Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Openssl3 base images part1 #2926

Merged
merged 1 commit into from
Aug 31, 2023
Merged

Openssl3 base images part1 #2926

merged 1 commit into from
Aug 31, 2023

Conversation

marek-jakubowski
Copy link
Contributor

@marek-jakubowski marek-jakubowski commented Aug 29, 2023
edited
Loading

Desired Outcome

Goal is to provide some changes from #2874 to make it smaller and deliver tagging strategy earlier

Implemented Changes

Describe how the desired outcome above has been achieved with this PR. In
particular, consider:

  • What's changed? Why were these changes made?
    Switched to base image new tagging
  • How should the reviewer approach this PR, especially if manual tests are required?
  • Are there relevant screenshots you can add to the PR description?

Connected Issue/Story

Resolves #[relevant GitHub issue(s), e.g. 76]

CyberArk internal issue ID: [insert issue ID]

Definition of Done

At least 1 todo must be completed in the sections below for the PR to be
merged.

Changelog

  • The CHANGELOG has been updated, or
  • This PR does not include user-facing changes and doesn't require a
    CHANGELOG update

Test coverage

  • This PR includes new unit and integration tests to go with the code
    changes, or
  • The changes in this PR do not require tests

Documentation

  • Docs (e.g. READMEs) were updated in this PR
  • A follow-up issue to update official docs has been filed here: [insert issue ID]
  • This PR does not require updating any documentation

Behavior

  • This PR changes product behavior and has been reviewed by a PO, or
  • These changes are part of a larger initiative that will be reviewed later, or
  • No behavior was changed with this PR

Security

  • Security architect has reviewed the changes in this PR,
  • These changes are part of a larger initiative with a separate security review, or
  • There are no security aspects to these changes

@marek-jakubowski marek-jakubowski marked this pull request as ready for review August 29, 2023 11:35
@marek-jakubowski marek-jakubowski requested a review from a team as a code owner August 29, 2023 11:35
micahlee
micahlee reviewed Aug 29, 2023
View reviewed changes
Copy link
Contributor

@micahlee micahlee left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This is looking good! Two non-line level comments:

  • Mind updating the PR description? I meant to note this on the base image PR as well.
  • This should include a single CHANGELOG entry indicating that we've updated our base image to use a more modern version of Ubuntu.

Thanks!

build.sh
Comment on lines +35 to +48
local envs
envs=$(docker inspect -f '{{range $index, $value := .Config.Env}}{{$value}} {{end}}' "$container")
local workDir
workDir=$(docker inspect -f '{{ .Config.WorkingDir }}' "$container")
local user
user=$(docker inspect -f '{{ .Config.User }}' "$container")
local entrypoint
entrypoint=$(docker inspect -f '[{{range $index, $value := .Config.Entrypoint }}{{if $index}},{{end}}"{{$value}}"{{end}}]' "$container")
local cmd
cmd=$(docker inspect -f '[{{range $index, $value := .Config.Cmd }}{{if $index}},{{end}}"{{$value}}"{{end}}]' "$container")
local ports
IFS=":" read -r -a ports <<< "$(docker inspect -f '{{range $port, $empty := .Config.ExposedPorts}}--change:EXPOSE {{$port}}:{{end}}' "$container")"
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This is clever and a nice improvement to prevent duplicating configuration. Mind adding a comment at the top explaining what this is doing so it's easier to understand at-a-glance?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Added some note.

Dockerfile Outdated
@@ -1,4 +1,4 @@
FROM cyberark/ubuntu-ruby-fips:latest
FROM registry.tld/cyberark/ubuntu-ruby-fips:20.04-2.0.7-14
Copy link
Contributor

@micahlee micahlee Aug 29, 2023
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I assume this won't be version pinned once the base image PR is merged?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Correct, pinned just for pipeline verification.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Removed. Build will fail until merging cyberark/conjur-base-image#122

@marek-jakubowski marek-jakubowski force-pushed the openssl3-base-images-part1 branch from 6a74fd4 to 1f5feda Compare August 29, 2023 21:00
@marek-jakubowski
Copy link
Contributor Author

marek-jakubowski commented Aug 29, 2023
edited
Loading

Push-forced to address review comments. @micahlee this one could be reviewed again, thanks.

@marek-jakubowski marek-jakubowski force-pushed the openssl3-base-images-part1 branch from 1f5feda to 2b0ca6e Compare August 30, 2023 09:38
@hdabrowski hdabrowski force-pushed the openssl3-base-images-part1 branch from 2b0ca6e to 3b05d0f Compare August 30, 2023 10:52
@marek-jakubowski marek-jakubowski requested a review from a team August 30, 2023 11:05
@marek-jakubowski marek-jakubowski force-pushed the openssl3-base-images-part1 branch 2 times, most recently from 88edbaa to adb87c9 Compare August 30, 2023 16:55
@micahlee micahlee force-pushed the openssl3-base-images-part1 branch from adb87c9 to b3c8425 Compare August 31, 2023 17:48
micahlee
micahlee approved these changes Aug 31, 2023
View reviewed changes
Copy link
Contributor

@micahlee micahlee left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM! I also double checked that the dev environment works as expected with this PR. Thanks!

@marek-jakubowski marek-jakubowski force-pushed the openssl3-base-images-part1 branch from b3c8425 to 32be785 Compare August 31, 2023 18:41
@codeclimate
Copy link

codeclimate bot commented Aug 31, 2023

Code Climate has analyzed commit 32be785 and detected 0 issues on this pull request.

The test coverage on the diff in this pull request is 100.0% (50% is the threshold).

This pull request will bring the total coverage in the repository to 88.4% (0.0% change).

View more on Code Climate.

@marek-jakubowski marek-jakubowski merged commit 6efe6d3 into master Aug 31, 2023
@marek-jakubowski marek-jakubowski deleted the openssl3-base-images-part1 branch August 31, 2023 20:15
@gl-johnson gl-johnson mentioned this pull request Oct 2, 2023
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@micahlee micahlee micahlee approved these changes

Assignees
No one assigned
Labels
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@marek-jakubowski @micahlee @hdabrowski