feat: add VectorChord extension for PG17 #13
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: KBVE Postgres CI & Release | |
| on: | |
| push: | |
| branches: [develop] | |
| workflow_dispatch: | |
| permissions: | |
| contents: write | |
| packages: write | |
| id-token: write | |
| concurrency: | |
| group: ${{ github.workflow }}-${{ github.ref }} | |
| cancel-in-progress: true | |
| jobs: | |
| check: | |
| runs-on: ubuntu-latest | |
| timeout-minutes: 30 | |
| steps: | |
| - name: Checkout repository | |
| uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 | |
| - name: Install Nix | |
| uses: NixOS/nix-installer-action@d6ef7ecd8f685af89869e5aca0580a33e3e3150c | |
| with: | |
| installer-version: 2.33.2 | |
| extra-conf: | | |
| substituters = https://cache.nixos.org https://nix-postgres-artifacts.s3.amazonaws.com | |
| trusted-public-keys = nix-postgres-artifacts:dGZlQOvKcNEjvT7QEAJbcV6b6uk7VF/hWMjhYleiaLI= cache.nixos.org-1:6NCHdD59X431o0gWypbMrAURkbJ16ZPMQFGspcDShjY= | |
| max-jobs = 4 | |
| - name: Evaluate PG17 slim derivation | |
| run: nix build --dry-run .#packages.x86_64-linux."psql_17_slim/bin" --accept-flake-config | |
| detect-version: | |
| runs-on: ubuntu-latest | |
| outputs: | |
| tag: ${{ steps.version.outputs.tag }} | |
| changed: ${{ steps.check-tag.outputs.changed }} | |
| owner: ${{ steps.owner.outputs.name }} | |
| steps: | |
| - name: Checkout repository | |
| uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 | |
| - name: Lowercase owner | |
| id: owner | |
| run: echo "name=$(echo '${{ github.repository_owner }}' | tr '[:upper:]' '[:lower:]')" >> $GITHUB_OUTPUT | |
| - name: Extract version from vars.yml | |
| id: version | |
| run: | | |
| VERSION=$(grep 'postgres17:' ansible/vars.yml | sed 's/.*"\(.*\)".*/\1/') | |
| echo "tag=${VERSION}-kbve" >> $GITHUB_OUTPUT | |
| echo "Detected version: ${VERSION}-kbve" | |
| - name: Login to GHCR | |
| uses: docker/login-action@v2 | |
| with: | |
| registry: ghcr.io | |
| username: ${{ github.actor }} | |
| password: ${{ secrets.GITHUB_TOKEN }} | |
| - name: Check if tag exists in GHCR | |
| id: check-tag | |
| run: | | |
| TAG="${{ steps.version.outputs.tag }}" | |
| OWNER="${{ steps.owner.outputs.name }}" | |
| if docker manifest inspect "ghcr.io/${OWNER}/postgres:${TAG}" > /dev/null 2>&1; then | |
| echo "Tag ${TAG} already exists in GHCR, skipping build" | |
| echo "changed=false" >> $GITHUB_OUTPUT | |
| else | |
| echo "Tag ${TAG} not found in GHCR, will build" | |
| echo "changed=true" >> $GITHUB_OUTPUT | |
| fi | |
| build-test-release: | |
| needs: [check, detect-version] | |
| if: | | |
| github.event_name == 'workflow_dispatch' || | |
| (github.event_name == 'push' && needs.detect-version.outputs.changed == 'true') | |
| runs-on: ubuntu-latest | |
| timeout-minutes: 180 | |
| steps: | |
| - name: Checkout repository | |
| uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 | |
| with: | |
| fetch-depth: 0 | |
| fetch-tags: true | |
| - name: Install Nix | |
| uses: NixOS/nix-installer-action@d6ef7ecd8f685af89869e5aca0580a33e3e3150c | |
| with: | |
| installer-version: 2.33.2 | |
| extra-conf: | | |
| substituters = https://cache.nixos.org https://nix-postgres-artifacts.s3.amazonaws.com | |
| trusted-public-keys = nix-postgres-artifacts:dGZlQOvKcNEjvT7QEAJbcV6b6uk7VF/hWMjhYleiaLI= cache.nixos.org-1:6NCHdD59X431o0gWypbMrAURkbJ16ZPMQFGspcDShjY= | |
| max-jobs = 4 | |
| - name: Set up Docker Buildx | |
| run: docker context create builders | |
| - uses: docker/setup-buildx-action@v3 | |
| with: | |
| endpoint: builders | |
| - name: Login to GHCR | |
| uses: docker/login-action@v2 | |
| with: | |
| registry: ghcr.io | |
| username: ${{ github.actor }} | |
| password: ${{ secrets.GITHUB_TOKEN }} | |
| # Step 1: Build locally (no push yet) | |
| - name: Build Docker image locally | |
| run: | | |
| docker build \ | |
| -f Dockerfile-17 \ | |
| -t pg-test:17 \ | |
| --target production \ | |
| . | |
| # Step 2: Test the image | |
| - name: Start PostgreSQL container | |
| run: | | |
| docker run -d \ | |
| --name pg-test-17 \ | |
| -e POSTGRES_PASSWORD=testpass \ | |
| -e POSTGRES_HOST_AUTH_METHOD=trust \ | |
| -p 5432:5432 \ | |
| pg-test:17 | |
| - name: Wait for PostgreSQL to be ready | |
| run: | | |
| echo "Waiting for PostgreSQL to start..." | |
| for i in $(seq 1 30); do | |
| if docker exec pg-test-17 pg_isready -U postgres -h localhost 2>/dev/null; then | |
| echo "PostgreSQL is ready" | |
| exit 0 | |
| fi | |
| echo "Attempt $i/30 - waiting..." | |
| sleep 2 | |
| done | |
| echo "PostgreSQL failed to start" | |
| docker logs pg-test-17 | |
| exit 1 | |
| - name: Run PostgreSQL health checks | |
| run: | | |
| echo "=== PostgreSQL version ===" | |
| docker exec pg-test-17 psql -U supabase_admin -h localhost -d postgres -c "SELECT version();" | |
| echo "=== Installed extensions ===" | |
| docker exec pg-test-17 psql -U supabase_admin -h localhost -d postgres -c "SELECT name, default_version FROM pg_available_extensions ORDER BY name;" | |
| echo "=== Test basic SQL ===" | |
| docker exec pg-test-17 psql -U supabase_admin -h localhost -d postgres -c "CREATE TABLE test_health (id serial PRIMARY KEY, data text); INSERT INTO test_health (data) VALUES ('ok'); SELECT * FROM test_health; DROP TABLE test_health;" | |
| - name: Test KBVE extensions | |
| run: | | |
| echo "=== Test pgvector ===" | |
| docker exec pg-test-17 psql -U supabase_admin -h localhost -d postgres -c "CREATE EXTENSION IF NOT EXISTS vector; SELECT extname, extversion FROM pg_extension WHERE extname = 'vector';" | |
| echo "=== Test kilobase ===" | |
| docker exec pg-test-17 psql -U supabase_admin -h localhost -d postgres -c "CREATE EXTENSION kilobase; SELECT extname, extversion FROM pg_extension WHERE extname = 'kilobase';" | |
| echo "=== Test vchord ===" | |
| docker exec pg-test-17 psql -U supabase_admin -h localhost -d postgres -c "CREATE EXTENSION vchord; SELECT extname, extversion FROM pg_extension WHERE extname = 'vchord';" | |
| echo "=== Verify all loaded ===" | |
| docker exec pg-test-17 psql -U supabase_admin -h localhost -d postgres -c "SELECT extname, extversion FROM pg_extension WHERE extname IN ('vector', 'kilobase', 'vchord') ORDER BY extname;" | |
| - name: Cleanup test container | |
| if: always() | |
| run: docker rm -f pg-test-17 || true | |
| # Step 3: Push to GHCR (only after tests pass) | |
| - name: Tag and push Docker image | |
| run: | | |
| OWNER="${{ needs.detect-version.outputs.owner }}" | |
| TAG="${{ needs.detect-version.outputs.tag }}" | |
| docker tag pg-test:17 "ghcr.io/${OWNER}/postgres:${TAG}" | |
| docker tag pg-test:17 "ghcr.io/${OWNER}/postgres:latest" | |
| docker push "ghcr.io/${OWNER}/postgres:${TAG}" | |
| docker push "ghcr.io/${OWNER}/postgres:latest" | |
| # Step 4: Create release | |
| - name: Create GitHub Release | |
| uses: softprops/action-gh-release@v1 | |
| with: | |
| tag_name: ${{ needs.detect-version.outputs.tag }} | |
| name: "PostgreSQL 17 KBVE Build ${{ needs.detect-version.outputs.tag }}" | |
| body: | | |
| ## PostgreSQL 17 Docker Image (KBVE Build) | |
| ### Docker Image | |
| ```bash | |
| docker pull ghcr.io/${{ needs.detect-version.outputs.owner }}/postgres:${{ needs.detect-version.outputs.tag }} | |
| ``` | |
| ### CNPG Cluster Usage | |
| ```yaml | |
| apiVersion: postgresql.cnpg.io/v1 | |
| kind: Cluster | |
| metadata: | |
| name: postgres-kbve | |
| spec: | |
| instances: 3 | |
| imageName: ghcr.io/${{ needs.detect-version.outputs.owner }}/postgres:${{ needs.detect-version.outputs.tag }} | |
| postgresql: | |
| shared_preload_libraries: | |
| - "pg_stat_statements" | |
| - "pg_failover_slots" | |
| ``` | |
| ### Fork Customizations | |
| - kilobase (pgrx 0.16.1 extension) | |
| - vchord / VectorChord (pgrx 0.17.0 — scalable vector search) | |
| - pg_failover_slots (logical replication slot failover) | |
| - All standard Supabase PostgreSQL extensions | |
| ### Build Details | |
| - PostgreSQL 17 | |
| - Platform: linux/amd64 | |
| - Base: Supabase PostgreSQL distribution | |
| - Built with Nix reproducible builds | |
| draft: false | |
| prerelease: false |