diff --git a/.github/workflows/ami-release-nix.yml b/.github/workflows/ami-release-nix.yml index 004a597d7..8029516f3 100644 --- a/.github/workflows/ami-release-nix.yml +++ b/.github/workflows/ami-release-nix.yml @@ -40,8 +40,8 @@ jobs: include: - runner: arm-runner arch: arm64 - ubuntu_release: focal - ubuntu_version: 20.04 + ubuntu_release: noble + ubuntu_version: 24.04 mcpu: neoverse-n1 runs-on: ${{ matrix.runner }} timeout-minutes: 150 @@ -122,7 +122,7 @@ jobs: - name: Upload nix flake revision to s3 staging run: | - aws s3 cp /tmp/pg_binaries.tar.gz s3://${{ secrets.ARTIFACTS_BUCKET }}/upgrades/postgres/supabase-postgres-${{ steps.process_release_version.outputs.version }}/20.04.tar.gz + aws s3 cp /tmp/pg_binaries.tar.gz s3://${{ secrets.ARTIFACTS_BUCKET }}/upgrades/postgres/supabase-postgres-${{ steps.process_release_version.outputs.version }}/24.04.tar.gz - name: configure aws credentials - prod uses: aws-actions/configure-aws-credentials@v4 @@ -141,7 +141,7 @@ jobs: - name: Upload nix flake revision to s3 prod run: | - aws s3 cp /tmp/pg_binaries.tar.gz s3://${{ secrets.PROD_ARTIFACTS_BUCKET }}/upgrades/postgres/supabase-postgres-${{ steps.process_release_version.outputs.version }}/20.04.tar.gz + aws s3 cp /tmp/pg_binaries.tar.gz s3://${{ secrets.PROD_ARTIFACTS_BUCKET }}/upgrades/postgres/supabase-postgres-${{ steps.process_release_version.outputs.version }}/24.04.tar.gz - name: Create release uses: softprops/action-gh-release@v2 diff --git a/.github/workflows/publish-nix-pgupgrade-bin-flake-version.yml b/.github/workflows/publish-nix-pgupgrade-bin-flake-version.yml index bec85166e..d949fff01 100644 --- a/.github/workflows/publish-nix-pgupgrade-bin-flake-version.yml +++ b/.github/workflows/publish-nix-pgupgrade-bin-flake-version.yml @@ -66,7 +66,7 @@ jobs: - name: Upload pg_upgrade scripts to s3 staging run: | - aws s3 cp /tmp/pg_upgrade_bin.tar.gz "s3://${{ secrets.ARTIFACTS_BUCKET }}/upgrades/postgres/supabase-postgres-${{ steps.process_release_version.outputs.version }}/20.04.tar.gz" + aws s3 cp /tmp/pg_upgrade_bin.tar.gz s3://${{ secrets.ARTIFACTS_BUCKET }}/upgrades/postgres/supabase-postgres-${{ steps.process_release_version.outputs.version }}/24.04.tar.gz - name: Slack Notification on Failure if: ${{ failure() }} @@ -113,7 +113,7 @@ jobs: - name: Upload pg_upgrade scripts to s3 prod run: | - aws s3 cp /tmp/pg_upgrade_bin.tar.gz "s3://${{ secrets.PROD_ARTIFACTS_BUCKET }}/upgrades/postgres/supabase-postgres-${{ steps.process_release_version.outputs.version }}/20.04.tar.gz" + aws s3 cp /tmp/pg_upgrade_bin.tar.gz s3://${{ secrets.PROD_ARTIFACTS_BUCKET }}/upgrades/postgres/supabase-postgres-${{ steps.process_release_version.outputs.version }}/24.04.tar.gz - name: Slack Notification on Failure if: ${{ failure() }} diff --git a/.github/workflows/testinfra-nix.yml b/.github/workflows/testinfra-nix.yml index c486dfc34..0ab2a0448 100644 --- a/.github/workflows/testinfra-nix.yml +++ b/.github/workflows/testinfra-nix.yml @@ -34,8 +34,8 @@ jobs: include: - runner: arm-runner arch: arm64 - ubuntu_release: focal - ubuntu_version: 20.04 + ubuntu_release: noble + ubuntu_version: 24.04 mcpu: neoverse-n1 runs-on: ${{ matrix.runner }} timeout-minutes: 150 diff --git a/Dockerfile-15 b/Dockerfile-15 index b7f48977e..c733d2f9b 100644 --- a/Dockerfile-15 +++ b/Dockerfile-15 @@ -38,7 +38,7 @@ ARG index_advisor_release=0.2.0 ARG supautils_release=2.2.0 ARG wal_g_release=2.0.1 -FROM ubuntu:focal as base +FROM ubuntu:noble as base RUN apt update -y && apt install -y \ curl \ diff --git a/Dockerfile-orioledb-17 b/Dockerfile-orioledb-17 index fe9b902cb..59f3d2abf 100644 --- a/Dockerfile-orioledb-17 +++ b/Dockerfile-orioledb-17 @@ -39,7 +39,7 @@ ARG index_advisor_release=0.2.0 ARG supautils_release=2.2.0 ARG wal_g_release=3.0.5 -FROM ubuntu:focal as base +FROM ubuntu:noble as base RUN apt update -y && apt install -y \ curl \ diff --git a/README.md b/README.md index d7b106cf8..74a2ae486 100644 --- a/README.md +++ b/README.md @@ -5,8 +5,8 @@ Unmodified Postgres with some useful plugins. Our goal with this repo is not to ## Primary Features - ✅ Postgres [postgresql-15.8](https://www.postgresql.org/docs/15/index.html) - ✅ Postgres [postgresql-17.4](https://www.postgresql.org/docs/17/index.html) -- ✅ Postgres [orioledb-postgresql-17_5](https://github.com/orioledb/orioledb) -- ✅ Ubuntu 20.04 (Focal Fossa). +- ✅ Postgres [orioledb-postgresql-17_6](https://github.com/orioledb/orioledb) +- ✅ Ubuntu 24.04 (Noble Numbat). - ✅ [wal_level](https://www.postgresql.org/docs/current/runtime-config-wal.html) = logical and [max_replication_slots](https://www.postgresql.org/docs/current/runtime-config-replication.html) = 5. Ready for replication. - ✅ [Large Systems Extensions](https://github.com/aws/aws-graviton-getting-started#building-for-graviton-and-graviton2). Enabled for ARM images. ## Extensions @@ -42,7 +42,7 @@ Unmodified Postgres with some useful plugins. Our goal with this repo is not to | [supabase-wrappers](https://github.com/supabase/wrappers/archive/v0.4.5.tar.gz) | [0.4.5](https://github.com/supabase/wrappers/archive/v0.4.5.tar.gz) | Various Foreign Data Wrappers (FDWs) for PostreSQL | | [supautils](https://github.com/supabase/supautils/archive/refs/tags/v2.6.0.tar.gz) | [2.6.0](https://github.com/supabase/supautils/archive/refs/tags/v2.6.0.tar.gz) | PostgreSQL extension for enhanced security | | [timescaledb-apache](https://github.com/timescale/timescaledb/archive/2.16.1.tar.gz) | [2.16.1](https://github.com/timescale/timescaledb/archive/2.16.1.tar.gz) | Scales PostgreSQL for time-series data via automatic partitioning across time and space | -| [vault](https://github.com/supabase/vault/archive/refs/tags/v0.2.9.tar.gz) | [0.2.9](https://github.com/supabase/vault/archive/refs/tags/v0.2.9.tar.gz) | Store encrypted secrets in PostgreSQL | +| [vault](https://github.com/supabase/vault/archive/refs/tags/v0.3.1.tar.gz) | [0.3.1](https://github.com/supabase/vault/archive/refs/tags/v0.3.1.tar.gz) | Store encrypted secrets in PostgreSQL | | [wal2json](https://github.com/eulerto/wal2json/archive/wal2json_2_6.tar.gz) | [2_6](https://github.com/eulerto/wal2json/archive/wal2json_2_6.tar.gz) | PostgreSQL JSON output plugin for changeset extraction | ### PostgreSQL 17 Extensions @@ -51,7 +51,6 @@ Unmodified Postgres with some useful plugins. Our goal with this repo is not to | [hypopg](https://github.com/HypoPG/hypopg/archive/refs/tags/1.4.1.tar.gz) | [1.4.1](https://github.com/HypoPG/hypopg/archive/refs/tags/1.4.1.tar.gz) | Hypothetical Indexes for PostgreSQL | | [index_advisor](https://github.com/olirice/index_advisor/archive/v0.2.0.tar.gz) | [0.2.0](https://github.com/olirice/index_advisor/archive/v0.2.0.tar.gz) | Recommend indexes to improve query performance in PostgreSQL | | [pg-safeupdate](https://github.com/eradman/pg-safeupdate/archive/1.4.tar.gz) | [1.4](https://github.com/eradman/pg-safeupdate/archive/1.4.tar.gz) | A simple extension to PostgreSQL that requires criteria for UPDATE and DELETE | -| [pg_backtrace](https://github.com/pashkinelfe/pg_backtrace/archive/d100bac815a7365e199263f5b3741baf71b14c70.tar.gz) | [1.1](https://github.com/pashkinelfe/pg_backtrace/archive/d100bac815a7365e199263f5b3741baf71b14c70.tar.gz) | Updated fork of pg_backtrace | | [pg_cron](https://github.com/citusdata/pg_cron/archive/v1.6.4.tar.gz) | [1.6.4](https://github.com/citusdata/pg_cron/archive/v1.6.4.tar.gz) | Run Cron jobs through PostgreSQL | | [pg_graphql](https://github.com/supabase/pg_graphql/archive/v1.5.11.tar.gz) | [1.5.11](https://github.com/supabase/pg_graphql/archive/v1.5.11.tar.gz) | GraphQL support for PostreSQL | | [pg_hashids](https://github.com/iCyberon/pg_hashids/archive/cd0e1b31d52b394a0df64079406a14a4f7387cd6.tar.gz) | [cd0e1b31d52b394a0df64079406a14a4f7387cd6](https://github.com/iCyberon/pg_hashids/archive/cd0e1b31d52b394a0df64079406a14a4f7387cd6.tar.gz) | Generate short unique IDs in PostgreSQL | @@ -72,9 +71,9 @@ Unmodified Postgres with some useful plugins. Our goal with this repo is not to | [plpgsql-check](https://github.com/okbob/plpgsql_check/archive/v2.7.11.tar.gz) | [2.7.11](https://github.com/okbob/plpgsql_check/archive/v2.7.11.tar.gz) | Linter tool for language PL/pgSQL | | [postgis](https://download.osgeo.org/postgis/source/postgis-3.3.7.tar.gz) | [3.3.7](https://download.osgeo.org/postgis/source/postgis-3.3.7.tar.gz) | Geographic Objects for PostgreSQL | | [rum](https://github.com/postgrespro/rum/archive/1.3.14.tar.gz) | [1.3.14](https://github.com/postgrespro/rum/archive/1.3.14.tar.gz) | Full text search index method for PostgreSQL | -| [supabase-wrappers](https://github.com/supabase/wrappers/archive/v0.4.4.tar.gz) | [0.4.4](https://github.com/supabase/wrappers/archive/v0.4.4.tar.gz) | Various Foreign Data Wrappers (FDWs) for PostreSQL | +| [supabase-wrappers](https://github.com/supabase/wrappers/archive/v0.4.5.tar.gz) | [0.4.5](https://github.com/supabase/wrappers/archive/v0.4.5.tar.gz) | Various Foreign Data Wrappers (FDWs) for PostreSQL | | [supautils](https://github.com/supabase/supautils/archive/refs/tags/v2.6.0.tar.gz) | [2.6.0](https://github.com/supabase/supautils/archive/refs/tags/v2.6.0.tar.gz) | PostgreSQL extension for enhanced security | -| [vault](https://github.com/supabase/vault/archive/refs/tags/v0.2.9.tar.gz) | [0.2.9](https://github.com/supabase/vault/archive/refs/tags/v0.2.9.tar.gz) | Store encrypted secrets in PostgreSQL | +| [vault](https://github.com/supabase/vault/archive/refs/tags/v0.3.1.tar.gz) | [0.3.1](https://github.com/supabase/vault/archive/refs/tags/v0.3.1.tar.gz) | Store encrypted secrets in PostgreSQL | | [wal2json](https://github.com/eulerto/wal2json/archive/wal2json_2_6.tar.gz) | [2_6](https://github.com/eulerto/wal2json/archive/wal2json_2_6.tar.gz) | PostgreSQL JSON output plugin for changeset extraction | ### PostgreSQL orioledb-17 Extensions @@ -82,7 +81,7 @@ Unmodified Postgres with some useful plugins. Our goal with this repo is not to | ------------- | :-------------: | ------------- | | [hypopg](https://github.com/HypoPG/hypopg/archive/refs/tags/1.4.1.tar.gz) | [1.4.1](https://github.com/HypoPG/hypopg/archive/refs/tags/1.4.1.tar.gz) | Hypothetical Indexes for PostgreSQL | | [index_advisor](https://github.com/olirice/index_advisor/archive/v0.2.0.tar.gz) | [0.2.0](https://github.com/olirice/index_advisor/archive/v0.2.0.tar.gz) | Recommend indexes to improve query performance in PostgreSQL | -| [orioledb](https://github.com/orioledb/orioledb/archive/beta9.tar.gz) | [orioledb](https://github.com/orioledb/orioledb/archive/beta9.tar.gz) | orioledb | +| [orioledb](https://github.com/orioledb/orioledb/archive/beta10.tar.gz) | [orioledb](https://github.com/orioledb/orioledb/archive/beta10.tar.gz) | orioledb | | [pg-safeupdate](https://github.com/eradman/pg-safeupdate/archive/1.4.tar.gz) | [1.4](https://github.com/eradman/pg-safeupdate/archive/1.4.tar.gz) | A simple extension to PostgreSQL that requires criteria for UPDATE and DELETE | | [pg_cron](https://github.com/citusdata/pg_cron/archive/v1.6.4.tar.gz) | [1.6.4](https://github.com/citusdata/pg_cron/archive/v1.6.4.tar.gz) | Run Cron jobs through PostgreSQL | | [pg_graphql](https://github.com/supabase/pg_graphql/archive/v1.5.11.tar.gz) | [1.5.11](https://github.com/supabase/pg_graphql/archive/v1.5.11.tar.gz) | GraphQL support for PostreSQL | @@ -106,7 +105,7 @@ Unmodified Postgres with some useful plugins. Our goal with this repo is not to | [rum](https://github.com/postgrespro/rum/archive/1.3.14.tar.gz) | [1.3.14](https://github.com/postgrespro/rum/archive/1.3.14.tar.gz) | Full text search index method for PostgreSQL | | [supabase-wrappers](https://github.com/supabase/wrappers/archive/v0.4.5.tar.gz) | [0.4.5](https://github.com/supabase/wrappers/archive/v0.4.5.tar.gz) | Various Foreign Data Wrappers (FDWs) for PostreSQL | | [supautils](https://github.com/supabase/supautils/archive/refs/tags/v2.6.0.tar.gz) | [2.6.0](https://github.com/supabase/supautils/archive/refs/tags/v2.6.0.tar.gz) | PostgreSQL extension for enhanced security | -| [vault](https://github.com/supabase/vault/archive/refs/tags/v0.2.9.tar.gz) | [0.2.9](https://github.com/supabase/vault/archive/refs/tags/v0.2.9.tar.gz) | Store encrypted secrets in PostgreSQL | +| [vault](https://github.com/supabase/vault/archive/refs/tags/v0.3.1.tar.gz) | [0.3.1](https://github.com/supabase/vault/archive/refs/tags/v0.3.1.tar.gz) | Store encrypted secrets in PostgreSQL | | [wal2json](https://github.com/eulerto/wal2json/archive/wal2json_2_6.tar.gz) | [2_6](https://github.com/eulerto/wal2json/archive/wal2json_2_6.tar.gz) | PostgreSQL JSON output plugin for changeset extraction | ## Additional Goodies *This is only available for our AWS EC2* @@ -158,4 +157,4 @@ TODO: find way to automate this We are building the features of Firebase using enterprise-grade, open source products. We support existing communities wherever possible, and if the products don’t exist we build them and open source them ourselves. -[![New Sponsor](https://user-images.githubusercontent.com/10214025/90518111-e74bbb00-e198-11ea-8f88-c9e3c1aa4b5b.png)](https://github.com/sponsors/supabase) +[![New Sponsor](https://user-images.githubusercontent.com/10214025/90518111-e74bbb00-e198-11ea-8f88-c9e3c1aa4b5b.png)](https://github.com/sponsors/supabase) \ No newline at end of file diff --git a/amazon-arm64-nix.pkr.hcl b/amazon-arm64-nix.pkr.hcl index e460dfc72..f625ac4af 100644 --- a/amazon-arm64-nix.pkr.hcl +++ b/amazon-arm64-nix.pkr.hcl @@ -1,6 +1,6 @@ variable "ami" { type = string - default = "ubuntu/images/hvm-ssd/ubuntu-focal-20.04-arm64-server-*" + default = "ubuntu/images/hvm-ssd-gp3/ubuntu-noble-24.04-arm64-server-*" } variable "profile" { @@ -115,7 +115,7 @@ source "amazon-ebssurrogate" "source" { #secret_key = "${var.aws_secret_key}" force_deregister = var.force-deregister - # Use latest official ubuntu focal ami owned by Canonical. + # Use latest official ubuntu noble ami owned by Canonical. source_ami_filter { filters = { virtualization-type = "hvm" diff --git a/ansible/files/permission_check.py b/ansible/files/permission_check.py index c4f73aa4e..b22a53bfb 100644 --- a/ansible/files/permission_check.py +++ b/ansible/files/permission_check.py @@ -40,7 +40,6 @@ "backup": [{"groupname": "backup", "username": "backup"}], "list": [{"groupname": "list", "username": "list"}], "irc": [{"groupname": "irc", "username": "irc"}], - "gnats": [{"groupname": "gnats", "username": "gnats"}], "nobody": [{"groupname": "nogroup", "username": "nobody"}], "systemd-network": [ {"groupname": "systemd-network", "username": "systemd-network"} @@ -91,9 +90,6 @@ ], "postgrest": [{"groupname": "postgrest", "username": "postgrest"}], "tcpdump": [{"groupname": "tcpdump", "username": "tcpdump"}], - "systemd-coredump": [ - {"groupname": "systemd-coredump", "username": "systemd-coredump"} - ], } @@ -152,6 +148,7 @@ def check_nixbld_users(): print("All nixbld users are in the 'nixbld' group.") +usernames = ["postgres", "ubuntu", "root", "daemon", "bin", "sys", "sync", "games","man","lp","mail","news","uucp","proxy","www-data","backup","list","irc","nobody","systemd-network","systemd-resolve","systemd-timesync","messagebus","ec2-instance-connect","sshd","wal-g","pgbouncer","gotrue","envoy","kong","nginx","vector","adminapi","postgrest","tcpdump"] def main(): parser = argparse.ArgumentParser( @@ -187,7 +184,6 @@ def main(): "backup", "list", "irc", - "gnats", "nobody", "systemd-network", "systemd-resolve", @@ -204,7 +200,6 @@ def main(): "adminapi", "postgrest", "tcpdump", - "systemd-coredump", ] if not qemu_artifact: usernames.append("ec2-instance-connect") diff --git a/ansible/tasks/setup-postgres.yml b/ansible/tasks/setup-postgres.yml index a1b7e6c7f..2fe302488 100644 --- a/ansible/tasks/setup-postgres.yml +++ b/ansible/tasks/setup-postgres.yml @@ -23,7 +23,7 @@ - name: Postgres - install server apt: - name: postgresql-{{ postgresql_major }}={{ postgresql_release }}-1.pgdg20.04+1 + name: postgresql-{{ postgresql_major }}={{ postgresql_release }}-1.pgdg24.04+1 install_recommends: no when: debpkg_mode diff --git a/ansible/tasks/setup-postgrest.yml b/ansible/tasks/setup-postgrest.yml index a98d1990f..279c72ec5 100644 --- a/ansible/tasks/setup-postgrest.yml +++ b/ansible/tasks/setup-postgrest.yml @@ -8,7 +8,7 @@ - name: PostgREST - add Postgres PPA apt_repository: - repo: "deb http://apt.postgresql.org/pub/repos/apt/ focal-pgdg {{ postgresql_major }}" + repo: "deb http://apt.postgresql.org/pub/repos/apt/ noble-pgdg {{ postgresql_major }}" state: present - name: PostgREST - update apt cache @@ -30,7 +30,7 @@ - name: PostgREST - remove Postgres PPA apt_repository: - repo: "deb http://apt.postgresql.org/pub/repos/apt/ focal-pgdg {{ postgresql_major }}" + repo: "deb http://apt.postgresql.org/pub/repos/apt/ noble-pgdg {{ postgresql_major }}" state: absent - name: postgis - ensure dependencies do not get autoremoved diff --git a/ansible/tasks/setup-wal-g.yml b/ansible/tasks/setup-wal-g.yml index a05106ede..fa8b6b09c 100644 --- a/ansible/tasks/setup-wal-g.yml +++ b/ansible/tasks/setup-wal-g.yml @@ -58,7 +58,6 @@ owner: wal-g group: wal-g mode: '0664' - when: stage2_nix - name: Move custom wal-g.conf file to /etc/postgresql-custom/wal-g.conf template: @@ -67,7 +66,6 @@ mode: 0664 owner: postgres group: postgres - when: stage2_nix - name: Add script to be run for restore_command template: @@ -76,7 +74,6 @@ mode: 0500 owner: postgres group: postgres - when: stage2_nix - name: Add helper script for wal_fetch.sh template: @@ -84,7 +81,6 @@ dest: /root/wal_change_ownership.sh mode: 0700 owner: root - when: stage2_nix - name: Include /etc/postgresql-custom/wal-g.conf in postgresql.conf become: yes diff --git a/ansible/vars.yml b/ansible/vars.yml index 6454ddf3e..8e4375365 100644 --- a/ansible/vars.yml +++ b/ansible/vars.yml @@ -9,9 +9,9 @@ postgres_major: # Full version strings for each major version postgres_release: - postgresorioledb-17: "17.0.1.062-orioledb" - postgres17: "17.4.1.012" - postgres15: "15.8.1.069" + postgresorioledb-17: "17.0.1.58-orioledb-noble-2" + postgres17: "17.4.1.008-noble-2" + postgres15: "15.8.1.065-noble-2" # Non Postgres Extensions pgbouncer_release: "1.19.0" @@ -31,16 +31,16 @@ aws_cli_release: "2.23.11" salt_minion_version: 3007 -golang_version: "1.19.3" +golang_version: "1.22.11" golang_version_checksum: - arm64: sha256:99de2fe112a52ab748fb175edea64b313a0c8d51d6157dba683a6be163fd5eab - amd64: sha256:74b9640724fd4e6bb0ed2a1bc44ae813a03f1e72a4c76253e2d5c015494430ba + arm64: sha256:9ebfcab26801fa4cf0627c6439db7a4da4d3c6766142a3dd83508240e4f21031 + amd64: sha256:0fc88d966d33896384fbde56e9a8d80a305dc17a9f48f1832e061724b1719991 envoy_release: 1.28.0 envoy_release_checksum: sha1:b0a06e9cfb170f1993f369beaa5aa9d7ec679ce5 envoy_hot_restarter_release_checksum: sha1:6d43b89d266fb2427a4b51756b649883b0617eda -kong_release_target: focal # if it works, it works +kong_release_target: focal kong_deb: kong_2.8.1_arm64.deb kong_deb_checksum: sha1:2086f6ccf8454fe64435252fea4d29d736d7ec61 diff --git a/docker/Dockerfile b/docker/Dockerfile index 116377b5d..53a96029e 100644 --- a/docker/Dockerfile +++ b/docker/Dockerfile @@ -1,8 +1,8 @@ -ARG ubuntu_release=focal +ARG ubuntu_release=noble FROM ubuntu:${ubuntu_release} as base ARG ubuntu_release=flocal -ARG ubuntu_release_no=20.04 +ARG ubuntu_release_no=24.04 ARG postgresql_major=15 ARG postgresql_release=${postgresql_major}.1 diff --git a/ebssurrogate/files/sources-arm64.cfg b/ebssurrogate/files/sources-arm64.cfg index a2363773e..eed6c0f16 100644 --- a/ebssurrogate/files/sources-arm64.cfg +++ b/ebssurrogate/files/sources-arm64.cfg @@ -1,10 +1,10 @@ -deb http://REGION.clouds.ports.ubuntu.com/ubuntu-ports/ focal main restricted -deb http://REGION.clouds.ports.ubuntu.com/ubuntu-ports/ focal-updates main restricted -deb http://REGION.clouds.ports.ubuntu.com/ubuntu-ports/ focal universe -deb http://REGION.clouds.ports.ubuntu.com/ubuntu-ports/ focal-updates universe -deb http://REGION.clouds.ports.ubuntu.com/ubuntu-ports/ focal multiverse -deb http://REGION.clouds.ports.ubuntu.com/ubuntu-ports/ focal-updates multiverse -deb http://REGION.clouds.ports.ubuntu.com/ubuntu-ports/ focal-backports main restricted universe multiverse -deb http://ports.ubuntu.com/ubuntu-ports focal-security main restricted -deb http://ports.ubuntu.com/ubuntu-ports focal-security universe -deb http://ports.ubuntu.com/ubuntu-ports focal-security multiverse +deb http://REGION.clouds.ports.ubuntu.com/ubuntu-ports/ noble main restricted +deb http://REGION.clouds.ports.ubuntu.com/ubuntu-ports/ noble-updates main restricted +deb http://REGION.clouds.ports.ubuntu.com/ubuntu-ports/ noble universe +deb http://REGION.clouds.ports.ubuntu.com/ubuntu-ports/ noble-updates universe +deb http://REGION.clouds.ports.ubuntu.com/ubuntu-ports/ noble multiverse +deb http://REGION.clouds.ports.ubuntu.com/ubuntu-ports/ noble-updates multiverse +deb http://REGION.clouds.ports.ubuntu.com/ubuntu-ports/ noble-backports main restricted universe multiverse +deb http://ports.ubuntu.com/ubuntu-ports noble-security main restricted +deb http://ports.ubuntu.com/ubuntu-ports noble-security universe +deb http://ports.ubuntu.com/ubuntu-ports noble-security multiverse diff --git a/ebssurrogate/files/sources.cfg b/ebssurrogate/files/sources.cfg index ec3011807..a27be052f 100644 --- a/ebssurrogate/files/sources.cfg +++ b/ebssurrogate/files/sources.cfg @@ -1,10 +1,10 @@ -deb http://REGION.ec2.archive.ubuntu.com/ubuntu/ focal main restricted -deb http://REGION.ec2.archive.ubuntu.com/ubuntu/ focal-updates main restricted -deb http://REGION.ec2.archive.ubuntu.com/ubuntu/ focal universe -deb http://REGION.ec2.archive.ubuntu.com/ubuntu/ focal-updates universe -deb http://REGION.ec2.archive.ubuntu.com/ubuntu/ focal multiverse -deb http://REGION.ec2.archive.ubuntu.com/ubuntu/ focal-updates multiverse -deb http://REGION.ec2.archive.ubuntu.com/ubuntu/ focal-backports main restricted universe multiverse -deb http://security.ubuntu.com/ubuntu focal-security main restricted -deb http://security.ubuntu.com/ubuntu focal-security universe -deb http://security.ubuntu.com/ubuntu focal-security multiverse +deb http://REGION.ec2.archive.ubuntu.com/ubuntu/ noble main restricted +deb http://REGION.ec2.archive.ubuntu.com/ubuntu/ noble-updates main restricted +deb http://REGION.ec2.archive.ubuntu.com/ubuntu/ noble universe +deb http://REGION.ec2.archive.ubuntu.com/ubuntu/ noble-updates universe +deb http://REGION.ec2.archive.ubuntu.com/ubuntu/ noble multiverse +deb http://REGION.ec2.archive.ubuntu.com/ubuntu/ noble-updates multiverse +deb http://REGION.ec2.archive.ubuntu.com/ubuntu/ noble-backports main restricted universe multiverse +deb http://security.ubuntu.com/ubuntu noble-security main restricted +deb http://security.ubuntu.com/ubuntu noble-security universe +deb http://security.ubuntu.com/ubuntu noble-security multiverse diff --git a/ebssurrogate/scripts/chroot-bootstrap-nix.sh b/ebssurrogate/scripts/chroot-bootstrap-nix.sh index cda6bd2aa..13a101915 100755 --- a/ebssurrogate/scripts/chroot-bootstrap-nix.sh +++ b/ebssurrogate/scripts/chroot-bootstrap-nix.sh @@ -58,7 +58,7 @@ function update_install_packages { apt-get upgrade -y # Install OpenSSH and other packages - sudo add-apt-repository universe + sudo add-apt-repository --yes universe apt-get update apt-get install -y --no-install-recommends \ openssh-server \ @@ -157,10 +157,19 @@ function disable_fsck { # Don't request hostname during boot but set hostname function setup_hostname { - sed -i 's/gethostname()/ubuntu /g' /etc/dhcp/dhclient.conf - sed -i 's/host-name,//g' /etc/dhcp/dhclient.conf + # Set the static hostname echo "ubuntu" > /etc/hostname chmod 644 /etc/hostname + # Update netplan configuration to not send hostname + cat << EOF > /etc/netplan/01-hostname.yaml +network: + version: 2 + ethernets: + eth0: + dhcp4: true + dhcp4-overrides: + send-hostname: false +EOF } # Set options for the default interface diff --git a/ebssurrogate/scripts/surrogate-bootstrap-nix.sh b/ebssurrogate/scripts/surrogate-bootstrap-nix.sh index 39b8f4e82..965b1e07b 100755 --- a/ebssurrogate/scripts/surrogate-bootstrap-nix.sh +++ b/ebssurrogate/scripts/surrogate-bootstrap-nix.sh @@ -148,7 +148,7 @@ EOF } function setup_chroot_environment { - UBUNTU_VERSION=$(lsb_release -cs) # 'focal' for Ubuntu 20.04 + UBUNTU_VERSION=$(lsb_release -cs) # 'noble' for Ubuntu 24.04 # Bootstrap Ubuntu into /mnt debootstrap --arch ${ARCH} --variant=minbase "$UBUNTU_VERSION" /mnt diff --git a/nix/tools/update_readme.nu b/nix/tools/update_readme.nu index bfb46ab0a..b19c266a3 100755 --- a/nix/tools/update_readme.nu +++ b/nix/tools/update_readme.nu @@ -153,7 +153,7 @@ def update_readme [] { # Update Primary Features section let features_content = [ ($pg_versions | each {|version| create_version_link $version} | str join "\n") - "- ✅ Ubuntu 20.04 (Focal Fossa)." + "- ✅ Ubuntu 24.04 (Noble Numbat)." "- ✅ [wal_level](https://www.postgresql.org/docs/current/runtime-config-wal.html) = logical and [max_replication_slots](https://www.postgresql.org/docs/current/runtime-config-replication.html) = 5. Ready for replication." "- ✅ [Large Systems Extensions](https://github.com/aws/aws-graviton-getting-started#building-for-graviton-and-graviton2). Enabled for ARM images." ] diff --git a/scripts/90-cleanup.sh b/scripts/90-cleanup.sh index f2e19686d..644e5f7f6 100644 --- a/scripts/90-cleanup.sh +++ b/scripts/90-cleanup.sh @@ -24,10 +24,8 @@ elif [ -n "$(command -v apt-get)" ]; then autoconf \ autotools-dev \ cmake-data \ - cpp-8 \ cpp-9 \ cpp-10 \ - gcc-8 \ gcc-9 \ gcc-10 \ git \ @@ -36,14 +34,12 @@ elif [ -n "$(command -v apt-get)" ]; then libicu-dev \ libcgal-dev \ libgcc-9-dev \ - libgcc-8-dev \ ansible add-apt-repository --yes --remove ppa:ansible/ansible source /etc/os-release - apt-get -y remove --purge linux-headers-5.11.0-1021-aws - + apt-get -y update apt-get -y upgrade apt-get -y autoremove diff --git a/scripts/99-img_check.sh b/scripts/99-img_check.sh index 00b547641..ac958a5fc 100755 --- a/scripts/99-img_check.sh +++ b/scripts/99-img_check.sh @@ -569,7 +569,7 @@ osv=0 if [[ $OS == "Ubuntu" ]]; then ost=1 - if [[ $VER == "20.04" ]]; then + if [[ $VER == "24.04" ]]; then osv=1 elif [[ $VER == "18.04" ]]; then osv=1 diff --git a/testinfra/README.md b/testinfra/README.md index 977043c3b..6ecdeadb5 100644 --- a/testinfra/README.md +++ b/testinfra/README.md @@ -32,8 +32,8 @@ for layer in /tmp/extensions/*/layer.tar; do tar xvf "$layer" -C ansible/files/extensions --strip-components 1 done docker buildx build \ - --build-arg ubuntu_release=focal \ - --build-arg ubuntu_release_no=20.04 \ + --build-arg ubuntu_release=noble \ + --build-arg ubuntu_release_no=24.04 \ --build-arg postgresql_major=15 \ --build-arg postgresql_release=15.1 \ --build-arg CPPFLAGS=-mcpu=neoverse-n1 \ diff --git a/testinfra/test_ami_nix.py b/testinfra/test_ami_nix.py index 4d354fac3..c0d79c9d9 100644 --- a/testinfra/test_ami_nix.py +++ b/testinfra/test_ami_nix.py @@ -246,6 +246,9 @@ def gzip_then_base64_encode(s: str) -> str: )[0] instance.wait_until_running() + # Increase wait time before starting health checks + sleep(30) # Wait for 30 seconds to allow services to start + ec2logger = EC2InstanceConnectLogger(debug=False) temp_key = EC2InstanceConnectKey(ec2logger.get_logger()) ec2ic = boto3.client("ec2-instance-connect", region_name="ap-southeast-1") @@ -292,6 +295,36 @@ def get_ssh_connection(instance_ip, ssh_identity_file, max_retries=10): ) def is_healthy(host, instance_ip, ssh_identity_file) -> bool: + postgres_diagnostics = [ + "sudo tail -n 50 /var/log/postgresql/postgresql-*.log", # Get recent PostgreSQL logs + "sudo -u postgres /usr/bin/pg_isready -U postgres -v", # Verbose pg_isready + "sudo systemctl status postgresql", # Get service status + "sudo journalctl -u postgresql --no-pager -n 50", # Get journal logs + "ps aux | grep postgres", # Check running processes + "sudo ls -la /var/lib/postgresql/*/main/", # Check data directory permissions + "sudo cat /var/lib/postgresql/*/main/postmaster.pid", # Check if PID file exists + "sudo -u postgres psql -c 'SELECT version();' || true" # Try to connect and get version + ] + + logger.warning("Running PostgreSQL diagnostic checks...") + for check in postgres_diagnostics: + try: + result = host.run(check) + logger.warning(f"\n=== {check} ===\nReturn code: {result.rc}\nOutput:\n{result.stdout}\nErrors:\n{result.stderr}") + except Exception as e: + logger.warning(f"Failed to run {check}: {str(e)}") + status_checks = [ + "dpkg -l | grep postgresql", + "systemctl status postgresql", + "ls -la /var/lib/postgresql", + "ps aux | grep postgres" + ] + + for check in status_checks: + result = host.run(check) + logger.warning(f"{check} output: {result.stdout}") + + health_checks = [ ( "postgres", diff --git a/tests/pg_upgrade/debug.sh b/tests/pg_upgrade/debug.sh index b05d8941d..50fb9facc 100755 --- a/tests/pg_upgrade/debug.sh +++ b/tests/pg_upgrade/debug.sh @@ -24,7 +24,7 @@ if [ ! -f "$LATEST_VERSION_SCRIPTS" ]; then fi if [ ! -f "$LATEST_VERSION_BIN" ]; then - aws s3 cp "s3://${ARTIFACTS_BUCKET_NAME}/upgrades/postgres/supabase-postgres-${LATEST_PG_VERSION}/20.04.tar.gz" "$LATEST_VERSION_BIN" + aws s3 cp "s3://${ARTIFACTS_BUCKET_NAME}/upgrades/postgres/supabase-postgres-${LATEST_PG_VERSION}/24.04.tar.gz" "$LATEST_VERSION_BIN" fi rm -rf scripts/pg_upgrade_scripts