6
0
mirror of https://github.com/ChristianLight/tutor.git synced 2024-11-18 02:55:17 +00:00
Commit Graph

1709 Commits

Author SHA1 Message Date
Régis Behmo
0e0f223bdd ci: fix github auth 2022-11-29 15:29:16 +01:00
Régis Behmo
346d86af82 ci: fix test running in release action 2022-11-29 15:18:31 +01:00
Régis Behmo
88d882b5b8 ci: modernize github release script
We address the following issues in CI:

- Node 12 deprecation: https://github.blog/changelog/2022-09-22-github-actions-all-actions-will-begin-running-on-node16-instead-of-node12/
  To do that we upgrade actions/checkout and actions/setup-python to v3.
- Deprecated set-output command: https://github.blog/changelog/2022-10-11-github-actions-deprecating-save-state-and-set-output-commands/
- Get rid of the actions/upload-files-to-a-github-release action to use the gh
  script which ships by default in GitHub hosted runners: https://github.com/cli/cli

Unfortunately we could not get rid of the ugly `sed` in `make
release-description`. I wish we could use `envsubst` but it's not available on
GitHub action runners.
2022-11-29 15:11:47 +01:00
Overhang.IO
bb849b86de Merge remote-tracking branch 'origin/master' into nightly 2022-11-29 11:24:41 +00:00
Régis Behmo
c0d79463ff v14.2.2 (2022-11-29)
- [Bugfix] Fix `jinja2.exceptions.TemplateSyntaxError: expected token 'end of statement block', got '|'` error by bumping the minimum required version of the Jinja2 package.
- [Feature] Add support for MongoDB SSL, authentication source, mechanism and replica set via the `MONGODB_USE_SSL`, `MONGODB_AUTH_MECHANISM`, `MONGODB_AUTH_SOURCE`, `MONGODB_REPLICA_SET` settings. (by @zakum1 and @regisb)
- [Bugfix] Fix tag of "openedx" development Docker image. Previously, this Docker tag did not include the Tutor version. As a consequence, a different cached image could be used in some cases. For instance: when running `tutor dev run` commands. Now, the image tag is "openedx-dev:TUTOR_VERSION".
- [Bugfix] Fix name of Swahili locale: it is "sw-ke" and not "sw" (by @regisb).
- [Security] Apply drag-n-drop v2 xblock [security patch](https://discuss.openedx.org/t/upcoming-security-release-xblock-drag-and-drop-v2/8768/7). (by @regisb)
2022-11-29 11:27:35 +01:00
Régis Behmo
e4e9cd8197 Merge branch 'master' into nightly 2022-11-29 10:28:11 +01:00
Régis Behmo
4a6896d892 docs: adjust web proxy tutorial 2022-11-29 09:49:57 +01:00
Daniel Herrmann
bb137c16d6 Added more info to required headers and a pitfall regarding misleading wording in the quickstart dialogue 2022-11-29 09:49:57 +01:00
Régis Behmo
0e8f55798c sec: fix XSS vulnerability in drag-n-drop v2 xblock
Vulnerability is fixed by upgrading the xblock from v2.3.5 to v3.0.0.
See announcement:
https://discuss.openedx.org/t/upcoming-security-release-xblock-drag-and-drop-v2/8768
2022-11-29 09:05:38 +01:00
Régis Behmo
ff0e8f7140 fix: pin openedx dev Docker image tag with tutor version
When running:

    tutor dev run -m /path/to/edx-platform lms
    pip install -r requirements/edx/development.txt

I realised that I was re-installing packages that should already have been
present in the image. The reason for that was that I was running an outdated
version of the dev version of the openedx Docker image. This happens because
`tutor dev run` does not trigger an image re-build.

We solve this issue by pinning the openedx dev Docker image tag to the current
tutor version.
2022-11-29 09:02:50 +01:00
Overhang.IO
a0480f8d11 Merge remote-tracking branch 'origin/master' into nightly 2022-11-28 12:15:04 +00:00
james
7b72a5a910 feat: support for mongodb SSL+auth source/mech+replica set
This change builds upon a previously proposed PR:
https://github.com/overhangio/tutor/pull/437

There was another long conversation about this topic here:
https://github.com/overhangio/tutor-forum/pull/10#issuecomment-1314799915

We could have supported the MongoDB auth/replica set/ssl parameters as part of
the MongoDB host URI, but then this URI is not supported in the forum plugin,
which uses an old version of the mongoid client. We were hoping that the client
would have been upgraded by now, but it's not been upgraded for a long time.

The changes introduced here are 100% backward-compatible. The forum plugin will
have to be updated to take into account the new parameters.
2022-11-28 13:09:13 +01:00
Overhang.IO
74758fb1d8 Merge remote-tracking branch 'origin/master' into nightly 2022-11-28 11:29:23 +00:00
Régis Behmo
b8ca06a42c fix: Swahili locale name
Note that this locale ships with edx-platform by default.
2022-11-28 12:23:02 +01:00
Overhang.IO
67e8f52cd6 Merge remote-tracking branch 'origin/master' into nightly 2022-11-28 10:11:21 +00:00
Régis Behmo
13104809c1 docs: add missing changelog entry 2022-11-28 10:07:02 +01:00
Régis Behmo
5929ecbc2e fix: TemplateSyntaxError with old jinja2
The following syntax is only supported in jinja2>=2.10:

    {% set jwt_rsa_key | rsa_import_key %}{{ JWT_RSA_PRIVATE_KEY }}{% endset %}

Thus, we bump the minimal working version of jinja2 in the base requirements.

See discussion: https://discuss.openedx.org/t/error-while-tutor-local-quickstart/8796
2022-11-28 10:03:59 +01:00
Régis Behmo
85d868423a fix: do not prepend DJANGO settings info to all jobs
The DJANGO_SETTINGS_MODULE is far from being relevant in all containers.
2022-11-24 18:40:16 +01:00
Régis Behmo
478d44c299 fix: type DO_* filters and actions 2022-11-24 18:40:16 +01:00
Régis Behmo
c06ac5b020 Merge branch 'master' into nightly 2022-11-24 17:27:47 +01:00
Régis Behmo
c9ac12fdd7 v14.2.1 (2022-11-24)
- [Improvement] Auto-completion of `plugins` and `config` arguments: `plugins enable/disable NAME`, `plugins install PATH`, `config save --set KEY=VAL`, `config save --unset KEY`, `config printvalue KEY`. (by @regisb)
- [Bugfix] Fix minimum click version (>= 8.0.0) when installing tutor from pip.
- [Improvement] Enable CORS by default for both LMS and CMS by moving those settings to the `common_all` partial. (by @arbrandes)
2022-11-24 16:25:34 +01:00
Régis Behmo
04258b9f9b docs: add changelog entry for click fix 2022-11-24 16:24:18 +01:00
Régis Behmo
29eb3398a2 feat: auto-complete config save/printroot arguments 2022-11-24 16:21:57 +01:00
Régis Behmo
ee09612326 feat: auto-complete plugins arguments
Support auto-completion of plugin name and path arguments in the `tutor
plugins` commands.
2022-11-24 16:21:57 +01:00
Régis Behmo
6069f91cce docs: fix nightly typo
Co-authored-by: Adolfo R. Brandes <arbrandes@tcril.org>
2022-11-24 16:15:15 +01:00
Régis Behmo
c886b72ae7 docs: migrate to scriv to manage changelog
Changelog management was starting to be a hassle:

- there were conflicts every time a PR was merged
- there were conflicts every time we merged the nightly branch in the new
  release branch, or vice versa.

Now, all changelog entries are stored as separate files in changelog.d,
including nightly. Nightly entries will be collected for every major release.
2022-11-24 16:15:15 +01:00
Overhang.IO
87e5bb7025 Merge remote-tracking branch 'origin/master' into nightly 2022-11-23 18:19:35 +00:00
Régis Behmo
e63d5c32e3 fix: minimum click version is 8.0
An issue was reported here: https://app.slack.com/client/T02SNA1T6/CGE253B7V

CompletionItem was introduced in 8.0, so click needs to be upgraded when
we `pip install tutor`.
2022-11-23 18:24:05 +01:00
Overhang.IO
627b93b95b Merge remote-tracking branch 'origin/master' into nightly 2022-11-21 13:28:28 +00:00
Adolfo R. Brandes
3e32f88c15 feat: common CORS settings for LMS and CMS
The ENABLE_CORS_HEADERS feature flag is already true for the LMS.
Instead of duplicating it for Studio via yaml settings, make this a
common Django setting to both LMS and CMS and all their environments.
2022-11-21 13:51:56 +01:00
Overhang.IO
17028c5c63 Merge remote-tracking branch 'origin/master' into nightly 2022-11-21 10:18:43 +00:00
Régis Behmo
5006f6edc9 v14.2.0 (2022-11-21)
- [Improvement] Auto-complete implicit `local/dev --mount /path/to/...` options. (by @regisb)
- 💥[Feature] Strong typing of action and filter hooks: this allows us to detect incorrect calls to `actions.add` or `filters.add` early. Strong typing forces us to break the `do` and `apply` API by removing the `context` named argument. Developers should replace `do(context=...)` by `do_from_context(..., )` (and similar for `apply`).
2022-11-21 10:10:44 +01:00
Régis Behmo
986c3e2305 chore: upgrade requirements 2022-11-21 10:10:07 +01:00
Régis Behmo
b4a8069cfd fix: init template paths
Plugin template paths of init jobs could not be found because they were
searched for in the Tutor template root only.
2022-11-21 10:03:25 +01:00
Overhang.IO
1890557d40 Merge remote-tracking branch 'origin/master' into nightly 2022-11-17 14:44:20 +00:00
Régis Behmo
f8b5cbc657 feat: auto-complete --mount args
When typing `tutor local run --mount /path/to/edx-pl<TAB>`, the mount option
should be auto-completed to the full edx-platform repo path. That is, if shell
completion is enabled:
https://docs.tutor.overhang.io/install.html#shell-autocompletion

Here, we make sure that the implicit form of the `--mount` argument is properly
auto-completed. We are unable to get completion to work in the explicit form,
because args that include colons do not even reach the `shell_completion`
method.
2022-11-17 14:50:52 +01:00
Régis Behmo
d7c667835a Merge branch 'master' into nightly 2022-11-15 16:59:19 +01:00
Régis Behmo
33e4f33afe feat: strongly typed hooks
Now that the mypy bugs have been resolved, we are able to define more precisely
and cleanly the types of Actions and Filters.

Moreover, can now strongly type named actions and hooks (in consts.py). With
such a strong typing, we get early alerts of hooks called with incorrect
arguments, which is nothing short of awesome :)

This change breaks the hooks API by removing the `context=...` argument. The
reason for that is that we cannot insert arbitrary arguments between `P.args,
P.kwargs`: https://peps.python.org/pep-0612/#the-components-of-a-paramspec

> A function declared as def inner(a: A, b: B, *args: P.args, **kwargs:
> P.kwargs) -> R has type Callable[Concatenate[A, B, P], R]. Placing
> keyword-only parameters between the *args and **kwargs is forbidden.

Getting the documentation to build in nitpicky mode is quite difficult... We
need to add `nitpick_ignore` to the docs conf.py, otherwise sphinx complains
about many missing class references. This, despite upgrading almost all doc
requirements (except docutils).
2022-11-15 14:58:36 +01:00
Régis Behmo
0453b0c002 feat: add -h help option to all commands 2022-11-15 09:46:08 +01:00
Régis Behmo
16e6131f96 feat: pluggable local/dev/k8s do <job> commands
We introduce a new filter to implement custom commands in arbitrary containers.
It becomes easy to write convenient ad-hoc commands that users will
then be able to run either on Kubernetes or locally using a documented CLI.

Pluggable jobs are declared as Click commands and are responsible for
parsing their own arguments. See the new CLI_DO_COMMANDS filter.

Close https://github.com/overhangio/2u-tutor-adoption/issues/75
2022-11-15 09:46:08 +01:00
Régis Behmo
b6dc65cc64 refactor: deduplicate jobs code
createuser, importdemocourse and settheme were 100% duplicated code between
k8s.py and compose.py.
2022-11-15 09:46:08 +01:00
Régis Behmo
e734f52f07 feat: filter priorities
Nothing revolutionary here, we just implement the same priority queue that
existed in actions. It will be necessary to trigger init tasks in the right
order.
2022-11-15 09:46:08 +01:00
Overhang.IO
7879506910 Merge remote-tracking branch 'origin/master' into nightly 2022-11-14 12:19:34 +00:00
Régis Behmo
8aeeb7e09c chore: replaced unnamed hook filters by named equivalents 2022-11-14 12:25:28 +01:00
Régis Behmo
19f3f329f2 Merge branch 'master' into nightly 2022-11-03 09:52:43 +01:00
Régis Behmo
fd2d3dea10 v14.1.2 (2022-11-02)
- [Security] Fix edx-platform XSS vulnerability on "next" parameter. (by
  @regisb)
2022-11-02 10:42:55 +01:00
Régis Behmo
b46a7b0fa8 sec: fix edx-platform xss vulnerability on "next" parameter 2022-11-02 10:42:10 +01:00
Régis Behmo
f95c394e38 fix: print proper command on check_output
Note that the `check_output` command is mostly unused.
2022-10-26 16:46:04 +02:00
Régis Behmo
5419be7d31 Merge branch 'master' into nightly 2022-10-26 13:29:30 +02:00
Régis Behmo
7541433729 v14.1.1 (2022-10-25)
- [Security] Fix xblock ajax handler vulnerability. (by @regisb)
- [Improvement] Use web proxy gzip encoding to improve bandwidth. We
  observe a 75% size reduction on the LMS dashboard. (by @ghassanmas)
2022-10-26 12:28:16 +02:00