diff --git a/.github/workflows/test-provider.yaml b/.github/workflows/test-provider.yaml index b56eae90b9..58dacbf9a2 100644 --- a/.github/workflows/test-provider.yaml +++ b/.github/workflows/test-provider.yaml @@ -29,6 +29,12 @@ on: required: true type: string +env: + ARM_CLIENT_ID: ${{ secrets.ARM_CLIENT_ID }} + ARM_TENANT_ID: ${{ secrets.ARM_TENANT_ID }} + ARM_SUBSCRIPTION_ID: ${{ secrets.ARM_SUBSCRIPTION_ID }} + PROJECT_ID: ${{ secrets.GCP_PROJECT_ID }} + jobs: test-render-providers: # Prevents the execution of this test under the following conditions: @@ -72,32 +78,14 @@ jobs: with: python-version: "3.11" - - name: Retrieve secret from Vault - uses: hashicorp/vault-action@v3.0.0 - with: - method: jwt - url: "https://quansight-vault-public-vault-b2379fa7.d415e30e.z1.hashicorp.cloud:8200" - namespace: "admin/quansight" - role: "repository-nebari-dev-nebari-role" - secrets: | - kv/data/repository/nebari-dev/nebari/amazon_web_services/nebari-dev-ci role_name | AWS_ROLE_ARN; - kv/data/repository/nebari-dev/nebari/google_cloud_platform/nebari-dev-ci/github-nebari-dev-repo-ci project_id | PROJECT_ID; - kv/data/repository/nebari-dev/nebari/google_cloud_platform/nebari-dev-ci/github-nebari-dev-repo-ci workload_identity_provider | GCP_WORKFLOW_PROVIDER; - kv/data/repository/nebari-dev/nebari/google_cloud_platform/nebari-dev-ci/github-nebari-dev-repo-ci service_account_name | GCP_SERVICE_ACCOUNT; - kv/data/repository/nebari-dev/nebari/azure/nebari-dev-ci/github-nebari-dev-repo-ci client_id | ARM_CLIENT_ID; - kv/data/repository/nebari-dev/nebari/azure/nebari-dev-ci/github-nebari-dev-repo-ci tenant_id | ARM_TENANT_ID; - kv/data/repository/nebari-dev/nebari/azure/nebari-dev-ci/github-nebari-dev-repo-ci subscription_id | ARM_SUBSCRIPTION_ID; - kv/data/repository/nebari-dev/nebari/shared_secrets SPACES_ACCESS_KEY_ID | SPACES_ACCESS_KEY_ID; - kv/data/repository/nebari-dev/nebari/shared_secrets SPACES_SECRET_ACCESS_KEY | SPACES_SECRET_ACCESS_KEY; - - name: 'Authenticate to GCP' if: ${{ matrix.provider == 'gcp' }} uses: 'google-github-actions/auth@v1' with: token_format: access_token create_credentials_file: 'true' - workload_identity_provider: ${{ env.GCP_WORKFLOW_PROVIDER }} - service_account: ${{ env.GCP_SERVICE_ACCOUNT }} + workload_identity_provider: ${{ secrets.GCP_WORKFLOW_PROVIDER }} + service_account: ${{ secrets.GCP_SERVICE_ACCOUNT }} - name: Set required environment variables if: ${{ matrix.provider == 'gcp' }} @@ -108,7 +96,7 @@ jobs: if: ${{ matrix.provider == 'aws' }} uses: aws-actions/configure-aws-credentials@v1 with: - role-to-assume: ${{ env.AWS_ROLE_ARN }} + role-to-assume: ${{ secrets.AWS_ROLE_ARN }} role-session-name: github-action aws-region: us-east-1 @@ -116,9 +104,9 @@ jobs: if: ${{ matrix.provider == 'azure' }} uses: azure/login@v1 with: - client-id: ${{ env.ARM_CLIENT_ID }} - tenant-id: ${{ env.ARM_TENANT_ID }} - subscription-id: ${{ env.ARM_SUBSCRIPTION_ID }} + client-id: ${{ secrets.ARM_CLIENT_ID }} + tenant-id: ${{ secrets.ARM_TENANT_ID }} + subscription-id: ${{ secrets.ARM_SUBSCRIPTION_ID }} - name: Install Nebari run: | diff --git a/.github/workflows/test_aws_integration.yaml b/.github/workflows/test_aws_integration.yaml index 6c4eecbf06..59075ea7de 100644 --- a/.github/workflows/test_aws_integration.yaml +++ b/.github/workflows/test_aws_integration.yaml @@ -51,21 +51,10 @@ jobs: pip install .[dev] playwright install - - name: Retrieve secret from Vault - uses: hashicorp/vault-action@v3.0.0 - with: - method: jwt - url: "https://quansight-vault-public-vault-b2379fa7.d415e30e.z1.hashicorp.cloud:8200" - namespace: "admin/quansight" - role: "repository-nebari-dev-nebari-role" - secrets: | - kv/data/repository/nebari-dev/nebari/amazon_web_services/nebari-dev-ci role_name | AWS_ROLE_ARN; - kv/data/repository/nebari-dev/nebari/cloudflare/internal-devops@quansight.com/nebari-dev-ci token | CLOUDFLARE_TOKEN; - - name: Authenticate to AWS uses: aws-actions/configure-aws-credentials@v1 with: - role-to-assume: ${{ env.AWS_ROLE_ARN }} + role-to-assume: ${{ secrets.AWS_ROLE_ARN }} role-session-name: github-action aws-region: ${{ env.AWS_DEFAULT_REGION }} @@ -77,3 +66,4 @@ jobs: NEBARI_SECRET__default_images__jupyterhub: "quay.io/nebari/nebari-jupyterhub:${{ env.NEBARI_IMAGE_TAG }}" NEBARI_SECRET__default_images__jupyterlab: "quay.io/nebari/nebari-jupyterlab:${{ env.NEBARI_IMAGE_TAG }}" NEBARI_SECRET__default_images__dask_worker: "quay.io/nebari/nebari-dask-worker:${{ env.NEBARI_IMAGE_TAG }}" + CLOUDFLARE_TOKEN: ${{ secrets.CLOUDFLARE_TOKEN }} diff --git a/.github/workflows/test_azure_integration.yaml b/.github/workflows/test_azure_integration.yaml index e04d8b69ab..269461f320 100644 --- a/.github/workflows/test_azure_integration.yaml +++ b/.github/workflows/test_azure_integration.yaml @@ -50,25 +50,12 @@ jobs: conda install --quiet --yes conda-build playwright install - - name: Retrieve secret from Vault - uses: hashicorp/vault-action@v3.0.0 - with: - method: jwt - url: "https://quansight-vault-public-vault-b2379fa7.d415e30e.z1.hashicorp.cloud:8200" - namespace: "admin/quansight" - role: "repository-nebari-dev-nebari-role" - secrets: | - kv/data/repository/nebari-dev/nebari/azure/nebari-dev-ci/github-nebari-dev-repo-ci client_id | ARM_CLIENT_ID; - kv/data/repository/nebari-dev/nebari/azure/nebari-dev-ci/github-nebari-dev-repo-ci tenant_id | ARM_TENANT_ID; - kv/data/repository/nebari-dev/nebari/azure/nebari-dev-ci/github-nebari-dev-repo-ci subscription_id | ARM_SUBSCRIPTION_ID; - kv/data/repository/nebari-dev/nebari/cloudflare/internal-devops@quansight.com/nebari-dev-ci token | CLOUDFLARE_TOKEN; - - name: 'Azure login' uses: azure/login@v2 with: - client-id: ${{ env.ARM_CLIENT_ID }} - tenant-id: ${{ env.ARM_TENANT_ID }} - subscription-id: ${{ env.ARM_SUBSCRIPTION_ID }} + client-id: ${{ secrets.ARM_CLIENT_ID }} + tenant-id: ${{ secrets.ARM_TENANT_ID }} + subscription-id: ${{ secrets.ARM_SUBSCRIPTION_ID }} - name: Integration Tests run: | @@ -78,8 +65,8 @@ jobs: NEBARI_SECRET__default_images__jupyterhub: "quay.io/nebari/nebari-jupyterhub:${{ env.NEBARI_IMAGE_TAG }}" NEBARI_SECRET__default_images__jupyterlab: "quay.io/nebari/nebari-jupyterlab:${{ env.NEBARI_IMAGE_TAG }}" NEBARI_SECRET__default_images__dask_worker: "quay.io/nebari/nebari-dask-worker:${{ env.NEBARI_IMAGE_TAG }}" - ARM_CLIENT_ID: ${{ env.ARM_CLIENT_ID }} - ARM_TENANT_ID: ${{ env.ARM_TENANT_ID }} - ARM_SUBSCRIPTION_ID: ${{ env.ARM_SUBSCRIPTION_ID }} + ARM_CLIENT_ID: ${{ secrets.ARM_CLIENT_ID }} + ARM_TENANT_ID: ${{ secrets.ARM_TENANT_ID }} + ARM_SUBSCRIPTION_ID: ${{ secrets.ARM_SUBSCRIPTION_ID }} ARM_USE_OIDC: "true" - CLOUDFLARE_TOKEN: ${{ env.CLOUDFLARE_TOKEN }} + CLOUDFLARE_TOKEN: ${{ secrets.CLOUDFLARE_TOKEN }} diff --git a/.github/workflows/test_gcp_integration.yaml b/.github/workflows/test_gcp_integration.yaml index 0711a36196..0d6c06b0c0 100644 --- a/.github/workflows/test_gcp_integration.yaml +++ b/.github/workflows/test_gcp_integration.yaml @@ -50,24 +50,11 @@ jobs: pip install .[dev] playwright install - - name: Retrieve secret from Vault - uses: hashicorp/vault-action@v3.0.0 - with: - method: jwt - url: "https://quansight-vault-public-vault-b2379fa7.d415e30e.z1.hashicorp.cloud:8200" - namespace: "admin/quansight" - role: "repository-nebari-dev-nebari-role" - secrets: | - kv/data/repository/nebari-dev/nebari/google_cloud_platform/nebari-dev-ci/github-nebari-dev-repo-ci project_id | PROJECT_ID; - kv/data/repository/nebari-dev/nebari/google_cloud_platform/nebari-dev-ci/github-nebari-dev-repo-ci workload_identity_provider | GCP_WORKFLOW_PROVIDER; - kv/data/repository/nebari-dev/nebari/google_cloud_platform/nebari-dev-ci/github-nebari-dev-repo-ci service_account_name | GCP_SERVICE_ACCOUNT; - kv/data/repository/nebari-dev/nebari/cloudflare/internal-devops@quansight.com/nebari-dev-ci token | CLOUDFLARE_TOKEN; - - name: 'Authenticate to GCP' uses: 'google-github-actions/auth@v1' with: - workload_identity_provider: ${{ env.GCP_WORKFLOW_PROVIDER }} - service_account: ${{ env.GCP_SERVICE_ACCOUNT }} + workload_identity_provider: ${{ secrets.GCP_WORKFLOW_PROVIDER }} + service_account: ${{ secrets.GCP_SERVICE_ACCOUNT }} - name: Set required environment variables run: | @@ -81,3 +68,5 @@ jobs: NEBARI_SECRET__default_images__jupyterhub: "quay.io/nebari/nebari-jupyterhub:${{ env.NEBARI_IMAGE_TAG }}" NEBARI_SECRET__default_images__jupyterlab: "quay.io/nebari/nebari-jupyterlab:${{ env.NEBARI_IMAGE_TAG }}" NEBARI_SECRET__default_images__dask_worker: "quay.io/nebari/nebari-dask-worker:${{ env.NEBARI_IMAGE_TAG }}" + PROJECT_ID: ${{ secrets.GCP_PROJECT_ID }} + CLOUDFLARE_TOKEN: ${{ secrets.CLOUDFLARE_TOKEN }} diff --git a/RELEASE.md b/RELEASE.md index 54fcd1d26f..8fd190456d 100644 --- a/RELEASE.md +++ b/RELEASE.md @@ -9,6 +9,40 @@ This file is copied to nebari-dev/nebari-docs using a GitHub Action. --> --- +## Release 2025.1.1 - January 27, 2025 + +> NOTE: In this release, we have updated our maximum supported Kubernetes version from +> 1.29 to 1.31. we strongly recommend updating the Kubernetes version +> specified in your nebari-config YAML file and redeploying to apply the changes. +> +> Remember that Kubernetes minor versions must be upgraded incrementally (1.29 → 1.30 → +> 1.31). + +## What's Changed +* fix bug to allow --import-plugin to work by @Adam-D-Lewis in https://github.com/nebari-dev/nebari/pull/2864 +* Add azure kubernetes policy add-on by @viniciusdc in https://github.com/nebari-dev/nebari/pull/2888 +* Yaml config sets by @Adam-D-Lewis in https://github.com/nebari-dev/nebari/pull/2876 +* Add ability to list user installed plugins from the CLI by @soapy1 in https://github.com/nebari-dev/nebari/pull/2891 +* [AUTO] Update CLI doc by @nebari-sensei in https://github.com/nebari-dev/nebari/pull/2841 +* [pre-commit.ci] pre-commit autoupdate by @pre-commit-ci in https://github.com/nebari-dev/nebari/pull/2896 +* [ENH] - Include "--attempt-fixes" flag from Nebari upgrade CLI in upgrade steps logic by @smokestacklightnin in https://github.com/nebari-dev/nebari/pull/2839 +* add authorized ip range variable for azure by @dcmcand in https://github.com/nebari-dev/nebari/pull/2880 +* Upgrade conda-store to 2024.11.2 by @marcelovilla in https://github.com/nebari-dev/nebari/pull/2815 +* Handle default value for azure addon policy by @viniciusdc in https://github.com/nebari-dev/nebari/pull/2905 +* Update conda-store-ui tests for updated page verbiage by @soapy1 in https://github.com/nebari-dev/nebari/pull/2911 +* Remove unintended character at the end of the TF_LOG variable by @marcelovilla in https://github.com/nebari-dev/nebari/pull/2912 +* Update k8s max version by @dcmcand in https://github.com/nebari-dev/nebari/pull/2903 +* [ENH] - Use GitHub secrets instead of Vault by @smokestacklightnin in https://github.com/nebari-dev/nebari/pull/2889 +* adds info command text display & change the order of command display by @kernel-loophole in https://github.com/nebari-dev/nebari/pull/2916 +* [AUTO] Update CLI doc by @nebari-sensei in https://github.com/nebari-dev/nebari/pull/2921 + +## New Contributors +* @soapy1 made their first contribution in https://github.com/nebari-dev/nebari/pull/2891 +* @smokestacklightnin made their first contribution in https://github.com/nebari-dev/nebari/pull/2839 +* @kernel-loophole made their first contribution in https://github.com/nebari-dev/nebari/pull/2916 + +**Full Changelog**: https://github.com/nebari-dev/nebari/compare/2024.12.1...2025.1.1 + ## Release 2024.12.1 - December 13, 2024 > NOTE: Support for DigitalOcean has been removed in this release. If you plan to deploy Nebari on DigitalOcean, you first need to independently create a Kubernetes cluster and then use the `existing` deployment option. diff --git a/docs-sphinx/cli.html b/docs-sphinx/cli.html index b38e27dec2..4a906eeada 100644 --- a/docs-sphinx/cli.html +++ b/docs-sphinx/cli.html @@ -242,6 +242,7 @@

keycloak-api

info

+

Display information about installed Nebari plugins and their configurations.

nebari info [OPTIONS]
diff --git a/src/_nebari/cli.py b/src/_nebari/cli.py index 5faec322e7..6bf030ae26 100644 --- a/src/_nebari/cli.py +++ b/src/_nebari/cli.py @@ -10,7 +10,7 @@ class OrderCommands(TyperGroup): def list_commands(self, ctx: typer.Context): """Return list of commands in the order appear.""" - return list(self.commands) + return list(self.commands)[::-1] def version_callback(value: bool): diff --git a/src/_nebari/constants.py b/src/_nebari/constants.py index bf38b5bf9f..856b0d4a5b 100644 --- a/src/_nebari/constants.py +++ b/src/_nebari/constants.py @@ -1,4 +1,4 @@ -CURRENT_RELEASE = "2024.12.1" +CURRENT_RELEASE = "2025.1.1" HELM_VERSION = "v3.15.3" KUSTOMIZE_VERSION = "5.4.3" diff --git a/src/_nebari/subcommands/info.py b/src/_nebari/subcommands/info.py index 340ff9d26a..3f5999e300 100644 --- a/src/_nebari/subcommands/info.py +++ b/src/_nebari/subcommands/info.py @@ -14,6 +14,9 @@ def nebari_subcommand(cli: typer.Typer): @cli.command() def info(ctx: typer.Context): + """ + Display information about installed Nebari plugins and their configurations. + """ from nebari.plugins import nebari_plugin_manager rich.print(f"Nebari version: {__version__}") diff --git a/src/_nebari/upgrade.py b/src/_nebari/upgrade.py index 71795dfa1e..16b0078bc6 100644 --- a/src/_nebari/upgrade.py +++ b/src/_nebari/upgrade.py @@ -1626,6 +1626,36 @@ def _version_specific_upgrade( return config +class Upgrade_2025_1_1(UpgradeStep): + version = "2025.1.1" + + @override + def _version_specific_upgrade( + self, config, start_version, config_filename: Path, *args, **kwargs + ): + rich.print("\n ⚠️ Upgrade Warning ⚠️") + + text = textwrap.dedent( + """ + In this release, we have updated our maximum supported Kubernetes version from 1.29 to 1.31. + Please note that Nebari will NOT automatically upgrade your running Kubernetes version as part of + the redeployment process. + + After completing this upgrade step, we strongly recommend updating the Kubernetes version + specified in your nebari-config YAML file and redeploying to apply the changes. Remember that + Kubernetes minor versions must be upgraded incrementally (1.29 → 1.30 → 1.31). + + For more information on upgrading Kubernetes for your specific cloud provider, please visit: + https://www.nebari.dev/docs/how-tos/kubernetes-version-upgrade + """ + ) + + rich.print(text) + rich.print("Ready to upgrade to Nebari version [green]2025.1.1[/green].") + + return config + + __rounded_version__ = str(rounded_ver_parse(__version__)) # Manually-added upgrade steps must go above this line