fix: use correct pgrx 0.16.1 for VectorChord v1.1.0 #16
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: KBVE Postgres CI & Release | |
| on: | |
| push: | |
| branches: [develop] | |
| workflow_dispatch: | |
| permissions: | |
| contents: write | |
| packages: write | |
| id-token: write | |
| concurrency: | |
| group: ${{ github.workflow }}-${{ github.ref }} | |
| cancel-in-progress: true | |
| jobs: | |
| check: | |
| runs-on: ubuntu-latest | |
| timeout-minutes: 30 | |
| steps: | |
| - name: Checkout repository | |
| uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 | |
| - name: Install Nix | |
| uses: NixOS/nix-installer-action@d6ef7ecd8f685af89869e5aca0580a33e3e3150c | |
| with: | |
| installer-version: 2.33.2 | |
| extra-conf: | | |
| substituters = https://cache.nixos.org https://nix-postgres-artifacts.s3.amazonaws.com | |
| trusted-public-keys = nix-postgres-artifacts:dGZlQOvKcNEjvT7QEAJbcV6b6uk7VF/hWMjhYleiaLI= cache.nixos.org-1:6NCHdD59X431o0gWypbMrAURkbJ16ZPMQFGspcDShjY= | |
| max-jobs = 4 | |
| - name: Evaluate PG17 slim derivation | |
| run: nix build --dry-run .#packages.x86_64-linux."psql_17_slim/bin" --accept-flake-config | |
| detect-version: | |
| runs-on: ubuntu-latest | |
| outputs: | |
| tag: ${{ steps.version.outputs.tag }} | |
| changed: ${{ steps.check-tag.outputs.changed }} | |
| owner: ${{ steps.owner.outputs.name }} | |
| steps: | |
| - name: Checkout repository | |
| uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 | |
| - name: Lowercase owner | |
| id: owner | |
| run: echo "name=$(echo '${{ github.repository_owner }}' | tr '[:upper:]' '[:lower:]')" >> $GITHUB_OUTPUT | |
| - name: Extract version from vars.yml | |
| id: version | |
| run: | | |
| VERSION=$(grep 'postgres17:' ansible/vars.yml | sed 's/.*"\(.*\)".*/\1/') | |
| echo "tag=${VERSION}-kbve" >> $GITHUB_OUTPUT | |
| echo "Detected version: ${VERSION}-kbve" | |
| - name: Login to GHCR | |
| uses: docker/login-action@v2 | |
| with: | |
| registry: ghcr.io | |
| username: ${{ github.actor }} | |
| password: ${{ secrets.GITHUB_TOKEN }} | |
| - name: Check if tag exists in GHCR | |
| id: check-tag | |
| run: | | |
| TAG="${{ steps.version.outputs.tag }}" | |
| OWNER="${{ steps.owner.outputs.name }}" | |
| if docker manifest inspect "ghcr.io/${OWNER}/postgres:${TAG}" > /dev/null 2>&1; then | |
| echo "Tag ${TAG} already exists in GHCR, skipping build" | |
| echo "changed=false" >> $GITHUB_OUTPUT | |
| else | |
| echo "Tag ${TAG} not found in GHCR, will build" | |
| echo "changed=true" >> $GITHUB_OUTPUT | |
| fi | |
| build-test-release: | |
| needs: [check, detect-version] | |
| if: | | |
| github.event_name == 'workflow_dispatch' || | |
| (github.event_name == 'push' && needs.detect-version.outputs.changed == 'true') | |
| runs-on: ubuntu-latest | |
| timeout-minutes: 180 | |
| steps: | |
| - name: Checkout repository | |
| uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 | |
| with: | |
| fetch-depth: 0 | |
| fetch-tags: true | |
| - name: Install Nix | |
| uses: NixOS/nix-installer-action@d6ef7ecd8f685af89869e5aca0580a33e3e3150c | |
| with: | |
| installer-version: 2.33.2 | |
| extra-conf: | | |
| substituters = https://cache.nixos.org https://nix-postgres-artifacts.s3.amazonaws.com | |
| trusted-public-keys = nix-postgres-artifacts:dGZlQOvKcNEjvT7QEAJbcV6b6uk7VF/hWMjhYleiaLI= cache.nixos.org-1:6NCHdD59X431o0gWypbMrAURkbJ16ZPMQFGspcDShjY= | |
| max-jobs = 4 | |
| - name: Set up Docker Buildx | |
| run: docker context create builders | |
| - uses: docker/setup-buildx-action@v3 | |
| with: | |
| endpoint: builders | |
| - name: Login to GHCR | |
| uses: docker/login-action@v2 | |
| with: | |
| registry: ghcr.io | |
| username: ${{ github.actor }} | |
| password: ${{ secrets.GITHUB_TOKEN }} | |
| # Step 1: Build locally (no push yet) | |
| - name: Build Docker image locally | |
| run: | | |
| docker build \ | |
| -f Dockerfile-17 \ | |
| -t pg-test:17 \ | |
| --target production \ | |
| . | |
| # Step 2: Test the image | |
| - name: Start PostgreSQL container | |
| run: | | |
| docker run -d \ | |
| --name pg-test-17 \ | |
| -e POSTGRES_PASSWORD=testpass \ | |
| -e POSTGRES_HOST_AUTH_METHOD=trust \ | |
| -p 5432:5432 \ | |
| pg-test:17 | |
| - name: Wait for PostgreSQL to be ready | |
| run: | | |
| echo "Waiting for PostgreSQL to start..." | |
| for i in $(seq 1 30); do | |
| if docker exec pg-test-17 pg_isready -U postgres -h localhost 2>/dev/null; then | |
| echo "PostgreSQL is ready" | |
| exit 0 | |
| fi | |
| echo "Attempt $i/30 - waiting..." | |
| sleep 2 | |
| done | |
| echo "PostgreSQL failed to start" | |
| docker logs pg-test-17 | |
| exit 1 | |
| - name: Run PostgreSQL health checks | |
| run: | | |
| echo "=== PostgreSQL version ===" | |
| docker exec pg-test-17 psql -U supabase_admin -h localhost -d postgres -c "SELECT version();" | |
| echo "=== Installed extensions ===" | |
| docker exec pg-test-17 psql -U supabase_admin -h localhost -d postgres -c "SELECT name, default_version FROM pg_available_extensions ORDER BY name;" | |
| echo "=== Test basic SQL ===" | |
| docker exec pg-test-17 psql -U supabase_admin -h localhost -d postgres -c "CREATE TABLE test_health (id serial PRIMARY KEY, data text); INSERT INTO test_health (data) VALUES ('ok'); SELECT * FROM test_health; DROP TABLE test_health;" | |
| - name: Test KBVE extensions | |
| run: | | |
| PSQL="docker exec pg-test-17 psql -U supabase_admin -h localhost -d postgres -v ON_ERROR_STOP=1" | |
| echo "=== Load extensions ===" | |
| $PSQL -c "CREATE EXTENSION IF NOT EXISTS vector;" | |
| $PSQL -c "CREATE EXTENSION kilobase;" | |
| $PSQL -c "CREATE EXTENSION vchord;" | |
| $PSQL -c "SELECT extname, extversion FROM pg_extension WHERE extname IN ('vector', 'kilobase', 'vchord') ORDER BY extname;" | |
| echo "=== Smoke test: pgvector ===" | |
| $PSQL <<'SQL' | |
| CREATE TABLE test_embeddings (id serial PRIMARY KEY, embedding vector(3)); | |
| INSERT INTO test_embeddings (embedding) VALUES ('[1,2,3]'), ('[4,5,6]'), ('[7,8,9]'); | |
| SELECT id, embedding, embedding <-> '[1,1,1]' AS distance FROM test_embeddings ORDER BY embedding <-> '[1,1,1]' LIMIT 2; | |
| DROP TABLE test_embeddings; | |
| SQL | |
| echo "=== Smoke test: kilobase ===" | |
| $PSQL <<'SQL' | |
| SELECT kilobase_info(); | |
| SQL | |
| echo "=== Smoke test: vchord ===" | |
| $PSQL <<'SQL' | |
| CREATE TABLE test_vchord (id serial PRIMARY KEY, embedding vector(3)); | |
| INSERT INTO test_vchord (embedding) SELECT ('[' || (random()*10)::int || ',' || (random()*10)::int || ',' || (random()*10)::int || ']')::vector FROM generate_series(1, 100); | |
| SELECT COUNT(*) AS row_count FROM test_vchord; | |
| DROP TABLE test_vchord; | |
| SQL | |
| echo "=== All extension smoke tests passed ===" | |
| - name: Cleanup test container | |
| if: always() | |
| run: docker rm -f pg-test-17 || true | |
| # Step 3: Push to GHCR (only after tests pass) | |
| - name: Tag and push Docker image | |
| run: | | |
| OWNER="${{ needs.detect-version.outputs.owner }}" | |
| TAG="${{ needs.detect-version.outputs.tag }}" | |
| docker tag pg-test:17 "ghcr.io/${OWNER}/postgres:${TAG}" | |
| docker tag pg-test:17 "ghcr.io/${OWNER}/postgres:latest" | |
| docker push "ghcr.io/${OWNER}/postgres:${TAG}" | |
| docker push "ghcr.io/${OWNER}/postgres:latest" | |
| # Step 4: Create release | |
| - name: Create GitHub Release | |
| uses: softprops/action-gh-release@v1 | |
| with: | |
| tag_name: ${{ needs.detect-version.outputs.tag }} | |
| name: "PostgreSQL 17 KBVE Build ${{ needs.detect-version.outputs.tag }}" | |
| body: | | |
| ## PostgreSQL 17 Docker Image (KBVE Build) | |
| ### Docker Image | |
| ```bash | |
| docker pull ghcr.io/${{ needs.detect-version.outputs.owner }}/postgres:${{ needs.detect-version.outputs.tag }} | |
| ``` | |
| ### CNPG Cluster Usage | |
| ```yaml | |
| apiVersion: postgresql.cnpg.io/v1 | |
| kind: Cluster | |
| metadata: | |
| name: postgres-kbve | |
| spec: | |
| instances: 3 | |
| imageName: ghcr.io/${{ needs.detect-version.outputs.owner }}/postgres:${{ needs.detect-version.outputs.tag }} | |
| postgresql: | |
| shared_preload_libraries: | |
| - "pg_stat_statements" | |
| - "pg_failover_slots" | |
| ``` | |
| ### Fork Customizations | |
| - kilobase (pgrx 0.16.1 extension) | |
| - vchord / VectorChord (pgrx 0.17.0 — scalable vector search) | |
| - pg_failover_slots (logical replication slot failover) | |
| - All standard Supabase PostgreSQL extensions | |
| ### Build Details | |
| - PostgreSQL 17 | |
| - Platform: linux/amd64 | |
| - Base: Supabase PostgreSQL distribution | |
| - Built with Nix reproducible builds | |
| draft: false | |
| prerelease: false |