Merge branch 'develop' of https://github.com/CenterForOpenScience/osf.io into refactor-notifications

* 'develop' of https://github.com/CenterForOpenScience/osf.io:
  Update chagnelog and bump version
  [ENG-6835] VRL Project PR - BE (#11204)

# Conflicts:
#	api_tests/registrations/views/test_registration_detail.py
#	conftest.py
#	tests/test_registrations/test_retractions.py

Author: Johnetordoff

.docker-compose.gv.env

@@ -9,8 +9,9 @@ POSTGRES_DB="gravyvalet"
 SECRET_KEY="secret"
 PYTHONUNBUFFERED=1 # This when set to 0 will allow print statements to be visible in the Docker logs
 OSF_AUTH_COOKIE_NAME=osf
+SESSION_COOKIE_SECURE=false
+SESSION_COOKIE_HTTPONLY=true
+SESSION_COOKIE_SAMESITE=Lax
 OSF_SENSITIVE_DATA_SECRET="TrainglesAre5Squares"
 OSF_SENSITIVE_DATA_SALT="yusaltydough"
 DEBUG=1
-
-

.github/actions/gen-report/action.yml

@@ -3,8 +3,13 @@ description: 'Generate test report from junit xml file'
 runs:
   using: "composite"
   steps:
+  - name: Archive code coverage results
+    uses: actions/upload-artifact@v4
+    with:
+      name: ${{github.job}} HTML REPORT
+      path: report.html
   - name: Generate Report
-    uses: dorny/test-reporter@v1
+    uses: dorny/test-reporter@v2
     if: success() || failure()    # run this step even if previous step failed
     with:
       name: ${{github.job}} REPORT   # Name of the check run which will be created

.github/workflows/test-build.yml

@@ -22,7 +22,7 @@ jobs:
       uses: actions/cache@v4
       with:
         path: ~/.cache
-        key: reqs_${{ hashFiles('**/pyproject.toml') }}
+        key: reqs_${{ hashFiles('poetry.lock') }}
         restore-keys: reqs
     - run: |
         mkdir -p ~/.cache/downloads
@@ -31,7 +31,7 @@ jobs:
         mkdir -p ~/.cache/testmon
         rm -rf node_modules  ## TODO remove this later
 
-  addons:
+  addons_and_admin:
     runs-on: ubuntu-22.04
     needs: build-cache
     permissions:
@@ -53,9 +53,9 @@ jobs:
     - uses: actions/checkout@v2
     - uses: ./.github/actions/start-build
     - name: Run tests
-      run: poetry run python3 -m invoke test-ci-addons -n 1 --junit
+      run: poetry run python3 -m invoke test-ci-addons --junit
     - name: Upload report
-      if: (github.event_name != 'pull_request') && (success() || failure())    # run this step even if previous step failed
+      if: (success() || failure())    # run this step even if previous step failed
       uses: ./.github/actions/gen-report
 
   website:
@@ -80,9 +80,9 @@ jobs:
     - uses: actions/checkout@v2
     - uses: ./.github/actions/start-build
     - name: Run tests
-      run: poetry run python3 -m invoke test-ci-website -n 1 --junit
+      run: poetry run python3 -m invoke test-ci-website --junit
     - name: Upload report
-      if: (github.event_name != 'pull_request') && (success() || failure())    # run this step even if previous step failed
+      if: (success() || failure())    # run this step even if previous step failed
       uses: ./.github/actions/gen-report
 
   api1_and_js:
@@ -109,9 +109,9 @@ jobs:
       - name: NVM & yarn install
         run: poetry run python3 -m invoke assets --dev
       - name: Run test
-        run: poetry run python3 -m invoke test-ci-api1-and-js -n 1 --junit
+        run: poetry run python3 -m invoke test-ci-api1-and-js --junit
       - name: Upload report
-        if: (github.event_name != 'pull_request') && (success() || failure())    # run this step even if previous step failed
+        if: (success() || failure())    # run this step even if previous step failed
         uses: ./.github/actions/gen-report
 
   api2:
@@ -136,9 +136,9 @@ jobs:
     - uses: actions/checkout@v2
     - uses: ./.github/actions/start-build
     - name: Run tests
-      run: poetry run python3 -m invoke test-ci-api2 -n 1 --junit
+      run: poetry run python3 -m invoke test-ci-api2 --junit
     - name: Upload report
-      if: (github.event_name != 'pull_request') && (success() || failure())    # run this step even if previous step failed
+      if: (success() || failure())    # run this step even if previous step failed
       uses: ./.github/actions/gen-report
 
   api3_and_osf:
@@ -164,9 +164,9 @@ jobs:
     - uses: actions/checkout@v2
     - uses: ./.github/actions/start-build
     - name: Run tests
-      run: poetry run python3 -m invoke test-ci-api3-and-osf -n 1 --junit
+      run: poetry run python3 -m invoke test-ci-api3-and-osf --junit
     - name: Upload report
-      if: (github.event_name != 'pull_request') && (success() || failure())    # run this step even if previous step failed
+      if: (success() || failure())    # run this step even if previous step failed
       uses: ./.github/actions/gen-report
 
   mailhog:

CHANGELOG

@@ -2,6 +2,16 @@
 
 We follow the CalVer (https://calver.org/) versioning scheme: YY.MINOR.MICRO.
 
+25.12.0 (2025-07-08)
+====================
+
+- Verified Resource Linking project release - BE
+- OSF support for GV session optimization
+- OSF node log for add-ons
+- CI improvements
+- Task routing fixes
+
+
 25.11.1 (2025-07-03)
 ====================
 

admin_tests/nodes/test_views.py

@@ -546,6 +546,7 @@ def setUp(self):
         self.user = AuthUserFactory()
         self.node = ProjectFactory(creator=self.user)
 
+    @pytest.mark.usefixtures('mock_gravy_valet_get_verified_links')
     def test_request_approval_is_approved(self):
         now = timezone.now()
         self.approval = RegistrationApprovalFactory(

admin_tests/registrations/test_registrations.py

@@ -92,12 +92,14 @@ def test_embargoed_registration_from_changed_to_private_project_spam_ham(self, e
         embargoed_registration_from_changed_to_private_project.confirm_ham(save=True)
         assert not embargoed_registration_from_changed_to_private_project.is_public
 
+    @pytest.mark.usefixtures('mock_gravy_valet_get_verified_links')
     def test_public_registration_from_public_project_spam_ham(self, superuser, public_registration_from_public_project):
         public_registration_from_public_project.confirm_spam(save=True)
         assert not public_registration_from_public_project.is_public
         public_registration_from_public_project.confirm_ham(save=True)
         assert public_registration_from_public_project.is_public
 
+    @pytest.mark.usefixtures('mock_gravy_valet_get_verified_links')
     def test_public_registration_from_private_project_spam_ham(self, superuser, public_registration_from_private_project):
         public_registration_from_private_project.confirm_spam(save=True)
         assert not public_registration_from_private_project.is_public
@@ -110,18 +112,21 @@ def test_private_registration_from_private_project_spam_ham(self, superuser, pri
         private_registration_from_public_project.confirm_ham(save=True)
         assert not private_registration_from_public_project.is_public
 
+    @pytest.mark.usefixtures('mock_gravy_valet_get_verified_links')
     def test_public_registration_from_changed_to_public_project_spam_ham(self, superuser, public_registration_from_changed_to_public_project):
         public_registration_from_changed_to_public_project.confirm_spam(save=True)
         assert not public_registration_from_changed_to_public_project.is_public
         public_registration_from_changed_to_public_project.confirm_ham(save=True)
         assert public_registration_from_changed_to_public_project.is_public
 
+    @pytest.mark.usefixtures('mock_gravy_valet_get_verified_links')
     def test_public_registration_from_changed_to_private_project_spam_ham(self, superuser, public_registration_from_changed_to_private_project):
         public_registration_from_changed_to_private_project.confirm_spam(save=True)
         assert not public_registration_from_changed_to_private_project.is_public
         public_registration_from_changed_to_private_project.confirm_ham(save=True)
         assert public_registration_from_changed_to_private_project.is_public
 
+    @pytest.mark.usefixtures('mock_gravy_valet_get_verified_links')
     def test_unapproved_registration_task(self, embargoed_registration_from_changed_to_public_project):
         embargoed_registration_from_changed_to_public_project.registration_approval.state = 'unapproved'
         embargoed_registration_from_changed_to_public_project.registration_approval.initiation_date -= timedelta(3)
@@ -131,6 +136,7 @@ def test_unapproved_registration_task(self, embargoed_registration_from_changed_
         embargoed_registration_from_changed_to_public_project.registration_approval.refresh_from_db()
         assert embargoed_registration_from_changed_to_public_project.registration_approval.state == 'approved'
 
+    @pytest.mark.usefixtures('mock_gravy_valet_get_verified_links')
     def test_unapproved_registration_task_after_spam(self, embargoed_registration_from_changed_to_public_project):
         embargoed_registration_from_changed_to_public_project.registration_approval.state = 'unapproved'
         embargoed_registration_from_changed_to_public_project.registration_approval.initiation_date -= timedelta(3)
@@ -141,6 +147,7 @@ def test_unapproved_registration_task_after_spam(self, embargoed_registration_fr
         embargoed_registration_from_changed_to_public_project.registration_approval.refresh_from_db()
         assert embargoed_registration_from_changed_to_public_project.registration_approval.state == 'unapproved'
 
+    @pytest.mark.usefixtures('mock_gravy_valet_get_verified_links')
     def test_unapproved_registration_task_after_spam_ham(self, embargoed_registration_from_changed_to_public_project):
         embargoed_registration_from_changed_to_public_project.registration_approval.state = 'unapproved'
         embargoed_registration_from_changed_to_public_project.registration_approval.initiation_date -= timedelta(3)

api/share/utils.py

@@ -12,6 +12,7 @@
 from framework.celery_tasks.handlers import enqueue_task
 from framework.encryption import ensure_bytes
 from framework.sentry import log_exception
+from osf.external.gravy_valet.exceptions import GVException
 from osf.metadata.osf_gathering import (
     OsfmapPartition,
     pls_get_magic_metadata_basket,
@@ -78,15 +79,20 @@ def task__update_share(self, guid: str, is_backfill=False, osfmap_partition_name
         raise ValueError(f'unknown osfguid "{guid}"')
     _resource = _osfid_instance.referent
     _is_deletion = _should_delete_indexcard(_resource)
-    _response = (
-        pls_delete_trove_record(_resource, osfmap_partition=_osfmap_partition)
-        if _is_deletion
-        else pls_send_trove_record(
-            _resource,
-            is_backfill=is_backfill,
-            osfmap_partition=_osfmap_partition,
+    try:
+        _response = (
+            pls_delete_trove_record(_resource, osfmap_partition=_osfmap_partition)
+            if _is_deletion
+            else pls_send_trove_record(
+                _resource,
+                is_backfill=is_backfill,
+                osfmap_partition=_osfmap_partition,
+            )
         )
-    )
+    except GVException as e:
+        log_exception(e)
+        raise self.retry(exc=e)
+
     try:
         _response.raise_for_status()
     except Exception as e:

api_tests/identifiers/managment_commands/test_sync_dois.py

@@ -53,6 +53,7 @@ def preprint_identifier(self, preprint):
         identifier.save(update_modified=False)
         return identifier
 
+    @pytest.mark.usefixtures('mock_gravy_valet_get_verified_links')
     @pytest.mark.enable_enqueue_task
     def test_doi_synced_datacite(self, app, registration, registration_identifier, mock_datacite):
         assert registration_identifier.modified.date() < datetime.datetime.now().date()
@@ -66,6 +67,7 @@ def test_doi_synced_datacite(self, app, registration, registration_identifier, m
         registration_identifier.reload()
         assert registration_identifier.modified.date() == datetime.datetime.now().date()
 
+    @pytest.mark.usefixtures('mock_gravy_valet_get_verified_links')
     @pytest.mark.enable_enqueue_task
     def test_doi_synced_crossref(self, app, preprint_identifier, mock_crossref):
         assert preprint_identifier.modified.date() < datetime.datetime.now().date()
@@ -77,6 +79,7 @@ def test_doi_synced_crossref(self, app, preprint_identifier, mock_crossref):
         preprint_identifier.reload()
         assert preprint_identifier.modified.date() == datetime.datetime.now().date()
 
+    @pytest.mark.usefixtures('mock_gravy_valet_get_verified_links')
     @pytest.mark.enable_enqueue_task
     def test_doi_sync_private(self, app, registration_private, registration_identifier, mock_datacite):
 
@@ -91,6 +94,7 @@ def test_doi_sync_private(self, app, registration_private, registration_identifi
         assert registration_identifier.modified.date() < datetime.datetime.now().date()
         assert registration_identifier.modified.date() < datetime.datetime.now().date()
 
+    @pytest.mark.usefixtures('mock_gravy_valet_get_verified_links')
     @pytest.mark.enable_enqueue_task
     def test_doi_sync_public_only(self, app, registration_private, registration_identifier, mock_datacite):
         call_command('sync_doi_metadata', f'-m={datetime.datetime.now()}')

api_tests/identifiers/views/test_identifier_list.py

@@ -475,6 +475,7 @@ def ark_payload(self):
     def client(self, resource):
         return DataCiteClient(resource)
 
+    @pytest.mark.usefixtures('mock_gravy_valet_get_verified_links')
     @responses.activate
     def test_create_identifier(self, app, resource, client, identifier_url, identifier_payload, user,
             write_contributor, read_contributor, ark_payload):

api_tests/metadata_records/test_custom_item_metadata.py

@@ -13,6 +13,7 @@
 
 
 @pytest.mark.usefixtures('with_class_scoped_db')
+@pytest.mark.django_db
 class TestCustomItemMetadataRecordDetail:
     APIV2_PATH = 'custom_item_metadata_records/'
     APIV2_RESOURCE_TYPE = 'custom-item-metadata-record'
@@ -56,19 +57,19 @@ def assert_expected_log(self, osfguid, user, updated_fields):
         return log
 
     @pytest.fixture(scope='class')
-    def user_admin(self):
+    def user_admin(self, _class_scoped_db):
         return AuthUserFactory(username='some admin')
 
     @pytest.fixture(scope='class')
-    def user_readwrite(self):
+    def user_readwrite(self, _class_scoped_db):
         return AuthUserFactory(username='some readwrite')
 
     @pytest.fixture(scope='class')
-    def user_readonly(self):
+    def user_readonly(self, _class_scoped_db):
         return AuthUserFactory(username='some readonly')
 
     @pytest.fixture(scope='class')
-    def user_rando(self):
+    def user_rando(self, _class_scoped_db):
         return AuthUserFactory(username='some rando')
 
     @pytest.fixture(scope='class')