Skip to content
KBVE Postgres CI & Release

fix: use builtins.fetchGit for kilobase source (no hash needed) #3

Sign in to view logs

fix: use builtins.fetchGit for kilobase source (no hash needed)

fix: use builtins.fetchGit for kilobase source (no hash needed) #3

Workflow file for this run

.github/workflows/ci-kilobase-runner.yaml at e3d2101
name: KBVE Postgres CI & Release
on:
push:
branches: [develop]
pull_request:
branches: [develop]
workflow_dispatch:
inputs:
tag_name:
description: 'Docker image tag (e.g., 17.6.1.082-kbve)'
required: true
default: '17.6.1.082-kbve'
release_name:
description: 'Release name'
required: true
default: 'PostgreSQL 17 KBVE Build'
permissions:
contents: write
packages: write
id-token: write
concurrency:
group: ${{ github.workflow }}-${{ github.ref }}
cancel-in-progress: true
jobs:
flake-check:
runs-on: ubuntu-latest
timeout-minutes: 30
steps:
- name: Checkout repository
uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
- name: Install Nix
uses: NixOS/nix-installer-action@d6ef7ecd8f685af89869e5aca0580a33e3e3150c
with:
installer-version: 2.33.2
extra-conf: |
substituters = https://cache.nixos.org https://nix-postgres-artifacts.s3.amazonaws.com
trusted-public-keys = nix-postgres-artifacts:dGZlQOvKcNEjvT7QEAJbcV6b6uk7VF/hWMjhYleiaLI= cache.nixos.org-1:6NCHdD59X431o0gWypbMrAURkbJ16ZPMQFGspcDShjY=
max-jobs = 4
- name: Nix flake check
run: nix flake check --no-build --accept-flake-config
build-and-release:
if: github.event_name == 'workflow_dispatch'
needs: flake-check
runs-on: ubuntu-latest
timeout-minutes: 180
steps:
- name: Checkout repository
uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
with:
fetch-depth: 0
fetch-tags: true
- name: Install Nix
uses: NixOS/nix-installer-action@d6ef7ecd8f685af89869e5aca0580a33e3e3150c
with:
installer-version: 2.33.2
extra-conf: |
substituters = https://cache.nixos.org https://nix-postgres-artifacts.s3.amazonaws.com
trusted-public-keys = nix-postgres-artifacts:dGZlQOvKcNEjvT7QEAJbcV6b6uk7VF/hWMjhYleiaLI= cache.nixos.org-1:6NCHdD59X431o0gWypbMrAURkbJ16ZPMQFGspcDShjY=
max-jobs = 4
- name: Set up Docker Buildx
run: docker context create builders
- uses: docker/setup-buildx-action@v3
with:
endpoint: builders
- name: Login to GHCR
uses: docker/login-action@v2
with:
registry: ghcr.io
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}
- name: Get build args from vars.yml
id: args
run: |
nix run nixpkgs#nushell -- -c '
open ansible/vars.yml
| items { |key value| {name: $key, item: $value} }
| where { |it| ($it.item | describe) == "string" }
| each { |it| $"($it.name)=($it.item)" }
| str join "\n"
| save --append $env.GITHUB_OUTPUT
'
- name: Build and push Docker image
uses: docker/build-push-action@v5
with:
push: true
build-args: |
${{ steps.args.outputs.result }}
target: production
tags: |
ghcr.io/${{ github.repository_owner }}/postgres:${{ inputs.tag_name }}
ghcr.io/${{ github.repository_owner }}/postgres:latest
platforms: linux/amd64
cache-from: type=gha,scope=${{ github.ref_name }}-pg17-kbve
cache-to: type=gha,mode=max,scope=${{ github.ref_name }}-pg17-kbve
file: Dockerfile-17
- name: Create GitHub Release
uses: softprops/action-gh-release@v1
with:
tag_name: ${{ inputs.tag_name }}
name: ${{ inputs.release_name }}
body: |
## PostgreSQL 17 Docker Image (KBVE Build)
### Docker Image
```bash
docker pull ghcr.io/${{ github.repository_owner }}/postgres:${{ inputs.tag_name }}
```
### CNPG Cluster Usage
```yaml
apiVersion: postgresql.cnpg.io/v1
kind: Cluster
metadata:
name: postgres-kbve
spec:
instances: 3
imageName: ghcr.io/${{ github.repository_owner }}/postgres:${{ inputs.tag_name }}
postgresql:
shared_preload_libraries:
- "pg_stat_statements"
- "pg_failover_slots"
```
### Fork Customizations
- pg_failover_slots (logical replication slot failover)
- All standard Supabase PostgreSQL extensions
### Build Details
- PostgreSQL 17
- Platform: linux/amd64
- Base: Supabase PostgreSQL distribution
- Built with Nix reproducible builds
draft: false
prerelease: false