Resolving unstable/insecure versions with SwisscomDev/Cloudfoundry - cloud-foundry

Having buildpack: php_buildpack defined in our manifest.yml this should resolve to the latest CloudFoundry PHP Buildpack to my understanding.
But this resolves to Buildpack version 4.3.21 while Github mentions 4.3.22 as latest release. How does this happen? Do we need to trigger something/someone? Of course we don't want to specify a specific release tag in our manifest.
Additionally "PHP_VERSION": "{PHP_70_LATEST}" in options.json should resolve to the latest stable PHP 7 version but it resolves to 7.0.11 which is according to the PHP Release Announcements an insecure version which should not be used anymore.
Same applies to PHP_56_LATEST as it resolves to 5.6.7 which is a well outdated in favor of 5.6.28 (security release as well).
We didn't check for htttpd an others because we'd somehow rely on getting most recent, stable and secure versions.

php_buildpack refers to the latest version of the buildpack installed on the Cloud Foundry installation you are using (i.e. the Swisscom Application Cloud). It gets updated as soon as the version of Cloud Foundry gets updated because the buildpack is bundled with CF. If you really want to use the absolute latest buildpack, you'll have to pull it directly from GitHub. You can do so by specifying
buildpack: https://github.com/cloudfoundry/php-buildpack.git
The versions for PHP are also bundled with the buildpack. It will always install the latest version of the range you are specifying which is installed in the version of the buildpack you are using. You can find these versions here: https://github.com/cloudfoundry/php-buildpack/blob/master/manifest.yml (you can check out the file for different git tags of the buildpack to see which versions of PHP they come bundled with).

I believe the reason is that there are no standards on buildpacks names for operators.
E.g. platform operators can upload buildpacks with any name and use any version.
It is a best practice to keep them at default names/latest version, but not everyone follows that.
Just use custom buildpack with whatever version you need (if platform allows it)

Related

dbt and google cloud composer PyPI dependency issues

I am currently running Google Cloud Composer with a Composer version 2.0.9 and airflow version 2.1.4. I am trying install the most recent version of dbt (1.0.4 for core and 1.0.0 for the BigQuery plugin). Because cloud composter images has specific packages installed, I am getting conflicting PyPI dependency issues. When I try to fix one dependency another issue occurs. Does anyone know the specific set of packages installed that would resolve this issue? I have read the following posts by the community but I wanted to know if anyone has a solution for just using composer?
How to run DBT in airflow without copying our repo
How to set up dbt with Google Cloud Composer?
I was able to reproduce the behaviour you are seeing. Below are the dependency conflicts I saw in the Cloud Build logs. These conflicts are occurring between the dbt-core requirements and the pre-installed package requirements in Composer.
Pre-installed package requirements:
hologram 0.0.14 has requirement jsonschema<3.2,>=3.0, but you have jsonschema 3.2.0. ##=> can be installed manually
flask 1.1.4 has requirement click<8.0,>=5.1, but you have click 8.1.2.
apache-airflow 2.1.4+composer has requirement markupsafe<2.0,>=1.1.1, but you have markupsafe 2.0.1.
looker-sdk 22.4.0 has requirement typing-extensions>=4.1.1, but you have typing-extensions 3.10.0.2.
dbt-core requirements:
hologram 0.0.14 has requirement jsonschema<3.2,>=3.0, but you have jsonschema 3.2.0. ##=> can be installed manually
dbt-core 1.0.4 has requirement click<9,>=8, but you have click 7.1.2.
dbt-core 1.0.4 has requirement MarkupSafe==2.0.1, but you have markupsafe 1.1.1.
dbt-core 1.0.4 has requirement typing-extensions<3.11,>=3.7.4, but you have typing-extensions 4.1.1.
I tried downgrading the pre-installed packages, but subsequent package installations fail and it is not recommended as well.
Therefore, I would suggest using an external solution as stated in this thread you have linked. Quoting the workarounds given in #Ryan Yuan's answer here.
Using external services to run dbt jobs, e.g. Cloud Run.
Using Composer's KubernetesPodOperator(updated Composer 2 link). My colleague has put up a nice article on dbt discourse here going through the setup process.
Ignoring Composer's Dependency conflicts by setting Composer's environmental variable IGNORE_PYPI_DEPENDENCY_CONFLICTS to True.
However, I don't recommend this as it may cause potential issues.
Creating a Python virtual environment in Composer and install the dbt packages.
As mentioned by #Kabilan Mohanraj, the current version of dbt (1.0.4) and a more recent version of Composer has dependency issues (Composer version 2.0.9 and Airflow version 2.1.4). Therefore an alternative solution is needed. In my case, I played around and searched for a solution from other people in the community and found one person using a certain version of Composer and dbt that only had mimimal dependency issues. However, as mentioned by #Kabilan Mohanraj, Google does not recommend downgrading preinstalled packages, so this would not be a viable solution for something in production.
create composer through gcloud to use an older version that is not available via the Composer UI
gcloud composer environments create my_airflow_dbt_example
--location us-central1
--image-version composer-1.17.9-airflow-2.1.4
requirements
dbt-bigquery==0.21.0
jsonschema==3.1.1
packaging==20.9
For this specific composer version, you are downgrading jsonschema from 3.2.0 to 3.1.1 and packaging from 21.3 to 20.9

How to obtain WSO2 docker-compose distribution from a previous release

When you are going to download a distribution of WSO2 product, for the lastest release is possible to download different distributions (binary, msi installer, docker, docker-compose, helm, kubernetes, etc.) but when you try to do it from a previous release, there is only binary and OS's installers (ubuntu, mac, windows, etc).
But I would like to download, for instance docker-compose distribution for the previous version.
How then can it be possible to do?
This images show it clearly:
You can get these artifacts from the docker-apim repo. https://github.com/wso2/docker-apim/tree/v3.1.0.3
I have checked that the URL generated for the latest version can be modified and can be selected other previous versions. For instance, for downloading AM version 3.1.0, previous to the latest release (v 3.2.0), can be downloaded for docker compose in this manner:
http://product-dist.wso2.com/downloads/api-manager/3.1.0/instruction-pages/subscription/docker-compose/docker-apim-3.1.0.zip
WSO2 should leave available all these links explicitly referred to in the previous versions.

Using newer version of nodejs in a ruby project with cloud foundary

My project is using the latest ruby-buildpack which currently loads nodejs 6.14.4. I'd like to use a more current version of nodejs. What's the best way to get it exposed to the application? Does multi-buildpacks solve this problem, and if so, do I list the nodejs buildpack before or after the ruby buildpack in the manifest file? Or, would it be better to package a custom buildpack?
What's the best way to get it exposed to the application? Does multi-buildpacks solve this problem,
I think multi-buildpacks should work for you. You can put Nodejs as a supply buildpack which would tell it to install Node.js, whatever version you want. Then the Ruby buildpack would run and Node.js should be available on the path while it runs so you can use it to do whatever you want.
and if so, do I list the nodejs buildpack before or after the ruby buildpack in the manifest file
The last buildpack should be the buildpack which supplies the command to start your app. Only the final buildpack is allowed to pick the command which starts your app. Other buildpacks, called supply buildpacks, only contribute/install dependencies.
It sounds like that should be the Ruby buildpack in your case.
Or, would it be better to package a custom buildpack?
I'd strongly advise against this. Forking and maintaining a buildpack is a lot of work. Let other people do this work for you and you'll be a lot happier :)

How to choose the right version of Google Cloud library components in python?

I have a specific version of google-cloud-core in my server and I don’t know how to choose the other libraries in a way to make them suit with my google cloud core version.
I can’t just move to the latest versions because old programs cannot run into new versions for example BigQuery library.
My specific need is to know « how to know » which version of Google Cloud Storage should I choose according to the 0.26.0 core version.
Is there some repositories where we can find packages grouped by google-cloud-core versions?
In my case the version 1.6 of google-cloud-storage works but I found it just by downgrade and try again method !
Best regards
What you can do as a workaround is create a virtual environment, install a specific library - like google-cloud-storage - and check the dependencies installed with that library version. I made a quick test and installed a few versions of google-cloud-storage. For version 1.3.0, the google-cloud-core 0.26.0 dependency was installed.
You can do so by following these steps:
virtualenv env-name
source env-name/bin/activate
pip freeze (to check there is nothing there)
pip install google-cloud-storage==1.3.0
pip freeze (again)
Once finished you’ll see google-cloud-core 0.26.0 was installed.

Not able to install feature pack for web services WAS 6.1

I tried creating the Webservices on my RAD 7.5 with WAS 6.1 but it says that the feature pack for Webservices JAX-WS is not available.
When i tried installing the feature pack by using the Modify option from IBM Installation manager it's asking me some type of repository.
""A repository used for installation is unavailable. To continue, make the repository available"
Specify the repository for package for IBM Websphere Application Server 6.1 (32 bit) Test environment 6.1.0.47. Alternatively you can specify a repository location and browse for a repository location
I am not sure what repository location needs to be provided here.
You can try to install it manually as listed in link below :
http://docs.myeclipseide.com/index.jsp?topic=%2Fcom.genuitec.eclipse.blue.doc%2Fhtml%2Ftutorials%2Fblue_install_websphere6.1%2Findex.html
The profiles have to be recreated based on WebServices Templates as existing profiles cannot use the Feature pack. Also WAS v7.x has this feature specs post GA.
NOTE : You will have to install WebServices Base code on WAS first, then PK53084 (using Update Installer) and then fixpack for WebServices matching WAS fixpack ( using Update installer).
The only down side is that you would have to use Update installer to apply updates to WAS and WebServices code. IM cannot be used to apply updates to test environment.