From 0f039a2afc0f71fc60c43802749ccbcf4783eb9c Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?R=C3=A9gis=20Behmo?= Date: Thu, 17 Oct 2024 08:35:13 +0200 Subject: [PATCH 1/6] docs: *.local.edly.io -> *.local.openedx.io The default URL to run a local platform switched from local.edly.io to local.openedx.io. This changes makes it clearer for everyone that Tutor is to run Open edX. See: https://github.com/overhangio/tutor/issues/1120 --- README.rst | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/README.rst b/README.rst index 220d9a1..99ce805 100644 --- a/README.rst +++ b/README.rst @@ -38,7 +38,7 @@ For Copying programs that user make in `Discovery plugin ``) in production. In order to run commands from the UI login with an admin user at: http://credentials.local.edly.io/admin/. User should be able to authenticate with the same username and password that he used for his lms. +The credentials user interface will be available at http://credentials.local.openedx.io for a local instance, and at ``CREDENTIALS_HOST`` (by default: ``http(s)://credentials.``) in production. In order to run commands from the UI login with an admin user at: http://credentials.local.openedx.io/admin/. User should be able to authenticate with the same username and password that he used for his lms. User can also create superuser for credentials using the below command :: @@ -91,7 +91,7 @@ Application Third party authentication Learner Record UI configuration ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -The Learner Record is configurable dynamically via runtime configuration. To change any of the variables below, go to your LMS's Django admin Site Configuration page (for instance, http://local.edly.io/admin/site_configuration/siteconfiguration/) and add or modify corresponding JSON dict entries in the appropriate site: +The Learner Record is configurable dynamically via runtime configuration. To change any of the variables below, go to your LMS's Django admin Site Configuration page (for instance, http://local.openedx.io/admin/site_configuration/siteconfiguration/) and add or modify corresponding JSON dict entries in the appropriate site: - ``SUPPORT_URL_LEARNER_RECORDS`` (default: ``""``): the URL the learner is taken to when clicking the "read more in our records help area" link. From 19140cc7d7395107c4e7bda4490c0db06ca4cfe8 Mon Sep 17 00:00:00 2001 From: Muhammad Faraz Maqsood Date: Thu, 10 Oct 2024 18:19:46 +0500 Subject: [PATCH 2/6] chore: revert change that skip arm64 image build - As didkit issue is resolved in latest version which is being used in upstream credential repo. So, reverting this change. for context, see this comment: https://github.com/overhangio/tutor-credentials/issues/34#issuecomment-2291001545 --- .gitlab-ci.yml | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml index 5808620..bc0bbb5 100644 --- a/.gitlab-ci.yml +++ b/.gitlab-ci.yml @@ -3,8 +3,7 @@ variables: TUTOR_IMAGES: credentials TUTOR_PYPI_PACKAGE: tutor-credentials GITHUB_REPO: overhangio/tutor-credentials - TUTOR_EXTRA_ENABLED_PLUGINS: discovery mfe - IMAGES_BUILD_PLATFORM: "linux/amd64" + TUTOR_EXTRA_ENABLED_PLUGINS: discovery mfe include: - project: 'community/tutor-ci' From c72ffd819a73bca8c68490649307c4f0f68ba41a Mon Sep 17 00:00:00 2001 From: Muhammad Faraz Maqsood Date: Thu, 17 Oct 2024 15:43:24 +0500 Subject: [PATCH 3/6] feat: ubuntu upgrade to 24.04 - Update Credentials Image to use Ubuntu `24.04` as base OS. - Change `APP_USER_ID` to 1001 as UID 1000 is now shipped by default. - Add `mime-support` alternatives that are `media-types mailcap`. - Update `python-openssl` to `python3-openssl`. - add changelog entry. --- ...010_175810_faraz.maqsood_ubuntu_upgrade.md | 3 ++ .../credentials/build/credentials/Dockerfile | 38 +++++++++++-------- 2 files changed, 26 insertions(+), 15 deletions(-) create mode 100644 changelog.d/20241010_175810_faraz.maqsood_ubuntu_upgrade.md diff --git a/changelog.d/20241010_175810_faraz.maqsood_ubuntu_upgrade.md b/changelog.d/20241010_175810_faraz.maqsood_ubuntu_upgrade.md new file mode 100644 index 0000000..3c522cc --- /dev/null +++ b/changelog.d/20241010_175810_faraz.maqsood_ubuntu_upgrade.md @@ -0,0 +1,3 @@ +- 💥[Feature] Update Credentials Image to use Ubuntu `24.04` as base OS. (by @Faraz32123) + - Add `mime-support` alternatives that are `media-types mailcap`. + - Update `python-openssl` to `python3-openssl`. \ No newline at end of file diff --git a/tutorcredentials/templates/credentials/build/credentials/Dockerfile b/tutorcredentials/templates/credentials/build/credentials/Dockerfile index d5f5557..6612e4a 100644 --- a/tutorcredentials/templates/credentials/build/credentials/Dockerfile +++ b/tutorcredentials/templates/credentials/build/credentials/Dockerfile @@ -1,8 +1,12 @@ # syntax=docker/dockerfile:1 ###### Minimal image with base system requirements for most stages -FROM docker.io/ubuntu:20.04 AS minimal +FROM docker.io/ubuntu:24.04 AS minimal ENV DEBIAN_FRONTEND=noninteractive + +# Delete default UID=1000 `ubuntu` user to ensure we can use id 1000 for app user +RUN userdel -r ubuntu + RUN --mount=type=cache,target=/var/cache/apt,sharing=locked \ --mount=type=cache,target=/var/lib/apt,sharing=locked \ apt update && \ @@ -11,7 +15,6 @@ RUN --mount=type=cache,target=/var/cache/apt,sharing=locked \ ENV LC_ALL=en_US.UTF-8 {{ patch("credentials-dockerfile-minimal") }} - ###### Install python with pyenv in /opt/pyenv and create virtualenv in /openedx/venv FROM minimal AS python # https://github.com/pyenv/pyenv/wiki/Common-build-problems#prerequisites @@ -19,7 +22,7 @@ RUN --mount=type=cache,target=/var/cache/apt,sharing=locked \ --mount=type=cache,target=/var/lib/apt,sharing=locked apt update && \ apt install -y libssl-dev zlib1g-dev libbz2-dev \ libreadline-dev libsqlite3-dev wget curl llvm libncurses5-dev libncursesw5-dev \ - xz-utils tk-dev libffi-dev liblzma-dev python-openssl git + xz-utils tk-dev libffi-dev liblzma-dev python3-openssl git # Install pyenv # https://www.python.org/downloads/ @@ -36,6 +39,9 @@ RUN $PYENV_ROOT/versions/$PYTHON_VERSION/bin/python -m venv /openedx/venv ###### Checkout credentials FROM minimal AS code +# Below warnings will occurr due to the variable name(have word "credentials" in it). +# - SecretsUsedInArgOrEnv: Do not use ARG or ENV instructions for sensitive data (ARG "CREDENTIALS_REPOSITORY") (line 41) +# - SecretsUsedInArgOrEnv: Do not use ARG or ENV instructions for sensitive data (ARG "CREDENTIALS_VERSION") (line 42) ARG CREDENTIALS_REPOSITORY="{{ CREDENTIALS_REPOSITORY }}" ARG CREDENTIALS_VERSION="{{ CREDENTIALS_REPOSITORY_VERSION }}" RUN mkdir -p /openedx/credentials && \ @@ -102,7 +108,7 @@ FROM minimal AS production # Install system requirements RUN --mount=type=cache,target=/var/cache/apt,sharing=locked \ --mount=type=cache,target=/var/lib/apt,sharing=locked apt update \ - && apt install -y libxml2 libmysqlclient-dev mime-support + && apt install -y libxml2 libmysqlclient-dev media-types mailcap # From then on, run as unprivileged "app" user ARG APP_USER_ID=1000 @@ -110,7 +116,7 @@ RUN if [ "$APP_USER_ID" = 0 ]; then echo "app user may not be root" && false; fi RUN useradd --home-dir /openedx --create-home --shell /bin/bash --uid ${APP_USER_ID} app USER ${APP_USER_ID} -# change file ownership to the new app user +# Change file ownership to the new app user COPY --chown=app:app --from=code /openedx/credentials /openedx/credentials COPY --chown=app:app --from=python /opt/pyenv /opt/pyenv COPY --chown=app:app --from=python-requirements /openedx/venv /openedx/venv @@ -129,6 +135,8 @@ RUN python manage.py compilemessages # Setup minimal yml config file, which is required by production settings RUN echo "{}" > /openedx/config.yml +# Below warning will occurr due to the variable name(have word "credentials" in it). +# - SecretsUsedInArgOrEnv: Do not use ARG or ENV instructions for sensitive data (ENV "CREDENTIALS_CFG") (line 136) ENV CREDENTIALS_CFG=/openedx/config.yml {{ patch("credentials-dockerfile-pre-assets") }} @@ -152,13 +160,13 @@ EXPOSE 8000 ###### Final image with production cmd FROM production AS final -CMD uwsgi \ - --static-map /static=/openedx/credentials/credentials/assets \ - --static-map /media=/openedx/credentials/credentials/media \ - --http 0.0.0.0:8000 \ - --thunder-lock \ - --single-interpreter \ - --enable-threads \ - --processes=${UWSGI_WORKERS:-2} \ - --buffer-size=8192 \ - --wsgi-file credentials/wsgi.py +CMD ["uwsgi", \ + "--static-map", "/static=/openedx/credentials/credentials/assets", \ + "--static-map", "/media=/openedx/credentials/credentials/media", \ + "--http", "0.0.0.0:8000", \ + "--thunder-lock", \ + "--single-interpreter", \ + "--enable-threads", \ + "--processes=${UWSGI_WORKERS:-2}", \ + "--buffer-size=8192", \ + "--wsgi-file", "credentials/wsgi.py"] From 4c559d53822e1910ab7ad6af5dfc93acab04ea3f Mon Sep 17 00:00:00 2001 From: Muhammad Faraz Maqsood Date: Tue, 22 Oct 2024 19:50:44 +0500 Subject: [PATCH 4/6] fix: uwsgi workers not starting properly --- ..._194734_faraz.maqsood_uwsgi_workers_not_starting_properly.md | 1 + .../templates/credentials/build/credentials/Dockerfile | 2 +- 2 files changed, 2 insertions(+), 1 deletion(-) create mode 100644 changelog.d/20241022_194734_faraz.maqsood_uwsgi_workers_not_starting_properly.md diff --git a/changelog.d/20241022_194734_faraz.maqsood_uwsgi_workers_not_starting_properly.md b/changelog.d/20241022_194734_faraz.maqsood_uwsgi_workers_not_starting_properly.md new file mode 100644 index 0000000..c5101ae --- /dev/null +++ b/changelog.d/20241022_194734_faraz.maqsood_uwsgi_workers_not_starting_properly.md @@ -0,0 +1 @@ +- [BugFix] Uwsgi workers wasn't starting properly using `UWSGI_WORKERS` flag, passing the value directly fixes the issue. (by @Faraz32123) diff --git a/tutorcredentials/templates/credentials/build/credentials/Dockerfile b/tutorcredentials/templates/credentials/build/credentials/Dockerfile index 6612e4a..4e47ac9 100644 --- a/tutorcredentials/templates/credentials/build/credentials/Dockerfile +++ b/tutorcredentials/templates/credentials/build/credentials/Dockerfile @@ -167,6 +167,6 @@ CMD ["uwsgi", \ "--thunder-lock", \ "--single-interpreter", \ "--enable-threads", \ - "--processes=${UWSGI_WORKERS:-2}", \ + "--processes=2", \ "--buffer-size=8192", \ "--wsgi-file", "credentials/wsgi.py"] From ab3797934907a2e6273eeacb823d108a38319639 Mon Sep 17 00:00:00 2001 From: Muhammad Faraz Maqsood Date: Thu, 24 Oct 2024 20:35:44 +0500 Subject: [PATCH 5/6] v19.0.0 upgrade to sumac --- CHANGELOG.md | 11 +++++++++++ changelog.d/20240621_170044_regis.md | 1 - .../20241010_175810_faraz.maqsood_ubuntu_upgrade.md | 3 --- ...raz.maqsood_uwsgi_workers_not_starting_properly.md | 1 - setup.py | 4 ++-- tutorcredentials/__about__.py | 2 +- .../credentials/build/credentials/Dockerfile | 4 ++-- 7 files changed, 16 insertions(+), 10 deletions(-) delete mode 100644 changelog.d/20240621_170044_regis.md delete mode 100644 changelog.d/20241010_175810_faraz.maqsood_ubuntu_upgrade.md delete mode 100644 changelog.d/20241022_194734_faraz.maqsood_uwsgi_workers_not_starting_properly.md diff --git a/CHANGELOG.md b/CHANGELOG.md index d3e1f9e..2538528 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -19,6 +19,17 @@ instructions, because git commits are used to generate release notes: + +## v19.0.0 (2024-10-23) + +- 💥[Feature] Upgrade to Sumac. (by @Faraz32123) +- [BugFix] Uwsgi workers wasn't starting properly using `UWSGI_WORKERS` flag, passing the value directly fixes the issue. (by @Faraz32123) +- 💥[Feature] Update Credentials Image to use Ubuntu `24.04` as base OS. (by @Faraz32123) + - Add `mime-support` alternatives that are `media-types mailcap`. + - Update `python-openssl` to `python3-openssl`. +- [Bugfix] Fix legacy warnings during Docker build. (by @regisb) + + ## v18.0.0 (2024-06-07) diff --git a/changelog.d/20240621_170044_regis.md b/changelog.d/20240621_170044_regis.md deleted file mode 100644 index d7d2eb7..0000000 --- a/changelog.d/20240621_170044_regis.md +++ /dev/null @@ -1 +0,0 @@ -- [Bugfix] Fix legacy warnings during Docker build. (by @regisb) diff --git a/changelog.d/20241010_175810_faraz.maqsood_ubuntu_upgrade.md b/changelog.d/20241010_175810_faraz.maqsood_ubuntu_upgrade.md deleted file mode 100644 index 3c522cc..0000000 --- a/changelog.d/20241010_175810_faraz.maqsood_ubuntu_upgrade.md +++ /dev/null @@ -1,3 +0,0 @@ -- 💥[Feature] Update Credentials Image to use Ubuntu `24.04` as base OS. (by @Faraz32123) - - Add `mime-support` alternatives that are `media-types mailcap`. - - Update `python-openssl` to `python3-openssl`. \ No newline at end of file diff --git a/changelog.d/20241022_194734_faraz.maqsood_uwsgi_workers_not_starting_properly.md b/changelog.d/20241022_194734_faraz.maqsood_uwsgi_workers_not_starting_properly.md deleted file mode 100644 index c5101ae..0000000 --- a/changelog.d/20241022_194734_faraz.maqsood_uwsgi_workers_not_starting_properly.md +++ /dev/null @@ -1 +0,0 @@ -- [BugFix] Uwsgi workers wasn't starting properly using `UWSGI_WORKERS` flag, passing the value directly fixes the issue. (by @Faraz32123) diff --git a/setup.py b/setup.py index 4522042..9136d05 100644 --- a/setup.py +++ b/setup.py @@ -44,8 +44,8 @@ def load_about(): packages=find_packages(exclude=["tests*"]), include_package_data=True, python_requires=">=3.9", - install_requires=["tutor>=18.0.0,<19.0.0", "tutor-discovery>=18.0.0,<19.0.0", "tutor-mfe>=18.0.0,<19.0.0"], - extras_require={"dev": ["tutor[dev]>=18.0.0,<19.0.0"]}, + install_requires=["tutor>=19.0.0,<20.0.0", "tutor-discovery>=19.0.0,<20.0.0", "tutor-mfe>=19.0.0,<20.0.0"], + extras_require={"dev": ["tutor[dev]>=19.0.0,<20.0.0"]}, entry_points={"tutor.plugin.v1": ["credentials = tutorcredentials.plugin"]}, classifiers=[ "Development Status :: 5 - Production/Stable", diff --git a/tutorcredentials/__about__.py b/tutorcredentials/__about__.py index c6a8b8e..0122a6f 100644 --- a/tutorcredentials/__about__.py +++ b/tutorcredentials/__about__.py @@ -1 +1 @@ -__version__ = "18.0.0" +__version__ = "19.0.0" diff --git a/tutorcredentials/templates/credentials/build/credentials/Dockerfile b/tutorcredentials/templates/credentials/build/credentials/Dockerfile index 4e47ac9..10338c1 100644 --- a/tutorcredentials/templates/credentials/build/credentials/Dockerfile +++ b/tutorcredentials/templates/credentials/build/credentials/Dockerfile @@ -70,7 +70,7 @@ RUN --mount=type=cache,target=/openedx/.cache/pip,sharing=shared pip install \ # https://pypi.org/project/setuptools/ # https://pypi.org/project/pip/ # https://pypi.org/project/wheel/ - setuptools==69.1.1 pip==24.0 wheel==0.43.0 + setuptools==75.1.0 pip==24.2 wheel==0.44.0 # Install base requirements RUN --mount=type=cache,target=/openedx/.cache/pip,sharing=shared pip install -r requirements/production.txt @@ -80,7 +80,7 @@ RUN --mount=type=cache,target=/openedx/.cache/pip,sharing=shared pip install \ # Use redis as a django cache https://pypi.org/project/django-redis/ django-redis==5.4.0 \ # uwsgi server https://pypi.org/project/uWSGI/ - uwsgi==2.0.24 + uwsgi==2.0.27 {{ patch("credentials-dockerfile-post-python-requirements") }} From 7fa4801fc888a051bc166f9d9fa632254088c488 Mon Sep 17 00:00:00 2001 From: Syed Muhammad Dawoud Sheraz Ali Date: Mon, 9 Dec 2024 18:58:40 +0500 Subject: [PATCH 6/6] chore: update changelog --- CHANGELOG.md | 4 ++++ .../20241111_171418_faraz.maqsood_remove_py38_references.md | 1 - changelog.d/20241119_124240_dawoud.sheraz_branch_rename.md | 3 --- 3 files changed, 4 insertions(+), 4 deletions(-) delete mode 100644 changelog.d/20241111_171418_faraz.maqsood_remove_py38_references.md delete mode 100644 changelog.d/20241119_124240_dawoud.sheraz_branch_rename.md diff --git a/CHANGELOG.md b/CHANGELOG.md index 2538528..6406e10 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -22,6 +22,10 @@ instructions, because git commits are used to generate release notes: ## v19.0.0 (2024-10-23) +- 💥 [Deprecation] Drop support for python 3.8 and set Python 3.9 as the minimum supported python version. (by @Faraz32123) +- 💥[Improvement] Rename Tutor's two branches (by @DawoudSheraz): + * Rename **master** to **release**, as this branch runs the latest official Open edX release tag. + * Rename **nightly** to **main**, as this branch runs the Open edX master branches, which are the basis for the next Open edX release. - 💥[Feature] Upgrade to Sumac. (by @Faraz32123) - [BugFix] Uwsgi workers wasn't starting properly using `UWSGI_WORKERS` flag, passing the value directly fixes the issue. (by @Faraz32123) - 💥[Feature] Update Credentials Image to use Ubuntu `24.04` as base OS. (by @Faraz32123) diff --git a/changelog.d/20241111_171418_faraz.maqsood_remove_py38_references.md b/changelog.d/20241111_171418_faraz.maqsood_remove_py38_references.md deleted file mode 100644 index 8b70c7b..0000000 --- a/changelog.d/20241111_171418_faraz.maqsood_remove_py38_references.md +++ /dev/null @@ -1 +0,0 @@ -- 💥 [Deprecation] Drop support for python 3.8 and set Python 3.9 as the minimum supported python version. (by @Faraz32123) diff --git a/changelog.d/20241119_124240_dawoud.sheraz_branch_rename.md b/changelog.d/20241119_124240_dawoud.sheraz_branch_rename.md deleted file mode 100644 index fb6e264..0000000 --- a/changelog.d/20241119_124240_dawoud.sheraz_branch_rename.md +++ /dev/null @@ -1,3 +0,0 @@ -- 💥[Improvement] Rename Tutor's two branches (by @DawoudSheraz): - * Rename **master** to **release**, as this branch runs the latest official Open edX release tag. - * Rename **nightly** to **main**, as this branch runs the Open edX master branches, which are the basis for the next Open edX release. \ No newline at end of file