PostgreSQL 13 will reach its end-of-life on November 13, 2025. So we're
upgrading before that happens.
We're also upgrading to PostgreSQL 14 in our CI. In this case, we're
using the default distribution (Trixie, as of October 2025); it doesn't
affect the development or production environments, so it's OK if use the
default one.
We had three files that were almost identical, and we can use
environment variables to specify the differences.
Note we're using the `PGUSER` and `PGPASSWORD` variables, since these
variables will automatically be used by the PostgreSQL client when we
have a blank `username` and `password` keys in the `database.yml` file
(which we did until now). The difference between these variables and the
`POSTGRES_USER` and `POSTGRES_PASSWORD` variables is that the `PG`
variables are used by the client connecting to the database, while the
`POSTGRES_` variables are used by the Docker postgresql image when
creating the database superuser.
For consistency with the code in our github workflows (and everywhere
else in the postgres world), we're respecting this double standard. The
fact that there are two different names for what's basically the same
thing makes the code confusing, though, particularly when running the
docker-compose commands, since we get the password from an environment
variable but we have to assign two different environment variables with
it.
So we're accepting both `PGPASSWORD` and `POSTGRES_PASSWORD` variables
in the database configuration file. This way, developers using
docker-compose can use `POSTGRES_PASSWORD` for everything and it'll work
fine. We're also making `PGPASSWORD` default to `POSTGRES_PASSWORD` so
we don't get a warning if we only set `POSTGRES_PASSWORD`:
```
WARN[0000] The "PGPASSWORD" variable is not set. Defaulting to a blank
string.
```
Also note we're using `DB_HOST` instead of `PGHOST` because that's the
variable Rails currently uses by default for new applications [1].
Finally, note we're using `.presence` in the `ENV` calls in the
database.yml file. The `PGPASSWORD` variable was set to an empty string
when running docker-compose, so using `ENV["PGPASSWORD"] ||` wouldn't
work.
[1] https://github.com/rails/rails/blob/c90a8701e5/railties/lib/rails/generators/rails/app/templates/config/databases/postgresql.yml.tt#L22
The alternative text of the image was useless, and we were depending on
an external server in order to display it. Furthermore, the text inside
the image was pretty small.
So we're displaying the output of the command as plain text.
There was a typo where we said we were creating the containers but we
were building the image.
While none of these commands are necessary because they're run
automatically when first running the `db:create` rake task, I think it's
better to show them separately, since the `build` command might be used
to rebuild the image, and running the `create` command separately makes
it easier to know what's going on.
We're also removing the "start database service" step, since it's
automatically started because the app service depends on it.
Finally, we're updating one command for macOS.
Docker and Docker Compose are included in most Linux distributions, and
we don't know whether the windows error we talked about is still
relevant in 2024. In any case, the Docker documentation to install
windows is a better resource for that than our documentation.
We're also using the same Docker commands for every operating system.
We were following it about half of the time and we even added it to our
former `.mdlrc` file. However, for some reason, MDL doesn't detect this
rule when specified in the `.mdlrc` file, so we didn't notice we weren't
following it in many cases.
Now that we're using a style file to configure MDL, we can enable this
rule again and apply it, since now MDL correctly includes it in its
report.
Note that, in order to have some consistency, we're always writing
"Consul Democracy", instead of using capital letters sometimes (but not
always), like we did until now.
We were using the SSH URL in the Docker documentation, while using the
HTTPS URL everywhere else. The HTTPS URL is the right one in this case
because it's meant for people who won't have write access to the
repository.
