anubislms / anubis Goto Github PK

The current base images for Anubis live in a private registry in digital ocean. To encourage collaboration, we should put them in a public repo on dockerhub. Alternatively we could host our own docker registry that is available to be pulled publicly.

The only images that need to remain private are the assignment test images (which exist in other repos anyway).

Looks like a file accidentally made it in the repo here https://github.com/GusSand/Anubis/blob/master/theia/proxy/yarn-error.log.

It may be worth adding yarn-error.log to the gitignore so contributors don't accidentally add these files.

There are several individual things in Anubis that have their own dependencies. I know that there are several places that are installing things that are not being used. We need to clean those places up.

• api/requirements.txt (generated via pip-compile from api/requirements.in)
• web/package.json
• theia/ide/xv6/latest.package.json
• theia/ide/xv6/latest.package.json
• theia/proxy/package.json

I think this task is pretty straight forward. We would need to add a page for students to see lecture slide postings, and something in the admin panel for admins to upload them.

My thought is that a lecture slide posting can be the file/files with an optional description. We can also think about (maybe not for this card) a way to set a release time.

One last thing I would like this feature to have is some kind of a docx/doc file warning. Since docx files are absolutely irritating (why should i need to open libreoffice when i can open pdfs in firefox) we could have a optional checkbox for those files where we will convert them to pdfs after uploading.

The current readme is a 30 page design doc that probably should be in a separate directory. A new readme should be created that focuses on more helpful information like sections on:

• How to contribute
• Debugging quickstart
• High level project structure
• Links to helpful documentation things

We have a problem. Anubis takes a lot of resources to run on Mac and or Windows because those OSs do not support native containers. If we can get the anubis API and WEB to run in some super mindebug mode on bare metal, we would be helping devs that chose MacOS and Windows over glorious Linux.

I expect this has the possibility to be too difficult and time consuming. If it takes too much time, then we should skip.

• API
  • Make the RPC functions run when the enqueue function is called
  • Setup filesystem cache on mindebug
  • Setup sqlite3 db instead of mariadb
    • Update migrations to work on sqlite3 (some of them do not)
• WEB
  • Make token and course context cookies work with different ports
  • Make requests to the api go to say maybe localhost:5000 or localhost:8000

https://github.com/os3224/os3224-assignment-4-almoss1 was names with '-1' appended to the repo name. All the /public/webhook parsing was totally broken.

• commits were not registered
• assignment name was not parsed out of webhook

https://github.com/GusSand/Anubis/blob/master/api/src/routes/public.py#L114

We can and should be more intelligent about how we handle the autograde calculations. We know they can only changed for a student when new submissions are processed. Knowing this, we can potentially cache the results for much longer (say like a week or two) and clear the cached results when the submissions is processed.

From the flask-caching docs

user_has_membership('demo', 'admin')
user_has_membership('demo', 'user')

cache.delete_memoized(user_has_membership, 'demo', 'user')

• CHG remove react router
  • CHG replace react-router-dom Link components with next.js link components
• CHG convert old react router structure to next.js page structure
• CHG replace img components with next.js image components

https://nextjs.org/

So I am trying to figure out how to implement the emailing thing. I cannot find an end point in api that is used to create an assignment. Do you guys just manually add assignments into the database? I also cannot find the CLI tool mentioned in the design doc.

Some pages (specifically repos and profile) look like they are not automatically redirecting to the auth when clicked on in an anon session.

Ideally, the Marketing/Landing website should be separate from the Anubis web application.

• Setup Directory with Gatsby, material-ui
• Landing Page
• Features Page
• Feature Page
• Blog Page
• How to Contribute Page
• Contact Us Page
• Migrate blog from web to about

I would like to keep the cli that is packaged in the management IDE something that can be installed natively on a host machine. For linux power users like me, I will still prefer to use my own machine over the management IDE.

In the management IDEs, the anubis cli config is provisioned with an authentication token. https://github.com/GusSand/Anubis/blob/bb69516b243aeddcd870e8c95df46a93169a8fed/api/anubis/utils/k8s/theia.py#L95

    # If this is an admin IDE session, then we should add a token
    # for the anubis cli to be able to authenticate to the anubis
    # api.
    if credentials:
        # Create a token for the session owner
        token = create_token(theia_session.owner.netid)

        # Create the INCLUSTER environment variable as the base64
        # encoded token. This token should be picked up by the
        # theia init process to initialize the anubis cli with
        # the token.
        extra_env.append(client.V1EnvVar(
            name='INCLUSTER',
            value=base64.b64encode(token.encode()).decode(),
        ))

The main thing here is building out some authentication mechanism for the cli. To get this to work on native, we'll need to add some way of authenticating, then setting this token in the cli.

We have a description field on every assignment that is not viewable anywhere. I am thinking maybe we can add another button to the assignment card, with a material-ui dialog component.

It may also make sense to put the description in a react-markdown component so that things like links and images can be interpreted.

• add useSWR lib to project
• replace all usages of useGET with useSWR

There are a few places in the prod provisioning that assume that the do-block-storage exists. We should replace these assumptions with something that can be specified on the command line. I would like to be able to run this from the k8s/prod makefile:

make all STORAGE_CLASS=something-else

After a github classroom link is clicked, there is a 5 to 10 second delay between when the repo is created and the webhook is sent to Anubis. The assignment page should be changed so that when the link is clicked, we poll the assignment listing for 60 or so seconds until it changes.

The benefit of doing this is that the Cloud IDE button will become available without needing to reload the page.

The high level assignment page state is here and the button is here

I'm thinking that this can either be:

• a button that sends a request to the api that then makes a slack webhook
• a button with a mailto:[email protected] a component. we can add a template subject and body like mailto:[email protected]?subject=demo+plz&body=gib+demo+plz

Github webhooks are not being delivered something like 10% of the time. That's making it so we are sometimes missing submissions.

Please put these changes on the v3.0.4 branch

All of the blog components are here. There are two components BlogImg.jsx and BlogPost.jsx that are the standard components.

The BlogPost is a component that is meant to be a simplified template component that posts can be put in. We just need to provide a Preview, and Post components (along with title, date, author). The Preview is what is shown on the /blog page. The Post component is then what is the rest of the post that is placed under the Preview after the post is clicked on.

I converted the main [ElevatorPitchPost.jsx]https://github.com/GusSand/Anubis/blob/v3.0.4-CHG-open-source-prep/web/src/Components/Public/Blog/ElevatorPitchPost.jsx) post to fit in this format a few days ago.

I considered using react-markdown to simplify the writing of the posts, but I could not quickly find a way to control the preview of the post. If you can see a way to control what the preview is on the /blog page before the post is clicked on, go ahead and do that.

One thing to note here is that the images that start with /api/public/static/ will not load unless you have the local api running, and it has a copy of the static files that exist on prod.

• Create standard blog post react
• [x ] Migrate the existing posts to this format
  • ElevatorPitchPost.jsx
  • [ x] AssignmentPost.jsx
  • [x ] AssignmentPackagingPost.jsx
  • [x ] MidtermRetroPost.jsx
  • [x ] TheiaIDEPost.jsx
• [x ] Maybe convert to markdown blog posts?

• add some form of fancy(ish) landing page
  • pull components and ideas from material-ui templates

https://material-ui.com/store/items/onepirate/

From /api/public/auth/whoami for me (I am a superuser):

{
  "data": {
    "context": {
      "id": "...",
      "name": "Intro to OS"
    },
    "status": null,
    "user": {
      "admin_for": [
        {
          "id": "...",
          "name": "OOP"
        },
        {
          "id": "...",
          "name": "Intro to OS"
        }
      ],
      "github_username": "wabscale",
      "id": "...",
      "is_admin": true,
      "is_superuser": true,
      "name": "John Cunniff",
      "netid": "jmc1283",
      "professor_for": [],
      "ta_for": [
        {
          "id": "...",
          "name": "Intro to OS"
        }
      ]
    },
    "variant": "warning"
  },
  "error": null,
  "success": true
}

• button
• paper
• typography
• grid
• data grid
• layouts

New features on the horizon for Anubis v3.0.0

• public status page
• react-vis graphs in the admin panel
  • Show average time it takes students to pass specific tests
  • Show the proportion of students that are passing specific tests
  • Show the amount of time students are spending on the theia ides
  • history of a student on a specific assignment,
    • submissions
    • theia usage
    • due dates
• Download / list repos for specific assignments from the website
• Fully encapsulated assignment management on the website
  • The ability to package, then deploy assignments from the management ide
  • Admin documentation from in the admin panel
    • How to package assignments
    • How to deploy assignments
    • How to manage student data
    • How to use the autograde features effectively
• The ability to have hidden assignment tests
• Admin panel be able to isolate seperate course data
  • Admin api endpoints to be "course aware"
  • Add component capable of switching back and forth between courses
  • Reorganize admin permission model to be course specific instead of global boolean
• Make assignments be capable of "theia only" functionality
  • Add switch in admin panel to disable submission pipeline jobs for specific assignments
  • Make autograde functions be aware of "theia only" assignments
  • Make autograde frontend components aware of "theia only" assignments

Take the pieces from the readme that would be helpful to TAs learning how to use Anubis to the admin panel. If they can access it on the website, then they won't need to bother me as much.

The design doc is currently rendered using pandoc. It requires haskell, and pandoc to be natively installed on the system. I would like to try to replace this with some kind of docker run command to remove this unnecessary dependency.

Another thing to consider is that the mermaid images in docs/mermaid are rendered natively as well. I believe we can put this in a container as well.

• containerize pandoc design doc render
• containerize mermaid image render

Right now we are using the normal mariadb bitnami chart on prod. It works fine, and supports master-slave replication. The problem with it is that it still has a single master node. This is quite annoying because whenever the main node is down, everything crashes.

We should migrate from vanilla mariadb to mariadb-galera which supports multi-leader mariadb.

It looks like we can mostly just replace the existing helm install with the new chart. I expect that some of the dns names may change. The new mariadb service may be galera.mariadb.svc.cluster.local.

There are some network policies that are defined in network-policy.yml. These policies are only on the places where users have some level of execution on the Anubis cluster (like the theia pods and autograde pipelines).

We need to add policies to govern other places like the web and api deployments.

Use this tool for visualizing and editing network policies https://editor.cilium.io/

• write network policies
  • API
  • WEB
  • RPC-default
  • RPC-theia
  • RPC-regrade

• web/src/Pages/Admin/Theia.jsx
• web/src/Pages/Admin/Static.jsx
• web/src/Pages/Admin/Course.jsx
• web/src/Pages/Admin/Config.jsx
• web/src/Pages/Admin/Autograde/Results.jsx
• web/src/Pages/Public/Courses.jsx
• web/src/Pages/Public/Submission.jsx
• web/src/Pages/Public/Submissions.jsx
• web/src/Pages/Admin/User.jsx
• web/src/Pages/Admin/Users.jsx

We'll need to replace the number field on the lecture notes with a posting time field. We'll also need to reflect this change on the admin lecture notes page and public lecture notes page.

Really all I would like to have is some very simple click counter for the blog posts to track engadgement

• ADD click counter (third party or roll our own?)

In order to expand to other classes, parts of Anubis will need to be re-written or overhauled. This is the list of the primary things that would need to change for Anubis's adoption to expand.

• Split source code from assignment tests.
  • Asynchronous uploading of assignment tests to cluster. Either through CLI, or web interface.
  • Zero downtime deploy of new assignments. Uploading an assignment should not require a restart of any other services.
• Scalability
  • Swarm or kubernetes should be considered for container and service orchestration.
  • Zero downtime deploys.
  • CD/CI for deploys.
• Automated Tests.
  • Before a deploy, the new code should go though rigorous testing to verify things are working.
• Better commit coverage.
  • Using the github webhooks proved very flakey at best. Some commits would just not be reported to the api. This made it so that we had occasional blindspots in submissions.
  • I would like to have it so we poll the github api for changes in commits.
• Assignment creation streamlining.
  • Currently there is way too much config in too many places for uploading an assignment. This process needs to be greatly simplified. One way I see this being more simple is having a template directory with a config.json, and the python test files along with a dockerfile. That could be uploaded through the cli by taring the directory and sending it to the api.
  • Professors and TA's should also be able to see all this config reflected back at them. Having a private interface for viewing assignment config may be useful for the less command line oriented TAs and professors.
  • Streamline actual testing tools. This may look like having a more standard testing function that is wrapped in all the error handling stuff by the base image.
  • Testing descriptions should be expanded, possibly even required for all assignment tests.
• Submission accountability.
  • Right now, there is no clean way to recover a failed job that is sent to the testing cluster. If a submission job somehow fails to report success, or error, the submission is stuck in a processing state with no way of automated recovery.
• Independent and asynchronous test reporting.
  • Currently all tests are processed and reported at once. This means the user has to wait for all tests to finish before getting any feedback.
  • It would be much nicer for tests to complete and be reported to the user as they finish.
• Question pool expansion.
  • The question pool functionality is hardcoded to handle only the OS final.
  • This must be expanded to handle multiple assignments and classes.
• Users and groups
  • Hierarchical users and groups with specific permissions will be necessary.
  • Super users should be able to see everything
    • Admins (TAs and Profs) should be able to see everything for their classes
      • Users (students) should be able to see everything specific to them
  • This hierarchy should be used for viewing kibana data too.
  • Users should have to log in.
    • Password could be generated Anubis codes, or settable by the user (though email verification)
    • Users should be able to see a profile that states some of the data Anubis has for them (netid, github username, classes, assignments)
  • Opt in email notifications for submissions and grades?
  • Publish grades through Anubis?

We have HPAs defined in the v3.0.4 branch, but my worry is that they are not fine tuned enough to scale up the deployments when they are needed.

We will need to really take time to understand the way that the Horizontal Pod Autoscaling works to tune these deployments properly. I believe that we will also need to define Pod Disruption Budgets for the items that are getting HPAs.

The current landing page could use some improvements. It was written by me, which means it is simple as it can be. I am not a frontend / web design person so I could use some more keen eyes on this one.

p.s. The nav on the left is cut off because I used the firefox "screenshot of full page" feature. It is not actually getting messed up.

We will need to figure out how to configure theia to run on a different base url path. Something like anubis.osiris.services/ide/proxy would probably work fine.

We would probably then need to configure the theia builds here and here. Then we would need to remove the THEIA_DOMAIN config, and replace it with something like DOMAIN.

Then quite seperately we would need to change the theia proxy IngressRoute definition

• ADD assert function
• ADD assert exception handler to flask app

We currently track all responses that students enter. We have no way of accessing anything but the latest from the admin panel. I would like to add some kind of components to the frontend admin panel to make previous question responses accessible.

I'm not sure what exactly should go in the privacy agreement. A general template is probably fine. I imagine that there are reactjs libraries for those annoying popups that are on most sites now.

Like:

• An assignment release
• An assignment about to be due
• Lecture slides added
• Due date change

It is unclear to me if we should use keep it simple with an smtp server, or go more complex with integrating the gmail api.

The plan with that task:

• Add some card to the profile page that has a bunch of checkboxes for opting into different email events (like when assignment are released, about to be due without a submission, lecture notes published, notifications from instructors...)
• Extend the anubis.models.InCourse to include boolean values for these email preferences. (We put it on the InCourse table so preferences are specific to the course)
• Add endpoints to anubis.views.public.profile for changing the opt-in email values. (Maybe some admin views too for changing a whole class email preferences).
• Add rpc functions for sending out email notifications.
• Use the scheduling features of rq to schedule email notifications functions. We could then schedule assignment notifications to run when those two views I mentioned earlier are run.
• We probably need to also add some kind of notification tracking as a table in the database. Without that we may accidentally send notifications twice, or not at all if something gets wonked when we are sending.

There are a couple of gotchas that we will need to handle:

• If we are scheduling notification rpc jobs, we will need to confirm that the timing is still correct when the job is run.
• We also need this system to be fault tolerant. The rpc job queues are stored in redis. Redis is meant to not be persistent in Anubis. If redis is restarted or the container is lost or destroyed for any reason, everything on it will be lost (including jobs in the queues). Normally jobs live in queues for no more than 60-120 seconds, so there is normally no issue. My worry with scheduling jobs is that we would need to be able to detect and re-enqueue scheduled jobs if they are lost.

An alternative to scheduling notification rpc jobs is just adding a function to detect when notifications need to be sent out, and put it in a k8s CronJob that could be run every 5 minutes or so. We could then enqueue jobs to send out the notifications from there. This setup would be much more fault tolerant than scheduling rpc notification jobs.

Then the last thing is that I have not decided if I want to use the google gmail api, or just a simple smtp server setup. In Anubis version 0.0.1 back in January of 2020 there was no website. I sent out emails for every submission to students via a simple smtp server setup. We ended up getting rate limited by gmail in the like 3 hours before the deadline in that first assignment. i.e. emails were not being delivered to students. Then alternatively maintaining google api credentials is just annoying. I have done it in k8s before and could copy some code over, but it is just more annoying than something simple like an smtp server.

I would like to add a contribution guide and some other actions workflow things like:

• A greeter action
• A labeler action
• A stale issue action