Drop support for the linux/arm/v6, linux/ppc64le, and linux/s390x platforms

.github/workflows/build.yml

@@ -29,8 +29,13 @@ env:
   CURL_CACHE_DIR: ~/.cache/curl
   IMAGE_NAME: cisagov/code-gov-update
   PIP_CACHE_DIR: ~/.cache/pip
-  PLATFORMS: "linux/386,linux/amd64,linux/arm/v6,\
-  linux/arm/v7,linux/arm64/v8,linux/ppc64le,linux/s390x"
+  # We have dropped support for the linux/arm/v6, linux/ppc64le, and linux/s390x
+  # platforms until the run time for the build-push-all job can get below the six
+  # hour limit that exists for GitHub Actions runners. This could either be through
+  # some kind of optimization, when we matrix out the build so each platform runs
+  # on its own runner, or if we start using our own runners that have a higher
+  # time limit. Please see #150 for tracking.
+  PLATFORMS: "linux/386,linux/amd64,linux/arm/v7,linux/arm64/v8"
   PRE_COMMIT_CACHE_DIR: ~/.cache/pre-commit
   RUN_TMATE: ${{ secrets.RUN_TMATE }}
 

Dockerfile

@@ -6,7 +6,7 @@
 # in the Python Docker image we use for the build-stage. The tag of the Python
 # Docker image matches the version of the python3 package available on Alpine
 # for consistency.
-FROM alpine:3.18 as compile-stage
+FROM alpine:3.20 as compile-stage
 
 ###
 # For a list of pre-defined annotation keys and value types see:
@@ -23,35 +23,32 @@ ENV CISA_HOME="/home/${CISA_USER}"
 ENV VIRTUAL_ENV="${CISA_HOME}/.venv"
 
 # Versions of the Python packages installed directly
-ENV PYTHON_PIP_VERSION=23.1.2
-ENV PYTHON_PIPENV_VERSION=2023.10.20
-ENV PYTHON_SETUPTOOLS_VERSION=67.7.2
-ENV PYTHON_WHEEL_VERSION=0.40.0
+ENV PYTHON_PIP_VERSION=24.2
+ENV PYTHON_PIPENV_VERSION=2024.1.0
+ENV PYTHON_SETUPTOOLS_VERSION=75.1.0
+ENV PYTHON_WHEEL_VERSION=0.44.0
 
 # Install the dependencies necessary to build the cryptography Python
 # package. These are required to build the package if a pre-built wheel
 # is not available on PyPI.
 RUN apk --no-cache add \
-  cargo=1.71.1-r0 \
-  gcc=12.2.1_git20220924-r10 \
-  git=2.40.1-r0 \
-  libffi-dev=3.4.4-r2 \
-  musl-dev=1.2.4-r2 \
-  openssl-dev=3.1.5-r0 \
-  py3-pip=23.1.2-r0 \
-  py3-setuptools=67.7.2-r0 \
-  py3-wheel=0.40.0-r1 \
-  python3-dev=3.11.8-r0 \
-  python3=3.11.8-r0
-
-# Copy in our custom Cargo configuration file
-COPY src/config.toml /root/.cargo/
+  cargo=1.78.0-r0 \
+  gcc=13.2.1_git20240309-r0 \
+  git=2.45.2-r0 \
+  libffi-dev=3.4.6-r0 \
+  musl-dev=1.2.5-r0 \
+  openssl-dev=3.3.2-r0 \
+  py3-pip=24.0-r2 \
+  py3-setuptools=70.3.0-r0 \
+  py3-wheel=0.42.0-r1 \
+  python3-dev=3.12.7-r0 \
+  python3=3.12.7-r0
 
 # Install pipenv to manage installing the Python dependencies into a created
 # Python virtual environment. This is done separately from the virtual
 # environment so that pipenv and its dependencies are not installed in the
 # Python virtual environment used in the final image.
-RUN python3 -m pip install --no-cache-dir --upgrade pipenv==${PYTHON_PIPENV_VERSION} \
+RUN python3 -m pip install --break-system-packages --no-cache-dir --upgrade pipenv==${PYTHON_PIPENV_VERSION} \
   # Manually create Python virtual environment for the final image
   && python3 -m venv ${VIRTUAL_ENV} \
   # Ensure the core Python packages are installed in the virtual environment
@@ -67,7 +64,7 @@ RUN pipenv sync --clear --verbose
 
 # The version of Python used here should match the version of the Alpine
 # python3 package installed in the compile-stage.
-FROM python:3.11.6-alpine3.18 as build-stage
+FROM python:3.12.7-alpine3.20 as build-stage
 
 # Unprivileged user information
 ARG CISA_UID=2048
@@ -80,8 +77,8 @@ ENV VIRTUAL_ENV="${CISA_HOME}/.venv"
 # Install the dependencies needed by the llnl-scraper Python package to
 # estimate labor hours for code.
 RUN apk --no-cache add \
-  cloc=1.96-r0 \
-  git=2.40.1-r0
+  cloc=2.00-r0 \
+  git=2.45.2-r0
 
 # Create unprivileged user
 RUN addgroup --system --gid ${CISA_GID} ${CISA_GROUP} \

README.md

@@ -8,7 +8,7 @@
 
 [![Docker Pulls](https://img.shields.io/docker/pulls/cisagov/code-gov-update)](https://hub.docker.com/r/cisagov/code-gov-update)
 [![Docker Image Size (latest by date)](https://img.shields.io/docker/image-size/cisagov/code-gov-update)](https://hub.docker.com/r/cisagov/code-gov-update)
-[![Platforms](https://img.shields.io/badge/platforms-386%20%7C%20amd64%20%7C%20arm%2Fv6%20%7C%20arm%2Fv7%20%7C%20arm64%2Fv8%20%7C%20ppc64le%20%7C%20s390x-blue)](https://hub.docker.com/r/cisagov/code-gov-update/tags)
+[![Platforms](https://img.shields.io/badge/platforms-386%20%7C%20amd64%20%7C%20arm%2Fv6%20%7C%20arm%2Fv7%20%7C%20arm64%2Fv8-blue)](https://hub.docker.com/r/cisagov/code-gov-update/tags)
 
 This project contains code for updating the DHS
 [code.gov](https://code.gov) inventory published

src/Pipfile

@@ -7,8 +7,12 @@ name = "pypi"
 # Minimum version for IMDSv2 support
 boto3 = ">=1.13.23"
 docopt = ">=0.6.2"
-# Use our fork for required functionality that is not in LLNL/scraper yet.
-llnl-scraper = {file = "https://github.com/cisagov/scraper/archive/v0.14.0-dev.tar.gz"}
+# We need a bugfix for behavior in newer versions of cloc. Since there is not a
+# release on PyPI with the code in https://github.com/LLNL/scraper/pull/79, we
+# must instead pull directly from the GitHub repository. We use the latest (as
+# of this comment) commit on the default branch to serve as our version pin
+# equivalent.
+llnl-scraper = {file = "https://api.github.com/repos/LLNL/scraper/tarball/536a72ce1ceb2e209281ff72a2ed59e735d45c33"}
 
 [requires]
-python_full_version = "3.10.10"
+python_full_version = "3.12.7"