diff --git a/.github/dependabot.yaml b/.github/dependabot.yaml index 40e0649746..59dff66e64 100644 --- a/.github/dependabot.yaml +++ b/.github/dependabot.yaml @@ -15,3 +15,13 @@ updates: interval: monthly time: "05:00" timezone: Etc/UTC + - package-ecosystem: pip + directory: /images/hub/unfrozen + labels: [breaking] + exclude-patterns: + # jupyterhub is bumped by other automation as its set in multiple files + - jupyterhub + schedule: + interval: daily + time: 05:00 + timezone: Etc/UTC diff --git a/.github/workflows/watch-dependencies.yaml b/.github/workflows/watch-dependencies.yaml index b65e70fede..5f1907b9c5 100644 --- a/.github/workflows/watch-dependencies.yaml +++ b/.github/workflows/watch-dependencies.yaml @@ -4,7 +4,7 @@ # - Watch multiple images tags referenced in values.yaml to match the latest # image tag. # -# - Watch the jupyterhub pinning in images/*/requirements.in to match the +# - Watch the jupyterhub pinning in images/*/unfrozen/requirements.txt to match the # latest jupyterhub version available on PyPI, and if doing this, also # refreeze images/*/requirements.txt. # @@ -20,7 +20,7 @@ name: Watch dependencies on: push: paths: - - "images/*/requirements.in" + - "images/*/unfrozen/requirements.txt" - ".github/workflows/watch-dependencies.yaml" branches: ["main"] schedule: @@ -142,10 +142,10 @@ jobs: - name: Install Python dependencies run: pip install packaging requests - - name: Get images/hub/requirements.in pinned version of jupyterhub + - name: Get images/hub/unfrozen/requirements.txt pinned version of jupyterhub id: local run: | - local_version=$(cat images/hub/requirements.in | grep 'jupyterhub==' | sed 's/jupyterhub==//') + local_version=$(cat images/hub/unfrozen/requirements.txt | grep 'jupyterhub==' | sed 's/jupyterhub==//') echo "version=$local_version" >> $GITHUB_OUTPUT - name: Get latest version of jupyterhub @@ -168,11 +168,11 @@ jobs: if: steps.local.outputs.version != steps.latest.outputs.version run: | for img in hub singleuser-sample; do - sed --in-place 's/jupyterhub==${{ steps.local.outputs.version }}/jupyterhub==${{ steps.latest.outputs.version }}/g' images/$img/requirements.in + sed --in-place 's/jupyterhub==${{ steps.local.outputs.version }}/jupyterhub==${{ steps.latest.outputs.version }}/g' images/$img/unfrozen/requirements.txt done sed --in-place 's/appVersion: "${{ steps.local.outputs.version }}"/appVersion: "${{ steps.latest.outputs.version }}"/g' jupyterhub/Chart.yaml - - name: Refreeze images/*/requirements.txt based on images/*/requirements.in + - name: Refreeze images/*/requirements.txt based on images/*/unfrozen/requirements.txt if: steps.local.outputs.version != steps.latest.outputs.version run: ci/refreeze @@ -208,7 +208,7 @@ jobs: steps: - uses: actions/checkout@v4 - - name: Refreeze images/*/requirements.txt based on images/*/requirements.in + - name: Refreeze images/*/requirements.txt based on images/*/unfrozen/requirements.txt run: ci/refreeze - name: git diff @@ -227,4 +227,4 @@ jobs: title: "hub image: refreeze requirements.txt" body: >- The hub image's requirements.txt has been refrozen based on - requirements.in. + unfrozen/requirements.txt. diff --git a/images/hub/README.md b/images/hub/README.md index 4dd81fae13..8aed95b86b 100644 --- a/images/hub/README.md +++ b/images/hub/README.md @@ -3,7 +3,7 @@ The Dockerfile in this folder is built by [chartpress](https://github.com/jupyterhub/chartpress#readme), using the requirements.txt file. The requirements.txt file is updated based on the -requirements.in file using [`pip-compile`](https://pip-tools.readthedocs.io). +unfrozen/requirements.txt file using [`pip-compile`](https://pip-tools.readthedocs.io). ## How to update requirements.txt diff --git a/images/hub/requirements.in b/images/hub/requirements.in deleted file mode 100644 index fae1f74f69..0000000000 --- a/images/hub/requirements.in +++ /dev/null @@ -1,32 +0,0 @@ -# This file is the input to requirements.txt, -# which is a frozen version of this. To update -# requirements.txt, use the "Run workflow" button at -# https://github.com/jupyterhub/zero-to-jupyterhub-k8s/actions/workflows/watch-dependencies.yaml -# that will also update the jupyterhub version if needed. -# README.md file. - -# JupyterHub itself, update this version pinning by running the workflow -# mentioned above. -jupyterhub==5.2.1 - -## Authenticators -jupyterhub-firstuseauthenticator>=1 -jupyterhub-hmacauthenticator -jupyterhub-ldapauthenticator>=2.0.1 -jupyterhub-ltiauthenticator!=1.3.0 -jupyterhub-nativeauthenticator -jupyterhub-tmpauthenticator -oauthenticator[googlegroups,mediawiki] - -## Kubernetes spawner -jupyterhub-kubespawner>=7.0.0 - -## Other optional dependencies for additional features -pymysql # mysql -psycopg2 # postgres -pycurl # internal http requests handle more load with pycurl -sqlalchemy-cockroachdb # cocroachdb -statsd # statsd metrics collection (TODO: remove soon, since folks use prometheus) - -# The idle culler service -jupyterhub-idle-culler diff --git a/images/hub/unfrozen/requirements.txt b/images/hub/unfrozen/requirements.txt new file mode 100644 index 0000000000..3d159e3b6e --- /dev/null +++ b/images/hub/unfrozen/requirements.txt @@ -0,0 +1,33 @@ +# This file is the input to requirements.txt, which is a frozen version of this. +# +# To update: +# - the jupyterhub version or the frozen requirements.txt file, use the +# "Run workflow" button at https://github.com/jupyterhub/zero-to-jupyterhub-k8s/actions/workflows/watch-dependencies.yaml. +# - the major version pins in this file, trigger dependabot to run via +# https://github.com/jupyterhub/zero-to-jupyterhub-k8s/network/updates +# + +# JupyterHub itself +jupyterhub==5.2.1 + +# JupyterHub Spawner, kubernetes specific +jupyterhub-kubespawner==7.* + +# JupyterHub Authenticator choices +jupyterhub-firstuseauthenticator==1.* +jupyterhub-hmacauthenticator==1.* +jupyterhub-ldapauthenticator==2.* +jupyterhub-ltiauthenticator==1.* +jupyterhub-nativeauthenticator==1.* +jupyterhub-tmpauthenticator==1.* +oauthenticator[googlegroups,mediawiki]==17.* + +# JupyterHub service shutting servers after a period of inactivity +jupyterhub-idle-culler==1.* + +# Other optional dependencies for additional features +pymysql==1.* # mysql +psycopg2==2.* # postgres +pycurl==7.* # internal http requests handle more load with pycurl +sqlalchemy-cockroachdb==2.* # cocroachdb +statsd==4.* # statsd metrics collection (TODO: remove soon, since folks use prometheus) diff --git a/images/singleuser-sample/requirements.in b/images/singleuser-sample/requirements.in deleted file mode 100644 index 01af3e693f..0000000000 --- a/images/singleuser-sample/requirements.in +++ /dev/null @@ -1,17 +0,0 @@ -# This file is the input to requirements.txt, -# which is a frozen version of this. To update -# requirements.txt, use the "Run workflow" button at -# https://github.com/jupyterhub/zero-to-jupyterhub-k8s/actions/workflows/watch-dependencies.yaml -# that will also update the jupyterhub version if needed. -# README.md file. - -# JupyterHub itself, update this version pinning by running the workflow -# mentioned above. -jupyterhub==5.2.1 - -# UI -jupyterlab -nbclassic - -# plugins -nbgitpuller diff --git a/images/singleuser-sample/unfrozen/requirements.txt b/images/singleuser-sample/unfrozen/requirements.txt new file mode 100644 index 0000000000..cf60156871 --- /dev/null +++ b/images/singleuser-sample/unfrozen/requirements.txt @@ -0,0 +1,17 @@ +# This file is the input to requirements.txt, which is a frozen version of this. +# +# To update: +# - the jupyterhub version or the frozen requirements.txt file, use the +# "Run workflow" button at https://github.com/jupyterhub/zero-to-jupyterhub-k8s/actions/workflows/watch-dependencies.yaml. +# + +# JupyterHub itself, update this version pinning by running the workflow +# mentioned above. +jupyterhub==5.2.1 + +# UI +jupyterlab +nbclassic + +# plugins +nbgitpuller