Updates python version to 3.12, community.docker to latest and pipfil…

…e.Dockerfile Signed-off-by: Trilok Geer <tgeer@redhat.com>
operator-framework · Sep 24, 2024 · aebc842 · aebc842
1 parent 31a2f18
commit aebc842
Show file tree

Hide file tree

Showing 7 changed files with 28 additions and 27 deletions.
diff --git a/hack/generate/samples/ansible/testdata/inventory/hosts b/hack/generate/samples/ansible/testdata/inventory/hosts
@@ -2,4 +2,4 @@
 127.0.0.1 ansible_connection=local
 
 [all:vars]
-ansible_python_interpreter=/usr/bin/python3.11
+ansible_python_interpreter=/usr/bin/python3.12
diff --git a/images/ansible-operator/Dockerfile b/images/ansible-operator/Dockerfile
@@ -21,12 +21,12 @@ ENV PIP_NO_CACHE_DIR=1
 # and remove those not needed at runtime.
 RUN set -e && yum clean all && rm -rf /var/cache/yum/* \
   && yum update -y \
-  && yum install -y python3.11 \
-  && yum install -y libffi-devel openssl-devel gcc python3.11-devel python3.11-pip python3.11-setuptools \
-  && pip3.11 install --upgrade pip~=24.2 \
-  && pip3.11 install pipenv \
+  && yum install -y python3.12 \
+  && yum install -y libffi-devel openssl-devel gcc python3.12-devel python3.12-pip python3.12-setuptools \
+  && pip3.12 install --upgrade pip~=24.2 \
+  && pip3.12 install pipenv \
   && pipenv requirements > requirements.txt \
-  && pip3.11 install -r requirements.txt --prefix /usr/local \
+  && pip3.12 install -r requirements.txt --prefix /usr/local \
   # NOTE: This ignored vulnerability (70612) was detected in jinja2, \
   # but the vulnerability is disputed and may never be fixed. See: \
   #  - https://github.com/advisories/GHSA-f6pv-j8mr-w6rr \
@@ -36,7 +36,7 @@ RUN set -e && yum clean all && rm -rf /var/cache/yum/* \
   # but the upgraded version doesn't support the use case (protocol we are using).\
   # Ref: https://github.com/operator-framework/ansible-operator-plugins/pull/67#issuecomment-2189164688
   && safety check --ignore 70612 --ignore 71064 \
-  && yum remove -y gcc libffi-devel openssl-devel python3.11-devel \
+  && yum remove -y gcc libffi-devel openssl-devel python3.12-devel \
   && yum clean all \
   && rm -rf /var/cache/yum
 
@@ -55,15 +55,15 @@ RUN mkdir -p /etc/ansible \
 
 RUN set -e && yum clean all && rm -rf /var/cache/yum/* \
   && yum update -y \
-  && yum install -y python3.11 \
-  && yum install -y python3.11-pip python3.11-setuptools \
-  && pip3.11 install --upgrade pip~=24.2 \
-  && pip3.11 install pipenv==2024.0.1 \
+  && yum install -y python3.12 \
+  && yum install -y python3.12-pip python3.12-setuptools \
+  && pip3.12 install --upgrade pip~=24.2 \
+  && pip3.12 install pipenv==2024.0.1 \
   && yum clean all \
   && rm -rf /var/cache/yum
 
-COPY --from=basebuilder /usr/local/lib64/python3.11/site-packages   /usr/local/lib64/python3.11/site-packages
-COPY --from=basebuilder /usr/local/lib/python3.11 /usr/local/lib/python3.11
+COPY --from=basebuilder /usr/local/lib64/python3.12/site-packages   /usr/local/lib64/python3.12/site-packages
+COPY --from=basebuilder /usr/local/lib/python3.12 /usr/local/lib/python3.12
 COPY --from=basebuilder /usr/local/bin /usr/local/bin
 
 ENV TINI_VERSION=v0.19.0

diff --git a/images/ansible-operator/Pipfile b/images/ansible-operator/Pipfile
@@ -16,4 +16,4 @@ requests = "==2.31.0"
 [dev-packages]
 
 [requires]
-python_version = "3.11"
+python_version = "3.12"
diff --git a/images/ansible-operator/Pipfile.lock b/images/ansible-operator/Pipfile.lock
diff --git a/images/ansible-operator/pipfile.Dockerfile b/images/ansible-operator/pipfile.Dockerfile
@@ -1,4 +1,4 @@
-FROM registry.access.redhat.com/ubi8/ubi:8.9-1107 AS basebuilder
+FROM registry.access.redhat.com/ubi9/ubi:9.4-1214 AS basebuilder
 
 # Install Rust so that we can ensure backwards compatibility with installing/building the cryptography wheel across all platforms
 RUN curl --proto '=https' --tlsv1.2 -sSf https://sh.rustup.rs | sh -s -- -y
@@ -10,16 +10,17 @@ COPY ./Pipfile ./
 # Instruct pip(env) not to keep a cache of installed packages,
 # to install into the global site-packages and
 # to clear the pipenv cache as well
-ENV PIP_NO_CACHE_DIR=1 \
-    PIPENV_SYSTEM=1 \
+ENV PIP_NO_CACHE_DIR=1 \        
     PIPENV_CLEAR=1
 # Ensure fresh metadata rather than cached metadata, install system and pip python deps,
 # and remove those not needed at runtime.
+
 RUN set -e && yum clean all && rm -rf /var/cache/yum/* \
   && yum update -y \
-  && yum install -y libffi-devel openssl-devel python39-devel gcc python39-pip python39-setuptools \
-  && pip3 install --upgrade pip~=23.3.2 \
-  && pip3 install pipenv==2023.11.15 \
+  && yum install -y python3.12 \
+  && yum install -y libffi-devel openssl-devel gcc python3.12-devel python3.12-pip python3.12-setuptools \
+  && pip3.12 install --upgrade pip~=24.2 \
+  && pip3.12 install pipenv \
   && pipenv lock \
   # NOTE: This ignored vulnerability (70612) was detected in jinja2, \
   # but the vulnerability is disputed and may never be fixed. See: \

diff --git a/pkg/plugins/ansible/v1/scaffolds/internal/templates/requirements.go b/pkg/plugins/ansible/v1/scaffolds/internal/templates/requirements.go
@@ -42,5 +42,5 @@ collections:
   - name: cloud.common
     version: "3.0.0"
   - name: community.docker
-    version: "3.12.1"
+    version: "3.12.2"
 `
diff --git a/testdata/memcached-molecule-operator/requirements.yml b/testdata/memcached-molecule-operator/requirements.yml
@@ -7,4 +7,4 @@ collections:
   - name: cloud.common
     version: "3.0.0"
   - name: community.docker
-    version: "3.12.1"
+    version: "3.12.2"