Upgrade to Python 3
What does this MR do?
- Installs
Python3
on the DAST Docker image, and ensures that it is the system default. - Upgrades
pip
to use Python3. - Installed
pip
dependencies from therequirements.txt
file. Previously, the file was unused and incorrect.
Why is this important?
- We currently run tests on Python 3.6, but use Python 2.7 on the image when running the analyzer. This creates unnecessary risk.
- Python 2.7 is due to be deprecated on the 1st of January 2020.
Considerations
- If this is to be considered a breaking change, then we should not release this until a new version of GitLab is released (13.0).
- I haven't considered it a breaking change, because functionality should not have changed from a user perspective.
- Note that the order of keys outputted in the
gl-dast-report.json
has changed. Our clients should not depend on the order, and neither do we, hence I haven't considered this a breaking change. - @gitlab-org/secure/dynamic-analysis-be please note you will need to have Python3 installed on your local machine for development.
Edited by Cameron Swords