Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Update Docker image configuration #56

Merged
merged 21 commits into from
Mar 14, 2023
Merged

Update Docker image configuration #56

merged 21 commits into from
Mar 14, 2023

Conversation

mcdonnnj
Copy link
Member

@mcdonnnj mcdonnnj commented Sep 20, 2022
edited
Loading

🗣 Description

This pull request updates from Python 3.10.5 to 3.10.7, updates dependencies, and switches from using Debian Bullseye to Alpine Linux 3.16.

💭 Motivation and context

This includes the following pull requests:

This fixes the currently failing build process due to no longer available dependency versions in addition to the improvements included in the above PRs.

Note: I have performed this testing for the latest (0.1.0-rc.1) pre-release as well.

🧪 Testing

Automated testing passes. Running the container locally I saw expected behavior.

✅ Pre-approval checklist

  • This PR has an informative and human-readable title.
  • All relevant type-of-change labels have been added.
  • I have read the CONTRIBUTING document.
  • These code changes follow cisagov code standards.
  • All relevant repo and/or project documentation has been updated
    to reflect the changes in this PR.
  • Tests have been added and/or modified to cover the changes in this PR.
  • All new and existing tests pass.

✅ Pre-merge checklist

  • Finalize version.

✅ Post-merge checklist

  • Add a tag or create a release.

@mcdonnnj mcdonnnj added improvement This issue or pull request will add or improve functionality, maintainability, or ease of use dependencies Pull requests that update a dependency file labels Sep 20, 2022
@mcdonnnj mcdonnnj requested a review from dav3r as a code owner September 20, 2022 16:41
@mcdonnnj mcdonnnj self-assigned this Sep 20, 2022
dav3r
dav3r approved these changes Sep 20, 2022
View reviewed changes
Copy link
Member

@dav3r dav3r left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

👍 👍

jsf9k
jsf9k approved these changes Sep 20, 2022
View reviewed changes
Copy link
Member

@jsf9k jsf9k left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Nice cleanup!

@mcdonnnj mcdonnnj mentioned this pull request Nov 22, 2022
Merged
1 task
mcdonnnj and others added 7 commits February 27, 2023 22:06
@mcdonnnj
Bump python from 3.10.5 to 3.10.7
26f0f24 
Also switch to hardcoding the Python version in image tags instead of
taking it as a build argument.
@mcdonnnj
Update apt package versions
88d14aa 
Update the versions of apt packages installed to the latest available.
@mcdonnnj
Update Python dependencies
dcef832 
This includes updating the version of Python configured in the Pipfile
to match the version of Python used in the Docker image.
@mcdonnnj
Do a better job of isolating the Python virtual environment
e7c59d0 
Ensure that the Python virtual environment created only contains
packages necessary for functionality. We also do a better job of
respecting the system Python environment provided by the base image.

While making these edits I also consolidated some COPY statements to
clean things up.
@mcdonnnj
Switch base image operating system to Alpine Linux 3.16
f37387e 
Change the operating system of the base image from Debian Bullseye to
Alpine Linux 3.16. All dependencies and the `vdp_scanner.py` script are
updated appropriately. The documentation and GitHub Actions workflow
are also updated to support this change.
@mcdonnnj @dav3r
Fix typo in comment
8ac0c71 
It's Linux, not LInux.

Co-authored-by: dav3r <[email protected]>
@mcdonnnj
Bump version from 0.0.5 to 0.1.0
d0dcfcc
@mcdonnnj mcdonnnj force-pushed the improvement/project_updates branch from 40aede4 to d0dcfcc Compare February 28, 2023 03:09
mcdonnnj added 11 commits March 1, 2023 15:58
@mcdonnnj
Bump python from 3.10.7-alpine3.16 to 3.10.10-alpine3.17
317a0b2 
Also update all packages installed with apk to the latest version
available on Alpine 3.17.
@mcdonnnj
Add support for the linux/armv7 platform
fec3594 
The latest version of the chromium package on Alpine 3.17 has support
for armv7 in addition to amd64 and arm64. Since that package is why we
reduced support to just amd64 and arm64 it makes sense to add support
for build armv7 images. Due to build dependencies we use the
`alpine:3.17` image for the compile-stage instead of a Python Docker
image. Additional packages were added to support building the lxml
Python package for armv7 since pre-built wheels are not available.
@mcdonnnj
Merge pull request #65 from cisagov/improvement/update_docker_image_v…
63c4a64 
…ersion

Update the base Docker images
@mcdonnnj
Move Python package versions to environment variables
0a8ef8e 
Move the hard-coded Python package versions to environment values to
improve maintainability.
@mcdonnnj
Update Python package versions in the Dockerfile
b9e8743 
Update the versions of the pip, pipenv, setuptools, and wheel packages
defined in the Dockerfile.
@mcdonnnj
Update the Pipfile and corresponding lock file
60cf26e 
Update the full Python version defined in the Pipfile and update all
dependencies in the lock file by running `pipenv lock` in the `src/`
directory.
@mcdonnnj
Merge pull request #66 from cisagov/improvement/update_python_depende…
6b47733 
…ncies

Update Python dependencies
@mcdonnnj
Use an unprivileged user in the Docker image
21205cb 
Create and use an unprivileged user in the Docker configuration with
our standard configuration.
@mcdonnnj
Consistently use python3 instead of python
75f8fde 
Make sure that all RUN instructions use `python3` instead of `python`.
@mcdonnnj
Merge pull request #67 from cisagov/improvement/use_unprivileged_user
dce1145 
Use an unprivileged user in the Docker configuration
@mcdonnnj
Bump version from 0.1.0 to 0.1.0-rc.1
f37ad2b
@mcdonnnj mcdonnnj requested review from dav3r and jsf9k March 13, 2023 20:41
dav3r
dav3r approved these changes Mar 14, 2023
View reviewed changes
Copy link
Member

@dav3r dav3r left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

👍 👍

@jsf9k jsf9k requested a review from a team March 14, 2023 16:06
mcdonnnj added 3 commits March 14, 2023 12:09
@mcdonnnj
Bump libxslt-dev from 1.1.37-r0 to 1.1.37-r1
0e147d9
@mcdonnnj
Use regular packages isntead of -dev packages
bdb4e28 
In the build-image stage we do not need the development headers and
related items for the libxml3 and libxslt packages. We can therefore
install the regular packages instead of the `-dev` versions of these
packages.
@mcdonnnj
Finalize version from 0.1.0-rc.1 to 0.1.0
d453f35
@mcdonnnj mcdonnnj force-pushed the improvement/project_updates branch from c10c058 to d453f35 Compare March 14, 2023 18:31
jsf9k
jsf9k approved these changes Mar 14, 2023
View reviewed changes
Copy link
Member

@jsf9k jsf9k left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Approval intensifies!!!

Dockerfile Show resolved Hide resolved
dav3r
dav3r approved these changes Mar 14, 2023
View reviewed changes
Copy link
Member

@dav3r dav3r left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Still 👍 👍

@mcdonnnj mcdonnnj merged commit 19df96b into develop Mar 14, 2023
@mcdonnnj mcdonnnj deleted the improvement/project_updates branch March 21, 2023 22:12
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@dav3r dav3r dav3r approved these changes

@jsf9k jsf9k jsf9k approved these changes

@felddy felddy Awaiting requested review from felddy felddy is a code owner

Assignees

@mcdonnnj mcdonnnj

Labels
dependencies Pull requests that update a dependency file improvement This issue or pull request will add or improve functionality, maintainability, or ease of use
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@mcdonnnj @jsf9k @dav3r