From f727ed2b7f2204859013e93b788ee19add351da5 Mon Sep 17 00:00:00 2001 From: Georgiana Dolocan Date: Tue, 17 Dec 2024 15:50:23 +0200 Subject: [PATCH 01/11] Upgrade z2jh chart version --- helm-charts/basehub/Chart.yaml | 2 +- helm-charts/images/hub/Dockerfile | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/helm-charts/basehub/Chart.yaml b/helm-charts/basehub/Chart.yaml index 9aeaf81644..b435570fcc 100644 --- a/helm-charts/basehub/Chart.yaml +++ b/helm-charts/basehub/Chart.yaml @@ -12,7 +12,7 @@ dependencies: # images/hub/Dockerfile, and will also involve manually building and pushing # the Dockerfile to https://quay.io/2i2c/pilot-hub. Details about this can # be found in the Dockerfile's comments. - version: 3.3.7 + version: 4.0.0 repository: https://jupyterhub.github.io/helm-chart/ - name: binderhub-service version: 0.1.0-0.dev.git.282.he1ac64b diff --git a/helm-charts/images/hub/Dockerfile b/helm-charts/images/hub/Dockerfile index 3a1c329cea..c3fd396125 100644 --- a/helm-charts/images/hub/Dockerfile +++ b/helm-charts/images/hub/Dockerfile @@ -12,7 +12,7 @@ # `chartpress --push --builder docker-buildx --platform linux/amd64` # Ref: https://cloudolife.com/2022/03/05/Infrastructure-as-Code-IaC/Container/Docker/Docker-buildx-support-multiple-architectures-images/ # -FROM jupyterhub/k8s-hub:3.3.7 +FROM jupyterhub/k8s-hub:4.0.0 # chartpress.yaml defines multiple hub images differentiated only by a # requirements.txt file with dependencies, this build argument allows us to From e15c4383d63127e61054e0af71e052b65bd37eb3 Mon Sep 17 00:00:00 2001 From: Georgiana Dolocan Date: Tue, 17 Dec 2024 17:29:06 +0200 Subject: [PATCH 02/11] Replace {username} for {escaped_username} --- config/clusters/2i2c-aws-us/itcoocean.values.yaml | 2 +- config/clusters/hhmi/daskhub-common.values.yaml | 2 +- .../jupyter-meets-the-earth/daskhub-common.values.yaml | 2 +- config/clusters/maap/common.values.yaml | 4 ++-- config/clusters/maap/prod.values.yaml | 2 +- config/clusters/maap/staging.values.yaml | 2 +- config/clusters/nasa-cryo/common.values.yaml | 2 +- config/clusters/nasa-ghg/common.values.yaml | 4 ++-- config/clusters/nasa-ghg/staging.values.yaml | 4 ++-- config/clusters/nasa-veda/common.values.yaml | 4 ++-- config/clusters/nasa-veda/staging.values.yaml | 2 +- docs/howto/features/per-user-db.md | 4 ++-- docs/topic/infrastructure/storage-layer.md | 2 +- helm-charts/basehub/values.yaml | 6 +++--- 14 files changed, 21 insertions(+), 21 deletions(-) diff --git a/config/clusters/2i2c-aws-us/itcoocean.values.yaml b/config/clusters/2i2c-aws-us/itcoocean.values.yaml index 720328c6c5..dac198ffe9 100644 --- a/config/clusters/2i2c-aws-us/itcoocean.values.yaml +++ b/config/clusters/2i2c-aws-us/itcoocean.values.yaml @@ -75,7 +75,7 @@ jupyterhub: volumeMounts: - name: home mountPath: /home/jovyan - subPath: "{username}" + subPath: "{escaped_username}" # Mounted without readonly attribute here, # so we can chown it appropriately - name: home diff --git a/config/clusters/hhmi/daskhub-common.values.yaml b/config/clusters/hhmi/daskhub-common.values.yaml index 5905ae98a1..50cb95a4e4 100644 --- a/config/clusters/hhmi/daskhub-common.values.yaml +++ b/config/clusters/hhmi/daskhub-common.values.yaml @@ -82,7 +82,7 @@ basehub: volumeMounts: - name: home mountPath: /home/jovyan - subPath: "{username}" + subPath: "{escaped_username}" # Mounted without readonly attribute here, # so we can chown it appropriately - name: home diff --git a/config/clusters/jupyter-meets-the-earth/daskhub-common.values.yaml b/config/clusters/jupyter-meets-the-earth/daskhub-common.values.yaml index 60615fc218..63d88bbfeb 100644 --- a/config/clusters/jupyter-meets-the-earth/daskhub-common.values.yaml +++ b/config/clusters/jupyter-meets-the-earth/daskhub-common.values.yaml @@ -76,7 +76,7 @@ basehub: volumeMounts: - name: home mountPath: /home/jovyan - subPath: "{username}" + subPath: "{escaped_username}" - name: home mountPath: /home/jovyan/shared subPath: _shared diff --git a/config/clusters/maap/common.values.yaml b/config/clusters/maap/common.values.yaml index e04c684243..97ee00fb1d 100644 --- a/config/clusters/maap/common.values.yaml +++ b/config/clusters/maap/common.values.yaml @@ -75,7 +75,7 @@ jupyterhub: volumeMounts: - name: home mountPath: /home/jovyan - subPath: "{username}" + subPath: "{escaped_username}" # Mounted without readonly attribute here, # so we can chown it appropriately - name: home @@ -137,7 +137,7 @@ jupyterhub: volumeMounts: - name: home mountPath: /home/jovyan - subPath: "{username}" + subPath: "{escaped_username}" securityContext: runAsUser: 1000 runAsGroup: 1000 diff --git a/config/clusters/maap/prod.values.yaml b/config/clusters/maap/prod.values.yaml index 4f44023044..9bb801f09c 100644 --- a/config/clusters/maap/prod.values.yaml +++ b/config/clusters/maap/prod.values.yaml @@ -23,7 +23,7 @@ jupyterhub: volumeMounts: - name: home mountPath: /home/jovyan - subPath: "{username}" + subPath: "{escaped_username}" # Mounted without readonly attribute here, # so we can chown it appropriately - name: home diff --git a/config/clusters/maap/staging.values.yaml b/config/clusters/maap/staging.values.yaml index 67c345e3ee..818371cdd1 100644 --- a/config/clusters/maap/staging.values.yaml +++ b/config/clusters/maap/staging.values.yaml @@ -23,7 +23,7 @@ jupyterhub: volumeMounts: - name: home mountPath: /home/jovyan - subPath: "{username}" + subPath: "{escaped_username}" # Mounted without readonly attribute here, # so we can chown it appropriately - name: home diff --git a/config/clusters/nasa-cryo/common.values.yaml b/config/clusters/nasa-cryo/common.values.yaml index 3e6c66291c..1bb8bc822b 100644 --- a/config/clusters/nasa-cryo/common.values.yaml +++ b/config/clusters/nasa-cryo/common.values.yaml @@ -107,7 +107,7 @@ basehub: volumeMounts: - name: home mountPath: /home/jovyan - subPath: "{username}" + subPath: "{escaped_username}" # Mounted without readonly attribute here, # so we can chown it appropriately - name: home diff --git a/config/clusters/nasa-ghg/common.values.yaml b/config/clusters/nasa-ghg/common.values.yaml index d9257b7cd9..e3d77d0c71 100644 --- a/config/clusters/nasa-ghg/common.values.yaml +++ b/config/clusters/nasa-ghg/common.values.yaml @@ -101,7 +101,7 @@ basehub: volumeMounts: - name: home mountPath: /home/jovyan - subPath: "{username}" + subPath: "{escaped_username}" # mounted without readonly attribute here, # so we can chown it appropriately - name: home @@ -119,7 +119,7 @@ basehub: volumeMounts: - name: home mountPath: /home/jovyan - subPath: "{username}" + subPath: "{escaped_username}" securityContext: runAsUser: 1000 runAsGroup: 1000 diff --git a/config/clusters/nasa-ghg/staging.values.yaml b/config/clusters/nasa-ghg/staging.values.yaml index 18003b22b7..34ec08e7f1 100644 --- a/config/clusters/nasa-ghg/staging.values.yaml +++ b/config/clusters/nasa-ghg/staging.values.yaml @@ -76,7 +76,7 @@ basehub: volumeMounts: - name: home mountPath: /home/jovyan - subPath: "{username}" + subPath: "{escaped_username}" # mounted without readonly attribute here, # so we can chown it appropriately - name: home @@ -94,7 +94,7 @@ basehub: volumeMounts: - name: home mountPath: /home/jovyan - subPath: "{username}" + subPath: "{escaped_username}" securityContext: runAsUser: 1000 runAsGroup: 1000 diff --git a/config/clusters/nasa-veda/common.values.yaml b/config/clusters/nasa-veda/common.values.yaml index 1399b507fd..8dcaac3f3a 100644 --- a/config/clusters/nasa-veda/common.values.yaml +++ b/config/clusters/nasa-veda/common.values.yaml @@ -92,7 +92,7 @@ basehub: volumeMounts: - name: home mountPath: /home/jovyan - subPath: "{username}" + subPath: "{escaped_username}" # Mounted without readonly attribute here, # so we can chown it appropriately - name: home @@ -154,7 +154,7 @@ basehub: volumeMounts: - name: home mountPath: /home/jovyan - subPath: "{username}" + subPath: "{escaped_username}" securityContext: runAsUser: 1000 runAsGroup: 1000 diff --git a/config/clusters/nasa-veda/staging.values.yaml b/config/clusters/nasa-veda/staging.values.yaml index 420e23d71a..6cf6c18311 100644 --- a/config/clusters/nasa-veda/staging.values.yaml +++ b/config/clusters/nasa-veda/staging.values.yaml @@ -22,7 +22,7 @@ basehub: volumeMounts: - name: home mountPath: /home/jovyan - subPath: "{username}" + subPath: "{escaped_username}" # Mounted without readonly attribute here, # so we can chown it appropriately - name: home diff --git a/docs/howto/features/per-user-db.md b/docs/howto/features/per-user-db.md index c4c25b85db..54ea5466ce 100644 --- a/docs/howto/features/per-user-db.md +++ b/docs/howto/features/per-user-db.md @@ -68,7 +68,7 @@ jupyterhub: volumeMounts: - name: home mountPath: /home/jovyan - subPath: "{username}" + subPath: "{escaped_username}" # Mounted without readonly attribute here, # so we can chown it appropriately - name: home @@ -132,7 +132,7 @@ jupyterhub: # that load data into the db from disk work - name: home mountPath: /home/jovyan - subPath: "{username}" + subPath: "{escaped_username}" - name: postgres-db mountPath: /var/lib/postgresql/data # postgres recommends against mounting a volume directly here diff --git a/docs/topic/infrastructure/storage-layer.md b/docs/topic/infrastructure/storage-layer.md index 55a74490fb..1628ff4e69 100644 --- a/docs/topic/infrastructure/storage-layer.md +++ b/docs/topic/infrastructure/storage-layer.md @@ -149,7 +149,7 @@ jupyterhub: volumeMounts: - name: home mountPath: /home/jovyan - subPath: "{username}" + subPath: "{escaped_username}" # Mounted without readonly attribute here, # so we can chown it appropriately - name: home diff --git a/helm-charts/basehub/values.yaml b/helm-charts/basehub/values.yaml index 314a20cddd..6c60332fde 100644 --- a/helm-charts/basehub/values.yaml +++ b/helm-charts/basehub/values.yaml @@ -549,7 +549,7 @@ jupyterhub: volumeMounts: - name: home mountPath: /home/jovyan - subPath: "{username}" + subPath: "{escaped_username}" # Mounted without readonly attribute here, # so we can chown it appropriately - name: home @@ -769,7 +769,7 @@ jupyterhub: type: static static: pvcName: home-nfs - subPath: "{username}" + subPath: "{escaped_username}" extraVolumes: - name: dev-shm emptyDir: @@ -794,7 +794,7 @@ jupyterhub: # problem by openscapes) - name: home mountPath: /home/rstudio - subPath: "{username}" + subPath: "{escaped_username}" - name: home mountPath: /home/rstudio/shared subPath: _shared From b1acb8c38f7a1109fdb96586c7e896b5b018dd59 Mon Sep 17 00:00:00 2001 From: Georgiana Dolocan Date: Tue, 17 Dec 2024 17:30:22 +0200 Subject: [PATCH 03/11] Switch EventLog for EventLogger --- helm-charts/basehub/values.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/helm-charts/basehub/values.yaml b/helm-charts/basehub/values.yaml index 6c60332fde..b8e3832117 100644 --- a/helm-charts/basehub/values.yaml +++ b/helm-charts/basehub/values.yaml @@ -65,7 +65,7 @@ binderhub-service: log_name = "binderhub-event-logs" get_logger().info(f"Sending logs of launch events to a 2i2c managed GCP project {client.project} under log name {log_name}.") return [CloudLoggingHandler(client, name=log_name)] - c.EventLog.handlers_maker = _make_eventsink_handler + c.EventLogger.handlers_maker = _make_eventsink_handler ingressBasicAuth: enabled: false From c639a912a647d21d58715415f0520ede363c2441 Mon Sep 17 00:00:00 2001 From: Georgiana Dolocan Date: Wed, 18 Dec 2024 12:24:44 +0200 Subject: [PATCH 04/11] Rm the dynamic-image-building-experiment image as we're not longer using it --- helm-charts/chartpress.yaml | 6 ------ .../hub/dynamic-image-building-requirements.txt | 13 ------------- 2 files changed, 19 deletions(-) delete mode 100644 helm-charts/images/hub/dynamic-image-building-requirements.txt diff --git a/helm-charts/chartpress.yaml b/helm-charts/chartpress.yaml index 07d40f21ac..7ce34d63a2 100644 --- a/helm-charts/chartpress.yaml +++ b/helm-charts/chartpress.yaml @@ -16,12 +16,6 @@ charts: valuesPath: jupyterhub.hub.image buildArgs: REQUIREMENTS_FILE: requirements.txt - dynamic-image-building-experiment: - imageName: quay.io/2i2c/dynamic-image-building-experiment - buildArgs: - REQUIREMENTS_FILE: dynamic-image-building-requirements.txt - contextPath: images/hub - dockerfilePath: images/hub/Dockerfile pkce-experiment: imageName: quay.io/2i2c/pkce-experiment buildArgs: diff --git a/helm-charts/images/hub/dynamic-image-building-requirements.txt b/helm-charts/images/hub/dynamic-image-building-requirements.txt deleted file mode 100644 index 7332c05faa..0000000000 --- a/helm-charts/images/hub/dynamic-image-building-requirements.txt +++ /dev/null @@ -1,13 +0,0 @@ -# Image lives at quay.io/2i2c/dynamic-image-building-experiment - -# jupyterhub-configurator isn't maintained and its not intended to be developed -# further. We are using a branch that has forked from the main branch just -# before a breaking change were made. This allows us to avoid migrating. -# -# ref: https://github.com/yuvipanda/jupyterhub-configurator/commits/main -# ref: https://github.com/yuvipanda/jupyterhub-configurator/commits/backported-jh41-compatibility -# -git+https://github.com/yuvipanda/jupyterhub-configurator@backported-jh41-compatibility - -# Brings in https://github.com/yuvipanda/jupyterhub-fancy-profiles -jupyterhub-fancy-profiles==0.3.6 From dfc128c1ea3f48c50289fef99e0071c00ad020fa Mon Sep 17 00:00:00 2001 From: Georgiana Dolocan Date: Wed, 18 Dec 2024 12:26:21 +0200 Subject: [PATCH 05/11] Use the bootstrap5 branch of fancy profiles --- helm-charts/images/hub/requirements.txt | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/helm-charts/images/hub/requirements.txt b/helm-charts/images/hub/requirements.txt index e633e166b2..c4ea61ed20 100644 --- a/helm-charts/images/hub/requirements.txt +++ b/helm-charts/images/hub/requirements.txt @@ -9,5 +9,5 @@ # git+https://github.com/yuvipanda/jupyterhub-configurator@backported-jh41-compatibility -# Brings in https://github.com/yuvipanda/jupyterhub-fancy-profiles -jupyterhub-fancy-profiles==0.3.10 \ No newline at end of file +# Brings in https://github.com/2i2c-org/jupyterhub-fancy-profiles/pull/72 +git+https://github.com/2i2c-org/jupyterhub-fancy-profiles@bootstrap5 \ No newline at end of file From 29c3280e7f8011ff61158bff68b0b5d142194e22 Mon Sep 17 00:00:00 2001 From: Georgiana Dolocan Date: Wed, 18 Dec 2024 13:02:28 +0200 Subject: [PATCH 06/11] Install npm for fancy profiles pkg build --- helm-charts/images/hub/Dockerfile | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/helm-charts/images/hub/Dockerfile b/helm-charts/images/hub/Dockerfile index c3fd396125..faa14146ba 100644 --- a/helm-charts/images/hub/Dockerfile +++ b/helm-charts/images/hub/Dockerfile @@ -21,6 +21,10 @@ ARG REQUIREMENTS_FILE COPY ${REQUIREMENTS_FILE} /tmp/ USER root + +RUN apt update > /dev/null && \ + apt install --yes nodejs npm >/dev/null + RUN pip install -r /tmp/${REQUIREMENTS_FILE} RUN mkdir -p /usr/local/etc/jupyterhub-configurator From 243ba3e368fdfc5043577ccc19e474765bf191f0 Mon Sep 17 00:00:00 2001 From: Georgiana Dolocan Date: Wed, 18 Dec 2024 13:19:40 +0200 Subject: [PATCH 07/11] Update hub image tag --- helm-charts/basehub/values.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/helm-charts/basehub/values.yaml b/helm-charts/basehub/values.yaml index b8e3832117..ff2c0919d1 100644 --- a/helm-charts/basehub/values.yaml +++ b/helm-charts/basehub/values.yaml @@ -1057,7 +1057,7 @@ jupyterhub: oauth_no_confirm: true image: name: quay.io/2i2c/pilot-hub - tag: "0.0.1-0.dev.git.10892.h37c70b2e" + tag: "0.0.1-0.dev.git.11313.hf6f77f66" networkPolicy: enabled: true # interNamespaceAccessLabels=accept makes the hub pod's associated From 9ee84e7ce6ada0a08fb97dffc8975cff0e870eb5 Mon Sep 17 00:00:00 2001 From: Georgiana Dolocan Date: Thu, 19 Dec 2024 12:05:11 +0200 Subject: [PATCH 08/11] Use latest main --- helm-charts/images/hub/requirements.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/helm-charts/images/hub/requirements.txt b/helm-charts/images/hub/requirements.txt index c4ea61ed20..5301ba5202 100644 --- a/helm-charts/images/hub/requirements.txt +++ b/helm-charts/images/hub/requirements.txt @@ -10,4 +10,4 @@ git+https://github.com/yuvipanda/jupyterhub-configurator@backported-jh41-compatibility # Brings in https://github.com/2i2c-org/jupyterhub-fancy-profiles/pull/72 -git+https://github.com/2i2c-org/jupyterhub-fancy-profiles@bootstrap5 \ No newline at end of file +git+https://github.com/2i2c-org/jupyterhub-fancy-profiles@main \ No newline at end of file From 52b2d7c2fd260ce7bc577cd4e865f65e4335b370 Mon Sep 17 00:00:00 2001 From: Georgiana Dolocan Date: Thu, 19 Dec 2024 15:18:46 +0200 Subject: [PATCH 09/11] Use the bootstrap5 branch --- helm-charts/basehub/values.yaml | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/helm-charts/basehub/values.yaml b/helm-charts/basehub/values.yaml index ff2c0919d1..beb4863632 100644 --- a/helm-charts/basehub/values.yaml +++ b/helm-charts/basehub/values.yaml @@ -414,8 +414,7 @@ jupyterhub: - yuvipanda@2i2c.org homepage: gitRepoUrl: "https://github.com/2i2c-org/default-hub-homepage" - # TODO: make main the default branch in the repo above - gitRepoBranch: "master" + gitRepoBranch: "bootstrap5" templateVars: enabled: true jupyterhubConfigurator: From b977bf05b7a4b790a2c2c6f6f05183b07c94a81f Mon Sep 17 00:00:00 2001 From: Georgiana Dolocan Date: Thu, 19 Dec 2024 20:03:27 +0200 Subject: [PATCH 10/11] Use released version --- helm-charts/images/hub/Dockerfile | 3 --- helm-charts/images/hub/requirements.txt | 3 +-- 2 files changed, 1 insertion(+), 5 deletions(-) diff --git a/helm-charts/images/hub/Dockerfile b/helm-charts/images/hub/Dockerfile index faa14146ba..4b75519885 100644 --- a/helm-charts/images/hub/Dockerfile +++ b/helm-charts/images/hub/Dockerfile @@ -22,9 +22,6 @@ COPY ${REQUIREMENTS_FILE} /tmp/ USER root -RUN apt update > /dev/null && \ - apt install --yes nodejs npm >/dev/null - RUN pip install -r /tmp/${REQUIREMENTS_FILE} RUN mkdir -p /usr/local/etc/jupyterhub-configurator diff --git a/helm-charts/images/hub/requirements.txt b/helm-charts/images/hub/requirements.txt index 5301ba5202..e4c0515657 100644 --- a/helm-charts/images/hub/requirements.txt +++ b/helm-charts/images/hub/requirements.txt @@ -9,5 +9,4 @@ # git+https://github.com/yuvipanda/jupyterhub-configurator@backported-jh41-compatibility -# Brings in https://github.com/2i2c-org/jupyterhub-fancy-profiles/pull/72 -git+https://github.com/2i2c-org/jupyterhub-fancy-profiles@main \ No newline at end of file +jupyterhub-fancy-profiles==0.4.0 \ No newline at end of file From 72a5721634e4738ec2bffae615e69b72fef36392 Mon Sep 17 00:00:00 2001 From: Georgiana Dolocan Date: Thu, 19 Dec 2024 21:02:20 +0200 Subject: [PATCH 11/11] Update image tag --- helm-charts/basehub/values.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/helm-charts/basehub/values.yaml b/helm-charts/basehub/values.yaml index beb4863632..7b9a76bb9a 100644 --- a/helm-charts/basehub/values.yaml +++ b/helm-charts/basehub/values.yaml @@ -1056,7 +1056,7 @@ jupyterhub: oauth_no_confirm: true image: name: quay.io/2i2c/pilot-hub - tag: "0.0.1-0.dev.git.11313.hf6f77f66" + tag: "0.0.1-0.dev.git.11322.hb977bf05" networkPolicy: enabled: true # interNamespaceAccessLabels=accept makes the hub pod's associated