diff --git a/.github/workflows/check-for-updated-dependencies.yaml b/.github/workflows/check-for-updated-dependencies.yaml index 9dcd9a7..ab76ffd 100644 --- a/.github/workflows/check-for-updated-dependencies.yaml +++ b/.github/workflows/check-for-updated-dependencies.yaml @@ -12,7 +12,7 @@ jobs: steps: - name: Check overview page run: | - curl https://edu.chainguard.dev/chainguard/chainguard-images/reference/python/overview/ | grep sha256:6e512c60467cb53572112d8b5f1200d93cc7f883db01e57836fd93754f6bb4e8 + curl https://edu.chainguard.dev/chainguard/chainguard-images/reference/python/overview/ | grep sha256:36d9faf5198aec34124b2d8434b23dbe518f72ecc62d51b2b8e29fbd62f44110 # If this fails, that likely means the "latest" and "latest-dev" tags for Python are pointing at new images with new digests # Follow the process to update the Dockerfiles accordingly, then update the hardcoded digest here to be one of the new digests (doesn't matter which one) to detect future changes diff --git a/.github/workflows/ci.yaml b/.github/workflows/ci.yaml index 5cdef0e..e9f55fd 100644 --- a/.github/workflows/ci.yaml +++ b/.github/workflows/ci.yaml @@ -2,7 +2,7 @@ name: CI on: [push] env: - PYTHON_VERSION: 3.11.4 + PYTHON_VERSION: 3.11.5 jobs: honeypot: @@ -59,7 +59,7 @@ jobs: # If this change looks legitimate (i.e. Github updating the vendored version, or coming after a change to the runner OS version) update the hard-coded version below run: | docker --version - docker --version | grep "Docker version 23.0.6+azure-2" + docker --version | grep "Docker version 24.0.5" - name: Smoke Tests - Server Startup run: | @@ -118,6 +118,7 @@ jobs: run: | mkdir ./cfn-guard-temp/ wget https://github.com/aws-cloudformation/cloudformation-guard/releases/download/${{ env.CFN_GUARD_VERSION }}/cfn-guard-v3-ubuntu-latest.tar.gz -O - | tar -xzvf - -C ./cfn-guard-temp/ + mkdir -p ~/.local/bin/ cp ./cfn-guard-temp/cfn-guard-v3-ubuntu-latest/cfn-guard ~/.local/bin/ rm -rf ./cfn-guard-temp/ diff --git a/packages/honeypot/CHANGELOG.md b/packages/honeypot/CHANGELOG.md index eeebf57..8aa5b32 100644 --- a/packages/honeypot/CHANGELOG.md +++ b/packages/honeypot/CHANGELOG.md @@ -13,6 +13,13 @@ What is in scope for breaking changes includes ## Changes +### v0.4.7 + +- Update Chainguard base images in the Dockerfile, including an update to Python 3.11.5 from 3.11.4 + +- Update version of Python in CI to 3.11.5 from 3.11.4 +- Update version of Docker in CI to 24.0.5 from 23.0.6 + ### v0.4.6 - Update Chainguard base images in the Dockerfile diff --git a/packages/honeypot/Dockerfile b/packages/honeypot/Dockerfile index 2e0a926..bfe29e7 100644 --- a/packages/honeypot/Dockerfile +++ b/packages/honeypot/Dockerfile @@ -1,7 +1,7 @@ # Adapted from https://edu.chainguard.dev/chainguard/chainguard-images/reference/python/overview/#usage -# Python 3.11.4, dev base image. See https://www.chainguard.dev/unchained/a-guide-on-how-to-use-chainguard-images-for-public-catalog-tier-users for more details on how to update this -FROM cgr.dev/chainguard/python@sha256:0e964fbb6ebb43ce466dc902c4bb29b0bfeb8f68b635ba9774e49e42e96ada18 as builder +# Python 3.11.5, dev base image. See https://www.chainguard.dev/unchained/a-guide-on-how-to-use-chainguard-images-for-public-catalog-tier-users for more details on how to update this +FROM cgr.dev/chainguard/python@sha256:2dccbdb82841992fe1ff8413c533036aae3aa6539462ba288c64b66ec3199e27 as builder WORKDIR /app @@ -9,8 +9,8 @@ COPY requirements.txt . RUN pip install -r requirements.txt --user -# Python 3.11.4, production base image. See https://www.chainguard.dev/unchained/a-guide-on-how-to-use-chainguard-images-for-public-catalog-tier-users for more details on how to update this -FROM cgr.dev/chainguard/python@sha256:6e512c60467cb53572112d8b5f1200d93cc7f883db01e57836fd93754f6bb4e8 +# Python 3.11.5, production base image. See https://www.chainguard.dev/unchained/a-guide-on-how-to-use-chainguard-images-for-public-catalog-tier-users for more details on how to update this +FROM cgr.dev/chainguard/python@sha256:36d9faf5198aec34124b2d8434b23dbe518f72ecc62d51b2b8e29fbd62f44110 # Make sure you update Python version in path COPY --from=builder /home/nonroot/.local/lib/python3.11/site-packages /home/nonroot/.local/lib/python3.11/site-packages diff --git a/packages/honeypot/version.json b/packages/honeypot/version.json index 8a673d4..08f5350 100644 --- a/packages/honeypot/version.json +++ b/packages/honeypot/version.json @@ -1,3 +1,3 @@ { - "version": "0.4.6" + "version": "0.4.7" } \ No newline at end of file