Skip to content

Adding version 3.12 support, remove support to deprecated versions, u… #14

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
merged 6 commits into from
Jul 15, 2025
Merged

Adding version 3.12 support, remove support to deprecated versions, u… #14

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
6 commits
Select commit Hold shift + click to select a range
bcce44f
Adding version 3.12 support, remove support to deprecated versions, u…
mvsnogueira-dnx Jul 15, 2025
99ace17
Updating dockerfile
mvsnogueira-dnx Jul 15, 2025
999d257
Updating dockerfile
mvsnogueira-dnx Jul 15, 2025
d0f9a2d
Updating dockerfile
mvsnogueira-dnx Jul 15, 2025
66d0106
Updating dockerfile
mvsnogueira-dnx Jul 15, 2025
9f9dbbc
Upgrading pip version
mvsnogueira-dnx Jul 15, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
21 changes: 14 additions & 7 deletions .github/workflows/security.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -9,17 +9,24 @@ jobs:
runs-on: ubuntu-latest

steps:
- uses: actions/checkout@v1
- uses: actions/checkout@v4

- name: Set tag var
id: vars
run: echo ::set-output name=docker_tag::$(echo ${GITHUB_REF} | cut -d'/' -f3)-${GITHUB_SHA}
run: echo "docker_tag=$(echo ${GITHUB_REF} | cut -d'/' -f3)-${GITHUB_SHA}" >> $GITHUB_OUTPUT

- name: Build the Docker image
run: docker build . --file ./3.8/Dockerfile --tag docker-terraform:${{ steps.vars.outputs.docker_tag }}
run: docker build . --file ./3.12/Dockerfile --tag serverless-python:${{ steps.vars.outputs.docker_tag }}

- name: Scan with Phonito Security
uses: phonito/phonito-scanner-action@master
- name: Run Trivy vulnerability scanner
uses: aquasecurity/trivy-action@master
with:
image: docker-terraform:${{ steps.vars.outputs.docker_tag }}
phonito-token: ${{ secrets.PHONITO_TOKEN }}
image-ref: serverless-python:${{ steps.vars.outputs.docker_tag }}
format: 'sarif'
output: 'trivy-results.sarif'

- name: Upload Trivy scan results to GitHub Security tab
uses: github/codeql-action/upload-sarif@v3
if: always()
with:
sarif_file: 'trivy-results.sarif'
30 changes: 17 additions & 13 deletions 3.10/Dockerfile
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,23 +1,27 @@
FROM python:3.10-slim-buster
FROM python:3.10-slim-bookworm

RUN apt-get update && \
apt-get install -y \
wget=1.20.1-1.1 \
zip=3.0-11+b1 \
unzip=6.0-23+deb10u2 \
git=1:2.20.1-2+deb10u3 \
wget \
zip \
unzip \
git \
curl \
npm=5.8.0+ds6-4+deb10u2 && \
pip3 install --no-cache-dir --upgrade pip==23.3.1 && \
npm install [email protected] -g && \
npm install -g [email protected] && \
npm install -g [email protected] &&\
ca-certificates \
gnupg && \
pip3 install --no-cache-dir --upgrade pip==25.1.1 && \
apt-get -q -y clean && \
rm -rf /var/cache/apt/archives/* /var/lib/apt/lists/*

ARG APT_KEY_DONT_WARN_ON_DANGEROUS_USAGE=1
RUN curl -sL https://deb.nodesource.com/setup_18.x | bash
RUN apt-get install -y nodejs
RUN mkdir -p /etc/apt/keyrings && \
curl -fsSL https://deb.nodesource.com/gpgkey/nodesource-repo.gpg.key | gpg --dearmor -o /etc/apt/keyrings/nodesource.gpg && \
echo "deb [signed-by=/etc/apt/keyrings/nodesource.gpg] https://deb.nodesource.com/node_20.x nodistro main" | tee /etc/apt/sources.list.d/nodesource.list && \
apt-get update && \
apt-get install -y nodejs && \
npm install -g [email protected] && \
npm install -g [email protected] && \
apt-get -q -y clean && \
rm -rf /var/cache/apt/archives/* /var/lib/apt/lists/*

WORKDIR /work

Expand Down
30 changes: 17 additions & 13 deletions 3.11/Dockerfile
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,23 +1,27 @@
FROM python:3.11-slim-buster
FROM python:3.11-slim-bookworm

RUN apt-get update && \
apt-get install -y \
wget=1.20.1-1.1 \
zip=3.0-11+b1 \
unzip=6.0-23+deb10u2 \
git=1:2.20.1-2+deb10u3 \
wget \
zip \
unzip \
git \
curl \
npm=5.8.0+ds6-4+deb10u2 && \
pip3 install --no-cache-dir --upgrade pip==23.3.1 && \
npm install [email protected] -g && \
npm install -g [email protected] && \
npm install -g [email protected] &&\
ca-certificates \
gnupg && \
pip3 install --no-cache-dir --upgrade pip==25.1.1 && \
apt-get -q -y clean && \
rm -rf /var/cache/apt/archives/* /var/lib/apt/lists/*

ARG APT_KEY_DONT_WARN_ON_DANGEROUS_USAGE=1
RUN curl -sL https://deb.nodesource.com/setup_18.x | bash
RUN apt-get install -y nodejs
RUN mkdir -p /etc/apt/keyrings && \
curl -fsSL https://deb.nodesource.com/gpgkey/nodesource-repo.gpg.key | gpg --dearmor -o /etc/apt/keyrings/nodesource.gpg && \
echo "deb [signed-by=/etc/apt/keyrings/nodesource.gpg] https://deb.nodesource.com/node_20.x nodistro main" | tee /etc/apt/sources.list.d/nodesource.list && \
apt-get update && \
apt-get install -y nodejs && \
npm install -g [email protected] && \
npm install -g [email protected] && \
apt-get -q -y clean && \
rm -rf /var/cache/apt/archives/* /var/lib/apt/lists/*

WORKDIR /work

Expand Down
28 changes: 28 additions & 0 deletions 3.12/Dockerfile
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,28 @@
FROM python:3.12-slim-bookworm

RUN apt-get update && \
apt-get install -y \
wget \
zip \
unzip \
git \
curl \
ca-certificates \
gnupg && \
pip3 install --no-cache-dir --upgrade pip==25.1.1 && \
apt-get -q -y clean && \
rm -rf /var/cache/apt/archives/* /var/lib/apt/lists/*

RUN mkdir -p /etc/apt/keyrings && \
curl -fsSL https://deb.nodesource.com/gpgkey/nodesource-repo.gpg.key | gpg --dearmor -o /etc/apt/keyrings/nodesource.gpg && \
echo "deb [signed-by=/etc/apt/keyrings/nodesource.gpg] https://deb.nodesource.com/node_20.x nodistro main" | tee /etc/apt/sources.list.d/nodesource.list && \
apt-get update && \
apt-get install -y nodejs && \
npm install -g [email protected] && \
npm install -g [email protected] && \
apt-get -q -y clean && \
rm -rf /var/cache/apt/archives/* /var/lib/apt/lists/*

WORKDIR /work

ENTRYPOINT ["/bin/sh"]
24 changes: 0 additions & 24 deletions 3.6/Dockerfile
View file
Open in desktop

This file was deleted.

24 changes: 0 additions & 24 deletions 3.7/Dockerfile
View file
Open in desktop

This file was deleted.

24 changes: 0 additions & 24 deletions 3.8/Dockerfile
View file
Open in desktop

This file was deleted.

4 changes: 0 additions & 4 deletions 3.8/hadolint.yaml
View file
Open in desktop

This file was deleted.

30 changes: 17 additions & 13 deletions 3.9/Dockerfile
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,23 +1,27 @@
FROM python:3.9-slim-buster
FROM python:3.9-slim-bookworm

RUN apt-get update && \
apt-get install -y \
wget=1.20.1-1.1 \
zip=3.0-11+b1 \
unzip=6.0-23+deb10u2 \
git=1:2.20.1-2+deb10u3 \
wget \
zip \
unzip \
git \
curl \
npm=5.8.0+ds6-4+deb10u2 && \
pip3 install --no-cache-dir --upgrade pip==23.3.1 && \
npm install [email protected] -g && \
npm install -g [email protected] && \
npm install -g [email protected] &&\
ca-certificates \
gnupg && \
pip3 install --no-cache-dir --upgrade pip==25.1.1 && \
apt-get -q -y clean && \
rm -rf /var/cache/apt/archives/* /var/lib/apt/lists/*

ARG APT_KEY_DONT_WARN_ON_DANGEROUS_USAGE=1
RUN curl -sL https://deb.nodesource.com/setup_18.x | bash
RUN apt-get install -y nodejs
RUN mkdir -p /etc/apt/keyrings && \
curl -fsSL https://deb.nodesource.com/gpgkey/nodesource-repo.gpg.key | gpg --dearmor -o /etc/apt/keyrings/nodesource.gpg && \
echo "deb [signed-by=/etc/apt/keyrings/nodesource.gpg] https://deb.nodesource.com/node_20.x nodistro main" | tee /etc/apt/sources.list.d/nodesource.list && \
apt-get update && \
apt-get install -y nodejs && \
npm install -g [email protected] && \
npm install -g [email protected] && \
apt-get -q -y clean && \
rm -rf /var/cache/apt/archives/* /var/lib/apt/lists/*


WORKDIR /work
Expand Down
43 changes: 12 additions & 31 deletions Makefile
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -2,59 +2,40 @@
build:
echo "Build specific tag/release"

# Python 3.6
docker build \
--build-arg base_image=python:3.6-slim \
-t ${REPO}:3.6-${IMAGE_TAG} \
./3.6/.

# Python 3.7
docker build \
--build-arg base_image=python:3.7-slim \
-t ${REPO}:3.7-${IMAGE_TAG} \
./3.7/.

# Python 3.8
docker build \
--build-arg base_image=python:3.8-slim \
-t ${REPO}:3.8-${IMAGE_TAG} \
./3.8/.

# Python 3.9
docker build \
--build-arg base_image=python:3.9-slim \
--build-arg base_image=python:3.9-slim-bookworm \
-t ${REPO}:3.9-${IMAGE_TAG} \
./3.9/.

# Python 3.10
docker build \
--build-arg base_image=python:3.10-slim \
--build-arg base_image=python:3.10-slim-bookworm \
-t ${REPO}:3.10-${IMAGE_TAG} \
./3.10/.

# Python 3.11
docker build \
--build-arg base_image=python:3.11-slim \
--build-arg base_image=python:3.11-slim-bookworm \
-t ${REPO}:3.11-${IMAGE_TAG} \
./3.11/.

# Python 3.12
docker build \
--build-arg base_image=python:3.12-slim-bookworm \
-t ${REPO}:3.12-${IMAGE_TAG} \
./3.12/.
push:
echo "Push specific tag/release"

# Python 3.6
docker push ${REPO}:3.6-${IMAGE_TAG}

# Python 3.7
docker push ${REPO}:3.7-${IMAGE_TAG}

# Python 3.8
docker push ${REPO}:3.8-${IMAGE_TAG}

# Python 3.9
docker push ${REPO}:3.9-${IMAGE_TAG}

# Python 3.10
docker push ${REPO}:3.10-${IMAGE_TAG}

# Python 3.11
docker push ${REPO}:3.11-${IMAGE_TAG}
docker push ${REPO}:3.11-${IMAGE_TAG}

# Python 3.12
docker push ${REPO}:3.12-${IMAGE_TAG}
Loading