Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

snyk Dockerfile python upgrades #3877

Closed
wants to merge 3 commits into from
Closed

snyk Dockerfile python upgrades #3877

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
3 commits
Select commit Hold shift + click to select a range
8f7205a
snyk Dockerfile python upgrades
nasaldrops Mar 18, 2024
a7e86b2
version increment
nasaldrops Mar 18, 2024
2e71f6f
version increment
nasaldrops Mar 18, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 1 addition & 1 deletion api_app/Dockerfile
View file
Open in desktop
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I'll put a few general comments here:

  1. I think you should split the core application base image from the changes in the templates to 2 different PRs.
  2. Are you sure a jump (in the apps) from python 3.8 to 3.13 doesn't require code changes? Why are you upgrading to a RC version of python - it should be a GA one.
  3. You didn't upgrade the airlock function, why?
  4. In the apps, I think you should increase the minor version and not just the build number.
  5. We usually keep the same Debian version used across the entire solution - devcontainer, core apps and templates. You didn't include a devcontainer change which I think must be synced with the apps to enable good developer experience.

Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
FROM python:3.8-slim-bullseye as base
FROM python:3.13.0a4-slim as base
COPY requirements.txt /.
RUN pip3 install --no-cache-dir -r requirements.txt

Expand Down
2 changes: 1 addition & 1 deletion api_app/_version.py
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1 +1 @@
__version__ = "0.18.5"
__version__ = "0.18.6"
2 changes: 1 addition & 1 deletion resource_processor/_version.py
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1 +1 @@
__version__ = "0.8.4"
__version__ = "0.8.5"
2 changes: 1 addition & 1 deletion resource_processor/vmss_porter/Dockerfile
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
# syntax=docker/dockerfile:1
FROM python:3.8-slim-bullseye
FROM python:3.13.0a4-slim

SHELL ["/bin/bash", "-o", "pipefail", "-c"]

Expand Down
2 changes: 1 addition & 1 deletion templates/shared_services/admin-vm/Dockerfile.tmpl
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
# syntax=docker/dockerfile-upstream:1.4.0
FROM --platform=linux/amd64 debian:bullseye-slim
FROM --platform=linux/amd64 debian:bookworm-20240211-slim

# PORTER_INIT

Expand Down
6 changes: 3 additions & 3 deletions templates/shared_services/airlock_notifier/Dockerfile.tmpl
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
# syntax=docker/dockerfile-upstream:1.4.0
FROM --platform=linux/amd64 debian:bullseye-slim
FROM --platform=linux/amd64 debian:bookworm-20240211-slim

# PORTER_INIT

Expand All @@ -9,8 +9,8 @@ RUN rm -f /etc/apt/apt.conf.d/docker-clean; echo 'Binary::apt::APT::Keep-Downloa

# Install jq
RUN --mount=type=cache,target=/var/cache/apt --mount=type=cache,target=/var/lib/apt \
apt-get update && \
apt-get install -y zip --no-install-recommends
apt-get update && \
apt-get install -y zip --no-install-recommends

# PORTER_MIXINS

Expand Down
2 changes: 1 addition & 1 deletion templates/shared_services/certs/Dockerfile.tmpl
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
# syntax=docker/dockerfile-upstream:1.4.0
FROM --platform=linux/amd64 python:3.8-slim-bullseye
FROM --platform=linux/amd64 python:3.13.0a4-slim

# PORTER_INIT

Expand Down
2 changes: 1 addition & 1 deletion templates/shared_services/cyclecloud/Dockerfile.tmpl
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
# syntax=docker/dockerfile-upstream:1.4.0
FROM --platform=linux/amd64 debian:bullseye-slim
FROM --platform=linux/amd64 debian:bookworm-20240211-slim

# PORTER_INIT

Expand Down
2 changes: 1 addition & 1 deletion templates/shared_services/databricks-auth/Dockerfile.tmpl
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
# syntax=docker/dockerfile-upstream:1.4.0
FROM --platform=linux/amd64 debian:bullseye-slim
FROM --platform=linux/amd64 debian:bookworm-20240211-slim

# PORTER_INIT

Expand Down
2 changes: 1 addition & 1 deletion templates/shared_services/firewall/Dockerfile.tmpl
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
# syntax=docker/dockerfile-upstream:1.4.0
FROM --platform=linux/amd64 debian:bullseye-slim
FROM --platform=linux/amd64 debian:bookworm-20240211-slim

# PORTER_INIT

Expand Down
2 changes: 1 addition & 1 deletion templates/shared_services/gitea/Dockerfile.tmpl
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
# syntax=docker/dockerfile-upstream:1.4.0
FROM --platform=linux/amd64 debian:bullseye-slim
FROM --platform=linux/amd64 debian:bookworm-20240211-slim

# PORTER_INIT

Expand Down
2 changes: 1 addition & 1 deletion templates/shared_services/sonatype-nexus-vm/Dockerfile.tmpl
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
# syntax=docker/dockerfile-upstream:1.4.0
FROM --platform=linux/amd64 debian:bullseye-slim
FROM --platform=linux/amd64 debian:bookworm-20240211-slim

# PORTER_INIT

Expand Down
2 changes: 1 addition & 1 deletion templates/workspace_services/azureml/Dockerfile.tmpl
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
# syntax=docker/dockerfile-upstream:1.4.0
FROM --platform=linux/amd64 debian:bullseye-slim
FROM --platform=linux/amd64 debian:bookworm-20240211-slim

# PORTER_INIT

Expand Down
2 changes: 1 addition & 1 deletion templates/workspace_services/azureml/user_resources/aml_compute/Dockerfile.tmpl
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
# syntax=docker/dockerfile-upstream:1.4.0
FROM --platform=linux/amd64 debian:bullseye-slim
FROM --platform=linux/amd64 debian:bookworm-20240211-slim

# PORTER_INIT

Expand Down
2 changes: 1 addition & 1 deletion templates/workspace_services/databricks/Dockerfile.tmpl
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
# syntax=docker/dockerfile-upstream:1.4.0
FROM --platform=linux/amd64 debian:bullseye-slim
FROM --platform=linux/amd64 debian:bookworm-20240211-slim

# PORTER_INIT

Expand Down
2 changes: 1 addition & 1 deletion templates/workspace_services/gitea/Dockerfile.tmpl
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
# syntax=docker/dockerfile-upstream:1.4.0
FROM --platform=linux/amd64 debian:bullseye-slim
FROM --platform=linux/amd64 debian:bookworm-20240211-slim

# PORTER_INIT

Expand Down
2 changes: 1 addition & 1 deletion templates/workspace_services/guacamole/Dockerfile.tmpl
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
# syntax=docker/dockerfile-upstream:1.4.0
FROM --platform=linux/amd64 debian:bullseye-slim
FROM --platform=linux/amd64 debian:bookworm-20240211-slim

# PORTER_INIT

Expand Down
2 changes: 1 addition & 1 deletion ...rkspace_services/guacamole/user_resources/guacamole-azure-export-reviewvm/Dockerfile.tmpl
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
# syntax=docker/dockerfile-upstream:1.4.0
FROM --platform=linux/amd64 debian:bullseye-slim
FROM --platform=linux/amd64 debian:bookworm-20240211-slim

# PORTER_INIT

Expand Down
2 changes: 1 addition & 1 deletion ...rkspace_services/guacamole/user_resources/guacamole-azure-import-reviewvm/Dockerfile.tmpl
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
# syntax=docker/dockerfile-upstream:1.4.0
FROM --platform=linux/amd64 debian:bullseye-slim
FROM --platform=linux/amd64 debian:bookworm-20240211-slim

# PORTER_INIT

Expand Down
2 changes: 1 addition & 1 deletion ...lates/workspace_services/guacamole/user_resources/guacamole-azure-linuxvm/Dockerfile.tmpl
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
# syntax=docker/dockerfile-upstream:1.4.0
FROM --platform=linux/amd64 debian:bullseye-slim
FROM --platform=linux/amd64 debian:bookworm-20240211-slim

# PORTER_INIT

Expand Down
2 changes: 1 addition & 1 deletion ...tes/workspace_services/guacamole/user_resources/guacamole-azure-windowsvm/Dockerfile.tmpl
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
# syntax=docker/dockerfile-upstream:1.4.0
FROM --platform=linux/amd64 debian:bullseye-slim
FROM --platform=linux/amd64 debian:bookworm-20240211-slim

# PORTER_INIT

Expand Down
2 changes: 1 addition & 1 deletion templates/workspace_services/health-services/Dockerfile.tmpl
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
# syntax=docker/dockerfile-upstream:1.4.0
FROM --platform=linux/amd64 debian:bullseye-slim
FROM --platform=linux/amd64 debian:bookworm-20240211-slim

# PORTER_INIT

Expand Down
2 changes: 1 addition & 1 deletion templates/workspace_services/innereye/Dockerfile.tmpl
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
FROM --platform=linux/amd64 debian:bullseye-slim
FROM --platform=linux/amd64 debian:bookworm-20240211-slim

# PORTER_INIT

Expand Down
2 changes: 1 addition & 1 deletion templates/workspace_services/mlflow/Dockerfile.tmpl
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
# syntax=docker/dockerfile-upstream:1.4.0
FROM --platform=linux/amd64 debian:bullseye-slim
FROM --platform=linux/amd64 debian:bookworm-20240211-slim

# PORTER_INIT

Expand Down
2 changes: 1 addition & 1 deletion templates/workspace_services/mlflow/mlflow-server/docker/Dockerfile
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
FROM python:3.8-bullseye
FROM python:3.13.0a4-slim

# Install MLflow Python Packages
RUN pip install --no-cache-dir psycopg2==2.9.5 mlflow==2.0.1 azure-storage-blob==12.14.1
Expand Down
2 changes: 1 addition & 1 deletion templates/workspace_services/mysql/Dockerfile.tmpl
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
# syntax=docker/dockerfile-upstream:1.4.0
FROM --platform=linux/amd64 debian:bullseye-slim
FROM --platform=linux/amd64 debian:bookworm-20240211-slim

# PORTER_INIT

Expand Down
6 changes: 3 additions & 3 deletions templates/workspace_services/ohdsi/Dockerfile.tmpl
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
# syntax=docker/dockerfile-upstream:1.4.0
FROM --platform=linux/amd64 debian:bullseye-slim
FROM --platform=linux/amd64 debian:bookworm-20240211-slim

# PORTER_INIT

Expand All @@ -17,11 +17,11 @@ RUN apt-get update && apt-get install -y curl gnupg && \

# Git is required for terraform_azurerm_environment_configuration
RUN --mount=type=cache,target=/var/cache/apt --mount=type=cache,target=/var/lib/apt \
apt-get update && apt-get install -y git --no-install-recommends
apt-get update && apt-get install -y git --no-install-recommends

# PostgreSql is required by Atlas
RUN --mount=type=cache,target=/var/cache/apt --mount=type=cache,target=/var/lib/apt \
apt-get update && apt-get install -y postgresql-client gettext apache2-utils curl jq --no-install-recommends
apt-get update && apt-get install -y postgresql-client gettext apache2-utils curl jq --no-install-recommends

# PORTER_MIXINS

Expand Down
4 changes: 2 additions & 2 deletions templates/workspaces/airlock-import-review/Dockerfile.tmpl
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,13 +1,13 @@
# syntax=docker/dockerfile-upstream:1.4.0
FROM --platform=linux/amd64 debian:bullseye-slim
FROM --platform=linux/amd64 debian:bookworm-20240211-slim

# PORTER_INIT

RUN rm -f /etc/apt/apt.conf.d/docker-clean; echo 'Binary::apt::APT::Keep-Downloaded-Packages "true";' > /etc/apt/apt.conf.d/keep-cache

# Git is required for terraform_azurerm_environment_configuration
RUN --mount=type=cache,target=/var/cache/apt --mount=type=cache,target=/var/lib/apt \
apt-get update && apt-get install -y git jq curl ca-certificates patch --no-install-recommends
apt-get update && apt-get install -y git jq curl ca-certificates patch --no-install-recommends

ARG AZURE_TRE_VERSION="0.15.2"

Expand Down
2 changes: 1 addition & 1 deletion templates/workspaces/base/Dockerfile.tmpl
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
# syntax=docker/dockerfile-upstream:1.4.0
FROM --platform=linux/amd64 debian:bullseye-slim
FROM --platform=linux/amd64 debian:bookworm-20240211-slim

# PORTER_INIT

Expand Down
4 changes: 2 additions & 2 deletions templates/workspaces/unrestricted/Dockerfile.tmpl
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,13 +1,13 @@
# syntax=docker/dockerfile-upstream:1.4.0
FROM --platform=linux/amd64 debian:bullseye-slim
FROM --platform=linux/amd64 debian:bookworm-20240211-slim

# PORTER_INIT

RUN rm -f /etc/apt/apt.conf.d/docker-clean; echo 'Binary::apt::APT::Keep-Downloaded-Packages "true";' > /etc/apt/apt.conf.d/keep-cache

# Git is required for terraform_azurerm_environment_configuration
RUN --mount=type=cache,target=/var/cache/apt --mount=type=cache,target=/var/lib/apt \
apt-get update && apt-get install -y git jq curl ca-certificates patch --no-install-recommends
apt-get update && apt-get install -y git jq curl ca-certificates patch --no-install-recommends

ARG AZURE_TRE_VERSION="0.14.0"

Expand Down
Loading