mirror of
https://github.com/prowler-cloud/prowler.git
synced 2026-07-04 19:21:51 +00:00
fix(docker): chown copied files to prowler pin uv sync --locked (#11234)
This commit is contained in:
@@ -139,6 +139,17 @@ jobs:
|
|||||||
sed -i "s|version = \"${CURRENT_API_VERSION}\"|version = \"${NEXT_API_VERSION}\"|" api/pyproject.toml
|
sed -i "s|version = \"${CURRENT_API_VERSION}\"|version = \"${NEXT_API_VERSION}\"|" api/pyproject.toml
|
||||||
sed -i "s| version: ${CURRENT_API_VERSION}| version: ${NEXT_API_VERSION}|" api/src/backend/api/specs/v1.yaml
|
sed -i "s| version: ${CURRENT_API_VERSION}| version: ${NEXT_API_VERSION}|" api/src/backend/api/specs/v1.yaml
|
||||||
|
|
||||||
|
- name: Regenerate lockfiles after version bump
|
||||||
|
run: |
|
||||||
|
set -e
|
||||||
|
# The bumps above edit pyproject.toml / api/pyproject.toml but leave
|
||||||
|
# uv.lock / api/uv.lock stale, which makes `uv sync --locked` fail in
|
||||||
|
# the container builds. Refresh both with the uv version the images
|
||||||
|
# pin (plain `uv lock`, no --upgrade: only the version line changes).
|
||||||
|
pip install --no-cache-dir "uv==0.11.14"
|
||||||
|
uv lock
|
||||||
|
(cd api && uv lock)
|
||||||
|
|
||||||
- name: Bump UI version (.env)
|
- name: Bump UI version (.env)
|
||||||
run: |
|
run: |
|
||||||
set -e
|
set -e
|
||||||
@@ -240,6 +251,17 @@ jobs:
|
|||||||
sed -i "s|version = \"${CURRENT_API_VERSION}\"|version = \"${FIRST_API_PATCH_VERSION}\"|" api/pyproject.toml
|
sed -i "s|version = \"${CURRENT_API_VERSION}\"|version = \"${FIRST_API_PATCH_VERSION}\"|" api/pyproject.toml
|
||||||
sed -i "s| version: ${CURRENT_API_VERSION}| version: ${FIRST_API_PATCH_VERSION}|" api/src/backend/api/specs/v1.yaml
|
sed -i "s| version: ${CURRENT_API_VERSION}| version: ${FIRST_API_PATCH_VERSION}|" api/src/backend/api/specs/v1.yaml
|
||||||
|
|
||||||
|
- name: Regenerate lockfiles after version bump
|
||||||
|
run: |
|
||||||
|
set -e
|
||||||
|
# The bumps above edit pyproject.toml / api/pyproject.toml but leave
|
||||||
|
# uv.lock / api/uv.lock stale, which makes `uv sync --locked` fail in
|
||||||
|
# the container builds. Refresh both with the uv version the images
|
||||||
|
# pin (plain `uv lock`, no --upgrade: only the version line changes).
|
||||||
|
pip install --no-cache-dir "uv==0.11.14"
|
||||||
|
uv lock
|
||||||
|
(cd api && uv lock)
|
||||||
|
|
||||||
- name: Bump UI version (.env)
|
- name: Bump UI version (.env)
|
||||||
run: |
|
run: |
|
||||||
set -e
|
set -e
|
||||||
@@ -341,6 +363,17 @@ jobs:
|
|||||||
sed -i "s|version = \"${CURRENT_API_VERSION}\"|version = \"${NEXT_API_PATCH_VERSION}\"|" api/pyproject.toml
|
sed -i "s|version = \"${CURRENT_API_VERSION}\"|version = \"${NEXT_API_PATCH_VERSION}\"|" api/pyproject.toml
|
||||||
sed -i "s| version: ${CURRENT_API_VERSION}| version: ${NEXT_API_PATCH_VERSION}|" api/src/backend/api/specs/v1.yaml
|
sed -i "s| version: ${CURRENT_API_VERSION}| version: ${NEXT_API_PATCH_VERSION}|" api/src/backend/api/specs/v1.yaml
|
||||||
|
|
||||||
|
- name: Regenerate lockfiles after version bump
|
||||||
|
run: |
|
||||||
|
set -e
|
||||||
|
# The bumps above edit pyproject.toml / api/pyproject.toml but leave
|
||||||
|
# uv.lock / api/uv.lock stale, which makes `uv sync --locked` fail in
|
||||||
|
# the container builds. Refresh both with the uv version the images
|
||||||
|
# pin (plain `uv lock`, no --upgrade: only the version line changes).
|
||||||
|
pip install --no-cache-dir "uv==0.11.14"
|
||||||
|
uv lock
|
||||||
|
(cd api && uv lock)
|
||||||
|
|
||||||
- name: Bump UI version (.env)
|
- name: Bump UI version (.env)
|
||||||
run: |
|
run: |
|
||||||
set -e
|
set -e
|
||||||
|
|||||||
+6
-6
@@ -76,11 +76,11 @@ USER prowler
|
|||||||
WORKDIR /home/prowler
|
WORKDIR /home/prowler
|
||||||
|
|
||||||
# Copy necessary files
|
# Copy necessary files
|
||||||
COPY prowler/ /home/prowler/prowler/
|
COPY --chown=prowler:prowler prowler/ /home/prowler/prowler/
|
||||||
COPY dashboard/ /home/prowler/dashboard/
|
COPY --chown=prowler:prowler dashboard/ /home/prowler/dashboard/
|
||||||
COPY pyproject.toml uv.lock /home/prowler/
|
COPY --chown=prowler:prowler pyproject.toml uv.lock /home/prowler/
|
||||||
COPY README.md /home/prowler/
|
COPY --chown=prowler:prowler README.md /home/prowler/
|
||||||
COPY prowler/providers/m365/lib/powershell/m365_powershell.py /home/prowler/prowler/providers/m365/lib/powershell/m365_powershell.py
|
COPY --chown=prowler:prowler prowler/providers/m365/lib/powershell/m365_powershell.py /home/prowler/prowler/providers/m365/lib/powershell/m365_powershell.py
|
||||||
|
|
||||||
# Install Python dependencies
|
# Install Python dependencies
|
||||||
ENV HOME='/home/prowler'
|
ENV HOME='/home/prowler'
|
||||||
@@ -89,7 +89,7 @@ ENV PATH="${HOME}/.local/bin:${PATH}"
|
|||||||
RUN pip install --no-cache-dir --upgrade pip && \
|
RUN pip install --no-cache-dir --upgrade pip && \
|
||||||
pip install --no-cache-dir uv==0.11.14
|
pip install --no-cache-dir uv==0.11.14
|
||||||
|
|
||||||
RUN uv sync --compile-bytecode && \
|
RUN uv sync --locked --compile-bytecode && \
|
||||||
rm -rf ~/.cache/uv
|
rm -rf ~/.cache/uv
|
||||||
|
|
||||||
# Install PowerShell modules
|
# Install PowerShell modules
|
||||||
|
|||||||
Generated
+1
-1
@@ -4494,7 +4494,7 @@ dependencies = [
|
|||||||
|
|
||||||
[[package]]
|
[[package]]
|
||||||
name = "prowler-api"
|
name = "prowler-api"
|
||||||
version = "1.28.0"
|
version = "1.29.0"
|
||||||
source = { virtual = "." }
|
source = { virtual = "." }
|
||||||
dependencies = [
|
dependencies = [
|
||||||
{ name = "cartography" },
|
{ name = "cartography" },
|
||||||
|
|||||||
@@ -3241,7 +3241,7 @@ wheels = [
|
|||||||
|
|
||||||
[[package]]
|
[[package]]
|
||||||
name = "prowler"
|
name = "prowler"
|
||||||
version = "5.27.0"
|
version = "5.28.0"
|
||||||
source = { editable = "." }
|
source = { editable = "." }
|
||||||
dependencies = [
|
dependencies = [
|
||||||
{ name = "alibabacloud-actiontrail20200706" },
|
{ name = "alibabacloud-actiontrail20200706" },
|
||||||
|
|||||||
Reference in New Issue
Block a user