Use python 3.12

smallwat3r · Nov 10, 2023 · 89daa76 · 89daa76
1 parent 02e26a4
commit 89daa76
Show file tree

Hide file tree

Showing 11 changed files with 80 additions and 29 deletions.
diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
@@ -8,7 +8,7 @@ jobs:
 
     strategy:
       matrix:
-        python-version: ["3.10", "3.11"]
+        python-version: ["3.12"]
 
     steps:
     - uses: actions/checkout@v3

diff --git a/Makefile b/Makefile
@@ -21,10 +21,10 @@ dc-start-adminer: dc-stop  ## Start dev docker server (with adminer)
 dc-stop:  ## Stop dev docker server
 	@docker compose -f docker-compose.yml stop;
 
-VENV          = venv
-VENV_PYTHON   = $(VENV)/bin/python
-SYSTEM_PYTHON = $(or $(shell which python3.10), $(shell which python))
-PYTHON        = $(or $(wildcard $(VENV_PYTHON)), $(SYSTEM_PYTHON))
+VENV           = venv
+VENV_PYTHON    = $(VENV)/bin/python
+SYSTEM_PYTHON  = $(shell which python3.12)
+PYTHON         = $(wildcard $(VENV_PYTHON))
 
 $(VENV_PYTHON):
 	rm -rf $(VENV)
@@ -36,7 +36,7 @@ venv: $(VENV_PYTHON)  ## Create a Python virtual environment
 .PHONY: deps
 deps:  ## Install Python requirements in virtual environment
 	$(PYTHON) -m pip install --upgrade pip
-	$(PYTHON) -m pip install -r requirements.txt -r dev-requirements.txt
+	$(PYTHON) -m pip install --no-cache-dir -r requirements.txt -r dev-requirements.txt
 
 .PHONY: checks
 checks: tests ruff mypy bandit  ## Run all checks (unit tests, ruff, mypy, bandit)

diff --git a/README.md b/README.md
@@ -66,7 +66,7 @@ use you might want to use a more secure configuration.
 
 #### Deps
 
-Make sure you have `make`, `docker`, `yarn`, and a version of Python 3.10 installed on your machine.  
+Make sure you have `make`, `docker`, `yarn`, and a version of Python 3.12 installed on your machine.  
 
 The application will use the development env variables from [/environments/docker.dev](https://github.com/smallwat3r/shhh/blob/master/environments/docker.dev).  
 

diff --git a/alpine.Dockerfile → alpine.dev.Dockerfile b/alpine.Dockerfile → alpine.dev.Dockerfile
@@ -1,4 +1,19 @@
-FROM python:3.10-alpine3.18
+# This dockerfile runs the application with the bare Flask
+# server. As it's for development only purposes.
+#
+# When using Gunicorn in a more prod-like config, multiple
+# workers would require to use the --preload option, else
+# the scheduler would spawn multiple scheduler instances.
+#
+# Note it would not be comptatible with Gunicorn --reload
+# flag, which is useful to reload the app on change, for
+# development purposes.
+#
+# Example: CMD gunicorn -b :8081 -w 3 wsgi:app --preload
+#
+# To use Gunicorn, please use: alpine.gunicorn.Dockerfile
+
+FROM python:3.12-alpine3.18
 
 RUN apk update \
   && apk add --no-cache \
@@ -33,11 +48,4 @@ COPY --chown=$USER:$GROUP . .
 
 RUN yarn install --modules-folder=shhh/static/vendor
 
-# When using Gunicorn in a more prod like config, multiple
-# workers would require to use the --preload option, else
-# the scheduler would spawn multiple scheduler instances.
-# Note it would not be comptatible with Gunicorn --reload
-# flag, which is useful to reload the app on change, for
-# development purposes.
-# Example: CMD gunicorn -b :8080 -w 3 wsgi:app --preload
 CMD flask run --host=0.0.0.0 --port 8081 --reload
diff --git a/alpine.gunicorn.Dockerfile b/alpine.gunicorn.Dockerfile
@@ -0,0 +1,36 @@
+FROM python:3.12-alpine3.18
+
+RUN apk update \
+  && apk add --no-cache \
+    gcc \
+    g++ \
+    libffi-dev \
+    musl-dev \
+    postgresql-dev \
+    yarn \
+  && python -m pip install --upgrade pip
+
+ENV TZ UTC
+
+WORKDIR /opt/shhh
+
+ENV GROUP=app USER=shhh UID=12345 GID=23456
+
+RUN addgroup --gid "$GID" "$GROUP" \
+    && adduser --uid "$UID" --disabled-password --gecos "" \
+        --ingroup "$GROUP" "$USER"
+
+USER "$USER"
+ENV PATH="/home/$USER/.local/bin:${PATH}"
+
+ENV CRYPTOGRAPHY_DONT_BUILD_RUST=1
+
+COPY requirements.txt .
+RUN pip install --no-cache-dir --no-warn-script-location \
+    --user -r requirements.txt
+
+COPY --chown=$USER:$GROUP . .
+
+RUN yarn install --modules-folder=shhh/static/vendor
+
+CMD gunicorn -b :8081 -w 3 wsgi:app --preload
diff --git a/docker-compose.yml b/docker-compose.yml
@@ -18,7 +18,7 @@ services:
   app:
     build:
       context: .
-      dockerfile: alpine.Dockerfile
+      dockerfile: alpine.dev.Dockerfile
     image: shhh
     depends_on:
       - db

diff --git a/pyproject.toml b/pyproject.toml
@@ -1,5 +1,6 @@
 [tool.mypy]
-python_version = "3.10"
+python_version = "3.12"
+exclude = ["shhh/static"]
 warn_return_any = true
 warn_unused_configs = true
 ignore_missing_imports = true
@@ -10,7 +11,7 @@ fixable = ["ALL"]
 exclude = [".eggs", ".git", ".mypy_cache", ".ruff_cache", "venv"]
 per-file-ignores = {}
 line-length = 79
-target-version = "py310"
+target-version = "py312"
 
 [tool.yapf]
 split_before_logical_operator = true

diff --git a/runtime.txt b/runtime.txt
@@ -1 +1 @@
-python-3.10.13
+python-3.12.0
diff --git a/shhh/__init__.py b/shhh/__init__.py
@@ -1 +1 @@
-__version__ = "3.0.7"
+__version__ = "3.1.0"
diff --git a/shhh/constants.py b/shhh/constants.py
@@ -1,5 +1,5 @@
 from collections import OrderedDict
-from enum import Enum
+from enum import StrEnum
 
 READ_TRIES_VALUES = (3, 5, 10)
 DEFAULT_READ_TRIES_VALUE = 5
@@ -12,28 +12,28 @@
 DEFAULT_EXPIRATION_TIME_VALUE = EXPIRATION_TIME_VALUES["3 days"]
 
 
-class ClientType(str, Enum):
+class ClientType(StrEnum):
     WEB = "web"
     TASK = "task"
 
 
-class EnvConfig(str, Enum):
+class EnvConfig(StrEnum):
     TESTING = "testing"
     DEV_LOCAL = "dev-local"
     DEV_DOCKER = "dev-docker"
     HEROKU = "heroku"
     PRODUCTION = "production"
 
 
-class Status(str, Enum):
+class Status(StrEnum):
     CREATED = "created"
     SUCCESS = "success"
     EXPIRED = "expired"
     INVALID = "invalid"
     ERROR = "error"
 
 
-class Message(str, Enum):
+class Message(StrEnum):
     NOT_FOUND = ("Sorry, we can't find a secret, it has expired, been deleted "
                  "or has already been read.")
     EXCEEDED = ("The passphrase is not valid. You've exceeded the number of "

diff --git a/shhh/domain/model.py b/shhh/domain/model.py
@@ -1,6 +1,9 @@
+from __future__ import annotations
+
 import secrets
 from base64 import urlsafe_b64decode, urlsafe_b64encode
-from datetime import datetime, timedelta
+from datetime import datetime, timedelta, timezone
+from typing import TYPE_CHECKING
 
 from sqlalchemy.ext.hybrid import hybrid_method
 
@@ -11,6 +14,9 @@
 
 from shhh.constants import DEFAULT_READ_TRIES_VALUE
 
+if TYPE_CHECKING:
+    from typing import Self
+
 
 class Secret:
     """Domain model for secrets."""
@@ -57,15 +63,15 @@ def encrypt(cls,
                 passphrase: str,
                 expire_code: str,
                 tries: int = DEFAULT_READ_TRIES_VALUE,
-                iterations: int = 100_000) -> "Secret":
+                iterations: int = 100_000) -> Self:
         salt = secrets.token_bytes(16)
         key = cls._derive_key(passphrase, salt, iterations)
         encrypted_text = urlsafe_b64encode(
             b"%b%b%b" %
             (salt,
              iterations.to_bytes(4, "big"),
              urlsafe_b64decode(Fernet(key).encrypt(message.encode()))))
-        now = datetime.utcnow()
+        now = datetime.now(timezone.utc)
         return cls(encrypted_text=encrypted_text,
                    date_created=now,
                    date_expires=cls._set_expiry_date(from_date=now,
@@ -86,7 +92,7 @@ def decrypt(self, passphrase: str) -> str:
 
     @property
     def expires_on_text(self) -> str:
-        timez = datetime.utcnow().astimezone().tzname()
+        timez = datetime.now(timezone.utc).astimezone().tzname()
         return f"{self.date_expires.strftime('%B %d, %Y at %H:%M')} {timez}"
 
     @hybrid_method