diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml index b4da67919..40dab12d7 100644 --- a/.pre-commit-config.yaml +++ b/.pre-commit-config.yaml @@ -2,12 +2,12 @@ fail_fast: false repos: - repo: https://github.com/adrienverge/yamllint.git - rev: v1.33.0 + rev: v1.35.1 hooks: - id: yamllint args: ["--format", "parsable", "--strict"] - repo: https://github.com/pre-commit/pre-commit-hooks - rev: v4.5.0 + rev: v5.0.0 hooks: - id: trailing-whitespace - id: end-of-file-fixer @@ -15,11 +15,12 @@ repos: - id: mixed-line-ending - id: check-json - id: detect-aws-credentials + args: ["--allow-missing-credentials"] - repo: https://github.com/markdownlint/markdownlint rev: v0.12.0 hooks: - id: markdownlint_docker - repo: https://github.com/charliermarsh/ruff-pre-commit - rev: 'v0.1.6' + rev: 'v0.7.3' hooks: - id: ruff diff --git a/README.md b/README.md index 553837b84..408ed0ce7 100644 --- a/README.md +++ b/README.md @@ -198,6 +198,8 @@ cf set-env DATABASE_CONNECTION_PARAMS '{"tcpKeepAlive": "true", "conn To allow connection to an AWS RDS database the buildpack selects the regional CA certificate stored in [`rds-certificates`](etc/rds-certificates). If the region's certificate doesn't exist, the buildpack will fail with an error `Could not find database CA certificate in map`. +*:warning: After the root CA rotation of AWS RDS on 22nd August 2024, only buildpacks v5.0.5 or higher will continue to work, all older buildpacks only import no longer valid certificates and no longer can establish a connection to AWS RDS.* + #### Supported VCAP Schemas Cloud Foundry database services are detected from Cloud Foundry service bindings ([VCAP](https://docs.cloudfoundry.org/devguide/deploy-apps/environment-variable.html#VCAP-SERVICES)) and translated into Mendix Runtime configuration. In case no database service is bound, the fallback is the environment variable `DATABASE_URL`. diff --git a/buildpack/core/runtime.py b/buildpack/core/runtime.py index b2c5e3676..a9e79c6a1 100644 --- a/buildpack/core/runtime.py +++ b/buildpack/core/runtime.py @@ -185,7 +185,7 @@ def _activate_license(): """ - + license_key = os.environ.get( "FORCED_LICENSE_KEY", os.environ.get("LICENSE_KEY", None) ) diff --git a/buildpack/infrastructure/database.py b/buildpack/infrastructure/database.py index 601bbb874..f5912d903 100644 --- a/buildpack/infrastructure/database.py +++ b/buildpack/infrastructure/database.py @@ -347,7 +347,7 @@ def init(self): jdbc_params.update({"sslmode": "verify-full"}) except Exception: raise Exception("Could not find database CA certificate in map") - + if database_type == "PostgreSQL" and not self.url.startswith("jdbc:"): self.extract_inline_cert(jdbc_params, self.SSLCERT, "postgresql.crt") self.extract_inline_cert(jdbc_params, self.SSLKEY, "postgresql.pk8") diff --git a/buildpack/telemetry/metrics.py b/buildpack/telemetry/metrics.py index 876b94133..e3e24f19f 100644 --- a/buildpack/telemetry/metrics.py +++ b/buildpack/telemetry/metrics.py @@ -119,7 +119,7 @@ def micrometer_metrics_enabled(runtime_version): logging.debug("micrometer for non mendix public cloud") micrometer_enabled = True return micrometer_enabled - + def configure_metrics_registry(m2ee): diff --git a/dependencies-stage.yml b/dependencies-stage.yml index d7994f9e4..87ac5424d 100644 --- a/dependencies-stage.yml +++ b/dependencies-stage.yml @@ -5,5 +5,5 @@ uri: https://cdn.mendix.com/mx-buildpack/python/python_3.10.14_linux_x64_cflinuxfs4_dda5228c.tgz sha256: dda5228c36196f8a7346767ad9c9ac774ec270aa55065beb8d3d052d652b9120 cf_stacks: - - cflinuxfs4 + - cflinuxfs4 source_sha256: cefea32d3be89c02436711c95a45c7f8e880105514b78680c14fe76f5709a0f6 diff --git a/dependencies.yml b/dependencies.yml index 7f5fae1ca..a8d1a9116 100644 --- a/dependencies.yml +++ b/dependencies.yml @@ -89,10 +89,10 @@ dependencies: version: 8.6.0 nginx: artifact: nginx_{{ version }}_linux_x64_{{ fs }}_{{ commit }}.tgz - commit: 909b06a9 + commit: b1316f75 fs: cflinuxfs4 cpe: cpe:2.3:a:f5:nginx:{{ version }}:*:*:*:*:*:*:* - version: 1.22.1 + version: 1.26.1 ruby: artifact: ruby/ruby_{{ version }}_linux_x64_{{ fs }}_{{ commit }}.tgz commit: 5fed98f8 diff --git a/requirements-dev.in b/requirements-dev.in index 22b7c0619..5b3a8da82 100644 --- a/requirements-dev.in +++ b/requirements-dev.in @@ -1,10 +1,10 @@ click==8.1.7 -idna==3.8 +idna==3.10 pytest==8.3.3 pytest-timer==1.0.0 pytest-timeout==2.3.1 -pylint==3.2.7 +pylint==3.3.1 randomname==0.2.1 requests-mock==1.12.1 -ruff==0.6.4 +ruff==0.7.4 parameterized==0.9.0 diff --git a/requirements.in b/requirements.in index 2da292b5f..737cf86b6 100644 --- a/requirements.in +++ b/requirements.in @@ -1,11 +1,11 @@ backoff==2.2.1 certifi==2024.8.30 -cryptography==43.0.1 +cryptography==43.0.3 distro==1.9.0 httplib2==0.22.0 jinja2==3.1.4 omegaconf==2.3.0 -psycopg2-binary==2.9.9 +psycopg2-binary==2.9.10 pyyaml==6.0.2 requests==2.32.3 urllib3==2.2.3 diff --git a/requirements.txt b/requirements.txt index 02ceb37f5..5ea2a61cf 100644 --- a/requirements.txt +++ b/requirements.txt @@ -16,13 +16,13 @@ cffi==1.14.4 # via cryptography charset-normalizer==2.0.3 # via requests -cryptography==43.0.1 +cryptography==43.0.3 # via -r requirements.in distro==1.9.0 # via -r requirements.in httplib2==0.22.0 # via -r requirements.in -idna==3.7 +idna==3.10 # via requests jinja2==3.1.4 # via -r requirements.in @@ -30,7 +30,7 @@ markupsafe==2.0.1 # via jinja2 omegaconf==2.3.0 # via -r requirements.in -psycopg2-binary==2.9.9 +psycopg2-binary==2.9.10 # via -r requirements.in pycparser==2.20 # via cffi