├── .github ├── actions │ ├── build-and-push-to-quay │ │ └── action.yml │ └── find-changed-directories │ │ └── action.yml ├── runs-on.yml └── workflows │ ├── bake.yaml │ ├── build_tembo_pg_slim.yaml │ └── publish-trunk.yaml ├── .gitignore ├── CONTAINER_README.md ├── Dockerfile ├── LICENSE ├── README.md ├── docker-bake.hcl ├── docker-entrypoint.sh ├── geo-cnpg ├── Cargo.toml └── Dockerfile ├── manifest.js ├── ml-cnpg ├── Cargo.toml ├── Dockerfile ├── requirements-xformers.txt └── requirements.txt ├── standard-cnpg ├── Cargo.toml ├── Dockerfile ├── README.md ├── requirements.txt └── src │ └── main.rs ├── sync-volume.sh ├── tembo-local-slim ├── Dockerfile ├── LICENSE └── postgresql.conf ├── tembo-local ├── Dockerfile ├── LICENSE ├── entrypoint.sh └── postgresql.conf ├── tembo-pg-cnpg ├── Cargo.toml ├── Dockerfile ├── README.md ├── requirements.txt └── src │ └── main.rs ├── tembo-pg-slim ├── .gitignore ├── Cargo.toml ├── Dockerfile ├── LICENSE ├── README.md ├── docker-entrypoint.sh ├── postgresql.conf └── src │ └── main.rs └── trunk ├── Dockerfile └── README.md /.github/actions/build-and-push-to-quay/action.yml: -------------------------------------------------------------------------------- 1 | name: 'Build and push to Quay' 2 | description: 'Builds a container image and pushes it to our Quay organization' 3 | inputs: 4 | image_name: 5 | description: 'The name of the image, not including the registry or the tag, for example "postgres"' 6 | required: true 7 | registry: 8 | description: 'The name of the image, not including the registry or the tag, for example "postgres"' 9 | required: false 10 | default: "quay.io/coredb" 11 | registry_tembo: 12 | description: 'The name of the image, not including the registry or the tag, for example "postgres"' 13 | required: false 14 | default: "quay.io/tembo" 15 | docker_directory: 16 | description: 'The relative path to a directory in which there is a Dockerfile' 17 | required: false 18 | default: '.' 19 | quay_user: 20 | required: true 21 | description: "Quay 'robot user' user name" 22 | quay_password: 23 | required: true 24 | description: "Quay 'robot user' access token" 25 | quay_user_tembo: 26 | required: true 27 | description: "Quay 'robot user' user name for Tembo org" 28 | quay_password_tembo: 29 | required: true 30 | description: "Quay 'robot user' access token for Tembo org" 31 | publish_calver: 32 | description: 'Should we tag with calendar versioning?' 33 | required: false 34 | default: false 35 | calver_suffix: 36 | description: 'Optional suffix to the calendar version' 37 | required: false 38 | default: "" 39 | publish_latest: 40 | description: "Should we tag with 'latest'?" 41 | required: false 42 | default: false 43 | tag_cargo_version_if_present: 44 | description: "Should we tag with the version found in Cargo.toml, if found?" 45 | required: false 46 | default: false 47 | tags: 48 | description: "Whitespace-separated tags, not including the registry, for example 'v1' or 'v1 release-1.0'. There are also some default tags provided, please see the other options of this action." 49 | required: false 50 | default: "" 51 | gha_iam_role: 52 | description: 'The AWS IAM Role to assume to push images to ECR' 53 | required: true 54 | aws_region: 55 | description: 'The AWS Region to use for AWS Session Authentication' 56 | required: false 57 | default: us-east-1 58 | ecr_registry: 59 | description: 'The AWS ECR Registry ARN' 60 | required: true 61 | outputs: {} 62 | runs: 63 | using: "composite" 64 | steps: 65 | - name: Install TOML parser 66 | shell: bash 67 | run: | 68 | set -xe 69 | wget https://github.com/freshautomations/stoml/releases/download/v0.7.1/stoml_linux_amd64 70 | mv stoml_linux_amd64 stoml 71 | chmod +x stoml 72 | sudo mv stoml /usr/local/bin/ 73 | - name: Create whitespace-separated tags list 74 | shell: bash 75 | id: tags 76 | run: | 77 | set -e 78 | 79 | # input tags 80 | TAGS='${{ inputs.tags }}' 81 | SHORT_SHA=$(git rev-parse --short HEAD) 82 | 83 | cd ${{ inputs.docker_directory }} 84 | 85 | if [ "${{ inputs.tag_cargo_version_if_present }}" == "true" ] && test -f "Cargo.toml"; then 86 | echo "Cargo file detected, adding to tags" 87 | VERSION=$(stoml Cargo.toml package.version)-${SHORT_SHA} 88 | TAGS="$TAGS $VERSION" 89 | fi 90 | 91 | # Calendar version 92 | if [ "${{ inputs.publish_calver }}" == "true" ]; then 93 | # A date without leading zeros, for example: 94 | # 2023.1.26 95 | CAL_VER=$(date '+%Y.%-m.%-d') 96 | TAGS="$TAGS ${CAL_VER}${{ inputs.calver_suffix }}" 97 | fi 98 | 99 | # latest 100 | if [ "${{ inputs.publish_latest }}" == "true" ]; then 101 | TAGS="$TAGS latest" 102 | fi 103 | 104 | # Short Git hash 105 | TAGS="$TAGS ${SHORT_SHA}" 106 | 107 | echo "TAGS=$TAGS" >> $GITHUB_OUTPUT 108 | - name: Run pre-build hooks 109 | shell: bash 110 | run: | 111 | cd ${{ inputs.docker_directory }} 112 | if [[ -f pre-build-hook.sh ]]; then 113 | echo "detected pre-build hook, running" 114 | /bin/bash pre-build-hook.sh 115 | else 116 | echo "no pre build hook detected" 117 | fi 118 | - name: Build image and tag 119 | shell: bash 120 | run: | 121 | set -xe 122 | # Build the image 123 | docker build -t ${{ inputs.image_name }} ${{ inputs.docker_directory }} 124 | # Tag with each tag in the comma-separate list 125 | IFS=' ' read -ra TAG_ARRAY <<< "${{ steps.tags.outputs.TAGS }}" 126 | for tag in "${TAG_ARRAY[@]}"; do 127 | docker tag ${{ inputs.image_name }} ${{ inputs.image_name }}:$tag 128 | done 129 | - name: Login to CoreDB Quay 130 | if: inputs.image_name != 'tembo-pg-cnpg' 131 | uses: docker/login-action@v2 132 | with: 133 | registry: ${{ inputs.registry }} 134 | username: ${{ inputs.quay_user }} 135 | password: ${{ inputs.quay_password }} 136 | - name: Push to Quay 137 | if: inputs.image_name != 'tembo-pg-cnpg' 138 | shell: bash 139 | run: | 140 | set -xe 141 | IFS=' ' read -ra TAG_ARRAY <<< "${{ steps.tags.outputs.TAGS }}" 142 | for tag in "${TAG_ARRAY[@]}"; do 143 | docker tag ${{ inputs.image_name }}:$tag ${{ inputs.registry}}/${{ inputs.image_name }}:$tag 144 | docker push ${{ inputs.registry}}/${{ inputs.image_name }}:$tag 145 | done 146 | - name: Login to Tembo Quay 147 | if: inputs.image_name == 'tembo-pg-cnpg' 148 | uses: docker/login-action@v2 149 | with: 150 | registry: ${{ inputs.registry_tembo }} 151 | username: ${{ inputs.quay_user_tembo}} 152 | password: ${{ inputs.quay_password_tembo }} 153 | - name: Push to Quay 154 | if: inputs.image_name == 'tembo-pg-cnpg' 155 | shell: bash 156 | run: | 157 | set -xe 158 | IFS=' ' read -ra TAG_ARRAY <<< "${{ steps.tags.outputs.TAGS }}" 159 | for tag in "${TAG_ARRAY[@]}"; do 160 | docker tag ${{ inputs.image_name }}:$tag ${{ inputs.registry_tembo}}/${{ inputs.image_name }}:$tag 161 | docker push ${{ inputs.registry_tembo}}/${{ inputs.image_name }}:$tag 162 | done 163 | - name: Configure AWS credentials for ECR 164 | if: inputs.image_name == 'standard-cnpg' || inputs.image_name == 'ml-cnpg' || inputs.image_name == 'geo-cnpg' 165 | uses: aws-actions/configure-aws-credentials@v4 166 | with: 167 | role-to-assume: ${{ inputs.gha_iam_role }} 168 | role-session-name: images-gha-docker-build-and-push 169 | aws-region: ${{ inputs.aws_region }} 170 | - name: Install awscli 171 | if: inputs.image_name == 'standard-cnpg' || inputs.image_name == 'ml-cnpg' || inputs.image_name == 'geo-cnpg' 172 | uses: unfor19/install-aws-cli-action@v1 173 | - name: Push to ECR 174 | if: inputs.image_name == 'standard-cnpg' || inputs.image_name == 'ml-cnpg' || inputs.image_name == 'geo-cnpg' 175 | shell: bash 176 | run: | 177 | set -xe 178 | IFS=' ' read -ra TAG_ARRAY <<< "${{ steps.tags.outputs.TAGS }}" 179 | for tag in "${TAG_ARRAY[@]}"; do 180 | aws ecr get-login-password --region us-east-1 | docker login --username AWS --password-stdin ${{ inputs.ecr_registry }}/tembo-io/${{ inputs.image_name }} 181 | docker tag ${{ inputs.image_name }}:$tag ${{ inputs.ecr_registry }}/tembo-io/${{ inputs.image_name }}:$tag 182 | docker push ${{ inputs.ecr_registry }}/tembo-io/${{ inputs.image_name }}:$tag 183 | done 184 | -------------------------------------------------------------------------------- /.github/actions/find-changed-directories/action.yml: -------------------------------------------------------------------------------- 1 | name: 'Find changed directories' 2 | description: 'Finds directories containing a specific filename in the root of that directory, filtering out directories that are unchanged relative to a given branch name' 3 | inputs: 4 | contains_the_file: 5 | description: 'Look for directories with this file in the root of that directory. For example, Dockerfile or Cargo.toml' 6 | required: true 7 | fetch_branch_to_compare: 8 | description: 'The branch to fetch when looking to compare a ref, typically main' 9 | default: "main" 10 | required: true 11 | changed_relative_to_ref: 12 | description: 'The ref on the fetched branch to compare with to determine if this directory has changed. For example "origin/main" or a git commit hash.' 13 | required: true 14 | ignore_dirs: 15 | description: A list of directories to ignore. 16 | required: false 17 | default: '' 18 | outputs: 19 | build_matrix: 20 | description: "Input this output to your matrix build in a following job, like this 'fromJson(needs.find_directories.outputs.build_matrix)'" 21 | value: ${{ steps.find_directories.outputs.build_matrix }} 22 | runs: 23 | using: "composite" 24 | steps: 25 | - name: Find directories with a given file name 26 | shell: bash 27 | id: find_directories 28 | run: | 29 | set -xe 30 | git fetch origin ${{ inputs.fetch_branch_to_compare }} || true 31 | # Get directories with a Dockerfile that have not changed 32 | # relative to the branch we are pulling into 33 | echo "${{inputs.ignore_dirs}}" 34 | IFS=', ' read -r -a array <<< "${{inputs.ignore_dirs}}" 35 | EXCLUDE_OPTS=() 36 | for exclude_dir in "${array[@]}"; do 37 | EXCLUDE_OPTS+=("-not" "-path" "*/$exclude_dir/*") 38 | done 39 | directories=$( 40 | find . -name ${{ inputs.contains_the_file }} -not -path "*/target/*" -not -path "*/.github/*" "${EXCLUDE_OPTS[@]}" -exec dirname {} \; | while read dir; do 41 | # This will check if the directory has changed relative to the branch we are PRing 42 | # into, and if it's not a PR, in the case of main or release/**, then it will 43 | # build all docker directories 44 | if git diff --quiet HEAD ${{ inputs.changed_relative_to_ref }} -- "$dir"; then 45 | echo "" 46 | else 47 | echo "$dir" 48 | fi 49 | done) 50 | # Format directories into a build matrix 51 | matrix_include=$(echo "${directories}" | awk 'NF{print $NF};' | while read dir; do dir_without_dot=$(basename ${dir}); echo "{\"path\": \"$dir\", \"name\": \"$dir_without_dot\"}"; done | jq -scM '{"include": .}') 52 | echo "${matrix_include}" 53 | echo "build_matrix=${matrix_include}" >> $GITHUB_OUTPUT 54 | -------------------------------------------------------------------------------- /.github/runs-on.yml: -------------------------------------------------------------------------------- 1 | # Inherit from the tembo-io/infrastructure repo 2 | # https://runs-on.com/configuration/repo-config/ 3 | _extends: infrastructure 4 | -------------------------------------------------------------------------------- /.github/workflows/bake.yaml: -------------------------------------------------------------------------------- 1 | name: 🧁 Bake Postgres Images 2 | 3 | on: 4 | push: 5 | branches: 6 | - main 7 | paths: 8 | - .github/workflows/bake\.yaml 9 | - Dockerfile 10 | - docker-bake\.hcl 11 | - docker-entrypoint\.sh 12 | - CONTAINER_README.md 13 | - manifest\.js 14 | pull_request: 15 | branches: 16 | - main 17 | paths: 18 | - .github/workflows/bake\.yaml 19 | - Dockerfile 20 | - docker-bake\.hcl 21 | - docker-entrypoint\.sh 22 | - CONTAINER_README.md 23 | - manifest\.js 24 | # schedule: 25 | # - cron: 0 8 * * 1 26 | 27 | jobs: 28 | bake: 29 | name: 🐘 ${{ matrix.pg }} ${{ matrix.os[0] }} ${{ matrix.os[1] }} ${{ matrix.arch[0] }} ${{ matrix.arch[1] }} 30 | # https://docs.github.com/en/actions/writing-workflows/choosing-where-your-workflow-runs/choosing-the-runner-for-a-job#standard-github-hosted-runners-for-public-repositories 31 | runs-on: ubuntu-${{ matrix.arch[1] == 'arm64' && '24.04-arm' || 'latest' }} 32 | strategy: 33 | matrix: 34 | pg: ["17.4", "16.8", "15.12", "14.17"] 35 | os: [["🐿️", "noble"], ["🪼", "jammy"] ] 36 | arch: [["🦾", "arm64"], ["🤖", "amd64"]] 37 | outputs: 38 | images: ${{ steps.meta.outputs.json }} 39 | steps: 40 | - name: Free Disk Space 41 | uses: jlumbroso/free-disk-space@main 42 | with: { tool-cache: false } 43 | - name: Login to Docker Hub # required for un-throttled pulls 44 | uses: docker/login-action@v3 45 | with: 46 | username: ${{ secrets.DOCKERHUB_USERNAME }} 47 | password: ${{ secrets.DOCKERHUB_TOKEN }} 48 | - name: Login to Quay.io 49 | uses: docker/login-action@v3 50 | with: 51 | registry: quay.io 52 | username: ${{ secrets.QUAY_USER_TEMBO }} 53 | password: ${{ secrets.QUAY_PASSWORD_TEMBO }} 54 | - name: Set up Docker Buildx 55 | uses: docker/setup-buildx-action@v3 56 | - name: Build the Images 57 | id: build 58 | uses: docker/bake-action@v6 59 | env: 60 | registry: quay.io/tembo 61 | revision: ${{ github.sha }} 62 | arch: ${{ matrix.arch[1] }} 63 | os: ${{ matrix.os[1] }} 64 | pg: ${{ matrix.pg }} 65 | with: 66 | pull: true 67 | # Push only on main. 68 | set: "*.output=type=${{ github.ref_name == 'main' && 'image,push-by-digest=true,push=true' || 'cacheonly' }}" 69 | - name: Save Metadata 70 | run: echo '${{ steps.build.outputs.metadata }}' > build-${{ matrix.arch[1] }}-${{ matrix.os[1] }}-${{ matrix.pg }}.json 71 | - name: Upload Metadata 72 | uses: actions/upload-artifact@v4 73 | with: 74 | path: build-${{ matrix.arch[1] }}-${{ matrix.os[1] }}-${{ matrix.pg }}.json 75 | name: build-${{ matrix.arch[1] }}-${{ matrix.os[1] }}-${{ matrix.pg }} 76 | overwrite: true 77 | if-no-files-found: error 78 | retention-days: 1 79 | manifest: 80 | name: 📃 Push Manifests 81 | runs-on: ubuntu-latest 82 | needs: bake 83 | if: ${{ github.ref_name == 'main' }} 84 | env: 85 | REGISTRY: quay.io/tembo 86 | steps: 87 | - name: Checkout Code 88 | uses: actions/checkout@v4 89 | - name: Download Metadata 90 | uses: actions/download-artifact@v4 91 | with: { pattern: build-*, merge-multiple: true } 92 | - name: Login to Quay.io 93 | uses: docker/login-action@v3 94 | with: 95 | registry: quay.io 96 | username: ${{ secrets.QUAY_USER_TEMBO }} 97 | password: ${{ secrets.QUAY_PASSWORD_TEMBO }} 98 | - name: Build and Push Manifests 99 | run: node manifest.js build-*.json 100 | -------------------------------------------------------------------------------- /.github/workflows/build_tembo_pg_slim.yaml: -------------------------------------------------------------------------------- 1 | name: build-tembo-pg-slim 2 | 3 | on: 4 | push: 5 | branches: 6 | - main 7 | paths: 8 | - 'tembo-pg-slim/**' 9 | - 'standard-cnpg/**' 10 | - 'tembo-pg-cnpg/**' 11 | - 'ml-cnpg/**' 12 | - 'geo-cnpg/**' 13 | - .github/workflows/build_tembo_pg_slim.yaml 14 | pull_request: 15 | branches: 16 | - main 17 | paths: 18 | - 'tembo-pg-slim/**' 19 | - 'standard-cnpg/**' 20 | - 'ml-cnpg/**' 21 | - 'geo-cnpg/**' 22 | - .github/workflows/build_tembo_pg_slim.yaml 23 | 24 | jobs: 25 | pre-build: 26 | name: ✨ Pre Build 27 | runs-on: ubuntu-latest 28 | outputs: 29 | short_sha: ${{ steps.versions.outputs.SHORT_SHA }} 30 | branch_name: ${{ steps.versions.outputs.BRANCH_NAME }} 31 | build_matrix: ${{ steps.append_pg_configs.outputs.build_matrix }} 32 | tags: ${{ steps.tags.outputs.tags }} 33 | steps: 34 | - name: Check out the repo 35 | uses: actions/checkout@v4 36 | - name: Set version strings 37 | id: versions 38 | run: | 39 | echo "SHORT_SHA=$(git rev-parse --short HEAD)" >> $GITHUB_OUTPUT 40 | echo "BRANCH_NAME=$(git rev-parse --abbrev-ref HEAD)" >> $GITHUB_OUTPUT 41 | - name: Append PostgreSQL configurations to matrix 42 | id: append_pg_configs 43 | env: 44 | # Update with the latest releases. 45 | TAGS: '["17_4", "16_8", "15_12", "14_17"]' 46 | run: | 47 | printf "build_matrix=%s" $(jq -cn --argjson pg "$TAGS" '$pg | {include: map({pg_tag: ., pg_version: scan("^\\d+")})}') >> $GITHUB_OUTPUT 48 | - name: Determine which tags to publish 49 | id: tags_list 50 | run: | 51 | BRANCH_NAME="${{ steps.versions.outputs.BRANCH_NAME }}" 52 | if [ "${BRANCH_NAME}" == "main" ]; then 53 | echo "tag_latest=true" >> $GITHUB_OUTPUT 54 | echo "tag_cargo=true" >> $GITHUB_OUTPUT 55 | elif [[ "${BRANCH_NAME}" == release/* ]]; then 56 | echo "tag_cargo=true" >> $GITHUB_OUTPUT 57 | echo "tag_latest=false" >> $GITHUB_OUTPUT 58 | else 59 | echo "tag_latest=false" >> $GITHUB_OUTPUT 60 | echo "tag_cargo=false" >> $GITHUB_OUTPUT 61 | fi 62 | - name: Install TOML parser 63 | run: | 64 | set -xe 65 | wget https://github.com/freshautomations/stoml/releases/download/v0.7.1/stoml_linux_amd64 66 | mv stoml_linux_amd64 stoml 67 | chmod +x stoml 68 | sudo mv stoml /usr/local/bin/ 69 | - name: Create whitespace-separated tags list 70 | id: tags 71 | run: | 72 | SHORT_SHA="${{ steps.versions.outputs.SHORT_SHA }}" 73 | TAGS='' 74 | if [ "${{ steps.tags_list.outputs.tag_cargo }}" == "true" ] && test -f "Cargo.toml"; then 75 | echo "Cargo file detected, adding to tags" 76 | VERSION=$(stoml Cargo.toml package.version)-${SHORT_SHA} 77 | TAGS="$TAGS $VERSION" 78 | fi 79 | if [ "${{ steps.tags_list.outputs.tag_latest }}" == "true" ]; then 80 | TAGS="$TAGS latest" 81 | fi 82 | TAGS="$TAGS ${SHORT_SHA}" 83 | echo "tags=$TAGS" >> $GITHUB_OUTPUT 84 | - name: Debug outputs 85 | run: | 86 | echo "Short SHA: ${{ steps.versions.outputs.SHORT_SHA }}" 87 | echo "Branch Name: ${{ steps.versions.outputs.BRANCH_NAME }}" 88 | echo "Build Matrix: ${{ steps.append_pg_configs.outputs.build_matrix }}" 89 | echo "Tags: ${{ steps.tags.outputs.tags }}" 90 | 91 | tembo-pg-slim-build: 92 | name: 🧱 tembo-pg-slim 🐘 ${{ matrix.pg_version }} 93 | needs: pre-build 94 | permissions: 95 | id-token: write 96 | contents: read 97 | runs-on: 98 | - "runs-on=${{ github.run_id }}-pg-slim" 99 | - "runner=large-amd64" 100 | - "cpu=8" 101 | - "ram=16" 102 | strategy: 103 | fail-fast: false 104 | matrix: ${{fromJson(needs.pre-build.outputs.build_matrix)}} 105 | env: 106 | CONTAINER_NAME: "tembo-pg-slim" 107 | steps: 108 | - uses: actions/checkout@v4 109 | - name: Build Docker images based on conditions 110 | run: | 111 | IMAGE_NAME=$CONTAINER_NAME:${{ matrix.pg_version }} 112 | docker build ./$CONTAINER_NAME --build-arg PG_VERSION=${{ matrix.pg_version }} --build-arg PG_TAG=REL_${{ matrix.pg_tag }} -t $IMAGE_NAME 113 | shell: bash 114 | - name: Login to Tembo Quay 115 | uses: docker/login-action@v2 116 | with: 117 | registry: ${{ secrets.QUAY_REPOSITORY }} 118 | username: ${{ secrets.QUAY_USER_TEMBO }} 119 | password: ${{ secrets.QUAY_PASSWORD_TEMBO }} 120 | - name: Push to Quay 121 | shell: bash 122 | run: | 123 | set -xe 124 | IMAGE_NAME=$CONTAINER_NAME:${{ matrix.pg_version }} 125 | IFS=' ' read -ra TAG_ARRAY <<< "${{ needs.pre-build.outputs.tags }}" 126 | for tag in "${TAG_ARRAY[@]}"; do 127 | docker tag $IMAGE_NAME ${{ secrets.QUAY_REPOSITORY }}/$IMAGE_NAME-$tag 128 | docker push ${{ secrets.QUAY_REPOSITORY }}/$IMAGE_NAME-$tag 129 | done 130 | 131 | standard-cnpg-build: 132 | name: 📐 standard-cnpg 🐘 ${{ matrix.pg_version }} 133 | needs: [pre-build, tembo-pg-slim-build] 134 | permissions: 135 | id-token: write 136 | contents: read 137 | runs-on: 138 | - "runs-on=${{ github.run_id }}-standard-cnpg" 139 | - "runner=large-amd64" 140 | - "cpu=8" 141 | - "ram=16" 142 | strategy: 143 | fail-fast: false 144 | matrix: ${{fromJson(needs.pre-build.outputs.build_matrix)}} 145 | env: 146 | CONTAINER_NAME: "standard-cnpg" 147 | steps: 148 | - uses: actions/checkout@v4 149 | - name: Build Docker images based on conditions 150 | run: | 151 | IMAGE_NAME=$CONTAINER_NAME:${{ matrix.pg_version }} 152 | docker build ./$CONTAINER_NAME --build-arg PG_VERSION=${{ matrix.pg_version }} --build-arg PG_VERSION=${{ matrix.pg_version }} --build-arg TAG=${{ needs.pre-build.outputs.short_sha }} -t $IMAGE_NAME 153 | shell: bash 154 | - name: Login to Tembo Quay 155 | uses: docker/login-action@v2 156 | with: 157 | registry: ${{ secrets.QUAY_REPOSITORY }} 158 | username: ${{ secrets.QUAY_USER_TEMBO }} 159 | password: ${{ secrets.QUAY_PASSWORD_TEMBO }} 160 | - name: Push to Quay 161 | shell: bash 162 | run: | 163 | set -xe 164 | IMAGE_NAME=$CONTAINER_NAME:${{ matrix.pg_version }} 165 | IFS=' ' read -ra TAG_ARRAY <<< "${{ needs.pre-build.outputs.tags }}" 166 | for tag in "${TAG_ARRAY[@]}"; do 167 | docker tag $IMAGE_NAME ${{ secrets.QUAY_REPOSITORY }}/$IMAGE_NAME-$tag 168 | docker push ${{ secrets.QUAY_REPOSITORY }}/$IMAGE_NAME-$tag 169 | done 170 | - name: Configure AWS credentials for ECR 171 | uses: aws-actions/configure-aws-credentials@v4 172 | with: 173 | role-to-assume: ${{ secrets.GHA_IAM_ROLE }} 174 | role-session-name: images-gha-docker-build-and-push 175 | aws-region: "us-east-1" 176 | - name: Install awscli 177 | uses: unfor19/install-aws-cli-action@v1 178 | - name: Push to ECR 179 | shell: bash 180 | run: | 181 | set -xe 182 | IMAGE_NAME=$CONTAINER_NAME:${{ matrix.pg_version }} 183 | IFS=' ' read -ra TAG_ARRAY <<< "${{ needs.pre-build.outputs.tags }}" 184 | for tag in "${TAG_ARRAY[@]}"; do 185 | aws ecr get-login-password --region us-east-1 | docker login --username AWS --password-stdin ${{ secrets.ECR_REGISTRY }}/$CONTAINER_NAME 186 | docker tag $IMAGE_NAME ${{ secrets.ECR_REGISTRY }}/$IMAGE_NAME-$tag 187 | docker push ${{ secrets.ECR_REGISTRY }}/$IMAGE_NAME-$tag 188 | done 189 | 190 | ml-cnpg-build: 191 | name: 🤖 ml-cnpg 🐘 ${{ matrix.pg_version }} 192 | needs: [pre-build, standard-cnpg-build] 193 | permissions: 194 | id-token: write 195 | contents: read 196 | runs-on: 197 | - "runs-on=${{ github.run_id }}-ml-cnpg" 198 | - "runner=large-amd64" 199 | - "cpu=8" 200 | - "ram=16" 201 | strategy: 202 | fail-fast: false 203 | matrix: ${{fromJson(needs.pre-build.outputs.build_matrix)}} 204 | env: 205 | CONTAINER_NAME: "ml-cnpg" 206 | steps: 207 | - uses: actions/checkout@v4 208 | - name: Build Docker images based on conditions 209 | run: | 210 | if [[ "${{ matrix.pg_version }}" == "14" ]]; then 211 | echo "Skipping build ML for Postgres 14" 212 | exit 0 213 | fi 214 | IMAGE_NAME=$CONTAINER_NAME:${{ matrix.pg_version }} 215 | docker build ./$CONTAINER_NAME --build-arg PG_VERSION=${{ matrix.pg_version }} --build-arg TAG=${{ needs.pre-build.outputs.short_sha }} -t $IMAGE_NAME 216 | shell: bash 217 | - name: Login to Tembo Quay 218 | uses: docker/login-action@v2 219 | with: 220 | registry: ${{ secrets.QUAY_REPOSITORY }} 221 | username: ${{ secrets.QUAY_USER_TEMBO }} 222 | password: ${{ secrets.QUAY_PASSWORD_TEMBO }} 223 | - name: Push to Quay 224 | shell: bash 225 | run: | 226 | if [[ "${{ matrix.pg_version }}" == "14" ]]; then 227 | echo "Skipping publishing ML for Postgres 14" 228 | exit 0 229 | fi 230 | set -xe 231 | IMAGE_NAME=$CONTAINER_NAME:${{ matrix.pg_version }} 232 | IFS=' ' read -ra TAG_ARRAY <<< "${{ needs.pre-build.outputs.tags }}" 233 | for tag in "${TAG_ARRAY[@]}"; do 234 | docker tag $IMAGE_NAME ${{ secrets.QUAY_REPOSITORY }}/$IMAGE_NAME-$tag 235 | docker push ${{ secrets.QUAY_REPOSITORY }}/$IMAGE_NAME-$tag 236 | done 237 | - name: Configure AWS credentials for ECR 238 | uses: aws-actions/configure-aws-credentials@v4 239 | with: 240 | role-to-assume: ${{ secrets.GHA_IAM_ROLE }} 241 | role-session-name: images-gha-docker-build-and-push 242 | aws-region: "us-east-1" 243 | - name: Install awscli 244 | uses: unfor19/install-aws-cli-action@v1 245 | - name: Push to ECR 246 | shell: bash 247 | run: | 248 | if [[ "${{ matrix.pg_version }}" == "14" ]]; then 249 | echo "Skipping publishing ML for Postgres 14" 250 | exit 0 251 | fi 252 | set -xe 253 | IMAGE_NAME=$CONTAINER_NAME:${{ matrix.pg_version }} 254 | IFS=' ' read -ra TAG_ARRAY <<< "${{ needs.pre-build.outputs.tags }}" 255 | for tag in "${TAG_ARRAY[@]}"; do 256 | aws ecr get-login-password --region us-east-1 | docker login --username AWS --password-stdin ${{ secrets.ECR_REGISTRY }}/$CONTAINER_NAME 257 | docker tag $IMAGE_NAME ${{ secrets.ECR_REGISTRY }}/$IMAGE_NAME-$tag 258 | docker push ${{ secrets.ECR_REGISTRY }}/$IMAGE_NAME-$tag 259 | done 260 | 261 | geo-cnpg-build: 262 | name: 🌍 geo-cnpg 🐘 ${{ matrix.pg_version }} 263 | needs: [pre-build, standard-cnpg-build] 264 | permissions: 265 | id-token: write 266 | contents: read 267 | runs-on: 268 | - "runs-on=${{ github.run_id }}-geo-cnpg" 269 | - "runner=large-amd64" 270 | - "cpu=8" 271 | - "ram=16" 272 | strategy: 273 | fail-fast: false 274 | matrix: ${{fromJson(needs.pre-build.outputs.build_matrix)}} 275 | env: 276 | CONTAINER_NAME: "geo-cnpg" 277 | steps: 278 | - uses: actions/checkout@v4 279 | - name: Build Docker images based on conditions 280 | run: | 281 | IMAGE_NAME=$CONTAINER_NAME:${{ matrix.pg_version }} 282 | docker build ./$CONTAINER_NAME --build-arg PG_VERSION=${{ matrix.pg_version }} --build-arg TAG=${{ needs.pre-build.outputs.short_sha }} -t $IMAGE_NAME 283 | shell: bash 284 | - name: Login to Tembo Quay 285 | uses: docker/login-action@v2 286 | with: 287 | registry: ${{ secrets.QUAY_REPOSITORY }} 288 | username: ${{ secrets.QUAY_USER_TEMBO }} 289 | password: ${{ secrets.QUAY_PASSWORD_TEMBO }} 290 | - name: Push to Quay 291 | shell: bash 292 | run: | 293 | set -xe 294 | IMAGE_NAME=$CONTAINER_NAME:${{ matrix.pg_version }} 295 | IFS=' ' read -ra TAG_ARRAY <<< "${{ needs.pre-build.outputs.tags }}" 296 | for tag in "${TAG_ARRAY[@]}"; do 297 | docker tag $IMAGE_NAME ${{ secrets.QUAY_REPOSITORY }}/$IMAGE_NAME-$tag 298 | docker push ${{ secrets.QUAY_REPOSITORY }}/$IMAGE_NAME-$tag 299 | done 300 | - name: Configure AWS credentials for ECR 301 | uses: aws-actions/configure-aws-credentials@v4 302 | with: 303 | role-to-assume: ${{ secrets.GHA_IAM_ROLE }} 304 | role-session-name: images-gha-docker-build-and-push 305 | aws-region: "us-east-1" 306 | - name: Install awscli 307 | uses: unfor19/install-aws-cli-action@v1 308 | - name: Push to ECR 309 | shell: bash 310 | run: | 311 | set -xe 312 | IMAGE_NAME=$CONTAINER_NAME:${{ matrix.pg_version }} 313 | IFS=' ' read -ra TAG_ARRAY <<< "${{ needs.pre-build.outputs.tags }}" 314 | for tag in "${TAG_ARRAY[@]}"; do 315 | aws ecr get-login-password --region us-east-1 | docker login --username AWS --password-stdin ${{ secrets.ECR_REGISTRY }}/$CONTAINER_NAME 316 | docker tag $IMAGE_NAME ${{ secrets.ECR_REGISTRY }}/$IMAGE_NAME-$tag 317 | docker push ${{ secrets.ECR_REGISTRY }}/$IMAGE_NAME-$tag 318 | done 319 | 320 | tembo-pg-cnpg-build: 321 | name: ☁️ tembo-pg-cnpg 🐘 ${{ matrix.pg_version }} 322 | needs: [pre-build, tembo-pg-slim-build] 323 | permissions: 324 | id-token: write 325 | contents: read 326 | runs-on: 327 | - "runs-on=${{ github.run_id }}-tembo-pg-cnpg" 328 | - "runner=large-amd64" 329 | - "cpu=8" 330 | - "ram=16" 331 | strategy: 332 | fail-fast: false 333 | matrix: ${{fromJson(needs.pre-build.outputs.build_matrix)}} 334 | env: 335 | CONTAINER_NAME: "tembo-pg-cnpg" 336 | steps: 337 | - uses: actions/checkout@v4 338 | - name: Build Docker images based on conditions 339 | run: | 340 | IMAGE_NAME=$CONTAINER_NAME:${{ matrix.pg_version }} 341 | docker build ./$CONTAINER_NAME --build-arg PG_VERSION=${{ matrix.pg_version }} --build-arg TAG=${{ needs.pre-build.outputs.short_sha }} -t $IMAGE_NAME 342 | shell: bash 343 | - name: Login to Tembo Quay 344 | uses: docker/login-action@v2 345 | with: 346 | registry: ${{ secrets.QUAY_REPOSITORY }} 347 | username: ${{ secrets.QUAY_USER_TEMBO }} 348 | password: ${{ secrets.QUAY_PASSWORD_TEMBO }} 349 | - name: Push to Quay 350 | shell: bash 351 | run: | 352 | set -xe 353 | IMAGE_NAME=$CONTAINER_NAME:${{ matrix.pg_version }} 354 | IFS=' ' read -ra TAG_ARRAY <<< "${{ needs.pre-build.outputs.tags }}" 355 | for tag in "${TAG_ARRAY[@]}"; do 356 | docker tag $IMAGE_NAME ${{ secrets.QUAY_REPOSITORY }}/$IMAGE_NAME-$tag 357 | docker push ${{ secrets.QUAY_REPOSITORY }}/$IMAGE_NAME-$tag 358 | done 359 | -------------------------------------------------------------------------------- /.github/workflows/publish-trunk.yaml: -------------------------------------------------------------------------------- 1 | name: 🚀 Publish Trunk 2 | 3 | on: 4 | push: 5 | branches: 6 | - main 7 | paths: 8 | - 'trunk/**' 9 | pull_request: 10 | branches: 11 | - main 12 | paths: 13 | - 'trunk/**' 14 | 15 | jobs: 16 | build-and-release: 17 | name: 🚀 Build and Release 18 | runs-on: [ubuntu-latest] 19 | steps: 20 | - uses: actions/checkout@v4 21 | - name: Build Trunk 22 | run: docker build ./trunk -t trunk 23 | shell: bash 24 | - name: Log into Quay 25 | uses: docker/login-action@v2 26 | with: 27 | registry: ${{ secrets.QUAY_REPOSITORY }} 28 | username: ${{ secrets.QUAY_USER_TEMBO }} 29 | password: ${{ secrets.QUAY_PASSWORD_TEMBO }} 30 | - name: Push to Quay 31 | if: github.ref_name == 'main' 32 | shell: bash 33 | run: | 34 | set -xe 35 | TAG="$(perl -nE '/TRUNK_VER\s*=\s*(.+)/ && do { print $1; exit }' trunk/Dockerfile)" 36 | docker tag trunk ${{ secrets.QUAY_REPOSITORY }}/trunk:$TAG 37 | docker push ${{ secrets.QUAY_REPOSITORY }}/trunk:$TAG 38 | docker tag trunk ${{ secrets.QUAY_REPOSITORY }}/trunk:latest 39 | docker push ${{ secrets.QUAY_REPOSITORY }}/trunk:latest 40 | -------------------------------------------------------------------------------- /.gitignore: -------------------------------------------------------------------------------- 1 | .DS_Store 2 | target/ 3 | Cargo.lock 4 | *.iml 5 | **/*.rs.bk 6 | .vscode/ 7 | vendor/ 8 | -------------------------------------------------------------------------------- /CONTAINER_README.md: -------------------------------------------------------------------------------- 1 | Tembo PostgreSQL 2 | ================ 3 | 4 | You have shelled into an instance of Tembo Postgres. All of persistent files 5 | live here in `/var/lib/postgresql`. Here's a description of subdirectories and 6 | their purposes: 7 | 8 | * `data`: The directory in which the Docker entrypoint initializes 9 | a cluster and which [Tembo Cloud] mounts as a persistent volume. 10 | * `data/pgdata`: The data directory initialized by the Docker entrypoint and 11 | [Tembo Cloud]. 12 | * `data/lib`: A directory for shared library files required by extensions. 13 | * `data/mod`: A directory for extension module library files. 14 | * `data/share`: The directory for architecture-independent support files 15 | used by Postgres. This is the directory used by `pg_config --sharedir` to 16 | install non-binary extension files. 17 | 18 | Other useful locations around the system: 19 | 20 | * `/usr/lib/postgresql`: The base directory for Postgres itself. 21 | * `/usr/local/bin/docker-entrypoint.sh`: The docker entrypoint script, which 22 | initializes and starts a Postgres cluster in `/var/lib/postgresql/data/pgdata`. 23 | 24 | [CloudNativePG]: https://cloudnative-pg.io 25 | [Tembo Cloud]: https://tembo.io/docs/product/cloud/overview "Tembo Cloud Overview" 26 | -------------------------------------------------------------------------------- /Dockerfile: -------------------------------------------------------------------------------- 1 | # syntax=docker/dockerfile:1.7-labs 2 | ARG BASE 3 | ARG OS_NAME 4 | ARG PG_VERSION 5 | ARG PG_MAJOR=${PG_VERSION%%.*} 6 | ARG PG_PREFIX=/usr/lib/postgresql 7 | ARG PG_HOME=/var/lib/postgresql 8 | ARG DATA_VOLUME=${PG_HOME}/data 9 | 10 | # Tembo-specific volume mount, sharedir, dynamic_library_path target, and 11 | # System LLD dir. 12 | ARG TEMBO_SHARE_DIR=${DATA_VOLUME}/share 13 | ARG TEMBO_PG_MOD_DIR=${DATA_VOLUME}/mod 14 | ARG TEMBO_LD_LIB_DIR=${DATA_VOLUME}/lib 15 | 16 | # Set rpath to search the Postgres lib directory, then the Tembo Postgres lib 17 | # directory, where Trunk-installed extension libraries will live, and the 18 | # Tembo OS lib directory, where Tembox-installed third-party libraries will 19 | # live. https://lekensteyn.nl/rpath.html 20 | ARG TEMBO_RPATH=${PG_PREFIX}/lib:${TEMBO_PG_MOD_DIR}:${TEMBO_LD_LIB_DIR} 21 | 22 | ############################################################################## 23 | # Build PostgreSQL. 24 | FROM ${BASE} AS build 25 | ARG PG_VERSION PG_PREFIX TEMBO_SHARE_DIR TEMBO_RPATH TARGETARCH 26 | WORKDIR /work 27 | 28 | # Upgrade to the latest packages and install dependencies. 29 | ENV DEBIAN_FRONTEND=noninteractive 30 | RUN apt-get update; apt-get upgrade -y && apt-get install -y \ 31 | locales \ 32 | libreadline-dev \ 33 | zlib1g-dev \ 34 | build-essential \ 35 | python3-dev \ 36 | tcl-dev \ 37 | libxslt1-dev \ 38 | libperl-dev \ 39 | libpam0g-dev \ 40 | libssl-dev \ 41 | xz-utils \ 42 | libnss-wrapper \ 43 | llvm \ 44 | clang \ 45 | icu-devtools \ 46 | pkg-config \ 47 | libgss-dev \ 48 | libkrb5-dev \ 49 | uuid-dev \ 50 | gettext \ 51 | liblz4-dev \ 52 | libsystemd-dev \ 53 | libselinux1-dev \ 54 | libzstd-dev \ 55 | flex \ 56 | bison 57 | 58 | # Download and unpack the PostgreSQL source. 59 | ADD https://ftp.postgresql.org/pub/source/v${PG_VERSION}/postgresql-${PG_VERSION}.tar.bz2 . 60 | RUN tar jxf postgresql-${PG_VERSION}.tar.bz2 61 | WORKDIR /work/postgresql-${PG_VERSION} 62 | 63 | # Compile and install PostgreSQL. 64 | RUN set -ex; \ 65 | ./configure \ 66 | CFLAGS="-g -O2 -fstack-protector-strong -Wformat -Werror=format-security -fno-omit-frame-pointer -Wl,-rpath,${TEMBO_RPATH}" \ 67 | LDFLAGS="-Wl,-z,relro -Wl,-z,now" \ 68 | --prefix="${PG_PREFIX}" \ 69 | --datarootdir="${TEMBO_SHARE_DIR}" \ 70 | --docdir="${PG_PREFIX}/doc" \ 71 | --htmldir="${PG_PREFIX}/html" \ 72 | --localedir="${PG_PREFIX}/locale" \ 73 | --mandir="${PG_PREFIX}/man" \ 74 | --with-perl \ 75 | --with-python \ 76 | --with-tcl \ 77 | --with-pam \ 78 | --with-libxml \ 79 | --with-libxslt \ 80 | --with-openssl \ 81 | --enable-nls \ 82 | --enable-thread-safety \ 83 | --enable-debug \ 84 | --with-uuid=e2fs \ 85 | --with-gnu-ld \ 86 | --with-gssapi \ 87 | --with-pgport=5432 \ 88 | --with-system-tzdata=/usr/share/zoneinfo \ 89 | --with-icu \ 90 | --with-llvm \ 91 | --with-lz4 \ 92 | --with-zstd \ 93 | --with-systemd \ 94 | --with-selinux; \ 95 | make -j$(nproc); \ 96 | make install; \ 97 | make -C contrib/auto_explain install; \ 98 | make -C contrib/pg_stat_statements install; 99 | 100 | # Download and install the latest trunk release. 101 | RUN set -ex; \ 102 | tag="$(curl -sLH 'Accept: application/json' https://github.com/tembo-io/trunk/releases/latest | sed -e 's/.*"tag_name":"\([^"]*\)".*/\1/')"; \ 103 | curl -L https://github.com/tembo-io/trunk/releases/download/$tag/trunk-$tag-linux-${TARGETARCH}.tar.gz \ 104 | | tar zxf - --strip-components=1 -C /usr/local/bin trunk-$tag-linux-${TARGETARCH}/trunk; \ 105 | trunk --version 106 | 107 | # Download and install the latest tembox release. 108 | RUN set -ex; \ 109 | tag="$(curl -sLH 'Accept: application/json' https://github.com/tembo-io/tembo-packaging/releases/latest | sed -e 's/.*"tag_name":"\([^"]*\)".*/\1/')"; \ 110 | curl -L https://github.com/tembo-io/tembo-packaging/releases/download/$tag/tembox-$tag-linux-${TARGETARCH}.tar.gz \ 111 | | tar zxf - --strip-components=1 -C /usr/local/bin tembox-$tag-linux-${TARGETARCH}/tembox; \ 112 | tembox --version 113 | 114 | ############################################################################## 115 | # Install additional stuff for the dev image. 116 | FROM build AS dev-install 117 | ARG PG_PREFIX PG_HOME TEMBO_LD_LIB_DIR TEMBO_PG_MOD_DIR 118 | 119 | ENV DEBIAN_FRONTEND=noninteractive 120 | RUN set -ex; \ 121 | apt-get install --no-install-recommends -y \ 122 | git \ 123 | chrpath \ 124 | cmake \ 125 | jq \ 126 | curl \ 127 | wget; \ 128 | apt-get clean -y; \ 129 | localedef -i en_US -c -f UTF-8 -A /usr/share/locale/locale.alias en_US.UTF-8; \ 130 | rm -rf /var/lib/apt/lists/* /var/cache/* /var/log/*; \ 131 | mkdir -p "${TEMBO_LD_LIB_DIR}" "${TEMBO_PG_MOD_DIR}"; \ 132 | groupadd -r postgres --gid=999 && \ 133 | useradd -r -g postgres --uid=26 --home-dir=${PG_HOME} --shell=/bin/bash postgres && \ 134 | chown -R postgres:postgres ${PG_HOME}; 135 | 136 | # Add the README, entrypoint and sync scripts. 137 | COPY CONTAINER_README.md "${PG_HOME}/README.md" 138 | COPY docker-entrypoint.sh /usr/local/bin/ 139 | COPY sync-volume.sh /tmp/ 140 | 141 | ############################################################################## 142 | # Build the postgres-dev image as a single layer. 143 | FROM scratch AS postgres-dev 144 | ARG PG_PREFIX PG_HOME 145 | 146 | COPY --link --from=dev-install / / 147 | WORKDIR ${PG_HOME} 148 | ENV TZ=Etc/UTC LANG=en_US.utf8 PATH=${PG_PREFIX}/bin:$PATH 149 | USER 26 150 | ENTRYPOINT ["docker-entrypoint.sh"] 151 | 152 | ############################################################################## 153 | # Install the dependencies necessary for the base image. 154 | FROM ${BASE} AS install 155 | ARG PACKAGES TEMBO_LD_LIB_DIR TEMBO_PG_MOD_DIR PG_PREFIX PG_HOME 156 | 157 | # Upgrade to the latest packages and install dependencies. 158 | ENV DEBIAN_FRONTEND=noninteractive 159 | RUN apt-get update && apt-get upgrade -y && apt-get install --no-install-recommends -y \ 160 | locales \ 161 | locales-all \ 162 | ssl-cert \ 163 | ca-certificates \ 164 | tzdata \ 165 | libssl3 \ 166 | libgssapi-krb5-2 \ 167 | libxml2 \ 168 | libxslt1.1 \ 169 | libreadline8 \ 170 | xz-utils \ 171 | libgss3 \ 172 | libkrb5-3 \ 173 | media-types \ 174 | netbase \ 175 | libexpat1 \ 176 | libsasl2-2 \ 177 | libgsl27 \ 178 | ${PACKAGES} 179 | 180 | # Copy the PostgreSQL files, trunk, and tembox. 181 | COPY --link --from=build --parents /var/lib/./postgresql /var/lib/ 182 | COPY --link --from=build --parents /usr/lib/./postgresql /usr/lib/ 183 | COPY --link --from=build /usr/local/bin/trunk /usr/local/bin/tembox /usr/local/bin/ 184 | 185 | # Clean up and finish configuration. 186 | ENV PATH=${PG_PREFIX}/bin:$PATH 187 | RUN set -xe; \ 188 | apt-get clean -y; \ 189 | localedef -i en_US -c -f UTF-8 -A /usr/share/locale/locale.alias en_US.UTF-8; \ 190 | mkdir -p "${TEMBO_LD_LIB_DIR}" "${TEMBO_PG_MOD_DIR}"; \ 191 | rm -rf /var/lib/apt/lists/* /var/cache/* /var/log/*; 192 | 193 | # Add the README, entrypoint script, and sync script. 194 | COPY CONTAINER_README.md "${PG_HOME}/README.md" 195 | COPY docker-entrypoint.sh /usr/local/bin/ 196 | COPY sync-volume.sh /tmp/ 197 | 198 | # Create the Postgres user and set its uid to what CNPG expects. 199 | RUN groupadd -r postgres --gid=999 && \ 200 | useradd -r -g postgres --uid=26 --home-dir=${PG_HOME} --shell=/bin/bash postgres && \ 201 | chown -R postgres:postgres ${PG_HOME}; 202 | 203 | ############################################################################## 204 | # Build the postgres image as a single layer. 205 | FROM scratch AS postgres 206 | ARG PG_PREFIX PG_HOME 207 | 208 | COPY --link --from=install / / 209 | WORKDIR ${PG_HOME} 210 | ENV TZ=Etc/UTC LANG=en_US.utf8 PATH=${PG_PREFIX}/bin:$PATH 211 | USER 26 212 | ENTRYPOINT ["docker-entrypoint.sh"] 213 | -------------------------------------------------------------------------------- /LICENSE: -------------------------------------------------------------------------------- 1 | The PostgreSQL License 2 | 3 | Copyright (c) 2023, Tembo 4 | 5 | Permission to use, copy, modify, and distribute this software and its documentation for any purpose, without fee, and without a written agreement is hereby granted, provided that the above copyright notice and this paragraph and the following two paragraphs appear in all copies. 6 | 7 | IN NO EVENT SHALL TEMBO BE LIABLE TO ANY PARTY FOR DIRECT, INDIRECT, SPECIAL, INCIDENTAL, OR CONSEQUENTIAL DAMAGES, INCLUDING LOST PROFITS, ARISING OUT OF THE USE OF THIS SOFTWARE AND ITS DOCUMENTATION, EVEN IF TEMBO HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 8 | 9 | TEMBO SPECIFICALLY DISCLAIMS ANY WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. THE SOFTWARE PROVIDED HEREUNDER IS ON AN "AS IS" BASIS, AND TEMBO HAS NO OBLIGATIONS TO PROVIDE MAINTENANCE, SUPPORT, UPDATES, ENHANCEMENTS, OR MODIFICATIONS. 10 | -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 | # Tembo Postgres Docker Images 2 | 3 | This repository contains the resources to build the Postgre Docker images for 4 | [Tembo Cloud]. It builds images for the latest releases of Postgres 14–17 on 5 | Ubuntu Noble (24.04) and Jimmy (22.04) for the ARM64 and AMD64 processors. 6 | 7 | ## Key Features 8 | 9 | * Simple entrypoint script to run a standalone in Docker an connect from 10 | inside the container: 11 | 12 | ```sh 13 | docker run --name tembo-postgres -d quay.io/tembo/postgres 14 | docker exec -it tembo-postgres psql 15 | ``` 16 | 17 | * Based on the latest and previous LTS Ubuntu [Ubuntu Linux], currently 18 | 24.04 LTS "Noble Numbat" and 22.04 LTS "Jammy Jellyfish". 19 | 20 | * Built for AMD64 (x86_64) and ARM64 (AArch64) processors. 21 | 22 | * Automatically rebuilt every Monday to ensure they remain up-to-date. 23 | 24 | * In addition to `quay.io/tembo/postgres`, als builds 25 | `quay.io/tembo/postgres-dev`, which contains the tooling to compile 26 | extensions, including compilers, Git, Curl, and more. 27 | 28 | ## Building 29 | 30 | The easiest way to build and load the `postgres` and `postgres-dev` images 31 | into Docker is to set up a temporary registry, push to it, then pull from it: 32 | 33 | ```sh 34 | docker run -d -p 5001:5000 --restart=always --name registry registry:2 35 | registry=localhost:5001 arch="$(uname -m)" pg_version=17.4 docker buildx bake --push 36 | docker pull localhost:5001/postgres 37 | docker pull localhost:5001/postgres-dev 38 | ``` 39 | 40 | Set these environment variables to modify the build behavior: 41 | 42 | * `registry`: The name of the registry to push to. Defaults to 43 | `quay.io/tembo`. 44 | * `revision`: Current Git commit SHA. Used for annotations, not really 45 | needed for testing, but can be set via `revision="$(git rev-parse HEAD)"`. 46 | * `pg`: The version of Postgres to build, in `$major.$minor` format. 47 | * `os`: The OS version to build on. Currently one of "noble" or "jammy". 48 | * `arch`: The CPU architecture to build for. Use `uname -m` to get a valid 49 | value. 50 | 51 | ## Running with Tembo Operator 52 | 53 | To run the image locally with the Tembo Operator, you'll need: 54 | 55 | * [docker](https://www.docker.com) 56 | * [just](https://just.systems/man/en/packages.html) 57 | * [kind](https://kind.sigs.k8s.io/docs/user/quick-start/#installation) 58 | * [Rust](https://www.rust-lang.org/tools/install) 59 | 60 | 1. Start a local registry on port 5001: 61 | 62 | ```sh 63 | docker run -d -p 5001:5000 --restart=always --name registry registry:2 64 | ``` 65 | 66 | 2. Build Tembo Postgres and push it to the local registry: 67 | 68 | ```sh 69 | registry=localhost:5001 arch="$(uname -m)" docker buildx bake --push 70 | ``` 71 | 72 | 3. If you haven't already, clone the tembo repository and navigate to the 73 | `tembo-operator` directory. 74 | 75 | ```sh 76 | git clone https://github.com/tembo-io/tembo.git 77 | cd tembo/tembo-operator 78 | ``` 79 | 80 | 4. Run the following commands to start the Tembo Operator: 81 | 82 | ```sh 83 | just start-kind 84 | just run 85 | ``` 86 | 87 | 5. Edit `yaml/sample-standard.yaml` and set `image` to the image name: 88 | 89 | ```yaml 90 | image: localhost:5001/postgres:latest 91 | ``` 92 | 93 | 6. Load the image into the `kind` Kubernetes registry and create the cluster: 94 | 95 | ```sh 96 | kind load docker-image localhost:5001/postgres:17 97 | kubectl apply -f yaml/sample-standard.yaml 98 | ``` 99 | 100 | 7. To check for success, run: 101 | 102 | ```sh 103 | kubectl get pods 104 | ``` 105 | 106 | 8. Connect to the pod for further testing and exploration: 107 | 108 | ```sh 109 | kubectl exec -it -c postgres sample-standard-1 -- bash 110 | kubectl exec -it -c postgres sample-standard-1 -- psql 111 | ``` 112 | 113 | 9. When done, hit `ctrl+c ` to shut down the operator, then delete the `kind` 114 | cluster and the registry: 115 | 116 | ```sh 117 | kind delete cluster 118 | docker rm -f registry 119 | ``` 120 | 121 | ## Details 122 | 123 | ### Tags 124 | 125 | The tags include the Postgres version, OS name, and timestamp e.g., 126 | 127 | * `postgres:17-jammy` 128 | * `postgres:17.4-jammy` 129 | * `postgres:17.4-jammy-202503041708` 130 | 131 | Images built on the latest OS, also have the tags: 132 | 133 | * `postgres:17` 134 | * `postgres:17.4` 135 | 136 | And an image built on the latest Postgres includes the tag: 137 | 138 | * `postgres:latest` 139 | 140 | ### Directories 141 | 142 | * `/var/lib/postgresql`: The home directory for the `postgres` user where 143 | all the potentially persistent data files and libraries live. 144 | 145 | * `/var/lib/postgresql/data`: The directory where the Docker entrypoint 146 | script initializes the database in the `pgdata` subdirectory, and where 147 | [Tembo Cloud] mounts a persistent volume and stores persistent data: 148 | * `pgdata`: Tembo initializes and runs the cluster from this 149 | subdirectory. 150 | * `mod`: Tembo stores extension module libraries this subdirectory. 151 | * `share`: Tembo stores and extension data files in this subdirectory. 152 | * `lib`: Tembo stores shared libraries required by extensions in this 153 | subdirectory. 154 | 155 | * `/usr/lib/postgresql`: The home of the PostgreSQL binaries, libraries, and 156 | header & locale files. Immutable in [Tembo Cloud]. 157 | 158 | ### Cloud Native Postgres Support 159 | 160 | Unfortunately, this image does not work on [CloudNativePG]. This is because it 161 | currently stores files in `/var/lib/postgresql/data` that [CloudNativePG] 162 | masks when it mounts the directory as a volume. 163 | 164 | ## Tasks 165 | 166 | ### Postgres Minor Release 167 | 168 | * Update the list under `jobs.bake.strategy.matrix.pg` in 169 | `.github/workflows/bake.yaml`. 170 | * Update the default value of the `pg` variable definition in 171 | `docker-bake.hcl`. 172 | 173 | ### Ubuntu Minor Release 174 | 175 | * Update the `digest` values in the `os_spec` variable definition in 176 | `docker-bake.hcl`. 177 | 178 | ### Postgres Major Release 179 | 180 | * Update the default value of the `pg` and `latest_pg` variable definitions 181 | in `docker-bake.hcl`. 182 | * Update the list under `jobs.bake.strategy.matrix.pg` in 183 | `.github/workflows/bake.yaml`. 184 | * Update the `LATEST_PG` constant in `manifest.js`. 185 | * Update examples in `README.md`. 186 | 187 | ### Ubuntu Major Release 188 | 189 | * Add a new object to the `os_spec` variable and update the the `os` and 190 | `latest_os` variable definitions in `docker-bake.hcl`. 191 | * Update the list under `jobs.bake.strategy.matrix.os` in 192 | `.github/workflows/bake.yaml`. 193 | * Update the `LATEST_OS` constant in `manifest.js`. 194 | * Update examples in `README.md`. 195 | 196 | [Tembo Cloud]: https://tembo.io/docs/product/cloud/overview "Tembo Cloud Overview" 197 | [CloudNativePG]: https://cloudnative-pg.io "CloudNativePG - PostgreSQL Operator for Kubernetes" 198 | -------------------------------------------------------------------------------- /docker-bake.hcl: -------------------------------------------------------------------------------- 1 | # Variables to be specified externally. 2 | variable "registry" { 3 | default = "quay.io/tembo" 4 | description = "The image registry." 5 | } 6 | 7 | variable "revision" { 8 | default = "" 9 | description = "The current Git commit SHA." 10 | } 11 | 12 | variable pg { 13 | default = "17.4" 14 | description = "Version of Postgres to build. Must be major.minor." 15 | } 16 | 17 | variable os { 18 | default = latest_os 19 | description = "OS to build, one of “noble” or “jammy”." 20 | validation { 21 | condition = contains(keys(os_spec), os) 22 | error_message = "os must be one of ${join(", ", keys(os_spec))}" 23 | } 24 | } 25 | 26 | variable arch { 27 | default = "" 28 | description = "CPU Architecture to build." 29 | validation { 30 | condition = contains(keys(arch_for), arch) 31 | error_message = "arch must be one of ${join(", ", keys(arch_for))}" 32 | } 33 | } 34 | 35 | # Internal variables. 36 | variable latest_os { 37 | default = "noble" 38 | description = "Defines the current latest OS name." 39 | } 40 | 41 | variable latest_pg { 42 | default = "17" 43 | description = "Defines the current latest PostgreSQL major version." 44 | } 45 | 46 | variable os_spec { 47 | description = "Info about the base OS images. Update the config to support new releases." 48 | default = { 49 | noble = { 50 | image = "quay.io/tembo/ubuntu:24.04", 51 | digest = "72297848456d5d37d1262630108ab308d3e9ec7ed1c3286a32fe09856619a782" 52 | packages = "libicu74 libaio1t64 libgdbm-compat4t64" 53 | }, 54 | jammy = { 55 | image = "quay.io/tembo/ubuntu:22.04", 56 | digest = "ed1544e454989078f5dec1bfdabd8c5cc9c48e0705d07b678ab6ae3fb61952d2" 57 | packages = "libicu70 libaio1 libgdbm-compat4" 58 | } 59 | } 60 | } 61 | 62 | variable arch_for { 63 | description = "Simple map of common `uname -m` architecture names to the canonical name." 64 | default = { 65 | amd64 = "amd64" 66 | x86_64 = "amd64" 67 | x64 = "amd64" 68 | x86-64 = "amd64" 69 | arm64 = "arm64" 70 | aarch64 = "arm64" 71 | } 72 | } 73 | 74 | # Values to use in the targets. 75 | now = timestamp() 76 | authors = "Tembo" 77 | url = "https://github.com/tembo-io/tembo-images" 78 | 79 | target "default" { 80 | matrix = { 81 | tgt = [ 82 | "postgres", 83 | "postgres-dev", 84 | ], 85 | } 86 | target = "${tgt}" 87 | platforms = ["linux/${arch_for[arch]}"] 88 | context = "." 89 | dockerfile = "Dockerfile" 90 | name = "${replace(tgt, "-", "_")}-${replace(pg, ".", "_")}-${arch_for[arch]}-${os}" 91 | # Push by SHA only. 92 | set = "output=type=image,push-by-digest=true,push=true" 93 | tags = ["${registry}/${tgt}"] 94 | args = { 95 | PG_VERSION = "${pg}" 96 | BASE = "${os_spec[os].image}@sha256:${os_spec[os].digest}" 97 | OS_NAME = "${os}" 98 | PACKAGES = "${os_spec[os].packages}" 99 | } 100 | annotations = [ 101 | "index,manifest:org.opencontainers.image.created=${now}", 102 | "index,manifest:org.opencontainers.image.url=${url}", 103 | "index,manifest:org.opencontainers.image.source=${url}", 104 | "index,manifest:org.opencontainers.image.version=${pg}", 105 | "index,manifest:org.opencontainers.image.revision=${revision}", 106 | "index,manifest:org.opencontainers.image.vendor=${authors}", 107 | "index,manifest:org.opencontainers.image.title=${title_for(tgt, pg)}", 108 | "index,manifest:org.opencontainers.image.description=${title_for(tgt, pg)}", 109 | "index,manifest:org.opencontainers.image.documentation=${url}", 110 | "index,manifest:org.opencontainers.image.authors=${authors}", 111 | "index,manifest:org.opencontainers.image.licenses=PostgreSQL", 112 | "index,manifest:org.opencontainers.image.base.name=${os_spec[os].image}", 113 | "index,manifest:org.opencontainers.image.base.digest=${os_spec[os].digest}", 114 | ] 115 | labels = { 116 | "org.opencontainers.image.created" = "${now}", 117 | "org.opencontainers.image.url" = "${url}", 118 | "org.opencontainers.image.source" = "${url}", 119 | "org.opencontainers.image.version" = "${pg}", 120 | "org.opencontainers.image.revision" = "${pg}", 121 | "org.opencontainers.image.vendor" = "${authors}", 122 | "org.opencontainers.image.title" = "${title_for(tgt, pg)}", 123 | "org.opencontainers.image.description" = "${title_for(tgt, pg)}", 124 | "org.opencontainers.image.documentation" = "${url}", 125 | "org.opencontainers.image.authors" = "${authors}", 126 | "org.opencontainers.image.licenses" = "PostgreSQL" 127 | "org.opencontainers.image.base.name" = "${os_spec[os].image}", 128 | "org.opencontainers.image.base.digest" = "${os_spec[os].digest}", 129 | } 130 | } 131 | 132 | # Returns the major of a PostgreSQL version. For example, returns `17` for 133 | # `17.4`. 134 | function major { 135 | params = [ version ] 136 | result = index(split(".",version), 0) 137 | } 138 | 139 | # Returns the title of the target image. 140 | function title_for { 141 | params = [ tgt, pgv ] 142 | result = "Tembo PostgreSQL ${pgv}${tgt == "postgres" ? "" : " for Development"}" 143 | } 144 | -------------------------------------------------------------------------------- /docker-entrypoint.sh: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env bash 2 | set -Eeo pipefail 3 | 4 | # Starts a simply-configured server with default authentication that trusts 5 | # local connections from inside the container. 6 | 7 | export PGDATA=${PGDATA:-/var/lib/postgresql/data/pgdata} 8 | 9 | main() { 10 | if [ "${1:-postgres}" != 'postgres' ]; then 11 | exec "$@" 12 | fi 13 | 14 | if [ "$(id -u)" = '0' ]; then 15 | cat >&2 <<-'EOE' 16 | Error: Postgres cannot be run by root. Please restart the container 17 | with specifying a user, or run another application on startup. 18 | EOE 19 | exit 1 20 | fi 21 | 22 | # Initialize the database. 23 | mkdir -p "$PGDATA" 24 | chmod 700 "$PGDATA" || : 25 | 26 | if [ ! -s "$PGDATA/PG_VERSION" ]; then 27 | opts=( 28 | -D "$PGDATA" 29 | -U postgres 30 | -c listen_addresses='*' 31 | -c dynamic_library_path="\$libdir:/var/lib/postgresql/data/mod" 32 | --auth trust 33 | --encoding UNICODE 34 | ) 35 | 36 | if [ "$(pg_config --version | perl -ne '/(\d+)/ & print $1')" -ge 17 ]; then 37 | # Prefer builtin C.UTF-8. 38 | opts+=(--locale-provider builtin --builtin-locale C.UTF-8) 39 | else 40 | # Default to en_US.UTF-8. 41 | opts+=(--locale en_US.UTF-8) 42 | fi 43 | 44 | initdb "${opts[@]}" 45 | fi 46 | 47 | # Start the server. Logs go to STDOUT. 48 | postgres 49 | } 50 | 51 | main "$@" 52 | -------------------------------------------------------------------------------- /geo-cnpg/Cargo.toml: -------------------------------------------------------------------------------- 1 | [package] 2 | name = "geo-cnpg" 3 | version = "15.3.0-1" 4 | edition = "2021" 5 | authors = ["tembo.io"] 6 | description = "Container image for Tembo's Geospatial Stack" 7 | homepage = "https://www.tembo.io" 8 | license = "Apache-2.0" 9 | readme = "README.md" 10 | repository = " https://github.com/tembo-io/tembo-images" 11 | publish = false 12 | 13 | 14 | # See more keys and their definitions at https://doc.rust-lang.org/cargo/reference/manifest.html. 15 | 16 | [dependencies] 17 | -------------------------------------------------------------------------------- /geo-cnpg/Dockerfile: -------------------------------------------------------------------------------- 1 | ARG PG_VERSION=15 2 | ARG TAG=latest 3 | 4 | FROM quay.io/tembo/standard-cnpg:${PG_VERSION}-${TAG} 5 | USER root 6 | 7 | WORKDIR / 8 | 9 | # Install dependencies for running postgis and mobilitydb 10 | RUN apt-get update && \ 11 | apt-get install -y \ 12 | git \ 13 | cmake \ 14 | libgeos-dev \ 15 | libproj-dev \ 16 | libprotobuf-c-dev \ 17 | protobuf-c-compiler \ 18 | libgsl-dev \ 19 | libjson-c-dev \ 20 | ninja-build \ 21 | && rm -rf /var/lib/apt/lists/* 22 | 23 | ARG ARROW_VERSION=19.0.0 24 | RUN wget "https://github.com/apache/arrow/releases/download/apache-arrow-${ARROW_VERSION}/apache-arrow-${ARROW_VERSION}.tar.gz" \ 25 | && tar zxf "apache-arrow-${ARROW_VERSION}.tar.gz" \ 26 | && cd "apache-arrow-${ARROW_VERSION}/cpp" \ 27 | && cmake -S . -B build -DARROW_PARQUET=ON -DARROW_S3=ON -DARROW_WITH_SNAPPY=ON \ 28 | && cmake --build build \ 29 | && cmake --install build \ 30 | && cd ../.. && rm -rf "apache-arrow-${ARROW_VERSION}*" 31 | 32 | # Download and install GDAL. 33 | ARG GDAL_VERSION=3.10.1 34 | RUN wget https://github.com/OSGeo/gdal/releases/download/v${GDAL_VERSION}/gdal-${GDAL_VERSION}.tar.gz \ 35 | && tar xvf "gdal-${GDAL_VERSION}.tar.gz" \ 36 | && cmake -S "gdal-${GDAL_VERSION}" -B "gdal-${GDAL_VERSION}/build" \ 37 | && cmake --build "gdal-${GDAL_VERSION}/build" \ 38 | && cmake --build "gdal-${GDAL_VERSION}/build" --target install \ 39 | && rm -rf "gdal-${GDAL_VERSION}*" 40 | 41 | # Install PostGIS and clone and build MobilityDB 42 | RUN /usr/bin/trunk install postgis --version 3.5.0 \ 43 | && git clone --depth 1 --branch v1.2.0 https://github.com/MobilityDB/MobilityDB \ 44 | && cmake -S MobilityDB -B MobilityDB/build \ 45 | && make -C MobilityDB/build -j8 install \ 46 | && rm -rf MobilityDB 47 | 48 | RUN ldconfig 49 | 50 | ENV LD_LIBRARY_PATH=/usr/local/lib:$LD_LIBRARY_PATH 51 | ENV XDG_CACHE_HOME=/var/lib/postgresql/data/tembo/.cache 52 | 53 | # Revert the postgres user to id 26 54 | RUN usermod -u 26 postgres 55 | USER 26 56 | -------------------------------------------------------------------------------- /manifest.js: -------------------------------------------------------------------------------- 1 | // To test locally: 2 | // 3 | // Set up a local registry on port 5001: 4 | // 5 | // docker run -d -p 5001:5000 --restart=always --name registry registry:2 6 | // 7 | // Bake images separately for amd64 and arm64 and push them only by their 8 | // SHAs: 9 | // 10 | // registry=localhost:5001 arch=amd64 pg=17.4 \ 11 | // docker buildx bake --metadata-file amd64.json 12 | // 13 | // registry=localhost:5001 arch=arm64 pg=17.4 \ 14 | // docker buildx bake --metadata-file arm64.json 15 | // 16 | // Run the script. 17 | // 18 | // export REGISTRY=localhost:5001 19 | // node manifest.js *.json 20 | // 21 | // Get a list of all the tags in the registry: 22 | // 23 | // curl -s localhost:5001/v2/postgres/tags/list | jq 24 | // curl -s localhost:5001/v2/postgres-dev/tags/list | jq 25 | 26 | const LATEST_OS="noble" 27 | const LATEST_PG=17 28 | 29 | const slurp = require("fs").readFileSync; 30 | 31 | if (process.argv.length < 3) { 32 | console.log(`Usage: ${ process.argv[1] } BUILD_META_FILE [BUILD_META_FILE...]`) 33 | process.exit(1) 34 | } 35 | 36 | // UTC Timestamp in YYYYMMDDhhmm format. 37 | const now = new Date().toISOString().slice(0, 16).replaceAll(/[T:-]/g, "") 38 | 39 | let images = {} 40 | 41 | for (let i = 2; i < process.argv.length; i++) { 42 | const build_meta = JSON.parse(slurp(process.argv[i], 'utf8')); 43 | 44 | for (let target in build_meta) { 45 | // Target defined by target.name in docker-bake.hcl. Example: 46 | // postgres_dev-17_4-arm64-noble 47 | const parts = target.split("-") 48 | const name = parts[0].replace("_", "-") 49 | const pgv = parts[1].replace("_", ".") 50 | const arch = parts[2], os = parts[3] 51 | const [major] = pgv.split(".") 52 | const key = `${name }-${ pgv }-${ os }` 53 | const digest = build_meta[target]["containerimage.digest"] 54 | 55 | if (!images.hasOwnProperty(key)) { 56 | // Haven't seen this target, save its digest. 57 | images[key] = digest 58 | continue 59 | } 60 | 61 | const image = `${ process.env.REGISTRY }/${ name }` 62 | 63 | // Assemble the image names with their SHAs. 64 | const shas = `${ image }@${ digest } ${ image }@${ images[key] }` 65 | 66 | // Assemble the tags. 67 | const tags = [ 68 | `${ image }:${ major }-${ os }`, 69 | `${ image }:${ pgv }-${ os }`, 70 | `${ image }:${ pgv }-${ os }-${ now }`, 71 | ] 72 | if (os == LATEST_OS) { 73 | tags.push( 74 | `${ image }:${ pgv }`, 75 | `${ image }:${ major }`, 76 | ) 77 | if (major == LATEST_PG) tags.push(`${ image }:latest`) 78 | } 79 | 80 | // Create the image manifest. 81 | exec(`docker buildx imagetools create -t ${ tags.join(" -t ") } ${ shas }`) 82 | delete images[key] 83 | } 84 | } 85 | 86 | if (!isEmpty(images)) { 87 | console.error(`Missed some images:\n ${ Object.keys(images).join("\n ") }`) 88 | process.exit(1) 89 | } 90 | 91 | function exec(cmd) { 92 | const exec = require("child_process").exec; 93 | exec(cmd, (err, stdout, stderr) => { 94 | if (stdout != "") console.log(stdout) 95 | if (err) { 96 | console.error(err.message) 97 | process.exit(2) 98 | } 99 | if (stderr != "") console.error(stderr) 100 | }) 101 | } 102 | 103 | function isEmpty(obj) { 104 | for (var prop in obj) { 105 | if (Object.prototype.hasOwnProperty.call(obj, prop)) return false; 106 | } 107 | return true 108 | } 109 | -------------------------------------------------------------------------------- /ml-cnpg/Cargo.toml: -------------------------------------------------------------------------------- 1 | [package] 2 | name = "ml-cnpg" 3 | version = "15.3.0-1" 4 | edition = "2021" 5 | authors = ["tembo.io"] 6 | description = "Container image for Tembo's ML Stack" 7 | homepage = "https://www.tembo.io" 8 | license = "Apache-2.0" 9 | readme = "README.md" 10 | repository = " https://github.com/tembo-io/tembo-images" 11 | publish = false 12 | 13 | 14 | # See more keys and their definitions at https://doc.rust-lang.org/cargo/reference/manifest.html 15 | 16 | [dependencies] -------------------------------------------------------------------------------- /ml-cnpg/Dockerfile: -------------------------------------------------------------------------------- 1 | ARG PG_VERSION=15 2 | ARG TAG=latest 3 | 4 | FROM quay.io/tembo/standard-cnpg:${PG_VERSION}-${TAG} 5 | USER root 6 | 7 | WORKDIR / 8 | 9 | # Install dependencies for running pgml 10 | RUN apt-get update \ 11 | && apt-get install -y libopenblas-base \ 12 | && apt-get autoremove -y \ 13 | && apt-get clean \ 14 | && rm -rf /var/lib/apt/lists/* 15 | 16 | # Trunk Install Needed Extensions 17 | RUN set -eux; \ 18 | trunk install hstore_plpython3u; \ 19 | trunk install jsonb_plpython3u; \ 20 | trunk install ltree_plpython3u; 21 | 22 | # Revert the postgres user to id 26 23 | RUN usermod -u 26 postgres 24 | USER 26 25 | 26 | # Install Python dependencies 27 | ENV PATH=/var/lib/postgresql/.local/bin:$PATH 28 | COPY --chown=postgres:postgres requirements.txt . 29 | COPY --chown=postgres:postgres requirements-xformers.txt . 30 | RUN set -eux; \ 31 | pip3 install -r requirements.txt; \ 32 | pip3 install -r requirements-xformers.txt --no-dependencies; 33 | 34 | ENV XDG_CACHE_HOME=/var/lib/postgresql/data/tembo/.cache 35 | ENV VECTORIZE_SOCKET_URL=postgresql:///postgres?host=/controller/run&user=postgres&dbname=postgres 36 | -------------------------------------------------------------------------------- /ml-cnpg/requirements-xformers.txt: -------------------------------------------------------------------------------- 1 | xformers==0.0.29.post1; sys_platform == 'linux' # only runs on nvidia hardware -------------------------------------------------------------------------------- /ml-cnpg/requirements.txt: -------------------------------------------------------------------------------- 1 | # Copied from https://github.com/postgresml/postgresml/blob/v2.10.0/pgml-extension/requirements.txt 2 | # Added versions by searching https://pypi.org/ 3 | # Moved xformers to requirements-xformers.txt 4 | 5 | # ML 6 | catboost==1.2.7 7 | lightgbm==4.5.0 8 | torch==2.5.1 9 | torchaudio==2.5.1 10 | torchvision==0.20.1 11 | xgboost==2.1.3 12 | 13 | # Transformers 14 | accelerate==1.3.0 15 | auto-gptq==0.7.1; sys_platform == 'linux' # only runs on nvidia hardware 16 | bitsandbytes==0.45.0 17 | ctransformers==0.2.27 18 | huggingface-hub==0.27.1 19 | deepspeed==0.16.2 20 | einops==0.8.0 21 | optimum==1.23.3 22 | peft==0.14.0 23 | tokenizers==0.21.0 24 | transformers==4.48.0 25 | transformers-stream-generator==0.0.5 26 | # xformers; sys_platform == 'linux' # only runs on nvidia hardware 27 | vllm==0.6.6.post1; sys_platform == 'linux' # only runs on linux 28 | 29 | # Embeddings 30 | sentence-transformers==3.3.1 31 | 32 | # Ratings 33 | rouge==1.0.1 34 | sacrebleu==2.5.1 35 | sacremoses==0.1.1 36 | evaluate==0.4.3 37 | trl==0.13.0 38 | 39 | # Utils 40 | datasets==3.2.0 41 | orjson==3.10.14 42 | langchain==0.3.14 43 | evaluate==0.4.3 44 | trl==0.13.0 45 | -------------------------------------------------------------------------------- /standard-cnpg/Cargo.toml: -------------------------------------------------------------------------------- 1 | [package] 2 | name = "standard-cnpg" 3 | version = "15.3.0-1" 4 | edition = "2021" 5 | authors = ["tembo.io"] 6 | description = "Container image for Tembo's Standard Stack" 7 | homepage = "https://www.tembo.io" 8 | license = "Apache-2.0" 9 | readme = "README.md" 10 | repository = "https://github.com/tembo-io/tembo-images/tree/main/standard-cnpg" 11 | publish = false 12 | 13 | 14 | # See more keys and their definitions at https://doc.rust-lang.org/cargo/reference/manifest.html 15 | 16 | [dependencies] 17 | -------------------------------------------------------------------------------- /standard-cnpg/Dockerfile: -------------------------------------------------------------------------------- 1 | ARG PG_VERSION=15 2 | ARG TAG=latest 3 | 4 | # Build trunk. 5 | FROM rust:1.85-bookworm AS builder 6 | ARG TRUNK_VER=0.16.1 7 | ENV CARGO_REGISTRIES_CRATES_IO_PROTOCOL=sparse 8 | RUN cargo install --version $TRUNK_VER pg-trunk 9 | 10 | FROM quay.io/tembo/tembo-pg-slim:${PG_VERSION}-${TAG} 11 | 12 | USER root 13 | 14 | # Install trunk 15 | COPY --from=builder /usr/local/cargo/bin/trunk /usr/bin/trunk 16 | COPY ./requirements.txt . 17 | 18 | # Install extension dependencies 19 | RUN set -eux; \ 20 | apt-get update && apt-get install -y \ 21 | libmysqlclient-dev \ 22 | libgeos-dev \ 23 | libproj-dev \ 24 | libjson-c-dev \ 25 | libjson-perl \ 26 | libprotobuf-c-dev \ 27 | libxml2-dev \ 28 | libboost-serialization1.74-dev \ 29 | libhiredis-dev \ 30 | libsybdb5 \ 31 | r-base-core \ 32 | openssl \ 33 | libpcre2-8-0 \ 34 | libopenblas0-pthread \ 35 | libcurl4 \ 36 | libsodium23 \ 37 | libgcc-s1 \ 38 | librdkafka1 \ 39 | libgdal30 \ 40 | libcrypt1 \ 41 | liburiparser1 \ 42 | libfreetype6 \ 43 | libgomp1 \ 44 | libssl3 \ 45 | libsfcgal1 \ 46 | openjdk-11-jdk \ 47 | libaio1 \ 48 | wget \ 49 | libbson-dev \ 50 | cmake \ 51 | ; \ 52 | apt-get autoremove -y; \ 53 | apt-get clean -y; \ 54 | rm -rf /var/lib/apt/lists/* 55 | 56 | # Create a symlink for libjvm.so 57 | RUN ln -s /usr/lib/jvm/java-11-openjdk-amd64/lib/server/libjvm.so /usr/lib/x86_64-linux-gnu/libjvm.so 58 | 59 | # Install Oracle Instant Client libraries 60 | RUN curl -o instantclient-basiclite-linux.x64-19.20.0.0.0dbru.zip https://download.oracle.com/otn_software/linux/instantclient/1920000/instantclient-basiclite-linux.x64-19.20.0.0.0dbru.zip && \ 61 | unzip instantclient-basiclite-linux.x64-19.20.0.0.0dbru.zip && \ 62 | cp instantclient_19_20/libclntsh.so.19.1 instantclient_19_20/libnnz19.so instantclient_19_20/libclntshcore.so.19.1 /usr/lib/x86_64-linux-gnu/ && \ 63 | rm -rf instantclient_19_20 && \ 64 | rm instantclient-basiclite-linux.x64-19.20.0.0.0dbru.zip 65 | 66 | # Install barman-cloud 67 | RUN set -xe; \ 68 | apt-get update; \ 69 | apt-get install -y --no-install-recommends \ 70 | python3-pip \ 71 | python3-psycopg2 \ 72 | python3-setuptools \ 73 | ; \ 74 | pip3 install --upgrade pip; \ 75 | # TODO: Remove --no-deps once https://github.com/pypa/pip/issues/9644 is solved 76 | pip3 install --no-deps -r requirements.txt; \ 77 | apt-get autoremove -y; \ 78 | apt-get clean; \ 79 | rm -rf /var/lib/apt/lists/*; 80 | 81 | # TODO: Move next three sections to separate FROMs and just copy files here. 82 | # Clone and build AWS SDK for C++ 83 | RUN git clone https://github.com/aws/aws-sdk-cpp.git && \ 84 | cd aws-sdk-cpp && \ 85 | git checkout 1.9.263 && \ 86 | git submodule update --init --recursive && \ 87 | mkdir build && cd build && \ 88 | cmake -DBUILD_ONLY="s3;core;config;sts;cognito-identity;transfer;identity-management" -DAUTORUN_UNIT_TESTS=OFF -DCMAKE_CXX_FLAGS=-Wno-error=deprecated-declarations .. && \ 89 | make -j$(nproc) && \ 90 | make install && \ 91 | cd ../.. && rm -rf aws-sdk-cpp 92 | 93 | # Clone and build Apache Arrow 94 | RUN git clone https://github.com/apache/arrow.git && \ 95 | cd arrow && \ 96 | git checkout apache-arrow-7.0.1 && \ 97 | cd cpp && \ 98 | mkdir build && cd build && \ 99 | cmake -DARROW_PARQUET=ON -DARROW_S3=ON -DARROW_WITH_SNAPPY=ON .. && \ 100 | make -j$(nproc) && \ 101 | make install && \ 102 | cd ../.. && rm -rf arrow 103 | 104 | # Install groonga libs 105 | RUN wget https://packages.groonga.org/source/groonga/groonga-14.1.2.tar.gz \ 106 | && tar xvzf groonga-14.1.2.tar.gz \ 107 | && cd groonga-14.1.2 \ 108 | && ./configure \ 109 | && make -j$(nproc) \ 110 | && make install \ 111 | && cd .. && rm -rf groonga-* 112 | 113 | ARG PG_VERSION 114 | ARG PG_DUCKDB_VERSION=0.3.1 115 | ARG DUCKDB_VERSION=1.2.0 116 | RUN set -eux; \ 117 | # Grab libduckdb from the pg_duckdb trunk package 118 | curl -LO https://cdb-plat-use1-prod-pgtrunkio.s3.amazonaws.com/extensions/pg_duckdb/pg_duckdb-pg${PG_VERSION}-${PG_DUCKDB_VERSION}.tar.gz; \ 119 | tar zxvf pg_duckdb-pg${PG_VERSION}-${PG_DUCKDB_VERSION}.tar.gz libduckdb.so; \ 120 | mv libduckdb.so /usr/local/lib/libduckdb.so.${DUCKDB_VERSION}; \ 121 | rm -rf pg_duckdb*; \ 122 | ldconfig; \ 123 | # Install auto_explain and pg_stat_statements. 124 | /usr/bin/trunk install auto_explain; \ 125 | /usr/bin/trunk install pg_stat_statements; 126 | 127 | # Revert the postgres user to id 26 128 | RUN usermod -u 26 postgres 129 | USER 26 130 | -------------------------------------------------------------------------------- /standard-cnpg/README.md: -------------------------------------------------------------------------------- 1 | # Postgres Docker Image for Tembo's Standard Stack 2 | 3 | Contains a `Dockerfile` with trunk, barman-cloud, Postgre, and all extension dependencies installed. 4 | 5 | ## Versioning 6 | 7 | The version of the Docker image can be configured in the `Cargo.toml` file in this directory. We may wrap Postgres in our Tembo distribution, but for the time being this crate is just a placeholder to allow for versioning. 8 | -------------------------------------------------------------------------------- /standard-cnpg/requirements.txt: -------------------------------------------------------------------------------- 1 | # 2 | # This file is autogenerated by pip-compile with Python 3.8 3 | # by the following command: 4 | # 5 | # pip-compile --generate-hashes 6 | # 7 | argcomplete==3.0.8 \ 8 | --hash=sha256:b9ca96448e14fa459d7450a4ab5a22bbf9cee4ba7adddf03e65c398b5daeea28 \ 9 | --hash=sha256:e36fd646839933cbec7941c662ecb65338248667358dd3d968405a4506a60d9b 10 | azure-core==1.26.4 \ 11 | --hash=sha256:075fe06b74c3007950dd93d49440c2f3430fd9b4a5a2756ec8c79454afc989c6 \ 12 | --hash=sha256:d9664b4bc2675d72fba461a285ac43ae33abb2967014a955bf136d9703a2ab3c 13 | # via 14 | # azure-identity 15 | # azure-storage-blob 16 | azure-identity==1.13.0 \ 17 | --hash=sha256:bd700cebb80cd9862098587c29d8677e819beca33c62568ced6d5a8e5e332b82 \ 18 | --hash=sha256:c931c27301ffa86b07b4dcf574e29da73e3deba9ab5d1fe4f445bb6a3117e260 19 | azure-storage-blob==12.16.0 \ 20 | --hash=sha256:43b45f19a518a5c6895632f263b3825ebc23574f25cc84b66e1630a6160e466f \ 21 | --hash=sha256:91bb192b2a97939c4259c72373bac0f41e30810bbc853d5184f0f45904eacafd 22 | barman[azure,cloud,google,snappy]==3.5.0 \ 23 | --hash=sha256:078643961d421a5f54825d3da4bbd04faa94b96a6a0f6cefe23babdc53aff83a \ 24 | --hash=sha256:bea6885c1efe2e140b640d4b2daec8aff03563a5cee199a73f874ae39fede051 25 | # via -r requirements.in 26 | boto3==1.26.139 \ 27 | --hash=sha256:5b61a82f0c1cd006bd109ddf27c93d9b010c4c188fc583ee257ff6f3bb89970d \ 28 | --hash=sha256:fe19d287bc8ede385e1b9136f135ee8f93eab81404ad1445b1a70cabfe3f7087 29 | botocore==1.29.139 \ 30 | --hash=sha256:acc62710bdf11e47f4f26fb290a9082ff00377d7e93a16e1f080f9c789898114 \ 31 | --hash=sha256:b164af929eb2f1507833718de9eb8811e3adc6943b464c1869e95ac87f3bab88 32 | # via 33 | # boto3 34 | # s3transfer 35 | cachetools==5.3.0 \ 36 | --hash=sha256:13dfddc7b8df938c21a940dfa6557ce6e94a2f1cdfa58eb90c805721d58f2c14 \ 37 | --hash=sha256:429e1a1e845c008ea6c85aa35d4b98b65d6a9763eeef3e37e92728a12d1de9d4 38 | # via google-auth 39 | certifi==2023.5.7 \ 40 | --hash=sha256:0f0d56dc5a6ad56fd4ba36484d6cc34451e1c6548c61daad8c320169f91eddc7 \ 41 | --hash=sha256:c6c2e98f5c7869efca1f8916fed228dd91539f9f1b444c314c06eef02980c716 42 | # via requests 43 | cffi==1.15.1 \ 44 | --hash=sha256:00a9ed42e88df81ffae7a8ab6d9356b371399b91dbdf0c3cb1e84c03a13aceb5 \ 45 | --hash=sha256:03425bdae262c76aad70202debd780501fabeaca237cdfddc008987c0e0f59ef \ 46 | --hash=sha256:04ed324bda3cda42b9b695d51bb7d54b680b9719cfab04227cdd1e04e5de3104 \ 47 | --hash=sha256:0e2642fe3142e4cc4af0799748233ad6da94c62a8bec3a6648bf8ee68b1c7426 \ 48 | --hash=sha256:173379135477dc8cac4bc58f45db08ab45d228b3363adb7af79436135d028405 \ 49 | --hash=sha256:198caafb44239b60e252492445da556afafc7d1e3ab7a1fb3f0584ef6d742375 \ 50 | --hash=sha256:1e74c6b51a9ed6589199c787bf5f9875612ca4a8a0785fb2d4a84429badaf22a \ 51 | --hash=sha256:2012c72d854c2d03e45d06ae57f40d78e5770d252f195b93f581acf3ba44496e \ 52 | --hash=sha256:21157295583fe8943475029ed5abdcf71eb3911894724e360acff1d61c1d54bc \ 53 | --hash=sha256:2470043b93ff09bf8fb1d46d1cb756ce6132c54826661a32d4e4d132e1977adf \ 54 | --hash=sha256:285d29981935eb726a4399badae8f0ffdff4f5050eaa6d0cfc3f64b857b77185 \ 55 | --hash=sha256:30d78fbc8ebf9c92c9b7823ee18eb92f2e6ef79b45ac84db507f52fbe3ec4497 \ 56 | --hash=sha256:320dab6e7cb2eacdf0e658569d2575c4dad258c0fcc794f46215e1e39f90f2c3 \ 57 | --hash=sha256:33ab79603146aace82c2427da5ca6e58f2b3f2fb5da893ceac0c42218a40be35 \ 58 | --hash=sha256:3548db281cd7d2561c9ad9984681c95f7b0e38881201e157833a2342c30d5e8c \ 59 | --hash=sha256:3799aecf2e17cf585d977b780ce79ff0dc9b78d799fc694221ce814c2c19db83 \ 60 | --hash=sha256:39d39875251ca8f612b6f33e6b1195af86d1b3e60086068be9cc053aa4376e21 \ 61 | --hash=sha256:3b926aa83d1edb5aa5b427b4053dc420ec295a08e40911296b9eb1b6170f6cca \ 62 | --hash=sha256:3bcde07039e586f91b45c88f8583ea7cf7a0770df3a1649627bf598332cb6984 \ 63 | --hash=sha256:3d08afd128ddaa624a48cf2b859afef385b720bb4b43df214f85616922e6a5ac \ 64 | --hash=sha256:3eb6971dcff08619f8d91607cfc726518b6fa2a9eba42856be181c6d0d9515fd \ 65 | --hash=sha256:40f4774f5a9d4f5e344f31a32b5096977b5d48560c5592e2f3d2c4374bd543ee \ 66 | --hash=sha256:4289fc34b2f5316fbb762d75362931e351941fa95fa18789191b33fc4cf9504a \ 67 | --hash=sha256:470c103ae716238bbe698d67ad020e1db9d9dba34fa5a899b5e21577e6d52ed2 \ 68 | --hash=sha256:4f2c9f67e9821cad2e5f480bc8d83b8742896f1242dba247911072d4fa94c192 \ 69 | --hash=sha256:50a74364d85fd319352182ef59c5c790484a336f6db772c1a9231f1c3ed0cbd7 \ 70 | --hash=sha256:54a2db7b78338edd780e7ef7f9f6c442500fb0d41a5a4ea24fff1c929d5af585 \ 71 | --hash=sha256:5635bd9cb9731e6d4a1132a498dd34f764034a8ce60cef4f5319c0541159392f \ 72 | --hash=sha256:59c0b02d0a6c384d453fece7566d1c7e6b7bae4fc5874ef2ef46d56776d61c9e \ 73 | --hash=sha256:5d598b938678ebf3c67377cdd45e09d431369c3b1a5b331058c338e201f12b27 \ 74 | --hash=sha256:5df2768244d19ab7f60546d0c7c63ce1581f7af8b5de3eb3004b9b6fc8a9f84b \ 75 | --hash=sha256:5ef34d190326c3b1f822a5b7a45f6c4535e2f47ed06fec77d3d799c450b2651e \ 76 | --hash=sha256:6975a3fac6bc83c4a65c9f9fcab9e47019a11d3d2cf7f3c0d03431bf145a941e \ 77 | --hash=sha256:6c9a799e985904922a4d207a94eae35c78ebae90e128f0c4e521ce339396be9d \ 78 | --hash=sha256:70df4e3b545a17496c9b3f41f5115e69a4f2e77e94e1d2a8e1070bc0c38c8a3c \ 79 | --hash=sha256:7473e861101c9e72452f9bf8acb984947aa1661a7704553a9f6e4baa5ba64415 \ 80 | --hash=sha256:8102eaf27e1e448db915d08afa8b41d6c7ca7a04b7d73af6514df10a3e74bd82 \ 81 | --hash=sha256:87c450779d0914f2861b8526e035c5e6da0a3199d8f1add1a665e1cbc6fc6d02 \ 82 | --hash=sha256:8b7ee99e510d7b66cdb6c593f21c043c248537a32e0bedf02e01e9553a172314 \ 83 | --hash=sha256:91fc98adde3d7881af9b59ed0294046f3806221863722ba7d8d120c575314325 \ 84 | --hash=sha256:94411f22c3985acaec6f83c6df553f2dbe17b698cc7f8ae751ff2237d96b9e3c \ 85 | --hash=sha256:98d85c6a2bef81588d9227dde12db8a7f47f639f4a17c9ae08e773aa9c697bf3 \ 86 | --hash=sha256:9ad5db27f9cabae298d151c85cf2bad1d359a1b9c686a275df03385758e2f914 \ 87 | --hash=sha256:a0b71b1b8fbf2b96e41c4d990244165e2c9be83d54962a9a1d118fd8657d2045 \ 88 | --hash=sha256:a0f100c8912c114ff53e1202d0078b425bee3649ae34d7b070e9697f93c5d52d \ 89 | --hash=sha256:a591fe9e525846e4d154205572a029f653ada1a78b93697f3b5a8f1f2bc055b9 \ 90 | --hash=sha256:a5c84c68147988265e60416b57fc83425a78058853509c1b0629c180094904a5 \ 91 | --hash=sha256:a66d3508133af6e8548451b25058d5812812ec3798c886bf38ed24a98216fab2 \ 92 | --hash=sha256:a8c4917bd7ad33e8eb21e9a5bbba979b49d9a97acb3a803092cbc1133e20343c \ 93 | --hash=sha256:b3bbeb01c2b273cca1e1e0c5df57f12dce9a4dd331b4fa1635b8bec26350bde3 \ 94 | --hash=sha256:cba9d6b9a7d64d4bd46167096fc9d2f835e25d7e4c121fb2ddfc6528fb0413b2 \ 95 | --hash=sha256:cc4d65aeeaa04136a12677d3dd0b1c0c94dc43abac5860ab33cceb42b801c1e8 \ 96 | --hash=sha256:ce4bcc037df4fc5e3d184794f27bdaab018943698f4ca31630bc7f84a7b69c6d \ 97 | --hash=sha256:cec7d9412a9102bdc577382c3929b337320c4c4c4849f2c5cdd14d7368c5562d \ 98 | --hash=sha256:d400bfb9a37b1351253cb402671cea7e89bdecc294e8016a707f6d1d8ac934f9 \ 99 | --hash=sha256:d61f4695e6c866a23a21acab0509af1cdfd2c013cf256bbf5b6b5e2695827162 \ 100 | --hash=sha256:db0fbb9c62743ce59a9ff687eb5f4afbe77e5e8403d6697f7446e5f609976f76 \ 101 | --hash=sha256:dd86c085fae2efd48ac91dd7ccffcfc0571387fe1193d33b6394db7ef31fe2a4 \ 102 | --hash=sha256:e00b098126fd45523dd056d2efba6c5a63b71ffe9f2bbe1a4fe1716e1d0c331e \ 103 | --hash=sha256:e229a521186c75c8ad9490854fd8bbdd9a0c9aa3a524326b55be83b54d4e0ad9 \ 104 | --hash=sha256:e263d77ee3dd201c3a142934a086a4450861778baaeeb45db4591ef65550b0a6 \ 105 | --hash=sha256:ed9cb427ba5504c1dc15ede7d516b84757c3e3d7868ccc85121d9310d27eed0b \ 106 | --hash=sha256:fa6693661a4c91757f4412306191b6dc88c1703f780c8234035eac011922bc01 \ 107 | --hash=sha256:fcd131dd944808b5bdb38e6f5b53013c5aa4f334c5cad0c72742f6eba4b73db0 108 | # via cryptography 109 | charset-normalizer==3.1.0 \ 110 | --hash=sha256:04afa6387e2b282cf78ff3dbce20f0cc071c12dc8f685bd40960cc68644cfea6 \ 111 | --hash=sha256:04eefcee095f58eaabe6dc3cc2262f3bcd776d2c67005880894f447b3f2cb9c1 \ 112 | --hash=sha256:0be65ccf618c1e7ac9b849c315cc2e8a8751d9cfdaa43027d4f6624bd587ab7e \ 113 | --hash=sha256:0c95f12b74681e9ae127728f7e5409cbbef9cd914d5896ef238cc779b8152373 \ 114 | --hash=sha256:0ca564606d2caafb0abe6d1b5311c2649e8071eb241b2d64e75a0d0065107e62 \ 115 | --hash=sha256:10c93628d7497c81686e8e5e557aafa78f230cd9e77dd0c40032ef90c18f2230 \ 116 | --hash=sha256:11d117e6c63e8f495412d37e7dc2e2fff09c34b2d09dbe2bee3c6229577818be \ 117 | --hash=sha256:11d3bcb7be35e7b1bba2c23beedac81ee893ac9871d0ba79effc7fc01167db6c \ 118 | --hash=sha256:12a2b561af122e3d94cdb97fe6fb2bb2b82cef0cdca131646fdb940a1eda04f0 \ 119 | --hash=sha256:12d1a39aa6b8c6f6248bb54550efcc1c38ce0d8096a146638fd4738e42284448 \ 120 | --hash=sha256:1435ae15108b1cb6fffbcea2af3d468683b7afed0169ad718451f8db5d1aff6f \ 121 | --hash=sha256:1c60b9c202d00052183c9be85e5eaf18a4ada0a47d188a83c8f5c5b23252f649 \ 122 | --hash=sha256:1e8fcdd8f672a1c4fc8d0bd3a2b576b152d2a349782d1eb0f6b8e52e9954731d \ 123 | --hash=sha256:20064ead0717cf9a73a6d1e779b23d149b53daf971169289ed2ed43a71e8d3b0 \ 124 | --hash=sha256:21fa558996782fc226b529fdd2ed7866c2c6ec91cee82735c98a197fae39f706 \ 125 | --hash=sha256:22908891a380d50738e1f978667536f6c6b526a2064156203d418f4856d6e86a \ 126 | --hash=sha256:3160a0fd9754aab7d47f95a6b63ab355388d890163eb03b2d2b87ab0a30cfa59 \ 127 | --hash=sha256:322102cdf1ab682ecc7d9b1c5eed4ec59657a65e1c146a0da342b78f4112db23 \ 128 | --hash=sha256:34e0a2f9c370eb95597aae63bf85eb5e96826d81e3dcf88b8886012906f509b5 \ 129 | --hash=sha256:3573d376454d956553c356df45bb824262c397c6e26ce43e8203c4c540ee0acb \ 130 | --hash=sha256:3747443b6a904001473370d7810aa19c3a180ccd52a7157aacc264a5ac79265e \ 131 | --hash=sha256:38e812a197bf8e71a59fe55b757a84c1f946d0ac114acafaafaf21667a7e169e \ 132 | --hash=sha256:3a06f32c9634a8705f4ca9946d667609f52cf130d5548881401f1eb2c39b1e2c \ 133 | --hash=sha256:3a5fc78f9e3f501a1614a98f7c54d3969f3ad9bba8ba3d9b438c3bc5d047dd28 \ 134 | --hash=sha256:3d9098b479e78c85080c98e1e35ff40b4a31d8953102bb0fd7d1b6f8a2111a3d \ 135 | --hash=sha256:3dc5b6a8ecfdc5748a7e429782598e4f17ef378e3e272eeb1340ea57c9109f41 \ 136 | --hash=sha256:4155b51ae05ed47199dc5b2a4e62abccb274cee6b01da5b895099b61b1982974 \ 137 | --hash=sha256:49919f8400b5e49e961f320c735388ee686a62327e773fa5b3ce6721f7e785ce \ 138 | --hash=sha256:53d0a3fa5f8af98a1e261de6a3943ca631c526635eb5817a87a59d9a57ebf48f \ 139 | --hash=sha256:5f008525e02908b20e04707a4f704cd286d94718f48bb33edddc7d7b584dddc1 \ 140 | --hash=sha256:628c985afb2c7d27a4800bfb609e03985aaecb42f955049957814e0491d4006d \ 141 | --hash=sha256:65ed923f84a6844de5fd29726b888e58c62820e0769b76565480e1fdc3d062f8 \ 142 | --hash=sha256:6734e606355834f13445b6adc38b53c0fd45f1a56a9ba06c2058f86893ae8017 \ 143 | --hash=sha256:6baf0baf0d5d265fa7944feb9f7451cc316bfe30e8df1a61b1bb08577c554f31 \ 144 | --hash=sha256:6f4f4668e1831850ebcc2fd0b1cd11721947b6dc7c00bf1c6bd3c929ae14f2c7 \ 145 | --hash=sha256:6f5c2e7bc8a4bf7c426599765b1bd33217ec84023033672c1e9a8b35eaeaaaf8 \ 146 | --hash=sha256:6f6c7a8a57e9405cad7485f4c9d3172ae486cfef1344b5ddd8e5239582d7355e \ 147 | --hash=sha256:7381c66e0561c5757ffe616af869b916c8b4e42b367ab29fedc98481d1e74e14 \ 148 | --hash=sha256:73dc03a6a7e30b7edc5b01b601e53e7fc924b04e1835e8e407c12c037e81adbd \ 149 | --hash=sha256:74db0052d985cf37fa111828d0dd230776ac99c740e1a758ad99094be4f1803d \ 150 | --hash=sha256:75f2568b4189dda1c567339b48cba4ac7384accb9c2a7ed655cd86b04055c795 \ 151 | --hash=sha256:78cacd03e79d009d95635e7d6ff12c21eb89b894c354bd2b2ed0b4763373693b \ 152 | --hash=sha256:80d1543d58bd3d6c271b66abf454d437a438dff01c3e62fdbcd68f2a11310d4b \ 153 | --hash=sha256:830d2948a5ec37c386d3170c483063798d7879037492540f10a475e3fd6f244b \ 154 | --hash=sha256:891cf9b48776b5c61c700b55a598621fdb7b1e301a550365571e9624f270c203 \ 155 | --hash=sha256:8f25e17ab3039b05f762b0a55ae0b3632b2e073d9c8fc88e89aca31a6198e88f \ 156 | --hash=sha256:9a3267620866c9d17b959a84dd0bd2d45719b817245e49371ead79ed4f710d19 \ 157 | --hash=sha256:a04f86f41a8916fe45ac5024ec477f41f886b3c435da2d4e3d2709b22ab02af1 \ 158 | --hash=sha256:aaf53a6cebad0eae578f062c7d462155eada9c172bd8c4d250b8c1d8eb7f916a \ 159 | --hash=sha256:abc1185d79f47c0a7aaf7e2412a0eb2c03b724581139193d2d82b3ad8cbb00ac \ 160 | --hash=sha256:ac0aa6cd53ab9a31d397f8303f92c42f534693528fafbdb997c82bae6e477ad9 \ 161 | --hash=sha256:ac3775e3311661d4adace3697a52ac0bab17edd166087d493b52d4f4f553f9f0 \ 162 | --hash=sha256:b06f0d3bf045158d2fb8837c5785fe9ff9b8c93358be64461a1089f5da983137 \ 163 | --hash=sha256:b116502087ce8a6b7a5f1814568ccbd0e9f6cfd99948aa59b0e241dc57cf739f \ 164 | --hash=sha256:b82fab78e0b1329e183a65260581de4375f619167478dddab510c6c6fb04d9b6 \ 165 | --hash=sha256:bd7163182133c0c7701b25e604cf1611c0d87712e56e88e7ee5d72deab3e76b5 \ 166 | --hash=sha256:c36bcbc0d5174a80d6cccf43a0ecaca44e81d25be4b7f90f0ed7bcfbb5a00909 \ 167 | --hash=sha256:c3af8e0f07399d3176b179f2e2634c3ce9c1301379a6b8c9c9aeecd481da494f \ 168 | --hash=sha256:c84132a54c750fda57729d1e2599bb598f5fa0344085dbde5003ba429a4798c0 \ 169 | --hash=sha256:cb7b2ab0188829593b9de646545175547a70d9a6e2b63bf2cd87a0a391599324 \ 170 | --hash=sha256:cca4def576f47a09a943666b8f829606bcb17e2bc2d5911a46c8f8da45f56755 \ 171 | --hash=sha256:cf6511efa4801b9b38dc5546d7547d5b5c6ef4b081c60b23e4d941d0eba9cbeb \ 172 | --hash=sha256:d16fd5252f883eb074ca55cb622bc0bee49b979ae4e8639fff6ca3ff44f9f854 \ 173 | --hash=sha256:d2686f91611f9e17f4548dbf050e75b079bbc2a82be565832bc8ea9047b61c8c \ 174 | --hash=sha256:d7fc3fca01da18fbabe4625d64bb612b533533ed10045a2ac3dd194bfa656b60 \ 175 | --hash=sha256:dd5653e67b149503c68c4018bf07e42eeed6b4e956b24c00ccdf93ac79cdff84 \ 176 | --hash=sha256:de5695a6f1d8340b12a5d6d4484290ee74d61e467c39ff03b39e30df62cf83a0 \ 177 | --hash=sha256:e0ac8959c929593fee38da1c2b64ee9778733cdf03c482c9ff1d508b6b593b2b \ 178 | --hash=sha256:e1b25e3ad6c909f398df8921780d6a3d120d8c09466720226fc621605b6f92b1 \ 179 | --hash=sha256:e633940f28c1e913615fd624fcdd72fdba807bf53ea6925d6a588e84e1151531 \ 180 | --hash=sha256:e89df2958e5159b811af9ff0f92614dabf4ff617c03a4c1c6ff53bf1c399e0e1 \ 181 | --hash=sha256:ea9f9c6034ea2d93d9147818f17c2a0860d41b71c38b9ce4d55f21b6f9165a11 \ 182 | --hash=sha256:f645caaf0008bacf349875a974220f1f1da349c5dbe7c4ec93048cdc785a3326 \ 183 | --hash=sha256:f8303414c7b03f794347ad062c0516cee0e15f7a612abd0ce1e25caf6ceb47df \ 184 | --hash=sha256:fca62a8301b605b954ad2e9c3666f9d97f63872aa4efcae5492baca2056b74ab 185 | # via requests 186 | cryptography==40.0.2 \ 187 | --hash=sha256:05dc219433b14046c476f6f09d7636b92a1c3e5808b9a6536adf4932b3b2c440 \ 188 | --hash=sha256:0dcca15d3a19a66e63662dc8d30f8036b07be851a8680eda92d079868f106288 \ 189 | --hash=sha256:142bae539ef28a1c76794cca7f49729e7c54423f615cfd9b0b1fa90ebe53244b \ 190 | --hash=sha256:3daf9b114213f8ba460b829a02896789751626a2a4e7a43a28ee77c04b5e4958 \ 191 | --hash=sha256:48f388d0d153350f378c7f7b41497a54ff1513c816bcbbcafe5b829e59b9ce5b \ 192 | --hash=sha256:4df2af28d7bedc84fe45bd49bc35d710aede676e2a4cb7fc6d103a2adc8afe4d \ 193 | --hash=sha256:4f01c9863da784558165f5d4d916093737a75203a5c5286fde60e503e4276c7a \ 194 | --hash=sha256:7a38250f433cd41df7fcb763caa3ee9362777fdb4dc642b9a349721d2bf47404 \ 195 | --hash=sha256:8f79b5ff5ad9d3218afb1e7e20ea74da5f76943ee5edb7f76e56ec5161ec782b \ 196 | --hash=sha256:956ba8701b4ffe91ba59665ed170a2ebbdc6fc0e40de5f6059195d9f2b33ca0e \ 197 | --hash=sha256:a04386fb7bc85fab9cd51b6308633a3c271e3d0d3eae917eebab2fac6219b6d2 \ 198 | --hash=sha256:a95f4802d49faa6a674242e25bfeea6fc2acd915b5e5e29ac90a32b1139cae1c \ 199 | --hash=sha256:adc0d980fd2760c9e5de537c28935cc32b9353baaf28e0814df417619c6c8c3b \ 200 | --hash=sha256:aecbb1592b0188e030cb01f82d12556cf72e218280f621deed7d806afd2113f9 \ 201 | --hash=sha256:b12794f01d4cacfbd3177b9042198f3af1c856eedd0a98f10f141385c809a14b \ 202 | --hash=sha256:c0764e72b36a3dc065c155e5b22f93df465da9c39af65516fe04ed3c68c92636 \ 203 | --hash=sha256:c33c0d32b8594fa647d2e01dbccc303478e16fdd7cf98652d5b3ed11aa5e5c99 \ 204 | --hash=sha256:cbaba590180cba88cb99a5f76f90808a624f18b169b90a4abb40c1fd8c19420e \ 205 | --hash=sha256:d5a1bd0e9e2031465761dfa920c16b0065ad77321d8a8c1f5ee331021fda65e9 206 | # via 207 | # azure-identity 208 | # azure-storage-blob 209 | # msal 210 | # pyjwt 211 | google-api-core==2.11.0 \ 212 | --hash=sha256:4b9bb5d5a380a0befa0573b302651b8a9a89262c1730e37bf423cec511804c22 \ 213 | --hash=sha256:ce222e27b0de0d7bc63eb043b956996d6dccab14cc3b690aaea91c9cc99dc16e 214 | # via 215 | # google-cloud-core 216 | # google-cloud-storage 217 | google-auth==2.18.1 \ 218 | --hash=sha256:55a395cdfd3f3dd3f649131d41f97c17b4ed8a2aac1be3502090c716314e8a37 \ 219 | --hash=sha256:d7a3249027e7f464fbbfd7ee8319a08ad09d2eea51578575c4bd360ffa049ccb 220 | # via 221 | # google-api-core 222 | # google-cloud-core 223 | # google-cloud-storage 224 | google-cloud-core==2.3.2 \ 225 | --hash=sha256:8417acf6466be2fa85123441696c4badda48db314c607cf1e5d543fa8bdc22fe \ 226 | --hash=sha256:b9529ee7047fd8d4bf4a2182de619154240df17fbe60ead399078c1ae152af9a 227 | # via google-cloud-storage 228 | google-cloud-storage==2.9.0 \ 229 | --hash=sha256:83a90447f23d5edd045e0037982c270302e3aeb45fc1288d2c2ca713d27bad94 \ 230 | --hash=sha256:9b6ae7b509fc294bdacb84d0f3ea8e20e2c54a8b4bbe39c5707635fec214eff3 231 | google-crc32c==1.5.0 \ 232 | --hash=sha256:024894d9d3cfbc5943f8f230e23950cd4906b2fe004c72e29b209420a1e6b05a \ 233 | --hash=sha256:02c65b9817512edc6a4ae7c7e987fea799d2e0ee40c53ec573a692bee24de876 \ 234 | --hash=sha256:02ebb8bf46c13e36998aeaad1de9b48f4caf545e91d14041270d9dca767b780c \ 235 | --hash=sha256:07eb3c611ce363c51a933bf6bd7f8e3878a51d124acfc89452a75120bc436289 \ 236 | --hash=sha256:1034d91442ead5a95b5aaef90dbfaca8633b0247d1e41621d1e9f9db88c36298 \ 237 | --hash=sha256:116a7c3c616dd14a3de8c64a965828b197e5f2d121fedd2f8c5585c547e87b02 \ 238 | --hash=sha256:19e0a019d2c4dcc5e598cd4a4bc7b008546b0358bd322537c74ad47a5386884f \ 239 | --hash=sha256:1c7abdac90433b09bad6c43a43af253e688c9cfc1c86d332aed13f9a7c7f65e2 \ 240 | --hash=sha256:1e986b206dae4476f41bcec1faa057851f3889503a70e1bdb2378d406223994a \ 241 | --hash=sha256:272d3892a1e1a2dbc39cc5cde96834c236d5327e2122d3aaa19f6614531bb6eb \ 242 | --hash=sha256:278d2ed7c16cfc075c91378c4f47924c0625f5fc84b2d50d921b18b7975bd210 \ 243 | --hash=sha256:2ad40e31093a4af319dadf503b2467ccdc8f67c72e4bcba97f8c10cb078207b5 \ 244 | --hash=sha256:2e920d506ec85eb4ba50cd4228c2bec05642894d4c73c59b3a2fe20346bd00ee \ 245 | --hash=sha256:3359fc442a743e870f4588fcf5dcbc1bf929df1fad8fb9905cd94e5edb02e84c \ 246 | --hash=sha256:37933ec6e693e51a5b07505bd05de57eee12f3e8c32b07da7e73669398e6630a \ 247 | --hash=sha256:398af5e3ba9cf768787eef45c803ff9614cc3e22a5b2f7d7ae116df8b11e3314 \ 248 | --hash=sha256:3b747a674c20a67343cb61d43fdd9207ce5da6a99f629c6e2541aa0e89215bcd \ 249 | --hash=sha256:461665ff58895f508e2866824a47bdee72497b091c730071f2b7575d5762ab65 \ 250 | --hash=sha256:4c6fdd4fccbec90cc8a01fc00773fcd5fa28db683c116ee3cb35cd5da9ef6c37 \ 251 | --hash=sha256:5829b792bf5822fd0a6f6eb34c5f81dd074f01d570ed7f36aa101d6fc7a0a6e4 \ 252 | --hash=sha256:596d1f98fc70232fcb6590c439f43b350cb762fb5d61ce7b0e9db4539654cc13 \ 253 | --hash=sha256:5ae44e10a8e3407dbe138984f21e536583f2bba1be9491239f942c2464ac0894 \ 254 | --hash=sha256:635f5d4dd18758a1fbd1049a8e8d2fee4ffed124462d837d1a02a0e009c3ab31 \ 255 | --hash=sha256:64e52e2b3970bd891309c113b54cf0e4384762c934d5ae56e283f9a0afcd953e \ 256 | --hash=sha256:66741ef4ee08ea0b2cc3c86916ab66b6aef03768525627fd6a1b34968b4e3709 \ 257 | --hash=sha256:67b741654b851abafb7bc625b6d1cdd520a379074e64b6a128e3b688c3c04740 \ 258 | --hash=sha256:6ac08d24c1f16bd2bf5eca8eaf8304812f44af5cfe5062006ec676e7e1d50afc \ 259 | --hash=sha256:6f998db4e71b645350b9ac28a2167e6632c239963ca9da411523bb439c5c514d \ 260 | --hash=sha256:72218785ce41b9cfd2fc1d6a017dc1ff7acfc4c17d01053265c41a2c0cc39b8c \ 261 | --hash=sha256:74dea7751d98034887dbd821b7aae3e1d36eda111d6ca36c206c44478035709c \ 262 | --hash=sha256:759ce4851a4bb15ecabae28f4d2e18983c244eddd767f560165563bf9aefbc8d \ 263 | --hash=sha256:77e2fd3057c9d78e225fa0a2160f96b64a824de17840351b26825b0848022906 \ 264 | --hash=sha256:7c074fece789b5034b9b1404a1f8208fc2d4c6ce9decdd16e8220c5a793e6f61 \ 265 | --hash=sha256:7c42c70cd1d362284289c6273adda4c6af8039a8ae12dc451dcd61cdabb8ab57 \ 266 | --hash=sha256:7f57f14606cd1dd0f0de396e1e53824c371e9544a822648cd76c034d209b559c \ 267 | --hash=sha256:83c681c526a3439b5cf94f7420471705bbf96262f49a6fe546a6db5f687a3d4a \ 268 | --hash=sha256:8485b340a6a9e76c62a7dce3c98e5f102c9219f4cfbf896a00cf48caf078d438 \ 269 | --hash=sha256:84e6e8cd997930fc66d5bb4fde61e2b62ba19d62b7abd7a69920406f9ecca946 \ 270 | --hash=sha256:89284716bc6a5a415d4eaa11b1726d2d60a0cd12aadf5439828353662ede9dd7 \ 271 | --hash=sha256:8b87e1a59c38f275c0e3676fc2ab6d59eccecfd460be267ac360cc31f7bcde96 \ 272 | --hash=sha256:8f24ed114432de109aa9fd317278518a5af2d31ac2ea6b952b2f7782b43da091 \ 273 | --hash=sha256:98cb4d057f285bd80d8778ebc4fde6b4d509ac3f331758fb1528b733215443ae \ 274 | --hash=sha256:998679bf62b7fb599d2878aa3ed06b9ce688b8974893e7223c60db155f26bd8d \ 275 | --hash=sha256:9ba053c5f50430a3fcfd36f75aff9caeba0440b2d076afdb79a318d6ca245f88 \ 276 | --hash=sha256:9c99616c853bb585301df6de07ca2cadad344fd1ada6d62bb30aec05219c45d2 \ 277 | --hash=sha256:a1fd716e7a01f8e717490fbe2e431d2905ab8aa598b9b12f8d10abebb36b04dd \ 278 | --hash=sha256:a2355cba1f4ad8b6988a4ca3feed5bff33f6af2d7f134852cf279c2aebfde541 \ 279 | --hash=sha256:b1f8133c9a275df5613a451e73f36c2aea4fe13c5c8997e22cf355ebd7bd0728 \ 280 | --hash=sha256:b8667b48e7a7ef66afba2c81e1094ef526388d35b873966d8a9a447974ed9178 \ 281 | --hash=sha256:ba1eb1843304b1e5537e1fca632fa894d6f6deca8d6389636ee5b4797affb968 \ 282 | --hash=sha256:be82c3c8cfb15b30f36768797a640e800513793d6ae1724aaaafe5bf86f8f346 \ 283 | --hash=sha256:c02ec1c5856179f171e032a31d6f8bf84e5a75c45c33b2e20a3de353b266ebd8 \ 284 | --hash=sha256:c672d99a345849301784604bfeaeba4db0c7aae50b95be04dd651fd2a7310b93 \ 285 | --hash=sha256:c6c777a480337ac14f38564ac88ae82d4cd238bf293f0a22295b66eb89ffced7 \ 286 | --hash=sha256:cae0274952c079886567f3f4f685bcaf5708f0a23a5f5216fdab71f81a6c0273 \ 287 | --hash=sha256:cd67cf24a553339d5062eff51013780a00d6f97a39ca062781d06b3a73b15462 \ 288 | --hash=sha256:d3515f198eaa2f0ed49f8819d5732d70698c3fa37384146079b3799b97667a94 \ 289 | --hash=sha256:d5280312b9af0976231f9e317c20e4a61cd2f9629b7bfea6a693d1878a264ebd \ 290 | --hash=sha256:de06adc872bcd8c2a4e0dc51250e9e65ef2ca91be023b9d13ebd67c2ba552e1e \ 291 | --hash=sha256:e1674e4307fa3024fc897ca774e9c7562c957af85df55efe2988ed9056dc4e57 \ 292 | --hash=sha256:e2096eddb4e7c7bdae4bd69ad364e55e07b8316653234a56552d9c988bd2d61b \ 293 | --hash=sha256:e560628513ed34759456a416bf86b54b2476c59144a9138165c9a1575801d0d9 \ 294 | --hash=sha256:edfedb64740750e1a3b16152620220f51d58ff1b4abceb339ca92e934775c27a \ 295 | --hash=sha256:f13cae8cc389a440def0c8c52057f37359014ccbc9dc1f0827936bcd367c6100 \ 296 | --hash=sha256:f314013e7dcd5cf45ab1945d92e713eec788166262ae8deb2cfacd53def27325 \ 297 | --hash=sha256:f583edb943cf2e09c60441b910d6a20b4d9d626c75a36c8fcac01a6c96c01183 \ 298 | --hash=sha256:fd8536e902db7e365f49e7d9029283403974ccf29b13fc7028b97e2295b33556 \ 299 | --hash=sha256:fe70e325aa68fa4b5edf7d1a4b6f691eb04bbccac0ace68e34820d283b5f80d4 300 | # via google-resumable-media 301 | google-resumable-media==2.5.0 \ 302 | --hash=sha256:218931e8e2b2a73a58eb354a288e03a0fd5fb1c4583261ac6e4c078666468c93 \ 303 | --hash=sha256:da1bd943e2e114a56d85d6848497ebf9be6a14d3db23e9fc57581e7c3e8170ec 304 | # via google-cloud-storage 305 | googleapis-common-protos==1.59.0 \ 306 | --hash=sha256:4168fcb568a826a52f23510412da405abd93f4d23ba544bb68d943b14ba3cb44 \ 307 | --hash=sha256:b287dc48449d1d41af0c69f4ea26242b5ae4c3d7249a38b0984c86a4caffff1f 308 | # via google-api-core 309 | idna==3.4 \ 310 | --hash=sha256:814f528e8dead7d329833b91c5faa87d60bf71824cd12a7530b5526063d02cb4 \ 311 | --hash=sha256:90b77e79eaa3eba6de819a0c442c0b4ceefc341a7a2ab77d7562bf49f425c5c2 312 | # via requests 313 | isodate==0.6.1 \ 314 | --hash=sha256:0751eece944162659049d35f4f549ed815792b38793f07cf73381c1c87cbed96 \ 315 | --hash=sha256:48c5881de7e8b0a0d648cb024c8062dc84e7b840ed81e864c7614fd3c127bde9 316 | # via azure-storage-blob 317 | jmespath==1.0.1 \ 318 | --hash=sha256:02e2e4cc71b5bcab88332eebf907519190dd9e6e82107fa7f83b1003a6252980 \ 319 | --hash=sha256:90261b206d6defd58fdd5e85f478bf633a2901798906be2ad389150c5c60edbe 320 | # via 321 | # boto3 322 | # botocore 323 | msal==1.22.0 \ 324 | --hash=sha256:8a82f5375642c1625c89058018430294c109440dce42ea667d466c2cab520acd \ 325 | --hash=sha256:9120b7eafdf061c92f7b3d744e5f325fca35873445fa8ffebb40b1086a13dd58 326 | # via 327 | # azure-identity 328 | # msal-extensions 329 | msal-extensions==1.0.0 \ 330 | --hash=sha256:91e3db9620b822d0ed2b4d1850056a0f133cba04455e62f11612e40f5502f2ee \ 331 | --hash=sha256:c676aba56b0cce3783de1b5c5ecfe828db998167875126ca4b47dc6436451354 332 | # via azure-identity 333 | portalocker==2.7.0 \ 334 | --hash=sha256:032e81d534a88ec1736d03f780ba073f047a06c478b06e2937486f334e955c51 \ 335 | --hash=sha256:a07c5b4f3985c3cf4798369631fb7011adb498e2a46d8440efc75a8f29a0f983 336 | # via msal-extensions 337 | protobuf==4.23.1 \ 338 | --hash=sha256:2036a3a1e7fc27f973fa0a7888dce712393af644f4695385f117886abc792e39 \ 339 | --hash=sha256:32e78beda26d7a101fecf15d7a4a792278a0d26a31bc327ff05564a9d68ab8ee \ 340 | --hash=sha256:346990f634272caac1f09efbcfbbacb23098b1f606d172534c6fa2d9758bb436 \ 341 | --hash=sha256:3b8905eafe4439076e1f58e9d1fa327025fd2777cf90f14083092ae47f77b0aa \ 342 | --hash=sha256:3ce113b3f3362493bddc9069c2163a38f240a9ed685ff83e7bcb756b05e1deb0 \ 343 | --hash=sha256:410bcc0a5b279f634d3e16082ce221dfef7c3392fac723500e2e64d1806dd2be \ 344 | --hash=sha256:5b9cd6097e6acae48a68cb29b56bc79339be84eca65b486910bb1e7a30e2b7c1 \ 345 | --hash=sha256:65f0ac96ef67d7dd09b19a46aad81a851b6f85f89725577f16de38f2d68ad477 \ 346 | --hash=sha256:91fac0753c3c4951fbb98a93271c43cc7cf3b93cf67747b3e600bb1e5cc14d61 \ 347 | --hash=sha256:95789b569418a3e32a53f43d7763be3d490a831e9c08042539462b6d972c2d7e \ 348 | --hash=sha256:ac50be82491369a9ec3710565777e4da87c6d2e20404e0abb1f3a8f10ffd20f0 \ 349 | --hash=sha256:decf119d54e820f298ee6d89c72d6b289ea240c32c521f00433f9dc420595f38 \ 350 | --hash=sha256:f9510cac91e764e86acd74e2b7f7bc5e6127a7f3fb646d7c8033cfb84fd1176a 351 | # via 352 | # google-api-core 353 | # googleapis-common-protos 354 | pyasn1==0.5.0 \ 355 | --hash=sha256:87a2121042a1ac9358cabcaf1d07680ff97ee6404333bacca15f76aa8ad01a57 \ 356 | --hash=sha256:97b7290ca68e62a832558ec3976f15cbf911bf5d7c7039d8b861c2a0ece69fde 357 | # via 358 | # pyasn1-modules 359 | # rsa 360 | pyasn1-modules==0.3.0 \ 361 | --hash=sha256:5bd01446b736eb9d31512a30d46c1ac3395d676c6f3cafa4c03eb54b9925631c \ 362 | --hash=sha256:d3ccd6ed470d9ffbc716be08bd90efbd44d0734bc9303818f7336070984a162d 363 | # via google-auth 364 | pycparser==2.21 \ 365 | --hash=sha256:8ee45429555515e1f6b185e78100aea234072576aa43ab53aefcae078162fca9 \ 366 | --hash=sha256:e644fdec12f7872f86c58ff790da456218b10f863970249516d60a5eaca77206 367 | # via cffi 368 | pyjwt[crypto]==2.7.0 \ 369 | --hash=sha256:ba2b425b15ad5ef12f200dc67dd56af4e26de2331f965c5439994dad075876e1 \ 370 | --hash=sha256:bd6ca4a3c4285c1a2d4349e5a035fdf8fb94e04ccd0fcbe6ba289dae9cc3e074 371 | # via msal 372 | python-dateutil==2.8.2 \ 373 | --hash=sha256:0123cacc1627ae19ddf3c27a5de5bd67ee4586fbdd6440d9748f8abb483d3e86 \ 374 | --hash=sha256:961d03dc3453ebbc59dbdea9e4e11c5651520a876d0f4db161e8674aae935da9 375 | # via 376 | # barman 377 | # botocore 378 | python-snappy==0.6.1 \ 379 | --hash=sha256:03bb511380fca2a13325b6f16fe8234c8e12da9660f0258cd45d9a02ffc916af \ 380 | --hash=sha256:0bdb6942180660bda7f7d01f4c0def3cfc72b1c6d99aad964801775a3e379aba \ 381 | --hash=sha256:0d489b50f49433494160c45048fe806de6b3aeab0586e497ebd22a0bab56e427 \ 382 | --hash=sha256:1a993dc8aadd901915a510fe6af5f20ae4256f527040066c22a154db8946751f \ 383 | --hash=sha256:1d029f7051ec1bbeaa3e03030b6d8ed47ceb69cae9016f493c802a08af54e026 \ 384 | --hash=sha256:277757d5dad4e239dc1417438a0871b65b1b155beb108888e7438c27ffc6a8cc \ 385 | --hash=sha256:2a7e528ab6e09c0d67dcb61a1730a292683e5ff9bb088950638d3170cf2a0a54 \ 386 | --hash=sha256:2aaaf618c68d8c9daebc23a20436bd01b09ee70d7fbf7072b7f38b06d2fab539 \ 387 | --hash=sha256:2be4f4550acd484912441f5f1209ba611ac399aac9355fee73611b9a0d4f949c \ 388 | --hash=sha256:39692bedbe0b717001a99915ac0eb2d9d0bad546440d392a2042b96d813eede1 \ 389 | --hash=sha256:3fb9a88a4dd6336488f3de67ce75816d0d796dce53c2c6e4d70e0b565633c7fd \ 390 | --hash=sha256:4038019b1bcaadde726a57430718394076c5a21545ebc5badad2c045a09546cf \ 391 | --hash=sha256:463fd340a499d47b26ca42d2f36a639188738f6e2098c6dbf80aef0e60f461e1 \ 392 | --hash=sha256:4d3cafdf454354a621c8ab7408e45aa4e9d5c0b943b61ff4815f71ca6bdf0130 \ 393 | --hash=sha256:4ec533a8c1f8df797bded662ec3e494d225b37855bb63eb0d75464a07947477c \ 394 | --hash=sha256:530bfb9efebcc1aab8bb4ebcbd92b54477eed11f6cf499355e882970a6d3aa7d \ 395 | --hash=sha256:546c1a7470ecbf6239101e9aff0f709b68ca0f0268b34d9023019a55baa1f7c6 \ 396 | --hash=sha256:5843feb914796b1f0405ccf31ea0fb51034ceb65a7588edfd5a8250cb369e3b2 \ 397 | --hash=sha256:586724a0276d7a6083a17259d0b51622e492289a9998848a1b01b6441ca12b2f \ 398 | --hash=sha256:59e975be4206cc54d0a112ef72fa3970a57c2b1bcc2c97ed41d6df0ebe518228 \ 399 | --hash=sha256:5a453c45178d7864c1bdd6bfe0ee3ed2883f63b9ba2c9bb967c6b586bf763f96 \ 400 | --hash=sha256:5bb05c28298803a74add08ba496879242ef159c75bc86a5406fac0ffc7dd021b \ 401 | --hash=sha256:5e973e637112391f05581f427659c05b30b6843bc522a65be35ac7b18ce3dedd \ 402 | --hash=sha256:66c80e9b366012dbee262bb1869e4fc5ba8786cda85928481528bc4a72ec2ee8 \ 403 | --hash=sha256:6a7620404da966f637b9ce8d4d3d543d363223f7a12452a575189c5355fc2d25 \ 404 | --hash=sha256:6f8bf4708a11b47517baf962f9a02196478bbb10fdb9582add4aa1459fa82380 \ 405 | --hash=sha256:735cd4528c55dbe4516d6d2b403331a99fc304f8feded8ae887cf97b67d589bb \ 406 | --hash=sha256:7778c224efc38a40d274da4eb82a04cac27aae20012372a7db3c4bbd8926c4d4 \ 407 | --hash=sha256:8277d1f6282463c40761f802b742f833f9f2449fcdbb20a96579aa05c8feb614 \ 408 | --hash=sha256:88b6ea78b83d2796f330b0af1b70cdd3965dbdab02d8ac293260ec2c8fe340ee \ 409 | --hash=sha256:8c07220408d3268e8268c9351c5c08041bc6f8c6172e59d398b71020df108541 \ 410 | --hash=sha256:8d0c019ee7dcf2c60e240877107cddbd95a5b1081787579bf179938392d66480 \ 411 | --hash=sha256:90b0186516b7a101c14764b0c25931b741fb0102f21253eff67847b4742dfc72 \ 412 | --hash=sha256:9837ac1650cc68d22a3cf5f15fb62c6964747d16cecc8b22431f113d6e39555d \ 413 | --hash=sha256:9eac51307c6a1a38d5f86ebabc26a889fddf20cbba7a116ccb54ba1446601d5b \ 414 | --hash=sha256:9f0c0d88b84259f93c3aa46398680646f2c23e43394779758d9f739c34e15295 \ 415 | --hash=sha256:a0ad38bc98d0b0497a0b0dbc29409bcabfcecff4511ed7063403c86de16927bc \ 416 | --hash=sha256:b265cde49774752aec9ca7f5d272e3f98718164afc85521622a8a5394158a2b5 \ 417 | --hash=sha256:b6a107ab06206acc5359d4c5632bd9b22d448702a79b3169b0c62e0fb808bb2a \ 418 | --hash=sha256:b7f920eaf46ebf41bd26f9df51c160d40f9e00b7b48471c3438cb8d027f7fb9b \ 419 | --hash=sha256:c20498bd712b6e31a4402e1d027a1cd64f6a4a0066a3fe3c7344475886d07fdf \ 420 | --hash=sha256:cb18d9cd7b3f35a2f5af47bb8ed6a5bdbf4f3ddee37f3daade4ab7864c292f5b \ 421 | --hash=sha256:cf5bb9254e1c38aacf253d510d3d9be631bba21f3d068b17672b38b5cbf2fff5 \ 422 | --hash=sha256:d017775851a778ec9cc32651c4464079d06d927303c2dde9ae9830ccf6fe94e1 \ 423 | --hash=sha256:dc96668d9c7cc656609764275c5f8da58ef56d89bdd6810f6923d36497468ff7 \ 424 | --hash=sha256:e066a0586833d610c4bbddba0be5ba0e3e4f8e0bc5bb6d82103d8f8fc47bb59a \ 425 | --hash=sha256:e3a013895c64352b49d0d8e107a84f99631b16dbab156ded33ebf0becf56c8b2 \ 426 | --hash=sha256:eaf905a580f2747c4a474040a5063cd5e0cc3d1d2d6edb65f28196186493ad4a 427 | requests==2.31.0 \ 428 | --hash=sha256:58cd2187c01e70e6e26505bca751777aa9f2ee0b7f4300988b709f44e013003f \ 429 | --hash=sha256:942c5a758f98d790eaed1a29cb6eefc7ffb0d1cf7af05c3d2791656dbd6ad1e1 430 | # via 431 | # azure-core 432 | # google-api-core 433 | # google-cloud-storage 434 | # msal 435 | rsa==4.9 \ 436 | --hash=sha256:90260d9058e514786967344d0ef75fa8727eed8a7d2e43ce9f4bcf1b536174f7 \ 437 | --hash=sha256:e38464a49c6c85d7f1351b0126661487a7e0a14a50f1675ec50eb34d4f20ef21 438 | # via google-auth 439 | s3transfer==0.6.1 \ 440 | --hash=sha256:3c0da2d074bf35d6870ef157158641178a4204a6e689e82546083e31e0311346 \ 441 | --hash=sha256:640bb492711f4c0c0905e1f62b6aaeb771881935ad27884852411f8e9cacbca9 442 | # via boto3 443 | six==1.16.0 \ 444 | --hash=sha256:1e61c37477a1626458e36f7b1d82aa5c9b094fa4802892072e49de9c60c4c926 \ 445 | --hash=sha256:8abb2f1d86890a2dfb989f9a77cfcfd3e47c2a354b01111771326f8aa26e0254 446 | # via 447 | # azure-core 448 | # azure-identity 449 | # google-auth 450 | # isodate 451 | # python-dateutil 452 | typing-extensions==4.6.0 \ 453 | --hash=sha256:6ad00b63f849b7dcc313b70b6b304ed67b2b2963b3098a33efe18056b1a9a223 \ 454 | --hash=sha256:ff6b238610c747e44c268aa4bb23c8c735d665a63726df3f9431ce707f2aa768 455 | # via 456 | # azure-core 457 | # azure-storage-blob 458 | urllib3==1.26.16 \ 459 | --hash=sha256:8d36afa7616d8ab714608411b4a3b13e58f463aee519024578e062e141dce20f \ 460 | --hash=sha256:8f135f6502756bde6b2a9b28989df5fbe87c9970cecaa69041edcce7f0589b14 461 | # via 462 | # botocore 463 | # google-auth 464 | # requests 465 | -------------------------------------------------------------------------------- /standard-cnpg/src/main.rs: -------------------------------------------------------------------------------- 1 | fn main() { 2 | println!("Hello, world!"); 3 | } 4 | -------------------------------------------------------------------------------- /sync-volume.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | set -e 4 | 5 | # CNPG mounts this persistent volume to store data. Tembo also stores 6 | # extension files and dependent libraries here. On Pod initialization, Tembo 7 | # mounts the persistent volume to another location and passes it to this 8 | # script. The script copies the data the image put into the src into the dst 9 | # directory, so that when CNPG mounts the volume all the data from this Docker 10 | # image will be present in the persistent volume. 11 | 12 | src=/var/lib/postgresql/data 13 | 14 | migrate() { 15 | # Migrate libraries, modules, and shared files to their new locations. 16 | pushd "${1}" 17 | pgv="$(pg_config --version | perl -ne '/(\d+)/ && print $1')" 18 | if [ -d "tembo/$pgv/lib" ]; then 19 | # In old Tembo images, all Postgres libdir and pkglibdir files were 20 | # here. Remove the files burned into the image. 21 | if [ -d "tembo/$pgv/lib/bitcode" ]; then 22 | for file in /usr/lib/postgresql/lib/bitcode/*; do 23 | rm -rf "tembo/$pgv/lib/bitcode/$(basename "$file")" 24 | done 25 | fi 26 | for file in /usr/lib/postgresql/lib/*; do 27 | bn="$(basename "$file")" 28 | if [ "$bn" != "bitcode" ]; then 29 | rm -rf "tembo/$pgv/lib/$bn" 30 | fi 31 | done 32 | # Move likely dependent lib files to lib. 33 | mkdir -p lib 34 | mv "tembo/$pgv/lib/lib"* lib/ 35 | # Move the remaining files, mostly extension modules, to mod. 36 | mv "tembo/$pgv/lib" mod 37 | rmdir "tembo/$pgv" 38 | fi 39 | 40 | # The rest of the tembo directory is sharedir; rename it. 41 | mv tembo share 42 | popd 43 | } 44 | 45 | main() { 46 | dst="${1-/var/lib/postgresql/init}" 47 | # If the tembo directory managed by old images exists, migrate its files. 48 | if [ -d "$dst/tembo" ]; then migrate "$dst"; fi; 49 | # Update core modules and extensions on the volume. 50 | cp -p --recursive --update "$src/"* "$dst/" 51 | } 52 | 53 | main "$@" 54 | -------------------------------------------------------------------------------- /tembo-local-slim/Dockerfile: -------------------------------------------------------------------------------- 1 | FROM quay.io/tembo/tembo-pg-slim:latest 2 | 3 | USER root 4 | RUN chown -R postgres:postgres $PGDATA && \ 5 | chmod -R 0700 $PGDATA 6 | ENV PGDATA /var/lib/postgresql/data2 7 | RUN mkdir -p $PGDATA 8 | RUN chown -R postgres:postgres $PGDATA && \ 9 | chmod -R 0700 $PGDATA 10 | USER postgres 11 | RUN pg_ctl init 12 | # Set permissive authentication 13 | RUN echo "host all all 0.0.0.0/0 trust" >> ${PGDATA}/pg_hba.conf 14 | COPY postgresql.conf ${PGDATA}/postgresql.conf 15 | -------------------------------------------------------------------------------- /tembo-local-slim/LICENSE: -------------------------------------------------------------------------------- 1 | Apache License 2 | Version 2.0, January 2004 3 | http://www.apache.org/licenses/ 4 | 5 | TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION 6 | 7 | 1. Definitions. 8 | 9 | "License" shall mean the terms and conditions for use, reproduction, 10 | and distribution as defined by Sections 1 through 9 of this document. 11 | 12 | "Licensor" shall mean the copyright owner or entity authorized by 13 | the copyright owner that is granting the License. 14 | 15 | "Legal Entity" shall mean the union of the acting entity and all 16 | other entities that control, are controlled by, or are under common 17 | control with that entity. For the purposes of this definition, 18 | "control" means (i) the power, direct or indirect, to cause the 19 | direction or management of such entity, whether by contract or 20 | otherwise, or (ii) ownership of fifty percent (50%) or more of the 21 | outstanding shares, or (iii) beneficial ownership of such entity. 22 | 23 | "You" (or "Your") shall mean an individual or Legal Entity 24 | exercising permissions granted by this License. 25 | 26 | "Source" form shall mean the preferred form for making modifications, 27 | including but not limited to software source code, documentation 28 | source, and configuration files. 29 | 30 | "Object" form shall mean any form resulting from mechanical 31 | transformation or translation of a Source form, including but 32 | not limited to compiled object code, generated documentation, 33 | and conversions to other media types. 34 | 35 | "Work" shall mean the work of authorship, whether in Source or 36 | Object form, made available under the License, as indicated by a 37 | copyright notice that is included in or attached to the work 38 | (an example is provided in the Appendix below). 39 | 40 | "Derivative Works" shall mean any work, whether in Source or Object 41 | form, that is based on (or derived from) the Work and for which the 42 | editorial revisions, annotations, elaborations, or other modifications 43 | represent, as a whole, an original work of authorship. For the purposes 44 | of this License, Derivative Works shall not include works that remain 45 | separable from, or merely link (or bind by name) to the interfaces of, 46 | the Work and Derivative Works thereof. 47 | 48 | "Contribution" shall mean any work of authorship, including 49 | the original version of the Work and any modifications or additions 50 | to that Work or Derivative Works thereof, that is intentionally 51 | submitted to Licensor for inclusion in the Work by the copyright owner 52 | or by an individual or Legal Entity authorized to submit on behalf of 53 | the copyright owner. For the purposes of this definition, "submitted" 54 | means any form of electronic, verbal, or written communication sent 55 | to the Licensor or its representatives, including but not limited to 56 | communication on electronic mailing lists, source code control systems, 57 | and issue tracking systems that are managed by, or on behalf of, the 58 | Licensor for the purpose of discussing and improving the Work, but 59 | excluding communication that is conspicuously marked or otherwise 60 | designated in writing by the copyright owner as "Not a Contribution." 61 | 62 | "Contributor" shall mean Licensor and any individual or Legal Entity 63 | on behalf of whom a Contribution has been received by Licensor and 64 | subsequently incorporated within the Work. 65 | 66 | 2. Grant of Copyright License. Subject to the terms and conditions of 67 | this License, each Contributor hereby grants to You a perpetual, 68 | worldwide, non-exclusive, no-charge, royalty-free, irrevocable 69 | copyright license to reproduce, prepare Derivative Works of, 70 | publicly display, publicly perform, sublicense, and distribute the 71 | Work and such Derivative Works in Source or Object form. 72 | 73 | 3. Grant of Patent License. Subject to the terms and conditions of 74 | this License, each Contributor hereby grants to You a perpetual, 75 | worldwide, non-exclusive, no-charge, royalty-free, irrevocable 76 | (except as stated in this section) patent license to make, have made, 77 | use, offer to sell, sell, import, and otherwise transfer the Work, 78 | where such license applies only to those patent claims licensable 79 | by such Contributor that are necessarily infringed by their 80 | Contribution(s) alone or by combination of their Contribution(s) 81 | with the Work to which such Contribution(s) was submitted. If You 82 | institute patent litigation against any entity (including a 83 | cross-claim or counterclaim in a lawsuit) alleging that the Work 84 | or a Contribution incorporated within the Work constitutes direct 85 | or contributory patent infringement, then any patent licenses 86 | granted to You under this License for that Work shall terminate 87 | as of the date such litigation is filed. 88 | 89 | 4. Redistribution. You may reproduce and distribute copies of the 90 | Work or Derivative Works thereof in any medium, with or without 91 | modifications, and in Source or Object form, provided that You 92 | meet the following conditions: 93 | 94 | (a) You must give any other recipients of the Work or 95 | Derivative Works a copy of this License; and 96 | 97 | (b) You must cause any modified files to carry prominent notices 98 | stating that You changed the files; and 99 | 100 | (c) You must retain, in the Source form of any Derivative Works 101 | that You distribute, all copyright, patent, trademark, and 102 | attribution notices from the Source form of the Work, 103 | excluding those notices that do not pertain to any part of 104 | the Derivative Works; and 105 | 106 | (d) If the Work includes a "NOTICE" text file as part of its 107 | distribution, then any Derivative Works that You distribute must 108 | include a readable copy of the attribution notices contained 109 | within such NOTICE file, excluding those notices that do not 110 | pertain to any part of the Derivative Works, in at least one 111 | of the following places: within a NOTICE text file distributed 112 | as part of the Derivative Works; within the Source form or 113 | documentation, if provided along with the Derivative Works; or, 114 | within a display generated by the Derivative Works, if and 115 | wherever such third-party notices normally appear. The contents 116 | of the NOTICE file are for informational purposes only and 117 | do not modify the License. You may add Your own attribution 118 | notices within Derivative Works that You distribute, alongside 119 | or as an addendum to the NOTICE text from the Work, provided 120 | that such additional attribution notices cannot be construed 121 | as modifying the License. 122 | 123 | You may add Your own copyright statement to Your modifications and 124 | may provide additional or different license terms and conditions 125 | for use, reproduction, or distribution of Your modifications, or 126 | for any such Derivative Works as a whole, provided Your use, 127 | reproduction, and distribution of the Work otherwise complies with 128 | the conditions stated in this License. 129 | 130 | 5. Submission of Contributions. Unless You explicitly state otherwise, 131 | any Contribution intentionally submitted for inclusion in the Work 132 | by You to the Licensor shall be under the terms and conditions of 133 | this License, without any additional terms or conditions. 134 | Notwithstanding the above, nothing herein shall supersede or modify 135 | the terms of any separate license agreement you may have executed 136 | with Licensor regarding such Contributions. 137 | 138 | 6. Trademarks. This License does not grant permission to use the trade 139 | names, trademarks, service marks, or product names of the Licensor, 140 | except as required for reasonable and customary use in describing the 141 | origin of the Work and reproducing the content of the NOTICE file. 142 | 143 | 7. Disclaimer of Warranty. Unless required by applicable law or 144 | agreed to in writing, Licensor provides the Work (and each 145 | Contributor provides its Contributions) on an "AS IS" BASIS, 146 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or 147 | implied, including, without limitation, any warranties or conditions 148 | of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A 149 | PARTICULAR PURPOSE. You are solely responsible for determining the 150 | appropriateness of using or redistributing the Work and assume any 151 | risks associated with Your exercise of permissions under this License. 152 | 153 | 8. Limitation of Liability. In no event and under no legal theory, 154 | whether in tort (including negligence), contract, or otherwise, 155 | unless required by applicable law (such as deliberate and grossly 156 | negligent acts) or agreed to in writing, shall any Contributor be 157 | liable to You for damages, including any direct, indirect, special, 158 | incidental, or consequential damages of any character arising as a 159 | result of this License or out of the use or inability to use the 160 | Work (including but not limited to damages for loss of goodwill, 161 | work stoppage, computer failure or malfunction, or any and all 162 | other commercial damages or losses), even if such Contributor 163 | has been advised of the possibility of such damages. 164 | 165 | 9. Accepting Warranty or Additional Liability. While redistributing 166 | the Work or Derivative Works thereof, You may choose to offer, 167 | and charge a fee for, acceptance of support, warranty, indemnity, 168 | or other liability obligations and/or rights consistent with this 169 | License. However, in accepting such obligations, You may act only 170 | on Your own behalf and on Your sole responsibility, not on behalf 171 | of any other Contributor, and only if You agree to indemnify, 172 | defend, and hold each Contributor harmless for any liability 173 | incurred by, or claims asserted against, such Contributor by reason 174 | of your accepting any such warranty or additional liability. 175 | 176 | END OF TERMS AND CONDITIONS 177 | 178 | APPENDIX: How to apply the Apache License to your work. 179 | 180 | To apply the Apache License to your work, attach the following 181 | boilerplate notice, with the fields enclosed by brackets "[]" 182 | replaced with your own identifying information. (Don't include 183 | the brackets!) The text should be enclosed in the appropriate 184 | comment syntax for the file format. We also recommend that a 185 | file or class name and description of purpose be included on the 186 | same "printed page" as the copyright notice for easier 187 | identification within third-party archives. 188 | 189 | Copyright 2023 CoreDB, Inc. 190 | 191 | Licensed under the Apache License, Version 2.0 (the "License"); 192 | you may not use this file except in compliance with the License. 193 | You may obtain a copy of the License at 194 | 195 | http://www.apache.org/licenses/LICENSE-2.0 196 | 197 | Unless required by applicable law or agreed to in writing, software 198 | distributed under the License is distributed on an "AS IS" BASIS, 199 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 200 | See the License for the specific language governing permissions and 201 | limitations under the License. 202 | -------------------------------------------------------------------------------- /tembo-local-slim/postgresql.conf: -------------------------------------------------------------------------------- 1 | listen_addresses = '*' 2 | -------------------------------------------------------------------------------- /tembo-local/Dockerfile: -------------------------------------------------------------------------------- 1 | FROM quay.io/tembo/standard-cnpg:latest 2 | 3 | USER root 4 | 5 | RUN apt-get update && \ 6 | apt-get install -y vim openssl && \ 7 | apt-get autoremove -y && \ 8 | apt-get clean -y && \ 9 | rm -rf /var/lib/apt/lists/* 10 | 11 | RUN chown -R postgres:postgres $PGDATA && \ 12 | chmod -R 0700 $PGDATA 13 | # Set up the environment for the data directory 14 | ENV PGDATA /var/lib/postgresql/data2 15 | RUN mkdir -p $PGDATA && \ 16 | chown -R postgres:postgres $PGDATA && \ 17 | chmod -R 0700 $PGDATA 18 | 19 | # Generate self-signed certificate 20 | RUN openssl req -new -newkey rsa:4096 -days 365 -nodes -x509 \ 21 | -subj "/CN=*.local.tembo.io" \ 22 | -keyout /var/lib/postgresql/server.key \ 23 | -out /var/lib/postgresql/server.crt && \ 24 | chown postgres:postgres /var/lib/postgresql/server.* && \ 25 | chmod 600 /var/lib/postgresql/server.key 26 | 27 | USER postgres 28 | 29 | # Initialize the database 30 | RUN pg_ctl -c init 31 | 32 | RUN mkdir -p $PGDATA/extra-configs 33 | RUN mkdir -p $PGDATA/startup-scripts 34 | 35 | # Set permissive authentication (for local testing) 36 | RUN echo "hostssl all all 0.0.0.0/0 trust" >> ${PGDATA}/pg_hba.conf 37 | 38 | # Copy configuration files 39 | COPY postgresql.conf ${PGDATA}/postgresql.conf 40 | COPY entrypoint.sh /usr/local/bin/entrypoint.sh 41 | 42 | # Set environment variables 43 | ENV PGHOST=localhost 44 | ENV PGPORT=5432 45 | ENV PGDATABASE=postgres 46 | ENV PGUSER=postgres 47 | 48 | # Entry point 49 | CMD ["entrypoint.sh"] 50 | -------------------------------------------------------------------------------- /tembo-local/LICENSE: -------------------------------------------------------------------------------- 1 | Apache License 2 | Version 2.0, January 2004 3 | http://www.apache.org/licenses/ 4 | 5 | TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION 6 | 7 | 1. Definitions. 8 | 9 | "License" shall mean the terms and conditions for use, reproduction, 10 | and distribution as defined by Sections 1 through 9 of this document. 11 | 12 | "Licensor" shall mean the copyright owner or entity authorized by 13 | the copyright owner that is granting the License. 14 | 15 | "Legal Entity" shall mean the union of the acting entity and all 16 | other entities that control, are controlled by, or are under common 17 | control with that entity. For the purposes of this definition, 18 | "control" means (i) the power, direct or indirect, to cause the 19 | direction or management of such entity, whether by contract or 20 | otherwise, or (ii) ownership of fifty percent (50%) or more of the 21 | outstanding shares, or (iii) beneficial ownership of such entity. 22 | 23 | "You" (or "Your") shall mean an individual or Legal Entity 24 | exercising permissions granted by this License. 25 | 26 | "Source" form shall mean the preferred form for making modifications, 27 | including but not limited to software source code, documentation 28 | source, and configuration files. 29 | 30 | "Object" form shall mean any form resulting from mechanical 31 | transformation or translation of a Source form, including but 32 | not limited to compiled object code, generated documentation, 33 | and conversions to other media types. 34 | 35 | "Work" shall mean the work of authorship, whether in Source or 36 | Object form, made available under the License, as indicated by a 37 | copyright notice that is included in or attached to the work 38 | (an example is provided in the Appendix below). 39 | 40 | "Derivative Works" shall mean any work, whether in Source or Object 41 | form, that is based on (or derived from) the Work and for which the 42 | editorial revisions, annotations, elaborations, or other modifications 43 | represent, as a whole, an original work of authorship. For the purposes 44 | of this License, Derivative Works shall not include works that remain 45 | separable from, or merely link (or bind by name) to the interfaces of, 46 | the Work and Derivative Works thereof. 47 | 48 | "Contribution" shall mean any work of authorship, including 49 | the original version of the Work and any modifications or additions 50 | to that Work or Derivative Works thereof, that is intentionally 51 | submitted to Licensor for inclusion in the Work by the copyright owner 52 | or by an individual or Legal Entity authorized to submit on behalf of 53 | the copyright owner. For the purposes of this definition, "submitted" 54 | means any form of electronic, verbal, or written communication sent 55 | to the Licensor or its representatives, including but not limited to 56 | communication on electronic mailing lists, source code control systems, 57 | and issue tracking systems that are managed by, or on behalf of, the 58 | Licensor for the purpose of discussing and improving the Work, but 59 | excluding communication that is conspicuously marked or otherwise 60 | designated in writing by the copyright owner as "Not a Contribution." 61 | 62 | "Contributor" shall mean Licensor and any individual or Legal Entity 63 | on behalf of whom a Contribution has been received by Licensor and 64 | subsequently incorporated within the Work. 65 | 66 | 2. Grant of Copyright License. Subject to the terms and conditions of 67 | this License, each Contributor hereby grants to You a perpetual, 68 | worldwide, non-exclusive, no-charge, royalty-free, irrevocable 69 | copyright license to reproduce, prepare Derivative Works of, 70 | publicly display, publicly perform, sublicense, and distribute the 71 | Work and such Derivative Works in Source or Object form. 72 | 73 | 3. Grant of Patent License. Subject to the terms and conditions of 74 | this License, each Contributor hereby grants to You a perpetual, 75 | worldwide, non-exclusive, no-charge, royalty-free, irrevocable 76 | (except as stated in this section) patent license to make, have made, 77 | use, offer to sell, sell, import, and otherwise transfer the Work, 78 | where such license applies only to those patent claims licensable 79 | by such Contributor that are necessarily infringed by their 80 | Contribution(s) alone or by combination of their Contribution(s) 81 | with the Work to which such Contribution(s) was submitted. If You 82 | institute patent litigation against any entity (including a 83 | cross-claim or counterclaim in a lawsuit) alleging that the Work 84 | or a Contribution incorporated within the Work constitutes direct 85 | or contributory patent infringement, then any patent licenses 86 | granted to You under this License for that Work shall terminate 87 | as of the date such litigation is filed. 88 | 89 | 4. Redistribution. You may reproduce and distribute copies of the 90 | Work or Derivative Works thereof in any medium, with or without 91 | modifications, and in Source or Object form, provided that You 92 | meet the following conditions: 93 | 94 | (a) You must give any other recipients of the Work or 95 | Derivative Works a copy of this License; and 96 | 97 | (b) You must cause any modified files to carry prominent notices 98 | stating that You changed the files; and 99 | 100 | (c) You must retain, in the Source form of any Derivative Works 101 | that You distribute, all copyright, patent, trademark, and 102 | attribution notices from the Source form of the Work, 103 | excluding those notices that do not pertain to any part of 104 | the Derivative Works; and 105 | 106 | (d) If the Work includes a "NOTICE" text file as part of its 107 | distribution, then any Derivative Works that You distribute must 108 | include a readable copy of the attribution notices contained 109 | within such NOTICE file, excluding those notices that do not 110 | pertain to any part of the Derivative Works, in at least one 111 | of the following places: within a NOTICE text file distributed 112 | as part of the Derivative Works; within the Source form or 113 | documentation, if provided along with the Derivative Works; or, 114 | within a display generated by the Derivative Works, if and 115 | wherever such third-party notices normally appear. The contents 116 | of the NOTICE file are for informational purposes only and 117 | do not modify the License. You may add Your own attribution 118 | notices within Derivative Works that You distribute, alongside 119 | or as an addendum to the NOTICE text from the Work, provided 120 | that such additional attribution notices cannot be construed 121 | as modifying the License. 122 | 123 | You may add Your own copyright statement to Your modifications and 124 | may provide additional or different license terms and conditions 125 | for use, reproduction, or distribution of Your modifications, or 126 | for any such Derivative Works as a whole, provided Your use, 127 | reproduction, and distribution of the Work otherwise complies with 128 | the conditions stated in this License. 129 | 130 | 5. Submission of Contributions. Unless You explicitly state otherwise, 131 | any Contribution intentionally submitted for inclusion in the Work 132 | by You to the Licensor shall be under the terms and conditions of 133 | this License, without any additional terms or conditions. 134 | Notwithstanding the above, nothing herein shall supersede or modify 135 | the terms of any separate license agreement you may have executed 136 | with Licensor regarding such Contributions. 137 | 138 | 6. Trademarks. This License does not grant permission to use the trade 139 | names, trademarks, service marks, or product names of the Licensor, 140 | except as required for reasonable and customary use in describing the 141 | origin of the Work and reproducing the content of the NOTICE file. 142 | 143 | 7. Disclaimer of Warranty. Unless required by applicable law or 144 | agreed to in writing, Licensor provides the Work (and each 145 | Contributor provides its Contributions) on an "AS IS" BASIS, 146 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or 147 | implied, including, without limitation, any warranties or conditions 148 | of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A 149 | PARTICULAR PURPOSE. You are solely responsible for determining the 150 | appropriateness of using or redistributing the Work and assume any 151 | risks associated with Your exercise of permissions under this License. 152 | 153 | 8. Limitation of Liability. In no event and under no legal theory, 154 | whether in tort (including negligence), contract, or otherwise, 155 | unless required by applicable law (such as deliberate and grossly 156 | negligent acts) or agreed to in writing, shall any Contributor be 157 | liable to You for damages, including any direct, indirect, special, 158 | incidental, or consequential damages of any character arising as a 159 | result of this License or out of the use or inability to use the 160 | Work (including but not limited to damages for loss of goodwill, 161 | work stoppage, computer failure or malfunction, or any and all 162 | other commercial damages or losses), even if such Contributor 163 | has been advised of the possibility of such damages. 164 | 165 | 9. Accepting Warranty or Additional Liability. While redistributing 166 | the Work or Derivative Works thereof, You may choose to offer, 167 | and charge a fee for, acceptance of support, warranty, indemnity, 168 | or other liability obligations and/or rights consistent with this 169 | License. However, in accepting such obligations, You may act only 170 | on Your own behalf and on Your sole responsibility, not on behalf 171 | of any other Contributor, and only if You agree to indemnify, 172 | defend, and hold each Contributor harmless for any liability 173 | incurred by, or claims asserted against, such Contributor by reason 174 | of your accepting any such warranty or additional liability. 175 | 176 | END OF TERMS AND CONDITIONS 177 | 178 | APPENDIX: How to apply the Apache License to your work. 179 | 180 | To apply the Apache License to your work, attach the following 181 | boilerplate notice, with the fields enclosed by brackets "[]" 182 | replaced with your own identifying information. (Don't include 183 | the brackets!) The text should be enclosed in the appropriate 184 | comment syntax for the file format. We also recommend that a 185 | file or class name and description of purpose be included on the 186 | same "printed page" as the copyright notice for easier 187 | identification within third-party archives. 188 | 189 | Copyright 2023 CoreDB, Inc. 190 | 191 | Licensed under the Apache License, Version 2.0 (the "License"); 192 | you may not use this file except in compliance with the License. 193 | You may obtain a copy of the License at 194 | 195 | http://www.apache.org/licenses/LICENSE-2.0 196 | 197 | Unless required by applicable law or agreed to in writing, software 198 | distributed under the License is distributed on an "AS IS" BASIS, 199 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 200 | See the License for the specific language governing permissions and 201 | limitations under the License. 202 | -------------------------------------------------------------------------------- /tembo-local/entrypoint.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash -i 2 | 3 | set -e 4 | 5 | # Start PostgreSQL in the background 6 | postgres & 7 | 8 | # Wait for PostgreSQL to start up 9 | until pg_isready; do 10 | echo "Waiting for postgres to be ready..." 11 | sleep 1 12 | done 13 | 14 | # Loop through and execute each SQL file 15 | for sql_file in $PGDATA/startup-scripts/*.sql; do 16 | [ -e "$sql_file" ] || continue 17 | psql -a -f "$sql_file" 18 | done 19 | 20 | # Move the PostgreSQL process to the foreground 21 | fg 22 | -------------------------------------------------------------------------------- /tembo-local/postgresql.conf: -------------------------------------------------------------------------------- 1 | listen_addresses = '*' 2 | include_dir = 'extra-configs' 3 | ssl = on 4 | ssl_cert_file = '/var/lib/postgresql/server.crt' 5 | ssl_key_file = '/var/lib/postgresql/server.key' 6 | -------------------------------------------------------------------------------- /tembo-pg-cnpg/Cargo.toml: -------------------------------------------------------------------------------- 1 | [package] 2 | name = "tembo-pg-cnpg" 3 | version = "15.3.0-5" 4 | edition = "2021" 5 | authors = ["tembo.io"] 6 | description = "Container image for Tembo's distribution of postgres" 7 | homepage = "https://www.tembo.io" 8 | license = "Apache-2.0" 9 | readme = "README.md" 10 | repository = "https://github.com/tembo-io/tembo/tree/main/postgres" 11 | publish = false 12 | 13 | 14 | # See more keys and their definitions at https://doc.rust-lang.org/cargo/reference/manifest.html 15 | 16 | [dependencies] 17 | -------------------------------------------------------------------------------- /tembo-pg-cnpg/Dockerfile: -------------------------------------------------------------------------------- 1 | ARG PG_VERSION=15 2 | ARG TAG=latest 3 | 4 | FROM rust:1.85-bookworm as builder 5 | ARG TRUNK_VER=0.16.1 6 | 7 | ENV CARGO_REGISTRIES_CRATES_IO_PROTOCOL sparse 8 | RUN cargo install --version $TRUNK_VER pg-trunk 9 | 10 | FROM quay.io/tembo/tembo-pg-slim:${PG_VERSION}-${TAG} 11 | 12 | USER root 13 | 14 | # PGDATA is set in tembo-pg-slim and used by dependents on this image. 15 | RUN if [ -z "${PGDATA}" ]; then echo "PGDATA is not set"; exit 1; fi 16 | 17 | # Install trunk 18 | COPY --from=builder /usr/local/cargo/bin/trunk /usr/bin/trunk 19 | COPY ./requirements.txt . 20 | 21 | # Install barman-cloud 22 | RUN set -xe; \ 23 | apt-get update; \ 24 | apt-get install -y --no-install-recommends \ 25 | python3-pip \ 26 | python3-psycopg2 \ 27 | python3-setuptools \ 28 | ; \ 29 | pip3 install --upgrade pip; \ 30 | # TODO: Remove --no-deps once https://github.com/pypa/pip/issues/9644 is solved 31 | pip3 install --no-deps -r requirements.txt; \ 32 | apt-get autoremove -y; \ 33 | apt-get clean; \ 34 | rm -rf /var/lib/apt/lists/*; 35 | 36 | # Install pg_stat_statements 37 | RUN trunk install pg_stat_statements 38 | 39 | # Install auto_explain 40 | RUN trunk install auto_explain 41 | 42 | # Revert the postgres user to id 26 43 | RUN usermod -u 26 postgres 44 | USER 26 45 | -------------------------------------------------------------------------------- /tembo-pg-cnpg/README.md: -------------------------------------------------------------------------------- 1 | # Postgres Docker Image for CPNG 2 | 3 | Contains a Dockerfile with PostgreSQL, Trunk, and barman-cloud installed. 4 | 5 | ## Versioning 6 | 7 | The version of the Docker image can be configured in the `Cargo.toml` file in this directory. We may wrap postgres in our Tembo distribution, but for the time being this crate is just a placeholder to allow for versioning. 8 | -------------------------------------------------------------------------------- /tembo-pg-cnpg/requirements.txt: -------------------------------------------------------------------------------- 1 | # 2 | # This file is autogenerated by pip-compile with Python 3.8 3 | # by the following command: 4 | # 5 | # pip-compile --generate-hashes 6 | # 7 | argcomplete==3.0.8 \ 8 | --hash=sha256:b9ca96448e14fa459d7450a4ab5a22bbf9cee4ba7adddf03e65c398b5daeea28 \ 9 | --hash=sha256:e36fd646839933cbec7941c662ecb65338248667358dd3d968405a4506a60d9b 10 | azure-core==1.26.4 \ 11 | --hash=sha256:075fe06b74c3007950dd93d49440c2f3430fd9b4a5a2756ec8c79454afc989c6 \ 12 | --hash=sha256:d9664b4bc2675d72fba461a285ac43ae33abb2967014a955bf136d9703a2ab3c 13 | # via 14 | # azure-identity 15 | # azure-storage-blob 16 | azure-identity==1.13.0 \ 17 | --hash=sha256:bd700cebb80cd9862098587c29d8677e819beca33c62568ced6d5a8e5e332b82 \ 18 | --hash=sha256:c931c27301ffa86b07b4dcf574e29da73e3deba9ab5d1fe4f445bb6a3117e260 19 | azure-storage-blob==12.16.0 \ 20 | --hash=sha256:43b45f19a518a5c6895632f263b3825ebc23574f25cc84b66e1630a6160e466f \ 21 | --hash=sha256:91bb192b2a97939c4259c72373bac0f41e30810bbc853d5184f0f45904eacafd 22 | barman[azure,cloud,google,snappy]==3.5.0 \ 23 | --hash=sha256:078643961d421a5f54825d3da4bbd04faa94b96a6a0f6cefe23babdc53aff83a \ 24 | --hash=sha256:bea6885c1efe2e140b640d4b2daec8aff03563a5cee199a73f874ae39fede051 25 | # via -r requirements.in 26 | boto3==1.26.139 \ 27 | --hash=sha256:5b61a82f0c1cd006bd109ddf27c93d9b010c4c188fc583ee257ff6f3bb89970d \ 28 | --hash=sha256:fe19d287bc8ede385e1b9136f135ee8f93eab81404ad1445b1a70cabfe3f7087 29 | botocore==1.29.139 \ 30 | --hash=sha256:acc62710bdf11e47f4f26fb290a9082ff00377d7e93a16e1f080f9c789898114 \ 31 | --hash=sha256:b164af929eb2f1507833718de9eb8811e3adc6943b464c1869e95ac87f3bab88 32 | # via 33 | # boto3 34 | # s3transfer 35 | cachetools==5.3.0 \ 36 | --hash=sha256:13dfddc7b8df938c21a940dfa6557ce6e94a2f1cdfa58eb90c805721d58f2c14 \ 37 | --hash=sha256:429e1a1e845c008ea6c85aa35d4b98b65d6a9763eeef3e37e92728a12d1de9d4 38 | # via google-auth 39 | certifi==2023.5.7 \ 40 | --hash=sha256:0f0d56dc5a6ad56fd4ba36484d6cc34451e1c6548c61daad8c320169f91eddc7 \ 41 | --hash=sha256:c6c2e98f5c7869efca1f8916fed228dd91539f9f1b444c314c06eef02980c716 42 | # via requests 43 | cffi==1.15.1 \ 44 | --hash=sha256:00a9ed42e88df81ffae7a8ab6d9356b371399b91dbdf0c3cb1e84c03a13aceb5 \ 45 | --hash=sha256:03425bdae262c76aad70202debd780501fabeaca237cdfddc008987c0e0f59ef \ 46 | --hash=sha256:04ed324bda3cda42b9b695d51bb7d54b680b9719cfab04227cdd1e04e5de3104 \ 47 | --hash=sha256:0e2642fe3142e4cc4af0799748233ad6da94c62a8bec3a6648bf8ee68b1c7426 \ 48 | --hash=sha256:173379135477dc8cac4bc58f45db08ab45d228b3363adb7af79436135d028405 \ 49 | --hash=sha256:198caafb44239b60e252492445da556afafc7d1e3ab7a1fb3f0584ef6d742375 \ 50 | --hash=sha256:1e74c6b51a9ed6589199c787bf5f9875612ca4a8a0785fb2d4a84429badaf22a \ 51 | --hash=sha256:2012c72d854c2d03e45d06ae57f40d78e5770d252f195b93f581acf3ba44496e \ 52 | --hash=sha256:21157295583fe8943475029ed5abdcf71eb3911894724e360acff1d61c1d54bc \ 53 | --hash=sha256:2470043b93ff09bf8fb1d46d1cb756ce6132c54826661a32d4e4d132e1977adf \ 54 | --hash=sha256:285d29981935eb726a4399badae8f0ffdff4f5050eaa6d0cfc3f64b857b77185 \ 55 | --hash=sha256:30d78fbc8ebf9c92c9b7823ee18eb92f2e6ef79b45ac84db507f52fbe3ec4497 \ 56 | --hash=sha256:320dab6e7cb2eacdf0e658569d2575c4dad258c0fcc794f46215e1e39f90f2c3 \ 57 | --hash=sha256:33ab79603146aace82c2427da5ca6e58f2b3f2fb5da893ceac0c42218a40be35 \ 58 | --hash=sha256:3548db281cd7d2561c9ad9984681c95f7b0e38881201e157833a2342c30d5e8c \ 59 | --hash=sha256:3799aecf2e17cf585d977b780ce79ff0dc9b78d799fc694221ce814c2c19db83 \ 60 | --hash=sha256:39d39875251ca8f612b6f33e6b1195af86d1b3e60086068be9cc053aa4376e21 \ 61 | --hash=sha256:3b926aa83d1edb5aa5b427b4053dc420ec295a08e40911296b9eb1b6170f6cca \ 62 | --hash=sha256:3bcde07039e586f91b45c88f8583ea7cf7a0770df3a1649627bf598332cb6984 \ 63 | --hash=sha256:3d08afd128ddaa624a48cf2b859afef385b720bb4b43df214f85616922e6a5ac \ 64 | --hash=sha256:3eb6971dcff08619f8d91607cfc726518b6fa2a9eba42856be181c6d0d9515fd \ 65 | --hash=sha256:40f4774f5a9d4f5e344f31a32b5096977b5d48560c5592e2f3d2c4374bd543ee \ 66 | --hash=sha256:4289fc34b2f5316fbb762d75362931e351941fa95fa18789191b33fc4cf9504a \ 67 | --hash=sha256:470c103ae716238bbe698d67ad020e1db9d9dba34fa5a899b5e21577e6d52ed2 \ 68 | --hash=sha256:4f2c9f67e9821cad2e5f480bc8d83b8742896f1242dba247911072d4fa94c192 \ 69 | --hash=sha256:50a74364d85fd319352182ef59c5c790484a336f6db772c1a9231f1c3ed0cbd7 \ 70 | --hash=sha256:54a2db7b78338edd780e7ef7f9f6c442500fb0d41a5a4ea24fff1c929d5af585 \ 71 | --hash=sha256:5635bd9cb9731e6d4a1132a498dd34f764034a8ce60cef4f5319c0541159392f \ 72 | --hash=sha256:59c0b02d0a6c384d453fece7566d1c7e6b7bae4fc5874ef2ef46d56776d61c9e \ 73 | --hash=sha256:5d598b938678ebf3c67377cdd45e09d431369c3b1a5b331058c338e201f12b27 \ 74 | --hash=sha256:5df2768244d19ab7f60546d0c7c63ce1581f7af8b5de3eb3004b9b6fc8a9f84b \ 75 | --hash=sha256:5ef34d190326c3b1f822a5b7a45f6c4535e2f47ed06fec77d3d799c450b2651e \ 76 | --hash=sha256:6975a3fac6bc83c4a65c9f9fcab9e47019a11d3d2cf7f3c0d03431bf145a941e \ 77 | --hash=sha256:6c9a799e985904922a4d207a94eae35c78ebae90e128f0c4e521ce339396be9d \ 78 | --hash=sha256:70df4e3b545a17496c9b3f41f5115e69a4f2e77e94e1d2a8e1070bc0c38c8a3c \ 79 | --hash=sha256:7473e861101c9e72452f9bf8acb984947aa1661a7704553a9f6e4baa5ba64415 \ 80 | --hash=sha256:8102eaf27e1e448db915d08afa8b41d6c7ca7a04b7d73af6514df10a3e74bd82 \ 81 | --hash=sha256:87c450779d0914f2861b8526e035c5e6da0a3199d8f1add1a665e1cbc6fc6d02 \ 82 | --hash=sha256:8b7ee99e510d7b66cdb6c593f21c043c248537a32e0bedf02e01e9553a172314 \ 83 | --hash=sha256:91fc98adde3d7881af9b59ed0294046f3806221863722ba7d8d120c575314325 \ 84 | --hash=sha256:94411f22c3985acaec6f83c6df553f2dbe17b698cc7f8ae751ff2237d96b9e3c \ 85 | --hash=sha256:98d85c6a2bef81588d9227dde12db8a7f47f639f4a17c9ae08e773aa9c697bf3 \ 86 | --hash=sha256:9ad5db27f9cabae298d151c85cf2bad1d359a1b9c686a275df03385758e2f914 \ 87 | --hash=sha256:a0b71b1b8fbf2b96e41c4d990244165e2c9be83d54962a9a1d118fd8657d2045 \ 88 | --hash=sha256:a0f100c8912c114ff53e1202d0078b425bee3649ae34d7b070e9697f93c5d52d \ 89 | --hash=sha256:a591fe9e525846e4d154205572a029f653ada1a78b93697f3b5a8f1f2bc055b9 \ 90 | --hash=sha256:a5c84c68147988265e60416b57fc83425a78058853509c1b0629c180094904a5 \ 91 | --hash=sha256:a66d3508133af6e8548451b25058d5812812ec3798c886bf38ed24a98216fab2 \ 92 | --hash=sha256:a8c4917bd7ad33e8eb21e9a5bbba979b49d9a97acb3a803092cbc1133e20343c \ 93 | --hash=sha256:b3bbeb01c2b273cca1e1e0c5df57f12dce9a4dd331b4fa1635b8bec26350bde3 \ 94 | --hash=sha256:cba9d6b9a7d64d4bd46167096fc9d2f835e25d7e4c121fb2ddfc6528fb0413b2 \ 95 | --hash=sha256:cc4d65aeeaa04136a12677d3dd0b1c0c94dc43abac5860ab33cceb42b801c1e8 \ 96 | --hash=sha256:ce4bcc037df4fc5e3d184794f27bdaab018943698f4ca31630bc7f84a7b69c6d \ 97 | --hash=sha256:cec7d9412a9102bdc577382c3929b337320c4c4c4849f2c5cdd14d7368c5562d \ 98 | --hash=sha256:d400bfb9a37b1351253cb402671cea7e89bdecc294e8016a707f6d1d8ac934f9 \ 99 | --hash=sha256:d61f4695e6c866a23a21acab0509af1cdfd2c013cf256bbf5b6b5e2695827162 \ 100 | --hash=sha256:db0fbb9c62743ce59a9ff687eb5f4afbe77e5e8403d6697f7446e5f609976f76 \ 101 | --hash=sha256:dd86c085fae2efd48ac91dd7ccffcfc0571387fe1193d33b6394db7ef31fe2a4 \ 102 | --hash=sha256:e00b098126fd45523dd056d2efba6c5a63b71ffe9f2bbe1a4fe1716e1d0c331e \ 103 | --hash=sha256:e229a521186c75c8ad9490854fd8bbdd9a0c9aa3a524326b55be83b54d4e0ad9 \ 104 | --hash=sha256:e263d77ee3dd201c3a142934a086a4450861778baaeeb45db4591ef65550b0a6 \ 105 | --hash=sha256:ed9cb427ba5504c1dc15ede7d516b84757c3e3d7868ccc85121d9310d27eed0b \ 106 | --hash=sha256:fa6693661a4c91757f4412306191b6dc88c1703f780c8234035eac011922bc01 \ 107 | --hash=sha256:fcd131dd944808b5bdb38e6f5b53013c5aa4f334c5cad0c72742f6eba4b73db0 108 | # via cryptography 109 | charset-normalizer==3.1.0 \ 110 | --hash=sha256:04afa6387e2b282cf78ff3dbce20f0cc071c12dc8f685bd40960cc68644cfea6 \ 111 | --hash=sha256:04eefcee095f58eaabe6dc3cc2262f3bcd776d2c67005880894f447b3f2cb9c1 \ 112 | --hash=sha256:0be65ccf618c1e7ac9b849c315cc2e8a8751d9cfdaa43027d4f6624bd587ab7e \ 113 | --hash=sha256:0c95f12b74681e9ae127728f7e5409cbbef9cd914d5896ef238cc779b8152373 \ 114 | --hash=sha256:0ca564606d2caafb0abe6d1b5311c2649e8071eb241b2d64e75a0d0065107e62 \ 115 | --hash=sha256:10c93628d7497c81686e8e5e557aafa78f230cd9e77dd0c40032ef90c18f2230 \ 116 | --hash=sha256:11d117e6c63e8f495412d37e7dc2e2fff09c34b2d09dbe2bee3c6229577818be \ 117 | --hash=sha256:11d3bcb7be35e7b1bba2c23beedac81ee893ac9871d0ba79effc7fc01167db6c \ 118 | --hash=sha256:12a2b561af122e3d94cdb97fe6fb2bb2b82cef0cdca131646fdb940a1eda04f0 \ 119 | --hash=sha256:12d1a39aa6b8c6f6248bb54550efcc1c38ce0d8096a146638fd4738e42284448 \ 120 | --hash=sha256:1435ae15108b1cb6fffbcea2af3d468683b7afed0169ad718451f8db5d1aff6f \ 121 | --hash=sha256:1c60b9c202d00052183c9be85e5eaf18a4ada0a47d188a83c8f5c5b23252f649 \ 122 | --hash=sha256:1e8fcdd8f672a1c4fc8d0bd3a2b576b152d2a349782d1eb0f6b8e52e9954731d \ 123 | --hash=sha256:20064ead0717cf9a73a6d1e779b23d149b53daf971169289ed2ed43a71e8d3b0 \ 124 | --hash=sha256:21fa558996782fc226b529fdd2ed7866c2c6ec91cee82735c98a197fae39f706 \ 125 | --hash=sha256:22908891a380d50738e1f978667536f6c6b526a2064156203d418f4856d6e86a \ 126 | --hash=sha256:3160a0fd9754aab7d47f95a6b63ab355388d890163eb03b2d2b87ab0a30cfa59 \ 127 | --hash=sha256:322102cdf1ab682ecc7d9b1c5eed4ec59657a65e1c146a0da342b78f4112db23 \ 128 | --hash=sha256:34e0a2f9c370eb95597aae63bf85eb5e96826d81e3dcf88b8886012906f509b5 \ 129 | --hash=sha256:3573d376454d956553c356df45bb824262c397c6e26ce43e8203c4c540ee0acb \ 130 | --hash=sha256:3747443b6a904001473370d7810aa19c3a180ccd52a7157aacc264a5ac79265e \ 131 | --hash=sha256:38e812a197bf8e71a59fe55b757a84c1f946d0ac114acafaafaf21667a7e169e \ 132 | --hash=sha256:3a06f32c9634a8705f4ca9946d667609f52cf130d5548881401f1eb2c39b1e2c \ 133 | --hash=sha256:3a5fc78f9e3f501a1614a98f7c54d3969f3ad9bba8ba3d9b438c3bc5d047dd28 \ 134 | --hash=sha256:3d9098b479e78c85080c98e1e35ff40b4a31d8953102bb0fd7d1b6f8a2111a3d \ 135 | --hash=sha256:3dc5b6a8ecfdc5748a7e429782598e4f17ef378e3e272eeb1340ea57c9109f41 \ 136 | --hash=sha256:4155b51ae05ed47199dc5b2a4e62abccb274cee6b01da5b895099b61b1982974 \ 137 | --hash=sha256:49919f8400b5e49e961f320c735388ee686a62327e773fa5b3ce6721f7e785ce \ 138 | --hash=sha256:53d0a3fa5f8af98a1e261de6a3943ca631c526635eb5817a87a59d9a57ebf48f \ 139 | --hash=sha256:5f008525e02908b20e04707a4f704cd286d94718f48bb33edddc7d7b584dddc1 \ 140 | --hash=sha256:628c985afb2c7d27a4800bfb609e03985aaecb42f955049957814e0491d4006d \ 141 | --hash=sha256:65ed923f84a6844de5fd29726b888e58c62820e0769b76565480e1fdc3d062f8 \ 142 | --hash=sha256:6734e606355834f13445b6adc38b53c0fd45f1a56a9ba06c2058f86893ae8017 \ 143 | --hash=sha256:6baf0baf0d5d265fa7944feb9f7451cc316bfe30e8df1a61b1bb08577c554f31 \ 144 | --hash=sha256:6f4f4668e1831850ebcc2fd0b1cd11721947b6dc7c00bf1c6bd3c929ae14f2c7 \ 145 | --hash=sha256:6f5c2e7bc8a4bf7c426599765b1bd33217ec84023033672c1e9a8b35eaeaaaf8 \ 146 | --hash=sha256:6f6c7a8a57e9405cad7485f4c9d3172ae486cfef1344b5ddd8e5239582d7355e \ 147 | --hash=sha256:7381c66e0561c5757ffe616af869b916c8b4e42b367ab29fedc98481d1e74e14 \ 148 | --hash=sha256:73dc03a6a7e30b7edc5b01b601e53e7fc924b04e1835e8e407c12c037e81adbd \ 149 | --hash=sha256:74db0052d985cf37fa111828d0dd230776ac99c740e1a758ad99094be4f1803d \ 150 | --hash=sha256:75f2568b4189dda1c567339b48cba4ac7384accb9c2a7ed655cd86b04055c795 \ 151 | --hash=sha256:78cacd03e79d009d95635e7d6ff12c21eb89b894c354bd2b2ed0b4763373693b \ 152 | --hash=sha256:80d1543d58bd3d6c271b66abf454d437a438dff01c3e62fdbcd68f2a11310d4b \ 153 | --hash=sha256:830d2948a5ec37c386d3170c483063798d7879037492540f10a475e3fd6f244b \ 154 | --hash=sha256:891cf9b48776b5c61c700b55a598621fdb7b1e301a550365571e9624f270c203 \ 155 | --hash=sha256:8f25e17ab3039b05f762b0a55ae0b3632b2e073d9c8fc88e89aca31a6198e88f \ 156 | --hash=sha256:9a3267620866c9d17b959a84dd0bd2d45719b817245e49371ead79ed4f710d19 \ 157 | --hash=sha256:a04f86f41a8916fe45ac5024ec477f41f886b3c435da2d4e3d2709b22ab02af1 \ 158 | --hash=sha256:aaf53a6cebad0eae578f062c7d462155eada9c172bd8c4d250b8c1d8eb7f916a \ 159 | --hash=sha256:abc1185d79f47c0a7aaf7e2412a0eb2c03b724581139193d2d82b3ad8cbb00ac \ 160 | --hash=sha256:ac0aa6cd53ab9a31d397f8303f92c42f534693528fafbdb997c82bae6e477ad9 \ 161 | --hash=sha256:ac3775e3311661d4adace3697a52ac0bab17edd166087d493b52d4f4f553f9f0 \ 162 | --hash=sha256:b06f0d3bf045158d2fb8837c5785fe9ff9b8c93358be64461a1089f5da983137 \ 163 | --hash=sha256:b116502087ce8a6b7a5f1814568ccbd0e9f6cfd99948aa59b0e241dc57cf739f \ 164 | --hash=sha256:b82fab78e0b1329e183a65260581de4375f619167478dddab510c6c6fb04d9b6 \ 165 | --hash=sha256:bd7163182133c0c7701b25e604cf1611c0d87712e56e88e7ee5d72deab3e76b5 \ 166 | --hash=sha256:c36bcbc0d5174a80d6cccf43a0ecaca44e81d25be4b7f90f0ed7bcfbb5a00909 \ 167 | --hash=sha256:c3af8e0f07399d3176b179f2e2634c3ce9c1301379a6b8c9c9aeecd481da494f \ 168 | --hash=sha256:c84132a54c750fda57729d1e2599bb598f5fa0344085dbde5003ba429a4798c0 \ 169 | --hash=sha256:cb7b2ab0188829593b9de646545175547a70d9a6e2b63bf2cd87a0a391599324 \ 170 | --hash=sha256:cca4def576f47a09a943666b8f829606bcb17e2bc2d5911a46c8f8da45f56755 \ 171 | --hash=sha256:cf6511efa4801b9b38dc5546d7547d5b5c6ef4b081c60b23e4d941d0eba9cbeb \ 172 | --hash=sha256:d16fd5252f883eb074ca55cb622bc0bee49b979ae4e8639fff6ca3ff44f9f854 \ 173 | --hash=sha256:d2686f91611f9e17f4548dbf050e75b079bbc2a82be565832bc8ea9047b61c8c \ 174 | --hash=sha256:d7fc3fca01da18fbabe4625d64bb612b533533ed10045a2ac3dd194bfa656b60 \ 175 | --hash=sha256:dd5653e67b149503c68c4018bf07e42eeed6b4e956b24c00ccdf93ac79cdff84 \ 176 | --hash=sha256:de5695a6f1d8340b12a5d6d4484290ee74d61e467c39ff03b39e30df62cf83a0 \ 177 | --hash=sha256:e0ac8959c929593fee38da1c2b64ee9778733cdf03c482c9ff1d508b6b593b2b \ 178 | --hash=sha256:e1b25e3ad6c909f398df8921780d6a3d120d8c09466720226fc621605b6f92b1 \ 179 | --hash=sha256:e633940f28c1e913615fd624fcdd72fdba807bf53ea6925d6a588e84e1151531 \ 180 | --hash=sha256:e89df2958e5159b811af9ff0f92614dabf4ff617c03a4c1c6ff53bf1c399e0e1 \ 181 | --hash=sha256:ea9f9c6034ea2d93d9147818f17c2a0860d41b71c38b9ce4d55f21b6f9165a11 \ 182 | --hash=sha256:f645caaf0008bacf349875a974220f1f1da349c5dbe7c4ec93048cdc785a3326 \ 183 | --hash=sha256:f8303414c7b03f794347ad062c0516cee0e15f7a612abd0ce1e25caf6ceb47df \ 184 | --hash=sha256:fca62a8301b605b954ad2e9c3666f9d97f63872aa4efcae5492baca2056b74ab 185 | # via requests 186 | cryptography==40.0.2 \ 187 | --hash=sha256:05dc219433b14046c476f6f09d7636b92a1c3e5808b9a6536adf4932b3b2c440 \ 188 | --hash=sha256:0dcca15d3a19a66e63662dc8d30f8036b07be851a8680eda92d079868f106288 \ 189 | --hash=sha256:142bae539ef28a1c76794cca7f49729e7c54423f615cfd9b0b1fa90ebe53244b \ 190 | --hash=sha256:3daf9b114213f8ba460b829a02896789751626a2a4e7a43a28ee77c04b5e4958 \ 191 | --hash=sha256:48f388d0d153350f378c7f7b41497a54ff1513c816bcbbcafe5b829e59b9ce5b \ 192 | --hash=sha256:4df2af28d7bedc84fe45bd49bc35d710aede676e2a4cb7fc6d103a2adc8afe4d \ 193 | --hash=sha256:4f01c9863da784558165f5d4d916093737a75203a5c5286fde60e503e4276c7a \ 194 | --hash=sha256:7a38250f433cd41df7fcb763caa3ee9362777fdb4dc642b9a349721d2bf47404 \ 195 | --hash=sha256:8f79b5ff5ad9d3218afb1e7e20ea74da5f76943ee5edb7f76e56ec5161ec782b \ 196 | --hash=sha256:956ba8701b4ffe91ba59665ed170a2ebbdc6fc0e40de5f6059195d9f2b33ca0e \ 197 | --hash=sha256:a04386fb7bc85fab9cd51b6308633a3c271e3d0d3eae917eebab2fac6219b6d2 \ 198 | --hash=sha256:a95f4802d49faa6a674242e25bfeea6fc2acd915b5e5e29ac90a32b1139cae1c \ 199 | --hash=sha256:adc0d980fd2760c9e5de537c28935cc32b9353baaf28e0814df417619c6c8c3b \ 200 | --hash=sha256:aecbb1592b0188e030cb01f82d12556cf72e218280f621deed7d806afd2113f9 \ 201 | --hash=sha256:b12794f01d4cacfbd3177b9042198f3af1c856eedd0a98f10f141385c809a14b \ 202 | --hash=sha256:c0764e72b36a3dc065c155e5b22f93df465da9c39af65516fe04ed3c68c92636 \ 203 | --hash=sha256:c33c0d32b8594fa647d2e01dbccc303478e16fdd7cf98652d5b3ed11aa5e5c99 \ 204 | --hash=sha256:cbaba590180cba88cb99a5f76f90808a624f18b169b90a4abb40c1fd8c19420e \ 205 | --hash=sha256:d5a1bd0e9e2031465761dfa920c16b0065ad77321d8a8c1f5ee331021fda65e9 206 | # via 207 | # azure-identity 208 | # azure-storage-blob 209 | # msal 210 | # pyjwt 211 | google-api-core==2.11.0 \ 212 | --hash=sha256:4b9bb5d5a380a0befa0573b302651b8a9a89262c1730e37bf423cec511804c22 \ 213 | --hash=sha256:ce222e27b0de0d7bc63eb043b956996d6dccab14cc3b690aaea91c9cc99dc16e 214 | # via 215 | # google-cloud-core 216 | # google-cloud-storage 217 | google-auth==2.18.1 \ 218 | --hash=sha256:55a395cdfd3f3dd3f649131d41f97c17b4ed8a2aac1be3502090c716314e8a37 \ 219 | --hash=sha256:d7a3249027e7f464fbbfd7ee8319a08ad09d2eea51578575c4bd360ffa049ccb 220 | # via 221 | # google-api-core 222 | # google-cloud-core 223 | # google-cloud-storage 224 | google-cloud-core==2.3.2 \ 225 | --hash=sha256:8417acf6466be2fa85123441696c4badda48db314c607cf1e5d543fa8bdc22fe \ 226 | --hash=sha256:b9529ee7047fd8d4bf4a2182de619154240df17fbe60ead399078c1ae152af9a 227 | # via google-cloud-storage 228 | google-cloud-storage==2.9.0 \ 229 | --hash=sha256:83a90447f23d5edd045e0037982c270302e3aeb45fc1288d2c2ca713d27bad94 \ 230 | --hash=sha256:9b6ae7b509fc294bdacb84d0f3ea8e20e2c54a8b4bbe39c5707635fec214eff3 231 | google-crc32c==1.5.0 \ 232 | --hash=sha256:024894d9d3cfbc5943f8f230e23950cd4906b2fe004c72e29b209420a1e6b05a \ 233 | --hash=sha256:02c65b9817512edc6a4ae7c7e987fea799d2e0ee40c53ec573a692bee24de876 \ 234 | --hash=sha256:02ebb8bf46c13e36998aeaad1de9b48f4caf545e91d14041270d9dca767b780c \ 235 | --hash=sha256:07eb3c611ce363c51a933bf6bd7f8e3878a51d124acfc89452a75120bc436289 \ 236 | --hash=sha256:1034d91442ead5a95b5aaef90dbfaca8633b0247d1e41621d1e9f9db88c36298 \ 237 | --hash=sha256:116a7c3c616dd14a3de8c64a965828b197e5f2d121fedd2f8c5585c547e87b02 \ 238 | --hash=sha256:19e0a019d2c4dcc5e598cd4a4bc7b008546b0358bd322537c74ad47a5386884f \ 239 | --hash=sha256:1c7abdac90433b09bad6c43a43af253e688c9cfc1c86d332aed13f9a7c7f65e2 \ 240 | --hash=sha256:1e986b206dae4476f41bcec1faa057851f3889503a70e1bdb2378d406223994a \ 241 | --hash=sha256:272d3892a1e1a2dbc39cc5cde96834c236d5327e2122d3aaa19f6614531bb6eb \ 242 | --hash=sha256:278d2ed7c16cfc075c91378c4f47924c0625f5fc84b2d50d921b18b7975bd210 \ 243 | --hash=sha256:2ad40e31093a4af319dadf503b2467ccdc8f67c72e4bcba97f8c10cb078207b5 \ 244 | --hash=sha256:2e920d506ec85eb4ba50cd4228c2bec05642894d4c73c59b3a2fe20346bd00ee \ 245 | --hash=sha256:3359fc442a743e870f4588fcf5dcbc1bf929df1fad8fb9905cd94e5edb02e84c \ 246 | --hash=sha256:37933ec6e693e51a5b07505bd05de57eee12f3e8c32b07da7e73669398e6630a \ 247 | --hash=sha256:398af5e3ba9cf768787eef45c803ff9614cc3e22a5b2f7d7ae116df8b11e3314 \ 248 | --hash=sha256:3b747a674c20a67343cb61d43fdd9207ce5da6a99f629c6e2541aa0e89215bcd \ 249 | --hash=sha256:461665ff58895f508e2866824a47bdee72497b091c730071f2b7575d5762ab65 \ 250 | --hash=sha256:4c6fdd4fccbec90cc8a01fc00773fcd5fa28db683c116ee3cb35cd5da9ef6c37 \ 251 | --hash=sha256:5829b792bf5822fd0a6f6eb34c5f81dd074f01d570ed7f36aa101d6fc7a0a6e4 \ 252 | --hash=sha256:596d1f98fc70232fcb6590c439f43b350cb762fb5d61ce7b0e9db4539654cc13 \ 253 | --hash=sha256:5ae44e10a8e3407dbe138984f21e536583f2bba1be9491239f942c2464ac0894 \ 254 | --hash=sha256:635f5d4dd18758a1fbd1049a8e8d2fee4ffed124462d837d1a02a0e009c3ab31 \ 255 | --hash=sha256:64e52e2b3970bd891309c113b54cf0e4384762c934d5ae56e283f9a0afcd953e \ 256 | --hash=sha256:66741ef4ee08ea0b2cc3c86916ab66b6aef03768525627fd6a1b34968b4e3709 \ 257 | --hash=sha256:67b741654b851abafb7bc625b6d1cdd520a379074e64b6a128e3b688c3c04740 \ 258 | --hash=sha256:6ac08d24c1f16bd2bf5eca8eaf8304812f44af5cfe5062006ec676e7e1d50afc \ 259 | --hash=sha256:6f998db4e71b645350b9ac28a2167e6632c239963ca9da411523bb439c5c514d \ 260 | --hash=sha256:72218785ce41b9cfd2fc1d6a017dc1ff7acfc4c17d01053265c41a2c0cc39b8c \ 261 | --hash=sha256:74dea7751d98034887dbd821b7aae3e1d36eda111d6ca36c206c44478035709c \ 262 | --hash=sha256:759ce4851a4bb15ecabae28f4d2e18983c244eddd767f560165563bf9aefbc8d \ 263 | --hash=sha256:77e2fd3057c9d78e225fa0a2160f96b64a824de17840351b26825b0848022906 \ 264 | --hash=sha256:7c074fece789b5034b9b1404a1f8208fc2d4c6ce9decdd16e8220c5a793e6f61 \ 265 | --hash=sha256:7c42c70cd1d362284289c6273adda4c6af8039a8ae12dc451dcd61cdabb8ab57 \ 266 | --hash=sha256:7f57f14606cd1dd0f0de396e1e53824c371e9544a822648cd76c034d209b559c \ 267 | --hash=sha256:83c681c526a3439b5cf94f7420471705bbf96262f49a6fe546a6db5f687a3d4a \ 268 | --hash=sha256:8485b340a6a9e76c62a7dce3c98e5f102c9219f4cfbf896a00cf48caf078d438 \ 269 | --hash=sha256:84e6e8cd997930fc66d5bb4fde61e2b62ba19d62b7abd7a69920406f9ecca946 \ 270 | --hash=sha256:89284716bc6a5a415d4eaa11b1726d2d60a0cd12aadf5439828353662ede9dd7 \ 271 | --hash=sha256:8b87e1a59c38f275c0e3676fc2ab6d59eccecfd460be267ac360cc31f7bcde96 \ 272 | --hash=sha256:8f24ed114432de109aa9fd317278518a5af2d31ac2ea6b952b2f7782b43da091 \ 273 | --hash=sha256:98cb4d057f285bd80d8778ebc4fde6b4d509ac3f331758fb1528b733215443ae \ 274 | --hash=sha256:998679bf62b7fb599d2878aa3ed06b9ce688b8974893e7223c60db155f26bd8d \ 275 | --hash=sha256:9ba053c5f50430a3fcfd36f75aff9caeba0440b2d076afdb79a318d6ca245f88 \ 276 | --hash=sha256:9c99616c853bb585301df6de07ca2cadad344fd1ada6d62bb30aec05219c45d2 \ 277 | --hash=sha256:a1fd716e7a01f8e717490fbe2e431d2905ab8aa598b9b12f8d10abebb36b04dd \ 278 | --hash=sha256:a2355cba1f4ad8b6988a4ca3feed5bff33f6af2d7f134852cf279c2aebfde541 \ 279 | --hash=sha256:b1f8133c9a275df5613a451e73f36c2aea4fe13c5c8997e22cf355ebd7bd0728 \ 280 | --hash=sha256:b8667b48e7a7ef66afba2c81e1094ef526388d35b873966d8a9a447974ed9178 \ 281 | --hash=sha256:ba1eb1843304b1e5537e1fca632fa894d6f6deca8d6389636ee5b4797affb968 \ 282 | --hash=sha256:be82c3c8cfb15b30f36768797a640e800513793d6ae1724aaaafe5bf86f8f346 \ 283 | --hash=sha256:c02ec1c5856179f171e032a31d6f8bf84e5a75c45c33b2e20a3de353b266ebd8 \ 284 | --hash=sha256:c672d99a345849301784604bfeaeba4db0c7aae50b95be04dd651fd2a7310b93 \ 285 | --hash=sha256:c6c777a480337ac14f38564ac88ae82d4cd238bf293f0a22295b66eb89ffced7 \ 286 | --hash=sha256:cae0274952c079886567f3f4f685bcaf5708f0a23a5f5216fdab71f81a6c0273 \ 287 | --hash=sha256:cd67cf24a553339d5062eff51013780a00d6f97a39ca062781d06b3a73b15462 \ 288 | --hash=sha256:d3515f198eaa2f0ed49f8819d5732d70698c3fa37384146079b3799b97667a94 \ 289 | --hash=sha256:d5280312b9af0976231f9e317c20e4a61cd2f9629b7bfea6a693d1878a264ebd \ 290 | --hash=sha256:de06adc872bcd8c2a4e0dc51250e9e65ef2ca91be023b9d13ebd67c2ba552e1e \ 291 | --hash=sha256:e1674e4307fa3024fc897ca774e9c7562c957af85df55efe2988ed9056dc4e57 \ 292 | --hash=sha256:e2096eddb4e7c7bdae4bd69ad364e55e07b8316653234a56552d9c988bd2d61b \ 293 | --hash=sha256:e560628513ed34759456a416bf86b54b2476c59144a9138165c9a1575801d0d9 \ 294 | --hash=sha256:edfedb64740750e1a3b16152620220f51d58ff1b4abceb339ca92e934775c27a \ 295 | --hash=sha256:f13cae8cc389a440def0c8c52057f37359014ccbc9dc1f0827936bcd367c6100 \ 296 | --hash=sha256:f314013e7dcd5cf45ab1945d92e713eec788166262ae8deb2cfacd53def27325 \ 297 | --hash=sha256:f583edb943cf2e09c60441b910d6a20b4d9d626c75a36c8fcac01a6c96c01183 \ 298 | --hash=sha256:fd8536e902db7e365f49e7d9029283403974ccf29b13fc7028b97e2295b33556 \ 299 | --hash=sha256:fe70e325aa68fa4b5edf7d1a4b6f691eb04bbccac0ace68e34820d283b5f80d4 300 | # via google-resumable-media 301 | google-resumable-media==2.5.0 \ 302 | --hash=sha256:218931e8e2b2a73a58eb354a288e03a0fd5fb1c4583261ac6e4c078666468c93 \ 303 | --hash=sha256:da1bd943e2e114a56d85d6848497ebf9be6a14d3db23e9fc57581e7c3e8170ec 304 | # via google-cloud-storage 305 | googleapis-common-protos==1.59.0 \ 306 | --hash=sha256:4168fcb568a826a52f23510412da405abd93f4d23ba544bb68d943b14ba3cb44 \ 307 | --hash=sha256:b287dc48449d1d41af0c69f4ea26242b5ae4c3d7249a38b0984c86a4caffff1f 308 | # via google-api-core 309 | idna==3.4 \ 310 | --hash=sha256:814f528e8dead7d329833b91c5faa87d60bf71824cd12a7530b5526063d02cb4 \ 311 | --hash=sha256:90b77e79eaa3eba6de819a0c442c0b4ceefc341a7a2ab77d7562bf49f425c5c2 312 | # via requests 313 | isodate==0.6.1 \ 314 | --hash=sha256:0751eece944162659049d35f4f549ed815792b38793f07cf73381c1c87cbed96 \ 315 | --hash=sha256:48c5881de7e8b0a0d648cb024c8062dc84e7b840ed81e864c7614fd3c127bde9 316 | # via azure-storage-blob 317 | jmespath==1.0.1 \ 318 | --hash=sha256:02e2e4cc71b5bcab88332eebf907519190dd9e6e82107fa7f83b1003a6252980 \ 319 | --hash=sha256:90261b206d6defd58fdd5e85f478bf633a2901798906be2ad389150c5c60edbe 320 | # via 321 | # boto3 322 | # botocore 323 | msal==1.22.0 \ 324 | --hash=sha256:8a82f5375642c1625c89058018430294c109440dce42ea667d466c2cab520acd \ 325 | --hash=sha256:9120b7eafdf061c92f7b3d744e5f325fca35873445fa8ffebb40b1086a13dd58 326 | # via 327 | # azure-identity 328 | # msal-extensions 329 | msal-extensions==1.0.0 \ 330 | --hash=sha256:91e3db9620b822d0ed2b4d1850056a0f133cba04455e62f11612e40f5502f2ee \ 331 | --hash=sha256:c676aba56b0cce3783de1b5c5ecfe828db998167875126ca4b47dc6436451354 332 | # via azure-identity 333 | portalocker==2.7.0 \ 334 | --hash=sha256:032e81d534a88ec1736d03f780ba073f047a06c478b06e2937486f334e955c51 \ 335 | --hash=sha256:a07c5b4f3985c3cf4798369631fb7011adb498e2a46d8440efc75a8f29a0f983 336 | # via msal-extensions 337 | protobuf==4.23.1 \ 338 | --hash=sha256:2036a3a1e7fc27f973fa0a7888dce712393af644f4695385f117886abc792e39 \ 339 | --hash=sha256:32e78beda26d7a101fecf15d7a4a792278a0d26a31bc327ff05564a9d68ab8ee \ 340 | --hash=sha256:346990f634272caac1f09efbcfbbacb23098b1f606d172534c6fa2d9758bb436 \ 341 | --hash=sha256:3b8905eafe4439076e1f58e9d1fa327025fd2777cf90f14083092ae47f77b0aa \ 342 | --hash=sha256:3ce113b3f3362493bddc9069c2163a38f240a9ed685ff83e7bcb756b05e1deb0 \ 343 | --hash=sha256:410bcc0a5b279f634d3e16082ce221dfef7c3392fac723500e2e64d1806dd2be \ 344 | --hash=sha256:5b9cd6097e6acae48a68cb29b56bc79339be84eca65b486910bb1e7a30e2b7c1 \ 345 | --hash=sha256:65f0ac96ef67d7dd09b19a46aad81a851b6f85f89725577f16de38f2d68ad477 \ 346 | --hash=sha256:91fac0753c3c4951fbb98a93271c43cc7cf3b93cf67747b3e600bb1e5cc14d61 \ 347 | --hash=sha256:95789b569418a3e32a53f43d7763be3d490a831e9c08042539462b6d972c2d7e \ 348 | --hash=sha256:ac50be82491369a9ec3710565777e4da87c6d2e20404e0abb1f3a8f10ffd20f0 \ 349 | --hash=sha256:decf119d54e820f298ee6d89c72d6b289ea240c32c521f00433f9dc420595f38 \ 350 | --hash=sha256:f9510cac91e764e86acd74e2b7f7bc5e6127a7f3fb646d7c8033cfb84fd1176a 351 | # via 352 | # google-api-core 353 | # googleapis-common-protos 354 | pyasn1==0.5.0 \ 355 | --hash=sha256:87a2121042a1ac9358cabcaf1d07680ff97ee6404333bacca15f76aa8ad01a57 \ 356 | --hash=sha256:97b7290ca68e62a832558ec3976f15cbf911bf5d7c7039d8b861c2a0ece69fde 357 | # via 358 | # pyasn1-modules 359 | # rsa 360 | pyasn1-modules==0.3.0 \ 361 | --hash=sha256:5bd01446b736eb9d31512a30d46c1ac3395d676c6f3cafa4c03eb54b9925631c \ 362 | --hash=sha256:d3ccd6ed470d9ffbc716be08bd90efbd44d0734bc9303818f7336070984a162d 363 | # via google-auth 364 | pycparser==2.21 \ 365 | --hash=sha256:8ee45429555515e1f6b185e78100aea234072576aa43ab53aefcae078162fca9 \ 366 | --hash=sha256:e644fdec12f7872f86c58ff790da456218b10f863970249516d60a5eaca77206 367 | # via cffi 368 | pyjwt[crypto]==2.7.0 \ 369 | --hash=sha256:ba2b425b15ad5ef12f200dc67dd56af4e26de2331f965c5439994dad075876e1 \ 370 | --hash=sha256:bd6ca4a3c4285c1a2d4349e5a035fdf8fb94e04ccd0fcbe6ba289dae9cc3e074 371 | # via msal 372 | python-dateutil==2.8.2 \ 373 | --hash=sha256:0123cacc1627ae19ddf3c27a5de5bd67ee4586fbdd6440d9748f8abb483d3e86 \ 374 | --hash=sha256:961d03dc3453ebbc59dbdea9e4e11c5651520a876d0f4db161e8674aae935da9 375 | # via 376 | # barman 377 | # botocore 378 | python-snappy==0.6.1 \ 379 | --hash=sha256:03bb511380fca2a13325b6f16fe8234c8e12da9660f0258cd45d9a02ffc916af \ 380 | --hash=sha256:0bdb6942180660bda7f7d01f4c0def3cfc72b1c6d99aad964801775a3e379aba \ 381 | --hash=sha256:0d489b50f49433494160c45048fe806de6b3aeab0586e497ebd22a0bab56e427 \ 382 | --hash=sha256:1a993dc8aadd901915a510fe6af5f20ae4256f527040066c22a154db8946751f \ 383 | --hash=sha256:1d029f7051ec1bbeaa3e03030b6d8ed47ceb69cae9016f493c802a08af54e026 \ 384 | --hash=sha256:277757d5dad4e239dc1417438a0871b65b1b155beb108888e7438c27ffc6a8cc \ 385 | --hash=sha256:2a7e528ab6e09c0d67dcb61a1730a292683e5ff9bb088950638d3170cf2a0a54 \ 386 | --hash=sha256:2aaaf618c68d8c9daebc23a20436bd01b09ee70d7fbf7072b7f38b06d2fab539 \ 387 | --hash=sha256:2be4f4550acd484912441f5f1209ba611ac399aac9355fee73611b9a0d4f949c \ 388 | --hash=sha256:39692bedbe0b717001a99915ac0eb2d9d0bad546440d392a2042b96d813eede1 \ 389 | --hash=sha256:3fb9a88a4dd6336488f3de67ce75816d0d796dce53c2c6e4d70e0b565633c7fd \ 390 | --hash=sha256:4038019b1bcaadde726a57430718394076c5a21545ebc5badad2c045a09546cf \ 391 | --hash=sha256:463fd340a499d47b26ca42d2f36a639188738f6e2098c6dbf80aef0e60f461e1 \ 392 | --hash=sha256:4d3cafdf454354a621c8ab7408e45aa4e9d5c0b943b61ff4815f71ca6bdf0130 \ 393 | --hash=sha256:4ec533a8c1f8df797bded662ec3e494d225b37855bb63eb0d75464a07947477c \ 394 | --hash=sha256:530bfb9efebcc1aab8bb4ebcbd92b54477eed11f6cf499355e882970a6d3aa7d \ 395 | --hash=sha256:546c1a7470ecbf6239101e9aff0f709b68ca0f0268b34d9023019a55baa1f7c6 \ 396 | --hash=sha256:5843feb914796b1f0405ccf31ea0fb51034ceb65a7588edfd5a8250cb369e3b2 \ 397 | --hash=sha256:586724a0276d7a6083a17259d0b51622e492289a9998848a1b01b6441ca12b2f \ 398 | --hash=sha256:59e975be4206cc54d0a112ef72fa3970a57c2b1bcc2c97ed41d6df0ebe518228 \ 399 | --hash=sha256:5a453c45178d7864c1bdd6bfe0ee3ed2883f63b9ba2c9bb967c6b586bf763f96 \ 400 | --hash=sha256:5bb05c28298803a74add08ba496879242ef159c75bc86a5406fac0ffc7dd021b \ 401 | --hash=sha256:5e973e637112391f05581f427659c05b30b6843bc522a65be35ac7b18ce3dedd \ 402 | --hash=sha256:66c80e9b366012dbee262bb1869e4fc5ba8786cda85928481528bc4a72ec2ee8 \ 403 | --hash=sha256:6a7620404da966f637b9ce8d4d3d543d363223f7a12452a575189c5355fc2d25 \ 404 | --hash=sha256:6f8bf4708a11b47517baf962f9a02196478bbb10fdb9582add4aa1459fa82380 \ 405 | --hash=sha256:735cd4528c55dbe4516d6d2b403331a99fc304f8feded8ae887cf97b67d589bb \ 406 | --hash=sha256:7778c224efc38a40d274da4eb82a04cac27aae20012372a7db3c4bbd8926c4d4 \ 407 | --hash=sha256:8277d1f6282463c40761f802b742f833f9f2449fcdbb20a96579aa05c8feb614 \ 408 | --hash=sha256:88b6ea78b83d2796f330b0af1b70cdd3965dbdab02d8ac293260ec2c8fe340ee \ 409 | --hash=sha256:8c07220408d3268e8268c9351c5c08041bc6f8c6172e59d398b71020df108541 \ 410 | --hash=sha256:8d0c019ee7dcf2c60e240877107cddbd95a5b1081787579bf179938392d66480 \ 411 | --hash=sha256:90b0186516b7a101c14764b0c25931b741fb0102f21253eff67847b4742dfc72 \ 412 | --hash=sha256:9837ac1650cc68d22a3cf5f15fb62c6964747d16cecc8b22431f113d6e39555d \ 413 | --hash=sha256:9eac51307c6a1a38d5f86ebabc26a889fddf20cbba7a116ccb54ba1446601d5b \ 414 | --hash=sha256:9f0c0d88b84259f93c3aa46398680646f2c23e43394779758d9f739c34e15295 \ 415 | --hash=sha256:a0ad38bc98d0b0497a0b0dbc29409bcabfcecff4511ed7063403c86de16927bc \ 416 | --hash=sha256:b265cde49774752aec9ca7f5d272e3f98718164afc85521622a8a5394158a2b5 \ 417 | --hash=sha256:b6a107ab06206acc5359d4c5632bd9b22d448702a79b3169b0c62e0fb808bb2a \ 418 | --hash=sha256:b7f920eaf46ebf41bd26f9df51c160d40f9e00b7b48471c3438cb8d027f7fb9b \ 419 | --hash=sha256:c20498bd712b6e31a4402e1d027a1cd64f6a4a0066a3fe3c7344475886d07fdf \ 420 | --hash=sha256:cb18d9cd7b3f35a2f5af47bb8ed6a5bdbf4f3ddee37f3daade4ab7864c292f5b \ 421 | --hash=sha256:cf5bb9254e1c38aacf253d510d3d9be631bba21f3d068b17672b38b5cbf2fff5 \ 422 | --hash=sha256:d017775851a778ec9cc32651c4464079d06d927303c2dde9ae9830ccf6fe94e1 \ 423 | --hash=sha256:dc96668d9c7cc656609764275c5f8da58ef56d89bdd6810f6923d36497468ff7 \ 424 | --hash=sha256:e066a0586833d610c4bbddba0be5ba0e3e4f8e0bc5bb6d82103d8f8fc47bb59a \ 425 | --hash=sha256:e3a013895c64352b49d0d8e107a84f99631b16dbab156ded33ebf0becf56c8b2 \ 426 | --hash=sha256:eaf905a580f2747c4a474040a5063cd5e0cc3d1d2d6edb65f28196186493ad4a 427 | requests==2.31.0 \ 428 | --hash=sha256:58cd2187c01e70e6e26505bca751777aa9f2ee0b7f4300988b709f44e013003f \ 429 | --hash=sha256:942c5a758f98d790eaed1a29cb6eefc7ffb0d1cf7af05c3d2791656dbd6ad1e1 430 | # via 431 | # azure-core 432 | # google-api-core 433 | # google-cloud-storage 434 | # msal 435 | rsa==4.9 \ 436 | --hash=sha256:90260d9058e514786967344d0ef75fa8727eed8a7d2e43ce9f4bcf1b536174f7 \ 437 | --hash=sha256:e38464a49c6c85d7f1351b0126661487a7e0a14a50f1675ec50eb34d4f20ef21 438 | # via google-auth 439 | s3transfer==0.6.1 \ 440 | --hash=sha256:3c0da2d074bf35d6870ef157158641178a4204a6e689e82546083e31e0311346 \ 441 | --hash=sha256:640bb492711f4c0c0905e1f62b6aaeb771881935ad27884852411f8e9cacbca9 442 | # via boto3 443 | six==1.16.0 \ 444 | --hash=sha256:1e61c37477a1626458e36f7b1d82aa5c9b094fa4802892072e49de9c60c4c926 \ 445 | --hash=sha256:8abb2f1d86890a2dfb989f9a77cfcfd3e47c2a354b01111771326f8aa26e0254 446 | # via 447 | # azure-core 448 | # azure-identity 449 | # google-auth 450 | # isodate 451 | # python-dateutil 452 | typing-extensions==4.6.0 \ 453 | --hash=sha256:6ad00b63f849b7dcc313b70b6b304ed67b2b2963b3098a33efe18056b1a9a223 \ 454 | --hash=sha256:ff6b238610c747e44c268aa4bb23c8c735d665a63726df3f9431ce707f2aa768 455 | # via 456 | # azure-core 457 | # azure-storage-blob 458 | urllib3==1.26.16 \ 459 | --hash=sha256:8d36afa7616d8ab714608411b4a3b13e58f463aee519024578e062e141dce20f \ 460 | --hash=sha256:8f135f6502756bde6b2a9b28989df5fbe87c9970cecaa69041edcce7f0589b14 461 | # via 462 | # botocore 463 | # google-auth 464 | # requests 465 | -------------------------------------------------------------------------------- /tembo-pg-cnpg/src/main.rs: -------------------------------------------------------------------------------- 1 | fn main() { 2 | println!("Hello, world!"); 3 | } 4 | -------------------------------------------------------------------------------- /tembo-pg-slim/.gitignore: -------------------------------------------------------------------------------- 1 | extensions/** 2 | target 3 | Cargo.lock -------------------------------------------------------------------------------- /tembo-pg-slim/Cargo.toml: -------------------------------------------------------------------------------- 1 | [package] 2 | name = "tembo-pg-slim" 3 | version = "15.3.0-tembo-pg-slim.1" 4 | edition = "2021" 5 | authors = ["tembo.io"] 6 | description = "Base image for Tembo's distribution of postgres" 7 | homepage = "https://www.tembo.io" 8 | license = "Apache-2.0" 9 | readme = "README.md" 10 | repository = "https://github.com/tembo-io/tembo-images/tree/main/tembo-pg-slim" 11 | publish = false 12 | 13 | 14 | # See more keys and their definitions at https://doc.rust-lang.org/cargo/reference/manifest.html 15 | 16 | [dependencies] 17 | -------------------------------------------------------------------------------- /tembo-pg-slim/Dockerfile: -------------------------------------------------------------------------------- 1 | # vim:set ft=dockerfile: 2 | FROM quay.io/coredb/ubuntu:22.04 3 | 4 | ARG DEBIAN_FRONTEND=noninteractive 5 | ARG ALTDIR=/var/lib/postgresql/data/tembo 6 | ENV TZ=Etc/UTC 7 | ENV PGDATA /var/lib/postgresql/data 8 | ARG PG_VERSION 15 9 | ARG PG_TAG REL_15_11 10 | ENV PATH $PATH:/usr/lib/postgresql/$PG_VERSION/bin 11 | 12 | # Get latest package updates 13 | RUN set -eux; \ 14 | apt-get update; \ 15 | apt-get upgrade -y 16 | 17 | # Set the postgres user's permissions 18 | RUN set -eux; \ 19 | groupadd -r postgres --gid=999; \ 20 | useradd -r -g postgres --uid=999 --home-dir=/var/lib/postgresql --shell=/bin/bash postgres; \ 21 | mkdir -p /var/lib/postgresql; \ 22 | chown -R postgres:postgres /var/lib/postgresql; \ 23 | apt-get install -y curl ca-certificates gnupg lsb-release lbzip2 git 24 | 25 | STOPSIGNAL SIGINT 26 | 27 | RUN set -eux; \ 28 | apt-get update; \ 29 | apt-get install -y --no-install-recommends \ 30 | locales \ 31 | ; \ 32 | rm -rf /var/lib/apt/lists/*; \ 33 | localedef -i en_US -c -f UTF-8 -A /usr/share/locale/locale.alias en_US.UTF-8 34 | ENV LANG en_US.utf8 35 | 36 | RUN mkdir /docker-entrypoint-initdb.d 37 | 38 | RUN set -eux; \ 39 | apt-get update && apt-get install -y \ 40 | libreadline-dev \ 41 | zlib1g-dev \ 42 | libpq-dev \ 43 | build-essential \ 44 | python3-dev \ 45 | tcl-dev \ 46 | libxslt1-dev \ 47 | libperl-dev \ 48 | libpam0g-dev \ 49 | libreadline-dev \ 50 | libssl-dev \ 51 | xz-utils \ 52 | libnss-wrapper \ 53 | llvm \ 54 | clang \ 55 | icu-devtools \ 56 | pkg-config \ 57 | libgss-dev \ 58 | libkrb5-dev \ 59 | uuid-dev \ 60 | gettext \ 61 | liblz4-dev \ 62 | libsystemd-dev \ 63 | libselinux1-dev \ 64 | libzstd-dev \ 65 | vim \ 66 | flex \ 67 | bison; \ 68 | apt-get autoremove -y; \ 69 | apt-get clean -y; \ 70 | rm -rf /var/lib/apt/lists/* 71 | 72 | ENV CFLAGS "-g -O2 -fstack-protector-strong -Wformat -Werror=format-security -fno-omit-frame-pointer" 73 | ENV LDFLAGS "-Wl,-z,relro -Wl,-z,now" 74 | RUN git clone --depth 1 --branch ${PG_TAG} https://git.postgresql.org/git/postgresql.git; \ 75 | cd postgresql; \ 76 | ./configure --prefix=/usr/lib/postgresql/${PG_VERSION} \ 77 | --datarootdir=${ALTDIR} \ 78 | --libdir=${ALTDIR}/${PG_VERSION}/lib \ 79 | --with-perl \ 80 | --with-python \ 81 | --with-tcl \ 82 | --with-pam \ 83 | --with-libxml \ 84 | --with-libxslt \ 85 | --with-openssl \ 86 | --enable-nls \ 87 | --enable-thread-safety \ 88 | --enable-debug \ 89 | --disable-rpath \ 90 | --with-uuid=e2fs \ 91 | --with-gnu-ld \ 92 | --with-gssapi \ 93 | --with-pgport=5432 \ 94 | --with-system-tzdata=/usr/share/zoneinfo \ 95 | --with-icu \ 96 | --with-llvm \ 97 | --with-lz4 \ 98 | --with-zstd \ 99 | --with-systemd \ 100 | --with-selinux; \ 101 | make -j$(nproc); \ 102 | make install 103 | 104 | # Remove libpq-dev provided from Ubuntu repos and set the newly-compiled one to system path 105 | RUN set -eux; \ 106 | apt-get purge -y libpq-dev && \ 107 | apt-get autoremove -y && \ 108 | rm -rf /var/lib/apt/lists/* 109 | 110 | # Configure ldd to find additional shared libraries in `${ALTDIR}/lib` and 111 | # Postgres versioned libraries in `pg_config --pkglibdir`. 112 | RUN echo "${ALTDIR}/${PG_VERSION}/lib" > /etc/ld.so.conf.d/postgres.conf; \ 113 | echo "${ALTDIR}/lib" > /etc/ld.so.conf.d/tembo.conf; \ 114 | mkdir -p "${ALTDIR}/lib"; \ 115 | ldconfig 116 | 117 | WORKDIR / 118 | RUN rm -rf /postgresql 119 | 120 | RUN mkdir -p /var/run/postgresql && chmod 775 /var/run/postgresql 121 | RUN mkdir -p /usr/share/postgresql/${PG_MAJOR}/extension && chmod 775 /usr/share/postgresql/${PG_MAJOR}/extension 122 | 123 | USER postgres 124 | CMD ["postgres"] 125 | -------------------------------------------------------------------------------- /tembo-pg-slim/LICENSE: -------------------------------------------------------------------------------- 1 | Apache License 2 | Version 2.0, January 2004 3 | http://www.apache.org/licenses/ 4 | 5 | TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION 6 | 7 | 1. Definitions. 8 | 9 | "License" shall mean the terms and conditions for use, reproduction, 10 | and distribution as defined by Sections 1 through 9 of this document. 11 | 12 | "Licensor" shall mean the copyright owner or entity authorized by 13 | the copyright owner that is granting the License. 14 | 15 | "Legal Entity" shall mean the union of the acting entity and all 16 | other entities that control, are controlled by, or are under common 17 | control with that entity. For the purposes of this definition, 18 | "control" means (i) the power, direct or indirect, to cause the 19 | direction or management of such entity, whether by contract or 20 | otherwise, or (ii) ownership of fifty percent (50%) or more of the 21 | outstanding shares, or (iii) beneficial ownership of such entity. 22 | 23 | "You" (or "Your") shall mean an individual or Legal Entity 24 | exercising permissions granted by this License. 25 | 26 | "Source" form shall mean the preferred form for making modifications, 27 | including but not limited to software source code, documentation 28 | source, and configuration files. 29 | 30 | "Object" form shall mean any form resulting from mechanical 31 | transformation or translation of a Source form, including but 32 | not limited to compiled object code, generated documentation, 33 | and conversions to other media types. 34 | 35 | "Work" shall mean the work of authorship, whether in Source or 36 | Object form, made available under the License, as indicated by a 37 | copyright notice that is included in or attached to the work 38 | (an example is provided in the Appendix below). 39 | 40 | "Derivative Works" shall mean any work, whether in Source or Object 41 | form, that is based on (or derived from) the Work and for which the 42 | editorial revisions, annotations, elaborations, or other modifications 43 | represent, as a whole, an original work of authorship. For the purposes 44 | of this License, Derivative Works shall not include works that remain 45 | separable from, or merely link (or bind by name) to the interfaces of, 46 | the Work and Derivative Works thereof. 47 | 48 | "Contribution" shall mean any work of authorship, including 49 | the original version of the Work and any modifications or additions 50 | to that Work or Derivative Works thereof, that is intentionally 51 | submitted to Licensor for inclusion in the Work by the copyright owner 52 | or by an individual or Legal Entity authorized to submit on behalf of 53 | the copyright owner. For the purposes of this definition, "submitted" 54 | means any form of electronic, verbal, or written communication sent 55 | to the Licensor or its representatives, including but not limited to 56 | communication on electronic mailing lists, source code control systems, 57 | and issue tracking systems that are managed by, or on behalf of, the 58 | Licensor for the purpose of discussing and improving the Work, but 59 | excluding communication that is conspicuously marked or otherwise 60 | designated in writing by the copyright owner as "Not a Contribution." 61 | 62 | "Contributor" shall mean Licensor and any individual or Legal Entity 63 | on behalf of whom a Contribution has been received by Licensor and 64 | subsequently incorporated within the Work. 65 | 66 | 2. Grant of Copyright License. Subject to the terms and conditions of 67 | this License, each Contributor hereby grants to You a perpetual, 68 | worldwide, non-exclusive, no-charge, royalty-free, irrevocable 69 | copyright license to reproduce, prepare Derivative Works of, 70 | publicly display, publicly perform, sublicense, and distribute the 71 | Work and such Derivative Works in Source or Object form. 72 | 73 | 3. Grant of Patent License. Subject to the terms and conditions of 74 | this License, each Contributor hereby grants to You a perpetual, 75 | worldwide, non-exclusive, no-charge, royalty-free, irrevocable 76 | (except as stated in this section) patent license to make, have made, 77 | use, offer to sell, sell, import, and otherwise transfer the Work, 78 | where such license applies only to those patent claims licensable 79 | by such Contributor that are necessarily infringed by their 80 | Contribution(s) alone or by combination of their Contribution(s) 81 | with the Work to which such Contribution(s) was submitted. If You 82 | institute patent litigation against any entity (including a 83 | cross-claim or counterclaim in a lawsuit) alleging that the Work 84 | or a Contribution incorporated within the Work constitutes direct 85 | or contributory patent infringement, then any patent licenses 86 | granted to You under this License for that Work shall terminate 87 | as of the date such litigation is filed. 88 | 89 | 4. Redistribution. You may reproduce and distribute copies of the 90 | Work or Derivative Works thereof in any medium, with or without 91 | modifications, and in Source or Object form, provided that You 92 | meet the following conditions: 93 | 94 | (a) You must give any other recipients of the Work or 95 | Derivative Works a copy of this License; and 96 | 97 | (b) You must cause any modified files to carry prominent notices 98 | stating that You changed the files; and 99 | 100 | (c) You must retain, in the Source form of any Derivative Works 101 | that You distribute, all copyright, patent, trademark, and 102 | attribution notices from the Source form of the Work, 103 | excluding those notices that do not pertain to any part of 104 | the Derivative Works; and 105 | 106 | (d) If the Work includes a "NOTICE" text file as part of its 107 | distribution, then any Derivative Works that You distribute must 108 | include a readable copy of the attribution notices contained 109 | within such NOTICE file, excluding those notices that do not 110 | pertain to any part of the Derivative Works, in at least one 111 | of the following places: within a NOTICE text file distributed 112 | as part of the Derivative Works; within the Source form or 113 | documentation, if provided along with the Derivative Works; or, 114 | within a display generated by the Derivative Works, if and 115 | wherever such third-party notices normally appear. The contents 116 | of the NOTICE file are for informational purposes only and 117 | do not modify the License. You may add Your own attribution 118 | notices within Derivative Works that You distribute, alongside 119 | or as an addendum to the NOTICE text from the Work, provided 120 | that such additional attribution notices cannot be construed 121 | as modifying the License. 122 | 123 | You may add Your own copyright statement to Your modifications and 124 | may provide additional or different license terms and conditions 125 | for use, reproduction, or distribution of Your modifications, or 126 | for any such Derivative Works as a whole, provided Your use, 127 | reproduction, and distribution of the Work otherwise complies with 128 | the conditions stated in this License. 129 | 130 | 5. Submission of Contributions. Unless You explicitly state otherwise, 131 | any Contribution intentionally submitted for inclusion in the Work 132 | by You to the Licensor shall be under the terms and conditions of 133 | this License, without any additional terms or conditions. 134 | Notwithstanding the above, nothing herein shall supersede or modify 135 | the terms of any separate license agreement you may have executed 136 | with Licensor regarding such Contributions. 137 | 138 | 6. Trademarks. This License does not grant permission to use the trade 139 | names, trademarks, service marks, or product names of the Licensor, 140 | except as required for reasonable and customary use in describing the 141 | origin of the Work and reproducing the content of the NOTICE file. 142 | 143 | 7. Disclaimer of Warranty. Unless required by applicable law or 144 | agreed to in writing, Licensor provides the Work (and each 145 | Contributor provides its Contributions) on an "AS IS" BASIS, 146 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or 147 | implied, including, without limitation, any warranties or conditions 148 | of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A 149 | PARTICULAR PURPOSE. You are solely responsible for determining the 150 | appropriateness of using or redistributing the Work and assume any 151 | risks associated with Your exercise of permissions under this License. 152 | 153 | 8. Limitation of Liability. In no event and under no legal theory, 154 | whether in tort (including negligence), contract, or otherwise, 155 | unless required by applicable law (such as deliberate and grossly 156 | negligent acts) or agreed to in writing, shall any Contributor be 157 | liable to You for damages, including any direct, indirect, special, 158 | incidental, or consequential damages of any character arising as a 159 | result of this License or out of the use or inability to use the 160 | Work (including but not limited to damages for loss of goodwill, 161 | work stoppage, computer failure or malfunction, or any and all 162 | other commercial damages or losses), even if such Contributor 163 | has been advised of the possibility of such damages. 164 | 165 | 9. Accepting Warranty or Additional Liability. While redistributing 166 | the Work or Derivative Works thereof, You may choose to offer, 167 | and charge a fee for, acceptance of support, warranty, indemnity, 168 | or other liability obligations and/or rights consistent with this 169 | License. However, in accepting such obligations, You may act only 170 | on Your own behalf and on Your sole responsibility, not on behalf 171 | of any other Contributor, and only if You agree to indemnify, 172 | defend, and hold each Contributor harmless for any liability 173 | incurred by, or claims asserted against, such Contributor by reason 174 | of your accepting any such warranty or additional liability. 175 | 176 | END OF TERMS AND CONDITIONS 177 | 178 | APPENDIX: How to apply the Apache License to your work. 179 | 180 | To apply the Apache License to your work, attach the following 181 | boilerplate notice, with the fields enclosed by brackets "[]" 182 | replaced with your own identifying information. (Don't include 183 | the brackets!) The text should be enclosed in the appropriate 184 | comment syntax for the file format. We also recommend that a 185 | file or class name and description of purpose be included on the 186 | same "printed page" as the copyright notice for easier 187 | identification within third-party archives. 188 | 189 | Copyright 2023 CoreDB, Inc. 190 | 191 | Licensed under the Apache License, Version 2.0 (the "License"); 192 | you may not use this file except in compliance with the License. 193 | You may obtain a copy of the License at 194 | 195 | http://www.apache.org/licenses/LICENSE-2.0 196 | 197 | Unless required by applicable law or agreed to in writing, software 198 | distributed under the License is distributed on an "AS IS" BASIS, 199 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 200 | See the License for the specific language governing permissions and 201 | limitations under the License. 202 | -------------------------------------------------------------------------------- /tembo-pg-slim/README.md: -------------------------------------------------------------------------------- 1 | # Postgres Docker Base Image 2 | 3 | Contains a Dockerfile that builds PostgreSQL from source with no extensions 4 | and no additional tools. 5 | 6 | ## Versioning 7 | 8 | The version of the Docker image can be configured in the `Cargo.toml` file in this directory. We may wrap postgres in our Tembo distribution, but for the time being this crate is just a placeholder to allow for versioning. 9 | -------------------------------------------------------------------------------- /tembo-pg-slim/docker-entrypoint.sh: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env bash 2 | set -Eeo pipefail 3 | # TODO swap to -Eeuo pipefail above (after handling all potentially-unset variables) 4 | 5 | # usage: file_env VAR [DEFAULT] 6 | # ie: file_env 'XYZ_DB_PASSWORD' 'example' 7 | # (will allow for "$XYZ_DB_PASSWORD_FILE" to fill in the value of 8 | # "$XYZ_DB_PASSWORD" from a file, especially for Docker's secrets feature) 9 | file_env() { 10 | local var="$1" 11 | local fileVar="${var}_FILE" 12 | local def="${2:-}" 13 | if [ "${!var:-}" ] && [ "${!fileVar:-}" ]; then 14 | printf >&2 'error: both %s and %s are set (but are exclusive)\n' "$var" "$fileVar" 15 | exit 1 16 | fi 17 | local val="$def" 18 | if [ "${!var:-}" ]; then 19 | val="${!var}" 20 | elif [ "${!fileVar:-}" ]; then 21 | val="$(< "${!fileVar}")" 22 | fi 23 | export "$var"="$val" 24 | unset "$fileVar" 25 | } 26 | 27 | # check to see if this file is being run or sourced from another script 28 | _is_sourced() { 29 | # https://unix.stackexchange.com/a/215279 30 | [ "${#FUNCNAME[@]}" -ge 2 ] \ 31 | && [ "${FUNCNAME[0]}" = '_is_sourced' ] \ 32 | && [ "${FUNCNAME[1]}" = 'source' ] 33 | } 34 | 35 | # used to create initial postgres directories and if run as root, ensure ownership to the "postgres" user 36 | docker_create_db_directories() { 37 | local user; user="$(id -u)" 38 | 39 | mkdir -p "$PGDATA" 40 | # ignore failure since there are cases where we can't chmod (and PostgreSQL might fail later anyhow - it's picky about permissions of this directory) 41 | chmod 700 "$PGDATA" || : 42 | 43 | # Create the transaction log directory before initdb is run so the directory is owned by the correct user 44 | if [ -n "${POSTGRES_INITDB_WALDIR:-}" ]; then 45 | mkdir -p "$POSTGRES_INITDB_WALDIR" 46 | if [ "$user" = '0' ]; then 47 | find "$POSTGRES_INITDB_WALDIR" \! -user postgres -exec chown postgres '{}' + 48 | fi 49 | chmod 700 "$POSTGRES_INITDB_WALDIR" 50 | fi 51 | 52 | # allow the container to be started with `--user` 53 | if [ "$user" = '0' ]; then 54 | find "$PGDATA" \! -user postgres -exec chown postgres '{}' + 55 | find /var/run/postgresql \! -user postgres -exec chown postgres '{}' + 56 | fi 57 | } 58 | 59 | # initialize empty PGDATA directory with new database via 'initdb' 60 | # arguments to `initdb` can be passed via POSTGRES_INITDB_ARGS or as arguments to this function 61 | # `initdb` automatically creates the "postgres", "template0", and "template1" dbnames 62 | # this is also where the database user is created, specified by `POSTGRES_USER` env 63 | docker_init_database_dir() { 64 | # "initdb" is particular about the current user existing in "/etc/passwd", so we use "nss_wrapper" to fake that if necessary 65 | # see https://github.com/docker-library/postgres/pull/253, https://github.com/docker-library/postgres/issues/359, https://cwrap.org/nss_wrapper.html 66 | local uid; uid="$(id -u)" 67 | if ! getent passwd "$uid" &> /dev/null; then 68 | # see if we can find a suitable "libnss_wrapper.so" (https://salsa.debian.org/sssd-team/nss-wrapper/-/commit/b9925a653a54e24d09d9b498a2d913729f7abb15) 69 | local wrapper 70 | for wrapper in {/usr,}/lib{/*,}/libnss_wrapper.so; do 71 | if [ -s "$wrapper" ]; then 72 | NSS_WRAPPER_PASSWD="$(mktemp)" 73 | NSS_WRAPPER_GROUP="$(mktemp)" 74 | export LD_PRELOAD="$wrapper" NSS_WRAPPER_PASSWD NSS_WRAPPER_GROUP 75 | local gid; gid="$(id -g)" 76 | printf 'postgres:x:%s:%s:PostgreSQL:%s:/bin/false\n' "$uid" "$gid" "$PGDATA" > "$NSS_WRAPPER_PASSWD" 77 | printf 'postgres:x:%s:\n' "$gid" > "$NSS_WRAPPER_GROUP" 78 | break 79 | fi 80 | done 81 | fi 82 | 83 | if [ -n "${POSTGRES_INITDB_WALDIR:-}" ]; then 84 | set -- --waldir "$POSTGRES_INITDB_WALDIR" "$@" 85 | fi 86 | 87 | # --pwfile refuses to handle a properly-empty file (hence the "\n"): https://github.com/docker-library/postgres/issues/1025 88 | eval 'initdb --username="$POSTGRES_USER" --pwfile=<(printf "%s\n" "$POSTGRES_PASSWORD") '"$POSTGRES_INITDB_ARGS"' "$@"' 89 | 90 | # unset/cleanup "nss_wrapper" bits 91 | if [[ "${LD_PRELOAD:-}" == */libnss_wrapper.so ]]; then 92 | rm -f "$NSS_WRAPPER_PASSWD" "$NSS_WRAPPER_GROUP" 93 | unset LD_PRELOAD NSS_WRAPPER_PASSWD NSS_WRAPPER_GROUP 94 | fi 95 | } 96 | 97 | # print large warning if POSTGRES_PASSWORD is long 98 | # error if both POSTGRES_PASSWORD is empty and POSTGRES_HOST_AUTH_METHOD is not 'trust' 99 | # print large warning if POSTGRES_HOST_AUTH_METHOD is set to 'trust' 100 | # assumes database is not set up, ie: [ -z "$DATABASE_ALREADY_EXISTS" ] 101 | docker_verify_minimum_env() { 102 | # check password first so we can output the warning before postgres 103 | # messes it up 104 | if [ "${#POSTGRES_PASSWORD}" -ge 100 ]; then 105 | cat >&2 <<-'EOWARN' 106 | WARNING: The supplied POSTGRES_PASSWORD is 100+ characters. 107 | This will not work if used via PGPASSWORD with "psql". 108 | https://www.postgresql.org/message-id/flat/E1Rqxp2-0004Qt-PL%40wrigleys.postgresql.org (BUG #6412) 109 | https://github.com/docker-library/postgres/issues/507 110 | EOWARN 111 | fi 112 | if [ -z "$POSTGRES_PASSWORD" ] && [ 'trust' != "$POSTGRES_HOST_AUTH_METHOD" ]; then 113 | # The - option suppresses leading tabs but *not* spaces. :) 114 | cat >&2 <<-'EOE' 115 | Error: Database is uninitialized and superuser password is not specified. 116 | You must specify POSTGRES_PASSWORD to a non-empty value for the 117 | superuser. For example, "-e POSTGRES_PASSWORD=password" on "docker run". 118 | You may also use "POSTGRES_HOST_AUTH_METHOD=trust" to allow all 119 | connections without a password. This is *not* recommended. 120 | See PostgreSQL documentation about "trust": 121 | https://www.postgresql.org/docs/current/auth-trust.html 122 | EOE 123 | exit 1 124 | fi 125 | if [ 'trust' = "$POSTGRES_HOST_AUTH_METHOD" ]; then 126 | cat >&2 <<-'EOWARN' 127 | ******************************************************************************** 128 | WARNING: POSTGRES_HOST_AUTH_METHOD has been set to "trust". This will allow 129 | anyone with access to the Postgres port to access your database without 130 | a password, even if POSTGRES_PASSWORD is set. See PostgreSQL 131 | documentation about "trust": 132 | https://www.postgresql.org/docs/current/auth-trust.html 133 | In Docker's default configuration, this is effectively any other 134 | container on the same system. 135 | It is not recommended to use POSTGRES_HOST_AUTH_METHOD=trust. Replace 136 | it with "-e POSTGRES_PASSWORD=password" instead to set a password in 137 | "docker run". 138 | ******************************************************************************** 139 | EOWARN 140 | fi 141 | } 142 | 143 | # usage: docker_process_init_files [file [file [...]]] 144 | # ie: docker_process_init_files /always-initdb.d/* 145 | # process initializer files, based on file extensions and permissions 146 | docker_process_init_files() { 147 | # psql here for backwards compatibility "${psql[@]}" 148 | psql=( docker_process_sql ) 149 | 150 | printf '\n' 151 | local f 152 | for f; do 153 | case "$f" in 154 | *.sh) 155 | # https://github.com/docker-library/postgres/issues/450#issuecomment-393167936 156 | # https://github.com/docker-library/postgres/pull/452 157 | if [ -x "$f" ]; then 158 | printf '%s: running %s\n' "$0" "$f" 159 | "$f" 160 | else 161 | printf '%s: sourcing %s\n' "$0" "$f" 162 | . "$f" 163 | fi 164 | ;; 165 | *.sql) printf '%s: running %s\n' "$0" "$f"; docker_process_sql -f "$f"; printf '\n' ;; 166 | *.sql.gz) printf '%s: running %s\n' "$0" "$f"; gunzip -c "$f" | docker_process_sql; printf '\n' ;; 167 | *.sql.xz) printf '%s: running %s\n' "$0" "$f"; xzcat "$f" | docker_process_sql; printf '\n' ;; 168 | *.sql.zst) printf '%s: running %s\n' "$0" "$f"; zstd -dc "$f" | docker_process_sql; printf '\n' ;; 169 | *) printf '%s: ignoring %s\n' "$0" "$f" ;; 170 | esac 171 | printf '\n' 172 | done 173 | } 174 | 175 | # Execute sql script, passed via stdin (or -f flag of pqsl) 176 | # usage: docker_process_sql [psql-cli-args] 177 | # ie: docker_process_sql --dbname=mydb <<<'INSERT ...' 178 | # ie: docker_process_sql -f my-file.sql 179 | # ie: docker_process_sql > "$PGDATA/pg_hba.conf" 243 | } 244 | 245 | # Make sure we always copy the correct postgresql.conf, even if it already exists 246 | # If postgresql.conf.replace is newer, we copy that to $PGDATA/postgresql.conf 247 | update_postgresql_conf() { 248 | # Define the path to the replacement file 249 | local replace_file="/postgresql.conf.replace" 250 | 251 | # Check if the replacement file exists 252 | if [ -f "$replace_file" ]; then 253 | # If the replacement file and the current postgresql.conf file are different, replace postgresql.conf 254 | if ! cmp -s "$PGDATA/postgresql.conf" "$replace_file"; then 255 | echo "postgresql.conf is different from the replacement, updating..." 256 | cp "$replace_file" "$PGDATA/postgresql.conf" 257 | else 258 | echo "postgresql.conf is the same as the replacement, no update needed." 259 | fi 260 | else 261 | echo "No replacement file found, skipping update." 262 | fi 263 | } 264 | 265 | # start socket-only postgresql server for setting up or running scripts 266 | # all arguments will be passed along as arguments to `postgres` (via pg_ctl) 267 | docker_temp_server_start() { 268 | if [ "$1" = 'postgres' ]; then 269 | shift 270 | fi 271 | 272 | # internal start of server in order to allow setup using psql client 273 | # does not listen on external TCP/IP and waits until start finishes 274 | set -- "$@" -c listen_addresses='' -p "${PGPORT:-5432}" 275 | 276 | PGUSER="${PGUSER:-$POSTGRES_USER}" \ 277 | pg_ctl -D "$PGDATA" \ 278 | -o "$(printf '%q ' "$@")" \ 279 | -w start 280 | } 281 | 282 | # stop postgresql server after done setting up user and running scripts 283 | docker_temp_server_stop() { 284 | PGUSER="${PGUSER:-postgres}" \ 285 | pg_ctl -D "$PGDATA" -m fast -w stop 286 | } 287 | 288 | # check arguments for an option that would cause postgres to stop 289 | # return true if there is one 290 | _pg_want_help() { 291 | local arg 292 | for arg; do 293 | case "$arg" in 294 | # postgres --help | grep 'then exit' 295 | # leaving out -C on purpose since it always fails and is unhelpful: 296 | # postgres: could not access the server configuration file "/var/lib/postgresql/data/postgresql.conf": No such file or directory 297 | -'?'|--help|--describe-config|-V|--version) 298 | return 0 299 | ;; 300 | esac 301 | done 302 | return 1 303 | } 304 | 305 | _main() { 306 | # if first arg looks like a flag, assume we want to run postgres server 307 | if [ "${1:0:1}" = '-' ]; then 308 | set -- postgres "$@" 309 | fi 310 | 311 | if [ "$1" = 'postgres' ] && ! _pg_want_help "$@"; then 312 | docker_setup_env 313 | # setup data directories and permissions (when run as root) 314 | docker_create_db_directories 315 | if [ "$(id -u)" = '0' ]; then 316 | # then restart script as postgres user 317 | exec gosu postgres "$BASH_SOURCE" "$@" 318 | fi 319 | 320 | # only run initialization on an empty data directory 321 | if [ -z "$DATABASE_ALREADY_EXISTS" ]; then 322 | docker_verify_minimum_env 323 | 324 | # check dir permissions to reduce likelihood of half-initialized database 325 | ls /docker-entrypoint-initdb.d/ > /dev/null 326 | 327 | docker_init_database_dir 328 | pg_setup_hba_conf "$@" 329 | 330 | # PGPASSWORD is required for psql when authentication is required for 'local' connections via pg_hba.conf and is otherwise harmless 331 | # e.g. when '--auth=md5' or '--auth-local=md5' is used in POSTGRES_INITDB_ARGS 332 | export PGPASSWORD="${PGPASSWORD:-$POSTGRES_PASSWORD}" 333 | docker_temp_server_start "$@" 334 | 335 | docker_setup_db 336 | docker_process_init_files /docker-entrypoint-initdb.d/* 337 | 338 | # ensure we copy the lastest configuration over 339 | update_postgresql_conf 340 | 341 | docker_temp_server_stop 342 | unset PGPASSWORD 343 | 344 | cat <<-'EOM' 345 | PostgreSQL init process complete; ready for start up. 346 | EOM 347 | else 348 | cat <<-'EOM' 349 | PostgreSQL Database directory appears to contain a database; Skipping initialization 350 | EOM 351 | fi 352 | fi 353 | 354 | exec "$@" 355 | } 356 | 357 | if ! _is_sourced; then 358 | _main "$@" 359 | fi 360 | -------------------------------------------------------------------------------- /tembo-pg-slim/src/main.rs: -------------------------------------------------------------------------------- 1 | fn main() { 2 | println!("Hello, world!!"); 3 | } 4 | -------------------------------------------------------------------------------- /trunk/Dockerfile: -------------------------------------------------------------------------------- 1 | # Build trunk. 2 | FROM rust:1.85-bookworm AS build 3 | ARG TRUNK_VER=0.16.1 4 | ENV CARGO_REGISTRIES_CRATES_IO_PROTOCOL=sparse 5 | RUN cargo install --version $TRUNK_VER pg-trunk 6 | 7 | FROM scratch 8 | COPY --from=build /usr/local/cargo/bin/trunk . 9 | 10 | -------------------------------------------------------------------------------- /trunk/README.md: -------------------------------------------------------------------------------- 1 |

2 | 3 |

4 | 5 | # Trunk 6 | 7 | [![Latest quay.io image tags](https://img.shields.io/github/v/tag/jupyterhub/docker-image-cleaner?include_prereleases&label=quay.io)](https://quay.io/repository/tembo/trunk) 8 | 9 | This OCI contains a single file, `/trunk`, compiled from [the source]. Useful to add 10 | to another image: 11 | 12 | ```Dockerfile 13 | FROM quay.io/tembo/trunk:latest AS trunk 14 | FROM ubuntu:22.04 15 | COPY --from=trunk /trunk /usr/bin/trunk 16 | RUN trunk --version 17 | ``` 18 | 19 | [the source]: https://github.com/tembo-io/trunk/ 20 | --------------------------------------------------------------------------------