initial commit, psql-cli and github workflow

.github/workflows/docker-build.yml

@@ -0,0 +1,70 @@
+# .github/workflows/docker-build.yml
+
+name: Docker Build Workflow
+
+# Define the triggers for this workflow
+on:
+  push:
+    branches:
+      - main
+    paths:
+      - psql-cli/**/*
+
+jobs:
+  validate:
+    name: Validate Environment
+    runs-on: ubuntu-latest
+
+    services:
+      docker:
+        image: docker:20.10.16
+        options: --privileged
+
+    env:
+      DOCKER_TLS_CERTDIR: "/certs"
+      CI_REGISTRY_PATH: index.docker.io/ahoylabs
+      CI_REGISTRY_USER: ${{ secrets.CI_REGISTRY_USER }}
+      CI_REGISTRY_PASSWORD: ${{ secrets.CI_REGISTRY_PASSWORD }}
+
+    steps:
+      - name: Set up Docker
+        run: |
+          docker info
+          docker login -u "${{ secrets.CI_REGISTRY_USER }}" -p "${{ secrets.CI_REGISTRY_PASSWORD }}" ${{ env.CI_REGISTRY_PATH }}
+
+      - name: Print Environment Variables
+        run: |
+          echo "GitHub Actions env"
+          printenv
+          echo "CI_REGISTRY_USER ${{ secrets.CI_REGISTRY_USER }}"
+          echo "CI_REGISTRY_PASSWORD ${{ secrets.CI_REGISTRY_PASSWORD }}"
+          echo "CI_REGISTRY_PATH ${{ env.CI_REGISTRY_PATH }}"
+
+  build_psql_cli:
+    name: Build psql-cli Image
+    runs-on: ubuntu-latest
+    needs: validate
+
+    services:
+      docker:
+        image: docker:20.10.16
+        options: --privileged
+
+    env:
+      IMAGE: psql-cli
+      CI_REGISTRY_PATH: index.docker.io/ahoylabs
+      CI_REGISTRY_USER: ${{ secrets.CI_REGISTRY_USER }}
+      CI_REGISTRY_PASSWORD: ${{ secrets.CI_REGISTRY_PASSWORD }}
+
+    steps:
+      - name: Check out repository
+        uses: actions/checkout@v3
+
+      - name: Log in to Docker Hub
+        run: docker login -u "${{ secrets.CI_REGISTRY_USER }}" -p "${{ secrets.CI_REGISTRY_PASSWORD }}"
+
+      - name: Build psql-cli Docker image
+        run: |
+          cd $IMAGE
+          docker build --pull -t "${{ env.CI_REGISTRY_PATH }}/${{ env.IMAGE }}" .
+          docker push "${{ env.CI_REGISTRY_PATH }}/${{ env.IMAGE }}"

psql-cli/Dockerfile

@@ -0,0 +1,33 @@
+FROM debian:buster-slim
+ENV DEBIAN_FRONTEND=noninteractive
+
+RUN /bin/echo -e '#!/bin/bash\nDEBIAN_FRONTEND=noninteractive\napt-get update && apt-get install -y $@ && apt-get clean autoclean && apt-get autoremove --yes && rm -rf /var/lib/apt/lists/*' \
+    > /usr/local/sbin/apt_install_clean.sh && \
+    chmod a+x /usr/local/sbin/apt_install_clean.sh
+RUN /bin/echo -e '#!/bin/bash\nDEBIAN_FRONTEND=noninteractive\napt-get update && apt-get remove -y $@ && apt-get clean autoclean && apt-get autoremove --yes && rm -rf /var/lib/apt/lists/*' \
+    > /usr/local/sbin/apt_remove_clean.sh && \
+    chmod a+x /usr/local/sbin/apt_remove_clean.sh
+
+# install
+#RUN /usr/local/sbin/apt_install_clean.sh postgresql-client iputils-ping net-tools curl wget
+RUN /usr/local/sbin/apt_install_clean.sh iputils-ping net-tools curl wget gnupg2 nano
+
+# psql 14
+RUN sh -c 'echo "deb http://apt.postgresql.org/pub/repos/apt buster-pgdg main" > /etc/apt/sources.list.d/pgdg.list'
+RUN wget --quiet -O - https://www.postgresql.org/media/keys/ACCC4CF8.asc | apt-key add -
+#RUN apt search postgresql
+RUN /usr/local/sbin/apt_install_clean.sh postgresql-client-14
+
+# build validation
+RUN which psql
+RUN which ping
+RUN which netstat
+RUN which curl
+RUN which wget
+RUN which nano
+
+RUN /usr/local/sbin/apt_install_clean.sh openssh-server
+#CMD ["/bin/sh", "-c", "sleep infinity"]
+# also start up ssh for cases where it's helpful
+COPY setup_ssh.sh /
+ENTRYPOINT ["/setup_ssh.sh"]

psql-cli/psql-cli.yaml

@@ -0,0 +1,33 @@
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: psql-cli-deployment
+  namespace: demo
+spec:
+  selector:
+    matchLabels:
+      app: psql-cli
+  replicas: 1
+  template:
+    metadata:
+      labels:
+        app: psql-cli
+    spec:
+      containers:
+      - name: psql-cli
+        image: dynafire/psql-cli
+        env:
+          - name: PGPORT
+            value: "5432"
+          - name: PGHOST
+            value: $(ACID_CLUSTER_PORT_5432_TCP_ADDR)
+          - name: PGUSER
+            value: pguser
+          - name: PGDATABASE
+            value: testdb
+          - name: PGPASSWORD
+            valueFrom:
+              secretKeyRef:
+                name: pguser.acid-cluster.credentials.postgresql.acid.zalan.do
+                key: password
+                optional: true

psql-cli/setup_ssh.sh

@@ -0,0 +1,53 @@
+#!/bin/sh
+
+## this is reused from RunPod
+# from https://github.com/runpod/containers/blob/main/container-template/start.sh
+
+setup_ssh() {
+    if [ ! -z "$PUBLIC_KEY" ]; then
+        echo "Setting up SSH..."
+        mkdir -p ~/.ssh
+        echo "$PUBLIC_KEY" >> ~/.ssh/authorized_keys
+        chmod 700 -R ~/.ssh
+
+         if [ ! -f /etc/ssh/ssh_host_rsa_key ]; then
+            ssh-keygen -t rsa -f /etc/ssh/ssh_host_rsa_key -q -N ''
+            echo "RSA key fingerprint:"
+            ssh-keygen -lf /etc/ssh/ssh_host_rsa_key.pub
+        fi
+
+        if [ ! -f /etc/ssh/ssh_host_dsa_key ]; then
+            ssh-keygen -t dsa -f /etc/ssh/ssh_host_dsa_key -q -N ''
+            echo "DSA key fingerprint:"
+            ssh-keygen -lf /etc/ssh/ssh_host_dsa_key.pub
+        fi
+
+        if [ ! -f /etc/ssh/ssh_host_ecdsa_key ]; then
+            ssh-keygen -t ecdsa -f /etc/ssh/ssh_host_ecdsa_key -q -N ''
+            echo "ECDSA key fingerprint:"
+            ssh-keygen -lf /etc/ssh/ssh_host_ecdsa_key.pub
+        fi
+
+        if [ ! -f /etc/ssh/ssh_host_ed25519_key ]; then
+            ssh-keygen -t ed25519 -f /etc/ssh/ssh_host_ed25519_key -q -N ''
+            echo "ED25519 key fingerprint:"
+            ssh-keygen -lf /etc/ssh/ssh_host_ed25519_key.pub
+        fi
+
+        # root login is pubkey only
+        sed -i "s/#PasswordAuthentication yes/PasswordAuthentication no/" /etc/ssh/sshd_config
+
+        service ssh start
+
+        echo "SSH host keys:"
+        for key in /etc/ssh/*.pub; do
+            echo "Key: $key"
+            ssh-keygen -lf $key
+        done
+    else
+      echo "SSH not started, PUBLIC_KEY env variable not detected."
+    fi
+}
+
+setup_ssh
+sleep infinity