Loading pkgs/by-name/pr/prefect/make_ui_files_writeable_on_startup.patchdeleted 100644 → 0 +0 −42 Original line number Diff line number Diff line From a97d5f501ff3125d96e6c64dfa498ca1a598a4bd Mon Sep 17 00:00:00 2001 From: happysalada <raphael@megzari.com> Date: Sun, 2 Mar 2025 08:30:36 -0500 Subject: [PATCH] feat: ensure ui files are writeable On startup prefect copies over files from the ui into the ui directory. If for any reason the ui files were not writeable, the whole setup will fail. This PR ensures that the copied files are writeable. To give a bit more context, I am currently packaging Prefect for nixos. Nix having a little bit of a strict build system, makes sure that the built package has only read-only files. this is to ensure the build is deterministic. I understand that this might appear as a detail related to nix build system only. I can patch the source when building the nix package, but I thought I would try to contribute the patch. No hard feelings if you are not interested in this patch. Thank you for developping prefect! fix formatting --- src/prefect/server/api/server.py | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/src/prefect/server/api/server.py b/src/prefect/server/api/server.py index e5b64d527..ac64616ef 100644 --- a/src/prefect/server/api/server.py +++ b/src/prefect/server/api/server.py @@ -250,8 +250,14 @@ def copy_directory(directory: str, path: str) -> None: if os.path.exists(destination): shutil.rmtree(destination) shutil.copytree(source, destination, symlinks=True) + # ensure copied files are writeable + for root, dirs, files in os.walk(destination): + for f in files: + os.chmod(os.path.join(root, f), 0o600) else: shutil.copy2(source, destination) + # Ensure copied file is writeable + os.chmod(destination, 0o600) async def custom_internal_exception_handler( -- 2.48.1 pkgs/by-name/pr/prefect/package.nix +64 −61 Original line number Diff line number Diff line Loading @@ -7,7 +7,7 @@ python3Packages.buildPythonApplication rec { pname = "prefect"; version = "3.2.7"; version = "3.2.13"; pyproject = true; # Trying to install from source is challenging Loading @@ -16,13 +16,9 @@ python3Packages.buildPythonApplication rec { # Source will be missing sdist, uv.lock, ui artefacts ... src = fetchPypi { inherit pname version; hash = "sha256-4kwGrKvDihBi6Gcvcf6ophNI6GGd+M4qR0nnu/AUK1Q="; hash = "sha256-NJL3KTvSIzUX1JMa/Lfpx2UzsAgqjU/mbndnkG2evTA="; }; patches = [ ./make_ui_files_writeable_on_startup.patch ]; pythonRelaxDeps = [ "websockets" ]; Loading @@ -32,31 +28,38 @@ python3Packages.buildPythonApplication rec { versioningit ]; dependencies = with python3Packages; [ dependencies = with python3Packages; [ aiosqlite alembic anyio apprise asgi-lifespan asyncpg cachetools click cloudpickle coolname cryptography dateparser docker graphviz jinja2 jinja2-humanize-extension humanize pytz readchar sqlalchemy typer # client dependencies anyio asgi-lifespan cachetools cloudpickle coolname exceptiongroup fastapi fsspec graphviz # graphviz already included griffe httpcore httpx humanize importlib-metadata jinja2 jinja2-humanize-extension jsonpatch jsonschema opentelemetry-api Loading @@ -72,21 +75,21 @@ python3Packages.buildPythonApplication rec { python-dateutil python-slugify python-socks pytz pyyaml readchar rfc3339-validator rich ruamel-yaml sniffio sqlalchemy toml typer typing-extensions ujson uvicorn websockets ]; uv ] ++ sqlalchemy.optional-dependencies.asyncio ++ httpx.optional-dependencies.http2 ++ python-socks.optional-dependencies.asyncio; optional-dependencies = with python3Packages; { aws = [ Loading Loading
pkgs/by-name/pr/prefect/make_ui_files_writeable_on_startup.patchdeleted 100644 → 0 +0 −42 Original line number Diff line number Diff line From a97d5f501ff3125d96e6c64dfa498ca1a598a4bd Mon Sep 17 00:00:00 2001 From: happysalada <raphael@megzari.com> Date: Sun, 2 Mar 2025 08:30:36 -0500 Subject: [PATCH] feat: ensure ui files are writeable On startup prefect copies over files from the ui into the ui directory. If for any reason the ui files were not writeable, the whole setup will fail. This PR ensures that the copied files are writeable. To give a bit more context, I am currently packaging Prefect for nixos. Nix having a little bit of a strict build system, makes sure that the built package has only read-only files. this is to ensure the build is deterministic. I understand that this might appear as a detail related to nix build system only. I can patch the source when building the nix package, but I thought I would try to contribute the patch. No hard feelings if you are not interested in this patch. Thank you for developping prefect! fix formatting --- src/prefect/server/api/server.py | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/src/prefect/server/api/server.py b/src/prefect/server/api/server.py index e5b64d527..ac64616ef 100644 --- a/src/prefect/server/api/server.py +++ b/src/prefect/server/api/server.py @@ -250,8 +250,14 @@ def copy_directory(directory: str, path: str) -> None: if os.path.exists(destination): shutil.rmtree(destination) shutil.copytree(source, destination, symlinks=True) + # ensure copied files are writeable + for root, dirs, files in os.walk(destination): + for f in files: + os.chmod(os.path.join(root, f), 0o600) else: shutil.copy2(source, destination) + # Ensure copied file is writeable + os.chmod(destination, 0o600) async def custom_internal_exception_handler( -- 2.48.1
pkgs/by-name/pr/prefect/package.nix +64 −61 Original line number Diff line number Diff line Loading @@ -7,7 +7,7 @@ python3Packages.buildPythonApplication rec { pname = "prefect"; version = "3.2.7"; version = "3.2.13"; pyproject = true; # Trying to install from source is challenging Loading @@ -16,13 +16,9 @@ python3Packages.buildPythonApplication rec { # Source will be missing sdist, uv.lock, ui artefacts ... src = fetchPypi { inherit pname version; hash = "sha256-4kwGrKvDihBi6Gcvcf6ophNI6GGd+M4qR0nnu/AUK1Q="; hash = "sha256-NJL3KTvSIzUX1JMa/Lfpx2UzsAgqjU/mbndnkG2evTA="; }; patches = [ ./make_ui_files_writeable_on_startup.patch ]; pythonRelaxDeps = [ "websockets" ]; Loading @@ -32,31 +28,38 @@ python3Packages.buildPythonApplication rec { versioningit ]; dependencies = with python3Packages; [ dependencies = with python3Packages; [ aiosqlite alembic anyio apprise asgi-lifespan asyncpg cachetools click cloudpickle coolname cryptography dateparser docker graphviz jinja2 jinja2-humanize-extension humanize pytz readchar sqlalchemy typer # client dependencies anyio asgi-lifespan cachetools cloudpickle coolname exceptiongroup fastapi fsspec graphviz # graphviz already included griffe httpcore httpx humanize importlib-metadata jinja2 jinja2-humanize-extension jsonpatch jsonschema opentelemetry-api Loading @@ -72,21 +75,21 @@ python3Packages.buildPythonApplication rec { python-dateutil python-slugify python-socks pytz pyyaml readchar rfc3339-validator rich ruamel-yaml sniffio sqlalchemy toml typer typing-extensions ujson uvicorn websockets ]; uv ] ++ sqlalchemy.optional-dependencies.asyncio ++ httpx.optional-dependencies.http2 ++ python-socks.optional-dependencies.asyncio; optional-dependencies = with python3Packages; { aws = [ Loading
