Skip to content
KBVE Postgres CI & Release

test: expand extension smoke tests #14

Sign in to view logs

test: expand extension smoke tests

test: expand extension smoke tests #14

Workflow file for this run

.github/workflows/ci-kilobase-runner.yaml at e3ab647
name: KBVE Postgres CI & Release
on:
push:
branches: [develop]
workflow_dispatch:
permissions:
contents: write
packages: write
id-token: write
concurrency:
group: ${{ github.workflow }}-${{ github.ref }}
cancel-in-progress: true
jobs:
check:
runs-on: ubuntu-latest
timeout-minutes: 30
steps:
- name: Checkout repository
uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
- name: Install Nix
uses: NixOS/nix-installer-action@d6ef7ecd8f685af89869e5aca0580a33e3e3150c
with:
installer-version: 2.33.2
extra-conf: |
substituters = https://cache.nixos.org https://nix-postgres-artifacts.s3.amazonaws.com
trusted-public-keys = nix-postgres-artifacts:dGZlQOvKcNEjvT7QEAJbcV6b6uk7VF/hWMjhYleiaLI= cache.nixos.org-1:6NCHdD59X431o0gWypbMrAURkbJ16ZPMQFGspcDShjY=
max-jobs = 4
- name: Evaluate PG17 slim derivation
run: nix build --dry-run .#packages.x86_64-linux."psql_17_slim/bin" --accept-flake-config
detect-version:
runs-on: ubuntu-latest
outputs:
tag: ${{ steps.version.outputs.tag }}
changed: ${{ steps.check-tag.outputs.changed }}
owner: ${{ steps.owner.outputs.name }}
steps:
- name: Checkout repository
uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
- name: Lowercase owner
id: owner
run: echo "name=$(echo '${{ github.repository_owner }}' | tr '[:upper:]' '[:lower:]')" >> $GITHUB_OUTPUT
- name: Extract version from vars.yml
id: version
run: |
VERSION=$(grep 'postgres17:' ansible/vars.yml | sed 's/.*"\(.*\)".*/\1/')
echo "tag=${VERSION}-kbve" >> $GITHUB_OUTPUT
echo "Detected version: ${VERSION}-kbve"
- name: Login to GHCR
uses: docker/login-action@v2
with:
registry: ghcr.io
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}
- name: Check if tag exists in GHCR
id: check-tag
run: |
TAG="${{ steps.version.outputs.tag }}"
OWNER="${{ steps.owner.outputs.name }}"
if docker manifest inspect "ghcr.io/${OWNER}/postgres:${TAG}" > /dev/null 2>&1; then
echo "Tag ${TAG} already exists in GHCR, skipping build"
echo "changed=false" >> $GITHUB_OUTPUT
else
echo "Tag ${TAG} not found in GHCR, will build"
echo "changed=true" >> $GITHUB_OUTPUT
fi
build-test-release:
needs: [check, detect-version]
if: |
github.event_name == 'workflow_dispatch' ||
(github.event_name == 'push' && needs.detect-version.outputs.changed == 'true')
runs-on: ubuntu-latest
timeout-minutes: 180
steps:
- name: Checkout repository
uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
with:
fetch-depth: 0
fetch-tags: true
- name: Install Nix
uses: NixOS/nix-installer-action@d6ef7ecd8f685af89869e5aca0580a33e3e3150c
with:
installer-version: 2.33.2
extra-conf: |
substituters = https://cache.nixos.org https://nix-postgres-artifacts.s3.amazonaws.com
trusted-public-keys = nix-postgres-artifacts:dGZlQOvKcNEjvT7QEAJbcV6b6uk7VF/hWMjhYleiaLI= cache.nixos.org-1:6NCHdD59X431o0gWypbMrAURkbJ16ZPMQFGspcDShjY=
max-jobs = 4
- name: Set up Docker Buildx
run: docker context create builders
- uses: docker/setup-buildx-action@v3
with:
endpoint: builders
- name: Login to GHCR
uses: docker/login-action@v2
with:
registry: ghcr.io
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}
# Step 1: Build locally (no push yet)
- name: Build Docker image locally
run: |
docker build \
-f Dockerfile-17 \
-t pg-test:17 \
--target production \
.
# Step 2: Test the image
- name: Start PostgreSQL container
run: |
docker run -d \
--name pg-test-17 \
-e POSTGRES_PASSWORD=testpass \
-e POSTGRES_HOST_AUTH_METHOD=trust \
-p 5432:5432 \
pg-test:17
- name: Wait for PostgreSQL to be ready
run: |
echo "Waiting for PostgreSQL to start..."
for i in $(seq 1 30); do
if docker exec pg-test-17 pg_isready -U postgres -h localhost 2>/dev/null; then
echo "PostgreSQL is ready"
exit 0
fi
echo "Attempt $i/30 - waiting..."
sleep 2
done
echo "PostgreSQL failed to start"
docker logs pg-test-17
exit 1
- name: Run PostgreSQL health checks
run: |
echo "=== PostgreSQL version ==="
docker exec pg-test-17 psql -U supabase_admin -h localhost -d postgres -c "SELECT version();"
echo "=== Installed extensions ==="
docker exec pg-test-17 psql -U supabase_admin -h localhost -d postgres -c "SELECT name, default_version FROM pg_available_extensions ORDER BY name;"
echo "=== Test basic SQL ==="
docker exec pg-test-17 psql -U supabase_admin -h localhost -d postgres -c "CREATE TABLE test_health (id serial PRIMARY KEY, data text); INSERT INTO test_health (data) VALUES ('ok'); SELECT * FROM test_health; DROP TABLE test_health;"
- name: Test KBVE extensions
run: |
PSQL="docker exec pg-test-17 psql -U supabase_admin -h localhost -d postgres -v ON_ERROR_STOP=1"
echo "=== Load extensions ==="
$PSQL -c "CREATE EXTENSION IF NOT EXISTS vector;"
$PSQL -c "CREATE EXTENSION kilobase;"
$PSQL -c "CREATE EXTENSION vchord;"
$PSQL -c "SELECT extname, extversion FROM pg_extension WHERE extname IN ('vector', 'kilobase', 'vchord') ORDER BY extname;"
echo "=== Smoke test: pgvector ==="
$PSQL <<'SQL'
CREATE TABLE test_embeddings (id serial PRIMARY KEY, embedding vector(3));
INSERT INTO test_embeddings (embedding) VALUES ('[1,2,3]'), ('[4,5,6]'), ('[7,8,9]');
SELECT id, embedding, embedding <-> '[1,1,1]' AS distance FROM test_embeddings ORDER BY embedding <-> '[1,1,1]' LIMIT 2;
DROP TABLE test_embeddings;
SQL
echo "=== Smoke test: kilobase ==="
$PSQL <<'SQL'
SELECT kilobase_info();
SQL
echo "=== Smoke test: vchord ==="
$PSQL <<'SQL'
CREATE TABLE test_vchord (id serial PRIMARY KEY, embedding vector(3));
INSERT INTO test_vchord (embedding) SELECT ('[' || (random()*10)::int || ',' || (random()*10)::int || ',' || (random()*10)::int || ']')::vector FROM generate_series(1, 100);
SELECT COUNT(*) AS row_count FROM test_vchord;
DROP TABLE test_vchord;
SQL
echo "=== All extension smoke tests passed ==="
- name: Cleanup test container
if: always()
run: docker rm -f pg-test-17 || true
# Step 3: Push to GHCR (only after tests pass)
- name: Tag and push Docker image
run: |
OWNER="${{ needs.detect-version.outputs.owner }}"
TAG="${{ needs.detect-version.outputs.tag }}"
docker tag pg-test:17 "ghcr.io/${OWNER}/postgres:${TAG}"
docker tag pg-test:17 "ghcr.io/${OWNER}/postgres:latest"
docker push "ghcr.io/${OWNER}/postgres:${TAG}"
docker push "ghcr.io/${OWNER}/postgres:latest"
# Step 4: Create release
- name: Create GitHub Release
uses: softprops/action-gh-release@v1
with:
tag_name: ${{ needs.detect-version.outputs.tag }}
name: "PostgreSQL 17 KBVE Build ${{ needs.detect-version.outputs.tag }}"
body: |
## PostgreSQL 17 Docker Image (KBVE Build)
### Docker Image
```bash
docker pull ghcr.io/${{ needs.detect-version.outputs.owner }}/postgres:${{ needs.detect-version.outputs.tag }}
```
### CNPG Cluster Usage
```yaml
apiVersion: postgresql.cnpg.io/v1
kind: Cluster
metadata:
name: postgres-kbve
spec:
instances: 3
imageName: ghcr.io/${{ needs.detect-version.outputs.owner }}/postgres:${{ needs.detect-version.outputs.tag }}
postgresql:
shared_preload_libraries:
- "pg_stat_statements"
- "pg_failover_slots"
```
### Fork Customizations
- kilobase (pgrx 0.16.1 extension)
- vchord / VectorChord (pgrx 0.17.0 — scalable vector search)
- pg_failover_slots (logical replication slot failover)
- All standard Supabase PostgreSQL extensions
### Build Details
- PostgreSQL 17
- Platform: linux/amd64
- Base: Supabase PostgreSQL distribution
- Built with Nix reproducible builds
draft: false
prerelease: false