* Update PyInstaller spec to set the u (unbuffered) flag
* [autofix.ci] apply automated fixes
---------
Co-authored-by: autofix-ci[bot] <114827586+autofix-ci[bot]@users.noreply.github.com>
Bumps the github-actions group with 3 updates:
[install-pinned/ruff](https://github.com/install-pinned/ruff),
[apple-actions/import-codesign-certs](https://github.com/apple-actions/import-codesign-certs)
and
[docker/setup-buildx-action](https://github.com/docker/setup-buildx-action).
Updates `install-pinned/ruff` from
fe472defb50a6a2c00ea3a3982534e86e69991e8 to
38b373a3a8635c2be31d92314e816a491fda910a
<details>
<summary>Commits</summary>
<ul>
<li><a
href="38b373a3a8"><code>38b373a</code></a>
update README.md (ruff 0.3.0)</li>
<li><a
href="06af3ea1c3"><code>06af3ea</code></a>
update pins (ruff 0.3.0)</li>
<li><a
href="be1c354876"><code>be1c354</code></a>
update README.md (ruff 0.2.2)</li>
<li><a
href="c9779bbd5b"><code>c9779bb</code></a>
update pins (ruff 0.2.2)</li>
<li><a
href="48831a86ce"><code>48831a8</code></a>
update README.md (ruff 0.2.1)</li>
<li><a
href="6775b5f352"><code>6775b5f</code></a>
update pins (ruff 0.2.1)</li>
<li><a
href="bc12a64c2f"><code>bc12a64</code></a>
update README.md (ruff 0.2.0)</li>
<li><a
href="3b8cceff45"><code>3b8ccef</code></a>
update pins (ruff 0.2.0)</li>
<li>See full diff in <a
href="fe472defb5...38b373a3a8">compare
view</a></li>
</ul>
</details>
<br />
Updates `apple-actions/import-codesign-certs` from
5565bb656f60c98c8fc515f3444dd8db73545dc2 to
493007ed063995cf2d4fbca064704150548f8bb5
<details>
<summary>Commits</summary>
<ul>
<li><a
href="493007ed06"><code>493007e</code></a>
Merge pull request <a
href="https://redirect.github.com/apple-actions/import-codesign-certs/issues/62">#62</a>
from himself65/patch-1</li>
<li><a
href="2e5aa07267"><code>2e5aa07</code></a>
Update README.md</li>
<li>See full diff in <a
href="5565bb656f...493007ed06">compare
view</a></li>
</ul>
</details>
<br />
Updates `docker/setup-buildx-action` from 3.0.0 to 3.1.0
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/docker/setup-buildx-action/releases">docker/setup-buildx-action's
releases</a>.</em></p>
<blockquote>
<h2>v3.1.0</h2>
<ul>
<li><code>cache-binary</code> input to enable/disable caching binary to
GHA cache backend by <a
href="https://github.com/crazy-max"><code>@crazy-max</code></a> in <a
href="https://redirect.github.com/docker/setup-buildx-action/pull/300">docker/setup-buildx-action#300</a></li>
<li>build(deps): bump <code>@babel/traverse</code> from 7.17.3 to
7.23.2 in <a
href="https://redirect.github.com/docker/setup-buildx-action/pull/282">docker/setup-buildx-action#282</a></li>
<li>build(deps): bump <code>@docker/actions-toolkit</code> from 0.12.0
to 0.17.0 in <a
href="https://redirect.github.com/docker/setup-buildx-action/pull/281">docker/setup-buildx-action#281</a>
<a
href="https://redirect.github.com/docker/setup-buildx-action/pull/284">docker/setup-buildx-action#284</a>
<a
href="https://redirect.github.com/docker/setup-buildx-action/pull/299">docker/setup-buildx-action#299</a></li>
<li>build(deps): bump uuid from 9.0.0 to 9.0.1 in <a
href="https://redirect.github.com/docker/setup-buildx-action/pull/271">docker/setup-buildx-action#271</a></li>
<li>build(deps): bump undici from 5.26.3 to 5.28.3 in <a
href="https://redirect.github.com/docker/setup-buildx-action/pull/297">docker/setup-buildx-action#297</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/docker/setup-buildx-action/compare/v3.0.0...v3.1.0">https://github.com/docker/setup-buildx-action/compare/v3.0.0...v3.1.0</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="0d103c3126"><code>0d103c3</code></a>
Merge pull request <a
href="https://redirect.github.com/docker/setup-buildx-action/issues/300">#300</a>
from crazy-max/cache-binary</li>
<li><a
href="f19477aacd"><code>f19477a</code></a>
chore: update generated content</li>
<li><a
href="a4180f835d"><code>a4180f8</code></a>
cache-binary input to enable/disable caching binary to GHA cache
backend</li>
<li><a
href="524315340d"><code>5243153</code></a>
Merge pull request <a
href="https://redirect.github.com/docker/setup-buildx-action/issues/299">#299</a>
from docker/dependabot/npm_and_yarn/docker/actions-to...</li>
<li><a
href="3679a54023"><code>3679a54</code></a>
chore: update generated content</li>
<li><a
href="37a22a2fb2"><code>37a22a2</code></a>
build(deps): bump <code>@docker/actions-toolkit</code> from 0.14.0 to
0.17.0</li>
<li><a
href="65afe610a1"><code>65afe61</code></a>
Merge pull request <a
href="https://redirect.github.com/docker/setup-buildx-action/issues/297">#297</a>
from docker/dependabot/npm_and_yarn/undici-5.28.3</li>
<li><a
href="fcb8f722fd"><code>fcb8f72</code></a>
chore: update generated content</li>
<li><a
href="f62b9a17c0"><code>f62b9a1</code></a>
Merge pull request <a
href="https://redirect.github.com/docker/setup-buildx-action/issues/298">#298</a>
from crazy-max/bump-gha</li>
<li><a
href="74c5b717e5"><code>74c5b71</code></a>
bump codecov/codecov-action from 3 to 4</li>
<li>Additional commits viewable in <a
href="f95db51fdd...0d103c3126">compare
view</a></li>
</ul>
</details>
<br />
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore <dependency name> major version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's major version (unless you unignore this specific
dependency's major version or upgrade to it yourself)
- `@dependabot ignore <dependency name> minor version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's minor version (unless you unignore this specific
dependency's minor version or upgrade to it yourself)
- `@dependabot ignore <dependency name>` will close this group update PR
and stop Dependabot creating any more for the specific dependency
(unless you unignore this specific dependency or upgrade to it yourself)
- `@dependabot unignore <dependency name>` will remove all of the ignore
conditions of the specified dependency
- `@dependabot unignore <dependency name> <ignore condition>` will
remove the ignore condition of the specified dependency and ignore
conditions
</details>
---------
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: autofix-ci[bot] <114827586+autofix-ci[bot]@users.noreply.github.com>
* DockerHub-README.md: reword ambiguous command
Being unfamiliar with the docker options, I thought the square brackets could be part of the command.
Instead, they refer to the sentence *after* the command, that is, they meant "optionally".
To remove the ambiguity, I put into onto different lines with an explanation.
* DockerHub-README.md: reword again, -v by default
- only leave the command with -v as an example
- grammar
- httpS link
Current docker-entrypoint.sh [0][1] runs
gosu mitmproxy "$@"
for mitmproxy, mitmdump and mitmweb. There is a problem with this
approach: bash becomes a parent process for mitmproxy [2][3], but when
signals are sent by docker-compose to mitmproxy container they are sent
to bash, but they are not delivered to mitmproxy [4]. This leads to a
slow shutdown of the container, because by default docker sends SIGTERM,
waits for 10 seconds and then sends SIGKILL if the container is still
alive [5].
This patch solves the issue by replacing bash process with mitmproxy
entirely using "exec" - this way the signals are delivered to mitmproxy
directly.
To test the patch a Dockerfile [6] that applies the patch to the release
image from the dockerhub could be used along with slighly modified
compose.yml [7]. With the patch bash is no longer running inside the
container [8] and the `docker compose down` time on my machine drops
from 10.3s to 0.5s [9].
0. https://github.com/mitmproxy/mitmproxy/blob/main/release/docker/docker-entrypoint.sh
1. To confirm that this is what's actually in the image:
```
> docker run mitmproxy/mitmproxy grep gosu /usr/local/bin/docker-entrypoint.sh
gosu mitmproxy "$@"
```
2. compose.yaml
```
services:
mitmproxy-test:
image: mitmproxy/mitmproxy
command: ["mitmweb"]
# https://github.com/mitmproxy/mitmproxy/issues/5727
stdin_open: true
tty: true
```
3. We can see that the parent PID for mitmweb is the pid of bash.
```
> docker compose up -d
[+] Running 2/2
⠿ Network mitmproxy_default Created 0.1s
⠿ Container mitmproxy-mitmproxy-test-1 Started 0.5s
> docker compose top
mitmproxy-mitmproxy-test-1
UID PID PPID C STIME TTY TIME CMD
root 31227 31202 0 16:12 pts/0 00:00:00 /bin/bash /usr/local/bin/docker-entrypoint.sh mitmweb
root 31314 31227 1 16:12 pts/0 00:00:01 /usr/local/bin/python /usr/local/bin/mitmweb
```
4. https://unix.stackexchange.com/a/196053
5. https://docs.docker.com/compose/faq/#why-do-my-services-take-10-seconds-to-recreate-or-stop
6. Dockerfile:
```
FROM mitmproxy/mitmproxy
RUN sed -i 's/^ gosu mitmproxy/ exec gosu mitmproxy/' /usr/local/bin/docker-entrypoint.sh
```
7. compose.yaml to build an image from Dockerfile and use it:
```
services:
mitmproxy-test:
build:
dockerfile: Dockerfile
context: .
command: ["mitmweb"]
# https://github.com/mitmproxy/mitmproxy/issues/5727
stdin_open: true
tty: true
```
8. With the patch:
```
> docker compose top
mitmproxy-mitmproxy-test-1
UID PID PPID C STIME TTY TIME CMD
root 4994 4970 50 17:00 pts/0 00:00:02 /usr/local/bin/python /usr/local/bin/mitmweb
```
9. Without the patch:
```
> docker compose down
[+] Running 2/2
⠿ Container mitmproxy-mitmproxy-test-1 Removed 10.2s
⠿ Network mitmproxy_default Removed 0.1s
```
With the patch:
```
> docker compose down
[+] Running 2/2
⠿ Container mitmproxy-mitmproxy-test-1 Removed 0.4s
⠿ Network mitmproxy_default Removed 0.1s
```
Maximilian Hils