diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 1dbf140..60dc4ec 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -265,13 +265,6 @@ jobs: - diagnostics - lint - test - strategy: - matrix: - # Python runtime versions supported by AWS - python-version: - - "3.7" - - "3.8" - - "3.9" steps: - name: Apply standard cisagov job preamble uses: cisagov/action-job-preamble@v1 @@ -305,16 +298,13 @@ jobs: echo "GH_SHORT_SHA=${GITHUB_SHA::7}" >> $GITHUB_ENV - name: Build the base Lambda Docker image run: | - docker compose build \ - --build-arg PY_VERSION=${{ matrix.python-version }} \ - build_deployment_package + docker compose build build_deployment_package - name: Generate the Lambda deployment package run: docker compose up build_deployment_package - name: Upload the generated Lambda deployment package as an artifact uses: actions/upload-artifact@v4 with: - name: ${{ github.event.repository.name }}-py${{ - matrix.python-version }}-${{ env.GH_SHORT_SHA }} + name: ${{ github.event.repository.name }}-${{ env.GH_SHORT_SHA }} path: ${{ env.DEFAULT_ARTIFACT_NAME }} - name: Setup tmate debug session uses: mxschmitt/action-tmate@v3 diff --git a/Dockerfile b/Dockerfile index 950fec6..505b296 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,9 +1,5 @@ -ARG PY_VERSION=3.9 - -FROM amazon/aws-lambda-python:$PY_VERSION AS install-stage - -# Declare it a second time so it's brought into this scope. -ARG PY_VERSION=3.9 +# The runtime tag must match the version of Python specified in the Pipfile. +FROM amazon/aws-lambda-python:3.9 AS install-stage # Install the Python packages necessary to install the Lambda dependencies. RUN python3 -m pip install --no-cache-dir \ @@ -17,7 +13,7 @@ RUN python3 -m pip install --no-cache-dir \ WORKDIR /tmp # Copy in the dependency files. -COPY src/py$PY_VERSION/ . +COPY build/Pipfile build/Pipfile.lock ./ # Install the Lambda dependencies. # @@ -25,7 +21,8 @@ COPY src/py$PY_VERSION/ . # underlying pip calls. RUN pipenv sync --system --extra-pip-args="--no-cache-dir --target ${LAMBDA_TASK_ROOT}" -FROM amazon/aws-lambda-python:$PY_VERSION AS build-stage +# The runtime tag must match the version of Python specified in the Pipfile. +FROM amazon/aws-lambda-python:3.9 AS build-stage ### # For a list of pre-defined annotation keys and value types see: @@ -40,12 +37,6 @@ FROM amazon/aws-lambda-python:$PY_VERSION AS build-stage LABEL org.opencontainers.image.authors="github@cisa.dhs.gov" LABEL org.opencontainers.image.vendor="Cybersecurity and Infrastructure Security Agency" -# Declare it a third time so it's brought into this scope. -ARG PY_VERSION=3.9 - -# This must be present in the image to generate a deployment artifact. -ENV BUILD_PY_VERSION=$PY_VERSION - COPY --from=install-stage ${LAMBDA_TASK_ROOT} ${LAMBDA_TASK_ROOT} WORKDIR ${LAMBDA_TASK_ROOT} diff --git a/README.md b/README.md index b2d3a2a..abdd61e 100644 --- a/README.md +++ b/README.md @@ -59,18 +59,15 @@ docker compose down ## How to update Python dependencies ## -The Python dependencies are maintained using a -[Pipenv](https://github.com/pypa/pipenv) configuration for each -supported Python version. Changes to requirements should be made to -the respective `src/py/Pipfile`. More information -about the `Pipfile` format can be found in the [`pipenv` -documentation](https://pipenv.pypa.io/en/latest/pipfile.html#example-pipfile). -The accompanying `Pipfile.lock` files contain the specific dependency -versions that will be installed. These files can be updated like so -(using the Python 3.9 configuration as an example): +The Lambda's Python dependencies are maintained using a [Pipenv](https://github.com/pypa/pipenv) +configuration. Changes to requirements should be made to the `Pipfile` located at +`build/Pipfile`. More information about the `Pipfile` format can be found in the +[`pipenv` documentation](https://pipenv.pypa.io/en/latest/pipfile.html#example-pipfile). +The accompanying `Pipfile.lock` file contains the specific dependency versions +that will be installed. This file is updated automatically like so: ```console -cd src/py3.9 +cd build pipenv lock ``` diff --git a/src/py3.9/Pipfile b/build/Pipfile similarity index 73% rename from src/py3.9/Pipfile rename to build/Pipfile index 0e08b63..fecbf4a 100644 --- a/src/py3.9/Pipfile +++ b/build/Pipfile @@ -4,6 +4,7 @@ verify_ssl = true name = "pypi" [requires] +# This must match the version of the Python runtime specified in the Dockerfile. python_version = "3.9" [packages] diff --git a/src/py3.9/Pipfile.lock b/build/Pipfile.lock similarity index 57% rename from src/py3.9/Pipfile.lock rename to build/Pipfile.lock index 7a12085..2373e18 100644 --- a/src/py3.9/Pipfile.lock +++ b/build/Pipfile.lock @@ -16,14 +16,6 @@ ] }, "default": { - "contextlib2": { - "hashes": [ - "sha256:3fbdb64466afd23abaf6c977627b75b6139a5a3e8ce38405c5b413aed7a0471f", - "sha256:ab1e2bfe1d01d968e1b7e8d9023bc51ef3509bba217bb730cee3827e1ee82869" - ], - "markers": "python_version >= '3.6'", - "version": "==21.6.0" - }, "cowsay": { "hashes": [ "sha256:274b1e6fc1b966d53976333eb90ac94cb07a450a700b455af9fbdf882244b30a" @@ -43,18 +35,18 @@ }, "schema": { "hashes": [ - "sha256:f06717112c61895cabc4707752b88716e8420a8819d71404501e114f91043197", - "sha256:f3ffdeeada09ec34bf40d7d79996d9f7175db93b7a5065de0faa7f41083c1e6c" + "sha256:5d976a5b50f36e74e2157b47097b60002bd4d42e65425fcc9c9befadb4255dde", + "sha256:7da553abd2958a19dc2547c388cde53398b39196175a9be59ea1caf5ab0a1807" ], - "version": "==0.7.5" + "version": "==0.7.7" }, "setuptools": { "hashes": [ - "sha256:4ac1475276d2f1c48684874089fefcd83bd7162ddaafb81fac866ba0db282a87", - "sha256:b454a35605876da60632df1a60f736524eb73cc47bbc9f3f1ef1b644de74fd2a" + "sha256:062d34222ad13e0cc312a4c02d73f059e86a4acbfbdea8f8f76b28c99f306922", + "sha256:f36b47402ecde768dbfafc46e8e4207b4360c654f1f3bb84475f0a28628fb19c" ], - "markers": "python_version >= '3.8'", - "version": "==68.2.2" + "markers": "python_version >= '3.9'", + "version": "==80.9.0" } }, "develop": {} diff --git a/src/build_artifact.sh b/build/build_artifact.sh similarity index 100% rename from src/build_artifact.sh rename to build/build_artifact.sh diff --git a/docker-compose.yml b/docker-compose.yml index d40b564..15970b4 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -11,7 +11,7 @@ services: # from the invoking environment but falls back to a default value. - BUILD_FILE_NAME=${BUILD_FILE_NAME:-lambda_build.zip} volumes: - - ./src/build_artifact.sh:/opt/build_artifact.sh + - ./build/build_artifact.sh:/opt/build_artifact.sh - .:/var/task/output run_lambda_locally: build: . diff --git a/src/py3.7/Pipfile b/src/py3.7/Pipfile deleted file mode 100644 index e49bd0f..0000000 --- a/src/py3.7/Pipfile +++ /dev/null @@ -1,11 +0,0 @@ -[[source]] -url = "https://pypi.org/simple" -verify_ssl = true -name = "pypi" - -[requires] -python_version = "3.7" - -[packages] -cowsay = "*" -example = {file = "https://github.com/cisagov/skeleton-python-library/archive/v0.1.0.tar.gz"} diff --git a/src/py3.7/Pipfile.lock b/src/py3.7/Pipfile.lock deleted file mode 100644 index e14bffd..0000000 --- a/src/py3.7/Pipfile.lock +++ /dev/null @@ -1,64 +0,0 @@ -{ - "_meta": { - "hash": { - "sha256": "fb8e36b2dfbe5f058679f36466257570fc6c43f47b6d060d907073b831843d83" - }, - "pipfile-spec": 6, - "requires": { - "python_version": "3.7" - }, - "sources": [ - { - "name": "pypi", - "url": "https://pypi.org/simple", - "verify_ssl": true - } - ] - }, - "default": { - "contextlib2": { - "hashes": [ - "sha256:3fbdb64466afd23abaf6c977627b75b6139a5a3e8ce38405c5b413aed7a0471f", - "sha256:ab1e2bfe1d01d968e1b7e8d9023bc51ef3509bba217bb730cee3827e1ee82869" - ], - "markers": "python_version >= '3.6'", - "version": "==21.6.0" - }, - "cowsay": { - "hashes": [ - "sha256:c00e02444f5bc7332826686bd44d963caabbaba9a804a63153822edce62bbbf3" - ], - "index": "pypi", - "version": "==5.0" - }, - "docopt": { - "hashes": [ - "sha256:49b3a825280bd66b3aa83585ef59c4a8c82f2c8a522dbe754a8bc8d08c85c491" - ], - "version": "==0.6.2" - }, - "example": { - "file": "https://github.com/cisagov/skeleton-python-library/archive/v0.1.0.tar.gz", - "hashes": [ - "sha256:d4ae2105b555cb386daf39e06b05594596e881e67faffc46c69d9e7ce56c8c4c" - ], - "version": "==0.1.0" - }, - "schema": { - "hashes": [ - "sha256:f06717112c61895cabc4707752b88716e8420a8819d71404501e114f91043197", - "sha256:f3ffdeeada09ec34bf40d7d79996d9f7175db93b7a5065de0faa7f41083c1e6c" - ], - "version": "==0.7.5" - }, - "setuptools": { - "hashes": [ - "sha256:57f6f22bde4e042978bcd50176fdb381d7c21a9efa4041202288d3737a0c6a54", - "sha256:a7620757bf984b58deaf32fc8a4577a9bbc0850cf92c20e1ce41c38c19e5fb75" - ], - "markers": "python_version >= '3.7'", - "version": "==65.6.3" - } - }, - "develop": {} -} diff --git a/src/py3.8/Pipfile b/src/py3.8/Pipfile deleted file mode 100644 index b568dea..0000000 --- a/src/py3.8/Pipfile +++ /dev/null @@ -1,11 +0,0 @@ -[[source]] -url = "https://pypi.org/simple" -verify_ssl = true -name = "pypi" - -[requires] -python_version = "3.8" - -[packages] -cowsay = "*" -example = {file = "https://github.com/cisagov/skeleton-python-library/archive/v0.1.0.tar.gz"} diff --git a/src/py3.8/Pipfile.lock b/src/py3.8/Pipfile.lock deleted file mode 100644 index 1d146e2..0000000 --- a/src/py3.8/Pipfile.lock +++ /dev/null @@ -1,61 +0,0 @@ -{ - "_meta": { - "hash": { - "sha256": "e7d647bd6df129d143384648900fa34961e527257ff08634f04b9badb5fd87f4" - }, - "pipfile-spec": 6, - "requires": { - "python_version": "3.8" - }, - "sources": [ - { - "name": "pypi", - "url": "https://pypi.org/simple", - "verify_ssl": true - } - ] - }, - "default": { - "contextlib2": { - "hashes": [ - "sha256:3fbdb64466afd23abaf6c977627b75b6139a5a3e8ce38405c5b413aed7a0471f", - "sha256:ab1e2bfe1d01d968e1b7e8d9023bc51ef3509bba217bb730cee3827e1ee82869" - ], - "markers": "python_version >= '3.6'", - "version": "==21.6.0" - }, - "cowsay": { - "hashes": [ - "sha256:274b1e6fc1b966d53976333eb90ac94cb07a450a700b455af9fbdf882244b30a" - ], - "index": "pypi", - "markers": "python_version >= '3.8'", - "version": "==6.1" - }, - "docopt": { - "hashes": [ - "sha256:49b3a825280bd66b3aa83585ef59c4a8c82f2c8a522dbe754a8bc8d08c85c491" - ], - "version": "==0.6.2" - }, - "example": { - "file": "https://github.com/cisagov/skeleton-python-library/archive/v0.1.0.tar.gz" - }, - "schema": { - "hashes": [ - "sha256:f06717112c61895cabc4707752b88716e8420a8819d71404501e114f91043197", - "sha256:f3ffdeeada09ec34bf40d7d79996d9f7175db93b7a5065de0faa7f41083c1e6c" - ], - "version": "==0.7.5" - }, - "setuptools": { - "hashes": [ - "sha256:4ac1475276d2f1c48684874089fefcd83bd7162ddaafb81fac866ba0db282a87", - "sha256:b454a35605876da60632df1a60f736524eb73cc47bbc9f3f1ef1b644de74fd2a" - ], - "markers": "python_version >= '3.8'", - "version": "==68.2.2" - } - }, - "develop": {} -} diff --git a/src/version.txt b/src/version.txt index 4e379d2..bcab45a 100644 --- a/src/version.txt +++ b/src/version.txt @@ -1 +1 @@ -0.0.2 +0.0.3