From e625881a2d7e7a77ffb310d4a67f1f35859e9830 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Mois=C3=A9s=20Gonz=C3=A1lez?= <moises.gonzalez@edunext.co>
Date: Mon, 24 Nov 2025 14:16:14 -0400
Subject: [PATCH] feat!: remove autoscaling configuration and apply
 miscellaneous fixes

The autoscaling configuration has long been unmaintained and should be
instead handled by https://github.com/eduNEXT/tutor-contrib-pod-autoscaling.

The variable used to install extra packages in the sandbox virtual
environment was not properly configured as a default variable.

The apparmor-loader deamon set was not using the same image as the
docker deployment, and the generated config-maps where missing
appropriate labels.
---
 README.rst                                     | 14 ++++----------
 tutorcodejail/patches/k8s-deployments          | 13 +++++--------
 .../patches/kustomization-configmapgenerator   |  6 ++++++
 tutorcodejail/patches/kustomization-resources  |  1 -
 tutorcodejail/plugin.py                        | 15 ++++-----------
 .../codejail/build/codejail/Dockerfile         |  9 ++++++---
 .../templates/codejail/k8s/.gitignore          |  0
 tutorcodejail/templates/codejail/k8s/hpa.yml   | 18 ------------------
 8 files changed, 25 insertions(+), 51 deletions(-)
 delete mode 100644 tutorcodejail/patches/kustomization-resources
 delete mode 100644 tutorcodejail/templates/codejail/k8s/.gitignore
 delete mode 100644 tutorcodejail/templates/codejail/k8s/hpa.yml

diff --git a/README.rst b/README.rst
index d3ffff7..51ddcc0 100644
--- a/README.rst
+++ b/README.rst
@@ -56,19 +56,13 @@ To customize the configuration, update the following settings in Tutor:
 
 - ``CODEJAIL_APPARMOR_DOCKER_IMAGE``: (default: ``docker.io/ednxops/codejail_apparmor_loader:latest``)
 - ``CODEJAIL_DOCKER_IMAGE``: (default: ``docker.io/ednxops/codejailservice:{{__version__}}``)
-- ``CODEJAIL_ENFORCE_APPARMOR`` (default: ``True``)
 - ``CODEJAIL_ENABLE_K8S_DAEMONSET`` (default: ``False``)
-- ``CODEJAIL_SKIP_INIT`` (default: ``False``)
+- ``CODEJAIL_ENFORCE_APPARMOR`` (default: ``True``)
+- ``CODEJAIL_EXTRA_PIP_REQUIREMENTS`` (default: ``[]``)
 - ``CODEJAIL_SANDBOX_PYTHON_VERSION`` (default: ``3.11.9``)
-- ``CODEJAIL_EXTRA_PIP_REQUIREMENTS`` (optional) A list of pip requirements to add to your sandbox.
-- ``CODEJAIL_SERVICE_VERSION`` (default: ``release/teak.1``),
 - ``CODEJAIL_SERVICE_REPOSITORY`` (default ``https://github.com/edunext/codejailservice.git```)
-
-.. code-block:: yaml
-
-    CODEJAIL_EXTRA_PIP_REQUIREMENTS:
-    - pybryt
-
+- ``CODEJAIL_SERVICE_VERSION`` (default: ``release/teak.1``),
+- ``CODEJAIL_SKIP_INIT`` (default: ``False``)
 
 Custom Image
 ~~~~~~~~~~~~
diff --git a/tutorcodejail/patches/k8s-deployments b/tutorcodejail/patches/k8s-deployments
index d71422e..6e36a93 100644
--- a/tutorcodejail/patches/k8s-deployments
+++ b/tutorcodejail/patches/k8s-deployments
@@ -30,13 +30,6 @@ spec:
             - mountPath: /openedx/codejailservice/codejailservice/tutor.py
               name: settings-codejail
               subPath: tutor.py
-          resources:
-            limits:
-              cpu: "{{ CODEJAIL_LIMIT_CPU }}"
-              memory: "{{ CODEJAIL_LIMIT_MEMORY }}"
-            requests:
-              cpu: "{{ CODEJAIL_REQUEST_CPU }}"
-              memory: "{{ CODEJAIL_REQUEST_MEMORY }}"
       volumes:
         - name: settings-codejail
           configMap:
@@ -61,7 +54,11 @@ spec:
     spec:
       containers:
       - name: apparmor-loader
-        image: google/apparmor-loader:latest
+        image: {{ CODEJAIL_APPARMOR_DOCKER_IMAGE }} 
+        command:
+          - /usr/bin/loader
+          - -logtostderr
+          - -v=2
         args:
           # Tell the loader to pull the /profiles directory every 30 seconds.
           - -poll
diff --git a/tutorcodejail/patches/kustomization-configmapgenerator b/tutorcodejail/patches/kustomization-configmapgenerator
index c45e80d..ea27483 100644
--- a/tutorcodejail/patches/kustomization-configmapgenerator
+++ b/tutorcodejail/patches/kustomization-configmapgenerator
@@ -1,6 +1,12 @@
 - name: codejail-profile
   files:
   - plugins/codejail/apps/profiles/docker-edx-sandbox
+  options:
+    labels:
+        app.kubernetes.io/name: codejail-aa-loader
 - name: settings-codejail
   files:
   - plugins/codejail/apps/config/tutor.py
+  options:
+    labels:
+        app.kubernetes.io/name: codejailservice
diff --git a/tutorcodejail/patches/kustomization-resources b/tutorcodejail/patches/kustomization-resources
deleted file mode 100644
index 6a47fec..0000000
--- a/tutorcodejail/patches/kustomization-resources
+++ /dev/null
@@ -1 +0,0 @@
-- plugins/codejail/k8s/hpa.yml
\ No newline at end of file
diff --git a/tutorcodejail/plugin.py b/tutorcodejail/plugin.py
index ffba3cf..8c9bac5 100644
--- a/tutorcodejail/plugin.py
+++ b/tutorcodejail/plugin.py
@@ -17,24 +17,17 @@
         "SECRET_KEY": "{{ 24|random_string }}",
     },
     "defaults": {
-        "VERSION": __version__,
         "APPARMOR_DOCKER_IMAGE": "docker.io/ednxops/codejail_apparmor_loader:apparmor-3",
         "DOCKER_IMAGE": f"docker.io/ednxops/codejailservice:{__version__}",
         "ENABLE_K8S_DAEMONSET": False,
         "ENFORCE_APPARMOR": True,
+        "EXTRA_PIP_REQUIREMENTS": [],
         "HOST": "codejailservice",
         "SANDBOX_PYTHON_VERSION": "3.11.9",
-        "SKIP_INIT": False,
-        "LIMIT_CPU": "1",
-        "LIMIT_MEMORY": "1Gi",
-        "REQUEST_CPU": "512m",
-        "REQUEST_MEMORY": "512Mi",
-        "ENABLE_HPA": False,
-        "MIN_REPLICAS": 1,
-        "MAX_REPLICAS": 4,
-        "AVG_CPU": 65,
-        "SERVICE_VERSION": "release/teak.1",
         "SERVICE_REPOSITORY": "https://github.com/edunext/codejailservice.git",
+        "SERVICE_VERSION": "release/teak.1",
+        "SKIP_INIT": False,
+        "VERSION": __version__,
     },
     "overrides": {},
 }
diff --git a/tutorcodejail/templates/codejail/build/codejail/Dockerfile b/tutorcodejail/templates/codejail/build/codejail/Dockerfile
index 6f037d6..2f584cf 100644
--- a/tutorcodejail/templates/codejail/build/codejail/Dockerfile
+++ b/tutorcodejail/templates/codejail/build/codejail/Dockerfile
@@ -58,10 +58,13 @@ RUN mkdir -p common/lib/
 ADD $EDX_PLATFORM_REPOSITORY#$EDX_PLATFORM_VERSION:requirements/edx-sandbox/ .
 RUN pip3 install -r releases/teak.txt
 
+{% if CODEJAIL_EXTRA_PIP_REQUIREMENTS %}
 # Allows you to add extra pip requirements to your codejail sandbox.
-{% if CODEJAIL_EXTRA_PIP_REQUIREMENTS is defined %}
-{% for extra_requirements in CODEJAIL_EXTRA_PIP_REQUIREMENTS %}RUN --mount=type=cache,target=/openedx/.cache/pip,sharing=shared pip install '{{ extra_requirements }}'
-{% endfor %}
+RUN --mount=type=cache,target=/openedx/.cache/pip,sharing=shared pip install \
+{%- for extra_requirements in CODEJAIL_EXTRA_PIP_REQUIREMENTS %}
+  '{{ extra_requirements }}' \
+{%- endfor %}
+;
 {% endif %}
 
 ##### Prod image
diff --git a/tutorcodejail/templates/codejail/k8s/.gitignore b/tutorcodejail/templates/codejail/k8s/.gitignore
deleted file mode 100644
index e69de29..0000000
diff --git a/tutorcodejail/templates/codejail/k8s/hpa.yml b/tutorcodejail/templates/codejail/k8s/hpa.yml
deleted file mode 100644
index 9287b3d..0000000
--- a/tutorcodejail/templates/codejail/k8s/hpa.yml
+++ /dev/null
@@ -1,18 +0,0 @@
-{%- if CODEJAIL_ENABLE_HPA %}
-apiVersion: autoscaling/v1
-kind: HorizontalPodAutoscaler
-metadata:
-  name: codejail
-  labels:
-    app.kubernetes.io/name: codejail
-spec:
-  scaleTargetRef:
-    apiVersion: apps/v1
-    kind: Deployment
-    name: codejailservice
-  minReplicas: {{ CODEJAIL_MIN_REPLICAS }}
-  maxReplicas: {{ CODEJAIL_MAX_REPLICAS }}
-  {%- if CODEJAIL_AVG_CPU > 0 %}
-  targetCPUUtilizationPercentage: {{ CODEJAIL_AVG_CPU }}
-  {%- endif %}
-{%- endif %}