search

jupyterhub / jupyter-server-proxy

Jupyter notebook server extension to proxy web services.
https://jupyter-server-proxy.readthedocs.io
BSD 3-Clause "New" or "Revised" License
346 stars 147 forks source link

Discussion about the release process #175

Closed consideRatio closed 2 years ago

consideRatio commented 4 years ago

I was interested in getting a release of the NPM package containing #174, so I figured I'll look into this a bit.

References

Discussion

  1. Do we want to maintain a changelog?

  2. We try to keep the version numbers of all these packages in sync, even when there are no changes. This keeps reasoning about versions simple.

    Currently, the NPM Package is 2.0.0 and 4 months old, while the python package is 1.2.0 and 2-3 months old. What should we do on the next release?

  3. Automatic deployment to PyPI on git tag pushes - is it okay for me to setup that? I have created travis PYPI_PASSWORD environment variables holding a PyPI deployment token for individual PyPI packages managed by the jupyterhub-bot PyPI account. I would like to do the same for this project. I would need to get the PyPI user jupyterhub-bot added as a PyPI package maintainer at https://pypi.org/project/jupyter-server-proxy/ to be able to do that.
  4. I learned recently about python -m jupyterlab.browser_check, it may be useful in order to do some minimalistic test of the jupyterlab extension, it was used here: https://github.com/bokeh/jupyter_bokeh/blob/master/.travis.yml. The browser_check is meant to ensure jupyterlab can startup without errors, as I figured out from the scripts docstring: https://github.com/jupyterlab/jupyterlab/blob/master/jupyterlab/browser_check.py.
ryanlovett commented 4 years ago

Hi @consideRatio:

Re: 1, I don't have a strong opinion. Re: 2, 4, I know embarrassingly little about the lab support and don't have access to javascript-y sites the package is distributed at. Re: 3, Absolutely, I've just added jupyterhub-bot as pypi maintainer. We setup something similar for jupyter-rsession-proxy a while back but I guess we never got to it here.

manics commented 4 years ago

FYI I've got automated PyPI and NPM tag deployments working on https://github.com/manics/jupyter-offlinenotebook/blob/8373595fe35a3be6bde0388a3772f8abc20ccd12/.travis.yml#L26-L40

ryanlovett commented 4 years ago

Hi @consideRatio, do you know who as npm access for this package?

consideRatio commented 4 years ago

@ryanlovett the JupyterLab team members. On npm though, the (at)jupyterlab org has a team called JupyterHub now, and that team is allowed to write to this npm package specifically.

In the JupyterHub team, its @minrk as an owner, and me as a member. So if you want to make a release of the npm package, I can help with that, but I cannot give you write permissions.

UPDATE: Sorry if i pinged the entire JupyterLab orgs members =/

manics commented 4 years ago

If everyone's agreed that PYPI and NPM tags should match shall we setup automated Travis deploys for NPM too? As mentioned above I've got this working on https://github.com/manics/jupyter-offlinenotebook/blob/0.1.0/.travis.yml#L26-L40

ryanlovett commented 4 years ago

@manics The upside is what @yuvipanda wrote in the docs. The downside is that the package or lab may get version bumped without any other changes if one or the other has legitimate changes. I'm in favor of matching tags but don't feel strongly about it.

I'm also in favor of automated deploys (Travis, CircleCI, GitHub Actions, whatever). What do you need for that to happen? I'm guessing this will use the jupyterhub-hub bot at pypi but I have access to the old nbserverproxy bot there if needed.

@consideRatio Thanks for that info! Yes, if you could please make a release of the npm package for #196.

consideRatio commented 4 years ago

@ryanlovett I released npm package 2.1.0 now. i made it 2.1.0 rather than 2.0.2 since i saw quite a few commits and guessed that was appropriate.

Release guide

  1. installed node/npm
  2. cd jupyterlab-server-proxy
  3. npm login -> npm install -> npm publish
ryanlovett commented 4 years ago

@consideRatio Thanks!

manics commented 4 years ago

Travis NPM deploys just require creating an API token with the default publish scope: https://docs.npmjs.com/creating-and-viewing-authentication-tokens I don't know if a member can create the token, or only the owner.

consideRatio commented 4 years ago

I can create a token to impersonate myself, but we would like a token to give us ability to push a specific repo really. I don't think there is repository based deployment tokens like for PyPI. Anyone with experience?

manics commented 4 years ago

Should we create a jupyterhub-bot npm user just for Travis deploys?

manics commented 3 years ago

The release process was fully automated in https://github.com/jupyterhub/jupyter-server-proxy/pull/247 I think having a dedicated bot user instead of relying on individual accounts is a good idea. Should we discuss this in team-compass or keep the discussion here?

consideRatio commented 3 years ago

I think we are in agreement about preferenxe of a bot account over a real user account (currently mine). I strongly favor a bot on NPM because the tokens you can create will have permissions for all NPM projects.

Action points:

consideRatio commented 2 years ago

We have release automation already now. We lack a changelog though.