tutor/tutor-credentials
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

feat: Upgrade to Sumac

Browse Source
This commit is contained in:
Régis Behmo 2024-12-16 21:10:53 +01:00 committed by GitHub
commit e9ca793dfe
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
8 changed files with 45 additions and 27 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

15
CHANGELOG.md
View File

@ -19,6 +19,21 @@ instructions, because git commits are used to generate release notes:
<!-- scriv-insert-here -->
<a id='changelog-19.0.0'></a>
## v19.0.0 (2024-10-23)
- 💥 [Deprecation] Drop support for python 3.8 and set Python 3.9 as the minimum supported python version. (by @Faraz32123)
- 💥[Improvement] Rename Tutor's two branches (by @DawoudSheraz):
* Rename **master** to **release**, as this branch runs the latest official Open edX release tag.
* Rename **nightly** to **main**, as this branch runs the Open edX master branches, which are the basis for the next Open edX release.
- 💥[Feature] Upgrade to Sumac. (by @Faraz32123)
- [BugFix] Uwsgi workers wasn't starting properly using `UWSGI_WORKERS` flag, passing the value directly fixes the issue. (by @Faraz32123)
- 💥[Feature] Update Credentials Image to use Ubuntu `24.04` as base OS. (by @Faraz32123)
- Add `mime-support` alternatives that are `media-types mailcap`.
- Update `python-openssl` to `python3-openssl`.
- [Bugfix] Fix legacy warnings during Docker build. (by @regisb)
<a id='changelog-18.0.0'></a>
## v18.0.0 (2024-06-07)

4
README.rst
View File

@ -38,7 +38,7 @@ For Copying programs that user make in `Discovery plugin <https://github.com/ove
Using Django Admin
~~~~~~~~~~~~~~~~~~
The credentials user interface will be available at http://credentials.local.edly.io for a local instance, and at ``CREDENTIALS_HOST`` (by default: ``http(s)://credentials.<your lms host>``) in production. In order to run commands from the UI login with an admin user at: http://credentials.local.edly.io/admin/. User should be able to authenticate with the same username and password that he used for his lms.
The credentials user interface will be available at http://credentials.local.openedx.io for a local instance, and at ``CREDENTIALS_HOST`` (by default: ``http(s)://credentials.<your lms host>``) in production. In order to run commands from the UI login with an admin user at: http://credentials.local.openedx.io/admin/. User should be able to authenticate with the same username and password that he used for his lms.
User can also create superuser for credentials using the below command
::
@ -91,7 +91,7 @@ Application Third party authentication
Learner Record UI configuration
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
The Learner Record is configurable dynamically via runtime configuration. To change any of the variables below, go to your LMS's Django admin Site Configuration page (for instance, http://local.edly.io/admin/site_configuration/siteconfiguration/) and add or modify corresponding JSON dict entries in the appropriate site:
The Learner Record is configurable dynamically via runtime configuration. To change any of the variables below, go to your LMS's Django admin Site Configuration page (for instance, http://local.openedx.io/admin/site_configuration/siteconfiguration/) and add or modify corresponding JSON dict entries in the appropriate site:
- ``SUPPORT_URL_LEARNER_RECORDS`` (default: ``""``): the URL the learner is taken to when clicking the "read more in our records help area" link.

1
changelog.d/20240621_170044_regis.md
View File

@ -1 +0,0 @@
- [Bugfix] Fix legacy warnings during Docker build. (by @regisb)

1
changelog.d/20241111_171418_faraz.maqsood_remove_py38_references.md
View File

@ -1 +0,0 @@
- 💥 [Deprecation] Drop support for python 3.8 and set Python 3.9 as the minimum supported python version. (by @Faraz32123)

3
changelog.d/20241119_124240_dawoud.sheraz_branch_rename.md
View File

@ -1,3 +0,0 @@
- 💥[Improvement] Rename Tutor's two branches (by @DawoudSheraz):
* Rename **master** to **release**, as this branch runs the latest official Open edX release tag.
* Rename **nightly** to **main**, as this branch runs the Open edX master branches, which are the basis for the next Open edX release.

4
setup.py
View File

@ -44,8 +44,8 @@ setup(
packages=find_packages(exclude=["tests*"]),
include_package_data=True,
python_requires=">=3.9",
install_requires=["tutor>=18.0.0,<19.0.0", "tutor-discovery>=18.0.0,<19.0.0", "tutor-mfe>=18.0.0,<19.0.0"],
extras_require={"dev": ["tutor[dev]>=18.0.0,<19.0.0"]},
install_requires=["tutor>=19.0.0,<20.0.0", "tutor-discovery>=19.0.0,<20.0.0", "tutor-mfe>=19.0.0,<20.0.0"],
extras_require={"dev": ["tutor[dev]>=19.0.0,<20.0.0"]},
entry_points={"tutor.plugin.v1": ["credentials = tutorcredentials.plugin"]},
classifiers=[
"Development Status :: 5 - Production/Stable",

2
tutorcredentials/__about__.py
View File

@ -1 +1 @@
__version__ = "18.0.0"
__version__ = "19.0.0"

42
tutorcredentials/templates/credentials/build/credentials/Dockerfile
View File

@ -1,8 +1,12 @@
# syntax=docker/dockerfile:1
###### Minimal image with base system requirements for most stages
FROM docker.io/ubuntu:20.04 AS minimal
FROM docker.io/ubuntu:24.04 AS minimal
ENV DEBIAN_FRONTEND=noninteractive
# Delete default UID=1000 `ubuntu` user to ensure we can use id 1000 for app user
RUN userdel -r ubuntu
RUN --mount=type=cache,target=/var/cache/apt,sharing=locked \
--mount=type=cache,target=/var/lib/apt,sharing=locked \
apt update && \
@ -11,7 +15,6 @@ RUN --mount=type=cache,target=/var/cache/apt,sharing=locked \
ENV LC_ALL=en_US.UTF-8
{{ patch("credentials-dockerfile-minimal") }}
###### Install python with pyenv in /opt/pyenv and create virtualenv in /openedx/venv
FROM minimal AS python
# https://github.com/pyenv/pyenv/wiki/Common-build-problems#prerequisites
@ -19,7 +22,7 @@ RUN --mount=type=cache,target=/var/cache/apt,sharing=locked \
--mount=type=cache,target=/var/lib/apt,sharing=locked apt update && \
apt install -y libssl-dev zlib1g-dev libbz2-dev \
libreadline-dev libsqlite3-dev wget curl llvm libncurses5-dev libncursesw5-dev \
xz-utils tk-dev libffi-dev liblzma-dev python-openssl git
xz-utils tk-dev libffi-dev liblzma-dev python3-openssl git
# Install pyenv
# https://www.python.org/downloads/
@ -36,6 +39,9 @@ RUN $PYENV_ROOT/versions/$PYTHON_VERSION/bin/python -m venv /openedx/venv
###### Checkout credentials
FROM minimal AS code
# Below warnings will occurr due to the variable name(have word "credentials" in it).
# - SecretsUsedInArgOrEnv: Do not use ARG or ENV instructions for sensitive data (ARG "CREDENTIALS_REPOSITORY") (line 41)
# - SecretsUsedInArgOrEnv: Do not use ARG or ENV instructions for sensitive data (ARG "CREDENTIALS_VERSION") (line 42)
ARG CREDENTIALS_REPOSITORY="{{ CREDENTIALS_REPOSITORY }}"
ARG CREDENTIALS_VERSION="{{ CREDENTIALS_REPOSITORY_VERSION }}"
RUN mkdir -p /openedx/credentials && \
@ -64,7 +70,7 @@ RUN --mount=type=cache,target=/openedx/.cache/pip,sharing=shared pip install \
# https://pypi.org/project/setuptools/
# https://pypi.org/project/pip/
# https://pypi.org/project/wheel/
setuptools==69.1.1 pip==24.0 wheel==0.43.0
setuptools==75.1.0 pip==24.2 wheel==0.44.0
# Install base requirements
RUN --mount=type=cache,target=/openedx/.cache/pip,sharing=shared pip install -r requirements/production.txt
@ -74,7 +80,7 @@ RUN --mount=type=cache,target=/openedx/.cache/pip,sharing=shared pip install \
# Use redis as a django cache https://pypi.org/project/django-redis/
django-redis==5.4.0 \
# uwsgi server https://pypi.org/project/uWSGI/
uwsgi==2.0.24
uwsgi==2.0.27
{{ patch("credentials-dockerfile-post-python-requirements") }}
@ -102,7 +108,7 @@ FROM minimal AS production
# Install system requirements
RUN --mount=type=cache,target=/var/cache/apt,sharing=locked \
--mount=type=cache,target=/var/lib/apt,sharing=locked apt update \
&& apt install -y libxml2 libmysqlclient-dev mime-support
&& apt install -y libxml2 libmysqlclient-dev media-types mailcap
# From then on, run as unprivileged "app" user
ARG APP_USER_ID=1000
@ -110,7 +116,7 @@ RUN if [ "$APP_USER_ID" = 0 ]; then echo "app user may not be root" && false; fi
RUN useradd --home-dir /openedx --create-home --shell /bin/bash --uid ${APP_USER_ID} app
USER ${APP_USER_ID}
# change file ownership to the new app user
# Change file ownership to the new app user
COPY --chown=app:app --from=code /openedx/credentials /openedx/credentials
COPY --chown=app:app --from=python /opt/pyenv /opt/pyenv
COPY --chown=app:app --from=python-requirements /openedx/venv /openedx/venv
@ -129,6 +135,8 @@ RUN python manage.py compilemessages
# Setup minimal yml config file, which is required by production settings
RUN echo "{}" > /openedx/config.yml
# Below warning will occurr due to the variable name(have word "credentials" in it).
# - SecretsUsedInArgOrEnv: Do not use ARG or ENV instructions for sensitive data (ENV "CREDENTIALS_CFG") (line 136)
ENV CREDENTIALS_CFG=/openedx/config.yml
{{ patch("credentials-dockerfile-pre-assets") }}
@ -152,13 +160,13 @@ EXPOSE 8000
###### Final image with production cmd
FROM production AS final
CMD uwsgi \
--static-map /static=/openedx/credentials/credentials/assets \
--static-map /media=/openedx/credentials/credentials/media \
--http 0.0.0.0:8000 \
--thunder-lock \
--single-interpreter \
--enable-threads \
--processes=${UWSGI_WORKERS:-2} \
--buffer-size=8192 \
--wsgi-file credentials/wsgi.py
CMD ["uwsgi", \
"--static-map", "/static=/openedx/credentials/credentials/assets", \
"--static-map", "/media=/openedx/credentials/credentials/media", \
"--http", "0.0.0.0:8000", \
"--thunder-lock", \
"--single-interpreter", \
"--enable-threads", \
"--processes=2", \
"--buffer-size=8192", \
"--wsgi-file", "credentials/wsgi.py"]