Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

sprint production release v2021.11.22 #2137

Closed
harshad16 opened this issue Nov 9, 2021 · 11 comments · Fixed by #2155
Closed

sprint production release v2021.11.22 #2137

harshad16 opened this issue Nov 9, 2021 · 11 comments · Fixed by #2155
Labels
area/release-eng Issues or PRs related to Release Engineering kind/documentation Categorizes issue or PR as related to documentation. lifecycle/active Indicates that an issue or PR is actively being worked on by a contributor. priority/important-soon Must be staffed and worked on either currently, or very soon, ideally in time for the next release. triage/accepted Indicates an issue or PR is ready to be actively worked on.
Milestone
2021.11.22

Comments

@harshad16
Copy link
Member

Hello, Thoth-station!

This Issue would be used for the current sprint cycle production release.
By the end of the sprint cycle, we will consolidate the information of thoth-station components features upgrade and fixes in this issue.
@harshad16 harshad16 added sig/devops lifecycle/active Indicates that an issue or PR is actively being worked on by a contributor. labels Nov 9, 2021
@sesheta sesheta added the needs-triage Indicates an issue or PR lacks a `triage/...` label and requires one. label Nov 9, 2021
@harshad16
Copy link
Member Author

/kind documentation
/area release-eng
/triage accepted
/milestone 2021.11.22
/priority important-soon

@sesheta sesheta added this to the 2021.11.22 milestone Nov 9, 2021
@sesheta sesheta added kind/documentation Categorizes issue or PR as related to documentation. area/release-eng Issues or PRs related to Release Engineering triage/accepted Indicates an issue or PR is ready to be actively worked on. priority/important-soon Must be staffed and worked on either currently, or very soon, ideally in time for the next release. and removed needs-triage Indicates an issue or PR lacks a `triage/...` label and requires one. labels Nov 9, 2021
@fridex
Copy link
Contributor

fridex commented Nov 9, 2021
edited
Loading

Group step prescription

A new prescription of type "group step" allows prescribing rules in the resolution process based on a group of dependencies that are occurring in the resolution process. This is a higher-level abstraction that allows easier write prescriptions in cases when the resolution process should act differently based on a group of resolved dependencies (not necessarily a sub-graph) and the resolution order is not relevant. See the linked pull-requests to prescriptions repository for examples and online docs for more info.

@fridex
Copy link
Contributor

fridex commented Nov 9, 2021
edited
Loading

Static source code analysis now aggregates also builtins

Starting this release, the recommendation engine warns users about the use of possibly dangerous parts of the Python programming language, such as exec and eval built-in functions that can introduce a security risk in the codebase.

@fridex
Copy link
Contributor

fridex commented Nov 10, 2021

Container images endpoint and thamos images

WARNING: breaking change

The old endpoint /s2i/python on user-api has been deprecated and is no longer available. As an alternative we provide /container-images endpoint that lists available and analyzed Thoth container images users can use. The old endpoint was too specific for s2i (Source-To-Image). As the Thoth team provides multiple container images (s2i, predictable stacks, jupyter notebook container images, ...) the new endpoint is more generic and can be reused for different container image types.

As a subsequent change, Thamos CLI no longer supports thamos s2i command and users can use thamos images instead. As this is a breaking change, we encourage users to upgrade Thamos.

@fridex
Copy link
Contributor

fridex commented Nov 10, 2021

Dropped hardware endpoints on User API and dropped thamos hw command

WARNING: breaking change

We have dropped /hardware endpoint. It was no longer useful - recommendations can be still specific to hardware, but we do not directly expose information about the hardware on user-api endpoints. Hardware information can be encoded in the system on multiple places, to keep the system generic enough, we decided to drop the hardware listing endpoint. Also, the client tooling using this endpoint - thamos hw is no longer available. We encourage users to upgrade Thamos.

@fridex
Copy link
Contributor

fridex commented Nov 10, 2021

Prescriptions now provide the ability to store metadata

Starting this release, prescriptions can state metadata. These metadata can be used by tools that integrate with prescriptions (generating prescriptions, bookkeeping state information, and such). The metadata field is not used during the actual resolution process. The feature was requested by @Gkrumbach07.

@pacospace
Copy link
Contributor

pacospace commented Nov 18, 2021
edited
Loading

jupyterlab-requirements v0.13.0

In this new release, users can see all justifications on the recommended stack directly in their notebook using %horus magic commands.
There are new commands to handle the kernels: check which ones are available, delete specific one or check what packages are available in each kernel.

@pacospace
Copy link
Contributor

new thamos whatprovides and discover command

Two new commands have been created thanks to the new endpoint added by @tlegen-k on User-API.

thamos whatprovides command -> allow users to identify the package from import names
thamos discover command -> allow users to identify what packages are required to run a certain script or series of scripts.

@fridex
Copy link
Contributor

fridex commented Nov 18, 2021

Suggesting to use container images without known vulnerabilities

New logic in prescriptions-refresh-job computes which tags of container images available and produced by Thoth team do not have known vulnerabilities and suggests downgrading or upgrading the container image tag to users. This way users know which containerized environments are vulnerability-free.

@mayaCostantini
Copy link
Contributor

Making Thoth Datasets accessible via a public bucket and build a Jupyter Book gathering related notebooks and documentation

Thoth datasets were removed from the datasets repository and are now available on an Operate First Ceph public bucket accessible to users via the Jupyter Notebooks dedicated to their analysis. The repository has been modified to be able to build a Jupyter Book from the available notebooks and documentation, providing users with an organized and accessible way to explore the datasets.

@harshad16
Copy link
Member Author

harshad16 commented Nov 22, 2021
edited
Loading

we have completed the release of 2021.11.22 🎉 🎊 🥳

Features

Group step prescription

A new prescription of type "group step" allows prescribing rules in the resolution process based on a group of dependencies that are occurring in the resolution process. This is a higher-level abstraction that allows easier write prescriptions in cases when the resolution process should act differently based on a group of resolved dependencies (not necessarily a sub-graph) and the resolution order is not relevant. See the linked pull-requests to prescriptions repository for examples and online docs for more info.

Static source code analysis now aggregates also builtins

Starting this release, the recommendation engine warns users about the use of possibly dangerous parts of the Python programming language, such as exec and eval built-in functions that can introduce a security risk in the codebase.

Container images endpoint and thamos images

WARNING: breaking change

The old endpoint /s2i/python on user-api has been deprecated and is no longer available. As an alternative we provide /container-images endpoint that lists available and analyzed Thoth container images users can use. The old endpoint was too specific for s2i (Source-To-Image). As the Thoth team provides multiple container images (s2i, predictable stacks, jupyter notebook container images, ...) the new endpoint is more generic and can be reused for different container image types.

As a subsequent change, Thamos CLI no longer supports thamos s2i command and users can use thamos images instead. As this is a breaking change, we encourage users to upgrade Thamos.

Dropped hardware endpoints on User API and dropped thamos hw command

WARNING: breaking change

We have dropped /hardware endpoint. It was no longer useful - recommendations can be still specific to hardware, but we do not directly expose information about the hardware on user-api endpoints. Hardware information can be encoded in the system on multiple places, to keep the system generic enough, we decided to drop the hardware listing endpoint. Also, the client tooling using this endpoint - thamos hw is no longer available. We encourage users to upgrade Thamos.

Prescriptions now provide the ability to store metadata

Starting this release, prescriptions can state metadata. These metadata can be used by tools that integrate with prescriptions (generating prescriptions, bookkeeping state information, and such). The metadata field is not used during the actual resolution process. The feature was requested by @Gkrumbach07.

jupyterlab-requirements v0.13.0

In this new release, users can see all justifications on the recommended stack directly in their notebook using %horus magic commands.
There are new commands to handle the kernels: check which ones are available, delete specific one or check what packages are available in each kernel.

new thamos whatprovides and discover command

Two new commands have been created thanks to the new endpoint added by @tlegen-k on User-API.

thamos whatprovides command -> allow users to identify the package from import names
thamos discover command -> allow users to identify what packages are required to run a certain script or series of scripts.

Suggesting to use container images without known vulnerabilities

New logic in prescriptions-refresh-job computes which tags of container images available and produced by Thoth team do not have known vulnerabilities and suggests downgrading or upgrading the container image tag to users. This way users know which containerized environments are vulnerability-free.

Making Thoth Datasets accessible via a public bucket and build a Jupyter Book gathering related notebooks and documentation

Thoth datasets were removed from the datasets repository and are now available on an Operate First Ceph public bucket accessible to users via the Jupyter Notebooks dedicated to their analysis. The repository has been modified to be able to build a Jupyter Book from the available notebooks and documentation, providing users with an organized and accessible way to explore the datasets.

Component Updates

Thanks for the amazing work everyone. 💯

@goern goern mentioned this issue Nov 22, 2021
Open
@harshad16 harshad16 mentioned this issue Nov 22, 2021
Merged
@harshad16 harshad16 moved this to Releases in SIG-DevSecOps Sep 22, 2022
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
area/release-eng Issues or PRs related to Release Engineering kind/documentation Categorizes issue or PR as related to documentation. lifecycle/active Indicates that an issue or PR is actively being worked on by a contributor. priority/important-soon Must be staffed and worked on either currently, or very soon, ideally in time for the next release. triage/accepted Indicates an issue or PR is ready to be actively worked on.
Projects
No open projects
SIG-DevSecOps
Status: 💯 Releases
Milestone
2021.11.22
Development

Successfully merging a pull request may close this issue.

Bump up the images based on the version update v2021.11.22 harshad16/thoth-application
5 participants
@fridex @harshad16 @pacospace @sesheta @mayaCostantini