From 856f0ab6f5a3c8650181a6c066356d7b452b0f40 Mon Sep 17 00:00:00 2001 From: Mathias Fredriksson Date: Tue, 3 Jan 2023 15:11:13 +0200 Subject: [PATCH] chore: Improve project-wide prettier formatting and ignored files (#5505) * chore: Improve project-wide prettier formatting and ignored files * chore: `Run make fmt/prettier` * Fix gitignore for `.vscode` folder so that ! works * Add comment in `.prettierrc.yaml` to explain `.editorconfig` * Remove scripts/apidocgen/markdown-template/README.md * Use `yq` for processing prettierrc, update lib.sh dependency check * Add `yq` to Dockerfile and Nix --- .devcontainer/Dockerfile | 66 +-- .devcontainer/devcontainer.json | 28 +- .editorconfig | 2 +- .github/dependabot.yaml | 4 +- .github/workflows/cla.yaml | 14 +- .github/workflows/coder.yaml | 20 +- .github/workflows/mlc_config.json | 40 +- .github/workflows/release.yaml | 2 +- .github/workflows/stale.yaml | 4 +- .github/workflows/welcome.yaml | 4 +- .gitignore | 56 +-- .golangci.yaml | 2 +- .prettierignore | 60 +++ .prettierignore.include | 10 + .prettierrc.yaml | 16 + Makefile | 91 +++- cli/config/server.yaml | 2 +- coderd/rbac/README.md | 36 +- dogfood/Dockerfile | 392 +++++++++--------- dogfood/guide.md | 8 +- examples/lima/README.md | 1 + examples/lima/coder.yaml | 215 +++++----- examples/templates/community-templates.md | 2 +- flake.nix | 1 + helm/values.yaml | 9 +- scripts/apidocgen/markdown-template/README.md | 64 --- scripts/apitypings/README.md | 1 - scripts/lib.sh | 30 +- scripts/nfpm.yaml | 1 - site/.eslintignore | 70 +++- site/.prettierignore | 64 ++- site/.prettierrc | 13 - site/.prettierrc.yaml | 18 + site/package.json | 5 +- 34 files changed, 784 insertions(+), 567 deletions(-) create mode 100644 .prettierignore create mode 100644 .prettierignore.include create mode 100644 .prettierrc.yaml delete mode 100644 scripts/apidocgen/markdown-template/README.md delete mode 100644 site/.prettierrc create mode 100644 site/.prettierrc.yaml diff --git a/.devcontainer/Dockerfile b/.devcontainer/Dockerfile index 9564a0f632..40cb654e6e 100644 --- a/.devcontainer/Dockerfile +++ b/.devcontainer/Dockerfile @@ -6,27 +6,27 @@ ENV EDITOR=vim RUN apt-get update && apt-get upgrade --yes RUN apt-get install --yes \ - ca-certificates \ - bash-completion \ - build-essential \ - curl \ - cmake \ - direnv \ - emacs-nox \ - gnupg \ - htop \ - jq \ - less \ - lsb-release \ - lsof \ - man-db \ - nano \ - neovim \ - ssl-cert \ - sudo \ - unzip \ - xz-utils \ - zip + ca-certificates \ + bash-completion \ + build-essential \ + curl \ + cmake \ + direnv \ + emacs-nox \ + gnupg \ + htop \ + jq \ + less \ + lsb-release \ + lsof \ + man-db \ + nano \ + neovim \ + ssl-cert \ + sudo \ + unzip \ + xz-utils \ + zip # configure locales to UTF8 RUN apt-get install locales && locale-gen en_US.UTF-8 @@ -39,22 +39,22 @@ RUN direnv hook bash >> $HOME/.bashrc RUN sh <(curl -L https://nixos.org/nix/install) --daemon RUN mkdir -p $HOME/.config/nix $HOME/.config/nixpkgs \ - && echo 'sandbox = false' >> $HOME/.config/nix/nix.conf \ - && echo '{ allowUnfree = true; }' >> $HOME/.config/nixpkgs/config.nix \ - && echo '. $HOME/.nix-profile/etc/profile.d/nix.sh' >> $HOME/.bashrc + && echo 'sandbox = false' >> $HOME/.config/nix/nix.conf \ + && echo '{ allowUnfree = true; }' >> $HOME/.config/nixpkgs/config.nix \ + && echo '. $HOME/.nix-profile/etc/profile.d/nix.sh' >> $HOME/.bashrc # install docker and configure daemon to use vfs as GitHub codespaces requires vfs # https://github.com/moby/moby/issues/13742#issuecomment-725197223 RUN mkdir -p /etc/apt/keyrings \ - && curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo gpg --dearmor -o /etc/apt/keyrings/docker.gpg \ - && echo \ - "deb [arch=$(dpkg --print-architecture) signed-by=/etc/apt/keyrings/docker.gpg] https://download.docker.com/linux/ubuntu \ - $(lsb_release -cs) stable" | sudo tee /etc/apt/sources.list.d/docker.list > /dev/null \ - && apt-get update \ - && apt-get install --yes docker-ce docker-ce-cli containerd.io docker-compose-plugin \ - && mkdir -p /etc/docker \ - && echo '{"cgroup-parent":"/actions_job","storage-driver":"vfs"}' >> /etc/docker/daemon.json + && curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo gpg --dearmor -o /etc/apt/keyrings/docker.gpg \ + && echo \ + "deb [arch=$(dpkg --print-architecture) signed-by=/etc/apt/keyrings/docker.gpg] https://download.docker.com/linux/ubuntu \ + $(lsb_release -cs) stable" | sudo tee /etc/apt/sources.list.d/docker.list > /dev/null \ + && apt-get update \ + && apt-get install --yes docker-ce docker-ce-cli containerd.io docker-compose-plugin \ + && mkdir -p /etc/docker \ + && echo '{"cgroup-parent":"/actions_job","storage-driver":"vfs"}' >> /etc/docker/daemon.json # install golang and language tooling ENV GO_VERSION=1.19 @@ -67,6 +67,7 @@ RUN echo 'export PATH=$GOPATH/bin:$PATH' >> $HOME/.bashrc RUN bash -c ". $HOME/.bashrc \ go install -v golang.org/x/tools/gopls@latest \ && go install -v mvdan.cc/sh/v3/cmd/shfmt@latest \ + && go install -v github.com/mikefarah/yq/v4@v4.30.6 \ " # install nodejs @@ -80,4 +81,3 @@ RUN bash -c "$(curl -fsSL https://raw.githubusercontent.com/horta/zstd.install/m RUN echo 'deb [trusted=yes] https://repo.goreleaser.com/apt/ /' | sudo tee /etc/apt/sources.list.d/goreleaser.list \ && apt update \ && apt install nfpm - diff --git a/.devcontainer/devcontainer.json b/.devcontainer/devcontainer.json index a2c558fb01..9e53188536 100644 --- a/.devcontainer/devcontainer.json +++ b/.devcontainer/devcontainer.json @@ -1,18 +1,24 @@ // For format details, see https://aka.ms/devcontainer.json { - "name": "Development environments on your infrastructure", + "name": "Development environments on your infrastructure", - // Sets the run context to one level up instead of the .devcontainer folder. - "context": ".", + // Sets the run context to one level up instead of the .devcontainer folder. + "context": ".", - // Update the 'dockerFile' property if you aren't using the standard 'Dockerfile' filename. - "dockerFile": "Dockerfile", + // Update the 'dockerFile' property if you aren't using the standard 'Dockerfile' filename. + "dockerFile": "Dockerfile", - // Use 'forwardPorts' to make a list of ports inside the container available locally. - // "forwardPorts": [], - - "postStartCommand": "dockerd", + // Use 'forwardPorts' to make a list of ports inside the container available locally. + // "forwardPorts": [], - // privileged is required by GitHub codespaces - https://github.com/microsoft/vscode-dev-containers/issues/727 - "runArgs": [ "--cap-add=SYS_PTRACE", "--security-opt", "seccomp=unconfined", "--privileged", "--init" ] + "postStartCommand": "dockerd", + + // privileged is required by GitHub codespaces - https://github.com/microsoft/vscode-dev-containers/issues/727 + "runArgs": [ + "--cap-add=SYS_PTRACE", + "--security-opt", + "seccomp=unconfined", + "--privileged", + "--init" + ] } diff --git a/.editorconfig b/.editorconfig index 227be2a6df..af95c56b29 100644 --- a/.editorconfig +++ b/.editorconfig @@ -7,7 +7,7 @@ trim_trailing_whitespace = true insert_final_newline = true indent_style = tab -[*.{md,json,yaml,yml,tf,tfvars}] +[*.{md,json,yaml,yml,tf,tfvars,nix}] indent_style = space indent_size = 2 diff --git a/.github/dependabot.yaml b/.github/dependabot.yaml index 9b28b85b11..e94fd88f7a 100644 --- a/.github/dependabot.yaml +++ b/.github/dependabot.yaml @@ -38,7 +38,7 @@ updates: # Ignore patch updates for all dependencies - dependency-name: "*" update-types: - - version-update:semver-patch + - version-update:semver-patch - package-ecosystem: "npm" directory: "/site/" @@ -53,7 +53,7 @@ updates: # Ignore patch updates for all dependencies - dependency-name: "*" update-types: - - version-update:semver-patch + - version-update:semver-patch # Ignore major updates to Node.js types, because they need to # correspond to the Node.js engine version - dependency-name: "@types/node" diff --git a/.github/workflows/cla.yaml b/.github/workflows/cla.yaml index 81aafca379..5893c9cdc6 100644 --- a/.github/workflows/cla.yaml +++ b/.github/workflows/cla.yaml @@ -3,7 +3,7 @@ on: issue_comment: types: [created] pull_request_target: - types: [opened,closed,synchronize] + types: [opened, closed, synchronize] jobs: CLAssistant: @@ -15,12 +15,12 @@ jobs: env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} # the below token should have repo scope and must be manually added by you in the repository's secret - PERSONAL_ACCESS_TOKEN : ${{ secrets.CDRCOMMUNITY_GITHUB_TOKEN }} + PERSONAL_ACCESS_TOKEN: ${{ secrets.CDRCOMMUNITY_GITHUB_TOKEN }} with: - remote-organization-name: 'coder' - remote-repository-name: 'cla' - path-to-signatures: 'v2022-09-04/signatures.json' - path-to-document: 'https://github.com/coder/cla/blob/main/README.md' + remote-organization-name: "coder" + remote-repository-name: "cla" + path-to-signatures: "v2022-09-04/signatures.json" + path-to-document: "https://github.com/coder/cla/blob/main/README.md" # branch should not be protected - branch: 'main' + branch: "main" allowlist: dependabot* diff --git a/.github/workflows/coder.yaml b/.github/workflows/coder.yaml index ecc95000ff..1f83de2cee 100644 --- a/.github/workflows/coder.yaml +++ b/.github/workflows/coder.yaml @@ -222,6 +222,8 @@ jobs: run: go install storj.io/drpc/cmd/protoc-gen-go-drpc@v0.0.26 - name: Install goimports run: go install golang.org/x/tools/cmd/goimports@latest + - name: Install yq + run: go run github.com/mikefarah/yq/v4@v4.30.6 - name: Install Protoc run: | @@ -736,18 +738,18 @@ jobs: markdown-link-check: runs-on: ubuntu-latest steps: - - uses: actions/checkout@master - # For the main branch: - - if: github.ref == 'refs/heads/main' && !github.event.pull_request.head.repo.fork - uses: gaurav-nelson/github-action-markdown-link-check@v1 - with: + - uses: actions/checkout@master + # For the main branch: + - if: github.ref == 'refs/heads/main' && !github.event.pull_request.head.repo.fork + uses: gaurav-nelson/github-action-markdown-link-check@v1 + with: use-quiet-mode: yes use-verbose-mode: yes config-file: .github/workflows/mlc_config.json - # For pull requests: - - if: github.ref != 'refs/heads/main' || github.event.pull_request.head.repo.fork - uses: gaurav-nelson/github-action-markdown-link-check@v1 - with: + # For pull requests: + - if: github.ref != 'refs/heads/main' || github.event.pull_request.head.repo.fork + uses: gaurav-nelson/github-action-markdown-link-check@v1 + with: use-quiet-mode: yes use-verbose-mode: yes check-modified-files-only: yes diff --git a/.github/workflows/mlc_config.json b/.github/workflows/mlc_config.json index 2a0fdc7cbf..3eccca05e5 100644 --- a/.github/workflows/mlc_config.json +++ b/.github/workflows/mlc_config.json @@ -1,22 +1,22 @@ { - "ignorePatterns": [ - { - "pattern": ":\/\/localhost" - }, - { - "pattern": ":\/\/.*.?example\\.com" - }, - { - "pattern": "developer.github.com" - }, - { - "pattern": "docs.github.com" - }, - { - "pattern": "support.google.com" - }, - { - "pattern": "tailscale.com" - } - ] + "ignorePatterns": [ + { + "pattern": "://localhost" + }, + { + "pattern": "://.*.?example\\.com" + }, + { + "pattern": "developer.github.com" + }, + { + "pattern": "docs.github.com" + }, + { + "pattern": "support.google.com" + }, + { + "pattern": "tailscale.com" + } + ] } diff --git a/.github/workflows/release.yaml b/.github/workflows/release.yaml index a64e0cebf0..3b5c1638da 100644 --- a/.github/workflows/release.yaml +++ b/.github/workflows/release.yaml @@ -176,7 +176,7 @@ jobs: service_account: ${{ secrets.GCP_SERVICE_ACCOUNT }} - name: Setup GCloud SDK - uses: 'google-github-actions/setup-gcloud@v1' + uses: "google-github-actions/setup-gcloud@v1" - name: Publish Helm Chart run: | diff --git a/.github/workflows/stale.yaml b/.github/workflows/stale.yaml index 30ad3fc934..d174cc7921 100644 --- a/.github/workflows/stale.yaml +++ b/.github/workflows/stale.yaml @@ -15,8 +15,8 @@ jobs: # https://github.com/actions/stale/pull/775 - uses: actions/stale@v6.0.0 with: - stale-issue-label: 'stale' - stale-pr-label: 'stale' + stale-issue-label: "stale" + stale-pr-label: "stale" # Pull Requests become stale more quickly due to merge conflicts. # Also, we promote minimizing WIP. days-before-pr-stale: 7 diff --git a/.github/workflows/welcome.yaml b/.github/workflows/welcome.yaml index 93973880fe..80493eb6f6 100644 --- a/.github/workflows/welcome.yaml +++ b/.github/workflows/welcome.yaml @@ -11,8 +11,8 @@ jobs: - uses: wow-actions/welcome@v1 with: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} - FIRST_PR_REACTIONS: '+1, hooray, rocket, heart' + FIRST_PR_REACTIONS: "+1, hooray, rocket, heart" FIRST_PR_COMMENT: | - πŸ‘‹ Welcome @{{ author }} to Coder! Yo @coder/docs this is @{{ author }}'s first pull-request here! + πŸ‘‹ Welcome @{{ author }} to Coder! Yo @coder/docs this is @{{ author }}'s first pull-request here! FIRST_PR_MERGED: | πŸŽ‰ Thanks for the contribution @{{ author }}! Yo @coder/docs @{{ author }}'s first contribution has been merged! πŸ‘€πŸ‘€πŸ‘€ diff --git a/.gitignore b/.gitignore index 4d6bf0772a..40fd51d164 100644 --- a/.gitignore +++ b/.gitignore @@ -1,40 +1,33 @@ -############################################################################### -# NOTICE # -# If you change this file, kindly copy-pasta your change into .prettierignore # -# and .eslintignore as well. See the following discussions to understand why # -# we have to resort to this duplication (at least for now): # -# # -# https://github.com/prettier/prettier/issues/8048 # -# https://github.com/prettier/prettier/issues/8506 # -# https://github.com/prettier/prettier/issues/8679 # -############################################################################### - -node_modules -vendor +# Common ignore patterns, these rules applies in both root and subdirectories. +.DS_Store .eslintcache -yarn-error.log +.gitpod.yml +.idea +**/*.swp gotests.coverage gotests.xml gotestsum.json -.idea -.gitpod.yml -.DS_Store +node_modules/ +vendor/ +yarn-error.log + +# VSCode settings. +**/.vscode/* +# Allow VSCode recommendations and default settings in project root. +!/.vscode/extensions.json +!/.vscode/settings.json + +# Front-end ignore patterns. +.next/ +site/**/*.typegen.ts +site/build-storybook.log +site/coverage/ +site/storybook-static/ +site/test-results/ # Make target for updating golden files. cli/testdata/.gen-golden -# Front-end ignore -.next/ -site/.eslintcache -site/.next/ -site/node_modules/ -site/storybook-static/ -site/test-results/ -site/yarn-error.log -coverage/ -site/**/*.typegen.ts -site/build-storybook.log - # Build /build/ /dist/ @@ -46,10 +39,7 @@ site/out/ *.lock.hcl .terraform/ -.vscode/*.log -.vscode/launch.json -**/*.swp -.coderv2/* +/.coderv2/* **/__debug_bin # direnv diff --git a/.golangci.yaml b/.golangci.yaml index 4181eb8319..658dab717f 100644 --- a/.golangci.yaml +++ b/.golangci.yaml @@ -103,7 +103,7 @@ linters-settings: settings: ruleguard: failOn: all - rules: '${configDir}/scripts/rules.go' + rules: "${configDir}/scripts/rules.go" staticcheck: # https://staticcheck.io/docs/options#checks diff --git a/.prettierignore b/.prettierignore new file mode 100644 index 0000000000..59afc5922b --- /dev/null +++ b/.prettierignore @@ -0,0 +1,60 @@ +# Code generated by Makefile (.gitignore .prettierignore.include). DO NOT EDIT. + +# .gitignore: +# Common ignore patterns, these rules applies in both root and subdirectories. +.DS_Store +.eslintcache +.gitpod.yml +.idea +**/*.swp +gotests.coverage +gotests.xml +gotestsum.json +node_modules/ +vendor/ +yarn-error.log + +# VSCode settings. +**/.vscode/* +# Allow VSCode recommendations and default settings in project root. +!/.vscode/extensions.json +!/.vscode/settings.json + +# Front-end ignore patterns. +.next/ +site/**/*.typegen.ts +site/build-storybook.log +site/coverage/ +site/storybook-static/ +site/test-results/ + +# Make target for updating golden files. +cli/testdata/.gen-golden + +# Build +/build/ +/dist/ +site/out/ + +*.tfstate +*.tfstate.backup +*.tfplan +*.lock.hcl +.terraform/ + +/.coderv2/* +**/__debug_bin + +# direnv +.envrc +# .prettierignore.include: +# Helm templates contain variables that are invalid YAML and can't be formatted +# by Prettier. +helm/templates/*.yaml + +# Terraform state files used in tests, these are automatically generated. +# Example: provisioner/terraform/testdata/instance-id/instance-id.tfstate.json +**/testdata/**/*.tf*.json + +# Testdata shouldn't be formatted. +scripts/apitypings/testdata/**/*.ts diff --git a/.prettierignore.include b/.prettierignore.include new file mode 100644 index 0000000000..74e477479c --- /dev/null +++ b/.prettierignore.include @@ -0,0 +1,10 @@ +# Helm templates contain variables that are invalid YAML and can't be formatted +# by Prettier. +helm/templates/*.yaml + +# Terraform state files used in tests, these are automatically generated. +# Example: provisioner/terraform/testdata/instance-id/instance-id.tfstate.json +**/testdata/**/*.tf*.json + +# Testdata shouldn't be formatted. +scripts/apitypings/testdata/**/*.ts diff --git a/.prettierrc.yaml b/.prettierrc.yaml new file mode 100644 index 0000000000..49ac825443 --- /dev/null +++ b/.prettierrc.yaml @@ -0,0 +1,16 @@ +# This config file is used in conjunction with `.editorconfig` to specify +# formatting for prettier-supported files. See `.editorconfig` and +# `site/.editorconfig`for whitespace formatting options. +printWidth: 80 +semi: false +trailingComma: all +overrides: + - files: + - README.md + options: + proseWrap: preserve + - files: + - "site/**/*.yaml" + - "site/**/*.yml" + options: + proseWrap: always diff --git a/Makefile b/Makefile index 69ad7e23dd..547787c1d5 100644 --- a/Makefile +++ b/Makefile @@ -369,9 +369,9 @@ fmt/prettier: cd site # Avoid writing files in CI to reduce file write activity ifdef CI - yarn run format:check . ../*.md ../docs + yarn run format:check else - yarn run format:write . ../*.md ../docs + yarn run format:write endif .PHONY: fmt/prettier @@ -411,13 +411,31 @@ gen: \ provisionerd/proto/provisionerd.pb.go \ site/src/api/typesGenerated.ts \ docs/admin/prometheus.md \ - coderd/apidoc/swagger.json + coderd/apidoc/swagger.json \ + .prettierignore.include \ + .prettierignore \ + site/.prettierrc.yaml \ + site/.prettierignore \ + site/.eslintignore .PHONY: gen # Mark all generated files as fresh so make thinks they're up-to-date. This is # used during releases so we don't run generation scripts. gen/mark-fresh: - files="coderd/database/dump.sql coderd/database/querier.go provisionersdk/proto/provisioner.pb.go provisionerd/proto/provisionerd.pb.go site/src/api/typesGenerated.ts docs/admin/prometheus.md coderd/apidoc/swagger.json" + files="\ + coderd/database/dump.sql \ + coderd/database/querier.go \ + provisionersdk/proto/provisioner.pb.go \ + provisionerd/proto/provisionerd.pb.go \ + site/src/api/typesGenerated.ts \ + docs/admin/prometheus.md \ + coderd/apidoc/swagger.json \ + .prettierignore.include \ + .prettierignore \ + site/.prettierrc.yaml \ + site/.prettierignore \ + site/.eslintignore \ + " for file in $$files; do echo "$$file" if [ ! -f "$$file" ]; then @@ -463,21 +481,80 @@ site/src/api/typesGenerated.ts: scripts/apitypings/main.go $(shell find ./coders docs/admin/prometheus.md: scripts/metricsdocgen/main.go scripts/metricsdocgen/metrics go run scripts/metricsdocgen/main.go cd site - yarn run format:write ../docs/admin/prometheus.md + yarn run format:write:only ../docs/admin/prometheus.md coderd/apidoc/swagger.json: $(shell find ./scripts/apidocgen -not \( -path './scripts/apidocgen/node_modules' -prune \) -type f) $(wildcard coderd/*.go) $(wildcard codersdk/*.go) ./scripts/apidocgen/generate.sh cd site - yarn run format:write ../docs/api ../docs/manifest.json ../coderd/apidoc/swagger.json + yarn run format:write:only ../docs/api ../docs/manifest.json ../coderd/apidoc/swagger.json update-golden-files: cli/testdata/.gen-golden .PHONY: update-golden-files cli/testdata/.gen-golden: $(wildcard cli/testdata/*.golden) $(GO_SRC_FILES) - go test ./cli -run=TestCommandHelp -update touch "$@" +# Generate a prettierrc for the site package that uses relative paths for +# overrides. This allows us to share the same prettier config between the +# site and the root of the repo. +site/.prettierrc.yaml: .prettierrc.yaml + . ./scripts/lib.sh + dependencies yq + + echo "# Code generated by Makefile (../$<). DO NOT EDIT." > "$@" + echo "" >> "$@" + + # Replace all listed override files with relative paths inside site/. + # - ./ -> ../ + # - ./site -> ./ + yq \ + '.overrides[].files |= map(. | sub("^./"; "") | sub("^"; "../") | sub("../site/"; "./"))' \ + "$<" >> "$@" + +# Combine .gitignore with .prettierignore.include to generate .prettierignore. +.prettierignore: .gitignore .prettierignore.include + echo "# Code generated by Makefile ($^). DO NOT EDIT." > "$@" + echo "" >> "$@" + for f in $^; do + echo "# $${f}:" >> "$@" + cat "$$f" >> "$@" + done + +# Generate ignore files based on gitignore into the site directory. We turn all +# rules into relative paths for the `site/` directory (where applicable), +# following the pattern format defined by git: +# https://git-scm.com/docs/gitignore#_pattern_format +# +# This is done for compatibility reasons, see: +# https://github.com/prettier/prettier/issues/8048 +# https://github.com/prettier/prettier/issues/8506 +# https://github.com/prettier/prettier/issues/8679 +site/.eslintignore site/.prettierignore: .prettierignore Makefile + rm -f "$@" + touch "$@" + # Skip generated by header, inherit `.prettierignore` header as-is. + while read -r rule; do + # Remove leading ! if present to simplify rule, added back at the end. + tmp="$${rule#!}" + ignore="$${rule%"$$tmp"}" + rule="$$tmp" + case "$$rule" in + # Comments or empty lines (include). + \#*|'') ;; + # Generic rules (include). + \*\**) ;; + # Site prefixed rules (include). + site/*) rule="$${rule#site/}";; + ./site/*) rule="$${rule#./site/}";; + # Rules that are non-generic and don't start with site (rewrite). + /*) rule=.."$$rule";; + */?*) rule=../"$$rule";; + *) ;; + esac + echo "$${ignore}$${rule}" >> "$@" + done < "$<" + test: test-clean gotestsum --debug -- -v -short ./... .PHONY: test diff --git a/cli/config/server.yaml b/cli/config/server.yaml index 8dcee73a0b..a15bedfdd8 100644 --- a/cli/config/server.yaml +++ b/cli/config/server.yaml @@ -9,7 +9,7 @@ gitauth: # Multiple providers are an Enterprise feature. # Contact sales@coder.com for a license. -# +# # If multiple providers are used, a unique "id" # must be provided for each one. # - id: example diff --git a/coderd/rbac/README.md b/coderd/rbac/README.md index f2e1283206..9a6f1fb40f 100644 --- a/coderd/rbac/README.md +++ b/coderd/rbac/README.md @@ -5,7 +5,8 @@ Package `authz` implements AuthoriZation for Coder. ## Overview Authorization defines what **permission** a **subject** has to perform **actions** to **objects**: -- **Permission** is binary: *yes* (allowed) or *no* (denied). + +- **Permission** is binary: _yes_ (allowed) or _no_ (denied). - **Subject** in this case is anything that implements interface `authz.Subject`. - **Action** here is an enumerated list of actions, but we stick to `Create`, `Read`, `Update`, and `Delete` here. - **Object** here is anything that implements `authz.Object`. @@ -22,6 +23,7 @@ A **permission** is always applied at a given **level**: **Permissions** at a higher **level** always override permissions at a **lower** level. The effect of a **permission** can be: + - **positive** (allows) - **negative** (denies) - **abstain** (neither allows or denies, not applicable) @@ -29,15 +31,14 @@ The effect of a **permission** can be: **Negative** permissions **always** override **positive** permissions at the same level. Both **negative** and **positive** permissions override **abstain** at the same level. -This can be represented by the following truth table, where Y represents *positive*, N represents *negative*, and _ represents *abstain*: +This can be represented by the following truth table, where Y represents _positive_, N represents _negative_, and \_ represents _abstain_: | Action | Positive | Negative | Result | -|--------|----------|----------|--------| -| read | Y | _ | Y | +| ------ | -------- | -------- | ------ | +| read | Y | \_ | Y | | read | Y | N | N | -| read | _ | _ | _ | -| read | _ | N | Y | - +| read | \_ | \_ | \_ | +| read | \_ | N | Y | ## Permission Representation @@ -56,18 +57,17 @@ This can be represented by the following truth table, where Y represents *positi ## Roles -A *role* is a set of permissions. When evaluating a role's permission to form an action, all the relevant permissions for the role are combined at each level. Permissions at a higher level override permissions at a lower level. +A _role_ is a set of permissions. When evaluating a role's permission to form an action, all the relevant permissions for the role are combined at each level. Permissions at a higher level override permissions at a lower level. The following table shows the per-level role evaluation. Y indicates that the role provides positive permissions, N indicates the role provides negative permissions, and _ indicates the role does not provide positive or negative permissions. YN_ indicates that the value in the cell does not matter for the access result. -| Role (example) | Site | Org | User | Result | -|-----------------|------|-----|------|--------| -| site-admin | Y | YN_ | YN_ | Y | -| no-permission | N | YN_ | YN_ | N | -| org-admin | _ | Y | YN_ | Y | -| non-org-member | _ | N | YN_ | N | -| user | _ | _ | Y | Y | -| | _ | _ | N | N | -| unauthenticated | _ | _ | _ | N | - +| Role (example) | Site | Org | User | Result | +| --------------- | ---- | ---- | ---- | ------ | +| site-admin | Y | YN\_ | YN\_ | Y | +| no-permission | N | YN\_ | YN\_ | N | +| org-admin | \_ | Y | YN\_ | Y | +| non-org-member | \_ | N | YN\_ | N | +| user | \_ | \_ | Y | Y | +| | \_ | \_ | N | N | +| unauthenticated | \_ | \_ | \_ | N | diff --git a/dogfood/Dockerfile b/dogfood/Dockerfile index c96ee1fd2d..34c53d761b 100644 --- a/dogfood/Dockerfile +++ b/dogfood/Dockerfile @@ -13,8 +13,8 @@ RUN mkdir --parents /usr/local/go # Boring Go is needed to build FIPS-compliant binaries. RUN curl --silent --show-error --location \ - "https://go.dev/dl/go${GO_VERSION}.linux-amd64.tar.gz" \ - -o /usr/local/go.tar.gz + "https://go.dev/dl/go${GO_VERSION}.linux-amd64.tar.gz" \ + -o /usr/local/go.tar.gz RUN tar --extract --gzip --directory=/usr/local/go --file=/usr/local/go.tar.gz --strip-components=1 @@ -23,52 +23,56 @@ ENV PATH=$PATH:/usr/local/go/bin # Install Go utilities. ARG GOPATH="/tmp/" RUN mkdir --parents "$GOPATH" && \ - # moq for Go tests. - go install github.com/matryer/moq@v0.2.3 && \ - # swag for Swagger doc generation - go install github.com/swaggo/swag/cmd/swag@v1.7.4 && \ - # go-swagger tool to generate the go coder api client - go install github.com/go-swagger/go-swagger/cmd/swagger@v0.28.0 && \ - # goimports for updating imports - go install golang.org/x/tools/cmd/goimports@v0.1.7 && \ - # protoc-gen-go is needed to build sysbox from source - go install google.golang.org/protobuf/cmd/protoc-gen-go@v1.26 && \ - # drpc support for v2 - go install storj.io/drpc/cmd/protoc-gen-go-drpc@v0.0.26 && \ - # migrate for migration support for v2 - go install github.com/golang-migrate/migrate/v4/cmd/migrate@v4.15.1 && \ - # goreleaser for compiling v2 binaries - go install github.com/goreleaser/goreleaser@v1.6.1 && \ - # Install the latest version of gopls for editors that support - # the language server protocol - go install golang.org/x/tools/gopls@latest && \ - # gotestsum makes test output more readable - go install gotest.tools/gotestsum@v1.7.0 && \ - # goveralls collects code coverage metrics from tests - # and sends to Coveralls - go install github.com/mattn/goveralls@v0.0.11 && \ - # kind for running Kubernetes-in-Docker, needed for tests - go install sigs.k8s.io/kind@v0.10.0 && \ - # helm-docs generates our Helm README based on a template and the - # charts and values files - go install github.com/norwoodj/helm-docs/cmd/helm-docs@v1.5.0 && \ - # sqlc for Go code generation - go install github.com/kyleconroy/sqlc/cmd/sqlc@v1.10.0 && \ - # gcr-cleaner-cli used by CI to prune unused images - go install github.com/sethvargo/gcr-cleaner/cmd/gcr-cleaner-cli@v0.5.1 && \ - # ruleguard for checking custom rules, without needing to run all of - # golangci-lint. Check the go.mod in the release of golangci-lint that - # we're using for the version of go-critic that it embeds, then check - # the version of ruleguard in go-critic for that tag. - go install github.com/quasilyte/go-ruleguard/cmd/ruleguard@v0.3.13 && \ - # go-fuzz for fuzzy testing. they don't publish releases so we rely on latest. - go install github.com/dvyukov/go-fuzz/go-fuzz@latest && \ - go install github.com/dvyukov/go-fuzz/go-fuzz-build@latest && \ - # go-releaser for building 'fat binaries' that work cross-platform - go install github.com/goreleaser/goreleaser@v1.6.1 && \ - go install mvdan.cc/sh/v3/cmd/shfmt@latest && \ - # nfpm is used with `make build` to make release packages - go install github.com/goreleaser/nfpm/v2/cmd/nfpm@v2.16.0 + # moq for Go tests. + go install github.com/matryer/moq@v0.2.3 && \ + # swag for Swagger doc generation + go install github.com/swaggo/swag/cmd/swag@v1.7.4 && \ + # go-swagger tool to generate the go coder api client + go install github.com/go-swagger/go-swagger/cmd/swagger@v0.28.0 && \ + # goimports for updating imports + go install golang.org/x/tools/cmd/goimports@v0.1.7 && \ + # protoc-gen-go is needed to build sysbox from source + go install google.golang.org/protobuf/cmd/protoc-gen-go@v1.26 && \ + # drpc support for v2 + go install storj.io/drpc/cmd/protoc-gen-go-drpc@v0.0.26 && \ + # migrate for migration support for v2 + go install github.com/golang-migrate/migrate/v4/cmd/migrate@v4.15.1 && \ + # goreleaser for compiling v2 binaries + go install github.com/goreleaser/goreleaser@v1.6.1 && \ + # Install the latest version of gopls for editors that support + # the language server protocol + go install golang.org/x/tools/gopls@latest && \ + # gotestsum makes test output more readable + go install gotest.tools/gotestsum@v1.7.0 && \ + # goveralls collects code coverage metrics from tests + # and sends to Coveralls + go install github.com/mattn/goveralls@v0.0.11 && \ + # kind for running Kubernetes-in-Docker, needed for tests + go install sigs.k8s.io/kind@v0.10.0 && \ + # helm-docs generates our Helm README based on a template and the + # charts and values files + go install github.com/norwoodj/helm-docs/cmd/helm-docs@v1.5.0 && \ + # sqlc for Go code generation + go install github.com/kyleconroy/sqlc/cmd/sqlc@v1.10.0 && \ + # gcr-cleaner-cli used by CI to prune unused images + go install github.com/sethvargo/gcr-cleaner/cmd/gcr-cleaner-cli@v0.5.1 && \ + # ruleguard for checking custom rules, without needing to run all of + # golangci-lint. Check the go.mod in the release of golangci-lint that + # we're using for the version of go-critic that it embeds, then check + # the version of ruleguard in go-critic for that tag. + go install github.com/quasilyte/go-ruleguard/cmd/ruleguard@v0.3.13 && \ + # go-fuzz for fuzzy testing. they don't publish releases so we rely on latest. + go install github.com/dvyukov/go-fuzz/go-fuzz@latest && \ + go install github.com/dvyukov/go-fuzz/go-fuzz-build@latest && \ + # go-releaser for building 'fat binaries' that work cross-platform + go install github.com/goreleaser/goreleaser@v1.6.1 && \ + go install mvdan.cc/sh/v3/cmd/shfmt@latest && \ + # nfpm is used with `make build` to make release packages + go install github.com/goreleaser/nfpm/v2/cmd/nfpm@v2.16.0 && \ + # yq v4 is used to process yaml files in coder v2. Conflicts with + # yq v3 used in v1. + go install github.com/mikefarah/yq/v4@v4.30.6 && \ + mv /tmp/bin/yq /tmp/bin/yq4 FROM alpine:3.16 as proto WORKDIR /tmp @@ -92,176 +96,176 @@ COPY files / ARG DEBIAN_FRONTEND="noninteractive" RUN apt-get update --quiet && apt-get install --yes \ - apt-transport-https \ - apt-utils \ - bash \ - bash-completion \ - bats \ - bind9-dnsutils \ - build-essential \ - ca-certificates \ - cmake \ - crypto-policies \ - curl \ - fd-find \ - file \ - git \ - gnupg \ - graphviz \ - htop \ - httpie \ - inetutils-tools \ - iproute2 \ - iputils-ping \ - iputils-tracepath \ - jq \ - language-pack-en \ - less \ - lsb-release \ - man \ - meld \ - net-tools \ - openjdk-11-jdk-headless \ - openssh-server \ - openssl \ - pkg-config \ - python3 \ - python3-pip \ - rsync \ - shellcheck \ - strace \ - sudo \ - tcptraceroute \ - termshark \ - traceroute \ - vim \ - wget \ - xauth \ - zip \ - ncdu \ - cargo \ - asciinema \ - zsh \ - ansible \ - neovim \ - google-cloud-sdk \ - google-cloud-sdk-datastore-emulator \ - kubectl \ - postgresql-13 \ - containerd.io \ - docker-ce \ - docker-ce-cli \ - packer \ - terraform \ - fish \ - unzip \ - zstd && \ - # Delete package cache to avoid consuming space in layer - apt-get clean && \ - # Configure FIPS-compliant policies - update-crypto-policies --set FIPS + apt-transport-https \ + apt-utils \ + bash \ + bash-completion \ + bats \ + bind9-dnsutils \ + build-essential \ + ca-certificates \ + cmake \ + crypto-policies \ + curl \ + fd-find \ + file \ + git \ + gnupg \ + graphviz \ + htop \ + httpie \ + inetutils-tools \ + iproute2 \ + iputils-ping \ + iputils-tracepath \ + jq \ + language-pack-en \ + less \ + lsb-release \ + man \ + meld \ + net-tools \ + openjdk-11-jdk-headless \ + openssh-server \ + openssl \ + pkg-config \ + python3 \ + python3-pip \ + rsync \ + shellcheck \ + strace \ + sudo \ + tcptraceroute \ + termshark \ + traceroute \ + vim \ + wget \ + xauth \ + zip \ + ncdu \ + cargo \ + asciinema \ + zsh \ + ansible \ + neovim \ + google-cloud-sdk \ + google-cloud-sdk-datastore-emulator \ + kubectl \ + postgresql-13 \ + containerd.io \ + docker-ce \ + docker-ce-cli \ + packer \ + terraform \ + fish \ + unzip \ + zstd && \ + # Delete package cache to avoid consuming space in layer + apt-get clean && \ + # Configure FIPS-compliant policies + update-crypto-policies --set FIPS # See https://github.com/cli/cli/issues/6175#issuecomment-1235984381 for proof # the apt repository is unreliable RUN curl -L https://github.com/cli/cli/releases/download/v2.14.7/gh_2.14.7_linux_amd64.deb -o gh.deb && \ - dpkg -i gh.deb + dpkg -i gh.deb # Install Lazygit # See https://github.com/jesseduffield/lazygit#ubuntu RUN LAZYGIT_VERSION=$(curl -s "https://api.github.com/repos/jesseduffield/lazygit/releases/latest" | grep '"tag_name":' | sed -E 's/.*"v*([^"]+)".*/\1/') && \ - curl -Lo lazygit.tar.gz "https://github.com/jesseduffield/lazygit/releases/latest/download/lazygit_${LAZYGIT_VERSION}_Linux_x86_64.tar.gz" && \ - tar xf lazygit.tar.gz -C /usr/local/bin lazygit + curl -Lo lazygit.tar.gz "https://github.com/jesseduffield/lazygit/releases/latest/download/lazygit_${LAZYGIT_VERSION}_Linux_x86_64.tar.gz" && \ + tar xf lazygit.tar.gz -C /usr/local/bin lazygit # Install frontend utilities RUN apt-get update && \ - # Node.js (from nodesource) and Yarn (from yarnpkg) - apt-get install --yes --quiet \ - nodejs yarn \ - # Install browsers for e2e testing - google-chrome-stable microsoft-edge-beta && \ - # Pre-install system dependencies that Playwright needs. npx doesn't work here - # for some reason. See https://github.com/microsoft/playwright-cli/issues/136 - npm i -g playwright@1.19.1 && playwright install-deps + # Node.js (from nodesource) and Yarn (from yarnpkg) + apt-get install --yes --quiet \ + nodejs yarn \ + # Install browsers for e2e testing + google-chrome-stable microsoft-edge-beta && \ + # Pre-install system dependencies that Playwright needs. npx doesn't work here + # for some reason. See https://github.com/microsoft/playwright-cli/issues/136 + npm i -g playwright@1.19.1 && playwright install-deps # Ensure PostgreSQL binaries are in the users $PATH. RUN update-alternatives --install /usr/local/bin/initdb initdb /usr/lib/postgresql/13/bin/initdb 100 && \ - update-alternatives --install /usr/local/bin/postgres postgres /usr/lib/postgresql/13/bin/postgres 100 + update-alternatives --install /usr/local/bin/postgres postgres /usr/lib/postgresql/13/bin/postgres 100 # Create links for injected dependencies RUN ln --symbolic /var/tmp/coder/coder-cli/coder /usr/local/bin/coder && \ - ln --symbolic /var/tmp/coder/code-server/bin/code-server /usr/local/bin/code-server + ln --symbolic /var/tmp/coder/code-server/bin/code-server /usr/local/bin/code-server # Disable the PostgreSQL systemd service. # Coder uses a custom timescale container to test the database instead. RUN systemctl disable \ - postgresql + postgresql # Configure systemd services for CVMs RUN systemctl enable \ - docker \ - ssh + docker \ + ssh # Install tools with published releases, where that is the # preferred/recommended installation method. ARG CLOUD_SQL_PROXY_VERSION=1.26.0 \ - DIVE_VERSION=0.10.0 \ - DOCKER_GCR_VERSION=2.1.0 \ - GOLANGCI_LINT_VERSION=1.48.0 \ - GRYPE_VERSION=0.24.0 \ - HELM_VERSION=3.8.0 \ - KUBE_LINTER_VERSION=0.2.5 \ - KUBECTX_VERSION=0.9.4 \ - STRIPE_VERSION=1.7.4 \ - TERRAGRUNT_VERSION=0.34.1 \ - TRIVY_VERSION=0.23.0 + DIVE_VERSION=0.10.0 \ + DOCKER_GCR_VERSION=2.1.0 \ + GOLANGCI_LINT_VERSION=1.48.0 \ + GRYPE_VERSION=0.24.0 \ + HELM_VERSION=3.8.0 \ + KUBE_LINTER_VERSION=0.2.5 \ + KUBECTX_VERSION=0.9.4 \ + STRIPE_VERSION=1.7.4 \ + TERRAGRUNT_VERSION=0.34.1 \ + TRIVY_VERSION=0.23.0 # cloud_sql_proxy, for connecting to cloudsql instances # the upstream go.mod prevents this from being installed with go install RUN curl --silent --show-error --location --output /usr/local/bin/cloud_sql_proxy "https://storage.googleapis.com/cloudsql-proxy/v${CLOUD_SQL_PROXY_VERSION}/cloud_sql_proxy.linux.amd64" && \ - chmod a=rx /usr/local/bin/cloud_sql_proxy && \ - # dive for scanning image layer utilization metrics in CI - curl --silent --show-error --location "https://github.com/wagoodman/dive/releases/download/v${DIVE_VERSION}/dive_${DIVE_VERSION}_linux_amd64.tar.gz" | \ - tar --extract --gzip --directory=/usr/local/bin --file=- dive && \ - # docker-credential-gcr is a Docker credential helper for pushing/pulling - # images from Google Container Registry and Artifact Registry - curl --silent --show-error --location "https://github.com/GoogleCloudPlatform/docker-credential-gcr/releases/download/v${DOCKER_GCR_VERSION}/docker-credential-gcr_linux_amd64-${DOCKER_GCR_VERSION}.tar.gz" | \ - tar --extract --gzip --directory=/usr/local/bin --file=- docker-credential-gcr && \ - # golangci-lint performs static code analysis for our Go code - curl --silent --show-error --location "https://github.com/golangci/golangci-lint/releases/download/v${GOLANGCI_LINT_VERSION}/golangci-lint-${GOLANGCI_LINT_VERSION}-linux-amd64.tar.gz" | \ - tar --extract --gzip --directory=/usr/local/bin --file=- --strip-components=1 "golangci-lint-${GOLANGCI_LINT_VERSION}-linux-amd64/golangci-lint" && \ - # Anchore Grype for scanning container images for security issues - curl --silent --show-error --location "https://github.com/anchore/grype/releases/download/v${GRYPE_VERSION}/grype_${GRYPE_VERSION}_linux_amd64.tar.gz" | \ - tar --extract --gzip --directory=/usr/local/bin --file=- grype && \ - # Helm is necessary for deploying Coder - curl --silent --show-error --location "https://get.helm.sh/helm-v${HELM_VERSION}-linux-amd64.tar.gz" | \ - tar --extract --gzip --directory=/usr/local/bin --file=- --strip-components=1 linux-amd64/helm && \ - # kube-linter for linting Kubernetes objects, including those - # that Helm generates from our charts - curl --silent --show-error --location "https://github.com/stackrox/kube-linter/releases/download/${KUBE_LINTER_VERSION}/kube-linter-linux.tar.gz" | \ - tar --extract --gzip --directory=/usr/local/bin --file=- kube-linter && \ - # kubens and kubectx for managing Kubernetes namespaces and contexts - curl --silent --show-error --location "https://github.com/ahmetb/kubectx/releases/download/v${KUBECTX_VERSION}/kubectx_v${KUBECTX_VERSION}_linux_x86_64.tar.gz" | \ - tar --extract --gzip --directory=/usr/local/bin --file=- kubectx && \ - curl --silent --show-error --location "https://github.com/ahmetb/kubectx/releases/download/v${KUBECTX_VERSION}/kubens_v${KUBECTX_VERSION}_linux_x86_64.tar.gz" | \ - tar --extract --gzip --directory=/usr/local/bin --file=- kubens && \ - # stripe for coder.com billing API - curl --silent --show-error --location "https://github.com/stripe/stripe-cli/releases/download/v${STRIPE_VERSION}/stripe_${STRIPE_VERSION}_linux_x86_64.tar.gz" | \ - tar --extract --gzip --directory=/usr/local/bin --file=- stripe && \ - # terragrunt for running Terraform and Terragrunt files - curl --silent --show-error --location --output /usr/local/bin/terragrunt "https://github.com/gruntwork-io/terragrunt/releases/download/v${TERRAGRUNT_VERSION}/terragrunt_linux_amd64" && \ - chmod a=rx /usr/local/bin/terragrunt && \ - # AquaSec Trivy for scanning container images for security issues - curl --silent --show-error --location "https://github.com/aquasecurity/trivy/releases/download/v${TRIVY_VERSION}/trivy_${TRIVY_VERSION}_Linux-64bit.tar.gz" | \ - tar --extract --gzip --directory=/usr/local/bin --file=- trivy + chmod a=rx /usr/local/bin/cloud_sql_proxy && \ + # dive for scanning image layer utilization metrics in CI + curl --silent --show-error --location "https://github.com/wagoodman/dive/releases/download/v${DIVE_VERSION}/dive_${DIVE_VERSION}_linux_amd64.tar.gz" | \ + tar --extract --gzip --directory=/usr/local/bin --file=- dive && \ + # docker-credential-gcr is a Docker credential helper for pushing/pulling + # images from Google Container Registry and Artifact Registry + curl --silent --show-error --location "https://github.com/GoogleCloudPlatform/docker-credential-gcr/releases/download/v${DOCKER_GCR_VERSION}/docker-credential-gcr_linux_amd64-${DOCKER_GCR_VERSION}.tar.gz" | \ + tar --extract --gzip --directory=/usr/local/bin --file=- docker-credential-gcr && \ + # golangci-lint performs static code analysis for our Go code + curl --silent --show-error --location "https://github.com/golangci/golangci-lint/releases/download/v${GOLANGCI_LINT_VERSION}/golangci-lint-${GOLANGCI_LINT_VERSION}-linux-amd64.tar.gz" | \ + tar --extract --gzip --directory=/usr/local/bin --file=- --strip-components=1 "golangci-lint-${GOLANGCI_LINT_VERSION}-linux-amd64/golangci-lint" && \ + # Anchore Grype for scanning container images for security issues + curl --silent --show-error --location "https://github.com/anchore/grype/releases/download/v${GRYPE_VERSION}/grype_${GRYPE_VERSION}_linux_amd64.tar.gz" | \ + tar --extract --gzip --directory=/usr/local/bin --file=- grype && \ + # Helm is necessary for deploying Coder + curl --silent --show-error --location "https://get.helm.sh/helm-v${HELM_VERSION}-linux-amd64.tar.gz" | \ + tar --extract --gzip --directory=/usr/local/bin --file=- --strip-components=1 linux-amd64/helm && \ + # kube-linter for linting Kubernetes objects, including those + # that Helm generates from our charts + curl --silent --show-error --location "https://github.com/stackrox/kube-linter/releases/download/${KUBE_LINTER_VERSION}/kube-linter-linux.tar.gz" | \ + tar --extract --gzip --directory=/usr/local/bin --file=- kube-linter && \ + # kubens and kubectx for managing Kubernetes namespaces and contexts + curl --silent --show-error --location "https://github.com/ahmetb/kubectx/releases/download/v${KUBECTX_VERSION}/kubectx_v${KUBECTX_VERSION}_linux_x86_64.tar.gz" | \ + tar --extract --gzip --directory=/usr/local/bin --file=- kubectx && \ + curl --silent --show-error --location "https://github.com/ahmetb/kubectx/releases/download/v${KUBECTX_VERSION}/kubens_v${KUBECTX_VERSION}_linux_x86_64.tar.gz" | \ + tar --extract --gzip --directory=/usr/local/bin --file=- kubens && \ + # stripe for coder.com billing API + curl --silent --show-error --location "https://github.com/stripe/stripe-cli/releases/download/v${STRIPE_VERSION}/stripe_${STRIPE_VERSION}_linux_x86_64.tar.gz" | \ + tar --extract --gzip --directory=/usr/local/bin --file=- stripe && \ + # terragrunt for running Terraform and Terragrunt files + curl --silent --show-error --location --output /usr/local/bin/terragrunt "https://github.com/gruntwork-io/terragrunt/releases/download/v${TERRAGRUNT_VERSION}/terragrunt_linux_amd64" && \ + chmod a=rx /usr/local/bin/terragrunt && \ + # AquaSec Trivy for scanning container images for security issues + curl --silent --show-error --location "https://github.com/aquasecurity/trivy/releases/download/v${TRIVY_VERSION}/trivy_${TRIVY_VERSION}_Linux-64bit.tar.gz" | \ + tar --extract --gzip --directory=/usr/local/bin --file=- trivy # Add Vercel globally. We can't install it in packages.json, because it # includes Go files which make golangci-lint unhappy. RUN yarn global add --prefix=/usr/local \ - vercel \ - typescript \ - typescript-language-server \ - prettier && \ - yarn cache clean + vercel \ + typescript \ + typescript-language-server \ + prettier && \ + yarn cache clean # We use yq during "make deploy" to manually substitute out fields in # our helm values.yaml file. See https://github.com/helm/helm/issues/3141 @@ -273,13 +277,13 @@ RUN yarn global add --prefix=/usr/local \ # mv /usr/local/bin/yq_linux_amd64 /usr/local/bin/yq RUN curl --silent --show-error --location --output /usr/local/bin/yq "https://github.com/mikefarah/yq/releases/download/3.3.0/yq_linux_amd64" && \ - chmod a=rx /usr/local/bin/yq + chmod a=rx /usr/local/bin/yq # Install GoLand. RUN mkdir --parents /usr/local/goland && \ - curl --silent --show-error --location "https://download.jetbrains.com/go/goland-2021.2.tar.gz" | \ - tar --extract --gzip --directory=/usr/local/goland --file=- --strip-components=1 && \ - ln --symbolic /usr/local/goland/bin/goland.sh /usr/local/bin/goland + curl --silent --show-error --location "https://download.jetbrains.com/go/goland-2021.2.tar.gz" | \ + tar --extract --gzip --directory=/usr/local/goland --file=- --strip-components=1 && \ + ln --symbolic /usr/local/goland/bin/goland.sh /usr/local/bin/goland # Install Antlrv4, needed to generate paramlang lexer/parser RUN curl --silent --show-error --location --output /usr/local/lib/antlr-4.9.2-complete.jar "https://www.antlr.org/download/antlr-4.9.2-complete.jar" @@ -287,22 +291,22 @@ ENV CLASSPATH="/usr/local/lib/antlr-4.9.2-complete.jar:${PATH}" # Add coder user and allow use of docker/sudo RUN useradd coder \ - --create-home \ - --shell=/bin/bash \ - --groups=docker \ - --uid=1000 \ - --user-group + --create-home \ + --shell=/bin/bash \ + --groups=docker \ + --uid=1000 \ + --user-group # Adjust OpenSSH config RUN echo "PermitUserEnvironment yes" >>/etc/ssh/sshd_config && \ - echo "X11Forwarding yes" >>/etc/ssh/sshd_config && \ - echo "X11UseLocalhost no" >>/etc/ssh/sshd_config + echo "X11Forwarding yes" >>/etc/ssh/sshd_config && \ + echo "X11UseLocalhost no" >>/etc/ssh/sshd_config # We avoid copying the extracted directory since COPY slows to minutes when there # are a lot of small files. COPY --from=go /usr/local/go.tar.gz /usr/local/go.tar.gz RUN mkdir /usr/local/go && \ - tar --extract --gzip --directory=/usr/local/go --file=/usr/local/go.tar.gz --strip-components=1 + tar --extract --gzip --directory=/usr/local/go --file=/usr/local/go.tar.gz --strip-components=1 ENV PATH=$PATH:/usr/local/go/bin diff --git a/dogfood/guide.md b/dogfood/guide.md index 07c275e54d..621cb69d2a 100644 --- a/dogfood/guide.md +++ b/dogfood/guide.md @@ -51,11 +51,11 @@ The following explains how to do certain things related to dogfooding. 7. To create your own template, you can do: `./scripts/coder-dev.sh templates init` and choose your preferred option. For example, choosing β€œDevelop in Docker” will create a new folder `docker` that contains the bare bones for starting a Docker workspace template. Then, enter the folder that was just created and customize as you wish. - + ## Troubleshooting diff --git a/examples/lima/README.md b/examples/lima/README.md index 67fd5a51bd..ade54e52a7 100644 --- a/examples/lima/README.md +++ b/examples/lima/README.md @@ -17,6 +17,7 @@ This lets you quickly test out Coder in a self-contained environment. - You can use the configuration as-is, or edit it to your liking. This will: + - Start an Ubuntu 22.04 VM - Install Docker and Terraform from the official repos - Install Coder using the [installation script](https://coder.com/docs/coder-oss/latest/install#installsh) diff --git a/examples/lima/coder.yaml b/examples/lima/coder.yaml index 58e36dd054..eff8260ccb 100644 --- a/examples/lima/coder.yaml +++ b/examples/lima/coder.yaml @@ -7,19 +7,19 @@ # This example requires Lima v0.8.3 or later. images: -# Try to use release-yyyyMMdd image if available. Note that release-yyyyMMdd will be removed after several months. -- location: "https://cloud-images.ubuntu.com/releases/22.04/release-20220420/ubuntu-22.04-server-cloudimg-amd64.img" - arch: "x86_64" - digest: "sha256:de5e632e17b8965f2baf4ea6d2b824788e154d9a65df4fd419ec4019898e15cd" -- location: "https://cloud-images.ubuntu.com/releases/22.04/release-20220420/ubuntu-22.04-server-cloudimg-arm64.img" - arch: "aarch64" - digest: "sha256:66224c7fed99ff5a5539eda406c87bbfefe8af6ff6b47d92df3187832b5b5d4f" -# Fallback to the latest release image. -# Hint: run `limactl prune` to invalidate the cache -- location: "https://cloud-images.ubuntu.com/releases/22.04/release/ubuntu-22.04-server-cloudimg-amd64.img" - arch: "x86_64" -- location: "https://cloud-images.ubuntu.com/releases/22.04/release/ubuntu-22.04-server-cloudimg-arm64.img" - arch: "aarch64" + # Try to use release-yyyyMMdd image if available. Note that release-yyyyMMdd will be removed after several months. + - location: "https://cloud-images.ubuntu.com/releases/22.04/release-20220420/ubuntu-22.04-server-cloudimg-amd64.img" + arch: "x86_64" + digest: "sha256:de5e632e17b8965f2baf4ea6d2b824788e154d9a65df4fd419ec4019898e15cd" + - location: "https://cloud-images.ubuntu.com/releases/22.04/release-20220420/ubuntu-22.04-server-cloudimg-arm64.img" + arch: "aarch64" + digest: "sha256:66224c7fed99ff5a5539eda406c87bbfefe8af6ff6b47d92df3187832b5b5d4f" + # Fallback to the latest release image. + # Hint: run `limactl prune` to invalidate the cache + - location: "https://cloud-images.ubuntu.com/releases/22.04/release/ubuntu-22.04-server-cloudimg-amd64.img" + arch: "x86_64" + - location: "https://cloud-images.ubuntu.com/releases/22.04/release/ubuntu-22.04-server-cloudimg-arm64.img" + arch: "aarch64" # Your home directory is mounted read-only mounts: @@ -33,101 +33,101 @@ hostResolver: hosts: host.docker.internal: host.lima.internal provision: -- mode: system - # This script defines the host.docker.internal hostname when hostResolver is disabled. - # It is also needed for lima 0.8.2 and earlier, which does not support hostResolver.hosts. - # Names defined in /etc/hosts inside the VM are not resolved inside containers when - # using the hostResolver; use hostResolver.hosts instead (requires lima 0.8.3 or later). - script: | - #!/bin/sh - set -eux -o pipefail - sed -i 's/host.lima.internal.*/host.lima.internal host.docker.internal/' /etc/hosts -- mode: system - script: | - #!/bin/bash - set -eux -o pipefail - command -v docker >/dev/null 2>&1 && exit 0 - export DEBIAN_FRONTEND=noninteractive - curl -fsSL https://get.docker.com | sh - # Ensure we have a decent logging driver set up for Docker, for debugging. - cat > /etc/docker/daemon.json << EOF - { - "log-driver": "journald" - } - EOF - systemctl restart docker - # In case a user forgets to set the arch correctly, just install binfmt - docker run --privileged --rm tonistiigi/binfmt --install all -- mode: system - script: | - #!/bin/bash - set -eux -o pipefail - command -v terraform >/dev/null 2>&1 && exit 0 - DEBIAN_FRONTEND=noninteractive apt-get install -qqy unzip - rm -fv /tmp/terraform.zip || true - wget -qO /tmp/terraform.zip "https://releases.hashicorp.com/terraform/1.3.0/terraform_1.3.0_linux_$(dpkg --print-architecture).zip" - unzip /tmp/terraform.zip -d /usr/local/bin/ - chmod +x /usr/local/bin/terraform - rm -fv /tmp/terraform.zip || true -- mode: system - script: | - #!/bin/bash - set -eux -o pipefail - command -v coder >/dev/null 2>&1 && exit 0 - export DEBIAN_FRONTEND=noninteractive - export HOME=/root - curl -fsSL https://coder.com/install.sh | sh - # Ensure Coder has permissions on /var/run/docker.socket - usermod -aG docker coder - # Ensure coder listens on all interfaces - sed -i 's/CODER_ADDRESS=.*/CODER_ADDRESS=0.0.0.0:3000/' /etc/coder.d/coder.env - # Ensure coder starts on boot - systemctl enable coder - systemctl start coder - # Wait for Coder to have downloaded Terraform - timeout 60s bash -c 'until /var/cache/coder/terraform version >/dev/null 2>&1; do sleep 1; done' - # Coder restarts after downloading Terraform, wait for it to become available - timeout 60s bash -c 'until nc -z localhost 3000 > /dev/null 2>&1; do sleep 1; done' -- mode: user - script: | - #!/bin/bash - set -eux -o pipefail - # If we are already logged in, nothing to do - coder templates list >/dev/null 2>&1 && exit 0 - # Set up initial user - [ ! -e ~/.config/coderv2/session ] && coder login http://localhost:3000 --first-user-username admin --first-user-email admin@coder.com --first-user-password $(< /dev/urandom tr -dc _A-Z-a-z-0-9 | head -c8 | tee ${HOME}/.config/coderv2/password) - # Create an initial template - temp_template_dir=$(mktemp -d) - echo code-server | coder templates init "${temp_template_dir}" - DOCKER_ARCH="amd64" - if [ "$(arch)" = "aarch64" ]; then - DOCKER_ARCH="arm64" - fi - DOCKER_HOST=$(docker context inspect --format '{{.Endpoints.docker.Host}}') - printf 'docker_arch: "%s"\ndocker_host: "%s"\n' "${DOCKER_ARCH}" "${DOCKER_HOST}" | tee "${temp_template_dir}/params.yaml" - coder templates create "docker-code-server-${DOCKER_ARCH}" --directory "${temp_template_dir}" --parameter-file "${temp_template_dir}/params.yaml" --yes - rm -rfv "${temp_template_dir}" + - mode: system + # This script defines the host.docker.internal hostname when hostResolver is disabled. + # It is also needed for lima 0.8.2 and earlier, which does not support hostResolver.hosts. + # Names defined in /etc/hosts inside the VM are not resolved inside containers when + # using the hostResolver; use hostResolver.hosts instead (requires lima 0.8.3 or later). + script: | + #!/bin/sh + set -eux -o pipefail + sed -i 's/host.lima.internal.*/host.lima.internal host.docker.internal/' /etc/hosts + - mode: system + script: | + #!/bin/bash + set -eux -o pipefail + command -v docker >/dev/null 2>&1 && exit 0 + export DEBIAN_FRONTEND=noninteractive + curl -fsSL https://get.docker.com | sh + # Ensure we have a decent logging driver set up for Docker, for debugging. + cat > /etc/docker/daemon.json << EOF + { + "log-driver": "journald" + } + EOF + systemctl restart docker + # In case a user forgets to set the arch correctly, just install binfmt + docker run --privileged --rm tonistiigi/binfmt --install all + - mode: system + script: | + #!/bin/bash + set -eux -o pipefail + command -v terraform >/dev/null 2>&1 && exit 0 + DEBIAN_FRONTEND=noninteractive apt-get install -qqy unzip + rm -fv /tmp/terraform.zip || true + wget -qO /tmp/terraform.zip "https://releases.hashicorp.com/terraform/1.3.0/terraform_1.3.0_linux_$(dpkg --print-architecture).zip" + unzip /tmp/terraform.zip -d /usr/local/bin/ + chmod +x /usr/local/bin/terraform + rm -fv /tmp/terraform.zip || true + - mode: system + script: | + #!/bin/bash + set -eux -o pipefail + command -v coder >/dev/null 2>&1 && exit 0 + export DEBIAN_FRONTEND=noninteractive + export HOME=/root + curl -fsSL https://coder.com/install.sh | sh + # Ensure Coder has permissions on /var/run/docker.socket + usermod -aG docker coder + # Ensure coder listens on all interfaces + sed -i 's/CODER_ADDRESS=.*/CODER_ADDRESS=0.0.0.0:3000/' /etc/coder.d/coder.env + # Ensure coder starts on boot + systemctl enable coder + systemctl start coder + # Wait for Coder to have downloaded Terraform + timeout 60s bash -c 'until /var/cache/coder/terraform version >/dev/null 2>&1; do sleep 1; done' + # Coder restarts after downloading Terraform, wait for it to become available + timeout 60s bash -c 'until nc -z localhost 3000 > /dev/null 2>&1; do sleep 1; done' + - mode: user + script: | + #!/bin/bash + set -eux -o pipefail + # If we are already logged in, nothing to do + coder templates list >/dev/null 2>&1 && exit 0 + # Set up initial user + [ ! -e ~/.config/coderv2/session ] && coder login http://localhost:3000 --first-user-username admin --first-user-email admin@coder.com --first-user-password $(< /dev/urandom tr -dc _A-Z-a-z-0-9 | head -c8 | tee ${HOME}/.config/coderv2/password) + # Create an initial template + temp_template_dir=$(mktemp -d) + echo code-server | coder templates init "${temp_template_dir}" + DOCKER_ARCH="amd64" + if [ "$(arch)" = "aarch64" ]; then + DOCKER_ARCH="arm64" + fi + DOCKER_HOST=$(docker context inspect --format '{{.Endpoints.docker.Host}}') + printf 'docker_arch: "%s"\ndocker_host: "%s"\n' "${DOCKER_ARCH}" "${DOCKER_HOST}" | tee "${temp_template_dir}/params.yaml" + coder templates create "docker-code-server-${DOCKER_ARCH}" --directory "${temp_template_dir}" --parameter-file "${temp_template_dir}/params.yaml" --yes + rm -rfv "${temp_template_dir}" probes: -- description: "docker to be installed" - script: | - #!/bin/bash - set -eux -o pipefail - if ! timeout 30s bash -c "until command -v docker >/dev/null 2>&1; do sleep 3; done"; then - echo >&2 "docker is not installed yet" - exit 1 - fi - hint: | - See "/var/log/cloud-init-output.log" in the guest. -- description: "coder to be installed" - script: | - #!/bin/bash - set -eux -o pipefail - if ! timeout 30s bash -c "until command -v coder >/dev/null 2>&1; do sleep 3; done"; then - echo >&2 "coder is not installed yet" - exit 1 - fi - hint: | - See "/var/log/cloud-init-output.log" in the guest. + - description: "docker to be installed" + script: | + #!/bin/bash + set -eux -o pipefail + if ! timeout 30s bash -c "until command -v docker >/dev/null 2>&1; do sleep 3; done"; then + echo >&2 "docker is not installed yet" + exit 1 + fi + hint: | + See "/var/log/cloud-init-output.log" in the guest. + - description: "coder to be installed" + script: | + #!/bin/bash + set -eux -o pipefail + if ! timeout 30s bash -c "until command -v coder >/dev/null 2>&1; do sleep 3; done"; then + echo >&2 "coder is not installed yet" + exit 1 + fi + hint: | + See "/var/log/cloud-init-output.log" in the guest. message: | All Done! Your Coder instance is accessible at http://localhost:3000 @@ -139,4 +139,3 @@ message: | limactl shell coder cd && coder templates init ------ - diff --git a/examples/templates/community-templates.md b/examples/templates/community-templates.md index 2256be2d67..9cca79b37e 100644 --- a/examples/templates/community-templates.md +++ b/examples/templates/community-templates.md @@ -5,7 +5,7 @@ This is a list of templates and actions created by the community. See [Getting Started](./README.md#getting-started) for how to use these templates. > If you have created a template, see one that's missing or one that's no longer -maintained, please submit a pull request to improve this list. Thank you! +> maintained, please submit a pull request to improve this list. Thank you! ## Templates diff --git a/flake.nix b/flake.nix index 39ab42744a..881ee583c0 100644 --- a/flake.nix +++ b/flake.nix @@ -47,6 +47,7 @@ terraform typos yarn + yq zip zstd ]; diff --git a/helm/values.yaml b/helm/values.yaml index eb67fe1d95..4e869d7eb8 100644 --- a/helm/values.yaml +++ b/helm/values.yaml @@ -65,7 +65,8 @@ coder: # coder.resources -- The resources to request for Coder. These are optional # and are not set by default. - resources: {} + resources: + {} # limits: # cpu: 100m # memory: 128Mi @@ -81,7 +82,8 @@ coder: # # The given key in each secret is mounted at # `/etc/ssl/certs/{secret_name}.crt`. - secrets: [] + secrets: + [] # - name: "my-ca-bundle" # key: "ca-bundle.crt" @@ -103,7 +105,8 @@ coder: # coder.tolerations -- Tolerations for tainted nodes. # See: https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/ - tolerations: {} + tolerations: + {} # - key: "key" # operator: "Equal" # value: "value" diff --git a/scripts/apidocgen/markdown-template/README.md b/scripts/apidocgen/markdown-template/README.md deleted file mode 100644 index 4ce7c52801..0000000000 --- a/scripts/apidocgen/markdown-template/README.md +++ /dev/null @@ -1,64 +0,0 @@ -## Swagger / OpenAPI 2 and OpenAPI 3 template parameters - -Note that properties of OpenAPI objects will be in OpenAPI 3.0 form, as -Swagger / OpenAPI 2.0 definitions are converted automatically. - -### Code templates - -* `method` - the HTTP method of the operation (in lower-case) -* `methodUpper` - the HTTP method of the operation (in upper-case) -* `url` - the full URL of the operation (including protocol and host) -* `consumes[]` - an array of MIME-types the operation consumes -* `produces[]` - an array of MIME-types the operation produces -* `operation` - the current operation object -* `operationId` - the current operation id -* `opName` - the operationId if set, otherwise the method + path -* `tags[]` - the full list of tags applying to the operation -* `security` - the security definitions applying to the operation -* `resource` - the current tag/path object -* `parameters[]` - an array of parameters for the operation (see below) -* `queryString` - an example queryString, urlEncoded -* `requiredQueryString` - an example queryString for `required:true` parameters -* `queryParameters[]` - a subset of `parameters` that are `in:query` -* `requiredParameters[]` - a subset of `queryParameters` that are `required:true` -* `headerParameters[]` - a subset of `parameters` that are `in:header` -* `allHeaders[]` - a concatenation of `headerParameters` and pseudo-parameters `Accept` and `Content-Type`, and optionally `Authorization` (the latter has an `isAuth` boolean property set true so it can be omitted in templates if desired - -### Parameter template - -* `parameters[]` - an array of [parameters](https://github.com/OAI/OpenAPI-Specification/blob/master/versions/3.0.0.md#parameterObject), including the following pseudo-properties - * `shortDesc` - a truncated version of the parameter description - * `safeType` - a computed version of the parameter type, including Body and schema names - * `originalType` - the original type of the parameter - * `exampleValues` - an object containing examples for use in code-templates - * `json` - example values in JSON compatible syntax - * `object` - example values in raw object form (unquoted strings etc) - * `depth` - a zero-based indicator of the depth of expanded request body parameters -* `enums[]` - an array of (parameter)name/value pairs - -### Responses template - -* `responses[]` - an array of [responses](https://github.com/OAI/OpenAPI-Specification/blob/master/versions/3.0.0.md#responseObject), including `status` and `meaning` properties - -### Authentication template - -* `authenticationStr` - a simple string of methods (and scopes where appropriate) -* `securityDefinitions[]` - an array of applicable [securityDefinitions](https://github.com/OAI/OpenAPI-Specification/blob/master/versions/3.0.0.md#securityRequirementObject) - -### Schema Property template - -* `schemaProperties[]` - an array of - * `name` - * `type` - * `required` - * `description` -* `enums[]` - an array of (schema property)name/value pairs - -### Common to all templates - -* `openapi` - the top-level OpenAPI / Swagger document -* `header` - the front-matter of the Slate/Shins markdown document -* `host` - the (computed) host of the API -* `protocol` - the default/first protocol of the API -* `baseUrl` - the (computed) baseUrl of the API (including protocol and host) -* `widdershins` - the contents of widdershins `package.json` diff --git a/scripts/apitypings/README.md b/scripts/apitypings/README.md index 079bf8c2c6..6fe9c06f35 100644 --- a/scripts/apitypings/README.md +++ b/scripts/apitypings/README.md @@ -13,7 +13,6 @@ This main.go generates typescript types from the codersdk types in Go. - [ ] External Types (uses `any` atm) - Some custom external types are hardcoded in (eg: time.Time) - ## Type overrides ```golang diff --git a/scripts/lib.sh b/scripts/lib.sh index 4e7e705342..04f55bff4e 100644 --- a/scripts/lib.sh +++ b/scripts/lib.sh @@ -75,10 +75,22 @@ execrelative() { return $rc } +dependency_check() { + local dep=$1 + + # Special case for yq that can be yq or yq4. + if [[ $dep == yq ]]; then + [[ -n "${CODER_LIBSH_YQ:-}" ]] + return + fi + + command -v "$dep" >/dev/null +} + dependencies() { local fail=0 for dep in "$@"; do - if ! command -v "$dep" >/dev/null; then + if ! dependency_check "$dep"; then log "ERROR: The '$dep' dependency is required, but is not available." fail=1 fi @@ -200,9 +212,25 @@ if [[ "${CODER_LIBSH_NO_CHECK_DEPENDENCIES:-}" != *t* ]]; then log fi + # Allow for yq to be installed as yq4. + if command -v yq4 >/dev/null; then + export CODER_LIBSH_YQ=yq4 + elif command -v yq >/dev/null; then + if [[ $(yq --version) == *" v4."* ]]; then + export CODER_LIBSH_YQ=yq + fi + fi + if [[ "$libsh_bad_dependencies" == 1 ]]; then error "Invalid dependencies, see above for more details." fi export CODER_LIBSH_NO_CHECK_DEPENDENCIES=true fi + +# Alias yq to the version we want by shadowing with a function. +if [[ -n ${CODER_LIBSH_YQ:-} ]]; then + yq() { + command $CODER_LIBSH_YQ "$@" + } +fi diff --git a/scripts/nfpm.yaml b/scripts/nfpm.yaml index dc11e0aa3c..528dc817c3 100644 --- a/scripts/nfpm.yaml +++ b/scripts/nfpm.yaml @@ -11,7 +11,6 @@ maintainer: Coder description: | Provision development environments with infrastructure with code license: AGPL-3.0 - suggests: - postgresql diff --git a/site/.eslintignore b/site/.eslintignore index 0b32569c3e..f76cd1a6d1 100644 --- a/site/.eslintignore +++ b/site/.eslintignore @@ -1,16 +1,60 @@ -############################################################################### -# COPY PASTA OF .gitignore -############################################################################### +# Code generated by Makefile (.gitignore .prettierignore.include). DO NOT EDIT. -.idea +# .gitignore: +# Common ignore patterns, these rules applies in both root and subdirectories. +.DS_Store +.eslintcache .gitpod.yml -node_modules -vendor -out -coverage -.next -storybook-static -test-results -**/*.typegen.ts +.idea **/*.swp -.coderv2/* +gotests.coverage +gotests.xml +gotestsum.json +node_modules/ +vendor/ +yarn-error.log + +# VSCode settings. +**/.vscode/* +# Allow VSCode recommendations and default settings in project root. +!../.vscode/extensions.json +!../.vscode/settings.json + +# Front-end ignore patterns. +.next/ +**/*.typegen.ts +build-storybook.log +coverage/ +storybook-static/ +test-results/ + +# Make target for updating golden files. +../cli/testdata/.gen-golden + +# Build +../build/ +../dist/ +out/ + +*.tfstate +*.tfstate.backup +*.tfplan +*.lock.hcl +.terraform/ + +../.coderv2/* +**/__debug_bin + +# direnv +.envrc +# .prettierignore.include: +# Helm templates contain variables that are invalid YAML and can't be formatted +# by Prettier. +../helm/templates/*.yaml + +# Terraform state files used in tests, these are automatically generated. +# Example: provisioner/terraform/testdata/instance-id/instance-id.tfstate.json +**/testdata/**/*.tf*.json + +# Testdata shouldn't be formatted. +../scripts/apitypings/testdata/**/*.ts diff --git a/site/.prettierignore b/site/.prettierignore index 0becaea755..f76cd1a6d1 100644 --- a/site/.prettierignore +++ b/site/.prettierignore @@ -1,24 +1,60 @@ -############################################################################### -# COPY PASTA OF .gitignore -# https://github.com/prettier/prettier/issues/8048 -# https://github.com/prettier/prettier/issues/8506 -# https://github.com/prettier/prettier/issues/8679 -############################################################################### +# Code generated by Makefile (.gitignore .prettierignore.include). DO NOT EDIT. -node_modules -vendor +# .gitignore: +# Common ignore patterns, these rules applies in both root and subdirectories. +.DS_Store .eslintcache -yarn-error.log -.idea .gitpod.yml +.idea +**/*.swp +gotests.coverage +gotests.xml +gotestsum.json +node_modules/ +vendor/ +yarn-error.log -# Front-end ignore +# VSCode settings. +**/.vscode/* +# Allow VSCode recommendations and default settings in project root. +!../.vscode/extensions.json +!../.vscode/settings.json + +# Front-end ignore patterns. .next/ +**/*.typegen.ts +build-storybook.log coverage/ -out/ storybook-static/ test-results/ -**/*.swp -.coderv2/* +# Make target for updating golden files. +../cli/testdata/.gen-golden +# Build +../build/ +../dist/ +out/ + +*.tfstate +*.tfstate.backup +*.tfplan +*.lock.hcl +.terraform/ + +../.coderv2/* +**/__debug_bin + +# direnv +.envrc +# .prettierignore.include: +# Helm templates contain variables that are invalid YAML and can't be formatted +# by Prettier. +../helm/templates/*.yaml + +# Terraform state files used in tests, these are automatically generated. +# Example: provisioner/terraform/testdata/instance-id/instance-id.tfstate.json +**/testdata/**/*.tf*.json + +# Testdata shouldn't be formatted. +../scripts/apitypings/testdata/**/*.ts diff --git a/site/.prettierrc b/site/.prettierrc deleted file mode 100644 index 974bed4da6..0000000000 --- a/site/.prettierrc +++ /dev/null @@ -1,13 +0,0 @@ -{ - "printWidth": 80, - "semi": false, - "trailingComma": "all", - "overrides": [ - { - "files": ["./README.md", "**/*.yaml"], - "options": { - "proseWrap": "always" - } - } - ] -} diff --git a/site/.prettierrc.yaml b/site/.prettierrc.yaml new file mode 100644 index 0000000000..153ca52e2f --- /dev/null +++ b/site/.prettierrc.yaml @@ -0,0 +1,18 @@ +# Code generated by Makefile (../.prettierrc.yaml). DO NOT EDIT. + +# This config file is used in conjunction with `.editorconfig` to specify +# formatting for prettier-supported files. See `.editorconfig` and +# `site/.editorconfig`for whitespace formatting options. +printWidth: 80 +semi: false +trailingComma: all +overrides: + - files: + - ../README.md + options: + proseWrap: preserve + - files: + - ./**/*.yaml + - ./**/*.yml + options: + proseWrap: always diff --git a/site/package.json b/site/package.json index 57f1487b36..a222cbfd98 100644 --- a/site/package.json +++ b/site/package.json @@ -9,9 +9,10 @@ "check:all": "yarn format:check && yarn lint && yarn test", "chromatic": "chromatic", "dev": "vite", - "format:check": "prettier --cache --check '**/*.{css,html,js,json,jsx,md,ts,tsx,yaml,yml}'", + "format:check": "prettier --cache --check '../**/*.{css,html,js,json,jsx,md,ts,tsx,yaml,yml}'", "format:types": "prettier --write 'src/api/typesGenerated.ts'", - "format:write": "prettier --write '**/*.{css,html,js,json,jsx,md,ts,tsx,yaml,yml}'", + "format:write": "prettier --write '../**/*.{css,html,js,json,jsx,md,ts,tsx,yaml,yml}'", + "format:write:only": "prettier --write", "lint": "jest --selectProjects lint", "lint:fix": "FIX=true yarn lint", "playwright:install": "playwright install",