sync dev branch (#590)

.gitignore

@@ -139,10 +139,11 @@ dmypy.json
 cython_debug/
 
 # App
-config.yaml
+/config.yaml
 docker-compose.yaml
 github-webhook-server.json
-config-dev.yaml
+/config-dev.yaml
 local-run.sh
 .scannerwork/
 webhook-server.private-key.pem
+log-colors.json

.pre-commit-config.yaml

@@ -1,51 +1,59 @@
 ---
 default_language_version:
-    python: python3
+  python: python3
 
 repos:
-    - repo: https://github.com/pre-commit/pre-commit-hooks
-      rev: v4.5.0
-      hooks:
-          - id: check-added-large-files
-          - id: check-docstring-first
-          - id: check-executables-have-shebangs
-          - id: check-merge-conflict
-          - id: check-symlinks
-          - id: detect-private-key
-          - id: mixed-line-ending
-          - id: debug-statements
-          - id: trailing-whitespace
-            args: [--markdown-linebreak-ext=md] # Do not process Markdown files.
-          - id: end-of-file-fixer
-          - id: check-ast
-          - id: check-builtin-literals
-          - id: check-docstring-first
-          - id: check-toml
+  - repo: https://github.com/pre-commit/pre-commit-hooks
+    rev: v5.0.0
+    hooks:
+      - id: check-added-large-files
+      - id: check-docstring-first
+      - id: check-executables-have-shebangs
+      - id: check-merge-conflict
+      - id: check-symlinks
+      - id: detect-private-key
+      - id: mixed-line-ending
+      - id: debug-statements
+      - id: trailing-whitespace
+        args: [--markdown-linebreak-ext=md] # Do not process Markdown files.
+      - id: end-of-file-fixer
+      - id: check-ast
+      - id: check-builtin-literals
+      - id: check-docstring-first
+      - id: check-toml
 
-    - repo: https://github.com/PyCQA/flake8
-      rev: 7.0.0
-      hooks:
-          - id: flake8
-            args: [--config=.flake8]
-            additional_dependencies: [git+https://github.com/RedHatQE/flake8-plugins.git, flake8-mutable]
+  - repo: https://github.com/PyCQA/flake8
+    rev: 7.1.1
+    hooks:
+      - id: flake8
+        args: [--config=.flake8]
+        additional_dependencies:
+          [git+https://github.com/RedHatQE/flake8-plugins.git, flake8-mutable]
 
-    - repo: https://github.com/Yelp/detect-secrets
-      rev: v1.4.0
-      hooks:
-          - id: detect-secrets
+  - repo: https://github.com/Yelp/detect-secrets
+    rev: v1.5.0
+    hooks:
+      - id: detect-secrets
 
-    - repo: https://github.com/astral-sh/ruff-pre-commit
-      rev: v0.3.4
-      hooks:
-          - id: ruff
-          - id: ruff-format
+  - repo: https://github.com/astral-sh/ruff-pre-commit
+    rev: v0.6.9
+    hooks:
+      - id: ruff
+      - id: ruff-format
 
-    - repo: https://github.com/gitleaks/gitleaks
-      rev: v8.18.2
-      hooks:
-          - id: gitleaks
+  - repo: https://github.com/gitleaks/gitleaks
+    rev: v8.20.0
+    hooks:
+      - id: gitleaks
 
-    - repo: https://github.com/iamthefij/docker-pre-commit
-      rev: v3.0.1
-      hooks:
-          - id: docker-compose-check
+  - repo: https://github.com/iamthefij/docker-pre-commit
+    rev: v3.0.1
+    hooks:
+      - id: docker-compose-check
+
+  - repo: https://github.com/pre-commit/mirrors-mypy
+    rev: v1.11.2
+    hooks:
+      - id: mypy
+        exclude: (tests/)
+        additional_dependencies: [types-requests, types-PyYAML]

Dockerfile

@@ -1,23 +1,48 @@
 FROM quay.io/podman/stable:latest
 EXPOSE 5000
 
-RUN dnf -y update \
-  && dnf -y install python3.8 python3.9 python3.10 python3.11 python3.12 python3-pip git hub unzip libcurl-devel \
+RUN dnf -y install dnf-plugins-core \
+  && dnf config-manager --add-repo https://download.docker.com/linux/fedora/docker-ce.repo \
+  && dnf -y update \
+  && dnf -y install python3.8 \
+  python3.9 \
+  python3.10 \
+  python3.11 \
+  python3.12 \
+  python3-pip \
+  git \
+  hub \
+  unzip \
+  libcurl-devel \
+  gcc \
+  python3-devel \
+  libffi-devel \
+  docker-ce \
+  docker-ce-cli \
+  containerd.io \
+  docker-buildx-plugin \
+  docker-compose-plugin \
   && dnf clean all \
   && rm -rf /var/cache /var/log/dnf* /var/log/yum.*
 
 ENV USER_BIN_DIR="/root/.local/bin"
+ENV UV_INSTALL_DIR="/root/.local"
+ENV PATH="$PATH:$USER_BIN_DIR"
+
 ENV DATA_DIR=/webhook_server
 ENV APP_DIR=/github-webhook-server
-ENV PATH="$USER_BIN_DIR:$PATH"
 
 RUN mkdir -p $USER_BIN_DIR \
   && mkdir -p $DATA_DIR \
   && mkdir -p $DATA_DIR/logs \
   && mkdir -p /tmp/containers
 
+# Download the latest uv installer
+RUN curl -sSL https://astral.sh/uv/install.sh -o /tmp/uv-installer.sh \
+  && sh /tmp/uv-installer.sh \
+  && rm /tmp/uv-installer.sh
+
 RUN set -x \
-  && curl -s https://raw.githubusercontent.com/k3d-io/k3d/main/install.sh | bash \
   && curl https://mirror.openshift.com/pub/openshift-v4/clients/rosa/latest/rosa-linux.tar.gz --output /tmp/rosa-linux.tar.gz \
   && tar xvf /tmp/rosa-linux.tar.gz --no-same-owner \
   && mv rosa $USER_BIN_DIR/rosa \
@@ -29,15 +54,21 @@ RUN ln -s /usr/bin/python3 /usr/bin/python
 RUN python -m pip install --no-cache-dir pip --upgrade \
   && python -m pip install --no-cache-dir poetry tox twine pre-commit
 
-COPY pyproject.toml poetry.lock README.md $APP_DIR/
+RUN python3.8 -m ensurepip \
+  && python3.9 -m ensurepip \
+  && python3.10 -m ensurepip \
+  && python3.11 -m ensurepip \
+  && python3.12 -m ensurepip \
+  && python3.8 -m pip install tox \
+  && python3.9 -m pip install tox \
+  && python3.10 -m pip install tox \
+  && python3.11 -m pip install tox \
+  && python3.12 -m pip install tox
+
+COPY entrypoint.sh pyproject.toml uv.lock README.md $APP_DIR/
 COPY webhook_server_container $APP_DIR/webhook_server_container/
 
 WORKDIR $APP_DIR
 
-RUN poetry config cache-dir $APP_DIR \
-  && poetry config virtualenvs.in-project true \
-  && poetry config installer.max-workers 10 \
-  && poetry install
-
 HEALTHCHECK CMD curl --fail http://127.0.0.1:5000/webhook_server/healthcheck || exit 1
-ENTRYPOINT ["poetry", "run", "python3", "webhook_server_container/app.py"]
+ENTRYPOINT ["./entrypoint.sh"]