Change log#
Nublado is versioned with semver. Dependencies are updated to the latest available version during each release. Those changes are not noted here explicitly.
Find changes for the upcoming release in the project’s changelog.d directory.
6.0.2 (2024-04-18)#
Bug fixes#
Update JupyterHub to 4.1.5, which fixes more issues with XSRF handling.
Move the
.eupsdirectory when performing user environment resets.
6.0.1 (2024-04-01)#
Bug fixes#
Update JupyterHub to 4.1.4, which fixes more XSRF cookie issues.
6.0.0 (2024-03-28)#
Backwards-incompatible changes#
Move the admin route for deleting a user’s file server from
/nublado/fileserver/v1/<username>to/nublado/fileserver/v1/users/<username>to better align with other routes and REST semantics.
New features#
Add an admin-authenticated
/nublado/fileserver/v1/users/<username>GET route to get the status of a user’s running file server (currently only 404 if not running or 200 with trivial content if running).Add a
/nublado/fileserver/v1/user-statusroute a user to get the status of their own file server, which similarly returns 404 or 200 with trivial content.
Bug fixes#
Update JupyterHub to 4.1.3, which includes several fixes for XSRF handling.
5.0.0 (2024-03-21)#
Backwards-incompatible changes#
Other changes#
Nublado now uses uv to maintain frozen dependencies.
4.0.2 (2024-01-19)#
Bug fixes#
Update to Safir 5.2.0, which rewrites the middleware to avoid the Starlette
BaseHTTPMiddlewareclass. This should hopefully produce better error reporting in some cases where exceptions were being mangled and lost by theBaseHTTPMiddlewarelogic.
4.0.1 (2024-01-12)#
Bug fixes#
All user file servers are now protected by a
NetworkPolicythat prevents connections except via Gafaelfawr, ensuring that authentication is properly enforced.Stop returning the requested lab environment from the lab status API. Nothing uses this information and it may contain secrets that should not be this readily accessible.
Return the actual running Docker image reference from the lab status API rather than the form parameters the user sent when requesting a lab.
Return prepuller configuration in the API response with snake-case fields rather than camel-case fields, as was originally intended.
Restrict access to controller routes via the
admin:jupyterlabscope to only those routes that JupyterHub needs to use. Access to other administrative routes is now controlled withexec:admin.Fix the response type for the
/spawner/v1/labs/{username}/eventsroute in the OpenAPI schema.Quietly retry the file server pod watch after 410 errors, since under some circumstances they appear to happen every five minutes. Remove the delay when restarting after a 410 error without a resource version, since this appears to be a normal Kubernetes API response and the delay could miss events.
Other changes#
Change the default Argo CD application for user file servers to
nublado-fileservers. Continue to usefileserversas the default namespace, since thenublado-fileserversnamespace would conflict with the reserved namespace pattern for user labs.Classify the JSON API routes with tags that reflect who has access to that API.
Add documentation on how to set up Google Artifact Registry as an image source for Nublado, and on why this is the recommended configuration when Nublado is running on Google Kubernetes Engine.
4.0.0 (2024-01-02)#
This is the first release of the new merged Nublado release. It contains the Nubaldo controller, a JupyterHub spawner implementation that uses the controller to create user labs, a JupyterHub authenticator implementation to use Gafaelfawr, and the Docker configuration to build a custom JupyterHub image containing that spawner and authenticator.
In previous versions of Nublado, the equivalents of these components were maintained in separate repositories with independent version numbers. As of this release, all of these components are maintained and released together using semver versioning. Further changes will be documented in this unified change log.