Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Pin the Dependencies Used #29

Merged
merged 6 commits into from
Oct 7, 2021
Merged

Pin the Dependencies Used #29

merged 6 commits into from
Oct 7, 2021

Conversation

mcdonnnj
Copy link
Member

@mcdonnnj mcdonnnj commented Oct 4, 2021

🗣 Description

This PR pins the dependencies used for this Docker image. This includes the Docker image it is built on as well as the Python packages it needs to function. In addition installation of packages was configured to perform no caching.

💭 Motivation and context

Creating repeatable Docker image builds is a good strategy to ensure you are not blindsided by changes. This resolves #26 toward that end. The caching changes also shaved a whole 11MiB off the generated size (that's a savings of 3.5%!).

🧪 Testing

Automated tests pass and I was able to build an image successfully using this configuration.

✅ Checklist

  • This PR has an informative and human-readable title.
  • Changes are limited to a single goal - eschew scope creep!
  • All relevant type-of-change labels have been added.
  • I have read the CONTRIBUTING document.
  • These code changes follow cisagov code standards.
  • All new and existing tests pass.

@mcdonnnj
Pin base Docker image to latest version
406603c 
This adds a version pin for the certbot/dns-route53 image using the latest
released version.
@mcdonnnj
Pin the version of python3 installed
9cd3fe1 
This adds a version pin for the `python3` package installed as well as adding
the `--no-cache` option to reduce the size of generated images.
@mcdonnnj
Add a version pin for the pip Python package
e6d36fd 
Pin the version of `pip` that is installed in the image. Replace the
`--upgrade` flag with the `--no-cache-dir` flag since we are installing a
specific version and to reduce the size of the resulting image.
@mcdonnnj
Add the setuptools and wheel Python packages
1e19e7c 
Add the `setuptools` and `wheel` packages at pinned versions to the Docker
image. These are common installs for our Python projects and we should
ensure they are pinned to specific versions.
@mcdonnnj
Pin additional Python package dependencies
01a4d31 
Add version pinning for the remaining Python packages, break their installation
into its own step, and switch the `--upgrade` flag for the `--no-cache-dir`
flag.
@mcdonnnj
Bump version from 0.0.3 to 0.0.4
8ce3a52
@mcdonnnj mcdonnnj added improvement This issue or pull request will add or improve functionality, maintainability, or ease of use dependencies Pull requests that update a dependency file hacktoberfest-accepted Pull request that should count toward Hacktoberfest participation labels Oct 4, 2021
@mcdonnnj mcdonnnj self-assigned this Oct 4, 2021
dav3r
dav3r approved these changes Oct 6, 2021
View reviewed changes
Copy link
Member

@dav3r dav3r left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pin it to win it! 📌

@mcdonnnj mcdonnnj merged commit 887d96d into develop Oct 7, 2021
@mcdonnnj mcdonnnj deleted the improvement/pin_dependencies branch October 7, 2021 14:33
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@dav3r dav3r dav3r approved these changes

@jsf9k jsf9k jsf9k approved these changes

@felddy felddy Awaiting requested review from felddy felddy is a code owner

Assignees

@mcdonnnj mcdonnnj

Labels
dependencies Pull requests that update a dependency file hacktoberfest-accepted Pull request that should count toward Hacktoberfest participation improvement This issue or pull request will add or improve functionality, maintainability, or ease of use
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Pin Dockerfile Dependencies
3 participants
@mcdonnnj @jsf9k @dav3r