Skip to content

Update worker Dockerfile image to bookworm #460

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 2 commits into
base: main
Choose a base branch
from
Open

Update worker Dockerfile image to bookworm #460

wants to merge 2 commits into from

Conversation

LeoTheMighty
Copy link

@LeoTheMighty LeoTheMighty commented Jul 14, 2025
edited by coderabbitai bot
Loading

Upgrade the image used for the pytest_celery_worker from the python:3.10-slim-buster to the python:3.10-slim-bookworm image, because the buster images are on Debian 10, and it has already left the LTS, so therefore its package mirrors were moved from deb.debian.org to archive.debian.org.

Once that happened, apt-get update inside the image began getting 404 / Release-file-missing errors, and the next apt-get install bailed out with exit code 100.

To reproduce on the main branch run:

cd src/pytest_celery/vendors/worker

docker build --no-cache .

You will see an output like this:

docker build --no-cache .

[+] Building 0.9s (7/10)                                                                                                                                                                      docker:desktop-linux
 => [internal] load build definition from Dockerfile                                                                                                                                                          0.0s
 => => transferring dockerfile: 1.26kB                                                                                                                                                                        0.0s
 => WARN: JSONArgsRecommended: JSON arguments recommended for CMD to prevent unintended behavior related to OS signals (line 52)                                                                              0.0s
 => [internal] load metadata for docker.io/library/python:3.10-slim-buster                                                                                                                                    0.0s
 => [internal] load .dockerignore                                                                                                                                                                             0.0s
 => => transferring context: 2B                                                                                                                                                                               0.0s
 => CACHED [1/6] FROM docker.io/library/python:3.10-slim-buster                                                                                                                                               0.0s
 => [internal] load build context                                                                                                                                                                             0.0s
 => => transferring context: 1.65kB                                                                                                                                                                           0.0s
 => [2/6] RUN adduser --disabled-password --gecos "" test_user                                                                                                                                                0.2s
 => ERROR [3/6] RUN apt-get update && apt-get install -y build-essential     git     wget     make     curl     apt-utils     debconf     lsb-release     libmemcached-dev     libffi-dev     ca-certificate  0.7s
------                                                                                                                                                                                                             
 > [3/6] RUN apt-get update && apt-get install -y build-essential     git     wget     make     curl     apt-utils     debconf     lsb-release     libmemcached-dev     libffi-dev     ca-certificates     pypy3     pypy3-lib     sudo:                                                                                                                                                                                              
0.228 Ign:1 http://deb.debian.org/debian buster InRelease                                                                                                                                                          
0.367 Ign:2 http://deb.debian.org/debian-security buster/updates InRelease                                                                                                                                         
0.387 Ign:3 http://deb.debian.org/debian buster-updates InRelease                                                                                                                                                  
0.407 Err:4 http://deb.debian.org/debian buster Release
0.407   404  Not Found [IP: 199.232.66.132 80]
0.548 Err:5 http://deb.debian.org/debian-security buster/updates Release
0.548   404  Not Found [IP: 199.232.66.132 80]
0.568 Err:6 http://deb.debian.org/debian buster-updates Release
0.568   404  Not Found [IP: 199.232.66.132 80]
0.577 Reading package lists...
0.590 E: The repository 'http://deb.debian.org/debian buster Release' does not have a Release file.
0.590 E: The repository 'http://deb.debian.org/debian-security buster/updates Release' does not have a Release file.
0.590 E: The repository 'http://deb.debian.org/debian buster-updates Release' does not have a Release file.
------

 1 warning found (use docker --debug to expand):
 - JSONArgsRecommended: JSON arguments recommended for CMD to prevent unintended behavior related to OS signals (line 52)
Dockerfile:7
--------------------
   6 |     # Install system dependencies
   7 | >>> RUN apt-get update && apt-get install -y build-essential \
   8 | >>>     git \
   9 | >>>     wget \
  10 | >>>     make \
  11 | >>>     curl \
  12 | >>>     apt-utils \
  13 | >>>     debconf \
  14 | >>>     lsb-release \
  15 | >>>     libmemcached-dev \
  16 | >>>     libffi-dev \
  17 | >>>     ca-certificates \
  18 | >>>     pypy3 \
  19 | >>>     pypy3-lib \
  20 | >>>     sudo
  21 |     
--------------------
ERROR: failed to solve: process "/bin/sh -c apt-get update && apt-get install -y build-essential     git     wget     make     curl     apt-utils     debconf     lsb-release     libmemcached-dev     libffi-dev     ca-certificates     pypy3     pypy3-lib     sudo" did not complete successfully: exit code: 100

Then on my branch, you will see the same command run without error.

Summary by CodeRabbit

  • Chores
    • Updated the base Docker image to a newer version for improved compatibility and support.

@LeoTheMighty
Update worker Dockerfile image to bookworm
5ce515c 
The issue here was that `slim-buster` has reached LTS and so
trying to run `apt-get` commands on the image was returning 404
errors. The real robust solution is to upgrade to a newer future-
proof image like `bookworm` instead.
@LeoTheMighty LeoTheMighty requested a review from Nusnus as a code owner July 14, 2025 21:00
coderabbitai[bot]
coderabbitai bot reviewed Jul 14, 2025
View reviewed changes
Copy link

@coderabbitai coderabbitai bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Actionable comments posted: 0

🧹 Nitpick comments (1)
src/pytest_celery/vendors/worker/Dockerfile (1)

7-21: Shrink image size & avoid dangling layers.

apt-get update && apt-get install -y … leaves APT caches in the layer and pulls in recommended packages by default, inflating the image >200 MB.

-RUN apt-get update && apt-get install -y build-essential \
+RUN set -eux; \
+    apt-get update; \
+    apt-get install -y --no-install-recommends build-essential \
     git \
@@
-    sudo
+    sudo \
+ && apt-get clean \
+ && rm -rf /var/lib/apt/lists/*

Benefits: ~80 MB smaller image, fewer CVE surfaces.
No functional change.

📜 Review details

Configuration used: CodeRabbit UI
Review profile: CHILL
Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 4d1a1db and 5ce515c.

📒 Files selected for processing (1)
  • src/pytest_celery/vendors/worker/Dockerfile (1 hunks)
🔇 Additional comments (1)
src/pytest_celery/vendors/worker/Dockerfile (1)

1-1: All dependencies exist in Debian Bookworm
Verified against packages.debian.org/bookworm—build-essential, git, wget, make, curl, apt-utils, debconf, lsb-release, libmemcached-dev, libffi-dev, ca-certificates, pypy3, pypy3-lib, and sudo all return HTTP 200. No renames or backports needed; you can safely bump to python:3.10-slim-bookworm.

@codecov Codecov
Copy link

codecov bot commented Jul 14, 2025
edited
Loading

Codecov Report

All modified and coverable lines are covered by tests ✅

Project coverage is 23.80%. Comparing base (4d1a1db) to head (8186df2).

Additional details and impacted files 
@@           Coverage Diff           @@
##             main     #460   +/-   ##
=======================================
  Coverage   23.80%   23.80%           
=======================================
  Files          41       41           
  Lines        1294     1294           
  Branches       94       94           
=======================================
  Hits          308      308           
  Misses        959      959           
  Partials       27       27

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:
  • ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.

@celery celery deleted a comment from coderabbitai bot Jul 15, 2025
auvipy
auvipy reviewed Jul 15, 2025
View reviewed changes
Copy link
Member

@auvipy auvipy left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

what about updating to python 3.12 as well?

src/pytest_celery/vendors/worker/Dockerfile Outdated
@@ -1,4 +1,4 @@
FROM python:3.10-slim-buster
FROM python:3.10-slim-bookworm
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
FROM python:3.10-slim-bookworm
FROM python:3.12-slim-bookworm

@LeoTheMighty
Copy link
Author

I'll try updating to 3.12, the errors on the CI workflow are still showing the same error. Any chance the docker images are being cached in those tests? I don't see slim-buster being used anywhere else in the repo

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@auvipy auvipy auvipy left review comments

@coderabbitai coderabbitai[bot] coderabbitai[bot] left review comments

@Nusnus Nusnus Awaiting requested review from Nusnus Nusnus is a code owner

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@LeoTheMighty @auvipy