The developer scripting for test automation uses Docker to setup Linux containers used for cross-user test automation. There are two problems with this scripting:
The scripting is not optimized for a rapid developer iteration loop. The openjd-sessions code is bind mounted when launching the container which means that the hatch environment must be created each time the tests are run.
Refactor the Dockerfiles to build the hatch environment into the Docker image and not when running the container
Modify the Dockerfiles to use python:3.7-bookworm.
This required adding -y to apt-get install ... commands in the Dockerfiles since this was a behavior change from buster to bookworm
The test_subprocess.py test module needed to be modified due to a behavior change between the base images. Processes killed with signals are put in a "zombie" state if their parent is still running but hasn't checked the exit code of the process (see https://en.wikipedia.org/wiki/Zombie_process)
What is the impact of this change?
The developer iteration loop is faster
The container uses a base container image that is actively maintained and reflects an up-to-date environment
Ran the cross-user Linux tests using the modified scripting documented in DEVELOPER.md which succeeded
Was this change documented?
Code comments were added were deemed fit and relevant READMEs were updated in the repository
Is this a breaking change?
A breaking change is one that modifies a public contract in a way that is not backwards compatible. See the
Public Interfaces section
of the DEVELOPMENT.md for more information on the public contracts.
No, there were no breaking changes made
Does this change impact security?
This change does not impact the threat model of the package
This change improves the development-time security posture since developers will be using an actively maintained base container image.
By submitting this pull request, I confirm that you can use, modify, copy, and redistribute this contribution, under the terms of your choice.
What was the problem/requirement? (What/Why)
The developer scripting for test automation uses Docker to setup Linux containers used for cross-user test automation. There are two problems with this scripting:
openjd-sessions
code is bind mounted when launching the container which means that the hatch environment must be created each time the tests are run.Dockerfiles
build on thepython:3.7-buster
base container image. This container image is now end-of-life and a new image was last pushed a year ago (https://hub.docker.com/_/python/tags?name=3.9-buster)What was the solution? (How)
Dockerfile
s to build the hatch environment into the Docker image and not when running the containerDockerfile
s to usepython:3.7-bookworm
.-y
toapt-get install ...
commands in theDockerfile
s since this was a behavior change from buster to bookwormtest_subprocess.py
test module needed to be modified due to a behavior change between the base images. Processes killed with signals are put in a "zombie" state if their parent is still running but hasn't checked the exit code of the process (see https://en.wikipedia.org/wiki/Zombie_process)What is the impact of this change?
How was this change tested?
See DEVELOPMENT.md for information on running tests.
DEVELOPER.md
which succeededWas this change documented?
Is this a breaking change?
No, there were no breaking changes made
Does this change impact security?
This change does not impact the threat model of the package
This change improves the development-time security posture since developers will be using an actively maintained base container image.
By submitting this pull request, I confirm that you can use, modify, copy, and redistribute this contribution, under the terms of your choice.