Update Dockerfile to fix CVE(s) v3.3.8

Author: gockle

CHANGELOG.md

@@ -6,7 +6,14 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
 and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
 
 
-## [3.3.7] - 2025-05-12
+## [3.3.8] - 2025-05-22
+
+### Security
+
+- Update sqllite-libs to fix [CVE](https://alas.aws.amazon.com/cve/json/v1/CVE-2022-46908.json)
+- Update setuptools to fix [CVE](https://www.cve.org/CVERecord?id=CVE-2025-47273)
+
+## [3.3.7] - 2025-05-06
 
 ### Security
 
@@ -21,8 +28,7 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
 
 ### Changes
 
-- Updating lambda runtimes to use node-20.
-- Updated Dockerfile results in an [image of size 424 MB instead of the earlier 2.2 GB](https://gallery.ecr.aws/aws-solutions/distributed-load-testing-on-aws-load-tester), this results in improved test start times, depending on the task count, a 500 task count tests starts 40% faster than the previous version of the solution.
+- Updating lambda runtimes to use node-20
 
 ## [3.3.5] - 2025-03-17
 

README.md

@@ -91,7 +91,7 @@ export BUCKET_NAME=$BUCKET_PREFIX-$REGION # full bucket name where the code will
 export SOLUTION_NAME=my-solution-name
 export VERSION=my-version # version number for the customized code
 export PUBLIC_ECR_REGISTRY=public.ecr.aws/aws-solutions # replace with the container registry and image if you want to use a different container image
-export PUBLIC_ECR_TAG=v3.3.7 # replace with the container image tag if you want to use a different container image
+export PUBLIC_ECR_TAG=v3.3.8 # replace with the container image tag if you want to use a different container image
 ```
 
 - Build the distributable.

VERSION.txt

@@ -1 +1 @@
-3.3.7
+3.3.8

deployment/ecr/distributed-load-testing-on-aws-load-tester/Dockerfile

@@ -8,10 +8,11 @@ ENV PIP_INSTALL="pip3.11 install --no-cache-dir"
 
 
 # install bzt
-RUN $PIP_INSTALL --upgrade bzt awscli setuptools==70.0.0 h11
+RUN $PIP_INSTALL --upgrade bzt awscli setuptools==78.1.1 h11 && \
+    $PIP_INSTALL --upgrade bzt
 
 # install bzt tools
-RUN bzt -install-tools -o modules.install-checker.exclude=selenium,gatling,tsung,siege,ab,k6,external-results-loader,locust,junit,testng,rspec,mocha,nunit,xunit,wdio
+RUN bzt -install-tools -o modules.install-checker.exclude=selenium,gatling,tsung,siege,ab,k6,external-results-loader,locust,junit,testng,rspec,mocha,nunit,xunit,wdio,robot,newman
 RUN rm -rf /root/.bzt/selenium-taurus
 RUN mkdir /bzt-configs /tmp/artifacts
 ADD ./load-test.sh /bzt-configs/

source/api-services/package-lock.json

@@ -1,6 +1,6 @@
 {
   "name": "api-services",
-  "version": "3.3.7",
+  "version": "3.3.8",
   "description": "REST API micro services",
   "repository": {
     "type": "git",

source/api-services/package.json

@@ -1,6 +1,6 @@
 {
   "name": "distributed-load-testing-on-aws-ui",
-  "version": "3.3.7",
+  "version": "3.3.8",
   "private": true,
   "license": "Apache-2.0",
   "author": {

source/console/package-lock.json

@@ -1,6 +1,6 @@
 {
   "name": "custom-resource",
-  "version": "3.3.7",
+  "version": "3.3.8",
   "description": "cfn custom resources for distributed load testing on AWS workflow",
   "repository": {
     "type": "git",