Upgrade to Django 5.2 LTS

Author: ihalaij1

README.md

@@ -6,8 +6,8 @@ automatically built inside a configurable container. If the build passes
 validation, the course and its exercises are configured on A+ and compatible
 grading services.
 
-The application is implemented on Django 3.2 (`gitmanager/settings.py`) and
-requires Python 3.7+.
+The application is implemented on Django 5.2 (`gitmanager/settings.py`) and
+requires Python 3.10+.
 
 Gitmanager can be run stand alone without the full stack to test any part of
 the process in the local system environment. Course and exercise

builder/views.py

@@ -209,7 +209,7 @@ def build_log_json(request, key):
 
 
 def get_client_ip(request):
-    x_forwarded_for = request.META.get('HTTP_X_FORWARDED_FOR')
+    x_forwarded_for = request.headers.get('x-forwarded-for')
     if x_forwarded_for:
         return x_forwarded_for.split(',')[0]
     return request.META.get('REMOTE_ADDR')
@@ -269,7 +269,7 @@ def hook(request: Request, key: str, **kwargs) -> HttpResponse:
         return HttpResponse(f"No access to course {key}", status=403)
     else:
         branch = None
-        if request.META.get('HTTP_X_GITLAB_EVENT'):
+        if request.headers.get('x-gitlab-event'):
             if course.webhook_secret is None:
                 logger.warning(f"webhook secret for course '{key}' is None. Skipping secret verification.")
             else:
@@ -281,7 +281,7 @@ def hook(request: Request, key: str, **kwargs) -> HttpResponse:
             data = get_post_data(request)
             if data:
                 branch = data.get('ref', '').rpartition("/")[2]
-        elif request.META.get('HTTP_X_GITHUB_EVENT'):
+        elif request.headers.get('x-github-event'):
             if course.webhook_secret is None:
                 logger.warning(f"webhook secret for course '{key}' is None. Skipping secret verification.")
             else:
@@ -325,7 +325,7 @@ def hook(request: Request, key: str, **kwargs) -> HttpResponse:
 
     push_event(key, **params)
 
-    if request.META.get('HTTP_REFERER'):
+    if request.headers.get('referer'):
         return redirect('manager-updates', course.key)
 
     return HttpResponse('ok')

docker/Dockerfile

@@ -1,4 +1,4 @@
-FROM --platform=$TARGETPLATFORM apluslms/service-base:django-1.18
+FROM apluslms/service-base:django-1.19
 
 # Set container related configuration via environment variables.
 ENV CONTAINER_TYPE="gitmanager" \
@@ -18,12 +18,13 @@ RUN : \
   # install docker-ce
  && if [ "$TARGETPLATFORM" = "linux/amd64" ] ; then ARCH=amd64 ; elif [ "$TARGETPLATFORM" = "linux/arm64" ] ; then ARCH=arm64 ; else exit 1 ; fi \
  && curl -LSs https://download.docker.com/linux/debian/gpg | gpg --dearmor -o /usr/share/keyrings/docker-archive-keyring.gpg >/dev/null 2>&1 \
- && echo "deb [arch=$ARCH signed-by=/usr/share/keyrings/docker-archive-keyring.gpg] https://download.docker.com/linux/debian bullseye stable" > /etc/apt/sources.list.d/docker.list \
+ && echo "deb [arch=$ARCH signed-by=/usr/share/keyrings/docker-archive-keyring.gpg] https://download.docker.com/linux/debian trixie stable" > /etc/apt/sources.list.d/docker.list \
  && apt_install docker-ce \
 \
   # create user
  && adduser --system --no-create-home --disabled-password --gecos "Git Manager webapp server,,," --home /srv/gitmanager --ingroup nogroup gitmanager \
  && mkdir /srv/gitmanager && chown gitmanager.nogroup /srv/gitmanager \
+ && git config --system --add safe.directory '/srv/courses/source/*' \
  && rm -rf /etc/init.d/ /tmp/* \
   # database settings that allow the Huey worker container to connect to the gitmanager web app's database
  && find /etc/postgresql/*/*/ -type f -name pg_hba.conf -exec sh -c 'echo "host all all samenet trust" >> "$1"' -- {} \; \

requirements.txt

@@ -1,5 +1,5 @@
-Django ~= 4.2.3
-git+https://github.com/apluslms/django-essentials.git@1.6.0#egg=django-essentials==1.6.0
+Django ~= 5.2.13
+git+https://github.com/apluslms/django-essentials.git@1.7.0#egg=django-essentials
 requests >= 2.28.0, < 3
 PyYAML ~= 6.0.0
 docutils ~= 0.17.1