6
0
mirror of https://github.com/ChristianLight/tutor.git synced 2025-01-26 14:38:25 +00:00

2024 Commits

Author SHA1 Message Date
Régis Behmo
ec2598e114 v13.1.4 (2022-02-08)
- [Security] Fix vulnerability in redirect url during authentication (see
  [commit](06550411e3)).
2022-02-08 10:33:37 +01:00
Régis Behmo
c6cfa24dcc security: fix vulnerability in redirect url during auth 2022-02-08 09:52:28 +01:00
Régis Behmo
b978f7dcf6 Merge branch 'master' into nightly 2022-02-01 18:28:11 +01:00
Régis Behmo
68b46aa720 v13.1.3 (2022-02-01)
- [Security] Fix vulnerability in call to invalid enrollment API (see [commit](e9369cffde)).
- [Bugfix] Fix "Internal Server Error / AttributeError / object has no attribute 'get_metadata'" in learning MFE.
- [Improvement] Replace all links to github.com/edx by github.com/openedx, following the migration of all repositories.
- [Bugfix] Fix `k8s start caddy` command.
2022-02-01 17:50:44 +01:00
Régis Behmo
89b4ce1202 security: fix enrollment API vulnerability 2022-02-01 17:40:53 +01:00
Régis Behmo
02a1534b21 fix: replace custom patch by upstream patch in openedx repo 2022-02-01 17:40:53 +01:00
Régis Behmo
123786193e fix: object has no attribute 'get_metadata' error in learning MFE
See: https://github.com/openedx/edx-platform/pull/29741
2022-02-01 17:40:53 +01:00
Régis Behmo
9a4ea986e1 feat: migrate from edx to openedx GitHub org
edX has completed the migration of all repos from the "edx" to the "openedx"
organization. As a consequence, we change all the links in the repo.
2022-02-01 17:40:53 +01:00
Overhang.IO
b88e950f16 Merge remote-tracking branch 'origin/master' into nightly 2022-01-31 07:45:29 +00:00
Régis Behmo
bc87f78866 fix: k8s start caddy command
Caddy was not properly starting because its associated configmap was not
starting.

Close #577.
2022-01-31 08:37:35 +01:00
Florian Haas
36c1ac0aa4 docs: Explain passing the Click context to a plugin command
Clarify how plugin authors can access the Click context, and from it
the Tutor configuration, from the function implementing a plugin
command.

Reference:
https://discuss.overhang.io/t/how-does-a-plugin-command-access-the-tutor-configuration/2372
2022-01-31 08:37:26 +01:00
iamcristye@outlook.com
f0aee87ed5 docs: fix typo in uninstallation process 2022-01-31 08:36:27 +01:00
Régis Behmo
d4a47ded38 docs: fix smtp port default value
See: https://discuss.overhang.io/t/default-smtp-configuration-timeout/2367
2022-01-31 08:33:33 +01:00
Overhang.IO
ba8a07c844 Merge remote-tracking branch 'origin/master' into nightly 2022-01-30 21:19:46 +00:00
Régis Behmo
5958af86e3 v13.1.2 (2022-01-30)
- [Bugfix] Fix auto-renewal of certificates revoked by Let's Encrypt (see [discussion](https://community.letsencrypt.org/t/questions-about-renewing-before-tls-alpn-01-revocations/170449/21)).
2022-01-30 21:36:25 +01:00
Régis Behmo
7c3e54335d fix: let's encrypt auto-revoked certificates
Let's Encrypt started mass-revoking certificates. For some reason, we
did not upgrade to the latest version of Caddy in the Maple upgrade, so
we are affected by this issue. Users should upgrade now.

See:
https://discuss.overhang.io/t/lets-encrypt-revoked-certificate-did-anyone-experienced-this/2391
https://discuss.overhang.io/t/ssl-error-in-the-browser/2390
https://community.letsencrypt.org/t/questions-about-renewing-before-tls-alpn-01-revocations/170449/21
2022-01-30 21:33:31 +01:00
Overhang.IO
2bfd33820a Merge remote-tracking branch 'origin/master' into nightly 2022-01-25 10:32:44 +00:00
Régis Behmo
bbba7b6c4e v13.1.1 (2022-01-25)
- [Bugfix] Fix authentication in development due to missing SameSite policy on session ID cookie.
- [Bugfix] Display properly themed favicon.ico image in LMS, Studio and microfrontends.
- [Bugfix] Fix "LazyStaticAbsoluteUrl is not JSON serializable" error when sending bulk emails.
- [Bugfix] Fix `tutor local importdemocourse` fails when platform is not up.
2022-01-25 08:38:14 +01:00
Régis Behmo
26119983d4 fix: lms authenticaton in development
In development, it was no longer possible to authenticate to the lms. Ater
signing in, the session ID could not be dropped, and thus the user was not
signed in, although no error was logged -- just a warning in the browser
console.
This problem was caused by the fact that the SameSite policy was set to "None"
in development.
2022-01-25 08:36:52 +01:00
Régis Behmo
1172ab6f1f fix: display themed favicon across all apps
Previously, we were redirecting all /*favicon.ico requests to the default
favicon. This meant that the favicon might not necessarily be correctly themed,
most notably in MFEs. Here, we resolve this issue by redirecting to the
theme-agnostic theming/asset/* url. Also, we restrict the overly generic regexp
for favicon url matching. We verified that we did not miss any url by running
the following command on the demo server:

    tutor local logs caddy | grep --only-matching "host.*favicon.ico" | sort | uniq
2022-01-25 08:30:06 +01:00
Régis Behmo
acc0ce0202 docs: clarify container pruning during uninstallation
Close #566.
2022-01-25 08:27:47 +01:00
Régis Behmo
405aaac189 fix: broken bulk emails because of LazyStaticAbsoluteUrl (again)
The LazyStaticAbsoluteUrl object was breaking bulk emails again with the
following stacktrace:

    2022-01-11 13:50:10,591 ERROR 12 [celery.app.trace] [user None] [ip None] trace.py:255 - Task lms.djangoapps.instructor_task.tasks.send_bulk_course_email[26b93357-018a-408f-b3f7-b69722447c5b] raised unexpected: EncodeError(TypeError('Object of type LazyStaticAbsoluteUrl is not JSON serializable'))
    Traceback (most recent call last):
      File "/openedx/venv/lib/python3.8/site-packages/kombu/serialization.py", line 50, in _reraise_errors
	yield
      File "/openedx/venv/lib/python3.8/site-packages/kombu/serialization.py", line 221, in dumps
	payload = encoder(data)
      File "/openedx/venv/lib/python3.8/site-packages/kombu/utils/json.py", line 69, in dumps
	return _dumps(s, cls=cls or _default_encoder,
      File "/openedx/venv/lib/python3.8/site-packages/simplejson/__init__.py", line 398, in dumps
	return cls(
      File "/openedx/venv/lib/python3.8/site-packages/simplejson/encoder.py", line 296, in encode
	chunks = self.iterencode(o, _one_shot=True)
      File "/openedx/venv/lib/python3.8/site-packages/simplejson/encoder.py", line 378, in iterencode
	return _iterencode(o, 0)
      File "/openedx/venv/lib/python3.8/site-packages/kombu/utils/json.py", line 59, in default
	return super(JSONEncoder, self).default(o)
      File "/openedx/venv/lib/python3.8/site-packages/simplejson/encoder.py", line 272, in default
	raise TypeError('Object of type %s is not JSON serializable' %
    TypeError: Object of type LazyStaticAbsoluteUrl is not JSON serializable

The point of that lazy object was to link to the lms logo even when a custom
theme was enabled. Luckily, we no longer need this lazy evaluation because we
now have theme-agnostic urls that point to static asset (see
https://github.com/openedx/edx-platform/pull/29461).

See:
https://discuss.overhang.io/t/error-while-sending-bulk-emails-lazystaticabsoluteurl-is-not-json-serializable/2176/
2022-01-25 08:27:36 +01:00
Régis Behmo
53524d9077 chore: refactor clear_cache code 2022-01-25 08:26:07 +01:00
Régis Behmo
e9b38fc668 chore: fix minor pylint warnings in plugins module 2022-01-25 08:26:07 +01:00
Overhang.IO
a675eb10fb Merge remote-tracking branch 'origin/master' into nightly 2022-01-20 11:22:37 +00:00
iamcristye@outlook.com
d953e99ae2 fix: tutor local importdemocourse fails when platform is not up 2022-01-20 11:51:24 +01:00
Kyle McCormick
71b4c14d69 chore: set CMS_CFG instead of STUDIO_CFG
In the LMS/CMS Dockerfile, the env var STUDIO_CFG is set
in order to point CMS at its configuration json/yaml file.

Since https://github.com/edx/edx-platform/pull/29534
(which introduced 0013-cms-vs-studio.rst), the STUDIO_CFG
variable has been deprecated in favor of CMS_CFG.
This change updates the Dockerfile to reflect the new
preferred environment variable.

The only noticeable impact of this change is that it
will remove a depreation warning from Django startup
for tutor uses running off of Open edX master.
2022-01-20 11:22:55 +01:00
Overhang.IO
83e09bb25b Merge remote-tracking branch 'origin/master' into nightly 2022-01-19 14:46:51 +00:00
iamcristye@outlook.com
c707f998e8 improvement: use LABEL instead of MAINTAINER in Dockerfile
see https://docs.docker.com/engine/reference/builder/#maintainer-deprecated
2022-01-19 15:41:42 +01:00
iamcristye@outlook.com
c9ac20f4aa chore: remove useless forum code 2022-01-19 15:15:38 +01:00
Overhang.IO
eb37991aa2 Merge remote-tracking branch 'origin/master' into nightly 2022-01-18 08:56:22 +00:00
Régis Behmo
26ed1d77de docs: minor formatting/link improvements 2022-01-18 09:25:35 +01:00
Overhang.IO
61bde7300f Merge remote-tracking branch 'origin/master' into nightly 2022-01-08 18:21:08 +00:00
Régis Behmo
d45b36394a - [Improvement] Provide much more comprehensive instructions when
upgrading.
- [Bugfix] During upgrade, make sure that environment is up-to-date
prior to prompting to rebuild the custom images.
- [Bugfix] Fix ownership of mysql data, in particular when upgrading a
Kubernetes cluster to Maple.
- [Bugfix] Ensure that ``tutor k8s upgrade`` is run during ``tutor k8s
quickstart``, when necessary.
- 💥[Bugfix] By default, detect the current version during ``tutor
k8s/local upgrade``.
- [Bugfix] Fix upgrading from Lilac to Maple on Kubernetes by deleting
deployments and services.
2022-01-08 19:09:18 +01:00
Régis Behmo
53e7640889 chore: setup.py formatting 2022-01-08 19:07:26 +01:00
Régis Behmo
20604df574 docs: add link to changelog in project links 2022-01-08 19:07:26 +01:00
Régis Behmo
2a30d67a40 docs: replaces occurrences of maple.beta* tags 2022-01-08 19:07:26 +01:00
Régis Behmo
89d39633ae docs: encourage users to install from pip, and not from the binary 2022-01-08 19:07:26 +01:00
Régis Behmo
4dc772d1e4 fix: attempt to make upgrade much clearer
`upgrade` had several issues, which are summarized here:
https://discuss.overhang.io/t/confusing-instructions-during-upgrade/2281/7

- The docs say that you should run quickstart, but what most people will see is
the big command tutor local upgrade --from=lilac verbatim paragraph.
- The local upgrade command should be very explicit about the fact that users
need to run quickstart.
- Maybe the name of the local upgrade command should be improved.
- When upgrading tutor from one major release to the next, there should be a
more explicit warning to inform users of what they are doing (see this other
conversation 1)
- We should tell people that they almost certainly need to enable the tutor and
the mfe plugins, if they are not enabled during upgrade.
- A link to all of the breaking changes from the changelog should be
prominently displayed during upgrade.
- The docs should emphasize that upgrading from one major release to the next
is potentially a risky endeavor and that downgrading is not possible. The docs
should also link to the changelog.

This commit has grown slightly beyond the intended scope, but the changes should be mostly positive.
2022-01-08 19:07:26 +01:00
Régis Behmo
1daba42f1e code: refactor version checking code 2022-01-08 19:07:26 +01:00
Régis Behmo
c61accedfc refactor: move upgrade code to separate modules
This results in clearer code.
2022-01-08 19:07:26 +01:00
Régis Behmo
9fc928a711 fix: update env prior to rebuilding images during upgrade
The fact that the environment was not up-to-date was causing errors and
confusion:
https://discuss.overhang.io/t/install-maple-importerror-cannot-import-name-removedindjango40warning/2255/6
2022-01-08 19:07:26 +01:00
Régis Behmo
59291eed52 fix: ownership of mysql data
In theory, we can assign ownership of mysql data to just any user. But in
Lilac, mysql was running with user 999. When upgrading to Maple, on Kubernetes,
the fsGroupChangePolicy was causing a change of the data *group* (to 1000) but
not of the user. This was causing a crash with the following error:

    [ERROR] InnoDB: The error means mysqld does not have the access rights to the directory.
2022-01-08 19:07:26 +01:00
Régis Behmo
70dbfcb6fb fix: upgrade from Lilac on k8s
When upgrading from Lilac, all services break with the following error:

    Service "***" is invalid: spec.ports[0].nodePort: Forbidden: may not be used when `type` is 'ClusterIP'

Upgrading deployments fails as well:

    Deployment.apps "***" is invalid: spec.selector: Invalid value: v1.LabelSelector{MatchLabels:map[string]string{"app.kubernetes.io/instance":"openedx-********", "app.kubernetes.io/managed-by":"tutor", "app.kubernetes.io/name":"***", "app.kubernetes.io/part-of":"openedx"}, MatchExpressions:[]v1.LabelSelectorRequirement(nil)}: field is immutable

That's because deployments and services need to be deleted as part of the Maple
upgrade. So that's what we do as part of `tutor k8s upgrade --from=lilac`. And
we take the opportunity to:

1. Run upgrade as part of quickstart, when necessary.
2. Default to lilac during `tutor k8s upgrade`.

Close #551.
2022-01-08 19:07:26 +01:00
Overhang.IO
6b31985711 Merge remote-tracking branch 'origin/master' into nightly 2022-01-08 17:58:00 +00:00
Régis Behmo
43d5da83e4 fix: utils tests on macOS
test_utils tests were failing on macOS when the settings file was properly
defined and present.

Close #560.
2022-01-08 18:48:50 +01:00
Overhang.IO
a9b9c4bfb6 Merge remote-tracking branch 'origin/master' into nightly 2022-01-08 17:31:22 +00:00
Jayram Nai
37be2bf122 docs: fixed typo 2022-01-08 17:58:26 +01:00
Overhang.IO
0a7bb50533 Merge remote-tracking branch 'origin/master' into nightly 2022-01-06 10:16:39 +00:00
Ned Batchelder
f2260006bd build: 'make help' works nicer on Mac
sed on Mac doesn't seem to understand \n.

While I was in here, I fixed some typos.
2022-01-06 10:44:53 +01:00