kjuulh/post3
1
0
Fork 0
Code Issues Pull Requests 1 Actions Packages Projects Releases Wiki Activity

feat: add post3 s3 proxy for postgresql

Browse Source 
Signed-off-by: kjuulh <contact@kjuulh.io>
This commit is contained in:
Kasper Juul Hermansen
2026-02-27 11:37:48 +01:00
commit 21bac4a33f
67 changed files with 14403 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

11
ci/Cargo.toml Normal file
View File

@@ -0,0 +1,11 @@
[package]
name = "ci"
version = "0.1.0"
edition = "2024"
publish = false
[dependencies]
dagger-sdk.workspace = true
eyre.workspace = true
tokio.workspace = true
clap.workspace = true

258
ci/src/main.rs Normal file
View File

@@ -0,0 +1,258 @@
use std::path::PathBuf;
use clap::Parser;
const BIN_NAME: &str = "post3-server";
const MOLD_VERSION: &str = "2.40.4";
#[derive(Parser)]
#[command(name = "ci")]
enum Cli {
/// Run PR validation pipeline (check + test + build)
Pr,
/// Run main branch pipeline (check + test + build)
Main,
}
#[tokio::main]
async fn main() -> eyre::Result<()> {
let cli = Cli::parse();
dagger_sdk::connect(|client| async move {
match cli {
Cli::Pr => run_pr(&client).await?,
Cli::Main => run_main(&client).await?,
}
Ok(())
})
.await?;
Ok(())
}
async fn run_pr(client: &dagger_sdk::Query) -> eyre::Result<()> {
eprintln!("==> PR pipeline: check + test + build");
let base = build_base(client).await?;
// Step 1: cargo check
eprintln!("--- cargo check --workspace");
base.clone()
.with_exec(vec!["cargo", "check", "--workspace"])
.sync()
.await?;
// Step 2: tests with PostgreSQL service
eprintln!("--- running tests");
run_tests(client, &base).await?;
// Step 3: build release binary + package image
eprintln!("--- building release image");
let _image = build_release_image(client, &base).await?;
eprintln!("==> PR pipeline complete");
Ok(())
}
async fn run_main(client: &dagger_sdk::Query) -> eyre::Result<()> {
eprintln!("==> Main pipeline: check + test + build");
let base = build_base(client).await?;
eprintln!("--- cargo check --workspace");
base.clone()
.with_exec(vec!["cargo", "check", "--workspace"])
.sync()
.await?;
eprintln!("--- running tests");
run_tests(client, &base).await?;
eprintln!("--- building release image");
let _image = build_release_image(client, &base).await?;
eprintln!("==> Main pipeline complete");
Ok(())
}
/// Load source from host, excluding build artifacts.
fn load_source(client: &dagger_sdk::Query) -> eyre::Result<dagger_sdk::Directory> {
let src = client.host().directory_opts(
".",
dagger_sdk::HostDirectoryOptsBuilder::default()
.exclude(vec!["target/", ".git/", "node_modules/", ".cuddle/"])
.build()?,
);
Ok(src)
}
/// Load dependency-only source (Cargo.toml + Cargo.lock, no src/ or tests/).
fn load_dep_source(client: &dagger_sdk::Query) -> eyre::Result<dagger_sdk::Directory> {
let src = client.host().directory_opts(
".",
dagger_sdk::HostDirectoryOptsBuilder::default()
.exclude(vec![
"target/",
".git/",
"node_modules/",
".cuddle/",
"**/src",
"**/tests",
])
.build()?,
);
Ok(src)
}
/// Create skeleton source files so cargo can resolve deps without real source.
fn create_skeleton_files(client: &dagger_sdk::Query) -> eyre::Result<dagger_sdk::Directory> {
let main_content = r#"fn main() { panic!("skeleton"); }"#;
let lib_content = r#"pub fn _skeleton() {}"#;
let crate_paths = discover_crates()?;
let mut dir = client.directory();
for crate_path in &crate_paths {
let src_dir = crate_path.join("src");
dir = dir.with_new_file(src_dir.join("main.rs").to_string_lossy().to_string(), main_content);
dir = dir.with_new_file(src_dir.join("lib.rs").to_string_lossy().to_string(), lib_content);
}
// Also add skeleton for ci/ crate itself
dir = dir.with_new_file("ci/src/main.rs".to_string(), main_content);
Ok(dir)
}
/// Discover workspace crate directories on the host.
fn discover_crates() -> eyre::Result<Vec<PathBuf>> {
let crates_dir = PathBuf::from("crates");
let mut crate_paths = Vec::new();
if crates_dir.is_dir() {
for entry in std::fs::read_dir(&crates_dir)? {
let entry = entry?;
if entry.file_type()?.is_dir() {
crate_paths.push(entry.path());
}
}
}
Ok(crate_paths)
}
/// Build the base Rust container with all deps cached.
async fn build_base(client: &dagger_sdk::Query) -> eyre::Result<dagger_sdk::Container> {
let src = load_source(client)?;
let dep_src = load_dep_source(client)?;
let skeleton = create_skeleton_files(client)?;
// Merge skeleton files into dep source so cargo can resolve the workspace
let dep_src_with_skeleton = dep_src.with_directory(".", skeleton);
// Base rust image with build tools
let rust_base = client
.container()
.from("rustlang/rust:nightly")
.with_exec(vec!["apt", "update"])
.with_exec(vec!["apt", "install", "-y", "clang", "wget"])
// Install mold linker
.with_exec(vec![
"wget",
"-q",
&format!(
"https://github.com/rui314/mold/releases/download/v{MOLD_VERSION}/mold-{MOLD_VERSION}-x86_64-linux.tar.gz"
),
])
.with_exec(vec![
"tar",
"-xf",
&format!("mold-{MOLD_VERSION}-x86_64-linux.tar.gz"),
])
.with_exec(vec![
"mv",
&format!("mold-{MOLD_VERSION}-x86_64-linux/bin/mold"),
"/usr/bin/mold",
]);
// Step 1: build deps with skeleton source (cacheable layer)
let prebuild = rust_base
.clone()
.with_workdir("/mnt/src")
.with_directory("/mnt/src", dep_src_with_skeleton)
.with_exec(vec!["cargo", "build", "--release", "--bin", BIN_NAME]);
// Step 2: copy cargo registry from prebuild (avoids re-downloading deps)
// Don't copy target/ — Dagger normalizes timestamps which breaks cargo fingerprinting
let build_container = rust_base
.with_workdir("/mnt/src")
.with_directory(
"/usr/local/cargo",
prebuild.directory("/usr/local/cargo"),
)
.with_directory("/mnt/src/", src);
Ok(build_container)
}
/// Run tests against a PostgreSQL service container.
async fn run_tests(
client: &dagger_sdk::Query,
base: &dagger_sdk::Container,
) -> eyre::Result<()> {
let postgres = client
.container()
.from("postgres:18-alpine")
.with_env_variable("POSTGRES_DB", "post3_dev")
.with_env_variable("POSTGRES_USER", "devuser")
.with_env_variable("POSTGRES_PASSWORD", "devpassword")
.with_exposed_port(5432)
.as_service();
base.clone()
.with_service_binding("postgres", postgres)
.with_env_variable(
"DATABASE_URL",
"postgresql://devuser:devpassword@postgres:5432/post3_dev",
)
.with_exec(vec![
"cargo",
"test",
"--workspace",
"--",
"--test-threads=1",
])
.sync()
.await?;
Ok(())
}
/// Build release binary and package into a slim image.
async fn build_release_image(
client: &dagger_sdk::Query,
base: &dagger_sdk::Container,
) -> eyre::Result<dagger_sdk::Container> {
// Build release binary
let built = base
.clone()
.with_exec(vec!["cargo", "build", "--release", "--bin", BIN_NAME]);
let binary = built.file(format!("/mnt/src/target/release/{BIN_NAME}"));
// Package into slim debian image
let final_image = client
.container()
.from("debian:bookworm-slim")
.with_exec(vec!["apt", "update"])
.with_exec(vec!["apt", "install", "-y", "ca-certificates"])
.with_exec(vec!["rm", "-rf", "/var/lib/apt/lists/*"])
.with_file(format!("/usr/local/bin/{BIN_NAME}"), binary)
.with_exec(vec![BIN_NAME, "--help"]);
// Execute to verify the image works
final_image.sync().await?;
eprintln!("--- release image built successfully");
Ok(final_image)
}