feat!: release SnowID 3.0.0#49
Conversation
there was change on how "generate" function works, now it does not wait for next millisecond, which drastically improve performance during high loads generate() uses logical timestamp generation by default: it always returns an ID and advances the timestamp component instead of waiting when the current millisecond's sequence range is exhausted.
Reduce CI wall time by avoiding redundant work across architecture jobs and pull requests. - cache cargo-pgrx binary by resolved pgrx version and skip reinstall when already present - run clippy, pgrx tests, and packaged SQL validation once on amd64 - run Docker build/publish matrix only for workflow_call with publish_images=true
Use the reusable workflow input directly for Docker publish jobs so release builds still run when called from the push-triggered release workflow. Split cargo-pgrx installation from pgrx initialization to make CI timing easier to inspect.
Split formatting, linting, pgrx tests, and multi-arch packaging into separate jobs so independent failures surface earlier. Move shared Rust/PostgreSQL/pgrx setup into a local composite action to keep the workflow smaller while preserving the amd64 and arm64 package artifacts for Docker releases.
Run lint and pgrx tests through one matrixed validation job so they stay parallel while sharing the same checkout and pgrx setup definition.
WalkthroughThis PR releases pg_snowid version 3.0.0 with infrastructure improvements. A new PGRX GitHub composite action standardizes PostgreSQL build environment setup across CI workflows. The CI pipeline is refactored from separate format and compile jobs into a unified validation matrix and parallel packaging for multiple architectures. Version metadata is updated throughout (Cargo.toml, control file, changelog, and SQL migrations), and Docker base images are updated to target PostgreSQL 18.4. Changespg_snowid 3.0.0 Release and CI Infrastructure
Estimated code review effort🎯 2 (Simple) | ⏱️ ~12 minutes Possibly related PRs
Poem
🚥 Pre-merge checks | ✅ 5✅ Passed checks (5 passed)
✏️ Tip: You can configure your own custom pre-merge checks in the settings. ✨ Finishing Touches📝 Generate docstrings
🧪 Generate unit tests (beta)
Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out. Comment |
Resolve pgrx from the checked-out workspace Cargo.toml inside the composite action and fail fast if the version is empty.
Remove pgrx dependency parsing from the composite action and require callers to pass the cargo-pgrx version directly.
Use the shared setup-pgrx action for every validation matrix entry so format, lint, and tests exercise the same cached setup path.
There was a problem hiding this comment.
Actionable comments posted: 1
🧹 Nitpick comments (1)
sql/pg_snowid--2.4.0--3.0.0.sql (1)
1-2: ⚡ Quick winConfirm empty
pg_snowidmigration is intentional (repo-wide pattern)
sql/pg_snowid--2.4.0--3.0.0.sqlcontains only the header comment, and every othersql/pg_snowid--*.sqlmigration in this repo is also comment-only (no non-comment SQL statements). The empty migration is therefore consistent with the established migration approach, and upgrades will pick up the Rust behavior change automatically.Optionally, align the header text with the other migrations’ “no SQL schema changes / library updated” messaging and explicitly call out the behavioral change for operators.
🤖 Prompt for AI Agents
Verify each finding against current code. Fix only still-valid issues, skip the rest with a brief reason, keep changes minimal, and validate. In `@sql/pg_snowid--2.4.0--3.0.0.sql` around lines 1 - 2, Confirm that the empty migration in pg_snowid--2.4.0--3.0.0.sql is intentional; if you want to make the intent explicit, replace the header comment with the same standard phrasing used by other pg_snowid migrations (e.g., "no SQL schema changes; library updated — behavioral change: runtime ID generation moved to Rust; operators should restart services to pick up behavior change") so operators see the behavioral change note; otherwise leave the file as-is to match the repo-wide pattern.
🤖 Prompt for all review comments with AI agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.
Inline comments:
In @.github/workflows/ci.yml:
- Around line 39-43: Replace moving tag refs in all workflow and action uses
with pinned full 40-character commit SHAs: locate each `uses:` entry such as
actions/checkout@v6, dtolnay/rust-toolchain@stable, actions/upload-artifact@v7,
actions/download-artifact@v8, Swatinem/rust-cache@v2 and any docker/* actions
across the workflows and action metadata, find the corresponding repository
commit SHA for the version you intend to lock to, and update `uses:` to the form
owner/repo@<full-40-char-sha> for each occurrence in .github/workflows/ci.yml,
.github/workflows/release.yml and .github/actions/setup-pgrx/action.yml (and any
other workflow files) to ensure immutable pins.
---
Nitpick comments:
In `@sql/pg_snowid--2.4.0--3.0.0.sql`:
- Around line 1-2: Confirm that the empty migration in
pg_snowid--2.4.0--3.0.0.sql is intentional; if you want to make the intent
explicit, replace the header comment with the same standard phrasing used by
other pg_snowid migrations (e.g., "no SQL schema changes; library updated —
behavioral change: runtime ID generation moved to Rust; operators should restart
services to pick up behavior change") so operators see the behavioral change
note; otherwise leave the file as-is to match the repo-wide pattern.
🪄 Autofix (Beta)
Fix all unresolved CodeRabbit comments on this PR:
- Push a commit to this branch (recommended)
- Create a new PR with the fixes
ℹ️ Review info
⚙️ Run configuration
Configuration used: Organization UI
Review profile: CHILL
Plan: Pro
Run ID: 447fd1eb-e498-4bd0-b4e4-1e2726370401
⛔ Files ignored due to path filters (1)
Cargo.lockis excluded by!**/*.lock
📒 Files selected for processing (9)
.github/actions/setup-pgrx/action.yml.github/workflows/ci.ymlCHANGELOG.mdCargo.tomlimages/cloudnative-pg/Dockerfileimages/dev/Dockerfileimages/pg/Dockerfilepg_snowid.controlsql/pg_snowid--2.4.0--3.0.0.sql
| uses: actions/checkout@v6 | ||
|
|
||
| - name: 🦀 Setup Rust | ||
| if: ${{ !matrix.check.requires-pgrx }} | ||
| uses: dtolnay/rust-toolchain@stable |
There was a problem hiding this comment.
🧩 Analysis chain
🏁 Script executed:
#!/bin/bash
# Verify all non-SHA pinned GitHub Actions references in workflow/action files.
# Expected: no output after remediation.
rg -nP '^\s*uses:\s*[^@\s]+@(?!(?:[0-9a-f]{40})\b)[^\s]+' .github/workflows .github/actionsRepository: rixlhq/snowid-postgres
Length of output: 1205
Pin GitHub Actions to immutable commit SHAs (supply-chain hardening).
.github/workflows/ci.yml uses moving tag refs (not full commit SHAs) in multiple uses: entries, including actions/checkout@v6, dtolnay/rust-toolchain@stable, actions/upload-artifact@v7, actions/download-artifact@v8, and several docker/* actions. This weakens supply-chain integrity—pin each uses: to a full 40-hex commit SHA.
Same issue also appears in .github/workflows/release.yml and .github/actions/setup-pgrx/action.yml (e.g., actions/checkout@v6, dtolnay/rust-toolchain@stable, Swatinem/rust-cache@v2, etc.).
🧰 Tools
🪛 zizmor (1.25.2)
[error] 39-39: unpinned action reference (unpinned-uses): action is not pinned to a hash (required by blanket policy)
(unpinned-uses)
[error] 43-43: unpinned action reference (unpinned-uses): action is not pinned to a hash (required by blanket policy)
(unpinned-uses)
🤖 Prompt for AI Agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.
In @.github/workflows/ci.yml around lines 39 - 43, Replace moving tag refs in
all workflow and action uses with pinned full 40-character commit SHAs: locate
each `uses:` entry such as actions/checkout@v6, dtolnay/rust-toolchain@stable,
actions/upload-artifact@v7, actions/download-artifact@v8, Swatinem/rust-cache@v2
and any docker/* actions across the workflows and action metadata, find the
corresponding repository commit SHA for the version you intend to lock to, and
update `uses:` to the form owner/repo@<full-40-char-sha> for each occurrence in
.github/workflows/ci.yml, .github/workflows/release.yml and
.github/actions/setup-pgrx/action.yml (and any other workflow files) to ensure
immutable pins.
Restore deriving cargo-pgrx from Cargo.toml inside the composite action and run that resolution from the checked-out workspace.
Document that PostgreSQL ID generation now uses SnowID 3.0 logical timestamps and no longer waits for the next millisecond when a sequence range is exhausted. BREAKING CHANGE: SnowID generation semantics now use logical timestamp advancement under per-millisecond sequence exhaustion instead of waiting for wall-clock time.
Add PostgreSQL wrappers for SnowID 3.0 try_generate and batch generation APIs, document their behavior, and create them in the 2.4.0 to 3.0.0 upgrade script.
Use separate Rust cache keys for format, lint, test, and package jobs and save caches even when a job fails after compiling.
Use a matrix check id to build validation Rust cache keys instead of hardcoding a separate key on every check entry.
Remove redundant exported _int SQL wrappers and document the intended PostgreSQL functions exposed by the extension. BREAKING CHANGE: Redundant _int SQL helper functions are no longer exported; use the OID-based public snowid_* functions instead.
Summary
pg_snowidand the bundledsnowiddependency to3.0.0snowid_generate(...)andsnowid_generate_base62(...)now return immediately when a millisecond sequence range is exhausted, advancing the timestamp component logically instead of waiting for the next wall-clock millisecondsnowid_try_generate,snowid_try_generate_base62,snowid_generate_batch, andsnowid_try_generate_batch_intSQL wrappers so the extension exposes only the intended OID-based public PostgreSQL functions1, it is not auto-generated from the host, and custom node IDs must be set before generators are created2.4.0 -> 3.0.0migration script to create the new public functions for existing installationsBreaking Change
_intSQL helper functions are no longer exported; use the public OID-basedsnowid_*functions.Testing
cargo fetchcargo fmt --allcargo clippy --all-targets --all-featurescargo test --all-featurescargo pgrx package --profile releasecargo test --test packaged_sql_files -- --ignoredgo run github.com/rhysd/actionlint/cmd/actionlint@latest .github/workflows/ci.yml .github/workflows/release.yml