Skip to content
This repository was archived by the owner on Feb 25, 2025. It is now read-only.

Pin dockerfile version. #32418

Merged
fluttergithubbot merged 6 commits into from
Apr 14, 2022
Merged

Pin dockerfile version. #32418

fluttergithubbot merged 6 commits into from
Apr 14, 2022

Conversation

@godofredoc
Copy link
Contributor

@godofredoc godofredoc commented Apr 5, 2022

This is part of the security effort to pin all the docker dependencies
across all the flutter repositories.

Pre-launch Checklist

  • I read the Contributor Guide and followed the process outlined there for submitting PRs.
  • I read the Tree Hygiene wiki page, which explains my responsibilities.
  • I read and followed the Flutter Style Guide and the C++, Objective-C, Java style guides.
  • I listed at least one issue that this PR fixes in the description above.
  • I added new tests to check the change I am making or feature I am adding, or Hixie said the PR is test-exempt. See testing the engine for instructions on
    writing and running engine tests.
  • I updated/added relevant documentation (doc comments with ///).
  • I signed the CLA.
  • All existing and new tests are passing.

If you need help, consider asking for advice on the #hackers-new channel on Discord.

@godofredoc godofredoc requested a review from zanderso April 5, 2022 00:46
zanderso
zanderso reviewed Apr 5, 2022
View reviewed changes
ci/docker/build/Dockerfile Outdated
@@ -1,4 +1,4 @@
FROM debian:stretch
FROM debian:bullseye-slim@sha256:82da53aa627b9d5032a1e57903356b8f34d613a5bc1e07ae5e9149bd88fa3128
Copy link
Member

@zanderso zanderso Apr 5, 2022
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

In the past, it looks like this was updated to match the LUCI / Framework version: #25009.

Is that also what is happening here?

Copy link
Member

@zanderso zanderso Apr 7, 2022

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@godofredoc friendly ping on this question.

Copy link
Contributor Author

@godofredoc godofredoc Apr 7, 2022

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Sorry somehow I didn't see this question. LUCI is still on stretch, I can get it back to stretch with the pinned version or we can be proactive and use the Ubuntu version Dart is currently using and that we are planning to migrate to. What option do you think will work better?

Copy link
Member

@zanderso zanderso Apr 8, 2022

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Can this file take comments, or is there a readme in this directory that can be updated to explain what's going on? Being proactive sgtm, but how will this get updated to match in the future?

Copy link
Contributor Author

@godofredoc godofredoc Apr 8, 2022

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Yes, it supports comments. As long as they are on the same major version the minor updates will be applied by dependabot in this file and by apt-get upgrade on the VMs.

ci/docker/build/Dockerfile
mtools \
nasm \
net-tools \
openjdk-8-jdk \
Copy link
Member

@zanderso zanderso Apr 5, 2022

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Why are these being removed? Are they no longer needed, or do they appear in the new image by default?

Copy link
Contributor Author

@godofredoc godofredoc Apr 5, 2022

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

They do not exist on the default packages anymore and seem like they are not needed. Waiting for the cirrus test to complete to validate they are not needed anymore.

Copy link
Contributor Author

@godofredoc godofredoc Apr 5, 2022

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Confirmed that they are not needed anymore.

@godofredoc
Copy link
Contributor Author

godofredoc commented Apr 11, 2022

@zanderso config file updated to use ubuntu:bionic and it is ready for review.

@godofredoc godofredoc added the waiting for tree to go green This PR is approved and tested, but waiting for the tree to be green to land. label Apr 11, 2022
@fluttergithubbot
Copy link
Contributor

fluttergithubbot commented Apr 11, 2022

This pull request is not suitable for automatic merging in its current state.

  • The status or check suite Linux Web Framework tests has failed. Please fix the issues identified (or deflake) before re-applying this label.

@fluttergithubbot fluttergithubbot removed the waiting for tree to go green This PR is approved and tested, but waiting for the tree to be green to land. label Apr 11, 2022
@chinmaygarde chinmaygarde added the waiting for tree to go green This PR is approved and tested, but waiting for the tree to be green to land. label Apr 14, 2022
@fluttergithubbot fluttergithubbot merged commit 2cce4bb into flutter:main Apr 14, 2022
@engine-flutter-autoroll engine-flutter-autoroll mentioned this pull request Apr 14, 2022
Merged
engine-flutter-autoroll added a commit to engine-flutter-autoroll/flutter that referenced this pull request Apr 14, 2022
@engine-flutter-autoroll
2cce4bb Pin dockerfile version. (flutter/engine#32418)
7ad04cd
@godofredoc godofredoc deleted the pin_docker branch April 19, 2022 03:03
justinmc pushed a commit to justinmc/engine that referenced this pull request Apr 20, 2022
@godofredoc @justinmc
Pin dockerfile version. (flutter#32418)
484a418
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.

Reviewers

1 more reviewer

@zanderso zanderso zanderso approved these changes

Reviewers whose approvals may not affect merge requirements

Assignees

No one assigned

Labels

waiting for tree to go green This PR is approved and tested, but waiting for the tree to be green to land.

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

4 participants

@godofredoc @fluttergithubbot @zanderso @chinmaygarde