You are viewing a plain text version of this content. The canonical link for it is here.

Posted to notifications@superset.apache.org by "EugeneTorap (via GitHub)" <gi...@apache.org> on 2023/02/01 08:12:01 UTC

[GitHub] [superset] EugeneTorap opened a new pull request, #22934: chore: pin to 3.8-slim in Dockerfile

EugeneTorap opened a new pull request, #22934:
URL: https://github.com/apache/superset/pull/22934

   <!---
   Please write the PR title following the conventions at https://www.conventionalcommits.org/en/v1.0.0/
   Example:
   fix(dashboard): load charts correctly
   -->
   
   ### SUMMARY
   closes #22810
   Pinning the python image to to 3.8-slim in Dockerfile
   
   ### BEFORE/AFTER SCREENSHOTS OR ANIMATED GIF
   <!--- Skip this if not applicable -->
   
   ### TESTING INSTRUCTIONS
   <!--- Required! What steps can be taken to manually verify the changes? -->
   
   ### ADDITIONAL INFORMATION
   <!--- Check any relevant boxes with "x" -->
   <!--- HINT: Include "Fixes #nnn" if you are fixing an existing issue -->
   - [ ] Has associated issue:
   - [ ] Required feature flags:
   - [ ] Changes UI
   - [ ] Includes DB Migration (follow approval process in [SIP-59](https://github.com/apache/superset/issues/13351))
     - [ ] Migration is atomic, supports rollback & is backwards-compatible
     - [ ] Confirm DB migration upgrade and downgrade tested
     - [ ] Runtime estimates and downtime expectations provided
   - [ ] Introduces new feature or API
   - [ ] Removes existing feature or API
   


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: notifications-unsubscribe@superset.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org


---------------------------------------------------------------------
To unsubscribe, e-mail: notifications-unsubscribe@superset.apache.org
For additional commands, e-mail: notifications-help@superset.apache.org

[GitHub] [superset] EugeneTorap commented on pull request #22934: chore: pin python image to 3.8-slim in Dockerfile

Posted by "EugeneTorap (via GitHub)" <gi...@apache.org>.

EugeneTorap commented on PR #22934:
URL: https://github.com/apache/superset/pull/22934#issuecomment-1416207825

   @rusackas Can we add a GitHub bot which will be bump the patch version of python in Dockerfile every 1-2 months?
   For example the GitHub bot creates a PR then we see that there're no conflicts and merge it.
   What do you think about it?


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: notifications-unsubscribe@superset.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org


---------------------------------------------------------------------
To unsubscribe, e-mail: notifications-unsubscribe@superset.apache.org
For additional commands, e-mail: notifications-help@superset.apache.org

[GitHub] [superset] EugeneTorap commented on pull request #22934: chore: pin python image to 3.8-slim in Dockerfile

Posted by "EugeneTorap (via GitHub)" <gi...@apache.org>.

EugeneTorap commented on PR #22934:
URL: https://github.com/apache/superset/pull/22934#issuecomment-1411844440

   @villebro @rusackas merge it?


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: notifications-unsubscribe@superset.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org


---------------------------------------------------------------------
To unsubscribe, e-mail: notifications-unsubscribe@superset.apache.org
For additional commands, e-mail: notifications-help@superset.apache.org

[GitHub] [superset] EugeneTorap commented on pull request #22934: chore: pin python image to 3.8-slim in Dockerfile

Posted by "EugeneTorap (via GitHub)" <gi...@apache.org>.

EugeneTorap commented on PR #22934:
URL: https://github.com/apache/superset/pull/22934#issuecomment-1415218066

   @villebro @dpgaspar merge it?


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: notifications-unsubscribe@superset.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org


---------------------------------------------------------------------
To unsubscribe, e-mail: notifications-unsubscribe@superset.apache.org
For additional commands, e-mail: notifications-help@superset.apache.org

[GitHub] [superset] craig-rueda commented on pull request #22934: chore: pin python image to 3.8-slim in Dockerfile

Posted by "craig-rueda (via GitHub)" <gi...@apache.org>.

craig-rueda commented on PR #22934:
URL: https://github.com/apache/superset/pull/22934#issuecomment-1416182639

   > > This is probably not a great idea as it will lead to non deterministic builds. IMO we should be conscious about bumping the PY version, even if it's just a patch
   > 
   > The fact that we don't really have resources to actively follow patch releases to upstream Python, pinning to a minor seems like a lesser bad vs being exposed to vulns due to being pinned on an old patch version. But if this is not a shared concern I'm happy to bump to the latest patch.
   
   I think it depends on context. In most orgs, I'm sure folks will want to control the patch version themselves, so they're probably going to control patch versions themselves, so will likely NOT want to use this image. One of the hardest things to debug are problems that arise from some "auto" patch version bumping somewhere that affects other libs, etc. (think `package-lock.json`)


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: notifications-unsubscribe@superset.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org


---------------------------------------------------------------------
To unsubscribe, e-mail: notifications-unsubscribe@superset.apache.org
For additional commands, e-mail: notifications-help@superset.apache.org

[GitHub] [superset] craig-rueda commented on pull request #22934: chore: pin python image to 3.8-slim in Dockerfile

Posted by "craig-rueda (via GitHub)" <gi...@apache.org>.

craig-rueda commented on PR #22934:
URL: https://github.com/apache/superset/pull/22934#issuecomment-1416032265

   This is probably not a great idea as it will lead to non deterministic builds. IMO we should be conscious about bumping the PY version, even if it's just a patch


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: notifications-unsubscribe@superset.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org


---------------------------------------------------------------------
To unsubscribe, e-mail: notifications-unsubscribe@superset.apache.org
For additional commands, e-mail: notifications-help@superset.apache.org

[GitHub] [superset] villebro commented on pull request #22934: chore: pin python image to 3.8-slim in Dockerfile

Posted by "villebro (via GitHub)" <gi...@apache.org>.

villebro commented on PR #22934:
URL: https://github.com/apache/superset/pull/22934#issuecomment-1416087943

   > This is probably not a great idea as it will lead to non deterministic builds. IMO we should be conscious about bumping the PY version, even if it's just a patch
   
   The fact that we don't really have resources to actively follow patch releases to upstream Python, pinning to a minor seems like a lesser bad vs being exposed to vulns due to being pinned on an old patch version. But if this is not a shared concern I'm happy to bump to the latest patch.


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: notifications-unsubscribe@superset.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org


---------------------------------------------------------------------
To unsubscribe, e-mail: notifications-unsubscribe@superset.apache.org
For additional commands, e-mail: notifications-help@superset.apache.org

[GitHub] [superset] craig-rueda merged pull request #22934: chore: bump python version to 3.8.16 in Dockerfile

Posted by "craig-rueda (via GitHub)" <gi...@apache.org>.

craig-rueda merged PR #22934:
URL: https://github.com/apache/superset/pull/22934


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: notifications-unsubscribe@superset.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org


---------------------------------------------------------------------
To unsubscribe, e-mail: notifications-unsubscribe@superset.apache.org
For additional commands, e-mail: notifications-help@superset.apache.org

[GitHub] [superset] EugeneTorap commented on pull request #22934: chore: pin python image to 3.8-slim in Dockerfile

Posted by "EugeneTorap (via GitHub)" <gi...@apache.org>.

EugeneTorap commented on PR #22934:
URL: https://github.com/apache/superset/pull/22934#issuecomment-1416043127

   Make sense! Should I just bump Python to 3.8.16 version?


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: notifications-unsubscribe@superset.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org


---------------------------------------------------------------------
To unsubscribe, e-mail: notifications-unsubscribe@superset.apache.org
For additional commands, e-mail: notifications-help@superset.apache.org

[GitHub] [superset] rusackas commented on pull request #22934: chore: pin python image to 3.8-slim in Dockerfile

Posted by "rusackas (via GitHub)" <gi...@apache.org>.

rusackas commented on PR #22934:
URL: https://github.com/apache/superset/pull/22934#issuecomment-1416200096

   Just noting that merging this will allow us to resolve https://github.com/apache/superset/discussions/22810


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: notifications-unsubscribe@superset.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org


---------------------------------------------------------------------
To unsubscribe, e-mail: notifications-unsubscribe@superset.apache.org
For additional commands, e-mail: notifications-help@superset.apache.org