Skip to content

chore(deps): Use latest available Python 3.12 base image #924

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
merged 6 commits into from
Aug 8, 2025
Merged

chore(deps): Use latest available Python 3.12 base image #924

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
6 commits
Select commit Hold shift + click to select a range
03967e2
chore(deps): Use latest available Python 3.12 base image
MaxymVlasov Aug 7, 2025
5ad8dd2
Bump docker image versions
MaxymVlasov Aug 7, 2025
f9ce71d
f
MaxymVlasov Aug 7, 2025
e1e1e21
f
MaxymVlasov Aug 7, 2025
0d6d9b7
Update tests
MaxymVlasov Aug 7, 2025
5859cb6
Merge branch 'master' into docker_deps
MaxymVlasov Aug 8, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
4 changes: 2 additions & 2 deletions .github/.container-structure-test-config.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -20,7 +20,7 @@ commandTests:
args:
- --version
expectedOutput:
- ^gcc \(Alpine 12\.
- ^gcc \(Alpine 14\.

- name: checkov
command: checkov
Expand Down Expand Up @@ -131,7 +131,7 @@ commandTests:
args:
- -V
expectedError:
- ^OpenSSH_9\.[0-9]+
- ^OpenSSH_10\.[0-9]+

fileExistenceTests:
- name: terrascan init
Expand Down
6 changes: 3 additions & 3 deletions Dockerfile
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
FROM python:3.12.0-alpine3.17@sha256:fc34b07ec97a4f288bc17083d288374a803dd59800399c76b977016c9fe5b8f2 AS python_base
FROM python:3.12-alpine@sha256:9b8808206f4a956130546a32cbdd8633bc973b19db2923b7298e6f90cc26db08 AS python_base

FROM python_base AS builder
ARG TARGETOS
Expand All @@ -20,7 +20,7 @@
#
# Install required tools
#
ARG PRE_COMMIT_VERSION=${PRE_COMMIT_VERSION:-latest}

Check warning on line 23 in Dockerfile

View workflow job for this annotation

GitHub Actions / Ubuntu x64

Variables should be defined before their use 

UndefinedVar: Usage of undefined variable '$PRE_COMMIT_VERSION'
More info: https://docs.docker.com/go/dockerfile/rule/undefined-var/
RUN touch /.env && \
if [ "$PRE_COMMIT_VERSION" = "false" ]; then \
echo "Vital software can't be skipped" && exit 1; \
Expand All @@ -31,18 +31,18 @@
# Install tools
#
ARG OPENTOFU_VERSION=${OPENTOFU_VERSION:-false}
ARG TERRAFORM_VERSION=${TERRAFORM_VERSION:-false}

Check warning on line 34 in Dockerfile

View workflow job for this annotation

GitHub Actions / Ubuntu x64

Variables should be defined before their use 

UndefinedVar: Usage of undefined variable '$TERRAFORM_VERSION'
More info: https://docs.docker.com/go/dockerfile/rule/undefined-var/

Check warning on line 34 in Dockerfile

View workflow job for this annotation

GitHub Actions / Ubuntu x64

Variables should be defined before their use 

UndefinedVar: Usage of undefined variable '$TERRAFORM_VERSION'
More info: https://docs.docker.com/go/dockerfile/rule/undefined-var/

Check warning on line 34 in Dockerfile

View workflow job for this annotation

GitHub Actions / Ubuntu ARM

Variables should be defined before their use 

UndefinedVar: Usage of undefined variable '$TERRAFORM_VERSION'
More info: https://docs.docker.com/go/dockerfile/rule/undefined-var/

ARG CHECKOV_VERSION=${CHECKOV_VERSION:-false}

Check warning on line 36 in Dockerfile

View workflow job for this annotation

GitHub Actions / Ubuntu x64

Variables should be defined before their use 

UndefinedVar: Usage of undefined variable '$CHECKOV_VERSION'
More info: https://docs.docker.com/go/dockerfile/rule/undefined-var/

Check warning on line 36 in Dockerfile

View workflow job for this annotation

GitHub Actions / Ubuntu x64

Variables should be defined before their use 

UndefinedVar: Usage of undefined variable '$CHECKOV_VERSION'
More info: https://docs.docker.com/go/dockerfile/rule/undefined-var/
ARG HCLEDIT_VERSION=${HCLEDIT_VERSION:-false}

Check warning on line 37 in Dockerfile

View workflow job for this annotation

GitHub Actions / Ubuntu x64

Variables should be defined before their use 

UndefinedVar: Usage of undefined variable '$HCLEDIT_VERSION'
More info: https://docs.docker.com/go/dockerfile/rule/undefined-var/

Check warning on line 37 in Dockerfile

View workflow job for this annotation

GitHub Actions / Ubuntu ARM

Variables should be defined before their use 

UndefinedVar: Usage of undefined variable '$HCLEDIT_VERSION'
More info: https://docs.docker.com/go/dockerfile/rule/undefined-var/
ARG INFRACOST_VERSION=${INFRACOST_VERSION:-false}

Check warning on line 38 in Dockerfile

View workflow job for this annotation

GitHub Actions / Ubuntu x64

Variables should be defined before their use 

UndefinedVar: Usage of undefined variable '$INFRACOST_VERSION'
More info: https://docs.docker.com/go/dockerfile/rule/undefined-var/

Check warning on line 38 in Dockerfile

View workflow job for this annotation

GitHub Actions / Ubuntu ARM

Variables should be defined before their use 

UndefinedVar: Usage of undefined variable '$INFRACOST_VERSION'
More info: https://docs.docker.com/go/dockerfile/rule/undefined-var/
ARG TERRAFORM_DOCS_VERSION=${TERRAFORM_DOCS_VERSION:-false}

Check warning on line 39 in Dockerfile

View workflow job for this annotation

GitHub Actions / Ubuntu x64

Variables should be defined before their use 

UndefinedVar: Usage of undefined variable '$TERRAFORM_DOCS_VERSION'
More info: https://docs.docker.com/go/dockerfile/rule/undefined-var/

Check warning on line 39 in Dockerfile

View workflow job for this annotation

GitHub Actions / Ubuntu ARM

Variables should be defined before their use 

UndefinedVar: Usage of undefined variable '$TERRAFORM_DOCS_VERSION'
More info: https://docs.docker.com/go/dockerfile/rule/undefined-var/
ARG TERRAGRUNT_VERSION=${TERRAGRUNT_VERSION:-false}
ARG TERRASCAN_VERSION=${TERRASCAN_VERSION:-false}

Check warning on line 41 in Dockerfile

View workflow job for this annotation

GitHub Actions / Ubuntu x64

Variables should be defined before their use 

UndefinedVar: Usage of undefined variable '$TERRASCAN_VERSION'
More info: https://docs.docker.com/go/dockerfile/rule/undefined-var/

Check warning on line 41 in Dockerfile

View workflow job for this annotation

GitHub Actions / Ubuntu x64

Variables should be defined before their use 

UndefinedVar: Usage of undefined variable '$TERRASCAN_VERSION'
More info: https://docs.docker.com/go/dockerfile/rule/undefined-var/

Check warning on line 41 in Dockerfile

View workflow job for this annotation

GitHub Actions / Ubuntu ARM

Variables should be defined before their use 

UndefinedVar: Usage of undefined variable '$TERRASCAN_VERSION'
More info: https://docs.docker.com/go/dockerfile/rule/undefined-var/
ARG TFLINT_VERSION=${TFLINT_VERSION:-false}

Check warning on line 42 in Dockerfile

View workflow job for this annotation

GitHub Actions / Ubuntu x64

Variables should be defined before their use 

UndefinedVar: Usage of undefined variable '$TFLINT_VERSION'
More info: https://docs.docker.com/go/dockerfile/rule/undefined-var/

Check warning on line 42 in Dockerfile

View workflow job for this annotation

GitHub Actions / Ubuntu ARM

Variables should be defined before their use 

UndefinedVar: Usage of undefined variable '$TFLINT_VERSION'
More info: https://docs.docker.com/go/dockerfile/rule/undefined-var/
ARG TFSEC_VERSION=${TFSEC_VERSION:-false}

Check warning on line 43 in Dockerfile

View workflow job for this annotation

GitHub Actions / Ubuntu x64

Variables should be defined before their use 

UndefinedVar: Usage of undefined variable '$TFSEC_VERSION'
More info: https://docs.docker.com/go/dockerfile/rule/undefined-var/

Check warning on line 43 in Dockerfile

View workflow job for this annotation

GitHub Actions / Ubuntu ARM

Variables should be defined before their use 

UndefinedVar: Usage of undefined variable '$TFSEC_VERSION'
More info: https://docs.docker.com/go/dockerfile/rule/undefined-var/
ARG TFUPDATE_VERSION=${TFUPDATE_VERSION:-false}

Check warning on line 44 in Dockerfile

View workflow job for this annotation

GitHub Actions / Ubuntu x64

Variables should be defined before their use 

UndefinedVar: Usage of undefined variable '$TFUPDATE_VERSION'
More info: https://docs.docker.com/go/dockerfile/rule/undefined-var/

Check warning on line 44 in Dockerfile

View workflow job for this annotation

GitHub Actions / Ubuntu x64

Variables should be defined before their use 

UndefinedVar: Usage of undefined variable '$TFUPDATE_VERSION'
More info: https://docs.docker.com/go/dockerfile/rule/undefined-var/

Check warning on line 44 in Dockerfile

View workflow job for this annotation

GitHub Actions / Ubuntu ARM

Variables should be defined before their use 

UndefinedVar: Usage of undefined variable '$TFUPDATE_VERSION'
More info: https://docs.docker.com/go/dockerfile/rule/undefined-var/
ARG TRIVY_VERSION=${TRIVY_VERSION:-false}

Check warning on line 45 in Dockerfile

View workflow job for this annotation

GitHub Actions / Ubuntu ARM

Variables should be defined before their use 

UndefinedVar: Usage of undefined variable '$TRIVY_VERSION'
More info: https://docs.docker.com/go/dockerfile/rule/undefined-var/


# Tricky thing to install all tools by set only one arg.
Expand Down Expand Up @@ -116,11 +116,11 @@
bash=~5 \
# pre-commit-hooks deps: https://github.com/pre-commit/pre-commit-hooks
musl-dev=~1 \
gcc=~12 \
gcc=~14 \
# entrypoint wrapper deps
su-exec=~0.2 \
# ssh-client for external private module in ssh
openssh-client=~9
openssh-client=~10

# Copy tools
COPY --from=builder \
Expand Down Expand Up @@ -148,9 +148,9 @@

COPY tools/entrypoint.sh /entrypoint.sh

ENV PRE_COMMIT_COLOR=${PRE_COMMIT_COLOR:-always}

Check warning on line 151 in Dockerfile

View workflow job for this annotation

GitHub Actions / Ubuntu x64

Variables should be defined before their use 

UndefinedVar: Usage of undefined variable '$PRE_COMMIT_COLOR'
More info: https://docs.docker.com/go/dockerfile/rule/undefined-var/

Check warning on line 151 in Dockerfile

View workflow job for this annotation

GitHub Actions / Ubuntu x64

Variables should be defined before their use 

UndefinedVar: Usage of undefined variable '$PRE_COMMIT_COLOR'
More info: https://docs.docker.com/go/dockerfile/rule/undefined-var/

ENV INFRACOST_API_KEY=${INFRACOST_API_KEY:-}

Check warning on line 153 in Dockerfile

View workflow job for this annotation

GitHub Actions / Ubuntu x64

Sensitive data should not be used in the ARG or ENV commands 

SecretsUsedInArgOrEnv: Do not use ARG or ENV instructions for sensitive data (ENV "INFRACOST_API_KEY")
More info: https://docs.docker.com/go/dockerfile/rule/secrets-used-in-arg-or-env/

Check warning on line 153 in Dockerfile

View workflow job for this annotation

GitHub Actions / Ubuntu x64

Sensitive data should not be used in the ARG or ENV commands 

SecretsUsedInArgOrEnv: Do not use ARG or ENV instructions for sensitive data (ENV "INFRACOST_API_KEY")
More info: https://docs.docker.com/go/dockerfile/rule/secrets-used-in-arg-or-env/

Check warning on line 153 in Dockerfile

View workflow job for this annotation

GitHub Actions / Ubuntu x64

Variables should be defined before their use 

UndefinedVar: Usage of undefined variable '$INFRACOST_API_KEY'
More info: https://docs.docker.com/go/dockerfile/rule/undefined-var/

Check warning on line 153 in Dockerfile

View workflow job for this annotation

GitHub Actions / Ubuntu ARM

Sensitive data should not be used in the ARG or ENV commands 

SecretsUsedInArgOrEnv: Do not use ARG or ENV instructions for sensitive data (ENV "INFRACOST_API_KEY")
More info: https://docs.docker.com/go/dockerfile/rule/secrets-used-in-arg-or-env/
ENV INFRACOST_SKIP_UPDATE_CHECK=${INFRACOST_SKIP_UPDATE_CHECK:-false}

Check warning on line 154 in Dockerfile

View workflow job for this annotation

GitHub Actions / Ubuntu x64

Variables should be defined before their use 

UndefinedVar: Usage of undefined variable '$INFRACOST_SKIP_UPDATE_CHECK'
More info: https://docs.docker.com/go/dockerfile/rule/undefined-var/

ENTRYPOINT [ "/entrypoint.sh" ]
2 changes: 1 addition & 1 deletion tools/install/checkov.sh
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -9,7 +9,7 @@ readonly SCRIPT_DIR
#

apk add --no-cache \
gcc=~12 \
gcc=~14 \
libffi-dev=~3 \
musl-dev=~1

Expand Down