Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Remove the custom Cargo configuration #149

Merged
merged 7 commits into from
Oct 8, 2024
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension


Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
43 changes: 20 additions & 23 deletions Dockerfile
Original file line number Diff line number Diff line change
Expand Up @@ -6,7 +6,7 @@
# in the Python Docker image we use for the build-stage. The tag of the Python
# Docker image matches the version of the python3 package available on Alpine
# for consistency.
FROM alpine:3.18 as compile-stage
FROM alpine:3.20 as compile-stage

###
# For a list of pre-defined annotation keys and value types see:
Expand All @@ -23,35 +23,32 @@ ENV CISA_HOME="/home/${CISA_USER}"
ENV VIRTUAL_ENV="${CISA_HOME}/.venv"

# Versions of the Python packages installed directly
ENV PYTHON_PIP_VERSION=23.1.2
ENV PYTHON_PIPENV_VERSION=2023.10.20
ENV PYTHON_SETUPTOOLS_VERSION=67.7.2
ENV PYTHON_WHEEL_VERSION=0.40.0
ENV PYTHON_PIP_VERSION=24.2
ENV PYTHON_PIPENV_VERSION=2024.1.0
ENV PYTHON_SETUPTOOLS_VERSION=75.1.0
ENV PYTHON_WHEEL_VERSION=0.44.0

# Install the dependencies necessary to build the cryptography Python
# package. These are required to build the package if a pre-built wheel
# is not available on PyPI.
RUN apk --no-cache add \
cargo=1.71.1-r0 \
gcc=12.2.1_git20220924-r10 \
git=2.40.1-r0 \
libffi-dev=3.4.4-r2 \
musl-dev=1.2.4-r2 \
openssl-dev=3.1.5-r0 \
py3-pip=23.1.2-r0 \
py3-setuptools=67.7.2-r0 \
py3-wheel=0.40.0-r1 \
python3-dev=3.11.8-r0 \
python3=3.11.8-r0

# Copy in our custom Cargo configuration file
COPY src/config.toml /root/.cargo/
cargo=1.78.0-r0 \
gcc=13.2.1_git20240309-r0 \
git=2.45.2-r0 \
libffi-dev=3.4.6-r0 \
musl-dev=1.2.5-r0 \
openssl-dev=3.3.2-r0 \
py3-pip=24.0-r2 \
py3-setuptools=70.3.0-r0 \
py3-wheel=0.42.0-r1 \
python3-dev=3.12.7-r0 \
python3=3.12.7-r0

# Install pipenv to manage installing the Python dependencies into a created
# Python virtual environment. This is done separately from the virtual
# environment so that pipenv and its dependencies are not installed in the
# Python virtual environment used in the final image.
RUN python3 -m pip install --no-cache-dir --upgrade pipenv==${PYTHON_PIPENV_VERSION} \
RUN python3 -m pip install --break-system-packages --no-cache-dir --upgrade pipenv==${PYTHON_PIPENV_VERSION} \
# Manually create Python virtual environment for the final image
&& python3 -m venv ${VIRTUAL_ENV} \
# Ensure the core Python packages are installed in the virtual environment
Expand All @@ -67,7 +64,7 @@ RUN pipenv sync --clear --verbose

# The version of Python used here should match the version of the Alpine
# python3 package installed in the compile-stage.
FROM python:3.11.6-alpine3.18 as build-stage
FROM python:3.12.7-alpine3.20 as build-stage

# Unprivileged user information
ARG CISA_UID=2048
Expand All @@ -80,8 +77,8 @@ ENV VIRTUAL_ENV="${CISA_HOME}/.venv"
# Install the dependencies needed by the llnl-scraper Python package to
# estimate labor hours for code.
RUN apk --no-cache add \
cloc=1.96-r0 \
git=2.40.1-r0
cloc=2.00-r0 \
git=2.45.2-r0

# Create unprivileged user
RUN addgroup --system --gid ${CISA_GID} ${CISA_GROUP} \
Expand Down
10 changes: 7 additions & 3 deletions src/Pipfile
Original file line number Diff line number Diff line change
Expand Up @@ -7,8 +7,12 @@ name = "pypi"
# Minimum version for IMDSv2 support
boto3 = ">=1.13.23"
docopt = ">=0.6.2"
# Use our fork for required functionality that is not in LLNL/scraper yet.
llnl-scraper = {file = "https://github.com/cisagov/scraper/archive/v0.14.0-dev.tar.gz"}
# We need a bugfix for behavior in newer versions of cloc. Since there is not a
# release on PyPI with the code in https://github.com/LLNL/scraper/pull/79, we
# must instead pull directly from the GitHub repository. We use the latest (as
# of this comment) commit on the default branch to serve as our version pin
# equivalent.
llnl-scraper = {file = "https://api.github.com/repos/LLNL/scraper/tarball/536a72ce1ceb2e209281ff72a2ed59e735d45c33"}

[requires]
python_full_version = "3.10.10"
python_full_version = "3.12.7"
Loading
Loading