Skip to content

Update Dockerfile to use python:3.13.11-alpine3.22 #2115

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
Adarshkumar0509 wants to merge 1 commit into
base: master
Choose a base branch
from
Open

Update Dockerfile to use python:3.13.11-alpine3.22 #2115

Adarshkumar0509 wants to merge 1 commit into from

Conversation

@Adarshkumar0509
Copy link

@Adarshkumar0509 Adarshkumar0509 commented Feb 1, 2026
edited
Loading

This pull request updates the Cornucopia Docker image to use Python 3.13.11 on Alpine 3.22, aligning with the request to upgrade to Python 3.13 and Ubuntu 25.04.

Changes:
Update the Dockerfile base image from python:3.12.12-alpine3.22 to python:3.13.11-alpine3.22.

Keep the rest of the Dockerfile and build process unchanged.

Rationale:
Ensures the project is built and tested against the latest Python 3.13.x release.

Reduces future upgrade work as Python 3.13 becomes the default in more environments.

Testing:

Built the Docker image locally with the updated base image.

Verified that the image builds successfully and the existing entrypoints remain functional.

Related PR: #2119 (ClusterFuzzLite configuration).

Fixes #2105

@sydseter
Copy link
Collaborator

sydseter commented Feb 1, 2026

you forgot to upgrade the fuzzers: https://github.com/OWASP/cornucopia/blob/master/.clusterfuzzlite/Dockerfile

@Adarshkumar0509
Copy link
Author

Adarshkumar0509 commented Feb 2, 2026

Thanks for the review! I’ve now updated .clusterfuzzlite/Dockerfile to use the ubuntu-25-04 base image in a separate PR and referenced issue #2105 there as well.

@sydseter sydseter mentioned this pull request Feb 2, 2026
Open
@Adarshkumar0509
Copy link
Author

Adarshkumar0509 commented Feb 2, 2026

hi @sydseter I tried updating .clusterfuzzlite/Dockerfile to use ubuntu-25-04 in #2119, but the image tag gcr.io/oss-fuzz-base/base-builder-python:ubuntu-25-04 does not exist yet, so the ClusterFuzzLite build fails. I’ve reverted it to the existing ubuntu-24-04 base image in #2119 to keep CI green, and will be happy to update it once a valid ubuntu-25-04 tag is available.

@sydseter
Copy link
Collaborator

sydseter commented Feb 2, 2026
edited
Loading

Ok, then we need to install python 3.13 during the docker build here:

cornucopia/.clusterfuzzlite/Dockerfile

Line 2 in 3269f14

RUN apt-get update && apt-get install -y --no-install-recommends \

@Adarshkumar0509
Copy link
Author

Adarshkumar0509 commented Feb 2, 2026
edited
Loading

Hi @sydseter, thanks for the suggestion. I’ve updated .clusterfuzzlite/Dockerfile in #2119 to install and use Python 3.13 during the Docker build as you recommended, and the ClusterFuzzLite CI is now passing with this change.

sydseter
sydseter requested changes Feb 2, 2026
View reviewed changes
Dockerfile
@@ -1,4 +1,4 @@
FROM python:3.12.12-alpine3.22@sha256:d82291d418d5c47f267708393e40599ae836f2260b0519dd38670e9d281657f5 AS pipenv
FROM python:3.13.11-alpine3.22
Copy link
Collaborator

@sydseter sydseter Feb 2, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Please ensure the image is pinned with the correct hash.

Copy link
Author

@Adarshkumar0509 Adarshkumar0509 Feb 2, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

image I’ve updated the Dockerfile to pin python:3.13.11-alpine3.22 with digest sha256:2fd9…4045 and pushed the change, so the image is now correctly pinned.

Copy link
Collaborator

@sydseter sydseter Feb 4, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Hi the sha pin need to follow after the image like this:

python:3.12.12-alpine3.22@sha256:d82291d418d5c47f267708393e40599ae836f2260b0519dd38670e9d281657f5

Copy link
Author

@Adarshkumar0509 Adarshkumar0509 Feb 4, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks for the clarification! I will update the FROM line to pin the image and digest in the same token (e.g. python:3.13.11-alpine3.22@sha256:…) and push the change.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@sydseter sydseter sydseter requested changes

@rewtd rewtd Awaiting requested review from rewtd rewtd is a code owner

@cw-owasp cw-owasp Awaiting requested review from cw-owasp cw-owasp is a code owner

Requested changes must be addressed to merge this pull request.

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

Upgrade to Python 3.13 and ubuntu 25.04

2 participants

@Adarshkumar0509 @sydseter