WIP: chore(deps): Upgrade to Django 5.2#177
Conversation
crankynetman
changed the title
…i migrations for django 5
|
Minimum allowed coverage is Generated by 🐒 cobertura-action against e0b02f7 |
| else | ||
| echo "No unapplied migrations." | ||
| fi | ||
| python manage.py migrate --fake-initial --noinput |
There was a problem hiding this comment.
Why were we able to simplify so much? This seems much less brittle which is great, but are we looking at any side effects? We were conditionally doing this before so was that just not required?
There was a problem hiding this comment.
We likely don't need --fake-initial because we've always had migrations be part of things.
I'm still not sure why we have this step at all. Won't migrations always be unapplied on a fresh database? It seems like this was actually originally a "check for migrations that weren't comitted" step which is good, but I think could be rewritten or we could leave it the way it was originally and change the wording.
| import logging | ||
|
|
||
| from asgiref.sync import sync_to_async | ||
| from channels.db import database_sync_to_async |
There was a problem hiding this comment.
if my understanding is correct this is basically like some additional ORM aware niceties that channels takes advantage of. this seems like a very good change.
There was a problem hiding this comment.
Agreed. We should doublecheck if we can also move to just using the decorator for this, but here's the docs on this, seems like an easy win/drop-in
https://channels.readthedocs.io/en/latest/topics/databases.html#database-sync-to-async
There was a problem hiding this comment.
I get the idea and I'm not opposed to dropping versioning, but on the other hand it seems like it's generally been better for us than just taking anything. Maybe we can find a middle ground and just do major version pinning? This goes for all the requirements files.
There was a problem hiding this comment.
We should re-visit this as part of the uv migration (#199 ). I think that moving to ~= X.X (where the X.X is what pip has resolved to and tests pass with) for now in this PR would likely be best.
Maybe we as a short-term don't pin anything, after this merge (or maybe as part of it?) we do the #199 work and rely on the lock file for build reproducibility and then only pin things that we really need pinned? Then do dependabot (#201 ) ASAP?
There was a problem hiding this comment.
Nice this would close (or at least go a long way towards closing) #168
There was a problem hiding this comment.
Agreed. I think we probably want to give it a close look but this does seem harmless. We definitely need to merge #188 first though since there are a few changes to migrations over there.
We also need to double-check that we have got rid of index_together everywhere in the codebase.
There was a problem hiding this comment.
I can't see why this is bad, but does it suggest we don't need to use WhoFilter anymore? I think I liked testing WhoFilter directly instead of testing the same thing in a different way. I do think we want to keep it since it's what is used on the admin panel to allow you to filter the list based on the user who added the entry. Maybe I'm overthinking it.
There was a problem hiding this comment.
Let's try getting rid of this entire change because I don't think it's needed.
| self.superuser = get_user_model().objects.create_superuser("admin", "admin@es.net", "admintestpassword") | ||
| self.client.login(username="admin", password="admintestpassword") | ||
|
|
||
| # Create the ActionType |
There was a problem hiding this comment.
The block actiontype is created by default in one of the early migrations. We can depend on it existing, but maybe this is a case of "better to be explicit"
There was a problem hiding this comment.
Maybe this was only needed because of the weird migration change? Worth testing with and without this change to see if it even matters.
There was a problem hiding this comment.
Also looking at this more, we should only use get not get_or_create as we'd want this to fail if the migrations aren't there (cuz this is there).
I think we can likely remove this entirely, it's mostly just a bit more readable maybe not really.
There was a problem hiding this comment.
I'm not sure we want this change, but I need to better understand the usage here. password1 and password2 to me suggests a whole password management solution that I don't think we use.
| else | ||
| echo "No unapplied migrations." | ||
| fi | ||
| python manage.py migrate --fake-initial --noinput |
There was a problem hiding this comment.
We likely don't need --fake-initial because we've always had migrations be part of things.
I'm still not sure why we have this step at all. Won't migrations always be unapplied on a fresh database? It seems like this was actually originally a "check for migrations that weren't comitted" step which is good, but I think could be rewritten or we could leave it the way it was originally and change the wording.
| "channels", | ||
| "corsheaders", | ||
| "crispy_forms", | ||
| "django_celery_beat", |
There was a problem hiding this comment.
This is just cleaning up a dangling dependency
| import logging | ||
|
|
||
| from asgiref.sync import sync_to_async | ||
| from channels.db import database_sync_to_async |
There was a problem hiding this comment.
Agreed. We should doublecheck if we can also move to just using the decorator for this, but here's the docs on this, seems like an easy win/drop-in
https://channels.readthedocs.io/en/latest/topics/databases.html#database-sync-to-async
| routes = await sync_to_async(list)(Entry.objects.filter(is_active=True).values_list("route__route", flat=True)) | ||
| routes = await database_sync_to_async(list)( | ||
| Entry.objects.filter(is_active=True).values_list("route__route", flat=True) | ||
| ) |
There was a problem hiding this comment.
That's ruff, buddy
There was a problem hiding this comment.
We should re-visit this as part of the uv migration (#199 ). I think that moving to ~= X.X (where the X.X is what pip has resolved to and tests pass with) for now in this PR would likely be best.
Maybe we as a short-term don't pin anything, after this merge (or maybe as part of it?) we do the #199 work and rely on the lock file for build reproducibility and then only pin things that we really need pinned? Then do dependabot (#201 ) ASAP?
| from scram.route_manager.models import ActionType, Entry | ||
| from scram.route_manager.models import Client as ClientModel |
There was a problem hiding this comment.
needs some isort love
| ] | ||
|
|
||
| # Create the ActionType | ||
| self.actiontype, _ = ActionType.objects.get_or_create(name="block") |
There was a problem hiding this comment.
Same thing here, we should make sure we need this and if so, move to get only.
| self.unauthorized_user = User.objects.create(username="unauthorized") | ||
|
|
||
| self.readonly_group = Group.objects.get(name="readonly") | ||
| # Create the groups that the migration would normally create and assign permissions |
There was a problem hiding this comment.
Again, likely related to the migration change to pytest. Why do we need to change that? Seems like we want to run migrations before tests and then this should be here already.
|
|
||
|
|
||
| class TestTranslatorBaseCase(TestCase): | ||
| class TestTranslatorBaseCase(TransactionTestCase): |
There was a problem hiding this comment.
Probably not needed; probably doesn't hurt.
| is_admin = groups_overlap(claimed_groups, settings.SCRAM_ADMIN_GROUPS) | ||
| if groups_overlap(claimed_groups, settings.SCRAM_READWRITE_GROUPS): | ||
| effective_groups.append(Group.objects.get(name="readwrite")) | ||
| readwrite_group, created = Group.objects.get_or_create(name="readwrite") |
There was a problem hiding this comment.
Again get vs get_or_create
There was a problem hiding this comment.
Okay, let's revert this whole file and then make sure that migrations are a) running appropriately or b) have the right data so we don't do this here, in prod.
2 participants
Well, since it's 2025, I decided to spend down a small nation's amount of energy on Vibe Coding® an upgrade to django 5.2 and python 3.13.
It made a ton of changes I don't understand, but it's less than I figured. And FWIW, the same approaches came about by gemini, claude, and GPT 5o.
I hate this, but the tests do pass locally, so I figured i'd throw this up here for discussion.