Routine update of dependencies after additional pinning #2917

[phillxnet]

Update Poetry managed dependencies after additional pinning:

Fixes #2917

Includes additional pinning in pyproject.toml.
All the following were unpinned previously:

• django-oauth-toolkit = "~2.4" (Avoid potential breaking changes).
• gevent = "24.2.1" (Avoid AUTH_REQ_SASL_CONT without AUTH_REQ_SASL artifact).
• gunicorn = "~23" (was "*") (Pin to major version, precaution)

Package operations: 0 installs, 19 updates, 0 removals

  • Updating cffi (1.17.0 -> 1.17.1)
  • Updating cryptography (43.0.0 -> 43.0.1)
  • Updating more-itertools (10.4.0 -> 10.5.0)
  • Updating zipp (3.20.1 -> 3.20.2)
  • Updating certifi (2024.7.4 -> 2024.8.30)
  • Updating charset-normalizer (3.3.2 -> 3.4.0)
  • Updating idna (3.8 -> 3.10)
  • Updating importlib-metadata (8.4.0 -> 8.5.0)
  • Updating jaraco-functools (4.0.2 -> 4.1.0)
  • Updating setuptools (73.0.1 -> 75.2.0)
  • Updating simple-websocket (1.0.0 -> 1.1.0)
  • Updating urllib3 (2.2.2 -> 2.2.3)
  • Updating django (4.2.15 -> 4.2.16)
  • Updating greenlet (3.0.3 -> 3.1.1)
  • Updating keyring (25.3.0 -> 25.4.1)
  • Updating pytz (2024.1 -> 2024.2)
  • Updating zope-interface (7.0.2 -> 7.1.0)
  • Updating huey (2.5.1 -> 2.5.2)
  • Updating psycopg (3.2.1 -> 3.2.3)

Writing lock file

N.B. Before pinning gevent the following was observed:

connection to server on socket "/run/postgresql/.s.PGSQL.5432" failed: fe_sendauth: invalid authentication request from server: AUTH_REQ_SASL_CONT without AUTH_REQ_SASL

[phillxnet]

Testing

As we are nearing our next stable release, another proof-of-update from last stable (based on non EOL base OS) 'rockstor' rpm 4.6.1-0 was enacted.

A host derived from a clean install of the last available stable installer:

• Rockstor-Leap15.4-generic.x86_64-4.5.8-0.install.iso
• And Subscribed to Stable Channel updates, resulting in a 'rockstor' package update to 4.6.1-0.

This instance was then updated to a current/non-EOL OS base via:

• "Distribution update from 15.4 to 15.5": https://rockstor.com/docs/howtos/15-4_to_15-5.html

N.B. in this stress-test scenario the 'donor' system maintained a stable subscription & 'rockstor' package install: we have 4.6.1-0 as latest stable available in the Stable repositories for our "Built on openSUSE" Leap 15.4 & 15.5 repos.

A LAN local repo host was then added (via zypper and dnf) to emulate a PRODUCTION update to our stable repos to prove:

• 4.6.1-0 to, in this case, 5.0.14-2919 via the Web-UI update mechanism.

rockstor.log re migrations etc

[31/Oct/2024 13:37:46] INFO [scripts.initrock:605] --DB-- Tune Postgres Done --DB--.
[31/Oct/2024 13:37:46] INFO [scripts.initrock:609] Running app database migrations...
[31/Oct/2024 13:38:01] INFO [scripts.initrock:645] Prior migrations for oauth2_provider are: ['oauth2_provider', ' [X] 0001_initial', ' [ ] 0002_auto_20190406_1805', ' [ ] 0003_auto_20201211_1314', ' [ ] 0004_auto_20200902_2022', ' [ ] 0005_auto_20211222_2352', ' [ ] 0006_alter_application_client_secret', ' [ ] 0007_application_post_logout_redirect_uris', ' [ ] 0008_alter_accesstoken_token', ' [ ] 0009_add_hash_client_secret', ' [ ] 0010_application_allowed_origins', '']
[31/Oct/2024 13:38:07] INFO [scripts.initrock:653] Post migrations for oauth2_provider are: ['oauth2_provider', ' [X] 0001_initial', ' [X] 0002_auto_20190406_1805', ' [X] 0003_auto_20201211_1314', ' [X] 0004_auto_20200902_2022', ' [X] 0005_auto_20211222_2352', ' [X] 0006_alter_application_client_secret', ' [X] 0007_application_post_logout_redirect_uris', ' [X] 0008_alter_accesstoken_token', ' [X] 0009_add_hash_client_secret', ' [X] 0010_application_allowed_origins', '']
[31/Oct/2024 13:38:07] INFO [scripts.initrock:655] DB Migrations Done
[31/Oct/2024 13:38:07] INFO [scripts.initrock:657] Running Django prep_db.
[31/Oct/2024 13:38:08] INFO [scripts.initrock:659] Done

Post awaiting the Web-UI reset, with consequent re-login, the resulting successfully instantiated all updates.
N.B. by pinning the django-oauth-toolkit in this PR we avoid pushing our luck any further with the above default logged migrations re oauth2_provider. This is intentional as we need to ensure we have a well-tested stable-to-stable migration. And this last testing phase has changed a very great deal regarding all OS and Python dependencies, including many Python version updates and our base Postgres version and DB format to acomodate some of these updates.

Note: "Ctrl + Shift + R" post re-login was required to pick-up some newer Web-UI features. This is a recommendation we already have in our Web-UI update page. An indicator of this requirement was no "Uses openSUSE" version specified. I.e. newer 'rockstor' instances after 4.6.1-0 rpm now show for example:

Uses openSUSE Leap: 15.5

In the top-right of the Web-UI. As the browser can inadvertently maintain older elements of the Rockstor Web-UI, there can be issues over 'rockstor' package updates and in some cases a clearing of the browser cache can be required.

[phillxnet]

On the basis of the last comment, detailing the testing done, and given there has been no other community interaction regarding these proposed dependency updates (and new pinnings), I'll merge this proposal ready for our next testing channel rpm release; and to ease what remaining development takes place before that.