From f9622b7782a7611a7032a73244cbeb3b4d22b28a Mon Sep 17 00:00:00 2001 From: Adam Parkin Date: Mon, 15 Jun 2020 17:23:07 -0700 Subject: [PATCH 01/35] Rename base branch to mainline --- .pyup.yml | 2 +- .travis.yml | 2 +- Makefile | 2 +- Readme.md | 2 +- 4 files changed, 4 insertions(+), 4 deletions(-) diff --git a/.pyup.yml b/.pyup.yml index 56612e9..40eb070 100644 --- a/.pyup.yml +++ b/.pyup.yml @@ -2,7 +2,7 @@ update: all schedule: "every day" -branch: master +branch: mainline label_prs: pyup diff --git a/.travis.yml b/.travis.yml index 70a8c8c..8a09a41 100644 --- a/.travis.yml +++ b/.travis.yml @@ -10,7 +10,7 @@ script: branches: only: - - master + - mainline notifications: email: false diff --git a/Makefile b/Makefile index 6dbef76..a0e3d98 100644 --- a/Makefile +++ b/Makefile @@ -16,7 +16,7 @@ dockerpush: docker push $(USER_NAME)/$(SITE_NAME):$(SHA) triggerdownstream: - curl -s -X POST -H "Content-Type: application/json" -H "Accept: application/json" -H "Travis-API-Version: 3" -H "Authorization: token $(TRAVIS_TOKEN)" -d '{ "request": { "branch":"master" }}' https://api.travis-ci.com/repo/pzelnip%2Fwww.codependentcodr.com/requests + curl -s -X POST -H "Content-Type: application/json" -H "Accept: application/json" -H "Travis-API-Version: 3" -H "Authorization: token $(TRAVIS_TOKEN)" -d '{ "request": { "branch":"mainline" }}' https://api.travis-ci.com/repo/pzelnip%2Fwww.codependentcodr.com/requests deploy: dockerbuild safety dockerpush triggerdownstream diff --git a/Readme.md b/Readme.md index 0b76689..c7cf96d 100644 --- a/Readme.md +++ b/Readme.md @@ -1,6 +1,6 @@ # Codependent Codr Base Image -[![Build Status](https://travis-ci.com/pzelnip/codependentcodrbase.svg?branch=master)](https://travis-ci.com/pzelnip/codependentcodrbase) +[![Build Status](https://travis-ci.com/pzelnip/codependentcodrbase.svg?branch=mainline)](https://travis-ci.com/pzelnip/codependentcodrbase) This is the base Docker image that I use for my blog. From 6836d91f2750566f8e1957034be74db5acfdfe05 Mon Sep 17 00:00:00 2001 From: Adam Parkin Date: Sat, 1 Aug 2020 13:19:12 -0700 Subject: [PATCH 02/35] Should fail the build --- requirements.txt | 1 + 1 file changed, 1 insertion(+) diff --git a/requirements.txt b/requirements.txt index 0d5c518..6b49f19 100644 --- a/requirements.txt +++ b/requirements.txt @@ -7,3 +7,4 @@ pelican==4.0.0 pydocstyle==3.0.0 pylint==2.5.0 safety==1.8.7 +Django==2.0.0 From 8c47bf5a43201b12374c62a80d52436db0341554 Mon Sep 17 00:00:00 2001 From: Adam Parkin Date: Sat, 1 Aug 2020 13:26:39 -0700 Subject: [PATCH 03/35] Correct vulnerability --- requirements.txt | 1 - 1 file changed, 1 deletion(-) diff --git a/requirements.txt b/requirements.txt index 6b49f19..0d5c518 100644 --- a/requirements.txt +++ b/requirements.txt @@ -7,4 +7,3 @@ pelican==4.0.0 pydocstyle==3.0.0 pylint==2.5.0 safety==1.8.7 -Django==2.0.0 From 5e7a41c98d6f0a65ac3434f08a19b40362779de0 Mon Sep 17 00:00:00 2001 From: Adam Parkin Date: Sat, 6 Mar 2021 19:49:24 -0800 Subject: [PATCH 04/35] Upgrade pelican to 4.5.4 --- requirements.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/requirements.txt b/requirements.txt index 0d5c518..0106681 100644 --- a/requirements.txt +++ b/requirements.txt @@ -3,7 +3,7 @@ bandit==1.5.1 black==18.9b0 flake8==3.6.0 Markdown==3.0.1 -pelican==4.0.0 +pelican==4.5.4 pydocstyle==3.0.0 pylint==2.5.0 safety==1.8.7 From 6a67664d4485873e4e0e593809591cc3b106fb32 Mon Sep 17 00:00:00 2001 From: Adam Parkin Date: Sat, 6 Mar 2021 19:55:00 -0800 Subject: [PATCH 05/35] Update pylint --- requirements.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/requirements.txt b/requirements.txt index 0106681..ee60f9e 100644 --- a/requirements.txt +++ b/requirements.txt @@ -5,5 +5,5 @@ flake8==3.6.0 Markdown==3.0.1 pelican==4.5.4 pydocstyle==3.0.0 -pylint==2.5.0 +pylint==2.7.2 safety==1.8.7 From 18966e16e0821f78ea21c21ced862a18f00131ba Mon Sep 17 00:00:00 2001 From: Adam Parkin Date: Sun, 7 Mar 2021 14:00:51 -0800 Subject: [PATCH 06/35] Update black --- requirements.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/requirements.txt b/requirements.txt index ee60f9e..5cbb234 100644 --- a/requirements.txt +++ b/requirements.txt @@ -1,6 +1,6 @@ autopep8==1.4.3 bandit==1.5.1 -black==18.9b0 +black==20.8b1 flake8==3.6.0 Markdown==3.0.1 pelican==4.5.4 From c97c720586afc66563d7c5e30ae46bcd7af3aa53 Mon Sep 17 00:00:00 2001 From: Adam Parkin Date: Sun, 7 Mar 2021 14:03:17 -0800 Subject: [PATCH 07/35] Update safety --- requirements.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/requirements.txt b/requirements.txt index 5cbb234..24a619c 100644 --- a/requirements.txt +++ b/requirements.txt @@ -6,4 +6,4 @@ Markdown==3.0.1 pelican==4.5.4 pydocstyle==3.0.0 pylint==2.7.2 -safety==1.8.7 +safety==1.10.3 From 244019d88052182ed9998550cdf8c727f08abeb8 Mon Sep 17 00:00:00 2001 From: Adam Parkin Date: Sun, 7 Mar 2021 15:45:56 -0800 Subject: [PATCH 08/35] Remove Travis --- .github/workflows/build.yml | 2 +- .github/workflows/deploy.yml | 24 ++++++++++++++++++++++++ .travis.yml | 18 ------------------ Makefile | 5 +---- 4 files changed, 26 insertions(+), 23 deletions(-) create mode 100644 .github/workflows/deploy.yml delete mode 100644 .travis.yml diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index c8ff8cc..674fced 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -1,6 +1,6 @@ # This is a basic workflow to help you get started with Actions -name: Build Docker Image +name: Build PR # Controls when the action will run. Triggers the workflow on push or pull request # events but only for the mainline branch diff --git a/.github/workflows/deploy.yml b/.github/workflows/deploy.yml new file mode 100644 index 0000000..8227681 --- /dev/null +++ b/.github/workflows/deploy.yml @@ -0,0 +1,24 @@ +name: Build And Push Image + +on: + push: + branches: [ mainline ] + +# A workflow run is made up of one or more jobs that can run sequentially or in parallel +jobs: + # This workflow contains a single job called "build" + build: + # The type of runner that the job will run on + runs-on: ubuntu-latest + env: + DOCKER_USERNAME: pzelnip + + steps: + - uses: actions/checkout@v2 + + # Runs a single command using the runners shell + - name: Build And Push Image + shell: 'script -q -e -c "bash {0}"' + run: make deploy + env: + DOCKER_PASSWORD: ${{ secrets.DOCKER_PASSWORD }} diff --git a/.travis.yml b/.travis.yml deleted file mode 100644 index 8a09a41..0000000 --- a/.travis.yml +++ /dev/null @@ -1,18 +0,0 @@ -language: bash - -sudo: required - -services: -- docker - -script: -- make deploy - -branches: - only: - - mainline - -notifications: - email: false - slack: - secure: "km7RBKh+IcKOXPz/CLrjmLStdfbRLlI28bDnApZcZR6rA+iSO9HW8tEYIIPAMq6GDfOcnZgpSw5kiJXDjSyuuXoNjP41D4Uyt8z+q9aXcF3QxUBP44hfcF2M+6XnFNin02nZCRPJutK8nMH+DzspmaEZTraG660Oc3ZZPyE8Gvn7uaIyyB7aJe1NlI2hbOCw7A4A2wvjkmHEnNKmE0tpE7FSxHE0YQ/xj7PGAtot7io603brBneZwkNoQ5t5x8DdoD0IVdyvXQQ/W3WX84ePW02JPpBtNLfN+dnzPeZZO86X6ZTKvQjgOqVUDop+MPcWbPO0Wa8IukKj5Sg7MdXwCs+DhsljXr14Hcm1ynnVstEjKTwHFfLXQjRTmcIc3GcRCBaR5FJNh5SvfousDWpE14Vp48RZ744ac80fgxt3treMCkk9eDacW8l1olYoOn32WkMoI6sHnLn4omLqttqXMi842b+Cmzq3Tip2/9jxGtjC7rM+9KrHq1Naldak3rAVGGzB8IDrHf7o+8R6GCIkaDMb39l0vnOSOhMXFO3DS+VFy6nPu1N3WKn13FUaw4GHkND1gHmvH6YlmpiD0W96cuz9BoHcwenCH1gwUsqRR4nA1n1KfwPrtveufHdzWXVzTKoiB1d90b4gV5/U1OAoA56vU9YrdhxvsHQAKzLRfIw=" diff --git a/Makefile b/Makefile index a0e3d98..42c7c90 100644 --- a/Makefile +++ b/Makefile @@ -15,10 +15,7 @@ dockerpush: docker push $(USER_NAME)/$(SITE_NAME):latest docker push $(USER_NAME)/$(SITE_NAME):$(SHA) -triggerdownstream: - curl -s -X POST -H "Content-Type: application/json" -H "Accept: application/json" -H "Travis-API-Version: 3" -H "Authorization: token $(TRAVIS_TOKEN)" -d '{ "request": { "branch":"mainline" }}' https://api.travis-ci.com/repo/pzelnip%2Fwww.codependentcodr.com/requests - -deploy: dockerbuild safety dockerpush triggerdownstream +deploy: dockerbuild safety dockerpush clean: docker images | grep $(SITE_NAME) | awk {'print $3'} | xargs docker rmi From 17c11304b2137b3abd50a66fa2b10311c4f2eaad Mon Sep 17 00:00:00 2001 From: Adam Parkin Date: Sun, 7 Mar 2021 15:57:27 -0800 Subject: [PATCH 09/35] Update readme to remove travis reference --- Readme.md | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/Readme.md b/Readme.md index c7cf96d..e6667f4 100644 --- a/Readme.md +++ b/Readme.md @@ -1,6 +1,6 @@ # Codependent Codr Base Image -[![Build Status](https://travis-ci.com/pzelnip/codependentcodrbase.svg?branch=mainline)](https://travis-ci.com/pzelnip/codependentcodrbase) +[![Actions Status](https://github.com/pzelnip/codependentcodrbase/workflows/Build%20And%20Push%20Image/badge.svg)](https://github.com/pzelnip/codependentcodrbase/actions) This is the base Docker image that I use for my blog. @@ -16,7 +16,6 @@ that installing git, curl, npm, etc on every build when I posted a new blog post really made for some long builds. Those packages almost never change, so I pulled that stuff out -into the Dockerfile you find here in this repo. This gets built -nightly by Travis, and pushed to Dockerhub. I then use that +into the Dockerfile you find here in this repo. I then use that built image as the base image for CDC builds, which speeds up my build times for that repo. From 8d3fd771f8cc66614ff170ad72b062333b0c6af8 Mon Sep 17 00:00:00 2001 From: Adam Parkin Date: Wed, 10 Mar 2021 10:41:23 -0800 Subject: [PATCH 10/35] Fix pyup yml --- .pyup.yml | 7 +++---- 1 file changed, 3 insertions(+), 4 deletions(-) diff --git a/.pyup.yml b/.pyup.yml index 40eb070..02b08f2 100644 --- a/.pyup.yml +++ b/.pyup.yml @@ -9,8 +9,7 @@ label_prs: pyup assignees: - pzelnip - requirements: - - requirements/requirements-float.txt: - update: False - pin: False + requirements/requirements-float.txt: + update: False + pin: False From 3417535aabf011d772d3e9bfaf0605a6cdf730c7 Mon Sep 17 00:00:00 2001 From: Adam Parkin Date: Wed, 10 Mar 2021 10:59:09 -0800 Subject: [PATCH 11/35] Add pyup badges to readme --- Readme.md | 2 ++ 1 file changed, 2 insertions(+) diff --git a/Readme.md b/Readme.md index e6667f4..54081a5 100644 --- a/Readme.md +++ b/Readme.md @@ -1,6 +1,8 @@ # Codependent Codr Base Image [![Actions Status](https://github.com/pzelnip/codependentcodrbase/workflows/Build%20And%20Push%20Image/badge.svg)](https://github.com/pzelnip/codependentcodrbase/actions) +[![Updates](https://pyup.io/repos/github/pzelnip/codependentcodrbase/shield.svg)](https://pyup.io/repos/github/pzelnip/codependentcodrbase/) +[![Python 3](https://pyup.io/repos/github/pzelnip/codependentcodrbase/python-3-shield.svg)](https://pyup.io/repos/github/pzelnip/codependentcodrbase/) This is the base Docker image that I use for my blog. From f6a0105faa08df2fad84753fb46a6db5270ded69 Mon Sep 17 00:00:00 2001 From: pyup-bot Date: Thu, 11 Mar 2021 06:10:22 -0800 Subject: [PATCH 12/35] Pin awscli to latest version 1.19.25 --- requirements-float.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/requirements-float.txt b/requirements-float.txt index 794c4f6..017d365 100644 --- a/requirements-float.txt +++ b/requirements-float.txt @@ -1,4 +1,4 @@ # These are dependencies that are allowed to "float", ie not be # version pinned. For pinned dependencies see requirements.txt -awscli +awscli==1.19.25 boto3 From 04e48a1fc68ecffafcb737214fc8f8cf4da36656 Mon Sep 17 00:00:00 2001 From: pyup-bot Date: Thu, 11 Mar 2021 06:10:23 -0800 Subject: [PATCH 13/35] Pin boto3 to latest version 1.17.24 --- requirements-float.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/requirements-float.txt b/requirements-float.txt index 017d365..6b9b463 100644 --- a/requirements-float.txt +++ b/requirements-float.txt @@ -1,4 +1,4 @@ # These are dependencies that are allowed to "float", ie not be # version pinned. For pinned dependencies see requirements.txt awscli==1.19.25 -boto3 +boto3==1.17.24 From 07cd4331ddc6d920997dddf2a84f15047a681577 Mon Sep 17 00:00:00 2001 From: pyup-bot Date: Thu, 11 Mar 2021 06:10:23 -0800 Subject: [PATCH 14/35] Update autopep8 from 1.4.3 to 1.5.5 --- requirements.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/requirements.txt b/requirements.txt index 24a619c..9006d09 100644 --- a/requirements.txt +++ b/requirements.txt @@ -1,4 +1,4 @@ -autopep8==1.4.3 +autopep8==1.5.5 bandit==1.5.1 black==20.8b1 flake8==3.6.0 From 9878e038355234332996c76c84c2526efe72f433 Mon Sep 17 00:00:00 2001 From: pyup-bot Date: Thu, 11 Mar 2021 06:10:23 -0800 Subject: [PATCH 15/35] Update bandit from 1.5.1 to 1.7.0 --- requirements.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/requirements.txt b/requirements.txt index 9006d09..68c7b68 100644 --- a/requirements.txt +++ b/requirements.txt @@ -1,5 +1,5 @@ autopep8==1.5.5 -bandit==1.5.1 +bandit==1.7.0 black==20.8b1 flake8==3.6.0 Markdown==3.0.1 From d10dda42cf854593c7c79114e4050df0e7f225ba Mon Sep 17 00:00:00 2001 From: pyup-bot Date: Thu, 11 Mar 2021 06:10:24 -0800 Subject: [PATCH 16/35] Update flake8 from 3.6.0 to 3.8.4 --- requirements.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/requirements.txt b/requirements.txt index 68c7b68..ed852a9 100644 --- a/requirements.txt +++ b/requirements.txt @@ -1,7 +1,7 @@ autopep8==1.5.5 bandit==1.7.0 black==20.8b1 -flake8==3.6.0 +flake8==3.8.4 Markdown==3.0.1 pelican==4.5.4 pydocstyle==3.0.0 From 518cb7e865328c7cf6493c9a2b4cf269d8da93b8 Mon Sep 17 00:00:00 2001 From: pyup-bot Date: Thu, 11 Mar 2021 06:10:24 -0800 Subject: [PATCH 17/35] Update markdown from 3.0.1 to 3.3.4 --- requirements.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/requirements.txt b/requirements.txt index ed852a9..a82640f 100644 --- a/requirements.txt +++ b/requirements.txt @@ -2,7 +2,7 @@ autopep8==1.5.5 bandit==1.7.0 black==20.8b1 flake8==3.8.4 -Markdown==3.0.1 +Markdown==3.3.4 pelican==4.5.4 pydocstyle==3.0.0 pylint==2.7.2 From 316af0e073d8df7f329ebd218ed42cb8fda0c827 Mon Sep 17 00:00:00 2001 From: pyup-bot Date: Thu, 11 Mar 2021 06:10:24 -0800 Subject: [PATCH 18/35] Update pydocstyle from 3.0.0 to 5.1.1 --- requirements.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/requirements.txt b/requirements.txt index a82640f..7114138 100644 --- a/requirements.txt +++ b/requirements.txt @@ -4,6 +4,6 @@ black==20.8b1 flake8==3.8.4 Markdown==3.3.4 pelican==4.5.4 -pydocstyle==3.0.0 +pydocstyle==5.1.1 pylint==2.7.2 safety==1.10.3 From 50730aadfb61a72e134563860522c2dba8bd7645 Mon Sep 17 00:00:00 2001 From: Adam Parkin Date: Thu, 11 Mar 2021 09:04:06 -0800 Subject: [PATCH 19/35] Make pyup not look at floating requirements --- .pyup.yml | 4 ++-- requirements-float.txt | 4 ++-- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/.pyup.yml b/.pyup.yml index 02b08f2..5da568b 100644 --- a/.pyup.yml +++ b/.pyup.yml @@ -11,5 +11,5 @@ assignees: requirements: requirements/requirements-float.txt: - update: False - pin: False + update: False + pin: False diff --git a/requirements-float.txt b/requirements-float.txt index 6b9b463..794c4f6 100644 --- a/requirements-float.txt +++ b/requirements-float.txt @@ -1,4 +1,4 @@ # These are dependencies that are allowed to "float", ie not be # version pinned. For pinned dependencies see requirements.txt -awscli==1.19.25 -boto3==1.17.24 +awscli +boto3 From 0e367eabadccd89c7050349b94c10f058486e77a Mon Sep 17 00:00:00 2001 From: Adam Parkin Date: Fri, 12 Mar 2021 07:05:32 -0800 Subject: [PATCH 20/35] Trying to fix pyup one more time --- .pyup.yml | 9 ++++++--- 1 file changed, 6 insertions(+), 3 deletions(-) diff --git a/.pyup.yml b/.pyup.yml index 5da568b..5ff6333 100644 --- a/.pyup.yml +++ b/.pyup.yml @@ -10,6 +10,9 @@ assignees: - pzelnip requirements: - requirements/requirements-float.txt: - update: False - pin: False + - requirements/requirements-float.txt: + update: False + pin: False + - requirements.txt: + update: all + pin: True From 345b853d581681ea4240b6e1469169ff23542fe5 Mon Sep 17 00:00:00 2001 From: Adam Parkin Date: Fri, 12 Mar 2021 07:13:52 -0800 Subject: [PATCH 21/35] Adjust GH actions to only do full build on deploy --- .github/workflows/build.yml | 21 +++++++-------------- .github/workflows/deploy.yml | 3 +++ Makefile | 16 +++++++++++++--- 3 files changed, 23 insertions(+), 17 deletions(-) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 674fced..8ee771c 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -1,29 +1,22 @@ -# This is a basic workflow to help you get started with Actions - name: Build PR -# Controls when the action will run. Triggers the workflow on push or pull request -# events but only for the mainline branch on: pull_request: branches: [ mainline ] + # enable manual running in the actions ui + workflow_dispatch: -# A workflow run is made up of one or more jobs that can run sequentially or in parallel jobs: - # This workflow contains a single job called "build" build: - # The type of runner that the job will run on runs-on: ubuntu-latest - # Steps represent a sequence of tasks that will be executed as part of the job steps: # Checks-out your repository under $GITHUB_WORKSPACE, so your job can access it - uses: actions/checkout@v2 - # Runs a single command using the runners shell - - name: Run Docker Build - run: docker build -t codependentcodrbase:latest . + # Do safety check using the most recent version of the image + - name: Run Safety on Requirements.txt + run: cat requirements.txt | docker run -i --rm pyupio/safety safety check --stdin - # Runs a single command using the runners shell - - name: Run Safety - run: docker run --rm codependentcodrbase:latest safety check -r /build/requirements.txt --full-report + - name: Run Safety on Requirements-float.txt + run: cat requirements-float.txt | docker run -i --rm pyupio/safety safety check --stdin diff --git a/.github/workflows/deploy.yml b/.github/workflows/deploy.yml index 8227681..f0c95fb 100644 --- a/.github/workflows/deploy.yml +++ b/.github/workflows/deploy.yml @@ -3,6 +3,9 @@ name: Build And Push Image on: push: branches: [ mainline ] + # enable manual running in the actions ui + workflow_dispatch: + branches: [ mainline ] # A workflow run is made up of one or more jobs that can run sequentially or in parallel jobs: diff --git a/Makefile b/Makefile index 42c7c90..04dac7d 100644 --- a/Makefile +++ b/Makefile @@ -5,18 +5,28 @@ SHA := $(shell git rev-parse --short HEAD) dockerbuild: docker build -t $(SITE_NAME):latest . -safety: dockerbuild - docker run -it --rm $(SITE_NAME):latest safety check -r /build/requirements.txt --full-report +safety: + cat requirements.txt | docker run -i --rm pyupio/safety safety check --stdin + cat requirements-float.txt | docker run -i --rm pyupio/safety safety check --stdin -dockerpush: +dockerlogin: echo "$(DOCKER_PASSWORD)" | docker login -u "$(DOCKER_USERNAME)" --password-stdin + +dockerpush: dockerlogin docker tag $(SITE_NAME) $(USER_NAME)/$(SITE_NAME):latest docker tag $(SITE_NAME) $(USER_NAME)/$(SITE_NAME):$(SHA) docker push $(USER_NAME)/$(SITE_NAME):latest docker push $(USER_NAME)/$(SITE_NAME):$(SHA) +dockerpull: + docker pull $(USER_NAME)/$(SITE_NAME):latest + deploy: dockerbuild safety dockerpush +quickscan: + cat requirements.txt | docker run -i --rm pyupio/safety safety check --stdin + cat requirements-float.txt | docker run -i --rm pyupio/safety safety check --stdin + clean: docker images | grep $(SITE_NAME) | awk {'print $3'} | xargs docker rmi From 0919672e00d0371b4d23ce5dd460a0f1ef9d2c6a Mon Sep 17 00:00:00 2001 From: Adam Parkin Date: Fri, 12 Mar 2021 11:57:12 -0800 Subject: [PATCH 22/35] Try out build/push to dockerhub --- .github/workflows/deploy.yml | 41 ++++++++++++++++++++++++++++++------ 1 file changed, 35 insertions(+), 6 deletions(-) diff --git a/.github/workflows/deploy.yml b/.github/workflows/deploy.yml index f0c95fb..74b7bf2 100644 --- a/.github/workflows/deploy.yml +++ b/.github/workflows/deploy.yml @@ -17,11 +17,40 @@ jobs: DOCKER_USERNAME: pzelnip steps: - - uses: actions/checkout@v2 + - uses: actions/checkout@v2 + + # Do safety check using the most recent version of the image + - name: Run Safety on Requirements.txt + run: cat requirements.txt | docker run -i --rm pyupio/safety safety check --stdin + + - name: Run Safety on Requirements-float.txt + run: cat requirements-float.txt | docker run -i --rm pyupio/safety safety check --stdin + + - name: Set up QEMU + uses: docker/setup-qemu-action@v1 + + - name: Set up Docker Buildx + uses: docker/setup-buildx-action@v1 + + - name: Login to DockerHub + uses: docker/login-action@v1 + with: + username: ${{ secrets.DOCKERHUB_USERNAME }} + password: ${{ secrets.DOCKERHUB_TOKEN }} + + - name: Build and push + id: docker_build + uses: docker/build-push-action@v2 + with: + push: true + tags: | + pzelnip/codependentcodrbase:latest + pzelnip/codependentcodrbase:${{ github.sha }} + # Runs a single command using the runners shell - - name: Build And Push Image - shell: 'script -q -e -c "bash {0}"' - run: make deploy - env: - DOCKER_PASSWORD: ${{ secrets.DOCKER_PASSWORD }} + # - name: Build And Push Image + # shell: 'script -q -e -c "bash {0}"' + # run: make deploy + # env: + # DOCKER_PASSWORD: ${{ secrets.DOCKER_PASSWORD }} From 45eef7c5a1c65b70adf1bcaf5ba02938a485977d Mon Sep 17 00:00:00 2001 From: Adam Parkin Date: Fri, 12 Mar 2021 13:10:53 -0800 Subject: [PATCH 23/35] Remove makefile as now everyhing is GH actions --- .github/workflows/deploy.yml | 8 -------- Makefile | 33 --------------------------------- 2 files changed, 41 deletions(-) delete mode 100644 Makefile diff --git a/.github/workflows/deploy.yml b/.github/workflows/deploy.yml index 74b7bf2..5085962 100644 --- a/.github/workflows/deploy.yml +++ b/.github/workflows/deploy.yml @@ -46,11 +46,3 @@ jobs: tags: | pzelnip/codependentcodrbase:latest pzelnip/codependentcodrbase:${{ github.sha }} - - - # Runs a single command using the runners shell - # - name: Build And Push Image - # shell: 'script -q -e -c "bash {0}"' - # run: make deploy - # env: - # DOCKER_PASSWORD: ${{ secrets.DOCKER_PASSWORD }} diff --git a/Makefile b/Makefile deleted file mode 100644 index 04dac7d..0000000 --- a/Makefile +++ /dev/null @@ -1,33 +0,0 @@ -SITE_NAME=codependentcodrbase -USER_NAME=pzelnip -SHA := $(shell git rev-parse --short HEAD) - -dockerbuild: - docker build -t $(SITE_NAME):latest . - -safety: - cat requirements.txt | docker run -i --rm pyupio/safety safety check --stdin - cat requirements-float.txt | docker run -i --rm pyupio/safety safety check --stdin - -dockerlogin: - echo "$(DOCKER_PASSWORD)" | docker login -u "$(DOCKER_USERNAME)" --password-stdin - -dockerpush: dockerlogin - docker tag $(SITE_NAME) $(USER_NAME)/$(SITE_NAME):latest - docker tag $(SITE_NAME) $(USER_NAME)/$(SITE_NAME):$(SHA) - docker push $(USER_NAME)/$(SITE_NAME):latest - docker push $(USER_NAME)/$(SITE_NAME):$(SHA) - -dockerpull: - docker pull $(USER_NAME)/$(SITE_NAME):latest - -deploy: dockerbuild safety dockerpush - -quickscan: - cat requirements.txt | docker run -i --rm pyupio/safety safety check --stdin - cat requirements-float.txt | docker run -i --rm pyupio/safety safety check --stdin - -clean: - docker images | grep $(SITE_NAME) | awk {'print $3'} | xargs docker rmi - -.PHONY: dockerbuild dockerpush deploy safety From f9d10044a3d2346bce58fa2c690ee56c7013d9bf Mon Sep 17 00:00:00 2001 From: Adam Parkin Date: Sun, 14 Mar 2021 10:24:24 -0700 Subject: [PATCH 24/35] Remove no-longer-needed dependencies After moving to GH actions using Cytopia's Docker images for the various linting tools, I no longer need them in this image. See: https://github.com/pzelnip/www.codependentcodr.com/pull/206 https://github.com/pzelnip/www.codependentcodr.com/pull/207 In fact, I think if I can find a Pelican image, I can deprecate this repo entirely. --- requirements.txt | 7 ------- 1 file changed, 7 deletions(-) diff --git a/requirements.txt b/requirements.txt index 7114138..5e837ab 100644 --- a/requirements.txt +++ b/requirements.txt @@ -1,9 +1,2 @@ -autopep8==1.5.5 -bandit==1.7.0 -black==20.8b1 -flake8==3.8.4 Markdown==3.3.4 pelican==4.5.4 -pydocstyle==5.1.1 -pylint==2.7.2 -safety==1.10.3 From 6cecc561fbc11d3f2639f1e234bec09467e192ff Mon Sep 17 00:00:00 2001 From: Adam Parkin Date: Sun, 14 Mar 2021 10:28:04 -0700 Subject: [PATCH 25/35] Fix the requirements-float monitoring for pyup I'm an idiot, specified the wrong path. --- .pyup.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.pyup.yml b/.pyup.yml index 5ff6333..cc56198 100644 --- a/.pyup.yml +++ b/.pyup.yml @@ -10,7 +10,7 @@ assignees: - pzelnip requirements: - - requirements/requirements-float.txt: + - requirements-float.txt: update: False pin: False - requirements.txt: From c5214b4bb9607f7ad16adf1bdba4723fbd5ca249 Mon Sep 17 00:00:00 2001 From: Adam Parkin Date: Sun, 14 Mar 2021 11:14:24 -0700 Subject: [PATCH 26/35] Trim the docker image down --- Dockerfile | 20 ++++---------------- 1 file changed, 4 insertions(+), 16 deletions(-) diff --git a/Dockerfile b/Dockerfile index 765c5bb..d9e08e8 100644 --- a/Dockerfile +++ b/Dockerfile @@ -10,24 +10,12 @@ FROM alpine:latest # image for CDC builds RUN apk add --no-cache --update \ - python3 nodejs-current-npm make git curl + python3 make git curl -RUN python3 -m ensurepip -RUN pip3 install --upgrade pip +RUN python3 -m ensurepip && python3 -m pip install --upgrade pip --no-cache-dir -RUN npm install -g markdownlint-cli - -# needed for Pylint 2.0.0 COPY requirements.txt /build/requirements.txt COPY requirements-float.txt /build/requirements-float.txt -# Note that these 3 commands have to be combined to save on built -# image size. If we separate into multiple Docker commands then -# doing the del after the fact has no effect because Docker *layers* -# the filesystem. See: https://github.com/gliderlabs/docker-alpine/issues/45 -# With this all as one command I found I saved over 100MB on the final -# built image. -RUN apk add --no-cache --update python3-dev gcc build-base && \ - pip3 install -r /build/requirements-float.txt && \ - pip3 install -r /build/requirements.txt && \ - apk del python3-dev gcc build-base +RUN python3 -m pip install -r /build/requirements-float.txt --no-cache-dir && \ + python3 -m pip install -r /build/requirements.txt --no-cache-dir From dd57ab6d08c6078d89f325d0bc23585693ef33a4 Mon Sep 17 00:00:00 2001 From: pyup-bot Date: Tue, 23 Mar 2021 07:10:23 -0700 Subject: [PATCH 27/35] Update pelican from 4.5.4 to 4.6.0 --- requirements.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/requirements.txt b/requirements.txt index 5e837ab..c17f044 100644 --- a/requirements.txt +++ b/requirements.txt @@ -1,2 +1,2 @@ Markdown==3.3.4 -pelican==4.5.4 +pelican==4.6.0 From d6d6d22a1d8a227c6f81b59ae1896198e480496b Mon Sep 17 00:00:00 2001 From: pyup-bot Date: Sun, 3 Oct 2021 07:34:03 -0700 Subject: [PATCH 28/35] Update pelican from 4.6.0 to 4.7.0 --- requirements.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/requirements.txt b/requirements.txt index c17f044..11aa84d 100644 --- a/requirements.txt +++ b/requirements.txt @@ -1,2 +1,2 @@ Markdown==3.3.4 -pelican==4.6.0 +pelican==4.7.0 From 2ef0ec6cbc1acbcc4fd669bbe2214ae84f0b13b6 Mon Sep 17 00:00:00 2001 From: pyup-bot Date: Thu, 14 Oct 2021 07:34:02 -0700 Subject: [PATCH 29/35] Update pelican from 4.7.0 to 4.7.1 --- requirements.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/requirements.txt b/requirements.txt index 11aa84d..1bce880 100644 --- a/requirements.txt +++ b/requirements.txt @@ -1,2 +1,2 @@ Markdown==3.3.4 -pelican==4.7.0 +pelican==4.7.1 From 3fc6fbb3fbe04fb88d1348b4fcbc8ca31298711c Mon Sep 17 00:00:00 2001 From: pyup-bot Date: Wed, 17 Nov 2021 06:34:26 -0800 Subject: [PATCH 30/35] Update markdown from 3.3.4 to 3.3.5 --- requirements.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/requirements.txt b/requirements.txt index 1bce880..4969a85 100644 --- a/requirements.txt +++ b/requirements.txt @@ -1,2 +1,2 @@ -Markdown==3.3.4 +Markdown==3.3.5 pelican==4.7.1 From ff0bf1f8dc591b12e43479ba0c4387317653eac8 Mon Sep 17 00:00:00 2001 From: pyup-bot Date: Thu, 18 Nov 2021 06:34:03 -0800 Subject: [PATCH 31/35] Update markdown from 3.3.5 to 3.3.6 --- requirements.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/requirements.txt b/requirements.txt index 4969a85..d7a4f48 100644 --- a/requirements.txt +++ b/requirements.txt @@ -1,2 +1,2 @@ -Markdown==3.3.5 +Markdown==3.3.6 pelican==4.7.1 From e9f54ca4a9f8428fac082d243299ff7752e243a8 Mon Sep 17 00:00:00 2001 From: pyup-bot Date: Thu, 10 Feb 2022 06:40:04 -0800 Subject: [PATCH 32/35] Update pelican from 4.7.1 to 4.7.2 --- requirements.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/requirements.txt b/requirements.txt index d7a4f48..2fc4702 100644 --- a/requirements.txt +++ b/requirements.txt @@ -1,2 +1,2 @@ Markdown==3.3.6 -pelican==4.7.1 +pelican==4.7.2 From 6cfb1960d659975d457739ea7c0aea694717758d Mon Sep 17 00:00:00 2001 From: pyup-bot Date: Fri, 6 May 2022 07:35:02 -0700 Subject: [PATCH 33/35] Update markdown from 3.3.6 to 3.3.7 --- requirements.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/requirements.txt b/requirements.txt index 2fc4702..29378c9 100644 --- a/requirements.txt +++ b/requirements.txt @@ -1,2 +1,2 @@ -Markdown==3.3.6 +Markdown==3.3.7 pelican==4.7.2 From f3ac82c321b1df657f68c4544fda999e0ec368e2 Mon Sep 17 00:00:00 2001 From: pyup-bot Date: Tue, 12 Jul 2022 07:35:02 -0700 Subject: [PATCH 34/35] Update pelican from 4.7.2 to 4.8.0 --- requirements.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/requirements.txt b/requirements.txt index 29378c9..7fb90d6 100644 --- a/requirements.txt +++ b/requirements.txt @@ -1,2 +1,2 @@ Markdown==3.3.7 -pelican==4.7.2 +pelican==4.8.0 From 6034c61cbb435bada7c823e069f96b0c2343c6b9 Mon Sep 17 00:00:00 2001 From: pyup-bot Date: Sat, 16 Jul 2022 07:35:03 -0700 Subject: [PATCH 35/35] Update markdown from 3.3.7 to 3.4.1 --- requirements.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/requirements.txt b/requirements.txt index 7fb90d6..1c0a1a9 100644 --- a/requirements.txt +++ b/requirements.txt @@ -1,2 +1,2 @@ -Markdown==3.3.7 +Markdown==3.4.1 pelican==4.8.0