From 0722ad70259f2132c5691c697038066fd1d84ad7 Mon Sep 17 00:00:00 2001 From: Falk Zoll Date: Mon, 24 Feb 2020 15:29:21 +0100 Subject: [PATCH] Update python3.6/3.7 images. - Update base images. - Update some packages to get security fixes. --- python3.6/CHANGELOG.md | 83 ++++++++++++++++++++++++++++++++++++++++ python3.6/Dockerfile | 47 +++++++++++++---------- python3.7/CHANGELOG.md | 86 ++++++++++++++++++++++++++++++++++++++++++ python3.7/Dockerfile | 13 ++++++- 4 files changed, 207 insertions(+), 22 deletions(-) diff --git a/python3.6/CHANGELOG.md b/python3.6/CHANGELOG.md index b389389..36643de 100644 --- a/python3.6/CHANGELOG.md +++ b/python3.6/CHANGELOG.md @@ -1,5 +1,88 @@ # IBM Functions Python 3.6 Runtime Container +## 1.25.0 +Changes: + - update to new base image + - update pip from `19.2.3` to `20.0.2` + +Python version: + - [3.6.9](https://github.com/docker-library/python/blob/721671c28aad96ad2c1970e83c2af71ceff15f1b/3.6/jessie/slim/Dockerfile) + +Python packages: + - attrs==19.3.0 + - autobahn==20.2.1 + - Automat==20.2.0 + - beautifulsoup4==4.7.1 + - botocore==1.15.5 + - cassandra-driver==3.16.0 + - certifi==2019.11.28 + - cffi==1.14.0 + - chardet==3.0.4 + - Click==7.0 + - cloudant==2.11.0 + - constantly==15.1.0 + - cryptography==2.8 + - cssselect==1.1.0 + - docutils==0.15.2 + - elasticsearch==5.5.3 + - Flask==1.0.2 + - gevent==1.4.0 + - greenlet==0.4.15 + - httplib2==0.12.1 + - hyperlink==19.0.0 + - ibm-cos-sdk==2.4.3 + - ibm-cos-sdk-core==2.6.0 + - ibm-cos-sdk-s3transfer==2.6.0 + - ibm-db==2.0.9 + - ibmcloudsql==0.2.23 + - idna==2.8 + - incremental==17.5.0 + - itsdangerous==1.1.0 + - Jinja2==2.11.1 + - jmespath==0.9.4 + - kafka-python==1.4.4 + - lxml==4.3.1 + - MarkupSafe==1.1.1 + - numpy==1.16.1 + - pandas==0.24.1 + - parsel==1.5.2 + - pika==0.13.0 + - Pillow==5.4.1 + - pip==20.0.2 + - psycopg2==2.7.7 + - pyarrow==0.16.0 + - pyasn1==0.4.8 + - pyasn1-modules==0.2.8 + - pycparser==2.19 + - PyDispatcher==2.0.5 + - PyHamcrest==2.0.0 + - pymongo==3.7.2 + - pyOpenSSL==19.1.0 + - python-dateutil==2.7.5 + - pytz==2019.3 + - queuelib==1.5.0 + - redis==2.10.6 + - requests==2.21.0 + - scikit-learn==0.20.2 + - scipy==1.2.1 + - Scrapy==1.6.0 + - service-identity==18.1.0 + - setuptools==45.2.0 + - simplejson==3.16.0 + - six==1.14.0 + - soupsieve==2.0 + - tornado==4.5.2 + - Twisted==19.7.0 + - txaio==20.1.1 + - urllib3==1.24.3 + - virtualenv==16.3.0 + - w3lib==1.21.0 + - watson-developer-cloud==1.7.1 + - Werkzeug==1.0.0 + - wheel==0.33.4 + - zope.interface==4.7.1 + + ## 1.24.0 Changes: - update to new base image diff --git a/python3.6/Dockerfile b/python3.6/Dockerfile index 238071d..3e22318 100644 --- a/python3.6/Dockerfile +++ b/python3.6/Dockerfile @@ -2,31 +2,38 @@ FROM python:3.6-slim-jessie ENV FLASK_PROXY_PORT 8080 -RUN apt-get update && apt-get install -y \ - gcc \ - libc-dev \ - libxslt-dev \ - libxml2-dev \ - libffi-dev \ - libssl-dev \ - zip \ - unzip \ - vim \ - && rm -rf /var/lib/apt/lists/* - -RUN apt-cache search linux-headers-generic - COPY requirements.txt requirements.txt -RUN pip install --upgrade pip setuptools six && pip install --no-cache-dir -r requirements.txt - -# create action working directory -RUN mkdir -p /action +RUN apt-get update \ + # add some packages required for the pip install + && apt-get install -y \ + gcc \ + libc-dev \ + libxslt-dev \ + libxml2-dev \ + libffi-dev \ + libssl-dev \ + zip \ + unzip \ + vim \ + # add secutity updates for certain packages + && apt-get install -y \ + e2fsprogs \ + openssl \ + tzdata \ + libgcrypt20 \ + # cleanup package lists, they are not used anymore in this image + && rm -rf /var/lib/apt/lists/* \ + && apt-cache search linux-headers-generic \ + # install additional python modules + && pip install --upgrade pip setuptools six && pip install --no-cache-dir -r requirements.txt \ + # create action working directory + && mkdir -p /action \ + && mkdir -p /actionProxy \ + && mkdir -p /pythonAction -RUN mkdir -p /actionProxy ADD https://raw.githubusercontent.com/apache/openwhisk-runtime-docker/8b2e205c39d84ed5ede6b1b08cccf314a2b13105/core/actionProxy/actionproxy.py /actionProxy/actionproxy.py -RUN mkdir -p /pythonAction ADD https://raw.githubusercontent.com/apache/openwhisk-runtime-python/3%401.0.3/core/pythonAction/pythonrunner.py /pythonAction/pythonrunner.py CMD ["/bin/bash", "-c", "cd /pythonAction && python -u pythonrunner.py"] diff --git a/python3.7/CHANGELOG.md b/python3.7/CHANGELOG.md index f1839b5..6fd3438 100644 --- a/python3.7/CHANGELOG.md +++ b/python3.7/CHANGELOG.md @@ -1,5 +1,91 @@ # IBM Functions Python 3.7 Runtime Container +## 1.14.0 +Changes: + - update to new base image + - update pip from `19.3.1` to `20.0.2` + +Python version: + - [3.7.5](https://github.com/docker-library/python/blob/ab8b829cfefdb460ebc17e570332f0479039e918/3.7/stretch/Dockerfile) + +Python packages: + - attrs==19.3.0 + - Automat==0.8.0 + - beautifulsoup4==4.8.0 + - botocore==1.15.5 + - cassandra-driver==3.18.0 + - certifi==2019.11.28 + - cffi==1.13.2 + - chardet==3.0.4 + - Click==7.0 + - cloudant==2.12.0 + - constantly==15.1.0 + - cryptography==2.8 + - cssselect==1.1.0 + - docutils==0.15.2 + - elasticsearch==6.3.1 + - etcd3==0.10.0 + - Flask==1.0.2 + - gevent==1.4.0 + - greenlet==0.4.15 + - grpcio==1.27.2 + - httplib2==0.13.0 + - hyperlink==19.0.0 + - ibm-cos-sdk==2.5.1 + - ibm-cos-sdk-core==2.6.0 + - ibm-cos-sdk-s3transfer==2.6.0 + - ibm-db==3.0.1 + - ibmcloudsql==0.2.23 + - idna==2.7 + - incremental==17.5.0 + - itsdangerous==1.1.0 + - Jinja2==2.11.1 + - jmespath==0.9.4 + - kafka-python==1.4.6 + - lxml==4.3.4 + - MarkupSafe==1.1.1 + - numpy==1.16.4 + - pandas==0.24.2 + - parsel==1.5.2 + - pika==1.0.1 + - Pillow==6.2.1 + - pip==20.0.2 + - protobuf==3.11.3 + - psycopg2==2.8.2 + - pyarrow==0.16.0 + - pyasn1==0.4.8 + - pyasn1-modules==0.2.7 + - pycparser==2.19 + - PyDispatcher==2.0.5 + - PyHamcrest==1.9.0 + - PyJWT==1.7.1 + - pymongo==3.8.0 + - pyOpenSSL==19.1.0 + - python-dateutil==2.8.0 + - pytz==2019.3 + - queuelib==1.5.0 + - redis==3.2.1 + - requests==2.22.0 + - scikit-learn==0.20.3 + - scipy==1.2.1 + - Scrapy==1.6.0 + - service-identity==18.1.0 + - setuptools==45.2.0 + - simplejson==3.16.0 + - six==1.14.0 + - soupsieve==2.0 + - tenacity==6.0.0 + - tornado==4.5.2 + - Twisted==19.7.0 + - urllib3==1.23 + - virtualenv==16.7.1 + - w3lib==1.21.0 + - watson-developer-cloud==2.8.1 + - websocket-client==0.48.0 + - Werkzeug==1.0.0 + - wheel==0.33.6 + - zope.interface==4.7.1 + ## 1.13.0 Changes: - update to new base image diff --git a/python3.7/Dockerfile b/python3.7/Dockerfile index d3170d0..b2cc40b 100644 --- a/python3.7/Dockerfile +++ b/python3.7/Dockerfile @@ -1,5 +1,14 @@ -FROM openwhisk/actionloop-python-v3.7:36721d6 +FROM openwhisk/actionloop-python-v3.7:248efb5 COPY requirements.txt requirements.txt -RUN pip install --upgrade pip setuptools six && pip install --no-cache-dir -r requirements.txt +RUN apt-get update \ + # add secutity updates for certain packages + && apt-get install -y file git \ + # cleanup package lists, they are not used anymore in this image + && rm -rf /var/lib/apt/lists/* \ + # We do not have mysql-server installed but mysql-common contains config files (/etc/mysql/my.cnf) for it. + # We need to add some dummy entries to /etc/mysql/my.cnf to sattisfy vulnerability checking of it. + && echo "\n[mysqld]\nssl-ca=/tmp/ca.pem\nssl-cert=/tmp/server-cert.pem\nssl-key=/tmp/server-key.pem\n" >> /etc/mysql/my.cnf \ + # install additional python modules + && pip install --upgrade pip setuptools six && pip install --no-cache-dir -r requirements.txt