Skip to content

PYT-3877: migrate images to use contrast-agent-bundle #572

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
contrast-jproberts merged 1 commit into from
Jan 12, 2026
Merged

PYT-3877: migrate images to use contrast-agent-bundle #572

contrast-jproberts merged 1 commit into from
Jan 12, 2026

Conversation

@contrast-jproberts
Copy link
Contributor

@contrast-jproberts contrast-jproberts commented Jan 12, 2026
edited
Loading

This change switches the script for downloading the Contrast Python agent to use a prebuilt bundle.

Previously, the CI job would download wheels for supported versions and platforms then merged them into a single wheel. Other projects also want to have a single wheel that supports all platforms, trading a larger artifact size for simpler deployment processes. So we extracted the approach here into the Python agent's deployment pipeline for easier consumption by Contrast tools.

Now, the fetch script will download a single artifact that is uploaded to the contrast-agent-bundle project. The download is not hardcoded to any platform or Python version, so when new support is added, the image will also extend its support without additional code changes.

pip is no longer a dependency of the project. It has been replaced with curl, which is a dependency of most other agents as well. Hashes are checked to verify integrity. To remove pip, I chose to also remove the ability to download the latest agent. That capability was never used and was included to make maintenance easier, but with the bundle approach it's obsolete.

@contrast-jproberts contrast-jproberts force-pushed the PYT-3877 branch 2 times, most recently from 9239ae5 to ab43c8c Compare January 12, 2026 18:23
@github-actions
Copy link

github-actions bot commented Jan 12, 2026

Images built:

dotnet-core: ghcr.io/contrast-security-oss/agent-operator-images/agent-dotnet-core@sha256:57587ee683c631465cb0cca1c5cec450ec3e6dc180336fa47fd1b922cf20c218
dotnet-framework: ghcr.io/contrast-security-oss/agent-operator-images/agent-dotnet-framework@sha256:9d8d2d92923671fa15374103715f59c01095d4f21d09518b4972cfc6d51032ca
java: ghcr.io/contrast-security-oss/agent-operator-images/agent-java@sha256:8bfe255e5cf5b0a7de18a69bb7cff2ff03797d497e96dcfedbbc4497b3cab1dd
nodejs: ghcr.io/contrast-security-oss/agent-operator-images/agent-nodejs@sha256:8ac18de2a2b706b0189ec85af7ffe486eef66bb8e8e1957d20caa9a055319318
php: ghcr.io/contrast-security-oss/agent-operator-images/agent-php@sha256:ed4412017661c694d8e86696370536f91323c0772960cfc55bf75add0a4bd8da
python: ghcr.io/contrast-security-oss/agent-operator-images/agent-python@sha256:8a06732aefdd5a7d44374cf08c7f384c003e5ca446e3936ea1605e602973ef3b
flex: ghcr.io/contrast-security-oss/agent-operator-images/agent-flex@sha256:81eaaa31ab8a7a06d2d57554daac6799fc5fa6b1dca15727a2a03bd02b62387f

@github-actions
Copy link

github-actions bot commented Jan 12, 2026

Images built:

dotnet-core: ghcr.io/contrast-security-oss/agent-operator-images/agent-dotnet-core@sha256:e0786c9bedd86fd11c9d000eba0a420a57a1e344bef794039acc99d7f70f2478
dotnet-framework: ghcr.io/contrast-security-oss/agent-operator-images/agent-dotnet-framework@sha256:af4956ea747f4abc9fbdd43468f2dd40b7bf67149d85d0a70ab4d4c21f9e0262
java: ghcr.io/contrast-security-oss/agent-operator-images/agent-java@sha256:19b0fe658849a4e1e866229aa1e50b49fd203369761596fa565a74bf4efac3c6
nodejs: ghcr.io/contrast-security-oss/agent-operator-images/agent-nodejs@sha256:17a6d28374fdab09634f6ebcbf199bc0a5a25275c3ce99c45fb7a818b9dc0ce4
php: ghcr.io/contrast-security-oss/agent-operator-images/agent-php@sha256:9ff7fbd40aba75afe270e2a655c97af461c1019a72d66c1642414b0c8b29a227
python: ghcr.io/contrast-security-oss/agent-operator-images/agent-python@sha256:31396301aa928215d81ddac266d513b5d3a70b69069955b95c5aae42ca0bf1b7
flex: ghcr.io/contrast-security-oss/agent-operator-images/agent-flex@sha256:c845ff254ae27b0b819099fdc000cfa9c8faee02fd40def261049184a354eccb

@contrast-jproberts contrast-jproberts marked this pull request as ready for review January 12, 2026 18:28
@contrast-jproberts contrast-jproberts requested a review from a team as a code owner January 12, 2026 18:28
lazorchakp
lazorchakp reviewed Jan 12, 2026
View reviewed changes
lazorchakp
lazorchakp reviewed Jan 12, 2026
View reviewed changes
@github-actions
Copy link

github-actions bot commented Jan 12, 2026

Images built:

dotnet-core: ghcr.io/contrast-security-oss/agent-operator-images/agent-dotnet-core@sha256:3a5dec5821494ee3249e5598287f1138bf500dce39b4f26a547cde46ae7b26f8
dotnet-framework: ghcr.io/contrast-security-oss/agent-operator-images/agent-dotnet-framework@sha256:5f4a372b2866f01a74373f8d4baace22f947ce800eb5b5d7f7632d62c02e965f
java: ghcr.io/contrast-security-oss/agent-operator-images/agent-java@sha256:a63efe9dd3e70ca418dd9aa76ab8374e13c3f864cb193250335d230c4789ed81
nodejs: ghcr.io/contrast-security-oss/agent-operator-images/agent-nodejs@sha256:06ba3c86917fb9f561626ae6e6d3b5440c5a5fd84a37619fd5210a5ea27ccf35
php: ghcr.io/contrast-security-oss/agent-operator-images/agent-php@sha256:91b2f75340bc5df0a29fbdfb7c8aa1818f162c80247c266f2ff82490fd6e0c47
python: ghcr.io/contrast-security-oss/agent-operator-images/agent-python@sha256:e74e9808a9aec39d5d05f2d2cd910c1e020b6bb45367648e50260eadd737c98a
flex: ghcr.io/contrast-security-oss/agent-operator-images/agent-flex@sha256:ad2cd5feac832b15a7713c9c99c677707a338c27d50aa1d1f874e7fd8cd5f7dd

@contrast-jproberts contrast-jproberts enabled auto-merge (rebase) January 12, 2026 20:26
@github-actions
Copy link

github-actions bot commented Jan 12, 2026

Images built:

dotnet-core: ghcr.io/contrast-security-oss/agent-operator-images/agent-dotnet-core@sha256:5e177e8f57486546e2f12caa9a92901ddbd2a344dc6ef34fbccdb58b0b381fbc
dotnet-framework: ghcr.io/contrast-security-oss/agent-operator-images/agent-dotnet-framework@sha256:2473550ab6f27ea52a3ea6bf174e3ae57fc05ef3336c2172c6dc74ee4ff36717
java: ghcr.io/contrast-security-oss/agent-operator-images/agent-java@sha256:917f530571a7bdbfb1c76714f7cea42fcff8895263fdb6f99f66587a675c550b
nodejs: ghcr.io/contrast-security-oss/agent-operator-images/agent-nodejs@sha256:96429e6dfc7c639ed37a7f5e96783a371a0c3bfb990ddb4db479b5aafaec1e9a
php: ghcr.io/contrast-security-oss/agent-operator-images/agent-php@sha256:718863ccdb7c70a9ca40b9a49a0121a08c359e56429325a1ca7962cc580b72f2
python: ghcr.io/contrast-security-oss/agent-operator-images/agent-python@sha256:108429af77ec42a9e06daae5a3c7b40555dc0f02996eca639abd0bd5a5b4fa5e
flex: ghcr.io/contrast-security-oss/agent-operator-images/agent-flex@sha256:42242e1e253d84ea5ab97b84c1e907338d556c5ae8dca543316520547479cba1

@contrast-jproberts contrast-jproberts merged commit 8f917bd into master Jan 12, 2026
19 checks passed
@contrast-jproberts contrast-jproberts deleted the PYT-3877 branch January 12, 2026 20:27
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@gamingrobot gamingrobot gamingrobot approved these changes

@lazorchakp lazorchakp lazorchakp approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

4 participants

@contrast-jproberts @gamingrobot @lazorchakp