We evaluated changing our base image from Alpine Linux in issue #13694 in order to enhance our Python support, specifically enabling manylinux2010. We have decided to switch to Debian slim in order to make the scanner support more Python projects. You can follow the work in progress in issue #196833.
When will this happen?
Starting with the release of GitLab 12.9 on March 22, 2020 you will no longer get an Alpine-based image for Python dependency scanning. This will impact you even if you are running an older release.
What does this mean for you?
Because the base image will no longer be Alpine, you may need to make modifications if you use Alpine-specific commands such as
apk add xyz:
- Right before the scan (only if docker-in-docker is disabled) or
- When building a variant of the official Docker image
Actions you need to take if you are using Alpine-specific commands
- If you regularly build your own Docker image on top of gemnasium-python:2, and rely on CI variables like
DS_ANALYZER_IMAGES, this will break the next time you try to build the image on top of
gemnasium-python:2. It won't break at run-time though. You can build your image on top of
gemnasium-python:2.6.0to work around that.
- If you have disabled Docker in Docker, and you've set the
gemnasium-python-dependency_scanningjob definition, this will break at run-time when executing the job, unless you override the job definition to explicitly use a
gemnasium-pythonimage that was built before switching to Debian, like