6
0
mirror of https://github.com/ChristianLight/tutor.git synced 2024-11-18 02:55:17 +00:00
Commit Graph

1602 Commits

Author SHA1 Message Date
Régis Behmo
9df3b18c31 sec: fix LTI consumer xblock grading
See advisory:
https://github.com/openedx/xblock-lti-consumer/security/advisories/GHSA-7j9p-67mm-5g87
Discussion:
https://discuss.openedx.org/t/upcoming-security-release-xblock-lti-consumer/9165
Pull requests:
https://github.com/openedx/xblock-lti-consumer/pull/331
https://github.com/openedx/edx-platform/pull/31724
2023-02-09 11:55:18 +01:00
Régis Behmo
561460ec7f chore: upgrade to mypy 1.0.0
Now that mypy 1.0.0 is out, we can get add some elegant type aliases for
filter and action callback functions.
2023-02-09 11:55:06 +01:00
Régis Behmo
4b14d20c5e feat: overridable lms/cms max upload size
Users want to be able to override the request `max_size` to upload
larger files. But they will not be able to if the patch is placed after
the `request` directive. So we move the patch statement before the
directive. Also, we wrap the `request_body` directives within `handle`
statements. If not, then different sizes are not managed properly.

To override the max upload size in the cms, add the following to the
"caddyfile-cms" patch:

    handle_path /import/* {
        request_body {
            max_size 500MB
        }
    }

See discussion:
https://discuss.openedx.org/t/how-to-update-caddyfile-using-tutor-plugin/8944
2023-02-07 10:19:54 +01:00
Kyle McCormick
a44bad6033 docs: fix typos in hooks changelog entry
* Remove redundant changelog line
* The change should NOT affect most developers ;)
2023-02-02 11:43:55 +01:00
Régis Behmo
1850c62d8b docs: remove duplicate link
Sentence was duplicated during the upgrade to Olive.
2023-01-31 18:41:18 +01:00
Régis Behmo
50734c20cc docs: fix incorrect catalog references 2023-01-31 15:46:15 +01:00
Régis Behmo
6f06182877 fix: ModuleNotFoundError: No module named 'tutor.core'
Module was not importable after `pip install .`, notably in CI.
2023-01-31 10:33:48 +01:00
Régis Behmo
71ed7a8618 feat: refactor hooks API for simplification
The hooks API had several issues which are summarized in this comment:
https://github.com/openedx/wg-developer-experience/issues/125#issuecomment-1313553526

1. "consts" was a bad name
2. "hooks.filters" and "hooks.Filters" could easily be confused
3. docs made it difficult to understand that plugin developers should use the catalog

To address these issues, we:

1. move "consts.py" to "catalog.py"
2. Remove "hooks.actions", "hooks.filters", "hooks.contexts" from the API.
3. re-organize the docs and give better usage examples in the catalog.

This change is a partial fix for https://github.com/openedx/wg-developer-experience/issues/125
2023-01-31 10:17:58 +01:00
Régis Behmo
4fe5fcf6db v15.2.0 2023-01-19 20:35:54 +01:00
Carlos Muniz
ac1a875f42 refactor: annotation with __future__.annotations
Adds `from __future__ import annotations` to the top of every module,
right below the module's docstring. Replaces any usages of t.List,
t.Dict, t.Set, t.Tuple, and t.Type with their built-in equivalents:
list, dict, set, tuple, and type. Ensures that make test still passes
under Python 3.7, 3.8 and 3.9.
2023-01-18 08:36:14 +01:00
Régis Behmo
d629ca932c fix: get rid of lms/cms CORS_ORIGIN_WHITELIST warnings
The LMS and CMS were producing lots of logs similar to:

	cms_1                        | 2023-01-17 15:30:11,359 INFO 7 [openedx.core.djangoapps.cors_csrf.helpers] [user 7] [ip 31.223.46.44] helpers.py:64 - Origin 'https://studio.demo.openedx.overhang.io' was not in `CORS_ORIGIN_WHITELIST`; full referer was 'https://studio.demo.openedx.overhang.io/learning/course/course-v1:edX+DemoX+Demo_Course/home' and requested host was 'studio.demo.openedx.overhang.io'; CORS_ORIGIN_ALLOW_ALL=False

These warnings are produced by openedx.core.djangoapps.cors_csrf.helpers. I
don't think they indicate any problem, but they pollute the logs. They are
resolved by adding the "http(s)://<lms/cms host>" to CORS_ORIGIN_WHITELIST in
production, so we did just that.
2023-01-18 07:55:13 +01:00
Régis Behmo
ca04b245f3 fix: backport fix for html component editing in studio
See: https://discuss.openedx.org/t/text-component-does-not-remove-text-with-link-or-insert-a-link-to-text/9029
2023-01-18 07:51:24 +01:00
Régis Behmo
56a7614fd7 fix: 'example.com' links in registration emails
When a user registers, they receive a confirmation email. This email contained
two links to "https://example.com/..." urls. This was caused by the fact that
the default site, indicated by SITE_ID=1, was example.com. We resolve this
issue by setting instead SITE_ID=2, which should point to the site with the LMS
domain name.

This is a potentially breaking change for platforms that have manually set to 1
the id of the LMS site in the database. These platforms should now set
SITE_ID=1 via a plugin.

Alternatives we have considered include modifying the id field of the LMS site
in the database. Unfortunately such a change would have important consequences,
as the site ID is used as a foreign key for other models.

Note that non-https sites still include https links in the registration emails.
This is because the "https" scheme is hardcoded by the "ensure_url_is_absolute"
utility function. So there is nothing we can do about this without making
changes upstream.

Close #572.
2023-01-18 07:51:11 +01:00
Régis Behmo
8f2df6a842 ci: better github release management with scriv
In scriv 1.1.0 the GitHub release description can be templated:
https://github.com/nedbat/scriv/issues/61
https://github.com/nedbat/scriv/releases/tag/1.1.0

This means that we can finally get rid of our ugly scripts to generate the
release description \o/
2023-01-17 12:12:10 +01:00
Emad Rad
b903c69fac
fix: respect RUN_MYSQL on k8s maple upgrade
During the maple -> nutmeg upgrade on k8s, only wait for mysql when RUN_MYSQL is true.
2023-01-09 13:01:48 +01:00
Abhiram Kuchibhotla
d7bc3370df
docs: update the Podman instructions
Close #771.
2023-01-06 17:46:33 +01:00
Régis Behmo
67f9c092d2 ci: backward compatible Tutor binary releases
Tutor binary releases were no longer compatible with Ubuntu 20.04 since the
ubuntu-latest image was 22.04 on GitHub.

The error was:

    [7893] Error loading Python lib '/tmp/_MEIcyvkMV/libpython3.7m.so.1.0': dlopen: /lib/x86_64-linux-gnu/libm.so.6: version `GLIBC_2.35' not found (required by /tmp/_MEIcyvkMV/libpython3.7m.so.1.0)

We fix this issue by downgrading the GitHub image with which we make the
release.

Close #765.
2023-01-05 12:31:20 +01:00
Régis Behmo
8b4719a13e fix: de-duplicate filter names
Some filter declaration were duplicated. We resolve this issue by properly
sorting all filter declarations by alphabetical order.
2023-01-03 17:12:55 +01:00
Régis Behmo
380786219e v15.1.0
- [Improvement] Upgrade ipdb and ipython packages in the openedx development image. (by @regisb)
- [Improvement] Skip unnecessary image building in development. This should make `tutor dev launch` slightly faster. (by @regisb)
- [Bugfix] Fix Authn MFE login in development by disabling enterprise integration. (by @regisb)
- [Bugfix] Fix "Invalid value for ‘--from’" when running `tutor local upgrade --from=nutmeg`. If you are facing this error, just run `tutor local launch` and your platform should be automatically upgraded.
- [Bugfix] Fix "TypeError: Parameters to Generic[...] must all be type variables" error. This error may occur when upgrading from a very old installation of Tutor. It is due to an old version of the typing-extensions package.
- 💥[Deprecation] Get rid of the `quickstart` command. v15.0.0 introduced a deprecation warning, but we actually want users to stop using this command. Instead, use `launch` (by @regisb).
- [Improvement] Backfill persistent grades during upgrade from Nutmeg. If you observe missing grades after the upgrade from Nutmeg, run `tutor local upgrade --from=nutmeg`. (by @regisb)
2022-12-13 18:42:41 +01:00
Régis Behmo
23a9914721 fix: authn login in dev by disabling enterprise integration
In development, login via the authn mfe was broken because of explicit
enterprise integration:

    requests.exceptions.ConnectionError: HTTPConnectionPool(host='localhost', port=18000): Max retries exceeded with url: /enterprise/api/v1/enterprise-learner/?username=regis (Caused by NewConnectionError('<urllib3.connection.HTTPConnection object at 0x7fd4c02b8a90>: Failed to establish a new connection: [Errno 111] Connection refused'))

See: https://discuss.overhang.io/t/tutor-login-fail-in-new-version/3083
2022-12-13 17:25:58 +01:00
Régis Behmo
146ec62a0a feat: skip explicit openedx-dev image building in tutor dev launch
I have no idea why we decided to kickstart a separate build. The image will be
built anyway at the next step because we run `docker compose up --build` in
`tutor dev start`.

The build step was introduced in this PR: https://github.com/overhangio/tutor/pull/627
2022-12-13 17:25:58 +01:00
Régis Behmo
c70a6a5e80 feat: upgrade ipdb/ipython in openedx-dev image 2022-12-13 17:25:58 +01:00
Régis Behmo
9d9e9281d5 depr: get rid of quickstart command
We meant to get rid of `quickstart` in Olive, but somehow we forgot to delete
the command.
2022-12-13 17:25:43 +01:00
Régis Behmo
7a61f07dfd feat: backfill persistent grades during upgrade
In Olive, persistent grades are now mandatory. This was already the case in
Nutmeg, but it didn't mean that existing, non-persistent grades were migrated
to be persistent. This introduces a job that is run whenever a user upgrades
from Nutmeg. Alternatively, it can be run manually with:

    tutor local upgrade --from=nutmeg

See relevant documentation: https://openedx.atlassian.net/wiki/spaces/AC/pages/755171487/Migrating+to+Persistent+Grading#The-Persistent-Grades-Backfill
See discussion: https://app.slack.com/client/T02SNA1T6/C049JQZFR5E/thread/C02SNA1U4-1670937183.881709
2022-12-13 17:22:15 +01:00
Régis Behmo
93d139d4bf docs: fix v15.0.0 changelog
v15.0.0 changelog includes entries from v14.0.0 (!!!). I assume this is because
we did not delete these entries from the nightly changelog during the v14
upgrade.

Close #761.
2022-12-13 17:22:00 +01:00
Régis Behmo
3ce022bee4 fix: "TypeError: Parameters to Generic[...]" error
People running typing-extensions==3.10 faced this error for just any tutor command:

    $ tutor version
    ...
    Traceback (most recent call last):
      File "/usr/local/bin/tutor", line 5, in <module>
        from tutor.commands.cli import main
      File "/usr/local/lib/python3.8/dist-packages/tutor/commands/cli.py", line 7, in <module>
        from tutor import exceptions, fmt, hooks, utils
      File "/usr/local/lib/python3.8/dist-packages/tutor/hooks/__init__.py", line 7, in <module>
        from . import actions, contexts, filters, priorities
      File "/usr/local/lib/python3.8/dist-packages/tutor/hooks/actions.py", line 18, in <module>
        class ActionCallback(Contextualized, t.Generic[P]):
      File "/usr/lib/python3.8/typing.py", line 261, in inner
        return func(*args, **kwds)
      File "/usr/lib/python3.8/typing.py", line 890, in __class_getitem__
        raise TypeError(
    TypeError: Parameters to Generic[...] must all be type variables

We fix this error by requiring a more recent version of typing-extensions.

See: https://discuss.openedx.org/t/tutor-v15-python-error-when-running-on-quickstart/8910/2
2022-12-13 08:02:15 +01:00
Régis Behmo
608f87a36c docs: add missing changelog entry 2022-12-12 23:56:11 +01:00
Régis Behmo
609b39b802 fix: tutor local upgrade --from=nutmeg
There is nothing to do in the upgrade from nutmeg to olive, but it's not a
reason to crash this command.

Close #756.
2022-12-12 23:49:45 +01:00
Régis Behmo
b4a1b9528a ci: fix pip install warnings in GitHub Actions 2022-12-12 23:34:34 +01:00
Régis Behmo
c26999ec65 feat: upgrade to olive 2022-12-12 16:55:07 +01:00
Régis Behmo
5ef246479b Merge branch 'nightly' into olive 2022-12-06 15:17:41 +01:00
Régis Behmo
3772bda438 v14.2.3 (2022-12-06)
- [Security] Fix rotation of JWT tokens for disabled users. (by @regisb)
2022-12-06 14:03:34 +01:00
Régis Behmo
143b656e83 sec: fix rotation of JWT tokens for disabled users 2022-12-01 12:16:37 +01:00
Overhang.IO
a8039dc076 Merge remote-tracking branch 'origin/master' into nightly 2022-11-29 15:58:06 +00:00
Régis Behmo
08a14c80db ci: simplify release process
Previously, tags had to be created locally before they were pushed upstream.
Now they are automatically created in CI when __version__ is bumped.
2022-11-29 16:46:06 +01:00
Overhang.IO
506e88debe Merge remote-tracking branch 'origin/master' into nightly 2022-11-29 15:21:20 +00:00
Régis Behmo
21a7b211d2 ci: fix github ref name on release 2022-11-29 16:14:56 +01:00
Overhang.IO
12fe99f699 Merge remote-tracking branch 'origin/master' into nightly 2022-11-29 15:07:54 +00:00
Régis Behmo
429d528d64 fix: unit test on github's macOs action runner
Somehow, the tmp directory is a symlink on github.
2022-11-29 16:02:17 +01:00
Overhang.IO
9466fc395b Merge remote-tracking branch 'origin/master' into nightly 2022-11-29 14:58:08 +00:00
Régis Behmo
3b6d2404e5 fix: unit tests when run as root
GitHub Actions sometimes runs `make tests` as root; e.g: in the release script.
There were unit tests that were breaking in that scenario. I have no idea why
tests were not breaking in the test.yml workflow.
2022-11-29 15:50:34 +01:00
Overhang.IO
d9cdf1731f Merge remote-tracking branch 'origin/master' into nightly 2022-11-29 14:50:31 +00:00
Régis Behmo
31df4da136 ci: upgrade outdated v2 github actions 2022-11-29 15:50:22 +01:00
Régis Behmo
0e0f223bdd ci: fix github auth 2022-11-29 15:29:16 +01:00
Régis Behmo
346d86af82 ci: fix test running in release action 2022-11-29 15:18:31 +01:00
Régis Behmo
88d882b5b8 ci: modernize github release script
We address the following issues in CI:

- Node 12 deprecation: https://github.blog/changelog/2022-09-22-github-actions-all-actions-will-begin-running-on-node16-instead-of-node12/
  To do that we upgrade actions/checkout and actions/setup-python to v3.
- Deprecated set-output command: https://github.blog/changelog/2022-10-11-github-actions-deprecating-save-state-and-set-output-commands/
- Get rid of the actions/upload-files-to-a-github-release action to use the gh
  script which ships by default in GitHub hosted runners: https://github.com/cli/cli

Unfortunately we could not get rid of the ugly `sed` in `make
release-description`. I wish we could use `envsubst` but it's not available on
GitHub action runners.
2022-11-29 15:11:47 +01:00
Overhang.IO
bb849b86de Merge remote-tracking branch 'origin/master' into nightly 2022-11-29 11:24:41 +00:00
Régis Behmo
c0d79463ff v14.2.2 (2022-11-29)
- [Bugfix] Fix `jinja2.exceptions.TemplateSyntaxError: expected token 'end of statement block', got '|'` error by bumping the minimum required version of the Jinja2 package.
- [Feature] Add support for MongoDB SSL, authentication source, mechanism and replica set via the `MONGODB_USE_SSL`, `MONGODB_AUTH_MECHANISM`, `MONGODB_AUTH_SOURCE`, `MONGODB_REPLICA_SET` settings. (by @zakum1 and @regisb)
- [Bugfix] Fix tag of "openedx" development Docker image. Previously, this Docker tag did not include the Tutor version. As a consequence, a different cached image could be used in some cases. For instance: when running `tutor dev run` commands. Now, the image tag is "openedx-dev:TUTOR_VERSION".
- [Bugfix] Fix name of Swahili locale: it is "sw-ke" and not "sw" (by @regisb).
- [Security] Apply drag-n-drop v2 xblock [security patch](https://discuss.openedx.org/t/upcoming-security-release-xblock-drag-and-drop-v2/8768/7). (by @regisb)
2022-11-29 11:27:35 +01:00
Régis Behmo
e4e9cd8197 Merge branch 'master' into nightly 2022-11-29 10:28:11 +01:00
Régis Behmo
4a6896d892 docs: adjust web proxy tutorial 2022-11-29 09:49:57 +01:00