diff --git a/.github/workflows/generate_cli_doc.yml b/.github/workflows/generate_cli_doc.yml index bc9aa6c4d..c0ae6ee7d 100644 --- a/.github/workflows/generate_cli_doc.yml +++ b/.github/workflows/generate_cli_doc.yml @@ -25,10 +25,10 @@ jobs: working-directory: ./docs-sphinx steps: - name: Check out repository 🛎️ - uses: actions/checkout@v4 + uses: actions/checkout@v3 - name: Set up Python - uses: actions/setup-python@v5 + uses: actions/setup-python@v1 with: python-version: "3.10" diff --git a/.github/workflows/release.yaml b/.github/workflows/release.yaml index 771999f51..745272cd6 100644 --- a/.github/workflows/release.yaml +++ b/.github/workflows/release.yaml @@ -12,7 +12,7 @@ jobs: id-token: write # IMPORTANT: this permission is mandatory for trusted publishing steps: - name: Set up python - uses: actions/setup-python@v5 + uses: actions/setup-python@v4 with: python-version: "3.10" @@ -20,7 +20,7 @@ jobs: run: python -m pip install --upgrade pip build - name: Checkout repository - uses: actions/checkout@v4 + uses: actions/checkout@v3 with: fetch-depth: 0 @@ -58,7 +58,7 @@ jobs: steps: - name: Set up python - uses: actions/setup-python@v5 + uses: actions/setup-python@v4 with: python-version: "3.10" @@ -66,7 +66,7 @@ jobs: run: python -m pip install --upgrade pip build - name: Checkout repository - uses: actions/checkout@v4 + uses: actions/checkout@v3 with: fetch-depth: 0 diff --git a/.github/workflows/run-precommit.yaml b/.github/workflows/run-precommit.yaml index 9592a5837..50904ae17 100644 --- a/.github/workflows/run-precommit.yaml +++ b/.github/workflows/run-precommit.yaml @@ -17,9 +17,9 @@ jobs: shell: bash -l {0} steps: - name: Checkout repository 🔔 - uses: actions/checkout@v4.1.1 + uses: actions/checkout@v3 - name: Run terraform pre-commit ⚡️ - uses: pre-commit/action@v3.0.1 + uses: pre-commit/action@v3.0.0 with: extra_args: --all-files terraform_fmt diff --git a/.github/workflows/test-provider.yaml b/.github/workflows/test-provider.yaml index 717a33248..3c0a3fa89 100644 --- a/.github/workflows/test-provider.yaml +++ b/.github/workflows/test-provider.yaml @@ -56,7 +56,7 @@ jobs: fail-fast: false steps: - name: "Checkout Infrastructure" - uses: actions/checkout@v4 + uses: actions/checkout@v3 - name: Checkout the branch from the PR that triggered the job if: ${{ github.event_name == 'issue_comment' }} @@ -65,9 +65,9 @@ jobs: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} - name: Set up Python - uses: actions/setup-python@v5 + uses: actions/setup-python@v4 with: - python-version: "3.11" + python-version: 3.8 - name: Retrieve secret from Vault uses: hashicorp/vault-action@v2.5.0 diff --git a/.github/workflows/test.yaml b/.github/workflows/test.yaml index 5e527e9aa..6a8fa4a44 100644 --- a/.github/workflows/test.yaml +++ b/.github/workflows/test.yaml @@ -32,21 +32,22 @@ jobs: strategy: matrix: python-version: + - "3.8" + - "3.9" - "3.10" - "3.11" - - "3.12" fail-fast: false concurrency: group: ${{ github.workflow }}-${{ github.head_ref || github.run_id }}-${{ matrix.python-version }} cancel-in-progress: true steps: - name: "Checkout Infrastructure" - uses: actions/checkout@v4 + uses: actions/checkout@v3 with: fetch-depth: 0 - name: Setup miniconda - uses: conda-incubator/setup-miniconda@v3 + uses: conda-incubator/setup-miniconda@v2 with: auto-update-conda: true python-version: ${{ matrix.python-version }} diff --git a/.github/workflows/test_aws_integration.yaml b/.github/workflows/test_aws_integration.yaml index 36112ccd5..fa1a2332d 100644 --- a/.github/workflows/test_aws_integration.yaml +++ b/.github/workflows/test_aws_integration.yaml @@ -43,13 +43,13 @@ jobs: contents: read steps: - name: Checkout - uses: actions/checkout@v4 + uses: actions/checkout@v3 with: ref: ${{ env.NEBARI_GH_BRANCH }} fetch-depth: 0 - name: Set up Python - uses: actions/setup-python@v5 + uses: actions/setup-python@v4 with: python-version: 3.11 diff --git a/.github/workflows/test_conda_build.yaml b/.github/workflows/test_conda_build.yaml index 2a959cdb6..e34363d9a 100644 --- a/.github/workflows/test_conda_build.yaml +++ b/.github/workflows/test_conda_build.yaml @@ -25,21 +25,21 @@ jobs: cancel-in-progress: true steps: - name: "Checkout Infrastructure" - uses: actions/checkout@v4 + uses: actions/checkout@v3 with: fetch-depth: 0 - name: Setup miniconda - uses: conda-incubator/setup-miniconda@v3 + uses: conda-incubator/setup-miniconda@v2 with: auto-update-conda: true - python-version: "3.10" + python-version: 3.8 channels: conda-forge activate-environment: nebari-dev - name: Install dependencies run: | - conda install build grayskull conda-build conda-verify + conda install build grayskull conda-build - name: Generate sdist run: | @@ -52,8 +52,3 @@ jobs: - name: Build conda package run: | conda build nebari - - - name: Test conda package - run: | - conda install --use-local nebari - nebari --version diff --git a/.github/workflows/test_do_integration.yaml b/.github/workflows/test_do_integration.yaml index dcfacf317..dbe10a302 100644 --- a/.github/workflows/test_do_integration.yaml +++ b/.github/workflows/test_do_integration.yaml @@ -42,12 +42,12 @@ jobs: pull-requests: write steps: - name: Checkout - uses: actions/checkout@v4 + uses: actions/checkout@v3 with: ref: ${{ env.NEBARI_GH_BRANCH }} fetch-depth: 0 - name: Set up Python - uses: actions/setup-python@v5 + uses: actions/setup-python@v4 with: python-version: 3.11 diff --git a/.github/workflows/test_gcp_integration.yaml b/.github/workflows/test_gcp_integration.yaml index 0418e0af4..57ef84288 100644 --- a/.github/workflows/test_gcp_integration.yaml +++ b/.github/workflows/test_gcp_integration.yaml @@ -42,13 +42,13 @@ jobs: pull-requests: write steps: - name: Checkout - uses: actions/checkout@v4 + uses: actions/checkout@v3 with: ref: ${{ env.NEBARI_GH_BRANCH }} fetch-depth: 0 - name: Set up Python - uses: actions/setup-python@v5 + uses: actions/setup-python@v4 with: python-version: 3.11 diff --git a/.github/workflows/test_helm_charts.yaml b/.github/workflows/test_helm_charts.yaml index 1d86eb92e..daf9abb6d 100644 --- a/.github/workflows/test_helm_charts.yaml +++ b/.github/workflows/test_helm_charts.yaml @@ -23,13 +23,13 @@ jobs: runs-on: ubuntu-latest steps: - name: "Checkout Infrastructure" - uses: actions/checkout@v4 + uses: actions/checkout@v3 with: fetch-depth: 0 - name: Set up Python - uses: actions/setup-python@v5 + uses: actions/setup-python@v4 with: - python-version: "3.11" + python-version: "3.8" - name: Install additional Python dependencies run: | pip install python-hcl2 diff --git a/.github/workflows/test_local_integration.yaml b/.github/workflows/test_local_integration.yaml index 67e2a7108..05dec384b 100644 --- a/.github/workflows/test_local_integration.yaml +++ b/.github/workflows/test_local_integration.yaml @@ -57,12 +57,12 @@ jobs: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} - name: Set up Python - uses: conda-incubator/setup-miniconda@v3 + uses: conda-incubator/setup-miniconda@v2 env: CONDA: /home/runnerx/miniconda3 with: auto-update-conda: true - python-version: "3.11" + python-version: 3.8 miniconda-version: "latest" - name: Install Nebari and playwright @@ -70,7 +70,7 @@ jobs: pip install .[dev] playwright install - - uses: azure/setup-kubectl@v4.0.0 + - uses: azure/setup-kubectl@v3 with: version: v1.19.16 @@ -140,9 +140,9 @@ jobs: nebari keycloak adduser --user "${TEST_USERNAME}" "${TEST_PASSWORD}" --config nebari-config.yaml nebari keycloak listusers --config nebari-config.yaml - - uses: actions/setup-node@v4 + - uses: actions/setup-node@v3 with: - node-version: 20 + node-version: 16 - name: Get nebari-config.yaml full path run: echo "NEBARI_CONFIG_PATH=`realpath ./local-deployment/nebari-config.yaml`" >> "$GITHUB_ENV" @@ -170,7 +170,7 @@ jobs: - name: Save Cypress screenshots and videos if: always() - uses: actions/upload-artifact@v4.3.1 + uses: actions/upload-artifact@v3 with: name: e2e-cypress path: | diff --git a/.github/workflows/typing.yaml b/.github/workflows/typing.yaml index de70d6948..ae3fa18b9 100644 --- a/.github/workflows/typing.yaml +++ b/.github/workflows/typing.yaml @@ -24,12 +24,12 @@ jobs: cancel-in-progress: true steps: - name: "Checkout Repository" - uses: actions/checkout@v4 + uses: actions/checkout@v3 with: fetch-depth: 0 - name: Setup Python - uses: actions/setup-python@v5 + uses: actions/setup-python@v4 with: python-version: "3.11" cache: "pip" diff --git a/README.md b/README.md index c693dfb22..1787360b8 100644 --- a/README.md +++ b/README.md @@ -79,7 +79,7 @@ Amazon [AWS](https://aws.amazon.com/), [GCP](https://cloud.google.com/ "Google C - Operating System: Currently, Nebari supports development on macOS and Linux operating systems. Windows is NOT supported. However, we would welcome contributions that add and improve support for Windows. -- You need Python >= 3.10 on your local machine or virtual environment to work on Nebari. +- You need Python >= 3.8 on your local machine or virtual environment to work on Nebari. - Adopting virtual environments ([`conda`](https://docs.conda.io/en/latest/), [`pipenv`](https://github.com/pypa/pipenv) or [`venv`](https://docs.python.org/3/library/venv.html)) is also encouraged. diff --git a/RELEASE.md b/RELEASE.md index d8c9bd5b4..2b249c660 100644 --- a/RELEASE.md +++ b/RELEASE.md @@ -9,27 +9,6 @@ This file is copied to nebari-dev/nebari-docs using a GitHub Action. --> --- -## Release 2024.3.3 - March 27, 2024 - -### What's Changed -* get default variable value when following a terraform variable by @Adam-D-Lewis in https://github.com/nebari-dev/nebari/pull/2322 -* Upgrade Actions versions by @isumitjha in https://github.com/nebari-dev/nebari/pull/2291 -* Cleanup spawner logs by @krassowski in https://github.com/nebari-dev/nebari/pull/2328 -* Fix loki gateway url when deployed on non-dev namespace by @aktech in https://github.com/nebari-dev/nebari/pull/2327 -* Dmcandrew update ruamel.yaml by @dcmcand in https://github.com/nebari-dev/nebari/pull/2315 -* upgrade auth0-python version to ultimately resolve CVE-2024-26130 by @tylergraff in https://github.com/nebari-dev/nebari/pull/2314 -* remove deprecated code paths by @Adam-D-Lewis in https://github.com/nebari-dev/nebari/pull/2349 -* Create SECURITY.md by @dcmcand in https://github.com/nebari-dev/nebari/pull/2354 -* Set node affinity for more pods to ensure they run on general node pool by @Adam-D-Lewis in https://github.com/nebari-dev/nebari/pull/2353 -* Deduplicate conda-store in JupyterLab main menu by @krassowski in https://github.com/nebari-dev/nebari/pull/2347 -* Pass current namespace to argo via environment variable by @krassowski in https://github.com/nebari-dev/nebari/pull/2317 -* PVC for Traefik Ingress (prevent LetsEncrypt throttling) by @kenafoster in https://github.com/nebari-dev/nebari/pull/2352 - -### New Contributors -* @isumitjha made their first contribution in https://github.com/nebari-dev/nebari/pull/2291 -* @tylergraff made their first contribution in https://github.com/nebari-dev/nebari/pull/2314 - -**Full Changelog**: https://github.com/nebari-dev/nebari/compare/2024.3.2...2024.3.3 ## Release 2024.3.2 - March 14, 2024 diff --git a/SECURITY.md b/SECURITY.md deleted file mode 100644 index 76f80ef92..000000000 --- a/SECURITY.md +++ /dev/null @@ -1,11 +0,0 @@ -# Security Policy - -## Supported Versions - -We support only the latest version, and we use [CalVer](https://calver.org/) for versioning. - -You should feel comfortable upgrading if you're using our documented public APIs and pay attention to `DeprecationWarnings`. Whenever there is a need to break compatibility, it is announced in the [Changelog](https://www.nebari.dev/docs/references/RELEASE) and will raise a `DeprecationWarning` before it's finally really broken. - -## Reporting a Vulnerability - -If you think you found a vulnerability, please report it at [nebari/security](https://github.com/nebari-dev/nebari/security/new). Please do not report security vulnerabilities on our public issue tracker. Exposing vulnerabilities publicly without giving maintainers a chance to release a fix puts users at risk. diff --git a/pyproject.toml b/pyproject.toml index 9c21badb4..cb90bc52d 100644 --- a/pyproject.toml +++ b/pyproject.toml @@ -23,7 +23,7 @@ name = "nebari" dynamic = ["version"] description = "A Jupyter and Dask-powered open source data science platform." readme = "README.md" -requires-python = ">=3.10" +requires-python = ">=3.8" license = "BSD-3-Clause" authors = [ { name = "Nebari development team", email = "internal-it@quansight.com" }, @@ -42,6 +42,8 @@ classifiers = [ "Intended Audience :: Developers", "Topic :: Software Development :: Build Tools", "Programming Language :: Python :: 3", + "Programming Language :: Python :: 3.8", + "Programming Language :: Python :: 3.9", "Programming Language :: Python :: 3.10", "Programming Language :: Python :: 3.11", "Intended Audience :: Developers", @@ -53,23 +55,23 @@ classifiers = [ ] dependencies = [ - "auth0-python==4.7.1", + "auth0-python==4.4.2", "azure-identity==1.12.0", "azure-mgmt-containerservice==26.0.0", "azure-mgmt-resource==23.0.1", "bcrypt==4.0.1", - "boto3==1.34.63", + "boto3==1.28.40", "cloudflare==2.11.7", "kubernetes==27.2.0", "pluggy==1.3.0", "prompt-toolkit==3.0.36", "pydantic==1.10.12", "pynacl==1.5.0", - "python-keycloak>=3.9.0", + "python-keycloak==3.3.0", "questionary==2.0.0", "requests-toolbelt==1.0.0", "rich==13.5.1", - "ruamel.yaml==0.18.6", + "ruamel.yaml==0.17.32", "typer==0.9.0", "packaging==23.2", ] diff --git a/scripts/helm-validate.py b/scripts/helm-validate.py index c623ef062..a916d2a2e 100644 --- a/scripts/helm-validate.py +++ b/scripts/helm-validate.py @@ -67,7 +67,7 @@ def _load_variable_value(self, argument, parent_contents): var_name = self._clean_var_name(argument, "var") for var in parent_contents.get("variable", {}): if var_name in var: - return var[var_name]["default"] + return var[var_name] else: raise ValueError(f"Could not find variable {var_name}") diff --git a/src/_nebari/constants.py b/src/_nebari/constants.py index 46df430e7..1f4d9ef81 100644 --- a/src/_nebari/constants.py +++ b/src/_nebari/constants.py @@ -1,4 +1,4 @@ -CURRENT_RELEASE = "2024.3.3" +CURRENT_RELEASE = "2024.3.2" # NOTE: Terraform cannot be upgraded further due to Hashicorp licensing changes # implemented in August 2023. diff --git a/src/_nebari/render.py b/src/_nebari/render.py index daf2fa506..d46a66852 100644 --- a/src/_nebari/render.py +++ b/src/_nebari/render.py @@ -8,6 +8,7 @@ from rich.table import Table from _nebari.deprecate import DEPRECATED_FILE_PATHS +from _nebari.utils import is_relative_to from nebari import hookspecs, schema @@ -88,7 +89,7 @@ def render_template( for path in deleted: abs_path = (output_directory / path).resolve() - if not abs_path.is_relative_to(output_directory): + if not is_relative_to(abs_path, output_directory): raise Exception( f"[ERROR] SHOULD NOT HAPPEN filename was about to be deleted but path={abs_path} is outside of output_directory" ) diff --git a/src/_nebari/stages/infrastructure/template/aws/modules/kubernetes/main.tf b/src/_nebari/stages/infrastructure/template/aws/modules/kubernetes/main.tf index 43e553850..848d1c047 100644 --- a/src/_nebari/stages/infrastructure/template/aws/modules/kubernetes/main.tf +++ b/src/_nebari/stages/infrastructure/template/aws/modules/kubernetes/main.tf @@ -57,6 +57,7 @@ resource "aws_eks_node_group" "main" { ] tags = merge({ + # "kubernetes.io/cluster/${var.name}" = "shared" "k8s.io/cluster-autoscaler/node-template/label/dedicated" = var.node_groups[count.index].name propagate_at_launch = true }, var.tags) @@ -68,36 +69,9 @@ data "aws_eks_cluster_auth" "main" { resource "aws_eks_addon" "aws-ebs-csi-driver" { # required for Kubernetes v1.23+ on AWS - addon_name = "aws-ebs-csi-driver" - cluster_name = aws_eks_cluster.main.name - resolve_conflicts_on_create = "OVERWRITE" - resolve_conflicts_on_update = "OVERWRITE" - - configuration_values = jsonencode({ - controller = { - nodeSelector = { - "eks.amazonaws.com/nodegroup" = "general" - } - } - }) - - # Ensure cluster and node groups are created - depends_on = [ - aws_eks_cluster.main, - aws_eks_node_group.main, - ] -} - -resource "aws_eks_addon" "coredns" { - addon_name = "coredns" - cluster_name = aws_eks_cluster.main.name - - configuration_values = jsonencode({ - nodeSelector = { - "eks.amazonaws.com/nodegroup" = "general" - } - }) - + addon_name = "aws-ebs-csi-driver" + cluster_name = aws_eks_cluster.main.name + resolve_conflicts = "OVERWRITE" # Ensure cluster and node groups are created depends_on = [ aws_eks_cluster.main, diff --git a/src/_nebari/stages/infrastructure/template/aws/modules/network/main.tf b/src/_nebari/stages/infrastructure/template/aws/modules/network/main.tf index da4276797..b3601a2a9 100644 --- a/src/_nebari/stages/infrastructure/template/aws/modules/network/main.tf +++ b/src/_nebari/stages/infrastructure/template/aws/modules/network/main.tf @@ -3,6 +3,7 @@ resource "aws_vpc" "main" { enable_dns_support = true enable_dns_hostnames = true + enable_classiclink = false tags = merge({ Name = var.name }, var.tags, var.vpc_tags) } diff --git a/src/_nebari/stages/infrastructure/template/aws/versions.tf b/src/_nebari/stages/infrastructure/template/aws/versions.tf index 68c0faf27..54fc973d6 100644 --- a/src/_nebari/stages/infrastructure/template/aws/versions.tf +++ b/src/_nebari/stages/infrastructure/template/aws/versions.tf @@ -2,7 +2,7 @@ terraform { required_providers { aws = { source = "hashicorp/aws" - version = "5.33.0" + version = "3.73.0" } } required_version = ">= 1.0" diff --git a/src/_nebari/stages/kubernetes_ingress/template/modules/kubernetes/ingress/main.tf b/src/_nebari/stages/kubernetes_ingress/template/modules/kubernetes/ingress/main.tf index 217039f42..08bb5b295 100644 --- a/src/_nebari/stages/kubernetes_ingress/template/modules/kubernetes/ingress/main.tf +++ b/src/_nebari/stages/kubernetes_ingress/template/modules/kubernetes/ingress/main.tf @@ -9,7 +9,7 @@ locals { "--entrypoints.minio.http.tls.certResolver=letsencrypt", "--certificatesresolvers.letsencrypt.acme.tlschallenge", "--certificatesresolvers.letsencrypt.acme.email=${var.acme-email}", - "--certificatesresolvers.letsencrypt.acme.storage=/mnt/acme-certificates/acme.json", + "--certificatesresolvers.letsencrypt.acme.storage=acme.json", "--certificatesresolvers.letsencrypt.acme.caserver=${var.acme-server}", ] self-signed = local.default_cert @@ -27,22 +27,6 @@ resource "kubernetes_service_account" "main" { } } -resource "kubernetes_persistent_volume_claim" "traefik_certs_pvc" { - metadata { - name = "traefik-ingress-certs" - namespace = var.namespace - } - spec { - access_modes = ["ReadWriteOnce"] - resources { - requests = { - storage = "5Gi" - } - } - } - wait_until_bound = false -} - resource "kubernetes_cluster_role" "main" { metadata { @@ -231,10 +215,6 @@ resource "kubernetes_deployment" "main" { image = "${var.traefik-image.image}:${var.traefik-image.tag}" name = var.name - volume_mount { - mount_path = "/mnt/acme-certificates" - name = "acme-certificates" - } security_context { capabilities { drop = ["ALL"] @@ -346,12 +326,6 @@ resource "kubernetes_deployment" "main" { success_threshold = 1 } } - volume { - name = "acme-certificates" - persistent_volume_claim { - claim_name = kubernetes_persistent_volume_claim.traefik_certs_pvc.metadata.0.name - } - } } } } diff --git a/src/_nebari/stages/kubernetes_initialize/template/modules/cluster-autoscaler/main.tf b/src/_nebari/stages/kubernetes_initialize/template/modules/cluster-autoscaler/main.tf index c07edd70d..29f982c86 100644 --- a/src/_nebari/stages/kubernetes_initialize/template/modules/cluster-autoscaler/main.tf +++ b/src/_nebari/stages/kubernetes_initialize/template/modules/cluster-autoscaler/main.tf @@ -19,24 +19,6 @@ resource "helm_release" "autoscaler" { clusterName = var.cluster-name enabled = true } - - affinity = { - nodeAffinity = { - requiredDuringSchedulingIgnoredDuringExecution = { - nodeSelectorTerms = [ - { - matchExpressions = [ - { - key = "eks.amazonaws.com/nodegroup" - operator = "In" - values = ["general"] - } - ] - } - ] - } - } - } }) ], var.overrides) } diff --git a/src/_nebari/stages/kubernetes_services/template/modules/kubernetes/services/argo-workflows/main.tf b/src/_nebari/stages/kubernetes_services/template/modules/kubernetes/services/argo-workflows/main.tf index 92bcad6ea..29f27da26 100644 --- a/src/_nebari/stages/kubernetes_services/template/modules/kubernetes/services/argo-workflows/main.tf +++ b/src/_nebari/stages/kubernetes_services/template/modules/kubernetes/services/argo-workflows/main.tf @@ -557,23 +557,6 @@ resource "kubernetes_manifest" "deployment_admission_controller" { } }, ] - affinity = { - nodeAffinity = { - requiredDuringSchedulingIgnoredDuringExecution = { - nodeSelectorTerms = [ - { - matchExpressions = [ - { - key = var.node-group.key - operator = "In" - values = [var.node-group.value] - } - ] - } - ] - } - } - } } } } diff --git a/src/_nebari/stages/kubernetes_services/template/modules/kubernetes/services/jupyterhub/files/jupyterhub/03-profiles.py b/src/_nebari/stages/kubernetes_services/template/modules/kubernetes/services/jupyterhub/files/jupyterhub/03-profiles.py index ddbc3b6be..50d527b86 100644 --- a/src/_nebari/stages/kubernetes_services/template/modules/kubernetes/services/jupyterhub/files/jupyterhub/03-profiles.py +++ b/src/_nebari/stages/kubernetes_services/template/modules/kubernetes/services/jupyterhub/files/jupyterhub/03-profiles.py @@ -455,14 +455,6 @@ def profile_conda_store_viewer_token(): } } }, - "CONDA_STORE_SERVICE_NAMESPACE": { - "valueFrom": { - "secretKeyRef": { - "name": "argo-workflows-conda-store-token", - "key": "conda-store-service-namespace", - } - } - }, } @@ -541,13 +533,14 @@ def render_profiles(spawner): # userinfo request to have the groups in the key # "auth_state.oauth_user.groups" auth_state = yield spawner.user.get_auth_state() + spawner.log.error(str(auth_state)) username = auth_state["oauth_user"]["preferred_username"] # only return the lowest level group name # e.g. /projects/myproj -> myproj # and /developers -> developers groups = [Path(group).name for group in auth_state["oauth_user"]["groups"]] - spawner.log.info(f"user info: {username} {groups}") + spawner.log.error(f"user info: {username} {groups}") keycloak_profilenames = auth_state["oauth_user"].get("jupyterlab_profiles", []) diff --git a/src/_nebari/stages/kubernetes_services/template/modules/kubernetes/services/jupyterhub/files/jupyterlab/overrides.json b/src/_nebari/stages/kubernetes_services/template/modules/kubernetes/services/jupyterhub/files/jupyterlab/overrides.json index 02d656445..fd6cafc62 100644 --- a/src/_nebari/stages/kubernetes_services/template/modules/kubernetes/services/jupyterhub/files/jupyterlab/overrides.json +++ b/src/_nebari/stages/kubernetes_services/template/modules/kubernetes/services/jupyterhub/files/jupyterlab/overrides.json @@ -6,8 +6,7 @@ "apiUrl": "/conda-store/", "authMethod": "cookie", "loginUrl": "/conda-store/login?next=", - "authToken": "", - "addMainMenuItem": false + "authToken": "" }, "@jupyterlab/apputils-extension:notification": { "checkForUpdates": false, @@ -51,24 +50,13 @@ "rank": 1000, "items": [ { - "command": "nebari:run-first-enabled", + "command": "help:open", + "rank": 1, "args": { - "commands": [ - { - "id": "condastore:open", - "label": "Environment Management" - }, - { - "id": "help:open", - "args": { - "url": "/conda-store", - "text": "Environment Management", - "newBrowserTab": true - } - } - ] - }, - "rank": 1 + "url": "/conda-store", + "text": "Environment Management", + "newBrowserTab": true + } }, { "command": "help:open", diff --git a/src/_nebari/stages/kubernetes_services/template/modules/kubernetes/services/jupyterhub/main.tf b/src/_nebari/stages/kubernetes_services/template/modules/kubernetes/services/jupyterhub/main.tf index f99ef62ee..af690112f 100644 --- a/src/_nebari/stages/kubernetes_services/template/modules/kubernetes/services/jupyterhub/main.tf +++ b/src/_nebari/stages/kubernetes_services/template/modules/kubernetes/services/jupyterhub/main.tf @@ -264,9 +264,8 @@ resource "kubernetes_secret" "argo-workflows-conda-store-token" { } data = { - "conda-store-api-token" = var.conda-store-argo-workflows-jupyter-scheduler-token - "conda-store-service-name" = var.conda-store-service-name - "conda-store-service-namespace" = var.namespace + "conda-store-api-token" = var.conda-store-argo-workflows-jupyter-scheduler-token + "conda-store-service-name" = var.conda-store-service-name } type = "Opaque" diff --git a/src/_nebari/stages/kubernetes_services/template/modules/kubernetes/services/monitoring/main.tf b/src/_nebari/stages/kubernetes_services/template/modules/kubernetes/services/monitoring/main.tf index 869f616c7..413a9e08d 100644 --- a/src/_nebari/stages/kubernetes_services/template/modules/kubernetes/services/monitoring/main.tf +++ b/src/_nebari/stages/kubernetes_services/template/modules/kubernetes/services/monitoring/main.tf @@ -181,14 +181,6 @@ resource "helm_release" "prometheus-grafana" { "${var.node-group.key}" = var.node-group.value } - additionalDataSources = [ - { - name = "Loki" - type = "loki" - url = "http://loki-gateway.${var.namespace}" - } - ] - # Avoid using the default password, as that's a security risk adminPassword : random_password.grafana_admin_password.result diff --git a/src/_nebari/stages/kubernetes_services/template/modules/kubernetes/services/monitoring/values.yaml b/src/_nebari/stages/kubernetes_services/template/modules/kubernetes/services/monitoring/values.yaml index ada868882..f3cf47c88 100644 --- a/src/_nebari/stages/kubernetes_services/template/modules/kubernetes/services/monitoring/values.yaml +++ b/src/_nebari/stages/kubernetes_services/template/modules/kubernetes/services/monitoring/values.yaml @@ -1 +1,7 @@ # https://github.com/prometheus-community/helm-charts/blob/main/charts/kube-prometheus-stack/values.yaml + +grafana: + additionalDataSources: + - name: Loki + type: loki + url: http://loki-gateway.dev diff --git a/src/_nebari/upgrade.py b/src/_nebari/upgrade.py index c60fcfa60..dcadc1a02 100644 --- a/src/_nebari/upgrade.py +++ b/src/_nebari/upgrade.py @@ -727,17 +727,6 @@ def _version_specific_upgrade( return config -class Upgrade_2024_3_3(UpgradeStep): - version = "2024.3.3" - - def _version_specific_upgrade( - self, config, start_version, config_filename: Path, *args, **kwargs - ): - rich.print("Ready to upgrade to Nebari version [green]2024.3.3[/green].") - - return config - - __rounded_version__ = str(rounded_ver_parse(__version__)) # Manually-added upgrade steps must go above this line diff --git a/src/_nebari/utils.py b/src/_nebari/utils.py index 3488c6f0e..3378116a1 100644 --- a/src/_nebari/utils.py +++ b/src/_nebari/utils.py @@ -268,6 +268,18 @@ def random_secure_string( return "".join(secrets.choice(chars) for i in range(length)) +def is_relative_to(self: Path, other: Path, /) -> bool: + """Compatibility function to bring ``Path.is_relative_to`` to Python 3.8""" + if sys.version_info[:2] >= (3, 9): + return self.is_relative_to(other) + + try: + self.relative_to(other) + return True + except ValueError: + return False + + def set_do_environment(): os.environ["AWS_ACCESS_KEY_ID"] = os.environ["SPACES_ACCESS_KEY_ID"] os.environ["AWS_SECRET_ACCESS_KEY"] = os.environ["SPACES_SECRET_ACCESS_KEY"]