Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

chore: update setuptools in docker images #251

Merged
merged 3 commits into from
Oct 2, 2024
+6 −5
Merged

chore: update setuptools in docker images #251

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
3 commits
Select commit Hold shift + click to select a range
b7355b9
chore: update setuptools in docker images
ThibaultFy Sep 30, 2024
516738d
chore: update tests
ThibaultFy Oct 1, 2024
14aad36
chore: changelog
ThibaultFy Oct 2, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
1 change: 1 addition & 0 deletions changes/250.changed
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1 @@
Remove parasite verisons of `setuptools` in Dockerfiles and install `setuptools>70.0.0` to tackle last identified CVEs
4 changes: 2 additions & 2 deletions substrafl/remote/register/register.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -33,7 +33,7 @@
FROM python:{python_version}-slim

# update image
RUN apt-get update -y
RUN apt-get update -y && pip uninstall -y setuptools
"""

_GPU_BASE_IMAGE = """
Expand Down Expand Up @@ -62,7 +62,7 @@
ENV PATH="/home/user/venv/bin:$PATH" VIRTUAL_ENV="/home/user/venv"

# install dependencies
RUN python{python_version} -m pip install -U pip
RUN python{python_version} -m pip install -U pip && pip install -U setuptools>=70.0.0
Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Or we can just uninstall it...

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Not sure if it's not used when building wheels for some more exotic dependencies... :/


# Copy local wheels
{copy_wheels}
Expand Down
6 changes: 3 additions & 3 deletions tests/remote/register/test_register.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -49,7 +49,7 @@ def test_get_base_docker_image_cpu():
FROM python:3.12-slim

# update image
RUN apt-get update -y
RUN apt-get update -y && pip uninstall -y setuptools
"""
assert expected_dockerfile == _get_base_docker_image("3.12", use_gpu=False)

Expand Down Expand Up @@ -97,7 +97,7 @@ def test_create_dockerfile(tmp_path, local_installable_module):
FROM python:{python_version}-slim

# update image
RUN apt-get update -y
RUN apt-get update -y && pip uninstall -y setuptools

# create a non-root user
RUN addgroup --gid 1001 group
Expand All @@ -109,7 +109,7 @@ def test_create_dockerfile(tmp_path, local_installable_module):
ENV PATH="/home/user/venv/bin:$PATH" VIRTUAL_ENV="/home/user/venv"

# install dependencies
RUN python{python_version} -m pip install -U pip
RUN python{python_version} -m pip install -U pip && pip install -U setuptools>=70.0.0

# Copy local wheels
COPY {substrafl_wheel} {substrafl_wheel}
Expand Down
Loading