Merge Feature image upgrade into Main (#2059)

* update dockerfiles, package.json, github actions - node 12 to 18 for build and test (#2054) * Update base image, add CA certs, remove backports, update node install * update node-sass required to build node-gyp for app * update github node 12 to 18 * Merge main into feature (#2056) * Added redis cache and changed redis docker image to have a persistent volume (#2053) * Update base image, add CA certs, remove backports, update node install * update node-sass required to build node-gyp for app * update github node 12 to 18 * CONCD-481 Reorganize/update transcription page (#2052) * CONCD-481 move 'View on loc.gov' button to the right * CONCD-481 Create gray bar under Transcription interface to hold social media links * CONCD-481 change Concordia transcription button styling to match loc.gov design standards - all buttons should be blue except 'View on loc.gov' and 'Find a new page', which will be white with blue outline/ lettering * CONCD-481 Just a few tweaks (#2055) * CONCD-481 keep Quick Tips (until the Tutorial is ready to release) * CONCD-481 More padding above the new gray bar * CONCD-481 pad/ indent Share this item text a little --------- Co-authored-by: Josh Stegmaier <[email protected]> Co-authored-by: rasarkar <[email protected]> * update node version 12 to 18 (#2057) --------- Co-authored-by: Josh Stegmaier <[email protected]> Co-authored-by: rasarkar <[email protected]>
LibraryOfCongress · Aug 15, 2023 · 19bc125 · 19bc125
1 parent 061bd25
commit 19bc125
Show file tree

Hide file tree

Showing 8 changed files with 4,429 additions and 5,599 deletions.
diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml
@@ -21,7 +21,7 @@ jobs:
             - name: Install node and npm
               uses: actions/setup-node@v3
               with:
-                  node-version: '12'
+                  node-version: '18'
 
             - name: Checkout repository
               uses: actions/checkout@v3

diff --git a/.github/workflows/dev-main-deploy.yml b/.github/workflows/dev-main-deploy.yml
@@ -30,7 +30,7 @@ jobs:
             - name: Install node and npm
               uses: actions/setup-node@v3
               with:
-                  node-version: '12'
+                  node-version: '18'
 
             - name: Checkout repository
               uses: actions/checkout@v3

diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml
@@ -56,7 +56,7 @@ jobs:
             - name: Install node and npm
               uses: actions/setup-node@v3
               with:
-                  node-version: '12'
+                  node-version: '18'
 
             - name: Checkout repository
               uses: actions/checkout@v3

diff --git a/Dockerfile b/Dockerfile
@@ -1,15 +1,21 @@
-FROM python:3.10-slim-bullseye
+FROM python:3.10-slim-bookworm
 
 ## Add the wait script to the image
 ADD https://github.com/ufoscout/docker-compose-wait/releases/download/2.2.1/wait /wait
 RUN chmod +x /wait
 
 ENV DEBIAN_FRONTEND="noninteractive"
 
-RUN echo "deb http://deb.debian.org/debian buster-backports main" >> /etc/apt/sources.list.d/buster-backports.list
+RUN apt-get update -qy && apt-get install -qy curl
+
+# Ensure that the Library's certificate authority is trusted so the tampering
+# proxy will not break TLS validation. See
+# https://staff.loc.gov/wikis/display/SE/Configuring+HTTPS+clients+for+the+HTTPS+tampering+proxy.
+
+RUN curl -fso /etc/ssl/certs/LOC-ROOT-CA-1.crt http://crl.loc.gov/LOC-ROOT-CA-1.crt && openssl x509 -inform der -in /etc/ssl/certs/LOC-ROOT-CA-1.crt -outform pem -out /etc/ssl/certs/LOC-ROOT-CA-1.pem && c_rehash
 
 RUN apt-get update -qy && apt-get dist-upgrade -qy && apt-get install -o Dpkg::Options::='--force-confnew' -qy \
-    git curl \
+    git \
     libmemcached-dev \
     # Pillow/Imaging: https://pillow.readthedocs.io/en/latest/installation.html#external-libraries
     libz-dev libfreetype6-dev \
@@ -21,7 +27,7 @@ RUN apt-get update -qy && apt-get dist-upgrade -qy && apt-get install -o Dpkg::O
     libpango-1.0-0 libharfbuzz0b libpangoft2-1.0-0 \
     # Tesseract
     tesseract-ocr \
-    nodejs node-gyp && apt-get -qy -t buster-backports install npm && apt-get -qy autoremove && apt-get -qy autoclean
+    nodejs node-gyp npm && apt-get -qy autoremove && apt-get -qy autoclean
 
 RUN locale-gen en_US.UTF-8
 ENV LC_ALL=en_US.UTF-8
@@ -33,12 +39,13 @@ ENV PYTHONPATH /app
 
 ENV DJANGO_SETTINGS_MODULE=${DJANGO_SETTINGS_MODULE:-concordia.settings_docker}
 
-RUN pip3 install pipenv
+RUN pip install --upgrade pip
+RUN pip install --no-cache-dir pipenv
 
 WORKDIR /app
 COPY . /app
 
-RUN npm install --silent --global npm@8.19 && /usr/local/bin/npm install --silent && npx gulp build
+RUN npm install --silent --global npm@latest && /usr/local/bin/npm install --silent && npx gulp build
 
 RUN pipenv install --system --dev --deploy && rm -rf ~/.cache/
 

diff --git a/celerybeat/Dockerfile b/celerybeat/Dockerfile
@@ -1,15 +1,21 @@
-FROM python:3.10-slim-bullseye
+FROM python:3.10-slim-bookworm
 
 ## Add the wait script to the image
 ADD https://github.com/ufoscout/docker-compose-wait/releases/download/2.2.1/wait /wait
 RUN chmod +x /wait
 
 ENV DEBIAN_FRONTEND="noninteractive"
 
-RUN echo "deb http://deb.debian.org/debian buster-backports main" >> /etc/apt/sources.list.d/buster-backports.list
+RUN apt-get update -qy && apt-get install -qy curl
+
+# Ensure that the Library's certificate authority is trusted so the tampering
+# proxy will not break TLS validation. See
+# https://staff.loc.gov/wikis/display/SE/Configuring+HTTPS+clients+for+the+HTTPS+tampering+proxy.
+
+RUN curl -fso /etc/ssl/certs/LOC-ROOT-CA-1.crt http://crl.loc.gov/LOC-ROOT-CA-1.crt && openssl x509 -inform der -in /etc/ssl/certs/LOC-ROOT-CA-1.crt -outform pem -out /etc/ssl/certs/LOC-ROOT-CA-1.pem && c_rehash
 
 RUN apt-get update -qy && apt-get dist-upgrade -qy && apt-get install -o Dpkg::Options::='--force-confnew' -qy \
-    git curl \
+    git \
     libmemcached-dev \
     # Pillow/Imaging: https://pillow.readthedocs.io/en/latest/installation.html#external-libraries
     libz-dev libfreetype6-dev \
@@ -31,7 +37,8 @@ ENV PYTHONPATH /app
 
 ENV DJANGO_SETTINGS_MODULE=${DJANGO_SETTINGS_MODULE:-concordia.settings_docker}
 
-RUN pip3 install pipenv
+RUN pip install --upgrade pip
+RUN pip install --no-cache-dir pipenv
 
 WORKDIR /app
 COPY . /app

diff --git a/importer/Dockerfile b/importer/Dockerfile
@@ -1,15 +1,21 @@
-FROM python:3.10-slim-bullseye
+FROM python:3.10-slim-bookworm
 
 ## Add the wait script to the image
 ADD https://github.com/ufoscout/docker-compose-wait/releases/download/2.2.1/wait /wait
 RUN chmod +x /wait
 
 ENV DEBIAN_FRONTEND="noninteractive"
 
-RUN echo "deb http://deb.debian.org/debian buster-backports main" >> /etc/apt/sources.list.d/buster-backports.list
+RUN apt-get update -qy && apt-get install -qy curl
+
+# Ensure that the Library's certificate authority is trusted so the tampering
+# proxy will not break TLS validation. See
+# https://staff.loc.gov/wikis/display/SE/Configuring+HTTPS+clients+for+the+HTTPS+tampering+proxy.
+
+RUN curl -fso /etc/ssl/certs/LOC-ROOT-CA-1.crt http://crl.loc.gov/LOC-ROOT-CA-1.crt && openssl x509 -inform der -in /etc/ssl/certs/LOC-ROOT-CA-1.crt -outform pem -out /etc/ssl/certs/LOC-ROOT-CA-1.pem && c_rehash
 
 RUN apt-get update -qy && apt-get dist-upgrade -qy && apt-get install -o Dpkg::Options::='--force-confnew' -qy \
-    git curl \
+    git \
     libmemcached-dev \
     # Pillow/Imaging: https://pillow.readthedocs.io/en/latest/installation.html#external-libraries
     libz-dev libfreetype6-dev \
@@ -31,7 +37,8 @@ ENV PYTHONPATH /app
 
 ENV DJANGO_SETTINGS_MODULE=${DJANGO_SETTINGS_MODULE:-concordia.settings_docker}
 
-RUN pip3 install pipenv
+RUN pip install --upgrade pip
+RUN pip install --no-cache-dir pipenv
 
 WORKDIR /app
 COPY . /app