diff --git a/16-master/Dockerfile b/16-master/Dockerfile index e993ae57..72adafd6 100644 --- a/16-master/Dockerfile +++ b/16-master/Dockerfile @@ -87,7 +87,7 @@ ENV DOCKER_CMAKE_BUILD_TYPE=${DOCKER_CMAKE_BUILD_TYPE} ARG CGAL_GIT_BRANCH ENV CGAL_GIT_BRANCH=${CGAL_GIT_BRANCH} ENV CGAL_GIT_HASH=b3e2f204a41c1e508a6f018454b60b00aa3dc6fd -ENV SFCGAL_GIT_HASH=8426908ed0fc901bf90bac13603e9ffd7f632c7c +ENV SFCGAL_GIT_HASH=cc408a34af9c3443a2cfb0f559b778a54a3702ab RUN set -ex \ && mkdir -p /usr/src \ && cd /usr/src \ @@ -120,7 +120,7 @@ RUN set -ex \ && rm -fr /usr/src/cgal # proj -ENV PROJ_GIT_HASH=1e3d0f23393b0b478ae3efc79dcd803437c23fb6 +ENV PROJ_GIT_HASH=6ef4961358a7525703c0f485b240582530f01b02 RUN set -ex \ && cd /usr/src \ && git clone https://github.com/OSGeo/PROJ.git \ @@ -150,7 +150,7 @@ RUN set -ex \ && rm -fr /usr/src/PROJ # geos -ENV GEOS_GIT_HASH=69cce6b85195d4010e5b066f62a4c1137da92173 +ENV GEOS_GIT_HASH=16f53573f6bef38551801c2d449d4782775267bc RUN set -ex \ && cd /usr/src \ && git clone https://github.com/libgeos/geos.git \ @@ -166,7 +166,7 @@ RUN set -ex \ && rm -fr /usr/src/geos # gdal -ENV GDAL_GIT_HASH=c8056f4be79a5fae8c26c5d3a295bd10f83927ad +ENV GDAL_GIT_HASH=edcac5fc2ef9f42eb4a91cdc902820a58fb79d77 RUN set -ex \ && cd /usr/src \ && git clone https://github.com/OSGeo/gdal.git \ @@ -300,10 +300,10 @@ COPY --from=builder /usr/local /usr/local ARG CGAL_GIT_BRANCH ENV CGAL_GIT_BRANCH=${CGAL_GIT_BRANCH} ENV CGAL_GIT_HASH=b3e2f204a41c1e508a6f018454b60b00aa3dc6fd -ENV SFCGAL_GIT_HASH=8426908ed0fc901bf90bac13603e9ffd7f632c7c -ENV PROJ_GIT_HASH=1e3d0f23393b0b478ae3efc79dcd803437c23fb6 -ENV GEOS_GIT_HASH=69cce6b85195d4010e5b066f62a4c1137da92173 -ENV GDAL_GIT_HASH=c8056f4be79a5fae8c26c5d3a295bd10f83927ad +ENV SFCGAL_GIT_HASH=cc408a34af9c3443a2cfb0f559b778a54a3702ab +ENV PROJ_GIT_HASH=6ef4961358a7525703c0f485b240582530f01b02 +ENV GEOS_GIT_HASH=16f53573f6bef38551801c2d449d4782775267bc +ENV GDAL_GIT_HASH=edcac5fc2ef9f42eb4a91cdc902820a58fb79d77 # Minimal command line test ( fail fast ) RUN set -ex \ @@ -322,7 +322,7 @@ RUN set -ex \ || echo "ogr2ogr missing PostgreSQL driver" && exit 1 # install postgis -ENV POSTGIS_GIT_HASH=fda22140ee28de287fd61bb943cad155dc277ee2 +ENV POSTGIS_GIT_HASH=9e3d207534699a2d43608b1f51c00780883126a1 RUN set -ex \ && apt-get update \ diff --git a/17-master/Dockerfile b/17-master/Dockerfile index 92e9668f..f180a8fe 100644 --- a/17-master/Dockerfile +++ b/17-master/Dockerfile @@ -87,7 +87,7 @@ ENV DOCKER_CMAKE_BUILD_TYPE=${DOCKER_CMAKE_BUILD_TYPE} ARG CGAL_GIT_BRANCH ENV CGAL_GIT_BRANCH=${CGAL_GIT_BRANCH} ENV CGAL_GIT_HASH=b3e2f204a41c1e508a6f018454b60b00aa3dc6fd -ENV SFCGAL_GIT_HASH=8426908ed0fc901bf90bac13603e9ffd7f632c7c +ENV SFCGAL_GIT_HASH=cc408a34af9c3443a2cfb0f559b778a54a3702ab RUN set -ex \ && mkdir -p /usr/src \ && cd /usr/src \ @@ -120,7 +120,7 @@ RUN set -ex \ && rm -fr /usr/src/cgal # proj -ENV PROJ_GIT_HASH=1e3d0f23393b0b478ae3efc79dcd803437c23fb6 +ENV PROJ_GIT_HASH=6ef4961358a7525703c0f485b240582530f01b02 RUN set -ex \ && cd /usr/src \ && git clone https://github.com/OSGeo/PROJ.git \ @@ -150,7 +150,7 @@ RUN set -ex \ && rm -fr /usr/src/PROJ # geos -ENV GEOS_GIT_HASH=69cce6b85195d4010e5b066f62a4c1137da92173 +ENV GEOS_GIT_HASH=16f53573f6bef38551801c2d449d4782775267bc RUN set -ex \ && cd /usr/src \ && git clone https://github.com/libgeos/geos.git \ @@ -166,7 +166,7 @@ RUN set -ex \ && rm -fr /usr/src/geos # gdal -ENV GDAL_GIT_HASH=c8056f4be79a5fae8c26c5d3a295bd10f83927ad +ENV GDAL_GIT_HASH=edcac5fc2ef9f42eb4a91cdc902820a58fb79d77 RUN set -ex \ && cd /usr/src \ && git clone https://github.com/OSGeo/gdal.git \ @@ -300,10 +300,10 @@ COPY --from=builder /usr/local /usr/local ARG CGAL_GIT_BRANCH ENV CGAL_GIT_BRANCH=${CGAL_GIT_BRANCH} ENV CGAL_GIT_HASH=b3e2f204a41c1e508a6f018454b60b00aa3dc6fd -ENV SFCGAL_GIT_HASH=8426908ed0fc901bf90bac13603e9ffd7f632c7c -ENV PROJ_GIT_HASH=1e3d0f23393b0b478ae3efc79dcd803437c23fb6 -ENV GEOS_GIT_HASH=69cce6b85195d4010e5b066f62a4c1137da92173 -ENV GDAL_GIT_HASH=c8056f4be79a5fae8c26c5d3a295bd10f83927ad +ENV SFCGAL_GIT_HASH=cc408a34af9c3443a2cfb0f559b778a54a3702ab +ENV PROJ_GIT_HASH=6ef4961358a7525703c0f485b240582530f01b02 +ENV GEOS_GIT_HASH=16f53573f6bef38551801c2d449d4782775267bc +ENV GDAL_GIT_HASH=edcac5fc2ef9f42eb4a91cdc902820a58fb79d77 # Minimal command line test ( fail fast ) RUN set -ex \ @@ -322,7 +322,7 @@ RUN set -ex \ || echo "ogr2ogr missing PostgreSQL driver" && exit 1 # install postgis -ENV POSTGIS_GIT_HASH=fda22140ee28de287fd61bb943cad155dc277ee2 +ENV POSTGIS_GIT_HASH=9e3d207534699a2d43608b1f51c00780883126a1 RUN set -ex \ && apt-get update \ diff --git a/README.md b/README.md index 7769b988..704b8fde 100644 --- a/README.md +++ b/README.md @@ -2,45 +2,55 @@ [![Build Status](https://github.com/postgis/docker-postgis/workflows/Docker%20PostGIS%20CI/badge.svg)](https://github.com/postgis/docker-postgis/actions) [![Join the chat at https://gitter.im/postgis/docker-postgis](https://badges.gitter.im/Join%20Chat.svg)](https://gitter.im/postgis/docker-postgis?utm_source=badge&utm_medium=badge&utm_campaign=pr-badge&utm_content=badge) -The `postgis/postgis` image provides tags for running Postgres with [PostGIS](http://postgis.net/) extensions installed. This image is based on the official [`postgres`](https://registry.hub.docker.com/_/postgres/) image and provides debian and alpine variants for PostGIS 3.5.x, which is compatible with PostgreSQL versions 13, 14, 15, 16 and 17. Additionally, an image version is provided which is built from the latest two versions of Postgres (16, 17) with versions of PostGIS and its dependencies built from their respective master branches. +**⚠️ Breaking change (PostgreSQL 18+):** +Default `VOLUME` path changed to `/var/lib/postgresql` + +The `postgis/postgis` image provides tags for running Postgres with [PostGIS](http://postgis.net/) extensions installed. This image is based on the official [`postgres`](https://registry.hub.docker.com/_/postgres/) image and provides Debian and Alpine variants for PostGIS 3.5.x and 3.6.x that are compatible with PostgreSQL versions 13, 14, 15, 16, 17 and 18. Additionally, image variants are provided for PostgreSQL 16 and 17, built with PostGIS (and its dependencies) from their respective master branches. These are tagged as `16-master` and `17-master`. This image ensures that the default database created by the parent `postgres` image will have the following extensions installed: | installed extensions | [initialized](https://github.com/postgis/docker-postgis/blob/master/initdb-postgis.sh)| -|---------------------|-----| -| `postgis` | yes | -| `postgis_topology` | yes | +|--------------------------|-----| +| `postgis` | yes | +| `postgis_topology` | yes | | `postgis_tiger_geocoder` | yes | -| `postgis_raster` | | -| `postgis_sfcgal` | | -| `address_standardizer`| | -| `address_standardizer_data_us`| | +| `postgis_raster` | no (available) | +| `postgis_sfcgal` | no (available) | +| `address_standardizer`| no (available) | +| `address_standardizer_data_us`| no (available) | Unless `-e POSTGRES_DB` is passed to the container at startup time, this database will be named after the admin user (either `postgres` or the user specified with `-e POSTGRES_USER`). If you would prefer to use the older template database mechanism for enabling PostGIS, the image also provides a PostGIS-enabled template database called `template_postgis`. -# Versions (2025-09-26) +## Versions (2025-10-09) + +Supported architecture: `amd64` (x86-64) -Supported architecture: `amd64` (also known as X86-64)" +Recommended versions for new users are: -Recommended versions for new users are: `postgis/postgis:17-3.5`, `postgis/postgis:16-3.5` +* `postgis/postgis:18-3.6` + * ⚠️ Uses `VOLUME` path `/var/lib/postgresql` (changed in PostgreSQL 18+) +* `postgis/postgis:17-3.5` + * Uses legacy `VOLUME` path `/var/lib/postgresql/data` ### Debian based (recommended) -* This Docker-PostGIS version has a cautious release cycle to guarantee high stability. +* This Docker-PostGIS image has a cautious release cycle to guarantee high stability. * By "cautious", we mean it does not always have the latest versions of geos, proj, gdal, and sfcgal packages. * We use PostGIS, geos, proj, gdal, and sfcgal packages from the Debian repository. - * In the Debian Bullseye repository (for PostgreSQL12 to 17), the versions are: + * In the Debian Bullseye repository (for PostgreSQL 13 to 17), the versions are: * geos=3.9 * gdal=3.2 * proj=7.2 * sfcgal=1.3.9 - * In the Debian trixie repository (for PostgreSQL18+), the versions are: + * In the Debian Trixie repository (for PostgreSQL 18+), the versions are: * geos=3.13 * gdal=3.10 * proj=9.6 * sfcgal2=2.0 * This version is easy to extend and has matured over time. + + | DockerHub image | Dockerfile | OS | Postgres | PostGIS | | --------------- | ---------- | -- | -------- | ------- | | [postgis/postgis:13-3.5](https://registry.hub.docker.com/r/postgis/postgis/tags?page=1&name=13-3.5) | [Dockerfile](https://github.com/postgis/docker-postgis/blob/master/13-3.5/Dockerfile) | debian:bullseye | 13 | 3.5.2 | @@ -49,6 +59,7 @@ Recommended versions for new users are: `postgis/postgis:17-3.5`, `postgis/postg | [postgis/postgis:16-3.5](https://registry.hub.docker.com/r/postgis/postgis/tags?page=1&name=16-3.5) | [Dockerfile](https://github.com/postgis/docker-postgis/blob/master/16-3.5/Dockerfile) | debian:bullseye | 16 | 3.5.2 | | [postgis/postgis:17-3.5](https://registry.hub.docker.com/r/postgis/postgis/tags?page=1&name=17-3.5) | [Dockerfile](https://github.com/postgis/docker-postgis/blob/master/17-3.5/Dockerfile) | debian:bullseye | 17 | 3.5.2 | | [postgis/postgis:18-3.6](https://registry.hub.docker.com/r/postgis/postgis/tags?page=1&name=18-3.6) | [Dockerfile](https://github.com/postgis/docker-postgis/blob/master/18-3.6/Dockerfile) | debian:trixie | 18 | 3.6.0 | + ### Alpine based @@ -60,6 +71,8 @@ Recommended versions for new users are: `postgis/postgis:17-3.5`, `postgis/postg * sfcgal=2.0.0 * PostGIS is compiled from source, making it a bit more challenging to extend. + + | DockerHub image | Dockerfile | OS | Postgres | PostGIS | | --------------- | ---------- | -- | -------- | ------- | | [postgis/postgis:13-3.5-alpine](https://registry.hub.docker.com/r/postgis/postgis/tags?page=1&name=13-3.5-alpine) | [Dockerfile](https://github.com/postgis/docker-postgis/blob/master/13-3.5/alpine/Dockerfile) | alpine:3.22 | 13 | 3.5.3 | @@ -69,44 +82,54 @@ Recommended versions for new users are: `postgis/postgis:17-3.5`, `postgis/postg | [postgis/postgis:17-3.5-alpine](https://registry.hub.docker.com/r/postgis/postgis/tags?page=1&name=17-3.5-alpine) | [Dockerfile](https://github.com/postgis/docker-postgis/blob/master/17-3.5/alpine/Dockerfile) | alpine:3.22 | 17 | 3.5.3 | | [postgis/postgis:17-3.6-alpine](https://registry.hub.docker.com/r/postgis/postgis/tags?page=1&name=17-3.6-alpine) | [Dockerfile](https://github.com/postgis/docker-postgis/blob/master/17-3.6/alpine/Dockerfile) | alpine:3.22 | 17 | 3.6.0 | | [postgis/postgis:18-3.6-alpine](https://registry.hub.docker.com/r/postgis/postgis/tags?page=1&name=18-3.6-alpine) | [Dockerfile](https://github.com/postgis/docker-postgis/blob/master/18-3.6/alpine/Dockerfile) | alpine:3.22 | 18 | 3.6.0 | + ### Test images * We provide alpha, beta, release candidate (rc), and development (identified as ~master) versions. * The template for the `*-master` images is updated manually, which might lead to a delay of a few weeks sometimes. + + | DockerHub image | Dockerfile | OS | Postgres | PostGIS | | --------------- | ---------- | -- | -------- | ------- | | [postgis/postgis:16-master](https://registry.hub.docker.com/r/postgis/postgis/tags?page=1&name=16-master) | [Dockerfile](https://github.com/postgis/docker-postgis/blob/master/16-master/Dockerfile) | debian:bullseye | 16 | development: postgis, geos, proj, gdal | | [postgis/postgis:17-master](https://registry.hub.docker.com/r/postgis/postgis/tags?page=1&name=17-master) | [Dockerfile](https://github.com/postgis/docker-postgis/blob/master/17-master/Dockerfile) | debian:bullseye | 17 | development: postgis, geos, proj, gdal | + ## Usage In order to run a basic container capable of serving a PostGIS-enabled database, start a container as follows: - docker run --name some-postgis -e POSTGRES_PASSWORD=mysecretpassword -d postgis/postgis +```sh +docker run --name some-postgis -e POSTGRES_PASSWORD=mysecretpassword -d postgis/postgis +``` -For more detailed instructions about how to start and control your Postgres container, see the documentation for the `postgres` image [here](https://registry.hub.docker.com/_/postgres/). +For more detailed instructions about how to start and control your Postgres container, see the documentation for the [postgres image](https://registry.hub.docker.com/_/postgres/). Once you have started a database container, you can then connect to the database either directly on the running container: - docker exec -ti some-postgis psql -U postgres +```sh +docker exec -ti some-postgis psql -U postgres +``` ... or starting a new container to run as a client. In this case you can use a user-defined network to link both containers: - docker network create some-network +```sh +docker network create some-network - # Server container - docker run --name some-postgis --network some-network -e POSTGRES_PASSWORD=mysecretpassword -d postgis/postgis +# Server container +docker run --name some-postgis --network some-network -e POSTGRES_PASSWORD=mysecretpassword -d postgis/postgis - # Client container - docker run -it --rm --network some-network postgis/postgis psql -h some-postgis -U postgres +# Client container +docker run -it --rm --network some-network postgis/postgis psql -h some-postgis -U postgres +``` Check the documentation on the [`postgres` image](https://registry.hub.docker.com/_/postgres/) and [Docker networking](https://docs.docker.com/network/) for more details and alternatives on connecting different containers. See [the PostGIS documentation](http://postgis.net/docs/postgis_installation.html#create_new_db_extensions) for more details on your options for creating and using a spatially-enabled database. -## Supported Environment Variables: +## Supported Environment Variables Since the docker-postgis repository is an extension of the official Docker PostgreSQL repository, all environment variables supported there are also supported here: @@ -116,15 +139,41 @@ Since the docker-postgis repository is an extension of the official Docker Postg * `POSTGRES_INITDB_ARGS` * `POSTGRES_INITDB_WALDIR` * `POSTGRES_HOST_AUTH_METHOD` -* `PGDATA` +* `PGDATA` [⚠️ Changed in Docker PostgreSQL >=18 ! ⚠️ ](https://github.com/docker-library/docs/blob/master/postgres/README.md#pgdata ) + +Read more in the [docker-postgres README page](https://github.com/docker-library/docs/blob/master/postgres/README.md) + + +### ⚠️ `PGDATA` Volume Path Change + +Starting from **PostgreSQL 18**, the default data directory (`VOLUME`) path has changed. +This affects all corresponding **`postgis/postgis:18-*`** and newer images. + +**Summary of volume paths:** + +| Image name | Image tag range | `--volume` path | +|-------------|-----------------|-----------------| +| `postgis/postgis` | `18-*` … | `/var/lib/postgresql` | +| `postgis/postgis` | `13-*` … `17-*` | `/var/lib/postgresql/data` | -Read more: https://github.com/docker-library/docs/blob/master/postgres/README.md +Please adjust your volume mounts for 18+ images. +For more details, see the [upstream change](https://github.com/docker-library/postgres/pull/1259). -Warning: **the Docker specific variables will only have an effect if you start the container with a data directory that is empty;** any pre-existing database will be left untouched on container startup. +### Initialize Only on Empty Data Directory -It's important to note that the environment variables for the Docker image are different from those of the [libpq — C Library](https://www.postgresql.org/docs/current/libpq-envars.html) (`PGDATABASE`,`PGUSER`,`PGPASSWORD` ) +Docker-specific environment variables (for example, `POSTGRES_DB`, `POSTGRES_USER`, `POSTGRES_PASSWORD`) +take effect **only when the container is started with an empty data directory**. +Any pre-existing database will be left **untouched** on container startup. -## Troubleshooting tips: +If you need to re-initialize or change settings, make sure to remove or re-create the volume first. + +### `libpq` Environment Variables + +Please note that Docker environment variables are **different** from those used by the +[libpq — C Library](https://www.postgresql.org/docs/current/libpq-envars.html). +These include: `PGDATABASE`, `PGUSER`, `PGPASSWORD`, and others used by client tools. + +## Troubleshooting tips Troubleshooting can often be challenging. It's important to know that the docker-postgis repository is an extension of the official Docker PostgreSQL repository. Therefore, if you encounter any issues, it's worth testing whether the problem can be reproduced with the [official PostgreSQL Docker images](https://hub.docker.com/_/postgres). If so, it's recommended to search for solutions based on this. The following websites are suggested: @@ -134,58 +183,66 @@ Troubleshooting can often be challenging. It's important to know that the docker * Docker Community Slack: https://dockr.ly/slack * Stack Overflow: https://stackoverflow.com/questions/tagged/docker+postgresql -If your problem is Postgis related: +If your problem is PostGIS related: * Stack Overflow : docker + postgis https://stackoverflow.com/questions/tagged/docker+postgis -* Postgis issue tracker: https://trac.osgeo.org/postgis/report +* PostGIS issue tracker: https://trac.osgeo.org/postgis/report And if you don't have a postgres docker experience - read this blog post: * https://www.docker.com/blog/how-to-use-the-postgres-docker-official-image/ - ## Security It's crucial to be aware that in a cloud environment, with default settings, these images are vulnerable, and there's a high risk of cryptominer infection if the ports are left open. ( [Read More](https://github.com/docker-library/postgres/issues/770#issuecomment-704460980) ) + * Note that ports which are not bound to the host (i.e., `-p 5432:5432` instead of `-p 127.0.0.1:5432:5432`) will be accessible from the outside. This also applies if you configured UFW to block this specific port, as Docker manages its own iptables rules. ( [Read More](https://docs.docker.com/network/iptables/) ) -#### Recomendations: +### io_uring + +Every `postgis/postgis:18-*` image includes `io_uring` capabilities for asynchronous I/O. However, some container runtimes (for example, [containerd](https://github.com/containerd/containerd/issues/9048)) have **disabled `io_uring` support** in the past due to **security concerns**. +If you wish to experiment with this feature, please do so **at your own risk**, and only after explicitly enabling `io_uring` in your [seccomp profile](https://docs.docker.com/engine/security/seccomp/). + +### Recommendations + * You can add options for using SSL ( [see postgres example](https://github.com/docker-library/postgres/issues/989#issuecomment-1222648067) ) - - `-c ssl=on -c ssl_cert_file=/var/lib/postgresql/server.crt -c ssl_key_file=/var/lib/postgresql/server.key` + * `-c ssl=on -c ssl_cert_file=/var/lib/postgresql/server.crt -c ssl_key_file=/var/lib/postgresql/server.key` * Or you can use [SSH Tunnels](https://www.postgresql.org/docs/15/ssh-tunnels.html) with `-p 127.0.0.1:5432:5432` -#### Security scanner information: +### Security scanner information -- Please also scan the base `postgres` docker Image: -It's important to also scan the base `postgres` Docker image for potential security issues. If your security scanner reports vulnerabilities (known as CVEs) in the image, you may wonder why. To get a better understanding, please read the Docker Library FAQ, especially the section titled ["Why does my security scanner show that an image has CVEs?"](https://github.com/docker-library/faq#why-does-my-security-scanner-show-that-an-image-has-cves) -For more specific issues related to the postgres docker image, you can search using these links: - - [search for repo:docker-library/postgres trivy](https://github.com/search?q=repo%3Adocker-library%2Fpostgres+trivy&type=issues) - - [search for repo:docker-library/postgres CVE](https://github.com/search?q=repo%3Adocker-library%2Fpostgres+CVE&type=issues) +* Please also scan the base `postgres` Docker image for potential security issues. +If your security scanner reports vulnerabilities (CVEs), check the [Docker Library FAQ](https://github.com/docker-library/faq#why-does-my-security-scanner-show-that-an-image-has-cves) — especially the section *“Why does my security scanner show that an image has CVEs?”* +For more specific issues related to the Postgres Docker image, you can search using these links: + * [search for repo:docker-library/postgres trivy](https://github.com/search?q=repo%3Adocker-library%2Fpostgres+trivy&type=issues) + * [search for repo:docker-library/postgres CVE](https://github.com/search?q=repo%3Adocker-library%2Fpostgres+CVE&type=issues) -- Optimizing Security Scans: +* Optimizing Security Scans: It's advisable to focus on scanning and fixing issues that can be resolved. Use this command to scan for fixable issues only: - * `trivy image --ignore-unfixed postgis/postgis:16-3.5-alpine` - * `trivy image --ignore-unfixed postgres:16-alpine` -For more details, you can read this article: https://pythonspeed.com/articles/docker-security-scanner/ + * `trivy image --ignore-unfixed postgis/postgis:18-3.6-alpine` + * `trivy image --ignore-unfixed postgres:18-alpine` +For more details, you can read [this article](https://pythonspeed.com/articles/docker-security-scanner/) + +## Limitations on Updates -#### Limitations on Updates: Unfortunately, we don't have control over updates to Debian and Alpine distributions or the upstream `postgres` image. Because of this, there might be some issues that we cannot fix right away. On the positive side, the `postgis/postgis` images are regenerated every Monday. This process is to ensure they include the latest changes and improvements. As a result, these images are consistently kept up-to-date. -#### Suggestions Welcome: +## Suggestions Welcome + We are always open to suggestions to enhance security. If you have any ideas, please let us know. ## Known Issues / Errors -When You encouter errors due to PostGIS update `OperationalError: could not access file "$libdir/postgis-X.X`, run: +When you encounter errors due to PostGIS update `OperationalError: could not access file "$libdir/postgis-X.X`, run: `docker exec some-postgis update-postgis.sh` -It will update to Your newest PostGIS. Update is idempotent, so it won't hurt when You run it more than once, You will get notification like: +It will update to your newest PostGIS. Update is idempotent, so it won't hurt when you run it more than once. You will get a notification like: -``` +```log Updating PostGIS extensions template_postgis to X.X.X NOTICE: version "X.X.X" of extension "postgis" is already installed NOTICE: version "X.X.X" of extension "postgis_topology" is already installed @@ -205,7 +262,8 @@ This Docker-PostGIS project [is part of the PostGIS group](https://postgis.net/d * Please take a moment to review the current issues, discussions, and pull requests before you start. * If you have a major change in mind, we kindly ask you to start a discussion about it first. * After making changes to the templates, please run the `./update.sh` script. +* The `README.md` must be written in plain and platform-compatible Markdown that renders correctly on both GitHub and [Docker Hub](https://hub.docker.com/r/postgis/postgis). ## Code of Conduct -see: https://postgis.net/community/conduct/ +Link to [the code of conduct](https://postgis.net/community/conduct/) diff --git a/apply-readme.sh b/apply-readme.sh new file mode 100644 index 00000000..50a561d6 --- /dev/null +++ b/apply-readme.sh @@ -0,0 +1,49 @@ +#!/bin/bash +set -Eeuo pipefail + +# this script updates the README.md file with the content of the _dockerlists_*.md files +# inckluded in the ./update.sh +# onyl run invidually if you need debugging or you want to update the README.md manually +echo " " +echo "# apply-readme.sh - update README.md with _dockerlists_*.md content" + +for readme_group in debian alpine test; do + echo "- check: _dockerlists_${readme_group}.md exists" + # check exist .dockerlists_"${readme_group}".md + if ! [ -f _dockerlists_"${readme_group}".md ]; then + echo "File _dockerlists_${readme_group}.md not found!" + echo "This file is required to update README.md" + exit 1 + fi +done + +# ------------- Update README.md ------------------ +# Get current date and Replace date in README.md +TODAY=$(date +%Y-%m-%d) +echo "- update VERSIONS date in README.md" +sed -i -r "s/(## Versions) \([0-9]{4}-[0-9]{2}-[0-9]{2}\)/\1 ($TODAY)/g" README.md +# Replace content between the special comments in README.md for each readme_group +for readme_group in debian alpine test; do + echo "- update ${readme_group} table in README.md" + awk -v readme_group="$readme_group" -v content="$(<_dockerlists_"${readme_group}".md)" ' + $0 ~ "" {print; print content; f=1; next} + $0 ~ "" {f=0} + !f' README.md >tmp.md && mv tmp.md README.md +done + +# Check README.md size; for safe uploading to the docker hub; +# https://github.com/peter-evans/dockerhub-description/issues/69 +README_SIZE_LIMIT=25000 +file_size=$(stat --format=%s "README.md") +echo " " +echo "README.md current size is $file_size bytes ( Docker Hub README.md max limit $README_SIZE_LIMIT bytes )" +if [[ $file_size -ge $README_SIZE_LIMIT ]]; then + echo "WARNING: README.md is too large ($file_size bytes). " + echo " Must be less than $README_SIZE_LIMIT bytes!" + echo " The github API automatically truncates README.md files to $README_SIZE_LIMIT bytes." + echo " " +fi + +echo " " +echo "README.md updated successfully" +echo " " diff --git a/update.sh b/update.sh index 8e59c6f6..efbcef2c 100755 --- a/update.sh +++ b/update.sh @@ -12,7 +12,7 @@ versions=( "${versions[@]%/Dockerfile}" ) for optimized in debian alpine test; do rm -f _dockerlists_${optimized}.md - echo " " > _dockerlists_${optimized}.md + echo "" > _dockerlists_${optimized}.md echo "| DockerHub image | Dockerfile | OS | Postgres | PostGIS |" >> _dockerlists_${optimized}.md echo "| --------------- | ---------- | -- | -------- | ------- |" >> _dockerlists_${optimized}.md done @@ -303,9 +303,11 @@ for optimized in debian alpine test; do cat _dockerlists_${optimized}.md done +# update README.md +bash ./apply-readme.sh + echo " " -echo "Postprocessing todo:" -echo "- add the new versions to README.md ( manually )" -ls -la _dockerlists_*.md -echo " " -echo " - done - " +echo "==============================" +echo " - update done && git status: " + +git status