Netcracker · borislavr · Oct 23, 2025
diff --git a/.github/workflows/build-custom.yaml b/.github/workflows/build-custom.yaml
@@ -0,0 +1,93 @@
+name: Build Artifacts with custom patches
+run-name: "PG ${{ inputs.postgres_version || github.event.client_payload.postgres_version }}. Custom PG ${{ inputs.custom_postgres_version || github.event.client_payload.custom_postgres_version }}"
+on:
+  repository_dispatch:
+    types: [pg-patched-build]
+  workflow_dispatch:
+    inputs:
+      postgres_version:
+        description: "PostgreSQL version to build (15, 16, 17)"
+        type: choice
+        options:
+          - "15"
+          - "16"
+          - "17"
+        default: "17"
+        required: false
+      custom_postgres_version:
+        description: "Custom PostgreSQL version label (e.g. 17.3-1)"
+        type: string
+        default: "17.6-2"
+        required: false
+      patched_release:
+        description: "Patched release identifier (e.g. 17.3-1)"
+        type: string
+        default: "17.6-2"
+        required: false
+      publish_docker:
+        description: "Publish image to ghcr.io/github.repository_owner/pgskipper-patroni"
+        type: boolean
+        default: true
+        required: false
+
+jobs:
+  multiplatform_build:
+    permissions:
+      contents: read
+      packages: write
+    strategy:
+      fail-fast: false
+      matrix:
+        targetarch:
+          - arm64
+          - amd64
+
+    runs-on: ubuntu-24.04
+    steps:
+      - name: Validate
+        run: |
+          if [[ "${{ github.event_name }}" == "workflow_dispatch" && "${{ github.ref }}" == refs/tags* ]]; then
+            echo -e "\033[91mManual workflow run on tags is not allowed!\033[0m"
+            exit 1
+          fi
+          if [[ "${{ github.event_name }}" == "workflow_dispatch" ]]; then
+            echo "PG_VERSION=${{ inputs.postgres_version }}" >> $GITHUB_ENV
+            echo "CUSTOM_PG_VERSION=${{ inputs.custom_postgres_version }}" >> $GITHUB_ENV
+            echo "PUSH=${{ inputs.publish_docker }}" >> $GITHUB_ENV
+            echo "TAG_NAME=custom-patches-${{ inputs.postgres_version }}-${{ inputs.patched_release }}" >> $GITHUB_ENV
+            echo "PATCHED_RELEASE=${{ inputs.patched_release }}" >> $GITHUB_ENV
+          else
+            echo "PG_VERSION=${{ github.event.client_payload.postgres_version }}" >> $GITHUB_ENV
+            echo "CUSTOM_PG_VERSION=${{ github.event.client_payload.custom_postgres_version }}" >> $GITHUB_ENV
+            echo "PUSH=true" >> $GITHUB_ENV
+            echo "TAG_NAME=custom-patches-${{ github.event.client_payload.postgres_version }}-${{ github.event.client_payload.patched_release }}" >> $GITHUB_ENV
+            echo "PATCHED_RELEASE=${{ github.event.client_payload.patched_release }}" >> $GITHUB_ENV
+          fi
+
+      - name: Checkout
+        uses: actions/checkout@v4
+      - name: Set up QEMU
+        uses: docker/setup-qemu-action@v3
+      - name: Set up Docker Buildx
+        uses: docker/setup-buildx-action@v3
+      - name: Login to Docker Hub
+        uses: docker/login-action@v3
+        with:
+          registry: ghcr.io
+          username: ${GITHUB_ACTOR}
+          password: ${{secrets.GITHUB_TOKEN}}
+      - name: Build and push
+        uses: docker/build-push-action@v6
+        with:
+          no-cache: true
+          context: '.'
+          file: Dockerfile-multi-custom
+          build-args: |
+            PG_VERSION=${{ env.PG_VERSION }}
+            CUSTOM_PG_VERSION=${{ env.CUSTOM_PG_VERSION }}
+            PATCHED_RELEASE=${{ env.PATCHED_RELEASE}}
+            TARGETARCH=${{ matrix.targetarch }}
+          platforms: linux/${{ matrix.targetarch }}
+          push: ${{ env.PUSH }}
+          tags: ghcr.io/${{ github.repository_owner }}/pgskipper-patroni-${{ env.PG_VERSION }}:${{ env.TAG_NAME }}
+          provenance: false
diff --git a/Dockerfile-multi-custom b/Dockerfile-multi-custom
@@ -0,0 +1,196 @@
+# Этап 1: Сборка (builder) — установка dev-пакетов, компиляция расширений
+FROM ubuntu:22.04 AS builder
+
+ARG PG_VERSION=15
+ENV PG_VERSION=$PG_VERSION
+ENV POSTGRESQL_VERSION=$PG_VERSION
+
+# Установка зависимостей для сборки
+RUN apt-get update && \
+    apt-get install -y --no-install-recommends \
+        gcc-12 cpp-12 gcc-12-base libgcc-12-dev libstdc++6 libgcc-s1 libnsl2 \
+        gnupg wget curl python3.11 python3-pip python3-dev libpq-dev cython3 \
+        build-essential libssl-dev libxml2-dev liblz4-dev libzstd-dev libbz2-dev \
+        libyaml-dev meson ninja-build pkg-config git && \
+    wget -qO - https://www.postgresql.org/media/keys/ACCC4CF8.asc | apt-key add - && \
+    apt-key adv --keyserver keyserver.ubuntu.com --recv-keys 7FCC7D46ACCC4CF8 && \
+    echo "deb [trusted=yes] http://apt.postgresql.org/pub/repos/apt jammy-pgdg main" >> /etc/apt/sources.list.d/pgdg.list && \
+    apt-get update && \
+    apt-get clean && rm -rf /var/lib/apt/lists/*
+
+# Установка PostgreSQL и расширений
+RUN apt-get update && \
+    apt-get install -y --no-install-recommends \
+        postgresql-server-dev-$PG_VERSION && \
+    apt-get clean && rm -rf /var/lib/apt/lists/*
+
+# Установка pgBackRest из исходников
+RUN cd /tmp && \
+    wget https://github.com/pgbackrest/pgbackrest/archive/release/2.55.1.tar.gz && \
+    tar -xzf 2.55.1.tar.gz && \
+    cd pgbackrest-release-2.55.1 && \
+    meson setup build && \
+    ninja -C build && \
+    ninja -C build install && \
+    cd / && rm -rf /tmp/pgbackrest-release-2.55.1 /tmp/2.55.1.tar.gz
+
+# Установка pg_profile
+RUN wget https://github.com/zubkov-andrei/pg_profile/releases/download/4.8/pg_profile--4.8.tar.gz && \
+    mkdir -p $(pg_config --sharedir)/extension && \
+    tar -xzf pg_profile--4.8.tar.gz --directory $(pg_config --sharedir)/extension && \
+    rm -rf pg_profile--4.8.tar.gz
+
+# Установка pgsentinel и pg_dbms_stats
+RUN git clone https://github.com/pgsentinel/pgsentinel.git && \
+    cd pgsentinel && \
+    git checkout 0218c2147daab0d2dbbf08433cb480163d321839 && \
+    cd src && make install && \
+    cd ../.. && git clone --depth 1 --branch REL14_0 https://github.com/ossc-db/pg_dbms_stats.git && \
+    cd pg_dbms_stats && sed -i 's/$(MAJORVERSION)/14/g' Makefile && \
+    make install && \
+    cd .. && rm -rf pgsentinel pg_dbms_stats
+
+# # Установка Python-зависимостей
+# COPY scripts/pip.conf /root/.pip/pip.conf
+# RUN python3 -m pip install -U setuptools==78.1.1 wheel==0.38.0 && \
+#     python3 -m pip install psutil patroni[kubernetes,etcd]==3.3.5 psycopg2-binary==2.9.5 requests python-dateutil urllib3 six prettytable --no-cache && \
+#     rm -rf /root/.cache/pip
+
+# Этап 2: Runtime — минимальный образ
+FROM ubuntu:22.04
+
+ARG PG_VERSION=15
+ARG TARGETARCH
+ENV POD_IDENTITY="node1" \
+    PATRONI_TTL=60 \
+    PATRONI_LOOP_WAIT=10 \
+    PATRONI_RETRY_TIMEOUT=40 \
+    PATRONI_MAXIMUM_LAG_ON_FAILOVER=1048576 \
+    PATRONI_SYNCHRONOUS_MODE="false" \
+    PG_CLUST_NAME="common" \
+    PG_MAX_CONNECTIONS=200 \
+    PG_CONF_MAX_PREPARED_TRANSACTIONS=200 \
+    PATRONICTL_CONFIG_FILE="/patroni/pg_node.yml" \
+    PG_BIN_DIR="/usr/lib/postgresql/$PG_VERSION/bin/" \
+    POSTGRESQL_VERSION=$PG_VERSION \
+    LC_ALL=en_US.UTF-8 \
+    LANG=en_US.UTF-8 \
+    EDITOR=/usr/bin/vi \
+    PATH="/usr/lib/postgresql/$PG_VERSION/bin/:${PATH}"
+
+# Установка runtime-зависимостей
+ARG DEBIAN_FRONTEND=noninteractive
+RUN apt-get update && \
+    apt-get install -y gnupg wget && \
+    echo "deb [trusted=yes] http://apt.postgresql.org/pub/repos/apt jammy-pgdg main" >> /etc/apt/sources.list.d/pgdg.list && \
+    wget -qO - https://www.postgresql.org/media/keys/ACCC4CF8.asc | apt-key add - && \
+    apt-key adv --keyserver keyserver.ubuntu.com --recv-keys 7FCC7D46ACCC4CF8
+RUN apt-get update && \
+    apt-get install -y --no-install-recommends \
+        gnupg wget curl python3.11 python3-pip python3-dev libpq-dev cython3 \
+        hostname gettext jq vim \
+        ldap-utils libldap-2.5-0 libsasl2-modules-gssapi-mit libldap-common \
+        alien vmtouch openssh-server libaom3=3.3.0-1ubuntu0.1
+# Настройка пользователя и группы
+RUN groupmod -n postgres tape && \
+    adduser --uid 26 --gid 26 postgres
+
+ARG DEBIAN_FRONTEND=noninteractive
+ARG CUSTOM_PG_VERSION=17.6-2
+ARG PATCHED_RELEASE=17.6-2
+ARG CUSTOM_PG_URL=https://github.com/testpatchesorg/postgres-patches/releases/download/${PATCHED_RELEASE}
+RUN mkdir -p ./pgdebs && cd ./pgdebs && \
+    wget ${CUSTOM_PG_URL}/libecpg-compat3_${CUSTOM_PG_VERSION}_${TARGETARCH}.deb \
+    ${CUSTOM_PG_URL}/libecpg-dev_${CUSTOM_PG_VERSION}_${TARGETARCH}.deb \
+    ${CUSTOM_PG_URL}/libecpg6_${CUSTOM_PG_VERSION}_${TARGETARCH}.deb \
+    ${CUSTOM_PG_URL}/libpgtypes3_${CUSTOM_PG_VERSION}_${TARGETARCH}.deb \
+    ${CUSTOM_PG_URL}/libpq-dev_${CUSTOM_PG_VERSION}_${TARGETARCH}.deb \
+    ${CUSTOM_PG_URL}/libpq5_${CUSTOM_PG_VERSION}_${TARGETARCH}.deb \
+    ${CUSTOM_PG_URL}/postgresql-${PG_VERSION}_${CUSTOM_PG_VERSION}_${TARGETARCH}.deb \
+    ${CUSTOM_PG_URL}/postgresql-client-${PG_VERSION}_${CUSTOM_PG_VERSION}_${TARGETARCH}.deb \
+    ${CUSTOM_PG_URL}/postgresql-plperl-${PG_VERSION}_${CUSTOM_PG_VERSION}_${TARGETARCH}.deb \
+    ${CUSTOM_PG_URL}/postgresql-plpython3-${PG_VERSION}_${CUSTOM_PG_VERSION}_${TARGETARCH}.deb \
+    ${CUSTOM_PG_URL}/postgresql-pltcl-${PG_VERSION}_${CUSTOM_PG_VERSION}_${TARGETARCH}.deb \
+    ${CUSTOM_PG_URL}/postgresql-server-dev-${PG_VERSION}_${CUSTOM_PG_VERSION}_${TARGETARCH}.deb && \
+    cd .. && \
+    apt-get update && \
+    apt-get upgrade -y && \
+    apt install -y --fix-missing --allow-downgrades ./pgdebs/*.deb && rm -rf ./pgdebs
+
+# Установка PostgreSQL и расширений
+RUN apt-get install -y --no-install-recommends \
+        # postgresql-$PG_VERSION postgresql-contrib-$PG_VERSION postgresql-plpython3-$PG_VERSION \
+        postgresql-$PG_VERSION-hypopg postgresql-$PG_VERSION-powa postgresql-$PG_VERSION-orafce \
+        postgresql-$PG_VERSION-cron postgresql-$PG_VERSION-repack postgresql-$PG_VERSION-pgaudit \
+        postgresql-$PG_VERSION-pg-stat-kcache postgresql-$PG_VERSION-pg-qualstats \
+        postgresql-$PG_VERSION-set-user postgresql-$PG_VERSION-postgis \
+        postgresql-$PG_VERSION-pg-wait-sampling postgresql-$PG_VERSION-pg-track-settings \
+        postgresql-$PG_VERSION-pg-hint-plan postgresql-$PG_VERSION-pgnodemx \
+        postgresql-$PG_VERSION-decoderbufs postgresql-$PG_VERSION-pglogical \
+        postgresql-$PG_VERSION-pgvector && \
+    apt-get clean && rm -rf /var/lib/apt/lists/*
+
+# Локализация
+RUN localedef -i en_US -f UTF-8 en_US.UTF-8 && \
+    localedef -i es_PE -f UTF-8 es_PE.UTF-8 && \
+    localedef -i es_ES -f UTF-8 es_ES.UTF-8
+
+# Копирование pgBackRest и расширений из builder
+COPY --from=builder /usr/local/bin/pgbackrest /usr/local/bin/pgbackrest
+COPY --from=builder /usr/share/postgresql/$PG_VERSION/extension/pg_profile* /usr/share/postgresql/$PG_VERSION/extension/
+COPY --from=builder /usr/lib/postgresql/$PG_VERSION/lib/pgsentinel* /usr/lib/postgresql/$PG_VERSION/lib/
+COPY --from=builder /usr/share/postgresql/$PG_VERSION/extension/pgsentinel* /usr/share/postgresql/$PG_VERSION/extension/
+COPY --from=builder /usr/lib/postgresql/$PG_VERSION/lib/pg_dbms_stats* /usr/lib/postgresql/$PG_VERSION/lib/
+COPY --from=builder /usr/share/postgresql/$PG_VERSION/extension/pg_dbms_stats* /usr/share/postgresql/$PG_VERSION/extension/
+
+# Копирование скриптов и конфигураций
+COPY scripts/archive_wal.sh /opt/scripts/archive_wal.sh
+COPY scripts/postgresql.conf /tmp/postgresql.conf
+COPY scripts/fix_permission.sh /usr/libexec/fix-permissions
+COPY scripts/* /
+
+# Настройка прав
+RUN mv /var/lib/postgresql /var/lib/pgsql && \
+    sed -i "s/postgres:!/postgres:*/" /etc/shadow && \
+    sed -i "s/#PubkeyAuthentication yes/PubkeyAuthentication yes/" /etc/ssh/sshd_config && \
+    sed -i "s/#PasswordAuthentication yes/PasswordAuthentication no/" /etc/ssh/sshd_config && \
+    sed -i 's/#Port.*$/Port 3022/' /etc/ssh/sshd_config && \
+    sed -i "s/#PermitUserEnvironment no/PermitUserEnvironment yes/" /etc/ssh/sshd_config && \
+    sed -i "s/UsePAM yes/UsePAM no/" /etc/ssh/sshd_config && \
+    sed -i "s@#HostKey /etc/ssh/ssh_host_rsa_key@HostKey ~/.ssh/id_rsa@" /etc/ssh/sshd_config && \
+    chgrp 0 /etc && chmod g+w /etc && \
+    chgrp 0 /etc/passwd && chmod g+w /etc/passwd && \
+    chmod g+w /home && \
+    mkdir /patroni && chmod -R 777 /patroni/ && \
+    chmod +x /usr/libexec/fix-permissions && \
+    /usr/libexec/fix-permissions /var/run/postgresql && \
+    /usr/libexec/fix-permissions /var/lib/pgsql && \
+    mkdir -p /var/lib/pgsql/data/ && \
+    chown -R postgres:postgres /var/lib/pgsql && \
+    chmod +x /*.py && chmod +x /*.sh && \
+    chmod 777 /opt/scripts/archive_wal.sh && \
+    ln -s /usr/bin/python3 /usr/bin/python && \
+    mkdir /var/lib/pgbackrest && \
+    mkdir /var/log/pgbackrest && \
+    mkdir /var/spool/pgbackrest && \
+    chmod 777 /var/lib/pgbackrest && \
+    chmod 777 /var/log/pgbackrest && \
+    chmod 777 /var/spool/pgbackrest && \
+    chown postgres:0 /var/lib/pgbackrest && \
+    chown postgres:0 /var/log/pgbackrest && \
+    chown postgres:0 /var/spool/pgbackrest
+
+# Установка Python-зависимостей
+COPY scripts/pip.conf /root/.pip/pip.conf
+RUN python3 -m pip install -U setuptools==78.1.1 wheel==0.38.0 && \
+    python3 -m pip install psutil patroni[kubernetes,etcd]==3.3.5 psycopg2-binary==2.9.5 requests python-dateutil urllib3 six prettytable --no-cache
+
+# Volumes
+VOLUME /etc
+VOLUME /patroni
+VOLUME /run/postgresql
+
+WORKDIR /patroni
+USER 26
+ENTRYPOINT ["/start.sh"]
+EXPOSE 5432 8008