From 23aae8280b1301ffc81969a9c290fe211fa425e6 Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Wed, 20 Nov 2024 10:55:56 +0100 Subject: [PATCH] Update dependency Flask to v3.1.0 (#35) * Update dependency Flask to v3.1.0 * pin websockets<14.0 * add trust=True * adapt expected secret label * ignore pebble cve * upgrade rock to noble * ignore missing .trivyignore license header * add trailing new line --------- Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Co-authored-by: Christopher Bartz --- .licenserc.yaml | 1 + .trivyignore | 2 ++ requirements.txt | 2 +- rockcraft.yaml | 2 +- tests/integration/conftest.py | 5 ++++- tests/integration/test_app.py | 3 ++- tox.ini | 1 + 7 files changed, 12 insertions(+), 4 deletions(-) create mode 100644 .trivyignore diff --git a/.licenserc.yaml b/.licenserc.yaml index fde4db8..41e0864 100644 --- a/.licenserc.yaml +++ b/.licenserc.yaml @@ -8,6 +8,7 @@ header: paths: - '**' paths-ignore: + - '.trivyignore' - '.github/**' - '**/*.json' - '**/*.md' diff --git a/.trivyignore b/.trivyignore new file mode 100644 index 0000000..9f085f1 --- /dev/null +++ b/.trivyignore @@ -0,0 +1,2 @@ +# pebble, false positive https://github.com/canonical/pebble/issues/498 +CVE-2024-34156 diff --git a/requirements.txt b/requirements.txt index dc2189f..9a7d518 100644 --- a/requirements.txt +++ b/requirements.txt @@ -1,4 +1,4 @@ -Flask==3.0.3 +Flask==3.1.0 pydantic==2.9.2 kombu==5.4.2 pymongo==4.10.1 diff --git a/rockcraft.yaml b/rockcraft.yaml index 875e6a2..536a80b 100644 --- a/rockcraft.yaml +++ b/rockcraft.yaml @@ -2,7 +2,7 @@ # See LICENSE file for licensing details. name: github-runner-webhook-router -base: ubuntu@22.04 +base: ubuntu@24.04 version: '0.1' summary: Forwards webhooks to a message queue to be consumed to spawn runners. # 79 char long summary description: | diff --git a/tests/integration/conftest.py b/tests/integration/conftest.py index c350a89..4a2dfa1 100644 --- a/tests/integration/conftest.py +++ b/tests/integration/conftest.py @@ -62,7 +62,10 @@ async def mongodb_fixture(model: Model, use_existing_app: bool) -> Application: application = model.applications["mongodb"] else: application = await model.deploy( - "mongodb-k8s", channel="6/edge", application_name="mongodb" + "mongodb-k8s", + channel="6/edge", + application_name="mongodb", + trust=True, ) await model.wait_for_idle(apps=[application.name], status="active") diff --git a/tests/integration/test_app.py b/tests/integration/test_app.py index 5587f9c..f78fdb8 100644 --- a/tests/integration/test_app.py +++ b/tests/integration/test_app.py @@ -7,6 +7,7 @@ import itertools import json import random +import re import secrets from typing import Optional @@ -397,7 +398,7 @@ async def _get_mongodb_uri_from_secrets(ops_test, model: Model) -> str | None: juju_secrets = await model.list_secrets() for secret in juju_secrets["results"]: - if secret.label == "database.2.user.secret": + if re.match(r"database\.(\d+)\.user\.secret", secret.label): _, show_secret, _ = await ops_test.juju( "show-secret", secret.uri, "--reveal", "--format", "json" ) diff --git a/tox.ini b/tox.ini index f9687e2..a82d880 100644 --- a/tox.ini +++ b/tox.ini @@ -106,6 +106,7 @@ deps = pytest-operator requests gunicorn + websockets<14.0 # https://github.com/juju/python-libjuju/issues/1184 -r{toxinidir}/requirements.txt commands = pytest -v --tb native --ignore={[vars]tst_path}unit --log-cli-level=INFO -s {posargs}