Issue #218 Switch base Docker image to python:3.6-alpine

cevoaustralia / aws-google-auth

Provides AWS STS credentials based on Google Apps SAML SSO auth (what a jumble!)

MIT License

537 stars 181 forks source link

Issue #218 Switch base Docker image to python:3.6-alpine #239

Open danmoz opened 2 years ago

danmoz commented 2 years ago

Upgrades the version of python, switching to the official Python Alpine base image (version 3.6). This resolves the following warning at startup:

PythonDeprecationWarning: Boto3 will no longer support Python 3.5 starting February 1, 2021. To continue receiving service updates, bug fixes, and security updates please upgrade to Python 3.6 or later. More information can be found here: https://aws.amazon.com/blogs/developer/announcing-the-end-of-support-for-python-3-4-and-3-5-in-the-aws-sdk-for-python-and-aws-cli-v1/

danmoz commented 2 years ago

Rebased my branch on master, updated to suggested image, tested locally. Seems to work fine.

I did note a new Python timezone warning which I don't recall seeing previously:

Please visit the following URL to view your CAPTCHA: https://accounts.google.com/Captcha?v=2&ctoken=AAWk9lS4******
Captcha (case insensitive): **********
Check your phone - after you have confirmed response press ENTER to continue.
Assuming arn:aws:iam::************:role/AdministratorAccess
/usr/local/lib/python3.9/site-packages/tzlocal/unix.py:177: UserWarning: Can not find any timezone configuration, defaulting to UTC.
  warnings.warn("Can not find any timezone configuration, defaulting to UTC.")

It seems correct to default to UTC, but it seems a shame to get rid of the PythonDeprecationWarning only to replace it with a UserWarning complaining about timezones. So, I've solved this by setting ENV TZ=UTC in the Dockerfile explicitly.

danmoz commented 2 years ago

NB: I've pushed this branch as an image to danmorrison/aws-google-auth for testing purposes.

nonspecialist commented 2 years ago

hey @danmoz I've made a couple of minor updates on https://github.com/cevoaustralia/aws-google-auth/tree/feature/update-to-alpine-3.15 which brings us up to 3.15 for the Docker image; I've pushed it to https://hub.docker.com/layers/aws-google-auth/cevoaustralia/aws-google-auth/0.0.38-test/images/sha256-76d56b96c7a073b65836da5fdb628da408c7e3238aeaaa04976e2a323161fa94?context=explore and also adjusted the Dockerfile somewhat to reduce the size of the image (now 58MB compressed); however, I don't have a config to validate it. If you could give it a whirl and let us know if it works for you, I'll merge in the updates and promote the image to latest.

danmoz commented 2 years ago

Yep works fine, and the container is tiny! But it raises the UserWarning I noticed above:

/usr/lib/python3.9/site-packages/tzlocal/unix.py:177: UserWarning: Can not find any timezone configuration, defaulting to UTC.

It would be nice to suppress this, would you consider adding ENV TZ=UTC to Dockerfile in your branch before merging?

redterror commented 1 year ago

To pile on, I had success with this on python:3.10-alpine3.16, which is just about the latest.