From 370dfee4c8b94fa5e024b2812aef33929bb9d1b9 Mon Sep 17 00:00:00 2001 From: Suhas Thalanki Date: Mon, 24 Feb 2025 14:50:09 -0500 Subject: [PATCH] reset dockerfile to open a new PR for just the dockerfile --- compute/compute-node.Dockerfile | 28 ++++++++++++++++++++++++++++ 1 file changed, 28 insertions(+) diff --git a/compute/compute-node.Dockerfile b/compute/compute-node.Dockerfile index f39ebacd12..ed0432ec53 100644 --- a/compute/compute-node.Dockerfile +++ b/compute/compute-node.Dockerfile @@ -1055,6 +1055,34 @@ RUN if [ -d pg_embedding-src ]; then \ make -j $(getconf _NPROCESSORS_ONLN) install; \ fi +######################################################################################### +# +# Layer "pg_anon-build" +# compile anon extension +# +######################################################################################### +FROM build-deps AS pg_anon-src +ARG PG_VERSION + +# This is an experimental extension, never got to real production. +# !Do not remove! It can be present in shared_preload_libraries and compute will fail to start if library is not found. +WORKDIR /ext-src +RUN case "${PG_VERSION:?}" in "v17") \ + echo "postgresql_anonymizer does not yet support PG17" && exit 0;; \ + esac && \ + wget https://github.com/neondatabase/postgresql_anonymizer/archive/refs/tags/neon_1.1.1.tar.gz -O pg_anon.tar.gz && \ + echo "321ea8d5c1648880aafde850a2c576e4a9e7b9933a34ce272efc839328999fa9 pg_anon.tar.gz" | sha256sum --check && \ + mkdir pg_anon-src && cd pg_anon-src && tar xzf ../pg_anon.tar.gz --strip-components=1 -C . + +FROM pg-build AS pg_anon-build +COPY --from=pg_anon-src /ext-src/ /ext-src/ +WORKDIR /ext-src +RUN if [ -d pg_anon-src ]; then \ + cd pg_anon-src && \ + make -j $(getconf _NPROCESSORS_ONLN) install && \ + echo 'trusted = true' >> /usr/local/pgsql/share/extension/anon.control; \ + fi + ######################################################################################### # # Layer "pg build with nonroot user and cargo installed"