|
34 | 34 |
|
35 | 35 | Also changes the format for `JUPYTERHUB_RESOURCE_LIMITS` to a yaml or JSON string. |
36 | 36 |
|
| 37 | +- Refactor Jupyterhub configuration files |
| 38 | + |
| 39 | + Previously the jupyterhub configuration was defined in `components/jupyterhub/jupyterhub_config.py.template` |
| 40 | + except for the custom authenticator which was included in the `pavics/jupyterhub` docker image. This was fine, |
| 41 | + except that the configuration was split across two projects and as the configuration got more complex, |
| 42 | + maintaining these was getting more difficult. |
| 43 | + |
| 44 | + This moves all configuration code including the authenticator to a python package named `jupyterhub_custom` |
| 45 | + located at `components/jupyterhub/jupyterhub_custom/`. It moves all configurations for the authenticator |
| 46 | + to the `magpie_authenticator.py` file and all the configurations for the spawner to the `custom_spawner.py` |
| 47 | + file. All variables that are settable by environment variables are moved to the `constants.py` file. This |
| 48 | + makes it much easier to see which variables are configurable using environment variables all in one place. |
| 49 | + |
| 50 | + This change introduces unit tests and style policies (enforced by [ruff](https://docs.astral.sh/ruff/) and |
| 51 | + [pre-commit](https://pre-commit.com/)) for this package to encourage better code practices. |
| 52 | + |
| 53 | + This change should be fully backwards compatible with the exception of the change to how settings for |
| 54 | + `deprecated-components/catalog` is handled (see below). However, it does deprecate some environment variables in |
| 55 | + favour of better configuration solutions: |
| 56 | + |
| 57 | + - using the `JUPYTERHUB_ENABLE_MULTI_NOTEBOOKS` variable to set the `DockerSpawner.allowed_images` variable |
| 58 | + is deprecated. |
| 59 | + - why?: this variable could be used to insert any python code into the middle of the |
| 60 | + `jupyterhub_config.py.template` file. This makes it too easy to accidentally insert code that breaks |
| 61 | + the configuration settings later on. We should avoid code insertion like this whenever possible. |
| 62 | + - new method: by default `DockerSpawner.allowed_images` will be set based on the values of |
| 63 | + `JUPYTERHUB_IMAGE_SELECTION_NAMES` and `JUPYTERHUB_DOCKER_NOTEBOOK_IMAGES`. If more than one image |
| 64 | + is specified by those variables then the user will be able to select which one they want. If you |
| 65 | + want to specify images other than those in the default those can be set using the `JUPYTERHUB_ALLOWED_IMAGES` |
| 66 | + which is a yaml or JSON mapping of image names to jupyterlab docker image tags. |
| 67 | + - using the `JUPYTERHUB_ADMIN_USERS` variable to set the `DockerSpawner.admin_users` variable is deprecated. |
| 68 | + - why?: this also executes arbitrary code (like above). Also, jupyterhub encourages assigning admin permissions |
| 69 | + based on |
| 70 | + [roles](https://jupyterhub.readthedocs.io/en/latest/tutorial/getting-started/authenticators-users-basics.html#configure-admins-admin-users), |
| 71 | + not by assigning them to the `admin_users` attribute. This makes it possible to easily revoke admin |
| 72 | + permissions as well and does not require us to restart Jupyterhub to do so. |
| 73 | + - new method: a new Magpie group is created. Its name is determined by the `JUPYTERHUB_ADMIN_GROUP_NAME` |
| 74 | + variable (default is "jupyterhub-admin"). Add users to this group in Magpie in order to give them admin permissions on Jupyterhub. |
| 75 | + - using lowercase constants in `JUPYTERHUB_CONFIG_OVERRIDE` is deprecated. |
| 76 | + - why?: [PEP8 recommends](https://peps.python.org/pep-0008/#constants) constants be written with capitals |
| 77 | + with underscores separating them. |
| 78 | + - new method: all the constants that were previously named with lowercase have an uppercase equivalent |
| 79 | + in `constants.py`. For example: `notebook_dir == constants.NOTEBOOK_DIR`. The uppercase version is |
| 80 | + preferred. |
| 81 | + |
| 82 | + Note: if your deployment is still using the `deprecated-components/catalog` component. You may want to manually set the |
| 83 | + following in `JUPYTERHUB_CONFIG_OVERRIDE` since the automatic addition of the the `CATALOG_USERNAME` to the `blocked_users` |
| 84 | + set is no longer part of the default settings (since the `deprecated-components/catalog` component has been deprecated for |
| 85 | + a long time): |
| 86 | + |
| 87 | + ```python |
| 88 | + c.MagpieAuthenticator.blocked_users.add("${CATALOG_USERNAME}") |
| 89 | + ``` |
| 90 | + |
37 | 91 | [2.20.1](https://github.com/bird-house/birdhouse-deploy/tree/2.20.1) (2025-12-16) |
38 | 92 | ------------------------------------------------------------------------------------------------------------------ |
39 | 93 |
|
|
0 commit comments