Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Hub image - using unreleased versions of some jupyterhub packages #1589

Closed
2 tasks
GeorgianaElena opened this issue Aug 3, 2022 · 6 comments · Fixed by #1849
Closed
2 tasks

Hub image - using unreleased versions of some jupyterhub packages #1589

GeorgianaElena opened this issue Aug 3, 2022 · 6 comments · Fixed by #1849
Assignees

Comments

@GeorgianaElena
Copy link
Member

GeorgianaElena commented Aug 3, 2022

Context

The 2i2c hubs run a custom docker image as per the Dockerfile at https://github.com/2i2c-org/infrastructure/blob/master/helm-charts/images/hub/Dockerfile. More details about this image and how to update it, can be found in the docs at https://infrastructure.2i2c.org/en/latest/topic/hub-image.html.

In this custom hub image we're currently installing unreleased versions of oathenticator and configurator. This is because we want to try out the latest changes of this packages and improve/fix anything that might not work as it should.

This however means that we're using unreleased versions of these packages and we should make sure we're upgrading to released versions as soon as those are available.

Proposal

A few points about the current situation:

  • Our current mechanism for automating the packages upgrades (dependabot and bump-image-tags action) won't work on the pip packages in this Dockerfile
  • Not aware of other software we could use that does this already (please comment to this issue, if you know any)
  • 2i2c members are maintainers/contributors to releases of this packages and are more or less up to speed to the changes that happen there

Starting from the current situation described above, how about instead of always opening new issues about going back to an official released version of a package whenever we pin to a specific commit (as in #1583 (comment)), we document this as being a best practice to follow?

Updates and actions

My suggested plan is to:

@damianavila
Copy link
Contributor

Our current mechanism for automating the packages upgrades (dependabot and bump-image-tags action) won't work on the pip packages in this Dockerfile

Quick question, what about putting these packages into a requirements file and pip install the requirements file in the Dockerfile... in that way we may use the dependabot, right?

@damianavila damianavila moved this to Needs Shaping / Refinement in DEPRECATED Engineering and Product Backlog Aug 3, 2022
@sgibson91
Copy link
Member

Quick question, what about putting these packages into a requirements file and pip install the requirements file in the Dockerfile... in that way we may use the dependabot, right?

Yep!

@damianavila
Copy link
Contributor

Super!
Then I would advocate going into that route... because, in that way, we have better control of the upgrade step using the action. @GeorgianaElena, WDYT?

yuvipanda added a commit to yuvipanda/pilot-hubs that referenced this issue Sep 8, 2022
- Removes custom version of jupyterhub installed, as that
  has been merged into latest z2jh
- We keep the version of oauthenticator, as I'm not sure
  it has been merged and released

Ref 2i2c-org#1055
Ref 2i2c-org#1102
Ref 2i2c-org#1589
yuvipanda added a commit to yuvipanda/pilot-hubs that referenced this issue Sep 8, 2022
- Removes custom version of jupyterhub installed, as that
  has been merged into latest z2jh
- We keep the version of oauthenticator, as I'm not sure
  it has been merged and released

Ref 2i2c-org#1055
Ref 2i2c-org#1102
Ref 2i2c-org#1589
@yuvipanda
Copy link
Member

With #1690 we no longer use a custom jupyterhub version!

@GeorgianaElena
Copy link
Member Author

That's awesome ✨ So the only pkgs we're using custom versions for, are the oauthenticator and the configurator

@GeorgianaElena
Copy link
Member Author

btw, oauthenticator 15.1.0 has just been released thanks to @consideRatio 🚀

@GeorgianaElena GeorgianaElena self-assigned this Nov 2, 2022
@GeorgianaElena GeorgianaElena moved this to In Progress ⚡ in Sprint Board Nov 2, 2022
Repository owner moved this from In Progress ⚡ to Done 🎉 in Sprint Board Nov 2, 2022
Repository owner moved this from Needs Shaping / Refinement to Complete in DEPRECATED Engineering and Product Backlog Nov 2, 2022
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
No open projects
Archived in project
Development

Successfully merging a pull request may close this issue.

4 participants