Merge pull request #14776 from transcom/B-22438-FixPretest-UpdateDebian

B 22438 fix pretest update debian
transcom · Feb 10, 2025 · f67f1e8 · f67f1e8
2 parents 463eaed + e6d92cc
commit f67f1e8
Show file tree

Hide file tree

Showing 10 changed files with 34 additions and 34 deletions.
diff --git a/.envrc b/.envrc
@@ -415,7 +415,7 @@ if [ ! -r .nix-disable  ] && has nix-env; then
 
   # add the NIX_PROFILE bin path so that everything we just installed
   # is available on the path
-  PATH_add ${NIX_PROFILE}/bin
+  PATH_add "${NIX_PROFILE}"/bin
   # Add the node binaries to our path
   PATH_add ./node_modules/.bin
   # nix is immutable, so we need to specify a path for local changes, e.g.

diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml
@@ -9,7 +9,7 @@ variables:
   #Docker config
   DOCKER_AUTH_CONFIG: "{\"auths\":{\"https://index.docker.io/v1/\":{\"auth\":\"$CI_REGISTRY_USER:$CI_REGISTRY_PASSWORD\"}}}"
   #hard code sha as newer version of debian is needed for pre-test
-  DOCKER_APP_IMAGE: milmove01/transcom-docker:milmove-app@sha256:ee774e9244afa2063bbbb7f9b973b17f1f5139366a1b7a676155df0b5268a7e1
+  DOCKER_APP_IMAGE: milmove01/transcom-docker:milmove-app
   DOCKER_BASE_IMAGE: milmove01/transcom-docker:base
   DOCKERHUB_USERNAME: DOCKERHUB_USERNAME
   DOCKERHUB_PASSWORD: DOCKERHUB_PASSWORD
@@ -724,36 +724,36 @@ pre_test:
       [ -d ~/transcom/mymove/spectral ] && cp -r ~/transcom/mymove/spectral /tmp/spectral_baseline || echo "Skipping saving baseline"
     - rm -rf ~/transcom/mymove/spectral
     - *install_yarn
+    # this is so we can avoid go mod downloading and resulting in an error on a false positive
+    - ./scripts/pre-commit-go-mod || exit 0
     - echo "Run pre-commit tests without golangci-lint, eslint, or prettier"
-    - SKIP=golangci-lint,eslint,prettier,ato-go-linter,gomod,appcontext-linter pre-commit run --all-files
-    - |
-        echo "Run pre-commit tests with ato-go-linter only"
-        pre-commit run -v --all-files ato-go-linter
-    - |
-        echo "Run pre-commit tests with gomod only"
-        pre-commit run -v --all-files gomod,appcontext-linter
-    - |
-        echo "Run pre-commit tests with appcontext-linter only"
-        pre-commit run -v --all-files appcontext-linter
+    - SKIP=golangci-lint,eslint,prettier pre-commit run --all-files
     - echo "Run pre-commit tests with golangci-lint only"
     - |
-        echo 'export GOLANGCI_LINT_CONCURRENCY=4' >> $BASH_ENV
-        echo 'export GOLANGCI_LINT_VERBOSE=-v' >> $BASH_ENV
-        source $BASH_ENV
+        export GOLANGCI_LINT_CONCURRENCY=4
+        export GOLANGCI_LINT_VERBOSE=-v
         mkdir -p tmp/test-results/pretest
-        pre-commit run -v --all-files golangci-lint | tee tmp/test-results/pretest/golangci-lint.out
-    -  echo "Run prettier, eslint, danger checks"
+    # can this be removed in favor of golang_lint?
+    - pre-commit run -v --all-files golangci-lint | tee tmp/test-results/pretest/golangci-lint.out
+    - echo "Run prettier, eslint, danger checks"
     - yarn prettier-ci
     - yarn lint
     - yarn danger ci --failOnErrors
-    -  echo "Run spectral linter on all files"
+    - echo "Run spectral linter on all files"
     - ./scripts/ensure-spectral-lint /tmp/spectral_baseline spectral
-    - ./scripts/pre-commit-go-mod || exit 0
   allow_failure: true
   after_script:
     - *announce_failure
-  rules:
-   - *check_server_ignore_branch
+  artifacts:
+      reports:
+        codequality: tmp/test-results/pretest/golangci-lint.out
+      paths:
+        - tmp/test-results/pretest/golangci-lint.out #remove if golang_lint works
+        - tmp/spectral_baseline/*.json #what do we need to store for review?
+        - spectral/*.json #what do we need to store for review?
+      when: always
+  # rules:
+  #  - *check_server_ignore_branch
 
 server_test:
   stage: test

diff --git a/Dockerfile b/Dockerfile
@@ -1,4 +1,4 @@
-FROM debian:stable AS build-env
+FROM harbor.csde.caci.com/docker.io/debian:stable AS build-env
 
 COPY config/tls/dod-wcf-root-ca-1.pem /usr/local/share/ca-certificates/dod-wcf-root-ca-1.pem.crt
 COPY config/tls/dod-wcf-intermediate-ca-1.pem /usr/local/share/ca-certificates/dod-wcf-intermediate-ca-1.pem.crt
@@ -8,7 +8,7 @@ RUN apt-get install -y ca-certificates --no-install-recommends
 RUN update-ca-certificates
 
 # hadolint ignore=DL3007
-FROM gcr.io/distroless/base-debian11@sha256:ac69aa622ea5dcbca0803ca877d47d069f51bd4282d5c96977e0390d7d256455
+FROM gcr.io/distroless/base-debian12@sha256:ad04bf079b9ed668d38fe2138cfe575847795985097b38a400f4ef1ff69a561a
 COPY --from=build-env /etc/ssl/certs/ca-certificates.crt /etc/ssl/certs/ca-certificates.crt
 
 COPY bin/rds-ca-rsa4096-g1.pem /bin/rds-ca-rsa4096-g1.pem

diff --git a/Dockerfile.dp3 b/Dockerfile.dp3
@@ -1,7 +1,7 @@
-FROM debian:stable AS build-env
+FROM harbor.csde.caci.com/docker.io/debian:stable AS build-env
 
 # hadolint ignore=DL3007
-FROM gcr.io/distroless/base-debian11@sha256:ac69aa622ea5dcbca0803ca877d47d069f51bd4282d5c96977e0390d7d256455
+FROM gcr.io/distroless/base-debian12@sha256:ad04bf079b9ed668d38fe2138cfe575847795985097b38a400f4ef1ff69a561a
 
 #AWS GovCloud RDS cert
 COPY bin/rds-ca-rsa4096-g1.pem /bin/rds-ca-rsa4096-g1.pem
@@ -32,4 +32,4 @@ ENTRYPOINT ["/bin/milmove"]
 
 CMD ["serve", "--logging-level=debug"]
 
-EXPOSE 8080
+EXPOSE 8080
diff --git a/Dockerfile.local b/Dockerfile.local
@@ -20,7 +20,7 @@ RUN rm -f bin/milmove && make bin/milmove
 #########
 
 # hadolint ignore=DL3007
-FROM gcr.io/distroless/base-debian11@sha256:ac69aa622ea5dcbca0803ca877d47d069f51bd4282d5c96977e0390d7d256455
+FROM gcr.io/distroless/base-debian12@sha256:ad04bf079b9ed668d38fe2138cfe575847795985097b38a400f4ef1ff69a561a
 
 COPY --from=builder --chown=root:root /home/circleci/project/bin/rds-ca-rsa4096-g1.pem /bin/rds-ca-rsa4096-g1.pem
 COPY --from=builder --chown=root:root /home/circleci/project/bin/rds-ca-2019-root.pem /bin/rds-ca-2019-root.pem

diff --git a/Dockerfile.migrations b/Dockerfile.migrations
@@ -1,4 +1,4 @@
-FROM debian:stable AS build-env
+FROM harbor.csde.caci.com/docker.io/debian:stable AS build-env
 
 COPY config/tls/dod-wcf-root-ca-1.pem /usr/local/share/ca-certificates/dod-wcf-root-ca-1.pem.crt
 COPY config/tls/dod-wcf-intermediate-ca-1.pem /usr/local/share/ca-certificates/dod-wcf-intermediate-ca-1.pem.crt
@@ -9,7 +9,7 @@ RUN update-ca-certificates
 
 
 # hadolint ignore=DL3007
-FROM gcr.io/distroless/base-debian11@sha256:ac69aa622ea5dcbca0803ca877d47d069f51bd4282d5c96977e0390d7d256455
+FROM gcr.io/distroless/base-debian12@sha256:ad04bf079b9ed668d38fe2138cfe575847795985097b38a400f4ef1ff69a561a
 
 COPY config/tls/dod-wcf-root-ca-1.pem /usr/local/share/ca-certificates/dod-wcf-root-ca-1.pem.crt
 COPY config/tls/dod-wcf-intermediate-ca-1.pem /usr/local/share/ca-certificates/dod-wcf-intermediate-ca-1.pem.crt

diff --git a/Dockerfile.reviewapp b/Dockerfile.reviewapp
@@ -108,7 +108,7 @@ RUN set -x \
 #########
 
 # hadolint ignore=DL3007
-FROM gcr.io/distroless/base-debian11@sha256:ac69aa622ea5dcbca0803ca877d47d069f51bd4282d5c96977e0390d7d256455 as milmove
+FROM gcr.io/distroless/base-debian12@sha256:ad04bf079b9ed668d38fe2138cfe575847795985097b38a400f4ef1ff69a561a as milmove
 
 COPY --from=server_builder /build/bin/rds-ca-2019-root.pem /bin/rds-ca-2019-root.pem
 COPY --from=server_builder /build/bin/milmove /bin/milmove

diff --git a/Dockerfile.tasks b/Dockerfile.tasks
@@ -1,4 +1,4 @@
-FROM debian:stable AS build-env
+FROM harbor.csde.caci.com/docker.io/debian:stable AS build-env
 
 COPY config/tls/dod-wcf-root-ca-1.pem /usr/local/share/ca-certificates/dod-wcf-root-ca-1.pem.crt
 COPY config/tls/dod-wcf-intermediate-ca-1.pem /usr/local/share/ca-certificates/dod-wcf-intermediate-ca-1.pem.crt
@@ -8,7 +8,7 @@ RUN apt-get install -y ca-certificates --no-install-recommends
 RUN update-ca-certificates
 
 # hadolint ignore=DL3007
-FROM gcr.io/distroless/base-debian11@sha256:ac69aa622ea5dcbca0803ca877d47d069f51bd4282d5c96977e0390d7d256455
+FROM gcr.io/distroless/base-debian12@sha256:ad04bf079b9ed668d38fe2138cfe575847795985097b38a400f4ef1ff69a561a
 COPY --from=build-env /etc/ssl/certs/ca-certificates.crt /etc/ssl/certs/ca-certificates.crt
 
 COPY config/tls/milmove-cert-bundle.p7b /config/tls/milmove-cert-bundle.p7b

diff --git a/Dockerfile.tasks_dp3 b/Dockerfile.tasks_dp3
@@ -1,5 +1,5 @@
 # hadolint ignore=DL3007
-FROM gcr.io/distroless/base-debian11@sha256:ac69aa622ea5dcbca0803ca877d47d069f51bd4282d5c96977e0390d7d256455
+FROM gcr.io/distroless/base-debian12@sha256:ad04bf079b9ed668d38fe2138cfe575847795985097b38a400f4ef1ff69a561a
 
 # Demo Environment Certs
 COPY config/tls/api.demo.dp3.us.chain.der.p7b /config/tls/api.demo.dp3.us.chain.der.p7b

diff --git a/Dockerfile.tasks_local b/Dockerfile.tasks_local
@@ -19,7 +19,7 @@ RUN rm -f bin/milmove-tasks && make bin/milmove-tasks
 #########
 
 # hadolint ignore=DL3007
-FROM gcr.io/distroless/base-debian11@sha256:ac69aa622ea5dcbca0803ca877d47d069f51bd4282d5c96977e0390d7d256455
+FROM gcr.io/distroless/base-debian12@sha256:ad04bf079b9ed668d38fe2138cfe575847795985097b38a400f4ef1ff69a561a
 
 COPY --from=builder --chown=root:root /home/circleci/project/config/tls/milmove-cert-bundle.p7b /config/tls/milmove-cert-bundle.p7b
 COPY --from=builder --chown=root:root /home/circleci/project/bin/rds-ca-2019-root.pem /bin/rds-ca-2019-root.pem