Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feat(python): Support Python builds using mbtci Docker images #1106

Closed
wants to merge 1 commit into from
Closed

feat(python): Support Python builds using mbtci Docker images #1106

wants to merge 1 commit into from

Conversation

silvestre
Copy link
Member

Description

This change keeps python3 installed and adds python3-pip and python3-dev, so that the resulting image can be used in Piper-based pipelines to build Python apps:

  • pip might be needed for vendoring the dependencies, during the mtaBuild, so that the resulting MTA is self-contained when deployed in air-gapped CF.
  • FOSS scanning using detectExecuteScan also relies on the pip tool being available.

I have not yet touched the tests, as I wanted to get the discussion rolling if this is a change you would likely merge.
I believe it would make sense to fully support Python in your Docker images as it is an enterprise-supported language when targeting SAP BTP, Cloud Foundry environment

In case you agree, I can adapt the tests as well.

Checklist

  • Code compiles correctly
  • Relevant tests were added (unit / contract / integration)
  • Relevant logs were added
  • Formatting and linting run locally successfully
  • All tests pass
  • UA review
  • Design is documented
  • Extended the README / documentation, if necessary
  • Open source is approved

@silvestre
Keep python3 installed and add python3-pip
857c8d3 
to make builds of Python-based MTA apps feasible with the Docker images.
jerome-benoit
jerome-benoit reviewed Jun 26, 2024
View reviewed changes
Dockerfile_mbtci_template
@@ -270,7 +271,7 @@ RUN ARCH= && dpkgArch="$(dpkg --print-architecture)" \
&& curl -fsSLO --compressed "https://github.com/CycloneDX/cyclonedx-cli/releases/download/v${CYCLONEDX_CLI_VERSION}/${CYCLONEDX_CLI_BINARY}-linux-${ARCH}" \
&& chmod a+rx ${CYCLONEDX_CLI_BINARY}-linux-${ARCH} \
&& mv ${CYCLONEDX_CLI_BINARY}-linux-${ARCH} /usr/local/bin/${CYCLONEDX_CLI_BINARY} \
&& apt-get remove --purge --autoremove -y ca-certificates curl gnupg dirmngr \
&& apt-get remove --purge --autoremove -y gnupg dirmngr \
Copy link
Collaborator

@jerome-benoit jerome-benoit Jun 26, 2024
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Security policy enforce that only toolchains must be part of the available binaries. Binaries allowing to ease HTTP, FTP, ... direct requests from the build env must be removed.

@silvestre silvestre closed this Sep 9, 2024
@silvestre silvestre deleted the add-pip branch September 9, 2024 15:05
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@jerome-benoit jerome-benoit jerome-benoit left review comments

@wangshen-sap wangshen-sap Awaiting requested review from wangshen-sap wangshen-sap is a code owner

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@silvestre @jerome-benoit