diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml index b4da6791..40dab12d 100644 --- a/.pre-commit-config.yaml +++ b/.pre-commit-config.yaml @@ -2,12 +2,12 @@ fail_fast: false repos: - repo: https://github.com/adrienverge/yamllint.git - rev: v1.33.0 + rev: v1.35.1 hooks: - id: yamllint args: ["--format", "parsable", "--strict"] - repo: https://github.com/pre-commit/pre-commit-hooks - rev: v4.5.0 + rev: v5.0.0 hooks: - id: trailing-whitespace - id: end-of-file-fixer @@ -15,11 +15,12 @@ repos: - id: mixed-line-ending - id: check-json - id: detect-aws-credentials + args: ["--allow-missing-credentials"] - repo: https://github.com/markdownlint/markdownlint rev: v0.12.0 hooks: - id: markdownlint_docker - repo: https://github.com/charliermarsh/ruff-pre-commit - rev: 'v0.1.6' + rev: 'v0.7.3' hooks: - id: ruff diff --git a/README.md b/README.md index 553837b8..408ed0ce 100644 --- a/README.md +++ b/README.md @@ -198,6 +198,8 @@ cf set-env DATABASE_CONNECTION_PARAMS '{"tcpKeepAlive": "true", "conn To allow connection to an AWS RDS database the buildpack selects the regional CA certificate stored in [`rds-certificates`](etc/rds-certificates). If the region's certificate doesn't exist, the buildpack will fail with an error `Could not find database CA certificate in map`. +*:warning: After the root CA rotation of AWS RDS on 22nd August 2024, only buildpacks v5.0.5 or higher will continue to work, all older buildpacks only import no longer valid certificates and no longer can establish a connection to AWS RDS.* + #### Supported VCAP Schemas Cloud Foundry database services are detected from Cloud Foundry service bindings ([VCAP](https://docs.cloudfoundry.org/devguide/deploy-apps/environment-variable.html#VCAP-SERVICES)) and translated into Mendix Runtime configuration. In case no database service is bound, the fallback is the environment variable `DATABASE_URL`. diff --git a/buildpack/core/runtime.py b/buildpack/core/runtime.py index b2c5e367..a9e79c6a 100644 --- a/buildpack/core/runtime.py +++ b/buildpack/core/runtime.py @@ -185,7 +185,7 @@ def _activate_license(): """ - + license_key = os.environ.get( "FORCED_LICENSE_KEY", os.environ.get("LICENSE_KEY", None) ) diff --git a/buildpack/infrastructure/database.py b/buildpack/infrastructure/database.py index 601bbb87..f5912d90 100644 --- a/buildpack/infrastructure/database.py +++ b/buildpack/infrastructure/database.py @@ -347,7 +347,7 @@ def init(self): jdbc_params.update({"sslmode": "verify-full"}) except Exception: raise Exception("Could not find database CA certificate in map") - + if database_type == "PostgreSQL" and not self.url.startswith("jdbc:"): self.extract_inline_cert(jdbc_params, self.SSLCERT, "postgresql.crt") self.extract_inline_cert(jdbc_params, self.SSLKEY, "postgresql.pk8") diff --git a/buildpack/telemetry/metrics.py b/buildpack/telemetry/metrics.py index 876b9413..e3e24f19 100644 --- a/buildpack/telemetry/metrics.py +++ b/buildpack/telemetry/metrics.py @@ -119,7 +119,7 @@ def micrometer_metrics_enabled(runtime_version): logging.debug("micrometer for non mendix public cloud") micrometer_enabled = True return micrometer_enabled - + def configure_metrics_registry(m2ee): diff --git a/dependencies-stage.yml b/dependencies-stage.yml index d7994f9e..87ac5424 100644 --- a/dependencies-stage.yml +++ b/dependencies-stage.yml @@ -5,5 +5,5 @@ uri: https://cdn.mendix.com/mx-buildpack/python/python_3.10.14_linux_x64_cflinuxfs4_dda5228c.tgz sha256: dda5228c36196f8a7346767ad9c9ac774ec270aa55065beb8d3d052d652b9120 cf_stacks: - - cflinuxfs4 + - cflinuxfs4 source_sha256: cefea32d3be89c02436711c95a45c7f8e880105514b78680c14fe76f5709a0f6 diff --git a/dependencies.yml b/dependencies.yml index 7f5fae1c..a8d1a911 100644 --- a/dependencies.yml +++ b/dependencies.yml @@ -89,10 +89,10 @@ dependencies: version: 8.6.0 nginx: artifact: nginx_{{ version }}_linux_x64_{{ fs }}_{{ commit }}.tgz - commit: 909b06a9 + commit: b1316f75 fs: cflinuxfs4 cpe: cpe:2.3:a:f5:nginx:{{ version }}:*:*:*:*:*:*:* - version: 1.22.1 + version: 1.26.1 ruby: artifact: ruby/ruby_{{ version }}_linux_x64_{{ fs }}_{{ commit }}.tgz commit: 5fed98f8 diff --git a/requirements-dev.in b/requirements-dev.in index 22b7c061..5b3a8da8 100644 --- a/requirements-dev.in +++ b/requirements-dev.in @@ -1,10 +1,10 @@ click==8.1.7 -idna==3.8 +idna==3.10 pytest==8.3.3 pytest-timer==1.0.0 pytest-timeout==2.3.1 -pylint==3.2.7 +pylint==3.3.1 randomname==0.2.1 requests-mock==1.12.1 -ruff==0.6.4 +ruff==0.7.4 parameterized==0.9.0 diff --git a/requirements.in b/requirements.in index 2da292b5..737cf86b 100644 --- a/requirements.in +++ b/requirements.in @@ -1,11 +1,11 @@ backoff==2.2.1 certifi==2024.8.30 -cryptography==43.0.1 +cryptography==43.0.3 distro==1.9.0 httplib2==0.22.0 jinja2==3.1.4 omegaconf==2.3.0 -psycopg2-binary==2.9.9 +psycopg2-binary==2.9.10 pyyaml==6.0.2 requests==2.32.3 urllib3==2.2.3 diff --git a/requirements.txt b/requirements.txt index 02ceb37f..5ea2a61c 100644 --- a/requirements.txt +++ b/requirements.txt @@ -16,13 +16,13 @@ cffi==1.14.4 # via cryptography charset-normalizer==2.0.3 # via requests -cryptography==43.0.1 +cryptography==43.0.3 # via -r requirements.in distro==1.9.0 # via -r requirements.in httplib2==0.22.0 # via -r requirements.in -idna==3.7 +idna==3.10 # via requests jinja2==3.1.4 # via -r requirements.in @@ -30,7 +30,7 @@ markupsafe==2.0.1 # via jinja2 omegaconf==2.3.0 # via -r requirements.in -psycopg2-binary==2.9.9 +psycopg2-binary==2.9.10 # via -r requirements.in pycparser==2.20 # via cffi