From 27b1d1a2f10245f0083819c97811a694884eb93a Mon Sep 17 00:00:00 2001 From: Ken Foster Date: Mon, 16 Sep 2024 21:49:18 -0400 Subject: [PATCH 01/37] Fix hub variable for jupyterhub_dashboard --- .../monitoring/dashboards/Main/jupyterhub_dashboard.json | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/src/_nebari/stages/kubernetes_services/template/modules/kubernetes/services/monitoring/dashboards/Main/jupyterhub_dashboard.json b/src/_nebari/stages/kubernetes_services/template/modules/kubernetes/services/monitoring/dashboards/Main/jupyterhub_dashboard.json index 0bbcfad3d1..4b57a028b8 100644 --- a/src/_nebari/stages/kubernetes_services/template/modules/kubernetes/services/monitoring/dashboards/Main/jupyterhub_dashboard.json +++ b/src/_nebari/stages/kubernetes_services/template/modules/kubernetes/services/monitoring/dashboards/Main/jupyterhub_dashboard.json @@ -1292,14 +1292,14 @@ "datasource": { "uid": "$PROMETHEUS_DS" }, - "definition": "", + "definition": "label_values({service=\"hub\"},namespace)", "hide": 0, - "includeAll": true, + "includeAll": false, "multi": true, "name": "hub", "options": [], "query": { - "query": "label_values(kube_service_labels{service=\"hub\"}, namespace)", + "query": "label_values({service=\"hub\"},namespace)", "refId": "Prometheus-hub-Variable-Query" }, "refresh": 1, From b76dd807443157190dcae29d37855d7476937f74 Mon Sep 17 00:00:00 2001 From: Amit Kumar Date: Fri, 4 Oct 2024 21:48:43 +0530 Subject: [PATCH 02/37] Add ability to add overrides to jhub-apps config --- src/_nebari/stages/kubernetes_services/__init__.py | 3 +++ .../stages/kubernetes_services/template/jupyterhub.tf | 1 + .../services/jupyterhub/files/jupyterhub/02-spawner.py | 5 +++++ .../template/modules/kubernetes/services/jupyterhub/main.tf | 1 + .../modules/kubernetes/services/jupyterhub/variables.tf | 5 +++++ .../stages/kubernetes_services/template/variables.tf | 6 ++++++ 6 files changed, 21 insertions(+) diff --git a/src/_nebari/stages/kubernetes_services/__init__.py b/src/_nebari/stages/kubernetes_services/__init__.py index bd4dfd759e..fdc413bd40 100644 --- a/src/_nebari/stages/kubernetes_services/__init__.py +++ b/src/_nebari/stages/kubernetes_services/__init__.py @@ -218,6 +218,7 @@ class ArgoWorkflows(schema.Base): class JHubApps(schema.Base): enabled: bool = False + overrides: Dict = {} class MonitoringOverrides(schema.Base): @@ -473,6 +474,7 @@ class JupyterhubInputVars(schema.Base): idle_culler_settings: Dict[str, Any] = Field(alias="idle-culler-settings") argo_workflows_enabled: bool = Field(alias="argo-workflows-enabled") jhub_apps_enabled: bool = Field(alias="jhub-apps-enabled") + jhub_apps_overrides: str = Field(alias="jhub-apps-overrides") cloud_provider: str = Field(alias="cloud-provider") jupyterlab_preferred_dir: Optional[str] = Field(alias="jupyterlab-preferred-dir") shared_fs_type: SharedFsEnum @@ -639,6 +641,7 @@ def input_vars(self, stage_outputs: Dict[str, Dict[str, Any]]): idle_culler_settings=self.config.jupyterlab.idle_culler.model_dump(), argo_workflows_enabled=self.config.argo_workflows.enabled, jhub_apps_enabled=self.config.jhub_apps.enabled, + jhub_apps_overrides=json.dumps(self.config.jhub_apps.overrides), initial_repositories=str(self.config.jupyterlab.initial_repositories), jupyterlab_default_settings=self.config.jupyterlab.default_settings, jupyterlab_gallery_settings=self.config.jupyterlab.gallery_settings, diff --git a/src/_nebari/stages/kubernetes_services/template/jupyterhub.tf b/src/_nebari/stages/kubernetes_services/template/jupyterhub.tf index 17b6f12411..121cff4b22 100644 --- a/src/_nebari/stages/kubernetes_services/template/jupyterhub.tf +++ b/src/_nebari/stages/kubernetes_services/template/jupyterhub.tf @@ -180,6 +180,7 @@ module "jupyterhub" { conda-store-service-name = module.kubernetes-conda-store-server.service_name conda-store-jhub-apps-token = module.kubernetes-conda-store-server.service-tokens.jhub-apps jhub-apps-enabled = var.jhub-apps-enabled + jhub-apps-overrides = var.jhub-apps-overrides extra-mounts = { "/etc/dask" = { diff --git a/src/_nebari/stages/kubernetes_services/template/modules/kubernetes/services/jupyterhub/files/jupyterhub/02-spawner.py b/src/_nebari/stages/kubernetes_services/template/modules/kubernetes/services/jupyterhub/files/jupyterhub/02-spawner.py index aa2153dc29..09bb649c01 100644 --- a/src/_nebari/stages/kubernetes_services/template/modules/kubernetes/services/jupyterhub/files/jupyterhub/02-spawner.py +++ b/src/_nebari/stages/kubernetes_services/template/modules/kubernetes/services/jupyterhub/files/jupyterhub/02-spawner.py @@ -1,4 +1,5 @@ import inspect +import json import kubernetes.client.models from tornado import gen @@ -65,6 +66,10 @@ def get_conda_store_environments(user_info: dict): c.JAppsConfig.hub_host = "hub" c.JAppsConfig.service_workers = 4 + jhub_apps_overrides = json.loads(z2jh.get_config("custom.jhub-apps-overrides")) + for config_key, config_value in jhub_apps_overrides.items(): + setattr(c.JAppsConfig, config_key, config_value) + def service_for_jhub_apps(name, url): return { "name": name, diff --git a/src/_nebari/stages/kubernetes_services/template/modules/kubernetes/services/jupyterhub/main.tf b/src/_nebari/stages/kubernetes_services/template/modules/kubernetes/services/jupyterhub/main.tf index 06cd4d6dd1..a36090f41c 100644 --- a/src/_nebari/stages/kubernetes_services/template/modules/kubernetes/services/jupyterhub/main.tf +++ b/src/_nebari/stages/kubernetes_services/template/modules/kubernetes/services/jupyterhub/main.tf @@ -77,6 +77,7 @@ resource "helm_release" "jupyterhub" { conda-store-service-name = var.conda-store-service-name conda-store-jhub-apps-token = var.conda-store-jhub-apps-token jhub-apps-enabled = var.jhub-apps-enabled + jhub-apps-overrides = var.jhub-apps-overrides initial-repositories = var.initial-repositories skel-mount = { name = kubernetes_config_map.etc-skel.metadata.0.name diff --git a/src/_nebari/stages/kubernetes_services/template/modules/kubernetes/services/jupyterhub/variables.tf b/src/_nebari/stages/kubernetes_services/template/modules/kubernetes/services/jupyterhub/variables.tf index 41089d391f..f395e08487 100644 --- a/src/_nebari/stages/kubernetes_services/template/modules/kubernetes/services/jupyterhub/variables.tf +++ b/src/_nebari/stages/kubernetes_services/template/modules/kubernetes/services/jupyterhub/variables.tf @@ -124,6 +124,11 @@ variable "jhub-apps-enabled" { type = bool } +variable "jhub-apps-overrides" { + description = "jhub-apps configuration overrides" + type = string +} + variable "conda-store-argo-workflows-jupyter-scheduler-token" { description = "Token for argo-workflows-jupyter-schedule to use conda-store" type = string diff --git a/src/_nebari/stages/kubernetes_services/template/variables.tf b/src/_nebari/stages/kubernetes_services/template/variables.tf index 9e36e65979..5d4e6d4a7a 100644 --- a/src/_nebari/stages/kubernetes_services/template/variables.tf +++ b/src/_nebari/stages/kubernetes_services/template/variables.tf @@ -59,6 +59,12 @@ variable "jhub-apps-enabled" { type = bool } +variable "jhub-apps-overrides" { + description = "jhub-apps configuration overrides" + type = string + default = "{}" +} + variable "cloud-provider" { description = "Name of cloud provider." type = string From c679491f422e979a0823562e9f7b22a01e5d1bb6 Mon Sep 17 00:00:00 2001 From: "pre-commit-ci[bot]" <66853113+pre-commit-ci[bot]@users.noreply.github.com> Date: Thu, 10 Oct 2024 10:57:54 +0200 Subject: [PATCH 03/37] [pre-commit.ci] pre-commit autoupdate (#2759) Co-authored-by: pre-commit-ci[bot] <66853113+pre-commit-ci[bot]@users.noreply.github.com> --- .pre-commit-config.yaml | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml index 61dcf79046..7779c81a65 100644 --- a/.pre-commit-config.yaml +++ b/.pre-commit-config.yaml @@ -22,7 +22,7 @@ ci: repos: # general - repo: https://github.com/pre-commit/pre-commit-hooks - rev: v4.6.0 + rev: v5.0.0 hooks: - id: end-of-file-fixer exclude: "^docs-sphinx/cli.html" @@ -37,7 +37,7 @@ repos: exclude: "^src/_nebari/template/" - repo: https://github.com/crate-ci/typos - rev: typos-dict-v0.11.27 + rev: v1.26.0 hooks: - id: typos @@ -55,13 +55,13 @@ repos: # python - repo: https://github.com/psf/black - rev: 24.8.0 + rev: 24.10.0 hooks: - id: black args: ["--line-length=88", "--exclude=/src/_nebari/template/"] - repo: https://github.com/astral-sh/ruff-pre-commit - rev: v0.6.3 + rev: v0.6.9 hooks: - id: ruff args: ["--fix"] @@ -77,7 +77,7 @@ repos: # terraform - repo: https://github.com/antonbabenko/pre-commit-terraform - rev: v1.94.1 + rev: v1.96.1 hooks: - id: terraform_fmt args: From baef3b4733a583174dc77e24e2d7050b1fa45cee Mon Sep 17 00:00:00 2001 From: Adam Lewis <23342526+Adam-D-Lewis@users.noreply.github.com> Date: Sun, 13 Oct 2024 07:26:40 -0500 Subject: [PATCH 04/37] remove do integration test (#2765) --- .github/workflows/test_do_integration.yaml | 84 ---------------------- README.md | 2 +- 2 files changed, 1 insertion(+), 85 deletions(-) delete mode 100644 .github/workflows/test_do_integration.yaml diff --git a/.github/workflows/test_do_integration.yaml b/.github/workflows/test_do_integration.yaml deleted file mode 100644 index 95ad219a85..0000000000 --- a/.github/workflows/test_do_integration.yaml +++ /dev/null @@ -1,84 +0,0 @@ -name: Digital Ocean Deployment - -on: - schedule: - - cron: "0 0 * * MON" - workflow_dispatch: - inputs: - branch: - description: 'Nebari branch to deploy, test, destroy' - required: true - default: develop - type: string - image-tag: - description: 'Nebari image tag created by the nebari-docker-images repo' - required: true - default: main - type: string - tf-log-level: - description: 'Change Terraform log levels' - required: false - default: info - type: choice - options: - - info - - warn - - debug - - trace - - error - -env: - NEBARI_GH_BRANCH: ${{ github.event.inputs.branch || 'main' }} - NEBARI_IMAGE_TAG: ${{ github.event.inputs.image-tag || 'main' }} - TF_LOG: ${{ github.event.inputs.tf-log-level || 'info' }} - - -jobs: - test-do-integration: - runs-on: ubuntu-latest - if: ${{ vars.SKIP_DO_INTEGRATION_TEST != 'true' }} - permissions: - id-token: write - contents: read - pull-requests: write - steps: - - name: Checkout - uses: actions/checkout@v4 - with: - ref: ${{ env.NEBARI_GH_BRANCH }} - fetch-depth: 0 - - name: Set up Python - uses: actions/setup-python@v5 - with: - python-version: 3.11 - - - name: Install Nebari - run: | - pip install .[dev] - playwright install - - - name: Retrieve secret from Vault - uses: hashicorp/vault-action@v3.0.0 - with: - method: jwt - url: "https://quansight-vault-public-vault-b2379fa7.d415e30e.z1.hashicorp.cloud:8200" - namespace: "admin/quansight" - role: "repository-nebari-dev-nebari-role" - secrets: | - kv/data/repository/nebari-dev/nebari/shared_secrets DIGITALOCEAN_TOKEN | DIGITALOCEAN_TOKEN; - kv/data/repository/nebari-dev/nebari/cloudflare/internal-devops@quansight.com/nebari-dev-ci token | CLOUDFLARE_TOKEN; - - - name: Set Environment DO - run: | - echo "SPACES_ACCESS_KEY_ID=${{ secrets.SPACES_ACCESS_KEY_ID }}" >> $GITHUB_ENV - echo "SPACES_SECRET_ACCESS_KEY=${{ secrets.SPACES_SECRET_ACCESS_KEY }}" >> $GITHUB_ENV - echo "NEBARI_K8S_VERSION"=1.25.12-do.0 >> $GITHUB_ENV - - - name: Integration Tests - run: | - pytest --version - pytest tests/tests_integration/ -vvv -s --cloud do - env: - NEBARI_SECRET__default_images__jupyterhub: "quay.io/nebari/nebari-jupyterhub:${{ env.NEBARI_IMAGE_TAG }}" - NEBARI_SECRET__default_images__jupyterlab: "quay.io/nebari/nebari-jupyterlab:${{ env.NEBARI_IMAGE_TAG }}" - NEBARI_SECRET__default_images__dask_worker: "quay.io/nebari/nebari-dask-worker:${{ env.NEBARI_IMAGE_TAG }}" diff --git a/README.md b/README.md index 4de7a4527e..5dcce91258 100644 --- a/README.md +++ b/README.md @@ -15,7 +15,7 @@ | Project | [![License](https://img.shields.io/badge/License-BSD%203--Clause-gray.svg?colorA=2D2A56&colorB=5936D9&style=flat.svg)](https://opensource.org/licenses/BSD-3-Clause) [![Nebari documentation](https://img.shields.io/badge/%F0%9F%93%96%20Read-the%20docs-gray.svg?colorA=2D2A56&colorB=5936D9&style=flat.svg)](https://www.nebari.dev/docs/welcome) [![PyPI](https://img.shields.io/pypi/v/nebari)](https://badge.fury.io/py/nebari) [![conda version](https://img.shields.io/conda/vn/conda-forge/nebari)]((https://anaconda.org/conda-forge/nebari)) | | Community | [![GH discussions](https://img.shields.io/badge/%F0%9F%92%AC%20-Participate%20in%20discussions-gray.svg?colorA=2D2A56&colorB=5936D9&style=flat.svg)](https://github.com/nebari-dev/nebari/discussions) [![Open an issue](https://img.shields.io/badge/%F0%9F%93%9D%20Open-an%20issue-gray.svg?colorA=2D2A56&colorB=5936D9&style=flat.svg)](https://github.com/nebari-dev/nebari/issues/new/choose) [![Community guidelines](https://img.shields.io/badge/🀝%20Community-guidelines-gray.svg?colorA=2D2A56&colorB=5936D9&style=flat.svg)](https://www.nebari.dev/docs/community/) | | CI | [![Kubernetes Tests](https://github.com/nebari-dev/nebari/actions/workflows/test_local_integration.yaml/badge.svg)](https://github.com/nebari-dev/nebari/actions/workflows/kubernetes_test.yaml) [![Tests](https://github.com/nebari-dev/nebari/actions/workflows/test.yaml/badge.svg)](https://github.com/nebari-dev/nebari/actions/workflows/test.yaml) [![Test Nebari Provider](https://github.com/nebari-dev/nebari/actions/workflows/test-provider.yaml/badge.svg)](https://github.com/nebari-dev/nebari/actions/workflows/test-provider.yaml)| -| Cloud Providers | [![AWS Deployment Status](https://github.com/nebari-dev/nebari/actions/workflows/test_aws_integration.yaml/badge.svg)](https://github.com/nebari-dev/nebari/actions/workflows/test_aws_integration.yaml) [![Azure Deployment Status](https://github.com/nebari-dev/nebari/actions/workflows/test_azure_integration.yaml/badge.svg)](https://github.com/nebari-dev/nebari/actions/workflows/test_azure_integration.yaml) [![GCP Deployment Status](https://github.com/nebari-dev/nebari/actions/workflows/test_gcp_integration.yaml/badge.svg)](https://github.com/nebari-dev/nebari/actions/workflows/test_gcp_integration.yaml) [![Digital Ocean Deployment Status](https://github.com/nebari-dev/nebari/actions/workflows/test_do_integration.yaml/badge.svg)](https://github.com/nebari-dev/nebari/actions/workflows/test_do_integration.yaml)| +| Cloud Providers | [![AWS Deployment Status](https://github.com/nebari-dev/nebari/actions/workflows/test_aws_integration.yaml/badge.svg)](https://github.com/nebari-dev/nebari/actions/workflows/test_aws_integration.yaml) [![Azure Deployment Status](https://github.com/nebari-dev/nebari/actions/workflows/test_azure_integration.yaml/badge.svg)](https://github.com/nebari-dev/nebari/actions/workflows/test_azure_integration.yaml) [![GCP Deployment Status](https://github.com/nebari-dev/nebari/actions/workflows/test_gcp_integration.yaml/badge.svg)](https://github.com/nebari-dev/nebari/actions/workflows/test_gcp_integration.yaml)| ## Table of contents From 3d9b6deb19833b716f0b477ccd816e16ac67bce0 Mon Sep 17 00:00:00 2001 From: Marcelo Villa Date: Sun, 13 Oct 2024 22:40:07 +0200 Subject: [PATCH 05/37] Rename default branch to main and get rid of develop as a target --- .github/workflows/run-precommit.yaml | 1 - .github/workflows/test-provider.yaml | 1 - .github/workflows/test_aws_integration.yaml | 2 +- .github/workflows/test_azure_integration.yaml | 2 +- .github/workflows/test_conda_build.yaml | 1 - .github/workflows/test_gcp_integration.yaml | 2 +- .github/workflows/test_local_integration.yaml | 1 - .github/workflows/typing.yaml | 1 - 8 files changed, 3 insertions(+), 8 deletions(-) diff --git a/.github/workflows/run-precommit.yaml b/.github/workflows/run-precommit.yaml index 9592a58373..eab62ce83e 100644 --- a/.github/workflows/run-precommit.yaml +++ b/.github/workflows/run-precommit.yaml @@ -4,7 +4,6 @@ on: push: branches: - main - - develop - release/\d{4}.\d{1,2}.\d{1,2} pull_request: diff --git a/.github/workflows/test-provider.yaml b/.github/workflows/test-provider.yaml index 6382cdf12a..fef1254495 100644 --- a/.github/workflows/test-provider.yaml +++ b/.github/workflows/test-provider.yaml @@ -16,7 +16,6 @@ on: push: branches: - main - - develop - release/\d{4}.\d{1,2}.\d{1,2} paths: - ".github/workflows/test-provider.yaml" diff --git a/.github/workflows/test_aws_integration.yaml b/.github/workflows/test_aws_integration.yaml index 867006df20..92f1af1000 100644 --- a/.github/workflows/test_aws_integration.yaml +++ b/.github/workflows/test_aws_integration.yaml @@ -8,7 +8,7 @@ on: branch: description: 'Nebari branch to deploy, test, destroy' required: true - default: develop + default: main type: string image-tag: description: 'Nebari image tag created by the nebari-docker-images repo' diff --git a/.github/workflows/test_azure_integration.yaml b/.github/workflows/test_azure_integration.yaml index 8123907497..615279af31 100644 --- a/.github/workflows/test_azure_integration.yaml +++ b/.github/workflows/test_azure_integration.yaml @@ -8,7 +8,7 @@ on: branch: description: 'Nebari branch to deploy, test, destroy' required: true - default: develop + default: main type: string image-tag: description: 'Nebari image tag created by the nebari-docker-images repo' diff --git a/.github/workflows/test_conda_build.yaml b/.github/workflows/test_conda_build.yaml index 2a959cdb6b..53c51d8c64 100644 --- a/.github/workflows/test_conda_build.yaml +++ b/.github/workflows/test_conda_build.yaml @@ -8,7 +8,6 @@ on: push: branches: - main - - develop - release/\d{4}.\d{1,2}.\d{1,2} paths: - ".github/workflows/test_conda_build.yaml" diff --git a/.github/workflows/test_gcp_integration.yaml b/.github/workflows/test_gcp_integration.yaml index e0e5a5b9e9..71162d1cce 100644 --- a/.github/workflows/test_gcp_integration.yaml +++ b/.github/workflows/test_gcp_integration.yaml @@ -8,7 +8,7 @@ on: branch: description: 'Nebari branch to deploy, test, destroy' required: true - default: develop + default: main type: string image-tag: description: 'Nebari image tag created by the nebari-docker-images repo' diff --git a/.github/workflows/test_local_integration.yaml b/.github/workflows/test_local_integration.yaml index 3b51f5797f..ea547ede8c 100644 --- a/.github/workflows/test_local_integration.yaml +++ b/.github/workflows/test_local_integration.yaml @@ -18,7 +18,6 @@ on: push: branches: - main - - develop - release/\d{4}.\d{1,2}.\d{1,2} paths: - ".github/workflows/test_local_integration.yaml" diff --git a/.github/workflows/typing.yaml b/.github/workflows/typing.yaml index de70d69483..3ce1bbc78e 100644 --- a/.github/workflows/typing.yaml +++ b/.github/workflows/typing.yaml @@ -9,7 +9,6 @@ on: push: branches: - main - - develop - release/\d{4}.\d{1,2}.\d{1,2} paths: - ".github/workflows/typing.yaml" From ccb8b7eff9e77dbc7da4c106ddfb842a331a8a3b Mon Sep 17 00:00:00 2001 From: Adam Lewis <23342526+Adam-D-Lewis@users.noreply.github.com> Date: Tue, 15 Oct 2024 15:31:04 -0500 Subject: [PATCH 06/37] fix CICD issue with pre-commit action (#2775) --- .github/workflows/run-precommit.yaml | 11 +++++++++++ src/_nebari/provider/cicd/github.py | 2 +- 2 files changed, 12 insertions(+), 1 deletion(-) diff --git a/.github/workflows/run-precommit.yaml b/.github/workflows/run-precommit.yaml index eab62ce83e..6a79e0da1a 100644 --- a/.github/workflows/run-precommit.yaml +++ b/.github/workflows/run-precommit.yaml @@ -18,6 +18,17 @@ jobs: - name: Checkout repository πŸ”” uses: actions/checkout@v4.1.1 + - name: Setup python + uses: actions/setup-python@v5 + with: + python-version: '3.x' + + - name: Setup terraform + uses: hashicorp/setup-terraform@v3 + with: + terraform_version: "1.5.7" + + - name: Run terraform pre-commit ⚑️ uses: pre-commit/action@v3.0.1 with: diff --git a/src/_nebari/provider/cicd/github.py b/src/_nebari/provider/cicd/github.py index 0c9003ecdd..d091d1d027 100644 --- a/src/_nebari/provider/cicd/github.py +++ b/src/_nebari/provider/cicd/github.py @@ -196,7 +196,7 @@ def checkout_image_step(): def setup_python_step(): return GHA_job_step( name="Set up Python", - uses="actions/setup-python@v4", + uses="actions/setup-python@v5", with_={"python-version": GHA_job_steps_extras(LATEST_SUPPORTED_PYTHON_VERSION)}, ) From d67be09d7f5ed2a201a214f8b167261063e56a04 Mon Sep 17 00:00:00 2001 From: Philip Meier Date: Thu, 17 Oct 2024 14:50:05 +0200 Subject: [PATCH 07/37] add upgrade workflow --- .github/actions/init-local/action.yml | 65 ++++++++++++++++++++ .github/workflows/test_local_upgrade.yaml | 73 +++++++++++++++++++++++ 2 files changed, 138 insertions(+) create mode 100644 .github/actions/init-local/action.yml create mode 100644 .github/workflows/test_local_upgrade.yaml diff --git a/.github/actions/init-local/action.yml b/.github/actions/init-local/action.yml new file mode 100644 index 0000000000..fa68ccd853 --- /dev/null +++ b/.github/actions/init-local/action.yml @@ -0,0 +1,65 @@ +name: init-local +description: "Publish information from a template" + +inputs: + project: + description: TBD + required: false + default: thisisatest + domain: + description: TBD + required: false + default: github-actions.nebari.dev + +runs: + using: composite + + steps: + - uses: azure/setup-kubectl@v4.0.0 + with: + version: v1.19.16 + + - name: Enable docker permissions for user + shell: bash + run: | + sudo docker ps + sudo usermod -aG docker $USER && newgrp docker + + docker info + docker ps + + - name: Get routing table for docker pods + shell: bash + run: | + ip route + + - name: Initialize Nebari Cloud + shell: bash -l {0} + run: | + mkdir -p local-deployment + cd local-deployment + nebari init local --project=thisisatest --domain github-actions.nebari.dev --auth-provider=password + + # Need smaller profiles on Local Kind + sed -i -E 's/(cpu_guarantee):\s+[0-9\.]+/\1: 0.25/g' "nebari-config.yaml" + sed -i -E 's/(mem_guarantee):\s+[A-Za-z0-9\.]+/\1: 0.25G/g' "nebari-config.yaml" + + # Change default JupyterLab theme + cat >> nebari-config.yaml <<- EOM + jupyterlab: + default_settings: + "@jupyterlab/apputils-extension:themes": + theme: JupyterLab Dark + EOM + + # Change default value for minio persistence size + cat >> nebari-config.yaml <<- EOM + monitoring: + enabled: true + overrides: + minio: + persistence: + size: 1Gi + EOM + + cat nebari-config.yaml diff --git a/.github/workflows/test_local_upgrade.yaml b/.github/workflows/test_local_upgrade.yaml new file mode 100644 index 0000000000..e7c3a942ae --- /dev/null +++ b/.github/workflows/test_local_upgrade.yaml @@ -0,0 +1,73 @@ +name: "Local Upgrade Tests" + +env: + TEST_USERNAME: "test-user" + TEST_PASSWORD: "P@sswo3d" + NEBARI_IMAGE_TAG: "main" + +on: + release: + types: + - prereleased + workflow_dispatch: + +## When the cancel-in-progress: true option is specified, any concurrent jobs or workflows using the same +## concurrency group will cancel both the pending and currently running jobs or workflows. This allows only +## one job or workflow in the concurrency group to be in progress at a time. +#concurrency: +# group: ${{ github.workflow }}-${{ github.head_ref || github.run_id }} +# cancel-in-progress: true + +jobs: + test-local-upgrade: + runs-on: "cirun-runner--${{ github.run_id }}" + defaults: + run: + shell: bash -l {0} + steps: + - name: "Checkout Infrastructure" + uses: actions/checkout@main + with: + fetch-depth: 0 + + - name: Set up Python + uses: conda-incubator/setup-miniconda@v3 + env: + CONDA: /home/runnerx/miniconda3 + with: + auto-update-conda: true + python-version: "3.11" + miniconda-version: "latest" + + - name: Install Nebari + run: pip install . + + - name: Initialize local deployment + uses: ./.github/actions/init-local + + - name: Deploy Nebari + working-directory: local-deployment + run: | + nebari deploy --config nebari-config.yaml --disable-prompt + + - name: Basic kubectl checks after deployment + if: always() + run: | + kubectl get all,cm,secret,pv,pvc,ing -A + + - name: Check github-actions.nebari.dev resolves + run: | + nslookup github-actions.nebari.dev + + - name: Curl jupyterhub login page + run: | + curl -k https://github-actions.nebari.dev/hub/home -i + + - name: Create example-user + working-directory: local-deployment + run: | + nebari keycloak adduser --user "${TEST_USERNAME}" "${TEST_PASSWORD}" --config nebari-config.yaml + nebari keycloak listusers --config nebari-config.yaml + + - name: Get nebari-config.yaml full path + run: echo "NEBARI_CONFIG_PATH=`realpath ./local-deployment/nebari-config.yaml`" >> "$GITHUB_ENV" From 1454a90442a90e70b156fc3965f38f20a16cea91 Mon Sep 17 00:00:00 2001 From: Chuck McAndrew <6248903+dcmcand@users.noreply.github.com> Date: Thu, 17 Oct 2024 14:54:14 +0200 Subject: [PATCH 08/37] fix CHECK_URL in kuberhealthy checks to respect namespaces --- .../base/conda-store-healthcheck.yaml | 2 -- .../template/base/jupyterhub-healthcheck.yaml | 2 -- .../template/base/keycloak-healthcheck.yaml | 2 -- .../template/kustomization.yaml.tmpl | 28 +++++++++++++++++++ 4 files changed, 28 insertions(+), 6 deletions(-) diff --git a/src/_nebari/stages/kubernetes_kuberhealthy_healthchecks/template/base/conda-store-healthcheck.yaml b/src/_nebari/stages/kubernetes_kuberhealthy_healthchecks/template/base/conda-store-healthcheck.yaml index 37bcc854c7..b3487e1a16 100644 --- a/src/_nebari/stages/kubernetes_kuberhealthy_healthchecks/template/base/conda-store-healthcheck.yaml +++ b/src/_nebari/stages/kubernetes_kuberhealthy_healthchecks/template/base/conda-store-healthcheck.yaml @@ -12,8 +12,6 @@ spec: image: kuberhealthy/http-check:v1.5.0 imagePullPolicy: IfNotPresent env: - - name: CHECK_URL - value: "http://nebari-conda-store-server.dev:5000" - name: COUNT #### default: "0" value: "5" - name: SECONDS #### default: "0" diff --git a/src/_nebari/stages/kubernetes_kuberhealthy_healthchecks/template/base/jupyterhub-healthcheck.yaml b/src/_nebari/stages/kubernetes_kuberhealthy_healthchecks/template/base/jupyterhub-healthcheck.yaml index bb7ad2e05f..019a95c821 100644 --- a/src/_nebari/stages/kubernetes_kuberhealthy_healthchecks/template/base/jupyterhub-healthcheck.yaml +++ b/src/_nebari/stages/kubernetes_kuberhealthy_healthchecks/template/base/jupyterhub-healthcheck.yaml @@ -12,8 +12,6 @@ spec: image: kuberhealthy/http-check:v1.5.0 imagePullPolicy: IfNotPresent env: - - name: CHECK_URL - value: "http://hub.dev:8081" - name: COUNT #### default: "0" value: "5" - name: SECONDS #### default: "0" diff --git a/src/_nebari/stages/kubernetes_kuberhealthy_healthchecks/template/base/keycloak-healthcheck.yaml b/src/_nebari/stages/kubernetes_kuberhealthy_healthchecks/template/base/keycloak-healthcheck.yaml index 8b1f847aea..9754617f7e 100644 --- a/src/_nebari/stages/kubernetes_kuberhealthy_healthchecks/template/base/keycloak-healthcheck.yaml +++ b/src/_nebari/stages/kubernetes_kuberhealthy_healthchecks/template/base/keycloak-healthcheck.yaml @@ -12,8 +12,6 @@ spec: image: kuberhealthy/http-check:v1.5.0 imagePullPolicy: IfNotPresent env: - - name: CHECK_URL - value: "http://keycloak-http.dev" - name: COUNT #### default: "0" value: "5" - name: SECONDS #### default: "0" diff --git a/src/_nebari/stages/kubernetes_kuberhealthy_healthchecks/template/kustomization.yaml.tmpl b/src/_nebari/stages/kubernetes_kuberhealthy_healthchecks/template/kustomization.yaml.tmpl index 06e8f4aaae..5ac2250fed 100644 --- a/src/_nebari/stages/kubernetes_kuberhealthy_healthchecks/template/kustomization.yaml.tmpl +++ b/src/_nebari/stages/kubernetes_kuberhealthy_healthchecks/template/kustomization.yaml.tmpl @@ -15,3 +15,31 @@ patches: - op: replace path: /metadata/namespace value: "{{ namespace }}" + - target: + kind: KuberhealthyCheck + name: conda-store-http-check + patch: |- + - op: add + path: /spec/podSpec/containers/0/env/- + value: + name: CHECK_URL + value: "http://nebari-conda-store-server.{{ namespace }}:5000" + - target: + kind: KuberhealthyCheck + name: jupyterhub-http-check + patch: |- + - op: add + path: /spec/podSpec/containers/0/env/- + value: + name: CHECK_URL + value: "http:// + hub.{{ namespace }}:8081" + - target: + kind: KuberhealthyCheck + name: keycloak-http-check + patch: |- + - op: add + path: /spec/podSpec/containers/0/env/- + value: + name: CHECK_URL + value: "http://keycloak-http.{{ namespace }}" From 4ea15fbec6e8477fda4eb56a13a9615cb3e21823 Mon Sep 17 00:00:00 2001 From: Philip Meier Date: Thu, 17 Oct 2024 14:56:25 +0200 Subject: [PATCH 09/37] update project and domain --- .github/actions/init-local/action.yml | 2 +- .github/workflows/test_local_upgrade.yaml | 3 +++ 2 files changed, 4 insertions(+), 1 deletion(-) diff --git a/.github/actions/init-local/action.yml b/.github/actions/init-local/action.yml index fa68ccd853..1e7a5c68dd 100644 --- a/.github/actions/init-local/action.yml +++ b/.github/actions/init-local/action.yml @@ -38,7 +38,7 @@ runs: run: | mkdir -p local-deployment cd local-deployment - nebari init local --project=thisisatest --domain github-actions.nebari.dev --auth-provider=password + nebari init local --project=${{ inputs.project }} --domain=${{ inputs.domain }} --auth-provider=password # Need smaller profiles on Local Kind sed -i -E 's/(cpu_guarantee):\s+[0-9\.]+/\1: 0.25/g' "nebari-config.yaml" diff --git a/.github/workflows/test_local_upgrade.yaml b/.github/workflows/test_local_upgrade.yaml index e7c3a942ae..521e378a9e 100644 --- a/.github/workflows/test_local_upgrade.yaml +++ b/.github/workflows/test_local_upgrade.yaml @@ -44,6 +44,9 @@ jobs: - name: Initialize local deployment uses: ./.github/actions/init-local + with: + project: upgradetest + domain: upgradetest.nebari.dev - name: Deploy Nebari working-directory: local-deployment From dad5478ff1cd0db2e1d05907b656f0131c51b816 Mon Sep 17 00:00:00 2001 From: Philip Meier Date: Thu, 17 Oct 2024 14:57:00 +0200 Subject: [PATCH 10/37] remove unnecessary CI --- .github/workflows/generate_cli_doc.yml | 76 --------- .github/workflows/release-notes-sync.yaml | 21 --- .github/workflows/release.yaml | 77 --------- .github/workflows/run-precommit.yaml | 35 ---- .github/workflows/test-provider.yaml | 154 ------------------ .github/workflows/test.yaml | 68 -------- .github/workflows/test_aws_integration.yaml | 86 ---------- .github/workflows/test_azure_integration.yaml | 92 ----------- .github/workflows/test_conda_build.yaml | 58 ------- .github/workflows/test_gcp_integration.yaml | 90 ---------- .github/workflows/test_helm_charts.yaml | 50 ------ .github/workflows/trivy.yml | 46 ------ .github/workflows/typing.yaml | 45 ----- 13 files changed, 898 deletions(-) delete mode 100644 .github/workflows/generate_cli_doc.yml delete mode 100644 .github/workflows/release-notes-sync.yaml delete mode 100644 .github/workflows/release.yaml delete mode 100644 .github/workflows/run-precommit.yaml delete mode 100644 .github/workflows/test-provider.yaml delete mode 100644 .github/workflows/test.yaml delete mode 100644 .github/workflows/test_aws_integration.yaml delete mode 100644 .github/workflows/test_azure_integration.yaml delete mode 100644 .github/workflows/test_conda_build.yaml delete mode 100644 .github/workflows/test_gcp_integration.yaml delete mode 100644 .github/workflows/test_helm_charts.yaml delete mode 100644 .github/workflows/trivy.yml delete mode 100644 .github/workflows/typing.yaml diff --git a/.github/workflows/generate_cli_doc.yml b/.github/workflows/generate_cli_doc.yml deleted file mode 100644 index bc9aa6c4d5..0000000000 --- a/.github/workflows/generate_cli_doc.yml +++ /dev/null @@ -1,76 +0,0 @@ -name: Update API docs - -on: - pull_request: - paths: - - "src/_nebari/subcommands/**" - - "src/_nebari/cli.py" - push: - branches: - - main - paths: - - "src/_nebari/subcommands/**" - - "src/_nebari/cli.py" - workflow_dispatch: - -jobs: - update_api: - permissions: - contents: write - pull-requests: write - runs-on: ubuntu-latest - defaults: - run: - shell: bash -l {0} - working-directory: ./docs-sphinx - steps: - - name: Check out repository πŸ›ŽοΈ - uses: actions/checkout@v4 - - - name: Set up Python - uses: actions/setup-python@v5 - with: - python-version: "3.10" - - - name: Install nebari and docs dependencies - run: | - python -m pip install --upgrade pip - pip install -e "../[docs]" - - - name: Generate new API docs - run: | - make html - - - name: Copy cli doc - run: | - cp _build/html/cli.html cli.html - - - name: Look for changes to generated docs - uses: tj-actions/verify-changed-files@v12 - id: verify-changed-files - with: - files: | - docs-sphinx/cli.html - - - name: Create Pull Request in code repo - id: create_pull_request - uses: peter-evans/create-pull-request@v4 - if: steps.verify-changed-files.outputs.files_changed == 'true' && github.event_name != 'pull_request' - with: - token: ${{ secrets.NEBARI_SENSEI_API_DOCS_PR_OPENER }} - commit-message: Update api docs - committer: GitHub - author: ${{ github.actor }} <${{ github.actor }}@users.noreply.github.com> - signoff: false - branch: auto_cli_doc_update - delete-branch: true - title: '[AUTO] Update CLI doc' - body: | - Update CLI doc - - Auto-generated by [create-pull-request][1] - - [1]: https://github.com/peter-evans/create-pull-request - labels: | - "area: documentation πŸ“–" - draft: false - base: ${{ github.head_ref }} diff --git a/.github/workflows/release-notes-sync.yaml b/.github/workflows/release-notes-sync.yaml deleted file mode 100644 index 6e918fea26..0000000000 --- a/.github/workflows/release-notes-sync.yaml +++ /dev/null @@ -1,21 +0,0 @@ -name: Sync release notes with nebari.dev/docs - -on: - release: - types: [created] - workflow_dispatch: - -jobs: - sync: - runs-on: ubuntu-latest - steps: - - name: Checkout Repository - uses: actions/checkout@master - - name: Run Release File Sync ♻️ - uses: BetaHuhn/repo-file-sync-action@v1 - with: - GH_PAT: ${{ secrets.NEBARI_SENSEI_API_DOCS_PR_OPENER }} - CONFIG_PATH: .github/release-notes-sync-config.yaml - COMMIT_BODY: "MAINT - Sync release notes :robot:" - PR_LABELS: | - type: file sync ♻️ diff --git a/.github/workflows/release.yaml b/.github/workflows/release.yaml deleted file mode 100644 index 771999f51d..0000000000 --- a/.github/workflows/release.yaml +++ /dev/null @@ -1,77 +0,0 @@ -name: Test & Publish PyPi release - -on: - release: - types: [created] - -jobs: - test-pypi: - name: Test PyPi release - runs-on: ubuntu-latest - permissions: - id-token: write # IMPORTANT: this permission is mandatory for trusted publishing - steps: - - name: Set up python - uses: actions/setup-python@v5 - with: - python-version: "3.10" - - - name: Upgrade pip - run: python -m pip install --upgrade pip build - - - name: Checkout repository - uses: actions/checkout@v4 - with: - fetch-depth: 0 - - - name: Create tag - # if present, remove leading `v` - run: | - echo "NEBARI_TAG=$(git describe --tags | sed 's/^v//')" >> $GITHUB_ENV - echo ${{ env.NEBARI_TAG }} - - - name: Build source and binary - run: python -m build --sdist --wheel . - - - name: Publish to test PyPI - uses: pypa/gh-action-pypi-publish@release/v1 - with: - repository-url: https://test.pypi.org/legacy/ - - - name: Sleep - run: sleep 120 - - - name: Test install from Test PyPI - run: | - pip install \ - --index-url https://test.pypi.org/simple/ \ - --extra-index-url https://pypi.org/simple \ - nebari==${{ env.NEBARI_TAG }} - - release-pypi: - name: Publish Nebari on PyPi - runs-on: ubuntu-latest - needs: test-pypi - permissions: - id-token: write - contents: read - - steps: - - name: Set up python - uses: actions/setup-python@v5 - with: - python-version: "3.10" - - - name: Upgrade pip - run: python -m pip install --upgrade pip build - - - name: Checkout repository - uses: actions/checkout@v4 - with: - fetch-depth: 0 - - - name: Build source and binary - run: python -m build --sdist --wheel . - - - name: Publish package - uses: pypa/gh-action-pypi-publish@release/v1 diff --git a/.github/workflows/run-precommit.yaml b/.github/workflows/run-precommit.yaml deleted file mode 100644 index 6a79e0da1a..0000000000 --- a/.github/workflows/run-precommit.yaml +++ /dev/null @@ -1,35 +0,0 @@ -name: Run pre-commit - -on: - push: - branches: - - main - - release/\d{4}.\d{1,2}.\d{1,2} - pull_request: - -jobs: - pre-commit: - if: github.event.pull_request.merged == false - runs-on: ubuntu-latest - defaults: - run: - shell: bash -l {0} - steps: - - name: Checkout repository πŸ”” - uses: actions/checkout@v4.1.1 - - - name: Setup python - uses: actions/setup-python@v5 - with: - python-version: '3.x' - - - name: Setup terraform - uses: hashicorp/setup-terraform@v3 - with: - terraform_version: "1.5.7" - - - - name: Run terraform pre-commit ⚑️ - uses: pre-commit/action@v3.0.1 - with: - extra_args: --all-files terraform_fmt diff --git a/.github/workflows/test-provider.yaml b/.github/workflows/test-provider.yaml deleted file mode 100644 index fef1254495..0000000000 --- a/.github/workflows/test-provider.yaml +++ /dev/null @@ -1,154 +0,0 @@ -# This is only workflow that requires cloud credentials and therefore will not run on PRs coming from forks. -name: "Test Nebari Provider" - -on: - schedule: - - cron: "0 3 * * *" - pull_request: - paths: - - ".github/workflows/test-provider.yaml" - - ".github/failed-workflow-issue-templates/test-provider.md" - - ".github/actions/publish-from-template" - - "tests/**" - - "scripts/**" - - "src/**" - - "pyproject.toml" - push: - branches: - - main - - release/\d{4}.\d{1,2}.\d{1,2} - paths: - - ".github/workflows/test-provider.yaml" - - "tests/**" - - "scripts/**" - - "src/**" - - "pyproject.toml" - workflow_call: - inputs: - pr_number: - required: true - type: string - -jobs: - test-render-providers: - # Prevents the execution of this test under the following conditions: - # 1. When the 'NO_PROVIDER_CREDENTIALS' GitHub variable is set, indicating the absence of provider credentials. - # 2. For pull requests (PRs) originating from a fork, since GitHub does not provide the fork's credentials to the destination repository. - # ref. https://github.com/nebari-dev/nebari/issues/2379 - if: | - vars.NO_PROVIDER_CREDENTIALS == '' && - (github.event.pull_request.head.repo.full_name == github.repository || github.event_name != 'pull_request') - name: "Test Nebari Provider" - runs-on: ubuntu-latest - permissions: - id-token: write - contents: read - pull-requests: write - strategy: - matrix: - provider: - - aws - - azure - - do - - gcp - - local - - existing - cicd: - - none - - github-actions - - gitlab-ci - fail-fast: false - steps: - - name: "Checkout Infrastructure" - uses: actions/checkout@v4 - - - name: Checkout the branch from the PR that triggered the job - if: ${{ github.event_name == 'issue_comment' }} - run: hub pr checkout ${{ inputs.pr_number }} - env: - GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} - - - name: Set up Python - uses: actions/setup-python@v5 - with: - python-version: "3.11" - - - name: Retrieve secret from Vault - uses: hashicorp/vault-action@v3.0.0 - with: - method: jwt - url: "https://quansight-vault-public-vault-b2379fa7.d415e30e.z1.hashicorp.cloud:8200" - namespace: "admin/quansight" - role: "repository-nebari-dev-nebari-role" - secrets: | - kv/data/repository/nebari-dev/nebari/amazon_web_services/nebari-dev-ci role_name | AWS_ROLE_ARN; - kv/data/repository/nebari-dev/nebari/google_cloud_platform/nebari-dev-ci/github-nebari-dev-repo-ci project_id | PROJECT_ID; - kv/data/repository/nebari-dev/nebari/google_cloud_platform/nebari-dev-ci/github-nebari-dev-repo-ci workload_identity_provider | GCP_WORKFLOW_PROVIDER; - kv/data/repository/nebari-dev/nebari/google_cloud_platform/nebari-dev-ci/github-nebari-dev-repo-ci service_account_name | GCP_SERVICE_ACCOUNT; - kv/data/repository/nebari-dev/nebari/azure/nebari-dev-ci/github-nebari-dev-repo-ci client_id | ARM_CLIENT_ID; - kv/data/repository/nebari-dev/nebari/azure/nebari-dev-ci/github-nebari-dev-repo-ci tenant_id | ARM_TENANT_ID; - kv/data/repository/nebari-dev/nebari/azure/nebari-dev-ci/github-nebari-dev-repo-ci subscription_id | ARM_SUBSCRIPTION_ID; - kv/data/repository/nebari-dev/nebari/shared_secrets DIGITALOCEAN_TOKEN | DIGITALOCEAN_TOKEN; - kv/data/repository/nebari-dev/nebari/shared_secrets SPACES_ACCESS_KEY_ID | SPACES_ACCESS_KEY_ID; - kv/data/repository/nebari-dev/nebari/shared_secrets SPACES_SECRET_ACCESS_KEY | SPACES_SECRET_ACCESS_KEY; - - - name: 'Authenticate to GCP' - if: ${{ matrix.provider == 'gcp' }} - uses: 'google-github-actions/auth@v1' - with: - token_format: access_token - create_credentials_file: 'true' - workload_identity_provider: ${{ env.GCP_WORKFLOW_PROVIDER }} - service_account: ${{ env.GCP_SERVICE_ACCOUNT }} - - - name: Set required environment variables - if: ${{ matrix.provider == 'gcp' }} - run: | - echo "GOOGLE_CREDENTIALS=${{ env.GOOGLE_APPLICATION_CREDENTIALS }}" >> $GITHUB_ENV - - - name: 'Authenticate to AWS' - if: ${{ matrix.provider == 'aws' }} - uses: aws-actions/configure-aws-credentials@v1 - with: - role-to-assume: ${{ env.AWS_ROLE_ARN }} - role-session-name: github-action - aws-region: us-east-1 - - - name: 'Azure login' - if: ${{ matrix.provider == 'azure' }} - uses: azure/login@v1 - with: - client-id: ${{ env.ARM_CLIENT_ID }} - tenant-id: ${{ env.ARM_TENANT_ID }} - subscription-id: ${{ env.ARM_SUBSCRIPTION_ID }} - - - name: Install Nebari - run: | - pip install --upgrade pip - pip install .[dev] - - - name: Nebari Initialize - run: | - nebari init "${{ matrix.provider }}" --project "TestProvider" --domain "${{ matrix.provider }}.nebari.dev" --auth-provider password --disable-prompt --ci-provider ${{ matrix.cicd }} - cat "nebari-config.yaml" - - - name: Nebari Render - run: | - nebari render -c "nebari-config.yaml" -o "nebari-${{ matrix.provider }}-${{ matrix.cicd }}-deployment" - cp "nebari-config.yaml" "nebari-${{ matrix.provider }}-${{ matrix.cicd }}-deployment/nebari-config.yaml" - - - name: Nebari Render Artifact - uses: actions/upload-artifact@master - with: - name: "nebari-${{ matrix.provider }}-${{ matrix.cicd }}-artifact" - path: "nebari-${{ matrix.provider }}-${{ matrix.cicd }}-deployment" - - - if: failure() || github.event_name == 'pull_request' - name: Publish information from template - uses: ./.github/actions/publish-from-template - env: - GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} - PROVIDER: ${{ matrix.provider }} - CICD: ${{ matrix.cicd }} - with: - filename: .github/failed-workflow-issue-templates/test-provider.md diff --git a/.github/workflows/test.yaml b/.github/workflows/test.yaml deleted file mode 100644 index 5e527e9aa5..0000000000 --- a/.github/workflows/test.yaml +++ /dev/null @@ -1,68 +0,0 @@ -name: "Tests" - -on: - pull_request: - paths: - - ".github/workflows/test.yaml" - - "tests/**" - - "scripts/**" - - "src/**" - - "pyproject.toml" - - "pytest.ini" - push: - branches: - - main - - develop - - release/\d{4}.\d{1,2}.\d{1,2} - paths: - - ".github/workflows/test.yaml" - - "tests/**" - - "scripts/**" - - "src/**" - - "pyproject.toml" - - "pytest.ini" - -jobs: - test-general: - name: "Pytest" - runs-on: ubuntu-latest - defaults: - run: - shell: bash -el {0} - strategy: - matrix: - python-version: - - "3.10" - - "3.11" - - "3.12" - fail-fast: false - concurrency: - group: ${{ github.workflow }}-${{ github.head_ref || github.run_id }}-${{ matrix.python-version }} - cancel-in-progress: true - steps: - - name: "Checkout Infrastructure" - uses: actions/checkout@v4 - with: - fetch-depth: 0 - - - name: Setup miniconda - uses: conda-incubator/setup-miniconda@v3 - with: - auto-update-conda: true - python-version: ${{ matrix.python-version }} - channels: conda-forge,defaults - activate-environment: nebari-dev - - - name: Install Nebari - run: | - python --version - pip install -e .[dev] - - - name: Test Nebari - run: | - pytest --version - pytest --cov=src --cov-report=xml --cov-config=pyproject.toml tests/tests_unit - - - name: Report Coverage - run: | - coverage report -m diff --git a/.github/workflows/test_aws_integration.yaml b/.github/workflows/test_aws_integration.yaml deleted file mode 100644 index 92f1af1000..0000000000 --- a/.github/workflows/test_aws_integration.yaml +++ /dev/null @@ -1,86 +0,0 @@ -name: AWS Deployment - -on: - schedule: - - cron: "0 0 * * MON" - workflow_dispatch: - inputs: - branch: - description: 'Nebari branch to deploy, test, destroy' - required: true - default: main - type: string - image-tag: - description: 'Nebari image tag created by the nebari-docker-images repo' - required: true - default: main - type: string - tf-log-level: - description: 'Change Terraform log levels' - required: false - default: info - type: choice - options: - - info - - warn - - debug - - trace - - error - - -env: - AWS_DEFAULT_REGION: "us-west-2" - NEBARI_GH_BRANCH: ${{ github.event.inputs.branch || 'main' }} - NEBARI_IMAGE_TAG: ${{ github.event.inputs.image-tag || 'main' }} - TF_LOG: ${{ github.event.inputs.tf-log-level || 'info' }}∏ - -jobs: - test-aws-integration: - runs-on: ubuntu-latest - if: ${{ vars.SKIP_AWS_INTEGRATION_TEST != 'true' }} - permissions: - id-token: write - contents: read - steps: - - name: Checkout - uses: actions/checkout@v4 - with: - ref: ${{ env.NEBARI_GH_BRANCH }} - fetch-depth: 0 - - - name: Set up Python - uses: actions/setup-python@v5 - with: - python-version: 3.11 - - - name: Install Nebari - run: | - pip install .[dev] - playwright install - - - name: Retrieve secret from Vault - uses: hashicorp/vault-action@v3.0.0 - with: - method: jwt - url: "https://quansight-vault-public-vault-b2379fa7.d415e30e.z1.hashicorp.cloud:8200" - namespace: "admin/quansight" - role: "repository-nebari-dev-nebari-role" - secrets: | - kv/data/repository/nebari-dev/nebari/amazon_web_services/nebari-dev-ci role_name | AWS_ROLE_ARN; - kv/data/repository/nebari-dev/nebari/cloudflare/internal-devops@quansight.com/nebari-dev-ci token | CLOUDFLARE_TOKEN; - - - name: Authenticate to AWS - uses: aws-actions/configure-aws-credentials@v1 - with: - role-to-assume: ${{ env.AWS_ROLE_ARN }} - role-session-name: github-action - aws-region: ${{ env.AWS_DEFAULT_REGION }} - - - name: Integration Tests - run: | - pytest --version - pytest tests/tests_integration/ -vvv -s --cloud aws - env: - NEBARI_SECRET__default_images__jupyterhub: "quay.io/nebari/nebari-jupyterhub:${{ env.NEBARI_IMAGE_TAG }}" - NEBARI_SECRET__default_images__jupyterlab: "quay.io/nebari/nebari-jupyterlab:${{ env.NEBARI_IMAGE_TAG }}" - NEBARI_SECRET__default_images__dask_worker: "quay.io/nebari/nebari-dask-worker:${{ env.NEBARI_IMAGE_TAG }}" diff --git a/.github/workflows/test_azure_integration.yaml b/.github/workflows/test_azure_integration.yaml deleted file mode 100644 index 615279af31..0000000000 --- a/.github/workflows/test_azure_integration.yaml +++ /dev/null @@ -1,92 +0,0 @@ -name: Azure Deployment - -on: - schedule: - - cron: "0 0 * * MON" - workflow_dispatch: - inputs: - branch: - description: 'Nebari branch to deploy, test, destroy' - required: true - default: main - type: string - image-tag: - description: 'Nebari image tag created by the nebari-docker-images repo' - required: true - default: main - type: string - tf-log-level: - description: 'Change Terraform log levels' - required: false - default: info - type: choice - options: - - info - - warn - - debug - - trace - - error - -env: - NEBARI_GH_BRANCH: ${{ github.event.inputs.branch || 'main' }} - NEBARI_IMAGE_TAG: ${{ github.event.inputs.image-tag || 'main' }} - TF_LOG: ${{ github.event.inputs.tf-log-level || 'info' }} - -jobs: - test-azure-integration: - runs-on: ubuntu-latest - if: ${{ vars.SKIP_AZURE_INTEGRATION_TEST != 'true' }} - permissions: - id-token: write - contents: read - steps: - - name: Checkout - uses: actions/checkout@v3 - with: - ref: ${{ env.NEBARI_GH_BRANCH }} - fetch-depth: 0 - - - name: Set up Python - uses: actions/setup-python@v4 - with: - python-version: 3.11 - - - name: Install Nebari - run: | - pip install .[dev] - conda install --quiet --yes conda-build - playwright install - - - name: Retrieve secret from Vault - uses: hashicorp/vault-action@v3.0.0 - with: - method: jwt - url: "https://quansight-vault-public-vault-b2379fa7.d415e30e.z1.hashicorp.cloud:8200" - namespace: "admin/quansight" - role: "repository-nebari-dev-nebari-role" - secrets: | - kv/data/repository/nebari-dev/nebari/azure/nebari-dev-ci/github-nebari-dev-repo-ci client_id | ARM_CLIENT_ID; - kv/data/repository/nebari-dev/nebari/azure/nebari-dev-ci/github-nebari-dev-repo-ci tenant_id | ARM_TENANT_ID; - kv/data/repository/nebari-dev/nebari/azure/nebari-dev-ci/github-nebari-dev-repo-ci subscription_id | ARM_SUBSCRIPTION_ID; - kv/data/repository/nebari-dev/nebari/cloudflare/internal-devops@quansight.com/nebari-dev-ci token | CLOUDFLARE_TOKEN; - - - name: 'Azure login' - uses: azure/login@v2 - with: - client-id: ${{ env.ARM_CLIENT_ID }} - tenant-id: ${{ env.ARM_TENANT_ID }} - subscription-id: ${{ env.ARM_SUBSCRIPTION_ID }} - - - name: Integration Tests - run: | - pytest --version - pytest tests/tests_integration/ -vvv -s --cloud azure - env: - NEBARI_SECRET__default_images__jupyterhub: "quay.io/nebari/nebari-jupyterhub:${{ env.NEBARI_IMAGE_TAG }}" - NEBARI_SECRET__default_images__jupyterlab: "quay.io/nebari/nebari-jupyterlab:${{ env.NEBARI_IMAGE_TAG }}" - NEBARI_SECRET__default_images__dask_worker: "quay.io/nebari/nebari-dask-worker:${{ env.NEBARI_IMAGE_TAG }}" - ARM_CLIENT_ID: ${{ env.ARM_CLIENT_ID }} - ARM_TENANT_ID: ${{ env.ARM_TENANT_ID }} - ARM_SUBSCRIPTION_ID: ${{ env.ARM_SUBSCRIPTION_ID }} - ARM_USE_OIDC: "true" - CLOUDFLARE_TOKEN: ${{ env.CLOUDFLARE_TOKEN }} diff --git a/.github/workflows/test_conda_build.yaml b/.github/workflows/test_conda_build.yaml deleted file mode 100644 index 53c51d8c64..0000000000 --- a/.github/workflows/test_conda_build.yaml +++ /dev/null @@ -1,58 +0,0 @@ -name: "Test Conda Build" - -on: - pull_request: - paths: - - ".github/workflows/test_conda_build.yaml" - - "pyproject.toml" - push: - branches: - - main - - release/\d{4}.\d{1,2}.\d{1,2} - paths: - - ".github/workflows/test_conda_build.yaml" - - "pyproject.toml" - -jobs: - test-conda-build: - runs-on: ubuntu-latest - defaults: - run: - shell: bash -el {0} - concurrency: - group: ${{ github.workflow }}-${{ github.head_ref || github.run_id }} - cancel-in-progress: true - steps: - - name: "Checkout Infrastructure" - uses: actions/checkout@v4 - with: - fetch-depth: 0 - - - name: Setup miniconda - uses: conda-incubator/setup-miniconda@v3 - with: - auto-update-conda: true - python-version: "3.10" - channels: conda-forge - activate-environment: nebari-dev - - - name: Install dependencies - run: | - conda install build grayskull conda-build conda-verify - - - name: Generate sdist - run: | - python -m build --sdist - - - name: Generate meta.yaml - run: | - python -m grayskull pypi dist/*.tar.gz - - - name: Build conda package - run: | - conda build nebari - - - name: Test conda package - run: | - conda install --use-local nebari - nebari --version diff --git a/.github/workflows/test_gcp_integration.yaml b/.github/workflows/test_gcp_integration.yaml deleted file mode 100644 index 71162d1cce..0000000000 --- a/.github/workflows/test_gcp_integration.yaml +++ /dev/null @@ -1,90 +0,0 @@ -name: GCP Deployment - -on: - schedule: - - cron: "0 0 * * MON" - workflow_dispatch: - inputs: - branch: - description: 'Nebari branch to deploy, test, destroy' - required: true - default: main - type: string - image-tag: - description: 'Nebari image tag created by the nebari-docker-images repo' - required: true - default: main - type: string - tf-log-level: - description: 'Change Terraform log levels' - required: false - default: info - type: choice - options: - - info - - warn - - debug - - trace - - error - -env: - NEBARI_GH_BRANCH: ${{ github.event.inputs.branch || 'main' }} - NEBARI_IMAGE_TAG: ${{ github.event.inputs.image-tag || 'main' }} - TF_LOG: ${{ github.event.inputs.tf-log-level || 'info' }} - -jobs: - test-gcp-integration: - runs-on: ubuntu-latest - if: ${{ vars.SKIP_GCP_INTEGRATION_TEST != 'true' }} - permissions: - id-token: write - contents: read - pull-requests: write - steps: - - name: Checkout - uses: actions/checkout@v4 - with: - ref: ${{ env.NEBARI_GH_BRANCH }} - fetch-depth: 0 - - - name: Set up Python - uses: actions/setup-python@v5 - with: - python-version: 3.11 - - - name: Install Nebari - run: | - pip install .[dev] - playwright install - - - name: Retrieve secret from Vault - uses: hashicorp/vault-action@v3.0.0 - with: - method: jwt - url: "https://quansight-vault-public-vault-b2379fa7.d415e30e.z1.hashicorp.cloud:8200" - namespace: "admin/quansight" - role: "repository-nebari-dev-nebari-role" - secrets: | - kv/data/repository/nebari-dev/nebari/google_cloud_platform/nebari-dev-ci/github-nebari-dev-repo-ci project_id | PROJECT_ID; - kv/data/repository/nebari-dev/nebari/google_cloud_platform/nebari-dev-ci/github-nebari-dev-repo-ci workload_identity_provider | GCP_WORKFLOW_PROVIDER; - kv/data/repository/nebari-dev/nebari/google_cloud_platform/nebari-dev-ci/github-nebari-dev-repo-ci service_account_name | GCP_SERVICE_ACCOUNT; - kv/data/repository/nebari-dev/nebari/cloudflare/internal-devops@quansight.com/nebari-dev-ci token | CLOUDFLARE_TOKEN; - - - name: 'Authenticate to GCP' - uses: 'google-github-actions/auth@v1' - with: - workload_identity_provider: ${{ env.GCP_WORKFLOW_PROVIDER }} - service_account: ${{ env.GCP_SERVICE_ACCOUNT }} - - - name: Set required environment variables - run: | - echo "GOOGLE_CREDENTIALS=${{ env.GOOGLE_APPLICATION_CREDENTIALS }}" >> $GITHUB_ENV - - - name: Integration Tests - run: | - pytest --version - pytest tests/tests_integration/ -vvv -s --cloud gcp - env: - NEBARI_SECRET__default_images__jupyterhub: "quay.io/nebari/nebari-jupyterhub:${{ env.NEBARI_IMAGE_TAG }}" - NEBARI_SECRET__default_images__jupyterlab: "quay.io/nebari/nebari-jupyterlab:${{ env.NEBARI_IMAGE_TAG }}" - NEBARI_SECRET__default_images__dask_worker: "quay.io/nebari/nebari-dask-worker:${{ env.NEBARI_IMAGE_TAG }}" diff --git a/.github/workflows/test_helm_charts.yaml b/.github/workflows/test_helm_charts.yaml deleted file mode 100644 index 3f0ed8834e..0000000000 --- a/.github/workflows/test_helm_charts.yaml +++ /dev/null @@ -1,50 +0,0 @@ -# Right now the trigger is set to run on every Monday at 13:00 UTC, -# or when the workflow file is modified. An additional manual trigger -# is also available. -name: "Validate Helm Charts downloads" - -on: - schedule: - # Run every Monday at 13:00 UTC - - cron: "0 13 * * 1" - pull_request: - paths: - - ".github/workflows/test_helm_charts.yaml" - - "scripts/helm-validate.py" - push: - paths: - - ".github/workflows/test_helm_charts.yaml" - - "scripts/helm-validate.py" - workflow_dispatch: - -jobs: - test-helm-charts: - name: "Helm Charts Validation" - runs-on: ubuntu-latest - steps: - - name: "Checkout Infrastructure" - uses: actions/checkout@v4 - with: - fetch-depth: 0 - - name: Set up Python - uses: actions/setup-python@v5 - with: - python-version: "3.11" - - name: Install additional Python dependencies - run: | - pip install python-hcl2 - pip install tqdm - - name: Install nebari - run: | - pip install . - - name: Install Helm - run: | - curl -fsSL -o get_helm.sh https://raw.githubusercontent.com/helm/helm/master/scripts/get-helm-3 - chmod 700 get_helm.sh - ./get_helm.sh - - name: Test Helm installation - run: | - helm version - - name: Test Helm Charts - run: | - python scripts/helm-validate.py diff --git a/.github/workflows/trivy.yml b/.github/workflows/trivy.yml deleted file mode 100644 index 8c894653b9..0000000000 --- a/.github/workflows/trivy.yml +++ /dev/null @@ -1,46 +0,0 @@ -# This workflow uses actions that are not certified by GitHub. -# They are provided by a third-party and are governed by -# separate terms of service, privacy policy, and support -# documentation. - -name: Code Scanning - -on: - push: - branches: [ "main", "release/*" ] - pull_request: - # The branches below must be a subset of the branches above - branches: [ "main" ] - schedule: - - cron: '19 23 * * 6' - -permissions: - contents: read - -jobs: - SAST: - permissions: - contents: read # for actions/checkout to fetch code - security-events: write # for github/codeql-action/upload-sarif to upload SARIF results - actions: read # only required for a private repository by github/codeql-action/upload-sarif to get the Action run status - name: Trivy config Scan - runs-on: "ubuntu-20.04" - steps: - - name: Checkout code - uses: actions/checkout@v4 - - - name: Run Trivy vulnerability scanner in fs mode - uses: aquasecurity/trivy-action@master - with: - scan-type: 'config' - hide-progress: true - format: 'sarif' - output: 'trivy-results.sarif' - ignore-unfixed: true - severity: 'CRITICAL,HIGH' - - - name: Upload Trivy scan results to GitHub Security tab - uses: github/codeql-action/upload-sarif@v3 - if: always() - with: - sarif_file: 'trivy-results.sarif' diff --git a/.github/workflows/typing.yaml b/.github/workflows/typing.yaml deleted file mode 100644 index 3ce1bbc78e..0000000000 --- a/.github/workflows/typing.yaml +++ /dev/null @@ -1,45 +0,0 @@ -name: "Typing Check" - -on: - pull_request: - paths: - - ".github/workflows/typing.yaml" - - "src/**" - - "pyproject.toml" - push: - branches: - - main - - release/\d{4}.\d{1,2}.\d{1,2} - paths: - - ".github/workflows/typing.yaml" - - "src/**" - - "pyproject.toml" - -jobs: - typing-check: - runs-on: ubuntu-latest - concurrency: - group: ${{ github.workflow }}-${{ github.head_ref || github.run_id }} - cancel-in-progress: true - steps: - - name: "Checkout Repository" - uses: actions/checkout@v4 - with: - fetch-depth: 0 - - - name: Setup Python - uses: actions/setup-python@v5 - with: - python-version: "3.11" - cache: "pip" - - - name: Install Nebari and type stubs - run: | - python --version - pip install -e .[dev] - pip install types-Pygments types-requests types-six - - - name: Run MyPy - continue-on-error: true - run: | - mypy From 260a364fb8c7482644b1333742b0dfed0e27878c Mon Sep 17 00:00:00 2001 From: Philip Meier Date: Thu, 17 Oct 2024 15:27:40 +0200 Subject: [PATCH 11/37] PR trigger --- .github/workflows/test_local_upgrade.yaml | 19 +++++++++---------- 1 file changed, 9 insertions(+), 10 deletions(-) diff --git a/.github/workflows/test_local_upgrade.yaml b/.github/workflows/test_local_upgrade.yaml index 521e378a9e..bdc0341242 100644 --- a/.github/workflows/test_local_upgrade.yaml +++ b/.github/workflows/test_local_upgrade.yaml @@ -6,17 +6,16 @@ env: NEBARI_IMAGE_TAG: "main" on: - release: - types: - - prereleased - workflow_dispatch: + pull_request: +# release: +# types: +# - prereleased +# workflow_dispatch: -## When the cancel-in-progress: true option is specified, any concurrent jobs or workflows using the same -## concurrency group will cancel both the pending and currently running jobs or workflows. This allows only -## one job or workflow in the concurrency group to be in progress at a time. -#concurrency: -# group: ${{ github.workflow }}-${{ github.head_ref || github.run_id }} -# cancel-in-progress: true + +concurrency: + group: "upgrade" + cancel-in-progress: true jobs: test-local-upgrade: From 4eba99526d1f152c76202556e41467584d1ebf39 Mon Sep 17 00:00:00 2001 From: Philip Meier Date: Thu, 17 Oct 2024 16:19:07 +0200 Subject: [PATCH 12/37] use previous defaults --- .github/workflows/test_local_upgrade.yaml | 3 --- 1 file changed, 3 deletions(-) diff --git a/.github/workflows/test_local_upgrade.yaml b/.github/workflows/test_local_upgrade.yaml index bdc0341242..4ed0cc8a62 100644 --- a/.github/workflows/test_local_upgrade.yaml +++ b/.github/workflows/test_local_upgrade.yaml @@ -43,9 +43,6 @@ jobs: - name: Initialize local deployment uses: ./.github/actions/init-local - with: - project: upgradetest - domain: upgradetest.nebari.dev - name: Deploy Nebari working-directory: local-deployment From d1f89fafee2e2e07d69f8c635f9dc6088a62d6f5 Mon Sep 17 00:00:00 2001 From: Philip Meier Date: Fri, 18 Oct 2024 11:26:00 +0200 Subject: [PATCH 13/37] progress --- .github/actions/health-check/action.yml | 23 +++++ .github/actions/init-local/action.yml | 80 ++++++++++------- .github/actions/setup-local/action.yml | 30 +++++++ .github/workflows/test_local_integration.yaml | 89 ++++--------------- .github/workflows/test_local_upgrade.yaml | 61 ++++++------- 5 files changed, 149 insertions(+), 134 deletions(-) create mode 100644 .github/actions/health-check/action.yml create mode 100644 .github/actions/setup-local/action.yml diff --git a/.github/actions/health-check/action.yml b/.github/actions/health-check/action.yml new file mode 100644 index 0000000000..400e5ca268 --- /dev/null +++ b/.github/actions/health-check/action.yml @@ -0,0 +1,23 @@ +name: health-check +description: "Check health of Nebari deployment" + +inputs: + domain: + description: Domain name + required: true + +runs: + using: composite + + steps: + - name: Basic kubectl checks after deployment + shell: bash + run: kubectl get all,cm,secret,pv,pvc,ing -A + + - name: Check if domain resolves + shell: bash + run: nslookup ${{ inputs.domain }} + + - name: Curl jupyterhub login page + shell: bash + run: curl --insecure --show-headers 'https://${{ inputs.domain }}/hub/home' diff --git a/.github/actions/init-local/action.yml b/.github/actions/init-local/action.yml index 1e7a5c68dd..06c5ce518d 100644 --- a/.github/actions/init-local/action.yml +++ b/.github/actions/init-local/action.yml @@ -1,51 +1,64 @@ name: init-local -description: "Publish information from a template" +description: "Initialize Nebari config for local deployment" inputs: - project: - description: TBD + directory: + description: "Path to directory to initialize in" required: false - default: thisisatest + default: './local-deployment' + +outputs: + directory: + description: "Path to config directory" + value: ${{ steps.metadata.outputs.directory }} + config: + description: "Path to Nebari config" + value: ${{ steps.metadata.outputs.config }} + project: + description: "Project name" + value: ${{ inputs.domain }} domain: - description: TBD - required: false - default: github-actions.nebari.dev + description: "Domain name" + value: ${{ inputs.domain }} runs: using: composite steps: - - uses: azure/setup-kubectl@v4.0.0 - with: - version: v1.19.16 - - - name: Enable docker permissions for user - shell: bash + - shell: bash + id: metadata run: | - sudo docker ps - sudo usermod -aG docker $USER && newgrp docker + # Setup metadata + DIRECTORY=$(realpath '${{ inputs.directory }}') + mkdir --parents "${DIRECTORY}" + echo "directory=${DIRECTORY}" | tee --append "${GITHUB_OUTPUT}" - docker info - docker ps + CONFIG="${DIRECTORY}/nebari-config.yaml" + echo "config=${CONFIG}" | tee --append "${GITHUB_OUTPUT}" - - name: Get routing table for docker pods - shell: bash - run: | - ip route + PROJECT='github-actions' + echo "project=${PROJECT}" | tee --append "${GITHUB_OUTPUT}" + + # This domain has a DNS entry that points back to a local IP, i.e. 172.X.X.X. + DOMAIN='github-actions.nebari.dev' + echo "domain=${DOMAIN}" | tee --append "${GITHUB_OUTPUT}" - - name: Initialize Nebari Cloud - shell: bash -l {0} + - shell: bash -l {0} + id: init + working-directory: ${{ steps.metadata.outputs.directory }} run: | - mkdir -p local-deployment - cd local-deployment - nebari init local --project=${{ inputs.project }} --domain=${{ inputs.domain }} --auth-provider=password + nebari init local \ + --project-name '${{ steps.metadata.outputs.project }}' \ + --domain-name '${{ steps.metadata.outputs.domain }}' \ + --auth-provider password \ + --output '${{ steps.metadata.outputs.config }}' - # Need smaller profiles on Local Kind - sed -i -E 's/(cpu_guarantee):\s+[0-9\.]+/\1: 0.25/g' "nebari-config.yaml" - sed -i -E 's/(mem_guarantee):\s+[A-Za-z0-9\.]+/\1: 0.25G/g' "nebari-config.yaml" + - shell: bash + run: | + # Update nebari config for CI # Change default JupyterLab theme - cat >> nebari-config.yaml <<- EOM + cat >> '${{ steps.metadata.outputs.config }}' <<- EOM jupyterlab: default_settings: "@jupyterlab/apputils-extension:themes": @@ -53,7 +66,7 @@ runs: EOM # Change default value for minio persistence size - cat >> nebari-config.yaml <<- EOM + cat >> '${{ steps.metadata.outputs.config }}' <<- EOM monitoring: enabled: true overrides: @@ -62,4 +75,7 @@ runs: size: 1Gi EOM - cat nebari-config.yaml + - shell: bash + run: | + # Display Nebari config + cat '${{ steps.metadata.outputs.config }}' diff --git a/.github/actions/setup-local/action.yml b/.github/actions/setup-local/action.yml new file mode 100644 index 0000000000..87a12f45da --- /dev/null +++ b/.github/actions/setup-local/action.yml @@ -0,0 +1,30 @@ +name: setup-local +description: "Setup runner for local deployment" + +inputs: + kubectl-version: + description: "Version of kubectl to install" + required: false + default: "1.19.16" + +runs: + using: composite + + steps: + - uses: azure/setup-kubectl@v4 + with: + version: v${{ inputs.kubectl-version }} + + - shell: bash + run: | + # Enable docker permissions for user + sudo docker ps + sudo usermod -aG docker $USER && newgrp docker + + docker info + docker ps + + - shell: bash + run: | + # Get routing table for docker pods + ip route diff --git a/.github/workflows/test_local_integration.yaml b/.github/workflows/test_local_integration.yaml index ea547ede8c..208f280bc8 100644 --- a/.github/workflows/test_local_integration.yaml +++ b/.github/workflows/test_local_integration.yaml @@ -53,6 +53,9 @@ jobs: with: fetch-depth: 0 + - name: Setup runner for local deployment + uses: ./.github/actions/setup-local + - name: Checkout the branch from the PR that triggered the job if: ${{ github.event_name == 'issue_comment' }} run: | @@ -75,82 +78,29 @@ jobs: pip install .[dev] playwright install - - uses: azure/setup-kubectl@v4.0.0 - with: - version: v1.19.16 - - - name: Enable docker permissions for user - run: | - sudo docker ps - sudo usermod -aG docker $USER && newgrp docker - - docker info - docker ps - - - name: Get routing table for docker pods - run: | - ip route - - - name: Initialize Nebari Cloud - run: | - mkdir -p local-deployment - cd local-deployment - nebari init local --project=thisisatest --domain github-actions.nebari.dev --auth-provider=password - - # Need smaller profiles on Local Kind - sed -i -E 's/(cpu_guarantee):\s+[0-9\.]+/\1: 0.25/g' "nebari-config.yaml" - sed -i -E 's/(mem_guarantee):\s+[A-Za-z0-9\.]+/\1: 0.25G/g' "nebari-config.yaml" - - # Change default JupyterLab theme - cat >> nebari-config.yaml <<- EOM - jupyterlab: - default_settings: - "@jupyterlab/apputils-extension:themes": - theme: JupyterLab Dark - EOM - - # Change default value for minio persistence size - cat >> nebari-config.yaml <<- EOM - monitoring: - enabled: true - overrides: - minio: - persistence: - size: 1Gi - EOM - - cat nebari-config.yaml + - name: Initialize Nebari config for local deployment + id: local + uses: ./.github/actions/init-local - name: Deploy Nebari - working-directory: local-deployment - run: | - nebari deploy --config nebari-config.yaml --disable-prompt + working-directory: ${{ steps.local.outputs.directory }} + run: nebari deploy --config ${{ steps.nebari.outputs.config }} --disable-prompt - - name: Basic kubectl checks after deployment - if: always() - run: | - kubectl get all,cm,secret,pv,pvc,ing -A - - - name: Check github-actions.nebari.dev resolves - run: | - nslookup github-actions.nebari.dev - - - name: Curl jupyterhub login page - run: | - curl -k https://github-actions.nebari.dev/hub/home -i + - name: Health check + uses: ./.github/actions/health-check + with: + domain: ${{ steps.nebari.outputs.domain }} - name: Create example-user - working-directory: local-deployment + working-directory: ${{ steps.local.outputs.directory }} run: | - nebari keycloak adduser --user "${TEST_USERNAME}" "${TEST_PASSWORD}" --config nebari-config.yaml - nebari keycloak listusers --config nebari-config.yaml - - - name: Get nebari-config.yaml full path - run: echo "NEBARI_CONFIG_PATH=`realpath ./local-deployment/nebari-config.yaml`" >> "$GITHUB_ENV" + nebari keycloak adduser --user "${TEST_USERNAME}" "${TEST_PASSWORD}" --config ${{ steps.nebari.outputs.config }} + nebari keycloak listusers --config ${{ steps.nebari.outputs.config }} ### DEPLOYMENT TESTS - name: Deployment Pytests env: + NEBARI_CONFIG_PATH: ${{ steps.local.outputs.config }} KEYCLOAK_USERNAME: ${{ env.TEST_USERNAME }} KEYCLOAK_PASSWORD: ${{ env.TEST_PASSWORD }} run: | @@ -165,7 +115,7 @@ jobs: env: KEYCLOAK_USERNAME: ${{ env.TEST_USERNAME }} KEYCLOAK_PASSWORD: ${{ env.TEST_PASSWORD }} - NEBARI_FULL_URL: https://github-actions.nebari.dev/ + NEBARI_FULL_URL: "https://${{ steps.nebari.outputs.domain }}" working-directory: tests/tests_e2e/playwright run: | # create environment file @@ -187,6 +137,5 @@ jobs: # in the CI, it makes sense to only run on merge to main or workflow_dispatch to speed # up feedback cycle if: github.ref_name == 'main' || github.event_name == 'workflow_dispatch' - working-directory: local-deployment - run: | - nebari destroy --config nebari-config.yaml --disable-prompt + working-directory: ${{ steps.local.outputs.directory }} + run: nebari destroy --config ${{ steps.local.outputs.config }} --disable-prompt diff --git a/.github/workflows/test_local_upgrade.yaml b/.github/workflows/test_local_upgrade.yaml index 4ed0cc8a62..7c7b8f425c 100644 --- a/.github/workflows/test_local_upgrade.yaml +++ b/.github/workflows/test_local_upgrade.yaml @@ -1,10 +1,5 @@ name: "Local Upgrade Tests" -env: - TEST_USERNAME: "test-user" - TEST_PASSWORD: "P@sswo3d" - NEBARI_IMAGE_TAG: "main" - on: pull_request: # release: @@ -17,6 +12,9 @@ concurrency: group: "upgrade" cancel-in-progress: true +env: + NEBARI_IMAGE_TAG: "main" + jobs: test-local-upgrade: runs-on: "cirun-runner--${{ github.run_id }}" @@ -24,12 +22,15 @@ jobs: run: shell: bash -l {0} steps: - - name: "Checkout Infrastructure" - uses: actions/checkout@main + - name: Checkout repository + uses: actions/checkout@v4 with: fetch-depth: 0 - - name: Set up Python + - name: Setup runner for local deployment + uses: ./.github/actions/setup-local + + - name: Setup Python uses: conda-incubator/setup-miniconda@v3 env: CONDA: /home/runnerx/miniconda3 @@ -38,35 +39,31 @@ jobs: python-version: "3.11" miniconda-version: "latest" - - name: Install Nebari - run: pip install . + - name: Install latest stable Nebari release + run: pip install nebari - - name: Initialize local deployment + - name: Initialize Nebari config for local deployment + id: local uses: ./.github/actions/init-local - name: Deploy Nebari - working-directory: local-deployment - run: | - nebari deploy --config nebari-config.yaml --disable-prompt - - - name: Basic kubectl checks after deployment - if: always() - run: | - kubectl get all,cm,secret,pv,pvc,ing -A + working-directory: ${{ steps.local.outputs.directory }} + run: nebari deploy --config ${{ steps.nebari.outputs.config }} --disable-prompt - - name: Check github-actions.nebari.dev resolves - run: | - nslookup github-actions.nebari.dev + - name: Health check before upgrade + id: health-check-before + uses: ./.github/actions/health-check + with: + domain: ${{ steps.nebari.outputs.domain }} - - name: Curl jupyterhub login page - run: | - curl -k https://github-actions.nebari.dev/hub/home -i + - name: Install current Nebari + run: pip install --upgrade . - - name: Create example-user - working-directory: local-deployment - run: | - nebari keycloak adduser --user "${TEST_USERNAME}" "${TEST_PASSWORD}" --config nebari-config.yaml - nebari keycloak listusers --config nebari-config.yaml + - name: Upgrade Nebari config + run: nebari upgrade --config ${{ steps.local.outputs.config }} --attempt-fixes - - name: Get nebari-config.yaml full path - run: echo "NEBARI_CONFIG_PATH=`realpath ./local-deployment/nebari-config.yaml`" >> "$GITHUB_ENV" + - name: Health check after upgrade + id: health-check-after + uses: ./.github/actions/health-check + with: + domain: ${{ steps.nebari.outputs.domain }} From cf9e69c6a8e3914ab38c293b480708be9748498c Mon Sep 17 00:00:00 2001 From: Philip Meier Date: Fri, 18 Oct 2024 11:55:23 +0200 Subject: [PATCH 14/37] fix step ids --- .github/workflows/test_local_integration.yaml | 22 +++++++++---------- .github/workflows/test_local_upgrade.yaml | 12 +++++----- 2 files changed, 17 insertions(+), 17 deletions(-) diff --git a/.github/workflows/test_local_integration.yaml b/.github/workflows/test_local_integration.yaml index 208f280bc8..6cf9f9b0e1 100644 --- a/.github/workflows/test_local_integration.yaml +++ b/.github/workflows/test_local_integration.yaml @@ -79,28 +79,28 @@ jobs: playwright install - name: Initialize Nebari config for local deployment - id: local + id: init uses: ./.github/actions/init-local - name: Deploy Nebari - working-directory: ${{ steps.local.outputs.directory }} - run: nebari deploy --config ${{ steps.nebari.outputs.config }} --disable-prompt + working-directory: ${{ steps.init.outputs.directory }} + run: nebari deploy --config ${{ steps.init.outputs.config }} --disable-prompt - name: Health check uses: ./.github/actions/health-check with: - domain: ${{ steps.nebari.outputs.domain }} + domain: ${{ steps.init.outputs.domain }} - name: Create example-user - working-directory: ${{ steps.local.outputs.directory }} + working-directory: ${{ steps.init.outputs.directory }} run: | - nebari keycloak adduser --user "${TEST_USERNAME}" "${TEST_PASSWORD}" --config ${{ steps.nebari.outputs.config }} - nebari keycloak listusers --config ${{ steps.nebari.outputs.config }} + nebari keycloak adduser --user "${TEST_USERNAME}" "${TEST_PASSWORD}" --config ${{ steps.init.outputs.config }} + nebari keycloak listusers --config ${{ steps.init.outputs.config }} ### DEPLOYMENT TESTS - name: Deployment Pytests env: - NEBARI_CONFIG_PATH: ${{ steps.local.outputs.config }} + NEBARI_CONFIG_PATH: ${{ steps.init.outputs.config }} KEYCLOAK_USERNAME: ${{ env.TEST_USERNAME }} KEYCLOAK_PASSWORD: ${{ env.TEST_PASSWORD }} run: | @@ -115,7 +115,7 @@ jobs: env: KEYCLOAK_USERNAME: ${{ env.TEST_USERNAME }} KEYCLOAK_PASSWORD: ${{ env.TEST_PASSWORD }} - NEBARI_FULL_URL: "https://${{ steps.nebari.outputs.domain }}" + NEBARI_FULL_URL: "https://${{ steps.init.outputs.domain }}" working-directory: tests/tests_e2e/playwright run: | # create environment file @@ -137,5 +137,5 @@ jobs: # in the CI, it makes sense to only run on merge to main or workflow_dispatch to speed # up feedback cycle if: github.ref_name == 'main' || github.event_name == 'workflow_dispatch' - working-directory: ${{ steps.local.outputs.directory }} - run: nebari destroy --config ${{ steps.local.outputs.config }} --disable-prompt + working-directory: ${{ steps.init.outputs.directory }} + run: nebari destroy --config ${{ steps.init.outputs.config }} --disable-prompt diff --git a/.github/workflows/test_local_upgrade.yaml b/.github/workflows/test_local_upgrade.yaml index 7c7b8f425c..7503b37558 100644 --- a/.github/workflows/test_local_upgrade.yaml +++ b/.github/workflows/test_local_upgrade.yaml @@ -43,27 +43,27 @@ jobs: run: pip install nebari - name: Initialize Nebari config for local deployment - id: local + id: init uses: ./.github/actions/init-local - name: Deploy Nebari - working-directory: ${{ steps.local.outputs.directory }} - run: nebari deploy --config ${{ steps.nebari.outputs.config }} --disable-prompt + working-directory: ${{ steps.init.outputs.directory }} + run: nebari deploy --config ${{ steps.init.outputs.config }} --disable-prompt - name: Health check before upgrade id: health-check-before uses: ./.github/actions/health-check with: - domain: ${{ steps.nebari.outputs.domain }} + domain: ${{ steps.init.outputs.domain }} - name: Install current Nebari run: pip install --upgrade . - name: Upgrade Nebari config - run: nebari upgrade --config ${{ steps.local.outputs.config }} --attempt-fixes + run: nebari upgrade --config ${{ steps.init.outputs.config }} --attempt-fixes - name: Health check after upgrade id: health-check-after uses: ./.github/actions/health-check with: - domain: ${{ steps.nebari.outputs.domain }} + domain: ${{ steps.init.outputs.domain }} From 8e8091be9e7f1744d631c0d6a586ca1cfddf49f2 Mon Sep 17 00:00:00 2001 From: Philip Meier Date: Fri, 18 Oct 2024 12:23:21 +0200 Subject: [PATCH 15/37] fix outputs --- .github/actions/init-local/action.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/actions/init-local/action.yml b/.github/actions/init-local/action.yml index 06c5ce518d..633bc9c361 100644 --- a/.github/actions/init-local/action.yml +++ b/.github/actions/init-local/action.yml @@ -16,10 +16,10 @@ outputs: value: ${{ steps.metadata.outputs.config }} project: description: "Project name" - value: ${{ inputs.domain }} + value: ${{ steps.metadata.outputs.project }} domain: description: "Domain name" - value: ${{ inputs.domain }} + value: ${{ steps.metadata.outputs.domain }} runs: using: composite From f6a7d9206318c8e28eae2331d6c562dbdcbae358 Mon Sep 17 00:00:00 2001 From: Philip Meier Date: Fri, 18 Oct 2024 13:45:07 +0200 Subject: [PATCH 16/37] use old --show-headers flag --- .github/actions/health-check/action.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/actions/health-check/action.yml b/.github/actions/health-check/action.yml index 400e5ca268..58c04c4420 100644 --- a/.github/actions/health-check/action.yml +++ b/.github/actions/health-check/action.yml @@ -20,4 +20,4 @@ runs: - name: Curl jupyterhub login page shell: bash - run: curl --insecure --show-headers 'https://${{ inputs.domain }}/hub/home' + run: curl --insecure --include 'https://${{ inputs.domain }}/hub/home' From 0456ecf536e70ceb7b1e17b7c4af305e4c4c6b66 Mon Sep 17 00:00:00 2001 From: Philip Meier Date: Fri, 18 Oct 2024 14:09:03 +0200 Subject: [PATCH 17/37] add diff and redeploy --- .github/workflows/test_local_upgrade.yaml | 9 ++++++++- 1 file changed, 8 insertions(+), 1 deletion(-) diff --git a/.github/workflows/test_local_upgrade.yaml b/.github/workflows/test_local_upgrade.yaml index 7503b37558..bd88d13245 100644 --- a/.github/workflows/test_local_upgrade.yaml +++ b/.github/workflows/test_local_upgrade.yaml @@ -60,7 +60,14 @@ jobs: run: pip install --upgrade . - name: Upgrade Nebari config - run: nebari upgrade --config ${{ steps.init.outputs.config }} --attempt-fixes + run: | + git add --force ${{ steps.init.outputs.config }} + nebari upgrade --config ${{ steps.init.outputs.config }} --attempt-fixes + git diff + + - name: Redeploy Nebari + working-directory: ${{ steps.init.outputs.directory }} + run: nebari deploy --config ${{ steps.init.outputs.config }} --disable-prompt - name: Health check after upgrade id: health-check-after From e91a19d64c9ece8c43ea6db81d8ecca7af53a634 Mon Sep 17 00:00:00 2001 From: Philip Meier Date: Fri, 18 Oct 2024 14:11:26 +0200 Subject: [PATCH 18/37] fix URL for playwright tests --- .github/workflows/test_local_integration.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/test_local_integration.yaml b/.github/workflows/test_local_integration.yaml index 6cf9f9b0e1..64509142cc 100644 --- a/.github/workflows/test_local_integration.yaml +++ b/.github/workflows/test_local_integration.yaml @@ -115,7 +115,7 @@ jobs: env: KEYCLOAK_USERNAME: ${{ env.TEST_USERNAME }} KEYCLOAK_PASSWORD: ${{ env.TEST_PASSWORD }} - NEBARI_FULL_URL: "https://${{ steps.init.outputs.domain }}" + NEBARI_FULL_URL: "https://${{ steps.init.outputs.domain }}/" working-directory: tests/tests_e2e/playwright run: | # create environment file From 50580849f14c8d701b3c3652eab456fc74553025 Mon Sep 17 00:00:00 2001 From: Philip Meier Date: Fri, 18 Oct 2024 15:06:54 +0200 Subject: [PATCH 19/37] add validation --- .github/workflows/test_local_upgrade.yaml | 1 + 1 file changed, 1 insertion(+) diff --git a/.github/workflows/test_local_upgrade.yaml b/.github/workflows/test_local_upgrade.yaml index bd88d13245..c2f7757f78 100644 --- a/.github/workflows/test_local_upgrade.yaml +++ b/.github/workflows/test_local_upgrade.yaml @@ -63,6 +63,7 @@ jobs: run: | git add --force ${{ steps.init.outputs.config }} nebari upgrade --config ${{ steps.init.outputs.config }} --attempt-fixes + nebari validate --config ${{ steps.init.outputs.config }} git diff - name: Redeploy Nebari From 3c766fa99b789e24a9e5c6ca0a48562070d57a63 Mon Sep 17 00:00:00 2001 From: Philip Meier Date: Fri, 18 Oct 2024 16:26:29 +0200 Subject: [PATCH 20/37] add manual upgrade logic --- .github/workflows/test_local_upgrade.yaml | 15 ++++++++++++++- 1 file changed, 14 insertions(+), 1 deletion(-) diff --git a/.github/workflows/test_local_upgrade.yaml b/.github/workflows/test_local_upgrade.yaml index c2f7757f78..2b2da8245d 100644 --- a/.github/workflows/test_local_upgrade.yaml +++ b/.github/workflows/test_local_upgrade.yaml @@ -46,6 +46,11 @@ jobs: id: init uses: ./.github/actions/init-local + - name: Extract old Nebari version + run: | + OLD_NEBARI_VERSION=$(grep 'nebari_version: ' ${{ steps.init.outputs.config }} | sed 's/nebari_version: //') + echo "OLD_NEBARI_VERSION=${OLD_NEBARI_VERSION}" | tee --append "${GITHUB_ENV}" + - name: Deploy Nebari working-directory: ${{ steps.init.outputs.directory }} run: nebari deploy --config ${{ steps.init.outputs.config }} --disable-prompt @@ -63,8 +68,16 @@ jobs: run: | git add --force ${{ steps.init.outputs.config }} nebari upgrade --config ${{ steps.init.outputs.config }} --attempt-fixes - nebari validate --config ${{ steps.init.outputs.config }} git diff + nebari validate --config ${{ steps.init.outputs.config }} + + - name: Upgrade TF state + run: | + NEW_NEBARI_VERSION=$(grep 'nebari_version: ' ${{ steps.init.outputs.config }} | sed 's/nebari_version: //') + + sed \ + "s/\"nebari_version\": \"${OLD_NEBARI_VERSION}\"/\"nebari_version\": \"${NEW_NEBARI_VERSION}\"/" \ + -i ${{ steps.init.outputs.directory }}/stages/01-terraform-state/local/terraform.tfstate - name: Redeploy Nebari working-directory: ${{ steps.init.outputs.directory }} From 2441895faa555239386859865fd956c16df23c69 Mon Sep 17 00:00:00 2001 From: Philip Meier Date: Fri, 18 Oct 2024 16:27:29 +0200 Subject: [PATCH 21/37] readd other workflows --- .github/workflows/generate_cli_doc.yml | 76 +++++++++ .github/workflows/release-notes-sync.yaml | 21 +++ .github/workflows/release.yaml | 77 +++++++++ .github/workflows/run-precommit.yaml | 35 ++++ .github/workflows/test-provider.yaml | 154 ++++++++++++++++++ .github/workflows/test.yaml | 68 ++++++++ .github/workflows/test_aws_integration.yaml | 86 ++++++++++ .github/workflows/test_azure_integration.yaml | 92 +++++++++++ .github/workflows/test_conda_build.yaml | 58 +++++++ .github/workflows/test_gcp_integration.yaml | 90 ++++++++++ .github/workflows/test_helm_charts.yaml | 50 ++++++ .github/workflows/trivy.yml | 46 ++++++ .github/workflows/typing.yaml | 45 +++++ 13 files changed, 898 insertions(+) create mode 100644 .github/workflows/generate_cli_doc.yml create mode 100644 .github/workflows/release-notes-sync.yaml create mode 100644 .github/workflows/release.yaml create mode 100644 .github/workflows/run-precommit.yaml create mode 100644 .github/workflows/test-provider.yaml create mode 100644 .github/workflows/test.yaml create mode 100644 .github/workflows/test_aws_integration.yaml create mode 100644 .github/workflows/test_azure_integration.yaml create mode 100644 .github/workflows/test_conda_build.yaml create mode 100644 .github/workflows/test_gcp_integration.yaml create mode 100644 .github/workflows/test_helm_charts.yaml create mode 100644 .github/workflows/trivy.yml create mode 100644 .github/workflows/typing.yaml diff --git a/.github/workflows/generate_cli_doc.yml b/.github/workflows/generate_cli_doc.yml new file mode 100644 index 0000000000..bc9aa6c4d5 --- /dev/null +++ b/.github/workflows/generate_cli_doc.yml @@ -0,0 +1,76 @@ +name: Update API docs + +on: + pull_request: + paths: + - "src/_nebari/subcommands/**" + - "src/_nebari/cli.py" + push: + branches: + - main + paths: + - "src/_nebari/subcommands/**" + - "src/_nebari/cli.py" + workflow_dispatch: + +jobs: + update_api: + permissions: + contents: write + pull-requests: write + runs-on: ubuntu-latest + defaults: + run: + shell: bash -l {0} + working-directory: ./docs-sphinx + steps: + - name: Check out repository πŸ›ŽοΈ + uses: actions/checkout@v4 + + - name: Set up Python + uses: actions/setup-python@v5 + with: + python-version: "3.10" + + - name: Install nebari and docs dependencies + run: | + python -m pip install --upgrade pip + pip install -e "../[docs]" + + - name: Generate new API docs + run: | + make html + + - name: Copy cli doc + run: | + cp _build/html/cli.html cli.html + + - name: Look for changes to generated docs + uses: tj-actions/verify-changed-files@v12 + id: verify-changed-files + with: + files: | + docs-sphinx/cli.html + + - name: Create Pull Request in code repo + id: create_pull_request + uses: peter-evans/create-pull-request@v4 + if: steps.verify-changed-files.outputs.files_changed == 'true' && github.event_name != 'pull_request' + with: + token: ${{ secrets.NEBARI_SENSEI_API_DOCS_PR_OPENER }} + commit-message: Update api docs + committer: GitHub + author: ${{ github.actor }} <${{ github.actor }}@users.noreply.github.com> + signoff: false + branch: auto_cli_doc_update + delete-branch: true + title: '[AUTO] Update CLI doc' + body: | + Update CLI doc + - Auto-generated by [create-pull-request][1] + + [1]: https://github.com/peter-evans/create-pull-request + labels: | + "area: documentation πŸ“–" + draft: false + base: ${{ github.head_ref }} diff --git a/.github/workflows/release-notes-sync.yaml b/.github/workflows/release-notes-sync.yaml new file mode 100644 index 0000000000..6e918fea26 --- /dev/null +++ b/.github/workflows/release-notes-sync.yaml @@ -0,0 +1,21 @@ +name: Sync release notes with nebari.dev/docs + +on: + release: + types: [created] + workflow_dispatch: + +jobs: + sync: + runs-on: ubuntu-latest + steps: + - name: Checkout Repository + uses: actions/checkout@master + - name: Run Release File Sync ♻️ + uses: BetaHuhn/repo-file-sync-action@v1 + with: + GH_PAT: ${{ secrets.NEBARI_SENSEI_API_DOCS_PR_OPENER }} + CONFIG_PATH: .github/release-notes-sync-config.yaml + COMMIT_BODY: "MAINT - Sync release notes :robot:" + PR_LABELS: | + type: file sync ♻️ diff --git a/.github/workflows/release.yaml b/.github/workflows/release.yaml new file mode 100644 index 0000000000..771999f51d --- /dev/null +++ b/.github/workflows/release.yaml @@ -0,0 +1,77 @@ +name: Test & Publish PyPi release + +on: + release: + types: [created] + +jobs: + test-pypi: + name: Test PyPi release + runs-on: ubuntu-latest + permissions: + id-token: write # IMPORTANT: this permission is mandatory for trusted publishing + steps: + - name: Set up python + uses: actions/setup-python@v5 + with: + python-version: "3.10" + + - name: Upgrade pip + run: python -m pip install --upgrade pip build + + - name: Checkout repository + uses: actions/checkout@v4 + with: + fetch-depth: 0 + + - name: Create tag + # if present, remove leading `v` + run: | + echo "NEBARI_TAG=$(git describe --tags | sed 's/^v//')" >> $GITHUB_ENV + echo ${{ env.NEBARI_TAG }} + + - name: Build source and binary + run: python -m build --sdist --wheel . + + - name: Publish to test PyPI + uses: pypa/gh-action-pypi-publish@release/v1 + with: + repository-url: https://test.pypi.org/legacy/ + + - name: Sleep + run: sleep 120 + + - name: Test install from Test PyPI + run: | + pip install \ + --index-url https://test.pypi.org/simple/ \ + --extra-index-url https://pypi.org/simple \ + nebari==${{ env.NEBARI_TAG }} + + release-pypi: + name: Publish Nebari on PyPi + runs-on: ubuntu-latest + needs: test-pypi + permissions: + id-token: write + contents: read + + steps: + - name: Set up python + uses: actions/setup-python@v5 + with: + python-version: "3.10" + + - name: Upgrade pip + run: python -m pip install --upgrade pip build + + - name: Checkout repository + uses: actions/checkout@v4 + with: + fetch-depth: 0 + + - name: Build source and binary + run: python -m build --sdist --wheel . + + - name: Publish package + uses: pypa/gh-action-pypi-publish@release/v1 diff --git a/.github/workflows/run-precommit.yaml b/.github/workflows/run-precommit.yaml new file mode 100644 index 0000000000..6a79e0da1a --- /dev/null +++ b/.github/workflows/run-precommit.yaml @@ -0,0 +1,35 @@ +name: Run pre-commit + +on: + push: + branches: + - main + - release/\d{4}.\d{1,2}.\d{1,2} + pull_request: + +jobs: + pre-commit: + if: github.event.pull_request.merged == false + runs-on: ubuntu-latest + defaults: + run: + shell: bash -l {0} + steps: + - name: Checkout repository πŸ”” + uses: actions/checkout@v4.1.1 + + - name: Setup python + uses: actions/setup-python@v5 + with: + python-version: '3.x' + + - name: Setup terraform + uses: hashicorp/setup-terraform@v3 + with: + terraform_version: "1.5.7" + + + - name: Run terraform pre-commit ⚑️ + uses: pre-commit/action@v3.0.1 + with: + extra_args: --all-files terraform_fmt diff --git a/.github/workflows/test-provider.yaml b/.github/workflows/test-provider.yaml new file mode 100644 index 0000000000..fef1254495 --- /dev/null +++ b/.github/workflows/test-provider.yaml @@ -0,0 +1,154 @@ +# This is only workflow that requires cloud credentials and therefore will not run on PRs coming from forks. +name: "Test Nebari Provider" + +on: + schedule: + - cron: "0 3 * * *" + pull_request: + paths: + - ".github/workflows/test-provider.yaml" + - ".github/failed-workflow-issue-templates/test-provider.md" + - ".github/actions/publish-from-template" + - "tests/**" + - "scripts/**" + - "src/**" + - "pyproject.toml" + push: + branches: + - main + - release/\d{4}.\d{1,2}.\d{1,2} + paths: + - ".github/workflows/test-provider.yaml" + - "tests/**" + - "scripts/**" + - "src/**" + - "pyproject.toml" + workflow_call: + inputs: + pr_number: + required: true + type: string + +jobs: + test-render-providers: + # Prevents the execution of this test under the following conditions: + # 1. When the 'NO_PROVIDER_CREDENTIALS' GitHub variable is set, indicating the absence of provider credentials. + # 2. For pull requests (PRs) originating from a fork, since GitHub does not provide the fork's credentials to the destination repository. + # ref. https://github.com/nebari-dev/nebari/issues/2379 + if: | + vars.NO_PROVIDER_CREDENTIALS == '' && + (github.event.pull_request.head.repo.full_name == github.repository || github.event_name != 'pull_request') + name: "Test Nebari Provider" + runs-on: ubuntu-latest + permissions: + id-token: write + contents: read + pull-requests: write + strategy: + matrix: + provider: + - aws + - azure + - do + - gcp + - local + - existing + cicd: + - none + - github-actions + - gitlab-ci + fail-fast: false + steps: + - name: "Checkout Infrastructure" + uses: actions/checkout@v4 + + - name: Checkout the branch from the PR that triggered the job + if: ${{ github.event_name == 'issue_comment' }} + run: hub pr checkout ${{ inputs.pr_number }} + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + + - name: Set up Python + uses: actions/setup-python@v5 + with: + python-version: "3.11" + + - name: Retrieve secret from Vault + uses: hashicorp/vault-action@v3.0.0 + with: + method: jwt + url: "https://quansight-vault-public-vault-b2379fa7.d415e30e.z1.hashicorp.cloud:8200" + namespace: "admin/quansight" + role: "repository-nebari-dev-nebari-role" + secrets: | + kv/data/repository/nebari-dev/nebari/amazon_web_services/nebari-dev-ci role_name | AWS_ROLE_ARN; + kv/data/repository/nebari-dev/nebari/google_cloud_platform/nebari-dev-ci/github-nebari-dev-repo-ci project_id | PROJECT_ID; + kv/data/repository/nebari-dev/nebari/google_cloud_platform/nebari-dev-ci/github-nebari-dev-repo-ci workload_identity_provider | GCP_WORKFLOW_PROVIDER; + kv/data/repository/nebari-dev/nebari/google_cloud_platform/nebari-dev-ci/github-nebari-dev-repo-ci service_account_name | GCP_SERVICE_ACCOUNT; + kv/data/repository/nebari-dev/nebari/azure/nebari-dev-ci/github-nebari-dev-repo-ci client_id | ARM_CLIENT_ID; + kv/data/repository/nebari-dev/nebari/azure/nebari-dev-ci/github-nebari-dev-repo-ci tenant_id | ARM_TENANT_ID; + kv/data/repository/nebari-dev/nebari/azure/nebari-dev-ci/github-nebari-dev-repo-ci subscription_id | ARM_SUBSCRIPTION_ID; + kv/data/repository/nebari-dev/nebari/shared_secrets DIGITALOCEAN_TOKEN | DIGITALOCEAN_TOKEN; + kv/data/repository/nebari-dev/nebari/shared_secrets SPACES_ACCESS_KEY_ID | SPACES_ACCESS_KEY_ID; + kv/data/repository/nebari-dev/nebari/shared_secrets SPACES_SECRET_ACCESS_KEY | SPACES_SECRET_ACCESS_KEY; + + - name: 'Authenticate to GCP' + if: ${{ matrix.provider == 'gcp' }} + uses: 'google-github-actions/auth@v1' + with: + token_format: access_token + create_credentials_file: 'true' + workload_identity_provider: ${{ env.GCP_WORKFLOW_PROVIDER }} + service_account: ${{ env.GCP_SERVICE_ACCOUNT }} + + - name: Set required environment variables + if: ${{ matrix.provider == 'gcp' }} + run: | + echo "GOOGLE_CREDENTIALS=${{ env.GOOGLE_APPLICATION_CREDENTIALS }}" >> $GITHUB_ENV + + - name: 'Authenticate to AWS' + if: ${{ matrix.provider == 'aws' }} + uses: aws-actions/configure-aws-credentials@v1 + with: + role-to-assume: ${{ env.AWS_ROLE_ARN }} + role-session-name: github-action + aws-region: us-east-1 + + - name: 'Azure login' + if: ${{ matrix.provider == 'azure' }} + uses: azure/login@v1 + with: + client-id: ${{ env.ARM_CLIENT_ID }} + tenant-id: ${{ env.ARM_TENANT_ID }} + subscription-id: ${{ env.ARM_SUBSCRIPTION_ID }} + + - name: Install Nebari + run: | + pip install --upgrade pip + pip install .[dev] + + - name: Nebari Initialize + run: | + nebari init "${{ matrix.provider }}" --project "TestProvider" --domain "${{ matrix.provider }}.nebari.dev" --auth-provider password --disable-prompt --ci-provider ${{ matrix.cicd }} + cat "nebari-config.yaml" + + - name: Nebari Render + run: | + nebari render -c "nebari-config.yaml" -o "nebari-${{ matrix.provider }}-${{ matrix.cicd }}-deployment" + cp "nebari-config.yaml" "nebari-${{ matrix.provider }}-${{ matrix.cicd }}-deployment/nebari-config.yaml" + + - name: Nebari Render Artifact + uses: actions/upload-artifact@master + with: + name: "nebari-${{ matrix.provider }}-${{ matrix.cicd }}-artifact" + path: "nebari-${{ matrix.provider }}-${{ matrix.cicd }}-deployment" + + - if: failure() || github.event_name == 'pull_request' + name: Publish information from template + uses: ./.github/actions/publish-from-template + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + PROVIDER: ${{ matrix.provider }} + CICD: ${{ matrix.cicd }} + with: + filename: .github/failed-workflow-issue-templates/test-provider.md diff --git a/.github/workflows/test.yaml b/.github/workflows/test.yaml new file mode 100644 index 0000000000..5e527e9aa5 --- /dev/null +++ b/.github/workflows/test.yaml @@ -0,0 +1,68 @@ +name: "Tests" + +on: + pull_request: + paths: + - ".github/workflows/test.yaml" + - "tests/**" + - "scripts/**" + - "src/**" + - "pyproject.toml" + - "pytest.ini" + push: + branches: + - main + - develop + - release/\d{4}.\d{1,2}.\d{1,2} + paths: + - ".github/workflows/test.yaml" + - "tests/**" + - "scripts/**" + - "src/**" + - "pyproject.toml" + - "pytest.ini" + +jobs: + test-general: + name: "Pytest" + runs-on: ubuntu-latest + defaults: + run: + shell: bash -el {0} + strategy: + matrix: + python-version: + - "3.10" + - "3.11" + - "3.12" + fail-fast: false + concurrency: + group: ${{ github.workflow }}-${{ github.head_ref || github.run_id }}-${{ matrix.python-version }} + cancel-in-progress: true + steps: + - name: "Checkout Infrastructure" + uses: actions/checkout@v4 + with: + fetch-depth: 0 + + - name: Setup miniconda + uses: conda-incubator/setup-miniconda@v3 + with: + auto-update-conda: true + python-version: ${{ matrix.python-version }} + channels: conda-forge,defaults + activate-environment: nebari-dev + + - name: Install Nebari + run: | + python --version + pip install -e .[dev] + + - name: Test Nebari + run: | + pytest --version + pytest --cov=src --cov-report=xml --cov-config=pyproject.toml tests/tests_unit + + - name: Report Coverage + run: | + coverage report -m diff --git a/.github/workflows/test_aws_integration.yaml b/.github/workflows/test_aws_integration.yaml new file mode 100644 index 0000000000..92f1af1000 --- /dev/null +++ b/.github/workflows/test_aws_integration.yaml @@ -0,0 +1,86 @@ +name: AWS Deployment + +on: + schedule: + - cron: "0 0 * * MON" + workflow_dispatch: + inputs: + branch: + description: 'Nebari branch to deploy, test, destroy' + required: true + default: main + type: string + image-tag: + description: 'Nebari image tag created by the nebari-docker-images repo' + required: true + default: main + type: string + tf-log-level: + description: 'Change Terraform log levels' + required: false + default: info + type: choice + options: + - info + - warn + - debug + - trace + - error + + +env: + AWS_DEFAULT_REGION: "us-west-2" + NEBARI_GH_BRANCH: ${{ github.event.inputs.branch || 'main' }} + NEBARI_IMAGE_TAG: ${{ github.event.inputs.image-tag || 'main' }} + TF_LOG: ${{ github.event.inputs.tf-log-level || 'info' }}∏ + +jobs: + test-aws-integration: + runs-on: ubuntu-latest + if: ${{ vars.SKIP_AWS_INTEGRATION_TEST != 'true' }} + permissions: + id-token: write + contents: read + steps: + - name: Checkout + uses: actions/checkout@v4 + with: + ref: ${{ env.NEBARI_GH_BRANCH }} + fetch-depth: 0 + + - name: Set up Python + uses: actions/setup-python@v5 + with: + python-version: 3.11 + + - name: Install Nebari + run: | + pip install .[dev] + playwright install + + - name: Retrieve secret from Vault + uses: hashicorp/vault-action@v3.0.0 + with: + method: jwt + url: "https://quansight-vault-public-vault-b2379fa7.d415e30e.z1.hashicorp.cloud:8200" + namespace: "admin/quansight" + role: "repository-nebari-dev-nebari-role" + secrets: | + kv/data/repository/nebari-dev/nebari/amazon_web_services/nebari-dev-ci role_name | AWS_ROLE_ARN; + kv/data/repository/nebari-dev/nebari/cloudflare/internal-devops@quansight.com/nebari-dev-ci token | CLOUDFLARE_TOKEN; + + - name: Authenticate to AWS + uses: aws-actions/configure-aws-credentials@v1 + with: + role-to-assume: ${{ env.AWS_ROLE_ARN }} + role-session-name: github-action + aws-region: ${{ env.AWS_DEFAULT_REGION }} + + - name: Integration Tests + run: | + pytest --version + pytest tests/tests_integration/ -vvv -s --cloud aws + env: + NEBARI_SECRET__default_images__jupyterhub: "quay.io/nebari/nebari-jupyterhub:${{ env.NEBARI_IMAGE_TAG }}" + NEBARI_SECRET__default_images__jupyterlab: "quay.io/nebari/nebari-jupyterlab:${{ env.NEBARI_IMAGE_TAG }}" + NEBARI_SECRET__default_images__dask_worker: "quay.io/nebari/nebari-dask-worker:${{ env.NEBARI_IMAGE_TAG }}" diff --git a/.github/workflows/test_azure_integration.yaml b/.github/workflows/test_azure_integration.yaml new file mode 100644 index 0000000000..615279af31 --- /dev/null +++ b/.github/workflows/test_azure_integration.yaml @@ -0,0 +1,92 @@ +name: Azure Deployment + +on: + schedule: + - cron: "0 0 * * MON" + workflow_dispatch: + inputs: + branch: + description: 'Nebari branch to deploy, test, destroy' + required: true + default: main + type: string + image-tag: + description: 'Nebari image tag created by the nebari-docker-images repo' + required: true + default: main + type: string + tf-log-level: + description: 'Change Terraform log levels' + required: false + default: info + type: choice + options: + - info + - warn + - debug + - trace + - error + +env: + NEBARI_GH_BRANCH: ${{ github.event.inputs.branch || 'main' }} + NEBARI_IMAGE_TAG: ${{ github.event.inputs.image-tag || 'main' }} + TF_LOG: ${{ github.event.inputs.tf-log-level || 'info' }} + +jobs: + test-azure-integration: + runs-on: ubuntu-latest + if: ${{ vars.SKIP_AZURE_INTEGRATION_TEST != 'true' }} + permissions: + id-token: write + contents: read + steps: + - name: Checkout + uses: actions/checkout@v3 + with: + ref: ${{ env.NEBARI_GH_BRANCH }} + fetch-depth: 0 + + - name: Set up Python + uses: actions/setup-python@v4 + with: + python-version: 3.11 + + - name: Install Nebari + run: | + pip install .[dev] + conda install --quiet --yes conda-build + playwright install + + - name: Retrieve secret from Vault + uses: hashicorp/vault-action@v3.0.0 + with: + method: jwt + url: "https://quansight-vault-public-vault-b2379fa7.d415e30e.z1.hashicorp.cloud:8200" + namespace: "admin/quansight" + role: "repository-nebari-dev-nebari-role" + secrets: | + kv/data/repository/nebari-dev/nebari/azure/nebari-dev-ci/github-nebari-dev-repo-ci client_id | ARM_CLIENT_ID; + kv/data/repository/nebari-dev/nebari/azure/nebari-dev-ci/github-nebari-dev-repo-ci tenant_id | ARM_TENANT_ID; + kv/data/repository/nebari-dev/nebari/azure/nebari-dev-ci/github-nebari-dev-repo-ci subscription_id | ARM_SUBSCRIPTION_ID; + kv/data/repository/nebari-dev/nebari/cloudflare/internal-devops@quansight.com/nebari-dev-ci token | CLOUDFLARE_TOKEN; + + - name: 'Azure login' + uses: azure/login@v2 + with: + client-id: ${{ env.ARM_CLIENT_ID }} + tenant-id: ${{ env.ARM_TENANT_ID }} + subscription-id: ${{ env.ARM_SUBSCRIPTION_ID }} + + - name: Integration Tests + run: | + pytest --version + pytest tests/tests_integration/ -vvv -s --cloud azure + env: + NEBARI_SECRET__default_images__jupyterhub: "quay.io/nebari/nebari-jupyterhub:${{ env.NEBARI_IMAGE_TAG }}" + NEBARI_SECRET__default_images__jupyterlab: "quay.io/nebari/nebari-jupyterlab:${{ env.NEBARI_IMAGE_TAG }}" + NEBARI_SECRET__default_images__dask_worker: "quay.io/nebari/nebari-dask-worker:${{ env.NEBARI_IMAGE_TAG }}" + ARM_CLIENT_ID: ${{ env.ARM_CLIENT_ID }} + ARM_TENANT_ID: ${{ env.ARM_TENANT_ID }} + ARM_SUBSCRIPTION_ID: ${{ env.ARM_SUBSCRIPTION_ID }} + ARM_USE_OIDC: "true" + CLOUDFLARE_TOKEN: ${{ env.CLOUDFLARE_TOKEN }} diff --git a/.github/workflows/test_conda_build.yaml b/.github/workflows/test_conda_build.yaml new file mode 100644 index 0000000000..53c51d8c64 --- /dev/null +++ b/.github/workflows/test_conda_build.yaml @@ -0,0 +1,58 @@ +name: "Test Conda Build" + +on: + pull_request: + paths: + - ".github/workflows/test_conda_build.yaml" + - "pyproject.toml" + push: + branches: + - main + - release/\d{4}.\d{1,2}.\d{1,2} + paths: + - ".github/workflows/test_conda_build.yaml" + - "pyproject.toml" + +jobs: + test-conda-build: + runs-on: ubuntu-latest + defaults: + run: + shell: bash -el {0} + concurrency: + group: ${{ github.workflow }}-${{ github.head_ref || github.run_id }} + cancel-in-progress: true + steps: + - name: "Checkout Infrastructure" + uses: actions/checkout@v4 + with: + fetch-depth: 0 + + - name: Setup miniconda + uses: conda-incubator/setup-miniconda@v3 + with: + auto-update-conda: true + python-version: "3.10" + channels: conda-forge + activate-environment: nebari-dev + + - name: Install dependencies + run: | + conda install build grayskull conda-build conda-verify + + - name: Generate sdist + run: | + python -m build --sdist + + - name: Generate meta.yaml + run: | + python -m grayskull pypi dist/*.tar.gz + + - name: Build conda package + run: | + conda build nebari + + - name: Test conda package + run: | + conda install --use-local nebari + nebari --version diff --git a/.github/workflows/test_gcp_integration.yaml b/.github/workflows/test_gcp_integration.yaml new file mode 100644 index 0000000000..71162d1cce --- /dev/null +++ b/.github/workflows/test_gcp_integration.yaml @@ -0,0 +1,90 @@ +name: GCP Deployment + +on: + schedule: + - cron: "0 0 * * MON" + workflow_dispatch: + inputs: + branch: + description: 'Nebari branch to deploy, test, destroy' + required: true + default: main + type: string + image-tag: + description: 'Nebari image tag created by the nebari-docker-images repo' + required: true + default: main + type: string + tf-log-level: + description: 'Change Terraform log levels' + required: false + default: info + type: choice + options: + - info + - warn + - debug + - trace + - error + +env: + NEBARI_GH_BRANCH: ${{ github.event.inputs.branch || 'main' }} + NEBARI_IMAGE_TAG: ${{ github.event.inputs.image-tag || 'main' }} + TF_LOG: ${{ github.event.inputs.tf-log-level || 'info' }} + +jobs: + test-gcp-integration: + runs-on: ubuntu-latest + if: ${{ vars.SKIP_GCP_INTEGRATION_TEST != 'true' }} + permissions: + id-token: write + contents: read + pull-requests: write + steps: + - name: Checkout + uses: actions/checkout@v4 + with: + ref: ${{ env.NEBARI_GH_BRANCH }} + fetch-depth: 0 + + - name: Set up Python + uses: actions/setup-python@v5 + with: + python-version: 3.11 + + - name: Install Nebari + run: | + pip install .[dev] + playwright install + + - name: Retrieve secret from Vault + uses: hashicorp/vault-action@v3.0.0 + with: + method: jwt + url: "https://quansight-vault-public-vault-b2379fa7.d415e30e.z1.hashicorp.cloud:8200" + namespace: "admin/quansight" + role: "repository-nebari-dev-nebari-role" + secrets: | + kv/data/repository/nebari-dev/nebari/google_cloud_platform/nebari-dev-ci/github-nebari-dev-repo-ci project_id | PROJECT_ID; + kv/data/repository/nebari-dev/nebari/google_cloud_platform/nebari-dev-ci/github-nebari-dev-repo-ci workload_identity_provider | GCP_WORKFLOW_PROVIDER; + kv/data/repository/nebari-dev/nebari/google_cloud_platform/nebari-dev-ci/github-nebari-dev-repo-ci service_account_name | GCP_SERVICE_ACCOUNT; + kv/data/repository/nebari-dev/nebari/cloudflare/internal-devops@quansight.com/nebari-dev-ci token | CLOUDFLARE_TOKEN; + + - name: 'Authenticate to GCP' + uses: 'google-github-actions/auth@v1' + with: + workload_identity_provider: ${{ env.GCP_WORKFLOW_PROVIDER }} + service_account: ${{ env.GCP_SERVICE_ACCOUNT }} + + - name: Set required environment variables + run: | + echo "GOOGLE_CREDENTIALS=${{ env.GOOGLE_APPLICATION_CREDENTIALS }}" >> $GITHUB_ENV + + - name: Integration Tests + run: | + pytest --version + pytest tests/tests_integration/ -vvv -s --cloud gcp + env: + NEBARI_SECRET__default_images__jupyterhub: "quay.io/nebari/nebari-jupyterhub:${{ env.NEBARI_IMAGE_TAG }}" + NEBARI_SECRET__default_images__jupyterlab: "quay.io/nebari/nebari-jupyterlab:${{ env.NEBARI_IMAGE_TAG }}" + NEBARI_SECRET__default_images__dask_worker: "quay.io/nebari/nebari-dask-worker:${{ env.NEBARI_IMAGE_TAG }}" diff --git a/.github/workflows/test_helm_charts.yaml b/.github/workflows/test_helm_charts.yaml new file mode 100644 index 0000000000..3f0ed8834e --- /dev/null +++ b/.github/workflows/test_helm_charts.yaml @@ -0,0 +1,50 @@ +# Right now the trigger is set to run on every Monday at 13:00 UTC, +# or when the workflow file is modified. An additional manual trigger +# is also available. +name: "Validate Helm Charts downloads" + +on: + schedule: + # Run every Monday at 13:00 UTC + - cron: "0 13 * * 1" + pull_request: + paths: + - ".github/workflows/test_helm_charts.yaml" + - "scripts/helm-validate.py" + push: + paths: + - ".github/workflows/test_helm_charts.yaml" + - "scripts/helm-validate.py" + workflow_dispatch: + +jobs: + test-helm-charts: + name: "Helm Charts Validation" + runs-on: ubuntu-latest + steps: + - name: "Checkout Infrastructure" + uses: actions/checkout@v4 + with: + fetch-depth: 0 + - name: Set up Python + uses: actions/setup-python@v5 + with: + python-version: "3.11" + - name: Install additional Python dependencies + run: | + pip install python-hcl2 + pip install tqdm + - name: Install nebari + run: | + pip install . + - name: Install Helm + run: | + curl -fsSL -o get_helm.sh https://raw.githubusercontent.com/helm/helm/master/scripts/get-helm-3 + chmod 700 get_helm.sh + ./get_helm.sh + - name: Test Helm installation + run: | + helm version + - name: Test Helm Charts + run: | + python scripts/helm-validate.py diff --git a/.github/workflows/trivy.yml b/.github/workflows/trivy.yml new file mode 100644 index 0000000000..8c894653b9 --- /dev/null +++ b/.github/workflows/trivy.yml @@ -0,0 +1,46 @@ +# This workflow uses actions that are not certified by GitHub. +# They are provided by a third-party and are governed by +# separate terms of service, privacy policy, and support +# documentation. + +name: Code Scanning + +on: + push: + branches: [ "main", "release/*" ] + pull_request: + # The branches below must be a subset of the branches above + branches: [ "main" ] + schedule: + - cron: '19 23 * * 6' + +permissions: + contents: read + +jobs: + SAST: + permissions: + contents: read # for actions/checkout to fetch code + security-events: write # for github/codeql-action/upload-sarif to upload SARIF results + actions: read # only required for a private repository by github/codeql-action/upload-sarif to get the Action run status + name: Trivy config Scan + runs-on: "ubuntu-20.04" + steps: + - name: Checkout code + uses: actions/checkout@v4 + + - name: Run Trivy vulnerability scanner in fs mode + uses: aquasecurity/trivy-action@master + with: + scan-type: 'config' + hide-progress: true + format: 'sarif' + output: 'trivy-results.sarif' + ignore-unfixed: true + severity: 'CRITICAL,HIGH' + + - name: Upload Trivy scan results to GitHub Security tab + uses: github/codeql-action/upload-sarif@v3 + if: always() + with: + sarif_file: 'trivy-results.sarif' diff --git a/.github/workflows/typing.yaml b/.github/workflows/typing.yaml new file mode 100644 index 0000000000..3ce1bbc78e --- /dev/null +++ b/.github/workflows/typing.yaml @@ -0,0 +1,45 @@ +name: "Typing Check" + +on: + pull_request: + paths: + - ".github/workflows/typing.yaml" + - "src/**" + - "pyproject.toml" + push: + branches: + - main + - release/\d{4}.\d{1,2}.\d{1,2} + paths: + - ".github/workflows/typing.yaml" + - "src/**" + - "pyproject.toml" + +jobs: + typing-check: + runs-on: ubuntu-latest + concurrency: + group: ${{ github.workflow }}-${{ github.head_ref || github.run_id }} + cancel-in-progress: true + steps: + - name: "Checkout Repository" + uses: actions/checkout@v4 + with: + fetch-depth: 0 + + - name: Setup Python + uses: actions/setup-python@v5 + with: + python-version: "3.11" + cache: "pip" + + - name: Install Nebari and type stubs + run: | + python --version + pip install -e .[dev] + pip install types-Pygments types-requests types-six + + - name: Run MyPy + continue-on-error: true + run: | + mypy From 71a0cbb59e680462ba82f1029bdc2c1e38ab06f7 Mon Sep 17 00:00:00 2001 From: Philip Meier Date: Fri, 18 Oct 2024 16:54:54 +0200 Subject: [PATCH 22/37] move DNS check to init-local --- .github/actions/health-check/action.yml | 10 +++------- .github/actions/init-local/action.yml | 2 +- 2 files changed, 4 insertions(+), 8 deletions(-) diff --git a/.github/actions/health-check/action.yml b/.github/actions/health-check/action.yml index 58c04c4420..14602b3d7a 100644 --- a/.github/actions/health-check/action.yml +++ b/.github/actions/health-check/action.yml @@ -10,14 +10,10 @@ runs: using: composite steps: - - name: Basic kubectl checks after deployment + - name: List kubernetes components shell: bash - run: kubectl get all,cm,secret,pv,pvc,ing -A + run: kubectl get --all-namespaces all,cm,secret,pv,pvc,ing - - name: Check if domain resolves - shell: bash - run: nslookup ${{ inputs.domain }} - - - name: Curl jupyterhub login page + - name: Check if JupyterHub login page is accessible shell: bash run: curl --insecure --include 'https://${{ inputs.domain }}/hub/home' diff --git a/.github/actions/init-local/action.yml b/.github/actions/init-local/action.yml index 633bc9c361..306876973a 100644 --- a/.github/actions/init-local/action.yml +++ b/.github/actions/init-local/action.yml @@ -39,8 +39,8 @@ runs: PROJECT='github-actions' echo "project=${PROJECT}" | tee --append "${GITHUB_OUTPUT}" - # This domain has a DNS entry that points back to a local IP, i.e. 172.X.X.X. DOMAIN='github-actions.nebari.dev' + nslookup "${DOMAIN}" echo "domain=${DOMAIN}" | tee --append "${GITHUB_OUTPUT}" - shell: bash -l {0} From 5b0f821d330dda6cdbd8ed9e65039979a962695d Mon Sep 17 00:00:00 2001 From: Philip Meier Date: Fri, 18 Oct 2024 16:56:36 +0200 Subject: [PATCH 23/37] fix triggers --- .github/workflows/test_local_upgrade.yaml | 11 +++++++---- 1 file changed, 7 insertions(+), 4 deletions(-) diff --git a/.github/workflows/test_local_upgrade.yaml b/.github/workflows/test_local_upgrade.yaml index 2b2da8245d..09a15db94c 100644 --- a/.github/workflows/test_local_upgrade.yaml +++ b/.github/workflows/test_local_upgrade.yaml @@ -2,10 +2,13 @@ name: "Local Upgrade Tests" on: pull_request: -# release: -# types: -# - prereleased -# workflow_dispatch: + paths: + - ".github/actions/**" + - ".github/workflows/test_local_upgrade.yaml" + release: + types: + - prereleased + workflow_dispatch: concurrency: From 7d2e04fc6d3a31339939c0525c114108710a4435 Mon Sep 17 00:00:00 2001 From: Philip Meier Date: Fri, 18 Oct 2024 16:58:56 +0200 Subject: [PATCH 24/37] update concurrency --- .github/workflows/test_local_upgrade.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/test_local_upgrade.yaml b/.github/workflows/test_local_upgrade.yaml index 09a15db94c..07157a4f34 100644 --- a/.github/workflows/test_local_upgrade.yaml +++ b/.github/workflows/test_local_upgrade.yaml @@ -12,7 +12,7 @@ on: concurrency: - group: "upgrade" + group: ${{ github.ref_name }} cancel-in-progress: true env: From 6f3088b703d284fc31a992813818db28575c4945 Mon Sep 17 00:00:00 2001 From: Chuck McAndrew <6248903+dcmcand@users.noreply.github.com> Date: Tue, 22 Oct 2024 14:14:19 +0200 Subject: [PATCH 25/37] remove duplicate GCPPrivateClusterConfig class --- src/_nebari/stages/infrastructure/__init__.py | 8 ++------ 1 file changed, 2 insertions(+), 6 deletions(-) diff --git a/src/_nebari/stages/infrastructure/__init__.py b/src/_nebari/stages/infrastructure/__init__.py index 026f33fe82..dbb62a9142 100644 --- a/src/_nebari/stages/infrastructure/__init__.py +++ b/src/_nebari/stages/infrastructure/__init__.py @@ -115,6 +115,7 @@ class AzureInputVars(schema.Base): name: str environment: str region: str + authorized_ip_ranges: List[str] = ["0.0.0.0/0"] kubeconfig_filename: str = get_kubeconfig_filename() kubernetes_version: str node_groups: Dict[str, AzureNodeGroupInputVars] @@ -338,12 +339,6 @@ class GCPMasterAuthorizedNetworksConfig(schema.Base): cidr_blocks: List[GCPCIDRBlock] -class GCPPrivateClusterConfig(schema.Base): - enable_private_endpoint: bool - enable_private_nodes: bool - master_ipv4_cidr_block: str - - class GCPGuestAccelerator(schema.Base): """ See general information regarding GPU support at: @@ -421,6 +416,7 @@ class AzureProvider(schema.Base): region: str kubernetes_version: Optional[str] = None storage_account_postfix: str + authorized_ip_ranges: Optional[List[str]] = ["0.0.0.0/0"] resource_group_name: Optional[str] = None node_groups: Dict[str, AzureNodeGroup] = DEFAULT_AZURE_NODE_GROUPS storage_account_postfix: str From 487a6fa19dbd62032d2545a6d9272ec71161afef Mon Sep 17 00:00:00 2001 From: Chuck McAndrew <6248903+dcmcand@users.noreply.github.com> Date: Tue, 22 Oct 2024 14:21:37 +0200 Subject: [PATCH 26/37] remove unrelated change --- src/_nebari/stages/infrastructure/__init__.py | 2 -- 1 file changed, 2 deletions(-) diff --git a/src/_nebari/stages/infrastructure/__init__.py b/src/_nebari/stages/infrastructure/__init__.py index dbb62a9142..3e77f9bee8 100644 --- a/src/_nebari/stages/infrastructure/__init__.py +++ b/src/_nebari/stages/infrastructure/__init__.py @@ -115,7 +115,6 @@ class AzureInputVars(schema.Base): name: str environment: str region: str - authorized_ip_ranges: List[str] = ["0.0.0.0/0"] kubeconfig_filename: str = get_kubeconfig_filename() kubernetes_version: str node_groups: Dict[str, AzureNodeGroupInputVars] @@ -416,7 +415,6 @@ class AzureProvider(schema.Base): region: str kubernetes_version: Optional[str] = None storage_account_postfix: str - authorized_ip_ranges: Optional[List[str]] = ["0.0.0.0/0"] resource_group_name: Optional[str] = None node_groups: Dict[str, AzureNodeGroup] = DEFAULT_AZURE_NODE_GROUPS storage_account_postfix: str From 8f8e1e14d846c321f5ec25b4e2899e1f6bd33756 Mon Sep 17 00:00:00 2001 From: joneszc Date: Wed, 23 Oct 2024 09:05:40 -0400 Subject: [PATCH 27/37] revert 'add try to assert block to inspect error'(1f392e8) --- tests/tests_unit/test_cli_validate.py | 22 ++++++++-------------- 1 file changed, 8 insertions(+), 14 deletions(-) diff --git a/tests/tests_unit/test_cli_validate.py b/tests/tests_unit/test_cli_validate.py index 07a931acd4..faf2efa8a1 100644 --- a/tests/tests_unit/test_cli_validate.py +++ b/tests/tests_unit/test_cli_validate.py @@ -114,26 +114,20 @@ def test_cli_validate_from_env(): ["validate", "--config", tmp_file.resolve()], env={"NEBARI_SECRET__amazon_web_services__kubernetes_version": "1.20"}, ) - try: - assert 0 == valid_result.exit_code - assert not valid_result.exception - assert "Successfully validated configuration" in valid_result.stdout - except AssertionError: - print(valid_result.stdout) - raise + + assert 0 == valid_result.exit_code + assert not valid_result.exception + assert "Successfully validated configuration" in valid_result.stdout invalid_result = runner.invoke( app, ["validate", "--config", tmp_file.resolve()], env={"NEBARI_SECRET__amazon_web_services__kubernetes_version": "1.0"}, ) - try: - assert 1 == invalid_result.exit_code - assert invalid_result.exception - assert "Invalid `kubernetes-version`" in invalid_result.stdout - except AssertionError: - print(invalid_result.stdout) - raise + + assert 1 == invalid_result.exit_code + assert invalid_result.exception + assert "Invalid `kubernetes-version`" in invalid_result.stdout @pytest.mark.parametrize( From 3f2523aae801fa5d09c414aec6fe1eb237effc0f Mon Sep 17 00:00:00 2001 From: Marcelo Villa Date: Wed, 23 Oct 2024 23:08:08 +0200 Subject: [PATCH 28/37] Remove leftover develop reference --- .github/workflows/test.yaml | 1 - 1 file changed, 1 deletion(-) diff --git a/.github/workflows/test.yaml b/.github/workflows/test.yaml index 5e527e9aa5..52eadb769c 100644 --- a/.github/workflows/test.yaml +++ b/.github/workflows/test.yaml @@ -12,7 +12,6 @@ on: push: branches: - main - - develop - release/\d{4}.\d{1,2}.\d{1,2} paths: - ".github/workflows/test.yaml" From f8dde622b30182cca0d34600470a86a897c99be7 Mon Sep 17 00:00:00 2001 From: "Vinicius D. Cerutti" <51954708+viniciusdc@users.noreply.github.com> Date: Thu, 24 Oct 2024 11:37:10 -0300 Subject: [PATCH 29/37] Add note regarding the .tfstate workaround --- .github/workflows/test_local_upgrade.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/test_local_upgrade.yaml b/.github/workflows/test_local_upgrade.yaml index 07157a4f34..7ee5a96573 100644 --- a/.github/workflows/test_local_upgrade.yaml +++ b/.github/workflows/test_local_upgrade.yaml @@ -77,7 +77,7 @@ jobs: - name: Upgrade TF state run: | NEW_NEBARI_VERSION=$(grep 'nebari_version: ' ${{ steps.init.outputs.config }} | sed 's/nebari_version: //') - + # This is a workaround due to https://github.com/nebari-dev/nebari/issues/2781 sed \ "s/\"nebari_version\": \"${OLD_NEBARI_VERSION}\"/\"nebari_version\": \"${NEW_NEBARI_VERSION}\"/" \ -i ${{ steps.init.outputs.directory }}/stages/01-terraform-state/local/terraform.tfstate From ba0ae822f37b88abf967e8ba69b31cd26a4f05fa Mon Sep 17 00:00:00 2001 From: Adam Lewis <23342526+Adam-D-Lewis@users.noreply.github.com> Date: Thu, 24 Oct 2024 20:43:21 -0500 Subject: [PATCH 30/37] fix bug where check_immutable_fields throws error with old version of Nebari (#2796) --- .../stages/terraform_state/__init__.py | 10 +++------ tests/tests_unit/test_stages.py | 22 ++++++++++++++----- 2 files changed, 20 insertions(+), 12 deletions(-) diff --git a/src/_nebari/stages/terraform_state/__init__.py b/src/_nebari/stages/terraform_state/__init__.py index 37568be130..edee2db71f 100644 --- a/src/_nebari/stages/terraform_state/__init__.py +++ b/src/_nebari/stages/terraform_state/__init__.py @@ -260,7 +260,7 @@ def check_immutable_fields(self): # compute diff of remote/prior and current nebari config nebari_config_diff = utils.JsonDiff( - nebari_config_state.model_dump(), self.config.model_dump() + nebari_config_state, self.config.model_dump() ) # check if any changed fields are immutable for keys, old, new in nebari_config_diff.modified(): @@ -284,7 +284,7 @@ def check_immutable_fields(self): f'Attempting to change immutable field "{key_path}" ("{old}"->"{new}") in Nebari config file. Immutable fields cannot be changed after initial deployment.' ) - def get_nebari_config_state(self): + def get_nebari_config_state(self) -> dict: directory = str(self.output_directory / self.stage_prefix) tf_state = terraform.show(directory) nebari_config_state = None @@ -294,11 +294,7 @@ def get_nebari_config_state(self): tf_state.get("values", {}).get("root_module", {}).get("resources", []) ): if resource["address"] == "terraform_data.nebari_config": - from nebari.plugins import nebari_plugin_manager - - nebari_config_state = nebari_plugin_manager.config_schema( - **resource["values"]["input"] - ) + nebari_config_state = resource["values"]["input"] break return nebari_config_state diff --git a/tests/tests_unit/test_stages.py b/tests/tests_unit/test_stages.py index 8c0facf8c9..74e6d3f3d0 100644 --- a/tests/tests_unit/test_stages.py +++ b/tests/tests_unit/test_stages.py @@ -29,7 +29,7 @@ def terraform_state_stage(mock_config, tmp_path): @patch.object(TerraformStateStage, "get_nebari_config_state") def test_check_immutable_fields_no_changes(mock_get_state, terraform_state_stage): - mock_get_state.return_value = terraform_state_stage.config + mock_get_state.return_value = terraform_state_stage.config.model_dump() # This should not raise an exception terraform_state_stage.check_immutable_fields() @@ -41,7 +41,7 @@ def test_check_immutable_fields_mutable_change( ): old_config = mock_config.model_copy(deep=True) old_config.namespace = "old-namespace" - mock_get_state.return_value = old_config + mock_get_state.return_value = old_config.model_dump() # This should not raise an exception (namespace is mutable) terraform_state_stage.check_immutable_fields() @@ -54,7 +54,7 @@ def test_check_immutable_fields_immutable_change( ): old_config = mock_config.model_copy(deep=True) old_config.provider = schema.ProviderEnum.gcp - mock_get_state.return_value = old_config + mock_get_state.return_value = old_config.model_dump() # Mock the provider field to be immutable mock_model_fields.__getitem__.return_value.json_schema_extra = {"immutable": True} @@ -77,7 +77,7 @@ def test_check_immutable_fields_no_prior_state(mock_get_state, terraform_state_s def test_check_dict_value_change(mock_get_state, terraform_state_stage, mock_config): old_config = mock_config.model_copy(deep=True) terraform_state_stage.config.local.node_selectors["worker"].value += "new_value" - mock_get_state.return_value = old_config + mock_get_state.return_value = old_config.model_dump() # should not throw an exception terraform_state_stage.check_immutable_fields() @@ -87,7 +87,19 @@ def test_check_dict_value_change(mock_get_state, terraform_state_stage, mock_con def test_check_list_change(mock_get_state, terraform_state_stage, mock_config): old_config = mock_config.model_copy(deep=True) old_config.environments["environment-dask.yaml"].channels.append("defaults") - mock_get_state.return_value = old_config + mock_get_state.return_value = old_config.model_dump() # should not throw an exception terraform_state_stage.check_immutable_fields() + + +@patch.object(TerraformStateStage, "get_nebari_config_state") +def test_check_immutable_fields_old_nebari_version( + mock_get_state, terraform_state_stage, mock_config +): + old_config = mock_config.model_copy(deep=True).model_dump() + old_config["nebari_version"] = "2024.7.1" # Simulate an old version + mock_get_state.return_value = old_config + + # This should not raise an exception + terraform_state_stage.check_immutable_fields() From 55094c335bb7c99dfa56c860058050e70e36cfbf Mon Sep 17 00:00:00 2001 From: Ken Foster Date: Mon, 28 Oct 2024 12:32:03 -0400 Subject: [PATCH 31/37] Fix immutable field validation error when a sub-schema is not Pydantic (#2797) Co-authored-by: pre-commit-ci[bot] <66853113+pre-commit-ci[bot]@users.noreply.github.com> --- src/_nebari/stages/terraform_state/__init__.py | 14 ++++++++++---- tests/tests_unit/cli_validate/local.happy.yaml | 5 +++++ tests/tests_unit/test_stages.py | 15 +++++++++++++++ 3 files changed, 30 insertions(+), 4 deletions(-) diff --git a/src/_nebari/stages/terraform_state/__init__.py b/src/_nebari/stages/terraform_state/__init__.py index edee2db71f..e0f643ed3d 100644 --- a/src/_nebari/stages/terraform_state/__init__.py +++ b/src/_nebari/stages/terraform_state/__init__.py @@ -6,7 +6,7 @@ import re from typing import Any, Dict, List, Optional, Tuple, Type -from pydantic import field_validator +from pydantic import BaseModel, field_validator from _nebari import utils from _nebari.provider import terraform @@ -275,9 +275,15 @@ def check_immutable_fields(self): bottom_level_schema = bottom_level_schema[key] else: raise e - extra_field_schema = schema.ExtraFieldSchema( - **bottom_level_schema.model_fields[keys[-1]].json_schema_extra or {} - ) + + # Return a default (mutable) extra field schema if bottom level is not a Pydantic model (such as a free-form 'overrides' block) + if isinstance(bottom_level_schema, BaseModel): + extra_field_schema = schema.ExtraFieldSchema( + **bottom_level_schema.model_fields[keys[-1]].json_schema_extra or {} + ) + else: + extra_field_schema = schema.ExtraFieldSchema() + if extra_field_schema.immutable: key_path = ".".join(keys) raise ValueError( diff --git a/tests/tests_unit/cli_validate/local.happy.yaml b/tests/tests_unit/cli_validate/local.happy.yaml index e6ec771e09..3fd31f978e 100644 --- a/tests/tests_unit/cli_validate/local.happy.yaml +++ b/tests/tests_unit/cli_validate/local.happy.yaml @@ -23,3 +23,8 @@ theme: certificate: type: lets-encrypt acme_email: test@example.com +jupyterhub: + overrides: + singleuser: + extraEnv: + TEST_ENV: "my_env" diff --git a/tests/tests_unit/test_stages.py b/tests/tests_unit/test_stages.py index 74e6d3f3d0..c716d93030 100644 --- a/tests/tests_unit/test_stages.py +++ b/tests/tests_unit/test_stages.py @@ -103,3 +103,18 @@ def test_check_immutable_fields_old_nebari_version( # This should not raise an exception terraform_state_stage.check_immutable_fields() + + +@patch.object(TerraformStateStage, "get_nebari_config_state") +def test_check_immutable_fields_change_dict_any( + mock_get_state, terraform_state_stage, mock_config +): + old_config = mock_config.model_copy(deep=True).model_dump() + # Change the value of a config deep in 'overrides' block + old_config["jupyterhub"]["overrides"]["singleuser"]["extraEnv"][ + "TEST_ENV" + ] = "new_value" + mock_get_state.return_value = old_config + + # This should not raise an exception + terraform_state_stage.check_immutable_fields() From c384b06282a0c3338b3a3593bd1f8aafab4ef748 Mon Sep 17 00:00:00 2001 From: "Vinicius D. Cerutti" <51954708+viniciusdc@users.noreply.github.com> Date: Tue, 29 Oct 2024 10:51:37 -0300 Subject: [PATCH 32/37] Address issue with AWS instance type schema (#2787) Co-authored-by: pre-commit-ci[bot] <66853113+pre-commit-ci[bot]@users.noreply.github.com> --- src/_nebari/stages/infrastructure/__init__.py | 36 +++++++++---------- 1 file changed, 16 insertions(+), 20 deletions(-) diff --git a/src/_nebari/stages/infrastructure/__init__.py b/src/_nebari/stages/infrastructure/__init__.py index 3e77f9bee8..559f17bd53 100644 --- a/src/_nebari/stages/infrastructure/__init__.py +++ b/src/_nebari/stages/infrastructure/__init__.py @@ -128,7 +128,7 @@ class AzureInputVars(schema.Base): workload_identity_enabled: bool = False -class AWSAmiTypes(enum.Enum): +class AWSAmiTypes(str, enum.Enum): AL2_x86_64 = "AL2_x86_64" AL2_x86_64_GPU = "AL2_x86_64_GPU" CUSTOM = "CUSTOM" @@ -151,25 +151,17 @@ class AWSNodeGroupInputVars(schema.Base): ami_type: Optional[AWSAmiTypes] = None launch_template: Optional[AWSNodeLaunchTemplate] = None - @field_validator("ami_type", mode="before") - @classmethod - def _infer_and_validate_ami_type(cls, value, values) -> str: - gpu_enabled = values.get("gpu", False) - - # Auto-set ami_type if not provided - if not value: - if values.get("launch_template") and values["launch_template"].ami_id: - return "CUSTOM" - if gpu_enabled: - return "AL2_x86_64_GPU" - return "AL2_x86_64" - - # Explicit validation - if value == "AL2_x86_64" and gpu_enabled: - raise ValueError( - "ami_type 'AL2_x86_64' cannot be used with GPU enabled (gpu=True)." - ) - return value + +def construct_aws_ami_type(gpu_enabled: bool, launch_template: AWSNodeLaunchTemplate): + """Construct the AWS AMI type based on the provided parameters.""" + + if launch_template and launch_template.ami_id: + return "CUSTOM" + + if gpu_enabled: + return "AL2_x86_64_GPU" + + return "AL2_x86_64" class AWSInputVars(schema.Base): @@ -858,6 +850,10 @@ def input_vars(self, stage_outputs: Dict[str, Dict[str, Any]]): single_subnet=node_group.single_subnet, permissions_boundary=node_group.permissions_boundary, launch_template=node_group.launch_template, + ami_type=construct_aws_ami_type( + gpu_enabled=node_group.gpu, + launch_template=node_group.launch_template, + ), ) for name, node_group in self.config.amazon_web_services.node_groups.items() ], From e26e6051f587323937769f6cf0fd105bc3591189 Mon Sep 17 00:00:00 2001 From: Adam Lewis <23342526+Adam-D-Lewis@users.noreply.github.com> Date: Wed, 30 Oct 2024 14:21:03 -0500 Subject: [PATCH 33/37] add broken note (#2802) --- RELEASE.md | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/RELEASE.md b/RELEASE.md index 2c3ba77082..63fd16a507 100644 --- a/RELEASE.md +++ b/RELEASE.md @@ -9,7 +9,9 @@ This file is copied to nebari-dev/nebari-docs using a GitHub Action. --> --- -## Release 2024.9.1 - September 27, 2024 +## Release 2024.9.1 - September 27, 2024 (Broken Release) + +> WARNING: This release was later found to have unresolved issues described further in [issue 2798](https://github.com/nebari-dev/nebari/issues/2798). We have marked this release as broken on conda-forge and yanked it on PyPI. One of the bugs prevents any upgrade from 2024.9.1 to 2024.11.1. Users should skip this release entirely and upgrade directly from 2024.7.1 to 2024.11.1. > WARNING: This release changes how group directories are mounted in JupyterLab pods: only groups with specific permissions will have their directories mounted. If you rely on custom group mounts, we strongly recommend running `nebari upgrade` before updating. This will prompt you to confirm how Nebari should handle your groupsβ€”either keep them mounted or allow unmounting. **No data will be lost**, and you can reverse this anytime. From 88dfe2447c56689c3a9828e6abef4e1c02903faf Mon Sep 17 00:00:00 2001 From: Marcelo Villa Date: Wed, 30 Oct 2024 17:43:32 -0500 Subject: [PATCH 34/37] Fix release notes formatting to restore docs syncing functionality (#2809) Co-authored-by: Vinicius D. Cerutti <51954708+viniciusdc@users.noreply.github.com> --- RELEASE.md | 1187 ++++++++++++++++++++++++++-------------------------- 1 file changed, 602 insertions(+), 585 deletions(-) diff --git a/RELEASE.md b/RELEASE.md index 63fd16a507..da6249d7d6 100644 --- a/RELEASE.md +++ b/RELEASE.md @@ -1,6 +1,6 @@ # Release notes -*Contains description of Nebari releases.* +_Contains description of Nebari releases._ > WARNING: This release changes how group directories are mounted in JupyterLab pods: only groups with specific permissions will have their directories mounted. If you rely on custom group mounts, we strongly recommend running `nebari upgrade` before updating. This will prompt you to confirm how Nebari should handle your groupsβ€”either keep them mounted or allow unmounting. **No data will be lost**, and you can reverse this anytime. ### What's Changed -* Fix: KeyValueDict error when deploying to existing infrastructure by @oftheaxe in https://github.com/nebari-dev/nebari/pull/2560 -* Remove unused AWS terraform modules by @marcelovilla in https://github.com/nebari-dev/nebari/pull/2623 -* Upgrade Hashicorp Vault action by @aktech in https://github.com/nebari-dev/nebari/pull/2616 -* Pass `oauth_no_confirm=True` to jhub-apps by @krassowski in https://github.com/nebari-dev/nebari/pull/2631 -* Use Rook Ceph for Jupyterhub and Conda Store drives by @Adam-D-Lewis in https://github.com/nebari-dev/nebari/pull/2541 -* Fix typo in guided init by @marcelovilla in https://github.com/nebari-dev/nebari/pull/2635 -* Action var tests off by @BrianCashProf in https://github.com/nebari-dev/nebari/pull/2632 -* add a "moved" block to account for refactored terraform code without deleting/recreating NFS disks by @Adam-D-Lewis in https://github.com/nebari-dev/nebari/pull/2639 -* Use Helm Chart for JupyterHub 5.1.0 by @krassowski in https://github.com/nebari-dev/nebari/pull/2661 -* Add a how to test section to PR template by @marcelovilla in https://github.com/nebari-dev/nebari/pull/2659 -* Support disallowed nebari config changes by @Adam-D-Lewis in https://github.com/nebari-dev/nebari/pull/2660 -* Fix converted init command in guided init by @marcelovilla in https://github.com/nebari-dev/nebari/pull/2666 -* Add initial uptime metrics by @dcmcand in https://github.com/nebari-dev/nebari/pull/2609 -* Refactor and extend Playwright tests by @viniciusdc in https://github.com/nebari-dev/nebari/pull/2644 -* Remove Cypress remaining tests/files by @viniciusdc in https://github.com/nebari-dev/nebari/pull/2672 -* refactor jupyterhub user token retrieval within pytest by @viniciusdc in https://github.com/nebari-dev/nebari/pull/2645 -* add moved block to account for terraform changes on AWS only by @Adam-D-Lewis in https://github.com/nebari-dev/nebari/pull/2673 -* Refactor shared group mounting using RBAC by @viniciusdc in https://github.com/nebari-dev/nebari/pull/2593 -* Dashboard fix usage report by @kenafoster in https://github.com/nebari-dev/nebari/pull/2671 -* only capture stdout not stdout+stderr when capture_output=True by @Adam-D-Lewis in https://github.com/nebari-dev/nebari/pull/2704 -* revert breaking change to azure deployment test by @Adam-D-Lewis in https://github.com/nebari-dev/nebari/pull/2706 -* Refactor GitOps approach prompt flow in guided init by @marcelovilla in https://github.com/nebari-dev/nebari/pull/2269 -* template the kustomization.yaml file by @dcmcand in https://github.com/nebari-dev/nebari/pull/2667 -* Fix auto-provisioned GitHub repo description after guided init by @marcelovilla in https://github.com/nebari-dev/nebari/pull/2708 -* Add amazon_web_services configuration option to specify EKS cluster api server endpoint access setting by @joneszc in https://github.com/nebari-dev/nebari/pull/2618 -* Use Google Auth and Cloud Python APIs instead of `gcloud` CLI by @swastik959 in https://github.com/nebari-dev/nebari/pull/2083 -* fix broken links in README.md, SECURITY.md, and CONTRIBUTING.md by @blakerosenthal in https://github.com/nebari-dev/nebari/pull/2720 -* add test for changing dicts and lists by @Adam-D-Lewis in https://github.com/nebari-dev/nebari/pull/2724 -* 2024.9.1 upgrade notes by @Adam-D-Lewis in https://github.com/nebari-dev/nebari/pull/2726 -* Add Support for AWS Launch Template Configuration by @viniciusdc in https://github.com/nebari-dev/nebari/pull/2668 -* Run terraform init before running terraform show by @marcelovilla in https://github.com/nebari-dev/nebari/pull/2734 -* Release Process Checklist Updates by @Adam-D-Lewis in https://github.com/nebari-dev/nebari/pull/2727 -* Test implicit aiohttp's TCP to HTTP connector change by @viniciusdc in https://github.com/nebari-dev/nebari/pull/2741 -* remove comments by @Adam-D-Lewis in https://github.com/nebari-dev/nebari/pull/2743 -* Deploy Rook Ceph Helm only when Ceph FS Needed by @kenafoster in https://github.com/nebari-dev/nebari/pull/2742 -* fix group mounting paths by @viniciusdc in https://github.com/nebari-dev/nebari/pull/2738 -* Add compatibility prompt and notes for shared group mounting by @viniciusdc in https://github.com/nebari-dev/nebari/pull/2739 + +- Fix: KeyValueDict error when deploying to existing infrastructure by @oftheaxe in https://github.com/nebari-dev/nebari/pull/2560 +- Remove unused AWS terraform modules by @marcelovilla in https://github.com/nebari-dev/nebari/pull/2623 +- Upgrade Hashicorp Vault action by @aktech in https://github.com/nebari-dev/nebari/pull/2616 +- Pass `oauth_no_confirm=True` to jhub-apps by @krassowski in https://github.com/nebari-dev/nebari/pull/2631 +- Use Rook Ceph for Jupyterhub and Conda Store drives by @Adam-D-Lewis in https://github.com/nebari-dev/nebari/pull/2541 +- Fix typo in guided init by @marcelovilla in https://github.com/nebari-dev/nebari/pull/2635 +- Action var tests off by @BrianCashProf in https://github.com/nebari-dev/nebari/pull/2632 +- add a "moved" block to account for refactored terraform code without deleting/recreating NFS disks by @Adam-D-Lewis in https://github.com/nebari-dev/nebari/pull/2639 +- Use Helm Chart for JupyterHub 5.1.0 by @krassowski in https://github.com/nebari-dev/nebari/pull/2661 +- Add a how to test section to PR template by @marcelovilla in https://github.com/nebari-dev/nebari/pull/2659 +- Support disallowed nebari config changes by @Adam-D-Lewis in https://github.com/nebari-dev/nebari/pull/2660 +- Fix converted init command in guided init by @marcelovilla in https://github.com/nebari-dev/nebari/pull/2666 +- Add initial uptime metrics by @dcmcand in https://github.com/nebari-dev/nebari/pull/2609 +- Refactor and extend Playwright tests by @viniciusdc in https://github.com/nebari-dev/nebari/pull/2644 +- Remove Cypress remaining tests/files by @viniciusdc in https://github.com/nebari-dev/nebari/pull/2672 +- refactor jupyterhub user token retrieval within pytest by @viniciusdc in https://github.com/nebari-dev/nebari/pull/2645 +- add moved block to account for terraform changes on AWS only by @Adam-D-Lewis in https://github.com/nebari-dev/nebari/pull/2673 +- Refactor shared group mounting using RBAC by @viniciusdc in https://github.com/nebari-dev/nebari/pull/2593 +- Dashboard fix usage report by @kenafoster in https://github.com/nebari-dev/nebari/pull/2671 +- only capture stdout not stdout+stderr when capture_output=True by @Adam-D-Lewis in https://github.com/nebari-dev/nebari/pull/2704 +- revert breaking change to azure deployment test by @Adam-D-Lewis in https://github.com/nebari-dev/nebari/pull/2706 +- Refactor GitOps approach prompt flow in guided init by @marcelovilla in https://github.com/nebari-dev/nebari/pull/2269 +- template the kustomization.yaml file by @dcmcand in https://github.com/nebari-dev/nebari/pull/2667 +- Fix auto-provisioned GitHub repo description after guided init by @marcelovilla in https://github.com/nebari-dev/nebari/pull/2708 +- Add amazon_web_services configuration option to specify EKS cluster api server endpoint access setting by @joneszc in https://github.com/nebari-dev/nebari/pull/2618 +- Use Google Auth and Cloud Python APIs instead of `gcloud` CLI by @swastik959 in https://github.com/nebari-dev/nebari/pull/2083 +- fix broken links in README.md, SECURITY.md, and CONTRIBUTING.md by @blakerosenthal in https://github.com/nebari-dev/nebari/pull/2720 +- add test for changing dicts and lists by @Adam-D-Lewis in https://github.com/nebari-dev/nebari/pull/2724 +- 2024.9.1 upgrade notes by @Adam-D-Lewis in https://github.com/nebari-dev/nebari/pull/2726 +- Add Support for AWS Launch Template Configuration by @viniciusdc in https://github.com/nebari-dev/nebari/pull/2668 +- Run terraform init before running terraform show by @marcelovilla in https://github.com/nebari-dev/nebari/pull/2734 +- Release Process Checklist Updates by @Adam-D-Lewis in https://github.com/nebari-dev/nebari/pull/2727 +- Test implicit aiohttp's TCP to HTTP connector change by @viniciusdc in https://github.com/nebari-dev/nebari/pull/2741 +- remove comments by @Adam-D-Lewis in https://github.com/nebari-dev/nebari/pull/2743 +- Deploy Rook Ceph Helm only when Ceph FS Needed by @kenafoster in https://github.com/nebari-dev/nebari/pull/2742 +- fix group mounting paths by @viniciusdc in https://github.com/nebari-dev/nebari/pull/2738 +- Add compatibility prompt and notes for shared group mounting by @viniciusdc in https://github.com/nebari-dev/nebari/pull/2739 ### New Contributors -* @oftheaxe made their first contribution in https://github.com/nebari-dev/nebari/pull/2560 -* @joneszc made their first contribution in https://github.com/nebari-dev/nebari/pull/2618 -* @swastik959 made their first contribution in https://github.com/nebari-dev/nebari/pull/2083 -* @blakerosenthal made their first contribution in https://github.com/nebari-dev/nebari/pull/2720 -**Full Changelog**: https://github.com/nebari-dev/nebari/compare/2024.7.1...2024.9.1 +- @oftheaxe made their first contribution in https://github.com/nebari-dev/nebari/pull/2560 +- @joneszc made their first contribution in https://github.com/nebari-dev/nebari/pull/2618 +- @swastik959 made their first contribution in https://github.com/nebari-dev/nebari/pull/2083 +- @blakerosenthal made their first contribution in https://github.com/nebari-dev/nebari/pull/2720 +**Full Changelog**: https://github.com/nebari-dev/nebari/compare/2024.7.1...2024.9.1 ## Release 2024.7.1 - August 8, 2024 > NOTE: Support for Digital Ocean deployments using CLI commands and related Terraform modules is being deprecated. Although Digital Ocean will no longer be directly supported in future releases, you can still deploy to Digital Ocean infrastructure using the current `existing` deployment option. ### What's Changed -* Enable authentication by default in jupyter-server by @krassowski in https://github.com/nebari-dev/nebari/pull/2288 -* remove dns sleep by @Adam-D-Lewis in https://github.com/nebari-dev/nebari/pull/2550 -* Conda-store permissions v2 + load roles from keycloak by @aktech in https://github.com/nebari-dev/nebari/pull/2531 -* Restrict public access and add bucket encryption using cmk by @dcmcand in https://github.com/nebari-dev/nebari/pull/2525 -* Add overwrite to AWS coredns addon by @dcmcand in https://github.com/nebari-dev/nebari/pull/2538 -* Add a default roles at initialisation by @aktech in https://github.com/nebari-dev/nebari/pull/2546 -* Hide gallery section if no exhibits are configured by @krassowski in https://github.com/nebari-dev/nebari/pull/2549 -* Add note about ~/.bash_profile by @Adam-D-Lewis in https://github.com/nebari-dev/nebari/pull/2575 -* Expose jupyterlab-gallery branch and depth options by @krassowski in https://github.com/nebari-dev/nebari/pull/2556 -* #2566 Upgrade Jupyterhub ssh image by @arjxn-py in https://github.com/nebari-dev/nebari/pull/2576 -* Stop copying unnecessary files into user home directory by @Adam-D-Lewis in https://github.com/nebari-dev/nebari/pull/2578 -* Include deprecation notes for init/deploy subcommands by @viniciusdc in https://github.com/nebari-dev/nebari/pull/2582 -* Only download jar if file doesn't exist by @Adam-D-Lewis in https://github.com/nebari-dev/nebari/pull/2588 -* Remove unnecessary experimental flag by @Adam-D-Lewis in https://github.com/nebari-dev/nebari/pull/2606 -* Add typos spell checker to pre-commit by @Adam-D-Lewis in https://github.com/nebari-dev/nebari/pull/2568 -* Enh 2451 skip conditionals by @BrianCashProf in https://github.com/nebari-dev/nebari/pull/2569 -* Improve codespell support: adjust and concentrate config to pyproject.toml and fix more typos by @yarikoptic in https://github.com/nebari-dev/nebari/pull/2583 -* Move codespell config to pyproject.toml only by @Adam-D-Lewis in https://github.com/nebari-dev/nebari/pull/2611 -* Add `depends_on` for bucket encryption by @viniciusdc in https://github.com/nebari-dev/nebari/pull/2615 + +- Enable authentication by default in jupyter-server by @krassowski in https://github.com/nebari-dev/nebari/pull/2288 +- remove dns sleep by @Adam-D-Lewis in https://github.com/nebari-dev/nebari/pull/2550 +- Conda-store permissions v2 + load roles from keycloak by @aktech in https://github.com/nebari-dev/nebari/pull/2531 +- Restrict public access and add bucket encryption using cmk by @dcmcand in https://github.com/nebari-dev/nebari/pull/2525 +- Add overwrite to AWS coredns addon by @dcmcand in https://github.com/nebari-dev/nebari/pull/2538 +- Add a default roles at initialisation by @aktech in https://github.com/nebari-dev/nebari/pull/2546 +- Hide gallery section if no exhibits are configured by @krassowski in https://github.com/nebari-dev/nebari/pull/2549 +- Add note about ~/.bash_profile by @Adam-D-Lewis in https://github.com/nebari-dev/nebari/pull/2575 +- Expose jupyterlab-gallery branch and depth options by @krassowski in https://github.com/nebari-dev/nebari/pull/2556 +- #2566 Upgrade Jupyterhub ssh image by @arjxn-py in https://github.com/nebari-dev/nebari/pull/2576 +- Stop copying unnecessary files into user home directory by @Adam-D-Lewis in https://github.com/nebari-dev/nebari/pull/2578 +- Include deprecation notes for init/deploy subcommands by @viniciusdc in https://github.com/nebari-dev/nebari/pull/2582 +- Only download jar if file doesn't exist by @Adam-D-Lewis in https://github.com/nebari-dev/nebari/pull/2588 +- Remove unnecessary experimental flag by @Adam-D-Lewis in https://github.com/nebari-dev/nebari/pull/2606 +- Add typos spell checker to pre-commit by @Adam-D-Lewis in https://github.com/nebari-dev/nebari/pull/2568 +- Enh 2451 skip conditionals by @BrianCashProf in https://github.com/nebari-dev/nebari/pull/2569 +- Improve codespell support: adjust and concentrate config to pyproject.toml and fix more typos by @yarikoptic in https://github.com/nebari-dev/nebari/pull/2583 +- Move codespell config to pyproject.toml only by @Adam-D-Lewis in https://github.com/nebari-dev/nebari/pull/2611 +- Add `depends_on` for bucket encryption by @viniciusdc in https://github.com/nebari-dev/nebari/pull/2615 ### New Contributors -* @BrianCashProf made their first contribution in https://github.com/nebari-dev/nebari/pull/2569 -* @yarikoptic made their first contribution in https://github.com/nebari-dev/nebari/pull/2583 +- @BrianCashProf made their first contribution in https://github.com/nebari-dev/nebari/pull/2569 +- @yarikoptic made their first contribution in https://github.com/nebari-dev/nebari/pull/2583 **Full Changelog**: https://github.com/nebari-dev/nebari/compare/2024.6.1...2024.7.1 - ## Release 2024.6.1 - June 26, 2024 > NOTE: This release includes an upgrade to the `kube-prometheus-stack` Helm chart, resulting in a newer version of Grafana. When upgrading your Nebari cluster, you will be prompted to have Nebari update some CRDs and delete a DaemonSet on your behalf. If you prefer, you can also run the commands yourself, which will be shown to you. If you have any custom dashboards, you'll also need to back them up by [exporting them as JSON](https://grafana.com/docs/grafana/latest/dashboards/share-dashboards-panels/#export-a-dashboard-as-json), so you can [import them](https://grafana.com/docs/grafana/latest/dashboards/build-dashboards/import-dashboards/#import-a-dashboard) after upgrading. ### What's Changed -* Fetch JupyterHub roles from Keycloak by @krassowski in https://github.com/nebari-dev/nebari/pull/2447 -* Update selector for Start server button to use button tag by @krassowski in https://github.com/nebari-dev/nebari/pull/2464 -* Reduce GCP Fixed Costs by 50% by @Adam-D-Lewis in https://github.com/nebari-dev/nebari/pull/2453 -* Restore JupyterHub updates from PR-2427 by @viniciusdc in https://github.com/nebari-dev/nebari/pull/2465 -* Workload identity by @Adam-D-Lewis in https://github.com/nebari-dev/nebari/pull/2460 -* Fix test using a non-specific selector by @krassowski in https://github.com/nebari-dev/nebari/pull/2475 -* add verify=false since we use self signed cert in tests by @Adam-D-Lewis in https://github.com/nebari-dev/nebari/pull/2481 -* fix forward auth when using custom cert by @Adam-D-Lewis in https://github.com/nebari-dev/nebari/pull/2479 -* Upgrade to JupyterHub 5.0.0b2 by @krassowski in https://github.com/nebari-dev/nebari/pull/2468 -* upgrade instructions for PR 2453 by @Adam-D-Lewis in https://github.com/nebari-dev/nebari/pull/2466 -* Use Helm Chart for JupyterHub 5.0.0 final by @krassowski in https://github.com/nebari-dev/nebari/pull/2484 -* Parse and insert keycloak roles scopes into JupyterHub by @aktech in https://github.com/nebari-dev/nebari/pull/2471 -* Add CITATION file by @pavithraes in https://github.com/nebari-dev/nebari/pull/2455 -* CI: add azure integration by @fangchenli in https://github.com/nebari-dev/nebari/pull/2061 -* Create trivy.yml by @dcmcand in https://github.com/nebari-dev/nebari/pull/2458 -* don't run azure deployment on PRs, only on schedule and manual trigger by @Adam-D-Lewis in https://github.com/nebari-dev/nebari/pull/2498 -* add cloud provider deployment status badges to README.md by @Adam-D-Lewis in https://github.com/nebari-dev/nebari/pull/2407 -* Upgrade kube-prometheus-stack helm chart by @marcelovilla in https://github.com/nebari-dev/nebari/pull/2472 -* upgrade note by @Adam-D-Lewis in https://github.com/nebari-dev/nebari/pull/2502 -* Remove VSCode from jhub_apps default services by @jbouder in https://github.com/nebari-dev/nebari/pull/2503 -* Explicit config by @Adam-D-Lewis in https://github.com/nebari-dev/nebari/pull/2294 -* fix general node scaling bug for azure by @Adam-D-Lewis in https://github.com/nebari-dev/nebari/pull/2517 -* Skip running cleanup on pull requests by @aktech in https://github.com/nebari-dev/nebari/pull/2488 -* 1792 Add docstrings to `upgrade.py` by @arjxn-py in https://github.com/nebari-dev/nebari/pull/2512 -* set's min TLS version for azure storage account to TLS 1.2 by @dcmcand in https://github.com/nebari-dev/nebari/pull/2522 -* Fix conda-store and Traefik Grafana Dashboards by @marcelovilla in https://github.com/nebari-dev/nebari/pull/2540 -* Implement support for jupyterlab-gallery config by @krassowski in https://github.com/nebari-dev/nebari/pull/2501 -* Add option to run CRDs updates and DaemonSet deletion on user's behalf. by @marcelovilla in https://github.com/nebari-dev/nebari/pull/2544 + +- Fetch JupyterHub roles from Keycloak by @krassowski in https://github.com/nebari-dev/nebari/pull/2447 +- Update selector for Start server button to use button tag by @krassowski in https://github.com/nebari-dev/nebari/pull/2464 +- Reduce GCP Fixed Costs by 50% by @Adam-D-Lewis in https://github.com/nebari-dev/nebari/pull/2453 +- Restore JupyterHub updates from PR-2427 by @viniciusdc in https://github.com/nebari-dev/nebari/pull/2465 +- Workload identity by @Adam-D-Lewis in https://github.com/nebari-dev/nebari/pull/2460 +- Fix test using a non-specific selector by @krassowski in https://github.com/nebari-dev/nebari/pull/2475 +- add verify=false since we use self signed cert in tests by @Adam-D-Lewis in https://github.com/nebari-dev/nebari/pull/2481 +- fix forward auth when using custom cert by @Adam-D-Lewis in https://github.com/nebari-dev/nebari/pull/2479 +- Upgrade to JupyterHub 5.0.0b2 by @krassowski in https://github.com/nebari-dev/nebari/pull/2468 +- upgrade instructions for PR 2453 by @Adam-D-Lewis in https://github.com/nebari-dev/nebari/pull/2466 +- Use Helm Chart for JupyterHub 5.0.0 final by @krassowski in https://github.com/nebari-dev/nebari/pull/2484 +- Parse and insert keycloak roles scopes into JupyterHub by @aktech in https://github.com/nebari-dev/nebari/pull/2471 +- Add CITATION file by @pavithraes in https://github.com/nebari-dev/nebari/pull/2455 +- CI: add azure integration by @fangchenli in https://github.com/nebari-dev/nebari/pull/2061 +- Create trivy.yml by @dcmcand in https://github.com/nebari-dev/nebari/pull/2458 +- don't run azure deployment on PRs, only on schedule and manual trigger by @Adam-D-Lewis in https://github.com/nebari-dev/nebari/pull/2498 +- add cloud provider deployment status badges to README.md by @Adam-D-Lewis in https://github.com/nebari-dev/nebari/pull/2407 +- Upgrade kube-prometheus-stack helm chart by @marcelovilla in https://github.com/nebari-dev/nebari/pull/2472 +- upgrade note by @Adam-D-Lewis in https://github.com/nebari-dev/nebari/pull/2502 +- Remove VSCode from jhub_apps default services by @jbouder in https://github.com/nebari-dev/nebari/pull/2503 +- Explicit config by @Adam-D-Lewis in https://github.com/nebari-dev/nebari/pull/2294 +- fix general node scaling bug for azure by @Adam-D-Lewis in https://github.com/nebari-dev/nebari/pull/2517 +- Skip running cleanup on pull requests by @aktech in https://github.com/nebari-dev/nebari/pull/2488 +- 1792 Add docstrings to `upgrade.py` by @arjxn-py in https://github.com/nebari-dev/nebari/pull/2512 +- set's min TLS version for azure storage account to TLS 1.2 by @dcmcand in https://github.com/nebari-dev/nebari/pull/2522 +- Fix conda-store and Traefik Grafana Dashboards by @marcelovilla in https://github.com/nebari-dev/nebari/pull/2540 +- Implement support for jupyterlab-gallery config by @krassowski in https://github.com/nebari-dev/nebari/pull/2501 +- Add option to run CRDs updates and DaemonSet deletion on user's behalf. by @marcelovilla in https://github.com/nebari-dev/nebari/pull/2544 ### New Contributors -* @arjxn-py made their first contribution in https://github.com/nebari-dev/nebari/pull/2512 + +- @arjxn-py made their first contribution in https://github.com/nebari-dev/nebari/pull/2512 **Full Changelog**: https://github.com/nebari-dev/nebari/compare/2024.5.1...2024.6.1 @@ -139,103 +142,106 @@ This file is copied to nebari-dev/nebari-docs using a GitHub Action. --> ### What's Changed -* make userscheduler run on general node group by @Adam-D-Lewis in -* Upgrade to Pydantic V2 by @Adam-D-Lewis in -* Pydantic2 PR fix by @Adam-D-Lewis in -* remove redundant pydantic class, fix bug by @Adam-D-Lewis in -* Update `python-keycloak` version pins constraints by @viniciusdc in -* add HERA_TOKEN env var to user pods by @Adam-D-Lewis in -* fix docs link by @Adam-D-Lewis in -* Update allowed admin groups by @aktech in +- make userscheduler run on general node group by @Adam-D-Lewis in https://github.com/nebari-dev/nebari/pull/2415 +- Upgrade to Pydantic V2 by @Adam-D-Lewis in https://github.com/nebari-dev/nebari/pull/2348 +- Pydantic2 PR fix by @Adam-D-Lewis in https://github.com/nebari-dev/nebari/pull/2421 +- remove redundant pydantic class, fix bug by @Adam-D-Lewis in https://github.com/nebari-dev/nebari/pull/2426 +- Update `python-keycloak` version pins constraints by @viniciusdc in https://github.com/nebari-dev/nebari/pull/2435 +- add HERA_TOKEN env var to user pods by @Adam-D-Lewis in https://github.com/nebari-dev/nebari/pull/2438 +- fix docs link by @Adam-D-Lewis in https://github.com/nebari-dev/nebari/pull/2443 +- Update allowed admin groups by @aktech in https://github.com/nebari-dev/nebari/pull/2429 -**Full Changelog**: +**Full Changelog**: https://github.com/nebari-dev/nebari/compare/2024.4.1...2024.5.1 ## Release 2024.4.1 - April 20, 2024 ### What's Changed -* update azurerm version by @Adam-D-Lewis in https://github.com/nebari-dev/nebari/pull/2370 -* Get JupyterHub `groups` from Keycloak, support `oauthenticator` 16.3+ by @krassowski in https://github.com/nebari-dev/nebari/pull/2361 -* add full names for cloud providers in guided init by @exitflynn in https://github.com/nebari-dev/nebari/pull/2375 -* Add middleware to prefix JupyterHub navbar items with /hub. by @marcelovilla in https://github.com/nebari-dev/nebari/pull/2360 -* CLN: split #1928, refactor render test by @fangchenli in https://github.com/nebari-dev/nebari/pull/2246 -* add trailing slash for jupyterhub proxy paths by @Adam-D-Lewis in https://github.com/nebari-dev/nebari/pull/2387 -* remove references to deprecated cdsdashboards by @Adam-D-Lewis in https://github.com/nebari-dev/nebari/pull/2390 -* add default node groups to config by @Adam-D-Lewis in https://github.com/nebari-dev/nebari/pull/2398 -* Update concurrency settings for Integration tests by @viniciusdc in https://github.com/nebari-dev/nebari/pull/2393 -* Make CI/CD Cloud Provider Test Conditional by @tylergraff in https://github.com/nebari-dev/nebari/pull/2369 + +- update azurerm version by @Adam-D-Lewis in https://github.com/nebari-dev/nebari/pull/2370 +- Get JupyterHub `groups` from Keycloak, support `oauthenticator` 16.3+ by @krassowski in https://github.com/nebari-dev/nebari/pull/2361 +- add full names for cloud providers in guided init by @exitflynn in https://github.com/nebari-dev/nebari/pull/2375 +- Add middleware to prefix JupyterHub navbar items with /hub. by @marcelovilla in https://github.com/nebari-dev/nebari/pull/2360 +- CLN: split #1928, refactor render test by @fangchenli in https://github.com/nebari-dev/nebari/pull/2246 +- add trailing slash for jupyterhub proxy paths by @Adam-D-Lewis in https://github.com/nebari-dev/nebari/pull/2387 +- remove references to deprecated cdsdashboards by @Adam-D-Lewis in https://github.com/nebari-dev/nebari/pull/2390 +- add default node groups to config by @Adam-D-Lewis in https://github.com/nebari-dev/nebari/pull/2398 +- Update concurrency settings for Integration tests by @viniciusdc in https://github.com/nebari-dev/nebari/pull/2393 +- Make CI/CD Cloud Provider Test Conditional by @tylergraff in https://github.com/nebari-dev/nebari/pull/2369 ### New Contributors -* @exitflynn made their first contribution in https://github.com/nebari-dev/nebari/pull/2375 -**Full Changelog**: https://github.com/nebari-dev/nebari/compare/2024.3.3...2024.4.1 +- @exitflynn made their first contribution in https://github.com/nebari-dev/nebari/pull/2375 +**Full Changelog**: https://github.com/nebari-dev/nebari/compare/2024.3.3...2024.4.1 ## Release 2024.3.3 - March 27, 2024 ### What's Changed -* get default variable value when following a terraform variable by @Adam-D-Lewis in https://github.com/nebari-dev/nebari/pull/2322 -* Upgrade Actions versions by @isumitjha in https://github.com/nebari-dev/nebari/pull/2291 -* Cleanup spawner logs by @krassowski in https://github.com/nebari-dev/nebari/pull/2328 -* Fix loki gateway url when deployed on non-dev namespace by @aktech in https://github.com/nebari-dev/nebari/pull/2327 -* Dmcandrew update ruamel.yaml by @dcmcand in https://github.com/nebari-dev/nebari/pull/2315 -* upgrade auth0-python version to ultimately resolve CVE-2024-26130 by @tylergraff in https://github.com/nebari-dev/nebari/pull/2314 -* remove deprecated code paths by @Adam-D-Lewis in https://github.com/nebari-dev/nebari/pull/2349 -* Create SECURITY.md by @dcmcand in https://github.com/nebari-dev/nebari/pull/2354 -* Set node affinity for more pods to ensure they run on general node pool by @Adam-D-Lewis in https://github.com/nebari-dev/nebari/pull/2353 -* Deduplicate conda-store in JupyterLab main menu by @krassowski in https://github.com/nebari-dev/nebari/pull/2347 -* Pass current namespace to argo via environment variable by @krassowski in https://github.com/nebari-dev/nebari/pull/2317 -* PVC for Traefik Ingress (prevent LetsEncrypt throttling) by @kenafoster in https://github.com/nebari-dev/nebari/pull/2352 + +- get default variable value when following a terraform variable by @Adam-D-Lewis in https://github.com/nebari-dev/nebari/pull/2322 +- Upgrade Actions versions by @isumitjha in https://github.com/nebari-dev/nebari/pull/2291 +- Cleanup spawner logs by @krassowski in https://github.com/nebari-dev/nebari/pull/2328 +- Fix loki gateway url when deployed on non-dev namespace by @aktech in https://github.com/nebari-dev/nebari/pull/2327 +- Dmcandrew update ruamel.yaml by @dcmcand in https://github.com/nebari-dev/nebari/pull/2315 +- upgrade auth0-python version to ultimately resolve CVE-2024-26130 by @tylergraff in https://github.com/nebari-dev/nebari/pull/2314 +- remove deprecated code paths by @Adam-D-Lewis in https://github.com/nebari-dev/nebari/pull/2349 +- Create SECURITY.md by @dcmcand in https://github.com/nebari-dev/nebari/pull/2354 +- Set node affinity for more pods to ensure they run on general node pool by @Adam-D-Lewis in https://github.com/nebari-dev/nebari/pull/2353 +- Deduplicate conda-store in JupyterLab main menu by @krassowski in https://github.com/nebari-dev/nebari/pull/2347 +- Pass current namespace to argo via environment variable by @krassowski in https://github.com/nebari-dev/nebari/pull/2317 +- PVC for Traefik Ingress (prevent LetsEncrypt throttling) by @kenafoster in https://github.com/nebari-dev/nebari/pull/2352 ### New Contributors -* @isumitjha made their first contribution in https://github.com/nebari-dev/nebari/pull/2291 -* @tylergraff made their first contribution in https://github.com/nebari-dev/nebari/pull/2314 -**Full Changelog**: https://github.com/nebari-dev/nebari/compare/2024.3.2...2024.3.3 +- @isumitjha made their first contribution in https://github.com/nebari-dev/nebari/pull/2291 +- @tylergraff made their first contribution in https://github.com/nebari-dev/nebari/pull/2314 +**Full Changelog**: https://github.com/nebari-dev/nebari/compare/2024.3.2...2024.3.3 ## Release 2024.3.2 - March 14, 2024 ### What's Changed -* update max k8s versions and remove depreciated api usage in local deploy by @dcmcand in https://github.com/nebari-dev/nebari/pull/2276 -* update keycloak image repo by @Adam-D-Lewis in https://github.com/nebari-dev/nebari/pull/2312 -* Generate random password for Grafana by @aktech in https://github.com/nebari-dev/nebari/pull/2289 -* update conda store to 2024.3.1 by @Adam-D-Lewis in https://github.com/nebari-dev/nebari/pull/2316 -* Switch PyPI release workflow to use trusted publishing by @viniciusdc in https://github.com/nebari-dev/nebari/pull/2323 +- update max k8s versions and remove depreciated api usage in local deploy by @dcmcand in https://github.com/nebari-dev/nebari/pull/2276 +- update keycloak image repo by @Adam-D-Lewis in https://github.com/nebari-dev/nebari/pull/2312 +- Generate random password for Grafana by @aktech in https://github.com/nebari-dev/nebari/pull/2289 +- update conda store to 2024.3.1 by @Adam-D-Lewis in https://github.com/nebari-dev/nebari/pull/2316 +- Switch PyPI release workflow to use trusted publishing by @viniciusdc in https://github.com/nebari-dev/nebari/pull/2323 **Full Changelog**: https://github.com/nebari-dev/nebari/compare/2024.3.1...2024.3.2 ## Release 2024.3.1 - March 11, 2024 ### What's Changed -* Modify Playwright test to account for changes in JupyterLab UI. by @marcelovilla in https://github.com/nebari-dev/nebari/pull/2232 -* Add favicon to jupyterhub theme. by @jbouder in https://github.com/nebari-dev/nebari/pull/2222 -* Set min nodes to 0 for worker and user. by @pt247 in https://github.com/nebari-dev/nebari/pull/2168 -* Remove `jhub-client` from pyproject.toml by @pavithraes in https://github.com/nebari-dev/nebari/pull/2242 -* Include permission validation step to programmatically cloned repos by @viniciusdc in https://github.com/nebari-dev/nebari/pull/2258 -* Expose jupyter's preferred dir as a config option by @krassowski in https://github.com/nebari-dev/nebari/pull/2251 -* Allow to configure default settings for JupyterLab (`overrides.json`) by @krassowski in https://github.com/nebari-dev/nebari/pull/2249 -* Feature/jlab menu customization by @marcelovilla in https://github.com/nebari-dev/nebari/pull/2259 -* Add cloud provider to the dask config.json file by @marcelovilla in https://github.com/nebari-dev/nebari/pull/2266 -* Fix syntax error in jupyter-server-config Python file by @krassowski in https://github.com/nebari-dev/nebari/pull/2286 -* Add "Open VS Code" entry in services by @krassowski in https://github.com/nebari-dev/nebari/pull/2267 -* Add Grafana Loki integration by @aktech in https://github.com/nebari-dev/nebari/pull/2156 + +- Modify Playwright test to account for changes in JupyterLab UI. by @marcelovilla in https://github.com/nebari-dev/nebari/pull/2232 +- Add favicon to jupyterhub theme. by @jbouder in https://github.com/nebari-dev/nebari/pull/2222 +- Set min nodes to 0 for worker and user. by @pt247 in https://github.com/nebari-dev/nebari/pull/2168 +- Remove `jhub-client` from pyproject.toml by @pavithraes in https://github.com/nebari-dev/nebari/pull/2242 +- Include permission validation step to programmatically cloned repos by @viniciusdc in https://github.com/nebari-dev/nebari/pull/2258 +- Expose jupyter's preferred dir as a config option by @krassowski in https://github.com/nebari-dev/nebari/pull/2251 +- Allow to configure default settings for JupyterLab (`overrides.json`) by @krassowski in https://github.com/nebari-dev/nebari/pull/2249 +- Feature/jlab menu customization by @marcelovilla in https://github.com/nebari-dev/nebari/pull/2259 +- Add cloud provider to the dask config.json file by @marcelovilla in https://github.com/nebari-dev/nebari/pull/2266 +- Fix syntax error in jupyter-server-config Python file by @krassowski in https://github.com/nebari-dev/nebari/pull/2286 +- Add "Open VS Code" entry in services by @krassowski in https://github.com/nebari-dev/nebari/pull/2267 +- Add Grafana Loki integration by @aktech in https://github.com/nebari-dev/nebari/pull/2156 ### New Contributors -* @jbouder made their first contribution in https://github.com/nebari-dev/nebari/pull/2222 -* @krassowski made their first contribution in https://github.com/nebari-dev/nebari/pull/2251 -**Full Changelog**: https://github.com/nebari-dev/nebari/compare/2024.1.1...2024.3.1 +- @jbouder made their first contribution in https://github.com/nebari-dev/nebari/pull/2222 +- @krassowski made their first contribution in https://github.com/nebari-dev/nebari/pull/2251 +**Full Changelog**: https://github.com/nebari-dev/nebari/compare/2024.1.1...2024.3.1 ## Release 2024.1.1 - January 17, 2024 ### Feature changes and enhancements -* Upgrade conda-store to latest version 2024.1.1 -* Add Jhub-Apps -* Add Jupyterlab-pioneer -* Minor improvements and bug fixes +- Upgrade conda-store to latest version 2024.1.1 +- Add Jhub-Apps +- Add Jupyterlab-pioneer +- Minor improvements and bug fixes ### Breaking Changes @@ -243,27 +249,26 @@ This file is copied to nebari-dev/nebari-docs using a GitHub Action. --> ### What's Changed -* [pre-commit.ci] pre-commit autoupdate by @pre-commit-ci in https://github.com/nebari-dev/nebari/pull/2176 -* Fix logic for dns lookup. by @pt247 in https://github.com/nebari-dev/nebari/pull/2166 -* Integrate JupyterHub App Launcher into Nebari by @aktech in https://github.com/nebari-dev/nebari/pull/2185 -* Pass in permissions boundary to k8s module by @aktech in https://github.com/nebari-dev/nebari/pull/2153 -* Add jupyterlab-pioneer by @aktech in https://github.com/nebari-dev/nebari/pull/2127 -* JHub Apps: Filter conda envs by user by @aktech in https://github.com/nebari-dev/nebari/pull/2187 -* update upgrade command by @dcmcand in https://github.com/nebari-dev/nebari/pull/2198 -* Remove JupyterLab from services list by @aktech in https://github.com/nebari-dev/nebari/pull/2189 -* Adding fields to ignore within keycloak_realm by @costrouc in https://github.com/nebari-dev/nebari/pull/2200 -* Add Nebari menu item configuration. by @marcelovilla in https://github.com/nebari-dev/nebari/pull/2196 -* Disable "Newer update available" popup as default setting by @viniciusdc in https://github.com/nebari-dev/nebari/pull/2192 -* Block usage of pip inside jupyterlab by @viniciusdc in https://github.com/nebari-dev/nebari/pull/2191 -* Return all environments instead of just those under the user's namespace for jhub-apps by @marcelovilla in https://github.com/nebari-dev/nebari/pull/2206 -* Adding a temporary writable directory for conda-store server /home/conda by @costrouc in https://github.com/nebari-dev/nebari/pull/2209 -* Add demo repositories mechanism to populate user's space by @viniciusdc in https://github.com/nebari-dev/nebari/pull/2207 -* update nebari_workflow_controller and conda_store tags to test rc by @dcmcand in https://github.com/nebari-dev/nebari/pull/2210 -* 2023.12.1 release notes by @dcmcand in https://github.com/nebari-dev/nebari/pull/2211 -* Make it so that jhub-apps default theme doesn't override by @costrouc in https://github.com/nebari-dev/nebari/pull/2213 -* Adding additional theme variables to jupyterhub theme config by @costrouc in https://github.com/nebari-dev/nebari/pull/2215 -* updates Current Release to 2024.1.1 by @dcmcand in https://github.com/nebari-dev/nebari/pull/2227 - +- [pre-commit.ci] pre-commit autoupdate by @pre-commit-ci in https://github.com/nebari-dev/nebari/pull/2176 +- Fix logic for dns lookup. by @pt247 in https://github.com/nebari-dev/nebari/pull/2166 +- Integrate JupyterHub App Launcher into Nebari by @aktech in https://github.com/nebari-dev/nebari/pull/2185 +- Pass in permissions boundary to k8s module by @aktech in https://github.com/nebari-dev/nebari/pull/2153 +- Add jupyterlab-pioneer by @aktech in https://github.com/nebari-dev/nebari/pull/2127 +- JHub Apps: Filter conda envs by user by @aktech in https://github.com/nebari-dev/nebari/pull/2187 +- update upgrade command by @dcmcand in https://github.com/nebari-dev/nebari/pull/2198 +- Remove JupyterLab from services list by @aktech in https://github.com/nebari-dev/nebari/pull/2189 +- Adding fields to ignore within keycloak_realm by @costrouc in https://github.com/nebari-dev/nebari/pull/2200 +- Add Nebari menu item configuration. by @marcelovilla in https://github.com/nebari-dev/nebari/pull/2196 +- Disable "Newer update available" popup as default setting by @viniciusdc in https://github.com/nebari-dev/nebari/pull/2192 +- Block usage of pip inside jupyterlab by @viniciusdc in https://github.com/nebari-dev/nebari/pull/2191 +- Return all environments instead of just those under the user's namespace for jhub-apps by @marcelovilla in https://github.com/nebari-dev/nebari/pull/2206 +- Adding a temporary writable directory for conda-store server /home/conda by @costrouc in https://github.com/nebari-dev/nebari/pull/2209 +- Add demo repositories mechanism to populate user's space by @viniciusdc in https://github.com/nebari-dev/nebari/pull/2207 +- update nebari_workflow_controller and conda_store tags to test rc by @dcmcand in https://github.com/nebari-dev/nebari/pull/2210 +- 2023.12.1 release notes by @dcmcand in https://github.com/nebari-dev/nebari/pull/2211 +- Make it so that jhub-apps default theme doesn't override by @costrouc in https://github.com/nebari-dev/nebari/pull/2213 +- Adding additional theme variables to jupyterhub theme config by @costrouc in https://github.com/nebari-dev/nebari/pull/2215 +- updates Current Release to 2024.1.1 by @dcmcand in https://github.com/nebari-dev/nebari/pull/2227 **Full Changelog**: https://github.com/nebari-dev/nebari/compare/2023.12.1...2024.1.1 @@ -271,30 +276,30 @@ This file is copied to nebari-dev/nebari-docs using a GitHub Action. --> ### Feature changes and enhancements -* Upgrade conda-store to latest version 2023.10.1 -* Minor improvements and bug fixes +- Upgrade conda-store to latest version 2023.10.1 +- Minor improvements and bug fixes ### Breaking Changes > WARNING: Prefect, ClearML and kbatch were removed in this release and upgrading to this version will result in all of them being uninstalled. ### What's Changed -* BUG: fix incorrect config override #2086 by @fangchenli in https://github.com/nebari-dev/nebari/pull/2087 -* ENH: add AWS IAM permissions_boundary option #2078 by @fangchenli in https://github.com/nebari-dev/nebari/pull/2082 -* CI: cleanup local integration workflow by @fangchenli in https://github.com/nebari-dev/nebari/pull/2079 -* ENH: check missing GCP services by @fangchenli in https://github.com/nebari-dev/nebari/pull/2036 -* ENH: use packaging for version parsing, add unit tests by @fangchenli in https://github.com/nebari-dev/nebari/pull/2048 -* ENH: specify required field when retrieving available gcp regions by @fangchenli in https://github.com/nebari-dev/nebari/pull/2033 -* Upgrade conda-store to 2023.10.1 by @iameskild in https://github.com/nebari-dev/nebari/pull/2092 -* Add upgrade command for 2023.11.1 by @iameskild in https://github.com/nebari-dev/nebari/pull/2103 -* CLN: cleanup typing and typing import in init by @fangchenli in https://github.com/nebari-dev/nebari/pull/2107 -* Remove kbatch, prefect and clearml by @iameskild in https://github.com/nebari-dev/nebari/pull/2101 -* Fix integration tests, helm-validate script by @iameskild in https://github.com/nebari-dev/nebari/pull/2102 -* Re-enable AWS tags support by @iameskild in https://github.com/nebari-dev/nebari/pull/2096 -* Update upgrade instructions for 2023.11.1 by @iameskild in https://github.com/nebari-dev/nebari/pull/2112 -* Update nebari-git env pins by by @iameskild in https://github.com/nebari-dev/nebari/pull/2113 -* Update release notes for 2023.11.1 by @iameskild in https://github.com/nebari-dev/nebari/pull/2114 +- BUG: fix incorrect config override #2086 by @fangchenli in https://github.com/nebari-dev/nebari/pull/2087 +- ENH: add AWS IAM permissions_boundary option #2078 by @fangchenli in https://github.com/nebari-dev/nebari/pull/2082 +- CI: cleanup local integration workflow by @fangchenli in https://github.com/nebari-dev/nebari/pull/2079 +- ENH: check missing GCP services by @fangchenli in https://github.com/nebari-dev/nebari/pull/2036 +- ENH: use packaging for version parsing, add unit tests by @fangchenli in https://github.com/nebari-dev/nebari/pull/2048 +- ENH: specify required field when retrieving available gcp regions by @fangchenli in https://github.com/nebari-dev/nebari/pull/2033 +- Upgrade conda-store to 2023.10.1 by @iameskild in https://github.com/nebari-dev/nebari/pull/2092 +- Add upgrade command for 2023.11.1 by @iameskild in https://github.com/nebari-dev/nebari/pull/2103 +- CLN: cleanup typing and typing import in init by @fangchenli in https://github.com/nebari-dev/nebari/pull/2107 +- Remove kbatch, prefect and clearml by @iameskild in https://github.com/nebari-dev/nebari/pull/2101 +- Fix integration tests, helm-validate script by @iameskild in https://github.com/nebari-dev/nebari/pull/2102 +- Re-enable AWS tags support by @iameskild in https://github.com/nebari-dev/nebari/pull/2096 +- Update upgrade instructions for 2023.11.1 by @iameskild in https://github.com/nebari-dev/nebari/pull/2112 +- Update nebari-git env pins by by @iameskild in https://github.com/nebari-dev/nebari/pull/2113 +- Update release notes for 2023.11.1 by @iameskild in https://github.com/nebari-dev/nebari/pull/2114 **Full Changelog**: https://github.com/nebari-dev/nebari/compare/2023.11.1...2023.12.1 @@ -302,35 +307,34 @@ This file is copied to nebari-dev/nebari-docs using a GitHub Action. --> ### Feature changes and enhancements -* Upgrade conda-store to latest version 2023 .10.1 -* Minor improvements and bug fixes +- Upgrade conda-store to latest version 2023 .10.1 +- Minor improvements and bug fixes ### Breaking Changes > WARNING: Prefect, ClearML and kbatch were removed in this release and upgrading to this version will result in all of them being uninstalled. ### What's Changed -* BUG: fix incorrect config override #2086 by @fangchenli in https://github.com/nebari-dev/nebari/pull/2087 -* ENH: add AWS IAM permissions_boundary option #2078 by @fangchenli in https://github.com/nebari-dev/nebari/pull/2082 -* CI: cleanup local integration workflow by @fangchenli in https://github.com/nebari-dev/nebari/pull/2079 -* [pre-commit.ci] pre-commit autoupdate by @pre-commit-ci in https://github.com/nebari-dev/nebari/pull/2099 -* ENH: check missing GCP services by @fangchenli in https://github.com/nebari-dev/nebari/pull/2036 -* ENH: use packaging for version parsing, add unit tests by @fangchenli in https://github.com/nebari-dev/nebari/pull/2048 -* ENH: specify required field when retrieving available gcp regions by @fangchenli in https://github.com/nebari-dev/nebari/pull/2033 -* Upgrade conda-store to 2023.10.1 by @iameskild in https://github.com/nebari-dev/nebari/pull/2092 -* Add upgrade command for 2023.11.1 by @iameskild in https://github.com/nebari-dev/nebari/pull/2103 -* CLN: cleanup typing and typing import in init by @fangchenli in https://github.com/nebari-dev/nebari/pull/2107 -* Remove kbatch, prefect and clearml by @iameskild in https://github.com/nebari-dev/nebari/pull/2101 -* Fix integration tests, helm-validate script by @iameskild in https://github.com/nebari-dev/nebari/pull/2102 -* Re-enable AWS tags support by @iameskild in https://github.com/nebari-dev/nebari/pull/2096 -* Update upgrade instructions for 2023.11.1 by @iameskild in https://github.com/nebari-dev/nebari/pull/2112 -* Update nebari-git env pins by by @iameskild in https://github.com/nebari-dev/nebari/pull/2113 -* Update release notes for 2023.11.1 by @iameskild in https://github.com/nebari-dev/nebari/pull/2114 +- BUG: fix incorrect config override #2086 by @fangchenli in https://github.com/nebari-dev/nebari/pull/2087 +- ENH: add AWS IAM permissions_boundary option #2078 by @fangchenli in https://github.com/nebari-dev/nebari/pull/2082 +- CI: cleanup local integration workflow by @fangchenli in https://github.com/nebari-dev/nebari/pull/2079 +- [pre-commit.ci] pre-commit autoupdate by @pre-commit-ci in https://github.com/nebari-dev/nebari/pull/2099 +- ENH: check missing GCP services by @fangchenli in https://github.com/nebari-dev/nebari/pull/2036 +- ENH: use packaging for version parsing, add unit tests by @fangchenli in https://github.com/nebari-dev/nebari/pull/2048 +- ENH: specify required field when retrieving available gcp regions by @fangchenli in https://github.com/nebari-dev/nebari/pull/2033 +- Upgrade conda-store to 2023.10.1 by @iameskild in https://github.com/nebari-dev/nebari/pull/2092 +- Add upgrade command for 2023.11.1 by @iameskild in https://github.com/nebari-dev/nebari/pull/2103 +- CLN: cleanup typing and typing import in init by @fangchenli in https://github.com/nebari-dev/nebari/pull/2107 +- Remove kbatch, prefect and clearml by @iameskild in https://github.com/nebari-dev/nebari/pull/2101 +- Fix integration tests, helm-validate script by @iameskild in https://github.com/nebari-dev/nebari/pull/2102 +- Re-enable AWS tags support by @iameskild in https://github.com/nebari-dev/nebari/pull/2096 +- Update upgrade instructions for 2023.11.1 by @iameskild in https://github.com/nebari-dev/nebari/pull/2112 +- Update nebari-git env pins by by @iameskild in https://github.com/nebari-dev/nebari/pull/2113 +- Update release notes for 2023.11.1 by @iameskild in https://github.com/nebari-dev/nebari/pull/2114 **Full Changelog**: https://github.com/nebari-dev/nebari/compare/2023.10.1...2023.11.1 - ## Release 2023.10.1 - October 20, 2023 This release includes a major refactor which introduces a Pluggy-based extension mechanism which allow developers to build new stages. This is the initial implementation @@ -344,109 +348,110 @@ command and follow the instructions ### Feature changes and enhancements -* Extension Mechanism Implementation in [PR 1833](https://github.com/nebari-dev/nebari/pull/1833) - * This also includes much stricter schema validation. -* JupyterHub upgraded to 3.1 in [PR 1856](https://github.com/nebari-dev/nebari/pull/1856)' +- Extension Mechanism Implementation in [PR 1833](https://github.com/nebari-dev/nebari/pull/1833) + - This also includes much stricter schema validation. +- JupyterHub upgraded to 3.1 in [PR 1856](https://github.com/nebari-dev/nebari/pull/1856)' ### Breaking Changes -* While we have tried our best to avoid breaking changes when introducing the extension mechanism, the scope of the changes is too large for us to confidently say there won't be breaking changes. +- While we have tried our best to avoid breaking changes when introducing the extension mechanism, the scope of the changes is too large for us to confidently say there won't be breaking changes. > WARNING: CDS Dashboards was removed in this release and upgrading to this version will result in CDS Dashboards being uninstalled. A replacement dashboarding solution is currently in the work and will be integrated soon. > WARNING: We will be removing and ending support for ClearML, Prefect and kbatch in the next release. The kbatch has been functionally replaced by Argo-Jupyter-Scheduler. We have seen little interest in ClearML and Prefect in recent years, and removing makes sense at this point. However if you wish to continue using them with Nebari we encourage you to [write your own Nebari extension](https://www.nebari.dev/docs/how-tos/nebari-extension-system#developing-an-extension). ### What's Changed -* Spinup spot instance for CI with cirun by @aktech in https://github.com/nebari-dev/nebari/pull/1882 -* Fix argo-viewer service account reference by @iameskild in https://github.com/nebari-dev/nebari/pull/1881 -* Framework for Nebari deployment via pytest for extensive testing by @aktech in https://github.com/nebari-dev/nebari/pull/1867 -* [pre-commit.ci] pre-commit autoupdate by @pre-commit-ci in https://github.com/nebari-dev/nebari/pull/1878 -* Test GCP/AWS Deployment with Pytest by @aktech in https://github.com/nebari-dev/nebari/pull/1871 -* Bump DigitalOcean provider to latest by @aktech in https://github.com/nebari-dev/nebari/pull/1891 -* Ensure path is Path object by @iameskild in https://github.com/nebari-dev/nebari/pull/1888 -* enabling viewing hidden files in jupyterlab file explorer by @kalpanachinnappan in https://github.com/nebari-dev/nebari/pull/1893 -* Extension Mechanism Implementation by @costrouc in https://github.com/nebari-dev/nebari/pull/1833 -* Fix import path in deployment tests & misc by @aktech in https://github.com/nebari-dev/nebari/pull/1908 -* pytest:ensure failure on warnings by @costrouc in https://github.com/nebari-dev/nebari/pull/1907 -* workaround for mixed string/posixpath error by @sblair-metrostar in https://github.com/nebari-dev/nebari/pull/1915 -* ENH: Remove aws cli, use boto3 by @fangchenli in https://github.com/nebari-dev/nebari/pull/1920 -* paginator for boto3 ec2 instance types by @sblair-metrostar in https://github.com/nebari-dev/nebari/pull/1923 -* Update README.md -- fix typo. by @teoliphant in https://github.com/nebari-dev/nebari/pull/1925 -* Add more unit tests, add cleanup step for Digital Ocean integration test by @iameskild in https://github.com/nebari-dev/nebari/pull/1910 -* Add cleanup step for AWS integration test, ensure disable_prompt is passed through by @iameskild in https://github.com/nebari-dev/nebari/pull/1921 -* K8s 1.25 + More Improvements by @Adam-D-Lewis in https://github.com/nebari-dev/nebari/pull/1856 -* adding lifecycle ignore to eks node group by @sblair-metrostar in https://github.com/nebari-dev/nebari/pull/1905 -* nebari init unit tests by @sblair-metrostar in https://github.com/nebari-dev/nebari/pull/1931 -* Bug fix - JH singleuser environment getting overwritten by @kenafoster in https://github.com/nebari-dev/nebari/pull/1933 -* Allow users to specify the Azure RG to deploy into by @iameskild in https://github.com/nebari-dev/nebari/pull/1927 -* nebari validate unit tests by @sblair-metrostar in https://github.com/nebari-dev/nebari/pull/1938 -* adding openid connect provider to enable irsa feature by @sblair-metrostar in https://github.com/nebari-dev/nebari/pull/1903 -* nebari upgrade CLI tests by @sblair-metrostar in https://github.com/nebari-dev/nebari/pull/1963 -* CI: Add test coverage by @fangchenli in https://github.com/nebari-dev/nebari/pull/1959 -* nebari cli environment variable handling, support, keycloak, dev tests by @sblair-metrostar in https://github.com/nebari-dev/nebari/pull/1968 -* CI: remove empty notebook to fix pre-commit json check by @fangchenli in https://github.com/nebari-dev/nebari/pull/1976 -* TYP: fix typing error in plugins by @fangchenli in https://github.com/nebari-dev/nebari/pull/1973 -* TYP: fix return class type in hookimpl by @fangchenli in https://github.com/nebari-dev/nebari/pull/1975 -* Allow users to specify Azure tags by @iameskild in https://github.com/nebari-dev/nebari/pull/1967 -* [pre-commit.ci] pre-commit autoupdate by @pre-commit-ci in https://github.com/nebari-dev/nebari/pull/1979 -* Do not try and add argo envs when disabled by @iameskild in https://github.com/nebari-dev/nebari/pull/1926 -* Handle region with care, updates to test suite by @iameskild in https://github.com/nebari-dev/nebari/pull/1930 -* remove custom auth from config schema by @sblair-metrostar in https://github.com/nebari-dev/nebari/pull/1994 -* CLI: handle removed dns options in deploy command by @fangchenli in https://github.com/nebari-dev/nebari/pull/1992 -* Add API docs by @kcpevey in https://github.com/nebari-dev/nebari/pull/1634 -* Upgrade images for jupyterhub-ssh, kbatch by @iameskild in https://github.com/nebari-dev/nebari/pull/1997 -* Add permissions to generate_cli_docs workflow by @iameskild in https://github.com/nebari-dev/nebari/pull/2005 -* standardize regex and messaging for names by @kenafoster in https://github.com/nebari-dev/nebari/pull/2003 -* ENH: specify required fields when retrieving available gcp projects by @fangchenli in https://github.com/nebari-dev/nebari/pull/2008 -* Modify JupyterHub networkPolicy to match existing policy by @iameskild in https://github.com/nebari-dev/nebari/pull/1991 -* Update package dependencies by @iameskild in https://github.com/nebari-dev/nebari/pull/1986 -* CI: Add AWS integration test workflow, clean up by @iameskild in https://github.com/nebari-dev/nebari/pull/1977 -* BUG: fix unboundlocalerror in integration test by @fangchenli in https://github.com/nebari-dev/nebari/pull/1999 -* Auth0/Github auth-provider config validation fix by @sblair-metrostar in https://github.com/nebari-dev/nebari/pull/2009 -* terraform upgrade to 1.5.7 by @sblair-metrostar in https://github.com/nebari-dev/nebari/pull/1998 -* cli init repo auto provision fix by @sblair-metrostar in https://github.com/nebari-dev/nebari/pull/2012 -* Add gcp_cleanup, minor changes by @iameskild in https://github.com/nebari-dev/nebari/pull/2010 -* Fix #2024 by @dcmcand in https://github.com/nebari-dev/nebari/pull/2025 -* Upgrade conda-store to 2023.9.2 by @iameskild in https://github.com/nebari-dev/nebari/pull/2028 -* Add upgrade steps, instructions for 2023.9.1 by @iameskild in https://github.com/nebari-dev/nebari/pull/2029 -* CI: add gcp integration test by @fangchenli in https://github.com/nebari-dev/nebari/pull/2049 -* CLN: remove flake8 from dependencies by @fangchenli in https://github.com/nebari-dev/nebari/pull/2044 -* [pre-commit.ci] pre-commit autoupdate by @pre-commit-ci in https://github.com/nebari-dev/nebari/pull/2047 -* fix typo in guided init for Digital Ocean by @dcmcand in https://github.com/nebari-dev/nebari/pull/2059 -* CI: add do integration by @fangchenli in https://github.com/nebari-dev/nebari/pull/2060 -* TYP: make all subfolders under kubernetes_services/template non-module by @fangchenli in https://github.com/nebari-dev/nebari/pull/2043 -* TYP: fix most typing errors in provider by @fangchenli in https://github.com/nebari-dev/nebari/pull/2038 -* Fix link to documentation on Nebari Deployment home page by @aktech in https://github.com/nebari-dev/nebari/pull/2063 -* TST: enable timeout config in playwright notebook test by @fangchenli in https://github.com/nebari-dev/nebari/pull/1996 -* DEPS: sync supported python version by @fangchenli in https://github.com/nebari-dev/nebari/pull/2065 -* Test support for Python 3.12 by @aktech in https://github.com/nebari-dev/nebari/pull/2046 -* BUG: fix validation error related to `provider` #2054 by @fangchenli in https://github.com/nebari-dev/nebari/pull/2056 -* CI: improve unit test workflow in CI, revert #2046 by @fangchenli in https://github.com/nebari-dev/nebari/pull/2071 -* TST: enable exact_match config in playwright notebook test by @fangchenli in https://github.com/nebari-dev/nebari/pull/2027 -* CI: move conda build test to separate job by @fangchenli in https://github.com/nebari-dev/nebari/pull/2073 -* Revert conda-store to v0.4.14, #2028 by @iameskild in https://github.com/nebari-dev/nebari/pull/2074 -* ENH/CI: add mypy config, and CI workflow by @fangchenli in https://github.com/nebari-dev/nebari/pull/2066 -* Update upgrade for 2023.10.1 by @kenfoster in https://github.com/nebari-dev/nebari/pull/2080 -* Update RELEASE notes, minor fixes by @iameskild in https://github.com/nebari-dev/nebari/pull/2039 + +- Spinup spot instance for CI with cirun by @aktech in https://github.com/nebari-dev/nebari/pull/1882 +- Fix argo-viewer service account reference by @iameskild in https://github.com/nebari-dev/nebari/pull/1881 +- Framework for Nebari deployment via pytest for extensive testing by @aktech in https://github.com/nebari-dev/nebari/pull/1867 +- [pre-commit.ci] pre-commit autoupdate by @pre-commit-ci in https://github.com/nebari-dev/nebari/pull/1878 +- Test GCP/AWS Deployment with Pytest by @aktech in https://github.com/nebari-dev/nebari/pull/1871 +- Bump DigitalOcean provider to latest by @aktech in https://github.com/nebari-dev/nebari/pull/1891 +- Ensure path is Path object by @iameskild in https://github.com/nebari-dev/nebari/pull/1888 +- enabling viewing hidden files in jupyterlab file explorer by @kalpanachinnappan in https://github.com/nebari-dev/nebari/pull/1893 +- Extension Mechanism Implementation by @costrouc in https://github.com/nebari-dev/nebari/pull/1833 +- Fix import path in deployment tests & misc by @aktech in https://github.com/nebari-dev/nebari/pull/1908 +- pytest:ensure failure on warnings by @costrouc in https://github.com/nebari-dev/nebari/pull/1907 +- workaround for mixed string/posixpath error by @sblair-metrostar in https://github.com/nebari-dev/nebari/pull/1915 +- ENH: Remove aws cli, use boto3 by @fangchenli in https://github.com/nebari-dev/nebari/pull/1920 +- paginator for boto3 ec2 instance types by @sblair-metrostar in https://github.com/nebari-dev/nebari/pull/1923 +- Update README.md -- fix typo. by @teoliphant in https://github.com/nebari-dev/nebari/pull/1925 +- Add more unit tests, add cleanup step for Digital Ocean integration test by @iameskild in https://github.com/nebari-dev/nebari/pull/1910 +- Add cleanup step for AWS integration test, ensure disable_prompt is passed through by @iameskild in https://github.com/nebari-dev/nebari/pull/1921 +- K8s 1.25 + More Improvements by @Adam-D-Lewis in https://github.com/nebari-dev/nebari/pull/1856 +- adding lifecycle ignore to eks node group by @sblair-metrostar in https://github.com/nebari-dev/nebari/pull/1905 +- nebari init unit tests by @sblair-metrostar in https://github.com/nebari-dev/nebari/pull/1931 +- Bug fix - JH singleuser environment getting overwritten by @kenafoster in https://github.com/nebari-dev/nebari/pull/1933 +- Allow users to specify the Azure RG to deploy into by @iameskild in https://github.com/nebari-dev/nebari/pull/1927 +- nebari validate unit tests by @sblair-metrostar in https://github.com/nebari-dev/nebari/pull/1938 +- adding openid connect provider to enable irsa feature by @sblair-metrostar in https://github.com/nebari-dev/nebari/pull/1903 +- nebari upgrade CLI tests by @sblair-metrostar in https://github.com/nebari-dev/nebari/pull/1963 +- CI: Add test coverage by @fangchenli in https://github.com/nebari-dev/nebari/pull/1959 +- nebari cli environment variable handling, support, keycloak, dev tests by @sblair-metrostar in https://github.com/nebari-dev/nebari/pull/1968 +- CI: remove empty notebook to fix pre-commit json check by @fangchenli in https://github.com/nebari-dev/nebari/pull/1976 +- TYP: fix typing error in plugins by @fangchenli in https://github.com/nebari-dev/nebari/pull/1973 +- TYP: fix return class type in hookimpl by @fangchenli in https://github.com/nebari-dev/nebari/pull/1975 +- Allow users to specify Azure tags by @iameskild in https://github.com/nebari-dev/nebari/pull/1967 +- [pre-commit.ci] pre-commit autoupdate by @pre-commit-ci in https://github.com/nebari-dev/nebari/pull/1979 +- Do not try and add argo envs when disabled by @iameskild in https://github.com/nebari-dev/nebari/pull/1926 +- Handle region with care, updates to test suite by @iameskild in https://github.com/nebari-dev/nebari/pull/1930 +- remove custom auth from config schema by @sblair-metrostar in https://github.com/nebari-dev/nebari/pull/1994 +- CLI: handle removed dns options in deploy command by @fangchenli in https://github.com/nebari-dev/nebari/pull/1992 +- Add API docs by @kcpevey in https://github.com/nebari-dev/nebari/pull/1634 +- Upgrade images for jupyterhub-ssh, kbatch by @iameskild in https://github.com/nebari-dev/nebari/pull/1997 +- Add permissions to generate_cli_docs workflow by @iameskild in https://github.com/nebari-dev/nebari/pull/2005 +- standardize regex and messaging for names by @kenafoster in https://github.com/nebari-dev/nebari/pull/2003 +- ENH: specify required fields when retrieving available gcp projects by @fangchenli in https://github.com/nebari-dev/nebari/pull/2008 +- Modify JupyterHub networkPolicy to match existing policy by @iameskild in https://github.com/nebari-dev/nebari/pull/1991 +- Update package dependencies by @iameskild in https://github.com/nebari-dev/nebari/pull/1986 +- CI: Add AWS integration test workflow, clean up by @iameskild in https://github.com/nebari-dev/nebari/pull/1977 +- BUG: fix unboundlocalerror in integration test by @fangchenli in https://github.com/nebari-dev/nebari/pull/1999 +- Auth0/Github auth-provider config validation fix by @sblair-metrostar in https://github.com/nebari-dev/nebari/pull/2009 +- terraform upgrade to 1.5.7 by @sblair-metrostar in https://github.com/nebari-dev/nebari/pull/1998 +- cli init repo auto provision fix by @sblair-metrostar in https://github.com/nebari-dev/nebari/pull/2012 +- Add gcp_cleanup, minor changes by @iameskild in https://github.com/nebari-dev/nebari/pull/2010 +- Fix #2024 by @dcmcand in https://github.com/nebari-dev/nebari/pull/2025 +- Upgrade conda-store to 2023.9.2 by @iameskild in https://github.com/nebari-dev/nebari/pull/2028 +- Add upgrade steps, instructions for 2023.9.1 by @iameskild in https://github.com/nebari-dev/nebari/pull/2029 +- CI: add gcp integration test by @fangchenli in https://github.com/nebari-dev/nebari/pull/2049 +- CLN: remove flake8 from dependencies by @fangchenli in https://github.com/nebari-dev/nebari/pull/2044 +- [pre-commit.ci] pre-commit autoupdate by @pre-commit-ci in https://github.com/nebari-dev/nebari/pull/2047 +- fix typo in guided init for Digital Ocean by @dcmcand in https://github.com/nebari-dev/nebari/pull/2059 +- CI: add do integration by @fangchenli in https://github.com/nebari-dev/nebari/pull/2060 +- TYP: make all subfolders under kubernetes_services/template non-module by @fangchenli in https://github.com/nebari-dev/nebari/pull/2043 +- TYP: fix most typing errors in provider by @fangchenli in https://github.com/nebari-dev/nebari/pull/2038 +- Fix link to documentation on Nebari Deployment home page by @aktech in https://github.com/nebari-dev/nebari/pull/2063 +- TST: enable timeout config in playwright notebook test by @fangchenli in https://github.com/nebari-dev/nebari/pull/1996 +- DEPS: sync supported python version by @fangchenli in https://github.com/nebari-dev/nebari/pull/2065 +- Test support for Python 3.12 by @aktech in https://github.com/nebari-dev/nebari/pull/2046 +- BUG: fix validation error related to `provider` #2054 by @fangchenli in https://github.com/nebari-dev/nebari/pull/2056 +- CI: improve unit test workflow in CI, revert #2046 by @fangchenli in https://github.com/nebari-dev/nebari/pull/2071 +- TST: enable exact_match config in playwright notebook test by @fangchenli in https://github.com/nebari-dev/nebari/pull/2027 +- CI: move conda build test to separate job by @fangchenli in https://github.com/nebari-dev/nebari/pull/2073 +- Revert conda-store to v0.4.14, #2028 by @iameskild in https://github.com/nebari-dev/nebari/pull/2074 +- ENH/CI: add mypy config, and CI workflow by @fangchenli in https://github.com/nebari-dev/nebari/pull/2066 +- Update upgrade for 2023.10.1 by @kenfoster in https://github.com/nebari-dev/nebari/pull/2080 +- Update RELEASE notes, minor fixes by @iameskild in https://github.com/nebari-dev/nebari/pull/2039 ### New Contributors -* @kalpanachinnappan made their first contribution in https://github.com/nebari-dev/nebari/pull/1893 -* @fangchenli made their first contribution in https://github.com/nebari-dev/nebari/pull/1920 -* @teoliphant made their first contribution in https://github.com/nebari-dev/nebari/pull/1925 -* @kenafoster made their first contribution in https://github.com/nebari-dev/nebari/pull/1933 -* @dcmcand made their first contribution in https://github.com/nebari-dev/nebari/pull/2025 -**Full Changelog**: https://github.com/nebari-dev/nebari/compare/2023.7.2...2023.10.1 +- @kalpanachinnappan made their first contribution in https://github.com/nebari-dev/nebari/pull/1893 +- @fangchenli made their first contribution in https://github.com/nebari-dev/nebari/pull/1920 +- @teoliphant made their first contribution in https://github.com/nebari-dev/nebari/pull/1925 +- @kenafoster made their first contribution in https://github.com/nebari-dev/nebari/pull/1933 +- @dcmcand made their first contribution in https://github.com/nebari-dev/nebari/pull/2025 +**Full Changelog**: https://github.com/nebari-dev/nebari/compare/2023.7.2...2023.10.1 ## Release 2023.7.2 - August 3, 2023 This is a hot-fix release that resolves an issue whereby users in the `analyst` group are unable to launch their JupyterLab server because the name of the viewer-specific `ARGO_TOKEN` was mislabeled; see [PR 1881](https://github.com/nebari-dev/nebari/pull/1881) for more details. ### What's Changed -* Fix argo-viewer service account reference by @iameskild in https://github.com/nebari-dev/nebari/pull/1881 -* Add release notes for 2023.7.2, update release notes for 2023.7.1 by @iameskild in https://github.com/nebari-dev/nebari/pull/1886 +- Fix argo-viewer service account reference by @iameskild in https://github.com/nebari-dev/nebari/pull/1881 +- Add release notes for 2023.7.2, update release notes for 2023.7.1 by @iameskild in https://github.com/nebari-dev/nebari/pull/1886 ## Release 2023.7.1 - July 21, 2023 @@ -456,204 +461,205 @@ This is a hot-fix release that resolves an issue whereby users in the `analyst` ### Feature changes and enhancements -* Addition of Nebari-Workflow-Controller in [PR 1741](https://github.com/nebari-dev/nebari/pull/1741) -* Addition of Argo-Jupyter-Scheduler in [PR 1832](https://github.com/nebari-dev/nebari/pull/1832) -* Make most of the API private +- Addition of Nebari-Workflow-Controller in [PR 1741](https://github.com/nebari-dev/nebari/pull/1741) +- Addition of Argo-Jupyter-Scheduler in [PR 1832](https://github.com/nebari-dev/nebari/pull/1832) +- Make most of the API private ### Breaking Changes -* As mentioned in the above WARNING, clusters running on AWS should perform a [manual backup](https://www.nebari.dev/docs/how-tos/manual-backup) before running the upgrade to the latest version as changes to the AWS VPC will cause the cluster to be destroyed and redeployed. - +- As mentioned in the above WARNING, clusters running on AWS should perform a [manual backup](https://www.nebari.dev/docs/how-tos/manual-backup) before running the upgrade to the latest version as changes to the AWS VPC will cause the cluster to be destroyed and redeployed. ### What's Changed -* use conda forge explicitly in conda build test by @pmeier in https://github.com/nebari-dev/nebari/pull/1771 -* document that the upgrade command is for all nebari upgrades by @Adam-D-Lewis in https://github.com/nebari-dev/nebari/pull/1794 -* don't fail CI matrices fast by @pmeier in https://github.com/nebari-dev/nebari/pull/1804 -* unvendor keycloak_metrics_spi by @Adam-D-Lewis in https://github.com/nebari-dev/nebari/pull/1810 -* Dedent fail-fast by @iameskild in https://github.com/nebari-dev/nebari/pull/1815 -* support deploying on existing vpc on aws by @Adam-D-Lewis in https://github.com/nebari-dev/nebari/pull/1807 -* purge most danlging qhub references by @pmeier in https://github.com/nebari-dev/nebari/pull/1802 -* Add Argo Workflow Admission controller by @Adam-D-Lewis in https://github.com/nebari-dev/nebari/pull/1741 -* purge infracost CLI command / CI jobs by @pmeier in https://github.com/nebari-dev/nebari/pull/1820 -* remove unused function parameters and CLI flags by @pmeier in https://github.com/nebari-dev/nebari/pull/1725 -* purge docs and nox by @pmeier in https://github.com/nebari-dev/nebari/pull/1801 -* Add Helm chart lint tool by @viniciusdc in https://github.com/nebari-dev/nebari/pull/1679 -* don't set /etc/hosts in CI by @pmeier in https://github.com/nebari-dev/nebari/pull/1729 -* remove execute permissions on templates by @pmeier in https://github.com/nebari-dev/nebari/pull/1798 -* fix deprecated file deletion by @pmeier in https://github.com/nebari-dev/nebari/pull/1799 -* make nebari API private by @pmeier in https://github.com/nebari-dev/nebari/pull/1778 -* [pre-commit.ci] pre-commit autoupdate by @pre-commit-ci in https://github.com/nebari-dev/nebari/pull/1831 -* Simplify CI by @iameskild in https://github.com/nebari-dev/nebari/pull/1819 -* Fix edge-case where k8s_version is equal to HIGHEST_SUPPORTED_K8S_VER… by @iameskild in https://github.com/nebari-dev/nebari/pull/1842 -* add more configuration to enable private clusters on AWS by @Adam-D-Lewis in https://github.com/nebari-dev/nebari/pull/1841 -* [pre-commit.ci] pre-commit autoupdate by @pre-commit-ci in https://github.com/nebari-dev/nebari/pull/1851 -* AWS gov cloud support by @sblair-metrostar in https://github.com/nebari-dev/nebari/pull/1857 -* Pathlib everywhere by @pmeier in https://github.com/nebari-dev/nebari/pull/1773 -* Initial playwright setup by @kcpevey in https://github.com/nebari-dev/nebari/pull/1665 -* Changes required for Jupyter-Scheduler integration by @iameskild in https://github.com/nebari-dev/nebari/pull/1832 -* Update upgrade command in preparation for release by @iameskild in https://github.com/nebari-dev/nebari/pull/1868 -* Add release notes by @iameskild in https://github.com/nebari-dev/nebari/issues/1869 + +- use conda forge explicitly in conda build test by @pmeier in https://github.com/nebari-dev/nebari/pull/1771 +- document that the upgrade command is for all nebari upgrades by @Adam-D-Lewis in https://github.com/nebari-dev/nebari/pull/1794 +- don't fail CI matrices fast by @pmeier in https://github.com/nebari-dev/nebari/pull/1804 +- unvendor keycloak_metrics_spi by @Adam-D-Lewis in https://github.com/nebari-dev/nebari/pull/1810 +- Dedent fail-fast by @iameskild in https://github.com/nebari-dev/nebari/pull/1815 +- support deploying on existing vpc on aws by @Adam-D-Lewis in https://github.com/nebari-dev/nebari/pull/1807 +- purge most danlging qhub references by @pmeier in https://github.com/nebari-dev/nebari/pull/1802 +- Add Argo Workflow Admission controller by @Adam-D-Lewis in https://github.com/nebari-dev/nebari/pull/1741 +- purge infracost CLI command / CI jobs by @pmeier in https://github.com/nebari-dev/nebari/pull/1820 +- remove unused function parameters and CLI flags by @pmeier in https://github.com/nebari-dev/nebari/pull/1725 +- purge docs and nox by @pmeier in https://github.com/nebari-dev/nebari/pull/1801 +- Add Helm chart lint tool by @viniciusdc in https://github.com/nebari-dev/nebari/pull/1679 +- don't set /etc/hosts in CI by @pmeier in https://github.com/nebari-dev/nebari/pull/1729 +- remove execute permissions on templates by @pmeier in https://github.com/nebari-dev/nebari/pull/1798 +- fix deprecated file deletion by @pmeier in https://github.com/nebari-dev/nebari/pull/1799 +- make nebari API private by @pmeier in https://github.com/nebari-dev/nebari/pull/1778 +- [pre-commit.ci] pre-commit autoupdate by @pre-commit-ci in https://github.com/nebari-dev/nebari/pull/1831 +- Simplify CI by @iameskild in https://github.com/nebari-dev/nebari/pull/1819 +- Fix edge-case where k8s_version is equal to HIGHEST_SUPPORTED_K8S_VER… by @iameskild in https://github.com/nebari-dev/nebari/pull/1842 +- add more configuration to enable private clusters on AWS by @Adam-D-Lewis in https://github.com/nebari-dev/nebari/pull/1841 +- [pre-commit.ci] pre-commit autoupdate by @pre-commit-ci in https://github.com/nebari-dev/nebari/pull/1851 +- AWS gov cloud support by @sblair-metrostar in https://github.com/nebari-dev/nebari/pull/1857 +- Pathlib everywhere by @pmeier in https://github.com/nebari-dev/nebari/pull/1773 +- Initial playwright setup by @kcpevey in https://github.com/nebari-dev/nebari/pull/1665 +- Changes required for Jupyter-Scheduler integration by @iameskild in https://github.com/nebari-dev/nebari/pull/1832 +- Update upgrade command in preparation for release by @iameskild in https://github.com/nebari-dev/nebari/pull/1868 +- Add release notes by @iameskild in https://github.com/nebari-dev/nebari/issues/1869 ### New Contributors -* @sblair-metrostar made their first contribution in https://github.com/nebari-dev/nebari/pull/1857 -**Full Changelog**: https://github.com/nebari-dev/nebari/compare/2023.5.1...2023.7.1 +- @sblair-metrostar made their first contribution in https://github.com/nebari-dev/nebari/pull/1857 +**Full Changelog**: https://github.com/nebari-dev/nebari/compare/2023.5.1...2023.7.1 ### Release 2023.5.1 - May 5, 2023 ### Feature changes and enhancements -* Upgrade Argo-Workflows to version 3.4.4 +- Upgrade Argo-Workflows to version 3.4.4 ### Breaking Changes -* The Argo-Workflows version upgrade will result in a breaking change if the existing Kubernetes CRDs are not deleted (see the NOTE below for more details). -* There is a minor breaking change for the Nebari CLI version shorthand, previously it `nebari -v` and now to align with Python convention, it will be `nebari -V`. +- The Argo-Workflows version upgrade will result in a breaking change if the existing Kubernetes CRDs are not deleted (see the NOTE below for more details). +- There is a minor breaking change for the Nebari CLI version shorthand, previously it `nebari -v` and now to align with Python convention, it will be `nebari -V`. > NOTE: After installing the Nebari version `2023.5.1`, please run `nebari upgrade -c nebari-config.yaml` to upgrade > the `nebari-config.yaml`. This command will also prompt you to delete a few Kubernetes resources (specifically > the Argo-Workflows CRDS and service accounts) before you can upgrade. ### What's Changed -* Use --quiet flag for conda install in CI by @pmeier in https://github.com/nebari-dev/nebari/pull/1699 -* improve CLI tests by @pmeier in https://github.com/nebari-dev/nebari/pull/1710 -* Fix Existing dashboards by @Adam-D-Lewis in https://github.com/nebari-dev/nebari/pull/1723 -* Fix dashboards by @Adam-D-Lewis in https://github.com/nebari-dev/nebari/pull/1727 -* Typo in the conda-store <-> conda_store key by @costrouc in https://github.com/nebari-dev/nebari/pull/1740 -* use -V (upper case) for --version short form by @pmeier in https://github.com/nebari-dev/nebari/pull/1720 -* [pre-commit.ci] pre-commit autoupdate by @pre-commit-ci in https://github.com/nebari-dev/nebari/pull/1692 -* improve pytest configuration by @pmeier in https://github.com/nebari-dev/nebari/pull/1700 -* fix upgrade command to look for nebari_version instead of qhub_version by @Adam-D-Lewis in https://github.com/nebari-dev/nebari/pull/1693 -* remove lazy import by @pmeier in https://github.com/nebari-dev/nebari/pull/1721 -* fix nebari invocation through python by @pmeier in https://github.com/nebari-dev/nebari/pull/1711 -* Update Argo Workflows to latest version by @Adam-D-Lewis in https://github.com/nebari-dev/nebari/pull/1639 -* Update secret token in release-notes-sync action by @pavithraes in https://github.com/nebari-dev/nebari/pull/1753 -* Typo fix in release-notes-sync action by @pavithraes in https://github.com/nebari-dev/nebari/pull/1756 -* πŸ”„ Synced file(s) with nebari-dev/.github by @nebari-sensei in https://github.com/nebari-dev/nebari/pull/1758 -* Update path in release-notes-sync action by @pavithraes in https://github.com/nebari-dev/nebari/pull/1757 -* Updating heading format in release notes by @pavithraes in https://github.com/nebari-dev/nebari/pull/1761 -* Update vault url by @costrouc in https://github.com/nebari-dev/nebari/pull/1752 -* Fix? contributor test trigger by @pmeier in https://github.com/nebari-dev/nebari/pull/1734 -* Consistent user Experience with y/N. by @AM-O7 in https://github.com/nebari-dev/nebari/pull/1747 -* Fix contributor trigger by @pmeier in https://github.com/nebari-dev/nebari/pull/1765 -* add more debug output to contributor test trigger by @pmeier in https://github.com/nebari-dev/nebari/pull/1766 -* fix copy-paste error by @pmeier in https://github.com/nebari-dev/nebari/pull/1767 -* add instructions insufficient permissions of contributor trigger by @pmeier in https://github.com/nebari-dev/nebari/pull/1772 -* fix invalid escape sequence by @pmeier in https://github.com/nebari-dev/nebari/pull/1770 -* Update AMI in `.cirun.yml` for nebari-dev-ci AWS account by @aktech in https://github.com/nebari-dev/nebari/pull/1776 -* [pre-commit.ci] pre-commit autoupdate by @pre-commit-ci in https://github.com/nebari-dev/nebari/pull/1768 -* turn warnings into errors with pytest by @pmeier in https://github.com/nebari-dev/nebari/pull/1774 -* purge setup.cfg by @pmeier in https://github.com/nebari-dev/nebari/pull/1781 -* improve pre-commit run on GHA by @pmeier in https://github.com/nebari-dev/nebari/pull/1782 -* Upgrade to k8s 1.24 by @iameskild in https://github.com/nebari-dev/nebari/pull/1760 -* Overloaded dask gateway fix by @Adam-D-Lewis in https://github.com/nebari-dev/nebari/pull/1777 -* Add option to specify GKE release channel by @iameskild in https://github.com/nebari-dev/nebari/pull/1648 -* Update upgrade command, add RELEASE notes by @iameskild in https://github.com/nebari-dev/nebari/pull/1789 + +- Use --quiet flag for conda install in CI by @pmeier in https://github.com/nebari-dev/nebari/pull/1699 +- improve CLI tests by @pmeier in https://github.com/nebari-dev/nebari/pull/1710 +- Fix Existing dashboards by @Adam-D-Lewis in https://github.com/nebari-dev/nebari/pull/1723 +- Fix dashboards by @Adam-D-Lewis in https://github.com/nebari-dev/nebari/pull/1727 +- Typo in the conda-store - conda_store key by @costrouc in https://github.com/nebari-dev/nebari/pull/1740 +- use -V (upper case) for --version short form by @pmeier in https://github.com/nebari-dev/nebari/pull/1720 +- [pre-commit.ci] pre-commit autoupdate by @pre-commit-ci in https://github.com/nebari-dev/nebari/pull/1692 +- improve pytest configuration by @pmeier in https://github.com/nebari-dev/nebari/pull/1700 +- fix upgrade command to look for nebari_version instead of qhub_version by @Adam-D-Lewis in https://github.com/nebari-dev/nebari/pull/1693 +- remove lazy import by @pmeier in https://github.com/nebari-dev/nebari/pull/1721 +- fix nebari invocation through python by @pmeier in https://github.com/nebari-dev/nebari/pull/1711 +- Update Argo Workflows to latest version by @Adam-D-Lewis in https://github.com/nebari-dev/nebari/pull/1639 +- Update secret token in release-notes-sync action by @pavithraes in https://github.com/nebari-dev/nebari/pull/1753 +- Typo fix in release-notes-sync action by @pavithraes in https://github.com/nebari-dev/nebari/pull/1756 +- πŸ”„ Synced file(s) with nebari-dev/.github by @nebari-sensei in https://github.com/nebari-dev/nebari/pull/1758 +- Update path in release-notes-sync action by @pavithraes in https://github.com/nebari-dev/nebari/pull/1757 +- Updating heading format in release notes by @pavithraes in https://github.com/nebari-dev/nebari/pull/1761 +- Update vault url by @costrouc in https://github.com/nebari-dev/nebari/pull/1752 +- Fix? contributor test trigger by @pmeier in https://github.com/nebari-dev/nebari/pull/1734 +- Consistent user Experience with y/N. by @AM-O7 in https://github.com/nebari-dev/nebari/pull/1747 +- Fix contributor trigger by @pmeier in https://github.com/nebari-dev/nebari/pull/1765 +- add more debug output to contributor test trigger by @pmeier in https://github.com/nebari-dev/nebari/pull/1766 +- fix copy-paste error by @pmeier in https://github.com/nebari-dev/nebari/pull/1767 +- add instructions insufficient permissions of contributor trigger by @pmeier in https://github.com/nebari-dev/nebari/pull/1772 +- fix invalid escape sequence by @pmeier in https://github.com/nebari-dev/nebari/pull/1770 +- Update AMI in `.cirun.yml` for nebari-dev-ci AWS account by @aktech in https://github.com/nebari-dev/nebari/pull/1776 +- [pre-commit.ci] pre-commit autoupdate by @pre-commit-ci in https://github.com/nebari-dev/nebari/pull/1768 +- turn warnings into errors with pytest by @pmeier in https://github.com/nebari-dev/nebari/pull/1774 +- purge setup.cfg by @pmeier in https://github.com/nebari-dev/nebari/pull/1781 +- improve pre-commit run on GHA by @pmeier in https://github.com/nebari-dev/nebari/pull/1782 +- Upgrade to k8s 1.24 by @iameskild in https://github.com/nebari-dev/nebari/pull/1760 +- Overloaded dask gateway fix by @Adam-D-Lewis in https://github.com/nebari-dev/nebari/pull/1777 +- Add option to specify GKE release channel by @iameskild in https://github.com/nebari-dev/nebari/pull/1648 +- Update upgrade command, add RELEASE notes by @iameskild in https://github.com/nebari-dev/nebari/pull/1789 ### New Contributors -* @pmeier made their first contribution in https://github.com/nebari-dev/nebari/pull/1699 -* @AM-O7 made their first contribution in https://github.com/nebari-dev/nebari/pull/1747 -**Full Changelog**: https://github.com/nebari-dev/nebari/compare/2023.4.1...2023.5.1 +- @pmeier made their first contribution in https://github.com/nebari-dev/nebari/pull/1699 +- @AM-O7 made their first contribution in https://github.com/nebari-dev/nebari/pull/1747 +**Full Changelog**: https://github.com/nebari-dev/nebari/compare/2023.4.1...2023.5.1 ## Release 2023.4.1 - April 12, 2023 > NOTE: Nebari requires Kubernetes version 1.23 and Digital Ocean now requires new clusters to run Kubernetes version 1.24. This means that if you are currently running on Digital Ocean, you should be fine but deploying on a new cluster on Digital Ocean is not possible until we upgrade Kubernetes version (see [issue 1622](https://github.com/nebari-dev/nebari/issues/1622) for more details). - ### Feature changes and enhancements -* Upgrades and improvements to conda-store including a new user-interface and greater administrator capabilities. -* Idle-culler settings can now be configured directly from the `nebari-config.yaml`. - +- Upgrades and improvements to conda-store including a new user-interface and greater administrator capabilities. +- Idle-culler settings can now be configured directly from the `nebari-config.yaml`. ### What's Changed -* PR: Raise timeout for jupyter session by @ppwadhwa in https://github.com/nebari-dev/nebari/pull/1646 -* PR lower dashboard launch timeout by @ppwadhwa in https://github.com/nebari-dev/nebari/pull/1647 -* PR: Update dashboard environment by @ppwadhwa in https://github.com/nebari-dev/nebari/pull/1655 -* Fix doc link in README.md by @tkoyama010 in https://github.com/nebari-dev/nebari/pull/1660 -* PR: Update dask environment by @ppwadhwa in https://github.com/nebari-dev/nebari/pull/1654 -* Feature remove jupyterlab news by @costrouc in https://github.com/nebari-dev/nebari/pull/1641 -* [pre-commit.ci] pre-commit autoupdate by @pre-commit-ci in https://github.com/nebari-dev/nebari/pull/1644 -* Feat GitHub actions before_script and after_script steps by @costrouc in https://github.com/nebari-dev/nebari/pull/1672 -* Remove examples folder by @ppwadhwa in https://github.com/nebari-dev/nebari/pull/1664 -* Fix GH action typos by @kcpevey in https://github.com/nebari-dev/nebari/pull/1677 -* Github Actions CI needs id-token write permissions by @costrouc in https://github.com/nebari-dev/nebari/pull/1682 -* Update AWS force destroy script, include lingering volumes by @iameskild in https://github.com/nebari-dev/nebari/pull/1681 -* [pre-commit.ci] pre-commit autoupdate by @pre-commit-ci in https://github.com/nebari-dev/nebari/pull/1673 -* Make idle culler settings configurable from the `nebari-config.yaml` by @iameskild in https://github.com/nebari-dev/nebari/pull/1689 -* Update pyproject dependencies and add test to ensure it builds on conda-forge by @iameskild in https://github.com/nebari-dev/nebari/pull/1662 -* Retrieve secrets from Vault, fix test-provider CI by @iameskild in https://github.com/nebari-dev/nebari/pull/1676 -* Pull PyPI secrets from Vault by @iameskild in https://github.com/nebari-dev/nebari/pull/1696 -* Adding newest conda-store 0.4.14 along with superadmin credentials by @costrouc in https://github.com/nebari-dev/nebari/pull/1701 -* Update release notes for 2023.4.1 by @iameskild in https://github.com/nebari-dev/nebari/pull/1722 + +- PR: Raise timeout for jupyter session by @ppwadhwa in https://github.com/nebari-dev/nebari/pull/1646 +- PR lower dashboard launch timeout by @ppwadhwa in https://github.com/nebari-dev/nebari/pull/1647 +- PR: Update dashboard environment by @ppwadhwa in https://github.com/nebari-dev/nebari/pull/1655 +- Fix doc link in README.md by @tkoyama010 in https://github.com/nebari-dev/nebari/pull/1660 +- PR: Update dask environment by @ppwadhwa in https://github.com/nebari-dev/nebari/pull/1654 +- Feature remove jupyterlab news by @costrouc in https://github.com/nebari-dev/nebari/pull/1641 +- [pre-commit.ci] pre-commit autoupdate by @pre-commit-ci in https://github.com/nebari-dev/nebari/pull/1644 +- Feat GitHub actions before_script and after_script steps by @costrouc in https://github.com/nebari-dev/nebari/pull/1672 +- Remove examples folder by @ppwadhwa in https://github.com/nebari-dev/nebari/pull/1664 +- Fix GH action typos by @kcpevey in https://github.com/nebari-dev/nebari/pull/1677 +- Github Actions CI needs id-token write permissions by @costrouc in https://github.com/nebari-dev/nebari/pull/1682 +- Update AWS force destroy script, include lingering volumes by @iameskild in https://github.com/nebari-dev/nebari/pull/1681 +- [pre-commit.ci] pre-commit autoupdate by @pre-commit-ci in https://github.com/nebari-dev/nebari/pull/1673 +- Make idle culler settings configurable from the `nebari-config.yaml` by @iameskild in https://github.com/nebari-dev/nebari/pull/1689 +- Update pyproject dependencies and add test to ensure it builds on conda-forge by @iameskild in https://github.com/nebari-dev/nebari/pull/1662 +- Retrieve secrets from Vault, fix test-provider CI by @iameskild in https://github.com/nebari-dev/nebari/pull/1676 +- Pull PyPI secrets from Vault by @iameskild in https://github.com/nebari-dev/nebari/pull/1696 +- Adding newest conda-store 0.4.14 along with superadmin credentials by @costrouc in https://github.com/nebari-dev/nebari/pull/1701 +- Update release notes for 2023.4.1 by @iameskild in https://github.com/nebari-dev/nebari/pull/1722 ### New Contributors -* @ppwadhwa made their first contribution in https://github.com/nebari-dev/nebari/pull/1646 -* @tkoyama010 made their first contribution in https://github.com/nebari-dev/nebari/pull/1660 + +- @ppwadhwa made their first contribution in https://github.com/nebari-dev/nebari/pull/1646 +- @tkoyama010 made their first contribution in https://github.com/nebari-dev/nebari/pull/1660 **Full Changelog**: https://github.com/nebari-dev/nebari/compare/2023.1.1...2023.4.1 ## Release 2023.1.1 - January 30, 2023 ### What's Changed -* πŸ”„ Synced file(s) with nebari-dev/.github by @nebari-sensei in https://github.com/nebari-dev/nebari/pull/1588 -* Make conda-store file system read-only by default by @alimanfoo in https://github.com/nebari-dev/nebari/pull/1595 -* ENH - Switch to ruff and pre-commit.ci by @trallard in https://github.com/nebari-dev/nebari/pull/1602 -* Migrate to hatch by @iameskild in https://github.com/nebari-dev/nebari/pull/1545 -* Add check_repository_cred function to CLI by @iameskild in https://github.com/nebari-dev/nebari/pull/1605 -* Adding jupyterlab-conda-store extension support to Nebari by @costrouc in https://github.com/nebari-dev/nebari/pull/1564 -* [pre-commit.ci] pre-commit autoupdate by @pre-commit-ci in https://github.com/nebari-dev/nebari/pull/1613 -* Ensure Argo-Workflow controller containerRuntimeExecutor is set to emissary by @iameskild in https://github.com/nebari-dev/nebari/pull/1614 -* Pass `secret_name` to TF scripts when certificate type = existing by @iameskild in https://github.com/nebari-dev/nebari/pull/1621 -* Pin Nebari dependencies, set k8s version for GKE by @iameskild in https://github.com/nebari-dev/nebari/pull/1624 -* Create aws-force-destroy bash script by @iameskild in https://github.com/nebari-dev/nebari/pull/1611 -* Add option for AWS node-groups to run in a single subnet/AZ by @iameskild in https://github.com/nebari-dev/nebari/pull/1428 -* Add export-users to keycloak CLI command, add dev CLI command by @iameskild in https://github.com/nebari-dev/nebari/pull/1610 -* Unpin packages in default dashboard env by @iameskild in https://github.com/nebari-dev/pull/1628 -* Add release notes for 2023.1.1 by @iameskild in https://github.com/nebari-dev/nebari/pull/1629 -* Set GKE release_channel to unspecified to prevent auto k8s updates by @iameskild in https://github.com/nebari-dev/nebari/pull/1630 -* Update default nebari-dask, nebari image tags by @iameskild in https://github.com/nebari-dev/nebari/pull/1636 + +- πŸ”„ Synced file(s) with nebari-dev/.github by @nebari-sensei in https://github.com/nebari-dev/nebari/pull/1588 +- Make conda-store file system read-only by default by @alimanfoo in https://github.com/nebari-dev/nebari/pull/1595 +- ENH - Switch to ruff and pre-commit.ci by @trallard in https://github.com/nebari-dev/nebari/pull/1602 +- Migrate to hatch by @iameskild in https://github.com/nebari-dev/nebari/pull/1545 +- Add check_repository_cred function to CLI by @iameskild in https://github.com/nebari-dev/nebari/pull/1605 +- Adding jupyterlab-conda-store extension support to Nebari by @costrouc in https://github.com/nebari-dev/nebari/pull/1564 +- [pre-commit.ci] pre-commit autoupdate by @pre-commit-ci in https://github.com/nebari-dev/nebari/pull/1613 +- Ensure Argo-Workflow controller containerRuntimeExecutor is set to emissary by @iameskild in https://github.com/nebari-dev/nebari/pull/1614 +- Pass `secret_name` to TF scripts when certificate type = existing by @iameskild in https://github.com/nebari-dev/nebari/pull/1621 +- Pin Nebari dependencies, set k8s version for GKE by @iameskild in https://github.com/nebari-dev/nebari/pull/1624 +- Create aws-force-destroy bash script by @iameskild in https://github.com/nebari-dev/nebari/pull/1611 +- Add option for AWS node-groups to run in a single subnet/AZ by @iameskild in https://github.com/nebari-dev/nebari/pull/1428 +- Add export-users to keycloak CLI command, add dev CLI command by @iameskild in https://github.com/nebari-dev/nebari/pull/1610 +- Unpin packages in default dashboard env by @iameskild in https://github.com/nebari-dev/pull/1628 +- Add release notes for 2023.1.1 by @iameskild in https://github.com/nebari-dev/nebari/pull/1629 +- Set GKE release_channel to unspecified to prevent auto k8s updates by @iameskild in https://github.com/nebari-dev/nebari/pull/1630 +- Update default nebari-dask, nebari image tags by @iameskild in https://github.com/nebari-dev/nebari/pull/1636 ### New Contributors -* @pre-commit-ci made their first contribution in https://github.com/nebari-dev/nebari/pull/1613 +- @pre-commit-ci made their first contribution in https://github.com/nebari-dev/nebari/pull/1613 ## Release 2022.11.1 - December 1, 2022 ### What's Changed -* cherry-pick Update README logo (#1514) by @aktech in https://github.com/nebari-dev/nebari/pull/1517 -* Release/2022.10.1 by @iameskild in https://github.com/nebari-dev/nebari/pull/1527 -* Add Note about QHub->Nebari rename in old docs by @pavithraes in https://github.com/nebari-dev/nebari/pull/1543 -* πŸ”„ Synced file(s) with nebari-dev/.github by @nebari-sensei in https://github.com/nebari-dev/nebari/pull/1550 -* πŸ”„ Synced file(s) with nebari-dev/.github by @nebari-sensei in https://github.com/nebari-dev/nebari/pull/1551 -* πŸ”„ Synced file(s) with nebari-dev/.github by @nebari-sensei in https://github.com/nebari-dev/nebari/pull/1555 -* πŸ”„ Synced file(s) with nebari-dev/.github by @nebari-sensei in https://github.com/nebari-dev/nebari/pull/1560 -* Small CLI fixes by @iameskild in https://github.com/nebari-dev/nebari/pull/1529 -* πŸ”„ Synced file(s) with nebari-dev/.github by @nebari-sensei in https://github.com/nebari-dev/nebari/pull/1561 -* Render github actions configurations as yaml by @aktech in https://github.com/nebari-dev/nebari/pull/1528 -* Update "QHub" to "Nebari" in example notebooks by @pavithraes in https://github.com/nebari-dev/nebari/pull/1556 -* Update links to Nebari docs in guided init by @pavithraes in https://github.com/nebari-dev/nebari/pull/1557 -* CI: Spinup unique cirun runners for each job by @aktech in https://github.com/nebari-dev/nebari/pull/1563 -* Issue-1417: Improve Dask workers placement on AWS | fixing a minor typo by @limacarvalho in https://github.com/nebari-dev/nebari/pull/1487 -* Update `setup-node` version by @iameskild in https://github.com/nebari-dev/nebari/pull/1570 -* Facilitate CI run for contributor PR by @aktech in https://github.com/nebari-dev/nebari/pull/1568 -* Action to sync release notes with nebari-docs by @pavithraes in https://github.com/nebari-dev/nebari/pull/1554 -* Restore how the dask worker node group is selected by default by @iameskild in https://github.com/nebari-dev/nebari/pull/1577 -* Fix skip check for workflows by @aktech in https://github.com/nebari-dev/nebari/pull/1578 -* πŸ“ Update readme by @trallard in https://github.com/nebari-dev/nebari/pull/1579 -* MAINT - Miscellaneous maintenance tasks by @trallard in https://github.com/nebari-dev/nebari/pull/1580 -* Wait for Test PyPI to upload test release by @iameskild in https://github.com/nebari-dev/nebari/pull/1583 -* Add release notes for 2022.11.1 by @iameskild in https://github.com/nebari-dev/nebari/pull/1584 - +- cherry-pick Update README logo (#1514) by @aktech in https://github.com/nebari-dev/nebari/pull/1517 +- Release/2022.10.1 by @iameskild in https://github.com/nebari-dev/nebari/pull/1527 +- Add Note about QHub->Nebari rename in old docs by @pavithraes in https://github.com/nebari-dev/nebari/pull/1543 +- πŸ”„ Synced file(s) with nebari-dev/.github by @nebari-sensei in https://github.com/nebari-dev/nebari/pull/1550 +- πŸ”„ Synced file(s) with nebari-dev/.github by @nebari-sensei in https://github.com/nebari-dev/nebari/pull/1551 +- πŸ”„ Synced file(s) with nebari-dev/.github by @nebari-sensei in https://github.com/nebari-dev/nebari/pull/1555 +- πŸ”„ Synced file(s) with nebari-dev/.github by @nebari-sensei in https://github.com/nebari-dev/nebari/pull/1560 +- Small CLI fixes by @iameskild in https://github.com/nebari-dev/nebari/pull/1529 +- πŸ”„ Synced file(s) with nebari-dev/.github by @nebari-sensei in https://github.com/nebari-dev/nebari/pull/1561 +- Render github actions configurations as yaml by @aktech in https://github.com/nebari-dev/nebari/pull/1528 +- Update "QHub" to "Nebari" in example notebooks by @pavithraes in https://github.com/nebari-dev/nebari/pull/1556 +- Update links to Nebari docs in guided init by @pavithraes in https://github.com/nebari-dev/nebari/pull/1557 +- CI: Spinup unique cirun runners for each job by @aktech in https://github.com/nebari-dev/nebari/pull/1563 +- Issue-1417: Improve Dask workers placement on AWS | fixing a minor typo by @limacarvalho in https://github.com/nebari-dev/nebari/pull/1487 +- Update `setup-node` version by @iameskild in https://github.com/nebari-dev/nebari/pull/1570 +- Facilitate CI run for contributor PR by @aktech in https://github.com/nebari-dev/nebari/pull/1568 +- Action to sync release notes with nebari-docs by @pavithraes in https://github.com/nebari-dev/nebari/pull/1554 +- Restore how the dask worker node group is selected by default by @iameskild in https://github.com/nebari-dev/nebari/pull/1577 +- Fix skip check for workflows by @aktech in https://github.com/nebari-dev/nebari/pull/1578 +- πŸ“ Update readme by @trallard in https://github.com/nebari-dev/nebari/pull/1579 +- MAINT - Miscellaneous maintenance tasks by @trallard in https://github.com/nebari-dev/nebari/pull/1580 +- Wait for Test PyPI to upload test release by @iameskild in https://github.com/nebari-dev/nebari/pull/1583 +- Add release notes for 2022.11.1 by @iameskild in https://github.com/nebari-dev/nebari/pull/1584 ### New Contributors -* @nebari-sensei made their first contribution in https://github.com/nebari-dev/nebari/pull/1550 -* @limacarvalho made their first contribution in https://github.com/nebari-dev/nebari/pull/1487 +- @nebari-sensei made their first contribution in https://github.com/nebari-dev/nebari/pull/1550 +- @limacarvalho made their first contribution in https://github.com/nebari-dev/nebari/pull/1487 ## Release 2022.10.1 - October 28, 2022 @@ -661,33 +667,34 @@ This is a hot-fix release that resolves an issue whereby users in the `analyst` > The project has recently been renamed from QHub to Nebari. If your deployment is is still managed by `qhub`, performing an inplace upgrade will **IRREVOCABLY BREAK** your deployment. This will cause you to lose any data stored on the platform, including but not limited to, NFS (filesystem) data, conda-store environments, Keycloak users and groups, etc. Please [backup](https://www.nebari.dev/docs/how-tos/manual-backup) your data before attempting an upgrade. - ### Feature changes and enhancements We are happy to announce the first official release of Nebari (formly QHub)! This release lays the groundwork for many exciting new features and improvements to come. This release introduces several important changes which include: + - a major project name change from QHub to Nebari - [PR 1508](https://github.com/nebari-dev/nebari/pull/1508) - a switch from the SemVer to CalVer versioning format - [PR 1501](https://github.com/nebari-dev/nebari/pull/1501) - a new, Typer-based CLI for improved user experience - [PR 1443](https://github.com/Quansight/qhub/pull/1443) + [PR 1519](https://github.com/nebari-dev/nebari/pull/1519) Although breaking changes are never fun, the Nebari development team believes these changes are important for the immediate and future success of the project. If you experience any issues or have any questions about these changes, feel free to open an [issue on our Github repo](https://github.com/nebari-dev/nebari/issues). - ### What's Changed -* Switch to CalVer by @iameskild in https://github.com/nebari-dev/nebari/pull/1501 -* Update theme welcome messages to use Nebari by @pavithraes in https://github.com/nebari-dev/nebari/pull/1503 -* Name change QHub --> Nebari by @iameskild in https://github.com/nebari-dev/nebari/pull/1508 -* qhub/initialize: lazy load attributes that require remote information by @FFY00 in https://github.com/nebari-dev/nebari/pull/1509 -* Update README logo reference by @viniciusdc in https://github.com/nebari-dev/nebari/pull/1514 -* Add fix, enhancements and pytests for CLI by @iameskild in https://github.com/nebari-dev/nebari/pull/1498 -* Remove old CLI + cleanup by @iameskild in https://github.com/nebari-dev/nebari/pull/1519 -* Update `skip_remote_state_provision` default value by @viniciusdc in https://github.com/nebari-dev/nebari/pull/1521 -* Add release notes for 2022.10.1 in https://github.com/nebari-dev/nebari/pull/1523 + +- Switch to CalVer by @iameskild in https://github.com/nebari-dev/nebari/pull/1501 +- Update theme welcome messages to use Nebari by @pavithraes in https://github.com/nebari-dev/nebari/pull/1503 +- Name change QHub --> Nebari by @iameskild in https://github.com/nebari-dev/nebari/pull/1508 +- qhub/initialize: lazy load attributes that require remote information by @FFY00 in https://github.com/nebari-dev/nebari/pull/1509 +- Update README logo reference by @viniciusdc in https://github.com/nebari-dev/nebari/pull/1514 +- Add fix, enhancements and pytests for CLI by @iameskild in https://github.com/nebari-dev/nebari/pull/1498 +- Remove old CLI + cleanup by @iameskild in https://github.com/nebari-dev/nebari/pull/1519 +- Update `skip_remote_state_provision` default value by @viniciusdc in https://github.com/nebari-dev/nebari/pull/1521 +- Add release notes for 2022.10.1 in https://github.com/nebari-dev/nebari/pull/1523 ### New Contributors -* @pavithraes made their first contribution in https://github.com/nebari-dev/nebari/pull/1503 -* @FFY00 made their first contribution in https://github.com/nebari-dev/nebari/pull/1509 + +- @pavithraes made their first contribution in https://github.com/nebari-dev/nebari/pull/1503 +- @FFY00 made their first contribution in https://github.com/nebari-dev/nebari/pull/1509 **Note: The following releases (v0.4.5 and lower) were made under the name `Quansight/qhub`.** @@ -703,17 +710,19 @@ Enhancements for this release include: - Updated Traefik version to support the latest Kubernetes API ### What's Changed -* Update azurerm version by @tjcrone in https://github.com/Quansight/qhub/pull/1471 -* Make CDSDashboards.conda_envs dynamically update from function by @costrouc in https://github.com/Quansight/qhub/pull/1358 -* Fix get_latest_repo_tag fn by @iameskild in https://github.com/Quansight/qhub/pull/1485 -* Nebari Typer CLI by @asmijafar20 in https://github.com/Quansight/qhub/pull/1443 -* Pass AWS `region`, `kubernetes_version` to terraform scripts by @iameskild in https://github.com/Quansight/qhub/pull/1493 -* Enable ebs-csi driver on AWS, add region + kubernetes_version vars by @iameskild in https://github.com/Quansight/qhub/pull/1494 -* Update traefik version + CRD by @iameskild in https://github.com/Quansight/qhub/pull/1489 -* [ENH] Switch default and filesystem name envs by @viniciusdc in https://github.com/Quansight/qhub/pull/1357 + +- Update azurerm version by @tjcrone in https://github.com/Quansight/qhub/pull/1471 +- Make CDSDashboards.conda_envs dynamically update from function by @costrouc in https://github.com/Quansight/qhub/pull/1358 +- Fix get_latest_repo_tag fn by @iameskild in https://github.com/Quansight/qhub/pull/1485 +- Nebari Typer CLI by @asmijafar20 in https://github.com/Quansight/qhub/pull/1443 +- Pass AWS `region`, `kubernetes_version` to terraform scripts by @iameskild in https://github.com/Quansight/qhub/pull/1493 +- Enable ebs-csi driver on AWS, add region + kubernetes_version vars by @iameskild in https://github.com/Quansight/qhub/pull/1494 +- Update traefik version + CRD by @iameskild in https://github.com/Quansight/qhub/pull/1489 +- [ENH] Switch default and filesystem name envs by @viniciusdc in https://github.com/Quansight/qhub/pull/1357 ### New Contributors -* @tjcrone made their first contribution in https://github.com/Quansight/qhub/pull/1471 + +- @tjcrone made their first contribution in https://github.com/Quansight/qhub/pull/1471 ### Migration note @@ -725,6 +734,7 @@ to be compatible with the new Nebari version. This is a one-time migration step ### Feature changes and enhancements Enhancements for this release include: + - Bump `conda-store` version to `v0.4.11` and enable overrides - Fully decouple the JupyterLab, JupyterHub and Dask-Worker images from the main codebase - See https://github.com/nebari-dev/nebari-docker-images for images @@ -734,94 +744,97 @@ Enhancements for this release include: - Add support for Kubernetes Kind (local) ### What's Changed -* Add support for terraform binary download for M1 by @aktech in https://github.com/Quansight/qhub/pull/1370 -* Improvements in the QHub Cost estimate tool by @HarshCasper in https://github.com/Quansight/qhub/pull/1365 -* Add Python-3.10 by @HarshCasper in https://github.com/Quansight/qhub/pull/1352 -* Add backwards compatibility item to test checklist by @viniciusdc in https://github.com/Quansight/qhub/pull/1381 -* add code server version to fix build by @HarshCasper in https://github.com/Quansight/qhub/pull/1383 -* Update Cirun.io config to use labels by @aktech in https://github.com/Quansight/qhub/pull/1379 -* Decouple docker images by @iameskild in https://github.com/Quansight/qhub/pull/1371 -* Set LATEST_SUPPORTED_PYTHON_VERSION as str by @iameskild in https://github.com/Quansight/qhub/pull/1387 -* Integrate kind into local deployment to no longer require minikube for development by @costrouc in https://github.com/Quansight/qhub/pull/1171 -* Upgrade conda-store to 0.4.7 allow for customization by @costrouc in https://github.com/Quansight/qhub/pull/1385 -* [ENH] Bump conda-store to v0.4.9 by @viniciusdc in https://github.com/Quansight/qhub/pull/1392 -* [ENH] Add `pyarrow` and `s3fs` by @viniciusdc in https://github.com/Quansight/qhub/pull/1393 -* Fixing bug in authentication method in Conda-Store authentication by @costrouc in https://github.com/Quansight/qhub/pull/1396 -* CI: Merge test and release to PyPi workflows into one by @HarshCasper in https://github.com/Quansight/qhub/pull/1386 -* Update packages in the dashboard env by @iameskild in https://github.com/Quansight/qhub/pull/1402 -* BUG: Setting behind proxy setting in conda-store to be aware of http vs. https by @costrouc in https://github.com/Quansight/qhub/pull/1404 -* Minor update to release workflow by @iameskild in https://github.com/Quansight/qhub/pull/1406 -* Clean up release workflow by @iameskild in https://github.com/Quansight/qhub/pull/1407 -* Add release notes for v0.4.4 by @iameskild in https://github.com/Quansight/qhub/pull/1408 -* Update Ingress overrides behaviour by @viniciusdc in https://github.com/Quansight/qhub/pull/1420 -* Preserve conda-store image permissions by @iameskild in https://github.com/Quansight/qhub/pull/1419 -* Add project name to jhub helm chart release name by @iameskild in https://github.com/Quansight/qhub/pull/1422 -* Fix for helm extension overrides data type issue by @konkapv in https://github.com/Quansight/qhub/pull/1424 -* Add option to disable tls certificate by @iameskild in https://github.com/Quansight/qhub/pull/1421 -* Fixing provider=existing for local/existing by @costrouc in https://github.com/Quansight/qhub/pull/1425 -* Update release, testing checklist by @iameskild in https://github.com/Quansight/qhub/pull/1397 -* Add `--disable-checks` flag to deploy by @iameskild in https://github.com/Quansight/qhub/pull/1429 -* Adding option to supply additional arguments to ingress via `ingress.terraform_overrides.additional-arguments` by @costrouc in https://github.com/Quansight/qhub/pull/1431 -* Add properties to middleware crd headers by @iameskild in https://github.com/Quansight/qhub/pull/1434 -* Restart conda-store worker when new conda env is added to config.yaml by @iameskild in https://github.com/Quansight/qhub/pull/1437 -* Pin dask ipywidgets version to `7.7.1` by @viniciusdc in https://github.com/Quansight/qhub/pull/1442 -* Set qhub-dask version to 0.4.4 by @iameskild in https://github.com/Quansight/qhub/pull/1470 + +- Add support for terraform binary download for M1 by @aktech in https://github.com/Quansight/qhub/pull/1370 +- Improvements in the QHub Cost estimate tool by @HarshCasper in https://github.com/Quansight/qhub/pull/1365 +- Add Python-3.10 by @HarshCasper in https://github.com/Quansight/qhub/pull/1352 +- Add backwards compatibility item to test checklist by @viniciusdc in https://github.com/Quansight/qhub/pull/1381 +- add code server version to fix build by @HarshCasper in https://github.com/Quansight/qhub/pull/1383 +- Update Cirun.io config to use labels by @aktech in https://github.com/Quansight/qhub/pull/1379 +- Decouple docker images by @iameskild in https://github.com/Quansight/qhub/pull/1371 +- Set LATEST_SUPPORTED_PYTHON_VERSION as str by @iameskild in https://github.com/Quansight/qhub/pull/1387 +- Integrate kind into local deployment to no longer require minikube for development by @costrouc in https://github.com/Quansight/qhub/pull/1171 +- Upgrade conda-store to 0.4.7 allow for customization by @costrouc in https://github.com/Quansight/qhub/pull/1385 +- [ENH] Bump conda-store to v0.4.9 by @viniciusdc in https://github.com/Quansight/qhub/pull/1392 +- [ENH] Add `pyarrow` and `s3fs` by @viniciusdc in https://github.com/Quansight/qhub/pull/1393 +- Fixing bug in authentication method in Conda-Store authentication by @costrouc in https://github.com/Quansight/qhub/pull/1396 +- CI: Merge test and release to PyPi workflows into one by @HarshCasper in https://github.com/Quansight/qhub/pull/1386 +- Update packages in the dashboard env by @iameskild in https://github.com/Quansight/qhub/pull/1402 +- BUG: Setting behind proxy setting in conda-store to be aware of http vs. https by @costrouc in https://github.com/Quansight/qhub/pull/1404 +- Minor update to release workflow by @iameskild in https://github.com/Quansight/qhub/pull/1406 +- Clean up release workflow by @iameskild in https://github.com/Quansight/qhub/pull/1407 +- Add release notes for v0.4.4 by @iameskild in https://github.com/Quansight/qhub/pull/1408 +- Update Ingress overrides behaviour by @viniciusdc in https://github.com/Quansight/qhub/pull/1420 +- Preserve conda-store image permissions by @iameskild in https://github.com/Quansight/qhub/pull/1419 +- Add project name to jhub helm chart release name by @iameskild in https://github.com/Quansight/qhub/pull/1422 +- Fix for helm extension overrides data type issue by @konkapv in https://github.com/Quansight/qhub/pull/1424 +- Add option to disable tls certificate by @iameskild in https://github.com/Quansight/qhub/pull/1421 +- Fixing provider=existing for local/existing by @costrouc in https://github.com/Quansight/qhub/pull/1425 +- Update release, testing checklist by @iameskild in https://github.com/Quansight/qhub/pull/1397 +- Add `--disable-checks` flag to deploy by @iameskild in https://github.com/Quansight/qhub/pull/1429 +- Adding option to supply additional arguments to ingress via `ingress.terraform_overrides.additional-arguments` by @costrouc in https://github.com/Quansight/qhub/pull/1431 +- Add properties to middleware crd headers by @iameskild in https://github.com/Quansight/qhub/pull/1434 +- Restart conda-store worker when new conda env is added to config.yaml by @iameskild in https://github.com/Quansight/qhub/pull/1437 +- Pin dask ipywidgets version to `7.7.1` by @viniciusdc in https://github.com/Quansight/qhub/pull/1442 +- Set qhub-dask version to 0.4.4 by @iameskild in https://github.com/Quansight/qhub/pull/1470 ### New Contributors -* @konkapv made their first contribution in https://github.com/Quansight/qhub/pull/1424 + +- @konkapv made their first contribution in https://github.com/Quansight/qhub/pull/1424 ## Release v0.4.3 - July 7, 2022 ### Feature changes and enhancements Enhancements for this release include: + - Integrating Argo Workflow - Integrating kbatch - Adding `cost-estimate` CLI subcommand (Infracost) - Add `panel-serve` as a CDS dashboard option - Add option to use RetroLab instead of default JupyterLab - ### What's Changed -* Update the login/Keycloak docs page by @gabalafou in https://github.com/Quansight/qhub/pull/1289 -* Add configuration option so myst parser generates anchors for heading… by @costrouc in https://github.com/Quansight/qhub/pull/1299 -* Image scanning by @HarshCasper in https://github.com/Quansight/qhub/pull/1291 -* Fix display version behavior by @viniciusdc in https://github.com/Quansight/qhub/pull/1275 -* [Docs] Add docs about custom Identity providers for Authentication by @viniciusdc in https://github.com/Quansight/qhub/pull/1273 -* Add prefect token var to CI when needed by @viniciusdc in https://github.com/Quansight/qhub/pull/1279 -* ci: prevent image scans on main image builds by @HarshCasper in https://github.com/Quansight/qhub/pull/1300 -* Integrate `kbatch` by @iameskild in https://github.com/Quansight/qhub/pull/1258 -* add `retrolab` to the base jupyter image by @tonyfast in https://github.com/Quansight/qhub/pull/1222 -* Update pre-commit, remove vale by @iameskild in https://github.com/Quansight/qhub/pull/1282 -* Argo Workflows by @Adam-D-Lewis in https://github.com/Quansight/qhub/pull/1252 -* Update minio, postgresql chart repo location by @iameskild in https://github.com/Quansight/qhub/pull/1308 -* Fix broken AWS, set minimum desired size to 1, enable 0 scaling by @tylerpotts in https://github.com/Quansight/qhub/pull/1304 -* v0.4.2 release notes by @iameskild in https://github.com/Quansight/qhub/pull/1323 -* install dask lab ext from main by @iameskild in https://github.com/Quansight/qhub/pull/1321 -* Overrides default value for dask-labextension by @viniciusdc in https://github.com/Quansight/qhub/pull/1327 -* CI: Add Infracost to GHA CI for infra cost tracking by @HarshCasper in https://github.com/Quansight/qhub/pull/1316 -* Add check for highest supported k8s version by @aktech in https://github.com/Quansight/qhub/pull/1336 -* Increase the default instance sizes by @peytondmurray in https://github.com/Quansight/qhub/pull/1338 -* Add panel-serve as a CDS dashboard option by @iameskild in https://github.com/Quansight/qhub/pull/1070 -* Generate QHub Costs via `infracost` by @HarshCasper in https://github.com/Quansight/qhub/pull/1340 -* Add release-checklist issue template by @iameskild in https://github.com/Quansight/qhub/pull/1314 -* Fix missing import: `rich` : broken qhub init with cloud by @aktech in https://github.com/Quansight/qhub/pull/1353 -* Bump qhub-dask version to 0.4.3 by @peytondmurray in https://github.com/Quansight/qhub/pull/1341 -* Remove the need for AWS_ACCESS_KEY_ID and AWS_SECRET_ACCESS_KEY to be set with Digital Ocean deployment by @costrouc in https://github.com/Quansight/qhub/pull/1344 -* Revert "Remove the need for AWS_ACCESS_KEY_ID and AWS_SECRET_ACCESS_KEY to be set with Digital Ocean deployment" by @viniciusdc in https://github.com/Quansight/qhub/pull/1355 -* Upgrade kbatch version by @iameskild in https://github.com/Quansight/qhub/pull/1335 -* Drop support for python 3.7 in dask environment by @peytondmurray in https://github.com/Quansight/qhub/pull/1354 -* Add useful terminal utils to jlab image by @dharhas in https://github.com/Quansight/qhub/pull/1361 -* Tweak bashrc by @dharhas in https://github.com/Quansight/qhub/pull/1363 -* Fix bug where vscode extensions are not installing by @viniciusdc in https://github.com/Quansight/qhub/pull/1360 + +- Update the login/Keycloak docs page by @gabalafou in https://github.com/Quansight/qhub/pull/1289 +- Add configuration option so myst parser generates anchors for heading… by @costrouc in https://github.com/Quansight/qhub/pull/1299 +- Image scanning by @HarshCasper in https://github.com/Quansight/qhub/pull/1291 +- Fix display version behavior by @viniciusdc in https://github.com/Quansight/qhub/pull/1275 +- [Docs] Add docs about custom Identity providers for Authentication by @viniciusdc in https://github.com/Quansight/qhub/pull/1273 +- Add prefect token var to CI when needed by @viniciusdc in https://github.com/Quansight/qhub/pull/1279 +- ci: prevent image scans on main image builds by @HarshCasper in https://github.com/Quansight/qhub/pull/1300 +- Integrate `kbatch` by @iameskild in https://github.com/Quansight/qhub/pull/1258 +- add `retrolab` to the base jupyter image by @tonyfast in https://github.com/Quansight/qhub/pull/1222 +- Update pre-commit, remove vale by @iameskild in https://github.com/Quansight/qhub/pull/1282 +- Argo Workflows by @Adam-D-Lewis in https://github.com/Quansight/qhub/pull/1252 +- Update minio, postgresql chart repo location by @iameskild in https://github.com/Quansight/qhub/pull/1308 +- Fix broken AWS, set minimum desired size to 1, enable 0 scaling by @tylerpotts in https://github.com/Quansight/qhub/pull/1304 +- v0.4.2 release notes by @iameskild in https://github.com/Quansight/qhub/pull/1323 +- install dask lab ext from main by @iameskild in https://github.com/Quansight/qhub/pull/1321 +- Overrides default value for dask-labextension by @viniciusdc in https://github.com/Quansight/qhub/pull/1327 +- CI: Add Infracost to GHA CI for infra cost tracking by @HarshCasper in https://github.com/Quansight/qhub/pull/1316 +- Add check for highest supported k8s version by @aktech in https://github.com/Quansight/qhub/pull/1336 +- Increase the default instance sizes by @peytondmurray in https://github.com/Quansight/qhub/pull/1338 +- Add panel-serve as a CDS dashboard option by @iameskild in https://github.com/Quansight/qhub/pull/1070 +- Generate QHub Costs via `infracost` by @HarshCasper in https://github.com/Quansight/qhub/pull/1340 +- Add release-checklist issue template by @iameskild in https://github.com/Quansight/qhub/pull/1314 +- Fix missing import: `rich` : broken qhub init with cloud by @aktech in https://github.com/Quansight/qhub/pull/1353 +- Bump qhub-dask version to 0.4.3 by @peytondmurray in https://github.com/Quansight/qhub/pull/1341 +- Remove the need for AWS_ACCESS_KEY_ID and AWS_SECRET_ACCESS_KEY to be set with Digital Ocean deployment by @costrouc in https://github.com/Quansight/qhub/pull/1344 +- Revert "Remove the need for AWS_ACCESS_KEY_ID and AWS_SECRET_ACCESS_KEY to be set with Digital Ocean deployment" by @viniciusdc in https://github.com/Quansight/qhub/pull/1355 +- Upgrade kbatch version by @iameskild in https://github.com/Quansight/qhub/pull/1335 +- Drop support for python 3.7 in dask environment by @peytondmurray in https://github.com/Quansight/qhub/pull/1354 +- Add useful terminal utils to jlab image by @dharhas in https://github.com/Quansight/qhub/pull/1361 +- Tweak bashrc by @dharhas in https://github.com/Quansight/qhub/pull/1363 +- Fix bug where vscode extensions are not installing by @viniciusdc in https://github.com/Quansight/qhub/pull/1360 ### New Contributors -* @gabalafou made their first contribution in https://github.com/Quansight/qhub/pull/1289 -* @peytondmurray made their first contribution in https://github.com/Quansight/qhub/pull/1338 -* @dharhas made their first contribution in https://github.com/Quansight/qhub/pull/1361 -**Full Changelog**: https://github.com/Quansight/qhub/compare/v0.4.1...v0.4.3 +- @gabalafou made their first contribution in https://github.com/Quansight/qhub/pull/1289 +- @peytondmurray made their first contribution in https://github.com/Quansight/qhub/pull/1338 +- @dharhas made their first contribution in https://github.com/Quansight/qhub/pull/1361 +**Full Changelog**: https://github.com/Quansight/qhub/compare/v0.4.1...v0.4.3 ## Release v0.4.2 - June 8, 2022 @@ -848,21 +861,22 @@ Given the impact and severity of this bug, the team has decided to quickly cut a ### Bug fixes This release is a hotfix for the issue summarized in the following: -* [issue 1319](https://github.com/Quansight/qhub/issues/1319) -* [issue 1306](https://github.com/Quansight/qhub/issues/1306) -* [issue 1302](https://github.com/Quansight/qhub/issues/1302) +- [issue 1319](https://github.com/Quansight/qhub/issues/1319) +- [issue 1306](https://github.com/Quansight/qhub/issues/1306) +- [issue 1302](https://github.com/Quansight/qhub/issues/1302) ### What's Changed -* Update minio, postgresql chart repo location by @iameskild in [PR 1308](https://github.com/Quansight/qhub/pull/1308) -* Fix broken AWS, set minimum desired size to 1, enable 0 scaling by @tylerpotts in [PR 1304](https://github.com/Quansight/qhub/issues/1304) +- Update minio, postgresql chart repo location by @iameskild in [PR 1308](https://github.com/Quansight/qhub/pull/1308) +- Fix broken AWS, set minimum desired size to 1, enable 0 scaling by @tylerpotts in [PR 1304](https://github.com/Quansight/qhub/issues/1304) ## Release v0.4.1 - May 10, 2022 ### Feature changes and enhancements Enhancements for this release include: + - Add support for pinning the IP address of the load balancer via terraform overrides - Upgrade to Conda-Store to `v0.3.15` - Add ability to limit JupyterHub profiles based on users/groups @@ -872,55 +886,57 @@ Enhancements for this release include: This release addresses several bugs with a slight emphasis on stabilizing the core services while also improving the end user experience. ### What's Changed -* [BUG] Adding back feature of limiting profiles for users and groups by @costrouc in [PR 1169](https://github.com/Quansight/qhub/pull/1169) -* DOCS: Add release notes for v0.4.0 release by @HarshCasper in [PR 1170](https://github.com/Quansight/qhub/pull/1170) -* Move ipython config within jupyterlab to docker image with more robust jupyterlab ssh tests by @costrouc in [PR 1143](https://github.com/Quansight/qhub/pull/1143) -* Removing custom dask_gateway from qhub and idle_timeout for dask clusters to 30 min by @costrouc in [PR 1151](https://github.com/Quansight/qhub/pull/1151) -* Overrides.json now managed by qhub configmaps instead of inside docker image by @costrouc in [PR 1173](https://github.com/Quansight/qhub/pull/1173) -* Adding examples to QHub jupyterlab by @costrouc in [PR 1176](https://github.com/Quansight/qhub/pull/1176) -* Bump conda-store version to 0.3.12 by @costrouc in [PR 1179](https://github.com/Quansight/qhub/pull/1179) -* Fixing concurrency not being specified in configuration by @costrouc in [PR 1180](https://github.com/Quansight/qhub/pull/1180) -* Adding ipykernel as default to environment along with ensure conda-store restarted on config change by @costrouc in [PR 1181](https://github.com/Quansight/qhub/pull/1181) -* keycloak dev docs by @danlester in [PR 1184](https://github.com/Quansight/qhub/pull/1184) -* Keycloakdev2 by @danlester in [PR 1185](https://github.com/Quansight/qhub/pull/1185) -* Setting minio storage to by default be same as filesystem size for Conda-Store environments by @costrouc in [PR 1188](https://github.com/Quansight/qhub/pull/1188) -* Bump Conda-Store version in Qhub to 0.3.13 by @costrouc in [PR 1189](https://github.com/Quansight/qhub/pull/1189) -* Upgrade mrparkers to 3.7.0 by @danlester in [PR 1183](https://github.com/Quansight/qhub/pull/1183) -* Mdformat tables by @danlester in [PR 1186](https://github.com/Quansight/qhub/pull/1186) -* [ImgBot] Optimize images by @imgbot in [PR 1187](https://github.com/Quansight/qhub/pull/1187) -* Bump conda-store version to 0.3.14 by @costrouc in [PR 1192](https://github.com/Quansight/qhub/pull/1192) -* Allow terraform init to upgrade providers within version specification by @costrouc in [PR 1194](https://github.com/Quansight/qhub/pull/1194) -* Adding missing __init__ files by @costrouc in [PR 1196](https://github.com/Quansight/qhub/pull/1196) -* Release 0.3.15 for Conda-Store by @costrouc in [PR 1205](https://github.com/Quansight/qhub/pull/1205) -* Profilegroups by @danlester in [PR 1203](https://github.com/Quansight/qhub/pull/1203) -* Render `.gitignore`, black py files by @iameskild in [PR 1206](https://github.com/Quansight/qhub/pull/1206) -* Update qhub-dask pinned version by @iameskild in [PR 1224](https://github.com/Quansight/qhub/pull/1224) -* Fix env doc links and add corresponding tests by @aktech in [PR 1216](https://github.com/Quansight/qhub/pull/1216) -* Update conda-store-environment variable `type` by @iameskild in [PR 1213](https://github.com/Quansight/qhub/pull/1213) -* Update release notes - justification for changes in `v0.4.0` by @iameskild in [PR 1178](https://github.com/Quansight/qhub/pull/1178) -* Support for pinning the IP address of the load balancer via terraform overrides by @aktech in [PR 1235](https://github.com/Quansight/qhub/pull/1235) -* Bump moment from 2.29.1 to 2.29.2 in /tests_e2e by @dependabot in [PR 1241](https://github.com/Quansight/qhub/pull/1241) -* Update cdsdashboards to 0.6.1, Voila to 0.3.5 by @danlester in [PR 1240](https://github.com/Quansight/qhub/pull/1240) -* Bump minimist from 1.2.5 to 1.2.6 in /tests_e2e by @dependabot in [PR 1208](https://github.com/Quansight/qhub/pull/1208) -* output check fix by @Adam-D-Lewis in [PR 1244](https://github.com/Quansight/qhub/pull/1244) -* Update panel version to fix jinja2 recent issue by @viniciusdc in [PR 1248](https://github.com/Quansight/qhub/pull/1248) -* Add support for terraform overrides in cloud and VPC deployment for Azure by @aktech in [PR 1253](https://github.com/Quansight/qhub/pull/1253) -* Add test-release workflow by @iameskild in [PR 1245](https://github.com/Quansight/qhub/pull/1245) -* Bump async from 3.2.0 to 3.2.3 in /tests_e2e by @dependabot in [PR 1260](https://github.com/Quansight/qhub/pull/1260) -* [WIP] Add support for VPC deployment for GCP via terraform overrides by @aktech in [PR 1259](https://github.com/Quansight/qhub/pull/1259) -* Update login instructions for training by @iameskild in [PR 1261](https://github.com/Quansight/qhub/pull/1261) -* Add docs for general node upgrade by @iameskild in [PR 1246](https://github.com/Quansight/qhub/pull/1246) -* [ImgBot] Optimize images by @imgbot in [PR 1264](https://github.com/Quansight/qhub/pull/1264) -* Fix project name and domain at None by @pierrotsmnrd in [PR 856](https://github.com/Quansight/qhub/pull/856) -* Adding name convention validator for QHub project name by @viniciusdc in [PR 761](https://github.com/Quansight/qhub/pull/761) -* Minor doc updates by @iameskild in [PR 1268](https://github.com/Quansight/qhub/pull/1268) -* Enable display of Qhub version by @viniciusdc in [PR 1256](https://github.com/Quansight/qhub/pull/1256) -* Fix missing region from AWS provider by @viniciusdc in [PR 1271](https://github.com/Quansight/qhub/pull/1271) -* Re-enable GPU profiles for GCP/AWS by @viniciusdc in [PR 1219](https://github.com/Quansight/qhub/pull/1219) -* Release notes for `v0.4.1` by @iameskild in [PR 1272](https://github.com/Quansight/qhub/pull/1272) + +- [BUG] Adding back feature of limiting profiles for users and groups by @costrouc in [PR 1169](https://github.com/Quansight/qhub/pull/1169) +- DOCS: Add release notes for v0.4.0 release by @HarshCasper in [PR 1170](https://github.com/Quansight/qhub/pull/1170) +- Move ipython config within jupyterlab to docker image with more robust jupyterlab ssh tests by @costrouc in [PR 1143](https://github.com/Quansight/qhub/pull/1143) +- Removing custom dask_gateway from qhub and idle_timeout for dask clusters to 30 min by @costrouc in [PR 1151](https://github.com/Quansight/qhub/pull/1151) +- Overrides.json now managed by qhub configmaps instead of inside docker image by @costrouc in [PR 1173](https://github.com/Quansight/qhub/pull/1173) +- Adding examples to QHub jupyterlab by @costrouc in [PR 1176](https://github.com/Quansight/qhub/pull/1176) +- Bump conda-store version to 0.3.12 by @costrouc in [PR 1179](https://github.com/Quansight/qhub/pull/1179) +- Fixing concurrency not being specified in configuration by @costrouc in [PR 1180](https://github.com/Quansight/qhub/pull/1180) +- Adding ipykernel as default to environment along with ensure conda-store restarted on config change by @costrouc in [PR 1181](https://github.com/Quansight/qhub/pull/1181) +- keycloak dev docs by @danlester in [PR 1184](https://github.com/Quansight/qhub/pull/1184) +- Keycloakdev2 by @danlester in [PR 1185](https://github.com/Quansight/qhub/pull/1185) +- Setting minio storage to by default be same as filesystem size for Conda-Store environments by @costrouc in [PR 1188](https://github.com/Quansight/qhub/pull/1188) +- Bump Conda-Store version in Qhub to 0.3.13 by @costrouc in [PR 1189](https://github.com/Quansight/qhub/pull/1189) +- Upgrade mrparkers to 3.7.0 by @danlester in [PR 1183](https://github.com/Quansight/qhub/pull/1183) +- Mdformat tables by @danlester in [PR 1186](https://github.com/Quansight/qhub/pull/1186) +- [ImgBot] Optimize images by @imgbot in [PR 1187](https://github.com/Quansight/qhub/pull/1187) +- Bump conda-store version to 0.3.14 by @costrouc in [PR 1192](https://github.com/Quansight/qhub/pull/1192) +- Allow terraform init to upgrade providers within version specification by @costrouc in [PR 1194](https://github.com/Quansight/qhub/pull/1194) +- Adding missing **init** files by @costrouc in [PR 1196](https://github.com/Quansight/qhub/pull/1196) +- Release 0.3.15 for Conda-Store by @costrouc in [PR 1205](https://github.com/Quansight/qhub/pull/1205) +- Profilegroups by @danlester in [PR 1203](https://github.com/Quansight/qhub/pull/1203) +- Render `.gitignore`, black py files by @iameskild in [PR 1206](https://github.com/Quansight/qhub/pull/1206) +- Update qhub-dask pinned version by @iameskild in [PR 1224](https://github.com/Quansight/qhub/pull/1224) +- Fix env doc links and add corresponding tests by @aktech in [PR 1216](https://github.com/Quansight/qhub/pull/1216) +- Update conda-store-environment variable `type` by @iameskild in [PR 1213](https://github.com/Quansight/qhub/pull/1213) +- Update release notes - justification for changes in `v0.4.0` by @iameskild in [PR 1178](https://github.com/Quansight/qhub/pull/1178) +- Support for pinning the IP address of the load balancer via terraform overrides by @aktech in [PR 1235](https://github.com/Quansight/qhub/pull/1235) +- Bump moment from 2.29.1 to 2.29.2 in /tests_e2e by @dependabot in [PR 1241](https://github.com/Quansight/qhub/pull/1241) +- Update cdsdashboards to 0.6.1, Voila to 0.3.5 by @danlester in [PR 1240](https://github.com/Quansight/qhub/pull/1240) +- Bump minimist from 1.2.5 to 1.2.6 in /tests_e2e by @dependabot in [PR 1208](https://github.com/Quansight/qhub/pull/1208) +- output check fix by @Adam-D-Lewis in [PR 1244](https://github.com/Quansight/qhub/pull/1244) +- Update panel version to fix jinja2 recent issue by @viniciusdc in [PR 1248](https://github.com/Quansight/qhub/pull/1248) +- Add support for terraform overrides in cloud and VPC deployment for Azure by @aktech in [PR 1253](https://github.com/Quansight/qhub/pull/1253) +- Add test-release workflow by @iameskild in [PR 1245](https://github.com/Quansight/qhub/pull/1245) +- Bump async from 3.2.0 to 3.2.3 in /tests_e2e by @dependabot in [PR 1260](https://github.com/Quansight/qhub/pull/1260) +- [WIP] Add support for VPC deployment for GCP via terraform overrides by @aktech in [PR 1259](https://github.com/Quansight/qhub/pull/1259) +- Update login instructions for training by @iameskild in [PR 1261](https://github.com/Quansight/qhub/pull/1261) +- Add docs for general node upgrade by @iameskild in [PR 1246](https://github.com/Quansight/qhub/pull/1246) +- [ImgBot] Optimize images by @imgbot in [PR 1264](https://github.com/Quansight/qhub/pull/1264) +- Fix project name and domain at None by @pierrotsmnrd in [PR 856](https://github.com/Quansight/qhub/pull/856) +- Adding name convention validator for QHub project name by @viniciusdc in [PR 761](https://github.com/Quansight/qhub/pull/761) +- Minor doc updates by @iameskild in [PR 1268](https://github.com/Quansight/qhub/pull/1268) +- Enable display of Qhub version by @viniciusdc in [PR 1256](https://github.com/Quansight/qhub/pull/1256) +- Fix missing region from AWS provider by @viniciusdc in [PR 1271](https://github.com/Quansight/qhub/pull/1271) +- Re-enable GPU profiles for GCP/AWS by @viniciusdc in [PR 1219](https://github.com/Quansight/qhub/pull/1219) +- Release notes for `v0.4.1` by @iameskild in [PR 1272](https://github.com/Quansight/qhub/pull/1272) ### New Contributors -* @dependabot made their first contribution in [PR 1241](https://github.com/Quansight/qhub/pull/1241) + +- @dependabot made their first contribution in [PR 1241](https://github.com/Quansight/qhub/pull/1241) [**Full Changelog**](https://github.com/Quansight/qhub/compare/v0.4.0...v0.4.1) @@ -938,6 +954,7 @@ There are no breaking changes or API changes. ## Release v0.4.0 - March 17, 2022 **WARNING** + > If you're looking for a stable version of QHub, please consider `v0.3.14`. The `v0.4.0` has many breaking changes and has rough edges that will be resolved in upcoming point releases. We are happy to announce the release of `v0.4.0`! This release lays the groundwork for many exciting new features and improvements in the future, stay tuned. @@ -953,13 +970,13 @@ These design changes were considered important enough that the development team and provide justification for them. - Replace Terraforms resource targeting with staged Terraform deployments. - - *Justification*: using Terraform resource targeting was never an ideal way of handing off outputs from stage to the next and Terraform explicitly warns its users that it's only + - _Justification_: using Terraform resource targeting was never an ideal way of handing off outputs from stage to the next and Terraform explicitly warns its users that it's only intended to be used "for exceptional situations such as recovering from errors or mistakes". - Fully remove `cookiecutter` as a templating mechanism. - - *Justification*: Although `cookiecutter` has its benefits, we were becoming overly reliant on it as a means of rendering various scripts needed for the deployment. Reading through + - _Justification_: Although `cookiecutter` has its benefits, we were becoming overly reliant on it as a means of rendering various scripts needed for the deployment. Reading through Terraform scripts with scattered `cookiecutter` statements was increasing troublesome and a bit intimidating. Our IDEs are also much happier about this change. - Removing users and groups from the `qhub-config.yaml` and replacing user management with Keycloak. - - *Justification*: Up until now, any change to QHub deployment needed to be made in the `qhub-config.yaml` which had the benefit of centralizing any configuration. However it + - _Justification_: Up until now, any change to QHub deployment needed to be made in the `qhub-config.yaml` which had the benefit of centralizing any configuration. However it also potentially limited the kinds of user management tasks while also causing the `qhub-config.yaml` to balloon in size. Another benefit of removing users and groups from the `qhub-config.yaml` that deserves highlighting is that user management no longer requires a full redeployment. @@ -1334,7 +1351,7 @@ Explicit user facing changes: in format `X.Y.Z` 5. Create a git tag pointing to the release branch once fully tested and version numbers are incremented `v` -______________________________________________________________________ +--- ## Release 0.2.3 - February 5, 2021 @@ -1350,7 +1367,7 @@ ______________________________________________________________________ - `qhub deploy -c qhub-config.yaml` no longer prompts unsupported argument for `load_config_file`. - Minor changes on the Step-by-Step walkthrough on the docs. -- Revamp of README.md to make it concise and highlight QHub HPC. +- Revamp of README.md to make it concise and highlight Nebari Slurm. ### Breaking changes From 9b1310b33e89c2c11c3b39128ec792ca80342486 Mon Sep 17 00:00:00 2001 From: "Vinicius D. Cerutti" <51954708+viniciusdc@users.noreply.github.com> Date: Thu, 31 Oct 2024 13:07:59 -0300 Subject: [PATCH 35/37] Refactor role creation for upgrade command path (#2795) Co-authored-by: Adam Lewis <23342526+Adam-D-Lewis@users.noreply.github.com> --- src/_nebari/upgrade.py | 52 ++++++++++++++++++++++++++++++++++-------- 1 file changed, 43 insertions(+), 9 deletions(-) diff --git a/src/_nebari/upgrade.py b/src/_nebari/upgrade.py index 6536612f2d..fb95fc391f 100644 --- a/src/_nebari/upgrade.py +++ b/src/_nebari/upgrade.py @@ -1214,6 +1214,22 @@ class Upgrade_2024_9_1(UpgradeStep): version = "2024.9.1" + # Nebari version 2024.9.1 has been marked as broken, and will be skipped: + # https://github.com/nebari-dev/nebari/issues/2798 + @override + def _version_specific_upgrade( + self, config, start_version, config_filename: Path, *args, **kwargs + ): + return config + + +class Upgrade_2024_11_1(UpgradeStep): + """ + Upgrade step for Nebari version 2024.11.1 + """ + + version = "2024.11.1" + @override def _version_specific_upgrade( self, config, start_version, config_filename: Path, *args, **kwargs @@ -1243,16 +1259,16 @@ def _version_specific_upgrade( Please ensure no users are currently logged in prior to deploying this update. - Nebari [green]2024.9.1[/green] introduces changes to how group - directories are mounted in JupyterLab pods. + This release introduces changes to how group directories are mounted in + JupyterLab pods. Previously, every Keycloak group in the Nebari realm automatically created a shared directory at ~/shared/, accessible to all group members in their JupyterLab pods. - Starting with Nebari [green]2024.9.1[/green], only groups assigned the - JupyterHub client role [magenta]allow-group-directory-creation[/magenta] will have their - directories mounted. + Moving forward, only groups assigned the JupyterHub client role + [magenta]allow-group-directory-creation[/magenta] or its affiliated scope + [magenta]write:shared-mount[/magenta] will have their directories mounted. By default, the admin, analyst, and developer groups will have this role assigned during the upgrade. For other groups, you'll now need to @@ -1268,7 +1284,7 @@ def _version_specific_upgrade( # Prompt the user for role assignment (if yes, transforms the response into bool) assign_roles = ( Prompt.ask( - "[bold]Would you like Nebari to assign the corresponding role to all of your current groups automatically?[/bold]", + "[bold]Would you like Nebari to assign the corresponding role/scopes to all of your current groups automatically?[/bold]", choices=["y", "N"], default="N", ).lower() @@ -1286,13 +1302,31 @@ def _version_specific_upgrade( username="root", password=config["security"]["keycloak"]["initial_root_password"], ) - - # Proceed with updating group permissions + # Get client ID as role is bound to the JupyterHub client client_id = keycloak_admin.get_client_id("jupyterhub") - role_name = "allow-group-directory-creation-role" + role_name = "legacy-group-directory-creation-role" + + # Create role with shared scopes + keycloak_admin.create_client_role( + client_role_id=client_id, + skip_exists=True, + payload={ + "name": role_name, + "attributes": { + "scopes": ["write:shared-mount"], + "component": ["shared-directory"], + }, + "description": ( + "Role to allow group directory creation, created as part of the " + "Nebari 2024.11.1 upgrade workflow." + ), + }, + ) + role_id = keycloak_admin.get_client_role_id( client_id=client_id, role_name=role_name ) + role_representation = keycloak_admin.get_role_by_id(role_id=role_id) # Fetch all groups and groups with the role From b0ae77f317c0accacbf2207093ea769a3997f5ab Mon Sep 17 00:00:00 2001 From: Philip Meier Date: Fri, 1 Nov 2024 15:15:52 +0100 Subject: [PATCH 36/37] remove temporary TF state handling --- .github/workflows/test_local_upgrade.yaml | 8 -------- 1 file changed, 8 deletions(-) diff --git a/.github/workflows/test_local_upgrade.yaml b/.github/workflows/test_local_upgrade.yaml index 07157a4f34..06be364ebf 100644 --- a/.github/workflows/test_local_upgrade.yaml +++ b/.github/workflows/test_local_upgrade.yaml @@ -74,14 +74,6 @@ jobs: git diff nebari validate --config ${{ steps.init.outputs.config }} - - name: Upgrade TF state - run: | - NEW_NEBARI_VERSION=$(grep 'nebari_version: ' ${{ steps.init.outputs.config }} | sed 's/nebari_version: //') - - sed \ - "s/\"nebari_version\": \"${OLD_NEBARI_VERSION}\"/\"nebari_version\": \"${NEW_NEBARI_VERSION}\"/" \ - -i ${{ steps.init.outputs.directory }}/stages/01-terraform-state/local/terraform.tfstate - - name: Redeploy Nebari working-directory: ${{ steps.init.outputs.directory }} run: nebari deploy --config ${{ steps.init.outputs.config }} --disable-prompt From 3e6619fdc7eb00c7eeab74a1447112d6d740cb2c Mon Sep 17 00:00:00 2001 From: "pre-commit-ci[bot]" <66853113+pre-commit-ci[bot]@users.noreply.github.com> Date: Mon, 4 Nov 2024 21:54:04 +0000 Subject: [PATCH 37/37] [pre-commit.ci] pre-commit autoupdate MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit updates: - [github.com/crate-ci/typos: v1.26.0 β†’ v1.27.0](https://github.com/crate-ci/typos/compare/v1.26.0...v1.27.0) - [github.com/astral-sh/ruff-pre-commit: v0.6.9 β†’ v0.7.2](https://github.com/astral-sh/ruff-pre-commit/compare/v0.6.9...v0.7.2) - [github.com/antonbabenko/pre-commit-terraform: v1.96.1 β†’ v1.96.2](https://github.com/antonbabenko/pre-commit-terraform/compare/v1.96.1...v1.96.2) --- .pre-commit-config.yaml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml index 7779c81a65..d1074a1862 100644 --- a/.pre-commit-config.yaml +++ b/.pre-commit-config.yaml @@ -37,7 +37,7 @@ repos: exclude: "^src/_nebari/template/" - repo: https://github.com/crate-ci/typos - rev: v1.26.0 + rev: v1.27.0 hooks: - id: typos @@ -61,7 +61,7 @@ repos: args: ["--line-length=88", "--exclude=/src/_nebari/template/"] - repo: https://github.com/astral-sh/ruff-pre-commit - rev: v0.6.9 + rev: v0.7.2 hooks: - id: ruff args: ["--fix"] @@ -77,7 +77,7 @@ repos: # terraform - repo: https://github.com/antonbabenko/pre-commit-terraform - rev: v1.96.1 + rev: v1.96.2 hooks: - id: terraform_fmt args: