Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

airbyte-ci: Update pipelines requests and pyjwt #36607

Merged
merged 3 commits into from
Mar 28, 2024
Merged

airbyte-ci: Update pipelines requests and pyjwt #36607

merged 3 commits into from
Mar 28, 2024

Conversation

natikgadzhi
Copy link
Contributor

What

This PR updates requests in pipelines to 2.31, and pyjwt to the newest version (2.8.0) common_utils. This makes sure that pipelines will get latest cryptography 42.0.5, which solves severalk high severity security alerts.

Why

It's easier to resolve requests and airbyte-ci pieces separately from the rest of connectors (see #36595) and test just the airbyte-ci in this PR.

Once that is done, not only this fixes 8+ security alerts, but also scope for #36595 is smaller and hence easier to push through.

Risks

Requests 2.29 and 2.30 was known to not work well with docker before docker 7.0. I took care to update docker as well, and the internets tell me that this combo should work, but I'm not entirely sure — we should validate it.

In #35910, the CI was failing yesterday with the following error:

installing pipelines from spec '/home/runner/work/airbyte/airbyte/airbyte-ci/connectors/pipelines'...
Fatal error from pip prevented installation. Full pip output in file:
    /opt/pipx/logs/cmd_2024-03-28_03.37.21_1_pip_errors.log

pip seemed to fail to build package:
    docker[7.0.0,](https://app.slack.com/client/T02TET08MDH/7.0.0,)=6.0.0

Some possibly relevant errors from pip install:
    ERROR: Cannot install ci-credentials, connector-ops, google-cloud-storage, pipelines and pipelines==4.6.3 because these package versions have conflicting dependencies.
    ERROR: ResolutionImpossible: for help visit https://pip.pypa.io/en/latest/topics/dependency-resolution/#dealing-with-dependency-conflicts
Error installing pipelines from spec
'/home/runner/work/airbyte/airbyte/airbyte-ci/connectors/pipelines'.

This PR should also fix that problem.

@natikgadzhi natikgadzhi requested review from lazebnyi, oustynova and a team as code owners March 28, 2024 16:45
@vercel Vercel
Copy link

vercel bot commented Mar 28, 2024
edited
Loading

The latest updates on your projects. Learn more about Vercel for Git ↗︎

Name Status Preview Comments Updated (UTC)
airbyte-docs ✅ Ready (Inspect) Visit Preview 💬 Add feedback Mar 28, 2024 8:12pm

alafanechere
alafanechere approved these changes Mar 28, 2024
View reviewed changes
Copy link
Contributor

@alafanechere alafanechere left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Approving as long as CI is 🟢

@natikgadzhi
Copy link
Contributor Author

One failing mypy check — fixing.

@natikgadzhi natikgadzhi merged commit 27c225a into master Mar 28, 2024
29 of 32 checks passed
@natikgadzhi natikgadzhi deleted the ng/deps/requests-in-pipelines branch March 28, 2024 20:19
@natikgadzhi
Copy link
Contributor Author

I've left the mypy error in there — hoping to unblock CI for folks and fix as a follow-up

nurikk pushed a commit to nurikk/airbyte that referenced this pull request Apr 4, 2024
@natikgadzhi @nurikk-sa
airbyte-ci: Update pipelines requests and pyjwt (airbytehq#36607)
ceb81d9
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@alafanechere alafanechere alafanechere approved these changes

@erohmensing erohmensing Awaiting requested review from erohmensing

@lazebnyi lazebnyi Awaiting requested review from lazebnyi

@oustynova oustynova Awaiting requested review from oustynova

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@natikgadzhi @alafanechere