Add Postgres 12

- New default tag.
- Update upstream entrypoint location, changed in docker-library/postgres#260.
- Build only once in tests.
- Redefine `CMD` as needed now since moby/moby#5147.

Author: yajo

.travis.yml

@@ -32,12 +32,13 @@ stages:
 
 env:
   global:
-    - LATEST_RELEASE=11-alpine
+    - LATEST_RELEASE=12-alpine
     - DOCKER_REPO=tecnativa/postgres-autoconf
   jobs:
     - DOCKER_TAG=9.6-alpine
     - DOCKER_TAG=10-alpine
     - DOCKER_TAG=11-alpine
+    - DOCKER_TAG=12-alpine
 
 jobs:
   include:

Dockerfile

@@ -1,6 +1,7 @@
 ARG BASE_TAG
 FROM docker.io/postgres:${BASE_TAG}
-ENTRYPOINT [ "/autoconf-entrypoint" ]
+ENTRYPOINT ["/usr/local/bin/autoconf-entrypoint", "/usr/local/bin/docker-entrypoint.sh"]
+CMD ["postgres"]
 ENV CERTS="{}" \
     CONF_EXTRA="" \
     LAN_AUTH_METHOD=md5 \
@@ -25,7 +26,9 @@ RUN apk add --no-cache -t .build \
     && pip3 install --no-cache-dir \
         netifaces \
     && apk del .build
-COPY autoconf-entrypoint /
+# Deprecated location
+RUN ln -s /usr/local/bin/autoconf-entrypoint /
+COPY autoconf-entrypoint /usr/local/bin/
 
 # Metadata
 ARG VCS_REF

autoconf-entrypoint

@@ -128,7 +128,4 @@ permissions_fix(HBA_FILE)
 
 # Continue normal execution
 args = sys.argv[1:]
-if not args or args[0] == "postgres" or args[0].startswith("-"):
-    # Need to go through parent image entrypoint, and hardcode conf file
-    args = ["/docker-entrypoint.sh", *args, "-cconfig_file={}".format(CONF_FILE)]
 os.execvp(args[0], args)

tests/test.py

@@ -12,35 +12,44 @@
 local.cwd.chdir(os.path.dirname(__file__))
 certgen = local["./certgen"]
 
+# Helpers
+CONF_EXTRA = """-eCONF_EXTRA=
+log_connections = on
+log_min_messages = log
+"""
+
 
 class PostgresAutoconfCase(unittest.TestCase):
     """Test behavior for this docker image"""
 
-    def setUp(self):
+    @classmethod
+    def setUpClass(cls):
         with local.cwd(local.cwd / ".."):
             print("Building image")
             local["./hooks/build"] & FG
+        cls.image = "tecnativa/postgres-autoconf:{}".format(local.env["DOCKER_TAG"])
+        cls.cert_files = {"client.ca.cert.pem", "server.cert.pem", "server.key.pem"}
+        return super().setUpClass()
+
+    def setUp(self):
         docker("network", "create", "lan")
         docker("network", "create", "wan")
-        self.version = os.environ["DOCKER_TAG"]
-        self.image = ("tecnativa/postgres-autoconf:{}".format(self.version),)
-        self.cert_files = {"client.ca.cert.pem", "server.cert.pem", "server.key.pem"}
         return super().setUp()
 
     def tearDown(self):
         try:
             print("Postgres container logs:")
             docker["container", "logs", self.postgres_container] & FG
-            docker["container", "stop", self.postgres_container] & FG
-            docker["container", "rm", self.postgres_container] & FG
+            docker("container", "stop", self.postgres_container)
+            docker("container", "rm", self.postgres_container)
         except AttributeError:
             pass  # No postgres daemon
         docker("network", "rm", "lan", "wan")
         return super().tearDown()
 
     def _generate_certs(self):
         """Generate certificates for testing the image."""
-        certgen("example.com", "test_user")
+        certgen("example.localdomain", "test_user")
 
     def _check_local_connection(self):
         """Check that local connection works fine."""
@@ -105,7 +114,7 @@ def _check_password_auth(self, host=None):
             ),
         )
 
-    def _connect_wan_network(self, alias="example.com"):
+    def _connect_wan_network(self, alias="example.localdomain"):
         """Bind a new network, to imitate WAN connections."""
         docker("network", "connect", "--alias", alias, "wan", self.postgres_container)
 
@@ -131,12 +140,13 @@ def _check_cert_auth(self):
                 "PGSSLROOTCERT=/certs/server.ca.cert.pem",
                 "-e",
                 "PGUSER=test_user",
+                CONF_EXTRA,
                 "-v",
                 "{}:/certs".format(local.cwd),
                 self.image,
                 "psql",
                 "--host",
-                "example.com",
+                "example.localdomain",
                 "--command",
                 "SELECT 1",
                 "--no-align",
@@ -164,6 +174,7 @@ def test_server_certs_var(self):
                     "POSTGRES_PASSWORD=test_password",
                     "-e",
                     "POSTGRES_USER=test_user",
+                    CONF_EXTRA,
                     self.image,
                 ).strip()
                 self._check_local_connection()
@@ -196,6 +207,7 @@ def test_server_certs_mount(self):
                     "POSTGRES_PASSWORD=test_password",
                     "-e",
                     "POSTGRES_USER=test_user",
+                    CONF_EXTRA,
                     *cert_vols,
                     self.image,
                 ).strip()
@@ -218,13 +230,14 @@ def test_no_certs_lan(self):
             "POSTGRES_PASSWORD=test_password",
             "-e",
             "POSTGRES_USER=test_user",
+            CONF_EXTRA,
             self.image,
         ).strip()
         self._check_local_connection()
         self._check_password_auth()
         self._connect_wan_network()
         with self.assertRaises(ProcessExecutionError):
-            self._check_password_auth("example.com")
+            self._check_password_auth("example.localdomain")
 
     def test_no_certs_wan(self):
         """Unencrypted WAN access works (although this is dangerous)."""
@@ -244,13 +257,14 @@ def test_no_certs_wan(self):
             "WAN_AUTH_METHOD=md5",
             "-e",
             "WAN_CONNECTION=host",
+            CONF_EXTRA,
             self.image,
         ).strip()
         self._check_local_connection()
         self._check_password_auth()
         self._connect_wan_network()
         with self.assertRaises(ProcessExecutionError):
-            self._check_password_auth("example.com")
+            self._check_password_auth("example.localdomain")
 
     def test_certs_falsy_lan(self):
         """Configuration with falsy values for certs works fine."""
@@ -267,6 +281,7 @@ def test_certs_falsy_lan(self):
             "-e",
             "POSTGRES_USER=test_user",
             "-e",
+            CONF_EXTRA,
             "CERTS={}".format(
                 json.dumps(
                     {
@@ -282,7 +297,7 @@ def test_certs_falsy_lan(self):
         self._check_password_auth()
         self._connect_wan_network()
         with self.assertRaises(ProcessExecutionError):
-            self._check_password_auth("example.com")
+            self._check_password_auth("example.localdomain")
 
 
 if __name__ == "__main__":