Skip to content

Use the newest git and prefetch OWASP database #93

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
wants to merge 2 commits into from
Closed

Use the newest git and prefetch OWASP database #93

wants to merge 2 commits into from
+56 −1

Conversation

jacek-lewandowski
Copy link

No description provided.

michaelsembwever
michaelsembwever reviewed Jul 14, 2023
View reviewed changes
docker/testing/ubuntu2004_j11.docker
RUN export DEBIAN_FRONTEND=noninteractive && \
add-apt-repository ppa:git-core/ppa && \
apt-get update && \
apt-get install -y git
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

what version of git do you need?
what version is ubuntu:20.04 providing?

we want a clear comment about this being temporary and when it can be removed.

Copy link
Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

ubuntu provides 2.25.1
we need at least 2.30.0
the command currently installs 2.41.0

tbh I don't know why wouldn't we ever use the newest one

@michaelsembwever
Copy link
Member

It's still unclear to me where you are using this, and why you are not using the .build/docker/check-code.sh script instead?

@jacek-lewandowski
Copy link
Author

jacek-lewandowski commented Jul 17, 2023
edited
Loading

@michaelsembwever - this is for CircleCI, we always get new workers from the cloud provider

@michaelsembwever
Copy link
Member

repeating for prosperity…

So

  1. cirecleci is going to be around long enough to warrant this
  2. we need a image change just bc of git, adding db cache is additional value
  3. it makes the dependency-check more robust (failures are often in the downloading?)
  4. how much will it slow down a circleci run overall ? (adding x MB to the image, which is downloaded 1000+ times in one run)
  5. will a newer image break any other jobs in circleci or ci-cassandra.a.o ?

so a custom image needs to be deployed to a personal dockerhub account first, and pre-commit tested on both circleci and ci-cassandra.a.o

i'm presuming (4) won't be a big issue, bc of caching.

@jacek-lewandowski
Copy link
Author

Renamed branch - #94

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@michaelsembwever michaelsembwever michaelsembwever approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@jacek-lewandowski @michaelsembwever