From 1caec6b0dc24a2a2e717acb19d34d84aa826e09c Mon Sep 17 00:00:00 2001 From: Shusei Tomonaga <8147599+shu-tom@users.noreply.github.com> Date: Mon, 13 Nov 2023 21:52:56 +0900 Subject: [PATCH] Updated python 3.9.7 to 3.12.0 --- .../LogonTracer/build/Dockerfile | 3 +- .../LogonTracer/build/Dockerfile | 3 +- docker-compose-with-nginx/nginx/default.conf | 2 +- docker-compose/LogonTracer/build/Dockerfile | 5 +- docker/Dockerfile | 182 ++++++++---------- logontracer.py | 2 +- 6 files changed, 94 insertions(+), 103 deletions(-) diff --git a/docker-compose-with-elasticstack/LogonTracer/build/Dockerfile b/docker-compose-with-elasticstack/LogonTracer/build/Dockerfile index 7135e69..22739b3 100644 --- a/docker-compose-with-elasticstack/LogonTracer/build/Dockerfile +++ b/docker-compose-with-elasticstack/LogonTracer/build/Dockerfile @@ -1,4 +1,4 @@ -FROM python:3.7.8-slim-buster +FROM python:3.12.0-slim RUN set -ex \ \ @@ -7,6 +7,7 @@ RUN set -ex \ && apt-get install -y --no-install-recommends git \ dpkg-dev \ gcc \ + g++ \ libssl-dev \ make diff --git a/docker-compose-with-nginx/LogonTracer/build/Dockerfile b/docker-compose-with-nginx/LogonTracer/build/Dockerfile index e4fbe0f..1ad1a35 100644 --- a/docker-compose-with-nginx/LogonTracer/build/Dockerfile +++ b/docker-compose-with-nginx/LogonTracer/build/Dockerfile @@ -1,4 +1,4 @@ -FROM python:3.7.8-slim-buster +FROM python:3.12.0-slim RUN set -ex \ \ @@ -7,6 +7,7 @@ RUN set -ex \ && apt-get install -y --no-install-recommends git \ dpkg-dev \ gcc \ + g++ \ libssl-dev \ make diff --git a/docker-compose-with-nginx/nginx/default.conf b/docker-compose-with-nginx/nginx/default.conf index 0d6900f..9119452 100644 --- a/docker-compose-with-nginx/nginx/default.conf +++ b/docker-compose-with-nginx/nginx/default.conf @@ -3,7 +3,7 @@ server { client_max_body_size 20G; - ssl on; + #ssl on; ssl_certificate /usr/local/nginx/conf/server.crt; ssl_certificate_key /usr/local/nginx/conf/server.key; diff --git a/docker-compose/LogonTracer/build/Dockerfile b/docker-compose/LogonTracer/build/Dockerfile index 3086ca9..8369745 100644 --- a/docker-compose/LogonTracer/build/Dockerfile +++ b/docker-compose/LogonTracer/build/Dockerfile @@ -1,4 +1,4 @@ -FROM python:3.7.8-slim-buster +FROM python:3.12.0-slim RUN set -ex \ \ @@ -7,10 +7,11 @@ RUN set -ex \ && apt-get install -y --no-install-recommends git \ dpkg-dev \ gcc \ + g++ \ libssl-dev \ make \ curl \ - build-essential + build-essential ## LogonTracer install WORKDIR /usr/local/src diff --git a/docker/Dockerfile b/docker/Dockerfile index 679dabb..daa9e95 100644 --- a/docker/Dockerfile +++ b/docker/Dockerfile @@ -13,18 +13,21 @@ RUN apt-get update && apt-get install -y --no-install-recommends \ netbase \ && rm -rf /var/lib/apt/lists/* -ENV GPG_KEY E3FF2839C048B25C084DEBE9B26995E310250568 -ENV PYTHON_VERSION 3.9.7 +ENV GPG_KEY 7169605F62C751356D054A26A821E680E5FA6305 +ENV PYTHON_VERSION 3.12.0 -RUN set -ex \ +RUN set -eux; \ \ - && savedAptMark="$(apt-mark showmanual)" \ - && apt-get update && apt-get install -y --no-install-recommends \ + savedAptMark="$(apt-mark showmanual)"; \ + apt-get update; \ + apt-get install -y --no-install-recommends \ dpkg-dev \ gcc \ + gnupg \ libbluetooth-dev \ libbz2-dev \ libc6-dev \ + libdb-dev \ libexpat1-dev \ libffi-dev \ libgdbm-dev \ @@ -39,135 +42,118 @@ RUN set -ex \ wget \ xz-utils \ zlib1g-dev \ -# as of Stretch, "gpg" is no longer included by default - $(command -v gpg > /dev/null || echo 'gnupg dirmngr') \ + ; \ \ - && wget -O python.tar.xz "https://www.python.org/ftp/python/${PYTHON_VERSION%%[a-z]*}/Python-$PYTHON_VERSION.tar.xz" \ - && wget -O python.tar.xz.asc "https://www.python.org/ftp/python/${PYTHON_VERSION%%[a-z]*}/Python-$PYTHON_VERSION.tar.xz.asc" \ - && export GNUPGHOME="$(mktemp -d)" \ - && gpg --batch --keyserver hkps://keys.openpgp.org --recv-keys "$GPG_KEY" \ - && gpg --batch --verify python.tar.xz.asc python.tar.xz \ - && { command -v gpgconf > /dev/null && gpgconf --kill all || :; } \ - && rm -rf "$GNUPGHOME" python.tar.xz.asc \ - && mkdir -p /usr/src/python \ - && tar -xJC /usr/src/python --strip-components=1 -f python.tar.xz \ - && rm python.tar.xz \ + wget -O python.tar.xz "https://www.python.org/ftp/python/${PYTHON_VERSION%%[a-z]*}/Python-$PYTHON_VERSION.tar.xz"; \ + wget -O python.tar.xz.asc "https://www.python.org/ftp/python/${PYTHON_VERSION%%[a-z]*}/Python-$PYTHON_VERSION.tar.xz.asc"; \ + GNUPGHOME="$(mktemp -d)"; export GNUPGHOME; \ + gpg --batch --keyserver hkps://keys.openpgp.org --recv-keys "$GPG_KEY"; \ + gpg --batch --verify python.tar.xz.asc python.tar.xz; \ + gpgconf --kill all; \ + rm -rf "$GNUPGHOME" python.tar.xz.asc; \ + mkdir -p /usr/src/python; \ + tar --extract --directory /usr/src/python --strip-components=1 --file python.tar.xz; \ + rm python.tar.xz; \ \ - && cd /usr/src/python \ - && gnuArch="$(dpkg-architecture --query DEB_BUILD_GNU_TYPE)" \ - && ./configure \ + cd /usr/src/python; \ + gnuArch="$(dpkg-architecture --query DEB_BUILD_GNU_TYPE)"; \ + ./configure \ --build="$gnuArch" \ --enable-loadable-sqlite-extensions \ --enable-optimizations \ --enable-option-checking=fatal \ --enable-shared \ + --with-lto \ --with-system-expat \ - --with-system-ffi \ --without-ensurepip \ - && make -j "$(nproc)" \ - LDFLAGS="-Wl,--strip-all" \ -# setting PROFILE_TASK makes "--enable-optimizations" reasonable: https://bugs.python.org/issue36044 / https://github.com/docker-library/python/issues/160#issuecomment-509426916 - PROFILE_TASK='-m test.regrtest --pgo \ - test_array \ - test_base64 \ - test_binascii \ - test_binhex \ - test_binop \ - test_bytes \ - test_c_locale_coercion \ - test_class \ - test_cmath \ - test_codecs \ - test_compile \ - test_complex \ - test_csv \ - test_decimal \ - test_dict \ - test_float \ - test_fstring \ - test_hashlib \ - test_io \ - test_iter \ - test_json \ - test_long \ - test_math \ - test_memoryview \ - test_pickle \ - test_re \ - test_set \ - test_slice \ - test_struct \ - test_threading \ - test_time \ - test_traceback \ - test_unicode \ - ' \ - && make install \ - && ldconfig \ + ; \ + nproc="$(nproc)"; \ + EXTRA_CFLAGS="$(dpkg-buildflags --get CFLAGS)"; \ + LDFLAGS="$(dpkg-buildflags --get LDFLAGS)"; \ + LDFLAGS="${LDFLAGS:--Wl},--strip-all"; \ + make -j "$nproc" \ + "EXTRA_CFLAGS=${EXTRA_CFLAGS:-}" \ + "LDFLAGS=${LDFLAGS:-}" \ + "PROFILE_TASK=${PROFILE_TASK:-}" \ + ; \ +# https://github.com/docker-library/python/issues/784 +# prevent accidental usage of a system installed libpython of the same version + rm python; \ + make -j "$nproc" \ + "EXTRA_CFLAGS=${EXTRA_CFLAGS:-}" \ + "LDFLAGS=${LDFLAGS:--Wl},-rpath='\$\$ORIGIN/../lib'" \ + "PROFILE_TASK=${PROFILE_TASK:-}" \ + python \ + ; \ + make install; \ + \ + cd /; \ + rm -rf /usr/src/python; \ + \ + find /usr/local -depth \ + \( \ + \( -type d -a \( -name test -o -name tests -o -name idle_test \) \) \ + -o \( -type f -a \( -name '*.pyc' -o -name '*.pyo' -o -name 'libpython*.a' \) \) \ + \) -exec rm -rf '{}' + \ + ; \ \ - && apt-mark auto '.*' > /dev/null \ - && apt-mark manual $savedAptMark \ - && find /usr/local -type f -executable -not \( -name '*tkinter*' \) -exec ldd '{}' ';' \ - | awk '/=>/ { print $(NF-1) }' \ + ldconfig; \ + \ + apt-mark auto '.*' > /dev/null; \ + apt-mark manual $savedAptMark; \ + find /usr/local -type f -executable -not \( -name '*tkinter*' \) -exec ldd '{}' ';' \ + | awk '/=>/ { so = $(NF-1); if (index(so, "/usr/local/") == 1) { next }; gsub("^/(usr/)?", "", so); printf "*%s\n", so }' \ | sort -u \ | xargs -r dpkg-query --search \ | cut -d: -f1 \ | sort -u \ | xargs -r apt-mark manual \ - && apt-get purge -y --auto-remove -o APT::AutoRemove::RecommendsImportant=false \ - && rm -rf /var/lib/apt/lists/* \ - \ - && find /usr/local -depth \ - \( \ - \( -type d -a \( -name test -o -name tests -o -name idle_test \) \) \ - -o \ - \( -type f -a \( -name '*.pyc' -o -name '*.pyo' \) \) \ - \) -exec rm -rf '{}' + \ - && rm -rf /usr/src/python \ + ; \ + apt-get purge -y --auto-remove -o APT::AutoRemove::RecommendsImportant=false; \ + rm -rf /var/lib/apt/lists/*; \ \ - && python3 --version + python3 --version -# make some useful symlinks that are expected to exist -RUN cd /usr/local/bin \ - && ln -s idle3 idle \ - && ln -s pydoc3 pydoc \ - && ln -s python3 python \ - && ln -s python3-config python-config +# make some useful symlinks that are expected to exist ("/usr/local/bin/python" and friends) +RUN set -eux; \ + for src in idle3 pydoc3 python3 python3-config; do \ + dst="$(echo "$src" | tr -d 3)"; \ + [ -s "/usr/local/bin/$src" ]; \ + [ ! -e "/usr/local/bin/$dst" ]; \ + ln -svT "$src" "/usr/local/bin/$dst"; \ + done # if this is called "PIP_VERSION", pip explodes with "ValueError: invalid truth value ''" -ENV PYTHON_PIP_VERSION 20.1.1 +ENV PYTHON_PIP_VERSION 23.2.1 # https://github.com/pypa/get-pip -ENV PYTHON_GET_PIP_URL https://github.com/pypa/get-pip/raw/eff16c878c7fd6b688b9b4c4267695cf1a0bf01b/get-pip.py -ENV PYTHON_GET_PIP_SHA256 b3153ec0cf7b7bbf9556932aa37e4981c35dc2a2c501d70d91d2795aa532be79 +ENV PYTHON_GET_PIP_URL https://github.com/pypa/get-pip/raw/c6add47b0abf67511cdfb4734771cbab403af062/public/get-pip.py +ENV PYTHON_GET_PIP_SHA256 22b849a10f86f5ddf7ce148ca2a31214504ee6c83ef626840fde6e5dcd809d11 -RUN set -ex; \ +RUN set -eux; \ \ savedAptMark="$(apt-mark showmanual)"; \ apt-get update; \ apt-get install -y --no-install-recommends wget; \ \ wget -O get-pip.py "$PYTHON_GET_PIP_URL"; \ - echo "$PYTHON_GET_PIP_SHA256 *get-pip.py" | sha256sum --check --strict -; \ + echo "$PYTHON_GET_PIP_SHA256 *get-pip.py" | sha256sum -c -; \ \ apt-mark auto '.*' > /dev/null; \ - [ -z "$savedAptMark" ] || apt-mark manual $savedAptMark; \ + [ -z "$savedAptMark" ] || apt-mark manual $savedAptMark > /dev/null; \ apt-get purge -y --auto-remove -o APT::AutoRemove::RecommendsImportant=false; \ rm -rf /var/lib/apt/lists/*; \ \ + export PYTHONDONTWRITEBYTECODE=1; \ + \ python get-pip.py \ --disable-pip-version-check \ --no-cache-dir \ + --no-compile \ "pip==$PYTHON_PIP_VERSION" \ ; \ - pip --version; \ + rm -f get-pip.py; \ \ - find /usr/local -depth \ - \( \ - \( -type d -a \( -name test -o -name tests -o -name idle_test \) \) \ - -o \ - \( -type f -a \( -name '*.pyc' -o -name '*.pyo' \) \) \ - \) -exec rm -rf '{}' +; \ - rm -f get-pip.py + pip --version ## Setup Supervisor WORKDIR /usr/local/src @@ -178,7 +164,9 @@ RUN set -ex \ && apt-get update \ && apt-get install -y --no-install-recommends git \ curl \ - && pip install git+https://github.com/Supervisor/supervisor \ + && apt-get install -y gcc \ + g++ \ + && pip install git+https://github.com/Supervisor/supervisor \ && cd /usr/bin \ && ln -s /usr/local/bin/echo_supervisord_conf . \ && ln -s /usr/local/bin/pidproxy . \ diff --git a/logontracer.py b/logontracer.py index 4096cd7..4bf6d28 100644 --- a/logontracer.py +++ b/logontracer.py @@ -1279,7 +1279,7 @@ def xml_records(filename): def convert_logtime(logtime, tzone): - tzless = re.sub('[^0-9-:\s]', ' ', logtime.split(".")[0]).strip() + tzless = re.sub(r'[^0-9-:\s]', ' ', logtime.split(".")[0]).strip() try: return datetime.datetime.strptime(tzless, "%Y-%m-%d %H:%M:%S") + datetime.timedelta(hours=tzone) except: