Update conda-store-server image + use public auth_schema module for AuthenticationToken

src/_nebari/constants.py

@@ -16,7 +16,7 @@
 DEFAULT_NEBARI_IMAGE_TAG = CURRENT_RELEASE
 DEFAULT_NEBARI_WORKFLOW_CONTROLLER_IMAGE_TAG = CURRENT_RELEASE
 
-DEFAULT_CONDA_STORE_IMAGE_TAG = "2024.11.2"
+DEFAULT_CONDA_STORE_IMAGE_TAG = "2025.2.1"
 
 LATEST_SUPPORTED_PYTHON_VERSION = "3.10"
 

src/_nebari/stages/kubernetes_services/template/modules/kubernetes/services/conda-store/config/conda_store_config.py

@@ -11,8 +11,8 @@
 
 import requests
 from conda_store_server import api
-from conda_store_server._internal import schema
 from conda_store_server._internal.server.dependencies import get_conda_store
+from conda_store_server.server import schema as auth_schema
 from conda_store_server.server.auth import GenericOAuthAuthentication
 from conda_store_server.storage import S3Storage
 
@@ -357,7 +357,7 @@ def _get_conda_store_client_roles_for_user(
         return client_roles_rich
 
     def _get_current_entity_bindings(self, username):
-        entity = schema.AuthenticationToken(
+        entity = auth_schema.AuthenticationToken(
             primary_namespace=username, role_bindings={}
         )
         self.log.info(f"entity: {entity}")
@@ -387,7 +387,7 @@ async def authenticate(self, request):
 
         # superadmin gets access to everything
         if "conda_store_superadmin" in user_data.get("roles", []):
-            return schema.AuthenticationToken(
+            return auth_schema.AuthenticationToken(
                 primary_namespace=username,
                 role_bindings={"*/*": {"admin"}},
             )
@@ -425,7 +425,7 @@ async def authenticate(self, request):
                 if _namespace is None:
                     api.ensure_namespace(db, name=namespace)
 
-        return schema.AuthenticationToken(
+        return auth_schema.AuthenticationToken(
             primary_namespace=username,
             role_bindings=role_bindings,
         )