-
Notifications
You must be signed in to change notification settings - Fork 2
chore: mirror sandbox requirements from openedx-platform #85
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Merged
Merged
Changes from all commits
Commits
File filter
Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,25 @@ | ||
| ============================ | ||
| CodeJail Sandbox environment | ||
| ============================ | ||
|
|
||
| The requirements in this directory describe all the dependencies and libraries | ||
| available in the Sandbox runtime used to execute instructor-authored code by | ||
| openedx-platform. | ||
|
|
||
| Files in this directory | ||
| ======================= | ||
|
|
||
| base.in | ||
| ******* | ||
|
|
||
| This is the current set of requirements or the sandbox environment, and it | ||
| is used to generate the ``.txt``, described below. | ||
|
|
||
| Installing the openedx-sandbox environment from this file is **unsupported** and | ||
| **unstable**, because the packages are not pinned. | ||
|
|
||
| base.txt | ||
| ******** | ||
|
|
||
| These are the latest requirement pins for openedx-sandbox. They are regularly | ||
| updated with the latest compatible versions of each package. | ||
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,12 @@ | ||
| chem # A helper library for chemistry calculations | ||
| cryptography # Implementations of assorted cryptography algorithms | ||
| lxml[html_clean] # XML parser | ||
| matplotlib # 2D plotting library | ||
| networkx # Utilities for creating, manipulating, and studying network graphs | ||
| nltk # Natural language processing; used by the chem package | ||
| openedx-calc | ||
| pyparsing # Python Parsing module | ||
| random2 # Implementation of random module that works identically under Python 2 and 3 | ||
| scipy # Math, science, and engineering library | ||
| sympy # Symbolic math library | ||
| codejail-includes # Checkers, verifiers, etc. available for course authors to use |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,86 @@ | ||
| # | ||
| # This file is autogenerated by pip-compile with Python 3.12 | ||
| # by the following command: | ||
| # | ||
| # make upgrade | ||
| # | ||
| cffi==2.0.0 | ||
| # via cryptography | ||
| chem==2.0.0 | ||
| # via -r requirements/sandbox/base.in | ||
| click==8.3.1 | ||
| # via nltk | ||
| codejail-includes==2.0.0 | ||
| # via -r requirements/sandbox/base.in | ||
| contourpy==1.3.3 | ||
| # via matplotlib | ||
| cryptography==45.0.7 | ||
| # via -r requirements/sandbox/base.in | ||
| cycler==0.12.1 | ||
| # via matplotlib | ||
| fonttools==4.62.1 | ||
| # via matplotlib | ||
| joblib==1.5.3 | ||
| # via nltk | ||
| kiwisolver==1.5.0 | ||
| # via matplotlib | ||
| lxml[html-clean]==5.3.2 | ||
| # via | ||
| # -r requirements/sandbox/base.in | ||
| # lxml-html-clean | ||
| # openedx-calc | ||
| lxml-html-clean==0.4.4 | ||
| # via lxml | ||
| markupsafe==3.0.3 | ||
| # via | ||
| # chem | ||
| # openedx-calc | ||
| matplotlib==3.10.8 | ||
| # via -r requirements/sandbox/base.in | ||
| mpmath==1.3.0 | ||
| # via sympy | ||
| networkx==3.6.1 | ||
| # via -r requirements/sandbox/base.in | ||
| nltk==3.9.3 | ||
| # via | ||
| # -r requirements/sandbox/base.in | ||
| # chem | ||
| numpy==1.26.4 | ||
| # via | ||
| # chem | ||
| # contourpy | ||
| # matplotlib | ||
| # openedx-calc | ||
| # scipy | ||
| openedx-calc==5.0.0 | ||
| # via -r requirements/sandbox/base.in | ||
| packaging==26.0 | ||
| # via matplotlib | ||
| pillow==12.1.1 | ||
| # via matplotlib | ||
| pycparser==3.0 | ||
| # via cffi | ||
| pyparsing==3.3.2 | ||
| # via | ||
| # -r requirements/sandbox/base.in | ||
| # chem | ||
| # matplotlib | ||
| # openedx-calc | ||
| python-dateutil==2.9.0.post0 | ||
| # via matplotlib | ||
| random2==1.0.2 | ||
| # via -r requirements/sandbox/base.in | ||
| regex==2026.2.28 | ||
| # via nltk | ||
| scipy==1.17.1 | ||
| # via | ||
| # -r requirements/sandbox/base.in | ||
| # chem | ||
| six==1.17.0 | ||
| # via python-dateutil | ||
| sympy==1.14.0 | ||
| # via | ||
| # -r requirements/sandbox/base.in | ||
| # openedx-calc | ||
| tqdm==4.67.3 | ||
| # via nltk |
Oops, something went wrong.
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Can you explain more? The purpose of the release.txt files and the changelog is that it makes it very obvious to operators which requirements go with which releases and how the sandbox environment changes every release. Installing base.txt from specific commits would technically work but I fear that it would be less clear for operators how to safely upgrade.
Uh oh!
There was an error while loading. Please reload this page.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
The logic is that the base.txt for a given release will be the one in openedx/codejail-service with the corresponding tag (e.g.
release/ulmo.1). By default the tutor plugin will install the base.txt for the givenOPENEDX_COMMON_VERSION.In case you need to use a different set of dependencies you will use some mechanism that the plugin offers to retrieve the file from a different source. At the moment is a mix of docker build args and Tutor settings, but could probably be simplified to only Tutor settings.
I agree that keeping the changelog is valuable. What I think is confusing is keeping the snapshot of the files when that is already being done by git (although this move loses the previous versions).
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@MoisesGSalas Ah, I didn't realize
SANDBOX_DEPS_VERSIONcould be easily configured to be different from the version of the codejail-service repository. Nice, I agree that this is much better than copying the text file every release 👍🏻Where do you propose the changelog is kept? Named release notes, or part of this repo?
We'll need to update this part of the release process. I'm happy to help rewrite that part, let me know what you think would make sense for a process.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I think the Named release notes is the better place. I myself go there first when I need to handle a particular upgrade.
I think removing the segment altogether is enough? The release manager shouldn't need to do anything in this repository besides tagging via the repo-tools script.
I don't know what would be the best way to catch breaking changes when upgrading the requirements in order to add them to the notes.
Uh oh!
There was an error while loading. Please reload this page.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
In the past, I've made notes of two types of things:
Maybe it could be a regularly scheduled task for the codejail-service maintainer to check those during each named release period and add it to the operator notes? https://openedx.atlassian.net/wiki/spaces/COMM/pages/5331222534/Verawood+-+Operator+Release+Notes
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Yeah that makes sense, specially if the maintainer is the one that merges the weekly requirements upgrade anyways, so they can leave a note in the PR and collect them later at the time of release.