From 1091fa7e898e5e2638106a451d7ac9a6a9ac73d3 Mon Sep 17 00:00:00 2001
From: Adar Nimrod <nimrod@shore.co.il>
Date: Mon, 1 Jul 2019 12:24:18 +0300
Subject: [PATCH] Skip locked requirements.txt for Docker image.

Don't ship a requirements.txt file with locked versions of packages just
for the Docker image. The test don't include the dependencies anyway so
there's no point and without hashes there's no security benefits.
Instead use bump-version to update the version in the Docker image and
remove hashin package and the update-reqs pipenv script.
---
 .dockerignore    |  1 -
 Dockerfile       |  3 +--
 Pipfile          |  2 --
 Pipfile.lock     | 37 ++++---------------------------------
 requirements.txt |  8 --------
 setup.cfg        |  2 ++
 6 files changed, 7 insertions(+), 46 deletions(-)
 delete mode 100644 requirements.txt

diff --git a/.dockerignore b/.dockerignore
index 98253ac..72e8ffc 100644
--- a/.dockerignore
+++ b/.dockerignore
@@ -1,2 +1 @@
 *
-!requirements.txt
diff --git a/Dockerfile b/Dockerfile
index bfab5ab..40d9b47 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -1,4 +1,3 @@
 FROM python:3.7-alpine3.9
-COPY requirements.txt /
-RUN pip install --progress-bar=off --no-cache-dir -r requirements.txt
+RUN pip install --progress-bar=off --no-cache-dir check-s3-bucket==0.2.3
 ENTRYPOINT [ "/usr/local/bin/check_s3_bucket" ]
diff --git a/Pipfile b/Pipfile
index 9545666..ec958a2 100644
--- a/Pipfile
+++ b/Pipfile
@@ -10,7 +10,6 @@ twine = "*"
 check-s3-bucket = {editable = true,path = "."}
 dbus-python = "*"
 keyring = "*"
-hashin = "*"
 
 [packages]
 
@@ -22,4 +21,3 @@ ci = "pre-commit run --all-files"
 build = "python setup.py bdist_wheel"
 clean = "git clean -fdX"
 upload = "twine upload -s dist/*"
-update-reqs = "hashin -u"
diff --git a/Pipfile.lock b/Pipfile.lock
index 2b601ac..a44f3a0 100644
--- a/Pipfile.lock
+++ b/Pipfile.lock
@@ -1,7 +1,7 @@
 {
     "_meta": {
         "hash": {
-            "sha256": "780779a0114819967d7e8da079ae35331cdac7c6457dbae8cb0e657a9cc5e3a0"
+            "sha256": "ab68f9a4df2b89b3a2b7c32a41d5377afb0e5e30b444166bf46b1e827cb3b738"
         },
         "pipfile-spec": 6,
         "requires": {
@@ -40,10 +40,10 @@
         },
         "botocore": {
             "hashes": [
-                "sha256:13e75f594c77988efd13f0862f3c7397d587e74b623fe0825d48b0ec0dc96d6b",
-                "sha256:1fa1ad4be9e9fea77eed7d5021be4283e9bcfecc60d2de83f96552025c4725d1"
+                "sha256:a2ceaa00724228a961ef6f97da60ab09f3161a76e2f3ae82a49be396ca1083fc",
+                "sha256:f049dbfe83423f5cf350a861861e7f904967dea5e142ec1a17c70c07f9fdb117"
             ],
-            "version": "==1.12.172"
+            "version": "==1.12.180"
         },
         "bumpversion": {
             "hashes": [
@@ -154,14 +154,6 @@
             ],
             "version": "==0.3"
         },
-        "hashin": {
-            "hashes": [
-                "sha256:dbace6900d8de44f3106a64496803e45843cf4974755613db811a487fadbf4c6",
-                "sha256:fe764df71cabbbddfa72aa4d6685581c932bb5cf9100ddee6b2b04f3446ae2f7"
-            ],
-            "index": "pypi",
-            "version": "==0.14.5"
-        },
         "identify": {
             "hashes": [
                 "sha256:0a11379b46d06529795442742a043dc2fa14cd8c995ae81d1febbc5f1c014c87",
@@ -211,20 +203,6 @@
             ],
             "version": "==1.3.3"
         },
-        "packaging": {
-            "hashes": [
-                "sha256:0c98a5d0be38ed775798ece1b9727178c4469d9c3b4ada66e8e6b7849f8732af",
-                "sha256:9e1cbf8c12b1f1ce0bb5344b8d7ecf66a6f8a6e91bcb0c84593ed6d3ab5c4ab3"
-            ],
-            "version": "==19.0"
-        },
-        "pip-api": {
-            "hashes": [
-                "sha256:742b3edb5b077853ffcfec8a849f6ff1a622c6ecf648adb5fa0e4594998fcd46",
-                "sha256:a685eb315b9f10f6df4ceb66f3710148c8ad7de2d4ff29ee98fed0e4d949ec81"
-            ],
-            "version": "==0.0.10"
-        },
         "pkginfo": {
             "hashes": [
                 "sha256:7424f2c8511c186cd5424bbf31045b77435b37a8d604990b79d4e70d741148bb",
@@ -253,13 +231,6 @@
             ],
             "version": "==2.4.2"
         },
-        "pyparsing": {
-            "hashes": [
-                "sha256:1873c03321fc118f4e9746baf201ff990ceb915f433f23b395f5580d1840cb2a",
-                "sha256:9b6323ef4ab914af344ba97510e966d64ba91055d6b9afa6b30799340e89cc03"
-            ],
-            "version": "==2.4.0"
-        },
         "python-dateutil": {
             "hashes": [
                 "sha256:7e6584c74aeed623791615e26efd690f29817a27c73085b78e4bad02493df2fb",
diff --git a/requirements.txt b/requirements.txt
deleted file mode 100644
index dea9f17..0000000
--- a/requirements.txt
+++ /dev/null
@@ -1,8 +0,0 @@
-botocore==1.12.172
-check-s3-bucket==0.2.0
-docutils==0.14
-jmespath==0.9.4
-python-dateutil==2.8.0
-pytz==2019.1
-six==1.12.0
-urllib3==1.25.3
diff --git a/setup.cfg b/setup.cfg
index 51b843f..58db513 100644
--- a/setup.cfg
+++ b/setup.cfg
@@ -10,3 +10,5 @@ universal = 1
 
 [bumpversion:file:check_s3_bucket/__init__.py]
 
+[bumpversion:file:Dockerfile]
+
-- 
GitLab