Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Update postgres #7504

Merged
merged 1 commit into from
Feb 20, 2020
Merged

Update postgres #7504

merged 1 commit into from
Feb 20, 2020

Conversation

yosifkit
Copy link
Member

Changes:

@docker-library-bot
Update postgres
6388e3a 
Changes:

- docker-library/postgres@4dc16e4: Merge pull request docker-library/postgres#686 from infosiftr/xz-files
- docker-library/postgres@4f70bf2: Add .sql.xz support to docker-entrypoint-initdb.d
- docker-library/postgres@ba0e45b: Merge pull request docker-library/postgres#685 from infosiftr/clarify-unset
- docker-library/postgres@f1bc878: Clarify that "POSTGRES_PASSWORD" should be non-empty
- docker-library/postgres@05ac2d3: Merge pull request docker-library/postgres#680 from infosiftr/eol-9.4
- docker-library/postgres@6bb7ce5: Remove EOL 9.4
- docker-library/postgres@6d1f671: Merge pull request docker-library/postgres#669 from yaroze/master
@yosifkit
Copy link
Member Author

Diff: 
diff --git a/_bashbrew-arches b/_bashbrew-arches
index 4a17c2e..416b508 100644
--- a/_bashbrew-arches
+++ b/_bashbrew-arches
@@ -12,20 +12,6 @@ postgres:9-alpine @ arm64v8
 postgres:9-alpine @ i386
 postgres:9-alpine @ ppc64le
 postgres:9-alpine @ s390x
-postgres:9.4 @ amd64
-postgres:9.4 @ arm32v5
-postgres:9.4 @ arm32v7
-postgres:9.4 @ arm64v8
-postgres:9.4 @ i386
-postgres:9.4 @ ppc64le
-postgres:9.4 @ s390x
-postgres:9.4-alpine @ amd64
-postgres:9.4-alpine @ arm32v6
-postgres:9.4-alpine @ arm32v7
-postgres:9.4-alpine @ arm64v8
-postgres:9.4-alpine @ i386
-postgres:9.4-alpine @ ppc64le
-postgres:9.4-alpine @ s390x
 postgres:9.5 @ amd64
 postgres:9.5 @ arm32v5
 postgres:9.5 @ arm32v7
diff --git a/_bashbrew-list b/_bashbrew-list
index 7baefb7..2c09566 100644
--- a/_bashbrew-list
+++ b/_bashbrew-list
@@ -1,9 +1,5 @@
 postgres:9
 postgres:9-alpine
-postgres:9.4
-postgres:9.4-alpine
-postgres:9.4.26
-postgres:9.4.26-alpine
 postgres:9.5
 postgres:9.5-alpine
 postgres:9.5.21
diff --git a/postgres_10-alpine/Dockerfile b/postgres_10-alpine/Dockerfile
index 9c47de9..9051e04 100644
--- a/postgres_10-alpine/Dockerfile
+++ b/postgres_10-alpine/Dockerfile
@@ -5,7 +5,7 @@ FROM alpine:3.11
 # https://git.alpinelinux.org/aports/tree/main/postgresql/postgresql.pre-install?h=3.11-stable
 RUN set -eux; \
 	addgroup -g 70 -S postgres; \
-	adduser -u 70 -S -D -G postgres -H -h /var/lib/postgresql postgres; \
+	adduser -u 70 -S -D -G postgres -H -h /var/lib/postgresql -s /bin/sh postgres; \
 	mkdir -p /var/lib/postgresql; \
 	chown -R postgres:postgres /var/lib/postgresql
 
diff --git a/postgres_10-alpine/docker-entrypoint.sh b/postgres_10-alpine/docker-entrypoint.sh
index f53fa61..78adac6 100755
--- a/postgres_10-alpine/docker-entrypoint.sh
+++ b/postgres_10-alpine/docker-entrypoint.sh
@@ -88,7 +88,7 @@ docker_init_database_dir() {
 }
 
 # print large warning if POSTGRES_PASSWORD is long
-# error if both POSTGRES_PASSWORD is unset and POSTGRES_HOST_AUTH_METHOD is not 'trust'
+# error if both POSTGRES_PASSWORD is empty and POSTGRES_HOST_AUTH_METHOD is not 'trust'
 # print large warning if POSTGRES_HOST_AUTH_METHOD is set to 'trust'
 # assumes database is not set up, ie: [ -z "$DATABASE_ALREADY_EXISTS" ]
 docker_verify_minimum_env() {
@@ -110,12 +110,13 @@ docker_verify_minimum_env() {
 		# The - option suppresses leading tabs but *not* spaces. :)
 		cat >&2 <<-'EOE'
 			Error: Database is uninitialized and superuser password is not specified.
-			       You must specify POSTGRES_PASSWORD for the superuser. Use
-			       "-e POSTGRES_PASSWORD=password" to set it in "docker run".
+			       You must specify POSTGRES_PASSWORD to a non-empty value for the
+			       superuser. For example, "-e POSTGRES_PASSWORD=password" on "docker run".
 
-			       You may also use POSTGRES_HOST_AUTH_METHOD=trust to allow all connections
-			       without a password. This is *not* recommended. See PostgreSQL
-			       documentation about "trust":
+			       You may also use "POSTGRES_HOST_AUTH_METHOD=trust" to allow all
+			       connections without a password. This is *not* recommended.
+
+			       See PostgreSQL documentation about "trust":
 			       https://www.postgresql.org/docs/current/auth-trust.html
 		EOE
 		exit 1
@@ -163,6 +164,7 @@ docker_process_init_files() {
 				;;
 			*.sql)    echo "$0: running $f"; docker_process_sql -f "$f"; echo ;;
 			*.sql.gz) echo "$0: running $f"; gunzip -c "$f" | docker_process_sql; echo ;;
+			*.sql.xz) echo "$0: running $f"; xzcat "$f" | docker_process_sql; echo ;;
 			*)        echo "$0: ignoring $f" ;;
 		esac
 		echo
diff --git a/postgres_10/Dockerfile b/postgres_10/Dockerfile
index 178a622..76b3374 100644
--- a/postgres_10/Dockerfile
+++ b/postgres_10/Dockerfile
@@ -48,12 +48,16 @@ RUN set -eux; \
 	localedef -i en_US -c -f UTF-8 -A /usr/share/locale/locale.alias en_US.UTF-8
 ENV LANG en_US.utf8
 
+RUN set -eux; \
+	apt-get update; \
+	apt-get install -y --no-install-recommends \
 # install "nss_wrapper" in case we need to fake "/etc/passwd" and "/etc/group" (especially for OpenShift)
 # https://github.com/docker-library/postgres/issues/359
 # https://cwrap.org/nss_wrapper.html
-RUN set -eux; \
-	apt-get update; \
-	apt-get install -y --no-install-recommends libnss-wrapper; \
+		libnss-wrapper \
+# install "xz-utils" for .sql.xz docker-entrypoint-initdb.d files
+		xz-utils \
+	; \
 	rm -rf /var/lib/apt/lists/*
 
 RUN mkdir /docker-entrypoint-initdb.d
diff --git a/postgres_10/docker-entrypoint.sh b/postgres_10/docker-entrypoint.sh
index 406a971..a9190b4 100755
--- a/postgres_10/docker-entrypoint.sh
+++ b/postgres_10/docker-entrypoint.sh
@@ -88,7 +88,7 @@ docker_init_database_dir() {
 }
 
 # print large warning if POSTGRES_PASSWORD is long
-# error if both POSTGRES_PASSWORD is unset and POSTGRES_HOST_AUTH_METHOD is not 'trust'
+# error if both POSTGRES_PASSWORD is empty and POSTGRES_HOST_AUTH_METHOD is not 'trust'
 # print large warning if POSTGRES_HOST_AUTH_METHOD is set to 'trust'
 # assumes database is not set up, ie: [ -z "$DATABASE_ALREADY_EXISTS" ]
 docker_verify_minimum_env() {
@@ -110,12 +110,13 @@ docker_verify_minimum_env() {
 		# The - option suppresses leading tabs but *not* spaces. :)
 		cat >&2 <<-'EOE'
 			Error: Database is uninitialized and superuser password is not specified.
-			       You must specify POSTGRES_PASSWORD for the superuser. Use
-			       "-e POSTGRES_PASSWORD=password" to set it in "docker run".
+			       You must specify POSTGRES_PASSWORD to a non-empty value for the
+			       superuser. For example, "-e POSTGRES_PASSWORD=password" on "docker run".
 
-			       You may also use POSTGRES_HOST_AUTH_METHOD=trust to allow all connections
-			       without a password. This is *not* recommended. See PostgreSQL
-			       documentation about "trust":
+			       You may also use "POSTGRES_HOST_AUTH_METHOD=trust" to allow all
+			       connections without a password. This is *not* recommended.
+
+			       See PostgreSQL documentation about "trust":
 			       https://www.postgresql.org/docs/current/auth-trust.html
 		EOE
 		exit 1
@@ -163,6 +164,7 @@ docker_process_init_files() {
 				;;
 			*.sql)    echo "$0: running $f"; docker_process_sql -f "$f"; echo ;;
 			*.sql.gz) echo "$0: running $f"; gunzip -c "$f" | docker_process_sql; echo ;;
+			*.sql.xz) echo "$0: running $f"; xzcat "$f" | docker_process_sql; echo ;;
 			*)        echo "$0: ignoring $f" ;;
 		esac
 		echo
diff --git a/postgres_11-alpine/Dockerfile b/postgres_11-alpine/Dockerfile
index 100ed00..b8f8250 100644
--- a/postgres_11-alpine/Dockerfile
+++ b/postgres_11-alpine/Dockerfile
@@ -5,7 +5,7 @@ FROM alpine:3.11
 # https://git.alpinelinux.org/aports/tree/main/postgresql/postgresql.pre-install?h=3.11-stable
 RUN set -eux; \
 	addgroup -g 70 -S postgres; \
-	adduser -u 70 -S -D -G postgres -H -h /var/lib/postgresql postgres; \
+	adduser -u 70 -S -D -G postgres -H -h /var/lib/postgresql -s /bin/sh postgres; \
 	mkdir -p /var/lib/postgresql; \
 	chown -R postgres:postgres /var/lib/postgresql
 
diff --git a/postgres_11-alpine/docker-entrypoint.sh b/postgres_11-alpine/docker-entrypoint.sh
index f53fa61..78adac6 100755
--- a/postgres_11-alpine/docker-entrypoint.sh
+++ b/postgres_11-alpine/docker-entrypoint.sh
@@ -88,7 +88,7 @@ docker_init_database_dir() {
 }
 
 # print large warning if POSTGRES_PASSWORD is long
-# error if both POSTGRES_PASSWORD is unset and POSTGRES_HOST_AUTH_METHOD is not 'trust'
+# error if both POSTGRES_PASSWORD is empty and POSTGRES_HOST_AUTH_METHOD is not 'trust'
 # print large warning if POSTGRES_HOST_AUTH_METHOD is set to 'trust'
 # assumes database is not set up, ie: [ -z "$DATABASE_ALREADY_EXISTS" ]
 docker_verify_minimum_env() {
@@ -110,12 +110,13 @@ docker_verify_minimum_env() {
 		# The - option suppresses leading tabs but *not* spaces. :)
 		cat >&2 <<-'EOE'
 			Error: Database is uninitialized and superuser password is not specified.
-			       You must specify POSTGRES_PASSWORD for the superuser. Use
-			       "-e POSTGRES_PASSWORD=password" to set it in "docker run".
+			       You must specify POSTGRES_PASSWORD to a non-empty value for the
+			       superuser. For example, "-e POSTGRES_PASSWORD=password" on "docker run".
 
-			       You may also use POSTGRES_HOST_AUTH_METHOD=trust to allow all connections
-			       without a password. This is *not* recommended. See PostgreSQL
-			       documentation about "trust":
+			       You may also use "POSTGRES_HOST_AUTH_METHOD=trust" to allow all
+			       connections without a password. This is *not* recommended.
+
+			       See PostgreSQL documentation about "trust":
 			       https://www.postgresql.org/docs/current/auth-trust.html
 		EOE
 		exit 1
@@ -163,6 +164,7 @@ docker_process_init_files() {
 				;;
 			*.sql)    echo "$0: running $f"; docker_process_sql -f "$f"; echo ;;
 			*.sql.gz) echo "$0: running $f"; gunzip -c "$f" | docker_process_sql; echo ;;
+			*.sql.xz) echo "$0: running $f"; xzcat "$f" | docker_process_sql; echo ;;
 			*)        echo "$0: ignoring $f" ;;
 		esac
 		echo
diff --git a/postgres_11/Dockerfile b/postgres_11/Dockerfile
index f1e9df7..c237e0c 100644
--- a/postgres_11/Dockerfile
+++ b/postgres_11/Dockerfile
@@ -48,12 +48,16 @@ RUN set -eux; \
 	localedef -i en_US -c -f UTF-8 -A /usr/share/locale/locale.alias en_US.UTF-8
 ENV LANG en_US.utf8
 
+RUN set -eux; \
+	apt-get update; \
+	apt-get install -y --no-install-recommends \
 # install "nss_wrapper" in case we need to fake "/etc/passwd" and "/etc/group" (especially for OpenShift)
 # https://github.com/docker-library/postgres/issues/359
 # https://cwrap.org/nss_wrapper.html
-RUN set -eux; \
-	apt-get update; \
-	apt-get install -y --no-install-recommends libnss-wrapper; \
+		libnss-wrapper \
+# install "xz-utils" for .sql.xz docker-entrypoint-initdb.d files
+		xz-utils \
+	; \
 	rm -rf /var/lib/apt/lists/*
 
 RUN mkdir /docker-entrypoint-initdb.d
diff --git a/postgres_11/docker-entrypoint.sh b/postgres_11/docker-entrypoint.sh
index 406a971..a9190b4 100755
--- a/postgres_11/docker-entrypoint.sh
+++ b/postgres_11/docker-entrypoint.sh
@@ -88,7 +88,7 @@ docker_init_database_dir() {
 }
 
 # print large warning if POSTGRES_PASSWORD is long
-# error if both POSTGRES_PASSWORD is unset and POSTGRES_HOST_AUTH_METHOD is not 'trust'
+# error if both POSTGRES_PASSWORD is empty and POSTGRES_HOST_AUTH_METHOD is not 'trust'
 # print large warning if POSTGRES_HOST_AUTH_METHOD is set to 'trust'
 # assumes database is not set up, ie: [ -z "$DATABASE_ALREADY_EXISTS" ]
 docker_verify_minimum_env() {
@@ -110,12 +110,13 @@ docker_verify_minimum_env() {
 		# The - option suppresses leading tabs but *not* spaces. :)
 		cat >&2 <<-'EOE'
 			Error: Database is uninitialized and superuser password is not specified.
-			       You must specify POSTGRES_PASSWORD for the superuser. Use
-			       "-e POSTGRES_PASSWORD=password" to set it in "docker run".
+			       You must specify POSTGRES_PASSWORD to a non-empty value for the
+			       superuser. For example, "-e POSTGRES_PASSWORD=password" on "docker run".
 
-			       You may also use POSTGRES_HOST_AUTH_METHOD=trust to allow all connections
-			       without a password. This is *not* recommended. See PostgreSQL
-			       documentation about "trust":
+			       You may also use "POSTGRES_HOST_AUTH_METHOD=trust" to allow all
+			       connections without a password. This is *not* recommended.
+
+			       See PostgreSQL documentation about "trust":
 			       https://www.postgresql.org/docs/current/auth-trust.html
 		EOE
 		exit 1
@@ -163,6 +164,7 @@ docker_process_init_files() {
 				;;
 			*.sql)    echo "$0: running $f"; docker_process_sql -f "$f"; echo ;;
 			*.sql.gz) echo "$0: running $f"; gunzip -c "$f" | docker_process_sql; echo ;;
+			*.sql.xz) echo "$0: running $f"; xzcat "$f" | docker_process_sql; echo ;;
 			*)        echo "$0: ignoring $f" ;;
 		esac
 		echo
diff --git a/postgres_9-alpine/Dockerfile b/postgres_9-alpine/Dockerfile
index 1daadc1..579444a 100644
--- a/postgres_9-alpine/Dockerfile
+++ b/postgres_9-alpine/Dockerfile
@@ -5,7 +5,7 @@ FROM alpine:3.11
 # https://git.alpinelinux.org/aports/tree/main/postgresql/postgresql.pre-install?h=3.11-stable
 RUN set -eux; \
 	addgroup -g 70 -S postgres; \
-	adduser -u 70 -S -D -G postgres -H -h /var/lib/postgresql postgres; \
+	adduser -u 70 -S -D -G postgres -H -h /var/lib/postgresql -s /bin/sh postgres; \
 	mkdir -p /var/lib/postgresql; \
 	chown -R postgres:postgres /var/lib/postgresql
 
diff --git a/postgres_9-alpine/docker-entrypoint.sh b/postgres_9-alpine/docker-entrypoint.sh
index 8539acd..f87b08b 100755
--- a/postgres_9-alpine/docker-entrypoint.sh
+++ b/postgres_9-alpine/docker-entrypoint.sh
@@ -88,7 +88,7 @@ docker_init_database_dir() {
 }
 
 # print large warning if POSTGRES_PASSWORD is long
-# error if both POSTGRES_PASSWORD is unset and POSTGRES_HOST_AUTH_METHOD is not 'trust'
+# error if both POSTGRES_PASSWORD is empty and POSTGRES_HOST_AUTH_METHOD is not 'trust'
 # print large warning if POSTGRES_HOST_AUTH_METHOD is set to 'trust'
 # assumes database is not set up, ie: [ -z "$DATABASE_ALREADY_EXISTS" ]
 docker_verify_minimum_env() {
@@ -110,12 +110,13 @@ docker_verify_minimum_env() {
 		# The - option suppresses leading tabs but *not* spaces. :)
 		cat >&2 <<-'EOE'
 			Error: Database is uninitialized and superuser password is not specified.
-			       You must specify POSTGRES_PASSWORD for the superuser. Use
-			       "-e POSTGRES_PASSWORD=password" to set it in "docker run".
+			       You must specify POSTGRES_PASSWORD to a non-empty value for the
+			       superuser. For example, "-e POSTGRES_PASSWORD=password" on "docker run".
 
-			       You may also use POSTGRES_HOST_AUTH_METHOD=trust to allow all connections
-			       without a password. This is *not* recommended. See PostgreSQL
-			       documentation about "trust":
+			       You may also use "POSTGRES_HOST_AUTH_METHOD=trust" to allow all
+			       connections without a password. This is *not* recommended.
+
+			       See PostgreSQL documentation about "trust":
 			       https://www.postgresql.org/docs/current/auth-trust.html
 		EOE
 		exit 1
@@ -163,6 +164,7 @@ docker_process_init_files() {
 				;;
 			*.sql)    echo "$0: running $f"; docker_process_sql -f "$f"; echo ;;
 			*.sql.gz) echo "$0: running $f"; gunzip -c "$f" | docker_process_sql; echo ;;
+			*.sql.xz) echo "$0: running $f"; xzcat "$f" | docker_process_sql; echo ;;
 			*)        echo "$0: ignoring $f" ;;
 		esac
 		echo
diff --git a/postgres_9.4-alpine/Dockerfile b/postgres_9.4-alpine/Dockerfile
deleted file mode 100644
index be232c1..0000000
diff --git a/postgres_9.4-alpine/docker-entrypoint.sh b/postgres_9.4-alpine/docker-entrypoint.sh
deleted file mode 100755
index 8539acd..0000000
diff --git a/postgres_9.4/Dockerfile b/postgres_9.4/Dockerfile
deleted file mode 100644
index c4e1616..0000000
diff --git a/postgres_9.4/docker-entrypoint.sh b/postgres_9.4/docker-entrypoint.sh
deleted file mode 100755
index ae5de79..0000000
diff --git a/postgres_9.5-alpine/Dockerfile b/postgres_9.5-alpine/Dockerfile
index e0049aa..06a4a32 100644
--- a/postgres_9.5-alpine/Dockerfile
+++ b/postgres_9.5-alpine/Dockerfile
@@ -5,7 +5,7 @@ FROM alpine:3.11
 # https://git.alpinelinux.org/aports/tree/main/postgresql/postgresql.pre-install?h=3.11-stable
 RUN set -eux; \
 	addgroup -g 70 -S postgres; \
-	adduser -u 70 -S -D -G postgres -H -h /var/lib/postgresql postgres; \
+	adduser -u 70 -S -D -G postgres -H -h /var/lib/postgresql -s /bin/sh postgres; \
 	mkdir -p /var/lib/postgresql; \
 	chown -R postgres:postgres /var/lib/postgresql
 
diff --git a/postgres_9.5-alpine/docker-entrypoint.sh b/postgres_9.5-alpine/docker-entrypoint.sh
index 8539acd..f87b08b 100755
--- a/postgres_9.5-alpine/docker-entrypoint.sh
+++ b/postgres_9.5-alpine/docker-entrypoint.sh
@@ -88,7 +88,7 @@ docker_init_database_dir() {
 }
 
 # print large warning if POSTGRES_PASSWORD is long
-# error if both POSTGRES_PASSWORD is unset and POSTGRES_HOST_AUTH_METHOD is not 'trust'
+# error if both POSTGRES_PASSWORD is empty and POSTGRES_HOST_AUTH_METHOD is not 'trust'
 # print large warning if POSTGRES_HOST_AUTH_METHOD is set to 'trust'
 # assumes database is not set up, ie: [ -z "$DATABASE_ALREADY_EXISTS" ]
 docker_verify_minimum_env() {
@@ -110,12 +110,13 @@ docker_verify_minimum_env() {
 		# The - option suppresses leading tabs but *not* spaces. :)
 		cat >&2 <<-'EOE'
 			Error: Database is uninitialized and superuser password is not specified.
-			       You must specify POSTGRES_PASSWORD for the superuser. Use
-			       "-e POSTGRES_PASSWORD=password" to set it in "docker run".
+			       You must specify POSTGRES_PASSWORD to a non-empty value for the
+			       superuser. For example, "-e POSTGRES_PASSWORD=password" on "docker run".
 
-			       You may also use POSTGRES_HOST_AUTH_METHOD=trust to allow all connections
-			       without a password. This is *not* recommended. See PostgreSQL
-			       documentation about "trust":
+			       You may also use "POSTGRES_HOST_AUTH_METHOD=trust" to allow all
+			       connections without a password. This is *not* recommended.
+
+			       See PostgreSQL documentation about "trust":
 			       https://www.postgresql.org/docs/current/auth-trust.html
 		EOE
 		exit 1
@@ -163,6 +164,7 @@ docker_process_init_files() {
 				;;
 			*.sql)    echo "$0: running $f"; docker_process_sql -f "$f"; echo ;;
 			*.sql.gz) echo "$0: running $f"; gunzip -c "$f" | docker_process_sql; echo ;;
+			*.sql.xz) echo "$0: running $f"; xzcat "$f" | docker_process_sql; echo ;;
 			*)        echo "$0: ignoring $f" ;;
 		esac
 		echo
diff --git a/postgres_9.5/Dockerfile b/postgres_9.5/Dockerfile
index d17a56b..ec2f6b8 100644
--- a/postgres_9.5/Dockerfile
+++ b/postgres_9.5/Dockerfile
@@ -48,12 +48,16 @@ RUN set -eux; \
 	localedef -i en_US -c -f UTF-8 -A /usr/share/locale/locale.alias en_US.UTF-8
 ENV LANG en_US.utf8
 
+RUN set -eux; \
+	apt-get update; \
+	apt-get install -y --no-install-recommends \
 # install "nss_wrapper" in case we need to fake "/etc/passwd" and "/etc/group" (especially for OpenShift)
 # https://github.com/docker-library/postgres/issues/359
 # https://cwrap.org/nss_wrapper.html
-RUN set -eux; \
-	apt-get update; \
-	apt-get install -y --no-install-recommends libnss-wrapper; \
+		libnss-wrapper \
+# install "xz-utils" for .sql.xz docker-entrypoint-initdb.d files
+		xz-utils \
+	; \
 	rm -rf /var/lib/apt/lists/*
 
 RUN mkdir /docker-entrypoint-initdb.d
diff --git a/postgres_9.5/docker-entrypoint.sh b/postgres_9.5/docker-entrypoint.sh
index ae5de79..84eb98d 100755
--- a/postgres_9.5/docker-entrypoint.sh
+++ b/postgres_9.5/docker-entrypoint.sh
@@ -88,7 +88,7 @@ docker_init_database_dir() {
 }
 
 # print large warning if POSTGRES_PASSWORD is long
-# error if both POSTGRES_PASSWORD is unset and POSTGRES_HOST_AUTH_METHOD is not 'trust'
+# error if both POSTGRES_PASSWORD is empty and POSTGRES_HOST_AUTH_METHOD is not 'trust'
 # print large warning if POSTGRES_HOST_AUTH_METHOD is set to 'trust'
 # assumes database is not set up, ie: [ -z "$DATABASE_ALREADY_EXISTS" ]
 docker_verify_minimum_env() {
@@ -110,12 +110,13 @@ docker_verify_minimum_env() {
 		# The - option suppresses leading tabs but *not* spaces. :)
 		cat >&2 <<-'EOE'
 			Error: Database is uninitialized and superuser password is not specified.
-			       You must specify POSTGRES_PASSWORD for the superuser. Use
-			       "-e POSTGRES_PASSWORD=password" to set it in "docker run".
+			       You must specify POSTGRES_PASSWORD to a non-empty value for the
+			       superuser. For example, "-e POSTGRES_PASSWORD=password" on "docker run".
 
-			       You may also use POSTGRES_HOST_AUTH_METHOD=trust to allow all connections
-			       without a password. This is *not* recommended. See PostgreSQL
-			       documentation about "trust":
+			       You may also use "POSTGRES_HOST_AUTH_METHOD=trust" to allow all
+			       connections without a password. This is *not* recommended.
+
+			       See PostgreSQL documentation about "trust":
 			       https://www.postgresql.org/docs/current/auth-trust.html
 		EOE
 		exit 1
@@ -163,6 +164,7 @@ docker_process_init_files() {
 				;;
 			*.sql)    echo "$0: running $f"; docker_process_sql -f "$f"; echo ;;
 			*.sql.gz) echo "$0: running $f"; gunzip -c "$f" | docker_process_sql; echo ;;
+			*.sql.xz) echo "$0: running $f"; xzcat "$f" | docker_process_sql; echo ;;
 			*)        echo "$0: ignoring $f" ;;
 		esac
 		echo
diff --git a/postgres_9/Dockerfile b/postgres_9/Dockerfile
index 587f982..fbe2662 100644
--- a/postgres_9/Dockerfile
+++ b/postgres_9/Dockerfile
@@ -48,12 +48,16 @@ RUN set -eux; \
 	localedef -i en_US -c -f UTF-8 -A /usr/share/locale/locale.alias en_US.UTF-8
 ENV LANG en_US.utf8
 
+RUN set -eux; \
+	apt-get update; \
+	apt-get install -y --no-install-recommends \
 # install "nss_wrapper" in case we need to fake "/etc/passwd" and "/etc/group" (especially for OpenShift)
 # https://github.com/docker-library/postgres/issues/359
 # https://cwrap.org/nss_wrapper.html
-RUN set -eux; \
-	apt-get update; \
-	apt-get install -y --no-install-recommends libnss-wrapper; \
+		libnss-wrapper \
+# install "xz-utils" for .sql.xz docker-entrypoint-initdb.d files
+		xz-utils \
+	; \
 	rm -rf /var/lib/apt/lists/*
 
 RUN mkdir /docker-entrypoint-initdb.d
diff --git a/postgres_9/docker-entrypoint.sh b/postgres_9/docker-entrypoint.sh
index ae5de79..84eb98d 100755
--- a/postgres_9/docker-entrypoint.sh
+++ b/postgres_9/docker-entrypoint.sh
@@ -88,7 +88,7 @@ docker_init_database_dir() {
 }
 
 # print large warning if POSTGRES_PASSWORD is long
-# error if both POSTGRES_PASSWORD is unset and POSTGRES_HOST_AUTH_METHOD is not 'trust'
+# error if both POSTGRES_PASSWORD is empty and POSTGRES_HOST_AUTH_METHOD is not 'trust'
 # print large warning if POSTGRES_HOST_AUTH_METHOD is set to 'trust'
 # assumes database is not set up, ie: [ -z "$DATABASE_ALREADY_EXISTS" ]
 docker_verify_minimum_env() {
@@ -110,12 +110,13 @@ docker_verify_minimum_env() {
 		# The - option suppresses leading tabs but *not* spaces. :)
 		cat >&2 <<-'EOE'
 			Error: Database is uninitialized and superuser password is not specified.
-			       You must specify POSTGRES_PASSWORD for the superuser. Use
-			       "-e POSTGRES_PASSWORD=password" to set it in "docker run".
+			       You must specify POSTGRES_PASSWORD to a non-empty value for the
+			       superuser. For example, "-e POSTGRES_PASSWORD=password" on "docker run".
 
-			       You may also use POSTGRES_HOST_AUTH_METHOD=trust to allow all connections
-			       without a password. This is *not* recommended. See PostgreSQL
-			       documentation about "trust":
+			       You may also use "POSTGRES_HOST_AUTH_METHOD=trust" to allow all
+			       connections without a password. This is *not* recommended.
+
+			       See PostgreSQL documentation about "trust":
 			       https://www.postgresql.org/docs/current/auth-trust.html
 		EOE
 		exit 1
@@ -163,6 +164,7 @@ docker_process_init_files() {
 				;;
 			*.sql)    echo "$0: running $f"; docker_process_sql -f "$f"; echo ;;
 			*.sql.gz) echo "$0: running $f"; gunzip -c "$f" | docker_process_sql; echo ;;
+			*.sql.xz) echo "$0: running $f"; xzcat "$f" | docker_process_sql; echo ;;
 			*)        echo "$0: ignoring $f" ;;
 		esac
 		echo
diff --git a/postgres_alpine/Dockerfile b/postgres_alpine/Dockerfile
index e60c5c9..a805d7a 100644
--- a/postgres_alpine/Dockerfile
+++ b/postgres_alpine/Dockerfile
@@ -5,7 +5,7 @@ FROM alpine:3.11
 # https://git.alpinelinux.org/aports/tree/main/postgresql/postgresql.pre-install?h=3.11-stable
 RUN set -eux; \
 	addgroup -g 70 -S postgres; \
-	adduser -u 70 -S -D -G postgres -H -h /var/lib/postgresql postgres; \
+	adduser -u 70 -S -D -G postgres -H -h /var/lib/postgresql -s /bin/sh postgres; \
 	mkdir -p /var/lib/postgresql; \
 	chown -R postgres:postgres /var/lib/postgresql
 
diff --git a/postgres_alpine/docker-entrypoint.sh b/postgres_alpine/docker-entrypoint.sh
index f53fa61..78adac6 100755
--- a/postgres_alpine/docker-entrypoint.sh
+++ b/postgres_alpine/docker-entrypoint.sh
@@ -88,7 +88,7 @@ docker_init_database_dir() {
 }
 
 # print large warning if POSTGRES_PASSWORD is long
-# error if both POSTGRES_PASSWORD is unset and POSTGRES_HOST_AUTH_METHOD is not 'trust'
+# error if both POSTGRES_PASSWORD is empty and POSTGRES_HOST_AUTH_METHOD is not 'trust'
 # print large warning if POSTGRES_HOST_AUTH_METHOD is set to 'trust'
 # assumes database is not set up, ie: [ -z "$DATABASE_ALREADY_EXISTS" ]
 docker_verify_minimum_env() {
@@ -110,12 +110,13 @@ docker_verify_minimum_env() {
 		# The - option suppresses leading tabs but *not* spaces. :)
 		cat >&2 <<-'EOE'
 			Error: Database is uninitialized and superuser password is not specified.
-			       You must specify POSTGRES_PASSWORD for the superuser. Use
-			       "-e POSTGRES_PASSWORD=password" to set it in "docker run".
+			       You must specify POSTGRES_PASSWORD to a non-empty value for the
+			       superuser. For example, "-e POSTGRES_PASSWORD=password" on "docker run".
 
-			       You may also use POSTGRES_HOST_AUTH_METHOD=trust to allow all connections
-			       without a password. This is *not* recommended. See PostgreSQL
-			       documentation about "trust":
+			       You may also use "POSTGRES_HOST_AUTH_METHOD=trust" to allow all
+			       connections without a password. This is *not* recommended.
+
+			       See PostgreSQL documentation about "trust":
 			       https://www.postgresql.org/docs/current/auth-trust.html
 		EOE
 		exit 1
@@ -163,6 +164,7 @@ docker_process_init_files() {
 				;;
 			*.sql)    echo "$0: running $f"; docker_process_sql -f "$f"; echo ;;
 			*.sql.gz) echo "$0: running $f"; gunzip -c "$f" | docker_process_sql; echo ;;
+			*.sql.xz) echo "$0: running $f"; xzcat "$f" | docker_process_sql; echo ;;
 			*)        echo "$0: ignoring $f" ;;
 		esac
 		echo
diff --git a/postgres_latest/Dockerfile b/postgres_latest/Dockerfile
index bb24f5a..013d33a 100644
--- a/postgres_latest/Dockerfile
+++ b/postgres_latest/Dockerfile
@@ -48,12 +48,16 @@ RUN set -eux; \
 	localedef -i en_US -c -f UTF-8 -A /usr/share/locale/locale.alias en_US.UTF-8
 ENV LANG en_US.utf8
 
+RUN set -eux; \
+	apt-get update; \
+	apt-get install -y --no-install-recommends \
 # install "nss_wrapper" in case we need to fake "/etc/passwd" and "/etc/group" (especially for OpenShift)
 # https://github.com/docker-library/postgres/issues/359
 # https://cwrap.org/nss_wrapper.html
-RUN set -eux; \
-	apt-get update; \
-	apt-get install -y --no-install-recommends libnss-wrapper; \
+		libnss-wrapper \
+# install "xz-utils" for .sql.xz docker-entrypoint-initdb.d files
+		xz-utils \
+	; \
 	rm -rf /var/lib/apt/lists/*
 
 RUN mkdir /docker-entrypoint-initdb.d
diff --git a/postgres_latest/docker-entrypoint.sh b/postgres_latest/docker-entrypoint.sh
index 406a971..a9190b4 100755
--- a/postgres_latest/docker-entrypoint.sh
+++ b/postgres_latest/docker-entrypoint.sh
@@ -88,7 +88,7 @@ docker_init_database_dir() {
 }
 
 # print large warning if POSTGRES_PASSWORD is long
-# error if both POSTGRES_PASSWORD is unset and POSTGRES_HOST_AUTH_METHOD is not 'trust'
+# error if both POSTGRES_PASSWORD is empty and POSTGRES_HOST_AUTH_METHOD is not 'trust'
 # print large warning if POSTGRES_HOST_AUTH_METHOD is set to 'trust'
 # assumes database is not set up, ie: [ -z "$DATABASE_ALREADY_EXISTS" ]
 docker_verify_minimum_env() {
@@ -110,12 +110,13 @@ docker_verify_minimum_env() {
 		# The - option suppresses leading tabs but *not* spaces. :)
 		cat >&2 <<-'EOE'
 			Error: Database is uninitialized and superuser password is not specified.
-			       You must specify POSTGRES_PASSWORD for the superuser. Use
-			       "-e POSTGRES_PASSWORD=password" to set it in "docker run".
+			       You must specify POSTGRES_PASSWORD to a non-empty value for the
+			       superuser. For example, "-e POSTGRES_PASSWORD=password" on "docker run".
 
-			       You may also use POSTGRES_HOST_AUTH_METHOD=trust to allow all connections
-			       without a password. This is *not* recommended. See PostgreSQL
-			       documentation about "trust":
+			       You may also use "POSTGRES_HOST_AUTH_METHOD=trust" to allow all
+			       connections without a password. This is *not* recommended.
+
+			       See PostgreSQL documentation about "trust":
 			       https://www.postgresql.org/docs/current/auth-trust.html
 		EOE
 		exit 1
@@ -163,6 +164,7 @@ docker_process_init_files() {
 				;;
 			*.sql)    echo "$0: running $f"; docker_process_sql -f "$f"; echo ;;
 			*.sql.gz) echo "$0: running $f"; gunzip -c "$f" | docker_process_sql; echo ;;
+			*.sql.xz) echo "$0: running $f"; xzcat "$f" | docker_process_sql; echo ;;
 			*)        echo "$0: ignoring $f" ;;
 		esac
 		echo

@yosifkit
Copy link
Member Author

Build test of #7504; 6388e3a; amd64 (postgres):

$ bashbrew build postgres:12.2
Building bashbrew/cache:dbdf7f77e553306e8df928621059fe9362e24c4111e4319ad39e2b1dd9895155 (postgres:12.2)
Tagging postgres:12.2
Tagging postgres:12
Tagging postgres:latest

$ test/run.sh postgres:12.2
testing postgres:12.2
	'utc' [1/6]...passed
	'cve-2014--shellshock' [2/6]...passed
	'no-hard-coded-passwords' [3/6]...passed
	'override-cmd' [4/6]...passed
	'postgres-basics' [5/6]....passed
	'postgres-initdb' [6/6]....passed


$ bashbrew build postgres:12.2-alpine
Building bashbrew/cache:93236e58fa685b028afb168299bcfde0e546447b20504cb3fa5308eb1f182e20 (postgres:12.2-alpine)
Tagging postgres:12.2-alpine
Tagging postgres:12-alpine
Tagging postgres:alpine

$ test/run.sh postgres:12.2-alpine
testing postgres:12.2-alpine
	'utc' [1/6]...passed
	'cve-2014--shellshock' [2/6]...passed
	'no-hard-coded-passwords' [3/6]...passed
	'override-cmd' [4/6]...passed
	'postgres-basics' [5/6]....passed
	'postgres-initdb' [6/6]....passed


$ bashbrew build postgres:11.7
Building bashbrew/cache:004bbb96db29e783faea0627d6781c819fbd8882afc44c9ebd9d53e65f16af1b (postgres:11.7)
Tagging postgres:11.7
Tagging postgres:11

$ test/run.sh postgres:11.7
testing postgres:11.7
	'utc' [1/6]...passed
	'cve-2014--shellshock' [2/6]...passed
	'no-hard-coded-passwords' [3/6]...passed
	'override-cmd' [4/6]...passed
	'postgres-basics' [5/6].....passed
	'postgres-initdb' [6/6]....passed


$ bashbrew build postgres:11.7-alpine
Building bashbrew/cache:b3f19ecc36d1ff91a2d49bb176196a2cb2cc219394878c94960410f6a803956d (postgres:11.7-alpine)
Tagging postgres:11.7-alpine
Tagging postgres:11-alpine

$ test/run.sh postgres:11.7-alpine
testing postgres:11.7-alpine
	'utc' [1/6]...passed
	'cve-2014--shellshock' [2/6]...passed
	'no-hard-coded-passwords' [3/6]...passed
	'override-cmd' [4/6]...passed
	'postgres-basics' [5/6]....passed
	'postgres-initdb' [6/6]....passed


$ bashbrew build postgres:10.12
Building bashbrew/cache:6aca459c7d5aadfdb65302f3c401056c2b3f4192d110f768b4c697c9aa3baf27 (postgres:10.12)
Tagging postgres:10.12
Tagging postgres:10

$ test/run.sh postgres:10.12
testing postgres:10.12
	'utc' [1/6]...passed
	'cve-2014--shellshock' [2/6]...passed
	'no-hard-coded-passwords' [3/6]...passed
	'override-cmd' [4/6]...passed
	'postgres-basics' [5/6]....passed
	'postgres-initdb' [6/6]....passed


$ bashbrew build postgres:10.12-alpine
Building bashbrew/cache:cc0adbb3a20eeb8d1fac6d6113b88db69c644fe2edfe25b952502c92864d180b (postgres:10.12-alpine)
Tagging postgres:10.12-alpine
Tagging postgres:10-alpine

$ test/run.sh postgres:10.12-alpine
testing postgres:10.12-alpine
	'utc' [1/6]...passed
	'cve-2014--shellshock' [2/6]...passed
	'no-hard-coded-passwords' [3/6]...passed
	'override-cmd' [4/6]...passed
	'postgres-basics' [5/6]....passed
	'postgres-initdb' [6/6]....passed


$ bashbrew build postgres:9.6.17
Building bashbrew/cache:7fe0a74b0ea122847d7246c0494f087c1afa33150f062c696f1fe775d1e6a04a (postgres:9.6.17)
Tagging postgres:9.6.17
Tagging postgres:9.6
Tagging postgres:9

$ test/run.sh postgres:9.6.17
testing postgres:9.6.17
	'utc' [1/6]...passed
	'cve-2014--shellshock' [2/6]...passed
	'no-hard-coded-passwords' [3/6]...passed
	'override-cmd' [4/6]...passed
	'postgres-basics' [5/6]....passed
	'postgres-initdb' [6/6]....passed


$ bashbrew build postgres:9.6.17-alpine
Building bashbrew/cache:b21f89ece43d6b464721843451759f6d4c327f33327bf1b8466543967b07b57f (postgres:9.6.17-alpine)
Tagging postgres:9.6.17-alpine
Tagging postgres:9.6-alpine
Tagging postgres:9-alpine

$ test/run.sh postgres:9.6.17-alpine
testing postgres:9.6.17-alpine
	'utc' [1/6]...passed
	'cve-2014--shellshock' [2/6]...passed
	'no-hard-coded-passwords' [3/6]...passed
	'override-cmd' [4/6]...passed
	'postgres-basics' [5/6].....passed
	'postgres-initdb' [6/6].....passed


$ bashbrew build postgres:9.5.21
Building bashbrew/cache:eafd14d91e64722d99411b795b0316604a8e0bc202df6ce507c873e80368a493 (postgres:9.5.21)
Tagging postgres:9.5.21
Tagging postgres:9.5

$ test/run.sh postgres:9.5.21
testing postgres:9.5.21
	'utc' [1/6]...passed
	'cve-2014--shellshock' [2/6]...passed
	'no-hard-coded-passwords' [3/6]...passed
	'override-cmd' [4/6]...passed
	'postgres-basics' [5/6].....passed
	'postgres-initdb' [6/6].....passed


$ bashbrew build postgres:9.5.21-alpine
Building bashbrew/cache:655f8ca831ee948b75910706dd3f74df37e9456b9dbb58d13f12e41e2a4c3e23 (postgres:9.5.21-alpine)
Tagging postgres:9.5.21-alpine
Tagging postgres:9.5-alpine

$ test/run.sh postgres:9.5.21-alpine
testing postgres:9.5.21-alpine
	'utc' [1/6]...passed
	'cve-2014--shellshock' [2/6]...passed
	'no-hard-coded-passwords' [3/6]...passed
	'override-cmd' [4/6]...passed
	'postgres-basics' [5/6].....passed
	'postgres-initdb' [6/6].....passed

@yosifkit yosifkit merged commit 78db93c into docker-library:master Feb 20, 2020
@yosifkit yosifkit deleted the postgres branch February 20, 2020 23:15
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
library/postgres
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@yosifkit @docker-library-bot