vulnerablility review and addess if possible; build-push-geoproc for cwbi-dev branch

jeffsuperglide · jeffsuperglide · commit 3948a19e844f · 2025-03-27T15:34:06.000-05:00
diff --git a/.github/workflows/cwbi-dev-build-push-geoproc.yml b/.github/workflows/cwbi-dev-build-push-geoproc.yml
@@ -44,7 +44,7 @@ jobs:
           ECR_REPOSITORY: cumulus-geoprocess
           IMAGE_TAG: latest
         run: |
-          docker build --build-arg GEOPROC_PACKAGE=cwbi-dev:geoproc async_geoprocess \
+          docker build --build-arg GEOPROC_PACKAGE=main:geoproc async_geoprocess \
           --tag $ECR_REGISTRY/$ECR_REPOSITORY:$IMAGE_TAG \
           --tag $ECR_REGISTRY/$ECR_REPOSITORY:dev 
           docker push $ECR_REGISTRY/$ECR_REPOSITORY:$IMAGE_TAG
diff --git a/async_geoprocess/Dockerfile b/async_geoprocess/Dockerfile
@@ -20,19 +20,15 @@ ENV GEOPROC_VENV=${GEOPROC}/venv
 
 ENV PATH=${GEOPROC_VENV}/bin:$PATH
 
-# RUN apt-get update -y && apt-get install -y \
-#   git \
-#   python3-pip \
-#   python3-venv \
-#   python3-dev \
-#   postgresql-server-dev-all \
-#   libhdf5-dev \
-#   zlib1g-dev \
-#   libnetcdf-dev \
-#   && rm -rf /var/lib/apt/lists/*
-
-
-RUN apt-get -y update \
+# solving possible issue of ATP behind a proxy
+RUN cat <<EOF > /etc/apt/apt.conf.d/99proxy
+Acquire::http::Pipeline-Depth 0;
+Acquire::http::No-Cache true;
+Acquire::BrokenProxy true;
+EOF
+
+RUN apt-get update \
+    && apt-get -y upgrade \
     && apt-get install python3.12-venv -y \
     && apt-get remove python3-pil -y \
     && apt clean
diff --git a/async_geoprocess_init/Dockerfile b/async_geoprocess_init/Dockerfile
@@ -1,4 +1,3 @@
-
 # *~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~
 # builder
 # *~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~
diff --git a/async_geoprocess_init/products.py b/async_geoprocess_init/products.py
@@ -13,6 +13,7 @@
 
 CUMULUS_STATIC_HOST = os.getenv("CUMULUS_STATIC_HOST")
 CUMULUS_ACQUIRABLE_FILES = os.getenv("CUMULUS_ACQUIRABLE_FILES")
+CUMULUS_ACQUIRABLES = os.getenv("CUMULUS_ACQUIRABLES")
 CUMULUS_APPLICATION_KEY = os.getenv("CUMULUS_APPLICATION_KEY")
 
 S3_ACQUIRABLE_PREFIX = os.getenv("S3_ACQUIRABLE_PREFIX")
@@ -27,7 +28,7 @@
 
 
 def get_acquirables():
-    url = f"{CUMULUS_STATIC_HOST}/api/acquirables"
+    url = f"{CUMULUS_STATIC_HOST}{CUMULUS_ACQUIRABLES}"
     max_retries = 5
     wait_time = 5
     for attempt in range(max_retries):
diff --git a/docker-compose.geoinit.yml b/docker-compose.geoinit.yml
@@ -8,7 +8,7 @@ services:
       context: async_geoprocess_init
       args:
         TEST_DATA_TAG: '2025-01-31'
-    entrypoint: sleep infinity # override the Dockerfile entrypoint
+    # entrypoint: sleep infinity # override the Dockerfile entrypoint
     environment:
       - AWS_ACCESS_KEY_ID=AKIAIOSFODNN7EXAMPLE
       - AWS_SECRET_ACCESS_KEY=wJalrXUtnFEMI/K7MDENG/bPxRfiCYEXAMPLEKEY
@@ -21,6 +21,6 @@ services:
       - CUMULUS_ACQUIRABLES=/api/acquirables
       - CUMULUS_APPLICATION_KEY=appkey
       - GEOPROC_TEST_DATA=/opt/geoproc/fixtures
-    depends_on:
-      api:
-        condition: service_started
+    # depends_on:
+    #   api:
+    #     condition: service_started
diff --git a/docker-compose.yml b/docker-compose.yml
@@ -48,7 +48,7 @@ services:
       context: async_geoprocess
       args:
         - GDAL_TAG=ubuntu-full-3.9.1
-        - GEOPROC_PACKAGE=refactor/dockerfile-vulnerabilities:geoproc
+        - GEOPROC_PACKAGE=develop:geoproc
     # entrypoint: sleep infinity # override the Dockerfile entrypoint
     environment:
       - AWS_SQS_ENDPOINT=elasticmq:9324

Original file line number	Diff line number	Diff line change
`@@ -1,4 +1,3 @@`
`1`		`-`
`2`	`1`	`# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~*~`
`3`	`2`	`# builder`
`4`	`3`	`# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~*~`