfile-debian.template
@@ -181,9 +181,6 @@ RUN mkdir -p "$PGDATA" && chown -R postgres:postgres "$PGDATA" && chmod 777 "$PG
VOLUME /var/lib/postgresql/data
COPY docker-entrypoint.sh /usr/local/bin/
-{{ if .major >= 11 then "" else ( -}}
-RUN ln -s usr/local/bin/docker-entrypoint.sh / # backwards compat
-{{ ) end -}}
ENTRYPOINT ["docker-entrypoint.sh"]
# We set the default STOPSIGNAL to SIGINT, which corresponds to what PostgreSQL
From fbc438936d086d3ad5c7d2763446e3cf829288fb Mon Sep 17 00:00:00 2001
From: Tianon Gravi <admwiggin@gmail.com>
Date: Fri, 12 May 2023 16:51:33 -0700
Subject: [PATCH 012/115] Add `--enable-option-checking=fatal` to `configure`
flags
Also, remove deprecated/removed `--with-krb5` (deprecated in 8.3, removed in 9.4; https://github.com/postgres/postgres/commit/98de86e4221a418d670db86bf28ff15e880beadc).
---
11/alpine/Dockerfile | 2 +-
12/alpine/Dockerfile | 2 +-
13/alpine/Dockerfile | 2 +-
14/alpine/Dockerfile | 2 +-
15/alpine/Dockerfile | 2 +-
Dockerfile-alpine.template | 2 +-
6 files changed, 6 insertions(+), 6 deletions(-)
diff --git a/11/alpine/Dockerfile b/11/alpine/Dockerfile
index 6dad831545..ff1b3973f3 100644
--- a/11/alpine/Dockerfile
+++ b/11/alpine/Dockerfile
@@ -90,6 +90,7 @@ RUN set -eux; \
# configure options taken from:
# https://anonscm.debian.org/cgit/pkg-postgresql/postgresql.git/tree/debian/rules?h=9.5
./configure \
+ --enable-option-checking=fatal \
--build="$gnuArch" \
# "/usr/src/postgresql/src/backend/access/common/tupconvert.c:105: undefined reference to `libintl_gettext'"
# --enable-nls \
@@ -106,7 +107,6 @@ RUN set -eux; \
--prefix=/usr/local \
--with-includes=/usr/local/include \
--with-libraries=/usr/local/lib \
- --with-krb5 \
--with-gssapi \
--with-ldap \
--with-tcl \
diff --git a/12/alpine/Dockerfile b/12/alpine/Dockerfile
index 4698d75fc9..74854956da 100644
--- a/12/alpine/Dockerfile
+++ b/12/alpine/Dockerfile
@@ -90,6 +90,7 @@ RUN set -eux; \
# configure options taken from:
# https://anonscm.debian.org/cgit/pkg-postgresql/postgresql.git/tree/debian/rules?h=9.5
./configure \
+ --enable-option-checking=fatal \
--build="$gnuArch" \
# "/usr/src/postgresql/src/backend/access/common/tupconvert.c:105: undefined reference to `libintl_gettext'"
# --enable-nls \
@@ -106,7 +107,6 @@ RUN set -eux; \
--prefix=/usr/local \
--with-includes=/usr/local/include \
--with-libraries=/usr/local/lib \
- --with-krb5 \
--with-gssapi \
--with-ldap \
--with-tcl \
diff --git a/13/alpine/Dockerfile b/13/alpine/Dockerfile
index 29262473d4..2f3fc74b83 100644
--- a/13/alpine/Dockerfile
+++ b/13/alpine/Dockerfile
@@ -90,6 +90,7 @@ RUN set -eux; \
# configure options taken from:
# https://anonscm.debian.org/cgit/pkg-postgresql/postgresql.git/tree/debian/rules?h=9.5
./configure \
+ --enable-option-checking=fatal \
--build="$gnuArch" \
# "/usr/src/postgresql/src/backend/access/common/tupconvert.c:105: undefined reference to `libintl_gettext'"
# --enable-nls \
@@ -106,7 +107,6 @@ RUN set -eux; \
--prefix=/usr/local \
--with-includes=/usr/local/include \
--with-libraries=/usr/local/lib \
- --with-krb5 \
--with-gssapi \
--with-ldap \
--with-tcl \
diff --git a/14/alpine/Dockerfile b/14/alpine/Dockerfile
index 5c216546ce..464e468939 100644
--- a/14/alpine/Dockerfile
+++ b/14/alpine/Dockerfile
@@ -92,6 +92,7 @@ RUN set -eux; \
# configure options taken from:
# https://anonscm.debian.org/cgit/pkg-postgresql/postgresql.git/tree/debian/rules?h=9.5
./configure \
+ --enable-option-checking=fatal \
--build="$gnuArch" \
# "/usr/src/postgresql/src/backend/access/common/tupconvert.c:105: undefined reference to `libintl_gettext'"
# --enable-nls \
@@ -108,7 +109,6 @@ RUN set -eux; \
--prefix=/usr/local \
--with-includes=/usr/local/include \
--with-libraries=/usr/local/lib \
- --with-krb5 \
--with-gssapi \
--with-ldap \
--with-tcl \
diff --git a/15/alpine/Dockerfile b/15/alpine/Dockerfile
index ef886cc3ab..afbbfcaa27 100644
--- a/15/alpine/Dockerfile
+++ b/15/alpine/Dockerfile
@@ -94,6 +94,7 @@ RUN set -eux; \
# configure options taken from:
# https://anonscm.debian.org/cgit/pkg-postgresql/postgresql.git/tree/debian/rules?h=9.5
./configure \
+ --enable-option-checking=fatal \
--build="$gnuArch" \
# "/usr/src/postgresql/src/backend/access/common/tupconvert.c:105: undefined reference to `libintl_gettext'"
# --enable-nls \
@@ -110,7 +111,6 @@ RUN set -eux; \
--prefix=/usr/local \
--with-includes=/usr/local/include \
--with-libraries=/usr/local/lib \
- --with-krb5 \
--with-gssapi \
--with-ldap \
--with-tcl \
diff --git a/Dockerfile-alpine.template b/Dockerfile-alpine.template
index deae2546c1..90a4e40d91 100644
--- a/Dockerfile-alpine.template
+++ b/Dockerfile-alpine.template
@@ -93,6 +93,7 @@ RUN set -eux; \
# configure options taken from:
# https://anonscm.debian.org/cgit/pkg-postgresql/postgresql.git/tree/debian/rules?h=9.5
./configure \
+ --enable-option-checking=fatal \
--build="$gnuArch" \
# "/usr/src/postgresql/src/backend/access/common/tupconvert.c:105: undefined reference to `libintl_gettext'"
# --enable-nls \
@@ -109,7 +110,6 @@ RUN set -eux; \
--prefix=/usr/local \
--with-includes=/usr/local/include \
--with-libraries=/usr/local/lib \
- --with-krb5 \
--with-gssapi \
--with-ldap \
--with-tcl \
From 5ea98fe00be95fbbe642732d62af3b4dbc83f442 Mon Sep 17 00:00:00 2001
From: Tianon Gravi <admwiggin@gmail.com>
Date: Wed, 17 May 2023 15:35:34 -0700
Subject: [PATCH 013/115] Add support for multiple (up to two) concurrent
Alpine versions
---
11/alpine3.17/Dockerfile | 204 ++++++++++
.../docker-entrypoint.sh | 0
11/{alpine => alpine3.18}/Dockerfile | 0
.../alpine3.18}/docker-entrypoint.sh | 0
12/alpine3.17/Dockerfile | 204 ++++++++++
.../alpine3.17}/docker-entrypoint.sh | 0
12/{alpine => alpine3.18}/Dockerfile | 0
.../alpine3.18}/docker-entrypoint.sh | 0
13/alpine3.17/Dockerfile | 204 ++++++++++
.../alpine3.17}/docker-entrypoint.sh | 0
13/{alpine => alpine3.18}/Dockerfile | 0
13/alpine3.18/docker-entrypoint.sh | 351 ++++++++++++++++++
14/alpine3.17/Dockerfile | 207 +++++++++++
14/alpine3.17/docker-entrypoint.sh | 351 ++++++++++++++++++
14/{alpine => alpine3.18}/Dockerfile | 0
14/alpine3.18/docker-entrypoint.sh | 351 ++++++++++++++++++
15/alpine3.17/Dockerfile | 210 +++++++++++
15/alpine3.17/docker-entrypoint.sh | 351 ++++++++++++++++++
15/{alpine => alpine3.18}/Dockerfile | 0
15/alpine3.18/docker-entrypoint.sh | 351 ++++++++++++++++++
Dockerfile-alpine.template | 2 +-
apply-templates.sh | 24 +-
generate-stackbrew-library.sh | 8 +-
versions.json | 40 +-
versions.sh | 48 ++-
25 files changed, 2855 insertions(+), 51 deletions(-)
create mode 100644 11/alpine3.17/Dockerfile
rename 11/{alpine => alpine3.17}/docker-entrypoint.sh (100%)
rename 11/{alpine => alpine3.18}/Dockerfile (100%)
rename {12/alpine => 11/alpine3.18}/docker-entrypoint.sh (100%)
create mode 100644 12/alpine3.17/Dockerfile
rename {13/alpine => 12/alpine3.17}/docker-entrypoint.sh (100%)
rename 12/{alpine => alpine3.18}/Dockerfile (100%)
rename {14/alpine => 12/alpine3.18}/docker-entrypoint.sh (100%)
create mode 100644 13/alpine3.17/Dockerfile
rename {15/alpine => 13/alpine3.17}/docker-entrypoint.sh (100%)
rename 13/{alpine => alpine3.18}/Dockerfile (100%)
create mode 100755 13/alpine3.18/docker-entrypoint.sh
create mode 100644 14/alpine3.17/Dockerfile
create mode 100755 14/alpine3.17/docker-entrypoint.sh
rename 14/{alpine => alpine3.18}/Dockerfile (100%)
create mode 100755 14/alpine3.18/docker-entrypoint.sh
create mode 100644 15/alpine3.17/Dockerfile
create mode 100755 15/alpine3.17/docker-entrypoint.sh
rename 15/{alpine => alpine3.18}/Dockerfile (100%)
create mode 100755 15/alpine3.18/docker-entrypoint.sh
diff --git a/11/alpine3.17/Dockerfile b/11/alpine3.17/Dockerfile
new file mode 100644
index 0000000000..208b2b20d5
--- /dev/null
+++ b/11/alpine3.17/Dockerfile
@@ -0,0 +1,204 @@
+#
+# NOTE: THIS DOCKERFILE IS GENERATED VIA "apply-templates.sh"
+#
+# PLEASE DO NOT EDIT IT DIRECTLY.
+#
+
+FROM alpine:3.17
+
+# 70 is the standard uid/gid for "postgres" in Alpine
+# https://git.alpinelinux.org/aports/tree/main/postgresql/postgresql.pre-install?h=3.12-stable
+RUN set -eux; \
+ addgroup -g 70 -S postgres; \
+ adduser -u 70 -S -D -G postgres -H -h /var/lib/postgresql -s /bin/sh postgres; \
+ mkdir -p /var/lib/postgresql; \
+ chown -R postgres:postgres /var/lib/postgresql
+
+# su-exec (gosu-compatible) is installed further down
+
+# make the "en_US.UTF-8" locale so postgres will be utf-8 enabled by default
+# alpine doesn't require explicit locale-file generation
+ENV LANG en_US.utf8
+
+RUN mkdir /docker-entrypoint-initdb.d
+
+ENV PG_MAJOR 11
+ENV PG_VERSION 11.20
+ENV PG_SHA256 3d7c8882f64a7e98534a044257dfee7abad77a5b7da12508d85d722b98b5acce
+
+ENV DOCKER_PG_LLVM_DEPS \
+ llvm15-dev \
+ clang15
+
+RUN set -eux; \
+ \
+ wget -O postgresql.tar.bz2 "https://ftp.postgresql.org/pub/source/v$PG_VERSION/postgresql-$PG_VERSION.tar.bz2"; \
+ echo "$PG_SHA256 *postgresql.tar.bz2" | sha256sum -c -; \
+ mkdir -p /usr/src/postgresql; \
+ tar \
+ --extract \
+ --file postgresql.tar.bz2 \
+ --directory /usr/src/postgresql \
+ --strip-components 1 \
+ ; \
+ rm postgresql.tar.bz2; \
+ \
+ apk add --no-cache --virtual .build-deps \
+ $DOCKER_PG_LLVM_DEPS \
+ bison \
+ coreutils \
+ dpkg-dev dpkg \
+ flex \
+ g++ \
+ gcc \
+ krb5-dev \
+ libc-dev \
+ libedit-dev \
+ libxml2-dev \
+ libxslt-dev \
+ linux-headers \
+ make \
+ openldap-dev \
+ openssl-dev \
+ perl-dev \
+ perl-ipc-run \
+ perl-utils \
+ python3-dev \
+ tcl-dev \
+ util-linux-dev \
+ zlib-dev \
+# https://www.postgresql.org/docs/10/static/release-10.html#id-1.11.6.9.5.13
+ icu-dev \
+ ; \
+ \
+ cd /usr/src/postgresql; \
+# update "DEFAULT_PGSOCKET_DIR" to "/var/run/postgresql" (matching Debian)
+# see https://anonscm.debian.org/git/pkg-postgresql/postgresql.git/tree/debian/patches/51-default-sockets-in-var.patch?id=8b539fcb3e093a521c095e70bdfa76887217b89f
+ awk '$1 == "#define" && $2 == "DEFAULT_PGSOCKET_DIR" && $3 == "\"/tmp\"" { $3 = "\"/var/run/postgresql\""; print; next } { print }' src/include/pg_config_manual.h > src/include/pg_config_manual.h.new; \
+ grep '/var/run/postgresql' src/include/pg_config_manual.h.new; \
+ mv src/include/pg_config_manual.h.new src/include/pg_config_manual.h; \
+ gnuArch="$(dpkg-architecture --query DEB_BUILD_GNU_TYPE)"; \
+# explicitly update autoconf config.guess and config.sub so they support more arches/libcs
+ wget -O config/config.guess 'https://git.savannah.gnu.org/cgit/config.git/plain/config.guess?id=7d3d27baf8107b630586c962c057e22149653deb'; \
+ wget -O config/config.sub 'https://git.savannah.gnu.org/cgit/config.git/plain/config.sub?id=7d3d27baf8107b630586c962c057e22149653deb'; \
+ \
+# https://git.alpinelinux.org/aports/tree/community/postgresql12/APKBUILD?h=3.18-stable&id=a470294e6d6ca7059e41c54769b7c3c26ec901d4#n158
+ export LLVM_CONFIG="/usr/lib/llvm15/bin/llvm-config"; \
+# https://git.alpinelinux.org/aports/tree/community/postgresql12/APKBUILD?h=3.18-stable&id=a470294e6d6ca7059e41c54769b7c3c26ec901d4#n163
+ export CLANG=clang-15; \
+ \
+# configure options taken from:
+# https://anonscm.debian.org/cgit/pkg-postgresql/postgresql.git/tree/debian/rules?h=9.5
+ ./configure \
+ --enable-option-checking=fatal \
+ --build="$gnuArch" \
+# "/usr/src/postgresql/src/backend/access/common/tupconvert.c:105: undefined reference to `libintl_gettext'"
+# --enable-nls \
+ --enable-integer-datetimes \
+ --enable-thread-safety \
+ --enable-tap-tests \
+# skip debugging info -- we want tiny size instead
+# --enable-debug \
+ --disable-rpath \
+ --with-uuid=e2fs \
+ --with-gnu-ld \
+ --with-pgport=5432 \
+ --with-system-tzdata=/usr/share/zoneinfo \
+ --prefix=/usr/local \
+ --with-includes=/usr/local/include \
+ --with-libraries=/usr/local/lib \
+ --with-gssapi \
+ --with-ldap \
+ --with-tcl \
+ --with-perl \
+ --with-python \
+# --with-pam \
+ --with-openssl \
+ --with-libxml \
+ --with-libxslt \
+ --with-icu \
+ --with-llvm \
+ ; \
+ make -j "$(nproc)" world; \
+ make install-world; \
+ make -C contrib install; \
+ \
+ runDeps="$( \
+ scanelf --needed --nobanner --format '%n#p' --recursive /usr/local \
+ | tr ',' '\n' \
+ | sort -u \
+ | awk 'system("[ -e /usr/local/lib/" $1 " ]") == 0 { next } { print "so:" $1 }' \
+# Remove plperl, plpython and pltcl dependencies by default to save image size
+# To use the pl extensions, those have to be installed in a derived image
+ | grep -v -e perl -e python -e tcl \
+ )"; \
+ apk add --no-cache --virtual .postgresql-rundeps \
+ $runDeps \
+ bash \
+ su-exec \
+ tzdata \
+ zstd \
+# https://wiki.alpinelinux.org/wiki/Release_Notes_for_Alpine_3.16.0#ICU_data_split
+ icu-data-full \
+# nss_wrapper is not availble on ppc64le: "test case segfaults in ppc64le"
+# https://git.alpinelinux.org/aports/commit/testing/nss_wrapper/APKBUILD?h=3.17-stable&id=94d81ceeb58cff448d489bbcbe9a6d40c9991663
+ $([ "$(apk --print-arch)" != 'ppc64le' ] && echo 'nss_wrapper') \
+ ; \
+ apk del --no-network .build-deps; \
+ cd /; \
+ rm -rf \
+ /usr/src/postgresql \
+ /usr/local/share/doc \
+ /usr/local/share/man \
+ ; \
+ \
+ postgres --version
+
+# make the sample config easier to munge (and "correct by default")
+RUN set -eux; \
+ cp -v /usr/local/share/postgresql/postgresql.conf.sample /usr/local/share/postgresql/postgresql.conf.sample.orig; \
+ sed -ri "s!^#?(listen_addresses)\s*=\s*\S+.*!\1 = '*'!" /usr/local/share/postgresql/postgresql.conf.sample; \
+ grep -F "listen_addresses = '*'" /usr/local/share/postgresql/postgresql.conf.sample
+
+RUN mkdir -p /var/run/postgresql && chown -R postgres:postgres /var/run/postgresql && chmod 3777 /var/run/postgresql
+
+ENV PGDATA /var/lib/postgresql/data
+# this 777 will be replaced by 700 at runtime (allows semi-arbitrary "--user" values)
+RUN mkdir -p "$PGDATA" && chown -R postgres:postgres "$PGDATA" && chmod 1777 "$PGDATA"
+VOLUME /var/lib/postgresql/data
+
+COPY docker-entrypoint.sh /usr/local/bin/
+ENTRYPOINT ["docker-entrypoint.sh"]
+
+# We set the default STOPSIGNAL to SIGINT, which corresponds to what PostgreSQL
+# calls "Fast Shutdown mode" wherein new connections are disallowed and any
+# in-progress transactions are aborted, allowing PostgreSQL to stop cleanly and
+# flush tables to disk, which is the best compromise available to avoid data
+# corruption.
+#
+# Users who know their applications do not keep open long-lived idle connections
+# may way to use a value of SIGTERM instead, which corresponds to "Smart
+# Shutdown mode" in which any existing sessions are allowed to finish and the
+# server stops when all sessions are terminated.
+#
+# See https://www.postgresql.org/docs/12/server-shutdown.html for more details
+# about available PostgreSQL server shutdown signals.
+#
+# See also https://www.postgresql.org/docs/12/server-start.html for further
+# justification of this as the default value, namely that the example (and
+# shipped) systemd service files use the "Fast Shutdown mode" for service
+# termination.
+#
+STOPSIGNAL SIGINT
+#
+# An additional setting that is recommended for all users regardless of this
+# value is the runtime "--stop-timeout" (or your orchestrator/runtime's
+# equivalent) for controlling how long to wait between sending the defined
+# STOPSIGNAL and sending SIGKILL (which is likely to cause data corruption).
+#
+# The default in most runtimes (such as Docker) is 10 seconds, and the
+# documentation at https://www.postgresql.org/docs/12/server-start.html notes
+# that even 90 seconds may not be long enough in many instances.
+
+EXPOSE 5432
+CMD ["postgres"]
diff --git a/11/alpine/docker-entrypoint.sh b/11/alpine3.17/docker-entrypoint.sh
similarity index 100%
rename from 11/alpine/docker-entrypoint.sh
rename to 11/alpine3.17/docker-entrypoint.sh
diff --git a/11/alpine/Dockerfile b/11/alpine3.18/Dockerfile
similarity index 100%
rename from 11/alpine/Dockerfile
rename to 11/alpine3.18/Dockerfile
diff --git a/12/alpine/docker-entrypoint.sh b/11/alpine3.18/docker-entrypoint.sh
similarity index 100%
rename from 12/alpine/docker-entrypoint.sh
rename to 11/alpine3.18/docker-entrypoint.sh
diff --git a/12/alpine3.17/Dockerfile b/12/alpine3.17/Dockerfile
new file mode 100644
index 0000000000..c12af4635b
--- /dev/null
+++ b/12/alpine3.17/Dockerfile
@@ -0,0 +1,204 @@
+#
+# NOTE: THIS DOCKERFILE IS GENERATED VIA "apply-templates.sh"
+#
+# PLEASE DO NOT EDIT IT DIRECTLY.
+#
+
+FROM alpine:3.17
+
+# 70 is the standard uid/gid for "postgres" in Alpine
+# https://git.alpinelinux.org/aports/tree/main/postgresql/postgresql.pre-install?h=3.12-stable
+RUN set -eux; \
+ addgroup -g 70 -S postgres; \
+ adduser -u 70 -S -D -G postgres -H -h /var/lib/postgresql -s /bin/sh postgres; \
+ mkdir -p /var/lib/postgresql; \
+ chown -R postgres:postgres /var/lib/postgresql
+
+# su-exec (gosu-compatible) is installed further down
+
+# make the "en_US.UTF-8" locale so postgres will be utf-8 enabled by default
+# alpine doesn't require explicit locale-file generation
+ENV LANG en_US.utf8
+
+RUN mkdir /docker-entrypoint-initdb.d
+
+ENV PG_MAJOR 12
+ENV PG_VERSION 12.15
+ENV PG_SHA256 bb5206e2864c1c4579938b96ea6096d155f22abf2d2cc2aa57571e3c4cb12b36
+
+ENV DOCKER_PG_LLVM_DEPS \
+ llvm15-dev \
+ clang15
+
+RUN set -eux; \
+ \
+ wget -O postgresql.tar.bz2 "https://ftp.postgresql.org/pub/source/v$PG_VERSION/postgresql-$PG_VERSION.tar.bz2"; \
+ echo "$PG_SHA256 *postgresql.tar.bz2" | sha256sum -c -; \
+ mkdir -p /usr/src/postgresql; \
+ tar \
+ --extract \
+ --file postgresql.tar.bz2 \
+ --directory /usr/src/postgresql \
+ --strip-components 1 \
+ ; \
+ rm postgresql.tar.bz2; \
+ \
+ apk add --no-cache --virtual .build-deps \
+ $DOCKER_PG_LLVM_DEPS \
+ bison \
+ coreutils \
+ dpkg-dev dpkg \
+ flex \
+ g++ \
+ gcc \
+ krb5-dev \
+ libc-dev \
+ libedit-dev \
+ libxml2-dev \
+ libxslt-dev \
+ linux-headers \
+ make \
+ openldap-dev \
+ openssl-dev \
+ perl-dev \
+ perl-ipc-run \
+ perl-utils \
+ python3-dev \
+ tcl-dev \
+ util-linux-dev \
+ zlib-dev \
+# https://www.postgresql.org/docs/10/static/release-10.html#id-1.11.6.9.5.13
+ icu-dev \
+ ; \
+ \
+ cd /usr/src/postgresql; \
+# update "DEFAULT_PGSOCKET_DIR" to "/var/run/postgresql" (matching Debian)
+# see https://anonscm.debian.org/git/pkg-postgresql/postgresql.git/tree/debian/patches/51-default-sockets-in-var.patch?id=8b539fcb3e093a521c095e70bdfa76887217b89f
+ awk '$1 == "#define" && $2 == "DEFAULT_PGSOCKET_DIR" && $3 == "\"/tmp\"" { $3 = "\"/var/run/postgresql\""; print; next } { print }' src/include/pg_config_manual.h > src/include/pg_config_manual.h.new; \
+ grep '/var/run/postgresql' src/include/pg_config_manual.h.new; \
+ mv src/include/pg_config_manual.h.new src/include/pg_config_manual.h; \
+ gnuArch="$(dpkg-architecture --query DEB_BUILD_GNU_TYPE)"; \
+# explicitly update autoconf config.guess and config.sub so they support more arches/libcs
+ wget -O config/config.guess 'https://git.savannah.gnu.org/cgit/config.git/plain/config.guess?id=7d3d27baf8107b630586c962c057e22149653deb'; \
+ wget -O config/config.sub 'https://git.savannah.gnu.org/cgit/config.git/plain/config.sub?id=7d3d27baf8107b630586c962c057e22149653deb'; \
+ \
+# https://git.alpinelinux.org/aports/tree/community/postgresql12/APKBUILD?h=3.18-stable&id=a470294e6d6ca7059e41c54769b7c3c26ec901d4#n158
+ export LLVM_CONFIG="/usr/lib/llvm15/bin/llvm-config"; \
+# https://git.alpinelinux.org/aports/tree/community/postgresql12/APKBUILD?h=3.18-stable&id=a470294e6d6ca7059e41c54769b7c3c26ec901d4#n163
+ export CLANG=clang-15; \
+ \
+# configure options taken from:
+# https://anonscm.debian.org/cgit/pkg-postgresql/postgresql.git/tree/debian/rules?h=9.5
+ ./configure \
+ --enable-option-checking=fatal \
+ --build="$gnuArch" \
+# "/usr/src/postgresql/src/backend/access/common/tupconvert.c:105: undefined reference to `libintl_gettext'"
+# --enable-nls \
+ --enable-integer-datetimes \
+ --enable-thread-safety \
+ --enable-tap-tests \
+# skip debugging info -- we want tiny size instead
+# --enable-debug \
+ --disable-rpath \
+ --with-uuid=e2fs \
+ --with-gnu-ld \
+ --with-pgport=5432 \
+ --with-system-tzdata=/usr/share/zoneinfo \
+ --prefix=/usr/local \
+ --with-includes=/usr/local/include \
+ --with-libraries=/usr/local/lib \
+ --with-gssapi \
+ --with-ldap \
+ --with-tcl \
+ --with-perl \
+ --with-python \
+# --with-pam \
+ --with-openssl \
+ --with-libxml \
+ --with-libxslt \
+ --with-icu \
+ --with-llvm \
+ ; \
+ make -j "$(nproc)" world; \
+ make install-world; \
+ make -C contrib install; \
+ \
+ runDeps="$( \
+ scanelf --needed --nobanner --format '%n#p' --recursive /usr/local \
+ | tr ',' '\n' \
+ | sort -u \
+ | awk 'system("[ -e /usr/local/lib/" $1 " ]") == 0 { next } { print "so:" $1 }' \
+# Remove plperl, plpython and pltcl dependencies by default to save image size
+# To use the pl extensions, those have to be installed in a derived image
+ | grep -v -e perl -e python -e tcl \
+ )"; \
+ apk add --no-cache --virtual .postgresql-rundeps \
+ $runDeps \
+ bash \
+ su-exec \
+ tzdata \
+ zstd \
+# https://wiki.alpinelinux.org/wiki/Release_Notes_for_Alpine_3.16.0#ICU_data_split
+ icu-data-full \
+# nss_wrapper is not availble on ppc64le: "test case segfaults in ppc64le"
+# https://git.alpinelinux.org/aports/commit/testing/nss_wrapper/APKBUILD?h=3.17-stable&id=94d81ceeb58cff448d489bbcbe9a6d40c9991663
+ $([ "$(apk --print-arch)" != 'ppc64le' ] && echo 'nss_wrapper') \
+ ; \
+ apk del --no-network .build-deps; \
+ cd /; \
+ rm -rf \
+ /usr/src/postgresql \
+ /usr/local/share/doc \
+ /usr/local/share/man \
+ ; \
+ \
+ postgres --version
+
+# make the sample config easier to munge (and "correct by default")
+RUN set -eux; \
+ cp -v /usr/local/share/postgresql/postgresql.conf.sample /usr/local/share/postgresql/postgresql.conf.sample.orig; \
+ sed -ri "s!^#?(listen_addresses)\s*=\s*\S+.*!\1 = '*'!" /usr/local/share/postgresql/postgresql.conf.sample; \
+ grep -F "listen_addresses = '*'" /usr/local/share/postgresql/postgresql.conf.sample
+
+RUN mkdir -p /var/run/postgresql && chown -R postgres:postgres /var/run/postgresql && chmod 3777 /var/run/postgresql
+
+ENV PGDATA /var/lib/postgresql/data
+# this 777 will be replaced by 700 at runtime (allows semi-arbitrary "--user" values)
+RUN mkdir -p "$PGDATA" && chown -R postgres:postgres "$PGDATA" && chmod 1777 "$PGDATA"
+VOLUME /var/lib/postgresql/data
+
+COPY docker-entrypoint.sh /usr/local/bin/
+ENTRYPOINT ["docker-entrypoint.sh"]
+
+# We set the default STOPSIGNAL to SIGINT, which corresponds to what PostgreSQL
+# calls "Fast Shutdown mode" wherein new connections are disallowed and any
+# in-progress transactions are aborted, allowing PostgreSQL to stop cleanly and
+# flush tables to disk, which is the best compromise available to avoid data
+# corruption.
+#
+# Users who know their applications do not keep open long-lived idle connections
+# may way to use a value of SIGTERM instead, which corresponds to "Smart
+# Shutdown mode" in which any existing sessions are allowed to finish and the
+# server stops when all sessions are terminated.
+#
+# See https://www.postgresql.org/docs/12/server-shutdown.html for more details
+# about available PostgreSQL server shutdown signals.
+#
+# See also https://www.postgresql.org/docs/12/server-start.html for further
+# justification of this as the default value, namely that the example (and
+# shipped) systemd service files use the "Fast Shutdown mode" for service
+# termination.
+#
+STOPSIGNAL SIGINT
+#
+# An additional setting that is recommended for all users regardless of this
+# value is the runtime "--stop-timeout" (or your orchestrator/runtime's
+# equivalent) for controlling how long to wait between sending the defined
+# STOPSIGNAL and sending SIGKILL (which is likely to cause data corruption).
+#
+# The default in most runtimes (such as Docker) is 10 seconds, and the
+# documentation at https://www.postgresql.org/docs/12/server-start.html notes
+# that even 90 seconds may not be long enough in many instances.
+
+EXPOSE 5432
+CMD ["postgres"]
diff --git a/13/alpine/docker-entrypoint.sh b/12/alpine3.17/docker-entrypoint.sh
similarity index 100%
rename from 13/alpine/docker-entrypoint.sh
rename to 12/alpine3.17/docker-entrypoint.sh
diff --git a/12/alpine/Dockerfile b/12/alpine3.18/Dockerfile
similarity index 100%
rename from 12/alpine/Dockerfile
rename to 12/alpine3.18/Dockerfile
diff --git a/14/alpine/docker-entrypoint.sh b/12/alpine3.18/docker-entrypoint.sh
similarity index 100%
rename from 14/alpine/docker-entrypoint.sh
rename to 12/alpine3.18/docker-entrypoint.sh
diff --git a/13/alpine3.17/Dockerfile b/13/alpine3.17/Dockerfile
new file mode 100644
index 0000000000..1991131da1
--- /dev/null
+++ b/13/alpine3.17/Dockerfile
@@ -0,0 +1,204 @@
+#
+# NOTE: THIS DOCKERFILE IS GENERATED VIA "apply-templates.sh"
+#
+# PLEASE DO NOT EDIT IT DIRECTLY.
+#
+
+FROM alpine:3.17
+
+# 70 is the standard uid/gid for "postgres" in Alpine
+# https://git.alpinelinux.org/aports/tree/main/postgresql/postgresql.pre-install?h=3.12-stable
+RUN set -eux; \
+ addgroup -g 70 -S postgres; \
+ adduser -u 70 -S -D -G postgres -H -h /var/lib/postgresql -s /bin/sh postgres; \
+ mkdir -p /var/lib/postgresql; \
+ chown -R postgres:postgres /var/lib/postgresql
+
+# su-exec (gosu-compatible) is installed further down
+
+# make the "en_US.UTF-8" locale so postgres will be utf-8 enabled by default
+# alpine doesn't require explicit locale-file generation
+ENV LANG en_US.utf8
+
+RUN mkdir /docker-entrypoint-initdb.d
+
+ENV PG_MAJOR 13
+ENV PG_VERSION 13.11
+ENV PG_SHA256 4992ff647203566b670d4e54dc5317499a26856c93576d0ea951bdf6bee50bfb
+
+ENV DOCKER_PG_LLVM_DEPS \
+ llvm15-dev \
+ clang15
+
+RUN set -eux; \
+ \
+ wget -O postgresql.tar.bz2 "https://ftp.postgresql.org/pub/source/v$PG_VERSION/postgresql-$PG_VERSION.tar.bz2"; \
+ echo "$PG_SHA256 *postgresql.tar.bz2" | sha256sum -c -; \
+ mkdir -p /usr/src/postgresql; \
+ tar \
+ --extract \
+ --file postgresql.tar.bz2 \
+ --directory /usr/src/postgresql \
+ --strip-components 1 \
+ ; \
+ rm postgresql.tar.bz2; \
+ \
+ apk add --no-cache --virtual .build-deps \
+ $DOCKER_PG_LLVM_DEPS \
+ bison \
+ coreutils \
+ dpkg-dev dpkg \
+ flex \
+ g++ \
+ gcc \
+ krb5-dev \
+ libc-dev \
+ libedit-dev \
+ libxml2-dev \
+ libxslt-dev \
+ linux-headers \
+ make \
+ openldap-dev \
+ openssl-dev \
+ perl-dev \
+ perl-ipc-run \
+ perl-utils \
+ python3-dev \
+ tcl-dev \
+ util-linux-dev \
+ zlib-dev \
+# https://www.postgresql.org/docs/10/static/release-10.html#id-1.11.6.9.5.13
+ icu-dev \
+ ; \
+ \
+ cd /usr/src/postgresql; \
+# update "DEFAULT_PGSOCKET_DIR" to "/var/run/postgresql" (matching Debian)
+# see https://anonscm.debian.org/git/pkg-postgresql/postgresql.git/tree/debian/patches/51-default-sockets-in-var.patch?id=8b539fcb3e093a521c095e70bdfa76887217b89f
+ awk '$1 == "#define" && $2 == "DEFAULT_PGSOCKET_DIR" && $3 == "\"/tmp\"" { $3 = "\"/var/run/postgresql\""; print; next } { print }' src/include/pg_config_manual.h > src/include/pg_config_manual.h.new; \
+ grep '/var/run/postgresql' src/include/pg_config_manual.h.new; \
+ mv src/include/pg_config_manual.h.new src/include/pg_config_manual.h; \
+ gnuArch="$(dpkg-architecture --query DEB_BUILD_GNU_TYPE)"; \
+# explicitly update autoconf config.guess and config.sub so they support more arches/libcs
+ wget -O config/config.guess 'https://git.savannah.gnu.org/cgit/config.git/plain/config.guess?id=7d3d27baf8107b630586c962c057e22149653deb'; \
+ wget -O config/config.sub 'https://git.savannah.gnu.org/cgit/config.git/plain/config.sub?id=7d3d27baf8107b630586c962c057e22149653deb'; \
+ \
+# https://git.alpinelinux.org/aports/tree/community/postgresql12/APKBUILD?h=3.18-stable&id=a470294e6d6ca7059e41c54769b7c3c26ec901d4#n158
+ export LLVM_CONFIG="/usr/lib/llvm15/bin/llvm-config"; \
+# https://git.alpinelinux.org/aports/tree/community/postgresql12/APKBUILD?h=3.18-stable&id=a470294e6d6ca7059e41c54769b7c3c26ec901d4#n163
+ export CLANG=clang-15; \
+ \
+# configure options taken from:
+# https://anonscm.debian.org/cgit/pkg-postgresql/postgresql.git/tree/debian/rules?h=9.5
+ ./configure \
+ --enable-option-checking=fatal \
+ --build="$gnuArch" \
+# "/usr/src/postgresql/src/backend/access/common/tupconvert.c:105: undefined reference to `libintl_gettext'"
+# --enable-nls \
+ --enable-integer-datetimes \
+ --enable-thread-safety \
+ --enable-tap-tests \
+# skip debugging info -- we want tiny size instead
+# --enable-debug \
+ --disable-rpath \
+ --with-uuid=e2fs \
+ --with-gnu-ld \
+ --with-pgport=5432 \
+ --with-system-tzdata=/usr/share/zoneinfo \
+ --prefix=/usr/local \
+ --with-includes=/usr/local/include \
+ --with-libraries=/usr/local/lib \
+ --with-gssapi \
+ --with-ldap \
+ --with-tcl \
+ --with-perl \
+ --with-python \
+# --with-pam \
+ --with-openssl \
+ --with-libxml \
+ --with-libxslt \
+ --with-icu \
+ --with-llvm \
+ ; \
+ make -j "$(nproc)" world; \
+ make install-world; \
+ make -C contrib install; \
+ \
+ runDeps="$( \
+ scanelf --needed --nobanner --format '%n#p' --recursive /usr/local \
+ | tr ',' '\n' \
+ | sort -u \
+ | awk 'system("[ -e /usr/local/lib/" $1 " ]") == 0 { next } { print "so:" $1 }' \
+# Remove plperl, plpython and pltcl dependencies by default to save image size
+# To use the pl extensions, those have to be installed in a derived image
+ | grep -v -e perl -e python -e tcl \
+ )"; \
+ apk add --no-cache --virtual .postgresql-rundeps \
+ $runDeps \
+ bash \
+ su-exec \
+ tzdata \
+ zstd \
+# https://wiki.alpinelinux.org/wiki/Release_Notes_for_Alpine_3.16.0#ICU_data_split
+ icu-data-full \
+# nss_wrapper is not availble on ppc64le: "test case segfaults in ppc64le"
+# https://git.alpinelinux.org/aports/commit/testing/nss_wrapper/APKBUILD?h=3.17-stable&id=94d81ceeb58cff448d489bbcbe9a6d40c9991663
+ $([ "$(apk --print-arch)" != 'ppc64le' ] && echo 'nss_wrapper') \
+ ; \
+ apk del --no-network .build-deps; \
+ cd /; \
+ rm -rf \
+ /usr/src/postgresql \
+ /usr/local/share/doc \
+ /usr/local/share/man \
+ ; \
+ \
+ postgres --version
+
+# make the sample config easier to munge (and "correct by default")
+RUN set -eux; \
+ cp -v /usr/local/share/postgresql/postgresql.conf.sample /usr/local/share/postgresql/postgresql.conf.sample.orig; \
+ sed -ri "s!^#?(listen_addresses)\s*=\s*\S+.*!\1 = '*'!" /usr/local/share/postgresql/postgresql.conf.sample; \
+ grep -F "listen_addresses = '*'" /usr/local/share/postgresql/postgresql.conf.sample
+
+RUN mkdir -p /var/run/postgresql && chown -R postgres:postgres /var/run/postgresql && chmod 3777 /var/run/postgresql
+
+ENV PGDATA /var/lib/postgresql/data
+# this 777 will be replaced by 700 at runtime (allows semi-arbitrary "--user" values)
+RUN mkdir -p "$PGDATA" && chown -R postgres:postgres "$PGDATA" && chmod 1777 "$PGDATA"
+VOLUME /var/lib/postgresql/data
+
+COPY docker-entrypoint.sh /usr/local/bin/
+ENTRYPOINT ["docker-entrypoint.sh"]
+
+# We set the default STOPSIGNAL to SIGINT, which corresponds to what PostgreSQL
+# calls "Fast Shutdown mode" wherein new connections are disallowed and any
+# in-progress transactions are aborted, allowing PostgreSQL to stop cleanly and
+# flush tables to disk, which is the best compromise available to avoid data
+# corruption.
+#
+# Users who know their applications do not keep open long-lived idle connections
+# may way to use a value of SIGTERM instead, which corresponds to "Smart
+# Shutdown mode" in which any existing sessions are allowed to finish and the
+# server stops when all sessions are terminated.
+#
+# See https://www.postgresql.org/docs/12/server-shutdown.html for more details
+# about available PostgreSQL server shutdown signals.
+#
+# See also https://www.postgresql.org/docs/12/server-start.html for further
+# justification of this as the default value, namely that the example (and
+# shipped) systemd service files use the "Fast Shutdown mode" for service
+# termination.
+#
+STOPSIGNAL SIGINT
+#
+# An additional setting that is recommended for all users regardless of this
+# value is the runtime "--stop-timeout" (or your orchestrator/runtime's
+# equivalent) for controlling how long to wait between sending the defined
+# STOPSIGNAL and sending SIGKILL (which is likely to cause data corruption).
+#
+# The default in most runtimes (such as Docker) is 10 seconds, and the
+# documentation at https://www.postgresql.org/docs/12/server-start.html notes
+# that even 90 seconds may not be long enough in many instances.
+
+EXPOSE 5432
+CMD ["postgres"]
diff --git a/15/alpine/docker-entrypoint.sh b/13/alpine3.17/docker-entrypoint.sh
similarity index 100%
rename from 15/alpine/docker-entrypoint.sh
rename to 13/alpine3.17/docker-entrypoint.sh
diff --git a/13/alpine/Dockerfile b/13/alpine3.18/Dockerfile
similarity index 100%
rename from 13/alpine/Dockerfile
rename to 13/alpine3.18/Dockerfile
diff --git a/13/alpine3.18/docker-entrypoint.sh b/13/alpine3.18/docker-entrypoint.sh
new file mode 100755
index 0000000000..a383a36487
--- /dev/null
+++ b/13/alpine3.18/docker-entrypoint.sh
@@ -0,0 +1,351 @@
+#!/usr/bin/env bash
+set -Eeo pipefail
+# TODO swap to -Eeuo pipefail above (after handling all potentially-unset variables)
+
+# usage: file_env VAR [DEFAULT]
+# ie: file_env 'XYZ_DB_PASSWORD' 'example'
+# (will allow for "$XYZ_DB_PASSWORD_FILE" to fill in the value of
+# "$XYZ_DB_PASSWORD" from a file, especially for Docker's secrets feature)
+file_env() {
+ local var="$1"
+ local fileVar="${var}_FILE"
+ local def="${2:-}"
+ if [ "${!var:-}" ] && [ "${!fileVar:-}" ]; then
+ printf >&2 'error: both %s and %s are set (but are exclusive)\n' "$var" "$fileVar"
+ exit 1
+ fi
+ local val="$def"
+ if [ "${!var:-}" ]; then
+ val="${!var}"
+ elif [ "${!fileVar:-}" ]; then
+ val="$(< "${!fileVar}")"
+ fi
+ export "$var"="$val"
+ unset "$fileVar"
+}
+
+# check to see if this file is being run or sourced from another script
+_is_sourced() {
+ # https://unix.stackexchange.com/a/215279
+ [ "${#FUNCNAME[@]}" -ge 2 ] \
+ && [ "${FUNCNAME[0]}" = '_is_sourced' ] \
+ && [ "${FUNCNAME[1]}" = 'source' ]
+}
+
+# used to create initial postgres directories and if run as root, ensure ownership to the "postgres" user
+docker_create_db_directories() {
+ local user; user="$(id -u)"
+
+ mkdir -p "$PGDATA"
+ # ignore failure since there are cases where we can't chmod (and PostgreSQL might fail later anyhow - it's picky about permissions of this directory)
+ chmod 00700 "$PGDATA" || :
+
+ # ignore failure since it will be fine when using the image provided directory; see also https://github.com/docker-library/postgres/pull/289
+ mkdir -p /var/run/postgresql || :
+ chmod 03775 /var/run/postgresql || :
+
+ # Create the transaction log directory before initdb is run so the directory is owned by the correct user
+ if [ -n "${POSTGRES_INITDB_WALDIR:-}" ]; then
+ mkdir -p "$POSTGRES_INITDB_WALDIR"
+ if [ "$user" = '0' ]; then
+ find "$POSTGRES_INITDB_WALDIR" \! -user postgres -exec chown postgres '{}' +
+ fi
+ chmod 700 "$POSTGRES_INITDB_WALDIR"
+ fi
+
+ # allow the container to be started with `--user`
+ if [ "$user" = '0' ]; then
+ find "$PGDATA" \! -user postgres -exec chown postgres '{}' +
+ find /var/run/postgresql \! -user postgres -exec chown postgres '{}' +
+ fi
+}
+
+# initialize empty PGDATA directory with new database via 'initdb'
+# arguments to `initdb` can be passed via POSTGRES_INITDB_ARGS or as arguments to this function
+# `initdb` automatically creates the "postgres", "template0", and "template1" dbnames
+# this is also where the database user is created, specified by `POSTGRES_USER` env
+docker_init_database_dir() {
+ # "initdb" is particular about the current user existing in "/etc/passwd", so we use "nss_wrapper" to fake that if necessary
+ # see https://github.com/docker-library/postgres/pull/253, https://github.com/docker-library/postgres/issues/359, https://cwrap.org/nss_wrapper.html
+ local uid; uid="$(id -u)"
+ if ! getent passwd "$uid" &> /dev/null; then
+ # see if we can find a suitable "libnss_wrapper.so" (https://salsa.debian.org/sssd-team/nss-wrapper/-/commit/b9925a653a54e24d09d9b498a2d913729f7abb15)
+ local wrapper
+ for wrapper in {/usr,}/lib{/*,}/libnss_wrapper.so; do
+ if [ -s "$wrapper" ]; then
+ NSS_WRAPPER_PASSWD="$(mktemp)"
+ NSS_WRAPPER_GROUP="$(mktemp)"
+ export LD_PRELOAD="$wrapper" NSS_WRAPPER_PASSWD NSS_WRAPPER_GROUP
+ local gid; gid="$(id -g)"
+ printf 'postgres:x:%s:%s:PostgreSQL:%s:/bin/false\n' "$uid" "$gid" "$PGDATA" > "$NSS_WRAPPER_PASSWD"
+ printf 'postgres:x:%s:\n' "$gid" > "$NSS_WRAPPER_GROUP"
+ break
+ fi
+ done
+ fi
+
+ if [ -n "${POSTGRES_INITDB_WALDIR:-}" ]; then
+ set -- --waldir "$POSTGRES_INITDB_WALDIR" "$@"
+ fi
+
+ # --pwfile refuses to handle a properly-empty file (hence the "\n"): https://github.com/docker-library/postgres/issues/1025
+ eval 'initdb --username="$POSTGRES_USER" --pwfile=<(printf "%s\n" "$POSTGRES_PASSWORD") '"$POSTGRES_INITDB_ARGS"' "$@"'
+
+ # unset/cleanup "nss_wrapper" bits
+ if [[ "${LD_PRELOAD:-}" == */libnss_wrapper.so ]]; then
+ rm -f "$NSS_WRAPPER_PASSWD" "$NSS_WRAPPER_GROUP"
+ unset LD_PRELOAD NSS_WRAPPER_PASSWD NSS_WRAPPER_GROUP
+ fi
+}
+
+# print large warning if POSTGRES_PASSWORD is long
+# error if both POSTGRES_PASSWORD is empty and POSTGRES_HOST_AUTH_METHOD is not 'trust'
+# print large warning if POSTGRES_HOST_AUTH_METHOD is set to 'trust'
+# assumes database is not set up, ie: [ -z "$DATABASE_ALREADY_EXISTS" ]
+docker_verify_minimum_env() {
+ # check password first so we can output the warning before postgres
+ # messes it up
+ if [ "${#POSTGRES_PASSWORD}" -ge 100 ]; then
+ cat >&2 <<-'EOWARN'
+
+ WARNING: The supplied POSTGRES_PASSWORD is 100+ characters.
+
+ This will not work if used via PGPASSWORD with "psql".
+
+ https://www.postgresql.org/message-id/flat/E1Rqxp2-0004Qt-PL%40wrigleys.postgresql.org (BUG #6412)
+ https://github.com/docker-library/postgres/issues/507
+
+ EOWARN
+ fi
+ if [ -z "$POSTGRES_PASSWORD" ] && [ 'trust' != "$POSTGRES_HOST_AUTH_METHOD" ]; then
+ # The - option suppresses leading tabs but *not* spaces. :)
+ cat >&2 <<-'EOE'
+ Error: Database is uninitialized and superuser password is not specified.
+ You must specify POSTGRES_PASSWORD to a non-empty value for the
+ superuser. For example, "-e POSTGRES_PASSWORD=password" on "docker run".
+
+ You may also use "POSTGRES_HOST_AUTH_METHOD=trust" to allow all
+ connections without a password. This is *not* recommended.
+
+ See PostgreSQL documentation about "trust":
+ https://www.postgresql.org/docs/current/auth-trust.html
+ EOE
+ exit 1
+ fi
+ if [ 'trust' = "$POSTGRES_HOST_AUTH_METHOD" ]; then
+ cat >&2 <<-'EOWARN'
+ ********************************************************************************
+ WARNING: POSTGRES_HOST_AUTH_METHOD has been set to "trust". This will allow
+ anyone with access to the Postgres port to access your database without
+ a password, even if POSTGRES_PASSWORD is set. See PostgreSQL
+ documentation about "trust":
+ https://www.postgresql.org/docs/current/auth-trust.html
+ In Docker's default configuration, this is effectively any other
+ container on the same system.
+
+ It is not recommended to use POSTGRES_HOST_AUTH_METHOD=trust. Replace
+ it with "-e POSTGRES_PASSWORD=password" instead to set a password in
+ "docker run".
+ ********************************************************************************
+ EOWARN
+ fi
+}
+
+# usage: docker_process_init_files [file [file [...]]]
+# ie: docker_process_init_files /always-initdb.d/*
+# process initializer files, based on file extensions and permissions
+docker_process_init_files() {
+ # psql here for backwards compatibility "${psql[@]}"
+ psql=( docker_process_sql )
+
+ printf '\n'
+ local f
+ for f; do
+ case "$f" in
+ *.sh)
+ # https://github.com/docker-library/postgres/issues/450#issuecomment-393167936
+ # https://github.com/docker-library/postgres/pull/452
+ if [ -x "$f" ]; then
+ printf '%s: running %s\n' "$0" "$f"
+ "$f"
+ else
+ printf '%s: sourcing %s\n' "$0" "$f"
+ . "$f"
+ fi
+ ;;
+ *.sql) printf '%s: running %s\n' "$0" "$f"; docker_process_sql -f "$f"; printf '\n' ;;
+ *.sql.gz) printf '%s: running %s\n' "$0" "$f"; gunzip -c "$f" | docker_process_sql; printf '\n' ;;
+ *.sql.xz) printf '%s: running %s\n' "$0" "$f"; xzcat "$f" | docker_process_sql; printf '\n' ;;
+ *.sql.zst) printf '%s: running %s\n' "$0" "$f"; zstd -dc "$f" | docker_process_sql; printf '\n' ;;
+ *) printf '%s: ignoring %s\n' "$0" "$f" ;;
+ esac
+ printf '\n'
+ done
+}
+
+# Execute sql script, passed via stdin (or -f flag of pqsl)
+# usage: docker_process_sql [psql-cli-args]
+# ie: docker_process_sql --dbname=mydb <<<'INSERT ...'
+# ie: docker_process_sql -f my-file.sql
+# ie: docker_process_sql <my-file.sql
+docker_process_sql() {
+ local query_runner=( psql -v ON_ERROR_STOP=1 --username "$POSTGRES_USER" --no-password --no-psqlrc )
+ if [ -n "$POSTGRES_DB" ]; then
+ query_runner+=( --dbname "$POSTGRES_DB" )
+ fi
+
+ PGHOST= PGHOSTADDR= "${query_runner[@]}" "$@"
+}
+
+# create initial database
+# uses environment variables for input: POSTGRES_DB
+docker_setup_db() {
+ local dbAlreadyExists
+ dbAlreadyExists="$(
+ POSTGRES_DB= docker_process_sql --dbname postgres --set db="$POSTGRES_DB" --tuples-only <<-'EOSQL'
+ SELECT 1 FROM pg_database WHERE datname = :'db' ;
+ EOSQL
+ )"
+ if [ -z "$dbAlreadyExists" ]; then
+ POSTGRES_DB= docker_process_sql --dbname postgres --set db="$POSTGRES_DB" <<-'EOSQL'
+ CREATE DATABASE :"db" ;
+ EOSQL
+ printf '\n'
+ fi
+}
+
+# Loads various settings that are used elsewhere in the script
+# This should be called before any other functions
+docker_setup_env() {
+ file_env 'POSTGRES_PASSWORD'
+
+ file_env 'POSTGRES_USER' 'postgres'
+ file_env 'POSTGRES_DB' "$POSTGRES_USER"
+ file_env 'POSTGRES_INITDB_ARGS'
+ : "${POSTGRES_HOST_AUTH_METHOD:=}"
+
+ declare -g DATABASE_ALREADY_EXISTS
+ # look specifically for PG_VERSION, as it is expected in the DB dir
+ if [ -s "$PGDATA/PG_VERSION" ]; then
+ DATABASE_ALREADY_EXISTS='true'
+ fi
+}
+
+# append POSTGRES_HOST_AUTH_METHOD to pg_hba.conf for "host" connections
+# all arguments will be passed along as arguments to `postgres` for getting the value of 'password_encryption'
+pg_setup_hba_conf() {
+ # default authentication method is md5 on versions before 14
+ # https://www.postgresql.org/about/news/postgresql-14-released-2318/
+ if [ "$1" = 'postgres' ]; then
+ shift
+ fi
+ local auth
+ # check the default/configured encryption and use that as the auth method
+ auth="$(postgres -C password_encryption "$@")"
+ : "${POSTGRES_HOST_AUTH_METHOD:=$auth}"
+ {
+ printf '\n'
+ if [ 'trust' = "$POSTGRES_HOST_AUTH_METHOD" ]; then
+ printf '# warning trust is enabled for all connections\n'
+ printf '# see https://www.postgresql.org/docs/12/auth-trust.html\n'
+ fi
+ printf 'host all all all %s\n' "$POSTGRES_HOST_AUTH_METHOD"
+ } >> "$PGDATA/pg_hba.conf"
+}
+
+# start socket-only postgresql server for setting up or running scripts
+# all arguments will be passed along as arguments to `postgres` (via pg_ctl)
+docker_temp_server_start() {
+ if [ "$1" = 'postgres' ]; then
+ shift
+ fi
+
+ # internal start of server in order to allow setup using psql client
+ # does not listen on external TCP/IP and waits until start finishes
+ set -- "$@" -c listen_addresses='' -p "${PGPORT:-5432}"
+
+ PGUSER="${PGUSER:-$POSTGRES_USER}" \
+ pg_ctl -D "$PGDATA" \
+ -o "$(printf '%q ' "$@")" \
+ -w start
+}
+
+# stop postgresql server after done setting up user and running scripts
+docker_temp_server_stop() {
+ PGUSER="${PGUSER:-postgres}" \
+ pg_ctl -D "$PGDATA" -m fast -w stop
+}
+
+# check arguments for an option that would cause postgres to stop
+# return true if there is one
+_pg_want_help() {
+ local arg
+ for arg; do
+ case "$arg" in
+ # postgres --help | grep 'then exit'
+ # leaving out -C on purpose since it always fails and is unhelpful:
+ # postgres: could not access the server configuration file "/var/lib/postgresql/data/postgresql.conf": No such file or directory
+ -'?'|--help|--describe-config|-V|--version)
+ return 0
+ ;;
+ esac
+ done
+ return 1
+}
+
+_main() {
+ # if first arg looks like a flag, assume we want to run postgres server
+ if [ "${1:0:1}" = '-' ]; then
+ set -- postgres "$@"
+ fi
+
+ if [ "$1" = 'postgres' ] && ! _pg_want_help "$@"; then
+ docker_setup_env
+ # setup data directories and permissions (when run as root)
+ docker_create_db_directories
+ if [ "$(id -u)" = '0' ]; then
+ # then restart script as postgres user
+ exec su-exec postgres "$BASH_SOURCE" "$@"
+ fi
+
+ # only run initialization on an empty data directory
+ if [ -z "$DATABASE_ALREADY_EXISTS" ]; then
+ docker_verify_minimum_env
+
+ # check dir permissions to reduce likelihood of half-initialized database
+ ls /docker-entrypoint-initdb.d/ > /dev/null
+
+ docker_init_database_dir
+ pg_setup_hba_conf "$@"
+
+ # PGPASSWORD is required for psql when authentication is required for 'local' connections via pg_hba.conf and is otherwise harmless
+ # e.g. when '--auth=md5' or '--auth-local=md5' is used in POSTGRES_INITDB_ARGS
+ export PGPASSWORD="${PGPASSWORD:-$POSTGRES_PASSWORD}"
+ docker_temp_server_start "$@"
+
+ docker_setup_db
+ docker_process_init_files /docker-entrypoint-initdb.d/*
+
+ docker_temp_server_stop
+ unset PGPASSWORD
+
+ cat <<-'EOM'
+
+ PostgreSQL init process complete; ready for start up.
+
+ EOM
+ else
+ cat <<-'EOM'
+
+ PostgreSQL Database directory appears to contain a database; Skipping initialization
+
+ EOM
+ fi
+ fi
+
+ exec "$@"
+}
+
+if ! _is_sourced; then
+ _main "$@"
+fi
diff --git a/14/alpine3.17/Dockerfile b/14/alpine3.17/Dockerfile
new file mode 100644
index 0000000000..ebdda2f29f
--- /dev/null
+++ b/14/alpine3.17/Dockerfile
@@ -0,0 +1,207 @@
+#
+# NOTE: THIS DOCKERFILE IS GENERATED VIA "apply-templates.sh"
+#
+# PLEASE DO NOT EDIT IT DIRECTLY.
+#
+
+FROM alpine:3.17
+
+# 70 is the standard uid/gid for "postgres" in Alpine
+# https://git.alpinelinux.org/aports/tree/main/postgresql/postgresql.pre-install?h=3.12-stable
+RUN set -eux; \
+ addgroup -g 70 -S postgres; \
+ adduser -u 70 -S -D -G postgres -H -h /var/lib/postgresql -s /bin/sh postgres; \
+ mkdir -p /var/lib/postgresql; \
+ chown -R postgres:postgres /var/lib/postgresql
+
+# su-exec (gosu-compatible) is installed further down
+
+# make the "en_US.UTF-8" locale so postgres will be utf-8 enabled by default
+# alpine doesn't require explicit locale-file generation
+ENV LANG en_US.utf8
+
+RUN mkdir /docker-entrypoint-initdb.d
+
+ENV PG_MAJOR 14
+ENV PG_VERSION 14.8
+ENV PG_SHA256 39d38f0030737ed03835debeefee3b37d335462ce4995e2497bc38d621ebe45a
+
+ENV DOCKER_PG_LLVM_DEPS \
+ llvm15-dev \
+ clang15
+
+RUN set -eux; \
+ \
+ wget -O postgresql.tar.bz2 "https://ftp.postgresql.org/pub/source/v$PG_VERSION/postgresql-$PG_VERSION.tar.bz2"; \
+ echo "$PG_SHA256 *postgresql.tar.bz2" | sha256sum -c -; \
+ mkdir -p /usr/src/postgresql; \
+ tar \
+ --extract \
+ --file postgresql.tar.bz2 \
+ --directory /usr/src/postgresql \
+ --strip-components 1 \
+ ; \
+ rm postgresql.tar.bz2; \
+ \
+ apk add --no-cache --virtual .build-deps \
+ $DOCKER_PG_LLVM_DEPS \
+ bison \
+ coreutils \
+ dpkg-dev dpkg \
+ flex \
+ g++ \
+ gcc \
+ krb5-dev \
+ libc-dev \
+ libedit-dev \
+ libxml2-dev \
+ libxslt-dev \
+ linux-headers \
+ make \
+ openldap-dev \
+ openssl-dev \
+ perl-dev \
+ perl-ipc-run \
+ perl-utils \
+ python3-dev \
+ tcl-dev \
+ util-linux-dev \
+ zlib-dev \
+# https://www.postgresql.org/docs/10/static/release-10.html#id-1.11.6.9.5.13
+ icu-dev \
+# https://www.postgresql.org/docs/14/release-14.html#id-1.11.6.5.5.3.7
+ lz4-dev \
+ ; \
+ \
+ cd /usr/src/postgresql; \
+# update "DEFAULT_PGSOCKET_DIR" to "/var/run/postgresql" (matching Debian)
+# see https://anonscm.debian.org/git/pkg-postgresql/postgresql.git/tree/debian/patches/51-default-sockets-in-var.patch?id=8b539fcb3e093a521c095e70bdfa76887217b89f
+ awk '$1 == "#define" && $2 == "DEFAULT_PGSOCKET_DIR" && $3 == "\"/tmp\"" { $3 = "\"/var/run/postgresql\""; print; next } { print }' src/include/pg_config_manual.h > src/include/pg_config_manual.h.new; \
+ grep '/var/run/postgresql' src/include/pg_config_manual.h.new; \
+ mv src/include/pg_config_manual.h.new src/include/pg_config_manual.h; \
+ gnuArch="$(dpkg-architecture --query DEB_BUILD_GNU_TYPE)"; \
+# explicitly update autoconf config.guess and config.sub so they support more arches/libcs
+ wget -O config/config.guess 'https://git.savannah.gnu.org/cgit/config.git/plain/config.guess?id=7d3d27baf8107b630586c962c057e22149653deb'; \
+ wget -O config/config.sub 'https://git.savannah.gnu.org/cgit/config.git/plain/config.sub?id=7d3d27baf8107b630586c962c057e22149653deb'; \
+ \
+# https://git.alpinelinux.org/aports/tree/community/postgresql12/APKBUILD?h=3.18-stable&id=a470294e6d6ca7059e41c54769b7c3c26ec901d4#n158
+ export LLVM_CONFIG="/usr/lib/llvm15/bin/llvm-config"; \
+# https://git.alpinelinux.org/aports/tree/community/postgresql12/APKBUILD?h=3.18-stable&id=a470294e6d6ca7059e41c54769b7c3c26ec901d4#n163
+ export CLANG=clang-15; \
+ \
+# configure options taken from:
+# https://anonscm.debian.org/cgit/pkg-postgresql/postgresql.git/tree/debian/rules?h=9.5
+ ./configure \
+ --enable-option-checking=fatal \
+ --build="$gnuArch" \
+# "/usr/src/postgresql/src/backend/access/common/tupconvert.c:105: undefined reference to `libintl_gettext'"
+# --enable-nls \
+ --enable-integer-datetimes \
+ --enable-thread-safety \
+ --enable-tap-tests \
+# skip debugging info -- we want tiny size instead
+# --enable-debug \
+ --disable-rpath \
+ --with-uuid=e2fs \
+ --with-gnu-ld \
+ --with-pgport=5432 \
+ --with-system-tzdata=/usr/share/zoneinfo \
+ --prefix=/usr/local \
+ --with-includes=/usr/local/include \
+ --with-libraries=/usr/local/lib \
+ --with-gssapi \
+ --with-ldap \
+ --with-tcl \
+ --with-perl \
+ --with-python \
+# --with-pam \
+ --with-openssl \
+ --with-libxml \
+ --with-libxslt \
+ --with-icu \
+ --with-llvm \
+ --with-lz4 \
+ ; \
+ make -j "$(nproc)" world; \
+ make install-world; \
+ make -C contrib install; \
+ \
+ runDeps="$( \
+ scanelf --needed --nobanner --format '%n#p' --recursive /usr/local \
+ | tr ',' '\n' \
+ | sort -u \
+ | awk 'system("[ -e /usr/local/lib/" $1 " ]") == 0 { next } { print "so:" $1 }' \
+# Remove plperl, plpython and pltcl dependencies by default to save image size
+# To use the pl extensions, those have to be installed in a derived image
+ | grep -v -e perl -e python -e tcl \
+ )"; \
+ apk add --no-cache --virtual .postgresql-rundeps \
+ $runDeps \
+ bash \
+ su-exec \
+ tzdata \
+ zstd \
+# https://wiki.alpinelinux.org/wiki/Release_Notes_for_Alpine_3.16.0#ICU_data_split
+ icu-data-full \
+# nss_wrapper is not availble on ppc64le: "test case segfaults in ppc64le"
+# https://git.alpinelinux.org/aports/commit/testing/nss_wrapper/APKBUILD?h=3.17-stable&id=94d81ceeb58cff448d489bbcbe9a6d40c9991663
+ $([ "$(apk --print-arch)" != 'ppc64le' ] && echo 'nss_wrapper') \
+ ; \
+ apk del --no-network .build-deps; \
+ cd /; \
+ rm -rf \
+ /usr/src/postgresql \
+ /usr/local/share/doc \
+ /usr/local/share/man \
+ ; \
+ \
+ postgres --version
+
+# make the sample config easier to munge (and "correct by default")
+RUN set -eux; \
+ cp -v /usr/local/share/postgresql/postgresql.conf.sample /usr/local/share/postgresql/postgresql.conf.sample.orig; \
+ sed -ri "s!^#?(listen_addresses)\s*=\s*\S+.*!\1 = '*'!" /usr/local/share/postgresql/postgresql.conf.sample; \
+ grep -F "listen_addresses = '*'" /usr/local/share/postgresql/postgresql.conf.sample
+
+RUN mkdir -p /var/run/postgresql && chown -R postgres:postgres /var/run/postgresql && chmod 3777 /var/run/postgresql
+
+ENV PGDATA /var/lib/postgresql/data
+# this 777 will be replaced by 700 at runtime (allows semi-arbitrary "--user" values)
+RUN mkdir -p "$PGDATA" && chown -R postgres:postgres "$PGDATA" && chmod 1777 "$PGDATA"
+VOLUME /var/lib/postgresql/data
+
+COPY docker-entrypoint.sh /usr/local/bin/
+ENTRYPOINT ["docker-entrypoint.sh"]
+
+# We set the default STOPSIGNAL to SIGINT, which corresponds to what PostgreSQL
+# calls "Fast Shutdown mode" wherein new connections are disallowed and any
+# in-progress transactions are aborted, allowing PostgreSQL to stop cleanly and
+# flush tables to disk, which is the best compromise available to avoid data
+# corruption.
+#
+# Users who know their applications do not keep open long-lived idle connections
+# may way to use a value of SIGTERM instead, which corresponds to "Smart
+# Shutdown mode" in which any existing sessions are allowed to finish and the
+# server stops when all sessions are terminated.
+#
+# See https://www.postgresql.org/docs/12/server-shutdown.html for more details
+# about available PostgreSQL server shutdown signals.
+#
+# See also https://www.postgresql.org/docs/12/server-start.html for further
+# justification of this as the default value, namely that the example (and
+# shipped) systemd service files use the "Fast Shutdown mode" for service
+# termination.
+#
+STOPSIGNAL SIGINT
+#
+# An additional setting that is recommended for all users regardless of this
+# value is the runtime "--stop-timeout" (or your orchestrator/runtime's
+# equivalent) for controlling how long to wait between sending the defined
+# STOPSIGNAL and sending SIGKILL (which is likely to cause data corruption).
+#
+# The default in most runtimes (such as Docker) is 10 seconds, and the
+# documentation at https://www.postgresql.org/docs/12/server-start.html notes
+# that even 90 seconds may not be long enough in many instances.
+
+EXPOSE 5432
+CMD ["postgres"]
diff --git a/14/alpine3.17/docker-entrypoint.sh b/14/alpine3.17/docker-entrypoint.sh
new file mode 100755
index 0000000000..a383a36487
--- /dev/null
+++ b/14/alpine3.17/docker-entrypoint.sh
@@ -0,0 +1,351 @@
+#!/usr/bin/env bash
+set -Eeo pipefail
+# TODO swap to -Eeuo pipefail above (after handling all potentially-unset variables)
+
+# usage: file_env VAR [DEFAULT]
+# ie: file_env 'XYZ_DB_PASSWORD' 'example'
+# (will allow for "$XYZ_DB_PASSWORD_FILE" to fill in the value of
+# "$XYZ_DB_PASSWORD" from a file, especially for Docker's secrets feature)
+file_env() {
+ local var="$1"
+ local fileVar="${var}_FILE"
+ local def="${2:-}"
+ if [ "${!var:-}" ] && [ "${!fileVar:-}" ]; then
+ printf >&2 'error: both %s and %s are set (but are exclusive)\n' "$var" "$fileVar"
+ exit 1
+ fi
+ local val="$def"
+ if [ "${!var:-}" ]; then
+ val="${!var}"
+ elif [ "${!fileVar:-}" ]; then
+ val="$(< "${!fileVar}")"
+ fi
+ export "$var"="$val"
+ unset "$fileVar"
+}
+
+# check to see if this file is being run or sourced from another script
+_is_sourced() {
+ # https://unix.stackexchange.com/a/215279
+ [ "${#FUNCNAME[@]}" -ge 2 ] \
+ && [ "${FUNCNAME[0]}" = '_is_sourced' ] \
+ && [ "${FUNCNAME[1]}" = 'source' ]
+}
+
+# used to create initial postgres directories and if run as root, ensure ownership to the "postgres" user
+docker_create_db_directories() {
+ local user; user="$(id -u)"
+
+ mkdir -p "$PGDATA"
+ # ignore failure since there are cases where we can't chmod (and PostgreSQL might fail later anyhow - it's picky about permissions of this directory)
+ chmod 00700 "$PGDATA" || :
+
+ # ignore failure since it will be fine when using the image provided directory; see also https://github.com/docker-library/postgres/pull/289
+ mkdir -p /var/run/postgresql || :
+ chmod 03775 /var/run/postgresql || :
+
+ # Create the transaction log directory before initdb is run so the directory is owned by the correct user
+ if [ -n "${POSTGRES_INITDB_WALDIR:-}" ]; then
+ mkdir -p "$POSTGRES_INITDB_WALDIR"
+ if [ "$user" = '0' ]; then
+ find "$POSTGRES_INITDB_WALDIR" \! -user postgres -exec chown postgres '{}' +
+ fi
+ chmod 700 "$POSTGRES_INITDB_WALDIR"
+ fi
+
+ # allow the container to be started with `--user`
+ if [ "$user" = '0' ]; then
+ find "$PGDATA" \! -user postgres -exec chown postgres '{}' +
+ find /var/run/postgresql \! -user postgres -exec chown postgres '{}' +
+ fi
+}
+
+# initialize empty PGDATA directory with new database via 'initdb'
+# arguments to `initdb` can be passed via POSTGRES_INITDB_ARGS or as arguments to this function
+# `initdb` automatically creates the "postgres", "template0", and "template1" dbnames
+# this is also where the database user is created, specified by `POSTGRES_USER` env
+docker_init_database_dir() {
+ # "initdb" is particular about the current user existing in "/etc/passwd", so we use "nss_wrapper" to fake that if necessary
+ # see https://github.com/docker-library/postgres/pull/253, https://github.com/docker-library/postgres/issues/359, https://cwrap.org/nss_wrapper.html
+ local uid; uid="$(id -u)"
+ if ! getent passwd "$uid" &> /dev/null; then
+ # see if we can find a suitable "libnss_wrapper.so" (https://salsa.debian.org/sssd-team/nss-wrapper/-/commit/b9925a653a54e24d09d9b498a2d913729f7abb15)
+ local wrapper
+ for wrapper in {/usr,}/lib{/*,}/libnss_wrapper.so; do
+ if [ -s "$wrapper" ]; then
+ NSS_WRAPPER_PASSWD="$(mktemp)"
+ NSS_WRAPPER_GROUP="$(mktemp)"
+ export LD_PRELOAD="$wrapper" NSS_WRAPPER_PASSWD NSS_WRAPPER_GROUP
+ local gid; gid="$(id -g)"
+ printf 'postgres:x:%s:%s:PostgreSQL:%s:/bin/false\n' "$uid" "$gid" "$PGDATA" > "$NSS_WRAPPER_PASSWD"
+ printf 'postgres:x:%s:\n' "$gid" > "$NSS_WRAPPER_GROUP"
+ break
+ fi
+ done
+ fi
+
+ if [ -n "${POSTGRES_INITDB_WALDIR:-}" ]; then
+ set -- --waldir "$POSTGRES_INITDB_WALDIR" "$@"
+ fi
+
+ # --pwfile refuses to handle a properly-empty file (hence the "\n"): https://github.com/docker-library/postgres/issues/1025
+ eval 'initdb --username="$POSTGRES_USER" --pwfile=<(printf "%s\n" "$POSTGRES_PASSWORD") '"$POSTGRES_INITDB_ARGS"' "$@"'
+
+ # unset/cleanup "nss_wrapper" bits
+ if [[ "${LD_PRELOAD:-}" == */libnss_wrapper.so ]]; then
+ rm -f "$NSS_WRAPPER_PASSWD" "$NSS_WRAPPER_GROUP"
+ unset LD_PRELOAD NSS_WRAPPER_PASSWD NSS_WRAPPER_GROUP
+ fi
+}
+
+# print large warning if POSTGRES_PASSWORD is long
+# error if both POSTGRES_PASSWORD is empty and POSTGRES_HOST_AUTH_METHOD is not 'trust'
+# print large warning if POSTGRES_HOST_AUTH_METHOD is set to 'trust'
+# assumes database is not set up, ie: [ -z "$DATABASE_ALREADY_EXISTS" ]
+docker_verify_minimum_env() {
+ # check password first so we can output the warning before postgres
+ # messes it up
+ if [ "${#POSTGRES_PASSWORD}" -ge 100 ]; then
+ cat >&2 <<-'EOWARN'
+
+ WARNING: The supplied POSTGRES_PASSWORD is 100+ characters.
+
+ This will not work if used via PGPASSWORD with "psql".
+
+ https://www.postgresql.org/message-id/flat/E1Rqxp2-0004Qt-PL%40wrigleys.postgresql.org (BUG #6412)
+ https://github.com/docker-library/postgres/issues/507
+
+ EOWARN
+ fi
+ if [ -z "$POSTGRES_PASSWORD" ] && [ 'trust' != "$POSTGRES_HOST_AUTH_METHOD" ]; then
+ # The - option suppresses leading tabs but *not* spaces. :)
+ cat >&2 <<-'EOE'
+ Error: Database is uninitialized and superuser password is not specified.
+ You must specify POSTGRES_PASSWORD to a non-empty value for the
+ superuser. For example, "-e POSTGRES_PASSWORD=password" on "docker run".
+
+ You may also use "POSTGRES_HOST_AUTH_METHOD=trust" to allow all
+ connections without a password. This is *not* recommended.
+
+ See PostgreSQL documentation about "trust":
+ https://www.postgresql.org/docs/current/auth-trust.html
+ EOE
+ exit 1
+ fi
+ if [ 'trust' = "$POSTGRES_HOST_AUTH_METHOD" ]; then
+ cat >&2 <<-'EOWARN'
+ ********************************************************************************
+ WARNING: POSTGRES_HOST_AUTH_METHOD has been set to "trust". This will allow
+ anyone with access to the Postgres port to access your database without
+ a password, even if POSTGRES_PASSWORD is set. See PostgreSQL
+ documentation about "trust":
+ https://www.postgresql.org/docs/current/auth-trust.html
+ In Docker's default configuration, this is effectively any other
+ container on the same system.
+
+ It is not recommended to use POSTGRES_HOST_AUTH_METHOD=trust. Replace
+ it with "-e POSTGRES_PASSWORD=password" instead to set a password in
+ "docker run".
+ ********************************************************************************
+ EOWARN
+ fi
+}
+
+# usage: docker_process_init_files [file [file [...]]]
+# ie: docker_process_init_files /always-initdb.d/*
+# process initializer files, based on file extensions and permissions
+docker_process_init_files() {
+ # psql here for backwards compatibility "${psql[@]}"
+ psql=( docker_process_sql )
+
+ printf '\n'
+ local f
+ for f; do
+ case "$f" in
+ *.sh)
+ # https://github.com/docker-library/postgres/issues/450#issuecomment-393167936
+ # https://github.com/docker-library/postgres/pull/452
+ if [ -x "$f" ]; then
+ printf '%s: running %s\n' "$0" "$f"
+ "$f"
+ else
+ printf '%s: sourcing %s\n' "$0" "$f"
+ . "$f"
+ fi
+ ;;
+ *.sql) printf '%s: running %s\n' "$0" "$f"; docker_process_sql -f "$f"; printf '\n' ;;
+ *.sql.gz) printf '%s: running %s\n' "$0" "$f"; gunzip -c "$f" | docker_process_sql; printf '\n' ;;
+ *.sql.xz) printf '%s: running %s\n' "$0" "$f"; xzcat "$f" | docker_process_sql; printf '\n' ;;
+ *.sql.zst) printf '%s: running %s\n' "$0" "$f"; zstd -dc "$f" | docker_process_sql; printf '\n' ;;
+ *) printf '%s: ignoring %s\n' "$0" "$f" ;;
+ esac
+ printf '\n'
+ done
+}
+
+# Execute sql script, passed via stdin (or -f flag of pqsl)
+# usage: docker_process_sql [psql-cli-args]
+# ie: docker_process_sql --dbname=mydb <<<'INSERT ...'
+# ie: docker_process_sql -f my-file.sql
+# ie: docker_process_sql <my-file.sql
+docker_process_sql() {
+ local query_runner=( psql -v ON_ERROR_STOP=1 --username "$POSTGRES_USER" --no-password --no-psqlrc )
+ if [ -n "$POSTGRES_DB" ]; then
+ query_runner+=( --dbname "$POSTGRES_DB" )
+ fi
+
+ PGHOST= PGHOSTADDR= "${query_runner[@]}" "$@"
+}
+
+# create initial database
+# uses environment variables for input: POSTGRES_DB
+docker_setup_db() {
+ local dbAlreadyExists
+ dbAlreadyExists="$(
+ POSTGRES_DB= docker_process_sql --dbname postgres --set db="$POSTGRES_DB" --tuples-only <<-'EOSQL'
+ SELECT 1 FROM pg_database WHERE datname = :'db' ;
+ EOSQL
+ )"
+ if [ -z "$dbAlreadyExists" ]; then
+ POSTGRES_DB= docker_process_sql --dbname postgres --set db="$POSTGRES_DB" <<-'EOSQL'
+ CREATE DATABASE :"db" ;
+ EOSQL
+ printf '\n'
+ fi
+}
+
+# Loads various settings that are used elsewhere in the script
+# This should be called before any other functions
+docker_setup_env() {
+ file_env 'POSTGRES_PASSWORD'
+
+ file_env 'POSTGRES_USER' 'postgres'
+ file_env 'POSTGRES_DB' "$POSTGRES_USER"
+ file_env 'POSTGRES_INITDB_ARGS'
+ : "${POSTGRES_HOST_AUTH_METHOD:=}"
+
+ declare -g DATABASE_ALREADY_EXISTS
+ # look specifically for PG_VERSION, as it is expected in the DB dir
+ if [ -s "$PGDATA/PG_VERSION" ]; then
+ DATABASE_ALREADY_EXISTS='true'
+ fi
+}
+
+# append POSTGRES_HOST_AUTH_METHOD to pg_hba.conf for "host" connections
+# all arguments will be passed along as arguments to `postgres` for getting the value of 'password_encryption'
+pg_setup_hba_conf() {
+ # default authentication method is md5 on versions before 14
+ # https://www.postgresql.org/about/news/postgresql-14-released-2318/
+ if [ "$1" = 'postgres' ]; then
+ shift
+ fi
+ local auth
+ # check the default/configured encryption and use that as the auth method
+ auth="$(postgres -C password_encryption "$@")"
+ : "${POSTGRES_HOST_AUTH_METHOD:=$auth}"
+ {
+ printf '\n'
+ if [ 'trust' = "$POSTGRES_HOST_AUTH_METHOD" ]; then
+ printf '# warning trust is enabled for all connections\n'
+ printf '# see https://www.postgresql.org/docs/12/auth-trust.html\n'
+ fi
+ printf 'host all all all %s\n' "$POSTGRES_HOST_AUTH_METHOD"
+ } >> "$PGDATA/pg_hba.conf"
+}
+
+# start socket-only postgresql server for setting up or running scripts
+# all arguments will be passed along as arguments to `postgres` (via pg_ctl)
+docker_temp_server_start() {
+ if [ "$1" = 'postgres' ]; then
+ shift
+ fi
+
+ # internal start of server in order to allow setup using psql client
+ # does not listen on external TCP/IP and waits until start finishes
+ set -- "$@" -c listen_addresses='' -p "${PGPORT:-5432}"
+
+ PGUSER="${PGUSER:-$POSTGRES_USER}" \
+ pg_ctl -D "$PGDATA" \
+ -o "$(printf '%q ' "$@")" \
+ -w start
+}
+
+# stop postgresql server after done setting up user and running scripts
+docker_temp_server_stop() {
+ PGUSER="${PGUSER:-postgres}" \
+ pg_ctl -D "$PGDATA" -m fast -w stop
+}
+
+# check arguments for an option that would cause postgres to stop
+# return true if there is one
+_pg_want_help() {
+ local arg
+ for arg; do
+ case "$arg" in
+ # postgres --help | grep 'then exit'
+ # leaving out -C on purpose since it always fails and is unhelpful:
+ # postgres: could not access the server configuration file "/var/lib/postgresql/data/postgresql.conf": No such file or directory
+ -'?'|--help|--describe-config|-V|--version)
+ return 0
+ ;;
+ esac
+ done
+ return 1
+}
+
+_main() {
+ # if first arg looks like a flag, assume we want to run postgres server
+ if [ "${1:0:1}" = '-' ]; then
+ set -- postgres "$@"
+ fi
+
+ if [ "$1" = 'postgres' ] && ! _pg_want_help "$@"; then
+ docker_setup_env
+ # setup data directories and permissions (when run as root)
+ docker_create_db_directories
+ if [ "$(id -u)" = '0' ]; then
+ # then restart script as postgres user
+ exec su-exec postgres "$BASH_SOURCE" "$@"
+ fi
+
+ # only run initialization on an empty data directory
+ if [ -z "$DATABASE_ALREADY_EXISTS" ]; then
+ docker_verify_minimum_env
+
+ # check dir permissions to reduce likelihood of half-initialized database
+ ls /docker-entrypoint-initdb.d/ > /dev/null
+
+ docker_init_database_dir
+ pg_setup_hba_conf "$@"
+
+ # PGPASSWORD is required for psql when authentication is required for 'local' connections via pg_hba.conf and is otherwise harmless
+ # e.g. when '--auth=md5' or '--auth-local=md5' is used in POSTGRES_INITDB_ARGS
+ export PGPASSWORD="${PGPASSWORD:-$POSTGRES_PASSWORD}"
+ docker_temp_server_start "$@"
+
+ docker_setup_db
+ docker_process_init_files /docker-entrypoint-initdb.d/*
+
+ docker_temp_server_stop
+ unset PGPASSWORD
+
+ cat <<-'EOM'
+
+ PostgreSQL init process complete; ready for start up.
+
+ EOM
+ else
+ cat <<-'EOM'
+
+ PostgreSQL Database directory appears to contain a database; Skipping initialization
+
+ EOM
+ fi
+ fi
+
+ exec "$@"
+}
+
+if ! _is_sourced; then
+ _main "$@"
+fi
diff --git a/14/alpine/Dockerfile b/14/alpine3.18/Dockerfile
similarity index 100%
rename from 14/alpine/Dockerfile
rename to 14/alpine3.18/Dockerfile
diff --git a/14/alpine3.18/docker-entrypoint.sh b/14/alpine3.18/docker-entrypoint.sh
new file mode 100755
index 0000000000..a383a36487
--- /dev/null
+++ b/14/alpine3.18/docker-entrypoint.sh
@@ -0,0 +1,351 @@
+#!/usr/bin/env bash
+set -Eeo pipefail
+# TODO swap to -Eeuo pipefail above (after handling all potentially-unset variables)
+
+# usage: file_env VAR [DEFAULT]
+# ie: file_env 'XYZ_DB_PASSWORD' 'example'
+# (will allow for "$XYZ_DB_PASSWORD_FILE" to fill in the value of
+# "$XYZ_DB_PASSWORD" from a file, especially for Docker's secrets feature)
+file_env() {
+ local var="$1"
+ local fileVar="${var}_FILE"
+ local def="${2:-}"
+ if [ "${!var:-}" ] && [ "${!fileVar:-}" ]; then
+ printf >&2 'error: both %s and %s are set (but are exclusive)\n' "$var" "$fileVar"
+ exit 1
+ fi
+ local val="$def"
+ if [ "${!var:-}" ]; then
+ val="${!var}"
+ elif [ "${!fileVar:-}" ]; then
+ val="$(< "${!fileVar}")"
+ fi
+ export "$var"="$val"
+ unset "$fileVar"
+}
+
+# check to see if this file is being run or sourced from another script
+_is_sourced() {
+ # https://unix.stackexchange.com/a/215279
+ [ "${#FUNCNAME[@]}" -ge 2 ] \
+ && [ "${FUNCNAME[0]}" = '_is_sourced' ] \
+ && [ "${FUNCNAME[1]}" = 'source' ]
+}
+
+# used to create initial postgres directories and if run as root, ensure ownership to the "postgres" user
+docker_create_db_directories() {
+ local user; user="$(id -u)"
+
+ mkdir -p "$PGDATA"
+ # ignore failure since there are cases where we can't chmod (and PostgreSQL might fail later anyhow - it's picky about permissions of this directory)
+ chmod 00700 "$PGDATA" || :
+
+ # ignore failure since it will be fine when using the image provided directory; see also https://github.com/docker-library/postgres/pull/289
+ mkdir -p /var/run/postgresql || :
+ chmod 03775 /var/run/postgresql || :
+
+ # Create the transaction log directory before initdb is run so the directory is owned by the correct user
+ if [ -n "${POSTGRES_INITDB_WALDIR:-}" ]; then
+ mkdir -p "$POSTGRES_INITDB_WALDIR"
+ if [ "$user" = '0' ]; then
+ find "$POSTGRES_INITDB_WALDIR" \! -user postgres -exec chown postgres '{}' +
+ fi
+ chmod 700 "$POSTGRES_INITDB_WALDIR"
+ fi
+
+ # allow the container to be started with `--user`
+ if [ "$user" = '0' ]; then
+ find "$PGDATA" \! -user postgres -exec chown postgres '{}' +
+ find /var/run/postgresql \! -user postgres -exec chown postgres '{}' +
+ fi
+}
+
+# initialize empty PGDATA directory with new database via 'initdb'
+# arguments to `initdb` can be passed via POSTGRES_INITDB_ARGS or as arguments to this function
+# `initdb` automatically creates the "postgres", "template0", and "template1" dbnames
+# this is also where the database user is created, specified by `POSTGRES_USER` env
+docker_init_database_dir() {
+ # "initdb" is particular about the current user existing in "/etc/passwd", so we use "nss_wrapper" to fake that if necessary
+ # see https://github.com/docker-library/postgres/pull/253, https://github.com/docker-library/postgres/issues/359, https://cwrap.org/nss_wrapper.html
+ local uid; uid="$(id -u)"
+ if ! getent passwd "$uid" &> /dev/null; then
+ # see if we can find a suitable "libnss_wrapper.so" (https://salsa.debian.org/sssd-team/nss-wrapper/-/commit/b9925a653a54e24d09d9b498a2d913729f7abb15)
+ local wrapper
+ for wrapper in {/usr,}/lib{/*,}/libnss_wrapper.so; do
+ if [ -s "$wrapper" ]; then
+ NSS_WRAPPER_PASSWD="$(mktemp)"
+ NSS_WRAPPER_GROUP="$(mktemp)"
+ export LD_PRELOAD="$wrapper" NSS_WRAPPER_PASSWD NSS_WRAPPER_GROUP
+ local gid; gid="$(id -g)"
+ printf 'postgres:x:%s:%s:PostgreSQL:%s:/bin/false\n' "$uid" "$gid" "$PGDATA" > "$NSS_WRAPPER_PASSWD"
+ printf 'postgres:x:%s:\n' "$gid" > "$NSS_WRAPPER_GROUP"
+ break
+ fi
+ done
+ fi
+
+ if [ -n "${POSTGRES_INITDB_WALDIR:-}" ]; then
+ set -- --waldir "$POSTGRES_INITDB_WALDIR" "$@"
+ fi
+
+ # --pwfile refuses to handle a properly-empty file (hence the "\n"): https://github.com/docker-library/postgres/issues/1025
+ eval 'initdb --username="$POSTGRES_USER" --pwfile=<(printf "%s\n" "$POSTGRES_PASSWORD") '"$POSTGRES_INITDB_ARGS"' "$@"'
+
+ # unset/cleanup "nss_wrapper" bits
+ if [[ "${LD_PRELOAD:-}" == */libnss_wrapper.so ]]; then
+ rm -f "$NSS_WRAPPER_PASSWD" "$NSS_WRAPPER_GROUP"
+ unset LD_PRELOAD NSS_WRAPPER_PASSWD NSS_WRAPPER_GROUP
+ fi
+}
+
+# print large warning if POSTGRES_PASSWORD is long
+# error if both POSTGRES_PASSWORD is empty and POSTGRES_HOST_AUTH_METHOD is not 'trust'
+# print large warning if POSTGRES_HOST_AUTH_METHOD is set to 'trust'
+# assumes database is not set up, ie: [ -z "$DATABASE_ALREADY_EXISTS" ]
+docker_verify_minimum_env() {
+ # check password first so we can output the warning before postgres
+ # messes it up
+ if [ "${#POSTGRES_PASSWORD}" -ge 100 ]; then
+ cat >&2 <<-'EOWARN'
+
+ WARNING: The supplied POSTGRES_PASSWORD is 100+ characters.
+
+ This will not work if used via PGPASSWORD with "psql".
+
+ https://www.postgresql.org/message-id/flat/E1Rqxp2-0004Qt-PL%40wrigleys.postgresql.org (BUG #6412)
+ https://github.com/docker-library/postgres/issues/507
+
+ EOWARN
+ fi
+ if [ -z "$POSTGRES_PASSWORD" ] && [ 'trust' != "$POSTGRES_HOST_AUTH_METHOD" ]; then
+ # The - option suppresses leading tabs but *not* spaces. :)
+ cat >&2 <<-'EOE'
+ Error: Database is uninitialized and superuser password is not specified.
+ You must specify POSTGRES_PASSWORD to a non-empty value for the
+ superuser. For example, "-e POSTGRES_PASSWORD=password" on "docker run".
+
+ You may also use "POSTGRES_HOST_AUTH_METHOD=trust" to allow all
+ connections without a password. This is *not* recommended.
+
+ See PostgreSQL documentation about "trust":
+ https://www.postgresql.org/docs/current/auth-trust.html
+ EOE
+ exit 1
+ fi
+ if [ 'trust' = "$POSTGRES_HOST_AUTH_METHOD" ]; then
+ cat >&2 <<-'EOWARN'
+ ********************************************************************************
+ WARNING: POSTGRES_HOST_AUTH_METHOD has been set to "trust". This will allow
+ anyone with access to the Postgres port to access your database without
+ a password, even if POSTGRES_PASSWORD is set. See PostgreSQL
+ documentation about "trust":
+ https://www.postgresql.org/docs/current/auth-trust.html
+ In Docker's default configuration, this is effectively any other
+ container on the same system.
+
+ It is not recommended to use POSTGRES_HOST_AUTH_METHOD=trust. Replace
+ it with "-e POSTGRES_PASSWORD=password" instead to set a password in
+ "docker run".
+ ********************************************************************************
+ EOWARN
+ fi
+}
+
+# usage: docker_process_init_files [file [file [...]]]
+# ie: docker_process_init_files /always-initdb.d/*
+# process initializer files, based on file extensions and permissions
+docker_process_init_files() {
+ # psql here for backwards compatibility "${psql[@]}"
+ psql=( docker_process_sql )
+
+ printf '\n'
+ local f
+ for f; do
+ case "$f" in
+ *.sh)
+ # https://github.com/docker-library/postgres/issues/450#issuecomment-393167936
+ # https://github.com/docker-library/postgres/pull/452
+ if [ -x "$f" ]; then
+ printf '%s: running %s\n' "$0" "$f"
+ "$f"
+ else
+ printf '%s: sourcing %s\n' "$0" "$f"
+ . "$f"
+ fi
+ ;;
+ *.sql) printf '%s: running %s\n' "$0" "$f"; docker_process_sql -f "$f"; printf '\n' ;;
+ *.sql.gz) printf '%s: running %s\n' "$0" "$f"; gunzip -c "$f" | docker_process_sql; printf '\n' ;;
+ *.sql.xz) printf '%s: running %s\n' "$0" "$f"; xzcat "$f" | docker_process_sql; printf '\n' ;;
+ *.sql.zst) printf '%s: running %s\n' "$0" "$f"; zstd -dc "$f" | docker_process_sql; printf '\n' ;;
+ *) printf '%s: ignoring %s\n' "$0" "$f" ;;
+ esac
+ printf '\n'
+ done
+}
+
+# Execute sql script, passed via stdin (or -f flag of pqsl)
+# usage: docker_process_sql [psql-cli-args]
+# ie: docker_process_sql --dbname=mydb <<<'INSERT ...'
+# ie: docker_process_sql -f my-file.sql
+# ie: docker_process_sql <my-file.sql
+docker_process_sql() {
+ local query_runner=( psql -v ON_ERROR_STOP=1 --username "$POSTGRES_USER" --no-password --no-psqlrc )
+ if [ -n "$POSTGRES_DB" ]; then
+ query_runner+=( --dbname "$POSTGRES_DB" )
+ fi
+
+ PGHOST= PGHOSTADDR= "${query_runner[@]}" "$@"
+}
+
+# create initial database
+# uses environment variables for input: POSTGRES_DB
+docker_setup_db() {
+ local dbAlreadyExists
+ dbAlreadyExists="$(
+ POSTGRES_DB= docker_process_sql --dbname postgres --set db="$POSTGRES_DB" --tuples-only <<-'EOSQL'
+ SELECT 1 FROM pg_database WHERE datname = :'db' ;
+ EOSQL
+ )"
+ if [ -z "$dbAlreadyExists" ]; then
+ POSTGRES_DB= docker_process_sql --dbname postgres --set db="$POSTGRES_DB" <<-'EOSQL'
+ CREATE DATABASE :"db" ;
+ EOSQL
+ printf '\n'
+ fi
+}
+
+# Loads various settings that are used elsewhere in the script
+# This should be called before any other functions
+docker_setup_env() {
+ file_env 'POSTGRES_PASSWORD'
+
+ file_env 'POSTGRES_USER' 'postgres'
+ file_env 'POSTGRES_DB' "$POSTGRES_USER"
+ file_env 'POSTGRES_INITDB_ARGS'
+ : "${POSTGRES_HOST_AUTH_METHOD:=}"
+
+ declare -g DATABASE_ALREADY_EXISTS
+ # look specifically for PG_VERSION, as it is expected in the DB dir
+ if [ -s "$PGDATA/PG_VERSION" ]; then
+ DATABASE_ALREADY_EXISTS='true'
+ fi
+}
+
+# append POSTGRES_HOST_AUTH_METHOD to pg_hba.conf for "host" connections
+# all arguments will be passed along as arguments to `postgres` for getting the value of 'password_encryption'
+pg_setup_hba_conf() {
+ # default authentication method is md5 on versions before 14
+ # https://www.postgresql.org/about/news/postgresql-14-released-2318/
+ if [ "$1" = 'postgres' ]; then
+ shift
+ fi
+ local auth
+ # check the default/configured encryption and use that as the auth method
+ auth="$(postgres -C password_encryption "$@")"
+ : "${POSTGRES_HOST_AUTH_METHOD:=$auth}"
+ {
+ printf '\n'
+ if [ 'trust' = "$POSTGRES_HOST_AUTH_METHOD" ]; then
+ printf '# warning trust is enabled for all connections\n'
+ printf '# see https://www.postgresql.org/docs/12/auth-trust.html\n'
+ fi
+ printf 'host all all all %s\n' "$POSTGRES_HOST_AUTH_METHOD"
+ } >> "$PGDATA/pg_hba.conf"
+}
+
+# start socket-only postgresql server for setting up or running scripts
+# all arguments will be passed along as arguments to `postgres` (via pg_ctl)
+docker_temp_server_start() {
+ if [ "$1" = 'postgres' ]; then
+ shift
+ fi
+
+ # internal start of server in order to allow setup using psql client
+ # does not listen on external TCP/IP and waits until start finishes
+ set -- "$@" -c listen_addresses='' -p "${PGPORT:-5432}"
+
+ PGUSER="${PGUSER:-$POSTGRES_USER}" \
+ pg_ctl -D "$PGDATA" \
+ -o "$(printf '%q ' "$@")" \
+ -w start
+}
+
+# stop postgresql server after done setting up user and running scripts
+docker_temp_server_stop() {
+ PGUSER="${PGUSER:-postgres}" \
+ pg_ctl -D "$PGDATA" -m fast -w stop
+}
+
+# check arguments for an option that would cause postgres to stop
+# return true if there is one
+_pg_want_help() {
+ local arg
+ for arg; do
+ case "$arg" in
+ # postgres --help | grep 'then exit'
+ # leaving out -C on purpose since it always fails and is unhelpful:
+ # postgres: could not access the server configuration file "/var/lib/postgresql/data/postgresql.conf": No such file or directory
+ -'?'|--help|--describe-config|-V|--version)
+ return 0
+ ;;
+ esac
+ done
+ return 1
+}
+
+_main() {
+ # if first arg looks like a flag, assume we want to run postgres server
+ if [ "${1:0:1}" = '-' ]; then
+ set -- postgres "$@"
+ fi
+
+ if [ "$1" = 'postgres' ] && ! _pg_want_help "$@"; then
+ docker_setup_env
+ # setup data directories and permissions (when run as root)
+ docker_create_db_directories
+ if [ "$(id -u)" = '0' ]; then
+ # then restart script as postgres user
+ exec su-exec postgres "$BASH_SOURCE" "$@"
+ fi
+
+ # only run initialization on an empty data directory
+ if [ -z "$DATABASE_ALREADY_EXISTS" ]; then
+ docker_verify_minimum_env
+
+ # check dir permissions to reduce likelihood of half-initialized database
+ ls /docker-entrypoint-initdb.d/ > /dev/null
+
+ docker_init_database_dir
+ pg_setup_hba_conf "$@"
+
+ # PGPASSWORD is required for psql when authentication is required for 'local' connections via pg_hba.conf and is otherwise harmless
+ # e.g. when '--auth=md5' or '--auth-local=md5' is used in POSTGRES_INITDB_ARGS
+ export PGPASSWORD="${PGPASSWORD:-$POSTGRES_PASSWORD}"
+ docker_temp_server_start "$@"
+
+ docker_setup_db
+ docker_process_init_files /docker-entrypoint-initdb.d/*
+
+ docker_temp_server_stop
+ unset PGPASSWORD
+
+ cat <<-'EOM'
+
+ PostgreSQL init process complete; ready for start up.
+
+ EOM
+ else
+ cat <<-'EOM'
+
+ PostgreSQL Database directory appears to contain a database; Skipping initialization
+
+ EOM
+ fi
+ fi
+
+ exec "$@"
+}
+
+if ! _is_sourced; then
+ _main "$@"
+fi
diff --git a/15/alpine3.17/Dockerfile b/15/alpine3.17/Dockerfile
new file mode 100644
index 0000000000..42c7ee1dbb
--- /dev/null
+++ b/15/alpine3.17/Dockerfile
@@ -0,0 +1,210 @@
+#
+# NOTE: THIS DOCKERFILE IS GENERATED VIA "apply-templates.sh"
+#
+# PLEASE DO NOT EDIT IT DIRECTLY.
+#
+
+FROM alpine:3.17
+
+# 70 is the standard uid/gid for "postgres" in Alpine
+# https://git.alpinelinux.org/aports/tree/main/postgresql/postgresql.pre-install?h=3.12-stable
+RUN set -eux; \
+ addgroup -g 70 -S postgres; \
+ adduser -u 70 -S -D -G postgres -H -h /var/lib/postgresql -s /bin/sh postgres; \
+ mkdir -p /var/lib/postgresql; \
+ chown -R postgres:postgres /var/lib/postgresql
+
+# su-exec (gosu-compatible) is installed further down
+
+# make the "en_US.UTF-8" locale so postgres will be utf-8 enabled by default
+# alpine doesn't require explicit locale-file generation
+ENV LANG en_US.utf8
+
+RUN mkdir /docker-entrypoint-initdb.d
+
+ENV PG_MAJOR 15
+ENV PG_VERSION 15.3
+ENV PG_SHA256 ffc7d4891f00ffbf5c3f4eab7fbbced8460b8c0ee63c5a5167133b9e6599d932
+
+ENV DOCKER_PG_LLVM_DEPS \
+ llvm15-dev \
+ clang15
+
+RUN set -eux; \
+ \
+ wget -O postgresql.tar.bz2 "https://ftp.postgresql.org/pub/source/v$PG_VERSION/postgresql-$PG_VERSION.tar.bz2"; \
+ echo "$PG_SHA256 *postgresql.tar.bz2" | sha256sum -c -; \
+ mkdir -p /usr/src/postgresql; \
+ tar \
+ --extract \
+ --file postgresql.tar.bz2 \
+ --directory /usr/src/postgresql \
+ --strip-components 1 \
+ ; \
+ rm postgresql.tar.bz2; \
+ \
+ apk add --no-cache --virtual .build-deps \
+ $DOCKER_PG_LLVM_DEPS \
+ bison \
+ coreutils \
+ dpkg-dev dpkg \
+ flex \
+ g++ \
+ gcc \
+ krb5-dev \
+ libc-dev \
+ libedit-dev \
+ libxml2-dev \
+ libxslt-dev \
+ linux-headers \
+ make \
+ openldap-dev \
+ openssl-dev \
+ perl-dev \
+ perl-ipc-run \
+ perl-utils \
+ python3-dev \
+ tcl-dev \
+ util-linux-dev \
+ zlib-dev \
+# https://www.postgresql.org/docs/10/static/release-10.html#id-1.11.6.9.5.13
+ icu-dev \
+# https://www.postgresql.org/docs/14/release-14.html#id-1.11.6.5.5.3.7
+ lz4-dev \
+# https://www.postgresql.org/docs/15/release-15.html "--with-zstd to enable Zstandard builds"
+ zstd-dev \
+ ; \
+ \
+ cd /usr/src/postgresql; \
+# update "DEFAULT_PGSOCKET_DIR" to "/var/run/postgresql" (matching Debian)
+# see https://anonscm.debian.org/git/pkg-postgresql/postgresql.git/tree/debian/patches/51-default-sockets-in-var.patch?id=8b539fcb3e093a521c095e70bdfa76887217b89f
+ awk '$1 == "#define" && $2 == "DEFAULT_PGSOCKET_DIR" && $3 == "\"/tmp\"" { $3 = "\"/var/run/postgresql\""; print; next } { print }' src/include/pg_config_manual.h > src/include/pg_config_manual.h.new; \
+ grep '/var/run/postgresql' src/include/pg_config_manual.h.new; \
+ mv src/include/pg_config_manual.h.new src/include/pg_config_manual.h; \
+ gnuArch="$(dpkg-architecture --query DEB_BUILD_GNU_TYPE)"; \
+# explicitly update autoconf config.guess and config.sub so they support more arches/libcs
+ wget -O config/config.guess 'https://git.savannah.gnu.org/cgit/config.git/plain/config.guess?id=7d3d27baf8107b630586c962c057e22149653deb'; \
+ wget -O config/config.sub 'https://git.savannah.gnu.org/cgit/config.git/plain/config.sub?id=7d3d27baf8107b630586c962c057e22149653deb'; \
+ \
+# https://git.alpinelinux.org/aports/tree/community/postgresql12/APKBUILD?h=3.18-stable&id=a470294e6d6ca7059e41c54769b7c3c26ec901d4#n158
+ export LLVM_CONFIG="/usr/lib/llvm15/bin/llvm-config"; \
+# https://git.alpinelinux.org/aports/tree/community/postgresql12/APKBUILD?h=3.18-stable&id=a470294e6d6ca7059e41c54769b7c3c26ec901d4#n163
+ export CLANG=clang-15; \
+ \
+# configure options taken from:
+# https://anonscm.debian.org/cgit/pkg-postgresql/postgresql.git/tree/debian/rules?h=9.5
+ ./configure \
+ --enable-option-checking=fatal \
+ --build="$gnuArch" \
+# "/usr/src/postgresql/src/backend/access/common/tupconvert.c:105: undefined reference to `libintl_gettext'"
+# --enable-nls \
+ --enable-integer-datetimes \
+ --enable-thread-safety \
+ --enable-tap-tests \
+# skip debugging info -- we want tiny size instead
+# --enable-debug \
+ --disable-rpath \
+ --with-uuid=e2fs \
+ --with-gnu-ld \
+ --with-pgport=5432 \
+ --with-system-tzdata=/usr/share/zoneinfo \
+ --prefix=/usr/local \
+ --with-includes=/usr/local/include \
+ --with-libraries=/usr/local/lib \
+ --with-gssapi \
+ --with-ldap \
+ --with-tcl \
+ --with-perl \
+ --with-python \
+# --with-pam \
+ --with-openssl \
+ --with-libxml \
+ --with-libxslt \
+ --with-icu \
+ --with-llvm \
+ --with-lz4 \
+ --with-zstd \
+ ; \
+ make -j "$(nproc)" world; \
+ make install-world; \
+ make -C contrib install; \
+ \
+ runDeps="$( \
+ scanelf --needed --nobanner --format '%n#p' --recursive /usr/local \
+ | tr ',' '\n' \
+ | sort -u \
+ | awk 'system("[ -e /usr/local/lib/" $1 " ]") == 0 { next } { print "so:" $1 }' \
+# Remove plperl, plpython and pltcl dependencies by default to save image size
+# To use the pl extensions, those have to be installed in a derived image
+ | grep -v -e perl -e python -e tcl \
+ )"; \
+ apk add --no-cache --virtual .postgresql-rundeps \
+ $runDeps \
+ bash \
+ su-exec \
+ tzdata \
+ zstd \
+# https://wiki.alpinelinux.org/wiki/Release_Notes_for_Alpine_3.16.0#ICU_data_split
+ icu-data-full \
+# nss_wrapper is not availble on ppc64le: "test case segfaults in ppc64le"
+# https://git.alpinelinux.org/aports/commit/testing/nss_wrapper/APKBUILD?h=3.17-stable&id=94d81ceeb58cff448d489bbcbe9a6d40c9991663
+ $([ "$(apk --print-arch)" != 'ppc64le' ] && echo 'nss_wrapper') \
+ ; \
+ apk del --no-network .build-deps; \
+ cd /; \
+ rm -rf \
+ /usr/src/postgresql \
+ /usr/local/share/doc \
+ /usr/local/share/man \
+ ; \
+ \
+ postgres --version
+
+# make the sample config easier to munge (and "correct by default")
+RUN set -eux; \
+ cp -v /usr/local/share/postgresql/postgresql.conf.sample /usr/local/share/postgresql/postgresql.conf.sample.orig; \
+ sed -ri "s!^#?(listen_addresses)\s*=\s*\S+.*!\1 = '*'!" /usr/local/share/postgresql/postgresql.conf.sample; \
+ grep -F "listen_addresses = '*'" /usr/local/share/postgresql/postgresql.conf.sample
+
+RUN mkdir -p /var/run/postgresql && chown -R postgres:postgres /var/run/postgresql && chmod 3777 /var/run/postgresql
+
+ENV PGDATA /var/lib/postgresql/data
+# this 777 will be replaced by 700 at runtime (allows semi-arbitrary "--user" values)
+RUN mkdir -p "$PGDATA" && chown -R postgres:postgres "$PGDATA" && chmod 1777 "$PGDATA"
+VOLUME /var/lib/postgresql/data
+
+COPY docker-entrypoint.sh /usr/local/bin/
+ENTRYPOINT ["docker-entrypoint.sh"]
+
+# We set the default STOPSIGNAL to SIGINT, which corresponds to what PostgreSQL
+# calls "Fast Shutdown mode" wherein new connections are disallowed and any
+# in-progress transactions are aborted, allowing PostgreSQL to stop cleanly and
+# flush tables to disk, which is the best compromise available to avoid data
+# corruption.
+#
+# Users who know their applications do not keep open long-lived idle connections
+# may way to use a value of SIGTERM instead, which corresponds to "Smart
+# Shutdown mode" in which any existing sessions are allowed to finish and the
+# server stops when all sessions are terminated.
+#
+# See https://www.postgresql.org/docs/12/server-shutdown.html for more details
+# about available PostgreSQL server shutdown signals.
+#
+# See also https://www.postgresql.org/docs/12/server-start.html for further
+# justification of this as the default value, namely that the example (and
+# shipped) systemd service files use the "Fast Shutdown mode" for service
+# termination.
+#
+STOPSIGNAL SIGINT
+#
+# An additional setting that is recommended for all users regardless of this
+# value is the runtime "--stop-timeout" (or your orchestrator/runtime's
+# equivalent) for controlling how long to wait between sending the defined
+# STOPSIGNAL and sending SIGKILL (which is likely to cause data corruption).
+#
+# The default in most runtimes (such as Docker) is 10 seconds, and the
+# documentation at https://www.postgresql.org/docs/12/server-start.html notes
+# that even 90 seconds may not be long enough in many instances.
+
+EXPOSE 5432
+CMD ["postgres"]
diff --git a/15/alpine3.17/docker-entrypoint.sh b/15/alpine3.17/docker-entrypoint.sh
new file mode 100755
index 0000000000..a383a36487
--- /dev/null
+++ b/15/alpine3.17/docker-entrypoint.sh
@@ -0,0 +1,351 @@
+#!/usr/bin/env bash
+set -Eeo pipefail
+# TODO swap to -Eeuo pipefail above (after handling all potentially-unset variables)
+
+# usage: file_env VAR [DEFAULT]
+# ie: file_env 'XYZ_DB_PASSWORD' 'example'
+# (will allow for "$XYZ_DB_PASSWORD_FILE" to fill in the value of
+# "$XYZ_DB_PASSWORD" from a file, especially for Docker's secrets feature)
+file_env() {
+ local var="$1"
+ local fileVar="${var}_FILE"
+ local def="${2:-}"
+ if [ "${!var:-}" ] && [ "${!fileVar:-}" ]; then
+ printf >&2 'error: both %s and %s are set (but are exclusive)\n' "$var" "$fileVar"
+ exit 1
+ fi
+ local val="$def"
+ if [ "${!var:-}" ]; then
+ val="${!var}"
+ elif [ "${!fileVar:-}" ]; then
+ val="$(< "${!fileVar}")"
+ fi
+ export "$var"="$val"
+ unset "$fileVar"
+}
+
+# check to see if this file is being run or sourced from another script
+_is_sourced() {
+ # https://unix.stackexchange.com/a/215279
+ [ "${#FUNCNAME[@]}" -ge 2 ] \
+ && [ "${FUNCNAME[0]}" = '_is_sourced' ] \
+ && [ "${FUNCNAME[1]}" = 'source' ]
+}
+
+# used to create initial postgres directories and if run as root, ensure ownership to the "postgres" user
+docker_create_db_directories() {
+ local user; user="$(id -u)"
+
+ mkdir -p "$PGDATA"
+ # ignore failure since there are cases where we can't chmod (and PostgreSQL might fail later anyhow - it's picky about permissions of this directory)
+ chmod 00700 "$PGDATA" || :
+
+ # ignore failure since it will be fine when using the image provided directory; see also https://github.com/docker-library/postgres/pull/289
+ mkdir -p /var/run/postgresql || :
+ chmod 03775 /var/run/postgresql || :
+
+ # Create the transaction log directory before initdb is run so the directory is owned by the correct user
+ if [ -n "${POSTGRES_INITDB_WALDIR:-}" ]; then
+ mkdir -p "$POSTGRES_INITDB_WALDIR"
+ if [ "$user" = '0' ]; then
+ find "$POSTGRES_INITDB_WALDIR" \! -user postgres -exec chown postgres '{}' +
+ fi
+ chmod 700 "$POSTGRES_INITDB_WALDIR"
+ fi
+
+ # allow the container to be started with `--user`
+ if [ "$user" = '0' ]; then
+ find "$PGDATA" \! -user postgres -exec chown postgres '{}' +
+ find /var/run/postgresql \! -user postgres -exec chown postgres '{}' +
+ fi
+}
+
+# initialize empty PGDATA directory with new database via 'initdb'
+# arguments to `initdb` can be passed via POSTGRES_INITDB_ARGS or as arguments to this function
+# `initdb` automatically creates the "postgres", "template0", and "template1" dbnames
+# this is also where the database user is created, specified by `POSTGRES_USER` env
+docker_init_database_dir() {
+ # "initdb" is particular about the current user existing in "/etc/passwd", so we use "nss_wrapper" to fake that if necessary
+ # see https://github.com/docker-library/postgres/pull/253, https://github.com/docker-library/postgres/issues/359, https://cwrap.org/nss_wrapper.html
+ local uid; uid="$(id -u)"
+ if ! getent passwd "$uid" &> /dev/null; then
+ # see if we can find a suitable "libnss_wrapper.so" (https://salsa.debian.org/sssd-team/nss-wrapper/-/commit/b9925a653a54e24d09d9b498a2d913729f7abb15)
+ local wrapper
+ for wrapper in {/usr,}/lib{/*,}/libnss_wrapper.so; do
+ if [ -s "$wrapper" ]; then
+ NSS_WRAPPER_PASSWD="$(mktemp)"
+ NSS_WRAPPER_GROUP="$(mktemp)"
+ export LD_PRELOAD="$wrapper" NSS_WRAPPER_PASSWD NSS_WRAPPER_GROUP
+ local gid; gid="$(id -g)"
+ printf 'postgres:x:%s:%s:PostgreSQL:%s:/bin/false\n' "$uid" "$gid" "$PGDATA" > "$NSS_WRAPPER_PASSWD"
+ printf 'postgres:x:%s:\n' "$gid" > "$NSS_WRAPPER_GROUP"
+ break
+ fi
+ done
+ fi
+
+ if [ -n "${POSTGRES_INITDB_WALDIR:-}" ]; then
+ set -- --waldir "$POSTGRES_INITDB_WALDIR" "$@"
+ fi
+
+ # --pwfile refuses to handle a properly-empty file (hence the "\n"): https://github.com/docker-library/postgres/issues/1025
+ eval 'initdb --username="$POSTGRES_USER" --pwfile=<(printf "%s\n" "$POSTGRES_PASSWORD") '"$POSTGRES_INITDB_ARGS"' "$@"'
+
+ # unset/cleanup "nss_wrapper" bits
+ if [[ "${LD_PRELOAD:-}" == */libnss_wrapper.so ]]; then
+ rm -f "$NSS_WRAPPER_PASSWD" "$NSS_WRAPPER_GROUP"
+ unset LD_PRELOAD NSS_WRAPPER_PASSWD NSS_WRAPPER_GROUP
+ fi
+}
+
+# print large warning if POSTGRES_PASSWORD is long
+# error if both POSTGRES_PASSWORD is empty and POSTGRES_HOST_AUTH_METHOD is not 'trust'
+# print large warning if POSTGRES_HOST_AUTH_METHOD is set to 'trust'
+# assumes database is not set up, ie: [ -z "$DATABASE_ALREADY_EXISTS" ]
+docker_verify_minimum_env() {
+ # check password first so we can output the warning before postgres
+ # messes it up
+ if [ "${#POSTGRES_PASSWORD}" -ge 100 ]; then
+ cat >&2 <<-'EOWARN'
+
+ WARNING: The supplied POSTGRES_PASSWORD is 100+ characters.
+
+ This will not work if used via PGPASSWORD with "psql".
+
+ https://www.postgresql.org/message-id/flat/E1Rqxp2-0004Qt-PL%40wrigleys.postgresql.org (BUG #6412)
+ https://github.com/docker-library/postgres/issues/507
+
+ EOWARN
+ fi
+ if [ -z "$POSTGRES_PASSWORD" ] && [ 'trust' != "$POSTGRES_HOST_AUTH_METHOD" ]; then
+ # The - option suppresses leading tabs but *not* spaces. :)
+ cat >&2 <<-'EOE'
+ Error: Database is uninitialized and superuser password is not specified.
+ You must specify POSTGRES_PASSWORD to a non-empty value for the
+ superuser. For example, "-e POSTGRES_PASSWORD=password" on "docker run".
+
+ You may also use "POSTGRES_HOST_AUTH_METHOD=trust" to allow all
+ connections without a password. This is *not* recommended.
+
+ See PostgreSQL documentation about "trust":
+ https://www.postgresql.org/docs/current/auth-trust.html
+ EOE
+ exit 1
+ fi
+ if [ 'trust' = "$POSTGRES_HOST_AUTH_METHOD" ]; then
+ cat >&2 <<-'EOWARN'
+ ********************************************************************************
+ WARNING: POSTGRES_HOST_AUTH_METHOD has been set to "trust". This will allow
+ anyone with access to the Postgres port to access your database without
+ a password, even if POSTGRES_PASSWORD is set. See PostgreSQL
+ documentation about "trust":
+ https://www.postgresql.org/docs/current/auth-trust.html
+ In Docker's default configuration, this is effectively any other
+ container on the same system.
+
+ It is not recommended to use POSTGRES_HOST_AUTH_METHOD=trust. Replace
+ it with "-e POSTGRES_PASSWORD=password" instead to set a password in
+ "docker run".
+ ********************************************************************************
+ EOWARN
+ fi
+}
+
+# usage: docker_process_init_files [file [file [...]]]
+# ie: docker_process_init_files /always-initdb.d/*
+# process initializer files, based on file extensions and permissions
+docker_process_init_files() {
+ # psql here for backwards compatibility "${psql[@]}"
+ psql=( docker_process_sql )
+
+ printf '\n'
+ local f
+ for f; do
+ case "$f" in
+ *.sh)
+ # https://github.com/docker-library/postgres/issues/450#issuecomment-393167936
+ # https://github.com/docker-library/postgres/pull/452
+ if [ -x "$f" ]; then
+ printf '%s: running %s\n' "$0" "$f"
+ "$f"
+ else
+ printf '%s: sourcing %s\n' "$0" "$f"
+ . "$f"
+ fi
+ ;;
+ *.sql) printf '%s: running %s\n' "$0" "$f"; docker_process_sql -f "$f"; printf '\n' ;;
+ *.sql.gz) printf '%s: running %s\n' "$0" "$f"; gunzip -c "$f" | docker_process_sql; printf '\n' ;;
+ *.sql.xz) printf '%s: running %s\n' "$0" "$f"; xzcat "$f" | docker_process_sql; printf '\n' ;;
+ *.sql.zst) printf '%s: running %s\n' "$0" "$f"; zstd -dc "$f" | docker_process_sql; printf '\n' ;;
+ *) printf '%s: ignoring %s\n' "$0" "$f" ;;
+ esac
+ printf '\n'
+ done
+}
+
+# Execute sql script, passed via stdin (or -f flag of pqsl)
+# usage: docker_process_sql [psql-cli-args]
+# ie: docker_process_sql --dbname=mydb <<<'INSERT ...'
+# ie: docker_process_sql -f my-file.sql
+# ie: docker_process_sql <my-file.sql
+docker_process_sql() {
+ local query_runner=( psql -v ON_ERROR_STOP=1 --username "$POSTGRES_USER" --no-password --no-psqlrc )
+ if [ -n "$POSTGRES_DB" ]; then
+ query_runner+=( --dbname "$POSTGRES_DB" )
+ fi
+
+ PGHOST= PGHOSTADDR= "${query_runner[@]}" "$@"
+}
+
+# create initial database
+# uses environment variables for input: POSTGRES_DB
+docker_setup_db() {
+ local dbAlreadyExists
+ dbAlreadyExists="$(
+ POSTGRES_DB= docker_process_sql --dbname postgres --set db="$POSTGRES_DB" --tuples-only <<-'EOSQL'
+ SELECT 1 FROM pg_database WHERE datname = :'db' ;
+ EOSQL
+ )"
+ if [ -z "$dbAlreadyExists" ]; then
+ POSTGRES_DB= docker_process_sql --dbname postgres --set db="$POSTGRES_DB" <<-'EOSQL'
+ CREATE DATABASE :"db" ;
+ EOSQL
+ printf '\n'
+ fi
+}
+
+# Loads various settings that are used elsewhere in the script
+# This should be called before any other functions
+docker_setup_env() {
+ file_env 'POSTGRES_PASSWORD'
+
+ file_env 'POSTGRES_USER' 'postgres'
+ file_env 'POSTGRES_DB' "$POSTGRES_USER"
+ file_env 'POSTGRES_INITDB_ARGS'
+ : "${POSTGRES_HOST_AUTH_METHOD:=}"
+
+ declare -g DATABASE_ALREADY_EXISTS
+ # look specifically for PG_VERSION, as it is expected in the DB dir
+ if [ -s "$PGDATA/PG_VERSION" ]; then
+ DATABASE_ALREADY_EXISTS='true'
+ fi
+}
+
+# append POSTGRES_HOST_AUTH_METHOD to pg_hba.conf for "host" connections
+# all arguments will be passed along as arguments to `postgres` for getting the value of 'password_encryption'
+pg_setup_hba_conf() {
+ # default authentication method is md5 on versions before 14
+ # https://www.postgresql.org/about/news/postgresql-14-released-2318/
+ if [ "$1" = 'postgres' ]; then
+ shift
+ fi
+ local auth
+ # check the default/configured encryption and use that as the auth method
+ auth="$(postgres -C password_encryption "$@")"
+ : "${POSTGRES_HOST_AUTH_METHOD:=$auth}"
+ {
+ printf '\n'
+ if [ 'trust' = "$POSTGRES_HOST_AUTH_METHOD" ]; then
+ printf '# warning trust is enabled for all connections\n'
+ printf '# see https://www.postgresql.org/docs/12/auth-trust.html\n'
+ fi
+ printf 'host all all all %s\n' "$POSTGRES_HOST_AUTH_METHOD"
+ } >> "$PGDATA/pg_hba.conf"
+}
+
+# start socket-only postgresql server for setting up or running scripts
+# all arguments will be passed along as arguments to `postgres` (via pg_ctl)
+docker_temp_server_start() {
+ if [ "$1" = 'postgres' ]; then
+ shift
+ fi
+
+ # internal start of server in order to allow setup using psql client
+ # does not listen on external TCP/IP and waits until start finishes
+ set -- "$@" -c listen_addresses='' -p "${PGPORT:-5432}"
+
+ PGUSER="${PGUSER:-$POSTGRES_USER}" \
+ pg_ctl -D "$PGDATA" \
+ -o "$(printf '%q ' "$@")" \
+ -w start
+}
+
+# stop postgresql server after done setting up user and running scripts
+docker_temp_server_stop() {
+ PGUSER="${PGUSER:-postgres}" \
+ pg_ctl -D "$PGDATA" -m fast -w stop
+}
+
+# check arguments for an option that would cause postgres to stop
+# return true if there is one
+_pg_want_help() {
+ local arg
+ for arg; do
+ case "$arg" in
+ # postgres --help | grep 'then exit'
+ # leaving out -C on purpose since it always fails and is unhelpful:
+ # postgres: could not access the server configuration file "/var/lib/postgresql/data/postgresql.conf": No such file or directory
+ -'?'|--help|--describe-config|-V|--version)
+ return 0
+ ;;
+ esac
+ done
+ return 1
+}
+
+_main() {
+ # if first arg looks like a flag, assume we want to run postgres server
+ if [ "${1:0:1}" = '-' ]; then
+ set -- postgres "$@"
+ fi
+
+ if [ "$1" = 'postgres' ] && ! _pg_want_help "$@"; then
+ docker_setup_env
+ # setup data directories and permissions (when run as root)
+ docker_create_db_directories
+ if [ "$(id -u)" = '0' ]; then
+ # then restart script as postgres user
+ exec su-exec postgres "$BASH_SOURCE" "$@"
+ fi
+
+ # only run initialization on an empty data directory
+ if [ -z "$DATABASE_ALREADY_EXISTS" ]; then
+ docker_verify_minimum_env
+
+ # check dir permissions to reduce likelihood of half-initialized database
+ ls /docker-entrypoint-initdb.d/ > /dev/null
+
+ docker_init_database_dir
+ pg_setup_hba_conf "$@"
+
+ # PGPASSWORD is required for psql when authentication is required for 'local' connections via pg_hba.conf and is otherwise harmless
+ # e.g. when '--auth=md5' or '--auth-local=md5' is used in POSTGRES_INITDB_ARGS
+ export PGPASSWORD="${PGPASSWORD:-$POSTGRES_PASSWORD}"
+ docker_temp_server_start "$@"
+
+ docker_setup_db
+ docker_process_init_files /docker-entrypoint-initdb.d/*
+
+ docker_temp_server_stop
+ unset PGPASSWORD
+
+ cat <<-'EOM'
+
+ PostgreSQL init process complete; ready for start up.
+
+ EOM
+ else
+ cat <<-'EOM'
+
+ PostgreSQL Database directory appears to contain a database; Skipping initialization
+
+ EOM
+ fi
+ fi
+
+ exec "$@"
+}
+
+if ! _is_sourced; then
+ _main "$@"
+fi
diff --git a/15/alpine/Dockerfile b/15/alpine3.18/Dockerfile
similarity index 100%
rename from 15/alpine/Dockerfile
rename to 15/alpine3.18/Dockerfile
diff --git a/15/alpine3.18/docker-entrypoint.sh b/15/alpine3.18/docker-entrypoint.sh
new file mode 100755
index 0000000000..a383a36487
--- /dev/null
+++ b/15/alpine3.18/docker-entrypoint.sh
@@ -0,0 +1,351 @@
+#!/usr/bin/env bash
+set -Eeo pipefail
+# TODO swap to -Eeuo pipefail above (after handling all potentially-unset variables)
+
+# usage: file_env VAR [DEFAULT]
+# ie: file_env 'XYZ_DB_PASSWORD' 'example'
+# (will allow for "$XYZ_DB_PASSWORD_FILE" to fill in the value of
+# "$XYZ_DB_PASSWORD" from a file, especially for Docker's secrets feature)
+file_env() {
+ local var="$1"
+ local fileVar="${var}_FILE"
+ local def="${2:-}"
+ if [ "${!var:-}" ] && [ "${!fileVar:-}" ]; then
+ printf >&2 'error: both %s and %s are set (but are exclusive)\n' "$var" "$fileVar"
+ exit 1
+ fi
+ local val="$def"
+ if [ "${!var:-}" ]; then
+ val="${!var}"
+ elif [ "${!fileVar:-}" ]; then
+ val="$(< "${!fileVar}")"
+ fi
+ export "$var"="$val"
+ unset "$fileVar"
+}
+
+# check to see if this file is being run or sourced from another script
+_is_sourced() {
+ # https://unix.stackexchange.com/a/215279
+ [ "${#FUNCNAME[@]}" -ge 2 ] \
+ && [ "${FUNCNAME[0]}" = '_is_sourced' ] \
+ && [ "${FUNCNAME[1]}" = 'source' ]
+}
+
+# used to create initial postgres directories and if run as root, ensure ownership to the "postgres" user
+docker_create_db_directories() {
+ local user; user="$(id -u)"
+
+ mkdir -p "$PGDATA"
+ # ignore failure since there are cases where we can't chmod (and PostgreSQL might fail later anyhow - it's picky about permissions of this directory)
+ chmod 00700 "$PGDATA" || :
+
+ # ignore failure since it will be fine when using the image provided directory; see also https://github.com/docker-library/postgres/pull/289
+ mkdir -p /var/run/postgresql || :
+ chmod 03775 /var/run/postgresql || :
+
+ # Create the transaction log directory before initdb is run so the directory is owned by the correct user
+ if [ -n "${POSTGRES_INITDB_WALDIR:-}" ]; then
+ mkdir -p "$POSTGRES_INITDB_WALDIR"
+ if [ "$user" = '0' ]; then
+ find "$POSTGRES_INITDB_WALDIR" \! -user postgres -exec chown postgres '{}' +
+ fi
+ chmod 700 "$POSTGRES_INITDB_WALDIR"
+ fi
+
+ # allow the container to be started with `--user`
+ if [ "$user" = '0' ]; then
+ find "$PGDATA" \! -user postgres -exec chown postgres '{}' +
+ find /var/run/postgresql \! -user postgres -exec chown postgres '{}' +
+ fi
+}
+
+# initialize empty PGDATA directory with new database via 'initdb'
+# arguments to `initdb` can be passed via POSTGRES_INITDB_ARGS or as arguments to this function
+# `initdb` automatically creates the "postgres", "template0", and "template1" dbnames
+# this is also where the database user is created, specified by `POSTGRES_USER` env
+docker_init_database_dir() {
+ # "initdb" is particular about the current user existing in "/etc/passwd", so we use "nss_wrapper" to fake that if necessary
+ # see https://github.com/docker-library/postgres/pull/253, https://github.com/docker-library/postgres/issues/359, https://cwrap.org/nss_wrapper.html
+ local uid; uid="$(id -u)"
+ if ! getent passwd "$uid" &> /dev/null; then
+ # see if we can find a suitable "libnss_wrapper.so" (https://salsa.debian.org/sssd-team/nss-wrapper/-/commit/b9925a653a54e24d09d9b498a2d913729f7abb15)
+ local wrapper
+ for wrapper in {/usr,}/lib{/*,}/libnss_wrapper.so; do
+ if [ -s "$wrapper" ]; then
+ NSS_WRAPPER_PASSWD="$(mktemp)"
+ NSS_WRAPPER_GROUP="$(mktemp)"
+ export LD_PRELOAD="$wrapper" NSS_WRAPPER_PASSWD NSS_WRAPPER_GROUP
+ local gid; gid="$(id -g)"
+ printf 'postgres:x:%s:%s:PostgreSQL:%s:/bin/false\n' "$uid" "$gid" "$PGDATA" > "$NSS_WRAPPER_PASSWD"
+ printf 'postgres:x:%s:\n' "$gid" > "$NSS_WRAPPER_GROUP"
+ break
+ fi
+ done
+ fi
+
+ if [ -n "${POSTGRES_INITDB_WALDIR:-}" ]; then
+ set -- --waldir "$POSTGRES_INITDB_WALDIR" "$@"
+ fi
+
+ # --pwfile refuses to handle a properly-empty file (hence the "\n"): https://github.com/docker-library/postgres/issues/1025
+ eval 'initdb --username="$POSTGRES_USER" --pwfile=<(printf "%s\n" "$POSTGRES_PASSWORD") '"$POSTGRES_INITDB_ARGS"' "$@"'
+
+ # unset/cleanup "nss_wrapper" bits
+ if [[ "${LD_PRELOAD:-}" == */libnss_wrapper.so ]]; then
+ rm -f "$NSS_WRAPPER_PASSWD" "$NSS_WRAPPER_GROUP"
+ unset LD_PRELOAD NSS_WRAPPER_PASSWD NSS_WRAPPER_GROUP
+ fi
+}
+
+# print large warning if POSTGRES_PASSWORD is long
+# error if both POSTGRES_PASSWORD is empty and POSTGRES_HOST_AUTH_METHOD is not 'trust'
+# print large warning if POSTGRES_HOST_AUTH_METHOD is set to 'trust'
+# assumes database is not set up, ie: [ -z "$DATABASE_ALREADY_EXISTS" ]
+docker_verify_minimum_env() {
+ # check password first so we can output the warning before postgres
+ # messes it up
+ if [ "${#POSTGRES_PASSWORD}" -ge 100 ]; then
+ cat >&2 <<-'EOWARN'
+
+ WARNING: The supplied POSTGRES_PASSWORD is 100+ characters.
+
+ This will not work if used via PGPASSWORD with "psql".
+
+ https://www.postgresql.org/message-id/flat/E1Rqxp2-0004Qt-PL%40wrigleys.postgresql.org (BUG #6412)
+ https://github.com/docker-library/postgres/issues/507
+
+ EOWARN
+ fi
+ if [ -z "$POSTGRES_PASSWORD" ] && [ 'trust' != "$POSTGRES_HOST_AUTH_METHOD" ]; then
+ # The - option suppresses leading tabs but *not* spaces. :)
+ cat >&2 <<-'EOE'
+ Error: Database is uninitialized and superuser password is not specified.
+ You must specify POSTGRES_PASSWORD to a non-empty value for the
+ superuser. For example, "-e POSTGRES_PASSWORD=password" on "docker run".
+
+ You may also use "POSTGRES_HOST_AUTH_METHOD=trust" to allow all
+ connections without a password. This is *not* recommended.
+
+ See PostgreSQL documentation about "trust":
+ https://www.postgresql.org/docs/current/auth-trust.html
+ EOE
+ exit 1
+ fi
+ if [ 'trust' = "$POSTGRES_HOST_AUTH_METHOD" ]; then
+ cat >&2 <<-'EOWARN'
+ ********************************************************************************
+ WARNING: POSTGRES_HOST_AUTH_METHOD has been set to "trust". This will allow
+ anyone with access to the Postgres port to access your database without
+ a password, even if POSTGRES_PASSWORD is set. See PostgreSQL
+ documentation about "trust":
+ https://www.postgresql.org/docs/current/auth-trust.html
+ In Docker's default configuration, this is effectively any other
+ container on the same system.
+
+ It is not recommended to use POSTGRES_HOST_AUTH_METHOD=trust. Replace
+ it with "-e POSTGRES_PASSWORD=password" instead to set a password in
+ "docker run".
+ ********************************************************************************
+ EOWARN
+ fi
+}
+
+# usage: docker_process_init_files [file [file [...]]]
+# ie: docker_process_init_files /always-initdb.d/*
+# process initializer files, based on file extensions and permissions
+docker_process_init_files() {
+ # psql here for backwards compatibility "${psql[@]}"
+ psql=( docker_process_sql )
+
+ printf '\n'
+ local f
+ for f; do
+ case "$f" in
+ *.sh)
+ # https://github.com/docker-library/postgres/issues/450#issuecomment-393167936
+ # https://github.com/docker-library/postgres/pull/452
+ if [ -x "$f" ]; then
+ printf '%s: running %s\n' "$0" "$f"
+ "$f"
+ else
+ printf '%s: sourcing %s\n' "$0" "$f"
+ . "$f"
+ fi
+ ;;
+ *.sql) printf '%s: running %s\n' "$0" "$f"; docker_process_sql -f "$f"; printf '\n' ;;
+ *.sql.gz) printf '%s: running %s\n' "$0" "$f"; gunzip -c "$f" | docker_process_sql; printf '\n' ;;
+ *.sql.xz) printf '%s: running %s\n' "$0" "$f"; xzcat "$f" | docker_process_sql; printf '\n' ;;
+ *.sql.zst) printf '%s: running %s\n' "$0" "$f"; zstd -dc "$f" | docker_process_sql; printf '\n' ;;
+ *) printf '%s: ignoring %s\n' "$0" "$f" ;;
+ esac
+ printf '\n'
+ done
+}
+
+# Execute sql script, passed via stdin (or -f flag of pqsl)
+# usage: docker_process_sql [psql-cli-args]
+# ie: docker_process_sql --dbname=mydb <<<'INSERT ...'
+# ie: docker_process_sql -f my-file.sql
+# ie: docker_process_sql <my-file.sql
+docker_process_sql() {
+ local query_runner=( psql -v ON_ERROR_STOP=1 --username "$POSTGRES_USER" --no-password --no-psqlrc )
+ if [ -n "$POSTGRES_DB" ]; then
+ query_runner+=( --dbname "$POSTGRES_DB" )
+ fi
+
+ PGHOST= PGHOSTADDR= "${query_runner[@]}" "$@"
+}
+
+# create initial database
+# uses environment variables for input: POSTGRES_DB
+docker_setup_db() {
+ local dbAlreadyExists
+ dbAlreadyExists="$(
+ POSTGRES_DB= docker_process_sql --dbname postgres --set db="$POSTGRES_DB" --tuples-only <<-'EOSQL'
+ SELECT 1 FROM pg_database WHERE datname = :'db' ;
+ EOSQL
+ )"
+ if [ -z "$dbAlreadyExists" ]; then
+ POSTGRES_DB= docker_process_sql --dbname postgres --set db="$POSTGRES_DB" <<-'EOSQL'
+ CREATE DATABASE :"db" ;
+ EOSQL
+ printf '\n'
+ fi
+}
+
+# Loads various settings that are used elsewhere in the script
+# This should be called before any other functions
+docker_setup_env() {
+ file_env 'POSTGRES_PASSWORD'
+
+ file_env 'POSTGRES_USER' 'postgres'
+ file_env 'POSTGRES_DB' "$POSTGRES_USER"
+ file_env 'POSTGRES_INITDB_ARGS'
+ : "${POSTGRES_HOST_AUTH_METHOD:=}"
+
+ declare -g DATABASE_ALREADY_EXISTS
+ # look specifically for PG_VERSION, as it is expected in the DB dir
+ if [ -s "$PGDATA/PG_VERSION" ]; then
+ DATABASE_ALREADY_EXISTS='true'
+ fi
+}
+
+# append POSTGRES_HOST_AUTH_METHOD to pg_hba.conf for "host" connections
+# all arguments will be passed along as arguments to `postgres` for getting the value of 'password_encryption'
+pg_setup_hba_conf() {
+ # default authentication method is md5 on versions before 14
+ # https://www.postgresql.org/about/news/postgresql-14-released-2318/
+ if [ "$1" = 'postgres' ]; then
+ shift
+ fi
+ local auth
+ # check the default/configured encryption and use that as the auth method
+ auth="$(postgres -C password_encryption "$@")"
+ : "${POSTGRES_HOST_AUTH_METHOD:=$auth}"
+ {
+ printf '\n'
+ if [ 'trust' = "$POSTGRES_HOST_AUTH_METHOD" ]; then
+ printf '# warning trust is enabled for all connections\n'
+ printf '# see https://www.postgresql.org/docs/12/auth-trust.html\n'
+ fi
+ printf 'host all all all %s\n' "$POSTGRES_HOST_AUTH_METHOD"
+ } >> "$PGDATA/pg_hba.conf"
+}
+
+# start socket-only postgresql server for setting up or running scripts
+# all arguments will be passed along as arguments to `postgres` (via pg_ctl)
+docker_temp_server_start() {
+ if [ "$1" = 'postgres' ]; then
+ shift
+ fi
+
+ # internal start of server in order to allow setup using psql client
+ # does not listen on external TCP/IP and waits until start finishes
+ set -- "$@" -c listen_addresses='' -p "${PGPORT:-5432}"
+
+ PGUSER="${PGUSER:-$POSTGRES_USER}" \
+ pg_ctl -D "$PGDATA" \
+ -o "$(printf '%q ' "$@")" \
+ -w start
+}
+
+# stop postgresql server after done setting up user and running scripts
+docker_temp_server_stop() {
+ PGUSER="${PGUSER:-postgres}" \
+ pg_ctl -D "$PGDATA" -m fast -w stop
+}
+
+# check arguments for an option that would cause postgres to stop
+# return true if there is one
+_pg_want_help() {
+ local arg
+ for arg; do
+ case "$arg" in
+ # postgres --help | grep 'then exit'
+ # leaving out -C on purpose since it always fails and is unhelpful:
+ # postgres: could not access the server configuration file "/var/lib/postgresql/data/postgresql.conf": No such file or directory
+ -'?'|--help|--describe-config|-V|--version)
+ return 0
+ ;;
+ esac
+ done
+ return 1
+}
+
+_main() {
+ # if first arg looks like a flag, assume we want to run postgres server
+ if [ "${1:0:1}" = '-' ]; then
+ set -- postgres "$@"
+ fi
+
+ if [ "$1" = 'postgres' ] && ! _pg_want_help "$@"; then
+ docker_setup_env
+ # setup data directories and permissions (when run as root)
+ docker_create_db_directories
+ if [ "$(id -u)" = '0' ]; then
+ # then restart script as postgres user
+ exec su-exec postgres "$BASH_SOURCE" "$@"
+ fi
+
+ # only run initialization on an empty data directory
+ if [ -z "$DATABASE_ALREADY_EXISTS" ]; then
+ docker_verify_minimum_env
+
+ # check dir permissions to reduce likelihood of half-initialized database
+ ls /docker-entrypoint-initdb.d/ > /dev/null
+
+ docker_init_database_dir
+ pg_setup_hba_conf "$@"
+
+ # PGPASSWORD is required for psql when authentication is required for 'local' connections via pg_hba.conf and is otherwise harmless
+ # e.g. when '--auth=md5' or '--auth-local=md5' is used in POSTGRES_INITDB_ARGS
+ export PGPASSWORD="${PGPASSWORD:-$POSTGRES_PASSWORD}"
+ docker_temp_server_start "$@"
+
+ docker_setup_db
+ docker_process_init_files /docker-entrypoint-initdb.d/*
+
+ docker_temp_server_stop
+ unset PGPASSWORD
+
+ cat <<-'EOM'
+
+ PostgreSQL init process complete; ready for start up.
+
+ EOM
+ else
+ cat <<-'EOM'
+
+ PostgreSQL Database directory appears to contain a database; Skipping initialization
+
+ EOM
+ fi
+ fi
+
+ exec "$@"
+}
+
+if ! _is_sourced; then
+ _main "$@"
+fi
diff --git a/Dockerfile-alpine.template b/Dockerfile-alpine.template
index 90a4e40d91..aacb2b1d07 100644
--- a/Dockerfile-alpine.template
+++ b/Dockerfile-alpine.template
@@ -1,4 +1,4 @@
-FROM alpine:{{ .alpine }}
+FROM alpine:{{ env.variant | ltrimstr("alpine") }}
# 70 is the standard uid/gid for "postgres" in Alpine
# https://git.alpinelinux.org/aports/tree/main/postgresql/postgresql.pre-install?h=3.12-stable
diff --git a/apply-templates.sh b/apply-templates.sh
index b4c1a33d7f..31eb541934 100755
--- a/apply-templates.sh
+++ b/apply-templates.sh
@@ -34,7 +34,7 @@ for version; do
major="$(jq -r '.[env.version].major' versions.json)"
- variants="$(jq -r '.[env.version].debianSuites + ["alpine"] | map(@sh) | join(" ")' versions.json)"
+ variants="$(jq -r '.[env.version].variants | map(@sh) | join(" ")' versions.json)"
eval "variants=( $variants )"
rm -rf "$version"
@@ -47,19 +47,21 @@ for version; do
echo "processing $dir ..."
- if [ "$variant" = 'alpine' ]; then
- template='Dockerfile-alpine.template'
- else
- template='Dockerfile-debian.template'
- fi
+ cp -a docker-entrypoint.sh "$dir/"
+
+ case "$variant" in
+ alpine*)
+ template='Dockerfile-alpine.template'
+ sed -i -e 's/gosu/su-exec/g' "$dir/docker-entrypoint.sh"
+ ;;
+ *)
+ template='Dockerfile-debian.template'
+ ;;
+ esac
+
{
generated_warning
gawk -f "$jqt" "$template"
} > "$dir/Dockerfile"
-
- cp -a docker-entrypoint.sh "$dir/"
- if [ "$variant" = 'alpine' ]; then
- sed -i -e 's/gosu/su-exec/g' "$dir/docker-entrypoint.sh"
- fi
done
done
diff --git a/generate-stackbrew-library.sh b/generate-stackbrew-library.sh
index cef5d3534f..b977cc6561 100755
--- a/generate-stackbrew-library.sh
+++ b/generate-stackbrew-library.sh
@@ -76,9 +76,10 @@ join() {
for version; do
export version
- variants="$(jq -r '.[env.version].debianSuites + ["alpine"] | map(@sh) | join(" ")' versions.json)"
+ variants="$(jq -r '.[env.version].variants | map(@sh) | join(" ")' versions.json)"
eval "variants=( $variants )"
+ alpine="$(jq -r '.[env.version].alpine' versions.json)"
debian="$(jq -r '.[env.version].debian' versions.json)"
fullVersion="$(jq -r '.[env.version].version' versions.json)"
@@ -115,9 +116,8 @@ for version; do
"${variantAliases[@]}"
)
;;
- alpine)
- alpine="alpine${parent#*:}"
- variantAliases+=( "${versionAliases[@]/%/-$alpine}" )
+ alpine"$alpine")
+ variantAliases+=( "${versionAliases[@]/%/-alpine}" )
variantAliases=( "${variantAliases[@]//latest-/}" )
;;
esac
diff --git a/versions.json b/versions.json
index 0125a3470e..ae4a3cdb4e 100644
--- a/versions.json
+++ b/versions.json
@@ -11,11 +11,13 @@
"version": "11.20-1.pgdg110+1"
},
"debian": "",
- "debianSuites": [
- "bullseye"
- ],
"major": 11,
"sha256": "3d7c8882f64a7e98534a044257dfee7abad77a5b7da12508d85d722b98b5acce",
+ "variants": [
+ "bullseye",
+ "alpine3.18",
+ "alpine3.17"
+ ],
"version": "11.20"
},
"12": {
@@ -30,11 +32,13 @@
"version": "12.15-1.pgdg110+1"
},
"debian": "bullseye",
- "debianSuites": [
- "bullseye"
- ],
"major": 12,
"sha256": "bb5206e2864c1c4579938b96ea6096d155f22abf2d2cc2aa57571e3c4cb12b36",
+ "variants": [
+ "bullseye",
+ "alpine3.18",
+ "alpine3.17"
+ ],
"version": "12.15"
},
"13": {
@@ -49,11 +53,13 @@
"version": "13.11-1.pgdg110+1"
},
"debian": "bullseye",
- "debianSuites": [
- "bullseye"
- ],
"major": 13,
"sha256": "4992ff647203566b670d4e54dc5317499a26856c93576d0ea951bdf6bee50bfb",
+ "variants": [
+ "bullseye",
+ "alpine3.18",
+ "alpine3.17"
+ ],
"version": "13.11"
},
"14": {
@@ -68,11 +74,13 @@
"version": "14.8-1.pgdg110+1"
},
"debian": "bullseye",
- "debianSuites": [
- "bullseye"
- ],
"major": 14,
"sha256": "39d38f0030737ed03835debeefee3b37d335462ce4995e2497bc38d621ebe45a",
+ "variants": [
+ "bullseye",
+ "alpine3.18",
+ "alpine3.17"
+ ],
"version": "14.8"
},
"15": {
@@ -87,11 +95,13 @@
"version": "15.3-1.pgdg110+1"
},
"debian": "bullseye",
- "debianSuites": [
- "bullseye"
- ],
"major": 15,
"sha256": "ffc7d4891f00ffbf5c3f4eab7fbbced8460b8c0ee63c5a5167133b9e6599d932",
+ "variants": [
+ "bullseye",
+ "alpine3.18",
+ "alpine3.17"
+ ],
"version": "15.3"
}
}
diff --git a/versions.sh b/versions.sh
index ff29867cfb..90641fa88a 100755
--- a/versions.sh
+++ b/versions.sh
@@ -1,15 +1,19 @@
#!/usr/bin/env bash
set -Eeuo pipefail
-# https://github.com/docker-library/postgres/issues/582 😬
-defaultDebianSuite='bullseye'
-declare -A debianSuites=(
- [11]=''
-)
-allDebianSuites=(
+# we will support at most two entries in each of these lists, and both should be in descending order
+supportedDebianSuites=(
bullseye
)
-defaultAlpineVersion='3.18'
+supportedAlpineVersions=(
+ 3.18
+ 3.17
+)
+defaultDebianSuite="${supportedDebianSuites[0]}"
+declare -A debianSuites=(
+ [11]='' # https://github.com/docker-library/postgres/issues/582 😬
+)
+defaultAlpineVersion="${supportedAlpineVersions[0]}"
declare -A alpineVersions=(
#[14]='3.16'
)
@@ -35,6 +39,8 @@ _raw_package_list() {
curl -fsSL "$packagesBase/$suite-pgdg/$component/binary-$arch/Packages.bz2" | bunzip2
}
fetch_suite_package_list() {
+ local -; set +x # make sure running with "set -x" doesn't spam the terminal with the raw package lists
+
local suite="$1"; shift
local version="$1"; shift
local arch="$1"; shift
@@ -82,24 +88,20 @@ for version in "${versions[@]}"; do
debian: env.versionDebianSuite,
}')"
- versionDebianSuites=()
- for suite in "${allDebianSuites[@]}"; do
- versionDebianSuites+=( "$suite" )
- done
-
fullVersion=
- for suite in "${versionDebianSuites[@]}"; do
+ for suite in "${supportedDebianSuites[@]}"; do
fetch_suite_package_list "$suite" "$version" 'amd64'
- suiteVersion="$(awk_package_list "$suite" "$version" 'amd64' '
+ suiteVersions="$(awk_package_list "$suite" "$version" 'amd64' '
$1 == "Package" { pkg = $2 }
- $1 == "Version" && pkg == "postgresql-" version { print $2; exit }
- ')"
- srcVersion="${suiteVersion%%-*}"
+ $1 == "Version" && pkg == "postgresql-" version { print $2 }
+ ' | sort -V)"
+ suiteVersion="$(tail -1 <<<"$suiteVersions")" # "15~beta4-1.pgdg110+1"
+ srcVersion="${suiteVersion%%-*}" # "15~beta4"
tilde='~'
- srcVersion="${srcVersion//$tilde/}"
+ srcVersion="${srcVersion//$tilde/}" # "15beta4"
[ -n "$fullVersion" ] || fullVersion="$srcVersion"
if [ "$fullVersion" != "$srcVersion" ]; then
- echo >&2 "warning: $version should be '$fullVersion' but $suite is '$srcVersion'"
+ echo >&2 "warning: $version should be '$fullVersion' but $suite has '$srcVersion' ($suiteVersion)"
continue
fi
@@ -122,7 +124,13 @@ for version in "${versions[@]}"; do
version: env.suiteVersion,
arches: $arches,
}
- | .debianSuites += [ env.suite ]
+ | .variants += [ env.suite ]
+ ')"
+ done
+
+ for alpineVersion in "${supportedAlpineVersions[@]}"; do
+ doc="$(jq <<<"$doc" -c --arg v "$alpineVersion" '
+ .variants += [ "alpine" + $v ]
')"
done
From 4fe55381bab76d0d39195f84e00cfdd0759e65c0 Mon Sep 17 00:00:00 2001
From: Joseph Ferguson <yosifkit@gmail.com>
Date: Tue, 30 May 2023 14:40:50 -0700
Subject: [PATCH 014/115] Add postgres 16 beta1
---
16/alpine3.17/Dockerfile | 209 +++++++++++++++++
16/alpine3.17/docker-entrypoint.sh | 351 +++++++++++++++++++++++++++++
16/alpine3.18/Dockerfile | 209 +++++++++++++++++
16/alpine3.18/docker-entrypoint.sh | 351 +++++++++++++++++++++++++++++
16/bullseye/Dockerfile | 219 ++++++++++++++++++
16/bullseye/docker-entrypoint.sh | 351 +++++++++++++++++++++++++++++
Dockerfile-alpine.template | 4 +
versions.json | 21 ++
8 files changed, 1715 insertions(+)
create mode 100644 16/alpine3.17/Dockerfile
create mode 100755 16/alpine3.17/docker-entrypoint.sh
create mode 100644 16/alpine3.18/Dockerfile
create mode 100755 16/alpine3.18/docker-entrypoint.sh
create mode 100644 16/bullseye/Dockerfile
create mode 100755 16/bullseye/docker-entrypoint.sh
diff --git a/16/alpine3.17/Dockerfile b/16/alpine3.17/Dockerfile
new file mode 100644
index 0000000000..4e40b1427a
--- /dev/null
+++ b/16/alpine3.17/Dockerfile
@@ -0,0 +1,209 @@
+#
+# NOTE: THIS DOCKERFILE IS GENERATED VIA "apply-templates.sh"
+#
+# PLEASE DO NOT EDIT IT DIRECTLY.
+#
+
+FROM alpine:3.17
+
+# 70 is the standard uid/gid for "postgres" in Alpine
+# https://git.alpinelinux.org/aports/tree/main/postgresql/postgresql.pre-install?h=3.12-stable
+RUN set -eux; \
+ addgroup -g 70 -S postgres; \
+ adduser -u 70 -S -D -G postgres -H -h /var/lib/postgresql -s /bin/sh postgres; \
+ mkdir -p /var/lib/postgresql; \
+ chown -R postgres:postgres /var/lib/postgresql
+
+# su-exec (gosu-compatible) is installed further down
+
+# make the "en_US.UTF-8" locale so postgres will be utf-8 enabled by default
+# alpine doesn't require explicit locale-file generation
+ENV LANG en_US.utf8
+
+RUN mkdir /docker-entrypoint-initdb.d
+
+ENV PG_MAJOR 16
+ENV PG_VERSION 16beta1
+ENV PG_SHA256 59e248d434aa515fa2d31c0d161c4148f30d511dcde91f6e888684823b6849a8
+
+ENV DOCKER_PG_LLVM_DEPS \
+ llvm15-dev \
+ clang15
+
+RUN set -eux; \
+ \
+ wget -O postgresql.tar.bz2 "https://ftp.postgresql.org/pub/source/v$PG_VERSION/postgresql-$PG_VERSION.tar.bz2"; \
+ echo "$PG_SHA256 *postgresql.tar.bz2" | sha256sum -c -; \
+ mkdir -p /usr/src/postgresql; \
+ tar \
+ --extract \
+ --file postgresql.tar.bz2 \
+ --directory /usr/src/postgresql \
+ --strip-components 1 \
+ ; \
+ rm postgresql.tar.bz2; \
+ \
+ apk add --no-cache --virtual .build-deps \
+ $DOCKER_PG_LLVM_DEPS \
+ bison \
+ coreutils \
+ dpkg-dev dpkg \
+ flex \
+ g++ \
+ gcc \
+ krb5-dev \
+ libc-dev \
+ libedit-dev \
+ libxml2-dev \
+ libxslt-dev \
+ linux-headers \
+ make \
+ openldap-dev \
+ openssl-dev \
+ perl-dev \
+ perl-ipc-run \
+ perl-utils \
+ python3-dev \
+ tcl-dev \
+ util-linux-dev \
+ zlib-dev \
+# https://www.postgresql.org/docs/10/static/release-10.html#id-1.11.6.9.5.13
+ icu-dev \
+# https://www.postgresql.org/docs/14/release-14.html#id-1.11.6.5.5.3.7
+ lz4-dev \
+# https://www.postgresql.org/docs/15/release-15.html "--with-zstd to enable Zstandard builds"
+ zstd-dev \
+ ; \
+ \
+ cd /usr/src/postgresql; \
+# update "DEFAULT_PGSOCKET_DIR" to "/var/run/postgresql" (matching Debian)
+# see https://anonscm.debian.org/git/pkg-postgresql/postgresql.git/tree/debian/patches/51-default-sockets-in-var.patch?id=8b539fcb3e093a521c095e70bdfa76887217b89f
+ awk '$1 == "#define" && $2 == "DEFAULT_PGSOCKET_DIR" && $3 == "\"/tmp\"" { $3 = "\"/var/run/postgresql\""; print; next } { print }' src/include/pg_config_manual.h > src/include/pg_config_manual.h.new; \
+ grep '/var/run/postgresql' src/include/pg_config_manual.h.new; \
+ mv src/include/pg_config_manual.h.new src/include/pg_config_manual.h; \
+ gnuArch="$(dpkg-architecture --query DEB_BUILD_GNU_TYPE)"; \
+# explicitly update autoconf config.guess and config.sub so they support more arches/libcs
+ wget -O config/config.guess 'https://git.savannah.gnu.org/cgit/config.git/plain/config.guess?id=7d3d27baf8107b630586c962c057e22149653deb'; \
+ wget -O config/config.sub 'https://git.savannah.gnu.org/cgit/config.git/plain/config.sub?id=7d3d27baf8107b630586c962c057e22149653deb'; \
+ \
+# https://git.alpinelinux.org/aports/tree/community/postgresql12/APKBUILD?h=3.18-stable&id=a470294e6d6ca7059e41c54769b7c3c26ec901d4#n158
+ export LLVM_CONFIG="/usr/lib/llvm15/bin/llvm-config"; \
+# https://git.alpinelinux.org/aports/tree/community/postgresql12/APKBUILD?h=3.18-stable&id=a470294e6d6ca7059e41c54769b7c3c26ec901d4#n163
+ export CLANG=clang-15; \
+ \
+# configure options taken from:
+# https://anonscm.debian.org/cgit/pkg-postgresql/postgresql.git/tree/debian/rules?h=9.5
+ ./configure \
+ --enable-option-checking=fatal \
+ --build="$gnuArch" \
+# "/usr/src/postgresql/src/backend/access/common/tupconvert.c:105: undefined reference to `libintl_gettext'"
+# --enable-nls \
+ --enable-integer-datetimes \
+ --enable-thread-safety \
+ --enable-tap-tests \
+# skip debugging info -- we want tiny size instead
+# --enable-debug \
+ --disable-rpath \
+ --with-uuid=e2fs \
+ --with-pgport=5432 \
+ --with-system-tzdata=/usr/share/zoneinfo \
+ --prefix=/usr/local \
+ --with-includes=/usr/local/include \
+ --with-libraries=/usr/local/lib \
+ --with-gssapi \
+ --with-ldap \
+ --with-tcl \
+ --with-perl \
+ --with-python \
+# --with-pam \
+ --with-openssl \
+ --with-libxml \
+ --with-libxslt \
+ --with-icu \
+ --with-llvm \
+ --with-lz4 \
+ --with-zstd \
+ ; \
+ make -j "$(nproc)" world; \
+ make install-world; \
+ make -C contrib install; \
+ \
+ runDeps="$( \
+ scanelf --needed --nobanner --format '%n#p' --recursive /usr/local \
+ | tr ',' '\n' \
+ | sort -u \
+ | awk 'system("[ -e /usr/local/lib/" $1 " ]") == 0 { next } { print "so:" $1 }' \
+# Remove plperl, plpython and pltcl dependencies by default to save image size
+# To use the pl extensions, those have to be installed in a derived image
+ | grep -v -e perl -e python -e tcl \
+ )"; \
+ apk add --no-cache --virtual .postgresql-rundeps \
+ $runDeps \
+ bash \
+ su-exec \
+ tzdata \
+ zstd \
+# https://wiki.alpinelinux.org/wiki/Release_Notes_for_Alpine_3.16.0#ICU_data_split
+ icu-data-full \
+# nss_wrapper is not availble on ppc64le: "test case segfaults in ppc64le"
+# https://git.alpinelinux.org/aports/commit/testing/nss_wrapper/APKBUILD?h=3.17-stable&id=94d81ceeb58cff448d489bbcbe9a6d40c9991663
+ $([ "$(apk --print-arch)" != 'ppc64le' ] && echo 'nss_wrapper') \
+ ; \
+ apk del --no-network .build-deps; \
+ cd /; \
+ rm -rf \
+ /usr/src/postgresql \
+ /usr/local/share/doc \
+ /usr/local/share/man \
+ ; \
+ \
+ postgres --version
+
+# make the sample config easier to munge (and "correct by default")
+RUN set -eux; \
+ cp -v /usr/local/share/postgresql/postgresql.conf.sample /usr/local/share/postgresql/postgresql.conf.sample.orig; \
+ sed -ri "s!^#?(listen_addresses)\s*=\s*\S+.*!\1 = '*'!" /usr/local/share/postgresql/postgresql.conf.sample; \
+ grep -F "listen_addresses = '*'" /usr/local/share/postgresql/postgresql.conf.sample
+
+RUN mkdir -p /var/run/postgresql && chown -R postgres:postgres /var/run/postgresql && chmod 3777 /var/run/postgresql
+
+ENV PGDATA /var/lib/postgresql/data
+# this 777 will be replaced by 700 at runtime (allows semi-arbitrary "--user" values)
+RUN mkdir -p "$PGDATA" && chown -R postgres:postgres "$PGDATA" && chmod 1777 "$PGDATA"
+VOLUME /var/lib/postgresql/data
+
+COPY docker-entrypoint.sh /usr/local/bin/
+ENTRYPOINT ["docker-entrypoint.sh"]
+
+# We set the default STOPSIGNAL to SIGINT, which corresponds to what PostgreSQL
+# calls "Fast Shutdown mode" wherein new connections are disallowed and any
+# in-progress transactions are aborted, allowing PostgreSQL to stop cleanly and
+# flush tables to disk, which is the best compromise available to avoid data
+# corruption.
+#
+# Users who know their applications do not keep open long-lived idle connections
+# may way to use a value of SIGTERM instead, which corresponds to "Smart
+# Shutdown mode" in which any existing sessions are allowed to finish and the
+# server stops when all sessions are terminated.
+#
+# See https://www.postgresql.org/docs/12/server-shutdown.html for more details
+# about available PostgreSQL server shutdown signals.
+#
+# See also https://www.postgresql.org/docs/12/server-start.html for further
+# justification of this as the default value, namely that the example (and
+# shipped) systemd service files use the "Fast Shutdown mode" for service
+# termination.
+#
+STOPSIGNAL SIGINT
+#
+# An additional setting that is recommended for all users regardless of this
+# value is the runtime "--stop-timeout" (or your orchestrator/runtime's
+# equivalent) for controlling how long to wait between sending the defined
+# STOPSIGNAL and sending SIGKILL (which is likely to cause data corruption).
+#
+# The default in most runtimes (such as Docker) is 10 seconds, and the
+# documentation at https://www.postgresql.org/docs/12/server-start.html notes
+# that even 90 seconds may not be long enough in many instances.
+
+EXPOSE 5432
+CMD ["postgres"]
diff --git a/16/alpine3.17/docker-entrypoint.sh b/16/alpine3.17/docker-entrypoint.sh
new file mode 100755
index 0000000000..a383a36487
--- /dev/null
+++ b/16/alpine3.17/docker-entrypoint.sh
@@ -0,0 +1,351 @@
+#!/usr/bin/env bash
+set -Eeo pipefail
+# TODO swap to -Eeuo pipefail above (after handling all potentially-unset variables)
+
+# usage: file_env VAR [DEFAULT]
+# ie: file_env 'XYZ_DB_PASSWORD' 'example'
+# (will allow for "$XYZ_DB_PASSWORD_FILE" to fill in the value of
+# "$XYZ_DB_PASSWORD" from a file, especially for Docker's secrets feature)
+file_env() {
+ local var="$1"
+ local fileVar="${var}_FILE"
+ local def="${2:-}"
+ if [ "${!var:-}" ] && [ "${!fileVar:-}" ]; then
+ printf >&2 'error: both %s and %s are set (but are exclusive)\n' "$var" "$fileVar"
+ exit 1
+ fi
+ local val="$def"
+ if [ "${!var:-}" ]; then
+ val="${!var}"
+ elif [ "${!fileVar:-}" ]; then
+ val="$(< "${!fileVar}")"
+ fi
+ export "$var"="$val"
+ unset "$fileVar"
+}
+
+# check to see if this file is being run or sourced from another script
+_is_sourced() {
+ # https://unix.stackexchange.com/a/215279
+ [ "${#FUNCNAME[@]}" -ge 2 ] \
+ && [ "${FUNCNAME[0]}" = '_is_sourced' ] \
+ && [ "${FUNCNAME[1]}" = 'source' ]
+}
+
+# used to create initial postgres directories and if run as root, ensure ownership to the "postgres" user
+docker_create_db_directories() {
+ local user; user="$(id -u)"
+
+ mkdir -p "$PGDATA"
+ # ignore failure since there are cases where we can't chmod (and PostgreSQL might fail later anyhow - it's picky about permissions of this directory)
+ chmod 00700 "$PGDATA" || :
+
+ # ignore failure since it will be fine when using the image provided directory; see also https://github.com/docker-library/postgres/pull/289
+ mkdir -p /var/run/postgresql || :
+ chmod 03775 /var/run/postgresql || :
+
+ # Create the transaction log directory before initdb is run so the directory is owned by the correct user
+ if [ -n "${POSTGRES_INITDB_WALDIR:-}" ]; then
+ mkdir -p "$POSTGRES_INITDB_WALDIR"
+ if [ "$user" = '0' ]; then
+ find "$POSTGRES_INITDB_WALDIR" \! -user postgres -exec chown postgres '{}' +
+ fi
+ chmod 700 "$POSTGRES_INITDB_WALDIR"
+ fi
+
+ # allow the container to be started with `--user`
+ if [ "$user" = '0' ]; then
+ find "$PGDATA" \! -user postgres -exec chown postgres '{}' +
+ find /var/run/postgresql \! -user postgres -exec chown postgres '{}' +
+ fi
+}
+
+# initialize empty PGDATA directory with new database via 'initdb'
+# arguments to `initdb` can be passed via POSTGRES_INITDB_ARGS or as arguments to this function
+# `initdb` automatically creates the "postgres", "template0", and "template1" dbnames
+# this is also where the database user is created, specified by `POSTGRES_USER` env
+docker_init_database_dir() {
+ # "initdb" is particular about the current user existing in "/etc/passwd", so we use "nss_wrapper" to fake that if necessary
+ # see https://github.com/docker-library/postgres/pull/253, https://github.com/docker-library/postgres/issues/359, https://cwrap.org/nss_wrapper.html
+ local uid; uid="$(id -u)"
+ if ! getent passwd "$uid" &> /dev/null; then
+ # see if we can find a suitable "libnss_wrapper.so" (https://salsa.debian.org/sssd-team/nss-wrapper/-/commit/b9925a653a54e24d09d9b498a2d913729f7abb15)
+ local wrapper
+ for wrapper in {/usr,}/lib{/*,}/libnss_wrapper.so; do
+ if [ -s "$wrapper" ]; then
+ NSS_WRAPPER_PASSWD="$(mktemp)"
+ NSS_WRAPPER_GROUP="$(mktemp)"
+ export LD_PRELOAD="$wrapper" NSS_WRAPPER_PASSWD NSS_WRAPPER_GROUP
+ local gid; gid="$(id -g)"
+ printf 'postgres:x:%s:%s:PostgreSQL:%s:/bin/false\n' "$uid" "$gid" "$PGDATA" > "$NSS_WRAPPER_PASSWD"
+ printf 'postgres:x:%s:\n' "$gid" > "$NSS_WRAPPER_GROUP"
+ break
+ fi
+ done
+ fi
+
+ if [ -n "${POSTGRES_INITDB_WALDIR:-}" ]; then
+ set -- --waldir "$POSTGRES_INITDB_WALDIR" "$@"
+ fi
+
+ # --pwfile refuses to handle a properly-empty file (hence the "\n"): https://github.com/docker-library/postgres/issues/1025
+ eval 'initdb --username="$POSTGRES_USER" --pwfile=<(printf "%s\n" "$POSTGRES_PASSWORD") '"$POSTGRES_INITDB_ARGS"' "$@"'
+
+ # unset/cleanup "nss_wrapper" bits
+ if [[ "${LD_PRELOAD:-}" == */libnss_wrapper.so ]]; then
+ rm -f "$NSS_WRAPPER_PASSWD" "$NSS_WRAPPER_GROUP"
+ unset LD_PRELOAD NSS_WRAPPER_PASSWD NSS_WRAPPER_GROUP
+ fi
+}
+
+# print large warning if POSTGRES_PASSWORD is long
+# error if both POSTGRES_PASSWORD is empty and POSTGRES_HOST_AUTH_METHOD is not 'trust'
+# print large warning if POSTGRES_HOST_AUTH_METHOD is set to 'trust'
+# assumes database is not set up, ie: [ -z "$DATABASE_ALREADY_EXISTS" ]
+docker_verify_minimum_env() {
+ # check password first so we can output the warning before postgres
+ # messes it up
+ if [ "${#POSTGRES_PASSWORD}" -ge 100 ]; then
+ cat >&2 <<-'EOWARN'
+
+ WARNING: The supplied POSTGRES_PASSWORD is 100+ characters.
+
+ This will not work if used via PGPASSWORD with "psql".
+
+ https://www.postgresql.org/message-id/flat/E1Rqxp2-0004Qt-PL%40wrigleys.postgresql.org (BUG #6412)
+ https://github.com/docker-library/postgres/issues/507
+
+ EOWARN
+ fi
+ if [ -z "$POSTGRES_PASSWORD" ] && [ 'trust' != "$POSTGRES_HOST_AUTH_METHOD" ]; then
+ # The - option suppresses leading tabs but *not* spaces. :)
+ cat >&2 <<-'EOE'
+ Error: Database is uninitialized and superuser password is not specified.
+ You must specify POSTGRES_PASSWORD to a non-empty value for the
+ superuser. For example, "-e POSTGRES_PASSWORD=password" on "docker run".
+
+ You may also use "POSTGRES_HOST_AUTH_METHOD=trust" to allow all
+ connections without a password. This is *not* recommended.
+
+ See PostgreSQL documentation about "trust":
+ https://www.postgresql.org/docs/current/auth-trust.html
+ EOE
+ exit 1
+ fi
+ if [ 'trust' = "$POSTGRES_HOST_AUTH_METHOD" ]; then
+ cat >&2 <<-'EOWARN'
+ ********************************************************************************
+ WARNING: POSTGRES_HOST_AUTH_METHOD has been set to "trust". This will allow
+ anyone with access to the Postgres port to access your database without
+ a password, even if POSTGRES_PASSWORD is set. See PostgreSQL
+ documentation about "trust":
+ https://www.postgresql.org/docs/current/auth-trust.html
+ In Docker's default configuration, this is effectively any other
+ container on the same system.
+
+ It is not recommended to use POSTGRES_HOST_AUTH_METHOD=trust. Replace
+ it with "-e POSTGRES_PASSWORD=password" instead to set a password in
+ "docker run".
+ ********************************************************************************
+ EOWARN
+ fi
+}
+
+# usage: docker_process_init_files [file [file [...]]]
+# ie: docker_process_init_files /always-initdb.d/*
+# process initializer files, based on file extensions and permissions
+docker_process_init_files() {
+ # psql here for backwards compatibility "${psql[@]}"
+ psql=( docker_process_sql )
+
+ printf '\n'
+ local f
+ for f; do
+ case "$f" in
+ *.sh)
+ # https://github.com/docker-library/postgres/issues/450#issuecomment-393167936
+ # https://github.com/docker-library/postgres/pull/452
+ if [ -x "$f" ]; then
+ printf '%s: running %s\n' "$0" "$f"
+ "$f"
+ else
+ printf '%s: sourcing %s\n' "$0" "$f"
+ . "$f"
+ fi
+ ;;
+ *.sql) printf '%s: running %s\n' "$0" "$f"; docker_process_sql -f "$f"; printf '\n' ;;
+ *.sql.gz) printf '%s: running %s\n' "$0" "$f"; gunzip -c "$f" | docker_process_sql; printf '\n' ;;
+ *.sql.xz) printf '%s: running %s\n' "$0" "$f"; xzcat "$f" | docker_process_sql; printf '\n' ;;
+ *.sql.zst) printf '%s: running %s\n' "$0" "$f"; zstd -dc "$f" | docker_process_sql; printf '\n' ;;
+ *) printf '%s: ignoring %s\n' "$0" "$f" ;;
+ esac
+ printf '\n'
+ done
+}
+
+# Execute sql script, passed via stdin (or -f flag of pqsl)
+# usage: docker_process_sql [psql-cli-args]
+# ie: docker_process_sql --dbname=mydb <<<'INSERT ...'
+# ie: docker_process_sql -f my-file.sql
+# ie: docker_process_sql <my-file.sql
+docker_process_sql() {
+ local query_runner=( psql -v ON_ERROR_STOP=1 --username "$POSTGRES_USER" --no-password --no-psqlrc )
+ if [ -n "$POSTGRES_DB" ]; then
+ query_runner+=( --dbname "$POSTGRES_DB" )
+ fi
+
+ PGHOST= PGHOSTADDR= "${query_runner[@]}" "$@"
+}
+
+# create initial database
+# uses environment variables for input: POSTGRES_DB
+docker_setup_db() {
+ local dbAlreadyExists
+ dbAlreadyExists="$(
+ POSTGRES_DB= docker_process_sql --dbname postgres --set db="$POSTGRES_DB" --tuples-only <<-'EOSQL'
+ SELECT 1 FROM pg_database WHERE datname = :'db' ;
+ EOSQL
+ )"
+ if [ -z "$dbAlreadyExists" ]; then
+ POSTGRES_DB= docker_process_sql --dbname postgres --set db="$POSTGRES_DB" <<-'EOSQL'
+ CREATE DATABASE :"db" ;
+ EOSQL
+ printf '\n'
+ fi
+}
+
+# Loads various settings that are used elsewhere in the script
+# This should be called before any other functions
+docker_setup_env() {
+ file_env 'POSTGRES_PASSWORD'
+
+ file_env 'POSTGRES_USER' 'postgres'
+ file_env 'POSTGRES_DB' "$POSTGRES_USER"
+ file_env 'POSTGRES_INITDB_ARGS'
+ : "${POSTGRES_HOST_AUTH_METHOD:=}"
+
+ declare -g DATABASE_ALREADY_EXISTS
+ # look specifically for PG_VERSION, as it is expected in the DB dir
+ if [ -s "$PGDATA/PG_VERSION" ]; then
+ DATABASE_ALREADY_EXISTS='true'
+ fi
+}
+
+# append POSTGRES_HOST_AUTH_METHOD to pg_hba.conf for "host" connections
+# all arguments will be passed along as arguments to `postgres` for getting the value of 'password_encryption'
+pg_setup_hba_conf() {
+ # default authentication method is md5 on versions before 14
+ # https://www.postgresql.org/about/news/postgresql-14-released-2318/
+ if [ "$1" = 'postgres' ]; then
+ shift
+ fi
+ local auth
+ # check the default/configured encryption and use that as the auth method
+ auth="$(postgres -C password_encryption "$@")"
+ : "${POSTGRES_HOST_AUTH_METHOD:=$auth}"
+ {
+ printf '\n'
+ if [ 'trust' = "$POSTGRES_HOST_AUTH_METHOD" ]; then
+ printf '# warning trust is enabled for all connections\n'
+ printf '# see https://www.postgresql.org/docs/12/auth-trust.html\n'
+ fi
+ printf 'host all all all %s\n' "$POSTGRES_HOST_AUTH_METHOD"
+ } >> "$PGDATA/pg_hba.conf"
+}
+
+# start socket-only postgresql server for setting up or running scripts
+# all arguments will be passed along as arguments to `postgres` (via pg_ctl)
+docker_temp_server_start() {
+ if [ "$1" = 'postgres' ]; then
+ shift
+ fi
+
+ # internal start of server in order to allow setup using psql client
+ # does not listen on external TCP/IP and waits until start finishes
+ set -- "$@" -c listen_addresses='' -p "${PGPORT:-5432}"
+
+ PGUSER="${PGUSER:-$POSTGRES_USER}" \
+ pg_ctl -D "$PGDATA" \
+ -o "$(printf '%q ' "$@")" \
+ -w start
+}
+
+# stop postgresql server after done setting up user and running scripts
+docker_temp_server_stop() {
+ PGUSER="${PGUSER:-postgres}" \
+ pg_ctl -D "$PGDATA" -m fast -w stop
+}
+
+# check arguments for an option that would cause postgres to stop
+# return true if there is one
+_pg_want_help() {
+ local arg
+ for arg; do
+ case "$arg" in
+ # postgres --help | grep 'then exit'
+ # leaving out -C on purpose since it always fails and is unhelpful:
+ # postgres: could not access the server configuration file "/var/lib/postgresql/data/postgresql.conf": No such file or directory
+ -'?'|--help|--describe-config|-V|--version)
+ return 0
+ ;;
+ esac
+ done
+ return 1
+}
+
+_main() {
+ # if first arg looks like a flag, assume we want to run postgres server
+ if [ "${1:0:1}" = '-' ]; then
+ set -- postgres "$@"
+ fi
+
+ if [ "$1" = 'postgres' ] && ! _pg_want_help "$@"; then
+ docker_setup_env
+ # setup data directories and permissions (when run as root)
+ docker_create_db_directories
+ if [ "$(id -u)" = '0' ]; then
+ # then restart script as postgres user
+ exec su-exec postgres "$BASH_SOURCE" "$@"
+ fi
+
+ # only run initialization on an empty data directory
+ if [ -z "$DATABASE_ALREADY_EXISTS" ]; then
+ docker_verify_minimum_env
+
+ # check dir permissions to reduce likelihood of half-initialized database
+ ls /docker-entrypoint-initdb.d/ > /dev/null
+
+ docker_init_database_dir
+ pg_setup_hba_conf "$@"
+
+ # PGPASSWORD is required for psql when authentication is required for 'local' connections via pg_hba.conf and is otherwise harmless
+ # e.g. when '--auth=md5' or '--auth-local=md5' is used in POSTGRES_INITDB_ARGS
+ export PGPASSWORD="${PGPASSWORD:-$POSTGRES_PASSWORD}"
+ docker_temp_server_start "$@"
+
+ docker_setup_db
+ docker_process_init_files /docker-entrypoint-initdb.d/*
+
+ docker_temp_server_stop
+ unset PGPASSWORD
+
+ cat <<-'EOM'
+
+ PostgreSQL init process complete; ready for start up.
+
+ EOM
+ else
+ cat <<-'EOM'
+
+ PostgreSQL Database directory appears to contain a database; Skipping initialization
+
+ EOM
+ fi
+ fi
+
+ exec "$@"
+}
+
+if ! _is_sourced; then
+ _main "$@"
+fi
diff --git a/16/alpine3.18/Dockerfile b/16/alpine3.18/Dockerfile
new file mode 100644
index 0000000000..47895ab1ee
--- /dev/null
+++ b/16/alpine3.18/Dockerfile
@@ -0,0 +1,209 @@
+#
+# NOTE: THIS DOCKERFILE IS GENERATED VIA "apply-templates.sh"
+#
+# PLEASE DO NOT EDIT IT DIRECTLY.
+#
+
+FROM alpine:3.18
+
+# 70 is the standard uid/gid for "postgres" in Alpine
+# https://git.alpinelinux.org/aports/tree/main/postgresql/postgresql.pre-install?h=3.12-stable
+RUN set -eux; \
+ addgroup -g 70 -S postgres; \
+ adduser -u 70 -S -D -G postgres -H -h /var/lib/postgresql -s /bin/sh postgres; \
+ mkdir -p /var/lib/postgresql; \
+ chown -R postgres:postgres /var/lib/postgresql
+
+# su-exec (gosu-compatible) is installed further down
+
+# make the "en_US.UTF-8" locale so postgres will be utf-8 enabled by default
+# alpine doesn't require explicit locale-file generation
+ENV LANG en_US.utf8
+
+RUN mkdir /docker-entrypoint-initdb.d
+
+ENV PG_MAJOR 16
+ENV PG_VERSION 16beta1
+ENV PG_SHA256 59e248d434aa515fa2d31c0d161c4148f30d511dcde91f6e888684823b6849a8
+
+ENV DOCKER_PG_LLVM_DEPS \
+ llvm15-dev \
+ clang15
+
+RUN set -eux; \
+ \
+ wget -O postgresql.tar.bz2 "https://ftp.postgresql.org/pub/source/v$PG_VERSION/postgresql-$PG_VERSION.tar.bz2"; \
+ echo "$PG_SHA256 *postgresql.tar.bz2" | sha256sum -c -; \
+ mkdir -p /usr/src/postgresql; \
+ tar \
+ --extract \
+ --file postgresql.tar.bz2 \
+ --directory /usr/src/postgresql \
+ --strip-components 1 \
+ ; \
+ rm postgresql.tar.bz2; \
+ \
+ apk add --no-cache --virtual .build-deps \
+ $DOCKER_PG_LLVM_DEPS \
+ bison \
+ coreutils \
+ dpkg-dev dpkg \
+ flex \
+ g++ \
+ gcc \
+ krb5-dev \
+ libc-dev \
+ libedit-dev \
+ libxml2-dev \
+ libxslt-dev \
+ linux-headers \
+ make \
+ openldap-dev \
+ openssl-dev \
+ perl-dev \
+ perl-ipc-run \
+ perl-utils \
+ python3-dev \
+ tcl-dev \
+ util-linux-dev \
+ zlib-dev \
+# https://www.postgresql.org/docs/10/static/release-10.html#id-1.11.6.9.5.13
+ icu-dev \
+# https://www.postgresql.org/docs/14/release-14.html#id-1.11.6.5.5.3.7
+ lz4-dev \
+# https://www.postgresql.org/docs/15/release-15.html "--with-zstd to enable Zstandard builds"
+ zstd-dev \
+ ; \
+ \
+ cd /usr/src/postgresql; \
+# update "DEFAULT_PGSOCKET_DIR" to "/var/run/postgresql" (matching Debian)
+# see https://anonscm.debian.org/git/pkg-postgresql/postgresql.git/tree/debian/patches/51-default-sockets-in-var.patch?id=8b539fcb3e093a521c095e70bdfa76887217b89f
+ awk '$1 == "#define" && $2 == "DEFAULT_PGSOCKET_DIR" && $3 == "\"/tmp\"" { $3 = "\"/var/run/postgresql\""; print; next } { print }' src/include/pg_config_manual.h > src/include/pg_config_manual.h.new; \
+ grep '/var/run/postgresql' src/include/pg_config_manual.h.new; \
+ mv src/include/pg_config_manual.h.new src/include/pg_config_manual.h; \
+ gnuArch="$(dpkg-architecture --query DEB_BUILD_GNU_TYPE)"; \
+# explicitly update autoconf config.guess and config.sub so they support more arches/libcs
+ wget -O config/config.guess 'https://git.savannah.gnu.org/cgit/config.git/plain/config.guess?id=7d3d27baf8107b630586c962c057e22149653deb'; \
+ wget -O config/config.sub 'https://git.savannah.gnu.org/cgit/config.git/plain/config.sub?id=7d3d27baf8107b630586c962c057e22149653deb'; \
+ \
+# https://git.alpinelinux.org/aports/tree/community/postgresql12/APKBUILD?h=3.18-stable&id=a470294e6d6ca7059e41c54769b7c3c26ec901d4#n158
+ export LLVM_CONFIG="/usr/lib/llvm15/bin/llvm-config"; \
+# https://git.alpinelinux.org/aports/tree/community/postgresql12/APKBUILD?h=3.18-stable&id=a470294e6d6ca7059e41c54769b7c3c26ec901d4#n163
+ export CLANG=clang-15; \
+ \
+# configure options taken from:
+# https://anonscm.debian.org/cgit/pkg-postgresql/postgresql.git/tree/debian/rules?h=9.5
+ ./configure \
+ --enable-option-checking=fatal \
+ --build="$gnuArch" \
+# "/usr/src/postgresql/src/backend/access/common/tupconvert.c:105: undefined reference to `libintl_gettext'"
+# --enable-nls \
+ --enable-integer-datetimes \
+ --enable-thread-safety \
+ --enable-tap-tests \
+# skip debugging info -- we want tiny size instead
+# --enable-debug \
+ --disable-rpath \
+ --with-uuid=e2fs \
+ --with-pgport=5432 \
+ --with-system-tzdata=/usr/share/zoneinfo \
+ --prefix=/usr/local \
+ --with-includes=/usr/local/include \
+ --with-libraries=/usr/local/lib \
+ --with-gssapi \
+ --with-ldap \
+ --with-tcl \
+ --with-perl \
+ --with-python \
+# --with-pam \
+ --with-openssl \
+ --with-libxml \
+ --with-libxslt \
+ --with-icu \
+ --with-llvm \
+ --with-lz4 \
+ --with-zstd \
+ ; \
+ make -j "$(nproc)" world; \
+ make install-world; \
+ make -C contrib install; \
+ \
+ runDeps="$( \
+ scanelf --needed --nobanner --format '%n#p' --recursive /usr/local \
+ | tr ',' '\n' \
+ | sort -u \
+ | awk 'system("[ -e /usr/local/lib/" $1 " ]") == 0 { next } { print "so:" $1 }' \
+# Remove plperl, plpython and pltcl dependencies by default to save image size
+# To use the pl extensions, those have to be installed in a derived image
+ | grep -v -e perl -e python -e tcl \
+ )"; \
+ apk add --no-cache --virtual .postgresql-rundeps \
+ $runDeps \
+ bash \
+ su-exec \
+ tzdata \
+ zstd \
+# https://wiki.alpinelinux.org/wiki/Release_Notes_for_Alpine_3.16.0#ICU_data_split
+ icu-data-full \
+# nss_wrapper is not availble on ppc64le: "test case segfaults in ppc64le"
+# https://git.alpinelinux.org/aports/commit/testing/nss_wrapper/APKBUILD?h=3.17-stable&id=94d81ceeb58cff448d489bbcbe9a6d40c9991663
+ $([ "$(apk --print-arch)" != 'ppc64le' ] && echo 'nss_wrapper') \
+ ; \
+ apk del --no-network .build-deps; \
+ cd /; \
+ rm -rf \
+ /usr/src/postgresql \
+ /usr/local/share/doc \
+ /usr/local/share/man \
+ ; \
+ \
+ postgres --version
+
+# make the sample config easier to munge (and "correct by default")
+RUN set -eux; \
+ cp -v /usr/local/share/postgresql/postgresql.conf.sample /usr/local/share/postgresql/postgresql.conf.sample.orig; \
+ sed -ri "s!^#?(listen_addresses)\s*=\s*\S+.*!\1 = '*'!" /usr/local/share/postgresql/postgresql.conf.sample; \
+ grep -F "listen_addresses = '*'" /usr/local/share/postgresql/postgresql.conf.sample
+
+RUN mkdir -p /var/run/postgresql && chown -R postgres:postgres /var/run/postgresql && chmod 3777 /var/run/postgresql
+
+ENV PGDATA /var/lib/postgresql/data
+# this 777 will be replaced by 700 at runtime (allows semi-arbitrary "--user" values)
+RUN mkdir -p "$PGDATA" && chown -R postgres:postgres "$PGDATA" && chmod 1777 "$PGDATA"
+VOLUME /var/lib/postgresql/data
+
+COPY docker-entrypoint.sh /usr/local/bin/
+ENTRYPOINT ["docker-entrypoint.sh"]
+
+# We set the default STOPSIGNAL to SIGINT, which corresponds to what PostgreSQL
+# calls "Fast Shutdown mode" wherein new connections are disallowed and any
+# in-progress transactions are aborted, allowing PostgreSQL to stop cleanly and
+# flush tables to disk, which is the best compromise available to avoid data
+# corruption.
+#
+# Users who know their applications do not keep open long-lived idle connections
+# may way to use a value of SIGTERM instead, which corresponds to "Smart
+# Shutdown mode" in which any existing sessions are allowed to finish and the
+# server stops when all sessions are terminated.
+#
+# See https://www.postgresql.org/docs/12/server-shutdown.html for more details
+# about available PostgreSQL server shutdown signals.
+#
+# See also https://www.postgresql.org/docs/12/server-start.html for further
+# justification of this as the default value, namely that the example (and
+# shipped) systemd service files use the "Fast Shutdown mode" for service
+# termination.
+#
+STOPSIGNAL SIGINT
+#
+# An additional setting that is recommended for all users regardless of this
+# value is the runtime "--stop-timeout" (or your orchestrator/runtime's
+# equivalent) for controlling how long to wait between sending the defined
+# STOPSIGNAL and sending SIGKILL (which is likely to cause data corruption).
+#
+# The default in most runtimes (such as Docker) is 10 seconds, and the
+# documentation at https://www.postgresql.org/docs/12/server-start.html notes
+# that even 90 seconds may not be long enough in many instances.
+
+EXPOSE 5432
+CMD ["postgres"]
diff --git a/16/alpine3.18/docker-entrypoint.sh b/16/alpine3.18/docker-entrypoint.sh
new file mode 100755
index 0000000000..a383a36487
--- /dev/null
+++ b/16/alpine3.18/docker-entrypoint.sh
@@ -0,0 +1,351 @@
+#!/usr/bin/env bash
+set -Eeo pipefail
+# TODO swap to -Eeuo pipefail above (after handling all potentially-unset variables)
+
+# usage: file_env VAR [DEFAULT]
+# ie: file_env 'XYZ_DB_PASSWORD' 'example'
+# (will allow for "$XYZ_DB_PASSWORD_FILE" to fill in the value of
+# "$XYZ_DB_PASSWORD" from a file, especially for Docker's secrets feature)
+file_env() {
+ local var="$1"
+ local fileVar="${var}_FILE"
+ local def="${2:-}"
+ if [ "${!var:-}" ] && [ "${!fileVar:-}" ]; then
+ printf >&2 'error: both %s and %s are set (but are exclusive)\n' "$var" "$fileVar"
+ exit 1
+ fi
+ local val="$def"
+ if [ "${!var:-}" ]; then
+ val="${!var}"
+ elif [ "${!fileVar:-}" ]; then
+ val="$(< "${!fileVar}")"
+ fi
+ export "$var"="$val"
+ unset "$fileVar"
+}
+
+# check to see if this file is being run or sourced from another script
+_is_sourced() {
+ # https://unix.stackexchange.com/a/215279
+ [ "${#FUNCNAME[@]}" -ge 2 ] \
+ && [ "${FUNCNAME[0]}" = '_is_sourced' ] \
+ && [ "${FUNCNAME[1]}" = 'source' ]
+}
+
+# used to create initial postgres directories and if run as root, ensure ownership to the "postgres" user
+docker_create_db_directories() {
+ local user; user="$(id -u)"
+
+ mkdir -p "$PGDATA"
+ # ignore failure since there are cases where we can't chmod (and PostgreSQL might fail later anyhow - it's picky about permissions of this directory)
+ chmod 00700 "$PGDATA" || :
+
+ # ignore failure since it will be fine when using the image provided directory; see also https://github.com/docker-library/postgres/pull/289
+ mkdir -p /var/run/postgresql || :
+ chmod 03775 /var/run/postgresql || :
+
+ # Create the transaction log directory before initdb is run so the directory is owned by the correct user
+ if [ -n "${POSTGRES_INITDB_WALDIR:-}" ]; then
+ mkdir -p "$POSTGRES_INITDB_WALDIR"
+ if [ "$user" = '0' ]; then
+ find "$POSTGRES_INITDB_WALDIR" \! -user postgres -exec chown postgres '{}' +
+ fi
+ chmod 700 "$POSTGRES_INITDB_WALDIR"
+ fi
+
+ # allow the container to be started with `--user`
+ if [ "$user" = '0' ]; then
+ find "$PGDATA" \! -user postgres -exec chown postgres '{}' +
+ find /var/run/postgresql \! -user postgres -exec chown postgres '{}' +
+ fi
+}
+
+# initialize empty PGDATA directory with new database via 'initdb'
+# arguments to `initdb` can be passed via POSTGRES_INITDB_ARGS or as arguments to this function
+# `initdb` automatically creates the "postgres", "template0", and "template1" dbnames
+# this is also where the database user is created, specified by `POSTGRES_USER` env
+docker_init_database_dir() {
+ # "initdb" is particular about the current user existing in "/etc/passwd", so we use "nss_wrapper" to fake that if necessary
+ # see https://github.com/docker-library/postgres/pull/253, https://github.com/docker-library/postgres/issues/359, https://cwrap.org/nss_wrapper.html
+ local uid; uid="$(id -u)"
+ if ! getent passwd "$uid" &> /dev/null; then
+ # see if we can find a suitable "libnss_wrapper.so" (https://salsa.debian.org/sssd-team/nss-wrapper/-/commit/b9925a653a54e24d09d9b498a2d913729f7abb15)
+ local wrapper
+ for wrapper in {/usr,}/lib{/*,}/libnss_wrapper.so; do
+ if [ -s "$wrapper" ]; then
+ NSS_WRAPPER_PASSWD="$(mktemp)"
+ NSS_WRAPPER_GROUP="$(mktemp)"
+ export LD_PRELOAD="$wrapper" NSS_WRAPPER_PASSWD NSS_WRAPPER_GROUP
+ local gid; gid="$(id -g)"
+ printf 'postgres:x:%s:%s:PostgreSQL:%s:/bin/false\n' "$uid" "$gid" "$PGDATA" > "$NSS_WRAPPER_PASSWD"
+ printf 'postgres:x:%s:\n' "$gid" > "$NSS_WRAPPER_GROUP"
+ break
+ fi
+ done
+ fi
+
+ if [ -n "${POSTGRES_INITDB_WALDIR:-}" ]; then
+ set -- --waldir "$POSTGRES_INITDB_WALDIR" "$@"
+ fi
+
+ # --pwfile refuses to handle a properly-empty file (hence the "\n"): https://github.com/docker-library/postgres/issues/1025
+ eval 'initdb --username="$POSTGRES_USER" --pwfile=<(printf "%s\n" "$POSTGRES_PASSWORD") '"$POSTGRES_INITDB_ARGS"' "$@"'
+
+ # unset/cleanup "nss_wrapper" bits
+ if [[ "${LD_PRELOAD:-}" == */libnss_wrapper.so ]]; then
+ rm -f "$NSS_WRAPPER_PASSWD" "$NSS_WRAPPER_GROUP"
+ unset LD_PRELOAD NSS_WRAPPER_PASSWD NSS_WRAPPER_GROUP
+ fi
+}
+
+# print large warning if POSTGRES_PASSWORD is long
+# error if both POSTGRES_PASSWORD is empty and POSTGRES_HOST_AUTH_METHOD is not 'trust'
+# print large warning if POSTGRES_HOST_AUTH_METHOD is set to 'trust'
+# assumes database is not set up, ie: [ -z "$DATABASE_ALREADY_EXISTS" ]
+docker_verify_minimum_env() {
+ # check password first so we can output the warning before postgres
+ # messes it up
+ if [ "${#POSTGRES_PASSWORD}" -ge 100 ]; then
+ cat >&2 <<-'EOWARN'
+
+ WARNING: The supplied POSTGRES_PASSWORD is 100+ characters.
+
+ This will not work if used via PGPASSWORD with "psql".
+
+ https://www.postgresql.org/message-id/flat/E1Rqxp2-0004Qt-PL%40wrigleys.postgresql.org (BUG #6412)
+ https://github.com/docker-library/postgres/issues/507
+
+ EOWARN
+ fi
+ if [ -z "$POSTGRES_PASSWORD" ] && [ 'trust' != "$POSTGRES_HOST_AUTH_METHOD" ]; then
+ # The - option suppresses leading tabs but *not* spaces. :)
+ cat >&2 <<-'EOE'
+ Error: Database is uninitialized and superuser password is not specified.
+ You must specify POSTGRES_PASSWORD to a non-empty value for the
+ superuser. For example, "-e POSTGRES_PASSWORD=password" on "docker run".
+
+ You may also use "POSTGRES_HOST_AUTH_METHOD=trust" to allow all
+ connections without a password. This is *not* recommended.
+
+ See PostgreSQL documentation about "trust":
+ https://www.postgresql.org/docs/current/auth-trust.html
+ EOE
+ exit 1
+ fi
+ if [ 'trust' = "$POSTGRES_HOST_AUTH_METHOD" ]; then
+ cat >&2 <<-'EOWARN'
+ ********************************************************************************
+ WARNING: POSTGRES_HOST_AUTH_METHOD has been set to "trust". This will allow
+ anyone with access to the Postgres port to access your database without
+ a password, even if POSTGRES_PASSWORD is set. See PostgreSQL
+ documentation about "trust":
+ https://www.postgresql.org/docs/current/auth-trust.html
+ In Docker's default configuration, this is effectively any other
+ container on the same system.
+
+ It is not recommended to use POSTGRES_HOST_AUTH_METHOD=trust. Replace
+ it with "-e POSTGRES_PASSWORD=password" instead to set a password in
+ "docker run".
+ ********************************************************************************
+ EOWARN
+ fi
+}
+
+# usage: docker_process_init_files [file [file [...]]]
+# ie: docker_process_init_files /always-initdb.d/*
+# process initializer files, based on file extensions and permissions
+docker_process_init_files() {
+ # psql here for backwards compatibility "${psql[@]}"
+ psql=( docker_process_sql )
+
+ printf '\n'
+ local f
+ for f; do
+ case "$f" in
+ *.sh)
+ # https://github.com/docker-library/postgres/issues/450#issuecomment-393167936
+ # https://github.com/docker-library/postgres/pull/452
+ if [ -x "$f" ]; then
+ printf '%s: running %s\n' "$0" "$f"
+ "$f"
+ else
+ printf '%s: sourcing %s\n' "$0" "$f"
+ . "$f"
+ fi
+ ;;
+ *.sql) printf '%s: running %s\n' "$0" "$f"; docker_process_sql -f "$f"; printf '\n' ;;
+ *.sql.gz) printf '%s: running %s\n' "$0" "$f"; gunzip -c "$f" | docker_process_sql; printf '\n' ;;
+ *.sql.xz) printf '%s: running %s\n' "$0" "$f"; xzcat "$f" | docker_process_sql; printf '\n' ;;
+ *.sql.zst) printf '%s: running %s\n' "$0" "$f"; zstd -dc "$f" | docker_process_sql; printf '\n' ;;
+ *) printf '%s: ignoring %s\n' "$0" "$f" ;;
+ esac
+ printf '\n'
+ done
+}
+
+# Execute sql script, passed via stdin (or -f flag of pqsl)
+# usage: docker_process_sql [psql-cli-args]
+# ie: docker_process_sql --dbname=mydb <<<'INSERT ...'
+# ie: docker_process_sql -f my-file.sql
+# ie: docker_process_sql <my-file.sql
+docker_process_sql() {
+ local query_runner=( psql -v ON_ERROR_STOP=1 --username "$POSTGRES_USER" --no-password --no-psqlrc )
+ if [ -n "$POSTGRES_DB" ]; then
+ query_runner+=( --dbname "$POSTGRES_DB" )
+ fi
+
+ PGHOST= PGHOSTADDR= "${query_runner[@]}" "$@"
+}
+
+# create initial database
+# uses environment variables for input: POSTGRES_DB
+docker_setup_db() {
+ local dbAlreadyExists
+ dbAlreadyExists="$(
+ POSTGRES_DB= docker_process_sql --dbname postgres --set db="$POSTGRES_DB" --tuples-only <<-'EOSQL'
+ SELECT 1 FROM pg_database WHERE datname = :'db' ;
+ EOSQL
+ )"
+ if [ -z "$dbAlreadyExists" ]; then
+ POSTGRES_DB= docker_process_sql --dbname postgres --set db="$POSTGRES_DB" <<-'EOSQL'
+ CREATE DATABASE :"db" ;
+ EOSQL
+ printf '\n'
+ fi
+}
+
+# Loads various settings that are used elsewhere in the script
+# This should be called before any other functions
+docker_setup_env() {
+ file_env 'POSTGRES_PASSWORD'
+
+ file_env 'POSTGRES_USER' 'postgres'
+ file_env 'POSTGRES_DB' "$POSTGRES_USER"
+ file_env 'POSTGRES_INITDB_ARGS'
+ : "${POSTGRES_HOST_AUTH_METHOD:=}"
+
+ declare -g DATABASE_ALREADY_EXISTS
+ # look specifically for PG_VERSION, as it is expected in the DB dir
+ if [ -s "$PGDATA/PG_VERSION" ]; then
+ DATABASE_ALREADY_EXISTS='true'
+ fi
+}
+
+# append POSTGRES_HOST_AUTH_METHOD to pg_hba.conf for "host" connections
+# all arguments will be passed along as arguments to `postgres` for getting the value of 'password_encryption'
+pg_setup_hba_conf() {
+ # default authentication method is md5 on versions before 14
+ # https://www.postgresql.org/about/news/postgresql-14-released-2318/
+ if [ "$1" = 'postgres' ]; then
+ shift
+ fi
+ local auth
+ # check the default/configured encryption and use that as the auth method
+ auth="$(postgres -C password_encryption "$@")"
+ : "${POSTGRES_HOST_AUTH_METHOD:=$auth}"
+ {
+ printf '\n'
+ if [ 'trust' = "$POSTGRES_HOST_AUTH_METHOD" ]; then
+ printf '# warning trust is enabled for all connections\n'
+ printf '# see https://www.postgresql.org/docs/12/auth-trust.html\n'
+ fi
+ printf 'host all all all %s\n' "$POSTGRES_HOST_AUTH_METHOD"
+ } >> "$PGDATA/pg_hba.conf"
+}
+
+# start socket-only postgresql server for setting up or running scripts
+# all arguments will be passed along as arguments to `postgres` (via pg_ctl)
+docker_temp_server_start() {
+ if [ "$1" = 'postgres' ]; then
+ shift
+ fi
+
+ # internal start of server in order to allow setup using psql client
+ # does not listen on external TCP/IP and waits until start finishes
+ set -- "$@" -c listen_addresses='' -p "${PGPORT:-5432}"
+
+ PGUSER="${PGUSER:-$POSTGRES_USER}" \
+ pg_ctl -D "$PGDATA" \
+ -o "$(printf '%q ' "$@")" \
+ -w start
+}
+
+# stop postgresql server after done setting up user and running scripts
+docker_temp_server_stop() {
+ PGUSER="${PGUSER:-postgres}" \
+ pg_ctl -D "$PGDATA" -m fast -w stop
+}
+
+# check arguments for an option that would cause postgres to stop
+# return true if there is one
+_pg_want_help() {
+ local arg
+ for arg; do
+ case "$arg" in
+ # postgres --help | grep 'then exit'
+ # leaving out -C on purpose since it always fails and is unhelpful:
+ # postgres: could not access the server configuration file "/var/lib/postgresql/data/postgresql.conf": No such file or directory
+ -'?'|--help|--describe-config|-V|--version)
+ return 0
+ ;;
+ esac
+ done
+ return 1
+}
+
+_main() {
+ # if first arg looks like a flag, assume we want to run postgres server
+ if [ "${1:0:1}" = '-' ]; then
+ set -- postgres "$@"
+ fi
+
+ if [ "$1" = 'postgres' ] && ! _pg_want_help "$@"; then
+ docker_setup_env
+ # setup data directories and permissions (when run as root)
+ docker_create_db_directories
+ if [ "$(id -u)" = '0' ]; then
+ # then restart script as postgres user
+ exec su-exec postgres "$BASH_SOURCE" "$@"
+ fi
+
+ # only run initialization on an empty data directory
+ if [ -z "$DATABASE_ALREADY_EXISTS" ]; then
+ docker_verify_minimum_env
+
+ # check dir permissions to reduce likelihood of half-initialized database
+ ls /docker-entrypoint-initdb.d/ > /dev/null
+
+ docker_init_database_dir
+ pg_setup_hba_conf "$@"
+
+ # PGPASSWORD is required for psql when authentication is required for 'local' connections via pg_hba.conf and is otherwise harmless
+ # e.g. when '--auth=md5' or '--auth-local=md5' is used in POSTGRES_INITDB_ARGS
+ export PGPASSWORD="${PGPASSWORD:-$POSTGRES_PASSWORD}"
+ docker_temp_server_start "$@"
+
+ docker_setup_db
+ docker_process_init_files /docker-entrypoint-initdb.d/*
+
+ docker_temp_server_stop
+ unset PGPASSWORD
+
+ cat <<-'EOM'
+
+ PostgreSQL init process complete; ready for start up.
+
+ EOM
+ else
+ cat <<-'EOM'
+
+ PostgreSQL Database directory appears to contain a database; Skipping initialization
+
+ EOM
+ fi
+ fi
+
+ exec "$@"
+}
+
+if ! _is_sourced; then
+ _main "$@"
+fi
diff --git a/16/bullseye/Dockerfile b/16/bullseye/Dockerfile
new file mode 100644
index 0000000000..4fc142b9d8
--- /dev/null
+++ b/16/bullseye/Dockerfile
@@ -0,0 +1,219 @@
+#
+# NOTE: THIS DOCKERFILE IS GENERATED VIA "apply-templates.sh"
+#
+# PLEASE DO NOT EDIT IT DIRECTLY.
+#
+
+FROM debian:bullseye-slim
+
+# explicitly set user/group IDs
+RUN set -eux; \
+ groupadd -r postgres --gid=999; \
+# https://salsa.debian.org/postgresql/postgresql-common/blob/997d842ee744687d99a2b2d95c1083a2615c79e8/debian/postgresql-common.postinst#L32-35
+ useradd -r -g postgres --uid=999 --home-dir=/var/lib/postgresql --shell=/bin/bash postgres; \
+# also create the postgres user's home directory with appropriate permissions
+# see https://github.com/docker-library/postgres/issues/274
+ mkdir -p /var/lib/postgresql; \
+ chown -R postgres:postgres /var/lib/postgresql
+
+RUN set -ex; \
+ apt-get update; \
+ apt-get install -y --no-install-recommends \
+ gnupg \
+ ; \
+ rm -rf /var/lib/apt/lists/*
+
+# grab gosu for easy step-down from root
+# https://github.com/tianon/gosu/releases
+ENV GOSU_VERSION 1.16
+RUN set -eux; \
+ savedAptMark="$(apt-mark showmanual)"; \
+ apt-get update; \
+ apt-get install -y --no-install-recommends ca-certificates wget; \
+ rm -rf /var/lib/apt/lists/*; \
+ dpkgArch="$(dpkg --print-architecture | awk -F- '{ print $NF }')"; \
+ wget -O /usr/local/bin/gosu "https://github.com/tianon/gosu/releases/download/$GOSU_VERSION/gosu-$dpkgArch"; \
+ wget -O /usr/local/bin/gosu.asc "https://github.com/tianon/gosu/releases/download/$GOSU_VERSION/gosu-$dpkgArch.asc"; \
+ export GNUPGHOME="$(mktemp -d)"; \
+ gpg --batch --keyserver hkps://keys.openpgp.org --recv-keys B42F6819007F00F88E364FD4036A9C25BF357DD4; \
+ gpg --batch --verify /usr/local/bin/gosu.asc /usr/local/bin/gosu; \
+ gpgconf --kill all; \
+ rm -rf "$GNUPGHOME" /usr/local/bin/gosu.asc; \
+ apt-mark auto '.*' > /dev/null; \
+ [ -z "$savedAptMark" ] || apt-mark manual $savedAptMark > /dev/null; \
+ apt-get purge -y --auto-remove -o APT::AutoRemove::RecommendsImportant=false; \
+ chmod +x /usr/local/bin/gosu; \
+ gosu --version; \
+ gosu nobody true
+
+# make the "en_US.UTF-8" locale so postgres will be utf-8 enabled by default
+RUN set -eux; \
+ if [ -f /etc/dpkg/dpkg.cfg.d/docker ]; then \
+# if this file exists, we're likely in "debian:xxx-slim", and locales are thus being excluded so we need to remove that exclusion (since we need locales)
+ grep -q '/usr/share/locale' /etc/dpkg/dpkg.cfg.d/docker; \
+ sed -ri '/\/usr\/share\/locale/d' /etc/dpkg/dpkg.cfg.d/docker; \
+ ! grep -q '/usr/share/locale' /etc/dpkg/dpkg.cfg.d/docker; \
+ fi; \
+ apt-get update; apt-get install -y --no-install-recommends locales; rm -rf /var/lib/apt/lists/*; \
+ localedef -i en_US -c -f UTF-8 -A /usr/share/locale/locale.alias en_US.UTF-8
+ENV LANG en_US.utf8
+
+RUN set -eux; \
+ apt-get update; \
+ apt-get install -y --no-install-recommends \
+ libnss-wrapper \
+ xz-utils \
+ zstd \
+ ; \
+ rm -rf /var/lib/apt/lists/*
+
+RUN mkdir /docker-entrypoint-initdb.d
+
+RUN set -ex; \
+# pub 4096R/ACCC4CF8 2011-10-13 [expires: 2019-07-02]
+# Key fingerprint = B97B 0AFC AA1A 47F0 44F2 44A0 7FCC 7D46 ACCC 4CF8
+# uid PostgreSQL Debian Repository
+ key='B97B0AFCAA1A47F044F244A07FCC7D46ACCC4CF8'; \
+ export GNUPGHOME="$(mktemp -d)"; \
+ mkdir -p /usr/local/share/keyrings/; \
+ gpg --batch --keyserver keyserver.ubuntu.com --recv-keys "$key"; \
+ gpg --batch --export --armor "$key" > /usr/local/share/keyrings/postgres.gpg.asc; \
+ gpgconf --kill all; \
+ rm -rf "$GNUPGHOME"
+
+ENV PG_MAJOR 16
+ENV PATH $PATH:/usr/lib/postgresql/$PG_MAJOR/bin
+
+ENV PG_VERSION 16~beta1-2.pgdg110+1
+
+RUN set -ex; \
+ \
+# see note below about "*.pyc" files
+ export PYTHONDONTWRITEBYTECODE=1; \
+ \
+ dpkgArch="$(dpkg --print-architecture)"; \
+ aptRepo="[ signed-by=/usr/local/share/keyrings/postgres.gpg.asc ] http://apt.postgresql.org/pub/repos/apt/ bullseye-pgdg main $PG_MAJOR"; \
+ case "$dpkgArch" in \
+ amd64 | arm64 | ppc64el | s390x) \
+# arches officialy built by upstream
+ echo "deb $aptRepo" > /etc/apt/sources.list.d/pgdg.list; \
+ apt-get update; \
+ ;; \
+ *) \
+# we're on an architecture upstream doesn't officially build for
+# let's build binaries from their published source packages
+ echo "deb-src $aptRepo" > /etc/apt/sources.list.d/pgdg.list; \
+ \
+ savedAptMark="$(apt-mark showmanual)"; \
+ \
+ tempDir="$(mktemp -d)"; \
+ cd "$tempDir"; \
+ \
+# create a temporary local APT repo to install from (so that dependency resolution can be handled by APT, as it should be)
+ apt-get update; \
+ apt-get install -y --no-install-recommends dpkg-dev; \
+ echo "deb [ trusted=yes ] file://$tempDir ./" > /etc/apt/sources.list.d/temp.list; \
+ _update_repo() { \
+ dpkg-scanpackages . > Packages; \
+# work around the following APT issue by using "Acquire::GzipIndexes=false" (overriding "/etc/apt/apt.conf.d/docker-gzip-indexes")
+# Could not open file /var/lib/apt/lists/partial/_tmp_tmp.ODWljpQfkE_._Packages - open (13: Permission denied)
+# ...
+# E: Failed to fetch store:/var/lib/apt/lists/partial/_tmp_tmp.ODWljpQfkE_._Packages Could not open file /var/lib/apt/lists/partial/_tmp_tmp.ODWljpQfkE_._Packages - open (13: Permission denied)
+ apt-get -o Acquire::GzipIndexes=false update; \
+ }; \
+ _update_repo; \
+ \
+# build .deb files from upstream's source packages (which are verified by apt-get)
+ nproc="$(nproc)"; \
+ export DEB_BUILD_OPTIONS="nocheck parallel=$nproc"; \
+# we have to build postgresql-common first because postgresql-$PG_MAJOR shares "debian/rules" logic with it: https://salsa.debian.org/postgresql/postgresql/-/commit/99f44476e258cae6bf9e919219fa2c5414fa2876
+# (and it "Depends: pgdg-keyring")
+ apt-get build-dep -y postgresql-common pgdg-keyring; \
+ apt-get source --compile postgresql-common pgdg-keyring; \
+ _update_repo; \
+ apt-get build-dep -y "postgresql-$PG_MAJOR=$PG_VERSION"; \
+ apt-get source --compile "postgresql-$PG_MAJOR=$PG_VERSION"; \
+ \
+# we don't remove APT lists here because they get re-downloaded and removed later
+ \
+# reset apt-mark's "manual" list so that "purge --auto-remove" will remove all build dependencies
+# (which is done after we install the built packages so we don't have to redownload any overlapping dependencies)
+ apt-mark showmanual | xargs apt-mark auto > /dev/null; \
+ apt-mark manual $savedAptMark; \
+ \
+ ls -lAFh; \
+ _update_repo; \
+ grep '^Package: ' Packages; \
+ cd /; \
+ ;; \
+ esac; \
+ \
+ apt-get install -y --no-install-recommends postgresql-common; \
+ sed -ri 's/#(create_main_cluster) .*$/\1 = false/' /etc/postgresql-common/createcluster.conf; \
+ apt-get install -y --no-install-recommends \
+ "postgresql-$PG_MAJOR=$PG_VERSION" \
+ ; \
+ \
+ rm -rf /var/lib/apt/lists/*; \
+ \
+ if [ -n "$tempDir" ]; then \
+# if we have leftovers from building, let's purge them (including extra, unnecessary build deps)
+ apt-get purge -y --auto-remove; \
+ rm -rf "$tempDir" /etc/apt/sources.list.d/temp.list; \
+ fi; \
+ \
+# some of the steps above generate a lot of "*.pyc" files (and setting "PYTHONDONTWRITEBYTECODE" beforehand doesn't propagate properly for some reason), so we clean them up manually (as long as they aren't owned by a package)
+ find /usr -name '*.pyc' -type f -exec bash -c 'for pyc; do dpkg -S "$pyc" &> /dev/null || rm -vf "$pyc"; done' -- '{}' +; \
+ \
+ postgres --version
+
+# make the sample config easier to munge (and "correct by default")
+RUN set -eux; \
+ dpkg-divert --add --rename --divert "/usr/share/postgresql/postgresql.conf.sample.dpkg" "/usr/share/postgresql/$PG_MAJOR/postgresql.conf.sample"; \
+ cp -v /usr/share/postgresql/postgresql.conf.sample.dpkg /usr/share/postgresql/postgresql.conf.sample; \
+ ln -sv ../postgresql.conf.sample "/usr/share/postgresql/$PG_MAJOR/"; \
+ sed -ri "s!^#?(listen_addresses)\s*=\s*\S+.*!\1 = '*'!" /usr/share/postgresql/postgresql.conf.sample; \
+ grep -F "listen_addresses = '*'" /usr/share/postgresql/postgresql.conf.sample
+
+RUN mkdir -p /var/run/postgresql && chown -R postgres:postgres /var/run/postgresql && chmod 2777 /var/run/postgresql
+
+ENV PGDATA /var/lib/postgresql/data
+# this 777 will be replaced by 700 at runtime (allows semi-arbitrary "--user" values)
+RUN mkdir -p "$PGDATA" && chown -R postgres:postgres "$PGDATA" && chmod 777 "$PGDATA"
+VOLUME /var/lib/postgresql/data
+
+COPY docker-entrypoint.sh /usr/local/bin/
+ENTRYPOINT ["docker-entrypoint.sh"]
+
+# We set the default STOPSIGNAL to SIGINT, which corresponds to what PostgreSQL
+# calls "Fast Shutdown mode" wherein new connections are disallowed and any
+# in-progress transactions are aborted, allowing PostgreSQL to stop cleanly and
+# flush tables to disk, which is the best compromise available to avoid data
+# corruption.
+#
+# Users who know their applications do not keep open long-lived idle connections
+# may way to use a value of SIGTERM instead, which corresponds to "Smart
+# Shutdown mode" in which any existing sessions are allowed to finish and the
+# server stops when all sessions are terminated.
+#
+# See https://www.postgresql.org/docs/12/server-shutdown.html for more details
+# about available PostgreSQL server shutdown signals.
+#
+# See also https://www.postgresql.org/docs/12/server-start.html for further
+# justification of this as the default value, namely that the example (and
+# shipped) systemd service files use the "Fast Shutdown mode" for service
+# termination.
+#
+STOPSIGNAL SIGINT
+#
+# An additional setting that is recommended for all users regardless of this
+# value is the runtime "--stop-timeout" (or your orchestrator/runtime's
+# equivalent) for controlling how long to wait between sending the defined
+# STOPSIGNAL and sending SIGKILL (which is likely to cause data corruption).
+#
+# The default in most runtimes (such as Docker) is 10 seconds, and the
+# documentation at https://www.postgresql.org/docs/12/server-start.html notes
+# that even 90 seconds may not be long enough in many instances.
+
+EXPOSE 5432
+CMD ["postgres"]
diff --git a/16/bullseye/docker-entrypoint.sh b/16/bullseye/docker-entrypoint.sh
new file mode 100755
index 0000000000..0ae0ecf8c2
--- /dev/null
+++ b/16/bullseye/docker-entrypoint.sh
@@ -0,0 +1,351 @@
+#!/usr/bin/env bash
+set -Eeo pipefail
+# TODO swap to -Eeuo pipefail above (after handling all potentially-unset variables)
+
+# usage: file_env VAR [DEFAULT]
+# ie: file_env 'XYZ_DB_PASSWORD' 'example'
+# (will allow for "$XYZ_DB_PASSWORD_FILE" to fill in the value of
+# "$XYZ_DB_PASSWORD" from a file, especially for Docker's secrets feature)
+file_env() {
+ local var="$1"
+ local fileVar="${var}_FILE"
+ local def="${2:-}"
+ if [ "${!var:-}" ] && [ "${!fileVar:-}" ]; then
+ printf >&2 'error: both %s and %s are set (but are exclusive)\n' "$var" "$fileVar"
+ exit 1
+ fi
+ local val="$def"
+ if [ "${!var:-}" ]; then
+ val="${!var}"
+ elif [ "${!fileVar:-}" ]; then
+ val="$(< "${!fileVar}")"
+ fi
+ export "$var"="$val"
+ unset "$fileVar"
+}
+
+# check to see if this file is being run or sourced from another script
+_is_sourced() {
+ # https://unix.stackexchange.com/a/215279
+ [ "${#FUNCNAME[@]}" -ge 2 ] \
+ && [ "${FUNCNAME[0]}" = '_is_sourced' ] \
+ && [ "${FUNCNAME[1]}" = 'source' ]
+}
+
+# used to create initial postgres directories and if run as root, ensure ownership to the "postgres" user
+docker_create_db_directories() {
+ local user; user="$(id -u)"
+
+ mkdir -p "$PGDATA"
+ # ignore failure since there are cases where we can't chmod (and PostgreSQL might fail later anyhow - it's picky about permissions of this directory)
+ chmod 00700 "$PGDATA" || :
+
+ # ignore failure since it will be fine when using the image provided directory; see also https://github.com/docker-library/postgres/pull/289
+ mkdir -p /var/run/postgresql || :
+ chmod 03775 /var/run/postgresql || :
+
+ # Create the transaction log directory before initdb is run so the directory is owned by the correct user
+ if [ -n "${POSTGRES_INITDB_WALDIR:-}" ]; then
+ mkdir -p "$POSTGRES_INITDB_WALDIR"
+ if [ "$user" = '0' ]; then
+ find "$POSTGRES_INITDB_WALDIR" \! -user postgres -exec chown postgres '{}' +
+ fi
+ chmod 700 "$POSTGRES_INITDB_WALDIR"
+ fi
+
+ # allow the container to be started with `--user`
+ if [ "$user" = '0' ]; then
+ find "$PGDATA" \! -user postgres -exec chown postgres '{}' +
+ find /var/run/postgresql \! -user postgres -exec chown postgres '{}' +
+ fi
+}
+
+# initialize empty PGDATA directory with new database via 'initdb'
+# arguments to `initdb` can be passed via POSTGRES_INITDB_ARGS or as arguments to this function
+# `initdb` automatically creates the "postgres", "template0", and "template1" dbnames
+# this is also where the database user is created, specified by `POSTGRES_USER` env
+docker_init_database_dir() {
+ # "initdb" is particular about the current user existing in "/etc/passwd", so we use "nss_wrapper" to fake that if necessary
+ # see https://github.com/docker-library/postgres/pull/253, https://github.com/docker-library/postgres/issues/359, https://cwrap.org/nss_wrapper.html
+ local uid; uid="$(id -u)"
+ if ! getent passwd "$uid" &> /dev/null; then
+ # see if we can find a suitable "libnss_wrapper.so" (https://salsa.debian.org/sssd-team/nss-wrapper/-/commit/b9925a653a54e24d09d9b498a2d913729f7abb15)
+ local wrapper
+ for wrapper in {/usr,}/lib{/*,}/libnss_wrapper.so; do
+ if [ -s "$wrapper" ]; then
+ NSS_WRAPPER_PASSWD="$(mktemp)"
+ NSS_WRAPPER_GROUP="$(mktemp)"
+ export LD_PRELOAD="$wrapper" NSS_WRAPPER_PASSWD NSS_WRAPPER_GROUP
+ local gid; gid="$(id -g)"
+ printf 'postgres:x:%s:%s:PostgreSQL:%s:/bin/false\n' "$uid" "$gid" "$PGDATA" > "$NSS_WRAPPER_PASSWD"
+ printf 'postgres:x:%s:\n' "$gid" > "$NSS_WRAPPER_GROUP"
+ break
+ fi
+ done
+ fi
+
+ if [ -n "${POSTGRES_INITDB_WALDIR:-}" ]; then
+ set -- --waldir "$POSTGRES_INITDB_WALDIR" "$@"
+ fi
+
+ # --pwfile refuses to handle a properly-empty file (hence the "\n"): https://github.com/docker-library/postgres/issues/1025
+ eval 'initdb --username="$POSTGRES_USER" --pwfile=<(printf "%s\n" "$POSTGRES_PASSWORD") '"$POSTGRES_INITDB_ARGS"' "$@"'
+
+ # unset/cleanup "nss_wrapper" bits
+ if [[ "${LD_PRELOAD:-}" == */libnss_wrapper.so ]]; then
+ rm -f "$NSS_WRAPPER_PASSWD" "$NSS_WRAPPER_GROUP"
+ unset LD_PRELOAD NSS_WRAPPER_PASSWD NSS_WRAPPER_GROUP
+ fi
+}
+
+# print large warning if POSTGRES_PASSWORD is long
+# error if both POSTGRES_PASSWORD is empty and POSTGRES_HOST_AUTH_METHOD is not 'trust'
+# print large warning if POSTGRES_HOST_AUTH_METHOD is set to 'trust'
+# assumes database is not set up, ie: [ -z "$DATABASE_ALREADY_EXISTS" ]
+docker_verify_minimum_env() {
+ # check password first so we can output the warning before postgres
+ # messes it up
+ if [ "${#POSTGRES_PASSWORD}" -ge 100 ]; then
+ cat >&2 <<-'EOWARN'
+
+ WARNING: The supplied POSTGRES_PASSWORD is 100+ characters.
+
+ This will not work if used via PGPASSWORD with "psql".
+
+ https://www.postgresql.org/message-id/flat/E1Rqxp2-0004Qt-PL%40wrigleys.postgresql.org (BUG #6412)
+ https://github.com/docker-library/postgres/issues/507
+
+ EOWARN
+ fi
+ if [ -z "$POSTGRES_PASSWORD" ] && [ 'trust' != "$POSTGRES_HOST_AUTH_METHOD" ]; then
+ # The - option suppresses leading tabs but *not* spaces. :)
+ cat >&2 <<-'EOE'
+ Error: Database is uninitialized and superuser password is not specified.
+ You must specify POSTGRES_PASSWORD to a non-empty value for the
+ superuser. For example, "-e POSTGRES_PASSWORD=password" on "docker run".
+
+ You may also use "POSTGRES_HOST_AUTH_METHOD=trust" to allow all
+ connections without a password. This is *not* recommended.
+
+ See PostgreSQL documentation about "trust":
+ https://www.postgresql.org/docs/current/auth-trust.html
+ EOE
+ exit 1
+ fi
+ if [ 'trust' = "$POSTGRES_HOST_AUTH_METHOD" ]; then
+ cat >&2 <<-'EOWARN'
+ ********************************************************************************
+ WARNING: POSTGRES_HOST_AUTH_METHOD has been set to "trust". This will allow
+ anyone with access to the Postgres port to access your database without
+ a password, even if POSTGRES_PASSWORD is set. See PostgreSQL
+ documentation about "trust":
+ https://www.postgresql.org/docs/current/auth-trust.html
+ In Docker's default configuration, this is effectively any other
+ container on the same system.
+
+ It is not recommended to use POSTGRES_HOST_AUTH_METHOD=trust. Replace
+ it with "-e POSTGRES_PASSWORD=password" instead to set a password in
+ "docker run".
+ ********************************************************************************
+ EOWARN
+ fi
+}
+
+# usage: docker_process_init_files [file [file [...]]]
+# ie: docker_process_init_files /always-initdb.d/*
+# process initializer files, based on file extensions and permissions
+docker_process_init_files() {
+ # psql here for backwards compatibility "${psql[@]}"
+ psql=( docker_process_sql )
+
+ printf '\n'
+ local f
+ for f; do
+ case "$f" in
+ *.sh)
+ # https://github.com/docker-library/postgres/issues/450#issuecomment-393167936
+ # https://github.com/docker-library/postgres/pull/452
+ if [ -x "$f" ]; then
+ printf '%s: running %s\n' "$0" "$f"
+ "$f"
+ else
+ printf '%s: sourcing %s\n' "$0" "$f"
+ . "$f"
+ fi
+ ;;
+ *.sql) printf '%s: running %s\n' "$0" "$f"; docker_process_sql -f "$f"; printf '\n' ;;
+ *.sql.gz) printf '%s: running %s\n' "$0" "$f"; gunzip -c "$f" | docker_process_sql; printf '\n' ;;
+ *.sql.xz) printf '%s: running %s\n' "$0" "$f"; xzcat "$f" | docker_process_sql; printf '\n' ;;
+ *.sql.zst) printf '%s: running %s\n' "$0" "$f"; zstd -dc "$f" | docker_process_sql; printf '\n' ;;
+ *) printf '%s: ignoring %s\n' "$0" "$f" ;;
+ esac
+ printf '\n'
+ done
+}
+
+# Execute sql script, passed via stdin (or -f flag of pqsl)
+# usage: docker_process_sql [psql-cli-args]
+# ie: docker_process_sql --dbname=mydb <<<'INSERT ...'
+# ie: docker_process_sql -f my-file.sql
+# ie: docker_process_sql <my-file.sql
+docker_process_sql() {
+ local query_runner=( psql -v ON_ERROR_STOP=1 --username "$POSTGRES_USER" --no-password --no-psqlrc )
+ if [ -n "$POSTGRES_DB" ]; then
+ query_runner+=( --dbname "$POSTGRES_DB" )
+ fi
+
+ PGHOST= PGHOSTADDR= "${query_runner[@]}" "$@"
+}
+
+# create initial database
+# uses environment variables for input: POSTGRES_DB
+docker_setup_db() {
+ local dbAlreadyExists
+ dbAlreadyExists="$(
+ POSTGRES_DB= docker_process_sql --dbname postgres --set db="$POSTGRES_DB" --tuples-only <<-'EOSQL'
+ SELECT 1 FROM pg_database WHERE datname = :'db' ;
+ EOSQL
+ )"
+ if [ -z "$dbAlreadyExists" ]; then
+ POSTGRES_DB= docker_process_sql --dbname postgres --set db="$POSTGRES_DB" <<-'EOSQL'
+ CREATE DATABASE :"db" ;
+ EOSQL
+ printf '\n'
+ fi
+}
+
+# Loads various settings that are used elsewhere in the script
+# This should be called before any other functions
+docker_setup_env() {
+ file_env 'POSTGRES_PASSWORD'
+
+ file_env 'POSTGRES_USER' 'postgres'
+ file_env 'POSTGRES_DB' "$POSTGRES_USER"
+ file_env 'POSTGRES_INITDB_ARGS'
+ : "${POSTGRES_HOST_AUTH_METHOD:=}"
+
+ declare -g DATABASE_ALREADY_EXISTS
+ # look specifically for PG_VERSION, as it is expected in the DB dir
+ if [ -s "$PGDATA/PG_VERSION" ]; then
+ DATABASE_ALREADY_EXISTS='true'
+ fi
+}
+
+# append POSTGRES_HOST_AUTH_METHOD to pg_hba.conf for "host" connections
+# all arguments will be passed along as arguments to `postgres` for getting the value of 'password_encryption'
+pg_setup_hba_conf() {
+ # default authentication method is md5 on versions before 14
+ # https://www.postgresql.org/about/news/postgresql-14-released-2318/
+ if [ "$1" = 'postgres' ]; then
+ shift
+ fi
+ local auth
+ # check the default/configured encryption and use that as the auth method
+ auth="$(postgres -C password_encryption "$@")"
+ : "${POSTGRES_HOST_AUTH_METHOD:=$auth}"
+ {
+ printf '\n'
+ if [ 'trust' = "$POSTGRES_HOST_AUTH_METHOD" ]; then
+ printf '# warning trust is enabled for all connections\n'
+ printf '# see https://www.postgresql.org/docs/12/auth-trust.html\n'
+ fi
+ printf 'host all all all %s\n' "$POSTGRES_HOST_AUTH_METHOD"
+ } >> "$PGDATA/pg_hba.conf"
+}
+
+# start socket-only postgresql server for setting up or running scripts
+# all arguments will be passed along as arguments to `postgres` (via pg_ctl)
+docker_temp_server_start() {
+ if [ "$1" = 'postgres' ]; then
+ shift
+ fi
+
+ # internal start of server in order to allow setup using psql client
+ # does not listen on external TCP/IP and waits until start finishes
+ set -- "$@" -c listen_addresses='' -p "${PGPORT:-5432}"
+
+ PGUSER="${PGUSER:-$POSTGRES_USER}" \
+ pg_ctl -D "$PGDATA" \
+ -o "$(printf '%q ' "$@")" \
+ -w start
+}
+
+# stop postgresql server after done setting up user and running scripts
+docker_temp_server_stop() {
+ PGUSER="${PGUSER:-postgres}" \
+ pg_ctl -D "$PGDATA" -m fast -w stop
+}
+
+# check arguments for an option that would cause postgres to stop
+# return true if there is one
+_pg_want_help() {
+ local arg
+ for arg; do
+ case "$arg" in
+ # postgres --help | grep 'then exit'
+ # leaving out -C on purpose since it always fails and is unhelpful:
+ # postgres: could not access the server configuration file "/var/lib/postgresql/data/postgresql.conf": No such file or directory
+ -'?'|--help|--describe-config|-V|--version)
+ return 0
+ ;;
+ esac
+ done
+ return 1
+}
+
+_main() {
+ # if first arg looks like a flag, assume we want to run postgres server
+ if [ "${1:0:1}" = '-' ]; then
+ set -- postgres "$@"
+ fi
+
+ if [ "$1" = 'postgres' ] && ! _pg_want_help "$@"; then
+ docker_setup_env
+ # setup data directories and permissions (when run as root)
+ docker_create_db_directories
+ if [ "$(id -u)" = '0' ]; then
+ # then restart script as postgres user
+ exec gosu postgres "$BASH_SOURCE" "$@"
+ fi
+
+ # only run initialization on an empty data directory
+ if [ -z "$DATABASE_ALREADY_EXISTS" ]; then
+ docker_verify_minimum_env
+
+ # check dir permissions to reduce likelihood of half-initialized database
+ ls /docker-entrypoint-initdb.d/ > /dev/null
+
+ docker_init_database_dir
+ pg_setup_hba_conf "$@"
+
+ # PGPASSWORD is required for psql when authentication is required for 'local' connections via pg_hba.conf and is otherwise harmless
+ # e.g. when '--auth=md5' or '--auth-local=md5' is used in POSTGRES_INITDB_ARGS
+ export PGPASSWORD="${PGPASSWORD:-$POSTGRES_PASSWORD}"
+ docker_temp_server_start "$@"
+
+ docker_setup_db
+ docker_process_init_files /docker-entrypoint-initdb.d/*
+
+ docker_temp_server_stop
+ unset PGPASSWORD
+
+ cat <<-'EOM'
+
+ PostgreSQL init process complete; ready for start up.
+
+ EOM
+ else
+ cat <<-'EOM'
+
+ PostgreSQL Database directory appears to contain a database; Skipping initialization
+
+ EOM
+ fi
+ fi
+
+ exec "$@"
+}
+
+if ! _is_sourced; then
+ _main "$@"
+fi
diff --git a/Dockerfile-alpine.template b/Dockerfile-alpine.template
index aacb2b1d07..c581fe0ecf 100644
--- a/Dockerfile-alpine.template
+++ b/Dockerfile-alpine.template
@@ -104,7 +104,11 @@ RUN set -eux; \
# --enable-debug \
--disable-rpath \
--with-uuid=e2fs \
+{{ # in 16: "configure: error: unrecognized options: --with-gnu-ld" -}}
+{{ # https://github.com/postgres/postgres/commit/9db49fc5bfdc0126be03f4b8986013e59d93b91d -}}
+{{ if .major <= 15 then ( -}}
--with-gnu-ld \
+{{ ) else "" end -}}
--with-pgport=5432 \
--with-system-tzdata=/usr/share/zoneinfo \
--prefix=/usr/local \
diff --git a/versions.json b/versions.json
index ae4a3cdb4e..ec1cc70c88 100644
--- a/versions.json
+++ b/versions.json
@@ -103,5 +103,26 @@
"alpine3.17"
],
"version": "15.3"
+ },
+ "16": {
+ "alpine": "3.18",
+ "bullseye": {
+ "arches": [
+ "amd64",
+ "arm64",
+ "ppc64el",
+ "s390x"
+ ],
+ "version": "16~beta1-2.pgdg110+1"
+ },
+ "debian": "bullseye",
+ "major": 16,
+ "sha256": "59e248d434aa515fa2d31c0d161c4148f30d511dcde91f6e888684823b6849a8",
+ "variants": [
+ "bullseye",
+ "alpine3.18",
+ "alpine3.17"
+ ],
+ "version": "16beta1"
}
}
From 3fda89cc5c2e588f46ae4f1ac117114c8e6814f1 Mon Sep 17 00:00:00 2001
From: Joseph Ferguson <yosifkit@gmail.com>
Date: Tue, 13 Jun 2023 14:17:18 -0700
Subject: [PATCH 015/115] Add Debian bookworm variant
---
11/bookworm/Dockerfile | 219 +++++++++++++++++++
11/bookworm/docker-entrypoint.sh | 351 +++++++++++++++++++++++++++++++
12/bookworm/Dockerfile | 219 +++++++++++++++++++
12/bookworm/docker-entrypoint.sh | 351 +++++++++++++++++++++++++++++++
13/bookworm/Dockerfile | 221 +++++++++++++++++++
13/bookworm/docker-entrypoint.sh | 351 +++++++++++++++++++++++++++++++
14/bookworm/Dockerfile | 219 +++++++++++++++++++
14/bookworm/docker-entrypoint.sh | 351 +++++++++++++++++++++++++++++++
15/bookworm/Dockerfile | 219 +++++++++++++++++++
15/bookworm/docker-entrypoint.sh | 351 +++++++++++++++++++++++++++++++
16/bookworm/Dockerfile | 219 +++++++++++++++++++
16/bookworm/docker-entrypoint.sh | 351 +++++++++++++++++++++++++++++++
versions.json | 70 +++++-
versions.sh | 1 +
14 files changed, 3488 insertions(+), 5 deletions(-)
create mode 100644 11/bookworm/Dockerfile
create mode 100755 11/bookworm/docker-entrypoint.sh
create mode 100644 12/bookworm/Dockerfile
create mode 100755 12/bookworm/docker-entrypoint.sh
create mode 100644 13/bookworm/Dockerfile
create mode 100755 13/bookworm/docker-entrypoint.sh
create mode 100644 14/bookworm/Dockerfile
create mode 100755 14/bookworm/docker-entrypoint.sh
create mode 100644 15/bookworm/Dockerfile
create mode 100755 15/bookworm/docker-entrypoint.sh
create mode 100644 16/bookworm/Dockerfile
create mode 100755 16/bookworm/docker-entrypoint.sh
diff --git a/11/bookworm/Dockerfile b/11/bookworm/Dockerfile
new file mode 100644
index 0000000000..b0d931b2ee
--- /dev/null
+++ b/11/bookworm/Dockerfile
@@ -0,0 +1,219 @@
+#
+# NOTE: THIS DOCKERFILE IS GENERATED VIA "apply-templates.sh"
+#
+# PLEASE DO NOT EDIT IT DIRECTLY.
+#
+
+FROM debian:bookworm-slim
+
+# explicitly set user/group IDs
+RUN set -eux; \
+ groupadd -r postgres --gid=999; \
+# https://salsa.debian.org/postgresql/postgresql-common/blob/997d842ee744687d99a2b2d95c1083a2615c79e8/debian/postgresql-common.postinst#L32-35
+ useradd -r -g postgres --uid=999 --home-dir=/var/lib/postgresql --shell=/bin/bash postgres; \
+# also create the postgres user's home directory with appropriate permissions
+# see https://github.com/docker-library/postgres/issues/274
+ mkdir -p /var/lib/postgresql; \
+ chown -R postgres:postgres /var/lib/postgresql
+
+RUN set -ex; \
+ apt-get update; \
+ apt-get install -y --no-install-recommends \
+ gnupg \
+ ; \
+ rm -rf /var/lib/apt/lists/*
+
+# grab gosu for easy step-down from root
+# https://github.com/tianon/gosu/releases
+ENV GOSU_VERSION 1.16
+RUN set -eux; \
+ savedAptMark="$(apt-mark showmanual)"; \
+ apt-get update; \
+ apt-get install -y --no-install-recommends ca-certificates wget; \
+ rm -rf /var/lib/apt/lists/*; \
+ dpkgArch="$(dpkg --print-architecture | awk -F- '{ print $NF }')"; \
+ wget -O /usr/local/bin/gosu "https://github.com/tianon/gosu/releases/download/$GOSU_VERSION/gosu-$dpkgArch"; \
+ wget -O /usr/local/bin/gosu.asc "https://github.com/tianon/gosu/releases/download/$GOSU_VERSION/gosu-$dpkgArch.asc"; \
+ export GNUPGHOME="$(mktemp -d)"; \
+ gpg --batch --keyserver hkps://keys.openpgp.org --recv-keys B42F6819007F00F88E364FD4036A9C25BF357DD4; \
+ gpg --batch --verify /usr/local/bin/gosu.asc /usr/local/bin/gosu; \
+ gpgconf --kill all; \
+ rm -rf "$GNUPGHOME" /usr/local/bin/gosu.asc; \
+ apt-mark auto '.*' > /dev/null; \
+ [ -z "$savedAptMark" ] || apt-mark manual $savedAptMark > /dev/null; \
+ apt-get purge -y --auto-remove -o APT::AutoRemove::RecommendsImportant=false; \
+ chmod +x /usr/local/bin/gosu; \
+ gosu --version; \
+ gosu nobody true
+
+# make the "en_US.UTF-8" locale so postgres will be utf-8 enabled by default
+RUN set -eux; \
+ if [ -f /etc/dpkg/dpkg.cfg.d/docker ]; then \
+# if this file exists, we're likely in "debian:xxx-slim", and locales are thus being excluded so we need to remove that exclusion (since we need locales)
+ grep -q '/usr/share/locale' /etc/dpkg/dpkg.cfg.d/docker; \
+ sed -ri '/\/usr\/share\/locale/d' /etc/dpkg/dpkg.cfg.d/docker; \
+ ! grep -q '/usr/share/locale' /etc/dpkg/dpkg.cfg.d/docker; \
+ fi; \
+ apt-get update; apt-get install -y --no-install-recommends locales; rm -rf /var/lib/apt/lists/*; \
+ localedef -i en_US -c -f UTF-8 -A /usr/share/locale/locale.alias en_US.UTF-8
+ENV LANG en_US.utf8
+
+RUN set -eux; \
+ apt-get update; \
+ apt-get install -y --no-install-recommends \
+ libnss-wrapper \
+ xz-utils \
+ zstd \
+ ; \
+ rm -rf /var/lib/apt/lists/*
+
+RUN mkdir /docker-entrypoint-initdb.d
+
+RUN set -ex; \
+# pub 4096R/ACCC4CF8 2011-10-13 [expires: 2019-07-02]
+# Key fingerprint = B97B 0AFC AA1A 47F0 44F2 44A0 7FCC 7D46 ACCC 4CF8
+# uid PostgreSQL Debian Repository
+ key='B97B0AFCAA1A47F044F244A07FCC7D46ACCC4CF8'; \
+ export GNUPGHOME="$(mktemp -d)"; \
+ mkdir -p /usr/local/share/keyrings/; \
+ gpg --batch --keyserver keyserver.ubuntu.com --recv-keys "$key"; \
+ gpg --batch --export --armor "$key" > /usr/local/share/keyrings/postgres.gpg.asc; \
+ gpgconf --kill all; \
+ rm -rf "$GNUPGHOME"
+
+ENV PG_MAJOR 11
+ENV PATH $PATH:/usr/lib/postgresql/$PG_MAJOR/bin
+
+ENV PG_VERSION 11.20-1.pgdg120+1
+
+RUN set -ex; \
+ \
+# see note below about "*.pyc" files
+ export PYTHONDONTWRITEBYTECODE=1; \
+ \
+ dpkgArch="$(dpkg --print-architecture)"; \
+ aptRepo="[ signed-by=/usr/local/share/keyrings/postgres.gpg.asc ] http://apt.postgresql.org/pub/repos/apt/ bookworm-pgdg main $PG_MAJOR"; \
+ case "$dpkgArch" in \
+ amd64 | arm64 | ppc64el | s390x) \
+# arches officialy built by upstream
+ echo "deb $aptRepo" > /etc/apt/sources.list.d/pgdg.list; \
+ apt-get update; \
+ ;; \
+ *) \
+# we're on an architecture upstream doesn't officially build for
+# let's build binaries from their published source packages
+ echo "deb-src $aptRepo" > /etc/apt/sources.list.d/pgdg.list; \
+ \
+ savedAptMark="$(apt-mark showmanual)"; \
+ \
+ tempDir="$(mktemp -d)"; \
+ cd "$tempDir"; \
+ \
+# create a temporary local APT repo to install from (so that dependency resolution can be handled by APT, as it should be)
+ apt-get update; \
+ apt-get install -y --no-install-recommends dpkg-dev; \
+ echo "deb [ trusted=yes ] file://$tempDir ./" > /etc/apt/sources.list.d/temp.list; \
+ _update_repo() { \
+ dpkg-scanpackages . > Packages; \
+# work around the following APT issue by using "Acquire::GzipIndexes=false" (overriding "/etc/apt/apt.conf.d/docker-gzip-indexes")
+# Could not open file /var/lib/apt/lists/partial/_tmp_tmp.ODWljpQfkE_._Packages - open (13: Permission denied)
+# ...
+# E: Failed to fetch store:/var/lib/apt/lists/partial/_tmp_tmp.ODWljpQfkE_._Packages Could not open file /var/lib/apt/lists/partial/_tmp_tmp.ODWljpQfkE_._Packages - open (13: Permission denied)
+ apt-get -o Acquire::GzipIndexes=false update; \
+ }; \
+ _update_repo; \
+ \
+# build .deb files from upstream's source packages (which are verified by apt-get)
+ nproc="$(nproc)"; \
+ export DEB_BUILD_OPTIONS="nocheck parallel=$nproc"; \
+# we have to build postgresql-common first because postgresql-$PG_MAJOR shares "debian/rules" logic with it: https://salsa.debian.org/postgresql/postgresql/-/commit/99f44476e258cae6bf9e919219fa2c5414fa2876
+# (and it "Depends: pgdg-keyring")
+ apt-get build-dep -y postgresql-common pgdg-keyring; \
+ apt-get source --compile postgresql-common pgdg-keyring; \
+ _update_repo; \
+ apt-get build-dep -y "postgresql-$PG_MAJOR=$PG_VERSION"; \
+ apt-get source --compile "postgresql-$PG_MAJOR=$PG_VERSION"; \
+ \
+# we don't remove APT lists here because they get re-downloaded and removed later
+ \
+# reset apt-mark's "manual" list so that "purge --auto-remove" will remove all build dependencies
+# (which is done after we install the built packages so we don't have to redownload any overlapping dependencies)
+ apt-mark showmanual | xargs apt-mark auto > /dev/null; \
+ apt-mark manual $savedAptMark; \
+ \
+ ls -lAFh; \
+ _update_repo; \
+ grep '^Package: ' Packages; \
+ cd /; \
+ ;; \
+ esac; \
+ \
+ apt-get install -y --no-install-recommends postgresql-common; \
+ sed -ri 's/#(create_main_cluster) .*$/\1 = false/' /etc/postgresql-common/createcluster.conf; \
+ apt-get install -y --no-install-recommends \
+ "postgresql-$PG_MAJOR=$PG_VERSION" \
+ ; \
+ \
+ rm -rf /var/lib/apt/lists/*; \
+ \
+ if [ -n "$tempDir" ]; then \
+# if we have leftovers from building, let's purge them (including extra, unnecessary build deps)
+ apt-get purge -y --auto-remove; \
+ rm -rf "$tempDir" /etc/apt/sources.list.d/temp.list; \
+ fi; \
+ \
+# some of the steps above generate a lot of "*.pyc" files (and setting "PYTHONDONTWRITEBYTECODE" beforehand doesn't propagate properly for some reason), so we clean them up manually (as long as they aren't owned by a package)
+ find /usr -name '*.pyc' -type f -exec bash -c 'for pyc; do dpkg -S "$pyc" &> /dev/null || rm -vf "$pyc"; done' -- '{}' +; \
+ \
+ postgres --version
+
+# make the sample config easier to munge (and "correct by default")
+RUN set -eux; \
+ dpkg-divert --add --rename --divert "/usr/share/postgresql/postgresql.conf.sample.dpkg" "/usr/share/postgresql/$PG_MAJOR/postgresql.conf.sample"; \
+ cp -v /usr/share/postgresql/postgresql.conf.sample.dpkg /usr/share/postgresql/postgresql.conf.sample; \
+ ln -sv ../postgresql.conf.sample "/usr/share/postgresql/$PG_MAJOR/"; \
+ sed -ri "s!^#?(listen_addresses)\s*=\s*\S+.*!\1 = '*'!" /usr/share/postgresql/postgresql.conf.sample; \
+ grep -F "listen_addresses = '*'" /usr/share/postgresql/postgresql.conf.sample
+
+RUN mkdir -p /var/run/postgresql && chown -R postgres:postgres /var/run/postgresql && chmod 2777 /var/run/postgresql
+
+ENV PGDATA /var/lib/postgresql/data
+# this 777 will be replaced by 700 at runtime (allows semi-arbitrary "--user" values)
+RUN mkdir -p "$PGDATA" && chown -R postgres:postgres "$PGDATA" && chmod 777 "$PGDATA"
+VOLUME /var/lib/postgresql/data
+
+COPY docker-entrypoint.sh /usr/local/bin/
+ENTRYPOINT ["docker-entrypoint.sh"]
+
+# We set the default STOPSIGNAL to SIGINT, which corresponds to what PostgreSQL
+# calls "Fast Shutdown mode" wherein new connections are disallowed and any
+# in-progress transactions are aborted, allowing PostgreSQL to stop cleanly and
+# flush tables to disk, which is the best compromise available to avoid data
+# corruption.
+#
+# Users who know their applications do not keep open long-lived idle connections
+# may way to use a value of SIGTERM instead, which corresponds to "Smart
+# Shutdown mode" in which any existing sessions are allowed to finish and the
+# server stops when all sessions are terminated.
+#
+# See https://www.postgresql.org/docs/12/server-shutdown.html for more details
+# about available PostgreSQL server shutdown signals.
+#
+# See also https://www.postgresql.org/docs/12/server-start.html for further
+# justification of this as the default value, namely that the example (and
+# shipped) systemd service files use the "Fast Shutdown mode" for service
+# termination.
+#
+STOPSIGNAL SIGINT
+#
+# An additional setting that is recommended for all users regardless of this
+# value is the runtime "--stop-timeout" (or your orchestrator/runtime's
+# equivalent) for controlling how long to wait between sending the defined
+# STOPSIGNAL and sending SIGKILL (which is likely to cause data corruption).
+#
+# The default in most runtimes (such as Docker) is 10 seconds, and the
+# documentation at https://www.postgresql.org/docs/12/server-start.html notes
+# that even 90 seconds may not be long enough in many instances.
+
+EXPOSE 5432
+CMD ["postgres"]
diff --git a/11/bookworm/docker-entrypoint.sh b/11/bookworm/docker-entrypoint.sh
new file mode 100755
index 0000000000..0ae0ecf8c2
--- /dev/null
+++ b/11/bookworm/docker-entrypoint.sh
@@ -0,0 +1,351 @@
+#!/usr/bin/env bash
+set -Eeo pipefail
+# TODO swap to -Eeuo pipefail above (after handling all potentially-unset variables)
+
+# usage: file_env VAR [DEFAULT]
+# ie: file_env 'XYZ_DB_PASSWORD' 'example'
+# (will allow for "$XYZ_DB_PASSWORD_FILE" to fill in the value of
+# "$XYZ_DB_PASSWORD" from a file, especially for Docker's secrets feature)
+file_env() {
+ local var="$1"
+ local fileVar="${var}_FILE"
+ local def="${2:-}"
+ if [ "${!var:-}" ] && [ "${!fileVar:-}" ]; then
+ printf >&2 'error: both %s and %s are set (but are exclusive)\n' "$var" "$fileVar"
+ exit 1
+ fi
+ local val="$def"
+ if [ "${!var:-}" ]; then
+ val="${!var}"
+ elif [ "${!fileVar:-}" ]; then
+ val="$(< "${!fileVar}")"
+ fi
+ export "$var"="$val"
+ unset "$fileVar"
+}
+
+# check to see if this file is being run or sourced from another script
+_is_sourced() {
+ # https://unix.stackexchange.com/a/215279
+ [ "${#FUNCNAME[@]}" -ge 2 ] \
+ && [ "${FUNCNAME[0]}" = '_is_sourced' ] \
+ && [ "${FUNCNAME[1]}" = 'source' ]
+}
+
+# used to create initial postgres directories and if run as root, ensure ownership to the "postgres" user
+docker_create_db_directories() {
+ local user; user="$(id -u)"
+
+ mkdir -p "$PGDATA"
+ # ignore failure since there are cases where we can't chmod (and PostgreSQL might fail later anyhow - it's picky about permissions of this directory)
+ chmod 00700 "$PGDATA" || :
+
+ # ignore failure since it will be fine when using the image provided directory; see also https://github.com/docker-library/postgres/pull/289
+ mkdir -p /var/run/postgresql || :
+ chmod 03775 /var/run/postgresql || :
+
+ # Create the transaction log directory before initdb is run so the directory is owned by the correct user
+ if [ -n "${POSTGRES_INITDB_WALDIR:-}" ]; then
+ mkdir -p "$POSTGRES_INITDB_WALDIR"
+ if [ "$user" = '0' ]; then
+ find "$POSTGRES_INITDB_WALDIR" \! -user postgres -exec chown postgres '{}' +
+ fi
+ chmod 700 "$POSTGRES_INITDB_WALDIR"
+ fi
+
+ # allow the container to be started with `--user`
+ if [ "$user" = '0' ]; then
+ find "$PGDATA" \! -user postgres -exec chown postgres '{}' +
+ find /var/run/postgresql \! -user postgres -exec chown postgres '{}' +
+ fi
+}
+
+# initialize empty PGDATA directory with new database via 'initdb'
+# arguments to `initdb` can be passed via POSTGRES_INITDB_ARGS or as arguments to this function
+# `initdb` automatically creates the "postgres", "template0", and "template1" dbnames
+# this is also where the database user is created, specified by `POSTGRES_USER` env
+docker_init_database_dir() {
+ # "initdb" is particular about the current user existing in "/etc/passwd", so we use "nss_wrapper" to fake that if necessary
+ # see https://github.com/docker-library/postgres/pull/253, https://github.com/docker-library/postgres/issues/359, https://cwrap.org/nss_wrapper.html
+ local uid; uid="$(id -u)"
+ if ! getent passwd "$uid" &> /dev/null; then
+ # see if we can find a suitable "libnss_wrapper.so" (https://salsa.debian.org/sssd-team/nss-wrapper/-/commit/b9925a653a54e24d09d9b498a2d913729f7abb15)
+ local wrapper
+ for wrapper in {/usr,}/lib{/*,}/libnss_wrapper.so; do
+ if [ -s "$wrapper" ]; then
+ NSS_WRAPPER_PASSWD="$(mktemp)"
+ NSS_WRAPPER_GROUP="$(mktemp)"
+ export LD_PRELOAD="$wrapper" NSS_WRAPPER_PASSWD NSS_WRAPPER_GROUP
+ local gid; gid="$(id -g)"
+ printf 'postgres:x:%s:%s:PostgreSQL:%s:/bin/false\n' "$uid" "$gid" "$PGDATA" > "$NSS_WRAPPER_PASSWD"
+ printf 'postgres:x:%s:\n' "$gid" > "$NSS_WRAPPER_GROUP"
+ break
+ fi
+ done
+ fi
+
+ if [ -n "${POSTGRES_INITDB_WALDIR:-}" ]; then
+ set -- --waldir "$POSTGRES_INITDB_WALDIR" "$@"
+ fi
+
+ # --pwfile refuses to handle a properly-empty file (hence the "\n"): https://github.com/docker-library/postgres/issues/1025
+ eval 'initdb --username="$POSTGRES_USER" --pwfile=<(printf "%s\n" "$POSTGRES_PASSWORD") '"$POSTGRES_INITDB_ARGS"' "$@"'
+
+ # unset/cleanup "nss_wrapper" bits
+ if [[ "${LD_PRELOAD:-}" == */libnss_wrapper.so ]]; then
+ rm -f "$NSS_WRAPPER_PASSWD" "$NSS_WRAPPER_GROUP"
+ unset LD_PRELOAD NSS_WRAPPER_PASSWD NSS_WRAPPER_GROUP
+ fi
+}
+
+# print large warning if POSTGRES_PASSWORD is long
+# error if both POSTGRES_PASSWORD is empty and POSTGRES_HOST_AUTH_METHOD is not 'trust'
+# print large warning if POSTGRES_HOST_AUTH_METHOD is set to 'trust'
+# assumes database is not set up, ie: [ -z "$DATABASE_ALREADY_EXISTS" ]
+docker_verify_minimum_env() {
+ # check password first so we can output the warning before postgres
+ # messes it up
+ if [ "${#POSTGRES_PASSWORD}" -ge 100 ]; then
+ cat >&2 <<-'EOWARN'
+
+ WARNING: The supplied POSTGRES_PASSWORD is 100+ characters.
+
+ This will not work if used via PGPASSWORD with "psql".
+
+ https://www.postgresql.org/message-id/flat/E1Rqxp2-0004Qt-PL%40wrigleys.postgresql.org (BUG #6412)
+ https://github.com/docker-library/postgres/issues/507
+
+ EOWARN
+ fi
+ if [ -z "$POSTGRES_PASSWORD" ] && [ 'trust' != "$POSTGRES_HOST_AUTH_METHOD" ]; then
+ # The - option suppresses leading tabs but *not* spaces. :)
+ cat >&2 <<-'EOE'
+ Error: Database is uninitialized and superuser password is not specified.
+ You must specify POSTGRES_PASSWORD to a non-empty value for the
+ superuser. For example, "-e POSTGRES_PASSWORD=password" on "docker run".
+
+ You may also use "POSTGRES_HOST_AUTH_METHOD=trust" to allow all
+ connections without a password. This is *not* recommended.
+
+ See PostgreSQL documentation about "trust":
+ https://www.postgresql.org/docs/current/auth-trust.html
+ EOE
+ exit 1
+ fi
+ if [ 'trust' = "$POSTGRES_HOST_AUTH_METHOD" ]; then
+ cat >&2 <<-'EOWARN'
+ ********************************************************************************
+ WARNING: POSTGRES_HOST_AUTH_METHOD has been set to "trust". This will allow
+ anyone with access to the Postgres port to access your database without
+ a password, even if POSTGRES_PASSWORD is set. See PostgreSQL
+ documentation about "trust":
+ https://www.postgresql.org/docs/current/auth-trust.html
+ In Docker's default configuration, this is effectively any other
+ container on the same system.
+
+ It is not recommended to use POSTGRES_HOST_AUTH_METHOD=trust. Replace
+ it with "-e POSTGRES_PASSWORD=password" instead to set a password in
+ "docker run".
+ ********************************************************************************
+ EOWARN
+ fi
+}
+
+# usage: docker_process_init_files [file [file [...]]]
+# ie: docker_process_init_files /always-initdb.d/*
+# process initializer files, based on file extensions and permissions
+docker_process_init_files() {
+ # psql here for backwards compatibility "${psql[@]}"
+ psql=( docker_process_sql )
+
+ printf '\n'
+ local f
+ for f; do
+ case "$f" in
+ *.sh)
+ # https://github.com/docker-library/postgres/issues/450#issuecomment-393167936
+ # https://github.com/docker-library/postgres/pull/452
+ if [ -x "$f" ]; then
+ printf '%s: running %s\n' "$0" "$f"
+ "$f"
+ else
+ printf '%s: sourcing %s\n' "$0" "$f"
+ . "$f"
+ fi
+ ;;
+ *.sql) printf '%s: running %s\n' "$0" "$f"; docker_process_sql -f "$f"; printf '\n' ;;
+ *.sql.gz) printf '%s: running %s\n' "$0" "$f"; gunzip -c "$f" | docker_process_sql; printf '\n' ;;
+ *.sql.xz) printf '%s: running %s\n' "$0" "$f"; xzcat "$f" | docker_process_sql; printf '\n' ;;
+ *.sql.zst) printf '%s: running %s\n' "$0" "$f"; zstd -dc "$f" | docker_process_sql; printf '\n' ;;
+ *) printf '%s: ignoring %s\n' "$0" "$f" ;;
+ esac
+ printf '\n'
+ done
+}
+
+# Execute sql script, passed via stdin (or -f flag of pqsl)
+# usage: docker_process_sql [psql-cli-args]
+# ie: docker_process_sql --dbname=mydb <<<'INSERT ...'
+# ie: docker_process_sql -f my-file.sql
+# ie: docker_process_sql <my-file.sql
+docker_process_sql() {
+ local query_runner=( psql -v ON_ERROR_STOP=1 --username "$POSTGRES_USER" --no-password --no-psqlrc )
+ if [ -n "$POSTGRES_DB" ]; then
+ query_runner+=( --dbname "$POSTGRES_DB" )
+ fi
+
+ PGHOST= PGHOSTADDR= "${query_runner[@]}" "$@"
+}
+
+# create initial database
+# uses environment variables for input: POSTGRES_DB
+docker_setup_db() {
+ local dbAlreadyExists
+ dbAlreadyExists="$(
+ POSTGRES_DB= docker_process_sql --dbname postgres --set db="$POSTGRES_DB" --tuples-only <<-'EOSQL'
+ SELECT 1 FROM pg_database WHERE datname = :'db' ;
+ EOSQL
+ )"
+ if [ -z "$dbAlreadyExists" ]; then
+ POSTGRES_DB= docker_process_sql --dbname postgres --set db="$POSTGRES_DB" <<-'EOSQL'
+ CREATE DATABASE :"db" ;
+ EOSQL
+ printf '\n'
+ fi
+}
+
+# Loads various settings that are used elsewhere in the script
+# This should be called before any other functions
+docker_setup_env() {
+ file_env 'POSTGRES_PASSWORD'
+
+ file_env 'POSTGRES_USER' 'postgres'
+ file_env 'POSTGRES_DB' "$POSTGRES_USER"
+ file_env 'POSTGRES_INITDB_ARGS'
+ : "${POSTGRES_HOST_AUTH_METHOD:=}"
+
+ declare -g DATABASE_ALREADY_EXISTS
+ # look specifically for PG_VERSION, as it is expected in the DB dir
+ if [ -s "$PGDATA/PG_VERSION" ]; then
+ DATABASE_ALREADY_EXISTS='true'
+ fi
+}
+
+# append POSTGRES_HOST_AUTH_METHOD to pg_hba.conf for "host" connections
+# all arguments will be passed along as arguments to `postgres` for getting the value of 'password_encryption'
+pg_setup_hba_conf() {
+ # default authentication method is md5 on versions before 14
+ # https://www.postgresql.org/about/news/postgresql-14-released-2318/
+ if [ "$1" = 'postgres' ]; then
+ shift
+ fi
+ local auth
+ # check the default/configured encryption and use that as the auth method
+ auth="$(postgres -C password_encryption "$@")"
+ : "${POSTGRES_HOST_AUTH_METHOD:=$auth}"
+ {
+ printf '\n'
+ if [ 'trust' = "$POSTGRES_HOST_AUTH_METHOD" ]; then
+ printf '# warning trust is enabled for all connections\n'
+ printf '# see https://www.postgresql.org/docs/12/auth-trust.html\n'
+ fi
+ printf 'host all all all %s\n' "$POSTGRES_HOST_AUTH_METHOD"
+ } >> "$PGDATA/pg_hba.conf"
+}
+
+# start socket-only postgresql server for setting up or running scripts
+# all arguments will be passed along as arguments to `postgres` (via pg_ctl)
+docker_temp_server_start() {
+ if [ "$1" = 'postgres' ]; then
+ shift
+ fi
+
+ # internal start of server in order to allow setup using psql client
+ # does not listen on external TCP/IP and waits until start finishes
+ set -- "$@" -c listen_addresses='' -p "${PGPORT:-5432}"
+
+ PGUSER="${PGUSER:-$POSTGRES_USER}" \
+ pg_ctl -D "$PGDATA" \
+ -o "$(printf '%q ' "$@")" \
+ -w start
+}
+
+# stop postgresql server after done setting up user and running scripts
+docker_temp_server_stop() {
+ PGUSER="${PGUSER:-postgres}" \
+ pg_ctl -D "$PGDATA" -m fast -w stop
+}
+
+# check arguments for an option that would cause postgres to stop
+# return true if there is one
+_pg_want_help() {
+ local arg
+ for arg; do
+ case "$arg" in
+ # postgres --help | grep 'then exit'
+ # leaving out -C on purpose since it always fails and is unhelpful:
+ # postgres: could not access the server configuration file "/var/lib/postgresql/data/postgresql.conf": No such file or directory
+ -'?'|--help|--describe-config|-V|--version)
+ return 0
+ ;;
+ esac
+ done
+ return 1
+}
+
+_main() {
+ # if first arg looks like a flag, assume we want to run postgres server
+ if [ "${1:0:1}" = '-' ]; then
+ set -- postgres "$@"
+ fi
+
+ if [ "$1" = 'postgres' ] && ! _pg_want_help "$@"; then
+ docker_setup_env
+ # setup data directories and permissions (when run as root)
+ docker_create_db_directories
+ if [ "$(id -u)" = '0' ]; then
+ # then restart script as postgres user
+ exec gosu postgres "$BASH_SOURCE" "$@"
+ fi
+
+ # only run initialization on an empty data directory
+ if [ -z "$DATABASE_ALREADY_EXISTS" ]; then
+ docker_verify_minimum_env
+
+ # check dir permissions to reduce likelihood of half-initialized database
+ ls /docker-entrypoint-initdb.d/ > /dev/null
+
+ docker_init_database_dir
+ pg_setup_hba_conf "$@"
+
+ # PGPASSWORD is required for psql when authentication is required for 'local' connections via pg_hba.conf and is otherwise harmless
+ # e.g. when '--auth=md5' or '--auth-local=md5' is used in POSTGRES_INITDB_ARGS
+ export PGPASSWORD="${PGPASSWORD:-$POSTGRES_PASSWORD}"
+ docker_temp_server_start "$@"
+
+ docker_setup_db
+ docker_process_init_files /docker-entrypoint-initdb.d/*
+
+ docker_temp_server_stop
+ unset PGPASSWORD
+
+ cat <<-'EOM'
+
+ PostgreSQL init process complete; ready for start up.
+
+ EOM
+ else
+ cat <<-'EOM'
+
+ PostgreSQL Database directory appears to contain a database; Skipping initialization
+
+ EOM
+ fi
+ fi
+
+ exec "$@"
+}
+
+if ! _is_sourced; then
+ _main "$@"
+fi
diff --git a/12/bookworm/Dockerfile b/12/bookworm/Dockerfile
new file mode 100644
index 0000000000..32626a880b
--- /dev/null
+++ b/12/bookworm/Dockerfile
@@ -0,0 +1,219 @@
+#
+# NOTE: THIS DOCKERFILE IS GENERATED VIA "apply-templates.sh"
+#
+# PLEASE DO NOT EDIT IT DIRECTLY.
+#
+
+FROM debian:bookworm-slim
+
+# explicitly set user/group IDs
+RUN set -eux; \
+ groupadd -r postgres --gid=999; \
+# https://salsa.debian.org/postgresql/postgresql-common/blob/997d842ee744687d99a2b2d95c1083a2615c79e8/debian/postgresql-common.postinst#L32-35
+ useradd -r -g postgres --uid=999 --home-dir=/var/lib/postgresql --shell=/bin/bash postgres; \
+# also create the postgres user's home directory with appropriate permissions
+# see https://github.com/docker-library/postgres/issues/274
+ mkdir -p /var/lib/postgresql; \
+ chown -R postgres:postgres /var/lib/postgresql
+
+RUN set -ex; \
+ apt-get update; \
+ apt-get install -y --no-install-recommends \
+ gnupg \
+ ; \
+ rm -rf /var/lib/apt/lists/*
+
+# grab gosu for easy step-down from root
+# https://github.com/tianon/gosu/releases
+ENV GOSU_VERSION 1.16
+RUN set -eux; \
+ savedAptMark="$(apt-mark showmanual)"; \
+ apt-get update; \
+ apt-get install -y --no-install-recommends ca-certificates wget; \
+ rm -rf /var/lib/apt/lists/*; \
+ dpkgArch="$(dpkg --print-architecture | awk -F- '{ print $NF }')"; \
+ wget -O /usr/local/bin/gosu "https://github.com/tianon/gosu/releases/download/$GOSU_VERSION/gosu-$dpkgArch"; \
+ wget -O /usr/local/bin/gosu.asc "https://github.com/tianon/gosu/releases/download/$GOSU_VERSION/gosu-$dpkgArch.asc"; \
+ export GNUPGHOME="$(mktemp -d)"; \
+ gpg --batch --keyserver hkps://keys.openpgp.org --recv-keys B42F6819007F00F88E364FD4036A9C25BF357DD4; \
+ gpg --batch --verify /usr/local/bin/gosu.asc /usr/local/bin/gosu; \
+ gpgconf --kill all; \
+ rm -rf "$GNUPGHOME" /usr/local/bin/gosu.asc; \
+ apt-mark auto '.*' > /dev/null; \
+ [ -z "$savedAptMark" ] || apt-mark manual $savedAptMark > /dev/null; \
+ apt-get purge -y --auto-remove -o APT::AutoRemove::RecommendsImportant=false; \
+ chmod +x /usr/local/bin/gosu; \
+ gosu --version; \
+ gosu nobody true
+
+# make the "en_US.UTF-8" locale so postgres will be utf-8 enabled by default
+RUN set -eux; \
+ if [ -f /etc/dpkg/dpkg.cfg.d/docker ]; then \
+# if this file exists, we're likely in "debian:xxx-slim", and locales are thus being excluded so we need to remove that exclusion (since we need locales)
+ grep -q '/usr/share/locale' /etc/dpkg/dpkg.cfg.d/docker; \
+ sed -ri '/\/usr\/share\/locale/d' /etc/dpkg/dpkg.cfg.d/docker; \
+ ! grep -q '/usr/share/locale' /etc/dpkg/dpkg.cfg.d/docker; \
+ fi; \
+ apt-get update; apt-get install -y --no-install-recommends locales; rm -rf /var/lib/apt/lists/*; \
+ localedef -i en_US -c -f UTF-8 -A /usr/share/locale/locale.alias en_US.UTF-8
+ENV LANG en_US.utf8
+
+RUN set -eux; \
+ apt-get update; \
+ apt-get install -y --no-install-recommends \
+ libnss-wrapper \
+ xz-utils \
+ zstd \
+ ; \
+ rm -rf /var/lib/apt/lists/*
+
+RUN mkdir /docker-entrypoint-initdb.d
+
+RUN set -ex; \
+# pub 4096R/ACCC4CF8 2011-10-13 [expires: 2019-07-02]
+# Key fingerprint = B97B 0AFC AA1A 47F0 44F2 44A0 7FCC 7D46 ACCC 4CF8
+# uid PostgreSQL Debian Repository
+ key='B97B0AFCAA1A47F044F244A07FCC7D46ACCC4CF8'; \
+ export GNUPGHOME="$(mktemp -d)"; \
+ mkdir -p /usr/local/share/keyrings/; \
+ gpg --batch --keyserver keyserver.ubuntu.com --recv-keys "$key"; \
+ gpg --batch --export --armor "$key" > /usr/local/share/keyrings/postgres.gpg.asc; \
+ gpgconf --kill all; \
+ rm -rf "$GNUPGHOME"
+
+ENV PG_MAJOR 12
+ENV PATH $PATH:/usr/lib/postgresql/$PG_MAJOR/bin
+
+ENV PG_VERSION 12.15-1.pgdg120+1
+
+RUN set -ex; \
+ \
+# see note below about "*.pyc" files
+ export PYTHONDONTWRITEBYTECODE=1; \
+ \
+ dpkgArch="$(dpkg --print-architecture)"; \
+ aptRepo="[ signed-by=/usr/local/share/keyrings/postgres.gpg.asc ] http://apt.postgresql.org/pub/repos/apt/ bookworm-pgdg main $PG_MAJOR"; \
+ case "$dpkgArch" in \
+ amd64 | arm64 | ppc64el | s390x) \
+# arches officialy built by upstream
+ echo "deb $aptRepo" > /etc/apt/sources.list.d/pgdg.list; \
+ apt-get update; \
+ ;; \
+ *) \
+# we're on an architecture upstream doesn't officially build for
+# let's build binaries from their published source packages
+ echo "deb-src $aptRepo" > /etc/apt/sources.list.d/pgdg.list; \
+ \
+ savedAptMark="$(apt-mark showmanual)"; \
+ \
+ tempDir="$(mktemp -d)"; \
+ cd "$tempDir"; \
+ \
+# create a temporary local APT repo to install from (so that dependency resolution can be handled by APT, as it should be)
+ apt-get update; \
+ apt-get install -y --no-install-recommends dpkg-dev; \
+ echo "deb [ trusted=yes ] file://$tempDir ./" > /etc/apt/sources.list.d/temp.list; \
+ _update_repo() { \
+ dpkg-scanpackages . > Packages; \
+# work around the following APT issue by using "Acquire::GzipIndexes=false" (overriding "/etc/apt/apt.conf.d/docker-gzip-indexes")
+# Could not open file /var/lib/apt/lists/partial/_tmp_tmp.ODWljpQfkE_._Packages - open (13: Permission denied)
+# ...
+# E: Failed to fetch store:/var/lib/apt/lists/partial/_tmp_tmp.ODWljpQfkE_._Packages Could not open file /var/lib/apt/lists/partial/_tmp_tmp.ODWljpQfkE_._Packages - open (13: Permission denied)
+ apt-get -o Acquire::GzipIndexes=false update; \
+ }; \
+ _update_repo; \
+ \
+# build .deb files from upstream's source packages (which are verified by apt-get)
+ nproc="$(nproc)"; \
+ export DEB_BUILD_OPTIONS="nocheck parallel=$nproc"; \
+# we have to build postgresql-common first because postgresql-$PG_MAJOR shares "debian/rules" logic with it: https://salsa.debian.org/postgresql/postgresql/-/commit/99f44476e258cae6bf9e919219fa2c5414fa2876
+# (and it "Depends: pgdg-keyring")
+ apt-get build-dep -y postgresql-common pgdg-keyring; \
+ apt-get source --compile postgresql-common pgdg-keyring; \
+ _update_repo; \
+ apt-get build-dep -y "postgresql-$PG_MAJOR=$PG_VERSION"; \
+ apt-get source --compile "postgresql-$PG_MAJOR=$PG_VERSION"; \
+ \
+# we don't remove APT lists here because they get re-downloaded and removed later
+ \
+# reset apt-mark's "manual" list so that "purge --auto-remove" will remove all build dependencies
+# (which is done after we install the built packages so we don't have to redownload any overlapping dependencies)
+ apt-mark showmanual | xargs apt-mark auto > /dev/null; \
+ apt-mark manual $savedAptMark; \
+ \
+ ls -lAFh; \
+ _update_repo; \
+ grep '^Package: ' Packages; \
+ cd /; \
+ ;; \
+ esac; \
+ \
+ apt-get install -y --no-install-recommends postgresql-common; \
+ sed -ri 's/#(create_main_cluster) .*$/\1 = false/' /etc/postgresql-common/createcluster.conf; \
+ apt-get install -y --no-install-recommends \
+ "postgresql-$PG_MAJOR=$PG_VERSION" \
+ ; \
+ \
+ rm -rf /var/lib/apt/lists/*; \
+ \
+ if [ -n "$tempDir" ]; then \
+# if we have leftovers from building, let's purge them (including extra, unnecessary build deps)
+ apt-get purge -y --auto-remove; \
+ rm -rf "$tempDir" /etc/apt/sources.list.d/temp.list; \
+ fi; \
+ \
+# some of the steps above generate a lot of "*.pyc" files (and setting "PYTHONDONTWRITEBYTECODE" beforehand doesn't propagate properly for some reason), so we clean them up manually (as long as they aren't owned by a package)
+ find /usr -name '*.pyc' -type f -exec bash -c 'for pyc; do dpkg -S "$pyc" &> /dev/null || rm -vf "$pyc"; done' -- '{}' +; \
+ \
+ postgres --version
+
+# make the sample config easier to munge (and "correct by default")
+RUN set -eux; \
+ dpkg-divert --add --rename --divert "/usr/share/postgresql/postgresql.conf.sample.dpkg" "/usr/share/postgresql/$PG_MAJOR/postgresql.conf.sample"; \
+ cp -v /usr/share/postgresql/postgresql.conf.sample.dpkg /usr/share/postgresql/postgresql.conf.sample; \
+ ln -sv ../postgresql.conf.sample "/usr/share/postgresql/$PG_MAJOR/"; \
+ sed -ri "s!^#?(listen_addresses)\s*=\s*\S+.*!\1 = '*'!" /usr/share/postgresql/postgresql.conf.sample; \
+ grep -F "listen_addresses = '*'" /usr/share/postgresql/postgresql.conf.sample
+
+RUN mkdir -p /var/run/postgresql && chown -R postgres:postgres /var/run/postgresql && chmod 2777 /var/run/postgresql
+
+ENV PGDATA /var/lib/postgresql/data
+# this 777 will be replaced by 700 at runtime (allows semi-arbitrary "--user" values)
+RUN mkdir -p "$PGDATA" && chown -R postgres:postgres "$PGDATA" && chmod 777 "$PGDATA"
+VOLUME /var/lib/postgresql/data
+
+COPY docker-entrypoint.sh /usr/local/bin/
+ENTRYPOINT ["docker-entrypoint.sh"]
+
+# We set the default STOPSIGNAL to SIGINT, which corresponds to what PostgreSQL
+# calls "Fast Shutdown mode" wherein new connections are disallowed and any
+# in-progress transactions are aborted, allowing PostgreSQL to stop cleanly and
+# flush tables to disk, which is the best compromise available to avoid data
+# corruption.
+#
+# Users who know their applications do not keep open long-lived idle connections
+# may way to use a value of SIGTERM instead, which corresponds to "Smart
+# Shutdown mode" in which any existing sessions are allowed to finish and the
+# server stops when all sessions are terminated.
+#
+# See https://www.postgresql.org/docs/12/server-shutdown.html for more details
+# about available PostgreSQL server shutdown signals.
+#
+# See also https://www.postgresql.org/docs/12/server-start.html for further
+# justification of this as the default value, namely that the example (and
+# shipped) systemd service files use the "Fast Shutdown mode" for service
+# termination.
+#
+STOPSIGNAL SIGINT
+#
+# An additional setting that is recommended for all users regardless of this
+# value is the runtime "--stop-timeout" (or your orchestrator/runtime's
+# equivalent) for controlling how long to wait between sending the defined
+# STOPSIGNAL and sending SIGKILL (which is likely to cause data corruption).
+#
+# The default in most runtimes (such as Docker) is 10 seconds, and the
+# documentation at https://www.postgresql.org/docs/12/server-start.html notes
+# that even 90 seconds may not be long enough in many instances.
+
+EXPOSE 5432
+CMD ["postgres"]
diff --git a/12/bookworm/docker-entrypoint.sh b/12/bookworm/docker-entrypoint.sh
new file mode 100755
index 0000000000..0ae0ecf8c2
--- /dev/null
+++ b/12/bookworm/docker-entrypoint.sh
@@ -0,0 +1,351 @@
+#!/usr/bin/env bash
+set -Eeo pipefail
+# TODO swap to -Eeuo pipefail above (after handling all potentially-unset variables)
+
+# usage: file_env VAR [DEFAULT]
+# ie: file_env 'XYZ_DB_PASSWORD' 'example'
+# (will allow for "$XYZ_DB_PASSWORD_FILE" to fill in the value of
+# "$XYZ_DB_PASSWORD" from a file, especially for Docker's secrets feature)
+file_env() {
+ local var="$1"
+ local fileVar="${var}_FILE"
+ local def="${2:-}"
+ if [ "${!var:-}" ] && [ "${!fileVar:-}" ]; then
+ printf >&2 'error: both %s and %s are set (but are exclusive)\n' "$var" "$fileVar"
+ exit 1
+ fi
+ local val="$def"
+ if [ "${!var:-}" ]; then
+ val="${!var}"
+ elif [ "${!fileVar:-}" ]; then
+ val="$(< "${!fileVar}")"
+ fi
+ export "$var"="$val"
+ unset "$fileVar"
+}
+
+# check to see if this file is being run or sourced from another script
+_is_sourced() {
+ # https://unix.stackexchange.com/a/215279
+ [ "${#FUNCNAME[@]}" -ge 2 ] \
+ && [ "${FUNCNAME[0]}" = '_is_sourced' ] \
+ && [ "${FUNCNAME[1]}" = 'source' ]
+}
+
+# used to create initial postgres directories and if run as root, ensure ownership to the "postgres" user
+docker_create_db_directories() {
+ local user; user="$(id -u)"
+
+ mkdir -p "$PGDATA"
+ # ignore failure since there are cases where we can't chmod (and PostgreSQL might fail later anyhow - it's picky about permissions of this directory)
+ chmod 00700 "$PGDATA" || :
+
+ # ignore failure since it will be fine when using the image provided directory; see also https://github.com/docker-library/postgres/pull/289
+ mkdir -p /var/run/postgresql || :
+ chmod 03775 /var/run/postgresql || :
+
+ # Create the transaction log directory before initdb is run so the directory is owned by the correct user
+ if [ -n "${POSTGRES_INITDB_WALDIR:-}" ]; then
+ mkdir -p "$POSTGRES_INITDB_WALDIR"
+ if [ "$user" = '0' ]; then
+ find "$POSTGRES_INITDB_WALDIR" \! -user postgres -exec chown postgres '{}' +
+ fi
+ chmod 700 "$POSTGRES_INITDB_WALDIR"
+ fi
+
+ # allow the container to be started with `--user`
+ if [ "$user" = '0' ]; then
+ find "$PGDATA" \! -user postgres -exec chown postgres '{}' +
+ find /var/run/postgresql \! -user postgres -exec chown postgres '{}' +
+ fi
+}
+
+# initialize empty PGDATA directory with new database via 'initdb'
+# arguments to `initdb` can be passed via POSTGRES_INITDB_ARGS or as arguments to this function
+# `initdb` automatically creates the "postgres", "template0", and "template1" dbnames
+# this is also where the database user is created, specified by `POSTGRES_USER` env
+docker_init_database_dir() {
+ # "initdb" is particular about the current user existing in "/etc/passwd", so we use "nss_wrapper" to fake that if necessary
+ # see https://github.com/docker-library/postgres/pull/253, https://github.com/docker-library/postgres/issues/359, https://cwrap.org/nss_wrapper.html
+ local uid; uid="$(id -u)"
+ if ! getent passwd "$uid" &> /dev/null; then
+ # see if we can find a suitable "libnss_wrapper.so" (https://salsa.debian.org/sssd-team/nss-wrapper/-/commit/b9925a653a54e24d09d9b498a2d913729f7abb15)
+ local wrapper
+ for wrapper in {/usr,}/lib{/*,}/libnss_wrapper.so; do
+ if [ -s "$wrapper" ]; then
+ NSS_WRAPPER_PASSWD="$(mktemp)"
+ NSS_WRAPPER_GROUP="$(mktemp)"
+ export LD_PRELOAD="$wrapper" NSS_WRAPPER_PASSWD NSS_WRAPPER_GROUP
+ local gid; gid="$(id -g)"
+ printf 'postgres:x:%s:%s:PostgreSQL:%s:/bin/false\n' "$uid" "$gid" "$PGDATA" > "$NSS_WRAPPER_PASSWD"
+ printf 'postgres:x:%s:\n' "$gid" > "$NSS_WRAPPER_GROUP"
+ break
+ fi
+ done
+ fi
+
+ if [ -n "${POSTGRES_INITDB_WALDIR:-}" ]; then
+ set -- --waldir "$POSTGRES_INITDB_WALDIR" "$@"
+ fi
+
+ # --pwfile refuses to handle a properly-empty file (hence the "\n"): https://github.com/docker-library/postgres/issues/1025
+ eval 'initdb --username="$POSTGRES_USER" --pwfile=<(printf "%s\n" "$POSTGRES_PASSWORD") '"$POSTGRES_INITDB_ARGS"' "$@"'
+
+ # unset/cleanup "nss_wrapper" bits
+ if [[ "${LD_PRELOAD:-}" == */libnss_wrapper.so ]]; then
+ rm -f "$NSS_WRAPPER_PASSWD" "$NSS_WRAPPER_GROUP"
+ unset LD_PRELOAD NSS_WRAPPER_PASSWD NSS_WRAPPER_GROUP
+ fi
+}
+
+# print large warning if POSTGRES_PASSWORD is long
+# error if both POSTGRES_PASSWORD is empty and POSTGRES_HOST_AUTH_METHOD is not 'trust'
+# print large warning if POSTGRES_HOST_AUTH_METHOD is set to 'trust'
+# assumes database is not set up, ie: [ -z "$DATABASE_ALREADY_EXISTS" ]
+docker_verify_minimum_env() {
+ # check password first so we can output the warning before postgres
+ # messes it up
+ if [ "${#POSTGRES_PASSWORD}" -ge 100 ]; then
+ cat >&2 <<-'EOWARN'
+
+ WARNING: The supplied POSTGRES_PASSWORD is 100+ characters.
+
+ This will not work if used via PGPASSWORD with "psql".
+
+ https://www.postgresql.org/message-id/flat/E1Rqxp2-0004Qt-PL%40wrigleys.postgresql.org (BUG #6412)
+ https://github.com/docker-library/postgres/issues/507
+
+ EOWARN
+ fi
+ if [ -z "$POSTGRES_PASSWORD" ] && [ 'trust' != "$POSTGRES_HOST_AUTH_METHOD" ]; then
+ # The - option suppresses leading tabs but *not* spaces. :)
+ cat >&2 <<-'EOE'
+ Error: Database is uninitialized and superuser password is not specified.
+ You must specify POSTGRES_PASSWORD to a non-empty value for the
+ superuser. For example, "-e POSTGRES_PASSWORD=password" on "docker run".
+
+ You may also use "POSTGRES_HOST_AUTH_METHOD=trust" to allow all
+ connections without a password. This is *not* recommended.
+
+ See PostgreSQL documentation about "trust":
+ https://www.postgresql.org/docs/current/auth-trust.html
+ EOE
+ exit 1
+ fi
+ if [ 'trust' = "$POSTGRES_HOST_AUTH_METHOD" ]; then
+ cat >&2 <<-'EOWARN'
+ ********************************************************************************
+ WARNING: POSTGRES_HOST_AUTH_METHOD has been set to "trust". This will allow
+ anyone with access to the Postgres port to access your database without
+ a password, even if POSTGRES_PASSWORD is set. See PostgreSQL
+ documentation about "trust":
+ https://www.postgresql.org/docs/current/auth-trust.html
+ In Docker's default configuration, this is effectively any other
+ container on the same system.
+
+ It is not recommended to use POSTGRES_HOST_AUTH_METHOD=trust. Replace
+ it with "-e POSTGRES_PASSWORD=password" instead to set a password in
+ "docker run".
+ ********************************************************************************
+ EOWARN
+ fi
+}
+
+# usage: docker_process_init_files [file [file [...]]]
+# ie: docker_process_init_files /always-initdb.d/*
+# process initializer files, based on file extensions and permissions
+docker_process_init_files() {
+ # psql here for backwards compatibility "${psql[@]}"
+ psql=( docker_process_sql )
+
+ printf '\n'
+ local f
+ for f; do
+ case "$f" in
+ *.sh)
+ # https://github.com/docker-library/postgres/issues/450#issuecomment-393167936
+ # https://github.com/docker-library/postgres/pull/452
+ if [ -x "$f" ]; then
+ printf '%s: running %s\n' "$0" "$f"
+ "$f"
+ else
+ printf '%s: sourcing %s\n' "$0" "$f"
+ . "$f"
+ fi
+ ;;
+ *.sql) printf '%s: running %s\n' "$0" "$f"; docker_process_sql -f "$f"; printf '\n' ;;
+ *.sql.gz) printf '%s: running %s\n' "$0" "$f"; gunzip -c "$f" | docker_process_sql; printf '\n' ;;
+ *.sql.xz) printf '%s: running %s\n' "$0" "$f"; xzcat "$f" | docker_process_sql; printf '\n' ;;
+ *.sql.zst) printf '%s: running %s\n' "$0" "$f"; zstd -dc "$f" | docker_process_sql; printf '\n' ;;
+ *) printf '%s: ignoring %s\n' "$0" "$f" ;;
+ esac
+ printf '\n'
+ done
+}
+
+# Execute sql script, passed via stdin (or -f flag of pqsl)
+# usage: docker_process_sql [psql-cli-args]
+# ie: docker_process_sql --dbname=mydb <<<'INSERT ...'
+# ie: docker_process_sql -f my-file.sql
+# ie: docker_process_sql <my-file.sql
+docker_process_sql() {
+ local query_runner=( psql -v ON_ERROR_STOP=1 --username "$POSTGRES_USER" --no-password --no-psqlrc )
+ if [ -n "$POSTGRES_DB" ]; then
+ query_runner+=( --dbname "$POSTGRES_DB" )
+ fi
+
+ PGHOST= PGHOSTADDR= "${query_runner[@]}" "$@"
+}
+
+# create initial database
+# uses environment variables for input: POSTGRES_DB
+docker_setup_db() {
+ local dbAlreadyExists
+ dbAlreadyExists="$(
+ POSTGRES_DB= docker_process_sql --dbname postgres --set db="$POSTGRES_DB" --tuples-only <<-'EOSQL'
+ SELECT 1 FROM pg_database WHERE datname = :'db' ;
+ EOSQL
+ )"
+ if [ -z "$dbAlreadyExists" ]; then
+ POSTGRES_DB= docker_process_sql --dbname postgres --set db="$POSTGRES_DB" <<-'EOSQL'
+ CREATE DATABASE :"db" ;
+ EOSQL
+ printf '\n'
+ fi
+}
+
+# Loads various settings that are used elsewhere in the script
+# This should be called before any other functions
+docker_setup_env() {
+ file_env 'POSTGRES_PASSWORD'
+
+ file_env 'POSTGRES_USER' 'postgres'
+ file_env 'POSTGRES_DB' "$POSTGRES_USER"
+ file_env 'POSTGRES_INITDB_ARGS'
+ : "${POSTGRES_HOST_AUTH_METHOD:=}"
+
+ declare -g DATABASE_ALREADY_EXISTS
+ # look specifically for PG_VERSION, as it is expected in the DB dir
+ if [ -s "$PGDATA/PG_VERSION" ]; then
+ DATABASE_ALREADY_EXISTS='true'
+ fi
+}
+
+# append POSTGRES_HOST_AUTH_METHOD to pg_hba.conf for "host" connections
+# all arguments will be passed along as arguments to `postgres` for getting the value of 'password_encryption'
+pg_setup_hba_conf() {
+ # default authentication method is md5 on versions before 14
+ # https://www.postgresql.org/about/news/postgresql-14-released-2318/
+ if [ "$1" = 'postgres' ]; then
+ shift
+ fi
+ local auth
+ # check the default/configured encryption and use that as the auth method
+ auth="$(postgres -C password_encryption "$@")"
+ : "${POSTGRES_HOST_AUTH_METHOD:=$auth}"
+ {
+ printf '\n'
+ if [ 'trust' = "$POSTGRES_HOST_AUTH_METHOD" ]; then
+ printf '# warning trust is enabled for all connections\n'
+ printf '# see https://www.postgresql.org/docs/12/auth-trust.html\n'
+ fi
+ printf 'host all all all %s\n' "$POSTGRES_HOST_AUTH_METHOD"
+ } >> "$PGDATA/pg_hba.conf"
+}
+
+# start socket-only postgresql server for setting up or running scripts
+# all arguments will be passed along as arguments to `postgres` (via pg_ctl)
+docker_temp_server_start() {
+ if [ "$1" = 'postgres' ]; then
+ shift
+ fi
+
+ # internal start of server in order to allow setup using psql client
+ # does not listen on external TCP/IP and waits until start finishes
+ set -- "$@" -c listen_addresses='' -p "${PGPORT:-5432}"
+
+ PGUSER="${PGUSER:-$POSTGRES_USER}" \
+ pg_ctl -D "$PGDATA" \
+ -o "$(printf '%q ' "$@")" \
+ -w start
+}
+
+# stop postgresql server after done setting up user and running scripts
+docker_temp_server_stop() {
+ PGUSER="${PGUSER:-postgres}" \
+ pg_ctl -D "$PGDATA" -m fast -w stop
+}
+
+# check arguments for an option that would cause postgres to stop
+# return true if there is one
+_pg_want_help() {
+ local arg
+ for arg; do
+ case "$arg" in
+ # postgres --help | grep 'then exit'
+ # leaving out -C on purpose since it always fails and is unhelpful:
+ # postgres: could not access the server configuration file "/var/lib/postgresql/data/postgresql.conf": No such file or directory
+ -'?'|--help|--describe-config|-V|--version)
+ return 0
+ ;;
+ esac
+ done
+ return 1
+}
+
+_main() {
+ # if first arg looks like a flag, assume we want to run postgres server
+ if [ "${1:0:1}" = '-' ]; then
+ set -- postgres "$@"
+ fi
+
+ if [ "$1" = 'postgres' ] && ! _pg_want_help "$@"; then
+ docker_setup_env
+ # setup data directories and permissions (when run as root)
+ docker_create_db_directories
+ if [ "$(id -u)" = '0' ]; then
+ # then restart script as postgres user
+ exec gosu postgres "$BASH_SOURCE" "$@"
+ fi
+
+ # only run initialization on an empty data directory
+ if [ -z "$DATABASE_ALREADY_EXISTS" ]; then
+ docker_verify_minimum_env
+
+ # check dir permissions to reduce likelihood of half-initialized database
+ ls /docker-entrypoint-initdb.d/ > /dev/null
+
+ docker_init_database_dir
+ pg_setup_hba_conf "$@"
+
+ # PGPASSWORD is required for psql when authentication is required for 'local' connections via pg_hba.conf and is otherwise harmless
+ # e.g. when '--auth=md5' or '--auth-local=md5' is used in POSTGRES_INITDB_ARGS
+ export PGPASSWORD="${PGPASSWORD:-$POSTGRES_PASSWORD}"
+ docker_temp_server_start "$@"
+
+ docker_setup_db
+ docker_process_init_files /docker-entrypoint-initdb.d/*
+
+ docker_temp_server_stop
+ unset PGPASSWORD
+
+ cat <<-'EOM'
+
+ PostgreSQL init process complete; ready for start up.
+
+ EOM
+ else
+ cat <<-'EOM'
+
+ PostgreSQL Database directory appears to contain a database; Skipping initialization
+
+ EOM
+ fi
+ fi
+
+ exec "$@"
+}
+
+if ! _is_sourced; then
+ _main "$@"
+fi
diff --git a/13/bookworm/Dockerfile b/13/bookworm/Dockerfile
new file mode 100644
index 0000000000..0deeced385
--- /dev/null
+++ b/13/bookworm/Dockerfile
@@ -0,0 +1,221 @@
+#
+# NOTE: THIS DOCKERFILE IS GENERATED VIA "apply-templates.sh"
+#
+# PLEASE DO NOT EDIT IT DIRECTLY.
+#
+
+FROM debian:bookworm-slim
+
+# explicitly set user/group IDs
+RUN set -eux; \
+ groupadd -r postgres --gid=999; \
+# https://salsa.debian.org/postgresql/postgresql-common/blob/997d842ee744687d99a2b2d95c1083a2615c79e8/debian/postgresql-common.postinst#L32-35
+ useradd -r -g postgres --uid=999 --home-dir=/var/lib/postgresql --shell=/bin/bash postgres; \
+# also create the postgres user's home directory with appropriate permissions
+# see https://github.com/docker-library/postgres/issues/274
+ mkdir -p /var/lib/postgresql; \
+ chown -R postgres:postgres /var/lib/postgresql
+
+RUN set -ex; \
+ apt-get update; \
+ apt-get install -y --no-install-recommends \
+ gnupg \
+ ; \
+ rm -rf /var/lib/apt/lists/*
+
+# grab gosu for easy step-down from root
+# https://github.com/tianon/gosu/releases
+ENV GOSU_VERSION 1.16
+RUN set -eux; \
+ savedAptMark="$(apt-mark showmanual)"; \
+ apt-get update; \
+ apt-get install -y --no-install-recommends ca-certificates wget; \
+ rm -rf /var/lib/apt/lists/*; \
+ dpkgArch="$(dpkg --print-architecture | awk -F- '{ print $NF }')"; \
+ wget -O /usr/local/bin/gosu "https://github.com/tianon/gosu/releases/download/$GOSU_VERSION/gosu-$dpkgArch"; \
+ wget -O /usr/local/bin/gosu.asc "https://github.com/tianon/gosu/releases/download/$GOSU_VERSION/gosu-$dpkgArch.asc"; \
+ export GNUPGHOME="$(mktemp -d)"; \
+ gpg --batch --keyserver hkps://keys.openpgp.org --recv-keys B42F6819007F00F88E364FD4036A9C25BF357DD4; \
+ gpg --batch --verify /usr/local/bin/gosu.asc /usr/local/bin/gosu; \
+ gpgconf --kill all; \
+ rm -rf "$GNUPGHOME" /usr/local/bin/gosu.asc; \
+ apt-mark auto '.*' > /dev/null; \
+ [ -z "$savedAptMark" ] || apt-mark manual $savedAptMark > /dev/null; \
+ apt-get purge -y --auto-remove -o APT::AutoRemove::RecommendsImportant=false; \
+ chmod +x /usr/local/bin/gosu; \
+ gosu --version; \
+ gosu nobody true
+
+# make the "en_US.UTF-8" locale so postgres will be utf-8 enabled by default
+RUN set -eux; \
+ if [ -f /etc/dpkg/dpkg.cfg.d/docker ]; then \
+# if this file exists, we're likely in "debian:xxx-slim", and locales are thus being excluded so we need to remove that exclusion (since we need locales)
+ grep -q '/usr/share/locale' /etc/dpkg/dpkg.cfg.d/docker; \
+ sed -ri '/\/usr\/share\/locale/d' /etc/dpkg/dpkg.cfg.d/docker; \
+ ! grep -q '/usr/share/locale' /etc/dpkg/dpkg.cfg.d/docker; \
+ fi; \
+ apt-get update; apt-get install -y --no-install-recommends locales; rm -rf /var/lib/apt/lists/*; \
+ localedef -i en_US -c -f UTF-8 -A /usr/share/locale/locale.alias en_US.UTF-8
+ENV LANG en_US.utf8
+
+RUN set -eux; \
+ apt-get update; \
+ apt-get install -y --no-install-recommends \
+ libnss-wrapper \
+ xz-utils \
+ zstd \
+ ; \
+ rm -rf /var/lib/apt/lists/*
+
+RUN mkdir /docker-entrypoint-initdb.d
+
+RUN set -ex; \
+# pub 4096R/ACCC4CF8 2011-10-13 [expires: 2019-07-02]
+# Key fingerprint = B97B 0AFC AA1A 47F0 44F2 44A0 7FCC 7D46 ACCC 4CF8
+# uid PostgreSQL Debian Repository
+ key='B97B0AFCAA1A47F044F244A07FCC7D46ACCC4CF8'; \
+ export GNUPGHOME="$(mktemp -d)"; \
+ mkdir -p /usr/local/share/keyrings/; \
+ gpg --batch --keyserver keyserver.ubuntu.com --recv-keys "$key"; \
+ gpg --batch --export --armor "$key" > /usr/local/share/keyrings/postgres.gpg.asc; \
+ gpgconf --kill all; \
+ rm -rf "$GNUPGHOME"
+
+ENV PG_MAJOR 13
+ENV PATH $PATH:/usr/lib/postgresql/$PG_MAJOR/bin
+
+ENV PG_VERSION 13.11-1.pgdg120+1
+
+RUN set -ex; \
+ \
+# see note below about "*.pyc" files
+ export PYTHONDONTWRITEBYTECODE=1; \
+ \
+ dpkgArch="$(dpkg --print-architecture)"; \
+ aptRepo="[ signed-by=/usr/local/share/keyrings/postgres.gpg.asc ] http://apt.postgresql.org/pub/repos/apt/ bookworm-pgdg main $PG_MAJOR"; \
+ case "$dpkgArch" in \
+ amd64 | arm64 | ppc64el | s390x) \
+# arches officialy built by upstream
+ echo "deb $aptRepo" > /etc/apt/sources.list.d/pgdg.list; \
+ apt-get update; \
+ ;; \
+ *) \
+# we're on an architecture upstream doesn't officially build for
+# let's build binaries from their published source packages
+ echo "deb-src $aptRepo" > /etc/apt/sources.list.d/pgdg.list; \
+ \
+ savedAptMark="$(apt-mark showmanual)"; \
+ \
+ tempDir="$(mktemp -d)"; \
+ cd "$tempDir"; \
+ \
+# create a temporary local APT repo to install from (so that dependency resolution can be handled by APT, as it should be)
+ apt-get update; \
+ apt-get install -y --no-install-recommends dpkg-dev; \
+ echo "deb [ trusted=yes ] file://$tempDir ./" > /etc/apt/sources.list.d/temp.list; \
+ _update_repo() { \
+ dpkg-scanpackages . > Packages; \
+# work around the following APT issue by using "Acquire::GzipIndexes=false" (overriding "/etc/apt/apt.conf.d/docker-gzip-indexes")
+# Could not open file /var/lib/apt/lists/partial/_tmp_tmp.ODWljpQfkE_._Packages - open (13: Permission denied)
+# ...
+# E: Failed to fetch store:/var/lib/apt/lists/partial/_tmp_tmp.ODWljpQfkE_._Packages Could not open file /var/lib/apt/lists/partial/_tmp_tmp.ODWljpQfkE_._Packages - open (13: Permission denied)
+ apt-get -o Acquire::GzipIndexes=false update; \
+ }; \
+ _update_repo; \
+ \
+# build .deb files from upstream's source packages (which are verified by apt-get)
+ nproc="$(nproc)"; \
+ export DEB_BUILD_OPTIONS="nocheck parallel=$nproc"; \
+# we have to build postgresql-common first because postgresql-$PG_MAJOR shares "debian/rules" logic with it: https://salsa.debian.org/postgresql/postgresql/-/commit/99f44476e258cae6bf9e919219fa2c5414fa2876
+# (and it "Depends: pgdg-keyring")
+ apt-get build-dep -y postgresql-common pgdg-keyring; \
+ apt-get source --compile postgresql-common pgdg-keyring; \
+ _update_repo; \
+# we need DEBIAN_FRONTEND on postgresql-13 for slapd ("Please enter the password for the admin entry in your LDAP directory."); see https://bugs.debian.org/929417
+ DEBIAN_FRONTEND=noninteractive \
+ apt-get build-dep -y "postgresql-$PG_MAJOR=$PG_VERSION"; \
+ apt-get source --compile "postgresql-$PG_MAJOR=$PG_VERSION"; \
+ \
+# we don't remove APT lists here because they get re-downloaded and removed later
+ \
+# reset apt-mark's "manual" list so that "purge --auto-remove" will remove all build dependencies
+# (which is done after we install the built packages so we don't have to redownload any overlapping dependencies)
+ apt-mark showmanual | xargs apt-mark auto > /dev/null; \
+ apt-mark manual $savedAptMark; \
+ \
+ ls -lAFh; \
+ _update_repo; \
+ grep '^Package: ' Packages; \
+ cd /; \
+ ;; \
+ esac; \
+ \
+ apt-get install -y --no-install-recommends postgresql-common; \
+ sed -ri 's/#(create_main_cluster) .*$/\1 = false/' /etc/postgresql-common/createcluster.conf; \
+ apt-get install -y --no-install-recommends \
+ "postgresql-$PG_MAJOR=$PG_VERSION" \
+ ; \
+ \
+ rm -rf /var/lib/apt/lists/*; \
+ \
+ if [ -n "$tempDir" ]; then \
+# if we have leftovers from building, let's purge them (including extra, unnecessary build deps)
+ apt-get purge -y --auto-remove; \
+ rm -rf "$tempDir" /etc/apt/sources.list.d/temp.list; \
+ fi; \
+ \
+# some of the steps above generate a lot of "*.pyc" files (and setting "PYTHONDONTWRITEBYTECODE" beforehand doesn't propagate properly for some reason), so we clean them up manually (as long as they aren't owned by a package)
+ find /usr -name '*.pyc' -type f -exec bash -c 'for pyc; do dpkg -S "$pyc" &> /dev/null || rm -vf "$pyc"; done' -- '{}' +; \
+ \
+ postgres --version
+
+# make the sample config easier to munge (and "correct by default")
+RUN set -eux; \
+ dpkg-divert --add --rename --divert "/usr/share/postgresql/postgresql.conf.sample.dpkg" "/usr/share/postgresql/$PG_MAJOR/postgresql.conf.sample"; \
+ cp -v /usr/share/postgresql/postgresql.conf.sample.dpkg /usr/share/postgresql/postgresql.conf.sample; \
+ ln -sv ../postgresql.conf.sample "/usr/share/postgresql/$PG_MAJOR/"; \
+ sed -ri "s!^#?(listen_addresses)\s*=\s*\S+.*!\1 = '*'!" /usr/share/postgresql/postgresql.conf.sample; \
+ grep -F "listen_addresses = '*'" /usr/share/postgresql/postgresql.conf.sample
+
+RUN mkdir -p /var/run/postgresql && chown -R postgres:postgres /var/run/postgresql && chmod 2777 /var/run/postgresql
+
+ENV PGDATA /var/lib/postgresql/data
+# this 777 will be replaced by 700 at runtime (allows semi-arbitrary "--user" values)
+RUN mkdir -p "$PGDATA" && chown -R postgres:postgres "$PGDATA" && chmod 777 "$PGDATA"
+VOLUME /var/lib/postgresql/data
+
+COPY docker-entrypoint.sh /usr/local/bin/
+ENTRYPOINT ["docker-entrypoint.sh"]
+
+# We set the default STOPSIGNAL to SIGINT, which corresponds to what PostgreSQL
+# calls "Fast Shutdown mode" wherein new connections are disallowed and any
+# in-progress transactions are aborted, allowing PostgreSQL to stop cleanly and
+# flush tables to disk, which is the best compromise available to avoid data
+# corruption.
+#
+# Users who know their applications do not keep open long-lived idle connections
+# may way to use a value of SIGTERM instead, which corresponds to "Smart
+# Shutdown mode" in which any existing sessions are allowed to finish and the
+# server stops when all sessions are terminated.
+#
+# See https://www.postgresql.org/docs/12/server-shutdown.html for more details
+# about available PostgreSQL server shutdown signals.
+#
+# See also https://www.postgresql.org/docs/12/server-start.html for further
+# justification of this as the default value, namely that the example (and
+# shipped) systemd service files use the "Fast Shutdown mode" for service
+# termination.
+#
+STOPSIGNAL SIGINT
+#
+# An additional setting that is recommended for all users regardless of this
+# value is the runtime "--stop-timeout" (or your orchestrator/runtime's
+# equivalent) for controlling how long to wait between sending the defined
+# STOPSIGNAL and sending SIGKILL (which is likely to cause data corruption).
+#
+# The default in most runtimes (such as Docker) is 10 seconds, and the
+# documentation at https://www.postgresql.org/docs/12/server-start.html notes
+# that even 90 seconds may not be long enough in many instances.
+
+EXPOSE 5432
+CMD ["postgres"]
diff --git a/13/bookworm/docker-entrypoint.sh b/13/bookworm/docker-entrypoint.sh
new file mode 100755
index 0000000000..0ae0ecf8c2
--- /dev/null
+++ b/13/bookworm/docker-entrypoint.sh
@@ -0,0 +1,351 @@
+#!/usr/bin/env bash
+set -Eeo pipefail
+# TODO swap to -Eeuo pipefail above (after handling all potentially-unset variables)
+
+# usage: file_env VAR [DEFAULT]
+# ie: file_env 'XYZ_DB_PASSWORD' 'example'
+# (will allow for "$XYZ_DB_PASSWORD_FILE" to fill in the value of
+# "$XYZ_DB_PASSWORD" from a file, especially for Docker's secrets feature)
+file_env() {
+ local var="$1"
+ local fileVar="${var}_FILE"
+ local def="${2:-}"
+ if [ "${!var:-}" ] && [ "${!fileVar:-}" ]; then
+ printf >&2 'error: both %s and %s are set (but are exclusive)\n' "$var" "$fileVar"
+ exit 1
+ fi
+ local val="$def"
+ if [ "${!var:-}" ]; then
+ val="${!var}"
+ elif [ "${!fileVar:-}" ]; then
+ val="$(< "${!fileVar}")"
+ fi
+ export "$var"="$val"
+ unset "$fileVar"
+}
+
+# check to see if this file is being run or sourced from another script
+_is_sourced() {
+ # https://unix.stackexchange.com/a/215279
+ [ "${#FUNCNAME[@]}" -ge 2 ] \
+ && [ "${FUNCNAME[0]}" = '_is_sourced' ] \
+ && [ "${FUNCNAME[1]}" = 'source' ]
+}
+
+# used to create initial postgres directories and if run as root, ensure ownership to the "postgres" user
+docker_create_db_directories() {
+ local user; user="$(id -u)"
+
+ mkdir -p "$PGDATA"
+ # ignore failure since there are cases where we can't chmod (and PostgreSQL might fail later anyhow - it's picky about permissions of this directory)
+ chmod 00700 "$PGDATA" || :
+
+ # ignore failure since it will be fine when using the image provided directory; see also https://github.com/docker-library/postgres/pull/289
+ mkdir -p /var/run/postgresql || :
+ chmod 03775 /var/run/postgresql || :
+
+ # Create the transaction log directory before initdb is run so the directory is owned by the correct user
+ if [ -n "${POSTGRES_INITDB_WALDIR:-}" ]; then
+ mkdir -p "$POSTGRES_INITDB_WALDIR"
+ if [ "$user" = '0' ]; then
+ find "$POSTGRES_INITDB_WALDIR" \! -user postgres -exec chown postgres '{}' +
+ fi
+ chmod 700 "$POSTGRES_INITDB_WALDIR"
+ fi
+
+ # allow the container to be started with `--user`
+ if [ "$user" = '0' ]; then
+ find "$PGDATA" \! -user postgres -exec chown postgres '{}' +
+ find /var/run/postgresql \! -user postgres -exec chown postgres '{}' +
+ fi
+}
+
+# initialize empty PGDATA directory with new database via 'initdb'
+# arguments to `initdb` can be passed via POSTGRES_INITDB_ARGS or as arguments to this function
+# `initdb` automatically creates the "postgres", "template0", and "template1" dbnames
+# this is also where the database user is created, specified by `POSTGRES_USER` env
+docker_init_database_dir() {
+ # "initdb" is particular about the current user existing in "/etc/passwd", so we use "nss_wrapper" to fake that if necessary
+ # see https://github.com/docker-library/postgres/pull/253, https://github.com/docker-library/postgres/issues/359, https://cwrap.org/nss_wrapper.html
+ local uid; uid="$(id -u)"
+ if ! getent passwd "$uid" &> /dev/null; then
+ # see if we can find a suitable "libnss_wrapper.so" (https://salsa.debian.org/sssd-team/nss-wrapper/-/commit/b9925a653a54e24d09d9b498a2d913729f7abb15)
+ local wrapper
+ for wrapper in {/usr,}/lib{/*,}/libnss_wrapper.so; do
+ if [ -s "$wrapper" ]; then
+ NSS_WRAPPER_PASSWD="$(mktemp)"
+ NSS_WRAPPER_GROUP="$(mktemp)"
+ export LD_PRELOAD="$wrapper" NSS_WRAPPER_PASSWD NSS_WRAPPER_GROUP
+ local gid; gid="$(id -g)"
+ printf 'postgres:x:%s:%s:PostgreSQL:%s:/bin/false\n' "$uid" "$gid" "$PGDATA" > "$NSS_WRAPPER_PASSWD"
+ printf 'postgres:x:%s:\n' "$gid" > "$NSS_WRAPPER_GROUP"
+ break
+ fi
+ done
+ fi
+
+ if [ -n "${POSTGRES_INITDB_WALDIR:-}" ]; then
+ set -- --waldir "$POSTGRES_INITDB_WALDIR" "$@"
+ fi
+
+ # --pwfile refuses to handle a properly-empty file (hence the "\n"): https://github.com/docker-library/postgres/issues/1025
+ eval 'initdb --username="$POSTGRES_USER" --pwfile=<(printf "%s\n" "$POSTGRES_PASSWORD") '"$POSTGRES_INITDB_ARGS"' "$@"'
+
+ # unset/cleanup "nss_wrapper" bits
+ if [[ "${LD_PRELOAD:-}" == */libnss_wrapper.so ]]; then
+ rm -f "$NSS_WRAPPER_PASSWD" "$NSS_WRAPPER_GROUP"
+ unset LD_PRELOAD NSS_WRAPPER_PASSWD NSS_WRAPPER_GROUP
+ fi
+}
+
+# print large warning if POSTGRES_PASSWORD is long
+# error if both POSTGRES_PASSWORD is empty and POSTGRES_HOST_AUTH_METHOD is not 'trust'
+# print large warning if POSTGRES_HOST_AUTH_METHOD is set to 'trust'
+# assumes database is not set up, ie: [ -z "$DATABASE_ALREADY_EXISTS" ]
+docker_verify_minimum_env() {
+ # check password first so we can output the warning before postgres
+ # messes it up
+ if [ "${#POSTGRES_PASSWORD}" -ge 100 ]; then
+ cat >&2 <<-'EOWARN'
+
+ WARNING: The supplied POSTGRES_PASSWORD is 100+ characters.
+
+ This will not work if used via PGPASSWORD with "psql".
+
+ https://www.postgresql.org/message-id/flat/E1Rqxp2-0004Qt-PL%40wrigleys.postgresql.org (BUG #6412)
+ https://github.com/docker-library/postgres/issues/507
+
+ EOWARN
+ fi
+ if [ -z "$POSTGRES_PASSWORD" ] && [ 'trust' != "$POSTGRES_HOST_AUTH_METHOD" ]; then
+ # The - option suppresses leading tabs but *not* spaces. :)
+ cat >&2 <<-'EOE'
+ Error: Database is uninitialized and superuser password is not specified.
+ You must specify POSTGRES_PASSWORD to a non-empty value for the
+ superuser. For example, "-e POSTGRES_PASSWORD=password" on "docker run".
+
+ You may also use "POSTGRES_HOST_AUTH_METHOD=trust" to allow all
+ connections without a password. This is *not* recommended.
+
+ See PostgreSQL documentation about "trust":
+ https://www.postgresql.org/docs/current/auth-trust.html
+ EOE
+ exit 1
+ fi
+ if [ 'trust' = "$POSTGRES_HOST_AUTH_METHOD" ]; then
+ cat >&2 <<-'EOWARN'
+ ********************************************************************************
+ WARNING: POSTGRES_HOST_AUTH_METHOD has been set to "trust". This will allow
+ anyone with access to the Postgres port to access your database without
+ a password, even if POSTGRES_PASSWORD is set. See PostgreSQL
+ documentation about "trust":
+ https://www.postgresql.org/docs/current/auth-trust.html
+ In Docker's default configuration, this is effectively any other
+ container on the same system.
+
+ It is not recommended to use POSTGRES_HOST_AUTH_METHOD=trust. Replace
+ it with "-e POSTGRES_PASSWORD=password" instead to set a password in
+ "docker run".
+ ********************************************************************************
+ EOWARN
+ fi
+}
+
+# usage: docker_process_init_files [file [file [...]]]
+# ie: docker_process_init_files /always-initdb.d/*
+# process initializer files, based on file extensions and permissions
+docker_process_init_files() {
+ # psql here for backwards compatibility "${psql[@]}"
+ psql=( docker_process_sql )
+
+ printf '\n'
+ local f
+ for f; do
+ case "$f" in
+ *.sh)
+ # https://github.com/docker-library/postgres/issues/450#issuecomment-393167936
+ # https://github.com/docker-library/postgres/pull/452
+ if [ -x "$f" ]; then
+ printf '%s: running %s\n' "$0" "$f"
+ "$f"
+ else
+ printf '%s: sourcing %s\n' "$0" "$f"
+ . "$f"
+ fi
+ ;;
+ *.sql) printf '%s: running %s\n' "$0" "$f"; docker_process_sql -f "$f"; printf '\n' ;;
+ *.sql.gz) printf '%s: running %s\n' "$0" "$f"; gunzip -c "$f" | docker_process_sql; printf '\n' ;;
+ *.sql.xz) printf '%s: running %s\n' "$0" "$f"; xzcat "$f" | docker_process_sql; printf '\n' ;;
+ *.sql.zst) printf '%s: running %s\n' "$0" "$f"; zstd -dc "$f" | docker_process_sql; printf '\n' ;;
+ *) printf '%s: ignoring %s\n' "$0" "$f" ;;
+ esac
+ printf '\n'
+ done
+}
+
+# Execute sql script, passed via stdin (or -f flag of pqsl)
+# usage: docker_process_sql [psql-cli-args]
+# ie: docker_process_sql --dbname=mydb <<<'INSERT ...'
+# ie: docker_process_sql -f my-file.sql
+# ie: docker_process_sql <my-file.sql
+docker_process_sql() {
+ local query_runner=( psql -v ON_ERROR_STOP=1 --username "$POSTGRES_USER" --no-password --no-psqlrc )
+ if [ -n "$POSTGRES_DB" ]; then
+ query_runner+=( --dbname "$POSTGRES_DB" )
+ fi
+
+ PGHOST= PGHOSTADDR= "${query_runner[@]}" "$@"
+}
+
+# create initial database
+# uses environment variables for input: POSTGRES_DB
+docker_setup_db() {
+ local dbAlreadyExists
+ dbAlreadyExists="$(
+ POSTGRES_DB= docker_process_sql --dbname postgres --set db="$POSTGRES_DB" --tuples-only <<-'EOSQL'
+ SELECT 1 FROM pg_database WHERE datname = :'db' ;
+ EOSQL
+ )"
+ if [ -z "$dbAlreadyExists" ]; then
+ POSTGRES_DB= docker_process_sql --dbname postgres --set db="$POSTGRES_DB" <<-'EOSQL'
+ CREATE DATABASE :"db" ;
+ EOSQL
+ printf '\n'
+ fi
+}
+
+# Loads various settings that are used elsewhere in the script
+# This should be called before any other functions
+docker_setup_env() {
+ file_env 'POSTGRES_PASSWORD'
+
+ file_env 'POSTGRES_USER' 'postgres'
+ file_env 'POSTGRES_DB' "$POSTGRES_USER"
+ file_env 'POSTGRES_INITDB_ARGS'
+ : "${POSTGRES_HOST_AUTH_METHOD:=}"
+
+ declare -g DATABASE_ALREADY_EXISTS
+ # look specifically for PG_VERSION, as it is expected in the DB dir
+ if [ -s "$PGDATA/PG_VERSION" ]; then
+ DATABASE_ALREADY_EXISTS='true'
+ fi
+}
+
+# append POSTGRES_HOST_AUTH_METHOD to pg_hba.conf for "host" connections
+# all arguments will be passed along as arguments to `postgres` for getting the value of 'password_encryption'
+pg_setup_hba_conf() {
+ # default authentication method is md5 on versions before 14
+ # https://www.postgresql.org/about/news/postgresql-14-released-2318/
+ if [ "$1" = 'postgres' ]; then
+ shift
+ fi
+ local auth
+ # check the default/configured encryption and use that as the auth method
+ auth="$(postgres -C password_encryption "$@")"
+ : "${POSTGRES_HOST_AUTH_METHOD:=$auth}"
+ {
+ printf '\n'
+ if [ 'trust' = "$POSTGRES_HOST_AUTH_METHOD" ]; then
+ printf '# warning trust is enabled for all connections\n'
+ printf '# see https://www.postgresql.org/docs/12/auth-trust.html\n'
+ fi
+ printf 'host all all all %s\n' "$POSTGRES_HOST_AUTH_METHOD"
+ } >> "$PGDATA/pg_hba.conf"
+}
+
+# start socket-only postgresql server for setting up or running scripts
+# all arguments will be passed along as arguments to `postgres` (via pg_ctl)
+docker_temp_server_start() {
+ if [ "$1" = 'postgres' ]; then
+ shift
+ fi
+
+ # internal start of server in order to allow setup using psql client
+ # does not listen on external TCP/IP and waits until start finishes
+ set -- "$@" -c listen_addresses='' -p "${PGPORT:-5432}"
+
+ PGUSER="${PGUSER:-$POSTGRES_USER}" \
+ pg_ctl -D "$PGDATA" \
+ -o "$(printf '%q ' "$@")" \
+ -w start
+}
+
+# stop postgresql server after done setting up user and running scripts
+docker_temp_server_stop() {
+ PGUSER="${PGUSER:-postgres}" \
+ pg_ctl -D "$PGDATA" -m fast -w stop
+}
+
+# check arguments for an option that would cause postgres to stop
+# return true if there is one
+_pg_want_help() {
+ local arg
+ for arg; do
+ case "$arg" in
+ # postgres --help | grep 'then exit'
+ # leaving out -C on purpose since it always fails and is unhelpful:
+ # postgres: could not access the server configuration file "/var/lib/postgresql/data/postgresql.conf": No such file or directory
+ -'?'|--help|--describe-config|-V|--version)
+ return 0
+ ;;
+ esac
+ done
+ return 1
+}
+
+_main() {
+ # if first arg looks like a flag, assume we want to run postgres server
+ if [ "${1:0:1}" = '-' ]; then
+ set -- postgres "$@"
+ fi
+
+ if [ "$1" = 'postgres' ] && ! _pg_want_help "$@"; then
+ docker_setup_env
+ # setup data directories and permissions (when run as root)
+ docker_create_db_directories
+ if [ "$(id -u)" = '0' ]; then
+ # then restart script as postgres user
+ exec gosu postgres "$BASH_SOURCE" "$@"
+ fi
+
+ # only run initialization on an empty data directory
+ if [ -z "$DATABASE_ALREADY_EXISTS" ]; then
+ docker_verify_minimum_env
+
+ # check dir permissions to reduce likelihood of half-initialized database
+ ls /docker-entrypoint-initdb.d/ > /dev/null
+
+ docker_init_database_dir
+ pg_setup_hba_conf "$@"
+
+ # PGPASSWORD is required for psql when authentication is required for 'local' connections via pg_hba.conf and is otherwise harmless
+ # e.g. when '--auth=md5' or '--auth-local=md5' is used in POSTGRES_INITDB_ARGS
+ export PGPASSWORD="${PGPASSWORD:-$POSTGRES_PASSWORD}"
+ docker_temp_server_start "$@"
+
+ docker_setup_db
+ docker_process_init_files /docker-entrypoint-initdb.d/*
+
+ docker_temp_server_stop
+ unset PGPASSWORD
+
+ cat <<-'EOM'
+
+ PostgreSQL init process complete; ready for start up.
+
+ EOM
+ else
+ cat <<-'EOM'
+
+ PostgreSQL Database directory appears to contain a database; Skipping initialization
+
+ EOM
+ fi
+ fi
+
+ exec "$@"
+}
+
+if ! _is_sourced; then
+ _main "$@"
+fi
diff --git a/14/bookworm/Dockerfile b/14/bookworm/Dockerfile
new file mode 100644
index 0000000000..e8ce3bb2c2
--- /dev/null
+++ b/14/bookworm/Dockerfile
@@ -0,0 +1,219 @@
+#
+# NOTE: THIS DOCKERFILE IS GENERATED VIA "apply-templates.sh"
+#
+# PLEASE DO NOT EDIT IT DIRECTLY.
+#
+
+FROM debian:bookworm-slim
+
+# explicitly set user/group IDs
+RUN set -eux; \
+ groupadd -r postgres --gid=999; \
+# https://salsa.debian.org/postgresql/postgresql-common/blob/997d842ee744687d99a2b2d95c1083a2615c79e8/debian/postgresql-common.postinst#L32-35
+ useradd -r -g postgres --uid=999 --home-dir=/var/lib/postgresql --shell=/bin/bash postgres; \
+# also create the postgres user's home directory with appropriate permissions
+# see https://github.com/docker-library/postgres/issues/274
+ mkdir -p /var/lib/postgresql; \
+ chown -R postgres:postgres /var/lib/postgresql
+
+RUN set -ex; \
+ apt-get update; \
+ apt-get install -y --no-install-recommends \
+ gnupg \
+ ; \
+ rm -rf /var/lib/apt/lists/*
+
+# grab gosu for easy step-down from root
+# https://github.com/tianon/gosu/releases
+ENV GOSU_VERSION 1.16
+RUN set -eux; \
+ savedAptMark="$(apt-mark showmanual)"; \
+ apt-get update; \
+ apt-get install -y --no-install-recommends ca-certificates wget; \
+ rm -rf /var/lib/apt/lists/*; \
+ dpkgArch="$(dpkg --print-architecture | awk -F- '{ print $NF }')"; \
+ wget -O /usr/local/bin/gosu "https://github.com/tianon/gosu/releases/download/$GOSU_VERSION/gosu-$dpkgArch"; \
+ wget -O /usr/local/bin/gosu.asc "https://github.com/tianon/gosu/releases/download/$GOSU_VERSION/gosu-$dpkgArch.asc"; \
+ export GNUPGHOME="$(mktemp -d)"; \
+ gpg --batch --keyserver hkps://keys.openpgp.org --recv-keys B42F6819007F00F88E364FD4036A9C25BF357DD4; \
+ gpg --batch --verify /usr/local/bin/gosu.asc /usr/local/bin/gosu; \
+ gpgconf --kill all; \
+ rm -rf "$GNUPGHOME" /usr/local/bin/gosu.asc; \
+ apt-mark auto '.*' > /dev/null; \
+ [ -z "$savedAptMark" ] || apt-mark manual $savedAptMark > /dev/null; \
+ apt-get purge -y --auto-remove -o APT::AutoRemove::RecommendsImportant=false; \
+ chmod +x /usr/local/bin/gosu; \
+ gosu --version; \
+ gosu nobody true
+
+# make the "en_US.UTF-8" locale so postgres will be utf-8 enabled by default
+RUN set -eux; \
+ if [ -f /etc/dpkg/dpkg.cfg.d/docker ]; then \
+# if this file exists, we're likely in "debian:xxx-slim", and locales are thus being excluded so we need to remove that exclusion (since we need locales)
+ grep -q '/usr/share/locale' /etc/dpkg/dpkg.cfg.d/docker; \
+ sed -ri '/\/usr\/share\/locale/d' /etc/dpkg/dpkg.cfg.d/docker; \
+ ! grep -q '/usr/share/locale' /etc/dpkg/dpkg.cfg.d/docker; \
+ fi; \
+ apt-get update; apt-get install -y --no-install-recommends locales; rm -rf /var/lib/apt/lists/*; \
+ localedef -i en_US -c -f UTF-8 -A /usr/share/locale/locale.alias en_US.UTF-8
+ENV LANG en_US.utf8
+
+RUN set -eux; \
+ apt-get update; \
+ apt-get install -y --no-install-recommends \
+ libnss-wrapper \
+ xz-utils \
+ zstd \
+ ; \
+ rm -rf /var/lib/apt/lists/*
+
+RUN mkdir /docker-entrypoint-initdb.d
+
+RUN set -ex; \
+# pub 4096R/ACCC4CF8 2011-10-13 [expires: 2019-07-02]
+# Key fingerprint = B97B 0AFC AA1A 47F0 44F2 44A0 7FCC 7D46 ACCC 4CF8
+# uid PostgreSQL Debian Repository
+ key='B97B0AFCAA1A47F044F244A07FCC7D46ACCC4CF8'; \
+ export GNUPGHOME="$(mktemp -d)"; \
+ mkdir -p /usr/local/share/keyrings/; \
+ gpg --batch --keyserver keyserver.ubuntu.com --recv-keys "$key"; \
+ gpg --batch --export --armor "$key" > /usr/local/share/keyrings/postgres.gpg.asc; \
+ gpgconf --kill all; \
+ rm -rf "$GNUPGHOME"
+
+ENV PG_MAJOR 14
+ENV PATH $PATH:/usr/lib/postgresql/$PG_MAJOR/bin
+
+ENV PG_VERSION 14.8-1.pgdg120+1
+
+RUN set -ex; \
+ \
+# see note below about "*.pyc" files
+ export PYTHONDONTWRITEBYTECODE=1; \
+ \
+ dpkgArch="$(dpkg --print-architecture)"; \
+ aptRepo="[ signed-by=/usr/local/share/keyrings/postgres.gpg.asc ] http://apt.postgresql.org/pub/repos/apt/ bookworm-pgdg main $PG_MAJOR"; \
+ case "$dpkgArch" in \
+ amd64 | arm64 | ppc64el | s390x) \
+# arches officialy built by upstream
+ echo "deb $aptRepo" > /etc/apt/sources.list.d/pgdg.list; \
+ apt-get update; \
+ ;; \
+ *) \
+# we're on an architecture upstream doesn't officially build for
+# let's build binaries from their published source packages
+ echo "deb-src $aptRepo" > /etc/apt/sources.list.d/pgdg.list; \
+ \
+ savedAptMark="$(apt-mark showmanual)"; \
+ \
+ tempDir="$(mktemp -d)"; \
+ cd "$tempDir"; \
+ \
+# create a temporary local APT repo to install from (so that dependency resolution can be handled by APT, as it should be)
+ apt-get update; \
+ apt-get install -y --no-install-recommends dpkg-dev; \
+ echo "deb [ trusted=yes ] file://$tempDir ./" > /etc/apt/sources.list.d/temp.list; \
+ _update_repo() { \
+ dpkg-scanpackages . > Packages; \
+# work around the following APT issue by using "Acquire::GzipIndexes=false" (overriding "/etc/apt/apt.conf.d/docker-gzip-indexes")
+# Could not open file /var/lib/apt/lists/partial/_tmp_tmp.ODWljpQfkE_._Packages - open (13: Permission denied)
+# ...
+# E: Failed to fetch store:/var/lib/apt/lists/partial/_tmp_tmp.ODWljpQfkE_._Packages Could not open file /var/lib/apt/lists/partial/_tmp_tmp.ODWljpQfkE_._Packages - open (13: Permission denied)
+ apt-get -o Acquire::GzipIndexes=false update; \
+ }; \
+ _update_repo; \
+ \
+# build .deb files from upstream's source packages (which are verified by apt-get)
+ nproc="$(nproc)"; \
+ export DEB_BUILD_OPTIONS="nocheck parallel=$nproc"; \
+# we have to build postgresql-common first because postgresql-$PG_MAJOR shares "debian/rules" logic with it: https://salsa.debian.org/postgresql/postgresql/-/commit/99f44476e258cae6bf9e919219fa2c5414fa2876
+# (and it "Depends: pgdg-keyring")
+ apt-get build-dep -y postgresql-common pgdg-keyring; \
+ apt-get source --compile postgresql-common pgdg-keyring; \
+ _update_repo; \
+ apt-get build-dep -y "postgresql-$PG_MAJOR=$PG_VERSION"; \
+ apt-get source --compile "postgresql-$PG_MAJOR=$PG_VERSION"; \
+ \
+# we don't remove APT lists here because they get re-downloaded and removed later
+ \
+# reset apt-mark's "manual" list so that "purge --auto-remove" will remove all build dependencies
+# (which is done after we install the built packages so we don't have to redownload any overlapping dependencies)
+ apt-mark showmanual | xargs apt-mark auto > /dev/null; \
+ apt-mark manual $savedAptMark; \
+ \
+ ls -lAFh; \
+ _update_repo; \
+ grep '^Package: ' Packages; \
+ cd /; \
+ ;; \
+ esac; \
+ \
+ apt-get install -y --no-install-recommends postgresql-common; \
+ sed -ri 's/#(create_main_cluster) .*$/\1 = false/' /etc/postgresql-common/createcluster.conf; \
+ apt-get install -y --no-install-recommends \
+ "postgresql-$PG_MAJOR=$PG_VERSION" \
+ ; \
+ \
+ rm -rf /var/lib/apt/lists/*; \
+ \
+ if [ -n "$tempDir" ]; then \
+# if we have leftovers from building, let's purge them (including extra, unnecessary build deps)
+ apt-get purge -y --auto-remove; \
+ rm -rf "$tempDir" /etc/apt/sources.list.d/temp.list; \
+ fi; \
+ \
+# some of the steps above generate a lot of "*.pyc" files (and setting "PYTHONDONTWRITEBYTECODE" beforehand doesn't propagate properly for some reason), so we clean them up manually (as long as they aren't owned by a package)
+ find /usr -name '*.pyc' -type f -exec bash -c 'for pyc; do dpkg -S "$pyc" &> /dev/null || rm -vf "$pyc"; done' -- '{}' +; \
+ \
+ postgres --version
+
+# make the sample config easier to munge (and "correct by default")
+RUN set -eux; \
+ dpkg-divert --add --rename --divert "/usr/share/postgresql/postgresql.conf.sample.dpkg" "/usr/share/postgresql/$PG_MAJOR/postgresql.conf.sample"; \
+ cp -v /usr/share/postgresql/postgresql.conf.sample.dpkg /usr/share/postgresql/postgresql.conf.sample; \
+ ln -sv ../postgresql.conf.sample "/usr/share/postgresql/$PG_MAJOR/"; \
+ sed -ri "s!^#?(listen_addresses)\s*=\s*\S+.*!\1 = '*'!" /usr/share/postgresql/postgresql.conf.sample; \
+ grep -F "listen_addresses = '*'" /usr/share/postgresql/postgresql.conf.sample
+
+RUN mkdir -p /var/run/postgresql && chown -R postgres:postgres /var/run/postgresql && chmod 2777 /var/run/postgresql
+
+ENV PGDATA /var/lib/postgresql/data
+# this 777 will be replaced by 700 at runtime (allows semi-arbitrary "--user" values)
+RUN mkdir -p "$PGDATA" && chown -R postgres:postgres "$PGDATA" && chmod 777 "$PGDATA"
+VOLUME /var/lib/postgresql/data
+
+COPY docker-entrypoint.sh /usr/local/bin/
+ENTRYPOINT ["docker-entrypoint.sh"]
+
+# We set the default STOPSIGNAL to SIGINT, which corresponds to what PostgreSQL
+# calls "Fast Shutdown mode" wherein new connections are disallowed and any
+# in-progress transactions are aborted, allowing PostgreSQL to stop cleanly and
+# flush tables to disk, which is the best compromise available to avoid data
+# corruption.
+#
+# Users who know their applications do not keep open long-lived idle connections
+# may way to use a value of SIGTERM instead, which corresponds to "Smart
+# Shutdown mode" in which any existing sessions are allowed to finish and the
+# server stops when all sessions are terminated.
+#
+# See https://www.postgresql.org/docs/12/server-shutdown.html for more details
+# about available PostgreSQL server shutdown signals.
+#
+# See also https://www.postgresql.org/docs/12/server-start.html for further
+# justification of this as the default value, namely that the example (and
+# shipped) systemd service files use the "Fast Shutdown mode" for service
+# termination.
+#
+STOPSIGNAL SIGINT
+#
+# An additional setting that is recommended for all users regardless of this
+# value is the runtime "--stop-timeout" (or your orchestrator/runtime's
+# equivalent) for controlling how long to wait between sending the defined
+# STOPSIGNAL and sending SIGKILL (which is likely to cause data corruption).
+#
+# The default in most runtimes (such as Docker) is 10 seconds, and the
+# documentation at https://www.postgresql.org/docs/12/server-start.html notes
+# that even 90 seconds may not be long enough in many instances.
+
+EXPOSE 5432
+CMD ["postgres"]
diff --git a/14/bookworm/docker-entrypoint.sh b/14/bookworm/docker-entrypoint.sh
new file mode 100755
index 0000000000..0ae0ecf8c2
--- /dev/null
+++ b/14/bookworm/docker-entrypoint.sh
@@ -0,0 +1,351 @@
+#!/usr/bin/env bash
+set -Eeo pipefail
+# TODO swap to -Eeuo pipefail above (after handling all potentially-unset variables)
+
+# usage: file_env VAR [DEFAULT]
+# ie: file_env 'XYZ_DB_PASSWORD' 'example'
+# (will allow for "$XYZ_DB_PASSWORD_FILE" to fill in the value of
+# "$XYZ_DB_PASSWORD" from a file, especially for Docker's secrets feature)
+file_env() {
+ local var="$1"
+ local fileVar="${var}_FILE"
+ local def="${2:-}"
+ if [ "${!var:-}" ] && [ "${!fileVar:-}" ]; then
+ printf >&2 'error: both %s and %s are set (but are exclusive)\n' "$var" "$fileVar"
+ exit 1
+ fi
+ local val="$def"
+ if [ "${!var:-}" ]; then
+ val="${!var}"
+ elif [ "${!fileVar:-}" ]; then
+ val="$(< "${!fileVar}")"
+ fi
+ export "$var"="$val"
+ unset "$fileVar"
+}
+
+# check to see if this file is being run or sourced from another script
+_is_sourced() {
+ # https://unix.stackexchange.com/a/215279
+ [ "${#FUNCNAME[@]}" -ge 2 ] \
+ && [ "${FUNCNAME[0]}" = '_is_sourced' ] \
+ && [ "${FUNCNAME[1]}" = 'source' ]
+}
+
+# used to create initial postgres directories and if run as root, ensure ownership to the "postgres" user
+docker_create_db_directories() {
+ local user; user="$(id -u)"
+
+ mkdir -p "$PGDATA"
+ # ignore failure since there are cases where we can't chmod (and PostgreSQL might fail later anyhow - it's picky about permissions of this directory)
+ chmod 00700 "$PGDATA" || :
+
+ # ignore failure since it will be fine when using the image provided directory; see also https://github.com/docker-library/postgres/pull/289
+ mkdir -p /var/run/postgresql || :
+ chmod 03775 /var/run/postgresql || :
+
+ # Create the transaction log directory before initdb is run so the directory is owned by the correct user
+ if [ -n "${POSTGRES_INITDB_WALDIR:-}" ]; then
+ mkdir -p "$POSTGRES_INITDB_WALDIR"
+ if [ "$user" = '0' ]; then
+ find "$POSTGRES_INITDB_WALDIR" \! -user postgres -exec chown postgres '{}' +
+ fi
+ chmod 700 "$POSTGRES_INITDB_WALDIR"
+ fi
+
+ # allow the container to be started with `--user`
+ if [ "$user" = '0' ]; then
+ find "$PGDATA" \! -user postgres -exec chown postgres '{}' +
+ find /var/run/postgresql \! -user postgres -exec chown postgres '{}' +
+ fi
+}
+
+# initialize empty PGDATA directory with new database via 'initdb'
+# arguments to `initdb` can be passed via POSTGRES_INITDB_ARGS or as arguments to this function
+# `initdb` automatically creates the "postgres", "template0", and "template1" dbnames
+# this is also where the database user is created, specified by `POSTGRES_USER` env
+docker_init_database_dir() {
+ # "initdb" is particular about the current user existing in "/etc/passwd", so we use "nss_wrapper" to fake that if necessary
+ # see https://github.com/docker-library/postgres/pull/253, https://github.com/docker-library/postgres/issues/359, https://cwrap.org/nss_wrapper.html
+ local uid; uid="$(id -u)"
+ if ! getent passwd "$uid" &> /dev/null; then
+ # see if we can find a suitable "libnss_wrapper.so" (https://salsa.debian.org/sssd-team/nss-wrapper/-/commit/b9925a653a54e24d09d9b498a2d913729f7abb15)
+ local wrapper
+ for wrapper in {/usr,}/lib{/*,}/libnss_wrapper.so; do
+ if [ -s "$wrapper" ]; then
+ NSS_WRAPPER_PASSWD="$(mktemp)"
+ NSS_WRAPPER_GROUP="$(mktemp)"
+ export LD_PRELOAD="$wrapper" NSS_WRAPPER_PASSWD NSS_WRAPPER_GROUP
+ local gid; gid="$(id -g)"
+ printf 'postgres:x:%s:%s:PostgreSQL:%s:/bin/false\n' "$uid" "$gid" "$PGDATA" > "$NSS_WRAPPER_PASSWD"
+ printf 'postgres:x:%s:\n' "$gid" > "$NSS_WRAPPER_GROUP"
+ break
+ fi
+ done
+ fi
+
+ if [ -n "${POSTGRES_INITDB_WALDIR:-}" ]; then
+ set -- --waldir "$POSTGRES_INITDB_WALDIR" "$@"
+ fi
+
+ # --pwfile refuses to handle a properly-empty file (hence the "\n"): https://github.com/docker-library/postgres/issues/1025
+ eval 'initdb --username="$POSTGRES_USER" --pwfile=<(printf "%s\n" "$POSTGRES_PASSWORD") '"$POSTGRES_INITDB_ARGS"' "$@"'
+
+ # unset/cleanup "nss_wrapper" bits
+ if [[ "${LD_PRELOAD:-}" == */libnss_wrapper.so ]]; then
+ rm -f "$NSS_WRAPPER_PASSWD" "$NSS_WRAPPER_GROUP"
+ unset LD_PRELOAD NSS_WRAPPER_PASSWD NSS_WRAPPER_GROUP
+ fi
+}
+
+# print large warning if POSTGRES_PASSWORD is long
+# error if both POSTGRES_PASSWORD is empty and POSTGRES_HOST_AUTH_METHOD is not 'trust'
+# print large warning if POSTGRES_HOST_AUTH_METHOD is set to 'trust'
+# assumes database is not set up, ie: [ -z "$DATABASE_ALREADY_EXISTS" ]
+docker_verify_minimum_env() {
+ # check password first so we can output the warning before postgres
+ # messes it up
+ if [ "${#POSTGRES_PASSWORD}" -ge 100 ]; then
+ cat >&2 <<-'EOWARN'
+
+ WARNING: The supplied POSTGRES_PASSWORD is 100+ characters.
+
+ This will not work if used via PGPASSWORD with "psql".
+
+ https://www.postgresql.org/message-id/flat/E1Rqxp2-0004Qt-PL%40wrigleys.postgresql.org (BUG #6412)
+ https://github.com/docker-library/postgres/issues/507
+
+ EOWARN
+ fi
+ if [ -z "$POSTGRES_PASSWORD" ] && [ 'trust' != "$POSTGRES_HOST_AUTH_METHOD" ]; then
+ # The - option suppresses leading tabs but *not* spaces. :)
+ cat >&2 <<-'EOE'
+ Error: Database is uninitialized and superuser password is not specified.
+ You must specify POSTGRES_PASSWORD to a non-empty value for the
+ superuser. For example, "-e POSTGRES_PASSWORD=password" on "docker run".
+
+ You may also use "POSTGRES_HOST_AUTH_METHOD=trust" to allow all
+ connections without a password. This is *not* recommended.
+
+ See PostgreSQL documentation about "trust":
+ https://www.postgresql.org/docs/current/auth-trust.html
+ EOE
+ exit 1
+ fi
+ if [ 'trust' = "$POSTGRES_HOST_AUTH_METHOD" ]; then
+ cat >&2 <<-'EOWARN'
+ ********************************************************************************
+ WARNING: POSTGRES_HOST_AUTH_METHOD has been set to "trust". This will allow
+ anyone with access to the Postgres port to access your database without
+ a password, even if POSTGRES_PASSWORD is set. See PostgreSQL
+ documentation about "trust":
+ https://www.postgresql.org/docs/current/auth-trust.html
+ In Docker's default configuration, this is effectively any other
+ container on the same system.
+
+ It is not recommended to use POSTGRES_HOST_AUTH_METHOD=trust. Replace
+ it with "-e POSTGRES_PASSWORD=password" instead to set a password in
+ "docker run".
+ ********************************************************************************
+ EOWARN
+ fi
+}
+
+# usage: docker_process_init_files [file [file [...]]]
+# ie: docker_process_init_files /always-initdb.d/*
+# process initializer files, based on file extensions and permissions
+docker_process_init_files() {
+ # psql here for backwards compatibility "${psql[@]}"
+ psql=( docker_process_sql )
+
+ printf '\n'
+ local f
+ for f; do
+ case "$f" in
+ *.sh)
+ # https://github.com/docker-library/postgres/issues/450#issuecomment-393167936
+ # https://github.com/docker-library/postgres/pull/452
+ if [ -x "$f" ]; then
+ printf '%s: running %s\n' "$0" "$f"
+ "$f"
+ else
+ printf '%s: sourcing %s\n' "$0" "$f"
+ . "$f"
+ fi
+ ;;
+ *.sql) printf '%s: running %s\n' "$0" "$f"; docker_process_sql -f "$f"; printf '\n' ;;
+ *.sql.gz) printf '%s: running %s\n' "$0" "$f"; gunzip -c "$f" | docker_process_sql; printf '\n' ;;
+ *.sql.xz) printf '%s: running %s\n' "$0" "$f"; xzcat "$f" | docker_process_sql; printf '\n' ;;
+ *.sql.zst) printf '%s: running %s\n' "$0" "$f"; zstd -dc "$f" | docker_process_sql; printf '\n' ;;
+ *) printf '%s: ignoring %s\n' "$0" "$f" ;;
+ esac
+ printf '\n'
+ done
+}
+
+# Execute sql script, passed via stdin (or -f flag of pqsl)
+# usage: docker_process_sql [psql-cli-args]
+# ie: docker_process_sql --dbname=mydb <<<'INSERT ...'
+# ie: docker_process_sql -f my-file.sql
+# ie: docker_process_sql <my-file.sql
+docker_process_sql() {
+ local query_runner=( psql -v ON_ERROR_STOP=1 --username "$POSTGRES_USER" --no-password --no-psqlrc )
+ if [ -n "$POSTGRES_DB" ]; then
+ query_runner+=( --dbname "$POSTGRES_DB" )
+ fi
+
+ PGHOST= PGHOSTADDR= "${query_runner[@]}" "$@"
+}
+
+# create initial database
+# uses environment variables for input: POSTGRES_DB
+docker_setup_db() {
+ local dbAlreadyExists
+ dbAlreadyExists="$(
+ POSTGRES_DB= docker_process_sql --dbname postgres --set db="$POSTGRES_DB" --tuples-only <<-'EOSQL'
+ SELECT 1 FROM pg_database WHERE datname = :'db' ;
+ EOSQL
+ )"
+ if [ -z "$dbAlreadyExists" ]; then
+ POSTGRES_DB= docker_process_sql --dbname postgres --set db="$POSTGRES_DB" <<-'EOSQL'
+ CREATE DATABASE :"db" ;
+ EOSQL
+ printf '\n'
+ fi
+}
+
+# Loads various settings that are used elsewhere in the script
+# This should be called before any other functions
+docker_setup_env() {
+ file_env 'POSTGRES_PASSWORD'
+
+ file_env 'POSTGRES_USER' 'postgres'
+ file_env 'POSTGRES_DB' "$POSTGRES_USER"
+ file_env 'POSTGRES_INITDB_ARGS'
+ : "${POSTGRES_HOST_AUTH_METHOD:=}"
+
+ declare -g DATABASE_ALREADY_EXISTS
+ # look specifically for PG_VERSION, as it is expected in the DB dir
+ if [ -s "$PGDATA/PG_VERSION" ]; then
+ DATABASE_ALREADY_EXISTS='true'
+ fi
+}
+
+# append POSTGRES_HOST_AUTH_METHOD to pg_hba.conf for "host" connections
+# all arguments will be passed along as arguments to `postgres` for getting the value of 'password_encryption'
+pg_setup_hba_conf() {
+ # default authentication method is md5 on versions before 14
+ # https://www.postgresql.org/about/news/postgresql-14-released-2318/
+ if [ "$1" = 'postgres' ]; then
+ shift
+ fi
+ local auth
+ # check the default/configured encryption and use that as the auth method
+ auth="$(postgres -C password_encryption "$@")"
+ : "${POSTGRES_HOST_AUTH_METHOD:=$auth}"
+ {
+ printf '\n'
+ if [ 'trust' = "$POSTGRES_HOST_AUTH_METHOD" ]; then
+ printf '# warning trust is enabled for all connections\n'
+ printf '# see https://www.postgresql.org/docs/12/auth-trust.html\n'
+ fi
+ printf 'host all all all %s\n' "$POSTGRES_HOST_AUTH_METHOD"
+ } >> "$PGDATA/pg_hba.conf"
+}
+
+# start socket-only postgresql server for setting up or running scripts
+# all arguments will be passed along as arguments to `postgres` (via pg_ctl)
+docker_temp_server_start() {
+ if [ "$1" = 'postgres' ]; then
+ shift
+ fi
+
+ # internal start of server in order to allow setup using psql client
+ # does not listen on external TCP/IP and waits until start finishes
+ set -- "$@" -c listen_addresses='' -p "${PGPORT:-5432}"
+
+ PGUSER="${PGUSER:-$POSTGRES_USER}" \
+ pg_ctl -D "$PGDATA" \
+ -o "$(printf '%q ' "$@")" \
+ -w start
+}
+
+# stop postgresql server after done setting up user and running scripts
+docker_temp_server_stop() {
+ PGUSER="${PGUSER:-postgres}" \
+ pg_ctl -D "$PGDATA" -m fast -w stop
+}
+
+# check arguments for an option that would cause postgres to stop
+# return true if there is one
+_pg_want_help() {
+ local arg
+ for arg; do
+ case "$arg" in
+ # postgres --help | grep 'then exit'
+ # leaving out -C on purpose since it always fails and is unhelpful:
+ # postgres: could not access the server configuration file "/var/lib/postgresql/data/postgresql.conf": No such file or directory
+ -'?'|--help|--describe-config|-V|--version)
+ return 0
+ ;;
+ esac
+ done
+ return 1
+}
+
+_main() {
+ # if first arg looks like a flag, assume we want to run postgres server
+ if [ "${1:0:1}" = '-' ]; then
+ set -- postgres "$@"
+ fi
+
+ if [ "$1" = 'postgres' ] && ! _pg_want_help "$@"; then
+ docker_setup_env
+ # setup data directories and permissions (when run as root)
+ docker_create_db_directories
+ if [ "$(id -u)" = '0' ]; then
+ # then restart script as postgres user
+ exec gosu postgres "$BASH_SOURCE" "$@"
+ fi
+
+ # only run initialization on an empty data directory
+ if [ -z "$DATABASE_ALREADY_EXISTS" ]; then
+ docker_verify_minimum_env
+
+ # check dir permissions to reduce likelihood of half-initialized database
+ ls /docker-entrypoint-initdb.d/ > /dev/null
+
+ docker_init_database_dir
+ pg_setup_hba_conf "$@"
+
+ # PGPASSWORD is required for psql when authentication is required for 'local' connections via pg_hba.conf and is otherwise harmless
+ # e.g. when '--auth=md5' or '--auth-local=md5' is used in POSTGRES_INITDB_ARGS
+ export PGPASSWORD="${PGPASSWORD:-$POSTGRES_PASSWORD}"
+ docker_temp_server_start "$@"
+
+ docker_setup_db
+ docker_process_init_files /docker-entrypoint-initdb.d/*
+
+ docker_temp_server_stop
+ unset PGPASSWORD
+
+ cat <<-'EOM'
+
+ PostgreSQL init process complete; ready for start up.
+
+ EOM
+ else
+ cat <<-'EOM'
+
+ PostgreSQL Database directory appears to contain a database; Skipping initialization
+
+ EOM
+ fi
+ fi
+
+ exec "$@"
+}
+
+if ! _is_sourced; then
+ _main "$@"
+fi
diff --git a/15/bookworm/Dockerfile b/15/bookworm/Dockerfile
new file mode 100644
index 0000000000..ae7ccd4f21
--- /dev/null
+++ b/15/bookworm/Dockerfile
@@ -0,0 +1,219 @@
+#
+# NOTE: THIS DOCKERFILE IS GENERATED VIA "apply-templates.sh"
+#
+# PLEASE DO NOT EDIT IT DIRECTLY.
+#
+
+FROM debian:bookworm-slim
+
+# explicitly set user/group IDs
+RUN set -eux; \
+ groupadd -r postgres --gid=999; \
+# https://salsa.debian.org/postgresql/postgresql-common/blob/997d842ee744687d99a2b2d95c1083a2615c79e8/debian/postgresql-common.postinst#L32-35
+ useradd -r -g postgres --uid=999 --home-dir=/var/lib/postgresql --shell=/bin/bash postgres; \
+# also create the postgres user's home directory with appropriate permissions
+# see https://github.com/docker-library/postgres/issues/274
+ mkdir -p /var/lib/postgresql; \
+ chown -R postgres:postgres /var/lib/postgresql
+
+RUN set -ex; \
+ apt-get update; \
+ apt-get install -y --no-install-recommends \
+ gnupg \
+ ; \
+ rm -rf /var/lib/apt/lists/*
+
+# grab gosu for easy step-down from root
+# https://github.com/tianon/gosu/releases
+ENV GOSU_VERSION 1.16
+RUN set -eux; \
+ savedAptMark="$(apt-mark showmanual)"; \
+ apt-get update; \
+ apt-get install -y --no-install-recommends ca-certificates wget; \
+ rm -rf /var/lib/apt/lists/*; \
+ dpkgArch="$(dpkg --print-architecture | awk -F- '{ print $NF }')"; \
+ wget -O /usr/local/bin/gosu "https://github.com/tianon/gosu/releases/download/$GOSU_VERSION/gosu-$dpkgArch"; \
+ wget -O /usr/local/bin/gosu.asc "https://github.com/tianon/gosu/releases/download/$GOSU_VERSION/gosu-$dpkgArch.asc"; \
+ export GNUPGHOME="$(mktemp -d)"; \
+ gpg --batch --keyserver hkps://keys.openpgp.org --recv-keys B42F6819007F00F88E364FD4036A9C25BF357DD4; \
+ gpg --batch --verify /usr/local/bin/gosu.asc /usr/local/bin/gosu; \
+ gpgconf --kill all; \
+ rm -rf "$GNUPGHOME" /usr/local/bin/gosu.asc; \
+ apt-mark auto '.*' > /dev/null; \
+ [ -z "$savedAptMark" ] || apt-mark manual $savedAptMark > /dev/null; \
+ apt-get purge -y --auto-remove -o APT::AutoRemove::RecommendsImportant=false; \
+ chmod +x /usr/local/bin/gosu; \
+ gosu --version; \
+ gosu nobody true
+
+# make the "en_US.UTF-8" locale so postgres will be utf-8 enabled by default
+RUN set -eux; \
+ if [ -f /etc/dpkg/dpkg.cfg.d/docker ]; then \
+# if this file exists, we're likely in "debian:xxx-slim", and locales are thus being excluded so we need to remove that exclusion (since we need locales)
+ grep -q '/usr/share/locale' /etc/dpkg/dpkg.cfg.d/docker; \
+ sed -ri '/\/usr\/share\/locale/d' /etc/dpkg/dpkg.cfg.d/docker; \
+ ! grep -q '/usr/share/locale' /etc/dpkg/dpkg.cfg.d/docker; \
+ fi; \
+ apt-get update; apt-get install -y --no-install-recommends locales; rm -rf /var/lib/apt/lists/*; \
+ localedef -i en_US -c -f UTF-8 -A /usr/share/locale/locale.alias en_US.UTF-8
+ENV LANG en_US.utf8
+
+RUN set -eux; \
+ apt-get update; \
+ apt-get install -y --no-install-recommends \
+ libnss-wrapper \
+ xz-utils \
+ zstd \
+ ; \
+ rm -rf /var/lib/apt/lists/*
+
+RUN mkdir /docker-entrypoint-initdb.d
+
+RUN set -ex; \
+# pub 4096R/ACCC4CF8 2011-10-13 [expires: 2019-07-02]
+# Key fingerprint = B97B 0AFC AA1A 47F0 44F2 44A0 7FCC 7D46 ACCC 4CF8
+# uid PostgreSQL Debian Repository
+ key='B97B0AFCAA1A47F044F244A07FCC7D46ACCC4CF8'; \
+ export GNUPGHOME="$(mktemp -d)"; \
+ mkdir -p /usr/local/share/keyrings/; \
+ gpg --batch --keyserver keyserver.ubuntu.com --recv-keys "$key"; \
+ gpg --batch --export --armor "$key" > /usr/local/share/keyrings/postgres.gpg.asc; \
+ gpgconf --kill all; \
+ rm -rf "$GNUPGHOME"
+
+ENV PG_MAJOR 15
+ENV PATH $PATH:/usr/lib/postgresql/$PG_MAJOR/bin
+
+ENV PG_VERSION 15.3-1.pgdg120+1
+
+RUN set -ex; \
+ \
+# see note below about "*.pyc" files
+ export PYTHONDONTWRITEBYTECODE=1; \
+ \
+ dpkgArch="$(dpkg --print-architecture)"; \
+ aptRepo="[ signed-by=/usr/local/share/keyrings/postgres.gpg.asc ] http://apt.postgresql.org/pub/repos/apt/ bookworm-pgdg main $PG_MAJOR"; \
+ case "$dpkgArch" in \
+ amd64 | arm64 | ppc64el | s390x) \
+# arches officialy built by upstream
+ echo "deb $aptRepo" > /etc/apt/sources.list.d/pgdg.list; \
+ apt-get update; \
+ ;; \
+ *) \
+# we're on an architecture upstream doesn't officially build for
+# let's build binaries from their published source packages
+ echo "deb-src $aptRepo" > /etc/apt/sources.list.d/pgdg.list; \
+ \
+ savedAptMark="$(apt-mark showmanual)"; \
+ \
+ tempDir="$(mktemp -d)"; \
+ cd "$tempDir"; \
+ \
+# create a temporary local APT repo to install from (so that dependency resolution can be handled by APT, as it should be)
+ apt-get update; \
+ apt-get install -y --no-install-recommends dpkg-dev; \
+ echo "deb [ trusted=yes ] file://$tempDir ./" > /etc/apt/sources.list.d/temp.list; \
+ _update_repo() { \
+ dpkg-scanpackages . > Packages; \
+# work around the following APT issue by using "Acquire::GzipIndexes=false" (overriding "/etc/apt/apt.conf.d/docker-gzip-indexes")
+# Could not open file /var/lib/apt/lists/partial/_tmp_tmp.ODWljpQfkE_._Packages - open (13: Permission denied)
+# ...
+# E: Failed to fetch store:/var/lib/apt/lists/partial/_tmp_tmp.ODWljpQfkE_._Packages Could not open file /var/lib/apt/lists/partial/_tmp_tmp.ODWljpQfkE_._Packages - open (13: Permission denied)
+ apt-get -o Acquire::GzipIndexes=false update; \
+ }; \
+ _update_repo; \
+ \
+# build .deb files from upstream's source packages (which are verified by apt-get)
+ nproc="$(nproc)"; \
+ export DEB_BUILD_OPTIONS="nocheck parallel=$nproc"; \
+# we have to build postgresql-common first because postgresql-$PG_MAJOR shares "debian/rules" logic with it: https://salsa.debian.org/postgresql/postgresql/-/commit/99f44476e258cae6bf9e919219fa2c5414fa2876
+# (and it "Depends: pgdg-keyring")
+ apt-get build-dep -y postgresql-common pgdg-keyring; \
+ apt-get source --compile postgresql-common pgdg-keyring; \
+ _update_repo; \
+ apt-get build-dep -y "postgresql-$PG_MAJOR=$PG_VERSION"; \
+ apt-get source --compile "postgresql-$PG_MAJOR=$PG_VERSION"; \
+ \
+# we don't remove APT lists here because they get re-downloaded and removed later
+ \
+# reset apt-mark's "manual" list so that "purge --auto-remove" will remove all build dependencies
+# (which is done after we install the built packages so we don't have to redownload any overlapping dependencies)
+ apt-mark showmanual | xargs apt-mark auto > /dev/null; \
+ apt-mark manual $savedAptMark; \
+ \
+ ls -lAFh; \
+ _update_repo; \
+ grep '^Package: ' Packages; \
+ cd /; \
+ ;; \
+ esac; \
+ \
+ apt-get install -y --no-install-recommends postgresql-common; \
+ sed -ri 's/#(create_main_cluster) .*$/\1 = false/' /etc/postgresql-common/createcluster.conf; \
+ apt-get install -y --no-install-recommends \
+ "postgresql-$PG_MAJOR=$PG_VERSION" \
+ ; \
+ \
+ rm -rf /var/lib/apt/lists/*; \
+ \
+ if [ -n "$tempDir" ]; then \
+# if we have leftovers from building, let's purge them (including extra, unnecessary build deps)
+ apt-get purge -y --auto-remove; \
+ rm -rf "$tempDir" /etc/apt/sources.list.d/temp.list; \
+ fi; \
+ \
+# some of the steps above generate a lot of "*.pyc" files (and setting "PYTHONDONTWRITEBYTECODE" beforehand doesn't propagate properly for some reason), so we clean them up manually (as long as they aren't owned by a package)
+ find /usr -name '*.pyc' -type f -exec bash -c 'for pyc; do dpkg -S "$pyc" &> /dev/null || rm -vf "$pyc"; done' -- '{}' +; \
+ \
+ postgres --version
+
+# make the sample config easier to munge (and "correct by default")
+RUN set -eux; \
+ dpkg-divert --add --rename --divert "/usr/share/postgresql/postgresql.conf.sample.dpkg" "/usr/share/postgresql/$PG_MAJOR/postgresql.conf.sample"; \
+ cp -v /usr/share/postgresql/postgresql.conf.sample.dpkg /usr/share/postgresql/postgresql.conf.sample; \
+ ln -sv ../postgresql.conf.sample "/usr/share/postgresql/$PG_MAJOR/"; \
+ sed -ri "s!^#?(listen_addresses)\s*=\s*\S+.*!\1 = '*'!" /usr/share/postgresql/postgresql.conf.sample; \
+ grep -F "listen_addresses = '*'" /usr/share/postgresql/postgresql.conf.sample
+
+RUN mkdir -p /var/run/postgresql && chown -R postgres:postgres /var/run/postgresql && chmod 2777 /var/run/postgresql
+
+ENV PGDATA /var/lib/postgresql/data
+# this 777 will be replaced by 700 at runtime (allows semi-arbitrary "--user" values)
+RUN mkdir -p "$PGDATA" && chown -R postgres:postgres "$PGDATA" && chmod 777 "$PGDATA"
+VOLUME /var/lib/postgresql/data
+
+COPY docker-entrypoint.sh /usr/local/bin/
+ENTRYPOINT ["docker-entrypoint.sh"]
+
+# We set the default STOPSIGNAL to SIGINT, which corresponds to what PostgreSQL
+# calls "Fast Shutdown mode" wherein new connections are disallowed and any
+# in-progress transactions are aborted, allowing PostgreSQL to stop cleanly and
+# flush tables to disk, which is the best compromise available to avoid data
+# corruption.
+#
+# Users who know their applications do not keep open long-lived idle connections
+# may way to use a value of SIGTERM instead, which corresponds to "Smart
+# Shutdown mode" in which any existing sessions are allowed to finish and the
+# server stops when all sessions are terminated.
+#
+# See https://www.postgresql.org/docs/12/server-shutdown.html for more details
+# about available PostgreSQL server shutdown signals.
+#
+# See also https://www.postgresql.org/docs/12/server-start.html for further
+# justification of this as the default value, namely that the example (and
+# shipped) systemd service files use the "Fast Shutdown mode" for service
+# termination.
+#
+STOPSIGNAL SIGINT
+#
+# An additional setting that is recommended for all users regardless of this
+# value is the runtime "--stop-timeout" (or your orchestrator/runtime's
+# equivalent) for controlling how long to wait between sending the defined
+# STOPSIGNAL and sending SIGKILL (which is likely to cause data corruption).
+#
+# The default in most runtimes (such as Docker) is 10 seconds, and the
+# documentation at https://www.postgresql.org/docs/12/server-start.html notes
+# that even 90 seconds may not be long enough in many instances.
+
+EXPOSE 5432
+CMD ["postgres"]
diff --git a/15/bookworm/docker-entrypoint.sh b/15/bookworm/docker-entrypoint.sh
new file mode 100755
index 0000000000..0ae0ecf8c2
--- /dev/null
+++ b/15/bookworm/docker-entrypoint.sh
@@ -0,0 +1,351 @@
+#!/usr/bin/env bash
+set -Eeo pipefail
+# TODO swap to -Eeuo pipefail above (after handling all potentially-unset variables)
+
+# usage: file_env VAR [DEFAULT]
+# ie: file_env 'XYZ_DB_PASSWORD' 'example'
+# (will allow for "$XYZ_DB_PASSWORD_FILE" to fill in the value of
+# "$XYZ_DB_PASSWORD" from a file, especially for Docker's secrets feature)
+file_env() {
+ local var="$1"
+ local fileVar="${var}_FILE"
+ local def="${2:-}"
+ if [ "${!var:-}" ] && [ "${!fileVar:-}" ]; then
+ printf >&2 'error: both %s and %s are set (but are exclusive)\n' "$var" "$fileVar"
+ exit 1
+ fi
+ local val="$def"
+ if [ "${!var:-}" ]; then
+ val="${!var}"
+ elif [ "${!fileVar:-}" ]; then
+ val="$(< "${!fileVar}")"
+ fi
+ export "$var"="$val"
+ unset "$fileVar"
+}
+
+# check to see if this file is being run or sourced from another script
+_is_sourced() {
+ # https://unix.stackexchange.com/a/215279
+ [ "${#FUNCNAME[@]}" -ge 2 ] \
+ && [ "${FUNCNAME[0]}" = '_is_sourced' ] \
+ && [ "${FUNCNAME[1]}" = 'source' ]
+}
+
+# used to create initial postgres directories and if run as root, ensure ownership to the "postgres" user
+docker_create_db_directories() {
+ local user; user="$(id -u)"
+
+ mkdir -p "$PGDATA"
+ # ignore failure since there are cases where we can't chmod (and PostgreSQL might fail later anyhow - it's picky about permissions of this directory)
+ chmod 00700 "$PGDATA" || :
+
+ # ignore failure since it will be fine when using the image provided directory; see also https://github.com/docker-library/postgres/pull/289
+ mkdir -p /var/run/postgresql || :
+ chmod 03775 /var/run/postgresql || :
+
+ # Create the transaction log directory before initdb is run so the directory is owned by the correct user
+ if [ -n "${POSTGRES_INITDB_WALDIR:-}" ]; then
+ mkdir -p "$POSTGRES_INITDB_WALDIR"
+ if [ "$user" = '0' ]; then
+ find "$POSTGRES_INITDB_WALDIR" \! -user postgres -exec chown postgres '{}' +
+ fi
+ chmod 700 "$POSTGRES_INITDB_WALDIR"
+ fi
+
+ # allow the container to be started with `--user`
+ if [ "$user" = '0' ]; then
+ find "$PGDATA" \! -user postgres -exec chown postgres '{}' +
+ find /var/run/postgresql \! -user postgres -exec chown postgres '{}' +
+ fi
+}
+
+# initialize empty PGDATA directory with new database via 'initdb'
+# arguments to `initdb` can be passed via POSTGRES_INITDB_ARGS or as arguments to this function
+# `initdb` automatically creates the "postgres", "template0", and "template1" dbnames
+# this is also where the database user is created, specified by `POSTGRES_USER` env
+docker_init_database_dir() {
+ # "initdb" is particular about the current user existing in "/etc/passwd", so we use "nss_wrapper" to fake that if necessary
+ # see https://github.com/docker-library/postgres/pull/253, https://github.com/docker-library/postgres/issues/359, https://cwrap.org/nss_wrapper.html
+ local uid; uid="$(id -u)"
+ if ! getent passwd "$uid" &> /dev/null; then
+ # see if we can find a suitable "libnss_wrapper.so" (https://salsa.debian.org/sssd-team/nss-wrapper/-/commit/b9925a653a54e24d09d9b498a2d913729f7abb15)
+ local wrapper
+ for wrapper in {/usr,}/lib{/*,}/libnss_wrapper.so; do
+ if [ -s "$wrapper" ]; then
+ NSS_WRAPPER_PASSWD="$(mktemp)"
+ NSS_WRAPPER_GROUP="$(mktemp)"
+ export LD_PRELOAD="$wrapper" NSS_WRAPPER_PASSWD NSS_WRAPPER_GROUP
+ local gid; gid="$(id -g)"
+ printf 'postgres:x:%s:%s:PostgreSQL:%s:/bin/false\n' "$uid" "$gid" "$PGDATA" > "$NSS_WRAPPER_PASSWD"
+ printf 'postgres:x:%s:\n' "$gid" > "$NSS_WRAPPER_GROUP"
+ break
+ fi
+ done
+ fi
+
+ if [ -n "${POSTGRES_INITDB_WALDIR:-}" ]; then
+ set -- --waldir "$POSTGRES_INITDB_WALDIR" "$@"
+ fi
+
+ # --pwfile refuses to handle a properly-empty file (hence the "\n"): https://github.com/docker-library/postgres/issues/1025
+ eval 'initdb --username="$POSTGRES_USER" --pwfile=<(printf "%s\n" "$POSTGRES_PASSWORD") '"$POSTGRES_INITDB_ARGS"' "$@"'
+
+ # unset/cleanup "nss_wrapper" bits
+ if [[ "${LD_PRELOAD:-}" == */libnss_wrapper.so ]]; then
+ rm -f "$NSS_WRAPPER_PASSWD" "$NSS_WRAPPER_GROUP"
+ unset LD_PRELOAD NSS_WRAPPER_PASSWD NSS_WRAPPER_GROUP
+ fi
+}
+
+# print large warning if POSTGRES_PASSWORD is long
+# error if both POSTGRES_PASSWORD is empty and POSTGRES_HOST_AUTH_METHOD is not 'trust'
+# print large warning if POSTGRES_HOST_AUTH_METHOD is set to 'trust'
+# assumes database is not set up, ie: [ -z "$DATABASE_ALREADY_EXISTS" ]
+docker_verify_minimum_env() {
+ # check password first so we can output the warning before postgres
+ # messes it up
+ if [ "${#POSTGRES_PASSWORD}" -ge 100 ]; then
+ cat >&2 <<-'EOWARN'
+
+ WARNING: The supplied POSTGRES_PASSWORD is 100+ characters.
+
+ This will not work if used via PGPASSWORD with "psql".
+
+ https://www.postgresql.org/message-id/flat/E1Rqxp2-0004Qt-PL%40wrigleys.postgresql.org (BUG #6412)
+ https://github.com/docker-library/postgres/issues/507
+
+ EOWARN
+ fi
+ if [ -z "$POSTGRES_PASSWORD" ] && [ 'trust' != "$POSTGRES_HOST_AUTH_METHOD" ]; then
+ # The - option suppresses leading tabs but *not* spaces. :)
+ cat >&2 <<-'EOE'
+ Error: Database is uninitialized and superuser password is not specified.
+ You must specify POSTGRES_PASSWORD to a non-empty value for the
+ superuser. For example, "-e POSTGRES_PASSWORD=password" on "docker run".
+
+ You may also use "POSTGRES_HOST_AUTH_METHOD=trust" to allow all
+ connections without a password. This is *not* recommended.
+
+ See PostgreSQL documentation about "trust":
+ https://www.postgresql.org/docs/current/auth-trust.html
+ EOE
+ exit 1
+ fi
+ if [ 'trust' = "$POSTGRES_HOST_AUTH_METHOD" ]; then
+ cat >&2 <<-'EOWARN'
+ ********************************************************************************
+ WARNING: POSTGRES_HOST_AUTH_METHOD has been set to "trust". This will allow
+ anyone with access to the Postgres port to access your database without
+ a password, even if POSTGRES_PASSWORD is set. See PostgreSQL
+ documentation about "trust":
+ https://www.postgresql.org/docs/current/auth-trust.html
+ In Docker's default configuration, this is effectively any other
+ container on the same system.
+
+ It is not recommended to use POSTGRES_HOST_AUTH_METHOD=trust. Replace
+ it with "-e POSTGRES_PASSWORD=password" instead to set a password in
+ "docker run".
+ ********************************************************************************
+ EOWARN
+ fi
+}
+
+# usage: docker_process_init_files [file [file [...]]]
+# ie: docker_process_init_files /always-initdb.d/*
+# process initializer files, based on file extensions and permissions
+docker_process_init_files() {
+ # psql here for backwards compatibility "${psql[@]}"
+ psql=( docker_process_sql )
+
+ printf '\n'
+ local f
+ for f; do
+ case "$f" in
+ *.sh)
+ # https://github.com/docker-library/postgres/issues/450#issuecomment-393167936
+ # https://github.com/docker-library/postgres/pull/452
+ if [ -x "$f" ]; then
+ printf '%s: running %s\n' "$0" "$f"
+ "$f"
+ else
+ printf '%s: sourcing %s\n' "$0" "$f"
+ . "$f"
+ fi
+ ;;
+ *.sql) printf '%s: running %s\n' "$0" "$f"; docker_process_sql -f "$f"; printf '\n' ;;
+ *.sql.gz) printf '%s: running %s\n' "$0" "$f"; gunzip -c "$f" | docker_process_sql; printf '\n' ;;
+ *.sql.xz) printf '%s: running %s\n' "$0" "$f"; xzcat "$f" | docker_process_sql; printf '\n' ;;
+ *.sql.zst) printf '%s: running %s\n' "$0" "$f"; zstd -dc "$f" | docker_process_sql; printf '\n' ;;
+ *) printf '%s: ignoring %s\n' "$0" "$f" ;;
+ esac
+ printf '\n'
+ done
+}
+
+# Execute sql script, passed via stdin (or -f flag of pqsl)
+# usage: docker_process_sql [psql-cli-args]
+# ie: docker_process_sql --dbname=mydb <<<'INSERT ...'
+# ie: docker_process_sql -f my-file.sql
+# ie: docker_process_sql <my-file.sql
+docker_process_sql() {
+ local query_runner=( psql -v ON_ERROR_STOP=1 --username "$POSTGRES_USER" --no-password --no-psqlrc )
+ if [ -n "$POSTGRES_DB" ]; then
+ query_runner+=( --dbname "$POSTGRES_DB" )
+ fi
+
+ PGHOST= PGHOSTADDR= "${query_runner[@]}" "$@"
+}
+
+# create initial database
+# uses environment variables for input: POSTGRES_DB
+docker_setup_db() {
+ local dbAlreadyExists
+ dbAlreadyExists="$(
+ POSTGRES_DB= docker_process_sql --dbname postgres --set db="$POSTGRES_DB" --tuples-only <<-'EOSQL'
+ SELECT 1 FROM pg_database WHERE datname = :'db' ;
+ EOSQL
+ )"
+ if [ -z "$dbAlreadyExists" ]; then
+ POSTGRES_DB= docker_process_sql --dbname postgres --set db="$POSTGRES_DB" <<-'EOSQL'
+ CREATE DATABASE :"db" ;
+ EOSQL
+ printf '\n'
+ fi
+}
+
+# Loads various settings that are used elsewhere in the script
+# This should be called before any other functions
+docker_setup_env() {
+ file_env 'POSTGRES_PASSWORD'
+
+ file_env 'POSTGRES_USER' 'postgres'
+ file_env 'POSTGRES_DB' "$POSTGRES_USER"
+ file_env 'POSTGRES_INITDB_ARGS'
+ : "${POSTGRES_HOST_AUTH_METHOD:=}"
+
+ declare -g DATABASE_ALREADY_EXISTS
+ # look specifically for PG_VERSION, as it is expected in the DB dir
+ if [ -s "$PGDATA/PG_VERSION" ]; then
+ DATABASE_ALREADY_EXISTS='true'
+ fi
+}
+
+# append POSTGRES_HOST_AUTH_METHOD to pg_hba.conf for "host" connections
+# all arguments will be passed along as arguments to `postgres` for getting the value of 'password_encryption'
+pg_setup_hba_conf() {
+ # default authentication method is md5 on versions before 14
+ # https://www.postgresql.org/about/news/postgresql-14-released-2318/
+ if [ "$1" = 'postgres' ]; then
+ shift
+ fi
+ local auth
+ # check the default/configured encryption and use that as the auth method
+ auth="$(postgres -C password_encryption "$@")"
+ : "${POSTGRES_HOST_AUTH_METHOD:=$auth}"
+ {
+ printf '\n'
+ if [ 'trust' = "$POSTGRES_HOST_AUTH_METHOD" ]; then
+ printf '# warning trust is enabled for all connections\n'
+ printf '# see https://www.postgresql.org/docs/12/auth-trust.html\n'
+ fi
+ printf 'host all all all %s\n' "$POSTGRES_HOST_AUTH_METHOD"
+ } >> "$PGDATA/pg_hba.conf"
+}
+
+# start socket-only postgresql server for setting up or running scripts
+# all arguments will be passed along as arguments to `postgres` (via pg_ctl)
+docker_temp_server_start() {
+ if [ "$1" = 'postgres' ]; then
+ shift
+ fi
+
+ # internal start of server in order to allow setup using psql client
+ # does not listen on external TCP/IP and waits until start finishes
+ set -- "$@" -c listen_addresses='' -p "${PGPORT:-5432}"
+
+ PGUSER="${PGUSER:-$POSTGRES_USER}" \
+ pg_ctl -D "$PGDATA" \
+ -o "$(printf '%q ' "$@")" \
+ -w start
+}
+
+# stop postgresql server after done setting up user and running scripts
+docker_temp_server_stop() {
+ PGUSER="${PGUSER:-postgres}" \
+ pg_ctl -D "$PGDATA" -m fast -w stop
+}
+
+# check arguments for an option that would cause postgres to stop
+# return true if there is one
+_pg_want_help() {
+ local arg
+ for arg; do
+ case "$arg" in
+ # postgres --help | grep 'then exit'
+ # leaving out -C on purpose since it always fails and is unhelpful:
+ # postgres: could not access the server configuration file "/var/lib/postgresql/data/postgresql.conf": No such file or directory
+ -'?'|--help|--describe-config|-V|--version)
+ return 0
+ ;;
+ esac
+ done
+ return 1
+}
+
+_main() {
+ # if first arg looks like a flag, assume we want to run postgres server
+ if [ "${1:0:1}" = '-' ]; then
+ set -- postgres "$@"
+ fi
+
+ if [ "$1" = 'postgres' ] && ! _pg_want_help "$@"; then
+ docker_setup_env
+ # setup data directories and permissions (when run as root)
+ docker_create_db_directories
+ if [ "$(id -u)" = '0' ]; then
+ # then restart script as postgres user
+ exec gosu postgres "$BASH_SOURCE" "$@"
+ fi
+
+ # only run initialization on an empty data directory
+ if [ -z "$DATABASE_ALREADY_EXISTS" ]; then
+ docker_verify_minimum_env
+
+ # check dir permissions to reduce likelihood of half-initialized database
+ ls /docker-entrypoint-initdb.d/ > /dev/null
+
+ docker_init_database_dir
+ pg_setup_hba_conf "$@"
+
+ # PGPASSWORD is required for psql when authentication is required for 'local' connections via pg_hba.conf and is otherwise harmless
+ # e.g. when '--auth=md5' or '--auth-local=md5' is used in POSTGRES_INITDB_ARGS
+ export PGPASSWORD="${PGPASSWORD:-$POSTGRES_PASSWORD}"
+ docker_temp_server_start "$@"
+
+ docker_setup_db
+ docker_process_init_files /docker-entrypoint-initdb.d/*
+
+ docker_temp_server_stop
+ unset PGPASSWORD
+
+ cat <<-'EOM'
+
+ PostgreSQL init process complete; ready for start up.
+
+ EOM
+ else
+ cat <<-'EOM'
+
+ PostgreSQL Database directory appears to contain a database; Skipping initialization
+
+ EOM
+ fi
+ fi
+
+ exec "$@"
+}
+
+if ! _is_sourced; then
+ _main "$@"
+fi
diff --git a/16/bookworm/Dockerfile b/16/bookworm/Dockerfile
new file mode 100644
index 0000000000..d4364c95e5
--- /dev/null
+++ b/16/bookworm/Dockerfile
@@ -0,0 +1,219 @@
+#
+# NOTE: THIS DOCKERFILE IS GENERATED VIA "apply-templates.sh"
+#
+# PLEASE DO NOT EDIT IT DIRECTLY.
+#
+
+FROM debian:bookworm-slim
+
+# explicitly set user/group IDs
+RUN set -eux; \
+ groupadd -r postgres --gid=999; \
+# https://salsa.debian.org/postgresql/postgresql-common/blob/997d842ee744687d99a2b2d95c1083a2615c79e8/debian/postgresql-common.postinst#L32-35
+ useradd -r -g postgres --uid=999 --home-dir=/var/lib/postgresql --shell=/bin/bash postgres; \
+# also create the postgres user's home directory with appropriate permissions
+# see https://github.com/docker-library/postgres/issues/274
+ mkdir -p /var/lib/postgresql; \
+ chown -R postgres:postgres /var/lib/postgresql
+
+RUN set -ex; \
+ apt-get update; \
+ apt-get install -y --no-install-recommends \
+ gnupg \
+ ; \
+ rm -rf /var/lib/apt/lists/*
+
+# grab gosu for easy step-down from root
+# https://github.com/tianon/gosu/releases
+ENV GOSU_VERSION 1.16
+RUN set -eux; \
+ savedAptMark="$(apt-mark showmanual)"; \
+ apt-get update; \
+ apt-get install -y --no-install-recommends ca-certificates wget; \
+ rm -rf /var/lib/apt/lists/*; \
+ dpkgArch="$(dpkg --print-architecture | awk -F- '{ print $NF }')"; \
+ wget -O /usr/local/bin/gosu "https://github.com/tianon/gosu/releases/download/$GOSU_VERSION/gosu-$dpkgArch"; \
+ wget -O /usr/local/bin/gosu.asc "https://github.com/tianon/gosu/releases/download/$GOSU_VERSION/gosu-$dpkgArch.asc"; \
+ export GNUPGHOME="$(mktemp -d)"; \
+ gpg --batch --keyserver hkps://keys.openpgp.org --recv-keys B42F6819007F00F88E364FD4036A9C25BF357DD4; \
+ gpg --batch --verify /usr/local/bin/gosu.asc /usr/local/bin/gosu; \
+ gpgconf --kill all; \
+ rm -rf "$GNUPGHOME" /usr/local/bin/gosu.asc; \
+ apt-mark auto '.*' > /dev/null; \
+ [ -z "$savedAptMark" ] || apt-mark manual $savedAptMark > /dev/null; \
+ apt-get purge -y --auto-remove -o APT::AutoRemove::RecommendsImportant=false; \
+ chmod +x /usr/local/bin/gosu; \
+ gosu --version; \
+ gosu nobody true
+
+# make the "en_US.UTF-8" locale so postgres will be utf-8 enabled by default
+RUN set -eux; \
+ if [ -f /etc/dpkg/dpkg.cfg.d/docker ]; then \
+# if this file exists, we're likely in "debian:xxx-slim", and locales are thus being excluded so we need to remove that exclusion (since we need locales)
+ grep -q '/usr/share/locale' /etc/dpkg/dpkg.cfg.d/docker; \
+ sed -ri '/\/usr\/share\/locale/d' /etc/dpkg/dpkg.cfg.d/docker; \
+ ! grep -q '/usr/share/locale' /etc/dpkg/dpkg.cfg.d/docker; \
+ fi; \
+ apt-get update; apt-get install -y --no-install-recommends locales; rm -rf /var/lib/apt/lists/*; \
+ localedef -i en_US -c -f UTF-8 -A /usr/share/locale/locale.alias en_US.UTF-8
+ENV LANG en_US.utf8
+
+RUN set -eux; \
+ apt-get update; \
+ apt-get install -y --no-install-recommends \
+ libnss-wrapper \
+ xz-utils \
+ zstd \
+ ; \
+ rm -rf /var/lib/apt/lists/*
+
+RUN mkdir /docker-entrypoint-initdb.d
+
+RUN set -ex; \
+# pub 4096R/ACCC4CF8 2011-10-13 [expires: 2019-07-02]
+# Key fingerprint = B97B 0AFC AA1A 47F0 44F2 44A0 7FCC 7D46 ACCC 4CF8
+# uid PostgreSQL Debian Repository
+ key='B97B0AFCAA1A47F044F244A07FCC7D46ACCC4CF8'; \
+ export GNUPGHOME="$(mktemp -d)"; \
+ mkdir -p /usr/local/share/keyrings/; \
+ gpg --batch --keyserver keyserver.ubuntu.com --recv-keys "$key"; \
+ gpg --batch --export --armor "$key" > /usr/local/share/keyrings/postgres.gpg.asc; \
+ gpgconf --kill all; \
+ rm -rf "$GNUPGHOME"
+
+ENV PG_MAJOR 16
+ENV PATH $PATH:/usr/lib/postgresql/$PG_MAJOR/bin
+
+ENV PG_VERSION 16~beta1-2.pgdg120+1
+
+RUN set -ex; \
+ \
+# see note below about "*.pyc" files
+ export PYTHONDONTWRITEBYTECODE=1; \
+ \
+ dpkgArch="$(dpkg --print-architecture)"; \
+ aptRepo="[ signed-by=/usr/local/share/keyrings/postgres.gpg.asc ] http://apt.postgresql.org/pub/repos/apt/ bookworm-pgdg main $PG_MAJOR"; \
+ case "$dpkgArch" in \
+ amd64 | arm64 | ppc64el | s390x) \
+# arches officialy built by upstream
+ echo "deb $aptRepo" > /etc/apt/sources.list.d/pgdg.list; \
+ apt-get update; \
+ ;; \
+ *) \
+# we're on an architecture upstream doesn't officially build for
+# let's build binaries from their published source packages
+ echo "deb-src $aptRepo" > /etc/apt/sources.list.d/pgdg.list; \
+ \
+ savedAptMark="$(apt-mark showmanual)"; \
+ \
+ tempDir="$(mktemp -d)"; \
+ cd "$tempDir"; \
+ \
+# create a temporary local APT repo to install from (so that dependency resolution can be handled by APT, as it should be)
+ apt-get update; \
+ apt-get install -y --no-install-recommends dpkg-dev; \
+ echo "deb [ trusted=yes ] file://$tempDir ./" > /etc/apt/sources.list.d/temp.list; \
+ _update_repo() { \
+ dpkg-scanpackages . > Packages; \
+# work around the following APT issue by using "Acquire::GzipIndexes=false" (overriding "/etc/apt/apt.conf.d/docker-gzip-indexes")
+# Could not open file /var/lib/apt/lists/partial/_tmp_tmp.ODWljpQfkE_._Packages - open (13: Permission denied)
+# ...
+# E: Failed to fetch store:/var/lib/apt/lists/partial/_tmp_tmp.ODWljpQfkE_._Packages Could not open file /var/lib/apt/lists/partial/_tmp_tmp.ODWljpQfkE_._Packages - open (13: Permission denied)
+ apt-get -o Acquire::GzipIndexes=false update; \
+ }; \
+ _update_repo; \
+ \
+# build .deb files from upstream's source packages (which are verified by apt-get)
+ nproc="$(nproc)"; \
+ export DEB_BUILD_OPTIONS="nocheck parallel=$nproc"; \
+# we have to build postgresql-common first because postgresql-$PG_MAJOR shares "debian/rules" logic with it: https://salsa.debian.org/postgresql/postgresql/-/commit/99f44476e258cae6bf9e919219fa2c5414fa2876
+# (and it "Depends: pgdg-keyring")
+ apt-get build-dep -y postgresql-common pgdg-keyring; \
+ apt-get source --compile postgresql-common pgdg-keyring; \
+ _update_repo; \
+ apt-get build-dep -y "postgresql-$PG_MAJOR=$PG_VERSION"; \
+ apt-get source --compile "postgresql-$PG_MAJOR=$PG_VERSION"; \
+ \
+# we don't remove APT lists here because they get re-downloaded and removed later
+ \
+# reset apt-mark's "manual" list so that "purge --auto-remove" will remove all build dependencies
+# (which is done after we install the built packages so we don't have to redownload any overlapping dependencies)
+ apt-mark showmanual | xargs apt-mark auto > /dev/null; \
+ apt-mark manual $savedAptMark; \
+ \
+ ls -lAFh; \
+ _update_repo; \
+ grep '^Package: ' Packages; \
+ cd /; \
+ ;; \
+ esac; \
+ \
+ apt-get install -y --no-install-recommends postgresql-common; \
+ sed -ri 's/#(create_main_cluster) .*$/\1 = false/' /etc/postgresql-common/createcluster.conf; \
+ apt-get install -y --no-install-recommends \
+ "postgresql-$PG_MAJOR=$PG_VERSION" \
+ ; \
+ \
+ rm -rf /var/lib/apt/lists/*; \
+ \
+ if [ -n "$tempDir" ]; then \
+# if we have leftovers from building, let's purge them (including extra, unnecessary build deps)
+ apt-get purge -y --auto-remove; \
+ rm -rf "$tempDir" /etc/apt/sources.list.d/temp.list; \
+ fi; \
+ \
+# some of the steps above generate a lot of "*.pyc" files (and setting "PYTHONDONTWRITEBYTECODE" beforehand doesn't propagate properly for some reason), so we clean them up manually (as long as they aren't owned by a package)
+ find /usr -name '*.pyc' -type f -exec bash -c 'for pyc; do dpkg -S "$pyc" &> /dev/null || rm -vf "$pyc"; done' -- '{}' +; \
+ \
+ postgres --version
+
+# make the sample config easier to munge (and "correct by default")
+RUN set -eux; \
+ dpkg-divert --add --rename --divert "/usr/share/postgresql/postgresql.conf.sample.dpkg" "/usr/share/postgresql/$PG_MAJOR/postgresql.conf.sample"; \
+ cp -v /usr/share/postgresql/postgresql.conf.sample.dpkg /usr/share/postgresql/postgresql.conf.sample; \
+ ln -sv ../postgresql.conf.sample "/usr/share/postgresql/$PG_MAJOR/"; \
+ sed -ri "s!^#?(listen_addresses)\s*=\s*\S+.*!\1 = '*'!" /usr/share/postgresql/postgresql.conf.sample; \
+ grep -F "listen_addresses = '*'" /usr/share/postgresql/postgresql.conf.sample
+
+RUN mkdir -p /var/run/postgresql && chown -R postgres:postgres /var/run/postgresql && chmod 2777 /var/run/postgresql
+
+ENV PGDATA /var/lib/postgresql/data
+# this 777 will be replaced by 700 at runtime (allows semi-arbitrary "--user" values)
+RUN mkdir -p "$PGDATA" && chown -R postgres:postgres "$PGDATA" && chmod 777 "$PGDATA"
+VOLUME /var/lib/postgresql/data
+
+COPY docker-entrypoint.sh /usr/local/bin/
+ENTRYPOINT ["docker-entrypoint.sh"]
+
+# We set the default STOPSIGNAL to SIGINT, which corresponds to what PostgreSQL
+# calls "Fast Shutdown mode" wherein new connections are disallowed and any
+# in-progress transactions are aborted, allowing PostgreSQL to stop cleanly and
+# flush tables to disk, which is the best compromise available to avoid data
+# corruption.
+#
+# Users who know their applications do not keep open long-lived idle connections
+# may way to use a value of SIGTERM instead, which corresponds to "Smart
+# Shutdown mode" in which any existing sessions are allowed to finish and the
+# server stops when all sessions are terminated.
+#
+# See https://www.postgresql.org/docs/12/server-shutdown.html for more details
+# about available PostgreSQL server shutdown signals.
+#
+# See also https://www.postgresql.org/docs/12/server-start.html for further
+# justification of this as the default value, namely that the example (and
+# shipped) systemd service files use the "Fast Shutdown mode" for service
+# termination.
+#
+STOPSIGNAL SIGINT
+#
+# An additional setting that is recommended for all users regardless of this
+# value is the runtime "--stop-timeout" (or your orchestrator/runtime's
+# equivalent) for controlling how long to wait between sending the defined
+# STOPSIGNAL and sending SIGKILL (which is likely to cause data corruption).
+#
+# The default in most runtimes (such as Docker) is 10 seconds, and the
+# documentation at https://www.postgresql.org/docs/12/server-start.html notes
+# that even 90 seconds may not be long enough in many instances.
+
+EXPOSE 5432
+CMD ["postgres"]
diff --git a/16/bookworm/docker-entrypoint.sh b/16/bookworm/docker-entrypoint.sh
new file mode 100755
index 0000000000..0ae0ecf8c2
--- /dev/null
+++ b/16/bookworm/docker-entrypoint.sh
@@ -0,0 +1,351 @@
+#!/usr/bin/env bash
+set -Eeo pipefail
+# TODO swap to -Eeuo pipefail above (after handling all potentially-unset variables)
+
+# usage: file_env VAR [DEFAULT]
+# ie: file_env 'XYZ_DB_PASSWORD' 'example'
+# (will allow for "$XYZ_DB_PASSWORD_FILE" to fill in the value of
+# "$XYZ_DB_PASSWORD" from a file, especially for Docker's secrets feature)
+file_env() {
+ local var="$1"
+ local fileVar="${var}_FILE"
+ local def="${2:-}"
+ if [ "${!var:-}" ] && [ "${!fileVar:-}" ]; then
+ printf >&2 'error: both %s and %s are set (but are exclusive)\n' "$var" "$fileVar"
+ exit 1
+ fi
+ local val="$def"
+ if [ "${!var:-}" ]; then
+ val="${!var}"
+ elif [ "${!fileVar:-}" ]; then
+ val="$(< "${!fileVar}")"
+ fi
+ export "$var"="$val"
+ unset "$fileVar"
+}
+
+# check to see if this file is being run or sourced from another script
+_is_sourced() {
+ # https://unix.stackexchange.com/a/215279
+ [ "${#FUNCNAME[@]}" -ge 2 ] \
+ && [ "${FUNCNAME[0]}" = '_is_sourced' ] \
+ && [ "${FUNCNAME[1]}" = 'source' ]
+}
+
+# used to create initial postgres directories and if run as root, ensure ownership to the "postgres" user
+docker_create_db_directories() {
+ local user; user="$(id -u)"
+
+ mkdir -p "$PGDATA"
+ # ignore failure since there are cases where we can't chmod (and PostgreSQL might fail later anyhow - it's picky about permissions of this directory)
+ chmod 00700 "$PGDATA" || :
+
+ # ignore failure since it will be fine when using the image provided directory; see also https://github.com/docker-library/postgres/pull/289
+ mkdir -p /var/run/postgresql || :
+ chmod 03775 /var/run/postgresql || :
+
+ # Create the transaction log directory before initdb is run so the directory is owned by the correct user
+ if [ -n "${POSTGRES_INITDB_WALDIR:-}" ]; then
+ mkdir -p "$POSTGRES_INITDB_WALDIR"
+ if [ "$user" = '0' ]; then
+ find "$POSTGRES_INITDB_WALDIR" \! -user postgres -exec chown postgres '{}' +
+ fi
+ chmod 700 "$POSTGRES_INITDB_WALDIR"
+ fi
+
+ # allow the container to be started with `--user`
+ if [ "$user" = '0' ]; then
+ find "$PGDATA" \! -user postgres -exec chown postgres '{}' +
+ find /var/run/postgresql \! -user postgres -exec chown postgres '{}' +
+ fi
+}
+
+# initialize empty PGDATA directory with new database via 'initdb'
+# arguments to `initdb` can be passed via POSTGRES_INITDB_ARGS or as arguments to this function
+# `initdb` automatically creates the "postgres", "template0", and "template1" dbnames
+# this is also where the database user is created, specified by `POSTGRES_USER` env
+docker_init_database_dir() {
+ # "initdb" is particular about the current user existing in "/etc/passwd", so we use "nss_wrapper" to fake that if necessary
+ # see https://github.com/docker-library/postgres/pull/253, https://github.com/docker-library/postgres/issues/359, https://cwrap.org/nss_wrapper.html
+ local uid; uid="$(id -u)"
+ if ! getent passwd "$uid" &> /dev/null; then
+ # see if we can find a suitable "libnss_wrapper.so" (https://salsa.debian.org/sssd-team/nss-wrapper/-/commit/b9925a653a54e24d09d9b498a2d913729f7abb15)
+ local wrapper
+ for wrapper in {/usr,}/lib{/*,}/libnss_wrapper.so; do
+ if [ -s "$wrapper" ]; then
+ NSS_WRAPPER_PASSWD="$(mktemp)"
+ NSS_WRAPPER_GROUP="$(mktemp)"
+ export LD_PRELOAD="$wrapper" NSS_WRAPPER_PASSWD NSS_WRAPPER_GROUP
+ local gid; gid="$(id -g)"
+ printf 'postgres:x:%s:%s:PostgreSQL:%s:/bin/false\n' "$uid" "$gid" "$PGDATA" > "$NSS_WRAPPER_PASSWD"
+ printf 'postgres:x:%s:\n' "$gid" > "$NSS_WRAPPER_GROUP"
+ break
+ fi
+ done
+ fi
+
+ if [ -n "${POSTGRES_INITDB_WALDIR:-}" ]; then
+ set -- --waldir "$POSTGRES_INITDB_WALDIR" "$@"
+ fi
+
+ # --pwfile refuses to handle a properly-empty file (hence the "\n"): https://github.com/docker-library/postgres/issues/1025
+ eval 'initdb --username="$POSTGRES_USER" --pwfile=<(printf "%s\n" "$POSTGRES_PASSWORD") '"$POSTGRES_INITDB_ARGS"' "$@"'
+
+ # unset/cleanup "nss_wrapper" bits
+ if [[ "${LD_PRELOAD:-}" == */libnss_wrapper.so ]]; then
+ rm -f "$NSS_WRAPPER_PASSWD" "$NSS_WRAPPER_GROUP"
+ unset LD_PRELOAD NSS_WRAPPER_PASSWD NSS_WRAPPER_GROUP
+ fi
+}
+
+# print large warning if POSTGRES_PASSWORD is long
+# error if both POSTGRES_PASSWORD is empty and POSTGRES_HOST_AUTH_METHOD is not 'trust'
+# print large warning if POSTGRES_HOST_AUTH_METHOD is set to 'trust'
+# assumes database is not set up, ie: [ -z "$DATABASE_ALREADY_EXISTS" ]
+docker_verify_minimum_env() {
+ # check password first so we can output the warning before postgres
+ # messes it up
+ if [ "${#POSTGRES_PASSWORD}" -ge 100 ]; then
+ cat >&2 <<-'EOWARN'
+
+ WARNING: The supplied POSTGRES_PASSWORD is 100+ characters.
+
+ This will not work if used via PGPASSWORD with "psql".
+
+ https://www.postgresql.org/message-id/flat/E1Rqxp2-0004Qt-PL%40wrigleys.postgresql.org (BUG #6412)
+ https://github.com/docker-library/postgres/issues/507
+
+ EOWARN
+ fi
+ if [ -z "$POSTGRES_PASSWORD" ] && [ 'trust' != "$POSTGRES_HOST_AUTH_METHOD" ]; then
+ # The - option suppresses leading tabs but *not* spaces. :)
+ cat >&2 <<-'EOE'
+ Error: Database is uninitialized and superuser password is not specified.
+ You must specify POSTGRES_PASSWORD to a non-empty value for the
+ superuser. For example, "-e POSTGRES_PASSWORD=password" on "docker run".
+
+ You may also use "POSTGRES_HOST_AUTH_METHOD=trust" to allow all
+ connections without a password. This is *not* recommended.
+
+ See PostgreSQL documentation about "trust":
+ https://www.postgresql.org/docs/current/auth-trust.html
+ EOE
+ exit 1
+ fi
+ if [ 'trust' = "$POSTGRES_HOST_AUTH_METHOD" ]; then
+ cat >&2 <<-'EOWARN'
+ ********************************************************************************
+ WARNING: POSTGRES_HOST_AUTH_METHOD has been set to "trust". This will allow
+ anyone with access to the Postgres port to access your database without
+ a password, even if POSTGRES_PASSWORD is set. See PostgreSQL
+ documentation about "trust":
+ https://www.postgresql.org/docs/current/auth-trust.html
+ In Docker's default configuration, this is effectively any other
+ container on the same system.
+
+ It is not recommended to use POSTGRES_HOST_AUTH_METHOD=trust. Replace
+ it with "-e POSTGRES_PASSWORD=password" instead to set a password in
+ "docker run".
+ ********************************************************************************
+ EOWARN
+ fi
+}
+
+# usage: docker_process_init_files [file [file [...]]]
+# ie: docker_process_init_files /always-initdb.d/*
+# process initializer files, based on file extensions and permissions
+docker_process_init_files() {
+ # psql here for backwards compatibility "${psql[@]}"
+ psql=( docker_process_sql )
+
+ printf '\n'
+ local f
+ for f; do
+ case "$f" in
+ *.sh)
+ # https://github.com/docker-library/postgres/issues/450#issuecomment-393167936
+ # https://github.com/docker-library/postgres/pull/452
+ if [ -x "$f" ]; then
+ printf '%s: running %s\n' "$0" "$f"
+ "$f"
+ else
+ printf '%s: sourcing %s\n' "$0" "$f"
+ . "$f"
+ fi
+ ;;
+ *.sql) printf '%s: running %s\n' "$0" "$f"; docker_process_sql -f "$f"; printf '\n' ;;
+ *.sql.gz) printf '%s: running %s\n' "$0" "$f"; gunzip -c "$f" | docker_process_sql; printf '\n' ;;
+ *.sql.xz) printf '%s: running %s\n' "$0" "$f"; xzcat "$f" | docker_process_sql; printf '\n' ;;
+ *.sql.zst) printf '%s: running %s\n' "$0" "$f"; zstd -dc "$f" | docker_process_sql; printf '\n' ;;
+ *) printf '%s: ignoring %s\n' "$0" "$f" ;;
+ esac
+ printf '\n'
+ done
+}
+
+# Execute sql script, passed via stdin (or -f flag of pqsl)
+# usage: docker_process_sql [psql-cli-args]
+# ie: docker_process_sql --dbname=mydb <<<'INSERT ...'
+# ie: docker_process_sql -f my-file.sql
+# ie: docker_process_sql <my-file.sql
+docker_process_sql() {
+ local query_runner=( psql -v ON_ERROR_STOP=1 --username "$POSTGRES_USER" --no-password --no-psqlrc )
+ if [ -n "$POSTGRES_DB" ]; then
+ query_runner+=( --dbname "$POSTGRES_DB" )
+ fi
+
+ PGHOST= PGHOSTADDR= "${query_runner[@]}" "$@"
+}
+
+# create initial database
+# uses environment variables for input: POSTGRES_DB
+docker_setup_db() {
+ local dbAlreadyExists
+ dbAlreadyExists="$(
+ POSTGRES_DB= docker_process_sql --dbname postgres --set db="$POSTGRES_DB" --tuples-only <<-'EOSQL'
+ SELECT 1 FROM pg_database WHERE datname = :'db' ;
+ EOSQL
+ )"
+ if [ -z "$dbAlreadyExists" ]; then
+ POSTGRES_DB= docker_process_sql --dbname postgres --set db="$POSTGRES_DB" <<-'EOSQL'
+ CREATE DATABASE :"db" ;
+ EOSQL
+ printf '\n'
+ fi
+}
+
+# Loads various settings that are used elsewhere in the script
+# This should be called before any other functions
+docker_setup_env() {
+ file_env 'POSTGRES_PASSWORD'
+
+ file_env 'POSTGRES_USER' 'postgres'
+ file_env 'POSTGRES_DB' "$POSTGRES_USER"
+ file_env 'POSTGRES_INITDB_ARGS'
+ : "${POSTGRES_HOST_AUTH_METHOD:=}"
+
+ declare -g DATABASE_ALREADY_EXISTS
+ # look specifically for PG_VERSION, as it is expected in the DB dir
+ if [ -s "$PGDATA/PG_VERSION" ]; then
+ DATABASE_ALREADY_EXISTS='true'
+ fi
+}
+
+# append POSTGRES_HOST_AUTH_METHOD to pg_hba.conf for "host" connections
+# all arguments will be passed along as arguments to `postgres` for getting the value of 'password_encryption'
+pg_setup_hba_conf() {
+ # default authentication method is md5 on versions before 14
+ # https://www.postgresql.org/about/news/postgresql-14-released-2318/
+ if [ "$1" = 'postgres' ]; then
+ shift
+ fi
+ local auth
+ # check the default/configured encryption and use that as the auth method
+ auth="$(postgres -C password_encryption "$@")"
+ : "${POSTGRES_HOST_AUTH_METHOD:=$auth}"
+ {
+ printf '\n'
+ if [ 'trust' = "$POSTGRES_HOST_AUTH_METHOD" ]; then
+ printf '# warning trust is enabled for all connections\n'
+ printf '# see https://www.postgresql.org/docs/12/auth-trust.html\n'
+ fi
+ printf 'host all all all %s\n' "$POSTGRES_HOST_AUTH_METHOD"
+ } >> "$PGDATA/pg_hba.conf"
+}
+
+# start socket-only postgresql server for setting up or running scripts
+# all arguments will be passed along as arguments to `postgres` (via pg_ctl)
+docker_temp_server_start() {
+ if [ "$1" = 'postgres' ]; then
+ shift
+ fi
+
+ # internal start of server in order to allow setup using psql client
+ # does not listen on external TCP/IP and waits until start finishes
+ set -- "$@" -c listen_addresses='' -p "${PGPORT:-5432}"
+
+ PGUSER="${PGUSER:-$POSTGRES_USER}" \
+ pg_ctl -D "$PGDATA" \
+ -o "$(printf '%q ' "$@")" \
+ -w start
+}
+
+# stop postgresql server after done setting up user and running scripts
+docker_temp_server_stop() {
+ PGUSER="${PGUSER:-postgres}" \
+ pg_ctl -D "$PGDATA" -m fast -w stop
+}
+
+# check arguments for an option that would cause postgres to stop
+# return true if there is one
+_pg_want_help() {
+ local arg
+ for arg; do
+ case "$arg" in
+ # postgres --help | grep 'then exit'
+ # leaving out -C on purpose since it always fails and is unhelpful:
+ # postgres: could not access the server configuration file "/var/lib/postgresql/data/postgresql.conf": No such file or directory
+ -'?'|--help|--describe-config|-V|--version)
+ return 0
+ ;;
+ esac
+ done
+ return 1
+}
+
+_main() {
+ # if first arg looks like a flag, assume we want to run postgres server
+ if [ "${1:0:1}" = '-' ]; then
+ set -- postgres "$@"
+ fi
+
+ if [ "$1" = 'postgres' ] && ! _pg_want_help "$@"; then
+ docker_setup_env
+ # setup data directories and permissions (when run as root)
+ docker_create_db_directories
+ if [ "$(id -u)" = '0' ]; then
+ # then restart script as postgres user
+ exec gosu postgres "$BASH_SOURCE" "$@"
+ fi
+
+ # only run initialization on an empty data directory
+ if [ -z "$DATABASE_ALREADY_EXISTS" ]; then
+ docker_verify_minimum_env
+
+ # check dir permissions to reduce likelihood of half-initialized database
+ ls /docker-entrypoint-initdb.d/ > /dev/null
+
+ docker_init_database_dir
+ pg_setup_hba_conf "$@"
+
+ # PGPASSWORD is required for psql when authentication is required for 'local' connections via pg_hba.conf and is otherwise harmless
+ # e.g. when '--auth=md5' or '--auth-local=md5' is used in POSTGRES_INITDB_ARGS
+ export PGPASSWORD="${PGPASSWORD:-$POSTGRES_PASSWORD}"
+ docker_temp_server_start "$@"
+
+ docker_setup_db
+ docker_process_init_files /docker-entrypoint-initdb.d/*
+
+ docker_temp_server_stop
+ unset PGPASSWORD
+
+ cat <<-'EOM'
+
+ PostgreSQL init process complete; ready for start up.
+
+ EOM
+ else
+ cat <<-'EOM'
+
+ PostgreSQL Database directory appears to contain a database; Skipping initialization
+
+ EOM
+ fi
+ fi
+
+ exec "$@"
+}
+
+if ! _is_sourced; then
+ _main "$@"
+fi
diff --git a/versions.json b/versions.json
index ec1cc70c88..0325e3d547 100644
--- a/versions.json
+++ b/versions.json
@@ -1,6 +1,15 @@
{
"11": {
"alpine": "3.18",
+ "bookworm": {
+ "arches": [
+ "amd64",
+ "arm64",
+ "ppc64el",
+ "s390x"
+ ],
+ "version": "11.20-1.pgdg120+1"
+ },
"bullseye": {
"arches": [
"amd64",
@@ -14,6 +23,7 @@
"major": 11,
"sha256": "3d7c8882f64a7e98534a044257dfee7abad77a5b7da12508d85d722b98b5acce",
"variants": [
+ "bookworm",
"bullseye",
"alpine3.18",
"alpine3.17"
@@ -22,6 +32,15 @@
},
"12": {
"alpine": "3.18",
+ "bookworm": {
+ "arches": [
+ "amd64",
+ "arm64",
+ "ppc64el",
+ "s390x"
+ ],
+ "version": "12.15-1.pgdg120+1"
+ },
"bullseye": {
"arches": [
"amd64",
@@ -31,10 +50,11 @@
],
"version": "12.15-1.pgdg110+1"
},
- "debian": "bullseye",
+ "debian": "bookworm",
"major": 12,
"sha256": "bb5206e2864c1c4579938b96ea6096d155f22abf2d2cc2aa57571e3c4cb12b36",
"variants": [
+ "bookworm",
"bullseye",
"alpine3.18",
"alpine3.17"
@@ -43,6 +63,15 @@
},
"13": {
"alpine": "3.18",
+ "bookworm": {
+ "arches": [
+ "amd64",
+ "arm64",
+ "ppc64el",
+ "s390x"
+ ],
+ "version": "13.11-1.pgdg120+1"
+ },
"bullseye": {
"arches": [
"amd64",
@@ -52,10 +81,11 @@
],
"version": "13.11-1.pgdg110+1"
},
- "debian": "bullseye",
+ "debian": "bookworm",
"major": 13,
"sha256": "4992ff647203566b670d4e54dc5317499a26856c93576d0ea951bdf6bee50bfb",
"variants": [
+ "bookworm",
"bullseye",
"alpine3.18",
"alpine3.17"
@@ -64,6 +94,15 @@
},
"14": {
"alpine": "3.18",
+ "bookworm": {
+ "arches": [
+ "amd64",
+ "arm64",
+ "ppc64el",
+ "s390x"
+ ],
+ "version": "14.8-1.pgdg120+1"
+ },
"bullseye": {
"arches": [
"amd64",
@@ -73,10 +112,11 @@
],
"version": "14.8-1.pgdg110+1"
},
- "debian": "bullseye",
+ "debian": "bookworm",
"major": 14,
"sha256": "39d38f0030737ed03835debeefee3b37d335462ce4995e2497bc38d621ebe45a",
"variants": [
+ "bookworm",
"bullseye",
"alpine3.18",
"alpine3.17"
@@ -85,6 +125,15 @@
},
"15": {
"alpine": "3.18",
+ "bookworm": {
+ "arches": [
+ "amd64",
+ "arm64",
+ "ppc64el",
+ "s390x"
+ ],
+ "version": "15.3-1.pgdg120+1"
+ },
"bullseye": {
"arches": [
"amd64",
@@ -94,10 +143,11 @@
],
"version": "15.3-1.pgdg110+1"
},
- "debian": "bullseye",
+ "debian": "bookworm",
"major": 15,
"sha256": "ffc7d4891f00ffbf5c3f4eab7fbbced8460b8c0ee63c5a5167133b9e6599d932",
"variants": [
+ "bookworm",
"bullseye",
"alpine3.18",
"alpine3.17"
@@ -106,6 +156,15 @@
},
"16": {
"alpine": "3.18",
+ "bookworm": {
+ "arches": [
+ "amd64",
+ "arm64",
+ "ppc64el",
+ "s390x"
+ ],
+ "version": "16~beta1-2.pgdg120+1"
+ },
"bullseye": {
"arches": [
"amd64",
@@ -115,10 +174,11 @@
],
"version": "16~beta1-2.pgdg110+1"
},
- "debian": "bullseye",
+ "debian": "bookworm",
"major": 16,
"sha256": "59e248d434aa515fa2d31c0d161c4148f30d511dcde91f6e888684823b6849a8",
"variants": [
+ "bookworm",
"bullseye",
"alpine3.18",
"alpine3.17"
diff --git a/versions.sh b/versions.sh
index 90641fa88a..7c044441b7 100755
--- a/versions.sh
+++ b/versions.sh
@@ -3,6 +3,7 @@ set -Eeuo pipefail
# we will support at most two entries in each of these lists, and both should be in descending order
supportedDebianSuites=(
+ bookworm
bullseye
)
supportedAlpineVersions=(
From cba2a05c03706daf5f9a66b93a447540b62df063 Mon Sep 17 00:00:00 2001
From: Docker Library Bot <doi+docker-library-bot@docker.com>
Date: Thu, 29 Jun 2023 17:03:10 -0700
Subject: [PATCH 016/115] Update 16 to 16beta2, bookworm 16~beta2-1.pgdg120+1,
bullseye 16~beta2-1.pgdg110+1
---
16/alpine3.17/Dockerfile | 4 ++--
16/alpine3.18/Dockerfile | 4 ++--
16/bookworm/Dockerfile | 2 +-
16/bullseye/Dockerfile | 2 +-
versions.json | 8 ++++----
5 files changed, 10 insertions(+), 10 deletions(-)
diff --git a/16/alpine3.17/Dockerfile b/16/alpine3.17/Dockerfile
index 4e40b1427a..6d625f0633 100644
--- a/16/alpine3.17/Dockerfile
+++ b/16/alpine3.17/Dockerfile
@@ -23,8 +23,8 @@ ENV LANG en_US.utf8
RUN mkdir /docker-entrypoint-initdb.d
ENV PG_MAJOR 16
-ENV PG_VERSION 16beta1
-ENV PG_SHA256 59e248d434aa515fa2d31c0d161c4148f30d511dcde91f6e888684823b6849a8
+ENV PG_VERSION 16beta2
+ENV PG_SHA256 ba653197465180c93775b4949a89dc6fbfebae2a44587ae7168fdfd24f519b50
ENV DOCKER_PG_LLVM_DEPS \
llvm15-dev \
diff --git a/16/alpine3.18/Dockerfile b/16/alpine3.18/Dockerfile
index 47895ab1ee..1176a9eaeb 100644
--- a/16/alpine3.18/Dockerfile
+++ b/16/alpine3.18/Dockerfile
@@ -23,8 +23,8 @@ ENV LANG en_US.utf8
RUN mkdir /docker-entrypoint-initdb.d
ENV PG_MAJOR 16
-ENV PG_VERSION 16beta1
-ENV PG_SHA256 59e248d434aa515fa2d31c0d161c4148f30d511dcde91f6e888684823b6849a8
+ENV PG_VERSION 16beta2
+ENV PG_SHA256 ba653197465180c93775b4949a89dc6fbfebae2a44587ae7168fdfd24f519b50
ENV DOCKER_PG_LLVM_DEPS \
llvm15-dev \
diff --git a/16/bookworm/Dockerfile b/16/bookworm/Dockerfile
index d4364c95e5..b538db81e0 100644
--- a/16/bookworm/Dockerfile
+++ b/16/bookworm/Dockerfile
@@ -84,7 +84,7 @@ RUN set -ex; \
ENV PG_MAJOR 16
ENV PATH $PATH:/usr/lib/postgresql/$PG_MAJOR/bin
-ENV PG_VERSION 16~beta1-2.pgdg120+1
+ENV PG_VERSION 16~beta2-1.pgdg120+1
RUN set -ex; \
\
diff --git a/16/bullseye/Dockerfile b/16/bullseye/Dockerfile
index 4fc142b9d8..a963dbee7f 100644
--- a/16/bullseye/Dockerfile
+++ b/16/bullseye/Dockerfile
@@ -84,7 +84,7 @@ RUN set -ex; \
ENV PG_MAJOR 16
ENV PATH $PATH:/usr/lib/postgresql/$PG_MAJOR/bin
-ENV PG_VERSION 16~beta1-2.pgdg110+1
+ENV PG_VERSION 16~beta2-1.pgdg110+1
RUN set -ex; \
\
diff --git a/versions.json b/versions.json
index 0325e3d547..8c4cb36312 100644
--- a/versions.json
+++ b/versions.json
@@ -163,7 +163,7 @@
"ppc64el",
"s390x"
],
- "version": "16~beta1-2.pgdg120+1"
+ "version": "16~beta2-1.pgdg120+1"
},
"bullseye": {
"arches": [
@@ -172,17 +172,17 @@
"ppc64el",
"s390x"
],
- "version": "16~beta1-2.pgdg110+1"
+ "version": "16~beta2-1.pgdg110+1"
},
"debian": "bookworm",
"major": 16,
- "sha256": "59e248d434aa515fa2d31c0d161c4148f30d511dcde91f6e888684823b6849a8",
+ "sha256": "ba653197465180c93775b4949a89dc6fbfebae2a44587ae7168fdfd24f519b50",
"variants": [
"bookworm",
"bullseye",
"alpine3.18",
"alpine3.17"
],
- "version": "16beta1"
+ "version": "16beta2"
}
}
From 16fa0f1d18f7c46f7dcac1e250b680fcb1a2e051 Mon Sep 17 00:00:00 2001
From: Docker Library Bot <doi+docker-library-bot@docker.com>
Date: Thu, 10 Aug 2023 11:02:22 -0700
Subject: [PATCH 017/115] Update 11 to 11.21, bookworm 11.21-1.pgdg120+1,
bullseye 11.21-1.pgdg110+1
---
11/alpine3.17/Dockerfile | 4 ++--
11/alpine3.18/Dockerfile | 4 ++--
11/bookworm/Dockerfile | 2 +-
11/bullseye/Dockerfile | 2 +-
versions.json | 8 ++++----
5 files changed, 10 insertions(+), 10 deletions(-)
diff --git a/11/alpine3.17/Dockerfile b/11/alpine3.17/Dockerfile
index 208b2b20d5..7730ab0be3 100644
--- a/11/alpine3.17/Dockerfile
+++ b/11/alpine3.17/Dockerfile
@@ -23,8 +23,8 @@ ENV LANG en_US.utf8
RUN mkdir /docker-entrypoint-initdb.d
ENV PG_MAJOR 11
-ENV PG_VERSION 11.20
-ENV PG_SHA256 3d7c8882f64a7e98534a044257dfee7abad77a5b7da12508d85d722b98b5acce
+ENV PG_VERSION 11.21
+ENV PG_SHA256 07b0837471d5dd77b25166b34718f3ba10816b6ad61e691e6fc547cf3fcff850
ENV DOCKER_PG_LLVM_DEPS \
llvm15-dev \
diff --git a/11/alpine3.18/Dockerfile b/11/alpine3.18/Dockerfile
index ff1b3973f3..7de4f4ab5c 100644
--- a/11/alpine3.18/Dockerfile
+++ b/11/alpine3.18/Dockerfile
@@ -23,8 +23,8 @@ ENV LANG en_US.utf8
RUN mkdir /docker-entrypoint-initdb.d
ENV PG_MAJOR 11
-ENV PG_VERSION 11.20
-ENV PG_SHA256 3d7c8882f64a7e98534a044257dfee7abad77a5b7da12508d85d722b98b5acce
+ENV PG_VERSION 11.21
+ENV PG_SHA256 07b0837471d5dd77b25166b34718f3ba10816b6ad61e691e6fc547cf3fcff850
ENV DOCKER_PG_LLVM_DEPS \
llvm15-dev \
diff --git a/11/bookworm/Dockerfile b/11/bookworm/Dockerfile
index b0d931b2ee..8747b555a8 100644
--- a/11/bookworm/Dockerfile
+++ b/11/bookworm/Dockerfile
@@ -84,7 +84,7 @@ RUN set -ex; \
ENV PG_MAJOR 11
ENV PATH $PATH:/usr/lib/postgresql/$PG_MAJOR/bin
-ENV PG_VERSION 11.20-1.pgdg120+1
+ENV PG_VERSION 11.21-1.pgdg120+1
RUN set -ex; \
\
diff --git a/11/bullseye/Dockerfile b/11/bullseye/Dockerfile
index 017d2155f4..71f22172b7 100644
--- a/11/bullseye/Dockerfile
+++ b/11/bullseye/Dockerfile
@@ -84,7 +84,7 @@ RUN set -ex; \
ENV PG_MAJOR 11
ENV PATH $PATH:/usr/lib/postgresql/$PG_MAJOR/bin
-ENV PG_VERSION 11.20-1.pgdg110+1
+ENV PG_VERSION 11.21-1.pgdg110+1
RUN set -ex; \
\
diff --git a/versions.json b/versions.json
index 8c4cb36312..13c44c1d35 100644
--- a/versions.json
+++ b/versions.json
@@ -8,7 +8,7 @@
"ppc64el",
"s390x"
],
- "version": "11.20-1.pgdg120+1"
+ "version": "11.21-1.pgdg120+1"
},
"bullseye": {
"arches": [
@@ -17,18 +17,18 @@
"ppc64el",
"s390x"
],
- "version": "11.20-1.pgdg110+1"
+ "version": "11.21-1.pgdg110+1"
},
"debian": "",
"major": 11,
- "sha256": "3d7c8882f64a7e98534a044257dfee7abad77a5b7da12508d85d722b98b5acce",
+ "sha256": "07b0837471d5dd77b25166b34718f3ba10816b6ad61e691e6fc547cf3fcff850",
"variants": [
"bookworm",
"bullseye",
"alpine3.18",
"alpine3.17"
],
- "version": "11.20"
+ "version": "11.21"
},
"12": {
"alpine": "3.18",
From 9061f74afc30391adb6a1a35d4f7b605ecaa09b9 Mon Sep 17 00:00:00 2001
From: Docker Library Bot <doi+docker-library-bot@docker.com>
Date: Thu, 10 Aug 2023 11:14:30 -0700
Subject: [PATCH 018/115] Update 12 to 12.16, bookworm 12.16-1.pgdg120+1,
bullseye 12.16-1.pgdg110+1
---
12/alpine3.17/Dockerfile | 4 ++--
12/alpine3.18/Dockerfile | 4 ++--
12/bookworm/Dockerfile | 2 +-
12/bullseye/Dockerfile | 2 +-
versions.json | 8 ++++----
5 files changed, 10 insertions(+), 10 deletions(-)
diff --git a/12/alpine3.17/Dockerfile b/12/alpine3.17/Dockerfile
index c12af4635b..19e3d03e14 100644
--- a/12/alpine3.17/Dockerfile
+++ b/12/alpine3.17/Dockerfile
@@ -23,8 +23,8 @@ ENV LANG en_US.utf8
RUN mkdir /docker-entrypoint-initdb.d
ENV PG_MAJOR 12
-ENV PG_VERSION 12.15
-ENV PG_SHA256 bb5206e2864c1c4579938b96ea6096d155f22abf2d2cc2aa57571e3c4cb12b36
+ENV PG_VERSION 12.16
+ENV PG_SHA256 c5f1fff7a0f93e1ec3746417b0594290ece617b4995ed95b8d527af0ba0e38f3
ENV DOCKER_PG_LLVM_DEPS \
llvm15-dev \
diff --git a/12/alpine3.18/Dockerfile b/12/alpine3.18/Dockerfile
index 74854956da..ae9b2ad48a 100644
--- a/12/alpine3.18/Dockerfile
+++ b/12/alpine3.18/Dockerfile
@@ -23,8 +23,8 @@ ENV LANG en_US.utf8
RUN mkdir /docker-entrypoint-initdb.d
ENV PG_MAJOR 12
-ENV PG_VERSION 12.15
-ENV PG_SHA256 bb5206e2864c1c4579938b96ea6096d155f22abf2d2cc2aa57571e3c4cb12b36
+ENV PG_VERSION 12.16
+ENV PG_SHA256 c5f1fff7a0f93e1ec3746417b0594290ece617b4995ed95b8d527af0ba0e38f3
ENV DOCKER_PG_LLVM_DEPS \
llvm15-dev \
diff --git a/12/bookworm/Dockerfile b/12/bookworm/Dockerfile
index 32626a880b..be1dae2d24 100644
--- a/12/bookworm/Dockerfile
+++ b/12/bookworm/Dockerfile
@@ -84,7 +84,7 @@ RUN set -ex; \
ENV PG_MAJOR 12
ENV PATH $PATH:/usr/lib/postgresql/$PG_MAJOR/bin
-ENV PG_VERSION 12.15-1.pgdg120+1
+ENV PG_VERSION 12.16-1.pgdg120+1
RUN set -ex; \
\
diff --git a/12/bullseye/Dockerfile b/12/bullseye/Dockerfile
index dd41897d86..1af7f7eaa9 100644
--- a/12/bullseye/Dockerfile
+++ b/12/bullseye/Dockerfile
@@ -84,7 +84,7 @@ RUN set -ex; \
ENV PG_MAJOR 12
ENV PATH $PATH:/usr/lib/postgresql/$PG_MAJOR/bin
-ENV PG_VERSION 12.15-1.pgdg110+1
+ENV PG_VERSION 12.16-1.pgdg110+1
RUN set -ex; \
\
diff --git a/versions.json b/versions.json
index 13c44c1d35..ae19c95664 100644
--- a/versions.json
+++ b/versions.json
@@ -39,7 +39,7 @@
"ppc64el",
"s390x"
],
- "version": "12.15-1.pgdg120+1"
+ "version": "12.16-1.pgdg120+1"
},
"bullseye": {
"arches": [
@@ -48,18 +48,18 @@
"ppc64el",
"s390x"
],
- "version": "12.15-1.pgdg110+1"
+ "version": "12.16-1.pgdg110+1"
},
"debian": "bookworm",
"major": 12,
- "sha256": "bb5206e2864c1c4579938b96ea6096d155f22abf2d2cc2aa57571e3c4cb12b36",
+ "sha256": "c5f1fff7a0f93e1ec3746417b0594290ece617b4995ed95b8d527af0ba0e38f3",
"variants": [
"bookworm",
"bullseye",
"alpine3.18",
"alpine3.17"
],
- "version": "12.15"
+ "version": "12.16"
},
"13": {
"alpine": "3.18",
From 69cf8b8aac63224380f943bd6428f088ddfb3435 Mon Sep 17 00:00:00 2001
From: Docker Library Bot <doi+docker-library-bot@docker.com>
Date: Thu, 10 Aug 2023 11:25:03 -0700
Subject: [PATCH 019/115] Update 13 to 13.12, bookworm 13.12-1.pgdg120+1,
bullseye 13.12-1.pgdg110+1
---
13/alpine3.17/Dockerfile | 4 ++--
13/alpine3.18/Dockerfile | 4 ++--
13/bookworm/Dockerfile | 2 +-
13/bullseye/Dockerfile | 2 +-
versions.json | 8 ++++----
5 files changed, 10 insertions(+), 10 deletions(-)
diff --git a/13/alpine3.17/Dockerfile b/13/alpine3.17/Dockerfile
index 1991131da1..8d9822dd8d 100644
--- a/13/alpine3.17/Dockerfile
+++ b/13/alpine3.17/Dockerfile
@@ -23,8 +23,8 @@ ENV LANG en_US.utf8
RUN mkdir /docker-entrypoint-initdb.d
ENV PG_MAJOR 13
-ENV PG_VERSION 13.11
-ENV PG_SHA256 4992ff647203566b670d4e54dc5317499a26856c93576d0ea951bdf6bee50bfb
+ENV PG_VERSION 13.12
+ENV PG_SHA256 0da1edcee3514b7bc7ba6dbaf0c00499e8ac1590668e8789c50253a6249f218b
ENV DOCKER_PG_LLVM_DEPS \
llvm15-dev \
diff --git a/13/alpine3.18/Dockerfile b/13/alpine3.18/Dockerfile
index 2f3fc74b83..179639fa0f 100644
--- a/13/alpine3.18/Dockerfile
+++ b/13/alpine3.18/Dockerfile
@@ -23,8 +23,8 @@ ENV LANG en_US.utf8
RUN mkdir /docker-entrypoint-initdb.d
ENV PG_MAJOR 13
-ENV PG_VERSION 13.11
-ENV PG_SHA256 4992ff647203566b670d4e54dc5317499a26856c93576d0ea951bdf6bee50bfb
+ENV PG_VERSION 13.12
+ENV PG_SHA256 0da1edcee3514b7bc7ba6dbaf0c00499e8ac1590668e8789c50253a6249f218b
ENV DOCKER_PG_LLVM_DEPS \
llvm15-dev \
diff --git a/13/bookworm/Dockerfile b/13/bookworm/Dockerfile
index 0deeced385..63e873bbf6 100644
--- a/13/bookworm/Dockerfile
+++ b/13/bookworm/Dockerfile
@@ -84,7 +84,7 @@ RUN set -ex; \
ENV PG_MAJOR 13
ENV PATH $PATH:/usr/lib/postgresql/$PG_MAJOR/bin
-ENV PG_VERSION 13.11-1.pgdg120+1
+ENV PG_VERSION 13.12-1.pgdg120+1
RUN set -ex; \
\
diff --git a/13/bullseye/Dockerfile b/13/bullseye/Dockerfile
index 86b4109bdc..fa1f0ee364 100644
--- a/13/bullseye/Dockerfile
+++ b/13/bullseye/Dockerfile
@@ -84,7 +84,7 @@ RUN set -ex; \
ENV PG_MAJOR 13
ENV PATH $PATH:/usr/lib/postgresql/$PG_MAJOR/bin
-ENV PG_VERSION 13.11-1.pgdg110+1
+ENV PG_VERSION 13.12-1.pgdg110+1
RUN set -ex; \
\
diff --git a/versions.json b/versions.json
index ae19c95664..eceb853cfe 100644
--- a/versions.json
+++ b/versions.json
@@ -70,7 +70,7 @@
"ppc64el",
"s390x"
],
- "version": "13.11-1.pgdg120+1"
+ "version": "13.12-1.pgdg120+1"
},
"bullseye": {
"arches": [
@@ -79,18 +79,18 @@
"ppc64el",
"s390x"
],
- "version": "13.11-1.pgdg110+1"
+ "version": "13.12-1.pgdg110+1"
},
"debian": "bookworm",
"major": 13,
- "sha256": "4992ff647203566b670d4e54dc5317499a26856c93576d0ea951bdf6bee50bfb",
+ "sha256": "0da1edcee3514b7bc7ba6dbaf0c00499e8ac1590668e8789c50253a6249f218b",
"variants": [
"bookworm",
"bullseye",
"alpine3.18",
"alpine3.17"
],
- "version": "13.11"
+ "version": "13.12"
},
"14": {
"alpine": "3.18",
From 05f691067b29d8fb4211a47da37a381d58d36691 Mon Sep 17 00:00:00 2001
From: Docker Library Bot <doi+docker-library-bot@docker.com>
Date: Thu, 10 Aug 2023 11:35:14 -0700
Subject: [PATCH 020/115] Update 14 to 14.9, bookworm 14.9-1.pgdg120+1,
bullseye 14.9-1.pgdg110+1
---
14/alpine3.17/Dockerfile | 4 ++--
14/alpine3.18/Dockerfile | 4 ++--
14/bookworm/Dockerfile | 2 +-
14/bullseye/Dockerfile | 2 +-
versions.json | 8 ++++----
5 files changed, 10 insertions(+), 10 deletions(-)
diff --git a/14/alpine3.17/Dockerfile b/14/alpine3.17/Dockerfile
index ebdda2f29f..8953fca701 100644
--- a/14/alpine3.17/Dockerfile
+++ b/14/alpine3.17/Dockerfile
@@ -23,8 +23,8 @@ ENV LANG en_US.utf8
RUN mkdir /docker-entrypoint-initdb.d
ENV PG_MAJOR 14
-ENV PG_VERSION 14.8
-ENV PG_SHA256 39d38f0030737ed03835debeefee3b37d335462ce4995e2497bc38d621ebe45a
+ENV PG_VERSION 14.9
+ENV PG_SHA256 b1fe3ba9b1a7f3a9637dd1656dfdad2889016073fd4d35f13b50143cbbb6a8ef
ENV DOCKER_PG_LLVM_DEPS \
llvm15-dev \
diff --git a/14/alpine3.18/Dockerfile b/14/alpine3.18/Dockerfile
index 464e468939..d349333c0a 100644
--- a/14/alpine3.18/Dockerfile
+++ b/14/alpine3.18/Dockerfile
@@ -23,8 +23,8 @@ ENV LANG en_US.utf8
RUN mkdir /docker-entrypoint-initdb.d
ENV PG_MAJOR 14
-ENV PG_VERSION 14.8
-ENV PG_SHA256 39d38f0030737ed03835debeefee3b37d335462ce4995e2497bc38d621ebe45a
+ENV PG_VERSION 14.9
+ENV PG_SHA256 b1fe3ba9b1a7f3a9637dd1656dfdad2889016073fd4d35f13b50143cbbb6a8ef
ENV DOCKER_PG_LLVM_DEPS \
llvm15-dev \
diff --git a/14/bookworm/Dockerfile b/14/bookworm/Dockerfile
index e8ce3bb2c2..08a11ced6a 100644
--- a/14/bookworm/Dockerfile
+++ b/14/bookworm/Dockerfile
@@ -84,7 +84,7 @@ RUN set -ex; \
ENV PG_MAJOR 14
ENV PATH $PATH:/usr/lib/postgresql/$PG_MAJOR/bin
-ENV PG_VERSION 14.8-1.pgdg120+1
+ENV PG_VERSION 14.9-1.pgdg120+1
RUN set -ex; \
\
diff --git a/14/bullseye/Dockerfile b/14/bullseye/Dockerfile
index 7ceffde11b..0cd385b3e5 100644
--- a/14/bullseye/Dockerfile
+++ b/14/bullseye/Dockerfile
@@ -84,7 +84,7 @@ RUN set -ex; \
ENV PG_MAJOR 14
ENV PATH $PATH:/usr/lib/postgresql/$PG_MAJOR/bin
-ENV PG_VERSION 14.8-1.pgdg110+1
+ENV PG_VERSION 14.9-1.pgdg110+1
RUN set -ex; \
\
diff --git a/versions.json b/versions.json
index eceb853cfe..57ebf31cb2 100644
--- a/versions.json
+++ b/versions.json
@@ -101,7 +101,7 @@
"ppc64el",
"s390x"
],
- "version": "14.8-1.pgdg120+1"
+ "version": "14.9-1.pgdg120+1"
},
"bullseye": {
"arches": [
@@ -110,18 +110,18 @@
"ppc64el",
"s390x"
],
- "version": "14.8-1.pgdg110+1"
+ "version": "14.9-1.pgdg110+1"
},
"debian": "bookworm",
"major": 14,
- "sha256": "39d38f0030737ed03835debeefee3b37d335462ce4995e2497bc38d621ebe45a",
+ "sha256": "b1fe3ba9b1a7f3a9637dd1656dfdad2889016073fd4d35f13b50143cbbb6a8ef",
"variants": [
"bookworm",
"bullseye",
"alpine3.18",
"alpine3.17"
],
- "version": "14.8"
+ "version": "14.9"
},
"15": {
"alpine": "3.18",
From 1a73ab671b5f0f18313726e734c76bf171385c32 Mon Sep 17 00:00:00 2001
From: Docker Library Bot <doi+docker-library-bot@docker.com>
Date: Thu, 10 Aug 2023 11:46:34 -0700
Subject: [PATCH 021/115] Update 15 to 15.4, bookworm 15.4-1.pgdg120+1,
bullseye 15.4-1.pgdg110+1
---
15/alpine3.17/Dockerfile | 4 ++--
15/alpine3.18/Dockerfile | 4 ++--
15/bookworm/Dockerfile | 2 +-
15/bullseye/Dockerfile | 2 +-
versions.json | 8 ++++----
5 files changed, 10 insertions(+), 10 deletions(-)
diff --git a/15/alpine3.17/Dockerfile b/15/alpine3.17/Dockerfile
index 42c7ee1dbb..cfab85a8e4 100644
--- a/15/alpine3.17/Dockerfile
+++ b/15/alpine3.17/Dockerfile
@@ -23,8 +23,8 @@ ENV LANG en_US.utf8
RUN mkdir /docker-entrypoint-initdb.d
ENV PG_MAJOR 15
-ENV PG_VERSION 15.3
-ENV PG_SHA256 ffc7d4891f00ffbf5c3f4eab7fbbced8460b8c0ee63c5a5167133b9e6599d932
+ENV PG_VERSION 15.4
+ENV PG_SHA256 baec5a4bdc4437336653b6cb5d9ed89be5bd5c0c58b94e0becee0a999e63c8f9
ENV DOCKER_PG_LLVM_DEPS \
llvm15-dev \
diff --git a/15/alpine3.18/Dockerfile b/15/alpine3.18/Dockerfile
index afbbfcaa27..f54cd720ff 100644
--- a/15/alpine3.18/Dockerfile
+++ b/15/alpine3.18/Dockerfile
@@ -23,8 +23,8 @@ ENV LANG en_US.utf8
RUN mkdir /docker-entrypoint-initdb.d
ENV PG_MAJOR 15
-ENV PG_VERSION 15.3
-ENV PG_SHA256 ffc7d4891f00ffbf5c3f4eab7fbbced8460b8c0ee63c5a5167133b9e6599d932
+ENV PG_VERSION 15.4
+ENV PG_SHA256 baec5a4bdc4437336653b6cb5d9ed89be5bd5c0c58b94e0becee0a999e63c8f9
ENV DOCKER_PG_LLVM_DEPS \
llvm15-dev \
diff --git a/15/bookworm/Dockerfile b/15/bookworm/Dockerfile
index ae7ccd4f21..a19d9b15bf 100644
--- a/15/bookworm/Dockerfile
+++ b/15/bookworm/Dockerfile
@@ -84,7 +84,7 @@ RUN set -ex; \
ENV PG_MAJOR 15
ENV PATH $PATH:/usr/lib/postgresql/$PG_MAJOR/bin
-ENV PG_VERSION 15.3-1.pgdg120+1
+ENV PG_VERSION 15.4-1.pgdg120+1
RUN set -ex; \
\
diff --git a/15/bullseye/Dockerfile b/15/bullseye/Dockerfile
index 3a1ef4eefa..f890295e3b 100644
--- a/15/bullseye/Dockerfile
+++ b/15/bullseye/Dockerfile
@@ -84,7 +84,7 @@ RUN set -ex; \
ENV PG_MAJOR 15
ENV PATH $PATH:/usr/lib/postgresql/$PG_MAJOR/bin
-ENV PG_VERSION 15.3-1.pgdg110+1
+ENV PG_VERSION 15.4-1.pgdg110+1
RUN set -ex; \
\
diff --git a/versions.json b/versions.json
index 57ebf31cb2..802f1a223c 100644
--- a/versions.json
+++ b/versions.json
@@ -132,7 +132,7 @@
"ppc64el",
"s390x"
],
- "version": "15.3-1.pgdg120+1"
+ "version": "15.4-1.pgdg120+1"
},
"bullseye": {
"arches": [
@@ -141,18 +141,18 @@
"ppc64el",
"s390x"
],
- "version": "15.3-1.pgdg110+1"
+ "version": "15.4-1.pgdg110+1"
},
"debian": "bookworm",
"major": 15,
- "sha256": "ffc7d4891f00ffbf5c3f4eab7fbbced8460b8c0ee63c5a5167133b9e6599d932",
+ "sha256": "baec5a4bdc4437336653b6cb5d9ed89be5bd5c0c58b94e0becee0a999e63c8f9",
"variants": [
"bookworm",
"bullseye",
"alpine3.18",
"alpine3.17"
],
- "version": "15.3"
+ "version": "15.4"
},
"16": {
"alpine": "3.18",
From ee530cc079f232f9b1045db43d8c501ee2057d6d Mon Sep 17 00:00:00 2001
From: Docker Library Bot <doi+docker-library-bot@docker.com>
Date: Thu, 10 Aug 2023 17:05:53 -0700
Subject: [PATCH 022/115] Update 16 to 16beta3, bookworm 16~beta3-1.pgdg120+2,
bullseye 16~beta3-1.pgdg110+2
---
16/alpine3.17/Dockerfile | 4 ++--
16/alpine3.18/Dockerfile | 4 ++--
16/bookworm/Dockerfile | 2 +-
16/bullseye/Dockerfile | 2 +-
versions.json | 8 ++++----
5 files changed, 10 insertions(+), 10 deletions(-)
diff --git a/16/alpine3.17/Dockerfile b/16/alpine3.17/Dockerfile
index 6d625f0633..64e9c67d1e 100644
--- a/16/alpine3.17/Dockerfile
+++ b/16/alpine3.17/Dockerfile
@@ -23,8 +23,8 @@ ENV LANG en_US.utf8
RUN mkdir /docker-entrypoint-initdb.d
ENV PG_MAJOR 16
-ENV PG_VERSION 16beta2
-ENV PG_SHA256 ba653197465180c93775b4949a89dc6fbfebae2a44587ae7168fdfd24f519b50
+ENV PG_VERSION 16beta3
+ENV PG_SHA256 ffcf44e272662f6ac451a8d6d6ff951715db651c8d4907ec659cbde46abd52d3
ENV DOCKER_PG_LLVM_DEPS \
llvm15-dev \
diff --git a/16/alpine3.18/Dockerfile b/16/alpine3.18/Dockerfile
index 1176a9eaeb..878e870043 100644
--- a/16/alpine3.18/Dockerfile
+++ b/16/alpine3.18/Dockerfile
@@ -23,8 +23,8 @@ ENV LANG en_US.utf8
RUN mkdir /docker-entrypoint-initdb.d
ENV PG_MAJOR 16
-ENV PG_VERSION 16beta2
-ENV PG_SHA256 ba653197465180c93775b4949a89dc6fbfebae2a44587ae7168fdfd24f519b50
+ENV PG_VERSION 16beta3
+ENV PG_SHA256 ffcf44e272662f6ac451a8d6d6ff951715db651c8d4907ec659cbde46abd52d3
ENV DOCKER_PG_LLVM_DEPS \
llvm15-dev \
diff --git a/16/bookworm/Dockerfile b/16/bookworm/Dockerfile
index b538db81e0..5f6a1416a3 100644
--- a/16/bookworm/Dockerfile
+++ b/16/bookworm/Dockerfile
@@ -84,7 +84,7 @@ RUN set -ex; \
ENV PG_MAJOR 16
ENV PATH $PATH:/usr/lib/postgresql/$PG_MAJOR/bin
-ENV PG_VERSION 16~beta2-1.pgdg120+1
+ENV PG_VERSION 16~beta3-1.pgdg120+2
RUN set -ex; \
\
diff --git a/16/bullseye/Dockerfile b/16/bullseye/Dockerfile
index a963dbee7f..9a3655d4bc 100644
--- a/16/bullseye/Dockerfile
+++ b/16/bullseye/Dockerfile
@@ -84,7 +84,7 @@ RUN set -ex; \
ENV PG_MAJOR 16
ENV PATH $PATH:/usr/lib/postgresql/$PG_MAJOR/bin
-ENV PG_VERSION 16~beta2-1.pgdg110+1
+ENV PG_VERSION 16~beta3-1.pgdg110+2
RUN set -ex; \
\
diff --git a/versions.json b/versions.json
index 802f1a223c..23690f6daa 100644
--- a/versions.json
+++ b/versions.json
@@ -163,7 +163,7 @@
"ppc64el",
"s390x"
],
- "version": "16~beta2-1.pgdg120+1"
+ "version": "16~beta3-1.pgdg120+2"
},
"bullseye": {
"arches": [
@@ -172,17 +172,17 @@
"ppc64el",
"s390x"
],
- "version": "16~beta2-1.pgdg110+1"
+ "version": "16~beta3-1.pgdg110+2"
},
"debian": "bookworm",
"major": 16,
- "sha256": "ba653197465180c93775b4949a89dc6fbfebae2a44587ae7168fdfd24f519b50",
+ "sha256": "ffcf44e272662f6ac451a8d6d6ff951715db651c8d4907ec659cbde46abd52d3",
"variants": [
"bookworm",
"bullseye",
"alpine3.18",
"alpine3.17"
],
- "version": "16beta2"
+ "version": "16beta3"
}
}
From 2f0ed0c7e8f8b05b294740f150397eec0af8dc50 Mon Sep 17 00:00:00 2001
From: Docker Library Bot <doi+docker-library-bot@docker.com>
Date: Thu, 31 Aug 2023 11:03:02 -0700
Subject: [PATCH 023/115] Update 16 to 16rc1, bookworm 16~rc1-1.pgdg120+1,
bullseye 16~rc1-1.pgdg110+1
---
16/alpine3.17/Dockerfile | 4 ++--
16/alpine3.18/Dockerfile | 4 ++--
16/bookworm/Dockerfile | 2 +-
16/bullseye/Dockerfile | 2 +-
versions.json | 8 ++++----
5 files changed, 10 insertions(+), 10 deletions(-)
diff --git a/16/alpine3.17/Dockerfile b/16/alpine3.17/Dockerfile
index 64e9c67d1e..0063586f6e 100644
--- a/16/alpine3.17/Dockerfile
+++ b/16/alpine3.17/Dockerfile
@@ -23,8 +23,8 @@ ENV LANG en_US.utf8
RUN mkdir /docker-entrypoint-initdb.d
ENV PG_MAJOR 16
-ENV PG_VERSION 16beta3
-ENV PG_SHA256 ffcf44e272662f6ac451a8d6d6ff951715db651c8d4907ec659cbde46abd52d3
+ENV PG_VERSION 16rc1
+ENV PG_SHA256 ce97b3f4199a702a19ced11f86d0b93bb1fa55e869129e1435210ed8d505fa84
ENV DOCKER_PG_LLVM_DEPS \
llvm15-dev \
diff --git a/16/alpine3.18/Dockerfile b/16/alpine3.18/Dockerfile
index 878e870043..530c62a7ad 100644
--- a/16/alpine3.18/Dockerfile
+++ b/16/alpine3.18/Dockerfile
@@ -23,8 +23,8 @@ ENV LANG en_US.utf8
RUN mkdir /docker-entrypoint-initdb.d
ENV PG_MAJOR 16
-ENV PG_VERSION 16beta3
-ENV PG_SHA256 ffcf44e272662f6ac451a8d6d6ff951715db651c8d4907ec659cbde46abd52d3
+ENV PG_VERSION 16rc1
+ENV PG_SHA256 ce97b3f4199a702a19ced11f86d0b93bb1fa55e869129e1435210ed8d505fa84
ENV DOCKER_PG_LLVM_DEPS \
llvm15-dev \
diff --git a/16/bookworm/Dockerfile b/16/bookworm/Dockerfile
index 5f6a1416a3..c699d7ae62 100644
--- a/16/bookworm/Dockerfile
+++ b/16/bookworm/Dockerfile
@@ -84,7 +84,7 @@ RUN set -ex; \
ENV PG_MAJOR 16
ENV PATH $PATH:/usr/lib/postgresql/$PG_MAJOR/bin
-ENV PG_VERSION 16~beta3-1.pgdg120+2
+ENV PG_VERSION 16~rc1-1.pgdg120+1
RUN set -ex; \
\
diff --git a/16/bullseye/Dockerfile b/16/bullseye/Dockerfile
index 9a3655d4bc..5b52b518ea 100644
--- a/16/bullseye/Dockerfile
+++ b/16/bullseye/Dockerfile
@@ -84,7 +84,7 @@ RUN set -ex; \
ENV PG_MAJOR 16
ENV PATH $PATH:/usr/lib/postgresql/$PG_MAJOR/bin
-ENV PG_VERSION 16~beta3-1.pgdg110+2
+ENV PG_VERSION 16~rc1-1.pgdg110+1
RUN set -ex; \
\
diff --git a/versions.json b/versions.json
index 23690f6daa..9457a12a28 100644
--- a/versions.json
+++ b/versions.json
@@ -163,7 +163,7 @@
"ppc64el",
"s390x"
],
- "version": "16~beta3-1.pgdg120+2"
+ "version": "16~rc1-1.pgdg120+1"
},
"bullseye": {
"arches": [
@@ -172,17 +172,17 @@
"ppc64el",
"s390x"
],
- "version": "16~beta3-1.pgdg110+2"
+ "version": "16~rc1-1.pgdg110+1"
},
"debian": "bookworm",
"major": 16,
- "sha256": "ffcf44e272662f6ac451a8d6d6ff951715db651c8d4907ec659cbde46abd52d3",
+ "sha256": "ce97b3f4199a702a19ced11f86d0b93bb1fa55e869129e1435210ed8d505fa84",
"variants": [
"bookworm",
"bullseye",
"alpine3.18",
"alpine3.17"
],
- "version": "16beta3"
+ "version": "16rc1"
}
}
From 8a631b939a0b4197cb6bef49b50b6c40c80ddf5b Mon Sep 17 00:00:00 2001
From: Docker Library Bot <doi+docker-library-bot@docker.com>
Date: Thu, 14 Sep 2023 11:02:56 -0700
Subject: [PATCH 024/115] Update 15 to bookworm 15.4-2.pgdg120+1, bullseye
15.4-2.pgdg110+1
---
15/bookworm/Dockerfile | 2 +-
15/bullseye/Dockerfile | 2 +-
versions.json | 4 ++--
3 files changed, 4 insertions(+), 4 deletions(-)
diff --git a/15/bookworm/Dockerfile b/15/bookworm/Dockerfile
index a19d9b15bf..4e85949346 100644
--- a/15/bookworm/Dockerfile
+++ b/15/bookworm/Dockerfile
@@ -84,7 +84,7 @@ RUN set -ex; \
ENV PG_MAJOR 15
ENV PATH $PATH:/usr/lib/postgresql/$PG_MAJOR/bin
-ENV PG_VERSION 15.4-1.pgdg120+1
+ENV PG_VERSION 15.4-2.pgdg120+1
RUN set -ex; \
\
diff --git a/15/bullseye/Dockerfile b/15/bullseye/Dockerfile
index f890295e3b..0e8bc89675 100644
--- a/15/bullseye/Dockerfile
+++ b/15/bullseye/Dockerfile
@@ -84,7 +84,7 @@ RUN set -ex; \
ENV PG_MAJOR 15
ENV PATH $PATH:/usr/lib/postgresql/$PG_MAJOR/bin
-ENV PG_VERSION 15.4-1.pgdg110+1
+ENV PG_VERSION 15.4-2.pgdg110+1
RUN set -ex; \
\
diff --git a/versions.json b/versions.json
index 9457a12a28..cc8643a567 100644
--- a/versions.json
+++ b/versions.json
@@ -132,7 +132,7 @@
"ppc64el",
"s390x"
],
- "version": "15.4-1.pgdg120+1"
+ "version": "15.4-2.pgdg120+1"
},
"bullseye": {
"arches": [
@@ -141,7 +141,7 @@
"ppc64el",
"s390x"
],
- "version": "15.4-1.pgdg110+1"
+ "version": "15.4-2.pgdg110+1"
},
"debian": "bookworm",
"major": 15,
From 7442464585e3cd75554976cbe94819a42da10bbd Mon Sep 17 00:00:00 2001
From: Docker Library Bot <doi+docker-library-bot@docker.com>
Date: Thu, 14 Sep 2023 11:21:14 -0700
Subject: [PATCH 025/115] Update 16 to 16.0, bookworm 16.0-1.pgdg120+1,
bullseye 16.0-1.pgdg110+1
---
16/alpine3.17/Dockerfile | 4 ++--
16/alpine3.18/Dockerfile | 4 ++--
16/bookworm/Dockerfile | 2 +-
16/bullseye/Dockerfile | 2 +-
versions.json | 8 ++++----
5 files changed, 10 insertions(+), 10 deletions(-)
diff --git a/16/alpine3.17/Dockerfile b/16/alpine3.17/Dockerfile
index 0063586f6e..0b00e1d491 100644
--- a/16/alpine3.17/Dockerfile
+++ b/16/alpine3.17/Dockerfile
@@ -23,8 +23,8 @@ ENV LANG en_US.utf8
RUN mkdir /docker-entrypoint-initdb.d
ENV PG_MAJOR 16
-ENV PG_VERSION 16rc1
-ENV PG_SHA256 ce97b3f4199a702a19ced11f86d0b93bb1fa55e869129e1435210ed8d505fa84
+ENV PG_VERSION 16.0
+ENV PG_SHA256 df9e823eb22330444e1d48e52cc65135a652a6fdb3ce325e3f08549339f51b99
ENV DOCKER_PG_LLVM_DEPS \
llvm15-dev \
diff --git a/16/alpine3.18/Dockerfile b/16/alpine3.18/Dockerfile
index 530c62a7ad..7d21a33740 100644
--- a/16/alpine3.18/Dockerfile
+++ b/16/alpine3.18/Dockerfile
@@ -23,8 +23,8 @@ ENV LANG en_US.utf8
RUN mkdir /docker-entrypoint-initdb.d
ENV PG_MAJOR 16
-ENV PG_VERSION 16rc1
-ENV PG_SHA256 ce97b3f4199a702a19ced11f86d0b93bb1fa55e869129e1435210ed8d505fa84
+ENV PG_VERSION 16.0
+ENV PG_SHA256 df9e823eb22330444e1d48e52cc65135a652a6fdb3ce325e3f08549339f51b99
ENV DOCKER_PG_LLVM_DEPS \
llvm15-dev \
diff --git a/16/bookworm/Dockerfile b/16/bookworm/Dockerfile
index c699d7ae62..30ebb70a2c 100644
--- a/16/bookworm/Dockerfile
+++ b/16/bookworm/Dockerfile
@@ -84,7 +84,7 @@ RUN set -ex; \
ENV PG_MAJOR 16
ENV PATH $PATH:/usr/lib/postgresql/$PG_MAJOR/bin
-ENV PG_VERSION 16~rc1-1.pgdg120+1
+ENV PG_VERSION 16.0-1.pgdg120+1
RUN set -ex; \
\
diff --git a/16/bullseye/Dockerfile b/16/bullseye/Dockerfile
index 5b52b518ea..ceb76d0032 100644
--- a/16/bullseye/Dockerfile
+++ b/16/bullseye/Dockerfile
@@ -84,7 +84,7 @@ RUN set -ex; \
ENV PG_MAJOR 16
ENV PATH $PATH:/usr/lib/postgresql/$PG_MAJOR/bin
-ENV PG_VERSION 16~rc1-1.pgdg110+1
+ENV PG_VERSION 16.0-1.pgdg110+1
RUN set -ex; \
\
diff --git a/versions.json b/versions.json
index cc8643a567..11f8b35a91 100644
--- a/versions.json
+++ b/versions.json
@@ -163,7 +163,7 @@
"ppc64el",
"s390x"
],
- "version": "16~rc1-1.pgdg120+1"
+ "version": "16.0-1.pgdg120+1"
},
"bullseye": {
"arches": [
@@ -172,17 +172,17 @@
"ppc64el",
"s390x"
],
- "version": "16~rc1-1.pgdg110+1"
+ "version": "16.0-1.pgdg110+1"
},
"debian": "bookworm",
"major": 16,
- "sha256": "ce97b3f4199a702a19ced11f86d0b93bb1fa55e869129e1435210ed8d505fa84",
+ "sha256": "df9e823eb22330444e1d48e52cc65135a652a6fdb3ce325e3f08549339f51b99",
"variants": [
"bookworm",
"bullseye",
"alpine3.18",
"alpine3.17"
],
- "version": "16rc1"
+ "version": "16.0"
}
}
From 7df6bc166fbf0d7f28c85700235012317a22f88e Mon Sep 17 00:00:00 2001
From: Joseph Ferguson <yosifkit@gmail.com>
Date: Thu, 14 Sep 2023 14:33:51 -0700
Subject: [PATCH 026/115] Move latest to 16
---
generate-stackbrew-library.sh | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/generate-stackbrew-library.sh b/generate-stackbrew-library.sh
index b977cc6561..9dc0d91ea1 100755
--- a/generate-stackbrew-library.sh
+++ b/generate-stackbrew-library.sh
@@ -2,7 +2,7 @@
set -Eeuo pipefail
declare -A aliases=(
- [15]='latest'
+ [16]='latest'
)
self="$(basename "$BASH_SOURCE")"
From 6f4ae836406b010948f01fbcb400a31dca4fdf52 Mon Sep 17 00:00:00 2001
From: Laurent Goderre <laurent.goderre@docker.com>
Date: Tue, 3 Oct 2023 15:59:53 -0400
Subject: [PATCH 027/115] Added inline SBOM for binaries downloaded outside
package manager
---
.gitignore | 1 +
11/alpine3.17/Dockerfile | 4 +++-
11/alpine3.18/Dockerfile | 4 +++-
12/alpine3.17/Dockerfile | 4 +++-
12/alpine3.18/Dockerfile | 4 +++-
13/alpine3.17/Dockerfile | 4 +++-
13/alpine3.18/Dockerfile | 4 +++-
14/alpine3.17/Dockerfile | 4 +++-
14/alpine3.18/Dockerfile | 4 +++-
15/alpine3.17/Dockerfile | 4 +++-
15/alpine3.18/Dockerfile | 4 +++-
16/alpine3.17/Dockerfile | 4 +++-
16/alpine3.18/Dockerfile | 4 +++-
Dockerfile-alpine.template | 16 +++++++++++++++-
apply-templates.sh | 5 +++++
15 files changed, 57 insertions(+), 13 deletions(-)
diff --git a/.gitignore b/.gitignore
index d548f66de0..2a4a211b89 100644
--- a/.gitignore
+++ b/.gitignore
@@ -1 +1,2 @@
.jq-template.awk
+template-helper-functions.jq
diff --git a/11/alpine3.17/Dockerfile b/11/alpine3.17/Dockerfile
index 7730ab0be3..ba083fd7da 100644
--- a/11/alpine3.17/Dockerfile
+++ b/11/alpine3.17/Dockerfile
@@ -4,6 +4,7 @@
# PLEASE DO NOT EDIT IT DIRECTLY.
#
+
FROM alpine:3.17
# 70 is the standard uid/gid for "postgres" in Alpine
@@ -151,7 +152,8 @@ RUN set -eux; \
/usr/local/share/doc \
/usr/local/share/man \
; \
- \
+ echo '{"spdxVersion":"SPDX-2.3","SPDXID":"SPDXRef-DOCUMENT","name":"postgres-sbom","packages":[{"name":"postgres","versionInfo":"11.21","SPDXID":"SPDXRef-Package--postgres","externalRefs":[{"referenceCategory":"PACKAGE-MANAGER","referenceType":"purl","referenceLocator":"pkg:generic/postgres@11.21?os_name=alpine&os_version=3.17"}],"licenseDeclared":"PostgreSQL"}]}' > /usr/local/postgres.spdx.json \
+ ; \
postgres --version
# make the sample config easier to munge (and "correct by default")
diff --git a/11/alpine3.18/Dockerfile b/11/alpine3.18/Dockerfile
index 7de4f4ab5c..0c2fdd7d16 100644
--- a/11/alpine3.18/Dockerfile
+++ b/11/alpine3.18/Dockerfile
@@ -4,6 +4,7 @@
# PLEASE DO NOT EDIT IT DIRECTLY.
#
+
FROM alpine:3.18
# 70 is the standard uid/gid for "postgres" in Alpine
@@ -151,7 +152,8 @@ RUN set -eux; \
/usr/local/share/doc \
/usr/local/share/man \
; \
- \
+ echo '{"spdxVersion":"SPDX-2.3","SPDXID":"SPDXRef-DOCUMENT","name":"postgres-sbom","packages":[{"name":"postgres","versionInfo":"11.21","SPDXID":"SPDXRef-Package--postgres","externalRefs":[{"referenceCategory":"PACKAGE-MANAGER","referenceType":"purl","referenceLocator":"pkg:generic/postgres@11.21?os_name=alpine&os_version=3.18"}],"licenseDeclared":"PostgreSQL"}]}' > /usr/local/postgres.spdx.json \
+ ; \
postgres --version
# make the sample config easier to munge (and "correct by default")
diff --git a/12/alpine3.17/Dockerfile b/12/alpine3.17/Dockerfile
index 19e3d03e14..257b372eba 100644
--- a/12/alpine3.17/Dockerfile
+++ b/12/alpine3.17/Dockerfile
@@ -4,6 +4,7 @@
# PLEASE DO NOT EDIT IT DIRECTLY.
#
+
FROM alpine:3.17
# 70 is the standard uid/gid for "postgres" in Alpine
@@ -151,7 +152,8 @@ RUN set -eux; \
/usr/local/share/doc \
/usr/local/share/man \
; \
- \
+ echo '{"spdxVersion":"SPDX-2.3","SPDXID":"SPDXRef-DOCUMENT","name":"postgres-sbom","packages":[{"name":"postgres","versionInfo":"12.16","SPDXID":"SPDXRef-Package--postgres","externalRefs":[{"referenceCategory":"PACKAGE-MANAGER","referenceType":"purl","referenceLocator":"pkg:generic/postgres@12.16?os_name=alpine&os_version=3.17"}],"licenseDeclared":"PostgreSQL"}]}' > /usr/local/postgres.spdx.json \
+ ; \
postgres --version
# make the sample config easier to munge (and "correct by default")
diff --git a/12/alpine3.18/Dockerfile b/12/alpine3.18/Dockerfile
index ae9b2ad48a..1669e4f377 100644
--- a/12/alpine3.18/Dockerfile
+++ b/12/alpine3.18/Dockerfile
@@ -4,6 +4,7 @@
# PLEASE DO NOT EDIT IT DIRECTLY.
#
+
FROM alpine:3.18
# 70 is the standard uid/gid for "postgres" in Alpine
@@ -151,7 +152,8 @@ RUN set -eux; \
/usr/local/share/doc \
/usr/local/share/man \
; \
- \
+ echo '{"spdxVersion":"SPDX-2.3","SPDXID":"SPDXRef-DOCUMENT","name":"postgres-sbom","packages":[{"name":"postgres","versionInfo":"12.16","SPDXID":"SPDXRef-Package--postgres","externalRefs":[{"referenceCategory":"PACKAGE-MANAGER","referenceType":"purl","referenceLocator":"pkg:generic/postgres@12.16?os_name=alpine&os_version=3.18"}],"licenseDeclared":"PostgreSQL"}]}' > /usr/local/postgres.spdx.json \
+ ; \
postgres --version
# make the sample config easier to munge (and "correct by default")
diff --git a/13/alpine3.17/Dockerfile b/13/alpine3.17/Dockerfile
index 8d9822dd8d..9510d10f56 100644
--- a/13/alpine3.17/Dockerfile
+++ b/13/alpine3.17/Dockerfile
@@ -4,6 +4,7 @@
# PLEASE DO NOT EDIT IT DIRECTLY.
#
+
FROM alpine:3.17
# 70 is the standard uid/gid for "postgres" in Alpine
@@ -151,7 +152,8 @@ RUN set -eux; \
/usr/local/share/doc \
/usr/local/share/man \
; \
- \
+ echo '{"spdxVersion":"SPDX-2.3","SPDXID":"SPDXRef-DOCUMENT","name":"postgres-sbom","packages":[{"name":"postgres","versionInfo":"13.12","SPDXID":"SPDXRef-Package--postgres","externalRefs":[{"referenceCategory":"PACKAGE-MANAGER","referenceType":"purl","referenceLocator":"pkg:generic/postgres@13.12?os_name=alpine&os_version=3.17"}],"licenseDeclared":"PostgreSQL"}]}' > /usr/local/postgres.spdx.json \
+ ; \
postgres --version
# make the sample config easier to munge (and "correct by default")
diff --git a/13/alpine3.18/Dockerfile b/13/alpine3.18/Dockerfile
index 179639fa0f..119d0ce90d 100644
--- a/13/alpine3.18/Dockerfile
+++ b/13/alpine3.18/Dockerfile
@@ -4,6 +4,7 @@
# PLEASE DO NOT EDIT IT DIRECTLY.
#
+
FROM alpine:3.18
# 70 is the standard uid/gid for "postgres" in Alpine
@@ -151,7 +152,8 @@ RUN set -eux; \
/usr/local/share/doc \
/usr/local/share/man \
; \
- \
+ echo '{"spdxVersion":"SPDX-2.3","SPDXID":"SPDXRef-DOCUMENT","name":"postgres-sbom","packages":[{"name":"postgres","versionInfo":"13.12","SPDXID":"SPDXRef-Package--postgres","externalRefs":[{"referenceCategory":"PACKAGE-MANAGER","referenceType":"purl","referenceLocator":"pkg:generic/postgres@13.12?os_name=alpine&os_version=3.18"}],"licenseDeclared":"PostgreSQL"}]}' > /usr/local/postgres.spdx.json \
+ ; \
postgres --version
# make the sample config easier to munge (and "correct by default")
diff --git a/14/alpine3.17/Dockerfile b/14/alpine3.17/Dockerfile
index 8953fca701..a814f6d12e 100644
--- a/14/alpine3.17/Dockerfile
+++ b/14/alpine3.17/Dockerfile
@@ -4,6 +4,7 @@
# PLEASE DO NOT EDIT IT DIRECTLY.
#
+
FROM alpine:3.17
# 70 is the standard uid/gid for "postgres" in Alpine
@@ -154,7 +155,8 @@ RUN set -eux; \
/usr/local/share/doc \
/usr/local/share/man \
; \
- \
+ echo '{"spdxVersion":"SPDX-2.3","SPDXID":"SPDXRef-DOCUMENT","name":"postgres-sbom","packages":[{"name":"postgres","versionInfo":"14.9","SPDXID":"SPDXRef-Package--postgres","externalRefs":[{"referenceCategory":"PACKAGE-MANAGER","referenceType":"purl","referenceLocator":"pkg:generic/postgres@14.9?os_name=alpine&os_version=3.17"}],"licenseDeclared":"PostgreSQL"}]}' > /usr/local/postgres.spdx.json \
+ ; \
postgres --version
# make the sample config easier to munge (and "correct by default")
diff --git a/14/alpine3.18/Dockerfile b/14/alpine3.18/Dockerfile
index d349333c0a..2b6788066a 100644
--- a/14/alpine3.18/Dockerfile
+++ b/14/alpine3.18/Dockerfile
@@ -4,6 +4,7 @@
# PLEASE DO NOT EDIT IT DIRECTLY.
#
+
FROM alpine:3.18
# 70 is the standard uid/gid for "postgres" in Alpine
@@ -154,7 +155,8 @@ RUN set -eux; \
/usr/local/share/doc \
/usr/local/share/man \
; \
- \
+ echo '{"spdxVersion":"SPDX-2.3","SPDXID":"SPDXRef-DOCUMENT","name":"postgres-sbom","packages":[{"name":"postgres","versionInfo":"14.9","SPDXID":"SPDXRef-Package--postgres","externalRefs":[{"referenceCategory":"PACKAGE-MANAGER","referenceType":"purl","referenceLocator":"pkg:generic/postgres@14.9?os_name=alpine&os_version=3.18"}],"licenseDeclared":"PostgreSQL"}]}' > /usr/local/postgres.spdx.json \
+ ; \
postgres --version
# make the sample config easier to munge (and "correct by default")
diff --git a/15/alpine3.17/Dockerfile b/15/alpine3.17/Dockerfile
index cfab85a8e4..3dfb914b27 100644
--- a/15/alpine3.17/Dockerfile
+++ b/15/alpine3.17/Dockerfile
@@ -4,6 +4,7 @@
# PLEASE DO NOT EDIT IT DIRECTLY.
#
+
FROM alpine:3.17
# 70 is the standard uid/gid for "postgres" in Alpine
@@ -157,7 +158,8 @@ RUN set -eux; \
/usr/local/share/doc \
/usr/local/share/man \
; \
- \
+ echo '{"spdxVersion":"SPDX-2.3","SPDXID":"SPDXRef-DOCUMENT","name":"postgres-sbom","packages":[{"name":"postgres","versionInfo":"15.4","SPDXID":"SPDXRef-Package--postgres","externalRefs":[{"referenceCategory":"PACKAGE-MANAGER","referenceType":"purl","referenceLocator":"pkg:generic/postgres@15.4?os_name=alpine&os_version=3.17"}],"licenseDeclared":"PostgreSQL"}]}' > /usr/local/postgres.spdx.json \
+ ; \
postgres --version
# make the sample config easier to munge (and "correct by default")
diff --git a/15/alpine3.18/Dockerfile b/15/alpine3.18/Dockerfile
index f54cd720ff..560e8d644b 100644
--- a/15/alpine3.18/Dockerfile
+++ b/15/alpine3.18/Dockerfile
@@ -4,6 +4,7 @@
# PLEASE DO NOT EDIT IT DIRECTLY.
#
+
FROM alpine:3.18
# 70 is the standard uid/gid for "postgres" in Alpine
@@ -157,7 +158,8 @@ RUN set -eux; \
/usr/local/share/doc \
/usr/local/share/man \
; \
- \
+ echo '{"spdxVersion":"SPDX-2.3","SPDXID":"SPDXRef-DOCUMENT","name":"postgres-sbom","packages":[{"name":"postgres","versionInfo":"15.4","SPDXID":"SPDXRef-Package--postgres","externalRefs":[{"referenceCategory":"PACKAGE-MANAGER","referenceType":"purl","referenceLocator":"pkg:generic/postgres@15.4?os_name=alpine&os_version=3.18"}],"licenseDeclared":"PostgreSQL"}]}' > /usr/local/postgres.spdx.json \
+ ; \
postgres --version
# make the sample config easier to munge (and "correct by default")
diff --git a/16/alpine3.17/Dockerfile b/16/alpine3.17/Dockerfile
index 0b00e1d491..5863fd58d3 100644
--- a/16/alpine3.17/Dockerfile
+++ b/16/alpine3.17/Dockerfile
@@ -4,6 +4,7 @@
# PLEASE DO NOT EDIT IT DIRECTLY.
#
+
FROM alpine:3.17
# 70 is the standard uid/gid for "postgres" in Alpine
@@ -156,7 +157,8 @@ RUN set -eux; \
/usr/local/share/doc \
/usr/local/share/man \
; \
- \
+ echo '{"spdxVersion":"SPDX-2.3","SPDXID":"SPDXRef-DOCUMENT","name":"postgres-sbom","packages":[{"name":"postgres","versionInfo":"16.0","SPDXID":"SPDXRef-Package--postgres","externalRefs":[{"referenceCategory":"PACKAGE-MANAGER","referenceType":"purl","referenceLocator":"pkg:generic/postgres@16.0?os_name=alpine&os_version=3.17"}],"licenseDeclared":"PostgreSQL"}]}' > /usr/local/postgres.spdx.json \
+ ; \
postgres --version
# make the sample config easier to munge (and "correct by default")
diff --git a/16/alpine3.18/Dockerfile b/16/alpine3.18/Dockerfile
index 7d21a33740..94437870d5 100644
--- a/16/alpine3.18/Dockerfile
+++ b/16/alpine3.18/Dockerfile
@@ -4,6 +4,7 @@
# PLEASE DO NOT EDIT IT DIRECTLY.
#
+
FROM alpine:3.18
# 70 is the standard uid/gid for "postgres" in Alpine
@@ -156,7 +157,8 @@ RUN set -eux; \
/usr/local/share/doc \
/usr/local/share/man \
; \
- \
+ echo '{"spdxVersion":"SPDX-2.3","SPDXID":"SPDXRef-DOCUMENT","name":"postgres-sbom","packages":[{"name":"postgres","versionInfo":"16.0","SPDXID":"SPDXRef-Package--postgres","externalRefs":[{"referenceCategory":"PACKAGE-MANAGER","referenceType":"purl","referenceLocator":"pkg:generic/postgres@16.0?os_name=alpine&os_version=3.18"}],"licenseDeclared":"PostgreSQL"}]}' > /usr/local/postgres.spdx.json \
+ ; \
postgres --version
# make the sample config easier to munge (and "correct by default")
diff --git a/Dockerfile-alpine.template b/Dockerfile-alpine.template
index c581fe0ecf..0548c0126a 100644
--- a/Dockerfile-alpine.template
+++ b/Dockerfile-alpine.template
@@ -1,3 +1,4 @@
+{{ include "template-helper-functions" }}
FROM alpine:{{ env.variant | ltrimstr("alpine") }}
# 70 is the standard uid/gid for "postgres" in Alpine
@@ -164,7 +165,20 @@ RUN set -eux; \
/usr/local/share/doc \
/usr/local/share/man \
; \
- \
+ echo '{{
+ {
+ name: "postgres",
+ version: .version,
+ params: {
+ os_name: "alpine",
+ os_version: env.variant | ltrimstr("alpine"),
+ },
+ licenses: [
+ "PostgreSQL"
+ ]
+ } | sbom | tostring
+ }}' > /usr/local/postgres.spdx.json \
+ ; \
postgres --version
# make the sample config easier to munge (and "correct by default")
diff --git a/apply-templates.sh b/apply-templates.sh
index 31eb541934..7b6dc1763d 100755
--- a/apply-templates.sh
+++ b/apply-templates.sh
@@ -13,6 +13,11 @@ elif [ "$BASH_SOURCE" -nt "$jqt" ]; then
wget -qO "$jqt" 'https://github.com/docker-library/bashbrew/raw/9f6a35772ac863a0241f147c820354e4008edf38/scripts/jq-template.awk'
fi
+jqf='template-helper-functions.jq'
+if [ "$BASH_SOURCE" -nt "$jqf" ]; then
+ wget -qO "$jqf" 'https://github.com/docker-library/bashbrew/raw/master/scripts/template-helper-functions.jq'
+fi
+
if [ "$#" -eq 0 ]; then
versions="$(jq -r 'keys | map(@sh) | join(" ")' versions.json)"
eval "set -- $versions"
From f2860f3faf8d0f3993389f529f8833778b08eba4 Mon Sep 17 00:00:00 2001
From: Docker Library Bot <doi+docker-library-bot@docker.com>
Date: Thu, 9 Nov 2023 11:02:26 -0800
Subject: [PATCH 028/115] Update 11 to 11.22, bookworm 11.22-1.pgdg120+1,
bullseye 11.22-1.pgdg110+1
---
11/alpine3.17/Dockerfile | 6 +++---
11/alpine3.18/Dockerfile | 6 +++---
11/bookworm/Dockerfile | 2 +-
11/bullseye/Dockerfile | 2 +-
versions.json | 8 ++++----
5 files changed, 12 insertions(+), 12 deletions(-)
diff --git a/11/alpine3.17/Dockerfile b/11/alpine3.17/Dockerfile
index ba083fd7da..ea3c85deb4 100644
--- a/11/alpine3.17/Dockerfile
+++ b/11/alpine3.17/Dockerfile
@@ -24,8 +24,8 @@ ENV LANG en_US.utf8
RUN mkdir /docker-entrypoint-initdb.d
ENV PG_MAJOR 11
-ENV PG_VERSION 11.21
-ENV PG_SHA256 07b0837471d5dd77b25166b34718f3ba10816b6ad61e691e6fc547cf3fcff850
+ENV PG_VERSION 11.22
+ENV PG_SHA256 2cb7c97d7a0d7278851bbc9c61f467b69c094c72b81740b751108e7892ebe1f0
ENV DOCKER_PG_LLVM_DEPS \
llvm15-dev \
@@ -152,7 +152,7 @@ RUN set -eux; \
/usr/local/share/doc \
/usr/local/share/man \
; \
- echo '{"spdxVersion":"SPDX-2.3","SPDXID":"SPDXRef-DOCUMENT","name":"postgres-sbom","packages":[{"name":"postgres","versionInfo":"11.21","SPDXID":"SPDXRef-Package--postgres","externalRefs":[{"referenceCategory":"PACKAGE-MANAGER","referenceType":"purl","referenceLocator":"pkg:generic/postgres@11.21?os_name=alpine&os_version=3.17"}],"licenseDeclared":"PostgreSQL"}]}' > /usr/local/postgres.spdx.json \
+ echo '{"spdxVersion":"SPDX-2.3","SPDXID":"SPDXRef-DOCUMENT","name":"postgres-sbom","packages":[{"name":"postgres","versionInfo":"11.22","SPDXID":"SPDXRef-Package--postgres","externalRefs":[{"referenceCategory":"PACKAGE-MANAGER","referenceType":"purl","referenceLocator":"pkg:generic/postgres@11.22?os_name=alpine&os_version=3.17"}],"licenseDeclared":"PostgreSQL"}]}' > /usr/local/postgres.spdx.json \
; \
postgres --version
diff --git a/11/alpine3.18/Dockerfile b/11/alpine3.18/Dockerfile
index 0c2fdd7d16..76989691e7 100644
--- a/11/alpine3.18/Dockerfile
+++ b/11/alpine3.18/Dockerfile
@@ -24,8 +24,8 @@ ENV LANG en_US.utf8
RUN mkdir /docker-entrypoint-initdb.d
ENV PG_MAJOR 11
-ENV PG_VERSION 11.21
-ENV PG_SHA256 07b0837471d5dd77b25166b34718f3ba10816b6ad61e691e6fc547cf3fcff850
+ENV PG_VERSION 11.22
+ENV PG_SHA256 2cb7c97d7a0d7278851bbc9c61f467b69c094c72b81740b751108e7892ebe1f0
ENV DOCKER_PG_LLVM_DEPS \
llvm15-dev \
@@ -152,7 +152,7 @@ RUN set -eux; \
/usr/local/share/doc \
/usr/local/share/man \
; \
- echo '{"spdxVersion":"SPDX-2.3","SPDXID":"SPDXRef-DOCUMENT","name":"postgres-sbom","packages":[{"name":"postgres","versionInfo":"11.21","SPDXID":"SPDXRef-Package--postgres","externalRefs":[{"referenceCategory":"PACKAGE-MANAGER","referenceType":"purl","referenceLocator":"pkg:generic/postgres@11.21?os_name=alpine&os_version=3.18"}],"licenseDeclared":"PostgreSQL"}]}' > /usr/local/postgres.spdx.json \
+ echo '{"spdxVersion":"SPDX-2.3","SPDXID":"SPDXRef-DOCUMENT","name":"postgres-sbom","packages":[{"name":"postgres","versionInfo":"11.22","SPDXID":"SPDXRef-Package--postgres","externalRefs":[{"referenceCategory":"PACKAGE-MANAGER","referenceType":"purl","referenceLocator":"pkg:generic/postgres@11.22?os_name=alpine&os_version=3.18"}],"licenseDeclared":"PostgreSQL"}]}' > /usr/local/postgres.spdx.json \
; \
postgres --version
diff --git a/11/bookworm/Dockerfile b/11/bookworm/Dockerfile
index 8747b555a8..ca21311f93 100644
--- a/11/bookworm/Dockerfile
+++ b/11/bookworm/Dockerfile
@@ -84,7 +84,7 @@ RUN set -ex; \
ENV PG_MAJOR 11
ENV PATH $PATH:/usr/lib/postgresql/$PG_MAJOR/bin
-ENV PG_VERSION 11.21-1.pgdg120+1
+ENV PG_VERSION 11.22-1.pgdg120+1
RUN set -ex; \
\
diff --git a/11/bullseye/Dockerfile b/11/bullseye/Dockerfile
index 71f22172b7..18a6164560 100644
--- a/11/bullseye/Dockerfile
+++ b/11/bullseye/Dockerfile
@@ -84,7 +84,7 @@ RUN set -ex; \
ENV PG_MAJOR 11
ENV PATH $PATH:/usr/lib/postgresql/$PG_MAJOR/bin
-ENV PG_VERSION 11.21-1.pgdg110+1
+ENV PG_VERSION 11.22-1.pgdg110+1
RUN set -ex; \
\
diff --git a/versions.json b/versions.json
index 11f8b35a91..6a12de7167 100644
--- a/versions.json
+++ b/versions.json
@@ -8,7 +8,7 @@
"ppc64el",
"s390x"
],
- "version": "11.21-1.pgdg120+1"
+ "version": "11.22-1.pgdg120+1"
},
"bullseye": {
"arches": [
@@ -17,18 +17,18 @@
"ppc64el",
"s390x"
],
- "version": "11.21-1.pgdg110+1"
+ "version": "11.22-1.pgdg110+1"
},
"debian": "",
"major": 11,
- "sha256": "07b0837471d5dd77b25166b34718f3ba10816b6ad61e691e6fc547cf3fcff850",
+ "sha256": "2cb7c97d7a0d7278851bbc9c61f467b69c094c72b81740b751108e7892ebe1f0",
"variants": [
"bookworm",
"bullseye",
"alpine3.18",
"alpine3.17"
],
- "version": "11.21"
+ "version": "11.22"
},
"12": {
"alpine": "3.18",
From 038c4c577a3c58dddf9ec2ccaa643009b8ba414b Mon Sep 17 00:00:00 2001
From: Docker Library Bot <doi+docker-library-bot@docker.com>
Date: Thu, 9 Nov 2023 11:16:09 -0800
Subject: [PATCH 029/115] Update 12 to 12.17, bookworm 12.17-1.pgdg120+1,
bullseye 12.17-1.pgdg110+1
---
12/alpine3.17/Dockerfile | 6 +++---
12/alpine3.18/Dockerfile | 6 +++---
12/bookworm/Dockerfile | 2 +-
12/bullseye/Dockerfile | 2 +-
versions.json | 8 ++++----
5 files changed, 12 insertions(+), 12 deletions(-)
diff --git a/12/alpine3.17/Dockerfile b/12/alpine3.17/Dockerfile
index 257b372eba..0143bbaa25 100644
--- a/12/alpine3.17/Dockerfile
+++ b/12/alpine3.17/Dockerfile
@@ -24,8 +24,8 @@ ENV LANG en_US.utf8
RUN mkdir /docker-entrypoint-initdb.d
ENV PG_MAJOR 12
-ENV PG_VERSION 12.16
-ENV PG_SHA256 c5f1fff7a0f93e1ec3746417b0594290ece617b4995ed95b8d527af0ba0e38f3
+ENV PG_VERSION 12.17
+ENV PG_SHA256 93e8e1b23981d5f03c6c5763f77b28184c1ce4db7194fa466e2edb65d9c1c5f6
ENV DOCKER_PG_LLVM_DEPS \
llvm15-dev \
@@ -152,7 +152,7 @@ RUN set -eux; \
/usr/local/share/doc \
/usr/local/share/man \
; \
- echo '{"spdxVersion":"SPDX-2.3","SPDXID":"SPDXRef-DOCUMENT","name":"postgres-sbom","packages":[{"name":"postgres","versionInfo":"12.16","SPDXID":"SPDXRef-Package--postgres","externalRefs":[{"referenceCategory":"PACKAGE-MANAGER","referenceType":"purl","referenceLocator":"pkg:generic/postgres@12.16?os_name=alpine&os_version=3.17"}],"licenseDeclared":"PostgreSQL"}]}' > /usr/local/postgres.spdx.json \
+ echo '{"spdxVersion":"SPDX-2.3","SPDXID":"SPDXRef-DOCUMENT","name":"postgres-sbom","packages":[{"name":"postgres","versionInfo":"12.17","SPDXID":"SPDXRef-Package--postgres","externalRefs":[{"referenceCategory":"PACKAGE-MANAGER","referenceType":"purl","referenceLocator":"pkg:generic/postgres@12.17?os_name=alpine&os_version=3.17"}],"licenseDeclared":"PostgreSQL"}]}' > /usr/local/postgres.spdx.json \
; \
postgres --version
diff --git a/12/alpine3.18/Dockerfile b/12/alpine3.18/Dockerfile
index 1669e4f377..66dd4e7f94 100644
--- a/12/alpine3.18/Dockerfile
+++ b/12/alpine3.18/Dockerfile
@@ -24,8 +24,8 @@ ENV LANG en_US.utf8
RUN mkdir /docker-entrypoint-initdb.d
ENV PG_MAJOR 12
-ENV PG_VERSION 12.16
-ENV PG_SHA256 c5f1fff7a0f93e1ec3746417b0594290ece617b4995ed95b8d527af0ba0e38f3
+ENV PG_VERSION 12.17
+ENV PG_SHA256 93e8e1b23981d5f03c6c5763f77b28184c1ce4db7194fa466e2edb65d9c1c5f6
ENV DOCKER_PG_LLVM_DEPS \
llvm15-dev \
@@ -152,7 +152,7 @@ RUN set -eux; \
/usr/local/share/doc \
/usr/local/share/man \
; \
- echo '{"spdxVersion":"SPDX-2.3","SPDXID":"SPDXRef-DOCUMENT","name":"postgres-sbom","packages":[{"name":"postgres","versionInfo":"12.16","SPDXID":"SPDXRef-Package--postgres","externalRefs":[{"referenceCategory":"PACKAGE-MANAGER","referenceType":"purl","referenceLocator":"pkg:generic/postgres@12.16?os_name=alpine&os_version=3.18"}],"licenseDeclared":"PostgreSQL"}]}' > /usr/local/postgres.spdx.json \
+ echo '{"spdxVersion":"SPDX-2.3","SPDXID":"SPDXRef-DOCUMENT","name":"postgres-sbom","packages":[{"name":"postgres","versionInfo":"12.17","SPDXID":"SPDXRef-Package--postgres","externalRefs":[{"referenceCategory":"PACKAGE-MANAGER","referenceType":"purl","referenceLocator":"pkg:generic/postgres@12.17?os_name=alpine&os_version=3.18"}],"licenseDeclared":"PostgreSQL"}]}' > /usr/local/postgres.spdx.json \
; \
postgres --version
diff --git a/12/bookworm/Dockerfile b/12/bookworm/Dockerfile
index be1dae2d24..fc78b06f0b 100644
--- a/12/bookworm/Dockerfile
+++ b/12/bookworm/Dockerfile
@@ -84,7 +84,7 @@ RUN set -ex; \
ENV PG_MAJOR 12
ENV PATH $PATH:/usr/lib/postgresql/$PG_MAJOR/bin
-ENV PG_VERSION 12.16-1.pgdg120+1
+ENV PG_VERSION 12.17-1.pgdg120+1
RUN set -ex; \
\
diff --git a/12/bullseye/Dockerfile b/12/bullseye/Dockerfile
index 1af7f7eaa9..2df49e2489 100644
--- a/12/bullseye/Dockerfile
+++ b/12/bullseye/Dockerfile
@@ -84,7 +84,7 @@ RUN set -ex; \
ENV PG_MAJOR 12
ENV PATH $PATH:/usr/lib/postgresql/$PG_MAJOR/bin
-ENV PG_VERSION 12.16-1.pgdg110+1
+ENV PG_VERSION 12.17-1.pgdg110+1
RUN set -ex; \
\
diff --git a/versions.json b/versions.json
index 6a12de7167..470f0c18a3 100644
--- a/versions.json
+++ b/versions.json
@@ -39,7 +39,7 @@
"ppc64el",
"s390x"
],
- "version": "12.16-1.pgdg120+1"
+ "version": "12.17-1.pgdg120+1"
},
"bullseye": {
"arches": [
@@ -48,18 +48,18 @@
"ppc64el",
"s390x"
],
- "version": "12.16-1.pgdg110+1"
+ "version": "12.17-1.pgdg110+1"
},
"debian": "bookworm",
"major": 12,
- "sha256": "c5f1fff7a0f93e1ec3746417b0594290ece617b4995ed95b8d527af0ba0e38f3",
+ "sha256": "93e8e1b23981d5f03c6c5763f77b28184c1ce4db7194fa466e2edb65d9c1c5f6",
"variants": [
"bookworm",
"bullseye",
"alpine3.18",
"alpine3.17"
],
- "version": "12.16"
+ "version": "12.17"
},
"13": {
"alpine": "3.18",
From ce930677d59d780645e69fa2fe68d4ac391b6d2e Mon Sep 17 00:00:00 2001
From: Docker Library Bot <doi+docker-library-bot@docker.com>
Date: Thu, 9 Nov 2023 11:28:24 -0800
Subject: [PATCH 030/115] Update 13 to 13.13, bookworm 13.13-1.pgdg120+1,
bullseye 13.13-1.pgdg110+1
---
13/alpine3.17/Dockerfile | 6 +++---
13/alpine3.18/Dockerfile | 6 +++---
13/bookworm/Dockerfile | 2 +-
13/bullseye/Dockerfile | 2 +-
versions.json | 8 ++++----
5 files changed, 12 insertions(+), 12 deletions(-)
diff --git a/13/alpine3.17/Dockerfile b/13/alpine3.17/Dockerfile
index 9510d10f56..f11c930e08 100644
--- a/13/alpine3.17/Dockerfile
+++ b/13/alpine3.17/Dockerfile
@@ -24,8 +24,8 @@ ENV LANG en_US.utf8
RUN mkdir /docker-entrypoint-initdb.d
ENV PG_MAJOR 13
-ENV PG_VERSION 13.12
-ENV PG_SHA256 0da1edcee3514b7bc7ba6dbaf0c00499e8ac1590668e8789c50253a6249f218b
+ENV PG_VERSION 13.13
+ENV PG_SHA256 8af69c2599047a2ad246567d68ec4131aef116954d8c3e469e9789080b37a474
ENV DOCKER_PG_LLVM_DEPS \
llvm15-dev \
@@ -152,7 +152,7 @@ RUN set -eux; \
/usr/local/share/doc \
/usr/local/share/man \
; \
- echo '{"spdxVersion":"SPDX-2.3","SPDXID":"SPDXRef-DOCUMENT","name":"postgres-sbom","packages":[{"name":"postgres","versionInfo":"13.12","SPDXID":"SPDXRef-Package--postgres","externalRefs":[{"referenceCategory":"PACKAGE-MANAGER","referenceType":"purl","referenceLocator":"pkg:generic/postgres@13.12?os_name=alpine&os_version=3.17"}],"licenseDeclared":"PostgreSQL"}]}' > /usr/local/postgres.spdx.json \
+ echo '{"spdxVersion":"SPDX-2.3","SPDXID":"SPDXRef-DOCUMENT","name":"postgres-sbom","packages":[{"name":"postgres","versionInfo":"13.13","SPDXID":"SPDXRef-Package--postgres","externalRefs":[{"referenceCategory":"PACKAGE-MANAGER","referenceType":"purl","referenceLocator":"pkg:generic/postgres@13.13?os_name=alpine&os_version=3.17"}],"licenseDeclared":"PostgreSQL"}]}' > /usr/local/postgres.spdx.json \
; \
postgres --version
diff --git a/13/alpine3.18/Dockerfile b/13/alpine3.18/Dockerfile
index 119d0ce90d..e3e5fde8f0 100644
--- a/13/alpine3.18/Dockerfile
+++ b/13/alpine3.18/Dockerfile
@@ -24,8 +24,8 @@ ENV LANG en_US.utf8
RUN mkdir /docker-entrypoint-initdb.d
ENV PG_MAJOR 13
-ENV PG_VERSION 13.12
-ENV PG_SHA256 0da1edcee3514b7bc7ba6dbaf0c00499e8ac1590668e8789c50253a6249f218b
+ENV PG_VERSION 13.13
+ENV PG_SHA256 8af69c2599047a2ad246567d68ec4131aef116954d8c3e469e9789080b37a474
ENV DOCKER_PG_LLVM_DEPS \
llvm15-dev \
@@ -152,7 +152,7 @@ RUN set -eux; \
/usr/local/share/doc \
/usr/local/share/man \
; \
- echo '{"spdxVersion":"SPDX-2.3","SPDXID":"SPDXRef-DOCUMENT","name":"postgres-sbom","packages":[{"name":"postgres","versionInfo":"13.12","SPDXID":"SPDXRef-Package--postgres","externalRefs":[{"referenceCategory":"PACKAGE-MANAGER","referenceType":"purl","referenceLocator":"pkg:generic/postgres@13.12?os_name=alpine&os_version=3.18"}],"licenseDeclared":"PostgreSQL"}]}' > /usr/local/postgres.spdx.json \
+ echo '{"spdxVersion":"SPDX-2.3","SPDXID":"SPDXRef-DOCUMENT","name":"postgres-sbom","packages":[{"name":"postgres","versionInfo":"13.13","SPDXID":"SPDXRef-Package--postgres","externalRefs":[{"referenceCategory":"PACKAGE-MANAGER","referenceType":"purl","referenceLocator":"pkg:generic/postgres@13.13?os_name=alpine&os_version=3.18"}],"licenseDeclared":"PostgreSQL"}]}' > /usr/local/postgres.spdx.json \
; \
postgres --version
diff --git a/13/bookworm/Dockerfile b/13/bookworm/Dockerfile
index 63e873bbf6..cdcab7f653 100644
--- a/13/bookworm/Dockerfile
+++ b/13/bookworm/Dockerfile
@@ -84,7 +84,7 @@ RUN set -ex; \
ENV PG_MAJOR 13
ENV PATH $PATH:/usr/lib/postgresql/$PG_MAJOR/bin
-ENV PG_VERSION 13.12-1.pgdg120+1
+ENV PG_VERSION 13.13-1.pgdg120+1
RUN set -ex; \
\
diff --git a/13/bullseye/Dockerfile b/13/bullseye/Dockerfile
index fa1f0ee364..e912263c14 100644
--- a/13/bullseye/Dockerfile
+++ b/13/bullseye/Dockerfile
@@ -84,7 +84,7 @@ RUN set -ex; \
ENV PG_MAJOR 13
ENV PATH $PATH:/usr/lib/postgresql/$PG_MAJOR/bin
-ENV PG_VERSION 13.12-1.pgdg110+1
+ENV PG_VERSION 13.13-1.pgdg110+1
RUN set -ex; \
\
diff --git a/versions.json b/versions.json
index 470f0c18a3..d23bee4c55 100644
--- a/versions.json
+++ b/versions.json
@@ -70,7 +70,7 @@
"ppc64el",
"s390x"
],
- "version": "13.12-1.pgdg120+1"
+ "version": "13.13-1.pgdg120+1"
},
"bullseye": {
"arches": [
@@ -79,18 +79,18 @@
"ppc64el",
"s390x"
],
- "version": "13.12-1.pgdg110+1"
+ "version": "13.13-1.pgdg110+1"
},
"debian": "bookworm",
"major": 13,
- "sha256": "0da1edcee3514b7bc7ba6dbaf0c00499e8ac1590668e8789c50253a6249f218b",
+ "sha256": "8af69c2599047a2ad246567d68ec4131aef116954d8c3e469e9789080b37a474",
"variants": [
"bookworm",
"bullseye",
"alpine3.18",
"alpine3.17"
],
- "version": "13.12"
+ "version": "13.13"
},
"14": {
"alpine": "3.18",
From d7660ac1e7417041e5197861d7d8c3d0954c83c4 Mon Sep 17 00:00:00 2001
From: Docker Library Bot <doi+docker-library-bot@docker.com>
Date: Thu, 9 Nov 2023 11:39:00 -0800
Subject: [PATCH 031/115] Update 14 to 14.10, bookworm 14.10-1.pgdg120+1,
bullseye 14.10-1.pgdg110+1
---
14/alpine3.17/Dockerfile | 6 +++---
14/alpine3.18/Dockerfile | 6 +++---
14/bookworm/Dockerfile | 2 +-
14/bullseye/Dockerfile | 2 +-
versions.json | 8 ++++----
5 files changed, 12 insertions(+), 12 deletions(-)
diff --git a/14/alpine3.17/Dockerfile b/14/alpine3.17/Dockerfile
index a814f6d12e..69867775cc 100644
--- a/14/alpine3.17/Dockerfile
+++ b/14/alpine3.17/Dockerfile
@@ -24,8 +24,8 @@ ENV LANG en_US.utf8
RUN mkdir /docker-entrypoint-initdb.d
ENV PG_MAJOR 14
-ENV PG_VERSION 14.9
-ENV PG_SHA256 b1fe3ba9b1a7f3a9637dd1656dfdad2889016073fd4d35f13b50143cbbb6a8ef
+ENV PG_VERSION 14.10
+ENV PG_SHA256 c99431c48e9d470b0d0ab946eb2141a3cd19130c2fb4dc4b3284a7774ecc8399
ENV DOCKER_PG_LLVM_DEPS \
llvm15-dev \
@@ -155,7 +155,7 @@ RUN set -eux; \
/usr/local/share/doc \
/usr/local/share/man \
; \
- echo '{"spdxVersion":"SPDX-2.3","SPDXID":"SPDXRef-DOCUMENT","name":"postgres-sbom","packages":[{"name":"postgres","versionInfo":"14.9","SPDXID":"SPDXRef-Package--postgres","externalRefs":[{"referenceCategory":"PACKAGE-MANAGER","referenceType":"purl","referenceLocator":"pkg:generic/postgres@14.9?os_name=alpine&os_version=3.17"}],"licenseDeclared":"PostgreSQL"}]}' > /usr/local/postgres.spdx.json \
+ echo '{"spdxVersion":"SPDX-2.3","SPDXID":"SPDXRef-DOCUMENT","name":"postgres-sbom","packages":[{"name":"postgres","versionInfo":"14.10","SPDXID":"SPDXRef-Package--postgres","externalRefs":[{"referenceCategory":"PACKAGE-MANAGER","referenceType":"purl","referenceLocator":"pkg:generic/postgres@14.10?os_name=alpine&os_version=3.17"}],"licenseDeclared":"PostgreSQL"}]}' > /usr/local/postgres.spdx.json \
; \
postgres --version
diff --git a/14/alpine3.18/Dockerfile b/14/alpine3.18/Dockerfile
index 2b6788066a..6efb1f3ae4 100644
--- a/14/alpine3.18/Dockerfile
+++ b/14/alpine3.18/Dockerfile
@@ -24,8 +24,8 @@ ENV LANG en_US.utf8
RUN mkdir /docker-entrypoint-initdb.d
ENV PG_MAJOR 14
-ENV PG_VERSION 14.9
-ENV PG_SHA256 b1fe3ba9b1a7f3a9637dd1656dfdad2889016073fd4d35f13b50143cbbb6a8ef
+ENV PG_VERSION 14.10
+ENV PG_SHA256 c99431c48e9d470b0d0ab946eb2141a3cd19130c2fb4dc4b3284a7774ecc8399
ENV DOCKER_PG_LLVM_DEPS \
llvm15-dev \
@@ -155,7 +155,7 @@ RUN set -eux; \
/usr/local/share/doc \
/usr/local/share/man \
; \
- echo '{"spdxVersion":"SPDX-2.3","SPDXID":"SPDXRef-DOCUMENT","name":"postgres-sbom","packages":[{"name":"postgres","versionInfo":"14.9","SPDXID":"SPDXRef-Package--postgres","externalRefs":[{"referenceCategory":"PACKAGE-MANAGER","referenceType":"purl","referenceLocator":"pkg:generic/postgres@14.9?os_name=alpine&os_version=3.18"}],"licenseDeclared":"PostgreSQL"}]}' > /usr/local/postgres.spdx.json \
+ echo '{"spdxVersion":"SPDX-2.3","SPDXID":"SPDXRef-DOCUMENT","name":"postgres-sbom","packages":[{"name":"postgres","versionInfo":"14.10","SPDXID":"SPDXRef-Package--postgres","externalRefs":[{"referenceCategory":"PACKAGE-MANAGER","referenceType":"purl","referenceLocator":"pkg:generic/postgres@14.10?os_name=alpine&os_version=3.18"}],"licenseDeclared":"PostgreSQL"}]}' > /usr/local/postgres.spdx.json \
; \
postgres --version
diff --git a/14/bookworm/Dockerfile b/14/bookworm/Dockerfile
index 08a11ced6a..9a2c737c0b 100644
--- a/14/bookworm/Dockerfile
+++ b/14/bookworm/Dockerfile
@@ -84,7 +84,7 @@ RUN set -ex; \
ENV PG_MAJOR 14
ENV PATH $PATH:/usr/lib/postgresql/$PG_MAJOR/bin
-ENV PG_VERSION 14.9-1.pgdg120+1
+ENV PG_VERSION 14.10-1.pgdg120+1
RUN set -ex; \
\
diff --git a/14/bullseye/Dockerfile b/14/bullseye/Dockerfile
index 0cd385b3e5..ecb7ffe02d 100644
--- a/14/bullseye/Dockerfile
+++ b/14/bullseye/Dockerfile
@@ -84,7 +84,7 @@ RUN set -ex; \
ENV PG_MAJOR 14
ENV PATH $PATH:/usr/lib/postgresql/$PG_MAJOR/bin
-ENV PG_VERSION 14.9-1.pgdg110+1
+ENV PG_VERSION 14.10-1.pgdg110+1
RUN set -ex; \
\
diff --git a/versions.json b/versions.json
index d23bee4c55..2d0c30403d 100644
--- a/versions.json
+++ b/versions.json
@@ -101,7 +101,7 @@
"ppc64el",
"s390x"
],
- "version": "14.9-1.pgdg120+1"
+ "version": "14.10-1.pgdg120+1"
},
"bullseye": {
"arches": [
@@ -110,18 +110,18 @@
"ppc64el",
"s390x"
],
- "version": "14.9-1.pgdg110+1"
+ "version": "14.10-1.pgdg110+1"
},
"debian": "bookworm",
"major": 14,
- "sha256": "b1fe3ba9b1a7f3a9637dd1656dfdad2889016073fd4d35f13b50143cbbb6a8ef",
+ "sha256": "c99431c48e9d470b0d0ab946eb2141a3cd19130c2fb4dc4b3284a7774ecc8399",
"variants": [
"bookworm",
"bullseye",
"alpine3.18",
"alpine3.17"
],
- "version": "14.9"
+ "version": "14.10"
},
"15": {
"alpine": "3.18",
From da624f9e2e26fd185c73532ec52203aa3683f4db Mon Sep 17 00:00:00 2001
From: Docker Library Bot <doi+docker-library-bot@docker.com>
Date: Thu, 9 Nov 2023 11:51:15 -0800
Subject: [PATCH 032/115] Update 15 to 15.5, bookworm 15.5-1.pgdg120+1,
bullseye 15.5-1.pgdg110+1
---
15/alpine3.17/Dockerfile | 6 +++---
15/alpine3.18/Dockerfile | 6 +++---
15/bookworm/Dockerfile | 2 +-
15/bullseye/Dockerfile | 2 +-
versions.json | 8 ++++----
5 files changed, 12 insertions(+), 12 deletions(-)
diff --git a/15/alpine3.17/Dockerfile b/15/alpine3.17/Dockerfile
index 3dfb914b27..ea6eb5b385 100644
--- a/15/alpine3.17/Dockerfile
+++ b/15/alpine3.17/Dockerfile
@@ -24,8 +24,8 @@ ENV LANG en_US.utf8
RUN mkdir /docker-entrypoint-initdb.d
ENV PG_MAJOR 15
-ENV PG_VERSION 15.4
-ENV PG_SHA256 baec5a4bdc4437336653b6cb5d9ed89be5bd5c0c58b94e0becee0a999e63c8f9
+ENV PG_VERSION 15.5
+ENV PG_SHA256 8f53aa95d78eb8e82536ea46b68187793b42bba3b4f65aa342f540b23c9b10a6
ENV DOCKER_PG_LLVM_DEPS \
llvm15-dev \
@@ -158,7 +158,7 @@ RUN set -eux; \
/usr/local/share/doc \
/usr/local/share/man \
; \
- echo '{"spdxVersion":"SPDX-2.3","SPDXID":"SPDXRef-DOCUMENT","name":"postgres-sbom","packages":[{"name":"postgres","versionInfo":"15.4","SPDXID":"SPDXRef-Package--postgres","externalRefs":[{"referenceCategory":"PACKAGE-MANAGER","referenceType":"purl","referenceLocator":"pkg:generic/postgres@15.4?os_name=alpine&os_version=3.17"}],"licenseDeclared":"PostgreSQL"}]}' > /usr/local/postgres.spdx.json \
+ echo '{"spdxVersion":"SPDX-2.3","SPDXID":"SPDXRef-DOCUMENT","name":"postgres-sbom","packages":[{"name":"postgres","versionInfo":"15.5","SPDXID":"SPDXRef-Package--postgres","externalRefs":[{"referenceCategory":"PACKAGE-MANAGER","referenceType":"purl","referenceLocator":"pkg:generic/postgres@15.5?os_name=alpine&os_version=3.17"}],"licenseDeclared":"PostgreSQL"}]}' > /usr/local/postgres.spdx.json \
; \
postgres --version
diff --git a/15/alpine3.18/Dockerfile b/15/alpine3.18/Dockerfile
index 560e8d644b..7099900433 100644
--- a/15/alpine3.18/Dockerfile
+++ b/15/alpine3.18/Dockerfile
@@ -24,8 +24,8 @@ ENV LANG en_US.utf8
RUN mkdir /docker-entrypoint-initdb.d
ENV PG_MAJOR 15
-ENV PG_VERSION 15.4
-ENV PG_SHA256 baec5a4bdc4437336653b6cb5d9ed89be5bd5c0c58b94e0becee0a999e63c8f9
+ENV PG_VERSION 15.5
+ENV PG_SHA256 8f53aa95d78eb8e82536ea46b68187793b42bba3b4f65aa342f540b23c9b10a6
ENV DOCKER_PG_LLVM_DEPS \
llvm15-dev \
@@ -158,7 +158,7 @@ RUN set -eux; \
/usr/local/share/doc \
/usr/local/share/man \
; \
- echo '{"spdxVersion":"SPDX-2.3","SPDXID":"SPDXRef-DOCUMENT","name":"postgres-sbom","packages":[{"name":"postgres","versionInfo":"15.4","SPDXID":"SPDXRef-Package--postgres","externalRefs":[{"referenceCategory":"PACKAGE-MANAGER","referenceType":"purl","referenceLocator":"pkg:generic/postgres@15.4?os_name=alpine&os_version=3.18"}],"licenseDeclared":"PostgreSQL"}]}' > /usr/local/postgres.spdx.json \
+ echo '{"spdxVersion":"SPDX-2.3","SPDXID":"SPDXRef-DOCUMENT","name":"postgres-sbom","packages":[{"name":"postgres","versionInfo":"15.5","SPDXID":"SPDXRef-Package--postgres","externalRefs":[{"referenceCategory":"PACKAGE-MANAGER","referenceType":"purl","referenceLocator":"pkg:generic/postgres@15.5?os_name=alpine&os_version=3.18"}],"licenseDeclared":"PostgreSQL"}]}' > /usr/local/postgres.spdx.json \
; \
postgres --version
diff --git a/15/bookworm/Dockerfile b/15/bookworm/Dockerfile
index 4e85949346..6354b9fd02 100644
--- a/15/bookworm/Dockerfile
+++ b/15/bookworm/Dockerfile
@@ -84,7 +84,7 @@ RUN set -ex; \
ENV PG_MAJOR 15
ENV PATH $PATH:/usr/lib/postgresql/$PG_MAJOR/bin
-ENV PG_VERSION 15.4-2.pgdg120+1
+ENV PG_VERSION 15.5-1.pgdg120+1
RUN set -ex; \
\
diff --git a/15/bullseye/Dockerfile b/15/bullseye/Dockerfile
index 0e8bc89675..ee6020db00 100644
--- a/15/bullseye/Dockerfile
+++ b/15/bullseye/Dockerfile
@@ -84,7 +84,7 @@ RUN set -ex; \
ENV PG_MAJOR 15
ENV PATH $PATH:/usr/lib/postgresql/$PG_MAJOR/bin
-ENV PG_VERSION 15.4-2.pgdg110+1
+ENV PG_VERSION 15.5-1.pgdg110+1
RUN set -ex; \
\
diff --git a/versions.json b/versions.json
index 2d0c30403d..62c9bf46a9 100644
--- a/versions.json
+++ b/versions.json
@@ -132,7 +132,7 @@
"ppc64el",
"s390x"
],
- "version": "15.4-2.pgdg120+1"
+ "version": "15.5-1.pgdg120+1"
},
"bullseye": {
"arches": [
@@ -141,18 +141,18 @@
"ppc64el",
"s390x"
],
- "version": "15.4-2.pgdg110+1"
+ "version": "15.5-1.pgdg110+1"
},
"debian": "bookworm",
"major": 15,
- "sha256": "baec5a4bdc4437336653b6cb5d9ed89be5bd5c0c58b94e0becee0a999e63c8f9",
+ "sha256": "8f53aa95d78eb8e82536ea46b68187793b42bba3b4f65aa342f540b23c9b10a6",
"variants": [
"bookworm",
"bullseye",
"alpine3.18",
"alpine3.17"
],
- "version": "15.4"
+ "version": "15.5"
},
"16": {
"alpine": "3.18",
From f85674ce472bc78b8b8a0478dacd595e44cb9616 Mon Sep 17 00:00:00 2001
From: Docker Library Bot <doi+docker-library-bot@docker.com>
Date: Thu, 9 Nov 2023 12:04:26 -0800
Subject: [PATCH 033/115] Update 16 to 16.1, bookworm 16.1-1.pgdg120+1,
bullseye 16.1-1.pgdg110+1
---
16/alpine3.17/Dockerfile | 6 +++---
16/alpine3.18/Dockerfile | 6 +++---
16/bookworm/Dockerfile | 2 +-
16/bullseye/Dockerfile | 2 +-
versions.json | 8 ++++----
5 files changed, 12 insertions(+), 12 deletions(-)
diff --git a/16/alpine3.17/Dockerfile b/16/alpine3.17/Dockerfile
index 5863fd58d3..a257139f77 100644
--- a/16/alpine3.17/Dockerfile
+++ b/16/alpine3.17/Dockerfile
@@ -24,8 +24,8 @@ ENV LANG en_US.utf8
RUN mkdir /docker-entrypoint-initdb.d
ENV PG_MAJOR 16
-ENV PG_VERSION 16.0
-ENV PG_SHA256 df9e823eb22330444e1d48e52cc65135a652a6fdb3ce325e3f08549339f51b99
+ENV PG_VERSION 16.1
+ENV PG_SHA256 ce3c4d85d19b0121fe0d3f8ef1fa601f71989e86f8a66f7dc3ad546dd5564fec
ENV DOCKER_PG_LLVM_DEPS \
llvm15-dev \
@@ -157,7 +157,7 @@ RUN set -eux; \
/usr/local/share/doc \
/usr/local/share/man \
; \
- echo '{"spdxVersion":"SPDX-2.3","SPDXID":"SPDXRef-DOCUMENT","name":"postgres-sbom","packages":[{"name":"postgres","versionInfo":"16.0","SPDXID":"SPDXRef-Package--postgres","externalRefs":[{"referenceCategory":"PACKAGE-MANAGER","referenceType":"purl","referenceLocator":"pkg:generic/postgres@16.0?os_name=alpine&os_version=3.17"}],"licenseDeclared":"PostgreSQL"}]}' > /usr/local/postgres.spdx.json \
+ echo '{"spdxVersion":"SPDX-2.3","SPDXID":"SPDXRef-DOCUMENT","name":"postgres-sbom","packages":[{"name":"postgres","versionInfo":"16.1","SPDXID":"SPDXRef-Package--postgres","externalRefs":[{"referenceCategory":"PACKAGE-MANAGER","referenceType":"purl","referenceLocator":"pkg:generic/postgres@16.1?os_name=alpine&os_version=3.17"}],"licenseDeclared":"PostgreSQL"}]}' > /usr/local/postgres.spdx.json \
; \
postgres --version
diff --git a/16/alpine3.18/Dockerfile b/16/alpine3.18/Dockerfile
index 94437870d5..17961b3ac1 100644
--- a/16/alpine3.18/Dockerfile
+++ b/16/alpine3.18/Dockerfile
@@ -24,8 +24,8 @@ ENV LANG en_US.utf8
RUN mkdir /docker-entrypoint-initdb.d
ENV PG_MAJOR 16
-ENV PG_VERSION 16.0
-ENV PG_SHA256 df9e823eb22330444e1d48e52cc65135a652a6fdb3ce325e3f08549339f51b99
+ENV PG_VERSION 16.1
+ENV PG_SHA256 ce3c4d85d19b0121fe0d3f8ef1fa601f71989e86f8a66f7dc3ad546dd5564fec
ENV DOCKER_PG_LLVM_DEPS \
llvm15-dev \
@@ -157,7 +157,7 @@ RUN set -eux; \
/usr/local/share/doc \
/usr/local/share/man \
; \
- echo '{"spdxVersion":"SPDX-2.3","SPDXID":"SPDXRef-DOCUMENT","name":"postgres-sbom","packages":[{"name":"postgres","versionInfo":"16.0","SPDXID":"SPDXRef-Package--postgres","externalRefs":[{"referenceCategory":"PACKAGE-MANAGER","referenceType":"purl","referenceLocator":"pkg:generic/postgres@16.0?os_name=alpine&os_version=3.18"}],"licenseDeclared":"PostgreSQL"}]}' > /usr/local/postgres.spdx.json \
+ echo '{"spdxVersion":"SPDX-2.3","SPDXID":"SPDXRef-DOCUMENT","name":"postgres-sbom","packages":[{"name":"postgres","versionInfo":"16.1","SPDXID":"SPDXRef-Package--postgres","externalRefs":[{"referenceCategory":"PACKAGE-MANAGER","referenceType":"purl","referenceLocator":"pkg:generic/postgres@16.1?os_name=alpine&os_version=3.18"}],"licenseDeclared":"PostgreSQL"}]}' > /usr/local/postgres.spdx.json \
; \
postgres --version
diff --git a/16/bookworm/Dockerfile b/16/bookworm/Dockerfile
index 30ebb70a2c..a89f7ee3af 100644
--- a/16/bookworm/Dockerfile
+++ b/16/bookworm/Dockerfile
@@ -84,7 +84,7 @@ RUN set -ex; \
ENV PG_MAJOR 16
ENV PATH $PATH:/usr/lib/postgresql/$PG_MAJOR/bin
-ENV PG_VERSION 16.0-1.pgdg120+1
+ENV PG_VERSION 16.1-1.pgdg120+1
RUN set -ex; \
\
diff --git a/16/bullseye/Dockerfile b/16/bullseye/Dockerfile
index ceb76d0032..53237b4998 100644
--- a/16/bullseye/Dockerfile
+++ b/16/bullseye/Dockerfile
@@ -84,7 +84,7 @@ RUN set -ex; \
ENV PG_MAJOR 16
ENV PATH $PATH:/usr/lib/postgresql/$PG_MAJOR/bin
-ENV PG_VERSION 16.0-1.pgdg110+1
+ENV PG_VERSION 16.1-1.pgdg110+1
RUN set -ex; \
\
diff --git a/versions.json b/versions.json
index 62c9bf46a9..f4acc7ebf5 100644
--- a/versions.json
+++ b/versions.json
@@ -163,7 +163,7 @@
"ppc64el",
"s390x"
],
- "version": "16.0-1.pgdg120+1"
+ "version": "16.1-1.pgdg120+1"
},
"bullseye": {
"arches": [
@@ -172,17 +172,17 @@
"ppc64el",
"s390x"
],
- "version": "16.0-1.pgdg110+1"
+ "version": "16.1-1.pgdg110+1"
},
"debian": "bookworm",
"major": 16,
- "sha256": "df9e823eb22330444e1d48e52cc65135a652a6fdb3ce325e3f08549339f51b99",
+ "sha256": "ce3c4d85d19b0121fe0d3f8ef1fa601f71989e86f8a66f7dc3ad546dd5564fec",
"variants": [
"bookworm",
"bullseye",
"alpine3.18",
"alpine3.17"
],
- "version": "16.0"
+ "version": "16.1"
}
}
From 2468c9d91a2ef4055411e09c42cd054732ebf579 Mon Sep 17 00:00:00 2001
From: Tianon Gravi <admwiggin@gmail.com>
Date: Wed, 29 Nov 2023 16:11:07 -0800
Subject: [PATCH 034/115] Update permissions from 777 to 1777 (redux)
I somehow missed Debian in 25b3034e9b0155c3e71acaf650243e7d12a571c1 (only updated Alpine), so this updates Debian in the same way.
> This still supports the "arbitrary user" use case but with slightly tighter permissions on the end result.
>
> This one is a little bit more "special" other images (due to the existing runtime/entrypoint modification of the directory modes) so I've tried to pick reasonable values for both halves.
---
11/alpine3.17/Dockerfile | 2 +-
11/alpine3.18/Dockerfile | 2 +-
11/bookworm/Dockerfile | 6 +++---
11/bullseye/Dockerfile | 6 +++---
12/alpine3.17/Dockerfile | 2 +-
12/alpine3.18/Dockerfile | 2 +-
12/bookworm/Dockerfile | 6 +++---
12/bullseye/Dockerfile | 6 +++---
13/alpine3.17/Dockerfile | 2 +-
13/alpine3.18/Dockerfile | 2 +-
13/bookworm/Dockerfile | 6 +++---
13/bullseye/Dockerfile | 6 +++---
14/alpine3.17/Dockerfile | 2 +-
14/alpine3.18/Dockerfile | 2 +-
14/bookworm/Dockerfile | 6 +++---
14/bullseye/Dockerfile | 6 +++---
15/alpine3.17/Dockerfile | 2 +-
15/alpine3.18/Dockerfile | 2 +-
15/bookworm/Dockerfile | 6 +++---
15/bullseye/Dockerfile | 6 +++---
16/alpine3.17/Dockerfile | 2 +-
16/alpine3.18/Dockerfile | 2 +-
16/bookworm/Dockerfile | 6 +++---
16/bullseye/Dockerfile | 6 +++---
Dockerfile-alpine.template | 2 +-
Dockerfile-debian.template | 6 +++---
26 files changed, 52 insertions(+), 52 deletions(-)
diff --git a/11/alpine3.17/Dockerfile b/11/alpine3.17/Dockerfile
index ea3c85deb4..6675a1cb21 100644
--- a/11/alpine3.17/Dockerfile
+++ b/11/alpine3.17/Dockerfile
@@ -165,7 +165,7 @@ RUN set -eux; \
RUN mkdir -p /var/run/postgresql && chown -R postgres:postgres /var/run/postgresql && chmod 3777 /var/run/postgresql
ENV PGDATA /var/lib/postgresql/data
-# this 777 will be replaced by 700 at runtime (allows semi-arbitrary "--user" values)
+# this 1777 will be replaced by 0700 at runtime (allows semi-arbitrary "--user" values)
RUN mkdir -p "$PGDATA" && chown -R postgres:postgres "$PGDATA" && chmod 1777 "$PGDATA"
VOLUME /var/lib/postgresql/data
diff --git a/11/alpine3.18/Dockerfile b/11/alpine3.18/Dockerfile
index 76989691e7..8e5d701a7d 100644
--- a/11/alpine3.18/Dockerfile
+++ b/11/alpine3.18/Dockerfile
@@ -165,7 +165,7 @@ RUN set -eux; \
RUN mkdir -p /var/run/postgresql && chown -R postgres:postgres /var/run/postgresql && chmod 3777 /var/run/postgresql
ENV PGDATA /var/lib/postgresql/data
-# this 777 will be replaced by 700 at runtime (allows semi-arbitrary "--user" values)
+# this 1777 will be replaced by 0700 at runtime (allows semi-arbitrary "--user" values)
RUN mkdir -p "$PGDATA" && chown -R postgres:postgres "$PGDATA" && chmod 1777 "$PGDATA"
VOLUME /var/lib/postgresql/data
diff --git a/11/bookworm/Dockerfile b/11/bookworm/Dockerfile
index ca21311f93..69f863bef2 100644
--- a/11/bookworm/Dockerfile
+++ b/11/bookworm/Dockerfile
@@ -175,11 +175,11 @@ RUN set -eux; \
sed -ri "s!^#?(listen_addresses)\s*=\s*\S+.*!\1 = '*'!" /usr/share/postgresql/postgresql.conf.sample; \
grep -F "listen_addresses = '*'" /usr/share/postgresql/postgresql.conf.sample
-RUN mkdir -p /var/run/postgresql && chown -R postgres:postgres /var/run/postgresql && chmod 2777 /var/run/postgresql
+RUN mkdir -p /var/run/postgresql && chown -R postgres:postgres /var/run/postgresql && chmod 3777 /var/run/postgresql
ENV PGDATA /var/lib/postgresql/data
-# this 777 will be replaced by 700 at runtime (allows semi-arbitrary "--user" values)
-RUN mkdir -p "$PGDATA" && chown -R postgres:postgres "$PGDATA" && chmod 777 "$PGDATA"
+# this 1777 will be replaced by 0700 at runtime (allows semi-arbitrary "--user" values)
+RUN mkdir -p "$PGDATA" && chown -R postgres:postgres "$PGDATA" && chmod 1777 "$PGDATA"
VOLUME /var/lib/postgresql/data
COPY docker-entrypoint.sh /usr/local/bin/
diff --git a/11/bullseye/Dockerfile b/11/bullseye/Dockerfile
index 18a6164560..f7bb865651 100644
--- a/11/bullseye/Dockerfile
+++ b/11/bullseye/Dockerfile
@@ -175,11 +175,11 @@ RUN set -eux; \
sed -ri "s!^#?(listen_addresses)\s*=\s*\S+.*!\1 = '*'!" /usr/share/postgresql/postgresql.conf.sample; \
grep -F "listen_addresses = '*'" /usr/share/postgresql/postgresql.conf.sample
-RUN mkdir -p /var/run/postgresql && chown -R postgres:postgres /var/run/postgresql && chmod 2777 /var/run/postgresql
+RUN mkdir -p /var/run/postgresql && chown -R postgres:postgres /var/run/postgresql && chmod 3777 /var/run/postgresql
ENV PGDATA /var/lib/postgresql/data
-# this 777 will be replaced by 700 at runtime (allows semi-arbitrary "--user" values)
-RUN mkdir -p "$PGDATA" && chown -R postgres:postgres "$PGDATA" && chmod 777 "$PGDATA"
+# this 1777 will be replaced by 0700 at runtime (allows semi-arbitrary "--user" values)
+RUN mkdir -p "$PGDATA" && chown -R postgres:postgres "$PGDATA" && chmod 1777 "$PGDATA"
VOLUME /var/lib/postgresql/data
COPY docker-entrypoint.sh /usr/local/bin/
diff --git a/12/alpine3.17/Dockerfile b/12/alpine3.17/Dockerfile
index 0143bbaa25..f7f9284cbf 100644
--- a/12/alpine3.17/Dockerfile
+++ b/12/alpine3.17/Dockerfile
@@ -165,7 +165,7 @@ RUN set -eux; \
RUN mkdir -p /var/run/postgresql && chown -R postgres:postgres /var/run/postgresql && chmod 3777 /var/run/postgresql
ENV PGDATA /var/lib/postgresql/data
-# this 777 will be replaced by 700 at runtime (allows semi-arbitrary "--user" values)
+# this 1777 will be replaced by 0700 at runtime (allows semi-arbitrary "--user" values)
RUN mkdir -p "$PGDATA" && chown -R postgres:postgres "$PGDATA" && chmod 1777 "$PGDATA"
VOLUME /var/lib/postgresql/data
diff --git a/12/alpine3.18/Dockerfile b/12/alpine3.18/Dockerfile
index 66dd4e7f94..fde4049703 100644
--- a/12/alpine3.18/Dockerfile
+++ b/12/alpine3.18/Dockerfile
@@ -165,7 +165,7 @@ RUN set -eux; \
RUN mkdir -p /var/run/postgresql && chown -R postgres:postgres /var/run/postgresql && chmod 3777 /var/run/postgresql
ENV PGDATA /var/lib/postgresql/data
-# this 777 will be replaced by 700 at runtime (allows semi-arbitrary "--user" values)
+# this 1777 will be replaced by 0700 at runtime (allows semi-arbitrary "--user" values)
RUN mkdir -p "$PGDATA" && chown -R postgres:postgres "$PGDATA" && chmod 1777 "$PGDATA"
VOLUME /var/lib/postgresql/data
diff --git a/12/bookworm/Dockerfile b/12/bookworm/Dockerfile
index fc78b06f0b..4203c226e1 100644
--- a/12/bookworm/Dockerfile
+++ b/12/bookworm/Dockerfile
@@ -175,11 +175,11 @@ RUN set -eux; \
sed -ri "s!^#?(listen_addresses)\s*=\s*\S+.*!\1 = '*'!" /usr/share/postgresql/postgresql.conf.sample; \
grep -F "listen_addresses = '*'" /usr/share/postgresql/postgresql.conf.sample
-RUN mkdir -p /var/run/postgresql && chown -R postgres:postgres /var/run/postgresql && chmod 2777 /var/run/postgresql
+RUN mkdir -p /var/run/postgresql && chown -R postgres:postgres /var/run/postgresql && chmod 3777 /var/run/postgresql
ENV PGDATA /var/lib/postgresql/data
-# this 777 will be replaced by 700 at runtime (allows semi-arbitrary "--user" values)
-RUN mkdir -p "$PGDATA" && chown -R postgres:postgres "$PGDATA" && chmod 777 "$PGDATA"
+# this 1777 will be replaced by 0700 at runtime (allows semi-arbitrary "--user" values)
+RUN mkdir -p "$PGDATA" && chown -R postgres:postgres "$PGDATA" && chmod 1777 "$PGDATA"
VOLUME /var/lib/postgresql/data
COPY docker-entrypoint.sh /usr/local/bin/
diff --git a/12/bullseye/Dockerfile b/12/bullseye/Dockerfile
index 2df49e2489..ad25a552ad 100644
--- a/12/bullseye/Dockerfile
+++ b/12/bullseye/Dockerfile
@@ -175,11 +175,11 @@ RUN set -eux; \
sed -ri "s!^#?(listen_addresses)\s*=\s*\S+.*!\1 = '*'!" /usr/share/postgresql/postgresql.conf.sample; \
grep -F "listen_addresses = '*'" /usr/share/postgresql/postgresql.conf.sample
-RUN mkdir -p /var/run/postgresql && chown -R postgres:postgres /var/run/postgresql && chmod 2777 /var/run/postgresql
+RUN mkdir -p /var/run/postgresql && chown -R postgres:postgres /var/run/postgresql && chmod 3777 /var/run/postgresql
ENV PGDATA /var/lib/postgresql/data
-# this 777 will be replaced by 700 at runtime (allows semi-arbitrary "--user" values)
-RUN mkdir -p "$PGDATA" && chown -R postgres:postgres "$PGDATA" && chmod 777 "$PGDATA"
+# this 1777 will be replaced by 0700 at runtime (allows semi-arbitrary "--user" values)
+RUN mkdir -p "$PGDATA" && chown -R postgres:postgres "$PGDATA" && chmod 1777 "$PGDATA"
VOLUME /var/lib/postgresql/data
COPY docker-entrypoint.sh /usr/local/bin/
diff --git a/13/alpine3.17/Dockerfile b/13/alpine3.17/Dockerfile
index f11c930e08..ab7ceab4b1 100644
--- a/13/alpine3.17/Dockerfile
+++ b/13/alpine3.17/Dockerfile
@@ -165,7 +165,7 @@ RUN set -eux; \
RUN mkdir -p /var/run/postgresql && chown -R postgres:postgres /var/run/postgresql && chmod 3777 /var/run/postgresql
ENV PGDATA /var/lib/postgresql/data
-# this 777 will be replaced by 700 at runtime (allows semi-arbitrary "--user" values)
+# this 1777 will be replaced by 0700 at runtime (allows semi-arbitrary "--user" values)
RUN mkdir -p "$PGDATA" && chown -R postgres:postgres "$PGDATA" && chmod 1777 "$PGDATA"
VOLUME /var/lib/postgresql/data
diff --git a/13/alpine3.18/Dockerfile b/13/alpine3.18/Dockerfile
index e3e5fde8f0..cd9936c4c4 100644
--- a/13/alpine3.18/Dockerfile
+++ b/13/alpine3.18/Dockerfile
@@ -165,7 +165,7 @@ RUN set -eux; \
RUN mkdir -p /var/run/postgresql && chown -R postgres:postgres /var/run/postgresql && chmod 3777 /var/run/postgresql
ENV PGDATA /var/lib/postgresql/data
-# this 777 will be replaced by 700 at runtime (allows semi-arbitrary "--user" values)
+# this 1777 will be replaced by 0700 at runtime (allows semi-arbitrary "--user" values)
RUN mkdir -p "$PGDATA" && chown -R postgres:postgres "$PGDATA" && chmod 1777 "$PGDATA"
VOLUME /var/lib/postgresql/data
diff --git a/13/bookworm/Dockerfile b/13/bookworm/Dockerfile
index cdcab7f653..9b1dab9be8 100644
--- a/13/bookworm/Dockerfile
+++ b/13/bookworm/Dockerfile
@@ -177,11 +177,11 @@ RUN set -eux; \
sed -ri "s!^#?(listen_addresses)\s*=\s*\S+.*!\1 = '*'!" /usr/share/postgresql/postgresql.conf.sample; \
grep -F "listen_addresses = '*'" /usr/share/postgresql/postgresql.conf.sample
-RUN mkdir -p /var/run/postgresql && chown -R postgres:postgres /var/run/postgresql && chmod 2777 /var/run/postgresql
+RUN mkdir -p /var/run/postgresql && chown -R postgres:postgres /var/run/postgresql && chmod 3777 /var/run/postgresql
ENV PGDATA /var/lib/postgresql/data
-# this 777 will be replaced by 700 at runtime (allows semi-arbitrary "--user" values)
-RUN mkdir -p "$PGDATA" && chown -R postgres:postgres "$PGDATA" && chmod 777 "$PGDATA"
+# this 1777 will be replaced by 0700 at runtime (allows semi-arbitrary "--user" values)
+RUN mkdir -p "$PGDATA" && chown -R postgres:postgres "$PGDATA" && chmod 1777 "$PGDATA"
VOLUME /var/lib/postgresql/data
COPY docker-entrypoint.sh /usr/local/bin/
diff --git a/13/bullseye/Dockerfile b/13/bullseye/Dockerfile
index e912263c14..be787cf111 100644
--- a/13/bullseye/Dockerfile
+++ b/13/bullseye/Dockerfile
@@ -177,11 +177,11 @@ RUN set -eux; \
sed -ri "s!^#?(listen_addresses)\s*=\s*\S+.*!\1 = '*'!" /usr/share/postgresql/postgresql.conf.sample; \
grep -F "listen_addresses = '*'" /usr/share/postgresql/postgresql.conf.sample
-RUN mkdir -p /var/run/postgresql && chown -R postgres:postgres /var/run/postgresql && chmod 2777 /var/run/postgresql
+RUN mkdir -p /var/run/postgresql && chown -R postgres:postgres /var/run/postgresql && chmod 3777 /var/run/postgresql
ENV PGDATA /var/lib/postgresql/data
-# this 777 will be replaced by 700 at runtime (allows semi-arbitrary "--user" values)
-RUN mkdir -p "$PGDATA" && chown -R postgres:postgres "$PGDATA" && chmod 777 "$PGDATA"
+# this 1777 will be replaced by 0700 at runtime (allows semi-arbitrary "--user" values)
+RUN mkdir -p "$PGDATA" && chown -R postgres:postgres "$PGDATA" && chmod 1777 "$PGDATA"
VOLUME /var/lib/postgresql/data
COPY docker-entrypoint.sh /usr/local/bin/
diff --git a/14/alpine3.17/Dockerfile b/14/alpine3.17/Dockerfile
index 69867775cc..4283c5f1b0 100644
--- a/14/alpine3.17/Dockerfile
+++ b/14/alpine3.17/Dockerfile
@@ -168,7 +168,7 @@ RUN set -eux; \
RUN mkdir -p /var/run/postgresql && chown -R postgres:postgres /var/run/postgresql && chmod 3777 /var/run/postgresql
ENV PGDATA /var/lib/postgresql/data
-# this 777 will be replaced by 700 at runtime (allows semi-arbitrary "--user" values)
+# this 1777 will be replaced by 0700 at runtime (allows semi-arbitrary "--user" values)
RUN mkdir -p "$PGDATA" && chown -R postgres:postgres "$PGDATA" && chmod 1777 "$PGDATA"
VOLUME /var/lib/postgresql/data
diff --git a/14/alpine3.18/Dockerfile b/14/alpine3.18/Dockerfile
index 6efb1f3ae4..9856dcc54b 100644
--- a/14/alpine3.18/Dockerfile
+++ b/14/alpine3.18/Dockerfile
@@ -168,7 +168,7 @@ RUN set -eux; \
RUN mkdir -p /var/run/postgresql && chown -R postgres:postgres /var/run/postgresql && chmod 3777 /var/run/postgresql
ENV PGDATA /var/lib/postgresql/data
-# this 777 will be replaced by 700 at runtime (allows semi-arbitrary "--user" values)
+# this 1777 will be replaced by 0700 at runtime (allows semi-arbitrary "--user" values)
RUN mkdir -p "$PGDATA" && chown -R postgres:postgres "$PGDATA" && chmod 1777 "$PGDATA"
VOLUME /var/lib/postgresql/data
diff --git a/14/bookworm/Dockerfile b/14/bookworm/Dockerfile
index 9a2c737c0b..36a84c8abf 100644
--- a/14/bookworm/Dockerfile
+++ b/14/bookworm/Dockerfile
@@ -175,11 +175,11 @@ RUN set -eux; \
sed -ri "s!^#?(listen_addresses)\s*=\s*\S+.*!\1 = '*'!" /usr/share/postgresql/postgresql.conf.sample; \
grep -F "listen_addresses = '*'" /usr/share/postgresql/postgresql.conf.sample
-RUN mkdir -p /var/run/postgresql && chown -R postgres:postgres /var/run/postgresql && chmod 2777 /var/run/postgresql
+RUN mkdir -p /var/run/postgresql && chown -R postgres:postgres /var/run/postgresql && chmod 3777 /var/run/postgresql
ENV PGDATA /var/lib/postgresql/data
-# this 777 will be replaced by 700 at runtime (allows semi-arbitrary "--user" values)
-RUN mkdir -p "$PGDATA" && chown -R postgres:postgres "$PGDATA" && chmod 777 "$PGDATA"
+# this 1777 will be replaced by 0700 at runtime (allows semi-arbitrary "--user" values)
+RUN mkdir -p "$PGDATA" && chown -R postgres:postgres "$PGDATA" && chmod 1777 "$PGDATA"
VOLUME /var/lib/postgresql/data
COPY docker-entrypoint.sh /usr/local/bin/
diff --git a/14/bullseye/Dockerfile b/14/bullseye/Dockerfile
index ecb7ffe02d..798ca635eb 100644
--- a/14/bullseye/Dockerfile
+++ b/14/bullseye/Dockerfile
@@ -175,11 +175,11 @@ RUN set -eux; \
sed -ri "s!^#?(listen_addresses)\s*=\s*\S+.*!\1 = '*'!" /usr/share/postgresql/postgresql.conf.sample; \
grep -F "listen_addresses = '*'" /usr/share/postgresql/postgresql.conf.sample
-RUN mkdir -p /var/run/postgresql && chown -R postgres:postgres /var/run/postgresql && chmod 2777 /var/run/postgresql
+RUN mkdir -p /var/run/postgresql && chown -R postgres:postgres /var/run/postgresql && chmod 3777 /var/run/postgresql
ENV PGDATA /var/lib/postgresql/data
-# this 777 will be replaced by 700 at runtime (allows semi-arbitrary "--user" values)
-RUN mkdir -p "$PGDATA" && chown -R postgres:postgres "$PGDATA" && chmod 777 "$PGDATA"
+# this 1777 will be replaced by 0700 at runtime (allows semi-arbitrary "--user" values)
+RUN mkdir -p "$PGDATA" && chown -R postgres:postgres "$PGDATA" && chmod 1777 "$PGDATA"
VOLUME /var/lib/postgresql/data
COPY docker-entrypoint.sh /usr/local/bin/
diff --git a/15/alpine3.17/Dockerfile b/15/alpine3.17/Dockerfile
index ea6eb5b385..324f745d35 100644
--- a/15/alpine3.17/Dockerfile
+++ b/15/alpine3.17/Dockerfile
@@ -171,7 +171,7 @@ RUN set -eux; \
RUN mkdir -p /var/run/postgresql && chown -R postgres:postgres /var/run/postgresql && chmod 3777 /var/run/postgresql
ENV PGDATA /var/lib/postgresql/data
-# this 777 will be replaced by 700 at runtime (allows semi-arbitrary "--user" values)
+# this 1777 will be replaced by 0700 at runtime (allows semi-arbitrary "--user" values)
RUN mkdir -p "$PGDATA" && chown -R postgres:postgres "$PGDATA" && chmod 1777 "$PGDATA"
VOLUME /var/lib/postgresql/data
diff --git a/15/alpine3.18/Dockerfile b/15/alpine3.18/Dockerfile
index 7099900433..8fda3e0adf 100644
--- a/15/alpine3.18/Dockerfile
+++ b/15/alpine3.18/Dockerfile
@@ -171,7 +171,7 @@ RUN set -eux; \
RUN mkdir -p /var/run/postgresql && chown -R postgres:postgres /var/run/postgresql && chmod 3777 /var/run/postgresql
ENV PGDATA /var/lib/postgresql/data
-# this 777 will be replaced by 700 at runtime (allows semi-arbitrary "--user" values)
+# this 1777 will be replaced by 0700 at runtime (allows semi-arbitrary "--user" values)
RUN mkdir -p "$PGDATA" && chown -R postgres:postgres "$PGDATA" && chmod 1777 "$PGDATA"
VOLUME /var/lib/postgresql/data
diff --git a/15/bookworm/Dockerfile b/15/bookworm/Dockerfile
index 6354b9fd02..3f9eff6e8e 100644
--- a/15/bookworm/Dockerfile
+++ b/15/bookworm/Dockerfile
@@ -175,11 +175,11 @@ RUN set -eux; \
sed -ri "s!^#?(listen_addresses)\s*=\s*\S+.*!\1 = '*'!" /usr/share/postgresql/postgresql.conf.sample; \
grep -F "listen_addresses = '*'" /usr/share/postgresql/postgresql.conf.sample
-RUN mkdir -p /var/run/postgresql && chown -R postgres:postgres /var/run/postgresql && chmod 2777 /var/run/postgresql
+RUN mkdir -p /var/run/postgresql && chown -R postgres:postgres /var/run/postgresql && chmod 3777 /var/run/postgresql
ENV PGDATA /var/lib/postgresql/data
-# this 777 will be replaced by 700 at runtime (allows semi-arbitrary "--user" values)
-RUN mkdir -p "$PGDATA" && chown -R postgres:postgres "$PGDATA" && chmod 777 "$PGDATA"
+# this 1777 will be replaced by 0700 at runtime (allows semi-arbitrary "--user" values)
+RUN mkdir -p "$PGDATA" && chown -R postgres:postgres "$PGDATA" && chmod 1777 "$PGDATA"
VOLUME /var/lib/postgresql/data
COPY docker-entrypoint.sh /usr/local/bin/
diff --git a/15/bullseye/Dockerfile b/15/bullseye/Dockerfile
index ee6020db00..f93842e4b2 100644
--- a/15/bullseye/Dockerfile
+++ b/15/bullseye/Dockerfile
@@ -175,11 +175,11 @@ RUN set -eux; \
sed -ri "s!^#?(listen_addresses)\s*=\s*\S+.*!\1 = '*'!" /usr/share/postgresql/postgresql.conf.sample; \
grep -F "listen_addresses = '*'" /usr/share/postgresql/postgresql.conf.sample
-RUN mkdir -p /var/run/postgresql && chown -R postgres:postgres /var/run/postgresql && chmod 2777 /var/run/postgresql
+RUN mkdir -p /var/run/postgresql && chown -R postgres:postgres /var/run/postgresql && chmod 3777 /var/run/postgresql
ENV PGDATA /var/lib/postgresql/data
-# this 777 will be replaced by 700 at runtime (allows semi-arbitrary "--user" values)
-RUN mkdir -p "$PGDATA" && chown -R postgres:postgres "$PGDATA" && chmod 777 "$PGDATA"
+# this 1777 will be replaced by 0700 at runtime (allows semi-arbitrary "--user" values)
+RUN mkdir -p "$PGDATA" && chown -R postgres:postgres "$PGDATA" && chmod 1777 "$PGDATA"
VOLUME /var/lib/postgresql/data
COPY docker-entrypoint.sh /usr/local/bin/
diff --git a/16/alpine3.17/Dockerfile b/16/alpine3.17/Dockerfile
index a257139f77..ef93501447 100644
--- a/16/alpine3.17/Dockerfile
+++ b/16/alpine3.17/Dockerfile
@@ -170,7 +170,7 @@ RUN set -eux; \
RUN mkdir -p /var/run/postgresql && chown -R postgres:postgres /var/run/postgresql && chmod 3777 /var/run/postgresql
ENV PGDATA /var/lib/postgresql/data
-# this 777 will be replaced by 700 at runtime (allows semi-arbitrary "--user" values)
+# this 1777 will be replaced by 0700 at runtime (allows semi-arbitrary "--user" values)
RUN mkdir -p "$PGDATA" && chown -R postgres:postgres "$PGDATA" && chmod 1777 "$PGDATA"
VOLUME /var/lib/postgresql/data
diff --git a/16/alpine3.18/Dockerfile b/16/alpine3.18/Dockerfile
index 17961b3ac1..c93ecdb229 100644
--- a/16/alpine3.18/Dockerfile
+++ b/16/alpine3.18/Dockerfile
@@ -170,7 +170,7 @@ RUN set -eux; \
RUN mkdir -p /var/run/postgresql && chown -R postgres:postgres /var/run/postgresql && chmod 3777 /var/run/postgresql
ENV PGDATA /var/lib/postgresql/data
-# this 777 will be replaced by 700 at runtime (allows semi-arbitrary "--user" values)
+# this 1777 will be replaced by 0700 at runtime (allows semi-arbitrary "--user" values)
RUN mkdir -p "$PGDATA" && chown -R postgres:postgres "$PGDATA" && chmod 1777 "$PGDATA"
VOLUME /var/lib/postgresql/data
diff --git a/16/bookworm/Dockerfile b/16/bookworm/Dockerfile
index a89f7ee3af..55e6934a4a 100644
--- a/16/bookworm/Dockerfile
+++ b/16/bookworm/Dockerfile
@@ -175,11 +175,11 @@ RUN set -eux; \
sed -ri "s!^#?(listen_addresses)\s*=\s*\S+.*!\1 = '*'!" /usr/share/postgresql/postgresql.conf.sample; \
grep -F "listen_addresses = '*'" /usr/share/postgresql/postgresql.conf.sample
-RUN mkdir -p /var/run/postgresql && chown -R postgres:postgres /var/run/postgresql && chmod 2777 /var/run/postgresql
+RUN mkdir -p /var/run/postgresql && chown -R postgres:postgres /var/run/postgresql && chmod 3777 /var/run/postgresql
ENV PGDATA /var/lib/postgresql/data
-# this 777 will be replaced by 700 at runtime (allows semi-arbitrary "--user" values)
-RUN mkdir -p "$PGDATA" && chown -R postgres:postgres "$PGDATA" && chmod 777 "$PGDATA"
+# this 1777 will be replaced by 0700 at runtime (allows semi-arbitrary "--user" values)
+RUN mkdir -p "$PGDATA" && chown -R postgres:postgres "$PGDATA" && chmod 1777 "$PGDATA"
VOLUME /var/lib/postgresql/data
COPY docker-entrypoint.sh /usr/local/bin/
diff --git a/16/bullseye/Dockerfile b/16/bullseye/Dockerfile
index 53237b4998..3d650c2b79 100644
--- a/16/bullseye/Dockerfile
+++ b/16/bullseye/Dockerfile
@@ -175,11 +175,11 @@ RUN set -eux; \
sed -ri "s!^#?(listen_addresses)\s*=\s*\S+.*!\1 = '*'!" /usr/share/postgresql/postgresql.conf.sample; \
grep -F "listen_addresses = '*'" /usr/share/postgresql/postgresql.conf.sample
-RUN mkdir -p /var/run/postgresql && chown -R postgres:postgres /var/run/postgresql && chmod 2777 /var/run/postgresql
+RUN mkdir -p /var/run/postgresql && chown -R postgres:postgres /var/run/postgresql && chmod 3777 /var/run/postgresql
ENV PGDATA /var/lib/postgresql/data
-# this 777 will be replaced by 700 at runtime (allows semi-arbitrary "--user" values)
-RUN mkdir -p "$PGDATA" && chown -R postgres:postgres "$PGDATA" && chmod 777 "$PGDATA"
+# this 1777 will be replaced by 0700 at runtime (allows semi-arbitrary "--user" values)
+RUN mkdir -p "$PGDATA" && chown -R postgres:postgres "$PGDATA" && chmod 1777 "$PGDATA"
VOLUME /var/lib/postgresql/data
COPY docker-entrypoint.sh /usr/local/bin/
diff --git a/Dockerfile-alpine.template b/Dockerfile-alpine.template
index 0548c0126a..efbccde00e 100644
--- a/Dockerfile-alpine.template
+++ b/Dockerfile-alpine.template
@@ -190,7 +190,7 @@ RUN set -eux; \
RUN mkdir -p /var/run/postgresql && chown -R postgres:postgres /var/run/postgresql && chmod 3777 /var/run/postgresql
ENV PGDATA /var/lib/postgresql/data
-# this 777 will be replaced by 700 at runtime (allows semi-arbitrary "--user" values)
+# this 1777 will be replaced by 0700 at runtime (allows semi-arbitrary "--user" values)
RUN mkdir -p "$PGDATA" && chown -R postgres:postgres "$PGDATA" && chmod 1777 "$PGDATA"
VOLUME /var/lib/postgresql/data
diff --git a/Dockerfile-debian.template b/Dockerfile-debian.template
index aeca3d8d32..0d897a9af4 100644
--- a/Dockerfile-debian.template
+++ b/Dockerfile-debian.template
@@ -173,11 +173,11 @@ RUN set -eux; \
sed -ri "s!^#?(listen_addresses)\s*=\s*\S+.*!\1 = '*'!" /usr/share/postgresql/postgresql.conf.sample; \
grep -F "listen_addresses = '*'" /usr/share/postgresql/postgresql.conf.sample
-RUN mkdir -p /var/run/postgresql && chown -R postgres:postgres /var/run/postgresql && chmod 2777 /var/run/postgresql
+RUN mkdir -p /var/run/postgresql && chown -R postgres:postgres /var/run/postgresql && chmod 3777 /var/run/postgresql
ENV PGDATA /var/lib/postgresql/data
-# this 777 will be replaced by 700 at runtime (allows semi-arbitrary "--user" values)
-RUN mkdir -p "$PGDATA" && chown -R postgres:postgres "$PGDATA" && chmod 777 "$PGDATA"
+# this 1777 will be replaced by 0700 at runtime (allows semi-arbitrary "--user" values)
+RUN mkdir -p "$PGDATA" && chown -R postgres:postgres "$PGDATA" && chmod 1777 "$PGDATA"
VOLUME /var/lib/postgresql/data
COPY docker-entrypoint.sh /usr/local/bin/
From 55e45ba6bb06af775f14515e76c0e8906fa0035d Mon Sep 17 00:00:00 2001
From: Lukas Fittl <lukas@fittl.com>
Date: Thu, 7 Dec 2023 13:17:35 -0800
Subject: [PATCH 035/115] Debian images: Use locale-gen instead of localdef
The use of manually calling localdef caused any future update to the
locales package to remove the manually installed locales, since
locale-gen takes precendence. This would usually be encountered when
a downstream Dockerfile added additional packages, and as a side effect
caused an upgrade to the locales package.
Fix by relying on the /etc/locale.gen file, which is the official place
to specify which locales should be installed.
Fixes #1112
---
11/bookworm/Dockerfile | 3 ++-
11/bullseye/Dockerfile | 3 ++-
12/bookworm/Dockerfile | 3 ++-
12/bullseye/Dockerfile | 3 ++-
13/bookworm/Dockerfile | 3 ++-
13/bullseye/Dockerfile | 3 ++-
14/bookworm/Dockerfile | 3 ++-
14/bullseye/Dockerfile | 3 ++-
15/bookworm/Dockerfile | 3 ++-
15/bullseye/Dockerfile | 3 ++-
16/bookworm/Dockerfile | 3 ++-
16/bullseye/Dockerfile | 3 ++-
Dockerfile-debian.template | 3 ++-
13 files changed, 26 insertions(+), 13 deletions(-)
diff --git a/11/bookworm/Dockerfile b/11/bookworm/Dockerfile
index 69f863bef2..b0b53d519b 100644
--- a/11/bookworm/Dockerfile
+++ b/11/bookworm/Dockerfile
@@ -55,7 +55,8 @@ RUN set -eux; \
! grep -q '/usr/share/locale' /etc/dpkg/dpkg.cfg.d/docker; \
fi; \
apt-get update; apt-get install -y --no-install-recommends locales; rm -rf /var/lib/apt/lists/*; \
- localedef -i en_US -c -f UTF-8 -A /usr/share/locale/locale.alias en_US.UTF-8
+ echo en_US.UTF-8 UTF-8 >> /etc/locale.gen; \
+ locale-gen
ENV LANG en_US.utf8
RUN set -eux; \
diff --git a/11/bullseye/Dockerfile b/11/bullseye/Dockerfile
index f7bb865651..0de7a2e8b9 100644
--- a/11/bullseye/Dockerfile
+++ b/11/bullseye/Dockerfile
@@ -55,7 +55,8 @@ RUN set -eux; \
! grep -q '/usr/share/locale' /etc/dpkg/dpkg.cfg.d/docker; \
fi; \
apt-get update; apt-get install -y --no-install-recommends locales; rm -rf /var/lib/apt/lists/*; \
- localedef -i en_US -c -f UTF-8 -A /usr/share/locale/locale.alias en_US.UTF-8
+ echo en_US.UTF-8 UTF-8 >> /etc/locale.gen; \
+ locale-gen
ENV LANG en_US.utf8
RUN set -eux; \
diff --git a/12/bookworm/Dockerfile b/12/bookworm/Dockerfile
index 4203c226e1..376ea147a0 100644
--- a/12/bookworm/Dockerfile
+++ b/12/bookworm/Dockerfile
@@ -55,7 +55,8 @@ RUN set -eux; \
! grep -q '/usr/share/locale' /etc/dpkg/dpkg.cfg.d/docker; \
fi; \
apt-get update; apt-get install -y --no-install-recommends locales; rm -rf /var/lib/apt/lists/*; \
- localedef -i en_US -c -f UTF-8 -A /usr/share/locale/locale.alias en_US.UTF-8
+ echo en_US.UTF-8 UTF-8 >> /etc/locale.gen; \
+ locale-gen
ENV LANG en_US.utf8
RUN set -eux; \
diff --git a/12/bullseye/Dockerfile b/12/bullseye/Dockerfile
index ad25a552ad..354ee5e25c 100644
--- a/12/bullseye/Dockerfile
+++ b/12/bullseye/Dockerfile
@@ -55,7 +55,8 @@ RUN set -eux; \
! grep -q '/usr/share/locale' /etc/dpkg/dpkg.cfg.d/docker; \
fi; \
apt-get update; apt-get install -y --no-install-recommends locales; rm -rf /var/lib/apt/lists/*; \
- localedef -i en_US -c -f UTF-8 -A /usr/share/locale/locale.alias en_US.UTF-8
+ echo en_US.UTF-8 UTF-8 >> /etc/locale.gen; \
+ locale-gen
ENV LANG en_US.utf8
RUN set -eux; \
diff --git a/13/bookworm/Dockerfile b/13/bookworm/Dockerfile
index 9b1dab9be8..c37ad7fc5f 100644
--- a/13/bookworm/Dockerfile
+++ b/13/bookworm/Dockerfile
@@ -55,7 +55,8 @@ RUN set -eux; \
! grep -q '/usr/share/locale' /etc/dpkg/dpkg.cfg.d/docker; \
fi; \
apt-get update; apt-get install -y --no-install-recommends locales; rm -rf /var/lib/apt/lists/*; \
- localedef -i en_US -c -f UTF-8 -A /usr/share/locale/locale.alias en_US.UTF-8
+ echo en_US.UTF-8 UTF-8 >> /etc/locale.gen; \
+ locale-gen
ENV LANG en_US.utf8
RUN set -eux; \
diff --git a/13/bullseye/Dockerfile b/13/bullseye/Dockerfile
index be787cf111..83f6d9fd84 100644
--- a/13/bullseye/Dockerfile
+++ b/13/bullseye/Dockerfile
@@ -55,7 +55,8 @@ RUN set -eux; \
! grep -q '/usr/share/locale' /etc/dpkg/dpkg.cfg.d/docker; \
fi; \
apt-get update; apt-get install -y --no-install-recommends locales; rm -rf /var/lib/apt/lists/*; \
- localedef -i en_US -c -f UTF-8 -A /usr/share/locale/locale.alias en_US.UTF-8
+ echo en_US.UTF-8 UTF-8 >> /etc/locale.gen; \
+ locale-gen
ENV LANG en_US.utf8
RUN set -eux; \
diff --git a/14/bookworm/Dockerfile b/14/bookworm/Dockerfile
index 36a84c8abf..1eb9c3eeb9 100644
--- a/14/bookworm/Dockerfile
+++ b/14/bookworm/Dockerfile
@@ -55,7 +55,8 @@ RUN set -eux; \
! grep -q '/usr/share/locale' /etc/dpkg/dpkg.cfg.d/docker; \
fi; \
apt-get update; apt-get install -y --no-install-recommends locales; rm -rf /var/lib/apt/lists/*; \
- localedef -i en_US -c -f UTF-8 -A /usr/share/locale/locale.alias en_US.UTF-8
+ echo en_US.UTF-8 UTF-8 >> /etc/locale.gen; \
+ locale-gen
ENV LANG en_US.utf8
RUN set -eux; \
diff --git a/14/bullseye/Dockerfile b/14/bullseye/Dockerfile
index 798ca635eb..401e823764 100644
--- a/14/bullseye/Dockerfile
+++ b/14/bullseye/Dockerfile
@@ -55,7 +55,8 @@ RUN set -eux; \
! grep -q '/usr/share/locale' /etc/dpkg/dpkg.cfg.d/docker; \
fi; \
apt-get update; apt-get install -y --no-install-recommends locales; rm -rf /var/lib/apt/lists/*; \
- localedef -i en_US -c -f UTF-8 -A /usr/share/locale/locale.alias en_US.UTF-8
+ echo en_US.UTF-8 UTF-8 >> /etc/locale.gen; \
+ locale-gen
ENV LANG en_US.utf8
RUN set -eux; \
diff --git a/15/bookworm/Dockerfile b/15/bookworm/Dockerfile
index 3f9eff6e8e..60741cddbd 100644
--- a/15/bookworm/Dockerfile
+++ b/15/bookworm/Dockerfile
@@ -55,7 +55,8 @@ RUN set -eux; \
! grep -q '/usr/share/locale' /etc/dpkg/dpkg.cfg.d/docker; \
fi; \
apt-get update; apt-get install -y --no-install-recommends locales; rm -rf /var/lib/apt/lists/*; \
- localedef -i en_US -c -f UTF-8 -A /usr/share/locale/locale.alias en_US.UTF-8
+ echo en_US.UTF-8 UTF-8 >> /etc/locale.gen; \
+ locale-gen
ENV LANG en_US.utf8
RUN set -eux; \
diff --git a/15/bullseye/Dockerfile b/15/bullseye/Dockerfile
index f93842e4b2..1b5ca69a65 100644
--- a/15/bullseye/Dockerfile
+++ b/15/bullseye/Dockerfile
@@ -55,7 +55,8 @@ RUN set -eux; \
! grep -q '/usr/share/locale' /etc/dpkg/dpkg.cfg.d/docker; \
fi; \
apt-get update; apt-get install -y --no-install-recommends locales; rm -rf /var/lib/apt/lists/*; \
- localedef -i en_US -c -f UTF-8 -A /usr/share/locale/locale.alias en_US.UTF-8
+ echo en_US.UTF-8 UTF-8 >> /etc/locale.gen; \
+ locale-gen
ENV LANG en_US.utf8
RUN set -eux; \
diff --git a/16/bookworm/Dockerfile b/16/bookworm/Dockerfile
index 55e6934a4a..359a948d40 100644
--- a/16/bookworm/Dockerfile
+++ b/16/bookworm/Dockerfile
@@ -55,7 +55,8 @@ RUN set -eux; \
! grep -q '/usr/share/locale' /etc/dpkg/dpkg.cfg.d/docker; \
fi; \
apt-get update; apt-get install -y --no-install-recommends locales; rm -rf /var/lib/apt/lists/*; \
- localedef -i en_US -c -f UTF-8 -A /usr/share/locale/locale.alias en_US.UTF-8
+ echo en_US.UTF-8 UTF-8 >> /etc/locale.gen; \
+ locale-gen
ENV LANG en_US.utf8
RUN set -eux; \
diff --git a/16/bullseye/Dockerfile b/16/bullseye/Dockerfile
index 3d650c2b79..a906a74505 100644
--- a/16/bullseye/Dockerfile
+++ b/16/bullseye/Dockerfile
@@ -55,7 +55,8 @@ RUN set -eux; \
! grep -q '/usr/share/locale' /etc/dpkg/dpkg.cfg.d/docker; \
fi; \
apt-get update; apt-get install -y --no-install-recommends locales; rm -rf /var/lib/apt/lists/*; \
- localedef -i en_US -c -f UTF-8 -A /usr/share/locale/locale.alias en_US.UTF-8
+ echo en_US.UTF-8 UTF-8 >> /etc/locale.gen; \
+ locale-gen
ENV LANG en_US.utf8
RUN set -eux; \
diff --git a/Dockerfile-debian.template b/Dockerfile-debian.template
index 0d897a9af4..1dced5e469 100644
--- a/Dockerfile-debian.template
+++ b/Dockerfile-debian.template
@@ -49,7 +49,8 @@ RUN set -eux; \
! grep -q '/usr/share/locale' /etc/dpkg/dpkg.cfg.d/docker; \
fi; \
apt-get update; apt-get install -y --no-install-recommends locales; rm -rf /var/lib/apt/lists/*; \
- localedef -i en_US -c -f UTF-8 -A /usr/share/locale/locale.alias en_US.UTF-8
+ echo en_US.UTF-8 UTF-8 >> /etc/locale.gen; \
+ locale-gen
ENV LANG en_US.utf8
RUN set -eux; \
From a42b68455866552c2ad2fc9a8e18d46b50712139 Mon Sep 17 00:00:00 2001
From: Lukas Fittl <lukas@fittl.com>
Date: Thu, 7 Dec 2023 14:37:56 -0800
Subject: [PATCH 036/115] Debian packages: Add explicit check for locale-gen
creating locales
In case Debian changes the logic of how locale-gen works, this will flag
it early during the build process.
---
11/bookworm/Dockerfile | 5 +++--
11/bullseye/Dockerfile | 5 +++--
12/bookworm/Dockerfile | 5 +++--
12/bullseye/Dockerfile | 5 +++--
13/bookworm/Dockerfile | 5 +++--
13/bullseye/Dockerfile | 5 +++--
14/bookworm/Dockerfile | 5 +++--
14/bullseye/Dockerfile | 5 +++--
15/bookworm/Dockerfile | 5 +++--
15/bullseye/Dockerfile | 5 +++--
16/bookworm/Dockerfile | 5 +++--
16/bullseye/Dockerfile | 5 +++--
Dockerfile-debian.template | 5 +++--
13 files changed, 39 insertions(+), 26 deletions(-)
diff --git a/11/bookworm/Dockerfile b/11/bookworm/Dockerfile
index b0b53d519b..4406b7a246 100644
--- a/11/bookworm/Dockerfile
+++ b/11/bookworm/Dockerfile
@@ -55,8 +55,9 @@ RUN set -eux; \
! grep -q '/usr/share/locale' /etc/dpkg/dpkg.cfg.d/docker; \
fi; \
apt-get update; apt-get install -y --no-install-recommends locales; rm -rf /var/lib/apt/lists/*; \
- echo en_US.UTF-8 UTF-8 >> /etc/locale.gen; \
- locale-gen
+ echo 'en_US.UTF-8 UTF-8' >> /etc/locale.gen; \
+ locale-gen; \
+ locale -a | grep 'en_US.utf8'
ENV LANG en_US.utf8
RUN set -eux; \
diff --git a/11/bullseye/Dockerfile b/11/bullseye/Dockerfile
index 0de7a2e8b9..ce3e8bb562 100644
--- a/11/bullseye/Dockerfile
+++ b/11/bullseye/Dockerfile
@@ -55,8 +55,9 @@ RUN set -eux; \
! grep -q '/usr/share/locale' /etc/dpkg/dpkg.cfg.d/docker; \
fi; \
apt-get update; apt-get install -y --no-install-recommends locales; rm -rf /var/lib/apt/lists/*; \
- echo en_US.UTF-8 UTF-8 >> /etc/locale.gen; \
- locale-gen
+ echo 'en_US.UTF-8 UTF-8' >> /etc/locale.gen; \
+ locale-gen; \
+ locale -a | grep 'en_US.utf8'
ENV LANG en_US.utf8
RUN set -eux; \
diff --git a/12/bookworm/Dockerfile b/12/bookworm/Dockerfile
index 376ea147a0..165a9666bf 100644
--- a/12/bookworm/Dockerfile
+++ b/12/bookworm/Dockerfile
@@ -55,8 +55,9 @@ RUN set -eux; \
! grep -q '/usr/share/locale' /etc/dpkg/dpkg.cfg.d/docker; \
fi; \
apt-get update; apt-get install -y --no-install-recommends locales; rm -rf /var/lib/apt/lists/*; \
- echo en_US.UTF-8 UTF-8 >> /etc/locale.gen; \
- locale-gen
+ echo 'en_US.UTF-8 UTF-8' >> /etc/locale.gen; \
+ locale-gen; \
+ locale -a | grep 'en_US.utf8'
ENV LANG en_US.utf8
RUN set -eux; \
diff --git a/12/bullseye/Dockerfile b/12/bullseye/Dockerfile
index 354ee5e25c..6a6dd9ee59 100644
--- a/12/bullseye/Dockerfile
+++ b/12/bullseye/Dockerfile
@@ -55,8 +55,9 @@ RUN set -eux; \
! grep -q '/usr/share/locale' /etc/dpkg/dpkg.cfg.d/docker; \
fi; \
apt-get update; apt-get install -y --no-install-recommends locales; rm -rf /var/lib/apt/lists/*; \
- echo en_US.UTF-8 UTF-8 >> /etc/locale.gen; \
- locale-gen
+ echo 'en_US.UTF-8 UTF-8' >> /etc/locale.gen; \
+ locale-gen; \
+ locale -a | grep 'en_US.utf8'
ENV LANG en_US.utf8
RUN set -eux; \
diff --git a/13/bookworm/Dockerfile b/13/bookworm/Dockerfile
index c37ad7fc5f..d97ed4221c 100644
--- a/13/bookworm/Dockerfile
+++ b/13/bookworm/Dockerfile
@@ -55,8 +55,9 @@ RUN set -eux; \
! grep -q '/usr/share/locale' /etc/dpkg/dpkg.cfg.d/docker; \
fi; \
apt-get update; apt-get install -y --no-install-recommends locales; rm -rf /var/lib/apt/lists/*; \
- echo en_US.UTF-8 UTF-8 >> /etc/locale.gen; \
- locale-gen
+ echo 'en_US.UTF-8 UTF-8' >> /etc/locale.gen; \
+ locale-gen; \
+ locale -a | grep 'en_US.utf8'
ENV LANG en_US.utf8
RUN set -eux; \
diff --git a/13/bullseye/Dockerfile b/13/bullseye/Dockerfile
index 83f6d9fd84..d88766fc44 100644
--- a/13/bullseye/Dockerfile
+++ b/13/bullseye/Dockerfile
@@ -55,8 +55,9 @@ RUN set -eux; \
! grep -q '/usr/share/locale' /etc/dpkg/dpkg.cfg.d/docker; \
fi; \
apt-get update; apt-get install -y --no-install-recommends locales; rm -rf /var/lib/apt/lists/*; \
- echo en_US.UTF-8 UTF-8 >> /etc/locale.gen; \
- locale-gen
+ echo 'en_US.UTF-8 UTF-8' >> /etc/locale.gen; \
+ locale-gen; \
+ locale -a | grep 'en_US.utf8'
ENV LANG en_US.utf8
RUN set -eux; \
diff --git a/14/bookworm/Dockerfile b/14/bookworm/Dockerfile
index 1eb9c3eeb9..e99b2427b9 100644
--- a/14/bookworm/Dockerfile
+++ b/14/bookworm/Dockerfile
@@ -55,8 +55,9 @@ RUN set -eux; \
! grep -q '/usr/share/locale' /etc/dpkg/dpkg.cfg.d/docker; \
fi; \
apt-get update; apt-get install -y --no-install-recommends locales; rm -rf /var/lib/apt/lists/*; \
- echo en_US.UTF-8 UTF-8 >> /etc/locale.gen; \
- locale-gen
+ echo 'en_US.UTF-8 UTF-8' >> /etc/locale.gen; \
+ locale-gen; \
+ locale -a | grep 'en_US.utf8'
ENV LANG en_US.utf8
RUN set -eux; \
diff --git a/14/bullseye/Dockerfile b/14/bullseye/Dockerfile
index 401e823764..d8d3461190 100644
--- a/14/bullseye/Dockerfile
+++ b/14/bullseye/Dockerfile
@@ -55,8 +55,9 @@ RUN set -eux; \
! grep -q '/usr/share/locale' /etc/dpkg/dpkg.cfg.d/docker; \
fi; \
apt-get update; apt-get install -y --no-install-recommends locales; rm -rf /var/lib/apt/lists/*; \
- echo en_US.UTF-8 UTF-8 >> /etc/locale.gen; \
- locale-gen
+ echo 'en_US.UTF-8 UTF-8' >> /etc/locale.gen; \
+ locale-gen; \
+ locale -a | grep 'en_US.utf8'
ENV LANG en_US.utf8
RUN set -eux; \
diff --git a/15/bookworm/Dockerfile b/15/bookworm/Dockerfile
index 60741cddbd..e51062e703 100644
--- a/15/bookworm/Dockerfile
+++ b/15/bookworm/Dockerfile
@@ -55,8 +55,9 @@ RUN set -eux; \
! grep -q '/usr/share/locale' /etc/dpkg/dpkg.cfg.d/docker; \
fi; \
apt-get update; apt-get install -y --no-install-recommends locales; rm -rf /var/lib/apt/lists/*; \
- echo en_US.UTF-8 UTF-8 >> /etc/locale.gen; \
- locale-gen
+ echo 'en_US.UTF-8 UTF-8' >> /etc/locale.gen; \
+ locale-gen; \
+ locale -a | grep 'en_US.utf8'
ENV LANG en_US.utf8
RUN set -eux; \
diff --git a/15/bullseye/Dockerfile b/15/bullseye/Dockerfile
index 1b5ca69a65..2bde90139d 100644
--- a/15/bullseye/Dockerfile
+++ b/15/bullseye/Dockerfile
@@ -55,8 +55,9 @@ RUN set -eux; \
! grep -q '/usr/share/locale' /etc/dpkg/dpkg.cfg.d/docker; \
fi; \
apt-get update; apt-get install -y --no-install-recommends locales; rm -rf /var/lib/apt/lists/*; \
- echo en_US.UTF-8 UTF-8 >> /etc/locale.gen; \
- locale-gen
+ echo 'en_US.UTF-8 UTF-8' >> /etc/locale.gen; \
+ locale-gen; \
+ locale -a | grep 'en_US.utf8'
ENV LANG en_US.utf8
RUN set -eux; \
diff --git a/16/bookworm/Dockerfile b/16/bookworm/Dockerfile
index 359a948d40..684c6ee36a 100644
--- a/16/bookworm/Dockerfile
+++ b/16/bookworm/Dockerfile
@@ -55,8 +55,9 @@ RUN set -eux; \
! grep -q '/usr/share/locale' /etc/dpkg/dpkg.cfg.d/docker; \
fi; \
apt-get update; apt-get install -y --no-install-recommends locales; rm -rf /var/lib/apt/lists/*; \
- echo en_US.UTF-8 UTF-8 >> /etc/locale.gen; \
- locale-gen
+ echo 'en_US.UTF-8 UTF-8' >> /etc/locale.gen; \
+ locale-gen; \
+ locale -a | grep 'en_US.utf8'
ENV LANG en_US.utf8
RUN set -eux; \
diff --git a/16/bullseye/Dockerfile b/16/bullseye/Dockerfile
index a906a74505..ecc31fc106 100644
--- a/16/bullseye/Dockerfile
+++ b/16/bullseye/Dockerfile
@@ -55,8 +55,9 @@ RUN set -eux; \
! grep -q '/usr/share/locale' /etc/dpkg/dpkg.cfg.d/docker; \
fi; \
apt-get update; apt-get install -y --no-install-recommends locales; rm -rf /var/lib/apt/lists/*; \
- echo en_US.UTF-8 UTF-8 >> /etc/locale.gen; \
- locale-gen
+ echo 'en_US.UTF-8 UTF-8' >> /etc/locale.gen; \
+ locale-gen; \
+ locale -a | grep 'en_US.utf8'
ENV LANG en_US.utf8
RUN set -eux; \
diff --git a/Dockerfile-debian.template b/Dockerfile-debian.template
index 1dced5e469..3d1884be00 100644
--- a/Dockerfile-debian.template
+++ b/Dockerfile-debian.template
@@ -49,8 +49,9 @@ RUN set -eux; \
! grep -q '/usr/share/locale' /etc/dpkg/dpkg.cfg.d/docker; \
fi; \
apt-get update; apt-get install -y --no-install-recommends locales; rm -rf /var/lib/apt/lists/*; \
- echo en_US.UTF-8 UTF-8 >> /etc/locale.gen; \
- locale-gen
+ echo 'en_US.UTF-8 UTF-8' >> /etc/locale.gen; \
+ locale-gen; \
+ locale -a | grep 'en_US.utf8'
ENV LANG en_US.utf8
RUN set -eux; \
From 25f6ba56f915bb41b2e2def0ed3acc5ae5439f44 Mon Sep 17 00:00:00 2001
From: Earlopain <14981592+Earlopain@users.noreply.github.com>
Date: Fri, 8 Dec 2023 12:47:00 +0100
Subject: [PATCH 037/115] Add alpine 3.19
---
11/{alpine3.17 => alpine3.19}/Dockerfile | 4 +--
.../docker-entrypoint.sh | 0
12/{alpine3.17 => alpine3.19}/Dockerfile | 4 +--
.../docker-entrypoint.sh | 0
13/{alpine3.17 => alpine3.19}/Dockerfile | 4 +--
.../docker-entrypoint.sh | 0
14/{alpine3.17 => alpine3.19}/Dockerfile | 4 +--
.../docker-entrypoint.sh | 0
15/{alpine3.17 => alpine3.19}/Dockerfile | 4 +--
.../docker-entrypoint.sh | 0
16/{alpine3.17 => alpine3.19}/Dockerfile | 4 +--
.../docker-entrypoint.sh | 0
versions.json | 36 +++++++++----------
versions.sh | 2 +-
14 files changed, 31 insertions(+), 31 deletions(-)
rename 11/{alpine3.17 => alpine3.19}/Dockerfile (98%)
rename 11/{alpine3.17 => alpine3.19}/docker-entrypoint.sh (100%)
rename 12/{alpine3.17 => alpine3.19}/Dockerfile (98%)
rename 12/{alpine3.17 => alpine3.19}/docker-entrypoint.sh (100%)
rename 13/{alpine3.17 => alpine3.19}/Dockerfile (98%)
rename 13/{alpine3.17 => alpine3.19}/docker-entrypoint.sh (100%)
rename 14/{alpine3.17 => alpine3.19}/Dockerfile (98%)
rename 14/{alpine3.17 => alpine3.19}/docker-entrypoint.sh (100%)
rename 15/{alpine3.17 => alpine3.19}/Dockerfile (99%)
rename 15/{alpine3.17 => alpine3.19}/docker-entrypoint.sh (100%)
rename 16/{alpine3.17 => alpine3.19}/Dockerfile (99%)
rename 16/{alpine3.17 => alpine3.19}/docker-entrypoint.sh (100%)
diff --git a/11/alpine3.17/Dockerfile b/11/alpine3.19/Dockerfile
similarity index 98%
rename from 11/alpine3.17/Dockerfile
rename to 11/alpine3.19/Dockerfile
index 6675a1cb21..a76eb7be7e 100644
--- a/11/alpine3.17/Dockerfile
+++ b/11/alpine3.19/Dockerfile
@@ -5,7 +5,7 @@
#
-FROM alpine:3.17
+FROM alpine:3.19
# 70 is the standard uid/gid for "postgres" in Alpine
# https://git.alpinelinux.org/aports/tree/main/postgresql/postgresql.pre-install?h=3.12-stable
@@ -152,7 +152,7 @@ RUN set -eux; \
/usr/local/share/doc \
/usr/local/share/man \
; \
- echo '{"spdxVersion":"SPDX-2.3","SPDXID":"SPDXRef-DOCUMENT","name":"postgres-sbom","packages":[{"name":"postgres","versionInfo":"11.22","SPDXID":"SPDXRef-Package--postgres","externalRefs":[{"referenceCategory":"PACKAGE-MANAGER","referenceType":"purl","referenceLocator":"pkg:generic/postgres@11.22?os_name=alpine&os_version=3.17"}],"licenseDeclared":"PostgreSQL"}]}' > /usr/local/postgres.spdx.json \
+ echo '{"spdxVersion":"SPDX-2.3","SPDXID":"SPDXRef-DOCUMENT","name":"postgres-sbom","packages":[{"name":"postgres","versionInfo":"11.22","SPDXID":"SPDXRef-Package--postgres","externalRefs":[{"referenceCategory":"PACKAGE-MANAGER","referenceType":"purl","referenceLocator":"pkg:generic/postgres@11.22?os_name=alpine&os_version=3.19"}],"licenseDeclared":"PostgreSQL"}]}' > /usr/local/postgres.spdx.json \
; \
postgres --version
diff --git a/11/alpine3.17/docker-entrypoint.sh b/11/alpine3.19/docker-entrypoint.sh
similarity index 100%
rename from 11/alpine3.17/docker-entrypoint.sh
rename to 11/alpine3.19/docker-entrypoint.sh
diff --git a/12/alpine3.17/Dockerfile b/12/alpine3.19/Dockerfile
similarity index 98%
rename from 12/alpine3.17/Dockerfile
rename to 12/alpine3.19/Dockerfile
index f7f9284cbf..6f3347c0ff 100644
--- a/12/alpine3.17/Dockerfile
+++ b/12/alpine3.19/Dockerfile
@@ -5,7 +5,7 @@
#
-FROM alpine:3.17
+FROM alpine:3.19
# 70 is the standard uid/gid for "postgres" in Alpine
# https://git.alpinelinux.org/aports/tree/main/postgresql/postgresql.pre-install?h=3.12-stable
@@ -152,7 +152,7 @@ RUN set -eux; \
/usr/local/share/doc \
/usr/local/share/man \
; \
- echo '{"spdxVersion":"SPDX-2.3","SPDXID":"SPDXRef-DOCUMENT","name":"postgres-sbom","packages":[{"name":"postgres","versionInfo":"12.17","SPDXID":"SPDXRef-Package--postgres","externalRefs":[{"referenceCategory":"PACKAGE-MANAGER","referenceType":"purl","referenceLocator":"pkg:generic/postgres@12.17?os_name=alpine&os_version=3.17"}],"licenseDeclared":"PostgreSQL"}]}' > /usr/local/postgres.spdx.json \
+ echo '{"spdxVersion":"SPDX-2.3","SPDXID":"SPDXRef-DOCUMENT","name":"postgres-sbom","packages":[{"name":"postgres","versionInfo":"12.17","SPDXID":"SPDXRef-Package--postgres","externalRefs":[{"referenceCategory":"PACKAGE-MANAGER","referenceType":"purl","referenceLocator":"pkg:generic/postgres@12.17?os_name=alpine&os_version=3.19"}],"licenseDeclared":"PostgreSQL"}]}' > /usr/local/postgres.spdx.json \
; \
postgres --version
diff --git a/12/alpine3.17/docker-entrypoint.sh b/12/alpine3.19/docker-entrypoint.sh
similarity index 100%
rename from 12/alpine3.17/docker-entrypoint.sh
rename to 12/alpine3.19/docker-entrypoint.sh
diff --git a/13/alpine3.17/Dockerfile b/13/alpine3.19/Dockerfile
similarity index 98%
rename from 13/alpine3.17/Dockerfile
rename to 13/alpine3.19/Dockerfile
index ab7ceab4b1..e82d1b9db4 100644
--- a/13/alpine3.17/Dockerfile
+++ b/13/alpine3.19/Dockerfile
@@ -5,7 +5,7 @@
#
-FROM alpine:3.17
+FROM alpine:3.19
# 70 is the standard uid/gid for "postgres" in Alpine
# https://git.alpinelinux.org/aports/tree/main/postgresql/postgresql.pre-install?h=3.12-stable
@@ -152,7 +152,7 @@ RUN set -eux; \
/usr/local/share/doc \
/usr/local/share/man \
; \
- echo '{"spdxVersion":"SPDX-2.3","SPDXID":"SPDXRef-DOCUMENT","name":"postgres-sbom","packages":[{"name":"postgres","versionInfo":"13.13","SPDXID":"SPDXRef-Package--postgres","externalRefs":[{"referenceCategory":"PACKAGE-MANAGER","referenceType":"purl","referenceLocator":"pkg:generic/postgres@13.13?os_name=alpine&os_version=3.17"}],"licenseDeclared":"PostgreSQL"}]}' > /usr/local/postgres.spdx.json \
+ echo '{"spdxVersion":"SPDX-2.3","SPDXID":"SPDXRef-DOCUMENT","name":"postgres-sbom","packages":[{"name":"postgres","versionInfo":"13.13","SPDXID":"SPDXRef-Package--postgres","externalRefs":[{"referenceCategory":"PACKAGE-MANAGER","referenceType":"purl","referenceLocator":"pkg:generic/postgres@13.13?os_name=alpine&os_version=3.19"}],"licenseDeclared":"PostgreSQL"}]}' > /usr/local/postgres.spdx.json \
; \
postgres --version
diff --git a/13/alpine3.17/docker-entrypoint.sh b/13/alpine3.19/docker-entrypoint.sh
similarity index 100%
rename from 13/alpine3.17/docker-entrypoint.sh
rename to 13/alpine3.19/docker-entrypoint.sh
diff --git a/14/alpine3.17/Dockerfile b/14/alpine3.19/Dockerfile
similarity index 98%
rename from 14/alpine3.17/Dockerfile
rename to 14/alpine3.19/Dockerfile
index 4283c5f1b0..20ac720b77 100644
--- a/14/alpine3.17/Dockerfile
+++ b/14/alpine3.19/Dockerfile
@@ -5,7 +5,7 @@
#
-FROM alpine:3.17
+FROM alpine:3.19
# 70 is the standard uid/gid for "postgres" in Alpine
# https://git.alpinelinux.org/aports/tree/main/postgresql/postgresql.pre-install?h=3.12-stable
@@ -155,7 +155,7 @@ RUN set -eux; \
/usr/local/share/doc \
/usr/local/share/man \
; \
- echo '{"spdxVersion":"SPDX-2.3","SPDXID":"SPDXRef-DOCUMENT","name":"postgres-sbom","packages":[{"name":"postgres","versionInfo":"14.10","SPDXID":"SPDXRef-Package--postgres","externalRefs":[{"referenceCategory":"PACKAGE-MANAGER","referenceType":"purl","referenceLocator":"pkg:generic/postgres@14.10?os_name=alpine&os_version=3.17"}],"licenseDeclared":"PostgreSQL"}]}' > /usr/local/postgres.spdx.json \
+ echo '{"spdxVersion":"SPDX-2.3","SPDXID":"SPDXRef-DOCUMENT","name":"postgres-sbom","packages":[{"name":"postgres","versionInfo":"14.10","SPDXID":"SPDXRef-Package--postgres","externalRefs":[{"referenceCategory":"PACKAGE-MANAGER","referenceType":"purl","referenceLocator":"pkg:generic/postgres@14.10?os_name=alpine&os_version=3.19"}],"licenseDeclared":"PostgreSQL"}]}' > /usr/local/postgres.spdx.json \
; \
postgres --version
diff --git a/14/alpine3.17/docker-entrypoint.sh b/14/alpine3.19/docker-entrypoint.sh
similarity index 100%
rename from 14/alpine3.17/docker-entrypoint.sh
rename to 14/alpine3.19/docker-entrypoint.sh
diff --git a/15/alpine3.17/Dockerfile b/15/alpine3.19/Dockerfile
similarity index 99%
rename from 15/alpine3.17/Dockerfile
rename to 15/alpine3.19/Dockerfile
index 324f745d35..d419a42cae 100644
--- a/15/alpine3.17/Dockerfile
+++ b/15/alpine3.19/Dockerfile
@@ -5,7 +5,7 @@
#
-FROM alpine:3.17
+FROM alpine:3.19
# 70 is the standard uid/gid for "postgres" in Alpine
# https://git.alpinelinux.org/aports/tree/main/postgresql/postgresql.pre-install?h=3.12-stable
@@ -158,7 +158,7 @@ RUN set -eux; \
/usr/local/share/doc \
/usr/local/share/man \
; \
- echo '{"spdxVersion":"SPDX-2.3","SPDXID":"SPDXRef-DOCUMENT","name":"postgres-sbom","packages":[{"name":"postgres","versionInfo":"15.5","SPDXID":"SPDXRef-Package--postgres","externalRefs":[{"referenceCategory":"PACKAGE-MANAGER","referenceType":"purl","referenceLocator":"pkg:generic/postgres@15.5?os_name=alpine&os_version=3.17"}],"licenseDeclared":"PostgreSQL"}]}' > /usr/local/postgres.spdx.json \
+ echo '{"spdxVersion":"SPDX-2.3","SPDXID":"SPDXRef-DOCUMENT","name":"postgres-sbom","packages":[{"name":"postgres","versionInfo":"15.5","SPDXID":"SPDXRef-Package--postgres","externalRefs":[{"referenceCategory":"PACKAGE-MANAGER","referenceType":"purl","referenceLocator":"pkg:generic/postgres@15.5?os_name=alpine&os_version=3.19"}],"licenseDeclared":"PostgreSQL"}]}' > /usr/local/postgres.spdx.json \
; \
postgres --version
diff --git a/15/alpine3.17/docker-entrypoint.sh b/15/alpine3.19/docker-entrypoint.sh
similarity index 100%
rename from 15/alpine3.17/docker-entrypoint.sh
rename to 15/alpine3.19/docker-entrypoint.sh
diff --git a/16/alpine3.17/Dockerfile b/16/alpine3.19/Dockerfile
similarity index 99%
rename from 16/alpine3.17/Dockerfile
rename to 16/alpine3.19/Dockerfile
index ef93501447..0f98b442c0 100644
--- a/16/alpine3.17/Dockerfile
+++ b/16/alpine3.19/Dockerfile
@@ -5,7 +5,7 @@
#
-FROM alpine:3.17
+FROM alpine:3.19
# 70 is the standard uid/gid for "postgres" in Alpine
# https://git.alpinelinux.org/aports/tree/main/postgresql/postgresql.pre-install?h=3.12-stable
@@ -157,7 +157,7 @@ RUN set -eux; \
/usr/local/share/doc \
/usr/local/share/man \
; \
- echo '{"spdxVersion":"SPDX-2.3","SPDXID":"SPDXRef-DOCUMENT","name":"postgres-sbom","packages":[{"name":"postgres","versionInfo":"16.1","SPDXID":"SPDXRef-Package--postgres","externalRefs":[{"referenceCategory":"PACKAGE-MANAGER","referenceType":"purl","referenceLocator":"pkg:generic/postgres@16.1?os_name=alpine&os_version=3.17"}],"licenseDeclared":"PostgreSQL"}]}' > /usr/local/postgres.spdx.json \
+ echo '{"spdxVersion":"SPDX-2.3","SPDXID":"SPDXRef-DOCUMENT","name":"postgres-sbom","packages":[{"name":"postgres","versionInfo":"16.1","SPDXID":"SPDXRef-Package--postgres","externalRefs":[{"referenceCategory":"PACKAGE-MANAGER","referenceType":"purl","referenceLocator":"pkg:generic/postgres@16.1?os_name=alpine&os_version=3.19"}],"licenseDeclared":"PostgreSQL"}]}' > /usr/local/postgres.spdx.json \
; \
postgres --version
diff --git a/16/alpine3.17/docker-entrypoint.sh b/16/alpine3.19/docker-entrypoint.sh
similarity index 100%
rename from 16/alpine3.17/docker-entrypoint.sh
rename to 16/alpine3.19/docker-entrypoint.sh
diff --git a/versions.json b/versions.json
index f4acc7ebf5..cb4d0f2acd 100644
--- a/versions.json
+++ b/versions.json
@@ -1,6 +1,6 @@
{
"11": {
- "alpine": "3.18",
+ "alpine": "3.19",
"bookworm": {
"arches": [
"amd64",
@@ -25,13 +25,13 @@
"variants": [
"bookworm",
"bullseye",
- "alpine3.18",
- "alpine3.17"
+ "alpine3.19",
+ "alpine3.18"
],
"version": "11.22"
},
"12": {
- "alpine": "3.18",
+ "alpine": "3.19",
"bookworm": {
"arches": [
"amd64",
@@ -56,13 +56,13 @@
"variants": [
"bookworm",
"bullseye",
- "alpine3.18",
- "alpine3.17"
+ "alpine3.19",
+ "alpine3.18"
],
"version": "12.17"
},
"13": {
- "alpine": "3.18",
+ "alpine": "3.19",
"bookworm": {
"arches": [
"amd64",
@@ -87,13 +87,13 @@
"variants": [
"bookworm",
"bullseye",
- "alpine3.18",
- "alpine3.17"
+ "alpine3.19",
+ "alpine3.18"
],
"version": "13.13"
},
"14": {
- "alpine": "3.18",
+ "alpine": "3.19",
"bookworm": {
"arches": [
"amd64",
@@ -118,13 +118,13 @@
"variants": [
"bookworm",
"bullseye",
- "alpine3.18",
- "alpine3.17"
+ "alpine3.19",
+ "alpine3.18"
],
"version": "14.10"
},
"15": {
- "alpine": "3.18",
+ "alpine": "3.19",
"bookworm": {
"arches": [
"amd64",
@@ -149,13 +149,13 @@
"variants": [
"bookworm",
"bullseye",
- "alpine3.18",
- "alpine3.17"
+ "alpine3.19",
+ "alpine3.18"
],
"version": "15.5"
},
"16": {
- "alpine": "3.18",
+ "alpine": "3.19",
"bookworm": {
"arches": [
"amd64",
@@ -180,8 +180,8 @@
"variants": [
"bookworm",
"bullseye",
- "alpine3.18",
- "alpine3.17"
+ "alpine3.19",
+ "alpine3.18"
],
"version": "16.1"
}
diff --git a/versions.sh b/versions.sh
index 7c044441b7..50285beefb 100755
--- a/versions.sh
+++ b/versions.sh
@@ -7,8 +7,8 @@ supportedDebianSuites=(
bullseye
)
supportedAlpineVersions=(
+ 3.19
3.18
- 3.17
)
defaultDebianSuite="${supportedDebianSuites[0]}"
declare -A debianSuites=(
From 3e5f87d0d0e13cad06ae7cdd07399baa5ece2d5f Mon Sep 17 00:00:00 2001
From: Joseph Ferguson <yosifkit@gmail.com>
Date: Fri, 8 Dec 2023 17:02:44 -0800
Subject: [PATCH 038/115] Remove PostgreSQL 11 since it is end of life
https://www.postgresql.org/support/versioning/
---
11/alpine3.18/Dockerfile | 206 -----------------
11/alpine3.18/docker-entrypoint.sh | 351 -----------------------------
11/alpine3.19/Dockerfile | 206 -----------------
11/alpine3.19/docker-entrypoint.sh | 351 -----------------------------
11/bookworm/Dockerfile | 221 ------------------
11/bookworm/docker-entrypoint.sh | 351 -----------------------------
11/bullseye/Dockerfile | 221 ------------------
11/bullseye/docker-entrypoint.sh | 351 -----------------------------
versions.json | 31 ---
versions.sh | 3 +-
10 files changed, 1 insertion(+), 2291 deletions(-)
delete mode 100644 11/alpine3.18/Dockerfile
delete mode 100755 11/alpine3.18/docker-entrypoint.sh
delete mode 100644 11/alpine3.19/Dockerfile
delete mode 100755 11/alpine3.19/docker-entrypoint.sh
delete mode 100644 11/bookworm/Dockerfile
delete mode 100755 11/bookworm/docker-entrypoint.sh
delete mode 100644 11/bullseye/Dockerfile
delete mode 100755 11/bullseye/docker-entrypoint.sh
diff --git a/11/alpine3.18/Dockerfile b/11/alpine3.18/Dockerfile
deleted file mode 100644
index 8e5d701a7d..0000000000
--- a/11/alpine3.18/Dockerfile
+++ /dev/null
@@ -1,206 +0,0 @@
-#
-# NOTE: THIS DOCKERFILE IS GENERATED VIA "apply-templates.sh"
-#
-# PLEASE DO NOT EDIT IT DIRECTLY.
-#
-
-
-FROM alpine:3.18
-
-# 70 is the standard uid/gid for "postgres" in Alpine
-# https://git.alpinelinux.org/aports/tree/main/postgresql/postgresql.pre-install?h=3.12-stable
-RUN set -eux; \
- addgroup -g 70 -S postgres; \
- adduser -u 70 -S -D -G postgres -H -h /var/lib/postgresql -s /bin/sh postgres; \
- mkdir -p /var/lib/postgresql; \
- chown -R postgres:postgres /var/lib/postgresql
-
-# su-exec (gosu-compatible) is installed further down
-
-# make the "en_US.UTF-8" locale so postgres will be utf-8 enabled by default
-# alpine doesn't require explicit locale-file generation
-ENV LANG en_US.utf8
-
-RUN mkdir /docker-entrypoint-initdb.d
-
-ENV PG_MAJOR 11
-ENV PG_VERSION 11.22
-ENV PG_SHA256 2cb7c97d7a0d7278851bbc9c61f467b69c094c72b81740b751108e7892ebe1f0
-
-ENV DOCKER_PG_LLVM_DEPS \
- llvm15-dev \
- clang15
-
-RUN set -eux; \
- \
- wget -O postgresql.tar.bz2 "https://ftp.postgresql.org/pub/source/v$PG_VERSION/postgresql-$PG_VERSION.tar.bz2"; \
- echo "$PG_SHA256 *postgresql.tar.bz2" | sha256sum -c -; \
- mkdir -p /usr/src/postgresql; \
- tar \
- --extract \
- --file postgresql.tar.bz2 \
- --directory /usr/src/postgresql \
- --strip-components 1 \
- ; \
- rm postgresql.tar.bz2; \
- \
- apk add --no-cache --virtual .build-deps \
- $DOCKER_PG_LLVM_DEPS \
- bison \
- coreutils \
- dpkg-dev dpkg \
- flex \
- g++ \
- gcc \
- krb5-dev \
- libc-dev \
- libedit-dev \
- libxml2-dev \
- libxslt-dev \
- linux-headers \
- make \
- openldap-dev \
- openssl-dev \
- perl-dev \
- perl-ipc-run \
- perl-utils \
- python3-dev \
- tcl-dev \
- util-linux-dev \
- zlib-dev \
-# https://www.postgresql.org/docs/10/static/release-10.html#id-1.11.6.9.5.13
- icu-dev \
- ; \
- \
- cd /usr/src/postgresql; \
-# update "DEFAULT_PGSOCKET_DIR" to "/var/run/postgresql" (matching Debian)
-# see https://anonscm.debian.org/git/pkg-postgresql/postgresql.git/tree/debian/patches/51-default-sockets-in-var.patch?id=8b539fcb3e093a521c095e70bdfa76887217b89f
- awk '$1 == "#define" && $2 == "DEFAULT_PGSOCKET_DIR" && $3 == "\"/tmp\"" { $3 = "\"/var/run/postgresql\""; print; next } { print }' src/include/pg_config_manual.h > src/include/pg_config_manual.h.new; \
- grep '/var/run/postgresql' src/include/pg_config_manual.h.new; \
- mv src/include/pg_config_manual.h.new src/include/pg_config_manual.h; \
- gnuArch="$(dpkg-architecture --query DEB_BUILD_GNU_TYPE)"; \
-# explicitly update autoconf config.guess and config.sub so they support more arches/libcs
- wget -O config/config.guess 'https://git.savannah.gnu.org/cgit/config.git/plain/config.guess?id=7d3d27baf8107b630586c962c057e22149653deb'; \
- wget -O config/config.sub 'https://git.savannah.gnu.org/cgit/config.git/plain/config.sub?id=7d3d27baf8107b630586c962c057e22149653deb'; \
- \
-# https://git.alpinelinux.org/aports/tree/community/postgresql12/APKBUILD?h=3.18-stable&id=a470294e6d6ca7059e41c54769b7c3c26ec901d4#n158
- export LLVM_CONFIG="/usr/lib/llvm15/bin/llvm-config"; \
-# https://git.alpinelinux.org/aports/tree/community/postgresql12/APKBUILD?h=3.18-stable&id=a470294e6d6ca7059e41c54769b7c3c26ec901d4#n163
- export CLANG=clang-15; \
- \
-# configure options taken from:
-# https://anonscm.debian.org/cgit/pkg-postgresql/postgresql.git/tree/debian/rules?h=9.5
- ./configure \
- --enable-option-checking=fatal \
- --build="$gnuArch" \
-# "/usr/src/postgresql/src/backend/access/common/tupconvert.c:105: undefined reference to `libintl_gettext'"
-# --enable-nls \
- --enable-integer-datetimes \
- --enable-thread-safety \
- --enable-tap-tests \
-# skip debugging info -- we want tiny size instead
-# --enable-debug \
- --disable-rpath \
- --with-uuid=e2fs \
- --with-gnu-ld \
- --with-pgport=5432 \
- --with-system-tzdata=/usr/share/zoneinfo \
- --prefix=/usr/local \
- --with-includes=/usr/local/include \
- --with-libraries=/usr/local/lib \
- --with-gssapi \
- --with-ldap \
- --with-tcl \
- --with-perl \
- --with-python \
-# --with-pam \
- --with-openssl \
- --with-libxml \
- --with-libxslt \
- --with-icu \
- --with-llvm \
- ; \
- make -j "$(nproc)" world; \
- make install-world; \
- make -C contrib install; \
- \
- runDeps="$( \
- scanelf --needed --nobanner --format '%n#p' --recursive /usr/local \
- | tr ',' '\n' \
- | sort -u \
- | awk 'system("[ -e /usr/local/lib/" $1 " ]") == 0 { next } { print "so:" $1 }' \
-# Remove plperl, plpython and pltcl dependencies by default to save image size
-# To use the pl extensions, those have to be installed in a derived image
- | grep -v -e perl -e python -e tcl \
- )"; \
- apk add --no-cache --virtual .postgresql-rundeps \
- $runDeps \
- bash \
- su-exec \
- tzdata \
- zstd \
-# https://wiki.alpinelinux.org/wiki/Release_Notes_for_Alpine_3.16.0#ICU_data_split
- icu-data-full \
-# nss_wrapper is not availble on ppc64le: "test case segfaults in ppc64le"
-# https://git.alpinelinux.org/aports/commit/testing/nss_wrapper/APKBUILD?h=3.17-stable&id=94d81ceeb58cff448d489bbcbe9a6d40c9991663
- $([ "$(apk --print-arch)" != 'ppc64le' ] && echo 'nss_wrapper') \
- ; \
- apk del --no-network .build-deps; \
- cd /; \
- rm -rf \
- /usr/src/postgresql \
- /usr/local/share/doc \
- /usr/local/share/man \
- ; \
- echo '{"spdxVersion":"SPDX-2.3","SPDXID":"SPDXRef-DOCUMENT","name":"postgres-sbom","packages":[{"name":"postgres","versionInfo":"11.22","SPDXID":"SPDXRef-Package--postgres","externalRefs":[{"referenceCategory":"PACKAGE-MANAGER","referenceType":"purl","referenceLocator":"pkg:generic/postgres@11.22?os_name=alpine&os_version=3.18"}],"licenseDeclared":"PostgreSQL"}]}' > /usr/local/postgres.spdx.json \
- ; \
- postgres --version
-
-# make the sample config easier to munge (and "correct by default")
-RUN set -eux; \
- cp -v /usr/local/share/postgresql/postgresql.conf.sample /usr/local/share/postgresql/postgresql.conf.sample.orig; \
- sed -ri "s!^#?(listen_addresses)\s*=\s*\S+.*!\1 = '*'!" /usr/local/share/postgresql/postgresql.conf.sample; \
- grep -F "listen_addresses = '*'" /usr/local/share/postgresql/postgresql.conf.sample
-
-RUN mkdir -p /var/run/postgresql && chown -R postgres:postgres /var/run/postgresql && chmod 3777 /var/run/postgresql
-
-ENV PGDATA /var/lib/postgresql/data
-# this 1777 will be replaced by 0700 at runtime (allows semi-arbitrary "--user" values)
-RUN mkdir -p "$PGDATA" && chown -R postgres:postgres "$PGDATA" && chmod 1777 "$PGDATA"
-VOLUME /var/lib/postgresql/data
-
-COPY docker-entrypoint.sh /usr/local/bin/
-ENTRYPOINT ["docker-entrypoint.sh"]
-
-# We set the default STOPSIGNAL to SIGINT, which corresponds to what PostgreSQL
-# calls "Fast Shutdown mode" wherein new connections are disallowed and any
-# in-progress transactions are aborted, allowing PostgreSQL to stop cleanly and
-# flush tables to disk, which is the best compromise available to avoid data
-# corruption.
-#
-# Users who know their applications do not keep open long-lived idle connections
-# may way to use a value of SIGTERM instead, which corresponds to "Smart
-# Shutdown mode" in which any existing sessions are allowed to finish and the
-# server stops when all sessions are terminated.
-#
-# See https://www.postgresql.org/docs/12/server-shutdown.html for more details
-# about available PostgreSQL server shutdown signals.
-#
-# See also https://www.postgresql.org/docs/12/server-start.html for further
-# justification of this as the default value, namely that the example (and
-# shipped) systemd service files use the "Fast Shutdown mode" for service
-# termination.
-#
-STOPSIGNAL SIGINT
-#
-# An additional setting that is recommended for all users regardless of this
-# value is the runtime "--stop-timeout" (or your orchestrator/runtime's
-# equivalent) for controlling how long to wait between sending the defined
-# STOPSIGNAL and sending SIGKILL (which is likely to cause data corruption).
-#
-# The default in most runtimes (such as Docker) is 10 seconds, and the
-# documentation at https://www.postgresql.org/docs/12/server-start.html notes
-# that even 90 seconds may not be long enough in many instances.
-
-EXPOSE 5432
-CMD ["postgres"]
diff --git a/11/alpine3.18/docker-entrypoint.sh b/11/alpine3.18/docker-entrypoint.sh
deleted file mode 100755
index a383a36487..0000000000
--- a/11/alpine3.18/docker-entrypoint.sh
+++ /dev/null
@@ -1,351 +0,0 @@
-#!/usr/bin/env bash
-set -Eeo pipefail
-# TODO swap to -Eeuo pipefail above (after handling all potentially-unset variables)
-
-# usage: file_env VAR [DEFAULT]
-# ie: file_env 'XYZ_DB_PASSWORD' 'example'
-# (will allow for "$XYZ_DB_PASSWORD_FILE" to fill in the value of
-# "$XYZ_DB_PASSWORD" from a file, especially for Docker's secrets feature)
-file_env() {
- local var="$1"
- local fileVar="${var}_FILE"
- local def="${2:-}"
- if [ "${!var:-}" ] && [ "${!fileVar:-}" ]; then
- printf >&2 'error: both %s and %s are set (but are exclusive)\n' "$var" "$fileVar"
- exit 1
- fi
- local val="$def"
- if [ "${!var:-}" ]; then
- val="${!var}"
- elif [ "${!fileVar:-}" ]; then
- val="$(< "${!fileVar}")"
- fi
- export "$var"="$val"
- unset "$fileVar"
-}
-
-# check to see if this file is being run or sourced from another script
-_is_sourced() {
- # https://unix.stackexchange.com/a/215279
- [ "${#FUNCNAME[@]}" -ge 2 ] \
- && [ "${FUNCNAME[0]}" = '_is_sourced' ] \
- && [ "${FUNCNAME[1]}" = 'source' ]
-}
-
-# used to create initial postgres directories and if run as root, ensure ownership to the "postgres" user
-docker_create_db_directories() {
- local user; user="$(id -u)"
-
- mkdir -p "$PGDATA"
- # ignore failure since there are cases where we can't chmod (and PostgreSQL might fail later anyhow - it's picky about permissions of this directory)
- chmod 00700 "$PGDATA" || :
-
- # ignore failure since it will be fine when using the image provided directory; see also https://github.com/docker-library/postgres/pull/289
- mkdir -p /var/run/postgresql || :
- chmod 03775 /var/run/postgresql || :
-
- # Create the transaction log directory before initdb is run so the directory is owned by the correct user
- if [ -n "${POSTGRES_INITDB_WALDIR:-}" ]; then
- mkdir -p "$POSTGRES_INITDB_WALDIR"
- if [ "$user" = '0' ]; then
- find "$POSTGRES_INITDB_WALDIR" \! -user postgres -exec chown postgres '{}' +
- fi
- chmod 700 "$POSTGRES_INITDB_WALDIR"
- fi
-
- # allow the container to be started with `--user`
- if [ "$user" = '0' ]; then
- find "$PGDATA" \! -user postgres -exec chown postgres '{}' +
- find /var/run/postgresql \! -user postgres -exec chown postgres '{}' +
- fi
-}
-
-# initialize empty PGDATA directory with new database via 'initdb'
-# arguments to `initdb` can be passed via POSTGRES_INITDB_ARGS or as arguments to this function
-# `initdb` automatically creates the "postgres", "template0", and "template1" dbnames
-# this is also where the database user is created, specified by `POSTGRES_USER` env
-docker_init_database_dir() {
- # "initdb" is particular about the current user existing in "/etc/passwd", so we use "nss_wrapper" to fake that if necessary
- # see https://github.com/docker-library/postgres/pull/253, https://github.com/docker-library/postgres/issues/359, https://cwrap.org/nss_wrapper.html
- local uid; uid="$(id -u)"
- if ! getent passwd "$uid" &> /dev/null; then
- # see if we can find a suitable "libnss_wrapper.so" (https://salsa.debian.org/sssd-team/nss-wrapper/-/commit/b9925a653a54e24d09d9b498a2d913729f7abb15)
- local wrapper
- for wrapper in {/usr,}/lib{/*,}/libnss_wrapper.so; do
- if [ -s "$wrapper" ]; then
- NSS_WRAPPER_PASSWD="$(mktemp)"
- NSS_WRAPPER_GROUP="$(mktemp)"
- export LD_PRELOAD="$wrapper" NSS_WRAPPER_PASSWD NSS_WRAPPER_GROUP
- local gid; gid="$(id -g)"
- printf 'postgres:x:%s:%s:PostgreSQL:%s:/bin/false\n' "$uid" "$gid" "$PGDATA" > "$NSS_WRAPPER_PASSWD"
- printf 'postgres:x:%s:\n' "$gid" > "$NSS_WRAPPER_GROUP"
- break
- fi
- done
- fi
-
- if [ -n "${POSTGRES_INITDB_WALDIR:-}" ]; then
- set -- --waldir "$POSTGRES_INITDB_WALDIR" "$@"
- fi
-
- # --pwfile refuses to handle a properly-empty file (hence the "\n"): https://github.com/docker-library/postgres/issues/1025
- eval 'initdb --username="$POSTGRES_USER" --pwfile=<(printf "%s\n" "$POSTGRES_PASSWORD") '"$POSTGRES_INITDB_ARGS"' "$@"'
-
- # unset/cleanup "nss_wrapper" bits
- if [[ "${LD_PRELOAD:-}" == */libnss_wrapper.so ]]; then
- rm -f "$NSS_WRAPPER_PASSWD" "$NSS_WRAPPER_GROUP"
- unset LD_PRELOAD NSS_WRAPPER_PASSWD NSS_WRAPPER_GROUP
- fi
-}
-
-# print large warning if POSTGRES_PASSWORD is long
-# error if both POSTGRES_PASSWORD is empty and POSTGRES_HOST_AUTH_METHOD is not 'trust'
-# print large warning if POSTGRES_HOST_AUTH_METHOD is set to 'trust'
-# assumes database is not set up, ie: [ -z "$DATABASE_ALREADY_EXISTS" ]
-docker_verify_minimum_env() {
- # check password first so we can output the warning before postgres
- # messes it up
- if [ "${#POSTGRES_PASSWORD}" -ge 100 ]; then
- cat >&2 <<-'EOWARN'
-
- WARNING: The supplied POSTGRES_PASSWORD is 100+ characters.
-
- This will not work if used via PGPASSWORD with "psql".
-
- https://www.postgresql.org/message-id/flat/E1Rqxp2-0004Qt-PL%40wrigleys.postgresql.org (BUG #6412)
- https://github.com/docker-library/postgres/issues/507
-
- EOWARN
- fi
- if [ -z "$POSTGRES_PASSWORD" ] && [ 'trust' != "$POSTGRES_HOST_AUTH_METHOD" ]; then
- # The - option suppresses leading tabs but *not* spaces. :)
- cat >&2 <<-'EOE'
- Error: Database is uninitialized and superuser password is not specified.
- You must specify POSTGRES_PASSWORD to a non-empty value for the
- superuser. For example, "-e POSTGRES_PASSWORD=password" on "docker run".
-
- You may also use "POSTGRES_HOST_AUTH_METHOD=trust" to allow all
- connections without a password. This is *not* recommended.
-
- See PostgreSQL documentation about "trust":
- https://www.postgresql.org/docs/current/auth-trust.html
- EOE
- exit 1
- fi
- if [ 'trust' = "$POSTGRES_HOST_AUTH_METHOD" ]; then
- cat >&2 <<-'EOWARN'
- ********************************************************************************
- WARNING: POSTGRES_HOST_AUTH_METHOD has been set to "trust". This will allow
- anyone with access to the Postgres port to access your database without
- a password, even if POSTGRES_PASSWORD is set. See PostgreSQL
- documentation about "trust":
- https://www.postgresql.org/docs/current/auth-trust.html
- In Docker's default configuration, this is effectively any other
- container on the same system.
-
- It is not recommended to use POSTGRES_HOST_AUTH_METHOD=trust. Replace
- it with "-e POSTGRES_PASSWORD=password" instead to set a password in
- "docker run".
- ********************************************************************************
- EOWARN
- fi
-}
-
-# usage: docker_process_init_files [file [file [...]]]
-# ie: docker_process_init_files /always-initdb.d/*
-# process initializer files, based on file extensions and permissions
-docker_process_init_files() {
- # psql here for backwards compatibility "${psql[@]}"
- psql=( docker_process_sql )
-
- printf '\n'
- local f
- for f; do
- case "$f" in
- *.sh)
- # https://github.com/docker-library/postgres/issues/450#issuecomment-393167936
- # https://github.com/docker-library/postgres/pull/452
- if [ -x "$f" ]; then
- printf '%s: running %s\n' "$0" "$f"
- "$f"
- else
- printf '%s: sourcing %s\n' "$0" "$f"
- . "$f"
- fi
- ;;
- *.sql) printf '%s: running %s\n' "$0" "$f"; docker_process_sql -f "$f"; printf '\n' ;;
- *.sql.gz) printf '%s: running %s\n' "$0" "$f"; gunzip -c "$f" | docker_process_sql; printf '\n' ;;
- *.sql.xz) printf '%s: running %s\n' "$0" "$f"; xzcat "$f" | docker_process_sql; printf '\n' ;;
- *.sql.zst) printf '%s: running %s\n' "$0" "$f"; zstd -dc "$f" | docker_process_sql; printf '\n' ;;
- *) printf '%s: ignoring %s\n' "$0" "$f" ;;
- esac
- printf '\n'
- done
-}
-
-# Execute sql script, passed via stdin (or -f flag of pqsl)
-# usage: docker_process_sql [psql-cli-args]
-# ie: docker_process_sql --dbname=mydb <<<'INSERT ...'
-# ie: docker_process_sql -f my-file.sql
-# ie: docker_process_sql <my-file.sql
-docker_process_sql() {
- local query_runner=( psql -v ON_ERROR_STOP=1 --username "$POSTGRES_USER" --no-password --no-psqlrc )
- if [ -n "$POSTGRES_DB" ]; then
- query_runner+=( --dbname "$POSTGRES_DB" )
- fi
-
- PGHOST= PGHOSTADDR= "${query_runner[@]}" "$@"
-}
-
-# create initial database
-# uses environment variables for input: POSTGRES_DB
-docker_setup_db() {
- local dbAlreadyExists
- dbAlreadyExists="$(
- POSTGRES_DB= docker_process_sql --dbname postgres --set db="$POSTGRES_DB" --tuples-only <<-'EOSQL'
- SELECT 1 FROM pg_database WHERE datname = :'db' ;
- EOSQL
- )"
- if [ -z "$dbAlreadyExists" ]; then
- POSTGRES_DB= docker_process_sql --dbname postgres --set db="$POSTGRES_DB" <<-'EOSQL'
- CREATE DATABASE :"db" ;
- EOSQL
- printf '\n'
- fi
-}
-
-# Loads various settings that are used elsewhere in the script
-# This should be called before any other functions
-docker_setup_env() {
- file_env 'POSTGRES_PASSWORD'
-
- file_env 'POSTGRES_USER' 'postgres'
- file_env 'POSTGRES_DB' "$POSTGRES_USER"
- file_env 'POSTGRES_INITDB_ARGS'
- : "${POSTGRES_HOST_AUTH_METHOD:=}"
-
- declare -g DATABASE_ALREADY_EXISTS
- # look specifically for PG_VERSION, as it is expected in the DB dir
- if [ -s "$PGDATA/PG_VERSION" ]; then
- DATABASE_ALREADY_EXISTS='true'
- fi
-}
-
-# append POSTGRES_HOST_AUTH_METHOD to pg_hba.conf for "host" connections
-# all arguments will be passed along as arguments to `postgres` for getting the value of 'password_encryption'
-pg_setup_hba_conf() {
- # default authentication method is md5 on versions before 14
- # https://www.postgresql.org/about/news/postgresql-14-released-2318/
- if [ "$1" = 'postgres' ]; then
- shift
- fi
- local auth
- # check the default/configured encryption and use that as the auth method
- auth="$(postgres -C password_encryption "$@")"
- : "${POSTGRES_HOST_AUTH_METHOD:=$auth}"
- {
- printf '\n'
- if [ 'trust' = "$POSTGRES_HOST_AUTH_METHOD" ]; then
- printf '# warning trust is enabled for all connections\n'
- printf '# see https://www.postgresql.org/docs/12/auth-trust.html\n'
- fi
- printf 'host all all all %s\n' "$POSTGRES_HOST_AUTH_METHOD"
- } >> "$PGDATA/pg_hba.conf"
-}
-
-# start socket-only postgresql server for setting up or running scripts
-# all arguments will be passed along as arguments to `postgres` (via pg_ctl)
-docker_temp_server_start() {
- if [ "$1" = 'postgres' ]; then
- shift
- fi
-
- # internal start of server in order to allow setup using psql client
- # does not listen on external TCP/IP and waits until start finishes
- set -- "$@" -c listen_addresses='' -p "${PGPORT:-5432}"
-
- PGUSER="${PGUSER:-$POSTGRES_USER}" \
- pg_ctl -D "$PGDATA" \
- -o "$(printf '%q ' "$@")" \
- -w start
-}
-
-# stop postgresql server after done setting up user and running scripts
-docker_temp_server_stop() {
- PGUSER="${PGUSER:-postgres}" \
- pg_ctl -D "$PGDATA" -m fast -w stop
-}
-
-# check arguments for an option that would cause postgres to stop
-# return true if there is one
-_pg_want_help() {
- local arg
- for arg; do
- case "$arg" in
- # postgres --help | grep 'then exit'
- # leaving out -C on purpose since it always fails and is unhelpful:
- # postgres: could not access the server configuration file "/var/lib/postgresql/data/postgresql.conf": No such file or directory
- -'?'|--help|--describe-config|-V|--version)
- return 0
- ;;
- esac
- done
- return 1
-}
-
-_main() {
- # if first arg looks like a flag, assume we want to run postgres server
- if [ "${1:0:1}" = '-' ]; then
- set -- postgres "$@"
- fi
-
- if [ "$1" = 'postgres' ] && ! _pg_want_help "$@"; then
- docker_setup_env
- # setup data directories and permissions (when run as root)
- docker_create_db_directories
- if [ "$(id -u)" = '0' ]; then
- # then restart script as postgres user
- exec su-exec postgres "$BASH_SOURCE" "$@"
- fi
-
- # only run initialization on an empty data directory
- if [ -z "$DATABASE_ALREADY_EXISTS" ]; then
- docker_verify_minimum_env
-
- # check dir permissions to reduce likelihood of half-initialized database
- ls /docker-entrypoint-initdb.d/ > /dev/null
-
- docker_init_database_dir
- pg_setup_hba_conf "$@"
-
- # PGPASSWORD is required for psql when authentication is required for 'local' connections via pg_hba.conf and is otherwise harmless
- # e.g. when '--auth=md5' or '--auth-local=md5' is used in POSTGRES_INITDB_ARGS
- export PGPASSWORD="${PGPASSWORD:-$POSTGRES_PASSWORD}"
- docker_temp_server_start "$@"
-
- docker_setup_db
- docker_process_init_files /docker-entrypoint-initdb.d/*
-
- docker_temp_server_stop
- unset PGPASSWORD
-
- cat <<-'EOM'
-
- PostgreSQL init process complete; ready for start up.
-
- EOM
- else
- cat <<-'EOM'
-
- PostgreSQL Database directory appears to contain a database; Skipping initialization
-
- EOM
- fi
- fi
-
- exec "$@"
-}
-
-if ! _is_sourced; then
- _main "$@"
-fi
diff --git a/11/alpine3.19/Dockerfile b/11/alpine3.19/Dockerfile
deleted file mode 100644
index a76eb7be7e..0000000000
--- a/11/alpine3.19/Dockerfile
+++ /dev/null
@@ -1,206 +0,0 @@
-#
-# NOTE: THIS DOCKERFILE IS GENERATED VIA "apply-templates.sh"
-#
-# PLEASE DO NOT EDIT IT DIRECTLY.
-#
-
-
-FROM alpine:3.19
-
-# 70 is the standard uid/gid for "postgres" in Alpine
-# https://git.alpinelinux.org/aports/tree/main/postgresql/postgresql.pre-install?h=3.12-stable
-RUN set -eux; \
- addgroup -g 70 -S postgres; \
- adduser -u 70 -S -D -G postgres -H -h /var/lib/postgresql -s /bin/sh postgres; \
- mkdir -p /var/lib/postgresql; \
- chown -R postgres:postgres /var/lib/postgresql
-
-# su-exec (gosu-compatible) is installed further down
-
-# make the "en_US.UTF-8" locale so postgres will be utf-8 enabled by default
-# alpine doesn't require explicit locale-file generation
-ENV LANG en_US.utf8
-
-RUN mkdir /docker-entrypoint-initdb.d
-
-ENV PG_MAJOR 11
-ENV PG_VERSION 11.22
-ENV PG_SHA256 2cb7c97d7a0d7278851bbc9c61f467b69c094c72b81740b751108e7892ebe1f0
-
-ENV DOCKER_PG_LLVM_DEPS \
- llvm15-dev \
- clang15
-
-RUN set -eux; \
- \
- wget -O postgresql.tar.bz2 "https://ftp.postgresql.org/pub/source/v$PG_VERSION/postgresql-$PG_VERSION.tar.bz2"; \
- echo "$PG_SHA256 *postgresql.tar.bz2" | sha256sum -c -; \
- mkdir -p /usr/src/postgresql; \
- tar \
- --extract \
- --file postgresql.tar.bz2 \
- --directory /usr/src/postgresql \
- --strip-components 1 \
- ; \
- rm postgresql.tar.bz2; \
- \
- apk add --no-cache --virtual .build-deps \
- $DOCKER_PG_LLVM_DEPS \
- bison \
- coreutils \
- dpkg-dev dpkg \
- flex \
- g++ \
- gcc \
- krb5-dev \
- libc-dev \
- libedit-dev \
- libxml2-dev \
- libxslt-dev \
- linux-headers \
- make \
- openldap-dev \
- openssl-dev \
- perl-dev \
- perl-ipc-run \
- perl-utils \
- python3-dev \
- tcl-dev \
- util-linux-dev \
- zlib-dev \
-# https://www.postgresql.org/docs/10/static/release-10.html#id-1.11.6.9.5.13
- icu-dev \
- ; \
- \
- cd /usr/src/postgresql; \
-# update "DEFAULT_PGSOCKET_DIR" to "/var/run/postgresql" (matching Debian)
-# see https://anonscm.debian.org/git/pkg-postgresql/postgresql.git/tree/debian/patches/51-default-sockets-in-var.patch?id=8b539fcb3e093a521c095e70bdfa76887217b89f
- awk '$1 == "#define" && $2 == "DEFAULT_PGSOCKET_DIR" && $3 == "\"/tmp\"" { $3 = "\"/var/run/postgresql\""; print; next } { print }' src/include/pg_config_manual.h > src/include/pg_config_manual.h.new; \
- grep '/var/run/postgresql' src/include/pg_config_manual.h.new; \
- mv src/include/pg_config_manual.h.new src/include/pg_config_manual.h; \
- gnuArch="$(dpkg-architecture --query DEB_BUILD_GNU_TYPE)"; \
-# explicitly update autoconf config.guess and config.sub so they support more arches/libcs
- wget -O config/config.guess 'https://git.savannah.gnu.org/cgit/config.git/plain/config.guess?id=7d3d27baf8107b630586c962c057e22149653deb'; \
- wget -O config/config.sub 'https://git.savannah.gnu.org/cgit/config.git/plain/config.sub?id=7d3d27baf8107b630586c962c057e22149653deb'; \
- \
-# https://git.alpinelinux.org/aports/tree/community/postgresql12/APKBUILD?h=3.18-stable&id=a470294e6d6ca7059e41c54769b7c3c26ec901d4#n158
- export LLVM_CONFIG="/usr/lib/llvm15/bin/llvm-config"; \
-# https://git.alpinelinux.org/aports/tree/community/postgresql12/APKBUILD?h=3.18-stable&id=a470294e6d6ca7059e41c54769b7c3c26ec901d4#n163
- export CLANG=clang-15; \
- \
-# configure options taken from:
-# https://anonscm.debian.org/cgit/pkg-postgresql/postgresql.git/tree/debian/rules?h=9.5
- ./configure \
- --enable-option-checking=fatal \
- --build="$gnuArch" \
-# "/usr/src/postgresql/src/backend/access/common/tupconvert.c:105: undefined reference to `libintl_gettext'"
-# --enable-nls \
- --enable-integer-datetimes \
- --enable-thread-safety \
- --enable-tap-tests \
-# skip debugging info -- we want tiny size instead
-# --enable-debug \
- --disable-rpath \
- --with-uuid=e2fs \
- --with-gnu-ld \
- --with-pgport=5432 \
- --with-system-tzdata=/usr/share/zoneinfo \
- --prefix=/usr/local \
- --with-includes=/usr/local/include \
- --with-libraries=/usr/local/lib \
- --with-gssapi \
- --with-ldap \
- --with-tcl \
- --with-perl \
- --with-python \
-# --with-pam \
- --with-openssl \
- --with-libxml \
- --with-libxslt \
- --with-icu \
- --with-llvm \
- ; \
- make -j "$(nproc)" world; \
- make install-world; \
- make -C contrib install; \
- \
- runDeps="$( \
- scanelf --needed --nobanner --format '%n#p' --recursive /usr/local \
- | tr ',' '\n' \
- | sort -u \
- | awk 'system("[ -e /usr/local/lib/" $1 " ]") == 0 { next } { print "so:" $1 }' \
-# Remove plperl, plpython and pltcl dependencies by default to save image size
-# To use the pl extensions, those have to be installed in a derived image
- | grep -v -e perl -e python -e tcl \
- )"; \
- apk add --no-cache --virtual .postgresql-rundeps \
- $runDeps \
- bash \
- su-exec \
- tzdata \
- zstd \
-# https://wiki.alpinelinux.org/wiki/Release_Notes_for_Alpine_3.16.0#ICU_data_split
- icu-data-full \
-# nss_wrapper is not availble on ppc64le: "test case segfaults in ppc64le"
-# https://git.alpinelinux.org/aports/commit/testing/nss_wrapper/APKBUILD?h=3.17-stable&id=94d81ceeb58cff448d489bbcbe9a6d40c9991663
- $([ "$(apk --print-arch)" != 'ppc64le' ] && echo 'nss_wrapper') \
- ; \
- apk del --no-network .build-deps; \
- cd /; \
- rm -rf \
- /usr/src/postgresql \
- /usr/local/share/doc \
- /usr/local/share/man \
- ; \
- echo '{"spdxVersion":"SPDX-2.3","SPDXID":"SPDXRef-DOCUMENT","name":"postgres-sbom","packages":[{"name":"postgres","versionInfo":"11.22","SPDXID":"SPDXRef-Package--postgres","externalRefs":[{"referenceCategory":"PACKAGE-MANAGER","referenceType":"purl","referenceLocator":"pkg:generic/postgres@11.22?os_name=alpine&os_version=3.19"}],"licenseDeclared":"PostgreSQL"}]}' > /usr/local/postgres.spdx.json \
- ; \
- postgres --version
-
-# make the sample config easier to munge (and "correct by default")
-RUN set -eux; \
- cp -v /usr/local/share/postgresql/postgresql.conf.sample /usr/local/share/postgresql/postgresql.conf.sample.orig; \
- sed -ri "s!^#?(listen_addresses)\s*=\s*\S+.*!\1 = '*'!" /usr/local/share/postgresql/postgresql.conf.sample; \
- grep -F "listen_addresses = '*'" /usr/local/share/postgresql/postgresql.conf.sample
-
-RUN mkdir -p /var/run/postgresql && chown -R postgres:postgres /var/run/postgresql && chmod 3777 /var/run/postgresql
-
-ENV PGDATA /var/lib/postgresql/data
-# this 1777 will be replaced by 0700 at runtime (allows semi-arbitrary "--user" values)
-RUN mkdir -p "$PGDATA" && chown -R postgres:postgres "$PGDATA" && chmod 1777 "$PGDATA"
-VOLUME /var/lib/postgresql/data
-
-COPY docker-entrypoint.sh /usr/local/bin/
-ENTRYPOINT ["docker-entrypoint.sh"]
-
-# We set the default STOPSIGNAL to SIGINT, which corresponds to what PostgreSQL
-# calls "Fast Shutdown mode" wherein new connections are disallowed and any
-# in-progress transactions are aborted, allowing PostgreSQL to stop cleanly and
-# flush tables to disk, which is the best compromise available to avoid data
-# corruption.
-#
-# Users who know their applications do not keep open long-lived idle connections
-# may way to use a value of SIGTERM instead, which corresponds to "Smart
-# Shutdown mode" in which any existing sessions are allowed to finish and the
-# server stops when all sessions are terminated.
-#
-# See https://www.postgresql.org/docs/12/server-shutdown.html for more details
-# about available PostgreSQL server shutdown signals.
-#
-# See also https://www.postgresql.org/docs/12/server-start.html for further
-# justification of this as the default value, namely that the example (and
-# shipped) systemd service files use the "Fast Shutdown mode" for service
-# termination.
-#
-STOPSIGNAL SIGINT
-#
-# An additional setting that is recommended for all users regardless of this
-# value is the runtime "--stop-timeout" (or your orchestrator/runtime's
-# equivalent) for controlling how long to wait between sending the defined
-# STOPSIGNAL and sending SIGKILL (which is likely to cause data corruption).
-#
-# The default in most runtimes (such as Docker) is 10 seconds, and the
-# documentation at https://www.postgresql.org/docs/12/server-start.html notes
-# that even 90 seconds may not be long enough in many instances.
-
-EXPOSE 5432
-CMD ["postgres"]
diff --git a/11/alpine3.19/docker-entrypoint.sh b/11/alpine3.19/docker-entrypoint.sh
deleted file mode 100755
index a383a36487..0000000000
--- a/11/alpine3.19/docker-entrypoint.sh
+++ /dev/null
@@ -1,351 +0,0 @@
-#!/usr/bin/env bash
-set -Eeo pipefail
-# TODO swap to -Eeuo pipefail above (after handling all potentially-unset variables)
-
-# usage: file_env VAR [DEFAULT]
-# ie: file_env 'XYZ_DB_PASSWORD' 'example'
-# (will allow for "$XYZ_DB_PASSWORD_FILE" to fill in the value of
-# "$XYZ_DB_PASSWORD" from a file, especially for Docker's secrets feature)
-file_env() {
- local var="$1"
- local fileVar="${var}_FILE"
- local def="${2:-}"
- if [ "${!var:-}" ] && [ "${!fileVar:-}" ]; then
- printf >&2 'error: both %s and %s are set (but are exclusive)\n' "$var" "$fileVar"
- exit 1
- fi
- local val="$def"
- if [ "${!var:-}" ]; then
- val="${!var}"
- elif [ "${!fileVar:-}" ]; then
- val="$(< "${!fileVar}")"
- fi
- export "$var"="$val"
- unset "$fileVar"
-}
-
-# check to see if this file is being run or sourced from another script
-_is_sourced() {
- # https://unix.stackexchange.com/a/215279
- [ "${#FUNCNAME[@]}" -ge 2 ] \
- && [ "${FUNCNAME[0]}" = '_is_sourced' ] \
- && [ "${FUNCNAME[1]}" = 'source' ]
-}
-
-# used to create initial postgres directories and if run as root, ensure ownership to the "postgres" user
-docker_create_db_directories() {
- local user; user="$(id -u)"
-
- mkdir -p "$PGDATA"
- # ignore failure since there are cases where we can't chmod (and PostgreSQL might fail later anyhow - it's picky about permissions of this directory)
- chmod 00700 "$PGDATA" || :
-
- # ignore failure since it will be fine when using the image provided directory; see also https://github.com/docker-library/postgres/pull/289
- mkdir -p /var/run/postgresql || :
- chmod 03775 /var/run/postgresql || :
-
- # Create the transaction log directory before initdb is run so the directory is owned by the correct user
- if [ -n "${POSTGRES_INITDB_WALDIR:-}" ]; then
- mkdir -p "$POSTGRES_INITDB_WALDIR"
- if [ "$user" = '0' ]; then
- find "$POSTGRES_INITDB_WALDIR" \! -user postgres -exec chown postgres '{}' +
- fi
- chmod 700 "$POSTGRES_INITDB_WALDIR"
- fi
-
- # allow the container to be started with `--user`
- if [ "$user" = '0' ]; then
- find "$PGDATA" \! -user postgres -exec chown postgres '{}' +
- find /var/run/postgresql \! -user postgres -exec chown postgres '{}' +
- fi
-}
-
-# initialize empty PGDATA directory with new database via 'initdb'
-# arguments to `initdb` can be passed via POSTGRES_INITDB_ARGS or as arguments to this function
-# `initdb` automatically creates the "postgres", "template0", and "template1" dbnames
-# this is also where the database user is created, specified by `POSTGRES_USER` env
-docker_init_database_dir() {
- # "initdb" is particular about the current user existing in "/etc/passwd", so we use "nss_wrapper" to fake that if necessary
- # see https://github.com/docker-library/postgres/pull/253, https://github.com/docker-library/postgres/issues/359, https://cwrap.org/nss_wrapper.html
- local uid; uid="$(id -u)"
- if ! getent passwd "$uid" &> /dev/null; then
- # see if we can find a suitable "libnss_wrapper.so" (https://salsa.debian.org/sssd-team/nss-wrapper/-/commit/b9925a653a54e24d09d9b498a2d913729f7abb15)
- local wrapper
- for wrapper in {/usr,}/lib{/*,}/libnss_wrapper.so; do
- if [ -s "$wrapper" ]; then
- NSS_WRAPPER_PASSWD="$(mktemp)"
- NSS_WRAPPER_GROUP="$(mktemp)"
- export LD_PRELOAD="$wrapper" NSS_WRAPPER_PASSWD NSS_WRAPPER_GROUP
- local gid; gid="$(id -g)"
- printf 'postgres:x:%s:%s:PostgreSQL:%s:/bin/false\n' "$uid" "$gid" "$PGDATA" > "$NSS_WRAPPER_PASSWD"
- printf 'postgres:x:%s:\n' "$gid" > "$NSS_WRAPPER_GROUP"
- break
- fi
- done
- fi
-
- if [ -n "${POSTGRES_INITDB_WALDIR:-}" ]; then
- set -- --waldir "$POSTGRES_INITDB_WALDIR" "$@"
- fi
-
- # --pwfile refuses to handle a properly-empty file (hence the "\n"): https://github.com/docker-library/postgres/issues/1025
- eval 'initdb --username="$POSTGRES_USER" --pwfile=<(printf "%s\n" "$POSTGRES_PASSWORD") '"$POSTGRES_INITDB_ARGS"' "$@"'
-
- # unset/cleanup "nss_wrapper" bits
- if [[ "${LD_PRELOAD:-}" == */libnss_wrapper.so ]]; then
- rm -f "$NSS_WRAPPER_PASSWD" "$NSS_WRAPPER_GROUP"
- unset LD_PRELOAD NSS_WRAPPER_PASSWD NSS_WRAPPER_GROUP
- fi
-}
-
-# print large warning if POSTGRES_PASSWORD is long
-# error if both POSTGRES_PASSWORD is empty and POSTGRES_HOST_AUTH_METHOD is not 'trust'
-# print large warning if POSTGRES_HOST_AUTH_METHOD is set to 'trust'
-# assumes database is not set up, ie: [ -z "$DATABASE_ALREADY_EXISTS" ]
-docker_verify_minimum_env() {
- # check password first so we can output the warning before postgres
- # messes it up
- if [ "${#POSTGRES_PASSWORD}" -ge 100 ]; then
- cat >&2 <<-'EOWARN'
-
- WARNING: The supplied POSTGRES_PASSWORD is 100+ characters.
-
- This will not work if used via PGPASSWORD with "psql".
-
- https://www.postgresql.org/message-id/flat/E1Rqxp2-0004Qt-PL%40wrigleys.postgresql.org (BUG #6412)
- https://github.com/docker-library/postgres/issues/507
-
- EOWARN
- fi
- if [ -z "$POSTGRES_PASSWORD" ] && [ 'trust' != "$POSTGRES_HOST_AUTH_METHOD" ]; then
- # The - option suppresses leading tabs but *not* spaces. :)
- cat >&2 <<-'EOE'
- Error: Database is uninitialized and superuser password is not specified.
- You must specify POSTGRES_PASSWORD to a non-empty value for the
- superuser. For example, "-e POSTGRES_PASSWORD=password" on "docker run".
-
- You may also use "POSTGRES_HOST_AUTH_METHOD=trust" to allow all
- connections without a password. This is *not* recommended.
-
- See PostgreSQL documentation about "trust":
- https://www.postgresql.org/docs/current/auth-trust.html
- EOE
- exit 1
- fi
- if [ 'trust' = "$POSTGRES_HOST_AUTH_METHOD" ]; then
- cat >&2 <<-'EOWARN'
- ********************************************************************************
- WARNING: POSTGRES_HOST_AUTH_METHOD has been set to "trust". This will allow
- anyone with access to the Postgres port to access your database without
- a password, even if POSTGRES_PASSWORD is set. See PostgreSQL
- documentation about "trust":
- https://www.postgresql.org/docs/current/auth-trust.html
- In Docker's default configuration, this is effectively any other
- container on the same system.
-
- It is not recommended to use POSTGRES_HOST_AUTH_METHOD=trust. Replace
- it with "-e POSTGRES_PASSWORD=password" instead to set a password in
- "docker run".
- ********************************************************************************
- EOWARN
- fi
-}
-
-# usage: docker_process_init_files [file [file [...]]]
-# ie: docker_process_init_files /always-initdb.d/*
-# process initializer files, based on file extensions and permissions
-docker_process_init_files() {
- # psql here for backwards compatibility "${psql[@]}"
- psql=( docker_process_sql )
-
- printf '\n'
- local f
- for f; do
- case "$f" in
- *.sh)
- # https://github.com/docker-library/postgres/issues/450#issuecomment-393167936
- # https://github.com/docker-library/postgres/pull/452
- if [ -x "$f" ]; then
- printf '%s: running %s\n' "$0" "$f"
- "$f"
- else
- printf '%s: sourcing %s\n' "$0" "$f"
- . "$f"
- fi
- ;;
- *.sql) printf '%s: running %s\n' "$0" "$f"; docker_process_sql -f "$f"; printf '\n' ;;
- *.sql.gz) printf '%s: running %s\n' "$0" "$f"; gunzip -c "$f" | docker_process_sql; printf '\n' ;;
- *.sql.xz) printf '%s: running %s\n' "$0" "$f"; xzcat "$f" | docker_process_sql; printf '\n' ;;
- *.sql.zst) printf '%s: running %s\n' "$0" "$f"; zstd -dc "$f" | docker_process_sql; printf '\n' ;;
- *) printf '%s: ignoring %s\n' "$0" "$f" ;;
- esac
- printf '\n'
- done
-}
-
-# Execute sql script, passed via stdin (or -f flag of pqsl)
-# usage: docker_process_sql [psql-cli-args]
-# ie: docker_process_sql --dbname=mydb <<<'INSERT ...'
-# ie: docker_process_sql -f my-file.sql
-# ie: docker_process_sql <my-file.sql
-docker_process_sql() {
- local query_runner=( psql -v ON_ERROR_STOP=1 --username "$POSTGRES_USER" --no-password --no-psqlrc )
- if [ -n "$POSTGRES_DB" ]; then
- query_runner+=( --dbname "$POSTGRES_DB" )
- fi
-
- PGHOST= PGHOSTADDR= "${query_runner[@]}" "$@"
-}
-
-# create initial database
-# uses environment variables for input: POSTGRES_DB
-docker_setup_db() {
- local dbAlreadyExists
- dbAlreadyExists="$(
- POSTGRES_DB= docker_process_sql --dbname postgres --set db="$POSTGRES_DB" --tuples-only <<-'EOSQL'
- SELECT 1 FROM pg_database WHERE datname = :'db' ;
- EOSQL
- )"
- if [ -z "$dbAlreadyExists" ]; then
- POSTGRES_DB= docker_process_sql --dbname postgres --set db="$POSTGRES_DB" <<-'EOSQL'
- CREATE DATABASE :"db" ;
- EOSQL
- printf '\n'
- fi
-}
-
-# Loads various settings that are used elsewhere in the script
-# This should be called before any other functions
-docker_setup_env() {
- file_env 'POSTGRES_PASSWORD'
-
- file_env 'POSTGRES_USER' 'postgres'
- file_env 'POSTGRES_DB' "$POSTGRES_USER"
- file_env 'POSTGRES_INITDB_ARGS'
- : "${POSTGRES_HOST_AUTH_METHOD:=}"
-
- declare -g DATABASE_ALREADY_EXISTS
- # look specifically for PG_VERSION, as it is expected in the DB dir
- if [ -s "$PGDATA/PG_VERSION" ]; then
- DATABASE_ALREADY_EXISTS='true'
- fi
-}
-
-# append POSTGRES_HOST_AUTH_METHOD to pg_hba.conf for "host" connections
-# all arguments will be passed along as arguments to `postgres` for getting the value of 'password_encryption'
-pg_setup_hba_conf() {
- # default authentication method is md5 on versions before 14
- # https://www.postgresql.org/about/news/postgresql-14-released-2318/
- if [ "$1" = 'postgres' ]; then
- shift
- fi
- local auth
- # check the default/configured encryption and use that as the auth method
- auth="$(postgres -C password_encryption "$@")"
- : "${POSTGRES_HOST_AUTH_METHOD:=$auth}"
- {
- printf '\n'
- if [ 'trust' = "$POSTGRES_HOST_AUTH_METHOD" ]; then
- printf '# warning trust is enabled for all connections\n'
- printf '# see https://www.postgresql.org/docs/12/auth-trust.html\n'
- fi
- printf 'host all all all %s\n' "$POSTGRES_HOST_AUTH_METHOD"
- } >> "$PGDATA/pg_hba.conf"
-}
-
-# start socket-only postgresql server for setting up or running scripts
-# all arguments will be passed along as arguments to `postgres` (via pg_ctl)
-docker_temp_server_start() {
- if [ "$1" = 'postgres' ]; then
- shift
- fi
-
- # internal start of server in order to allow setup using psql client
- # does not listen on external TCP/IP and waits until start finishes
- set -- "$@" -c listen_addresses='' -p "${PGPORT:-5432}"
-
- PGUSER="${PGUSER:-$POSTGRES_USER}" \
- pg_ctl -D "$PGDATA" \
- -o "$(printf '%q ' "$@")" \
- -w start
-}
-
-# stop postgresql server after done setting up user and running scripts
-docker_temp_server_stop() {
- PGUSER="${PGUSER:-postgres}" \
- pg_ctl -D "$PGDATA" -m fast -w stop
-}
-
-# check arguments for an option that would cause postgres to stop
-# return true if there is one
-_pg_want_help() {
- local arg
- for arg; do
- case "$arg" in
- # postgres --help | grep 'then exit'
- # leaving out -C on purpose since it always fails and is unhelpful:
- # postgres: could not access the server configuration file "/var/lib/postgresql/data/postgresql.conf": No such file or directory
- -'?'|--help|--describe-config|-V|--version)
- return 0
- ;;
- esac
- done
- return 1
-}
-
-_main() {
- # if first arg looks like a flag, assume we want to run postgres server
- if [ "${1:0:1}" = '-' ]; then
- set -- postgres "$@"
- fi
-
- if [ "$1" = 'postgres' ] && ! _pg_want_help "$@"; then
- docker_setup_env
- # setup data directories and permissions (when run as root)
- docker_create_db_directories
- if [ "$(id -u)" = '0' ]; then
- # then restart script as postgres user
- exec su-exec postgres "$BASH_SOURCE" "$@"
- fi
-
- # only run initialization on an empty data directory
- if [ -z "$DATABASE_ALREADY_EXISTS" ]; then
- docker_verify_minimum_env
-
- # check dir permissions to reduce likelihood of half-initialized database
- ls /docker-entrypoint-initdb.d/ > /dev/null
-
- docker_init_database_dir
- pg_setup_hba_conf "$@"
-
- # PGPASSWORD is required for psql when authentication is required for 'local' connections via pg_hba.conf and is otherwise harmless
- # e.g. when '--auth=md5' or '--auth-local=md5' is used in POSTGRES_INITDB_ARGS
- export PGPASSWORD="${PGPASSWORD:-$POSTGRES_PASSWORD}"
- docker_temp_server_start "$@"
-
- docker_setup_db
- docker_process_init_files /docker-entrypoint-initdb.d/*
-
- docker_temp_server_stop
- unset PGPASSWORD
-
- cat <<-'EOM'
-
- PostgreSQL init process complete; ready for start up.
-
- EOM
- else
- cat <<-'EOM'
-
- PostgreSQL Database directory appears to contain a database; Skipping initialization
-
- EOM
- fi
- fi
-
- exec "$@"
-}
-
-if ! _is_sourced; then
- _main "$@"
-fi
diff --git a/11/bookworm/Dockerfile b/11/bookworm/Dockerfile
deleted file mode 100644
index 4406b7a246..0000000000
--- a/11/bookworm/Dockerfile
+++ /dev/null
@@ -1,221 +0,0 @@
-#
-# NOTE: THIS DOCKERFILE IS GENERATED VIA "apply-templates.sh"
-#
-# PLEASE DO NOT EDIT IT DIRECTLY.
-#
-
-FROM debian:bookworm-slim
-
-# explicitly set user/group IDs
-RUN set -eux; \
- groupadd -r postgres --gid=999; \
-# https://salsa.debian.org/postgresql/postgresql-common/blob/997d842ee744687d99a2b2d95c1083a2615c79e8/debian/postgresql-common.postinst#L32-35
- useradd -r -g postgres --uid=999 --home-dir=/var/lib/postgresql --shell=/bin/bash postgres; \
-# also create the postgres user's home directory with appropriate permissions
-# see https://github.com/docker-library/postgres/issues/274
- mkdir -p /var/lib/postgresql; \
- chown -R postgres:postgres /var/lib/postgresql
-
-RUN set -ex; \
- apt-get update; \
- apt-get install -y --no-install-recommends \
- gnupg \
- ; \
- rm -rf /var/lib/apt/lists/*
-
-# grab gosu for easy step-down from root
-# https://github.com/tianon/gosu/releases
-ENV GOSU_VERSION 1.16
-RUN set -eux; \
- savedAptMark="$(apt-mark showmanual)"; \
- apt-get update; \
- apt-get install -y --no-install-recommends ca-certificates wget; \
- rm -rf /var/lib/apt/lists/*; \
- dpkgArch="$(dpkg --print-architecture | awk -F- '{ print $NF }')"; \
- wget -O /usr/local/bin/gosu "https://github.com/tianon/gosu/releases/download/$GOSU_VERSION/gosu-$dpkgArch"; \
- wget -O /usr/local/bin/gosu.asc "https://github.com/tianon/gosu/releases/download/$GOSU_VERSION/gosu-$dpkgArch.asc"; \
- export GNUPGHOME="$(mktemp -d)"; \
- gpg --batch --keyserver hkps://keys.openpgp.org --recv-keys B42F6819007F00F88E364FD4036A9C25BF357DD4; \
- gpg --batch --verify /usr/local/bin/gosu.asc /usr/local/bin/gosu; \
- gpgconf --kill all; \
- rm -rf "$GNUPGHOME" /usr/local/bin/gosu.asc; \
- apt-mark auto '.*' > /dev/null; \
- [ -z "$savedAptMark" ] || apt-mark manual $savedAptMark > /dev/null; \
- apt-get purge -y --auto-remove -o APT::AutoRemove::RecommendsImportant=false; \
- chmod +x /usr/local/bin/gosu; \
- gosu --version; \
- gosu nobody true
-
-# make the "en_US.UTF-8" locale so postgres will be utf-8 enabled by default
-RUN set -eux; \
- if [ -f /etc/dpkg/dpkg.cfg.d/docker ]; then \
-# if this file exists, we're likely in "debian:xxx-slim", and locales are thus being excluded so we need to remove that exclusion (since we need locales)
- grep -q '/usr/share/locale' /etc/dpkg/dpkg.cfg.d/docker; \
- sed -ri '/\/usr\/share\/locale/d' /etc/dpkg/dpkg.cfg.d/docker; \
- ! grep -q '/usr/share/locale' /etc/dpkg/dpkg.cfg.d/docker; \
- fi; \
- apt-get update; apt-get install -y --no-install-recommends locales; rm -rf /var/lib/apt/lists/*; \
- echo 'en_US.UTF-8 UTF-8' >> /etc/locale.gen; \
- locale-gen; \
- locale -a | grep 'en_US.utf8'
-ENV LANG en_US.utf8
-
-RUN set -eux; \
- apt-get update; \
- apt-get install -y --no-install-recommends \
- libnss-wrapper \
- xz-utils \
- zstd \
- ; \
- rm -rf /var/lib/apt/lists/*
-
-RUN mkdir /docker-entrypoint-initdb.d
-
-RUN set -ex; \
-# pub 4096R/ACCC4CF8 2011-10-13 [expires: 2019-07-02]
-# Key fingerprint = B97B 0AFC AA1A 47F0 44F2 44A0 7FCC 7D46 ACCC 4CF8
-# uid PostgreSQL Debian Repository
- key='B97B0AFCAA1A47F044F244A07FCC7D46ACCC4CF8'; \
- export GNUPGHOME="$(mktemp -d)"; \
- mkdir -p /usr/local/share/keyrings/; \
- gpg --batch --keyserver keyserver.ubuntu.com --recv-keys "$key"; \
- gpg --batch --export --armor "$key" > /usr/local/share/keyrings/postgres.gpg.asc; \
- gpgconf --kill all; \
- rm -rf "$GNUPGHOME"
-
-ENV PG_MAJOR 11
-ENV PATH $PATH:/usr/lib/postgresql/$PG_MAJOR/bin
-
-ENV PG_VERSION 11.22-1.pgdg120+1
-
-RUN set -ex; \
- \
-# see note below about "*.pyc" files
- export PYTHONDONTWRITEBYTECODE=1; \
- \
- dpkgArch="$(dpkg --print-architecture)"; \
- aptRepo="[ signed-by=/usr/local/share/keyrings/postgres.gpg.asc ] http://apt.postgresql.org/pub/repos/apt/ bookworm-pgdg main $PG_MAJOR"; \
- case "$dpkgArch" in \
- amd64 | arm64 | ppc64el | s390x) \
-# arches officialy built by upstream
- echo "deb $aptRepo" > /etc/apt/sources.list.d/pgdg.list; \
- apt-get update; \
- ;; \
- *) \
-# we're on an architecture upstream doesn't officially build for
-# let's build binaries from their published source packages
- echo "deb-src $aptRepo" > /etc/apt/sources.list.d/pgdg.list; \
- \
- savedAptMark="$(apt-mark showmanual)"; \
- \
- tempDir="$(mktemp -d)"; \
- cd "$tempDir"; \
- \
-# create a temporary local APT repo to install from (so that dependency resolution can be handled by APT, as it should be)
- apt-get update; \
- apt-get install -y --no-install-recommends dpkg-dev; \
- echo "deb [ trusted=yes ] file://$tempDir ./" > /etc/apt/sources.list.d/temp.list; \
- _update_repo() { \
- dpkg-scanpackages . > Packages; \
-# work around the following APT issue by using "Acquire::GzipIndexes=false" (overriding "/etc/apt/apt.conf.d/docker-gzip-indexes")
-# Could not open file /var/lib/apt/lists/partial/_tmp_tmp.ODWljpQfkE_._Packages - open (13: Permission denied)
-# ...
-# E: Failed to fetch store:/var/lib/apt/lists/partial/_tmp_tmp.ODWljpQfkE_._Packages Could not open file /var/lib/apt/lists/partial/_tmp_tmp.ODWljpQfkE_._Packages - open (13: Permission denied)
- apt-get -o Acquire::GzipIndexes=false update; \
- }; \
- _update_repo; \
- \
-# build .deb files from upstream's source packages (which are verified by apt-get)
- nproc="$(nproc)"; \
- export DEB_BUILD_OPTIONS="nocheck parallel=$nproc"; \
-# we have to build postgresql-common first because postgresql-$PG_MAJOR shares "debian/rules" logic with it: https://salsa.debian.org/postgresql/postgresql/-/commit/99f44476e258cae6bf9e919219fa2c5414fa2876
-# (and it "Depends: pgdg-keyring")
- apt-get build-dep -y postgresql-common pgdg-keyring; \
- apt-get source --compile postgresql-common pgdg-keyring; \
- _update_repo; \
- apt-get build-dep -y "postgresql-$PG_MAJOR=$PG_VERSION"; \
- apt-get source --compile "postgresql-$PG_MAJOR=$PG_VERSION"; \
- \
-# we don't remove APT lists here because they get re-downloaded and removed later
- \
-# reset apt-mark's "manual" list so that "purge --auto-remove" will remove all build dependencies
-# (which is done after we install the built packages so we don't have to redownload any overlapping dependencies)
- apt-mark showmanual | xargs apt-mark auto > /dev/null; \
- apt-mark manual $savedAptMark; \
- \
- ls -lAFh; \
- _update_repo; \
- grep '^Package: ' Packages; \
- cd /; \
- ;; \
- esac; \
- \
- apt-get install -y --no-install-recommends postgresql-common; \
- sed -ri 's/#(create_main_cluster) .*$/\1 = false/' /etc/postgresql-common/createcluster.conf; \
- apt-get install -y --no-install-recommends \
- "postgresql-$PG_MAJOR=$PG_VERSION" \
- ; \
- \
- rm -rf /var/lib/apt/lists/*; \
- \
- if [ -n "$tempDir" ]; then \
-# if we have leftovers from building, let's purge them (including extra, unnecessary build deps)
- apt-get purge -y --auto-remove; \
- rm -rf "$tempDir" /etc/apt/sources.list.d/temp.list; \
- fi; \
- \
-# some of the steps above generate a lot of "*.pyc" files (and setting "PYTHONDONTWRITEBYTECODE" beforehand doesn't propagate properly for some reason), so we clean them up manually (as long as they aren't owned by a package)
- find /usr -name '*.pyc' -type f -exec bash -c 'for pyc; do dpkg -S "$pyc" &> /dev/null || rm -vf "$pyc"; done' -- '{}' +; \
- \
- postgres --version
-
-# make the sample config easier to munge (and "correct by default")
-RUN set -eux; \
- dpkg-divert --add --rename --divert "/usr/share/postgresql/postgresql.conf.sample.dpkg" "/usr/share/postgresql/$PG_MAJOR/postgresql.conf.sample"; \
- cp -v /usr/share/postgresql/postgresql.conf.sample.dpkg /usr/share/postgresql/postgresql.conf.sample; \
- ln -sv ../postgresql.conf.sample "/usr/share/postgresql/$PG_MAJOR/"; \
- sed -ri "s!^#?(listen_addresses)\s*=\s*\S+.*!\1 = '*'!" /usr/share/postgresql/postgresql.conf.sample; \
- grep -F "listen_addresses = '*'" /usr/share/postgresql/postgresql.conf.sample
-
-RUN mkdir -p /var/run/postgresql && chown -R postgres:postgres /var/run/postgresql && chmod 3777 /var/run/postgresql
-
-ENV PGDATA /var/lib/postgresql/data
-# this 1777 will be replaced by 0700 at runtime (allows semi-arbitrary "--user" values)
-RUN mkdir -p "$PGDATA" && chown -R postgres:postgres "$PGDATA" && chmod 1777 "$PGDATA"
-VOLUME /var/lib/postgresql/data
-
-COPY docker-entrypoint.sh /usr/local/bin/
-ENTRYPOINT ["docker-entrypoint.sh"]
-
-# We set the default STOPSIGNAL to SIGINT, which corresponds to what PostgreSQL
-# calls "Fast Shutdown mode" wherein new connections are disallowed and any
-# in-progress transactions are aborted, allowing PostgreSQL to stop cleanly and
-# flush tables to disk, which is the best compromise available to avoid data
-# corruption.
-#
-# Users who know their applications do not keep open long-lived idle connections
-# may way to use a value of SIGTERM instead, which corresponds to "Smart
-# Shutdown mode" in which any existing sessions are allowed to finish and the
-# server stops when all sessions are terminated.
-#
-# See https://www.postgresql.org/docs/12/server-shutdown.html for more details
-# about available PostgreSQL server shutdown signals.
-#
-# See also https://www.postgresql.org/docs/12/server-start.html for further
-# justification of this as the default value, namely that the example (and
-# shipped) systemd service files use the "Fast Shutdown mode" for service
-# termination.
-#
-STOPSIGNAL SIGINT
-#
-# An additional setting that is recommended for all users regardless of this
-# value is the runtime "--stop-timeout" (or your orchestrator/runtime's
-# equivalent) for controlling how long to wait between sending the defined
-# STOPSIGNAL and sending SIGKILL (which is likely to cause data corruption).
-#
-# The default in most runtimes (such as Docker) is 10 seconds, and the
-# documentation at https://www.postgresql.org/docs/12/server-start.html notes
-# that even 90 seconds may not be long enough in many instances.
-
-EXPOSE 5432
-CMD ["postgres"]
diff --git a/11/bookworm/docker-entrypoint.sh b/11/bookworm/docker-entrypoint.sh
deleted file mode 100755
index 0ae0ecf8c2..0000000000
--- a/11/bookworm/docker-entrypoint.sh
+++ /dev/null
@@ -1,351 +0,0 @@
-#!/usr/bin/env bash
-set -Eeo pipefail
-# TODO swap to -Eeuo pipefail above (after handling all potentially-unset variables)
-
-# usage: file_env VAR [DEFAULT]
-# ie: file_env 'XYZ_DB_PASSWORD' 'example'
-# (will allow for "$XYZ_DB_PASSWORD_FILE" to fill in the value of
-# "$XYZ_DB_PASSWORD" from a file, especially for Docker's secrets feature)
-file_env() {
- local var="$1"
- local fileVar="${var}_FILE"
- local def="${2:-}"
- if [ "${!var:-}" ] && [ "${!fileVar:-}" ]; then
- printf >&2 'error: both %s and %s are set (but are exclusive)\n' "$var" "$fileVar"
- exit 1
- fi
- local val="$def"
- if [ "${!var:-}" ]; then
- val="${!var}"
- elif [ "${!fileVar:-}" ]; then
- val="$(< "${!fileVar}")"
- fi
- export "$var"="$val"
- unset "$fileVar"
-}
-
-# check to see if this file is being run or sourced from another script
-_is_sourced() {
- # https://unix.stackexchange.com/a/215279
- [ "${#FUNCNAME[@]}" -ge 2 ] \
- && [ "${FUNCNAME[0]}" = '_is_sourced' ] \
- && [ "${FUNCNAME[1]}" = 'source' ]
-}
-
-# used to create initial postgres directories and if run as root, ensure ownership to the "postgres" user
-docker_create_db_directories() {
- local user; user="$(id -u)"
-
- mkdir -p "$PGDATA"
- # ignore failure since there are cases where we can't chmod (and PostgreSQL might fail later anyhow - it's picky about permissions of this directory)
- chmod 00700 "$PGDATA" || :
-
- # ignore failure since it will be fine when using the image provided directory; see also https://github.com/docker-library/postgres/pull/289
- mkdir -p /var/run/postgresql || :
- chmod 03775 /var/run/postgresql || :
-
- # Create the transaction log directory before initdb is run so the directory is owned by the correct user
- if [ -n "${POSTGRES_INITDB_WALDIR:-}" ]; then
- mkdir -p "$POSTGRES_INITDB_WALDIR"
- if [ "$user" = '0' ]; then
- find "$POSTGRES_INITDB_WALDIR" \! -user postgres -exec chown postgres '{}' +
- fi
- chmod 700 "$POSTGRES_INITDB_WALDIR"
- fi
-
- # allow the container to be started with `--user`
- if [ "$user" = '0' ]; then
- find "$PGDATA" \! -user postgres -exec chown postgres '{}' +
- find /var/run/postgresql \! -user postgres -exec chown postgres '{}' +
- fi
-}
-
-# initialize empty PGDATA directory with new database via 'initdb'
-# arguments to `initdb` can be passed via POSTGRES_INITDB_ARGS or as arguments to this function
-# `initdb` automatically creates the "postgres", "template0", and "template1" dbnames
-# this is also where the database user is created, specified by `POSTGRES_USER` env
-docker_init_database_dir() {
- # "initdb" is particular about the current user existing in "/etc/passwd", so we use "nss_wrapper" to fake that if necessary
- # see https://github.com/docker-library/postgres/pull/253, https://github.com/docker-library/postgres/issues/359, https://cwrap.org/nss_wrapper.html
- local uid; uid="$(id -u)"
- if ! getent passwd "$uid" &> /dev/null; then
- # see if we can find a suitable "libnss_wrapper.so" (https://salsa.debian.org/sssd-team/nss-wrapper/-/commit/b9925a653a54e24d09d9b498a2d913729f7abb15)
- local wrapper
- for wrapper in {/usr,}/lib{/*,}/libnss_wrapper.so; do
- if [ -s "$wrapper" ]; then
- NSS_WRAPPER_PASSWD="$(mktemp)"
- NSS_WRAPPER_GROUP="$(mktemp)"
- export LD_PRELOAD="$wrapper" NSS_WRAPPER_PASSWD NSS_WRAPPER_GROUP
- local gid; gid="$(id -g)"
- printf 'postgres:x:%s:%s:PostgreSQL:%s:/bin/false\n' "$uid" "$gid" "$PGDATA" > "$NSS_WRAPPER_PASSWD"
- printf 'postgres:x:%s:\n' "$gid" > "$NSS_WRAPPER_GROUP"
- break
- fi
- done
- fi
-
- if [ -n "${POSTGRES_INITDB_WALDIR:-}" ]; then
- set -- --waldir "$POSTGRES_INITDB_WALDIR" "$@"
- fi
-
- # --pwfile refuses to handle a properly-empty file (hence the "\n"): https://github.com/docker-library/postgres/issues/1025
- eval 'initdb --username="$POSTGRES_USER" --pwfile=<(printf "%s\n" "$POSTGRES_PASSWORD") '"$POSTGRES_INITDB_ARGS"' "$@"'
-
- # unset/cleanup "nss_wrapper" bits
- if [[ "${LD_PRELOAD:-}" == */libnss_wrapper.so ]]; then
- rm -f "$NSS_WRAPPER_PASSWD" "$NSS_WRAPPER_GROUP"
- unset LD_PRELOAD NSS_WRAPPER_PASSWD NSS_WRAPPER_GROUP
- fi
-}
-
-# print large warning if POSTGRES_PASSWORD is long
-# error if both POSTGRES_PASSWORD is empty and POSTGRES_HOST_AUTH_METHOD is not 'trust'
-# print large warning if POSTGRES_HOST_AUTH_METHOD is set to 'trust'
-# assumes database is not set up, ie: [ -z "$DATABASE_ALREADY_EXISTS" ]
-docker_verify_minimum_env() {
- # check password first so we can output the warning before postgres
- # messes it up
- if [ "${#POSTGRES_PASSWORD}" -ge 100 ]; then
- cat >&2 <<-'EOWARN'
-
- WARNING: The supplied POSTGRES_PASSWORD is 100+ characters.
-
- This will not work if used via PGPASSWORD with "psql".
-
- https://www.postgresql.org/message-id/flat/E1Rqxp2-0004Qt-PL%40wrigleys.postgresql.org (BUG #6412)
- https://github.com/docker-library/postgres/issues/507
-
- EOWARN
- fi
- if [ -z "$POSTGRES_PASSWORD" ] && [ 'trust' != "$POSTGRES_HOST_AUTH_METHOD" ]; then
- # The - option suppresses leading tabs but *not* spaces. :)
- cat >&2 <<-'EOE'
- Error: Database is uninitialized and superuser password is not specified.
- You must specify POSTGRES_PASSWORD to a non-empty value for the
- superuser. For example, "-e POSTGRES_PASSWORD=password" on "docker run".
-
- You may also use "POSTGRES_HOST_AUTH_METHOD=trust" to allow all
- connections without a password. This is *not* recommended.
-
- See PostgreSQL documentation about "trust":
- https://www.postgresql.org/docs/current/auth-trust.html
- EOE
- exit 1
- fi
- if [ 'trust' = "$POSTGRES_HOST_AUTH_METHOD" ]; then
- cat >&2 <<-'EOWARN'
- ********************************************************************************
- WARNING: POSTGRES_HOST_AUTH_METHOD has been set to "trust". This will allow
- anyone with access to the Postgres port to access your database without
- a password, even if POSTGRES_PASSWORD is set. See PostgreSQL
- documentation about "trust":
- https://www.postgresql.org/docs/current/auth-trust.html
- In Docker's default configuration, this is effectively any other
- container on the same system.
-
- It is not recommended to use POSTGRES_HOST_AUTH_METHOD=trust. Replace
- it with "-e POSTGRES_PASSWORD=password" instead to set a password in
- "docker run".
- ********************************************************************************
- EOWARN
- fi
-}
-
-# usage: docker_process_init_files [file [file [...]]]
-# ie: docker_process_init_files /always-initdb.d/*
-# process initializer files, based on file extensions and permissions
-docker_process_init_files() {
- # psql here for backwards compatibility "${psql[@]}"
- psql=( docker_process_sql )
-
- printf '\n'
- local f
- for f; do
- case "$f" in
- *.sh)
- # https://github.com/docker-library/postgres/issues/450#issuecomment-393167936
- # https://github.com/docker-library/postgres/pull/452
- if [ -x "$f" ]; then
- printf '%s: running %s\n' "$0" "$f"
- "$f"
- else
- printf '%s: sourcing %s\n' "$0" "$f"
- . "$f"
- fi
- ;;
- *.sql) printf '%s: running %s\n' "$0" "$f"; docker_process_sql -f "$f"; printf '\n' ;;
- *.sql.gz) printf '%s: running %s\n' "$0" "$f"; gunzip -c "$f" | docker_process_sql; printf '\n' ;;
- *.sql.xz) printf '%s: running %s\n' "$0" "$f"; xzcat "$f" | docker_process_sql; printf '\n' ;;
- *.sql.zst) printf '%s: running %s\n' "$0" "$f"; zstd -dc "$f" | docker_process_sql; printf '\n' ;;
- *) printf '%s: ignoring %s\n' "$0" "$f" ;;
- esac
- printf '\n'
- done
-}
-
-# Execute sql script, passed via stdin (or -f flag of pqsl)
-# usage: docker_process_sql [psql-cli-args]
-# ie: docker_process_sql --dbname=mydb <<<'INSERT ...'
-# ie: docker_process_sql -f my-file.sql
-# ie: docker_process_sql <my-file.sql
-docker_process_sql() {
- local query_runner=( psql -v ON_ERROR_STOP=1 --username "$POSTGRES_USER" --no-password --no-psqlrc )
- if [ -n "$POSTGRES_DB" ]; then
- query_runner+=( --dbname "$POSTGRES_DB" )
- fi
-
- PGHOST= PGHOSTADDR= "${query_runner[@]}" "$@"
-}
-
-# create initial database
-# uses environment variables for input: POSTGRES_DB
-docker_setup_db() {
- local dbAlreadyExists
- dbAlreadyExists="$(
- POSTGRES_DB= docker_process_sql --dbname postgres --set db="$POSTGRES_DB" --tuples-only <<-'EOSQL'
- SELECT 1 FROM pg_database WHERE datname = :'db' ;
- EOSQL
- )"
- if [ -z "$dbAlreadyExists" ]; then
- POSTGRES_DB= docker_process_sql --dbname postgres --set db="$POSTGRES_DB" <<-'EOSQL'
- CREATE DATABASE :"db" ;
- EOSQL
- printf '\n'
- fi
-}
-
-# Loads various settings that are used elsewhere in the script
-# This should be called before any other functions
-docker_setup_env() {
- file_env 'POSTGRES_PASSWORD'
-
- file_env 'POSTGRES_USER' 'postgres'
- file_env 'POSTGRES_DB' "$POSTGRES_USER"
- file_env 'POSTGRES_INITDB_ARGS'
- : "${POSTGRES_HOST_AUTH_METHOD:=}"
-
- declare -g DATABASE_ALREADY_EXISTS
- # look specifically for PG_VERSION, as it is expected in the DB dir
- if [ -s "$PGDATA/PG_VERSION" ]; then
- DATABASE_ALREADY_EXISTS='true'
- fi
-}
-
-# append POSTGRES_HOST_AUTH_METHOD to pg_hba.conf for "host" connections
-# all arguments will be passed along as arguments to `postgres` for getting the value of 'password_encryption'
-pg_setup_hba_conf() {
- # default authentication method is md5 on versions before 14
- # https://www.postgresql.org/about/news/postgresql-14-released-2318/
- if [ "$1" = 'postgres' ]; then
- shift
- fi
- local auth
- # check the default/configured encryption and use that as the auth method
- auth="$(postgres -C password_encryption "$@")"
- : "${POSTGRES_HOST_AUTH_METHOD:=$auth}"
- {
- printf '\n'
- if [ 'trust' = "$POSTGRES_HOST_AUTH_METHOD" ]; then
- printf '# warning trust is enabled for all connections\n'
- printf '# see https://www.postgresql.org/docs/12/auth-trust.html\n'
- fi
- printf 'host all all all %s\n' "$POSTGRES_HOST_AUTH_METHOD"
- } >> "$PGDATA/pg_hba.conf"
-}
-
-# start socket-only postgresql server for setting up or running scripts
-# all arguments will be passed along as arguments to `postgres` (via pg_ctl)
-docker_temp_server_start() {
- if [ "$1" = 'postgres' ]; then
- shift
- fi
-
- # internal start of server in order to allow setup using psql client
- # does not listen on external TCP/IP and waits until start finishes
- set -- "$@" -c listen_addresses='' -p "${PGPORT:-5432}"
-
- PGUSER="${PGUSER:-$POSTGRES_USER}" \
- pg_ctl -D "$PGDATA" \
- -o "$(printf '%q ' "$@")" \
- -w start
-}
-
-# stop postgresql server after done setting up user and running scripts
-docker_temp_server_stop() {
- PGUSER="${PGUSER:-postgres}" \
- pg_ctl -D "$PGDATA" -m fast -w stop
-}
-
-# check arguments for an option that would cause postgres to stop
-# return true if there is one
-_pg_want_help() {
- local arg
- for arg; do
- case "$arg" in
- # postgres --help | grep 'then exit'
- # leaving out -C on purpose since it always fails and is unhelpful:
- # postgres: could not access the server configuration file "/var/lib/postgresql/data/postgresql.conf": No such file or directory
- -'?'|--help|--describe-config|-V|--version)
- return 0
- ;;
- esac
- done
- return 1
-}
-
-_main() {
- # if first arg looks like a flag, assume we want to run postgres server
- if [ "${1:0:1}" = '-' ]; then
- set -- postgres "$@"
- fi
-
- if [ "$1" = 'postgres' ] && ! _pg_want_help "$@"; then
- docker_setup_env
- # setup data directories and permissions (when run as root)
- docker_create_db_directories
- if [ "$(id -u)" = '0' ]; then
- # then restart script as postgres user
- exec gosu postgres "$BASH_SOURCE" "$@"
- fi
-
- # only run initialization on an empty data directory
- if [ -z "$DATABASE_ALREADY_EXISTS" ]; then
- docker_verify_minimum_env
-
- # check dir permissions to reduce likelihood of half-initialized database
- ls /docker-entrypoint-initdb.d/ > /dev/null
-
- docker_init_database_dir
- pg_setup_hba_conf "$@"
-
- # PGPASSWORD is required for psql when authentication is required for 'local' connections via pg_hba.conf and is otherwise harmless
- # e.g. when '--auth=md5' or '--auth-local=md5' is used in POSTGRES_INITDB_ARGS
- export PGPASSWORD="${PGPASSWORD:-$POSTGRES_PASSWORD}"
- docker_temp_server_start "$@"
-
- docker_setup_db
- docker_process_init_files /docker-entrypoint-initdb.d/*
-
- docker_temp_server_stop
- unset PGPASSWORD
-
- cat <<-'EOM'
-
- PostgreSQL init process complete; ready for start up.
-
- EOM
- else
- cat <<-'EOM'
-
- PostgreSQL Database directory appears to contain a database; Skipping initialization
-
- EOM
- fi
- fi
-
- exec "$@"
-}
-
-if ! _is_sourced; then
- _main "$@"
-fi
diff --git a/11/bullseye/Dockerfile b/11/bullseye/Dockerfile
deleted file mode 100644
index ce3e8bb562..0000000000
--- a/11/bullseye/Dockerfile
+++ /dev/null
@@ -1,221 +0,0 @@
-#
-# NOTE: THIS DOCKERFILE IS GENERATED VIA "apply-templates.sh"
-#
-# PLEASE DO NOT EDIT IT DIRECTLY.
-#
-
-FROM debian:bullseye-slim
-
-# explicitly set user/group IDs
-RUN set -eux; \
- groupadd -r postgres --gid=999; \
-# https://salsa.debian.org/postgresql/postgresql-common/blob/997d842ee744687d99a2b2d95c1083a2615c79e8/debian/postgresql-common.postinst#L32-35
- useradd -r -g postgres --uid=999 --home-dir=/var/lib/postgresql --shell=/bin/bash postgres; \
-# also create the postgres user's home directory with appropriate permissions
-# see https://github.com/docker-library/postgres/issues/274
- mkdir -p /var/lib/postgresql; \
- chown -R postgres:postgres /var/lib/postgresql
-
-RUN set -ex; \
- apt-get update; \
- apt-get install -y --no-install-recommends \
- gnupg \
- ; \
- rm -rf /var/lib/apt/lists/*
-
-# grab gosu for easy step-down from root
-# https://github.com/tianon/gosu/releases
-ENV GOSU_VERSION 1.16
-RUN set -eux; \
- savedAptMark="$(apt-mark showmanual)"; \
- apt-get update; \
- apt-get install -y --no-install-recommends ca-certificates wget; \
- rm -rf /var/lib/apt/lists/*; \
- dpkgArch="$(dpkg --print-architecture | awk -F- '{ print $NF }')"; \
- wget -O /usr/local/bin/gosu "https://github.com/tianon/gosu/releases/download/$GOSU_VERSION/gosu-$dpkgArch"; \
- wget -O /usr/local/bin/gosu.asc "https://github.com/tianon/gosu/releases/download/$GOSU_VERSION/gosu-$dpkgArch.asc"; \
- export GNUPGHOME="$(mktemp -d)"; \
- gpg --batch --keyserver hkps://keys.openpgp.org --recv-keys B42F6819007F00F88E364FD4036A9C25BF357DD4; \
- gpg --batch --verify /usr/local/bin/gosu.asc /usr/local/bin/gosu; \
- gpgconf --kill all; \
- rm -rf "$GNUPGHOME" /usr/local/bin/gosu.asc; \
- apt-mark auto '.*' > /dev/null; \
- [ -z "$savedAptMark" ] || apt-mark manual $savedAptMark > /dev/null; \
- apt-get purge -y --auto-remove -o APT::AutoRemove::RecommendsImportant=false; \
- chmod +x /usr/local/bin/gosu; \
- gosu --version; \
- gosu nobody true
-
-# make the "en_US.UTF-8" locale so postgres will be utf-8 enabled by default
-RUN set -eux; \
- if [ -f /etc/dpkg/dpkg.cfg.d/docker ]; then \
-# if this file exists, we're likely in "debian:xxx-slim", and locales are thus being excluded so we need to remove that exclusion (since we need locales)
- grep -q '/usr/share/locale' /etc/dpkg/dpkg.cfg.d/docker; \
- sed -ri '/\/usr\/share\/locale/d' /etc/dpkg/dpkg.cfg.d/docker; \
- ! grep -q '/usr/share/locale' /etc/dpkg/dpkg.cfg.d/docker; \
- fi; \
- apt-get update; apt-get install -y --no-install-recommends locales; rm -rf /var/lib/apt/lists/*; \
- echo 'en_US.UTF-8 UTF-8' >> /etc/locale.gen; \
- locale-gen; \
- locale -a | grep 'en_US.utf8'
-ENV LANG en_US.utf8
-
-RUN set -eux; \
- apt-get update; \
- apt-get install -y --no-install-recommends \
- libnss-wrapper \
- xz-utils \
- zstd \
- ; \
- rm -rf /var/lib/apt/lists/*
-
-RUN mkdir /docker-entrypoint-initdb.d
-
-RUN set -ex; \
-# pub 4096R/ACCC4CF8 2011-10-13 [expires: 2019-07-02]
-# Key fingerprint = B97B 0AFC AA1A 47F0 44F2 44A0 7FCC 7D46 ACCC 4CF8
-# uid PostgreSQL Debian Repository
- key='B97B0AFCAA1A47F044F244A07FCC7D46ACCC4CF8'; \
- export GNUPGHOME="$(mktemp -d)"; \
- mkdir -p /usr/local/share/keyrings/; \
- gpg --batch --keyserver keyserver.ubuntu.com --recv-keys "$key"; \
- gpg --batch --export --armor "$key" > /usr/local/share/keyrings/postgres.gpg.asc; \
- gpgconf --kill all; \
- rm -rf "$GNUPGHOME"
-
-ENV PG_MAJOR 11
-ENV PATH $PATH:/usr/lib/postgresql/$PG_MAJOR/bin
-
-ENV PG_VERSION 11.22-1.pgdg110+1
-
-RUN set -ex; \
- \
-# see note below about "*.pyc" files
- export PYTHONDONTWRITEBYTECODE=1; \
- \
- dpkgArch="$(dpkg --print-architecture)"; \
- aptRepo="[ signed-by=/usr/local/share/keyrings/postgres.gpg.asc ] http://apt.postgresql.org/pub/repos/apt/ bullseye-pgdg main $PG_MAJOR"; \
- case "$dpkgArch" in \
- amd64 | arm64 | ppc64el | s390x) \
-# arches officialy built by upstream
- echo "deb $aptRepo" > /etc/apt/sources.list.d/pgdg.list; \
- apt-get update; \
- ;; \
- *) \
-# we're on an architecture upstream doesn't officially build for
-# let's build binaries from their published source packages
- echo "deb-src $aptRepo" > /etc/apt/sources.list.d/pgdg.list; \
- \
- savedAptMark="$(apt-mark showmanual)"; \
- \
- tempDir="$(mktemp -d)"; \
- cd "$tempDir"; \
- \
-# create a temporary local APT repo to install from (so that dependency resolution can be handled by APT, as it should be)
- apt-get update; \
- apt-get install -y --no-install-recommends dpkg-dev; \
- echo "deb [ trusted=yes ] file://$tempDir ./" > /etc/apt/sources.list.d/temp.list; \
- _update_repo() { \
- dpkg-scanpackages . > Packages; \
-# work around the following APT issue by using "Acquire::GzipIndexes=false" (overriding "/etc/apt/apt.conf.d/docker-gzip-indexes")
-# Could not open file /var/lib/apt/lists/partial/_tmp_tmp.ODWljpQfkE_._Packages - open (13: Permission denied)
-# ...
-# E: Failed to fetch store:/var/lib/apt/lists/partial/_tmp_tmp.ODWljpQfkE_._Packages Could not open file /var/lib/apt/lists/partial/_tmp_tmp.ODWljpQfkE_._Packages - open (13: Permission denied)
- apt-get -o Acquire::GzipIndexes=false update; \
- }; \
- _update_repo; \
- \
-# build .deb files from upstream's source packages (which are verified by apt-get)
- nproc="$(nproc)"; \
- export DEB_BUILD_OPTIONS="nocheck parallel=$nproc"; \
-# we have to build postgresql-common first because postgresql-$PG_MAJOR shares "debian/rules" logic with it: https://salsa.debian.org/postgresql/postgresql/-/commit/99f44476e258cae6bf9e919219fa2c5414fa2876
-# (and it "Depends: pgdg-keyring")
- apt-get build-dep -y postgresql-common pgdg-keyring; \
- apt-get source --compile postgresql-common pgdg-keyring; \
- _update_repo; \
- apt-get build-dep -y "postgresql-$PG_MAJOR=$PG_VERSION"; \
- apt-get source --compile "postgresql-$PG_MAJOR=$PG_VERSION"; \
- \
-# we don't remove APT lists here because they get re-downloaded and removed later
- \
-# reset apt-mark's "manual" list so that "purge --auto-remove" will remove all build dependencies
-# (which is done after we install the built packages so we don't have to redownload any overlapping dependencies)
- apt-mark showmanual | xargs apt-mark auto > /dev/null; \
- apt-mark manual $savedAptMark; \
- \
- ls -lAFh; \
- _update_repo; \
- grep '^Package: ' Packages; \
- cd /; \
- ;; \
- esac; \
- \
- apt-get install -y --no-install-recommends postgresql-common; \
- sed -ri 's/#(create_main_cluster) .*$/\1 = false/' /etc/postgresql-common/createcluster.conf; \
- apt-get install -y --no-install-recommends \
- "postgresql-$PG_MAJOR=$PG_VERSION" \
- ; \
- \
- rm -rf /var/lib/apt/lists/*; \
- \
- if [ -n "$tempDir" ]; then \
-# if we have leftovers from building, let's purge them (including extra, unnecessary build deps)
- apt-get purge -y --auto-remove; \
- rm -rf "$tempDir" /etc/apt/sources.list.d/temp.list; \
- fi; \
- \
-# some of the steps above generate a lot of "*.pyc" files (and setting "PYTHONDONTWRITEBYTECODE" beforehand doesn't propagate properly for some reason), so we clean them up manually (as long as they aren't owned by a package)
- find /usr -name '*.pyc' -type f -exec bash -c 'for pyc; do dpkg -S "$pyc" &> /dev/null || rm -vf "$pyc"; done' -- '{}' +; \
- \
- postgres --version
-
-# make the sample config easier to munge (and "correct by default")
-RUN set -eux; \
- dpkg-divert --add --rename --divert "/usr/share/postgresql/postgresql.conf.sample.dpkg" "/usr/share/postgresql/$PG_MAJOR/postgresql.conf.sample"; \
- cp -v /usr/share/postgresql/postgresql.conf.sample.dpkg /usr/share/postgresql/postgresql.conf.sample; \
- ln -sv ../postgresql.conf.sample "/usr/share/postgresql/$PG_MAJOR/"; \
- sed -ri "s!^#?(listen_addresses)\s*=\s*\S+.*!\1 = '*'!" /usr/share/postgresql/postgresql.conf.sample; \
- grep -F "listen_addresses = '*'" /usr/share/postgresql/postgresql.conf.sample
-
-RUN mkdir -p /var/run/postgresql && chown -R postgres:postgres /var/run/postgresql && chmod 3777 /var/run/postgresql
-
-ENV PGDATA /var/lib/postgresql/data
-# this 1777 will be replaced by 0700 at runtime (allows semi-arbitrary "--user" values)
-RUN mkdir -p "$PGDATA" && chown -R postgres:postgres "$PGDATA" && chmod 1777 "$PGDATA"
-VOLUME /var/lib/postgresql/data
-
-COPY docker-entrypoint.sh /usr/local/bin/
-ENTRYPOINT ["docker-entrypoint.sh"]
-
-# We set the default STOPSIGNAL to SIGINT, which corresponds to what PostgreSQL
-# calls "Fast Shutdown mode" wherein new connections are disallowed and any
-# in-progress transactions are aborted, allowing PostgreSQL to stop cleanly and
-# flush tables to disk, which is the best compromise available to avoid data
-# corruption.
-#
-# Users who know their applications do not keep open long-lived idle connections
-# may way to use a value of SIGTERM instead, which corresponds to "Smart
-# Shutdown mode" in which any existing sessions are allowed to finish and the
-# server stops when all sessions are terminated.
-#
-# See https://www.postgresql.org/docs/12/server-shutdown.html for more details
-# about available PostgreSQL server shutdown signals.
-#
-# See also https://www.postgresql.org/docs/12/server-start.html for further
-# justification of this as the default value, namely that the example (and
-# shipped) systemd service files use the "Fast Shutdown mode" for service
-# termination.
-#
-STOPSIGNAL SIGINT
-#
-# An additional setting that is recommended for all users regardless of this
-# value is the runtime "--stop-timeout" (or your orchestrator/runtime's
-# equivalent) for controlling how long to wait between sending the defined
-# STOPSIGNAL and sending SIGKILL (which is likely to cause data corruption).
-#
-# The default in most runtimes (such as Docker) is 10 seconds, and the
-# documentation at https://www.postgresql.org/docs/12/server-start.html notes
-# that even 90 seconds may not be long enough in many instances.
-
-EXPOSE 5432
-CMD ["postgres"]
diff --git a/11/bullseye/docker-entrypoint.sh b/11/bullseye/docker-entrypoint.sh
deleted file mode 100755
index 0ae0ecf8c2..0000000000
--- a/11/bullseye/docker-entrypoint.sh
+++ /dev/null
@@ -1,351 +0,0 @@
-#!/usr/bin/env bash
-set -Eeo pipefail
-# TODO swap to -Eeuo pipefail above (after handling all potentially-unset variables)
-
-# usage: file_env VAR [DEFAULT]
-# ie: file_env 'XYZ_DB_PASSWORD' 'example'
-# (will allow for "$XYZ_DB_PASSWORD_FILE" to fill in the value of
-# "$XYZ_DB_PASSWORD" from a file, especially for Docker's secrets feature)
-file_env() {
- local var="$1"
- local fileVar="${var}_FILE"
- local def="${2:-}"
- if [ "${!var:-}" ] && [ "${!fileVar:-}" ]; then
- printf >&2 'error: both %s and %s are set (but are exclusive)\n' "$var" "$fileVar"
- exit 1
- fi
- local val="$def"
- if [ "${!var:-}" ]; then
- val="${!var}"
- elif [ "${!fileVar:-}" ]; then
- val="$(< "${!fileVar}")"
- fi
- export "$var"="$val"
- unset "$fileVar"
-}
-
-# check to see if this file is being run or sourced from another script
-_is_sourced() {
- # https://unix.stackexchange.com/a/215279
- [ "${#FUNCNAME[@]}" -ge 2 ] \
- && [ "${FUNCNAME[0]}" = '_is_sourced' ] \
- && [ "${FUNCNAME[1]}" = 'source' ]
-}
-
-# used to create initial postgres directories and if run as root, ensure ownership to the "postgres" user
-docker_create_db_directories() {
- local user; user="$(id -u)"
-
- mkdir -p "$PGDATA"
- # ignore failure since there are cases where we can't chmod (and PostgreSQL might fail later anyhow - it's picky about permissions of this directory)
- chmod 00700 "$PGDATA" || :
-
- # ignore failure since it will be fine when using the image provided directory; see also https://github.com/docker-library/postgres/pull/289
- mkdir -p /var/run/postgresql || :
- chmod 03775 /var/run/postgresql || :
-
- # Create the transaction log directory before initdb is run so the directory is owned by the correct user
- if [ -n "${POSTGRES_INITDB_WALDIR:-}" ]; then
- mkdir -p "$POSTGRES_INITDB_WALDIR"
- if [ "$user" = '0' ]; then
- find "$POSTGRES_INITDB_WALDIR" \! -user postgres -exec chown postgres '{}' +
- fi
- chmod 700 "$POSTGRES_INITDB_WALDIR"
- fi
-
- # allow the container to be started with `--user`
- if [ "$user" = '0' ]; then
- find "$PGDATA" \! -user postgres -exec chown postgres '{}' +
- find /var/run/postgresql \! -user postgres -exec chown postgres '{}' +
- fi
-}
-
-# initialize empty PGDATA directory with new database via 'initdb'
-# arguments to `initdb` can be passed via POSTGRES_INITDB_ARGS or as arguments to this function
-# `initdb` automatically creates the "postgres", "template0", and "template1" dbnames
-# this is also where the database user is created, specified by `POSTGRES_USER` env
-docker_init_database_dir() {
- # "initdb" is particular about the current user existing in "/etc/passwd", so we use "nss_wrapper" to fake that if necessary
- # see https://github.com/docker-library/postgres/pull/253, https://github.com/docker-library/postgres/issues/359, https://cwrap.org/nss_wrapper.html
- local uid; uid="$(id -u)"
- if ! getent passwd "$uid" &> /dev/null; then
- # see if we can find a suitable "libnss_wrapper.so" (https://salsa.debian.org/sssd-team/nss-wrapper/-/commit/b9925a653a54e24d09d9b498a2d913729f7abb15)
- local wrapper
- for wrapper in {/usr,}/lib{/*,}/libnss_wrapper.so; do
- if [ -s "$wrapper" ]; then
- NSS_WRAPPER_PASSWD="$(mktemp)"
- NSS_WRAPPER_GROUP="$(mktemp)"
- export LD_PRELOAD="$wrapper" NSS_WRAPPER_PASSWD NSS_WRAPPER_GROUP
- local gid; gid="$(id -g)"
- printf 'postgres:x:%s:%s:PostgreSQL:%s:/bin/false\n' "$uid" "$gid" "$PGDATA" > "$NSS_WRAPPER_PASSWD"
- printf 'postgres:x:%s:\n' "$gid" > "$NSS_WRAPPER_GROUP"
- break
- fi
- done
- fi
-
- if [ -n "${POSTGRES_INITDB_WALDIR:-}" ]; then
- set -- --waldir "$POSTGRES_INITDB_WALDIR" "$@"
- fi
-
- # --pwfile refuses to handle a properly-empty file (hence the "\n"): https://github.com/docker-library/postgres/issues/1025
- eval 'initdb --username="$POSTGRES_USER" --pwfile=<(printf "%s\n" "$POSTGRES_PASSWORD") '"$POSTGRES_INITDB_ARGS"' "$@"'
-
- # unset/cleanup "nss_wrapper" bits
- if [[ "${LD_PRELOAD:-}" == */libnss_wrapper.so ]]; then
- rm -f "$NSS_WRAPPER_PASSWD" "$NSS_WRAPPER_GROUP"
- unset LD_PRELOAD NSS_WRAPPER_PASSWD NSS_WRAPPER_GROUP
- fi
-}
-
-# print large warning if POSTGRES_PASSWORD is long
-# error if both POSTGRES_PASSWORD is empty and POSTGRES_HOST_AUTH_METHOD is not 'trust'
-# print large warning if POSTGRES_HOST_AUTH_METHOD is set to 'trust'
-# assumes database is not set up, ie: [ -z "$DATABASE_ALREADY_EXISTS" ]
-docker_verify_minimum_env() {
- # check password first so we can output the warning before postgres
- # messes it up
- if [ "${#POSTGRES_PASSWORD}" -ge 100 ]; then
- cat >&2 <<-'EOWARN'
-
- WARNING: The supplied POSTGRES_PASSWORD is 100+ characters.
-
- This will not work if used via PGPASSWORD with "psql".
-
- https://www.postgresql.org/message-id/flat/E1Rqxp2-0004Qt-PL%40wrigleys.postgresql.org (BUG #6412)
- https://github.com/docker-library/postgres/issues/507
-
- EOWARN
- fi
- if [ -z "$POSTGRES_PASSWORD" ] && [ 'trust' != "$POSTGRES_HOST_AUTH_METHOD" ]; then
- # The - option suppresses leading tabs but *not* spaces. :)
- cat >&2 <<-'EOE'
- Error: Database is uninitialized and superuser password is not specified.
- You must specify POSTGRES_PASSWORD to a non-empty value for the
- superuser. For example, "-e POSTGRES_PASSWORD=password" on "docker run".
-
- You may also use "POSTGRES_HOST_AUTH_METHOD=trust" to allow all
- connections without a password. This is *not* recommended.
-
- See PostgreSQL documentation about "trust":
- https://www.postgresql.org/docs/current/auth-trust.html
- EOE
- exit 1
- fi
- if [ 'trust' = "$POSTGRES_HOST_AUTH_METHOD" ]; then
- cat >&2 <<-'EOWARN'
- ********************************************************************************
- WARNING: POSTGRES_HOST_AUTH_METHOD has been set to "trust". This will allow
- anyone with access to the Postgres port to access your database without
- a password, even if POSTGRES_PASSWORD is set. See PostgreSQL
- documentation about "trust":
- https://www.postgresql.org/docs/current/auth-trust.html
- In Docker's default configuration, this is effectively any other
- container on the same system.
-
- It is not recommended to use POSTGRES_HOST_AUTH_METHOD=trust. Replace
- it with "-e POSTGRES_PASSWORD=password" instead to set a password in
- "docker run".
- ********************************************************************************
- EOWARN
- fi
-}
-
-# usage: docker_process_init_files [file [file [...]]]
-# ie: docker_process_init_files /always-initdb.d/*
-# process initializer files, based on file extensions and permissions
-docker_process_init_files() {
- # psql here for backwards compatibility "${psql[@]}"
- psql=( docker_process_sql )
-
- printf '\n'
- local f
- for f; do
- case "$f" in
- *.sh)
- # https://github.com/docker-library/postgres/issues/450#issuecomment-393167936
- # https://github.com/docker-library/postgres/pull/452
- if [ -x "$f" ]; then
- printf '%s: running %s\n' "$0" "$f"
- "$f"
- else
- printf '%s: sourcing %s\n' "$0" "$f"
- . "$f"
- fi
- ;;
- *.sql) printf '%s: running %s\n' "$0" "$f"; docker_process_sql -f "$f"; printf '\n' ;;
- *.sql.gz) printf '%s: running %s\n' "$0" "$f"; gunzip -c "$f" | docker_process_sql; printf '\n' ;;
- *.sql.xz) printf '%s: running %s\n' "$0" "$f"; xzcat "$f" | docker_process_sql; printf '\n' ;;
- *.sql.zst) printf '%s: running %s\n' "$0" "$f"; zstd -dc "$f" | docker_process_sql; printf '\n' ;;
- *) printf '%s: ignoring %s\n' "$0" "$f" ;;
- esac
- printf '\n'
- done
-}
-
-# Execute sql script, passed via stdin (or -f flag of pqsl)
-# usage: docker_process_sql [psql-cli-args]
-# ie: docker_process_sql --dbname=mydb <<<'INSERT ...'
-# ie: docker_process_sql -f my-file.sql
-# ie: docker_process_sql <my-file.sql
-docker_process_sql() {
- local query_runner=( psql -v ON_ERROR_STOP=1 --username "$POSTGRES_USER" --no-password --no-psqlrc )
- if [ -n "$POSTGRES_DB" ]; then
- query_runner+=( --dbname "$POSTGRES_DB" )
- fi
-
- PGHOST= PGHOSTADDR= "${query_runner[@]}" "$@"
-}
-
-# create initial database
-# uses environment variables for input: POSTGRES_DB
-docker_setup_db() {
- local dbAlreadyExists
- dbAlreadyExists="$(
- POSTGRES_DB= docker_process_sql --dbname postgres --set db="$POSTGRES_DB" --tuples-only <<-'EOSQL'
- SELECT 1 FROM pg_database WHERE datname = :'db' ;
- EOSQL
- )"
- if [ -z "$dbAlreadyExists" ]; then
- POSTGRES_DB= docker_process_sql --dbname postgres --set db="$POSTGRES_DB" <<-'EOSQL'
- CREATE DATABASE :"db" ;
- EOSQL
- printf '\n'
- fi
-}
-
-# Loads various settings that are used elsewhere in the script
-# This should be called before any other functions
-docker_setup_env() {
- file_env 'POSTGRES_PASSWORD'
-
- file_env 'POSTGRES_USER' 'postgres'
- file_env 'POSTGRES_DB' "$POSTGRES_USER"
- file_env 'POSTGRES_INITDB_ARGS'
- : "${POSTGRES_HOST_AUTH_METHOD:=}"
-
- declare -g DATABASE_ALREADY_EXISTS
- # look specifically for PG_VERSION, as it is expected in the DB dir
- if [ -s "$PGDATA/PG_VERSION" ]; then
- DATABASE_ALREADY_EXISTS='true'
- fi
-}
-
-# append POSTGRES_HOST_AUTH_METHOD to pg_hba.conf for "host" connections
-# all arguments will be passed along as arguments to `postgres` for getting the value of 'password_encryption'
-pg_setup_hba_conf() {
- # default authentication method is md5 on versions before 14
- # https://www.postgresql.org/about/news/postgresql-14-released-2318/
- if [ "$1" = 'postgres' ]; then
- shift
- fi
- local auth
- # check the default/configured encryption and use that as the auth method
- auth="$(postgres -C password_encryption "$@")"
- : "${POSTGRES_HOST_AUTH_METHOD:=$auth}"
- {
- printf '\n'
- if [ 'trust' = "$POSTGRES_HOST_AUTH_METHOD" ]; then
- printf '# warning trust is enabled for all connections\n'
- printf '# see https://www.postgresql.org/docs/12/auth-trust.html\n'
- fi
- printf 'host all all all %s\n' "$POSTGRES_HOST_AUTH_METHOD"
- } >> "$PGDATA/pg_hba.conf"
-}
-
-# start socket-only postgresql server for setting up or running scripts
-# all arguments will be passed along as arguments to `postgres` (via pg_ctl)
-docker_temp_server_start() {
- if [ "$1" = 'postgres' ]; then
- shift
- fi
-
- # internal start of server in order to allow setup using psql client
- # does not listen on external TCP/IP and waits until start finishes
- set -- "$@" -c listen_addresses='' -p "${PGPORT:-5432}"
-
- PGUSER="${PGUSER:-$POSTGRES_USER}" \
- pg_ctl -D "$PGDATA" \
- -o "$(printf '%q ' "$@")" \
- -w start
-}
-
-# stop postgresql server after done setting up user and running scripts
-docker_temp_server_stop() {
- PGUSER="${PGUSER:-postgres}" \
- pg_ctl -D "$PGDATA" -m fast -w stop
-}
-
-# check arguments for an option that would cause postgres to stop
-# return true if there is one
-_pg_want_help() {
- local arg
- for arg; do
- case "$arg" in
- # postgres --help | grep 'then exit'
- # leaving out -C on purpose since it always fails and is unhelpful:
- # postgres: could not access the server configuration file "/var/lib/postgresql/data/postgresql.conf": No such file or directory
- -'?'|--help|--describe-config|-V|--version)
- return 0
- ;;
- esac
- done
- return 1
-}
-
-_main() {
- # if first arg looks like a flag, assume we want to run postgres server
- if [ "${1:0:1}" = '-' ]; then
- set -- postgres "$@"
- fi
-
- if [ "$1" = 'postgres' ] && ! _pg_want_help "$@"; then
- docker_setup_env
- # setup data directories and permissions (when run as root)
- docker_create_db_directories
- if [ "$(id -u)" = '0' ]; then
- # then restart script as postgres user
- exec gosu postgres "$BASH_SOURCE" "$@"
- fi
-
- # only run initialization on an empty data directory
- if [ -z "$DATABASE_ALREADY_EXISTS" ]; then
- docker_verify_minimum_env
-
- # check dir permissions to reduce likelihood of half-initialized database
- ls /docker-entrypoint-initdb.d/ > /dev/null
-
- docker_init_database_dir
- pg_setup_hba_conf "$@"
-
- # PGPASSWORD is required for psql when authentication is required for 'local' connections via pg_hba.conf and is otherwise harmless
- # e.g. when '--auth=md5' or '--auth-local=md5' is used in POSTGRES_INITDB_ARGS
- export PGPASSWORD="${PGPASSWORD:-$POSTGRES_PASSWORD}"
- docker_temp_server_start "$@"
-
- docker_setup_db
- docker_process_init_files /docker-entrypoint-initdb.d/*
-
- docker_temp_server_stop
- unset PGPASSWORD
-
- cat <<-'EOM'
-
- PostgreSQL init process complete; ready for start up.
-
- EOM
- else
- cat <<-'EOM'
-
- PostgreSQL Database directory appears to contain a database; Skipping initialization
-
- EOM
- fi
- fi
-
- exec "$@"
-}
-
-if ! _is_sourced; then
- _main "$@"
-fi
diff --git a/versions.json b/versions.json
index cb4d0f2acd..f252bb90a5 100644
--- a/versions.json
+++ b/versions.json
@@ -1,35 +1,4 @@
{
- "11": {
- "alpine": "3.19",
- "bookworm": {
- "arches": [
- "amd64",
- "arm64",
- "ppc64el",
- "s390x"
- ],
- "version": "11.22-1.pgdg120+1"
- },
- "bullseye": {
- "arches": [
- "amd64",
- "arm64",
- "ppc64el",
- "s390x"
- ],
- "version": "11.22-1.pgdg110+1"
- },
- "debian": "",
- "major": 11,
- "sha256": "2cb7c97d7a0d7278851bbc9c61f467b69c094c72b81740b751108e7892ebe1f0",
- "variants": [
- "bookworm",
- "bullseye",
- "alpine3.19",
- "alpine3.18"
- ],
- "version": "11.22"
- },
"12": {
"alpine": "3.19",
"bookworm": {
diff --git a/versions.sh b/versions.sh
index 50285beefb..b50f99ed38 100755
--- a/versions.sh
+++ b/versions.sh
@@ -12,7 +12,6 @@ supportedAlpineVersions=(
)
defaultDebianSuite="${supportedDebianSuites[0]}"
declare -A debianSuites=(
- [11]='' # https://github.com/docker-library/postgres/issues/582 😬
)
defaultAlpineVersion="${supportedAlpineVersions[0]}"
declare -A alpineVersions=(
@@ -81,7 +80,7 @@ for version in "${versions[@]}"; do
export version
versionAlpineVersion="${alpineVersions[$version]:-$defaultAlpineVersion}"
- versionDebianSuite="${debianSuites[$version]-$defaultDebianSuite}" # intentionally missing ":" so it can be empty (again, https://github.com/docker-library/postgres/issues/582 ðŸ˜)
+ versionDebianSuite="${debianSuites[$version]:-$defaultDebianSuite}"
export versionAlpineVersion versionDebianSuite
doc="$(jq -nc '{
From c86568af4a6861cb30b8f1b736b0868a3129bdd6 Mon Sep 17 00:00:00 2001
From: Tianon Gravi <admwiggin@gmail.com>
Date: Wed, 29 Nov 2023 15:50:55 -0800
Subject: [PATCH 039/115] Add new "docker-ensure-initdb.sh" script
This mimics the behavior of `docker-entrypoint.sh` before it starts the PostgreSQL server.
It has three main goals/uses:
1. (most importantly) as an example of how to use "docker-entrypoint.sh" to extend/reuse the initialization behavior
2. ("docker-ensure-initdb.sh") as a Kubernetes "init container" to ensure the provided database directory is initialized; see also "startup probes" for an alternative solution
(no-op if database is already initialized)
3. ("docker-enforce-initdb.sh") as part of CI to ensure the database is fully initialized before use
(error if database is already initialized)
---
.gitattributes | 7 +--
12/alpine3.18/Dockerfile | 3 +-
12/alpine3.18/docker-ensure-initdb.sh | 71 +++++++++++++++++++++++++++
12/alpine3.18/docker-entrypoint.sh | 1 +
12/alpine3.19/Dockerfile | 3 +-
12/alpine3.19/docker-ensure-initdb.sh | 71 +++++++++++++++++++++++++++
12/alpine3.19/docker-entrypoint.sh | 1 +
12/bookworm/Dockerfile | 3 +-
12/bookworm/docker-ensure-initdb.sh | 71 +++++++++++++++++++++++++++
12/bookworm/docker-entrypoint.sh | 1 +
12/bullseye/Dockerfile | 3 +-
12/bullseye/docker-ensure-initdb.sh | 71 +++++++++++++++++++++++++++
12/bullseye/docker-entrypoint.sh | 1 +
13/alpine3.18/Dockerfile | 3 +-
13/alpine3.18/docker-ensure-initdb.sh | 71 +++++++++++++++++++++++++++
13/alpine3.18/docker-entrypoint.sh | 1 +
13/alpine3.19/Dockerfile | 3 +-
13/alpine3.19/docker-ensure-initdb.sh | 71 +++++++++++++++++++++++++++
13/alpine3.19/docker-entrypoint.sh | 1 +
13/bookworm/Dockerfile | 3 +-
13/bookworm/docker-ensure-initdb.sh | 71 +++++++++++++++++++++++++++
13/bookworm/docker-entrypoint.sh | 1 +
13/bullseye/Dockerfile | 3 +-
13/bullseye/docker-ensure-initdb.sh | 71 +++++++++++++++++++++++++++
13/bullseye/docker-entrypoint.sh | 1 +
14/alpine3.18/Dockerfile | 3 +-
14/alpine3.18/docker-ensure-initdb.sh | 71 +++++++++++++++++++++++++++
14/alpine3.18/docker-entrypoint.sh | 1 +
14/alpine3.19/Dockerfile | 3 +-
14/alpine3.19/docker-ensure-initdb.sh | 71 +++++++++++++++++++++++++++
14/alpine3.19/docker-entrypoint.sh | 1 +
14/bookworm/Dockerfile | 3 +-
14/bookworm/docker-ensure-initdb.sh | 71 +++++++++++++++++++++++++++
14/bookworm/docker-entrypoint.sh | 1 +
14/bullseye/Dockerfile | 3 +-
14/bullseye/docker-ensure-initdb.sh | 71 +++++++++++++++++++++++++++
14/bullseye/docker-entrypoint.sh | 1 +
15/alpine3.18/Dockerfile | 3 +-
15/alpine3.18/docker-ensure-initdb.sh | 71 +++++++++++++++++++++++++++
15/alpine3.18/docker-entrypoint.sh | 1 +
15/alpine3.19/Dockerfile | 3 +-
15/alpine3.19/docker-ensure-initdb.sh | 71 +++++++++++++++++++++++++++
15/alpine3.19/docker-entrypoint.sh | 1 +
15/bookworm/Dockerfile | 3 +-
15/bookworm/docker-ensure-initdb.sh | 71 +++++++++++++++++++++++++++
15/bookworm/docker-entrypoint.sh | 1 +
15/bullseye/Dockerfile | 3 +-
15/bullseye/docker-ensure-initdb.sh | 71 +++++++++++++++++++++++++++
15/bullseye/docker-entrypoint.sh | 1 +
16/alpine3.18/Dockerfile | 3 +-
16/alpine3.18/docker-ensure-initdb.sh | 71 +++++++++++++++++++++++++++
16/alpine3.18/docker-entrypoint.sh | 1 +
16/alpine3.19/Dockerfile | 3 +-
16/alpine3.19/docker-ensure-initdb.sh | 71 +++++++++++++++++++++++++++
16/alpine3.19/docker-entrypoint.sh | 1 +
16/bookworm/Dockerfile | 3 +-
16/bookworm/docker-ensure-initdb.sh | 71 +++++++++++++++++++++++++++
16/bookworm/docker-entrypoint.sh | 1 +
16/bullseye/Dockerfile | 3 +-
16/bullseye/docker-ensure-initdb.sh | 71 +++++++++++++++++++++++++++
16/bullseye/docker-entrypoint.sh | 1 +
Dockerfile-alpine.template | 3 +-
Dockerfile-debian.template | 3 +-
apply-templates.sh | 4 +-
docker-ensure-initdb.sh | 71 +++++++++++++++++++++++++++
docker-entrypoint.sh | 1 +
66 files changed, 1562 insertions(+), 27 deletions(-)
create mode 100755 12/alpine3.18/docker-ensure-initdb.sh
create mode 100755 12/alpine3.19/docker-ensure-initdb.sh
create mode 100755 12/bookworm/docker-ensure-initdb.sh
create mode 100755 12/bullseye/docker-ensure-initdb.sh
create mode 100755 13/alpine3.18/docker-ensure-initdb.sh
create mode 100755 13/alpine3.19/docker-ensure-initdb.sh
create mode 100755 13/bookworm/docker-ensure-initdb.sh
create mode 100755 13/bullseye/docker-ensure-initdb.sh
create mode 100755 14/alpine3.18/docker-ensure-initdb.sh
create mode 100755 14/alpine3.19/docker-ensure-initdb.sh
create mode 100755 14/bookworm/docker-ensure-initdb.sh
create mode 100755 14/bullseye/docker-ensure-initdb.sh
create mode 100755 15/alpine3.18/docker-ensure-initdb.sh
create mode 100755 15/alpine3.19/docker-ensure-initdb.sh
create mode 100755 15/bookworm/docker-ensure-initdb.sh
create mode 100755 15/bullseye/docker-ensure-initdb.sh
create mode 100755 16/alpine3.18/docker-ensure-initdb.sh
create mode 100755 16/alpine3.19/docker-ensure-initdb.sh
create mode 100755 16/bookworm/docker-ensure-initdb.sh
create mode 100755 16/bullseye/docker-ensure-initdb.sh
create mode 100755 docker-ensure-initdb.sh
diff --git a/.gitattributes b/.gitattributes
index 14a112269e..4d1ee06a43 100644
--- a/.gitattributes
+++ b/.gitattributes
@@ -1,3 +1,4 @@
-/*/**/Dockerfile linguist-generated
-/*/**/docker-entrypoint.sh linguist-generated
-/Dockerfile*.template linguist-language=Dockerfile
+/*/**/Dockerfile linguist-generated
+/*/**/docker-ensure-initdb.sh linguist-generated
+/*/**/docker-entrypoint.sh linguist-generated
+/Dockerfile*.template linguist-language=Dockerfile
diff --git a/12/alpine3.18/Dockerfile b/12/alpine3.18/Dockerfile
index fde4049703..3e001b1aa2 100644
--- a/12/alpine3.18/Dockerfile
+++ b/12/alpine3.18/Dockerfile
@@ -169,7 +169,8 @@ ENV PGDATA /var/lib/postgresql/data
RUN mkdir -p "$PGDATA" && chown -R postgres:postgres "$PGDATA" && chmod 1777 "$PGDATA"
VOLUME /var/lib/postgresql/data
-COPY docker-entrypoint.sh /usr/local/bin/
+COPY docker-entrypoint.sh docker-ensure-initdb.sh /usr/local/bin/
+RUN ln -sT docker-ensure-initdb.sh /usr/local/bin/docker-enforce-initdb.sh
ENTRYPOINT ["docker-entrypoint.sh"]
# We set the default STOPSIGNAL to SIGINT, which corresponds to what PostgreSQL
diff --git a/12/alpine3.18/docker-ensure-initdb.sh b/12/alpine3.18/docker-ensure-initdb.sh
new file mode 100755
index 0000000000..2a9758656e
--- /dev/null
+++ b/12/alpine3.18/docker-ensure-initdb.sh
@@ -0,0 +1,71 @@
+#!/usr/bin/env bash
+set -Eeuo pipefail
+
+#
+# This script is intended for three main use cases:
+#
+# 1. (most importantly) as an example of how to use "docker-entrypoint.sh" to extend/reuse the initialization behavior
+#
+# 2. ("docker-ensure-initdb.sh") as a Kubernetes "init container" to ensure the provided database directory is initialized; see also "startup probes" for an alternative solution
+# (no-op if database is already initialized)
+#
+# 3. ("docker-enforce-initdb.sh") as part of CI to ensure the database is fully initialized before use
+# (error if database is already initialized)
+#
+
+source /usr/local/bin/docker-entrypoint.sh
+
+# arguments to this script are assumed to be arguments to the "postgres" server (same as "docker-entrypoint.sh"), and most "docker-entrypoint.sh" functions assume "postgres" is the first argument (see "_main" over there)
+if [ "$#" -eq 0 ] || [ "$1" != 'postgres' ]; then
+ set -- postgres "$@"
+fi
+
+# see also "_main" in "docker-entrypoint.sh"
+
+docker_setup_env
+# setup data directories and permissions (when run as root)
+docker_create_db_directories
+if [ "$(id -u)" = '0' ]; then
+ # then restart script as postgres user
+ exec su-exec postgres "$BASH_SOURCE" "$@"
+fi
+
+# only run initialization on an empty data directory
+if [ -z "$DATABASE_ALREADY_EXISTS" ]; then
+ docker_verify_minimum_env
+
+ # check dir permissions to reduce likelihood of half-initialized database
+ ls /docker-entrypoint-initdb.d/ > /dev/null
+
+ docker_init_database_dir
+ pg_setup_hba_conf "$@"
+
+ # PGPASSWORD is required for psql when authentication is required for 'local' connections via pg_hba.conf and is otherwise harmless
+ # e.g. when '--auth=md5' or '--auth-local=md5' is used in POSTGRES_INITDB_ARGS
+ export PGPASSWORD="${PGPASSWORD:-$POSTGRES_PASSWORD}"
+ docker_temp_server_start "$@"
+
+ docker_setup_db
+ docker_process_init_files /docker-entrypoint-initdb.d/*
+
+ docker_temp_server_stop
+ unset PGPASSWORD
+else
+ self="$(basename "$0")"
+ case "$self" in
+ docker-ensure-initdb.sh)
+ echo >&2 "$self: note: database already initialized in '$PGDATA'!"
+ exit 0
+ ;;
+
+ docker-enforce-initdb.sh)
+ echo >&2 "$self: error: (unexpected) database found in '$PGDATA'!"
+ exit 1
+ ;;
+
+ *)
+ echo >&2 "$self: error: unknown file name: $self"
+ exit 99
+ ;;
+ esac
+fi
diff --git a/12/alpine3.18/docker-entrypoint.sh b/12/alpine3.18/docker-entrypoint.sh
index a383a36487..151d75ef96 100755
--- a/12/alpine3.18/docker-entrypoint.sh
+++ b/12/alpine3.18/docker-entrypoint.sh
@@ -225,6 +225,7 @@ docker_setup_env() {
: "${POSTGRES_HOST_AUTH_METHOD:=}"
declare -g DATABASE_ALREADY_EXISTS
+ : "${DATABASE_ALREADY_EXISTS:=}"
# look specifically for PG_VERSION, as it is expected in the DB dir
if [ -s "$PGDATA/PG_VERSION" ]; then
DATABASE_ALREADY_EXISTS='true'
diff --git a/12/alpine3.19/Dockerfile b/12/alpine3.19/Dockerfile
index 6f3347c0ff..05b1be0566 100644
--- a/12/alpine3.19/Dockerfile
+++ b/12/alpine3.19/Dockerfile
@@ -169,7 +169,8 @@ ENV PGDATA /var/lib/postgresql/data
RUN mkdir -p "$PGDATA" && chown -R postgres:postgres "$PGDATA" && chmod 1777 "$PGDATA"
VOLUME /var/lib/postgresql/data
-COPY docker-entrypoint.sh /usr/local/bin/
+COPY docker-entrypoint.sh docker-ensure-initdb.sh /usr/local/bin/
+RUN ln -sT docker-ensure-initdb.sh /usr/local/bin/docker-enforce-initdb.sh
ENTRYPOINT ["docker-entrypoint.sh"]
# We set the default STOPSIGNAL to SIGINT, which corresponds to what PostgreSQL
diff --git a/12/alpine3.19/docker-ensure-initdb.sh b/12/alpine3.19/docker-ensure-initdb.sh
new file mode 100755
index 0000000000..2a9758656e
--- /dev/null
+++ b/12/alpine3.19/docker-ensure-initdb.sh
@@ -0,0 +1,71 @@
+#!/usr/bin/env bash
+set -Eeuo pipefail
+
+#
+# This script is intended for three main use cases:
+#
+# 1. (most importantly) as an example of how to use "docker-entrypoint.sh" to extend/reuse the initialization behavior
+#
+# 2. ("docker-ensure-initdb.sh") as a Kubernetes "init container" to ensure the provided database directory is initialized; see also "startup probes" for an alternative solution
+# (no-op if database is already initialized)
+#
+# 3. ("docker-enforce-initdb.sh") as part of CI to ensure the database is fully initialized before use
+# (error if database is already initialized)
+#
+
+source /usr/local/bin/docker-entrypoint.sh
+
+# arguments to this script are assumed to be arguments to the "postgres" server (same as "docker-entrypoint.sh"), and most "docker-entrypoint.sh" functions assume "postgres" is the first argument (see "_main" over there)
+if [ "$#" -eq 0 ] || [ "$1" != 'postgres' ]; then
+ set -- postgres "$@"
+fi
+
+# see also "_main" in "docker-entrypoint.sh"
+
+docker_setup_env
+# setup data directories and permissions (when run as root)
+docker_create_db_directories
+if [ "$(id -u)" = '0' ]; then
+ # then restart script as postgres user
+ exec su-exec postgres "$BASH_SOURCE" "$@"
+fi
+
+# only run initialization on an empty data directory
+if [ -z "$DATABASE_ALREADY_EXISTS" ]; then
+ docker_verify_minimum_env
+
+ # check dir permissions to reduce likelihood of half-initialized database
+ ls /docker-entrypoint-initdb.d/ > /dev/null
+
+ docker_init_database_dir
+ pg_setup_hba_conf "$@"
+
+ # PGPASSWORD is required for psql when authentication is required for 'local' connections via pg_hba.conf and is otherwise harmless
+ # e.g. when '--auth=md5' or '--auth-local=md5' is used in POSTGRES_INITDB_ARGS
+ export PGPASSWORD="${PGPASSWORD:-$POSTGRES_PASSWORD}"
+ docker_temp_server_start "$@"
+
+ docker_setup_db
+ docker_process_init_files /docker-entrypoint-initdb.d/*
+
+ docker_temp_server_stop
+ unset PGPASSWORD
+else
+ self="$(basename "$0")"
+ case "$self" in
+ docker-ensure-initdb.sh)
+ echo >&2 "$self: note: database already initialized in '$PGDATA'!"
+ exit 0
+ ;;
+
+ docker-enforce-initdb.sh)
+ echo >&2 "$self: error: (unexpected) database found in '$PGDATA'!"
+ exit 1
+ ;;
+
+ *)
+ echo >&2 "$self: error: unknown file name: $self"
+ exit 99
+ ;;
+ esac
+fi
diff --git a/12/alpine3.19/docker-entrypoint.sh b/12/alpine3.19/docker-entrypoint.sh
index a383a36487..151d75ef96 100755
--- a/12/alpine3.19/docker-entrypoint.sh
+++ b/12/alpine3.19/docker-entrypoint.sh
@@ -225,6 +225,7 @@ docker_setup_env() {
: "${POSTGRES_HOST_AUTH_METHOD:=}"
declare -g DATABASE_ALREADY_EXISTS
+ : "${DATABASE_ALREADY_EXISTS:=}"
# look specifically for PG_VERSION, as it is expected in the DB dir
if [ -s "$PGDATA/PG_VERSION" ]; then
DATABASE_ALREADY_EXISTS='true'
diff --git a/12/bookworm/Dockerfile b/12/bookworm/Dockerfile
index 165a9666bf..647dc8dc43 100644
--- a/12/bookworm/Dockerfile
+++ b/12/bookworm/Dockerfile
@@ -184,7 +184,8 @@ ENV PGDATA /var/lib/postgresql/data
RUN mkdir -p "$PGDATA" && chown -R postgres:postgres "$PGDATA" && chmod 1777 "$PGDATA"
VOLUME /var/lib/postgresql/data
-COPY docker-entrypoint.sh /usr/local/bin/
+COPY docker-entrypoint.sh docker-ensure-initdb.sh /usr/local/bin/
+RUN ln -sT docker-ensure-initdb.sh /usr/local/bin/docker-enforce-initdb.sh
ENTRYPOINT ["docker-entrypoint.sh"]
# We set the default STOPSIGNAL to SIGINT, which corresponds to what PostgreSQL
diff --git a/12/bookworm/docker-ensure-initdb.sh b/12/bookworm/docker-ensure-initdb.sh
new file mode 100755
index 0000000000..ae1f6b6b90
--- /dev/null
+++ b/12/bookworm/docker-ensure-initdb.sh
@@ -0,0 +1,71 @@
+#!/usr/bin/env bash
+set -Eeuo pipefail
+
+#
+# This script is intended for three main use cases:
+#
+# 1. (most importantly) as an example of how to use "docker-entrypoint.sh" to extend/reuse the initialization behavior
+#
+# 2. ("docker-ensure-initdb.sh") as a Kubernetes "init container" to ensure the provided database directory is initialized; see also "startup probes" for an alternative solution
+# (no-op if database is already initialized)
+#
+# 3. ("docker-enforce-initdb.sh") as part of CI to ensure the database is fully initialized before use
+# (error if database is already initialized)
+#
+
+source /usr/local/bin/docker-entrypoint.sh
+
+# arguments to this script are assumed to be arguments to the "postgres" server (same as "docker-entrypoint.sh"), and most "docker-entrypoint.sh" functions assume "postgres" is the first argument (see "_main" over there)
+if [ "$#" -eq 0 ] || [ "$1" != 'postgres' ]; then
+ set -- postgres "$@"
+fi
+
+# see also "_main" in "docker-entrypoint.sh"
+
+docker_setup_env
+# setup data directories and permissions (when run as root)
+docker_create_db_directories
+if [ "$(id -u)" = '0' ]; then
+ # then restart script as postgres user
+ exec gosu postgres "$BASH_SOURCE" "$@"
+fi
+
+# only run initialization on an empty data directory
+if [ -z "$DATABASE_ALREADY_EXISTS" ]; then
+ docker_verify_minimum_env
+
+ # check dir permissions to reduce likelihood of half-initialized database
+ ls /docker-entrypoint-initdb.d/ > /dev/null
+
+ docker_init_database_dir
+ pg_setup_hba_conf "$@"
+
+ # PGPASSWORD is required for psql when authentication is required for 'local' connections via pg_hba.conf and is otherwise harmless
+ # e.g. when '--auth=md5' or '--auth-local=md5' is used in POSTGRES_INITDB_ARGS
+ export PGPASSWORD="${PGPASSWORD:-$POSTGRES_PASSWORD}"
+ docker_temp_server_start "$@"
+
+ docker_setup_db
+ docker_process_init_files /docker-entrypoint-initdb.d/*
+
+ docker_temp_server_stop
+ unset PGPASSWORD
+else
+ self="$(basename "$0")"
+ case "$self" in
+ docker-ensure-initdb.sh)
+ echo >&2 "$self: note: database already initialized in '$PGDATA'!"
+ exit 0
+ ;;
+
+ docker-enforce-initdb.sh)
+ echo >&2 "$self: error: (unexpected) database found in '$PGDATA'!"
+ exit 1
+ ;;
+
+ *)
+ echo >&2 "$self: error: unknown file name: $self"
+ exit 99
+ ;;
+ esac
+fi
diff --git a/12/bookworm/docker-entrypoint.sh b/12/bookworm/docker-entrypoint.sh
index 0ae0ecf8c2..6d197bc01f 100755
--- a/12/bookworm/docker-entrypoint.sh
+++ b/12/bookworm/docker-entrypoint.sh
@@ -225,6 +225,7 @@ docker_setup_env() {
: "${POSTGRES_HOST_AUTH_METHOD:=}"
declare -g DATABASE_ALREADY_EXISTS
+ : "${DATABASE_ALREADY_EXISTS:=}"
# look specifically for PG_VERSION, as it is expected in the DB dir
if [ -s "$PGDATA/PG_VERSION" ]; then
DATABASE_ALREADY_EXISTS='true'
diff --git a/12/bullseye/Dockerfile b/12/bullseye/Dockerfile
index 6a6dd9ee59..82386336a2 100644
--- a/12/bullseye/Dockerfile
+++ b/12/bullseye/Dockerfile
@@ -184,7 +184,8 @@ ENV PGDATA /var/lib/postgresql/data
RUN mkdir -p "$PGDATA" && chown -R postgres:postgres "$PGDATA" && chmod 1777 "$PGDATA"
VOLUME /var/lib/postgresql/data
-COPY docker-entrypoint.sh /usr/local/bin/
+COPY docker-entrypoint.sh docker-ensure-initdb.sh /usr/local/bin/
+RUN ln -sT docker-ensure-initdb.sh /usr/local/bin/docker-enforce-initdb.sh
ENTRYPOINT ["docker-entrypoint.sh"]
# We set the default STOPSIGNAL to SIGINT, which corresponds to what PostgreSQL
diff --git a/12/bullseye/docker-ensure-initdb.sh b/12/bullseye/docker-ensure-initdb.sh
new file mode 100755
index 0000000000..ae1f6b6b90
--- /dev/null
+++ b/12/bullseye/docker-ensure-initdb.sh
@@ -0,0 +1,71 @@
+#!/usr/bin/env bash
+set -Eeuo pipefail
+
+#
+# This script is intended for three main use cases:
+#
+# 1. (most importantly) as an example of how to use "docker-entrypoint.sh" to extend/reuse the initialization behavior
+#
+# 2. ("docker-ensure-initdb.sh") as a Kubernetes "init container" to ensure the provided database directory is initialized; see also "startup probes" for an alternative solution
+# (no-op if database is already initialized)
+#
+# 3. ("docker-enforce-initdb.sh") as part of CI to ensure the database is fully initialized before use
+# (error if database is already initialized)
+#
+
+source /usr/local/bin/docker-entrypoint.sh
+
+# arguments to this script are assumed to be arguments to the "postgres" server (same as "docker-entrypoint.sh"), and most "docker-entrypoint.sh" functions assume "postgres" is the first argument (see "_main" over there)
+if [ "$#" -eq 0 ] || [ "$1" != 'postgres' ]; then
+ set -- postgres "$@"
+fi
+
+# see also "_main" in "docker-entrypoint.sh"
+
+docker_setup_env
+# setup data directories and permissions (when run as root)
+docker_create_db_directories
+if [ "$(id -u)" = '0' ]; then
+ # then restart script as postgres user
+ exec gosu postgres "$BASH_SOURCE" "$@"
+fi
+
+# only run initialization on an empty data directory
+if [ -z "$DATABASE_ALREADY_EXISTS" ]; then
+ docker_verify_minimum_env
+
+ # check dir permissions to reduce likelihood of half-initialized database
+ ls /docker-entrypoint-initdb.d/ > /dev/null
+
+ docker_init_database_dir
+ pg_setup_hba_conf "$@"
+
+ # PGPASSWORD is required for psql when authentication is required for 'local' connections via pg_hba.conf and is otherwise harmless
+ # e.g. when '--auth=md5' or '--auth-local=md5' is used in POSTGRES_INITDB_ARGS
+ export PGPASSWORD="${PGPASSWORD:-$POSTGRES_PASSWORD}"
+ docker_temp_server_start "$@"
+
+ docker_setup_db
+ docker_process_init_files /docker-entrypoint-initdb.d/*
+
+ docker_temp_server_stop
+ unset PGPASSWORD
+else
+ self="$(basename "$0")"
+ case "$self" in
+ docker-ensure-initdb.sh)
+ echo >&2 "$self: note: database already initialized in '$PGDATA'!"
+ exit 0
+ ;;
+
+ docker-enforce-initdb.sh)
+ echo >&2 "$self: error: (unexpected) database found in '$PGDATA'!"
+ exit 1
+ ;;
+
+ *)
+ echo >&2 "$self: error: unknown file name: $self"
+ exit 99
+ ;;
+ esac
+fi
diff --git a/12/bullseye/docker-entrypoint.sh b/12/bullseye/docker-entrypoint.sh
index 0ae0ecf8c2..6d197bc01f 100755
--- a/12/bullseye/docker-entrypoint.sh
+++ b/12/bullseye/docker-entrypoint.sh
@@ -225,6 +225,7 @@ docker_setup_env() {
: "${POSTGRES_HOST_AUTH_METHOD:=}"
declare -g DATABASE_ALREADY_EXISTS
+ : "${DATABASE_ALREADY_EXISTS:=}"
# look specifically for PG_VERSION, as it is expected in the DB dir
if [ -s "$PGDATA/PG_VERSION" ]; then
DATABASE_ALREADY_EXISTS='true'
diff --git a/13/alpine3.18/Dockerfile b/13/alpine3.18/Dockerfile
index cd9936c4c4..22fbdc8ed4 100644
--- a/13/alpine3.18/Dockerfile
+++ b/13/alpine3.18/Dockerfile
@@ -169,7 +169,8 @@ ENV PGDATA /var/lib/postgresql/data
RUN mkdir -p "$PGDATA" && chown -R postgres:postgres "$PGDATA" && chmod 1777 "$PGDATA"
VOLUME /var/lib/postgresql/data
-COPY docker-entrypoint.sh /usr/local/bin/
+COPY docker-entrypoint.sh docker-ensure-initdb.sh /usr/local/bin/
+RUN ln -sT docker-ensure-initdb.sh /usr/local/bin/docker-enforce-initdb.sh
ENTRYPOINT ["docker-entrypoint.sh"]
# We set the default STOPSIGNAL to SIGINT, which corresponds to what PostgreSQL
diff --git a/13/alpine3.18/docker-ensure-initdb.sh b/13/alpine3.18/docker-ensure-initdb.sh
new file mode 100755
index 0000000000..2a9758656e
--- /dev/null
+++ b/13/alpine3.18/docker-ensure-initdb.sh
@@ -0,0 +1,71 @@
+#!/usr/bin/env bash
+set -Eeuo pipefail
+
+#
+# This script is intended for three main use cases:
+#
+# 1. (most importantly) as an example of how to use "docker-entrypoint.sh" to extend/reuse the initialization behavior
+#
+# 2. ("docker-ensure-initdb.sh") as a Kubernetes "init container" to ensure the provided database directory is initialized; see also "startup probes" for an alternative solution
+# (no-op if database is already initialized)
+#
+# 3. ("docker-enforce-initdb.sh") as part of CI to ensure the database is fully initialized before use
+# (error if database is already initialized)
+#
+
+source /usr/local/bin/docker-entrypoint.sh
+
+# arguments to this script are assumed to be arguments to the "postgres" server (same as "docker-entrypoint.sh"), and most "docker-entrypoint.sh" functions assume "postgres" is the first argument (see "_main" over there)
+if [ "$#" -eq 0 ] || [ "$1" != 'postgres' ]; then
+ set -- postgres "$@"
+fi
+
+# see also "_main" in "docker-entrypoint.sh"
+
+docker_setup_env
+# setup data directories and permissions (when run as root)
+docker_create_db_directories
+if [ "$(id -u)" = '0' ]; then
+ # then restart script as postgres user
+ exec su-exec postgres "$BASH_SOURCE" "$@"
+fi
+
+# only run initialization on an empty data directory
+if [ -z "$DATABASE_ALREADY_EXISTS" ]; then
+ docker_verify_minimum_env
+
+ # check dir permissions to reduce likelihood of half-initialized database
+ ls /docker-entrypoint-initdb.d/ > /dev/null
+
+ docker_init_database_dir
+ pg_setup_hba_conf "$@"
+
+ # PGPASSWORD is required for psql when authentication is required for 'local' connections via pg_hba.conf and is otherwise harmless
+ # e.g. when '--auth=md5' or '--auth-local=md5' is used in POSTGRES_INITDB_ARGS
+ export PGPASSWORD="${PGPASSWORD:-$POSTGRES_PASSWORD}"
+ docker_temp_server_start "$@"
+
+ docker_setup_db
+ docker_process_init_files /docker-entrypoint-initdb.d/*
+
+ docker_temp_server_stop
+ unset PGPASSWORD
+else
+ self="$(basename "$0")"
+ case "$self" in
+ docker-ensure-initdb.sh)
+ echo >&2 "$self: note: database already initialized in '$PGDATA'!"
+ exit 0
+ ;;
+
+ docker-enforce-initdb.sh)
+ echo >&2 "$self: error: (unexpected) database found in '$PGDATA'!"
+ exit 1
+ ;;
+
+ *)
+ echo >&2 "$self: error: unknown file name: $self"
+ exit 99
+ ;;
+ esac
+fi
diff --git a/13/alpine3.18/docker-entrypoint.sh b/13/alpine3.18/docker-entrypoint.sh
index a383a36487..151d75ef96 100755
--- a/13/alpine3.18/docker-entrypoint.sh
+++ b/13/alpine3.18/docker-entrypoint.sh
@@ -225,6 +225,7 @@ docker_setup_env() {
: "${POSTGRES_HOST_AUTH_METHOD:=}"
declare -g DATABASE_ALREADY_EXISTS
+ : "${DATABASE_ALREADY_EXISTS:=}"
# look specifically for PG_VERSION, as it is expected in the DB dir
if [ -s "$PGDATA/PG_VERSION" ]; then
DATABASE_ALREADY_EXISTS='true'
diff --git a/13/alpine3.19/Dockerfile b/13/alpine3.19/Dockerfile
index e82d1b9db4..2bc16e1885 100644
--- a/13/alpine3.19/Dockerfile
+++ b/13/alpine3.19/Dockerfile
@@ -169,7 +169,8 @@ ENV PGDATA /var/lib/postgresql/data
RUN mkdir -p "$PGDATA" && chown -R postgres:postgres "$PGDATA" && chmod 1777 "$PGDATA"
VOLUME /var/lib/postgresql/data
-COPY docker-entrypoint.sh /usr/local/bin/
+COPY docker-entrypoint.sh docker-ensure-initdb.sh /usr/local/bin/
+RUN ln -sT docker-ensure-initdb.sh /usr/local/bin/docker-enforce-initdb.sh
ENTRYPOINT ["docker-entrypoint.sh"]
# We set the default STOPSIGNAL to SIGINT, which corresponds to what PostgreSQL
diff --git a/13/alpine3.19/docker-ensure-initdb.sh b/13/alpine3.19/docker-ensure-initdb.sh
new file mode 100755
index 0000000000..2a9758656e
--- /dev/null
+++ b/13/alpine3.19/docker-ensure-initdb.sh
@@ -0,0 +1,71 @@
+#!/usr/bin/env bash
+set -Eeuo pipefail
+
+#
+# This script is intended for three main use cases:
+#
+# 1. (most importantly) as an example of how to use "docker-entrypoint.sh" to extend/reuse the initialization behavior
+#
+# 2. ("docker-ensure-initdb.sh") as a Kubernetes "init container" to ensure the provided database directory is initialized; see also "startup probes" for an alternative solution
+# (no-op if database is already initialized)
+#
+# 3. ("docker-enforce-initdb.sh") as part of CI to ensure the database is fully initialized before use
+# (error if database is already initialized)
+#
+
+source /usr/local/bin/docker-entrypoint.sh
+
+# arguments to this script are assumed to be arguments to the "postgres" server (same as "docker-entrypoint.sh"), and most "docker-entrypoint.sh" functions assume "postgres" is the first argument (see "_main" over there)
+if [ "$#" -eq 0 ] || [ "$1" != 'postgres' ]; then
+ set -- postgres "$@"
+fi
+
+# see also "_main" in "docker-entrypoint.sh"
+
+docker_setup_env
+# setup data directories and permissions (when run as root)
+docker_create_db_directories
+if [ "$(id -u)" = '0' ]; then
+ # then restart script as postgres user
+ exec su-exec postgres "$BASH_SOURCE" "$@"
+fi
+
+# only run initialization on an empty data directory
+if [ -z "$DATABASE_ALREADY_EXISTS" ]; then
+ docker_verify_minimum_env
+
+ # check dir permissions to reduce likelihood of half-initialized database
+ ls /docker-entrypoint-initdb.d/ > /dev/null
+
+ docker_init_database_dir
+ pg_setup_hba_conf "$@"
+
+ # PGPASSWORD is required for psql when authentication is required for 'local' connections via pg_hba.conf and is otherwise harmless
+ # e.g. when '--auth=md5' or '--auth-local=md5' is used in POSTGRES_INITDB_ARGS
+ export PGPASSWORD="${PGPASSWORD:-$POSTGRES_PASSWORD}"
+ docker_temp_server_start "$@"
+
+ docker_setup_db
+ docker_process_init_files /docker-entrypoint-initdb.d/*
+
+ docker_temp_server_stop
+ unset PGPASSWORD
+else
+ self="$(basename "$0")"
+ case "$self" in
+ docker-ensure-initdb.sh)
+ echo >&2 "$self: note: database already initialized in '$PGDATA'!"
+ exit 0
+ ;;
+
+ docker-enforce-initdb.sh)
+ echo >&2 "$self: error: (unexpected) database found in '$PGDATA'!"
+ exit 1
+ ;;
+
+ *)
+ echo >&2 "$self: error: unknown file name: $self"
+ exit 99
+ ;;
+ esac
+fi
diff --git a/13/alpine3.19/docker-entrypoint.sh b/13/alpine3.19/docker-entrypoint.sh
index a383a36487..151d75ef96 100755
--- a/13/alpine3.19/docker-entrypoint.sh
+++ b/13/alpine3.19/docker-entrypoint.sh
@@ -225,6 +225,7 @@ docker_setup_env() {
: "${POSTGRES_HOST_AUTH_METHOD:=}"
declare -g DATABASE_ALREADY_EXISTS
+ : "${DATABASE_ALREADY_EXISTS:=}"
# look specifically for PG_VERSION, as it is expected in the DB dir
if [ -s "$PGDATA/PG_VERSION" ]; then
DATABASE_ALREADY_EXISTS='true'
diff --git a/13/bookworm/Dockerfile b/13/bookworm/Dockerfile
index d97ed4221c..1086785f54 100644
--- a/13/bookworm/Dockerfile
+++ b/13/bookworm/Dockerfile
@@ -186,7 +186,8 @@ ENV PGDATA /var/lib/postgresql/data
RUN mkdir -p "$PGDATA" && chown -R postgres:postgres "$PGDATA" && chmod 1777 "$PGDATA"
VOLUME /var/lib/postgresql/data
-COPY docker-entrypoint.sh /usr/local/bin/
+COPY docker-entrypoint.sh docker-ensure-initdb.sh /usr/local/bin/
+RUN ln -sT docker-ensure-initdb.sh /usr/local/bin/docker-enforce-initdb.sh
ENTRYPOINT ["docker-entrypoint.sh"]
# We set the default STOPSIGNAL to SIGINT, which corresponds to what PostgreSQL
diff --git a/13/bookworm/docker-ensure-initdb.sh b/13/bookworm/docker-ensure-initdb.sh
new file mode 100755
index 0000000000..ae1f6b6b90
--- /dev/null
+++ b/13/bookworm/docker-ensure-initdb.sh
@@ -0,0 +1,71 @@
+#!/usr/bin/env bash
+set -Eeuo pipefail
+
+#
+# This script is intended for three main use cases:
+#
+# 1. (most importantly) as an example of how to use "docker-entrypoint.sh" to extend/reuse the initialization behavior
+#
+# 2. ("docker-ensure-initdb.sh") as a Kubernetes "init container" to ensure the provided database directory is initialized; see also "startup probes" for an alternative solution
+# (no-op if database is already initialized)
+#
+# 3. ("docker-enforce-initdb.sh") as part of CI to ensure the database is fully initialized before use
+# (error if database is already initialized)
+#
+
+source /usr/local/bin/docker-entrypoint.sh
+
+# arguments to this script are assumed to be arguments to the "postgres" server (same as "docker-entrypoint.sh"), and most "docker-entrypoint.sh" functions assume "postgres" is the first argument (see "_main" over there)
+if [ "$#" -eq 0 ] || [ "$1" != 'postgres' ]; then
+ set -- postgres "$@"
+fi
+
+# see also "_main" in "docker-entrypoint.sh"
+
+docker_setup_env
+# setup data directories and permissions (when run as root)
+docker_create_db_directories
+if [ "$(id -u)" = '0' ]; then
+ # then restart script as postgres user
+ exec gosu postgres "$BASH_SOURCE" "$@"
+fi
+
+# only run initialization on an empty data directory
+if [ -z "$DATABASE_ALREADY_EXISTS" ]; then
+ docker_verify_minimum_env
+
+ # check dir permissions to reduce likelihood of half-initialized database
+ ls /docker-entrypoint-initdb.d/ > /dev/null
+
+ docker_init_database_dir
+ pg_setup_hba_conf "$@"
+
+ # PGPASSWORD is required for psql when authentication is required for 'local' connections via pg_hba.conf and is otherwise harmless
+ # e.g. when '--auth=md5' or '--auth-local=md5' is used in POSTGRES_INITDB_ARGS
+ export PGPASSWORD="${PGPASSWORD:-$POSTGRES_PASSWORD}"
+ docker_temp_server_start "$@"
+
+ docker_setup_db
+ docker_process_init_files /docker-entrypoint-initdb.d/*
+
+ docker_temp_server_stop
+ unset PGPASSWORD
+else
+ self="$(basename "$0")"
+ case "$self" in
+ docker-ensure-initdb.sh)
+ echo >&2 "$self: note: database already initialized in '$PGDATA'!"
+ exit 0
+ ;;
+
+ docker-enforce-initdb.sh)
+ echo >&2 "$self: error: (unexpected) database found in '$PGDATA'!"
+ exit 1
+ ;;
+
+ *)
+ echo >&2 "$self: error: unknown file name: $self"
+ exit 99
+ ;;
+ esac
+fi
diff --git a/13/bookworm/docker-entrypoint.sh b/13/bookworm/docker-entrypoint.sh
index 0ae0ecf8c2..6d197bc01f 100755
--- a/13/bookworm/docker-entrypoint.sh
+++ b/13/bookworm/docker-entrypoint.sh
@@ -225,6 +225,7 @@ docker_setup_env() {
: "${POSTGRES_HOST_AUTH_METHOD:=}"
declare -g DATABASE_ALREADY_EXISTS
+ : "${DATABASE_ALREADY_EXISTS:=}"
# look specifically for PG_VERSION, as it is expected in the DB dir
if [ -s "$PGDATA/PG_VERSION" ]; then
DATABASE_ALREADY_EXISTS='true'
diff --git a/13/bullseye/Dockerfile b/13/bullseye/Dockerfile
index d88766fc44..0f2b30c55e 100644
--- a/13/bullseye/Dockerfile
+++ b/13/bullseye/Dockerfile
@@ -186,7 +186,8 @@ ENV PGDATA /var/lib/postgresql/data
RUN mkdir -p "$PGDATA" && chown -R postgres:postgres "$PGDATA" && chmod 1777 "$PGDATA"
VOLUME /var/lib/postgresql/data
-COPY docker-entrypoint.sh /usr/local/bin/
+COPY docker-entrypoint.sh docker-ensure-initdb.sh /usr/local/bin/
+RUN ln -sT docker-ensure-initdb.sh /usr/local/bin/docker-enforce-initdb.sh
ENTRYPOINT ["docker-entrypoint.sh"]
# We set the default STOPSIGNAL to SIGINT, which corresponds to what PostgreSQL
diff --git a/13/bullseye/docker-ensure-initdb.sh b/13/bullseye/docker-ensure-initdb.sh
new file mode 100755
index 0000000000..ae1f6b6b90
--- /dev/null
+++ b/13/bullseye/docker-ensure-initdb.sh
@@ -0,0 +1,71 @@
+#!/usr/bin/env bash
+set -Eeuo pipefail
+
+#
+# This script is intended for three main use cases:
+#
+# 1. (most importantly) as an example of how to use "docker-entrypoint.sh" to extend/reuse the initialization behavior
+#
+# 2. ("docker-ensure-initdb.sh") as a Kubernetes "init container" to ensure the provided database directory is initialized; see also "startup probes" for an alternative solution
+# (no-op if database is already initialized)
+#
+# 3. ("docker-enforce-initdb.sh") as part of CI to ensure the database is fully initialized before use
+# (error if database is already initialized)
+#
+
+source /usr/local/bin/docker-entrypoint.sh
+
+# arguments to this script are assumed to be arguments to the "postgres" server (same as "docker-entrypoint.sh"), and most "docker-entrypoint.sh" functions assume "postgres" is the first argument (see "_main" over there)
+if [ "$#" -eq 0 ] || [ "$1" != 'postgres' ]; then
+ set -- postgres "$@"
+fi
+
+# see also "_main" in "docker-entrypoint.sh"
+
+docker_setup_env
+# setup data directories and permissions (when run as root)
+docker_create_db_directories
+if [ "$(id -u)" = '0' ]; then
+ # then restart script as postgres user
+ exec gosu postgres "$BASH_SOURCE" "$@"
+fi
+
+# only run initialization on an empty data directory
+if [ -z "$DATABASE_ALREADY_EXISTS" ]; then
+ docker_verify_minimum_env
+
+ # check dir permissions to reduce likelihood of half-initialized database
+ ls /docker-entrypoint-initdb.d/ > /dev/null
+
+ docker_init_database_dir
+ pg_setup_hba_conf "$@"
+
+ # PGPASSWORD is required for psql when authentication is required for 'local' connections via pg_hba.conf and is otherwise harmless
+ # e.g. when '--auth=md5' or '--auth-local=md5' is used in POSTGRES_INITDB_ARGS
+ export PGPASSWORD="${PGPASSWORD:-$POSTGRES_PASSWORD}"
+ docker_temp_server_start "$@"
+
+ docker_setup_db
+ docker_process_init_files /docker-entrypoint-initdb.d/*
+
+ docker_temp_server_stop
+ unset PGPASSWORD
+else
+ self="$(basename "$0")"
+ case "$self" in
+ docker-ensure-initdb.sh)
+ echo >&2 "$self: note: database already initialized in '$PGDATA'!"
+ exit 0
+ ;;
+
+ docker-enforce-initdb.sh)
+ echo >&2 "$self: error: (unexpected) database found in '$PGDATA'!"
+ exit 1
+ ;;
+
+ *)
+ echo >&2 "$self: error: unknown file name: $self"
+ exit 99
+ ;;
+ esac
+fi
diff --git a/13/bullseye/docker-entrypoint.sh b/13/bullseye/docker-entrypoint.sh
index 0ae0ecf8c2..6d197bc01f 100755
--- a/13/bullseye/docker-entrypoint.sh
+++ b/13/bullseye/docker-entrypoint.sh
@@ -225,6 +225,7 @@ docker_setup_env() {
: "${POSTGRES_HOST_AUTH_METHOD:=}"
declare -g DATABASE_ALREADY_EXISTS
+ : "${DATABASE_ALREADY_EXISTS:=}"
# look specifically for PG_VERSION, as it is expected in the DB dir
if [ -s "$PGDATA/PG_VERSION" ]; then
DATABASE_ALREADY_EXISTS='true'
diff --git a/14/alpine3.18/Dockerfile b/14/alpine3.18/Dockerfile
index 9856dcc54b..341fb0e3f9 100644
--- a/14/alpine3.18/Dockerfile
+++ b/14/alpine3.18/Dockerfile
@@ -172,7 +172,8 @@ ENV PGDATA /var/lib/postgresql/data
RUN mkdir -p "$PGDATA" && chown -R postgres:postgres "$PGDATA" && chmod 1777 "$PGDATA"
VOLUME /var/lib/postgresql/data
-COPY docker-entrypoint.sh /usr/local/bin/
+COPY docker-entrypoint.sh docker-ensure-initdb.sh /usr/local/bin/
+RUN ln -sT docker-ensure-initdb.sh /usr/local/bin/docker-enforce-initdb.sh
ENTRYPOINT ["docker-entrypoint.sh"]
# We set the default STOPSIGNAL to SIGINT, which corresponds to what PostgreSQL
diff --git a/14/alpine3.18/docker-ensure-initdb.sh b/14/alpine3.18/docker-ensure-initdb.sh
new file mode 100755
index 0000000000..2a9758656e
--- /dev/null
+++ b/14/alpine3.18/docker-ensure-initdb.sh
@@ -0,0 +1,71 @@
+#!/usr/bin/env bash
+set -Eeuo pipefail
+
+#
+# This script is intended for three main use cases:
+#
+# 1. (most importantly) as an example of how to use "docker-entrypoint.sh" to extend/reuse the initialization behavior
+#
+# 2. ("docker-ensure-initdb.sh") as a Kubernetes "init container" to ensure the provided database directory is initialized; see also "startup probes" for an alternative solution
+# (no-op if database is already initialized)
+#
+# 3. ("docker-enforce-initdb.sh") as part of CI to ensure the database is fully initialized before use
+# (error if database is already initialized)
+#
+
+source /usr/local/bin/docker-entrypoint.sh
+
+# arguments to this script are assumed to be arguments to the "postgres" server (same as "docker-entrypoint.sh"), and most "docker-entrypoint.sh" functions assume "postgres" is the first argument (see "_main" over there)
+if [ "$#" -eq 0 ] || [ "$1" != 'postgres' ]; then
+ set -- postgres "$@"
+fi
+
+# see also "_main" in "docker-entrypoint.sh"
+
+docker_setup_env
+# setup data directories and permissions (when run as root)
+docker_create_db_directories
+if [ "$(id -u)" = '0' ]; then
+ # then restart script as postgres user
+ exec su-exec postgres "$BASH_SOURCE" "$@"
+fi
+
+# only run initialization on an empty data directory
+if [ -z "$DATABASE_ALREADY_EXISTS" ]; then
+ docker_verify_minimum_env
+
+ # check dir permissions to reduce likelihood of half-initialized database
+ ls /docker-entrypoint-initdb.d/ > /dev/null
+
+ docker_init_database_dir
+ pg_setup_hba_conf "$@"
+
+ # PGPASSWORD is required for psql when authentication is required for 'local' connections via pg_hba.conf and is otherwise harmless
+ # e.g. when '--auth=md5' or '--auth-local=md5' is used in POSTGRES_INITDB_ARGS
+ export PGPASSWORD="${PGPASSWORD:-$POSTGRES_PASSWORD}"
+ docker_temp_server_start "$@"
+
+ docker_setup_db
+ docker_process_init_files /docker-entrypoint-initdb.d/*
+
+ docker_temp_server_stop
+ unset PGPASSWORD
+else
+ self="$(basename "$0")"
+ case "$self" in
+ docker-ensure-initdb.sh)
+ echo >&2 "$self: note: database already initialized in '$PGDATA'!"
+ exit 0
+ ;;
+
+ docker-enforce-initdb.sh)
+ echo >&2 "$self: error: (unexpected) database found in '$PGDATA'!"
+ exit 1
+ ;;
+
+ *)
+ echo >&2 "$self: error: unknown file name: $self"
+ exit 99
+ ;;
+ esac
+fi
diff --git a/14/alpine3.18/docker-entrypoint.sh b/14/alpine3.18/docker-entrypoint.sh
index a383a36487..151d75ef96 100755
--- a/14/alpine3.18/docker-entrypoint.sh
+++ b/14/alpine3.18/docker-entrypoint.sh
@@ -225,6 +225,7 @@ docker_setup_env() {
: "${POSTGRES_HOST_AUTH_METHOD:=}"
declare -g DATABASE_ALREADY_EXISTS
+ : "${DATABASE_ALREADY_EXISTS:=}"
# look specifically for PG_VERSION, as it is expected in the DB dir
if [ -s "$PGDATA/PG_VERSION" ]; then
DATABASE_ALREADY_EXISTS='true'
diff --git a/14/alpine3.19/Dockerfile b/14/alpine3.19/Dockerfile
index 20ac720b77..fdd06f4f20 100644
--- a/14/alpine3.19/Dockerfile
+++ b/14/alpine3.19/Dockerfile
@@ -172,7 +172,8 @@ ENV PGDATA /var/lib/postgresql/data
RUN mkdir -p "$PGDATA" && chown -R postgres:postgres "$PGDATA" && chmod 1777 "$PGDATA"
VOLUME /var/lib/postgresql/data
-COPY docker-entrypoint.sh /usr/local/bin/
+COPY docker-entrypoint.sh docker-ensure-initdb.sh /usr/local/bin/
+RUN ln -sT docker-ensure-initdb.sh /usr/local/bin/docker-enforce-initdb.sh
ENTRYPOINT ["docker-entrypoint.sh"]
# We set the default STOPSIGNAL to SIGINT, which corresponds to what PostgreSQL
diff --git a/14/alpine3.19/docker-ensure-initdb.sh b/14/alpine3.19/docker-ensure-initdb.sh
new file mode 100755
index 0000000000..2a9758656e
--- /dev/null
+++ b/14/alpine3.19/docker-ensure-initdb.sh
@@ -0,0 +1,71 @@
+#!/usr/bin/env bash
+set -Eeuo pipefail
+
+#
+# This script is intended for three main use cases:
+#
+# 1. (most importantly) as an example of how to use "docker-entrypoint.sh" to extend/reuse the initialization behavior
+#
+# 2. ("docker-ensure-initdb.sh") as a Kubernetes "init container" to ensure the provided database directory is initialized; see also "startup probes" for an alternative solution
+# (no-op if database is already initialized)
+#
+# 3. ("docker-enforce-initdb.sh") as part of CI to ensure the database is fully initialized before use
+# (error if database is already initialized)
+#
+
+source /usr/local/bin/docker-entrypoint.sh
+
+# arguments to this script are assumed to be arguments to the "postgres" server (same as "docker-entrypoint.sh"), and most "docker-entrypoint.sh" functions assume "postgres" is the first argument (see "_main" over there)
+if [ "$#" -eq 0 ] || [ "$1" != 'postgres' ]; then
+ set -- postgres "$@"
+fi
+
+# see also "_main" in "docker-entrypoint.sh"
+
+docker_setup_env
+# setup data directories and permissions (when run as root)
+docker_create_db_directories
+if [ "$(id -u)" = '0' ]; then
+ # then restart script as postgres user
+ exec su-exec postgres "$BASH_SOURCE" "$@"
+fi
+
+# only run initialization on an empty data directory
+if [ -z "$DATABASE_ALREADY_EXISTS" ]; then
+ docker_verify_minimum_env
+
+ # check dir permissions to reduce likelihood of half-initialized database
+ ls /docker-entrypoint-initdb.d/ > /dev/null
+
+ docker_init_database_dir
+ pg_setup_hba_conf "$@"
+
+ # PGPASSWORD is required for psql when authentication is required for 'local' connections via pg_hba.conf and is otherwise harmless
+ # e.g. when '--auth=md5' or '--auth-local=md5' is used in POSTGRES_INITDB_ARGS
+ export PGPASSWORD="${PGPASSWORD:-$POSTGRES_PASSWORD}"
+ docker_temp_server_start "$@"
+
+ docker_setup_db
+ docker_process_init_files /docker-entrypoint-initdb.d/*
+
+ docker_temp_server_stop
+ unset PGPASSWORD
+else
+ self="$(basename "$0")"
+ case "$self" in
+ docker-ensure-initdb.sh)
+ echo >&2 "$self: note: database already initialized in '$PGDATA'!"
+ exit 0
+ ;;
+
+ docker-enforce-initdb.sh)
+ echo >&2 "$self: error: (unexpected) database found in '$PGDATA'!"
+ exit 1
+ ;;
+
+ *)
+ echo >&2 "$self: error: unknown file name: $self"
+ exit 99
+ ;;
+ esac
+fi
diff --git a/14/alpine3.19/docker-entrypoint.sh b/14/alpine3.19/docker-entrypoint.sh
index a383a36487..151d75ef96 100755
--- a/14/alpine3.19/docker-entrypoint.sh
+++ b/14/alpine3.19/docker-entrypoint.sh
@@ -225,6 +225,7 @@ docker_setup_env() {
: "${POSTGRES_HOST_AUTH_METHOD:=}"
declare -g DATABASE_ALREADY_EXISTS
+ : "${DATABASE_ALREADY_EXISTS:=}"
# look specifically for PG_VERSION, as it is expected in the DB dir
if [ -s "$PGDATA/PG_VERSION" ]; then
DATABASE_ALREADY_EXISTS='true'
diff --git a/14/bookworm/Dockerfile b/14/bookworm/Dockerfile
index e99b2427b9..4905043349 100644
--- a/14/bookworm/Dockerfile
+++ b/14/bookworm/Dockerfile
@@ -184,7 +184,8 @@ ENV PGDATA /var/lib/postgresql/data
RUN mkdir -p "$PGDATA" && chown -R postgres:postgres "$PGDATA" && chmod 1777 "$PGDATA"
VOLUME /var/lib/postgresql/data
-COPY docker-entrypoint.sh /usr/local/bin/
+COPY docker-entrypoint.sh docker-ensure-initdb.sh /usr/local/bin/
+RUN ln -sT docker-ensure-initdb.sh /usr/local/bin/docker-enforce-initdb.sh
ENTRYPOINT ["docker-entrypoint.sh"]
# We set the default STOPSIGNAL to SIGINT, which corresponds to what PostgreSQL
diff --git a/14/bookworm/docker-ensure-initdb.sh b/14/bookworm/docker-ensure-initdb.sh
new file mode 100755
index 0000000000..ae1f6b6b90
--- /dev/null
+++ b/14/bookworm/docker-ensure-initdb.sh
@@ -0,0 +1,71 @@
+#!/usr/bin/env bash
+set -Eeuo pipefail
+
+#
+# This script is intended for three main use cases:
+#
+# 1. (most importantly) as an example of how to use "docker-entrypoint.sh" to extend/reuse the initialization behavior
+#
+# 2. ("docker-ensure-initdb.sh") as a Kubernetes "init container" to ensure the provided database directory is initialized; see also "startup probes" for an alternative solution
+# (no-op if database is already initialized)
+#
+# 3. ("docker-enforce-initdb.sh") as part of CI to ensure the database is fully initialized before use
+# (error if database is already initialized)
+#
+
+source /usr/local/bin/docker-entrypoint.sh
+
+# arguments to this script are assumed to be arguments to the "postgres" server (same as "docker-entrypoint.sh"), and most "docker-entrypoint.sh" functions assume "postgres" is the first argument (see "_main" over there)
+if [ "$#" -eq 0 ] || [ "$1" != 'postgres' ]; then
+ set -- postgres "$@"
+fi
+
+# see also "_main" in "docker-entrypoint.sh"
+
+docker_setup_env
+# setup data directories and permissions (when run as root)
+docker_create_db_directories
+if [ "$(id -u)" = '0' ]; then
+ # then restart script as postgres user
+ exec gosu postgres "$BASH_SOURCE" "$@"
+fi
+
+# only run initialization on an empty data directory
+if [ -z "$DATABASE_ALREADY_EXISTS" ]; then
+ docker_verify_minimum_env
+
+ # check dir permissions to reduce likelihood of half-initialized database
+ ls /docker-entrypoint-initdb.d/ > /dev/null
+
+ docker_init_database_dir
+ pg_setup_hba_conf "$@"
+
+ # PGPASSWORD is required for psql when authentication is required for 'local' connections via pg_hba.conf and is otherwise harmless
+ # e.g. when '--auth=md5' or '--auth-local=md5' is used in POSTGRES_INITDB_ARGS
+ export PGPASSWORD="${PGPASSWORD:-$POSTGRES_PASSWORD}"
+ docker_temp_server_start "$@"
+
+ docker_setup_db
+ docker_process_init_files /docker-entrypoint-initdb.d/*
+
+ docker_temp_server_stop
+ unset PGPASSWORD
+else
+ self="$(basename "$0")"
+ case "$self" in
+ docker-ensure-initdb.sh)
+ echo >&2 "$self: note: database already initialized in '$PGDATA'!"
+ exit 0
+ ;;
+
+ docker-enforce-initdb.sh)
+ echo >&2 "$self: error: (unexpected) database found in '$PGDATA'!"
+ exit 1
+ ;;
+
+ *)
+ echo >&2 "$self: error: unknown file name: $self"
+ exit 99
+ ;;
+ esac
+fi
diff --git a/14/bookworm/docker-entrypoint.sh b/14/bookworm/docker-entrypoint.sh
index 0ae0ecf8c2..6d197bc01f 100755
--- a/14/bookworm/docker-entrypoint.sh
+++ b/14/bookworm/docker-entrypoint.sh
@@ -225,6 +225,7 @@ docker_setup_env() {
: "${POSTGRES_HOST_AUTH_METHOD:=}"
declare -g DATABASE_ALREADY_EXISTS
+ : "${DATABASE_ALREADY_EXISTS:=}"
# look specifically for PG_VERSION, as it is expected in the DB dir
if [ -s "$PGDATA/PG_VERSION" ]; then
DATABASE_ALREADY_EXISTS='true'
diff --git a/14/bullseye/Dockerfile b/14/bullseye/Dockerfile
index d8d3461190..95e24e495a 100644
--- a/14/bullseye/Dockerfile
+++ b/14/bullseye/Dockerfile
@@ -184,7 +184,8 @@ ENV PGDATA /var/lib/postgresql/data
RUN mkdir -p "$PGDATA" && chown -R postgres:postgres "$PGDATA" && chmod 1777 "$PGDATA"
VOLUME /var/lib/postgresql/data
-COPY docker-entrypoint.sh /usr/local/bin/
+COPY docker-entrypoint.sh docker-ensure-initdb.sh /usr/local/bin/
+RUN ln -sT docker-ensure-initdb.sh /usr/local/bin/docker-enforce-initdb.sh
ENTRYPOINT ["docker-entrypoint.sh"]
# We set the default STOPSIGNAL to SIGINT, which corresponds to what PostgreSQL
diff --git a/14/bullseye/docker-ensure-initdb.sh b/14/bullseye/docker-ensure-initdb.sh
new file mode 100755
index 0000000000..ae1f6b6b90
--- /dev/null
+++ b/14/bullseye/docker-ensure-initdb.sh
@@ -0,0 +1,71 @@
+#!/usr/bin/env bash
+set -Eeuo pipefail
+
+#
+# This script is intended for three main use cases:
+#
+# 1. (most importantly) as an example of how to use "docker-entrypoint.sh" to extend/reuse the initialization behavior
+#
+# 2. ("docker-ensure-initdb.sh") as a Kubernetes "init container" to ensure the provided database directory is initialized; see also "startup probes" for an alternative solution
+# (no-op if database is already initialized)
+#
+# 3. ("docker-enforce-initdb.sh") as part of CI to ensure the database is fully initialized before use
+# (error if database is already initialized)
+#
+
+source /usr/local/bin/docker-entrypoint.sh
+
+# arguments to this script are assumed to be arguments to the "postgres" server (same as "docker-entrypoint.sh"), and most "docker-entrypoint.sh" functions assume "postgres" is the first argument (see "_main" over there)
+if [ "$#" -eq 0 ] || [ "$1" != 'postgres' ]; then
+ set -- postgres "$@"
+fi
+
+# see also "_main" in "docker-entrypoint.sh"
+
+docker_setup_env
+# setup data directories and permissions (when run as root)
+docker_create_db_directories
+if [ "$(id -u)" = '0' ]; then
+ # then restart script as postgres user
+ exec gosu postgres "$BASH_SOURCE" "$@"
+fi
+
+# only run initialization on an empty data directory
+if [ -z "$DATABASE_ALREADY_EXISTS" ]; then
+ docker_verify_minimum_env
+
+ # check dir permissions to reduce likelihood of half-initialized database
+ ls /docker-entrypoint-initdb.d/ > /dev/null
+
+ docker_init_database_dir
+ pg_setup_hba_conf "$@"
+
+ # PGPASSWORD is required for psql when authentication is required for 'local' connections via pg_hba.conf and is otherwise harmless
+ # e.g. when '--auth=md5' or '--auth-local=md5' is used in POSTGRES_INITDB_ARGS
+ export PGPASSWORD="${PGPASSWORD:-$POSTGRES_PASSWORD}"
+ docker_temp_server_start "$@"
+
+ docker_setup_db
+ docker_process_init_files /docker-entrypoint-initdb.d/*
+
+ docker_temp_server_stop
+ unset PGPASSWORD
+else
+ self="$(basename "$0")"
+ case "$self" in
+ docker-ensure-initdb.sh)
+ echo >&2 "$self: note: database already initialized in '$PGDATA'!"
+ exit 0
+ ;;
+
+ docker-enforce-initdb.sh)
+ echo >&2 "$self: error: (unexpected) database found in '$PGDATA'!"
+ exit 1
+ ;;
+
+ *)
+ echo >&2 "$self: error: unknown file name: $self"
+ exit 99
+ ;;
+ esac
+fi
diff --git a/14/bullseye/docker-entrypoint.sh b/14/bullseye/docker-entrypoint.sh
index 0ae0ecf8c2..6d197bc01f 100755
--- a/14/bullseye/docker-entrypoint.sh
+++ b/14/bullseye/docker-entrypoint.sh
@@ -225,6 +225,7 @@ docker_setup_env() {
: "${POSTGRES_HOST_AUTH_METHOD:=}"
declare -g DATABASE_ALREADY_EXISTS
+ : "${DATABASE_ALREADY_EXISTS:=}"
# look specifically for PG_VERSION, as it is expected in the DB dir
if [ -s "$PGDATA/PG_VERSION" ]; then
DATABASE_ALREADY_EXISTS='true'
diff --git a/15/alpine3.18/Dockerfile b/15/alpine3.18/Dockerfile
index 8fda3e0adf..7a14aa21fe 100644
--- a/15/alpine3.18/Dockerfile
+++ b/15/alpine3.18/Dockerfile
@@ -175,7 +175,8 @@ ENV PGDATA /var/lib/postgresql/data
RUN mkdir -p "$PGDATA" && chown -R postgres:postgres "$PGDATA" && chmod 1777 "$PGDATA"
VOLUME /var/lib/postgresql/data
-COPY docker-entrypoint.sh /usr/local/bin/
+COPY docker-entrypoint.sh docker-ensure-initdb.sh /usr/local/bin/
+RUN ln -sT docker-ensure-initdb.sh /usr/local/bin/docker-enforce-initdb.sh
ENTRYPOINT ["docker-entrypoint.sh"]
# We set the default STOPSIGNAL to SIGINT, which corresponds to what PostgreSQL
diff --git a/15/alpine3.18/docker-ensure-initdb.sh b/15/alpine3.18/docker-ensure-initdb.sh
new file mode 100755
index 0000000000..2a9758656e
--- /dev/null
+++ b/15/alpine3.18/docker-ensure-initdb.sh
@@ -0,0 +1,71 @@
+#!/usr/bin/env bash
+set -Eeuo pipefail
+
+#
+# This script is intended for three main use cases:
+#
+# 1. (most importantly) as an example of how to use "docker-entrypoint.sh" to extend/reuse the initialization behavior
+#
+# 2. ("docker-ensure-initdb.sh") as a Kubernetes "init container" to ensure the provided database directory is initialized; see also "startup probes" for an alternative solution
+# (no-op if database is already initialized)
+#
+# 3. ("docker-enforce-initdb.sh") as part of CI to ensure the database is fully initialized before use
+# (error if database is already initialized)
+#
+
+source /usr/local/bin/docker-entrypoint.sh
+
+# arguments to this script are assumed to be arguments to the "postgres" server (same as "docker-entrypoint.sh"), and most "docker-entrypoint.sh" functions assume "postgres" is the first argument (see "_main" over there)
+if [ "$#" -eq 0 ] || [ "$1" != 'postgres' ]; then
+ set -- postgres "$@"
+fi
+
+# see also "_main" in "docker-entrypoint.sh"
+
+docker_setup_env
+# setup data directories and permissions (when run as root)
+docker_create_db_directories
+if [ "$(id -u)" = '0' ]; then
+ # then restart script as postgres user
+ exec su-exec postgres "$BASH_SOURCE" "$@"
+fi
+
+# only run initialization on an empty data directory
+if [ -z "$DATABASE_ALREADY_EXISTS" ]; then
+ docker_verify_minimum_env
+
+ # check dir permissions to reduce likelihood of half-initialized database
+ ls /docker-entrypoint-initdb.d/ > /dev/null
+
+ docker_init_database_dir
+ pg_setup_hba_conf "$@"
+
+ # PGPASSWORD is required for psql when authentication is required for 'local' connections via pg_hba.conf and is otherwise harmless
+ # e.g. when '--auth=md5' or '--auth-local=md5' is used in POSTGRES_INITDB_ARGS
+ export PGPASSWORD="${PGPASSWORD:-$POSTGRES_PASSWORD}"
+ docker_temp_server_start "$@"
+
+ docker_setup_db
+ docker_process_init_files /docker-entrypoint-initdb.d/*
+
+ docker_temp_server_stop
+ unset PGPASSWORD
+else
+ self="$(basename "$0")"
+ case "$self" in
+ docker-ensure-initdb.sh)
+ echo >&2 "$self: note: database already initialized in '$PGDATA'!"
+ exit 0
+ ;;
+
+ docker-enforce-initdb.sh)
+ echo >&2 "$self: error: (unexpected) database found in '$PGDATA'!"
+ exit 1
+ ;;
+
+ *)
+ echo >&2 "$self: error: unknown file name: $self"
+ exit 99
+ ;;
+ esac
+fi
diff --git a/15/alpine3.18/docker-entrypoint.sh b/15/alpine3.18/docker-entrypoint.sh
index a383a36487..151d75ef96 100755
--- a/15/alpine3.18/docker-entrypoint.sh
+++ b/15/alpine3.18/docker-entrypoint.sh
@@ -225,6 +225,7 @@ docker_setup_env() {
: "${POSTGRES_HOST_AUTH_METHOD:=}"
declare -g DATABASE_ALREADY_EXISTS
+ : "${DATABASE_ALREADY_EXISTS:=}"
# look specifically for PG_VERSION, as it is expected in the DB dir
if [ -s "$PGDATA/PG_VERSION" ]; then
DATABASE_ALREADY_EXISTS='true'
diff --git a/15/alpine3.19/Dockerfile b/15/alpine3.19/Dockerfile
index d419a42cae..77e01e3a9c 100644
--- a/15/alpine3.19/Dockerfile
+++ b/15/alpine3.19/Dockerfile
@@ -175,7 +175,8 @@ ENV PGDATA /var/lib/postgresql/data
RUN mkdir -p "$PGDATA" && chown -R postgres:postgres "$PGDATA" && chmod 1777 "$PGDATA"
VOLUME /var/lib/postgresql/data
-COPY docker-entrypoint.sh /usr/local/bin/
+COPY docker-entrypoint.sh docker-ensure-initdb.sh /usr/local/bin/
+RUN ln -sT docker-ensure-initdb.sh /usr/local/bin/docker-enforce-initdb.sh
ENTRYPOINT ["docker-entrypoint.sh"]
# We set the default STOPSIGNAL to SIGINT, which corresponds to what PostgreSQL
diff --git a/15/alpine3.19/docker-ensure-initdb.sh b/15/alpine3.19/docker-ensure-initdb.sh
new file mode 100755
index 0000000000..2a9758656e
--- /dev/null
+++ b/15/alpine3.19/docker-ensure-initdb.sh
@@ -0,0 +1,71 @@
+#!/usr/bin/env bash
+set -Eeuo pipefail
+
+#
+# This script is intended for three main use cases:
+#
+# 1. (most importantly) as an example of how to use "docker-entrypoint.sh" to extend/reuse the initialization behavior
+#
+# 2. ("docker-ensure-initdb.sh") as a Kubernetes "init container" to ensure the provided database directory is initialized; see also "startup probes" for an alternative solution
+# (no-op if database is already initialized)
+#
+# 3. ("docker-enforce-initdb.sh") as part of CI to ensure the database is fully initialized before use
+# (error if database is already initialized)
+#
+
+source /usr/local/bin/docker-entrypoint.sh
+
+# arguments to this script are assumed to be arguments to the "postgres" server (same as "docker-entrypoint.sh"), and most "docker-entrypoint.sh" functions assume "postgres" is the first argument (see "_main" over there)
+if [ "$#" -eq 0 ] || [ "$1" != 'postgres' ]; then
+ set -- postgres "$@"
+fi
+
+# see also "_main" in "docker-entrypoint.sh"
+
+docker_setup_env
+# setup data directories and permissions (when run as root)
+docker_create_db_directories
+if [ "$(id -u)" = '0' ]; then
+ # then restart script as postgres user
+ exec su-exec postgres "$BASH_SOURCE" "$@"
+fi
+
+# only run initialization on an empty data directory
+if [ -z "$DATABASE_ALREADY_EXISTS" ]; then
+ docker_verify_minimum_env
+
+ # check dir permissions to reduce likelihood of half-initialized database
+ ls /docker-entrypoint-initdb.d/ > /dev/null
+
+ docker_init_database_dir
+ pg_setup_hba_conf "$@"
+
+ # PGPASSWORD is required for psql when authentication is required for 'local' connections via pg_hba.conf and is otherwise harmless
+ # e.g. when '--auth=md5' or '--auth-local=md5' is used in POSTGRES_INITDB_ARGS
+ export PGPASSWORD="${PGPASSWORD:-$POSTGRES_PASSWORD}"
+ docker_temp_server_start "$@"
+
+ docker_setup_db
+ docker_process_init_files /docker-entrypoint-initdb.d/*
+
+ docker_temp_server_stop
+ unset PGPASSWORD
+else
+ self="$(basename "$0")"
+ case "$self" in
+ docker-ensure-initdb.sh)
+ echo >&2 "$self: note: database already initialized in '$PGDATA'!"
+ exit 0
+ ;;
+
+ docker-enforce-initdb.sh)
+ echo >&2 "$self: error: (unexpected) database found in '$PGDATA'!"
+ exit 1
+ ;;
+
+ *)
+ echo >&2 "$self: error: unknown file name: $self"
+ exit 99
+ ;;
+ esac
+fi
diff --git a/15/alpine3.19/docker-entrypoint.sh b/15/alpine3.19/docker-entrypoint.sh
index a383a36487..151d75ef96 100755
--- a/15/alpine3.19/docker-entrypoint.sh
+++ b/15/alpine3.19/docker-entrypoint.sh
@@ -225,6 +225,7 @@ docker_setup_env() {
: "${POSTGRES_HOST_AUTH_METHOD:=}"
declare -g DATABASE_ALREADY_EXISTS
+ : "${DATABASE_ALREADY_EXISTS:=}"
# look specifically for PG_VERSION, as it is expected in the DB dir
if [ -s "$PGDATA/PG_VERSION" ]; then
DATABASE_ALREADY_EXISTS='true'
diff --git a/15/bookworm/Dockerfile b/15/bookworm/Dockerfile
index e51062e703..af0da3d468 100644
--- a/15/bookworm/Dockerfile
+++ b/15/bookworm/Dockerfile
@@ -184,7 +184,8 @@ ENV PGDATA /var/lib/postgresql/data
RUN mkdir -p "$PGDATA" && chown -R postgres:postgres "$PGDATA" && chmod 1777 "$PGDATA"
VOLUME /var/lib/postgresql/data
-COPY docker-entrypoint.sh /usr/local/bin/
+COPY docker-entrypoint.sh docker-ensure-initdb.sh /usr/local/bin/
+RUN ln -sT docker-ensure-initdb.sh /usr/local/bin/docker-enforce-initdb.sh
ENTRYPOINT ["docker-entrypoint.sh"]
# We set the default STOPSIGNAL to SIGINT, which corresponds to what PostgreSQL
diff --git a/15/bookworm/docker-ensure-initdb.sh b/15/bookworm/docker-ensure-initdb.sh
new file mode 100755
index 0000000000..ae1f6b6b90
--- /dev/null
+++ b/15/bookworm/docker-ensure-initdb.sh
@@ -0,0 +1,71 @@
+#!/usr/bin/env bash
+set -Eeuo pipefail
+
+#
+# This script is intended for three main use cases:
+#
+# 1. (most importantly) as an example of how to use "docker-entrypoint.sh" to extend/reuse the initialization behavior
+#
+# 2. ("docker-ensure-initdb.sh") as a Kubernetes "init container" to ensure the provided database directory is initialized; see also "startup probes" for an alternative solution
+# (no-op if database is already initialized)
+#
+# 3. ("docker-enforce-initdb.sh") as part of CI to ensure the database is fully initialized before use
+# (error if database is already initialized)
+#
+
+source /usr/local/bin/docker-entrypoint.sh
+
+# arguments to this script are assumed to be arguments to the "postgres" server (same as "docker-entrypoint.sh"), and most "docker-entrypoint.sh" functions assume "postgres" is the first argument (see "_main" over there)
+if [ "$#" -eq 0 ] || [ "$1" != 'postgres' ]; then
+ set -- postgres "$@"
+fi
+
+# see also "_main" in "docker-entrypoint.sh"
+
+docker_setup_env
+# setup data directories and permissions (when run as root)
+docker_create_db_directories
+if [ "$(id -u)" = '0' ]; then
+ # then restart script as postgres user
+ exec gosu postgres "$BASH_SOURCE" "$@"
+fi
+
+# only run initialization on an empty data directory
+if [ -z "$DATABASE_ALREADY_EXISTS" ]; then
+ docker_verify_minimum_env
+
+ # check dir permissions to reduce likelihood of half-initialized database
+ ls /docker-entrypoint-initdb.d/ > /dev/null
+
+ docker_init_database_dir
+ pg_setup_hba_conf "$@"
+
+ # PGPASSWORD is required for psql when authentication is required for 'local' connections via pg_hba.conf and is otherwise harmless
+ # e.g. when '--auth=md5' or '--auth-local=md5' is used in POSTGRES_INITDB_ARGS
+ export PGPASSWORD="${PGPASSWORD:-$POSTGRES_PASSWORD}"
+ docker_temp_server_start "$@"
+
+ docker_setup_db
+ docker_process_init_files /docker-entrypoint-initdb.d/*
+
+ docker_temp_server_stop
+ unset PGPASSWORD
+else
+ self="$(basename "$0")"
+ case "$self" in
+ docker-ensure-initdb.sh)
+ echo >&2 "$self: note: database already initialized in '$PGDATA'!"
+ exit 0
+ ;;
+
+ docker-enforce-initdb.sh)
+ echo >&2 "$self: error: (unexpected) database found in '$PGDATA'!"
+ exit 1
+ ;;
+
+ *)
+ echo >&2 "$self: error: unknown file name: $self"
+ exit 99
+ ;;
+ esac
+fi
diff --git a/15/bookworm/docker-entrypoint.sh b/15/bookworm/docker-entrypoint.sh
index 0ae0ecf8c2..6d197bc01f 100755
--- a/15/bookworm/docker-entrypoint.sh
+++ b/15/bookworm/docker-entrypoint.sh
@@ -225,6 +225,7 @@ docker_setup_env() {
: "${POSTGRES_HOST_AUTH_METHOD:=}"
declare -g DATABASE_ALREADY_EXISTS
+ : "${DATABASE_ALREADY_EXISTS:=}"
# look specifically for PG_VERSION, as it is expected in the DB dir
if [ -s "$PGDATA/PG_VERSION" ]; then
DATABASE_ALREADY_EXISTS='true'
diff --git a/15/bullseye/Dockerfile b/15/bullseye/Dockerfile
index 2bde90139d..2d9db9bb37 100644
--- a/15/bullseye/Dockerfile
+++ b/15/bullseye/Dockerfile
@@ -184,7 +184,8 @@ ENV PGDATA /var/lib/postgresql/data
RUN mkdir -p "$PGDATA" && chown -R postgres:postgres "$PGDATA" && chmod 1777 "$PGDATA"
VOLUME /var/lib/postgresql/data
-COPY docker-entrypoint.sh /usr/local/bin/
+COPY docker-entrypoint.sh docker-ensure-initdb.sh /usr/local/bin/
+RUN ln -sT docker-ensure-initdb.sh /usr/local/bin/docker-enforce-initdb.sh
ENTRYPOINT ["docker-entrypoint.sh"]
# We set the default STOPSIGNAL to SIGINT, which corresponds to what PostgreSQL
diff --git a/15/bullseye/docker-ensure-initdb.sh b/15/bullseye/docker-ensure-initdb.sh
new file mode 100755
index 0000000000..ae1f6b6b90
--- /dev/null
+++ b/15/bullseye/docker-ensure-initdb.sh
@@ -0,0 +1,71 @@
+#!/usr/bin/env bash
+set -Eeuo pipefail
+
+#
+# This script is intended for three main use cases:
+#
+# 1. (most importantly) as an example of how to use "docker-entrypoint.sh" to extend/reuse the initialization behavior
+#
+# 2. ("docker-ensure-initdb.sh") as a Kubernetes "init container" to ensure the provided database directory is initialized; see also "startup probes" for an alternative solution
+# (no-op if database is already initialized)
+#
+# 3. ("docker-enforce-initdb.sh") as part of CI to ensure the database is fully initialized before use
+# (error if database is already initialized)
+#
+
+source /usr/local/bin/docker-entrypoint.sh
+
+# arguments to this script are assumed to be arguments to the "postgres" server (same as "docker-entrypoint.sh"), and most "docker-entrypoint.sh" functions assume "postgres" is the first argument (see "_main" over there)
+if [ "$#" -eq 0 ] || [ "$1" != 'postgres' ]; then
+ set -- postgres "$@"
+fi
+
+# see also "_main" in "docker-entrypoint.sh"
+
+docker_setup_env
+# setup data directories and permissions (when run as root)
+docker_create_db_directories
+if [ "$(id -u)" = '0' ]; then
+ # then restart script as postgres user
+ exec gosu postgres "$BASH_SOURCE" "$@"
+fi
+
+# only run initialization on an empty data directory
+if [ -z "$DATABASE_ALREADY_EXISTS" ]; then
+ docker_verify_minimum_env
+
+ # check dir permissions to reduce likelihood of half-initialized database
+ ls /docker-entrypoint-initdb.d/ > /dev/null
+
+ docker_init_database_dir
+ pg_setup_hba_conf "$@"
+
+ # PGPASSWORD is required for psql when authentication is required for 'local' connections via pg_hba.conf and is otherwise harmless
+ # e.g. when '--auth=md5' or '--auth-local=md5' is used in POSTGRES_INITDB_ARGS
+ export PGPASSWORD="${PGPASSWORD:-$POSTGRES_PASSWORD}"
+ docker_temp_server_start "$@"
+
+ docker_setup_db
+ docker_process_init_files /docker-entrypoint-initdb.d/*
+
+ docker_temp_server_stop
+ unset PGPASSWORD
+else
+ self="$(basename "$0")"
+ case "$self" in
+ docker-ensure-initdb.sh)
+ echo >&2 "$self: note: database already initialized in '$PGDATA'!"
+ exit 0
+ ;;
+
+ docker-enforce-initdb.sh)
+ echo >&2 "$self: error: (unexpected) database found in '$PGDATA'!"
+ exit 1
+ ;;
+
+ *)
+ echo >&2 "$self: error: unknown file name: $self"
+ exit 99
+ ;;
+ esac
+fi
diff --git a/15/bullseye/docker-entrypoint.sh b/15/bullseye/docker-entrypoint.sh
index 0ae0ecf8c2..6d197bc01f 100755
--- a/15/bullseye/docker-entrypoint.sh
+++ b/15/bullseye/docker-entrypoint.sh
@@ -225,6 +225,7 @@ docker_setup_env() {
: "${POSTGRES_HOST_AUTH_METHOD:=}"
declare -g DATABASE_ALREADY_EXISTS
+ : "${DATABASE_ALREADY_EXISTS:=}"
# look specifically for PG_VERSION, as it is expected in the DB dir
if [ -s "$PGDATA/PG_VERSION" ]; then
DATABASE_ALREADY_EXISTS='true'
diff --git a/16/alpine3.18/Dockerfile b/16/alpine3.18/Dockerfile
index c93ecdb229..c96c944ca2 100644
--- a/16/alpine3.18/Dockerfile
+++ b/16/alpine3.18/Dockerfile
@@ -174,7 +174,8 @@ ENV PGDATA /var/lib/postgresql/data
RUN mkdir -p "$PGDATA" && chown -R postgres:postgres "$PGDATA" && chmod 1777 "$PGDATA"
VOLUME /var/lib/postgresql/data
-COPY docker-entrypoint.sh /usr/local/bin/
+COPY docker-entrypoint.sh docker-ensure-initdb.sh /usr/local/bin/
+RUN ln -sT docker-ensure-initdb.sh /usr/local/bin/docker-enforce-initdb.sh
ENTRYPOINT ["docker-entrypoint.sh"]
# We set the default STOPSIGNAL to SIGINT, which corresponds to what PostgreSQL
diff --git a/16/alpine3.18/docker-ensure-initdb.sh b/16/alpine3.18/docker-ensure-initdb.sh
new file mode 100755
index 0000000000..2a9758656e
--- /dev/null
+++ b/16/alpine3.18/docker-ensure-initdb.sh
@@ -0,0 +1,71 @@
+#!/usr/bin/env bash
+set -Eeuo pipefail
+
+#
+# This script is intended for three main use cases:
+#
+# 1. (most importantly) as an example of how to use "docker-entrypoint.sh" to extend/reuse the initialization behavior
+#
+# 2. ("docker-ensure-initdb.sh") as a Kubernetes "init container" to ensure the provided database directory is initialized; see also "startup probes" for an alternative solution
+# (no-op if database is already initialized)
+#
+# 3. ("docker-enforce-initdb.sh") as part of CI to ensure the database is fully initialized before use
+# (error if database is already initialized)
+#
+
+source /usr/local/bin/docker-entrypoint.sh
+
+# arguments to this script are assumed to be arguments to the "postgres" server (same as "docker-entrypoint.sh"), and most "docker-entrypoint.sh" functions assume "postgres" is the first argument (see "_main" over there)
+if [ "$#" -eq 0 ] || [ "$1" != 'postgres' ]; then
+ set -- postgres "$@"
+fi
+
+# see also "_main" in "docker-entrypoint.sh"
+
+docker_setup_env
+# setup data directories and permissions (when run as root)
+docker_create_db_directories
+if [ "$(id -u)" = '0' ]; then
+ # then restart script as postgres user
+ exec su-exec postgres "$BASH_SOURCE" "$@"
+fi
+
+# only run initialization on an empty data directory
+if [ -z "$DATABASE_ALREADY_EXISTS" ]; then
+ docker_verify_minimum_env
+
+ # check dir permissions to reduce likelihood of half-initialized database
+ ls /docker-entrypoint-initdb.d/ > /dev/null
+
+ docker_init_database_dir
+ pg_setup_hba_conf "$@"
+
+ # PGPASSWORD is required for psql when authentication is required for 'local' connections via pg_hba.conf and is otherwise harmless
+ # e.g. when '--auth=md5' or '--auth-local=md5' is used in POSTGRES_INITDB_ARGS
+ export PGPASSWORD="${PGPASSWORD:-$POSTGRES_PASSWORD}"
+ docker_temp_server_start "$@"
+
+ docker_setup_db
+ docker_process_init_files /docker-entrypoint-initdb.d/*
+
+ docker_temp_server_stop
+ unset PGPASSWORD
+else
+ self="$(basename "$0")"
+ case "$self" in
+ docker-ensure-initdb.sh)
+ echo >&2 "$self: note: database already initialized in '$PGDATA'!"
+ exit 0
+ ;;
+
+ docker-enforce-initdb.sh)
+ echo >&2 "$self: error: (unexpected) database found in '$PGDATA'!"
+ exit 1
+ ;;
+
+ *)
+ echo >&2 "$self: error: unknown file name: $self"
+ exit 99
+ ;;
+ esac
+fi
diff --git a/16/alpine3.18/docker-entrypoint.sh b/16/alpine3.18/docker-entrypoint.sh
index a383a36487..151d75ef96 100755
--- a/16/alpine3.18/docker-entrypoint.sh
+++ b/16/alpine3.18/docker-entrypoint.sh
@@ -225,6 +225,7 @@ docker_setup_env() {
: "${POSTGRES_HOST_AUTH_METHOD:=}"
declare -g DATABASE_ALREADY_EXISTS
+ : "${DATABASE_ALREADY_EXISTS:=}"
# look specifically for PG_VERSION, as it is expected in the DB dir
if [ -s "$PGDATA/PG_VERSION" ]; then
DATABASE_ALREADY_EXISTS='true'
diff --git a/16/alpine3.19/Dockerfile b/16/alpine3.19/Dockerfile
index 0f98b442c0..9228071a3e 100644
--- a/16/alpine3.19/Dockerfile
+++ b/16/alpine3.19/Dockerfile
@@ -174,7 +174,8 @@ ENV PGDATA /var/lib/postgresql/data
RUN mkdir -p "$PGDATA" && chown -R postgres:postgres "$PGDATA" && chmod 1777 "$PGDATA"
VOLUME /var/lib/postgresql/data
-COPY docker-entrypoint.sh /usr/local/bin/
+COPY docker-entrypoint.sh docker-ensure-initdb.sh /usr/local/bin/
+RUN ln -sT docker-ensure-initdb.sh /usr/local/bin/docker-enforce-initdb.sh
ENTRYPOINT ["docker-entrypoint.sh"]
# We set the default STOPSIGNAL to SIGINT, which corresponds to what PostgreSQL
diff --git a/16/alpine3.19/docker-ensure-initdb.sh b/16/alpine3.19/docker-ensure-initdb.sh
new file mode 100755
index 0000000000..2a9758656e
--- /dev/null
+++ b/16/alpine3.19/docker-ensure-initdb.sh
@@ -0,0 +1,71 @@
+#!/usr/bin/env bash
+set -Eeuo pipefail
+
+#
+# This script is intended for three main use cases:
+#
+# 1. (most importantly) as an example of how to use "docker-entrypoint.sh" to extend/reuse the initialization behavior
+#
+# 2. ("docker-ensure-initdb.sh") as a Kubernetes "init container" to ensure the provided database directory is initialized; see also "startup probes" for an alternative solution
+# (no-op if database is already initialized)
+#
+# 3. ("docker-enforce-initdb.sh") as part of CI to ensure the database is fully initialized before use
+# (error if database is already initialized)
+#
+
+source /usr/local/bin/docker-entrypoint.sh
+
+# arguments to this script are assumed to be arguments to the "postgres" server (same as "docker-entrypoint.sh"), and most "docker-entrypoint.sh" functions assume "postgres" is the first argument (see "_main" over there)
+if [ "$#" -eq 0 ] || [ "$1" != 'postgres' ]; then
+ set -- postgres "$@"
+fi
+
+# see also "_main" in "docker-entrypoint.sh"
+
+docker_setup_env
+# setup data directories and permissions (when run as root)
+docker_create_db_directories
+if [ "$(id -u)" = '0' ]; then
+ # then restart script as postgres user
+ exec su-exec postgres "$BASH_SOURCE" "$@"
+fi
+
+# only run initialization on an empty data directory
+if [ -z "$DATABASE_ALREADY_EXISTS" ]; then
+ docker_verify_minimum_env
+
+ # check dir permissions to reduce likelihood of half-initialized database
+ ls /docker-entrypoint-initdb.d/ > /dev/null
+
+ docker_init_database_dir
+ pg_setup_hba_conf "$@"
+
+ # PGPASSWORD is required for psql when authentication is required for 'local' connections via pg_hba.conf and is otherwise harmless
+ # e.g. when '--auth=md5' or '--auth-local=md5' is used in POSTGRES_INITDB_ARGS
+ export PGPASSWORD="${PGPASSWORD:-$POSTGRES_PASSWORD}"
+ docker_temp_server_start "$@"
+
+ docker_setup_db
+ docker_process_init_files /docker-entrypoint-initdb.d/*
+
+ docker_temp_server_stop
+ unset PGPASSWORD
+else
+ self="$(basename "$0")"
+ case "$self" in
+ docker-ensure-initdb.sh)
+ echo >&2 "$self: note: database already initialized in '$PGDATA'!"
+ exit 0
+ ;;
+
+ docker-enforce-initdb.sh)
+ echo >&2 "$self: error: (unexpected) database found in '$PGDATA'!"
+ exit 1
+ ;;
+
+ *)
+ echo >&2 "$self: error: unknown file name: $self"
+ exit 99
+ ;;
+ esac
+fi
diff --git a/16/alpine3.19/docker-entrypoint.sh b/16/alpine3.19/docker-entrypoint.sh
index a383a36487..151d75ef96 100755
--- a/16/alpine3.19/docker-entrypoint.sh
+++ b/16/alpine3.19/docker-entrypoint.sh
@@ -225,6 +225,7 @@ docker_setup_env() {
: "${POSTGRES_HOST_AUTH_METHOD:=}"
declare -g DATABASE_ALREADY_EXISTS
+ : "${DATABASE_ALREADY_EXISTS:=}"
# look specifically for PG_VERSION, as it is expected in the DB dir
if [ -s "$PGDATA/PG_VERSION" ]; then
DATABASE_ALREADY_EXISTS='true'
diff --git a/16/bookworm/Dockerfile b/16/bookworm/Dockerfile
index 684c6ee36a..15369fd019 100644
--- a/16/bookworm/Dockerfile
+++ b/16/bookworm/Dockerfile
@@ -184,7 +184,8 @@ ENV PGDATA /var/lib/postgresql/data
RUN mkdir -p "$PGDATA" && chown -R postgres:postgres "$PGDATA" && chmod 1777 "$PGDATA"
VOLUME /var/lib/postgresql/data
-COPY docker-entrypoint.sh /usr/local/bin/
+COPY docker-entrypoint.sh docker-ensure-initdb.sh /usr/local/bin/
+RUN ln -sT docker-ensure-initdb.sh /usr/local/bin/docker-enforce-initdb.sh
ENTRYPOINT ["docker-entrypoint.sh"]
# We set the default STOPSIGNAL to SIGINT, which corresponds to what PostgreSQL
diff --git a/16/bookworm/docker-ensure-initdb.sh b/16/bookworm/docker-ensure-initdb.sh
new file mode 100755
index 0000000000..ae1f6b6b90
--- /dev/null
+++ b/16/bookworm/docker-ensure-initdb.sh
@@ -0,0 +1,71 @@
+#!/usr/bin/env bash
+set -Eeuo pipefail
+
+#
+# This script is intended for three main use cases:
+#
+# 1. (most importantly) as an example of how to use "docker-entrypoint.sh" to extend/reuse the initialization behavior
+#
+# 2. ("docker-ensure-initdb.sh") as a Kubernetes "init container" to ensure the provided database directory is initialized; see also "startup probes" for an alternative solution
+# (no-op if database is already initialized)
+#
+# 3. ("docker-enforce-initdb.sh") as part of CI to ensure the database is fully initialized before use
+# (error if database is already initialized)
+#
+
+source /usr/local/bin/docker-entrypoint.sh
+
+# arguments to this script are assumed to be arguments to the "postgres" server (same as "docker-entrypoint.sh"), and most "docker-entrypoint.sh" functions assume "postgres" is the first argument (see "_main" over there)
+if [ "$#" -eq 0 ] || [ "$1" != 'postgres' ]; then
+ set -- postgres "$@"
+fi
+
+# see also "_main" in "docker-entrypoint.sh"
+
+docker_setup_env
+# setup data directories and permissions (when run as root)
+docker_create_db_directories
+if [ "$(id -u)" = '0' ]; then
+ # then restart script as postgres user
+ exec gosu postgres "$BASH_SOURCE" "$@"
+fi
+
+# only run initialization on an empty data directory
+if [ -z "$DATABASE_ALREADY_EXISTS" ]; then
+ docker_verify_minimum_env
+
+ # check dir permissions to reduce likelihood of half-initialized database
+ ls /docker-entrypoint-initdb.d/ > /dev/null
+
+ docker_init_database_dir
+ pg_setup_hba_conf "$@"
+
+ # PGPASSWORD is required for psql when authentication is required for 'local' connections via pg_hba.conf and is otherwise harmless
+ # e.g. when '--auth=md5' or '--auth-local=md5' is used in POSTGRES_INITDB_ARGS
+ export PGPASSWORD="${PGPASSWORD:-$POSTGRES_PASSWORD}"
+ docker_temp_server_start "$@"
+
+ docker_setup_db
+ docker_process_init_files /docker-entrypoint-initdb.d/*
+
+ docker_temp_server_stop
+ unset PGPASSWORD
+else
+ self="$(basename "$0")"
+ case "$self" in
+ docker-ensure-initdb.sh)
+ echo >&2 "$self: note: database already initialized in '$PGDATA'!"
+ exit 0
+ ;;
+
+ docker-enforce-initdb.sh)
+ echo >&2 "$self: error: (unexpected) database found in '$PGDATA'!"
+ exit 1
+ ;;
+
+ *)
+ echo >&2 "$self: error: unknown file name: $self"
+ exit 99
+ ;;
+ esac
+fi
diff --git a/16/bookworm/docker-entrypoint.sh b/16/bookworm/docker-entrypoint.sh
index 0ae0ecf8c2..6d197bc01f 100755
--- a/16/bookworm/docker-entrypoint.sh
+++ b/16/bookworm/docker-entrypoint.sh
@@ -225,6 +225,7 @@ docker_setup_env() {
: "${POSTGRES_HOST_AUTH_METHOD:=}"
declare -g DATABASE_ALREADY_EXISTS
+ : "${DATABASE_ALREADY_EXISTS:=}"
# look specifically for PG_VERSION, as it is expected in the DB dir
if [ -s "$PGDATA/PG_VERSION" ]; then
DATABASE_ALREADY_EXISTS='true'
diff --git a/16/bullseye/Dockerfile b/16/bullseye/Dockerfile
index ecc31fc106..b132cc211b 100644
--- a/16/bullseye/Dockerfile
+++ b/16/bullseye/Dockerfile
@@ -184,7 +184,8 @@ ENV PGDATA /var/lib/postgresql/data
RUN mkdir -p "$PGDATA" && chown -R postgres:postgres "$PGDATA" && chmod 1777 "$PGDATA"
VOLUME /var/lib/postgresql/data
-COPY docker-entrypoint.sh /usr/local/bin/
+COPY docker-entrypoint.sh docker-ensure-initdb.sh /usr/local/bin/
+RUN ln -sT docker-ensure-initdb.sh /usr/local/bin/docker-enforce-initdb.sh
ENTRYPOINT ["docker-entrypoint.sh"]
# We set the default STOPSIGNAL to SIGINT, which corresponds to what PostgreSQL
diff --git a/16/bullseye/docker-ensure-initdb.sh b/16/bullseye/docker-ensure-initdb.sh
new file mode 100755
index 0000000000..ae1f6b6b90
--- /dev/null
+++ b/16/bullseye/docker-ensure-initdb.sh
@@ -0,0 +1,71 @@
+#!/usr/bin/env bash
+set -Eeuo pipefail
+
+#
+# This script is intended for three main use cases:
+#
+# 1. (most importantly) as an example of how to use "docker-entrypoint.sh" to extend/reuse the initialization behavior
+#
+# 2. ("docker-ensure-initdb.sh") as a Kubernetes "init container" to ensure the provided database directory is initialized; see also "startup probes" for an alternative solution
+# (no-op if database is already initialized)
+#
+# 3. ("docker-enforce-initdb.sh") as part of CI to ensure the database is fully initialized before use
+# (error if database is already initialized)
+#
+
+source /usr/local/bin/docker-entrypoint.sh
+
+# arguments to this script are assumed to be arguments to the "postgres" server (same as "docker-entrypoint.sh"), and most "docker-entrypoint.sh" functions assume "postgres" is the first argument (see "_main" over there)
+if [ "$#" -eq 0 ] || [ "$1" != 'postgres' ]; then
+ set -- postgres "$@"
+fi
+
+# see also "_main" in "docker-entrypoint.sh"
+
+docker_setup_env
+# setup data directories and permissions (when run as root)
+docker_create_db_directories
+if [ "$(id -u)" = '0' ]; then
+ # then restart script as postgres user
+ exec gosu postgres "$BASH_SOURCE" "$@"
+fi
+
+# only run initialization on an empty data directory
+if [ -z "$DATABASE_ALREADY_EXISTS" ]; then
+ docker_verify_minimum_env
+
+ # check dir permissions to reduce likelihood of half-initialized database
+ ls /docker-entrypoint-initdb.d/ > /dev/null
+
+ docker_init_database_dir
+ pg_setup_hba_conf "$@"
+
+ # PGPASSWORD is required for psql when authentication is required for 'local' connections via pg_hba.conf and is otherwise harmless
+ # e.g. when '--auth=md5' or '--auth-local=md5' is used in POSTGRES_INITDB_ARGS
+ export PGPASSWORD="${PGPASSWORD:-$POSTGRES_PASSWORD}"
+ docker_temp_server_start "$@"
+
+ docker_setup_db
+ docker_process_init_files /docker-entrypoint-initdb.d/*
+
+ docker_temp_server_stop
+ unset PGPASSWORD
+else
+ self="$(basename "$0")"
+ case "$self" in
+ docker-ensure-initdb.sh)
+ echo >&2 "$self: note: database already initialized in '$PGDATA'!"
+ exit 0
+ ;;
+
+ docker-enforce-initdb.sh)
+ echo >&2 "$self: error: (unexpected) database found in '$PGDATA'!"
+ exit 1
+ ;;
+
+ *)
+ echo >&2 "$self: error: unknown file name: $self"
+ exit 99
+ ;;
+ esac
+fi
diff --git a/16/bullseye/docker-entrypoint.sh b/16/bullseye/docker-entrypoint.sh
index 0ae0ecf8c2..6d197bc01f 100755
--- a/16/bullseye/docker-entrypoint.sh
+++ b/16/bullseye/docker-entrypoint.sh
@@ -225,6 +225,7 @@ docker_setup_env() {
: "${POSTGRES_HOST_AUTH_METHOD:=}"
declare -g DATABASE_ALREADY_EXISTS
+ : "${DATABASE_ALREADY_EXISTS:=}"
# look specifically for PG_VERSION, as it is expected in the DB dir
if [ -s "$PGDATA/PG_VERSION" ]; then
DATABASE_ALREADY_EXISTS='true'
diff --git a/Dockerfile-alpine.template b/Dockerfile-alpine.template
index efbccde00e..23e53677e1 100644
--- a/Dockerfile-alpine.template
+++ b/Dockerfile-alpine.template
@@ -194,7 +194,8 @@ ENV PGDATA /var/lib/postgresql/data
RUN mkdir -p "$PGDATA" && chown -R postgres:postgres "$PGDATA" && chmod 1777 "$PGDATA"
VOLUME /var/lib/postgresql/data
-COPY docker-entrypoint.sh /usr/local/bin/
+COPY docker-entrypoint.sh docker-ensure-initdb.sh /usr/local/bin/
+RUN ln -sT docker-ensure-initdb.sh /usr/local/bin/docker-enforce-initdb.sh
ENTRYPOINT ["docker-entrypoint.sh"]
# We set the default STOPSIGNAL to SIGINT, which corresponds to what PostgreSQL
diff --git a/Dockerfile-debian.template b/Dockerfile-debian.template
index 3d1884be00..588fced34d 100644
--- a/Dockerfile-debian.template
+++ b/Dockerfile-debian.template
@@ -182,7 +182,8 @@ ENV PGDATA /var/lib/postgresql/data
RUN mkdir -p "$PGDATA" && chown -R postgres:postgres "$PGDATA" && chmod 1777 "$PGDATA"
VOLUME /var/lib/postgresql/data
-COPY docker-entrypoint.sh /usr/local/bin/
+COPY docker-entrypoint.sh docker-ensure-initdb.sh /usr/local/bin/
+RUN ln -sT docker-ensure-initdb.sh /usr/local/bin/docker-enforce-initdb.sh
ENTRYPOINT ["docker-entrypoint.sh"]
# We set the default STOPSIGNAL to SIGINT, which corresponds to what PostgreSQL
diff --git a/apply-templates.sh b/apply-templates.sh
index 7b6dc1763d..fb375d379f 100755
--- a/apply-templates.sh
+++ b/apply-templates.sh
@@ -52,12 +52,12 @@ for version; do
echo "processing $dir ..."
- cp -a docker-entrypoint.sh "$dir/"
+ cp -a docker-entrypoint.sh docker-ensure-initdb.sh "$dir/"
case "$variant" in
alpine*)
template='Dockerfile-alpine.template'
- sed -i -e 's/gosu/su-exec/g' "$dir/docker-entrypoint.sh"
+ sed -i -e 's/gosu/su-exec/g' "$dir/docker-entrypoint.sh" "$dir/docker-ensure-initdb.sh"
;;
*)
template='Dockerfile-debian.template'
diff --git a/docker-ensure-initdb.sh b/docker-ensure-initdb.sh
new file mode 100755
index 0000000000..ae1f6b6b90
--- /dev/null
+++ b/docker-ensure-initdb.sh
@@ -0,0 +1,71 @@
+#!/usr/bin/env bash
+set -Eeuo pipefail
+
+#
+# This script is intended for three main use cases:
+#
+# 1. (most importantly) as an example of how to use "docker-entrypoint.sh" to extend/reuse the initialization behavior
+#
+# 2. ("docker-ensure-initdb.sh") as a Kubernetes "init container" to ensure the provided database directory is initialized; see also "startup probes" for an alternative solution
+# (no-op if database is already initialized)
+#
+# 3. ("docker-enforce-initdb.sh") as part of CI to ensure the database is fully initialized before use
+# (error if database is already initialized)
+#
+
+source /usr/local/bin/docker-entrypoint.sh
+
+# arguments to this script are assumed to be arguments to the "postgres" server (same as "docker-entrypoint.sh"), and most "docker-entrypoint.sh" functions assume "postgres" is the first argument (see "_main" over there)
+if [ "$#" -eq 0 ] || [ "$1" != 'postgres' ]; then
+ set -- postgres "$@"
+fi
+
+# see also "_main" in "docker-entrypoint.sh"
+
+docker_setup_env
+# setup data directories and permissions (when run as root)
+docker_create_db_directories
+if [ "$(id -u)" = '0' ]; then
+ # then restart script as postgres user
+ exec gosu postgres "$BASH_SOURCE" "$@"
+fi
+
+# only run initialization on an empty data directory
+if [ -z "$DATABASE_ALREADY_EXISTS" ]; then
+ docker_verify_minimum_env
+
+ # check dir permissions to reduce likelihood of half-initialized database
+ ls /docker-entrypoint-initdb.d/ > /dev/null
+
+ docker_init_database_dir
+ pg_setup_hba_conf "$@"
+
+ # PGPASSWORD is required for psql when authentication is required for 'local' connections via pg_hba.conf and is otherwise harmless
+ # e.g. when '--auth=md5' or '--auth-local=md5' is used in POSTGRES_INITDB_ARGS
+ export PGPASSWORD="${PGPASSWORD:-$POSTGRES_PASSWORD}"
+ docker_temp_server_start "$@"
+
+ docker_setup_db
+ docker_process_init_files /docker-entrypoint-initdb.d/*
+
+ docker_temp_server_stop
+ unset PGPASSWORD
+else
+ self="$(basename "$0")"
+ case "$self" in
+ docker-ensure-initdb.sh)
+ echo >&2 "$self: note: database already initialized in '$PGDATA'!"
+ exit 0
+ ;;
+
+ docker-enforce-initdb.sh)
+ echo >&2 "$self: error: (unexpected) database found in '$PGDATA'!"
+ exit 1
+ ;;
+
+ *)
+ echo >&2 "$self: error: unknown file name: $self"
+ exit 99
+ ;;
+ esac
+fi
diff --git a/docker-entrypoint.sh b/docker-entrypoint.sh
index 0ae0ecf8c2..6d197bc01f 100755
--- a/docker-entrypoint.sh
+++ b/docker-entrypoint.sh
@@ -225,6 +225,7 @@ docker_setup_env() {
: "${POSTGRES_HOST_AUTH_METHOD:=}"
declare -g DATABASE_ALREADY_EXISTS
+ : "${DATABASE_ALREADY_EXISTS:=}"
# look specifically for PG_VERSION, as it is expected in the DB dir
if [ -s "$PGDATA/PG_VERSION" ]; then
DATABASE_ALREADY_EXISTS='true'
From 1d4651c6c9ee4caf314a62a41111e7c65710f77e Mon Sep 17 00:00:00 2001
From: Laurent Goderre <laurent.goderre@docker.com>
Date: Mon, 11 Dec 2023 10:50:20 -0500
Subject: [PATCH 040/115] Revert "Added inline SBOM for binaries downloaded
outside package manager"
This reverts commit 6f4ae836406b010948f01fbcb400a31dca4fdf52.
---
.gitignore | 1 -
12/alpine3.18/Dockerfile | 4 +---
12/alpine3.19/Dockerfile | 4 +---
13/alpine3.18/Dockerfile | 4 +---
13/alpine3.19/Dockerfile | 4 +---
14/alpine3.18/Dockerfile | 4 +---
14/alpine3.19/Dockerfile | 4 +---
15/alpine3.18/Dockerfile | 4 +---
15/alpine3.19/Dockerfile | 4 +---
16/alpine3.18/Dockerfile | 4 +---
16/alpine3.19/Dockerfile | 4 +---
Dockerfile-alpine.template | 16 +---------------
apply-templates.sh | 5 -----
13 files changed, 11 insertions(+), 51 deletions(-)
diff --git a/.gitignore b/.gitignore
index 2a4a211b89..d548f66de0 100644
--- a/.gitignore
+++ b/.gitignore
@@ -1,2 +1 @@
.jq-template.awk
-template-helper-functions.jq
diff --git a/12/alpine3.18/Dockerfile b/12/alpine3.18/Dockerfile
index fde4049703..13907f6199 100644
--- a/12/alpine3.18/Dockerfile
+++ b/12/alpine3.18/Dockerfile
@@ -4,7 +4,6 @@
# PLEASE DO NOT EDIT IT DIRECTLY.
#
-
FROM alpine:3.18
# 70 is the standard uid/gid for "postgres" in Alpine
@@ -152,8 +151,7 @@ RUN set -eux; \
/usr/local/share/doc \
/usr/local/share/man \
; \
- echo '{"spdxVersion":"SPDX-2.3","SPDXID":"SPDXRef-DOCUMENT","name":"postgres-sbom","packages":[{"name":"postgres","versionInfo":"12.17","SPDXID":"SPDXRef-Package--postgres","externalRefs":[{"referenceCategory":"PACKAGE-MANAGER","referenceType":"purl","referenceLocator":"pkg:generic/postgres@12.17?os_name=alpine&os_version=3.18"}],"licenseDeclared":"PostgreSQL"}]}' > /usr/local/postgres.spdx.json \
- ; \
+ \
postgres --version
# make the sample config easier to munge (and "correct by default")
diff --git a/12/alpine3.19/Dockerfile b/12/alpine3.19/Dockerfile
index 6f3347c0ff..d3c4866ae1 100644
--- a/12/alpine3.19/Dockerfile
+++ b/12/alpine3.19/Dockerfile
@@ -4,7 +4,6 @@
# PLEASE DO NOT EDIT IT DIRECTLY.
#
-
FROM alpine:3.19
# 70 is the standard uid/gid for "postgres" in Alpine
@@ -152,8 +151,7 @@ RUN set -eux; \
/usr/local/share/doc \
/usr/local/share/man \
; \
- echo '{"spdxVersion":"SPDX-2.3","SPDXID":"SPDXRef-DOCUMENT","name":"postgres-sbom","packages":[{"name":"postgres","versionInfo":"12.17","SPDXID":"SPDXRef-Package--postgres","externalRefs":[{"referenceCategory":"PACKAGE-MANAGER","referenceType":"purl","referenceLocator":"pkg:generic/postgres@12.17?os_name=alpine&os_version=3.19"}],"licenseDeclared":"PostgreSQL"}]}' > /usr/local/postgres.spdx.json \
- ; \
+ \
postgres --version
# make the sample config easier to munge (and "correct by default")
diff --git a/13/alpine3.18/Dockerfile b/13/alpine3.18/Dockerfile
index cd9936c4c4..ae0476428e 100644
--- a/13/alpine3.18/Dockerfile
+++ b/13/alpine3.18/Dockerfile
@@ -4,7 +4,6 @@
# PLEASE DO NOT EDIT IT DIRECTLY.
#
-
FROM alpine:3.18
# 70 is the standard uid/gid for "postgres" in Alpine
@@ -152,8 +151,7 @@ RUN set -eux; \
/usr/local/share/doc \
/usr/local/share/man \
; \
- echo '{"spdxVersion":"SPDX-2.3","SPDXID":"SPDXRef-DOCUMENT","name":"postgres-sbom","packages":[{"name":"postgres","versionInfo":"13.13","SPDXID":"SPDXRef-Package--postgres","externalRefs":[{"referenceCategory":"PACKAGE-MANAGER","referenceType":"purl","referenceLocator":"pkg:generic/postgres@13.13?os_name=alpine&os_version=3.18"}],"licenseDeclared":"PostgreSQL"}]}' > /usr/local/postgres.spdx.json \
- ; \
+ \
postgres --version
# make the sample config easier to munge (and "correct by default")
diff --git a/13/alpine3.19/Dockerfile b/13/alpine3.19/Dockerfile
index e82d1b9db4..b91d2ed943 100644
--- a/13/alpine3.19/Dockerfile
+++ b/13/alpine3.19/Dockerfile
@@ -4,7 +4,6 @@
# PLEASE DO NOT EDIT IT DIRECTLY.
#
-
FROM alpine:3.19
# 70 is the standard uid/gid for "postgres" in Alpine
@@ -152,8 +151,7 @@ RUN set -eux; \
/usr/local/share/doc \
/usr/local/share/man \
; \
- echo '{"spdxVersion":"SPDX-2.3","SPDXID":"SPDXRef-DOCUMENT","name":"postgres-sbom","packages":[{"name":"postgres","versionInfo":"13.13","SPDXID":"SPDXRef-Package--postgres","externalRefs":[{"referenceCategory":"PACKAGE-MANAGER","referenceType":"purl","referenceLocator":"pkg:generic/postgres@13.13?os_name=alpine&os_version=3.19"}],"licenseDeclared":"PostgreSQL"}]}' > /usr/local/postgres.spdx.json \
- ; \
+ \
postgres --version
# make the sample config easier to munge (and "correct by default")
diff --git a/14/alpine3.18/Dockerfile b/14/alpine3.18/Dockerfile
index 9856dcc54b..4180502a27 100644
--- a/14/alpine3.18/Dockerfile
+++ b/14/alpine3.18/Dockerfile
@@ -4,7 +4,6 @@
# PLEASE DO NOT EDIT IT DIRECTLY.
#
-
FROM alpine:3.18
# 70 is the standard uid/gid for "postgres" in Alpine
@@ -155,8 +154,7 @@ RUN set -eux; \
/usr/local/share/doc \
/usr/local/share/man \
; \
- echo '{"spdxVersion":"SPDX-2.3","SPDXID":"SPDXRef-DOCUMENT","name":"postgres-sbom","packages":[{"name":"postgres","versionInfo":"14.10","SPDXID":"SPDXRef-Package--postgres","externalRefs":[{"referenceCategory":"PACKAGE-MANAGER","referenceType":"purl","referenceLocator":"pkg:generic/postgres@14.10?os_name=alpine&os_version=3.18"}],"licenseDeclared":"PostgreSQL"}]}' > /usr/local/postgres.spdx.json \
- ; \
+ \
postgres --version
# make the sample config easier to munge (and "correct by default")
diff --git a/14/alpine3.19/Dockerfile b/14/alpine3.19/Dockerfile
index 20ac720b77..ce011a9531 100644
--- a/14/alpine3.19/Dockerfile
+++ b/14/alpine3.19/Dockerfile
@@ -4,7 +4,6 @@
# PLEASE DO NOT EDIT IT DIRECTLY.
#
-
FROM alpine:3.19
# 70 is the standard uid/gid for "postgres" in Alpine
@@ -155,8 +154,7 @@ RUN set -eux; \
/usr/local/share/doc \
/usr/local/share/man \
; \
- echo '{"spdxVersion":"SPDX-2.3","SPDXID":"SPDXRef-DOCUMENT","name":"postgres-sbom","packages":[{"name":"postgres","versionInfo":"14.10","SPDXID":"SPDXRef-Package--postgres","externalRefs":[{"referenceCategory":"PACKAGE-MANAGER","referenceType":"purl","referenceLocator":"pkg:generic/postgres@14.10?os_name=alpine&os_version=3.19"}],"licenseDeclared":"PostgreSQL"}]}' > /usr/local/postgres.spdx.json \
- ; \
+ \
postgres --version
# make the sample config easier to munge (and "correct by default")
diff --git a/15/alpine3.18/Dockerfile b/15/alpine3.18/Dockerfile
index 8fda3e0adf..63e59bbb90 100644
--- a/15/alpine3.18/Dockerfile
+++ b/15/alpine3.18/Dockerfile
@@ -4,7 +4,6 @@
# PLEASE DO NOT EDIT IT DIRECTLY.
#
-
FROM alpine:3.18
# 70 is the standard uid/gid for "postgres" in Alpine
@@ -158,8 +157,7 @@ RUN set -eux; \
/usr/local/share/doc \
/usr/local/share/man \
; \
- echo '{"spdxVersion":"SPDX-2.3","SPDXID":"SPDXRef-DOCUMENT","name":"postgres-sbom","packages":[{"name":"postgres","versionInfo":"15.5","SPDXID":"SPDXRef-Package--postgres","externalRefs":[{"referenceCategory":"PACKAGE-MANAGER","referenceType":"purl","referenceLocator":"pkg:generic/postgres@15.5?os_name=alpine&os_version=3.18"}],"licenseDeclared":"PostgreSQL"}]}' > /usr/local/postgres.spdx.json \
- ; \
+ \
postgres --version
# make the sample config easier to munge (and "correct by default")
diff --git a/15/alpine3.19/Dockerfile b/15/alpine3.19/Dockerfile
index d419a42cae..63894586fb 100644
--- a/15/alpine3.19/Dockerfile
+++ b/15/alpine3.19/Dockerfile
@@ -4,7 +4,6 @@
# PLEASE DO NOT EDIT IT DIRECTLY.
#
-
FROM alpine:3.19
# 70 is the standard uid/gid for "postgres" in Alpine
@@ -158,8 +157,7 @@ RUN set -eux; \
/usr/local/share/doc \
/usr/local/share/man \
; \
- echo '{"spdxVersion":"SPDX-2.3","SPDXID":"SPDXRef-DOCUMENT","name":"postgres-sbom","packages":[{"name":"postgres","versionInfo":"15.5","SPDXID":"SPDXRef-Package--postgres","externalRefs":[{"referenceCategory":"PACKAGE-MANAGER","referenceType":"purl","referenceLocator":"pkg:generic/postgres@15.5?os_name=alpine&os_version=3.19"}],"licenseDeclared":"PostgreSQL"}]}' > /usr/local/postgres.spdx.json \
- ; \
+ \
postgres --version
# make the sample config easier to munge (and "correct by default")
diff --git a/16/alpine3.18/Dockerfile b/16/alpine3.18/Dockerfile
index c93ecdb229..626e269ce6 100644
--- a/16/alpine3.18/Dockerfile
+++ b/16/alpine3.18/Dockerfile
@@ -4,7 +4,6 @@
# PLEASE DO NOT EDIT IT DIRECTLY.
#
-
FROM alpine:3.18
# 70 is the standard uid/gid for "postgres" in Alpine
@@ -157,8 +156,7 @@ RUN set -eux; \
/usr/local/share/doc \
/usr/local/share/man \
; \
- echo '{"spdxVersion":"SPDX-2.3","SPDXID":"SPDXRef-DOCUMENT","name":"postgres-sbom","packages":[{"name":"postgres","versionInfo":"16.1","SPDXID":"SPDXRef-Package--postgres","externalRefs":[{"referenceCategory":"PACKAGE-MANAGER","referenceType":"purl","referenceLocator":"pkg:generic/postgres@16.1?os_name=alpine&os_version=3.18"}],"licenseDeclared":"PostgreSQL"}]}' > /usr/local/postgres.spdx.json \
- ; \
+ \
postgres --version
# make the sample config easier to munge (and "correct by default")
diff --git a/16/alpine3.19/Dockerfile b/16/alpine3.19/Dockerfile
index 0f98b442c0..7abdc999d8 100644
--- a/16/alpine3.19/Dockerfile
+++ b/16/alpine3.19/Dockerfile
@@ -4,7 +4,6 @@
# PLEASE DO NOT EDIT IT DIRECTLY.
#
-
FROM alpine:3.19
# 70 is the standard uid/gid for "postgres" in Alpine
@@ -157,8 +156,7 @@ RUN set -eux; \
/usr/local/share/doc \
/usr/local/share/man \
; \
- echo '{"spdxVersion":"SPDX-2.3","SPDXID":"SPDXRef-DOCUMENT","name":"postgres-sbom","packages":[{"name":"postgres","versionInfo":"16.1","SPDXID":"SPDXRef-Package--postgres","externalRefs":[{"referenceCategory":"PACKAGE-MANAGER","referenceType":"purl","referenceLocator":"pkg:generic/postgres@16.1?os_name=alpine&os_version=3.19"}],"licenseDeclared":"PostgreSQL"}]}' > /usr/local/postgres.spdx.json \
- ; \
+ \
postgres --version
# make the sample config easier to munge (and "correct by default")
diff --git a/Dockerfile-alpine.template b/Dockerfile-alpine.template
index efbccde00e..cd2b282f45 100644
--- a/Dockerfile-alpine.template
+++ b/Dockerfile-alpine.template
@@ -1,4 +1,3 @@
-{{ include "template-helper-functions" }}
FROM alpine:{{ env.variant | ltrimstr("alpine") }}
# 70 is the standard uid/gid for "postgres" in Alpine
@@ -165,20 +164,7 @@ RUN set -eux; \
/usr/local/share/doc \
/usr/local/share/man \
; \
- echo '{{
- {
- name: "postgres",
- version: .version,
- params: {
- os_name: "alpine",
- os_version: env.variant | ltrimstr("alpine"),
- },
- licenses: [
- "PostgreSQL"
- ]
- } | sbom | tostring
- }}' > /usr/local/postgres.spdx.json \
- ; \
+ \
postgres --version
# make the sample config easier to munge (and "correct by default")
diff --git a/apply-templates.sh b/apply-templates.sh
index 7b6dc1763d..31eb541934 100755
--- a/apply-templates.sh
+++ b/apply-templates.sh
@@ -13,11 +13,6 @@ elif [ "$BASH_SOURCE" -nt "$jqt" ]; then
wget -qO "$jqt" 'https://github.com/docker-library/bashbrew/raw/9f6a35772ac863a0241f147c820354e4008edf38/scripts/jq-template.awk'
fi
-jqf='template-helper-functions.jq'
-if [ "$BASH_SOURCE" -nt "$jqf" ]; then
- wget -qO "$jqf" 'https://github.com/docker-library/bashbrew/raw/master/scripts/template-helper-functions.jq'
-fi
-
if [ "$#" -eq 0 ]; then
versions="$(jq -r 'keys | map(@sh) | join(" ")' versions.json)"
eval "set -- $versions"
From 7dece99f9177adfc46a694797fb4f0c195f46182 Mon Sep 17 00:00:00 2001
From: Tianon Gravi <admwiggin@gmail.com>
Date: Mon, 11 Dec 2023 11:39:54 -0800
Subject: [PATCH 041/115] Only print password length warning for 12 and 13
In 14+, the arbitrary length limitations have been removed from the PostgreSQL server (https://github.com/postgres/postgres/commit/67a472d71c98c3d2fa322a1b4013080b20720b98).
---
12/alpine3.18/docker-entrypoint.sh | 24 ++++++++++++++----------
12/alpine3.19/docker-entrypoint.sh | 24 ++++++++++++++----------
12/bookworm/docker-entrypoint.sh | 24 ++++++++++++++----------
12/bullseye/docker-entrypoint.sh | 24 ++++++++++++++----------
13/alpine3.18/docker-entrypoint.sh | 24 ++++++++++++++----------
13/alpine3.19/docker-entrypoint.sh | 24 ++++++++++++++----------
13/bookworm/docker-entrypoint.sh | 24 ++++++++++++++----------
13/bullseye/docker-entrypoint.sh | 24 ++++++++++++++----------
14/alpine3.18/docker-entrypoint.sh | 24 ++++++++++++++----------
14/alpine3.19/docker-entrypoint.sh | 24 ++++++++++++++----------
14/bookworm/docker-entrypoint.sh | 24 ++++++++++++++----------
14/bullseye/docker-entrypoint.sh | 24 ++++++++++++++----------
15/alpine3.18/docker-entrypoint.sh | 24 ++++++++++++++----------
15/alpine3.19/docker-entrypoint.sh | 24 ++++++++++++++----------
15/bookworm/docker-entrypoint.sh | 24 ++++++++++++++----------
15/bullseye/docker-entrypoint.sh | 24 ++++++++++++++----------
16/alpine3.18/docker-entrypoint.sh | 24 ++++++++++++++----------
16/alpine3.19/docker-entrypoint.sh | 24 ++++++++++++++----------
16/bookworm/docker-entrypoint.sh | 24 ++++++++++++++----------
16/bullseye/docker-entrypoint.sh | 24 ++++++++++++++----------
docker-entrypoint.sh | 24 ++++++++++++++----------
21 files changed, 294 insertions(+), 210 deletions(-)
diff --git a/12/alpine3.18/docker-entrypoint.sh b/12/alpine3.18/docker-entrypoint.sh
index a383a36487..a50a92bf58 100755
--- a/12/alpine3.18/docker-entrypoint.sh
+++ b/12/alpine3.18/docker-entrypoint.sh
@@ -103,20 +103,24 @@ docker_init_database_dir() {
# print large warning if POSTGRES_HOST_AUTH_METHOD is set to 'trust'
# assumes database is not set up, ie: [ -z "$DATABASE_ALREADY_EXISTS" ]
docker_verify_minimum_env() {
- # check password first so we can output the warning before postgres
- # messes it up
- if [ "${#POSTGRES_PASSWORD}" -ge 100 ]; then
- cat >&2 <<-'EOWARN'
+ case "${PG_MAJOR:-}" in
+ 12 | 13) # https://github.com/postgres/postgres/commit/67a472d71c98c3d2fa322a1b4013080b20720b98
+ # check password first so we can output the warning before postgres
+ # messes it up
+ if [ "${#POSTGRES_PASSWORD}" -ge 100 ]; then
+ cat >&2 <<-'EOWARN'
- WARNING: The supplied POSTGRES_PASSWORD is 100+ characters.
+ WARNING: The supplied POSTGRES_PASSWORD is 100+ characters.
- This will not work if used via PGPASSWORD with "psql".
+ This will not work if used via PGPASSWORD with "psql".
- https://www.postgresql.org/message-id/flat/E1Rqxp2-0004Qt-PL%40wrigleys.postgresql.org (BUG #6412)
- https://github.com/docker-library/postgres/issues/507
+ https://www.postgresql.org/message-id/flat/E1Rqxp2-0004Qt-PL%40wrigleys.postgresql.org (BUG #6412)
+ https://github.com/docker-library/postgres/issues/507
- EOWARN
- fi
+ EOWARN
+ fi
+ ;;
+ esac
if [ -z "$POSTGRES_PASSWORD" ] && [ 'trust' != "$POSTGRES_HOST_AUTH_METHOD" ]; then
# The - option suppresses leading tabs but *not* spaces. :)
cat >&2 <<-'EOE'
diff --git a/12/alpine3.19/docker-entrypoint.sh b/12/alpine3.19/docker-entrypoint.sh
index a383a36487..a50a92bf58 100755
--- a/12/alpine3.19/docker-entrypoint.sh
+++ b/12/alpine3.19/docker-entrypoint.sh
@@ -103,20 +103,24 @@ docker_init_database_dir() {
# print large warning if POSTGRES_HOST_AUTH_METHOD is set to 'trust'
# assumes database is not set up, ie: [ -z "$DATABASE_ALREADY_EXISTS" ]
docker_verify_minimum_env() {
- # check password first so we can output the warning before postgres
- # messes it up
- if [ "${#POSTGRES_PASSWORD}" -ge 100 ]; then
- cat >&2 <<-'EOWARN'
+ case "${PG_MAJOR:-}" in
+ 12 | 13) # https://github.com/postgres/postgres/commit/67a472d71c98c3d2fa322a1b4013080b20720b98
+ # check password first so we can output the warning before postgres
+ # messes it up
+ if [ "${#POSTGRES_PASSWORD}" -ge 100 ]; then
+ cat >&2 <<-'EOWARN'
- WARNING: The supplied POSTGRES_PASSWORD is 100+ characters.
+ WARNING: The supplied POSTGRES_PASSWORD is 100+ characters.
- This will not work if used via PGPASSWORD with "psql".
+ This will not work if used via PGPASSWORD with "psql".
- https://www.postgresql.org/message-id/flat/E1Rqxp2-0004Qt-PL%40wrigleys.postgresql.org (BUG #6412)
- https://github.com/docker-library/postgres/issues/507
+ https://www.postgresql.org/message-id/flat/E1Rqxp2-0004Qt-PL%40wrigleys.postgresql.org (BUG #6412)
+ https://github.com/docker-library/postgres/issues/507
- EOWARN
- fi
+ EOWARN
+ fi
+ ;;
+ esac
if [ -z "$POSTGRES_PASSWORD" ] && [ 'trust' != "$POSTGRES_HOST_AUTH_METHOD" ]; then
# The - option suppresses leading tabs but *not* spaces. :)
cat >&2 <<-'EOE'
diff --git a/12/bookworm/docker-entrypoint.sh b/12/bookworm/docker-entrypoint.sh
index 0ae0ecf8c2..1a1ae5b3ef 100755
--- a/12/bookworm/docker-entrypoint.sh
+++ b/12/bookworm/docker-entrypoint.sh
@@ -103,20 +103,24 @@ docker_init_database_dir() {
# print large warning if POSTGRES_HOST_AUTH_METHOD is set to 'trust'
# assumes database is not set up, ie: [ -z "$DATABASE_ALREADY_EXISTS" ]
docker_verify_minimum_env() {
- # check password first so we can output the warning before postgres
- # messes it up
- if [ "${#POSTGRES_PASSWORD}" -ge 100 ]; then
- cat >&2 <<-'EOWARN'
+ case "${PG_MAJOR:-}" in
+ 12 | 13) # https://github.com/postgres/postgres/commit/67a472d71c98c3d2fa322a1b4013080b20720b98
+ # check password first so we can output the warning before postgres
+ # messes it up
+ if [ "${#POSTGRES_PASSWORD}" -ge 100 ]; then
+ cat >&2 <<-'EOWARN'
- WARNING: The supplied POSTGRES_PASSWORD is 100+ characters.
+ WARNING: The supplied POSTGRES_PASSWORD is 100+ characters.
- This will not work if used via PGPASSWORD with "psql".
+ This will not work if used via PGPASSWORD with "psql".
- https://www.postgresql.org/message-id/flat/E1Rqxp2-0004Qt-PL%40wrigleys.postgresql.org (BUG #6412)
- https://github.com/docker-library/postgres/issues/507
+ https://www.postgresql.org/message-id/flat/E1Rqxp2-0004Qt-PL%40wrigleys.postgresql.org (BUG #6412)
+ https://github.com/docker-library/postgres/issues/507
- EOWARN
- fi
+ EOWARN
+ fi
+ ;;
+ esac
if [ -z "$POSTGRES_PASSWORD" ] && [ 'trust' != "$POSTGRES_HOST_AUTH_METHOD" ]; then
# The - option suppresses leading tabs but *not* spaces. :)
cat >&2 <<-'EOE'
diff --git a/12/bullseye/docker-entrypoint.sh b/12/bullseye/docker-entrypoint.sh
index 0ae0ecf8c2..1a1ae5b3ef 100755
--- a/12/bullseye/docker-entrypoint.sh
+++ b/12/bullseye/docker-entrypoint.sh
@@ -103,20 +103,24 @@ docker_init_database_dir() {
# print large warning if POSTGRES_HOST_AUTH_METHOD is set to 'trust'
# assumes database is not set up, ie: [ -z "$DATABASE_ALREADY_EXISTS" ]
docker_verify_minimum_env() {
- # check password first so we can output the warning before postgres
- # messes it up
- if [ "${#POSTGRES_PASSWORD}" -ge 100 ]; then
- cat >&2 <<-'EOWARN'
+ case "${PG_MAJOR:-}" in
+ 12 | 13) # https://github.com/postgres/postgres/commit/67a472d71c98c3d2fa322a1b4013080b20720b98
+ # check password first so we can output the warning before postgres
+ # messes it up
+ if [ "${#POSTGRES_PASSWORD}" -ge 100 ]; then
+ cat >&2 <<-'EOWARN'
- WARNING: The supplied POSTGRES_PASSWORD is 100+ characters.
+ WARNING: The supplied POSTGRES_PASSWORD is 100+ characters.
- This will not work if used via PGPASSWORD with "psql".
+ This will not work if used via PGPASSWORD with "psql".
- https://www.postgresql.org/message-id/flat/E1Rqxp2-0004Qt-PL%40wrigleys.postgresql.org (BUG #6412)
- https://github.com/docker-library/postgres/issues/507
+ https://www.postgresql.org/message-id/flat/E1Rqxp2-0004Qt-PL%40wrigleys.postgresql.org (BUG #6412)
+ https://github.com/docker-library/postgres/issues/507
- EOWARN
- fi
+ EOWARN
+ fi
+ ;;
+ esac
if [ -z "$POSTGRES_PASSWORD" ] && [ 'trust' != "$POSTGRES_HOST_AUTH_METHOD" ]; then
# The - option suppresses leading tabs but *not* spaces. :)
cat >&2 <<-'EOE'
diff --git a/13/alpine3.18/docker-entrypoint.sh b/13/alpine3.18/docker-entrypoint.sh
index a383a36487..a50a92bf58 100755
--- a/13/alpine3.18/docker-entrypoint.sh
+++ b/13/alpine3.18/docker-entrypoint.sh
@@ -103,20 +103,24 @@ docker_init_database_dir() {
# print large warning if POSTGRES_HOST_AUTH_METHOD is set to 'trust'
# assumes database is not set up, ie: [ -z "$DATABASE_ALREADY_EXISTS" ]
docker_verify_minimum_env() {
- # check password first so we can output the warning before postgres
- # messes it up
- if [ "${#POSTGRES_PASSWORD}" -ge 100 ]; then
- cat >&2 <<-'EOWARN'
+ case "${PG_MAJOR:-}" in
+ 12 | 13) # https://github.com/postgres/postgres/commit/67a472d71c98c3d2fa322a1b4013080b20720b98
+ # check password first so we can output the warning before postgres
+ # messes it up
+ if [ "${#POSTGRES_PASSWORD}" -ge 100 ]; then
+ cat >&2 <<-'EOWARN'
- WARNING: The supplied POSTGRES_PASSWORD is 100+ characters.
+ WARNING: The supplied POSTGRES_PASSWORD is 100+ characters.
- This will not work if used via PGPASSWORD with "psql".
+ This will not work if used via PGPASSWORD with "psql".
- https://www.postgresql.org/message-id/flat/E1Rqxp2-0004Qt-PL%40wrigleys.postgresql.org (BUG #6412)
- https://github.com/docker-library/postgres/issues/507
+ https://www.postgresql.org/message-id/flat/E1Rqxp2-0004Qt-PL%40wrigleys.postgresql.org (BUG #6412)
+ https://github.com/docker-library/postgres/issues/507
- EOWARN
- fi
+ EOWARN
+ fi
+ ;;
+ esac
if [ -z "$POSTGRES_PASSWORD" ] && [ 'trust' != "$POSTGRES_HOST_AUTH_METHOD" ]; then
# The - option suppresses leading tabs but *not* spaces. :)
cat >&2 <<-'EOE'
diff --git a/13/alpine3.19/docker-entrypoint.sh b/13/alpine3.19/docker-entrypoint.sh
index a383a36487..a50a92bf58 100755
--- a/13/alpine3.19/docker-entrypoint.sh
+++ b/13/alpine3.19/docker-entrypoint.sh
@@ -103,20 +103,24 @@ docker_init_database_dir() {
# print large warning if POSTGRES_HOST_AUTH_METHOD is set to 'trust'
# assumes database is not set up, ie: [ -z "$DATABASE_ALREADY_EXISTS" ]
docker_verify_minimum_env() {
- # check password first so we can output the warning before postgres
- # messes it up
- if [ "${#POSTGRES_PASSWORD}" -ge 100 ]; then
- cat >&2 <<-'EOWARN'
+ case "${PG_MAJOR:-}" in
+ 12 | 13) # https://github.com/postgres/postgres/commit/67a472d71c98c3d2fa322a1b4013080b20720b98
+ # check password first so we can output the warning before postgres
+ # messes it up
+ if [ "${#POSTGRES_PASSWORD}" -ge 100 ]; then
+ cat >&2 <<-'EOWARN'
- WARNING: The supplied POSTGRES_PASSWORD is 100+ characters.
+ WARNING: The supplied POSTGRES_PASSWORD is 100+ characters.
- This will not work if used via PGPASSWORD with "psql".
+ This will not work if used via PGPASSWORD with "psql".
- https://www.postgresql.org/message-id/flat/E1Rqxp2-0004Qt-PL%40wrigleys.postgresql.org (BUG #6412)
- https://github.com/docker-library/postgres/issues/507
+ https://www.postgresql.org/message-id/flat/E1Rqxp2-0004Qt-PL%40wrigleys.postgresql.org (BUG #6412)
+ https://github.com/docker-library/postgres/issues/507
- EOWARN
- fi
+ EOWARN
+ fi
+ ;;
+ esac
if [ -z "$POSTGRES_PASSWORD" ] && [ 'trust' != "$POSTGRES_HOST_AUTH_METHOD" ]; then
# The - option suppresses leading tabs but *not* spaces. :)
cat >&2 <<-'EOE'
diff --git a/13/bookworm/docker-entrypoint.sh b/13/bookworm/docker-entrypoint.sh
index 0ae0ecf8c2..1a1ae5b3ef 100755
--- a/13/bookworm/docker-entrypoint.sh
+++ b/13/bookworm/docker-entrypoint.sh
@@ -103,20 +103,24 @@ docker_init_database_dir() {
# print large warning if POSTGRES_HOST_AUTH_METHOD is set to 'trust'
# assumes database is not set up, ie: [ -z "$DATABASE_ALREADY_EXISTS" ]
docker_verify_minimum_env() {
- # check password first so we can output the warning before postgres
- # messes it up
- if [ "${#POSTGRES_PASSWORD}" -ge 100 ]; then
- cat >&2 <<-'EOWARN'
+ case "${PG_MAJOR:-}" in
+ 12 | 13) # https://github.com/postgres/postgres/commit/67a472d71c98c3d2fa322a1b4013080b20720b98
+ # check password first so we can output the warning before postgres
+ # messes it up
+ if [ "${#POSTGRES_PASSWORD}" -ge 100 ]; then
+ cat >&2 <<-'EOWARN'
- WARNING: The supplied POSTGRES_PASSWORD is 100+ characters.
+ WARNING: The supplied POSTGRES_PASSWORD is 100+ characters.
- This will not work if used via PGPASSWORD with "psql".
+ This will not work if used via PGPASSWORD with "psql".
- https://www.postgresql.org/message-id/flat/E1Rqxp2-0004Qt-PL%40wrigleys.postgresql.org (BUG #6412)
- https://github.com/docker-library/postgres/issues/507
+ https://www.postgresql.org/message-id/flat/E1Rqxp2-0004Qt-PL%40wrigleys.postgresql.org (BUG #6412)
+ https://github.com/docker-library/postgres/issues/507
- EOWARN
- fi
+ EOWARN
+ fi
+ ;;
+ esac
if [ -z "$POSTGRES_PASSWORD" ] && [ 'trust' != "$POSTGRES_HOST_AUTH_METHOD" ]; then
# The - option suppresses leading tabs but *not* spaces. :)
cat >&2 <<-'EOE'
diff --git a/13/bullseye/docker-entrypoint.sh b/13/bullseye/docker-entrypoint.sh
index 0ae0ecf8c2..1a1ae5b3ef 100755
--- a/13/bullseye/docker-entrypoint.sh
+++ b/13/bullseye/docker-entrypoint.sh
@@ -103,20 +103,24 @@ docker_init_database_dir() {
# print large warning if POSTGRES_HOST_AUTH_METHOD is set to 'trust'
# assumes database is not set up, ie: [ -z "$DATABASE_ALREADY_EXISTS" ]
docker_verify_minimum_env() {
- # check password first so we can output the warning before postgres
- # messes it up
- if [ "${#POSTGRES_PASSWORD}" -ge 100 ]; then
- cat >&2 <<-'EOWARN'
+ case "${PG_MAJOR:-}" in
+ 12 | 13) # https://github.com/postgres/postgres/commit/67a472d71c98c3d2fa322a1b4013080b20720b98
+ # check password first so we can output the warning before postgres
+ # messes it up
+ if [ "${#POSTGRES_PASSWORD}" -ge 100 ]; then
+ cat >&2 <<-'EOWARN'
- WARNING: The supplied POSTGRES_PASSWORD is 100+ characters.
+ WARNING: The supplied POSTGRES_PASSWORD is 100+ characters.
- This will not work if used via PGPASSWORD with "psql".
+ This will not work if used via PGPASSWORD with "psql".
- https://www.postgresql.org/message-id/flat/E1Rqxp2-0004Qt-PL%40wrigleys.postgresql.org (BUG #6412)
- https://github.com/docker-library/postgres/issues/507
+ https://www.postgresql.org/message-id/flat/E1Rqxp2-0004Qt-PL%40wrigleys.postgresql.org (BUG #6412)
+ https://github.com/docker-library/postgres/issues/507
- EOWARN
- fi
+ EOWARN
+ fi
+ ;;
+ esac
if [ -z "$POSTGRES_PASSWORD" ] && [ 'trust' != "$POSTGRES_HOST_AUTH_METHOD" ]; then
# The - option suppresses leading tabs but *not* spaces. :)
cat >&2 <<-'EOE'
diff --git a/14/alpine3.18/docker-entrypoint.sh b/14/alpine3.18/docker-entrypoint.sh
index a383a36487..a50a92bf58 100755
--- a/14/alpine3.18/docker-entrypoint.sh
+++ b/14/alpine3.18/docker-entrypoint.sh
@@ -103,20 +103,24 @@ docker_init_database_dir() {
# print large warning if POSTGRES_HOST_AUTH_METHOD is set to 'trust'
# assumes database is not set up, ie: [ -z "$DATABASE_ALREADY_EXISTS" ]
docker_verify_minimum_env() {
- # check password first so we can output the warning before postgres
- # messes it up
- if [ "${#POSTGRES_PASSWORD}" -ge 100 ]; then
- cat >&2 <<-'EOWARN'
+ case "${PG_MAJOR:-}" in
+ 12 | 13) # https://github.com/postgres/postgres/commit/67a472d71c98c3d2fa322a1b4013080b20720b98
+ # check password first so we can output the warning before postgres
+ # messes it up
+ if [ "${#POSTGRES_PASSWORD}" -ge 100 ]; then
+ cat >&2 <<-'EOWARN'
- WARNING: The supplied POSTGRES_PASSWORD is 100+ characters.
+ WARNING: The supplied POSTGRES_PASSWORD is 100+ characters.
- This will not work if used via PGPASSWORD with "psql".
+ This will not work if used via PGPASSWORD with "psql".
- https://www.postgresql.org/message-id/flat/E1Rqxp2-0004Qt-PL%40wrigleys.postgresql.org (BUG #6412)
- https://github.com/docker-library/postgres/issues/507
+ https://www.postgresql.org/message-id/flat/E1Rqxp2-0004Qt-PL%40wrigleys.postgresql.org (BUG #6412)
+ https://github.com/docker-library/postgres/issues/507
- EOWARN
- fi
+ EOWARN
+ fi
+ ;;
+ esac
if [ -z "$POSTGRES_PASSWORD" ] && [ 'trust' != "$POSTGRES_HOST_AUTH_METHOD" ]; then
# The - option suppresses leading tabs but *not* spaces. :)
cat >&2 <<-'EOE'
diff --git a/14/alpine3.19/docker-entrypoint.sh b/14/alpine3.19/docker-entrypoint.sh
index a383a36487..a50a92bf58 100755
--- a/14/alpine3.19/docker-entrypoint.sh
+++ b/14/alpine3.19/docker-entrypoint.sh
@@ -103,20 +103,24 @@ docker_init_database_dir() {
# print large warning if POSTGRES_HOST_AUTH_METHOD is set to 'trust'
# assumes database is not set up, ie: [ -z "$DATABASE_ALREADY_EXISTS" ]
docker_verify_minimum_env() {
- # check password first so we can output the warning before postgres
- # messes it up
- if [ "${#POSTGRES_PASSWORD}" -ge 100 ]; then
- cat >&2 <<-'EOWARN'
+ case "${PG_MAJOR:-}" in
+ 12 | 13) # https://github.com/postgres/postgres/commit/67a472d71c98c3d2fa322a1b4013080b20720b98
+ # check password first so we can output the warning before postgres
+ # messes it up
+ if [ "${#POSTGRES_PASSWORD}" -ge 100 ]; then
+ cat >&2 <<-'EOWARN'
- WARNING: The supplied POSTGRES_PASSWORD is 100+ characters.
+ WARNING: The supplied POSTGRES_PASSWORD is 100+ characters.
- This will not work if used via PGPASSWORD with "psql".
+ This will not work if used via PGPASSWORD with "psql".
- https://www.postgresql.org/message-id/flat/E1Rqxp2-0004Qt-PL%40wrigleys.postgresql.org (BUG #6412)
- https://github.com/docker-library/postgres/issues/507
+ https://www.postgresql.org/message-id/flat/E1Rqxp2-0004Qt-PL%40wrigleys.postgresql.org (BUG #6412)
+ https://github.com/docker-library/postgres/issues/507
- EOWARN
- fi
+ EOWARN
+ fi
+ ;;
+ esac
if [ -z "$POSTGRES_PASSWORD" ] && [ 'trust' != "$POSTGRES_HOST_AUTH_METHOD" ]; then
# The - option suppresses leading tabs but *not* spaces. :)
cat >&2 <<-'EOE'
diff --git a/14/bookworm/docker-entrypoint.sh b/14/bookworm/docker-entrypoint.sh
index 0ae0ecf8c2..1a1ae5b3ef 100755
--- a/14/bookworm/docker-entrypoint.sh
+++ b/14/bookworm/docker-entrypoint.sh
@@ -103,20 +103,24 @@ docker_init_database_dir() {
# print large warning if POSTGRES_HOST_AUTH_METHOD is set to 'trust'
# assumes database is not set up, ie: [ -z "$DATABASE_ALREADY_EXISTS" ]
docker_verify_minimum_env() {
- # check password first so we can output the warning before postgres
- # messes it up
- if [ "${#POSTGRES_PASSWORD}" -ge 100 ]; then
- cat >&2 <<-'EOWARN'
+ case "${PG_MAJOR:-}" in
+ 12 | 13) # https://github.com/postgres/postgres/commit/67a472d71c98c3d2fa322a1b4013080b20720b98
+ # check password first so we can output the warning before postgres
+ # messes it up
+ if [ "${#POSTGRES_PASSWORD}" -ge 100 ]; then
+ cat >&2 <<-'EOWARN'
- WARNING: The supplied POSTGRES_PASSWORD is 100+ characters.
+ WARNING: The supplied POSTGRES_PASSWORD is 100+ characters.
- This will not work if used via PGPASSWORD with "psql".
+ This will not work if used via PGPASSWORD with "psql".
- https://www.postgresql.org/message-id/flat/E1Rqxp2-0004Qt-PL%40wrigleys.postgresql.org (BUG #6412)
- https://github.com/docker-library/postgres/issues/507
+ https://www.postgresql.org/message-id/flat/E1Rqxp2-0004Qt-PL%40wrigleys.postgresql.org (BUG #6412)
+ https://github.com/docker-library/postgres/issues/507
- EOWARN
- fi
+ EOWARN
+ fi
+ ;;
+ esac
if [ -z "$POSTGRES_PASSWORD" ] && [ 'trust' != "$POSTGRES_HOST_AUTH_METHOD" ]; then
# The - option suppresses leading tabs but *not* spaces. :)
cat >&2 <<-'EOE'
diff --git a/14/bullseye/docker-entrypoint.sh b/14/bullseye/docker-entrypoint.sh
index 0ae0ecf8c2..1a1ae5b3ef 100755
--- a/14/bullseye/docker-entrypoint.sh
+++ b/14/bullseye/docker-entrypoint.sh
@@ -103,20 +103,24 @@ docker_init_database_dir() {
# print large warning if POSTGRES_HOST_AUTH_METHOD is set to 'trust'
# assumes database is not set up, ie: [ -z "$DATABASE_ALREADY_EXISTS" ]
docker_verify_minimum_env() {
- # check password first so we can output the warning before postgres
- # messes it up
- if [ "${#POSTGRES_PASSWORD}" -ge 100 ]; then
- cat >&2 <<-'EOWARN'
+ case "${PG_MAJOR:-}" in
+ 12 | 13) # https://github.com/postgres/postgres/commit/67a472d71c98c3d2fa322a1b4013080b20720b98
+ # check password first so we can output the warning before postgres
+ # messes it up
+ if [ "${#POSTGRES_PASSWORD}" -ge 100 ]; then
+ cat >&2 <<-'EOWARN'
- WARNING: The supplied POSTGRES_PASSWORD is 100+ characters.
+ WARNING: The supplied POSTGRES_PASSWORD is 100+ characters.
- This will not work if used via PGPASSWORD with "psql".
+ This will not work if used via PGPASSWORD with "psql".
- https://www.postgresql.org/message-id/flat/E1Rqxp2-0004Qt-PL%40wrigleys.postgresql.org (BUG #6412)
- https://github.com/docker-library/postgres/issues/507
+ https://www.postgresql.org/message-id/flat/E1Rqxp2-0004Qt-PL%40wrigleys.postgresql.org (BUG #6412)
+ https://github.com/docker-library/postgres/issues/507
- EOWARN
- fi
+ EOWARN
+ fi
+ ;;
+ esac
if [ -z "$POSTGRES_PASSWORD" ] && [ 'trust' != "$POSTGRES_HOST_AUTH_METHOD" ]; then
# The - option suppresses leading tabs but *not* spaces. :)
cat >&2 <<-'EOE'
diff --git a/15/alpine3.18/docker-entrypoint.sh b/15/alpine3.18/docker-entrypoint.sh
index a383a36487..a50a92bf58 100755
--- a/15/alpine3.18/docker-entrypoint.sh
+++ b/15/alpine3.18/docker-entrypoint.sh
@@ -103,20 +103,24 @@ docker_init_database_dir() {
# print large warning if POSTGRES_HOST_AUTH_METHOD is set to 'trust'
# assumes database is not set up, ie: [ -z "$DATABASE_ALREADY_EXISTS" ]
docker_verify_minimum_env() {
- # check password first so we can output the warning before postgres
- # messes it up
- if [ "${#POSTGRES_PASSWORD}" -ge 100 ]; then
- cat >&2 <<-'EOWARN'
+ case "${PG_MAJOR:-}" in
+ 12 | 13) # https://github.com/postgres/postgres/commit/67a472d71c98c3d2fa322a1b4013080b20720b98
+ # check password first so we can output the warning before postgres
+ # messes it up
+ if [ "${#POSTGRES_PASSWORD}" -ge 100 ]; then
+ cat >&2 <<-'EOWARN'
- WARNING: The supplied POSTGRES_PASSWORD is 100+ characters.
+ WARNING: The supplied POSTGRES_PASSWORD is 100+ characters.
- This will not work if used via PGPASSWORD with "psql".
+ This will not work if used via PGPASSWORD with "psql".
- https://www.postgresql.org/message-id/flat/E1Rqxp2-0004Qt-PL%40wrigleys.postgresql.org (BUG #6412)
- https://github.com/docker-library/postgres/issues/507
+ https://www.postgresql.org/message-id/flat/E1Rqxp2-0004Qt-PL%40wrigleys.postgresql.org (BUG #6412)
+ https://github.com/docker-library/postgres/issues/507
- EOWARN
- fi
+ EOWARN
+ fi
+ ;;
+ esac
if [ -z "$POSTGRES_PASSWORD" ] && [ 'trust' != "$POSTGRES_HOST_AUTH_METHOD" ]; then
# The - option suppresses leading tabs but *not* spaces. :)
cat >&2 <<-'EOE'
diff --git a/15/alpine3.19/docker-entrypoint.sh b/15/alpine3.19/docker-entrypoint.sh
index a383a36487..a50a92bf58 100755
--- a/15/alpine3.19/docker-entrypoint.sh
+++ b/15/alpine3.19/docker-entrypoint.sh
@@ -103,20 +103,24 @@ docker_init_database_dir() {
# print large warning if POSTGRES_HOST_AUTH_METHOD is set to 'trust'
# assumes database is not set up, ie: [ -z "$DATABASE_ALREADY_EXISTS" ]
docker_verify_minimum_env() {
- # check password first so we can output the warning before postgres
- # messes it up
- if [ "${#POSTGRES_PASSWORD}" -ge 100 ]; then
- cat >&2 <<-'EOWARN'
+ case "${PG_MAJOR:-}" in
+ 12 | 13) # https://github.com/postgres/postgres/commit/67a472d71c98c3d2fa322a1b4013080b20720b98
+ # check password first so we can output the warning before postgres
+ # messes it up
+ if [ "${#POSTGRES_PASSWORD}" -ge 100 ]; then
+ cat >&2 <<-'EOWARN'
- WARNING: The supplied POSTGRES_PASSWORD is 100+ characters.
+ WARNING: The supplied POSTGRES_PASSWORD is 100+ characters.
- This will not work if used via PGPASSWORD with "psql".
+ This will not work if used via PGPASSWORD with "psql".
- https://www.postgresql.org/message-id/flat/E1Rqxp2-0004Qt-PL%40wrigleys.postgresql.org (BUG #6412)
- https://github.com/docker-library/postgres/issues/507
+ https://www.postgresql.org/message-id/flat/E1Rqxp2-0004Qt-PL%40wrigleys.postgresql.org (BUG #6412)
+ https://github.com/docker-library/postgres/issues/507
- EOWARN
- fi
+ EOWARN
+ fi
+ ;;
+ esac
if [ -z "$POSTGRES_PASSWORD" ] && [ 'trust' != "$POSTGRES_HOST_AUTH_METHOD" ]; then
# The - option suppresses leading tabs but *not* spaces. :)
cat >&2 <<-'EOE'
diff --git a/15/bookworm/docker-entrypoint.sh b/15/bookworm/docker-entrypoint.sh
index 0ae0ecf8c2..1a1ae5b3ef 100755
--- a/15/bookworm/docker-entrypoint.sh
+++ b/15/bookworm/docker-entrypoint.sh
@@ -103,20 +103,24 @@ docker_init_database_dir() {
# print large warning if POSTGRES_HOST_AUTH_METHOD is set to 'trust'
# assumes database is not set up, ie: [ -z "$DATABASE_ALREADY_EXISTS" ]
docker_verify_minimum_env() {
- # check password first so we can output the warning before postgres
- # messes it up
- if [ "${#POSTGRES_PASSWORD}" -ge 100 ]; then
- cat >&2 <<-'EOWARN'
+ case "${PG_MAJOR:-}" in
+ 12 | 13) # https://github.com/postgres/postgres/commit/67a472d71c98c3d2fa322a1b4013080b20720b98
+ # check password first so we can output the warning before postgres
+ # messes it up
+ if [ "${#POSTGRES_PASSWORD}" -ge 100 ]; then
+ cat >&2 <<-'EOWARN'
- WARNING: The supplied POSTGRES_PASSWORD is 100+ characters.
+ WARNING: The supplied POSTGRES_PASSWORD is 100+ characters.
- This will not work if used via PGPASSWORD with "psql".
+ This will not work if used via PGPASSWORD with "psql".
- https://www.postgresql.org/message-id/flat/E1Rqxp2-0004Qt-PL%40wrigleys.postgresql.org (BUG #6412)
- https://github.com/docker-library/postgres/issues/507
+ https://www.postgresql.org/message-id/flat/E1Rqxp2-0004Qt-PL%40wrigleys.postgresql.org (BUG #6412)
+ https://github.com/docker-library/postgres/issues/507
- EOWARN
- fi
+ EOWARN
+ fi
+ ;;
+ esac
if [ -z "$POSTGRES_PASSWORD" ] && [ 'trust' != "$POSTGRES_HOST_AUTH_METHOD" ]; then
# The - option suppresses leading tabs but *not* spaces. :)
cat >&2 <<-'EOE'
diff --git a/15/bullseye/docker-entrypoint.sh b/15/bullseye/docker-entrypoint.sh
index 0ae0ecf8c2..1a1ae5b3ef 100755
--- a/15/bullseye/docker-entrypoint.sh
+++ b/15/bullseye/docker-entrypoint.sh
@@ -103,20 +103,24 @@ docker_init_database_dir() {
# print large warning if POSTGRES_HOST_AUTH_METHOD is set to 'trust'
# assumes database is not set up, ie: [ -z "$DATABASE_ALREADY_EXISTS" ]
docker_verify_minimum_env() {
- # check password first so we can output the warning before postgres
- # messes it up
- if [ "${#POSTGRES_PASSWORD}" -ge 100 ]; then
- cat >&2 <<-'EOWARN'
+ case "${PG_MAJOR:-}" in
+ 12 | 13) # https://github.com/postgres/postgres/commit/67a472d71c98c3d2fa322a1b4013080b20720b98
+ # check password first so we can output the warning before postgres
+ # messes it up
+ if [ "${#POSTGRES_PASSWORD}" -ge 100 ]; then
+ cat >&2 <<-'EOWARN'
- WARNING: The supplied POSTGRES_PASSWORD is 100+ characters.
+ WARNING: The supplied POSTGRES_PASSWORD is 100+ characters.
- This will not work if used via PGPASSWORD with "psql".
+ This will not work if used via PGPASSWORD with "psql".
- https://www.postgresql.org/message-id/flat/E1Rqxp2-0004Qt-PL%40wrigleys.postgresql.org (BUG #6412)
- https://github.com/docker-library/postgres/issues/507
+ https://www.postgresql.org/message-id/flat/E1Rqxp2-0004Qt-PL%40wrigleys.postgresql.org (BUG #6412)
+ https://github.com/docker-library/postgres/issues/507
- EOWARN
- fi
+ EOWARN
+ fi
+ ;;
+ esac
if [ -z "$POSTGRES_PASSWORD" ] && [ 'trust' != "$POSTGRES_HOST_AUTH_METHOD" ]; then
# The - option suppresses leading tabs but *not* spaces. :)
cat >&2 <<-'EOE'
diff --git a/16/alpine3.18/docker-entrypoint.sh b/16/alpine3.18/docker-entrypoint.sh
index a383a36487..a50a92bf58 100755
--- a/16/alpine3.18/docker-entrypoint.sh
+++ b/16/alpine3.18/docker-entrypoint.sh
@@ -103,20 +103,24 @@ docker_init_database_dir() {
# print large warning if POSTGRES_HOST_AUTH_METHOD is set to 'trust'
# assumes database is not set up, ie: [ -z "$DATABASE_ALREADY_EXISTS" ]
docker_verify_minimum_env() {
- # check password first so we can output the warning before postgres
- # messes it up
- if [ "${#POSTGRES_PASSWORD}" -ge 100 ]; then
- cat >&2 <<-'EOWARN'
+ case "${PG_MAJOR:-}" in
+ 12 | 13) # https://github.com/postgres/postgres/commit/67a472d71c98c3d2fa322a1b4013080b20720b98
+ # check password first so we can output the warning before postgres
+ # messes it up
+ if [ "${#POSTGRES_PASSWORD}" -ge 100 ]; then
+ cat >&2 <<-'EOWARN'
- WARNING: The supplied POSTGRES_PASSWORD is 100+ characters.
+ WARNING: The supplied POSTGRES_PASSWORD is 100+ characters.
- This will not work if used via PGPASSWORD with "psql".
+ This will not work if used via PGPASSWORD with "psql".
- https://www.postgresql.org/message-id/flat/E1Rqxp2-0004Qt-PL%40wrigleys.postgresql.org (BUG #6412)
- https://github.com/docker-library/postgres/issues/507
+ https://www.postgresql.org/message-id/flat/E1Rqxp2-0004Qt-PL%40wrigleys.postgresql.org (BUG #6412)
+ https://github.com/docker-library/postgres/issues/507
- EOWARN
- fi
+ EOWARN
+ fi
+ ;;
+ esac
if [ -z "$POSTGRES_PASSWORD" ] && [ 'trust' != "$POSTGRES_HOST_AUTH_METHOD" ]; then
# The - option suppresses leading tabs but *not* spaces. :)
cat >&2 <<-'EOE'
diff --git a/16/alpine3.19/docker-entrypoint.sh b/16/alpine3.19/docker-entrypoint.sh
index a383a36487..a50a92bf58 100755
--- a/16/alpine3.19/docker-entrypoint.sh
+++ b/16/alpine3.19/docker-entrypoint.sh
@@ -103,20 +103,24 @@ docker_init_database_dir() {
# print large warning if POSTGRES_HOST_AUTH_METHOD is set to 'trust'
# assumes database is not set up, ie: [ -z "$DATABASE_ALREADY_EXISTS" ]
docker_verify_minimum_env() {
- # check password first so we can output the warning before postgres
- # messes it up
- if [ "${#POSTGRES_PASSWORD}" -ge 100 ]; then
- cat >&2 <<-'EOWARN'
+ case "${PG_MAJOR:-}" in
+ 12 | 13) # https://github.com/postgres/postgres/commit/67a472d71c98c3d2fa322a1b4013080b20720b98
+ # check password first so we can output the warning before postgres
+ # messes it up
+ if [ "${#POSTGRES_PASSWORD}" -ge 100 ]; then
+ cat >&2 <<-'EOWARN'
- WARNING: The supplied POSTGRES_PASSWORD is 100+ characters.
+ WARNING: The supplied POSTGRES_PASSWORD is 100+ characters.
- This will not work if used via PGPASSWORD with "psql".
+ This will not work if used via PGPASSWORD with "psql".
- https://www.postgresql.org/message-id/flat/E1Rqxp2-0004Qt-PL%40wrigleys.postgresql.org (BUG #6412)
- https://github.com/docker-library/postgres/issues/507
+ https://www.postgresql.org/message-id/flat/E1Rqxp2-0004Qt-PL%40wrigleys.postgresql.org (BUG #6412)
+ https://github.com/docker-library/postgres/issues/507
- EOWARN
- fi
+ EOWARN
+ fi
+ ;;
+ esac
if [ -z "$POSTGRES_PASSWORD" ] && [ 'trust' != "$POSTGRES_HOST_AUTH_METHOD" ]; then
# The - option suppresses leading tabs but *not* spaces. :)
cat >&2 <<-'EOE'
diff --git a/16/bookworm/docker-entrypoint.sh b/16/bookworm/docker-entrypoint.sh
index 0ae0ecf8c2..1a1ae5b3ef 100755
--- a/16/bookworm/docker-entrypoint.sh
+++ b/16/bookworm/docker-entrypoint.sh
@@ -103,20 +103,24 @@ docker_init_database_dir() {
# print large warning if POSTGRES_HOST_AUTH_METHOD is set to 'trust'
# assumes database is not set up, ie: [ -z "$DATABASE_ALREADY_EXISTS" ]
docker_verify_minimum_env() {
- # check password first so we can output the warning before postgres
- # messes it up
- if [ "${#POSTGRES_PASSWORD}" -ge 100 ]; then
- cat >&2 <<-'EOWARN'
+ case "${PG_MAJOR:-}" in
+ 12 | 13) # https://github.com/postgres/postgres/commit/67a472d71c98c3d2fa322a1b4013080b20720b98
+ # check password first so we can output the warning before postgres
+ # messes it up
+ if [ "${#POSTGRES_PASSWORD}" -ge 100 ]; then
+ cat >&2 <<-'EOWARN'
- WARNING: The supplied POSTGRES_PASSWORD is 100+ characters.
+ WARNING: The supplied POSTGRES_PASSWORD is 100+ characters.
- This will not work if used via PGPASSWORD with "psql".
+ This will not work if used via PGPASSWORD with "psql".
- https://www.postgresql.org/message-id/flat/E1Rqxp2-0004Qt-PL%40wrigleys.postgresql.org (BUG #6412)
- https://github.com/docker-library/postgres/issues/507
+ https://www.postgresql.org/message-id/flat/E1Rqxp2-0004Qt-PL%40wrigleys.postgresql.org (BUG #6412)
+ https://github.com/docker-library/postgres/issues/507
- EOWARN
- fi
+ EOWARN
+ fi
+ ;;
+ esac
if [ -z "$POSTGRES_PASSWORD" ] && [ 'trust' != "$POSTGRES_HOST_AUTH_METHOD" ]; then
# The - option suppresses leading tabs but *not* spaces. :)
cat >&2 <<-'EOE'
diff --git a/16/bullseye/docker-entrypoint.sh b/16/bullseye/docker-entrypoint.sh
index 0ae0ecf8c2..1a1ae5b3ef 100755
--- a/16/bullseye/docker-entrypoint.sh
+++ b/16/bullseye/docker-entrypoint.sh
@@ -103,20 +103,24 @@ docker_init_database_dir() {
# print large warning if POSTGRES_HOST_AUTH_METHOD is set to 'trust'
# assumes database is not set up, ie: [ -z "$DATABASE_ALREADY_EXISTS" ]
docker_verify_minimum_env() {
- # check password first so we can output the warning before postgres
- # messes it up
- if [ "${#POSTGRES_PASSWORD}" -ge 100 ]; then
- cat >&2 <<-'EOWARN'
+ case "${PG_MAJOR:-}" in
+ 12 | 13) # https://github.com/postgres/postgres/commit/67a472d71c98c3d2fa322a1b4013080b20720b98
+ # check password first so we can output the warning before postgres
+ # messes it up
+ if [ "${#POSTGRES_PASSWORD}" -ge 100 ]; then
+ cat >&2 <<-'EOWARN'
- WARNING: The supplied POSTGRES_PASSWORD is 100+ characters.
+ WARNING: The supplied POSTGRES_PASSWORD is 100+ characters.
- This will not work if used via PGPASSWORD with "psql".
+ This will not work if used via PGPASSWORD with "psql".
- https://www.postgresql.org/message-id/flat/E1Rqxp2-0004Qt-PL%40wrigleys.postgresql.org (BUG #6412)
- https://github.com/docker-library/postgres/issues/507
+ https://www.postgresql.org/message-id/flat/E1Rqxp2-0004Qt-PL%40wrigleys.postgresql.org (BUG #6412)
+ https://github.com/docker-library/postgres/issues/507
- EOWARN
- fi
+ EOWARN
+ fi
+ ;;
+ esac
if [ -z "$POSTGRES_PASSWORD" ] && [ 'trust' != "$POSTGRES_HOST_AUTH_METHOD" ]; then
# The - option suppresses leading tabs but *not* spaces. :)
cat >&2 <<-'EOE'
diff --git a/docker-entrypoint.sh b/docker-entrypoint.sh
index 0ae0ecf8c2..1a1ae5b3ef 100755
--- a/docker-entrypoint.sh
+++ b/docker-entrypoint.sh
@@ -103,20 +103,24 @@ docker_init_database_dir() {
# print large warning if POSTGRES_HOST_AUTH_METHOD is set to 'trust'
# assumes database is not set up, ie: [ -z "$DATABASE_ALREADY_EXISTS" ]
docker_verify_minimum_env() {
- # check password first so we can output the warning before postgres
- # messes it up
- if [ "${#POSTGRES_PASSWORD}" -ge 100 ]; then
- cat >&2 <<-'EOWARN'
+ case "${PG_MAJOR:-}" in
+ 12 | 13) # https://github.com/postgres/postgres/commit/67a472d71c98c3d2fa322a1b4013080b20720b98
+ # check password first so we can output the warning before postgres
+ # messes it up
+ if [ "${#POSTGRES_PASSWORD}" -ge 100 ]; then
+ cat >&2 <<-'EOWARN'
- WARNING: The supplied POSTGRES_PASSWORD is 100+ characters.
+ WARNING: The supplied POSTGRES_PASSWORD is 100+ characters.
- This will not work if used via PGPASSWORD with "psql".
+ This will not work if used via PGPASSWORD with "psql".
- https://www.postgresql.org/message-id/flat/E1Rqxp2-0004Qt-PL%40wrigleys.postgresql.org (BUG #6412)
- https://github.com/docker-library/postgres/issues/507
+ https://www.postgresql.org/message-id/flat/E1Rqxp2-0004Qt-PL%40wrigleys.postgresql.org (BUG #6412)
+ https://github.com/docker-library/postgres/issues/507
- EOWARN
- fi
+ EOWARN
+ fi
+ ;;
+ esac
if [ -z "$POSTGRES_PASSWORD" ] && [ 'trust' != "$POSTGRES_HOST_AUTH_METHOD" ]; then
# The - option suppresses leading tabs but *not* spaces. :)
cat >&2 <<-'EOE'
From d416768b1a7f03919b9cf0fef6adc9dcad937888 Mon Sep 17 00:00:00 2001
From: Tianon Gravi <admwiggin@gmail.com>
Date: Thu, 4 Jan 2024 13:52:40 -0800
Subject: [PATCH 042/115] Add `less` to Debian variants
https://www.postgresql.org/docs/16/app-psql.html#APP-PSQL-META-COMMAND-PSET-PAGER
https://github.com/postgres/postgres/blob/REL_16_1/src/include/fe_utils/print.h#L25
(if "less" is available, it gets used as the default pager for psql, and it only adds ~1.5MiB to our image size)
---
12/bookworm/Dockerfile | 4 ++++
12/bullseye/Dockerfile | 4 ++++
13/bookworm/Dockerfile | 4 ++++
13/bullseye/Dockerfile | 4 ++++
14/bookworm/Dockerfile | 4 ++++
14/bullseye/Dockerfile | 4 ++++
15/bookworm/Dockerfile | 4 ++++
15/bullseye/Dockerfile | 4 ++++
16/bookworm/Dockerfile | 4 ++++
16/bullseye/Dockerfile | 4 ++++
Dockerfile-debian.template | 4 ++++
11 files changed, 44 insertions(+)
diff --git a/12/bookworm/Dockerfile b/12/bookworm/Dockerfile
index 647dc8dc43..20968d7618 100644
--- a/12/bookworm/Dockerfile
+++ b/12/bookworm/Dockerfile
@@ -20,6 +20,10 @@ RUN set -ex; \
apt-get update; \
apt-get install -y --no-install-recommends \
gnupg \
+# https://www.postgresql.org/docs/16/app-psql.html#APP-PSQL-META-COMMAND-PSET-PAGER
+# https://github.com/postgres/postgres/blob/REL_16_1/src/include/fe_utils/print.h#L25
+# (if "less" is available, it gets used as the default pager for psql, and it only adds ~1.5MiB to our image size)
+ less \
; \
rm -rf /var/lib/apt/lists/*
diff --git a/12/bullseye/Dockerfile b/12/bullseye/Dockerfile
index 82386336a2..d311e72ebf 100644
--- a/12/bullseye/Dockerfile
+++ b/12/bullseye/Dockerfile
@@ -20,6 +20,10 @@ RUN set -ex; \
apt-get update; \
apt-get install -y --no-install-recommends \
gnupg \
+# https://www.postgresql.org/docs/16/app-psql.html#APP-PSQL-META-COMMAND-PSET-PAGER
+# https://github.com/postgres/postgres/blob/REL_16_1/src/include/fe_utils/print.h#L25
+# (if "less" is available, it gets used as the default pager for psql, and it only adds ~1.5MiB to our image size)
+ less \
; \
rm -rf /var/lib/apt/lists/*
diff --git a/13/bookworm/Dockerfile b/13/bookworm/Dockerfile
index 1086785f54..a98e9c3f2c 100644
--- a/13/bookworm/Dockerfile
+++ b/13/bookworm/Dockerfile
@@ -20,6 +20,10 @@ RUN set -ex; \
apt-get update; \
apt-get install -y --no-install-recommends \
gnupg \
+# https://www.postgresql.org/docs/16/app-psql.html#APP-PSQL-META-COMMAND-PSET-PAGER
+# https://github.com/postgres/postgres/blob/REL_16_1/src/include/fe_utils/print.h#L25
+# (if "less" is available, it gets used as the default pager for psql, and it only adds ~1.5MiB to our image size)
+ less \
; \
rm -rf /var/lib/apt/lists/*
diff --git a/13/bullseye/Dockerfile b/13/bullseye/Dockerfile
index 0f2b30c55e..a4374dfff1 100644
--- a/13/bullseye/Dockerfile
+++ b/13/bullseye/Dockerfile
@@ -20,6 +20,10 @@ RUN set -ex; \
apt-get update; \
apt-get install -y --no-install-recommends \
gnupg \
+# https://www.postgresql.org/docs/16/app-psql.html#APP-PSQL-META-COMMAND-PSET-PAGER
+# https://github.com/postgres/postgres/blob/REL_16_1/src/include/fe_utils/print.h#L25
+# (if "less" is available, it gets used as the default pager for psql, and it only adds ~1.5MiB to our image size)
+ less \
; \
rm -rf /var/lib/apt/lists/*
diff --git a/14/bookworm/Dockerfile b/14/bookworm/Dockerfile
index 4905043349..096e32d754 100644
--- a/14/bookworm/Dockerfile
+++ b/14/bookworm/Dockerfile
@@ -20,6 +20,10 @@ RUN set -ex; \
apt-get update; \
apt-get install -y --no-install-recommends \
gnupg \
+# https://www.postgresql.org/docs/16/app-psql.html#APP-PSQL-META-COMMAND-PSET-PAGER
+# https://github.com/postgres/postgres/blob/REL_16_1/src/include/fe_utils/print.h#L25
+# (if "less" is available, it gets used as the default pager for psql, and it only adds ~1.5MiB to our image size)
+ less \
; \
rm -rf /var/lib/apt/lists/*
diff --git a/14/bullseye/Dockerfile b/14/bullseye/Dockerfile
index 95e24e495a..e507624db1 100644
--- a/14/bullseye/Dockerfile
+++ b/14/bullseye/Dockerfile
@@ -20,6 +20,10 @@ RUN set -ex; \
apt-get update; \
apt-get install -y --no-install-recommends \
gnupg \
+# https://www.postgresql.org/docs/16/app-psql.html#APP-PSQL-META-COMMAND-PSET-PAGER
+# https://github.com/postgres/postgres/blob/REL_16_1/src/include/fe_utils/print.h#L25
+# (if "less" is available, it gets used as the default pager for psql, and it only adds ~1.5MiB to our image size)
+ less \
; \
rm -rf /var/lib/apt/lists/*
diff --git a/15/bookworm/Dockerfile b/15/bookworm/Dockerfile
index af0da3d468..f05387d1d2 100644
--- a/15/bookworm/Dockerfile
+++ b/15/bookworm/Dockerfile
@@ -20,6 +20,10 @@ RUN set -ex; \
apt-get update; \
apt-get install -y --no-install-recommends \
gnupg \
+# https://www.postgresql.org/docs/16/app-psql.html#APP-PSQL-META-COMMAND-PSET-PAGER
+# https://github.com/postgres/postgres/blob/REL_16_1/src/include/fe_utils/print.h#L25
+# (if "less" is available, it gets used as the default pager for psql, and it only adds ~1.5MiB to our image size)
+ less \
; \
rm -rf /var/lib/apt/lists/*
diff --git a/15/bullseye/Dockerfile b/15/bullseye/Dockerfile
index 2d9db9bb37..b091bc4425 100644
--- a/15/bullseye/Dockerfile
+++ b/15/bullseye/Dockerfile
@@ -20,6 +20,10 @@ RUN set -ex; \
apt-get update; \
apt-get install -y --no-install-recommends \
gnupg \
+# https://www.postgresql.org/docs/16/app-psql.html#APP-PSQL-META-COMMAND-PSET-PAGER
+# https://github.com/postgres/postgres/blob/REL_16_1/src/include/fe_utils/print.h#L25
+# (if "less" is available, it gets used as the default pager for psql, and it only adds ~1.5MiB to our image size)
+ less \
; \
rm -rf /var/lib/apt/lists/*
diff --git a/16/bookworm/Dockerfile b/16/bookworm/Dockerfile
index 15369fd019..a2bde2b26a 100644
--- a/16/bookworm/Dockerfile
+++ b/16/bookworm/Dockerfile
@@ -20,6 +20,10 @@ RUN set -ex; \
apt-get update; \
apt-get install -y --no-install-recommends \
gnupg \
+# https://www.postgresql.org/docs/16/app-psql.html#APP-PSQL-META-COMMAND-PSET-PAGER
+# https://github.com/postgres/postgres/blob/REL_16_1/src/include/fe_utils/print.h#L25
+# (if "less" is available, it gets used as the default pager for psql, and it only adds ~1.5MiB to our image size)
+ less \
; \
rm -rf /var/lib/apt/lists/*
diff --git a/16/bullseye/Dockerfile b/16/bullseye/Dockerfile
index b132cc211b..5d0cd70a12 100644
--- a/16/bullseye/Dockerfile
+++ b/16/bullseye/Dockerfile
@@ -20,6 +20,10 @@ RUN set -ex; \
apt-get update; \
apt-get install -y --no-install-recommends \
gnupg \
+# https://www.postgresql.org/docs/16/app-psql.html#APP-PSQL-META-COMMAND-PSET-PAGER
+# https://github.com/postgres/postgres/blob/REL_16_1/src/include/fe_utils/print.h#L25
+# (if "less" is available, it gets used as the default pager for psql, and it only adds ~1.5MiB to our image size)
+ less \
; \
rm -rf /var/lib/apt/lists/*
diff --git a/Dockerfile-debian.template b/Dockerfile-debian.template
index 588fced34d..878e813250 100644
--- a/Dockerfile-debian.template
+++ b/Dockerfile-debian.template
@@ -14,6 +14,10 @@ RUN set -ex; \
apt-get update; \
apt-get install -y --no-install-recommends \
gnupg \
+# https://www.postgresql.org/docs/16/app-psql.html#APP-PSQL-META-COMMAND-PSET-PAGER
+# https://github.com/postgres/postgres/blob/REL_16_1/src/include/fe_utils/print.h#L25
+# (if "less" is available, it gets used as the default pager for psql, and it only adds ~1.5MiB to our image size)
+ less \
; \
rm -rf /var/lib/apt/lists/*
From 764632913153817ef4216eebea6a4708ec5549fb Mon Sep 17 00:00:00 2001
From: Docker Library Bot <doi+docker-library-bot@docker.com>
Date: Thu, 8 Feb 2024 11:02:23 -0800
Subject: [PATCH 043/115] Update 12 to 12.18, bookworm 12.18-1.pgdg120+1,
bullseye 12.18-1.pgdg110+1
---
12/alpine3.18/Dockerfile | 4 ++--
12/alpine3.19/Dockerfile | 4 ++--
12/bookworm/Dockerfile | 2 +-
12/bullseye/Dockerfile | 2 +-
versions.json | 8 ++++----
5 files changed, 10 insertions(+), 10 deletions(-)
diff --git a/12/alpine3.18/Dockerfile b/12/alpine3.18/Dockerfile
index 2c83e89017..b8f1171df7 100644
--- a/12/alpine3.18/Dockerfile
+++ b/12/alpine3.18/Dockerfile
@@ -23,8 +23,8 @@ ENV LANG en_US.utf8
RUN mkdir /docker-entrypoint-initdb.d
ENV PG_MAJOR 12
-ENV PG_VERSION 12.17
-ENV PG_SHA256 93e8e1b23981d5f03c6c5763f77b28184c1ce4db7194fa466e2edb65d9c1c5f6
+ENV PG_VERSION 12.18
+ENV PG_SHA256 4f9919725d941ce9868e07fe1ed1d3a86748599b483386547583928b74c3918a
ENV DOCKER_PG_LLVM_DEPS \
llvm15-dev \
diff --git a/12/alpine3.19/Dockerfile b/12/alpine3.19/Dockerfile
index 44927f2474..900ed44181 100644
--- a/12/alpine3.19/Dockerfile
+++ b/12/alpine3.19/Dockerfile
@@ -23,8 +23,8 @@ ENV LANG en_US.utf8
RUN mkdir /docker-entrypoint-initdb.d
ENV PG_MAJOR 12
-ENV PG_VERSION 12.17
-ENV PG_SHA256 93e8e1b23981d5f03c6c5763f77b28184c1ce4db7194fa466e2edb65d9c1c5f6
+ENV PG_VERSION 12.18
+ENV PG_SHA256 4f9919725d941ce9868e07fe1ed1d3a86748599b483386547583928b74c3918a
ENV DOCKER_PG_LLVM_DEPS \
llvm15-dev \
diff --git a/12/bookworm/Dockerfile b/12/bookworm/Dockerfile
index 20968d7618..3db6428e88 100644
--- a/12/bookworm/Dockerfile
+++ b/12/bookworm/Dockerfile
@@ -90,7 +90,7 @@ RUN set -ex; \
ENV PG_MAJOR 12
ENV PATH $PATH:/usr/lib/postgresql/$PG_MAJOR/bin
-ENV PG_VERSION 12.17-1.pgdg120+1
+ENV PG_VERSION 12.18-1.pgdg120+1
RUN set -ex; \
\
diff --git a/12/bullseye/Dockerfile b/12/bullseye/Dockerfile
index d311e72ebf..98e115e2bc 100644
--- a/12/bullseye/Dockerfile
+++ b/12/bullseye/Dockerfile
@@ -90,7 +90,7 @@ RUN set -ex; \
ENV PG_MAJOR 12
ENV PATH $PATH:/usr/lib/postgresql/$PG_MAJOR/bin
-ENV PG_VERSION 12.17-1.pgdg110+1
+ENV PG_VERSION 12.18-1.pgdg110+1
RUN set -ex; \
\
diff --git a/versions.json b/versions.json
index f252bb90a5..7d9273e951 100644
--- a/versions.json
+++ b/versions.json
@@ -8,7 +8,7 @@
"ppc64el",
"s390x"
],
- "version": "12.17-1.pgdg120+1"
+ "version": "12.18-1.pgdg120+1"
},
"bullseye": {
"arches": [
@@ -17,18 +17,18 @@
"ppc64el",
"s390x"
],
- "version": "12.17-1.pgdg110+1"
+ "version": "12.18-1.pgdg110+1"
},
"debian": "bookworm",
"major": 12,
- "sha256": "93e8e1b23981d5f03c6c5763f77b28184c1ce4db7194fa466e2edb65d9c1c5f6",
+ "sha256": "4f9919725d941ce9868e07fe1ed1d3a86748599b483386547583928b74c3918a",
"variants": [
"bookworm",
"bullseye",
"alpine3.19",
"alpine3.18"
],
- "version": "12.17"
+ "version": "12.18"
},
"13": {
"alpine": "3.19",
From c3c66a192905283ee9c9c34b03c73180975e6fad Mon Sep 17 00:00:00 2001
From: Docker Library Bot <doi+docker-library-bot@docker.com>
Date: Thu, 8 Feb 2024 11:16:28 -0800
Subject: [PATCH 044/115] Update 13 to 13.14, bookworm 13.14-1.pgdg120+1,
bullseye 13.14-1.pgdg110+1
---
13/alpine3.18/Dockerfile | 4 ++--
13/alpine3.19/Dockerfile | 4 ++--
13/bookworm/Dockerfile | 2 +-
13/bullseye/Dockerfile | 2 +-
versions.json | 8 ++++----
5 files changed, 10 insertions(+), 10 deletions(-)
diff --git a/13/alpine3.18/Dockerfile b/13/alpine3.18/Dockerfile
index 792663345d..34f1f7f4ce 100644
--- a/13/alpine3.18/Dockerfile
+++ b/13/alpine3.18/Dockerfile
@@ -23,8 +23,8 @@ ENV LANG en_US.utf8
RUN mkdir /docker-entrypoint-initdb.d
ENV PG_MAJOR 13
-ENV PG_VERSION 13.13
-ENV PG_SHA256 8af69c2599047a2ad246567d68ec4131aef116954d8c3e469e9789080b37a474
+ENV PG_VERSION 13.14
+ENV PG_SHA256 b8df078551898960bd500dc5d38a177e9905376df81fe7f2b660a1407fa6a5ed
ENV DOCKER_PG_LLVM_DEPS \
llvm15-dev \
diff --git a/13/alpine3.19/Dockerfile b/13/alpine3.19/Dockerfile
index 1784e8ef88..217875c8e8 100644
--- a/13/alpine3.19/Dockerfile
+++ b/13/alpine3.19/Dockerfile
@@ -23,8 +23,8 @@ ENV LANG en_US.utf8
RUN mkdir /docker-entrypoint-initdb.d
ENV PG_MAJOR 13
-ENV PG_VERSION 13.13
-ENV PG_SHA256 8af69c2599047a2ad246567d68ec4131aef116954d8c3e469e9789080b37a474
+ENV PG_VERSION 13.14
+ENV PG_SHA256 b8df078551898960bd500dc5d38a177e9905376df81fe7f2b660a1407fa6a5ed
ENV DOCKER_PG_LLVM_DEPS \
llvm15-dev \
diff --git a/13/bookworm/Dockerfile b/13/bookworm/Dockerfile
index a98e9c3f2c..bf47c93221 100644
--- a/13/bookworm/Dockerfile
+++ b/13/bookworm/Dockerfile
@@ -90,7 +90,7 @@ RUN set -ex; \
ENV PG_MAJOR 13
ENV PATH $PATH:/usr/lib/postgresql/$PG_MAJOR/bin
-ENV PG_VERSION 13.13-1.pgdg120+1
+ENV PG_VERSION 13.14-1.pgdg120+1
RUN set -ex; \
\
diff --git a/13/bullseye/Dockerfile b/13/bullseye/Dockerfile
index a4374dfff1..6a520a4690 100644
--- a/13/bullseye/Dockerfile
+++ b/13/bullseye/Dockerfile
@@ -90,7 +90,7 @@ RUN set -ex; \
ENV PG_MAJOR 13
ENV PATH $PATH:/usr/lib/postgresql/$PG_MAJOR/bin
-ENV PG_VERSION 13.13-1.pgdg110+1
+ENV PG_VERSION 13.14-1.pgdg110+1
RUN set -ex; \
\
diff --git a/versions.json b/versions.json
index 7d9273e951..bb5882792d 100644
--- a/versions.json
+++ b/versions.json
@@ -39,7 +39,7 @@
"ppc64el",
"s390x"
],
- "version": "13.13-1.pgdg120+1"
+ "version": "13.14-1.pgdg120+1"
},
"bullseye": {
"arches": [
@@ -48,18 +48,18 @@
"ppc64el",
"s390x"
],
- "version": "13.13-1.pgdg110+1"
+ "version": "13.14-1.pgdg110+1"
},
"debian": "bookworm",
"major": 13,
- "sha256": "8af69c2599047a2ad246567d68ec4131aef116954d8c3e469e9789080b37a474",
+ "sha256": "b8df078551898960bd500dc5d38a177e9905376df81fe7f2b660a1407fa6a5ed",
"variants": [
"bookworm",
"bullseye",
"alpine3.19",
"alpine3.18"
],
- "version": "13.13"
+ "version": "13.14"
},
"14": {
"alpine": "3.19",
From 3b6cb599da1bab72e4f57c54879e41c8c20fd036 Mon Sep 17 00:00:00 2001
From: Docker Library Bot <doi+docker-library-bot@docker.com>
Date: Thu, 8 Feb 2024 11:28:15 -0800
Subject: [PATCH 045/115] Update 14 to 14.11, bookworm 14.11-1.pgdg120+1,
bullseye 14.11-1.pgdg110+1
---
14/alpine3.18/Dockerfile | 4 ++--
14/alpine3.19/Dockerfile | 4 ++--
14/bookworm/Dockerfile | 2 +-
14/bullseye/Dockerfile | 2 +-
versions.json | 8 ++++----
5 files changed, 10 insertions(+), 10 deletions(-)
diff --git a/14/alpine3.18/Dockerfile b/14/alpine3.18/Dockerfile
index 3a1d96e249..67f44f5ddc 100644
--- a/14/alpine3.18/Dockerfile
+++ b/14/alpine3.18/Dockerfile
@@ -23,8 +23,8 @@ ENV LANG en_US.utf8
RUN mkdir /docker-entrypoint-initdb.d
ENV PG_MAJOR 14
-ENV PG_VERSION 14.10
-ENV PG_SHA256 c99431c48e9d470b0d0ab946eb2141a3cd19130c2fb4dc4b3284a7774ecc8399
+ENV PG_VERSION 14.11
+ENV PG_SHA256 a670bd7dce22dcad4297b261136b3b1d4a09a6f541719562aa14ca63bf2968a8
ENV DOCKER_PG_LLVM_DEPS \
llvm15-dev \
diff --git a/14/alpine3.19/Dockerfile b/14/alpine3.19/Dockerfile
index 8292d8e093..75bb2296eb 100644
--- a/14/alpine3.19/Dockerfile
+++ b/14/alpine3.19/Dockerfile
@@ -23,8 +23,8 @@ ENV LANG en_US.utf8
RUN mkdir /docker-entrypoint-initdb.d
ENV PG_MAJOR 14
-ENV PG_VERSION 14.10
-ENV PG_SHA256 c99431c48e9d470b0d0ab946eb2141a3cd19130c2fb4dc4b3284a7774ecc8399
+ENV PG_VERSION 14.11
+ENV PG_SHA256 a670bd7dce22dcad4297b261136b3b1d4a09a6f541719562aa14ca63bf2968a8
ENV DOCKER_PG_LLVM_DEPS \
llvm15-dev \
diff --git a/14/bookworm/Dockerfile b/14/bookworm/Dockerfile
index 096e32d754..ec78178beb 100644
--- a/14/bookworm/Dockerfile
+++ b/14/bookworm/Dockerfile
@@ -90,7 +90,7 @@ RUN set -ex; \
ENV PG_MAJOR 14
ENV PATH $PATH:/usr/lib/postgresql/$PG_MAJOR/bin
-ENV PG_VERSION 14.10-1.pgdg120+1
+ENV PG_VERSION 14.11-1.pgdg120+1
RUN set -ex; \
\
diff --git a/14/bullseye/Dockerfile b/14/bullseye/Dockerfile
index e507624db1..33f2dfdb0c 100644
--- a/14/bullseye/Dockerfile
+++ b/14/bullseye/Dockerfile
@@ -90,7 +90,7 @@ RUN set -ex; \
ENV PG_MAJOR 14
ENV PATH $PATH:/usr/lib/postgresql/$PG_MAJOR/bin
-ENV PG_VERSION 14.10-1.pgdg110+1
+ENV PG_VERSION 14.11-1.pgdg110+1
RUN set -ex; \
\
diff --git a/versions.json b/versions.json
index bb5882792d..8e39f20e35 100644
--- a/versions.json
+++ b/versions.json
@@ -70,7 +70,7 @@
"ppc64el",
"s390x"
],
- "version": "14.10-1.pgdg120+1"
+ "version": "14.11-1.pgdg120+1"
},
"bullseye": {
"arches": [
@@ -79,18 +79,18 @@
"ppc64el",
"s390x"
],
- "version": "14.10-1.pgdg110+1"
+ "version": "14.11-1.pgdg110+1"
},
"debian": "bookworm",
"major": 14,
- "sha256": "c99431c48e9d470b0d0ab946eb2141a3cd19130c2fb4dc4b3284a7774ecc8399",
+ "sha256": "a670bd7dce22dcad4297b261136b3b1d4a09a6f541719562aa14ca63bf2968a8",
"variants": [
"bookworm",
"bullseye",
"alpine3.19",
"alpine3.18"
],
- "version": "14.10"
+ "version": "14.11"
},
"15": {
"alpine": "3.19",
From 539bdac35db7b6a7f91c0b9d911522d21f5b9083 Mon Sep 17 00:00:00 2001
From: Docker Library Bot <doi+docker-library-bot@docker.com>
Date: Thu, 8 Feb 2024 11:40:08 -0800
Subject: [PATCH 046/115] Update 15 to 15.6, bookworm 15.6-1.pgdg120+1,
bullseye 15.6-1.pgdg110+1
---
15/alpine3.18/Dockerfile | 4 ++--
15/alpine3.19/Dockerfile | 4 ++--
15/bookworm/Dockerfile | 2 +-
15/bullseye/Dockerfile | 2 +-
versions.json | 8 ++++----
5 files changed, 10 insertions(+), 10 deletions(-)
diff --git a/15/alpine3.18/Dockerfile b/15/alpine3.18/Dockerfile
index d05d71b879..1e01ab817a 100644
--- a/15/alpine3.18/Dockerfile
+++ b/15/alpine3.18/Dockerfile
@@ -23,8 +23,8 @@ ENV LANG en_US.utf8
RUN mkdir /docker-entrypoint-initdb.d
ENV PG_MAJOR 15
-ENV PG_VERSION 15.5
-ENV PG_SHA256 8f53aa95d78eb8e82536ea46b68187793b42bba3b4f65aa342f540b23c9b10a6
+ENV PG_VERSION 15.6
+ENV PG_SHA256 8455146ed9c69c93a57de954aead0302cafad035c2b242175d6aa1e17ebcb2fb
ENV DOCKER_PG_LLVM_DEPS \
llvm15-dev \
diff --git a/15/alpine3.19/Dockerfile b/15/alpine3.19/Dockerfile
index 3dabd7e91f..6e23b453e3 100644
--- a/15/alpine3.19/Dockerfile
+++ b/15/alpine3.19/Dockerfile
@@ -23,8 +23,8 @@ ENV LANG en_US.utf8
RUN mkdir /docker-entrypoint-initdb.d
ENV PG_MAJOR 15
-ENV PG_VERSION 15.5
-ENV PG_SHA256 8f53aa95d78eb8e82536ea46b68187793b42bba3b4f65aa342f540b23c9b10a6
+ENV PG_VERSION 15.6
+ENV PG_SHA256 8455146ed9c69c93a57de954aead0302cafad035c2b242175d6aa1e17ebcb2fb
ENV DOCKER_PG_LLVM_DEPS \
llvm15-dev \
diff --git a/15/bookworm/Dockerfile b/15/bookworm/Dockerfile
index f05387d1d2..207e171d14 100644
--- a/15/bookworm/Dockerfile
+++ b/15/bookworm/Dockerfile
@@ -90,7 +90,7 @@ RUN set -ex; \
ENV PG_MAJOR 15
ENV PATH $PATH:/usr/lib/postgresql/$PG_MAJOR/bin
-ENV PG_VERSION 15.5-1.pgdg120+1
+ENV PG_VERSION 15.6-1.pgdg120+1
RUN set -ex; \
\
diff --git a/15/bullseye/Dockerfile b/15/bullseye/Dockerfile
index b091bc4425..ffcd03a6ec 100644
--- a/15/bullseye/Dockerfile
+++ b/15/bullseye/Dockerfile
@@ -90,7 +90,7 @@ RUN set -ex; \
ENV PG_MAJOR 15
ENV PATH $PATH:/usr/lib/postgresql/$PG_MAJOR/bin
-ENV PG_VERSION 15.5-1.pgdg110+1
+ENV PG_VERSION 15.6-1.pgdg110+1
RUN set -ex; \
\
diff --git a/versions.json b/versions.json
index 8e39f20e35..ae715fc93a 100644
--- a/versions.json
+++ b/versions.json
@@ -101,7 +101,7 @@
"ppc64el",
"s390x"
],
- "version": "15.5-1.pgdg120+1"
+ "version": "15.6-1.pgdg120+1"
},
"bullseye": {
"arches": [
@@ -110,18 +110,18 @@
"ppc64el",
"s390x"
],
- "version": "15.5-1.pgdg110+1"
+ "version": "15.6-1.pgdg110+1"
},
"debian": "bookworm",
"major": 15,
- "sha256": "8f53aa95d78eb8e82536ea46b68187793b42bba3b4f65aa342f540b23c9b10a6",
+ "sha256": "8455146ed9c69c93a57de954aead0302cafad035c2b242175d6aa1e17ebcb2fb",
"variants": [
"bookworm",
"bullseye",
"alpine3.19",
"alpine3.18"
],
- "version": "15.5"
+ "version": "15.6"
},
"16": {
"alpine": "3.19",
From 5403edd423ba9fd047d2abf5ed7fdb9131c7a527 Mon Sep 17 00:00:00 2001
From: Docker Library Bot <doi+docker-library-bot@docker.com>
Date: Thu, 8 Feb 2024 11:52:58 -0800
Subject: [PATCH 047/115] Update 16 to 16.2, bookworm 16.2-1.pgdg120+1,
bullseye 16.2-1.pgdg110+1
---
16/alpine3.18/Dockerfile | 4 ++--
16/alpine3.19/Dockerfile | 4 ++--
16/bookworm/Dockerfile | 2 +-
16/bullseye/Dockerfile | 2 +-
versions.json | 8 ++++----
5 files changed, 10 insertions(+), 10 deletions(-)
diff --git a/16/alpine3.18/Dockerfile b/16/alpine3.18/Dockerfile
index 2ea886dcb8..4d5255bd2d 100644
--- a/16/alpine3.18/Dockerfile
+++ b/16/alpine3.18/Dockerfile
@@ -23,8 +23,8 @@ ENV LANG en_US.utf8
RUN mkdir /docker-entrypoint-initdb.d
ENV PG_MAJOR 16
-ENV PG_VERSION 16.1
-ENV PG_SHA256 ce3c4d85d19b0121fe0d3f8ef1fa601f71989e86f8a66f7dc3ad546dd5564fec
+ENV PG_VERSION 16.2
+ENV PG_SHA256 446e88294dbc2c9085ab4b7061a646fa604b4bec03521d5ea671c2e5ad9b2952
ENV DOCKER_PG_LLVM_DEPS \
llvm15-dev \
diff --git a/16/alpine3.19/Dockerfile b/16/alpine3.19/Dockerfile
index e934d38c80..9b92f65596 100644
--- a/16/alpine3.19/Dockerfile
+++ b/16/alpine3.19/Dockerfile
@@ -23,8 +23,8 @@ ENV LANG en_US.utf8
RUN mkdir /docker-entrypoint-initdb.d
ENV PG_MAJOR 16
-ENV PG_VERSION 16.1
-ENV PG_SHA256 ce3c4d85d19b0121fe0d3f8ef1fa601f71989e86f8a66f7dc3ad546dd5564fec
+ENV PG_VERSION 16.2
+ENV PG_SHA256 446e88294dbc2c9085ab4b7061a646fa604b4bec03521d5ea671c2e5ad9b2952
ENV DOCKER_PG_LLVM_DEPS \
llvm15-dev \
diff --git a/16/bookworm/Dockerfile b/16/bookworm/Dockerfile
index a2bde2b26a..70b739b032 100644
--- a/16/bookworm/Dockerfile
+++ b/16/bookworm/Dockerfile
@@ -90,7 +90,7 @@ RUN set -ex; \
ENV PG_MAJOR 16
ENV PATH $PATH:/usr/lib/postgresql/$PG_MAJOR/bin
-ENV PG_VERSION 16.1-1.pgdg120+1
+ENV PG_VERSION 16.2-1.pgdg120+1
RUN set -ex; \
\
diff --git a/16/bullseye/Dockerfile b/16/bullseye/Dockerfile
index 5d0cd70a12..e13f449597 100644
--- a/16/bullseye/Dockerfile
+++ b/16/bullseye/Dockerfile
@@ -90,7 +90,7 @@ RUN set -ex; \
ENV PG_MAJOR 16
ENV PATH $PATH:/usr/lib/postgresql/$PG_MAJOR/bin
-ENV PG_VERSION 16.1-1.pgdg110+1
+ENV PG_VERSION 16.2-1.pgdg110+1
RUN set -ex; \
\
diff --git a/versions.json b/versions.json
index ae715fc93a..486395fcbb 100644
--- a/versions.json
+++ b/versions.json
@@ -132,7 +132,7 @@
"ppc64el",
"s390x"
],
- "version": "16.1-1.pgdg120+1"
+ "version": "16.2-1.pgdg120+1"
},
"bullseye": {
"arches": [
@@ -141,17 +141,17 @@
"ppc64el",
"s390x"
],
- "version": "16.1-1.pgdg110+1"
+ "version": "16.2-1.pgdg110+1"
},
"debian": "bookworm",
"major": 16,
- "sha256": "ce3c4d85d19b0121fe0d3f8ef1fa601f71989e86f8a66f7dc3ad546dd5564fec",
+ "sha256": "446e88294dbc2c9085ab4b7061a646fa604b4bec03521d5ea671c2e5ad9b2952",
"variants": [
"bookworm",
"bullseye",
"alpine3.19",
"alpine3.18"
],
- "version": "16.1"
+ "version": "16.2"
}
}
From 6e883d9b1efe8479bca7ad0eab354a95fee46786 Mon Sep 17 00:00:00 2001
From: Docker Library Bot <doi+docker-library-bot@docker.com>
Date: Mon, 12 Feb 2024 11:02:23 -0800
Subject: [PATCH 048/115] Update 12 to bookworm 12.18-1.pgdg120+2, bullseye
12.18-1.pgdg110+2
---
12/bookworm/Dockerfile | 2 +-
12/bullseye/Dockerfile | 2 +-
versions.json | 4 ++--
3 files changed, 4 insertions(+), 4 deletions(-)
diff --git a/12/bookworm/Dockerfile b/12/bookworm/Dockerfile
index 3db6428e88..57a1adc6c0 100644
--- a/12/bookworm/Dockerfile
+++ b/12/bookworm/Dockerfile
@@ -90,7 +90,7 @@ RUN set -ex; \
ENV PG_MAJOR 12
ENV PATH $PATH:/usr/lib/postgresql/$PG_MAJOR/bin
-ENV PG_VERSION 12.18-1.pgdg120+1
+ENV PG_VERSION 12.18-1.pgdg120+2
RUN set -ex; \
\
diff --git a/12/bullseye/Dockerfile b/12/bullseye/Dockerfile
index 98e115e2bc..be1f0a5679 100644
--- a/12/bullseye/Dockerfile
+++ b/12/bullseye/Dockerfile
@@ -90,7 +90,7 @@ RUN set -ex; \
ENV PG_MAJOR 12
ENV PATH $PATH:/usr/lib/postgresql/$PG_MAJOR/bin
-ENV PG_VERSION 12.18-1.pgdg110+1
+ENV PG_VERSION 12.18-1.pgdg110+2
RUN set -ex; \
\
diff --git a/versions.json b/versions.json
index 486395fcbb..609cc0c372 100644
--- a/versions.json
+++ b/versions.json
@@ -8,7 +8,7 @@
"ppc64el",
"s390x"
],
- "version": "12.18-1.pgdg120+1"
+ "version": "12.18-1.pgdg120+2"
},
"bullseye": {
"arches": [
@@ -17,7 +17,7 @@
"ppc64el",
"s390x"
],
- "version": "12.18-1.pgdg110+1"
+ "version": "12.18-1.pgdg110+2"
},
"debian": "bookworm",
"major": 12,
From a2de6cd9b0e9ad68b03148241195e15137246c29 Mon Sep 17 00:00:00 2001
From: Docker Library Bot <doi+docker-library-bot@docker.com>
Date: Mon, 12 Feb 2024 11:05:32 -0800
Subject: [PATCH 049/115] Update 13 to bookworm 13.14-1.pgdg120+2, bullseye
13.14-1.pgdg110+2
---
13/bookworm/Dockerfile | 2 +-
13/bullseye/Dockerfile | 2 +-
versions.json | 4 ++--
3 files changed, 4 insertions(+), 4 deletions(-)
diff --git a/13/bookworm/Dockerfile b/13/bookworm/Dockerfile
index bf47c93221..9680e20808 100644
--- a/13/bookworm/Dockerfile
+++ b/13/bookworm/Dockerfile
@@ -90,7 +90,7 @@ RUN set -ex; \
ENV PG_MAJOR 13
ENV PATH $PATH:/usr/lib/postgresql/$PG_MAJOR/bin
-ENV PG_VERSION 13.14-1.pgdg120+1
+ENV PG_VERSION 13.14-1.pgdg120+2
RUN set -ex; \
\
diff --git a/13/bullseye/Dockerfile b/13/bullseye/Dockerfile
index 6a520a4690..8de5fe7ef8 100644
--- a/13/bullseye/Dockerfile
+++ b/13/bullseye/Dockerfile
@@ -90,7 +90,7 @@ RUN set -ex; \
ENV PG_MAJOR 13
ENV PATH $PATH:/usr/lib/postgresql/$PG_MAJOR/bin
-ENV PG_VERSION 13.14-1.pgdg110+1
+ENV PG_VERSION 13.14-1.pgdg110+2
RUN set -ex; \
\
diff --git a/versions.json b/versions.json
index 609cc0c372..639099583e 100644
--- a/versions.json
+++ b/versions.json
@@ -39,7 +39,7 @@
"ppc64el",
"s390x"
],
- "version": "13.14-1.pgdg120+1"
+ "version": "13.14-1.pgdg120+2"
},
"bullseye": {
"arches": [
@@ -48,7 +48,7 @@
"ppc64el",
"s390x"
],
- "version": "13.14-1.pgdg110+1"
+ "version": "13.14-1.pgdg110+2"
},
"debian": "bookworm",
"major": 13,
From 901df4c333940b96e1b438f9bd6dcd0f1c534116 Mon Sep 17 00:00:00 2001
From: Docker Library Bot <doi+docker-library-bot@docker.com>
Date: Mon, 12 Feb 2024 11:09:00 -0800
Subject: [PATCH 050/115] Update 14 to bookworm 14.11-1.pgdg120+2, bullseye
14.11-1.pgdg110+2
---
14/bookworm/Dockerfile | 2 +-
14/bullseye/Dockerfile | 2 +-
versions.json | 4 ++--
3 files changed, 4 insertions(+), 4 deletions(-)
diff --git a/14/bookworm/Dockerfile b/14/bookworm/Dockerfile
index ec78178beb..8725665d37 100644
--- a/14/bookworm/Dockerfile
+++ b/14/bookworm/Dockerfile
@@ -90,7 +90,7 @@ RUN set -ex; \
ENV PG_MAJOR 14
ENV PATH $PATH:/usr/lib/postgresql/$PG_MAJOR/bin
-ENV PG_VERSION 14.11-1.pgdg120+1
+ENV PG_VERSION 14.11-1.pgdg120+2
RUN set -ex; \
\
diff --git a/14/bullseye/Dockerfile b/14/bullseye/Dockerfile
index 33f2dfdb0c..838745c85b 100644
--- a/14/bullseye/Dockerfile
+++ b/14/bullseye/Dockerfile
@@ -90,7 +90,7 @@ RUN set -ex; \
ENV PG_MAJOR 14
ENV PATH $PATH:/usr/lib/postgresql/$PG_MAJOR/bin
-ENV PG_VERSION 14.11-1.pgdg110+1
+ENV PG_VERSION 14.11-1.pgdg110+2
RUN set -ex; \
\
diff --git a/versions.json b/versions.json
index 639099583e..ff00e51936 100644
--- a/versions.json
+++ b/versions.json
@@ -70,7 +70,7 @@
"ppc64el",
"s390x"
],
- "version": "14.11-1.pgdg120+1"
+ "version": "14.11-1.pgdg120+2"
},
"bullseye": {
"arches": [
@@ -79,7 +79,7 @@
"ppc64el",
"s390x"
],
- "version": "14.11-1.pgdg110+1"
+ "version": "14.11-1.pgdg110+2"
},
"debian": "bookworm",
"major": 14,
From 34d4c14c235806e57fdd5eaf197f718fccee93b0 Mon Sep 17 00:00:00 2001
From: Docker Library Bot <doi+docker-library-bot@docker.com>
Date: Mon, 12 Feb 2024 11:12:29 -0800
Subject: [PATCH 051/115] Update 15 to bookworm 15.6-1.pgdg120+2, bullseye
15.6-1.pgdg110+2
---
15/bookworm/Dockerfile | 2 +-
15/bullseye/Dockerfile | 2 +-
versions.json | 4 ++--
3 files changed, 4 insertions(+), 4 deletions(-)
diff --git a/15/bookworm/Dockerfile b/15/bookworm/Dockerfile
index 207e171d14..93dc03e4a4 100644
--- a/15/bookworm/Dockerfile
+++ b/15/bookworm/Dockerfile
@@ -90,7 +90,7 @@ RUN set -ex; \
ENV PG_MAJOR 15
ENV PATH $PATH:/usr/lib/postgresql/$PG_MAJOR/bin
-ENV PG_VERSION 15.6-1.pgdg120+1
+ENV PG_VERSION 15.6-1.pgdg120+2
RUN set -ex; \
\
diff --git a/15/bullseye/Dockerfile b/15/bullseye/Dockerfile
index ffcd03a6ec..8430750ba4 100644
--- a/15/bullseye/Dockerfile
+++ b/15/bullseye/Dockerfile
@@ -90,7 +90,7 @@ RUN set -ex; \
ENV PG_MAJOR 15
ENV PATH $PATH:/usr/lib/postgresql/$PG_MAJOR/bin
-ENV PG_VERSION 15.6-1.pgdg110+1
+ENV PG_VERSION 15.6-1.pgdg110+2
RUN set -ex; \
\
diff --git a/versions.json b/versions.json
index ff00e51936..832408a656 100644
--- a/versions.json
+++ b/versions.json
@@ -101,7 +101,7 @@
"ppc64el",
"s390x"
],
- "version": "15.6-1.pgdg120+1"
+ "version": "15.6-1.pgdg120+2"
},
"bullseye": {
"arches": [
@@ -110,7 +110,7 @@
"ppc64el",
"s390x"
],
- "version": "15.6-1.pgdg110+1"
+ "version": "15.6-1.pgdg110+2"
},
"debian": "bookworm",
"major": 15,
From 1424abf76f421d6f7bf933d9e42bbbed866fae3a Mon Sep 17 00:00:00 2001
From: Docker Library Bot <doi+docker-library-bot@docker.com>
Date: Mon, 12 Feb 2024 11:15:38 -0800
Subject: [PATCH 052/115] Update 16 to bookworm 16.2-1.pgdg120+2, bullseye
16.2-1.pgdg110+2
---
16/bookworm/Dockerfile | 2 +-
16/bullseye/Dockerfile | 2 +-
versions.json | 4 ++--
3 files changed, 4 insertions(+), 4 deletions(-)
diff --git a/16/bookworm/Dockerfile b/16/bookworm/Dockerfile
index 70b739b032..37451960bf 100644
--- a/16/bookworm/Dockerfile
+++ b/16/bookworm/Dockerfile
@@ -90,7 +90,7 @@ RUN set -ex; \
ENV PG_MAJOR 16
ENV PATH $PATH:/usr/lib/postgresql/$PG_MAJOR/bin
-ENV PG_VERSION 16.2-1.pgdg120+1
+ENV PG_VERSION 16.2-1.pgdg120+2
RUN set -ex; \
\
diff --git a/16/bullseye/Dockerfile b/16/bullseye/Dockerfile
index e13f449597..3427042156 100644
--- a/16/bullseye/Dockerfile
+++ b/16/bullseye/Dockerfile
@@ -90,7 +90,7 @@ RUN set -ex; \
ENV PG_MAJOR 16
ENV PATH $PATH:/usr/lib/postgresql/$PG_MAJOR/bin
-ENV PG_VERSION 16.2-1.pgdg110+1
+ENV PG_VERSION 16.2-1.pgdg110+2
RUN set -ex; \
\
diff --git a/versions.json b/versions.json
index 832408a656..0311dfed38 100644
--- a/versions.json
+++ b/versions.json
@@ -132,7 +132,7 @@
"ppc64el",
"s390x"
],
- "version": "16.2-1.pgdg120+1"
+ "version": "16.2-1.pgdg120+2"
},
"bullseye": {
"arches": [
@@ -141,7 +141,7 @@
"ppc64el",
"s390x"
],
- "version": "16.2-1.pgdg110+1"
+ "version": "16.2-1.pgdg110+2"
},
"debian": "bookworm",
"major": 16,
From ab6925051ca097d415816928a50c483ecc370c00 Mon Sep 17 00:00:00 2001
From: Jamie Finnigan <jfinnigan@hashicorp.com>
Date: Tue, 20 Feb 2024 16:46:13 -0800
Subject: [PATCH 053/115] update to gosu 1.17
---
12/bookworm/Dockerfile | 2 +-
12/bullseye/Dockerfile | 2 +-
13/bookworm/Dockerfile | 2 +-
13/bullseye/Dockerfile | 2 +-
14/bookworm/Dockerfile | 2 +-
14/bullseye/Dockerfile | 2 +-
15/bookworm/Dockerfile | 2 +-
15/bullseye/Dockerfile | 2 +-
16/bookworm/Dockerfile | 2 +-
16/bullseye/Dockerfile | 2 +-
Dockerfile-debian.template | 2 +-
11 files changed, 11 insertions(+), 11 deletions(-)
diff --git a/12/bookworm/Dockerfile b/12/bookworm/Dockerfile
index 57a1adc6c0..d5345d4ae9 100644
--- a/12/bookworm/Dockerfile
+++ b/12/bookworm/Dockerfile
@@ -29,7 +29,7 @@ RUN set -ex; \
# grab gosu for easy step-down from root
# https://github.com/tianon/gosu/releases
-ENV GOSU_VERSION 1.16
+ENV GOSU_VERSION 1.17
RUN set -eux; \
savedAptMark="$(apt-mark showmanual)"; \
apt-get update; \
diff --git a/12/bullseye/Dockerfile b/12/bullseye/Dockerfile
index be1f0a5679..b1feb37b00 100644
--- a/12/bullseye/Dockerfile
+++ b/12/bullseye/Dockerfile
@@ -29,7 +29,7 @@ RUN set -ex; \
# grab gosu for easy step-down from root
# https://github.com/tianon/gosu/releases
-ENV GOSU_VERSION 1.16
+ENV GOSU_VERSION 1.17
RUN set -eux; \
savedAptMark="$(apt-mark showmanual)"; \
apt-get update; \
diff --git a/13/bookworm/Dockerfile b/13/bookworm/Dockerfile
index 9680e20808..b4d5f58f78 100644
--- a/13/bookworm/Dockerfile
+++ b/13/bookworm/Dockerfile
@@ -29,7 +29,7 @@ RUN set -ex; \
# grab gosu for easy step-down from root
# https://github.com/tianon/gosu/releases
-ENV GOSU_VERSION 1.16
+ENV GOSU_VERSION 1.17
RUN set -eux; \
savedAptMark="$(apt-mark showmanual)"; \
apt-get update; \
diff --git a/13/bullseye/Dockerfile b/13/bullseye/Dockerfile
index 8de5fe7ef8..3b97cb768e 100644
--- a/13/bullseye/Dockerfile
+++ b/13/bullseye/Dockerfile
@@ -29,7 +29,7 @@ RUN set -ex; \
# grab gosu for easy step-down from root
# https://github.com/tianon/gosu/releases
-ENV GOSU_VERSION 1.16
+ENV GOSU_VERSION 1.17
RUN set -eux; \
savedAptMark="$(apt-mark showmanual)"; \
apt-get update; \
diff --git a/14/bookworm/Dockerfile b/14/bookworm/Dockerfile
index 8725665d37..ffb2e6e781 100644
--- a/14/bookworm/Dockerfile
+++ b/14/bookworm/Dockerfile
@@ -29,7 +29,7 @@ RUN set -ex; \
# grab gosu for easy step-down from root
# https://github.com/tianon/gosu/releases
-ENV GOSU_VERSION 1.16
+ENV GOSU_VERSION 1.17
RUN set -eux; \
savedAptMark="$(apt-mark showmanual)"; \
apt-get update; \
diff --git a/14/bullseye/Dockerfile b/14/bullseye/Dockerfile
index 838745c85b..8759c8d149 100644
--- a/14/bullseye/Dockerfile
+++ b/14/bullseye/Dockerfile
@@ -29,7 +29,7 @@ RUN set -ex; \
# grab gosu for easy step-down from root
# https://github.com/tianon/gosu/releases
-ENV GOSU_VERSION 1.16
+ENV GOSU_VERSION 1.17
RUN set -eux; \
savedAptMark="$(apt-mark showmanual)"; \
apt-get update; \
diff --git a/15/bookworm/Dockerfile b/15/bookworm/Dockerfile
index 93dc03e4a4..c0b4f06471 100644
--- a/15/bookworm/Dockerfile
+++ b/15/bookworm/Dockerfile
@@ -29,7 +29,7 @@ RUN set -ex; \
# grab gosu for easy step-down from root
# https://github.com/tianon/gosu/releases
-ENV GOSU_VERSION 1.16
+ENV GOSU_VERSION 1.17
RUN set -eux; \
savedAptMark="$(apt-mark showmanual)"; \
apt-get update; \
diff --git a/15/bullseye/Dockerfile b/15/bullseye/Dockerfile
index 8430750ba4..6765174e25 100644
--- a/15/bullseye/Dockerfile
+++ b/15/bullseye/Dockerfile
@@ -29,7 +29,7 @@ RUN set -ex; \
# grab gosu for easy step-down from root
# https://github.com/tianon/gosu/releases
-ENV GOSU_VERSION 1.16
+ENV GOSU_VERSION 1.17
RUN set -eux; \
savedAptMark="$(apt-mark showmanual)"; \
apt-get update; \
diff --git a/16/bookworm/Dockerfile b/16/bookworm/Dockerfile
index 37451960bf..6bcb1b873a 100644
--- a/16/bookworm/Dockerfile
+++ b/16/bookworm/Dockerfile
@@ -29,7 +29,7 @@ RUN set -ex; \
# grab gosu for easy step-down from root
# https://github.com/tianon/gosu/releases
-ENV GOSU_VERSION 1.16
+ENV GOSU_VERSION 1.17
RUN set -eux; \
savedAptMark="$(apt-mark showmanual)"; \
apt-get update; \
diff --git a/16/bullseye/Dockerfile b/16/bullseye/Dockerfile
index 3427042156..9e87ce3e5b 100644
--- a/16/bullseye/Dockerfile
+++ b/16/bullseye/Dockerfile
@@ -29,7 +29,7 @@ RUN set -ex; \
# grab gosu for easy step-down from root
# https://github.com/tianon/gosu/releases
-ENV GOSU_VERSION 1.16
+ENV GOSU_VERSION 1.17
RUN set -eux; \
savedAptMark="$(apt-mark showmanual)"; \
apt-get update; \
diff --git a/Dockerfile-debian.template b/Dockerfile-debian.template
index 878e813250..479f147c7f 100644
--- a/Dockerfile-debian.template
+++ b/Dockerfile-debian.template
@@ -23,7 +23,7 @@ RUN set -ex; \
# grab gosu for easy step-down from root
# https://github.com/tianon/gosu/releases
-ENV GOSU_VERSION 1.16
+ENV GOSU_VERSION 1.17
RUN set -eux; \
savedAptMark="$(apt-mark showmanual)"; \
apt-get update; \
From ccf4f2289a1e59ddf74a5d1e6eb7693b7f464b54 Mon Sep 17 00:00:00 2001
From: Docker Library Bot <doi+docker-library-bot@docker.com>
Date: Thu, 9 May 2024 11:02:23 -0700
Subject: [PATCH 054/115] Update 12 to 12.19, bookworm 12.19-1.pgdg120+1,
bullseye 12.19-1.pgdg110+1
---
12/alpine3.18/Dockerfile | 4 ++--
12/alpine3.19/Dockerfile | 4 ++--
12/bookworm/Dockerfile | 2 +-
12/bullseye/Dockerfile | 2 +-
versions.json | 8 ++++----
5 files changed, 10 insertions(+), 10 deletions(-)
diff --git a/12/alpine3.18/Dockerfile b/12/alpine3.18/Dockerfile
index b8f1171df7..ca48d22265 100644
--- a/12/alpine3.18/Dockerfile
+++ b/12/alpine3.18/Dockerfile
@@ -23,8 +23,8 @@ ENV LANG en_US.utf8
RUN mkdir /docker-entrypoint-initdb.d
ENV PG_MAJOR 12
-ENV PG_VERSION 12.18
-ENV PG_SHA256 4f9919725d941ce9868e07fe1ed1d3a86748599b483386547583928b74c3918a
+ENV PG_VERSION 12.19
+ENV PG_SHA256 617e3de52c22e822f4f57d01d5b2240503e198a9eccaf598a851109bd18e6fbb
ENV DOCKER_PG_LLVM_DEPS \
llvm15-dev \
diff --git a/12/alpine3.19/Dockerfile b/12/alpine3.19/Dockerfile
index 900ed44181..b146ec3621 100644
--- a/12/alpine3.19/Dockerfile
+++ b/12/alpine3.19/Dockerfile
@@ -23,8 +23,8 @@ ENV LANG en_US.utf8
RUN mkdir /docker-entrypoint-initdb.d
ENV PG_MAJOR 12
-ENV PG_VERSION 12.18
-ENV PG_SHA256 4f9919725d941ce9868e07fe1ed1d3a86748599b483386547583928b74c3918a
+ENV PG_VERSION 12.19
+ENV PG_SHA256 617e3de52c22e822f4f57d01d5b2240503e198a9eccaf598a851109bd18e6fbb
ENV DOCKER_PG_LLVM_DEPS \
llvm15-dev \
diff --git a/12/bookworm/Dockerfile b/12/bookworm/Dockerfile
index d5345d4ae9..e697613ae2 100644
--- a/12/bookworm/Dockerfile
+++ b/12/bookworm/Dockerfile
@@ -90,7 +90,7 @@ RUN set -ex; \
ENV PG_MAJOR 12
ENV PATH $PATH:/usr/lib/postgresql/$PG_MAJOR/bin
-ENV PG_VERSION 12.18-1.pgdg120+2
+ENV PG_VERSION 12.19-1.pgdg120+1
RUN set -ex; \
\
diff --git a/12/bullseye/Dockerfile b/12/bullseye/Dockerfile
index b1feb37b00..da4e8e2ee5 100644
--- a/12/bullseye/Dockerfile
+++ b/12/bullseye/Dockerfile
@@ -90,7 +90,7 @@ RUN set -ex; \
ENV PG_MAJOR 12
ENV PATH $PATH:/usr/lib/postgresql/$PG_MAJOR/bin
-ENV PG_VERSION 12.18-1.pgdg110+2
+ENV PG_VERSION 12.19-1.pgdg110+1
RUN set -ex; \
\
diff --git a/versions.json b/versions.json
index 0311dfed38..fec7c6617c 100644
--- a/versions.json
+++ b/versions.json
@@ -8,7 +8,7 @@
"ppc64el",
"s390x"
],
- "version": "12.18-1.pgdg120+2"
+ "version": "12.19-1.pgdg120+1"
},
"bullseye": {
"arches": [
@@ -17,18 +17,18 @@
"ppc64el",
"s390x"
],
- "version": "12.18-1.pgdg110+2"
+ "version": "12.19-1.pgdg110+1"
},
"debian": "bookworm",
"major": 12,
- "sha256": "4f9919725d941ce9868e07fe1ed1d3a86748599b483386547583928b74c3918a",
+ "sha256": "617e3de52c22e822f4f57d01d5b2240503e198a9eccaf598a851109bd18e6fbb",
"variants": [
"bookworm",
"bullseye",
"alpine3.19",
"alpine3.18"
],
- "version": "12.18"
+ "version": "12.19"
},
"13": {
"alpine": "3.19",
From f3ab8c6db63e2986453e0a4fae2c5f372dd4f05e Mon Sep 17 00:00:00 2001
From: Docker Library Bot <doi+docker-library-bot@docker.com>
Date: Thu, 9 May 2024 11:16:46 -0700
Subject: [PATCH 055/115] Update 13 to 13.15, bookworm 13.15-1.pgdg120+1,
bullseye 13.15-1.pgdg110+1
---
13/alpine3.18/Dockerfile | 4 ++--
13/alpine3.19/Dockerfile | 4 ++--
13/bookworm/Dockerfile | 2 +-
13/bullseye/Dockerfile | 2 +-
versions.json | 8 ++++----
5 files changed, 10 insertions(+), 10 deletions(-)
diff --git a/13/alpine3.18/Dockerfile b/13/alpine3.18/Dockerfile
index 34f1f7f4ce..465b514876 100644
--- a/13/alpine3.18/Dockerfile
+++ b/13/alpine3.18/Dockerfile
@@ -23,8 +23,8 @@ ENV LANG en_US.utf8
RUN mkdir /docker-entrypoint-initdb.d
ENV PG_MAJOR 13
-ENV PG_VERSION 13.14
-ENV PG_SHA256 b8df078551898960bd500dc5d38a177e9905376df81fe7f2b660a1407fa6a5ed
+ENV PG_VERSION 13.15
+ENV PG_SHA256 42edd415446d33b8c242be76d1ad057531b2264b2e86939339b7075c6e4ec925
ENV DOCKER_PG_LLVM_DEPS \
llvm15-dev \
diff --git a/13/alpine3.19/Dockerfile b/13/alpine3.19/Dockerfile
index 217875c8e8..2320c0bef4 100644
--- a/13/alpine3.19/Dockerfile
+++ b/13/alpine3.19/Dockerfile
@@ -23,8 +23,8 @@ ENV LANG en_US.utf8
RUN mkdir /docker-entrypoint-initdb.d
ENV PG_MAJOR 13
-ENV PG_VERSION 13.14
-ENV PG_SHA256 b8df078551898960bd500dc5d38a177e9905376df81fe7f2b660a1407fa6a5ed
+ENV PG_VERSION 13.15
+ENV PG_SHA256 42edd415446d33b8c242be76d1ad057531b2264b2e86939339b7075c6e4ec925
ENV DOCKER_PG_LLVM_DEPS \
llvm15-dev \
diff --git a/13/bookworm/Dockerfile b/13/bookworm/Dockerfile
index b4d5f58f78..8b00f0e123 100644
--- a/13/bookworm/Dockerfile
+++ b/13/bookworm/Dockerfile
@@ -90,7 +90,7 @@ RUN set -ex; \
ENV PG_MAJOR 13
ENV PATH $PATH:/usr/lib/postgresql/$PG_MAJOR/bin
-ENV PG_VERSION 13.14-1.pgdg120+2
+ENV PG_VERSION 13.15-1.pgdg120+1
RUN set -ex; \
\
diff --git a/13/bullseye/Dockerfile b/13/bullseye/Dockerfile
index 3b97cb768e..b4210684c0 100644
--- a/13/bullseye/Dockerfile
+++ b/13/bullseye/Dockerfile
@@ -90,7 +90,7 @@ RUN set -ex; \
ENV PG_MAJOR 13
ENV PATH $PATH:/usr/lib/postgresql/$PG_MAJOR/bin
-ENV PG_VERSION 13.14-1.pgdg110+2
+ENV PG_VERSION 13.15-1.pgdg110+1
RUN set -ex; \
\
diff --git a/versions.json b/versions.json
index fec7c6617c..8eabc72c5c 100644
--- a/versions.json
+++ b/versions.json
@@ -39,7 +39,7 @@
"ppc64el",
"s390x"
],
- "version": "13.14-1.pgdg120+2"
+ "version": "13.15-1.pgdg120+1"
},
"bullseye": {
"arches": [
@@ -48,18 +48,18 @@
"ppc64el",
"s390x"
],
- "version": "13.14-1.pgdg110+2"
+ "version": "13.15-1.pgdg110+1"
},
"debian": "bookworm",
"major": 13,
- "sha256": "b8df078551898960bd500dc5d38a177e9905376df81fe7f2b660a1407fa6a5ed",
+ "sha256": "42edd415446d33b8c242be76d1ad057531b2264b2e86939339b7075c6e4ec925",
"variants": [
"bookworm",
"bullseye",
"alpine3.19",
"alpine3.18"
],
- "version": "13.14"
+ "version": "13.15"
},
"14": {
"alpine": "3.19",
From 662dbe5225f4d404364bdcf5e49dd5d88357ed31 Mon Sep 17 00:00:00 2001
From: Docker Library Bot <doi+docker-library-bot@docker.com>
Date: Thu, 9 May 2024 11:31:12 -0700
Subject: [PATCH 056/115] Update 14 to 14.12, bookworm 14.12-1.pgdg120+1,
bullseye 14.12-1.pgdg110+1
---
14/alpine3.18/Dockerfile | 4 ++--
14/alpine3.19/Dockerfile | 4 ++--
14/bookworm/Dockerfile | 2 +-
14/bullseye/Dockerfile | 2 +-
versions.json | 8 ++++----
5 files changed, 10 insertions(+), 10 deletions(-)
diff --git a/14/alpine3.18/Dockerfile b/14/alpine3.18/Dockerfile
index 67f44f5ddc..b1fbd8d556 100644
--- a/14/alpine3.18/Dockerfile
+++ b/14/alpine3.18/Dockerfile
@@ -23,8 +23,8 @@ ENV LANG en_US.utf8
RUN mkdir /docker-entrypoint-initdb.d
ENV PG_MAJOR 14
-ENV PG_VERSION 14.11
-ENV PG_SHA256 a670bd7dce22dcad4297b261136b3b1d4a09a6f541719562aa14ca63bf2968a8
+ENV PG_VERSION 14.12
+ENV PG_SHA256 6118d08f9ddcc1bd83cf2b7cc74d3b583bdcec2f37e6245a8ac003b8faa80923
ENV DOCKER_PG_LLVM_DEPS \
llvm15-dev \
diff --git a/14/alpine3.19/Dockerfile b/14/alpine3.19/Dockerfile
index 75bb2296eb..3666022f9f 100644
--- a/14/alpine3.19/Dockerfile
+++ b/14/alpine3.19/Dockerfile
@@ -23,8 +23,8 @@ ENV LANG en_US.utf8
RUN mkdir /docker-entrypoint-initdb.d
ENV PG_MAJOR 14
-ENV PG_VERSION 14.11
-ENV PG_SHA256 a670bd7dce22dcad4297b261136b3b1d4a09a6f541719562aa14ca63bf2968a8
+ENV PG_VERSION 14.12
+ENV PG_SHA256 6118d08f9ddcc1bd83cf2b7cc74d3b583bdcec2f37e6245a8ac003b8faa80923
ENV DOCKER_PG_LLVM_DEPS \
llvm15-dev \
diff --git a/14/bookworm/Dockerfile b/14/bookworm/Dockerfile
index ffb2e6e781..3c9e737ab2 100644
--- a/14/bookworm/Dockerfile
+++ b/14/bookworm/Dockerfile
@@ -90,7 +90,7 @@ RUN set -ex; \
ENV PG_MAJOR 14
ENV PATH $PATH:/usr/lib/postgresql/$PG_MAJOR/bin
-ENV PG_VERSION 14.11-1.pgdg120+2
+ENV PG_VERSION 14.12-1.pgdg120+1
RUN set -ex; \
\
diff --git a/14/bullseye/Dockerfile b/14/bullseye/Dockerfile
index 8759c8d149..048b473058 100644
--- a/14/bullseye/Dockerfile
+++ b/14/bullseye/Dockerfile
@@ -90,7 +90,7 @@ RUN set -ex; \
ENV PG_MAJOR 14
ENV PATH $PATH:/usr/lib/postgresql/$PG_MAJOR/bin
-ENV PG_VERSION 14.11-1.pgdg110+2
+ENV PG_VERSION 14.12-1.pgdg110+1
RUN set -ex; \
\
diff --git a/versions.json b/versions.json
index 8eabc72c5c..ae360a4c84 100644
--- a/versions.json
+++ b/versions.json
@@ -70,7 +70,7 @@
"ppc64el",
"s390x"
],
- "version": "14.11-1.pgdg120+2"
+ "version": "14.12-1.pgdg120+1"
},
"bullseye": {
"arches": [
@@ -79,18 +79,18 @@
"ppc64el",
"s390x"
],
- "version": "14.11-1.pgdg110+2"
+ "version": "14.12-1.pgdg110+1"
},
"debian": "bookworm",
"major": 14,
- "sha256": "a670bd7dce22dcad4297b261136b3b1d4a09a6f541719562aa14ca63bf2968a8",
+ "sha256": "6118d08f9ddcc1bd83cf2b7cc74d3b583bdcec2f37e6245a8ac003b8faa80923",
"variants": [
"bookworm",
"bullseye",
"alpine3.19",
"alpine3.18"
],
- "version": "14.11"
+ "version": "14.12"
},
"15": {
"alpine": "3.19",
From 8a0b96710d917d1c3b32a5fe5b66687ad83827da Mon Sep 17 00:00:00 2001
From: Docker Library Bot <doi+docker-library-bot@docker.com>
Date: Thu, 9 May 2024 11:44:17 -0700
Subject: [PATCH 057/115] Update 15 to 15.7, bookworm 15.7-1.pgdg120+1,
bullseye 15.7-1.pgdg110+1
---
15/alpine3.18/Dockerfile | 4 ++--
15/alpine3.19/Dockerfile | 4 ++--
15/bookworm/Dockerfile | 2 +-
15/bullseye/Dockerfile | 2 +-
versions.json | 8 ++++----
5 files changed, 10 insertions(+), 10 deletions(-)
diff --git a/15/alpine3.18/Dockerfile b/15/alpine3.18/Dockerfile
index 1e01ab817a..87a2ce7ae0 100644
--- a/15/alpine3.18/Dockerfile
+++ b/15/alpine3.18/Dockerfile
@@ -23,8 +23,8 @@ ENV LANG en_US.utf8
RUN mkdir /docker-entrypoint-initdb.d
ENV PG_MAJOR 15
-ENV PG_VERSION 15.6
-ENV PG_SHA256 8455146ed9c69c93a57de954aead0302cafad035c2b242175d6aa1e17ebcb2fb
+ENV PG_VERSION 15.7
+ENV PG_SHA256 a46fe49485ab6385e39dabbbb654f5d3049206f76cd695e224268729520998f7
ENV DOCKER_PG_LLVM_DEPS \
llvm15-dev \
diff --git a/15/alpine3.19/Dockerfile b/15/alpine3.19/Dockerfile
index 6e23b453e3..37a1034597 100644
--- a/15/alpine3.19/Dockerfile
+++ b/15/alpine3.19/Dockerfile
@@ -23,8 +23,8 @@ ENV LANG en_US.utf8
RUN mkdir /docker-entrypoint-initdb.d
ENV PG_MAJOR 15
-ENV PG_VERSION 15.6
-ENV PG_SHA256 8455146ed9c69c93a57de954aead0302cafad035c2b242175d6aa1e17ebcb2fb
+ENV PG_VERSION 15.7
+ENV PG_SHA256 a46fe49485ab6385e39dabbbb654f5d3049206f76cd695e224268729520998f7
ENV DOCKER_PG_LLVM_DEPS \
llvm15-dev \
diff --git a/15/bookworm/Dockerfile b/15/bookworm/Dockerfile
index c0b4f06471..20dc81de0a 100644
--- a/15/bookworm/Dockerfile
+++ b/15/bookworm/Dockerfile
@@ -90,7 +90,7 @@ RUN set -ex; \
ENV PG_MAJOR 15
ENV PATH $PATH:/usr/lib/postgresql/$PG_MAJOR/bin
-ENV PG_VERSION 15.6-1.pgdg120+2
+ENV PG_VERSION 15.7-1.pgdg120+1
RUN set -ex; \
\
diff --git a/15/bullseye/Dockerfile b/15/bullseye/Dockerfile
index 6765174e25..a8a568956b 100644
--- a/15/bullseye/Dockerfile
+++ b/15/bullseye/Dockerfile
@@ -90,7 +90,7 @@ RUN set -ex; \
ENV PG_MAJOR 15
ENV PATH $PATH:/usr/lib/postgresql/$PG_MAJOR/bin
-ENV PG_VERSION 15.6-1.pgdg110+2
+ENV PG_VERSION 15.7-1.pgdg110+1
RUN set -ex; \
\
diff --git a/versions.json b/versions.json
index ae360a4c84..378e41db7b 100644
--- a/versions.json
+++ b/versions.json
@@ -101,7 +101,7 @@
"ppc64el",
"s390x"
],
- "version": "15.6-1.pgdg120+2"
+ "version": "15.7-1.pgdg120+1"
},
"bullseye": {
"arches": [
@@ -110,18 +110,18 @@
"ppc64el",
"s390x"
],
- "version": "15.6-1.pgdg110+2"
+ "version": "15.7-1.pgdg110+1"
},
"debian": "bookworm",
"major": 15,
- "sha256": "8455146ed9c69c93a57de954aead0302cafad035c2b242175d6aa1e17ebcb2fb",
+ "sha256": "a46fe49485ab6385e39dabbbb654f5d3049206f76cd695e224268729520998f7",
"variants": [
"bookworm",
"bullseye",
"alpine3.19",
"alpine3.18"
],
- "version": "15.6"
+ "version": "15.7"
},
"16": {
"alpine": "3.19",
From d08757ccb56ee047efd76c41dbc148e2e2c4f68f Mon Sep 17 00:00:00 2001
From: Docker Library Bot <doi+docker-library-bot@docker.com>
Date: Thu, 9 May 2024 11:58:11 -0700
Subject: [PATCH 058/115] Update 16 to 16.3, bookworm 16.3-1.pgdg120+1,
bullseye 16.3-1.pgdg110+1
---
16/alpine3.18/Dockerfile | 4 ++--
16/alpine3.19/Dockerfile | 4 ++--
16/bookworm/Dockerfile | 2 +-
16/bullseye/Dockerfile | 2 +-
versions.json | 8 ++++----
5 files changed, 10 insertions(+), 10 deletions(-)
diff --git a/16/alpine3.18/Dockerfile b/16/alpine3.18/Dockerfile
index 4d5255bd2d..17b0859ffe 100644
--- a/16/alpine3.18/Dockerfile
+++ b/16/alpine3.18/Dockerfile
@@ -23,8 +23,8 @@ ENV LANG en_US.utf8
RUN mkdir /docker-entrypoint-initdb.d
ENV PG_MAJOR 16
-ENV PG_VERSION 16.2
-ENV PG_SHA256 446e88294dbc2c9085ab4b7061a646fa604b4bec03521d5ea671c2e5ad9b2952
+ENV PG_VERSION 16.3
+ENV PG_SHA256 331963d5d3dc4caf4216a049fa40b66d6bcb8c730615859411b9518764e60585
ENV DOCKER_PG_LLVM_DEPS \
llvm15-dev \
diff --git a/16/alpine3.19/Dockerfile b/16/alpine3.19/Dockerfile
index 9b92f65596..89aab48dd8 100644
--- a/16/alpine3.19/Dockerfile
+++ b/16/alpine3.19/Dockerfile
@@ -23,8 +23,8 @@ ENV LANG en_US.utf8
RUN mkdir /docker-entrypoint-initdb.d
ENV PG_MAJOR 16
-ENV PG_VERSION 16.2
-ENV PG_SHA256 446e88294dbc2c9085ab4b7061a646fa604b4bec03521d5ea671c2e5ad9b2952
+ENV PG_VERSION 16.3
+ENV PG_SHA256 331963d5d3dc4caf4216a049fa40b66d6bcb8c730615859411b9518764e60585
ENV DOCKER_PG_LLVM_DEPS \
llvm15-dev \
diff --git a/16/bookworm/Dockerfile b/16/bookworm/Dockerfile
index 6bcb1b873a..9983d85c6f 100644
--- a/16/bookworm/Dockerfile
+++ b/16/bookworm/Dockerfile
@@ -90,7 +90,7 @@ RUN set -ex; \
ENV PG_MAJOR 16
ENV PATH $PATH:/usr/lib/postgresql/$PG_MAJOR/bin
-ENV PG_VERSION 16.2-1.pgdg120+2
+ENV PG_VERSION 16.3-1.pgdg120+1
RUN set -ex; \
\
diff --git a/16/bullseye/Dockerfile b/16/bullseye/Dockerfile
index 9e87ce3e5b..b4146f0236 100644
--- a/16/bullseye/Dockerfile
+++ b/16/bullseye/Dockerfile
@@ -90,7 +90,7 @@ RUN set -ex; \
ENV PG_MAJOR 16
ENV PATH $PATH:/usr/lib/postgresql/$PG_MAJOR/bin
-ENV PG_VERSION 16.2-1.pgdg110+2
+ENV PG_VERSION 16.3-1.pgdg110+1
RUN set -ex; \
\
diff --git a/versions.json b/versions.json
index 378e41db7b..bd0b1c943f 100644
--- a/versions.json
+++ b/versions.json
@@ -132,7 +132,7 @@
"ppc64el",
"s390x"
],
- "version": "16.2-1.pgdg120+2"
+ "version": "16.3-1.pgdg120+1"
},
"bullseye": {
"arches": [
@@ -141,17 +141,17 @@
"ppc64el",
"s390x"
],
- "version": "16.2-1.pgdg110+2"
+ "version": "16.3-1.pgdg110+1"
},
"debian": "bookworm",
"major": 16,
- "sha256": "446e88294dbc2c9085ab4b7061a646fa604b4bec03521d5ea671c2e5ad9b2952",
+ "sha256": "331963d5d3dc4caf4216a049fa40b66d6bcb8c730615859411b9518764e60585",
"variants": [
"bookworm",
"bullseye",
"alpine3.19",
"alpine3.18"
],
- "version": "16.2"
+ "version": "16.3"
}
}
From 930acaf01ff536090a3bb304cf823a8cc777b658 Mon Sep 17 00:00:00 2001
From: Earlopain <14981592+Earlopain@users.noreply.github.com>
Date: Wed, 22 May 2024 22:39:44 +0200
Subject: [PATCH 059/115] Update to alpine 3.20
---
12/{alpine3.18 => alpine3.20}/Dockerfile | 2 +-
.../docker-ensure-initdb.sh | 0
.../docker-entrypoint.sh | 0
13/{alpine3.18 => alpine3.20}/Dockerfile | 2 +-
.../docker-ensure-initdb.sh | 0
.../docker-entrypoint.sh | 0
14/{alpine3.18 => alpine3.20}/Dockerfile | 2 +-
.../docker-ensure-initdb.sh | 0
.../docker-entrypoint.sh | 0
15/{alpine3.18 => alpine3.20}/Dockerfile | 2 +-
.../docker-ensure-initdb.sh | 0
.../docker-entrypoint.sh | 0
16/{alpine3.18 => alpine3.20}/Dockerfile | 2 +-
.../docker-ensure-initdb.sh | 0
.../docker-entrypoint.sh | 0
versions.json | 30 +++++++++----------
versions.sh | 2 +-
17 files changed, 21 insertions(+), 21 deletions(-)
rename 12/{alpine3.18 => alpine3.20}/Dockerfile (99%)
rename 12/{alpine3.18 => alpine3.20}/docker-ensure-initdb.sh (100%)
rename 12/{alpine3.18 => alpine3.20}/docker-entrypoint.sh (100%)
rename 13/{alpine3.18 => alpine3.20}/Dockerfile (99%)
rename 13/{alpine3.18 => alpine3.20}/docker-ensure-initdb.sh (100%)
rename 13/{alpine3.18 => alpine3.20}/docker-entrypoint.sh (100%)
rename 14/{alpine3.18 => alpine3.20}/Dockerfile (99%)
rename 14/{alpine3.18 => alpine3.20}/docker-ensure-initdb.sh (100%)
rename 14/{alpine3.18 => alpine3.20}/docker-entrypoint.sh (100%)
rename 15/{alpine3.18 => alpine3.20}/Dockerfile (99%)
rename 15/{alpine3.18 => alpine3.20}/docker-ensure-initdb.sh (100%)
rename 15/{alpine3.18 => alpine3.20}/docker-entrypoint.sh (100%)
rename 16/{alpine3.18 => alpine3.20}/Dockerfile (99%)
rename 16/{alpine3.18 => alpine3.20}/docker-ensure-initdb.sh (100%)
rename 16/{alpine3.18 => alpine3.20}/docker-entrypoint.sh (100%)
diff --git a/12/alpine3.18/Dockerfile b/12/alpine3.20/Dockerfile
similarity index 99%
rename from 12/alpine3.18/Dockerfile
rename to 12/alpine3.20/Dockerfile
index ca48d22265..e68037b78b 100644
--- a/12/alpine3.18/Dockerfile
+++ b/12/alpine3.20/Dockerfile
@@ -4,7 +4,7 @@
# PLEASE DO NOT EDIT IT DIRECTLY.
#
-FROM alpine:3.18
+FROM alpine:3.20
# 70 is the standard uid/gid for "postgres" in Alpine
# https://git.alpinelinux.org/aports/tree/main/postgresql/postgresql.pre-install?h=3.12-stable
diff --git a/12/alpine3.18/docker-ensure-initdb.sh b/12/alpine3.20/docker-ensure-initdb.sh
similarity index 100%
rename from 12/alpine3.18/docker-ensure-initdb.sh
rename to 12/alpine3.20/docker-ensure-initdb.sh
diff --git a/12/alpine3.18/docker-entrypoint.sh b/12/alpine3.20/docker-entrypoint.sh
similarity index 100%
rename from 12/alpine3.18/docker-entrypoint.sh
rename to 12/alpine3.20/docker-entrypoint.sh
diff --git a/13/alpine3.18/Dockerfile b/13/alpine3.20/Dockerfile
similarity index 99%
rename from 13/alpine3.18/Dockerfile
rename to 13/alpine3.20/Dockerfile
index 465b514876..43fa0ea471 100644
--- a/13/alpine3.18/Dockerfile
+++ b/13/alpine3.20/Dockerfile
@@ -4,7 +4,7 @@
# PLEASE DO NOT EDIT IT DIRECTLY.
#
-FROM alpine:3.18
+FROM alpine:3.20
# 70 is the standard uid/gid for "postgres" in Alpine
# https://git.alpinelinux.org/aports/tree/main/postgresql/postgresql.pre-install?h=3.12-stable
diff --git a/13/alpine3.18/docker-ensure-initdb.sh b/13/alpine3.20/docker-ensure-initdb.sh
similarity index 100%
rename from 13/alpine3.18/docker-ensure-initdb.sh
rename to 13/alpine3.20/docker-ensure-initdb.sh
diff --git a/13/alpine3.18/docker-entrypoint.sh b/13/alpine3.20/docker-entrypoint.sh
similarity index 100%
rename from 13/alpine3.18/docker-entrypoint.sh
rename to 13/alpine3.20/docker-entrypoint.sh
diff --git a/14/alpine3.18/Dockerfile b/14/alpine3.20/Dockerfile
similarity index 99%
rename from 14/alpine3.18/Dockerfile
rename to 14/alpine3.20/Dockerfile
index b1fbd8d556..0ea12b04fa 100644
--- a/14/alpine3.18/Dockerfile
+++ b/14/alpine3.20/Dockerfile
@@ -4,7 +4,7 @@
# PLEASE DO NOT EDIT IT DIRECTLY.
#
-FROM alpine:3.18
+FROM alpine:3.20
# 70 is the standard uid/gid for "postgres" in Alpine
# https://git.alpinelinux.org/aports/tree/main/postgresql/postgresql.pre-install?h=3.12-stable
diff --git a/14/alpine3.18/docker-ensure-initdb.sh b/14/alpine3.20/docker-ensure-initdb.sh
similarity index 100%
rename from 14/alpine3.18/docker-ensure-initdb.sh
rename to 14/alpine3.20/docker-ensure-initdb.sh
diff --git a/14/alpine3.18/docker-entrypoint.sh b/14/alpine3.20/docker-entrypoint.sh
similarity index 100%
rename from 14/alpine3.18/docker-entrypoint.sh
rename to 14/alpine3.20/docker-entrypoint.sh
diff --git a/15/alpine3.18/Dockerfile b/15/alpine3.20/Dockerfile
similarity index 99%
rename from 15/alpine3.18/Dockerfile
rename to 15/alpine3.20/Dockerfile
index 87a2ce7ae0..8c67066559 100644
--- a/15/alpine3.18/Dockerfile
+++ b/15/alpine3.20/Dockerfile
@@ -4,7 +4,7 @@
# PLEASE DO NOT EDIT IT DIRECTLY.
#
-FROM alpine:3.18
+FROM alpine:3.20
# 70 is the standard uid/gid for "postgres" in Alpine
# https://git.alpinelinux.org/aports/tree/main/postgresql/postgresql.pre-install?h=3.12-stable
diff --git a/15/alpine3.18/docker-ensure-initdb.sh b/15/alpine3.20/docker-ensure-initdb.sh
similarity index 100%
rename from 15/alpine3.18/docker-ensure-initdb.sh
rename to 15/alpine3.20/docker-ensure-initdb.sh
diff --git a/15/alpine3.18/docker-entrypoint.sh b/15/alpine3.20/docker-entrypoint.sh
similarity index 100%
rename from 15/alpine3.18/docker-entrypoint.sh
rename to 15/alpine3.20/docker-entrypoint.sh
diff --git a/16/alpine3.18/Dockerfile b/16/alpine3.20/Dockerfile
similarity index 99%
rename from 16/alpine3.18/Dockerfile
rename to 16/alpine3.20/Dockerfile
index 17b0859ffe..d07b848af4 100644
--- a/16/alpine3.18/Dockerfile
+++ b/16/alpine3.20/Dockerfile
@@ -4,7 +4,7 @@
# PLEASE DO NOT EDIT IT DIRECTLY.
#
-FROM alpine:3.18
+FROM alpine:3.20
# 70 is the standard uid/gid for "postgres" in Alpine
# https://git.alpinelinux.org/aports/tree/main/postgresql/postgresql.pre-install?h=3.12-stable
diff --git a/16/alpine3.18/docker-ensure-initdb.sh b/16/alpine3.20/docker-ensure-initdb.sh
similarity index 100%
rename from 16/alpine3.18/docker-ensure-initdb.sh
rename to 16/alpine3.20/docker-ensure-initdb.sh
diff --git a/16/alpine3.18/docker-entrypoint.sh b/16/alpine3.20/docker-entrypoint.sh
similarity index 100%
rename from 16/alpine3.18/docker-entrypoint.sh
rename to 16/alpine3.20/docker-entrypoint.sh
diff --git a/versions.json b/versions.json
index bd0b1c943f..71d306eba5 100644
--- a/versions.json
+++ b/versions.json
@@ -1,6 +1,6 @@
{
"12": {
- "alpine": "3.19",
+ "alpine": "3.20",
"bookworm": {
"arches": [
"amd64",
@@ -25,13 +25,13 @@
"variants": [
"bookworm",
"bullseye",
- "alpine3.19",
- "alpine3.18"
+ "alpine3.20",
+ "alpine3.19"
],
"version": "12.19"
},
"13": {
- "alpine": "3.19",
+ "alpine": "3.20",
"bookworm": {
"arches": [
"amd64",
@@ -56,13 +56,13 @@
"variants": [
"bookworm",
"bullseye",
- "alpine3.19",
- "alpine3.18"
+ "alpine3.20",
+ "alpine3.19"
],
"version": "13.15"
},
"14": {
- "alpine": "3.19",
+ "alpine": "3.20",
"bookworm": {
"arches": [
"amd64",
@@ -87,13 +87,13 @@
"variants": [
"bookworm",
"bullseye",
- "alpine3.19",
- "alpine3.18"
+ "alpine3.20",
+ "alpine3.19"
],
"version": "14.12"
},
"15": {
- "alpine": "3.19",
+ "alpine": "3.20",
"bookworm": {
"arches": [
"amd64",
@@ -118,13 +118,13 @@
"variants": [
"bookworm",
"bullseye",
- "alpine3.19",
- "alpine3.18"
+ "alpine3.20",
+ "alpine3.19"
],
"version": "15.7"
},
"16": {
- "alpine": "3.19",
+ "alpine": "3.20",
"bookworm": {
"arches": [
"amd64",
@@ -149,8 +149,8 @@
"variants": [
"bookworm",
"bullseye",
- "alpine3.19",
- "alpine3.18"
+ "alpine3.20",
+ "alpine3.19"
],
"version": "16.3"
}
diff --git a/versions.sh b/versions.sh
index b50f99ed38..e8c1225d53 100755
--- a/versions.sh
+++ b/versions.sh
@@ -7,8 +7,8 @@ supportedDebianSuites=(
bullseye
)
supportedAlpineVersions=(
+ 3.20
3.19
- 3.18
)
defaultDebianSuite="${supportedDebianSuites[0]}"
declare -A debianSuites=(
From d2cafdf55d9091275fa6f1b782b23dd09c592a75 Mon Sep 17 00:00:00 2001
From: Earlopain <14981592+Earlopain@users.noreply.github.com>
Date: Wed, 22 May 2024 22:45:53 +0200
Subject: [PATCH 060/115] Bump `actions/checkout` to v4
Prevents a Node.js 16 deprecation warning
---
.github/workflows/ci.yml | 4 ++--
.github/workflows/verify-templating.yml | 2 +-
2 files changed, 3 insertions(+), 3 deletions(-)
diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
index d898fd2763..ccc7fd8955 100644
--- a/.github/workflows/ci.yml
+++ b/.github/workflows/ci.yml
@@ -19,7 +19,7 @@ jobs:
outputs:
strategy: ${{ steps.generate-jobs.outputs.strategy }}
steps:
- - uses: actions/checkout@v3
+ - uses: actions/checkout@v4
- uses: docker-library/bashbrew@HEAD
- id: generate-jobs
name: Generate Jobs
@@ -35,7 +35,7 @@ jobs:
name: ${{ matrix.name }}
runs-on: ${{ matrix.os }}
steps:
- - uses: actions/checkout@v3
+ - uses: actions/checkout@v4
- name: Prepare Environment
run: ${{ matrix.runs.prepare }}
- name: Pull Dependencies
diff --git a/.github/workflows/verify-templating.yml b/.github/workflows/verify-templating.yml
index 1631af9935..9ece508df6 100644
--- a/.github/workflows/verify-templating.yml
+++ b/.github/workflows/verify-templating.yml
@@ -14,7 +14,7 @@ jobs:
name: Check For Uncomitted Changes
runs-on: ubuntu-latest
steps:
- - uses: actions/checkout@v3
+ - uses: actions/checkout@v4
- name: Apply Templates
run: ./apply-templates.sh
- name: Check Git Status
From 41402ac3d12b84453127eaac54b45b300bf30d9a Mon Sep 17 00:00:00 2001
From: Laurent Goderre <laurent.goderre@docker.com>
Date: Mon, 27 May 2024 15:09:04 -0400
Subject: [PATCH 061/115] Add 17 beta1
Fixes #1243
---
17/alpine3.19/Dockerfile | 209 +++++++++++++++
17/alpine3.19/docker-ensure-initdb.sh | 71 +++++
17/alpine3.19/docker-entrypoint.sh | 356 ++++++++++++++++++++++++++
17/alpine3.20/Dockerfile | 209 +++++++++++++++
17/alpine3.20/docker-ensure-initdb.sh | 71 +++++
17/alpine3.20/docker-entrypoint.sh | 356 ++++++++++++++++++++++++++
17/bookworm/Dockerfile | 226 ++++++++++++++++
17/bookworm/docker-ensure-initdb.sh | 71 +++++
17/bookworm/docker-entrypoint.sh | 356 ++++++++++++++++++++++++++
17/bullseye/Dockerfile | 226 ++++++++++++++++
17/bullseye/docker-ensure-initdb.sh | 71 +++++
17/bullseye/docker-entrypoint.sh | 356 ++++++++++++++++++++++++++
Dockerfile-alpine.template | 8 +
versions.json | 31 +++
14 files changed, 2617 insertions(+)
create mode 100644 17/alpine3.19/Dockerfile
create mode 100755 17/alpine3.19/docker-ensure-initdb.sh
create mode 100755 17/alpine3.19/docker-entrypoint.sh
create mode 100644 17/alpine3.20/Dockerfile
create mode 100755 17/alpine3.20/docker-ensure-initdb.sh
create mode 100755 17/alpine3.20/docker-entrypoint.sh
create mode 100644 17/bookworm/Dockerfile
create mode 100755 17/bookworm/docker-ensure-initdb.sh
create mode 100755 17/bookworm/docker-entrypoint.sh
create mode 100644 17/bullseye/Dockerfile
create mode 100755 17/bullseye/docker-ensure-initdb.sh
create mode 100755 17/bullseye/docker-entrypoint.sh
diff --git a/17/alpine3.19/Dockerfile b/17/alpine3.19/Dockerfile
new file mode 100644
index 0000000000..6c3d203b44
--- /dev/null
+++ b/17/alpine3.19/Dockerfile
@@ -0,0 +1,209 @@
+#
+# NOTE: THIS DOCKERFILE IS GENERATED VIA "apply-templates.sh"
+#
+# PLEASE DO NOT EDIT IT DIRECTLY.
+#
+
+FROM alpine:3.19
+
+# 70 is the standard uid/gid for "postgres" in Alpine
+# https://git.alpinelinux.org/aports/tree/main/postgresql/postgresql.pre-install?h=3.12-stable
+RUN set -eux; \
+ addgroup -g 70 -S postgres; \
+ adduser -u 70 -S -D -G postgres -H -h /var/lib/postgresql -s /bin/sh postgres; \
+ mkdir -p /var/lib/postgresql; \
+ chown -R postgres:postgres /var/lib/postgresql
+
+# su-exec (gosu-compatible) is installed further down
+
+# make the "en_US.UTF-8" locale so postgres will be utf-8 enabled by default
+# alpine doesn't require explicit locale-file generation
+ENV LANG en_US.utf8
+
+RUN mkdir /docker-entrypoint-initdb.d
+
+ENV PG_MAJOR 17
+ENV PG_VERSION 17beta1
+ENV PG_SHA256 089e8854fecd0ca1ec5cd8b29526938f9ef5e91cc331f5d6e118d13468f08f50
+
+ENV DOCKER_PG_LLVM_DEPS \
+ llvm15-dev \
+ clang15
+
+RUN set -eux; \
+ \
+ wget -O postgresql.tar.bz2 "https://ftp.postgresql.org/pub/source/v$PG_VERSION/postgresql-$PG_VERSION.tar.bz2"; \
+ echo "$PG_SHA256 *postgresql.tar.bz2" | sha256sum -c -; \
+ mkdir -p /usr/src/postgresql; \
+ tar \
+ --extract \
+ --file postgresql.tar.bz2 \
+ --directory /usr/src/postgresql \
+ --strip-components 1 \
+ ; \
+ rm postgresql.tar.bz2; \
+ \
+ apk add --no-cache --virtual .build-deps \
+ $DOCKER_PG_LLVM_DEPS \
+ bison \
+ coreutils \
+ dpkg-dev dpkg \
+ flex \
+ g++ \
+ gcc \
+ krb5-dev \
+ libc-dev \
+ libedit-dev \
+ libxml2-dev \
+ libxslt-dev \
+ linux-headers \
+ make \
+ openldap-dev \
+ openssl-dev \
+ perl-dev \
+ perl-ipc-run \
+ perl-utils \
+ python3-dev \
+ tcl-dev \
+ util-linux-dev \
+ zlib-dev \
+# https://www.postgresql.org/docs/10/static/release-10.html#id-1.11.6.9.5.13
+ icu-dev \
+# https://www.postgresql.org/docs/14/release-14.html#id-1.11.6.5.5.3.7
+ lz4-dev \
+# https://www.postgresql.org/docs/15/release-15.html "--with-zstd to enable Zstandard builds"
+ zstd-dev \
+ ; \
+ \
+ cd /usr/src/postgresql; \
+# update "DEFAULT_PGSOCKET_DIR" to "/var/run/postgresql" (matching Debian)
+# see https://anonscm.debian.org/git/pkg-postgresql/postgresql.git/tree/debian/patches/51-default-sockets-in-var.patch?id=8b539fcb3e093a521c095e70bdfa76887217b89f
+ awk '$1 == "#define" && $2 == "DEFAULT_PGSOCKET_DIR" && $3 == "\"/tmp\"" { $3 = "\"/var/run/postgresql\""; print; next } { print }' src/include/pg_config_manual.h > src/include/pg_config_manual.h.new; \
+ grep '/var/run/postgresql' src/include/pg_config_manual.h.new; \
+ mv src/include/pg_config_manual.h.new src/include/pg_config_manual.h; \
+ gnuArch="$(dpkg-architecture --query DEB_BUILD_GNU_TYPE)"; \
+# explicitly update autoconf config.guess and config.sub so they support more arches/libcs
+ wget -O config/config.guess 'https://git.savannah.gnu.org/cgit/config.git/plain/config.guess?id=7d3d27baf8107b630586c962c057e22149653deb'; \
+ wget -O config/config.sub 'https://git.savannah.gnu.org/cgit/config.git/plain/config.sub?id=7d3d27baf8107b630586c962c057e22149653deb'; \
+ \
+# https://git.alpinelinux.org/aports/tree/community/postgresql12/APKBUILD?h=3.18-stable&id=a470294e6d6ca7059e41c54769b7c3c26ec901d4#n158
+ export LLVM_CONFIG="/usr/lib/llvm15/bin/llvm-config"; \
+# https://git.alpinelinux.org/aports/tree/community/postgresql12/APKBUILD?h=3.18-stable&id=a470294e6d6ca7059e41c54769b7c3c26ec901d4#n163
+ export CLANG=clang-15; \
+ \
+# configure options taken from:
+# https://anonscm.debian.org/cgit/pkg-postgresql/postgresql.git/tree/debian/rules?h=9.5
+ ./configure \
+ --enable-option-checking=fatal \
+ --build="$gnuArch" \
+# "/usr/src/postgresql/src/backend/access/common/tupconvert.c:105: undefined reference to `libintl_gettext'"
+# --enable-nls \
+ --enable-integer-datetimes \
+ --enable-tap-tests \
+# skip debugging info -- we want tiny size instead
+# --enable-debug \
+ --disable-rpath \
+ --with-uuid=e2fs \
+ --with-pgport=5432 \
+ --with-system-tzdata=/usr/share/zoneinfo \
+ --prefix=/usr/local \
+ --with-includes=/usr/local/include \
+ --with-libraries=/usr/local/lib \
+ --with-gssapi \
+ --with-ldap \
+ --with-tcl \
+ --with-perl \
+ --with-python \
+# --with-pam \
+ --with-openssl \
+ --with-libxml \
+ --with-libxslt \
+ --with-icu \
+ --with-llvm \
+ --with-lz4 \
+ --with-zstd \
+ ; \
+ make -j "$(nproc)" all; \
+ make install; \
+ make -C contrib install; \
+ \
+ runDeps="$( \
+ scanelf --needed --nobanner --format '%n#p' --recursive /usr/local \
+ | tr ',' '\n' \
+ | sort -u \
+ | awk 'system("[ -e /usr/local/lib/" $1 " ]") == 0 { next } { print "so:" $1 }' \
+# Remove plperl, plpython and pltcl dependencies by default to save image size
+# To use the pl extensions, those have to be installed in a derived image
+ | grep -v -e perl -e python -e tcl \
+ )"; \
+ apk add --no-cache --virtual .postgresql-rundeps \
+ $runDeps \
+ bash \
+ su-exec \
+ tzdata \
+ zstd \
+# https://wiki.alpinelinux.org/wiki/Release_Notes_for_Alpine_3.16.0#ICU_data_split
+ icu-data-full \
+# nss_wrapper is not availble on ppc64le: "test case segfaults in ppc64le"
+# https://git.alpinelinux.org/aports/commit/testing/nss_wrapper/APKBUILD?h=3.17-stable&id=94d81ceeb58cff448d489bbcbe9a6d40c9991663
+ $([ "$(apk --print-arch)" != 'ppc64le' ] && echo 'nss_wrapper') \
+ ; \
+ apk del --no-network .build-deps; \
+ cd /; \
+ rm -rf \
+ /usr/src/postgresql \
+ /usr/local/share/doc \
+ /usr/local/share/man \
+ ; \
+ \
+ postgres --version
+
+# make the sample config easier to munge (and "correct by default")
+RUN set -eux; \
+ cp -v /usr/local/share/postgresql/postgresql.conf.sample /usr/local/share/postgresql/postgresql.conf.sample.orig; \
+ sed -ri "s!^#?(listen_addresses)\s*=\s*\S+.*!\1 = '*'!" /usr/local/share/postgresql/postgresql.conf.sample; \
+ grep -F "listen_addresses = '*'" /usr/local/share/postgresql/postgresql.conf.sample
+
+RUN mkdir -p /var/run/postgresql && chown -R postgres:postgres /var/run/postgresql && chmod 3777 /var/run/postgresql
+
+ENV PGDATA /var/lib/postgresql/data
+# this 1777 will be replaced by 0700 at runtime (allows semi-arbitrary "--user" values)
+RUN mkdir -p "$PGDATA" && chown -R postgres:postgres "$PGDATA" && chmod 1777 "$PGDATA"
+VOLUME /var/lib/postgresql/data
+
+COPY docker-entrypoint.sh docker-ensure-initdb.sh /usr/local/bin/
+RUN ln -sT docker-ensure-initdb.sh /usr/local/bin/docker-enforce-initdb.sh
+ENTRYPOINT ["docker-entrypoint.sh"]
+
+# We set the default STOPSIGNAL to SIGINT, which corresponds to what PostgreSQL
+# calls "Fast Shutdown mode" wherein new connections are disallowed and any
+# in-progress transactions are aborted, allowing PostgreSQL to stop cleanly and
+# flush tables to disk, which is the best compromise available to avoid data
+# corruption.
+#
+# Users who know their applications do not keep open long-lived idle connections
+# may way to use a value of SIGTERM instead, which corresponds to "Smart
+# Shutdown mode" in which any existing sessions are allowed to finish and the
+# server stops when all sessions are terminated.
+#
+# See https://www.postgresql.org/docs/12/server-shutdown.html for more details
+# about available PostgreSQL server shutdown signals.
+#
+# See also https://www.postgresql.org/docs/12/server-start.html for further
+# justification of this as the default value, namely that the example (and
+# shipped) systemd service files use the "Fast Shutdown mode" for service
+# termination.
+#
+STOPSIGNAL SIGINT
+#
+# An additional setting that is recommended for all users regardless of this
+# value is the runtime "--stop-timeout" (or your orchestrator/runtime's
+# equivalent) for controlling how long to wait between sending the defined
+# STOPSIGNAL and sending SIGKILL (which is likely to cause data corruption).
+#
+# The default in most runtimes (such as Docker) is 10 seconds, and the
+# documentation at https://www.postgresql.org/docs/12/server-start.html notes
+# that even 90 seconds may not be long enough in many instances.
+
+EXPOSE 5432
+CMD ["postgres"]
diff --git a/17/alpine3.19/docker-ensure-initdb.sh b/17/alpine3.19/docker-ensure-initdb.sh
new file mode 100755
index 0000000000..2a9758656e
--- /dev/null
+++ b/17/alpine3.19/docker-ensure-initdb.sh
@@ -0,0 +1,71 @@
+#!/usr/bin/env bash
+set -Eeuo pipefail
+
+#
+# This script is intended for three main use cases:
+#
+# 1. (most importantly) as an example of how to use "docker-entrypoint.sh" to extend/reuse the initialization behavior
+#
+# 2. ("docker-ensure-initdb.sh") as a Kubernetes "init container" to ensure the provided database directory is initialized; see also "startup probes" for an alternative solution
+# (no-op if database is already initialized)
+#
+# 3. ("docker-enforce-initdb.sh") as part of CI to ensure the database is fully initialized before use
+# (error if database is already initialized)
+#
+
+source /usr/local/bin/docker-entrypoint.sh
+
+# arguments to this script are assumed to be arguments to the "postgres" server (same as "docker-entrypoint.sh"), and most "docker-entrypoint.sh" functions assume "postgres" is the first argument (see "_main" over there)
+if [ "$#" -eq 0 ] || [ "$1" != 'postgres' ]; then
+ set -- postgres "$@"
+fi
+
+# see also "_main" in "docker-entrypoint.sh"
+
+docker_setup_env
+# setup data directories and permissions (when run as root)
+docker_create_db_directories
+if [ "$(id -u)" = '0' ]; then
+ # then restart script as postgres user
+ exec su-exec postgres "$BASH_SOURCE" "$@"
+fi
+
+# only run initialization on an empty data directory
+if [ -z "$DATABASE_ALREADY_EXISTS" ]; then
+ docker_verify_minimum_env
+
+ # check dir permissions to reduce likelihood of half-initialized database
+ ls /docker-entrypoint-initdb.d/ > /dev/null
+
+ docker_init_database_dir
+ pg_setup_hba_conf "$@"
+
+ # PGPASSWORD is required for psql when authentication is required for 'local' connections via pg_hba.conf and is otherwise harmless
+ # e.g. when '--auth=md5' or '--auth-local=md5' is used in POSTGRES_INITDB_ARGS
+ export PGPASSWORD="${PGPASSWORD:-$POSTGRES_PASSWORD}"
+ docker_temp_server_start "$@"
+
+ docker_setup_db
+ docker_process_init_files /docker-entrypoint-initdb.d/*
+
+ docker_temp_server_stop
+ unset PGPASSWORD
+else
+ self="$(basename "$0")"
+ case "$self" in
+ docker-ensure-initdb.sh)
+ echo >&2 "$self: note: database already initialized in '$PGDATA'!"
+ exit 0
+ ;;
+
+ docker-enforce-initdb.sh)
+ echo >&2 "$self: error: (unexpected) database found in '$PGDATA'!"
+ exit 1
+ ;;
+
+ *)
+ echo >&2 "$self: error: unknown file name: $self"
+ exit 99
+ ;;
+ esac
+fi
diff --git a/17/alpine3.19/docker-entrypoint.sh b/17/alpine3.19/docker-entrypoint.sh
new file mode 100755
index 0000000000..8163d10401
--- /dev/null
+++ b/17/alpine3.19/docker-entrypoint.sh
@@ -0,0 +1,356 @@
+#!/usr/bin/env bash
+set -Eeo pipefail
+# TODO swap to -Eeuo pipefail above (after handling all potentially-unset variables)
+
+# usage: file_env VAR [DEFAULT]
+# ie: file_env 'XYZ_DB_PASSWORD' 'example'
+# (will allow for "$XYZ_DB_PASSWORD_FILE" to fill in the value of
+# "$XYZ_DB_PASSWORD" from a file, especially for Docker's secrets feature)
+file_env() {
+ local var="$1"
+ local fileVar="${var}_FILE"
+ local def="${2:-}"
+ if [ "${!var:-}" ] && [ "${!fileVar:-}" ]; then
+ printf >&2 'error: both %s and %s are set (but are exclusive)\n' "$var" "$fileVar"
+ exit 1
+ fi
+ local val="$def"
+ if [ "${!var:-}" ]; then
+ val="${!var}"
+ elif [ "${!fileVar:-}" ]; then
+ val="$(< "${!fileVar}")"
+ fi
+ export "$var"="$val"
+ unset "$fileVar"
+}
+
+# check to see if this file is being run or sourced from another script
+_is_sourced() {
+ # https://unix.stackexchange.com/a/215279
+ [ "${#FUNCNAME[@]}" -ge 2 ] \
+ && [ "${FUNCNAME[0]}" = '_is_sourced' ] \
+ && [ "${FUNCNAME[1]}" = 'source' ]
+}
+
+# used to create initial postgres directories and if run as root, ensure ownership to the "postgres" user
+docker_create_db_directories() {
+ local user; user="$(id -u)"
+
+ mkdir -p "$PGDATA"
+ # ignore failure since there are cases where we can't chmod (and PostgreSQL might fail later anyhow - it's picky about permissions of this directory)
+ chmod 00700 "$PGDATA" || :
+
+ # ignore failure since it will be fine when using the image provided directory; see also https://github.com/docker-library/postgres/pull/289
+ mkdir -p /var/run/postgresql || :
+ chmod 03775 /var/run/postgresql || :
+
+ # Create the transaction log directory before initdb is run so the directory is owned by the correct user
+ if [ -n "${POSTGRES_INITDB_WALDIR:-}" ]; then
+ mkdir -p "$POSTGRES_INITDB_WALDIR"
+ if [ "$user" = '0' ]; then
+ find "$POSTGRES_INITDB_WALDIR" \! -user postgres -exec chown postgres '{}' +
+ fi
+ chmod 700 "$POSTGRES_INITDB_WALDIR"
+ fi
+
+ # allow the container to be started with `--user`
+ if [ "$user" = '0' ]; then
+ find "$PGDATA" \! -user postgres -exec chown postgres '{}' +
+ find /var/run/postgresql \! -user postgres -exec chown postgres '{}' +
+ fi
+}
+
+# initialize empty PGDATA directory with new database via 'initdb'
+# arguments to `initdb` can be passed via POSTGRES_INITDB_ARGS or as arguments to this function
+# `initdb` automatically creates the "postgres", "template0", and "template1" dbnames
+# this is also where the database user is created, specified by `POSTGRES_USER` env
+docker_init_database_dir() {
+ # "initdb" is particular about the current user existing in "/etc/passwd", so we use "nss_wrapper" to fake that if necessary
+ # see https://github.com/docker-library/postgres/pull/253, https://github.com/docker-library/postgres/issues/359, https://cwrap.org/nss_wrapper.html
+ local uid; uid="$(id -u)"
+ if ! getent passwd "$uid" &> /dev/null; then
+ # see if we can find a suitable "libnss_wrapper.so" (https://salsa.debian.org/sssd-team/nss-wrapper/-/commit/b9925a653a54e24d09d9b498a2d913729f7abb15)
+ local wrapper
+ for wrapper in {/usr,}/lib{/*,}/libnss_wrapper.so; do
+ if [ -s "$wrapper" ]; then
+ NSS_WRAPPER_PASSWD="$(mktemp)"
+ NSS_WRAPPER_GROUP="$(mktemp)"
+ export LD_PRELOAD="$wrapper" NSS_WRAPPER_PASSWD NSS_WRAPPER_GROUP
+ local gid; gid="$(id -g)"
+ printf 'postgres:x:%s:%s:PostgreSQL:%s:/bin/false\n' "$uid" "$gid" "$PGDATA" > "$NSS_WRAPPER_PASSWD"
+ printf 'postgres:x:%s:\n' "$gid" > "$NSS_WRAPPER_GROUP"
+ break
+ fi
+ done
+ fi
+
+ if [ -n "${POSTGRES_INITDB_WALDIR:-}" ]; then
+ set -- --waldir "$POSTGRES_INITDB_WALDIR" "$@"
+ fi
+
+ # --pwfile refuses to handle a properly-empty file (hence the "\n"): https://github.com/docker-library/postgres/issues/1025
+ eval 'initdb --username="$POSTGRES_USER" --pwfile=<(printf "%s\n" "$POSTGRES_PASSWORD") '"$POSTGRES_INITDB_ARGS"' "$@"'
+
+ # unset/cleanup "nss_wrapper" bits
+ if [[ "${LD_PRELOAD:-}" == */libnss_wrapper.so ]]; then
+ rm -f "$NSS_WRAPPER_PASSWD" "$NSS_WRAPPER_GROUP"
+ unset LD_PRELOAD NSS_WRAPPER_PASSWD NSS_WRAPPER_GROUP
+ fi
+}
+
+# print large warning if POSTGRES_PASSWORD is long
+# error if both POSTGRES_PASSWORD is empty and POSTGRES_HOST_AUTH_METHOD is not 'trust'
+# print large warning if POSTGRES_HOST_AUTH_METHOD is set to 'trust'
+# assumes database is not set up, ie: [ -z "$DATABASE_ALREADY_EXISTS" ]
+docker_verify_minimum_env() {
+ case "${PG_MAJOR:-}" in
+ 12 | 13) # https://github.com/postgres/postgres/commit/67a472d71c98c3d2fa322a1b4013080b20720b98
+ # check password first so we can output the warning before postgres
+ # messes it up
+ if [ "${#POSTGRES_PASSWORD}" -ge 100 ]; then
+ cat >&2 <<-'EOWARN'
+
+ WARNING: The supplied POSTGRES_PASSWORD is 100+ characters.
+
+ This will not work if used via PGPASSWORD with "psql".
+
+ https://www.postgresql.org/message-id/flat/E1Rqxp2-0004Qt-PL%40wrigleys.postgresql.org (BUG #6412)
+ https://github.com/docker-library/postgres/issues/507
+
+ EOWARN
+ fi
+ ;;
+ esac
+ if [ -z "$POSTGRES_PASSWORD" ] && [ 'trust' != "$POSTGRES_HOST_AUTH_METHOD" ]; then
+ # The - option suppresses leading tabs but *not* spaces. :)
+ cat >&2 <<-'EOE'
+ Error: Database is uninitialized and superuser password is not specified.
+ You must specify POSTGRES_PASSWORD to a non-empty value for the
+ superuser. For example, "-e POSTGRES_PASSWORD=password" on "docker run".
+
+ You may also use "POSTGRES_HOST_AUTH_METHOD=trust" to allow all
+ connections without a password. This is *not* recommended.
+
+ See PostgreSQL documentation about "trust":
+ https://www.postgresql.org/docs/current/auth-trust.html
+ EOE
+ exit 1
+ fi
+ if [ 'trust' = "$POSTGRES_HOST_AUTH_METHOD" ]; then
+ cat >&2 <<-'EOWARN'
+ ********************************************************************************
+ WARNING: POSTGRES_HOST_AUTH_METHOD has been set to "trust". This will allow
+ anyone with access to the Postgres port to access your database without
+ a password, even if POSTGRES_PASSWORD is set. See PostgreSQL
+ documentation about "trust":
+ https://www.postgresql.org/docs/current/auth-trust.html
+ In Docker's default configuration, this is effectively any other
+ container on the same system.
+
+ It is not recommended to use POSTGRES_HOST_AUTH_METHOD=trust. Replace
+ it with "-e POSTGRES_PASSWORD=password" instead to set a password in
+ "docker run".
+ ********************************************************************************
+ EOWARN
+ fi
+}
+
+# usage: docker_process_init_files [file [file [...]]]
+# ie: docker_process_init_files /always-initdb.d/*
+# process initializer files, based on file extensions and permissions
+docker_process_init_files() {
+ # psql here for backwards compatibility "${psql[@]}"
+ psql=( docker_process_sql )
+
+ printf '\n'
+ local f
+ for f; do
+ case "$f" in
+ *.sh)
+ # https://github.com/docker-library/postgres/issues/450#issuecomment-393167936
+ # https://github.com/docker-library/postgres/pull/452
+ if [ -x "$f" ]; then
+ printf '%s: running %s\n' "$0" "$f"
+ "$f"
+ else
+ printf '%s: sourcing %s\n' "$0" "$f"
+ . "$f"
+ fi
+ ;;
+ *.sql) printf '%s: running %s\n' "$0" "$f"; docker_process_sql -f "$f"; printf '\n' ;;
+ *.sql.gz) printf '%s: running %s\n' "$0" "$f"; gunzip -c "$f" | docker_process_sql; printf '\n' ;;
+ *.sql.xz) printf '%s: running %s\n' "$0" "$f"; xzcat "$f" | docker_process_sql; printf '\n' ;;
+ *.sql.zst) printf '%s: running %s\n' "$0" "$f"; zstd -dc "$f" | docker_process_sql; printf '\n' ;;
+ *) printf '%s: ignoring %s\n' "$0" "$f" ;;
+ esac
+ printf '\n'
+ done
+}
+
+# Execute sql script, passed via stdin (or -f flag of pqsl)
+# usage: docker_process_sql [psql-cli-args]
+# ie: docker_process_sql --dbname=mydb <<<'INSERT ...'
+# ie: docker_process_sql -f my-file.sql
+# ie: docker_process_sql <my-file.sql
+docker_process_sql() {
+ local query_runner=( psql -v ON_ERROR_STOP=1 --username "$POSTGRES_USER" --no-password --no-psqlrc )
+ if [ -n "$POSTGRES_DB" ]; then
+ query_runner+=( --dbname "$POSTGRES_DB" )
+ fi
+
+ PGHOST= PGHOSTADDR= "${query_runner[@]}" "$@"
+}
+
+# create initial database
+# uses environment variables for input: POSTGRES_DB
+docker_setup_db() {
+ local dbAlreadyExists
+ dbAlreadyExists="$(
+ POSTGRES_DB= docker_process_sql --dbname postgres --set db="$POSTGRES_DB" --tuples-only <<-'EOSQL'
+ SELECT 1 FROM pg_database WHERE datname = :'db' ;
+ EOSQL
+ )"
+ if [ -z "$dbAlreadyExists" ]; then
+ POSTGRES_DB= docker_process_sql --dbname postgres --set db="$POSTGRES_DB" <<-'EOSQL'
+ CREATE DATABASE :"db" ;
+ EOSQL
+ printf '\n'
+ fi
+}
+
+# Loads various settings that are used elsewhere in the script
+# This should be called before any other functions
+docker_setup_env() {
+ file_env 'POSTGRES_PASSWORD'
+
+ file_env 'POSTGRES_USER' 'postgres'
+ file_env 'POSTGRES_DB' "$POSTGRES_USER"
+ file_env 'POSTGRES_INITDB_ARGS'
+ : "${POSTGRES_HOST_AUTH_METHOD:=}"
+
+ declare -g DATABASE_ALREADY_EXISTS
+ : "${DATABASE_ALREADY_EXISTS:=}"
+ # look specifically for PG_VERSION, as it is expected in the DB dir
+ if [ -s "$PGDATA/PG_VERSION" ]; then
+ DATABASE_ALREADY_EXISTS='true'
+ fi
+}
+
+# append POSTGRES_HOST_AUTH_METHOD to pg_hba.conf for "host" connections
+# all arguments will be passed along as arguments to `postgres` for getting the value of 'password_encryption'
+pg_setup_hba_conf() {
+ # default authentication method is md5 on versions before 14
+ # https://www.postgresql.org/about/news/postgresql-14-released-2318/
+ if [ "$1" = 'postgres' ]; then
+ shift
+ fi
+ local auth
+ # check the default/configured encryption and use that as the auth method
+ auth="$(postgres -C password_encryption "$@")"
+ : "${POSTGRES_HOST_AUTH_METHOD:=$auth}"
+ {
+ printf '\n'
+ if [ 'trust' = "$POSTGRES_HOST_AUTH_METHOD" ]; then
+ printf '# warning trust is enabled for all connections\n'
+ printf '# see https://www.postgresql.org/docs/12/auth-trust.html\n'
+ fi
+ printf 'host all all all %s\n' "$POSTGRES_HOST_AUTH_METHOD"
+ } >> "$PGDATA/pg_hba.conf"
+}
+
+# start socket-only postgresql server for setting up or running scripts
+# all arguments will be passed along as arguments to `postgres` (via pg_ctl)
+docker_temp_server_start() {
+ if [ "$1" = 'postgres' ]; then
+ shift
+ fi
+
+ # internal start of server in order to allow setup using psql client
+ # does not listen on external TCP/IP and waits until start finishes
+ set -- "$@" -c listen_addresses='' -p "${PGPORT:-5432}"
+
+ PGUSER="${PGUSER:-$POSTGRES_USER}" \
+ pg_ctl -D "$PGDATA" \
+ -o "$(printf '%q ' "$@")" \
+ -w start
+}
+
+# stop postgresql server after done setting up user and running scripts
+docker_temp_server_stop() {
+ PGUSER="${PGUSER:-postgres}" \
+ pg_ctl -D "$PGDATA" -m fast -w stop
+}
+
+# check arguments for an option that would cause postgres to stop
+# return true if there is one
+_pg_want_help() {
+ local arg
+ for arg; do
+ case "$arg" in
+ # postgres --help | grep 'then exit'
+ # leaving out -C on purpose since it always fails and is unhelpful:
+ # postgres: could not access the server configuration file "/var/lib/postgresql/data/postgresql.conf": No such file or directory
+ -'?'|--help|--describe-config|-V|--version)
+ return 0
+ ;;
+ esac
+ done
+ return 1
+}
+
+_main() {
+ # if first arg looks like a flag, assume we want to run postgres server
+ if [ "${1:0:1}" = '-' ]; then
+ set -- postgres "$@"
+ fi
+
+ if [ "$1" = 'postgres' ] && ! _pg_want_help "$@"; then
+ docker_setup_env
+ # setup data directories and permissions (when run as root)
+ docker_create_db_directories
+ if [ "$(id -u)" = '0' ]; then
+ # then restart script as postgres user
+ exec su-exec postgres "$BASH_SOURCE" "$@"
+ fi
+
+ # only run initialization on an empty data directory
+ if [ -z "$DATABASE_ALREADY_EXISTS" ]; then
+ docker_verify_minimum_env
+
+ # check dir permissions to reduce likelihood of half-initialized database
+ ls /docker-entrypoint-initdb.d/ > /dev/null
+
+ docker_init_database_dir
+ pg_setup_hba_conf "$@"
+
+ # PGPASSWORD is required for psql when authentication is required for 'local' connections via pg_hba.conf and is otherwise harmless
+ # e.g. when '--auth=md5' or '--auth-local=md5' is used in POSTGRES_INITDB_ARGS
+ export PGPASSWORD="${PGPASSWORD:-$POSTGRES_PASSWORD}"
+ docker_temp_server_start "$@"
+
+ docker_setup_db
+ docker_process_init_files /docker-entrypoint-initdb.d/*
+
+ docker_temp_server_stop
+ unset PGPASSWORD
+
+ cat <<-'EOM'
+
+ PostgreSQL init process complete; ready for start up.
+
+ EOM
+ else
+ cat <<-'EOM'
+
+ PostgreSQL Database directory appears to contain a database; Skipping initialization
+
+ EOM
+ fi
+ fi
+
+ exec "$@"
+}
+
+if ! _is_sourced; then
+ _main "$@"
+fi
diff --git a/17/alpine3.20/Dockerfile b/17/alpine3.20/Dockerfile
new file mode 100644
index 0000000000..022e161fa4
--- /dev/null
+++ b/17/alpine3.20/Dockerfile
@@ -0,0 +1,209 @@
+#
+# NOTE: THIS DOCKERFILE IS GENERATED VIA "apply-templates.sh"
+#
+# PLEASE DO NOT EDIT IT DIRECTLY.
+#
+
+FROM alpine:3.20
+
+# 70 is the standard uid/gid for "postgres" in Alpine
+# https://git.alpinelinux.org/aports/tree/main/postgresql/postgresql.pre-install?h=3.12-stable
+RUN set -eux; \
+ addgroup -g 70 -S postgres; \
+ adduser -u 70 -S -D -G postgres -H -h /var/lib/postgresql -s /bin/sh postgres; \
+ mkdir -p /var/lib/postgresql; \
+ chown -R postgres:postgres /var/lib/postgresql
+
+# su-exec (gosu-compatible) is installed further down
+
+# make the "en_US.UTF-8" locale so postgres will be utf-8 enabled by default
+# alpine doesn't require explicit locale-file generation
+ENV LANG en_US.utf8
+
+RUN mkdir /docker-entrypoint-initdb.d
+
+ENV PG_MAJOR 17
+ENV PG_VERSION 17beta1
+ENV PG_SHA256 089e8854fecd0ca1ec5cd8b29526938f9ef5e91cc331f5d6e118d13468f08f50
+
+ENV DOCKER_PG_LLVM_DEPS \
+ llvm15-dev \
+ clang15
+
+RUN set -eux; \
+ \
+ wget -O postgresql.tar.bz2 "https://ftp.postgresql.org/pub/source/v$PG_VERSION/postgresql-$PG_VERSION.tar.bz2"; \
+ echo "$PG_SHA256 *postgresql.tar.bz2" | sha256sum -c -; \
+ mkdir -p /usr/src/postgresql; \
+ tar \
+ --extract \
+ --file postgresql.tar.bz2 \
+ --directory /usr/src/postgresql \
+ --strip-components 1 \
+ ; \
+ rm postgresql.tar.bz2; \
+ \
+ apk add --no-cache --virtual .build-deps \
+ $DOCKER_PG_LLVM_DEPS \
+ bison \
+ coreutils \
+ dpkg-dev dpkg \
+ flex \
+ g++ \
+ gcc \
+ krb5-dev \
+ libc-dev \
+ libedit-dev \
+ libxml2-dev \
+ libxslt-dev \
+ linux-headers \
+ make \
+ openldap-dev \
+ openssl-dev \
+ perl-dev \
+ perl-ipc-run \
+ perl-utils \
+ python3-dev \
+ tcl-dev \
+ util-linux-dev \
+ zlib-dev \
+# https://www.postgresql.org/docs/10/static/release-10.html#id-1.11.6.9.5.13
+ icu-dev \
+# https://www.postgresql.org/docs/14/release-14.html#id-1.11.6.5.5.3.7
+ lz4-dev \
+# https://www.postgresql.org/docs/15/release-15.html "--with-zstd to enable Zstandard builds"
+ zstd-dev \
+ ; \
+ \
+ cd /usr/src/postgresql; \
+# update "DEFAULT_PGSOCKET_DIR" to "/var/run/postgresql" (matching Debian)
+# see https://anonscm.debian.org/git/pkg-postgresql/postgresql.git/tree/debian/patches/51-default-sockets-in-var.patch?id=8b539fcb3e093a521c095e70bdfa76887217b89f
+ awk '$1 == "#define" && $2 == "DEFAULT_PGSOCKET_DIR" && $3 == "\"/tmp\"" { $3 = "\"/var/run/postgresql\""; print; next } { print }' src/include/pg_config_manual.h > src/include/pg_config_manual.h.new; \
+ grep '/var/run/postgresql' src/include/pg_config_manual.h.new; \
+ mv src/include/pg_config_manual.h.new src/include/pg_config_manual.h; \
+ gnuArch="$(dpkg-architecture --query DEB_BUILD_GNU_TYPE)"; \
+# explicitly update autoconf config.guess and config.sub so they support more arches/libcs
+ wget -O config/config.guess 'https://git.savannah.gnu.org/cgit/config.git/plain/config.guess?id=7d3d27baf8107b630586c962c057e22149653deb'; \
+ wget -O config/config.sub 'https://git.savannah.gnu.org/cgit/config.git/plain/config.sub?id=7d3d27baf8107b630586c962c057e22149653deb'; \
+ \
+# https://git.alpinelinux.org/aports/tree/community/postgresql12/APKBUILD?h=3.18-stable&id=a470294e6d6ca7059e41c54769b7c3c26ec901d4#n158
+ export LLVM_CONFIG="/usr/lib/llvm15/bin/llvm-config"; \
+# https://git.alpinelinux.org/aports/tree/community/postgresql12/APKBUILD?h=3.18-stable&id=a470294e6d6ca7059e41c54769b7c3c26ec901d4#n163
+ export CLANG=clang-15; \
+ \
+# configure options taken from:
+# https://anonscm.debian.org/cgit/pkg-postgresql/postgresql.git/tree/debian/rules?h=9.5
+ ./configure \
+ --enable-option-checking=fatal \
+ --build="$gnuArch" \
+# "/usr/src/postgresql/src/backend/access/common/tupconvert.c:105: undefined reference to `libintl_gettext'"
+# --enable-nls \
+ --enable-integer-datetimes \
+ --enable-tap-tests \
+# skip debugging info -- we want tiny size instead
+# --enable-debug \
+ --disable-rpath \
+ --with-uuid=e2fs \
+ --with-pgport=5432 \
+ --with-system-tzdata=/usr/share/zoneinfo \
+ --prefix=/usr/local \
+ --with-includes=/usr/local/include \
+ --with-libraries=/usr/local/lib \
+ --with-gssapi \
+ --with-ldap \
+ --with-tcl \
+ --with-perl \
+ --with-python \
+# --with-pam \
+ --with-openssl \
+ --with-libxml \
+ --with-libxslt \
+ --with-icu \
+ --with-llvm \
+ --with-lz4 \
+ --with-zstd \
+ ; \
+ make -j "$(nproc)" all; \
+ make install; \
+ make -C contrib install; \
+ \
+ runDeps="$( \
+ scanelf --needed --nobanner --format '%n#p' --recursive /usr/local \
+ | tr ',' '\n' \
+ | sort -u \
+ | awk 'system("[ -e /usr/local/lib/" $1 " ]") == 0 { next } { print "so:" $1 }' \
+# Remove plperl, plpython and pltcl dependencies by default to save image size
+# To use the pl extensions, those have to be installed in a derived image
+ | grep -v -e perl -e python -e tcl \
+ )"; \
+ apk add --no-cache --virtual .postgresql-rundeps \
+ $runDeps \
+ bash \
+ su-exec \
+ tzdata \
+ zstd \
+# https://wiki.alpinelinux.org/wiki/Release_Notes_for_Alpine_3.16.0#ICU_data_split
+ icu-data-full \
+# nss_wrapper is not availble on ppc64le: "test case segfaults in ppc64le"
+# https://git.alpinelinux.org/aports/commit/testing/nss_wrapper/APKBUILD?h=3.17-stable&id=94d81ceeb58cff448d489bbcbe9a6d40c9991663
+ $([ "$(apk --print-arch)" != 'ppc64le' ] && echo 'nss_wrapper') \
+ ; \
+ apk del --no-network .build-deps; \
+ cd /; \
+ rm -rf \
+ /usr/src/postgresql \
+ /usr/local/share/doc \
+ /usr/local/share/man \
+ ; \
+ \
+ postgres --version
+
+# make the sample config easier to munge (and "correct by default")
+RUN set -eux; \
+ cp -v /usr/local/share/postgresql/postgresql.conf.sample /usr/local/share/postgresql/postgresql.conf.sample.orig; \
+ sed -ri "s!^#?(listen_addresses)\s*=\s*\S+.*!\1 = '*'!" /usr/local/share/postgresql/postgresql.conf.sample; \
+ grep -F "listen_addresses = '*'" /usr/local/share/postgresql/postgresql.conf.sample
+
+RUN mkdir -p /var/run/postgresql && chown -R postgres:postgres /var/run/postgresql && chmod 3777 /var/run/postgresql
+
+ENV PGDATA /var/lib/postgresql/data
+# this 1777 will be replaced by 0700 at runtime (allows semi-arbitrary "--user" values)
+RUN mkdir -p "$PGDATA" && chown -R postgres:postgres "$PGDATA" && chmod 1777 "$PGDATA"
+VOLUME /var/lib/postgresql/data
+
+COPY docker-entrypoint.sh docker-ensure-initdb.sh /usr/local/bin/
+RUN ln -sT docker-ensure-initdb.sh /usr/local/bin/docker-enforce-initdb.sh
+ENTRYPOINT ["docker-entrypoint.sh"]
+
+# We set the default STOPSIGNAL to SIGINT, which corresponds to what PostgreSQL
+# calls "Fast Shutdown mode" wherein new connections are disallowed and any
+# in-progress transactions are aborted, allowing PostgreSQL to stop cleanly and
+# flush tables to disk, which is the best compromise available to avoid data
+# corruption.
+#
+# Users who know their applications do not keep open long-lived idle connections
+# may way to use a value of SIGTERM instead, which corresponds to "Smart
+# Shutdown mode" in which any existing sessions are allowed to finish and the
+# server stops when all sessions are terminated.
+#
+# See https://www.postgresql.org/docs/12/server-shutdown.html for more details
+# about available PostgreSQL server shutdown signals.
+#
+# See also https://www.postgresql.org/docs/12/server-start.html for further
+# justification of this as the default value, namely that the example (and
+# shipped) systemd service files use the "Fast Shutdown mode" for service
+# termination.
+#
+STOPSIGNAL SIGINT
+#
+# An additional setting that is recommended for all users regardless of this
+# value is the runtime "--stop-timeout" (or your orchestrator/runtime's
+# equivalent) for controlling how long to wait between sending the defined
+# STOPSIGNAL and sending SIGKILL (which is likely to cause data corruption).
+#
+# The default in most runtimes (such as Docker) is 10 seconds, and the
+# documentation at https://www.postgresql.org/docs/12/server-start.html notes
+# that even 90 seconds may not be long enough in many instances.
+
+EXPOSE 5432
+CMD ["postgres"]
diff --git a/17/alpine3.20/docker-ensure-initdb.sh b/17/alpine3.20/docker-ensure-initdb.sh
new file mode 100755
index 0000000000..2a9758656e
--- /dev/null
+++ b/17/alpine3.20/docker-ensure-initdb.sh
@@ -0,0 +1,71 @@
+#!/usr/bin/env bash
+set -Eeuo pipefail
+
+#
+# This script is intended for three main use cases:
+#
+# 1. (most importantly) as an example of how to use "docker-entrypoint.sh" to extend/reuse the initialization behavior
+#
+# 2. ("docker-ensure-initdb.sh") as a Kubernetes "init container" to ensure the provided database directory is initialized; see also "startup probes" for an alternative solution
+# (no-op if database is already initialized)
+#
+# 3. ("docker-enforce-initdb.sh") as part of CI to ensure the database is fully initialized before use
+# (error if database is already initialized)
+#
+
+source /usr/local/bin/docker-entrypoint.sh
+
+# arguments to this script are assumed to be arguments to the "postgres" server (same as "docker-entrypoint.sh"), and most "docker-entrypoint.sh" functions assume "postgres" is the first argument (see "_main" over there)
+if [ "$#" -eq 0 ] || [ "$1" != 'postgres' ]; then
+ set -- postgres "$@"
+fi
+
+# see also "_main" in "docker-entrypoint.sh"
+
+docker_setup_env
+# setup data directories and permissions (when run as root)
+docker_create_db_directories
+if [ "$(id -u)" = '0' ]; then
+ # then restart script as postgres user
+ exec su-exec postgres "$BASH_SOURCE" "$@"
+fi
+
+# only run initialization on an empty data directory
+if [ -z "$DATABASE_ALREADY_EXISTS" ]; then
+ docker_verify_minimum_env
+
+ # check dir permissions to reduce likelihood of half-initialized database
+ ls /docker-entrypoint-initdb.d/ > /dev/null
+
+ docker_init_database_dir
+ pg_setup_hba_conf "$@"
+
+ # PGPASSWORD is required for psql when authentication is required for 'local' connections via pg_hba.conf and is otherwise harmless
+ # e.g. when '--auth=md5' or '--auth-local=md5' is used in POSTGRES_INITDB_ARGS
+ export PGPASSWORD="${PGPASSWORD:-$POSTGRES_PASSWORD}"
+ docker_temp_server_start "$@"
+
+ docker_setup_db
+ docker_process_init_files /docker-entrypoint-initdb.d/*
+
+ docker_temp_server_stop
+ unset PGPASSWORD
+else
+ self="$(basename "$0")"
+ case "$self" in
+ docker-ensure-initdb.sh)
+ echo >&2 "$self: note: database already initialized in '$PGDATA'!"
+ exit 0
+ ;;
+
+ docker-enforce-initdb.sh)
+ echo >&2 "$self: error: (unexpected) database found in '$PGDATA'!"
+ exit 1
+ ;;
+
+ *)
+ echo >&2 "$self: error: unknown file name: $self"
+ exit 99
+ ;;
+ esac
+fi
diff --git a/17/alpine3.20/docker-entrypoint.sh b/17/alpine3.20/docker-entrypoint.sh
new file mode 100755
index 0000000000..8163d10401
--- /dev/null
+++ b/17/alpine3.20/docker-entrypoint.sh
@@ -0,0 +1,356 @@
+#!/usr/bin/env bash
+set -Eeo pipefail
+# TODO swap to -Eeuo pipefail above (after handling all potentially-unset variables)
+
+# usage: file_env VAR [DEFAULT]
+# ie: file_env 'XYZ_DB_PASSWORD' 'example'
+# (will allow for "$XYZ_DB_PASSWORD_FILE" to fill in the value of
+# "$XYZ_DB_PASSWORD" from a file, especially for Docker's secrets feature)
+file_env() {
+ local var="$1"
+ local fileVar="${var}_FILE"
+ local def="${2:-}"
+ if [ "${!var:-}" ] && [ "${!fileVar:-}" ]; then
+ printf >&2 'error: both %s and %s are set (but are exclusive)\n' "$var" "$fileVar"
+ exit 1
+ fi
+ local val="$def"
+ if [ "${!var:-}" ]; then
+ val="${!var}"
+ elif [ "${!fileVar:-}" ]; then
+ val="$(< "${!fileVar}")"
+ fi
+ export "$var"="$val"
+ unset "$fileVar"
+}
+
+# check to see if this file is being run or sourced from another script
+_is_sourced() {
+ # https://unix.stackexchange.com/a/215279
+ [ "${#FUNCNAME[@]}" -ge 2 ] \
+ && [ "${FUNCNAME[0]}" = '_is_sourced' ] \
+ && [ "${FUNCNAME[1]}" = 'source' ]
+}
+
+# used to create initial postgres directories and if run as root, ensure ownership to the "postgres" user
+docker_create_db_directories() {
+ local user; user="$(id -u)"
+
+ mkdir -p "$PGDATA"
+ # ignore failure since there are cases where we can't chmod (and PostgreSQL might fail later anyhow - it's picky about permissions of this directory)
+ chmod 00700 "$PGDATA" || :
+
+ # ignore failure since it will be fine when using the image provided directory; see also https://github.com/docker-library/postgres/pull/289
+ mkdir -p /var/run/postgresql || :
+ chmod 03775 /var/run/postgresql || :
+
+ # Create the transaction log directory before initdb is run so the directory is owned by the correct user
+ if [ -n "${POSTGRES_INITDB_WALDIR:-}" ]; then
+ mkdir -p "$POSTGRES_INITDB_WALDIR"
+ if [ "$user" = '0' ]; then
+ find "$POSTGRES_INITDB_WALDIR" \! -user postgres -exec chown postgres '{}' +
+ fi
+ chmod 700 "$POSTGRES_INITDB_WALDIR"
+ fi
+
+ # allow the container to be started with `--user`
+ if [ "$user" = '0' ]; then
+ find "$PGDATA" \! -user postgres -exec chown postgres '{}' +
+ find /var/run/postgresql \! -user postgres -exec chown postgres '{}' +
+ fi
+}
+
+# initialize empty PGDATA directory with new database via 'initdb'
+# arguments to `initdb` can be passed via POSTGRES_INITDB_ARGS or as arguments to this function
+# `initdb` automatically creates the "postgres", "template0", and "template1" dbnames
+# this is also where the database user is created, specified by `POSTGRES_USER` env
+docker_init_database_dir() {
+ # "initdb" is particular about the current user existing in "/etc/passwd", so we use "nss_wrapper" to fake that if necessary
+ # see https://github.com/docker-library/postgres/pull/253, https://github.com/docker-library/postgres/issues/359, https://cwrap.org/nss_wrapper.html
+ local uid; uid="$(id -u)"
+ if ! getent passwd "$uid" &> /dev/null; then
+ # see if we can find a suitable "libnss_wrapper.so" (https://salsa.debian.org/sssd-team/nss-wrapper/-/commit/b9925a653a54e24d09d9b498a2d913729f7abb15)
+ local wrapper
+ for wrapper in {/usr,}/lib{/*,}/libnss_wrapper.so; do
+ if [ -s "$wrapper" ]; then
+ NSS_WRAPPER_PASSWD="$(mktemp)"
+ NSS_WRAPPER_GROUP="$(mktemp)"
+ export LD_PRELOAD="$wrapper" NSS_WRAPPER_PASSWD NSS_WRAPPER_GROUP
+ local gid; gid="$(id -g)"
+ printf 'postgres:x:%s:%s:PostgreSQL:%s:/bin/false\n' "$uid" "$gid" "$PGDATA" > "$NSS_WRAPPER_PASSWD"
+ printf 'postgres:x:%s:\n' "$gid" > "$NSS_WRAPPER_GROUP"
+ break
+ fi
+ done
+ fi
+
+ if [ -n "${POSTGRES_INITDB_WALDIR:-}" ]; then
+ set -- --waldir "$POSTGRES_INITDB_WALDIR" "$@"
+ fi
+
+ # --pwfile refuses to handle a properly-empty file (hence the "\n"): https://github.com/docker-library/postgres/issues/1025
+ eval 'initdb --username="$POSTGRES_USER" --pwfile=<(printf "%s\n" "$POSTGRES_PASSWORD") '"$POSTGRES_INITDB_ARGS"' "$@"'
+
+ # unset/cleanup "nss_wrapper" bits
+ if [[ "${LD_PRELOAD:-}" == */libnss_wrapper.so ]]; then
+ rm -f "$NSS_WRAPPER_PASSWD" "$NSS_WRAPPER_GROUP"
+ unset LD_PRELOAD NSS_WRAPPER_PASSWD NSS_WRAPPER_GROUP
+ fi
+}
+
+# print large warning if POSTGRES_PASSWORD is long
+# error if both POSTGRES_PASSWORD is empty and POSTGRES_HOST_AUTH_METHOD is not 'trust'
+# print large warning if POSTGRES_HOST_AUTH_METHOD is set to 'trust'
+# assumes database is not set up, ie: [ -z "$DATABASE_ALREADY_EXISTS" ]
+docker_verify_minimum_env() {
+ case "${PG_MAJOR:-}" in
+ 12 | 13) # https://github.com/postgres/postgres/commit/67a472d71c98c3d2fa322a1b4013080b20720b98
+ # check password first so we can output the warning before postgres
+ # messes it up
+ if [ "${#POSTGRES_PASSWORD}" -ge 100 ]; then
+ cat >&2 <<-'EOWARN'
+
+ WARNING: The supplied POSTGRES_PASSWORD is 100+ characters.
+
+ This will not work if used via PGPASSWORD with "psql".
+
+ https://www.postgresql.org/message-id/flat/E1Rqxp2-0004Qt-PL%40wrigleys.postgresql.org (BUG #6412)
+ https://github.com/docker-library/postgres/issues/507
+
+ EOWARN
+ fi
+ ;;
+ esac
+ if [ -z "$POSTGRES_PASSWORD" ] && [ 'trust' != "$POSTGRES_HOST_AUTH_METHOD" ]; then
+ # The - option suppresses leading tabs but *not* spaces. :)
+ cat >&2 <<-'EOE'
+ Error: Database is uninitialized and superuser password is not specified.
+ You must specify POSTGRES_PASSWORD to a non-empty value for the
+ superuser. For example, "-e POSTGRES_PASSWORD=password" on "docker run".
+
+ You may also use "POSTGRES_HOST_AUTH_METHOD=trust" to allow all
+ connections without a password. This is *not* recommended.
+
+ See PostgreSQL documentation about "trust":
+ https://www.postgresql.org/docs/current/auth-trust.html
+ EOE
+ exit 1
+ fi
+ if [ 'trust' = "$POSTGRES_HOST_AUTH_METHOD" ]; then
+ cat >&2 <<-'EOWARN'
+ ********************************************************************************
+ WARNING: POSTGRES_HOST_AUTH_METHOD has been set to "trust". This will allow
+ anyone with access to the Postgres port to access your database without
+ a password, even if POSTGRES_PASSWORD is set. See PostgreSQL
+ documentation about "trust":
+ https://www.postgresql.org/docs/current/auth-trust.html
+ In Docker's default configuration, this is effectively any other
+ container on the same system.
+
+ It is not recommended to use POSTGRES_HOST_AUTH_METHOD=trust. Replace
+ it with "-e POSTGRES_PASSWORD=password" instead to set a password in
+ "docker run".
+ ********************************************************************************
+ EOWARN
+ fi
+}
+
+# usage: docker_process_init_files [file [file [...]]]
+# ie: docker_process_init_files /always-initdb.d/*
+# process initializer files, based on file extensions and permissions
+docker_process_init_files() {
+ # psql here for backwards compatibility "${psql[@]}"
+ psql=( docker_process_sql )
+
+ printf '\n'
+ local f
+ for f; do
+ case "$f" in
+ *.sh)
+ # https://github.com/docker-library/postgres/issues/450#issuecomment-393167936
+ # https://github.com/docker-library/postgres/pull/452
+ if [ -x "$f" ]; then
+ printf '%s: running %s\n' "$0" "$f"
+ "$f"
+ else
+ printf '%s: sourcing %s\n' "$0" "$f"
+ . "$f"
+ fi
+ ;;
+ *.sql) printf '%s: running %s\n' "$0" "$f"; docker_process_sql -f "$f"; printf '\n' ;;
+ *.sql.gz) printf '%s: running %s\n' "$0" "$f"; gunzip -c "$f" | docker_process_sql; printf '\n' ;;
+ *.sql.xz) printf '%s: running %s\n' "$0" "$f"; xzcat "$f" | docker_process_sql; printf '\n' ;;
+ *.sql.zst) printf '%s: running %s\n' "$0" "$f"; zstd -dc "$f" | docker_process_sql; printf '\n' ;;
+ *) printf '%s: ignoring %s\n' "$0" "$f" ;;
+ esac
+ printf '\n'
+ done
+}
+
+# Execute sql script, passed via stdin (or -f flag of pqsl)
+# usage: docker_process_sql [psql-cli-args]
+# ie: docker_process_sql --dbname=mydb <<<'INSERT ...'
+# ie: docker_process_sql -f my-file.sql
+# ie: docker_process_sql <my-file.sql
+docker_process_sql() {
+ local query_runner=( psql -v ON_ERROR_STOP=1 --username "$POSTGRES_USER" --no-password --no-psqlrc )
+ if [ -n "$POSTGRES_DB" ]; then
+ query_runner+=( --dbname "$POSTGRES_DB" )
+ fi
+
+ PGHOST= PGHOSTADDR= "${query_runner[@]}" "$@"
+}
+
+# create initial database
+# uses environment variables for input: POSTGRES_DB
+docker_setup_db() {
+ local dbAlreadyExists
+ dbAlreadyExists="$(
+ POSTGRES_DB= docker_process_sql --dbname postgres --set db="$POSTGRES_DB" --tuples-only <<-'EOSQL'
+ SELECT 1 FROM pg_database WHERE datname = :'db' ;
+ EOSQL
+ )"
+ if [ -z "$dbAlreadyExists" ]; then
+ POSTGRES_DB= docker_process_sql --dbname postgres --set db="$POSTGRES_DB" <<-'EOSQL'
+ CREATE DATABASE :"db" ;
+ EOSQL
+ printf '\n'
+ fi
+}
+
+# Loads various settings that are used elsewhere in the script
+# This should be called before any other functions
+docker_setup_env() {
+ file_env 'POSTGRES_PASSWORD'
+
+ file_env 'POSTGRES_USER' 'postgres'
+ file_env 'POSTGRES_DB' "$POSTGRES_USER"
+ file_env 'POSTGRES_INITDB_ARGS'
+ : "${POSTGRES_HOST_AUTH_METHOD:=}"
+
+ declare -g DATABASE_ALREADY_EXISTS
+ : "${DATABASE_ALREADY_EXISTS:=}"
+ # look specifically for PG_VERSION, as it is expected in the DB dir
+ if [ -s "$PGDATA/PG_VERSION" ]; then
+ DATABASE_ALREADY_EXISTS='true'
+ fi
+}
+
+# append POSTGRES_HOST_AUTH_METHOD to pg_hba.conf for "host" connections
+# all arguments will be passed along as arguments to `postgres` for getting the value of 'password_encryption'
+pg_setup_hba_conf() {
+ # default authentication method is md5 on versions before 14
+ # https://www.postgresql.org/about/news/postgresql-14-released-2318/
+ if [ "$1" = 'postgres' ]; then
+ shift
+ fi
+ local auth
+ # check the default/configured encryption and use that as the auth method
+ auth="$(postgres -C password_encryption "$@")"
+ : "${POSTGRES_HOST_AUTH_METHOD:=$auth}"
+ {
+ printf '\n'
+ if [ 'trust' = "$POSTGRES_HOST_AUTH_METHOD" ]; then
+ printf '# warning trust is enabled for all connections\n'
+ printf '# see https://www.postgresql.org/docs/12/auth-trust.html\n'
+ fi
+ printf 'host all all all %s\n' "$POSTGRES_HOST_AUTH_METHOD"
+ } >> "$PGDATA/pg_hba.conf"
+}
+
+# start socket-only postgresql server for setting up or running scripts
+# all arguments will be passed along as arguments to `postgres` (via pg_ctl)
+docker_temp_server_start() {
+ if [ "$1" = 'postgres' ]; then
+ shift
+ fi
+
+ # internal start of server in order to allow setup using psql client
+ # does not listen on external TCP/IP and waits until start finishes
+ set -- "$@" -c listen_addresses='' -p "${PGPORT:-5432}"
+
+ PGUSER="${PGUSER:-$POSTGRES_USER}" \
+ pg_ctl -D "$PGDATA" \
+ -o "$(printf '%q ' "$@")" \
+ -w start
+}
+
+# stop postgresql server after done setting up user and running scripts
+docker_temp_server_stop() {
+ PGUSER="${PGUSER:-postgres}" \
+ pg_ctl -D "$PGDATA" -m fast -w stop
+}
+
+# check arguments for an option that would cause postgres to stop
+# return true if there is one
+_pg_want_help() {
+ local arg
+ for arg; do
+ case "$arg" in
+ # postgres --help | grep 'then exit'
+ # leaving out -C on purpose since it always fails and is unhelpful:
+ # postgres: could not access the server configuration file "/var/lib/postgresql/data/postgresql.conf": No such file or directory
+ -'?'|--help|--describe-config|-V|--version)
+ return 0
+ ;;
+ esac
+ done
+ return 1
+}
+
+_main() {
+ # if first arg looks like a flag, assume we want to run postgres server
+ if [ "${1:0:1}" = '-' ]; then
+ set -- postgres "$@"
+ fi
+
+ if [ "$1" = 'postgres' ] && ! _pg_want_help "$@"; then
+ docker_setup_env
+ # setup data directories and permissions (when run as root)
+ docker_create_db_directories
+ if [ "$(id -u)" = '0' ]; then
+ # then restart script as postgres user
+ exec su-exec postgres "$BASH_SOURCE" "$@"
+ fi
+
+ # only run initialization on an empty data directory
+ if [ -z "$DATABASE_ALREADY_EXISTS" ]; then
+ docker_verify_minimum_env
+
+ # check dir permissions to reduce likelihood of half-initialized database
+ ls /docker-entrypoint-initdb.d/ > /dev/null
+
+ docker_init_database_dir
+ pg_setup_hba_conf "$@"
+
+ # PGPASSWORD is required for psql when authentication is required for 'local' connections via pg_hba.conf and is otherwise harmless
+ # e.g. when '--auth=md5' or '--auth-local=md5' is used in POSTGRES_INITDB_ARGS
+ export PGPASSWORD="${PGPASSWORD:-$POSTGRES_PASSWORD}"
+ docker_temp_server_start "$@"
+
+ docker_setup_db
+ docker_process_init_files /docker-entrypoint-initdb.d/*
+
+ docker_temp_server_stop
+ unset PGPASSWORD
+
+ cat <<-'EOM'
+
+ PostgreSQL init process complete; ready for start up.
+
+ EOM
+ else
+ cat <<-'EOM'
+
+ PostgreSQL Database directory appears to contain a database; Skipping initialization
+
+ EOM
+ fi
+ fi
+
+ exec "$@"
+}
+
+if ! _is_sourced; then
+ _main "$@"
+fi
diff --git a/17/bookworm/Dockerfile b/17/bookworm/Dockerfile
new file mode 100644
index 0000000000..8bf86b6c85
--- /dev/null
+++ b/17/bookworm/Dockerfile
@@ -0,0 +1,226 @@
+#
+# NOTE: THIS DOCKERFILE IS GENERATED VIA "apply-templates.sh"
+#
+# PLEASE DO NOT EDIT IT DIRECTLY.
+#
+
+FROM debian:bookworm-slim
+
+# explicitly set user/group IDs
+RUN set -eux; \
+ groupadd -r postgres --gid=999; \
+# https://salsa.debian.org/postgresql/postgresql-common/blob/997d842ee744687d99a2b2d95c1083a2615c79e8/debian/postgresql-common.postinst#L32-35
+ useradd -r -g postgres --uid=999 --home-dir=/var/lib/postgresql --shell=/bin/bash postgres; \
+# also create the postgres user's home directory with appropriate permissions
+# see https://github.com/docker-library/postgres/issues/274
+ mkdir -p /var/lib/postgresql; \
+ chown -R postgres:postgres /var/lib/postgresql
+
+RUN set -ex; \
+ apt-get update; \
+ apt-get install -y --no-install-recommends \
+ gnupg \
+# https://www.postgresql.org/docs/16/app-psql.html#APP-PSQL-META-COMMAND-PSET-PAGER
+# https://github.com/postgres/postgres/blob/REL_16_1/src/include/fe_utils/print.h#L25
+# (if "less" is available, it gets used as the default pager for psql, and it only adds ~1.5MiB to our image size)
+ less \
+ ; \
+ rm -rf /var/lib/apt/lists/*
+
+# grab gosu for easy step-down from root
+# https://github.com/tianon/gosu/releases
+ENV GOSU_VERSION 1.17
+RUN set -eux; \
+ savedAptMark="$(apt-mark showmanual)"; \
+ apt-get update; \
+ apt-get install -y --no-install-recommends ca-certificates wget; \
+ rm -rf /var/lib/apt/lists/*; \
+ dpkgArch="$(dpkg --print-architecture | awk -F- '{ print $NF }')"; \
+ wget -O /usr/local/bin/gosu "https://github.com/tianon/gosu/releases/download/$GOSU_VERSION/gosu-$dpkgArch"; \
+ wget -O /usr/local/bin/gosu.asc "https://github.com/tianon/gosu/releases/download/$GOSU_VERSION/gosu-$dpkgArch.asc"; \
+ export GNUPGHOME="$(mktemp -d)"; \
+ gpg --batch --keyserver hkps://keys.openpgp.org --recv-keys B42F6819007F00F88E364FD4036A9C25BF357DD4; \
+ gpg --batch --verify /usr/local/bin/gosu.asc /usr/local/bin/gosu; \
+ gpgconf --kill all; \
+ rm -rf "$GNUPGHOME" /usr/local/bin/gosu.asc; \
+ apt-mark auto '.*' > /dev/null; \
+ [ -z "$savedAptMark" ] || apt-mark manual $savedAptMark > /dev/null; \
+ apt-get purge -y --auto-remove -o APT::AutoRemove::RecommendsImportant=false; \
+ chmod +x /usr/local/bin/gosu; \
+ gosu --version; \
+ gosu nobody true
+
+# make the "en_US.UTF-8" locale so postgres will be utf-8 enabled by default
+RUN set -eux; \
+ if [ -f /etc/dpkg/dpkg.cfg.d/docker ]; then \
+# if this file exists, we're likely in "debian:xxx-slim", and locales are thus being excluded so we need to remove that exclusion (since we need locales)
+ grep -q '/usr/share/locale' /etc/dpkg/dpkg.cfg.d/docker; \
+ sed -ri '/\/usr\/share\/locale/d' /etc/dpkg/dpkg.cfg.d/docker; \
+ ! grep -q '/usr/share/locale' /etc/dpkg/dpkg.cfg.d/docker; \
+ fi; \
+ apt-get update; apt-get install -y --no-install-recommends locales; rm -rf /var/lib/apt/lists/*; \
+ echo 'en_US.UTF-8 UTF-8' >> /etc/locale.gen; \
+ locale-gen; \
+ locale -a | grep 'en_US.utf8'
+ENV LANG en_US.utf8
+
+RUN set -eux; \
+ apt-get update; \
+ apt-get install -y --no-install-recommends \
+ libnss-wrapper \
+ xz-utils \
+ zstd \
+ ; \
+ rm -rf /var/lib/apt/lists/*
+
+RUN mkdir /docker-entrypoint-initdb.d
+
+RUN set -ex; \
+# pub 4096R/ACCC4CF8 2011-10-13 [expires: 2019-07-02]
+# Key fingerprint = B97B 0AFC AA1A 47F0 44F2 44A0 7FCC 7D46 ACCC 4CF8
+# uid PostgreSQL Debian Repository
+ key='B97B0AFCAA1A47F044F244A07FCC7D46ACCC4CF8'; \
+ export GNUPGHOME="$(mktemp -d)"; \
+ mkdir -p /usr/local/share/keyrings/; \
+ gpg --batch --keyserver keyserver.ubuntu.com --recv-keys "$key"; \
+ gpg --batch --export --armor "$key" > /usr/local/share/keyrings/postgres.gpg.asc; \
+ gpgconf --kill all; \
+ rm -rf "$GNUPGHOME"
+
+ENV PG_MAJOR 17
+ENV PATH $PATH:/usr/lib/postgresql/$PG_MAJOR/bin
+
+ENV PG_VERSION 17~beta1-1.pgdg120+1
+
+RUN set -ex; \
+ \
+# see note below about "*.pyc" files
+ export PYTHONDONTWRITEBYTECODE=1; \
+ \
+ dpkgArch="$(dpkg --print-architecture)"; \
+ aptRepo="[ signed-by=/usr/local/share/keyrings/postgres.gpg.asc ] http://apt.postgresql.org/pub/repos/apt/ bookworm-pgdg main $PG_MAJOR"; \
+ case "$dpkgArch" in \
+ amd64 | arm64 | ppc64el | s390x) \
+# arches officialy built by upstream
+ echo "deb $aptRepo" > /etc/apt/sources.list.d/pgdg.list; \
+ apt-get update; \
+ ;; \
+ *) \
+# we're on an architecture upstream doesn't officially build for
+# let's build binaries from their published source packages
+ echo "deb-src $aptRepo" > /etc/apt/sources.list.d/pgdg.list; \
+ \
+ savedAptMark="$(apt-mark showmanual)"; \
+ \
+ tempDir="$(mktemp -d)"; \
+ cd "$tempDir"; \
+ \
+# create a temporary local APT repo to install from (so that dependency resolution can be handled by APT, as it should be)
+ apt-get update; \
+ apt-get install -y --no-install-recommends dpkg-dev; \
+ echo "deb [ trusted=yes ] file://$tempDir ./" > /etc/apt/sources.list.d/temp.list; \
+ _update_repo() { \
+ dpkg-scanpackages . > Packages; \
+# work around the following APT issue by using "Acquire::GzipIndexes=false" (overriding "/etc/apt/apt.conf.d/docker-gzip-indexes")
+# Could not open file /var/lib/apt/lists/partial/_tmp_tmp.ODWljpQfkE_._Packages - open (13: Permission denied)
+# ...
+# E: Failed to fetch store:/var/lib/apt/lists/partial/_tmp_tmp.ODWljpQfkE_._Packages Could not open file /var/lib/apt/lists/partial/_tmp_tmp.ODWljpQfkE_._Packages - open (13: Permission denied)
+ apt-get -o Acquire::GzipIndexes=false update; \
+ }; \
+ _update_repo; \
+ \
+# build .deb files from upstream's source packages (which are verified by apt-get)
+ nproc="$(nproc)"; \
+ export DEB_BUILD_OPTIONS="nocheck parallel=$nproc"; \
+# we have to build postgresql-common first because postgresql-$PG_MAJOR shares "debian/rules" logic with it: https://salsa.debian.org/postgresql/postgresql/-/commit/99f44476e258cae6bf9e919219fa2c5414fa2876
+# (and it "Depends: pgdg-keyring")
+ apt-get build-dep -y postgresql-common pgdg-keyring; \
+ apt-get source --compile postgresql-common pgdg-keyring; \
+ _update_repo; \
+ apt-get build-dep -y "postgresql-$PG_MAJOR=$PG_VERSION"; \
+ apt-get source --compile "postgresql-$PG_MAJOR=$PG_VERSION"; \
+ \
+# we don't remove APT lists here because they get re-downloaded and removed later
+ \
+# reset apt-mark's "manual" list so that "purge --auto-remove" will remove all build dependencies
+# (which is done after we install the built packages so we don't have to redownload any overlapping dependencies)
+ apt-mark showmanual | xargs apt-mark auto > /dev/null; \
+ apt-mark manual $savedAptMark; \
+ \
+ ls -lAFh; \
+ _update_repo; \
+ grep '^Package: ' Packages; \
+ cd /; \
+ ;; \
+ esac; \
+ \
+ apt-get install -y --no-install-recommends postgresql-common; \
+ sed -ri 's/#(create_main_cluster) .*$/\1 = false/' /etc/postgresql-common/createcluster.conf; \
+ apt-get install -y --no-install-recommends \
+ "postgresql-$PG_MAJOR=$PG_VERSION" \
+ ; \
+ \
+ rm -rf /var/lib/apt/lists/*; \
+ \
+ if [ -n "$tempDir" ]; then \
+# if we have leftovers from building, let's purge them (including extra, unnecessary build deps)
+ apt-get purge -y --auto-remove; \
+ rm -rf "$tempDir" /etc/apt/sources.list.d/temp.list; \
+ fi; \
+ \
+# some of the steps above generate a lot of "*.pyc" files (and setting "PYTHONDONTWRITEBYTECODE" beforehand doesn't propagate properly for some reason), so we clean them up manually (as long as they aren't owned by a package)
+ find /usr -name '*.pyc' -type f -exec bash -c 'for pyc; do dpkg -S "$pyc" &> /dev/null || rm -vf "$pyc"; done' -- '{}' +; \
+ \
+ postgres --version
+
+# make the sample config easier to munge (and "correct by default")
+RUN set -eux; \
+ dpkg-divert --add --rename --divert "/usr/share/postgresql/postgresql.conf.sample.dpkg" "/usr/share/postgresql/$PG_MAJOR/postgresql.conf.sample"; \
+ cp -v /usr/share/postgresql/postgresql.conf.sample.dpkg /usr/share/postgresql/postgresql.conf.sample; \
+ ln -sv ../postgresql.conf.sample "/usr/share/postgresql/$PG_MAJOR/"; \
+ sed -ri "s!^#?(listen_addresses)\s*=\s*\S+.*!\1 = '*'!" /usr/share/postgresql/postgresql.conf.sample; \
+ grep -F "listen_addresses = '*'" /usr/share/postgresql/postgresql.conf.sample
+
+RUN mkdir -p /var/run/postgresql && chown -R postgres:postgres /var/run/postgresql && chmod 3777 /var/run/postgresql
+
+ENV PGDATA /var/lib/postgresql/data
+# this 1777 will be replaced by 0700 at runtime (allows semi-arbitrary "--user" values)
+RUN mkdir -p "$PGDATA" && chown -R postgres:postgres "$PGDATA" && chmod 1777 "$PGDATA"
+VOLUME /var/lib/postgresql/data
+
+COPY docker-entrypoint.sh docker-ensure-initdb.sh /usr/local/bin/
+RUN ln -sT docker-ensure-initdb.sh /usr/local/bin/docker-enforce-initdb.sh
+ENTRYPOINT ["docker-entrypoint.sh"]
+
+# We set the default STOPSIGNAL to SIGINT, which corresponds to what PostgreSQL
+# calls "Fast Shutdown mode" wherein new connections are disallowed and any
+# in-progress transactions are aborted, allowing PostgreSQL to stop cleanly and
+# flush tables to disk, which is the best compromise available to avoid data
+# corruption.
+#
+# Users who know their applications do not keep open long-lived idle connections
+# may way to use a value of SIGTERM instead, which corresponds to "Smart
+# Shutdown mode" in which any existing sessions are allowed to finish and the
+# server stops when all sessions are terminated.
+#
+# See https://www.postgresql.org/docs/12/server-shutdown.html for more details
+# about available PostgreSQL server shutdown signals.
+#
+# See also https://www.postgresql.org/docs/12/server-start.html for further
+# justification of this as the default value, namely that the example (and
+# shipped) systemd service files use the "Fast Shutdown mode" for service
+# termination.
+#
+STOPSIGNAL SIGINT
+#
+# An additional setting that is recommended for all users regardless of this
+# value is the runtime "--stop-timeout" (or your orchestrator/runtime's
+# equivalent) for controlling how long to wait between sending the defined
+# STOPSIGNAL and sending SIGKILL (which is likely to cause data corruption).
+#
+# The default in most runtimes (such as Docker) is 10 seconds, and the
+# documentation at https://www.postgresql.org/docs/12/server-start.html notes
+# that even 90 seconds may not be long enough in many instances.
+
+EXPOSE 5432
+CMD ["postgres"]
diff --git a/17/bookworm/docker-ensure-initdb.sh b/17/bookworm/docker-ensure-initdb.sh
new file mode 100755
index 0000000000..ae1f6b6b90
--- /dev/null
+++ b/17/bookworm/docker-ensure-initdb.sh
@@ -0,0 +1,71 @@
+#!/usr/bin/env bash
+set -Eeuo pipefail
+
+#
+# This script is intended for three main use cases:
+#
+# 1. (most importantly) as an example of how to use "docker-entrypoint.sh" to extend/reuse the initialization behavior
+#
+# 2. ("docker-ensure-initdb.sh") as a Kubernetes "init container" to ensure the provided database directory is initialized; see also "startup probes" for an alternative solution
+# (no-op if database is already initialized)
+#
+# 3. ("docker-enforce-initdb.sh") as part of CI to ensure the database is fully initialized before use
+# (error if database is already initialized)
+#
+
+source /usr/local/bin/docker-entrypoint.sh
+
+# arguments to this script are assumed to be arguments to the "postgres" server (same as "docker-entrypoint.sh"), and most "docker-entrypoint.sh" functions assume "postgres" is the first argument (see "_main" over there)
+if [ "$#" -eq 0 ] || [ "$1" != 'postgres' ]; then
+ set -- postgres "$@"
+fi
+
+# see also "_main" in "docker-entrypoint.sh"
+
+docker_setup_env
+# setup data directories and permissions (when run as root)
+docker_create_db_directories
+if [ "$(id -u)" = '0' ]; then
+ # then restart script as postgres user
+ exec gosu postgres "$BASH_SOURCE" "$@"
+fi
+
+# only run initialization on an empty data directory
+if [ -z "$DATABASE_ALREADY_EXISTS" ]; then
+ docker_verify_minimum_env
+
+ # check dir permissions to reduce likelihood of half-initialized database
+ ls /docker-entrypoint-initdb.d/ > /dev/null
+
+ docker_init_database_dir
+ pg_setup_hba_conf "$@"
+
+ # PGPASSWORD is required for psql when authentication is required for 'local' connections via pg_hba.conf and is otherwise harmless
+ # e.g. when '--auth=md5' or '--auth-local=md5' is used in POSTGRES_INITDB_ARGS
+ export PGPASSWORD="${PGPASSWORD:-$POSTGRES_PASSWORD}"
+ docker_temp_server_start "$@"
+
+ docker_setup_db
+ docker_process_init_files /docker-entrypoint-initdb.d/*
+
+ docker_temp_server_stop
+ unset PGPASSWORD
+else
+ self="$(basename "$0")"
+ case "$self" in
+ docker-ensure-initdb.sh)
+ echo >&2 "$self: note: database already initialized in '$PGDATA'!"
+ exit 0
+ ;;
+
+ docker-enforce-initdb.sh)
+ echo >&2 "$self: error: (unexpected) database found in '$PGDATA'!"
+ exit 1
+ ;;
+
+ *)
+ echo >&2 "$self: error: unknown file name: $self"
+ exit 99
+ ;;
+ esac
+fi
diff --git a/17/bookworm/docker-entrypoint.sh b/17/bookworm/docker-entrypoint.sh
new file mode 100755
index 0000000000..6f59993e08
--- /dev/null
+++ b/17/bookworm/docker-entrypoint.sh
@@ -0,0 +1,356 @@
+#!/usr/bin/env bash
+set -Eeo pipefail
+# TODO swap to -Eeuo pipefail above (after handling all potentially-unset variables)
+
+# usage: file_env VAR [DEFAULT]
+# ie: file_env 'XYZ_DB_PASSWORD' 'example'
+# (will allow for "$XYZ_DB_PASSWORD_FILE" to fill in the value of
+# "$XYZ_DB_PASSWORD" from a file, especially for Docker's secrets feature)
+file_env() {
+ local var="$1"
+ local fileVar="${var}_FILE"
+ local def="${2:-}"
+ if [ "${!var:-}" ] && [ "${!fileVar:-}" ]; then
+ printf >&2 'error: both %s and %s are set (but are exclusive)\n' "$var" "$fileVar"
+ exit 1
+ fi
+ local val="$def"
+ if [ "${!var:-}" ]; then
+ val="${!var}"
+ elif [ "${!fileVar:-}" ]; then
+ val="$(< "${!fileVar}")"
+ fi
+ export "$var"="$val"
+ unset "$fileVar"
+}
+
+# check to see if this file is being run or sourced from another script
+_is_sourced() {
+ # https://unix.stackexchange.com/a/215279
+ [ "${#FUNCNAME[@]}" -ge 2 ] \
+ && [ "${FUNCNAME[0]}" = '_is_sourced' ] \
+ && [ "${FUNCNAME[1]}" = 'source' ]
+}
+
+# used to create initial postgres directories and if run as root, ensure ownership to the "postgres" user
+docker_create_db_directories() {
+ local user; user="$(id -u)"
+
+ mkdir -p "$PGDATA"
+ # ignore failure since there are cases where we can't chmod (and PostgreSQL might fail later anyhow - it's picky about permissions of this directory)
+ chmod 00700 "$PGDATA" || :
+
+ # ignore failure since it will be fine when using the image provided directory; see also https://github.com/docker-library/postgres/pull/289
+ mkdir -p /var/run/postgresql || :
+ chmod 03775 /var/run/postgresql || :
+
+ # Create the transaction log directory before initdb is run so the directory is owned by the correct user
+ if [ -n "${POSTGRES_INITDB_WALDIR:-}" ]; then
+ mkdir -p "$POSTGRES_INITDB_WALDIR"
+ if [ "$user" = '0' ]; then
+ find "$POSTGRES_INITDB_WALDIR" \! -user postgres -exec chown postgres '{}' +
+ fi
+ chmod 700 "$POSTGRES_INITDB_WALDIR"
+ fi
+
+ # allow the container to be started with `--user`
+ if [ "$user" = '0' ]; then
+ find "$PGDATA" \! -user postgres -exec chown postgres '{}' +
+ find /var/run/postgresql \! -user postgres -exec chown postgres '{}' +
+ fi
+}
+
+# initialize empty PGDATA directory with new database via 'initdb'
+# arguments to `initdb` can be passed via POSTGRES_INITDB_ARGS or as arguments to this function
+# `initdb` automatically creates the "postgres", "template0", and "template1" dbnames
+# this is also where the database user is created, specified by `POSTGRES_USER` env
+docker_init_database_dir() {
+ # "initdb" is particular about the current user existing in "/etc/passwd", so we use "nss_wrapper" to fake that if necessary
+ # see https://github.com/docker-library/postgres/pull/253, https://github.com/docker-library/postgres/issues/359, https://cwrap.org/nss_wrapper.html
+ local uid; uid="$(id -u)"
+ if ! getent passwd "$uid" &> /dev/null; then
+ # see if we can find a suitable "libnss_wrapper.so" (https://salsa.debian.org/sssd-team/nss-wrapper/-/commit/b9925a653a54e24d09d9b498a2d913729f7abb15)
+ local wrapper
+ for wrapper in {/usr,}/lib{/*,}/libnss_wrapper.so; do
+ if [ -s "$wrapper" ]; then
+ NSS_WRAPPER_PASSWD="$(mktemp)"
+ NSS_WRAPPER_GROUP="$(mktemp)"
+ export LD_PRELOAD="$wrapper" NSS_WRAPPER_PASSWD NSS_WRAPPER_GROUP
+ local gid; gid="$(id -g)"
+ printf 'postgres:x:%s:%s:PostgreSQL:%s:/bin/false\n' "$uid" "$gid" "$PGDATA" > "$NSS_WRAPPER_PASSWD"
+ printf 'postgres:x:%s:\n' "$gid" > "$NSS_WRAPPER_GROUP"
+ break
+ fi
+ done
+ fi
+
+ if [ -n "${POSTGRES_INITDB_WALDIR:-}" ]; then
+ set -- --waldir "$POSTGRES_INITDB_WALDIR" "$@"
+ fi
+
+ # --pwfile refuses to handle a properly-empty file (hence the "\n"): https://github.com/docker-library/postgres/issues/1025
+ eval 'initdb --username="$POSTGRES_USER" --pwfile=<(printf "%s\n" "$POSTGRES_PASSWORD") '"$POSTGRES_INITDB_ARGS"' "$@"'
+
+ # unset/cleanup "nss_wrapper" bits
+ if [[ "${LD_PRELOAD:-}" == */libnss_wrapper.so ]]; then
+ rm -f "$NSS_WRAPPER_PASSWD" "$NSS_WRAPPER_GROUP"
+ unset LD_PRELOAD NSS_WRAPPER_PASSWD NSS_WRAPPER_GROUP
+ fi
+}
+
+# print large warning if POSTGRES_PASSWORD is long
+# error if both POSTGRES_PASSWORD is empty and POSTGRES_HOST_AUTH_METHOD is not 'trust'
+# print large warning if POSTGRES_HOST_AUTH_METHOD is set to 'trust'
+# assumes database is not set up, ie: [ -z "$DATABASE_ALREADY_EXISTS" ]
+docker_verify_minimum_env() {
+ case "${PG_MAJOR:-}" in
+ 12 | 13) # https://github.com/postgres/postgres/commit/67a472d71c98c3d2fa322a1b4013080b20720b98
+ # check password first so we can output the warning before postgres
+ # messes it up
+ if [ "${#POSTGRES_PASSWORD}" -ge 100 ]; then
+ cat >&2 <<-'EOWARN'
+
+ WARNING: The supplied POSTGRES_PASSWORD is 100+ characters.
+
+ This will not work if used via PGPASSWORD with "psql".
+
+ https://www.postgresql.org/message-id/flat/E1Rqxp2-0004Qt-PL%40wrigleys.postgresql.org (BUG #6412)
+ https://github.com/docker-library/postgres/issues/507
+
+ EOWARN
+ fi
+ ;;
+ esac
+ if [ -z "$POSTGRES_PASSWORD" ] && [ 'trust' != "$POSTGRES_HOST_AUTH_METHOD" ]; then
+ # The - option suppresses leading tabs but *not* spaces. :)
+ cat >&2 <<-'EOE'
+ Error: Database is uninitialized and superuser password is not specified.
+ You must specify POSTGRES_PASSWORD to a non-empty value for the
+ superuser. For example, "-e POSTGRES_PASSWORD=password" on "docker run".
+
+ You may also use "POSTGRES_HOST_AUTH_METHOD=trust" to allow all
+ connections without a password. This is *not* recommended.
+
+ See PostgreSQL documentation about "trust":
+ https://www.postgresql.org/docs/current/auth-trust.html
+ EOE
+ exit 1
+ fi
+ if [ 'trust' = "$POSTGRES_HOST_AUTH_METHOD" ]; then
+ cat >&2 <<-'EOWARN'
+ ********************************************************************************
+ WARNING: POSTGRES_HOST_AUTH_METHOD has been set to "trust". This will allow
+ anyone with access to the Postgres port to access your database without
+ a password, even if POSTGRES_PASSWORD is set. See PostgreSQL
+ documentation about "trust":
+ https://www.postgresql.org/docs/current/auth-trust.html
+ In Docker's default configuration, this is effectively any other
+ container on the same system.
+
+ It is not recommended to use POSTGRES_HOST_AUTH_METHOD=trust. Replace
+ it with "-e POSTGRES_PASSWORD=password" instead to set a password in
+ "docker run".
+ ********************************************************************************
+ EOWARN
+ fi
+}
+
+# usage: docker_process_init_files [file [file [...]]]
+# ie: docker_process_init_files /always-initdb.d/*
+# process initializer files, based on file extensions and permissions
+docker_process_init_files() {
+ # psql here for backwards compatibility "${psql[@]}"
+ psql=( docker_process_sql )
+
+ printf '\n'
+ local f
+ for f; do
+ case "$f" in
+ *.sh)
+ # https://github.com/docker-library/postgres/issues/450#issuecomment-393167936
+ # https://github.com/docker-library/postgres/pull/452
+ if [ -x "$f" ]; then
+ printf '%s: running %s\n' "$0" "$f"
+ "$f"
+ else
+ printf '%s: sourcing %s\n' "$0" "$f"
+ . "$f"
+ fi
+ ;;
+ *.sql) printf '%s: running %s\n' "$0" "$f"; docker_process_sql -f "$f"; printf '\n' ;;
+ *.sql.gz) printf '%s: running %s\n' "$0" "$f"; gunzip -c "$f" | docker_process_sql; printf '\n' ;;
+ *.sql.xz) printf '%s: running %s\n' "$0" "$f"; xzcat "$f" | docker_process_sql; printf '\n' ;;
+ *.sql.zst) printf '%s: running %s\n' "$0" "$f"; zstd -dc "$f" | docker_process_sql; printf '\n' ;;
+ *) printf '%s: ignoring %s\n' "$0" "$f" ;;
+ esac
+ printf '\n'
+ done
+}
+
+# Execute sql script, passed via stdin (or -f flag of pqsl)
+# usage: docker_process_sql [psql-cli-args]
+# ie: docker_process_sql --dbname=mydb <<<'INSERT ...'
+# ie: docker_process_sql -f my-file.sql
+# ie: docker_process_sql <my-file.sql
+docker_process_sql() {
+ local query_runner=( psql -v ON_ERROR_STOP=1 --username "$POSTGRES_USER" --no-password --no-psqlrc )
+ if [ -n "$POSTGRES_DB" ]; then
+ query_runner+=( --dbname "$POSTGRES_DB" )
+ fi
+
+ PGHOST= PGHOSTADDR= "${query_runner[@]}" "$@"
+}
+
+# create initial database
+# uses environment variables for input: POSTGRES_DB
+docker_setup_db() {
+ local dbAlreadyExists
+ dbAlreadyExists="$(
+ POSTGRES_DB= docker_process_sql --dbname postgres --set db="$POSTGRES_DB" --tuples-only <<-'EOSQL'
+ SELECT 1 FROM pg_database WHERE datname = :'db' ;
+ EOSQL
+ )"
+ if [ -z "$dbAlreadyExists" ]; then
+ POSTGRES_DB= docker_process_sql --dbname postgres --set db="$POSTGRES_DB" <<-'EOSQL'
+ CREATE DATABASE :"db" ;
+ EOSQL
+ printf '\n'
+ fi
+}
+
+# Loads various settings that are used elsewhere in the script
+# This should be called before any other functions
+docker_setup_env() {
+ file_env 'POSTGRES_PASSWORD'
+
+ file_env 'POSTGRES_USER' 'postgres'
+ file_env 'POSTGRES_DB' "$POSTGRES_USER"
+ file_env 'POSTGRES_INITDB_ARGS'
+ : "${POSTGRES_HOST_AUTH_METHOD:=}"
+
+ declare -g DATABASE_ALREADY_EXISTS
+ : "${DATABASE_ALREADY_EXISTS:=}"
+ # look specifically for PG_VERSION, as it is expected in the DB dir
+ if [ -s "$PGDATA/PG_VERSION" ]; then
+ DATABASE_ALREADY_EXISTS='true'
+ fi
+}
+
+# append POSTGRES_HOST_AUTH_METHOD to pg_hba.conf for "host" connections
+# all arguments will be passed along as arguments to `postgres` for getting the value of 'password_encryption'
+pg_setup_hba_conf() {
+ # default authentication method is md5 on versions before 14
+ # https://www.postgresql.org/about/news/postgresql-14-released-2318/
+ if [ "$1" = 'postgres' ]; then
+ shift
+ fi
+ local auth
+ # check the default/configured encryption and use that as the auth method
+ auth="$(postgres -C password_encryption "$@")"
+ : "${POSTGRES_HOST_AUTH_METHOD:=$auth}"
+ {
+ printf '\n'
+ if [ 'trust' = "$POSTGRES_HOST_AUTH_METHOD" ]; then
+ printf '# warning trust is enabled for all connections\n'
+ printf '# see https://www.postgresql.org/docs/12/auth-trust.html\n'
+ fi
+ printf 'host all all all %s\n' "$POSTGRES_HOST_AUTH_METHOD"
+ } >> "$PGDATA/pg_hba.conf"
+}
+
+# start socket-only postgresql server for setting up or running scripts
+# all arguments will be passed along as arguments to `postgres` (via pg_ctl)
+docker_temp_server_start() {
+ if [ "$1" = 'postgres' ]; then
+ shift
+ fi
+
+ # internal start of server in order to allow setup using psql client
+ # does not listen on external TCP/IP and waits until start finishes
+ set -- "$@" -c listen_addresses='' -p "${PGPORT:-5432}"
+
+ PGUSER="${PGUSER:-$POSTGRES_USER}" \
+ pg_ctl -D "$PGDATA" \
+ -o "$(printf '%q ' "$@")" \
+ -w start
+}
+
+# stop postgresql server after done setting up user and running scripts
+docker_temp_server_stop() {
+ PGUSER="${PGUSER:-postgres}" \
+ pg_ctl -D "$PGDATA" -m fast -w stop
+}
+
+# check arguments for an option that would cause postgres to stop
+# return true if there is one
+_pg_want_help() {
+ local arg
+ for arg; do
+ case "$arg" in
+ # postgres --help | grep 'then exit'
+ # leaving out -C on purpose since it always fails and is unhelpful:
+ # postgres: could not access the server configuration file "/var/lib/postgresql/data/postgresql.conf": No such file or directory
+ -'?'|--help|--describe-config|-V|--version)
+ return 0
+ ;;
+ esac
+ done
+ return 1
+}
+
+_main() {
+ # if first arg looks like a flag, assume we want to run postgres server
+ if [ "${1:0:1}" = '-' ]; then
+ set -- postgres "$@"
+ fi
+
+ if [ "$1" = 'postgres' ] && ! _pg_want_help "$@"; then
+ docker_setup_env
+ # setup data directories and permissions (when run as root)
+ docker_create_db_directories
+ if [ "$(id -u)" = '0' ]; then
+ # then restart script as postgres user
+ exec gosu postgres "$BASH_SOURCE" "$@"
+ fi
+
+ # only run initialization on an empty data directory
+ if [ -z "$DATABASE_ALREADY_EXISTS" ]; then
+ docker_verify_minimum_env
+
+ # check dir permissions to reduce likelihood of half-initialized database
+ ls /docker-entrypoint-initdb.d/ > /dev/null
+
+ docker_init_database_dir
+ pg_setup_hba_conf "$@"
+
+ # PGPASSWORD is required for psql when authentication is required for 'local' connections via pg_hba.conf and is otherwise harmless
+ # e.g. when '--auth=md5' or '--auth-local=md5' is used in POSTGRES_INITDB_ARGS
+ export PGPASSWORD="${PGPASSWORD:-$POSTGRES_PASSWORD}"
+ docker_temp_server_start "$@"
+
+ docker_setup_db
+ docker_process_init_files /docker-entrypoint-initdb.d/*
+
+ docker_temp_server_stop
+ unset PGPASSWORD
+
+ cat <<-'EOM'
+
+ PostgreSQL init process complete; ready for start up.
+
+ EOM
+ else
+ cat <<-'EOM'
+
+ PostgreSQL Database directory appears to contain a database; Skipping initialization
+
+ EOM
+ fi
+ fi
+
+ exec "$@"
+}
+
+if ! _is_sourced; then
+ _main "$@"
+fi
diff --git a/17/bullseye/Dockerfile b/17/bullseye/Dockerfile
new file mode 100644
index 0000000000..dd4ac0d544
--- /dev/null
+++ b/17/bullseye/Dockerfile
@@ -0,0 +1,226 @@
+#
+# NOTE: THIS DOCKERFILE IS GENERATED VIA "apply-templates.sh"
+#
+# PLEASE DO NOT EDIT IT DIRECTLY.
+#
+
+FROM debian:bullseye-slim
+
+# explicitly set user/group IDs
+RUN set -eux; \
+ groupadd -r postgres --gid=999; \
+# https://salsa.debian.org/postgresql/postgresql-common/blob/997d842ee744687d99a2b2d95c1083a2615c79e8/debian/postgresql-common.postinst#L32-35
+ useradd -r -g postgres --uid=999 --home-dir=/var/lib/postgresql --shell=/bin/bash postgres; \
+# also create the postgres user's home directory with appropriate permissions
+# see https://github.com/docker-library/postgres/issues/274
+ mkdir -p /var/lib/postgresql; \
+ chown -R postgres:postgres /var/lib/postgresql
+
+RUN set -ex; \
+ apt-get update; \
+ apt-get install -y --no-install-recommends \
+ gnupg \
+# https://www.postgresql.org/docs/16/app-psql.html#APP-PSQL-META-COMMAND-PSET-PAGER
+# https://github.com/postgres/postgres/blob/REL_16_1/src/include/fe_utils/print.h#L25
+# (if "less" is available, it gets used as the default pager for psql, and it only adds ~1.5MiB to our image size)
+ less \
+ ; \
+ rm -rf /var/lib/apt/lists/*
+
+# grab gosu for easy step-down from root
+# https://github.com/tianon/gosu/releases
+ENV GOSU_VERSION 1.17
+RUN set -eux; \
+ savedAptMark="$(apt-mark showmanual)"; \
+ apt-get update; \
+ apt-get install -y --no-install-recommends ca-certificates wget; \
+ rm -rf /var/lib/apt/lists/*; \
+ dpkgArch="$(dpkg --print-architecture | awk -F- '{ print $NF }')"; \
+ wget -O /usr/local/bin/gosu "https://github.com/tianon/gosu/releases/download/$GOSU_VERSION/gosu-$dpkgArch"; \
+ wget -O /usr/local/bin/gosu.asc "https://github.com/tianon/gosu/releases/download/$GOSU_VERSION/gosu-$dpkgArch.asc"; \
+ export GNUPGHOME="$(mktemp -d)"; \
+ gpg --batch --keyserver hkps://keys.openpgp.org --recv-keys B42F6819007F00F88E364FD4036A9C25BF357DD4; \
+ gpg --batch --verify /usr/local/bin/gosu.asc /usr/local/bin/gosu; \
+ gpgconf --kill all; \
+ rm -rf "$GNUPGHOME" /usr/local/bin/gosu.asc; \
+ apt-mark auto '.*' > /dev/null; \
+ [ -z "$savedAptMark" ] || apt-mark manual $savedAptMark > /dev/null; \
+ apt-get purge -y --auto-remove -o APT::AutoRemove::RecommendsImportant=false; \
+ chmod +x /usr/local/bin/gosu; \
+ gosu --version; \
+ gosu nobody true
+
+# make the "en_US.UTF-8" locale so postgres will be utf-8 enabled by default
+RUN set -eux; \
+ if [ -f /etc/dpkg/dpkg.cfg.d/docker ]; then \
+# if this file exists, we're likely in "debian:xxx-slim", and locales are thus being excluded so we need to remove that exclusion (since we need locales)
+ grep -q '/usr/share/locale' /etc/dpkg/dpkg.cfg.d/docker; \
+ sed -ri '/\/usr\/share\/locale/d' /etc/dpkg/dpkg.cfg.d/docker; \
+ ! grep -q '/usr/share/locale' /etc/dpkg/dpkg.cfg.d/docker; \
+ fi; \
+ apt-get update; apt-get install -y --no-install-recommends locales; rm -rf /var/lib/apt/lists/*; \
+ echo 'en_US.UTF-8 UTF-8' >> /etc/locale.gen; \
+ locale-gen; \
+ locale -a | grep 'en_US.utf8'
+ENV LANG en_US.utf8
+
+RUN set -eux; \
+ apt-get update; \
+ apt-get install -y --no-install-recommends \
+ libnss-wrapper \
+ xz-utils \
+ zstd \
+ ; \
+ rm -rf /var/lib/apt/lists/*
+
+RUN mkdir /docker-entrypoint-initdb.d
+
+RUN set -ex; \
+# pub 4096R/ACCC4CF8 2011-10-13 [expires: 2019-07-02]
+# Key fingerprint = B97B 0AFC AA1A 47F0 44F2 44A0 7FCC 7D46 ACCC 4CF8
+# uid PostgreSQL Debian Repository
+ key='B97B0AFCAA1A47F044F244A07FCC7D46ACCC4CF8'; \
+ export GNUPGHOME="$(mktemp -d)"; \
+ mkdir -p /usr/local/share/keyrings/; \
+ gpg --batch --keyserver keyserver.ubuntu.com --recv-keys "$key"; \
+ gpg --batch --export --armor "$key" > /usr/local/share/keyrings/postgres.gpg.asc; \
+ gpgconf --kill all; \
+ rm -rf "$GNUPGHOME"
+
+ENV PG_MAJOR 17
+ENV PATH $PATH:/usr/lib/postgresql/$PG_MAJOR/bin
+
+ENV PG_VERSION 17~beta1-1.pgdg110+1
+
+RUN set -ex; \
+ \
+# see note below about "*.pyc" files
+ export PYTHONDONTWRITEBYTECODE=1; \
+ \
+ dpkgArch="$(dpkg --print-architecture)"; \
+ aptRepo="[ signed-by=/usr/local/share/keyrings/postgres.gpg.asc ] http://apt.postgresql.org/pub/repos/apt/ bullseye-pgdg main $PG_MAJOR"; \
+ case "$dpkgArch" in \
+ amd64 | arm64 | ppc64el | s390x) \
+# arches officialy built by upstream
+ echo "deb $aptRepo" > /etc/apt/sources.list.d/pgdg.list; \
+ apt-get update; \
+ ;; \
+ *) \
+# we're on an architecture upstream doesn't officially build for
+# let's build binaries from their published source packages
+ echo "deb-src $aptRepo" > /etc/apt/sources.list.d/pgdg.list; \
+ \
+ savedAptMark="$(apt-mark showmanual)"; \
+ \
+ tempDir="$(mktemp -d)"; \
+ cd "$tempDir"; \
+ \
+# create a temporary local APT repo to install from (so that dependency resolution can be handled by APT, as it should be)
+ apt-get update; \
+ apt-get install -y --no-install-recommends dpkg-dev; \
+ echo "deb [ trusted=yes ] file://$tempDir ./" > /etc/apt/sources.list.d/temp.list; \
+ _update_repo() { \
+ dpkg-scanpackages . > Packages; \
+# work around the following APT issue by using "Acquire::GzipIndexes=false" (overriding "/etc/apt/apt.conf.d/docker-gzip-indexes")
+# Could not open file /var/lib/apt/lists/partial/_tmp_tmp.ODWljpQfkE_._Packages - open (13: Permission denied)
+# ...
+# E: Failed to fetch store:/var/lib/apt/lists/partial/_tmp_tmp.ODWljpQfkE_._Packages Could not open file /var/lib/apt/lists/partial/_tmp_tmp.ODWljpQfkE_._Packages - open (13: Permission denied)
+ apt-get -o Acquire::GzipIndexes=false update; \
+ }; \
+ _update_repo; \
+ \
+# build .deb files from upstream's source packages (which are verified by apt-get)
+ nproc="$(nproc)"; \
+ export DEB_BUILD_OPTIONS="nocheck parallel=$nproc"; \
+# we have to build postgresql-common first because postgresql-$PG_MAJOR shares "debian/rules" logic with it: https://salsa.debian.org/postgresql/postgresql/-/commit/99f44476e258cae6bf9e919219fa2c5414fa2876
+# (and it "Depends: pgdg-keyring")
+ apt-get build-dep -y postgresql-common pgdg-keyring; \
+ apt-get source --compile postgresql-common pgdg-keyring; \
+ _update_repo; \
+ apt-get build-dep -y "postgresql-$PG_MAJOR=$PG_VERSION"; \
+ apt-get source --compile "postgresql-$PG_MAJOR=$PG_VERSION"; \
+ \
+# we don't remove APT lists here because they get re-downloaded and removed later
+ \
+# reset apt-mark's "manual" list so that "purge --auto-remove" will remove all build dependencies
+# (which is done after we install the built packages so we don't have to redownload any overlapping dependencies)
+ apt-mark showmanual | xargs apt-mark auto > /dev/null; \
+ apt-mark manual $savedAptMark; \
+ \
+ ls -lAFh; \
+ _update_repo; \
+ grep '^Package: ' Packages; \
+ cd /; \
+ ;; \
+ esac; \
+ \
+ apt-get install -y --no-install-recommends postgresql-common; \
+ sed -ri 's/#(create_main_cluster) .*$/\1 = false/' /etc/postgresql-common/createcluster.conf; \
+ apt-get install -y --no-install-recommends \
+ "postgresql-$PG_MAJOR=$PG_VERSION" \
+ ; \
+ \
+ rm -rf /var/lib/apt/lists/*; \
+ \
+ if [ -n "$tempDir" ]; then \
+# if we have leftovers from building, let's purge them (including extra, unnecessary build deps)
+ apt-get purge -y --auto-remove; \
+ rm -rf "$tempDir" /etc/apt/sources.list.d/temp.list; \
+ fi; \
+ \
+# some of the steps above generate a lot of "*.pyc" files (and setting "PYTHONDONTWRITEBYTECODE" beforehand doesn't propagate properly for some reason), so we clean them up manually (as long as they aren't owned by a package)
+ find /usr -name '*.pyc' -type f -exec bash -c 'for pyc; do dpkg -S "$pyc" &> /dev/null || rm -vf "$pyc"; done' -- '{}' +; \
+ \
+ postgres --version
+
+# make the sample config easier to munge (and "correct by default")
+RUN set -eux; \
+ dpkg-divert --add --rename --divert "/usr/share/postgresql/postgresql.conf.sample.dpkg" "/usr/share/postgresql/$PG_MAJOR/postgresql.conf.sample"; \
+ cp -v /usr/share/postgresql/postgresql.conf.sample.dpkg /usr/share/postgresql/postgresql.conf.sample; \
+ ln -sv ../postgresql.conf.sample "/usr/share/postgresql/$PG_MAJOR/"; \
+ sed -ri "s!^#?(listen_addresses)\s*=\s*\S+.*!\1 = '*'!" /usr/share/postgresql/postgresql.conf.sample; \
+ grep -F "listen_addresses = '*'" /usr/share/postgresql/postgresql.conf.sample
+
+RUN mkdir -p /var/run/postgresql && chown -R postgres:postgres /var/run/postgresql && chmod 3777 /var/run/postgresql
+
+ENV PGDATA /var/lib/postgresql/data
+# this 1777 will be replaced by 0700 at runtime (allows semi-arbitrary "--user" values)
+RUN mkdir -p "$PGDATA" && chown -R postgres:postgres "$PGDATA" && chmod 1777 "$PGDATA"
+VOLUME /var/lib/postgresql/data
+
+COPY docker-entrypoint.sh docker-ensure-initdb.sh /usr/local/bin/
+RUN ln -sT docker-ensure-initdb.sh /usr/local/bin/docker-enforce-initdb.sh
+ENTRYPOINT ["docker-entrypoint.sh"]
+
+# We set the default STOPSIGNAL to SIGINT, which corresponds to what PostgreSQL
+# calls "Fast Shutdown mode" wherein new connections are disallowed and any
+# in-progress transactions are aborted, allowing PostgreSQL to stop cleanly and
+# flush tables to disk, which is the best compromise available to avoid data
+# corruption.
+#
+# Users who know their applications do not keep open long-lived idle connections
+# may way to use a value of SIGTERM instead, which corresponds to "Smart
+# Shutdown mode" in which any existing sessions are allowed to finish and the
+# server stops when all sessions are terminated.
+#
+# See https://www.postgresql.org/docs/12/server-shutdown.html for more details
+# about available PostgreSQL server shutdown signals.
+#
+# See also https://www.postgresql.org/docs/12/server-start.html for further
+# justification of this as the default value, namely that the example (and
+# shipped) systemd service files use the "Fast Shutdown mode" for service
+# termination.
+#
+STOPSIGNAL SIGINT
+#
+# An additional setting that is recommended for all users regardless of this
+# value is the runtime "--stop-timeout" (or your orchestrator/runtime's
+# equivalent) for controlling how long to wait between sending the defined
+# STOPSIGNAL and sending SIGKILL (which is likely to cause data corruption).
+#
+# The default in most runtimes (such as Docker) is 10 seconds, and the
+# documentation at https://www.postgresql.org/docs/12/server-start.html notes
+# that even 90 seconds may not be long enough in many instances.
+
+EXPOSE 5432
+CMD ["postgres"]
diff --git a/17/bullseye/docker-ensure-initdb.sh b/17/bullseye/docker-ensure-initdb.sh
new file mode 100755
index 0000000000..ae1f6b6b90
--- /dev/null
+++ b/17/bullseye/docker-ensure-initdb.sh
@@ -0,0 +1,71 @@
+#!/usr/bin/env bash
+set -Eeuo pipefail
+
+#
+# This script is intended for three main use cases:
+#
+# 1. (most importantly) as an example of how to use "docker-entrypoint.sh" to extend/reuse the initialization behavior
+#
+# 2. ("docker-ensure-initdb.sh") as a Kubernetes "init container" to ensure the provided database directory is initialized; see also "startup probes" for an alternative solution
+# (no-op if database is already initialized)
+#
+# 3. ("docker-enforce-initdb.sh") as part of CI to ensure the database is fully initialized before use
+# (error if database is already initialized)
+#
+
+source /usr/local/bin/docker-entrypoint.sh
+
+# arguments to this script are assumed to be arguments to the "postgres" server (same as "docker-entrypoint.sh"), and most "docker-entrypoint.sh" functions assume "postgres" is the first argument (see "_main" over there)
+if [ "$#" -eq 0 ] || [ "$1" != 'postgres' ]; then
+ set -- postgres "$@"
+fi
+
+# see also "_main" in "docker-entrypoint.sh"
+
+docker_setup_env
+# setup data directories and permissions (when run as root)
+docker_create_db_directories
+if [ "$(id -u)" = '0' ]; then
+ # then restart script as postgres user
+ exec gosu postgres "$BASH_SOURCE" "$@"
+fi
+
+# only run initialization on an empty data directory
+if [ -z "$DATABASE_ALREADY_EXISTS" ]; then
+ docker_verify_minimum_env
+
+ # check dir permissions to reduce likelihood of half-initialized database
+ ls /docker-entrypoint-initdb.d/ > /dev/null
+
+ docker_init_database_dir
+ pg_setup_hba_conf "$@"
+
+ # PGPASSWORD is required for psql when authentication is required for 'local' connections via pg_hba.conf and is otherwise harmless
+ # e.g. when '--auth=md5' or '--auth-local=md5' is used in POSTGRES_INITDB_ARGS
+ export PGPASSWORD="${PGPASSWORD:-$POSTGRES_PASSWORD}"
+ docker_temp_server_start "$@"
+
+ docker_setup_db
+ docker_process_init_files /docker-entrypoint-initdb.d/*
+
+ docker_temp_server_stop
+ unset PGPASSWORD
+else
+ self="$(basename "$0")"
+ case "$self" in
+ docker-ensure-initdb.sh)
+ echo >&2 "$self: note: database already initialized in '$PGDATA'!"
+ exit 0
+ ;;
+
+ docker-enforce-initdb.sh)
+ echo >&2 "$self: error: (unexpected) database found in '$PGDATA'!"
+ exit 1
+ ;;
+
+ *)
+ echo >&2 "$self: error: unknown file name: $self"
+ exit 99
+ ;;
+ esac
+fi
diff --git a/17/bullseye/docker-entrypoint.sh b/17/bullseye/docker-entrypoint.sh
new file mode 100755
index 0000000000..6f59993e08
--- /dev/null
+++ b/17/bullseye/docker-entrypoint.sh
@@ -0,0 +1,356 @@
+#!/usr/bin/env bash
+set -Eeo pipefail
+# TODO swap to -Eeuo pipefail above (after handling all potentially-unset variables)
+
+# usage: file_env VAR [DEFAULT]
+# ie: file_env 'XYZ_DB_PASSWORD' 'example'
+# (will allow for "$XYZ_DB_PASSWORD_FILE" to fill in the value of
+# "$XYZ_DB_PASSWORD" from a file, especially for Docker's secrets feature)
+file_env() {
+ local var="$1"
+ local fileVar="${var}_FILE"
+ local def="${2:-}"
+ if [ "${!var:-}" ] && [ "${!fileVar:-}" ]; then
+ printf >&2 'error: both %s and %s are set (but are exclusive)\n' "$var" "$fileVar"
+ exit 1
+ fi
+ local val="$def"
+ if [ "${!var:-}" ]; then
+ val="${!var}"
+ elif [ "${!fileVar:-}" ]; then
+ val="$(< "${!fileVar}")"
+ fi
+ export "$var"="$val"
+ unset "$fileVar"
+}
+
+# check to see if this file is being run or sourced from another script
+_is_sourced() {
+ # https://unix.stackexchange.com/a/215279
+ [ "${#FUNCNAME[@]}" -ge 2 ] \
+ && [ "${FUNCNAME[0]}" = '_is_sourced' ] \
+ && [ "${FUNCNAME[1]}" = 'source' ]
+}
+
+# used to create initial postgres directories and if run as root, ensure ownership to the "postgres" user
+docker_create_db_directories() {
+ local user; user="$(id -u)"
+
+ mkdir -p "$PGDATA"
+ # ignore failure since there are cases where we can't chmod (and PostgreSQL might fail later anyhow - it's picky about permissions of this directory)
+ chmod 00700 "$PGDATA" || :
+
+ # ignore failure since it will be fine when using the image provided directory; see also https://github.com/docker-library/postgres/pull/289
+ mkdir -p /var/run/postgresql || :
+ chmod 03775 /var/run/postgresql || :
+
+ # Create the transaction log directory before initdb is run so the directory is owned by the correct user
+ if [ -n "${POSTGRES_INITDB_WALDIR:-}" ]; then
+ mkdir -p "$POSTGRES_INITDB_WALDIR"
+ if [ "$user" = '0' ]; then
+ find "$POSTGRES_INITDB_WALDIR" \! -user postgres -exec chown postgres '{}' +
+ fi
+ chmod 700 "$POSTGRES_INITDB_WALDIR"
+ fi
+
+ # allow the container to be started with `--user`
+ if [ "$user" = '0' ]; then
+ find "$PGDATA" \! -user postgres -exec chown postgres '{}' +
+ find /var/run/postgresql \! -user postgres -exec chown postgres '{}' +
+ fi
+}
+
+# initialize empty PGDATA directory with new database via 'initdb'
+# arguments to `initdb` can be passed via POSTGRES_INITDB_ARGS or as arguments to this function
+# `initdb` automatically creates the "postgres", "template0", and "template1" dbnames
+# this is also where the database user is created, specified by `POSTGRES_USER` env
+docker_init_database_dir() {
+ # "initdb" is particular about the current user existing in "/etc/passwd", so we use "nss_wrapper" to fake that if necessary
+ # see https://github.com/docker-library/postgres/pull/253, https://github.com/docker-library/postgres/issues/359, https://cwrap.org/nss_wrapper.html
+ local uid; uid="$(id -u)"
+ if ! getent passwd "$uid" &> /dev/null; then
+ # see if we can find a suitable "libnss_wrapper.so" (https://salsa.debian.org/sssd-team/nss-wrapper/-/commit/b9925a653a54e24d09d9b498a2d913729f7abb15)
+ local wrapper
+ for wrapper in {/usr,}/lib{/*,}/libnss_wrapper.so; do
+ if [ -s "$wrapper" ]; then
+ NSS_WRAPPER_PASSWD="$(mktemp)"
+ NSS_WRAPPER_GROUP="$(mktemp)"
+ export LD_PRELOAD="$wrapper" NSS_WRAPPER_PASSWD NSS_WRAPPER_GROUP
+ local gid; gid="$(id -g)"
+ printf 'postgres:x:%s:%s:PostgreSQL:%s:/bin/false\n' "$uid" "$gid" "$PGDATA" > "$NSS_WRAPPER_PASSWD"
+ printf 'postgres:x:%s:\n' "$gid" > "$NSS_WRAPPER_GROUP"
+ break
+ fi
+ done
+ fi
+
+ if [ -n "${POSTGRES_INITDB_WALDIR:-}" ]; then
+ set -- --waldir "$POSTGRES_INITDB_WALDIR" "$@"
+ fi
+
+ # --pwfile refuses to handle a properly-empty file (hence the "\n"): https://github.com/docker-library/postgres/issues/1025
+ eval 'initdb --username="$POSTGRES_USER" --pwfile=<(printf "%s\n" "$POSTGRES_PASSWORD") '"$POSTGRES_INITDB_ARGS"' "$@"'
+
+ # unset/cleanup "nss_wrapper" bits
+ if [[ "${LD_PRELOAD:-}" == */libnss_wrapper.so ]]; then
+ rm -f "$NSS_WRAPPER_PASSWD" "$NSS_WRAPPER_GROUP"
+ unset LD_PRELOAD NSS_WRAPPER_PASSWD NSS_WRAPPER_GROUP
+ fi
+}
+
+# print large warning if POSTGRES_PASSWORD is long
+# error if both POSTGRES_PASSWORD is empty and POSTGRES_HOST_AUTH_METHOD is not 'trust'
+# print large warning if POSTGRES_HOST_AUTH_METHOD is set to 'trust'
+# assumes database is not set up, ie: [ -z "$DATABASE_ALREADY_EXISTS" ]
+docker_verify_minimum_env() {
+ case "${PG_MAJOR:-}" in
+ 12 | 13) # https://github.com/postgres/postgres/commit/67a472d71c98c3d2fa322a1b4013080b20720b98
+ # check password first so we can output the warning before postgres
+ # messes it up
+ if [ "${#POSTGRES_PASSWORD}" -ge 100 ]; then
+ cat >&2 <<-'EOWARN'
+
+ WARNING: The supplied POSTGRES_PASSWORD is 100+ characters.
+
+ This will not work if used via PGPASSWORD with "psql".
+
+ https://www.postgresql.org/message-id/flat/E1Rqxp2-0004Qt-PL%40wrigleys.postgresql.org (BUG #6412)
+ https://github.com/docker-library/postgres/issues/507
+
+ EOWARN
+ fi
+ ;;
+ esac
+ if [ -z "$POSTGRES_PASSWORD" ] && [ 'trust' != "$POSTGRES_HOST_AUTH_METHOD" ]; then
+ # The - option suppresses leading tabs but *not* spaces. :)
+ cat >&2 <<-'EOE'
+ Error: Database is uninitialized and superuser password is not specified.
+ You must specify POSTGRES_PASSWORD to a non-empty value for the
+ superuser. For example, "-e POSTGRES_PASSWORD=password" on "docker run".
+
+ You may also use "POSTGRES_HOST_AUTH_METHOD=trust" to allow all
+ connections without a password. This is *not* recommended.
+
+ See PostgreSQL documentation about "trust":
+ https://www.postgresql.org/docs/current/auth-trust.html
+ EOE
+ exit 1
+ fi
+ if [ 'trust' = "$POSTGRES_HOST_AUTH_METHOD" ]; then
+ cat >&2 <<-'EOWARN'
+ ********************************************************************************
+ WARNING: POSTGRES_HOST_AUTH_METHOD has been set to "trust". This will allow
+ anyone with access to the Postgres port to access your database without
+ a password, even if POSTGRES_PASSWORD is set. See PostgreSQL
+ documentation about "trust":
+ https://www.postgresql.org/docs/current/auth-trust.html
+ In Docker's default configuration, this is effectively any other
+ container on the same system.
+
+ It is not recommended to use POSTGRES_HOST_AUTH_METHOD=trust. Replace
+ it with "-e POSTGRES_PASSWORD=password" instead to set a password in
+ "docker run".
+ ********************************************************************************
+ EOWARN
+ fi
+}
+
+# usage: docker_process_init_files [file [file [...]]]
+# ie: docker_process_init_files /always-initdb.d/*
+# process initializer files, based on file extensions and permissions
+docker_process_init_files() {
+ # psql here for backwards compatibility "${psql[@]}"
+ psql=( docker_process_sql )
+
+ printf '\n'
+ local f
+ for f; do
+ case "$f" in
+ *.sh)
+ # https://github.com/docker-library/postgres/issues/450#issuecomment-393167936
+ # https://github.com/docker-library/postgres/pull/452
+ if [ -x "$f" ]; then
+ printf '%s: running %s\n' "$0" "$f"
+ "$f"
+ else
+ printf '%s: sourcing %s\n' "$0" "$f"
+ . "$f"
+ fi
+ ;;
+ *.sql) printf '%s: running %s\n' "$0" "$f"; docker_process_sql -f "$f"; printf '\n' ;;
+ *.sql.gz) printf '%s: running %s\n' "$0" "$f"; gunzip -c "$f" | docker_process_sql; printf '\n' ;;
+ *.sql.xz) printf '%s: running %s\n' "$0" "$f"; xzcat "$f" | docker_process_sql; printf '\n' ;;
+ *.sql.zst) printf '%s: running %s\n' "$0" "$f"; zstd -dc "$f" | docker_process_sql; printf '\n' ;;
+ *) printf '%s: ignoring %s\n' "$0" "$f" ;;
+ esac
+ printf '\n'
+ done
+}
+
+# Execute sql script, passed via stdin (or -f flag of pqsl)
+# usage: docker_process_sql [psql-cli-args]
+# ie: docker_process_sql --dbname=mydb <<<'INSERT ...'
+# ie: docker_process_sql -f my-file.sql
+# ie: docker_process_sql <my-file.sql
+docker_process_sql() {
+ local query_runner=( psql -v ON_ERROR_STOP=1 --username "$POSTGRES_USER" --no-password --no-psqlrc )
+ if [ -n "$POSTGRES_DB" ]; then
+ query_runner+=( --dbname "$POSTGRES_DB" )
+ fi
+
+ PGHOST= PGHOSTADDR= "${query_runner[@]}" "$@"
+}
+
+# create initial database
+# uses environment variables for input: POSTGRES_DB
+docker_setup_db() {
+ local dbAlreadyExists
+ dbAlreadyExists="$(
+ POSTGRES_DB= docker_process_sql --dbname postgres --set db="$POSTGRES_DB" --tuples-only <<-'EOSQL'
+ SELECT 1 FROM pg_database WHERE datname = :'db' ;
+ EOSQL
+ )"
+ if [ -z "$dbAlreadyExists" ]; then
+ POSTGRES_DB= docker_process_sql --dbname postgres --set db="$POSTGRES_DB" <<-'EOSQL'
+ CREATE DATABASE :"db" ;
+ EOSQL
+ printf '\n'
+ fi
+}
+
+# Loads various settings that are used elsewhere in the script
+# This should be called before any other functions
+docker_setup_env() {
+ file_env 'POSTGRES_PASSWORD'
+
+ file_env 'POSTGRES_USER' 'postgres'
+ file_env 'POSTGRES_DB' "$POSTGRES_USER"
+ file_env 'POSTGRES_INITDB_ARGS'
+ : "${POSTGRES_HOST_AUTH_METHOD:=}"
+
+ declare -g DATABASE_ALREADY_EXISTS
+ : "${DATABASE_ALREADY_EXISTS:=}"
+ # look specifically for PG_VERSION, as it is expected in the DB dir
+ if [ -s "$PGDATA/PG_VERSION" ]; then
+ DATABASE_ALREADY_EXISTS='true'
+ fi
+}
+
+# append POSTGRES_HOST_AUTH_METHOD to pg_hba.conf for "host" connections
+# all arguments will be passed along as arguments to `postgres` for getting the value of 'password_encryption'
+pg_setup_hba_conf() {
+ # default authentication method is md5 on versions before 14
+ # https://www.postgresql.org/about/news/postgresql-14-released-2318/
+ if [ "$1" = 'postgres' ]; then
+ shift
+ fi
+ local auth
+ # check the default/configured encryption and use that as the auth method
+ auth="$(postgres -C password_encryption "$@")"
+ : "${POSTGRES_HOST_AUTH_METHOD:=$auth}"
+ {
+ printf '\n'
+ if [ 'trust' = "$POSTGRES_HOST_AUTH_METHOD" ]; then
+ printf '# warning trust is enabled for all connections\n'
+ printf '# see https://www.postgresql.org/docs/12/auth-trust.html\n'
+ fi
+ printf 'host all all all %s\n' "$POSTGRES_HOST_AUTH_METHOD"
+ } >> "$PGDATA/pg_hba.conf"
+}
+
+# start socket-only postgresql server for setting up or running scripts
+# all arguments will be passed along as arguments to `postgres` (via pg_ctl)
+docker_temp_server_start() {
+ if [ "$1" = 'postgres' ]; then
+ shift
+ fi
+
+ # internal start of server in order to allow setup using psql client
+ # does not listen on external TCP/IP and waits until start finishes
+ set -- "$@" -c listen_addresses='' -p "${PGPORT:-5432}"
+
+ PGUSER="${PGUSER:-$POSTGRES_USER}" \
+ pg_ctl -D "$PGDATA" \
+ -o "$(printf '%q ' "$@")" \
+ -w start
+}
+
+# stop postgresql server after done setting up user and running scripts
+docker_temp_server_stop() {
+ PGUSER="${PGUSER:-postgres}" \
+ pg_ctl -D "$PGDATA" -m fast -w stop
+}
+
+# check arguments for an option that would cause postgres to stop
+# return true if there is one
+_pg_want_help() {
+ local arg
+ for arg; do
+ case "$arg" in
+ # postgres --help | grep 'then exit'
+ # leaving out -C on purpose since it always fails and is unhelpful:
+ # postgres: could not access the server configuration file "/var/lib/postgresql/data/postgresql.conf": No such file or directory
+ -'?'|--help|--describe-config|-V|--version)
+ return 0
+ ;;
+ esac
+ done
+ return 1
+}
+
+_main() {
+ # if first arg looks like a flag, assume we want to run postgres server
+ if [ "${1:0:1}" = '-' ]; then
+ set -- postgres "$@"
+ fi
+
+ if [ "$1" = 'postgres' ] && ! _pg_want_help "$@"; then
+ docker_setup_env
+ # setup data directories and permissions (when run as root)
+ docker_create_db_directories
+ if [ "$(id -u)" = '0' ]; then
+ # then restart script as postgres user
+ exec gosu postgres "$BASH_SOURCE" "$@"
+ fi
+
+ # only run initialization on an empty data directory
+ if [ -z "$DATABASE_ALREADY_EXISTS" ]; then
+ docker_verify_minimum_env
+
+ # check dir permissions to reduce likelihood of half-initialized database
+ ls /docker-entrypoint-initdb.d/ > /dev/null
+
+ docker_init_database_dir
+ pg_setup_hba_conf "$@"
+
+ # PGPASSWORD is required for psql when authentication is required for 'local' connections via pg_hba.conf and is otherwise harmless
+ # e.g. when '--auth=md5' or '--auth-local=md5' is used in POSTGRES_INITDB_ARGS
+ export PGPASSWORD="${PGPASSWORD:-$POSTGRES_PASSWORD}"
+ docker_temp_server_start "$@"
+
+ docker_setup_db
+ docker_process_init_files /docker-entrypoint-initdb.d/*
+
+ docker_temp_server_stop
+ unset PGPASSWORD
+
+ cat <<-'EOM'
+
+ PostgreSQL init process complete; ready for start up.
+
+ EOM
+ else
+ cat <<-'EOM'
+
+ PostgreSQL Database directory appears to contain a database; Skipping initialization
+
+ EOM
+ fi
+ fi
+
+ exec "$@"
+}
+
+if ! _is_sourced; then
+ _main "$@"
+fi
diff --git a/Dockerfile-alpine.template b/Dockerfile-alpine.template
index 67bba8b6c9..5243eaf412 100644
--- a/Dockerfile-alpine.template
+++ b/Dockerfile-alpine.template
@@ -98,7 +98,10 @@ RUN set -eux; \
# "/usr/src/postgresql/src/backend/access/common/tupconvert.c:105: undefined reference to `libintl_gettext'"
# --enable-nls \
--enable-integer-datetimes \
+{{ if .major <= 16 then ( -}}
+{{ # in 17: this option is reversed. you need to disable it -}}
--enable-thread-safety \
+{{ ) else "" end -}}
--enable-tap-tests \
# skip debugging info -- we want tiny size instead
# --enable-debug \
@@ -132,8 +135,13 @@ RUN set -eux; \
--with-zstd \
{{ ) else "" end -}}
; \
+{{ if .major >= 17 then ( -}}
+ make -j "$(nproc)" all; \
+ make install; \
+{{ ) else ( -}}
make -j "$(nproc)" world; \
make install-world; \
+{{ ) end -}}
make -C contrib install; \
\
runDeps="$( \
diff --git a/versions.json b/versions.json
index 71d306eba5..7fbb32aef6 100644
--- a/versions.json
+++ b/versions.json
@@ -153,5 +153,36 @@
"alpine3.19"
],
"version": "16.3"
+ },
+ "17": {
+ "alpine": "3.20",
+ "bookworm": {
+ "arches": [
+ "amd64",
+ "arm64",
+ "ppc64el",
+ "s390x"
+ ],
+ "version": "17~beta1-1.pgdg120+1"
+ },
+ "bullseye": {
+ "arches": [
+ "amd64",
+ "arm64",
+ "ppc64el",
+ "s390x"
+ ],
+ "version": "17~beta1-1.pgdg110+1"
+ },
+ "debian": "bookworm",
+ "major": 17,
+ "sha256": "089e8854fecd0ca1ec5cd8b29526938f9ef5e91cc331f5d6e118d13468f08f50",
+ "variants": [
+ "bookworm",
+ "bullseye",
+ "alpine3.20",
+ "alpine3.19"
+ ],
+ "version": "17beta1"
}
}
From 3a7be2f3213ce6e0f13f6a01b927d86aa53d9539 Mon Sep 17 00:00:00 2001
From: Laurent Goderre <laurent.goderre@docker.com>
Date: Fri, 31 May 2024 09:43:40 -0400
Subject: [PATCH 062/115] fixup
---
12/alpine3.19/Dockerfile | 4 ++--
12/alpine3.20/Dockerfile | 4 ++--
13/alpine3.19/Dockerfile | 4 ++--
13/alpine3.20/Dockerfile | 4 ++--
14/alpine3.19/Dockerfile | 4 ++--
14/alpine3.20/Dockerfile | 4 ++--
15/alpine3.19/Dockerfile | 4 ++--
15/alpine3.20/Dockerfile | 4 ++--
16/alpine3.19/Dockerfile | 4 ++--
16/alpine3.20/Dockerfile | 4 ++--
17/alpine3.19/Dockerfile | 4 ++--
17/alpine3.20/Dockerfile | 4 ++--
Dockerfile-alpine.template | 9 ++-------
13 files changed, 26 insertions(+), 31 deletions(-)
diff --git a/12/alpine3.19/Dockerfile b/12/alpine3.19/Dockerfile
index b146ec3621..ecc8522104 100644
--- a/12/alpine3.19/Dockerfile
+++ b/12/alpine3.19/Dockerfile
@@ -119,8 +119,8 @@ RUN set -eux; \
--with-icu \
--with-llvm \
; \
- make -j "$(nproc)" world; \
- make install-world; \
+ make -j "$(nproc)" world-bin; \
+ make install-world-bin; \
make -C contrib install; \
\
runDeps="$( \
diff --git a/12/alpine3.20/Dockerfile b/12/alpine3.20/Dockerfile
index e68037b78b..74d5277523 100644
--- a/12/alpine3.20/Dockerfile
+++ b/12/alpine3.20/Dockerfile
@@ -119,8 +119,8 @@ RUN set -eux; \
--with-icu \
--with-llvm \
; \
- make -j "$(nproc)" world; \
- make install-world; \
+ make -j "$(nproc)" world-bin; \
+ make install-world-bin; \
make -C contrib install; \
\
runDeps="$( \
diff --git a/13/alpine3.19/Dockerfile b/13/alpine3.19/Dockerfile
index 2320c0bef4..962b528885 100644
--- a/13/alpine3.19/Dockerfile
+++ b/13/alpine3.19/Dockerfile
@@ -119,8 +119,8 @@ RUN set -eux; \
--with-icu \
--with-llvm \
; \
- make -j "$(nproc)" world; \
- make install-world; \
+ make -j "$(nproc)" world-bin; \
+ make install-world-bin; \
make -C contrib install; \
\
runDeps="$( \
diff --git a/13/alpine3.20/Dockerfile b/13/alpine3.20/Dockerfile
index 43fa0ea471..eb373d2cd9 100644
--- a/13/alpine3.20/Dockerfile
+++ b/13/alpine3.20/Dockerfile
@@ -119,8 +119,8 @@ RUN set -eux; \
--with-icu \
--with-llvm \
; \
- make -j "$(nproc)" world; \
- make install-world; \
+ make -j "$(nproc)" world-bin; \
+ make install-world-bin; \
make -C contrib install; \
\
runDeps="$( \
diff --git a/14/alpine3.19/Dockerfile b/14/alpine3.19/Dockerfile
index 3666022f9f..74f2c53e78 100644
--- a/14/alpine3.19/Dockerfile
+++ b/14/alpine3.19/Dockerfile
@@ -122,8 +122,8 @@ RUN set -eux; \
--with-llvm \
--with-lz4 \
; \
- make -j "$(nproc)" world; \
- make install-world; \
+ make -j "$(nproc)" world-bin; \
+ make install-world-bin; \
make -C contrib install; \
\
runDeps="$( \
diff --git a/14/alpine3.20/Dockerfile b/14/alpine3.20/Dockerfile
index 0ea12b04fa..a577a1f994 100644
--- a/14/alpine3.20/Dockerfile
+++ b/14/alpine3.20/Dockerfile
@@ -122,8 +122,8 @@ RUN set -eux; \
--with-llvm \
--with-lz4 \
; \
- make -j "$(nproc)" world; \
- make install-world; \
+ make -j "$(nproc)" world-bin; \
+ make install-world-bin; \
make -C contrib install; \
\
runDeps="$( \
diff --git a/15/alpine3.19/Dockerfile b/15/alpine3.19/Dockerfile
index 37a1034597..0a34e0dc97 100644
--- a/15/alpine3.19/Dockerfile
+++ b/15/alpine3.19/Dockerfile
@@ -125,8 +125,8 @@ RUN set -eux; \
--with-lz4 \
--with-zstd \
; \
- make -j "$(nproc)" world; \
- make install-world; \
+ make -j "$(nproc)" world-bin; \
+ make install-world-bin; \
make -C contrib install; \
\
runDeps="$( \
diff --git a/15/alpine3.20/Dockerfile b/15/alpine3.20/Dockerfile
index 8c67066559..1fac96c7a4 100644
--- a/15/alpine3.20/Dockerfile
+++ b/15/alpine3.20/Dockerfile
@@ -125,8 +125,8 @@ RUN set -eux; \
--with-lz4 \
--with-zstd \
; \
- make -j "$(nproc)" world; \
- make install-world; \
+ make -j "$(nproc)" world-bin; \
+ make install-world-bin; \
make -C contrib install; \
\
runDeps="$( \
diff --git a/16/alpine3.19/Dockerfile b/16/alpine3.19/Dockerfile
index 89aab48dd8..09fb413aea 100644
--- a/16/alpine3.19/Dockerfile
+++ b/16/alpine3.19/Dockerfile
@@ -124,8 +124,8 @@ RUN set -eux; \
--with-lz4 \
--with-zstd \
; \
- make -j "$(nproc)" world; \
- make install-world; \
+ make -j "$(nproc)" world-bin; \
+ make install-world-bin; \
make -C contrib install; \
\
runDeps="$( \
diff --git a/16/alpine3.20/Dockerfile b/16/alpine3.20/Dockerfile
index d07b848af4..1620037cf1 100644
--- a/16/alpine3.20/Dockerfile
+++ b/16/alpine3.20/Dockerfile
@@ -124,8 +124,8 @@ RUN set -eux; \
--with-lz4 \
--with-zstd \
; \
- make -j "$(nproc)" world; \
- make install-world; \
+ make -j "$(nproc)" world-bin; \
+ make install-world-bin; \
make -C contrib install; \
\
runDeps="$( \
diff --git a/17/alpine3.19/Dockerfile b/17/alpine3.19/Dockerfile
index 6c3d203b44..4d6c3d61fb 100644
--- a/17/alpine3.19/Dockerfile
+++ b/17/alpine3.19/Dockerfile
@@ -123,8 +123,8 @@ RUN set -eux; \
--with-lz4 \
--with-zstd \
; \
- make -j "$(nproc)" all; \
- make install; \
+ make -j "$(nproc)" world-bin; \
+ make install-world-bin; \
make -C contrib install; \
\
runDeps="$( \
diff --git a/17/alpine3.20/Dockerfile b/17/alpine3.20/Dockerfile
index 022e161fa4..39375a0e16 100644
--- a/17/alpine3.20/Dockerfile
+++ b/17/alpine3.20/Dockerfile
@@ -123,8 +123,8 @@ RUN set -eux; \
--with-lz4 \
--with-zstd \
; \
- make -j "$(nproc)" all; \
- make install; \
+ make -j "$(nproc)" world-bin; \
+ make install-world-bin; \
make -C contrib install; \
\
runDeps="$( \
diff --git a/Dockerfile-alpine.template b/Dockerfile-alpine.template
index 5243eaf412..8535b20a10 100644
--- a/Dockerfile-alpine.template
+++ b/Dockerfile-alpine.template
@@ -135,13 +135,8 @@ RUN set -eux; \
--with-zstd \
{{ ) else "" end -}}
; \
-{{ if .major >= 17 then ( -}}
- make -j "$(nproc)" all; \
- make install; \
-{{ ) else ( -}}
- make -j "$(nproc)" world; \
- make install-world; \
-{{ ) end -}}
+ make -j "$(nproc)" world-bin; \
+ make install-world-bin; \
make -C contrib install; \
\
runDeps="$( \
From 3e9b4eaaebf00d7a8ece67f02e2d6546402f4de7 Mon Sep 17 00:00:00 2001
From: Tianon Gravi <admwiggin@gmail.com>
Date: Mon, 3 Jun 2024 13:57:56 -0700
Subject: [PATCH 063/115] Replace `su-exec` with `gosu`
There's a major issue with `su-exec` whose fix has gone unreleased for 5 years (typos leading to running code as root, the opposite of the purpose of the program).
This also decreases our Debian vs Alpine variance.
Due to user scripts/downstream code potentially using `su-exec`, I have included a compatibility symlink to `su-exec` for all versions less than the 17 pre-release.
---
12/alpine3.19/Dockerfile | 32 +++++++++++++++++++++++--
12/alpine3.19/docker-ensure-initdb.sh | 2 +-
12/alpine3.19/docker-entrypoint.sh | 2 +-
12/alpine3.20/Dockerfile | 32 +++++++++++++++++++++++--
12/alpine3.20/docker-ensure-initdb.sh | 2 +-
12/alpine3.20/docker-entrypoint.sh | 2 +-
13/alpine3.19/Dockerfile | 32 +++++++++++++++++++++++--
13/alpine3.19/docker-ensure-initdb.sh | 2 +-
13/alpine3.19/docker-entrypoint.sh | 2 +-
13/alpine3.20/Dockerfile | 32 +++++++++++++++++++++++--
13/alpine3.20/docker-ensure-initdb.sh | 2 +-
13/alpine3.20/docker-entrypoint.sh | 2 +-
14/alpine3.19/Dockerfile | 32 +++++++++++++++++++++++--
14/alpine3.19/docker-ensure-initdb.sh | 2 +-
14/alpine3.19/docker-entrypoint.sh | 2 +-
14/alpine3.20/Dockerfile | 32 +++++++++++++++++++++++--
14/alpine3.20/docker-ensure-initdb.sh | 2 +-
14/alpine3.20/docker-entrypoint.sh | 2 +-
15/alpine3.19/Dockerfile | 32 +++++++++++++++++++++++--
15/alpine3.19/docker-ensure-initdb.sh | 2 +-
15/alpine3.19/docker-entrypoint.sh | 2 +-
15/alpine3.20/Dockerfile | 32 +++++++++++++++++++++++--
15/alpine3.20/docker-ensure-initdb.sh | 2 +-
15/alpine3.20/docker-entrypoint.sh | 2 +-
16/alpine3.19/Dockerfile | 32 +++++++++++++++++++++++--
16/alpine3.19/docker-ensure-initdb.sh | 2 +-
16/alpine3.19/docker-entrypoint.sh | 2 +-
16/alpine3.20/Dockerfile | 32 +++++++++++++++++++++++--
16/alpine3.20/docker-ensure-initdb.sh | 2 +-
16/alpine3.20/docker-entrypoint.sh | 2 +-
17/alpine3.19/Dockerfile | 31 ++++++++++++++++++++++--
17/alpine3.19/docker-ensure-initdb.sh | 2 +-
17/alpine3.19/docker-entrypoint.sh | 2 +-
17/alpine3.20/Dockerfile | 31 ++++++++++++++++++++++--
17/alpine3.20/docker-ensure-initdb.sh | 2 +-
17/alpine3.20/docker-entrypoint.sh | 2 +-
Dockerfile-alpine.template | 34 +++++++++++++++++++++++++--
apply-templates.sh | 5 ++--
38 files changed, 416 insertions(+), 53 deletions(-)
diff --git a/12/alpine3.19/Dockerfile b/12/alpine3.19/Dockerfile
index ecc8522104..eb46f0fe36 100644
--- a/12/alpine3.19/Dockerfile
+++ b/12/alpine3.19/Dockerfile
@@ -14,7 +14,36 @@ RUN set -eux; \
mkdir -p /var/lib/postgresql; \
chown -R postgres:postgres /var/lib/postgresql
-# su-exec (gosu-compatible) is installed further down
+# grab gosu for easy step-down from root
+# https://github.com/tianon/gosu/releases
+ENV GOSU_VERSION 1.17
+RUN set -eux; \
+ \
+ apk add --no-cache --virtual .gosu-deps \
+ ca-certificates \
+ dpkg \
+ gnupg \
+ ; \
+ \
+ dpkgArch="$(dpkg --print-architecture | awk -F- '{ print $NF }')"; \
+ wget -O /usr/local/bin/gosu "https://github.com/tianon/gosu/releases/download/$GOSU_VERSION/gosu-$dpkgArch"; \
+ wget -O /usr/local/bin/gosu.asc "https://github.com/tianon/gosu/releases/download/$GOSU_VERSION/gosu-$dpkgArch.asc"; \
+ \
+# verify the signature
+ export GNUPGHOME="$(mktemp -d)"; \
+ gpg --batch --keyserver hkps://keys.openpgp.org --recv-keys B42F6819007F00F88E364FD4036A9C25BF357DD4; \
+ gpg --batch --verify /usr/local/bin/gosu.asc /usr/local/bin/gosu; \
+ gpgconf --kill all; \
+ rm -rf "$GNUPGHOME" /usr/local/bin/gosu.asc; \
+ \
+# clean up fetch dependencies
+ apk del --no-network .gosu-deps; \
+ \
+ chmod +x /usr/local/bin/gosu; \
+# verify that the binary works
+ gosu --version; \
+ gosu nobody true
+RUN set -eux; ln -svf gosu /usr/local/bin/su-exec; su-exec nobody true # backwards compatibility (removed in PostgreSQL 17+)
# make the "en_US.UTF-8" locale so postgres will be utf-8 enabled by default
# alpine doesn't require explicit locale-file generation
@@ -135,7 +164,6 @@ RUN set -eux; \
apk add --no-cache --virtual .postgresql-rundeps \
$runDeps \
bash \
- su-exec \
tzdata \
zstd \
# https://wiki.alpinelinux.org/wiki/Release_Notes_for_Alpine_3.16.0#ICU_data_split
diff --git a/12/alpine3.19/docker-ensure-initdb.sh b/12/alpine3.19/docker-ensure-initdb.sh
index 2a9758656e..ae1f6b6b90 100755
--- a/12/alpine3.19/docker-ensure-initdb.sh
+++ b/12/alpine3.19/docker-ensure-initdb.sh
@@ -27,7 +27,7 @@ docker_setup_env
docker_create_db_directories
if [ "$(id -u)" = '0' ]; then
# then restart script as postgres user
- exec su-exec postgres "$BASH_SOURCE" "$@"
+ exec gosu postgres "$BASH_SOURCE" "$@"
fi
# only run initialization on an empty data directory
diff --git a/12/alpine3.19/docker-entrypoint.sh b/12/alpine3.19/docker-entrypoint.sh
index 8163d10401..6f59993e08 100755
--- a/12/alpine3.19/docker-entrypoint.sh
+++ b/12/alpine3.19/docker-entrypoint.sh
@@ -310,7 +310,7 @@ _main() {
docker_create_db_directories
if [ "$(id -u)" = '0' ]; then
# then restart script as postgres user
- exec su-exec postgres "$BASH_SOURCE" "$@"
+ exec gosu postgres "$BASH_SOURCE" "$@"
fi
# only run initialization on an empty data directory
diff --git a/12/alpine3.20/Dockerfile b/12/alpine3.20/Dockerfile
index 74d5277523..f1caf318c7 100644
--- a/12/alpine3.20/Dockerfile
+++ b/12/alpine3.20/Dockerfile
@@ -14,7 +14,36 @@ RUN set -eux; \
mkdir -p /var/lib/postgresql; \
chown -R postgres:postgres /var/lib/postgresql
-# su-exec (gosu-compatible) is installed further down
+# grab gosu for easy step-down from root
+# https://github.com/tianon/gosu/releases
+ENV GOSU_VERSION 1.17
+RUN set -eux; \
+ \
+ apk add --no-cache --virtual .gosu-deps \
+ ca-certificates \
+ dpkg \
+ gnupg \
+ ; \
+ \
+ dpkgArch="$(dpkg --print-architecture | awk -F- '{ print $NF }')"; \
+ wget -O /usr/local/bin/gosu "https://github.com/tianon/gosu/releases/download/$GOSU_VERSION/gosu-$dpkgArch"; \
+ wget -O /usr/local/bin/gosu.asc "https://github.com/tianon/gosu/releases/download/$GOSU_VERSION/gosu-$dpkgArch.asc"; \
+ \
+# verify the signature
+ export GNUPGHOME="$(mktemp -d)"; \
+ gpg --batch --keyserver hkps://keys.openpgp.org --recv-keys B42F6819007F00F88E364FD4036A9C25BF357DD4; \
+ gpg --batch --verify /usr/local/bin/gosu.asc /usr/local/bin/gosu; \
+ gpgconf --kill all; \
+ rm -rf "$GNUPGHOME" /usr/local/bin/gosu.asc; \
+ \
+# clean up fetch dependencies
+ apk del --no-network .gosu-deps; \
+ \
+ chmod +x /usr/local/bin/gosu; \
+# verify that the binary works
+ gosu --version; \
+ gosu nobody true
+RUN set -eux; ln -svf gosu /usr/local/bin/su-exec; su-exec nobody true # backwards compatibility (removed in PostgreSQL 17+)
# make the "en_US.UTF-8" locale so postgres will be utf-8 enabled by default
# alpine doesn't require explicit locale-file generation
@@ -135,7 +164,6 @@ RUN set -eux; \
apk add --no-cache --virtual .postgresql-rundeps \
$runDeps \
bash \
- su-exec \
tzdata \
zstd \
# https://wiki.alpinelinux.org/wiki/Release_Notes_for_Alpine_3.16.0#ICU_data_split
diff --git a/12/alpine3.20/docker-ensure-initdb.sh b/12/alpine3.20/docker-ensure-initdb.sh
index 2a9758656e..ae1f6b6b90 100755
--- a/12/alpine3.20/docker-ensure-initdb.sh
+++ b/12/alpine3.20/docker-ensure-initdb.sh
@@ -27,7 +27,7 @@ docker_setup_env
docker_create_db_directories
if [ "$(id -u)" = '0' ]; then
# then restart script as postgres user
- exec su-exec postgres "$BASH_SOURCE" "$@"
+ exec gosu postgres "$BASH_SOURCE" "$@"
fi
# only run initialization on an empty data directory
diff --git a/12/alpine3.20/docker-entrypoint.sh b/12/alpine3.20/docker-entrypoint.sh
index 8163d10401..6f59993e08 100755
--- a/12/alpine3.20/docker-entrypoint.sh
+++ b/12/alpine3.20/docker-entrypoint.sh
@@ -310,7 +310,7 @@ _main() {
docker_create_db_directories
if [ "$(id -u)" = '0' ]; then
# then restart script as postgres user
- exec su-exec postgres "$BASH_SOURCE" "$@"
+ exec gosu postgres "$BASH_SOURCE" "$@"
fi
# only run initialization on an empty data directory
diff --git a/13/alpine3.19/Dockerfile b/13/alpine3.19/Dockerfile
index 962b528885..39a23522a4 100644
--- a/13/alpine3.19/Dockerfile
+++ b/13/alpine3.19/Dockerfile
@@ -14,7 +14,36 @@ RUN set -eux; \
mkdir -p /var/lib/postgresql; \
chown -R postgres:postgres /var/lib/postgresql
-# su-exec (gosu-compatible) is installed further down
+# grab gosu for easy step-down from root
+# https://github.com/tianon/gosu/releases
+ENV GOSU_VERSION 1.17
+RUN set -eux; \
+ \
+ apk add --no-cache --virtual .gosu-deps \
+ ca-certificates \
+ dpkg \
+ gnupg \
+ ; \
+ \
+ dpkgArch="$(dpkg --print-architecture | awk -F- '{ print $NF }')"; \
+ wget -O /usr/local/bin/gosu "https://github.com/tianon/gosu/releases/download/$GOSU_VERSION/gosu-$dpkgArch"; \
+ wget -O /usr/local/bin/gosu.asc "https://github.com/tianon/gosu/releases/download/$GOSU_VERSION/gosu-$dpkgArch.asc"; \
+ \
+# verify the signature
+ export GNUPGHOME="$(mktemp -d)"; \
+ gpg --batch --keyserver hkps://keys.openpgp.org --recv-keys B42F6819007F00F88E364FD4036A9C25BF357DD4; \
+ gpg --batch --verify /usr/local/bin/gosu.asc /usr/local/bin/gosu; \
+ gpgconf --kill all; \
+ rm -rf "$GNUPGHOME" /usr/local/bin/gosu.asc; \
+ \
+# clean up fetch dependencies
+ apk del --no-network .gosu-deps; \
+ \
+ chmod +x /usr/local/bin/gosu; \
+# verify that the binary works
+ gosu --version; \
+ gosu nobody true
+RUN set -eux; ln -svf gosu /usr/local/bin/su-exec; su-exec nobody true # backwards compatibility (removed in PostgreSQL 17+)
# make the "en_US.UTF-8" locale so postgres will be utf-8 enabled by default
# alpine doesn't require explicit locale-file generation
@@ -135,7 +164,6 @@ RUN set -eux; \
apk add --no-cache --virtual .postgresql-rundeps \
$runDeps \
bash \
- su-exec \
tzdata \
zstd \
# https://wiki.alpinelinux.org/wiki/Release_Notes_for_Alpine_3.16.0#ICU_data_split
diff --git a/13/alpine3.19/docker-ensure-initdb.sh b/13/alpine3.19/docker-ensure-initdb.sh
index 2a9758656e..ae1f6b6b90 100755
--- a/13/alpine3.19/docker-ensure-initdb.sh
+++ b/13/alpine3.19/docker-ensure-initdb.sh
@@ -27,7 +27,7 @@ docker_setup_env
docker_create_db_directories
if [ "$(id -u)" = '0' ]; then
# then restart script as postgres user
- exec su-exec postgres "$BASH_SOURCE" "$@"
+ exec gosu postgres "$BASH_SOURCE" "$@"
fi
# only run initialization on an empty data directory
diff --git a/13/alpine3.19/docker-entrypoint.sh b/13/alpine3.19/docker-entrypoint.sh
index 8163d10401..6f59993e08 100755
--- a/13/alpine3.19/docker-entrypoint.sh
+++ b/13/alpine3.19/docker-entrypoint.sh
@@ -310,7 +310,7 @@ _main() {
docker_create_db_directories
if [ "$(id -u)" = '0' ]; then
# then restart script as postgres user
- exec su-exec postgres "$BASH_SOURCE" "$@"
+ exec gosu postgres "$BASH_SOURCE" "$@"
fi
# only run initialization on an empty data directory
diff --git a/13/alpine3.20/Dockerfile b/13/alpine3.20/Dockerfile
index eb373d2cd9..567da31557 100644
--- a/13/alpine3.20/Dockerfile
+++ b/13/alpine3.20/Dockerfile
@@ -14,7 +14,36 @@ RUN set -eux; \
mkdir -p /var/lib/postgresql; \
chown -R postgres:postgres /var/lib/postgresql
-# su-exec (gosu-compatible) is installed further down
+# grab gosu for easy step-down from root
+# https://github.com/tianon/gosu/releases
+ENV GOSU_VERSION 1.17
+RUN set -eux; \
+ \
+ apk add --no-cache --virtual .gosu-deps \
+ ca-certificates \
+ dpkg \
+ gnupg \
+ ; \
+ \
+ dpkgArch="$(dpkg --print-architecture | awk -F- '{ print $NF }')"; \
+ wget -O /usr/local/bin/gosu "https://github.com/tianon/gosu/releases/download/$GOSU_VERSION/gosu-$dpkgArch"; \
+ wget -O /usr/local/bin/gosu.asc "https://github.com/tianon/gosu/releases/download/$GOSU_VERSION/gosu-$dpkgArch.asc"; \
+ \
+# verify the signature
+ export GNUPGHOME="$(mktemp -d)"; \
+ gpg --batch --keyserver hkps://keys.openpgp.org --recv-keys B42F6819007F00F88E364FD4036A9C25BF357DD4; \
+ gpg --batch --verify /usr/local/bin/gosu.asc /usr/local/bin/gosu; \
+ gpgconf --kill all; \
+ rm -rf "$GNUPGHOME" /usr/local/bin/gosu.asc; \
+ \
+# clean up fetch dependencies
+ apk del --no-network .gosu-deps; \
+ \
+ chmod +x /usr/local/bin/gosu; \
+# verify that the binary works
+ gosu --version; \
+ gosu nobody true
+RUN set -eux; ln -svf gosu /usr/local/bin/su-exec; su-exec nobody true # backwards compatibility (removed in PostgreSQL 17+)
# make the "en_US.UTF-8" locale so postgres will be utf-8 enabled by default
# alpine doesn't require explicit locale-file generation
@@ -135,7 +164,6 @@ RUN set -eux; \
apk add --no-cache --virtual .postgresql-rundeps \
$runDeps \
bash \
- su-exec \
tzdata \
zstd \
# https://wiki.alpinelinux.org/wiki/Release_Notes_for_Alpine_3.16.0#ICU_data_split
diff --git a/13/alpine3.20/docker-ensure-initdb.sh b/13/alpine3.20/docker-ensure-initdb.sh
index 2a9758656e..ae1f6b6b90 100755
--- a/13/alpine3.20/docker-ensure-initdb.sh
+++ b/13/alpine3.20/docker-ensure-initdb.sh
@@ -27,7 +27,7 @@ docker_setup_env
docker_create_db_directories
if [ "$(id -u)" = '0' ]; then
# then restart script as postgres user
- exec su-exec postgres "$BASH_SOURCE" "$@"
+ exec gosu postgres "$BASH_SOURCE" "$@"
fi
# only run initialization on an empty data directory
diff --git a/13/alpine3.20/docker-entrypoint.sh b/13/alpine3.20/docker-entrypoint.sh
index 8163d10401..6f59993e08 100755
--- a/13/alpine3.20/docker-entrypoint.sh
+++ b/13/alpine3.20/docker-entrypoint.sh
@@ -310,7 +310,7 @@ _main() {
docker_create_db_directories
if [ "$(id -u)" = '0' ]; then
# then restart script as postgres user
- exec su-exec postgres "$BASH_SOURCE" "$@"
+ exec gosu postgres "$BASH_SOURCE" "$@"
fi
# only run initialization on an empty data directory
diff --git a/14/alpine3.19/Dockerfile b/14/alpine3.19/Dockerfile
index 74f2c53e78..461318e2b8 100644
--- a/14/alpine3.19/Dockerfile
+++ b/14/alpine3.19/Dockerfile
@@ -14,7 +14,36 @@ RUN set -eux; \
mkdir -p /var/lib/postgresql; \
chown -R postgres:postgres /var/lib/postgresql
-# su-exec (gosu-compatible) is installed further down
+# grab gosu for easy step-down from root
+# https://github.com/tianon/gosu/releases
+ENV GOSU_VERSION 1.17
+RUN set -eux; \
+ \
+ apk add --no-cache --virtual .gosu-deps \
+ ca-certificates \
+ dpkg \
+ gnupg \
+ ; \
+ \
+ dpkgArch="$(dpkg --print-architecture | awk -F- '{ print $NF }')"; \
+ wget -O /usr/local/bin/gosu "https://github.com/tianon/gosu/releases/download/$GOSU_VERSION/gosu-$dpkgArch"; \
+ wget -O /usr/local/bin/gosu.asc "https://github.com/tianon/gosu/releases/download/$GOSU_VERSION/gosu-$dpkgArch.asc"; \
+ \
+# verify the signature
+ export GNUPGHOME="$(mktemp -d)"; \
+ gpg --batch --keyserver hkps://keys.openpgp.org --recv-keys B42F6819007F00F88E364FD4036A9C25BF357DD4; \
+ gpg --batch --verify /usr/local/bin/gosu.asc /usr/local/bin/gosu; \
+ gpgconf --kill all; \
+ rm -rf "$GNUPGHOME" /usr/local/bin/gosu.asc; \
+ \
+# clean up fetch dependencies
+ apk del --no-network .gosu-deps; \
+ \
+ chmod +x /usr/local/bin/gosu; \
+# verify that the binary works
+ gosu --version; \
+ gosu nobody true
+RUN set -eux; ln -svf gosu /usr/local/bin/su-exec; su-exec nobody true # backwards compatibility (removed in PostgreSQL 17+)
# make the "en_US.UTF-8" locale so postgres will be utf-8 enabled by default
# alpine doesn't require explicit locale-file generation
@@ -138,7 +167,6 @@ RUN set -eux; \
apk add --no-cache --virtual .postgresql-rundeps \
$runDeps \
bash \
- su-exec \
tzdata \
zstd \
# https://wiki.alpinelinux.org/wiki/Release_Notes_for_Alpine_3.16.0#ICU_data_split
diff --git a/14/alpine3.19/docker-ensure-initdb.sh b/14/alpine3.19/docker-ensure-initdb.sh
index 2a9758656e..ae1f6b6b90 100755
--- a/14/alpine3.19/docker-ensure-initdb.sh
+++ b/14/alpine3.19/docker-ensure-initdb.sh
@@ -27,7 +27,7 @@ docker_setup_env
docker_create_db_directories
if [ "$(id -u)" = '0' ]; then
# then restart script as postgres user
- exec su-exec postgres "$BASH_SOURCE" "$@"
+ exec gosu postgres "$BASH_SOURCE" "$@"
fi
# only run initialization on an empty data directory
diff --git a/14/alpine3.19/docker-entrypoint.sh b/14/alpine3.19/docker-entrypoint.sh
index 8163d10401..6f59993e08 100755
--- a/14/alpine3.19/docker-entrypoint.sh
+++ b/14/alpine3.19/docker-entrypoint.sh
@@ -310,7 +310,7 @@ _main() {
docker_create_db_directories
if [ "$(id -u)" = '0' ]; then
# then restart script as postgres user
- exec su-exec postgres "$BASH_SOURCE" "$@"
+ exec gosu postgres "$BASH_SOURCE" "$@"
fi
# only run initialization on an empty data directory
diff --git a/14/alpine3.20/Dockerfile b/14/alpine3.20/Dockerfile
index a577a1f994..dc839d7c32 100644
--- a/14/alpine3.20/Dockerfile
+++ b/14/alpine3.20/Dockerfile
@@ -14,7 +14,36 @@ RUN set -eux; \
mkdir -p /var/lib/postgresql; \
chown -R postgres:postgres /var/lib/postgresql
-# su-exec (gosu-compatible) is installed further down
+# grab gosu for easy step-down from root
+# https://github.com/tianon/gosu/releases
+ENV GOSU_VERSION 1.17
+RUN set -eux; \
+ \
+ apk add --no-cache --virtual .gosu-deps \
+ ca-certificates \
+ dpkg \
+ gnupg \
+ ; \
+ \
+ dpkgArch="$(dpkg --print-architecture | awk -F- '{ print $NF }')"; \
+ wget -O /usr/local/bin/gosu "https://github.com/tianon/gosu/releases/download/$GOSU_VERSION/gosu-$dpkgArch"; \
+ wget -O /usr/local/bin/gosu.asc "https://github.com/tianon/gosu/releases/download/$GOSU_VERSION/gosu-$dpkgArch.asc"; \
+ \
+# verify the signature
+ export GNUPGHOME="$(mktemp -d)"; \
+ gpg --batch --keyserver hkps://keys.openpgp.org --recv-keys B42F6819007F00F88E364FD4036A9C25BF357DD4; \
+ gpg --batch --verify /usr/local/bin/gosu.asc /usr/local/bin/gosu; \
+ gpgconf --kill all; \
+ rm -rf "$GNUPGHOME" /usr/local/bin/gosu.asc; \
+ \
+# clean up fetch dependencies
+ apk del --no-network .gosu-deps; \
+ \
+ chmod +x /usr/local/bin/gosu; \
+# verify that the binary works
+ gosu --version; \
+ gosu nobody true
+RUN set -eux; ln -svf gosu /usr/local/bin/su-exec; su-exec nobody true # backwards compatibility (removed in PostgreSQL 17+)
# make the "en_US.UTF-8" locale so postgres will be utf-8 enabled by default
# alpine doesn't require explicit locale-file generation
@@ -138,7 +167,6 @@ RUN set -eux; \
apk add --no-cache --virtual .postgresql-rundeps \
$runDeps \
bash \
- su-exec \
tzdata \
zstd \
# https://wiki.alpinelinux.org/wiki/Release_Notes_for_Alpine_3.16.0#ICU_data_split
diff --git a/14/alpine3.20/docker-ensure-initdb.sh b/14/alpine3.20/docker-ensure-initdb.sh
index 2a9758656e..ae1f6b6b90 100755
--- a/14/alpine3.20/docker-ensure-initdb.sh
+++ b/14/alpine3.20/docker-ensure-initdb.sh
@@ -27,7 +27,7 @@ docker_setup_env
docker_create_db_directories
if [ "$(id -u)" = '0' ]; then
# then restart script as postgres user
- exec su-exec postgres "$BASH_SOURCE" "$@"
+ exec gosu postgres "$BASH_SOURCE" "$@"
fi
# only run initialization on an empty data directory
diff --git a/14/alpine3.20/docker-entrypoint.sh b/14/alpine3.20/docker-entrypoint.sh
index 8163d10401..6f59993e08 100755
--- a/14/alpine3.20/docker-entrypoint.sh
+++ b/14/alpine3.20/docker-entrypoint.sh
@@ -310,7 +310,7 @@ _main() {
docker_create_db_directories
if [ "$(id -u)" = '0' ]; then
# then restart script as postgres user
- exec su-exec postgres "$BASH_SOURCE" "$@"
+ exec gosu postgres "$BASH_SOURCE" "$@"
fi
# only run initialization on an empty data directory
diff --git a/15/alpine3.19/Dockerfile b/15/alpine3.19/Dockerfile
index 0a34e0dc97..2f249aa430 100644
--- a/15/alpine3.19/Dockerfile
+++ b/15/alpine3.19/Dockerfile
@@ -14,7 +14,36 @@ RUN set -eux; \
mkdir -p /var/lib/postgresql; \
chown -R postgres:postgres /var/lib/postgresql
-# su-exec (gosu-compatible) is installed further down
+# grab gosu for easy step-down from root
+# https://github.com/tianon/gosu/releases
+ENV GOSU_VERSION 1.17
+RUN set -eux; \
+ \
+ apk add --no-cache --virtual .gosu-deps \
+ ca-certificates \
+ dpkg \
+ gnupg \
+ ; \
+ \
+ dpkgArch="$(dpkg --print-architecture | awk -F- '{ print $NF }')"; \
+ wget -O /usr/local/bin/gosu "https://github.com/tianon/gosu/releases/download/$GOSU_VERSION/gosu-$dpkgArch"; \
+ wget -O /usr/local/bin/gosu.asc "https://github.com/tianon/gosu/releases/download/$GOSU_VERSION/gosu-$dpkgArch.asc"; \
+ \
+# verify the signature
+ export GNUPGHOME="$(mktemp -d)"; \
+ gpg --batch --keyserver hkps://keys.openpgp.org --recv-keys B42F6819007F00F88E364FD4036A9C25BF357DD4; \
+ gpg --batch --verify /usr/local/bin/gosu.asc /usr/local/bin/gosu; \
+ gpgconf --kill all; \
+ rm -rf "$GNUPGHOME" /usr/local/bin/gosu.asc; \
+ \
+# clean up fetch dependencies
+ apk del --no-network .gosu-deps; \
+ \
+ chmod +x /usr/local/bin/gosu; \
+# verify that the binary works
+ gosu --version; \
+ gosu nobody true
+RUN set -eux; ln -svf gosu /usr/local/bin/su-exec; su-exec nobody true # backwards compatibility (removed in PostgreSQL 17+)
# make the "en_US.UTF-8" locale so postgres will be utf-8 enabled by default
# alpine doesn't require explicit locale-file generation
@@ -141,7 +170,6 @@ RUN set -eux; \
apk add --no-cache --virtual .postgresql-rundeps \
$runDeps \
bash \
- su-exec \
tzdata \
zstd \
# https://wiki.alpinelinux.org/wiki/Release_Notes_for_Alpine_3.16.0#ICU_data_split
diff --git a/15/alpine3.19/docker-ensure-initdb.sh b/15/alpine3.19/docker-ensure-initdb.sh
index 2a9758656e..ae1f6b6b90 100755
--- a/15/alpine3.19/docker-ensure-initdb.sh
+++ b/15/alpine3.19/docker-ensure-initdb.sh
@@ -27,7 +27,7 @@ docker_setup_env
docker_create_db_directories
if [ "$(id -u)" = '0' ]; then
# then restart script as postgres user
- exec su-exec postgres "$BASH_SOURCE" "$@"
+ exec gosu postgres "$BASH_SOURCE" "$@"
fi
# only run initialization on an empty data directory
diff --git a/15/alpine3.19/docker-entrypoint.sh b/15/alpine3.19/docker-entrypoint.sh
index 8163d10401..6f59993e08 100755
--- a/15/alpine3.19/docker-entrypoint.sh
+++ b/15/alpine3.19/docker-entrypoint.sh
@@ -310,7 +310,7 @@ _main() {
docker_create_db_directories
if [ "$(id -u)" = '0' ]; then
# then restart script as postgres user
- exec su-exec postgres "$BASH_SOURCE" "$@"
+ exec gosu postgres "$BASH_SOURCE" "$@"
fi
# only run initialization on an empty data directory
diff --git a/15/alpine3.20/Dockerfile b/15/alpine3.20/Dockerfile
index 1fac96c7a4..79b20ac311 100644
--- a/15/alpine3.20/Dockerfile
+++ b/15/alpine3.20/Dockerfile
@@ -14,7 +14,36 @@ RUN set -eux; \
mkdir -p /var/lib/postgresql; \
chown -R postgres:postgres /var/lib/postgresql
-# su-exec (gosu-compatible) is installed further down
+# grab gosu for easy step-down from root
+# https://github.com/tianon/gosu/releases
+ENV GOSU_VERSION 1.17
+RUN set -eux; \
+ \
+ apk add --no-cache --virtual .gosu-deps \
+ ca-certificates \
+ dpkg \
+ gnupg \
+ ; \
+ \
+ dpkgArch="$(dpkg --print-architecture | awk -F- '{ print $NF }')"; \
+ wget -O /usr/local/bin/gosu "https://github.com/tianon/gosu/releases/download/$GOSU_VERSION/gosu-$dpkgArch"; \
+ wget -O /usr/local/bin/gosu.asc "https://github.com/tianon/gosu/releases/download/$GOSU_VERSION/gosu-$dpkgArch.asc"; \
+ \
+# verify the signature
+ export GNUPGHOME="$(mktemp -d)"; \
+ gpg --batch --keyserver hkps://keys.openpgp.org --recv-keys B42F6819007F00F88E364FD4036A9C25BF357DD4; \
+ gpg --batch --verify /usr/local/bin/gosu.asc /usr/local/bin/gosu; \
+ gpgconf --kill all; \
+ rm -rf "$GNUPGHOME" /usr/local/bin/gosu.asc; \
+ \
+# clean up fetch dependencies
+ apk del --no-network .gosu-deps; \
+ \
+ chmod +x /usr/local/bin/gosu; \
+# verify that the binary works
+ gosu --version; \
+ gosu nobody true
+RUN set -eux; ln -svf gosu /usr/local/bin/su-exec; su-exec nobody true # backwards compatibility (removed in PostgreSQL 17+)
# make the "en_US.UTF-8" locale so postgres will be utf-8 enabled by default
# alpine doesn't require explicit locale-file generation
@@ -141,7 +170,6 @@ RUN set -eux; \
apk add --no-cache --virtual .postgresql-rundeps \
$runDeps \
bash \
- su-exec \
tzdata \
zstd \
# https://wiki.alpinelinux.org/wiki/Release_Notes_for_Alpine_3.16.0#ICU_data_split
diff --git a/15/alpine3.20/docker-ensure-initdb.sh b/15/alpine3.20/docker-ensure-initdb.sh
index 2a9758656e..ae1f6b6b90 100755
--- a/15/alpine3.20/docker-ensure-initdb.sh
+++ b/15/alpine3.20/docker-ensure-initdb.sh
@@ -27,7 +27,7 @@ docker_setup_env
docker_create_db_directories
if [ "$(id -u)" = '0' ]; then
# then restart script as postgres user
- exec su-exec postgres "$BASH_SOURCE" "$@"
+ exec gosu postgres "$BASH_SOURCE" "$@"
fi
# only run initialization on an empty data directory
diff --git a/15/alpine3.20/docker-entrypoint.sh b/15/alpine3.20/docker-entrypoint.sh
index 8163d10401..6f59993e08 100755
--- a/15/alpine3.20/docker-entrypoint.sh
+++ b/15/alpine3.20/docker-entrypoint.sh
@@ -310,7 +310,7 @@ _main() {
docker_create_db_directories
if [ "$(id -u)" = '0' ]; then
# then restart script as postgres user
- exec su-exec postgres "$BASH_SOURCE" "$@"
+ exec gosu postgres "$BASH_SOURCE" "$@"
fi
# only run initialization on an empty data directory
diff --git a/16/alpine3.19/Dockerfile b/16/alpine3.19/Dockerfile
index 09fb413aea..f949bbb499 100644
--- a/16/alpine3.19/Dockerfile
+++ b/16/alpine3.19/Dockerfile
@@ -14,7 +14,36 @@ RUN set -eux; \
mkdir -p /var/lib/postgresql; \
chown -R postgres:postgres /var/lib/postgresql
-# su-exec (gosu-compatible) is installed further down
+# grab gosu for easy step-down from root
+# https://github.com/tianon/gosu/releases
+ENV GOSU_VERSION 1.17
+RUN set -eux; \
+ \
+ apk add --no-cache --virtual .gosu-deps \
+ ca-certificates \
+ dpkg \
+ gnupg \
+ ; \
+ \
+ dpkgArch="$(dpkg --print-architecture | awk -F- '{ print $NF }')"; \
+ wget -O /usr/local/bin/gosu "https://github.com/tianon/gosu/releases/download/$GOSU_VERSION/gosu-$dpkgArch"; \
+ wget -O /usr/local/bin/gosu.asc "https://github.com/tianon/gosu/releases/download/$GOSU_VERSION/gosu-$dpkgArch.asc"; \
+ \
+# verify the signature
+ export GNUPGHOME="$(mktemp -d)"; \
+ gpg --batch --keyserver hkps://keys.openpgp.org --recv-keys B42F6819007F00F88E364FD4036A9C25BF357DD4; \
+ gpg --batch --verify /usr/local/bin/gosu.asc /usr/local/bin/gosu; \
+ gpgconf --kill all; \
+ rm -rf "$GNUPGHOME" /usr/local/bin/gosu.asc; \
+ \
+# clean up fetch dependencies
+ apk del --no-network .gosu-deps; \
+ \
+ chmod +x /usr/local/bin/gosu; \
+# verify that the binary works
+ gosu --version; \
+ gosu nobody true
+RUN set -eux; ln -svf gosu /usr/local/bin/su-exec; su-exec nobody true # backwards compatibility (removed in PostgreSQL 17+)
# make the "en_US.UTF-8" locale so postgres will be utf-8 enabled by default
# alpine doesn't require explicit locale-file generation
@@ -140,7 +169,6 @@ RUN set -eux; \
apk add --no-cache --virtual .postgresql-rundeps \
$runDeps \
bash \
- su-exec \
tzdata \
zstd \
# https://wiki.alpinelinux.org/wiki/Release_Notes_for_Alpine_3.16.0#ICU_data_split
diff --git a/16/alpine3.19/docker-ensure-initdb.sh b/16/alpine3.19/docker-ensure-initdb.sh
index 2a9758656e..ae1f6b6b90 100755
--- a/16/alpine3.19/docker-ensure-initdb.sh
+++ b/16/alpine3.19/docker-ensure-initdb.sh
@@ -27,7 +27,7 @@ docker_setup_env
docker_create_db_directories
if [ "$(id -u)" = '0' ]; then
# then restart script as postgres user
- exec su-exec postgres "$BASH_SOURCE" "$@"
+ exec gosu postgres "$BASH_SOURCE" "$@"
fi
# only run initialization on an empty data directory
diff --git a/16/alpine3.19/docker-entrypoint.sh b/16/alpine3.19/docker-entrypoint.sh
index 8163d10401..6f59993e08 100755
--- a/16/alpine3.19/docker-entrypoint.sh
+++ b/16/alpine3.19/docker-entrypoint.sh
@@ -310,7 +310,7 @@ _main() {
docker_create_db_directories
if [ "$(id -u)" = '0' ]; then
# then restart script as postgres user
- exec su-exec postgres "$BASH_SOURCE" "$@"
+ exec gosu postgres "$BASH_SOURCE" "$@"
fi
# only run initialization on an empty data directory
diff --git a/16/alpine3.20/Dockerfile b/16/alpine3.20/Dockerfile
index 1620037cf1..b7606c5b7a 100644
--- a/16/alpine3.20/Dockerfile
+++ b/16/alpine3.20/Dockerfile
@@ -14,7 +14,36 @@ RUN set -eux; \
mkdir -p /var/lib/postgresql; \
chown -R postgres:postgres /var/lib/postgresql
-# su-exec (gosu-compatible) is installed further down
+# grab gosu for easy step-down from root
+# https://github.com/tianon/gosu/releases
+ENV GOSU_VERSION 1.17
+RUN set -eux; \
+ \
+ apk add --no-cache --virtual .gosu-deps \
+ ca-certificates \
+ dpkg \
+ gnupg \
+ ; \
+ \
+ dpkgArch="$(dpkg --print-architecture | awk -F- '{ print $NF }')"; \
+ wget -O /usr/local/bin/gosu "https://github.com/tianon/gosu/releases/download/$GOSU_VERSION/gosu-$dpkgArch"; \
+ wget -O /usr/local/bin/gosu.asc "https://github.com/tianon/gosu/releases/download/$GOSU_VERSION/gosu-$dpkgArch.asc"; \
+ \
+# verify the signature
+ export GNUPGHOME="$(mktemp -d)"; \
+ gpg --batch --keyserver hkps://keys.openpgp.org --recv-keys B42F6819007F00F88E364FD4036A9C25BF357DD4; \
+ gpg --batch --verify /usr/local/bin/gosu.asc /usr/local/bin/gosu; \
+ gpgconf --kill all; \
+ rm -rf "$GNUPGHOME" /usr/local/bin/gosu.asc; \
+ \
+# clean up fetch dependencies
+ apk del --no-network .gosu-deps; \
+ \
+ chmod +x /usr/local/bin/gosu; \
+# verify that the binary works
+ gosu --version; \
+ gosu nobody true
+RUN set -eux; ln -svf gosu /usr/local/bin/su-exec; su-exec nobody true # backwards compatibility (removed in PostgreSQL 17+)
# make the "en_US.UTF-8" locale so postgres will be utf-8 enabled by default
# alpine doesn't require explicit locale-file generation
@@ -140,7 +169,6 @@ RUN set -eux; \
apk add --no-cache --virtual .postgresql-rundeps \
$runDeps \
bash \
- su-exec \
tzdata \
zstd \
# https://wiki.alpinelinux.org/wiki/Release_Notes_for_Alpine_3.16.0#ICU_data_split
diff --git a/16/alpine3.20/docker-ensure-initdb.sh b/16/alpine3.20/docker-ensure-initdb.sh
index 2a9758656e..ae1f6b6b90 100755
--- a/16/alpine3.20/docker-ensure-initdb.sh
+++ b/16/alpine3.20/docker-ensure-initdb.sh
@@ -27,7 +27,7 @@ docker_setup_env
docker_create_db_directories
if [ "$(id -u)" = '0' ]; then
# then restart script as postgres user
- exec su-exec postgres "$BASH_SOURCE" "$@"
+ exec gosu postgres "$BASH_SOURCE" "$@"
fi
# only run initialization on an empty data directory
diff --git a/16/alpine3.20/docker-entrypoint.sh b/16/alpine3.20/docker-entrypoint.sh
index 8163d10401..6f59993e08 100755
--- a/16/alpine3.20/docker-entrypoint.sh
+++ b/16/alpine3.20/docker-entrypoint.sh
@@ -310,7 +310,7 @@ _main() {
docker_create_db_directories
if [ "$(id -u)" = '0' ]; then
# then restart script as postgres user
- exec su-exec postgres "$BASH_SOURCE" "$@"
+ exec gosu postgres "$BASH_SOURCE" "$@"
fi
# only run initialization on an empty data directory
diff --git a/17/alpine3.19/Dockerfile b/17/alpine3.19/Dockerfile
index 4d6c3d61fb..14ae82dccb 100644
--- a/17/alpine3.19/Dockerfile
+++ b/17/alpine3.19/Dockerfile
@@ -14,7 +14,35 @@ RUN set -eux; \
mkdir -p /var/lib/postgresql; \
chown -R postgres:postgres /var/lib/postgresql
-# su-exec (gosu-compatible) is installed further down
+# grab gosu for easy step-down from root
+# https://github.com/tianon/gosu/releases
+ENV GOSU_VERSION 1.17
+RUN set -eux; \
+ \
+ apk add --no-cache --virtual .gosu-deps \
+ ca-certificates \
+ dpkg \
+ gnupg \
+ ; \
+ \
+ dpkgArch="$(dpkg --print-architecture | awk -F- '{ print $NF }')"; \
+ wget -O /usr/local/bin/gosu "https://github.com/tianon/gosu/releases/download/$GOSU_VERSION/gosu-$dpkgArch"; \
+ wget -O /usr/local/bin/gosu.asc "https://github.com/tianon/gosu/releases/download/$GOSU_VERSION/gosu-$dpkgArch.asc"; \
+ \
+# verify the signature
+ export GNUPGHOME="$(mktemp -d)"; \
+ gpg --batch --keyserver hkps://keys.openpgp.org --recv-keys B42F6819007F00F88E364FD4036A9C25BF357DD4; \
+ gpg --batch --verify /usr/local/bin/gosu.asc /usr/local/bin/gosu; \
+ gpgconf --kill all; \
+ rm -rf "$GNUPGHOME" /usr/local/bin/gosu.asc; \
+ \
+# clean up fetch dependencies
+ apk del --no-network .gosu-deps; \
+ \
+ chmod +x /usr/local/bin/gosu; \
+# verify that the binary works
+ gosu --version; \
+ gosu nobody true
# make the "en_US.UTF-8" locale so postgres will be utf-8 enabled by default
# alpine doesn't require explicit locale-file generation
@@ -139,7 +167,6 @@ RUN set -eux; \
apk add --no-cache --virtual .postgresql-rundeps \
$runDeps \
bash \
- su-exec \
tzdata \
zstd \
# https://wiki.alpinelinux.org/wiki/Release_Notes_for_Alpine_3.16.0#ICU_data_split
diff --git a/17/alpine3.19/docker-ensure-initdb.sh b/17/alpine3.19/docker-ensure-initdb.sh
index 2a9758656e..ae1f6b6b90 100755
--- a/17/alpine3.19/docker-ensure-initdb.sh
+++ b/17/alpine3.19/docker-ensure-initdb.sh
@@ -27,7 +27,7 @@ docker_setup_env
docker_create_db_directories
if [ "$(id -u)" = '0' ]; then
# then restart script as postgres user
- exec su-exec postgres "$BASH_SOURCE" "$@"
+ exec gosu postgres "$BASH_SOURCE" "$@"
fi
# only run initialization on an empty data directory
diff --git a/17/alpine3.19/docker-entrypoint.sh b/17/alpine3.19/docker-entrypoint.sh
index 8163d10401..6f59993e08 100755
--- a/17/alpine3.19/docker-entrypoint.sh
+++ b/17/alpine3.19/docker-entrypoint.sh
@@ -310,7 +310,7 @@ _main() {
docker_create_db_directories
if [ "$(id -u)" = '0' ]; then
# then restart script as postgres user
- exec su-exec postgres "$BASH_SOURCE" "$@"
+ exec gosu postgres "$BASH_SOURCE" "$@"
fi
# only run initialization on an empty data directory
diff --git a/17/alpine3.20/Dockerfile b/17/alpine3.20/Dockerfile
index 39375a0e16..f23096b472 100644
--- a/17/alpine3.20/Dockerfile
+++ b/17/alpine3.20/Dockerfile
@@ -14,7 +14,35 @@ RUN set -eux; \
mkdir -p /var/lib/postgresql; \
chown -R postgres:postgres /var/lib/postgresql
-# su-exec (gosu-compatible) is installed further down
+# grab gosu for easy step-down from root
+# https://github.com/tianon/gosu/releases
+ENV GOSU_VERSION 1.17
+RUN set -eux; \
+ \
+ apk add --no-cache --virtual .gosu-deps \
+ ca-certificates \
+ dpkg \
+ gnupg \
+ ; \
+ \
+ dpkgArch="$(dpkg --print-architecture | awk -F- '{ print $NF }')"; \
+ wget -O /usr/local/bin/gosu "https://github.com/tianon/gosu/releases/download/$GOSU_VERSION/gosu-$dpkgArch"; \
+ wget -O /usr/local/bin/gosu.asc "https://github.com/tianon/gosu/releases/download/$GOSU_VERSION/gosu-$dpkgArch.asc"; \
+ \
+# verify the signature
+ export GNUPGHOME="$(mktemp -d)"; \
+ gpg --batch --keyserver hkps://keys.openpgp.org --recv-keys B42F6819007F00F88E364FD4036A9C25BF357DD4; \
+ gpg --batch --verify /usr/local/bin/gosu.asc /usr/local/bin/gosu; \
+ gpgconf --kill all; \
+ rm -rf "$GNUPGHOME" /usr/local/bin/gosu.asc; \
+ \
+# clean up fetch dependencies
+ apk del --no-network .gosu-deps; \
+ \
+ chmod +x /usr/local/bin/gosu; \
+# verify that the binary works
+ gosu --version; \
+ gosu nobody true
# make the "en_US.UTF-8" locale so postgres will be utf-8 enabled by default
# alpine doesn't require explicit locale-file generation
@@ -139,7 +167,6 @@ RUN set -eux; \
apk add --no-cache --virtual .postgresql-rundeps \
$runDeps \
bash \
- su-exec \
tzdata \
zstd \
# https://wiki.alpinelinux.org/wiki/Release_Notes_for_Alpine_3.16.0#ICU_data_split
diff --git a/17/alpine3.20/docker-ensure-initdb.sh b/17/alpine3.20/docker-ensure-initdb.sh
index 2a9758656e..ae1f6b6b90 100755
--- a/17/alpine3.20/docker-ensure-initdb.sh
+++ b/17/alpine3.20/docker-ensure-initdb.sh
@@ -27,7 +27,7 @@ docker_setup_env
docker_create_db_directories
if [ "$(id -u)" = '0' ]; then
# then restart script as postgres user
- exec su-exec postgres "$BASH_SOURCE" "$@"
+ exec gosu postgres "$BASH_SOURCE" "$@"
fi
# only run initialization on an empty data directory
diff --git a/17/alpine3.20/docker-entrypoint.sh b/17/alpine3.20/docker-entrypoint.sh
index 8163d10401..6f59993e08 100755
--- a/17/alpine3.20/docker-entrypoint.sh
+++ b/17/alpine3.20/docker-entrypoint.sh
@@ -310,7 +310,7 @@ _main() {
docker_create_db_directories
if [ "$(id -u)" = '0' ]; then
# then restart script as postgres user
- exec su-exec postgres "$BASH_SOURCE" "$@"
+ exec gosu postgres "$BASH_SOURCE" "$@"
fi
# only run initialization on an empty data directory
diff --git a/Dockerfile-alpine.template b/Dockerfile-alpine.template
index 8535b20a10..f80942090c 100644
--- a/Dockerfile-alpine.template
+++ b/Dockerfile-alpine.template
@@ -8,7 +8,38 @@ RUN set -eux; \
mkdir -p /var/lib/postgresql; \
chown -R postgres:postgres /var/lib/postgresql
-# su-exec (gosu-compatible) is installed further down
+# grab gosu for easy step-down from root
+# https://github.com/tianon/gosu/releases
+ENV GOSU_VERSION 1.17
+RUN set -eux; \
+ \
+ apk add --no-cache --virtual .gosu-deps \
+ ca-certificates \
+ dpkg \
+ gnupg \
+ ; \
+ \
+ dpkgArch="$(dpkg --print-architecture | awk -F- '{ print $NF }')"; \
+ wget -O /usr/local/bin/gosu "https://github.com/tianon/gosu/releases/download/$GOSU_VERSION/gosu-$dpkgArch"; \
+ wget -O /usr/local/bin/gosu.asc "https://github.com/tianon/gosu/releases/download/$GOSU_VERSION/gosu-$dpkgArch.asc"; \
+ \
+# verify the signature
+ export GNUPGHOME="$(mktemp -d)"; \
+ gpg --batch --keyserver hkps://keys.openpgp.org --recv-keys B42F6819007F00F88E364FD4036A9C25BF357DD4; \
+ gpg --batch --verify /usr/local/bin/gosu.asc /usr/local/bin/gosu; \
+ gpgconf --kill all; \
+ rm -rf "$GNUPGHOME" /usr/local/bin/gosu.asc; \
+ \
+# clean up fetch dependencies
+ apk del --no-network .gosu-deps; \
+ \
+ chmod +x /usr/local/bin/gosu; \
+# verify that the binary works
+ gosu --version; \
+ gosu nobody true
+{{ if [ "12", "13", "14", "15", "16" ] | index(env.version) then ( -}}
+RUN set -eux; ln -svf gosu /usr/local/bin/su-exec; su-exec nobody true # backwards compatibility (removed in PostgreSQL 17+)
+{{ ) else "" end -}}
# make the "en_US.UTF-8" locale so postgres will be utf-8 enabled by default
# alpine doesn't require explicit locale-file generation
@@ -151,7 +182,6 @@ RUN set -eux; \
apk add --no-cache --virtual .postgresql-rundeps \
$runDeps \
bash \
- su-exec \
tzdata \
zstd \
# https://wiki.alpinelinux.org/wiki/Release_Notes_for_Alpine_3.16.0#ICU_data_split
diff --git a/apply-templates.sh b/apply-templates.sh
index 69b7a01a85..aa2d65c6b0 100755
--- a/apply-templates.sh
+++ b/apply-templates.sh
@@ -47,12 +47,9 @@ for version; do
echo "processing $dir ..."
- cp -a docker-entrypoint.sh docker-ensure-initdb.sh "$dir/"
-
case "$variant" in
alpine*)
template='Dockerfile-alpine.template'
- sed -i -e 's/gosu/su-exec/g' "$dir/docker-entrypoint.sh" "$dir/docker-ensure-initdb.sh"
;;
*)
template='Dockerfile-debian.template'
@@ -63,5 +60,7 @@ for version; do
generated_warning
gawk -f "$jqt" "$template"
} > "$dir/Dockerfile"
+
+ cp -a docker-entrypoint.sh docker-ensure-initdb.sh "$dir/"
done
done
From 9bf5a6d620a90158d8192ee0dba05acc4464d002 Mon Sep 17 00:00:00 2001
From: Docker Library Bot <doi+docker-library-bot@docker.com>
Date: Mon, 1 Jul 2024 17:03:06 -0700
Subject: [PATCH 064/115] Update 17 to 17beta2, bookworm 17~beta2-1.pgdg120+1,
bullseye 17~beta2-1.pgdg110+1
---
17/alpine3.19/Dockerfile | 4 ++--
17/alpine3.20/Dockerfile | 4 ++--
17/bookworm/Dockerfile | 2 +-
17/bullseye/Dockerfile | 2 +-
versions.json | 8 ++++----
5 files changed, 10 insertions(+), 10 deletions(-)
diff --git a/17/alpine3.19/Dockerfile b/17/alpine3.19/Dockerfile
index 14ae82dccb..b862b1f0a8 100644
--- a/17/alpine3.19/Dockerfile
+++ b/17/alpine3.19/Dockerfile
@@ -51,8 +51,8 @@ ENV LANG en_US.utf8
RUN mkdir /docker-entrypoint-initdb.d
ENV PG_MAJOR 17
-ENV PG_VERSION 17beta1
-ENV PG_SHA256 089e8854fecd0ca1ec5cd8b29526938f9ef5e91cc331f5d6e118d13468f08f50
+ENV PG_VERSION 17beta2
+ENV PG_SHA256 157af3af2cbc40364990835f518aea0711703e1c48f204b54dfd49b46cd8716c
ENV DOCKER_PG_LLVM_DEPS \
llvm15-dev \
diff --git a/17/alpine3.20/Dockerfile b/17/alpine3.20/Dockerfile
index f23096b472..5d717978a4 100644
--- a/17/alpine3.20/Dockerfile
+++ b/17/alpine3.20/Dockerfile
@@ -51,8 +51,8 @@ ENV LANG en_US.utf8
RUN mkdir /docker-entrypoint-initdb.d
ENV PG_MAJOR 17
-ENV PG_VERSION 17beta1
-ENV PG_SHA256 089e8854fecd0ca1ec5cd8b29526938f9ef5e91cc331f5d6e118d13468f08f50
+ENV PG_VERSION 17beta2
+ENV PG_SHA256 157af3af2cbc40364990835f518aea0711703e1c48f204b54dfd49b46cd8716c
ENV DOCKER_PG_LLVM_DEPS \
llvm15-dev \
diff --git a/17/bookworm/Dockerfile b/17/bookworm/Dockerfile
index 8bf86b6c85..44a83ef284 100644
--- a/17/bookworm/Dockerfile
+++ b/17/bookworm/Dockerfile
@@ -90,7 +90,7 @@ RUN set -ex; \
ENV PG_MAJOR 17
ENV PATH $PATH:/usr/lib/postgresql/$PG_MAJOR/bin
-ENV PG_VERSION 17~beta1-1.pgdg120+1
+ENV PG_VERSION 17~beta2-1.pgdg120+1
RUN set -ex; \
\
diff --git a/17/bullseye/Dockerfile b/17/bullseye/Dockerfile
index dd4ac0d544..e93e7e4257 100644
--- a/17/bullseye/Dockerfile
+++ b/17/bullseye/Dockerfile
@@ -90,7 +90,7 @@ RUN set -ex; \
ENV PG_MAJOR 17
ENV PATH $PATH:/usr/lib/postgresql/$PG_MAJOR/bin
-ENV PG_VERSION 17~beta1-1.pgdg110+1
+ENV PG_VERSION 17~beta2-1.pgdg110+1
RUN set -ex; \
\
diff --git a/versions.json b/versions.json
index 7fbb32aef6..0b75cf89a6 100644
--- a/versions.json
+++ b/versions.json
@@ -163,7 +163,7 @@
"ppc64el",
"s390x"
],
- "version": "17~beta1-1.pgdg120+1"
+ "version": "17~beta2-1.pgdg120+1"
},
"bullseye": {
"arches": [
@@ -172,17 +172,17 @@
"ppc64el",
"s390x"
],
- "version": "17~beta1-1.pgdg110+1"
+ "version": "17~beta2-1.pgdg110+1"
},
"debian": "bookworm",
"major": 17,
- "sha256": "089e8854fecd0ca1ec5cd8b29526938f9ef5e91cc331f5d6e118d13468f08f50",
+ "sha256": "157af3af2cbc40364990835f518aea0711703e1c48f204b54dfd49b46cd8716c",
"variants": [
"bookworm",
"bullseye",
"alpine3.20",
"alpine3.19"
],
- "version": "17beta1"
+ "version": "17beta2"
}
}
From a09f1c441f26784ca64159c112aec8dea0f4d329 Mon Sep 17 00:00:00 2001
From: Tianon Gravi <admwiggin@gmail.com>
Date: Mon, 8 Jul 2024 15:17:21 -0700
Subject: [PATCH 065/115] Use `install` instead of `mkdir && chown && chmod`
---
12/alpine3.19/Dockerfile | 9 +++++----
12/alpine3.20/Dockerfile | 9 +++++----
12/bookworm/Dockerfile | 7 +++----
12/bullseye/Dockerfile | 7 +++----
13/alpine3.19/Dockerfile | 9 +++++----
13/alpine3.20/Dockerfile | 9 +++++----
13/bookworm/Dockerfile | 7 +++----
13/bullseye/Dockerfile | 7 +++----
14/alpine3.19/Dockerfile | 9 +++++----
14/alpine3.20/Dockerfile | 9 +++++----
14/bookworm/Dockerfile | 7 +++----
14/bullseye/Dockerfile | 7 +++----
15/alpine3.19/Dockerfile | 9 +++++----
15/alpine3.20/Dockerfile | 9 +++++----
15/bookworm/Dockerfile | 7 +++----
15/bullseye/Dockerfile | 7 +++----
16/alpine3.19/Dockerfile | 9 +++++----
16/alpine3.20/Dockerfile | 9 +++++----
16/bookworm/Dockerfile | 7 +++----
16/bullseye/Dockerfile | 7 +++----
17/alpine3.19/Dockerfile | 9 +++++----
17/alpine3.20/Dockerfile | 9 +++++----
17/bookworm/Dockerfile | 7 +++----
17/bullseye/Dockerfile | 7 +++----
Dockerfile-alpine.template | 9 +++++----
Dockerfile-debian.template | 7 +++----
26 files changed, 104 insertions(+), 104 deletions(-)
diff --git a/12/alpine3.19/Dockerfile b/12/alpine3.19/Dockerfile
index eb46f0fe36..049e0d481a 100644
--- a/12/alpine3.19/Dockerfile
+++ b/12/alpine3.19/Dockerfile
@@ -11,8 +11,9 @@ FROM alpine:3.19
RUN set -eux; \
addgroup -g 70 -S postgres; \
adduser -u 70 -S -D -G postgres -H -h /var/lib/postgresql -s /bin/sh postgres; \
- mkdir -p /var/lib/postgresql; \
- chown -R postgres:postgres /var/lib/postgresql
+# also create the postgres user's home directory with appropriate permissions
+# see https://github.com/docker-library/postgres/issues/274
+ install --verbose --directory --owner postgres --group postgres --mode 1777 /var/lib/postgresql
# grab gosu for easy step-down from root
# https://github.com/tianon/gosu/releases
@@ -188,11 +189,11 @@ RUN set -eux; \
sed -ri "s!^#?(listen_addresses)\s*=\s*\S+.*!\1 = '*'!" /usr/local/share/postgresql/postgresql.conf.sample; \
grep -F "listen_addresses = '*'" /usr/local/share/postgresql/postgresql.conf.sample
-RUN mkdir -p /var/run/postgresql && chown -R postgres:postgres /var/run/postgresql && chmod 3777 /var/run/postgresql
+RUN install --verbose --directory --owner postgres --group postgres --mode 3777 /var/run/postgresql
ENV PGDATA /var/lib/postgresql/data
# this 1777 will be replaced by 0700 at runtime (allows semi-arbitrary "--user" values)
-RUN mkdir -p "$PGDATA" && chown -R postgres:postgres "$PGDATA" && chmod 1777 "$PGDATA"
+RUN install --verbose --directory --owner postgres --group postgres --mode 1777 "$PGDATA"
VOLUME /var/lib/postgresql/data
COPY docker-entrypoint.sh docker-ensure-initdb.sh /usr/local/bin/
diff --git a/12/alpine3.20/Dockerfile b/12/alpine3.20/Dockerfile
index f1caf318c7..6c9b3d48c3 100644
--- a/12/alpine3.20/Dockerfile
+++ b/12/alpine3.20/Dockerfile
@@ -11,8 +11,9 @@ FROM alpine:3.20
RUN set -eux; \
addgroup -g 70 -S postgres; \
adduser -u 70 -S -D -G postgres -H -h /var/lib/postgresql -s /bin/sh postgres; \
- mkdir -p /var/lib/postgresql; \
- chown -R postgres:postgres /var/lib/postgresql
+# also create the postgres user's home directory with appropriate permissions
+# see https://github.com/docker-library/postgres/issues/274
+ install --verbose --directory --owner postgres --group postgres --mode 1777 /var/lib/postgresql
# grab gosu for easy step-down from root
# https://github.com/tianon/gosu/releases
@@ -188,11 +189,11 @@ RUN set -eux; \
sed -ri "s!^#?(listen_addresses)\s*=\s*\S+.*!\1 = '*'!" /usr/local/share/postgresql/postgresql.conf.sample; \
grep -F "listen_addresses = '*'" /usr/local/share/postgresql/postgresql.conf.sample
-RUN mkdir -p /var/run/postgresql && chown -R postgres:postgres /var/run/postgresql && chmod 3777 /var/run/postgresql
+RUN install --verbose --directory --owner postgres --group postgres --mode 3777 /var/run/postgresql
ENV PGDATA /var/lib/postgresql/data
# this 1777 will be replaced by 0700 at runtime (allows semi-arbitrary "--user" values)
-RUN mkdir -p "$PGDATA" && chown -R postgres:postgres "$PGDATA" && chmod 1777 "$PGDATA"
+RUN install --verbose --directory --owner postgres --group postgres --mode 1777 "$PGDATA"
VOLUME /var/lib/postgresql/data
COPY docker-entrypoint.sh docker-ensure-initdb.sh /usr/local/bin/
diff --git a/12/bookworm/Dockerfile b/12/bookworm/Dockerfile
index e697613ae2..4095800f24 100644
--- a/12/bookworm/Dockerfile
+++ b/12/bookworm/Dockerfile
@@ -13,8 +13,7 @@ RUN set -eux; \
useradd -r -g postgres --uid=999 --home-dir=/var/lib/postgresql --shell=/bin/bash postgres; \
# also create the postgres user's home directory with appropriate permissions
# see https://github.com/docker-library/postgres/issues/274
- mkdir -p /var/lib/postgresql; \
- chown -R postgres:postgres /var/lib/postgresql
+ install --verbose --directory --owner postgres --group postgres --mode 1777 /var/lib/postgresql
RUN set -ex; \
apt-get update; \
@@ -181,11 +180,11 @@ RUN set -eux; \
sed -ri "s!^#?(listen_addresses)\s*=\s*\S+.*!\1 = '*'!" /usr/share/postgresql/postgresql.conf.sample; \
grep -F "listen_addresses = '*'" /usr/share/postgresql/postgresql.conf.sample
-RUN mkdir -p /var/run/postgresql && chown -R postgres:postgres /var/run/postgresql && chmod 3777 /var/run/postgresql
+RUN install --verbose --directory --owner postgres --group postgres --mode 3777 /var/run/postgresql
ENV PGDATA /var/lib/postgresql/data
# this 1777 will be replaced by 0700 at runtime (allows semi-arbitrary "--user" values)
-RUN mkdir -p "$PGDATA" && chown -R postgres:postgres "$PGDATA" && chmod 1777 "$PGDATA"
+RUN install --verbose --directory --owner postgres --group postgres --mode 1777 "$PGDATA"
VOLUME /var/lib/postgresql/data
COPY docker-entrypoint.sh docker-ensure-initdb.sh /usr/local/bin/
diff --git a/12/bullseye/Dockerfile b/12/bullseye/Dockerfile
index da4e8e2ee5..f8d71e9b0f 100644
--- a/12/bullseye/Dockerfile
+++ b/12/bullseye/Dockerfile
@@ -13,8 +13,7 @@ RUN set -eux; \
useradd -r -g postgres --uid=999 --home-dir=/var/lib/postgresql --shell=/bin/bash postgres; \
# also create the postgres user's home directory with appropriate permissions
# see https://github.com/docker-library/postgres/issues/274
- mkdir -p /var/lib/postgresql; \
- chown -R postgres:postgres /var/lib/postgresql
+ install --verbose --directory --owner postgres --group postgres --mode 1777 /var/lib/postgresql
RUN set -ex; \
apt-get update; \
@@ -181,11 +180,11 @@ RUN set -eux; \
sed -ri "s!^#?(listen_addresses)\s*=\s*\S+.*!\1 = '*'!" /usr/share/postgresql/postgresql.conf.sample; \
grep -F "listen_addresses = '*'" /usr/share/postgresql/postgresql.conf.sample
-RUN mkdir -p /var/run/postgresql && chown -R postgres:postgres /var/run/postgresql && chmod 3777 /var/run/postgresql
+RUN install --verbose --directory --owner postgres --group postgres --mode 3777 /var/run/postgresql
ENV PGDATA /var/lib/postgresql/data
# this 1777 will be replaced by 0700 at runtime (allows semi-arbitrary "--user" values)
-RUN mkdir -p "$PGDATA" && chown -R postgres:postgres "$PGDATA" && chmod 1777 "$PGDATA"
+RUN install --verbose --directory --owner postgres --group postgres --mode 1777 "$PGDATA"
VOLUME /var/lib/postgresql/data
COPY docker-entrypoint.sh docker-ensure-initdb.sh /usr/local/bin/
diff --git a/13/alpine3.19/Dockerfile b/13/alpine3.19/Dockerfile
index 39a23522a4..5e8b9b9c1c 100644
--- a/13/alpine3.19/Dockerfile
+++ b/13/alpine3.19/Dockerfile
@@ -11,8 +11,9 @@ FROM alpine:3.19
RUN set -eux; \
addgroup -g 70 -S postgres; \
adduser -u 70 -S -D -G postgres -H -h /var/lib/postgresql -s /bin/sh postgres; \
- mkdir -p /var/lib/postgresql; \
- chown -R postgres:postgres /var/lib/postgresql
+# also create the postgres user's home directory with appropriate permissions
+# see https://github.com/docker-library/postgres/issues/274
+ install --verbose --directory --owner postgres --group postgres --mode 1777 /var/lib/postgresql
# grab gosu for easy step-down from root
# https://github.com/tianon/gosu/releases
@@ -188,11 +189,11 @@ RUN set -eux; \
sed -ri "s!^#?(listen_addresses)\s*=\s*\S+.*!\1 = '*'!" /usr/local/share/postgresql/postgresql.conf.sample; \
grep -F "listen_addresses = '*'" /usr/local/share/postgresql/postgresql.conf.sample
-RUN mkdir -p /var/run/postgresql && chown -R postgres:postgres /var/run/postgresql && chmod 3777 /var/run/postgresql
+RUN install --verbose --directory --owner postgres --group postgres --mode 3777 /var/run/postgresql
ENV PGDATA /var/lib/postgresql/data
# this 1777 will be replaced by 0700 at runtime (allows semi-arbitrary "--user" values)
-RUN mkdir -p "$PGDATA" && chown -R postgres:postgres "$PGDATA" && chmod 1777 "$PGDATA"
+RUN install --verbose --directory --owner postgres --group postgres --mode 1777 "$PGDATA"
VOLUME /var/lib/postgresql/data
COPY docker-entrypoint.sh docker-ensure-initdb.sh /usr/local/bin/
diff --git a/13/alpine3.20/Dockerfile b/13/alpine3.20/Dockerfile
index 567da31557..f1242897c7 100644
--- a/13/alpine3.20/Dockerfile
+++ b/13/alpine3.20/Dockerfile
@@ -11,8 +11,9 @@ FROM alpine:3.20
RUN set -eux; \
addgroup -g 70 -S postgres; \
adduser -u 70 -S -D -G postgres -H -h /var/lib/postgresql -s /bin/sh postgres; \
- mkdir -p /var/lib/postgresql; \
- chown -R postgres:postgres /var/lib/postgresql
+# also create the postgres user's home directory with appropriate permissions
+# see https://github.com/docker-library/postgres/issues/274
+ install --verbose --directory --owner postgres --group postgres --mode 1777 /var/lib/postgresql
# grab gosu for easy step-down from root
# https://github.com/tianon/gosu/releases
@@ -188,11 +189,11 @@ RUN set -eux; \
sed -ri "s!^#?(listen_addresses)\s*=\s*\S+.*!\1 = '*'!" /usr/local/share/postgresql/postgresql.conf.sample; \
grep -F "listen_addresses = '*'" /usr/local/share/postgresql/postgresql.conf.sample
-RUN mkdir -p /var/run/postgresql && chown -R postgres:postgres /var/run/postgresql && chmod 3777 /var/run/postgresql
+RUN install --verbose --directory --owner postgres --group postgres --mode 3777 /var/run/postgresql
ENV PGDATA /var/lib/postgresql/data
# this 1777 will be replaced by 0700 at runtime (allows semi-arbitrary "--user" values)
-RUN mkdir -p "$PGDATA" && chown -R postgres:postgres "$PGDATA" && chmod 1777 "$PGDATA"
+RUN install --verbose --directory --owner postgres --group postgres --mode 1777 "$PGDATA"
VOLUME /var/lib/postgresql/data
COPY docker-entrypoint.sh docker-ensure-initdb.sh /usr/local/bin/
diff --git a/13/bookworm/Dockerfile b/13/bookworm/Dockerfile
index 8b00f0e123..c2e61f40d3 100644
--- a/13/bookworm/Dockerfile
+++ b/13/bookworm/Dockerfile
@@ -13,8 +13,7 @@ RUN set -eux; \
useradd -r -g postgres --uid=999 --home-dir=/var/lib/postgresql --shell=/bin/bash postgres; \
# also create the postgres user's home directory with appropriate permissions
# see https://github.com/docker-library/postgres/issues/274
- mkdir -p /var/lib/postgresql; \
- chown -R postgres:postgres /var/lib/postgresql
+ install --verbose --directory --owner postgres --group postgres --mode 1777 /var/lib/postgresql
RUN set -ex; \
apt-get update; \
@@ -183,11 +182,11 @@ RUN set -eux; \
sed -ri "s!^#?(listen_addresses)\s*=\s*\S+.*!\1 = '*'!" /usr/share/postgresql/postgresql.conf.sample; \
grep -F "listen_addresses = '*'" /usr/share/postgresql/postgresql.conf.sample
-RUN mkdir -p /var/run/postgresql && chown -R postgres:postgres /var/run/postgresql && chmod 3777 /var/run/postgresql
+RUN install --verbose --directory --owner postgres --group postgres --mode 3777 /var/run/postgresql
ENV PGDATA /var/lib/postgresql/data
# this 1777 will be replaced by 0700 at runtime (allows semi-arbitrary "--user" values)
-RUN mkdir -p "$PGDATA" && chown -R postgres:postgres "$PGDATA" && chmod 1777 "$PGDATA"
+RUN install --verbose --directory --owner postgres --group postgres --mode 1777 "$PGDATA"
VOLUME /var/lib/postgresql/data
COPY docker-entrypoint.sh docker-ensure-initdb.sh /usr/local/bin/
diff --git a/13/bullseye/Dockerfile b/13/bullseye/Dockerfile
index b4210684c0..e57634a2b1 100644
--- a/13/bullseye/Dockerfile
+++ b/13/bullseye/Dockerfile
@@ -13,8 +13,7 @@ RUN set -eux; \
useradd -r -g postgres --uid=999 --home-dir=/var/lib/postgresql --shell=/bin/bash postgres; \
# also create the postgres user's home directory with appropriate permissions
# see https://github.com/docker-library/postgres/issues/274
- mkdir -p /var/lib/postgresql; \
- chown -R postgres:postgres /var/lib/postgresql
+ install --verbose --directory --owner postgres --group postgres --mode 1777 /var/lib/postgresql
RUN set -ex; \
apt-get update; \
@@ -183,11 +182,11 @@ RUN set -eux; \
sed -ri "s!^#?(listen_addresses)\s*=\s*\S+.*!\1 = '*'!" /usr/share/postgresql/postgresql.conf.sample; \
grep -F "listen_addresses = '*'" /usr/share/postgresql/postgresql.conf.sample
-RUN mkdir -p /var/run/postgresql && chown -R postgres:postgres /var/run/postgresql && chmod 3777 /var/run/postgresql
+RUN install --verbose --directory --owner postgres --group postgres --mode 3777 /var/run/postgresql
ENV PGDATA /var/lib/postgresql/data
# this 1777 will be replaced by 0700 at runtime (allows semi-arbitrary "--user" values)
-RUN mkdir -p "$PGDATA" && chown -R postgres:postgres "$PGDATA" && chmod 1777 "$PGDATA"
+RUN install --verbose --directory --owner postgres --group postgres --mode 1777 "$PGDATA"
VOLUME /var/lib/postgresql/data
COPY docker-entrypoint.sh docker-ensure-initdb.sh /usr/local/bin/
diff --git a/14/alpine3.19/Dockerfile b/14/alpine3.19/Dockerfile
index 461318e2b8..1f77cbffed 100644
--- a/14/alpine3.19/Dockerfile
+++ b/14/alpine3.19/Dockerfile
@@ -11,8 +11,9 @@ FROM alpine:3.19
RUN set -eux; \
addgroup -g 70 -S postgres; \
adduser -u 70 -S -D -G postgres -H -h /var/lib/postgresql -s /bin/sh postgres; \
- mkdir -p /var/lib/postgresql; \
- chown -R postgres:postgres /var/lib/postgresql
+# also create the postgres user's home directory with appropriate permissions
+# see https://github.com/docker-library/postgres/issues/274
+ install --verbose --directory --owner postgres --group postgres --mode 1777 /var/lib/postgresql
# grab gosu for easy step-down from root
# https://github.com/tianon/gosu/releases
@@ -191,11 +192,11 @@ RUN set -eux; \
sed -ri "s!^#?(listen_addresses)\s*=\s*\S+.*!\1 = '*'!" /usr/local/share/postgresql/postgresql.conf.sample; \
grep -F "listen_addresses = '*'" /usr/local/share/postgresql/postgresql.conf.sample
-RUN mkdir -p /var/run/postgresql && chown -R postgres:postgres /var/run/postgresql && chmod 3777 /var/run/postgresql
+RUN install --verbose --directory --owner postgres --group postgres --mode 3777 /var/run/postgresql
ENV PGDATA /var/lib/postgresql/data
# this 1777 will be replaced by 0700 at runtime (allows semi-arbitrary "--user" values)
-RUN mkdir -p "$PGDATA" && chown -R postgres:postgres "$PGDATA" && chmod 1777 "$PGDATA"
+RUN install --verbose --directory --owner postgres --group postgres --mode 1777 "$PGDATA"
VOLUME /var/lib/postgresql/data
COPY docker-entrypoint.sh docker-ensure-initdb.sh /usr/local/bin/
diff --git a/14/alpine3.20/Dockerfile b/14/alpine3.20/Dockerfile
index dc839d7c32..f674836f65 100644
--- a/14/alpine3.20/Dockerfile
+++ b/14/alpine3.20/Dockerfile
@@ -11,8 +11,9 @@ FROM alpine:3.20
RUN set -eux; \
addgroup -g 70 -S postgres; \
adduser -u 70 -S -D -G postgres -H -h /var/lib/postgresql -s /bin/sh postgres; \
- mkdir -p /var/lib/postgresql; \
- chown -R postgres:postgres /var/lib/postgresql
+# also create the postgres user's home directory with appropriate permissions
+# see https://github.com/docker-library/postgres/issues/274
+ install --verbose --directory --owner postgres --group postgres --mode 1777 /var/lib/postgresql
# grab gosu for easy step-down from root
# https://github.com/tianon/gosu/releases
@@ -191,11 +192,11 @@ RUN set -eux; \
sed -ri "s!^#?(listen_addresses)\s*=\s*\S+.*!\1 = '*'!" /usr/local/share/postgresql/postgresql.conf.sample; \
grep -F "listen_addresses = '*'" /usr/local/share/postgresql/postgresql.conf.sample
-RUN mkdir -p /var/run/postgresql && chown -R postgres:postgres /var/run/postgresql && chmod 3777 /var/run/postgresql
+RUN install --verbose --directory --owner postgres --group postgres --mode 3777 /var/run/postgresql
ENV PGDATA /var/lib/postgresql/data
# this 1777 will be replaced by 0700 at runtime (allows semi-arbitrary "--user" values)
-RUN mkdir -p "$PGDATA" && chown -R postgres:postgres "$PGDATA" && chmod 1777 "$PGDATA"
+RUN install --verbose --directory --owner postgres --group postgres --mode 1777 "$PGDATA"
VOLUME /var/lib/postgresql/data
COPY docker-entrypoint.sh docker-ensure-initdb.sh /usr/local/bin/
diff --git a/14/bookworm/Dockerfile b/14/bookworm/Dockerfile
index 3c9e737ab2..c579f62833 100644
--- a/14/bookworm/Dockerfile
+++ b/14/bookworm/Dockerfile
@@ -13,8 +13,7 @@ RUN set -eux; \
useradd -r -g postgres --uid=999 --home-dir=/var/lib/postgresql --shell=/bin/bash postgres; \
# also create the postgres user's home directory with appropriate permissions
# see https://github.com/docker-library/postgres/issues/274
- mkdir -p /var/lib/postgresql; \
- chown -R postgres:postgres /var/lib/postgresql
+ install --verbose --directory --owner postgres --group postgres --mode 1777 /var/lib/postgresql
RUN set -ex; \
apt-get update; \
@@ -181,11 +180,11 @@ RUN set -eux; \
sed -ri "s!^#?(listen_addresses)\s*=\s*\S+.*!\1 = '*'!" /usr/share/postgresql/postgresql.conf.sample; \
grep -F "listen_addresses = '*'" /usr/share/postgresql/postgresql.conf.sample
-RUN mkdir -p /var/run/postgresql && chown -R postgres:postgres /var/run/postgresql && chmod 3777 /var/run/postgresql
+RUN install --verbose --directory --owner postgres --group postgres --mode 3777 /var/run/postgresql
ENV PGDATA /var/lib/postgresql/data
# this 1777 will be replaced by 0700 at runtime (allows semi-arbitrary "--user" values)
-RUN mkdir -p "$PGDATA" && chown -R postgres:postgres "$PGDATA" && chmod 1777 "$PGDATA"
+RUN install --verbose --directory --owner postgres --group postgres --mode 1777 "$PGDATA"
VOLUME /var/lib/postgresql/data
COPY docker-entrypoint.sh docker-ensure-initdb.sh /usr/local/bin/
diff --git a/14/bullseye/Dockerfile b/14/bullseye/Dockerfile
index 048b473058..1dcdb845f8 100644
--- a/14/bullseye/Dockerfile
+++ b/14/bullseye/Dockerfile
@@ -13,8 +13,7 @@ RUN set -eux; \
useradd -r -g postgres --uid=999 --home-dir=/var/lib/postgresql --shell=/bin/bash postgres; \
# also create the postgres user's home directory with appropriate permissions
# see https://github.com/docker-library/postgres/issues/274
- mkdir -p /var/lib/postgresql; \
- chown -R postgres:postgres /var/lib/postgresql
+ install --verbose --directory --owner postgres --group postgres --mode 1777 /var/lib/postgresql
RUN set -ex; \
apt-get update; \
@@ -181,11 +180,11 @@ RUN set -eux; \
sed -ri "s!^#?(listen_addresses)\s*=\s*\S+.*!\1 = '*'!" /usr/share/postgresql/postgresql.conf.sample; \
grep -F "listen_addresses = '*'" /usr/share/postgresql/postgresql.conf.sample
-RUN mkdir -p /var/run/postgresql && chown -R postgres:postgres /var/run/postgresql && chmod 3777 /var/run/postgresql
+RUN install --verbose --directory --owner postgres --group postgres --mode 3777 /var/run/postgresql
ENV PGDATA /var/lib/postgresql/data
# this 1777 will be replaced by 0700 at runtime (allows semi-arbitrary "--user" values)
-RUN mkdir -p "$PGDATA" && chown -R postgres:postgres "$PGDATA" && chmod 1777 "$PGDATA"
+RUN install --verbose --directory --owner postgres --group postgres --mode 1777 "$PGDATA"
VOLUME /var/lib/postgresql/data
COPY docker-entrypoint.sh docker-ensure-initdb.sh /usr/local/bin/
diff --git a/15/alpine3.19/Dockerfile b/15/alpine3.19/Dockerfile
index 2f249aa430..76dc5b24e5 100644
--- a/15/alpine3.19/Dockerfile
+++ b/15/alpine3.19/Dockerfile
@@ -11,8 +11,9 @@ FROM alpine:3.19
RUN set -eux; \
addgroup -g 70 -S postgres; \
adduser -u 70 -S -D -G postgres -H -h /var/lib/postgresql -s /bin/sh postgres; \
- mkdir -p /var/lib/postgresql; \
- chown -R postgres:postgres /var/lib/postgresql
+# also create the postgres user's home directory with appropriate permissions
+# see https://github.com/docker-library/postgres/issues/274
+ install --verbose --directory --owner postgres --group postgres --mode 1777 /var/lib/postgresql
# grab gosu for easy step-down from root
# https://github.com/tianon/gosu/releases
@@ -194,11 +195,11 @@ RUN set -eux; \
sed -ri "s!^#?(listen_addresses)\s*=\s*\S+.*!\1 = '*'!" /usr/local/share/postgresql/postgresql.conf.sample; \
grep -F "listen_addresses = '*'" /usr/local/share/postgresql/postgresql.conf.sample
-RUN mkdir -p /var/run/postgresql && chown -R postgres:postgres /var/run/postgresql && chmod 3777 /var/run/postgresql
+RUN install --verbose --directory --owner postgres --group postgres --mode 3777 /var/run/postgresql
ENV PGDATA /var/lib/postgresql/data
# this 1777 will be replaced by 0700 at runtime (allows semi-arbitrary "--user" values)
-RUN mkdir -p "$PGDATA" && chown -R postgres:postgres "$PGDATA" && chmod 1777 "$PGDATA"
+RUN install --verbose --directory --owner postgres --group postgres --mode 1777 "$PGDATA"
VOLUME /var/lib/postgresql/data
COPY docker-entrypoint.sh docker-ensure-initdb.sh /usr/local/bin/
diff --git a/15/alpine3.20/Dockerfile b/15/alpine3.20/Dockerfile
index 79b20ac311..fede5ab89c 100644
--- a/15/alpine3.20/Dockerfile
+++ b/15/alpine3.20/Dockerfile
@@ -11,8 +11,9 @@ FROM alpine:3.20
RUN set -eux; \
addgroup -g 70 -S postgres; \
adduser -u 70 -S -D -G postgres -H -h /var/lib/postgresql -s /bin/sh postgres; \
- mkdir -p /var/lib/postgresql; \
- chown -R postgres:postgres /var/lib/postgresql
+# also create the postgres user's home directory with appropriate permissions
+# see https://github.com/docker-library/postgres/issues/274
+ install --verbose --directory --owner postgres --group postgres --mode 1777 /var/lib/postgresql
# grab gosu for easy step-down from root
# https://github.com/tianon/gosu/releases
@@ -194,11 +195,11 @@ RUN set -eux; \
sed -ri "s!^#?(listen_addresses)\s*=\s*\S+.*!\1 = '*'!" /usr/local/share/postgresql/postgresql.conf.sample; \
grep -F "listen_addresses = '*'" /usr/local/share/postgresql/postgresql.conf.sample
-RUN mkdir -p /var/run/postgresql && chown -R postgres:postgres /var/run/postgresql && chmod 3777 /var/run/postgresql
+RUN install --verbose --directory --owner postgres --group postgres --mode 3777 /var/run/postgresql
ENV PGDATA /var/lib/postgresql/data
# this 1777 will be replaced by 0700 at runtime (allows semi-arbitrary "--user" values)
-RUN mkdir -p "$PGDATA" && chown -R postgres:postgres "$PGDATA" && chmod 1777 "$PGDATA"
+RUN install --verbose --directory --owner postgres --group postgres --mode 1777 "$PGDATA"
VOLUME /var/lib/postgresql/data
COPY docker-entrypoint.sh docker-ensure-initdb.sh /usr/local/bin/
diff --git a/15/bookworm/Dockerfile b/15/bookworm/Dockerfile
index 20dc81de0a..b91220a9ee 100644
--- a/15/bookworm/Dockerfile
+++ b/15/bookworm/Dockerfile
@@ -13,8 +13,7 @@ RUN set -eux; \
useradd -r -g postgres --uid=999 --home-dir=/var/lib/postgresql --shell=/bin/bash postgres; \
# also create the postgres user's home directory with appropriate permissions
# see https://github.com/docker-library/postgres/issues/274
- mkdir -p /var/lib/postgresql; \
- chown -R postgres:postgres /var/lib/postgresql
+ install --verbose --directory --owner postgres --group postgres --mode 1777 /var/lib/postgresql
RUN set -ex; \
apt-get update; \
@@ -181,11 +180,11 @@ RUN set -eux; \
sed -ri "s!^#?(listen_addresses)\s*=\s*\S+.*!\1 = '*'!" /usr/share/postgresql/postgresql.conf.sample; \
grep -F "listen_addresses = '*'" /usr/share/postgresql/postgresql.conf.sample
-RUN mkdir -p /var/run/postgresql && chown -R postgres:postgres /var/run/postgresql && chmod 3777 /var/run/postgresql
+RUN install --verbose --directory --owner postgres --group postgres --mode 3777 /var/run/postgresql
ENV PGDATA /var/lib/postgresql/data
# this 1777 will be replaced by 0700 at runtime (allows semi-arbitrary "--user" values)
-RUN mkdir -p "$PGDATA" && chown -R postgres:postgres "$PGDATA" && chmod 1777 "$PGDATA"
+RUN install --verbose --directory --owner postgres --group postgres --mode 1777 "$PGDATA"
VOLUME /var/lib/postgresql/data
COPY docker-entrypoint.sh docker-ensure-initdb.sh /usr/local/bin/
diff --git a/15/bullseye/Dockerfile b/15/bullseye/Dockerfile
index a8a568956b..9323d7ef31 100644
--- a/15/bullseye/Dockerfile
+++ b/15/bullseye/Dockerfile
@@ -13,8 +13,7 @@ RUN set -eux; \
useradd -r -g postgres --uid=999 --home-dir=/var/lib/postgresql --shell=/bin/bash postgres; \
# also create the postgres user's home directory with appropriate permissions
# see https://github.com/docker-library/postgres/issues/274
- mkdir -p /var/lib/postgresql; \
- chown -R postgres:postgres /var/lib/postgresql
+ install --verbose --directory --owner postgres --group postgres --mode 1777 /var/lib/postgresql
RUN set -ex; \
apt-get update; \
@@ -181,11 +180,11 @@ RUN set -eux; \
sed -ri "s!^#?(listen_addresses)\s*=\s*\S+.*!\1 = '*'!" /usr/share/postgresql/postgresql.conf.sample; \
grep -F "listen_addresses = '*'" /usr/share/postgresql/postgresql.conf.sample
-RUN mkdir -p /var/run/postgresql && chown -R postgres:postgres /var/run/postgresql && chmod 3777 /var/run/postgresql
+RUN install --verbose --directory --owner postgres --group postgres --mode 3777 /var/run/postgresql
ENV PGDATA /var/lib/postgresql/data
# this 1777 will be replaced by 0700 at runtime (allows semi-arbitrary "--user" values)
-RUN mkdir -p "$PGDATA" && chown -R postgres:postgres "$PGDATA" && chmod 1777 "$PGDATA"
+RUN install --verbose --directory --owner postgres --group postgres --mode 1777 "$PGDATA"
VOLUME /var/lib/postgresql/data
COPY docker-entrypoint.sh docker-ensure-initdb.sh /usr/local/bin/
diff --git a/16/alpine3.19/Dockerfile b/16/alpine3.19/Dockerfile
index f949bbb499..be479c5be2 100644
--- a/16/alpine3.19/Dockerfile
+++ b/16/alpine3.19/Dockerfile
@@ -11,8 +11,9 @@ FROM alpine:3.19
RUN set -eux; \
addgroup -g 70 -S postgres; \
adduser -u 70 -S -D -G postgres -H -h /var/lib/postgresql -s /bin/sh postgres; \
- mkdir -p /var/lib/postgresql; \
- chown -R postgres:postgres /var/lib/postgresql
+# also create the postgres user's home directory with appropriate permissions
+# see https://github.com/docker-library/postgres/issues/274
+ install --verbose --directory --owner postgres --group postgres --mode 1777 /var/lib/postgresql
# grab gosu for easy step-down from root
# https://github.com/tianon/gosu/releases
@@ -193,11 +194,11 @@ RUN set -eux; \
sed -ri "s!^#?(listen_addresses)\s*=\s*\S+.*!\1 = '*'!" /usr/local/share/postgresql/postgresql.conf.sample; \
grep -F "listen_addresses = '*'" /usr/local/share/postgresql/postgresql.conf.sample
-RUN mkdir -p /var/run/postgresql && chown -R postgres:postgres /var/run/postgresql && chmod 3777 /var/run/postgresql
+RUN install --verbose --directory --owner postgres --group postgres --mode 3777 /var/run/postgresql
ENV PGDATA /var/lib/postgresql/data
# this 1777 will be replaced by 0700 at runtime (allows semi-arbitrary "--user" values)
-RUN mkdir -p "$PGDATA" && chown -R postgres:postgres "$PGDATA" && chmod 1777 "$PGDATA"
+RUN install --verbose --directory --owner postgres --group postgres --mode 1777 "$PGDATA"
VOLUME /var/lib/postgresql/data
COPY docker-entrypoint.sh docker-ensure-initdb.sh /usr/local/bin/
diff --git a/16/alpine3.20/Dockerfile b/16/alpine3.20/Dockerfile
index b7606c5b7a..447f1d8e10 100644
--- a/16/alpine3.20/Dockerfile
+++ b/16/alpine3.20/Dockerfile
@@ -11,8 +11,9 @@ FROM alpine:3.20
RUN set -eux; \
addgroup -g 70 -S postgres; \
adduser -u 70 -S -D -G postgres -H -h /var/lib/postgresql -s /bin/sh postgres; \
- mkdir -p /var/lib/postgresql; \
- chown -R postgres:postgres /var/lib/postgresql
+# also create the postgres user's home directory with appropriate permissions
+# see https://github.com/docker-library/postgres/issues/274
+ install --verbose --directory --owner postgres --group postgres --mode 1777 /var/lib/postgresql
# grab gosu for easy step-down from root
# https://github.com/tianon/gosu/releases
@@ -193,11 +194,11 @@ RUN set -eux; \
sed -ri "s!^#?(listen_addresses)\s*=\s*\S+.*!\1 = '*'!" /usr/local/share/postgresql/postgresql.conf.sample; \
grep -F "listen_addresses = '*'" /usr/local/share/postgresql/postgresql.conf.sample
-RUN mkdir -p /var/run/postgresql && chown -R postgres:postgres /var/run/postgresql && chmod 3777 /var/run/postgresql
+RUN install --verbose --directory --owner postgres --group postgres --mode 3777 /var/run/postgresql
ENV PGDATA /var/lib/postgresql/data
# this 1777 will be replaced by 0700 at runtime (allows semi-arbitrary "--user" values)
-RUN mkdir -p "$PGDATA" && chown -R postgres:postgres "$PGDATA" && chmod 1777 "$PGDATA"
+RUN install --verbose --directory --owner postgres --group postgres --mode 1777 "$PGDATA"
VOLUME /var/lib/postgresql/data
COPY docker-entrypoint.sh docker-ensure-initdb.sh /usr/local/bin/
diff --git a/16/bookworm/Dockerfile b/16/bookworm/Dockerfile
index 9983d85c6f..d13273b08a 100644
--- a/16/bookworm/Dockerfile
+++ b/16/bookworm/Dockerfile
@@ -13,8 +13,7 @@ RUN set -eux; \
useradd -r -g postgres --uid=999 --home-dir=/var/lib/postgresql --shell=/bin/bash postgres; \
# also create the postgres user's home directory with appropriate permissions
# see https://github.com/docker-library/postgres/issues/274
- mkdir -p /var/lib/postgresql; \
- chown -R postgres:postgres /var/lib/postgresql
+ install --verbose --directory --owner postgres --group postgres --mode 1777 /var/lib/postgresql
RUN set -ex; \
apt-get update; \
@@ -181,11 +180,11 @@ RUN set -eux; \
sed -ri "s!^#?(listen_addresses)\s*=\s*\S+.*!\1 = '*'!" /usr/share/postgresql/postgresql.conf.sample; \
grep -F "listen_addresses = '*'" /usr/share/postgresql/postgresql.conf.sample
-RUN mkdir -p /var/run/postgresql && chown -R postgres:postgres /var/run/postgresql && chmod 3777 /var/run/postgresql
+RUN install --verbose --directory --owner postgres --group postgres --mode 3777 /var/run/postgresql
ENV PGDATA /var/lib/postgresql/data
# this 1777 will be replaced by 0700 at runtime (allows semi-arbitrary "--user" values)
-RUN mkdir -p "$PGDATA" && chown -R postgres:postgres "$PGDATA" && chmod 1777 "$PGDATA"
+RUN install --verbose --directory --owner postgres --group postgres --mode 1777 "$PGDATA"
VOLUME /var/lib/postgresql/data
COPY docker-entrypoint.sh docker-ensure-initdb.sh /usr/local/bin/
diff --git a/16/bullseye/Dockerfile b/16/bullseye/Dockerfile
index b4146f0236..f2827ff9af 100644
--- a/16/bullseye/Dockerfile
+++ b/16/bullseye/Dockerfile
@@ -13,8 +13,7 @@ RUN set -eux; \
useradd -r -g postgres --uid=999 --home-dir=/var/lib/postgresql --shell=/bin/bash postgres; \
# also create the postgres user's home directory with appropriate permissions
# see https://github.com/docker-library/postgres/issues/274
- mkdir -p /var/lib/postgresql; \
- chown -R postgres:postgres /var/lib/postgresql
+ install --verbose --directory --owner postgres --group postgres --mode 1777 /var/lib/postgresql
RUN set -ex; \
apt-get update; \
@@ -181,11 +180,11 @@ RUN set -eux; \
sed -ri "s!^#?(listen_addresses)\s*=\s*\S+.*!\1 = '*'!" /usr/share/postgresql/postgresql.conf.sample; \
grep -F "listen_addresses = '*'" /usr/share/postgresql/postgresql.conf.sample
-RUN mkdir -p /var/run/postgresql && chown -R postgres:postgres /var/run/postgresql && chmod 3777 /var/run/postgresql
+RUN install --verbose --directory --owner postgres --group postgres --mode 3777 /var/run/postgresql
ENV PGDATA /var/lib/postgresql/data
# this 1777 will be replaced by 0700 at runtime (allows semi-arbitrary "--user" values)
-RUN mkdir -p "$PGDATA" && chown -R postgres:postgres "$PGDATA" && chmod 1777 "$PGDATA"
+RUN install --verbose --directory --owner postgres --group postgres --mode 1777 "$PGDATA"
VOLUME /var/lib/postgresql/data
COPY docker-entrypoint.sh docker-ensure-initdb.sh /usr/local/bin/
diff --git a/17/alpine3.19/Dockerfile b/17/alpine3.19/Dockerfile
index b862b1f0a8..cc263a0644 100644
--- a/17/alpine3.19/Dockerfile
+++ b/17/alpine3.19/Dockerfile
@@ -11,8 +11,9 @@ FROM alpine:3.19
RUN set -eux; \
addgroup -g 70 -S postgres; \
adduser -u 70 -S -D -G postgres -H -h /var/lib/postgresql -s /bin/sh postgres; \
- mkdir -p /var/lib/postgresql; \
- chown -R postgres:postgres /var/lib/postgresql
+# also create the postgres user's home directory with appropriate permissions
+# see https://github.com/docker-library/postgres/issues/274
+ install --verbose --directory --owner postgres --group postgres --mode 1777 /var/lib/postgresql
# grab gosu for easy step-down from root
# https://github.com/tianon/gosu/releases
@@ -191,11 +192,11 @@ RUN set -eux; \
sed -ri "s!^#?(listen_addresses)\s*=\s*\S+.*!\1 = '*'!" /usr/local/share/postgresql/postgresql.conf.sample; \
grep -F "listen_addresses = '*'" /usr/local/share/postgresql/postgresql.conf.sample
-RUN mkdir -p /var/run/postgresql && chown -R postgres:postgres /var/run/postgresql && chmod 3777 /var/run/postgresql
+RUN install --verbose --directory --owner postgres --group postgres --mode 3777 /var/run/postgresql
ENV PGDATA /var/lib/postgresql/data
# this 1777 will be replaced by 0700 at runtime (allows semi-arbitrary "--user" values)
-RUN mkdir -p "$PGDATA" && chown -R postgres:postgres "$PGDATA" && chmod 1777 "$PGDATA"
+RUN install --verbose --directory --owner postgres --group postgres --mode 1777 "$PGDATA"
VOLUME /var/lib/postgresql/data
COPY docker-entrypoint.sh docker-ensure-initdb.sh /usr/local/bin/
diff --git a/17/alpine3.20/Dockerfile b/17/alpine3.20/Dockerfile
index 5d717978a4..07dc7c4750 100644
--- a/17/alpine3.20/Dockerfile
+++ b/17/alpine3.20/Dockerfile
@@ -11,8 +11,9 @@ FROM alpine:3.20
RUN set -eux; \
addgroup -g 70 -S postgres; \
adduser -u 70 -S -D -G postgres -H -h /var/lib/postgresql -s /bin/sh postgres; \
- mkdir -p /var/lib/postgresql; \
- chown -R postgres:postgres /var/lib/postgresql
+# also create the postgres user's home directory with appropriate permissions
+# see https://github.com/docker-library/postgres/issues/274
+ install --verbose --directory --owner postgres --group postgres --mode 1777 /var/lib/postgresql
# grab gosu for easy step-down from root
# https://github.com/tianon/gosu/releases
@@ -191,11 +192,11 @@ RUN set -eux; \
sed -ri "s!^#?(listen_addresses)\s*=\s*\S+.*!\1 = '*'!" /usr/local/share/postgresql/postgresql.conf.sample; \
grep -F "listen_addresses = '*'" /usr/local/share/postgresql/postgresql.conf.sample
-RUN mkdir -p /var/run/postgresql && chown -R postgres:postgres /var/run/postgresql && chmod 3777 /var/run/postgresql
+RUN install --verbose --directory --owner postgres --group postgres --mode 3777 /var/run/postgresql
ENV PGDATA /var/lib/postgresql/data
# this 1777 will be replaced by 0700 at runtime (allows semi-arbitrary "--user" values)
-RUN mkdir -p "$PGDATA" && chown -R postgres:postgres "$PGDATA" && chmod 1777 "$PGDATA"
+RUN install --verbose --directory --owner postgres --group postgres --mode 1777 "$PGDATA"
VOLUME /var/lib/postgresql/data
COPY docker-entrypoint.sh docker-ensure-initdb.sh /usr/local/bin/
diff --git a/17/bookworm/Dockerfile b/17/bookworm/Dockerfile
index 44a83ef284..99dfd4b35c 100644
--- a/17/bookworm/Dockerfile
+++ b/17/bookworm/Dockerfile
@@ -13,8 +13,7 @@ RUN set -eux; \
useradd -r -g postgres --uid=999 --home-dir=/var/lib/postgresql --shell=/bin/bash postgres; \
# also create the postgres user's home directory with appropriate permissions
# see https://github.com/docker-library/postgres/issues/274
- mkdir -p /var/lib/postgresql; \
- chown -R postgres:postgres /var/lib/postgresql
+ install --verbose --directory --owner postgres --group postgres --mode 1777 /var/lib/postgresql
RUN set -ex; \
apt-get update; \
@@ -181,11 +180,11 @@ RUN set -eux; \
sed -ri "s!^#?(listen_addresses)\s*=\s*\S+.*!\1 = '*'!" /usr/share/postgresql/postgresql.conf.sample; \
grep -F "listen_addresses = '*'" /usr/share/postgresql/postgresql.conf.sample
-RUN mkdir -p /var/run/postgresql && chown -R postgres:postgres /var/run/postgresql && chmod 3777 /var/run/postgresql
+RUN install --verbose --directory --owner postgres --group postgres --mode 3777 /var/run/postgresql
ENV PGDATA /var/lib/postgresql/data
# this 1777 will be replaced by 0700 at runtime (allows semi-arbitrary "--user" values)
-RUN mkdir -p "$PGDATA" && chown -R postgres:postgres "$PGDATA" && chmod 1777 "$PGDATA"
+RUN install --verbose --directory --owner postgres --group postgres --mode 1777 "$PGDATA"
VOLUME /var/lib/postgresql/data
COPY docker-entrypoint.sh docker-ensure-initdb.sh /usr/local/bin/
diff --git a/17/bullseye/Dockerfile b/17/bullseye/Dockerfile
index e93e7e4257..249d0cdf80 100644
--- a/17/bullseye/Dockerfile
+++ b/17/bullseye/Dockerfile
@@ -13,8 +13,7 @@ RUN set -eux; \
useradd -r -g postgres --uid=999 --home-dir=/var/lib/postgresql --shell=/bin/bash postgres; \
# also create the postgres user's home directory with appropriate permissions
# see https://github.com/docker-library/postgres/issues/274
- mkdir -p /var/lib/postgresql; \
- chown -R postgres:postgres /var/lib/postgresql
+ install --verbose --directory --owner postgres --group postgres --mode 1777 /var/lib/postgresql
RUN set -ex; \
apt-get update; \
@@ -181,11 +180,11 @@ RUN set -eux; \
sed -ri "s!^#?(listen_addresses)\s*=\s*\S+.*!\1 = '*'!" /usr/share/postgresql/postgresql.conf.sample; \
grep -F "listen_addresses = '*'" /usr/share/postgresql/postgresql.conf.sample
-RUN mkdir -p /var/run/postgresql && chown -R postgres:postgres /var/run/postgresql && chmod 3777 /var/run/postgresql
+RUN install --verbose --directory --owner postgres --group postgres --mode 3777 /var/run/postgresql
ENV PGDATA /var/lib/postgresql/data
# this 1777 will be replaced by 0700 at runtime (allows semi-arbitrary "--user" values)
-RUN mkdir -p "$PGDATA" && chown -R postgres:postgres "$PGDATA" && chmod 1777 "$PGDATA"
+RUN install --verbose --directory --owner postgres --group postgres --mode 1777 "$PGDATA"
VOLUME /var/lib/postgresql/data
COPY docker-entrypoint.sh docker-ensure-initdb.sh /usr/local/bin/
diff --git a/Dockerfile-alpine.template b/Dockerfile-alpine.template
index f80942090c..3d6236e6e8 100644
--- a/Dockerfile-alpine.template
+++ b/Dockerfile-alpine.template
@@ -5,8 +5,9 @@ FROM alpine:{{ env.variant | ltrimstr("alpine") }}
RUN set -eux; \
addgroup -g 70 -S postgres; \
adduser -u 70 -S -D -G postgres -H -h /var/lib/postgresql -s /bin/sh postgres; \
- mkdir -p /var/lib/postgresql; \
- chown -R postgres:postgres /var/lib/postgresql
+# also create the postgres user's home directory with appropriate permissions
+# see https://github.com/docker-library/postgres/issues/274
+ install --verbose --directory --owner postgres --group postgres --mode 1777 /var/lib/postgresql
# grab gosu for easy step-down from root
# https://github.com/tianon/gosu/releases
@@ -206,11 +207,11 @@ RUN set -eux; \
sed -ri "s!^#?(listen_addresses)\s*=\s*\S+.*!\1 = '*'!" /usr/local/share/postgresql/postgresql.conf.sample; \
grep -F "listen_addresses = '*'" /usr/local/share/postgresql/postgresql.conf.sample
-RUN mkdir -p /var/run/postgresql && chown -R postgres:postgres /var/run/postgresql && chmod 3777 /var/run/postgresql
+RUN install --verbose --directory --owner postgres --group postgres --mode 3777 /var/run/postgresql
ENV PGDATA /var/lib/postgresql/data
# this 1777 will be replaced by 0700 at runtime (allows semi-arbitrary "--user" values)
-RUN mkdir -p "$PGDATA" && chown -R postgres:postgres "$PGDATA" && chmod 1777 "$PGDATA"
+RUN install --verbose --directory --owner postgres --group postgres --mode 1777 "$PGDATA"
VOLUME /var/lib/postgresql/data
COPY docker-entrypoint.sh docker-ensure-initdb.sh /usr/local/bin/
diff --git a/Dockerfile-debian.template b/Dockerfile-debian.template
index 479f147c7f..1fa84903ac 100644
--- a/Dockerfile-debian.template
+++ b/Dockerfile-debian.template
@@ -7,8 +7,7 @@ RUN set -eux; \
useradd -r -g postgres --uid=999 --home-dir=/var/lib/postgresql --shell=/bin/bash postgres; \
# also create the postgres user's home directory with appropriate permissions
# see https://github.com/docker-library/postgres/issues/274
- mkdir -p /var/lib/postgresql; \
- chown -R postgres:postgres /var/lib/postgresql
+ install --verbose --directory --owner postgres --group postgres --mode 1777 /var/lib/postgresql
RUN set -ex; \
apt-get update; \
@@ -179,11 +178,11 @@ RUN set -eux; \
sed -ri "s!^#?(listen_addresses)\s*=\s*\S+.*!\1 = '*'!" /usr/share/postgresql/postgresql.conf.sample; \
grep -F "listen_addresses = '*'" /usr/share/postgresql/postgresql.conf.sample
-RUN mkdir -p /var/run/postgresql && chown -R postgres:postgres /var/run/postgresql && chmod 3777 /var/run/postgresql
+RUN install --verbose --directory --owner postgres --group postgres --mode 3777 /var/run/postgresql
ENV PGDATA /var/lib/postgresql/data
# this 1777 will be replaced by 0700 at runtime (allows semi-arbitrary "--user" values)
-RUN mkdir -p "$PGDATA" && chown -R postgres:postgres "$PGDATA" && chmod 1777 "$PGDATA"
+RUN install --verbose --directory --owner postgres --group postgres --mode 1777 "$PGDATA"
VOLUME /var/lib/postgresql/data
COPY docker-entrypoint.sh docker-ensure-initdb.sh /usr/local/bin/
From 62f99df90060f4105ebe9a6bd88611370f52aa16 Mon Sep 17 00:00:00 2001
From: Docker Library Bot <doi+docker-library-bot@docker.com>
Date: Thu, 8 Aug 2024 09:22:52 -0700
Subject: [PATCH 066/115] Update 12 to 12.20, bookworm 12.20-1.pgdg120+1,
bullseye 12.20-1.pgdg110+1
---
12/alpine3.19/Dockerfile | 4 ++--
12/alpine3.20/Dockerfile | 4 ++--
12/bookworm/Dockerfile | 2 +-
12/bullseye/Dockerfile | 2 +-
versions.json | 8 ++++----
5 files changed, 10 insertions(+), 10 deletions(-)
diff --git a/12/alpine3.19/Dockerfile b/12/alpine3.19/Dockerfile
index 049e0d481a..e3f5683277 100644
--- a/12/alpine3.19/Dockerfile
+++ b/12/alpine3.19/Dockerfile
@@ -53,8 +53,8 @@ ENV LANG en_US.utf8
RUN mkdir /docker-entrypoint-initdb.d
ENV PG_MAJOR 12
-ENV PG_VERSION 12.19
-ENV PG_SHA256 617e3de52c22e822f4f57d01d5b2240503e198a9eccaf598a851109bd18e6fbb
+ENV PG_VERSION 12.20
+ENV PG_SHA256 2d543af3009fec7fd5af35f7a70c95085d3eef6b508e517aa9493e99b15e9ea9
ENV DOCKER_PG_LLVM_DEPS \
llvm15-dev \
diff --git a/12/alpine3.20/Dockerfile b/12/alpine3.20/Dockerfile
index 6c9b3d48c3..2c1db6c7f0 100644
--- a/12/alpine3.20/Dockerfile
+++ b/12/alpine3.20/Dockerfile
@@ -53,8 +53,8 @@ ENV LANG en_US.utf8
RUN mkdir /docker-entrypoint-initdb.d
ENV PG_MAJOR 12
-ENV PG_VERSION 12.19
-ENV PG_SHA256 617e3de52c22e822f4f57d01d5b2240503e198a9eccaf598a851109bd18e6fbb
+ENV PG_VERSION 12.20
+ENV PG_SHA256 2d543af3009fec7fd5af35f7a70c95085d3eef6b508e517aa9493e99b15e9ea9
ENV DOCKER_PG_LLVM_DEPS \
llvm15-dev \
diff --git a/12/bookworm/Dockerfile b/12/bookworm/Dockerfile
index 4095800f24..d80c0a4345 100644
--- a/12/bookworm/Dockerfile
+++ b/12/bookworm/Dockerfile
@@ -89,7 +89,7 @@ RUN set -ex; \
ENV PG_MAJOR 12
ENV PATH $PATH:/usr/lib/postgresql/$PG_MAJOR/bin
-ENV PG_VERSION 12.19-1.pgdg120+1
+ENV PG_VERSION 12.20-1.pgdg120+1
RUN set -ex; \
\
diff --git a/12/bullseye/Dockerfile b/12/bullseye/Dockerfile
index f8d71e9b0f..f11f9db297 100644
--- a/12/bullseye/Dockerfile
+++ b/12/bullseye/Dockerfile
@@ -89,7 +89,7 @@ RUN set -ex; \
ENV PG_MAJOR 12
ENV PATH $PATH:/usr/lib/postgresql/$PG_MAJOR/bin
-ENV PG_VERSION 12.19-1.pgdg110+1
+ENV PG_VERSION 12.20-1.pgdg110+1
RUN set -ex; \
\
diff --git a/versions.json b/versions.json
index 0b75cf89a6..7ff211b73a 100644
--- a/versions.json
+++ b/versions.json
@@ -8,7 +8,7 @@
"ppc64el",
"s390x"
],
- "version": "12.19-1.pgdg120+1"
+ "version": "12.20-1.pgdg120+1"
},
"bullseye": {
"arches": [
@@ -17,18 +17,18 @@
"ppc64el",
"s390x"
],
- "version": "12.19-1.pgdg110+1"
+ "version": "12.20-1.pgdg110+1"
},
"debian": "bookworm",
"major": 12,
- "sha256": "617e3de52c22e822f4f57d01d5b2240503e198a9eccaf598a851109bd18e6fbb",
+ "sha256": "2d543af3009fec7fd5af35f7a70c95085d3eef6b508e517aa9493e99b15e9ea9",
"variants": [
"bookworm",
"bullseye",
"alpine3.20",
"alpine3.19"
],
- "version": "12.19"
+ "version": "12.20"
},
"13": {
"alpine": "3.20",
From ce54cce510ed5da4ed9e1e66ddeb6e3300786813 Mon Sep 17 00:00:00 2001
From: Docker Library Bot <doi+docker-library-bot@docker.com>
Date: Thu, 8 Aug 2024 09:37:43 -0700
Subject: [PATCH 067/115] Update 13 to 13.16, bookworm 13.16-1.pgdg120+1,
bullseye 13.16-1.pgdg110+1
---
13/alpine3.19/Dockerfile | 4 ++--
13/alpine3.20/Dockerfile | 4 ++--
13/bookworm/Dockerfile | 2 +-
13/bullseye/Dockerfile | 2 +-
versions.json | 8 ++++----
5 files changed, 10 insertions(+), 10 deletions(-)
diff --git a/13/alpine3.19/Dockerfile b/13/alpine3.19/Dockerfile
index 5e8b9b9c1c..eb4350a655 100644
--- a/13/alpine3.19/Dockerfile
+++ b/13/alpine3.19/Dockerfile
@@ -53,8 +53,8 @@ ENV LANG en_US.utf8
RUN mkdir /docker-entrypoint-initdb.d
ENV PG_MAJOR 13
-ENV PG_VERSION 13.15
-ENV PG_SHA256 42edd415446d33b8c242be76d1ad057531b2264b2e86939339b7075c6e4ec925
+ENV PG_VERSION 13.16
+ENV PG_SHA256 c9cbbb6129f02328204828066bb3785c00a85c8ca8fd329c2a8a53c1f5cd8865
ENV DOCKER_PG_LLVM_DEPS \
llvm15-dev \
diff --git a/13/alpine3.20/Dockerfile b/13/alpine3.20/Dockerfile
index f1242897c7..d365154e29 100644
--- a/13/alpine3.20/Dockerfile
+++ b/13/alpine3.20/Dockerfile
@@ -53,8 +53,8 @@ ENV LANG en_US.utf8
RUN mkdir /docker-entrypoint-initdb.d
ENV PG_MAJOR 13
-ENV PG_VERSION 13.15
-ENV PG_SHA256 42edd415446d33b8c242be76d1ad057531b2264b2e86939339b7075c6e4ec925
+ENV PG_VERSION 13.16
+ENV PG_SHA256 c9cbbb6129f02328204828066bb3785c00a85c8ca8fd329c2a8a53c1f5cd8865
ENV DOCKER_PG_LLVM_DEPS \
llvm15-dev \
diff --git a/13/bookworm/Dockerfile b/13/bookworm/Dockerfile
index c2e61f40d3..8c9451e1b9 100644
--- a/13/bookworm/Dockerfile
+++ b/13/bookworm/Dockerfile
@@ -89,7 +89,7 @@ RUN set -ex; \
ENV PG_MAJOR 13
ENV PATH $PATH:/usr/lib/postgresql/$PG_MAJOR/bin
-ENV PG_VERSION 13.15-1.pgdg120+1
+ENV PG_VERSION 13.16-1.pgdg120+1
RUN set -ex; \
\
diff --git a/13/bullseye/Dockerfile b/13/bullseye/Dockerfile
index e57634a2b1..c8770da222 100644
--- a/13/bullseye/Dockerfile
+++ b/13/bullseye/Dockerfile
@@ -89,7 +89,7 @@ RUN set -ex; \
ENV PG_MAJOR 13
ENV PATH $PATH:/usr/lib/postgresql/$PG_MAJOR/bin
-ENV PG_VERSION 13.15-1.pgdg110+1
+ENV PG_VERSION 13.16-1.pgdg110+1
RUN set -ex; \
\
diff --git a/versions.json b/versions.json
index 7ff211b73a..28e9d7eb16 100644
--- a/versions.json
+++ b/versions.json
@@ -39,7 +39,7 @@
"ppc64el",
"s390x"
],
- "version": "13.15-1.pgdg120+1"
+ "version": "13.16-1.pgdg120+1"
},
"bullseye": {
"arches": [
@@ -48,18 +48,18 @@
"ppc64el",
"s390x"
],
- "version": "13.15-1.pgdg110+1"
+ "version": "13.16-1.pgdg110+1"
},
"debian": "bookworm",
"major": 13,
- "sha256": "42edd415446d33b8c242be76d1ad057531b2264b2e86939339b7075c6e4ec925",
+ "sha256": "c9cbbb6129f02328204828066bb3785c00a85c8ca8fd329c2a8a53c1f5cd8865",
"variants": [
"bookworm",
"bullseye",
"alpine3.20",
"alpine3.19"
],
- "version": "13.15"
+ "version": "13.16"
},
"14": {
"alpine": "3.20",
From e324d93eba7160270512436fd5e9464f91cfbcb9 Mon Sep 17 00:00:00 2001
From: Docker Library Bot <doi+docker-library-bot@docker.com>
Date: Thu, 8 Aug 2024 09:52:20 -0700
Subject: [PATCH 068/115] Update 14 to 14.13, bookworm 14.13-1.pgdg120+1,
bullseye 14.13-1.pgdg110+1
---
14/alpine3.19/Dockerfile | 4 ++--
14/alpine3.20/Dockerfile | 4 ++--
14/bookworm/Dockerfile | 2 +-
14/bullseye/Dockerfile | 2 +-
versions.json | 8 ++++----
5 files changed, 10 insertions(+), 10 deletions(-)
diff --git a/14/alpine3.19/Dockerfile b/14/alpine3.19/Dockerfile
index 1f77cbffed..533e23e6be 100644
--- a/14/alpine3.19/Dockerfile
+++ b/14/alpine3.19/Dockerfile
@@ -53,8 +53,8 @@ ENV LANG en_US.utf8
RUN mkdir /docker-entrypoint-initdb.d
ENV PG_MAJOR 14
-ENV PG_VERSION 14.12
-ENV PG_SHA256 6118d08f9ddcc1bd83cf2b7cc74d3b583bdcec2f37e6245a8ac003b8faa80923
+ENV PG_VERSION 14.13
+ENV PG_SHA256 59aa3c4b495ab26a9ec69f3ad0a0228c51f0fe6facf3634dfad4d1197d613a56
ENV DOCKER_PG_LLVM_DEPS \
llvm15-dev \
diff --git a/14/alpine3.20/Dockerfile b/14/alpine3.20/Dockerfile
index f674836f65..4b89e0d558 100644
--- a/14/alpine3.20/Dockerfile
+++ b/14/alpine3.20/Dockerfile
@@ -53,8 +53,8 @@ ENV LANG en_US.utf8
RUN mkdir /docker-entrypoint-initdb.d
ENV PG_MAJOR 14
-ENV PG_VERSION 14.12
-ENV PG_SHA256 6118d08f9ddcc1bd83cf2b7cc74d3b583bdcec2f37e6245a8ac003b8faa80923
+ENV PG_VERSION 14.13
+ENV PG_SHA256 59aa3c4b495ab26a9ec69f3ad0a0228c51f0fe6facf3634dfad4d1197d613a56
ENV DOCKER_PG_LLVM_DEPS \
llvm15-dev \
diff --git a/14/bookworm/Dockerfile b/14/bookworm/Dockerfile
index c579f62833..88743d5041 100644
--- a/14/bookworm/Dockerfile
+++ b/14/bookworm/Dockerfile
@@ -89,7 +89,7 @@ RUN set -ex; \
ENV PG_MAJOR 14
ENV PATH $PATH:/usr/lib/postgresql/$PG_MAJOR/bin
-ENV PG_VERSION 14.12-1.pgdg120+1
+ENV PG_VERSION 14.13-1.pgdg120+1
RUN set -ex; \
\
diff --git a/14/bullseye/Dockerfile b/14/bullseye/Dockerfile
index 1dcdb845f8..a69d4098f9 100644
--- a/14/bullseye/Dockerfile
+++ b/14/bullseye/Dockerfile
@@ -89,7 +89,7 @@ RUN set -ex; \
ENV PG_MAJOR 14
ENV PATH $PATH:/usr/lib/postgresql/$PG_MAJOR/bin
-ENV PG_VERSION 14.12-1.pgdg110+1
+ENV PG_VERSION 14.13-1.pgdg110+1
RUN set -ex; \
\
diff --git a/versions.json b/versions.json
index 28e9d7eb16..e26c3cbc91 100644
--- a/versions.json
+++ b/versions.json
@@ -70,7 +70,7 @@
"ppc64el",
"s390x"
],
- "version": "14.12-1.pgdg120+1"
+ "version": "14.13-1.pgdg120+1"
},
"bullseye": {
"arches": [
@@ -79,18 +79,18 @@
"ppc64el",
"s390x"
],
- "version": "14.12-1.pgdg110+1"
+ "version": "14.13-1.pgdg110+1"
},
"debian": "bookworm",
"major": 14,
- "sha256": "6118d08f9ddcc1bd83cf2b7cc74d3b583bdcec2f37e6245a8ac003b8faa80923",
+ "sha256": "59aa3c4b495ab26a9ec69f3ad0a0228c51f0fe6facf3634dfad4d1197d613a56",
"variants": [
"bookworm",
"bullseye",
"alpine3.20",
"alpine3.19"
],
- "version": "14.12"
+ "version": "14.13"
},
"15": {
"alpine": "3.20",
From 8cce578a4361ed18a29f53fed24e4554f673a3a4 Mon Sep 17 00:00:00 2001
From: Docker Library Bot <doi+docker-library-bot@docker.com>
Date: Thu, 8 Aug 2024 10:06:32 -0700
Subject: [PATCH 069/115] Update 15 to 15.8, bookworm 15.8-1.pgdg120+1,
bullseye 15.8-1.pgdg110+1
---
15/alpine3.19/Dockerfile | 4 ++--
15/alpine3.20/Dockerfile | 4 ++--
15/bookworm/Dockerfile | 2 +-
15/bullseye/Dockerfile | 2 +-
versions.json | 8 ++++----
5 files changed, 10 insertions(+), 10 deletions(-)
diff --git a/15/alpine3.19/Dockerfile b/15/alpine3.19/Dockerfile
index 76dc5b24e5..e9c2dbb37d 100644
--- a/15/alpine3.19/Dockerfile
+++ b/15/alpine3.19/Dockerfile
@@ -53,8 +53,8 @@ ENV LANG en_US.utf8
RUN mkdir /docker-entrypoint-initdb.d
ENV PG_MAJOR 15
-ENV PG_VERSION 15.7
-ENV PG_SHA256 a46fe49485ab6385e39dabbbb654f5d3049206f76cd695e224268729520998f7
+ENV PG_VERSION 15.8
+ENV PG_SHA256 4403515f9a69eeb3efebc98f30b8c696122bfdf895e92b3b23f5b8e769edcb6a
ENV DOCKER_PG_LLVM_DEPS \
llvm15-dev \
diff --git a/15/alpine3.20/Dockerfile b/15/alpine3.20/Dockerfile
index fede5ab89c..83e8a4640d 100644
--- a/15/alpine3.20/Dockerfile
+++ b/15/alpine3.20/Dockerfile
@@ -53,8 +53,8 @@ ENV LANG en_US.utf8
RUN mkdir /docker-entrypoint-initdb.d
ENV PG_MAJOR 15
-ENV PG_VERSION 15.7
-ENV PG_SHA256 a46fe49485ab6385e39dabbbb654f5d3049206f76cd695e224268729520998f7
+ENV PG_VERSION 15.8
+ENV PG_SHA256 4403515f9a69eeb3efebc98f30b8c696122bfdf895e92b3b23f5b8e769edcb6a
ENV DOCKER_PG_LLVM_DEPS \
llvm15-dev \
diff --git a/15/bookworm/Dockerfile b/15/bookworm/Dockerfile
index b91220a9ee..859acbfbdd 100644
--- a/15/bookworm/Dockerfile
+++ b/15/bookworm/Dockerfile
@@ -89,7 +89,7 @@ RUN set -ex; \
ENV PG_MAJOR 15
ENV PATH $PATH:/usr/lib/postgresql/$PG_MAJOR/bin
-ENV PG_VERSION 15.7-1.pgdg120+1
+ENV PG_VERSION 15.8-1.pgdg120+1
RUN set -ex; \
\
diff --git a/15/bullseye/Dockerfile b/15/bullseye/Dockerfile
index 9323d7ef31..aff946fa54 100644
--- a/15/bullseye/Dockerfile
+++ b/15/bullseye/Dockerfile
@@ -89,7 +89,7 @@ RUN set -ex; \
ENV PG_MAJOR 15
ENV PATH $PATH:/usr/lib/postgresql/$PG_MAJOR/bin
-ENV PG_VERSION 15.7-1.pgdg110+1
+ENV PG_VERSION 15.8-1.pgdg110+1
RUN set -ex; \
\
diff --git a/versions.json b/versions.json
index e26c3cbc91..269d2b550d 100644
--- a/versions.json
+++ b/versions.json
@@ -101,7 +101,7 @@
"ppc64el",
"s390x"
],
- "version": "15.7-1.pgdg120+1"
+ "version": "15.8-1.pgdg120+1"
},
"bullseye": {
"arches": [
@@ -110,18 +110,18 @@
"ppc64el",
"s390x"
],
- "version": "15.7-1.pgdg110+1"
+ "version": "15.8-1.pgdg110+1"
},
"debian": "bookworm",
"major": 15,
- "sha256": "a46fe49485ab6385e39dabbbb654f5d3049206f76cd695e224268729520998f7",
+ "sha256": "4403515f9a69eeb3efebc98f30b8c696122bfdf895e92b3b23f5b8e769edcb6a",
"variants": [
"bookworm",
"bullseye",
"alpine3.20",
"alpine3.19"
],
- "version": "15.7"
+ "version": "15.8"
},
"16": {
"alpine": "3.20",
From 3a94d965ecbe08f4b1b255d3ed9ccae671a7a984 Mon Sep 17 00:00:00 2001
From: Docker Library Bot <doi+docker-library-bot@docker.com>
Date: Thu, 8 Aug 2024 10:20:28 -0700
Subject: [PATCH 070/115] Update 16 to 16.4, bookworm 16.4-1.pgdg120+1,
bullseye 16.4-1.pgdg110+1
---
16/alpine3.19/Dockerfile | 4 ++--
16/alpine3.20/Dockerfile | 4 ++--
16/bookworm/Dockerfile | 2 +-
16/bullseye/Dockerfile | 2 +-
versions.json | 8 ++++----
5 files changed, 10 insertions(+), 10 deletions(-)
diff --git a/16/alpine3.19/Dockerfile b/16/alpine3.19/Dockerfile
index be479c5be2..16f3df5884 100644
--- a/16/alpine3.19/Dockerfile
+++ b/16/alpine3.19/Dockerfile
@@ -53,8 +53,8 @@ ENV LANG en_US.utf8
RUN mkdir /docker-entrypoint-initdb.d
ENV PG_MAJOR 16
-ENV PG_VERSION 16.3
-ENV PG_SHA256 331963d5d3dc4caf4216a049fa40b66d6bcb8c730615859411b9518764e60585
+ENV PG_VERSION 16.4
+ENV PG_SHA256 971766d645aa73e93b9ef4e3be44201b4f45b5477095b049125403f9f3386d6f
ENV DOCKER_PG_LLVM_DEPS \
llvm15-dev \
diff --git a/16/alpine3.20/Dockerfile b/16/alpine3.20/Dockerfile
index 447f1d8e10..33d01092b9 100644
--- a/16/alpine3.20/Dockerfile
+++ b/16/alpine3.20/Dockerfile
@@ -53,8 +53,8 @@ ENV LANG en_US.utf8
RUN mkdir /docker-entrypoint-initdb.d
ENV PG_MAJOR 16
-ENV PG_VERSION 16.3
-ENV PG_SHA256 331963d5d3dc4caf4216a049fa40b66d6bcb8c730615859411b9518764e60585
+ENV PG_VERSION 16.4
+ENV PG_SHA256 971766d645aa73e93b9ef4e3be44201b4f45b5477095b049125403f9f3386d6f
ENV DOCKER_PG_LLVM_DEPS \
llvm15-dev \
diff --git a/16/bookworm/Dockerfile b/16/bookworm/Dockerfile
index d13273b08a..c18ea696cd 100644
--- a/16/bookworm/Dockerfile
+++ b/16/bookworm/Dockerfile
@@ -89,7 +89,7 @@ RUN set -ex; \
ENV PG_MAJOR 16
ENV PATH $PATH:/usr/lib/postgresql/$PG_MAJOR/bin
-ENV PG_VERSION 16.3-1.pgdg120+1
+ENV PG_VERSION 16.4-1.pgdg120+1
RUN set -ex; \
\
diff --git a/16/bullseye/Dockerfile b/16/bullseye/Dockerfile
index f2827ff9af..012558e80c 100644
--- a/16/bullseye/Dockerfile
+++ b/16/bullseye/Dockerfile
@@ -89,7 +89,7 @@ RUN set -ex; \
ENV PG_MAJOR 16
ENV PATH $PATH:/usr/lib/postgresql/$PG_MAJOR/bin
-ENV PG_VERSION 16.3-1.pgdg110+1
+ENV PG_VERSION 16.4-1.pgdg110+1
RUN set -ex; \
\
diff --git a/versions.json b/versions.json
index 269d2b550d..4e84ee27cf 100644
--- a/versions.json
+++ b/versions.json
@@ -132,7 +132,7 @@
"ppc64el",
"s390x"
],
- "version": "16.3-1.pgdg120+1"
+ "version": "16.4-1.pgdg120+1"
},
"bullseye": {
"arches": [
@@ -141,18 +141,18 @@
"ppc64el",
"s390x"
],
- "version": "16.3-1.pgdg110+1"
+ "version": "16.4-1.pgdg110+1"
},
"debian": "bookworm",
"major": 16,
- "sha256": "331963d5d3dc4caf4216a049fa40b66d6bcb8c730615859411b9518764e60585",
+ "sha256": "971766d645aa73e93b9ef4e3be44201b4f45b5477095b049125403f9f3386d6f",
"variants": [
"bookworm",
"bullseye",
"alpine3.20",
"alpine3.19"
],
- "version": "16.3"
+ "version": "16.4"
},
"17": {
"alpine": "3.20",
From 805329e7a64fad212a5d4b07abd11238a9beab75 Mon Sep 17 00:00:00 2001
From: Docker Library Bot <doi+docker-library-bot@docker.com>
Date: Thu, 8 Aug 2024 10:34:59 -0700
Subject: [PATCH 071/115] Update 17 to 17beta3, bookworm 17~beta3-1.pgdg120+1,
bullseye 17~beta3-1.pgdg110+1
---
17/alpine3.19/Dockerfile | 4 ++--
17/alpine3.20/Dockerfile | 4 ++--
17/bookworm/Dockerfile | 2 +-
17/bullseye/Dockerfile | 2 +-
versions.json | 8 ++++----
5 files changed, 10 insertions(+), 10 deletions(-)
diff --git a/17/alpine3.19/Dockerfile b/17/alpine3.19/Dockerfile
index cc263a0644..b969aee611 100644
--- a/17/alpine3.19/Dockerfile
+++ b/17/alpine3.19/Dockerfile
@@ -52,8 +52,8 @@ ENV LANG en_US.utf8
RUN mkdir /docker-entrypoint-initdb.d
ENV PG_MAJOR 17
-ENV PG_VERSION 17beta2
-ENV PG_SHA256 157af3af2cbc40364990835f518aea0711703e1c48f204b54dfd49b46cd8716c
+ENV PG_VERSION 17beta3
+ENV PG_SHA256 010dfaff9fcca6afa2fd576eea89cdabcefc262aa0ba89a6845eaab4d4b08f71
ENV DOCKER_PG_LLVM_DEPS \
llvm15-dev \
diff --git a/17/alpine3.20/Dockerfile b/17/alpine3.20/Dockerfile
index 07dc7c4750..c8c66543d7 100644
--- a/17/alpine3.20/Dockerfile
+++ b/17/alpine3.20/Dockerfile
@@ -52,8 +52,8 @@ ENV LANG en_US.utf8
RUN mkdir /docker-entrypoint-initdb.d
ENV PG_MAJOR 17
-ENV PG_VERSION 17beta2
-ENV PG_SHA256 157af3af2cbc40364990835f518aea0711703e1c48f204b54dfd49b46cd8716c
+ENV PG_VERSION 17beta3
+ENV PG_SHA256 010dfaff9fcca6afa2fd576eea89cdabcefc262aa0ba89a6845eaab4d4b08f71
ENV DOCKER_PG_LLVM_DEPS \
llvm15-dev \
diff --git a/17/bookworm/Dockerfile b/17/bookworm/Dockerfile
index 99dfd4b35c..4f6df7d667 100644
--- a/17/bookworm/Dockerfile
+++ b/17/bookworm/Dockerfile
@@ -89,7 +89,7 @@ RUN set -ex; \
ENV PG_MAJOR 17
ENV PATH $PATH:/usr/lib/postgresql/$PG_MAJOR/bin
-ENV PG_VERSION 17~beta2-1.pgdg120+1
+ENV PG_VERSION 17~beta3-1.pgdg120+1
RUN set -ex; \
\
diff --git a/17/bullseye/Dockerfile b/17/bullseye/Dockerfile
index 249d0cdf80..8da5fa76ca 100644
--- a/17/bullseye/Dockerfile
+++ b/17/bullseye/Dockerfile
@@ -89,7 +89,7 @@ RUN set -ex; \
ENV PG_MAJOR 17
ENV PATH $PATH:/usr/lib/postgresql/$PG_MAJOR/bin
-ENV PG_VERSION 17~beta2-1.pgdg110+1
+ENV PG_VERSION 17~beta3-1.pgdg110+1
RUN set -ex; \
\
diff --git a/versions.json b/versions.json
index 4e84ee27cf..d05ed23319 100644
--- a/versions.json
+++ b/versions.json
@@ -163,7 +163,7 @@
"ppc64el",
"s390x"
],
- "version": "17~beta2-1.pgdg120+1"
+ "version": "17~beta3-1.pgdg120+1"
},
"bullseye": {
"arches": [
@@ -172,17 +172,17 @@
"ppc64el",
"s390x"
],
- "version": "17~beta2-1.pgdg110+1"
+ "version": "17~beta3-1.pgdg110+1"
},
"debian": "bookworm",
"major": 17,
- "sha256": "157af3af2cbc40364990835f518aea0711703e1c48f204b54dfd49b46cd8716c",
+ "sha256": "010dfaff9fcca6afa2fd576eea89cdabcefc262aa0ba89a6845eaab4d4b08f71",
"variants": [
"bookworm",
"bullseye",
"alpine3.20",
"alpine3.19"
],
- "version": "17beta2"
+ "version": "17beta3"
}
}
From eaa1c35769621a6bb1e499073a5812ba478c7688 Mon Sep 17 00:00:00 2001
From: Docker Library Bot <doi+docker-library-bot@docker.com>
Date: Thu, 5 Sep 2024 06:44:37 -0700
Subject: [PATCH 072/115] Update 17 to 17rc1, bookworm 17~rc1-1.pgdg120+1,
bullseye 17~rc1-1.pgdg110+1
---
17/alpine3.19/Dockerfile | 4 ++--
17/alpine3.20/Dockerfile | 4 ++--
17/bookworm/Dockerfile | 2 +-
17/bullseye/Dockerfile | 2 +-
versions.json | 8 ++++----
5 files changed, 10 insertions(+), 10 deletions(-)
diff --git a/17/alpine3.19/Dockerfile b/17/alpine3.19/Dockerfile
index b969aee611..16ab9112c1 100644
--- a/17/alpine3.19/Dockerfile
+++ b/17/alpine3.19/Dockerfile
@@ -52,8 +52,8 @@ ENV LANG en_US.utf8
RUN mkdir /docker-entrypoint-initdb.d
ENV PG_MAJOR 17
-ENV PG_VERSION 17beta3
-ENV PG_SHA256 010dfaff9fcca6afa2fd576eea89cdabcefc262aa0ba89a6845eaab4d4b08f71
+ENV PG_VERSION 17rc1
+ENV PG_SHA256 cef689e2de8c3d605d8406c065573b8d70859fc6f2a8d720b0d98a6d62ef16e8
ENV DOCKER_PG_LLVM_DEPS \
llvm15-dev \
diff --git a/17/alpine3.20/Dockerfile b/17/alpine3.20/Dockerfile
index c8c66543d7..98d356561b 100644
--- a/17/alpine3.20/Dockerfile
+++ b/17/alpine3.20/Dockerfile
@@ -52,8 +52,8 @@ ENV LANG en_US.utf8
RUN mkdir /docker-entrypoint-initdb.d
ENV PG_MAJOR 17
-ENV PG_VERSION 17beta3
-ENV PG_SHA256 010dfaff9fcca6afa2fd576eea89cdabcefc262aa0ba89a6845eaab4d4b08f71
+ENV PG_VERSION 17rc1
+ENV PG_SHA256 cef689e2de8c3d605d8406c065573b8d70859fc6f2a8d720b0d98a6d62ef16e8
ENV DOCKER_PG_LLVM_DEPS \
llvm15-dev \
diff --git a/17/bookworm/Dockerfile b/17/bookworm/Dockerfile
index 4f6df7d667..b3c3dcde80 100644
--- a/17/bookworm/Dockerfile
+++ b/17/bookworm/Dockerfile
@@ -89,7 +89,7 @@ RUN set -ex; \
ENV PG_MAJOR 17
ENV PATH $PATH:/usr/lib/postgresql/$PG_MAJOR/bin
-ENV PG_VERSION 17~beta3-1.pgdg120+1
+ENV PG_VERSION 17~rc1-1.pgdg120+1
RUN set -ex; \
\
diff --git a/17/bullseye/Dockerfile b/17/bullseye/Dockerfile
index 8da5fa76ca..cfec2a2c06 100644
--- a/17/bullseye/Dockerfile
+++ b/17/bullseye/Dockerfile
@@ -89,7 +89,7 @@ RUN set -ex; \
ENV PG_MAJOR 17
ENV PATH $PATH:/usr/lib/postgresql/$PG_MAJOR/bin
-ENV PG_VERSION 17~beta3-1.pgdg110+1
+ENV PG_VERSION 17~rc1-1.pgdg110+1
RUN set -ex; \
\
diff --git a/versions.json b/versions.json
index d05ed23319..430925d3c7 100644
--- a/versions.json
+++ b/versions.json
@@ -163,7 +163,7 @@
"ppc64el",
"s390x"
],
- "version": "17~beta3-1.pgdg120+1"
+ "version": "17~rc1-1.pgdg120+1"
},
"bullseye": {
"arches": [
@@ -172,17 +172,17 @@
"ppc64el",
"s390x"
],
- "version": "17~beta3-1.pgdg110+1"
+ "version": "17~rc1-1.pgdg110+1"
},
"debian": "bookworm",
"major": 17,
- "sha256": "010dfaff9fcca6afa2fd576eea89cdabcefc262aa0ba89a6845eaab4d4b08f71",
+ "sha256": "cef689e2de8c3d605d8406c065573b8d70859fc6f2a8d720b0d98a6d62ef16e8",
"variants": [
"bookworm",
"bullseye",
"alpine3.20",
"alpine3.19"
],
- "version": "17beta3"
+ "version": "17rc1"
}
}
From c9906f922daaacdfc425b3b918e7644a8722290d Mon Sep 17 00:00:00 2001
From: Docker Library Bot <doi+docker-library-bot@docker.com>
Date: Thu, 26 Sep 2024 11:03:00 -0700
Subject: [PATCH 073/115] Update 16 to bookworm 16.4-1.pgdg120+2, bullseye
16.4-1.pgdg110+2
---
16/bookworm/Dockerfile | 2 +-
16/bullseye/Dockerfile | 2 +-
versions.json | 4 ++--
3 files changed, 4 insertions(+), 4 deletions(-)
diff --git a/16/bookworm/Dockerfile b/16/bookworm/Dockerfile
index c18ea696cd..40feae2173 100644
--- a/16/bookworm/Dockerfile
+++ b/16/bookworm/Dockerfile
@@ -89,7 +89,7 @@ RUN set -ex; \
ENV PG_MAJOR 16
ENV PATH $PATH:/usr/lib/postgresql/$PG_MAJOR/bin
-ENV PG_VERSION 16.4-1.pgdg120+1
+ENV PG_VERSION 16.4-1.pgdg120+2
RUN set -ex; \
\
diff --git a/16/bullseye/Dockerfile b/16/bullseye/Dockerfile
index 012558e80c..fb685497f9 100644
--- a/16/bullseye/Dockerfile
+++ b/16/bullseye/Dockerfile
@@ -89,7 +89,7 @@ RUN set -ex; \
ENV PG_MAJOR 16
ENV PATH $PATH:/usr/lib/postgresql/$PG_MAJOR/bin
-ENV PG_VERSION 16.4-1.pgdg110+1
+ENV PG_VERSION 16.4-1.pgdg110+2
RUN set -ex; \
\
diff --git a/versions.json b/versions.json
index 430925d3c7..8cbf6910e9 100644
--- a/versions.json
+++ b/versions.json
@@ -132,7 +132,7 @@
"ppc64el",
"s390x"
],
- "version": "16.4-1.pgdg120+1"
+ "version": "16.4-1.pgdg120+2"
},
"bullseye": {
"arches": [
@@ -141,7 +141,7 @@
"ppc64el",
"s390x"
],
- "version": "16.4-1.pgdg110+1"
+ "version": "16.4-1.pgdg110+2"
},
"debian": "bookworm",
"major": 16,
From 172544062d1031004b241e917f5f3f9dfebc0df5 Mon Sep 17 00:00:00 2001
From: Docker Library Bot <doi+docker-library-bot@docker.com>
Date: Thu, 26 Sep 2024 11:19:57 -0700
Subject: [PATCH 074/115] Update 17 to 17.0, bookworm 17.0-1.pgdg120+1,
bullseye 17.0-1.pgdg110+1
---
17/alpine3.19/Dockerfile | 4 ++--
17/alpine3.20/Dockerfile | 4 ++--
17/bookworm/Dockerfile | 2 +-
17/bullseye/Dockerfile | 2 +-
versions.json | 8 ++++----
5 files changed, 10 insertions(+), 10 deletions(-)
diff --git a/17/alpine3.19/Dockerfile b/17/alpine3.19/Dockerfile
index 16ab9112c1..793e3d49c5 100644
--- a/17/alpine3.19/Dockerfile
+++ b/17/alpine3.19/Dockerfile
@@ -52,8 +52,8 @@ ENV LANG en_US.utf8
RUN mkdir /docker-entrypoint-initdb.d
ENV PG_MAJOR 17
-ENV PG_VERSION 17rc1
-ENV PG_SHA256 cef689e2de8c3d605d8406c065573b8d70859fc6f2a8d720b0d98a6d62ef16e8
+ENV PG_VERSION 17.0
+ENV PG_SHA256 7e276131c0fdd6b62588dbad9b3bb24b8c3498d5009328dba59af16e819109de
ENV DOCKER_PG_LLVM_DEPS \
llvm15-dev \
diff --git a/17/alpine3.20/Dockerfile b/17/alpine3.20/Dockerfile
index 98d356561b..4a33b69d48 100644
--- a/17/alpine3.20/Dockerfile
+++ b/17/alpine3.20/Dockerfile
@@ -52,8 +52,8 @@ ENV LANG en_US.utf8
RUN mkdir /docker-entrypoint-initdb.d
ENV PG_MAJOR 17
-ENV PG_VERSION 17rc1
-ENV PG_SHA256 cef689e2de8c3d605d8406c065573b8d70859fc6f2a8d720b0d98a6d62ef16e8
+ENV PG_VERSION 17.0
+ENV PG_SHA256 7e276131c0fdd6b62588dbad9b3bb24b8c3498d5009328dba59af16e819109de
ENV DOCKER_PG_LLVM_DEPS \
llvm15-dev \
diff --git a/17/bookworm/Dockerfile b/17/bookworm/Dockerfile
index b3c3dcde80..21a1f4958d 100644
--- a/17/bookworm/Dockerfile
+++ b/17/bookworm/Dockerfile
@@ -89,7 +89,7 @@ RUN set -ex; \
ENV PG_MAJOR 17
ENV PATH $PATH:/usr/lib/postgresql/$PG_MAJOR/bin
-ENV PG_VERSION 17~rc1-1.pgdg120+1
+ENV PG_VERSION 17.0-1.pgdg120+1
RUN set -ex; \
\
diff --git a/17/bullseye/Dockerfile b/17/bullseye/Dockerfile
index cfec2a2c06..a7ff8247c8 100644
--- a/17/bullseye/Dockerfile
+++ b/17/bullseye/Dockerfile
@@ -89,7 +89,7 @@ RUN set -ex; \
ENV PG_MAJOR 17
ENV PATH $PATH:/usr/lib/postgresql/$PG_MAJOR/bin
-ENV PG_VERSION 17~rc1-1.pgdg110+1
+ENV PG_VERSION 17.0-1.pgdg110+1
RUN set -ex; \
\
diff --git a/versions.json b/versions.json
index 8cbf6910e9..680d43c409 100644
--- a/versions.json
+++ b/versions.json
@@ -163,7 +163,7 @@
"ppc64el",
"s390x"
],
- "version": "17~rc1-1.pgdg120+1"
+ "version": "17.0-1.pgdg120+1"
},
"bullseye": {
"arches": [
@@ -172,17 +172,17 @@
"ppc64el",
"s390x"
],
- "version": "17~rc1-1.pgdg110+1"
+ "version": "17.0-1.pgdg110+1"
},
"debian": "bookworm",
"major": 17,
- "sha256": "cef689e2de8c3d605d8406c065573b8d70859fc6f2a8d720b0d98a6d62ef16e8",
+ "sha256": "7e276131c0fdd6b62588dbad9b3bb24b8c3498d5009328dba59af16e819109de",
"variants": [
"bookworm",
"bullseye",
"alpine3.20",
"alpine3.19"
],
- "version": "17rc1"
+ "version": "17.0"
}
}
From b406380598e74b16619868216518e028720ca653 Mon Sep 17 00:00:00 2001
From: Tianon Gravi <admwiggin@gmail.com>
Date: Thu, 26 Sep 2024 15:59:36 -0700
Subject: [PATCH 075/115] Update "latest" to 17 (now GA)
---
generate-stackbrew-library.sh | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/generate-stackbrew-library.sh b/generate-stackbrew-library.sh
index 9dc0d91ea1..9f708c7f7b 100755
--- a/generate-stackbrew-library.sh
+++ b/generate-stackbrew-library.sh
@@ -2,7 +2,7 @@
set -Eeuo pipefail
declare -A aliases=(
- [16]='latest'
+ [17]='latest'
)
self="$(basename "$BASH_SOURCE")"
From a37e929682e8de45a3304a5bf9d63210c2e0a680 Mon Sep 17 00:00:00 2001
From: Tianon Gravi <admwiggin@gmail.com>
Date: Mon, 30 Sep 2024 11:28:39 -0700
Subject: [PATCH 076/115] Update `generate-stackbrew-library.sh` to support
`BASHBREW_LIBRARY` for easier cascading updates
See https://github.com/docker-library/official-images/pull/17640#issuecomment-2380308790
---
generate-stackbrew-library.sh | 14 ++++++++------
1 file changed, 8 insertions(+), 6 deletions(-)
diff --git a/generate-stackbrew-library.sh b/generate-stackbrew-library.sh
index 9f708c7f7b..234a5266a1 100755
--- a/generate-stackbrew-library.sh
+++ b/generate-stackbrew-library.sh
@@ -44,17 +44,19 @@ dirCommit() {
getArches() {
local repo="$1"; shift
- local officialImagesUrl='https://github.com/docker-library/official-images/raw/master/library/'
+ local officialImagesBase="${BASHBREW_LIBRARY:-https://github.com/docker-library/official-images/raw/HEAD/library}/"
- eval "declare -g -A parentRepoToArches=( $(
- find -name 'Dockerfile' -exec awk '
+ local parentRepoToArchesStr
+ parentRepoToArchesStr="$(
+ find -name 'Dockerfile' -exec awk -v officialImagesBase="$officialImagesBase" '
toupper($1) == "FROM" && $2 !~ /^('"$repo"'|scratch|.*\/.*)(:|$)/ {
- print "'"$officialImagesUrl"'" $2
+ printf "%s%s\n", officialImagesBase, $2
}
' '{}' + \
| sort -u \
- | xargs bashbrew cat --format '[{{ .RepoName }}:{{ .TagName }}]="{{ join " " .TagEntry.Architectures }}"'
- ) )"
+ | xargs -r bashbrew cat --format '["{{ .RepoName }}:{{ .TagName }}"]="{{ join " " .TagEntry.Architectures }}"'
+ )"
+ eval "declare -g -A parentRepoToArches=( $parentRepoToArchesStr )"
}
getArches 'postgres'
From 5db7a178fdfa1042ddafc2d507fe830940463c79 Mon Sep 17 00:00:00 2001
From: Tianon Gravi <admwiggin@gmail.com>
Date: Wed, 16 Oct 2024 14:37:29 -0700
Subject: [PATCH 077/115] Use jq's `IN()` instead of `index()`
The end result is the same, but the construction is more ergonomic.
---
Dockerfile-alpine.template | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/Dockerfile-alpine.template b/Dockerfile-alpine.template
index 3d6236e6e8..767923f895 100644
--- a/Dockerfile-alpine.template
+++ b/Dockerfile-alpine.template
@@ -38,7 +38,7 @@ RUN set -eux; \
# verify that the binary works
gosu --version; \
gosu nobody true
-{{ if [ "12", "13", "14", "15", "16" ] | index(env.version) then ( -}}
+{{ if env.version | IN("12", "13", "14", "15", "16") then ( -}}
RUN set -eux; ln -svf gosu /usr/local/bin/su-exec; su-exec nobody true # backwards compatibility (removed in PostgreSQL 17+)
{{ ) else "" end -}}
From cbe3b78084800aa553239f9726942bb17929ba73 Mon Sep 17 00:00:00 2001
From: Docker Library Bot <doi+docker-library-bot@docker.com>
Date: Thu, 14 Nov 2024 10:38:07 -0800
Subject: [PATCH 078/115] Update 12 to 12.21, bookworm 12.21-1.pgdg120+1,
bullseye 12.21-1.pgdg110+1
---
12/alpine3.19/Dockerfile | 4 ++--
12/alpine3.20/Dockerfile | 4 ++--
12/bookworm/Dockerfile | 2 +-
12/bullseye/Dockerfile | 2 +-
versions.json | 8 ++++----
5 files changed, 10 insertions(+), 10 deletions(-)
diff --git a/12/alpine3.19/Dockerfile b/12/alpine3.19/Dockerfile
index e3f5683277..cc16e0ddc8 100644
--- a/12/alpine3.19/Dockerfile
+++ b/12/alpine3.19/Dockerfile
@@ -53,8 +53,8 @@ ENV LANG en_US.utf8
RUN mkdir /docker-entrypoint-initdb.d
ENV PG_MAJOR 12
-ENV PG_VERSION 12.20
-ENV PG_SHA256 2d543af3009fec7fd5af35f7a70c95085d3eef6b508e517aa9493e99b15e9ea9
+ENV PG_VERSION 12.21
+ENV PG_SHA256 6c711550ac1cc7828865e5823d9f457e3bdad6f4320177169f90e419be0c27f2
ENV DOCKER_PG_LLVM_DEPS \
llvm15-dev \
diff --git a/12/alpine3.20/Dockerfile b/12/alpine3.20/Dockerfile
index 2c1db6c7f0..b8b82118c2 100644
--- a/12/alpine3.20/Dockerfile
+++ b/12/alpine3.20/Dockerfile
@@ -53,8 +53,8 @@ ENV LANG en_US.utf8
RUN mkdir /docker-entrypoint-initdb.d
ENV PG_MAJOR 12
-ENV PG_VERSION 12.20
-ENV PG_SHA256 2d543af3009fec7fd5af35f7a70c95085d3eef6b508e517aa9493e99b15e9ea9
+ENV PG_VERSION 12.21
+ENV PG_SHA256 6c711550ac1cc7828865e5823d9f457e3bdad6f4320177169f90e419be0c27f2
ENV DOCKER_PG_LLVM_DEPS \
llvm15-dev \
diff --git a/12/bookworm/Dockerfile b/12/bookworm/Dockerfile
index d80c0a4345..1f92c9baa0 100644
--- a/12/bookworm/Dockerfile
+++ b/12/bookworm/Dockerfile
@@ -89,7 +89,7 @@ RUN set -ex; \
ENV PG_MAJOR 12
ENV PATH $PATH:/usr/lib/postgresql/$PG_MAJOR/bin
-ENV PG_VERSION 12.20-1.pgdg120+1
+ENV PG_VERSION 12.21-1.pgdg120+1
RUN set -ex; \
\
diff --git a/12/bullseye/Dockerfile b/12/bullseye/Dockerfile
index f11f9db297..5d57862bf4 100644
--- a/12/bullseye/Dockerfile
+++ b/12/bullseye/Dockerfile
@@ -89,7 +89,7 @@ RUN set -ex; \
ENV PG_MAJOR 12
ENV PATH $PATH:/usr/lib/postgresql/$PG_MAJOR/bin
-ENV PG_VERSION 12.20-1.pgdg110+1
+ENV PG_VERSION 12.21-1.pgdg110+1
RUN set -ex; \
\
diff --git a/versions.json b/versions.json
index 680d43c409..d1e2d9c4cc 100644
--- a/versions.json
+++ b/versions.json
@@ -8,7 +8,7 @@
"ppc64el",
"s390x"
],
- "version": "12.20-1.pgdg120+1"
+ "version": "12.21-1.pgdg120+1"
},
"bullseye": {
"arches": [
@@ -17,18 +17,18 @@
"ppc64el",
"s390x"
],
- "version": "12.20-1.pgdg110+1"
+ "version": "12.21-1.pgdg110+1"
},
"debian": "bookworm",
"major": 12,
- "sha256": "2d543af3009fec7fd5af35f7a70c95085d3eef6b508e517aa9493e99b15e9ea9",
+ "sha256": "6c711550ac1cc7828865e5823d9f457e3bdad6f4320177169f90e419be0c27f2",
"variants": [
"bookworm",
"bullseye",
"alpine3.20",
"alpine3.19"
],
- "version": "12.20"
+ "version": "12.21"
},
"13": {
"alpine": "3.20",
From 9f3bef00aaeb4453ed9e7336ab1856f7e9424b25 Mon Sep 17 00:00:00 2001
From: Docker Library Bot <doi+docker-library-bot@docker.com>
Date: Thu, 14 Nov 2024 10:53:24 -0800
Subject: [PATCH 079/115] Update 13 to 13.17, bookworm 13.17-1.pgdg120+1,
bullseye 13.17-1.pgdg110+1
---
13/alpine3.19/Dockerfile | 4 ++--
13/alpine3.20/Dockerfile | 4 ++--
13/bookworm/Dockerfile | 2 +-
13/bullseye/Dockerfile | 2 +-
versions.json | 8 ++++----
5 files changed, 10 insertions(+), 10 deletions(-)
diff --git a/13/alpine3.19/Dockerfile b/13/alpine3.19/Dockerfile
index eb4350a655..59850e682f 100644
--- a/13/alpine3.19/Dockerfile
+++ b/13/alpine3.19/Dockerfile
@@ -53,8 +53,8 @@ ENV LANG en_US.utf8
RUN mkdir /docker-entrypoint-initdb.d
ENV PG_MAJOR 13
-ENV PG_VERSION 13.16
-ENV PG_SHA256 c9cbbb6129f02328204828066bb3785c00a85c8ca8fd329c2a8a53c1f5cd8865
+ENV PG_VERSION 13.17
+ENV PG_SHA256 022b0a6e7bc374a777eece33708895d7b60cae07d492b286b296a49d7395d78b
ENV DOCKER_PG_LLVM_DEPS \
llvm15-dev \
diff --git a/13/alpine3.20/Dockerfile b/13/alpine3.20/Dockerfile
index d365154e29..95466e7e78 100644
--- a/13/alpine3.20/Dockerfile
+++ b/13/alpine3.20/Dockerfile
@@ -53,8 +53,8 @@ ENV LANG en_US.utf8
RUN mkdir /docker-entrypoint-initdb.d
ENV PG_MAJOR 13
-ENV PG_VERSION 13.16
-ENV PG_SHA256 c9cbbb6129f02328204828066bb3785c00a85c8ca8fd329c2a8a53c1f5cd8865
+ENV PG_VERSION 13.17
+ENV PG_SHA256 022b0a6e7bc374a777eece33708895d7b60cae07d492b286b296a49d7395d78b
ENV DOCKER_PG_LLVM_DEPS \
llvm15-dev \
diff --git a/13/bookworm/Dockerfile b/13/bookworm/Dockerfile
index 8c9451e1b9..02dab0fbda 100644
--- a/13/bookworm/Dockerfile
+++ b/13/bookworm/Dockerfile
@@ -89,7 +89,7 @@ RUN set -ex; \
ENV PG_MAJOR 13
ENV PATH $PATH:/usr/lib/postgresql/$PG_MAJOR/bin
-ENV PG_VERSION 13.16-1.pgdg120+1
+ENV PG_VERSION 13.17-1.pgdg120+1
RUN set -ex; \
\
diff --git a/13/bullseye/Dockerfile b/13/bullseye/Dockerfile
index c8770da222..3e24c98f7e 100644
--- a/13/bullseye/Dockerfile
+++ b/13/bullseye/Dockerfile
@@ -89,7 +89,7 @@ RUN set -ex; \
ENV PG_MAJOR 13
ENV PATH $PATH:/usr/lib/postgresql/$PG_MAJOR/bin
-ENV PG_VERSION 13.16-1.pgdg110+1
+ENV PG_VERSION 13.17-1.pgdg110+1
RUN set -ex; \
\
diff --git a/versions.json b/versions.json
index d1e2d9c4cc..122e02d806 100644
--- a/versions.json
+++ b/versions.json
@@ -39,7 +39,7 @@
"ppc64el",
"s390x"
],
- "version": "13.16-1.pgdg120+1"
+ "version": "13.17-1.pgdg120+1"
},
"bullseye": {
"arches": [
@@ -48,18 +48,18 @@
"ppc64el",
"s390x"
],
- "version": "13.16-1.pgdg110+1"
+ "version": "13.17-1.pgdg110+1"
},
"debian": "bookworm",
"major": 13,
- "sha256": "c9cbbb6129f02328204828066bb3785c00a85c8ca8fd329c2a8a53c1f5cd8865",
+ "sha256": "022b0a6e7bc374a777eece33708895d7b60cae07d492b286b296a49d7395d78b",
"variants": [
"bookworm",
"bullseye",
"alpine3.20",
"alpine3.19"
],
- "version": "13.16"
+ "version": "13.17"
},
"14": {
"alpine": "3.20",
From 9c7abb997a013a96c2651ee541ddea06f424e1f3 Mon Sep 17 00:00:00 2001
From: Docker Library Bot <doi+docker-library-bot@docker.com>
Date: Thu, 14 Nov 2024 11:06:51 -0800
Subject: [PATCH 080/115] Update 14 to 14.14, bookworm 14.14-1.pgdg120+1,
bullseye 14.14-1.pgdg110+1
---
14/alpine3.19/Dockerfile | 4 ++--
14/alpine3.20/Dockerfile | 4 ++--
14/bookworm/Dockerfile | 2 +-
14/bullseye/Dockerfile | 2 +-
versions.json | 8 ++++----
5 files changed, 10 insertions(+), 10 deletions(-)
diff --git a/14/alpine3.19/Dockerfile b/14/alpine3.19/Dockerfile
index 533e23e6be..de99300c0d 100644
--- a/14/alpine3.19/Dockerfile
+++ b/14/alpine3.19/Dockerfile
@@ -53,8 +53,8 @@ ENV LANG en_US.utf8
RUN mkdir /docker-entrypoint-initdb.d
ENV PG_MAJOR 14
-ENV PG_VERSION 14.13
-ENV PG_SHA256 59aa3c4b495ab26a9ec69f3ad0a0228c51f0fe6facf3634dfad4d1197d613a56
+ENV PG_VERSION 14.14
+ENV PG_SHA256 84727fbccdbd1efe01d8de64bc1b33095db773ad2457cefcedc2d8258ebc09d6
ENV DOCKER_PG_LLVM_DEPS \
llvm15-dev \
diff --git a/14/alpine3.20/Dockerfile b/14/alpine3.20/Dockerfile
index 4b89e0d558..3839e3d0db 100644
--- a/14/alpine3.20/Dockerfile
+++ b/14/alpine3.20/Dockerfile
@@ -53,8 +53,8 @@ ENV LANG en_US.utf8
RUN mkdir /docker-entrypoint-initdb.d
ENV PG_MAJOR 14
-ENV PG_VERSION 14.13
-ENV PG_SHA256 59aa3c4b495ab26a9ec69f3ad0a0228c51f0fe6facf3634dfad4d1197d613a56
+ENV PG_VERSION 14.14
+ENV PG_SHA256 84727fbccdbd1efe01d8de64bc1b33095db773ad2457cefcedc2d8258ebc09d6
ENV DOCKER_PG_LLVM_DEPS \
llvm15-dev \
diff --git a/14/bookworm/Dockerfile b/14/bookworm/Dockerfile
index 88743d5041..7eaff78071 100644
--- a/14/bookworm/Dockerfile
+++ b/14/bookworm/Dockerfile
@@ -89,7 +89,7 @@ RUN set -ex; \
ENV PG_MAJOR 14
ENV PATH $PATH:/usr/lib/postgresql/$PG_MAJOR/bin
-ENV PG_VERSION 14.13-1.pgdg120+1
+ENV PG_VERSION 14.14-1.pgdg120+1
RUN set -ex; \
\
diff --git a/14/bullseye/Dockerfile b/14/bullseye/Dockerfile
index a69d4098f9..5c207f7468 100644
--- a/14/bullseye/Dockerfile
+++ b/14/bullseye/Dockerfile
@@ -89,7 +89,7 @@ RUN set -ex; \
ENV PG_MAJOR 14
ENV PATH $PATH:/usr/lib/postgresql/$PG_MAJOR/bin
-ENV PG_VERSION 14.13-1.pgdg110+1
+ENV PG_VERSION 14.14-1.pgdg110+1
RUN set -ex; \
\
diff --git a/versions.json b/versions.json
index 122e02d806..fb8b5b048a 100644
--- a/versions.json
+++ b/versions.json
@@ -70,7 +70,7 @@
"ppc64el",
"s390x"
],
- "version": "14.13-1.pgdg120+1"
+ "version": "14.14-1.pgdg120+1"
},
"bullseye": {
"arches": [
@@ -79,18 +79,18 @@
"ppc64el",
"s390x"
],
- "version": "14.13-1.pgdg110+1"
+ "version": "14.14-1.pgdg110+1"
},
"debian": "bookworm",
"major": 14,
- "sha256": "59aa3c4b495ab26a9ec69f3ad0a0228c51f0fe6facf3634dfad4d1197d613a56",
+ "sha256": "84727fbccdbd1efe01d8de64bc1b33095db773ad2457cefcedc2d8258ebc09d6",
"variants": [
"bookworm",
"bullseye",
"alpine3.20",
"alpine3.19"
],
- "version": "14.13"
+ "version": "14.14"
},
"15": {
"alpine": "3.20",
From 89e0c9265d95bc82c67d417ca04039ec2d5ccefc Mon Sep 17 00:00:00 2001
From: Docker Library Bot <doi+docker-library-bot@docker.com>
Date: Thu, 14 Nov 2024 11:20:16 -0800
Subject: [PATCH 081/115] Update 15 to 15.9, bookworm 15.9-1.pgdg120+1,
bullseye 15.9-1.pgdg110+1
---
15/alpine3.19/Dockerfile | 4 ++--
15/alpine3.20/Dockerfile | 4 ++--
15/bookworm/Dockerfile | 2 +-
15/bullseye/Dockerfile | 2 +-
versions.json | 8 ++++----
5 files changed, 10 insertions(+), 10 deletions(-)
diff --git a/15/alpine3.19/Dockerfile b/15/alpine3.19/Dockerfile
index e9c2dbb37d..fba571e203 100644
--- a/15/alpine3.19/Dockerfile
+++ b/15/alpine3.19/Dockerfile
@@ -53,8 +53,8 @@ ENV LANG en_US.utf8
RUN mkdir /docker-entrypoint-initdb.d
ENV PG_MAJOR 15
-ENV PG_VERSION 15.8
-ENV PG_SHA256 4403515f9a69eeb3efebc98f30b8c696122bfdf895e92b3b23f5b8e769edcb6a
+ENV PG_VERSION 15.9
+ENV PG_SHA256 74f2d4565035f0cf729ecb059949faaf1102cbd93759b359822f98f82198c783
ENV DOCKER_PG_LLVM_DEPS \
llvm15-dev \
diff --git a/15/alpine3.20/Dockerfile b/15/alpine3.20/Dockerfile
index 83e8a4640d..0706a3367b 100644
--- a/15/alpine3.20/Dockerfile
+++ b/15/alpine3.20/Dockerfile
@@ -53,8 +53,8 @@ ENV LANG en_US.utf8
RUN mkdir /docker-entrypoint-initdb.d
ENV PG_MAJOR 15
-ENV PG_VERSION 15.8
-ENV PG_SHA256 4403515f9a69eeb3efebc98f30b8c696122bfdf895e92b3b23f5b8e769edcb6a
+ENV PG_VERSION 15.9
+ENV PG_SHA256 74f2d4565035f0cf729ecb059949faaf1102cbd93759b359822f98f82198c783
ENV DOCKER_PG_LLVM_DEPS \
llvm15-dev \
diff --git a/15/bookworm/Dockerfile b/15/bookworm/Dockerfile
index 859acbfbdd..957ec6df80 100644
--- a/15/bookworm/Dockerfile
+++ b/15/bookworm/Dockerfile
@@ -89,7 +89,7 @@ RUN set -ex; \
ENV PG_MAJOR 15
ENV PATH $PATH:/usr/lib/postgresql/$PG_MAJOR/bin
-ENV PG_VERSION 15.8-1.pgdg120+1
+ENV PG_VERSION 15.9-1.pgdg120+1
RUN set -ex; \
\
diff --git a/15/bullseye/Dockerfile b/15/bullseye/Dockerfile
index aff946fa54..eafd5c45dc 100644
--- a/15/bullseye/Dockerfile
+++ b/15/bullseye/Dockerfile
@@ -89,7 +89,7 @@ RUN set -ex; \
ENV PG_MAJOR 15
ENV PATH $PATH:/usr/lib/postgresql/$PG_MAJOR/bin
-ENV PG_VERSION 15.8-1.pgdg110+1
+ENV PG_VERSION 15.9-1.pgdg110+1
RUN set -ex; \
\
diff --git a/versions.json b/versions.json
index fb8b5b048a..121921cd6a 100644
--- a/versions.json
+++ b/versions.json
@@ -101,7 +101,7 @@
"ppc64el",
"s390x"
],
- "version": "15.8-1.pgdg120+1"
+ "version": "15.9-1.pgdg120+1"
},
"bullseye": {
"arches": [
@@ -110,18 +110,18 @@
"ppc64el",
"s390x"
],
- "version": "15.8-1.pgdg110+1"
+ "version": "15.9-1.pgdg110+1"
},
"debian": "bookworm",
"major": 15,
- "sha256": "4403515f9a69eeb3efebc98f30b8c696122bfdf895e92b3b23f5b8e769edcb6a",
+ "sha256": "74f2d4565035f0cf729ecb059949faaf1102cbd93759b359822f98f82198c783",
"variants": [
"bookworm",
"bullseye",
"alpine3.20",
"alpine3.19"
],
- "version": "15.8"
+ "version": "15.9"
},
"16": {
"alpine": "3.20",
From f6c1f5b3765fdb3dce87ac5adc6270e0d5485a76 Mon Sep 17 00:00:00 2001
From: Docker Library Bot <doi+docker-library-bot@docker.com>
Date: Thu, 14 Nov 2024 11:34:05 -0800
Subject: [PATCH 082/115] Update 16 to 16.5, bookworm 16.5-1.pgdg120+1,
bullseye 16.5-1.pgdg110+1
---
16/alpine3.19/Dockerfile | 4 ++--
16/alpine3.20/Dockerfile | 4 ++--
16/bookworm/Dockerfile | 2 +-
16/bullseye/Dockerfile | 2 +-
versions.json | 8 ++++----
5 files changed, 10 insertions(+), 10 deletions(-)
diff --git a/16/alpine3.19/Dockerfile b/16/alpine3.19/Dockerfile
index 16f3df5884..3146ffc0f5 100644
--- a/16/alpine3.19/Dockerfile
+++ b/16/alpine3.19/Dockerfile
@@ -53,8 +53,8 @@ ENV LANG en_US.utf8
RUN mkdir /docker-entrypoint-initdb.d
ENV PG_MAJOR 16
-ENV PG_VERSION 16.4
-ENV PG_SHA256 971766d645aa73e93b9ef4e3be44201b4f45b5477095b049125403f9f3386d6f
+ENV PG_VERSION 16.5
+ENV PG_SHA256 a6cbbb7037f98cb8afa7d3970b7c48040cf02b115e39253a0c037a8bb8e778f0
ENV DOCKER_PG_LLVM_DEPS \
llvm15-dev \
diff --git a/16/alpine3.20/Dockerfile b/16/alpine3.20/Dockerfile
index 33d01092b9..41213996fb 100644
--- a/16/alpine3.20/Dockerfile
+++ b/16/alpine3.20/Dockerfile
@@ -53,8 +53,8 @@ ENV LANG en_US.utf8
RUN mkdir /docker-entrypoint-initdb.d
ENV PG_MAJOR 16
-ENV PG_VERSION 16.4
-ENV PG_SHA256 971766d645aa73e93b9ef4e3be44201b4f45b5477095b049125403f9f3386d6f
+ENV PG_VERSION 16.5
+ENV PG_SHA256 a6cbbb7037f98cb8afa7d3970b7c48040cf02b115e39253a0c037a8bb8e778f0
ENV DOCKER_PG_LLVM_DEPS \
llvm15-dev \
diff --git a/16/bookworm/Dockerfile b/16/bookworm/Dockerfile
index 40feae2173..3631195246 100644
--- a/16/bookworm/Dockerfile
+++ b/16/bookworm/Dockerfile
@@ -89,7 +89,7 @@ RUN set -ex; \
ENV PG_MAJOR 16
ENV PATH $PATH:/usr/lib/postgresql/$PG_MAJOR/bin
-ENV PG_VERSION 16.4-1.pgdg120+2
+ENV PG_VERSION 16.5-1.pgdg120+1
RUN set -ex; \
\
diff --git a/16/bullseye/Dockerfile b/16/bullseye/Dockerfile
index fb685497f9..d889decf25 100644
--- a/16/bullseye/Dockerfile
+++ b/16/bullseye/Dockerfile
@@ -89,7 +89,7 @@ RUN set -ex; \
ENV PG_MAJOR 16
ENV PATH $PATH:/usr/lib/postgresql/$PG_MAJOR/bin
-ENV PG_VERSION 16.4-1.pgdg110+2
+ENV PG_VERSION 16.5-1.pgdg110+1
RUN set -ex; \
\
diff --git a/versions.json b/versions.json
index 121921cd6a..fc589d97e2 100644
--- a/versions.json
+++ b/versions.json
@@ -132,7 +132,7 @@
"ppc64el",
"s390x"
],
- "version": "16.4-1.pgdg120+2"
+ "version": "16.5-1.pgdg120+1"
},
"bullseye": {
"arches": [
@@ -141,18 +141,18 @@
"ppc64el",
"s390x"
],
- "version": "16.4-1.pgdg110+2"
+ "version": "16.5-1.pgdg110+1"
},
"debian": "bookworm",
"major": 16,
- "sha256": "971766d645aa73e93b9ef4e3be44201b4f45b5477095b049125403f9f3386d6f",
+ "sha256": "a6cbbb7037f98cb8afa7d3970b7c48040cf02b115e39253a0c037a8bb8e778f0",
"variants": [
"bookworm",
"bullseye",
"alpine3.20",
"alpine3.19"
],
- "version": "16.4"
+ "version": "16.5"
},
"17": {
"alpine": "3.20",
From b64a17080eaaab2ec717352379ecd20456562fb5 Mon Sep 17 00:00:00 2001
From: Docker Library Bot <doi+docker-library-bot@docker.com>
Date: Thu, 14 Nov 2024 11:48:01 -0800
Subject: [PATCH 083/115] Update 17 to 17.1, bookworm 17.1-1.pgdg120+1,
bullseye 17.1-1.pgdg110+1
---
17/alpine3.19/Dockerfile | 4 ++--
17/alpine3.20/Dockerfile | 4 ++--
17/bookworm/Dockerfile | 2 +-
17/bullseye/Dockerfile | 2 +-
versions.json | 8 ++++----
5 files changed, 10 insertions(+), 10 deletions(-)
diff --git a/17/alpine3.19/Dockerfile b/17/alpine3.19/Dockerfile
index 793e3d49c5..64bd75ae3c 100644
--- a/17/alpine3.19/Dockerfile
+++ b/17/alpine3.19/Dockerfile
@@ -52,8 +52,8 @@ ENV LANG en_US.utf8
RUN mkdir /docker-entrypoint-initdb.d
ENV PG_MAJOR 17
-ENV PG_VERSION 17.0
-ENV PG_SHA256 7e276131c0fdd6b62588dbad9b3bb24b8c3498d5009328dba59af16e819109de
+ENV PG_VERSION 17.1
+ENV PG_SHA256 7849db74ef6a8555d0723f87e81539301422fa9c8e9f21cce61fdc14e9199dcd
ENV DOCKER_PG_LLVM_DEPS \
llvm15-dev \
diff --git a/17/alpine3.20/Dockerfile b/17/alpine3.20/Dockerfile
index 4a33b69d48..5b005b3d54 100644
--- a/17/alpine3.20/Dockerfile
+++ b/17/alpine3.20/Dockerfile
@@ -52,8 +52,8 @@ ENV LANG en_US.utf8
RUN mkdir /docker-entrypoint-initdb.d
ENV PG_MAJOR 17
-ENV PG_VERSION 17.0
-ENV PG_SHA256 7e276131c0fdd6b62588dbad9b3bb24b8c3498d5009328dba59af16e819109de
+ENV PG_VERSION 17.1
+ENV PG_SHA256 7849db74ef6a8555d0723f87e81539301422fa9c8e9f21cce61fdc14e9199dcd
ENV DOCKER_PG_LLVM_DEPS \
llvm15-dev \
diff --git a/17/bookworm/Dockerfile b/17/bookworm/Dockerfile
index 21a1f4958d..3958ea2438 100644
--- a/17/bookworm/Dockerfile
+++ b/17/bookworm/Dockerfile
@@ -89,7 +89,7 @@ RUN set -ex; \
ENV PG_MAJOR 17
ENV PATH $PATH:/usr/lib/postgresql/$PG_MAJOR/bin
-ENV PG_VERSION 17.0-1.pgdg120+1
+ENV PG_VERSION 17.1-1.pgdg120+1
RUN set -ex; \
\
diff --git a/17/bullseye/Dockerfile b/17/bullseye/Dockerfile
index a7ff8247c8..b68c707fb9 100644
--- a/17/bullseye/Dockerfile
+++ b/17/bullseye/Dockerfile
@@ -89,7 +89,7 @@ RUN set -ex; \
ENV PG_MAJOR 17
ENV PATH $PATH:/usr/lib/postgresql/$PG_MAJOR/bin
-ENV PG_VERSION 17.0-1.pgdg110+1
+ENV PG_VERSION 17.1-1.pgdg110+1
RUN set -ex; \
\
diff --git a/versions.json b/versions.json
index fc589d97e2..0689ef947d 100644
--- a/versions.json
+++ b/versions.json
@@ -163,7 +163,7 @@
"ppc64el",
"s390x"
],
- "version": "17.0-1.pgdg120+1"
+ "version": "17.1-1.pgdg120+1"
},
"bullseye": {
"arches": [
@@ -172,17 +172,17 @@
"ppc64el",
"s390x"
],
- "version": "17.0-1.pgdg110+1"
+ "version": "17.1-1.pgdg110+1"
},
"debian": "bookworm",
"major": 17,
- "sha256": "7e276131c0fdd6b62588dbad9b3bb24b8c3498d5009328dba59af16e819109de",
+ "sha256": "7849db74ef6a8555d0723f87e81539301422fa9c8e9f21cce61fdc14e9199dcd",
"variants": [
"bookworm",
"bullseye",
"alpine3.20",
"alpine3.19"
],
- "version": "17.0"
+ "version": "17.1"
}
}
From 7a1418a24d4b1f69d16a6167877569c073c0fbd2 Mon Sep 17 00:00:00 2001
From: Tianon Gravi <admwiggin@gmail.com>
Date: Thu, 21 Nov 2024 10:50:21 -0800
Subject: [PATCH 084/115] Update README
See https://github.com/docker-library/docs/pull/2503
---
README.md | 11 -----------
1 file changed, 11 deletions(-)
diff --git a/README.md b/README.md
index 09b82c90c2..883f0701e9 100644
--- a/README.md
+++ b/README.md
@@ -12,15 +12,4 @@ For more information about the full official images change lifecycle, see [the "
For outstanding `postgres` image PRs, check [PRs with the "library/postgres" label on the official-images repository](https://github.com/docker-library/official-images/labels/library%2Fpostgres). For the current "source of truth" for [`postgres`](https://hub.docker.com/_/postgres/), see [the `library/postgres` file in the official-images repository](https://github.com/docker-library/official-images/blob/master/library/postgres).
----
-
-- [](https://github.com/docker-library/postgres/actions?query=workflow%3A%22GitHub+CI%22+branch%3Amaster)
-- [](https://doi-janky.infosiftr.net/job/update.sh/job/postgres/)
-
-| Build | Status | Badges | (per-arch) |
-|:-:|:-:|:-:|:-:|
-| [](https://doi-janky.infosiftr.net/job/multiarch/job/amd64/job/postgres/) | [](https://doi-janky.infosiftr.net/job/multiarch/job/arm32v5/job/postgres/) | [](https://doi-janky.infosiftr.net/job/multiarch/job/arm32v6/job/postgres/) | [](https://doi-janky.infosiftr.net/job/multiarch/job/arm32v7/job/postgres/) |
-| [](https://doi-janky.infosiftr.net/job/multiarch/job/arm64v8/job/postgres/) | [](https://doi-janky.infosiftr.net/job/multiarch/job/i386/job/postgres/) | [](https://doi-janky.infosiftr.net/job/multiarch/job/mips64le/job/postgres/) | [](https://doi-janky.infosiftr.net/job/multiarch/job/ppc64le/job/postgres/) |
-| [](https://doi-janky.infosiftr.net/job/multiarch/job/s390x/job/postgres/) | [](https://doi-janky.infosiftr.net/job/put-shared/job/light/job/postgres/) |
-
<!-- THIS FILE IS GENERATED BY https://github.com/docker-library/docs/blob/master/generate-repo-stub-readme.sh -->
From 5f590b8df7f12270d1d5227758744ca3b0bdef74 Mon Sep 17 00:00:00 2001
From: Docker Library Bot <doi+docker-library-bot@docker.com>
Date: Thu, 21 Nov 2024 12:05:42 -0800
Subject: [PATCH 085/115] Update 12 to 12.22, bookworm 12.22-1.pgdg120+1,
bullseye 12.22-1.pgdg110+1
---
12/alpine3.19/Dockerfile | 4 ++--
12/alpine3.20/Dockerfile | 4 ++--
12/bookworm/Dockerfile | 2 +-
12/bullseye/Dockerfile | 2 +-
versions.json | 8 ++++----
5 files changed, 10 insertions(+), 10 deletions(-)
diff --git a/12/alpine3.19/Dockerfile b/12/alpine3.19/Dockerfile
index cc16e0ddc8..21aaff4185 100644
--- a/12/alpine3.19/Dockerfile
+++ b/12/alpine3.19/Dockerfile
@@ -53,8 +53,8 @@ ENV LANG en_US.utf8
RUN mkdir /docker-entrypoint-initdb.d
ENV PG_MAJOR 12
-ENV PG_VERSION 12.21
-ENV PG_SHA256 6c711550ac1cc7828865e5823d9f457e3bdad6f4320177169f90e419be0c27f2
+ENV PG_VERSION 12.22
+ENV PG_SHA256 8df3c0474782589d3c6f374b5133b1bd14d168086edbc13c6e72e67dd4527a3b
ENV DOCKER_PG_LLVM_DEPS \
llvm15-dev \
diff --git a/12/alpine3.20/Dockerfile b/12/alpine3.20/Dockerfile
index b8b82118c2..3f1e87e0cf 100644
--- a/12/alpine3.20/Dockerfile
+++ b/12/alpine3.20/Dockerfile
@@ -53,8 +53,8 @@ ENV LANG en_US.utf8
RUN mkdir /docker-entrypoint-initdb.d
ENV PG_MAJOR 12
-ENV PG_VERSION 12.21
-ENV PG_SHA256 6c711550ac1cc7828865e5823d9f457e3bdad6f4320177169f90e419be0c27f2
+ENV PG_VERSION 12.22
+ENV PG_SHA256 8df3c0474782589d3c6f374b5133b1bd14d168086edbc13c6e72e67dd4527a3b
ENV DOCKER_PG_LLVM_DEPS \
llvm15-dev \
diff --git a/12/bookworm/Dockerfile b/12/bookworm/Dockerfile
index 1f92c9baa0..df9a761c5f 100644
--- a/12/bookworm/Dockerfile
+++ b/12/bookworm/Dockerfile
@@ -89,7 +89,7 @@ RUN set -ex; \
ENV PG_MAJOR 12
ENV PATH $PATH:/usr/lib/postgresql/$PG_MAJOR/bin
-ENV PG_VERSION 12.21-1.pgdg120+1
+ENV PG_VERSION 12.22-1.pgdg120+1
RUN set -ex; \
\
diff --git a/12/bullseye/Dockerfile b/12/bullseye/Dockerfile
index 5d57862bf4..526491f45d 100644
--- a/12/bullseye/Dockerfile
+++ b/12/bullseye/Dockerfile
@@ -89,7 +89,7 @@ RUN set -ex; \
ENV PG_MAJOR 12
ENV PATH $PATH:/usr/lib/postgresql/$PG_MAJOR/bin
-ENV PG_VERSION 12.21-1.pgdg110+1
+ENV PG_VERSION 12.22-1.pgdg110+1
RUN set -ex; \
\
diff --git a/versions.json b/versions.json
index 0689ef947d..5dd3670294 100644
--- a/versions.json
+++ b/versions.json
@@ -8,7 +8,7 @@
"ppc64el",
"s390x"
],
- "version": "12.21-1.pgdg120+1"
+ "version": "12.22-1.pgdg120+1"
},
"bullseye": {
"arches": [
@@ -17,18 +17,18 @@
"ppc64el",
"s390x"
],
- "version": "12.21-1.pgdg110+1"
+ "version": "12.22-1.pgdg110+1"
},
"debian": "bookworm",
"major": 12,
- "sha256": "6c711550ac1cc7828865e5823d9f457e3bdad6f4320177169f90e419be0c27f2",
+ "sha256": "8df3c0474782589d3c6f374b5133b1bd14d168086edbc13c6e72e67dd4527a3b",
"variants": [
"bookworm",
"bullseye",
"alpine3.20",
"alpine3.19"
],
- "version": "12.21"
+ "version": "12.22"
},
"13": {
"alpine": "3.20",
From 9fadd0e250ba0c150dafec9e3c8728de3c8e318f Mon Sep 17 00:00:00 2001
From: Docker Library Bot <doi+docker-library-bot@docker.com>
Date: Thu, 21 Nov 2024 12:07:48 -0800
Subject: [PATCH 086/115] Update 13 to 13.18, bookworm 13.18-1.pgdg120+1,
bullseye 13.18-1.pgdg110+1
---
13/alpine3.19/Dockerfile | 4 ++--
13/alpine3.20/Dockerfile | 4 ++--
13/bookworm/Dockerfile | 2 +-
13/bullseye/Dockerfile | 2 +-
versions.json | 8 ++++----
5 files changed, 10 insertions(+), 10 deletions(-)
diff --git a/13/alpine3.19/Dockerfile b/13/alpine3.19/Dockerfile
index 59850e682f..43c805a2b4 100644
--- a/13/alpine3.19/Dockerfile
+++ b/13/alpine3.19/Dockerfile
@@ -53,8 +53,8 @@ ENV LANG en_US.utf8
RUN mkdir /docker-entrypoint-initdb.d
ENV PG_MAJOR 13
-ENV PG_VERSION 13.17
-ENV PG_SHA256 022b0a6e7bc374a777eece33708895d7b60cae07d492b286b296a49d7395d78b
+ENV PG_VERSION 13.18
+ENV PG_SHA256 ceea92abee2a8c19408d278b68de6a78b6bd3dbb4fa2d653fa7ca745d666aab1
ENV DOCKER_PG_LLVM_DEPS \
llvm15-dev \
diff --git a/13/alpine3.20/Dockerfile b/13/alpine3.20/Dockerfile
index 95466e7e78..a4d1cf366d 100644
--- a/13/alpine3.20/Dockerfile
+++ b/13/alpine3.20/Dockerfile
@@ -53,8 +53,8 @@ ENV LANG en_US.utf8
RUN mkdir /docker-entrypoint-initdb.d
ENV PG_MAJOR 13
-ENV PG_VERSION 13.17
-ENV PG_SHA256 022b0a6e7bc374a777eece33708895d7b60cae07d492b286b296a49d7395d78b
+ENV PG_VERSION 13.18
+ENV PG_SHA256 ceea92abee2a8c19408d278b68de6a78b6bd3dbb4fa2d653fa7ca745d666aab1
ENV DOCKER_PG_LLVM_DEPS \
llvm15-dev \
diff --git a/13/bookworm/Dockerfile b/13/bookworm/Dockerfile
index 02dab0fbda..99432918b9 100644
--- a/13/bookworm/Dockerfile
+++ b/13/bookworm/Dockerfile
@@ -89,7 +89,7 @@ RUN set -ex; \
ENV PG_MAJOR 13
ENV PATH $PATH:/usr/lib/postgresql/$PG_MAJOR/bin
-ENV PG_VERSION 13.17-1.pgdg120+1
+ENV PG_VERSION 13.18-1.pgdg120+1
RUN set -ex; \
\
diff --git a/13/bullseye/Dockerfile b/13/bullseye/Dockerfile
index 3e24c98f7e..18b4ffcf86 100644
--- a/13/bullseye/Dockerfile
+++ b/13/bullseye/Dockerfile
@@ -89,7 +89,7 @@ RUN set -ex; \
ENV PG_MAJOR 13
ENV PATH $PATH:/usr/lib/postgresql/$PG_MAJOR/bin
-ENV PG_VERSION 13.17-1.pgdg110+1
+ENV PG_VERSION 13.18-1.pgdg110+1
RUN set -ex; \
\
diff --git a/versions.json b/versions.json
index 5dd3670294..3cf85cc86d 100644
--- a/versions.json
+++ b/versions.json
@@ -39,7 +39,7 @@
"ppc64el",
"s390x"
],
- "version": "13.17-1.pgdg120+1"
+ "version": "13.18-1.pgdg120+1"
},
"bullseye": {
"arches": [
@@ -48,18 +48,18 @@
"ppc64el",
"s390x"
],
- "version": "13.17-1.pgdg110+1"
+ "version": "13.18-1.pgdg110+1"
},
"debian": "bookworm",
"major": 13,
- "sha256": "022b0a6e7bc374a777eece33708895d7b60cae07d492b286b296a49d7395d78b",
+ "sha256": "ceea92abee2a8c19408d278b68de6a78b6bd3dbb4fa2d653fa7ca745d666aab1",
"variants": [
"bookworm",
"bullseye",
"alpine3.20",
"alpine3.19"
],
- "version": "13.17"
+ "version": "13.18"
},
"14": {
"alpine": "3.20",
From c44484583320c81b35824ec0ce16864690d68bc3 Mon Sep 17 00:00:00 2001
From: Docker Library Bot <doi+docker-library-bot@docker.com>
Date: Thu, 21 Nov 2024 12:09:59 -0800
Subject: [PATCH 087/115] Update 14 to 14.15, bookworm 14.15-1.pgdg120+1,
bullseye 14.15-1.pgdg110+1
---
14/alpine3.19/Dockerfile | 4 ++--
14/alpine3.20/Dockerfile | 4 ++--
14/bookworm/Dockerfile | 2 +-
14/bullseye/Dockerfile | 2 +-
versions.json | 8 ++++----
5 files changed, 10 insertions(+), 10 deletions(-)
diff --git a/14/alpine3.19/Dockerfile b/14/alpine3.19/Dockerfile
index de99300c0d..4cf84a304f 100644
--- a/14/alpine3.19/Dockerfile
+++ b/14/alpine3.19/Dockerfile
@@ -53,8 +53,8 @@ ENV LANG en_US.utf8
RUN mkdir /docker-entrypoint-initdb.d
ENV PG_MAJOR 14
-ENV PG_VERSION 14.14
-ENV PG_SHA256 84727fbccdbd1efe01d8de64bc1b33095db773ad2457cefcedc2d8258ebc09d6
+ENV PG_VERSION 14.15
+ENV PG_SHA256 02e891e314b4e9ee24cbd78028dab7c73f9c1ba3e30835bcbef71fe220401fc5
ENV DOCKER_PG_LLVM_DEPS \
llvm15-dev \
diff --git a/14/alpine3.20/Dockerfile b/14/alpine3.20/Dockerfile
index 3839e3d0db..2af8d825fc 100644
--- a/14/alpine3.20/Dockerfile
+++ b/14/alpine3.20/Dockerfile
@@ -53,8 +53,8 @@ ENV LANG en_US.utf8
RUN mkdir /docker-entrypoint-initdb.d
ENV PG_MAJOR 14
-ENV PG_VERSION 14.14
-ENV PG_SHA256 84727fbccdbd1efe01d8de64bc1b33095db773ad2457cefcedc2d8258ebc09d6
+ENV PG_VERSION 14.15
+ENV PG_SHA256 02e891e314b4e9ee24cbd78028dab7c73f9c1ba3e30835bcbef71fe220401fc5
ENV DOCKER_PG_LLVM_DEPS \
llvm15-dev \
diff --git a/14/bookworm/Dockerfile b/14/bookworm/Dockerfile
index 7eaff78071..f70799807c 100644
--- a/14/bookworm/Dockerfile
+++ b/14/bookworm/Dockerfile
@@ -89,7 +89,7 @@ RUN set -ex; \
ENV PG_MAJOR 14
ENV PATH $PATH:/usr/lib/postgresql/$PG_MAJOR/bin
-ENV PG_VERSION 14.14-1.pgdg120+1
+ENV PG_VERSION 14.15-1.pgdg120+1
RUN set -ex; \
\
diff --git a/14/bullseye/Dockerfile b/14/bullseye/Dockerfile
index 5c207f7468..3f7e4eca95 100644
--- a/14/bullseye/Dockerfile
+++ b/14/bullseye/Dockerfile
@@ -89,7 +89,7 @@ RUN set -ex; \
ENV PG_MAJOR 14
ENV PATH $PATH:/usr/lib/postgresql/$PG_MAJOR/bin
-ENV PG_VERSION 14.14-1.pgdg110+1
+ENV PG_VERSION 14.15-1.pgdg110+1
RUN set -ex; \
\
diff --git a/versions.json b/versions.json
index 3cf85cc86d..09583e98e5 100644
--- a/versions.json
+++ b/versions.json
@@ -70,7 +70,7 @@
"ppc64el",
"s390x"
],
- "version": "14.14-1.pgdg120+1"
+ "version": "14.15-1.pgdg120+1"
},
"bullseye": {
"arches": [
@@ -79,18 +79,18 @@
"ppc64el",
"s390x"
],
- "version": "14.14-1.pgdg110+1"
+ "version": "14.15-1.pgdg110+1"
},
"debian": "bookworm",
"major": 14,
- "sha256": "84727fbccdbd1efe01d8de64bc1b33095db773ad2457cefcedc2d8258ebc09d6",
+ "sha256": "02e891e314b4e9ee24cbd78028dab7c73f9c1ba3e30835bcbef71fe220401fc5",
"variants": [
"bookworm",
"bullseye",
"alpine3.20",
"alpine3.19"
],
- "version": "14.14"
+ "version": "14.15"
},
"15": {
"alpine": "3.20",
From 50b4cdb50e3599013f2fce9cd8860600f53c696c Mon Sep 17 00:00:00 2001
From: Docker Library Bot <doi+docker-library-bot@docker.com>
Date: Thu, 21 Nov 2024 12:12:11 -0800
Subject: [PATCH 088/115] Update 15 to 15.10, bookworm 15.10-1.pgdg120+1,
bullseye 15.10-1.pgdg110+1
---
15/alpine3.19/Dockerfile | 4 ++--
15/alpine3.20/Dockerfile | 4 ++--
15/bookworm/Dockerfile | 2 +-
15/bullseye/Dockerfile | 2 +-
versions.json | 8 ++++----
5 files changed, 10 insertions(+), 10 deletions(-)
diff --git a/15/alpine3.19/Dockerfile b/15/alpine3.19/Dockerfile
index fba571e203..43c890da5b 100644
--- a/15/alpine3.19/Dockerfile
+++ b/15/alpine3.19/Dockerfile
@@ -53,8 +53,8 @@ ENV LANG en_US.utf8
RUN mkdir /docker-entrypoint-initdb.d
ENV PG_MAJOR 15
-ENV PG_VERSION 15.9
-ENV PG_SHA256 74f2d4565035f0cf729ecb059949faaf1102cbd93759b359822f98f82198c783
+ENV PG_VERSION 15.10
+ENV PG_SHA256 55abe738d441f0e58658b3ec6f88097a713b5e3b73139f6230d7b5c4c389e573
ENV DOCKER_PG_LLVM_DEPS \
llvm15-dev \
diff --git a/15/alpine3.20/Dockerfile b/15/alpine3.20/Dockerfile
index 0706a3367b..effc59a095 100644
--- a/15/alpine3.20/Dockerfile
+++ b/15/alpine3.20/Dockerfile
@@ -53,8 +53,8 @@ ENV LANG en_US.utf8
RUN mkdir /docker-entrypoint-initdb.d
ENV PG_MAJOR 15
-ENV PG_VERSION 15.9
-ENV PG_SHA256 74f2d4565035f0cf729ecb059949faaf1102cbd93759b359822f98f82198c783
+ENV PG_VERSION 15.10
+ENV PG_SHA256 55abe738d441f0e58658b3ec6f88097a713b5e3b73139f6230d7b5c4c389e573
ENV DOCKER_PG_LLVM_DEPS \
llvm15-dev \
diff --git a/15/bookworm/Dockerfile b/15/bookworm/Dockerfile
index 957ec6df80..d3d44d9fec 100644
--- a/15/bookworm/Dockerfile
+++ b/15/bookworm/Dockerfile
@@ -89,7 +89,7 @@ RUN set -ex; \
ENV PG_MAJOR 15
ENV PATH $PATH:/usr/lib/postgresql/$PG_MAJOR/bin
-ENV PG_VERSION 15.9-1.pgdg120+1
+ENV PG_VERSION 15.10-1.pgdg120+1
RUN set -ex; \
\
diff --git a/15/bullseye/Dockerfile b/15/bullseye/Dockerfile
index eafd5c45dc..582076c41b 100644
--- a/15/bullseye/Dockerfile
+++ b/15/bullseye/Dockerfile
@@ -89,7 +89,7 @@ RUN set -ex; \
ENV PG_MAJOR 15
ENV PATH $PATH:/usr/lib/postgresql/$PG_MAJOR/bin
-ENV PG_VERSION 15.9-1.pgdg110+1
+ENV PG_VERSION 15.10-1.pgdg110+1
RUN set -ex; \
\
diff --git a/versions.json b/versions.json
index 09583e98e5..6c580db3a3 100644
--- a/versions.json
+++ b/versions.json
@@ -101,7 +101,7 @@
"ppc64el",
"s390x"
],
- "version": "15.9-1.pgdg120+1"
+ "version": "15.10-1.pgdg120+1"
},
"bullseye": {
"arches": [
@@ -110,18 +110,18 @@
"ppc64el",
"s390x"
],
- "version": "15.9-1.pgdg110+1"
+ "version": "15.10-1.pgdg110+1"
},
"debian": "bookworm",
"major": 15,
- "sha256": "74f2d4565035f0cf729ecb059949faaf1102cbd93759b359822f98f82198c783",
+ "sha256": "55abe738d441f0e58658b3ec6f88097a713b5e3b73139f6230d7b5c4c389e573",
"variants": [
"bookworm",
"bullseye",
"alpine3.20",
"alpine3.19"
],
- "version": "15.9"
+ "version": "15.10"
},
"16": {
"alpine": "3.20",
From 960ebdf14ef92d328588e77af2a879c63e577e96 Mon Sep 17 00:00:00 2001
From: Docker Library Bot <doi+docker-library-bot@docker.com>
Date: Thu, 21 Nov 2024 12:14:24 -0800
Subject: [PATCH 089/115] Update 16 to 16.6, bookworm 16.6-1.pgdg120+1,
bullseye 16.6-1.pgdg110+1
---
16/alpine3.19/Dockerfile | 4 ++--
16/alpine3.20/Dockerfile | 4 ++--
16/bookworm/Dockerfile | 2 +-
16/bullseye/Dockerfile | 2 +-
versions.json | 8 ++++----
5 files changed, 10 insertions(+), 10 deletions(-)
diff --git a/16/alpine3.19/Dockerfile b/16/alpine3.19/Dockerfile
index 3146ffc0f5..0ee9671bdd 100644
--- a/16/alpine3.19/Dockerfile
+++ b/16/alpine3.19/Dockerfile
@@ -53,8 +53,8 @@ ENV LANG en_US.utf8
RUN mkdir /docker-entrypoint-initdb.d
ENV PG_MAJOR 16
-ENV PG_VERSION 16.5
-ENV PG_SHA256 a6cbbb7037f98cb8afa7d3970b7c48040cf02b115e39253a0c037a8bb8e778f0
+ENV PG_VERSION 16.6
+ENV PG_SHA256 23369cdaccd45270ac5dcc30fa9da205d5be33fa505e1f17a0418d2caeca477b
ENV DOCKER_PG_LLVM_DEPS \
llvm15-dev \
diff --git a/16/alpine3.20/Dockerfile b/16/alpine3.20/Dockerfile
index 41213996fb..c86008147b 100644
--- a/16/alpine3.20/Dockerfile
+++ b/16/alpine3.20/Dockerfile
@@ -53,8 +53,8 @@ ENV LANG en_US.utf8
RUN mkdir /docker-entrypoint-initdb.d
ENV PG_MAJOR 16
-ENV PG_VERSION 16.5
-ENV PG_SHA256 a6cbbb7037f98cb8afa7d3970b7c48040cf02b115e39253a0c037a8bb8e778f0
+ENV PG_VERSION 16.6
+ENV PG_SHA256 23369cdaccd45270ac5dcc30fa9da205d5be33fa505e1f17a0418d2caeca477b
ENV DOCKER_PG_LLVM_DEPS \
llvm15-dev \
diff --git a/16/bookworm/Dockerfile b/16/bookworm/Dockerfile
index 3631195246..2a3fda32c3 100644
--- a/16/bookworm/Dockerfile
+++ b/16/bookworm/Dockerfile
@@ -89,7 +89,7 @@ RUN set -ex; \
ENV PG_MAJOR 16
ENV PATH $PATH:/usr/lib/postgresql/$PG_MAJOR/bin
-ENV PG_VERSION 16.5-1.pgdg120+1
+ENV PG_VERSION 16.6-1.pgdg120+1
RUN set -ex; \
\
diff --git a/16/bullseye/Dockerfile b/16/bullseye/Dockerfile
index d889decf25..75a6bf083e 100644
--- a/16/bullseye/Dockerfile
+++ b/16/bullseye/Dockerfile
@@ -89,7 +89,7 @@ RUN set -ex; \
ENV PG_MAJOR 16
ENV PATH $PATH:/usr/lib/postgresql/$PG_MAJOR/bin
-ENV PG_VERSION 16.5-1.pgdg110+1
+ENV PG_VERSION 16.6-1.pgdg110+1
RUN set -ex; \
\
diff --git a/versions.json b/versions.json
index 6c580db3a3..9b79ab49db 100644
--- a/versions.json
+++ b/versions.json
@@ -132,7 +132,7 @@
"ppc64el",
"s390x"
],
- "version": "16.5-1.pgdg120+1"
+ "version": "16.6-1.pgdg120+1"
},
"bullseye": {
"arches": [
@@ -141,18 +141,18 @@
"ppc64el",
"s390x"
],
- "version": "16.5-1.pgdg110+1"
+ "version": "16.6-1.pgdg110+1"
},
"debian": "bookworm",
"major": 16,
- "sha256": "a6cbbb7037f98cb8afa7d3970b7c48040cf02b115e39253a0c037a8bb8e778f0",
+ "sha256": "23369cdaccd45270ac5dcc30fa9da205d5be33fa505e1f17a0418d2caeca477b",
"variants": [
"bookworm",
"bullseye",
"alpine3.20",
"alpine3.19"
],
- "version": "16.5"
+ "version": "16.6"
},
"17": {
"alpine": "3.20",
From 0b87a9bbd23f56b1e9e863ecda5cc9e66416c4e0 Mon Sep 17 00:00:00 2001
From: Docker Library Bot <doi+docker-library-bot@docker.com>
Date: Thu, 21 Nov 2024 12:16:44 -0800
Subject: [PATCH 090/115] Update 17 to 17.2, bookworm 17.2-1.pgdg120+1,
bullseye 17.2-1.pgdg110+1
---
17/alpine3.19/Dockerfile | 4 ++--
17/alpine3.20/Dockerfile | 4 ++--
17/bookworm/Dockerfile | 2 +-
17/bullseye/Dockerfile | 2 +-
versions.json | 8 ++++----
5 files changed, 10 insertions(+), 10 deletions(-)
diff --git a/17/alpine3.19/Dockerfile b/17/alpine3.19/Dockerfile
index 64bd75ae3c..101ea6b2cc 100644
--- a/17/alpine3.19/Dockerfile
+++ b/17/alpine3.19/Dockerfile
@@ -52,8 +52,8 @@ ENV LANG en_US.utf8
RUN mkdir /docker-entrypoint-initdb.d
ENV PG_MAJOR 17
-ENV PG_VERSION 17.1
-ENV PG_SHA256 7849db74ef6a8555d0723f87e81539301422fa9c8e9f21cce61fdc14e9199dcd
+ENV PG_VERSION 17.2
+ENV PG_SHA256 82ef27c0af3751695d7f64e2d963583005fbb6a0c3df63d0e4b42211d7021164
ENV DOCKER_PG_LLVM_DEPS \
llvm15-dev \
diff --git a/17/alpine3.20/Dockerfile b/17/alpine3.20/Dockerfile
index 5b005b3d54..d8481c4f50 100644
--- a/17/alpine3.20/Dockerfile
+++ b/17/alpine3.20/Dockerfile
@@ -52,8 +52,8 @@ ENV LANG en_US.utf8
RUN mkdir /docker-entrypoint-initdb.d
ENV PG_MAJOR 17
-ENV PG_VERSION 17.1
-ENV PG_SHA256 7849db74ef6a8555d0723f87e81539301422fa9c8e9f21cce61fdc14e9199dcd
+ENV PG_VERSION 17.2
+ENV PG_SHA256 82ef27c0af3751695d7f64e2d963583005fbb6a0c3df63d0e4b42211d7021164
ENV DOCKER_PG_LLVM_DEPS \
llvm15-dev \
diff --git a/17/bookworm/Dockerfile b/17/bookworm/Dockerfile
index 3958ea2438..ea5f47b044 100644
--- a/17/bookworm/Dockerfile
+++ b/17/bookworm/Dockerfile
@@ -89,7 +89,7 @@ RUN set -ex; \
ENV PG_MAJOR 17
ENV PATH $PATH:/usr/lib/postgresql/$PG_MAJOR/bin
-ENV PG_VERSION 17.1-1.pgdg120+1
+ENV PG_VERSION 17.2-1.pgdg120+1
RUN set -ex; \
\
diff --git a/17/bullseye/Dockerfile b/17/bullseye/Dockerfile
index b68c707fb9..af909b0d8a 100644
--- a/17/bullseye/Dockerfile
+++ b/17/bullseye/Dockerfile
@@ -89,7 +89,7 @@ RUN set -ex; \
ENV PG_MAJOR 17
ENV PATH $PATH:/usr/lib/postgresql/$PG_MAJOR/bin
-ENV PG_VERSION 17.1-1.pgdg110+1
+ENV PG_VERSION 17.2-1.pgdg110+1
RUN set -ex; \
\
diff --git a/versions.json b/versions.json
index 9b79ab49db..fac5258833 100644
--- a/versions.json
+++ b/versions.json
@@ -163,7 +163,7 @@
"ppc64el",
"s390x"
],
- "version": "17.1-1.pgdg120+1"
+ "version": "17.2-1.pgdg120+1"
},
"bullseye": {
"arches": [
@@ -172,17 +172,17 @@
"ppc64el",
"s390x"
],
- "version": "17.1-1.pgdg110+1"
+ "version": "17.2-1.pgdg110+1"
},
"debian": "bookworm",
"major": 17,
- "sha256": "7849db74ef6a8555d0723f87e81539301422fa9c8e9f21cce61fdc14e9199dcd",
+ "sha256": "82ef27c0af3751695d7f64e2d963583005fbb6a0c3df63d0e4b42211d7021164",
"variants": [
"bookworm",
"bullseye",
"alpine3.20",
"alpine3.19"
],
- "version": "17.1"
+ "version": "17.2"
}
}
From 1075ab7060f7ee83f01db8bae699000994b5ed9f Mon Sep 17 00:00:00 2001
From: Paolo Barbolini <paolo.barbolini@m4ss.net>
Date: Thu, 5 Dec 2024 22:12:14 +0000
Subject: [PATCH 091/115] Update Alpine to 3.21
---
12/{alpine3.19 => alpine3.21}/Dockerfile | 2 +-
.../docker-ensure-initdb.sh | 0
.../docker-entrypoint.sh | 0
13/{alpine3.19 => alpine3.21}/Dockerfile | 2 +-
.../docker-ensure-initdb.sh | 0
.../docker-entrypoint.sh | 0
14/{alpine3.19 => alpine3.21}/Dockerfile | 2 +-
.../docker-ensure-initdb.sh | 0
.../docker-entrypoint.sh | 0
15/{alpine3.19 => alpine3.21}/Dockerfile | 2 +-
.../docker-ensure-initdb.sh | 0
.../docker-entrypoint.sh | 0
16/{alpine3.19 => alpine3.21}/Dockerfile | 2 +-
.../docker-ensure-initdb.sh | 0
.../docker-entrypoint.sh | 0
17/{alpine3.19 => alpine3.21}/Dockerfile | 2 +-
.../docker-ensure-initdb.sh | 0
.../docker-entrypoint.sh | 0
versions.json | 36 +++++++++----------
versions.sh | 2 +-
20 files changed, 25 insertions(+), 25 deletions(-)
rename 12/{alpine3.19 => alpine3.21}/Dockerfile (99%)
rename 12/{alpine3.19 => alpine3.21}/docker-ensure-initdb.sh (100%)
rename 12/{alpine3.19 => alpine3.21}/docker-entrypoint.sh (100%)
rename 13/{alpine3.19 => alpine3.21}/Dockerfile (99%)
rename 13/{alpine3.19 => alpine3.21}/docker-ensure-initdb.sh (100%)
rename 13/{alpine3.19 => alpine3.21}/docker-entrypoint.sh (100%)
rename 14/{alpine3.19 => alpine3.21}/Dockerfile (99%)
rename 14/{alpine3.19 => alpine3.21}/docker-ensure-initdb.sh (100%)
rename 14/{alpine3.19 => alpine3.21}/docker-entrypoint.sh (100%)
rename 15/{alpine3.19 => alpine3.21}/Dockerfile (99%)
rename 15/{alpine3.19 => alpine3.21}/docker-ensure-initdb.sh (100%)
rename 15/{alpine3.19 => alpine3.21}/docker-entrypoint.sh (100%)
rename 16/{alpine3.19 => alpine3.21}/Dockerfile (99%)
rename 16/{alpine3.19 => alpine3.21}/docker-ensure-initdb.sh (100%)
rename 16/{alpine3.19 => alpine3.21}/docker-entrypoint.sh (100%)
rename 17/{alpine3.19 => alpine3.21}/Dockerfile (99%)
rename 17/{alpine3.19 => alpine3.21}/docker-ensure-initdb.sh (100%)
rename 17/{alpine3.19 => alpine3.21}/docker-entrypoint.sh (100%)
diff --git a/12/alpine3.19/Dockerfile b/12/alpine3.21/Dockerfile
similarity index 99%
rename from 12/alpine3.19/Dockerfile
rename to 12/alpine3.21/Dockerfile
index 21aaff4185..b51727523a 100644
--- a/12/alpine3.19/Dockerfile
+++ b/12/alpine3.21/Dockerfile
@@ -4,7 +4,7 @@
# PLEASE DO NOT EDIT IT DIRECTLY.
#
-FROM alpine:3.19
+FROM alpine:3.21
# 70 is the standard uid/gid for "postgres" in Alpine
# https://git.alpinelinux.org/aports/tree/main/postgresql/postgresql.pre-install?h=3.12-stable
diff --git a/12/alpine3.19/docker-ensure-initdb.sh b/12/alpine3.21/docker-ensure-initdb.sh
similarity index 100%
rename from 12/alpine3.19/docker-ensure-initdb.sh
rename to 12/alpine3.21/docker-ensure-initdb.sh
diff --git a/12/alpine3.19/docker-entrypoint.sh b/12/alpine3.21/docker-entrypoint.sh
similarity index 100%
rename from 12/alpine3.19/docker-entrypoint.sh
rename to 12/alpine3.21/docker-entrypoint.sh
diff --git a/13/alpine3.19/Dockerfile b/13/alpine3.21/Dockerfile
similarity index 99%
rename from 13/alpine3.19/Dockerfile
rename to 13/alpine3.21/Dockerfile
index 43c805a2b4..5a63fd1f46 100644
--- a/13/alpine3.19/Dockerfile
+++ b/13/alpine3.21/Dockerfile
@@ -4,7 +4,7 @@
# PLEASE DO NOT EDIT IT DIRECTLY.
#
-FROM alpine:3.19
+FROM alpine:3.21
# 70 is the standard uid/gid for "postgres" in Alpine
# https://git.alpinelinux.org/aports/tree/main/postgresql/postgresql.pre-install?h=3.12-stable
diff --git a/13/alpine3.19/docker-ensure-initdb.sh b/13/alpine3.21/docker-ensure-initdb.sh
similarity index 100%
rename from 13/alpine3.19/docker-ensure-initdb.sh
rename to 13/alpine3.21/docker-ensure-initdb.sh
diff --git a/13/alpine3.19/docker-entrypoint.sh b/13/alpine3.21/docker-entrypoint.sh
similarity index 100%
rename from 13/alpine3.19/docker-entrypoint.sh
rename to 13/alpine3.21/docker-entrypoint.sh
diff --git a/14/alpine3.19/Dockerfile b/14/alpine3.21/Dockerfile
similarity index 99%
rename from 14/alpine3.19/Dockerfile
rename to 14/alpine3.21/Dockerfile
index 4cf84a304f..0173050f1b 100644
--- a/14/alpine3.19/Dockerfile
+++ b/14/alpine3.21/Dockerfile
@@ -4,7 +4,7 @@
# PLEASE DO NOT EDIT IT DIRECTLY.
#
-FROM alpine:3.19
+FROM alpine:3.21
# 70 is the standard uid/gid for "postgres" in Alpine
# https://git.alpinelinux.org/aports/tree/main/postgresql/postgresql.pre-install?h=3.12-stable
diff --git a/14/alpine3.19/docker-ensure-initdb.sh b/14/alpine3.21/docker-ensure-initdb.sh
similarity index 100%
rename from 14/alpine3.19/docker-ensure-initdb.sh
rename to 14/alpine3.21/docker-ensure-initdb.sh
diff --git a/14/alpine3.19/docker-entrypoint.sh b/14/alpine3.21/docker-entrypoint.sh
similarity index 100%
rename from 14/alpine3.19/docker-entrypoint.sh
rename to 14/alpine3.21/docker-entrypoint.sh
diff --git a/15/alpine3.19/Dockerfile b/15/alpine3.21/Dockerfile
similarity index 99%
rename from 15/alpine3.19/Dockerfile
rename to 15/alpine3.21/Dockerfile
index 43c890da5b..f9452c84ba 100644
--- a/15/alpine3.19/Dockerfile
+++ b/15/alpine3.21/Dockerfile
@@ -4,7 +4,7 @@
# PLEASE DO NOT EDIT IT DIRECTLY.
#
-FROM alpine:3.19
+FROM alpine:3.21
# 70 is the standard uid/gid for "postgres" in Alpine
# https://git.alpinelinux.org/aports/tree/main/postgresql/postgresql.pre-install?h=3.12-stable
diff --git a/15/alpine3.19/docker-ensure-initdb.sh b/15/alpine3.21/docker-ensure-initdb.sh
similarity index 100%
rename from 15/alpine3.19/docker-ensure-initdb.sh
rename to 15/alpine3.21/docker-ensure-initdb.sh
diff --git a/15/alpine3.19/docker-entrypoint.sh b/15/alpine3.21/docker-entrypoint.sh
similarity index 100%
rename from 15/alpine3.19/docker-entrypoint.sh
rename to 15/alpine3.21/docker-entrypoint.sh
diff --git a/16/alpine3.19/Dockerfile b/16/alpine3.21/Dockerfile
similarity index 99%
rename from 16/alpine3.19/Dockerfile
rename to 16/alpine3.21/Dockerfile
index 0ee9671bdd..c2a0f65032 100644
--- a/16/alpine3.19/Dockerfile
+++ b/16/alpine3.21/Dockerfile
@@ -4,7 +4,7 @@
# PLEASE DO NOT EDIT IT DIRECTLY.
#
-FROM alpine:3.19
+FROM alpine:3.21
# 70 is the standard uid/gid for "postgres" in Alpine
# https://git.alpinelinux.org/aports/tree/main/postgresql/postgresql.pre-install?h=3.12-stable
diff --git a/16/alpine3.19/docker-ensure-initdb.sh b/16/alpine3.21/docker-ensure-initdb.sh
similarity index 100%
rename from 16/alpine3.19/docker-ensure-initdb.sh
rename to 16/alpine3.21/docker-ensure-initdb.sh
diff --git a/16/alpine3.19/docker-entrypoint.sh b/16/alpine3.21/docker-entrypoint.sh
similarity index 100%
rename from 16/alpine3.19/docker-entrypoint.sh
rename to 16/alpine3.21/docker-entrypoint.sh
diff --git a/17/alpine3.19/Dockerfile b/17/alpine3.21/Dockerfile
similarity index 99%
rename from 17/alpine3.19/Dockerfile
rename to 17/alpine3.21/Dockerfile
index 101ea6b2cc..4adb4a0367 100644
--- a/17/alpine3.19/Dockerfile
+++ b/17/alpine3.21/Dockerfile
@@ -4,7 +4,7 @@
# PLEASE DO NOT EDIT IT DIRECTLY.
#
-FROM alpine:3.19
+FROM alpine:3.21
# 70 is the standard uid/gid for "postgres" in Alpine
# https://git.alpinelinux.org/aports/tree/main/postgresql/postgresql.pre-install?h=3.12-stable
diff --git a/17/alpine3.19/docker-ensure-initdb.sh b/17/alpine3.21/docker-ensure-initdb.sh
similarity index 100%
rename from 17/alpine3.19/docker-ensure-initdb.sh
rename to 17/alpine3.21/docker-ensure-initdb.sh
diff --git a/17/alpine3.19/docker-entrypoint.sh b/17/alpine3.21/docker-entrypoint.sh
similarity index 100%
rename from 17/alpine3.19/docker-entrypoint.sh
rename to 17/alpine3.21/docker-entrypoint.sh
diff --git a/versions.json b/versions.json
index fac5258833..11cf4b6a29 100644
--- a/versions.json
+++ b/versions.json
@@ -1,6 +1,6 @@
{
"12": {
- "alpine": "3.20",
+ "alpine": "3.21",
"bookworm": {
"arches": [
"amd64",
@@ -25,13 +25,13 @@
"variants": [
"bookworm",
"bullseye",
- "alpine3.20",
- "alpine3.19"
+ "alpine3.21",
+ "alpine3.20"
],
"version": "12.22"
},
"13": {
- "alpine": "3.20",
+ "alpine": "3.21",
"bookworm": {
"arches": [
"amd64",
@@ -56,13 +56,13 @@
"variants": [
"bookworm",
"bullseye",
- "alpine3.20",
- "alpine3.19"
+ "alpine3.21",
+ "alpine3.20"
],
"version": "13.18"
},
"14": {
- "alpine": "3.20",
+ "alpine": "3.21",
"bookworm": {
"arches": [
"amd64",
@@ -87,13 +87,13 @@
"variants": [
"bookworm",
"bullseye",
- "alpine3.20",
- "alpine3.19"
+ "alpine3.21",
+ "alpine3.20"
],
"version": "14.15"
},
"15": {
- "alpine": "3.20",
+ "alpine": "3.21",
"bookworm": {
"arches": [
"amd64",
@@ -118,13 +118,13 @@
"variants": [
"bookworm",
"bullseye",
- "alpine3.20",
- "alpine3.19"
+ "alpine3.21",
+ "alpine3.20"
],
"version": "15.10"
},
"16": {
- "alpine": "3.20",
+ "alpine": "3.21",
"bookworm": {
"arches": [
"amd64",
@@ -149,13 +149,13 @@
"variants": [
"bookworm",
"bullseye",
- "alpine3.20",
- "alpine3.19"
+ "alpine3.21",
+ "alpine3.20"
],
"version": "16.6"
},
"17": {
- "alpine": "3.20",
+ "alpine": "3.21",
"bookworm": {
"arches": [
"amd64",
@@ -180,8 +180,8 @@
"variants": [
"bookworm",
"bullseye",
- "alpine3.20",
- "alpine3.19"
+ "alpine3.21",
+ "alpine3.20"
],
"version": "17.2"
}
diff --git a/versions.sh b/versions.sh
index e8c1225d53..ad83e2b000 100755
--- a/versions.sh
+++ b/versions.sh
@@ -7,8 +7,8 @@ supportedDebianSuites=(
bullseye
)
supportedAlpineVersions=(
+ 3.21
3.20
- 3.19
)
defaultDebianSuite="${supportedDebianSuites[0]}"
declare -A debianSuites=(
From 17818f21dca10ccf02711476e138c219bd31b456 Mon Sep 17 00:00:00 2001
From: Joseph Ferguson <yosifkit@gmail.com>
Date: Thu, 5 Dec 2024 14:12:58 -0800
Subject: [PATCH 092/115] In Alpine 3.21 bump llvm version
Fixes #1296
---
12/alpine3.20/Dockerfile | 4 ++--
12/alpine3.21/Dockerfile | 12 ++++++------
13/alpine3.20/Dockerfile | 4 ++--
13/alpine3.21/Dockerfile | 12 ++++++------
14/alpine3.20/Dockerfile | 4 ++--
14/alpine3.21/Dockerfile | 12 ++++++------
15/alpine3.20/Dockerfile | 4 ++--
15/alpine3.21/Dockerfile | 12 ++++++------
16/alpine3.20/Dockerfile | 4 ++--
16/alpine3.21/Dockerfile | 12 ++++++------
17/alpine3.20/Dockerfile | 4 ++--
17/alpine3.21/Dockerfile | 12 ++++++------
Dockerfile-alpine.template | 19 +++++++++++++++----
13 files changed, 63 insertions(+), 52 deletions(-)
diff --git a/12/alpine3.20/Dockerfile b/12/alpine3.20/Dockerfile
index 3f1e87e0cf..acd5d9acd7 100644
--- a/12/alpine3.20/Dockerfile
+++ b/12/alpine3.20/Dockerfile
@@ -112,9 +112,9 @@ RUN set -eux; \
wget -O config/config.guess 'https://git.savannah.gnu.org/cgit/config.git/plain/config.guess?id=7d3d27baf8107b630586c962c057e22149653deb'; \
wget -O config/config.sub 'https://git.savannah.gnu.org/cgit/config.git/plain/config.sub?id=7d3d27baf8107b630586c962c057e22149653deb'; \
\
-# https://git.alpinelinux.org/aports/tree/community/postgresql12/APKBUILD?h=3.18-stable&id=a470294e6d6ca7059e41c54769b7c3c26ec901d4#n158
+# https://git.alpinelinux.org/aports/tree/community/postgresql15/APKBUILD?h=3.21-stable&id=40544ade947bec1798edb0f749f4e967e842624b#n172
export LLVM_CONFIG="/usr/lib/llvm15/bin/llvm-config"; \
-# https://git.alpinelinux.org/aports/tree/community/postgresql12/APKBUILD?h=3.18-stable&id=a470294e6d6ca7059e41c54769b7c3c26ec901d4#n163
+# https://git.alpinelinux.org/aports/tree/community/postgresql15/APKBUILD?h=3.21-stable&id=40544ade947bec1798edb0f749f4e967e842624b#n177
export CLANG=clang-15; \
\
# configure options taken from:
diff --git a/12/alpine3.21/Dockerfile b/12/alpine3.21/Dockerfile
index b51727523a..636e77151e 100644
--- a/12/alpine3.21/Dockerfile
+++ b/12/alpine3.21/Dockerfile
@@ -57,8 +57,8 @@ ENV PG_VERSION 12.22
ENV PG_SHA256 8df3c0474782589d3c6f374b5133b1bd14d168086edbc13c6e72e67dd4527a3b
ENV DOCKER_PG_LLVM_DEPS \
- llvm15-dev \
- clang15
+ llvm19-dev \
+ clang19
RUN set -eux; \
\
@@ -112,10 +112,10 @@ RUN set -eux; \
wget -O config/config.guess 'https://git.savannah.gnu.org/cgit/config.git/plain/config.guess?id=7d3d27baf8107b630586c962c057e22149653deb'; \
wget -O config/config.sub 'https://git.savannah.gnu.org/cgit/config.git/plain/config.sub?id=7d3d27baf8107b630586c962c057e22149653deb'; \
\
-# https://git.alpinelinux.org/aports/tree/community/postgresql12/APKBUILD?h=3.18-stable&id=a470294e6d6ca7059e41c54769b7c3c26ec901d4#n158
- export LLVM_CONFIG="/usr/lib/llvm15/bin/llvm-config"; \
-# https://git.alpinelinux.org/aports/tree/community/postgresql12/APKBUILD?h=3.18-stable&id=a470294e6d6ca7059e41c54769b7c3c26ec901d4#n163
- export CLANG=clang-15; \
+# https://git.alpinelinux.org/aports/tree/community/postgresql15/APKBUILD?h=3.21-stable&id=40544ade947bec1798edb0f749f4e967e842624b#n172
+ export LLVM_CONFIG="/usr/lib/llvm19/bin/llvm-config"; \
+# https://git.alpinelinux.org/aports/tree/community/postgresql15/APKBUILD?h=3.21-stable&id=40544ade947bec1798edb0f749f4e967e842624b#n177
+ export CLANG=clang-19; \
\
# configure options taken from:
# https://anonscm.debian.org/cgit/pkg-postgresql/postgresql.git/tree/debian/rules?h=9.5
diff --git a/13/alpine3.20/Dockerfile b/13/alpine3.20/Dockerfile
index a4d1cf366d..3d694c3609 100644
--- a/13/alpine3.20/Dockerfile
+++ b/13/alpine3.20/Dockerfile
@@ -112,9 +112,9 @@ RUN set -eux; \
wget -O config/config.guess 'https://git.savannah.gnu.org/cgit/config.git/plain/config.guess?id=7d3d27baf8107b630586c962c057e22149653deb'; \
wget -O config/config.sub 'https://git.savannah.gnu.org/cgit/config.git/plain/config.sub?id=7d3d27baf8107b630586c962c057e22149653deb'; \
\
-# https://git.alpinelinux.org/aports/tree/community/postgresql12/APKBUILD?h=3.18-stable&id=a470294e6d6ca7059e41c54769b7c3c26ec901d4#n158
+# https://git.alpinelinux.org/aports/tree/community/postgresql15/APKBUILD?h=3.21-stable&id=40544ade947bec1798edb0f749f4e967e842624b#n172
export LLVM_CONFIG="/usr/lib/llvm15/bin/llvm-config"; \
-# https://git.alpinelinux.org/aports/tree/community/postgresql12/APKBUILD?h=3.18-stable&id=a470294e6d6ca7059e41c54769b7c3c26ec901d4#n163
+# https://git.alpinelinux.org/aports/tree/community/postgresql15/APKBUILD?h=3.21-stable&id=40544ade947bec1798edb0f749f4e967e842624b#n177
export CLANG=clang-15; \
\
# configure options taken from:
diff --git a/13/alpine3.21/Dockerfile b/13/alpine3.21/Dockerfile
index 5a63fd1f46..1adc2f84c8 100644
--- a/13/alpine3.21/Dockerfile
+++ b/13/alpine3.21/Dockerfile
@@ -57,8 +57,8 @@ ENV PG_VERSION 13.18
ENV PG_SHA256 ceea92abee2a8c19408d278b68de6a78b6bd3dbb4fa2d653fa7ca745d666aab1
ENV DOCKER_PG_LLVM_DEPS \
- llvm15-dev \
- clang15
+ llvm19-dev \
+ clang19
RUN set -eux; \
\
@@ -112,10 +112,10 @@ RUN set -eux; \
wget -O config/config.guess 'https://git.savannah.gnu.org/cgit/config.git/plain/config.guess?id=7d3d27baf8107b630586c962c057e22149653deb'; \
wget -O config/config.sub 'https://git.savannah.gnu.org/cgit/config.git/plain/config.sub?id=7d3d27baf8107b630586c962c057e22149653deb'; \
\
-# https://git.alpinelinux.org/aports/tree/community/postgresql12/APKBUILD?h=3.18-stable&id=a470294e6d6ca7059e41c54769b7c3c26ec901d4#n158
- export LLVM_CONFIG="/usr/lib/llvm15/bin/llvm-config"; \
-# https://git.alpinelinux.org/aports/tree/community/postgresql12/APKBUILD?h=3.18-stable&id=a470294e6d6ca7059e41c54769b7c3c26ec901d4#n163
- export CLANG=clang-15; \
+# https://git.alpinelinux.org/aports/tree/community/postgresql15/APKBUILD?h=3.21-stable&id=40544ade947bec1798edb0f749f4e967e842624b#n172
+ export LLVM_CONFIG="/usr/lib/llvm19/bin/llvm-config"; \
+# https://git.alpinelinux.org/aports/tree/community/postgresql15/APKBUILD?h=3.21-stable&id=40544ade947bec1798edb0f749f4e967e842624b#n177
+ export CLANG=clang-19; \
\
# configure options taken from:
# https://anonscm.debian.org/cgit/pkg-postgresql/postgresql.git/tree/debian/rules?h=9.5
diff --git a/14/alpine3.20/Dockerfile b/14/alpine3.20/Dockerfile
index 2af8d825fc..98f6b30aeb 100644
--- a/14/alpine3.20/Dockerfile
+++ b/14/alpine3.20/Dockerfile
@@ -114,9 +114,9 @@ RUN set -eux; \
wget -O config/config.guess 'https://git.savannah.gnu.org/cgit/config.git/plain/config.guess?id=7d3d27baf8107b630586c962c057e22149653deb'; \
wget -O config/config.sub 'https://git.savannah.gnu.org/cgit/config.git/plain/config.sub?id=7d3d27baf8107b630586c962c057e22149653deb'; \
\
-# https://git.alpinelinux.org/aports/tree/community/postgresql12/APKBUILD?h=3.18-stable&id=a470294e6d6ca7059e41c54769b7c3c26ec901d4#n158
+# https://git.alpinelinux.org/aports/tree/community/postgresql15/APKBUILD?h=3.21-stable&id=40544ade947bec1798edb0f749f4e967e842624b#n172
export LLVM_CONFIG="/usr/lib/llvm15/bin/llvm-config"; \
-# https://git.alpinelinux.org/aports/tree/community/postgresql12/APKBUILD?h=3.18-stable&id=a470294e6d6ca7059e41c54769b7c3c26ec901d4#n163
+# https://git.alpinelinux.org/aports/tree/community/postgresql15/APKBUILD?h=3.21-stable&id=40544ade947bec1798edb0f749f4e967e842624b#n177
export CLANG=clang-15; \
\
# configure options taken from:
diff --git a/14/alpine3.21/Dockerfile b/14/alpine3.21/Dockerfile
index 0173050f1b..46e0f7353c 100644
--- a/14/alpine3.21/Dockerfile
+++ b/14/alpine3.21/Dockerfile
@@ -57,8 +57,8 @@ ENV PG_VERSION 14.15
ENV PG_SHA256 02e891e314b4e9ee24cbd78028dab7c73f9c1ba3e30835bcbef71fe220401fc5
ENV DOCKER_PG_LLVM_DEPS \
- llvm15-dev \
- clang15
+ llvm19-dev \
+ clang19
RUN set -eux; \
\
@@ -114,10 +114,10 @@ RUN set -eux; \
wget -O config/config.guess 'https://git.savannah.gnu.org/cgit/config.git/plain/config.guess?id=7d3d27baf8107b630586c962c057e22149653deb'; \
wget -O config/config.sub 'https://git.savannah.gnu.org/cgit/config.git/plain/config.sub?id=7d3d27baf8107b630586c962c057e22149653deb'; \
\
-# https://git.alpinelinux.org/aports/tree/community/postgresql12/APKBUILD?h=3.18-stable&id=a470294e6d6ca7059e41c54769b7c3c26ec901d4#n158
- export LLVM_CONFIG="/usr/lib/llvm15/bin/llvm-config"; \
-# https://git.alpinelinux.org/aports/tree/community/postgresql12/APKBUILD?h=3.18-stable&id=a470294e6d6ca7059e41c54769b7c3c26ec901d4#n163
- export CLANG=clang-15; \
+# https://git.alpinelinux.org/aports/tree/community/postgresql15/APKBUILD?h=3.21-stable&id=40544ade947bec1798edb0f749f4e967e842624b#n172
+ export LLVM_CONFIG="/usr/lib/llvm19/bin/llvm-config"; \
+# https://git.alpinelinux.org/aports/tree/community/postgresql15/APKBUILD?h=3.21-stable&id=40544ade947bec1798edb0f749f4e967e842624b#n177
+ export CLANG=clang-19; \
\
# configure options taken from:
# https://anonscm.debian.org/cgit/pkg-postgresql/postgresql.git/tree/debian/rules?h=9.5
diff --git a/15/alpine3.20/Dockerfile b/15/alpine3.20/Dockerfile
index effc59a095..a837092196 100644
--- a/15/alpine3.20/Dockerfile
+++ b/15/alpine3.20/Dockerfile
@@ -116,9 +116,9 @@ RUN set -eux; \
wget -O config/config.guess 'https://git.savannah.gnu.org/cgit/config.git/plain/config.guess?id=7d3d27baf8107b630586c962c057e22149653deb'; \
wget -O config/config.sub 'https://git.savannah.gnu.org/cgit/config.git/plain/config.sub?id=7d3d27baf8107b630586c962c057e22149653deb'; \
\
-# https://git.alpinelinux.org/aports/tree/community/postgresql12/APKBUILD?h=3.18-stable&id=a470294e6d6ca7059e41c54769b7c3c26ec901d4#n158
+# https://git.alpinelinux.org/aports/tree/community/postgresql15/APKBUILD?h=3.21-stable&id=40544ade947bec1798edb0f749f4e967e842624b#n172
export LLVM_CONFIG="/usr/lib/llvm15/bin/llvm-config"; \
-# https://git.alpinelinux.org/aports/tree/community/postgresql12/APKBUILD?h=3.18-stable&id=a470294e6d6ca7059e41c54769b7c3c26ec901d4#n163
+# https://git.alpinelinux.org/aports/tree/community/postgresql15/APKBUILD?h=3.21-stable&id=40544ade947bec1798edb0f749f4e967e842624b#n177
export CLANG=clang-15; \
\
# configure options taken from:
diff --git a/15/alpine3.21/Dockerfile b/15/alpine3.21/Dockerfile
index f9452c84ba..cd3c8c0724 100644
--- a/15/alpine3.21/Dockerfile
+++ b/15/alpine3.21/Dockerfile
@@ -57,8 +57,8 @@ ENV PG_VERSION 15.10
ENV PG_SHA256 55abe738d441f0e58658b3ec6f88097a713b5e3b73139f6230d7b5c4c389e573
ENV DOCKER_PG_LLVM_DEPS \
- llvm15-dev \
- clang15
+ llvm19-dev \
+ clang19
RUN set -eux; \
\
@@ -116,10 +116,10 @@ RUN set -eux; \
wget -O config/config.guess 'https://git.savannah.gnu.org/cgit/config.git/plain/config.guess?id=7d3d27baf8107b630586c962c057e22149653deb'; \
wget -O config/config.sub 'https://git.savannah.gnu.org/cgit/config.git/plain/config.sub?id=7d3d27baf8107b630586c962c057e22149653deb'; \
\
-# https://git.alpinelinux.org/aports/tree/community/postgresql12/APKBUILD?h=3.18-stable&id=a470294e6d6ca7059e41c54769b7c3c26ec901d4#n158
- export LLVM_CONFIG="/usr/lib/llvm15/bin/llvm-config"; \
-# https://git.alpinelinux.org/aports/tree/community/postgresql12/APKBUILD?h=3.18-stable&id=a470294e6d6ca7059e41c54769b7c3c26ec901d4#n163
- export CLANG=clang-15; \
+# https://git.alpinelinux.org/aports/tree/community/postgresql15/APKBUILD?h=3.21-stable&id=40544ade947bec1798edb0f749f4e967e842624b#n172
+ export LLVM_CONFIG="/usr/lib/llvm19/bin/llvm-config"; \
+# https://git.alpinelinux.org/aports/tree/community/postgresql15/APKBUILD?h=3.21-stable&id=40544ade947bec1798edb0f749f4e967e842624b#n177
+ export CLANG=clang-19; \
\
# configure options taken from:
# https://anonscm.debian.org/cgit/pkg-postgresql/postgresql.git/tree/debian/rules?h=9.5
diff --git a/16/alpine3.20/Dockerfile b/16/alpine3.20/Dockerfile
index c86008147b..36b35cdcb0 100644
--- a/16/alpine3.20/Dockerfile
+++ b/16/alpine3.20/Dockerfile
@@ -116,9 +116,9 @@ RUN set -eux; \
wget -O config/config.guess 'https://git.savannah.gnu.org/cgit/config.git/plain/config.guess?id=7d3d27baf8107b630586c962c057e22149653deb'; \
wget -O config/config.sub 'https://git.savannah.gnu.org/cgit/config.git/plain/config.sub?id=7d3d27baf8107b630586c962c057e22149653deb'; \
\
-# https://git.alpinelinux.org/aports/tree/community/postgresql12/APKBUILD?h=3.18-stable&id=a470294e6d6ca7059e41c54769b7c3c26ec901d4#n158
+# https://git.alpinelinux.org/aports/tree/community/postgresql15/APKBUILD?h=3.21-stable&id=40544ade947bec1798edb0f749f4e967e842624b#n172
export LLVM_CONFIG="/usr/lib/llvm15/bin/llvm-config"; \
-# https://git.alpinelinux.org/aports/tree/community/postgresql12/APKBUILD?h=3.18-stable&id=a470294e6d6ca7059e41c54769b7c3c26ec901d4#n163
+# https://git.alpinelinux.org/aports/tree/community/postgresql15/APKBUILD?h=3.21-stable&id=40544ade947bec1798edb0f749f4e967e842624b#n177
export CLANG=clang-15; \
\
# configure options taken from:
diff --git a/16/alpine3.21/Dockerfile b/16/alpine3.21/Dockerfile
index c2a0f65032..8b9173336f 100644
--- a/16/alpine3.21/Dockerfile
+++ b/16/alpine3.21/Dockerfile
@@ -57,8 +57,8 @@ ENV PG_VERSION 16.6
ENV PG_SHA256 23369cdaccd45270ac5dcc30fa9da205d5be33fa505e1f17a0418d2caeca477b
ENV DOCKER_PG_LLVM_DEPS \
- llvm15-dev \
- clang15
+ llvm19-dev \
+ clang19
RUN set -eux; \
\
@@ -116,10 +116,10 @@ RUN set -eux; \
wget -O config/config.guess 'https://git.savannah.gnu.org/cgit/config.git/plain/config.guess?id=7d3d27baf8107b630586c962c057e22149653deb'; \
wget -O config/config.sub 'https://git.savannah.gnu.org/cgit/config.git/plain/config.sub?id=7d3d27baf8107b630586c962c057e22149653deb'; \
\
-# https://git.alpinelinux.org/aports/tree/community/postgresql12/APKBUILD?h=3.18-stable&id=a470294e6d6ca7059e41c54769b7c3c26ec901d4#n158
- export LLVM_CONFIG="/usr/lib/llvm15/bin/llvm-config"; \
-# https://git.alpinelinux.org/aports/tree/community/postgresql12/APKBUILD?h=3.18-stable&id=a470294e6d6ca7059e41c54769b7c3c26ec901d4#n163
- export CLANG=clang-15; \
+# https://git.alpinelinux.org/aports/tree/community/postgresql15/APKBUILD?h=3.21-stable&id=40544ade947bec1798edb0f749f4e967e842624b#n172
+ export LLVM_CONFIG="/usr/lib/llvm19/bin/llvm-config"; \
+# https://git.alpinelinux.org/aports/tree/community/postgresql15/APKBUILD?h=3.21-stable&id=40544ade947bec1798edb0f749f4e967e842624b#n177
+ export CLANG=clang-19; \
\
# configure options taken from:
# https://anonscm.debian.org/cgit/pkg-postgresql/postgresql.git/tree/debian/rules?h=9.5
diff --git a/17/alpine3.20/Dockerfile b/17/alpine3.20/Dockerfile
index d8481c4f50..40d8bbd4bf 100644
--- a/17/alpine3.20/Dockerfile
+++ b/17/alpine3.20/Dockerfile
@@ -115,9 +115,9 @@ RUN set -eux; \
wget -O config/config.guess 'https://git.savannah.gnu.org/cgit/config.git/plain/config.guess?id=7d3d27baf8107b630586c962c057e22149653deb'; \
wget -O config/config.sub 'https://git.savannah.gnu.org/cgit/config.git/plain/config.sub?id=7d3d27baf8107b630586c962c057e22149653deb'; \
\
-# https://git.alpinelinux.org/aports/tree/community/postgresql12/APKBUILD?h=3.18-stable&id=a470294e6d6ca7059e41c54769b7c3c26ec901d4#n158
+# https://git.alpinelinux.org/aports/tree/community/postgresql15/APKBUILD?h=3.21-stable&id=40544ade947bec1798edb0f749f4e967e842624b#n172
export LLVM_CONFIG="/usr/lib/llvm15/bin/llvm-config"; \
-# https://git.alpinelinux.org/aports/tree/community/postgresql12/APKBUILD?h=3.18-stable&id=a470294e6d6ca7059e41c54769b7c3c26ec901d4#n163
+# https://git.alpinelinux.org/aports/tree/community/postgresql15/APKBUILD?h=3.21-stable&id=40544ade947bec1798edb0f749f4e967e842624b#n177
export CLANG=clang-15; \
\
# configure options taken from:
diff --git a/17/alpine3.21/Dockerfile b/17/alpine3.21/Dockerfile
index 4adb4a0367..5c2914fcb2 100644
--- a/17/alpine3.21/Dockerfile
+++ b/17/alpine3.21/Dockerfile
@@ -56,8 +56,8 @@ ENV PG_VERSION 17.2
ENV PG_SHA256 82ef27c0af3751695d7f64e2d963583005fbb6a0c3df63d0e4b42211d7021164
ENV DOCKER_PG_LLVM_DEPS \
- llvm15-dev \
- clang15
+ llvm19-dev \
+ clang19
RUN set -eux; \
\
@@ -115,10 +115,10 @@ RUN set -eux; \
wget -O config/config.guess 'https://git.savannah.gnu.org/cgit/config.git/plain/config.guess?id=7d3d27baf8107b630586c962c057e22149653deb'; \
wget -O config/config.sub 'https://git.savannah.gnu.org/cgit/config.git/plain/config.sub?id=7d3d27baf8107b630586c962c057e22149653deb'; \
\
-# https://git.alpinelinux.org/aports/tree/community/postgresql12/APKBUILD?h=3.18-stable&id=a470294e6d6ca7059e41c54769b7c3c26ec901d4#n158
- export LLVM_CONFIG="/usr/lib/llvm15/bin/llvm-config"; \
-# https://git.alpinelinux.org/aports/tree/community/postgresql12/APKBUILD?h=3.18-stable&id=a470294e6d6ca7059e41c54769b7c3c26ec901d4#n163
- export CLANG=clang-15; \
+# https://git.alpinelinux.org/aports/tree/community/postgresql15/APKBUILD?h=3.21-stable&id=40544ade947bec1798edb0f749f4e967e842624b#n172
+ export LLVM_CONFIG="/usr/lib/llvm19/bin/llvm-config"; \
+# https://git.alpinelinux.org/aports/tree/community/postgresql15/APKBUILD?h=3.21-stable&id=40544ade947bec1798edb0f749f4e967e842624b#n177
+ export CLANG=clang-19; \
\
# configure options taken from:
# https://anonscm.debian.org/cgit/pkg-postgresql/postgresql.git/tree/debian/rules?h=9.5
diff --git a/Dockerfile-alpine.template b/Dockerfile-alpine.template
index 767923f895..6ef2082805 100644
--- a/Dockerfile-alpine.template
+++ b/Dockerfile-alpine.template
@@ -1,4 +1,8 @@
-FROM alpine:{{ env.variant | ltrimstr("alpine") }}
+{{
+ def alpine_version:
+ env.variant | ltrimstr("alpine")
+-}}
+FROM alpine:{{ alpine_version }}
# 70 is the standard uid/gid for "postgres" in Alpine
# https://git.alpinelinux.org/aports/tree/main/postgresql/postgresql.pre-install?h=3.12-stable
@@ -52,7 +56,14 @@ ENV PG_MAJOR {{ env.version }}
ENV PG_VERSION {{ .version }}
ENV PG_SHA256 {{ .sha256 }}
-{{ def llvmver: "15" -}}
+{{
+ def llvmver:
+ if alpine_version | split(".") | map(tonumber) < [3, 21] then
+ "15"
+ else
+ "19"
+ end
+-}}
ENV DOCKER_PG_LLVM_DEPS \
llvm{{ llvmver }}-dev \
clang{{ llvmver }}
@@ -117,9 +128,9 @@ RUN set -eux; \
wget -O config/config.guess 'https://git.savannah.gnu.org/cgit/config.git/plain/config.guess?id=7d3d27baf8107b630586c962c057e22149653deb'; \
wget -O config/config.sub 'https://git.savannah.gnu.org/cgit/config.git/plain/config.sub?id=7d3d27baf8107b630586c962c057e22149653deb'; \
\
-# https://git.alpinelinux.org/aports/tree/community/postgresql12/APKBUILD?h=3.18-stable&id=a470294e6d6ca7059e41c54769b7c3c26ec901d4#n158
+# https://git.alpinelinux.org/aports/tree/community/postgresql15/APKBUILD?h=3.21-stable&id=40544ade947bec1798edb0f749f4e967e842624b#n172
export LLVM_CONFIG="/usr/lib/llvm{{ llvmver }}/bin/llvm-config"; \
-# https://git.alpinelinux.org/aports/tree/community/postgresql12/APKBUILD?h=3.18-stable&id=a470294e6d6ca7059e41c54769b7c3c26ec901d4#n163
+# https://git.alpinelinux.org/aports/tree/community/postgresql15/APKBUILD?h=3.21-stable&id=40544ade947bec1798edb0f749f4e967e842624b#n177
export CLANG=clang-{{ llvmver }}; \
\
# configure options taken from:
From cb049360d9a316e429740d47431e0d6fa129d11a Mon Sep 17 00:00:00 2001
From: Tianon Gravi <admwiggin@gmail.com>
Date: Fri, 13 Dec 2024 15:02:43 -0800
Subject: [PATCH 093/115] Simplify and update `verify-templating.yml`
This makes it print out a diff when there is an error (instead of just a list of files that are wrong), which will make the error more obvious.
---
.github/workflows/verify-templating.yml | 8 ++------
1 file changed, 2 insertions(+), 6 deletions(-)
diff --git a/.github/workflows/verify-templating.yml b/.github/workflows/verify-templating.yml
index 9ece508df6..e822ba6bb9 100644
--- a/.github/workflows/verify-templating.yml
+++ b/.github/workflows/verify-templating.yml
@@ -15,9 +15,5 @@ jobs:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- - name: Apply Templates
- run: ./apply-templates.sh
- - name: Check Git Status
- run: |
- status="$(git status --short)"
- [ -z "$status" ]
+ - run: ./apply-templates.sh
+ - run: git diff --exit-code
From 32b6fcdda7f52830f42dd695e2dc2f739581756b Mon Sep 17 00:00:00 2001
From: Jeremy Schneider <schneider@ardentperf.com>
Date: Thu, 9 Jan 2025 09:56:49 -0800
Subject: [PATCH 094/115] =?UTF-8?q?Remove=20inaccurate=20references=20to?=
=?UTF-8?q?=20corruption,=20remove=20SEGTERM=20suggestion=E2=80=A6=20(#130?=
=?UTF-8?q?3)?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
* Remove inaccurate references to corruption, remove SEGTERM suggestion, update information links to current docs. Postgres is carefully designed such that data is not corrupted on crashes or unclean shutdowns - the main tradeoff is that WAL replay is needed on startup. In practice, SIGTERM can cause unexpected long delays to shutdowns - often during maintenance windows - so best not to actively suggest this. The links back to official Postgres documentation seem sufficient.
---
12/alpine3.20/Dockerfile | 16 +++++-----------
12/alpine3.21/Dockerfile | 16 +++++-----------
12/bookworm/Dockerfile | 16 +++++-----------
12/bullseye/Dockerfile | 16 +++++-----------
13/alpine3.20/Dockerfile | 16 +++++-----------
13/alpine3.21/Dockerfile | 16 +++++-----------
13/bookworm/Dockerfile | 16 +++++-----------
13/bullseye/Dockerfile | 16 +++++-----------
14/alpine3.20/Dockerfile | 16 +++++-----------
14/alpine3.21/Dockerfile | 16 +++++-----------
14/bookworm/Dockerfile | 16 +++++-----------
14/bullseye/Dockerfile | 16 +++++-----------
15/alpine3.20/Dockerfile | 16 +++++-----------
15/alpine3.21/Dockerfile | 16 +++++-----------
15/bookworm/Dockerfile | 16 +++++-----------
15/bullseye/Dockerfile | 16 +++++-----------
16/alpine3.20/Dockerfile | 16 +++++-----------
16/alpine3.21/Dockerfile | 16 +++++-----------
16/bookworm/Dockerfile | 16 +++++-----------
16/bullseye/Dockerfile | 16 +++++-----------
17/alpine3.20/Dockerfile | 16 +++++-----------
17/alpine3.21/Dockerfile | 16 +++++-----------
17/bookworm/Dockerfile | 16 +++++-----------
17/bullseye/Dockerfile | 16 +++++-----------
Dockerfile-alpine.template | 16 +++++-----------
Dockerfile-debian.template | 16 +++++-----------
26 files changed, 130 insertions(+), 286 deletions(-)
diff --git a/12/alpine3.20/Dockerfile b/12/alpine3.20/Dockerfile
index acd5d9acd7..2e419498a4 100644
--- a/12/alpine3.20/Dockerfile
+++ b/12/alpine3.20/Dockerfile
@@ -203,18 +203,12 @@ ENTRYPOINT ["docker-entrypoint.sh"]
# We set the default STOPSIGNAL to SIGINT, which corresponds to what PostgreSQL
# calls "Fast Shutdown mode" wherein new connections are disallowed and any
# in-progress transactions are aborted, allowing PostgreSQL to stop cleanly and
-# flush tables to disk, which is the best compromise available to avoid data
-# corruption.
+# flush tables to disk.
#
-# Users who know their applications do not keep open long-lived idle connections
-# may way to use a value of SIGTERM instead, which corresponds to "Smart
-# Shutdown mode" in which any existing sessions are allowed to finish and the
-# server stops when all sessions are terminated.
-#
-# See https://www.postgresql.org/docs/12/server-shutdown.html for more details
+# See https://www.postgresql.org/docs/current/server-shutdown.html for more details
# about available PostgreSQL server shutdown signals.
#
-# See also https://www.postgresql.org/docs/12/server-start.html for further
+# See also https://www.postgresql.org/docs/current/server-start.html for further
# justification of this as the default value, namely that the example (and
# shipped) systemd service files use the "Fast Shutdown mode" for service
# termination.
@@ -224,10 +218,10 @@ STOPSIGNAL SIGINT
# An additional setting that is recommended for all users regardless of this
# value is the runtime "--stop-timeout" (or your orchestrator/runtime's
# equivalent) for controlling how long to wait between sending the defined
-# STOPSIGNAL and sending SIGKILL (which is likely to cause data corruption).
+# STOPSIGNAL and sending SIGKILL.
#
# The default in most runtimes (such as Docker) is 10 seconds, and the
-# documentation at https://www.postgresql.org/docs/12/server-start.html notes
+# documentation at https://www.postgresql.org/docs/current/server-start.html notes
# that even 90 seconds may not be long enough in many instances.
EXPOSE 5432
diff --git a/12/alpine3.21/Dockerfile b/12/alpine3.21/Dockerfile
index 636e77151e..75ddfac841 100644
--- a/12/alpine3.21/Dockerfile
+++ b/12/alpine3.21/Dockerfile
@@ -203,18 +203,12 @@ ENTRYPOINT ["docker-entrypoint.sh"]
# We set the default STOPSIGNAL to SIGINT, which corresponds to what PostgreSQL
# calls "Fast Shutdown mode" wherein new connections are disallowed and any
# in-progress transactions are aborted, allowing PostgreSQL to stop cleanly and
-# flush tables to disk, which is the best compromise available to avoid data
-# corruption.
+# flush tables to disk.
#
-# Users who know their applications do not keep open long-lived idle connections
-# may way to use a value of SIGTERM instead, which corresponds to "Smart
-# Shutdown mode" in which any existing sessions are allowed to finish and the
-# server stops when all sessions are terminated.
-#
-# See https://www.postgresql.org/docs/12/server-shutdown.html for more details
+# See https://www.postgresql.org/docs/current/server-shutdown.html for more details
# about available PostgreSQL server shutdown signals.
#
-# See also https://www.postgresql.org/docs/12/server-start.html for further
+# See also https://www.postgresql.org/docs/current/server-start.html for further
# justification of this as the default value, namely that the example (and
# shipped) systemd service files use the "Fast Shutdown mode" for service
# termination.
@@ -224,10 +218,10 @@ STOPSIGNAL SIGINT
# An additional setting that is recommended for all users regardless of this
# value is the runtime "--stop-timeout" (or your orchestrator/runtime's
# equivalent) for controlling how long to wait between sending the defined
-# STOPSIGNAL and sending SIGKILL (which is likely to cause data corruption).
+# STOPSIGNAL and sending SIGKILL.
#
# The default in most runtimes (such as Docker) is 10 seconds, and the
-# documentation at https://www.postgresql.org/docs/12/server-start.html notes
+# documentation at https://www.postgresql.org/docs/current/server-start.html notes
# that even 90 seconds may not be long enough in many instances.
EXPOSE 5432
diff --git a/12/bookworm/Dockerfile b/12/bookworm/Dockerfile
index df9a761c5f..c9f6baeea7 100644
--- a/12/bookworm/Dockerfile
+++ b/12/bookworm/Dockerfile
@@ -194,18 +194,12 @@ ENTRYPOINT ["docker-entrypoint.sh"]
# We set the default STOPSIGNAL to SIGINT, which corresponds to what PostgreSQL
# calls "Fast Shutdown mode" wherein new connections are disallowed and any
# in-progress transactions are aborted, allowing PostgreSQL to stop cleanly and
-# flush tables to disk, which is the best compromise available to avoid data
-# corruption.
+# flush tables to disk.
#
-# Users who know their applications do not keep open long-lived idle connections
-# may way to use a value of SIGTERM instead, which corresponds to "Smart
-# Shutdown mode" in which any existing sessions are allowed to finish and the
-# server stops when all sessions are terminated.
-#
-# See https://www.postgresql.org/docs/12/server-shutdown.html for more details
+# See https://www.postgresql.org/docs/current/server-shutdown.html for more details
# about available PostgreSQL server shutdown signals.
#
-# See also https://www.postgresql.org/docs/12/server-start.html for further
+# See also https://www.postgresql.org/docs/current/server-start.html for further
# justification of this as the default value, namely that the example (and
# shipped) systemd service files use the "Fast Shutdown mode" for service
# termination.
@@ -215,10 +209,10 @@ STOPSIGNAL SIGINT
# An additional setting that is recommended for all users regardless of this
# value is the runtime "--stop-timeout" (or your orchestrator/runtime's
# equivalent) for controlling how long to wait between sending the defined
-# STOPSIGNAL and sending SIGKILL (which is likely to cause data corruption).
+# STOPSIGNAL and sending SIGKILL.
#
# The default in most runtimes (such as Docker) is 10 seconds, and the
-# documentation at https://www.postgresql.org/docs/12/server-start.html notes
+# documentation at https://www.postgresql.org/docs/current/server-start.html notes
# that even 90 seconds may not be long enough in many instances.
EXPOSE 5432
diff --git a/12/bullseye/Dockerfile b/12/bullseye/Dockerfile
index 526491f45d..098f684129 100644
--- a/12/bullseye/Dockerfile
+++ b/12/bullseye/Dockerfile
@@ -194,18 +194,12 @@ ENTRYPOINT ["docker-entrypoint.sh"]
# We set the default STOPSIGNAL to SIGINT, which corresponds to what PostgreSQL
# calls "Fast Shutdown mode" wherein new connections are disallowed and any
# in-progress transactions are aborted, allowing PostgreSQL to stop cleanly and
-# flush tables to disk, which is the best compromise available to avoid data
-# corruption.
+# flush tables to disk.
#
-# Users who know their applications do not keep open long-lived idle connections
-# may way to use a value of SIGTERM instead, which corresponds to "Smart
-# Shutdown mode" in which any existing sessions are allowed to finish and the
-# server stops when all sessions are terminated.
-#
-# See https://www.postgresql.org/docs/12/server-shutdown.html for more details
+# See https://www.postgresql.org/docs/current/server-shutdown.html for more details
# about available PostgreSQL server shutdown signals.
#
-# See also https://www.postgresql.org/docs/12/server-start.html for further
+# See also https://www.postgresql.org/docs/current/server-start.html for further
# justification of this as the default value, namely that the example (and
# shipped) systemd service files use the "Fast Shutdown mode" for service
# termination.
@@ -215,10 +209,10 @@ STOPSIGNAL SIGINT
# An additional setting that is recommended for all users regardless of this
# value is the runtime "--stop-timeout" (or your orchestrator/runtime's
# equivalent) for controlling how long to wait between sending the defined
-# STOPSIGNAL and sending SIGKILL (which is likely to cause data corruption).
+# STOPSIGNAL and sending SIGKILL.
#
# The default in most runtimes (such as Docker) is 10 seconds, and the
-# documentation at https://www.postgresql.org/docs/12/server-start.html notes
+# documentation at https://www.postgresql.org/docs/current/server-start.html notes
# that even 90 seconds may not be long enough in many instances.
EXPOSE 5432
diff --git a/13/alpine3.20/Dockerfile b/13/alpine3.20/Dockerfile
index 3d694c3609..a65cf3e580 100644
--- a/13/alpine3.20/Dockerfile
+++ b/13/alpine3.20/Dockerfile
@@ -203,18 +203,12 @@ ENTRYPOINT ["docker-entrypoint.sh"]
# We set the default STOPSIGNAL to SIGINT, which corresponds to what PostgreSQL
# calls "Fast Shutdown mode" wherein new connections are disallowed and any
# in-progress transactions are aborted, allowing PostgreSQL to stop cleanly and
-# flush tables to disk, which is the best compromise available to avoid data
-# corruption.
+# flush tables to disk.
#
-# Users who know their applications do not keep open long-lived idle connections
-# may way to use a value of SIGTERM instead, which corresponds to "Smart
-# Shutdown mode" in which any existing sessions are allowed to finish and the
-# server stops when all sessions are terminated.
-#
-# See https://www.postgresql.org/docs/12/server-shutdown.html for more details
+# See https://www.postgresql.org/docs/current/server-shutdown.html for more details
# about available PostgreSQL server shutdown signals.
#
-# See also https://www.postgresql.org/docs/12/server-start.html for further
+# See also https://www.postgresql.org/docs/current/server-start.html for further
# justification of this as the default value, namely that the example (and
# shipped) systemd service files use the "Fast Shutdown mode" for service
# termination.
@@ -224,10 +218,10 @@ STOPSIGNAL SIGINT
# An additional setting that is recommended for all users regardless of this
# value is the runtime "--stop-timeout" (or your orchestrator/runtime's
# equivalent) for controlling how long to wait between sending the defined
-# STOPSIGNAL and sending SIGKILL (which is likely to cause data corruption).
+# STOPSIGNAL and sending SIGKILL.
#
# The default in most runtimes (such as Docker) is 10 seconds, and the
-# documentation at https://www.postgresql.org/docs/12/server-start.html notes
+# documentation at https://www.postgresql.org/docs/current/server-start.html notes
# that even 90 seconds may not be long enough in many instances.
EXPOSE 5432
diff --git a/13/alpine3.21/Dockerfile b/13/alpine3.21/Dockerfile
index 1adc2f84c8..74c92fc237 100644
--- a/13/alpine3.21/Dockerfile
+++ b/13/alpine3.21/Dockerfile
@@ -203,18 +203,12 @@ ENTRYPOINT ["docker-entrypoint.sh"]
# We set the default STOPSIGNAL to SIGINT, which corresponds to what PostgreSQL
# calls "Fast Shutdown mode" wherein new connections are disallowed and any
# in-progress transactions are aborted, allowing PostgreSQL to stop cleanly and
-# flush tables to disk, which is the best compromise available to avoid data
-# corruption.
+# flush tables to disk.
#
-# Users who know their applications do not keep open long-lived idle connections
-# may way to use a value of SIGTERM instead, which corresponds to "Smart
-# Shutdown mode" in which any existing sessions are allowed to finish and the
-# server stops when all sessions are terminated.
-#
-# See https://www.postgresql.org/docs/12/server-shutdown.html for more details
+# See https://www.postgresql.org/docs/current/server-shutdown.html for more details
# about available PostgreSQL server shutdown signals.
#
-# See also https://www.postgresql.org/docs/12/server-start.html for further
+# See also https://www.postgresql.org/docs/current/server-start.html for further
# justification of this as the default value, namely that the example (and
# shipped) systemd service files use the "Fast Shutdown mode" for service
# termination.
@@ -224,10 +218,10 @@ STOPSIGNAL SIGINT
# An additional setting that is recommended for all users regardless of this
# value is the runtime "--stop-timeout" (or your orchestrator/runtime's
# equivalent) for controlling how long to wait between sending the defined
-# STOPSIGNAL and sending SIGKILL (which is likely to cause data corruption).
+# STOPSIGNAL and sending SIGKILL.
#
# The default in most runtimes (such as Docker) is 10 seconds, and the
-# documentation at https://www.postgresql.org/docs/12/server-start.html notes
+# documentation at https://www.postgresql.org/docs/current/server-start.html notes
# that even 90 seconds may not be long enough in many instances.
EXPOSE 5432
diff --git a/13/bookworm/Dockerfile b/13/bookworm/Dockerfile
index 99432918b9..cb68eb9b15 100644
--- a/13/bookworm/Dockerfile
+++ b/13/bookworm/Dockerfile
@@ -196,18 +196,12 @@ ENTRYPOINT ["docker-entrypoint.sh"]
# We set the default STOPSIGNAL to SIGINT, which corresponds to what PostgreSQL
# calls "Fast Shutdown mode" wherein new connections are disallowed and any
# in-progress transactions are aborted, allowing PostgreSQL to stop cleanly and
-# flush tables to disk, which is the best compromise available to avoid data
-# corruption.
+# flush tables to disk.
#
-# Users who know their applications do not keep open long-lived idle connections
-# may way to use a value of SIGTERM instead, which corresponds to "Smart
-# Shutdown mode" in which any existing sessions are allowed to finish and the
-# server stops when all sessions are terminated.
-#
-# See https://www.postgresql.org/docs/12/server-shutdown.html for more details
+# See https://www.postgresql.org/docs/current/server-shutdown.html for more details
# about available PostgreSQL server shutdown signals.
#
-# See also https://www.postgresql.org/docs/12/server-start.html for further
+# See also https://www.postgresql.org/docs/current/server-start.html for further
# justification of this as the default value, namely that the example (and
# shipped) systemd service files use the "Fast Shutdown mode" for service
# termination.
@@ -217,10 +211,10 @@ STOPSIGNAL SIGINT
# An additional setting that is recommended for all users regardless of this
# value is the runtime "--stop-timeout" (or your orchestrator/runtime's
# equivalent) for controlling how long to wait between sending the defined
-# STOPSIGNAL and sending SIGKILL (which is likely to cause data corruption).
+# STOPSIGNAL and sending SIGKILL.
#
# The default in most runtimes (such as Docker) is 10 seconds, and the
-# documentation at https://www.postgresql.org/docs/12/server-start.html notes
+# documentation at https://www.postgresql.org/docs/current/server-start.html notes
# that even 90 seconds may not be long enough in many instances.
EXPOSE 5432
diff --git a/13/bullseye/Dockerfile b/13/bullseye/Dockerfile
index 18b4ffcf86..a42d00dbcf 100644
--- a/13/bullseye/Dockerfile
+++ b/13/bullseye/Dockerfile
@@ -196,18 +196,12 @@ ENTRYPOINT ["docker-entrypoint.sh"]
# We set the default STOPSIGNAL to SIGINT, which corresponds to what PostgreSQL
# calls "Fast Shutdown mode" wherein new connections are disallowed and any
# in-progress transactions are aborted, allowing PostgreSQL to stop cleanly and
-# flush tables to disk, which is the best compromise available to avoid data
-# corruption.
+# flush tables to disk.
#
-# Users who know their applications do not keep open long-lived idle connections
-# may way to use a value of SIGTERM instead, which corresponds to "Smart
-# Shutdown mode" in which any existing sessions are allowed to finish and the
-# server stops when all sessions are terminated.
-#
-# See https://www.postgresql.org/docs/12/server-shutdown.html for more details
+# See https://www.postgresql.org/docs/current/server-shutdown.html for more details
# about available PostgreSQL server shutdown signals.
#
-# See also https://www.postgresql.org/docs/12/server-start.html for further
+# See also https://www.postgresql.org/docs/current/server-start.html for further
# justification of this as the default value, namely that the example (and
# shipped) systemd service files use the "Fast Shutdown mode" for service
# termination.
@@ -217,10 +211,10 @@ STOPSIGNAL SIGINT
# An additional setting that is recommended for all users regardless of this
# value is the runtime "--stop-timeout" (or your orchestrator/runtime's
# equivalent) for controlling how long to wait between sending the defined
-# STOPSIGNAL and sending SIGKILL (which is likely to cause data corruption).
+# STOPSIGNAL and sending SIGKILL.
#
# The default in most runtimes (such as Docker) is 10 seconds, and the
-# documentation at https://www.postgresql.org/docs/12/server-start.html notes
+# documentation at https://www.postgresql.org/docs/current/server-start.html notes
# that even 90 seconds may not be long enough in many instances.
EXPOSE 5432
diff --git a/14/alpine3.20/Dockerfile b/14/alpine3.20/Dockerfile
index 98f6b30aeb..c9dfbdea53 100644
--- a/14/alpine3.20/Dockerfile
+++ b/14/alpine3.20/Dockerfile
@@ -206,18 +206,12 @@ ENTRYPOINT ["docker-entrypoint.sh"]
# We set the default STOPSIGNAL to SIGINT, which corresponds to what PostgreSQL
# calls "Fast Shutdown mode" wherein new connections are disallowed and any
# in-progress transactions are aborted, allowing PostgreSQL to stop cleanly and
-# flush tables to disk, which is the best compromise available to avoid data
-# corruption.
+# flush tables to disk.
#
-# Users who know their applications do not keep open long-lived idle connections
-# may way to use a value of SIGTERM instead, which corresponds to "Smart
-# Shutdown mode" in which any existing sessions are allowed to finish and the
-# server stops when all sessions are terminated.
-#
-# See https://www.postgresql.org/docs/12/server-shutdown.html for more details
+# See https://www.postgresql.org/docs/current/server-shutdown.html for more details
# about available PostgreSQL server shutdown signals.
#
-# See also https://www.postgresql.org/docs/12/server-start.html for further
+# See also https://www.postgresql.org/docs/current/server-start.html for further
# justification of this as the default value, namely that the example (and
# shipped) systemd service files use the "Fast Shutdown mode" for service
# termination.
@@ -227,10 +221,10 @@ STOPSIGNAL SIGINT
# An additional setting that is recommended for all users regardless of this
# value is the runtime "--stop-timeout" (or your orchestrator/runtime's
# equivalent) for controlling how long to wait between sending the defined
-# STOPSIGNAL and sending SIGKILL (which is likely to cause data corruption).
+# STOPSIGNAL and sending SIGKILL.
#
# The default in most runtimes (such as Docker) is 10 seconds, and the
-# documentation at https://www.postgresql.org/docs/12/server-start.html notes
+# documentation at https://www.postgresql.org/docs/current/server-start.html notes
# that even 90 seconds may not be long enough in many instances.
EXPOSE 5432
diff --git a/14/alpine3.21/Dockerfile b/14/alpine3.21/Dockerfile
index 46e0f7353c..ff2107486e 100644
--- a/14/alpine3.21/Dockerfile
+++ b/14/alpine3.21/Dockerfile
@@ -206,18 +206,12 @@ ENTRYPOINT ["docker-entrypoint.sh"]
# We set the default STOPSIGNAL to SIGINT, which corresponds to what PostgreSQL
# calls "Fast Shutdown mode" wherein new connections are disallowed and any
# in-progress transactions are aborted, allowing PostgreSQL to stop cleanly and
-# flush tables to disk, which is the best compromise available to avoid data
-# corruption.
+# flush tables to disk.
#
-# Users who know their applications do not keep open long-lived idle connections
-# may way to use a value of SIGTERM instead, which corresponds to "Smart
-# Shutdown mode" in which any existing sessions are allowed to finish and the
-# server stops when all sessions are terminated.
-#
-# See https://www.postgresql.org/docs/12/server-shutdown.html for more details
+# See https://www.postgresql.org/docs/current/server-shutdown.html for more details
# about available PostgreSQL server shutdown signals.
#
-# See also https://www.postgresql.org/docs/12/server-start.html for further
+# See also https://www.postgresql.org/docs/current/server-start.html for further
# justification of this as the default value, namely that the example (and
# shipped) systemd service files use the "Fast Shutdown mode" for service
# termination.
@@ -227,10 +221,10 @@ STOPSIGNAL SIGINT
# An additional setting that is recommended for all users regardless of this
# value is the runtime "--stop-timeout" (or your orchestrator/runtime's
# equivalent) for controlling how long to wait between sending the defined
-# STOPSIGNAL and sending SIGKILL (which is likely to cause data corruption).
+# STOPSIGNAL and sending SIGKILL.
#
# The default in most runtimes (such as Docker) is 10 seconds, and the
-# documentation at https://www.postgresql.org/docs/12/server-start.html notes
+# documentation at https://www.postgresql.org/docs/current/server-start.html notes
# that even 90 seconds may not be long enough in many instances.
EXPOSE 5432
diff --git a/14/bookworm/Dockerfile b/14/bookworm/Dockerfile
index f70799807c..f404f7a99b 100644
--- a/14/bookworm/Dockerfile
+++ b/14/bookworm/Dockerfile
@@ -194,18 +194,12 @@ ENTRYPOINT ["docker-entrypoint.sh"]
# We set the default STOPSIGNAL to SIGINT, which corresponds to what PostgreSQL
# calls "Fast Shutdown mode" wherein new connections are disallowed and any
# in-progress transactions are aborted, allowing PostgreSQL to stop cleanly and
-# flush tables to disk, which is the best compromise available to avoid data
-# corruption.
+# flush tables to disk.
#
-# Users who know their applications do not keep open long-lived idle connections
-# may way to use a value of SIGTERM instead, which corresponds to "Smart
-# Shutdown mode" in which any existing sessions are allowed to finish and the
-# server stops when all sessions are terminated.
-#
-# See https://www.postgresql.org/docs/12/server-shutdown.html for more details
+# See https://www.postgresql.org/docs/current/server-shutdown.html for more details
# about available PostgreSQL server shutdown signals.
#
-# See also https://www.postgresql.org/docs/12/server-start.html for further
+# See also https://www.postgresql.org/docs/current/server-start.html for further
# justification of this as the default value, namely that the example (and
# shipped) systemd service files use the "Fast Shutdown mode" for service
# termination.
@@ -215,10 +209,10 @@ STOPSIGNAL SIGINT
# An additional setting that is recommended for all users regardless of this
# value is the runtime "--stop-timeout" (or your orchestrator/runtime's
# equivalent) for controlling how long to wait between sending the defined
-# STOPSIGNAL and sending SIGKILL (which is likely to cause data corruption).
+# STOPSIGNAL and sending SIGKILL.
#
# The default in most runtimes (such as Docker) is 10 seconds, and the
-# documentation at https://www.postgresql.org/docs/12/server-start.html notes
+# documentation at https://www.postgresql.org/docs/current/server-start.html notes
# that even 90 seconds may not be long enough in many instances.
EXPOSE 5432
diff --git a/14/bullseye/Dockerfile b/14/bullseye/Dockerfile
index 3f7e4eca95..0c7c224579 100644
--- a/14/bullseye/Dockerfile
+++ b/14/bullseye/Dockerfile
@@ -194,18 +194,12 @@ ENTRYPOINT ["docker-entrypoint.sh"]
# We set the default STOPSIGNAL to SIGINT, which corresponds to what PostgreSQL
# calls "Fast Shutdown mode" wherein new connections are disallowed and any
# in-progress transactions are aborted, allowing PostgreSQL to stop cleanly and
-# flush tables to disk, which is the best compromise available to avoid data
-# corruption.
+# flush tables to disk.
#
-# Users who know their applications do not keep open long-lived idle connections
-# may way to use a value of SIGTERM instead, which corresponds to "Smart
-# Shutdown mode" in which any existing sessions are allowed to finish and the
-# server stops when all sessions are terminated.
-#
-# See https://www.postgresql.org/docs/12/server-shutdown.html for more details
+# See https://www.postgresql.org/docs/current/server-shutdown.html for more details
# about available PostgreSQL server shutdown signals.
#
-# See also https://www.postgresql.org/docs/12/server-start.html for further
+# See also https://www.postgresql.org/docs/current/server-start.html for further
# justification of this as the default value, namely that the example (and
# shipped) systemd service files use the "Fast Shutdown mode" for service
# termination.
@@ -215,10 +209,10 @@ STOPSIGNAL SIGINT
# An additional setting that is recommended for all users regardless of this
# value is the runtime "--stop-timeout" (or your orchestrator/runtime's
# equivalent) for controlling how long to wait between sending the defined
-# STOPSIGNAL and sending SIGKILL (which is likely to cause data corruption).
+# STOPSIGNAL and sending SIGKILL.
#
# The default in most runtimes (such as Docker) is 10 seconds, and the
-# documentation at https://www.postgresql.org/docs/12/server-start.html notes
+# documentation at https://www.postgresql.org/docs/current/server-start.html notes
# that even 90 seconds may not be long enough in many instances.
EXPOSE 5432
diff --git a/15/alpine3.20/Dockerfile b/15/alpine3.20/Dockerfile
index a837092196..baa5fea81a 100644
--- a/15/alpine3.20/Dockerfile
+++ b/15/alpine3.20/Dockerfile
@@ -209,18 +209,12 @@ ENTRYPOINT ["docker-entrypoint.sh"]
# We set the default STOPSIGNAL to SIGINT, which corresponds to what PostgreSQL
# calls "Fast Shutdown mode" wherein new connections are disallowed and any
# in-progress transactions are aborted, allowing PostgreSQL to stop cleanly and
-# flush tables to disk, which is the best compromise available to avoid data
-# corruption.
+# flush tables to disk.
#
-# Users who know their applications do not keep open long-lived idle connections
-# may way to use a value of SIGTERM instead, which corresponds to "Smart
-# Shutdown mode" in which any existing sessions are allowed to finish and the
-# server stops when all sessions are terminated.
-#
-# See https://www.postgresql.org/docs/12/server-shutdown.html for more details
+# See https://www.postgresql.org/docs/current/server-shutdown.html for more details
# about available PostgreSQL server shutdown signals.
#
-# See also https://www.postgresql.org/docs/12/server-start.html for further
+# See also https://www.postgresql.org/docs/current/server-start.html for further
# justification of this as the default value, namely that the example (and
# shipped) systemd service files use the "Fast Shutdown mode" for service
# termination.
@@ -230,10 +224,10 @@ STOPSIGNAL SIGINT
# An additional setting that is recommended for all users regardless of this
# value is the runtime "--stop-timeout" (or your orchestrator/runtime's
# equivalent) for controlling how long to wait between sending the defined
-# STOPSIGNAL and sending SIGKILL (which is likely to cause data corruption).
+# STOPSIGNAL and sending SIGKILL.
#
# The default in most runtimes (such as Docker) is 10 seconds, and the
-# documentation at https://www.postgresql.org/docs/12/server-start.html notes
+# documentation at https://www.postgresql.org/docs/current/server-start.html notes
# that even 90 seconds may not be long enough in many instances.
EXPOSE 5432
diff --git a/15/alpine3.21/Dockerfile b/15/alpine3.21/Dockerfile
index cd3c8c0724..c942494d34 100644
--- a/15/alpine3.21/Dockerfile
+++ b/15/alpine3.21/Dockerfile
@@ -209,18 +209,12 @@ ENTRYPOINT ["docker-entrypoint.sh"]
# We set the default STOPSIGNAL to SIGINT, which corresponds to what PostgreSQL
# calls "Fast Shutdown mode" wherein new connections are disallowed and any
# in-progress transactions are aborted, allowing PostgreSQL to stop cleanly and
-# flush tables to disk, which is the best compromise available to avoid data
-# corruption.
+# flush tables to disk.
#
-# Users who know their applications do not keep open long-lived idle connections
-# may way to use a value of SIGTERM instead, which corresponds to "Smart
-# Shutdown mode" in which any existing sessions are allowed to finish and the
-# server stops when all sessions are terminated.
-#
-# See https://www.postgresql.org/docs/12/server-shutdown.html for more details
+# See https://www.postgresql.org/docs/current/server-shutdown.html for more details
# about available PostgreSQL server shutdown signals.
#
-# See also https://www.postgresql.org/docs/12/server-start.html for further
+# See also https://www.postgresql.org/docs/current/server-start.html for further
# justification of this as the default value, namely that the example (and
# shipped) systemd service files use the "Fast Shutdown mode" for service
# termination.
@@ -230,10 +224,10 @@ STOPSIGNAL SIGINT
# An additional setting that is recommended for all users regardless of this
# value is the runtime "--stop-timeout" (or your orchestrator/runtime's
# equivalent) for controlling how long to wait between sending the defined
-# STOPSIGNAL and sending SIGKILL (which is likely to cause data corruption).
+# STOPSIGNAL and sending SIGKILL.
#
# The default in most runtimes (such as Docker) is 10 seconds, and the
-# documentation at https://www.postgresql.org/docs/12/server-start.html notes
+# documentation at https://www.postgresql.org/docs/current/server-start.html notes
# that even 90 seconds may not be long enough in many instances.
EXPOSE 5432
diff --git a/15/bookworm/Dockerfile b/15/bookworm/Dockerfile
index d3d44d9fec..3caf089e07 100644
--- a/15/bookworm/Dockerfile
+++ b/15/bookworm/Dockerfile
@@ -194,18 +194,12 @@ ENTRYPOINT ["docker-entrypoint.sh"]
# We set the default STOPSIGNAL to SIGINT, which corresponds to what PostgreSQL
# calls "Fast Shutdown mode" wherein new connections are disallowed and any
# in-progress transactions are aborted, allowing PostgreSQL to stop cleanly and
-# flush tables to disk, which is the best compromise available to avoid data
-# corruption.
+# flush tables to disk.
#
-# Users who know their applications do not keep open long-lived idle connections
-# may way to use a value of SIGTERM instead, which corresponds to "Smart
-# Shutdown mode" in which any existing sessions are allowed to finish and the
-# server stops when all sessions are terminated.
-#
-# See https://www.postgresql.org/docs/12/server-shutdown.html for more details
+# See https://www.postgresql.org/docs/current/server-shutdown.html for more details
# about available PostgreSQL server shutdown signals.
#
-# See also https://www.postgresql.org/docs/12/server-start.html for further
+# See also https://www.postgresql.org/docs/current/server-start.html for further
# justification of this as the default value, namely that the example (and
# shipped) systemd service files use the "Fast Shutdown mode" for service
# termination.
@@ -215,10 +209,10 @@ STOPSIGNAL SIGINT
# An additional setting that is recommended for all users regardless of this
# value is the runtime "--stop-timeout" (or your orchestrator/runtime's
# equivalent) for controlling how long to wait between sending the defined
-# STOPSIGNAL and sending SIGKILL (which is likely to cause data corruption).
+# STOPSIGNAL and sending SIGKILL.
#
# The default in most runtimes (such as Docker) is 10 seconds, and the
-# documentation at https://www.postgresql.org/docs/12/server-start.html notes
+# documentation at https://www.postgresql.org/docs/current/server-start.html notes
# that even 90 seconds may not be long enough in many instances.
EXPOSE 5432
diff --git a/15/bullseye/Dockerfile b/15/bullseye/Dockerfile
index 582076c41b..b19c220ce1 100644
--- a/15/bullseye/Dockerfile
+++ b/15/bullseye/Dockerfile
@@ -194,18 +194,12 @@ ENTRYPOINT ["docker-entrypoint.sh"]
# We set the default STOPSIGNAL to SIGINT, which corresponds to what PostgreSQL
# calls "Fast Shutdown mode" wherein new connections are disallowed and any
# in-progress transactions are aborted, allowing PostgreSQL to stop cleanly and
-# flush tables to disk, which is the best compromise available to avoid data
-# corruption.
+# flush tables to disk.
#
-# Users who know their applications do not keep open long-lived idle connections
-# may way to use a value of SIGTERM instead, which corresponds to "Smart
-# Shutdown mode" in which any existing sessions are allowed to finish and the
-# server stops when all sessions are terminated.
-#
-# See https://www.postgresql.org/docs/12/server-shutdown.html for more details
+# See https://www.postgresql.org/docs/current/server-shutdown.html for more details
# about available PostgreSQL server shutdown signals.
#
-# See also https://www.postgresql.org/docs/12/server-start.html for further
+# See also https://www.postgresql.org/docs/current/server-start.html for further
# justification of this as the default value, namely that the example (and
# shipped) systemd service files use the "Fast Shutdown mode" for service
# termination.
@@ -215,10 +209,10 @@ STOPSIGNAL SIGINT
# An additional setting that is recommended for all users regardless of this
# value is the runtime "--stop-timeout" (or your orchestrator/runtime's
# equivalent) for controlling how long to wait between sending the defined
-# STOPSIGNAL and sending SIGKILL (which is likely to cause data corruption).
+# STOPSIGNAL and sending SIGKILL.
#
# The default in most runtimes (such as Docker) is 10 seconds, and the
-# documentation at https://www.postgresql.org/docs/12/server-start.html notes
+# documentation at https://www.postgresql.org/docs/current/server-start.html notes
# that even 90 seconds may not be long enough in many instances.
EXPOSE 5432
diff --git a/16/alpine3.20/Dockerfile b/16/alpine3.20/Dockerfile
index 36b35cdcb0..7c898dbcb5 100644
--- a/16/alpine3.20/Dockerfile
+++ b/16/alpine3.20/Dockerfile
@@ -208,18 +208,12 @@ ENTRYPOINT ["docker-entrypoint.sh"]
# We set the default STOPSIGNAL to SIGINT, which corresponds to what PostgreSQL
# calls "Fast Shutdown mode" wherein new connections are disallowed and any
# in-progress transactions are aborted, allowing PostgreSQL to stop cleanly and
-# flush tables to disk, which is the best compromise available to avoid data
-# corruption.
+# flush tables to disk.
#
-# Users who know their applications do not keep open long-lived idle connections
-# may way to use a value of SIGTERM instead, which corresponds to "Smart
-# Shutdown mode" in which any existing sessions are allowed to finish and the
-# server stops when all sessions are terminated.
-#
-# See https://www.postgresql.org/docs/12/server-shutdown.html for more details
+# See https://www.postgresql.org/docs/current/server-shutdown.html for more details
# about available PostgreSQL server shutdown signals.
#
-# See also https://www.postgresql.org/docs/12/server-start.html for further
+# See also https://www.postgresql.org/docs/current/server-start.html for further
# justification of this as the default value, namely that the example (and
# shipped) systemd service files use the "Fast Shutdown mode" for service
# termination.
@@ -229,10 +223,10 @@ STOPSIGNAL SIGINT
# An additional setting that is recommended for all users regardless of this
# value is the runtime "--stop-timeout" (or your orchestrator/runtime's
# equivalent) for controlling how long to wait between sending the defined
-# STOPSIGNAL and sending SIGKILL (which is likely to cause data corruption).
+# STOPSIGNAL and sending SIGKILL.
#
# The default in most runtimes (such as Docker) is 10 seconds, and the
-# documentation at https://www.postgresql.org/docs/12/server-start.html notes
+# documentation at https://www.postgresql.org/docs/current/server-start.html notes
# that even 90 seconds may not be long enough in many instances.
EXPOSE 5432
diff --git a/16/alpine3.21/Dockerfile b/16/alpine3.21/Dockerfile
index 8b9173336f..2c90ad3792 100644
--- a/16/alpine3.21/Dockerfile
+++ b/16/alpine3.21/Dockerfile
@@ -208,18 +208,12 @@ ENTRYPOINT ["docker-entrypoint.sh"]
# We set the default STOPSIGNAL to SIGINT, which corresponds to what PostgreSQL
# calls "Fast Shutdown mode" wherein new connections are disallowed and any
# in-progress transactions are aborted, allowing PostgreSQL to stop cleanly and
-# flush tables to disk, which is the best compromise available to avoid data
-# corruption.
+# flush tables to disk.
#
-# Users who know their applications do not keep open long-lived idle connections
-# may way to use a value of SIGTERM instead, which corresponds to "Smart
-# Shutdown mode" in which any existing sessions are allowed to finish and the
-# server stops when all sessions are terminated.
-#
-# See https://www.postgresql.org/docs/12/server-shutdown.html for more details
+# See https://www.postgresql.org/docs/current/server-shutdown.html for more details
# about available PostgreSQL server shutdown signals.
#
-# See also https://www.postgresql.org/docs/12/server-start.html for further
+# See also https://www.postgresql.org/docs/current/server-start.html for further
# justification of this as the default value, namely that the example (and
# shipped) systemd service files use the "Fast Shutdown mode" for service
# termination.
@@ -229,10 +223,10 @@ STOPSIGNAL SIGINT
# An additional setting that is recommended for all users regardless of this
# value is the runtime "--stop-timeout" (or your orchestrator/runtime's
# equivalent) for controlling how long to wait between sending the defined
-# STOPSIGNAL and sending SIGKILL (which is likely to cause data corruption).
+# STOPSIGNAL and sending SIGKILL.
#
# The default in most runtimes (such as Docker) is 10 seconds, and the
-# documentation at https://www.postgresql.org/docs/12/server-start.html notes
+# documentation at https://www.postgresql.org/docs/current/server-start.html notes
# that even 90 seconds may not be long enough in many instances.
EXPOSE 5432
diff --git a/16/bookworm/Dockerfile b/16/bookworm/Dockerfile
index 2a3fda32c3..e2adcdb4b0 100644
--- a/16/bookworm/Dockerfile
+++ b/16/bookworm/Dockerfile
@@ -194,18 +194,12 @@ ENTRYPOINT ["docker-entrypoint.sh"]
# We set the default STOPSIGNAL to SIGINT, which corresponds to what PostgreSQL
# calls "Fast Shutdown mode" wherein new connections are disallowed and any
# in-progress transactions are aborted, allowing PostgreSQL to stop cleanly and
-# flush tables to disk, which is the best compromise available to avoid data
-# corruption.
+# flush tables to disk.
#
-# Users who know their applications do not keep open long-lived idle connections
-# may way to use a value of SIGTERM instead, which corresponds to "Smart
-# Shutdown mode" in which any existing sessions are allowed to finish and the
-# server stops when all sessions are terminated.
-#
-# See https://www.postgresql.org/docs/12/server-shutdown.html for more details
+# See https://www.postgresql.org/docs/current/server-shutdown.html for more details
# about available PostgreSQL server shutdown signals.
#
-# See also https://www.postgresql.org/docs/12/server-start.html for further
+# See also https://www.postgresql.org/docs/current/server-start.html for further
# justification of this as the default value, namely that the example (and
# shipped) systemd service files use the "Fast Shutdown mode" for service
# termination.
@@ -215,10 +209,10 @@ STOPSIGNAL SIGINT
# An additional setting that is recommended for all users regardless of this
# value is the runtime "--stop-timeout" (or your orchestrator/runtime's
# equivalent) for controlling how long to wait between sending the defined
-# STOPSIGNAL and sending SIGKILL (which is likely to cause data corruption).
+# STOPSIGNAL and sending SIGKILL.
#
# The default in most runtimes (such as Docker) is 10 seconds, and the
-# documentation at https://www.postgresql.org/docs/12/server-start.html notes
+# documentation at https://www.postgresql.org/docs/current/server-start.html notes
# that even 90 seconds may not be long enough in many instances.
EXPOSE 5432
diff --git a/16/bullseye/Dockerfile b/16/bullseye/Dockerfile
index 75a6bf083e..bae4ffbc29 100644
--- a/16/bullseye/Dockerfile
+++ b/16/bullseye/Dockerfile
@@ -194,18 +194,12 @@ ENTRYPOINT ["docker-entrypoint.sh"]
# We set the default STOPSIGNAL to SIGINT, which corresponds to what PostgreSQL
# calls "Fast Shutdown mode" wherein new connections are disallowed and any
# in-progress transactions are aborted, allowing PostgreSQL to stop cleanly and
-# flush tables to disk, which is the best compromise available to avoid data
-# corruption.
+# flush tables to disk.
#
-# Users who know their applications do not keep open long-lived idle connections
-# may way to use a value of SIGTERM instead, which corresponds to "Smart
-# Shutdown mode" in which any existing sessions are allowed to finish and the
-# server stops when all sessions are terminated.
-#
-# See https://www.postgresql.org/docs/12/server-shutdown.html for more details
+# See https://www.postgresql.org/docs/current/server-shutdown.html for more details
# about available PostgreSQL server shutdown signals.
#
-# See also https://www.postgresql.org/docs/12/server-start.html for further
+# See also https://www.postgresql.org/docs/current/server-start.html for further
# justification of this as the default value, namely that the example (and
# shipped) systemd service files use the "Fast Shutdown mode" for service
# termination.
@@ -215,10 +209,10 @@ STOPSIGNAL SIGINT
# An additional setting that is recommended for all users regardless of this
# value is the runtime "--stop-timeout" (or your orchestrator/runtime's
# equivalent) for controlling how long to wait between sending the defined
-# STOPSIGNAL and sending SIGKILL (which is likely to cause data corruption).
+# STOPSIGNAL and sending SIGKILL.
#
# The default in most runtimes (such as Docker) is 10 seconds, and the
-# documentation at https://www.postgresql.org/docs/12/server-start.html notes
+# documentation at https://www.postgresql.org/docs/current/server-start.html notes
# that even 90 seconds may not be long enough in many instances.
EXPOSE 5432
diff --git a/17/alpine3.20/Dockerfile b/17/alpine3.20/Dockerfile
index 40d8bbd4bf..d3e1131068 100644
--- a/17/alpine3.20/Dockerfile
+++ b/17/alpine3.20/Dockerfile
@@ -206,18 +206,12 @@ ENTRYPOINT ["docker-entrypoint.sh"]
# We set the default STOPSIGNAL to SIGINT, which corresponds to what PostgreSQL
# calls "Fast Shutdown mode" wherein new connections are disallowed and any
# in-progress transactions are aborted, allowing PostgreSQL to stop cleanly and
-# flush tables to disk, which is the best compromise available to avoid data
-# corruption.
+# flush tables to disk.
#
-# Users who know their applications do not keep open long-lived idle connections
-# may way to use a value of SIGTERM instead, which corresponds to "Smart
-# Shutdown mode" in which any existing sessions are allowed to finish and the
-# server stops when all sessions are terminated.
-#
-# See https://www.postgresql.org/docs/12/server-shutdown.html for more details
+# See https://www.postgresql.org/docs/current/server-shutdown.html for more details
# about available PostgreSQL server shutdown signals.
#
-# See also https://www.postgresql.org/docs/12/server-start.html for further
+# See also https://www.postgresql.org/docs/current/server-start.html for further
# justification of this as the default value, namely that the example (and
# shipped) systemd service files use the "Fast Shutdown mode" for service
# termination.
@@ -227,10 +221,10 @@ STOPSIGNAL SIGINT
# An additional setting that is recommended for all users regardless of this
# value is the runtime "--stop-timeout" (or your orchestrator/runtime's
# equivalent) for controlling how long to wait between sending the defined
-# STOPSIGNAL and sending SIGKILL (which is likely to cause data corruption).
+# STOPSIGNAL and sending SIGKILL.
#
# The default in most runtimes (such as Docker) is 10 seconds, and the
-# documentation at https://www.postgresql.org/docs/12/server-start.html notes
+# documentation at https://www.postgresql.org/docs/current/server-start.html notes
# that even 90 seconds may not be long enough in many instances.
EXPOSE 5432
diff --git a/17/alpine3.21/Dockerfile b/17/alpine3.21/Dockerfile
index 5c2914fcb2..b8b439b28c 100644
--- a/17/alpine3.21/Dockerfile
+++ b/17/alpine3.21/Dockerfile
@@ -206,18 +206,12 @@ ENTRYPOINT ["docker-entrypoint.sh"]
# We set the default STOPSIGNAL to SIGINT, which corresponds to what PostgreSQL
# calls "Fast Shutdown mode" wherein new connections are disallowed and any
# in-progress transactions are aborted, allowing PostgreSQL to stop cleanly and
-# flush tables to disk, which is the best compromise available to avoid data
-# corruption.
+# flush tables to disk.
#
-# Users who know their applications do not keep open long-lived idle connections
-# may way to use a value of SIGTERM instead, which corresponds to "Smart
-# Shutdown mode" in which any existing sessions are allowed to finish and the
-# server stops when all sessions are terminated.
-#
-# See https://www.postgresql.org/docs/12/server-shutdown.html for more details
+# See https://www.postgresql.org/docs/current/server-shutdown.html for more details
# about available PostgreSQL server shutdown signals.
#
-# See also https://www.postgresql.org/docs/12/server-start.html for further
+# See also https://www.postgresql.org/docs/current/server-start.html for further
# justification of this as the default value, namely that the example (and
# shipped) systemd service files use the "Fast Shutdown mode" for service
# termination.
@@ -227,10 +221,10 @@ STOPSIGNAL SIGINT
# An additional setting that is recommended for all users regardless of this
# value is the runtime "--stop-timeout" (or your orchestrator/runtime's
# equivalent) for controlling how long to wait between sending the defined
-# STOPSIGNAL and sending SIGKILL (which is likely to cause data corruption).
+# STOPSIGNAL and sending SIGKILL.
#
# The default in most runtimes (such as Docker) is 10 seconds, and the
-# documentation at https://www.postgresql.org/docs/12/server-start.html notes
+# documentation at https://www.postgresql.org/docs/current/server-start.html notes
# that even 90 seconds may not be long enough in many instances.
EXPOSE 5432
diff --git a/17/bookworm/Dockerfile b/17/bookworm/Dockerfile
index ea5f47b044..d31a71e831 100644
--- a/17/bookworm/Dockerfile
+++ b/17/bookworm/Dockerfile
@@ -194,18 +194,12 @@ ENTRYPOINT ["docker-entrypoint.sh"]
# We set the default STOPSIGNAL to SIGINT, which corresponds to what PostgreSQL
# calls "Fast Shutdown mode" wherein new connections are disallowed and any
# in-progress transactions are aborted, allowing PostgreSQL to stop cleanly and
-# flush tables to disk, which is the best compromise available to avoid data
-# corruption.
+# flush tables to disk.
#
-# Users who know their applications do not keep open long-lived idle connections
-# may way to use a value of SIGTERM instead, which corresponds to "Smart
-# Shutdown mode" in which any existing sessions are allowed to finish and the
-# server stops when all sessions are terminated.
-#
-# See https://www.postgresql.org/docs/12/server-shutdown.html for more details
+# See https://www.postgresql.org/docs/current/server-shutdown.html for more details
# about available PostgreSQL server shutdown signals.
#
-# See also https://www.postgresql.org/docs/12/server-start.html for further
+# See also https://www.postgresql.org/docs/current/server-start.html for further
# justification of this as the default value, namely that the example (and
# shipped) systemd service files use the "Fast Shutdown mode" for service
# termination.
@@ -215,10 +209,10 @@ STOPSIGNAL SIGINT
# An additional setting that is recommended for all users regardless of this
# value is the runtime "--stop-timeout" (or your orchestrator/runtime's
# equivalent) for controlling how long to wait between sending the defined
-# STOPSIGNAL and sending SIGKILL (which is likely to cause data corruption).
+# STOPSIGNAL and sending SIGKILL.
#
# The default in most runtimes (such as Docker) is 10 seconds, and the
-# documentation at https://www.postgresql.org/docs/12/server-start.html notes
+# documentation at https://www.postgresql.org/docs/current/server-start.html notes
# that even 90 seconds may not be long enough in many instances.
EXPOSE 5432
diff --git a/17/bullseye/Dockerfile b/17/bullseye/Dockerfile
index af909b0d8a..574a230402 100644
--- a/17/bullseye/Dockerfile
+++ b/17/bullseye/Dockerfile
@@ -194,18 +194,12 @@ ENTRYPOINT ["docker-entrypoint.sh"]
# We set the default STOPSIGNAL to SIGINT, which corresponds to what PostgreSQL
# calls "Fast Shutdown mode" wherein new connections are disallowed and any
# in-progress transactions are aborted, allowing PostgreSQL to stop cleanly and
-# flush tables to disk, which is the best compromise available to avoid data
-# corruption.
+# flush tables to disk.
#
-# Users who know their applications do not keep open long-lived idle connections
-# may way to use a value of SIGTERM instead, which corresponds to "Smart
-# Shutdown mode" in which any existing sessions are allowed to finish and the
-# server stops when all sessions are terminated.
-#
-# See https://www.postgresql.org/docs/12/server-shutdown.html for more details
+# See https://www.postgresql.org/docs/current/server-shutdown.html for more details
# about available PostgreSQL server shutdown signals.
#
-# See also https://www.postgresql.org/docs/12/server-start.html for further
+# See also https://www.postgresql.org/docs/current/server-start.html for further
# justification of this as the default value, namely that the example (and
# shipped) systemd service files use the "Fast Shutdown mode" for service
# termination.
@@ -215,10 +209,10 @@ STOPSIGNAL SIGINT
# An additional setting that is recommended for all users regardless of this
# value is the runtime "--stop-timeout" (or your orchestrator/runtime's
# equivalent) for controlling how long to wait between sending the defined
-# STOPSIGNAL and sending SIGKILL (which is likely to cause data corruption).
+# STOPSIGNAL and sending SIGKILL.
#
# The default in most runtimes (such as Docker) is 10 seconds, and the
-# documentation at https://www.postgresql.org/docs/12/server-start.html notes
+# documentation at https://www.postgresql.org/docs/current/server-start.html notes
# that even 90 seconds may not be long enough in many instances.
EXPOSE 5432
diff --git a/Dockerfile-alpine.template b/Dockerfile-alpine.template
index 6ef2082805..f3a98c760b 100644
--- a/Dockerfile-alpine.template
+++ b/Dockerfile-alpine.template
@@ -232,18 +232,12 @@ ENTRYPOINT ["docker-entrypoint.sh"]
# We set the default STOPSIGNAL to SIGINT, which corresponds to what PostgreSQL
# calls "Fast Shutdown mode" wherein new connections are disallowed and any
# in-progress transactions are aborted, allowing PostgreSQL to stop cleanly and
-# flush tables to disk, which is the best compromise available to avoid data
-# corruption.
+# flush tables to disk.
#
-# Users who know their applications do not keep open long-lived idle connections
-# may way to use a value of SIGTERM instead, which corresponds to "Smart
-# Shutdown mode" in which any existing sessions are allowed to finish and the
-# server stops when all sessions are terminated.
-#
-# See https://www.postgresql.org/docs/12/server-shutdown.html for more details
+# See https://www.postgresql.org/docs/current/server-shutdown.html for more details
# about available PostgreSQL server shutdown signals.
#
-# See also https://www.postgresql.org/docs/12/server-start.html for further
+# See also https://www.postgresql.org/docs/current/server-start.html for further
# justification of this as the default value, namely that the example (and
# shipped) systemd service files use the "Fast Shutdown mode" for service
# termination.
@@ -253,10 +247,10 @@ STOPSIGNAL SIGINT
# An additional setting that is recommended for all users regardless of this
# value is the runtime "--stop-timeout" (or your orchestrator/runtime's
# equivalent) for controlling how long to wait between sending the defined
-# STOPSIGNAL and sending SIGKILL (which is likely to cause data corruption).
+# STOPSIGNAL and sending SIGKILL.
#
# The default in most runtimes (such as Docker) is 10 seconds, and the
-# documentation at https://www.postgresql.org/docs/12/server-start.html notes
+# documentation at https://www.postgresql.org/docs/current/server-start.html notes
# that even 90 seconds may not be long enough in many instances.
EXPOSE 5432
diff --git a/Dockerfile-debian.template b/Dockerfile-debian.template
index 1fa84903ac..1ac04a725f 100644
--- a/Dockerfile-debian.template
+++ b/Dockerfile-debian.template
@@ -192,18 +192,12 @@ ENTRYPOINT ["docker-entrypoint.sh"]
# We set the default STOPSIGNAL to SIGINT, which corresponds to what PostgreSQL
# calls "Fast Shutdown mode" wherein new connections are disallowed and any
# in-progress transactions are aborted, allowing PostgreSQL to stop cleanly and
-# flush tables to disk, which is the best compromise available to avoid data
-# corruption.
+# flush tables to disk.
#
-# Users who know their applications do not keep open long-lived idle connections
-# may way to use a value of SIGTERM instead, which corresponds to "Smart
-# Shutdown mode" in which any existing sessions are allowed to finish and the
-# server stops when all sessions are terminated.
-#
-# See https://www.postgresql.org/docs/12/server-shutdown.html for more details
+# See https://www.postgresql.org/docs/current/server-shutdown.html for more details
# about available PostgreSQL server shutdown signals.
#
-# See also https://www.postgresql.org/docs/12/server-start.html for further
+# See also https://www.postgresql.org/docs/current/server-start.html for further
# justification of this as the default value, namely that the example (and
# shipped) systemd service files use the "Fast Shutdown mode" for service
# termination.
@@ -213,10 +207,10 @@ STOPSIGNAL SIGINT
# An additional setting that is recommended for all users regardless of this
# value is the runtime "--stop-timeout" (or your orchestrator/runtime's
# equivalent) for controlling how long to wait between sending the defined
-# STOPSIGNAL and sending SIGKILL (which is likely to cause data corruption).
+# STOPSIGNAL and sending SIGKILL.
#
# The default in most runtimes (such as Docker) is 10 seconds, and the
-# documentation at https://www.postgresql.org/docs/12/server-start.html notes
+# documentation at https://www.postgresql.org/docs/current/server-start.html notes
# that even 90 seconds may not be long enough in many instances.
EXPOSE 5432
From e2a43025b1acedac60ddfad3678ed5da1a09fd79 Mon Sep 17 00:00:00 2001
From: Docker Library Bot <doi+docker-library-bot@docker.com>
Date: Fri, 24 Jan 2025 05:02:25 -0800
Subject: [PATCH 095/115] Update 12 to bookworm 12.22-2.pgdg120+1, bullseye
12.22-2.pgdg110+1
---
12/bookworm/Dockerfile | 2 +-
12/bullseye/Dockerfile | 2 +-
versions.json | 4 ++--
3 files changed, 4 insertions(+), 4 deletions(-)
diff --git a/12/bookworm/Dockerfile b/12/bookworm/Dockerfile
index c9f6baeea7..cff8863b42 100644
--- a/12/bookworm/Dockerfile
+++ b/12/bookworm/Dockerfile
@@ -89,7 +89,7 @@ RUN set -ex; \
ENV PG_MAJOR 12
ENV PATH $PATH:/usr/lib/postgresql/$PG_MAJOR/bin
-ENV PG_VERSION 12.22-1.pgdg120+1
+ENV PG_VERSION 12.22-2.pgdg120+1
RUN set -ex; \
\
diff --git a/12/bullseye/Dockerfile b/12/bullseye/Dockerfile
index 098f684129..4bb12a3eb4 100644
--- a/12/bullseye/Dockerfile
+++ b/12/bullseye/Dockerfile
@@ -89,7 +89,7 @@ RUN set -ex; \
ENV PG_MAJOR 12
ENV PATH $PATH:/usr/lib/postgresql/$PG_MAJOR/bin
-ENV PG_VERSION 12.22-1.pgdg110+1
+ENV PG_VERSION 12.22-2.pgdg110+1
RUN set -ex; \
\
diff --git a/versions.json b/versions.json
index 11cf4b6a29..d5f9761bb3 100644
--- a/versions.json
+++ b/versions.json
@@ -8,7 +8,7 @@
"ppc64el",
"s390x"
],
- "version": "12.22-1.pgdg120+1"
+ "version": "12.22-2.pgdg120+1"
},
"bullseye": {
"arches": [
@@ -17,7 +17,7 @@
"ppc64el",
"s390x"
],
- "version": "12.22-1.pgdg110+1"
+ "version": "12.22-2.pgdg110+1"
},
"debian": "bookworm",
"major": 12,
From 042d8d043fed77e0e09b6fcda0991bca9e8664e3 Mon Sep 17 00:00:00 2001
From: Joseph Ferguson <yosifkit@gmail.com>
Date: Mon, 3 Feb 2025 16:55:44 -0800
Subject: [PATCH 096/115] Remove PostgreSQL 12 since it is end of life
---
12/alpine3.20/Dockerfile | 228 -----------------
12/alpine3.20/docker-ensure-initdb.sh | 71 -----
12/alpine3.20/docker-entrypoint.sh | 356 --------------------------
12/alpine3.21/Dockerfile | 228 -----------------
12/alpine3.21/docker-ensure-initdb.sh | 71 -----
12/alpine3.21/docker-entrypoint.sh | 356 --------------------------
12/bookworm/Dockerfile | 219 ----------------
12/bookworm/docker-ensure-initdb.sh | 71 -----
12/bookworm/docker-entrypoint.sh | 356 --------------------------
12/bullseye/Dockerfile | 219 ----------------
12/bullseye/docker-ensure-initdb.sh | 71 -----
12/bullseye/docker-entrypoint.sh | 356 --------------------------
13/alpine3.20/Dockerfile | 2 +-
13/alpine3.20/docker-entrypoint.sh | 4 +-
13/alpine3.21/Dockerfile | 2 +-
13/alpine3.21/docker-entrypoint.sh | 4 +-
13/bookworm/docker-entrypoint.sh | 4 +-
13/bullseye/docker-entrypoint.sh | 4 +-
14/alpine3.20/Dockerfile | 2 +-
14/alpine3.20/docker-entrypoint.sh | 4 +-
14/alpine3.21/Dockerfile | 2 +-
14/alpine3.21/docker-entrypoint.sh | 4 +-
14/bookworm/docker-entrypoint.sh | 4 +-
14/bullseye/docker-entrypoint.sh | 4 +-
15/alpine3.20/Dockerfile | 2 +-
15/alpine3.20/docker-entrypoint.sh | 4 +-
15/alpine3.21/Dockerfile | 2 +-
15/alpine3.21/docker-entrypoint.sh | 4 +-
15/bookworm/docker-entrypoint.sh | 4 +-
15/bullseye/docker-entrypoint.sh | 4 +-
16/alpine3.20/Dockerfile | 2 +-
16/alpine3.20/docker-entrypoint.sh | 4 +-
16/alpine3.21/Dockerfile | 2 +-
16/alpine3.21/docker-entrypoint.sh | 4 +-
16/bookworm/docker-entrypoint.sh | 4 +-
16/bullseye/docker-entrypoint.sh | 4 +-
17/alpine3.20/Dockerfile | 2 +-
17/alpine3.20/docker-entrypoint.sh | 4 +-
17/alpine3.21/Dockerfile | 2 +-
17/alpine3.21/docker-entrypoint.sh | 4 +-
17/bookworm/docker-entrypoint.sh | 4 +-
17/bullseye/docker-entrypoint.sh | 4 +-
Dockerfile-alpine.template | 4 +-
docker-entrypoint.sh | 4 +-
versions.json | 31 ---
45 files changed, 54 insertions(+), 2687 deletions(-)
delete mode 100644 12/alpine3.20/Dockerfile
delete mode 100755 12/alpine3.20/docker-ensure-initdb.sh
delete mode 100755 12/alpine3.20/docker-entrypoint.sh
delete mode 100644 12/alpine3.21/Dockerfile
delete mode 100755 12/alpine3.21/docker-ensure-initdb.sh
delete mode 100755 12/alpine3.21/docker-entrypoint.sh
delete mode 100644 12/bookworm/Dockerfile
delete mode 100755 12/bookworm/docker-ensure-initdb.sh
delete mode 100755 12/bookworm/docker-entrypoint.sh
delete mode 100644 12/bullseye/Dockerfile
delete mode 100755 12/bullseye/docker-ensure-initdb.sh
delete mode 100755 12/bullseye/docker-entrypoint.sh
diff --git a/12/alpine3.20/Dockerfile b/12/alpine3.20/Dockerfile
deleted file mode 100644
index 2e419498a4..0000000000
--- a/12/alpine3.20/Dockerfile
+++ /dev/null
@@ -1,228 +0,0 @@
-#
-# NOTE: THIS DOCKERFILE IS GENERATED VIA "apply-templates.sh"
-#
-# PLEASE DO NOT EDIT IT DIRECTLY.
-#
-
-FROM alpine:3.20
-
-# 70 is the standard uid/gid for "postgres" in Alpine
-# https://git.alpinelinux.org/aports/tree/main/postgresql/postgresql.pre-install?h=3.12-stable
-RUN set -eux; \
- addgroup -g 70 -S postgres; \
- adduser -u 70 -S -D -G postgres -H -h /var/lib/postgresql -s /bin/sh postgres; \
-# also create the postgres user's home directory with appropriate permissions
-# see https://github.com/docker-library/postgres/issues/274
- install --verbose --directory --owner postgres --group postgres --mode 1777 /var/lib/postgresql
-
-# grab gosu for easy step-down from root
-# https://github.com/tianon/gosu/releases
-ENV GOSU_VERSION 1.17
-RUN set -eux; \
- \
- apk add --no-cache --virtual .gosu-deps \
- ca-certificates \
- dpkg \
- gnupg \
- ; \
- \
- dpkgArch="$(dpkg --print-architecture | awk -F- '{ print $NF }')"; \
- wget -O /usr/local/bin/gosu "https://github.com/tianon/gosu/releases/download/$GOSU_VERSION/gosu-$dpkgArch"; \
- wget -O /usr/local/bin/gosu.asc "https://github.com/tianon/gosu/releases/download/$GOSU_VERSION/gosu-$dpkgArch.asc"; \
- \
-# verify the signature
- export GNUPGHOME="$(mktemp -d)"; \
- gpg --batch --keyserver hkps://keys.openpgp.org --recv-keys B42F6819007F00F88E364FD4036A9C25BF357DD4; \
- gpg --batch --verify /usr/local/bin/gosu.asc /usr/local/bin/gosu; \
- gpgconf --kill all; \
- rm -rf "$GNUPGHOME" /usr/local/bin/gosu.asc; \
- \
-# clean up fetch dependencies
- apk del --no-network .gosu-deps; \
- \
- chmod +x /usr/local/bin/gosu; \
-# verify that the binary works
- gosu --version; \
- gosu nobody true
-RUN set -eux; ln -svf gosu /usr/local/bin/su-exec; su-exec nobody true # backwards compatibility (removed in PostgreSQL 17+)
-
-# make the "en_US.UTF-8" locale so postgres will be utf-8 enabled by default
-# alpine doesn't require explicit locale-file generation
-ENV LANG en_US.utf8
-
-RUN mkdir /docker-entrypoint-initdb.d
-
-ENV PG_MAJOR 12
-ENV PG_VERSION 12.22
-ENV PG_SHA256 8df3c0474782589d3c6f374b5133b1bd14d168086edbc13c6e72e67dd4527a3b
-
-ENV DOCKER_PG_LLVM_DEPS \
- llvm15-dev \
- clang15
-
-RUN set -eux; \
- \
- wget -O postgresql.tar.bz2 "https://ftp.postgresql.org/pub/source/v$PG_VERSION/postgresql-$PG_VERSION.tar.bz2"; \
- echo "$PG_SHA256 *postgresql.tar.bz2" | sha256sum -c -; \
- mkdir -p /usr/src/postgresql; \
- tar \
- --extract \
- --file postgresql.tar.bz2 \
- --directory /usr/src/postgresql \
- --strip-components 1 \
- ; \
- rm postgresql.tar.bz2; \
- \
- apk add --no-cache --virtual .build-deps \
- $DOCKER_PG_LLVM_DEPS \
- bison \
- coreutils \
- dpkg-dev dpkg \
- flex \
- g++ \
- gcc \
- krb5-dev \
- libc-dev \
- libedit-dev \
- libxml2-dev \
- libxslt-dev \
- linux-headers \
- make \
- openldap-dev \
- openssl-dev \
- perl-dev \
- perl-ipc-run \
- perl-utils \
- python3-dev \
- tcl-dev \
- util-linux-dev \
- zlib-dev \
-# https://www.postgresql.org/docs/10/static/release-10.html#id-1.11.6.9.5.13
- icu-dev \
- ; \
- \
- cd /usr/src/postgresql; \
-# update "DEFAULT_PGSOCKET_DIR" to "/var/run/postgresql" (matching Debian)
-# see https://anonscm.debian.org/git/pkg-postgresql/postgresql.git/tree/debian/patches/51-default-sockets-in-var.patch?id=8b539fcb3e093a521c095e70bdfa76887217b89f
- awk '$1 == "#define" && $2 == "DEFAULT_PGSOCKET_DIR" && $3 == "\"/tmp\"" { $3 = "\"/var/run/postgresql\""; print; next } { print }' src/include/pg_config_manual.h > src/include/pg_config_manual.h.new; \
- grep '/var/run/postgresql' src/include/pg_config_manual.h.new; \
- mv src/include/pg_config_manual.h.new src/include/pg_config_manual.h; \
- gnuArch="$(dpkg-architecture --query DEB_BUILD_GNU_TYPE)"; \
-# explicitly update autoconf config.guess and config.sub so they support more arches/libcs
- wget -O config/config.guess 'https://git.savannah.gnu.org/cgit/config.git/plain/config.guess?id=7d3d27baf8107b630586c962c057e22149653deb'; \
- wget -O config/config.sub 'https://git.savannah.gnu.org/cgit/config.git/plain/config.sub?id=7d3d27baf8107b630586c962c057e22149653deb'; \
- \
-# https://git.alpinelinux.org/aports/tree/community/postgresql15/APKBUILD?h=3.21-stable&id=40544ade947bec1798edb0f749f4e967e842624b#n172
- export LLVM_CONFIG="/usr/lib/llvm15/bin/llvm-config"; \
-# https://git.alpinelinux.org/aports/tree/community/postgresql15/APKBUILD?h=3.21-stable&id=40544ade947bec1798edb0f749f4e967e842624b#n177
- export CLANG=clang-15; \
- \
-# configure options taken from:
-# https://anonscm.debian.org/cgit/pkg-postgresql/postgresql.git/tree/debian/rules?h=9.5
- ./configure \
- --enable-option-checking=fatal \
- --build="$gnuArch" \
-# "/usr/src/postgresql/src/backend/access/common/tupconvert.c:105: undefined reference to `libintl_gettext'"
-# --enable-nls \
- --enable-integer-datetimes \
- --enable-thread-safety \
- --enable-tap-tests \
-# skip debugging info -- we want tiny size instead
-# --enable-debug \
- --disable-rpath \
- --with-uuid=e2fs \
- --with-gnu-ld \
- --with-pgport=5432 \
- --with-system-tzdata=/usr/share/zoneinfo \
- --prefix=/usr/local \
- --with-includes=/usr/local/include \
- --with-libraries=/usr/local/lib \
- --with-gssapi \
- --with-ldap \
- --with-tcl \
- --with-perl \
- --with-python \
-# --with-pam \
- --with-openssl \
- --with-libxml \
- --with-libxslt \
- --with-icu \
- --with-llvm \
- ; \
- make -j "$(nproc)" world-bin; \
- make install-world-bin; \
- make -C contrib install; \
- \
- runDeps="$( \
- scanelf --needed --nobanner --format '%n#p' --recursive /usr/local \
- | tr ',' '\n' \
- | sort -u \
- | awk 'system("[ -e /usr/local/lib/" $1 " ]") == 0 { next } { print "so:" $1 }' \
-# Remove plperl, plpython and pltcl dependencies by default to save image size
-# To use the pl extensions, those have to be installed in a derived image
- | grep -v -e perl -e python -e tcl \
- )"; \
- apk add --no-cache --virtual .postgresql-rundeps \
- $runDeps \
- bash \
- tzdata \
- zstd \
-# https://wiki.alpinelinux.org/wiki/Release_Notes_for_Alpine_3.16.0#ICU_data_split
- icu-data-full \
-# nss_wrapper is not availble on ppc64le: "test case segfaults in ppc64le"
-# https://git.alpinelinux.org/aports/commit/testing/nss_wrapper/APKBUILD?h=3.17-stable&id=94d81ceeb58cff448d489bbcbe9a6d40c9991663
- $([ "$(apk --print-arch)" != 'ppc64le' ] && echo 'nss_wrapper') \
- ; \
- apk del --no-network .build-deps; \
- cd /; \
- rm -rf \
- /usr/src/postgresql \
- /usr/local/share/doc \
- /usr/local/share/man \
- ; \
- \
- postgres --version
-
-# make the sample config easier to munge (and "correct by default")
-RUN set -eux; \
- cp -v /usr/local/share/postgresql/postgresql.conf.sample /usr/local/share/postgresql/postgresql.conf.sample.orig; \
- sed -ri "s!^#?(listen_addresses)\s*=\s*\S+.*!\1 = '*'!" /usr/local/share/postgresql/postgresql.conf.sample; \
- grep -F "listen_addresses = '*'" /usr/local/share/postgresql/postgresql.conf.sample
-
-RUN install --verbose --directory --owner postgres --group postgres --mode 3777 /var/run/postgresql
-
-ENV PGDATA /var/lib/postgresql/data
-# this 1777 will be replaced by 0700 at runtime (allows semi-arbitrary "--user" values)
-RUN install --verbose --directory --owner postgres --group postgres --mode 1777 "$PGDATA"
-VOLUME /var/lib/postgresql/data
-
-COPY docker-entrypoint.sh docker-ensure-initdb.sh /usr/local/bin/
-RUN ln -sT docker-ensure-initdb.sh /usr/local/bin/docker-enforce-initdb.sh
-ENTRYPOINT ["docker-entrypoint.sh"]
-
-# We set the default STOPSIGNAL to SIGINT, which corresponds to what PostgreSQL
-# calls "Fast Shutdown mode" wherein new connections are disallowed and any
-# in-progress transactions are aborted, allowing PostgreSQL to stop cleanly and
-# flush tables to disk.
-#
-# See https://www.postgresql.org/docs/current/server-shutdown.html for more details
-# about available PostgreSQL server shutdown signals.
-#
-# See also https://www.postgresql.org/docs/current/server-start.html for further
-# justification of this as the default value, namely that the example (and
-# shipped) systemd service files use the "Fast Shutdown mode" for service
-# termination.
-#
-STOPSIGNAL SIGINT
-#
-# An additional setting that is recommended for all users regardless of this
-# value is the runtime "--stop-timeout" (or your orchestrator/runtime's
-# equivalent) for controlling how long to wait between sending the defined
-# STOPSIGNAL and sending SIGKILL.
-#
-# The default in most runtimes (such as Docker) is 10 seconds, and the
-# documentation at https://www.postgresql.org/docs/current/server-start.html notes
-# that even 90 seconds may not be long enough in many instances.
-
-EXPOSE 5432
-CMD ["postgres"]
diff --git a/12/alpine3.20/docker-ensure-initdb.sh b/12/alpine3.20/docker-ensure-initdb.sh
deleted file mode 100755
index ae1f6b6b90..0000000000
--- a/12/alpine3.20/docker-ensure-initdb.sh
+++ /dev/null
@@ -1,71 +0,0 @@
-#!/usr/bin/env bash
-set -Eeuo pipefail
-
-#
-# This script is intended for three main use cases:
-#
-# 1. (most importantly) as an example of how to use "docker-entrypoint.sh" to extend/reuse the initialization behavior
-#
-# 2. ("docker-ensure-initdb.sh") as a Kubernetes "init container" to ensure the provided database directory is initialized; see also "startup probes" for an alternative solution
-# (no-op if database is already initialized)
-#
-# 3. ("docker-enforce-initdb.sh") as part of CI to ensure the database is fully initialized before use
-# (error if database is already initialized)
-#
-
-source /usr/local/bin/docker-entrypoint.sh
-
-# arguments to this script are assumed to be arguments to the "postgres" server (same as "docker-entrypoint.sh"), and most "docker-entrypoint.sh" functions assume "postgres" is the first argument (see "_main" over there)
-if [ "$#" -eq 0 ] || [ "$1" != 'postgres' ]; then
- set -- postgres "$@"
-fi
-
-# see also "_main" in "docker-entrypoint.sh"
-
-docker_setup_env
-# setup data directories and permissions (when run as root)
-docker_create_db_directories
-if [ "$(id -u)" = '0' ]; then
- # then restart script as postgres user
- exec gosu postgres "$BASH_SOURCE" "$@"
-fi
-
-# only run initialization on an empty data directory
-if [ -z "$DATABASE_ALREADY_EXISTS" ]; then
- docker_verify_minimum_env
-
- # check dir permissions to reduce likelihood of half-initialized database
- ls /docker-entrypoint-initdb.d/ > /dev/null
-
- docker_init_database_dir
- pg_setup_hba_conf "$@"
-
- # PGPASSWORD is required for psql when authentication is required for 'local' connections via pg_hba.conf and is otherwise harmless
- # e.g. when '--auth=md5' or '--auth-local=md5' is used in POSTGRES_INITDB_ARGS
- export PGPASSWORD="${PGPASSWORD:-$POSTGRES_PASSWORD}"
- docker_temp_server_start "$@"
-
- docker_setup_db
- docker_process_init_files /docker-entrypoint-initdb.d/*
-
- docker_temp_server_stop
- unset PGPASSWORD
-else
- self="$(basename "$0")"
- case "$self" in
- docker-ensure-initdb.sh)
- echo >&2 "$self: note: database already initialized in '$PGDATA'!"
- exit 0
- ;;
-
- docker-enforce-initdb.sh)
- echo >&2 "$self: error: (unexpected) database found in '$PGDATA'!"
- exit 1
- ;;
-
- *)
- echo >&2 "$self: error: unknown file name: $self"
- exit 99
- ;;
- esac
-fi
diff --git a/12/alpine3.20/docker-entrypoint.sh b/12/alpine3.20/docker-entrypoint.sh
deleted file mode 100755
index 6f59993e08..0000000000
--- a/12/alpine3.20/docker-entrypoint.sh
+++ /dev/null
@@ -1,356 +0,0 @@
-#!/usr/bin/env bash
-set -Eeo pipefail
-# TODO swap to -Eeuo pipefail above (after handling all potentially-unset variables)
-
-# usage: file_env VAR [DEFAULT]
-# ie: file_env 'XYZ_DB_PASSWORD' 'example'
-# (will allow for "$XYZ_DB_PASSWORD_FILE" to fill in the value of
-# "$XYZ_DB_PASSWORD" from a file, especially for Docker's secrets feature)
-file_env() {
- local var="$1"
- local fileVar="${var}_FILE"
- local def="${2:-}"
- if [ "${!var:-}" ] && [ "${!fileVar:-}" ]; then
- printf >&2 'error: both %s and %s are set (but are exclusive)\n' "$var" "$fileVar"
- exit 1
- fi
- local val="$def"
- if [ "${!var:-}" ]; then
- val="${!var}"
- elif [ "${!fileVar:-}" ]; then
- val="$(< "${!fileVar}")"
- fi
- export "$var"="$val"
- unset "$fileVar"
-}
-
-# check to see if this file is being run or sourced from another script
-_is_sourced() {
- # https://unix.stackexchange.com/a/215279
- [ "${#FUNCNAME[@]}" -ge 2 ] \
- && [ "${FUNCNAME[0]}" = '_is_sourced' ] \
- && [ "${FUNCNAME[1]}" = 'source' ]
-}
-
-# used to create initial postgres directories and if run as root, ensure ownership to the "postgres" user
-docker_create_db_directories() {
- local user; user="$(id -u)"
-
- mkdir -p "$PGDATA"
- # ignore failure since there are cases where we can't chmod (and PostgreSQL might fail later anyhow - it's picky about permissions of this directory)
- chmod 00700 "$PGDATA" || :
-
- # ignore failure since it will be fine when using the image provided directory; see also https://github.com/docker-library/postgres/pull/289
- mkdir -p /var/run/postgresql || :
- chmod 03775 /var/run/postgresql || :
-
- # Create the transaction log directory before initdb is run so the directory is owned by the correct user
- if [ -n "${POSTGRES_INITDB_WALDIR:-}" ]; then
- mkdir -p "$POSTGRES_INITDB_WALDIR"
- if [ "$user" = '0' ]; then
- find "$POSTGRES_INITDB_WALDIR" \! -user postgres -exec chown postgres '{}' +
- fi
- chmod 700 "$POSTGRES_INITDB_WALDIR"
- fi
-
- # allow the container to be started with `--user`
- if [ "$user" = '0' ]; then
- find "$PGDATA" \! -user postgres -exec chown postgres '{}' +
- find /var/run/postgresql \! -user postgres -exec chown postgres '{}' +
- fi
-}
-
-# initialize empty PGDATA directory with new database via 'initdb'
-# arguments to `initdb` can be passed via POSTGRES_INITDB_ARGS or as arguments to this function
-# `initdb` automatically creates the "postgres", "template0", and "template1" dbnames
-# this is also where the database user is created, specified by `POSTGRES_USER` env
-docker_init_database_dir() {
- # "initdb" is particular about the current user existing in "/etc/passwd", so we use "nss_wrapper" to fake that if necessary
- # see https://github.com/docker-library/postgres/pull/253, https://github.com/docker-library/postgres/issues/359, https://cwrap.org/nss_wrapper.html
- local uid; uid="$(id -u)"
- if ! getent passwd "$uid" &> /dev/null; then
- # see if we can find a suitable "libnss_wrapper.so" (https://salsa.debian.org/sssd-team/nss-wrapper/-/commit/b9925a653a54e24d09d9b498a2d913729f7abb15)
- local wrapper
- for wrapper in {/usr,}/lib{/*,}/libnss_wrapper.so; do
- if [ -s "$wrapper" ]; then
- NSS_WRAPPER_PASSWD="$(mktemp)"
- NSS_WRAPPER_GROUP="$(mktemp)"
- export LD_PRELOAD="$wrapper" NSS_WRAPPER_PASSWD NSS_WRAPPER_GROUP
- local gid; gid="$(id -g)"
- printf 'postgres:x:%s:%s:PostgreSQL:%s:/bin/false\n' "$uid" "$gid" "$PGDATA" > "$NSS_WRAPPER_PASSWD"
- printf 'postgres:x:%s:\n' "$gid" > "$NSS_WRAPPER_GROUP"
- break
- fi
- done
- fi
-
- if [ -n "${POSTGRES_INITDB_WALDIR:-}" ]; then
- set -- --waldir "$POSTGRES_INITDB_WALDIR" "$@"
- fi
-
- # --pwfile refuses to handle a properly-empty file (hence the "\n"): https://github.com/docker-library/postgres/issues/1025
- eval 'initdb --username="$POSTGRES_USER" --pwfile=<(printf "%s\n" "$POSTGRES_PASSWORD") '"$POSTGRES_INITDB_ARGS"' "$@"'
-
- # unset/cleanup "nss_wrapper" bits
- if [[ "${LD_PRELOAD:-}" == */libnss_wrapper.so ]]; then
- rm -f "$NSS_WRAPPER_PASSWD" "$NSS_WRAPPER_GROUP"
- unset LD_PRELOAD NSS_WRAPPER_PASSWD NSS_WRAPPER_GROUP
- fi
-}
-
-# print large warning if POSTGRES_PASSWORD is long
-# error if both POSTGRES_PASSWORD is empty and POSTGRES_HOST_AUTH_METHOD is not 'trust'
-# print large warning if POSTGRES_HOST_AUTH_METHOD is set to 'trust'
-# assumes database is not set up, ie: [ -z "$DATABASE_ALREADY_EXISTS" ]
-docker_verify_minimum_env() {
- case "${PG_MAJOR:-}" in
- 12 | 13) # https://github.com/postgres/postgres/commit/67a472d71c98c3d2fa322a1b4013080b20720b98
- # check password first so we can output the warning before postgres
- # messes it up
- if [ "${#POSTGRES_PASSWORD}" -ge 100 ]; then
- cat >&2 <<-'EOWARN'
-
- WARNING: The supplied POSTGRES_PASSWORD is 100+ characters.
-
- This will not work if used via PGPASSWORD with "psql".
-
- https://www.postgresql.org/message-id/flat/E1Rqxp2-0004Qt-PL%40wrigleys.postgresql.org (BUG #6412)
- https://github.com/docker-library/postgres/issues/507
-
- EOWARN
- fi
- ;;
- esac
- if [ -z "$POSTGRES_PASSWORD" ] && [ 'trust' != "$POSTGRES_HOST_AUTH_METHOD" ]; then
- # The - option suppresses leading tabs but *not* spaces. :)
- cat >&2 <<-'EOE'
- Error: Database is uninitialized and superuser password is not specified.
- You must specify POSTGRES_PASSWORD to a non-empty value for the
- superuser. For example, "-e POSTGRES_PASSWORD=password" on "docker run".
-
- You may also use "POSTGRES_HOST_AUTH_METHOD=trust" to allow all
- connections without a password. This is *not* recommended.
-
- See PostgreSQL documentation about "trust":
- https://www.postgresql.org/docs/current/auth-trust.html
- EOE
- exit 1
- fi
- if [ 'trust' = "$POSTGRES_HOST_AUTH_METHOD" ]; then
- cat >&2 <<-'EOWARN'
- ********************************************************************************
- WARNING: POSTGRES_HOST_AUTH_METHOD has been set to "trust". This will allow
- anyone with access to the Postgres port to access your database without
- a password, even if POSTGRES_PASSWORD is set. See PostgreSQL
- documentation about "trust":
- https://www.postgresql.org/docs/current/auth-trust.html
- In Docker's default configuration, this is effectively any other
- container on the same system.
-
- It is not recommended to use POSTGRES_HOST_AUTH_METHOD=trust. Replace
- it with "-e POSTGRES_PASSWORD=password" instead to set a password in
- "docker run".
- ********************************************************************************
- EOWARN
- fi
-}
-
-# usage: docker_process_init_files [file [file [...]]]
-# ie: docker_process_init_files /always-initdb.d/*
-# process initializer files, based on file extensions and permissions
-docker_process_init_files() {
- # psql here for backwards compatibility "${psql[@]}"
- psql=( docker_process_sql )
-
- printf '\n'
- local f
- for f; do
- case "$f" in
- *.sh)
- # https://github.com/docker-library/postgres/issues/450#issuecomment-393167936
- # https://github.com/docker-library/postgres/pull/452
- if [ -x "$f" ]; then
- printf '%s: running %s\n' "$0" "$f"
- "$f"
- else
- printf '%s: sourcing %s\n' "$0" "$f"
- . "$f"
- fi
- ;;
- *.sql) printf '%s: running %s\n' "$0" "$f"; docker_process_sql -f "$f"; printf '\n' ;;
- *.sql.gz) printf '%s: running %s\n' "$0" "$f"; gunzip -c "$f" | docker_process_sql; printf '\n' ;;
- *.sql.xz) printf '%s: running %s\n' "$0" "$f"; xzcat "$f" | docker_process_sql; printf '\n' ;;
- *.sql.zst) printf '%s: running %s\n' "$0" "$f"; zstd -dc "$f" | docker_process_sql; printf '\n' ;;
- *) printf '%s: ignoring %s\n' "$0" "$f" ;;
- esac
- printf '\n'
- done
-}
-
-# Execute sql script, passed via stdin (or -f flag of pqsl)
-# usage: docker_process_sql [psql-cli-args]
-# ie: docker_process_sql --dbname=mydb <<<'INSERT ...'
-# ie: docker_process_sql -f my-file.sql
-# ie: docker_process_sql <my-file.sql
-docker_process_sql() {
- local query_runner=( psql -v ON_ERROR_STOP=1 --username "$POSTGRES_USER" --no-password --no-psqlrc )
- if [ -n "$POSTGRES_DB" ]; then
- query_runner+=( --dbname "$POSTGRES_DB" )
- fi
-
- PGHOST= PGHOSTADDR= "${query_runner[@]}" "$@"
-}
-
-# create initial database
-# uses environment variables for input: POSTGRES_DB
-docker_setup_db() {
- local dbAlreadyExists
- dbAlreadyExists="$(
- POSTGRES_DB= docker_process_sql --dbname postgres --set db="$POSTGRES_DB" --tuples-only <<-'EOSQL'
- SELECT 1 FROM pg_database WHERE datname = :'db' ;
- EOSQL
- )"
- if [ -z "$dbAlreadyExists" ]; then
- POSTGRES_DB= docker_process_sql --dbname postgres --set db="$POSTGRES_DB" <<-'EOSQL'
- CREATE DATABASE :"db" ;
- EOSQL
- printf '\n'
- fi
-}
-
-# Loads various settings that are used elsewhere in the script
-# This should be called before any other functions
-docker_setup_env() {
- file_env 'POSTGRES_PASSWORD'
-
- file_env 'POSTGRES_USER' 'postgres'
- file_env 'POSTGRES_DB' "$POSTGRES_USER"
- file_env 'POSTGRES_INITDB_ARGS'
- : "${POSTGRES_HOST_AUTH_METHOD:=}"
-
- declare -g DATABASE_ALREADY_EXISTS
- : "${DATABASE_ALREADY_EXISTS:=}"
- # look specifically for PG_VERSION, as it is expected in the DB dir
- if [ -s "$PGDATA/PG_VERSION" ]; then
- DATABASE_ALREADY_EXISTS='true'
- fi
-}
-
-# append POSTGRES_HOST_AUTH_METHOD to pg_hba.conf for "host" connections
-# all arguments will be passed along as arguments to `postgres` for getting the value of 'password_encryption'
-pg_setup_hba_conf() {
- # default authentication method is md5 on versions before 14
- # https://www.postgresql.org/about/news/postgresql-14-released-2318/
- if [ "$1" = 'postgres' ]; then
- shift
- fi
- local auth
- # check the default/configured encryption and use that as the auth method
- auth="$(postgres -C password_encryption "$@")"
- : "${POSTGRES_HOST_AUTH_METHOD:=$auth}"
- {
- printf '\n'
- if [ 'trust' = "$POSTGRES_HOST_AUTH_METHOD" ]; then
- printf '# warning trust is enabled for all connections\n'
- printf '# see https://www.postgresql.org/docs/12/auth-trust.html\n'
- fi
- printf 'host all all all %s\n' "$POSTGRES_HOST_AUTH_METHOD"
- } >> "$PGDATA/pg_hba.conf"
-}
-
-# start socket-only postgresql server for setting up or running scripts
-# all arguments will be passed along as arguments to `postgres` (via pg_ctl)
-docker_temp_server_start() {
- if [ "$1" = 'postgres' ]; then
- shift
- fi
-
- # internal start of server in order to allow setup using psql client
- # does not listen on external TCP/IP and waits until start finishes
- set -- "$@" -c listen_addresses='' -p "${PGPORT:-5432}"
-
- PGUSER="${PGUSER:-$POSTGRES_USER}" \
- pg_ctl -D "$PGDATA" \
- -o "$(printf '%q ' "$@")" \
- -w start
-}
-
-# stop postgresql server after done setting up user and running scripts
-docker_temp_server_stop() {
- PGUSER="${PGUSER:-postgres}" \
- pg_ctl -D "$PGDATA" -m fast -w stop
-}
-
-# check arguments for an option that would cause postgres to stop
-# return true if there is one
-_pg_want_help() {
- local arg
- for arg; do
- case "$arg" in
- # postgres --help | grep 'then exit'
- # leaving out -C on purpose since it always fails and is unhelpful:
- # postgres: could not access the server configuration file "/var/lib/postgresql/data/postgresql.conf": No such file or directory
- -'?'|--help|--describe-config|-V|--version)
- return 0
- ;;
- esac
- done
- return 1
-}
-
-_main() {
- # if first arg looks like a flag, assume we want to run postgres server
- if [ "${1:0:1}" = '-' ]; then
- set -- postgres "$@"
- fi
-
- if [ "$1" = 'postgres' ] && ! _pg_want_help "$@"; then
- docker_setup_env
- # setup data directories and permissions (when run as root)
- docker_create_db_directories
- if [ "$(id -u)" = '0' ]; then
- # then restart script as postgres user
- exec gosu postgres "$BASH_SOURCE" "$@"
- fi
-
- # only run initialization on an empty data directory
- if [ -z "$DATABASE_ALREADY_EXISTS" ]; then
- docker_verify_minimum_env
-
- # check dir permissions to reduce likelihood of half-initialized database
- ls /docker-entrypoint-initdb.d/ > /dev/null
-
- docker_init_database_dir
- pg_setup_hba_conf "$@"
-
- # PGPASSWORD is required for psql when authentication is required for 'local' connections via pg_hba.conf and is otherwise harmless
- # e.g. when '--auth=md5' or '--auth-local=md5' is used in POSTGRES_INITDB_ARGS
- export PGPASSWORD="${PGPASSWORD:-$POSTGRES_PASSWORD}"
- docker_temp_server_start "$@"
-
- docker_setup_db
- docker_process_init_files /docker-entrypoint-initdb.d/*
-
- docker_temp_server_stop
- unset PGPASSWORD
-
- cat <<-'EOM'
-
- PostgreSQL init process complete; ready for start up.
-
- EOM
- else
- cat <<-'EOM'
-
- PostgreSQL Database directory appears to contain a database; Skipping initialization
-
- EOM
- fi
- fi
-
- exec "$@"
-}
-
-if ! _is_sourced; then
- _main "$@"
-fi
diff --git a/12/alpine3.21/Dockerfile b/12/alpine3.21/Dockerfile
deleted file mode 100644
index 75ddfac841..0000000000
--- a/12/alpine3.21/Dockerfile
+++ /dev/null
@@ -1,228 +0,0 @@
-#
-# NOTE: THIS DOCKERFILE IS GENERATED VIA "apply-templates.sh"
-#
-# PLEASE DO NOT EDIT IT DIRECTLY.
-#
-
-FROM alpine:3.21
-
-# 70 is the standard uid/gid for "postgres" in Alpine
-# https://git.alpinelinux.org/aports/tree/main/postgresql/postgresql.pre-install?h=3.12-stable
-RUN set -eux; \
- addgroup -g 70 -S postgres; \
- adduser -u 70 -S -D -G postgres -H -h /var/lib/postgresql -s /bin/sh postgres; \
-# also create the postgres user's home directory with appropriate permissions
-# see https://github.com/docker-library/postgres/issues/274
- install --verbose --directory --owner postgres --group postgres --mode 1777 /var/lib/postgresql
-
-# grab gosu for easy step-down from root
-# https://github.com/tianon/gosu/releases
-ENV GOSU_VERSION 1.17
-RUN set -eux; \
- \
- apk add --no-cache --virtual .gosu-deps \
- ca-certificates \
- dpkg \
- gnupg \
- ; \
- \
- dpkgArch="$(dpkg --print-architecture | awk -F- '{ print $NF }')"; \
- wget -O /usr/local/bin/gosu "https://github.com/tianon/gosu/releases/download/$GOSU_VERSION/gosu-$dpkgArch"; \
- wget -O /usr/local/bin/gosu.asc "https://github.com/tianon/gosu/releases/download/$GOSU_VERSION/gosu-$dpkgArch.asc"; \
- \
-# verify the signature
- export GNUPGHOME="$(mktemp -d)"; \
- gpg --batch --keyserver hkps://keys.openpgp.org --recv-keys B42F6819007F00F88E364FD4036A9C25BF357DD4; \
- gpg --batch --verify /usr/local/bin/gosu.asc /usr/local/bin/gosu; \
- gpgconf --kill all; \
- rm -rf "$GNUPGHOME" /usr/local/bin/gosu.asc; \
- \
-# clean up fetch dependencies
- apk del --no-network .gosu-deps; \
- \
- chmod +x /usr/local/bin/gosu; \
-# verify that the binary works
- gosu --version; \
- gosu nobody true
-RUN set -eux; ln -svf gosu /usr/local/bin/su-exec; su-exec nobody true # backwards compatibility (removed in PostgreSQL 17+)
-
-# make the "en_US.UTF-8" locale so postgres will be utf-8 enabled by default
-# alpine doesn't require explicit locale-file generation
-ENV LANG en_US.utf8
-
-RUN mkdir /docker-entrypoint-initdb.d
-
-ENV PG_MAJOR 12
-ENV PG_VERSION 12.22
-ENV PG_SHA256 8df3c0474782589d3c6f374b5133b1bd14d168086edbc13c6e72e67dd4527a3b
-
-ENV DOCKER_PG_LLVM_DEPS \
- llvm19-dev \
- clang19
-
-RUN set -eux; \
- \
- wget -O postgresql.tar.bz2 "https://ftp.postgresql.org/pub/source/v$PG_VERSION/postgresql-$PG_VERSION.tar.bz2"; \
- echo "$PG_SHA256 *postgresql.tar.bz2" | sha256sum -c -; \
- mkdir -p /usr/src/postgresql; \
- tar \
- --extract \
- --file postgresql.tar.bz2 \
- --directory /usr/src/postgresql \
- --strip-components 1 \
- ; \
- rm postgresql.tar.bz2; \
- \
- apk add --no-cache --virtual .build-deps \
- $DOCKER_PG_LLVM_DEPS \
- bison \
- coreutils \
- dpkg-dev dpkg \
- flex \
- g++ \
- gcc \
- krb5-dev \
- libc-dev \
- libedit-dev \
- libxml2-dev \
- libxslt-dev \
- linux-headers \
- make \
- openldap-dev \
- openssl-dev \
- perl-dev \
- perl-ipc-run \
- perl-utils \
- python3-dev \
- tcl-dev \
- util-linux-dev \
- zlib-dev \
-# https://www.postgresql.org/docs/10/static/release-10.html#id-1.11.6.9.5.13
- icu-dev \
- ; \
- \
- cd /usr/src/postgresql; \
-# update "DEFAULT_PGSOCKET_DIR" to "/var/run/postgresql" (matching Debian)
-# see https://anonscm.debian.org/git/pkg-postgresql/postgresql.git/tree/debian/patches/51-default-sockets-in-var.patch?id=8b539fcb3e093a521c095e70bdfa76887217b89f
- awk '$1 == "#define" && $2 == "DEFAULT_PGSOCKET_DIR" && $3 == "\"/tmp\"" { $3 = "\"/var/run/postgresql\""; print; next } { print }' src/include/pg_config_manual.h > src/include/pg_config_manual.h.new; \
- grep '/var/run/postgresql' src/include/pg_config_manual.h.new; \
- mv src/include/pg_config_manual.h.new src/include/pg_config_manual.h; \
- gnuArch="$(dpkg-architecture --query DEB_BUILD_GNU_TYPE)"; \
-# explicitly update autoconf config.guess and config.sub so they support more arches/libcs
- wget -O config/config.guess 'https://git.savannah.gnu.org/cgit/config.git/plain/config.guess?id=7d3d27baf8107b630586c962c057e22149653deb'; \
- wget -O config/config.sub 'https://git.savannah.gnu.org/cgit/config.git/plain/config.sub?id=7d3d27baf8107b630586c962c057e22149653deb'; \
- \
-# https://git.alpinelinux.org/aports/tree/community/postgresql15/APKBUILD?h=3.21-stable&id=40544ade947bec1798edb0f749f4e967e842624b#n172
- export LLVM_CONFIG="/usr/lib/llvm19/bin/llvm-config"; \
-# https://git.alpinelinux.org/aports/tree/community/postgresql15/APKBUILD?h=3.21-stable&id=40544ade947bec1798edb0f749f4e967e842624b#n177
- export CLANG=clang-19; \
- \
-# configure options taken from:
-# https://anonscm.debian.org/cgit/pkg-postgresql/postgresql.git/tree/debian/rules?h=9.5
- ./configure \
- --enable-option-checking=fatal \
- --build="$gnuArch" \
-# "/usr/src/postgresql/src/backend/access/common/tupconvert.c:105: undefined reference to `libintl_gettext'"
-# --enable-nls \
- --enable-integer-datetimes \
- --enable-thread-safety \
- --enable-tap-tests \
-# skip debugging info -- we want tiny size instead
-# --enable-debug \
- --disable-rpath \
- --with-uuid=e2fs \
- --with-gnu-ld \
- --with-pgport=5432 \
- --with-system-tzdata=/usr/share/zoneinfo \
- --prefix=/usr/local \
- --with-includes=/usr/local/include \
- --with-libraries=/usr/local/lib \
- --with-gssapi \
- --with-ldap \
- --with-tcl \
- --with-perl \
- --with-python \
-# --with-pam \
- --with-openssl \
- --with-libxml \
- --with-libxslt \
- --with-icu \
- --with-llvm \
- ; \
- make -j "$(nproc)" world-bin; \
- make install-world-bin; \
- make -C contrib install; \
- \
- runDeps="$( \
- scanelf --needed --nobanner --format '%n#p' --recursive /usr/local \
- | tr ',' '\n' \
- | sort -u \
- | awk 'system("[ -e /usr/local/lib/" $1 " ]") == 0 { next } { print "so:" $1 }' \
-# Remove plperl, plpython and pltcl dependencies by default to save image size
-# To use the pl extensions, those have to be installed in a derived image
- | grep -v -e perl -e python -e tcl \
- )"; \
- apk add --no-cache --virtual .postgresql-rundeps \
- $runDeps \
- bash \
- tzdata \
- zstd \
-# https://wiki.alpinelinux.org/wiki/Release_Notes_for_Alpine_3.16.0#ICU_data_split
- icu-data-full \
-# nss_wrapper is not availble on ppc64le: "test case segfaults in ppc64le"
-# https://git.alpinelinux.org/aports/commit/testing/nss_wrapper/APKBUILD?h=3.17-stable&id=94d81ceeb58cff448d489bbcbe9a6d40c9991663
- $([ "$(apk --print-arch)" != 'ppc64le' ] && echo 'nss_wrapper') \
- ; \
- apk del --no-network .build-deps; \
- cd /; \
- rm -rf \
- /usr/src/postgresql \
- /usr/local/share/doc \
- /usr/local/share/man \
- ; \
- \
- postgres --version
-
-# make the sample config easier to munge (and "correct by default")
-RUN set -eux; \
- cp -v /usr/local/share/postgresql/postgresql.conf.sample /usr/local/share/postgresql/postgresql.conf.sample.orig; \
- sed -ri "s!^#?(listen_addresses)\s*=\s*\S+.*!\1 = '*'!" /usr/local/share/postgresql/postgresql.conf.sample; \
- grep -F "listen_addresses = '*'" /usr/local/share/postgresql/postgresql.conf.sample
-
-RUN install --verbose --directory --owner postgres --group postgres --mode 3777 /var/run/postgresql
-
-ENV PGDATA /var/lib/postgresql/data
-# this 1777 will be replaced by 0700 at runtime (allows semi-arbitrary "--user" values)
-RUN install --verbose --directory --owner postgres --group postgres --mode 1777 "$PGDATA"
-VOLUME /var/lib/postgresql/data
-
-COPY docker-entrypoint.sh docker-ensure-initdb.sh /usr/local/bin/
-RUN ln -sT docker-ensure-initdb.sh /usr/local/bin/docker-enforce-initdb.sh
-ENTRYPOINT ["docker-entrypoint.sh"]
-
-# We set the default STOPSIGNAL to SIGINT, which corresponds to what PostgreSQL
-# calls "Fast Shutdown mode" wherein new connections are disallowed and any
-# in-progress transactions are aborted, allowing PostgreSQL to stop cleanly and
-# flush tables to disk.
-#
-# See https://www.postgresql.org/docs/current/server-shutdown.html for more details
-# about available PostgreSQL server shutdown signals.
-#
-# See also https://www.postgresql.org/docs/current/server-start.html for further
-# justification of this as the default value, namely that the example (and
-# shipped) systemd service files use the "Fast Shutdown mode" for service
-# termination.
-#
-STOPSIGNAL SIGINT
-#
-# An additional setting that is recommended for all users regardless of this
-# value is the runtime "--stop-timeout" (or your orchestrator/runtime's
-# equivalent) for controlling how long to wait between sending the defined
-# STOPSIGNAL and sending SIGKILL.
-#
-# The default in most runtimes (such as Docker) is 10 seconds, and the
-# documentation at https://www.postgresql.org/docs/current/server-start.html notes
-# that even 90 seconds may not be long enough in many instances.
-
-EXPOSE 5432
-CMD ["postgres"]
diff --git a/12/alpine3.21/docker-ensure-initdb.sh b/12/alpine3.21/docker-ensure-initdb.sh
deleted file mode 100755
index ae1f6b6b90..0000000000
--- a/12/alpine3.21/docker-ensure-initdb.sh
+++ /dev/null
@@ -1,71 +0,0 @@
-#!/usr/bin/env bash
-set -Eeuo pipefail
-
-#
-# This script is intended for three main use cases:
-#
-# 1. (most importantly) as an example of how to use "docker-entrypoint.sh" to extend/reuse the initialization behavior
-#
-# 2. ("docker-ensure-initdb.sh") as a Kubernetes "init container" to ensure the provided database directory is initialized; see also "startup probes" for an alternative solution
-# (no-op if database is already initialized)
-#
-# 3. ("docker-enforce-initdb.sh") as part of CI to ensure the database is fully initialized before use
-# (error if database is already initialized)
-#
-
-source /usr/local/bin/docker-entrypoint.sh
-
-# arguments to this script are assumed to be arguments to the "postgres" server (same as "docker-entrypoint.sh"), and most "docker-entrypoint.sh" functions assume "postgres" is the first argument (see "_main" over there)
-if [ "$#" -eq 0 ] || [ "$1" != 'postgres' ]; then
- set -- postgres "$@"
-fi
-
-# see also "_main" in "docker-entrypoint.sh"
-
-docker_setup_env
-# setup data directories and permissions (when run as root)
-docker_create_db_directories
-if [ "$(id -u)" = '0' ]; then
- # then restart script as postgres user
- exec gosu postgres "$BASH_SOURCE" "$@"
-fi
-
-# only run initialization on an empty data directory
-if [ -z "$DATABASE_ALREADY_EXISTS" ]; then
- docker_verify_minimum_env
-
- # check dir permissions to reduce likelihood of half-initialized database
- ls /docker-entrypoint-initdb.d/ > /dev/null
-
- docker_init_database_dir
- pg_setup_hba_conf "$@"
-
- # PGPASSWORD is required for psql when authentication is required for 'local' connections via pg_hba.conf and is otherwise harmless
- # e.g. when '--auth=md5' or '--auth-local=md5' is used in POSTGRES_INITDB_ARGS
- export PGPASSWORD="${PGPASSWORD:-$POSTGRES_PASSWORD}"
- docker_temp_server_start "$@"
-
- docker_setup_db
- docker_process_init_files /docker-entrypoint-initdb.d/*
-
- docker_temp_server_stop
- unset PGPASSWORD
-else
- self="$(basename "$0")"
- case "$self" in
- docker-ensure-initdb.sh)
- echo >&2 "$self: note: database already initialized in '$PGDATA'!"
- exit 0
- ;;
-
- docker-enforce-initdb.sh)
- echo >&2 "$self: error: (unexpected) database found in '$PGDATA'!"
- exit 1
- ;;
-
- *)
- echo >&2 "$self: error: unknown file name: $self"
- exit 99
- ;;
- esac
-fi
diff --git a/12/alpine3.21/docker-entrypoint.sh b/12/alpine3.21/docker-entrypoint.sh
deleted file mode 100755
index 6f59993e08..0000000000
--- a/12/alpine3.21/docker-entrypoint.sh
+++ /dev/null
@@ -1,356 +0,0 @@
-#!/usr/bin/env bash
-set -Eeo pipefail
-# TODO swap to -Eeuo pipefail above (after handling all potentially-unset variables)
-
-# usage: file_env VAR [DEFAULT]
-# ie: file_env 'XYZ_DB_PASSWORD' 'example'
-# (will allow for "$XYZ_DB_PASSWORD_FILE" to fill in the value of
-# "$XYZ_DB_PASSWORD" from a file, especially for Docker's secrets feature)
-file_env() {
- local var="$1"
- local fileVar="${var}_FILE"
- local def="${2:-}"
- if [ "${!var:-}" ] && [ "${!fileVar:-}" ]; then
- printf >&2 'error: both %s and %s are set (but are exclusive)\n' "$var" "$fileVar"
- exit 1
- fi
- local val="$def"
- if [ "${!var:-}" ]; then
- val="${!var}"
- elif [ "${!fileVar:-}" ]; then
- val="$(< "${!fileVar}")"
- fi
- export "$var"="$val"
- unset "$fileVar"
-}
-
-# check to see if this file is being run or sourced from another script
-_is_sourced() {
- # https://unix.stackexchange.com/a/215279
- [ "${#FUNCNAME[@]}" -ge 2 ] \
- && [ "${FUNCNAME[0]}" = '_is_sourced' ] \
- && [ "${FUNCNAME[1]}" = 'source' ]
-}
-
-# used to create initial postgres directories and if run as root, ensure ownership to the "postgres" user
-docker_create_db_directories() {
- local user; user="$(id -u)"
-
- mkdir -p "$PGDATA"
- # ignore failure since there are cases where we can't chmod (and PostgreSQL might fail later anyhow - it's picky about permissions of this directory)
- chmod 00700 "$PGDATA" || :
-
- # ignore failure since it will be fine when using the image provided directory; see also https://github.com/docker-library/postgres/pull/289
- mkdir -p /var/run/postgresql || :
- chmod 03775 /var/run/postgresql || :
-
- # Create the transaction log directory before initdb is run so the directory is owned by the correct user
- if [ -n "${POSTGRES_INITDB_WALDIR:-}" ]; then
- mkdir -p "$POSTGRES_INITDB_WALDIR"
- if [ "$user" = '0' ]; then
- find "$POSTGRES_INITDB_WALDIR" \! -user postgres -exec chown postgres '{}' +
- fi
- chmod 700 "$POSTGRES_INITDB_WALDIR"
- fi
-
- # allow the container to be started with `--user`
- if [ "$user" = '0' ]; then
- find "$PGDATA" \! -user postgres -exec chown postgres '{}' +
- find /var/run/postgresql \! -user postgres -exec chown postgres '{}' +
- fi
-}
-
-# initialize empty PGDATA directory with new database via 'initdb'
-# arguments to `initdb` can be passed via POSTGRES_INITDB_ARGS or as arguments to this function
-# `initdb` automatically creates the "postgres", "template0", and "template1" dbnames
-# this is also where the database user is created, specified by `POSTGRES_USER` env
-docker_init_database_dir() {
- # "initdb" is particular about the current user existing in "/etc/passwd", so we use "nss_wrapper" to fake that if necessary
- # see https://github.com/docker-library/postgres/pull/253, https://github.com/docker-library/postgres/issues/359, https://cwrap.org/nss_wrapper.html
- local uid; uid="$(id -u)"
- if ! getent passwd "$uid" &> /dev/null; then
- # see if we can find a suitable "libnss_wrapper.so" (https://salsa.debian.org/sssd-team/nss-wrapper/-/commit/b9925a653a54e24d09d9b498a2d913729f7abb15)
- local wrapper
- for wrapper in {/usr,}/lib{/*,}/libnss_wrapper.so; do
- if [ -s "$wrapper" ]; then
- NSS_WRAPPER_PASSWD="$(mktemp)"
- NSS_WRAPPER_GROUP="$(mktemp)"
- export LD_PRELOAD="$wrapper" NSS_WRAPPER_PASSWD NSS_WRAPPER_GROUP
- local gid; gid="$(id -g)"
- printf 'postgres:x:%s:%s:PostgreSQL:%s:/bin/false\n' "$uid" "$gid" "$PGDATA" > "$NSS_WRAPPER_PASSWD"
- printf 'postgres:x:%s:\n' "$gid" > "$NSS_WRAPPER_GROUP"
- break
- fi
- done
- fi
-
- if [ -n "${POSTGRES_INITDB_WALDIR:-}" ]; then
- set -- --waldir "$POSTGRES_INITDB_WALDIR" "$@"
- fi
-
- # --pwfile refuses to handle a properly-empty file (hence the "\n"): https://github.com/docker-library/postgres/issues/1025
- eval 'initdb --username="$POSTGRES_USER" --pwfile=<(printf "%s\n" "$POSTGRES_PASSWORD") '"$POSTGRES_INITDB_ARGS"' "$@"'
-
- # unset/cleanup "nss_wrapper" bits
- if [[ "${LD_PRELOAD:-}" == */libnss_wrapper.so ]]; then
- rm -f "$NSS_WRAPPER_PASSWD" "$NSS_WRAPPER_GROUP"
- unset LD_PRELOAD NSS_WRAPPER_PASSWD NSS_WRAPPER_GROUP
- fi
-}
-
-# print large warning if POSTGRES_PASSWORD is long
-# error if both POSTGRES_PASSWORD is empty and POSTGRES_HOST_AUTH_METHOD is not 'trust'
-# print large warning if POSTGRES_HOST_AUTH_METHOD is set to 'trust'
-# assumes database is not set up, ie: [ -z "$DATABASE_ALREADY_EXISTS" ]
-docker_verify_minimum_env() {
- case "${PG_MAJOR:-}" in
- 12 | 13) # https://github.com/postgres/postgres/commit/67a472d71c98c3d2fa322a1b4013080b20720b98
- # check password first so we can output the warning before postgres
- # messes it up
- if [ "${#POSTGRES_PASSWORD}" -ge 100 ]; then
- cat >&2 <<-'EOWARN'
-
- WARNING: The supplied POSTGRES_PASSWORD is 100+ characters.
-
- This will not work if used via PGPASSWORD with "psql".
-
- https://www.postgresql.org/message-id/flat/E1Rqxp2-0004Qt-PL%40wrigleys.postgresql.org (BUG #6412)
- https://github.com/docker-library/postgres/issues/507
-
- EOWARN
- fi
- ;;
- esac
- if [ -z "$POSTGRES_PASSWORD" ] && [ 'trust' != "$POSTGRES_HOST_AUTH_METHOD" ]; then
- # The - option suppresses leading tabs but *not* spaces. :)
- cat >&2 <<-'EOE'
- Error: Database is uninitialized and superuser password is not specified.
- You must specify POSTGRES_PASSWORD to a non-empty value for the
- superuser. For example, "-e POSTGRES_PASSWORD=password" on "docker run".
-
- You may also use "POSTGRES_HOST_AUTH_METHOD=trust" to allow all
- connections without a password. This is *not* recommended.
-
- See PostgreSQL documentation about "trust":
- https://www.postgresql.org/docs/current/auth-trust.html
- EOE
- exit 1
- fi
- if [ 'trust' = "$POSTGRES_HOST_AUTH_METHOD" ]; then
- cat >&2 <<-'EOWARN'
- ********************************************************************************
- WARNING: POSTGRES_HOST_AUTH_METHOD has been set to "trust". This will allow
- anyone with access to the Postgres port to access your database without
- a password, even if POSTGRES_PASSWORD is set. See PostgreSQL
- documentation about "trust":
- https://www.postgresql.org/docs/current/auth-trust.html
- In Docker's default configuration, this is effectively any other
- container on the same system.
-
- It is not recommended to use POSTGRES_HOST_AUTH_METHOD=trust. Replace
- it with "-e POSTGRES_PASSWORD=password" instead to set a password in
- "docker run".
- ********************************************************************************
- EOWARN
- fi
-}
-
-# usage: docker_process_init_files [file [file [...]]]
-# ie: docker_process_init_files /always-initdb.d/*
-# process initializer files, based on file extensions and permissions
-docker_process_init_files() {
- # psql here for backwards compatibility "${psql[@]}"
- psql=( docker_process_sql )
-
- printf '\n'
- local f
- for f; do
- case "$f" in
- *.sh)
- # https://github.com/docker-library/postgres/issues/450#issuecomment-393167936
- # https://github.com/docker-library/postgres/pull/452
- if [ -x "$f" ]; then
- printf '%s: running %s\n' "$0" "$f"
- "$f"
- else
- printf '%s: sourcing %s\n' "$0" "$f"
- . "$f"
- fi
- ;;
- *.sql) printf '%s: running %s\n' "$0" "$f"; docker_process_sql -f "$f"; printf '\n' ;;
- *.sql.gz) printf '%s: running %s\n' "$0" "$f"; gunzip -c "$f" | docker_process_sql; printf '\n' ;;
- *.sql.xz) printf '%s: running %s\n' "$0" "$f"; xzcat "$f" | docker_process_sql; printf '\n' ;;
- *.sql.zst) printf '%s: running %s\n' "$0" "$f"; zstd -dc "$f" | docker_process_sql; printf '\n' ;;
- *) printf '%s: ignoring %s\n' "$0" "$f" ;;
- esac
- printf '\n'
- done
-}
-
-# Execute sql script, passed via stdin (or -f flag of pqsl)
-# usage: docker_process_sql [psql-cli-args]
-# ie: docker_process_sql --dbname=mydb <<<'INSERT ...'
-# ie: docker_process_sql -f my-file.sql
-# ie: docker_process_sql <my-file.sql
-docker_process_sql() {
- local query_runner=( psql -v ON_ERROR_STOP=1 --username "$POSTGRES_USER" --no-password --no-psqlrc )
- if [ -n "$POSTGRES_DB" ]; then
- query_runner+=( --dbname "$POSTGRES_DB" )
- fi
-
- PGHOST= PGHOSTADDR= "${query_runner[@]}" "$@"
-}
-
-# create initial database
-# uses environment variables for input: POSTGRES_DB
-docker_setup_db() {
- local dbAlreadyExists
- dbAlreadyExists="$(
- POSTGRES_DB= docker_process_sql --dbname postgres --set db="$POSTGRES_DB" --tuples-only <<-'EOSQL'
- SELECT 1 FROM pg_database WHERE datname = :'db' ;
- EOSQL
- )"
- if [ -z "$dbAlreadyExists" ]; then
- POSTGRES_DB= docker_process_sql --dbname postgres --set db="$POSTGRES_DB" <<-'EOSQL'
- CREATE DATABASE :"db" ;
- EOSQL
- printf '\n'
- fi
-}
-
-# Loads various settings that are used elsewhere in the script
-# This should be called before any other functions
-docker_setup_env() {
- file_env 'POSTGRES_PASSWORD'
-
- file_env 'POSTGRES_USER' 'postgres'
- file_env 'POSTGRES_DB' "$POSTGRES_USER"
- file_env 'POSTGRES_INITDB_ARGS'
- : "${POSTGRES_HOST_AUTH_METHOD:=}"
-
- declare -g DATABASE_ALREADY_EXISTS
- : "${DATABASE_ALREADY_EXISTS:=}"
- # look specifically for PG_VERSION, as it is expected in the DB dir
- if [ -s "$PGDATA/PG_VERSION" ]; then
- DATABASE_ALREADY_EXISTS='true'
- fi
-}
-
-# append POSTGRES_HOST_AUTH_METHOD to pg_hba.conf for "host" connections
-# all arguments will be passed along as arguments to `postgres` for getting the value of 'password_encryption'
-pg_setup_hba_conf() {
- # default authentication method is md5 on versions before 14
- # https://www.postgresql.org/about/news/postgresql-14-released-2318/
- if [ "$1" = 'postgres' ]; then
- shift
- fi
- local auth
- # check the default/configured encryption and use that as the auth method
- auth="$(postgres -C password_encryption "$@")"
- : "${POSTGRES_HOST_AUTH_METHOD:=$auth}"
- {
- printf '\n'
- if [ 'trust' = "$POSTGRES_HOST_AUTH_METHOD" ]; then
- printf '# warning trust is enabled for all connections\n'
- printf '# see https://www.postgresql.org/docs/12/auth-trust.html\n'
- fi
- printf 'host all all all %s\n' "$POSTGRES_HOST_AUTH_METHOD"
- } >> "$PGDATA/pg_hba.conf"
-}
-
-# start socket-only postgresql server for setting up or running scripts
-# all arguments will be passed along as arguments to `postgres` (via pg_ctl)
-docker_temp_server_start() {
- if [ "$1" = 'postgres' ]; then
- shift
- fi
-
- # internal start of server in order to allow setup using psql client
- # does not listen on external TCP/IP and waits until start finishes
- set -- "$@" -c listen_addresses='' -p "${PGPORT:-5432}"
-
- PGUSER="${PGUSER:-$POSTGRES_USER}" \
- pg_ctl -D "$PGDATA" \
- -o "$(printf '%q ' "$@")" \
- -w start
-}
-
-# stop postgresql server after done setting up user and running scripts
-docker_temp_server_stop() {
- PGUSER="${PGUSER:-postgres}" \
- pg_ctl -D "$PGDATA" -m fast -w stop
-}
-
-# check arguments for an option that would cause postgres to stop
-# return true if there is one
-_pg_want_help() {
- local arg
- for arg; do
- case "$arg" in
- # postgres --help | grep 'then exit'
- # leaving out -C on purpose since it always fails and is unhelpful:
- # postgres: could not access the server configuration file "/var/lib/postgresql/data/postgresql.conf": No such file or directory
- -'?'|--help|--describe-config|-V|--version)
- return 0
- ;;
- esac
- done
- return 1
-}
-
-_main() {
- # if first arg looks like a flag, assume we want to run postgres server
- if [ "${1:0:1}" = '-' ]; then
- set -- postgres "$@"
- fi
-
- if [ "$1" = 'postgres' ] && ! _pg_want_help "$@"; then
- docker_setup_env
- # setup data directories and permissions (when run as root)
- docker_create_db_directories
- if [ "$(id -u)" = '0' ]; then
- # then restart script as postgres user
- exec gosu postgres "$BASH_SOURCE" "$@"
- fi
-
- # only run initialization on an empty data directory
- if [ -z "$DATABASE_ALREADY_EXISTS" ]; then
- docker_verify_minimum_env
-
- # check dir permissions to reduce likelihood of half-initialized database
- ls /docker-entrypoint-initdb.d/ > /dev/null
-
- docker_init_database_dir
- pg_setup_hba_conf "$@"
-
- # PGPASSWORD is required for psql when authentication is required for 'local' connections via pg_hba.conf and is otherwise harmless
- # e.g. when '--auth=md5' or '--auth-local=md5' is used in POSTGRES_INITDB_ARGS
- export PGPASSWORD="${PGPASSWORD:-$POSTGRES_PASSWORD}"
- docker_temp_server_start "$@"
-
- docker_setup_db
- docker_process_init_files /docker-entrypoint-initdb.d/*
-
- docker_temp_server_stop
- unset PGPASSWORD
-
- cat <<-'EOM'
-
- PostgreSQL init process complete; ready for start up.
-
- EOM
- else
- cat <<-'EOM'
-
- PostgreSQL Database directory appears to contain a database; Skipping initialization
-
- EOM
- fi
- fi
-
- exec "$@"
-}
-
-if ! _is_sourced; then
- _main "$@"
-fi
diff --git a/12/bookworm/Dockerfile b/12/bookworm/Dockerfile
deleted file mode 100644
index cff8863b42..0000000000
--- a/12/bookworm/Dockerfile
+++ /dev/null
@@ -1,219 +0,0 @@
-#
-# NOTE: THIS DOCKERFILE IS GENERATED VIA "apply-templates.sh"
-#
-# PLEASE DO NOT EDIT IT DIRECTLY.
-#
-
-FROM debian:bookworm-slim
-
-# explicitly set user/group IDs
-RUN set -eux; \
- groupadd -r postgres --gid=999; \
-# https://salsa.debian.org/postgresql/postgresql-common/blob/997d842ee744687d99a2b2d95c1083a2615c79e8/debian/postgresql-common.postinst#L32-35
- useradd -r -g postgres --uid=999 --home-dir=/var/lib/postgresql --shell=/bin/bash postgres; \
-# also create the postgres user's home directory with appropriate permissions
-# see https://github.com/docker-library/postgres/issues/274
- install --verbose --directory --owner postgres --group postgres --mode 1777 /var/lib/postgresql
-
-RUN set -ex; \
- apt-get update; \
- apt-get install -y --no-install-recommends \
- gnupg \
-# https://www.postgresql.org/docs/16/app-psql.html#APP-PSQL-META-COMMAND-PSET-PAGER
-# https://github.com/postgres/postgres/blob/REL_16_1/src/include/fe_utils/print.h#L25
-# (if "less" is available, it gets used as the default pager for psql, and it only adds ~1.5MiB to our image size)
- less \
- ; \
- rm -rf /var/lib/apt/lists/*
-
-# grab gosu for easy step-down from root
-# https://github.com/tianon/gosu/releases
-ENV GOSU_VERSION 1.17
-RUN set -eux; \
- savedAptMark="$(apt-mark showmanual)"; \
- apt-get update; \
- apt-get install -y --no-install-recommends ca-certificates wget; \
- rm -rf /var/lib/apt/lists/*; \
- dpkgArch="$(dpkg --print-architecture | awk -F- '{ print $NF }')"; \
- wget -O /usr/local/bin/gosu "https://github.com/tianon/gosu/releases/download/$GOSU_VERSION/gosu-$dpkgArch"; \
- wget -O /usr/local/bin/gosu.asc "https://github.com/tianon/gosu/releases/download/$GOSU_VERSION/gosu-$dpkgArch.asc"; \
- export GNUPGHOME="$(mktemp -d)"; \
- gpg --batch --keyserver hkps://keys.openpgp.org --recv-keys B42F6819007F00F88E364FD4036A9C25BF357DD4; \
- gpg --batch --verify /usr/local/bin/gosu.asc /usr/local/bin/gosu; \
- gpgconf --kill all; \
- rm -rf "$GNUPGHOME" /usr/local/bin/gosu.asc; \
- apt-mark auto '.*' > /dev/null; \
- [ -z "$savedAptMark" ] || apt-mark manual $savedAptMark > /dev/null; \
- apt-get purge -y --auto-remove -o APT::AutoRemove::RecommendsImportant=false; \
- chmod +x /usr/local/bin/gosu; \
- gosu --version; \
- gosu nobody true
-
-# make the "en_US.UTF-8" locale so postgres will be utf-8 enabled by default
-RUN set -eux; \
- if [ -f /etc/dpkg/dpkg.cfg.d/docker ]; then \
-# if this file exists, we're likely in "debian:xxx-slim", and locales are thus being excluded so we need to remove that exclusion (since we need locales)
- grep -q '/usr/share/locale' /etc/dpkg/dpkg.cfg.d/docker; \
- sed -ri '/\/usr\/share\/locale/d' /etc/dpkg/dpkg.cfg.d/docker; \
- ! grep -q '/usr/share/locale' /etc/dpkg/dpkg.cfg.d/docker; \
- fi; \
- apt-get update; apt-get install -y --no-install-recommends locales; rm -rf /var/lib/apt/lists/*; \
- echo 'en_US.UTF-8 UTF-8' >> /etc/locale.gen; \
- locale-gen; \
- locale -a | grep 'en_US.utf8'
-ENV LANG en_US.utf8
-
-RUN set -eux; \
- apt-get update; \
- apt-get install -y --no-install-recommends \
- libnss-wrapper \
- xz-utils \
- zstd \
- ; \
- rm -rf /var/lib/apt/lists/*
-
-RUN mkdir /docker-entrypoint-initdb.d
-
-RUN set -ex; \
-# pub 4096R/ACCC4CF8 2011-10-13 [expires: 2019-07-02]
-# Key fingerprint = B97B 0AFC AA1A 47F0 44F2 44A0 7FCC 7D46 ACCC 4CF8
-# uid PostgreSQL Debian Repository
- key='B97B0AFCAA1A47F044F244A07FCC7D46ACCC4CF8'; \
- export GNUPGHOME="$(mktemp -d)"; \
- mkdir -p /usr/local/share/keyrings/; \
- gpg --batch --keyserver keyserver.ubuntu.com --recv-keys "$key"; \
- gpg --batch --export --armor "$key" > /usr/local/share/keyrings/postgres.gpg.asc; \
- gpgconf --kill all; \
- rm -rf "$GNUPGHOME"
-
-ENV PG_MAJOR 12
-ENV PATH $PATH:/usr/lib/postgresql/$PG_MAJOR/bin
-
-ENV PG_VERSION 12.22-2.pgdg120+1
-
-RUN set -ex; \
- \
-# see note below about "*.pyc" files
- export PYTHONDONTWRITEBYTECODE=1; \
- \
- dpkgArch="$(dpkg --print-architecture)"; \
- aptRepo="[ signed-by=/usr/local/share/keyrings/postgres.gpg.asc ] http://apt.postgresql.org/pub/repos/apt/ bookworm-pgdg main $PG_MAJOR"; \
- case "$dpkgArch" in \
- amd64 | arm64 | ppc64el | s390x) \
-# arches officialy built by upstream
- echo "deb $aptRepo" > /etc/apt/sources.list.d/pgdg.list; \
- apt-get update; \
- ;; \
- *) \
-# we're on an architecture upstream doesn't officially build for
-# let's build binaries from their published source packages
- echo "deb-src $aptRepo" > /etc/apt/sources.list.d/pgdg.list; \
- \
- savedAptMark="$(apt-mark showmanual)"; \
- \
- tempDir="$(mktemp -d)"; \
- cd "$tempDir"; \
- \
-# create a temporary local APT repo to install from (so that dependency resolution can be handled by APT, as it should be)
- apt-get update; \
- apt-get install -y --no-install-recommends dpkg-dev; \
- echo "deb [ trusted=yes ] file://$tempDir ./" > /etc/apt/sources.list.d/temp.list; \
- _update_repo() { \
- dpkg-scanpackages . > Packages; \
-# work around the following APT issue by using "Acquire::GzipIndexes=false" (overriding "/etc/apt/apt.conf.d/docker-gzip-indexes")
-# Could not open file /var/lib/apt/lists/partial/_tmp_tmp.ODWljpQfkE_._Packages - open (13: Permission denied)
-# ...
-# E: Failed to fetch store:/var/lib/apt/lists/partial/_tmp_tmp.ODWljpQfkE_._Packages Could not open file /var/lib/apt/lists/partial/_tmp_tmp.ODWljpQfkE_._Packages - open (13: Permission denied)
- apt-get -o Acquire::GzipIndexes=false update; \
- }; \
- _update_repo; \
- \
-# build .deb files from upstream's source packages (which are verified by apt-get)
- nproc="$(nproc)"; \
- export DEB_BUILD_OPTIONS="nocheck parallel=$nproc"; \
-# we have to build postgresql-common first because postgresql-$PG_MAJOR shares "debian/rules" logic with it: https://salsa.debian.org/postgresql/postgresql/-/commit/99f44476e258cae6bf9e919219fa2c5414fa2876
-# (and it "Depends: pgdg-keyring")
- apt-get build-dep -y postgresql-common pgdg-keyring; \
- apt-get source --compile postgresql-common pgdg-keyring; \
- _update_repo; \
- apt-get build-dep -y "postgresql-$PG_MAJOR=$PG_VERSION"; \
- apt-get source --compile "postgresql-$PG_MAJOR=$PG_VERSION"; \
- \
-# we don't remove APT lists here because they get re-downloaded and removed later
- \
-# reset apt-mark's "manual" list so that "purge --auto-remove" will remove all build dependencies
-# (which is done after we install the built packages so we don't have to redownload any overlapping dependencies)
- apt-mark showmanual | xargs apt-mark auto > /dev/null; \
- apt-mark manual $savedAptMark; \
- \
- ls -lAFh; \
- _update_repo; \
- grep '^Package: ' Packages; \
- cd /; \
- ;; \
- esac; \
- \
- apt-get install -y --no-install-recommends postgresql-common; \
- sed -ri 's/#(create_main_cluster) .*$/\1 = false/' /etc/postgresql-common/createcluster.conf; \
- apt-get install -y --no-install-recommends \
- "postgresql-$PG_MAJOR=$PG_VERSION" \
- ; \
- \
- rm -rf /var/lib/apt/lists/*; \
- \
- if [ -n "$tempDir" ]; then \
-# if we have leftovers from building, let's purge them (including extra, unnecessary build deps)
- apt-get purge -y --auto-remove; \
- rm -rf "$tempDir" /etc/apt/sources.list.d/temp.list; \
- fi; \
- \
-# some of the steps above generate a lot of "*.pyc" files (and setting "PYTHONDONTWRITEBYTECODE" beforehand doesn't propagate properly for some reason), so we clean them up manually (as long as they aren't owned by a package)
- find /usr -name '*.pyc' -type f -exec bash -c 'for pyc; do dpkg -S "$pyc" &> /dev/null || rm -vf "$pyc"; done' -- '{}' +; \
- \
- postgres --version
-
-# make the sample config easier to munge (and "correct by default")
-RUN set -eux; \
- dpkg-divert --add --rename --divert "/usr/share/postgresql/postgresql.conf.sample.dpkg" "/usr/share/postgresql/$PG_MAJOR/postgresql.conf.sample"; \
- cp -v /usr/share/postgresql/postgresql.conf.sample.dpkg /usr/share/postgresql/postgresql.conf.sample; \
- ln -sv ../postgresql.conf.sample "/usr/share/postgresql/$PG_MAJOR/"; \
- sed -ri "s!^#?(listen_addresses)\s*=\s*\S+.*!\1 = '*'!" /usr/share/postgresql/postgresql.conf.sample; \
- grep -F "listen_addresses = '*'" /usr/share/postgresql/postgresql.conf.sample
-
-RUN install --verbose --directory --owner postgres --group postgres --mode 3777 /var/run/postgresql
-
-ENV PGDATA /var/lib/postgresql/data
-# this 1777 will be replaced by 0700 at runtime (allows semi-arbitrary "--user" values)
-RUN install --verbose --directory --owner postgres --group postgres --mode 1777 "$PGDATA"
-VOLUME /var/lib/postgresql/data
-
-COPY docker-entrypoint.sh docker-ensure-initdb.sh /usr/local/bin/
-RUN ln -sT docker-ensure-initdb.sh /usr/local/bin/docker-enforce-initdb.sh
-ENTRYPOINT ["docker-entrypoint.sh"]
-
-# We set the default STOPSIGNAL to SIGINT, which corresponds to what PostgreSQL
-# calls "Fast Shutdown mode" wherein new connections are disallowed and any
-# in-progress transactions are aborted, allowing PostgreSQL to stop cleanly and
-# flush tables to disk.
-#
-# See https://www.postgresql.org/docs/current/server-shutdown.html for more details
-# about available PostgreSQL server shutdown signals.
-#
-# See also https://www.postgresql.org/docs/current/server-start.html for further
-# justification of this as the default value, namely that the example (and
-# shipped) systemd service files use the "Fast Shutdown mode" for service
-# termination.
-#
-STOPSIGNAL SIGINT
-#
-# An additional setting that is recommended for all users regardless of this
-# value is the runtime "--stop-timeout" (or your orchestrator/runtime's
-# equivalent) for controlling how long to wait between sending the defined
-# STOPSIGNAL and sending SIGKILL.
-#
-# The default in most runtimes (such as Docker) is 10 seconds, and the
-# documentation at https://www.postgresql.org/docs/current/server-start.html notes
-# that even 90 seconds may not be long enough in many instances.
-
-EXPOSE 5432
-CMD ["postgres"]
diff --git a/12/bookworm/docker-ensure-initdb.sh b/12/bookworm/docker-ensure-initdb.sh
deleted file mode 100755
index ae1f6b6b90..0000000000
--- a/12/bookworm/docker-ensure-initdb.sh
+++ /dev/null
@@ -1,71 +0,0 @@
-#!/usr/bin/env bash
-set -Eeuo pipefail
-
-#
-# This script is intended for three main use cases:
-#
-# 1. (most importantly) as an example of how to use "docker-entrypoint.sh" to extend/reuse the initialization behavior
-#
-# 2. ("docker-ensure-initdb.sh") as a Kubernetes "init container" to ensure the provided database directory is initialized; see also "startup probes" for an alternative solution
-# (no-op if database is already initialized)
-#
-# 3. ("docker-enforce-initdb.sh") as part of CI to ensure the database is fully initialized before use
-# (error if database is already initialized)
-#
-
-source /usr/local/bin/docker-entrypoint.sh
-
-# arguments to this script are assumed to be arguments to the "postgres" server (same as "docker-entrypoint.sh"), and most "docker-entrypoint.sh" functions assume "postgres" is the first argument (see "_main" over there)
-if [ "$#" -eq 0 ] || [ "$1" != 'postgres' ]; then
- set -- postgres "$@"
-fi
-
-# see also "_main" in "docker-entrypoint.sh"
-
-docker_setup_env
-# setup data directories and permissions (when run as root)
-docker_create_db_directories
-if [ "$(id -u)" = '0' ]; then
- # then restart script as postgres user
- exec gosu postgres "$BASH_SOURCE" "$@"
-fi
-
-# only run initialization on an empty data directory
-if [ -z "$DATABASE_ALREADY_EXISTS" ]; then
- docker_verify_minimum_env
-
- # check dir permissions to reduce likelihood of half-initialized database
- ls /docker-entrypoint-initdb.d/ > /dev/null
-
- docker_init_database_dir
- pg_setup_hba_conf "$@"
-
- # PGPASSWORD is required for psql when authentication is required for 'local' connections via pg_hba.conf and is otherwise harmless
- # e.g. when '--auth=md5' or '--auth-local=md5' is used in POSTGRES_INITDB_ARGS
- export PGPASSWORD="${PGPASSWORD:-$POSTGRES_PASSWORD}"
- docker_temp_server_start "$@"
-
- docker_setup_db
- docker_process_init_files /docker-entrypoint-initdb.d/*
-
- docker_temp_server_stop
- unset PGPASSWORD
-else
- self="$(basename "$0")"
- case "$self" in
- docker-ensure-initdb.sh)
- echo >&2 "$self: note: database already initialized in '$PGDATA'!"
- exit 0
- ;;
-
- docker-enforce-initdb.sh)
- echo >&2 "$self: error: (unexpected) database found in '$PGDATA'!"
- exit 1
- ;;
-
- *)
- echo >&2 "$self: error: unknown file name: $self"
- exit 99
- ;;
- esac
-fi
diff --git a/12/bookworm/docker-entrypoint.sh b/12/bookworm/docker-entrypoint.sh
deleted file mode 100755
index 6f59993e08..0000000000
--- a/12/bookworm/docker-entrypoint.sh
+++ /dev/null
@@ -1,356 +0,0 @@
-#!/usr/bin/env bash
-set -Eeo pipefail
-# TODO swap to -Eeuo pipefail above (after handling all potentially-unset variables)
-
-# usage: file_env VAR [DEFAULT]
-# ie: file_env 'XYZ_DB_PASSWORD' 'example'
-# (will allow for "$XYZ_DB_PASSWORD_FILE" to fill in the value of
-# "$XYZ_DB_PASSWORD" from a file, especially for Docker's secrets feature)
-file_env() {
- local var="$1"
- local fileVar="${var}_FILE"
- local def="${2:-}"
- if [ "${!var:-}" ] && [ "${!fileVar:-}" ]; then
- printf >&2 'error: both %s and %s are set (but are exclusive)\n' "$var" "$fileVar"
- exit 1
- fi
- local val="$def"
- if [ "${!var:-}" ]; then
- val="${!var}"
- elif [ "${!fileVar:-}" ]; then
- val="$(< "${!fileVar}")"
- fi
- export "$var"="$val"
- unset "$fileVar"
-}
-
-# check to see if this file is being run or sourced from another script
-_is_sourced() {
- # https://unix.stackexchange.com/a/215279
- [ "${#FUNCNAME[@]}" -ge 2 ] \
- && [ "${FUNCNAME[0]}" = '_is_sourced' ] \
- && [ "${FUNCNAME[1]}" = 'source' ]
-}
-
-# used to create initial postgres directories and if run as root, ensure ownership to the "postgres" user
-docker_create_db_directories() {
- local user; user="$(id -u)"
-
- mkdir -p "$PGDATA"
- # ignore failure since there are cases where we can't chmod (and PostgreSQL might fail later anyhow - it's picky about permissions of this directory)
- chmod 00700 "$PGDATA" || :
-
- # ignore failure since it will be fine when using the image provided directory; see also https://github.com/docker-library/postgres/pull/289
- mkdir -p /var/run/postgresql || :
- chmod 03775 /var/run/postgresql || :
-
- # Create the transaction log directory before initdb is run so the directory is owned by the correct user
- if [ -n "${POSTGRES_INITDB_WALDIR:-}" ]; then
- mkdir -p "$POSTGRES_INITDB_WALDIR"
- if [ "$user" = '0' ]; then
- find "$POSTGRES_INITDB_WALDIR" \! -user postgres -exec chown postgres '{}' +
- fi
- chmod 700 "$POSTGRES_INITDB_WALDIR"
- fi
-
- # allow the container to be started with `--user`
- if [ "$user" = '0' ]; then
- find "$PGDATA" \! -user postgres -exec chown postgres '{}' +
- find /var/run/postgresql \! -user postgres -exec chown postgres '{}' +
- fi
-}
-
-# initialize empty PGDATA directory with new database via 'initdb'
-# arguments to `initdb` can be passed via POSTGRES_INITDB_ARGS or as arguments to this function
-# `initdb` automatically creates the "postgres", "template0", and "template1" dbnames
-# this is also where the database user is created, specified by `POSTGRES_USER` env
-docker_init_database_dir() {
- # "initdb" is particular about the current user existing in "/etc/passwd", so we use "nss_wrapper" to fake that if necessary
- # see https://github.com/docker-library/postgres/pull/253, https://github.com/docker-library/postgres/issues/359, https://cwrap.org/nss_wrapper.html
- local uid; uid="$(id -u)"
- if ! getent passwd "$uid" &> /dev/null; then
- # see if we can find a suitable "libnss_wrapper.so" (https://salsa.debian.org/sssd-team/nss-wrapper/-/commit/b9925a653a54e24d09d9b498a2d913729f7abb15)
- local wrapper
- for wrapper in {/usr,}/lib{/*,}/libnss_wrapper.so; do
- if [ -s "$wrapper" ]; then
- NSS_WRAPPER_PASSWD="$(mktemp)"
- NSS_WRAPPER_GROUP="$(mktemp)"
- export LD_PRELOAD="$wrapper" NSS_WRAPPER_PASSWD NSS_WRAPPER_GROUP
- local gid; gid="$(id -g)"
- printf 'postgres:x:%s:%s:PostgreSQL:%s:/bin/false\n' "$uid" "$gid" "$PGDATA" > "$NSS_WRAPPER_PASSWD"
- printf 'postgres:x:%s:\n' "$gid" > "$NSS_WRAPPER_GROUP"
- break
- fi
- done
- fi
-
- if [ -n "${POSTGRES_INITDB_WALDIR:-}" ]; then
- set -- --waldir "$POSTGRES_INITDB_WALDIR" "$@"
- fi
-
- # --pwfile refuses to handle a properly-empty file (hence the "\n"): https://github.com/docker-library/postgres/issues/1025
- eval 'initdb --username="$POSTGRES_USER" --pwfile=<(printf "%s\n" "$POSTGRES_PASSWORD") '"$POSTGRES_INITDB_ARGS"' "$@"'
-
- # unset/cleanup "nss_wrapper" bits
- if [[ "${LD_PRELOAD:-}" == */libnss_wrapper.so ]]; then
- rm -f "$NSS_WRAPPER_PASSWD" "$NSS_WRAPPER_GROUP"
- unset LD_PRELOAD NSS_WRAPPER_PASSWD NSS_WRAPPER_GROUP
- fi
-}
-
-# print large warning if POSTGRES_PASSWORD is long
-# error if both POSTGRES_PASSWORD is empty and POSTGRES_HOST_AUTH_METHOD is not 'trust'
-# print large warning if POSTGRES_HOST_AUTH_METHOD is set to 'trust'
-# assumes database is not set up, ie: [ -z "$DATABASE_ALREADY_EXISTS" ]
-docker_verify_minimum_env() {
- case "${PG_MAJOR:-}" in
- 12 | 13) # https://github.com/postgres/postgres/commit/67a472d71c98c3d2fa322a1b4013080b20720b98
- # check password first so we can output the warning before postgres
- # messes it up
- if [ "${#POSTGRES_PASSWORD}" -ge 100 ]; then
- cat >&2 <<-'EOWARN'
-
- WARNING: The supplied POSTGRES_PASSWORD is 100+ characters.
-
- This will not work if used via PGPASSWORD with "psql".
-
- https://www.postgresql.org/message-id/flat/E1Rqxp2-0004Qt-PL%40wrigleys.postgresql.org (BUG #6412)
- https://github.com/docker-library/postgres/issues/507
-
- EOWARN
- fi
- ;;
- esac
- if [ -z "$POSTGRES_PASSWORD" ] && [ 'trust' != "$POSTGRES_HOST_AUTH_METHOD" ]; then
- # The - option suppresses leading tabs but *not* spaces. :)
- cat >&2 <<-'EOE'
- Error: Database is uninitialized and superuser password is not specified.
- You must specify POSTGRES_PASSWORD to a non-empty value for the
- superuser. For example, "-e POSTGRES_PASSWORD=password" on "docker run".
-
- You may also use "POSTGRES_HOST_AUTH_METHOD=trust" to allow all
- connections without a password. This is *not* recommended.
-
- See PostgreSQL documentation about "trust":
- https://www.postgresql.org/docs/current/auth-trust.html
- EOE
- exit 1
- fi
- if [ 'trust' = "$POSTGRES_HOST_AUTH_METHOD" ]; then
- cat >&2 <<-'EOWARN'
- ********************************************************************************
- WARNING: POSTGRES_HOST_AUTH_METHOD has been set to "trust". This will allow
- anyone with access to the Postgres port to access your database without
- a password, even if POSTGRES_PASSWORD is set. See PostgreSQL
- documentation about "trust":
- https://www.postgresql.org/docs/current/auth-trust.html
- In Docker's default configuration, this is effectively any other
- container on the same system.
-
- It is not recommended to use POSTGRES_HOST_AUTH_METHOD=trust. Replace
- it with "-e POSTGRES_PASSWORD=password" instead to set a password in
- "docker run".
- ********************************************************************************
- EOWARN
- fi
-}
-
-# usage: docker_process_init_files [file [file [...]]]
-# ie: docker_process_init_files /always-initdb.d/*
-# process initializer files, based on file extensions and permissions
-docker_process_init_files() {
- # psql here for backwards compatibility "${psql[@]}"
- psql=( docker_process_sql )
-
- printf '\n'
- local f
- for f; do
- case "$f" in
- *.sh)
- # https://github.com/docker-library/postgres/issues/450#issuecomment-393167936
- # https://github.com/docker-library/postgres/pull/452
- if [ -x "$f" ]; then
- printf '%s: running %s\n' "$0" "$f"
- "$f"
- else
- printf '%s: sourcing %s\n' "$0" "$f"
- . "$f"
- fi
- ;;
- *.sql) printf '%s: running %s\n' "$0" "$f"; docker_process_sql -f "$f"; printf '\n' ;;
- *.sql.gz) printf '%s: running %s\n' "$0" "$f"; gunzip -c "$f" | docker_process_sql; printf '\n' ;;
- *.sql.xz) printf '%s: running %s\n' "$0" "$f"; xzcat "$f" | docker_process_sql; printf '\n' ;;
- *.sql.zst) printf '%s: running %s\n' "$0" "$f"; zstd -dc "$f" | docker_process_sql; printf '\n' ;;
- *) printf '%s: ignoring %s\n' "$0" "$f" ;;
- esac
- printf '\n'
- done
-}
-
-# Execute sql script, passed via stdin (or -f flag of pqsl)
-# usage: docker_process_sql [psql-cli-args]
-# ie: docker_process_sql --dbname=mydb <<<'INSERT ...'
-# ie: docker_process_sql -f my-file.sql
-# ie: docker_process_sql <my-file.sql
-docker_process_sql() {
- local query_runner=( psql -v ON_ERROR_STOP=1 --username "$POSTGRES_USER" --no-password --no-psqlrc )
- if [ -n "$POSTGRES_DB" ]; then
- query_runner+=( --dbname "$POSTGRES_DB" )
- fi
-
- PGHOST= PGHOSTADDR= "${query_runner[@]}" "$@"
-}
-
-# create initial database
-# uses environment variables for input: POSTGRES_DB
-docker_setup_db() {
- local dbAlreadyExists
- dbAlreadyExists="$(
- POSTGRES_DB= docker_process_sql --dbname postgres --set db="$POSTGRES_DB" --tuples-only <<-'EOSQL'
- SELECT 1 FROM pg_database WHERE datname = :'db' ;
- EOSQL
- )"
- if [ -z "$dbAlreadyExists" ]; then
- POSTGRES_DB= docker_process_sql --dbname postgres --set db="$POSTGRES_DB" <<-'EOSQL'
- CREATE DATABASE :"db" ;
- EOSQL
- printf '\n'
- fi
-}
-
-# Loads various settings that are used elsewhere in the script
-# This should be called before any other functions
-docker_setup_env() {
- file_env 'POSTGRES_PASSWORD'
-
- file_env 'POSTGRES_USER' 'postgres'
- file_env 'POSTGRES_DB' "$POSTGRES_USER"
- file_env 'POSTGRES_INITDB_ARGS'
- : "${POSTGRES_HOST_AUTH_METHOD:=}"
-
- declare -g DATABASE_ALREADY_EXISTS
- : "${DATABASE_ALREADY_EXISTS:=}"
- # look specifically for PG_VERSION, as it is expected in the DB dir
- if [ -s "$PGDATA/PG_VERSION" ]; then
- DATABASE_ALREADY_EXISTS='true'
- fi
-}
-
-# append POSTGRES_HOST_AUTH_METHOD to pg_hba.conf for "host" connections
-# all arguments will be passed along as arguments to `postgres` for getting the value of 'password_encryption'
-pg_setup_hba_conf() {
- # default authentication method is md5 on versions before 14
- # https://www.postgresql.org/about/news/postgresql-14-released-2318/
- if [ "$1" = 'postgres' ]; then
- shift
- fi
- local auth
- # check the default/configured encryption and use that as the auth method
- auth="$(postgres -C password_encryption "$@")"
- : "${POSTGRES_HOST_AUTH_METHOD:=$auth}"
- {
- printf '\n'
- if [ 'trust' = "$POSTGRES_HOST_AUTH_METHOD" ]; then
- printf '# warning trust is enabled for all connections\n'
- printf '# see https://www.postgresql.org/docs/12/auth-trust.html\n'
- fi
- printf 'host all all all %s\n' "$POSTGRES_HOST_AUTH_METHOD"
- } >> "$PGDATA/pg_hba.conf"
-}
-
-# start socket-only postgresql server for setting up or running scripts
-# all arguments will be passed along as arguments to `postgres` (via pg_ctl)
-docker_temp_server_start() {
- if [ "$1" = 'postgres' ]; then
- shift
- fi
-
- # internal start of server in order to allow setup using psql client
- # does not listen on external TCP/IP and waits until start finishes
- set -- "$@" -c listen_addresses='' -p "${PGPORT:-5432}"
-
- PGUSER="${PGUSER:-$POSTGRES_USER}" \
- pg_ctl -D "$PGDATA" \
- -o "$(printf '%q ' "$@")" \
- -w start
-}
-
-# stop postgresql server after done setting up user and running scripts
-docker_temp_server_stop() {
- PGUSER="${PGUSER:-postgres}" \
- pg_ctl -D "$PGDATA" -m fast -w stop
-}
-
-# check arguments for an option that would cause postgres to stop
-# return true if there is one
-_pg_want_help() {
- local arg
- for arg; do
- case "$arg" in
- # postgres --help | grep 'then exit'
- # leaving out -C on purpose since it always fails and is unhelpful:
- # postgres: could not access the server configuration file "/var/lib/postgresql/data/postgresql.conf": No such file or directory
- -'?'|--help|--describe-config|-V|--version)
- return 0
- ;;
- esac
- done
- return 1
-}
-
-_main() {
- # if first arg looks like a flag, assume we want to run postgres server
- if [ "${1:0:1}" = '-' ]; then
- set -- postgres "$@"
- fi
-
- if [ "$1" = 'postgres' ] && ! _pg_want_help "$@"; then
- docker_setup_env
- # setup data directories and permissions (when run as root)
- docker_create_db_directories
- if [ "$(id -u)" = '0' ]; then
- # then restart script as postgres user
- exec gosu postgres "$BASH_SOURCE" "$@"
- fi
-
- # only run initialization on an empty data directory
- if [ -z "$DATABASE_ALREADY_EXISTS" ]; then
- docker_verify_minimum_env
-
- # check dir permissions to reduce likelihood of half-initialized database
- ls /docker-entrypoint-initdb.d/ > /dev/null
-
- docker_init_database_dir
- pg_setup_hba_conf "$@"
-
- # PGPASSWORD is required for psql when authentication is required for 'local' connections via pg_hba.conf and is otherwise harmless
- # e.g. when '--auth=md5' or '--auth-local=md5' is used in POSTGRES_INITDB_ARGS
- export PGPASSWORD="${PGPASSWORD:-$POSTGRES_PASSWORD}"
- docker_temp_server_start "$@"
-
- docker_setup_db
- docker_process_init_files /docker-entrypoint-initdb.d/*
-
- docker_temp_server_stop
- unset PGPASSWORD
-
- cat <<-'EOM'
-
- PostgreSQL init process complete; ready for start up.
-
- EOM
- else
- cat <<-'EOM'
-
- PostgreSQL Database directory appears to contain a database; Skipping initialization
-
- EOM
- fi
- fi
-
- exec "$@"
-}
-
-if ! _is_sourced; then
- _main "$@"
-fi
diff --git a/12/bullseye/Dockerfile b/12/bullseye/Dockerfile
deleted file mode 100644
index 4bb12a3eb4..0000000000
--- a/12/bullseye/Dockerfile
+++ /dev/null
@@ -1,219 +0,0 @@
-#
-# NOTE: THIS DOCKERFILE IS GENERATED VIA "apply-templates.sh"
-#
-# PLEASE DO NOT EDIT IT DIRECTLY.
-#
-
-FROM debian:bullseye-slim
-
-# explicitly set user/group IDs
-RUN set -eux; \
- groupadd -r postgres --gid=999; \
-# https://salsa.debian.org/postgresql/postgresql-common/blob/997d842ee744687d99a2b2d95c1083a2615c79e8/debian/postgresql-common.postinst#L32-35
- useradd -r -g postgres --uid=999 --home-dir=/var/lib/postgresql --shell=/bin/bash postgres; \
-# also create the postgres user's home directory with appropriate permissions
-# see https://github.com/docker-library/postgres/issues/274
- install --verbose --directory --owner postgres --group postgres --mode 1777 /var/lib/postgresql
-
-RUN set -ex; \
- apt-get update; \
- apt-get install -y --no-install-recommends \
- gnupg \
-# https://www.postgresql.org/docs/16/app-psql.html#APP-PSQL-META-COMMAND-PSET-PAGER
-# https://github.com/postgres/postgres/blob/REL_16_1/src/include/fe_utils/print.h#L25
-# (if "less" is available, it gets used as the default pager for psql, and it only adds ~1.5MiB to our image size)
- less \
- ; \
- rm -rf /var/lib/apt/lists/*
-
-# grab gosu for easy step-down from root
-# https://github.com/tianon/gosu/releases
-ENV GOSU_VERSION 1.17
-RUN set -eux; \
- savedAptMark="$(apt-mark showmanual)"; \
- apt-get update; \
- apt-get install -y --no-install-recommends ca-certificates wget; \
- rm -rf /var/lib/apt/lists/*; \
- dpkgArch="$(dpkg --print-architecture | awk -F- '{ print $NF }')"; \
- wget -O /usr/local/bin/gosu "https://github.com/tianon/gosu/releases/download/$GOSU_VERSION/gosu-$dpkgArch"; \
- wget -O /usr/local/bin/gosu.asc "https://github.com/tianon/gosu/releases/download/$GOSU_VERSION/gosu-$dpkgArch.asc"; \
- export GNUPGHOME="$(mktemp -d)"; \
- gpg --batch --keyserver hkps://keys.openpgp.org --recv-keys B42F6819007F00F88E364FD4036A9C25BF357DD4; \
- gpg --batch --verify /usr/local/bin/gosu.asc /usr/local/bin/gosu; \
- gpgconf --kill all; \
- rm -rf "$GNUPGHOME" /usr/local/bin/gosu.asc; \
- apt-mark auto '.*' > /dev/null; \
- [ -z "$savedAptMark" ] || apt-mark manual $savedAptMark > /dev/null; \
- apt-get purge -y --auto-remove -o APT::AutoRemove::RecommendsImportant=false; \
- chmod +x /usr/local/bin/gosu; \
- gosu --version; \
- gosu nobody true
-
-# make the "en_US.UTF-8" locale so postgres will be utf-8 enabled by default
-RUN set -eux; \
- if [ -f /etc/dpkg/dpkg.cfg.d/docker ]; then \
-# if this file exists, we're likely in "debian:xxx-slim", and locales are thus being excluded so we need to remove that exclusion (since we need locales)
- grep -q '/usr/share/locale' /etc/dpkg/dpkg.cfg.d/docker; \
- sed -ri '/\/usr\/share\/locale/d' /etc/dpkg/dpkg.cfg.d/docker; \
- ! grep -q '/usr/share/locale' /etc/dpkg/dpkg.cfg.d/docker; \
- fi; \
- apt-get update; apt-get install -y --no-install-recommends locales; rm -rf /var/lib/apt/lists/*; \
- echo 'en_US.UTF-8 UTF-8' >> /etc/locale.gen; \
- locale-gen; \
- locale -a | grep 'en_US.utf8'
-ENV LANG en_US.utf8
-
-RUN set -eux; \
- apt-get update; \
- apt-get install -y --no-install-recommends \
- libnss-wrapper \
- xz-utils \
- zstd \
- ; \
- rm -rf /var/lib/apt/lists/*
-
-RUN mkdir /docker-entrypoint-initdb.d
-
-RUN set -ex; \
-# pub 4096R/ACCC4CF8 2011-10-13 [expires: 2019-07-02]
-# Key fingerprint = B97B 0AFC AA1A 47F0 44F2 44A0 7FCC 7D46 ACCC 4CF8
-# uid PostgreSQL Debian Repository
- key='B97B0AFCAA1A47F044F244A07FCC7D46ACCC4CF8'; \
- export GNUPGHOME="$(mktemp -d)"; \
- mkdir -p /usr/local/share/keyrings/; \
- gpg --batch --keyserver keyserver.ubuntu.com --recv-keys "$key"; \
- gpg --batch --export --armor "$key" > /usr/local/share/keyrings/postgres.gpg.asc; \
- gpgconf --kill all; \
- rm -rf "$GNUPGHOME"
-
-ENV PG_MAJOR 12
-ENV PATH $PATH:/usr/lib/postgresql/$PG_MAJOR/bin
-
-ENV PG_VERSION 12.22-2.pgdg110+1
-
-RUN set -ex; \
- \
-# see note below about "*.pyc" files
- export PYTHONDONTWRITEBYTECODE=1; \
- \
- dpkgArch="$(dpkg --print-architecture)"; \
- aptRepo="[ signed-by=/usr/local/share/keyrings/postgres.gpg.asc ] http://apt.postgresql.org/pub/repos/apt/ bullseye-pgdg main $PG_MAJOR"; \
- case "$dpkgArch" in \
- amd64 | arm64 | ppc64el | s390x) \
-# arches officialy built by upstream
- echo "deb $aptRepo" > /etc/apt/sources.list.d/pgdg.list; \
- apt-get update; \
- ;; \
- *) \
-# we're on an architecture upstream doesn't officially build for
-# let's build binaries from their published source packages
- echo "deb-src $aptRepo" > /etc/apt/sources.list.d/pgdg.list; \
- \
- savedAptMark="$(apt-mark showmanual)"; \
- \
- tempDir="$(mktemp -d)"; \
- cd "$tempDir"; \
- \
-# create a temporary local APT repo to install from (so that dependency resolution can be handled by APT, as it should be)
- apt-get update; \
- apt-get install -y --no-install-recommends dpkg-dev; \
- echo "deb [ trusted=yes ] file://$tempDir ./" > /etc/apt/sources.list.d/temp.list; \
- _update_repo() { \
- dpkg-scanpackages . > Packages; \
-# work around the following APT issue by using "Acquire::GzipIndexes=false" (overriding "/etc/apt/apt.conf.d/docker-gzip-indexes")
-# Could not open file /var/lib/apt/lists/partial/_tmp_tmp.ODWljpQfkE_._Packages - open (13: Permission denied)
-# ...
-# E: Failed to fetch store:/var/lib/apt/lists/partial/_tmp_tmp.ODWljpQfkE_._Packages Could not open file /var/lib/apt/lists/partial/_tmp_tmp.ODWljpQfkE_._Packages - open (13: Permission denied)
- apt-get -o Acquire::GzipIndexes=false update; \
- }; \
- _update_repo; \
- \
-# build .deb files from upstream's source packages (which are verified by apt-get)
- nproc="$(nproc)"; \
- export DEB_BUILD_OPTIONS="nocheck parallel=$nproc"; \
-# we have to build postgresql-common first because postgresql-$PG_MAJOR shares "debian/rules" logic with it: https://salsa.debian.org/postgresql/postgresql/-/commit/99f44476e258cae6bf9e919219fa2c5414fa2876
-# (and it "Depends: pgdg-keyring")
- apt-get build-dep -y postgresql-common pgdg-keyring; \
- apt-get source --compile postgresql-common pgdg-keyring; \
- _update_repo; \
- apt-get build-dep -y "postgresql-$PG_MAJOR=$PG_VERSION"; \
- apt-get source --compile "postgresql-$PG_MAJOR=$PG_VERSION"; \
- \
-# we don't remove APT lists here because they get re-downloaded and removed later
- \
-# reset apt-mark's "manual" list so that "purge --auto-remove" will remove all build dependencies
-# (which is done after we install the built packages so we don't have to redownload any overlapping dependencies)
- apt-mark showmanual | xargs apt-mark auto > /dev/null; \
- apt-mark manual $savedAptMark; \
- \
- ls -lAFh; \
- _update_repo; \
- grep '^Package: ' Packages; \
- cd /; \
- ;; \
- esac; \
- \
- apt-get install -y --no-install-recommends postgresql-common; \
- sed -ri 's/#(create_main_cluster) .*$/\1 = false/' /etc/postgresql-common/createcluster.conf; \
- apt-get install -y --no-install-recommends \
- "postgresql-$PG_MAJOR=$PG_VERSION" \
- ; \
- \
- rm -rf /var/lib/apt/lists/*; \
- \
- if [ -n "$tempDir" ]; then \
-# if we have leftovers from building, let's purge them (including extra, unnecessary build deps)
- apt-get purge -y --auto-remove; \
- rm -rf "$tempDir" /etc/apt/sources.list.d/temp.list; \
- fi; \
- \
-# some of the steps above generate a lot of "*.pyc" files (and setting "PYTHONDONTWRITEBYTECODE" beforehand doesn't propagate properly for some reason), so we clean them up manually (as long as they aren't owned by a package)
- find /usr -name '*.pyc' -type f -exec bash -c 'for pyc; do dpkg -S "$pyc" &> /dev/null || rm -vf "$pyc"; done' -- '{}' +; \
- \
- postgres --version
-
-# make the sample config easier to munge (and "correct by default")
-RUN set -eux; \
- dpkg-divert --add --rename --divert "/usr/share/postgresql/postgresql.conf.sample.dpkg" "/usr/share/postgresql/$PG_MAJOR/postgresql.conf.sample"; \
- cp -v /usr/share/postgresql/postgresql.conf.sample.dpkg /usr/share/postgresql/postgresql.conf.sample; \
- ln -sv ../postgresql.conf.sample "/usr/share/postgresql/$PG_MAJOR/"; \
- sed -ri "s!^#?(listen_addresses)\s*=\s*\S+.*!\1 = '*'!" /usr/share/postgresql/postgresql.conf.sample; \
- grep -F "listen_addresses = '*'" /usr/share/postgresql/postgresql.conf.sample
-
-RUN install --verbose --directory --owner postgres --group postgres --mode 3777 /var/run/postgresql
-
-ENV PGDATA /var/lib/postgresql/data
-# this 1777 will be replaced by 0700 at runtime (allows semi-arbitrary "--user" values)
-RUN install --verbose --directory --owner postgres --group postgres --mode 1777 "$PGDATA"
-VOLUME /var/lib/postgresql/data
-
-COPY docker-entrypoint.sh docker-ensure-initdb.sh /usr/local/bin/
-RUN ln -sT docker-ensure-initdb.sh /usr/local/bin/docker-enforce-initdb.sh
-ENTRYPOINT ["docker-entrypoint.sh"]
-
-# We set the default STOPSIGNAL to SIGINT, which corresponds to what PostgreSQL
-# calls "Fast Shutdown mode" wherein new connections are disallowed and any
-# in-progress transactions are aborted, allowing PostgreSQL to stop cleanly and
-# flush tables to disk.
-#
-# See https://www.postgresql.org/docs/current/server-shutdown.html for more details
-# about available PostgreSQL server shutdown signals.
-#
-# See also https://www.postgresql.org/docs/current/server-start.html for further
-# justification of this as the default value, namely that the example (and
-# shipped) systemd service files use the "Fast Shutdown mode" for service
-# termination.
-#
-STOPSIGNAL SIGINT
-#
-# An additional setting that is recommended for all users regardless of this
-# value is the runtime "--stop-timeout" (or your orchestrator/runtime's
-# equivalent) for controlling how long to wait between sending the defined
-# STOPSIGNAL and sending SIGKILL.
-#
-# The default in most runtimes (such as Docker) is 10 seconds, and the
-# documentation at https://www.postgresql.org/docs/current/server-start.html notes
-# that even 90 seconds may not be long enough in many instances.
-
-EXPOSE 5432
-CMD ["postgres"]
diff --git a/12/bullseye/docker-ensure-initdb.sh b/12/bullseye/docker-ensure-initdb.sh
deleted file mode 100755
index ae1f6b6b90..0000000000
--- a/12/bullseye/docker-ensure-initdb.sh
+++ /dev/null
@@ -1,71 +0,0 @@
-#!/usr/bin/env bash
-set -Eeuo pipefail
-
-#
-# This script is intended for three main use cases:
-#
-# 1. (most importantly) as an example of how to use "docker-entrypoint.sh" to extend/reuse the initialization behavior
-#
-# 2. ("docker-ensure-initdb.sh") as a Kubernetes "init container" to ensure the provided database directory is initialized; see also "startup probes" for an alternative solution
-# (no-op if database is already initialized)
-#
-# 3. ("docker-enforce-initdb.sh") as part of CI to ensure the database is fully initialized before use
-# (error if database is already initialized)
-#
-
-source /usr/local/bin/docker-entrypoint.sh
-
-# arguments to this script are assumed to be arguments to the "postgres" server (same as "docker-entrypoint.sh"), and most "docker-entrypoint.sh" functions assume "postgres" is the first argument (see "_main" over there)
-if [ "$#" -eq 0 ] || [ "$1" != 'postgres' ]; then
- set -- postgres "$@"
-fi
-
-# see also "_main" in "docker-entrypoint.sh"
-
-docker_setup_env
-# setup data directories and permissions (when run as root)
-docker_create_db_directories
-if [ "$(id -u)" = '0' ]; then
- # then restart script as postgres user
- exec gosu postgres "$BASH_SOURCE" "$@"
-fi
-
-# only run initialization on an empty data directory
-if [ -z "$DATABASE_ALREADY_EXISTS" ]; then
- docker_verify_minimum_env
-
- # check dir permissions to reduce likelihood of half-initialized database
- ls /docker-entrypoint-initdb.d/ > /dev/null
-
- docker_init_database_dir
- pg_setup_hba_conf "$@"
-
- # PGPASSWORD is required for psql when authentication is required for 'local' connections via pg_hba.conf and is otherwise harmless
- # e.g. when '--auth=md5' or '--auth-local=md5' is used in POSTGRES_INITDB_ARGS
- export PGPASSWORD="${PGPASSWORD:-$POSTGRES_PASSWORD}"
- docker_temp_server_start "$@"
-
- docker_setup_db
- docker_process_init_files /docker-entrypoint-initdb.d/*
-
- docker_temp_server_stop
- unset PGPASSWORD
-else
- self="$(basename "$0")"
- case "$self" in
- docker-ensure-initdb.sh)
- echo >&2 "$self: note: database already initialized in '$PGDATA'!"
- exit 0
- ;;
-
- docker-enforce-initdb.sh)
- echo >&2 "$self: error: (unexpected) database found in '$PGDATA'!"
- exit 1
- ;;
-
- *)
- echo >&2 "$self: error: unknown file name: $self"
- exit 99
- ;;
- esac
-fi
diff --git a/12/bullseye/docker-entrypoint.sh b/12/bullseye/docker-entrypoint.sh
deleted file mode 100755
index 6f59993e08..0000000000
--- a/12/bullseye/docker-entrypoint.sh
+++ /dev/null
@@ -1,356 +0,0 @@
-#!/usr/bin/env bash
-set -Eeo pipefail
-# TODO swap to -Eeuo pipefail above (after handling all potentially-unset variables)
-
-# usage: file_env VAR [DEFAULT]
-# ie: file_env 'XYZ_DB_PASSWORD' 'example'
-# (will allow for "$XYZ_DB_PASSWORD_FILE" to fill in the value of
-# "$XYZ_DB_PASSWORD" from a file, especially for Docker's secrets feature)
-file_env() {
- local var="$1"
- local fileVar="${var}_FILE"
- local def="${2:-}"
- if [ "${!var:-}" ] && [ "${!fileVar:-}" ]; then
- printf >&2 'error: both %s and %s are set (but are exclusive)\n' "$var" "$fileVar"
- exit 1
- fi
- local val="$def"
- if [ "${!var:-}" ]; then
- val="${!var}"
- elif [ "${!fileVar:-}" ]; then
- val="$(< "${!fileVar}")"
- fi
- export "$var"="$val"
- unset "$fileVar"
-}
-
-# check to see if this file is being run or sourced from another script
-_is_sourced() {
- # https://unix.stackexchange.com/a/215279
- [ "${#FUNCNAME[@]}" -ge 2 ] \
- && [ "${FUNCNAME[0]}" = '_is_sourced' ] \
- && [ "${FUNCNAME[1]}" = 'source' ]
-}
-
-# used to create initial postgres directories and if run as root, ensure ownership to the "postgres" user
-docker_create_db_directories() {
- local user; user="$(id -u)"
-
- mkdir -p "$PGDATA"
- # ignore failure since there are cases where we can't chmod (and PostgreSQL might fail later anyhow - it's picky about permissions of this directory)
- chmod 00700 "$PGDATA" || :
-
- # ignore failure since it will be fine when using the image provided directory; see also https://github.com/docker-library/postgres/pull/289
- mkdir -p /var/run/postgresql || :
- chmod 03775 /var/run/postgresql || :
-
- # Create the transaction log directory before initdb is run so the directory is owned by the correct user
- if [ -n "${POSTGRES_INITDB_WALDIR:-}" ]; then
- mkdir -p "$POSTGRES_INITDB_WALDIR"
- if [ "$user" = '0' ]; then
- find "$POSTGRES_INITDB_WALDIR" \! -user postgres -exec chown postgres '{}' +
- fi
- chmod 700 "$POSTGRES_INITDB_WALDIR"
- fi
-
- # allow the container to be started with `--user`
- if [ "$user" = '0' ]; then
- find "$PGDATA" \! -user postgres -exec chown postgres '{}' +
- find /var/run/postgresql \! -user postgres -exec chown postgres '{}' +
- fi
-}
-
-# initialize empty PGDATA directory with new database via 'initdb'
-# arguments to `initdb` can be passed via POSTGRES_INITDB_ARGS or as arguments to this function
-# `initdb` automatically creates the "postgres", "template0", and "template1" dbnames
-# this is also where the database user is created, specified by `POSTGRES_USER` env
-docker_init_database_dir() {
- # "initdb" is particular about the current user existing in "/etc/passwd", so we use "nss_wrapper" to fake that if necessary
- # see https://github.com/docker-library/postgres/pull/253, https://github.com/docker-library/postgres/issues/359, https://cwrap.org/nss_wrapper.html
- local uid; uid="$(id -u)"
- if ! getent passwd "$uid" &> /dev/null; then
- # see if we can find a suitable "libnss_wrapper.so" (https://salsa.debian.org/sssd-team/nss-wrapper/-/commit/b9925a653a54e24d09d9b498a2d913729f7abb15)
- local wrapper
- for wrapper in {/usr,}/lib{/*,}/libnss_wrapper.so; do
- if [ -s "$wrapper" ]; then
- NSS_WRAPPER_PASSWD="$(mktemp)"
- NSS_WRAPPER_GROUP="$(mktemp)"
- export LD_PRELOAD="$wrapper" NSS_WRAPPER_PASSWD NSS_WRAPPER_GROUP
- local gid; gid="$(id -g)"
- printf 'postgres:x:%s:%s:PostgreSQL:%s:/bin/false\n' "$uid" "$gid" "$PGDATA" > "$NSS_WRAPPER_PASSWD"
- printf 'postgres:x:%s:\n' "$gid" > "$NSS_WRAPPER_GROUP"
- break
- fi
- done
- fi
-
- if [ -n "${POSTGRES_INITDB_WALDIR:-}" ]; then
- set -- --waldir "$POSTGRES_INITDB_WALDIR" "$@"
- fi
-
- # --pwfile refuses to handle a properly-empty file (hence the "\n"): https://github.com/docker-library/postgres/issues/1025
- eval 'initdb --username="$POSTGRES_USER" --pwfile=<(printf "%s\n" "$POSTGRES_PASSWORD") '"$POSTGRES_INITDB_ARGS"' "$@"'
-
- # unset/cleanup "nss_wrapper" bits
- if [[ "${LD_PRELOAD:-}" == */libnss_wrapper.so ]]; then
- rm -f "$NSS_WRAPPER_PASSWD" "$NSS_WRAPPER_GROUP"
- unset LD_PRELOAD NSS_WRAPPER_PASSWD NSS_WRAPPER_GROUP
- fi
-}
-
-# print large warning if POSTGRES_PASSWORD is long
-# error if both POSTGRES_PASSWORD is empty and POSTGRES_HOST_AUTH_METHOD is not 'trust'
-# print large warning if POSTGRES_HOST_AUTH_METHOD is set to 'trust'
-# assumes database is not set up, ie: [ -z "$DATABASE_ALREADY_EXISTS" ]
-docker_verify_minimum_env() {
- case "${PG_MAJOR:-}" in
- 12 | 13) # https://github.com/postgres/postgres/commit/67a472d71c98c3d2fa322a1b4013080b20720b98
- # check password first so we can output the warning before postgres
- # messes it up
- if [ "${#POSTGRES_PASSWORD}" -ge 100 ]; then
- cat >&2 <<-'EOWARN'
-
- WARNING: The supplied POSTGRES_PASSWORD is 100+ characters.
-
- This will not work if used via PGPASSWORD with "psql".
-
- https://www.postgresql.org/message-id/flat/E1Rqxp2-0004Qt-PL%40wrigleys.postgresql.org (BUG #6412)
- https://github.com/docker-library/postgres/issues/507
-
- EOWARN
- fi
- ;;
- esac
- if [ -z "$POSTGRES_PASSWORD" ] && [ 'trust' != "$POSTGRES_HOST_AUTH_METHOD" ]; then
- # The - option suppresses leading tabs but *not* spaces. :)
- cat >&2 <<-'EOE'
- Error: Database is uninitialized and superuser password is not specified.
- You must specify POSTGRES_PASSWORD to a non-empty value for the
- superuser. For example, "-e POSTGRES_PASSWORD=password" on "docker run".
-
- You may also use "POSTGRES_HOST_AUTH_METHOD=trust" to allow all
- connections without a password. This is *not* recommended.
-
- See PostgreSQL documentation about "trust":
- https://www.postgresql.org/docs/current/auth-trust.html
- EOE
- exit 1
- fi
- if [ 'trust' = "$POSTGRES_HOST_AUTH_METHOD" ]; then
- cat >&2 <<-'EOWARN'
- ********************************************************************************
- WARNING: POSTGRES_HOST_AUTH_METHOD has been set to "trust". This will allow
- anyone with access to the Postgres port to access your database without
- a password, even if POSTGRES_PASSWORD is set. See PostgreSQL
- documentation about "trust":
- https://www.postgresql.org/docs/current/auth-trust.html
- In Docker's default configuration, this is effectively any other
- container on the same system.
-
- It is not recommended to use POSTGRES_HOST_AUTH_METHOD=trust. Replace
- it with "-e POSTGRES_PASSWORD=password" instead to set a password in
- "docker run".
- ********************************************************************************
- EOWARN
- fi
-}
-
-# usage: docker_process_init_files [file [file [...]]]
-# ie: docker_process_init_files /always-initdb.d/*
-# process initializer files, based on file extensions and permissions
-docker_process_init_files() {
- # psql here for backwards compatibility "${psql[@]}"
- psql=( docker_process_sql )
-
- printf '\n'
- local f
- for f; do
- case "$f" in
- *.sh)
- # https://github.com/docker-library/postgres/issues/450#issuecomment-393167936
- # https://github.com/docker-library/postgres/pull/452
- if [ -x "$f" ]; then
- printf '%s: running %s\n' "$0" "$f"
- "$f"
- else
- printf '%s: sourcing %s\n' "$0" "$f"
- . "$f"
- fi
- ;;
- *.sql) printf '%s: running %s\n' "$0" "$f"; docker_process_sql -f "$f"; printf '\n' ;;
- *.sql.gz) printf '%s: running %s\n' "$0" "$f"; gunzip -c "$f" | docker_process_sql; printf '\n' ;;
- *.sql.xz) printf '%s: running %s\n' "$0" "$f"; xzcat "$f" | docker_process_sql; printf '\n' ;;
- *.sql.zst) printf '%s: running %s\n' "$0" "$f"; zstd -dc "$f" | docker_process_sql; printf '\n' ;;
- *) printf '%s: ignoring %s\n' "$0" "$f" ;;
- esac
- printf '\n'
- done
-}
-
-# Execute sql script, passed via stdin (or -f flag of pqsl)
-# usage: docker_process_sql [psql-cli-args]
-# ie: docker_process_sql --dbname=mydb <<<'INSERT ...'
-# ie: docker_process_sql -f my-file.sql
-# ie: docker_process_sql <my-file.sql
-docker_process_sql() {
- local query_runner=( psql -v ON_ERROR_STOP=1 --username "$POSTGRES_USER" --no-password --no-psqlrc )
- if [ -n "$POSTGRES_DB" ]; then
- query_runner+=( --dbname "$POSTGRES_DB" )
- fi
-
- PGHOST= PGHOSTADDR= "${query_runner[@]}" "$@"
-}
-
-# create initial database
-# uses environment variables for input: POSTGRES_DB
-docker_setup_db() {
- local dbAlreadyExists
- dbAlreadyExists="$(
- POSTGRES_DB= docker_process_sql --dbname postgres --set db="$POSTGRES_DB" --tuples-only <<-'EOSQL'
- SELECT 1 FROM pg_database WHERE datname = :'db' ;
- EOSQL
- )"
- if [ -z "$dbAlreadyExists" ]; then
- POSTGRES_DB= docker_process_sql --dbname postgres --set db="$POSTGRES_DB" <<-'EOSQL'
- CREATE DATABASE :"db" ;
- EOSQL
- printf '\n'
- fi
-}
-
-# Loads various settings that are used elsewhere in the script
-# This should be called before any other functions
-docker_setup_env() {
- file_env 'POSTGRES_PASSWORD'
-
- file_env 'POSTGRES_USER' 'postgres'
- file_env 'POSTGRES_DB' "$POSTGRES_USER"
- file_env 'POSTGRES_INITDB_ARGS'
- : "${POSTGRES_HOST_AUTH_METHOD:=}"
-
- declare -g DATABASE_ALREADY_EXISTS
- : "${DATABASE_ALREADY_EXISTS:=}"
- # look specifically for PG_VERSION, as it is expected in the DB dir
- if [ -s "$PGDATA/PG_VERSION" ]; then
- DATABASE_ALREADY_EXISTS='true'
- fi
-}
-
-# append POSTGRES_HOST_AUTH_METHOD to pg_hba.conf for "host" connections
-# all arguments will be passed along as arguments to `postgres` for getting the value of 'password_encryption'
-pg_setup_hba_conf() {
- # default authentication method is md5 on versions before 14
- # https://www.postgresql.org/about/news/postgresql-14-released-2318/
- if [ "$1" = 'postgres' ]; then
- shift
- fi
- local auth
- # check the default/configured encryption and use that as the auth method
- auth="$(postgres -C password_encryption "$@")"
- : "${POSTGRES_HOST_AUTH_METHOD:=$auth}"
- {
- printf '\n'
- if [ 'trust' = "$POSTGRES_HOST_AUTH_METHOD" ]; then
- printf '# warning trust is enabled for all connections\n'
- printf '# see https://www.postgresql.org/docs/12/auth-trust.html\n'
- fi
- printf 'host all all all %s\n' "$POSTGRES_HOST_AUTH_METHOD"
- } >> "$PGDATA/pg_hba.conf"
-}
-
-# start socket-only postgresql server for setting up or running scripts
-# all arguments will be passed along as arguments to `postgres` (via pg_ctl)
-docker_temp_server_start() {
- if [ "$1" = 'postgres' ]; then
- shift
- fi
-
- # internal start of server in order to allow setup using psql client
- # does not listen on external TCP/IP and waits until start finishes
- set -- "$@" -c listen_addresses='' -p "${PGPORT:-5432}"
-
- PGUSER="${PGUSER:-$POSTGRES_USER}" \
- pg_ctl -D "$PGDATA" \
- -o "$(printf '%q ' "$@")" \
- -w start
-}
-
-# stop postgresql server after done setting up user and running scripts
-docker_temp_server_stop() {
- PGUSER="${PGUSER:-postgres}" \
- pg_ctl -D "$PGDATA" -m fast -w stop
-}
-
-# check arguments for an option that would cause postgres to stop
-# return true if there is one
-_pg_want_help() {
- local arg
- for arg; do
- case "$arg" in
- # postgres --help | grep 'then exit'
- # leaving out -C on purpose since it always fails and is unhelpful:
- # postgres: could not access the server configuration file "/var/lib/postgresql/data/postgresql.conf": No such file or directory
- -'?'|--help|--describe-config|-V|--version)
- return 0
- ;;
- esac
- done
- return 1
-}
-
-_main() {
- # if first arg looks like a flag, assume we want to run postgres server
- if [ "${1:0:1}" = '-' ]; then
- set -- postgres "$@"
- fi
-
- if [ "$1" = 'postgres' ] && ! _pg_want_help "$@"; then
- docker_setup_env
- # setup data directories and permissions (when run as root)
- docker_create_db_directories
- if [ "$(id -u)" = '0' ]; then
- # then restart script as postgres user
- exec gosu postgres "$BASH_SOURCE" "$@"
- fi
-
- # only run initialization on an empty data directory
- if [ -z "$DATABASE_ALREADY_EXISTS" ]; then
- docker_verify_minimum_env
-
- # check dir permissions to reduce likelihood of half-initialized database
- ls /docker-entrypoint-initdb.d/ > /dev/null
-
- docker_init_database_dir
- pg_setup_hba_conf "$@"
-
- # PGPASSWORD is required for psql when authentication is required for 'local' connections via pg_hba.conf and is otherwise harmless
- # e.g. when '--auth=md5' or '--auth-local=md5' is used in POSTGRES_INITDB_ARGS
- export PGPASSWORD="${PGPASSWORD:-$POSTGRES_PASSWORD}"
- docker_temp_server_start "$@"
-
- docker_setup_db
- docker_process_init_files /docker-entrypoint-initdb.d/*
-
- docker_temp_server_stop
- unset PGPASSWORD
-
- cat <<-'EOM'
-
- PostgreSQL init process complete; ready for start up.
-
- EOM
- else
- cat <<-'EOM'
-
- PostgreSQL Database directory appears to contain a database; Skipping initialization
-
- EOM
- fi
- fi
-
- exec "$@"
-}
-
-if ! _is_sourced; then
- _main "$@"
-fi
diff --git a/13/alpine3.20/Dockerfile b/13/alpine3.20/Dockerfile
index a65cf3e580..e11f7276b4 100644
--- a/13/alpine3.20/Dockerfile
+++ b/13/alpine3.20/Dockerfile
@@ -7,7 +7,7 @@
FROM alpine:3.20
# 70 is the standard uid/gid for "postgres" in Alpine
-# https://git.alpinelinux.org/aports/tree/main/postgresql/postgresql.pre-install?h=3.12-stable
+# https://git.alpinelinux.org/aports/tree/main/postgresql-common/postgresql-common.pre-install?h=3.21-stable
RUN set -eux; \
addgroup -g 70 -S postgres; \
adduser -u 70 -S -D -G postgres -H -h /var/lib/postgresql -s /bin/sh postgres; \
diff --git a/13/alpine3.20/docker-entrypoint.sh b/13/alpine3.20/docker-entrypoint.sh
index 6f59993e08..d09b5388a0 100755
--- a/13/alpine3.20/docker-entrypoint.sh
+++ b/13/alpine3.20/docker-entrypoint.sh
@@ -104,7 +104,7 @@ docker_init_database_dir() {
# assumes database is not set up, ie: [ -z "$DATABASE_ALREADY_EXISTS" ]
docker_verify_minimum_env() {
case "${PG_MAJOR:-}" in
- 12 | 13) # https://github.com/postgres/postgres/commit/67a472d71c98c3d2fa322a1b4013080b20720b98
+ 13) # https://github.com/postgres/postgres/commit/67a472d71c98c3d2fa322a1b4013080b20720b98
# check password first so we can output the warning before postgres
# messes it up
if [ "${#POSTGRES_PASSWORD}" -ge 100 ]; then
@@ -252,7 +252,7 @@ pg_setup_hba_conf() {
printf '\n'
if [ 'trust' = "$POSTGRES_HOST_AUTH_METHOD" ]; then
printf '# warning trust is enabled for all connections\n'
- printf '# see https://www.postgresql.org/docs/12/auth-trust.html\n'
+ printf '# see https://www.postgresql.org/docs/17/auth-trust.html\n'
fi
printf 'host all all all %s\n' "$POSTGRES_HOST_AUTH_METHOD"
} >> "$PGDATA/pg_hba.conf"
diff --git a/13/alpine3.21/Dockerfile b/13/alpine3.21/Dockerfile
index 74c92fc237..f80b09f620 100644
--- a/13/alpine3.21/Dockerfile
+++ b/13/alpine3.21/Dockerfile
@@ -7,7 +7,7 @@
FROM alpine:3.21
# 70 is the standard uid/gid for "postgres" in Alpine
-# https://git.alpinelinux.org/aports/tree/main/postgresql/postgresql.pre-install?h=3.12-stable
+# https://git.alpinelinux.org/aports/tree/main/postgresql-common/postgresql-common.pre-install?h=3.21-stable
RUN set -eux; \
addgroup -g 70 -S postgres; \
adduser -u 70 -S -D -G postgres -H -h /var/lib/postgresql -s /bin/sh postgres; \
diff --git a/13/alpine3.21/docker-entrypoint.sh b/13/alpine3.21/docker-entrypoint.sh
index 6f59993e08..d09b5388a0 100755
--- a/13/alpine3.21/docker-entrypoint.sh
+++ b/13/alpine3.21/docker-entrypoint.sh
@@ -104,7 +104,7 @@ docker_init_database_dir() {
# assumes database is not set up, ie: [ -z "$DATABASE_ALREADY_EXISTS" ]
docker_verify_minimum_env() {
case "${PG_MAJOR:-}" in
- 12 | 13) # https://github.com/postgres/postgres/commit/67a472d71c98c3d2fa322a1b4013080b20720b98
+ 13) # https://github.com/postgres/postgres/commit/67a472d71c98c3d2fa322a1b4013080b20720b98
# check password first so we can output the warning before postgres
# messes it up
if [ "${#POSTGRES_PASSWORD}" -ge 100 ]; then
@@ -252,7 +252,7 @@ pg_setup_hba_conf() {
printf '\n'
if [ 'trust' = "$POSTGRES_HOST_AUTH_METHOD" ]; then
printf '# warning trust is enabled for all connections\n'
- printf '# see https://www.postgresql.org/docs/12/auth-trust.html\n'
+ printf '# see https://www.postgresql.org/docs/17/auth-trust.html\n'
fi
printf 'host all all all %s\n' "$POSTGRES_HOST_AUTH_METHOD"
} >> "$PGDATA/pg_hba.conf"
diff --git a/13/bookworm/docker-entrypoint.sh b/13/bookworm/docker-entrypoint.sh
index 6f59993e08..d09b5388a0 100755
--- a/13/bookworm/docker-entrypoint.sh
+++ b/13/bookworm/docker-entrypoint.sh
@@ -104,7 +104,7 @@ docker_init_database_dir() {
# assumes database is not set up, ie: [ -z "$DATABASE_ALREADY_EXISTS" ]
docker_verify_minimum_env() {
case "${PG_MAJOR:-}" in
- 12 | 13) # https://github.com/postgres/postgres/commit/67a472d71c98c3d2fa322a1b4013080b20720b98
+ 13) # https://github.com/postgres/postgres/commit/67a472d71c98c3d2fa322a1b4013080b20720b98
# check password first so we can output the warning before postgres
# messes it up
if [ "${#POSTGRES_PASSWORD}" -ge 100 ]; then
@@ -252,7 +252,7 @@ pg_setup_hba_conf() {
printf '\n'
if [ 'trust' = "$POSTGRES_HOST_AUTH_METHOD" ]; then
printf '# warning trust is enabled for all connections\n'
- printf '# see https://www.postgresql.org/docs/12/auth-trust.html\n'
+ printf '# see https://www.postgresql.org/docs/17/auth-trust.html\n'
fi
printf 'host all all all %s\n' "$POSTGRES_HOST_AUTH_METHOD"
} >> "$PGDATA/pg_hba.conf"
diff --git a/13/bullseye/docker-entrypoint.sh b/13/bullseye/docker-entrypoint.sh
index 6f59993e08..d09b5388a0 100755
--- a/13/bullseye/docker-entrypoint.sh
+++ b/13/bullseye/docker-entrypoint.sh
@@ -104,7 +104,7 @@ docker_init_database_dir() {
# assumes database is not set up, ie: [ -z "$DATABASE_ALREADY_EXISTS" ]
docker_verify_minimum_env() {
case "${PG_MAJOR:-}" in
- 12 | 13) # https://github.com/postgres/postgres/commit/67a472d71c98c3d2fa322a1b4013080b20720b98
+ 13) # https://github.com/postgres/postgres/commit/67a472d71c98c3d2fa322a1b4013080b20720b98
# check password first so we can output the warning before postgres
# messes it up
if [ "${#POSTGRES_PASSWORD}" -ge 100 ]; then
@@ -252,7 +252,7 @@ pg_setup_hba_conf() {
printf '\n'
if [ 'trust' = "$POSTGRES_HOST_AUTH_METHOD" ]; then
printf '# warning trust is enabled for all connections\n'
- printf '# see https://www.postgresql.org/docs/12/auth-trust.html\n'
+ printf '# see https://www.postgresql.org/docs/17/auth-trust.html\n'
fi
printf 'host all all all %s\n' "$POSTGRES_HOST_AUTH_METHOD"
} >> "$PGDATA/pg_hba.conf"
diff --git a/14/alpine3.20/Dockerfile b/14/alpine3.20/Dockerfile
index c9dfbdea53..48231edcbd 100644
--- a/14/alpine3.20/Dockerfile
+++ b/14/alpine3.20/Dockerfile
@@ -7,7 +7,7 @@
FROM alpine:3.20
# 70 is the standard uid/gid for "postgres" in Alpine
-# https://git.alpinelinux.org/aports/tree/main/postgresql/postgresql.pre-install?h=3.12-stable
+# https://git.alpinelinux.org/aports/tree/main/postgresql-common/postgresql-common.pre-install?h=3.21-stable
RUN set -eux; \
addgroup -g 70 -S postgres; \
adduser -u 70 -S -D -G postgres -H -h /var/lib/postgresql -s /bin/sh postgres; \
diff --git a/14/alpine3.20/docker-entrypoint.sh b/14/alpine3.20/docker-entrypoint.sh
index 6f59993e08..d09b5388a0 100755
--- a/14/alpine3.20/docker-entrypoint.sh
+++ b/14/alpine3.20/docker-entrypoint.sh
@@ -104,7 +104,7 @@ docker_init_database_dir() {
# assumes database is not set up, ie: [ -z "$DATABASE_ALREADY_EXISTS" ]
docker_verify_minimum_env() {
case "${PG_MAJOR:-}" in
- 12 | 13) # https://github.com/postgres/postgres/commit/67a472d71c98c3d2fa322a1b4013080b20720b98
+ 13) # https://github.com/postgres/postgres/commit/67a472d71c98c3d2fa322a1b4013080b20720b98
# check password first so we can output the warning before postgres
# messes it up
if [ "${#POSTGRES_PASSWORD}" -ge 100 ]; then
@@ -252,7 +252,7 @@ pg_setup_hba_conf() {
printf '\n'
if [ 'trust' = "$POSTGRES_HOST_AUTH_METHOD" ]; then
printf '# warning trust is enabled for all connections\n'
- printf '# see https://www.postgresql.org/docs/12/auth-trust.html\n'
+ printf '# see https://www.postgresql.org/docs/17/auth-trust.html\n'
fi
printf 'host all all all %s\n' "$POSTGRES_HOST_AUTH_METHOD"
} >> "$PGDATA/pg_hba.conf"
diff --git a/14/alpine3.21/Dockerfile b/14/alpine3.21/Dockerfile
index ff2107486e..71879fac7f 100644
--- a/14/alpine3.21/Dockerfile
+++ b/14/alpine3.21/Dockerfile
@@ -7,7 +7,7 @@
FROM alpine:3.21
# 70 is the standard uid/gid for "postgres" in Alpine
-# https://git.alpinelinux.org/aports/tree/main/postgresql/postgresql.pre-install?h=3.12-stable
+# https://git.alpinelinux.org/aports/tree/main/postgresql-common/postgresql-common.pre-install?h=3.21-stable
RUN set -eux; \
addgroup -g 70 -S postgres; \
adduser -u 70 -S -D -G postgres -H -h /var/lib/postgresql -s /bin/sh postgres; \
diff --git a/14/alpine3.21/docker-entrypoint.sh b/14/alpine3.21/docker-entrypoint.sh
index 6f59993e08..d09b5388a0 100755
--- a/14/alpine3.21/docker-entrypoint.sh
+++ b/14/alpine3.21/docker-entrypoint.sh
@@ -104,7 +104,7 @@ docker_init_database_dir() {
# assumes database is not set up, ie: [ -z "$DATABASE_ALREADY_EXISTS" ]
docker_verify_minimum_env() {
case "${PG_MAJOR:-}" in
- 12 | 13) # https://github.com/postgres/postgres/commit/67a472d71c98c3d2fa322a1b4013080b20720b98
+ 13) # https://github.com/postgres/postgres/commit/67a472d71c98c3d2fa322a1b4013080b20720b98
# check password first so we can output the warning before postgres
# messes it up
if [ "${#POSTGRES_PASSWORD}" -ge 100 ]; then
@@ -252,7 +252,7 @@ pg_setup_hba_conf() {
printf '\n'
if [ 'trust' = "$POSTGRES_HOST_AUTH_METHOD" ]; then
printf '# warning trust is enabled for all connections\n'
- printf '# see https://www.postgresql.org/docs/12/auth-trust.html\n'
+ printf '# see https://www.postgresql.org/docs/17/auth-trust.html\n'
fi
printf 'host all all all %s\n' "$POSTGRES_HOST_AUTH_METHOD"
} >> "$PGDATA/pg_hba.conf"
diff --git a/14/bookworm/docker-entrypoint.sh b/14/bookworm/docker-entrypoint.sh
index 6f59993e08..d09b5388a0 100755
--- a/14/bookworm/docker-entrypoint.sh
+++ b/14/bookworm/docker-entrypoint.sh
@@ -104,7 +104,7 @@ docker_init_database_dir() {
# assumes database is not set up, ie: [ -z "$DATABASE_ALREADY_EXISTS" ]
docker_verify_minimum_env() {
case "${PG_MAJOR:-}" in
- 12 | 13) # https://github.com/postgres/postgres/commit/67a472d71c98c3d2fa322a1b4013080b20720b98
+ 13) # https://github.com/postgres/postgres/commit/67a472d71c98c3d2fa322a1b4013080b20720b98
# check password first so we can output the warning before postgres
# messes it up
if [ "${#POSTGRES_PASSWORD}" -ge 100 ]; then
@@ -252,7 +252,7 @@ pg_setup_hba_conf() {
printf '\n'
if [ 'trust' = "$POSTGRES_HOST_AUTH_METHOD" ]; then
printf '# warning trust is enabled for all connections\n'
- printf '# see https://www.postgresql.org/docs/12/auth-trust.html\n'
+ printf '# see https://www.postgresql.org/docs/17/auth-trust.html\n'
fi
printf 'host all all all %s\n' "$POSTGRES_HOST_AUTH_METHOD"
} >> "$PGDATA/pg_hba.conf"
diff --git a/14/bullseye/docker-entrypoint.sh b/14/bullseye/docker-entrypoint.sh
index 6f59993e08..d09b5388a0 100755
--- a/14/bullseye/docker-entrypoint.sh
+++ b/14/bullseye/docker-entrypoint.sh
@@ -104,7 +104,7 @@ docker_init_database_dir() {
# assumes database is not set up, ie: [ -z "$DATABASE_ALREADY_EXISTS" ]
docker_verify_minimum_env() {
case "${PG_MAJOR:-}" in
- 12 | 13) # https://github.com/postgres/postgres/commit/67a472d71c98c3d2fa322a1b4013080b20720b98
+ 13) # https://github.com/postgres/postgres/commit/67a472d71c98c3d2fa322a1b4013080b20720b98
# check password first so we can output the warning before postgres
# messes it up
if [ "${#POSTGRES_PASSWORD}" -ge 100 ]; then
@@ -252,7 +252,7 @@ pg_setup_hba_conf() {
printf '\n'
if [ 'trust' = "$POSTGRES_HOST_AUTH_METHOD" ]; then
printf '# warning trust is enabled for all connections\n'
- printf '# see https://www.postgresql.org/docs/12/auth-trust.html\n'
+ printf '# see https://www.postgresql.org/docs/17/auth-trust.html\n'
fi
printf 'host all all all %s\n' "$POSTGRES_HOST_AUTH_METHOD"
} >> "$PGDATA/pg_hba.conf"
diff --git a/15/alpine3.20/Dockerfile b/15/alpine3.20/Dockerfile
index baa5fea81a..d62f9c991d 100644
--- a/15/alpine3.20/Dockerfile
+++ b/15/alpine3.20/Dockerfile
@@ -7,7 +7,7 @@
FROM alpine:3.20
# 70 is the standard uid/gid for "postgres" in Alpine
-# https://git.alpinelinux.org/aports/tree/main/postgresql/postgresql.pre-install?h=3.12-stable
+# https://git.alpinelinux.org/aports/tree/main/postgresql-common/postgresql-common.pre-install?h=3.21-stable
RUN set -eux; \
addgroup -g 70 -S postgres; \
adduser -u 70 -S -D -G postgres -H -h /var/lib/postgresql -s /bin/sh postgres; \
diff --git a/15/alpine3.20/docker-entrypoint.sh b/15/alpine3.20/docker-entrypoint.sh
index 6f59993e08..d09b5388a0 100755
--- a/15/alpine3.20/docker-entrypoint.sh
+++ b/15/alpine3.20/docker-entrypoint.sh
@@ -104,7 +104,7 @@ docker_init_database_dir() {
# assumes database is not set up, ie: [ -z "$DATABASE_ALREADY_EXISTS" ]
docker_verify_minimum_env() {
case "${PG_MAJOR:-}" in
- 12 | 13) # https://github.com/postgres/postgres/commit/67a472d71c98c3d2fa322a1b4013080b20720b98
+ 13) # https://github.com/postgres/postgres/commit/67a472d71c98c3d2fa322a1b4013080b20720b98
# check password first so we can output the warning before postgres
# messes it up
if [ "${#POSTGRES_PASSWORD}" -ge 100 ]; then
@@ -252,7 +252,7 @@ pg_setup_hba_conf() {
printf '\n'
if [ 'trust' = "$POSTGRES_HOST_AUTH_METHOD" ]; then
printf '# warning trust is enabled for all connections\n'
- printf '# see https://www.postgresql.org/docs/12/auth-trust.html\n'
+ printf '# see https://www.postgresql.org/docs/17/auth-trust.html\n'
fi
printf 'host all all all %s\n' "$POSTGRES_HOST_AUTH_METHOD"
} >> "$PGDATA/pg_hba.conf"
diff --git a/15/alpine3.21/Dockerfile b/15/alpine3.21/Dockerfile
index c942494d34..ba2ad31a03 100644
--- a/15/alpine3.21/Dockerfile
+++ b/15/alpine3.21/Dockerfile
@@ -7,7 +7,7 @@
FROM alpine:3.21
# 70 is the standard uid/gid for "postgres" in Alpine
-# https://git.alpinelinux.org/aports/tree/main/postgresql/postgresql.pre-install?h=3.12-stable
+# https://git.alpinelinux.org/aports/tree/main/postgresql-common/postgresql-common.pre-install?h=3.21-stable
RUN set -eux; \
addgroup -g 70 -S postgres; \
adduser -u 70 -S -D -G postgres -H -h /var/lib/postgresql -s /bin/sh postgres; \
diff --git a/15/alpine3.21/docker-entrypoint.sh b/15/alpine3.21/docker-entrypoint.sh
index 6f59993e08..d09b5388a0 100755
--- a/15/alpine3.21/docker-entrypoint.sh
+++ b/15/alpine3.21/docker-entrypoint.sh
@@ -104,7 +104,7 @@ docker_init_database_dir() {
# assumes database is not set up, ie: [ -z "$DATABASE_ALREADY_EXISTS" ]
docker_verify_minimum_env() {
case "${PG_MAJOR:-}" in
- 12 | 13) # https://github.com/postgres/postgres/commit/67a472d71c98c3d2fa322a1b4013080b20720b98
+ 13) # https://github.com/postgres/postgres/commit/67a472d71c98c3d2fa322a1b4013080b20720b98
# check password first so we can output the warning before postgres
# messes it up
if [ "${#POSTGRES_PASSWORD}" -ge 100 ]; then
@@ -252,7 +252,7 @@ pg_setup_hba_conf() {
printf '\n'
if [ 'trust' = "$POSTGRES_HOST_AUTH_METHOD" ]; then
printf '# warning trust is enabled for all connections\n'
- printf '# see https://www.postgresql.org/docs/12/auth-trust.html\n'
+ printf '# see https://www.postgresql.org/docs/17/auth-trust.html\n'
fi
printf 'host all all all %s\n' "$POSTGRES_HOST_AUTH_METHOD"
} >> "$PGDATA/pg_hba.conf"
diff --git a/15/bookworm/docker-entrypoint.sh b/15/bookworm/docker-entrypoint.sh
index 6f59993e08..d09b5388a0 100755
--- a/15/bookworm/docker-entrypoint.sh
+++ b/15/bookworm/docker-entrypoint.sh
@@ -104,7 +104,7 @@ docker_init_database_dir() {
# assumes database is not set up, ie: [ -z "$DATABASE_ALREADY_EXISTS" ]
docker_verify_minimum_env() {
case "${PG_MAJOR:-}" in
- 12 | 13) # https://github.com/postgres/postgres/commit/67a472d71c98c3d2fa322a1b4013080b20720b98
+ 13) # https://github.com/postgres/postgres/commit/67a472d71c98c3d2fa322a1b4013080b20720b98
# check password first so we can output the warning before postgres
# messes it up
if [ "${#POSTGRES_PASSWORD}" -ge 100 ]; then
@@ -252,7 +252,7 @@ pg_setup_hba_conf() {
printf '\n'
if [ 'trust' = "$POSTGRES_HOST_AUTH_METHOD" ]; then
printf '# warning trust is enabled for all connections\n'
- printf '# see https://www.postgresql.org/docs/12/auth-trust.html\n'
+ printf '# see https://www.postgresql.org/docs/17/auth-trust.html\n'
fi
printf 'host all all all %s\n' "$POSTGRES_HOST_AUTH_METHOD"
} >> "$PGDATA/pg_hba.conf"
diff --git a/15/bullseye/docker-entrypoint.sh b/15/bullseye/docker-entrypoint.sh
index 6f59993e08..d09b5388a0 100755
--- a/15/bullseye/docker-entrypoint.sh
+++ b/15/bullseye/docker-entrypoint.sh
@@ -104,7 +104,7 @@ docker_init_database_dir() {
# assumes database is not set up, ie: [ -z "$DATABASE_ALREADY_EXISTS" ]
docker_verify_minimum_env() {
case "${PG_MAJOR:-}" in
- 12 | 13) # https://github.com/postgres/postgres/commit/67a472d71c98c3d2fa322a1b4013080b20720b98
+ 13) # https://github.com/postgres/postgres/commit/67a472d71c98c3d2fa322a1b4013080b20720b98
# check password first so we can output the warning before postgres
# messes it up
if [ "${#POSTGRES_PASSWORD}" -ge 100 ]; then
@@ -252,7 +252,7 @@ pg_setup_hba_conf() {
printf '\n'
if [ 'trust' = "$POSTGRES_HOST_AUTH_METHOD" ]; then
printf '# warning trust is enabled for all connections\n'
- printf '# see https://www.postgresql.org/docs/12/auth-trust.html\n'
+ printf '# see https://www.postgresql.org/docs/17/auth-trust.html\n'
fi
printf 'host all all all %s\n' "$POSTGRES_HOST_AUTH_METHOD"
} >> "$PGDATA/pg_hba.conf"
diff --git a/16/alpine3.20/Dockerfile b/16/alpine3.20/Dockerfile
index 7c898dbcb5..3f9a790c74 100644
--- a/16/alpine3.20/Dockerfile
+++ b/16/alpine3.20/Dockerfile
@@ -7,7 +7,7 @@
FROM alpine:3.20
# 70 is the standard uid/gid for "postgres" in Alpine
-# https://git.alpinelinux.org/aports/tree/main/postgresql/postgresql.pre-install?h=3.12-stable
+# https://git.alpinelinux.org/aports/tree/main/postgresql-common/postgresql-common.pre-install?h=3.21-stable
RUN set -eux; \
addgroup -g 70 -S postgres; \
adduser -u 70 -S -D -G postgres -H -h /var/lib/postgresql -s /bin/sh postgres; \
diff --git a/16/alpine3.20/docker-entrypoint.sh b/16/alpine3.20/docker-entrypoint.sh
index 6f59993e08..d09b5388a0 100755
--- a/16/alpine3.20/docker-entrypoint.sh
+++ b/16/alpine3.20/docker-entrypoint.sh
@@ -104,7 +104,7 @@ docker_init_database_dir() {
# assumes database is not set up, ie: [ -z "$DATABASE_ALREADY_EXISTS" ]
docker_verify_minimum_env() {
case "${PG_MAJOR:-}" in
- 12 | 13) # https://github.com/postgres/postgres/commit/67a472d71c98c3d2fa322a1b4013080b20720b98
+ 13) # https://github.com/postgres/postgres/commit/67a472d71c98c3d2fa322a1b4013080b20720b98
# check password first so we can output the warning before postgres
# messes it up
if [ "${#POSTGRES_PASSWORD}" -ge 100 ]; then
@@ -252,7 +252,7 @@ pg_setup_hba_conf() {
printf '\n'
if [ 'trust' = "$POSTGRES_HOST_AUTH_METHOD" ]; then
printf '# warning trust is enabled for all connections\n'
- printf '# see https://www.postgresql.org/docs/12/auth-trust.html\n'
+ printf '# see https://www.postgresql.org/docs/17/auth-trust.html\n'
fi
printf 'host all all all %s\n' "$POSTGRES_HOST_AUTH_METHOD"
} >> "$PGDATA/pg_hba.conf"
diff --git a/16/alpine3.21/Dockerfile b/16/alpine3.21/Dockerfile
index 2c90ad3792..6951165d92 100644
--- a/16/alpine3.21/Dockerfile
+++ b/16/alpine3.21/Dockerfile
@@ -7,7 +7,7 @@
FROM alpine:3.21
# 70 is the standard uid/gid for "postgres" in Alpine
-# https://git.alpinelinux.org/aports/tree/main/postgresql/postgresql.pre-install?h=3.12-stable
+# https://git.alpinelinux.org/aports/tree/main/postgresql-common/postgresql-common.pre-install?h=3.21-stable
RUN set -eux; \
addgroup -g 70 -S postgres; \
adduser -u 70 -S -D -G postgres -H -h /var/lib/postgresql -s /bin/sh postgres; \
diff --git a/16/alpine3.21/docker-entrypoint.sh b/16/alpine3.21/docker-entrypoint.sh
index 6f59993e08..d09b5388a0 100755
--- a/16/alpine3.21/docker-entrypoint.sh
+++ b/16/alpine3.21/docker-entrypoint.sh
@@ -104,7 +104,7 @@ docker_init_database_dir() {
# assumes database is not set up, ie: [ -z "$DATABASE_ALREADY_EXISTS" ]
docker_verify_minimum_env() {
case "${PG_MAJOR:-}" in
- 12 | 13) # https://github.com/postgres/postgres/commit/67a472d71c98c3d2fa322a1b4013080b20720b98
+ 13) # https://github.com/postgres/postgres/commit/67a472d71c98c3d2fa322a1b4013080b20720b98
# check password first so we can output the warning before postgres
# messes it up
if [ "${#POSTGRES_PASSWORD}" -ge 100 ]; then
@@ -252,7 +252,7 @@ pg_setup_hba_conf() {
printf '\n'
if [ 'trust' = "$POSTGRES_HOST_AUTH_METHOD" ]; then
printf '# warning trust is enabled for all connections\n'
- printf '# see https://www.postgresql.org/docs/12/auth-trust.html\n'
+ printf '# see https://www.postgresql.org/docs/17/auth-trust.html\n'
fi
printf 'host all all all %s\n' "$POSTGRES_HOST_AUTH_METHOD"
} >> "$PGDATA/pg_hba.conf"
diff --git a/16/bookworm/docker-entrypoint.sh b/16/bookworm/docker-entrypoint.sh
index 6f59993e08..d09b5388a0 100755
--- a/16/bookworm/docker-entrypoint.sh
+++ b/16/bookworm/docker-entrypoint.sh
@@ -104,7 +104,7 @@ docker_init_database_dir() {
# assumes database is not set up, ie: [ -z "$DATABASE_ALREADY_EXISTS" ]
docker_verify_minimum_env() {
case "${PG_MAJOR:-}" in
- 12 | 13) # https://github.com/postgres/postgres/commit/67a472d71c98c3d2fa322a1b4013080b20720b98
+ 13) # https://github.com/postgres/postgres/commit/67a472d71c98c3d2fa322a1b4013080b20720b98
# check password first so we can output the warning before postgres
# messes it up
if [ "${#POSTGRES_PASSWORD}" -ge 100 ]; then
@@ -252,7 +252,7 @@ pg_setup_hba_conf() {
printf '\n'
if [ 'trust' = "$POSTGRES_HOST_AUTH_METHOD" ]; then
printf '# warning trust is enabled for all connections\n'
- printf '# see https://www.postgresql.org/docs/12/auth-trust.html\n'
+ printf '# see https://www.postgresql.org/docs/17/auth-trust.html\n'
fi
printf 'host all all all %s\n' "$POSTGRES_HOST_AUTH_METHOD"
} >> "$PGDATA/pg_hba.conf"
diff --git a/16/bullseye/docker-entrypoint.sh b/16/bullseye/docker-entrypoint.sh
index 6f59993e08..d09b5388a0 100755
--- a/16/bullseye/docker-entrypoint.sh
+++ b/16/bullseye/docker-entrypoint.sh
@@ -104,7 +104,7 @@ docker_init_database_dir() {
# assumes database is not set up, ie: [ -z "$DATABASE_ALREADY_EXISTS" ]
docker_verify_minimum_env() {
case "${PG_MAJOR:-}" in
- 12 | 13) # https://github.com/postgres/postgres/commit/67a472d71c98c3d2fa322a1b4013080b20720b98
+ 13) # https://github.com/postgres/postgres/commit/67a472d71c98c3d2fa322a1b4013080b20720b98
# check password first so we can output the warning before postgres
# messes it up
if [ "${#POSTGRES_PASSWORD}" -ge 100 ]; then
@@ -252,7 +252,7 @@ pg_setup_hba_conf() {
printf '\n'
if [ 'trust' = "$POSTGRES_HOST_AUTH_METHOD" ]; then
printf '# warning trust is enabled for all connections\n'
- printf '# see https://www.postgresql.org/docs/12/auth-trust.html\n'
+ printf '# see https://www.postgresql.org/docs/17/auth-trust.html\n'
fi
printf 'host all all all %s\n' "$POSTGRES_HOST_AUTH_METHOD"
} >> "$PGDATA/pg_hba.conf"
diff --git a/17/alpine3.20/Dockerfile b/17/alpine3.20/Dockerfile
index d3e1131068..af93219a57 100644
--- a/17/alpine3.20/Dockerfile
+++ b/17/alpine3.20/Dockerfile
@@ -7,7 +7,7 @@
FROM alpine:3.20
# 70 is the standard uid/gid for "postgres" in Alpine
-# https://git.alpinelinux.org/aports/tree/main/postgresql/postgresql.pre-install?h=3.12-stable
+# https://git.alpinelinux.org/aports/tree/main/postgresql-common/postgresql-common.pre-install?h=3.21-stable
RUN set -eux; \
addgroup -g 70 -S postgres; \
adduser -u 70 -S -D -G postgres -H -h /var/lib/postgresql -s /bin/sh postgres; \
diff --git a/17/alpine3.20/docker-entrypoint.sh b/17/alpine3.20/docker-entrypoint.sh
index 6f59993e08..d09b5388a0 100755
--- a/17/alpine3.20/docker-entrypoint.sh
+++ b/17/alpine3.20/docker-entrypoint.sh
@@ -104,7 +104,7 @@ docker_init_database_dir() {
# assumes database is not set up, ie: [ -z "$DATABASE_ALREADY_EXISTS" ]
docker_verify_minimum_env() {
case "${PG_MAJOR:-}" in
- 12 | 13) # https://github.com/postgres/postgres/commit/67a472d71c98c3d2fa322a1b4013080b20720b98
+ 13) # https://github.com/postgres/postgres/commit/67a472d71c98c3d2fa322a1b4013080b20720b98
# check password first so we can output the warning before postgres
# messes it up
if [ "${#POSTGRES_PASSWORD}" -ge 100 ]; then
@@ -252,7 +252,7 @@ pg_setup_hba_conf() {
printf '\n'
if [ 'trust' = "$POSTGRES_HOST_AUTH_METHOD" ]; then
printf '# warning trust is enabled for all connections\n'
- printf '# see https://www.postgresql.org/docs/12/auth-trust.html\n'
+ printf '# see https://www.postgresql.org/docs/17/auth-trust.html\n'
fi
printf 'host all all all %s\n' "$POSTGRES_HOST_AUTH_METHOD"
} >> "$PGDATA/pg_hba.conf"
diff --git a/17/alpine3.21/Dockerfile b/17/alpine3.21/Dockerfile
index b8b439b28c..47ba840f90 100644
--- a/17/alpine3.21/Dockerfile
+++ b/17/alpine3.21/Dockerfile
@@ -7,7 +7,7 @@
FROM alpine:3.21
# 70 is the standard uid/gid for "postgres" in Alpine
-# https://git.alpinelinux.org/aports/tree/main/postgresql/postgresql.pre-install?h=3.12-stable
+# https://git.alpinelinux.org/aports/tree/main/postgresql-common/postgresql-common.pre-install?h=3.21-stable
RUN set -eux; \
addgroup -g 70 -S postgres; \
adduser -u 70 -S -D -G postgres -H -h /var/lib/postgresql -s /bin/sh postgres; \
diff --git a/17/alpine3.21/docker-entrypoint.sh b/17/alpine3.21/docker-entrypoint.sh
index 6f59993e08..d09b5388a0 100755
--- a/17/alpine3.21/docker-entrypoint.sh
+++ b/17/alpine3.21/docker-entrypoint.sh
@@ -104,7 +104,7 @@ docker_init_database_dir() {
# assumes database is not set up, ie: [ -z "$DATABASE_ALREADY_EXISTS" ]
docker_verify_minimum_env() {
case "${PG_MAJOR:-}" in
- 12 | 13) # https://github.com/postgres/postgres/commit/67a472d71c98c3d2fa322a1b4013080b20720b98
+ 13) # https://github.com/postgres/postgres/commit/67a472d71c98c3d2fa322a1b4013080b20720b98
# check password first so we can output the warning before postgres
# messes it up
if [ "${#POSTGRES_PASSWORD}" -ge 100 ]; then
@@ -252,7 +252,7 @@ pg_setup_hba_conf() {
printf '\n'
if [ 'trust' = "$POSTGRES_HOST_AUTH_METHOD" ]; then
printf '# warning trust is enabled for all connections\n'
- printf '# see https://www.postgresql.org/docs/12/auth-trust.html\n'
+ printf '# see https://www.postgresql.org/docs/17/auth-trust.html\n'
fi
printf 'host all all all %s\n' "$POSTGRES_HOST_AUTH_METHOD"
} >> "$PGDATA/pg_hba.conf"
diff --git a/17/bookworm/docker-entrypoint.sh b/17/bookworm/docker-entrypoint.sh
index 6f59993e08..d09b5388a0 100755
--- a/17/bookworm/docker-entrypoint.sh
+++ b/17/bookworm/docker-entrypoint.sh
@@ -104,7 +104,7 @@ docker_init_database_dir() {
# assumes database is not set up, ie: [ -z "$DATABASE_ALREADY_EXISTS" ]
docker_verify_minimum_env() {
case "${PG_MAJOR:-}" in
- 12 | 13) # https://github.com/postgres/postgres/commit/67a472d71c98c3d2fa322a1b4013080b20720b98
+ 13) # https://github.com/postgres/postgres/commit/67a472d71c98c3d2fa322a1b4013080b20720b98
# check password first so we can output the warning before postgres
# messes it up
if [ "${#POSTGRES_PASSWORD}" -ge 100 ]; then
@@ -252,7 +252,7 @@ pg_setup_hba_conf() {
printf '\n'
if [ 'trust' = "$POSTGRES_HOST_AUTH_METHOD" ]; then
printf '# warning trust is enabled for all connections\n'
- printf '# see https://www.postgresql.org/docs/12/auth-trust.html\n'
+ printf '# see https://www.postgresql.org/docs/17/auth-trust.html\n'
fi
printf 'host all all all %s\n' "$POSTGRES_HOST_AUTH_METHOD"
} >> "$PGDATA/pg_hba.conf"
diff --git a/17/bullseye/docker-entrypoint.sh b/17/bullseye/docker-entrypoint.sh
index 6f59993e08..d09b5388a0 100755
--- a/17/bullseye/docker-entrypoint.sh
+++ b/17/bullseye/docker-entrypoint.sh
@@ -104,7 +104,7 @@ docker_init_database_dir() {
# assumes database is not set up, ie: [ -z "$DATABASE_ALREADY_EXISTS" ]
docker_verify_minimum_env() {
case "${PG_MAJOR:-}" in
- 12 | 13) # https://github.com/postgres/postgres/commit/67a472d71c98c3d2fa322a1b4013080b20720b98
+ 13) # https://github.com/postgres/postgres/commit/67a472d71c98c3d2fa322a1b4013080b20720b98
# check password first so we can output the warning before postgres
# messes it up
if [ "${#POSTGRES_PASSWORD}" -ge 100 ]; then
@@ -252,7 +252,7 @@ pg_setup_hba_conf() {
printf '\n'
if [ 'trust' = "$POSTGRES_HOST_AUTH_METHOD" ]; then
printf '# warning trust is enabled for all connections\n'
- printf '# see https://www.postgresql.org/docs/12/auth-trust.html\n'
+ printf '# see https://www.postgresql.org/docs/17/auth-trust.html\n'
fi
printf 'host all all all %s\n' "$POSTGRES_HOST_AUTH_METHOD"
} >> "$PGDATA/pg_hba.conf"
diff --git a/Dockerfile-alpine.template b/Dockerfile-alpine.template
index f3a98c760b..2d1e3957a8 100644
--- a/Dockerfile-alpine.template
+++ b/Dockerfile-alpine.template
@@ -5,7 +5,7 @@
FROM alpine:{{ alpine_version }}
# 70 is the standard uid/gid for "postgres" in Alpine
-# https://git.alpinelinux.org/aports/tree/main/postgresql/postgresql.pre-install?h=3.12-stable
+# https://git.alpinelinux.org/aports/tree/main/postgresql-common/postgresql-common.pre-install?h=3.21-stable
RUN set -eux; \
addgroup -g 70 -S postgres; \
adduser -u 70 -S -D -G postgres -H -h /var/lib/postgresql -s /bin/sh postgres; \
@@ -42,7 +42,7 @@ RUN set -eux; \
# verify that the binary works
gosu --version; \
gosu nobody true
-{{ if env.version | IN("12", "13", "14", "15", "16") then ( -}}
+{{ if env.version | IN("13", "14", "15", "16") then ( -}}
RUN set -eux; ln -svf gosu /usr/local/bin/su-exec; su-exec nobody true # backwards compatibility (removed in PostgreSQL 17+)
{{ ) else "" end -}}
diff --git a/docker-entrypoint.sh b/docker-entrypoint.sh
index 6f59993e08..d09b5388a0 100755
--- a/docker-entrypoint.sh
+++ b/docker-entrypoint.sh
@@ -104,7 +104,7 @@ docker_init_database_dir() {
# assumes database is not set up, ie: [ -z "$DATABASE_ALREADY_EXISTS" ]
docker_verify_minimum_env() {
case "${PG_MAJOR:-}" in
- 12 | 13) # https://github.com/postgres/postgres/commit/67a472d71c98c3d2fa322a1b4013080b20720b98
+ 13) # https://github.com/postgres/postgres/commit/67a472d71c98c3d2fa322a1b4013080b20720b98
# check password first so we can output the warning before postgres
# messes it up
if [ "${#POSTGRES_PASSWORD}" -ge 100 ]; then
@@ -252,7 +252,7 @@ pg_setup_hba_conf() {
printf '\n'
if [ 'trust' = "$POSTGRES_HOST_AUTH_METHOD" ]; then
printf '# warning trust is enabled for all connections\n'
- printf '# see https://www.postgresql.org/docs/12/auth-trust.html\n'
+ printf '# see https://www.postgresql.org/docs/17/auth-trust.html\n'
fi
printf 'host all all all %s\n' "$POSTGRES_HOST_AUTH_METHOD"
} >> "$PGDATA/pg_hba.conf"
diff --git a/versions.json b/versions.json
index d5f9761bb3..93b9c3a7fb 100644
--- a/versions.json
+++ b/versions.json
@@ -1,35 +1,4 @@
{
- "12": {
- "alpine": "3.21",
- "bookworm": {
- "arches": [
- "amd64",
- "arm64",
- "ppc64el",
- "s390x"
- ],
- "version": "12.22-2.pgdg120+1"
- },
- "bullseye": {
- "arches": [
- "amd64",
- "arm64",
- "ppc64el",
- "s390x"
- ],
- "version": "12.22-2.pgdg110+1"
- },
- "debian": "bookworm",
- "major": 12,
- "sha256": "8df3c0474782589d3c6f374b5133b1bd14d168086edbc13c6e72e67dd4527a3b",
- "variants": [
- "bookworm",
- "bullseye",
- "alpine3.21",
- "alpine3.20"
- ],
- "version": "12.22"
- },
"13": {
"alpine": "3.21",
"bookworm": {
From 7da49aaa6a5d1496288b8a54c40ac2860e2ac85b Mon Sep 17 00:00:00 2001
From: Docker Library Bot <doi+docker-library-bot@docker.com>
Date: Thu, 13 Feb 2025 10:01:24 -0800
Subject: [PATCH 097/115] Update 13 to 13.19, bookworm 13.19-1.pgdg120+1,
bullseye 13.19-1.pgdg110+1
---
13/alpine3.20/Dockerfile | 4 ++--
13/alpine3.21/Dockerfile | 4 ++--
13/bookworm/Dockerfile | 2 +-
13/bullseye/Dockerfile | 2 +-
versions.json | 8 ++++----
5 files changed, 10 insertions(+), 10 deletions(-)
diff --git a/13/alpine3.20/Dockerfile b/13/alpine3.20/Dockerfile
index e11f7276b4..f52be6a729 100644
--- a/13/alpine3.20/Dockerfile
+++ b/13/alpine3.20/Dockerfile
@@ -53,8 +53,8 @@ ENV LANG en_US.utf8
RUN mkdir /docker-entrypoint-initdb.d
ENV PG_MAJOR 13
-ENV PG_VERSION 13.18
-ENV PG_SHA256 ceea92abee2a8c19408d278b68de6a78b6bd3dbb4fa2d653fa7ca745d666aab1
+ENV PG_VERSION 13.19
+ENV PG_SHA256 482cce0a9f8d24c2447cfc7b2817e55f86d51afe5f7f1a85214bf93644e774ea
ENV DOCKER_PG_LLVM_DEPS \
llvm15-dev \
diff --git a/13/alpine3.21/Dockerfile b/13/alpine3.21/Dockerfile
index f80b09f620..17a6bf5ddb 100644
--- a/13/alpine3.21/Dockerfile
+++ b/13/alpine3.21/Dockerfile
@@ -53,8 +53,8 @@ ENV LANG en_US.utf8
RUN mkdir /docker-entrypoint-initdb.d
ENV PG_MAJOR 13
-ENV PG_VERSION 13.18
-ENV PG_SHA256 ceea92abee2a8c19408d278b68de6a78b6bd3dbb4fa2d653fa7ca745d666aab1
+ENV PG_VERSION 13.19
+ENV PG_SHA256 482cce0a9f8d24c2447cfc7b2817e55f86d51afe5f7f1a85214bf93644e774ea
ENV DOCKER_PG_LLVM_DEPS \
llvm19-dev \
diff --git a/13/bookworm/Dockerfile b/13/bookworm/Dockerfile
index cb68eb9b15..96bc81b508 100644
--- a/13/bookworm/Dockerfile
+++ b/13/bookworm/Dockerfile
@@ -89,7 +89,7 @@ RUN set -ex; \
ENV PG_MAJOR 13
ENV PATH $PATH:/usr/lib/postgresql/$PG_MAJOR/bin
-ENV PG_VERSION 13.18-1.pgdg120+1
+ENV PG_VERSION 13.19-1.pgdg120+1
RUN set -ex; \
\
diff --git a/13/bullseye/Dockerfile b/13/bullseye/Dockerfile
index a42d00dbcf..63b57edd51 100644
--- a/13/bullseye/Dockerfile
+++ b/13/bullseye/Dockerfile
@@ -89,7 +89,7 @@ RUN set -ex; \
ENV PG_MAJOR 13
ENV PATH $PATH:/usr/lib/postgresql/$PG_MAJOR/bin
-ENV PG_VERSION 13.18-1.pgdg110+1
+ENV PG_VERSION 13.19-1.pgdg110+1
RUN set -ex; \
\
diff --git a/versions.json b/versions.json
index 93b9c3a7fb..cb1e48cb6b 100644
--- a/versions.json
+++ b/versions.json
@@ -8,7 +8,7 @@
"ppc64el",
"s390x"
],
- "version": "13.18-1.pgdg120+1"
+ "version": "13.19-1.pgdg120+1"
},
"bullseye": {
"arches": [
@@ -17,18 +17,18 @@
"ppc64el",
"s390x"
],
- "version": "13.18-1.pgdg110+1"
+ "version": "13.19-1.pgdg110+1"
},
"debian": "bookworm",
"major": 13,
- "sha256": "ceea92abee2a8c19408d278b68de6a78b6bd3dbb4fa2d653fa7ca745d666aab1",
+ "sha256": "482cce0a9f8d24c2447cfc7b2817e55f86d51afe5f7f1a85214bf93644e774ea",
"variants": [
"bookworm",
"bullseye",
"alpine3.21",
"alpine3.20"
],
- "version": "13.18"
+ "version": "13.19"
},
"14": {
"alpine": "3.21",
From 4bc3d04127905a457a92d7eb42e7e677389b8135 Mon Sep 17 00:00:00 2001
From: Docker Library Bot <doi+docker-library-bot@docker.com>
Date: Thu, 13 Feb 2025 10:17:09 -0800
Subject: [PATCH 098/115] Update 14 to 14.16, bookworm 14.16-1.pgdg120+1,
bullseye 14.16-1.pgdg110+1
---
14/alpine3.20/Dockerfile | 4 ++--
14/alpine3.21/Dockerfile | 4 ++--
14/bookworm/Dockerfile | 2 +-
14/bullseye/Dockerfile | 2 +-
versions.json | 8 ++++----
5 files changed, 10 insertions(+), 10 deletions(-)
diff --git a/14/alpine3.20/Dockerfile b/14/alpine3.20/Dockerfile
index 48231edcbd..84ca02723f 100644
--- a/14/alpine3.20/Dockerfile
+++ b/14/alpine3.20/Dockerfile
@@ -53,8 +53,8 @@ ENV LANG en_US.utf8
RUN mkdir /docker-entrypoint-initdb.d
ENV PG_MAJOR 14
-ENV PG_VERSION 14.15
-ENV PG_SHA256 02e891e314b4e9ee24cbd78028dab7c73f9c1ba3e30835bcbef71fe220401fc5
+ENV PG_VERSION 14.16
+ENV PG_SHA256 673c26f15ebb14306ad0ea051d8acfb3915dd342de942f5b502e5354a0ab760c
ENV DOCKER_PG_LLVM_DEPS \
llvm15-dev \
diff --git a/14/alpine3.21/Dockerfile b/14/alpine3.21/Dockerfile
index 71879fac7f..8ab858f54d 100644
--- a/14/alpine3.21/Dockerfile
+++ b/14/alpine3.21/Dockerfile
@@ -53,8 +53,8 @@ ENV LANG en_US.utf8
RUN mkdir /docker-entrypoint-initdb.d
ENV PG_MAJOR 14
-ENV PG_VERSION 14.15
-ENV PG_SHA256 02e891e314b4e9ee24cbd78028dab7c73f9c1ba3e30835bcbef71fe220401fc5
+ENV PG_VERSION 14.16
+ENV PG_SHA256 673c26f15ebb14306ad0ea051d8acfb3915dd342de942f5b502e5354a0ab760c
ENV DOCKER_PG_LLVM_DEPS \
llvm19-dev \
diff --git a/14/bookworm/Dockerfile b/14/bookworm/Dockerfile
index f404f7a99b..74a915fafe 100644
--- a/14/bookworm/Dockerfile
+++ b/14/bookworm/Dockerfile
@@ -89,7 +89,7 @@ RUN set -ex; \
ENV PG_MAJOR 14
ENV PATH $PATH:/usr/lib/postgresql/$PG_MAJOR/bin
-ENV PG_VERSION 14.15-1.pgdg120+1
+ENV PG_VERSION 14.16-1.pgdg120+1
RUN set -ex; \
\
diff --git a/14/bullseye/Dockerfile b/14/bullseye/Dockerfile
index 0c7c224579..2f451390be 100644
--- a/14/bullseye/Dockerfile
+++ b/14/bullseye/Dockerfile
@@ -89,7 +89,7 @@ RUN set -ex; \
ENV PG_MAJOR 14
ENV PATH $PATH:/usr/lib/postgresql/$PG_MAJOR/bin
-ENV PG_VERSION 14.15-1.pgdg110+1
+ENV PG_VERSION 14.16-1.pgdg110+1
RUN set -ex; \
\
diff --git a/versions.json b/versions.json
index cb1e48cb6b..0f29aad395 100644
--- a/versions.json
+++ b/versions.json
@@ -39,7 +39,7 @@
"ppc64el",
"s390x"
],
- "version": "14.15-1.pgdg120+1"
+ "version": "14.16-1.pgdg120+1"
},
"bullseye": {
"arches": [
@@ -48,18 +48,18 @@
"ppc64el",
"s390x"
],
- "version": "14.15-1.pgdg110+1"
+ "version": "14.16-1.pgdg110+1"
},
"debian": "bookworm",
"major": 14,
- "sha256": "02e891e314b4e9ee24cbd78028dab7c73f9c1ba3e30835bcbef71fe220401fc5",
+ "sha256": "673c26f15ebb14306ad0ea051d8acfb3915dd342de942f5b502e5354a0ab760c",
"variants": [
"bookworm",
"bullseye",
"alpine3.21",
"alpine3.20"
],
- "version": "14.15"
+ "version": "14.16"
},
"15": {
"alpine": "3.21",
From 607fdbdadc175f112ebcf94a42272ca57e3b8ab2 Mon Sep 17 00:00:00 2001
From: Docker Library Bot <doi+docker-library-bot@docker.com>
Date: Thu, 13 Feb 2025 10:31:47 -0800
Subject: [PATCH 099/115] Update 15 to 15.11, bookworm 15.11-1.pgdg120+1,
bullseye 15.11-1.pgdg110+1
---
15/alpine3.20/Dockerfile | 4 ++--
15/alpine3.21/Dockerfile | 4 ++--
15/bookworm/Dockerfile | 2 +-
15/bullseye/Dockerfile | 2 +-
versions.json | 8 ++++----
5 files changed, 10 insertions(+), 10 deletions(-)
diff --git a/15/alpine3.20/Dockerfile b/15/alpine3.20/Dockerfile
index d62f9c991d..c461d8acde 100644
--- a/15/alpine3.20/Dockerfile
+++ b/15/alpine3.20/Dockerfile
@@ -53,8 +53,8 @@ ENV LANG en_US.utf8
RUN mkdir /docker-entrypoint-initdb.d
ENV PG_MAJOR 15
-ENV PG_VERSION 15.10
-ENV PG_SHA256 55abe738d441f0e58658b3ec6f88097a713b5e3b73139f6230d7b5c4c389e573
+ENV PG_VERSION 15.11
+ENV PG_SHA256 5367e97e81e493301cc4aab049dfbc9b4913822985bc62379faab2a281cfbdf0
ENV DOCKER_PG_LLVM_DEPS \
llvm15-dev \
diff --git a/15/alpine3.21/Dockerfile b/15/alpine3.21/Dockerfile
index ba2ad31a03..ff00bf4e71 100644
--- a/15/alpine3.21/Dockerfile
+++ b/15/alpine3.21/Dockerfile
@@ -53,8 +53,8 @@ ENV LANG en_US.utf8
RUN mkdir /docker-entrypoint-initdb.d
ENV PG_MAJOR 15
-ENV PG_VERSION 15.10
-ENV PG_SHA256 55abe738d441f0e58658b3ec6f88097a713b5e3b73139f6230d7b5c4c389e573
+ENV PG_VERSION 15.11
+ENV PG_SHA256 5367e97e81e493301cc4aab049dfbc9b4913822985bc62379faab2a281cfbdf0
ENV DOCKER_PG_LLVM_DEPS \
llvm19-dev \
diff --git a/15/bookworm/Dockerfile b/15/bookworm/Dockerfile
index 3caf089e07..f363a2d4cd 100644
--- a/15/bookworm/Dockerfile
+++ b/15/bookworm/Dockerfile
@@ -89,7 +89,7 @@ RUN set -ex; \
ENV PG_MAJOR 15
ENV PATH $PATH:/usr/lib/postgresql/$PG_MAJOR/bin
-ENV PG_VERSION 15.10-1.pgdg120+1
+ENV PG_VERSION 15.11-1.pgdg120+1
RUN set -ex; \
\
diff --git a/15/bullseye/Dockerfile b/15/bullseye/Dockerfile
index b19c220ce1..57acb0ebe6 100644
--- a/15/bullseye/Dockerfile
+++ b/15/bullseye/Dockerfile
@@ -89,7 +89,7 @@ RUN set -ex; \
ENV PG_MAJOR 15
ENV PATH $PATH:/usr/lib/postgresql/$PG_MAJOR/bin
-ENV PG_VERSION 15.10-1.pgdg110+1
+ENV PG_VERSION 15.11-1.pgdg110+1
RUN set -ex; \
\
diff --git a/versions.json b/versions.json
index 0f29aad395..ff1a39b7b5 100644
--- a/versions.json
+++ b/versions.json
@@ -70,7 +70,7 @@
"ppc64el",
"s390x"
],
- "version": "15.10-1.pgdg120+1"
+ "version": "15.11-1.pgdg120+1"
},
"bullseye": {
"arches": [
@@ -79,18 +79,18 @@
"ppc64el",
"s390x"
],
- "version": "15.10-1.pgdg110+1"
+ "version": "15.11-1.pgdg110+1"
},
"debian": "bookworm",
"major": 15,
- "sha256": "55abe738d441f0e58658b3ec6f88097a713b5e3b73139f6230d7b5c4c389e573",
+ "sha256": "5367e97e81e493301cc4aab049dfbc9b4913822985bc62379faab2a281cfbdf0",
"variants": [
"bookworm",
"bullseye",
"alpine3.21",
"alpine3.20"
],
- "version": "15.10"
+ "version": "15.11"
},
"16": {
"alpine": "3.21",
From c17c1aad6bc4a8cc9d0a1791d8facaa84171c05b Mon Sep 17 00:00:00 2001
From: Docker Library Bot <doi+docker-library-bot@docker.com>
Date: Thu, 13 Feb 2025 10:46:14 -0800
Subject: [PATCH 100/115] Update 16 to 16.7, bookworm 16.7-1.pgdg120+1,
bullseye 16.7-1.pgdg110+1
---
16/alpine3.20/Dockerfile | 4 ++--
16/alpine3.21/Dockerfile | 4 ++--
16/bookworm/Dockerfile | 2 +-
16/bullseye/Dockerfile | 2 +-
versions.json | 8 ++++----
5 files changed, 10 insertions(+), 10 deletions(-)
diff --git a/16/alpine3.20/Dockerfile b/16/alpine3.20/Dockerfile
index 3f9a790c74..c176edc3ef 100644
--- a/16/alpine3.20/Dockerfile
+++ b/16/alpine3.20/Dockerfile
@@ -53,8 +53,8 @@ ENV LANG en_US.utf8
RUN mkdir /docker-entrypoint-initdb.d
ENV PG_MAJOR 16
-ENV PG_VERSION 16.6
-ENV PG_SHA256 23369cdaccd45270ac5dcc30fa9da205d5be33fa505e1f17a0418d2caeca477b
+ENV PG_VERSION 16.7
+ENV PG_SHA256 62e02f77ebfc4a37f1700c20cc3ccd85ff797b5613766ebf949a7899bb2113fe
ENV DOCKER_PG_LLVM_DEPS \
llvm15-dev \
diff --git a/16/alpine3.21/Dockerfile b/16/alpine3.21/Dockerfile
index 6951165d92..7acd3a708c 100644
--- a/16/alpine3.21/Dockerfile
+++ b/16/alpine3.21/Dockerfile
@@ -53,8 +53,8 @@ ENV LANG en_US.utf8
RUN mkdir /docker-entrypoint-initdb.d
ENV PG_MAJOR 16
-ENV PG_VERSION 16.6
-ENV PG_SHA256 23369cdaccd45270ac5dcc30fa9da205d5be33fa505e1f17a0418d2caeca477b
+ENV PG_VERSION 16.7
+ENV PG_SHA256 62e02f77ebfc4a37f1700c20cc3ccd85ff797b5613766ebf949a7899bb2113fe
ENV DOCKER_PG_LLVM_DEPS \
llvm19-dev \
diff --git a/16/bookworm/Dockerfile b/16/bookworm/Dockerfile
index e2adcdb4b0..e09f86ac39 100644
--- a/16/bookworm/Dockerfile
+++ b/16/bookworm/Dockerfile
@@ -89,7 +89,7 @@ RUN set -ex; \
ENV PG_MAJOR 16
ENV PATH $PATH:/usr/lib/postgresql/$PG_MAJOR/bin
-ENV PG_VERSION 16.6-1.pgdg120+1
+ENV PG_VERSION 16.7-1.pgdg120+1
RUN set -ex; \
\
diff --git a/16/bullseye/Dockerfile b/16/bullseye/Dockerfile
index bae4ffbc29..6a2ff2f19c 100644
--- a/16/bullseye/Dockerfile
+++ b/16/bullseye/Dockerfile
@@ -89,7 +89,7 @@ RUN set -ex; \
ENV PG_MAJOR 16
ENV PATH $PATH:/usr/lib/postgresql/$PG_MAJOR/bin
-ENV PG_VERSION 16.6-1.pgdg110+1
+ENV PG_VERSION 16.7-1.pgdg110+1
RUN set -ex; \
\
diff --git a/versions.json b/versions.json
index ff1a39b7b5..37c75090af 100644
--- a/versions.json
+++ b/versions.json
@@ -101,7 +101,7 @@
"ppc64el",
"s390x"
],
- "version": "16.6-1.pgdg120+1"
+ "version": "16.7-1.pgdg120+1"
},
"bullseye": {
"arches": [
@@ -110,18 +110,18 @@
"ppc64el",
"s390x"
],
- "version": "16.6-1.pgdg110+1"
+ "version": "16.7-1.pgdg110+1"
},
"debian": "bookworm",
"major": 16,
- "sha256": "23369cdaccd45270ac5dcc30fa9da205d5be33fa505e1f17a0418d2caeca477b",
+ "sha256": "62e02f77ebfc4a37f1700c20cc3ccd85ff797b5613766ebf949a7899bb2113fe",
"variants": [
"bookworm",
"bullseye",
"alpine3.21",
"alpine3.20"
],
- "version": "16.6"
+ "version": "16.7"
},
"17": {
"alpine": "3.21",
From 22dad776d9f858f5fb1940ac165be76aa8521e49 Mon Sep 17 00:00:00 2001
From: Docker Library Bot <doi+docker-library-bot@docker.com>
Date: Thu, 13 Feb 2025 11:01:08 -0800
Subject: [PATCH 101/115] Update 17 to 17.3, bookworm 17.3-1.pgdg120+1,
bullseye 17.3-1.pgdg110+1
---
17/alpine3.20/Dockerfile | 4 ++--
17/alpine3.21/Dockerfile | 4 ++--
17/bookworm/Dockerfile | 2 +-
17/bullseye/Dockerfile | 2 +-
versions.json | 8 ++++----
5 files changed, 10 insertions(+), 10 deletions(-)
diff --git a/17/alpine3.20/Dockerfile b/17/alpine3.20/Dockerfile
index af93219a57..1a1a2d583a 100644
--- a/17/alpine3.20/Dockerfile
+++ b/17/alpine3.20/Dockerfile
@@ -52,8 +52,8 @@ ENV LANG en_US.utf8
RUN mkdir /docker-entrypoint-initdb.d
ENV PG_MAJOR 17
-ENV PG_VERSION 17.2
-ENV PG_SHA256 82ef27c0af3751695d7f64e2d963583005fbb6a0c3df63d0e4b42211d7021164
+ENV PG_VERSION 17.3
+ENV PG_SHA256 13c18b35bf67a97bd639925fc581db7fd2aae4d3548eac39fcdb8da74ace2bea
ENV DOCKER_PG_LLVM_DEPS \
llvm15-dev \
diff --git a/17/alpine3.21/Dockerfile b/17/alpine3.21/Dockerfile
index 47ba840f90..4a490c5fc1 100644
--- a/17/alpine3.21/Dockerfile
+++ b/17/alpine3.21/Dockerfile
@@ -52,8 +52,8 @@ ENV LANG en_US.utf8
RUN mkdir /docker-entrypoint-initdb.d
ENV PG_MAJOR 17
-ENV PG_VERSION 17.2
-ENV PG_SHA256 82ef27c0af3751695d7f64e2d963583005fbb6a0c3df63d0e4b42211d7021164
+ENV PG_VERSION 17.3
+ENV PG_SHA256 13c18b35bf67a97bd639925fc581db7fd2aae4d3548eac39fcdb8da74ace2bea
ENV DOCKER_PG_LLVM_DEPS \
llvm19-dev \
diff --git a/17/bookworm/Dockerfile b/17/bookworm/Dockerfile
index d31a71e831..8dddc88060 100644
--- a/17/bookworm/Dockerfile
+++ b/17/bookworm/Dockerfile
@@ -89,7 +89,7 @@ RUN set -ex; \
ENV PG_MAJOR 17
ENV PATH $PATH:/usr/lib/postgresql/$PG_MAJOR/bin
-ENV PG_VERSION 17.2-1.pgdg120+1
+ENV PG_VERSION 17.3-1.pgdg120+1
RUN set -ex; \
\
diff --git a/17/bullseye/Dockerfile b/17/bullseye/Dockerfile
index 574a230402..780d675594 100644
--- a/17/bullseye/Dockerfile
+++ b/17/bullseye/Dockerfile
@@ -89,7 +89,7 @@ RUN set -ex; \
ENV PG_MAJOR 17
ENV PATH $PATH:/usr/lib/postgresql/$PG_MAJOR/bin
-ENV PG_VERSION 17.2-1.pgdg110+1
+ENV PG_VERSION 17.3-1.pgdg110+1
RUN set -ex; \
\
diff --git a/versions.json b/versions.json
index 37c75090af..ba7aea1a04 100644
--- a/versions.json
+++ b/versions.json
@@ -132,7 +132,7 @@
"ppc64el",
"s390x"
],
- "version": "17.2-1.pgdg120+1"
+ "version": "17.3-1.pgdg120+1"
},
"bullseye": {
"arches": [
@@ -141,17 +141,17 @@
"ppc64el",
"s390x"
],
- "version": "17.2-1.pgdg110+1"
+ "version": "17.3-1.pgdg110+1"
},
"debian": "bookworm",
"major": 17,
- "sha256": "82ef27c0af3751695d7f64e2d963583005fbb6a0c3df63d0e4b42211d7021164",
+ "sha256": "13c18b35bf67a97bd639925fc581db7fd2aae4d3548eac39fcdb8da74ace2bea",
"variants": [
"bookworm",
"bullseye",
"alpine3.21",
"alpine3.20"
],
- "version": "17.2"
+ "version": "17.3"
}
}
From a537d6002b1a4bb92eb88e1e894332a76b1d2e6b Mon Sep 17 00:00:00 2001
From: Docker Library Bot <doi+docker-library-bot@docker.com>
Date: Sun, 16 Feb 2025 11:03:06 -0800
Subject: [PATCH 102/115] Update 17 to bookworm 17.3-3.pgdg120+1, bullseye
17.3-3.pgdg110+1
---
17/bookworm/Dockerfile | 2 +-
17/bullseye/Dockerfile | 2 +-
versions.json | 4 ++--
3 files changed, 4 insertions(+), 4 deletions(-)
diff --git a/17/bookworm/Dockerfile b/17/bookworm/Dockerfile
index 8dddc88060..bb3cb6e227 100644
--- a/17/bookworm/Dockerfile
+++ b/17/bookworm/Dockerfile
@@ -89,7 +89,7 @@ RUN set -ex; \
ENV PG_MAJOR 17
ENV PATH $PATH:/usr/lib/postgresql/$PG_MAJOR/bin
-ENV PG_VERSION 17.3-1.pgdg120+1
+ENV PG_VERSION 17.3-3.pgdg120+1
RUN set -ex; \
\
diff --git a/17/bullseye/Dockerfile b/17/bullseye/Dockerfile
index 780d675594..e9e1ad6a4a 100644
--- a/17/bullseye/Dockerfile
+++ b/17/bullseye/Dockerfile
@@ -89,7 +89,7 @@ RUN set -ex; \
ENV PG_MAJOR 17
ENV PATH $PATH:/usr/lib/postgresql/$PG_MAJOR/bin
-ENV PG_VERSION 17.3-1.pgdg110+1
+ENV PG_VERSION 17.3-3.pgdg110+1
RUN set -ex; \
\
diff --git a/versions.json b/versions.json
index ba7aea1a04..a73b263204 100644
--- a/versions.json
+++ b/versions.json
@@ -132,7 +132,7 @@
"ppc64el",
"s390x"
],
- "version": "17.3-1.pgdg120+1"
+ "version": "17.3-3.pgdg120+1"
},
"bullseye": {
"arches": [
@@ -141,7 +141,7 @@
"ppc64el",
"s390x"
],
- "version": "17.3-1.pgdg110+1"
+ "version": "17.3-3.pgdg110+1"
},
"debian": "bookworm",
"major": 17,
From 2f7aa214309aca0d90a41e57f0807f53ebf77d55 Mon Sep 17 00:00:00 2001
From: Docker Library Bot <doi+docker-library-bot@docker.com>
Date: Thu, 20 Feb 2025 11:02:25 -0800
Subject: [PATCH 103/115] Update 13 to 13.20, bookworm 13.20-1.pgdg120+1,
bullseye 13.20-1.pgdg110+1
---
13/alpine3.20/Dockerfile | 4 ++--
13/alpine3.21/Dockerfile | 4 ++--
13/bookworm/Dockerfile | 2 +-
13/bullseye/Dockerfile | 2 +-
versions.json | 8 ++++----
5 files changed, 10 insertions(+), 10 deletions(-)
diff --git a/13/alpine3.20/Dockerfile b/13/alpine3.20/Dockerfile
index f52be6a729..6b90306dfa 100644
--- a/13/alpine3.20/Dockerfile
+++ b/13/alpine3.20/Dockerfile
@@ -53,8 +53,8 @@ ENV LANG en_US.utf8
RUN mkdir /docker-entrypoint-initdb.d
ENV PG_MAJOR 13
-ENV PG_VERSION 13.19
-ENV PG_SHA256 482cce0a9f8d24c2447cfc7b2817e55f86d51afe5f7f1a85214bf93644e774ea
+ENV PG_VERSION 13.20
+ENV PG_SHA256 8134b685724d15e60d93bea206fbe0f14c8295e84f1cc91d5a3928163e4fb288
ENV DOCKER_PG_LLVM_DEPS \
llvm15-dev \
diff --git a/13/alpine3.21/Dockerfile b/13/alpine3.21/Dockerfile
index 17a6bf5ddb..c2fd2016b6 100644
--- a/13/alpine3.21/Dockerfile
+++ b/13/alpine3.21/Dockerfile
@@ -53,8 +53,8 @@ ENV LANG en_US.utf8
RUN mkdir /docker-entrypoint-initdb.d
ENV PG_MAJOR 13
-ENV PG_VERSION 13.19
-ENV PG_SHA256 482cce0a9f8d24c2447cfc7b2817e55f86d51afe5f7f1a85214bf93644e774ea
+ENV PG_VERSION 13.20
+ENV PG_SHA256 8134b685724d15e60d93bea206fbe0f14c8295e84f1cc91d5a3928163e4fb288
ENV DOCKER_PG_LLVM_DEPS \
llvm19-dev \
diff --git a/13/bookworm/Dockerfile b/13/bookworm/Dockerfile
index 96bc81b508..e19c54c943 100644
--- a/13/bookworm/Dockerfile
+++ b/13/bookworm/Dockerfile
@@ -89,7 +89,7 @@ RUN set -ex; \
ENV PG_MAJOR 13
ENV PATH $PATH:/usr/lib/postgresql/$PG_MAJOR/bin
-ENV PG_VERSION 13.19-1.pgdg120+1
+ENV PG_VERSION 13.20-1.pgdg120+1
RUN set -ex; \
\
diff --git a/13/bullseye/Dockerfile b/13/bullseye/Dockerfile
index 63b57edd51..fa5bce3769 100644
--- a/13/bullseye/Dockerfile
+++ b/13/bullseye/Dockerfile
@@ -89,7 +89,7 @@ RUN set -ex; \
ENV PG_MAJOR 13
ENV PATH $PATH:/usr/lib/postgresql/$PG_MAJOR/bin
-ENV PG_VERSION 13.19-1.pgdg110+1
+ENV PG_VERSION 13.20-1.pgdg110+1
RUN set -ex; \
\
diff --git a/versions.json b/versions.json
index a73b263204..b49f48a7b8 100644
--- a/versions.json
+++ b/versions.json
@@ -8,7 +8,7 @@
"ppc64el",
"s390x"
],
- "version": "13.19-1.pgdg120+1"
+ "version": "13.20-1.pgdg120+1"
},
"bullseye": {
"arches": [
@@ -17,18 +17,18 @@
"ppc64el",
"s390x"
],
- "version": "13.19-1.pgdg110+1"
+ "version": "13.20-1.pgdg110+1"
},
"debian": "bookworm",
"major": 13,
- "sha256": "482cce0a9f8d24c2447cfc7b2817e55f86d51afe5f7f1a85214bf93644e774ea",
+ "sha256": "8134b685724d15e60d93bea206fbe0f14c8295e84f1cc91d5a3928163e4fb288",
"variants": [
"bookworm",
"bullseye",
"alpine3.21",
"alpine3.20"
],
- "version": "13.19"
+ "version": "13.20"
},
"14": {
"alpine": "3.21",
From dabb1fcefb4637c8b6e1655c520bc10e67a735cb Mon Sep 17 00:00:00 2001
From: Docker Library Bot <doi+docker-library-bot@docker.com>
Date: Thu, 20 Feb 2025 11:16:15 -0800
Subject: [PATCH 104/115] Update 14 to 14.17, bookworm 14.17-1.pgdg120+1,
bullseye 14.17-1.pgdg110+1
---
14/alpine3.20/Dockerfile | 4 ++--
14/alpine3.21/Dockerfile | 4 ++--
14/bookworm/Dockerfile | 2 +-
14/bullseye/Dockerfile | 2 +-
versions.json | 8 ++++----
5 files changed, 10 insertions(+), 10 deletions(-)
diff --git a/14/alpine3.20/Dockerfile b/14/alpine3.20/Dockerfile
index 84ca02723f..7a97933e5e 100644
--- a/14/alpine3.20/Dockerfile
+++ b/14/alpine3.20/Dockerfile
@@ -53,8 +53,8 @@ ENV LANG en_US.utf8
RUN mkdir /docker-entrypoint-initdb.d
ENV PG_MAJOR 14
-ENV PG_VERSION 14.16
-ENV PG_SHA256 673c26f15ebb14306ad0ea051d8acfb3915dd342de942f5b502e5354a0ab760c
+ENV PG_VERSION 14.17
+ENV PG_SHA256 6ce0ccd6403bf7f0f2eddd333e2ee9ba02edfa977c66660ed9b4b1057e7630a1
ENV DOCKER_PG_LLVM_DEPS \
llvm15-dev \
diff --git a/14/alpine3.21/Dockerfile b/14/alpine3.21/Dockerfile
index 8ab858f54d..e6eaec1609 100644
--- a/14/alpine3.21/Dockerfile
+++ b/14/alpine3.21/Dockerfile
@@ -53,8 +53,8 @@ ENV LANG en_US.utf8
RUN mkdir /docker-entrypoint-initdb.d
ENV PG_MAJOR 14
-ENV PG_VERSION 14.16
-ENV PG_SHA256 673c26f15ebb14306ad0ea051d8acfb3915dd342de942f5b502e5354a0ab760c
+ENV PG_VERSION 14.17
+ENV PG_SHA256 6ce0ccd6403bf7f0f2eddd333e2ee9ba02edfa977c66660ed9b4b1057e7630a1
ENV DOCKER_PG_LLVM_DEPS \
llvm19-dev \
diff --git a/14/bookworm/Dockerfile b/14/bookworm/Dockerfile
index 74a915fafe..e97bad7808 100644
--- a/14/bookworm/Dockerfile
+++ b/14/bookworm/Dockerfile
@@ -89,7 +89,7 @@ RUN set -ex; \
ENV PG_MAJOR 14
ENV PATH $PATH:/usr/lib/postgresql/$PG_MAJOR/bin
-ENV PG_VERSION 14.16-1.pgdg120+1
+ENV PG_VERSION 14.17-1.pgdg120+1
RUN set -ex; \
\
diff --git a/14/bullseye/Dockerfile b/14/bullseye/Dockerfile
index 2f451390be..b85e3deefd 100644
--- a/14/bullseye/Dockerfile
+++ b/14/bullseye/Dockerfile
@@ -89,7 +89,7 @@ RUN set -ex; \
ENV PG_MAJOR 14
ENV PATH $PATH:/usr/lib/postgresql/$PG_MAJOR/bin
-ENV PG_VERSION 14.16-1.pgdg110+1
+ENV PG_VERSION 14.17-1.pgdg110+1
RUN set -ex; \
\
diff --git a/versions.json b/versions.json
index b49f48a7b8..dc20f95c87 100644
--- a/versions.json
+++ b/versions.json
@@ -39,7 +39,7 @@
"ppc64el",
"s390x"
],
- "version": "14.16-1.pgdg120+1"
+ "version": "14.17-1.pgdg120+1"
},
"bullseye": {
"arches": [
@@ -48,18 +48,18 @@
"ppc64el",
"s390x"
],
- "version": "14.16-1.pgdg110+1"
+ "version": "14.17-1.pgdg110+1"
},
"debian": "bookworm",
"major": 14,
- "sha256": "673c26f15ebb14306ad0ea051d8acfb3915dd342de942f5b502e5354a0ab760c",
+ "sha256": "6ce0ccd6403bf7f0f2eddd333e2ee9ba02edfa977c66660ed9b4b1057e7630a1",
"variants": [
"bookworm",
"bullseye",
"alpine3.21",
"alpine3.20"
],
- "version": "14.16"
+ "version": "14.17"
},
"15": {
"alpine": "3.21",
From 807e218040cfae401cb0ed2e866a1efe9d6cc48d Mon Sep 17 00:00:00 2001
From: Docker Library Bot <doi+docker-library-bot@docker.com>
Date: Thu, 20 Feb 2025 11:30:20 -0800
Subject: [PATCH 105/115] Update 15 to 15.12, bookworm 15.12-1.pgdg120+1,
bullseye 15.12-1.pgdg110+1
---
15/alpine3.20/Dockerfile | 4 ++--
15/alpine3.21/Dockerfile | 4 ++--
15/bookworm/Dockerfile | 2 +-
15/bullseye/Dockerfile | 2 +-
versions.json | 8 ++++----
5 files changed, 10 insertions(+), 10 deletions(-)
diff --git a/15/alpine3.20/Dockerfile b/15/alpine3.20/Dockerfile
index c461d8acde..1142617c31 100644
--- a/15/alpine3.20/Dockerfile
+++ b/15/alpine3.20/Dockerfile
@@ -53,8 +53,8 @@ ENV LANG en_US.utf8
RUN mkdir /docker-entrypoint-initdb.d
ENV PG_MAJOR 15
-ENV PG_VERSION 15.11
-ENV PG_SHA256 5367e97e81e493301cc4aab049dfbc9b4913822985bc62379faab2a281cfbdf0
+ENV PG_VERSION 15.12
+ENV PG_SHA256 3bc8462a38ca0857270cc88b949a3f6659f0d5c44c029c482355835b61a0f6f7
ENV DOCKER_PG_LLVM_DEPS \
llvm15-dev \
diff --git a/15/alpine3.21/Dockerfile b/15/alpine3.21/Dockerfile
index ff00bf4e71..48fedb00fa 100644
--- a/15/alpine3.21/Dockerfile
+++ b/15/alpine3.21/Dockerfile
@@ -53,8 +53,8 @@ ENV LANG en_US.utf8
RUN mkdir /docker-entrypoint-initdb.d
ENV PG_MAJOR 15
-ENV PG_VERSION 15.11
-ENV PG_SHA256 5367e97e81e493301cc4aab049dfbc9b4913822985bc62379faab2a281cfbdf0
+ENV PG_VERSION 15.12
+ENV PG_SHA256 3bc8462a38ca0857270cc88b949a3f6659f0d5c44c029c482355835b61a0f6f7
ENV DOCKER_PG_LLVM_DEPS \
llvm19-dev \
diff --git a/15/bookworm/Dockerfile b/15/bookworm/Dockerfile
index f363a2d4cd..dcad9299c0 100644
--- a/15/bookworm/Dockerfile
+++ b/15/bookworm/Dockerfile
@@ -89,7 +89,7 @@ RUN set -ex; \
ENV PG_MAJOR 15
ENV PATH $PATH:/usr/lib/postgresql/$PG_MAJOR/bin
-ENV PG_VERSION 15.11-1.pgdg120+1
+ENV PG_VERSION 15.12-1.pgdg120+1
RUN set -ex; \
\
diff --git a/15/bullseye/Dockerfile b/15/bullseye/Dockerfile
index 57acb0ebe6..df8ca09ff9 100644
--- a/15/bullseye/Dockerfile
+++ b/15/bullseye/Dockerfile
@@ -89,7 +89,7 @@ RUN set -ex; \
ENV PG_MAJOR 15
ENV PATH $PATH:/usr/lib/postgresql/$PG_MAJOR/bin
-ENV PG_VERSION 15.11-1.pgdg110+1
+ENV PG_VERSION 15.12-1.pgdg110+1
RUN set -ex; \
\
diff --git a/versions.json b/versions.json
index dc20f95c87..b069df64b3 100644
--- a/versions.json
+++ b/versions.json
@@ -70,7 +70,7 @@
"ppc64el",
"s390x"
],
- "version": "15.11-1.pgdg120+1"
+ "version": "15.12-1.pgdg120+1"
},
"bullseye": {
"arches": [
@@ -79,18 +79,18 @@
"ppc64el",
"s390x"
],
- "version": "15.11-1.pgdg110+1"
+ "version": "15.12-1.pgdg110+1"
},
"debian": "bookworm",
"major": 15,
- "sha256": "5367e97e81e493301cc4aab049dfbc9b4913822985bc62379faab2a281cfbdf0",
+ "sha256": "3bc8462a38ca0857270cc88b949a3f6659f0d5c44c029c482355835b61a0f6f7",
"variants": [
"bookworm",
"bullseye",
"alpine3.21",
"alpine3.20"
],
- "version": "15.11"
+ "version": "15.12"
},
"16": {
"alpine": "3.21",
From ce5da348e75d283cdd90963f97bd61c374d41ee5 Mon Sep 17 00:00:00 2001
From: Docker Library Bot <doi+docker-library-bot@docker.com>
Date: Thu, 20 Feb 2025 11:44:40 -0800
Subject: [PATCH 106/115] Update 16 to 16.8, bookworm 16.8-1.pgdg120+1,
bullseye 16.8-1.pgdg110+1
---
16/alpine3.20/Dockerfile | 4 ++--
16/alpine3.21/Dockerfile | 4 ++--
16/bookworm/Dockerfile | 2 +-
16/bullseye/Dockerfile | 2 +-
versions.json | 8 ++++----
5 files changed, 10 insertions(+), 10 deletions(-)
diff --git a/16/alpine3.20/Dockerfile b/16/alpine3.20/Dockerfile
index c176edc3ef..f4a8eee4c6 100644
--- a/16/alpine3.20/Dockerfile
+++ b/16/alpine3.20/Dockerfile
@@ -53,8 +53,8 @@ ENV LANG en_US.utf8
RUN mkdir /docker-entrypoint-initdb.d
ENV PG_MAJOR 16
-ENV PG_VERSION 16.7
-ENV PG_SHA256 62e02f77ebfc4a37f1700c20cc3ccd85ff797b5613766ebf949a7899bb2113fe
+ENV PG_VERSION 16.8
+ENV PG_SHA256 9468083a56ce0ee7d294601b74dad3dd9fc69d87aff61f0a9fb63c813ff7efd8
ENV DOCKER_PG_LLVM_DEPS \
llvm15-dev \
diff --git a/16/alpine3.21/Dockerfile b/16/alpine3.21/Dockerfile
index 7acd3a708c..2e4b935085 100644
--- a/16/alpine3.21/Dockerfile
+++ b/16/alpine3.21/Dockerfile
@@ -53,8 +53,8 @@ ENV LANG en_US.utf8
RUN mkdir /docker-entrypoint-initdb.d
ENV PG_MAJOR 16
-ENV PG_VERSION 16.7
-ENV PG_SHA256 62e02f77ebfc4a37f1700c20cc3ccd85ff797b5613766ebf949a7899bb2113fe
+ENV PG_VERSION 16.8
+ENV PG_SHA256 9468083a56ce0ee7d294601b74dad3dd9fc69d87aff61f0a9fb63c813ff7efd8
ENV DOCKER_PG_LLVM_DEPS \
llvm19-dev \
diff --git a/16/bookworm/Dockerfile b/16/bookworm/Dockerfile
index e09f86ac39..c732ed0fdc 100644
--- a/16/bookworm/Dockerfile
+++ b/16/bookworm/Dockerfile
@@ -89,7 +89,7 @@ RUN set -ex; \
ENV PG_MAJOR 16
ENV PATH $PATH:/usr/lib/postgresql/$PG_MAJOR/bin
-ENV PG_VERSION 16.7-1.pgdg120+1
+ENV PG_VERSION 16.8-1.pgdg120+1
RUN set -ex; \
\
diff --git a/16/bullseye/Dockerfile b/16/bullseye/Dockerfile
index 6a2ff2f19c..ed5027458f 100644
--- a/16/bullseye/Dockerfile
+++ b/16/bullseye/Dockerfile
@@ -89,7 +89,7 @@ RUN set -ex; \
ENV PG_MAJOR 16
ENV PATH $PATH:/usr/lib/postgresql/$PG_MAJOR/bin
-ENV PG_VERSION 16.7-1.pgdg110+1
+ENV PG_VERSION 16.8-1.pgdg110+1
RUN set -ex; \
\
diff --git a/versions.json b/versions.json
index b069df64b3..c4a73cace1 100644
--- a/versions.json
+++ b/versions.json
@@ -101,7 +101,7 @@
"ppc64el",
"s390x"
],
- "version": "16.7-1.pgdg120+1"
+ "version": "16.8-1.pgdg120+1"
},
"bullseye": {
"arches": [
@@ -110,18 +110,18 @@
"ppc64el",
"s390x"
],
- "version": "16.7-1.pgdg110+1"
+ "version": "16.8-1.pgdg110+1"
},
"debian": "bookworm",
"major": 16,
- "sha256": "62e02f77ebfc4a37f1700c20cc3ccd85ff797b5613766ebf949a7899bb2113fe",
+ "sha256": "9468083a56ce0ee7d294601b74dad3dd9fc69d87aff61f0a9fb63c813ff7efd8",
"variants": [
"bookworm",
"bullseye",
"alpine3.21",
"alpine3.20"
],
- "version": "16.7"
+ "version": "16.8"
},
"17": {
"alpine": "3.21",
From 729d22b104ede82d7b2d8681bb85f2f44c33eb60 Mon Sep 17 00:00:00 2001
From: Docker Library Bot <doi+docker-library-bot@docker.com>
Date: Thu, 20 Feb 2025 11:59:30 -0800
Subject: [PATCH 107/115] Update 17 to 17.4, bookworm 17.4-1.pgdg120+2,
bullseye 17.4-1.pgdg110+2
---
17/alpine3.20/Dockerfile | 4 ++--
17/alpine3.21/Dockerfile | 4 ++--
17/bookworm/Dockerfile | 2 +-
17/bullseye/Dockerfile | 2 +-
versions.json | 8 ++++----
5 files changed, 10 insertions(+), 10 deletions(-)
diff --git a/17/alpine3.20/Dockerfile b/17/alpine3.20/Dockerfile
index 1a1a2d583a..2db848ef04 100644
--- a/17/alpine3.20/Dockerfile
+++ b/17/alpine3.20/Dockerfile
@@ -52,8 +52,8 @@ ENV LANG en_US.utf8
RUN mkdir /docker-entrypoint-initdb.d
ENV PG_MAJOR 17
-ENV PG_VERSION 17.3
-ENV PG_SHA256 13c18b35bf67a97bd639925fc581db7fd2aae4d3548eac39fcdb8da74ace2bea
+ENV PG_VERSION 17.4
+ENV PG_SHA256 c4605b73fea11963406699f949b966e5d173a7ee0ccaef8938dec0ca8a995fe7
ENV DOCKER_PG_LLVM_DEPS \
llvm15-dev \
diff --git a/17/alpine3.21/Dockerfile b/17/alpine3.21/Dockerfile
index 4a490c5fc1..1b9d0ee2c6 100644
--- a/17/alpine3.21/Dockerfile
+++ b/17/alpine3.21/Dockerfile
@@ -52,8 +52,8 @@ ENV LANG en_US.utf8
RUN mkdir /docker-entrypoint-initdb.d
ENV PG_MAJOR 17
-ENV PG_VERSION 17.3
-ENV PG_SHA256 13c18b35bf67a97bd639925fc581db7fd2aae4d3548eac39fcdb8da74ace2bea
+ENV PG_VERSION 17.4
+ENV PG_SHA256 c4605b73fea11963406699f949b966e5d173a7ee0ccaef8938dec0ca8a995fe7
ENV DOCKER_PG_LLVM_DEPS \
llvm19-dev \
diff --git a/17/bookworm/Dockerfile b/17/bookworm/Dockerfile
index bb3cb6e227..fbc15ef4c3 100644
--- a/17/bookworm/Dockerfile
+++ b/17/bookworm/Dockerfile
@@ -89,7 +89,7 @@ RUN set -ex; \
ENV PG_MAJOR 17
ENV PATH $PATH:/usr/lib/postgresql/$PG_MAJOR/bin
-ENV PG_VERSION 17.3-3.pgdg120+1
+ENV PG_VERSION 17.4-1.pgdg120+2
RUN set -ex; \
\
diff --git a/17/bullseye/Dockerfile b/17/bullseye/Dockerfile
index e9e1ad6a4a..263bb9f1c3 100644
--- a/17/bullseye/Dockerfile
+++ b/17/bullseye/Dockerfile
@@ -89,7 +89,7 @@ RUN set -ex; \
ENV PG_MAJOR 17
ENV PATH $PATH:/usr/lib/postgresql/$PG_MAJOR/bin
-ENV PG_VERSION 17.3-3.pgdg110+1
+ENV PG_VERSION 17.4-1.pgdg110+2
RUN set -ex; \
\
diff --git a/versions.json b/versions.json
index c4a73cace1..973ebfc225 100644
--- a/versions.json
+++ b/versions.json
@@ -132,7 +132,7 @@
"ppc64el",
"s390x"
],
- "version": "17.3-3.pgdg120+1"
+ "version": "17.4-1.pgdg120+2"
},
"bullseye": {
"arches": [
@@ -141,17 +141,17 @@
"ppc64el",
"s390x"
],
- "version": "17.3-3.pgdg110+1"
+ "version": "17.4-1.pgdg110+2"
},
"debian": "bookworm",
"major": 17,
- "sha256": "13c18b35bf67a97bd639925fc581db7fd2aae4d3548eac39fcdb8da74ace2bea",
+ "sha256": "c4605b73fea11963406699f949b966e5d173a7ee0ccaef8938dec0ca8a995fe7",
"variants": [
"bookworm",
"bullseye",
"alpine3.21",
"alpine3.20"
],
- "version": "17.3"
+ "version": "17.4"
}
}
From cc254e85ed86e1f8c9052f9cbf0e3320324f0421 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Paul=20Li=C3=A9tar?= <lietarp@gmail.com>
Date: Thu, 27 Feb 2025 00:53:12 +0000
Subject: [PATCH 108/115] Unset NOTIFY_SOCKET when running the temporary
server. (#1325)
* Unset NOTIFY_SOCKET when running the temporary server.
Postgres has native support for this notification socket and will write a `READY=1` message once it is ready and accepting connections. Unfortunately, the temporary server used by the `docker-entrypoint.sh` also sends a message on the socket, making it appear as though the container is ready and serving connections when it is not.
---
13/alpine3.20/docker-entrypoint.sh | 3 +++
13/alpine3.21/docker-entrypoint.sh | 3 +++
13/bookworm/docker-entrypoint.sh | 3 +++
13/bullseye/docker-entrypoint.sh | 3 +++
14/alpine3.20/docker-entrypoint.sh | 3 +++
14/alpine3.21/docker-entrypoint.sh | 3 +++
14/bookworm/docker-entrypoint.sh | 3 +++
14/bullseye/docker-entrypoint.sh | 3 +++
15/alpine3.20/docker-entrypoint.sh | 3 +++
15/alpine3.21/docker-entrypoint.sh | 3 +++
15/bookworm/docker-entrypoint.sh | 3 +++
15/bullseye/docker-entrypoint.sh | 3 +++
16/alpine3.20/docker-entrypoint.sh | 3 +++
16/alpine3.21/docker-entrypoint.sh | 3 +++
16/bookworm/docker-entrypoint.sh | 3 +++
16/bullseye/docker-entrypoint.sh | 3 +++
17/alpine3.20/docker-entrypoint.sh | 3 +++
17/alpine3.21/docker-entrypoint.sh | 3 +++
17/bookworm/docker-entrypoint.sh | 3 +++
17/bullseye/docker-entrypoint.sh | 3 +++
docker-entrypoint.sh | 3 +++
21 files changed, 63 insertions(+)
diff --git a/13/alpine3.20/docker-entrypoint.sh b/13/alpine3.20/docker-entrypoint.sh
index d09b5388a0..ae40666ca1 100755
--- a/13/alpine3.20/docker-entrypoint.sh
+++ b/13/alpine3.20/docker-entrypoint.sh
@@ -269,6 +269,9 @@ docker_temp_server_start() {
# does not listen on external TCP/IP and waits until start finishes
set -- "$@" -c listen_addresses='' -p "${PGPORT:-5432}"
+ # unset NOTIFY_SOCKET so the temporary server doesn't prematurely notify
+ # any process supervisor.
+ NOTIFY_SOCKET= \
PGUSER="${PGUSER:-$POSTGRES_USER}" \
pg_ctl -D "$PGDATA" \
-o "$(printf '%q ' "$@")" \
diff --git a/13/alpine3.21/docker-entrypoint.sh b/13/alpine3.21/docker-entrypoint.sh
index d09b5388a0..ae40666ca1 100755
--- a/13/alpine3.21/docker-entrypoint.sh
+++ b/13/alpine3.21/docker-entrypoint.sh
@@ -269,6 +269,9 @@ docker_temp_server_start() {
# does not listen on external TCP/IP and waits until start finishes
set -- "$@" -c listen_addresses='' -p "${PGPORT:-5432}"
+ # unset NOTIFY_SOCKET so the temporary server doesn't prematurely notify
+ # any process supervisor.
+ NOTIFY_SOCKET= \
PGUSER="${PGUSER:-$POSTGRES_USER}" \
pg_ctl -D "$PGDATA" \
-o "$(printf '%q ' "$@")" \
diff --git a/13/bookworm/docker-entrypoint.sh b/13/bookworm/docker-entrypoint.sh
index d09b5388a0..ae40666ca1 100755
--- a/13/bookworm/docker-entrypoint.sh
+++ b/13/bookworm/docker-entrypoint.sh
@@ -269,6 +269,9 @@ docker_temp_server_start() {
# does not listen on external TCP/IP and waits until start finishes
set -- "$@" -c listen_addresses='' -p "${PGPORT:-5432}"
+ # unset NOTIFY_SOCKET so the temporary server doesn't prematurely notify
+ # any process supervisor.
+ NOTIFY_SOCKET= \
PGUSER="${PGUSER:-$POSTGRES_USER}" \
pg_ctl -D "$PGDATA" \
-o "$(printf '%q ' "$@")" \
diff --git a/13/bullseye/docker-entrypoint.sh b/13/bullseye/docker-entrypoint.sh
index d09b5388a0..ae40666ca1 100755
--- a/13/bullseye/docker-entrypoint.sh
+++ b/13/bullseye/docker-entrypoint.sh
@@ -269,6 +269,9 @@ docker_temp_server_start() {
# does not listen on external TCP/IP and waits until start finishes
set -- "$@" -c listen_addresses='' -p "${PGPORT:-5432}"
+ # unset NOTIFY_SOCKET so the temporary server doesn't prematurely notify
+ # any process supervisor.
+ NOTIFY_SOCKET= \
PGUSER="${PGUSER:-$POSTGRES_USER}" \
pg_ctl -D "$PGDATA" \
-o "$(printf '%q ' "$@")" \
diff --git a/14/alpine3.20/docker-entrypoint.sh b/14/alpine3.20/docker-entrypoint.sh
index d09b5388a0..ae40666ca1 100755
--- a/14/alpine3.20/docker-entrypoint.sh
+++ b/14/alpine3.20/docker-entrypoint.sh
@@ -269,6 +269,9 @@ docker_temp_server_start() {
# does not listen on external TCP/IP and waits until start finishes
set -- "$@" -c listen_addresses='' -p "${PGPORT:-5432}"
+ # unset NOTIFY_SOCKET so the temporary server doesn't prematurely notify
+ # any process supervisor.
+ NOTIFY_SOCKET= \
PGUSER="${PGUSER:-$POSTGRES_USER}" \
pg_ctl -D "$PGDATA" \
-o "$(printf '%q ' "$@")" \
diff --git a/14/alpine3.21/docker-entrypoint.sh b/14/alpine3.21/docker-entrypoint.sh
index d09b5388a0..ae40666ca1 100755
--- a/14/alpine3.21/docker-entrypoint.sh
+++ b/14/alpine3.21/docker-entrypoint.sh
@@ -269,6 +269,9 @@ docker_temp_server_start() {
# does not listen on external TCP/IP and waits until start finishes
set -- "$@" -c listen_addresses='' -p "${PGPORT:-5432}"
+ # unset NOTIFY_SOCKET so the temporary server doesn't prematurely notify
+ # any process supervisor.
+ NOTIFY_SOCKET= \
PGUSER="${PGUSER:-$POSTGRES_USER}" \
pg_ctl -D "$PGDATA" \
-o "$(printf '%q ' "$@")" \
diff --git a/14/bookworm/docker-entrypoint.sh b/14/bookworm/docker-entrypoint.sh
index d09b5388a0..ae40666ca1 100755
--- a/14/bookworm/docker-entrypoint.sh
+++ b/14/bookworm/docker-entrypoint.sh
@@ -269,6 +269,9 @@ docker_temp_server_start() {
# does not listen on external TCP/IP and waits until start finishes
set -- "$@" -c listen_addresses='' -p "${PGPORT:-5432}"
+ # unset NOTIFY_SOCKET so the temporary server doesn't prematurely notify
+ # any process supervisor.
+ NOTIFY_SOCKET= \
PGUSER="${PGUSER:-$POSTGRES_USER}" \
pg_ctl -D "$PGDATA" \
-o "$(printf '%q ' "$@")" \
diff --git a/14/bullseye/docker-entrypoint.sh b/14/bullseye/docker-entrypoint.sh
index d09b5388a0..ae40666ca1 100755
--- a/14/bullseye/docker-entrypoint.sh
+++ b/14/bullseye/docker-entrypoint.sh
@@ -269,6 +269,9 @@ docker_temp_server_start() {
# does not listen on external TCP/IP and waits until start finishes
set -- "$@" -c listen_addresses='' -p "${PGPORT:-5432}"
+ # unset NOTIFY_SOCKET so the temporary server doesn't prematurely notify
+ # any process supervisor.
+ NOTIFY_SOCKET= \
PGUSER="${PGUSER:-$POSTGRES_USER}" \
pg_ctl -D "$PGDATA" \
-o "$(printf '%q ' "$@")" \
diff --git a/15/alpine3.20/docker-entrypoint.sh b/15/alpine3.20/docker-entrypoint.sh
index d09b5388a0..ae40666ca1 100755
--- a/15/alpine3.20/docker-entrypoint.sh
+++ b/15/alpine3.20/docker-entrypoint.sh
@@ -269,6 +269,9 @@ docker_temp_server_start() {
# does not listen on external TCP/IP and waits until start finishes
set -- "$@" -c listen_addresses='' -p "${PGPORT:-5432}"
+ # unset NOTIFY_SOCKET so the temporary server doesn't prematurely notify
+ # any process supervisor.
+ NOTIFY_SOCKET= \
PGUSER="${PGUSER:-$POSTGRES_USER}" \
pg_ctl -D "$PGDATA" \
-o "$(printf '%q ' "$@")" \
diff --git a/15/alpine3.21/docker-entrypoint.sh b/15/alpine3.21/docker-entrypoint.sh
index d09b5388a0..ae40666ca1 100755
--- a/15/alpine3.21/docker-entrypoint.sh
+++ b/15/alpine3.21/docker-entrypoint.sh
@@ -269,6 +269,9 @@ docker_temp_server_start() {
# does not listen on external TCP/IP and waits until start finishes
set -- "$@" -c listen_addresses='' -p "${PGPORT:-5432}"
+ # unset NOTIFY_SOCKET so the temporary server doesn't prematurely notify
+ # any process supervisor.
+ NOTIFY_SOCKET= \
PGUSER="${PGUSER:-$POSTGRES_USER}" \
pg_ctl -D "$PGDATA" \
-o "$(printf '%q ' "$@")" \
diff --git a/15/bookworm/docker-entrypoint.sh b/15/bookworm/docker-entrypoint.sh
index d09b5388a0..ae40666ca1 100755
--- a/15/bookworm/docker-entrypoint.sh
+++ b/15/bookworm/docker-entrypoint.sh
@@ -269,6 +269,9 @@ docker_temp_server_start() {
# does not listen on external TCP/IP and waits until start finishes
set -- "$@" -c listen_addresses='' -p "${PGPORT:-5432}"
+ # unset NOTIFY_SOCKET so the temporary server doesn't prematurely notify
+ # any process supervisor.
+ NOTIFY_SOCKET= \
PGUSER="${PGUSER:-$POSTGRES_USER}" \
pg_ctl -D "$PGDATA" \
-o "$(printf '%q ' "$@")" \
diff --git a/15/bullseye/docker-entrypoint.sh b/15/bullseye/docker-entrypoint.sh
index d09b5388a0..ae40666ca1 100755
--- a/15/bullseye/docker-entrypoint.sh
+++ b/15/bullseye/docker-entrypoint.sh
@@ -269,6 +269,9 @@ docker_temp_server_start() {
# does not listen on external TCP/IP and waits until start finishes
set -- "$@" -c listen_addresses='' -p "${PGPORT:-5432}"
+ # unset NOTIFY_SOCKET so the temporary server doesn't prematurely notify
+ # any process supervisor.
+ NOTIFY_SOCKET= \
PGUSER="${PGUSER:-$POSTGRES_USER}" \
pg_ctl -D "$PGDATA" \
-o "$(printf '%q ' "$@")" \
diff --git a/16/alpine3.20/docker-entrypoint.sh b/16/alpine3.20/docker-entrypoint.sh
index d09b5388a0..ae40666ca1 100755
--- a/16/alpine3.20/docker-entrypoint.sh
+++ b/16/alpine3.20/docker-entrypoint.sh
@@ -269,6 +269,9 @@ docker_temp_server_start() {
# does not listen on external TCP/IP and waits until start finishes
set -- "$@" -c listen_addresses='' -p "${PGPORT:-5432}"
+ # unset NOTIFY_SOCKET so the temporary server doesn't prematurely notify
+ # any process supervisor.
+ NOTIFY_SOCKET= \
PGUSER="${PGUSER:-$POSTGRES_USER}" \
pg_ctl -D "$PGDATA" \
-o "$(printf '%q ' "$@")" \
diff --git a/16/alpine3.21/docker-entrypoint.sh b/16/alpine3.21/docker-entrypoint.sh
index d09b5388a0..ae40666ca1 100755
--- a/16/alpine3.21/docker-entrypoint.sh
+++ b/16/alpine3.21/docker-entrypoint.sh
@@ -269,6 +269,9 @@ docker_temp_server_start() {
# does not listen on external TCP/IP and waits until start finishes
set -- "$@" -c listen_addresses='' -p "${PGPORT:-5432}"
+ # unset NOTIFY_SOCKET so the temporary server doesn't prematurely notify
+ # any process supervisor.
+ NOTIFY_SOCKET= \
PGUSER="${PGUSER:-$POSTGRES_USER}" \
pg_ctl -D "$PGDATA" \
-o "$(printf '%q ' "$@")" \
diff --git a/16/bookworm/docker-entrypoint.sh b/16/bookworm/docker-entrypoint.sh
index d09b5388a0..ae40666ca1 100755
--- a/16/bookworm/docker-entrypoint.sh
+++ b/16/bookworm/docker-entrypoint.sh
@@ -269,6 +269,9 @@ docker_temp_server_start() {
# does not listen on external TCP/IP and waits until start finishes
set -- "$@" -c listen_addresses='' -p "${PGPORT:-5432}"
+ # unset NOTIFY_SOCKET so the temporary server doesn't prematurely notify
+ # any process supervisor.
+ NOTIFY_SOCKET= \
PGUSER="${PGUSER:-$POSTGRES_USER}" \
pg_ctl -D "$PGDATA" \
-o "$(printf '%q ' "$@")" \
diff --git a/16/bullseye/docker-entrypoint.sh b/16/bullseye/docker-entrypoint.sh
index d09b5388a0..ae40666ca1 100755
--- a/16/bullseye/docker-entrypoint.sh
+++ b/16/bullseye/docker-entrypoint.sh
@@ -269,6 +269,9 @@ docker_temp_server_start() {
# does not listen on external TCP/IP and waits until start finishes
set -- "$@" -c listen_addresses='' -p "${PGPORT:-5432}"
+ # unset NOTIFY_SOCKET so the temporary server doesn't prematurely notify
+ # any process supervisor.
+ NOTIFY_SOCKET= \
PGUSER="${PGUSER:-$POSTGRES_USER}" \
pg_ctl -D "$PGDATA" \
-o "$(printf '%q ' "$@")" \
diff --git a/17/alpine3.20/docker-entrypoint.sh b/17/alpine3.20/docker-entrypoint.sh
index d09b5388a0..ae40666ca1 100755
--- a/17/alpine3.20/docker-entrypoint.sh
+++ b/17/alpine3.20/docker-entrypoint.sh
@@ -269,6 +269,9 @@ docker_temp_server_start() {
# does not listen on external TCP/IP and waits until start finishes
set -- "$@" -c listen_addresses='' -p "${PGPORT:-5432}"
+ # unset NOTIFY_SOCKET so the temporary server doesn't prematurely notify
+ # any process supervisor.
+ NOTIFY_SOCKET= \
PGUSER="${PGUSER:-$POSTGRES_USER}" \
pg_ctl -D "$PGDATA" \
-o "$(printf '%q ' "$@")" \
diff --git a/17/alpine3.21/docker-entrypoint.sh b/17/alpine3.21/docker-entrypoint.sh
index d09b5388a0..ae40666ca1 100755
--- a/17/alpine3.21/docker-entrypoint.sh
+++ b/17/alpine3.21/docker-entrypoint.sh
@@ -269,6 +269,9 @@ docker_temp_server_start() {
# does not listen on external TCP/IP and waits until start finishes
set -- "$@" -c listen_addresses='' -p "${PGPORT:-5432}"
+ # unset NOTIFY_SOCKET so the temporary server doesn't prematurely notify
+ # any process supervisor.
+ NOTIFY_SOCKET= \
PGUSER="${PGUSER:-$POSTGRES_USER}" \
pg_ctl -D "$PGDATA" \
-o "$(printf '%q ' "$@")" \
diff --git a/17/bookworm/docker-entrypoint.sh b/17/bookworm/docker-entrypoint.sh
index d09b5388a0..ae40666ca1 100755
--- a/17/bookworm/docker-entrypoint.sh
+++ b/17/bookworm/docker-entrypoint.sh
@@ -269,6 +269,9 @@ docker_temp_server_start() {
# does not listen on external TCP/IP and waits until start finishes
set -- "$@" -c listen_addresses='' -p "${PGPORT:-5432}"
+ # unset NOTIFY_SOCKET so the temporary server doesn't prematurely notify
+ # any process supervisor.
+ NOTIFY_SOCKET= \
PGUSER="${PGUSER:-$POSTGRES_USER}" \
pg_ctl -D "$PGDATA" \
-o "$(printf '%q ' "$@")" \
diff --git a/17/bullseye/docker-entrypoint.sh b/17/bullseye/docker-entrypoint.sh
index d09b5388a0..ae40666ca1 100755
--- a/17/bullseye/docker-entrypoint.sh
+++ b/17/bullseye/docker-entrypoint.sh
@@ -269,6 +269,9 @@ docker_temp_server_start() {
# does not listen on external TCP/IP and waits until start finishes
set -- "$@" -c listen_addresses='' -p "${PGPORT:-5432}"
+ # unset NOTIFY_SOCKET so the temporary server doesn't prematurely notify
+ # any process supervisor.
+ NOTIFY_SOCKET= \
PGUSER="${PGUSER:-$POSTGRES_USER}" \
pg_ctl -D "$PGDATA" \
-o "$(printf '%q ' "$@")" \
diff --git a/docker-entrypoint.sh b/docker-entrypoint.sh
index d09b5388a0..ae40666ca1 100755
--- a/docker-entrypoint.sh
+++ b/docker-entrypoint.sh
@@ -269,6 +269,9 @@ docker_temp_server_start() {
# does not listen on external TCP/IP and waits until start finishes
set -- "$@" -c listen_addresses='' -p "${PGPORT:-5432}"
+ # unset NOTIFY_SOCKET so the temporary server doesn't prematurely notify
+ # any process supervisor.
+ NOTIFY_SOCKET= \
PGUSER="${PGUSER:-$POSTGRES_USER}" \
pg_ctl -D "$PGDATA" \
-o "$(printf '%q ' "$@")" \
From 266748257c85f28eb01a276e84860013ade2eb14 Mon Sep 17 00:00:00 2001
From: Tianon Gravi <admwiggin@gmail.com>
Date: Thu, 8 May 2025 10:29:08 -0700
Subject: [PATCH 109/115] Update to 17.5, 16.9, 15.13, 14.18, 13.21
---
13/alpine3.20/Dockerfile | 4 +--
13/alpine3.21/Dockerfile | 4 +--
13/bookworm/Dockerfile | 4 +--
13/bullseye/Dockerfile | 4 +--
14/alpine3.20/Dockerfile | 4 +--
14/alpine3.21/Dockerfile | 4 +--
14/bookworm/Dockerfile | 4 +--
14/bullseye/Dockerfile | 4 +--
15/alpine3.20/Dockerfile | 4 +--
15/alpine3.21/Dockerfile | 4 +--
15/bookworm/Dockerfile | 4 +--
15/bullseye/Dockerfile | 4 +--
16/alpine3.20/Dockerfile | 4 +--
16/alpine3.21/Dockerfile | 4 +--
16/bookworm/Dockerfile | 4 +--
16/bullseye/Dockerfile | 4 +--
17/alpine3.20/Dockerfile | 4 +--
17/alpine3.21/Dockerfile | 4 +--
17/bookworm/Dockerfile | 4 +--
17/bullseye/Dockerfile | 4 +--
versions.json | 70 +++++++++++++++++-----------------------
21 files changed, 70 insertions(+), 80 deletions(-)
diff --git a/13/alpine3.20/Dockerfile b/13/alpine3.20/Dockerfile
index 6b90306dfa..5dcd03a1be 100644
--- a/13/alpine3.20/Dockerfile
+++ b/13/alpine3.20/Dockerfile
@@ -53,8 +53,8 @@ ENV LANG en_US.utf8
RUN mkdir /docker-entrypoint-initdb.d
ENV PG_MAJOR 13
-ENV PG_VERSION 13.20
-ENV PG_SHA256 8134b685724d15e60d93bea206fbe0f14c8295e84f1cc91d5a3928163e4fb288
+ENV PG_VERSION 13.21
+ENV PG_SHA256 dcda1294df45f033b0656cf7a8e4afbbc624c25e1b144aec79530f74d7ef4ab4
ENV DOCKER_PG_LLVM_DEPS \
llvm15-dev \
diff --git a/13/alpine3.21/Dockerfile b/13/alpine3.21/Dockerfile
index c2fd2016b6..7746d671cd 100644
--- a/13/alpine3.21/Dockerfile
+++ b/13/alpine3.21/Dockerfile
@@ -53,8 +53,8 @@ ENV LANG en_US.utf8
RUN mkdir /docker-entrypoint-initdb.d
ENV PG_MAJOR 13
-ENV PG_VERSION 13.20
-ENV PG_SHA256 8134b685724d15e60d93bea206fbe0f14c8295e84f1cc91d5a3928163e4fb288
+ENV PG_VERSION 13.21
+ENV PG_SHA256 dcda1294df45f033b0656cf7a8e4afbbc624c25e1b144aec79530f74d7ef4ab4
ENV DOCKER_PG_LLVM_DEPS \
llvm19-dev \
diff --git a/13/bookworm/Dockerfile b/13/bookworm/Dockerfile
index e19c54c943..3dd050a432 100644
--- a/13/bookworm/Dockerfile
+++ b/13/bookworm/Dockerfile
@@ -89,7 +89,7 @@ RUN set -ex; \
ENV PG_MAJOR 13
ENV PATH $PATH:/usr/lib/postgresql/$PG_MAJOR/bin
-ENV PG_VERSION 13.20-1.pgdg120+1
+ENV PG_VERSION 13.21-1.pgdg120+1
RUN set -ex; \
\
@@ -99,7 +99,7 @@ RUN set -ex; \
dpkgArch="$(dpkg --print-architecture)"; \
aptRepo="[ signed-by=/usr/local/share/keyrings/postgres.gpg.asc ] http://apt.postgresql.org/pub/repos/apt/ bookworm-pgdg main $PG_MAJOR"; \
case "$dpkgArch" in \
- amd64 | arm64 | ppc64el | s390x) \
+ amd64 | arm64 | ppc64el) \
# arches officialy built by upstream
echo "deb $aptRepo" > /etc/apt/sources.list.d/pgdg.list; \
apt-get update; \
diff --git a/13/bullseye/Dockerfile b/13/bullseye/Dockerfile
index fa5bce3769..990363d494 100644
--- a/13/bullseye/Dockerfile
+++ b/13/bullseye/Dockerfile
@@ -89,7 +89,7 @@ RUN set -ex; \
ENV PG_MAJOR 13
ENV PATH $PATH:/usr/lib/postgresql/$PG_MAJOR/bin
-ENV PG_VERSION 13.20-1.pgdg110+1
+ENV PG_VERSION 13.21-1.pgdg110+1
RUN set -ex; \
\
@@ -99,7 +99,7 @@ RUN set -ex; \
dpkgArch="$(dpkg --print-architecture)"; \
aptRepo="[ signed-by=/usr/local/share/keyrings/postgres.gpg.asc ] http://apt.postgresql.org/pub/repos/apt/ bullseye-pgdg main $PG_MAJOR"; \
case "$dpkgArch" in \
- amd64 | arm64 | ppc64el | s390x) \
+ amd64 | arm64 | ppc64el) \
# arches officialy built by upstream
echo "deb $aptRepo" > /etc/apt/sources.list.d/pgdg.list; \
apt-get update; \
diff --git a/14/alpine3.20/Dockerfile b/14/alpine3.20/Dockerfile
index 7a97933e5e..03bf8cc8a7 100644
--- a/14/alpine3.20/Dockerfile
+++ b/14/alpine3.20/Dockerfile
@@ -53,8 +53,8 @@ ENV LANG en_US.utf8
RUN mkdir /docker-entrypoint-initdb.d
ENV PG_MAJOR 14
-ENV PG_VERSION 14.17
-ENV PG_SHA256 6ce0ccd6403bf7f0f2eddd333e2ee9ba02edfa977c66660ed9b4b1057e7630a1
+ENV PG_VERSION 14.18
+ENV PG_SHA256 83ab29d6bfc3dc58b2ed3c664114fdfbeb6a0450c4b8d7fa69aee91e3ca14f8e
ENV DOCKER_PG_LLVM_DEPS \
llvm15-dev \
diff --git a/14/alpine3.21/Dockerfile b/14/alpine3.21/Dockerfile
index e6eaec1609..cdc9717825 100644
--- a/14/alpine3.21/Dockerfile
+++ b/14/alpine3.21/Dockerfile
@@ -53,8 +53,8 @@ ENV LANG en_US.utf8
RUN mkdir /docker-entrypoint-initdb.d
ENV PG_MAJOR 14
-ENV PG_VERSION 14.17
-ENV PG_SHA256 6ce0ccd6403bf7f0f2eddd333e2ee9ba02edfa977c66660ed9b4b1057e7630a1
+ENV PG_VERSION 14.18
+ENV PG_SHA256 83ab29d6bfc3dc58b2ed3c664114fdfbeb6a0450c4b8d7fa69aee91e3ca14f8e
ENV DOCKER_PG_LLVM_DEPS \
llvm19-dev \
diff --git a/14/bookworm/Dockerfile b/14/bookworm/Dockerfile
index e97bad7808..701a02cccd 100644
--- a/14/bookworm/Dockerfile
+++ b/14/bookworm/Dockerfile
@@ -89,7 +89,7 @@ RUN set -ex; \
ENV PG_MAJOR 14
ENV PATH $PATH:/usr/lib/postgresql/$PG_MAJOR/bin
-ENV PG_VERSION 14.17-1.pgdg120+1
+ENV PG_VERSION 14.18-1.pgdg120+1
RUN set -ex; \
\
@@ -99,7 +99,7 @@ RUN set -ex; \
dpkgArch="$(dpkg --print-architecture)"; \
aptRepo="[ signed-by=/usr/local/share/keyrings/postgres.gpg.asc ] http://apt.postgresql.org/pub/repos/apt/ bookworm-pgdg main $PG_MAJOR"; \
case "$dpkgArch" in \
- amd64 | arm64 | ppc64el | s390x) \
+ amd64 | arm64 | ppc64el) \
# arches officialy built by upstream
echo "deb $aptRepo" > /etc/apt/sources.list.d/pgdg.list; \
apt-get update; \
diff --git a/14/bullseye/Dockerfile b/14/bullseye/Dockerfile
index b85e3deefd..004e6777cd 100644
--- a/14/bullseye/Dockerfile
+++ b/14/bullseye/Dockerfile
@@ -89,7 +89,7 @@ RUN set -ex; \
ENV PG_MAJOR 14
ENV PATH $PATH:/usr/lib/postgresql/$PG_MAJOR/bin
-ENV PG_VERSION 14.17-1.pgdg110+1
+ENV PG_VERSION 14.18-1.pgdg110+1
RUN set -ex; \
\
@@ -99,7 +99,7 @@ RUN set -ex; \
dpkgArch="$(dpkg --print-architecture)"; \
aptRepo="[ signed-by=/usr/local/share/keyrings/postgres.gpg.asc ] http://apt.postgresql.org/pub/repos/apt/ bullseye-pgdg main $PG_MAJOR"; \
case "$dpkgArch" in \
- amd64 | arm64 | ppc64el | s390x) \
+ amd64 | arm64 | ppc64el) \
# arches officialy built by upstream
echo "deb $aptRepo" > /etc/apt/sources.list.d/pgdg.list; \
apt-get update; \
diff --git a/15/alpine3.20/Dockerfile b/15/alpine3.20/Dockerfile
index 1142617c31..27aa060714 100644
--- a/15/alpine3.20/Dockerfile
+++ b/15/alpine3.20/Dockerfile
@@ -53,8 +53,8 @@ ENV LANG en_US.utf8
RUN mkdir /docker-entrypoint-initdb.d
ENV PG_MAJOR 15
-ENV PG_VERSION 15.12
-ENV PG_SHA256 3bc8462a38ca0857270cc88b949a3f6659f0d5c44c029c482355835b61a0f6f7
+ENV PG_VERSION 15.13
+ENV PG_SHA256 4f62e133d22ea08a0401b0840920e26698644d01a80c34341fb732dd0a90ca5d
ENV DOCKER_PG_LLVM_DEPS \
llvm15-dev \
diff --git a/15/alpine3.21/Dockerfile b/15/alpine3.21/Dockerfile
index 48fedb00fa..546793ba15 100644
--- a/15/alpine3.21/Dockerfile
+++ b/15/alpine3.21/Dockerfile
@@ -53,8 +53,8 @@ ENV LANG en_US.utf8
RUN mkdir /docker-entrypoint-initdb.d
ENV PG_MAJOR 15
-ENV PG_VERSION 15.12
-ENV PG_SHA256 3bc8462a38ca0857270cc88b949a3f6659f0d5c44c029c482355835b61a0f6f7
+ENV PG_VERSION 15.13
+ENV PG_SHA256 4f62e133d22ea08a0401b0840920e26698644d01a80c34341fb732dd0a90ca5d
ENV DOCKER_PG_LLVM_DEPS \
llvm19-dev \
diff --git a/15/bookworm/Dockerfile b/15/bookworm/Dockerfile
index dcad9299c0..953f19a827 100644
--- a/15/bookworm/Dockerfile
+++ b/15/bookworm/Dockerfile
@@ -89,7 +89,7 @@ RUN set -ex; \
ENV PG_MAJOR 15
ENV PATH $PATH:/usr/lib/postgresql/$PG_MAJOR/bin
-ENV PG_VERSION 15.12-1.pgdg120+1
+ENV PG_VERSION 15.13-1.pgdg120+1
RUN set -ex; \
\
@@ -99,7 +99,7 @@ RUN set -ex; \
dpkgArch="$(dpkg --print-architecture)"; \
aptRepo="[ signed-by=/usr/local/share/keyrings/postgres.gpg.asc ] http://apt.postgresql.org/pub/repos/apt/ bookworm-pgdg main $PG_MAJOR"; \
case "$dpkgArch" in \
- amd64 | arm64 | ppc64el | s390x) \
+ amd64 | arm64 | ppc64el) \
# arches officialy built by upstream
echo "deb $aptRepo" > /etc/apt/sources.list.d/pgdg.list; \
apt-get update; \
diff --git a/15/bullseye/Dockerfile b/15/bullseye/Dockerfile
index df8ca09ff9..af49faecc7 100644
--- a/15/bullseye/Dockerfile
+++ b/15/bullseye/Dockerfile
@@ -89,7 +89,7 @@ RUN set -ex; \
ENV PG_MAJOR 15
ENV PATH $PATH:/usr/lib/postgresql/$PG_MAJOR/bin
-ENV PG_VERSION 15.12-1.pgdg110+1
+ENV PG_VERSION 15.13-1.pgdg110+1
RUN set -ex; \
\
@@ -99,7 +99,7 @@ RUN set -ex; \
dpkgArch="$(dpkg --print-architecture)"; \
aptRepo="[ signed-by=/usr/local/share/keyrings/postgres.gpg.asc ] http://apt.postgresql.org/pub/repos/apt/ bullseye-pgdg main $PG_MAJOR"; \
case "$dpkgArch" in \
- amd64 | arm64 | ppc64el | s390x) \
+ amd64 | arm64 | ppc64el) \
# arches officialy built by upstream
echo "deb $aptRepo" > /etc/apt/sources.list.d/pgdg.list; \
apt-get update; \
diff --git a/16/alpine3.20/Dockerfile b/16/alpine3.20/Dockerfile
index f4a8eee4c6..8ceefb8fa2 100644
--- a/16/alpine3.20/Dockerfile
+++ b/16/alpine3.20/Dockerfile
@@ -53,8 +53,8 @@ ENV LANG en_US.utf8
RUN mkdir /docker-entrypoint-initdb.d
ENV PG_MAJOR 16
-ENV PG_VERSION 16.8
-ENV PG_SHA256 9468083a56ce0ee7d294601b74dad3dd9fc69d87aff61f0a9fb63c813ff7efd8
+ENV PG_VERSION 16.9
+ENV PG_SHA256 07c00fb824df0a0c295f249f44691b86e3266753b380c96f633c3311e10bd005
ENV DOCKER_PG_LLVM_DEPS \
llvm15-dev \
diff --git a/16/alpine3.21/Dockerfile b/16/alpine3.21/Dockerfile
index 2e4b935085..de809004ef 100644
--- a/16/alpine3.21/Dockerfile
+++ b/16/alpine3.21/Dockerfile
@@ -53,8 +53,8 @@ ENV LANG en_US.utf8
RUN mkdir /docker-entrypoint-initdb.d
ENV PG_MAJOR 16
-ENV PG_VERSION 16.8
-ENV PG_SHA256 9468083a56ce0ee7d294601b74dad3dd9fc69d87aff61f0a9fb63c813ff7efd8
+ENV PG_VERSION 16.9
+ENV PG_SHA256 07c00fb824df0a0c295f249f44691b86e3266753b380c96f633c3311e10bd005
ENV DOCKER_PG_LLVM_DEPS \
llvm19-dev \
diff --git a/16/bookworm/Dockerfile b/16/bookworm/Dockerfile
index c732ed0fdc..57ce9f7b06 100644
--- a/16/bookworm/Dockerfile
+++ b/16/bookworm/Dockerfile
@@ -89,7 +89,7 @@ RUN set -ex; \
ENV PG_MAJOR 16
ENV PATH $PATH:/usr/lib/postgresql/$PG_MAJOR/bin
-ENV PG_VERSION 16.8-1.pgdg120+1
+ENV PG_VERSION 16.9-1.pgdg120+1
RUN set -ex; \
\
@@ -99,7 +99,7 @@ RUN set -ex; \
dpkgArch="$(dpkg --print-architecture)"; \
aptRepo="[ signed-by=/usr/local/share/keyrings/postgres.gpg.asc ] http://apt.postgresql.org/pub/repos/apt/ bookworm-pgdg main $PG_MAJOR"; \
case "$dpkgArch" in \
- amd64 | arm64 | ppc64el | s390x) \
+ amd64 | arm64 | ppc64el) \
# arches officialy built by upstream
echo "deb $aptRepo" > /etc/apt/sources.list.d/pgdg.list; \
apt-get update; \
diff --git a/16/bullseye/Dockerfile b/16/bullseye/Dockerfile
index ed5027458f..54f864c29e 100644
--- a/16/bullseye/Dockerfile
+++ b/16/bullseye/Dockerfile
@@ -89,7 +89,7 @@ RUN set -ex; \
ENV PG_MAJOR 16
ENV PATH $PATH:/usr/lib/postgresql/$PG_MAJOR/bin
-ENV PG_VERSION 16.8-1.pgdg110+1
+ENV PG_VERSION 16.9-1.pgdg110+1
RUN set -ex; \
\
@@ -99,7 +99,7 @@ RUN set -ex; \
dpkgArch="$(dpkg --print-architecture)"; \
aptRepo="[ signed-by=/usr/local/share/keyrings/postgres.gpg.asc ] http://apt.postgresql.org/pub/repos/apt/ bullseye-pgdg main $PG_MAJOR"; \
case "$dpkgArch" in \
- amd64 | arm64 | ppc64el | s390x) \
+ amd64 | arm64 | ppc64el) \
# arches officialy built by upstream
echo "deb $aptRepo" > /etc/apt/sources.list.d/pgdg.list; \
apt-get update; \
diff --git a/17/alpine3.20/Dockerfile b/17/alpine3.20/Dockerfile
index 2db848ef04..5919ddee6d 100644
--- a/17/alpine3.20/Dockerfile
+++ b/17/alpine3.20/Dockerfile
@@ -52,8 +52,8 @@ ENV LANG en_US.utf8
RUN mkdir /docker-entrypoint-initdb.d
ENV PG_MAJOR 17
-ENV PG_VERSION 17.4
-ENV PG_SHA256 c4605b73fea11963406699f949b966e5d173a7ee0ccaef8938dec0ca8a995fe7
+ENV PG_VERSION 17.5
+ENV PG_SHA256 fcb7ab38e23b264d1902cb25e6adafb4525a6ebcbd015434aeef9eda80f528d8
ENV DOCKER_PG_LLVM_DEPS \
llvm15-dev \
diff --git a/17/alpine3.21/Dockerfile b/17/alpine3.21/Dockerfile
index 1b9d0ee2c6..cda67cffa5 100644
--- a/17/alpine3.21/Dockerfile
+++ b/17/alpine3.21/Dockerfile
@@ -52,8 +52,8 @@ ENV LANG en_US.utf8
RUN mkdir /docker-entrypoint-initdb.d
ENV PG_MAJOR 17
-ENV PG_VERSION 17.4
-ENV PG_SHA256 c4605b73fea11963406699f949b966e5d173a7ee0ccaef8938dec0ca8a995fe7
+ENV PG_VERSION 17.5
+ENV PG_SHA256 fcb7ab38e23b264d1902cb25e6adafb4525a6ebcbd015434aeef9eda80f528d8
ENV DOCKER_PG_LLVM_DEPS \
llvm19-dev \
diff --git a/17/bookworm/Dockerfile b/17/bookworm/Dockerfile
index fbc15ef4c3..eca1c04f03 100644
--- a/17/bookworm/Dockerfile
+++ b/17/bookworm/Dockerfile
@@ -89,7 +89,7 @@ RUN set -ex; \
ENV PG_MAJOR 17
ENV PATH $PATH:/usr/lib/postgresql/$PG_MAJOR/bin
-ENV PG_VERSION 17.4-1.pgdg120+2
+ENV PG_VERSION 17.5-1.pgdg120+1
RUN set -ex; \
\
@@ -99,7 +99,7 @@ RUN set -ex; \
dpkgArch="$(dpkg --print-architecture)"; \
aptRepo="[ signed-by=/usr/local/share/keyrings/postgres.gpg.asc ] http://apt.postgresql.org/pub/repos/apt/ bookworm-pgdg main $PG_MAJOR"; \
case "$dpkgArch" in \
- amd64 | arm64 | ppc64el | s390x) \
+ amd64 | arm64 | ppc64el) \
# arches officialy built by upstream
echo "deb $aptRepo" > /etc/apt/sources.list.d/pgdg.list; \
apt-get update; \
diff --git a/17/bullseye/Dockerfile b/17/bullseye/Dockerfile
index 263bb9f1c3..90b92bba46 100644
--- a/17/bullseye/Dockerfile
+++ b/17/bullseye/Dockerfile
@@ -89,7 +89,7 @@ RUN set -ex; \
ENV PG_MAJOR 17
ENV PATH $PATH:/usr/lib/postgresql/$PG_MAJOR/bin
-ENV PG_VERSION 17.4-1.pgdg110+2
+ENV PG_VERSION 17.5-1.pgdg110+1
RUN set -ex; \
\
@@ -99,7 +99,7 @@ RUN set -ex; \
dpkgArch="$(dpkg --print-architecture)"; \
aptRepo="[ signed-by=/usr/local/share/keyrings/postgres.gpg.asc ] http://apt.postgresql.org/pub/repos/apt/ bullseye-pgdg main $PG_MAJOR"; \
case "$dpkgArch" in \
- amd64 | arm64 | ppc64el | s390x) \
+ amd64 | arm64 | ppc64el) \
# arches officialy built by upstream
echo "deb $aptRepo" > /etc/apt/sources.list.d/pgdg.list; \
apt-get update; \
diff --git a/versions.json b/versions.json
index 973ebfc225..0c4bfb0d20 100644
--- a/versions.json
+++ b/versions.json
@@ -5,30 +5,28 @@
"arches": [
"amd64",
"arm64",
- "ppc64el",
- "s390x"
+ "ppc64el"
],
- "version": "13.20-1.pgdg120+1"
+ "version": "13.21-1.pgdg120+1"
},
"bullseye": {
"arches": [
"amd64",
"arm64",
- "ppc64el",
- "s390x"
+ "ppc64el"
],
- "version": "13.20-1.pgdg110+1"
+ "version": "13.21-1.pgdg110+1"
},
"debian": "bookworm",
"major": 13,
- "sha256": "8134b685724d15e60d93bea206fbe0f14c8295e84f1cc91d5a3928163e4fb288",
+ "sha256": "dcda1294df45f033b0656cf7a8e4afbbc624c25e1b144aec79530f74d7ef4ab4",
"variants": [
"bookworm",
"bullseye",
"alpine3.21",
"alpine3.20"
],
- "version": "13.20"
+ "version": "13.21"
},
"14": {
"alpine": "3.21",
@@ -36,30 +34,28 @@
"arches": [
"amd64",
"arm64",
- "ppc64el",
- "s390x"
+ "ppc64el"
],
- "version": "14.17-1.pgdg120+1"
+ "version": "14.18-1.pgdg120+1"
},
"bullseye": {
"arches": [
"amd64",
"arm64",
- "ppc64el",
- "s390x"
+ "ppc64el"
],
- "version": "14.17-1.pgdg110+1"
+ "version": "14.18-1.pgdg110+1"
},
"debian": "bookworm",
"major": 14,
- "sha256": "6ce0ccd6403bf7f0f2eddd333e2ee9ba02edfa977c66660ed9b4b1057e7630a1",
+ "sha256": "83ab29d6bfc3dc58b2ed3c664114fdfbeb6a0450c4b8d7fa69aee91e3ca14f8e",
"variants": [
"bookworm",
"bullseye",
"alpine3.21",
"alpine3.20"
],
- "version": "14.17"
+ "version": "14.18"
},
"15": {
"alpine": "3.21",
@@ -67,30 +63,28 @@
"arches": [
"amd64",
"arm64",
- "ppc64el",
- "s390x"
+ "ppc64el"
],
- "version": "15.12-1.pgdg120+1"
+ "version": "15.13-1.pgdg120+1"
},
"bullseye": {
"arches": [
"amd64",
"arm64",
- "ppc64el",
- "s390x"
+ "ppc64el"
],
- "version": "15.12-1.pgdg110+1"
+ "version": "15.13-1.pgdg110+1"
},
"debian": "bookworm",
"major": 15,
- "sha256": "3bc8462a38ca0857270cc88b949a3f6659f0d5c44c029c482355835b61a0f6f7",
+ "sha256": "4f62e133d22ea08a0401b0840920e26698644d01a80c34341fb732dd0a90ca5d",
"variants": [
"bookworm",
"bullseye",
"alpine3.21",
"alpine3.20"
],
- "version": "15.12"
+ "version": "15.13"
},
"16": {
"alpine": "3.21",
@@ -98,30 +92,28 @@
"arches": [
"amd64",
"arm64",
- "ppc64el",
- "s390x"
+ "ppc64el"
],
- "version": "16.8-1.pgdg120+1"
+ "version": "16.9-1.pgdg120+1"
},
"bullseye": {
"arches": [
"amd64",
"arm64",
- "ppc64el",
- "s390x"
+ "ppc64el"
],
- "version": "16.8-1.pgdg110+1"
+ "version": "16.9-1.pgdg110+1"
},
"debian": "bookworm",
"major": 16,
- "sha256": "9468083a56ce0ee7d294601b74dad3dd9fc69d87aff61f0a9fb63c813ff7efd8",
+ "sha256": "07c00fb824df0a0c295f249f44691b86e3266753b380c96f633c3311e10bd005",
"variants": [
"bookworm",
"bullseye",
"alpine3.21",
"alpine3.20"
],
- "version": "16.8"
+ "version": "16.9"
},
"17": {
"alpine": "3.21",
@@ -129,29 +121,27 @@
"arches": [
"amd64",
"arm64",
- "ppc64el",
- "s390x"
+ "ppc64el"
],
- "version": "17.4-1.pgdg120+2"
+ "version": "17.5-1.pgdg120+1"
},
"bullseye": {
"arches": [
"amd64",
"arm64",
- "ppc64el",
- "s390x"
+ "ppc64el"
],
- "version": "17.4-1.pgdg110+2"
+ "version": "17.5-1.pgdg110+1"
},
"debian": "bookworm",
"major": 17,
- "sha256": "c4605b73fea11963406699f949b966e5d173a7ee0ccaef8938dec0ca8a995fe7",
+ "sha256": "fcb7ab38e23b264d1902cb25e6adafb4525a6ebcbd015434aeef9eda80f528d8",
"variants": [
"bookworm",
"bullseye",
"alpine3.21",
"alpine3.20"
],
- "version": "17.4"
+ "version": "17.5"
}
}
From b23470265cc9c4bc283a88bf6c5054e3fca87c16 Mon Sep 17 00:00:00 2001
From: Tianon Gravi <admwiggin@gmail.com>
Date: Thu, 8 May 2025 11:32:48 -0700
Subject: [PATCH 110/115] Remove explicit config.guess/config.sub updates
When we added these lines, we needed newer files than PostgreSQL had upstream, but the situation has changed and we were pinned to a specific commit from 2017 - the _oldest_ PostgreSQL release version has a file from 2020.
---
13/alpine3.20/Dockerfile | 3 ---
13/alpine3.21/Dockerfile | 3 ---
14/alpine3.20/Dockerfile | 3 ---
14/alpine3.21/Dockerfile | 3 ---
15/alpine3.20/Dockerfile | 3 ---
15/alpine3.21/Dockerfile | 3 ---
16/alpine3.20/Dockerfile | 3 ---
16/alpine3.21/Dockerfile | 3 ---
17/alpine3.20/Dockerfile | 3 ---
17/alpine3.21/Dockerfile | 3 ---
Dockerfile-alpine.template | 3 ---
11 files changed, 33 deletions(-)
diff --git a/13/alpine3.20/Dockerfile b/13/alpine3.20/Dockerfile
index 5dcd03a1be..a2f5e0918b 100644
--- a/13/alpine3.20/Dockerfile
+++ b/13/alpine3.20/Dockerfile
@@ -108,9 +108,6 @@ RUN set -eux; \
grep '/var/run/postgresql' src/include/pg_config_manual.h.new; \
mv src/include/pg_config_manual.h.new src/include/pg_config_manual.h; \
gnuArch="$(dpkg-architecture --query DEB_BUILD_GNU_TYPE)"; \
-# explicitly update autoconf config.guess and config.sub so they support more arches/libcs
- wget -O config/config.guess 'https://git.savannah.gnu.org/cgit/config.git/plain/config.guess?id=7d3d27baf8107b630586c962c057e22149653deb'; \
- wget -O config/config.sub 'https://git.savannah.gnu.org/cgit/config.git/plain/config.sub?id=7d3d27baf8107b630586c962c057e22149653deb'; \
\
# https://git.alpinelinux.org/aports/tree/community/postgresql15/APKBUILD?h=3.21-stable&id=40544ade947bec1798edb0f749f4e967e842624b#n172
export LLVM_CONFIG="/usr/lib/llvm15/bin/llvm-config"; \
diff --git a/13/alpine3.21/Dockerfile b/13/alpine3.21/Dockerfile
index 7746d671cd..50a47522ad 100644
--- a/13/alpine3.21/Dockerfile
+++ b/13/alpine3.21/Dockerfile
@@ -108,9 +108,6 @@ RUN set -eux; \
grep '/var/run/postgresql' src/include/pg_config_manual.h.new; \
mv src/include/pg_config_manual.h.new src/include/pg_config_manual.h; \
gnuArch="$(dpkg-architecture --query DEB_BUILD_GNU_TYPE)"; \
-# explicitly update autoconf config.guess and config.sub so they support more arches/libcs
- wget -O config/config.guess 'https://git.savannah.gnu.org/cgit/config.git/plain/config.guess?id=7d3d27baf8107b630586c962c057e22149653deb'; \
- wget -O config/config.sub 'https://git.savannah.gnu.org/cgit/config.git/plain/config.sub?id=7d3d27baf8107b630586c962c057e22149653deb'; \
\
# https://git.alpinelinux.org/aports/tree/community/postgresql15/APKBUILD?h=3.21-stable&id=40544ade947bec1798edb0f749f4e967e842624b#n172
export LLVM_CONFIG="/usr/lib/llvm19/bin/llvm-config"; \
diff --git a/14/alpine3.20/Dockerfile b/14/alpine3.20/Dockerfile
index 03bf8cc8a7..9afc070826 100644
--- a/14/alpine3.20/Dockerfile
+++ b/14/alpine3.20/Dockerfile
@@ -110,9 +110,6 @@ RUN set -eux; \
grep '/var/run/postgresql' src/include/pg_config_manual.h.new; \
mv src/include/pg_config_manual.h.new src/include/pg_config_manual.h; \
gnuArch="$(dpkg-architecture --query DEB_BUILD_GNU_TYPE)"; \
-# explicitly update autoconf config.guess and config.sub so they support more arches/libcs
- wget -O config/config.guess 'https://git.savannah.gnu.org/cgit/config.git/plain/config.guess?id=7d3d27baf8107b630586c962c057e22149653deb'; \
- wget -O config/config.sub 'https://git.savannah.gnu.org/cgit/config.git/plain/config.sub?id=7d3d27baf8107b630586c962c057e22149653deb'; \
\
# https://git.alpinelinux.org/aports/tree/community/postgresql15/APKBUILD?h=3.21-stable&id=40544ade947bec1798edb0f749f4e967e842624b#n172
export LLVM_CONFIG="/usr/lib/llvm15/bin/llvm-config"; \
diff --git a/14/alpine3.21/Dockerfile b/14/alpine3.21/Dockerfile
index cdc9717825..82d8aeba6c 100644
--- a/14/alpine3.21/Dockerfile
+++ b/14/alpine3.21/Dockerfile
@@ -110,9 +110,6 @@ RUN set -eux; \
grep '/var/run/postgresql' src/include/pg_config_manual.h.new; \
mv src/include/pg_config_manual.h.new src/include/pg_config_manual.h; \
gnuArch="$(dpkg-architecture --query DEB_BUILD_GNU_TYPE)"; \
-# explicitly update autoconf config.guess and config.sub so they support more arches/libcs
- wget -O config/config.guess 'https://git.savannah.gnu.org/cgit/config.git/plain/config.guess?id=7d3d27baf8107b630586c962c057e22149653deb'; \
- wget -O config/config.sub 'https://git.savannah.gnu.org/cgit/config.git/plain/config.sub?id=7d3d27baf8107b630586c962c057e22149653deb'; \
\
# https://git.alpinelinux.org/aports/tree/community/postgresql15/APKBUILD?h=3.21-stable&id=40544ade947bec1798edb0f749f4e967e842624b#n172
export LLVM_CONFIG="/usr/lib/llvm19/bin/llvm-config"; \
diff --git a/15/alpine3.20/Dockerfile b/15/alpine3.20/Dockerfile
index 27aa060714..9fcb077803 100644
--- a/15/alpine3.20/Dockerfile
+++ b/15/alpine3.20/Dockerfile
@@ -112,9 +112,6 @@ RUN set -eux; \
grep '/var/run/postgresql' src/include/pg_config_manual.h.new; \
mv src/include/pg_config_manual.h.new src/include/pg_config_manual.h; \
gnuArch="$(dpkg-architecture --query DEB_BUILD_GNU_TYPE)"; \
-# explicitly update autoconf config.guess and config.sub so they support more arches/libcs
- wget -O config/config.guess 'https://git.savannah.gnu.org/cgit/config.git/plain/config.guess?id=7d3d27baf8107b630586c962c057e22149653deb'; \
- wget -O config/config.sub 'https://git.savannah.gnu.org/cgit/config.git/plain/config.sub?id=7d3d27baf8107b630586c962c057e22149653deb'; \
\
# https://git.alpinelinux.org/aports/tree/community/postgresql15/APKBUILD?h=3.21-stable&id=40544ade947bec1798edb0f749f4e967e842624b#n172
export LLVM_CONFIG="/usr/lib/llvm15/bin/llvm-config"; \
diff --git a/15/alpine3.21/Dockerfile b/15/alpine3.21/Dockerfile
index 546793ba15..203cab4d45 100644
--- a/15/alpine3.21/Dockerfile
+++ b/15/alpine3.21/Dockerfile
@@ -112,9 +112,6 @@ RUN set -eux; \
grep '/var/run/postgresql' src/include/pg_config_manual.h.new; \
mv src/include/pg_config_manual.h.new src/include/pg_config_manual.h; \
gnuArch="$(dpkg-architecture --query DEB_BUILD_GNU_TYPE)"; \
-# explicitly update autoconf config.guess and config.sub so they support more arches/libcs
- wget -O config/config.guess 'https://git.savannah.gnu.org/cgit/config.git/plain/config.guess?id=7d3d27baf8107b630586c962c057e22149653deb'; \
- wget -O config/config.sub 'https://git.savannah.gnu.org/cgit/config.git/plain/config.sub?id=7d3d27baf8107b630586c962c057e22149653deb'; \
\
# https://git.alpinelinux.org/aports/tree/community/postgresql15/APKBUILD?h=3.21-stable&id=40544ade947bec1798edb0f749f4e967e842624b#n172
export LLVM_CONFIG="/usr/lib/llvm19/bin/llvm-config"; \
diff --git a/16/alpine3.20/Dockerfile b/16/alpine3.20/Dockerfile
index 8ceefb8fa2..6095fa9396 100644
--- a/16/alpine3.20/Dockerfile
+++ b/16/alpine3.20/Dockerfile
@@ -112,9 +112,6 @@ RUN set -eux; \
grep '/var/run/postgresql' src/include/pg_config_manual.h.new; \
mv src/include/pg_config_manual.h.new src/include/pg_config_manual.h; \
gnuArch="$(dpkg-architecture --query DEB_BUILD_GNU_TYPE)"; \
-# explicitly update autoconf config.guess and config.sub so they support more arches/libcs
- wget -O config/config.guess 'https://git.savannah.gnu.org/cgit/config.git/plain/config.guess?id=7d3d27baf8107b630586c962c057e22149653deb'; \
- wget -O config/config.sub 'https://git.savannah.gnu.org/cgit/config.git/plain/config.sub?id=7d3d27baf8107b630586c962c057e22149653deb'; \
\
# https://git.alpinelinux.org/aports/tree/community/postgresql15/APKBUILD?h=3.21-stable&id=40544ade947bec1798edb0f749f4e967e842624b#n172
export LLVM_CONFIG="/usr/lib/llvm15/bin/llvm-config"; \
diff --git a/16/alpine3.21/Dockerfile b/16/alpine3.21/Dockerfile
index de809004ef..21f38d7596 100644
--- a/16/alpine3.21/Dockerfile
+++ b/16/alpine3.21/Dockerfile
@@ -112,9 +112,6 @@ RUN set -eux; \
grep '/var/run/postgresql' src/include/pg_config_manual.h.new; \
mv src/include/pg_config_manual.h.new src/include/pg_config_manual.h; \
gnuArch="$(dpkg-architecture --query DEB_BUILD_GNU_TYPE)"; \
-# explicitly update autoconf config.guess and config.sub so they support more arches/libcs
- wget -O config/config.guess 'https://git.savannah.gnu.org/cgit/config.git/plain/config.guess?id=7d3d27baf8107b630586c962c057e22149653deb'; \
- wget -O config/config.sub 'https://git.savannah.gnu.org/cgit/config.git/plain/config.sub?id=7d3d27baf8107b630586c962c057e22149653deb'; \
\
# https://git.alpinelinux.org/aports/tree/community/postgresql15/APKBUILD?h=3.21-stable&id=40544ade947bec1798edb0f749f4e967e842624b#n172
export LLVM_CONFIG="/usr/lib/llvm19/bin/llvm-config"; \
diff --git a/17/alpine3.20/Dockerfile b/17/alpine3.20/Dockerfile
index 5919ddee6d..bcf17f32a0 100644
--- a/17/alpine3.20/Dockerfile
+++ b/17/alpine3.20/Dockerfile
@@ -111,9 +111,6 @@ RUN set -eux; \
grep '/var/run/postgresql' src/include/pg_config_manual.h.new; \
mv src/include/pg_config_manual.h.new src/include/pg_config_manual.h; \
gnuArch="$(dpkg-architecture --query DEB_BUILD_GNU_TYPE)"; \
-# explicitly update autoconf config.guess and config.sub so they support more arches/libcs
- wget -O config/config.guess 'https://git.savannah.gnu.org/cgit/config.git/plain/config.guess?id=7d3d27baf8107b630586c962c057e22149653deb'; \
- wget -O config/config.sub 'https://git.savannah.gnu.org/cgit/config.git/plain/config.sub?id=7d3d27baf8107b630586c962c057e22149653deb'; \
\
# https://git.alpinelinux.org/aports/tree/community/postgresql15/APKBUILD?h=3.21-stable&id=40544ade947bec1798edb0f749f4e967e842624b#n172
export LLVM_CONFIG="/usr/lib/llvm15/bin/llvm-config"; \
diff --git a/17/alpine3.21/Dockerfile b/17/alpine3.21/Dockerfile
index cda67cffa5..9e4bf205bd 100644
--- a/17/alpine3.21/Dockerfile
+++ b/17/alpine3.21/Dockerfile
@@ -111,9 +111,6 @@ RUN set -eux; \
grep '/var/run/postgresql' src/include/pg_config_manual.h.new; \
mv src/include/pg_config_manual.h.new src/include/pg_config_manual.h; \
gnuArch="$(dpkg-architecture --query DEB_BUILD_GNU_TYPE)"; \
-# explicitly update autoconf config.guess and config.sub so they support more arches/libcs
- wget -O config/config.guess 'https://git.savannah.gnu.org/cgit/config.git/plain/config.guess?id=7d3d27baf8107b630586c962c057e22149653deb'; \
- wget -O config/config.sub 'https://git.savannah.gnu.org/cgit/config.git/plain/config.sub?id=7d3d27baf8107b630586c962c057e22149653deb'; \
\
# https://git.alpinelinux.org/aports/tree/community/postgresql15/APKBUILD?h=3.21-stable&id=40544ade947bec1798edb0f749f4e967e842624b#n172
export LLVM_CONFIG="/usr/lib/llvm19/bin/llvm-config"; \
diff --git a/Dockerfile-alpine.template b/Dockerfile-alpine.template
index 2d1e3957a8..d0c90d18c8 100644
--- a/Dockerfile-alpine.template
+++ b/Dockerfile-alpine.template
@@ -124,9 +124,6 @@ RUN set -eux; \
grep '/var/run/postgresql' src/include/pg_config_manual.h.new; \
mv src/include/pg_config_manual.h.new src/include/pg_config_manual.h; \
gnuArch="$(dpkg-architecture --query DEB_BUILD_GNU_TYPE)"; \
-# explicitly update autoconf config.guess and config.sub so they support more arches/libcs
- wget -O config/config.guess 'https://git.savannah.gnu.org/cgit/config.git/plain/config.guess?id=7d3d27baf8107b630586c962c057e22149653deb'; \
- wget -O config/config.sub 'https://git.savannah.gnu.org/cgit/config.git/plain/config.sub?id=7d3d27baf8107b630586c962c057e22149653deb'; \
\
# https://git.alpinelinux.org/aports/tree/community/postgresql15/APKBUILD?h=3.21-stable&id=40544ade947bec1798edb0f749f4e967e842624b#n172
export LLVM_CONFIG="/usr/lib/llvm{{ llvmver }}/bin/llvm-config"; \
From d9c4773ca5dc96692188c458f281d217d78b14d9 Mon Sep 17 00:00:00 2001
From: Joseph Ferguson <yosifkit@gmail.com>
Date: Wed, 21 May 2025 17:48:07 -0700
Subject: [PATCH 111/115] Update apt build depend
---
13/bookworm/Dockerfile | 7 +++----
13/bullseye/Dockerfile | 7 +++----
14/bookworm/Dockerfile | 7 +++----
14/bullseye/Dockerfile | 7 +++----
15/bookworm/Dockerfile | 7 +++----
15/bullseye/Dockerfile | 7 +++----
16/bookworm/Dockerfile | 7 +++----
16/bullseye/Dockerfile | 7 +++----
17/bookworm/Dockerfile | 7 +++----
17/bullseye/Dockerfile | 7 +++----
Dockerfile-debian.template | 7 +++----
11 files changed, 33 insertions(+), 44 deletions(-)
diff --git a/13/bookworm/Dockerfile b/13/bookworm/Dockerfile
index 3dd050a432..721ad94d09 100644
--- a/13/bookworm/Dockerfile
+++ b/13/bookworm/Dockerfile
@@ -131,10 +131,9 @@ RUN set -ex; \
# build .deb files from upstream's source packages (which are verified by apt-get)
nproc="$(nproc)"; \
export DEB_BUILD_OPTIONS="nocheck parallel=$nproc"; \
-# we have to build postgresql-common first because postgresql-$PG_MAJOR shares "debian/rules" logic with it: https://salsa.debian.org/postgresql/postgresql/-/commit/99f44476e258cae6bf9e919219fa2c5414fa2876
-# (and it "Depends: pgdg-keyring")
- apt-get build-dep -y postgresql-common pgdg-keyring; \
- apt-get source --compile postgresql-common pgdg-keyring; \
+# we have to build postgresql-common-dev first because postgresql-$PG_MAJOR shares "debian/rules" logic with it: https://salsa.debian.org/postgresql/postgresql/-/commit/f4338a0d28cf4541956bddb0f4e444ba9dba81b9
+ apt-get build-dep -y postgresql-common-dev; \
+ apt-get source --compile postgresql-common-dev; \
_update_repo; \
# we need DEBIAN_FRONTEND on postgresql-13 for slapd ("Please enter the password for the admin entry in your LDAP directory."); see https://bugs.debian.org/929417
DEBIAN_FRONTEND=noninteractive \
diff --git a/13/bullseye/Dockerfile b/13/bullseye/Dockerfile
index 990363d494..b914b71ff0 100644
--- a/13/bullseye/Dockerfile
+++ b/13/bullseye/Dockerfile
@@ -131,10 +131,9 @@ RUN set -ex; \
# build .deb files from upstream's source packages (which are verified by apt-get)
nproc="$(nproc)"; \
export DEB_BUILD_OPTIONS="nocheck parallel=$nproc"; \
-# we have to build postgresql-common first because postgresql-$PG_MAJOR shares "debian/rules" logic with it: https://salsa.debian.org/postgresql/postgresql/-/commit/99f44476e258cae6bf9e919219fa2c5414fa2876
-# (and it "Depends: pgdg-keyring")
- apt-get build-dep -y postgresql-common pgdg-keyring; \
- apt-get source --compile postgresql-common pgdg-keyring; \
+# we have to build postgresql-common-dev first because postgresql-$PG_MAJOR shares "debian/rules" logic with it: https://salsa.debian.org/postgresql/postgresql/-/commit/f4338a0d28cf4541956bddb0f4e444ba9dba81b9
+ apt-get build-dep -y postgresql-common-dev; \
+ apt-get source --compile postgresql-common-dev; \
_update_repo; \
# we need DEBIAN_FRONTEND on postgresql-13 for slapd ("Please enter the password for the admin entry in your LDAP directory."); see https://bugs.debian.org/929417
DEBIAN_FRONTEND=noninteractive \
diff --git a/14/bookworm/Dockerfile b/14/bookworm/Dockerfile
index 701a02cccd..e9a0e21b1c 100644
--- a/14/bookworm/Dockerfile
+++ b/14/bookworm/Dockerfile
@@ -131,10 +131,9 @@ RUN set -ex; \
# build .deb files from upstream's source packages (which are verified by apt-get)
nproc="$(nproc)"; \
export DEB_BUILD_OPTIONS="nocheck parallel=$nproc"; \
-# we have to build postgresql-common first because postgresql-$PG_MAJOR shares "debian/rules" logic with it: https://salsa.debian.org/postgresql/postgresql/-/commit/99f44476e258cae6bf9e919219fa2c5414fa2876
-# (and it "Depends: pgdg-keyring")
- apt-get build-dep -y postgresql-common pgdg-keyring; \
- apt-get source --compile postgresql-common pgdg-keyring; \
+# we have to build postgresql-common-dev first because postgresql-$PG_MAJOR shares "debian/rules" logic with it: https://salsa.debian.org/postgresql/postgresql/-/commit/f4338a0d28cf4541956bddb0f4e444ba9dba81b9
+ apt-get build-dep -y postgresql-common-dev; \
+ apt-get source --compile postgresql-common-dev; \
_update_repo; \
apt-get build-dep -y "postgresql-$PG_MAJOR=$PG_VERSION"; \
apt-get source --compile "postgresql-$PG_MAJOR=$PG_VERSION"; \
diff --git a/14/bullseye/Dockerfile b/14/bullseye/Dockerfile
index 004e6777cd..ff863ef774 100644
--- a/14/bullseye/Dockerfile
+++ b/14/bullseye/Dockerfile
@@ -131,10 +131,9 @@ RUN set -ex; \
# build .deb files from upstream's source packages (which are verified by apt-get)
nproc="$(nproc)"; \
export DEB_BUILD_OPTIONS="nocheck parallel=$nproc"; \
-# we have to build postgresql-common first because postgresql-$PG_MAJOR shares "debian/rules" logic with it: https://salsa.debian.org/postgresql/postgresql/-/commit/99f44476e258cae6bf9e919219fa2c5414fa2876
-# (and it "Depends: pgdg-keyring")
- apt-get build-dep -y postgresql-common pgdg-keyring; \
- apt-get source --compile postgresql-common pgdg-keyring; \
+# we have to build postgresql-common-dev first because postgresql-$PG_MAJOR shares "debian/rules" logic with it: https://salsa.debian.org/postgresql/postgresql/-/commit/f4338a0d28cf4541956bddb0f4e444ba9dba81b9
+ apt-get build-dep -y postgresql-common-dev; \
+ apt-get source --compile postgresql-common-dev; \
_update_repo; \
apt-get build-dep -y "postgresql-$PG_MAJOR=$PG_VERSION"; \
apt-get source --compile "postgresql-$PG_MAJOR=$PG_VERSION"; \
diff --git a/15/bookworm/Dockerfile b/15/bookworm/Dockerfile
index 953f19a827..d58f9ab6a4 100644
--- a/15/bookworm/Dockerfile
+++ b/15/bookworm/Dockerfile
@@ -131,10 +131,9 @@ RUN set -ex; \
# build .deb files from upstream's source packages (which are verified by apt-get)
nproc="$(nproc)"; \
export DEB_BUILD_OPTIONS="nocheck parallel=$nproc"; \
-# we have to build postgresql-common first because postgresql-$PG_MAJOR shares "debian/rules" logic with it: https://salsa.debian.org/postgresql/postgresql/-/commit/99f44476e258cae6bf9e919219fa2c5414fa2876
-# (and it "Depends: pgdg-keyring")
- apt-get build-dep -y postgresql-common pgdg-keyring; \
- apt-get source --compile postgresql-common pgdg-keyring; \
+# we have to build postgresql-common-dev first because postgresql-$PG_MAJOR shares "debian/rules" logic with it: https://salsa.debian.org/postgresql/postgresql/-/commit/f4338a0d28cf4541956bddb0f4e444ba9dba81b9
+ apt-get build-dep -y postgresql-common-dev; \
+ apt-get source --compile postgresql-common-dev; \
_update_repo; \
apt-get build-dep -y "postgresql-$PG_MAJOR=$PG_VERSION"; \
apt-get source --compile "postgresql-$PG_MAJOR=$PG_VERSION"; \
diff --git a/15/bullseye/Dockerfile b/15/bullseye/Dockerfile
index af49faecc7..ec325d7c88 100644
--- a/15/bullseye/Dockerfile
+++ b/15/bullseye/Dockerfile
@@ -131,10 +131,9 @@ RUN set -ex; \
# build .deb files from upstream's source packages (which are verified by apt-get)
nproc="$(nproc)"; \
export DEB_BUILD_OPTIONS="nocheck parallel=$nproc"; \
-# we have to build postgresql-common first because postgresql-$PG_MAJOR shares "debian/rules" logic with it: https://salsa.debian.org/postgresql/postgresql/-/commit/99f44476e258cae6bf9e919219fa2c5414fa2876
-# (and it "Depends: pgdg-keyring")
- apt-get build-dep -y postgresql-common pgdg-keyring; \
- apt-get source --compile postgresql-common pgdg-keyring; \
+# we have to build postgresql-common-dev first because postgresql-$PG_MAJOR shares "debian/rules" logic with it: https://salsa.debian.org/postgresql/postgresql/-/commit/f4338a0d28cf4541956bddb0f4e444ba9dba81b9
+ apt-get build-dep -y postgresql-common-dev; \
+ apt-get source --compile postgresql-common-dev; \
_update_repo; \
apt-get build-dep -y "postgresql-$PG_MAJOR=$PG_VERSION"; \
apt-get source --compile "postgresql-$PG_MAJOR=$PG_VERSION"; \
diff --git a/16/bookworm/Dockerfile b/16/bookworm/Dockerfile
index 57ce9f7b06..7421ccaf0a 100644
--- a/16/bookworm/Dockerfile
+++ b/16/bookworm/Dockerfile
@@ -131,10 +131,9 @@ RUN set -ex; \
# build .deb files from upstream's source packages (which are verified by apt-get)
nproc="$(nproc)"; \
export DEB_BUILD_OPTIONS="nocheck parallel=$nproc"; \
-# we have to build postgresql-common first because postgresql-$PG_MAJOR shares "debian/rules" logic with it: https://salsa.debian.org/postgresql/postgresql/-/commit/99f44476e258cae6bf9e919219fa2c5414fa2876
-# (and it "Depends: pgdg-keyring")
- apt-get build-dep -y postgresql-common pgdg-keyring; \
- apt-get source --compile postgresql-common pgdg-keyring; \
+# we have to build postgresql-common-dev first because postgresql-$PG_MAJOR shares "debian/rules" logic with it: https://salsa.debian.org/postgresql/postgresql/-/commit/f4338a0d28cf4541956bddb0f4e444ba9dba81b9
+ apt-get build-dep -y postgresql-common-dev; \
+ apt-get source --compile postgresql-common-dev; \
_update_repo; \
apt-get build-dep -y "postgresql-$PG_MAJOR=$PG_VERSION"; \
apt-get source --compile "postgresql-$PG_MAJOR=$PG_VERSION"; \
diff --git a/16/bullseye/Dockerfile b/16/bullseye/Dockerfile
index 54f864c29e..a3ac0c55ab 100644
--- a/16/bullseye/Dockerfile
+++ b/16/bullseye/Dockerfile
@@ -131,10 +131,9 @@ RUN set -ex; \
# build .deb files from upstream's source packages (which are verified by apt-get)
nproc="$(nproc)"; \
export DEB_BUILD_OPTIONS="nocheck parallel=$nproc"; \
-# we have to build postgresql-common first because postgresql-$PG_MAJOR shares "debian/rules" logic with it: https://salsa.debian.org/postgresql/postgresql/-/commit/99f44476e258cae6bf9e919219fa2c5414fa2876
-# (and it "Depends: pgdg-keyring")
- apt-get build-dep -y postgresql-common pgdg-keyring; \
- apt-get source --compile postgresql-common pgdg-keyring; \
+# we have to build postgresql-common-dev first because postgresql-$PG_MAJOR shares "debian/rules" logic with it: https://salsa.debian.org/postgresql/postgresql/-/commit/f4338a0d28cf4541956bddb0f4e444ba9dba81b9
+ apt-get build-dep -y postgresql-common-dev; \
+ apt-get source --compile postgresql-common-dev; \
_update_repo; \
apt-get build-dep -y "postgresql-$PG_MAJOR=$PG_VERSION"; \
apt-get source --compile "postgresql-$PG_MAJOR=$PG_VERSION"; \
diff --git a/17/bookworm/Dockerfile b/17/bookworm/Dockerfile
index eca1c04f03..25c2142f1f 100644
--- a/17/bookworm/Dockerfile
+++ b/17/bookworm/Dockerfile
@@ -131,10 +131,9 @@ RUN set -ex; \
# build .deb files from upstream's source packages (which are verified by apt-get)
nproc="$(nproc)"; \
export DEB_BUILD_OPTIONS="nocheck parallel=$nproc"; \
-# we have to build postgresql-common first because postgresql-$PG_MAJOR shares "debian/rules" logic with it: https://salsa.debian.org/postgresql/postgresql/-/commit/99f44476e258cae6bf9e919219fa2c5414fa2876
-# (and it "Depends: pgdg-keyring")
- apt-get build-dep -y postgresql-common pgdg-keyring; \
- apt-get source --compile postgresql-common pgdg-keyring; \
+# we have to build postgresql-common-dev first because postgresql-$PG_MAJOR shares "debian/rules" logic with it: https://salsa.debian.org/postgresql/postgresql/-/commit/f4338a0d28cf4541956bddb0f4e444ba9dba81b9
+ apt-get build-dep -y postgresql-common-dev; \
+ apt-get source --compile postgresql-common-dev; \
_update_repo; \
apt-get build-dep -y "postgresql-$PG_MAJOR=$PG_VERSION"; \
apt-get source --compile "postgresql-$PG_MAJOR=$PG_VERSION"; \
diff --git a/17/bullseye/Dockerfile b/17/bullseye/Dockerfile
index 90b92bba46..fc554d1fae 100644
--- a/17/bullseye/Dockerfile
+++ b/17/bullseye/Dockerfile
@@ -131,10 +131,9 @@ RUN set -ex; \
# build .deb files from upstream's source packages (which are verified by apt-get)
nproc="$(nproc)"; \
export DEB_BUILD_OPTIONS="nocheck parallel=$nproc"; \
-# we have to build postgresql-common first because postgresql-$PG_MAJOR shares "debian/rules" logic with it: https://salsa.debian.org/postgresql/postgresql/-/commit/99f44476e258cae6bf9e919219fa2c5414fa2876
-# (and it "Depends: pgdg-keyring")
- apt-get build-dep -y postgresql-common pgdg-keyring; \
- apt-get source --compile postgresql-common pgdg-keyring; \
+# we have to build postgresql-common-dev first because postgresql-$PG_MAJOR shares "debian/rules" logic with it: https://salsa.debian.org/postgresql/postgresql/-/commit/f4338a0d28cf4541956bddb0f4e444ba9dba81b9
+ apt-get build-dep -y postgresql-common-dev; \
+ apt-get source --compile postgresql-common-dev; \
_update_repo; \
apt-get build-dep -y "postgresql-$PG_MAJOR=$PG_VERSION"; \
apt-get source --compile "postgresql-$PG_MAJOR=$PG_VERSION"; \
diff --git a/Dockerfile-debian.template b/Dockerfile-debian.template
index 1ac04a725f..a81072a524 100644
--- a/Dockerfile-debian.template
+++ b/Dockerfile-debian.template
@@ -125,10 +125,9 @@ RUN set -ex; \
# build .deb files from upstream's source packages (which are verified by apt-get)
nproc="$(nproc)"; \
export DEB_BUILD_OPTIONS="nocheck parallel=$nproc"; \
-# we have to build postgresql-common first because postgresql-$PG_MAJOR shares "debian/rules" logic with it: https://salsa.debian.org/postgresql/postgresql/-/commit/99f44476e258cae6bf9e919219fa2c5414fa2876
-# (and it "Depends: pgdg-keyring")
- apt-get build-dep -y postgresql-common pgdg-keyring; \
- apt-get source --compile postgresql-common pgdg-keyring; \
+# we have to build postgresql-common-dev first because postgresql-$PG_MAJOR shares "debian/rules" logic with it: https://salsa.debian.org/postgresql/postgresql/-/commit/f4338a0d28cf4541956bddb0f4e444ba9dba81b9
+ apt-get build-dep -y postgresql-common-dev; \
+ apt-get source --compile postgresql-common-dev; \
_update_repo; \
{{ if .major == 13 then ( -}}
# we need DEBIAN_FRONTEND on postgresql-13 for slapd ("Please enter the password for the admin entry in your LDAP directory."); see https://bugs.debian.org/929417
From 172d9e7dbcff681ed65899f9bb01ba8bcc5fc063 Mon Sep 17 00:00:00 2001
From: Tianon Gravi <admwiggin@gmail.com>
Date: Fri, 30 May 2025 14:09:41 -0700
Subject: [PATCH 112/115] Add Alpine 3.22 (remove Alpine 3.20)
---
13/alpine3.21/Dockerfile | 9 +++---
13/{alpine3.20 => alpine3.22}/Dockerfile | 19 ++++++------
.../docker-ensure-initdb.sh | 0
.../docker-entrypoint.sh | 0
14/alpine3.21/Dockerfile | 9 +++---
14/{alpine3.20 => alpine3.22}/Dockerfile | 19 ++++++------
.../docker-ensure-initdb.sh | 0
.../docker-entrypoint.sh | 0
15/alpine3.21/Dockerfile | 9 +++---
15/{alpine3.20 => alpine3.22}/Dockerfile | 19 ++++++------
.../docker-ensure-initdb.sh | 0
.../docker-entrypoint.sh | 0
16/alpine3.21/Dockerfile | 9 +++---
16/{alpine3.20 => alpine3.22}/Dockerfile | 19 ++++++------
.../docker-ensure-initdb.sh | 0
.../docker-entrypoint.sh | 0
17/alpine3.21/Dockerfile | 9 +++---
17/{alpine3.20 => alpine3.22}/Dockerfile | 19 ++++++------
.../docker-ensure-initdb.sh | 0
.../docker-entrypoint.sh | 0
Dockerfile-alpine.template | 15 ++++------
versions.json | 30 +++++++++----------
versions.sh | 2 +-
23 files changed, 86 insertions(+), 101 deletions(-)
rename 13/{alpine3.20 => alpine3.22}/Dockerfile (93%)
rename 13/{alpine3.20 => alpine3.22}/docker-ensure-initdb.sh (100%)
rename 13/{alpine3.20 => alpine3.22}/docker-entrypoint.sh (100%)
rename 14/{alpine3.20 => alpine3.22}/Dockerfile (93%)
rename 14/{alpine3.20 => alpine3.22}/docker-ensure-initdb.sh (100%)
rename 14/{alpine3.20 => alpine3.22}/docker-entrypoint.sh (100%)
rename 15/{alpine3.20 => alpine3.22}/Dockerfile (93%)
rename 15/{alpine3.20 => alpine3.22}/docker-ensure-initdb.sh (100%)
rename 15/{alpine3.20 => alpine3.22}/docker-entrypoint.sh (100%)
rename 16/{alpine3.20 => alpine3.22}/Dockerfile (93%)
rename 16/{alpine3.20 => alpine3.22}/docker-ensure-initdb.sh (100%)
rename 16/{alpine3.20 => alpine3.22}/docker-entrypoint.sh (100%)
rename 17/{alpine3.20 => alpine3.22}/Dockerfile (93%)
rename 17/{alpine3.20 => alpine3.22}/docker-ensure-initdb.sh (100%)
rename 17/{alpine3.20 => alpine3.22}/docker-entrypoint.sh (100%)
diff --git a/13/alpine3.21/Dockerfile b/13/alpine3.21/Dockerfile
index 50a47522ad..c79dfd0bb7 100644
--- a/13/alpine3.21/Dockerfile
+++ b/13/alpine3.21/Dockerfile
@@ -7,7 +7,7 @@
FROM alpine:3.21
# 70 is the standard uid/gid for "postgres" in Alpine
-# https://git.alpinelinux.org/aports/tree/main/postgresql-common/postgresql-common.pre-install?h=3.21-stable
+# https://git.alpinelinux.org/aports/tree/main/postgresql-common/postgresql-common.pre-install?h=3.22-stable
RUN set -eux; \
addgroup -g 70 -S postgres; \
adduser -u 70 -S -D -G postgres -H -h /var/lib/postgresql -s /bin/sh postgres; \
@@ -109,9 +109,9 @@ RUN set -eux; \
mv src/include/pg_config_manual.h.new src/include/pg_config_manual.h; \
gnuArch="$(dpkg-architecture --query DEB_BUILD_GNU_TYPE)"; \
\
-# https://git.alpinelinux.org/aports/tree/community/postgresql15/APKBUILD?h=3.21-stable&id=40544ade947bec1798edb0f749f4e967e842624b#n172
+# https://git.alpinelinux.org/aports/tree/community/postgresql15/APKBUILD?h=3.22-stable#n176 ("export LLVM_CONFIG")
export LLVM_CONFIG="/usr/lib/llvm19/bin/llvm-config"; \
-# https://git.alpinelinux.org/aports/tree/community/postgresql15/APKBUILD?h=3.21-stable&id=40544ade947bec1798edb0f749f4e967e842624b#n177
+# https://git.alpinelinux.org/aports/tree/community/postgresql15/APKBUILD?h=3.22-stable#n180 ("older clang versions don't have a 'clang' exe anymore.")
export CLANG=clang-19; \
\
# configure options taken from:
@@ -166,8 +166,7 @@ RUN set -eux; \
zstd \
# https://wiki.alpinelinux.org/wiki/Release_Notes_for_Alpine_3.16.0#ICU_data_split
icu-data-full \
-# nss_wrapper is not availble on ppc64le: "test case segfaults in ppc64le"
-# https://git.alpinelinux.org/aports/commit/testing/nss_wrapper/APKBUILD?h=3.17-stable&id=94d81ceeb58cff448d489bbcbe9a6d40c9991663
+# https://git.alpinelinux.org/aports/tree/community/nss_wrapper/APKBUILD?h=3.22-stable#n7 ("ppc64le: test case segfaults")
$([ "$(apk --print-arch)" != 'ppc64le' ] && echo 'nss_wrapper') \
; \
apk del --no-network .build-deps; \
diff --git a/13/alpine3.20/Dockerfile b/13/alpine3.22/Dockerfile
similarity index 93%
rename from 13/alpine3.20/Dockerfile
rename to 13/alpine3.22/Dockerfile
index a2f5e0918b..ece37e9796 100644
--- a/13/alpine3.20/Dockerfile
+++ b/13/alpine3.22/Dockerfile
@@ -4,10 +4,10 @@
# PLEASE DO NOT EDIT IT DIRECTLY.
#
-FROM alpine:3.20
+FROM alpine:3.22
# 70 is the standard uid/gid for "postgres" in Alpine
-# https://git.alpinelinux.org/aports/tree/main/postgresql-common/postgresql-common.pre-install?h=3.21-stable
+# https://git.alpinelinux.org/aports/tree/main/postgresql-common/postgresql-common.pre-install?h=3.22-stable
RUN set -eux; \
addgroup -g 70 -S postgres; \
adduser -u 70 -S -D -G postgres -H -h /var/lib/postgresql -s /bin/sh postgres; \
@@ -57,8 +57,8 @@ ENV PG_VERSION 13.21
ENV PG_SHA256 dcda1294df45f033b0656cf7a8e4afbbc624c25e1b144aec79530f74d7ef4ab4
ENV DOCKER_PG_LLVM_DEPS \
- llvm15-dev \
- clang15
+ llvm19-dev \
+ clang19
RUN set -eux; \
\
@@ -109,10 +109,10 @@ RUN set -eux; \
mv src/include/pg_config_manual.h.new src/include/pg_config_manual.h; \
gnuArch="$(dpkg-architecture --query DEB_BUILD_GNU_TYPE)"; \
\
-# https://git.alpinelinux.org/aports/tree/community/postgresql15/APKBUILD?h=3.21-stable&id=40544ade947bec1798edb0f749f4e967e842624b#n172
- export LLVM_CONFIG="/usr/lib/llvm15/bin/llvm-config"; \
-# https://git.alpinelinux.org/aports/tree/community/postgresql15/APKBUILD?h=3.21-stable&id=40544ade947bec1798edb0f749f4e967e842624b#n177
- export CLANG=clang-15; \
+# https://git.alpinelinux.org/aports/tree/community/postgresql15/APKBUILD?h=3.22-stable#n176 ("export LLVM_CONFIG")
+ export LLVM_CONFIG="/usr/lib/llvm19/bin/llvm-config"; \
+# https://git.alpinelinux.org/aports/tree/community/postgresql15/APKBUILD?h=3.22-stable#n180 ("older clang versions don't have a 'clang' exe anymore.")
+ export CLANG=clang-19; \
\
# configure options taken from:
# https://anonscm.debian.org/cgit/pkg-postgresql/postgresql.git/tree/debian/rules?h=9.5
@@ -166,8 +166,7 @@ RUN set -eux; \
zstd \
# https://wiki.alpinelinux.org/wiki/Release_Notes_for_Alpine_3.16.0#ICU_data_split
icu-data-full \
-# nss_wrapper is not availble on ppc64le: "test case segfaults in ppc64le"
-# https://git.alpinelinux.org/aports/commit/testing/nss_wrapper/APKBUILD?h=3.17-stable&id=94d81ceeb58cff448d489bbcbe9a6d40c9991663
+# https://git.alpinelinux.org/aports/tree/community/nss_wrapper/APKBUILD?h=3.22-stable#n7 ("ppc64le: test case segfaults")
$([ "$(apk --print-arch)" != 'ppc64le' ] && echo 'nss_wrapper') \
; \
apk del --no-network .build-deps; \
diff --git a/13/alpine3.20/docker-ensure-initdb.sh b/13/alpine3.22/docker-ensure-initdb.sh
similarity index 100%
rename from 13/alpine3.20/docker-ensure-initdb.sh
rename to 13/alpine3.22/docker-ensure-initdb.sh
diff --git a/13/alpine3.20/docker-entrypoint.sh b/13/alpine3.22/docker-entrypoint.sh
similarity index 100%
rename from 13/alpine3.20/docker-entrypoint.sh
rename to 13/alpine3.22/docker-entrypoint.sh
diff --git a/14/alpine3.21/Dockerfile b/14/alpine3.21/Dockerfile
index 82d8aeba6c..49eb44c2c7 100644
--- a/14/alpine3.21/Dockerfile
+++ b/14/alpine3.21/Dockerfile
@@ -7,7 +7,7 @@
FROM alpine:3.21
# 70 is the standard uid/gid for "postgres" in Alpine
-# https://git.alpinelinux.org/aports/tree/main/postgresql-common/postgresql-common.pre-install?h=3.21-stable
+# https://git.alpinelinux.org/aports/tree/main/postgresql-common/postgresql-common.pre-install?h=3.22-stable
RUN set -eux; \
addgroup -g 70 -S postgres; \
adduser -u 70 -S -D -G postgres -H -h /var/lib/postgresql -s /bin/sh postgres; \
@@ -111,9 +111,9 @@ RUN set -eux; \
mv src/include/pg_config_manual.h.new src/include/pg_config_manual.h; \
gnuArch="$(dpkg-architecture --query DEB_BUILD_GNU_TYPE)"; \
\
-# https://git.alpinelinux.org/aports/tree/community/postgresql15/APKBUILD?h=3.21-stable&id=40544ade947bec1798edb0f749f4e967e842624b#n172
+# https://git.alpinelinux.org/aports/tree/community/postgresql15/APKBUILD?h=3.22-stable#n176 ("export LLVM_CONFIG")
export LLVM_CONFIG="/usr/lib/llvm19/bin/llvm-config"; \
-# https://git.alpinelinux.org/aports/tree/community/postgresql15/APKBUILD?h=3.21-stable&id=40544ade947bec1798edb0f749f4e967e842624b#n177
+# https://git.alpinelinux.org/aports/tree/community/postgresql15/APKBUILD?h=3.22-stable#n180 ("older clang versions don't have a 'clang' exe anymore.")
export CLANG=clang-19; \
\
# configure options taken from:
@@ -169,8 +169,7 @@ RUN set -eux; \
zstd \
# https://wiki.alpinelinux.org/wiki/Release_Notes_for_Alpine_3.16.0#ICU_data_split
icu-data-full \
-# nss_wrapper is not availble on ppc64le: "test case segfaults in ppc64le"
-# https://git.alpinelinux.org/aports/commit/testing/nss_wrapper/APKBUILD?h=3.17-stable&id=94d81ceeb58cff448d489bbcbe9a6d40c9991663
+# https://git.alpinelinux.org/aports/tree/community/nss_wrapper/APKBUILD?h=3.22-stable#n7 ("ppc64le: test case segfaults")
$([ "$(apk --print-arch)" != 'ppc64le' ] && echo 'nss_wrapper') \
; \
apk del --no-network .build-deps; \
diff --git a/14/alpine3.20/Dockerfile b/14/alpine3.22/Dockerfile
similarity index 93%
rename from 14/alpine3.20/Dockerfile
rename to 14/alpine3.22/Dockerfile
index 9afc070826..238930ef21 100644
--- a/14/alpine3.20/Dockerfile
+++ b/14/alpine3.22/Dockerfile
@@ -4,10 +4,10 @@
# PLEASE DO NOT EDIT IT DIRECTLY.
#
-FROM alpine:3.20
+FROM alpine:3.22
# 70 is the standard uid/gid for "postgres" in Alpine
-# https://git.alpinelinux.org/aports/tree/main/postgresql-common/postgresql-common.pre-install?h=3.21-stable
+# https://git.alpinelinux.org/aports/tree/main/postgresql-common/postgresql-common.pre-install?h=3.22-stable
RUN set -eux; \
addgroup -g 70 -S postgres; \
adduser -u 70 -S -D -G postgres -H -h /var/lib/postgresql -s /bin/sh postgres; \
@@ -57,8 +57,8 @@ ENV PG_VERSION 14.18
ENV PG_SHA256 83ab29d6bfc3dc58b2ed3c664114fdfbeb6a0450c4b8d7fa69aee91e3ca14f8e
ENV DOCKER_PG_LLVM_DEPS \
- llvm15-dev \
- clang15
+ llvm19-dev \
+ clang19
RUN set -eux; \
\
@@ -111,10 +111,10 @@ RUN set -eux; \
mv src/include/pg_config_manual.h.new src/include/pg_config_manual.h; \
gnuArch="$(dpkg-architecture --query DEB_BUILD_GNU_TYPE)"; \
\
-# https://git.alpinelinux.org/aports/tree/community/postgresql15/APKBUILD?h=3.21-stable&id=40544ade947bec1798edb0f749f4e967e842624b#n172
- export LLVM_CONFIG="/usr/lib/llvm15/bin/llvm-config"; \
-# https://git.alpinelinux.org/aports/tree/community/postgresql15/APKBUILD?h=3.21-stable&id=40544ade947bec1798edb0f749f4e967e842624b#n177
- export CLANG=clang-15; \
+# https://git.alpinelinux.org/aports/tree/community/postgresql15/APKBUILD?h=3.22-stable#n176 ("export LLVM_CONFIG")
+ export LLVM_CONFIG="/usr/lib/llvm19/bin/llvm-config"; \
+# https://git.alpinelinux.org/aports/tree/community/postgresql15/APKBUILD?h=3.22-stable#n180 ("older clang versions don't have a 'clang' exe anymore.")
+ export CLANG=clang-19; \
\
# configure options taken from:
# https://anonscm.debian.org/cgit/pkg-postgresql/postgresql.git/tree/debian/rules?h=9.5
@@ -169,8 +169,7 @@ RUN set -eux; \
zstd \
# https://wiki.alpinelinux.org/wiki/Release_Notes_for_Alpine_3.16.0#ICU_data_split
icu-data-full \
-# nss_wrapper is not availble on ppc64le: "test case segfaults in ppc64le"
-# https://git.alpinelinux.org/aports/commit/testing/nss_wrapper/APKBUILD?h=3.17-stable&id=94d81ceeb58cff448d489bbcbe9a6d40c9991663
+# https://git.alpinelinux.org/aports/tree/community/nss_wrapper/APKBUILD?h=3.22-stable#n7 ("ppc64le: test case segfaults")
$([ "$(apk --print-arch)" != 'ppc64le' ] && echo 'nss_wrapper') \
; \
apk del --no-network .build-deps; \
diff --git a/14/alpine3.20/docker-ensure-initdb.sh b/14/alpine3.22/docker-ensure-initdb.sh
similarity index 100%
rename from 14/alpine3.20/docker-ensure-initdb.sh
rename to 14/alpine3.22/docker-ensure-initdb.sh
diff --git a/14/alpine3.20/docker-entrypoint.sh b/14/alpine3.22/docker-entrypoint.sh
similarity index 100%
rename from 14/alpine3.20/docker-entrypoint.sh
rename to 14/alpine3.22/docker-entrypoint.sh
diff --git a/15/alpine3.21/Dockerfile b/15/alpine3.21/Dockerfile
index 203cab4d45..91ab89c023 100644
--- a/15/alpine3.21/Dockerfile
+++ b/15/alpine3.21/Dockerfile
@@ -7,7 +7,7 @@
FROM alpine:3.21
# 70 is the standard uid/gid for "postgres" in Alpine
-# https://git.alpinelinux.org/aports/tree/main/postgresql-common/postgresql-common.pre-install?h=3.21-stable
+# https://git.alpinelinux.org/aports/tree/main/postgresql-common/postgresql-common.pre-install?h=3.22-stable
RUN set -eux; \
addgroup -g 70 -S postgres; \
adduser -u 70 -S -D -G postgres -H -h /var/lib/postgresql -s /bin/sh postgres; \
@@ -113,9 +113,9 @@ RUN set -eux; \
mv src/include/pg_config_manual.h.new src/include/pg_config_manual.h; \
gnuArch="$(dpkg-architecture --query DEB_BUILD_GNU_TYPE)"; \
\
-# https://git.alpinelinux.org/aports/tree/community/postgresql15/APKBUILD?h=3.21-stable&id=40544ade947bec1798edb0f749f4e967e842624b#n172
+# https://git.alpinelinux.org/aports/tree/community/postgresql15/APKBUILD?h=3.22-stable#n176 ("export LLVM_CONFIG")
export LLVM_CONFIG="/usr/lib/llvm19/bin/llvm-config"; \
-# https://git.alpinelinux.org/aports/tree/community/postgresql15/APKBUILD?h=3.21-stable&id=40544ade947bec1798edb0f749f4e967e842624b#n177
+# https://git.alpinelinux.org/aports/tree/community/postgresql15/APKBUILD?h=3.22-stable#n180 ("older clang versions don't have a 'clang' exe anymore.")
export CLANG=clang-19; \
\
# configure options taken from:
@@ -172,8 +172,7 @@ RUN set -eux; \
zstd \
# https://wiki.alpinelinux.org/wiki/Release_Notes_for_Alpine_3.16.0#ICU_data_split
icu-data-full \
-# nss_wrapper is not availble on ppc64le: "test case segfaults in ppc64le"
-# https://git.alpinelinux.org/aports/commit/testing/nss_wrapper/APKBUILD?h=3.17-stable&id=94d81ceeb58cff448d489bbcbe9a6d40c9991663
+# https://git.alpinelinux.org/aports/tree/community/nss_wrapper/APKBUILD?h=3.22-stable#n7 ("ppc64le: test case segfaults")
$([ "$(apk --print-arch)" != 'ppc64le' ] && echo 'nss_wrapper') \
; \
apk del --no-network .build-deps; \
diff --git a/15/alpine3.20/Dockerfile b/15/alpine3.22/Dockerfile
similarity index 93%
rename from 15/alpine3.20/Dockerfile
rename to 15/alpine3.22/Dockerfile
index 9fcb077803..201065d8a3 100644
--- a/15/alpine3.20/Dockerfile
+++ b/15/alpine3.22/Dockerfile
@@ -4,10 +4,10 @@
# PLEASE DO NOT EDIT IT DIRECTLY.
#
-FROM alpine:3.20
+FROM alpine:3.22
# 70 is the standard uid/gid for "postgres" in Alpine
-# https://git.alpinelinux.org/aports/tree/main/postgresql-common/postgresql-common.pre-install?h=3.21-stable
+# https://git.alpinelinux.org/aports/tree/main/postgresql-common/postgresql-common.pre-install?h=3.22-stable
RUN set -eux; \
addgroup -g 70 -S postgres; \
adduser -u 70 -S -D -G postgres -H -h /var/lib/postgresql -s /bin/sh postgres; \
@@ -57,8 +57,8 @@ ENV PG_VERSION 15.13
ENV PG_SHA256 4f62e133d22ea08a0401b0840920e26698644d01a80c34341fb732dd0a90ca5d
ENV DOCKER_PG_LLVM_DEPS \
- llvm15-dev \
- clang15
+ llvm19-dev \
+ clang19
RUN set -eux; \
\
@@ -113,10 +113,10 @@ RUN set -eux; \
mv src/include/pg_config_manual.h.new src/include/pg_config_manual.h; \
gnuArch="$(dpkg-architecture --query DEB_BUILD_GNU_TYPE)"; \
\
-# https://git.alpinelinux.org/aports/tree/community/postgresql15/APKBUILD?h=3.21-stable&id=40544ade947bec1798edb0f749f4e967e842624b#n172
- export LLVM_CONFIG="/usr/lib/llvm15/bin/llvm-config"; \
-# https://git.alpinelinux.org/aports/tree/community/postgresql15/APKBUILD?h=3.21-stable&id=40544ade947bec1798edb0f749f4e967e842624b#n177
- export CLANG=clang-15; \
+# https://git.alpinelinux.org/aports/tree/community/postgresql15/APKBUILD?h=3.22-stable#n176 ("export LLVM_CONFIG")
+ export LLVM_CONFIG="/usr/lib/llvm19/bin/llvm-config"; \
+# https://git.alpinelinux.org/aports/tree/community/postgresql15/APKBUILD?h=3.22-stable#n180 ("older clang versions don't have a 'clang' exe anymore.")
+ export CLANG=clang-19; \
\
# configure options taken from:
# https://anonscm.debian.org/cgit/pkg-postgresql/postgresql.git/tree/debian/rules?h=9.5
@@ -172,8 +172,7 @@ RUN set -eux; \
zstd \
# https://wiki.alpinelinux.org/wiki/Release_Notes_for_Alpine_3.16.0#ICU_data_split
icu-data-full \
-# nss_wrapper is not availble on ppc64le: "test case segfaults in ppc64le"
-# https://git.alpinelinux.org/aports/commit/testing/nss_wrapper/APKBUILD?h=3.17-stable&id=94d81ceeb58cff448d489bbcbe9a6d40c9991663
+# https://git.alpinelinux.org/aports/tree/community/nss_wrapper/APKBUILD?h=3.22-stable#n7 ("ppc64le: test case segfaults")
$([ "$(apk --print-arch)" != 'ppc64le' ] && echo 'nss_wrapper') \
; \
apk del --no-network .build-deps; \
diff --git a/15/alpine3.20/docker-ensure-initdb.sh b/15/alpine3.22/docker-ensure-initdb.sh
similarity index 100%
rename from 15/alpine3.20/docker-ensure-initdb.sh
rename to 15/alpine3.22/docker-ensure-initdb.sh
diff --git a/15/alpine3.20/docker-entrypoint.sh b/15/alpine3.22/docker-entrypoint.sh
similarity index 100%
rename from 15/alpine3.20/docker-entrypoint.sh
rename to 15/alpine3.22/docker-entrypoint.sh
diff --git a/16/alpine3.21/Dockerfile b/16/alpine3.21/Dockerfile
index 21f38d7596..1bf2cab5a5 100644
--- a/16/alpine3.21/Dockerfile
+++ b/16/alpine3.21/Dockerfile
@@ -7,7 +7,7 @@
FROM alpine:3.21
# 70 is the standard uid/gid for "postgres" in Alpine
-# https://git.alpinelinux.org/aports/tree/main/postgresql-common/postgresql-common.pre-install?h=3.21-stable
+# https://git.alpinelinux.org/aports/tree/main/postgresql-common/postgresql-common.pre-install?h=3.22-stable
RUN set -eux; \
addgroup -g 70 -S postgres; \
adduser -u 70 -S -D -G postgres -H -h /var/lib/postgresql -s /bin/sh postgres; \
@@ -113,9 +113,9 @@ RUN set -eux; \
mv src/include/pg_config_manual.h.new src/include/pg_config_manual.h; \
gnuArch="$(dpkg-architecture --query DEB_BUILD_GNU_TYPE)"; \
\
-# https://git.alpinelinux.org/aports/tree/community/postgresql15/APKBUILD?h=3.21-stable&id=40544ade947bec1798edb0f749f4e967e842624b#n172
+# https://git.alpinelinux.org/aports/tree/community/postgresql15/APKBUILD?h=3.22-stable#n176 ("export LLVM_CONFIG")
export LLVM_CONFIG="/usr/lib/llvm19/bin/llvm-config"; \
-# https://git.alpinelinux.org/aports/tree/community/postgresql15/APKBUILD?h=3.21-stable&id=40544ade947bec1798edb0f749f4e967e842624b#n177
+# https://git.alpinelinux.org/aports/tree/community/postgresql15/APKBUILD?h=3.22-stable#n180 ("older clang versions don't have a 'clang' exe anymore.")
export CLANG=clang-19; \
\
# configure options taken from:
@@ -171,8 +171,7 @@ RUN set -eux; \
zstd \
# https://wiki.alpinelinux.org/wiki/Release_Notes_for_Alpine_3.16.0#ICU_data_split
icu-data-full \
-# nss_wrapper is not availble on ppc64le: "test case segfaults in ppc64le"
-# https://git.alpinelinux.org/aports/commit/testing/nss_wrapper/APKBUILD?h=3.17-stable&id=94d81ceeb58cff448d489bbcbe9a6d40c9991663
+# https://git.alpinelinux.org/aports/tree/community/nss_wrapper/APKBUILD?h=3.22-stable#n7 ("ppc64le: test case segfaults")
$([ "$(apk --print-arch)" != 'ppc64le' ] && echo 'nss_wrapper') \
; \
apk del --no-network .build-deps; \
diff --git a/16/alpine3.20/Dockerfile b/16/alpine3.22/Dockerfile
similarity index 93%
rename from 16/alpine3.20/Dockerfile
rename to 16/alpine3.22/Dockerfile
index 6095fa9396..902de7538f 100644
--- a/16/alpine3.20/Dockerfile
+++ b/16/alpine3.22/Dockerfile
@@ -4,10 +4,10 @@
# PLEASE DO NOT EDIT IT DIRECTLY.
#
-FROM alpine:3.20
+FROM alpine:3.22
# 70 is the standard uid/gid for "postgres" in Alpine
-# https://git.alpinelinux.org/aports/tree/main/postgresql-common/postgresql-common.pre-install?h=3.21-stable
+# https://git.alpinelinux.org/aports/tree/main/postgresql-common/postgresql-common.pre-install?h=3.22-stable
RUN set -eux; \
addgroup -g 70 -S postgres; \
adduser -u 70 -S -D -G postgres -H -h /var/lib/postgresql -s /bin/sh postgres; \
@@ -57,8 +57,8 @@ ENV PG_VERSION 16.9
ENV PG_SHA256 07c00fb824df0a0c295f249f44691b86e3266753b380c96f633c3311e10bd005
ENV DOCKER_PG_LLVM_DEPS \
- llvm15-dev \
- clang15
+ llvm19-dev \
+ clang19
RUN set -eux; \
\
@@ -113,10 +113,10 @@ RUN set -eux; \
mv src/include/pg_config_manual.h.new src/include/pg_config_manual.h; \
gnuArch="$(dpkg-architecture --query DEB_BUILD_GNU_TYPE)"; \
\
-# https://git.alpinelinux.org/aports/tree/community/postgresql15/APKBUILD?h=3.21-stable&id=40544ade947bec1798edb0f749f4e967e842624b#n172
- export LLVM_CONFIG="/usr/lib/llvm15/bin/llvm-config"; \
-# https://git.alpinelinux.org/aports/tree/community/postgresql15/APKBUILD?h=3.21-stable&id=40544ade947bec1798edb0f749f4e967e842624b#n177
- export CLANG=clang-15; \
+# https://git.alpinelinux.org/aports/tree/community/postgresql15/APKBUILD?h=3.22-stable#n176 ("export LLVM_CONFIG")
+ export LLVM_CONFIG="/usr/lib/llvm19/bin/llvm-config"; \
+# https://git.alpinelinux.org/aports/tree/community/postgresql15/APKBUILD?h=3.22-stable#n180 ("older clang versions don't have a 'clang' exe anymore.")
+ export CLANG=clang-19; \
\
# configure options taken from:
# https://anonscm.debian.org/cgit/pkg-postgresql/postgresql.git/tree/debian/rules?h=9.5
@@ -171,8 +171,7 @@ RUN set -eux; \
zstd \
# https://wiki.alpinelinux.org/wiki/Release_Notes_for_Alpine_3.16.0#ICU_data_split
icu-data-full \
-# nss_wrapper is not availble on ppc64le: "test case segfaults in ppc64le"
-# https://git.alpinelinux.org/aports/commit/testing/nss_wrapper/APKBUILD?h=3.17-stable&id=94d81ceeb58cff448d489bbcbe9a6d40c9991663
+# https://git.alpinelinux.org/aports/tree/community/nss_wrapper/APKBUILD?h=3.22-stable#n7 ("ppc64le: test case segfaults")
$([ "$(apk --print-arch)" != 'ppc64le' ] && echo 'nss_wrapper') \
; \
apk del --no-network .build-deps; \
diff --git a/16/alpine3.20/docker-ensure-initdb.sh b/16/alpine3.22/docker-ensure-initdb.sh
similarity index 100%
rename from 16/alpine3.20/docker-ensure-initdb.sh
rename to 16/alpine3.22/docker-ensure-initdb.sh
diff --git a/16/alpine3.20/docker-entrypoint.sh b/16/alpine3.22/docker-entrypoint.sh
similarity index 100%
rename from 16/alpine3.20/docker-entrypoint.sh
rename to 16/alpine3.22/docker-entrypoint.sh
diff --git a/17/alpine3.21/Dockerfile b/17/alpine3.21/Dockerfile
index 9e4bf205bd..c3c81bd437 100644
--- a/17/alpine3.21/Dockerfile
+++ b/17/alpine3.21/Dockerfile
@@ -7,7 +7,7 @@
FROM alpine:3.21
# 70 is the standard uid/gid for "postgres" in Alpine
-# https://git.alpinelinux.org/aports/tree/main/postgresql-common/postgresql-common.pre-install?h=3.21-stable
+# https://git.alpinelinux.org/aports/tree/main/postgresql-common/postgresql-common.pre-install?h=3.22-stable
RUN set -eux; \
addgroup -g 70 -S postgres; \
adduser -u 70 -S -D -G postgres -H -h /var/lib/postgresql -s /bin/sh postgres; \
@@ -112,9 +112,9 @@ RUN set -eux; \
mv src/include/pg_config_manual.h.new src/include/pg_config_manual.h; \
gnuArch="$(dpkg-architecture --query DEB_BUILD_GNU_TYPE)"; \
\
-# https://git.alpinelinux.org/aports/tree/community/postgresql15/APKBUILD?h=3.21-stable&id=40544ade947bec1798edb0f749f4e967e842624b#n172
+# https://git.alpinelinux.org/aports/tree/community/postgresql15/APKBUILD?h=3.22-stable#n176 ("export LLVM_CONFIG")
export LLVM_CONFIG="/usr/lib/llvm19/bin/llvm-config"; \
-# https://git.alpinelinux.org/aports/tree/community/postgresql15/APKBUILD?h=3.21-stable&id=40544ade947bec1798edb0f749f4e967e842624b#n177
+# https://git.alpinelinux.org/aports/tree/community/postgresql15/APKBUILD?h=3.22-stable#n180 ("older clang versions don't have a 'clang' exe anymore.")
export CLANG=clang-19; \
\
# configure options taken from:
@@ -169,8 +169,7 @@ RUN set -eux; \
zstd \
# https://wiki.alpinelinux.org/wiki/Release_Notes_for_Alpine_3.16.0#ICU_data_split
icu-data-full \
-# nss_wrapper is not availble on ppc64le: "test case segfaults in ppc64le"
-# https://git.alpinelinux.org/aports/commit/testing/nss_wrapper/APKBUILD?h=3.17-stable&id=94d81ceeb58cff448d489bbcbe9a6d40c9991663
+# https://git.alpinelinux.org/aports/tree/community/nss_wrapper/APKBUILD?h=3.22-stable#n7 ("ppc64le: test case segfaults")
$([ "$(apk --print-arch)" != 'ppc64le' ] && echo 'nss_wrapper') \
; \
apk del --no-network .build-deps; \
diff --git a/17/alpine3.20/Dockerfile b/17/alpine3.22/Dockerfile
similarity index 93%
rename from 17/alpine3.20/Dockerfile
rename to 17/alpine3.22/Dockerfile
index bcf17f32a0..5c303bd7d0 100644
--- a/17/alpine3.20/Dockerfile
+++ b/17/alpine3.22/Dockerfile
@@ -4,10 +4,10 @@
# PLEASE DO NOT EDIT IT DIRECTLY.
#
-FROM alpine:3.20
+FROM alpine:3.22
# 70 is the standard uid/gid for "postgres" in Alpine
-# https://git.alpinelinux.org/aports/tree/main/postgresql-common/postgresql-common.pre-install?h=3.21-stable
+# https://git.alpinelinux.org/aports/tree/main/postgresql-common/postgresql-common.pre-install?h=3.22-stable
RUN set -eux; \
addgroup -g 70 -S postgres; \
adduser -u 70 -S -D -G postgres -H -h /var/lib/postgresql -s /bin/sh postgres; \
@@ -56,8 +56,8 @@ ENV PG_VERSION 17.5
ENV PG_SHA256 fcb7ab38e23b264d1902cb25e6adafb4525a6ebcbd015434aeef9eda80f528d8
ENV DOCKER_PG_LLVM_DEPS \
- llvm15-dev \
- clang15
+ llvm19-dev \
+ clang19
RUN set -eux; \
\
@@ -112,10 +112,10 @@ RUN set -eux; \
mv src/include/pg_config_manual.h.new src/include/pg_config_manual.h; \
gnuArch="$(dpkg-architecture --query DEB_BUILD_GNU_TYPE)"; \
\
-# https://git.alpinelinux.org/aports/tree/community/postgresql15/APKBUILD?h=3.21-stable&id=40544ade947bec1798edb0f749f4e967e842624b#n172
- export LLVM_CONFIG="/usr/lib/llvm15/bin/llvm-config"; \
-# https://git.alpinelinux.org/aports/tree/community/postgresql15/APKBUILD?h=3.21-stable&id=40544ade947bec1798edb0f749f4e967e842624b#n177
- export CLANG=clang-15; \
+# https://git.alpinelinux.org/aports/tree/community/postgresql15/APKBUILD?h=3.22-stable#n176 ("export LLVM_CONFIG")
+ export LLVM_CONFIG="/usr/lib/llvm19/bin/llvm-config"; \
+# https://git.alpinelinux.org/aports/tree/community/postgresql15/APKBUILD?h=3.22-stable#n180 ("older clang versions don't have a 'clang' exe anymore.")
+ export CLANG=clang-19; \
\
# configure options taken from:
# https://anonscm.debian.org/cgit/pkg-postgresql/postgresql.git/tree/debian/rules?h=9.5
@@ -169,8 +169,7 @@ RUN set -eux; \
zstd \
# https://wiki.alpinelinux.org/wiki/Release_Notes_for_Alpine_3.16.0#ICU_data_split
icu-data-full \
-# nss_wrapper is not availble on ppc64le: "test case segfaults in ppc64le"
-# https://git.alpinelinux.org/aports/commit/testing/nss_wrapper/APKBUILD?h=3.17-stable&id=94d81ceeb58cff448d489bbcbe9a6d40c9991663
+# https://git.alpinelinux.org/aports/tree/community/nss_wrapper/APKBUILD?h=3.22-stable#n7 ("ppc64le: test case segfaults")
$([ "$(apk --print-arch)" != 'ppc64le' ] && echo 'nss_wrapper') \
; \
apk del --no-network .build-deps; \
diff --git a/17/alpine3.20/docker-ensure-initdb.sh b/17/alpine3.22/docker-ensure-initdb.sh
similarity index 100%
rename from 17/alpine3.20/docker-ensure-initdb.sh
rename to 17/alpine3.22/docker-ensure-initdb.sh
diff --git a/17/alpine3.20/docker-entrypoint.sh b/17/alpine3.22/docker-entrypoint.sh
similarity index 100%
rename from 17/alpine3.20/docker-entrypoint.sh
rename to 17/alpine3.22/docker-entrypoint.sh
diff --git a/Dockerfile-alpine.template b/Dockerfile-alpine.template
index d0c90d18c8..29be5edb24 100644
--- a/Dockerfile-alpine.template
+++ b/Dockerfile-alpine.template
@@ -5,7 +5,7 @@
FROM alpine:{{ alpine_version }}
# 70 is the standard uid/gid for "postgres" in Alpine
-# https://git.alpinelinux.org/aports/tree/main/postgresql-common/postgresql-common.pre-install?h=3.21-stable
+# https://git.alpinelinux.org/aports/tree/main/postgresql-common/postgresql-common.pre-install?h=3.22-stable
RUN set -eux; \
addgroup -g 70 -S postgres; \
adduser -u 70 -S -D -G postgres -H -h /var/lib/postgresql -s /bin/sh postgres; \
@@ -58,11 +58,7 @@ ENV PG_SHA256 {{ .sha256 }}
{{
def llvmver:
- if alpine_version | split(".") | map(tonumber) < [3, 21] then
- "15"
- else
- "19"
- end
+ "19"
-}}
ENV DOCKER_PG_LLVM_DEPS \
llvm{{ llvmver }}-dev \
@@ -125,9 +121,9 @@ RUN set -eux; \
mv src/include/pg_config_manual.h.new src/include/pg_config_manual.h; \
gnuArch="$(dpkg-architecture --query DEB_BUILD_GNU_TYPE)"; \
\
-# https://git.alpinelinux.org/aports/tree/community/postgresql15/APKBUILD?h=3.21-stable&id=40544ade947bec1798edb0f749f4e967e842624b#n172
+# https://git.alpinelinux.org/aports/tree/community/postgresql15/APKBUILD?h=3.22-stable#n176 ("export LLVM_CONFIG")
export LLVM_CONFIG="/usr/lib/llvm{{ llvmver }}/bin/llvm-config"; \
-# https://git.alpinelinux.org/aports/tree/community/postgresql15/APKBUILD?h=3.21-stable&id=40544ade947bec1798edb0f749f4e967e842624b#n177
+# https://git.alpinelinux.org/aports/tree/community/postgresql15/APKBUILD?h=3.22-stable#n180 ("older clang versions don't have a 'clang' exe anymore.")
export CLANG=clang-{{ llvmver }}; \
\
# configure options taken from:
@@ -195,8 +191,7 @@ RUN set -eux; \
zstd \
# https://wiki.alpinelinux.org/wiki/Release_Notes_for_Alpine_3.16.0#ICU_data_split
icu-data-full \
-# nss_wrapper is not availble on ppc64le: "test case segfaults in ppc64le"
-# https://git.alpinelinux.org/aports/commit/testing/nss_wrapper/APKBUILD?h=3.17-stable&id=94d81ceeb58cff448d489bbcbe9a6d40c9991663
+# https://git.alpinelinux.org/aports/tree/community/nss_wrapper/APKBUILD?h=3.22-stable#n7 ("ppc64le: test case segfaults")
$([ "$(apk --print-arch)" != 'ppc64le' ] && echo 'nss_wrapper') \
; \
apk del --no-network .build-deps; \
diff --git a/versions.json b/versions.json
index 0c4bfb0d20..102381e55c 100644
--- a/versions.json
+++ b/versions.json
@@ -1,6 +1,6 @@
{
"13": {
- "alpine": "3.21",
+ "alpine": "3.22",
"bookworm": {
"arches": [
"amd64",
@@ -23,13 +23,13 @@
"variants": [
"bookworm",
"bullseye",
- "alpine3.21",
- "alpine3.20"
+ "alpine3.22",
+ "alpine3.21"
],
"version": "13.21"
},
"14": {
- "alpine": "3.21",
+ "alpine": "3.22",
"bookworm": {
"arches": [
"amd64",
@@ -52,13 +52,13 @@
"variants": [
"bookworm",
"bullseye",
- "alpine3.21",
- "alpine3.20"
+ "alpine3.22",
+ "alpine3.21"
],
"version": "14.18"
},
"15": {
- "alpine": "3.21",
+ "alpine": "3.22",
"bookworm": {
"arches": [
"amd64",
@@ -81,13 +81,13 @@
"variants": [
"bookworm",
"bullseye",
- "alpine3.21",
- "alpine3.20"
+ "alpine3.22",
+ "alpine3.21"
],
"version": "15.13"
},
"16": {
- "alpine": "3.21",
+ "alpine": "3.22",
"bookworm": {
"arches": [
"amd64",
@@ -110,13 +110,13 @@
"variants": [
"bookworm",
"bullseye",
- "alpine3.21",
- "alpine3.20"
+ "alpine3.22",
+ "alpine3.21"
],
"version": "16.9"
},
"17": {
- "alpine": "3.21",
+ "alpine": "3.22",
"bookworm": {
"arches": [
"amd64",
@@ -139,8 +139,8 @@
"variants": [
"bookworm",
"bullseye",
- "alpine3.21",
- "alpine3.20"
+ "alpine3.22",
+ "alpine3.21"
],
"version": "17.5"
}
diff --git a/versions.sh b/versions.sh
index ad83e2b000..f466ac57a9 100755
--- a/versions.sh
+++ b/versions.sh
@@ -7,8 +7,8 @@ supportedDebianSuites=(
bullseye
)
supportedAlpineVersions=(
+ 3.22
3.21
- 3.20
)
defaultDebianSuite="${supportedDebianSuites[0]}"
declare -A debianSuites=(
From d1e97f29ba9be321fe80a74ada1faf750ff2e1b9 Mon Sep 17 00:00:00 2001
From: Rene Leonhardt <65483435+reneleonhardt@users.noreply.github.com>
Date: Sat, 31 May 2025 14:40:54 +0200
Subject: [PATCH 113/115] add postgres 18 beta1
---
18/alpine3.21/Dockerfile | 227 ++++++++++++++++
18/alpine3.21/docker-ensure-initdb.sh | 71 +++++
18/alpine3.21/docker-entrypoint.sh | 359 ++++++++++++++++++++++++++
18/alpine3.22/Dockerfile | 227 ++++++++++++++++
18/alpine3.22/docker-ensure-initdb.sh | 71 +++++
18/alpine3.22/docker-entrypoint.sh | 359 ++++++++++++++++++++++++++
18/bookworm/Dockerfile | 220 ++++++++++++++++
18/bookworm/docker-ensure-initdb.sh | 71 +++++
18/bookworm/docker-entrypoint.sh | 359 ++++++++++++++++++++++++++
18/bullseye/Dockerfile | 220 ++++++++++++++++
18/bullseye/docker-ensure-initdb.sh | 71 +++++
18/bullseye/docker-entrypoint.sh | 359 ++++++++++++++++++++++++++
Dockerfile-debian.template | 4 +
versions.json | 29 +++
14 files changed, 2647 insertions(+)
create mode 100644 18/alpine3.21/Dockerfile
create mode 100755 18/alpine3.21/docker-ensure-initdb.sh
create mode 100755 18/alpine3.21/docker-entrypoint.sh
create mode 100644 18/alpine3.22/Dockerfile
create mode 100755 18/alpine3.22/docker-ensure-initdb.sh
create mode 100755 18/alpine3.22/docker-entrypoint.sh
create mode 100644 18/bookworm/Dockerfile
create mode 100755 18/bookworm/docker-ensure-initdb.sh
create mode 100755 18/bookworm/docker-entrypoint.sh
create mode 100644 18/bullseye/Dockerfile
create mode 100755 18/bullseye/docker-ensure-initdb.sh
create mode 100755 18/bullseye/docker-entrypoint.sh
diff --git a/18/alpine3.21/Dockerfile b/18/alpine3.21/Dockerfile
new file mode 100644
index 0000000000..86aad693fd
--- /dev/null
+++ b/18/alpine3.21/Dockerfile
@@ -0,0 +1,227 @@
+#
+# NOTE: THIS DOCKERFILE IS GENERATED VIA "apply-templates.sh"
+#
+# PLEASE DO NOT EDIT IT DIRECTLY.
+#
+
+FROM alpine:3.21
+
+# 70 is the standard uid/gid for "postgres" in Alpine
+# https://git.alpinelinux.org/aports/tree/main/postgresql-common/postgresql-common.pre-install?h=3.22-stable
+RUN set -eux; \
+ addgroup -g 70 -S postgres; \
+ adduser -u 70 -S -D -G postgres -H -h /var/lib/postgresql -s /bin/sh postgres; \
+# also create the postgres user's home directory with appropriate permissions
+# see https://github.com/docker-library/postgres/issues/274
+ install --verbose --directory --owner postgres --group postgres --mode 1777 /var/lib/postgresql
+
+# grab gosu for easy step-down from root
+# https://github.com/tianon/gosu/releases
+ENV GOSU_VERSION 1.17
+RUN set -eux; \
+ \
+ apk add --no-cache --virtual .gosu-deps \
+ ca-certificates \
+ dpkg \
+ gnupg \
+ ; \
+ \
+ dpkgArch="$(dpkg --print-architecture | awk -F- '{ print $NF }')"; \
+ wget -O /usr/local/bin/gosu "https://github.com/tianon/gosu/releases/download/$GOSU_VERSION/gosu-$dpkgArch"; \
+ wget -O /usr/local/bin/gosu.asc "https://github.com/tianon/gosu/releases/download/$GOSU_VERSION/gosu-$dpkgArch.asc"; \
+ \
+# verify the signature
+ export GNUPGHOME="$(mktemp -d)"; \
+ gpg --batch --keyserver hkps://keys.openpgp.org --recv-keys B42F6819007F00F88E364FD4036A9C25BF357DD4; \
+ gpg --batch --verify /usr/local/bin/gosu.asc /usr/local/bin/gosu; \
+ gpgconf --kill all; \
+ rm -rf "$GNUPGHOME" /usr/local/bin/gosu.asc; \
+ \
+# clean up fetch dependencies
+ apk del --no-network .gosu-deps; \
+ \
+ chmod +x /usr/local/bin/gosu; \
+# verify that the binary works
+ gosu --version; \
+ gosu nobody true
+
+# make the "en_US.UTF-8" locale so postgres will be utf-8 enabled by default
+# alpine doesn't require explicit locale-file generation
+ENV LANG en_US.utf8
+
+RUN mkdir /docker-entrypoint-initdb.d
+
+ENV PG_MAJOR 18
+ENV PG_VERSION 18beta1
+ENV PG_SHA256 0b7c83df6195398aa67dbf5c002e7fa4082be393aae99aa69926d483f98eb885
+
+ENV DOCKER_PG_LLVM_DEPS \
+ llvm19-dev \
+ clang19
+
+RUN set -eux; \
+ \
+ wget -O postgresql.tar.bz2 "https://ftp.postgresql.org/pub/source/v$PG_VERSION/postgresql-$PG_VERSION.tar.bz2"; \
+ echo "$PG_SHA256 *postgresql.tar.bz2" | sha256sum -c -; \
+ mkdir -p /usr/src/postgresql; \
+ tar \
+ --extract \
+ --file postgresql.tar.bz2 \
+ --directory /usr/src/postgresql \
+ --strip-components 1 \
+ ; \
+ rm postgresql.tar.bz2; \
+ \
+ apk add --no-cache --virtual .build-deps \
+ $DOCKER_PG_LLVM_DEPS \
+ bison \
+ coreutils \
+ dpkg-dev dpkg \
+ flex \
+ g++ \
+ gcc \
+ krb5-dev \
+ libc-dev \
+ libedit-dev \
+ libxml2-dev \
+ libxslt-dev \
+ linux-headers \
+ make \
+ openldap-dev \
+ openssl-dev \
+ perl-dev \
+ perl-ipc-run \
+ perl-utils \
+ python3-dev \
+ tcl-dev \
+ util-linux-dev \
+ zlib-dev \
+# https://www.postgresql.org/docs/10/static/release-10.html#id-1.11.6.9.5.13
+ icu-dev \
+# https://www.postgresql.org/docs/14/release-14.html#id-1.11.6.5.5.3.7
+ lz4-dev \
+# https://www.postgresql.org/docs/15/release-15.html "--with-zstd to enable Zstandard builds"
+ zstd-dev \
+ ; \
+ \
+ cd /usr/src/postgresql; \
+# update "DEFAULT_PGSOCKET_DIR" to "/var/run/postgresql" (matching Debian)
+# see https://anonscm.debian.org/git/pkg-postgresql/postgresql.git/tree/debian/patches/51-default-sockets-in-var.patch?id=8b539fcb3e093a521c095e70bdfa76887217b89f
+ awk '$1 == "#define" && $2 == "DEFAULT_PGSOCKET_DIR" && $3 == "\"/tmp\"" { $3 = "\"/var/run/postgresql\""; print; next } { print }' src/include/pg_config_manual.h > src/include/pg_config_manual.h.new; \
+ grep '/var/run/postgresql' src/include/pg_config_manual.h.new; \
+ mv src/include/pg_config_manual.h.new src/include/pg_config_manual.h; \
+ gnuArch="$(dpkg-architecture --query DEB_BUILD_GNU_TYPE)"; \
+ \
+# https://git.alpinelinux.org/aports/tree/community/postgresql15/APKBUILD?h=3.22-stable#n176 ("export LLVM_CONFIG")
+ export LLVM_CONFIG="/usr/lib/llvm19/bin/llvm-config"; \
+# https://git.alpinelinux.org/aports/tree/community/postgresql15/APKBUILD?h=3.22-stable#n180 ("older clang versions don't have a 'clang' exe anymore.")
+ export CLANG=clang-19; \
+ \
+# configure options taken from:
+# https://anonscm.debian.org/cgit/pkg-postgresql/postgresql.git/tree/debian/rules?h=9.5
+ ./configure \
+ --enable-option-checking=fatal \
+ --build="$gnuArch" \
+# "/usr/src/postgresql/src/backend/access/common/tupconvert.c:105: undefined reference to `libintl_gettext'"
+# --enable-nls \
+ --enable-integer-datetimes \
+ --enable-tap-tests \
+# skip debugging info -- we want tiny size instead
+# --enable-debug \
+ --disable-rpath \
+ --with-uuid=e2fs \
+ --with-pgport=5432 \
+ --with-system-tzdata=/usr/share/zoneinfo \
+ --prefix=/usr/local \
+ --with-includes=/usr/local/include \
+ --with-libraries=/usr/local/lib \
+ --with-gssapi \
+ --with-ldap \
+ --with-tcl \
+ --with-perl \
+ --with-python \
+# --with-pam \
+ --with-openssl \
+ --with-libxml \
+ --with-libxslt \
+ --with-icu \
+ --with-llvm \
+ --with-lz4 \
+ --with-zstd \
+ ; \
+ make -j "$(nproc)" world-bin; \
+ make install-world-bin; \
+ make -C contrib install; \
+ \
+ runDeps="$( \
+ scanelf --needed --nobanner --format '%n#p' --recursive /usr/local \
+ | tr ',' '\n' \
+ | sort -u \
+ | awk 'system("[ -e /usr/local/lib/" $1 " ]") == 0 { next } { print "so:" $1 }' \
+# Remove plperl, plpython and pltcl dependencies by default to save image size
+# To use the pl extensions, those have to be installed in a derived image
+ | grep -v -e perl -e python -e tcl \
+ )"; \
+ apk add --no-cache --virtual .postgresql-rundeps \
+ $runDeps \
+ bash \
+ tzdata \
+ zstd \
+# https://wiki.alpinelinux.org/wiki/Release_Notes_for_Alpine_3.16.0#ICU_data_split
+ icu-data-full \
+# https://git.alpinelinux.org/aports/tree/community/nss_wrapper/APKBUILD?h=3.22-stable#n7 ("ppc64le: test case segfaults")
+ $([ "$(apk --print-arch)" != 'ppc64le' ] && echo 'nss_wrapper') \
+ ; \
+ apk del --no-network .build-deps; \
+ cd /; \
+ rm -rf \
+ /usr/src/postgresql \
+ /usr/local/share/doc \
+ /usr/local/share/man \
+ ; \
+ \
+ postgres --version
+
+# make the sample config easier to munge (and "correct by default")
+RUN set -eux; \
+ cp -v /usr/local/share/postgresql/postgresql.conf.sample /usr/local/share/postgresql/postgresql.conf.sample.orig; \
+ sed -ri "s!^#?(listen_addresses)\s*=\s*\S+.*!\1 = '*'!" /usr/local/share/postgresql/postgresql.conf.sample; \
+ grep -F "listen_addresses = '*'" /usr/local/share/postgresql/postgresql.conf.sample
+
+RUN install --verbose --directory --owner postgres --group postgres --mode 3777 /var/run/postgresql
+
+ENV PGDATA /var/lib/postgresql/data
+# this 1777 will be replaced by 0700 at runtime (allows semi-arbitrary "--user" values)
+RUN install --verbose --directory --owner postgres --group postgres --mode 1777 "$PGDATA"
+VOLUME /var/lib/postgresql/data
+
+COPY docker-entrypoint.sh docker-ensure-initdb.sh /usr/local/bin/
+RUN ln -sT docker-ensure-initdb.sh /usr/local/bin/docker-enforce-initdb.sh
+ENTRYPOINT ["docker-entrypoint.sh"]
+
+# We set the default STOPSIGNAL to SIGINT, which corresponds to what PostgreSQL
+# calls "Fast Shutdown mode" wherein new connections are disallowed and any
+# in-progress transactions are aborted, allowing PostgreSQL to stop cleanly and
+# flush tables to disk.
+#
+# See https://www.postgresql.org/docs/current/server-shutdown.html for more details
+# about available PostgreSQL server shutdown signals.
+#
+# See also https://www.postgresql.org/docs/current/server-start.html for further
+# justification of this as the default value, namely that the example (and
+# shipped) systemd service files use the "Fast Shutdown mode" for service
+# termination.
+#
+STOPSIGNAL SIGINT
+#
+# An additional setting that is recommended for all users regardless of this
+# value is the runtime "--stop-timeout" (or your orchestrator/runtime's
+# equivalent) for controlling how long to wait between sending the defined
+# STOPSIGNAL and sending SIGKILL.
+#
+# The default in most runtimes (such as Docker) is 10 seconds, and the
+# documentation at https://www.postgresql.org/docs/current/server-start.html notes
+# that even 90 seconds may not be long enough in many instances.
+
+EXPOSE 5432
+CMD ["postgres"]
diff --git a/18/alpine3.21/docker-ensure-initdb.sh b/18/alpine3.21/docker-ensure-initdb.sh
new file mode 100755
index 0000000000..ae1f6b6b90
--- /dev/null
+++ b/18/alpine3.21/docker-ensure-initdb.sh
@@ -0,0 +1,71 @@
+#!/usr/bin/env bash
+set -Eeuo pipefail
+
+#
+# This script is intended for three main use cases:
+#
+# 1. (most importantly) as an example of how to use "docker-entrypoint.sh" to extend/reuse the initialization behavior
+#
+# 2. ("docker-ensure-initdb.sh") as a Kubernetes "init container" to ensure the provided database directory is initialized; see also "startup probes" for an alternative solution
+# (no-op if database is already initialized)
+#
+# 3. ("docker-enforce-initdb.sh") as part of CI to ensure the database is fully initialized before use
+# (error if database is already initialized)
+#
+
+source /usr/local/bin/docker-entrypoint.sh
+
+# arguments to this script are assumed to be arguments to the "postgres" server (same as "docker-entrypoint.sh"), and most "docker-entrypoint.sh" functions assume "postgres" is the first argument (see "_main" over there)
+if [ "$#" -eq 0 ] || [ "$1" != 'postgres' ]; then
+ set -- postgres "$@"
+fi
+
+# see also "_main" in "docker-entrypoint.sh"
+
+docker_setup_env
+# setup data directories and permissions (when run as root)
+docker_create_db_directories
+if [ "$(id -u)" = '0' ]; then
+ # then restart script as postgres user
+ exec gosu postgres "$BASH_SOURCE" "$@"
+fi
+
+# only run initialization on an empty data directory
+if [ -z "$DATABASE_ALREADY_EXISTS" ]; then
+ docker_verify_minimum_env
+
+ # check dir permissions to reduce likelihood of half-initialized database
+ ls /docker-entrypoint-initdb.d/ > /dev/null
+
+ docker_init_database_dir
+ pg_setup_hba_conf "$@"
+
+ # PGPASSWORD is required for psql when authentication is required for 'local' connections via pg_hba.conf and is otherwise harmless
+ # e.g. when '--auth=md5' or '--auth-local=md5' is used in POSTGRES_INITDB_ARGS
+ export PGPASSWORD="${PGPASSWORD:-$POSTGRES_PASSWORD}"
+ docker_temp_server_start "$@"
+
+ docker_setup_db
+ docker_process_init_files /docker-entrypoint-initdb.d/*
+
+ docker_temp_server_stop
+ unset PGPASSWORD
+else
+ self="$(basename "$0")"
+ case "$self" in
+ docker-ensure-initdb.sh)
+ echo >&2 "$self: note: database already initialized in '$PGDATA'!"
+ exit 0
+ ;;
+
+ docker-enforce-initdb.sh)
+ echo >&2 "$self: error: (unexpected) database found in '$PGDATA'!"
+ exit 1
+ ;;
+
+ *)
+ echo >&2 "$self: error: unknown file name: $self"
+ exit 99
+ ;;
+ esac
+fi
diff --git a/18/alpine3.21/docker-entrypoint.sh b/18/alpine3.21/docker-entrypoint.sh
new file mode 100755
index 0000000000..ae40666ca1
--- /dev/null
+++ b/18/alpine3.21/docker-entrypoint.sh
@@ -0,0 +1,359 @@
+#!/usr/bin/env bash
+set -Eeo pipefail
+# TODO swap to -Eeuo pipefail above (after handling all potentially-unset variables)
+
+# usage: file_env VAR [DEFAULT]
+# ie: file_env 'XYZ_DB_PASSWORD' 'example'
+# (will allow for "$XYZ_DB_PASSWORD_FILE" to fill in the value of
+# "$XYZ_DB_PASSWORD" from a file, especially for Docker's secrets feature)
+file_env() {
+ local var="$1"
+ local fileVar="${var}_FILE"
+ local def="${2:-}"
+ if [ "${!var:-}" ] && [ "${!fileVar:-}" ]; then
+ printf >&2 'error: both %s and %s are set (but are exclusive)\n' "$var" "$fileVar"
+ exit 1
+ fi
+ local val="$def"
+ if [ "${!var:-}" ]; then
+ val="${!var}"
+ elif [ "${!fileVar:-}" ]; then
+ val="$(< "${!fileVar}")"
+ fi
+ export "$var"="$val"
+ unset "$fileVar"
+}
+
+# check to see if this file is being run or sourced from another script
+_is_sourced() {
+ # https://unix.stackexchange.com/a/215279
+ [ "${#FUNCNAME[@]}" -ge 2 ] \
+ && [ "${FUNCNAME[0]}" = '_is_sourced' ] \
+ && [ "${FUNCNAME[1]}" = 'source' ]
+}
+
+# used to create initial postgres directories and if run as root, ensure ownership to the "postgres" user
+docker_create_db_directories() {
+ local user; user="$(id -u)"
+
+ mkdir -p "$PGDATA"
+ # ignore failure since there are cases where we can't chmod (and PostgreSQL might fail later anyhow - it's picky about permissions of this directory)
+ chmod 00700 "$PGDATA" || :
+
+ # ignore failure since it will be fine when using the image provided directory; see also https://github.com/docker-library/postgres/pull/289
+ mkdir -p /var/run/postgresql || :
+ chmod 03775 /var/run/postgresql || :
+
+ # Create the transaction log directory before initdb is run so the directory is owned by the correct user
+ if [ -n "${POSTGRES_INITDB_WALDIR:-}" ]; then
+ mkdir -p "$POSTGRES_INITDB_WALDIR"
+ if [ "$user" = '0' ]; then
+ find "$POSTGRES_INITDB_WALDIR" \! -user postgres -exec chown postgres '{}' +
+ fi
+ chmod 700 "$POSTGRES_INITDB_WALDIR"
+ fi
+
+ # allow the container to be started with `--user`
+ if [ "$user" = '0' ]; then
+ find "$PGDATA" \! -user postgres -exec chown postgres '{}' +
+ find /var/run/postgresql \! -user postgres -exec chown postgres '{}' +
+ fi
+}
+
+# initialize empty PGDATA directory with new database via 'initdb'
+# arguments to `initdb` can be passed via POSTGRES_INITDB_ARGS or as arguments to this function
+# `initdb` automatically creates the "postgres", "template0", and "template1" dbnames
+# this is also where the database user is created, specified by `POSTGRES_USER` env
+docker_init_database_dir() {
+ # "initdb" is particular about the current user existing in "/etc/passwd", so we use "nss_wrapper" to fake that if necessary
+ # see https://github.com/docker-library/postgres/pull/253, https://github.com/docker-library/postgres/issues/359, https://cwrap.org/nss_wrapper.html
+ local uid; uid="$(id -u)"
+ if ! getent passwd "$uid" &> /dev/null; then
+ # see if we can find a suitable "libnss_wrapper.so" (https://salsa.debian.org/sssd-team/nss-wrapper/-/commit/b9925a653a54e24d09d9b498a2d913729f7abb15)
+ local wrapper
+ for wrapper in {/usr,}/lib{/*,}/libnss_wrapper.so; do
+ if [ -s "$wrapper" ]; then
+ NSS_WRAPPER_PASSWD="$(mktemp)"
+ NSS_WRAPPER_GROUP="$(mktemp)"
+ export LD_PRELOAD="$wrapper" NSS_WRAPPER_PASSWD NSS_WRAPPER_GROUP
+ local gid; gid="$(id -g)"
+ printf 'postgres:x:%s:%s:PostgreSQL:%s:/bin/false\n' "$uid" "$gid" "$PGDATA" > "$NSS_WRAPPER_PASSWD"
+ printf 'postgres:x:%s:\n' "$gid" > "$NSS_WRAPPER_GROUP"
+ break
+ fi
+ done
+ fi
+
+ if [ -n "${POSTGRES_INITDB_WALDIR:-}" ]; then
+ set -- --waldir "$POSTGRES_INITDB_WALDIR" "$@"
+ fi
+
+ # --pwfile refuses to handle a properly-empty file (hence the "\n"): https://github.com/docker-library/postgres/issues/1025
+ eval 'initdb --username="$POSTGRES_USER" --pwfile=<(printf "%s\n" "$POSTGRES_PASSWORD") '"$POSTGRES_INITDB_ARGS"' "$@"'
+
+ # unset/cleanup "nss_wrapper" bits
+ if [[ "${LD_PRELOAD:-}" == */libnss_wrapper.so ]]; then
+ rm -f "$NSS_WRAPPER_PASSWD" "$NSS_WRAPPER_GROUP"
+ unset LD_PRELOAD NSS_WRAPPER_PASSWD NSS_WRAPPER_GROUP
+ fi
+}
+
+# print large warning if POSTGRES_PASSWORD is long
+# error if both POSTGRES_PASSWORD is empty and POSTGRES_HOST_AUTH_METHOD is not 'trust'
+# print large warning if POSTGRES_HOST_AUTH_METHOD is set to 'trust'
+# assumes database is not set up, ie: [ -z "$DATABASE_ALREADY_EXISTS" ]
+docker_verify_minimum_env() {
+ case "${PG_MAJOR:-}" in
+ 13) # https://github.com/postgres/postgres/commit/67a472d71c98c3d2fa322a1b4013080b20720b98
+ # check password first so we can output the warning before postgres
+ # messes it up
+ if [ "${#POSTGRES_PASSWORD}" -ge 100 ]; then
+ cat >&2 <<-'EOWARN'
+
+ WARNING: The supplied POSTGRES_PASSWORD is 100+ characters.
+
+ This will not work if used via PGPASSWORD with "psql".
+
+ https://www.postgresql.org/message-id/flat/E1Rqxp2-0004Qt-PL%40wrigleys.postgresql.org (BUG #6412)
+ https://github.com/docker-library/postgres/issues/507
+
+ EOWARN
+ fi
+ ;;
+ esac
+ if [ -z "$POSTGRES_PASSWORD" ] && [ 'trust' != "$POSTGRES_HOST_AUTH_METHOD" ]; then
+ # The - option suppresses leading tabs but *not* spaces. :)
+ cat >&2 <<-'EOE'
+ Error: Database is uninitialized and superuser password is not specified.
+ You must specify POSTGRES_PASSWORD to a non-empty value for the
+ superuser. For example, "-e POSTGRES_PASSWORD=password" on "docker run".
+
+ You may also use "POSTGRES_HOST_AUTH_METHOD=trust" to allow all
+ connections without a password. This is *not* recommended.
+
+ See PostgreSQL documentation about "trust":
+ https://www.postgresql.org/docs/current/auth-trust.html
+ EOE
+ exit 1
+ fi
+ if [ 'trust' = "$POSTGRES_HOST_AUTH_METHOD" ]; then
+ cat >&2 <<-'EOWARN'
+ ********************************************************************************
+ WARNING: POSTGRES_HOST_AUTH_METHOD has been set to "trust". This will allow
+ anyone with access to the Postgres port to access your database without
+ a password, even if POSTGRES_PASSWORD is set. See PostgreSQL
+ documentation about "trust":
+ https://www.postgresql.org/docs/current/auth-trust.html
+ In Docker's default configuration, this is effectively any other
+ container on the same system.
+
+ It is not recommended to use POSTGRES_HOST_AUTH_METHOD=trust. Replace
+ it with "-e POSTGRES_PASSWORD=password" instead to set a password in
+ "docker run".
+ ********************************************************************************
+ EOWARN
+ fi
+}
+
+# usage: docker_process_init_files [file [file [...]]]
+# ie: docker_process_init_files /always-initdb.d/*
+# process initializer files, based on file extensions and permissions
+docker_process_init_files() {
+ # psql here for backwards compatibility "${psql[@]}"
+ psql=( docker_process_sql )
+
+ printf '\n'
+ local f
+ for f; do
+ case "$f" in
+ *.sh)
+ # https://github.com/docker-library/postgres/issues/450#issuecomment-393167936
+ # https://github.com/docker-library/postgres/pull/452
+ if [ -x "$f" ]; then
+ printf '%s: running %s\n' "$0" "$f"
+ "$f"
+ else
+ printf '%s: sourcing %s\n' "$0" "$f"
+ . "$f"
+ fi
+ ;;
+ *.sql) printf '%s: running %s\n' "$0" "$f"; docker_process_sql -f "$f"; printf '\n' ;;
+ *.sql.gz) printf '%s: running %s\n' "$0" "$f"; gunzip -c "$f" | docker_process_sql; printf '\n' ;;
+ *.sql.xz) printf '%s: running %s\n' "$0" "$f"; xzcat "$f" | docker_process_sql; printf '\n' ;;
+ *.sql.zst) printf '%s: running %s\n' "$0" "$f"; zstd -dc "$f" | docker_process_sql; printf '\n' ;;
+ *) printf '%s: ignoring %s\n' "$0" "$f" ;;
+ esac
+ printf '\n'
+ done
+}
+
+# Execute sql script, passed via stdin (or -f flag of pqsl)
+# usage: docker_process_sql [psql-cli-args]
+# ie: docker_process_sql --dbname=mydb <<<'INSERT ...'
+# ie: docker_process_sql -f my-file.sql
+# ie: docker_process_sql <my-file.sql
+docker_process_sql() {
+ local query_runner=( psql -v ON_ERROR_STOP=1 --username "$POSTGRES_USER" --no-password --no-psqlrc )
+ if [ -n "$POSTGRES_DB" ]; then
+ query_runner+=( --dbname "$POSTGRES_DB" )
+ fi
+
+ PGHOST= PGHOSTADDR= "${query_runner[@]}" "$@"
+}
+
+# create initial database
+# uses environment variables for input: POSTGRES_DB
+docker_setup_db() {
+ local dbAlreadyExists
+ dbAlreadyExists="$(
+ POSTGRES_DB= docker_process_sql --dbname postgres --set db="$POSTGRES_DB" --tuples-only <<-'EOSQL'
+ SELECT 1 FROM pg_database WHERE datname = :'db' ;
+ EOSQL
+ )"
+ if [ -z "$dbAlreadyExists" ]; then
+ POSTGRES_DB= docker_process_sql --dbname postgres --set db="$POSTGRES_DB" <<-'EOSQL'
+ CREATE DATABASE :"db" ;
+ EOSQL
+ printf '\n'
+ fi
+}
+
+# Loads various settings that are used elsewhere in the script
+# This should be called before any other functions
+docker_setup_env() {
+ file_env 'POSTGRES_PASSWORD'
+
+ file_env 'POSTGRES_USER' 'postgres'
+ file_env 'POSTGRES_DB' "$POSTGRES_USER"
+ file_env 'POSTGRES_INITDB_ARGS'
+ : "${POSTGRES_HOST_AUTH_METHOD:=}"
+
+ declare -g DATABASE_ALREADY_EXISTS
+ : "${DATABASE_ALREADY_EXISTS:=}"
+ # look specifically for PG_VERSION, as it is expected in the DB dir
+ if [ -s "$PGDATA/PG_VERSION" ]; then
+ DATABASE_ALREADY_EXISTS='true'
+ fi
+}
+
+# append POSTGRES_HOST_AUTH_METHOD to pg_hba.conf for "host" connections
+# all arguments will be passed along as arguments to `postgres` for getting the value of 'password_encryption'
+pg_setup_hba_conf() {
+ # default authentication method is md5 on versions before 14
+ # https://www.postgresql.org/about/news/postgresql-14-released-2318/
+ if [ "$1" = 'postgres' ]; then
+ shift
+ fi
+ local auth
+ # check the default/configured encryption and use that as the auth method
+ auth="$(postgres -C password_encryption "$@")"
+ : "${POSTGRES_HOST_AUTH_METHOD:=$auth}"
+ {
+ printf '\n'
+ if [ 'trust' = "$POSTGRES_HOST_AUTH_METHOD" ]; then
+ printf '# warning trust is enabled for all connections\n'
+ printf '# see https://www.postgresql.org/docs/17/auth-trust.html\n'
+ fi
+ printf 'host all all all %s\n' "$POSTGRES_HOST_AUTH_METHOD"
+ } >> "$PGDATA/pg_hba.conf"
+}
+
+# start socket-only postgresql server for setting up or running scripts
+# all arguments will be passed along as arguments to `postgres` (via pg_ctl)
+docker_temp_server_start() {
+ if [ "$1" = 'postgres' ]; then
+ shift
+ fi
+
+ # internal start of server in order to allow setup using psql client
+ # does not listen on external TCP/IP and waits until start finishes
+ set -- "$@" -c listen_addresses='' -p "${PGPORT:-5432}"
+
+ # unset NOTIFY_SOCKET so the temporary server doesn't prematurely notify
+ # any process supervisor.
+ NOTIFY_SOCKET= \
+ PGUSER="${PGUSER:-$POSTGRES_USER}" \
+ pg_ctl -D "$PGDATA" \
+ -o "$(printf '%q ' "$@")" \
+ -w start
+}
+
+# stop postgresql server after done setting up user and running scripts
+docker_temp_server_stop() {
+ PGUSER="${PGUSER:-postgres}" \
+ pg_ctl -D "$PGDATA" -m fast -w stop
+}
+
+# check arguments for an option that would cause postgres to stop
+# return true if there is one
+_pg_want_help() {
+ local arg
+ for arg; do
+ case "$arg" in
+ # postgres --help | grep 'then exit'
+ # leaving out -C on purpose since it always fails and is unhelpful:
+ # postgres: could not access the server configuration file "/var/lib/postgresql/data/postgresql.conf": No such file or directory
+ -'?'|--help|--describe-config|-V|--version)
+ return 0
+ ;;
+ esac
+ done
+ return 1
+}
+
+_main() {
+ # if first arg looks like a flag, assume we want to run postgres server
+ if [ "${1:0:1}" = '-' ]; then
+ set -- postgres "$@"
+ fi
+
+ if [ "$1" = 'postgres' ] && ! _pg_want_help "$@"; then
+ docker_setup_env
+ # setup data directories and permissions (when run as root)
+ docker_create_db_directories
+ if [ "$(id -u)" = '0' ]; then
+ # then restart script as postgres user
+ exec gosu postgres "$BASH_SOURCE" "$@"
+ fi
+
+ # only run initialization on an empty data directory
+ if [ -z "$DATABASE_ALREADY_EXISTS" ]; then
+ docker_verify_minimum_env
+
+ # check dir permissions to reduce likelihood of half-initialized database
+ ls /docker-entrypoint-initdb.d/ > /dev/null
+
+ docker_init_database_dir
+ pg_setup_hba_conf "$@"
+
+ # PGPASSWORD is required for psql when authentication is required for 'local' connections via pg_hba.conf and is otherwise harmless
+ # e.g. when '--auth=md5' or '--auth-local=md5' is used in POSTGRES_INITDB_ARGS
+ export PGPASSWORD="${PGPASSWORD:-$POSTGRES_PASSWORD}"
+ docker_temp_server_start "$@"
+
+ docker_setup_db
+ docker_process_init_files /docker-entrypoint-initdb.d/*
+
+ docker_temp_server_stop
+ unset PGPASSWORD
+
+ cat <<-'EOM'
+
+ PostgreSQL init process complete; ready for start up.
+
+ EOM
+ else
+ cat <<-'EOM'
+
+ PostgreSQL Database directory appears to contain a database; Skipping initialization
+
+ EOM
+ fi
+ fi
+
+ exec "$@"
+}
+
+if ! _is_sourced; then
+ _main "$@"
+fi
diff --git a/18/alpine3.22/Dockerfile b/18/alpine3.22/Dockerfile
new file mode 100644
index 0000000000..c4cc148dde
--- /dev/null
+++ b/18/alpine3.22/Dockerfile
@@ -0,0 +1,227 @@
+#
+# NOTE: THIS DOCKERFILE IS GENERATED VIA "apply-templates.sh"
+#
+# PLEASE DO NOT EDIT IT DIRECTLY.
+#
+
+FROM alpine:3.22
+
+# 70 is the standard uid/gid for "postgres" in Alpine
+# https://git.alpinelinux.org/aports/tree/main/postgresql-common/postgresql-common.pre-install?h=3.22-stable
+RUN set -eux; \
+ addgroup -g 70 -S postgres; \
+ adduser -u 70 -S -D -G postgres -H -h /var/lib/postgresql -s /bin/sh postgres; \
+# also create the postgres user's home directory with appropriate permissions
+# see https://github.com/docker-library/postgres/issues/274
+ install --verbose --directory --owner postgres --group postgres --mode 1777 /var/lib/postgresql
+
+# grab gosu for easy step-down from root
+# https://github.com/tianon/gosu/releases
+ENV GOSU_VERSION 1.17
+RUN set -eux; \
+ \
+ apk add --no-cache --virtual .gosu-deps \
+ ca-certificates \
+ dpkg \
+ gnupg \
+ ; \
+ \
+ dpkgArch="$(dpkg --print-architecture | awk -F- '{ print $NF }')"; \
+ wget -O /usr/local/bin/gosu "https://github.com/tianon/gosu/releases/download/$GOSU_VERSION/gosu-$dpkgArch"; \
+ wget -O /usr/local/bin/gosu.asc "https://github.com/tianon/gosu/releases/download/$GOSU_VERSION/gosu-$dpkgArch.asc"; \
+ \
+# verify the signature
+ export GNUPGHOME="$(mktemp -d)"; \
+ gpg --batch --keyserver hkps://keys.openpgp.org --recv-keys B42F6819007F00F88E364FD4036A9C25BF357DD4; \
+ gpg --batch --verify /usr/local/bin/gosu.asc /usr/local/bin/gosu; \
+ gpgconf --kill all; \
+ rm -rf "$GNUPGHOME" /usr/local/bin/gosu.asc; \
+ \
+# clean up fetch dependencies
+ apk del --no-network .gosu-deps; \
+ \
+ chmod +x /usr/local/bin/gosu; \
+# verify that the binary works
+ gosu --version; \
+ gosu nobody true
+
+# make the "en_US.UTF-8" locale so postgres will be utf-8 enabled by default
+# alpine doesn't require explicit locale-file generation
+ENV LANG en_US.utf8
+
+RUN mkdir /docker-entrypoint-initdb.d
+
+ENV PG_MAJOR 18
+ENV PG_VERSION 18beta1
+ENV PG_SHA256 0b7c83df6195398aa67dbf5c002e7fa4082be393aae99aa69926d483f98eb885
+
+ENV DOCKER_PG_LLVM_DEPS \
+ llvm19-dev \
+ clang19
+
+RUN set -eux; \
+ \
+ wget -O postgresql.tar.bz2 "https://ftp.postgresql.org/pub/source/v$PG_VERSION/postgresql-$PG_VERSION.tar.bz2"; \
+ echo "$PG_SHA256 *postgresql.tar.bz2" | sha256sum -c -; \
+ mkdir -p /usr/src/postgresql; \
+ tar \
+ --extract \
+ --file postgresql.tar.bz2 \
+ --directory /usr/src/postgresql \
+ --strip-components 1 \
+ ; \
+ rm postgresql.tar.bz2; \
+ \
+ apk add --no-cache --virtual .build-deps \
+ $DOCKER_PG_LLVM_DEPS \
+ bison \
+ coreutils \
+ dpkg-dev dpkg \
+ flex \
+ g++ \
+ gcc \
+ krb5-dev \
+ libc-dev \
+ libedit-dev \
+ libxml2-dev \
+ libxslt-dev \
+ linux-headers \
+ make \
+ openldap-dev \
+ openssl-dev \
+ perl-dev \
+ perl-ipc-run \
+ perl-utils \
+ python3-dev \
+ tcl-dev \
+ util-linux-dev \
+ zlib-dev \
+# https://www.postgresql.org/docs/10/static/release-10.html#id-1.11.6.9.5.13
+ icu-dev \
+# https://www.postgresql.org/docs/14/release-14.html#id-1.11.6.5.5.3.7
+ lz4-dev \
+# https://www.postgresql.org/docs/15/release-15.html "--with-zstd to enable Zstandard builds"
+ zstd-dev \
+ ; \
+ \
+ cd /usr/src/postgresql; \
+# update "DEFAULT_PGSOCKET_DIR" to "/var/run/postgresql" (matching Debian)
+# see https://anonscm.debian.org/git/pkg-postgresql/postgresql.git/tree/debian/patches/51-default-sockets-in-var.patch?id=8b539fcb3e093a521c095e70bdfa76887217b89f
+ awk '$1 == "#define" && $2 == "DEFAULT_PGSOCKET_DIR" && $3 == "\"/tmp\"" { $3 = "\"/var/run/postgresql\""; print; next } { print }' src/include/pg_config_manual.h > src/include/pg_config_manual.h.new; \
+ grep '/var/run/postgresql' src/include/pg_config_manual.h.new; \
+ mv src/include/pg_config_manual.h.new src/include/pg_config_manual.h; \
+ gnuArch="$(dpkg-architecture --query DEB_BUILD_GNU_TYPE)"; \
+ \
+# https://git.alpinelinux.org/aports/tree/community/postgresql15/APKBUILD?h=3.22-stable#n176 ("export LLVM_CONFIG")
+ export LLVM_CONFIG="/usr/lib/llvm19/bin/llvm-config"; \
+# https://git.alpinelinux.org/aports/tree/community/postgresql15/APKBUILD?h=3.22-stable#n180 ("older clang versions don't have a 'clang' exe anymore.")
+ export CLANG=clang-19; \
+ \
+# configure options taken from:
+# https://anonscm.debian.org/cgit/pkg-postgresql/postgresql.git/tree/debian/rules?h=9.5
+ ./configure \
+ --enable-option-checking=fatal \
+ --build="$gnuArch" \
+# "/usr/src/postgresql/src/backend/access/common/tupconvert.c:105: undefined reference to `libintl_gettext'"
+# --enable-nls \
+ --enable-integer-datetimes \
+ --enable-tap-tests \
+# skip debugging info -- we want tiny size instead
+# --enable-debug \
+ --disable-rpath \
+ --with-uuid=e2fs \
+ --with-pgport=5432 \
+ --with-system-tzdata=/usr/share/zoneinfo \
+ --prefix=/usr/local \
+ --with-includes=/usr/local/include \
+ --with-libraries=/usr/local/lib \
+ --with-gssapi \
+ --with-ldap \
+ --with-tcl \
+ --with-perl \
+ --with-python \
+# --with-pam \
+ --with-openssl \
+ --with-libxml \
+ --with-libxslt \
+ --with-icu \
+ --with-llvm \
+ --with-lz4 \
+ --with-zstd \
+ ; \
+ make -j "$(nproc)" world-bin; \
+ make install-world-bin; \
+ make -C contrib install; \
+ \
+ runDeps="$( \
+ scanelf --needed --nobanner --format '%n#p' --recursive /usr/local \
+ | tr ',' '\n' \
+ | sort -u \
+ | awk 'system("[ -e /usr/local/lib/" $1 " ]") == 0 { next } { print "so:" $1 }' \
+# Remove plperl, plpython and pltcl dependencies by default to save image size
+# To use the pl extensions, those have to be installed in a derived image
+ | grep -v -e perl -e python -e tcl \
+ )"; \
+ apk add --no-cache --virtual .postgresql-rundeps \
+ $runDeps \
+ bash \
+ tzdata \
+ zstd \
+# https://wiki.alpinelinux.org/wiki/Release_Notes_for_Alpine_3.16.0#ICU_data_split
+ icu-data-full \
+# https://git.alpinelinux.org/aports/tree/community/nss_wrapper/APKBUILD?h=3.22-stable#n7 ("ppc64le: test case segfaults")
+ $([ "$(apk --print-arch)" != 'ppc64le' ] && echo 'nss_wrapper') \
+ ; \
+ apk del --no-network .build-deps; \
+ cd /; \
+ rm -rf \
+ /usr/src/postgresql \
+ /usr/local/share/doc \
+ /usr/local/share/man \
+ ; \
+ \
+ postgres --version
+
+# make the sample config easier to munge (and "correct by default")
+RUN set -eux; \
+ cp -v /usr/local/share/postgresql/postgresql.conf.sample /usr/local/share/postgresql/postgresql.conf.sample.orig; \
+ sed -ri "s!^#?(listen_addresses)\s*=\s*\S+.*!\1 = '*'!" /usr/local/share/postgresql/postgresql.conf.sample; \
+ grep -F "listen_addresses = '*'" /usr/local/share/postgresql/postgresql.conf.sample
+
+RUN install --verbose --directory --owner postgres --group postgres --mode 3777 /var/run/postgresql
+
+ENV PGDATA /var/lib/postgresql/data
+# this 1777 will be replaced by 0700 at runtime (allows semi-arbitrary "--user" values)
+RUN install --verbose --directory --owner postgres --group postgres --mode 1777 "$PGDATA"
+VOLUME /var/lib/postgresql/data
+
+COPY docker-entrypoint.sh docker-ensure-initdb.sh /usr/local/bin/
+RUN ln -sT docker-ensure-initdb.sh /usr/local/bin/docker-enforce-initdb.sh
+ENTRYPOINT ["docker-entrypoint.sh"]
+
+# We set the default STOPSIGNAL to SIGINT, which corresponds to what PostgreSQL
+# calls "Fast Shutdown mode" wherein new connections are disallowed and any
+# in-progress transactions are aborted, allowing PostgreSQL to stop cleanly and
+# flush tables to disk.
+#
+# See https://www.postgresql.org/docs/current/server-shutdown.html for more details
+# about available PostgreSQL server shutdown signals.
+#
+# See also https://www.postgresql.org/docs/current/server-start.html for further
+# justification of this as the default value, namely that the example (and
+# shipped) systemd service files use the "Fast Shutdown mode" for service
+# termination.
+#
+STOPSIGNAL SIGINT
+#
+# An additional setting that is recommended for all users regardless of this
+# value is the runtime "--stop-timeout" (or your orchestrator/runtime's
+# equivalent) for controlling how long to wait between sending the defined
+# STOPSIGNAL and sending SIGKILL.
+#
+# The default in most runtimes (such as Docker) is 10 seconds, and the
+# documentation at https://www.postgresql.org/docs/current/server-start.html notes
+# that even 90 seconds may not be long enough in many instances.
+
+EXPOSE 5432
+CMD ["postgres"]
diff --git a/18/alpine3.22/docker-ensure-initdb.sh b/18/alpine3.22/docker-ensure-initdb.sh
new file mode 100755
index 0000000000..ae1f6b6b90
--- /dev/null
+++ b/18/alpine3.22/docker-ensure-initdb.sh
@@ -0,0 +1,71 @@
+#!/usr/bin/env bash
+set -Eeuo pipefail
+
+#
+# This script is intended for three main use cases:
+#
+# 1. (most importantly) as an example of how to use "docker-entrypoint.sh" to extend/reuse the initialization behavior
+#
+# 2. ("docker-ensure-initdb.sh") as a Kubernetes "init container" to ensure the provided database directory is initialized; see also "startup probes" for an alternative solution
+# (no-op if database is already initialized)
+#
+# 3. ("docker-enforce-initdb.sh") as part of CI to ensure the database is fully initialized before use
+# (error if database is already initialized)
+#
+
+source /usr/local/bin/docker-entrypoint.sh
+
+# arguments to this script are assumed to be arguments to the "postgres" server (same as "docker-entrypoint.sh"), and most "docker-entrypoint.sh" functions assume "postgres" is the first argument (see "_main" over there)
+if [ "$#" -eq 0 ] || [ "$1" != 'postgres' ]; then
+ set -- postgres "$@"
+fi
+
+# see also "_main" in "docker-entrypoint.sh"
+
+docker_setup_env
+# setup data directories and permissions (when run as root)
+docker_create_db_directories
+if [ "$(id -u)" = '0' ]; then
+ # then restart script as postgres user
+ exec gosu postgres "$BASH_SOURCE" "$@"
+fi
+
+# only run initialization on an empty data directory
+if [ -z "$DATABASE_ALREADY_EXISTS" ]; then
+ docker_verify_minimum_env
+
+ # check dir permissions to reduce likelihood of half-initialized database
+ ls /docker-entrypoint-initdb.d/ > /dev/null
+
+ docker_init_database_dir
+ pg_setup_hba_conf "$@"
+
+ # PGPASSWORD is required for psql when authentication is required for 'local' connections via pg_hba.conf and is otherwise harmless
+ # e.g. when '--auth=md5' or '--auth-local=md5' is used in POSTGRES_INITDB_ARGS
+ export PGPASSWORD="${PGPASSWORD:-$POSTGRES_PASSWORD}"
+ docker_temp_server_start "$@"
+
+ docker_setup_db
+ docker_process_init_files /docker-entrypoint-initdb.d/*
+
+ docker_temp_server_stop
+ unset PGPASSWORD
+else
+ self="$(basename "$0")"
+ case "$self" in
+ docker-ensure-initdb.sh)
+ echo >&2 "$self: note: database already initialized in '$PGDATA'!"
+ exit 0
+ ;;
+
+ docker-enforce-initdb.sh)
+ echo >&2 "$self: error: (unexpected) database found in '$PGDATA'!"
+ exit 1
+ ;;
+
+ *)
+ echo >&2 "$self: error: unknown file name: $self"
+ exit 99
+ ;;
+ esac
+fi
diff --git a/18/alpine3.22/docker-entrypoint.sh b/18/alpine3.22/docker-entrypoint.sh
new file mode 100755
index 0000000000..ae40666ca1
--- /dev/null
+++ b/18/alpine3.22/docker-entrypoint.sh
@@ -0,0 +1,359 @@
+#!/usr/bin/env bash
+set -Eeo pipefail
+# TODO swap to -Eeuo pipefail above (after handling all potentially-unset variables)
+
+# usage: file_env VAR [DEFAULT]
+# ie: file_env 'XYZ_DB_PASSWORD' 'example'
+# (will allow for "$XYZ_DB_PASSWORD_FILE" to fill in the value of
+# "$XYZ_DB_PASSWORD" from a file, especially for Docker's secrets feature)
+file_env() {
+ local var="$1"
+ local fileVar="${var}_FILE"
+ local def="${2:-}"
+ if [ "${!var:-}" ] && [ "${!fileVar:-}" ]; then
+ printf >&2 'error: both %s and %s are set (but are exclusive)\n' "$var" "$fileVar"
+ exit 1
+ fi
+ local val="$def"
+ if [ "${!var:-}" ]; then
+ val="${!var}"
+ elif [ "${!fileVar:-}" ]; then
+ val="$(< "${!fileVar}")"
+ fi
+ export "$var"="$val"
+ unset "$fileVar"
+}
+
+# check to see if this file is being run or sourced from another script
+_is_sourced() {
+ # https://unix.stackexchange.com/a/215279
+ [ "${#FUNCNAME[@]}" -ge 2 ] \
+ && [ "${FUNCNAME[0]}" = '_is_sourced' ] \
+ && [ "${FUNCNAME[1]}" = 'source' ]
+}
+
+# used to create initial postgres directories and if run as root, ensure ownership to the "postgres" user
+docker_create_db_directories() {
+ local user; user="$(id -u)"
+
+ mkdir -p "$PGDATA"
+ # ignore failure since there are cases where we can't chmod (and PostgreSQL might fail later anyhow - it's picky about permissions of this directory)
+ chmod 00700 "$PGDATA" || :
+
+ # ignore failure since it will be fine when using the image provided directory; see also https://github.com/docker-library/postgres/pull/289
+ mkdir -p /var/run/postgresql || :
+ chmod 03775 /var/run/postgresql || :
+
+ # Create the transaction log directory before initdb is run so the directory is owned by the correct user
+ if [ -n "${POSTGRES_INITDB_WALDIR:-}" ]; then
+ mkdir -p "$POSTGRES_INITDB_WALDIR"
+ if [ "$user" = '0' ]; then
+ find "$POSTGRES_INITDB_WALDIR" \! -user postgres -exec chown postgres '{}' +
+ fi
+ chmod 700 "$POSTGRES_INITDB_WALDIR"
+ fi
+
+ # allow the container to be started with `--user`
+ if [ "$user" = '0' ]; then
+ find "$PGDATA" \! -user postgres -exec chown postgres '{}' +
+ find /var/run/postgresql \! -user postgres -exec chown postgres '{}' +
+ fi
+}
+
+# initialize empty PGDATA directory with new database via 'initdb'
+# arguments to `initdb` can be passed via POSTGRES_INITDB_ARGS or as arguments to this function
+# `initdb` automatically creates the "postgres", "template0", and "template1" dbnames
+# this is also where the database user is created, specified by `POSTGRES_USER` env
+docker_init_database_dir() {
+ # "initdb" is particular about the current user existing in "/etc/passwd", so we use "nss_wrapper" to fake that if necessary
+ # see https://github.com/docker-library/postgres/pull/253, https://github.com/docker-library/postgres/issues/359, https://cwrap.org/nss_wrapper.html
+ local uid; uid="$(id -u)"
+ if ! getent passwd "$uid" &> /dev/null; then
+ # see if we can find a suitable "libnss_wrapper.so" (https://salsa.debian.org/sssd-team/nss-wrapper/-/commit/b9925a653a54e24d09d9b498a2d913729f7abb15)
+ local wrapper
+ for wrapper in {/usr,}/lib{/*,}/libnss_wrapper.so; do
+ if [ -s "$wrapper" ]; then
+ NSS_WRAPPER_PASSWD="$(mktemp)"
+ NSS_WRAPPER_GROUP="$(mktemp)"
+ export LD_PRELOAD="$wrapper" NSS_WRAPPER_PASSWD NSS_WRAPPER_GROUP
+ local gid; gid="$(id -g)"
+ printf 'postgres:x:%s:%s:PostgreSQL:%s:/bin/false\n' "$uid" "$gid" "$PGDATA" > "$NSS_WRAPPER_PASSWD"
+ printf 'postgres:x:%s:\n' "$gid" > "$NSS_WRAPPER_GROUP"
+ break
+ fi
+ done
+ fi
+
+ if [ -n "${POSTGRES_INITDB_WALDIR:-}" ]; then
+ set -- --waldir "$POSTGRES_INITDB_WALDIR" "$@"
+ fi
+
+ # --pwfile refuses to handle a properly-empty file (hence the "\n"): https://github.com/docker-library/postgres/issues/1025
+ eval 'initdb --username="$POSTGRES_USER" --pwfile=<(printf "%s\n" "$POSTGRES_PASSWORD") '"$POSTGRES_INITDB_ARGS"' "$@"'
+
+ # unset/cleanup "nss_wrapper" bits
+ if [[ "${LD_PRELOAD:-}" == */libnss_wrapper.so ]]; then
+ rm -f "$NSS_WRAPPER_PASSWD" "$NSS_WRAPPER_GROUP"
+ unset LD_PRELOAD NSS_WRAPPER_PASSWD NSS_WRAPPER_GROUP
+ fi
+}
+
+# print large warning if POSTGRES_PASSWORD is long
+# error if both POSTGRES_PASSWORD is empty and POSTGRES_HOST_AUTH_METHOD is not 'trust'
+# print large warning if POSTGRES_HOST_AUTH_METHOD is set to 'trust'
+# assumes database is not set up, ie: [ -z "$DATABASE_ALREADY_EXISTS" ]
+docker_verify_minimum_env() {
+ case "${PG_MAJOR:-}" in
+ 13) # https://github.com/postgres/postgres/commit/67a472d71c98c3d2fa322a1b4013080b20720b98
+ # check password first so we can output the warning before postgres
+ # messes it up
+ if [ "${#POSTGRES_PASSWORD}" -ge 100 ]; then
+ cat >&2 <<-'EOWARN'
+
+ WARNING: The supplied POSTGRES_PASSWORD is 100+ characters.
+
+ This will not work if used via PGPASSWORD with "psql".
+
+ https://www.postgresql.org/message-id/flat/E1Rqxp2-0004Qt-PL%40wrigleys.postgresql.org (BUG #6412)
+ https://github.com/docker-library/postgres/issues/507
+
+ EOWARN
+ fi
+ ;;
+ esac
+ if [ -z "$POSTGRES_PASSWORD" ] && [ 'trust' != "$POSTGRES_HOST_AUTH_METHOD" ]; then
+ # The - option suppresses leading tabs but *not* spaces. :)
+ cat >&2 <<-'EOE'
+ Error: Database is uninitialized and superuser password is not specified.
+ You must specify POSTGRES_PASSWORD to a non-empty value for the
+ superuser. For example, "-e POSTGRES_PASSWORD=password" on "docker run".
+
+ You may also use "POSTGRES_HOST_AUTH_METHOD=trust" to allow all
+ connections without a password. This is *not* recommended.
+
+ See PostgreSQL documentation about "trust":
+ https://www.postgresql.org/docs/current/auth-trust.html
+ EOE
+ exit 1
+ fi
+ if [ 'trust' = "$POSTGRES_HOST_AUTH_METHOD" ]; then
+ cat >&2 <<-'EOWARN'
+ ********************************************************************************
+ WARNING: POSTGRES_HOST_AUTH_METHOD has been set to "trust". This will allow
+ anyone with access to the Postgres port to access your database without
+ a password, even if POSTGRES_PASSWORD is set. See PostgreSQL
+ documentation about "trust":
+ https://www.postgresql.org/docs/current/auth-trust.html
+ In Docker's default configuration, this is effectively any other
+ container on the same system.
+
+ It is not recommended to use POSTGRES_HOST_AUTH_METHOD=trust. Replace
+ it with "-e POSTGRES_PASSWORD=password" instead to set a password in
+ "docker run".
+ ********************************************************************************
+ EOWARN
+ fi
+}
+
+# usage: docker_process_init_files [file [file [...]]]
+# ie: docker_process_init_files /always-initdb.d/*
+# process initializer files, based on file extensions and permissions
+docker_process_init_files() {
+ # psql here for backwards compatibility "${psql[@]}"
+ psql=( docker_process_sql )
+
+ printf '\n'
+ local f
+ for f; do
+ case "$f" in
+ *.sh)
+ # https://github.com/docker-library/postgres/issues/450#issuecomment-393167936
+ # https://github.com/docker-library/postgres/pull/452
+ if [ -x "$f" ]; then
+ printf '%s: running %s\n' "$0" "$f"
+ "$f"
+ else
+ printf '%s: sourcing %s\n' "$0" "$f"
+ . "$f"
+ fi
+ ;;
+ *.sql) printf '%s: running %s\n' "$0" "$f"; docker_process_sql -f "$f"; printf '\n' ;;
+ *.sql.gz) printf '%s: running %s\n' "$0" "$f"; gunzip -c "$f" | docker_process_sql; printf '\n' ;;
+ *.sql.xz) printf '%s: running %s\n' "$0" "$f"; xzcat "$f" | docker_process_sql; printf '\n' ;;
+ *.sql.zst) printf '%s: running %s\n' "$0" "$f"; zstd -dc "$f" | docker_process_sql; printf '\n' ;;
+ *) printf '%s: ignoring %s\n' "$0" "$f" ;;
+ esac
+ printf '\n'
+ done
+}
+
+# Execute sql script, passed via stdin (or -f flag of pqsl)
+# usage: docker_process_sql [psql-cli-args]
+# ie: docker_process_sql --dbname=mydb <<<'INSERT ...'
+# ie: docker_process_sql -f my-file.sql
+# ie: docker_process_sql <my-file.sql
+docker_process_sql() {
+ local query_runner=( psql -v ON_ERROR_STOP=1 --username "$POSTGRES_USER" --no-password --no-psqlrc )
+ if [ -n "$POSTGRES_DB" ]; then
+ query_runner+=( --dbname "$POSTGRES_DB" )
+ fi
+
+ PGHOST= PGHOSTADDR= "${query_runner[@]}" "$@"
+}
+
+# create initial database
+# uses environment variables for input: POSTGRES_DB
+docker_setup_db() {
+ local dbAlreadyExists
+ dbAlreadyExists="$(
+ POSTGRES_DB= docker_process_sql --dbname postgres --set db="$POSTGRES_DB" --tuples-only <<-'EOSQL'
+ SELECT 1 FROM pg_database WHERE datname = :'db' ;
+ EOSQL
+ )"
+ if [ -z "$dbAlreadyExists" ]; then
+ POSTGRES_DB= docker_process_sql --dbname postgres --set db="$POSTGRES_DB" <<-'EOSQL'
+ CREATE DATABASE :"db" ;
+ EOSQL
+ printf '\n'
+ fi
+}
+
+# Loads various settings that are used elsewhere in the script
+# This should be called before any other functions
+docker_setup_env() {
+ file_env 'POSTGRES_PASSWORD'
+
+ file_env 'POSTGRES_USER' 'postgres'
+ file_env 'POSTGRES_DB' "$POSTGRES_USER"
+ file_env 'POSTGRES_INITDB_ARGS'
+ : "${POSTGRES_HOST_AUTH_METHOD:=}"
+
+ declare -g DATABASE_ALREADY_EXISTS
+ : "${DATABASE_ALREADY_EXISTS:=}"
+ # look specifically for PG_VERSION, as it is expected in the DB dir
+ if [ -s "$PGDATA/PG_VERSION" ]; then
+ DATABASE_ALREADY_EXISTS='true'
+ fi
+}
+
+# append POSTGRES_HOST_AUTH_METHOD to pg_hba.conf for "host" connections
+# all arguments will be passed along as arguments to `postgres` for getting the value of 'password_encryption'
+pg_setup_hba_conf() {
+ # default authentication method is md5 on versions before 14
+ # https://www.postgresql.org/about/news/postgresql-14-released-2318/
+ if [ "$1" = 'postgres' ]; then
+ shift
+ fi
+ local auth
+ # check the default/configured encryption and use that as the auth method
+ auth="$(postgres -C password_encryption "$@")"
+ : "${POSTGRES_HOST_AUTH_METHOD:=$auth}"
+ {
+ printf '\n'
+ if [ 'trust' = "$POSTGRES_HOST_AUTH_METHOD" ]; then
+ printf '# warning trust is enabled for all connections\n'
+ printf '# see https://www.postgresql.org/docs/17/auth-trust.html\n'
+ fi
+ printf 'host all all all %s\n' "$POSTGRES_HOST_AUTH_METHOD"
+ } >> "$PGDATA/pg_hba.conf"
+}
+
+# start socket-only postgresql server for setting up or running scripts
+# all arguments will be passed along as arguments to `postgres` (via pg_ctl)
+docker_temp_server_start() {
+ if [ "$1" = 'postgres' ]; then
+ shift
+ fi
+
+ # internal start of server in order to allow setup using psql client
+ # does not listen on external TCP/IP and waits until start finishes
+ set -- "$@" -c listen_addresses='' -p "${PGPORT:-5432}"
+
+ # unset NOTIFY_SOCKET so the temporary server doesn't prematurely notify
+ # any process supervisor.
+ NOTIFY_SOCKET= \
+ PGUSER="${PGUSER:-$POSTGRES_USER}" \
+ pg_ctl -D "$PGDATA" \
+ -o "$(printf '%q ' "$@")" \
+ -w start
+}
+
+# stop postgresql server after done setting up user and running scripts
+docker_temp_server_stop() {
+ PGUSER="${PGUSER:-postgres}" \
+ pg_ctl -D "$PGDATA" -m fast -w stop
+}
+
+# check arguments for an option that would cause postgres to stop
+# return true if there is one
+_pg_want_help() {
+ local arg
+ for arg; do
+ case "$arg" in
+ # postgres --help | grep 'then exit'
+ # leaving out -C on purpose since it always fails and is unhelpful:
+ # postgres: could not access the server configuration file "/var/lib/postgresql/data/postgresql.conf": No such file or directory
+ -'?'|--help|--describe-config|-V|--version)
+ return 0
+ ;;
+ esac
+ done
+ return 1
+}
+
+_main() {
+ # if first arg looks like a flag, assume we want to run postgres server
+ if [ "${1:0:1}" = '-' ]; then
+ set -- postgres "$@"
+ fi
+
+ if [ "$1" = 'postgres' ] && ! _pg_want_help "$@"; then
+ docker_setup_env
+ # setup data directories and permissions (when run as root)
+ docker_create_db_directories
+ if [ "$(id -u)" = '0' ]; then
+ # then restart script as postgres user
+ exec gosu postgres "$BASH_SOURCE" "$@"
+ fi
+
+ # only run initialization on an empty data directory
+ if [ -z "$DATABASE_ALREADY_EXISTS" ]; then
+ docker_verify_minimum_env
+
+ # check dir permissions to reduce likelihood of half-initialized database
+ ls /docker-entrypoint-initdb.d/ > /dev/null
+
+ docker_init_database_dir
+ pg_setup_hba_conf "$@"
+
+ # PGPASSWORD is required for psql when authentication is required for 'local' connections via pg_hba.conf and is otherwise harmless
+ # e.g. when '--auth=md5' or '--auth-local=md5' is used in POSTGRES_INITDB_ARGS
+ export PGPASSWORD="${PGPASSWORD:-$POSTGRES_PASSWORD}"
+ docker_temp_server_start "$@"
+
+ docker_setup_db
+ docker_process_init_files /docker-entrypoint-initdb.d/*
+
+ docker_temp_server_stop
+ unset PGPASSWORD
+
+ cat <<-'EOM'
+
+ PostgreSQL init process complete; ready for start up.
+
+ EOM
+ else
+ cat <<-'EOM'
+
+ PostgreSQL Database directory appears to contain a database; Skipping initialization
+
+ EOM
+ fi
+ fi
+
+ exec "$@"
+}
+
+if ! _is_sourced; then
+ _main "$@"
+fi
diff --git a/18/bookworm/Dockerfile b/18/bookworm/Dockerfile
new file mode 100644
index 0000000000..f71b81b9f3
--- /dev/null
+++ b/18/bookworm/Dockerfile
@@ -0,0 +1,220 @@
+#
+# NOTE: THIS DOCKERFILE IS GENERATED VIA "apply-templates.sh"
+#
+# PLEASE DO NOT EDIT IT DIRECTLY.
+#
+
+FROM debian:bookworm-slim
+
+# explicitly set user/group IDs
+RUN set -eux; \
+ groupadd -r postgres --gid=999; \
+# https://salsa.debian.org/postgresql/postgresql-common/blob/997d842ee744687d99a2b2d95c1083a2615c79e8/debian/postgresql-common.postinst#L32-35
+ useradd -r -g postgres --uid=999 --home-dir=/var/lib/postgresql --shell=/bin/bash postgres; \
+# also create the postgres user's home directory with appropriate permissions
+# see https://github.com/docker-library/postgres/issues/274
+ install --verbose --directory --owner postgres --group postgres --mode 1777 /var/lib/postgresql
+
+RUN set -ex; \
+ apt-get update; \
+ apt-get install -y --no-install-recommends \
+ gnupg \
+# https://www.postgresql.org/docs/16/app-psql.html#APP-PSQL-META-COMMAND-PSET-PAGER
+# https://github.com/postgres/postgres/blob/REL_16_1/src/include/fe_utils/print.h#L25
+# (if "less" is available, it gets used as the default pager for psql, and it only adds ~1.5MiB to our image size)
+ less \
+ ; \
+ rm -rf /var/lib/apt/lists/*
+
+# grab gosu for easy step-down from root
+# https://github.com/tianon/gosu/releases
+ENV GOSU_VERSION 1.17
+RUN set -eux; \
+ savedAptMark="$(apt-mark showmanual)"; \
+ apt-get update; \
+ apt-get install -y --no-install-recommends ca-certificates wget; \
+ rm -rf /var/lib/apt/lists/*; \
+ dpkgArch="$(dpkg --print-architecture | awk -F- '{ print $NF }')"; \
+ wget -O /usr/local/bin/gosu "https://github.com/tianon/gosu/releases/download/$GOSU_VERSION/gosu-$dpkgArch"; \
+ wget -O /usr/local/bin/gosu.asc "https://github.com/tianon/gosu/releases/download/$GOSU_VERSION/gosu-$dpkgArch.asc"; \
+ export GNUPGHOME="$(mktemp -d)"; \
+ gpg --batch --keyserver hkps://keys.openpgp.org --recv-keys B42F6819007F00F88E364FD4036A9C25BF357DD4; \
+ gpg --batch --verify /usr/local/bin/gosu.asc /usr/local/bin/gosu; \
+ gpgconf --kill all; \
+ rm -rf "$GNUPGHOME" /usr/local/bin/gosu.asc; \
+ apt-mark auto '.*' > /dev/null; \
+ [ -z "$savedAptMark" ] || apt-mark manual $savedAptMark > /dev/null; \
+ apt-get purge -y --auto-remove -o APT::AutoRemove::RecommendsImportant=false; \
+ chmod +x /usr/local/bin/gosu; \
+ gosu --version; \
+ gosu nobody true
+
+# make the "en_US.UTF-8" locale so postgres will be utf-8 enabled by default
+RUN set -eux; \
+ if [ -f /etc/dpkg/dpkg.cfg.d/docker ]; then \
+# if this file exists, we're likely in "debian:xxx-slim", and locales are thus being excluded so we need to remove that exclusion (since we need locales)
+ grep -q '/usr/share/locale' /etc/dpkg/dpkg.cfg.d/docker; \
+ sed -ri '/\/usr\/share\/locale/d' /etc/dpkg/dpkg.cfg.d/docker; \
+ ! grep -q '/usr/share/locale' /etc/dpkg/dpkg.cfg.d/docker; \
+ fi; \
+ apt-get update; apt-get install -y --no-install-recommends locales; rm -rf /var/lib/apt/lists/*; \
+ echo 'en_US.UTF-8 UTF-8' >> /etc/locale.gen; \
+ locale-gen; \
+ locale -a | grep 'en_US.utf8'
+ENV LANG en_US.utf8
+
+RUN set -eux; \
+ apt-get update; \
+ apt-get install -y --no-install-recommends \
+ libnss-wrapper \
+ xz-utils \
+ zstd \
+ ; \
+ rm -rf /var/lib/apt/lists/*
+
+RUN mkdir /docker-entrypoint-initdb.d
+
+RUN set -ex; \
+# pub 4096R/ACCC4CF8 2011-10-13 [expires: 2019-07-02]
+# Key fingerprint = B97B 0AFC AA1A 47F0 44F2 44A0 7FCC 7D46 ACCC 4CF8
+# uid PostgreSQL Debian Repository
+ key='B97B0AFCAA1A47F044F244A07FCC7D46ACCC4CF8'; \
+ export GNUPGHOME="$(mktemp -d)"; \
+ mkdir -p /usr/local/share/keyrings/; \
+ gpg --batch --keyserver keyserver.ubuntu.com --recv-keys "$key"; \
+ gpg --batch --export --armor "$key" > /usr/local/share/keyrings/postgres.gpg.asc; \
+ gpgconf --kill all; \
+ rm -rf "$GNUPGHOME"
+
+ENV PG_MAJOR 18
+ENV PATH $PATH:/usr/lib/postgresql/$PG_MAJOR/bin
+
+ENV PG_VERSION 18~beta1-1.pgdg120+1
+
+RUN set -ex; \
+ \
+# see note below about "*.pyc" files
+ export PYTHONDONTWRITEBYTECODE=1; \
+ \
+ dpkgArch="$(dpkg --print-architecture)"; \
+ aptRepo="[ signed-by=/usr/local/share/keyrings/postgres.gpg.asc ] http://apt.postgresql.org/pub/repos/apt/ bookworm-pgdg main $PG_MAJOR"; \
+ case "$dpkgArch" in \
+ amd64 | arm64 | ppc64el) \
+# arches officialy built by upstream
+ echo "deb $aptRepo" > /etc/apt/sources.list.d/pgdg.list; \
+ apt-get update; \
+ ;; \
+ *) \
+# we're on an architecture upstream doesn't officially build for
+# let's build binaries from their published source packages
+ echo "deb-src $aptRepo" > /etc/apt/sources.list.d/pgdg.list; \
+ \
+ savedAptMark="$(apt-mark showmanual)"; \
+ \
+ tempDir="$(mktemp -d)"; \
+ cd "$tempDir"; \
+ \
+# create a temporary local APT repo to install from (so that dependency resolution can be handled by APT, as it should be)
+ apt-get update; \
+ apt-get install -y --no-install-recommends dpkg-dev; \
+ echo "deb [ trusted=yes ] file://$tempDir ./" > /etc/apt/sources.list.d/temp.list; \
+ _update_repo() { \
+ dpkg-scanpackages . > Packages; \
+# work around the following APT issue by using "Acquire::GzipIndexes=false" (overriding "/etc/apt/apt.conf.d/docker-gzip-indexes")
+# Could not open file /var/lib/apt/lists/partial/_tmp_tmp.ODWljpQfkE_._Packages - open (13: Permission denied)
+# ...
+# E: Failed to fetch store:/var/lib/apt/lists/partial/_tmp_tmp.ODWljpQfkE_._Packages Could not open file /var/lib/apt/lists/partial/_tmp_tmp.ODWljpQfkE_._Packages - open (13: Permission denied)
+ apt-get -o Acquire::GzipIndexes=false update; \
+ }; \
+ _update_repo; \
+ \
+# build .deb files from upstream's source packages (which are verified by apt-get)
+ nproc="$(nproc)"; \
+ export DEB_BUILD_OPTIONS="nocheck parallel=$nproc"; \
+# we have to build postgresql-common-dev first because postgresql-$PG_MAJOR shares "debian/rules" logic with it: https://salsa.debian.org/postgresql/postgresql/-/commit/f4338a0d28cf4541956bddb0f4e444ba9dba81b9
+ apt-get build-dep -y postgresql-common-dev; \
+ apt-get source --compile postgresql-common-dev; \
+ _update_repo; \
+ apt-get build-dep -y "postgresql-$PG_MAJOR=$PG_VERSION"; \
+ apt-get source --compile "postgresql-$PG_MAJOR=$PG_VERSION"; \
+ \
+# we don't remove APT lists here because they get re-downloaded and removed later
+ \
+# reset apt-mark's "manual" list so that "purge --auto-remove" will remove all build dependencies
+# (which is done after we install the built packages so we don't have to redownload any overlapping dependencies)
+ apt-mark showmanual | xargs apt-mark auto > /dev/null; \
+ apt-mark manual $savedAptMark; \
+ \
+ ls -lAFh; \
+ _update_repo; \
+ grep '^Package: ' Packages; \
+ cd /; \
+ ;; \
+ esac; \
+ \
+ apt-get install -y --no-install-recommends postgresql-common; \
+ sed -ri 's/#(create_main_cluster) .*$/\1 = false/' /etc/postgresql-common/createcluster.conf; \
+ apt-get install -y --no-install-recommends \
+ "postgresql-$PG_MAJOR=$PG_VERSION" \
+# https://github.com/docker-library/postgres/pull/1344#issuecomment-2936578203 (JIT is a separate package in 18+)
+ "postgresql-$PG_MAJOR-jit=$PG_VERSION" \
+ ; \
+ \
+ rm -rf /var/lib/apt/lists/*; \
+ \
+ if [ -n "$tempDir" ]; then \
+# if we have leftovers from building, let's purge them (including extra, unnecessary build deps)
+ apt-get purge -y --auto-remove; \
+ rm -rf "$tempDir" /etc/apt/sources.list.d/temp.list; \
+ fi; \
+ \
+# some of the steps above generate a lot of "*.pyc" files (and setting "PYTHONDONTWRITEBYTECODE" beforehand doesn't propagate properly for some reason), so we clean them up manually (as long as they aren't owned by a package)
+ find /usr -name '*.pyc' -type f -exec bash -c 'for pyc; do dpkg -S "$pyc" &> /dev/null || rm -vf "$pyc"; done' -- '{}' +; \
+ \
+ postgres --version
+
+# make the sample config easier to munge (and "correct by default")
+RUN set -eux; \
+ dpkg-divert --add --rename --divert "/usr/share/postgresql/postgresql.conf.sample.dpkg" "/usr/share/postgresql/$PG_MAJOR/postgresql.conf.sample"; \
+ cp -v /usr/share/postgresql/postgresql.conf.sample.dpkg /usr/share/postgresql/postgresql.conf.sample; \
+ ln -sv ../postgresql.conf.sample "/usr/share/postgresql/$PG_MAJOR/"; \
+ sed -ri "s!^#?(listen_addresses)\s*=\s*\S+.*!\1 = '*'!" /usr/share/postgresql/postgresql.conf.sample; \
+ grep -F "listen_addresses = '*'" /usr/share/postgresql/postgresql.conf.sample
+
+RUN install --verbose --directory --owner postgres --group postgres --mode 3777 /var/run/postgresql
+
+ENV PGDATA /var/lib/postgresql/data
+# this 1777 will be replaced by 0700 at runtime (allows semi-arbitrary "--user" values)
+RUN install --verbose --directory --owner postgres --group postgres --mode 1777 "$PGDATA"
+VOLUME /var/lib/postgresql/data
+
+COPY docker-entrypoint.sh docker-ensure-initdb.sh /usr/local/bin/
+RUN ln -sT docker-ensure-initdb.sh /usr/local/bin/docker-enforce-initdb.sh
+ENTRYPOINT ["docker-entrypoint.sh"]
+
+# We set the default STOPSIGNAL to SIGINT, which corresponds to what PostgreSQL
+# calls "Fast Shutdown mode" wherein new connections are disallowed and any
+# in-progress transactions are aborted, allowing PostgreSQL to stop cleanly and
+# flush tables to disk.
+#
+# See https://www.postgresql.org/docs/current/server-shutdown.html for more details
+# about available PostgreSQL server shutdown signals.
+#
+# See also https://www.postgresql.org/docs/current/server-start.html for further
+# justification of this as the default value, namely that the example (and
+# shipped) systemd service files use the "Fast Shutdown mode" for service
+# termination.
+#
+STOPSIGNAL SIGINT
+#
+# An additional setting that is recommended for all users regardless of this
+# value is the runtime "--stop-timeout" (or your orchestrator/runtime's
+# equivalent) for controlling how long to wait between sending the defined
+# STOPSIGNAL and sending SIGKILL.
+#
+# The default in most runtimes (such as Docker) is 10 seconds, and the
+# documentation at https://www.postgresql.org/docs/current/server-start.html notes
+# that even 90 seconds may not be long enough in many instances.
+
+EXPOSE 5432
+CMD ["postgres"]
diff --git a/18/bookworm/docker-ensure-initdb.sh b/18/bookworm/docker-ensure-initdb.sh
new file mode 100755
index 0000000000..ae1f6b6b90
--- /dev/null
+++ b/18/bookworm/docker-ensure-initdb.sh
@@ -0,0 +1,71 @@
+#!/usr/bin/env bash
+set -Eeuo pipefail
+
+#
+# This script is intended for three main use cases:
+#
+# 1. (most importantly) as an example of how to use "docker-entrypoint.sh" to extend/reuse the initialization behavior
+#
+# 2. ("docker-ensure-initdb.sh") as a Kubernetes "init container" to ensure the provided database directory is initialized; see also "startup probes" for an alternative solution
+# (no-op if database is already initialized)
+#
+# 3. ("docker-enforce-initdb.sh") as part of CI to ensure the database is fully initialized before use
+# (error if database is already initialized)
+#
+
+source /usr/local/bin/docker-entrypoint.sh
+
+# arguments to this script are assumed to be arguments to the "postgres" server (same as "docker-entrypoint.sh"), and most "docker-entrypoint.sh" functions assume "postgres" is the first argument (see "_main" over there)
+if [ "$#" -eq 0 ] || [ "$1" != 'postgres' ]; then
+ set -- postgres "$@"
+fi
+
+# see also "_main" in "docker-entrypoint.sh"
+
+docker_setup_env
+# setup data directories and permissions (when run as root)
+docker_create_db_directories
+if [ "$(id -u)" = '0' ]; then
+ # then restart script as postgres user
+ exec gosu postgres "$BASH_SOURCE" "$@"
+fi
+
+# only run initialization on an empty data directory
+if [ -z "$DATABASE_ALREADY_EXISTS" ]; then
+ docker_verify_minimum_env
+
+ # check dir permissions to reduce likelihood of half-initialized database
+ ls /docker-entrypoint-initdb.d/ > /dev/null
+
+ docker_init_database_dir
+ pg_setup_hba_conf "$@"
+
+ # PGPASSWORD is required for psql when authentication is required for 'local' connections via pg_hba.conf and is otherwise harmless
+ # e.g. when '--auth=md5' or '--auth-local=md5' is used in POSTGRES_INITDB_ARGS
+ export PGPASSWORD="${PGPASSWORD:-$POSTGRES_PASSWORD}"
+ docker_temp_server_start "$@"
+
+ docker_setup_db
+ docker_process_init_files /docker-entrypoint-initdb.d/*
+
+ docker_temp_server_stop
+ unset PGPASSWORD
+else
+ self="$(basename "$0")"
+ case "$self" in
+ docker-ensure-initdb.sh)
+ echo >&2 "$self: note: database already initialized in '$PGDATA'!"
+ exit 0
+ ;;
+
+ docker-enforce-initdb.sh)
+ echo >&2 "$self: error: (unexpected) database found in '$PGDATA'!"
+ exit 1
+ ;;
+
+ *)
+ echo >&2 "$self: error: unknown file name: $self"
+ exit 99
+ ;;
+ esac
+fi
diff --git a/18/bookworm/docker-entrypoint.sh b/18/bookworm/docker-entrypoint.sh
new file mode 100755
index 0000000000..ae40666ca1
--- /dev/null
+++ b/18/bookworm/docker-entrypoint.sh
@@ -0,0 +1,359 @@
+#!/usr/bin/env bash
+set -Eeo pipefail
+# TODO swap to -Eeuo pipefail above (after handling all potentially-unset variables)
+
+# usage: file_env VAR [DEFAULT]
+# ie: file_env 'XYZ_DB_PASSWORD' 'example'
+# (will allow for "$XYZ_DB_PASSWORD_FILE" to fill in the value of
+# "$XYZ_DB_PASSWORD" from a file, especially for Docker's secrets feature)
+file_env() {
+ local var="$1"
+ local fileVar="${var}_FILE"
+ local def="${2:-}"
+ if [ "${!var:-}" ] && [ "${!fileVar:-}" ]; then
+ printf >&2 'error: both %s and %s are set (but are exclusive)\n' "$var" "$fileVar"
+ exit 1
+ fi
+ local val="$def"
+ if [ "${!var:-}" ]; then
+ val="${!var}"
+ elif [ "${!fileVar:-}" ]; then
+ val="$(< "${!fileVar}")"
+ fi
+ export "$var"="$val"
+ unset "$fileVar"
+}
+
+# check to see if this file is being run or sourced from another script
+_is_sourced() {
+ # https://unix.stackexchange.com/a/215279
+ [ "${#FUNCNAME[@]}" -ge 2 ] \
+ && [ "${FUNCNAME[0]}" = '_is_sourced' ] \
+ && [ "${FUNCNAME[1]}" = 'source' ]
+}
+
+# used to create initial postgres directories and if run as root, ensure ownership to the "postgres" user
+docker_create_db_directories() {
+ local user; user="$(id -u)"
+
+ mkdir -p "$PGDATA"
+ # ignore failure since there are cases where we can't chmod (and PostgreSQL might fail later anyhow - it's picky about permissions of this directory)
+ chmod 00700 "$PGDATA" || :
+
+ # ignore failure since it will be fine when using the image provided directory; see also https://github.com/docker-library/postgres/pull/289
+ mkdir -p /var/run/postgresql || :
+ chmod 03775 /var/run/postgresql || :
+
+ # Create the transaction log directory before initdb is run so the directory is owned by the correct user
+ if [ -n "${POSTGRES_INITDB_WALDIR:-}" ]; then
+ mkdir -p "$POSTGRES_INITDB_WALDIR"
+ if [ "$user" = '0' ]; then
+ find "$POSTGRES_INITDB_WALDIR" \! -user postgres -exec chown postgres '{}' +
+ fi
+ chmod 700 "$POSTGRES_INITDB_WALDIR"
+ fi
+
+ # allow the container to be started with `--user`
+ if [ "$user" = '0' ]; then
+ find "$PGDATA" \! -user postgres -exec chown postgres '{}' +
+ find /var/run/postgresql \! -user postgres -exec chown postgres '{}' +
+ fi
+}
+
+# initialize empty PGDATA directory with new database via 'initdb'
+# arguments to `initdb` can be passed via POSTGRES_INITDB_ARGS or as arguments to this function
+# `initdb` automatically creates the "postgres", "template0", and "template1" dbnames
+# this is also where the database user is created, specified by `POSTGRES_USER` env
+docker_init_database_dir() {
+ # "initdb" is particular about the current user existing in "/etc/passwd", so we use "nss_wrapper" to fake that if necessary
+ # see https://github.com/docker-library/postgres/pull/253, https://github.com/docker-library/postgres/issues/359, https://cwrap.org/nss_wrapper.html
+ local uid; uid="$(id -u)"
+ if ! getent passwd "$uid" &> /dev/null; then
+ # see if we can find a suitable "libnss_wrapper.so" (https://salsa.debian.org/sssd-team/nss-wrapper/-/commit/b9925a653a54e24d09d9b498a2d913729f7abb15)
+ local wrapper
+ for wrapper in {/usr,}/lib{/*,}/libnss_wrapper.so; do
+ if [ -s "$wrapper" ]; then
+ NSS_WRAPPER_PASSWD="$(mktemp)"
+ NSS_WRAPPER_GROUP="$(mktemp)"
+ export LD_PRELOAD="$wrapper" NSS_WRAPPER_PASSWD NSS_WRAPPER_GROUP
+ local gid; gid="$(id -g)"
+ printf 'postgres:x:%s:%s:PostgreSQL:%s:/bin/false\n' "$uid" "$gid" "$PGDATA" > "$NSS_WRAPPER_PASSWD"
+ printf 'postgres:x:%s:\n' "$gid" > "$NSS_WRAPPER_GROUP"
+ break
+ fi
+ done
+ fi
+
+ if [ -n "${POSTGRES_INITDB_WALDIR:-}" ]; then
+ set -- --waldir "$POSTGRES_INITDB_WALDIR" "$@"
+ fi
+
+ # --pwfile refuses to handle a properly-empty file (hence the "\n"): https://github.com/docker-library/postgres/issues/1025
+ eval 'initdb --username="$POSTGRES_USER" --pwfile=<(printf "%s\n" "$POSTGRES_PASSWORD") '"$POSTGRES_INITDB_ARGS"' "$@"'
+
+ # unset/cleanup "nss_wrapper" bits
+ if [[ "${LD_PRELOAD:-}" == */libnss_wrapper.so ]]; then
+ rm -f "$NSS_WRAPPER_PASSWD" "$NSS_WRAPPER_GROUP"
+ unset LD_PRELOAD NSS_WRAPPER_PASSWD NSS_WRAPPER_GROUP
+ fi
+}
+
+# print large warning if POSTGRES_PASSWORD is long
+# error if both POSTGRES_PASSWORD is empty and POSTGRES_HOST_AUTH_METHOD is not 'trust'
+# print large warning if POSTGRES_HOST_AUTH_METHOD is set to 'trust'
+# assumes database is not set up, ie: [ -z "$DATABASE_ALREADY_EXISTS" ]
+docker_verify_minimum_env() {
+ case "${PG_MAJOR:-}" in
+ 13) # https://github.com/postgres/postgres/commit/67a472d71c98c3d2fa322a1b4013080b20720b98
+ # check password first so we can output the warning before postgres
+ # messes it up
+ if [ "${#POSTGRES_PASSWORD}" -ge 100 ]; then
+ cat >&2 <<-'EOWARN'
+
+ WARNING: The supplied POSTGRES_PASSWORD is 100+ characters.
+
+ This will not work if used via PGPASSWORD with "psql".
+
+ https://www.postgresql.org/message-id/flat/E1Rqxp2-0004Qt-PL%40wrigleys.postgresql.org (BUG #6412)
+ https://github.com/docker-library/postgres/issues/507
+
+ EOWARN
+ fi
+ ;;
+ esac
+ if [ -z "$POSTGRES_PASSWORD" ] && [ 'trust' != "$POSTGRES_HOST_AUTH_METHOD" ]; then
+ # The - option suppresses leading tabs but *not* spaces. :)
+ cat >&2 <<-'EOE'
+ Error: Database is uninitialized and superuser password is not specified.
+ You must specify POSTGRES_PASSWORD to a non-empty value for the
+ superuser. For example, "-e POSTGRES_PASSWORD=password" on "docker run".
+
+ You may also use "POSTGRES_HOST_AUTH_METHOD=trust" to allow all
+ connections without a password. This is *not* recommended.
+
+ See PostgreSQL documentation about "trust":
+ https://www.postgresql.org/docs/current/auth-trust.html
+ EOE
+ exit 1
+ fi
+ if [ 'trust' = "$POSTGRES_HOST_AUTH_METHOD" ]; then
+ cat >&2 <<-'EOWARN'
+ ********************************************************************************
+ WARNING: POSTGRES_HOST_AUTH_METHOD has been set to "trust". This will allow
+ anyone with access to the Postgres port to access your database without
+ a password, even if POSTGRES_PASSWORD is set. See PostgreSQL
+ documentation about "trust":
+ https://www.postgresql.org/docs/current/auth-trust.html
+ In Docker's default configuration, this is effectively any other
+ container on the same system.
+
+ It is not recommended to use POSTGRES_HOST_AUTH_METHOD=trust. Replace
+ it with "-e POSTGRES_PASSWORD=password" instead to set a password in
+ "docker run".
+ ********************************************************************************
+ EOWARN
+ fi
+}
+
+# usage: docker_process_init_files [file [file [...]]]
+# ie: docker_process_init_files /always-initdb.d/*
+# process initializer files, based on file extensions and permissions
+docker_process_init_files() {
+ # psql here for backwards compatibility "${psql[@]}"
+ psql=( docker_process_sql )
+
+ printf '\n'
+ local f
+ for f; do
+ case "$f" in
+ *.sh)
+ # https://github.com/docker-library/postgres/issues/450#issuecomment-393167936
+ # https://github.com/docker-library/postgres/pull/452
+ if [ -x "$f" ]; then
+ printf '%s: running %s\n' "$0" "$f"
+ "$f"
+ else
+ printf '%s: sourcing %s\n' "$0" "$f"
+ . "$f"
+ fi
+ ;;
+ *.sql) printf '%s: running %s\n' "$0" "$f"; docker_process_sql -f "$f"; printf '\n' ;;
+ *.sql.gz) printf '%s: running %s\n' "$0" "$f"; gunzip -c "$f" | docker_process_sql; printf '\n' ;;
+ *.sql.xz) printf '%s: running %s\n' "$0" "$f"; xzcat "$f" | docker_process_sql; printf '\n' ;;
+ *.sql.zst) printf '%s: running %s\n' "$0" "$f"; zstd -dc "$f" | docker_process_sql; printf '\n' ;;
+ *) printf '%s: ignoring %s\n' "$0" "$f" ;;
+ esac
+ printf '\n'
+ done
+}
+
+# Execute sql script, passed via stdin (or -f flag of pqsl)
+# usage: docker_process_sql [psql-cli-args]
+# ie: docker_process_sql --dbname=mydb <<<'INSERT ...'
+# ie: docker_process_sql -f my-file.sql
+# ie: docker_process_sql <my-file.sql
+docker_process_sql() {
+ local query_runner=( psql -v ON_ERROR_STOP=1 --username "$POSTGRES_USER" --no-password --no-psqlrc )
+ if [ -n "$POSTGRES_DB" ]; then
+ query_runner+=( --dbname "$POSTGRES_DB" )
+ fi
+
+ PGHOST= PGHOSTADDR= "${query_runner[@]}" "$@"
+}
+
+# create initial database
+# uses environment variables for input: POSTGRES_DB
+docker_setup_db() {
+ local dbAlreadyExists
+ dbAlreadyExists="$(
+ POSTGRES_DB= docker_process_sql --dbname postgres --set db="$POSTGRES_DB" --tuples-only <<-'EOSQL'
+ SELECT 1 FROM pg_database WHERE datname = :'db' ;
+ EOSQL
+ )"
+ if [ -z "$dbAlreadyExists" ]; then
+ POSTGRES_DB= docker_process_sql --dbname postgres --set db="$POSTGRES_DB" <<-'EOSQL'
+ CREATE DATABASE :"db" ;
+ EOSQL
+ printf '\n'
+ fi
+}
+
+# Loads various settings that are used elsewhere in the script
+# This should be called before any other functions
+docker_setup_env() {
+ file_env 'POSTGRES_PASSWORD'
+
+ file_env 'POSTGRES_USER' 'postgres'
+ file_env 'POSTGRES_DB' "$POSTGRES_USER"
+ file_env 'POSTGRES_INITDB_ARGS'
+ : "${POSTGRES_HOST_AUTH_METHOD:=}"
+
+ declare -g DATABASE_ALREADY_EXISTS
+ : "${DATABASE_ALREADY_EXISTS:=}"
+ # look specifically for PG_VERSION, as it is expected in the DB dir
+ if [ -s "$PGDATA/PG_VERSION" ]; then
+ DATABASE_ALREADY_EXISTS='true'
+ fi
+}
+
+# append POSTGRES_HOST_AUTH_METHOD to pg_hba.conf for "host" connections
+# all arguments will be passed along as arguments to `postgres` for getting the value of 'password_encryption'
+pg_setup_hba_conf() {
+ # default authentication method is md5 on versions before 14
+ # https://www.postgresql.org/about/news/postgresql-14-released-2318/
+ if [ "$1" = 'postgres' ]; then
+ shift
+ fi
+ local auth
+ # check the default/configured encryption and use that as the auth method
+ auth="$(postgres -C password_encryption "$@")"
+ : "${POSTGRES_HOST_AUTH_METHOD:=$auth}"
+ {
+ printf '\n'
+ if [ 'trust' = "$POSTGRES_HOST_AUTH_METHOD" ]; then
+ printf '# warning trust is enabled for all connections\n'
+ printf '# see https://www.postgresql.org/docs/17/auth-trust.html\n'
+ fi
+ printf 'host all all all %s\n' "$POSTGRES_HOST_AUTH_METHOD"
+ } >> "$PGDATA/pg_hba.conf"
+}
+
+# start socket-only postgresql server for setting up or running scripts
+# all arguments will be passed along as arguments to `postgres` (via pg_ctl)
+docker_temp_server_start() {
+ if [ "$1" = 'postgres' ]; then
+ shift
+ fi
+
+ # internal start of server in order to allow setup using psql client
+ # does not listen on external TCP/IP and waits until start finishes
+ set -- "$@" -c listen_addresses='' -p "${PGPORT:-5432}"
+
+ # unset NOTIFY_SOCKET so the temporary server doesn't prematurely notify
+ # any process supervisor.
+ NOTIFY_SOCKET= \
+ PGUSER="${PGUSER:-$POSTGRES_USER}" \
+ pg_ctl -D "$PGDATA" \
+ -o "$(printf '%q ' "$@")" \
+ -w start
+}
+
+# stop postgresql server after done setting up user and running scripts
+docker_temp_server_stop() {
+ PGUSER="${PGUSER:-postgres}" \
+ pg_ctl -D "$PGDATA" -m fast -w stop
+}
+
+# check arguments for an option that would cause postgres to stop
+# return true if there is one
+_pg_want_help() {
+ local arg
+ for arg; do
+ case "$arg" in
+ # postgres --help | grep 'then exit'
+ # leaving out -C on purpose since it always fails and is unhelpful:
+ # postgres: could not access the server configuration file "/var/lib/postgresql/data/postgresql.conf": No such file or directory
+ -'?'|--help|--describe-config|-V|--version)
+ return 0
+ ;;
+ esac
+ done
+ return 1
+}
+
+_main() {
+ # if first arg looks like a flag, assume we want to run postgres server
+ if [ "${1:0:1}" = '-' ]; then
+ set -- postgres "$@"
+ fi
+
+ if [ "$1" = 'postgres' ] && ! _pg_want_help "$@"; then
+ docker_setup_env
+ # setup data directories and permissions (when run as root)
+ docker_create_db_directories
+ if [ "$(id -u)" = '0' ]; then
+ # then restart script as postgres user
+ exec gosu postgres "$BASH_SOURCE" "$@"
+ fi
+
+ # only run initialization on an empty data directory
+ if [ -z "$DATABASE_ALREADY_EXISTS" ]; then
+ docker_verify_minimum_env
+
+ # check dir permissions to reduce likelihood of half-initialized database
+ ls /docker-entrypoint-initdb.d/ > /dev/null
+
+ docker_init_database_dir
+ pg_setup_hba_conf "$@"
+
+ # PGPASSWORD is required for psql when authentication is required for 'local' connections via pg_hba.conf and is otherwise harmless
+ # e.g. when '--auth=md5' or '--auth-local=md5' is used in POSTGRES_INITDB_ARGS
+ export PGPASSWORD="${PGPASSWORD:-$POSTGRES_PASSWORD}"
+ docker_temp_server_start "$@"
+
+ docker_setup_db
+ docker_process_init_files /docker-entrypoint-initdb.d/*
+
+ docker_temp_server_stop
+ unset PGPASSWORD
+
+ cat <<-'EOM'
+
+ PostgreSQL init process complete; ready for start up.
+
+ EOM
+ else
+ cat <<-'EOM'
+
+ PostgreSQL Database directory appears to contain a database; Skipping initialization
+
+ EOM
+ fi
+ fi
+
+ exec "$@"
+}
+
+if ! _is_sourced; then
+ _main "$@"
+fi
diff --git a/18/bullseye/Dockerfile b/18/bullseye/Dockerfile
new file mode 100644
index 0000000000..c0e3724400
--- /dev/null
+++ b/18/bullseye/Dockerfile
@@ -0,0 +1,220 @@
+#
+# NOTE: THIS DOCKERFILE IS GENERATED VIA "apply-templates.sh"
+#
+# PLEASE DO NOT EDIT IT DIRECTLY.
+#
+
+FROM debian:bullseye-slim
+
+# explicitly set user/group IDs
+RUN set -eux; \
+ groupadd -r postgres --gid=999; \
+# https://salsa.debian.org/postgresql/postgresql-common/blob/997d842ee744687d99a2b2d95c1083a2615c79e8/debian/postgresql-common.postinst#L32-35
+ useradd -r -g postgres --uid=999 --home-dir=/var/lib/postgresql --shell=/bin/bash postgres; \
+# also create the postgres user's home directory with appropriate permissions
+# see https://github.com/docker-library/postgres/issues/274
+ install --verbose --directory --owner postgres --group postgres --mode 1777 /var/lib/postgresql
+
+RUN set -ex; \
+ apt-get update; \
+ apt-get install -y --no-install-recommends \
+ gnupg \
+# https://www.postgresql.org/docs/16/app-psql.html#APP-PSQL-META-COMMAND-PSET-PAGER
+# https://github.com/postgres/postgres/blob/REL_16_1/src/include/fe_utils/print.h#L25
+# (if "less" is available, it gets used as the default pager for psql, and it only adds ~1.5MiB to our image size)
+ less \
+ ; \
+ rm -rf /var/lib/apt/lists/*
+
+# grab gosu for easy step-down from root
+# https://github.com/tianon/gosu/releases
+ENV GOSU_VERSION 1.17
+RUN set -eux; \
+ savedAptMark="$(apt-mark showmanual)"; \
+ apt-get update; \
+ apt-get install -y --no-install-recommends ca-certificates wget; \
+ rm -rf /var/lib/apt/lists/*; \
+ dpkgArch="$(dpkg --print-architecture | awk -F- '{ print $NF }')"; \
+ wget -O /usr/local/bin/gosu "https://github.com/tianon/gosu/releases/download/$GOSU_VERSION/gosu-$dpkgArch"; \
+ wget -O /usr/local/bin/gosu.asc "https://github.com/tianon/gosu/releases/download/$GOSU_VERSION/gosu-$dpkgArch.asc"; \
+ export GNUPGHOME="$(mktemp -d)"; \
+ gpg --batch --keyserver hkps://keys.openpgp.org --recv-keys B42F6819007F00F88E364FD4036A9C25BF357DD4; \
+ gpg --batch --verify /usr/local/bin/gosu.asc /usr/local/bin/gosu; \
+ gpgconf --kill all; \
+ rm -rf "$GNUPGHOME" /usr/local/bin/gosu.asc; \
+ apt-mark auto '.*' > /dev/null; \
+ [ -z "$savedAptMark" ] || apt-mark manual $savedAptMark > /dev/null; \
+ apt-get purge -y --auto-remove -o APT::AutoRemove::RecommendsImportant=false; \
+ chmod +x /usr/local/bin/gosu; \
+ gosu --version; \
+ gosu nobody true
+
+# make the "en_US.UTF-8" locale so postgres will be utf-8 enabled by default
+RUN set -eux; \
+ if [ -f /etc/dpkg/dpkg.cfg.d/docker ]; then \
+# if this file exists, we're likely in "debian:xxx-slim", and locales are thus being excluded so we need to remove that exclusion (since we need locales)
+ grep -q '/usr/share/locale' /etc/dpkg/dpkg.cfg.d/docker; \
+ sed -ri '/\/usr\/share\/locale/d' /etc/dpkg/dpkg.cfg.d/docker; \
+ ! grep -q '/usr/share/locale' /etc/dpkg/dpkg.cfg.d/docker; \
+ fi; \
+ apt-get update; apt-get install -y --no-install-recommends locales; rm -rf /var/lib/apt/lists/*; \
+ echo 'en_US.UTF-8 UTF-8' >> /etc/locale.gen; \
+ locale-gen; \
+ locale -a | grep 'en_US.utf8'
+ENV LANG en_US.utf8
+
+RUN set -eux; \
+ apt-get update; \
+ apt-get install -y --no-install-recommends \
+ libnss-wrapper \
+ xz-utils \
+ zstd \
+ ; \
+ rm -rf /var/lib/apt/lists/*
+
+RUN mkdir /docker-entrypoint-initdb.d
+
+RUN set -ex; \
+# pub 4096R/ACCC4CF8 2011-10-13 [expires: 2019-07-02]
+# Key fingerprint = B97B 0AFC AA1A 47F0 44F2 44A0 7FCC 7D46 ACCC 4CF8
+# uid PostgreSQL Debian Repository
+ key='B97B0AFCAA1A47F044F244A07FCC7D46ACCC4CF8'; \
+ export GNUPGHOME="$(mktemp -d)"; \
+ mkdir -p /usr/local/share/keyrings/; \
+ gpg --batch --keyserver keyserver.ubuntu.com --recv-keys "$key"; \
+ gpg --batch --export --armor "$key" > /usr/local/share/keyrings/postgres.gpg.asc; \
+ gpgconf --kill all; \
+ rm -rf "$GNUPGHOME"
+
+ENV PG_MAJOR 18
+ENV PATH $PATH:/usr/lib/postgresql/$PG_MAJOR/bin
+
+ENV PG_VERSION 18~beta1-1.pgdg110+1
+
+RUN set -ex; \
+ \
+# see note below about "*.pyc" files
+ export PYTHONDONTWRITEBYTECODE=1; \
+ \
+ dpkgArch="$(dpkg --print-architecture)"; \
+ aptRepo="[ signed-by=/usr/local/share/keyrings/postgres.gpg.asc ] http://apt.postgresql.org/pub/repos/apt/ bullseye-pgdg main $PG_MAJOR"; \
+ case "$dpkgArch" in \
+ amd64 | arm64 | ppc64el) \
+# arches officialy built by upstream
+ echo "deb $aptRepo" > /etc/apt/sources.list.d/pgdg.list; \
+ apt-get update; \
+ ;; \
+ *) \
+# we're on an architecture upstream doesn't officially build for
+# let's build binaries from their published source packages
+ echo "deb-src $aptRepo" > /etc/apt/sources.list.d/pgdg.list; \
+ \
+ savedAptMark="$(apt-mark showmanual)"; \
+ \
+ tempDir="$(mktemp -d)"; \
+ cd "$tempDir"; \
+ \
+# create a temporary local APT repo to install from (so that dependency resolution can be handled by APT, as it should be)
+ apt-get update; \
+ apt-get install -y --no-install-recommends dpkg-dev; \
+ echo "deb [ trusted=yes ] file://$tempDir ./" > /etc/apt/sources.list.d/temp.list; \
+ _update_repo() { \
+ dpkg-scanpackages . > Packages; \
+# work around the following APT issue by using "Acquire::GzipIndexes=false" (overriding "/etc/apt/apt.conf.d/docker-gzip-indexes")
+# Could not open file /var/lib/apt/lists/partial/_tmp_tmp.ODWljpQfkE_._Packages - open (13: Permission denied)
+# ...
+# E: Failed to fetch store:/var/lib/apt/lists/partial/_tmp_tmp.ODWljpQfkE_._Packages Could not open file /var/lib/apt/lists/partial/_tmp_tmp.ODWljpQfkE_._Packages - open (13: Permission denied)
+ apt-get -o Acquire::GzipIndexes=false update; \
+ }; \
+ _update_repo; \
+ \
+# build .deb files from upstream's source packages (which are verified by apt-get)
+ nproc="$(nproc)"; \
+ export DEB_BUILD_OPTIONS="nocheck parallel=$nproc"; \
+# we have to build postgresql-common-dev first because postgresql-$PG_MAJOR shares "debian/rules" logic with it: https://salsa.debian.org/postgresql/postgresql/-/commit/f4338a0d28cf4541956bddb0f4e444ba9dba81b9
+ apt-get build-dep -y postgresql-common-dev; \
+ apt-get source --compile postgresql-common-dev; \
+ _update_repo; \
+ apt-get build-dep -y "postgresql-$PG_MAJOR=$PG_VERSION"; \
+ apt-get source --compile "postgresql-$PG_MAJOR=$PG_VERSION"; \
+ \
+# we don't remove APT lists here because they get re-downloaded and removed later
+ \
+# reset apt-mark's "manual" list so that "purge --auto-remove" will remove all build dependencies
+# (which is done after we install the built packages so we don't have to redownload any overlapping dependencies)
+ apt-mark showmanual | xargs apt-mark auto > /dev/null; \
+ apt-mark manual $savedAptMark; \
+ \
+ ls -lAFh; \
+ _update_repo; \
+ grep '^Package: ' Packages; \
+ cd /; \
+ ;; \
+ esac; \
+ \
+ apt-get install -y --no-install-recommends postgresql-common; \
+ sed -ri 's/#(create_main_cluster) .*$/\1 = false/' /etc/postgresql-common/createcluster.conf; \
+ apt-get install -y --no-install-recommends \
+ "postgresql-$PG_MAJOR=$PG_VERSION" \
+# https://github.com/docker-library/postgres/pull/1344#issuecomment-2936578203 (JIT is a separate package in 18+)
+ "postgresql-$PG_MAJOR-jit=$PG_VERSION" \
+ ; \
+ \
+ rm -rf /var/lib/apt/lists/*; \
+ \
+ if [ -n "$tempDir" ]; then \
+# if we have leftovers from building, let's purge them (including extra, unnecessary build deps)
+ apt-get purge -y --auto-remove; \
+ rm -rf "$tempDir" /etc/apt/sources.list.d/temp.list; \
+ fi; \
+ \
+# some of the steps above generate a lot of "*.pyc" files (and setting "PYTHONDONTWRITEBYTECODE" beforehand doesn't propagate properly for some reason), so we clean them up manually (as long as they aren't owned by a package)
+ find /usr -name '*.pyc' -type f -exec bash -c 'for pyc; do dpkg -S "$pyc" &> /dev/null || rm -vf "$pyc"; done' -- '{}' +; \
+ \
+ postgres --version
+
+# make the sample config easier to munge (and "correct by default")
+RUN set -eux; \
+ dpkg-divert --add --rename --divert "/usr/share/postgresql/postgresql.conf.sample.dpkg" "/usr/share/postgresql/$PG_MAJOR/postgresql.conf.sample"; \
+ cp -v /usr/share/postgresql/postgresql.conf.sample.dpkg /usr/share/postgresql/postgresql.conf.sample; \
+ ln -sv ../postgresql.conf.sample "/usr/share/postgresql/$PG_MAJOR/"; \
+ sed -ri "s!^#?(listen_addresses)\s*=\s*\S+.*!\1 = '*'!" /usr/share/postgresql/postgresql.conf.sample; \
+ grep -F "listen_addresses = '*'" /usr/share/postgresql/postgresql.conf.sample
+
+RUN install --verbose --directory --owner postgres --group postgres --mode 3777 /var/run/postgresql
+
+ENV PGDATA /var/lib/postgresql/data
+# this 1777 will be replaced by 0700 at runtime (allows semi-arbitrary "--user" values)
+RUN install --verbose --directory --owner postgres --group postgres --mode 1777 "$PGDATA"
+VOLUME /var/lib/postgresql/data
+
+COPY docker-entrypoint.sh docker-ensure-initdb.sh /usr/local/bin/
+RUN ln -sT docker-ensure-initdb.sh /usr/local/bin/docker-enforce-initdb.sh
+ENTRYPOINT ["docker-entrypoint.sh"]
+
+# We set the default STOPSIGNAL to SIGINT, which corresponds to what PostgreSQL
+# calls "Fast Shutdown mode" wherein new connections are disallowed and any
+# in-progress transactions are aborted, allowing PostgreSQL to stop cleanly and
+# flush tables to disk.
+#
+# See https://www.postgresql.org/docs/current/server-shutdown.html for more details
+# about available PostgreSQL server shutdown signals.
+#
+# See also https://www.postgresql.org/docs/current/server-start.html for further
+# justification of this as the default value, namely that the example (and
+# shipped) systemd service files use the "Fast Shutdown mode" for service
+# termination.
+#
+STOPSIGNAL SIGINT
+#
+# An additional setting that is recommended for all users regardless of this
+# value is the runtime "--stop-timeout" (or your orchestrator/runtime's
+# equivalent) for controlling how long to wait between sending the defined
+# STOPSIGNAL and sending SIGKILL.
+#
+# The default in most runtimes (such as Docker) is 10 seconds, and the
+# documentation at https://www.postgresql.org/docs/current/server-start.html notes
+# that even 90 seconds may not be long enough in many instances.
+
+EXPOSE 5432
+CMD ["postgres"]
diff --git a/18/bullseye/docker-ensure-initdb.sh b/18/bullseye/docker-ensure-initdb.sh
new file mode 100755
index 0000000000..ae1f6b6b90
--- /dev/null
+++ b/18/bullseye/docker-ensure-initdb.sh
@@ -0,0 +1,71 @@
+#!/usr/bin/env bash
+set -Eeuo pipefail
+
+#
+# This script is intended for three main use cases:
+#
+# 1. (most importantly) as an example of how to use "docker-entrypoint.sh" to extend/reuse the initialization behavior
+#
+# 2. ("docker-ensure-initdb.sh") as a Kubernetes "init container" to ensure the provided database directory is initialized; see also "startup probes" for an alternative solution
+# (no-op if database is already initialized)
+#
+# 3. ("docker-enforce-initdb.sh") as part of CI to ensure the database is fully initialized before use
+# (error if database is already initialized)
+#
+
+source /usr/local/bin/docker-entrypoint.sh
+
+# arguments to this script are assumed to be arguments to the "postgres" server (same as "docker-entrypoint.sh"), and most "docker-entrypoint.sh" functions assume "postgres" is the first argument (see "_main" over there)
+if [ "$#" -eq 0 ] || [ "$1" != 'postgres' ]; then
+ set -- postgres "$@"
+fi
+
+# see also "_main" in "docker-entrypoint.sh"
+
+docker_setup_env
+# setup data directories and permissions (when run as root)
+docker_create_db_directories
+if [ "$(id -u)" = '0' ]; then
+ # then restart script as postgres user
+ exec gosu postgres "$BASH_SOURCE" "$@"
+fi
+
+# only run initialization on an empty data directory
+if [ -z "$DATABASE_ALREADY_EXISTS" ]; then
+ docker_verify_minimum_env
+
+ # check dir permissions to reduce likelihood of half-initialized database
+ ls /docker-entrypoint-initdb.d/ > /dev/null
+
+ docker_init_database_dir
+ pg_setup_hba_conf "$@"
+
+ # PGPASSWORD is required for psql when authentication is required for 'local' connections via pg_hba.conf and is otherwise harmless
+ # e.g. when '--auth=md5' or '--auth-local=md5' is used in POSTGRES_INITDB_ARGS
+ export PGPASSWORD="${PGPASSWORD:-$POSTGRES_PASSWORD}"
+ docker_temp_server_start "$@"
+
+ docker_setup_db
+ docker_process_init_files /docker-entrypoint-initdb.d/*
+
+ docker_temp_server_stop
+ unset PGPASSWORD
+else
+ self="$(basename "$0")"
+ case "$self" in
+ docker-ensure-initdb.sh)
+ echo >&2 "$self: note: database already initialized in '$PGDATA'!"
+ exit 0
+ ;;
+
+ docker-enforce-initdb.sh)
+ echo >&2 "$self: error: (unexpected) database found in '$PGDATA'!"
+ exit 1
+ ;;
+
+ *)
+ echo >&2 "$self: error: unknown file name: $self"
+ exit 99
+ ;;
+ esac
+fi
diff --git a/18/bullseye/docker-entrypoint.sh b/18/bullseye/docker-entrypoint.sh
new file mode 100755
index 0000000000..ae40666ca1
--- /dev/null
+++ b/18/bullseye/docker-entrypoint.sh
@@ -0,0 +1,359 @@
+#!/usr/bin/env bash
+set -Eeo pipefail
+# TODO swap to -Eeuo pipefail above (after handling all potentially-unset variables)
+
+# usage: file_env VAR [DEFAULT]
+# ie: file_env 'XYZ_DB_PASSWORD' 'example'
+# (will allow for "$XYZ_DB_PASSWORD_FILE" to fill in the value of
+# "$XYZ_DB_PASSWORD" from a file, especially for Docker's secrets feature)
+file_env() {
+ local var="$1"
+ local fileVar="${var}_FILE"
+ local def="${2:-}"
+ if [ "${!var:-}" ] && [ "${!fileVar:-}" ]; then
+ printf >&2 'error: both %s and %s are set (but are exclusive)\n' "$var" "$fileVar"
+ exit 1
+ fi
+ local val="$def"
+ if [ "${!var:-}" ]; then
+ val="${!var}"
+ elif [ "${!fileVar:-}" ]; then
+ val="$(< "${!fileVar}")"
+ fi
+ export "$var"="$val"
+ unset "$fileVar"
+}
+
+# check to see if this file is being run or sourced from another script
+_is_sourced() {
+ # https://unix.stackexchange.com/a/215279
+ [ "${#FUNCNAME[@]}" -ge 2 ] \
+ && [ "${FUNCNAME[0]}" = '_is_sourced' ] \
+ && [ "${FUNCNAME[1]}" = 'source' ]
+}
+
+# used to create initial postgres directories and if run as root, ensure ownership to the "postgres" user
+docker_create_db_directories() {
+ local user; user="$(id -u)"
+
+ mkdir -p "$PGDATA"
+ # ignore failure since there are cases where we can't chmod (and PostgreSQL might fail later anyhow - it's picky about permissions of this directory)
+ chmod 00700 "$PGDATA" || :
+
+ # ignore failure since it will be fine when using the image provided directory; see also https://github.com/docker-library/postgres/pull/289
+ mkdir -p /var/run/postgresql || :
+ chmod 03775 /var/run/postgresql || :
+
+ # Create the transaction log directory before initdb is run so the directory is owned by the correct user
+ if [ -n "${POSTGRES_INITDB_WALDIR:-}" ]; then
+ mkdir -p "$POSTGRES_INITDB_WALDIR"
+ if [ "$user" = '0' ]; then
+ find "$POSTGRES_INITDB_WALDIR" \! -user postgres -exec chown postgres '{}' +
+ fi
+ chmod 700 "$POSTGRES_INITDB_WALDIR"
+ fi
+
+ # allow the container to be started with `--user`
+ if [ "$user" = '0' ]; then
+ find "$PGDATA" \! -user postgres -exec chown postgres '{}' +
+ find /var/run/postgresql \! -user postgres -exec chown postgres '{}' +
+ fi
+}
+
+# initialize empty PGDATA directory with new database via 'initdb'
+# arguments to `initdb` can be passed via POSTGRES_INITDB_ARGS or as arguments to this function
+# `initdb` automatically creates the "postgres", "template0", and "template1" dbnames
+# this is also where the database user is created, specified by `POSTGRES_USER` env
+docker_init_database_dir() {
+ # "initdb" is particular about the current user existing in "/etc/passwd", so we use "nss_wrapper" to fake that if necessary
+ # see https://github.com/docker-library/postgres/pull/253, https://github.com/docker-library/postgres/issues/359, https://cwrap.org/nss_wrapper.html
+ local uid; uid="$(id -u)"
+ if ! getent passwd "$uid" &> /dev/null; then
+ # see if we can find a suitable "libnss_wrapper.so" (https://salsa.debian.org/sssd-team/nss-wrapper/-/commit/b9925a653a54e24d09d9b498a2d913729f7abb15)
+ local wrapper
+ for wrapper in {/usr,}/lib{/*,}/libnss_wrapper.so; do
+ if [ -s "$wrapper" ]; then
+ NSS_WRAPPER_PASSWD="$(mktemp)"
+ NSS_WRAPPER_GROUP="$(mktemp)"
+ export LD_PRELOAD="$wrapper" NSS_WRAPPER_PASSWD NSS_WRAPPER_GROUP
+ local gid; gid="$(id -g)"
+ printf 'postgres:x:%s:%s:PostgreSQL:%s:/bin/false\n' "$uid" "$gid" "$PGDATA" > "$NSS_WRAPPER_PASSWD"
+ printf 'postgres:x:%s:\n' "$gid" > "$NSS_WRAPPER_GROUP"
+ break
+ fi
+ done
+ fi
+
+ if [ -n "${POSTGRES_INITDB_WALDIR:-}" ]; then
+ set -- --waldir "$POSTGRES_INITDB_WALDIR" "$@"
+ fi
+
+ # --pwfile refuses to handle a properly-empty file (hence the "\n"): https://github.com/docker-library/postgres/issues/1025
+ eval 'initdb --username="$POSTGRES_USER" --pwfile=<(printf "%s\n" "$POSTGRES_PASSWORD") '"$POSTGRES_INITDB_ARGS"' "$@"'
+
+ # unset/cleanup "nss_wrapper" bits
+ if [[ "${LD_PRELOAD:-}" == */libnss_wrapper.so ]]; then
+ rm -f "$NSS_WRAPPER_PASSWD" "$NSS_WRAPPER_GROUP"
+ unset LD_PRELOAD NSS_WRAPPER_PASSWD NSS_WRAPPER_GROUP
+ fi
+}
+
+# print large warning if POSTGRES_PASSWORD is long
+# error if both POSTGRES_PASSWORD is empty and POSTGRES_HOST_AUTH_METHOD is not 'trust'
+# print large warning if POSTGRES_HOST_AUTH_METHOD is set to 'trust'
+# assumes database is not set up, ie: [ -z "$DATABASE_ALREADY_EXISTS" ]
+docker_verify_minimum_env() {
+ case "${PG_MAJOR:-}" in
+ 13) # https://github.com/postgres/postgres/commit/67a472d71c98c3d2fa322a1b4013080b20720b98
+ # check password first so we can output the warning before postgres
+ # messes it up
+ if [ "${#POSTGRES_PASSWORD}" -ge 100 ]; then
+ cat >&2 <<-'EOWARN'
+
+ WARNING: The supplied POSTGRES_PASSWORD is 100+ characters.
+
+ This will not work if used via PGPASSWORD with "psql".
+
+ https://www.postgresql.org/message-id/flat/E1Rqxp2-0004Qt-PL%40wrigleys.postgresql.org (BUG #6412)
+ https://github.com/docker-library/postgres/issues/507
+
+ EOWARN
+ fi
+ ;;
+ esac
+ if [ -z "$POSTGRES_PASSWORD" ] && [ 'trust' != "$POSTGRES_HOST_AUTH_METHOD" ]; then
+ # The - option suppresses leading tabs but *not* spaces. :)
+ cat >&2 <<-'EOE'
+ Error: Database is uninitialized and superuser password is not specified.
+ You must specify POSTGRES_PASSWORD to a non-empty value for the
+ superuser. For example, "-e POSTGRES_PASSWORD=password" on "docker run".
+
+ You may also use "POSTGRES_HOST_AUTH_METHOD=trust" to allow all
+ connections without a password. This is *not* recommended.
+
+ See PostgreSQL documentation about "trust":
+ https://www.postgresql.org/docs/current/auth-trust.html
+ EOE
+ exit 1
+ fi
+ if [ 'trust' = "$POSTGRES_HOST_AUTH_METHOD" ]; then
+ cat >&2 <<-'EOWARN'
+ ********************************************************************************
+ WARNING: POSTGRES_HOST_AUTH_METHOD has been set to "trust". This will allow
+ anyone with access to the Postgres port to access your database without
+ a password, even if POSTGRES_PASSWORD is set. See PostgreSQL
+ documentation about "trust":
+ https://www.postgresql.org/docs/current/auth-trust.html
+ In Docker's default configuration, this is effectively any other
+ container on the same system.
+
+ It is not recommended to use POSTGRES_HOST_AUTH_METHOD=trust. Replace
+ it with "-e POSTGRES_PASSWORD=password" instead to set a password in
+ "docker run".
+ ********************************************************************************
+ EOWARN
+ fi
+}
+
+# usage: docker_process_init_files [file [file [...]]]
+# ie: docker_process_init_files /always-initdb.d/*
+# process initializer files, based on file extensions and permissions
+docker_process_init_files() {
+ # psql here for backwards compatibility "${psql[@]}"
+ psql=( docker_process_sql )
+
+ printf '\n'
+ local f
+ for f; do
+ case "$f" in
+ *.sh)
+ # https://github.com/docker-library/postgres/issues/450#issuecomment-393167936
+ # https://github.com/docker-library/postgres/pull/452
+ if [ -x "$f" ]; then
+ printf '%s: running %s\n' "$0" "$f"
+ "$f"
+ else
+ printf '%s: sourcing %s\n' "$0" "$f"
+ . "$f"
+ fi
+ ;;
+ *.sql) printf '%s: running %s\n' "$0" "$f"; docker_process_sql -f "$f"; printf '\n' ;;
+ *.sql.gz) printf '%s: running %s\n' "$0" "$f"; gunzip -c "$f" | docker_process_sql; printf '\n' ;;
+ *.sql.xz) printf '%s: running %s\n' "$0" "$f"; xzcat "$f" | docker_process_sql; printf '\n' ;;
+ *.sql.zst) printf '%s: running %s\n' "$0" "$f"; zstd -dc "$f" | docker_process_sql; printf '\n' ;;
+ *) printf '%s: ignoring %s\n' "$0" "$f" ;;
+ esac
+ printf '\n'
+ done
+}
+
+# Execute sql script, passed via stdin (or -f flag of pqsl)
+# usage: docker_process_sql [psql-cli-args]
+# ie: docker_process_sql --dbname=mydb <<<'INSERT ...'
+# ie: docker_process_sql -f my-file.sql
+# ie: docker_process_sql <my-file.sql
+docker_process_sql() {
+ local query_runner=( psql -v ON_ERROR_STOP=1 --username "$POSTGRES_USER" --no-password --no-psqlrc )
+ if [ -n "$POSTGRES_DB" ]; then
+ query_runner+=( --dbname "$POSTGRES_DB" )
+ fi
+
+ PGHOST= PGHOSTADDR= "${query_runner[@]}" "$@"
+}
+
+# create initial database
+# uses environment variables for input: POSTGRES_DB
+docker_setup_db() {
+ local dbAlreadyExists
+ dbAlreadyExists="$(
+ POSTGRES_DB= docker_process_sql --dbname postgres --set db="$POSTGRES_DB" --tuples-only <<-'EOSQL'
+ SELECT 1 FROM pg_database WHERE datname = :'db' ;
+ EOSQL
+ )"
+ if [ -z "$dbAlreadyExists" ]; then
+ POSTGRES_DB= docker_process_sql --dbname postgres --set db="$POSTGRES_DB" <<-'EOSQL'
+ CREATE DATABASE :"db" ;
+ EOSQL
+ printf '\n'
+ fi
+}
+
+# Loads various settings that are used elsewhere in the script
+# This should be called before any other functions
+docker_setup_env() {
+ file_env 'POSTGRES_PASSWORD'
+
+ file_env 'POSTGRES_USER' 'postgres'
+ file_env 'POSTGRES_DB' "$POSTGRES_USER"
+ file_env 'POSTGRES_INITDB_ARGS'
+ : "${POSTGRES_HOST_AUTH_METHOD:=}"
+
+ declare -g DATABASE_ALREADY_EXISTS
+ : "${DATABASE_ALREADY_EXISTS:=}"
+ # look specifically for PG_VERSION, as it is expected in the DB dir
+ if [ -s "$PGDATA/PG_VERSION" ]; then
+ DATABASE_ALREADY_EXISTS='true'
+ fi
+}
+
+# append POSTGRES_HOST_AUTH_METHOD to pg_hba.conf for "host" connections
+# all arguments will be passed along as arguments to `postgres` for getting the value of 'password_encryption'
+pg_setup_hba_conf() {
+ # default authentication method is md5 on versions before 14
+ # https://www.postgresql.org/about/news/postgresql-14-released-2318/
+ if [ "$1" = 'postgres' ]; then
+ shift
+ fi
+ local auth
+ # check the default/configured encryption and use that as the auth method
+ auth="$(postgres -C password_encryption "$@")"
+ : "${POSTGRES_HOST_AUTH_METHOD:=$auth}"
+ {
+ printf '\n'
+ if [ 'trust' = "$POSTGRES_HOST_AUTH_METHOD" ]; then
+ printf '# warning trust is enabled for all connections\n'
+ printf '# see https://www.postgresql.org/docs/17/auth-trust.html\n'
+ fi
+ printf 'host all all all %s\n' "$POSTGRES_HOST_AUTH_METHOD"
+ } >> "$PGDATA/pg_hba.conf"
+}
+
+# start socket-only postgresql server for setting up or running scripts
+# all arguments will be passed along as arguments to `postgres` (via pg_ctl)
+docker_temp_server_start() {
+ if [ "$1" = 'postgres' ]; then
+ shift
+ fi
+
+ # internal start of server in order to allow setup using psql client
+ # does not listen on external TCP/IP and waits until start finishes
+ set -- "$@" -c listen_addresses='' -p "${PGPORT:-5432}"
+
+ # unset NOTIFY_SOCKET so the temporary server doesn't prematurely notify
+ # any process supervisor.
+ NOTIFY_SOCKET= \
+ PGUSER="${PGUSER:-$POSTGRES_USER}" \
+ pg_ctl -D "$PGDATA" \
+ -o "$(printf '%q ' "$@")" \
+ -w start
+}
+
+# stop postgresql server after done setting up user and running scripts
+docker_temp_server_stop() {
+ PGUSER="${PGUSER:-postgres}" \
+ pg_ctl -D "$PGDATA" -m fast -w stop
+}
+
+# check arguments for an option that would cause postgres to stop
+# return true if there is one
+_pg_want_help() {
+ local arg
+ for arg; do
+ case "$arg" in
+ # postgres --help | grep 'then exit'
+ # leaving out -C on purpose since it always fails and is unhelpful:
+ # postgres: could not access the server configuration file "/var/lib/postgresql/data/postgresql.conf": No such file or directory
+ -'?'|--help|--describe-config|-V|--version)
+ return 0
+ ;;
+ esac
+ done
+ return 1
+}
+
+_main() {
+ # if first arg looks like a flag, assume we want to run postgres server
+ if [ "${1:0:1}" = '-' ]; then
+ set -- postgres "$@"
+ fi
+
+ if [ "$1" = 'postgres' ] && ! _pg_want_help "$@"; then
+ docker_setup_env
+ # setup data directories and permissions (when run as root)
+ docker_create_db_directories
+ if [ "$(id -u)" = '0' ]; then
+ # then restart script as postgres user
+ exec gosu postgres "$BASH_SOURCE" "$@"
+ fi
+
+ # only run initialization on an empty data directory
+ if [ -z "$DATABASE_ALREADY_EXISTS" ]; then
+ docker_verify_minimum_env
+
+ # check dir permissions to reduce likelihood of half-initialized database
+ ls /docker-entrypoint-initdb.d/ > /dev/null
+
+ docker_init_database_dir
+ pg_setup_hba_conf "$@"
+
+ # PGPASSWORD is required for psql when authentication is required for 'local' connections via pg_hba.conf and is otherwise harmless
+ # e.g. when '--auth=md5' or '--auth-local=md5' is used in POSTGRES_INITDB_ARGS
+ export PGPASSWORD="${PGPASSWORD:-$POSTGRES_PASSWORD}"
+ docker_temp_server_start "$@"
+
+ docker_setup_db
+ docker_process_init_files /docker-entrypoint-initdb.d/*
+
+ docker_temp_server_stop
+ unset PGPASSWORD
+
+ cat <<-'EOM'
+
+ PostgreSQL init process complete; ready for start up.
+
+ EOM
+ else
+ cat <<-'EOM'
+
+ PostgreSQL Database directory appears to contain a database; Skipping initialization
+
+ EOM
+ fi
+ fi
+
+ exec "$@"
+}
+
+if ! _is_sourced; then
+ _main "$@"
+fi
diff --git a/Dockerfile-debian.template b/Dockerfile-debian.template
index a81072a524..340047f611 100644
--- a/Dockerfile-debian.template
+++ b/Dockerfile-debian.template
@@ -154,6 +154,10 @@ RUN set -ex; \
sed -ri 's/#(create_main_cluster) .*$/\1 = false/' /etc/postgresql-common/createcluster.conf; \
apt-get install -y --no-install-recommends \
"postgresql-$PG_MAJOR=$PG_VERSION" \
+{{ if .major >= 18 then ( -}}
+# https://github.com/docker-library/postgres/pull/1344#issuecomment-2936578203 (JIT is a separate package in 18+)
+ "postgresql-$PG_MAJOR-jit=$PG_VERSION" \
+{{ ) else "" end -}}
; \
\
rm -rf /var/lib/apt/lists/*; \
diff --git a/versions.json b/versions.json
index 102381e55c..96e2558966 100644
--- a/versions.json
+++ b/versions.json
@@ -143,5 +143,34 @@
"alpine3.21"
],
"version": "17.5"
+ },
+ "18": {
+ "alpine": "3.22",
+ "bookworm": {
+ "arches": [
+ "amd64",
+ "arm64",
+ "ppc64el"
+ ],
+ "version": "18~beta1-1.pgdg120+1"
+ },
+ "bullseye": {
+ "arches": [
+ "amd64",
+ "arm64",
+ "ppc64el"
+ ],
+ "version": "18~beta1-1.pgdg110+1"
+ },
+ "debian": "bookworm",
+ "major": 18,
+ "sha256": "0b7c83df6195398aa67dbf5c002e7fa4082be393aae99aa69926d483f98eb885",
+ "variants": [
+ "bookworm",
+ "bullseye",
+ "alpine3.22",
+ "alpine3.21"
+ ],
+ "version": "18beta1"
}
}
From b9a533c87bdd767c228bf4c7490f9a6437a7d9f3 Mon Sep 17 00:00:00 2001
From: Tianon Gravi <admwiggin@gmail.com>
Date: Mon, 8 Jul 2024 15:23:35 -0700
Subject: [PATCH 114/115] Change `PGDATA` in 18+ to
`/var/lib/postgresql/MAJOR/docker`
This is a pretty large breaking change, which is why this only makes the change in 18+ (which is currently in pre-release stages, and not due for GA until September, and pre-release `PGDATA` directories are officially *not supported* on the GA release anyhow).
Concretely, this changes `PGDATA` to `/var/lib/postgresql/MAJOR/docker`, which matches the pre-existing convention/standard of the `pg_ctlcluster`/`postgresql-common` set of commands, and frankly is what we should've done to begin with, in a classic case of Chesterton's Fence (https://en.wikipedia.org/wiki/Wikipedia:Chesterton%27s_fence).
This also changes the `VOLUME` to `/var/lib/postgresql`, which should be more reasonable, and make the upgrade constraints more obvious.
For any users who have been testing the pre-releases, the simplest way to keep your existing data directory is going to be to add `PGDATA=/var/lib/postgresql/data` as an environment variable on your container or adjust your bind-mount from `/var/lib/postgresql/data` to `/var/lib/postgresql/18/docker`, but the *best* way is going to be to refactor your host directory such that your data lives at `18/docker` inside and you can then mount directly to `/var/lib/postgresql` (possibly setting `PGDATA=/var/lib/postgresql/MAJOR/docker` as well, if you want to go overboard on being explicit).
---
18/alpine3.21/Dockerfile | 11 +++++++----
18/alpine3.22/Dockerfile | 11 +++++++----
18/bookworm/Dockerfile | 11 +++++++----
18/bullseye/Dockerfile | 11 +++++++----
Dockerfile-alpine.template | 10 ++++++++++
Dockerfile-debian.template | 10 ++++++++++
6 files changed, 48 insertions(+), 16 deletions(-)
diff --git a/18/alpine3.21/Dockerfile b/18/alpine3.21/Dockerfile
index 86aad693fd..e9eff8d01f 100644
--- a/18/alpine3.21/Dockerfile
+++ b/18/alpine3.21/Dockerfile
@@ -190,10 +190,13 @@ RUN set -eux; \
RUN install --verbose --directory --owner postgres --group postgres --mode 3777 /var/run/postgresql
-ENV PGDATA /var/lib/postgresql/data
-# this 1777 will be replaced by 0700 at runtime (allows semi-arbitrary "--user" values)
-RUN install --verbose --directory --owner postgres --group postgres --mode 1777 "$PGDATA"
-VOLUME /var/lib/postgresql/data
+#
+# NOTE: in 18+, PGDATA has changed to match the pg_ctlcluster standard directory structure, and the VOLUME has moved from /var/lib/postgresql/data to /var/lib/postgresql
+#
+ENV PGDATA /var/lib/postgresql/18/docker
+RUN ln -svT . /var/lib/postgresql/data # https://github.com/docker-library/postgres/pull/1259#issuecomment-2215477494
+VOLUME /var/lib/postgresql
+# ("/var/lib/postgresql" is already pre-created with suitably usable permissions above)
COPY docker-entrypoint.sh docker-ensure-initdb.sh /usr/local/bin/
RUN ln -sT docker-ensure-initdb.sh /usr/local/bin/docker-enforce-initdb.sh
diff --git a/18/alpine3.22/Dockerfile b/18/alpine3.22/Dockerfile
index c4cc148dde..248d5cb987 100644
--- a/18/alpine3.22/Dockerfile
+++ b/18/alpine3.22/Dockerfile
@@ -190,10 +190,13 @@ RUN set -eux; \
RUN install --verbose --directory --owner postgres --group postgres --mode 3777 /var/run/postgresql
-ENV PGDATA /var/lib/postgresql/data
-# this 1777 will be replaced by 0700 at runtime (allows semi-arbitrary "--user" values)
-RUN install --verbose --directory --owner postgres --group postgres --mode 1777 "$PGDATA"
-VOLUME /var/lib/postgresql/data
+#
+# NOTE: in 18+, PGDATA has changed to match the pg_ctlcluster standard directory structure, and the VOLUME has moved from /var/lib/postgresql/data to /var/lib/postgresql
+#
+ENV PGDATA /var/lib/postgresql/18/docker
+RUN ln -svT . /var/lib/postgresql/data # https://github.com/docker-library/postgres/pull/1259#issuecomment-2215477494
+VOLUME /var/lib/postgresql
+# ("/var/lib/postgresql" is already pre-created with suitably usable permissions above)
COPY docker-entrypoint.sh docker-ensure-initdb.sh /usr/local/bin/
RUN ln -sT docker-ensure-initdb.sh /usr/local/bin/docker-enforce-initdb.sh
diff --git a/18/bookworm/Dockerfile b/18/bookworm/Dockerfile
index f71b81b9f3..88e36344e0 100644
--- a/18/bookworm/Dockerfile
+++ b/18/bookworm/Dockerfile
@@ -183,10 +183,13 @@ RUN set -eux; \
RUN install --verbose --directory --owner postgres --group postgres --mode 3777 /var/run/postgresql
-ENV PGDATA /var/lib/postgresql/data
-# this 1777 will be replaced by 0700 at runtime (allows semi-arbitrary "--user" values)
-RUN install --verbose --directory --owner postgres --group postgres --mode 1777 "$PGDATA"
-VOLUME /var/lib/postgresql/data
+#
+# NOTE: in 18+, PGDATA has changed to match the pg_ctlcluster standard directory structure, and the VOLUME has moved from /var/lib/postgresql/data to /var/lib/postgresql
+#
+ENV PGDATA /var/lib/postgresql/18/docker
+RUN ln -svT . /var/lib/postgresql/data # https://github.com/docker-library/postgres/pull/1259#issuecomment-2215477494
+VOLUME /var/lib/postgresql
+# ("/var/lib/postgresql" is already pre-created with suitably usable permissions above)
COPY docker-entrypoint.sh docker-ensure-initdb.sh /usr/local/bin/
RUN ln -sT docker-ensure-initdb.sh /usr/local/bin/docker-enforce-initdb.sh
diff --git a/18/bullseye/Dockerfile b/18/bullseye/Dockerfile
index c0e3724400..b2ec63d5b9 100644
--- a/18/bullseye/Dockerfile
+++ b/18/bullseye/Dockerfile
@@ -183,10 +183,13 @@ RUN set -eux; \
RUN install --verbose --directory --owner postgres --group postgres --mode 3777 /var/run/postgresql
-ENV PGDATA /var/lib/postgresql/data
-# this 1777 will be replaced by 0700 at runtime (allows semi-arbitrary "--user" values)
-RUN install --verbose --directory --owner postgres --group postgres --mode 1777 "$PGDATA"
-VOLUME /var/lib/postgresql/data
+#
+# NOTE: in 18+, PGDATA has changed to match the pg_ctlcluster standard directory structure, and the VOLUME has moved from /var/lib/postgresql/data to /var/lib/postgresql
+#
+ENV PGDATA /var/lib/postgresql/18/docker
+RUN ln -svT . /var/lib/postgresql/data # https://github.com/docker-library/postgres/pull/1259#issuecomment-2215477494
+VOLUME /var/lib/postgresql
+# ("/var/lib/postgresql" is already pre-created with suitably usable permissions above)
COPY docker-entrypoint.sh docker-ensure-initdb.sh /usr/local/bin/
RUN ln -sT docker-ensure-initdb.sh /usr/local/bin/docker-enforce-initdb.sh
diff --git a/Dockerfile-alpine.template b/Dockerfile-alpine.template
index 29be5edb24..e64ad2fc2f 100644
--- a/Dockerfile-alpine.template
+++ b/Dockerfile-alpine.template
@@ -212,10 +212,20 @@ RUN set -eux; \
RUN install --verbose --directory --owner postgres --group postgres --mode 3777 /var/run/postgresql
+{{ if .major >= 18 then ( -}}
+#
+# NOTE: in 18+, PGDATA has changed to match the pg_ctlcluster standard directory structure, and the VOLUME has moved from /var/lib/postgresql/data to /var/lib/postgresql
+#
+ENV PGDATA /var/lib/postgresql/{{ .major | tostring }}/docker
+RUN ln -svT . /var/lib/postgresql/data # https://github.com/docker-library/postgres/pull/1259#issuecomment-2215477494
+VOLUME /var/lib/postgresql
+# ("/var/lib/postgresql" is already pre-created with suitably usable permissions above)
+{{ ) else ( -}}
ENV PGDATA /var/lib/postgresql/data
# this 1777 will be replaced by 0700 at runtime (allows semi-arbitrary "--user" values)
RUN install --verbose --directory --owner postgres --group postgres --mode 1777 "$PGDATA"
VOLUME /var/lib/postgresql/data
+{{ ) end -}}
COPY docker-entrypoint.sh docker-ensure-initdb.sh /usr/local/bin/
RUN ln -sT docker-ensure-initdb.sh /usr/local/bin/docker-enforce-initdb.sh
diff --git a/Dockerfile-debian.template b/Dockerfile-debian.template
index 340047f611..de0ea03974 100644
--- a/Dockerfile-debian.template
+++ b/Dockerfile-debian.template
@@ -183,10 +183,20 @@ RUN set -eux; \
RUN install --verbose --directory --owner postgres --group postgres --mode 3777 /var/run/postgresql
+{{ if .major >= 18 then ( -}}
+#
+# NOTE: in 18+, PGDATA has changed to match the pg_ctlcluster standard directory structure, and the VOLUME has moved from /var/lib/postgresql/data to /var/lib/postgresql
+#
+ENV PGDATA /var/lib/postgresql/{{ .major | tostring }}/docker
+RUN ln -svT . /var/lib/postgresql/data # https://github.com/docker-library/postgres/pull/1259#issuecomment-2215477494
+VOLUME /var/lib/postgresql
+# ("/var/lib/postgresql" is already pre-created with suitably usable permissions above)
+{{ ) else ( -}}
ENV PGDATA /var/lib/postgresql/data
# this 1777 will be replaced by 0700 at runtime (allows semi-arbitrary "--user" values)
RUN install --verbose --directory --owner postgres --group postgres --mode 1777 "$PGDATA"
VOLUME /var/lib/postgresql/data
+{{ ) end -}}
COPY docker-entrypoint.sh docker-ensure-initdb.sh /usr/local/bin/
RUN ln -sT docker-ensure-initdb.sh /usr/local/bin/docker-enforce-initdb.sh
From 2c6fe8daca9d2ccc143afe6b1cdbc1eb80379d3f Mon Sep 17 00:00:00 2001
From: Tianon Gravi <admwiggin@gmail.com>
Date: Wed, 4 Jun 2025 15:56:12 -0700
Subject: [PATCH 115/115] Add logic to error out on detection of "old
databases"
---
13/alpine3.21/docker-ensure-initdb.sh | 1 +
13/alpine3.21/docker-entrypoint.sh | 32 +++++++++++++++++++++++++++
13/alpine3.22/docker-ensure-initdb.sh | 1 +
13/alpine3.22/docker-entrypoint.sh | 32 +++++++++++++++++++++++++++
13/bookworm/docker-ensure-initdb.sh | 1 +
13/bookworm/docker-entrypoint.sh | 32 +++++++++++++++++++++++++++
13/bullseye/docker-ensure-initdb.sh | 1 +
13/bullseye/docker-entrypoint.sh | 32 +++++++++++++++++++++++++++
14/alpine3.21/docker-ensure-initdb.sh | 1 +
14/alpine3.21/docker-entrypoint.sh | 32 +++++++++++++++++++++++++++
14/alpine3.22/docker-ensure-initdb.sh | 1 +
14/alpine3.22/docker-entrypoint.sh | 32 +++++++++++++++++++++++++++
14/bookworm/docker-ensure-initdb.sh | 1 +
14/bookworm/docker-entrypoint.sh | 32 +++++++++++++++++++++++++++
14/bullseye/docker-ensure-initdb.sh | 1 +
14/bullseye/docker-entrypoint.sh | 32 +++++++++++++++++++++++++++
15/alpine3.21/docker-ensure-initdb.sh | 1 +
15/alpine3.21/docker-entrypoint.sh | 32 +++++++++++++++++++++++++++
15/alpine3.22/docker-ensure-initdb.sh | 1 +
15/alpine3.22/docker-entrypoint.sh | 32 +++++++++++++++++++++++++++
15/bookworm/docker-ensure-initdb.sh | 1 +
15/bookworm/docker-entrypoint.sh | 32 +++++++++++++++++++++++++++
15/bullseye/docker-ensure-initdb.sh | 1 +
15/bullseye/docker-entrypoint.sh | 32 +++++++++++++++++++++++++++
16/alpine3.21/docker-ensure-initdb.sh | 1 +
16/alpine3.21/docker-entrypoint.sh | 32 +++++++++++++++++++++++++++
16/alpine3.22/docker-ensure-initdb.sh | 1 +
16/alpine3.22/docker-entrypoint.sh | 32 +++++++++++++++++++++++++++
16/bookworm/docker-ensure-initdb.sh | 1 +
16/bookworm/docker-entrypoint.sh | 32 +++++++++++++++++++++++++++
16/bullseye/docker-ensure-initdb.sh | 1 +
16/bullseye/docker-entrypoint.sh | 32 +++++++++++++++++++++++++++
17/alpine3.21/docker-ensure-initdb.sh | 1 +
17/alpine3.21/docker-entrypoint.sh | 32 +++++++++++++++++++++++++++
17/alpine3.22/docker-ensure-initdb.sh | 1 +
17/alpine3.22/docker-entrypoint.sh | 32 +++++++++++++++++++++++++++
17/bookworm/docker-ensure-initdb.sh | 1 +
17/bookworm/docker-entrypoint.sh | 32 +++++++++++++++++++++++++++
17/bullseye/docker-ensure-initdb.sh | 1 +
17/bullseye/docker-entrypoint.sh | 32 +++++++++++++++++++++++++++
18/alpine3.21/docker-ensure-initdb.sh | 1 +
18/alpine3.21/docker-entrypoint.sh | 32 +++++++++++++++++++++++++++
18/alpine3.22/docker-ensure-initdb.sh | 1 +
18/alpine3.22/docker-entrypoint.sh | 32 +++++++++++++++++++++++++++
18/bookworm/docker-ensure-initdb.sh | 1 +
18/bookworm/docker-entrypoint.sh | 32 +++++++++++++++++++++++++++
18/bullseye/docker-ensure-initdb.sh | 1 +
18/bullseye/docker-entrypoint.sh | 32 +++++++++++++++++++++++++++
docker-ensure-initdb.sh | 1 +
docker-entrypoint.sh | 32 +++++++++++++++++++++++++++
50 files changed, 825 insertions(+)
diff --git a/13/alpine3.21/docker-ensure-initdb.sh b/13/alpine3.21/docker-ensure-initdb.sh
index ae1f6b6b90..e9b15ef77d 100755
--- a/13/alpine3.21/docker-ensure-initdb.sh
+++ b/13/alpine3.21/docker-ensure-initdb.sh
@@ -33,6 +33,7 @@ fi
# only run initialization on an empty data directory
if [ -z "$DATABASE_ALREADY_EXISTS" ]; then
docker_verify_minimum_env
+ docker_error_old_databases
# check dir permissions to reduce likelihood of half-initialized database
ls /docker-entrypoint-initdb.d/ > /dev/null
diff --git a/13/alpine3.21/docker-entrypoint.sh b/13/alpine3.21/docker-entrypoint.sh
index ae40666ca1..5a62870b50 100755
--- a/13/alpine3.21/docker-entrypoint.sh
+++ b/13/alpine3.21/docker-entrypoint.sh
@@ -154,6 +154,29 @@ docker_verify_minimum_env() {
EOWARN
fi
}
+# similar to the above, but errors if there are any "old" databases detected (usually due to upgrades without pg_upgrade)
+docker_error_old_databases() {
+ if [ -n "${OLD_DATABASES[0]:-}" ]; then
+ cat >&2 <<-EOE
+ Error: in 18+, these Docker images are configured to store database data in a
+ format which is compatible with "pg_ctlcluster" (specifically, using
+ major-version-specific directory names). This better reflects how
+ PostgreSQL itself works, and how upgrades are to be performed.
+
+ See also https://github.com/docker-library/postgres/pull/1259
+
+ Counter to that, there appears to be PostgreSQL data in:
+ ${OLD_DATABASES[*]}
+
+ This is usually the result of upgrading the Docker image without upgrading
+ the underlying database using "pg_upgrade" (which requires both versions).
+
+ See https://github.com/docker-library/postgres/issues/37 for a (long)
+ discussion around this process, and suggestions for how to do so.
+ EOE
+ exit 1
+ fi
+}
# usage: docker_process_init_files [file [file [...]]]
# ie: docker_process_init_files /always-initdb.d/*
@@ -230,9 +253,17 @@ docker_setup_env() {
declare -g DATABASE_ALREADY_EXISTS
: "${DATABASE_ALREADY_EXISTS:=}"
+ declare -ag OLD_DATABASES=()
# look specifically for PG_VERSION, as it is expected in the DB dir
if [ -s "$PGDATA/PG_VERSION" ]; then
DATABASE_ALREADY_EXISTS='true'
+ elif [ "$PGDATA" = "/var/lib/postgresql/$PG_MAJOR/docker" ]; then
+ # https://github.com/docker-library/postgres/pull/1259
+ for d in /var/lib/postgresql /var/lib/postgresql/data /var/lib/postgresql/*/docker; do
+ if [ -s "$d/PG_VERSION" ]; then
+ OLD_DATABASES+=( "$d" )
+ fi
+ done
fi
}
@@ -319,6 +350,7 @@ _main() {
# only run initialization on an empty data directory
if [ -z "$DATABASE_ALREADY_EXISTS" ]; then
docker_verify_minimum_env
+ docker_error_old_databases
# check dir permissions to reduce likelihood of half-initialized database
ls /docker-entrypoint-initdb.d/ > /dev/null
diff --git a/13/alpine3.22/docker-ensure-initdb.sh b/13/alpine3.22/docker-ensure-initdb.sh
index ae1f6b6b90..e9b15ef77d 100755
--- a/13/alpine3.22/docker-ensure-initdb.sh
+++ b/13/alpine3.22/docker-ensure-initdb.sh
@@ -33,6 +33,7 @@ fi
# only run initialization on an empty data directory
if [ -z "$DATABASE_ALREADY_EXISTS" ]; then
docker_verify_minimum_env
+ docker_error_old_databases
# check dir permissions to reduce likelihood of half-initialized database
ls /docker-entrypoint-initdb.d/ > /dev/null
diff --git a/13/alpine3.22/docker-entrypoint.sh b/13/alpine3.22/docker-entrypoint.sh
index ae40666ca1..5a62870b50 100755
--- a/13/alpine3.22/docker-entrypoint.sh
+++ b/13/alpine3.22/docker-entrypoint.sh
@@ -154,6 +154,29 @@ docker_verify_minimum_env() {
EOWARN
fi
}
+# similar to the above, but errors if there are any "old" databases detected (usually due to upgrades without pg_upgrade)
+docker_error_old_databases() {
+ if [ -n "${OLD_DATABASES[0]:-}" ]; then
+ cat >&2 <<-EOE
+ Error: in 18+, these Docker images are configured to store database data in a
+ format which is compatible with "pg_ctlcluster" (specifically, using
+ major-version-specific directory names). This better reflects how
+ PostgreSQL itself works, and how upgrades are to be performed.
+
+ See also https://github.com/docker-library/postgres/pull/1259
+
+ Counter to that, there appears to be PostgreSQL data in:
+ ${OLD_DATABASES[*]}
+
+ This is usually the result of upgrading the Docker image without upgrading
+ the underlying database using "pg_upgrade" (which requires both versions).
+
+ See https://github.com/docker-library/postgres/issues/37 for a (long)
+ discussion around this process, and suggestions for how to do so.
+ EOE
+ exit 1
+ fi
+}
# usage: docker_process_init_files [file [file [...]]]
# ie: docker_process_init_files /always-initdb.d/*
@@ -230,9 +253,17 @@ docker_setup_env() {
declare -g DATABASE_ALREADY_EXISTS
: "${DATABASE_ALREADY_EXISTS:=}"
+ declare -ag OLD_DATABASES=()
# look specifically for PG_VERSION, as it is expected in the DB dir
if [ -s "$PGDATA/PG_VERSION" ]; then
DATABASE_ALREADY_EXISTS='true'
+ elif [ "$PGDATA" = "/var/lib/postgresql/$PG_MAJOR/docker" ]; then
+ # https://github.com/docker-library/postgres/pull/1259
+ for d in /var/lib/postgresql /var/lib/postgresql/data /var/lib/postgresql/*/docker; do
+ if [ -s "$d/PG_VERSION" ]; then
+ OLD_DATABASES+=( "$d" )
+ fi
+ done
fi
}
@@ -319,6 +350,7 @@ _main() {
# only run initialization on an empty data directory
if [ -z "$DATABASE_ALREADY_EXISTS" ]; then
docker_verify_minimum_env
+ docker_error_old_databases
# check dir permissions to reduce likelihood of half-initialized database
ls /docker-entrypoint-initdb.d/ > /dev/null
diff --git a/13/bookworm/docker-ensure-initdb.sh b/13/bookworm/docker-ensure-initdb.sh
index ae1f6b6b90..e9b15ef77d 100755
--- a/13/bookworm/docker-ensure-initdb.sh
+++ b/13/bookworm/docker-ensure-initdb.sh
@@ -33,6 +33,7 @@ fi
# only run initialization on an empty data directory
if [ -z "$DATABASE_ALREADY_EXISTS" ]; then
docker_verify_minimum_env
+ docker_error_old_databases
# check dir permissions to reduce likelihood of half-initialized database
ls /docker-entrypoint-initdb.d/ > /dev/null
diff --git a/13/bookworm/docker-entrypoint.sh b/13/bookworm/docker-entrypoint.sh
index ae40666ca1..5a62870b50 100755
--- a/13/bookworm/docker-entrypoint.sh
+++ b/13/bookworm/docker-entrypoint.sh
@@ -154,6 +154,29 @@ docker_verify_minimum_env() {
EOWARN
fi
}
+# similar to the above, but errors if there are any "old" databases detected (usually due to upgrades without pg_upgrade)
+docker_error_old_databases() {
+ if [ -n "${OLD_DATABASES[0]:-}" ]; then
+ cat >&2 <<-EOE
+ Error: in 18+, these Docker images are configured to store database data in a
+ format which is compatible with "pg_ctlcluster" (specifically, using
+ major-version-specific directory names). This better reflects how
+ PostgreSQL itself works, and how upgrades are to be performed.
+
+ See also https://github.com/docker-library/postgres/pull/1259
+
+ Counter to that, there appears to be PostgreSQL data in:
+ ${OLD_DATABASES[*]}
+
+ This is usually the result of upgrading the Docker image without upgrading
+ the underlying database using "pg_upgrade" (which requires both versions).
+
+ See https://github.com/docker-library/postgres/issues/37 for a (long)
+ discussion around this process, and suggestions for how to do so.
+ EOE
+ exit 1
+ fi
+}
# usage: docker_process_init_files [file [file [...]]]
# ie: docker_process_init_files /always-initdb.d/*
@@ -230,9 +253,17 @@ docker_setup_env() {
declare -g DATABASE_ALREADY_EXISTS
: "${DATABASE_ALREADY_EXISTS:=}"
+ declare -ag OLD_DATABASES=()
# look specifically for PG_VERSION, as it is expected in the DB dir
if [ -s "$PGDATA/PG_VERSION" ]; then
DATABASE_ALREADY_EXISTS='true'
+ elif [ "$PGDATA" = "/var/lib/postgresql/$PG_MAJOR/docker" ]; then
+ # https://github.com/docker-library/postgres/pull/1259
+ for d in /var/lib/postgresql /var/lib/postgresql/data /var/lib/postgresql/*/docker; do
+ if [ -s "$d/PG_VERSION" ]; then
+ OLD_DATABASES+=( "$d" )
+ fi
+ done
fi
}
@@ -319,6 +350,7 @@ _main() {
# only run initialization on an empty data directory
if [ -z "$DATABASE_ALREADY_EXISTS" ]; then
docker_verify_minimum_env
+ docker_error_old_databases
# check dir permissions to reduce likelihood of half-initialized database
ls /docker-entrypoint-initdb.d/ > /dev/null
diff --git a/13/bullseye/docker-ensure-initdb.sh b/13/bullseye/docker-ensure-initdb.sh
index ae1f6b6b90..e9b15ef77d 100755
--- a/13/bullseye/docker-ensure-initdb.sh
+++ b/13/bullseye/docker-ensure-initdb.sh
@@ -33,6 +33,7 @@ fi
# only run initialization on an empty data directory
if [ -z "$DATABASE_ALREADY_EXISTS" ]; then
docker_verify_minimum_env
+ docker_error_old_databases
# check dir permissions to reduce likelihood of half-initialized database
ls /docker-entrypoint-initdb.d/ > /dev/null
diff --git a/13/bullseye/docker-entrypoint.sh b/13/bullseye/docker-entrypoint.sh
index ae40666ca1..5a62870b50 100755
--- a/13/bullseye/docker-entrypoint.sh
+++ b/13/bullseye/docker-entrypoint.sh
@@ -154,6 +154,29 @@ docker_verify_minimum_env() {
EOWARN
fi
}
+# similar to the above, but errors if there are any "old" databases detected (usually due to upgrades without pg_upgrade)
+docker_error_old_databases() {
+ if [ -n "${OLD_DATABASES[0]:-}" ]; then
+ cat >&2 <<-EOE
+ Error: in 18+, these Docker images are configured to store database data in a
+ format which is compatible with "pg_ctlcluster" (specifically, using
+ major-version-specific directory names). This better reflects how
+ PostgreSQL itself works, and how upgrades are to be performed.
+
+ See also https://github.com/docker-library/postgres/pull/1259
+
+ Counter to that, there appears to be PostgreSQL data in:
+ ${OLD_DATABASES[*]}
+
+ This is usually the result of upgrading the Docker image without upgrading
+ the underlying database using "pg_upgrade" (which requires both versions).
+
+ See https://github.com/docker-library/postgres/issues/37 for a (long)
+ discussion around this process, and suggestions for how to do so.
+ EOE
+ exit 1
+ fi
+}
# usage: docker_process_init_files [file [file [...]]]
# ie: docker_process_init_files /always-initdb.d/*
@@ -230,9 +253,17 @@ docker_setup_env() {
declare -g DATABASE_ALREADY_EXISTS
: "${DATABASE_ALREADY_EXISTS:=}"
+ declare -ag OLD_DATABASES=()
# look specifically for PG_VERSION, as it is expected in the DB dir
if [ -s "$PGDATA/PG_VERSION" ]; then
DATABASE_ALREADY_EXISTS='true'
+ elif [ "$PGDATA" = "/var/lib/postgresql/$PG_MAJOR/docker" ]; then
+ # https://github.com/docker-library/postgres/pull/1259
+ for d in /var/lib/postgresql /var/lib/postgresql/data /var/lib/postgresql/*/docker; do
+ if [ -s "$d/PG_VERSION" ]; then
+ OLD_DATABASES+=( "$d" )
+ fi
+ done
fi
}
@@ -319,6 +350,7 @@ _main() {
# only run initialization on an empty data directory
if [ -z "$DATABASE_ALREADY_EXISTS" ]; then
docker_verify_minimum_env
+ docker_error_old_databases
# check dir permissions to reduce likelihood of half-initialized database
ls /docker-entrypoint-initdb.d/ > /dev/null
diff --git a/14/alpine3.21/docker-ensure-initdb.sh b/14/alpine3.21/docker-ensure-initdb.sh
index ae1f6b6b90..e9b15ef77d 100755
--- a/14/alpine3.21/docker-ensure-initdb.sh
+++ b/14/alpine3.21/docker-ensure-initdb.sh
@@ -33,6 +33,7 @@ fi
# only run initialization on an empty data directory
if [ -z "$DATABASE_ALREADY_EXISTS" ]; then
docker_verify_minimum_env
+ docker_error_old_databases
# check dir permissions to reduce likelihood of half-initialized database
ls /docker-entrypoint-initdb.d/ > /dev/null
diff --git a/14/alpine3.21/docker-entrypoint.sh b/14/alpine3.21/docker-entrypoint.sh
index ae40666ca1..5a62870b50 100755
--- a/14/alpine3.21/docker-entrypoint.sh
+++ b/14/alpine3.21/docker-entrypoint.sh
@@ -154,6 +154,29 @@ docker_verify_minimum_env() {
EOWARN
fi
}
+# similar to the above, but errors if there are any "old" databases detected (usually due to upgrades without pg_upgrade)
+docker_error_old_databases() {
+ if [ -n "${OLD_DATABASES[0]:-}" ]; then
+ cat >&2 <<-EOE
+ Error: in 18+, these Docker images are configured to store database data in a
+ format which is compatible with "pg_ctlcluster" (specifically, using
+ major-version-specific directory names). This better reflects how
+ PostgreSQL itself works, and how upgrades are to be performed.
+
+ See also https://github.com/docker-library/postgres/pull/1259
+
+ Counter to that, there appears to be PostgreSQL data in:
+ ${OLD_DATABASES[*]}
+
+ This is usually the result of upgrading the Docker image without upgrading
+ the underlying database using "pg_upgrade" (which requires both versions).
+
+ See https://github.com/docker-library/postgres/issues/37 for a (long)
+ discussion around this process, and suggestions for how to do so.
+ EOE
+ exit 1
+ fi
+}
# usage: docker_process_init_files [file [file [...]]]
# ie: docker_process_init_files /always-initdb.d/*
@@ -230,9 +253,17 @@ docker_setup_env() {
declare -g DATABASE_ALREADY_EXISTS
: "${DATABASE_ALREADY_EXISTS:=}"
+ declare -ag OLD_DATABASES=()
# look specifically for PG_VERSION, as it is expected in the DB dir
if [ -s "$PGDATA/PG_VERSION" ]; then
DATABASE_ALREADY_EXISTS='true'
+ elif [ "$PGDATA" = "/var/lib/postgresql/$PG_MAJOR/docker" ]; then
+ # https://github.com/docker-library/postgres/pull/1259
+ for d in /var/lib/postgresql /var/lib/postgresql/data /var/lib/postgresql/*/docker; do
+ if [ -s "$d/PG_VERSION" ]; then
+ OLD_DATABASES+=( "$d" )
+ fi
+ done
fi
}
@@ -319,6 +350,7 @@ _main() {
# only run initialization on an empty data directory
if [ -z "$DATABASE_ALREADY_EXISTS" ]; then
docker_verify_minimum_env
+ docker_error_old_databases
# check dir permissions to reduce likelihood of half-initialized database
ls /docker-entrypoint-initdb.d/ > /dev/null
diff --git a/14/alpine3.22/docker-ensure-initdb.sh b/14/alpine3.22/docker-ensure-initdb.sh
index ae1f6b6b90..e9b15ef77d 100755
--- a/14/alpine3.22/docker-ensure-initdb.sh
+++ b/14/alpine3.22/docker-ensure-initdb.sh
@@ -33,6 +33,7 @@ fi
# only run initialization on an empty data directory
if [ -z "$DATABASE_ALREADY_EXISTS" ]; then
docker_verify_minimum_env
+ docker_error_old_databases
# check dir permissions to reduce likelihood of half-initialized database
ls /docker-entrypoint-initdb.d/ > /dev/null
diff --git a/14/alpine3.22/docker-entrypoint.sh b/14/alpine3.22/docker-entrypoint.sh
index ae40666ca1..5a62870b50 100755
--- a/14/alpine3.22/docker-entrypoint.sh
+++ b/14/alpine3.22/docker-entrypoint.sh
@@ -154,6 +154,29 @@ docker_verify_minimum_env() {
EOWARN
fi
}
+# similar to the above, but errors if there are any "old" databases detected (usually due to upgrades without pg_upgrade)
+docker_error_old_databases() {
+ if [ -n "${OLD_DATABASES[0]:-}" ]; then
+ cat >&2 <<-EOE
+ Error: in 18+, these Docker images are configured to store database data in a
+ format which is compatible with "pg_ctlcluster" (specifically, using
+ major-version-specific directory names). This better reflects how
+ PostgreSQL itself works, and how upgrades are to be performed.
+
+ See also https://github.com/docker-library/postgres/pull/1259
+
+ Counter to that, there appears to be PostgreSQL data in:
+ ${OLD_DATABASES[*]}
+
+ This is usually the result of upgrading the Docker image without upgrading
+ the underlying database using "pg_upgrade" (which requires both versions).
+
+ See https://github.com/docker-library/postgres/issues/37 for a (long)
+ discussion around this process, and suggestions for how to do so.
+ EOE
+ exit 1
+ fi
+}
# usage: docker_process_init_files [file [file [...]]]
# ie: docker_process_init_files /always-initdb.d/*
@@ -230,9 +253,17 @@ docker_setup_env() {
declare -g DATABASE_ALREADY_EXISTS
: "${DATABASE_ALREADY_EXISTS:=}"
+ declare -ag OLD_DATABASES=()
# look specifically for PG_VERSION, as it is expected in the DB dir
if [ -s "$PGDATA/PG_VERSION" ]; then
DATABASE_ALREADY_EXISTS='true'
+ elif [ "$PGDATA" = "/var/lib/postgresql/$PG_MAJOR/docker" ]; then
+ # https://github.com/docker-library/postgres/pull/1259
+ for d in /var/lib/postgresql /var/lib/postgresql/data /var/lib/postgresql/*/docker; do
+ if [ -s "$d/PG_VERSION" ]; then
+ OLD_DATABASES+=( "$d" )
+ fi
+ done
fi
}
@@ -319,6 +350,7 @@ _main() {
# only run initialization on an empty data directory
if [ -z "$DATABASE_ALREADY_EXISTS" ]; then
docker_verify_minimum_env
+ docker_error_old_databases
# check dir permissions to reduce likelihood of half-initialized database
ls /docker-entrypoint-initdb.d/ > /dev/null
diff --git a/14/bookworm/docker-ensure-initdb.sh b/14/bookworm/docker-ensure-initdb.sh
index ae1f6b6b90..e9b15ef77d 100755
--- a/14/bookworm/docker-ensure-initdb.sh
+++ b/14/bookworm/docker-ensure-initdb.sh
@@ -33,6 +33,7 @@ fi
# only run initialization on an empty data directory
if [ -z "$DATABASE_ALREADY_EXISTS" ]; then
docker_verify_minimum_env
+ docker_error_old_databases
# check dir permissions to reduce likelihood of half-initialized database
ls /docker-entrypoint-initdb.d/ > /dev/null
diff --git a/14/bookworm/docker-entrypoint.sh b/14/bookworm/docker-entrypoint.sh
index ae40666ca1..5a62870b50 100755
--- a/14/bookworm/docker-entrypoint.sh
+++ b/14/bookworm/docker-entrypoint.sh
@@ -154,6 +154,29 @@ docker_verify_minimum_env() {
EOWARN
fi
}
+# similar to the above, but errors if there are any "old" databases detected (usually due to upgrades without pg_upgrade)
+docker_error_old_databases() {
+ if [ -n "${OLD_DATABASES[0]:-}" ]; then
+ cat >&2 <<-EOE
+ Error: in 18+, these Docker images are configured to store database data in a
+ format which is compatible with "pg_ctlcluster" (specifically, using
+ major-version-specific directory names). This better reflects how
+ PostgreSQL itself works, and how upgrades are to be performed.
+
+ See also https://github.com/docker-library/postgres/pull/1259
+
+ Counter to that, there appears to be PostgreSQL data in:
+ ${OLD_DATABASES[*]}
+
+ This is usually the result of upgrading the Docker image without upgrading
+ the underlying database using "pg_upgrade" (which requires both versions).
+
+ See https://github.com/docker-library/postgres/issues/37 for a (long)
+ discussion around this process, and suggestions for how to do so.
+ EOE
+ exit 1
+ fi
+}
# usage: docker_process_init_files [file [file [...]]]
# ie: docker_process_init_files /always-initdb.d/*
@@ -230,9 +253,17 @@ docker_setup_env() {
declare -g DATABASE_ALREADY_EXISTS
: "${DATABASE_ALREADY_EXISTS:=}"
+ declare -ag OLD_DATABASES=()
# look specifically for PG_VERSION, as it is expected in the DB dir
if [ -s "$PGDATA/PG_VERSION" ]; then
DATABASE_ALREADY_EXISTS='true'
+ elif [ "$PGDATA" = "/var/lib/postgresql/$PG_MAJOR/docker" ]; then
+ # https://github.com/docker-library/postgres/pull/1259
+ for d in /var/lib/postgresql /var/lib/postgresql/data /var/lib/postgresql/*/docker; do
+ if [ -s "$d/PG_VERSION" ]; then
+ OLD_DATABASES+=( "$d" )
+ fi
+ done
fi
}
@@ -319,6 +350,7 @@ _main() {
# only run initialization on an empty data directory
if [ -z "$DATABASE_ALREADY_EXISTS" ]; then
docker_verify_minimum_env
+ docker_error_old_databases
# check dir permissions to reduce likelihood of half-initialized database
ls /docker-entrypoint-initdb.d/ > /dev/null
diff --git a/14/bullseye/docker-ensure-initdb.sh b/14/bullseye/docker-ensure-initdb.sh
index ae1f6b6b90..e9b15ef77d 100755
--- a/14/bullseye/docker-ensure-initdb.sh
+++ b/14/bullseye/docker-ensure-initdb.sh
@@ -33,6 +33,7 @@ fi
# only run initialization on an empty data directory
if [ -z "$DATABASE_ALREADY_EXISTS" ]; then
docker_verify_minimum_env
+ docker_error_old_databases
# check dir permissions to reduce likelihood of half-initialized database
ls /docker-entrypoint-initdb.d/ > /dev/null
diff --git a/14/bullseye/docker-entrypoint.sh b/14/bullseye/docker-entrypoint.sh
index ae40666ca1..5a62870b50 100755
--- a/14/bullseye/docker-entrypoint.sh
+++ b/14/bullseye/docker-entrypoint.sh
@@ -154,6 +154,29 @@ docker_verify_minimum_env() {
EOWARN
fi
}
+# similar to the above, but errors if there are any "old" databases detected (usually due to upgrades without pg_upgrade)
+docker_error_old_databases() {
+ if [ -n "${OLD_DATABASES[0]:-}" ]; then
+ cat >&2 <<-EOE
+ Error: in 18+, these Docker images are configured to store database data in a
+ format which is compatible with "pg_ctlcluster" (specifically, using
+ major-version-specific directory names). This better reflects how
+ PostgreSQL itself works, and how upgrades are to be performed.
+
+ See also https://github.com/docker-library/postgres/pull/1259
+
+ Counter to that, there appears to be PostgreSQL data in:
+ ${OLD_DATABASES[*]}
+
+ This is usually the result of upgrading the Docker image without upgrading
+ the underlying database using "pg_upgrade" (which requires both versions).
+
+ See https://github.com/docker-library/postgres/issues/37 for a (long)
+ discussion around this process, and suggestions for how to do so.
+ EOE
+ exit 1
+ fi
+}
# usage: docker_process_init_files [file [file [...]]]
# ie: docker_process_init_files /always-initdb.d/*
@@ -230,9 +253,17 @@ docker_setup_env() {
declare -g DATABASE_ALREADY_EXISTS
: "${DATABASE_ALREADY_EXISTS:=}"
+ declare -ag OLD_DATABASES=()
# look specifically for PG_VERSION, as it is expected in the DB dir
if [ -s "$PGDATA/PG_VERSION" ]; then
DATABASE_ALREADY_EXISTS='true'
+ elif [ "$PGDATA" = "/var/lib/postgresql/$PG_MAJOR/docker" ]; then
+ # https://github.com/docker-library/postgres/pull/1259
+ for d in /var/lib/postgresql /var/lib/postgresql/data /var/lib/postgresql/*/docker; do
+ if [ -s "$d/PG_VERSION" ]; then
+ OLD_DATABASES+=( "$d" )
+ fi
+ done
fi
}
@@ -319,6 +350,7 @@ _main() {
# only run initialization on an empty data directory
if [ -z "$DATABASE_ALREADY_EXISTS" ]; then
docker_verify_minimum_env
+ docker_error_old_databases
# check dir permissions to reduce likelihood of half-initialized database
ls /docker-entrypoint-initdb.d/ > /dev/null
diff --git a/15/alpine3.21/docker-ensure-initdb.sh b/15/alpine3.21/docker-ensure-initdb.sh
index ae1f6b6b90..e9b15ef77d 100755
--- a/15/alpine3.21/docker-ensure-initdb.sh
+++ b/15/alpine3.21/docker-ensure-initdb.sh
@@ -33,6 +33,7 @@ fi
# only run initialization on an empty data directory
if [ -z "$DATABASE_ALREADY_EXISTS" ]; then
docker_verify_minimum_env
+ docker_error_old_databases
# check dir permissions to reduce likelihood of half-initialized database
ls /docker-entrypoint-initdb.d/ > /dev/null
diff --git a/15/alpine3.21/docker-entrypoint.sh b/15/alpine3.21/docker-entrypoint.sh
index ae40666ca1..5a62870b50 100755
--- a/15/alpine3.21/docker-entrypoint.sh
+++ b/15/alpine3.21/docker-entrypoint.sh
@@ -154,6 +154,29 @@ docker_verify_minimum_env() {
EOWARN
fi
}
+# similar to the above, but errors if there are any "old" databases detected (usually due to upgrades without pg_upgrade)
+docker_error_old_databases() {
+ if [ -n "${OLD_DATABASES[0]:-}" ]; then
+ cat >&2 <<-EOE
+ Error: in 18+, these Docker images are configured to store database data in a
+ format which is compatible with "pg_ctlcluster" (specifically, using
+ major-version-specific directory names). This better reflects how
+ PostgreSQL itself works, and how upgrades are to be performed.
+
+ See also https://github.com/docker-library/postgres/pull/1259
+
+ Counter to that, there appears to be PostgreSQL data in:
+ ${OLD_DATABASES[*]}
+
+ This is usually the result of upgrading the Docker image without upgrading
+ the underlying database using "pg_upgrade" (which requires both versions).
+
+ See https://github.com/docker-library/postgres/issues/37 for a (long)
+ discussion around this process, and suggestions for how to do so.
+ EOE
+ exit 1
+ fi
+}
# usage: docker_process_init_files [file [file [...]]]
# ie: docker_process_init_files /always-initdb.d/*
@@ -230,9 +253,17 @@ docker_setup_env() {
declare -g DATABASE_ALREADY_EXISTS
: "${DATABASE_ALREADY_EXISTS:=}"
+ declare -ag OLD_DATABASES=()
# look specifically for PG_VERSION, as it is expected in the DB dir
if [ -s "$PGDATA/PG_VERSION" ]; then
DATABASE_ALREADY_EXISTS='true'
+ elif [ "$PGDATA" = "/var/lib/postgresql/$PG_MAJOR/docker" ]; then
+ # https://github.com/docker-library/postgres/pull/1259
+ for d in /var/lib/postgresql /var/lib/postgresql/data /var/lib/postgresql/*/docker; do
+ if [ -s "$d/PG_VERSION" ]; then
+ OLD_DATABASES+=( "$d" )
+ fi
+ done
fi
}
@@ -319,6 +350,7 @@ _main() {
# only run initialization on an empty data directory
if [ -z "$DATABASE_ALREADY_EXISTS" ]; then
docker_verify_minimum_env
+ docker_error_old_databases
# check dir permissions to reduce likelihood of half-initialized database
ls /docker-entrypoint-initdb.d/ > /dev/null
diff --git a/15/alpine3.22/docker-ensure-initdb.sh b/15/alpine3.22/docker-ensure-initdb.sh
index ae1f6b6b90..e9b15ef77d 100755
--- a/15/alpine3.22/docker-ensure-initdb.sh
+++ b/15/alpine3.22/docker-ensure-initdb.sh
@@ -33,6 +33,7 @@ fi
# only run initialization on an empty data directory
if [ -z "$DATABASE_ALREADY_EXISTS" ]; then
docker_verify_minimum_env
+ docker_error_old_databases
# check dir permissions to reduce likelihood of half-initialized database
ls /docker-entrypoint-initdb.d/ > /dev/null
diff --git a/15/alpine3.22/docker-entrypoint.sh b/15/alpine3.22/docker-entrypoint.sh
index ae40666ca1..5a62870b50 100755
--- a/15/alpine3.22/docker-entrypoint.sh
+++ b/15/alpine3.22/docker-entrypoint.sh
@@ -154,6 +154,29 @@ docker_verify_minimum_env() {
EOWARN
fi
}
+# similar to the above, but errors if there are any "old" databases detected (usually due to upgrades without pg_upgrade)
+docker_error_old_databases() {
+ if [ -n "${OLD_DATABASES[0]:-}" ]; then
+ cat >&2 <<-EOE
+ Error: in 18+, these Docker images are configured to store database data in a
+ format which is compatible with "pg_ctlcluster" (specifically, using
+ major-version-specific directory names). This better reflects how
+ PostgreSQL itself works, and how upgrades are to be performed.
+
+ See also https://github.com/docker-library/postgres/pull/1259
+
+ Counter to that, there appears to be PostgreSQL data in:
+ ${OLD_DATABASES[*]}
+
+ This is usually the result of upgrading the Docker image without upgrading
+ the underlying database using "pg_upgrade" (which requires both versions).
+
+ See https://github.com/docker-library/postgres/issues/37 for a (long)
+ discussion around this process, and suggestions for how to do so.
+ EOE
+ exit 1
+ fi
+}
# usage: docker_process_init_files [file [file [...]]]
# ie: docker_process_init_files /always-initdb.d/*
@@ -230,9 +253,17 @@ docker_setup_env() {
declare -g DATABASE_ALREADY_EXISTS
: "${DATABASE_ALREADY_EXISTS:=}"
+ declare -ag OLD_DATABASES=()
# look specifically for PG_VERSION, as it is expected in the DB dir
if [ -s "$PGDATA/PG_VERSION" ]; then
DATABASE_ALREADY_EXISTS='true'
+ elif [ "$PGDATA" = "/var/lib/postgresql/$PG_MAJOR/docker" ]; then
+ # https://github.com/docker-library/postgres/pull/1259
+ for d in /var/lib/postgresql /var/lib/postgresql/data /var/lib/postgresql/*/docker; do
+ if [ -s "$d/PG_VERSION" ]; then
+ OLD_DATABASES+=( "$d" )
+ fi
+ done
fi
}
@@ -319,6 +350,7 @@ _main() {
# only run initialization on an empty data directory
if [ -z "$DATABASE_ALREADY_EXISTS" ]; then
docker_verify_minimum_env
+ docker_error_old_databases
# check dir permissions to reduce likelihood of half-initialized database
ls /docker-entrypoint-initdb.d/ > /dev/null
diff --git a/15/bookworm/docker-ensure-initdb.sh b/15/bookworm/docker-ensure-initdb.sh
index ae1f6b6b90..e9b15ef77d 100755
--- a/15/bookworm/docker-ensure-initdb.sh
+++ b/15/bookworm/docker-ensure-initdb.sh
@@ -33,6 +33,7 @@ fi
# only run initialization on an empty data directory
if [ -z "$DATABASE_ALREADY_EXISTS" ]; then
docker_verify_minimum_env
+ docker_error_old_databases
# check dir permissions to reduce likelihood of half-initialized database
ls /docker-entrypoint-initdb.d/ > /dev/null
diff --git a/15/bookworm/docker-entrypoint.sh b/15/bookworm/docker-entrypoint.sh
index ae40666ca1..5a62870b50 100755
--- a/15/bookworm/docker-entrypoint.sh
+++ b/15/bookworm/docker-entrypoint.sh
@@ -154,6 +154,29 @@ docker_verify_minimum_env() {
EOWARN
fi
}
+# similar to the above, but errors if there are any "old" databases detected (usually due to upgrades without pg_upgrade)
+docker_error_old_databases() {
+ if [ -n "${OLD_DATABASES[0]:-}" ]; then
+ cat >&2 <<-EOE
+ Error: in 18+, these Docker images are configured to store database data in a
+ format which is compatible with "pg_ctlcluster" (specifically, using
+ major-version-specific directory names). This better reflects how
+ PostgreSQL itself works, and how upgrades are to be performed.
+
+ See also https://github.com/docker-library/postgres/pull/1259
+
+ Counter to that, there appears to be PostgreSQL data in:
+ ${OLD_DATABASES[*]}
+
+ This is usually the result of upgrading the Docker image without upgrading
+ the underlying database using "pg_upgrade" (which requires both versions).
+
+ See https://github.com/docker-library/postgres/issues/37 for a (long)
+ discussion around this process, and suggestions for how to do so.
+ EOE
+ exit 1
+ fi
+}
# usage: docker_process_init_files [file [file [...]]]
# ie: docker_process_init_files /always-initdb.d/*
@@ -230,9 +253,17 @@ docker_setup_env() {
declare -g DATABASE_ALREADY_EXISTS
: "${DATABASE_ALREADY_EXISTS:=}"
+ declare -ag OLD_DATABASES=()
# look specifically for PG_VERSION, as it is expected in the DB dir
if [ -s "$PGDATA/PG_VERSION" ]; then
DATABASE_ALREADY_EXISTS='true'
+ elif [ "$PGDATA" = "/var/lib/postgresql/$PG_MAJOR/docker" ]; then
+ # https://github.com/docker-library/postgres/pull/1259
+ for d in /var/lib/postgresql /var/lib/postgresql/data /var/lib/postgresql/*/docker; do
+ if [ -s "$d/PG_VERSION" ]; then
+ OLD_DATABASES+=( "$d" )
+ fi
+ done
fi
}
@@ -319,6 +350,7 @@ _main() {
# only run initialization on an empty data directory
if [ -z "$DATABASE_ALREADY_EXISTS" ]; then
docker_verify_minimum_env
+ docker_error_old_databases
# check dir permissions to reduce likelihood of half-initialized database
ls /docker-entrypoint-initdb.d/ > /dev/null
diff --git a/15/bullseye/docker-ensure-initdb.sh b/15/bullseye/docker-ensure-initdb.sh
index ae1f6b6b90..e9b15ef77d 100755
--- a/15/bullseye/docker-ensure-initdb.sh
+++ b/15/bullseye/docker-ensure-initdb.sh
@@ -33,6 +33,7 @@ fi
# only run initialization on an empty data directory
if [ -z "$DATABASE_ALREADY_EXISTS" ]; then
docker_verify_minimum_env
+ docker_error_old_databases
# check dir permissions to reduce likelihood of half-initialized database
ls /docker-entrypoint-initdb.d/ > /dev/null
diff --git a/15/bullseye/docker-entrypoint.sh b/15/bullseye/docker-entrypoint.sh
index ae40666ca1..5a62870b50 100755
--- a/15/bullseye/docker-entrypoint.sh
+++ b/15/bullseye/docker-entrypoint.sh
@@ -154,6 +154,29 @@ docker_verify_minimum_env() {
EOWARN
fi
}
+# similar to the above, but errors if there are any "old" databases detected (usually due to upgrades without pg_upgrade)
+docker_error_old_databases() {
+ if [ -n "${OLD_DATABASES[0]:-}" ]; then
+ cat >&2 <<-EOE
+ Error: in 18+, these Docker images are configured to store database data in a
+ format which is compatible with "pg_ctlcluster" (specifically, using
+ major-version-specific directory names). This better reflects how
+ PostgreSQL itself works, and how upgrades are to be performed.
+
+ See also https://github.com/docker-library/postgres/pull/1259
+
+ Counter to that, there appears to be PostgreSQL data in:
+ ${OLD_DATABASES[*]}
+
+ This is usually the result of upgrading the Docker image without upgrading
+ the underlying database using "pg_upgrade" (which requires both versions).
+
+ See https://github.com/docker-library/postgres/issues/37 for a (long)
+ discussion around this process, and suggestions for how to do so.
+ EOE
+ exit 1
+ fi
+}
# usage: docker_process_init_files [file [file [...]]]
# ie: docker_process_init_files /always-initdb.d/*
@@ -230,9 +253,17 @@ docker_setup_env() {
declare -g DATABASE_ALREADY_EXISTS
: "${DATABASE_ALREADY_EXISTS:=}"
+ declare -ag OLD_DATABASES=()
# look specifically for PG_VERSION, as it is expected in the DB dir
if [ -s "$PGDATA/PG_VERSION" ]; then
DATABASE_ALREADY_EXISTS='true'
+ elif [ "$PGDATA" = "/var/lib/postgresql/$PG_MAJOR/docker" ]; then
+ # https://github.com/docker-library/postgres/pull/1259
+ for d in /var/lib/postgresql /var/lib/postgresql/data /var/lib/postgresql/*/docker; do
+ if [ -s "$d/PG_VERSION" ]; then
+ OLD_DATABASES+=( "$d" )
+ fi
+ done
fi
}
@@ -319,6 +350,7 @@ _main() {
# only run initialization on an empty data directory
if [ -z "$DATABASE_ALREADY_EXISTS" ]; then
docker_verify_minimum_env
+ docker_error_old_databases
# check dir permissions to reduce likelihood of half-initialized database
ls /docker-entrypoint-initdb.d/ > /dev/null
diff --git a/16/alpine3.21/docker-ensure-initdb.sh b/16/alpine3.21/docker-ensure-initdb.sh
index ae1f6b6b90..e9b15ef77d 100755
--- a/16/alpine3.21/docker-ensure-initdb.sh
+++ b/16/alpine3.21/docker-ensure-initdb.sh
@@ -33,6 +33,7 @@ fi
# only run initialization on an empty data directory
if [ -z "$DATABASE_ALREADY_EXISTS" ]; then
docker_verify_minimum_env
+ docker_error_old_databases
# check dir permissions to reduce likelihood of half-initialized database
ls /docker-entrypoint-initdb.d/ > /dev/null
diff --git a/16/alpine3.21/docker-entrypoint.sh b/16/alpine3.21/docker-entrypoint.sh
index ae40666ca1..5a62870b50 100755
--- a/16/alpine3.21/docker-entrypoint.sh
+++ b/16/alpine3.21/docker-entrypoint.sh
@@ -154,6 +154,29 @@ docker_verify_minimum_env() {
EOWARN
fi
}
+# similar to the above, but errors if there are any "old" databases detected (usually due to upgrades without pg_upgrade)
+docker_error_old_databases() {
+ if [ -n "${OLD_DATABASES[0]:-}" ]; then
+ cat >&2 <<-EOE
+ Error: in 18+, these Docker images are configured to store database data in a
+ format which is compatible with "pg_ctlcluster" (specifically, using
+ major-version-specific directory names). This better reflects how
+ PostgreSQL itself works, and how upgrades are to be performed.
+
+ See also https://github.com/docker-library/postgres/pull/1259
+
+ Counter to that, there appears to be PostgreSQL data in:
+ ${OLD_DATABASES[*]}
+
+ This is usually the result of upgrading the Docker image without upgrading
+ the underlying database using "pg_upgrade" (which requires both versions).
+
+ See https://github.com/docker-library/postgres/issues/37 for a (long)
+ discussion around this process, and suggestions for how to do so.
+ EOE
+ exit 1
+ fi
+}
# usage: docker_process_init_files [file [file [...]]]
# ie: docker_process_init_files /always-initdb.d/*
@@ -230,9 +253,17 @@ docker_setup_env() {
declare -g DATABASE_ALREADY_EXISTS
: "${DATABASE_ALREADY_EXISTS:=}"
+ declare -ag OLD_DATABASES=()
# look specifically for PG_VERSION, as it is expected in the DB dir
if [ -s "$PGDATA/PG_VERSION" ]; then
DATABASE_ALREADY_EXISTS='true'
+ elif [ "$PGDATA" = "/var/lib/postgresql/$PG_MAJOR/docker" ]; then
+ # https://github.com/docker-library/postgres/pull/1259
+ for d in /var/lib/postgresql /var/lib/postgresql/data /var/lib/postgresql/*/docker; do
+ if [ -s "$d/PG_VERSION" ]; then
+ OLD_DATABASES+=( "$d" )
+ fi
+ done
fi
}
@@ -319,6 +350,7 @@ _main() {
# only run initialization on an empty data directory
if [ -z "$DATABASE_ALREADY_EXISTS" ]; then
docker_verify_minimum_env
+ docker_error_old_databases
# check dir permissions to reduce likelihood of half-initialized database
ls /docker-entrypoint-initdb.d/ > /dev/null
diff --git a/16/alpine3.22/docker-ensure-initdb.sh b/16/alpine3.22/docker-ensure-initdb.sh
index ae1f6b6b90..e9b15ef77d 100755
--- a/16/alpine3.22/docker-ensure-initdb.sh
+++ b/16/alpine3.22/docker-ensure-initdb.sh
@@ -33,6 +33,7 @@ fi
# only run initialization on an empty data directory
if [ -z "$DATABASE_ALREADY_EXISTS" ]; then
docker_verify_minimum_env
+ docker_error_old_databases
# check dir permissions to reduce likelihood of half-initialized database
ls /docker-entrypoint-initdb.d/ > /dev/null
diff --git a/16/alpine3.22/docker-entrypoint.sh b/16/alpine3.22/docker-entrypoint.sh
index ae40666ca1..5a62870b50 100755
--- a/16/alpine3.22/docker-entrypoint.sh
+++ b/16/alpine3.22/docker-entrypoint.sh
@@ -154,6 +154,29 @@ docker_verify_minimum_env() {
EOWARN
fi
}
+# similar to the above, but errors if there are any "old" databases detected (usually due to upgrades without pg_upgrade)
+docker_error_old_databases() {
+ if [ -n "${OLD_DATABASES[0]:-}" ]; then
+ cat >&2 <<-EOE
+ Error: in 18+, these Docker images are configured to store database data in a
+ format which is compatible with "pg_ctlcluster" (specifically, using
+ major-version-specific directory names). This better reflects how
+ PostgreSQL itself works, and how upgrades are to be performed.
+
+ See also https://github.com/docker-library/postgres/pull/1259
+
+ Counter to that, there appears to be PostgreSQL data in:
+ ${OLD_DATABASES[*]}
+
+ This is usually the result of upgrading the Docker image without upgrading
+ the underlying database using "pg_upgrade" (which requires both versions).
+
+ See https://github.com/docker-library/postgres/issues/37 for a (long)
+ discussion around this process, and suggestions for how to do so.
+ EOE
+ exit 1
+ fi
+}
# usage: docker_process_init_files [file [file [...]]]
# ie: docker_process_init_files /always-initdb.d/*
@@ -230,9 +253,17 @@ docker_setup_env() {
declare -g DATABASE_ALREADY_EXISTS
: "${DATABASE_ALREADY_EXISTS:=}"
+ declare -ag OLD_DATABASES=()
# look specifically for PG_VERSION, as it is expected in the DB dir
if [ -s "$PGDATA/PG_VERSION" ]; then
DATABASE_ALREADY_EXISTS='true'
+ elif [ "$PGDATA" = "/var/lib/postgresql/$PG_MAJOR/docker" ]; then
+ # https://github.com/docker-library/postgres/pull/1259
+ for d in /var/lib/postgresql /var/lib/postgresql/data /var/lib/postgresql/*/docker; do
+ if [ -s "$d/PG_VERSION" ]; then
+ OLD_DATABASES+=( "$d" )
+ fi
+ done
fi
}
@@ -319,6 +350,7 @@ _main() {
# only run initialization on an empty data directory
if [ -z "$DATABASE_ALREADY_EXISTS" ]; then
docker_verify_minimum_env
+ docker_error_old_databases
# check dir permissions to reduce likelihood of half-initialized database
ls /docker-entrypoint-initdb.d/ > /dev/null
diff --git a/16/bookworm/docker-ensure-initdb.sh b/16/bookworm/docker-ensure-initdb.sh
index ae1f6b6b90..e9b15ef77d 100755
--- a/16/bookworm/docker-ensure-initdb.sh
+++ b/16/bookworm/docker-ensure-initdb.sh
@@ -33,6 +33,7 @@ fi
# only run initialization on an empty data directory
if [ -z "$DATABASE_ALREADY_EXISTS" ]; then
docker_verify_minimum_env
+ docker_error_old_databases
# check dir permissions to reduce likelihood of half-initialized database
ls /docker-entrypoint-initdb.d/ > /dev/null
diff --git a/16/bookworm/docker-entrypoint.sh b/16/bookworm/docker-entrypoint.sh
index ae40666ca1..5a62870b50 100755
--- a/16/bookworm/docker-entrypoint.sh
+++ b/16/bookworm/docker-entrypoint.sh
@@ -154,6 +154,29 @@ docker_verify_minimum_env() {
EOWARN
fi
}
+# similar to the above, but errors if there are any "old" databases detected (usually due to upgrades without pg_upgrade)
+docker_error_old_databases() {
+ if [ -n "${OLD_DATABASES[0]:-}" ]; then
+ cat >&2 <<-EOE
+ Error: in 18+, these Docker images are configured to store database data in a
+ format which is compatible with "pg_ctlcluster" (specifically, using
+ major-version-specific directory names). This better reflects how
+ PostgreSQL itself works, and how upgrades are to be performed.
+
+ See also https://github.com/docker-library/postgres/pull/1259
+
+ Counter to that, there appears to be PostgreSQL data in:
+ ${OLD_DATABASES[*]}
+
+ This is usually the result of upgrading the Docker image without upgrading
+ the underlying database using "pg_upgrade" (which requires both versions).
+
+ See https://github.com/docker-library/postgres/issues/37 for a (long)
+ discussion around this process, and suggestions for how to do so.
+ EOE
+ exit 1
+ fi
+}
# usage: docker_process_init_files [file [file [...]]]
# ie: docker_process_init_files /always-initdb.d/*
@@ -230,9 +253,17 @@ docker_setup_env() {
declare -g DATABASE_ALREADY_EXISTS
: "${DATABASE_ALREADY_EXISTS:=}"
+ declare -ag OLD_DATABASES=()
# look specifically for PG_VERSION, as it is expected in the DB dir
if [ -s "$PGDATA/PG_VERSION" ]; then
DATABASE_ALREADY_EXISTS='true'
+ elif [ "$PGDATA" = "/var/lib/postgresql/$PG_MAJOR/docker" ]; then
+ # https://github.com/docker-library/postgres/pull/1259
+ for d in /var/lib/postgresql /var/lib/postgresql/data /var/lib/postgresql/*/docker; do
+ if [ -s "$d/PG_VERSION" ]; then
+ OLD_DATABASES+=( "$d" )
+ fi
+ done
fi
}
@@ -319,6 +350,7 @@ _main() {
# only run initialization on an empty data directory
if [ -z "$DATABASE_ALREADY_EXISTS" ]; then
docker_verify_minimum_env
+ docker_error_old_databases
# check dir permissions to reduce likelihood of half-initialized database
ls /docker-entrypoint-initdb.d/ > /dev/null
diff --git a/16/bullseye/docker-ensure-initdb.sh b/16/bullseye/docker-ensure-initdb.sh
index ae1f6b6b90..e9b15ef77d 100755
--- a/16/bullseye/docker-ensure-initdb.sh
+++ b/16/bullseye/docker-ensure-initdb.sh
@@ -33,6 +33,7 @@ fi
# only run initialization on an empty data directory
if [ -z "$DATABASE_ALREADY_EXISTS" ]; then
docker_verify_minimum_env
+ docker_error_old_databases
# check dir permissions to reduce likelihood of half-initialized database
ls /docker-entrypoint-initdb.d/ > /dev/null
diff --git a/16/bullseye/docker-entrypoint.sh b/16/bullseye/docker-entrypoint.sh
index ae40666ca1..5a62870b50 100755
--- a/16/bullseye/docker-entrypoint.sh
+++ b/16/bullseye/docker-entrypoint.sh
@@ -154,6 +154,29 @@ docker_verify_minimum_env() {
EOWARN
fi
}
+# similar to the above, but errors if there are any "old" databases detected (usually due to upgrades without pg_upgrade)
+docker_error_old_databases() {
+ if [ -n "${OLD_DATABASES[0]:-}" ]; then
+ cat >&2 <<-EOE
+ Error: in 18+, these Docker images are configured to store database data in a
+ format which is compatible with "pg_ctlcluster" (specifically, using
+ major-version-specific directory names). This better reflects how
+ PostgreSQL itself works, and how upgrades are to be performed.
+
+ See also https://github.com/docker-library/postgres/pull/1259
+
+ Counter to that, there appears to be PostgreSQL data in:
+ ${OLD_DATABASES[*]}
+
+ This is usually the result of upgrading the Docker image without upgrading
+ the underlying database using "pg_upgrade" (which requires both versions).
+
+ See https://github.com/docker-library/postgres/issues/37 for a (long)
+ discussion around this process, and suggestions for how to do so.
+ EOE
+ exit 1
+ fi
+}
# usage: docker_process_init_files [file [file [...]]]
# ie: docker_process_init_files /always-initdb.d/*
@@ -230,9 +253,17 @@ docker_setup_env() {
declare -g DATABASE_ALREADY_EXISTS
: "${DATABASE_ALREADY_EXISTS:=}"
+ declare -ag OLD_DATABASES=()
# look specifically for PG_VERSION, as it is expected in the DB dir
if [ -s "$PGDATA/PG_VERSION" ]; then
DATABASE_ALREADY_EXISTS='true'
+ elif [ "$PGDATA" = "/var/lib/postgresql/$PG_MAJOR/docker" ]; then
+ # https://github.com/docker-library/postgres/pull/1259
+ for d in /var/lib/postgresql /var/lib/postgresql/data /var/lib/postgresql/*/docker; do
+ if [ -s "$d/PG_VERSION" ]; then
+ OLD_DATABASES+=( "$d" )
+ fi
+ done
fi
}
@@ -319,6 +350,7 @@ _main() {
# only run initialization on an empty data directory
if [ -z "$DATABASE_ALREADY_EXISTS" ]; then
docker_verify_minimum_env
+ docker_error_old_databases
# check dir permissions to reduce likelihood of half-initialized database
ls /docker-entrypoint-initdb.d/ > /dev/null
diff --git a/17/alpine3.21/docker-ensure-initdb.sh b/17/alpine3.21/docker-ensure-initdb.sh
index ae1f6b6b90..e9b15ef77d 100755
--- a/17/alpine3.21/docker-ensure-initdb.sh
+++ b/17/alpine3.21/docker-ensure-initdb.sh
@@ -33,6 +33,7 @@ fi
# only run initialization on an empty data directory
if [ -z "$DATABASE_ALREADY_EXISTS" ]; then
docker_verify_minimum_env
+ docker_error_old_databases
# check dir permissions to reduce likelihood of half-initialized database
ls /docker-entrypoint-initdb.d/ > /dev/null
diff --git a/17/alpine3.21/docker-entrypoint.sh b/17/alpine3.21/docker-entrypoint.sh
index ae40666ca1..5a62870b50 100755
--- a/17/alpine3.21/docker-entrypoint.sh
+++ b/17/alpine3.21/docker-entrypoint.sh
@@ -154,6 +154,29 @@ docker_verify_minimum_env() {
EOWARN
fi
}
+# similar to the above, but errors if there are any "old" databases detected (usually due to upgrades without pg_upgrade)
+docker_error_old_databases() {
+ if [ -n "${OLD_DATABASES[0]:-}" ]; then
+ cat >&2 <<-EOE
+ Error: in 18+, these Docker images are configured to store database data in a
+ format which is compatible with "pg_ctlcluster" (specifically, using
+ major-version-specific directory names). This better reflects how
+ PostgreSQL itself works, and how upgrades are to be performed.
+
+ See also https://github.com/docker-library/postgres/pull/1259
+
+ Counter to that, there appears to be PostgreSQL data in:
+ ${OLD_DATABASES[*]}
+
+ This is usually the result of upgrading the Docker image without upgrading
+ the underlying database using "pg_upgrade" (which requires both versions).
+
+ See https://github.com/docker-library/postgres/issues/37 for a (long)
+ discussion around this process, and suggestions for how to do so.
+ EOE
+ exit 1
+ fi
+}
# usage: docker_process_init_files [file [file [...]]]
# ie: docker_process_init_files /always-initdb.d/*
@@ -230,9 +253,17 @@ docker_setup_env() {
declare -g DATABASE_ALREADY_EXISTS
: "${DATABASE_ALREADY_EXISTS:=}"
+ declare -ag OLD_DATABASES=()
# look specifically for PG_VERSION, as it is expected in the DB dir
if [ -s "$PGDATA/PG_VERSION" ]; then
DATABASE_ALREADY_EXISTS='true'
+ elif [ "$PGDATA" = "/var/lib/postgresql/$PG_MAJOR/docker" ]; then
+ # https://github.com/docker-library/postgres/pull/1259
+ for d in /var/lib/postgresql /var/lib/postgresql/data /var/lib/postgresql/*/docker; do
+ if [ -s "$d/PG_VERSION" ]; then
+ OLD_DATABASES+=( "$d" )
+ fi
+ done
fi
}
@@ -319,6 +350,7 @@ _main() {
# only run initialization on an empty data directory
if [ -z "$DATABASE_ALREADY_EXISTS" ]; then
docker_verify_minimum_env
+ docker_error_old_databases
# check dir permissions to reduce likelihood of half-initialized database
ls /docker-entrypoint-initdb.d/ > /dev/null
diff --git a/17/alpine3.22/docker-ensure-initdb.sh b/17/alpine3.22/docker-ensure-initdb.sh
index ae1f6b6b90..e9b15ef77d 100755
--- a/17/alpine3.22/docker-ensure-initdb.sh
+++ b/17/alpine3.22/docker-ensure-initdb.sh
@@ -33,6 +33,7 @@ fi
# only run initialization on an empty data directory
if [ -z "$DATABASE_ALREADY_EXISTS" ]; then
docker_verify_minimum_env
+ docker_error_old_databases
# check dir permissions to reduce likelihood of half-initialized database
ls /docker-entrypoint-initdb.d/ > /dev/null
diff --git a/17/alpine3.22/docker-entrypoint.sh b/17/alpine3.22/docker-entrypoint.sh
index ae40666ca1..5a62870b50 100755
--- a/17/alpine3.22/docker-entrypoint.sh
+++ b/17/alpine3.22/docker-entrypoint.sh
@@ -154,6 +154,29 @@ docker_verify_minimum_env() {
EOWARN
fi
}
+# similar to the above, but errors if there are any "old" databases detected (usually due to upgrades without pg_upgrade)
+docker_error_old_databases() {
+ if [ -n "${OLD_DATABASES[0]:-}" ]; then
+ cat >&2 <<-EOE
+ Error: in 18+, these Docker images are configured to store database data in a
+ format which is compatible with "pg_ctlcluster" (specifically, using
+ major-version-specific directory names). This better reflects how
+ PostgreSQL itself works, and how upgrades are to be performed.
+
+ See also https://github.com/docker-library/postgres/pull/1259
+
+ Counter to that, there appears to be PostgreSQL data in:
+ ${OLD_DATABASES[*]}
+
+ This is usually the result of upgrading the Docker image without upgrading
+ the underlying database using "pg_upgrade" (which requires both versions).
+
+ See https://github.com/docker-library/postgres/issues/37 for a (long)
+ discussion around this process, and suggestions for how to do so.
+ EOE
+ exit 1
+ fi
+}
# usage: docker_process_init_files [file [file [...]]]
# ie: docker_process_init_files /always-initdb.d/*
@@ -230,9 +253,17 @@ docker_setup_env() {
declare -g DATABASE_ALREADY_EXISTS
: "${DATABASE_ALREADY_EXISTS:=}"
+ declare -ag OLD_DATABASES=()
# look specifically for PG_VERSION, as it is expected in the DB dir
if [ -s "$PGDATA/PG_VERSION" ]; then
DATABASE_ALREADY_EXISTS='true'
+ elif [ "$PGDATA" = "/var/lib/postgresql/$PG_MAJOR/docker" ]; then
+ # https://github.com/docker-library/postgres/pull/1259
+ for d in /var/lib/postgresql /var/lib/postgresql/data /var/lib/postgresql/*/docker; do
+ if [ -s "$d/PG_VERSION" ]; then
+ OLD_DATABASES+=( "$d" )
+ fi
+ done
fi
}
@@ -319,6 +350,7 @@ _main() {
# only run initialization on an empty data directory
if [ -z "$DATABASE_ALREADY_EXISTS" ]; then
docker_verify_minimum_env
+ docker_error_old_databases
# check dir permissions to reduce likelihood of half-initialized database
ls /docker-entrypoint-initdb.d/ > /dev/null
diff --git a/17/bookworm/docker-ensure-initdb.sh b/17/bookworm/docker-ensure-initdb.sh
index ae1f6b6b90..e9b15ef77d 100755
--- a/17/bookworm/docker-ensure-initdb.sh
+++ b/17/bookworm/docker-ensure-initdb.sh
@@ -33,6 +33,7 @@ fi
# only run initialization on an empty data directory
if [ -z "$DATABASE_ALREADY_EXISTS" ]; then
docker_verify_minimum_env
+ docker_error_old_databases
# check dir permissions to reduce likelihood of half-initialized database
ls /docker-entrypoint-initdb.d/ > /dev/null
diff --git a/17/bookworm/docker-entrypoint.sh b/17/bookworm/docker-entrypoint.sh
index ae40666ca1..5a62870b50 100755
--- a/17/bookworm/docker-entrypoint.sh
+++ b/17/bookworm/docker-entrypoint.sh
@@ -154,6 +154,29 @@ docker_verify_minimum_env() {
EOWARN
fi
}
+# similar to the above, but errors if there are any "old" databases detected (usually due to upgrades without pg_upgrade)
+docker_error_old_databases() {
+ if [ -n "${OLD_DATABASES[0]:-}" ]; then
+ cat >&2 <<-EOE
+ Error: in 18+, these Docker images are configured to store database data in a
+ format which is compatible with "pg_ctlcluster" (specifically, using
+ major-version-specific directory names). This better reflects how
+ PostgreSQL itself works, and how upgrades are to be performed.
+
+ See also https://github.com/docker-library/postgres/pull/1259
+
+ Counter to that, there appears to be PostgreSQL data in:
+ ${OLD_DATABASES[*]}
+
+ This is usually the result of upgrading the Docker image without upgrading
+ the underlying database using "pg_upgrade" (which requires both versions).
+
+ See https://github.com/docker-library/postgres/issues/37 for a (long)
+ discussion around this process, and suggestions for how to do so.
+ EOE
+ exit 1
+ fi
+}
# usage: docker_process_init_files [file [file [...]]]
# ie: docker_process_init_files /always-initdb.d/*
@@ -230,9 +253,17 @@ docker_setup_env() {
declare -g DATABASE_ALREADY_EXISTS
: "${DATABASE_ALREADY_EXISTS:=}"
+ declare -ag OLD_DATABASES=()
# look specifically for PG_VERSION, as it is expected in the DB dir
if [ -s "$PGDATA/PG_VERSION" ]; then
DATABASE_ALREADY_EXISTS='true'
+ elif [ "$PGDATA" = "/var/lib/postgresql/$PG_MAJOR/docker" ]; then
+ # https://github.com/docker-library/postgres/pull/1259
+ for d in /var/lib/postgresql /var/lib/postgresql/data /var/lib/postgresql/*/docker; do
+ if [ -s "$d/PG_VERSION" ]; then
+ OLD_DATABASES+=( "$d" )
+ fi
+ done
fi
}
@@ -319,6 +350,7 @@ _main() {
# only run initialization on an empty data directory
if [ -z "$DATABASE_ALREADY_EXISTS" ]; then
docker_verify_minimum_env
+ docker_error_old_databases
# check dir permissions to reduce likelihood of half-initialized database
ls /docker-entrypoint-initdb.d/ > /dev/null
diff --git a/17/bullseye/docker-ensure-initdb.sh b/17/bullseye/docker-ensure-initdb.sh
index ae1f6b6b90..e9b15ef77d 100755
--- a/17/bullseye/docker-ensure-initdb.sh
+++ b/17/bullseye/docker-ensure-initdb.sh
@@ -33,6 +33,7 @@ fi
# only run initialization on an empty data directory
if [ -z "$DATABASE_ALREADY_EXISTS" ]; then
docker_verify_minimum_env
+ docker_error_old_databases
# check dir permissions to reduce likelihood of half-initialized database
ls /docker-entrypoint-initdb.d/ > /dev/null
diff --git a/17/bullseye/docker-entrypoint.sh b/17/bullseye/docker-entrypoint.sh
index ae40666ca1..5a62870b50 100755
--- a/17/bullseye/docker-entrypoint.sh
+++ b/17/bullseye/docker-entrypoint.sh
@@ -154,6 +154,29 @@ docker_verify_minimum_env() {
EOWARN
fi
}
+# similar to the above, but errors if there are any "old" databases detected (usually due to upgrades without pg_upgrade)
+docker_error_old_databases() {
+ if [ -n "${OLD_DATABASES[0]:-}" ]; then
+ cat >&2 <<-EOE
+ Error: in 18+, these Docker images are configured to store database data in a
+ format which is compatible with "pg_ctlcluster" (specifically, using
+ major-version-specific directory names). This better reflects how
+ PostgreSQL itself works, and how upgrades are to be performed.
+
+ See also https://github.com/docker-library/postgres/pull/1259
+
+ Counter to that, there appears to be PostgreSQL data in:
+ ${OLD_DATABASES[*]}
+
+ This is usually the result of upgrading the Docker image without upgrading
+ the underlying database using "pg_upgrade" (which requires both versions).
+
+ See https://github.com/docker-library/postgres/issues/37 for a (long)
+ discussion around this process, and suggestions for how to do so.
+ EOE
+ exit 1
+ fi
+}
# usage: docker_process_init_files [file [file [...]]]
# ie: docker_process_init_files /always-initdb.d/*
@@ -230,9 +253,17 @@ docker_setup_env() {
declare -g DATABASE_ALREADY_EXISTS
: "${DATABASE_ALREADY_EXISTS:=}"
+ declare -ag OLD_DATABASES=()
# look specifically for PG_VERSION, as it is expected in the DB dir
if [ -s "$PGDATA/PG_VERSION" ]; then
DATABASE_ALREADY_EXISTS='true'
+ elif [ "$PGDATA" = "/var/lib/postgresql/$PG_MAJOR/docker" ]; then
+ # https://github.com/docker-library/postgres/pull/1259
+ for d in /var/lib/postgresql /var/lib/postgresql/data /var/lib/postgresql/*/docker; do
+ if [ -s "$d/PG_VERSION" ]; then
+ OLD_DATABASES+=( "$d" )
+ fi
+ done
fi
}
@@ -319,6 +350,7 @@ _main() {
# only run initialization on an empty data directory
if [ -z "$DATABASE_ALREADY_EXISTS" ]; then
docker_verify_minimum_env
+ docker_error_old_databases
# check dir permissions to reduce likelihood of half-initialized database
ls /docker-entrypoint-initdb.d/ > /dev/null
diff --git a/18/alpine3.21/docker-ensure-initdb.sh b/18/alpine3.21/docker-ensure-initdb.sh
index ae1f6b6b90..e9b15ef77d 100755
--- a/18/alpine3.21/docker-ensure-initdb.sh
+++ b/18/alpine3.21/docker-ensure-initdb.sh
@@ -33,6 +33,7 @@ fi
# only run initialization on an empty data directory
if [ -z "$DATABASE_ALREADY_EXISTS" ]; then
docker_verify_minimum_env
+ docker_error_old_databases
# check dir permissions to reduce likelihood of half-initialized database
ls /docker-entrypoint-initdb.d/ > /dev/null
diff --git a/18/alpine3.21/docker-entrypoint.sh b/18/alpine3.21/docker-entrypoint.sh
index ae40666ca1..5a62870b50 100755
--- a/18/alpine3.21/docker-entrypoint.sh
+++ b/18/alpine3.21/docker-entrypoint.sh
@@ -154,6 +154,29 @@ docker_verify_minimum_env() {
EOWARN
fi
}
+# similar to the above, but errors if there are any "old" databases detected (usually due to upgrades without pg_upgrade)
+docker_error_old_databases() {
+ if [ -n "${OLD_DATABASES[0]:-}" ]; then
+ cat >&2 <<-EOE
+ Error: in 18+, these Docker images are configured to store database data in a
+ format which is compatible with "pg_ctlcluster" (specifically, using
+ major-version-specific directory names). This better reflects how
+ PostgreSQL itself works, and how upgrades are to be performed.
+
+ See also https://github.com/docker-library/postgres/pull/1259
+
+ Counter to that, there appears to be PostgreSQL data in:
+ ${OLD_DATABASES[*]}
+
+ This is usually the result of upgrading the Docker image without upgrading
+ the underlying database using "pg_upgrade" (which requires both versions).
+
+ See https://github.com/docker-library/postgres/issues/37 for a (long)
+ discussion around this process, and suggestions for how to do so.
+ EOE
+ exit 1
+ fi
+}
# usage: docker_process_init_files [file [file [...]]]
# ie: docker_process_init_files /always-initdb.d/*
@@ -230,9 +253,17 @@ docker_setup_env() {
declare -g DATABASE_ALREADY_EXISTS
: "${DATABASE_ALREADY_EXISTS:=}"
+ declare -ag OLD_DATABASES=()
# look specifically for PG_VERSION, as it is expected in the DB dir
if [ -s "$PGDATA/PG_VERSION" ]; then
DATABASE_ALREADY_EXISTS='true'
+ elif [ "$PGDATA" = "/var/lib/postgresql/$PG_MAJOR/docker" ]; then
+ # https://github.com/docker-library/postgres/pull/1259
+ for d in /var/lib/postgresql /var/lib/postgresql/data /var/lib/postgresql/*/docker; do
+ if [ -s "$d/PG_VERSION" ]; then
+ OLD_DATABASES+=( "$d" )
+ fi
+ done
fi
}
@@ -319,6 +350,7 @@ _main() {
# only run initialization on an empty data directory
if [ -z "$DATABASE_ALREADY_EXISTS" ]; then
docker_verify_minimum_env
+ docker_error_old_databases
# check dir permissions to reduce likelihood of half-initialized database
ls /docker-entrypoint-initdb.d/ > /dev/null
diff --git a/18/alpine3.22/docker-ensure-initdb.sh b/18/alpine3.22/docker-ensure-initdb.sh
index ae1f6b6b90..e9b15ef77d 100755
--- a/18/alpine3.22/docker-ensure-initdb.sh
+++ b/18/alpine3.22/docker-ensure-initdb.sh
@@ -33,6 +33,7 @@ fi
# only run initialization on an empty data directory
if [ -z "$DATABASE_ALREADY_EXISTS" ]; then
docker_verify_minimum_env
+ docker_error_old_databases
# check dir permissions to reduce likelihood of half-initialized database
ls /docker-entrypoint-initdb.d/ > /dev/null
diff --git a/18/alpine3.22/docker-entrypoint.sh b/18/alpine3.22/docker-entrypoint.sh
index ae40666ca1..5a62870b50 100755
--- a/18/alpine3.22/docker-entrypoint.sh
+++ b/18/alpine3.22/docker-entrypoint.sh
@@ -154,6 +154,29 @@ docker_verify_minimum_env() {
EOWARN
fi
}
+# similar to the above, but errors if there are any "old" databases detected (usually due to upgrades without pg_upgrade)
+docker_error_old_databases() {
+ if [ -n "${OLD_DATABASES[0]:-}" ]; then
+ cat >&2 <<-EOE
+ Error: in 18+, these Docker images are configured to store database data in a
+ format which is compatible with "pg_ctlcluster" (specifically, using
+ major-version-specific directory names). This better reflects how
+ PostgreSQL itself works, and how upgrades are to be performed.
+
+ See also https://github.com/docker-library/postgres/pull/1259
+
+ Counter to that, there appears to be PostgreSQL data in:
+ ${OLD_DATABASES[*]}
+
+ This is usually the result of upgrading the Docker image without upgrading
+ the underlying database using "pg_upgrade" (which requires both versions).
+
+ See https://github.com/docker-library/postgres/issues/37 for a (long)
+ discussion around this process, and suggestions for how to do so.
+ EOE
+ exit 1
+ fi
+}
# usage: docker_process_init_files [file [file [...]]]
# ie: docker_process_init_files /always-initdb.d/*
@@ -230,9 +253,17 @@ docker_setup_env() {
declare -g DATABASE_ALREADY_EXISTS
: "${DATABASE_ALREADY_EXISTS:=}"
+ declare -ag OLD_DATABASES=()
# look specifically for PG_VERSION, as it is expected in the DB dir
if [ -s "$PGDATA/PG_VERSION" ]; then
DATABASE_ALREADY_EXISTS='true'
+ elif [ "$PGDATA" = "/var/lib/postgresql/$PG_MAJOR/docker" ]; then
+ # https://github.com/docker-library/postgres/pull/1259
+ for d in /var/lib/postgresql /var/lib/postgresql/data /var/lib/postgresql/*/docker; do
+ if [ -s "$d/PG_VERSION" ]; then
+ OLD_DATABASES+=( "$d" )
+ fi
+ done
fi
}
@@ -319,6 +350,7 @@ _main() {
# only run initialization on an empty data directory
if [ -z "$DATABASE_ALREADY_EXISTS" ]; then
docker_verify_minimum_env
+ docker_error_old_databases
# check dir permissions to reduce likelihood of half-initialized database
ls /docker-entrypoint-initdb.d/ > /dev/null
diff --git a/18/bookworm/docker-ensure-initdb.sh b/18/bookworm/docker-ensure-initdb.sh
index ae1f6b6b90..e9b15ef77d 100755
--- a/18/bookworm/docker-ensure-initdb.sh
+++ b/18/bookworm/docker-ensure-initdb.sh
@@ -33,6 +33,7 @@ fi
# only run initialization on an empty data directory
if [ -z "$DATABASE_ALREADY_EXISTS" ]; then
docker_verify_minimum_env
+ docker_error_old_databases
# check dir permissions to reduce likelihood of half-initialized database
ls /docker-entrypoint-initdb.d/ > /dev/null
diff --git a/18/bookworm/docker-entrypoint.sh b/18/bookworm/docker-entrypoint.sh
index ae40666ca1..5a62870b50 100755
--- a/18/bookworm/docker-entrypoint.sh
+++ b/18/bookworm/docker-entrypoint.sh
@@ -154,6 +154,29 @@ docker_verify_minimum_env() {
EOWARN
fi
}
+# similar to the above, but errors if there are any "old" databases detected (usually due to upgrades without pg_upgrade)
+docker_error_old_databases() {
+ if [ -n "${OLD_DATABASES[0]:-}" ]; then
+ cat >&2 <<-EOE
+ Error: in 18+, these Docker images are configured to store database data in a
+ format which is compatible with "pg_ctlcluster" (specifically, using
+ major-version-specific directory names). This better reflects how
+ PostgreSQL itself works, and how upgrades are to be performed.
+
+ See also https://github.com/docker-library/postgres/pull/1259
+
+ Counter to that, there appears to be PostgreSQL data in:
+ ${OLD_DATABASES[*]}
+
+ This is usually the result of upgrading the Docker image without upgrading
+ the underlying database using "pg_upgrade" (which requires both versions).
+
+ See https://github.com/docker-library/postgres/issues/37 for a (long)
+ discussion around this process, and suggestions for how to do so.
+ EOE
+ exit 1
+ fi
+}
# usage: docker_process_init_files [file [file [...]]]
# ie: docker_process_init_files /always-initdb.d/*
@@ -230,9 +253,17 @@ docker_setup_env() {
declare -g DATABASE_ALREADY_EXISTS
: "${DATABASE_ALREADY_EXISTS:=}"
+ declare -ag OLD_DATABASES=()
# look specifically for PG_VERSION, as it is expected in the DB dir
if [ -s "$PGDATA/PG_VERSION" ]; then
DATABASE_ALREADY_EXISTS='true'
+ elif [ "$PGDATA" = "/var/lib/postgresql/$PG_MAJOR/docker" ]; then
+ # https://github.com/docker-library/postgres/pull/1259
+ for d in /var/lib/postgresql /var/lib/postgresql/data /var/lib/postgresql/*/docker; do
+ if [ -s "$d/PG_VERSION" ]; then
+ OLD_DATABASES+=( "$d" )
+ fi
+ done
fi
}
@@ -319,6 +350,7 @@ _main() {
# only run initialization on an empty data directory
if [ -z "$DATABASE_ALREADY_EXISTS" ]; then
docker_verify_minimum_env
+ docker_error_old_databases
# check dir permissions to reduce likelihood of half-initialized database
ls /docker-entrypoint-initdb.d/ > /dev/null
diff --git a/18/bullseye/docker-ensure-initdb.sh b/18/bullseye/docker-ensure-initdb.sh
index ae1f6b6b90..e9b15ef77d 100755
--- a/18/bullseye/docker-ensure-initdb.sh
+++ b/18/bullseye/docker-ensure-initdb.sh
@@ -33,6 +33,7 @@ fi
# only run initialization on an empty data directory
if [ -z "$DATABASE_ALREADY_EXISTS" ]; then
docker_verify_minimum_env
+ docker_error_old_databases
# check dir permissions to reduce likelihood of half-initialized database
ls /docker-entrypoint-initdb.d/ > /dev/null
diff --git a/18/bullseye/docker-entrypoint.sh b/18/bullseye/docker-entrypoint.sh
index ae40666ca1..5a62870b50 100755
--- a/18/bullseye/docker-entrypoint.sh
+++ b/18/bullseye/docker-entrypoint.sh
@@ -154,6 +154,29 @@ docker_verify_minimum_env() {
EOWARN
fi
}
+# similar to the above, but errors if there are any "old" databases detected (usually due to upgrades without pg_upgrade)
+docker_error_old_databases() {
+ if [ -n "${OLD_DATABASES[0]:-}" ]; then
+ cat >&2 <<-EOE
+ Error: in 18+, these Docker images are configured to store database data in a
+ format which is compatible with "pg_ctlcluster" (specifically, using
+ major-version-specific directory names). This better reflects how
+ PostgreSQL itself works, and how upgrades are to be performed.
+
+ See also https://github.com/docker-library/postgres/pull/1259
+
+ Counter to that, there appears to be PostgreSQL data in:
+ ${OLD_DATABASES[*]}
+
+ This is usually the result of upgrading the Docker image without upgrading
+ the underlying database using "pg_upgrade" (which requires both versions).
+
+ See https://github.com/docker-library/postgres/issues/37 for a (long)
+ discussion around this process, and suggestions for how to do so.
+ EOE
+ exit 1
+ fi
+}
# usage: docker_process_init_files [file [file [...]]]
# ie: docker_process_init_files /always-initdb.d/*
@@ -230,9 +253,17 @@ docker_setup_env() {
declare -g DATABASE_ALREADY_EXISTS
: "${DATABASE_ALREADY_EXISTS:=}"
+ declare -ag OLD_DATABASES=()
# look specifically for PG_VERSION, as it is expected in the DB dir
if [ -s "$PGDATA/PG_VERSION" ]; then
DATABASE_ALREADY_EXISTS='true'
+ elif [ "$PGDATA" = "/var/lib/postgresql/$PG_MAJOR/docker" ]; then
+ # https://github.com/docker-library/postgres/pull/1259
+ for d in /var/lib/postgresql /var/lib/postgresql/data /var/lib/postgresql/*/docker; do
+ if [ -s "$d/PG_VERSION" ]; then
+ OLD_DATABASES+=( "$d" )
+ fi
+ done
fi
}
@@ -319,6 +350,7 @@ _main() {
# only run initialization on an empty data directory
if [ -z "$DATABASE_ALREADY_EXISTS" ]; then
docker_verify_minimum_env
+ docker_error_old_databases
# check dir permissions to reduce likelihood of half-initialized database
ls /docker-entrypoint-initdb.d/ > /dev/null
diff --git a/docker-ensure-initdb.sh b/docker-ensure-initdb.sh
index ae1f6b6b90..e9b15ef77d 100755
--- a/docker-ensure-initdb.sh
+++ b/docker-ensure-initdb.sh
@@ -33,6 +33,7 @@ fi
# only run initialization on an empty data directory
if [ -z "$DATABASE_ALREADY_EXISTS" ]; then
docker_verify_minimum_env
+ docker_error_old_databases
# check dir permissions to reduce likelihood of half-initialized database
ls /docker-entrypoint-initdb.d/ > /dev/null
diff --git a/docker-entrypoint.sh b/docker-entrypoint.sh
index ae40666ca1..5a62870b50 100755
--- a/docker-entrypoint.sh
+++ b/docker-entrypoint.sh
@@ -154,6 +154,29 @@ docker_verify_minimum_env() {
EOWARN
fi
}
+# similar to the above, but errors if there are any "old" databases detected (usually due to upgrades without pg_upgrade)
+docker_error_old_databases() {
+ if [ -n "${OLD_DATABASES[0]:-}" ]; then
+ cat >&2 <<-EOE
+ Error: in 18+, these Docker images are configured to store database data in a
+ format which is compatible with "pg_ctlcluster" (specifically, using
+ major-version-specific directory names). This better reflects how
+ PostgreSQL itself works, and how upgrades are to be performed.
+
+ See also https://github.com/docker-library/postgres/pull/1259
+
+ Counter to that, there appears to be PostgreSQL data in:
+ ${OLD_DATABASES[*]}
+
+ This is usually the result of upgrading the Docker image without upgrading
+ the underlying database using "pg_upgrade" (which requires both versions).
+
+ See https://github.com/docker-library/postgres/issues/37 for a (long)
+ discussion around this process, and suggestions for how to do so.
+ EOE
+ exit 1
+ fi
+}
# usage: docker_process_init_files [file [file [...]]]
# ie: docker_process_init_files /always-initdb.d/*
@@ -230,9 +253,17 @@ docker_setup_env() {
declare -g DATABASE_ALREADY_EXISTS
: "${DATABASE_ALREADY_EXISTS:=}"
+ declare -ag OLD_DATABASES=()
# look specifically for PG_VERSION, as it is expected in the DB dir
if [ -s "$PGDATA/PG_VERSION" ]; then
DATABASE_ALREADY_EXISTS='true'
+ elif [ "$PGDATA" = "/var/lib/postgresql/$PG_MAJOR/docker" ]; then
+ # https://github.com/docker-library/postgres/pull/1259
+ for d in /var/lib/postgresql /var/lib/postgresql/data /var/lib/postgresql/*/docker; do
+ if [ -s "$d/PG_VERSION" ]; then
+ OLD_DATABASES+=( "$d" )
+ fi
+ done
fi
}
@@ -319,6 +350,7 @@ _main() {
# only run initialization on an empty data directory
if [ -z "$DATABASE_ALREADY_EXISTS" ]; then
docker_verify_minimum_env
+ docker_error_old_databases
# check dir permissions to reduce likelihood of half-initialized database
ls /docker-entrypoint-initdb.d/ > /dev/null