mirror of https://github.com/coder/coder.git
chore: Improve project-wide prettier formatting and ignored files (#5505)
* chore: Improve project-wide prettier formatting and ignored files * chore: `Run make fmt/prettier` * Fix gitignore for `.vscode` folder so that ! works * Add comment in `.prettierrc.yaml` to explain `.editorconfig` * Remove scripts/apidocgen/markdown-template/README.md * Use `yq` for processing prettierrc, update lib.sh dependency check * Add `yq` to Dockerfile and Nix
This commit is contained in:
parent
5435bceaf0
commit
856f0ab6f5
|
@ -6,27 +6,27 @@ ENV EDITOR=vim
|
|||
RUN apt-get update && apt-get upgrade --yes
|
||||
|
||||
RUN apt-get install --yes \
|
||||
ca-certificates \
|
||||
bash-completion \
|
||||
build-essential \
|
||||
curl \
|
||||
cmake \
|
||||
direnv \
|
||||
emacs-nox \
|
||||
gnupg \
|
||||
htop \
|
||||
jq \
|
||||
less \
|
||||
lsb-release \
|
||||
lsof \
|
||||
man-db \
|
||||
nano \
|
||||
neovim \
|
||||
ssl-cert \
|
||||
sudo \
|
||||
unzip \
|
||||
xz-utils \
|
||||
zip
|
||||
ca-certificates \
|
||||
bash-completion \
|
||||
build-essential \
|
||||
curl \
|
||||
cmake \
|
||||
direnv \
|
||||
emacs-nox \
|
||||
gnupg \
|
||||
htop \
|
||||
jq \
|
||||
less \
|
||||
lsb-release \
|
||||
lsof \
|
||||
man-db \
|
||||
nano \
|
||||
neovim \
|
||||
ssl-cert \
|
||||
sudo \
|
||||
unzip \
|
||||
xz-utils \
|
||||
zip
|
||||
|
||||
# configure locales to UTF8
|
||||
RUN apt-get install locales && locale-gen en_US.UTF-8
|
||||
|
@ -39,22 +39,22 @@ RUN direnv hook bash >> $HOME/.bashrc
|
|||
RUN sh <(curl -L https://nixos.org/nix/install) --daemon
|
||||
|
||||
RUN mkdir -p $HOME/.config/nix $HOME/.config/nixpkgs \
|
||||
&& echo 'sandbox = false' >> $HOME/.config/nix/nix.conf \
|
||||
&& echo '{ allowUnfree = true; }' >> $HOME/.config/nixpkgs/config.nix \
|
||||
&& echo '. $HOME/.nix-profile/etc/profile.d/nix.sh' >> $HOME/.bashrc
|
||||
&& echo 'sandbox = false' >> $HOME/.config/nix/nix.conf \
|
||||
&& echo '{ allowUnfree = true; }' >> $HOME/.config/nixpkgs/config.nix \
|
||||
&& echo '. $HOME/.nix-profile/etc/profile.d/nix.sh' >> $HOME/.bashrc
|
||||
|
||||
|
||||
# install docker and configure daemon to use vfs as GitHub codespaces requires vfs
|
||||
# https://github.com/moby/moby/issues/13742#issuecomment-725197223
|
||||
RUN mkdir -p /etc/apt/keyrings \
|
||||
&& curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo gpg --dearmor -o /etc/apt/keyrings/docker.gpg \
|
||||
&& echo \
|
||||
"deb [arch=$(dpkg --print-architecture) signed-by=/etc/apt/keyrings/docker.gpg] https://download.docker.com/linux/ubuntu \
|
||||
$(lsb_release -cs) stable" | sudo tee /etc/apt/sources.list.d/docker.list > /dev/null \
|
||||
&& apt-get update \
|
||||
&& apt-get install --yes docker-ce docker-ce-cli containerd.io docker-compose-plugin \
|
||||
&& mkdir -p /etc/docker \
|
||||
&& echo '{"cgroup-parent":"/actions_job","storage-driver":"vfs"}' >> /etc/docker/daemon.json
|
||||
&& curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo gpg --dearmor -o /etc/apt/keyrings/docker.gpg \
|
||||
&& echo \
|
||||
"deb [arch=$(dpkg --print-architecture) signed-by=/etc/apt/keyrings/docker.gpg] https://download.docker.com/linux/ubuntu \
|
||||
$(lsb_release -cs) stable" | sudo tee /etc/apt/sources.list.d/docker.list > /dev/null \
|
||||
&& apt-get update \
|
||||
&& apt-get install --yes docker-ce docker-ce-cli containerd.io docker-compose-plugin \
|
||||
&& mkdir -p /etc/docker \
|
||||
&& echo '{"cgroup-parent":"/actions_job","storage-driver":"vfs"}' >> /etc/docker/daemon.json
|
||||
|
||||
# install golang and language tooling
|
||||
ENV GO_VERSION=1.19
|
||||
|
@ -67,6 +67,7 @@ RUN echo 'export PATH=$GOPATH/bin:$PATH' >> $HOME/.bashrc
|
|||
RUN bash -c ". $HOME/.bashrc \
|
||||
go install -v golang.org/x/tools/gopls@latest \
|
||||
&& go install -v mvdan.cc/sh/v3/cmd/shfmt@latest \
|
||||
&& go install -v github.com/mikefarah/yq/v4@v4.30.6 \
|
||||
"
|
||||
|
||||
# install nodejs
|
||||
|
@ -80,4 +81,3 @@ RUN bash -c "$(curl -fsSL https://raw.githubusercontent.com/horta/zstd.install/m
|
|||
RUN echo 'deb [trusted=yes] https://repo.goreleaser.com/apt/ /' | sudo tee /etc/apt/sources.list.d/goreleaser.list \
|
||||
&& apt update \
|
||||
&& apt install nfpm
|
||||
|
||||
|
|
|
@ -1,18 +1,24 @@
|
|||
// For format details, see https://aka.ms/devcontainer.json
|
||||
{
|
||||
"name": "Development environments on your infrastructure",
|
||||
"name": "Development environments on your infrastructure",
|
||||
|
||||
// Sets the run context to one level up instead of the .devcontainer folder.
|
||||
"context": ".",
|
||||
// Sets the run context to one level up instead of the .devcontainer folder.
|
||||
"context": ".",
|
||||
|
||||
// Update the 'dockerFile' property if you aren't using the standard 'Dockerfile' filename.
|
||||
"dockerFile": "Dockerfile",
|
||||
// Update the 'dockerFile' property if you aren't using the standard 'Dockerfile' filename.
|
||||
"dockerFile": "Dockerfile",
|
||||
|
||||
// Use 'forwardPorts' to make a list of ports inside the container available locally.
|
||||
// "forwardPorts": [],
|
||||
|
||||
"postStartCommand": "dockerd",
|
||||
// Use 'forwardPorts' to make a list of ports inside the container available locally.
|
||||
// "forwardPorts": [],
|
||||
|
||||
// privileged is required by GitHub codespaces - https://github.com/microsoft/vscode-dev-containers/issues/727
|
||||
"runArgs": [ "--cap-add=SYS_PTRACE", "--security-opt", "seccomp=unconfined", "--privileged", "--init" ]
|
||||
"postStartCommand": "dockerd",
|
||||
|
||||
// privileged is required by GitHub codespaces - https://github.com/microsoft/vscode-dev-containers/issues/727
|
||||
"runArgs": [
|
||||
"--cap-add=SYS_PTRACE",
|
||||
"--security-opt",
|
||||
"seccomp=unconfined",
|
||||
"--privileged",
|
||||
"--init"
|
||||
]
|
||||
}
|
||||
|
|
|
@ -7,7 +7,7 @@ trim_trailing_whitespace = true
|
|||
insert_final_newline = true
|
||||
indent_style = tab
|
||||
|
||||
[*.{md,json,yaml,yml,tf,tfvars}]
|
||||
[*.{md,json,yaml,yml,tf,tfvars,nix}]
|
||||
indent_style = space
|
||||
indent_size = 2
|
||||
|
||||
|
|
|
@ -38,7 +38,7 @@ updates:
|
|||
# Ignore patch updates for all dependencies
|
||||
- dependency-name: "*"
|
||||
update-types:
|
||||
- version-update:semver-patch
|
||||
- version-update:semver-patch
|
||||
|
||||
- package-ecosystem: "npm"
|
||||
directory: "/site/"
|
||||
|
@ -53,7 +53,7 @@ updates:
|
|||
# Ignore patch updates for all dependencies
|
||||
- dependency-name: "*"
|
||||
update-types:
|
||||
- version-update:semver-patch
|
||||
- version-update:semver-patch
|
||||
# Ignore major updates to Node.js types, because they need to
|
||||
# correspond to the Node.js engine version
|
||||
- dependency-name: "@types/node"
|
||||
|
|
|
@ -3,7 +3,7 @@ on:
|
|||
issue_comment:
|
||||
types: [created]
|
||||
pull_request_target:
|
||||
types: [opened,closed,synchronize]
|
||||
types: [opened, closed, synchronize]
|
||||
|
||||
jobs:
|
||||
CLAssistant:
|
||||
|
@ -15,12 +15,12 @@ jobs:
|
|||
env:
|
||||
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
|
||||
# the below token should have repo scope and must be manually added by you in the repository's secret
|
||||
PERSONAL_ACCESS_TOKEN : ${{ secrets.CDRCOMMUNITY_GITHUB_TOKEN }}
|
||||
PERSONAL_ACCESS_TOKEN: ${{ secrets.CDRCOMMUNITY_GITHUB_TOKEN }}
|
||||
with:
|
||||
remote-organization-name: 'coder'
|
||||
remote-repository-name: 'cla'
|
||||
path-to-signatures: 'v2022-09-04/signatures.json'
|
||||
path-to-document: 'https://github.com/coder/cla/blob/main/README.md'
|
||||
remote-organization-name: "coder"
|
||||
remote-repository-name: "cla"
|
||||
path-to-signatures: "v2022-09-04/signatures.json"
|
||||
path-to-document: "https://github.com/coder/cla/blob/main/README.md"
|
||||
# branch should not be protected
|
||||
branch: 'main'
|
||||
branch: "main"
|
||||
allowlist: dependabot*
|
||||
|
|
|
@ -222,6 +222,8 @@ jobs:
|
|||
run: go install storj.io/drpc/cmd/protoc-gen-go-drpc@v0.0.26
|
||||
- name: Install goimports
|
||||
run: go install golang.org/x/tools/cmd/goimports@latest
|
||||
- name: Install yq
|
||||
run: go run github.com/mikefarah/yq/v4@v4.30.6
|
||||
|
||||
- name: Install Protoc
|
||||
run: |
|
||||
|
@ -736,18 +738,18 @@ jobs:
|
|||
markdown-link-check:
|
||||
runs-on: ubuntu-latest
|
||||
steps:
|
||||
- uses: actions/checkout@master
|
||||
# For the main branch:
|
||||
- if: github.ref == 'refs/heads/main' && !github.event.pull_request.head.repo.fork
|
||||
uses: gaurav-nelson/github-action-markdown-link-check@v1
|
||||
with:
|
||||
- uses: actions/checkout@master
|
||||
# For the main branch:
|
||||
- if: github.ref == 'refs/heads/main' && !github.event.pull_request.head.repo.fork
|
||||
uses: gaurav-nelson/github-action-markdown-link-check@v1
|
||||
with:
|
||||
use-quiet-mode: yes
|
||||
use-verbose-mode: yes
|
||||
config-file: .github/workflows/mlc_config.json
|
||||
# For pull requests:
|
||||
- if: github.ref != 'refs/heads/main' || github.event.pull_request.head.repo.fork
|
||||
uses: gaurav-nelson/github-action-markdown-link-check@v1
|
||||
with:
|
||||
# For pull requests:
|
||||
- if: github.ref != 'refs/heads/main' || github.event.pull_request.head.repo.fork
|
||||
uses: gaurav-nelson/github-action-markdown-link-check@v1
|
||||
with:
|
||||
use-quiet-mode: yes
|
||||
use-verbose-mode: yes
|
||||
check-modified-files-only: yes
|
||||
|
|
|
@ -1,22 +1,22 @@
|
|||
{
|
||||
"ignorePatterns": [
|
||||
{
|
||||
"pattern": ":\/\/localhost"
|
||||
},
|
||||
{
|
||||
"pattern": ":\/\/.*.?example\\.com"
|
||||
},
|
||||
{
|
||||
"pattern": "developer.github.com"
|
||||
},
|
||||
{
|
||||
"pattern": "docs.github.com"
|
||||
},
|
||||
{
|
||||
"pattern": "support.google.com"
|
||||
},
|
||||
{
|
||||
"pattern": "tailscale.com"
|
||||
}
|
||||
]
|
||||
"ignorePatterns": [
|
||||
{
|
||||
"pattern": "://localhost"
|
||||
},
|
||||
{
|
||||
"pattern": "://.*.?example\\.com"
|
||||
},
|
||||
{
|
||||
"pattern": "developer.github.com"
|
||||
},
|
||||
{
|
||||
"pattern": "docs.github.com"
|
||||
},
|
||||
{
|
||||
"pattern": "support.google.com"
|
||||
},
|
||||
{
|
||||
"pattern": "tailscale.com"
|
||||
}
|
||||
]
|
||||
}
|
||||
|
|
|
@ -176,7 +176,7 @@ jobs:
|
|||
service_account: ${{ secrets.GCP_SERVICE_ACCOUNT }}
|
||||
|
||||
- name: Setup GCloud SDK
|
||||
uses: 'google-github-actions/setup-gcloud@v1'
|
||||
uses: "google-github-actions/setup-gcloud@v1"
|
||||
|
||||
- name: Publish Helm Chart
|
||||
run: |
|
||||
|
|
|
@ -15,8 +15,8 @@ jobs:
|
|||
# https://github.com/actions/stale/pull/775
|
||||
- uses: actions/stale@v6.0.0
|
||||
with:
|
||||
stale-issue-label: 'stale'
|
||||
stale-pr-label: 'stale'
|
||||
stale-issue-label: "stale"
|
||||
stale-pr-label: "stale"
|
||||
# Pull Requests become stale more quickly due to merge conflicts.
|
||||
# Also, we promote minimizing WIP.
|
||||
days-before-pr-stale: 7
|
||||
|
|
|
@ -11,8 +11,8 @@ jobs:
|
|||
- uses: wow-actions/welcome@v1
|
||||
with:
|
||||
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
|
||||
FIRST_PR_REACTIONS: '+1, hooray, rocket, heart'
|
||||
FIRST_PR_REACTIONS: "+1, hooray, rocket, heart"
|
||||
FIRST_PR_COMMENT: |
|
||||
👋 Welcome @{{ author }} to Coder! Yo @coder/docs this is @{{ author }}'s first pull-request here!
|
||||
👋 Welcome @{{ author }} to Coder! Yo @coder/docs this is @{{ author }}'s first pull-request here!
|
||||
FIRST_PR_MERGED: |
|
||||
🎉 Thanks for the contribution @{{ author }}! Yo @coder/docs @{{ author }}'s first contribution has been merged! 👀👀👀
|
||||
|
|
|
@ -1,40 +1,33 @@
|
|||
###############################################################################
|
||||
# NOTICE #
|
||||
# If you change this file, kindly copy-pasta your change into .prettierignore #
|
||||
# and .eslintignore as well. See the following discussions to understand why #
|
||||
# we have to resort to this duplication (at least for now): #
|
||||
# #
|
||||
# https://github.com/prettier/prettier/issues/8048 #
|
||||
# https://github.com/prettier/prettier/issues/8506 #
|
||||
# https://github.com/prettier/prettier/issues/8679 #
|
||||
###############################################################################
|
||||
|
||||
node_modules
|
||||
vendor
|
||||
# Common ignore patterns, these rules applies in both root and subdirectories.
|
||||
.DS_Store
|
||||
.eslintcache
|
||||
yarn-error.log
|
||||
.gitpod.yml
|
||||
.idea
|
||||
**/*.swp
|
||||
gotests.coverage
|
||||
gotests.xml
|
||||
gotestsum.json
|
||||
.idea
|
||||
.gitpod.yml
|
||||
.DS_Store
|
||||
node_modules/
|
||||
vendor/
|
||||
yarn-error.log
|
||||
|
||||
# VSCode settings.
|
||||
**/.vscode/*
|
||||
# Allow VSCode recommendations and default settings in project root.
|
||||
!/.vscode/extensions.json
|
||||
!/.vscode/settings.json
|
||||
|
||||
# Front-end ignore patterns.
|
||||
.next/
|
||||
site/**/*.typegen.ts
|
||||
site/build-storybook.log
|
||||
site/coverage/
|
||||
site/storybook-static/
|
||||
site/test-results/
|
||||
|
||||
# Make target for updating golden files.
|
||||
cli/testdata/.gen-golden
|
||||
|
||||
# Front-end ignore
|
||||
.next/
|
||||
site/.eslintcache
|
||||
site/.next/
|
||||
site/node_modules/
|
||||
site/storybook-static/
|
||||
site/test-results/
|
||||
site/yarn-error.log
|
||||
coverage/
|
||||
site/**/*.typegen.ts
|
||||
site/build-storybook.log
|
||||
|
||||
# Build
|
||||
/build/
|
||||
/dist/
|
||||
|
@ -46,10 +39,7 @@ site/out/
|
|||
*.lock.hcl
|
||||
.terraform/
|
||||
|
||||
.vscode/*.log
|
||||
.vscode/launch.json
|
||||
**/*.swp
|
||||
.coderv2/*
|
||||
/.coderv2/*
|
||||
**/__debug_bin
|
||||
|
||||
# direnv
|
||||
|
|
|
@ -103,7 +103,7 @@ linters-settings:
|
|||
settings:
|
||||
ruleguard:
|
||||
failOn: all
|
||||
rules: '${configDir}/scripts/rules.go'
|
||||
rules: "${configDir}/scripts/rules.go"
|
||||
|
||||
staticcheck:
|
||||
# https://staticcheck.io/docs/options#checks
|
||||
|
|
|
@ -0,0 +1,60 @@
|
|||
# Code generated by Makefile (.gitignore .prettierignore.include). DO NOT EDIT.
|
||||
|
||||
# .gitignore:
|
||||
# Common ignore patterns, these rules applies in both root and subdirectories.
|
||||
.DS_Store
|
||||
.eslintcache
|
||||
.gitpod.yml
|
||||
.idea
|
||||
**/*.swp
|
||||
gotests.coverage
|
||||
gotests.xml
|
||||
gotestsum.json
|
||||
node_modules/
|
||||
vendor/
|
||||
yarn-error.log
|
||||
|
||||
# VSCode settings.
|
||||
**/.vscode/*
|
||||
# Allow VSCode recommendations and default settings in project root.
|
||||
!/.vscode/extensions.json
|
||||
!/.vscode/settings.json
|
||||
|
||||
# Front-end ignore patterns.
|
||||
.next/
|
||||
site/**/*.typegen.ts
|
||||
site/build-storybook.log
|
||||
site/coverage/
|
||||
site/storybook-static/
|
||||
site/test-results/
|
||||
|
||||
# Make target for updating golden files.
|
||||
cli/testdata/.gen-golden
|
||||
|
||||
# Build
|
||||
/build/
|
||||
/dist/
|
||||
site/out/
|
||||
|
||||
*.tfstate
|
||||
*.tfstate.backup
|
||||
*.tfplan
|
||||
*.lock.hcl
|
||||
.terraform/
|
||||
|
||||
/.coderv2/*
|
||||
**/__debug_bin
|
||||
|
||||
# direnv
|
||||
.envrc
|
||||
# .prettierignore.include:
|
||||
# Helm templates contain variables that are invalid YAML and can't be formatted
|
||||
# by Prettier.
|
||||
helm/templates/*.yaml
|
||||
|
||||
# Terraform state files used in tests, these are automatically generated.
|
||||
# Example: provisioner/terraform/testdata/instance-id/instance-id.tfstate.json
|
||||
**/testdata/**/*.tf*.json
|
||||
|
||||
# Testdata shouldn't be formatted.
|
||||
scripts/apitypings/testdata/**/*.ts
|
|
@ -0,0 +1,10 @@
|
|||
# Helm templates contain variables that are invalid YAML and can't be formatted
|
||||
# by Prettier.
|
||||
helm/templates/*.yaml
|
||||
|
||||
# Terraform state files used in tests, these are automatically generated.
|
||||
# Example: provisioner/terraform/testdata/instance-id/instance-id.tfstate.json
|
||||
**/testdata/**/*.tf*.json
|
||||
|
||||
# Testdata shouldn't be formatted.
|
||||
scripts/apitypings/testdata/**/*.ts
|
|
@ -0,0 +1,16 @@
|
|||
# This config file is used in conjunction with `.editorconfig` to specify
|
||||
# formatting for prettier-supported files. See `.editorconfig` and
|
||||
# `site/.editorconfig`for whitespace formatting options.
|
||||
printWidth: 80
|
||||
semi: false
|
||||
trailingComma: all
|
||||
overrides:
|
||||
- files:
|
||||
- README.md
|
||||
options:
|
||||
proseWrap: preserve
|
||||
- files:
|
||||
- "site/**/*.yaml"
|
||||
- "site/**/*.yml"
|
||||
options:
|
||||
proseWrap: always
|
91
Makefile
91
Makefile
|
@ -369,9 +369,9 @@ fmt/prettier:
|
|||
cd site
|
||||
# Avoid writing files in CI to reduce file write activity
|
||||
ifdef CI
|
||||
yarn run format:check . ../*.md ../docs
|
||||
yarn run format:check
|
||||
else
|
||||
yarn run format:write . ../*.md ../docs
|
||||
yarn run format:write
|
||||
endif
|
||||
.PHONY: fmt/prettier
|
||||
|
||||
|
@ -411,13 +411,31 @@ gen: \
|
|||
provisionerd/proto/provisionerd.pb.go \
|
||||
site/src/api/typesGenerated.ts \
|
||||
docs/admin/prometheus.md \
|
||||
coderd/apidoc/swagger.json
|
||||
coderd/apidoc/swagger.json \
|
||||
.prettierignore.include \
|
||||
.prettierignore \
|
||||
site/.prettierrc.yaml \
|
||||
site/.prettierignore \
|
||||
site/.eslintignore
|
||||
.PHONY: gen
|
||||
|
||||
# Mark all generated files as fresh so make thinks they're up-to-date. This is
|
||||
# used during releases so we don't run generation scripts.
|
||||
gen/mark-fresh:
|
||||
files="coderd/database/dump.sql coderd/database/querier.go provisionersdk/proto/provisioner.pb.go provisionerd/proto/provisionerd.pb.go site/src/api/typesGenerated.ts docs/admin/prometheus.md coderd/apidoc/swagger.json"
|
||||
files="\
|
||||
coderd/database/dump.sql \
|
||||
coderd/database/querier.go \
|
||||
provisionersdk/proto/provisioner.pb.go \
|
||||
provisionerd/proto/provisionerd.pb.go \
|
||||
site/src/api/typesGenerated.ts \
|
||||
docs/admin/prometheus.md \
|
||||
coderd/apidoc/swagger.json \
|
||||
.prettierignore.include \
|
||||
.prettierignore \
|
||||
site/.prettierrc.yaml \
|
||||
site/.prettierignore \
|
||||
site/.eslintignore \
|
||||
"
|
||||
for file in $$files; do
|
||||
echo "$$file"
|
||||
if [ ! -f "$$file" ]; then
|
||||
|
@ -463,21 +481,80 @@ site/src/api/typesGenerated.ts: scripts/apitypings/main.go $(shell find ./coders
|
|||
docs/admin/prometheus.md: scripts/metricsdocgen/main.go scripts/metricsdocgen/metrics
|
||||
go run scripts/metricsdocgen/main.go
|
||||
cd site
|
||||
yarn run format:write ../docs/admin/prometheus.md
|
||||
yarn run format:write:only ../docs/admin/prometheus.md
|
||||
|
||||
coderd/apidoc/swagger.json: $(shell find ./scripts/apidocgen -not \( -path './scripts/apidocgen/node_modules' -prune \) -type f) $(wildcard coderd/*.go) $(wildcard codersdk/*.go)
|
||||
./scripts/apidocgen/generate.sh
|
||||
cd site
|
||||
yarn run format:write ../docs/api ../docs/manifest.json ../coderd/apidoc/swagger.json
|
||||
yarn run format:write:only ../docs/api ../docs/manifest.json ../coderd/apidoc/swagger.json
|
||||
|
||||
update-golden-files: cli/testdata/.gen-golden
|
||||
.PHONY: update-golden-files
|
||||
|
||||
cli/testdata/.gen-golden: $(wildcard cli/testdata/*.golden) $(GO_SRC_FILES)
|
||||
|
||||
go test ./cli -run=TestCommandHelp -update
|
||||
touch "$@"
|
||||
|
||||
# Generate a prettierrc for the site package that uses relative paths for
|
||||
# overrides. This allows us to share the same prettier config between the
|
||||
# site and the root of the repo.
|
||||
site/.prettierrc.yaml: .prettierrc.yaml
|
||||
. ./scripts/lib.sh
|
||||
dependencies yq
|
||||
|
||||
echo "# Code generated by Makefile (../$<). DO NOT EDIT." > "$@"
|
||||
echo "" >> "$@"
|
||||
|
||||
# Replace all listed override files with relative paths inside site/.
|
||||
# - ./ -> ../
|
||||
# - ./site -> ./
|
||||
yq \
|
||||
'.overrides[].files |= map(. | sub("^./"; "") | sub("^"; "../") | sub("../site/"; "./"))' \
|
||||
"$<" >> "$@"
|
||||
|
||||
# Combine .gitignore with .prettierignore.include to generate .prettierignore.
|
||||
.prettierignore: .gitignore .prettierignore.include
|
||||
echo "# Code generated by Makefile ($^). DO NOT EDIT." > "$@"
|
||||
echo "" >> "$@"
|
||||
for f in $^; do
|
||||
echo "# $${f}:" >> "$@"
|
||||
cat "$$f" >> "$@"
|
||||
done
|
||||
|
||||
# Generate ignore files based on gitignore into the site directory. We turn all
|
||||
# rules into relative paths for the `site/` directory (where applicable),
|
||||
# following the pattern format defined by git:
|
||||
# https://git-scm.com/docs/gitignore#_pattern_format
|
||||
#
|
||||
# This is done for compatibility reasons, see:
|
||||
# https://github.com/prettier/prettier/issues/8048
|
||||
# https://github.com/prettier/prettier/issues/8506
|
||||
# https://github.com/prettier/prettier/issues/8679
|
||||
site/.eslintignore site/.prettierignore: .prettierignore Makefile
|
||||
rm -f "$@"
|
||||
touch "$@"
|
||||
# Skip generated by header, inherit `.prettierignore` header as-is.
|
||||
while read -r rule; do
|
||||
# Remove leading ! if present to simplify rule, added back at the end.
|
||||
tmp="$${rule#!}"
|
||||
ignore="$${rule%"$$tmp"}"
|
||||
rule="$$tmp"
|
||||
case "$$rule" in
|
||||
# Comments or empty lines (include).
|
||||
\#*|'') ;;
|
||||
# Generic rules (include).
|
||||
\*\**) ;;
|
||||
# Site prefixed rules (include).
|
||||
site/*) rule="$${rule#site/}";;
|
||||
./site/*) rule="$${rule#./site/}";;
|
||||
# Rules that are non-generic and don't start with site (rewrite).
|
||||
/*) rule=.."$$rule";;
|
||||
*/?*) rule=../"$$rule";;
|
||||
*) ;;
|
||||
esac
|
||||
echo "$${ignore}$${rule}" >> "$@"
|
||||
done < "$<"
|
||||
|
||||
test: test-clean
|
||||
gotestsum --debug -- -v -short ./...
|
||||
.PHONY: test
|
||||
|
|
|
@ -9,7 +9,7 @@ gitauth:
|
|||
|
||||
# Multiple providers are an Enterprise feature.
|
||||
# Contact sales@coder.com for a license.
|
||||
#
|
||||
#
|
||||
# If multiple providers are used, a unique "id"
|
||||
# must be provided for each one.
|
||||
# - id: example
|
||||
|
|
|
@ -5,7 +5,8 @@ Package `authz` implements AuthoriZation for Coder.
|
|||
## Overview
|
||||
|
||||
Authorization defines what **permission** a **subject** has to perform **actions** to **objects**:
|
||||
- **Permission** is binary: *yes* (allowed) or *no* (denied).
|
||||
|
||||
- **Permission** is binary: _yes_ (allowed) or _no_ (denied).
|
||||
- **Subject** in this case is anything that implements interface `authz.Subject`.
|
||||
- **Action** here is an enumerated list of actions, but we stick to `Create`, `Read`, `Update`, and `Delete` here.
|
||||
- **Object** here is anything that implements `authz.Object`.
|
||||
|
@ -22,6 +23,7 @@ A **permission** is always applied at a given **level**:
|
|||
**Permissions** at a higher **level** always override permissions at a **lower** level.
|
||||
|
||||
The effect of a **permission** can be:
|
||||
|
||||
- **positive** (allows)
|
||||
- **negative** (denies)
|
||||
- **abstain** (neither allows or denies, not applicable)
|
||||
|
@ -29,15 +31,14 @@ The effect of a **permission** can be:
|
|||
**Negative** permissions **always** override **positive** permissions at the same level.
|
||||
Both **negative** and **positive** permissions override **abstain** at the same level.
|
||||
|
||||
This can be represented by the following truth table, where Y represents *positive*, N represents *negative*, and _ represents *abstain*:
|
||||
This can be represented by the following truth table, where Y represents _positive_, N represents _negative_, and \_ represents _abstain_:
|
||||
|
||||
| Action | Positive | Negative | Result |
|
||||
|--------|----------|----------|--------|
|
||||
| read | Y | _ | Y |
|
||||
| ------ | -------- | -------- | ------ |
|
||||
| read | Y | \_ | Y |
|
||||
| read | Y | N | N |
|
||||
| read | _ | _ | _ |
|
||||
| read | _ | N | Y |
|
||||
|
||||
| read | \_ | \_ | \_ |
|
||||
| read | \_ | N | Y |
|
||||
|
||||
## Permission Representation
|
||||
|
||||
|
@ -56,18 +57,17 @@ This can be represented by the following truth table, where Y represents *positi
|
|||
|
||||
## Roles
|
||||
|
||||
A *role* is a set of permissions. When evaluating a role's permission to form an action, all the relevant permissions for the role are combined at each level. Permissions at a higher level override permissions at a lower level.
|
||||
A _role_ is a set of permissions. When evaluating a role's permission to form an action, all the relevant permissions for the role are combined at each level. Permissions at a higher level override permissions at a lower level.
|
||||
|
||||
The following table shows the per-level role evaluation.
|
||||
Y indicates that the role provides positive permissions, N indicates the role provides negative permissions, and _ indicates the role does not provide positive or negative permissions. YN_ indicates that the value in the cell does not matter for the access result.
|
||||
|
||||
| Role (example) | Site | Org | User | Result |
|
||||
|-----------------|------|-----|------|--------|
|
||||
| site-admin | Y | YN_ | YN_ | Y |
|
||||
| no-permission | N | YN_ | YN_ | N |
|
||||
| org-admin | _ | Y | YN_ | Y |
|
||||
| non-org-member | _ | N | YN_ | N |
|
||||
| user | _ | _ | Y | Y |
|
||||
| | _ | _ | N | N |
|
||||
| unauthenticated | _ | _ | _ | N |
|
||||
|
||||
| Role (example) | Site | Org | User | Result |
|
||||
| --------------- | ---- | ---- | ---- | ------ |
|
||||
| site-admin | Y | YN\_ | YN\_ | Y |
|
||||
| no-permission | N | YN\_ | YN\_ | N |
|
||||
| org-admin | \_ | Y | YN\_ | Y |
|
||||
| non-org-member | \_ | N | YN\_ | N |
|
||||
| user | \_ | \_ | Y | Y |
|
||||
| | \_ | \_ | N | N |
|
||||
| unauthenticated | \_ | \_ | \_ | N |
|
||||
|
|
|
@ -13,8 +13,8 @@ RUN mkdir --parents /usr/local/go
|
|||
|
||||
# Boring Go is needed to build FIPS-compliant binaries.
|
||||
RUN curl --silent --show-error --location \
|
||||
"https://go.dev/dl/go${GO_VERSION}.linux-amd64.tar.gz" \
|
||||
-o /usr/local/go.tar.gz
|
||||
"https://go.dev/dl/go${GO_VERSION}.linux-amd64.tar.gz" \
|
||||
-o /usr/local/go.tar.gz
|
||||
|
||||
RUN tar --extract --gzip --directory=/usr/local/go --file=/usr/local/go.tar.gz --strip-components=1
|
||||
|
||||
|
@ -23,52 +23,56 @@ ENV PATH=$PATH:/usr/local/go/bin
|
|||
# Install Go utilities.
|
||||
ARG GOPATH="/tmp/"
|
||||
RUN mkdir --parents "$GOPATH" && \
|
||||
# moq for Go tests.
|
||||
go install github.com/matryer/moq@v0.2.3 && \
|
||||
# swag for Swagger doc generation
|
||||
go install github.com/swaggo/swag/cmd/swag@v1.7.4 && \
|
||||
# go-swagger tool to generate the go coder api client
|
||||
go install github.com/go-swagger/go-swagger/cmd/swagger@v0.28.0 && \
|
||||
# goimports for updating imports
|
||||
go install golang.org/x/tools/cmd/goimports@v0.1.7 && \
|
||||
# protoc-gen-go is needed to build sysbox from source
|
||||
go install google.golang.org/protobuf/cmd/protoc-gen-go@v1.26 && \
|
||||
# drpc support for v2
|
||||
go install storj.io/drpc/cmd/protoc-gen-go-drpc@v0.0.26 && \
|
||||
# migrate for migration support for v2
|
||||
go install github.com/golang-migrate/migrate/v4/cmd/migrate@v4.15.1 && \
|
||||
# goreleaser for compiling v2 binaries
|
||||
go install github.com/goreleaser/goreleaser@v1.6.1 && \
|
||||
# Install the latest version of gopls for editors that support
|
||||
# the language server protocol
|
||||
go install golang.org/x/tools/gopls@latest && \
|
||||
# gotestsum makes test output more readable
|
||||
go install gotest.tools/gotestsum@v1.7.0 && \
|
||||
# goveralls collects code coverage metrics from tests
|
||||
# and sends to Coveralls
|
||||
go install github.com/mattn/goveralls@v0.0.11 && \
|
||||
# kind for running Kubernetes-in-Docker, needed for tests
|
||||
go install sigs.k8s.io/kind@v0.10.0 && \
|
||||
# helm-docs generates our Helm README based on a template and the
|
||||
# charts and values files
|
||||
go install github.com/norwoodj/helm-docs/cmd/helm-docs@v1.5.0 && \
|
||||
# sqlc for Go code generation
|
||||
go install github.com/kyleconroy/sqlc/cmd/sqlc@v1.10.0 && \
|
||||
# gcr-cleaner-cli used by CI to prune unused images
|
||||
go install github.com/sethvargo/gcr-cleaner/cmd/gcr-cleaner-cli@v0.5.1 && \
|
||||
# ruleguard for checking custom rules, without needing to run all of
|
||||
# golangci-lint. Check the go.mod in the release of golangci-lint that
|
||||
# we're using for the version of go-critic that it embeds, then check
|
||||
# the version of ruleguard in go-critic for that tag.
|
||||
go install github.com/quasilyte/go-ruleguard/cmd/ruleguard@v0.3.13 && \
|
||||
# go-fuzz for fuzzy testing. they don't publish releases so we rely on latest.
|
||||
go install github.com/dvyukov/go-fuzz/go-fuzz@latest && \
|
||||
go install github.com/dvyukov/go-fuzz/go-fuzz-build@latest && \
|
||||
# go-releaser for building 'fat binaries' that work cross-platform
|
||||
go install github.com/goreleaser/goreleaser@v1.6.1 && \
|
||||
go install mvdan.cc/sh/v3/cmd/shfmt@latest && \
|
||||
# nfpm is used with `make build` to make release packages
|
||||
go install github.com/goreleaser/nfpm/v2/cmd/nfpm@v2.16.0
|
||||
# moq for Go tests.
|
||||
go install github.com/matryer/moq@v0.2.3 && \
|
||||
# swag for Swagger doc generation
|
||||
go install github.com/swaggo/swag/cmd/swag@v1.7.4 && \
|
||||
# go-swagger tool to generate the go coder api client
|
||||
go install github.com/go-swagger/go-swagger/cmd/swagger@v0.28.0 && \
|
||||
# goimports for updating imports
|
||||
go install golang.org/x/tools/cmd/goimports@v0.1.7 && \
|
||||
# protoc-gen-go is needed to build sysbox from source
|
||||
go install google.golang.org/protobuf/cmd/protoc-gen-go@v1.26 && \
|
||||
# drpc support for v2
|
||||
go install storj.io/drpc/cmd/protoc-gen-go-drpc@v0.0.26 && \
|
||||
# migrate for migration support for v2
|
||||
go install github.com/golang-migrate/migrate/v4/cmd/migrate@v4.15.1 && \
|
||||
# goreleaser for compiling v2 binaries
|
||||
go install github.com/goreleaser/goreleaser@v1.6.1 && \
|
||||
# Install the latest version of gopls for editors that support
|
||||
# the language server protocol
|
||||
go install golang.org/x/tools/gopls@latest && \
|
||||
# gotestsum makes test output more readable
|
||||
go install gotest.tools/gotestsum@v1.7.0 && \
|
||||
# goveralls collects code coverage metrics from tests
|
||||
# and sends to Coveralls
|
||||
go install github.com/mattn/goveralls@v0.0.11 && \
|
||||
# kind for running Kubernetes-in-Docker, needed for tests
|
||||
go install sigs.k8s.io/kind@v0.10.0 && \
|
||||
# helm-docs generates our Helm README based on a template and the
|
||||
# charts and values files
|
||||
go install github.com/norwoodj/helm-docs/cmd/helm-docs@v1.5.0 && \
|
||||
# sqlc for Go code generation
|
||||
go install github.com/kyleconroy/sqlc/cmd/sqlc@v1.10.0 && \
|
||||
# gcr-cleaner-cli used by CI to prune unused images
|
||||
go install github.com/sethvargo/gcr-cleaner/cmd/gcr-cleaner-cli@v0.5.1 && \
|
||||
# ruleguard for checking custom rules, without needing to run all of
|
||||
# golangci-lint. Check the go.mod in the release of golangci-lint that
|
||||
# we're using for the version of go-critic that it embeds, then check
|
||||
# the version of ruleguard in go-critic for that tag.
|
||||
go install github.com/quasilyte/go-ruleguard/cmd/ruleguard@v0.3.13 && \
|
||||
# go-fuzz for fuzzy testing. they don't publish releases so we rely on latest.
|
||||
go install github.com/dvyukov/go-fuzz/go-fuzz@latest && \
|
||||
go install github.com/dvyukov/go-fuzz/go-fuzz-build@latest && \
|
||||
# go-releaser for building 'fat binaries' that work cross-platform
|
||||
go install github.com/goreleaser/goreleaser@v1.6.1 && \
|
||||
go install mvdan.cc/sh/v3/cmd/shfmt@latest && \
|
||||
# nfpm is used with `make build` to make release packages
|
||||
go install github.com/goreleaser/nfpm/v2/cmd/nfpm@v2.16.0 && \
|
||||
# yq v4 is used to process yaml files in coder v2. Conflicts with
|
||||
# yq v3 used in v1.
|
||||
go install github.com/mikefarah/yq/v4@v4.30.6 && \
|
||||
mv /tmp/bin/yq /tmp/bin/yq4
|
||||
|
||||
FROM alpine:3.16 as proto
|
||||
WORKDIR /tmp
|
||||
|
@ -92,176 +96,176 @@ COPY files /
|
|||
ARG DEBIAN_FRONTEND="noninteractive"
|
||||
|
||||
RUN apt-get update --quiet && apt-get install --yes \
|
||||
apt-transport-https \
|
||||
apt-utils \
|
||||
bash \
|
||||
bash-completion \
|
||||
bats \
|
||||
bind9-dnsutils \
|
||||
build-essential \
|
||||
ca-certificates \
|
||||
cmake \
|
||||
crypto-policies \
|
||||
curl \
|
||||
fd-find \
|
||||
file \
|
||||
git \
|
||||
gnupg \
|
||||
graphviz \
|
||||
htop \
|
||||
httpie \
|
||||
inetutils-tools \
|
||||
iproute2 \
|
||||
iputils-ping \
|
||||
iputils-tracepath \
|
||||
jq \
|
||||
language-pack-en \
|
||||
less \
|
||||
lsb-release \
|
||||
man \
|
||||
meld \
|
||||
net-tools \
|
||||
openjdk-11-jdk-headless \
|
||||
openssh-server \
|
||||
openssl \
|
||||
pkg-config \
|
||||
python3 \
|
||||
python3-pip \
|
||||
rsync \
|
||||
shellcheck \
|
||||
strace \
|
||||
sudo \
|
||||
tcptraceroute \
|
||||
termshark \
|
||||
traceroute \
|
||||
vim \
|
||||
wget \
|
||||
xauth \
|
||||
zip \
|
||||
ncdu \
|
||||
cargo \
|
||||
asciinema \
|
||||
zsh \
|
||||
ansible \
|
||||
neovim \
|
||||
google-cloud-sdk \
|
||||
google-cloud-sdk-datastore-emulator \
|
||||
kubectl \
|
||||
postgresql-13 \
|
||||
containerd.io \
|
||||
docker-ce \
|
||||
docker-ce-cli \
|
||||
packer \
|
||||
terraform \
|
||||
fish \
|
||||
unzip \
|
||||
zstd && \
|
||||
# Delete package cache to avoid consuming space in layer
|
||||
apt-get clean && \
|
||||
# Configure FIPS-compliant policies
|
||||
update-crypto-policies --set FIPS
|
||||
apt-transport-https \
|
||||
apt-utils \
|
||||
bash \
|
||||
bash-completion \
|
||||
bats \
|
||||
bind9-dnsutils \
|
||||
build-essential \
|
||||
ca-certificates \
|
||||
cmake \
|
||||
crypto-policies \
|
||||
curl \
|
||||
fd-find \
|
||||
file \
|
||||
git \
|
||||
gnupg \
|
||||
graphviz \
|
||||
htop \
|
||||
httpie \
|
||||
inetutils-tools \
|
||||
iproute2 \
|
||||
iputils-ping \
|
||||
iputils-tracepath \
|
||||
jq \
|
||||
language-pack-en \
|
||||
less \
|
||||
lsb-release \
|
||||
man \
|
||||
meld \
|
||||
net-tools \
|
||||
openjdk-11-jdk-headless \
|
||||
openssh-server \
|
||||
openssl \
|
||||
pkg-config \
|
||||
python3 \
|
||||
python3-pip \
|
||||
rsync \
|
||||
shellcheck \
|
||||
strace \
|
||||
sudo \
|
||||
tcptraceroute \
|
||||
termshark \
|
||||
traceroute \
|
||||
vim \
|
||||
wget \
|
||||
xauth \
|
||||
zip \
|
||||
ncdu \
|
||||
cargo \
|
||||
asciinema \
|
||||
zsh \
|
||||
ansible \
|
||||
neovim \
|
||||
google-cloud-sdk \
|
||||
google-cloud-sdk-datastore-emulator \
|
||||
kubectl \
|
||||
postgresql-13 \
|
||||
containerd.io \
|
||||
docker-ce \
|
||||
docker-ce-cli \
|
||||
packer \
|
||||
terraform \
|
||||
fish \
|
||||
unzip \
|
||||
zstd && \
|
||||
# Delete package cache to avoid consuming space in layer
|
||||
apt-get clean && \
|
||||
# Configure FIPS-compliant policies
|
||||
update-crypto-policies --set FIPS
|
||||
|
||||
# See https://github.com/cli/cli/issues/6175#issuecomment-1235984381 for proof
|
||||
# the apt repository is unreliable
|
||||
RUN curl -L https://github.com/cli/cli/releases/download/v2.14.7/gh_2.14.7_linux_amd64.deb -o gh.deb && \
|
||||
dpkg -i gh.deb
|
||||
dpkg -i gh.deb
|
||||
|
||||
# Install Lazygit
|
||||
# See https://github.com/jesseduffield/lazygit#ubuntu
|
||||
RUN LAZYGIT_VERSION=$(curl -s "https://api.github.com/repos/jesseduffield/lazygit/releases/latest" | grep '"tag_name":' | sed -E 's/.*"v*([^"]+)".*/\1/') && \
|
||||
curl -Lo lazygit.tar.gz "https://github.com/jesseduffield/lazygit/releases/latest/download/lazygit_${LAZYGIT_VERSION}_Linux_x86_64.tar.gz" && \
|
||||
tar xf lazygit.tar.gz -C /usr/local/bin lazygit
|
||||
curl -Lo lazygit.tar.gz "https://github.com/jesseduffield/lazygit/releases/latest/download/lazygit_${LAZYGIT_VERSION}_Linux_x86_64.tar.gz" && \
|
||||
tar xf lazygit.tar.gz -C /usr/local/bin lazygit
|
||||
|
||||
# Install frontend utilities
|
||||
RUN apt-get update && \
|
||||
# Node.js (from nodesource) and Yarn (from yarnpkg)
|
||||
apt-get install --yes --quiet \
|
||||
nodejs yarn \
|
||||
# Install browsers for e2e testing
|
||||
google-chrome-stable microsoft-edge-beta && \
|
||||
# Pre-install system dependencies that Playwright needs. npx doesn't work here
|
||||
# for some reason. See https://github.com/microsoft/playwright-cli/issues/136
|
||||
npm i -g playwright@1.19.1 && playwright install-deps
|
||||
# Node.js (from nodesource) and Yarn (from yarnpkg)
|
||||
apt-get install --yes --quiet \
|
||||
nodejs yarn \
|
||||
# Install browsers for e2e testing
|
||||
google-chrome-stable microsoft-edge-beta && \
|
||||
# Pre-install system dependencies that Playwright needs. npx doesn't work here
|
||||
# for some reason. See https://github.com/microsoft/playwright-cli/issues/136
|
||||
npm i -g playwright@1.19.1 && playwright install-deps
|
||||
|
||||
# Ensure PostgreSQL binaries are in the users $PATH.
|
||||
RUN update-alternatives --install /usr/local/bin/initdb initdb /usr/lib/postgresql/13/bin/initdb 100 && \
|
||||
update-alternatives --install /usr/local/bin/postgres postgres /usr/lib/postgresql/13/bin/postgres 100
|
||||
update-alternatives --install /usr/local/bin/postgres postgres /usr/lib/postgresql/13/bin/postgres 100
|
||||
|
||||
# Create links for injected dependencies
|
||||
RUN ln --symbolic /var/tmp/coder/coder-cli/coder /usr/local/bin/coder && \
|
||||
ln --symbolic /var/tmp/coder/code-server/bin/code-server /usr/local/bin/code-server
|
||||
ln --symbolic /var/tmp/coder/code-server/bin/code-server /usr/local/bin/code-server
|
||||
|
||||
# Disable the PostgreSQL systemd service.
|
||||
# Coder uses a custom timescale container to test the database instead.
|
||||
RUN systemctl disable \
|
||||
postgresql
|
||||
postgresql
|
||||
|
||||
# Configure systemd services for CVMs
|
||||
RUN systemctl enable \
|
||||
docker \
|
||||
ssh
|
||||
docker \
|
||||
ssh
|
||||
|
||||
# Install tools with published releases, where that is the
|
||||
# preferred/recommended installation method.
|
||||
ARG CLOUD_SQL_PROXY_VERSION=1.26.0 \
|
||||
DIVE_VERSION=0.10.0 \
|
||||
DOCKER_GCR_VERSION=2.1.0 \
|
||||
GOLANGCI_LINT_VERSION=1.48.0 \
|
||||
GRYPE_VERSION=0.24.0 \
|
||||
HELM_VERSION=3.8.0 \
|
||||
KUBE_LINTER_VERSION=0.2.5 \
|
||||
KUBECTX_VERSION=0.9.4 \
|
||||
STRIPE_VERSION=1.7.4 \
|
||||
TERRAGRUNT_VERSION=0.34.1 \
|
||||
TRIVY_VERSION=0.23.0
|
||||
DIVE_VERSION=0.10.0 \
|
||||
DOCKER_GCR_VERSION=2.1.0 \
|
||||
GOLANGCI_LINT_VERSION=1.48.0 \
|
||||
GRYPE_VERSION=0.24.0 \
|
||||
HELM_VERSION=3.8.0 \
|
||||
KUBE_LINTER_VERSION=0.2.5 \
|
||||
KUBECTX_VERSION=0.9.4 \
|
||||
STRIPE_VERSION=1.7.4 \
|
||||
TERRAGRUNT_VERSION=0.34.1 \
|
||||
TRIVY_VERSION=0.23.0
|
||||
|
||||
# cloud_sql_proxy, for connecting to cloudsql instances
|
||||
# the upstream go.mod prevents this from being installed with go install
|
||||
RUN curl --silent --show-error --location --output /usr/local/bin/cloud_sql_proxy "https://storage.googleapis.com/cloudsql-proxy/v${CLOUD_SQL_PROXY_VERSION}/cloud_sql_proxy.linux.amd64" && \
|
||||
chmod a=rx /usr/local/bin/cloud_sql_proxy && \
|
||||
# dive for scanning image layer utilization metrics in CI
|
||||
curl --silent --show-error --location "https://github.com/wagoodman/dive/releases/download/v${DIVE_VERSION}/dive_${DIVE_VERSION}_linux_amd64.tar.gz" | \
|
||||
tar --extract --gzip --directory=/usr/local/bin --file=- dive && \
|
||||
# docker-credential-gcr is a Docker credential helper for pushing/pulling
|
||||
# images from Google Container Registry and Artifact Registry
|
||||
curl --silent --show-error --location "https://github.com/GoogleCloudPlatform/docker-credential-gcr/releases/download/v${DOCKER_GCR_VERSION}/docker-credential-gcr_linux_amd64-${DOCKER_GCR_VERSION}.tar.gz" | \
|
||||
tar --extract --gzip --directory=/usr/local/bin --file=- docker-credential-gcr && \
|
||||
# golangci-lint performs static code analysis for our Go code
|
||||
curl --silent --show-error --location "https://github.com/golangci/golangci-lint/releases/download/v${GOLANGCI_LINT_VERSION}/golangci-lint-${GOLANGCI_LINT_VERSION}-linux-amd64.tar.gz" | \
|
||||
tar --extract --gzip --directory=/usr/local/bin --file=- --strip-components=1 "golangci-lint-${GOLANGCI_LINT_VERSION}-linux-amd64/golangci-lint" && \
|
||||
# Anchore Grype for scanning container images for security issues
|
||||
curl --silent --show-error --location "https://github.com/anchore/grype/releases/download/v${GRYPE_VERSION}/grype_${GRYPE_VERSION}_linux_amd64.tar.gz" | \
|
||||
tar --extract --gzip --directory=/usr/local/bin --file=- grype && \
|
||||
# Helm is necessary for deploying Coder
|
||||
curl --silent --show-error --location "https://get.helm.sh/helm-v${HELM_VERSION}-linux-amd64.tar.gz" | \
|
||||
tar --extract --gzip --directory=/usr/local/bin --file=- --strip-components=1 linux-amd64/helm && \
|
||||
# kube-linter for linting Kubernetes objects, including those
|
||||
# that Helm generates from our charts
|
||||
curl --silent --show-error --location "https://github.com/stackrox/kube-linter/releases/download/${KUBE_LINTER_VERSION}/kube-linter-linux.tar.gz" | \
|
||||
tar --extract --gzip --directory=/usr/local/bin --file=- kube-linter && \
|
||||
# kubens and kubectx for managing Kubernetes namespaces and contexts
|
||||
curl --silent --show-error --location "https://github.com/ahmetb/kubectx/releases/download/v${KUBECTX_VERSION}/kubectx_v${KUBECTX_VERSION}_linux_x86_64.tar.gz" | \
|
||||
tar --extract --gzip --directory=/usr/local/bin --file=- kubectx && \
|
||||
curl --silent --show-error --location "https://github.com/ahmetb/kubectx/releases/download/v${KUBECTX_VERSION}/kubens_v${KUBECTX_VERSION}_linux_x86_64.tar.gz" | \
|
||||
tar --extract --gzip --directory=/usr/local/bin --file=- kubens && \
|
||||
# stripe for coder.com billing API
|
||||
curl --silent --show-error --location "https://github.com/stripe/stripe-cli/releases/download/v${STRIPE_VERSION}/stripe_${STRIPE_VERSION}_linux_x86_64.tar.gz" | \
|
||||
tar --extract --gzip --directory=/usr/local/bin --file=- stripe && \
|
||||
# terragrunt for running Terraform and Terragrunt files
|
||||
curl --silent --show-error --location --output /usr/local/bin/terragrunt "https://github.com/gruntwork-io/terragrunt/releases/download/v${TERRAGRUNT_VERSION}/terragrunt_linux_amd64" && \
|
||||
chmod a=rx /usr/local/bin/terragrunt && \
|
||||
# AquaSec Trivy for scanning container images for security issues
|
||||
curl --silent --show-error --location "https://github.com/aquasecurity/trivy/releases/download/v${TRIVY_VERSION}/trivy_${TRIVY_VERSION}_Linux-64bit.tar.gz" | \
|
||||
tar --extract --gzip --directory=/usr/local/bin --file=- trivy
|
||||
chmod a=rx /usr/local/bin/cloud_sql_proxy && \
|
||||
# dive for scanning image layer utilization metrics in CI
|
||||
curl --silent --show-error --location "https://github.com/wagoodman/dive/releases/download/v${DIVE_VERSION}/dive_${DIVE_VERSION}_linux_amd64.tar.gz" | \
|
||||
tar --extract --gzip --directory=/usr/local/bin --file=- dive && \
|
||||
# docker-credential-gcr is a Docker credential helper for pushing/pulling
|
||||
# images from Google Container Registry and Artifact Registry
|
||||
curl --silent --show-error --location "https://github.com/GoogleCloudPlatform/docker-credential-gcr/releases/download/v${DOCKER_GCR_VERSION}/docker-credential-gcr_linux_amd64-${DOCKER_GCR_VERSION}.tar.gz" | \
|
||||
tar --extract --gzip --directory=/usr/local/bin --file=- docker-credential-gcr && \
|
||||
# golangci-lint performs static code analysis for our Go code
|
||||
curl --silent --show-error --location "https://github.com/golangci/golangci-lint/releases/download/v${GOLANGCI_LINT_VERSION}/golangci-lint-${GOLANGCI_LINT_VERSION}-linux-amd64.tar.gz" | \
|
||||
tar --extract --gzip --directory=/usr/local/bin --file=- --strip-components=1 "golangci-lint-${GOLANGCI_LINT_VERSION}-linux-amd64/golangci-lint" && \
|
||||
# Anchore Grype for scanning container images for security issues
|
||||
curl --silent --show-error --location "https://github.com/anchore/grype/releases/download/v${GRYPE_VERSION}/grype_${GRYPE_VERSION}_linux_amd64.tar.gz" | \
|
||||
tar --extract --gzip --directory=/usr/local/bin --file=- grype && \
|
||||
# Helm is necessary for deploying Coder
|
||||
curl --silent --show-error --location "https://get.helm.sh/helm-v${HELM_VERSION}-linux-amd64.tar.gz" | \
|
||||
tar --extract --gzip --directory=/usr/local/bin --file=- --strip-components=1 linux-amd64/helm && \
|
||||
# kube-linter for linting Kubernetes objects, including those
|
||||
# that Helm generates from our charts
|
||||
curl --silent --show-error --location "https://github.com/stackrox/kube-linter/releases/download/${KUBE_LINTER_VERSION}/kube-linter-linux.tar.gz" | \
|
||||
tar --extract --gzip --directory=/usr/local/bin --file=- kube-linter && \
|
||||
# kubens and kubectx for managing Kubernetes namespaces and contexts
|
||||
curl --silent --show-error --location "https://github.com/ahmetb/kubectx/releases/download/v${KUBECTX_VERSION}/kubectx_v${KUBECTX_VERSION}_linux_x86_64.tar.gz" | \
|
||||
tar --extract --gzip --directory=/usr/local/bin --file=- kubectx && \
|
||||
curl --silent --show-error --location "https://github.com/ahmetb/kubectx/releases/download/v${KUBECTX_VERSION}/kubens_v${KUBECTX_VERSION}_linux_x86_64.tar.gz" | \
|
||||
tar --extract --gzip --directory=/usr/local/bin --file=- kubens && \
|
||||
# stripe for coder.com billing API
|
||||
curl --silent --show-error --location "https://github.com/stripe/stripe-cli/releases/download/v${STRIPE_VERSION}/stripe_${STRIPE_VERSION}_linux_x86_64.tar.gz" | \
|
||||
tar --extract --gzip --directory=/usr/local/bin --file=- stripe && \
|
||||
# terragrunt for running Terraform and Terragrunt files
|
||||
curl --silent --show-error --location --output /usr/local/bin/terragrunt "https://github.com/gruntwork-io/terragrunt/releases/download/v${TERRAGRUNT_VERSION}/terragrunt_linux_amd64" && \
|
||||
chmod a=rx /usr/local/bin/terragrunt && \
|
||||
# AquaSec Trivy for scanning container images for security issues
|
||||
curl --silent --show-error --location "https://github.com/aquasecurity/trivy/releases/download/v${TRIVY_VERSION}/trivy_${TRIVY_VERSION}_Linux-64bit.tar.gz" | \
|
||||
tar --extract --gzip --directory=/usr/local/bin --file=- trivy
|
||||
|
||||
# Add Vercel globally. We can't install it in packages.json, because it
|
||||
# includes Go files which make golangci-lint unhappy.
|
||||
RUN yarn global add --prefix=/usr/local \
|
||||
vercel \
|
||||
typescript \
|
||||
typescript-language-server \
|
||||
prettier && \
|
||||
yarn cache clean
|
||||
vercel \
|
||||
typescript \
|
||||
typescript-language-server \
|
||||
prettier && \
|
||||
yarn cache clean
|
||||
|
||||
# We use yq during "make deploy" to manually substitute out fields in
|
||||
# our helm values.yaml file. See https://github.com/helm/helm/issues/3141
|
||||
|
@ -273,13 +277,13 @@ RUN yarn global add --prefix=/usr/local \
|
|||
# mv /usr/local/bin/yq_linux_amd64 /usr/local/bin/yq
|
||||
|
||||
RUN curl --silent --show-error --location --output /usr/local/bin/yq "https://github.com/mikefarah/yq/releases/download/3.3.0/yq_linux_amd64" && \
|
||||
chmod a=rx /usr/local/bin/yq
|
||||
chmod a=rx /usr/local/bin/yq
|
||||
|
||||
# Install GoLand.
|
||||
RUN mkdir --parents /usr/local/goland && \
|
||||
curl --silent --show-error --location "https://download.jetbrains.com/go/goland-2021.2.tar.gz" | \
|
||||
tar --extract --gzip --directory=/usr/local/goland --file=- --strip-components=1 && \
|
||||
ln --symbolic /usr/local/goland/bin/goland.sh /usr/local/bin/goland
|
||||
curl --silent --show-error --location "https://download.jetbrains.com/go/goland-2021.2.tar.gz" | \
|
||||
tar --extract --gzip --directory=/usr/local/goland --file=- --strip-components=1 && \
|
||||
ln --symbolic /usr/local/goland/bin/goland.sh /usr/local/bin/goland
|
||||
|
||||
# Install Antlrv4, needed to generate paramlang lexer/parser
|
||||
RUN curl --silent --show-error --location --output /usr/local/lib/antlr-4.9.2-complete.jar "https://www.antlr.org/download/antlr-4.9.2-complete.jar"
|
||||
|
@ -287,22 +291,22 @@ ENV CLASSPATH="/usr/local/lib/antlr-4.9.2-complete.jar:${PATH}"
|
|||
|
||||
# Add coder user and allow use of docker/sudo
|
||||
RUN useradd coder \
|
||||
--create-home \
|
||||
--shell=/bin/bash \
|
||||
--groups=docker \
|
||||
--uid=1000 \
|
||||
--user-group
|
||||
--create-home \
|
||||
--shell=/bin/bash \
|
||||
--groups=docker \
|
||||
--uid=1000 \
|
||||
--user-group
|
||||
|
||||
# Adjust OpenSSH config
|
||||
RUN echo "PermitUserEnvironment yes" >>/etc/ssh/sshd_config && \
|
||||
echo "X11Forwarding yes" >>/etc/ssh/sshd_config && \
|
||||
echo "X11UseLocalhost no" >>/etc/ssh/sshd_config
|
||||
echo "X11Forwarding yes" >>/etc/ssh/sshd_config && \
|
||||
echo "X11UseLocalhost no" >>/etc/ssh/sshd_config
|
||||
|
||||
# We avoid copying the extracted directory since COPY slows to minutes when there
|
||||
# are a lot of small files.
|
||||
COPY --from=go /usr/local/go.tar.gz /usr/local/go.tar.gz
|
||||
RUN mkdir /usr/local/go && \
|
||||
tar --extract --gzip --directory=/usr/local/go --file=/usr/local/go.tar.gz --strip-components=1
|
||||
tar --extract --gzip --directory=/usr/local/go --file=/usr/local/go.tar.gz --strip-components=1
|
||||
|
||||
ENV PATH=$PATH:/usr/local/go/bin
|
||||
|
||||
|
|
|
@ -51,11 +51,11 @@ The following explains how to do certain things related to dogfooding.
|
|||
7. To create your own template, you can do: `./scripts/coder-dev.sh templates init` and choose your preferred option.
|
||||
For example, choosing “Develop in Docker” will create a new folder `docker` that contains the bare bones for starting a Docker workspace template.
|
||||
Then, enter the folder that was just created and customize as you wish.
|
||||
<aside>
|
||||
💡 **For all Docker templates:**
|
||||
This step depends on whether you are developing on a Coder v1 workspace, versus a Coder v2 workspace, versus a VM, versus locally. In any case, check the output of the command `docker context ls` to determine where your Docker daemon is listening. Then open `./docker/main.tf` and check inside the block `provider "docker"` that the variable `"host"` is set correctly.
|
||||
|
||||
</aside>
|
||||
<aside>
|
||||
💡 **For all Docker templates:**
|
||||
This step depends on whether you are developing on a Coder v1 workspace, versus a Coder v2 workspace, versus a VM, versus locally. In any case, check the output of the command `docker context ls` to determine where your Docker daemon is listening. Then open `./docker/main.tf` and check inside the block `provider "docker"` that the variable `"host"` is set correctly.
|
||||
</aside>
|
||||
|
||||
## Troubleshooting
|
||||
|
||||
|
|
|
@ -17,6 +17,7 @@ This lets you quickly test out Coder in a self-contained environment.
|
|||
- You can use the configuration as-is, or edit it to your liking.
|
||||
|
||||
This will:
|
||||
|
||||
- Start an Ubuntu 22.04 VM
|
||||
- Install Docker and Terraform from the official repos
|
||||
- Install Coder using the [installation script](https://coder.com/docs/coder-oss/latest/install#installsh)
|
||||
|
|
|
@ -7,19 +7,19 @@
|
|||
|
||||
# This example requires Lima v0.8.3 or later.
|
||||
images:
|
||||
# Try to use release-yyyyMMdd image if available. Note that release-yyyyMMdd will be removed after several months.
|
||||
- location: "https://cloud-images.ubuntu.com/releases/22.04/release-20220420/ubuntu-22.04-server-cloudimg-amd64.img"
|
||||
arch: "x86_64"
|
||||
digest: "sha256:de5e632e17b8965f2baf4ea6d2b824788e154d9a65df4fd419ec4019898e15cd"
|
||||
- location: "https://cloud-images.ubuntu.com/releases/22.04/release-20220420/ubuntu-22.04-server-cloudimg-arm64.img"
|
||||
arch: "aarch64"
|
||||
digest: "sha256:66224c7fed99ff5a5539eda406c87bbfefe8af6ff6b47d92df3187832b5b5d4f"
|
||||
# Fallback to the latest release image.
|
||||
# Hint: run `limactl prune` to invalidate the cache
|
||||
- location: "https://cloud-images.ubuntu.com/releases/22.04/release/ubuntu-22.04-server-cloudimg-amd64.img"
|
||||
arch: "x86_64"
|
||||
- location: "https://cloud-images.ubuntu.com/releases/22.04/release/ubuntu-22.04-server-cloudimg-arm64.img"
|
||||
arch: "aarch64"
|
||||
# Try to use release-yyyyMMdd image if available. Note that release-yyyyMMdd will be removed after several months.
|
||||
- location: "https://cloud-images.ubuntu.com/releases/22.04/release-20220420/ubuntu-22.04-server-cloudimg-amd64.img"
|
||||
arch: "x86_64"
|
||||
digest: "sha256:de5e632e17b8965f2baf4ea6d2b824788e154d9a65df4fd419ec4019898e15cd"
|
||||
- location: "https://cloud-images.ubuntu.com/releases/22.04/release-20220420/ubuntu-22.04-server-cloudimg-arm64.img"
|
||||
arch: "aarch64"
|
||||
digest: "sha256:66224c7fed99ff5a5539eda406c87bbfefe8af6ff6b47d92df3187832b5b5d4f"
|
||||
# Fallback to the latest release image.
|
||||
# Hint: run `limactl prune` to invalidate the cache
|
||||
- location: "https://cloud-images.ubuntu.com/releases/22.04/release/ubuntu-22.04-server-cloudimg-amd64.img"
|
||||
arch: "x86_64"
|
||||
- location: "https://cloud-images.ubuntu.com/releases/22.04/release/ubuntu-22.04-server-cloudimg-arm64.img"
|
||||
arch: "aarch64"
|
||||
|
||||
# Your home directory is mounted read-only
|
||||
mounts:
|
||||
|
@ -33,101 +33,101 @@ hostResolver:
|
|||
hosts:
|
||||
host.docker.internal: host.lima.internal
|
||||
provision:
|
||||
- mode: system
|
||||
# This script defines the host.docker.internal hostname when hostResolver is disabled.
|
||||
# It is also needed for lima 0.8.2 and earlier, which does not support hostResolver.hosts.
|
||||
# Names defined in /etc/hosts inside the VM are not resolved inside containers when
|
||||
# using the hostResolver; use hostResolver.hosts instead (requires lima 0.8.3 or later).
|
||||
script: |
|
||||
#!/bin/sh
|
||||
set -eux -o pipefail
|
||||
sed -i 's/host.lima.internal.*/host.lima.internal host.docker.internal/' /etc/hosts
|
||||
- mode: system
|
||||
script: |
|
||||
#!/bin/bash
|
||||
set -eux -o pipefail
|
||||
command -v docker >/dev/null 2>&1 && exit 0
|
||||
export DEBIAN_FRONTEND=noninteractive
|
||||
curl -fsSL https://get.docker.com | sh
|
||||
# Ensure we have a decent logging driver set up for Docker, for debugging.
|
||||
cat > /etc/docker/daemon.json << EOF
|
||||
{
|
||||
"log-driver": "journald"
|
||||
}
|
||||
EOF
|
||||
systemctl restart docker
|
||||
# In case a user forgets to set the arch correctly, just install binfmt
|
||||
docker run --privileged --rm tonistiigi/binfmt --install all
|
||||
- mode: system
|
||||
script: |
|
||||
#!/bin/bash
|
||||
set -eux -o pipefail
|
||||
command -v terraform >/dev/null 2>&1 && exit 0
|
||||
DEBIAN_FRONTEND=noninteractive apt-get install -qqy unzip
|
||||
rm -fv /tmp/terraform.zip || true
|
||||
wget -qO /tmp/terraform.zip "https://releases.hashicorp.com/terraform/1.3.0/terraform_1.3.0_linux_$(dpkg --print-architecture).zip"
|
||||
unzip /tmp/terraform.zip -d /usr/local/bin/
|
||||
chmod +x /usr/local/bin/terraform
|
||||
rm -fv /tmp/terraform.zip || true
|
||||
- mode: system
|
||||
script: |
|
||||
#!/bin/bash
|
||||
set -eux -o pipefail
|
||||
command -v coder >/dev/null 2>&1 && exit 0
|
||||
export DEBIAN_FRONTEND=noninteractive
|
||||
export HOME=/root
|
||||
curl -fsSL https://coder.com/install.sh | sh
|
||||
# Ensure Coder has permissions on /var/run/docker.socket
|
||||
usermod -aG docker coder
|
||||
# Ensure coder listens on all interfaces
|
||||
sed -i 's/CODER_ADDRESS=.*/CODER_ADDRESS=0.0.0.0:3000/' /etc/coder.d/coder.env
|
||||
# Ensure coder starts on boot
|
||||
systemctl enable coder
|
||||
systemctl start coder
|
||||
# Wait for Coder to have downloaded Terraform
|
||||
timeout 60s bash -c 'until /var/cache/coder/terraform version >/dev/null 2>&1; do sleep 1; done'
|
||||
# Coder restarts after downloading Terraform, wait for it to become available
|
||||
timeout 60s bash -c 'until nc -z localhost 3000 > /dev/null 2>&1; do sleep 1; done'
|
||||
- mode: user
|
||||
script: |
|
||||
#!/bin/bash
|
||||
set -eux -o pipefail
|
||||
# If we are already logged in, nothing to do
|
||||
coder templates list >/dev/null 2>&1 && exit 0
|
||||
# Set up initial user
|
||||
[ ! -e ~/.config/coderv2/session ] && coder login http://localhost:3000 --first-user-username admin --first-user-email admin@coder.com --first-user-password $(< /dev/urandom tr -dc _A-Z-a-z-0-9 | head -c8 | tee ${HOME}/.config/coderv2/password)
|
||||
# Create an initial template
|
||||
temp_template_dir=$(mktemp -d)
|
||||
echo code-server | coder templates init "${temp_template_dir}"
|
||||
DOCKER_ARCH="amd64"
|
||||
if [ "$(arch)" = "aarch64" ]; then
|
||||
DOCKER_ARCH="arm64"
|
||||
fi
|
||||
DOCKER_HOST=$(docker context inspect --format '{{.Endpoints.docker.Host}}')
|
||||
printf 'docker_arch: "%s"\ndocker_host: "%s"\n' "${DOCKER_ARCH}" "${DOCKER_HOST}" | tee "${temp_template_dir}/params.yaml"
|
||||
coder templates create "docker-code-server-${DOCKER_ARCH}" --directory "${temp_template_dir}" --parameter-file "${temp_template_dir}/params.yaml" --yes
|
||||
rm -rfv "${temp_template_dir}"
|
||||
- mode: system
|
||||
# This script defines the host.docker.internal hostname when hostResolver is disabled.
|
||||
# It is also needed for lima 0.8.2 and earlier, which does not support hostResolver.hosts.
|
||||
# Names defined in /etc/hosts inside the VM are not resolved inside containers when
|
||||
# using the hostResolver; use hostResolver.hosts instead (requires lima 0.8.3 or later).
|
||||
script: |
|
||||
#!/bin/sh
|
||||
set -eux -o pipefail
|
||||
sed -i 's/host.lima.internal.*/host.lima.internal host.docker.internal/' /etc/hosts
|
||||
- mode: system
|
||||
script: |
|
||||
#!/bin/bash
|
||||
set -eux -o pipefail
|
||||
command -v docker >/dev/null 2>&1 && exit 0
|
||||
export DEBIAN_FRONTEND=noninteractive
|
||||
curl -fsSL https://get.docker.com | sh
|
||||
# Ensure we have a decent logging driver set up for Docker, for debugging.
|
||||
cat > /etc/docker/daemon.json << EOF
|
||||
{
|
||||
"log-driver": "journald"
|
||||
}
|
||||
EOF
|
||||
systemctl restart docker
|
||||
# In case a user forgets to set the arch correctly, just install binfmt
|
||||
docker run --privileged --rm tonistiigi/binfmt --install all
|
||||
- mode: system
|
||||
script: |
|
||||
#!/bin/bash
|
||||
set -eux -o pipefail
|
||||
command -v terraform >/dev/null 2>&1 && exit 0
|
||||
DEBIAN_FRONTEND=noninteractive apt-get install -qqy unzip
|
||||
rm -fv /tmp/terraform.zip || true
|
||||
wget -qO /tmp/terraform.zip "https://releases.hashicorp.com/terraform/1.3.0/terraform_1.3.0_linux_$(dpkg --print-architecture).zip"
|
||||
unzip /tmp/terraform.zip -d /usr/local/bin/
|
||||
chmod +x /usr/local/bin/terraform
|
||||
rm -fv /tmp/terraform.zip || true
|
||||
- mode: system
|
||||
script: |
|
||||
#!/bin/bash
|
||||
set -eux -o pipefail
|
||||
command -v coder >/dev/null 2>&1 && exit 0
|
||||
export DEBIAN_FRONTEND=noninteractive
|
||||
export HOME=/root
|
||||
curl -fsSL https://coder.com/install.sh | sh
|
||||
# Ensure Coder has permissions on /var/run/docker.socket
|
||||
usermod -aG docker coder
|
||||
# Ensure coder listens on all interfaces
|
||||
sed -i 's/CODER_ADDRESS=.*/CODER_ADDRESS=0.0.0.0:3000/' /etc/coder.d/coder.env
|
||||
# Ensure coder starts on boot
|
||||
systemctl enable coder
|
||||
systemctl start coder
|
||||
# Wait for Coder to have downloaded Terraform
|
||||
timeout 60s bash -c 'until /var/cache/coder/terraform version >/dev/null 2>&1; do sleep 1; done'
|
||||
# Coder restarts after downloading Terraform, wait for it to become available
|
||||
timeout 60s bash -c 'until nc -z localhost 3000 > /dev/null 2>&1; do sleep 1; done'
|
||||
- mode: user
|
||||
script: |
|
||||
#!/bin/bash
|
||||
set -eux -o pipefail
|
||||
# If we are already logged in, nothing to do
|
||||
coder templates list >/dev/null 2>&1 && exit 0
|
||||
# Set up initial user
|
||||
[ ! -e ~/.config/coderv2/session ] && coder login http://localhost:3000 --first-user-username admin --first-user-email admin@coder.com --first-user-password $(< /dev/urandom tr -dc _A-Z-a-z-0-9 | head -c8 | tee ${HOME}/.config/coderv2/password)
|
||||
# Create an initial template
|
||||
temp_template_dir=$(mktemp -d)
|
||||
echo code-server | coder templates init "${temp_template_dir}"
|
||||
DOCKER_ARCH="amd64"
|
||||
if [ "$(arch)" = "aarch64" ]; then
|
||||
DOCKER_ARCH="arm64"
|
||||
fi
|
||||
DOCKER_HOST=$(docker context inspect --format '{{.Endpoints.docker.Host}}')
|
||||
printf 'docker_arch: "%s"\ndocker_host: "%s"\n' "${DOCKER_ARCH}" "${DOCKER_HOST}" | tee "${temp_template_dir}/params.yaml"
|
||||
coder templates create "docker-code-server-${DOCKER_ARCH}" --directory "${temp_template_dir}" --parameter-file "${temp_template_dir}/params.yaml" --yes
|
||||
rm -rfv "${temp_template_dir}"
|
||||
probes:
|
||||
- description: "docker to be installed"
|
||||
script: |
|
||||
#!/bin/bash
|
||||
set -eux -o pipefail
|
||||
if ! timeout 30s bash -c "until command -v docker >/dev/null 2>&1; do sleep 3; done"; then
|
||||
echo >&2 "docker is not installed yet"
|
||||
exit 1
|
||||
fi
|
||||
hint: |
|
||||
See "/var/log/cloud-init-output.log" in the guest.
|
||||
- description: "coder to be installed"
|
||||
script: |
|
||||
#!/bin/bash
|
||||
set -eux -o pipefail
|
||||
if ! timeout 30s bash -c "until command -v coder >/dev/null 2>&1; do sleep 3; done"; then
|
||||
echo >&2 "coder is not installed yet"
|
||||
exit 1
|
||||
fi
|
||||
hint: |
|
||||
See "/var/log/cloud-init-output.log" in the guest.
|
||||
- description: "docker to be installed"
|
||||
script: |
|
||||
#!/bin/bash
|
||||
set -eux -o pipefail
|
||||
if ! timeout 30s bash -c "until command -v docker >/dev/null 2>&1; do sleep 3; done"; then
|
||||
echo >&2 "docker is not installed yet"
|
||||
exit 1
|
||||
fi
|
||||
hint: |
|
||||
See "/var/log/cloud-init-output.log" in the guest.
|
||||
- description: "coder to be installed"
|
||||
script: |
|
||||
#!/bin/bash
|
||||
set -eux -o pipefail
|
||||
if ! timeout 30s bash -c "until command -v coder >/dev/null 2>&1; do sleep 3; done"; then
|
||||
echo >&2 "coder is not installed yet"
|
||||
exit 1
|
||||
fi
|
||||
hint: |
|
||||
See "/var/log/cloud-init-output.log" in the guest.
|
||||
message: |
|
||||
All Done! Your Coder instance is accessible at http://localhost:3000
|
||||
|
||||
|
@ -139,4 +139,3 @@ message: |
|
|||
limactl shell coder
|
||||
cd && coder templates init
|
||||
------
|
||||
|
||||
|
|
|
@ -5,7 +5,7 @@ This is a list of templates and actions created by the community.
|
|||
See [Getting Started](./README.md#getting-started) for how to use these templates.
|
||||
|
||||
> If you have created a template, see one that's missing or one that's no longer
|
||||
maintained, please submit a pull request to improve this list. Thank you!
|
||||
> maintained, please submit a pull request to improve this list. Thank you!
|
||||
|
||||
## Templates
|
||||
|
||||
|
|
|
@ -65,7 +65,8 @@ coder:
|
|||
|
||||
# coder.resources -- The resources to request for Coder. These are optional
|
||||
# and are not set by default.
|
||||
resources: {}
|
||||
resources:
|
||||
{}
|
||||
# limits:
|
||||
# cpu: 100m
|
||||
# memory: 128Mi
|
||||
|
@ -81,7 +82,8 @@ coder:
|
|||
#
|
||||
# The given key in each secret is mounted at
|
||||
# `/etc/ssl/certs/{secret_name}.crt`.
|
||||
secrets: []
|
||||
secrets:
|
||||
[]
|
||||
# - name: "my-ca-bundle"
|
||||
# key: "ca-bundle.crt"
|
||||
|
||||
|
@ -103,7 +105,8 @@ coder:
|
|||
|
||||
# coder.tolerations -- Tolerations for tainted nodes.
|
||||
# See: https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/
|
||||
tolerations: {}
|
||||
tolerations:
|
||||
{}
|
||||
# - key: "key"
|
||||
# operator: "Equal"
|
||||
# value: "value"
|
||||
|
|
|
@ -1,64 +0,0 @@
|
|||
## Swagger / OpenAPI 2 and OpenAPI 3 template parameters
|
||||
|
||||
Note that properties of OpenAPI objects will be in OpenAPI 3.0 form, as
|
||||
Swagger / OpenAPI 2.0 definitions are converted automatically.
|
||||
|
||||
### Code templates
|
||||
|
||||
* `method` - the HTTP method of the operation (in lower-case)
|
||||
* `methodUpper` - the HTTP method of the operation (in upper-case)
|
||||
* `url` - the full URL of the operation (including protocol and host)
|
||||
* `consumes[]` - an array of MIME-types the operation consumes
|
||||
* `produces[]` - an array of MIME-types the operation produces
|
||||
* `operation` - the current operation object
|
||||
* `operationId` - the current operation id
|
||||
* `opName` - the operationId if set, otherwise the method + path
|
||||
* `tags[]` - the full list of tags applying to the operation
|
||||
* `security` - the security definitions applying to the operation
|
||||
* `resource` - the current tag/path object
|
||||
* `parameters[]` - an array of parameters for the operation (see below)
|
||||
* `queryString` - an example queryString, urlEncoded
|
||||
* `requiredQueryString` - an example queryString for `required:true` parameters
|
||||
* `queryParameters[]` - a subset of `parameters` that are `in:query`
|
||||
* `requiredParameters[]` - a subset of `queryParameters` that are `required:true`
|
||||
* `headerParameters[]` - a subset of `parameters` that are `in:header`
|
||||
* `allHeaders[]` - a concatenation of `headerParameters` and pseudo-parameters `Accept` and `Content-Type`, and optionally `Authorization` (the latter has an `isAuth` boolean property set true so it can be omitted in templates if desired
|
||||
|
||||
### Parameter template
|
||||
|
||||
* `parameters[]` - an array of [parameters](https://github.com/OAI/OpenAPI-Specification/blob/master/versions/3.0.0.md#parameterObject), including the following pseudo-properties
|
||||
* `shortDesc` - a truncated version of the parameter description
|
||||
* `safeType` - a computed version of the parameter type, including Body and schema names
|
||||
* `originalType` - the original type of the parameter
|
||||
* `exampleValues` - an object containing examples for use in code-templates
|
||||
* `json` - example values in JSON compatible syntax
|
||||
* `object` - example values in raw object form (unquoted strings etc)
|
||||
* `depth` - a zero-based indicator of the depth of expanded request body parameters
|
||||
* `enums[]` - an array of (parameter)name/value pairs
|
||||
|
||||
### Responses template
|
||||
|
||||
* `responses[]` - an array of [responses](https://github.com/OAI/OpenAPI-Specification/blob/master/versions/3.0.0.md#responseObject), including `status` and `meaning` properties
|
||||
|
||||
### Authentication template
|
||||
|
||||
* `authenticationStr` - a simple string of methods (and scopes where appropriate)
|
||||
* `securityDefinitions[]` - an array of applicable [securityDefinitions](https://github.com/OAI/OpenAPI-Specification/blob/master/versions/3.0.0.md#securityRequirementObject)
|
||||
|
||||
### Schema Property template
|
||||
|
||||
* `schemaProperties[]` - an array of
|
||||
* `name`
|
||||
* `type`
|
||||
* `required`
|
||||
* `description`
|
||||
* `enums[]` - an array of (schema property)name/value pairs
|
||||
|
||||
### Common to all templates
|
||||
|
||||
* `openapi` - the top-level OpenAPI / Swagger document
|
||||
* `header` - the front-matter of the Slate/Shins markdown document
|
||||
* `host` - the (computed) host of the API
|
||||
* `protocol` - the default/first protocol of the API
|
||||
* `baseUrl` - the (computed) baseUrl of the API (including protocol and host)
|
||||
* `widdershins` - the contents of widdershins `package.json`
|
|
@ -13,7 +13,6 @@ This main.go generates typescript types from the codersdk types in Go.
|
|||
- [ ] External Types (uses `any` atm)
|
||||
- Some custom external types are hardcoded in (eg: time.Time)
|
||||
|
||||
|
||||
## Type overrides
|
||||
|
||||
```golang
|
||||
|
|
|
@ -75,10 +75,22 @@ execrelative() {
|
|||
return $rc
|
||||
}
|
||||
|
||||
dependency_check() {
|
||||
local dep=$1
|
||||
|
||||
# Special case for yq that can be yq or yq4.
|
||||
if [[ $dep == yq ]]; then
|
||||
[[ -n "${CODER_LIBSH_YQ:-}" ]]
|
||||
return
|
||||
fi
|
||||
|
||||
command -v "$dep" >/dev/null
|
||||
}
|
||||
|
||||
dependencies() {
|
||||
local fail=0
|
||||
for dep in "$@"; do
|
||||
if ! command -v "$dep" >/dev/null; then
|
||||
if ! dependency_check "$dep"; then
|
||||
log "ERROR: The '$dep' dependency is required, but is not available."
|
||||
fail=1
|
||||
fi
|
||||
|
@ -200,9 +212,25 @@ if [[ "${CODER_LIBSH_NO_CHECK_DEPENDENCIES:-}" != *t* ]]; then
|
|||
log
|
||||
fi
|
||||
|
||||
# Allow for yq to be installed as yq4.
|
||||
if command -v yq4 >/dev/null; then
|
||||
export CODER_LIBSH_YQ=yq4
|
||||
elif command -v yq >/dev/null; then
|
||||
if [[ $(yq --version) == *" v4."* ]]; then
|
||||
export CODER_LIBSH_YQ=yq
|
||||
fi
|
||||
fi
|
||||
|
||||
if [[ "$libsh_bad_dependencies" == 1 ]]; then
|
||||
error "Invalid dependencies, see above for more details."
|
||||
fi
|
||||
|
||||
export CODER_LIBSH_NO_CHECK_DEPENDENCIES=true
|
||||
fi
|
||||
|
||||
# Alias yq to the version we want by shadowing with a function.
|
||||
if [[ -n ${CODER_LIBSH_YQ:-} ]]; then
|
||||
yq() {
|
||||
command $CODER_LIBSH_YQ "$@"
|
||||
}
|
||||
fi
|
||||
|
|
|
@ -11,7 +11,6 @@ maintainer: Coder <support@coder.com>
|
|||
description: |
|
||||
Provision development environments with infrastructure with code
|
||||
license: AGPL-3.0
|
||||
|
||||
suggests:
|
||||
- postgresql
|
||||
|
||||
|
|
|
@ -1,16 +1,60 @@
|
|||
###############################################################################
|
||||
# COPY PASTA OF .gitignore
|
||||
###############################################################################
|
||||
# Code generated by Makefile (.gitignore .prettierignore.include). DO NOT EDIT.
|
||||
|
||||
.idea
|
||||
# .gitignore:
|
||||
# Common ignore patterns, these rules applies in both root and subdirectories.
|
||||
.DS_Store
|
||||
.eslintcache
|
||||
.gitpod.yml
|
||||
node_modules
|
||||
vendor
|
||||
out
|
||||
coverage
|
||||
.next
|
||||
storybook-static
|
||||
test-results
|
||||
**/*.typegen.ts
|
||||
.idea
|
||||
**/*.swp
|
||||
.coderv2/*
|
||||
gotests.coverage
|
||||
gotests.xml
|
||||
gotestsum.json
|
||||
node_modules/
|
||||
vendor/
|
||||
yarn-error.log
|
||||
|
||||
# VSCode settings.
|
||||
**/.vscode/*
|
||||
# Allow VSCode recommendations and default settings in project root.
|
||||
!../.vscode/extensions.json
|
||||
!../.vscode/settings.json
|
||||
|
||||
# Front-end ignore patterns.
|
||||
.next/
|
||||
**/*.typegen.ts
|
||||
build-storybook.log
|
||||
coverage/
|
||||
storybook-static/
|
||||
test-results/
|
||||
|
||||
# Make target for updating golden files.
|
||||
../cli/testdata/.gen-golden
|
||||
|
||||
# Build
|
||||
../build/
|
||||
../dist/
|
||||
out/
|
||||
|
||||
*.tfstate
|
||||
*.tfstate.backup
|
||||
*.tfplan
|
||||
*.lock.hcl
|
||||
.terraform/
|
||||
|
||||
../.coderv2/*
|
||||
**/__debug_bin
|
||||
|
||||
# direnv
|
||||
.envrc
|
||||
# .prettierignore.include:
|
||||
# Helm templates contain variables that are invalid YAML and can't be formatted
|
||||
# by Prettier.
|
||||
../helm/templates/*.yaml
|
||||
|
||||
# Terraform state files used in tests, these are automatically generated.
|
||||
# Example: provisioner/terraform/testdata/instance-id/instance-id.tfstate.json
|
||||
**/testdata/**/*.tf*.json
|
||||
|
||||
# Testdata shouldn't be formatted.
|
||||
../scripts/apitypings/testdata/**/*.ts
|
||||
|
|
|
@ -1,24 +1,60 @@
|
|||
###############################################################################
|
||||
# COPY PASTA OF .gitignore
|
||||
# https://github.com/prettier/prettier/issues/8048
|
||||
# https://github.com/prettier/prettier/issues/8506
|
||||
# https://github.com/prettier/prettier/issues/8679
|
||||
###############################################################################
|
||||
# Code generated by Makefile (.gitignore .prettierignore.include). DO NOT EDIT.
|
||||
|
||||
node_modules
|
||||
vendor
|
||||
# .gitignore:
|
||||
# Common ignore patterns, these rules applies in both root and subdirectories.
|
||||
.DS_Store
|
||||
.eslintcache
|
||||
yarn-error.log
|
||||
.idea
|
||||
.gitpod.yml
|
||||
.idea
|
||||
**/*.swp
|
||||
gotests.coverage
|
||||
gotests.xml
|
||||
gotestsum.json
|
||||
node_modules/
|
||||
vendor/
|
||||
yarn-error.log
|
||||
|
||||
# Front-end ignore
|
||||
# VSCode settings.
|
||||
**/.vscode/*
|
||||
# Allow VSCode recommendations and default settings in project root.
|
||||
!../.vscode/extensions.json
|
||||
!../.vscode/settings.json
|
||||
|
||||
# Front-end ignore patterns.
|
||||
.next/
|
||||
**/*.typegen.ts
|
||||
build-storybook.log
|
||||
coverage/
|
||||
out/
|
||||
storybook-static/
|
||||
test-results/
|
||||
|
||||
**/*.swp
|
||||
.coderv2/*
|
||||
# Make target for updating golden files.
|
||||
../cli/testdata/.gen-golden
|
||||
|
||||
# Build
|
||||
../build/
|
||||
../dist/
|
||||
out/
|
||||
|
||||
*.tfstate
|
||||
*.tfstate.backup
|
||||
*.tfplan
|
||||
*.lock.hcl
|
||||
.terraform/
|
||||
|
||||
../.coderv2/*
|
||||
**/__debug_bin
|
||||
|
||||
# direnv
|
||||
.envrc
|
||||
# .prettierignore.include:
|
||||
# Helm templates contain variables that are invalid YAML and can't be formatted
|
||||
# by Prettier.
|
||||
../helm/templates/*.yaml
|
||||
|
||||
# Terraform state files used in tests, these are automatically generated.
|
||||
# Example: provisioner/terraform/testdata/instance-id/instance-id.tfstate.json
|
||||
**/testdata/**/*.tf*.json
|
||||
|
||||
# Testdata shouldn't be formatted.
|
||||
../scripts/apitypings/testdata/**/*.ts
|
||||
|
|
|
@ -1,13 +0,0 @@
|
|||
{
|
||||
"printWidth": 80,
|
||||
"semi": false,
|
||||
"trailingComma": "all",
|
||||
"overrides": [
|
||||
{
|
||||
"files": ["./README.md", "**/*.yaml"],
|
||||
"options": {
|
||||
"proseWrap": "always"
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
|
@ -0,0 +1,18 @@
|
|||
# Code generated by Makefile (../.prettierrc.yaml). DO NOT EDIT.
|
||||
|
||||
# This config file is used in conjunction with `.editorconfig` to specify
|
||||
# formatting for prettier-supported files. See `.editorconfig` and
|
||||
# `site/.editorconfig`for whitespace formatting options.
|
||||
printWidth: 80
|
||||
semi: false
|
||||
trailingComma: all
|
||||
overrides:
|
||||
- files:
|
||||
- ../README.md
|
||||
options:
|
||||
proseWrap: preserve
|
||||
- files:
|
||||
- ./**/*.yaml
|
||||
- ./**/*.yml
|
||||
options:
|
||||
proseWrap: always
|
|
@ -9,9 +9,10 @@
|
|||
"check:all": "yarn format:check && yarn lint && yarn test",
|
||||
"chromatic": "chromatic",
|
||||
"dev": "vite",
|
||||
"format:check": "prettier --cache --check '**/*.{css,html,js,json,jsx,md,ts,tsx,yaml,yml}'",
|
||||
"format:check": "prettier --cache --check '../**/*.{css,html,js,json,jsx,md,ts,tsx,yaml,yml}'",
|
||||
"format:types": "prettier --write 'src/api/typesGenerated.ts'",
|
||||
"format:write": "prettier --write '**/*.{css,html,js,json,jsx,md,ts,tsx,yaml,yml}'",
|
||||
"format:write": "prettier --write '../**/*.{css,html,js,json,jsx,md,ts,tsx,yaml,yml}'",
|
||||
"format:write:only": "prettier --write",
|
||||
"lint": "jest --selectProjects lint",
|
||||
"lint:fix": "FIX=true yarn lint",
|
||||
"playwright:install": "playwright install",
|
||||
|
|
Loading…
Reference in New Issue