From 141e7da5f047772be71b6801fcbd3338ac4d1dad Mon Sep 17 00:00:00 2001 From: Michel Pelletier Date: Tue, 21 Feb 2023 19:53:23 -0800 Subject: [PATCH] add Trusted Language Extensions (#405) * add flex, fix copy pasta. * chore: pg_tle in Docker (#542) * chore: set pg_tle as 29th extension * chore: place pg_tle in vars.yml * chore: add pg_tle to Dockerfile * chore: bump version * chore: new line * chore: add test for pg_tle * fix: remove specified schema * chore: update sql test formatting --------- Co-authored-by: Han Qiao * chore: update release checksum * Update ansible/Dockerfile * fix: reinstate pg_tle in docker (#556) * fix: reinstate pg_tle in Dockerfile * fix * fix: put back flex --------- Co-authored-by: dragarcia Co-authored-by: Han Qiao --- Dockerfile | 23 +++++++++++++++++++ .../postgresql_config/postgresql.conf.j2 | 2 +- .../tasks/postgres-extensions/29-pg_tle.yml | 12 ++++++++++ ansible/tasks/setup-extensions.yml | 3 +++ ansible/vars.yml | 3 +++ common.vars.pkr.hcl | 2 +- migrations/tests/extensions/29-pg_tle.sql | 1 + migrations/tests/extensions/test.sql | 1 + 8 files changed, 45 insertions(+), 2 deletions(-) create mode 100644 ansible/tasks/postgres-extensions/29-pg_tle.yml create mode 100644 migrations/tests/extensions/29-pg_tle.sql diff --git a/Dockerfile b/Dockerfile index c72df6d2c..beafe6243 100644 --- a/Dockerfile +++ b/Dockerfile @@ -34,6 +34,7 @@ ARG wrappers_release=0.1.7 ARG hypopg_release=1.3.1 ARG pg_repack_release=1.4.8 ARG pgvector_release=0.4.0 +ARG pg_tle_release=1.0.1 FROM postgres:${postgresql_release} as base # Redeclare args for use in subsequent stages @@ -692,6 +693,27 @@ RUN --mount=type=cache,target=/ccache,from=public.ecr.aws/supabase/postgres:ccac # Create debian package RUN checkinstall -D --install=no --fstrans=no --backup=no --pakdir=/tmp --nodoc +#################### +# 29-pg_tle.yml +#################### +FROM ccache as pg_tle +ARG pg_tle_release +ARG pg_tle_release_checksum +ADD --checksum=${pg_tle_release_checksum} \ + "https://github.com/aws/pg_tle/archive/refs/tags/v${pg_tle_release}.tar.gz" \ + /tmp/pg_tle.tar.gz +RUN tar -xvf /tmp/pg_tle.tar.gz -C /tmp && \ + rm -rf /tmp/pg_tle.tar.gz +RUN apt-get update && apt-get install -y --no-install-recommends \ + flex \ + && rm -rf /var/lib/apt/lists/* +# Build from source +WORKDIR /tmp/pg_tle-${pg_tle_release} +RUN --mount=type=cache,target=/ccache,from=public.ecr.aws/supabase/postgres:ccache \ + make -j$(nproc) +# Create debian package +RUN checkinstall -D --install=no --fstrans=no --backup=no --pakdir=/tmp --nodoc + #################### # Collect extension packages #################### @@ -723,6 +745,7 @@ COPY --from=wrappers /tmp/*.deb /tmp/ COPY --from=hypopg /tmp/*.deb /tmp/ COPY --from=pg_repack /tmp/*.deb /tmp/ COPY --from=pgvector /tmp/*.deb /tmp/ +COPY --from=pg_tle /tmp/*.deb /tmp/ #################### # Build final image diff --git a/ansible/files/postgresql_config/postgresql.conf.j2 b/ansible/files/postgresql_config/postgresql.conf.j2 index b46068a27..4473074f6 100644 --- a/ansible/files/postgresql_config/postgresql.conf.j2 +++ b/ansible/files/postgresql_config/postgresql.conf.j2 @@ -688,7 +688,7 @@ default_text_search_config = 'pg_catalog.english' #local_preload_libraries = '' #session_preload_libraries = '' -shared_preload_libraries = 'pg_stat_statements, pg_stat_monitor, pgaudit, plpgsql, plpgsql_check, pg_cron, pg_net, pgsodium, timescaledb, auto_explain' # (change requires restart) +shared_preload_libraries = 'pg_stat_statements, pg_stat_monitor, pgaudit, plpgsql, plpgsql_check, pg_cron, pg_net, pgsodium, timescaledb, auto_explain, pg_tle' # (change requires restart) jit_provider = 'llvmjit' # JIT library to use # - Other Defaults - diff --git a/ansible/tasks/postgres-extensions/29-pg_tle.yml b/ansible/tasks/postgres-extensions/29-pg_tle.yml new file mode 100644 index 000000000..ea0b199e1 --- /dev/null +++ b/ansible/tasks/postgres-extensions/29-pg_tle.yml @@ -0,0 +1,12 @@ +# pg_tle +- name: pg_tle - download + git: + repo: https://github.com/aws/pg_tle.git + dest: /tmp/pg_tle + version: v{{ pg_tle_release }} + +- name: pg_tle - install + make: + chdir: /tmp/pg_tle + target: install + become: yes diff --git a/ansible/tasks/setup-extensions.yml b/ansible/tasks/setup-extensions.yml index b5b0b8cce..5e917d388 100644 --- a/ansible/tasks/setup-extensions.yml +++ b/ansible/tasks/setup-extensions.yml @@ -82,6 +82,9 @@ - name: Install pgvector import_tasks: tasks/postgres-extensions/28-pgvector.yml +- name: Install Trusted Language Extensions + import_tasks: tasks/postgres-extensions/29-pg_tle.yml + - name: Verify async task status import_tasks: tasks/postgres-extensions/99-finish_async_tasks.yml when: async_mode diff --git a/ansible/vars.yml b/ansible/vars.yml index 6aa56d0f0..f4a95049a 100644 --- a/ansible/vars.yml +++ b/ansible/vars.yml @@ -131,3 +131,6 @@ pg_repack_release_checksum: sha256:18b4d871c1abf78cf0b1b1fe6081d435d183a8dc5eb97 pgvector_release: "0.4.0" pgvector_release_checksum: sha256:b76cf84ddad452cc880a6c8c661d137ddd8679c000a16332f4f03ecf6e10bcc8 + +pg_tle_release: "1.0.1" +pg_tle_release_checksum: sha256:c536b818ffcda478c2ea67d2cd30c70cab1fecdc3dd8146a5411377ba5f12950 diff --git a/common.vars.pkr.hcl b/common.vars.pkr.hcl index ef6efa76f..3d80a8fa9 100644 --- a/common.vars.pkr.hcl +++ b/common.vars.pkr.hcl @@ -1 +1 @@ -postgres-version = "15.1.0.44" +postgres-version = "15.1.0.45" \ No newline at end of file diff --git a/migrations/tests/extensions/29-pg_tle.sql b/migrations/tests/extensions/29-pg_tle.sql new file mode 100644 index 000000000..0b4fb309b --- /dev/null +++ b/migrations/tests/extensions/29-pg_tle.sql @@ -0,0 +1 @@ +create extension if not exists pg_tle; diff --git a/migrations/tests/extensions/test.sql b/migrations/tests/extensions/test.sql index 4174bae62..47e8e107b 100644 --- a/migrations/tests/extensions/test.sql +++ b/migrations/tests/extensions/test.sql @@ -27,3 +27,4 @@ \ir 26-hypopg.sql \ir 27-pg_repack.sql \ir 28-pgvector.sql +\ir 29-pg_tle.sql