chore(deps): update python docker tag to v3.14

2026-01-04 10:01:21 +00:00
13 changed files with 13 additions and 276 deletions
--- a/.gitea/CODEOWNERS
+++ b/.gitea/CODEOWNERS
@@ -1 +0,0 @@
 *   @luke
--- a/.gitea/workflows/ci.yml
+++ b/.gitea/workflows/ci.yml
@@ -1,95 +0,0 @@
 name: CI
 on:
  pull_request:
    types:
      - opened
      - edited
      - synchronize
      - reopened
 jobs:
  ci:
    runs-on: ubuntu-latest
    steps:
      - name: Check out repository code
        uses: actions/checkout@v6.0.1
        with:
          fetch-depth: 0
      - name: Run Hadolint
        uses: hadolint/hadolint-action@v3.3.0
        with:
          dockerfile: Dockerfile
          output-file: hadolint.out
          format: sonarqube
          no-fail: true
      - name: Setup Python
        uses: actions/setup-python@v6
        with:
          python-version: "3.14"
      - name: uv cache
        uses: actions/cache@v5
        with:
          path: /tmp/.uv-cache
          key: uv-${{ runner.os }}-${{ hashFiles('uv.lock') }}
          restore-keys: |
            uv-${{ runner.os }}-${{ hashFiles('uv.lock') }}
            uv-${{ runner.os }}
      - name: Install dependencies
        run: uv sync
      - name: Check Import Sorting
        run: uv run isort --check app/ tests/
      - name: Lint
        run: |
          uv run pylint --fail-under=8 --recursive=yes --output-format=parseable --output=lintreport.txt app/ tests/
          cat lintreport.txt
      - name: Unit Test
        run: |
          uv run coverage run -m pytest -v --junitxml=testresults.xml
          uv run coverage report
        # sed -i 's@${{ gitea.workspace }}@/github/workspace@g' coverage.xml
      - name: Minimize uv cache
        run: uv cache prune --ci
      # - name: SonarQube Scan
      #   uses: SonarSource/sonarqube-scan-action@v5.2.0
      #   env:
      #     SONAR_HOST_URL: ${{ secrets.SONARQUBE_HOST_URL }}
      #     SONAR_TOKEN: ${{ secrets.SONARQUBE_TOKEN }}
      - name: Set up environment for Snyk
        run: |
          uv pip freeze > requirements.txt
          mv pyproject.toml pyproject.toml.bak
          mv uv.lock uv.lock.bak
      - name: Snyk SAST Scan
        uses: snyk/actions/python@master
        env:
          SNYK_TOKEN: ${{ secrets.SNYK_TOKEN }}
        with:
          # command: snyk
          args: snyk code test #--all-projects --exclude=.archive
      # - name: Snyk Vulnerability Scan
      #   uses: snyk/actions/python@master
      #   continue-on-error: true # Sometimes vulns aren't immediately fixable
      #   env:
      #     SNYK_TOKEN: ${{ secrets.SNYK_TOKEN }}
      #     DEBUG: "*snyk*"
      #   with:
      #     # command: snyk
      #     args: snyk test #--all-projects --exclude=.archive
      - name: Reverse set up environment for Snyk
        run: |
          rm -f requirements.txt
          mv pyproject.toml.bak pyproject.toml
          mv uv.lock.bak uv.lock
--- a/.gitea/workflows/conventional_commit.yml
+++ b/.gitea/workflows/conventional_commit.yml
@@ -1,16 +0,0 @@
 name: Validate PR Title
 on:
  pull_request:
    types:
      - opened
      - edited
      - synchronize
      - reopened
 jobs:
  validate:
    runs-on: ubuntu-latest
    steps:
      - uses: https://git.tainton.uk/actions/conventional-commits-check-action@v1.3.0
        with:
          commit-message: ${{ gitea.event.pull_request.title }}
--- a/.gitea/workflows/release.yml
+++ b/.gitea/workflows/release.yml
@@ -1,98 +0,0 @@
 name: Release
 on:
  workflow_dispatch:
  schedule:
    - cron: '0 9 * * 0'
 jobs:
  tag:
    name: Tag release
    uses: https://git.tainton.uk/actions/gha-workflows/.gitea/workflows/release-with-tag.yaml@main
  create_release:
    name: Create Release
    needs: tag
    uses: https://git.tainton.uk/actions/gha-workflows/.gitea/workflows/create-release-preexisting-tag.yaml@main
    with:
      tag: ${{ needs.tag.outputs.tag_name }}
      body: ${{ needs.tag.outputs.changelog }}
    secrets:
      ACTIONS_TOKEN: ${{ secrets.ACTIONS_TOKEN }}
  create_docker:
    name: Publish Docker Images
    runs-on: ubuntu-latest
    needs: [tag, create_release]
    steps:
      - name: Update Docker configuration
        continue-on-error: true
        run: |
          mkdir -p /etc/default
          mkdir -p /etc/docker
          touch -a /etc/default/docker
          touch -a /etc/docker/daemon.json
          echo "DOCKER_OPTS=\"--insecure-registry ${{ vars.PACKAGES_REGISTRY_URL }}\"" >> /etc/default/docker
          echo "{\"insecure-registries\": [\"${{ vars.PACKAGES_REGISTRY_URL }}\"]}" > /etc/docker/daemon.json
      - name: Get repo name
        id: split
        run: echo "repo=${REPO##*/}" >> "$GITEA_OUTPUT"
        env:
          REPO: ${{ gitea.repository }}
      - name: Check out repository
        uses: actions/checkout@v6.0.1
        with:
          fetch-depth: 0
          ref: ${{ needs.tag.outputs.tag_name }}
      - name: Set up Docker Buildx
        uses: docker/setup-buildx-action@v3
      - name: Log in to Gitea Container Registry
        uses: docker/login-action@v3
        with:
          registry: ${{ vars.PACKAGES_REGISTRY_URL }}
          username: ${{ vars.ACTIONS_USERNAME }}
          password: ${{ secrets.ACTIONS_TOKEN }}
      - name: Log in to GitHub Container Registry
        uses: docker/login-action@v3
        with:
          registry: ghcr.io
          username: ${{ vars.GHCR_USERNAME }}
          password: ${{ secrets.GHCR_TOKEN }}
      - name: Extract metadata (tags, labels) for Docker
        id: meta
        uses: docker/metadata-action@v5
        with:
          tags: type=semver,pattern=v{{version}},value=${{ needs.tag.outputs.tag_name }}
          images: |
            ghcr.io/${{ vars.GHCR_USERNAME }}/${{ steps.split.outputs.repo }}
            ${{ vars.PACKAGES_REGISTRY_URL }}/${{ gitea.repository }}
      - name: Print metadata
        run: |
          printf "Annotations:\n${{ steps.meta.outputs.annotations }}"
          echo ""
          printf "Labels:\n${{ steps.meta.outputs.labels }}"
          echo ""
          printf "Tags:\n${{ steps.meta.outputs.tags }}"
      - name: Build images
        uses: docker/build-push-action@v6
        with:
          context: .
          push: false
          load: true
          annotations: ${{ steps.meta.outputs.annotations }}
          labels: ${{ steps.meta.outputs.labels }}
          tags: ${{ steps.meta.outputs.tags }}
      - name: Push images
        run: |
          strtags="${{ steps.meta.outputs.tags }}"
          readarray -t lines <<<"$strtags"
          for element in "${lines[@]}"; do docker push "$element"; done
          unset strtags lines
--- a/.gitea/workflows/snyk.yml
+++ b/.gitea/workflows/snyk.yml
@@ -1,24 +0,0 @@
 name: Snyk
 on:
  workflow_dispatch:
  push:
    branches:
      - main
  schedule:
    - cron: "@daily"
 jobs:
  security:
    runs-on: ubuntu-latest
    steps:
      - name: Checkout repo
        uses: actions/checkout@v6.0.1
      - name: Snyk
        uses: snyk/actions/python@master
        continue-on-error: true
        env:
          SNYK_TOKEN: ${{ secrets.SNYK_TOKEN }}
        with:
          command: monitor
--- a/.archive/.github_archived/CODEOWNERS
+++ b/.archive/.github_archived/CODEOWNERS
--- a/.archive/.github_archived/dependabot.yml
+++ b/.archive/.github_archived/dependabot.yml
--- a/.archive/.github_archived/renovate.json
+++ b/.archive/.github_archived/renovate.json
--- a/.archive/.github_archived/workflows/ci.yml
+++ b/.archive/.github_archived/workflows/ci.yml
--- a/19
+++ b/19
@@ -1,23 +1,18 @@
-FROM python:3.14.2-slim
+FROM python:3.14-slim
 LABEL maintainer="Luke Tainton <luke@tainton.uk>"
 LABEL org.opencontainers.image.source="https://github.com/luketainton/6to4_converter"
 USER root
-ENV PYTHONPATH="/run:/usr/local/lib/python3.14/lib-dynload:/usr/local/lib/python3.14/site-packages:/usr/local/lib/python3.14"
+ENV PYTHONPATH="/run:/usr/local/lib/python3.11/lib-dynload:/usr/local/lib/python3.11/site-packages:/usr/local/lib/python3.11"
 ENV UV_PROJECT_ENVIRONMENT="/usr/local/"
 WORKDIR /run
 RUN mkdir -p /.local && \
    chmod -R 777 /.local && \
-    pip install -U pip uv==0.9.21
+    pip install -U pip
-COPY pyproject.toml /run/pyproject.toml
+COPY requirements.txt /run/requirements.txt
-COPY uv.lock /run/uv.lock
+RUN pip install --no-cache-dir -r requirements.txt
 # needed for PDM build
 COPY README.md /run/README.md
-RUN uv sync --frozen
+ENTRYPOINT ["python3", "-B", "-m", "app.main"]
 ENTRYPOINT ["uv", "run", "python", "-B", "-m", "app.main"]
 COPY app /run/app
--- a/README.md
+++ b/README.md
@@ -1,11 +1,10 @@
-# 6to4_converter
+# 6to4_converter [![CI](https://github.com/luketainton/6to4_converter/actions/workflows/merge-to-main.yml/badge.svg?branch=main)](https://github.com/luketainton/6to4_converter/actions/workflows/merge-to-main.yml) [![Quality Gate Status](https://sonarcloud.io/api/project_badges/measure?project=luketainton_6to4_converter&metric=alert_status)](https://sonarcloud.io/summary/new_code?id=luketainton_6to4_converter)
 ## Description
 Simple script to convert IPv4 addresses to 6to4 addresses. See RFC 3056 for details.
 ## How to install
 - Clone the repository.
 - Run `uv sync`.
 ## How to use
- Run `uv run python -m app.main --help` for information on how to use this script.
+- Run `python3 app/main.py --help` for information on how to use this script.
--- a/renovate.json
+++ b/renovate.json
@@ -1,23 +0,0 @@
 {
  "assignAutomerge": false,
  "assigneesFromCodeOwners": false,
  "dependencyDashboardAutoclose": true,
  "extends": ["config:recommended"],
  "ignorePaths": ["**/.archive/**"],
  "labels": ["type/dependencies"],
  "platformCommit": "enabled",
  "rebaseWhen": "behind-base-branch",
  "rollbackPrs": true,
  "semanticCommits": "enabled",
  "semanticCommitScope": "deps",
  "semanticCommitType": "feat",
  "vulnerabilityAlerts": {
    "commitMessagePrefix": "[SECURITY] ",
    "enabled": true,
    "labels": ["security"],
    "prCreation": "immediate"
  },
  "lockFileMaintenance": {
    "enabled": true
  }
 }
--- a/uv.lock
+++ b/uv.lock
@@ -4,7 +4,7 @@ requires-python = ">=3.14"
 [[package]]
 name = "6to4-converter"
-version = "0.0.0"
+version = "0.1.0"
 source = { virtual = "." }
 dependencies = [
    { name = "argparse" },
@@ -187,11 +187,11 @@ wheels = [
 [[package]]
 name = "pathspec"
-version = "1.0.3"
+version = "0.12.1"
 source = { registry = "https://pypi.org/simple" }
-sdist = { url = "https://files.pythonhosted.org/packages/4c/b2/bb8e495d5262bfec41ab5cb18f522f1012933347fb5d9e62452d446baca2/pathspec-1.0.3.tar.gz", hash = "sha256:bac5cf97ae2c2876e2d25ebb15078eb04d76e4b98921ee31c6f85ade8b59444d", size = 130841, upload-time = "2026-01-09T15:46:46.009Z" }
+sdist = { url = "https://files.pythonhosted.org/packages/ca/bc/f35b8446f4531a7cb215605d100cd88b7ac6f44ab3fc94870c120ab3adbf/pathspec-0.12.1.tar.gz", hash = "sha256:a482d51503a1ab33b1c67a6c3813a26953dbdc71c31dacaef9a838c4e29f5712", size = 51043, upload-time = "2023-12-10T22:30:45Z" }
 wheels = [
-    { url = "https://files.pythonhosted.org/packages/32/2b/121e912bd60eebd623f873fd090de0e84f322972ab25a7f9044c056804ed/pathspec-1.0.3-py3-none-any.whl", hash = "sha256:e80767021c1cc524aa3fb14bedda9c34406591343cc42797b386ce7b9354fb6c", size = 55021, upload-time = "2026-01-09T15:46:44.652Z" },
+    { url = "https://files.pythonhosted.org/packages/cc/20/ff623b09d963f88bfde16306a54e12ee5ea43e9b597108672ff3a408aad6/pathspec-0.12.1-py3-none-any.whl", hash = "sha256:a0d503e138a4c123b27490a4f7beda6a01c6f288df0e4a8b79c7eb0dc7b4cc08", size = 31191, upload-time = "2023-12-10T22:30:43.14Z" },
 ]
 [[package]]