diff --git a/.github/workflows/black.yml b/.github/workflows/black.yml index eb99c11..2d8ddfd 100644 --- a/.github/workflows/black.yml +++ b/.github/workflows/black.yml @@ -9,9 +9,9 @@ jobs: steps: - uses: actions/checkout@v4 - name: Set up Python - uses: actions/setup-python@v4 + uses: actions/setup-python@v5 with: - python-version: 3.8 + python-version: 3.9 - name: install black run: | pip install black==22.3.0 diff --git a/.github/workflows/dockerhub_stage_push.yml b/.github/workflows/dockerhub_stage_push.yml index bbf6e59..95777e5 100644 --- a/.github/workflows/dockerhub_stage_push.yml +++ b/.github/workflows/dockerhub_stage_push.yml @@ -15,7 +15,7 @@ jobs: - name: Get branch name id: branch-name - uses: tj-actions/branch-names@v7 + uses: tj-actions/branch-names@v8 - name: Login to Docker Hub uses: docker/login-action@v3 @@ -29,7 +29,7 @@ jobs: - name: Build and push if: steps.branch-name.outputs.is_default == 'false' - uses: docker/build-push-action@v5 + uses: docker/build-push-action@v6 with: context: ./ file: ./Dockerfile diff --git a/.github/workflows/keep_changelog.yml b/.github/workflows/keep_changelog.yml index 7711de4..1d56d9f 100644 --- a/.github/workflows/keep_changelog.yml +++ b/.github/workflows/keep_changelog.yml @@ -8,7 +8,7 @@ jobs: changelog: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v1 + - uses: actions/checkout@v4 - uses: dangoslen/changelog-enforcer@v3 with: changeLogPath: 'CHANGELOG.md' diff --git a/.github/workflows/lint.yml b/.github/workflows/lint.yml index bdd2605..6d2321e 100644 --- a/.github/workflows/lint.yml +++ b/.github/workflows/lint.yml @@ -9,9 +9,9 @@ jobs: steps: - uses: actions/checkout@v4 - name: Set up Python - uses: actions/setup-python@master + uses: actions/setup-python@v5 with: - python-version: 3.8 + python-version: 3.9 - name: install flake8 run: | pip install flake8 diff --git a/.github/workflows/test_n_coverage.yml b/.github/workflows/test_n_coverage.yml index e8152ae..f0162a1 100644 --- a/.github/workflows/test_n_coverage.yml +++ b/.github/workflows/test_n_coverage.yml @@ -7,7 +7,7 @@ jobs: runs-on: ubuntu-latest strategy: matrix: - python-version: [ '3.8' ] + python-version: [ '3.9' ] steps: - uses: actions/checkout@v4 - name: Install poetry @@ -18,7 +18,7 @@ jobs: rm install-poetry.py - name: Set up Python ${{ matrix.python-version }} - uses: actions/setup-python@v4 + uses: actions/setup-python@v5 with: python-version: ${{ matrix.python-version }} cache: 'poetry' @@ -37,7 +37,7 @@ jobs: run: poetry run pytest --cov=./ --cov-report=xml - name: Upload coverage to Codecov - uses: codecov/codecov-action@v4 + uses: codecov/codecov-action@v5 with: flags: unittests files: ./coverage.xml diff --git a/.github/workflows/vulture.yml b/.github/workflows/vulture.yml index 67e0b08..0c6f974 100644 --- a/.github/workflows/vulture.yml +++ b/.github/workflows/vulture.yml @@ -13,7 +13,7 @@ jobs: - name: Find changed Python files id: files - uses: Ana06/get-changed-files@v2.0.0 + uses: Ana06/get-changed-files@v2.3.0 with: filter: "*.py" diff --git a/CHANGELOG.md b/CHANGELOG.md index 37b51e8..980a9b7 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -6,9 +6,12 @@ - Updated API submission schema to the latest available on `ncbi/clinvar` GitHub pages - Modified the json submission example to use one from the ClinVar GitHib repo (`sample_clinical_significance_hgvs_submission.json`) - Removed the example of an old json submission (before 2022-11-21) +- Updated actions using the latest base images and to run using Python 3.9 +- Docker image uses Python 3.11 instead of 3.8 ### Fixed - Updated issue templates - Updated a number of libraries to address all current security advisories +- Warnings in the Dockerfile ## [2.6] ### Added diff --git a/Dockerfile b/Dockerfile index 6b228af..22c85a2 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,7 +1,7 @@ ########### # BUILDER # ########### -FROM clinicalgenomics/python3.8-venv:1.0 AS BUILDER +FROM clinicalgenomics/python3.11-venv:1.0 AS builder # Install and run commands from virtual environment RUN python3 -m venv /home/worker/venv @@ -16,10 +16,10 @@ RUN poetry install --no-interaction ######### # FINAL # ######### -FROM clinicalgenomics/python3.8-venv:1.0 AS DEPLOYER +FROM clinicalgenomics/python3.11-venv:1.0 RUN groupadd --gid 1000 worker && useradd -g worker --uid 1000 --create-home worker -COPY --chown=worker:worker --from=BUILDER /home/worker/venv /home/worker/venv +COPY --chown=worker:worker --from=builder /home/worker/venv /home/worker/venv RUN mkdir /home/worker/app WORKDIR /home/worker/app @@ -37,16 +37,18 @@ ENV GUNICORN_THREADS=1 ENV GUNICORN_BIND="0.0.0.0:8000" ENV GUNICORN_TIMEOUT=400 -CMD gunicorn \ - --workers=$GUNICORN_WORKERS \ - --worker-class=uvicorn.workers.UvicornWorker \ - --bind=$GUNICORN_BIND \ - --threads=$GUNICORN_THREADS \ - --timeout=$GUNICORN_TIMEOUT \ - --proxy-protocol \ - --forwarded-allow-ips="10.0.2.100,127.0.0.1" \ - --log-syslog \ - --access-logfile - \ - --error-logfile - \ - --log-level="debug" \ - preClinVar.main:app +CMD [ \ + "gunicorn", \ + "--workers=${GUNICORN_WORKERS}", \ + "--worker-class=uvicorn.workers.UvicornWorker", \ + "--bind=${GUNICORN_BIND}", \ + "--threads=${GUNICORN_THREADS}", \ + "--timeout=${GUNICORN_TIMEOUT}", \ + "--proxy-protocol", \ + "--forwarded-allow-ips=10.0.2.100,127.0.0.1", \ + "--log-syslog", \ + "--access-logfile", "-", \ + "--error-logfile", "-", \ + "--log-level=debug", \ + "preClinVar.main:app" \ +] diff --git a/README.md b/README.md index 22de14f..2fcf06c 100644 --- a/README.md +++ b/README.md @@ -37,7 +37,7 @@ The server will be running and accepting requests sent from outside the containe ## Installing the application on a local conda environment -Given a conda environment sontaining python 3.8 and [poetry](https://github.com/python-poetry/poetry), clone the repository from Github with the following command: +Given a conda environment containing Python 3.9 and [poetry](https://github.com/python-poetry/poetry), clone the repository from Github with the following command: ``` git clone https://github.com/Clinical-Genomics/preClinVar.git