coryHawkvelt/gatehouse-api
1
0
Fork 0
Code Issues Pull Requests 1 Actions Packages Projects Releases Wiki Activity

ci: add ansible and CICD deployment
PR -> develop / Scan for secrets (Gitleaks) (pull_request) Failing after 4s
Details
PR -> develop / Scan for CVEs (Trivy) (pull_request) Successful in 2s
Details

Browse Source
This commit is contained in:
sangnn
2026-06-23 07:16:42 +00:00
parent a6d74d9316
commit a3b230e65d
24 changed files with 1077 additions and 31 deletions
Download Patch File Download Diff File Expand all files Collapse all files
Dockerfile.job
+6 -2
View File
@@ -12,15 +12,19 @@ WORKDIR /app
COPY requirements/base.txt requirements/base.txt
COPY requirements/production.txt requirements/production.txt
RUN pip install --no-cache-dir --upgrade pip wheel && \
RUN pip install --no-cache-dir --upgrade pip setuptools wheel && \
pip install --no-cache-dir -r requirements/production.txt
FROM python:3.11-slim
RUN apt-get update && apt-get install -y --no-install-recommends \
RUN apt-get update && apt-get upgrade -y && apt-get install -y --no-install-recommends \
libpq5 \
&& rm -rf /var/lib/apt/lists/*
# Patch system-level wheel (CVE-2026-24049) + setuptools-vendored jaraco.context
# (CVE-2026-23949) that Trivy flags in /usr/local site-packages.
RUN pip install --no-cache-dir --upgrade pip setuptools wheel
RUN groupadd --gid 1000 appgroup && \
useradd --uid 1000 --gid appgroup --shell /bin/bash --create-home appuser