From 9e9173cd97a58805be4ce9d5985d3cb173732f93 Mon Sep 17 00:00:00 2001 From: Chris Sibbitt Date: Mon, 6 Mar 2023 15:02:49 -0500 Subject: [PATCH] Release ops for STF 1.5.1 (#17) * Remove invalid addition to requirements.txt (#11) When I rebased I inadvertently added an invalid reference which breaks cachito. Imports require requirements.txt to be pinned to a version. * Clean up hadolint output (#15) * Clean up hadolint output Clean up hadolint output which causes failures testing in GitHub Actions. Remove unnecessary upgrades (which are reverted by requirements files) and package installation (satisfied by requirements). Resolves: STF-1256 * Syncronize versions across requirements files * Extend available options to prometheus-webhook-snmp (#14) * Extend available options to prometheus-webhook-snmp Related: STF-559 * Adjust Dockerfile to conform to hadolint checks * Set pip installation version * Various fixes for linting and build warnings - Complete clean up of the linting and verify everything continues to build - Clean up the Dockerfile for python package updates which were just being overridden by the requirements-built.txt * Use proper .hadolint.yaml file * Don't Dockerfile lint error on info * Allow shell meta-character problems in SNMP vars (#16) * Allow shell meta-characters in SNMP vars --------- Signed-off-by: Leif Madsen Co-authored-by: Leif Madsen --- .github/linters/.hadolint.yml | 2 ++ Dockerfile | 17 +++++++++++------ requirements-build.in | 1 + requirements-build.txt | 12 ++++++------ requirements.in | 1 + requirements.txt | 16 +++++++++++----- 6 files changed, 32 insertions(+), 17 deletions(-) diff --git a/.github/linters/.hadolint.yml b/.github/linters/.hadolint.yml index 0338c44..dbd96f0 100644 --- a/.github/linters/.hadolint.yml +++ b/.github/linters/.hadolint.yml @@ -1,2 +1,4 @@ +failure-threshold: warning ignored: - DL3041 + - DL3013 diff --git a/Dockerfile b/Dockerfile index 3ae2952..3f1c31a 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,5 +1,7 @@ FROM quay.io/centos/centos:stream8 +# >> ignore SC2086 because passing quoted env vars to dnf causes issues (fail to install) +# hadolint ignore=SC2086 RUN INSTALL_PKGS="\ procps-ng \ telnet \ @@ -15,14 +17,14 @@ COPY . /source/app WORKDIR /source/app RUN alternatives --set python /usr/bin/python3 && \ - python -m pip install --upgrade setuptools pip && \ - python -m pip install wheel && \ - python -m pip install -r requirements-build.txt && \ - python -m pip install . && \ + python -m pip install --no-cache-dir -r requirements-build.txt && \ + python -m pip install --no-cache-dir . && \ python -m pip freeze # Cleanup -RUN UNINSTALL_PKGS="\ +# >> ignore SC2086 because passing quoted env vars to dnf causes issues (fail to install) +# hadolint ignore=SC2086 +RUN UNINSTALL_PKGS="\ gcc \ " && \ dnf remove -y $UNINSTALL_PKGS && \ @@ -34,7 +36,10 @@ ENV SNMP_HOST="localhost" ENV SNMP_RETRIES=5 ENV SNMP_TIMEOUT=1 ENV ALERT_OID_LABEL="oid" +ENV TRAP_OID_PREFIX="1.3.6.1.4.1.50495.15" +ENV TRAP_DEFAULT_OID="1.3.6.1.4.1.50495.15.1.2.1" +ENV TRAP_DEFAULT_SEVERITY="" EXPOSE 9099 -CMD ["sh", "-c", "/usr/local/bin/prometheus-webhook-snmp --debug --snmp-port=$SNMP_PORT --snmp-host=$SNMP_HOST --snmp-community=$SNMP_COMMUNITY --alert-oid-label=$ALERT_OID_LABEL run"] +CMD ["sh", "-c", "/usr/local/bin/prometheus-webhook-snmp --debug --snmp-port=\"${SNMP_PORT}\" --snmp-host=\"${SNMP_HOST}\" --snmp-community=\"${SNMP_COMMUNITY}\" --snmp-retries=\"${SNMP_RETRIES}\" --snmp-timeout=\"${SNMP_TIMEOUT}\" --alert-oid-label=\"${ALERT_OID_LABEL}\" --trap-oid-prefix=\"${TRAP_OID_PREFIX}\" --trap-default-oid=\"${TRAP_DEFAULT_OID}\" --trap-default-severity=\"${TRAP_DEFAULT_SEVERITY}\" run"] diff --git a/requirements-build.in b/requirements-build.in index b61ea4a..60bf43e 100644 --- a/requirements-build.in +++ b/requirements-build.in @@ -14,5 +14,6 @@ setuptools_scm<6.0,>=3.3.1 setuptools_scm>=1.15 setuptools_scm[toml]>=3.4.1 setuptools_scm_git_archive>=1.0 +pip>=21 toml wheel diff --git a/requirements-build.txt b/requirements-build.txt index cf193a9..41bf50d 100644 --- a/requirements-build.txt +++ b/requirements-build.txt @@ -1,17 +1,15 @@ # -# This file is autogenerated by pip-compile +# This file is autogenerated by pip-compile with python 3.6 # To update, run: # # pip-compile --allow-unsafe --output-file=requirements-build.txt requirements-build.in # -pip==21.1.1 - # for Cachito debugging cython==0.29.23 # via -r requirements-build.in -setuptools-scm-git-archive==1.1 - # via -r requirements-build.in setuptools-scm[toml]==5.0.2 # via -r requirements-build.in +setuptools-scm-git-archive==1.1 + # via -r requirements-build.in toml==0.10.2 # via # -r requirements-build.in @@ -20,7 +18,9 @@ wheel==0.36.2 # via -r requirements-build.in # The following packages are considered to be unsafe in a requirements file: -setuptools==56.2.0 +pip==21.3.1 + # via -r requirements-build.in +setuptools==59.6.0 # via # -r requirements-build.in # setuptools-scm diff --git a/requirements.in b/requirements.in index 4fd6e41..90b5939 100644 --- a/requirements.in +++ b/requirements.in @@ -9,3 +9,4 @@ pysnmp==4.4.8 pytest==4.4.0 pytest-runner==5.3.1 python-dateutil==2.8.0 +pip==21.3.1 diff --git a/requirements.txt b/requirements.txt index 494a12e..619c5ef 100644 --- a/requirements.txt +++ b/requirements.txt @@ -1,8 +1,8 @@ # -# This file is autogenerated by pip-compile +# This file is autogenerated by pip-compile with python 3.6 # To update, run: # -# pip-compile --output-file=requirements.txt requirements.in +# pip-compile --allow-unsafe --output-file=requirements.txt requirements.in # astroid==2.5.6 # via pylint @@ -58,10 +58,10 @@ pysmi==0.3.4 # via pysnmp pysnmp==4.4.8 # via -r requirements.in -pytest-runner==5.3.1 - # via -r requirements.in pytest==4.4.0 # via -r requirements.in +pytest-runner==5.3.1 + # via -r requirements.in python-dateutil==2.8.0 # via -r requirements.in pytz==2021.1 @@ -86,5 +86,11 @@ zc.lockfile==2.0 # via cherrypy zipp==3.4.1 # via importlib-metadata + # The following packages are considered to be unsafe in a requirements file: -# setuptools +pip==21.3.1 + # via -r requirements.in +setuptools==59.6.0 + # via + # pytest + # zc.lockfile