Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Palm backports] fix: inconsistency between JWT & sessions and GH workflows updates #32337

Merged
merged 3 commits into from
Jun 12, 2023
Merged

[Palm backports] fix: inconsistency between JWT & sessions and GH workflows updates #32337

merged 3 commits into from
Jun 12, 2023

Conversation

mariajgrimaldi
Copy link
Member

Description

This PR backports the following:

Inconsistency between JWT and session authentication after password reset: #32073
Deduplicate mismatched pip.txt files that caused build failure: #32081
Fix make upgrade job and _mysql issue: #32084

Since two of them fixed GH workflows, we didn't think had to create separate PRs for testing. Let me know if you think otherwise.

Supporting information

These backports are related to the BTR wg release tasks: openedx/wg-build-test-release#261

Testing instructions

Follow each PRs instructions.

Deadline

Before the next Palm release.

Other information

None

syedsajjadkazmii and others added 3 commits May 31, 2023 15:51
@syedsajjadkazmii @mariajgrimaldi
fix: inconsistency between JWT and session authentication after passw…
028ac9d 
…ord reset (#32073)

VAN-1371

Co-authored-by: Syed Sajjad  Hussain Shah <syed.sajjad@H7FKF7K6XD.local>
(cherry picked from commit 416a502)
@timmc-edx @mariajgrimaldi
build: Deduplicate mismatched pip.txt files that caused build failure (
78d46ba 
…#32081)

There was a `requirements/pip.txt` with old versions, and a newer
`requirements/edx/pip.txt` managed via a `pip.in` file. The old one was
used in most places, but came out of sync with pip-tools.txt, which was
managed properly. Eventually this caused a `pip check` failure due to the
mismatch.

This should resolve at least part of edx/edx-arch-experiments#267

This PR moves pip.in and pip-tools.in and their corresponding pin files
up to the `requirements/` dir, since they should be shared between the edx
and sandbox environments. This also has the effect of upgrading pip to
match the version in the file we've been uselessly upgrading.

Other improvements:

- Remove `-q` option from pip and pip-sync calls, as it was hiding some
  debugging information that would have resolved this sooner.
- Depend on `pre-requirements` from `compile-requirements`, rather than
  from `upgrade`. (The base target is the one that actually needs it.)
  This also lets us remove the explicit `pip install pip-tools` line.
- Install the recompiled pip and pip-tools files right away, not after the
  loop. When we upgrade pip-tools, we want to use the upgraded version,
  not the previous version. This requires moving the pip-tools.txt
  recompilation outside of the loop and into its own explicit line.
- Don't upgrade pip if we're not running `make upgrade` (respect the
  compile options).
- Remove apparently-unneeded `--no-emit-trusted-host --no-emit-index-url`
  options (we don't pass trusted-host or index-url options).

(cherry picked from commit b852344)
@UsamaSadiq @mariajgrimaldi
fix: fix make upgrade job and _mysql issue (#32084)
cedd099 
* fix: upgrade pip & pip-tools versions
* fix: install libmysqlclient-dev system package again
* fix: skip reinstalling mysqlclient package
* fix: add pytz package constraint

---------

Co-authored-by: edX requirements bot <49161187+edx-requirements-bot@users.noreply.github.com>
(cherry picked from commit 0ec7b8c)
@openedx-webhooks openedx-webhooks added open-source-contribution PR author is not from Axim or 2U core committer labels May 31, 2023
@openedx-webhooks
Copy link

Thanks for the pull request, @mariajgrimaldi!

As a core committer in this repo, you can merge this once the pull request is approved per the core committer reviewer requirements and according to the agreement with your edX Champion.

@ghassanmas ghassanmas mentioned this pull request Jun 6, 2023
Closed
52 tasks
mtyaka
mtyaka approved these changes Jun 12, 2023
View reviewed changes
Copy link
Contributor

@mtyaka mtyaka left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks for for backporting these changes to Palm, @mariajgrimaldi!

@mtyaka mtyaka merged commit 2817dd1 into open-release/palm.master Jun 12, 2023
@mtyaka mtyaka deleted the MJG/backports-palm branch June 12, 2023 06:26
@openedx-webhooks
Copy link

@mariajgrimaldi 🎉 Your pull request was merged! Please take a moment to answer a two question survey so we can improve your experience in the future.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@mtyaka mtyaka mtyaka approved these changes

Assignees
No one assigned
Labels
core committer open-source-contribution PR author is not from Axim or 2U
Projects
Contributions
Archived in project
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
6 participants
@mariajgrimaldi @openedx-webhooks @mtyaka @syedsajjadkazmii @timmc-edx @UsamaSadiq