selfhosted
/
coder
mirror of https://github.com/coder/coder.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

perf(cli): optimize CPU consumption of help pages (#9607) 

This change reduces the CPU consumption of --help by ~50%.

Also, this change removes ANSI escape codes from our golden files. I
don't think those were worth the inability to parallelize golden file tests and
global state fragility.
This commit is contained in:
Ammar Bandukwala 2023-09-14 17:48:29 -07:00 committed by GitHub
parent 7311ffbd9d
commit b63dfe7b75
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
93 changed files with 854 additions and 828 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
cli/clitest/clitest.go
View File

@ -29,7 +29,7 @@ import (
// New creates a CLI instance with a configuration pointed to a
// temporary testing directory.
func New(t *testing.T, args ...string) (*clibase.Invocation, config.Root) {
func New(t testing.TB, args ...string) (*clibase.Invocation, config.Root) {
var root cli.RootCmd
cmd, err := root.Command(root.AGPL())
@ -56,7 +56,7 @@ func (l *logWriter) Write(p []byte) (n int, err error) {
}
func NewWithCommand(
t *testing.T, cmd *clibase.Cmd, args ...string,
t testing.TB, cmd *clibase.Cmd, args ...string,
) (*clibase.Invocation, config.Root) {
configDir := config.Root(t.TempDir())
logger := slogtest.Make(t, nil)

8
cli/clitest/golden.go
View File

@ -11,11 +11,9 @@ import (
"strings"
"testing"
"github.com/muesli/termenv"
"github.com/stretchr/testify/require"
"github.com/coder/coder/v2/cli/clibase"
"github.com/coder/coder/v2/cli/cliui"
"github.com/coder/coder/v2/cli/config"
"github.com/coder/coder/v2/coderd/coderdtest"
"github.com/coder/coder/v2/coderd/database/dbtestutil"
@ -50,12 +48,8 @@ func DefaultCases() []CommandHelpCase {
// TestCommandHelp will test the help output of the given commands
// using golden files.
//
//nolint:tparallel,paralleltest
func TestCommandHelp(t *testing.T, getRoot func(t *testing.T) *clibase.Cmd, cases []CommandHelpCase) {
// ANSI256 escape codes are far easier for humans to parse in a diff,
// but TrueColor is probably more popular with modern terminals.
cliui.TestColor(t, termenv.ANSI)
t.Parallel()
rootClient, replacements := prepareTestData(t)
root := getRoot(t)

2
cli/cliui/agent_test.go
View File

@ -340,7 +340,7 @@ func TestAgent(t *testing.T) {
line := s.Text()
t.Log(line)
if len(tc.want) == 0 {
require.Fail(t, "unexpected line: "+line)
require.Fail(t, "unexpected line", line)
}
require.Contains(t, line, tc.want[0])
tc.want = tc.want[1:]

37
cli/cliui/cliui.go
View File

@ -1,8 +1,9 @@
package cliui
import (
"flag"
"os"
"testing"
"sync"
"time"
"github.com/muesli/termenv"
@ -30,29 +31,29 @@ type Styles struct {
Wrap pretty.Style
}
var color = termenv.NewOutput(os.Stdout).ColorProfile()
// TestColor sets the color profile to the given profile for the duration of the
// test.
// WARN: Must not be used in parallel tests.
func TestColor(t *testing.T, tprofile termenv.Profile) {
old := color
color = tprofile
t.Cleanup(func() {
color = old
})
}
var (
color termenv.Profile
colorOnce sync.Once
)
var (
Green = color.Color("#04B575")
Red = color.Color("#ED567A")
Fuchsia = color.Color("#EE6FF8")
Yellow = color.Color("#ECFD65")
Blue = color.Color("#5000ff")
Green = Color("#04B575")
Red = Color("#ED567A")
Fuchsia = Color("#EE6FF8")
Yellow = Color("#ECFD65")
Blue = Color("#5000ff")
)
// Color returns a color for the given string.
func Color(s string) termenv.Color {
colorOnce.Do(func() {
color = termenv.NewOutput(os.Stdout).ColorProfile()
if flag.Lookup("test.v") != nil {
// Use a consistent colorless profile in tests so that results
// are deterministic.
color = termenv.Ascii
}
})
return color.Color(s)
}

2
cli/cliui/resources_internal_test.go
View File

@ -44,7 +44,7 @@ func TestRenderAgentVersion(t *testing.T) {
t.Run(testCase.name, func(t *testing.T) {
t.Parallel()
actual := renderAgentVersion(testCase.agentVersion, testCase.serverVersion)
assert.Equal(t, testCase.expected, actual)
assert.Equal(t, testCase.expected, (actual))
})
}
}

398
cli/help.go
View File

@ -2,16 +2,13 @@ package cli
import (
"bufio"
"bytes"
_ "embed"
"fmt"
"io"
"regexp"
"sort"
"strings"
"text/tabwriter"
"text/template"
"unicode"
"github.com/mitchellh/go-wordwrap"
"golang.org/x/crypto/ssh/terminal"
@ -46,213 +43,222 @@ func wrapTTY(s string) string {
return wordwrap.WrapString(s, uint(ttyWidth()))
}
var usageTemplate = template.Must(
template.New("usage").Funcs(
template.FuncMap{
"version": func() string {
return buildinfo.Version()
},
"wrapTTY": func(s string) string {
return wrapTTY(s)
},
"trimNewline": func(s string) string {
return strings.TrimSuffix(s, "\n")
},
"keyword": func(s string) string {
return pretty.Sprint(
pretty.FgColor(cliui.Color("#87ceeb")),
s,
)
},
"prettyHeader": func(s string) string {
return pretty.Sprint(
pretty.FgColor(
cliui.Color("#ffb500"),
), strings.ToUpper(s), ":",
)
},
"typeHelper": func(opt *clibase.Option) string {
switch v := opt.Value.(type) {
case *clibase.Enum:
return strings.Join(v.Choices, "|")
default:
return v.Type()
}
},
"joinStrings": func(s []string) string {
return strings.Join(s, ", ")
},
"indent": func(body string, spaces int) string {
twidth := ttyWidth()
var usageTemplate = func() *template.Template {
var (
optionFg = pretty.FgColor(
cliui.Color("#04A777"),
)
headerFg = pretty.FgColor(
cliui.Color("#337CA0"),
)
)
return template.Must(
template.New("usage").Funcs(
template.FuncMap{
"version": func() string {
return buildinfo.Version()
},
"wrapTTY": func(s string) string {
return wrapTTY(s)
},
"trimNewline": func(s string) string {
return strings.TrimSuffix(s, "\n")
},
"keyword": func(s string) string {
txt := pretty.String(s)
optionFg.Format(txt)
return txt.String()
},
"prettyHeader": func(s string) string {
s = strings.ToUpper(s)
txt := pretty.String(s, ":")
headerFg.Format(txt)
return txt.String()
},
"typeHelper": func(opt *clibase.Option) string {
switch v := opt.Value.(type) {
case *clibase.Enum:
return strings.Join(v.Choices, "|")
default:
return v.Type()
}
},
"joinStrings": func(s []string) string {
return strings.Join(s, ", ")
},
"indent": func(body string, spaces int) string {
twidth := ttyWidth()
spacing := strings.Repeat(" ", spaces)
spacing := strings.Repeat(" ", spaces)
body = wordwrap.WrapString(body, uint(twidth-len(spacing)))
wrapLim := twidth - len(spacing)
body = wordwrap.WrapString(body, uint(wrapLim))
sc := bufio.NewScanner(strings.NewReader(body))
sc := bufio.NewScanner(strings.NewReader(body))
var sb strings.Builder
for sc.Scan() {
// Remove existing indent, if any.
// line = strings.TrimSpace(line)
// Use spaces so we can easily calculate wrapping.
_, _ = sb.WriteString(spacing)
_, _ = sb.Write(sc.Bytes())
_, _ = sb.WriteString("\n")
}
return sb.String()
},
"formatSubcommand": func(cmd *clibase.Cmd) string {
// Minimize padding by finding the longest neighboring name.
maxNameLength := len(cmd.Name())
if parent := cmd.Parent; parent != nil {
for _, c := range parent.Children {
if len(c.Name()) > maxNameLength {
maxNameLength = len(c.Name())
var sb strings.Builder
for sc.Scan() {
// Remove existing indent, if any.
// line = strings.TrimSpace(line)
// Use spaces so we can easily calculate wrapping.
_, _ = sb.WriteString(spacing)
_, _ = sb.Write(sc.Bytes())
_, _ = sb.WriteString("\n")
}
return sb.String()
},
"formatSubcommand": func(cmd *clibase.Cmd) string {
// Minimize padding by finding the longest neighboring name.
maxNameLength := len(cmd.Name())
if parent := cmd.Parent; parent != nil {
for _, c := range parent.Children {
if len(c.Name()) > maxNameLength {
maxNameLength = len(c.Name())
}
}
}
}
var sb strings.Builder
_, _ = fmt.Fprintf(
&sb, "%s%s%s",
strings.Repeat(" ", 4), cmd.Name(), strings.Repeat(" ", maxNameLength-len(cmd.Name())+4),
)
var sb strings.Builder
_, _ = fmt.Fprintf(
&sb, "%s%s%s",
strings.Repeat(" ", 4), cmd.Name(), strings.Repeat(" ", maxNameLength-len(cmd.Name())+4),
)
// This is the point at which indentation begins if there's a
// next line.
descStart := sb.Len()
// This is the point at which indentation begins if there's a
// next line.
descStart := sb.Len()
twidth := ttyWidth()
twidth := ttyWidth()
for i, line := range strings.Split(
wordwrap.WrapString(cmd.Short, uint(twidth-descStart)), "\n",
) {
if i > 0 {
_, _ = sb.WriteString(strings.Repeat(" ", descStart))
for i, line := range strings.Split(
wordwrap.WrapString(cmd.Short, uint(twidth-descStart)), "\n",
) {
if i > 0 {
_, _ = sb.WriteString(strings.Repeat(" ", descStart))
}
_, _ = sb.WriteString(line)
_, _ = sb.WriteString("\n")
}
_, _ = sb.WriteString(line)
_, _ = sb.WriteString("\n")
}
return sb.String()
},
"envName": func(opt clibase.Option) string {
if opt.Env == "" {
return ""
}
return opt.Env
},
"flagName": func(opt clibase.Option) string {
return opt.Flag
},
return sb.String()
},
"envName": func(opt clibase.Option) string {
if opt.Env == "" {
return ""
}
return opt.Env
},
"flagName": func(opt clibase.Option) string {
return opt.Flag
},
"isEnterprise": func(opt clibase.Option) bool {
return opt.Annotations.IsSet("enterprise")
},
"isDeprecated": func(opt clibase.Option) bool {
return len(opt.UseInstead) > 0
},
"useInstead": func(opt clibase.Option) string {
var sb strings.Builder
for i, s := range opt.UseInstead {
if i > 0 {
if i == len(opt.UseInstead)-1 {
_, _ = sb.WriteString(" and ")
"isEnterprise": func(opt clibase.Option) bool {
return opt.Annotations.IsSet("enterprise")
},
"isDeprecated": func(opt clibase.Option) bool {
return len(opt.UseInstead) > 0
},
"useInstead": func(opt clibase.Option) string {
var sb strings.Builder
for i, s := range opt.UseInstead {
if i > 0 {
if i == len(opt.UseInstead)-1 {
_, _ = sb.WriteString(" and ")
} else {
_, _ = sb.WriteString(", ")
}
}
if s.Flag != "" {
_, _ = sb.WriteString("--")
_, _ = sb.WriteString(s.Flag)
} else if s.FlagShorthand != "" {
_, _ = sb.WriteString("-")
_, _ = sb.WriteString(s.FlagShorthand)
} else if s.Env != "" {
_, _ = sb.WriteString("$")
_, _ = sb.WriteString(s.Env)
} else {
_, _ = sb.WriteString(", ")
_, _ = sb.WriteString(s.Name)
}
}
if s.Flag != "" {
_, _ = sb.WriteString("--")
_, _ = sb.WriteString(s.Flag)
} else if s.FlagShorthand != "" {
_, _ = sb.WriteString("-")
_, _ = sb.WriteString(s.FlagShorthand)
} else if s.Env != "" {
_, _ = sb.WriteString("$")
_, _ = sb.WriteString(s.Env)
} else {
_, _ = sb.WriteString(s.Name)
}
}
return sb.String()
},
"formatGroupDescription": func(s string) string {
s = strings.ReplaceAll(s, "\n", "")
s = s + "\n"
s = wrapTTY(s)
return s
},
"visibleChildren": func(cmd *clibase.Cmd) []*clibase.Cmd {
return filterSlice(cmd.Children, func(c *clibase.Cmd) bool {
return !c.Hidden
})
},
"optionGroups": func(cmd *clibase.Cmd) []optionGroup {
groups := []optionGroup{{
// Default group.
Name: "",
Description: "",
}}
return sb.String()
},
"formatGroupDescription": func(s string) string {
s = strings.ReplaceAll(s, "\n", "")
s = s + "\n"
s = wrapTTY(s)
return s
},
"visibleChildren": func(cmd *clibase.Cmd) []*clibase.Cmd {
return filterSlice(cmd.Children, func(c *clibase.Cmd) bool {
return !c.Hidden
})
},
"optionGroups": func(cmd *clibase.Cmd) []optionGroup {
groups := []optionGroup{{
// Default group.
Name: "",
Description: "",
}}
enterpriseGroup := optionGroup{
Name: "Enterprise",
Description: `These options are only available in the Enterprise Edition.`,
}
// Sort options lexicographically.
sort.Slice(cmd.Options, func(i, j int) bool {
return cmd.Options[i].Name < cmd.Options[j].Name
})
optionLoop:
for _, opt := range cmd.Options {
if opt.Hidden {
continue
}
// Enterprise options are always grouped separately.
if opt.Annotations.IsSet("enterprise") {
enterpriseGroup.Options = append(enterpriseGroup.Options, opt)
continue
}
if len(opt.Group.Ancestry()) == 0 {
// Just add option to default group.
groups[0].Options = append(groups[0].Options, opt)
continue
enterpriseGroup := optionGroup{
Name: "Enterprise",
Description: `These options are only available in the Enterprise Edition.`,
}
groupName := opt.Group.FullName()
// Sort options lexicographically.
sort.Slice(cmd.Options, func(i, j int) bool {
return cmd.Options[i].Name < cmd.Options[j].Name
})
for i, foundGroup := range groups {
if foundGroup.Name != groupName {
optionLoop:
for _, opt := range cmd.Options {
if opt.Hidden {
continue
}
groups[i].Options = append(groups[i].Options, opt)
continue optionLoop
// Enterprise options are always grouped separately.
if opt.Annotations.IsSet("enterprise") {
enterpriseGroup.Options = append(enterpriseGroup.Options, opt)
continue
}
if len(opt.Group.Ancestry()) == 0 {
// Just add option to default group.
groups[0].Options = append(groups[0].Options, opt)
continue
}
groupName := opt.Group.FullName()
for i, foundGroup := range groups {
if foundGroup.Name != groupName {
continue
}
groups[i].Options = append(groups[i].Options, opt)
continue optionLoop
}
groups = append(groups, optionGroup{
Name: groupName,
Description: opt.Group.Description,
Options: clibase.OptionSet{opt},
})
}
groups = append(groups, optionGroup{
Name: groupName,
Description: opt.Group.Description,
Options: clibase.OptionSet{opt},
sort.Slice(groups, func(i, j int) bool {
// Sort groups lexicographically.
return groups[i].Name < groups[j].Name
})
}
sort.Slice(groups, func(i, j int) bool {
// Sort groups lexicographically.
return groups[i].Name < groups[j].Name
})
// Always show enterprise group last.
groups = append(groups, enterpriseGroup)
// Always show enterprise group last.
groups = append(groups, enterpriseGroup)
return filterSlice(groups, func(g optionGroup) bool {
return len(g.Options) > 0
})
return filterSlice(groups, func(g optionGroup) bool {
return len(g.Options) > 0
})
},
},
},
).Parse(helpTemplateRaw),
)
).Parse(helpTemplateRaw),
)
}()
func filterSlice[T any](s []T, f func(T) bool) []T {
var r []T
@ -266,31 +272,41 @@ func filterSlice[T any](s []T, f func(T) bool) []T {
// newLineLimiter makes working with Go templates more bearable. Without this,
// modifying the template is a slow toil of counting newlines and constantly
// checking that a change to one command's help doesn't clobber break another.
// checking that a change to one command's help doesn't break another.
type newlineLimiter struct {
w io.Writer
// w is not an interface since we call WriteRune byte-wise,
// and the devirtualization overhead is significant.
w *bufio.Writer
limit int
newLineCounter int
}
// isSpace is a based on unicode.IsSpace, but only checks ASCII characters.
func isSpace(b byte) bool {
switch b {
case '\t', '\n', '\v', '\f', '\r', ' ', 0x85, 0xA0:
return true
}
return false
}
func (lm *newlineLimiter) Write(p []byte) (int, error) {
rd := bytes.NewReader(p)
for r, n, _ := rd.ReadRune(); n > 0; r, n, _ = rd.ReadRune() {
for _, b := range p {
switch {
case r == '\r':
case b == '\r':
// Carriage returns can sneak into `help.tpl` when `git clone`
// is configured to automatically convert line endings.
continue
case r == '\n':
case b == '\n':
lm.newLineCounter++
if lm.newLineCounter > lm.limit {
continue
}
case !unicode.IsSpace(r):
case !isSpace(b):
lm.newLineCounter = 0
}
_, err := lm.w.Write([]byte(string(r)))
err := lm.w.WriteByte(b)
if err != nil {
return 0, err
}

14
cli/server_test.go
View File

@ -1564,6 +1564,20 @@ func TestServer_Shutdown(t *testing.T) {
require.NoError(t, err)
}
func BenchmarkServerHelp(b *testing.B) {
// server --help is a good proxy for measuring the
// constant overhead of each command.
b.ReportAllocs()
for i := 0; i < b.N; i++ {
inv, _ := clitest.New(b, "server", "--help")
inv.Stdout = io.Discard
inv.Stderr = io.Discard
err := inv.Run()
require.NoError(b, err)
}
}
func generateTLSCertificate(t testing.TB, commonName ...string) (certPath, keyPath string) {
dir := t.TempDir()

26
cli/testdata/coder_--help.golden vendored
View File

@ -1,6 +1,6 @@
coder v0.0.0-devel
USAGE:
USAGE:
coder [global-flags] <subcommand>
Coder v0.0.0-devel — A tool for provisioning self-hosted development
@ -13,7 +13,7 @@ coder v0.0.0-devel
$ coder templates init
SUBCOMMANDS:
SUBCOMMANDS:
config-ssh Add an SSH Host entry for your workspaces "ssh
coder.workspace"
create Create a workspace
@ -49,42 +49,42 @@ coder v0.0.0-devel
users Manage users
version Show coder version
GLOBAL OPTIONS:
GLOBAL OPTIONS:
Global options are applied to all commands. They can be set using environment
variables or flags.
--debug-options bool
--debug-options bool
Print all options, how they're set, then exit.
--disable-direct-connections bool, $CODER_DISABLE_DIRECT_CONNECTIONS
--disable-direct-connections bool, $CODER_DISABLE_DIRECT_CONNECTIONS
Disable direct (P2P) connections to workspaces.
--global-config string, $CODER_CONFIG_DIR (default: ~/.config/coderv2)
--global-config string, $CODER_CONFIG_DIR (default: ~/.config/coderv2)
Path to the global `coder` config directory.
--header string-array, $CODER_HEADER
--header string-array, $CODER_HEADER
Additional HTTP headers added to all requests. Provide as key=value.
Can be specified multiple times.
--header-command string, $CODER_HEADER_COMMAND
--header-command string, $CODER_HEADER_COMMAND
An external command that outputs additional HTTP headers added to all
requests. The command must output each header as `key=value` on its
own line.
--no-feature-warning bool, $CODER_NO_FEATURE_WARNING
--no-feature-warning bool, $CODER_NO_FEATURE_WARNING
Suppress warnings about unlicensed features.
--no-version-warning bool, $CODER_NO_VERSION_WARNING
--no-version-warning bool, $CODER_NO_VERSION_WARNING
Suppress warning when client and server versions do not match.
--token string, $CODER_SESSION_TOKEN
--token string, $CODER_SESSION_TOKEN
Specify an authentication token. For security reasons setting
CODER_SESSION_TOKEN is preferred.
--url url, $CODER_URL
--url url, $CODER_URL
URL to a deployment.
-v, --verbose bool, $CODER_VERBOSE
-v, --verbose bool, $CODER_VERBOSE
Enable verbose output.
———

26
cli/testdata/coder_agent_--help.golden vendored
View File

@ -1,43 +1,43 @@
coder v0.0.0-devel
USAGE:
USAGE:
coder agent [flags]
Starts the Coder workspace agent.
OPTIONS:
--log-human string, $CODER_AGENT_LOGGING_HUMAN (default: /dev/stderr)
OPTIONS:
--log-human string, $CODER_AGENT_LOGGING_HUMAN (default: /dev/stderr)
Output human-readable logs to a given file.
--log-json string, $CODER_AGENT_LOGGING_JSON
--log-json string, $CODER_AGENT_LOGGING_JSON
Output JSON logs to a given file.
--log-stackdriver string, $CODER_AGENT_LOGGING_STACKDRIVER
--log-stackdriver string, $CODER_AGENT_LOGGING_STACKDRIVER
Output Stackdriver compatible logs to a given file.
--auth string, $CODER_AGENT_AUTH (default: token)
--auth string, $CODER_AGENT_AUTH (default: token)
Specify the authentication type to use for the agent.
--debug-address string, $CODER_AGENT_DEBUG_ADDRESS (default: 127.0.0.1:2113)
--debug-address string, $CODER_AGENT_DEBUG_ADDRESS (default: 127.0.0.1:2113)
The bind address to serve a debug HTTP server.
--log-dir string, $CODER_AGENT_LOG_DIR (default: /tmp)
--log-dir string, $CODER_AGENT_LOG_DIR (default: /tmp)
Specify the location for the agent log files.
--no-reap bool
--no-reap bool
Do not start a process reaper.
--pprof-address string, $CODER_AGENT_PPROF_ADDRESS (default: 127.0.0.1:6060)
--pprof-address string, $CODER_AGENT_PPROF_ADDRESS (default: 127.0.0.1:6060)
The address to serve pprof.
--prometheus-address string, $CODER_AGENT_PROMETHEUS_ADDRESS (default: 127.0.0.1:2112)
--prometheus-address string, $CODER_AGENT_PROMETHEUS_ADDRESS (default: 127.0.0.1:2112)
The bind address to serve Prometheus metrics.
--ssh-max-timeout duration, $CODER_AGENT_SSH_MAX_TIMEOUT (default: 72h)
--ssh-max-timeout duration, $CODER_AGENT_SSH_MAX_TIMEOUT (default: 72h)
Specify the max timeout for a SSH connection, it is advisable to set
it to a minimum of 60s, but no more than 72h.
--tailnet-listen-port int, $CODER_AGENT_TAILNET_LISTEN_PORT (default: 0)
--tailnet-listen-port int, $CODER_AGENT_TAILNET_LISTEN_PORT (default: 0)
Specify a static port for Tailscale to use for listening.
———

22
cli/testdata/coder_config-ssh_--help.golden vendored
View File

@ -1,6 +1,6 @@
coder v0.0.0-devel
USAGE:
USAGE:
coder config-ssh [flags]
Add an SSH Host entry for your workspaces "ssh coder.workspace"
@ -15,40 +15,40 @@ coder v0.0.0-devel
$ coder config-ssh --dry-run
OPTIONS:
--coder-binary-path string, $CODER_SSH_CONFIG_BINARY_PATH
OPTIONS:
--coder-binary-path string, $CODER_SSH_CONFIG_BINARY_PATH
Optionally specify the absolute path to the coder binary used in
ProxyCommand. By default, the binary invoking this command ('config
ssh') is used.
-n, --dry-run bool, $CODER_SSH_DRY_RUN
-n, --dry-run bool, $CODER_SSH_DRY_RUN
Perform a trial run with no changes made, showing a diff at the end.
--force-unix-filepaths bool, $CODER_CONFIGSSH_UNIX_FILEPATHS
--force-unix-filepaths bool, $CODER_CONFIGSSH_UNIX_FILEPATHS
By default, 'config-ssh' uses the os path separator when writing the
ssh config. This might be an issue in Windows machine that use a
unix-like shell. This flag forces the use of unix file paths (the
forward slash '/').
--ssh-config-file string, $CODER_SSH_CONFIG_FILE (default: ~/.ssh/config)
--ssh-config-file string, $CODER_SSH_CONFIG_FILE (default: ~/.ssh/config)
Specifies the path to an SSH config.
--ssh-host-prefix string, $CODER_CONFIGSSH_SSH_HOST_PREFIX
--ssh-host-prefix string, $CODER_CONFIGSSH_SSH_HOST_PREFIX
Override the default host prefix.
-o, --ssh-option string-array, $CODER_SSH_CONFIG_OPTS
-o, --ssh-option string-array, $CODER_SSH_CONFIG_OPTS
Specifies additional SSH options to embed in each host stanza.
--use-previous-options bool, $CODER_SSH_USE_PREVIOUS_OPTIONS
--use-previous-options bool, $CODER_SSH_USE_PREVIOUS_OPTIONS
Specifies whether or not to keep options from previous run of
config-ssh.
--wait yes|no|auto, $CODER_CONFIGSSH_WAIT (default: auto)
--wait yes|no|auto, $CODER_CONFIGSSH_WAIT (default: auto)
Specifies whether or not to wait for the startup script to finish
executing. Auto means that the agent startup script behavior
configured in the workspace template is used.
-y, --yes bool
-y, --yes bool
Bypass prompts.
———

16
cli/testdata/coder_create_--help.golden vendored
View File

@ -1,6 +1,6 @@
coder v0.0.0-devel
USAGE:
USAGE:
coder create [flags] [name]
Create a workspace
@ -9,26 +9,26 @@ coder v0.0.0-devel
$ coder create <username>/<workspace_name>
OPTIONS:
--parameter string-array, $CODER_RICH_PARAMETER
OPTIONS:
--parameter string-array, $CODER_RICH_PARAMETER
Rich parameter value in the format "name=value".
--rich-parameter-file string, $CODER_RICH_PARAMETER_FILE
--rich-parameter-file string, $CODER_RICH_PARAMETER_FILE
Specify a file path with values for rich parameters defined in the
template.
--start-at string, $CODER_WORKSPACE_START_AT
--start-at string, $CODER_WORKSPACE_START_AT
Specify the workspace autostart schedule. Check coder schedule start
--help for the syntax.
--stop-after duration, $CODER_WORKSPACE_STOP_AFTER
--stop-after duration, $CODER_WORKSPACE_STOP_AFTER
Specify a duration after which the workspace should shut down (e.g.
8h).
-t, --template string, $CODER_TEMPLATE_NAME
-t, --template string, $CODER_TEMPLATE_NAME
Specify a template name.
-y, --yes bool
-y, --yes bool
Bypass prompts.
———

8
cli/testdata/coder_delete_--help.golden vendored
View File

@ -1,19 +1,19 @@
coder v0.0.0-devel
USAGE:
USAGE:
coder delete [flags] <workspace>
Delete a workspace
Aliases: rm
OPTIONS:
--orphan bool
OPTIONS:
--orphan bool
Delete a workspace without deleting its resources. This can delete a
workspace in a broken state, but may also lead to unaccounted cloud
resources.
-y, --yes bool
-y, --yes bool
Bypass prompts.
———

10
cli/testdata/coder_dotfiles_--help.golden vendored
View File

@ -1,6 +1,6 @@
coder v0.0.0-devel
USAGE:
USAGE:
coder dotfiles [flags] <git_repo_url>
Personalize your workspace by applying a canonical dotfiles repository
@ -9,17 +9,17 @@ coder v0.0.0-devel
$ coder dotfiles --yes git@github.com:example/dotfiles.git
OPTIONS:
-b, --branch string
OPTIONS:
-b, --branch string
Specifies which branch to clone. If empty, will default to cloning the
default branch or using the existing branch in the cloned repo on
disk.
--symlink-dir string, $CODER_SYMLINK_DIR
--symlink-dir string, $CODER_SYMLINK_DIR
Specifies the directory for the dotfiles symlink destinations. If
empty, will use $HOME.
-y, --yes bool
-y, --yes bool
Bypass prompts.
———

12
cli/testdata/coder_list_--help.golden vendored
View File

@ -1,25 +1,25 @@
coder v0.0.0-devel
USAGE:
USAGE:
coder list [flags]
List workspaces
Aliases: ls
OPTIONS:
-a, --all bool
OPTIONS:
-a, --all bool
Specifies whether all workspaces will be listed or not.
-c, --column string-array (default: workspace,template,status,healthy,last built,outdated,starts at,stops after)
-c, --column string-array (default: workspace,template,status,healthy,last built,outdated,starts at,stops after)
Columns to display in table output. Available columns: workspace,
template, status, healthy, last built, outdated, starts at, stops
after, daily cost.
-o, --output string (default: table)
-o, --output string (default: table)
Output format. Available formats: table, json.
--search string (default: owner:me)
--search string (default: owner:me)
Search for a workspace with a query.
———

14
cli/testdata/coder_login_--help.golden vendored
View File

@ -1,28 +1,28 @@
coder v0.0.0-devel
USAGE:
USAGE:
coder login [flags] <url>
Authenticate with Coder deployment
OPTIONS:
--first-user-email string, $CODER_FIRST_USER_EMAIL
OPTIONS:
--first-user-email string, $CODER_FIRST_USER_EMAIL
Specifies an email address to use if creating the first user for the
deployment.
--first-user-password string, $CODER_FIRST_USER_PASSWORD
--first-user-password string, $CODER_FIRST_USER_PASSWORD
Specifies a password to use if creating the first user for the
deployment.
--first-user-trial bool, $CODER_FIRST_USER_TRIAL
--first-user-trial bool, $CODER_FIRST_USER_TRIAL
Specifies whether a trial license should be provisioned for the Coder
deployment or not.
--first-user-username string, $CODER_FIRST_USER_USERNAME
--first-user-username string, $CODER_FIRST_USER_USERNAME
Specifies a username to use if creating the first user for the
deployment.
--use-token-as-session bool
--use-token-as-session bool
By default, the CLI will generate a new session token when logging in.
This flag will instead use the provided token as the session token.

6
cli/testdata/coder_logout_--help.golden vendored
View File

@ -1,12 +1,12 @@
coder v0.0.0-devel
USAGE:
USAGE:
coder logout [flags]
Unauthenticate your local session
OPTIONS:
-y, --yes bool
OPTIONS:
-y, --yes bool
Bypass prompts.
———

2
cli/testdata/coder_netcheck_--help.golden vendored
View File

@ -1,6 +1,6 @@
coder v0.0.0-devel
USAGE:
USAGE:
coder netcheck
Print network debug information for DERP and STUN

10
cli/testdata/coder_ping_--help.golden vendored
View File

@ -1,18 +1,18 @@
coder v0.0.0-devel
USAGE:
USAGE:
coder ping [flags] <workspace>
Ping a workspace
OPTIONS:
-n, --num int (default: 10)
OPTIONS:
-n, --num int (default: 10)
Specifies the number of pings to perform.
-t, --timeout duration (default: 5s)
-t, --timeout duration (default: 5s)
Specifies how long to wait for a ping to complete.
--wait duration (default: 1s)
--wait duration (default: 1s)
Specifies how long to wait between pings.
———

8
cli/testdata/coder_port-forward_--help.golden vendored
View File

@ -1,6 +1,6 @@
coder v0.0.0-devel
USAGE:
USAGE:
coder port-forward [flags] <workspace>
Forward ports from a workspace to the local machine. For reverse port
@ -33,11 +33,11 @@ coder v0.0.0-devel
$ coder port-forward <workspace> --tcp 1.2.3.4:8080:8080
OPTIONS:
-p, --tcp string-array, $CODER_PORT_FORWARD_TCP
OPTIONS:
-p, --tcp string-array, $CODER_PORT_FORWARD_TCP
Forward TCP port(s) from the workspace to the local machine.
--udp string-array, $CODER_PORT_FORWARD_UDP
--udp string-array, $CODER_PORT_FORWARD_UDP
Forward UDP port(s) from the workspace to the local machine. The UDP
connection has TCP-like semantics to support stateful UDP protocols.

8
cli/testdata/coder_publickey_--help.golden vendored
View File

@ -1,18 +1,18 @@
coder v0.0.0-devel
USAGE:
USAGE:
coder publickey [flags]
Output your Coder public key used for Git operations
Aliases: pubkey
OPTIONS:
--reset bool
OPTIONS:
--reset bool
Regenerate your public key. This will require updating the key on any
services it's registered with.
-y, --yes bool
-y, --yes bool
Bypass prompts.
———

6
cli/testdata/coder_rename_--help.golden vendored
View File

@ -1,12 +1,12 @@
coder v0.0.0-devel
USAGE:
USAGE:
coder rename [flags] <workspace> <new name>
Rename a workspace
OPTIONS:
-y, --yes bool
OPTIONS:
-y, --yes bool
Bypass prompts.
———

6
cli/testdata/coder_reset-password_--help.golden vendored
View File

@ -1,12 +1,12 @@
coder v0.0.0-devel
USAGE:
USAGE:
coder reset-password [flags] <username>
Directly connect to the database to reset a user's password
OPTIONS:
--postgres-url string, $CODER_PG_CONNECTION_URL
OPTIONS:
--postgres-url string, $CODER_PG_CONNECTION_URL
URL of a PostgreSQL database to connect to.
———

10
cli/testdata/coder_restart_--help.golden vendored
View File

@ -1,18 +1,18 @@
coder v0.0.0-devel
USAGE:
USAGE:
coder restart [flags] <workspace>
Restart a workspace
OPTIONS:
--build-option string-array, $CODER_BUILD_OPTION
OPTIONS:
--build-option string-array, $CODER_BUILD_OPTION
Build option value in the format "name=value".
--build-options bool
--build-options bool
Prompt for one-time build options defined with ephemeral parameters.
-y, --yes bool
-y, --yes bool
Bypass prompts.
———

4
cli/testdata/coder_schedule_--help.golden vendored
View File

@ -1,11 +1,11 @@
coder v0.0.0-devel
USAGE:
USAGE:
coder schedule { show | start | stop | override } <workspace>
Schedule automated start and stop times for workspaces
SUBCOMMANDS:
SUBCOMMANDS:
override-stop Override the stop time of a currently running workspace
instance.
show Show workspace schedule

2
cli/testdata/coder_schedule_override-stop_--help.golden vendored
View File

@ -1,6 +1,6 @@
coder v0.0.0-devel
USAGE:
USAGE:
coder schedule override-stop <workspace-name> <duration from now>
Override the stop time of a currently running workspace instance.

2
cli/testdata/coder_schedule_show_--help.golden vendored
View File

@ -1,6 +1,6 @@
coder v0.0.0-devel
USAGE:
USAGE:
coder schedule show <workspace-name>
Show workspace schedule

2
cli/testdata/coder_schedule_start_--help.golden vendored
View File

@ -1,6 +1,6 @@
coder v0.0.0-devel
USAGE:
USAGE:
coder schedule start <workspace-name> { <start-time> [day-of-week] [location]
| manual }

2
cli/testdata/coder_schedule_stop_--help.golden vendored
View File

@ -1,6 +1,6 @@
coder v0.0.0-devel
USAGE:
USAGE:
coder schedule stop <workspace-name> { <duration> | manual }
Edit workspace stop schedule

238
cli/testdata/coder_server_--help.golden vendored
View File

@ -1,11 +1,11 @@
coder v0.0.0-devel
USAGE:
USAGE:
coder server [flags]
Start a Coder server
SUBCOMMANDS:
SUBCOMMANDS:
create-admin-user Create a new admin user with the given username,
email and password and adds it to every
organization.
@ -13,153 +13,153 @@ coder v0.0.0-devel
postgres-builtin-url Output the connection URL for the built-in
PostgreSQL deployment.
OPTIONS:
--cache-dir string, $CODER_CACHE_DIRECTORY (default: [cache dir])
OPTIONS:
--cache-dir string, $CODER_CACHE_DIRECTORY (default: [cache dir])
The directory to cache temporary files. If unspecified and
$CACHE_DIRECTORY is set, it will be used for compatibility with
systemd.
--disable-owner-workspace-access bool, $CODER_DISABLE_OWNER_WORKSPACE_ACCESS
--disable-owner-workspace-access bool, $CODER_DISABLE_OWNER_WORKSPACE_ACCESS
Remove the permission for the 'owner' role to have workspace execution
on all workspaces. This prevents the 'owner' from ssh, apps, and
terminal access based on the 'owner' role. They still have their user
permissions to access their own workspaces.
--disable-path-apps bool, $CODER_DISABLE_PATH_APPS
--disable-path-apps bool, $CODER_DISABLE_PATH_APPS
Disable workspace apps that are not served from subdomains. Path-based
apps can make requests to the Coder API and pose a security risk when
the workspace serves malicious JavaScript. This is recommended for
security purposes if a --wildcard-access-url is configured.
--swagger-enable bool, $CODER_SWAGGER_ENABLE
--swagger-enable bool, $CODER_SWAGGER_ENABLE
Expose the swagger endpoint via /swagger.
--experiments string-array, $CODER_EXPERIMENTS
--experiments string-array, $CODER_EXPERIMENTS
Enable one or more experiments. These are not ready for production.
Separate multiple experiments with commas, or enter '*' to opt-in to
all available experiments.
--postgres-url string, $CODER_PG_CONNECTION_URL
--postgres-url string, $CODER_PG_CONNECTION_URL
URL of a PostgreSQL database. If empty, PostgreSQL binaries will be
downloaded from Maven (https://repo1.maven.org/maven2) and store all
data in the config root. Access the built-in database with "coder
server postgres-builtin-url".
--ssh-keygen-algorithm string, $CODER_SSH_KEYGEN_ALGORITHM (default: ed25519)
--ssh-keygen-algorithm string, $CODER_SSH_KEYGEN_ALGORITHM (default: ed25519)
The algorithm to use for generating ssh keys. Accepted values are
"ed25519", "ecdsa", or "rsa4096".
--update-check bool, $CODER_UPDATE_CHECK (default: false)
--update-check bool, $CODER_UPDATE_CHECK (default: false)
Periodically check for new releases of Coder and inform the owner. The
check is performed once per day.
CLIENT OPTIONS:
CLIENT OPTIONS:
These options change the behavior of how clients interact with the Coder.
Clients include the coder cli, vs code extension, and the web UI.
--ssh-config-options string-array, $CODER_SSH_CONFIG_OPTIONS
--ssh-config-options string-array, $CODER_SSH_CONFIG_OPTIONS
These SSH config options will override the default SSH config options.
Provide options in "key=value" or "key value" format separated by
commas.Using this incorrectly can break SSH to your deployment, use
cautiously.
--ssh-hostname-prefix string, $CODER_SSH_HOSTNAME_PREFIX (default: coder.)
--ssh-hostname-prefix string, $CODER_SSH_HOSTNAME_PREFIX (default: coder.)
The SSH deployment prefix is used in the Host of the ssh config.
CONFIG OPTIONS:
CONFIG OPTIONS:
Use a YAML configuration file when your server launch become unwieldy.
-c, --config yaml-config-path, $CODER_CONFIG_PATH
-c, --config yaml-config-path, $CODER_CONFIG_PATH
Specify a YAML file to load configuration from.
--write-config bool
--write-config bool
Write out the current server config as YAML to stdout.
INTROSPECTION / LOGGING OPTIONS:
--enable-terraform-debug-mode bool, $CODER_ENABLE_TERRAFORM_DEBUG_MODE (default: false)
INTROSPECTION / LOGGING OPTIONS:
--enable-terraform-debug-mode bool, $CODER_ENABLE_TERRAFORM_DEBUG_MODE (default: false)
Allow administrators to enable Terraform debug output.
--log-human string, $CODER_LOGGING_HUMAN (default: /dev/stderr)
--log-human string, $CODER_LOGGING_HUMAN (default: /dev/stderr)
Output human-readable logs to a given file.
--log-json string, $CODER_LOGGING_JSON
--log-json string, $CODER_LOGGING_JSON
Output JSON logs to a given file.
-l, --log-filter string-array, $CODER_LOG_FILTER
-l, --log-filter string-array, $CODER_LOG_FILTER
Filter debug logs by matching against a given regex. Use .* to match
all debug logs.
--log-stackdriver string, $CODER_LOGGING_STACKDRIVER
--log-stackdriver string, $CODER_LOGGING_STACKDRIVER
Output Stackdriver compatible logs to a given file.
INTROSPECTION / PROMETHEUS OPTIONS:
--prometheus-address host:port, $CODER_PROMETHEUS_ADDRESS (default: 127.0.0.1:2112)
INTROSPECTION / PROMETHEUS OPTIONS:
--prometheus-address host:port, $CODER_PROMETHEUS_ADDRESS (default: 127.0.0.1:2112)
The bind address to serve prometheus metrics.
--prometheus-collect-agent-stats bool, $CODER_PROMETHEUS_COLLECT_AGENT_STATS
--prometheus-collect-agent-stats bool, $CODER_PROMETHEUS_COLLECT_AGENT_STATS
Collect agent stats (may increase charges for metrics storage).
--prometheus-collect-db-metrics bool, $CODER_PROMETHEUS_COLLECT_DB_METRICS (default: false)
--prometheus-collect-db-metrics bool, $CODER_PROMETHEUS_COLLECT_DB_METRICS (default: false)
Collect database metrics (may increase charges for metrics storage).
--prometheus-enable bool, $CODER_PROMETHEUS_ENABLE
--prometheus-enable bool, $CODER_PROMETHEUS_ENABLE
Serve prometheus metrics on the address defined by prometheus address.
INTROSPECTION / TRACING OPTIONS:
--trace-logs bool, $CODER_TRACE_LOGS
INTROSPECTION / TRACING OPTIONS:
--trace-logs bool, $CODER_TRACE_LOGS
Enables capturing of logs as events in traces. This is useful for
debugging, but may result in a very large amount of events being sent
to the tracing backend which may incur significant costs.
--trace bool, $CODER_TRACE_ENABLE
--trace bool, $CODER_TRACE_ENABLE
Whether application tracing data is collected. It exports to a backend
configured by environment variables. See:
https://github.com/open-telemetry/opentelemetry-specification/blob/main/specification/protocol/exporter.md.
--trace-honeycomb-api-key string, $CODER_TRACE_HONEYCOMB_API_KEY
--trace-honeycomb-api-key string, $CODER_TRACE_HONEYCOMB_API_KEY
Enables trace exporting to Honeycomb.io using the provided API Key.
INTROSPECTION / PPROF OPTIONS:
--pprof-address host:port, $CODER_PPROF_ADDRESS (default: 127.0.0.1:6060)
INTROSPECTION / PPROF OPTIONS:
--pprof-address host:port, $CODER_PPROF_ADDRESS (default: 127.0.0.1:6060)
The bind address to serve pprof.
--pprof-enable bool, $CODER_PPROF_ENABLE
--pprof-enable bool, $CODER_PPROF_ENABLE
Serve pprof metrics on the address defined by pprof address.
NETWORKING OPTIONS:
--access-url url, $CODER_ACCESS_URL
NETWORKING OPTIONS:
--access-url url, $CODER_ACCESS_URL
The URL that users will use to access the Coder deployment.
--docs-url url, $CODER_DOCS_URL
--docs-url url, $CODER_DOCS_URL
Specifies the custom docs URL.
--proxy-trusted-headers string-array, $CODER_PROXY_TRUSTED_HEADERS
--proxy-trusted-headers string-array, $CODER_PROXY_TRUSTED_HEADERS
Headers to trust for forwarding IP addresses. e.g. Cf-Connecting-Ip,
True-Client-Ip, X-Forwarded-For.
--proxy-trusted-origins string-array, $CODER_PROXY_TRUSTED_ORIGINS
--proxy-trusted-origins string-array, $CODER_PROXY_TRUSTED_ORIGINS
Origin addresses to respect "proxy-trusted-headers". e.g.
192.168.1.0/24.
--redirect-to-access-url bool, $CODER_REDIRECT_TO_ACCESS_URL
--redirect-to-access-url bool, $CODER_REDIRECT_TO_ACCESS_URL
Specifies whether to redirect requests that do not match the access
URL host.
--secure-auth-cookie bool, $CODER_SECURE_AUTH_COOKIE
--secure-auth-cookie bool, $CODER_SECURE_AUTH_COOKIE
Controls if the 'Secure' property is set on browser session cookies.
--wildcard-access-url url, $CODER_WILDCARD_ACCESS_URL
--wildcard-access-url url, $CODER_WILDCARD_ACCESS_URL
Specifies the wildcard hostname to use for workspace applications in
the form "*.example.com".
NETWORKING / DERP OPTIONS:
NETWORKING / DERP OPTIONS:
Most Coder deployments never have to think about DERP because all connections
between workspaces and users are peer-to-peer. However, when Coder cannot
establish a peer to peer connection, Coder uses a distributed relay network
backed by Tailscale and WireGuard.
--block-direct-connections bool, $CODER_BLOCK_DIRECT
--block-direct-connections bool, $CODER_BLOCK_DIRECT
Block peer-to-peer (aka. direct) workspace connections. All workspace
connections from the CLI will be proxied through Coder (or custom
configured DERP servers) and will never be peer-to-peer when enabled.
@ -167,36 +167,36 @@ backed by Tailscale and WireGuard.
until they are restarted after this change has been made, but new
connections will still be proxied regardless.
--derp-config-path string, $CODER_DERP_CONFIG_PATH
--derp-config-path string, $CODER_DERP_CONFIG_PATH
Path to read a DERP mapping from. See:
https://tailscale.com/kb/1118/custom-derp-servers/.
--derp-config-url string, $CODER_DERP_CONFIG_URL
--derp-config-url string, $CODER_DERP_CONFIG_URL
URL to fetch a DERP mapping on startup. See:
https://tailscale.com/kb/1118/custom-derp-servers/.
--derp-force-websockets bool, $CODER_DERP_FORCE_WEBSOCKETS
--derp-force-websockets bool, $CODER_DERP_FORCE_WEBSOCKETS
Force clients and agents to always use WebSocket to connect to DERP
relay servers. By default, DERP uses `Upgrade: derp`, which may cause
issues with some reverse proxies. Clients may automatically fallback
to WebSocket if they detect an issue with `Upgrade: derp`, but this
does not work in all situations.
--derp-server-enable bool, $CODER_DERP_SERVER_ENABLE (default: true)
--derp-server-enable bool, $CODER_DERP_SERVER_ENABLE (default: true)
Whether to enable or disable the embedded DERP relay server.
--derp-server-region-name string, $CODER_DERP_SERVER_REGION_NAME (default: Coder Embedded Relay)
--derp-server-region-name string, $CODER_DERP_SERVER_REGION_NAME (default: Coder Embedded Relay)
Region name that for the embedded DERP server.
--derp-server-stun-addresses string-array, $CODER_DERP_SERVER_STUN_ADDRESSES (default: stun.l.google.com:19302,stun1.l.google.com:19302,stun2.l.google.com:19302,stun3.l.google.com:19302,stun4.l.google.com:19302)
--derp-server-stun-addresses string-array, $CODER_DERP_SERVER_STUN_ADDRESSES (default: stun.l.google.com:19302,stun1.l.google.com:19302,stun2.l.google.com:19302,stun3.l.google.com:19302,stun4.l.google.com:19302)
Addresses for STUN servers to establish P2P connections. It's
recommended to have at least two STUN servers to give users the best
chance of connecting P2P to workspaces. Each STUN server will get it's
own DERP region, with region IDs starting at `--derp-server-region-id
+ 1`. Use special value 'disable' to turn off STUN completely.
NETWORKING / HTTP OPTIONS:
--disable-password-auth bool, $CODER_DISABLE_PASSWORD_AUTH
NETWORKING / HTTP OPTIONS:
--disable-password-auth bool, $CODER_DISABLE_PASSWORD_AUTH
Disable password authentication. This is recommended for security
purposes in production deployments that rely on an identity provider.
Any user with the owner role will be able to sign in with their
@ -205,221 +205,221 @@ backed by Tailscale and WireGuard.
create-admin` command to create a new admin user directly in the
database.
--disable-session-expiry-refresh bool, $CODER_DISABLE_SESSION_EXPIRY_REFRESH
--disable-session-expiry-refresh bool, $CODER_DISABLE_SESSION_EXPIRY_REFRESH
Disable automatic session expiry bumping due to activity. This forces
all sessions to become invalid after the session expiry duration has
been reached.
--http-address string, $CODER_HTTP_ADDRESS (default: 127.0.0.1:3000)
--http-address string, $CODER_HTTP_ADDRESS (default: 127.0.0.1:3000)
HTTP bind address of the server. Unset to disable the HTTP endpoint.
--max-token-lifetime duration, $CODER_MAX_TOKEN_LIFETIME (default: 876600h0m0s)
--max-token-lifetime duration, $CODER_MAX_TOKEN_LIFETIME (default: 876600h0m0s)
The maximum lifetime duration users can specify when creating an API
token.
--proxy-health-interval duration, $CODER_PROXY_HEALTH_INTERVAL (default: 1m0s)
--proxy-health-interval duration, $CODER_PROXY_HEALTH_INTERVAL (default: 1m0s)
The interval in which coderd should be checking the status of
workspace proxies.
--session-duration duration, $CODER_SESSION_DURATION (default: 24h0m0s)
--session-duration duration, $CODER_SESSION_DURATION (default: 24h0m0s)
The token expiry duration for browser sessions. Sessions may last
longer if they are actively making requests, but this functionality
can be disabled via --disable-session-expiry-refresh.
NETWORKING / TLS OPTIONS:
NETWORKING / TLS OPTIONS:
Configure TLS / HTTPS for your Coder deployment. If you're running Coder behind
a TLS-terminating reverse proxy or are accessing Coder over a secure link, you
can safely ignore these settings.
--strict-transport-security int, $CODER_STRICT_TRANSPORT_SECURITY (default: 0)
--strict-transport-security int, $CODER_STRICT_TRANSPORT_SECURITY (default: 0)
Controls if the 'Strict-Transport-Security' header is set on all
static file responses. This header should only be set if the server is
accessed via HTTPS. This value is the MaxAge in seconds of the header.
--strict-transport-security-options string-array, $CODER_STRICT_TRANSPORT_SECURITY_OPTIONS
--strict-transport-security-options string-array, $CODER_STRICT_TRANSPORT_SECURITY_OPTIONS
Two optional fields can be set in the Strict-Transport-Security
header; 'includeSubDomains' and 'preload'. The
'strict-transport-security' flag must be set to a non-zero value for
these options to be used.
--tls-address host:port, $CODER_TLS_ADDRESS (default: 127.0.0.1:3443)
--tls-address host:port, $CODER_TLS_ADDRESS (default: 127.0.0.1:3443)
HTTPS bind address of the server.
--tls-cert-file string-array, $CODER_TLS_CERT_FILE
--tls-cert-file string-array, $CODER_TLS_CERT_FILE
Path to each certificate for TLS. It requires a PEM-encoded file. To
configure the listener to use a CA certificate, concatenate the
primary certificate and the CA certificate together. The primary
certificate should appear first in the combined file.
--tls-client-auth string, $CODER_TLS_CLIENT_AUTH (default: none)
--tls-client-auth string, $CODER_TLS_CLIENT_AUTH (default: none)
Policy the server will follow for TLS Client Authentication. Accepted
values are "none", "request", "require-any", "verify-if-given", or
"require-and-verify".
--tls-client-ca-file string, $CODER_TLS_CLIENT_CA_FILE
--tls-client-ca-file string, $CODER_TLS_CLIENT_CA_FILE
PEM-encoded Certificate Authority file used for checking the
authenticity of client.
--tls-client-cert-file string, $CODER_TLS_CLIENT_CERT_FILE
--tls-client-cert-file string, $CODER_TLS_CLIENT_CERT_FILE
Path to certificate for client TLS authentication. It requires a
PEM-encoded file.
--tls-client-key-file string, $CODER_TLS_CLIENT_KEY_FILE
--tls-client-key-file string, $CODER_TLS_CLIENT_KEY_FILE
Path to key for client TLS authentication. It requires a PEM-encoded
file.
--tls-enable bool, $CODER_TLS_ENABLE
--tls-enable bool, $CODER_TLS_ENABLE
Whether TLS will be enabled.
--tls-key-file string-array, $CODER_TLS_KEY_FILE
--tls-key-file string-array, $CODER_TLS_KEY_FILE
Paths to the private keys for each of the certificates. It requires a
PEM-encoded file.
--tls-min-version string, $CODER_TLS_MIN_VERSION (default: tls12)
--tls-min-version string, $CODER_TLS_MIN_VERSION (default: tls12)
Minimum supported version of TLS. Accepted values are "tls10",
"tls11", "tls12" or "tls13".
OAUTH2 / GITHUB OPTIONS:
--oauth2-github-allow-everyone bool, $CODER_OAUTH2_GITHUB_ALLOW_EVERYONE
OAUTH2 / GITHUB OPTIONS:
--oauth2-github-allow-everyone bool, $CODER_OAUTH2_GITHUB_ALLOW_EVERYONE
Allow all logins, setting this option means allowed orgs and teams
must be empty.
--oauth2-github-allow-signups bool, $CODER_OAUTH2_GITHUB_ALLOW_SIGNUPS
--oauth2-github-allow-signups bool, $CODER_OAUTH2_GITHUB_ALLOW_SIGNUPS
Whether new users can sign up with GitHub.
--oauth2-github-allowed-orgs string-array, $CODER_OAUTH2_GITHUB_ALLOWED_ORGS
--oauth2-github-allowed-orgs string-array, $CODER_OAUTH2_GITHUB_ALLOWED_ORGS
Organizations the user must be a member of to Login with GitHub.
--oauth2-github-allowed-teams string-array, $CODER_OAUTH2_GITHUB_ALLOWED_TEAMS
--oauth2-github-allowed-teams string-array, $CODER_OAUTH2_GITHUB_ALLOWED_TEAMS
Teams inside organizations the user must be a member of to Login with
GitHub. Structured as: <organization-name>/<team-slug>.
--oauth2-github-client-id string, $CODER_OAUTH2_GITHUB_CLIENT_ID
--oauth2-github-client-id string, $CODER_OAUTH2_GITHUB_CLIENT_ID
Client ID for Login with GitHub.
--oauth2-github-client-secret string, $CODER_OAUTH2_GITHUB_CLIENT_SECRET
--oauth2-github-client-secret string, $CODER_OAUTH2_GITHUB_CLIENT_SECRET
Client secret for Login with GitHub.
--oauth2-github-enterprise-base-url string, $CODER_OAUTH2_GITHUB_ENTERPRISE_BASE_URL
--oauth2-github-enterprise-base-url string, $CODER_OAUTH2_GITHUB_ENTERPRISE_BASE_URL
Base URL of a GitHub Enterprise deployment to use for Login with
GitHub.
OIDC OPTIONS:
--oidc-group-auto-create bool, $CODER_OIDC_GROUP_AUTO_CREATE (default: false)
OIDC OPTIONS:
--oidc-group-auto-create bool, $CODER_OIDC_GROUP_AUTO_CREATE (default: false)
Automatically creates missing groups from a user's groups claim.
--oidc-allow-signups bool, $CODER_OIDC_ALLOW_SIGNUPS (default: true)
--oidc-allow-signups bool, $CODER_OIDC_ALLOW_SIGNUPS (default: true)
Whether new users can sign up with OIDC.
--oidc-auth-url-params struct[map[string]string], $CODER_OIDC_AUTH_URL_PARAMS (default: {"access_type": "offline"})
--oidc-auth-url-params struct[map[string]string], $CODER_OIDC_AUTH_URL_PARAMS (default: {"access_type": "offline"})
OIDC auth URL parameters to pass to the upstream provider.
--oidc-client-cert-file string, $CODER_OIDC_CLIENT_CERT_FILE
--oidc-client-cert-file string, $CODER_OIDC_CLIENT_CERT_FILE
Pem encoded certificate file to use for oauth2 PKI/JWT authorization.
The public certificate that accompanies oidc-client-key-file. A
standard x509 certificate is expected.
--oidc-client-id string, $CODER_OIDC_CLIENT_ID
--oidc-client-id string, $CODER_OIDC_CLIENT_ID
Client ID to use for Login with OIDC.
--oidc-client-key-file string, $CODER_OIDC_CLIENT_KEY_FILE
--oidc-client-key-file string, $CODER_OIDC_CLIENT_KEY_FILE
Pem encoded RSA private key to use for oauth2 PKI/JWT authorization.
This can be used instead of oidc-client-secret if your IDP supports
it.
--oidc-client-secret string, $CODER_OIDC_CLIENT_SECRET
--oidc-client-secret string, $CODER_OIDC_CLIENT_SECRET
Client secret to use for Login with OIDC.
--oidc-email-domain string-array, $CODER_OIDC_EMAIL_DOMAIN
--oidc-email-domain string-array, $CODER_OIDC_EMAIL_DOMAIN
Email domains that clients logging in with OIDC must match.
--oidc-email-field string, $CODER_OIDC_EMAIL_FIELD (default: email)
--oidc-email-field string, $CODER_OIDC_EMAIL_FIELD (default: email)
OIDC claim field to use as the email.
--oidc-group-field string, $CODER_OIDC_GROUP_FIELD
--oidc-group-field string, $CODER_OIDC_GROUP_FIELD
This field must be set if using the group sync feature and the scope
name is not 'groups'. Set to the claim to be used for groups.
--oidc-group-mapping struct[map[string]string], $CODER_OIDC_GROUP_MAPPING (default: {})
--oidc-group-mapping struct[map[string]string], $CODER_OIDC_GROUP_MAPPING (default: {})
A map of OIDC group IDs and the group in Coder it should map to. This
is useful for when OIDC providers only return group IDs.
--oidc-ignore-email-verified bool, $CODER_OIDC_IGNORE_EMAIL_VERIFIED
--oidc-ignore-email-verified bool, $CODER_OIDC_IGNORE_EMAIL_VERIFIED
Ignore the email_verified claim from the upstream provider.
--oidc-ignore-userinfo bool, $CODER_OIDC_IGNORE_USERINFO (default: false)
--oidc-ignore-userinfo bool, $CODER_OIDC_IGNORE_USERINFO (default: false)
Ignore the userinfo endpoint and only use the ID token for user
information.
--oidc-issuer-url string, $CODER_OIDC_ISSUER_URL
--oidc-issuer-url string, $CODER_OIDC_ISSUER_URL
Issuer URL to use for Login with OIDC.
--oidc-group-regex-filter regexp, $CODER_OIDC_GROUP_REGEX_FILTER (default: .*)
--oidc-group-regex-filter regexp, $CODER_OIDC_GROUP_REGEX_FILTER (default: .*)
If provided any group name not matching the regex is ignored. This
allows for filtering out groups that are not needed. This filter is
applied after the group mapping.
--oidc-scopes string-array, $CODER_OIDC_SCOPES (default: openid,profile,email)
--oidc-scopes string-array, $CODER_OIDC_SCOPES (default: openid,profile,email)
Scopes to grant when authenticating with OIDC.
--oidc-user-role-default string-array, $CODER_OIDC_USER_ROLE_DEFAULT
--oidc-user-role-default string-array, $CODER_OIDC_USER_ROLE_DEFAULT
If user role sync is enabled, these roles are always included for all
authenticated users. The 'member' role is always assigned.
--oidc-user-role-field string, $CODER_OIDC_USER_ROLE_FIELD
--oidc-user-role-field string, $CODER_OIDC_USER_ROLE_FIELD
This field must be set if using the user roles sync feature. Set this
to the name of the claim used to store the user's role. The roles
should be sent as an array of strings.
--oidc-user-role-mapping struct[map[string][]string], $CODER_OIDC_USER_ROLE_MAPPING (default: {})
--oidc-user-role-mapping struct[map[string][]string], $CODER_OIDC_USER_ROLE_MAPPING (default: {})
A map of the OIDC passed in user roles and the groups in Coder it
should map to. This is useful if the group names do not match. If
mapped to the empty string, the role will ignored.
--oidc-username-field string, $CODER_OIDC_USERNAME_FIELD (default: preferred_username)
--oidc-username-field string, $CODER_OIDC_USERNAME_FIELD (default: preferred_username)
OIDC claim field to use as the username.
--oidc-sign-in-text string, $CODER_OIDC_SIGN_IN_TEXT (default: OpenID Connect)
--oidc-sign-in-text string, $CODER_OIDC_SIGN_IN_TEXT (default: OpenID Connect)
The text to show on the OpenID Connect sign in button.
--oidc-icon-url url, $CODER_OIDC_ICON_URL
--oidc-icon-url url, $CODER_OIDC_ICON_URL
URL pointing to the icon to use on the OpenID Connect login button.
PROVISIONING OPTIONS:
PROVISIONING OPTIONS:
Tune the behavior of the provisioner, which is responsible for creating,
updating, and deleting workspace resources.
--provisioner-force-cancel-interval duration, $CODER_PROVISIONER_FORCE_CANCEL_INTERVAL (default: 10m0s)
--provisioner-force-cancel-interval duration, $CODER_PROVISIONER_FORCE_CANCEL_INTERVAL (default: 10m0s)
Time to force cancel provisioning tasks that are stuck.
--provisioner-daemon-poll-interval duration, $CODER_PROVISIONER_DAEMON_POLL_INTERVAL (default: 1s)
--provisioner-daemon-poll-interval duration, $CODER_PROVISIONER_DAEMON_POLL_INTERVAL (default: 1s)
Time to wait before polling for a new job.
--provisioner-daemon-poll-jitter duration, $CODER_PROVISIONER_DAEMON_POLL_JITTER (default: 100ms)
--provisioner-daemon-poll-jitter duration, $CODER_PROVISIONER_DAEMON_POLL_JITTER (default: 100ms)
Random jitter added to the poll interval.
--provisioner-daemon-psk string, $CODER_PROVISIONER_DAEMON_PSK
--provisioner-daemon-psk string, $CODER_PROVISIONER_DAEMON_PSK
Pre-shared key to authenticate external provisioner daemons to Coder
server.
--provisioner-daemons int, $CODER_PROVISIONER_DAEMONS (default: 3)
--provisioner-daemons int, $CODER_PROVISIONER_DAEMONS (default: 3)
Number of provisioner daemons to create on start. If builds are stuck
in queued state for a long time, consider increasing this.
TELEMETRY OPTIONS:
TELEMETRY OPTIONS:
Telemetry is critical to our ability to improve Coder. We strip all
personalinformation before sending data to our servers. Please only disable
telemetrywhen required by your organization's security policy.
--telemetry bool, $CODER_TELEMETRY_ENABLE (default: false)
--telemetry bool, $CODER_TELEMETRY_ENABLE (default: false)
Whether telemetry is enabled or not. Coder collects anonymized usage
data to help improve our product.
USER QUIET HOURS SCHEDULE OPTIONS:
USER QUIET HOURS SCHEDULE OPTIONS:
Allow users to set quiet hours schedules each day for workspaces to avoid
workspaces stopping during the day due to template max TTL.
--default-quiet-hours-schedule string, $CODER_QUIET_HOURS_DEFAULT_SCHEDULE
--default-quiet-hours-schedule string, $CODER_QUIET_HOURS_DEFAULT_SCHEDULE
The default daily cron schedule applied to users that haven't set a
custom quiet hours schedule themselves. The quiet hours schedule
determines when workspaces will be force stopped due to the template's
@ -429,8 +429,8 @@ workspaces stopping during the day due to template max TTL.
one hour and minute can be specified (ranges or comma separated values
are not supported).
⚠️ DANGEROUS OPTIONS:
--dangerous-allow-path-app-sharing bool, $CODER_DANGEROUS_ALLOW_PATH_APP_SHARING
⚠️ DANGEROUS OPTIONS:
--dangerous-allow-path-app-sharing bool, $CODER_DANGEROUS_ALLOW_PATH_APP_SHARING
Allow workspace apps that are not served from subdomains to be shared.
Path-based app sharing is DISABLED by default for security purposes.
Path-based apps can make requests to the Coder API and pose a security
@ -438,7 +438,7 @@ workspaces stopping during the day due to template max TTL.
can be disabled entirely with --disable-path-apps for further
security.
--dangerous-allow-path-app-site-owner-access bool, $CODER_DANGEROUS_ALLOW_PATH_APP_SITE_OWNER_ACCESS
--dangerous-allow-path-app-site-owner-access bool, $CODER_DANGEROUS_ALLOW_PATH_APP_SITE_OWNER_ACCESS
Allow site-owners to access workspace apps from workspaces they do not
own. Owners cannot access path-based apps they do not own by default.
Path-based apps can make requests to the Coder API and pose a security
@ -446,17 +446,17 @@ workspaces stopping during the day due to template max TTL.
can be disabled entirely with --disable-path-apps for further
security.
ENTERPRISE OPTIONS:
ENTERPRISE OPTIONS:
These options are only available in the Enterprise Edition.
--browser-only bool, $CODER_BROWSER_ONLY
--browser-only bool, $CODER_BROWSER_ONLY
Whether Coder only allows connections to workspaces via the browser.
--derp-server-relay-url url, $CODER_DERP_SERVER_RELAY_URL
--derp-server-relay-url url, $CODER_DERP_SERVER_RELAY_URL
An HTTP URL that is accessible by other replicas to relay DERP
traffic. Required for high availability.
--external-token-encryption-keys string-array, $CODER_EXTERNAL_TOKEN_ENCRYPTION_KEYS
--external-token-encryption-keys string-array, $CODER_EXTERNAL_TOKEN_ENCRYPTION_KEYS
Encrypt OIDC and Git authentication tokens with AES-256-GCM in the
database. The value must be a comma-separated list of base64-encoded
keys. Each key, when base64-decoded, must be exactly 32 bytes in
@ -466,7 +466,7 @@ These options are only available in the Enterprise Edition.
process of rotating keys with the `coder server dbcrypt rotate`
command.
--scim-auth-header string, $CODER_SCIM_AUTH_HEADER
--scim-auth-header string, $CODER_SCIM_AUTH_HEADER
Enables SCIM and sets the authentication header for the built-in SCIM
server. New users are automatically created with OIDC authentication.

16
cli/testdata/coder_server_create-admin-user_--help.golden vendored
View File

@ -1,33 +1,33 @@
coder v0.0.0-devel
USAGE:
USAGE:
coder server create-admin-user [flags]
Create a new admin user with the given username, email and password and adds
it to every organization.
OPTIONS:
--email string, $CODER_EMAIL
OPTIONS:
--email string, $CODER_EMAIL
The email of the new user. If not specified, you will be prompted via
stdin.
--password string, $CODER_PASSWORD
--password string, $CODER_PASSWORD
The password of the new user. If not specified, you will be prompted
via stdin.
--postgres-url string, $CODER_PG_CONNECTION_URL
--postgres-url string, $CODER_PG_CONNECTION_URL
URL of a PostgreSQL database. If empty, the built-in PostgreSQL
deployment will be used (Coder must not be already running in this
case).
--raw-url bool
--raw-url bool
Output the raw connection URL instead of a psql command.
--ssh-keygen-algorithm string, $CODER_SSH_KEYGEN_ALGORITHM (default: ed25519)
--ssh-keygen-algorithm string, $CODER_SSH_KEYGEN_ALGORITHM (default: ed25519)
The algorithm to use for generating ssh keys. Accepted values are
"ed25519", "ecdsa", or "rsa4096".
--username string, $CODER_USERNAME
--username string, $CODER_USERNAME
The username of the new user. If not specified, you will be prompted
via stdin.

6
cli/testdata/coder_server_postgres-builtin-serve_--help.golden vendored
View File

@ -1,12 +1,12 @@
coder v0.0.0-devel
USAGE:
USAGE:
coder server postgres-builtin-serve [flags]
Run the built-in PostgreSQL deployment.
OPTIONS:
--raw-url bool
OPTIONS:
--raw-url bool
Output the raw connection URL instead of a psql command.
———

6
cli/testdata/coder_server_postgres-builtin-url_--help.golden vendored
View File

@ -1,12 +1,12 @@
coder v0.0.0-devel
USAGE:
USAGE:
coder server postgres-builtin-url [flags]
Output the connection URL for the built-in PostgreSQL deployment.
OPTIONS:
--raw-url bool
OPTIONS:
--raw-url bool
Output the raw connection URL instead of a psql command.
———

2
cli/testdata/coder_show_--help.golden vendored
View File

@ -1,6 +1,6 @@
coder v0.0.0-devel
USAGE:
USAGE:
coder show <workspace>
Display details of a workspace's resources and agents

10
cli/testdata/coder_speedtest_--help.golden vendored
View File

@ -1,20 +1,20 @@
coder v0.0.0-devel
USAGE:
USAGE:
coder speedtest [flags] <workspace>
Run upload and download tests from your machine to a workspace
OPTIONS:
-d, --direct bool
OPTIONS:
-d, --direct bool
Specifies whether to wait for a direct connection before testing
speed.
--direction up|down (default: down)
--direction up|down (default: down)
Specifies whether to run in reverse mode where the client receives and
the server sends.
-t, --time duration (default: 5s)
-t, --time duration (default: 5s)
Specifies the duration to monitor traffic.
———

22
cli/testdata/coder_ssh_--help.golden vendored
View File

@ -1,47 +1,47 @@
coder v0.0.0-devel
USAGE:
USAGE:
coder ssh [flags] <workspace>
Start a shell into a workspace
OPTIONS:
-A, --forward-agent bool, $CODER_SSH_FORWARD_AGENT
OPTIONS:
-A, --forward-agent bool, $CODER_SSH_FORWARD_AGENT
Specifies whether to forward the SSH agent specified in
$SSH_AUTH_SOCK.
-G, --forward-gpg bool, $CODER_SSH_FORWARD_GPG
-G, --forward-gpg bool, $CODER_SSH_FORWARD_GPG
Specifies whether to forward the GPG agent. Unsupported on Windows
workspaces, but supports all clients. Requires gnupg (gpg, gpgconf) on
both the client and workspace. The GPG agent must already be running
locally and will not be started for you. If a GPG agent is already
running in the workspace, it will be attempted to be killed.
--identity-agent string, $CODER_SSH_IDENTITY_AGENT
--identity-agent string, $CODER_SSH_IDENTITY_AGENT
Specifies which identity agent to use (overrides $SSH_AUTH_SOCK),
forward agent must also be enabled.
-l, --log-dir string, $CODER_SSH_LOG_DIR
-l, --log-dir string, $CODER_SSH_LOG_DIR
Specify the directory containing SSH diagnostic log files.
--no-wait bool, $CODER_SSH_NO_WAIT
--no-wait bool, $CODER_SSH_NO_WAIT
Enter workspace immediately after the agent has connected. This is the
default if the template has configured the agent startup script
behavior as non-blocking.
DEPRECATED: Use --wait instead.
-R, --remote-forward string, $CODER_SSH_REMOTE_FORWARD
-R, --remote-forward string, $CODER_SSH_REMOTE_FORWARD
Enable remote port forwarding (remote_port:local_address:local_port).
--stdio bool, $CODER_SSH_STDIO
--stdio bool, $CODER_SSH_STDIO
Specifies whether to emit SSH output over stdin/stdout.
--wait yes|no|auto, $CODER_SSH_WAIT (default: auto)
--wait yes|no|auto, $CODER_SSH_WAIT (default: auto)
Specifies whether or not to wait for the startup script to finish
executing. Auto means that the agent startup script behavior
configured in the workspace template is used.
--workspace-poll-interval duration, $CODER_WORKSPACE_POLL_INTERVAL (default: 1m)
--workspace-poll-interval duration, $CODER_WORKSPACE_POLL_INTERVAL (default: 1m)
Specifies how often to poll for workspace automated shutdown.
———

10
cli/testdata/coder_start_--help.golden vendored
View File

@ -1,18 +1,18 @@
coder v0.0.0-devel
USAGE:
USAGE:
coder start [flags] <workspace>
Start a workspace
OPTIONS:
--build-option string-array, $CODER_BUILD_OPTION
OPTIONS:
--build-option string-array, $CODER_BUILD_OPTION
Build option value in the format "name=value".
--build-options bool
--build-options bool
Prompt for one-time build options defined with ephemeral parameters.
-y, --yes bool
-y, --yes bool
Bypass prompts.
———

10
cli/testdata/coder_stat_--help.golden vendored
View File

@ -1,21 +1,21 @@
coder v0.0.0-devel
USAGE:
USAGE:
coder stat [flags]
Show resource usage for the current workspace.
SUBCOMMANDS:
SUBCOMMANDS:
cpu Show CPU usage, in cores.
disk Show disk usage, in gigabytes.
mem Show memory usage, in gigabytes.
OPTIONS:
-c, --column string-array (default: host_cpu,host_memory,home_disk,container_cpu,container_memory)
OPTIONS:
-c, --column string-array (default: host_cpu,host_memory,home_disk,container_cpu,container_memory)
Columns to display in table output. Available columns: host cpu, host
memory, home disk, container cpu, container memory.
-o, --output string (default: table)
-o, --output string (default: table)
Output format. Available formats: table, json.
———

8
cli/testdata/coder_stat_cpu_--help.golden vendored
View File

@ -1,15 +1,15 @@
coder v0.0.0-devel
USAGE:
USAGE:
coder stat cpu [flags]
Show CPU usage, in cores.
OPTIONS:
--host bool
OPTIONS:
--host bool
Force host CPU measurement.
-o, --output string (default: text)
-o, --output string (default: text)
Output format. Available formats: text, json.
———

10
cli/testdata/coder_stat_disk_--help.golden vendored
View File

@ -1,18 +1,18 @@
coder v0.0.0-devel
USAGE:
USAGE:
coder stat disk [flags]
Show disk usage, in gigabytes.
OPTIONS:
-o, --output string (default: text)
OPTIONS:
-o, --output string (default: text)
Output format. Available formats: text, json.
--path string (default: /)
--path string (default: /)
Path for which to check disk usage.
--prefix Ki|Mi|Gi|Ti (default: Gi)
--prefix Ki|Mi|Gi|Ti (default: Gi)
SI Prefix for disk measurement.
———

10
cli/testdata/coder_stat_mem_--help.golden vendored
View File

@ -1,18 +1,18 @@
coder v0.0.0-devel
USAGE:
USAGE:
coder stat mem [flags]
Show memory usage, in gigabytes.
OPTIONS:
--host bool
OPTIONS:
--host bool
Force host memory measurement.
-o, --output string (default: text)
-o, --output string (default: text)
Output format. Available formats: text, json.
--prefix Ki|Mi|Gi|Ti (default: Gi)
--prefix Ki|Mi|Gi|Ti (default: Gi)
SI Prefix for memory measurement.
———

4
cli/testdata/coder_state_--help.golden vendored
View File

@ -1,11 +1,11 @@
coder v0.0.0-devel
USAGE:
USAGE:
coder state
Manually manage Terraform state to fix broken workspaces
SUBCOMMANDS:
SUBCOMMANDS:
pull Pull a Terraform state file from a workspace.
push Push a Terraform state file to a workspace.

6
cli/testdata/coder_state_pull_--help.golden vendored
View File

@ -1,12 +1,12 @@
coder v0.0.0-devel
USAGE:
USAGE:
coder state pull [flags] <workspace> [file]
Pull a Terraform state file from a workspace.
OPTIONS:
-b, --build int
OPTIONS:
-b, --build int
Specify a workspace build to target by name. Defaults to latest.
———

6
cli/testdata/coder_state_push_--help.golden vendored
View File

@ -1,12 +1,12 @@
coder v0.0.0-devel
USAGE:
USAGE:
coder state push [flags] <workspace> <file>
Push a Terraform state file to a workspace.
OPTIONS:
-b, --build int
OPTIONS:
-b, --build int
Specify a workspace build to target by name. Defaults to latest.
———

6
cli/testdata/coder_stop_--help.golden vendored
View File

@ -1,12 +1,12 @@
coder v0.0.0-devel
USAGE:
USAGE:
coder stop [flags] <workspace>
Stop a workspace
OPTIONS:
-y, --yes bool
OPTIONS:
-y, --yes bool
Bypass prompts.
———

4
cli/testdata/coder_templates_--help.golden vendored
View File

@ -1,6 +1,6 @@
coder v0.0.0-devel
USAGE:
USAGE:
coder templates
Manage templates
@ -22,7 +22,7 @@ coder v0.0.0-devel
$ coder templates push my-template
SUBCOMMANDS:
SUBCOMMANDS:
create Create a template from the current directory or as specified by
flag
delete Delete templates

30
cli/testdata/coder_templates_create_--help.golden vendored
View File

@ -1,64 +1,64 @@
coder v0.0.0-devel
USAGE:
USAGE:
coder templates create [flags] [name]
Create a template from the current directory or as specified by flag
OPTIONS:
--default-ttl duration (default: 24h)
OPTIONS:
--default-ttl duration (default: 24h)
Specify a default TTL for workspaces created from this template. It is
the default time before shutdown - workspaces created from this
template default to this value. Maps to "Default autostop" in the UI.
-d, --directory string (default: .)
-d, --directory string (default: .)
Specify the directory to create from, use '-' to read tar from stdin.
--failure-ttl duration (default: 0h)
--failure-ttl duration (default: 0h)
Specify a failure TTL for workspaces created from this template. It is
the amount of time after a failed "start" build before coder
automatically schedules a "stop" build to cleanup.This licensed
feature's default is 0h (off). Maps to "Failure cleanup"in the UI.
--ignore-lockfile bool (default: false)
--ignore-lockfile bool (default: false)
Ignore warnings about not having a .terraform.lock.hcl file present in
the template.
--inactivity-ttl duration (default: 0h)
--inactivity-ttl duration (default: 0h)
Specify an inactivity TTL for workspaces created from this template.
It is the amount of time the workspace is not used before it is be
stopped and auto-locked. This includes across multiple builds (e.g.
auto-starts and stops). This licensed feature's default is 0h (off).
Maps to "Dormancy threshold" in the UI.
--max-ttl duration
--max-ttl duration
Edit the template maximum time before shutdown - workspaces created
from this template must shutdown within the given duration after
starting. This is an enterprise-only feature.
-m, --message string
-m, --message string
Specify a message describing the changes in this version of the
template. Messages longer than 72 characters will be displayed as
truncated.
--private bool
--private bool
Disable the default behavior of granting template access to the
'everyone' group. The template permissions must be updated to allow
non-admin users to use this template.
--provisioner-tag string-array
--provisioner-tag string-array
Specify a set of tags to target provisioner daemons.
--var string-array
--var string-array
Alias of --variable.
--variable string-array
--variable string-array
Specify a set of values for Terraform-managed variables.
--variables-file string
--variables-file string
Specify a file path with values for Terraform-managed variables.
-y, --yes bool
-y, --yes bool
Bypass prompts.
———

6
cli/testdata/coder_templates_delete_--help.golden vendored
View File

@ -1,14 +1,14 @@
coder v0.0.0-devel
USAGE:
USAGE:
coder templates delete [flags] [name...]
Delete templates
Aliases: rm
OPTIONS:
-y, --yes bool
OPTIONS:
-y, --yes bool
Bypass prompts.
———

28
cli/testdata/coder_templates_edit_--help.golden vendored
View File

@ -1,59 +1,59 @@
coder v0.0.0-devel
USAGE:
USAGE:
coder templates edit [flags] <template>
Edit the metadata of a template by name.
OPTIONS:
--allow-user-autostart bool (default: true)
OPTIONS:
--allow-user-autostart bool (default: true)
Allow users to configure autostart for workspaces on this template.
This can only be disabled in enterprise.
--allow-user-autostop bool (default: true)
--allow-user-autostop bool (default: true)
Allow users to customize the autostop TTL for workspaces on this
template. This can only be disabled in enterprise.
--allow-user-cancel-workspace-jobs bool (default: true)
--allow-user-cancel-workspace-jobs bool (default: true)
Allow users to cancel in-progress workspace jobs.
--default-ttl duration
--default-ttl duration
Edit the template default time before shutdown - workspaces created
from this template default to this value. Maps to "Default autostop"
in the UI.
--description string
--description string
Edit the template description.
--display-name string
--display-name string
Edit the template display name.
--failure-ttl duration (default: 0h)
--failure-ttl duration (default: 0h)
Specify a failure TTL for workspaces created from this template. It is
the amount of time after a failed "start" build before coder
automatically schedules a "stop" build to cleanup.This licensed
feature's default is 0h (off). Maps to "Failure cleanup" in the UI.
--icon string
--icon string
Edit the template icon path.
--inactivity-ttl duration (default: 0h)
--inactivity-ttl duration (default: 0h)
Specify an inactivity TTL for workspaces created from this template.
It is the amount of time the workspace is not used before it is be
stopped and auto-locked. This includes across multiple builds (e.g.
auto-starts and stops). This licensed feature's default is 0h (off).
Maps to "Dormancy threshold" in the UI.
--max-ttl duration
--max-ttl duration
Edit the template maximum time before shutdown - workspaces created
from this template must shutdown within the given duration after
starting, regardless of user activity. This is an enterprise-only
feature. Maps to "Max lifetime" in the UI.
--name string
--name string
Edit the template name.
-y, --yes bool
-y, --yes bool
Bypass prompts.
———

6
cli/testdata/coder_templates_init_--help.golden vendored
View File

@ -1,12 +1,12 @@
coder v0.0.0-devel
USAGE:
USAGE:
coder templates init [flags] [directory]
Get started with a templated template.
OPTIONS:
--id aws-ecs-container|aws-linux|aws-windows|azure-linux|do-linux|docker|docker-with-dotfiles|fly-docker-image|gcp-linux|gcp-vm-container|gcp-windows|kubernetes
OPTIONS:
--id aws-ecs-container|aws-linux|aws-windows|azure-linux|do-linux|docker|docker-with-dotfiles|fly-docker-image|gcp-linux|gcp-vm-container|gcp-windows|kubernetes
Specify a given example template by ID.
———

8
cli/testdata/coder_templates_list_--help.golden vendored
View File

@ -1,19 +1,19 @@
coder v0.0.0-devel
USAGE:
USAGE:
coder templates list [flags]
List all the templates available for the organization
Aliases: ls
OPTIONS:
-c, --column string-array (default: name,last updated,used by)
OPTIONS:
-c, --column string-array (default: name,last updated,used by)
Columns to display in table output. Available columns: name, created
at, last updated, organization id, provisioner, active version id,
used by, default ttl.
-o, --output string (default: table)
-o, --output string (default: table)
Output format. Available formats: table, json.
———

8
cli/testdata/coder_templates_pull_--help.golden vendored
View File

@ -1,15 +1,15 @@
coder v0.0.0-devel
USAGE:
USAGE:
coder templates pull [flags] <name> [destination]
Download the latest version of a template to a path.
OPTIONS:
--tar bool
OPTIONS:
--tar bool
Output the template as a tar archive to stdout.
-y, --yes bool
-y, --yes bool
Bypass prompts.
———

28
cli/testdata/coder_templates_push_--help.golden vendored
View File

@ -1,50 +1,50 @@
coder v0.0.0-devel
USAGE:
USAGE:
coder templates push [flags] [template]
Push a new template version from the current directory or as specified by flag
OPTIONS:
--activate bool (default: true)
OPTIONS:
--activate bool (default: true)
Whether the new template will be marked active.
--always-prompt bool
--always-prompt bool
Always prompt all parameters. Does not pull parameter values from
active template version.
--create bool (default: false)
--create bool (default: false)
Create the template if it does not exist.
-d, --directory string (default: .)
-d, --directory string (default: .)
Specify the directory to create from, use '-' to read tar from stdin.
--ignore-lockfile bool (default: false)
--ignore-lockfile bool (default: false)
Ignore warnings about not having a .terraform.lock.hcl file present in
the template.
-m, --message string
-m, --message string
Specify a message describing the changes in this version of the
template. Messages longer than 72 characters will be displayed as
truncated.
--name string
--name string
Specify a name for the new template version. It will be automatically
generated if not provided.
--provisioner-tag string-array
--provisioner-tag string-array
Specify a set of tags to target provisioner daemons.
--var string-array
--var string-array
Alias of --variable.
--variable string-array
--variable string-array
Specify a set of values for Terraform-managed variables.
--variables-file string
--variables-file string
Specify a file path with values for Terraform-managed variables.
-y, --yes bool
-y, --yes bool
Bypass prompts.
———

4
cli/testdata/coder_templates_versions_--help.golden vendored
View File

@ -1,6 +1,6 @@
coder v0.0.0-devel
USAGE:
USAGE:
coder templates versions
Manage different versions of the specified template
@ -11,7 +11,7 @@ coder v0.0.0-devel
$ coder templates versions list my-template
SUBCOMMANDS:
SUBCOMMANDS:
list List all the versions of the specified template
———

8
cli/testdata/coder_templates_versions_list_--help.golden vendored
View File

@ -1,16 +1,16 @@
coder v0.0.0-devel
USAGE:
USAGE:
coder templates versions list [flags] <template>
List all the versions of the specified template
OPTIONS:
-c, --column string-array (default: name,created at,created by,status,active)
OPTIONS:
-c, --column string-array (default: name,created at,created by,status,active)
Columns to display in table output. Available columns: name, created
at, created by, status, active.
-o, --output string (default: table)
-o, --output string (default: table)
Output format. Available formats: table, json.
———

4
cli/testdata/coder_tokens_--help.golden vendored
View File

@ -1,6 +1,6 @@
coder v0.0.0-devel
USAGE:
USAGE:
coder tokens
Manage personal access tokens
@ -20,7 +20,7 @@ coder v0.0.0-devel
$ coder tokens rm WuoWs4ZsMX
SUBCOMMANDS:
SUBCOMMANDS:
create Create a token
list List tokens
remove Delete a token

8
cli/testdata/coder_tokens_create_--help.golden vendored
View File

@ -1,15 +1,15 @@
coder v0.0.0-devel
USAGE:
USAGE:
coder tokens create [flags]
Create a token
OPTIONS:
--lifetime duration, $CODER_TOKEN_LIFETIME (default: 720h0m0s)
OPTIONS:
--lifetime duration, $CODER_TOKEN_LIFETIME (default: 720h0m0s)
Specify a duration for the lifetime of the token.
-n, --name string, $CODER_TOKEN_NAME
-n, --name string, $CODER_TOKEN_NAME
Specify a human-readable name.
———

10
cli/testdata/coder_tokens_list_--help.golden vendored
View File

@ -1,22 +1,22 @@
coder v0.0.0-devel
USAGE:
USAGE:
coder tokens list [flags]
List tokens
Aliases: ls
OPTIONS:
-a, --all bool
OPTIONS:
-a, --all bool
Specifies whether all users' tokens will be listed or not (must have
Owner role to see all tokens).
-c, --column string-array (default: id,name,last used,expires at,created at)
-c, --column string-array (default: id,name,last used,expires at,created at)
Columns to display in table output. Available columns: id, name, last
used, expires at, created at, owner.
-o, --output string (default: table)
-o, --output string (default: table)
Output format. Available formats: table, json.
———

2
cli/testdata/coder_tokens_remove_--help.golden vendored
View File

@ -1,6 +1,6 @@
coder v0.0.0-devel
USAGE:
USAGE:
coder tokens remove <name>
Delete a token

14
cli/testdata/coder_update_--help.golden vendored
View File

@ -1,27 +1,27 @@
coder v0.0.0-devel
USAGE:
USAGE:
coder update [flags] <workspace>
Will update and start a given workspace if it is out of date
Use --always-prompt to change the parameter values of the workspace.
OPTIONS:
--always-prompt bool
OPTIONS:
--always-prompt bool
Always prompt all parameters. Does not pull parameter values from
existing workspace.
--build-option string-array, $CODER_BUILD_OPTION
--build-option string-array, $CODER_BUILD_OPTION
Build option value in the format "name=value".
--build-options bool
--build-options bool
Prompt for one-time build options defined with ephemeral parameters.
--parameter string-array, $CODER_RICH_PARAMETER
--parameter string-array, $CODER_RICH_PARAMETER
Rich parameter value in the format "name=value".
--rich-parameter-file string, $CODER_RICH_PARAMETER_FILE
--rich-parameter-file string, $CODER_RICH_PARAMETER_FILE
Specify a file path with values for rich parameters defined in the
template.

4
cli/testdata/coder_users_--help.golden vendored
View File

@ -1,13 +1,13 @@
coder v0.0.0-devel
USAGE:
USAGE:
coder users [subcommand]
Manage users
Aliases: user
SUBCOMMANDS:
SUBCOMMANDS:
activate Update a user's status to 'active'. Active users can fully
interact with the platform
create

6
cli/testdata/coder_users_activate_--help.golden vendored
View File

@ -1,6 +1,6 @@
coder v0.0.0-devel
USAGE:
USAGE:
coder users activate [flags] <username|user_id>
Update a user's status to 'active'. Active users can fully interact with the
@ -10,8 +10,8 @@ coder v0.0.0-devel
$ coder users activate example_user
OPTIONS:
-c, --column string-array (default: username,email,created_at,status)
OPTIONS:
-c, --column string-array (default: username,email,created_at,status)
Specify a column to filter in the table.
———

12
cli/testdata/coder_users_create_--help.golden vendored
View File

@ -1,22 +1,22 @@
coder v0.0.0-devel
USAGE:
USAGE:
coder users create [flags]
OPTIONS:
-e, --email string
OPTIONS:
-e, --email string
Specifies an email address for the new user.
--login-type string
--login-type string
Optionally specify the login type for the user. Valid values are:
password, none, github, oidc. Using 'none' prevents the user from
authenticating and requires an API key/token to be generated by an
admin.
-p, --password string
-p, --password string
Specifies a password for the new user.
-u, --username string
-u, --username string
Specifies a username for the new user.
———

8
cli/testdata/coder_users_list_--help.golden vendored
View File

@ -1,16 +1,16 @@
coder v0.0.0-devel
USAGE:
USAGE:
coder users list [flags]
Aliases: ls
OPTIONS:
-c, --column string-array (default: username,email,created_at,status)
OPTIONS:
-c, --column string-array (default: username,email,created_at,status)
Columns to display in table output. Available columns: id, username,
email, created at, status.
-o, --output string (default: table)
-o, --output string (default: table)
Output format. Available formats: table, json.
———

6
cli/testdata/coder_users_show_--help.golden vendored
View File

@ -1,14 +1,14 @@
coder v0.0.0-devel
USAGE:
USAGE:
coder users show [flags] <username|user_id|'me'>
Show a single user. Use 'me' to indicate the currently authenticated user.
$ coder users show me
OPTIONS:
-o, --output string (default: table)
OPTIONS:
-o, --output string (default: table)
Output format. Available formats: table, json.
———

6
cli/testdata/coder_users_suspend_--help.golden vendored
View File

@ -1,6 +1,6 @@
coder v0.0.0-devel
USAGE:
USAGE:
coder users suspend [flags] <username|user_id>
Update a user's status to 'suspended'. A suspended user cannot log into the
@ -10,8 +10,8 @@ coder v0.0.0-devel
$ coder users suspend example_user
OPTIONS:
-c, --column string-array (default: username,email,created_at,status)
OPTIONS:
-c, --column string-array (default: username,email,created_at,status)
Specify a column to filter in the table.
———

6
cli/testdata/coder_version_--help.golden vendored
View File

@ -1,12 +1,12 @@
coder v0.0.0-devel
USAGE:
USAGE:
coder version [flags]
Show coder version
OPTIONS:
-o, --output string (default: text)
OPTIONS:
-o, --output string (default: text)
Output format. Available formats: text, json.
———

26
enterprise/cli/testdata/coder_--help.golden vendored
View File

@ -1,6 +1,6 @@
coder v0.0.0-devel
USAGE:
USAGE:
coder [global-flags] <subcommand>
Coder v0.0.0-devel — A tool for provisioning self-hosted development
@ -13,49 +13,49 @@ coder v0.0.0-devel
$ coder templates init
SUBCOMMANDS:
SUBCOMMANDS:
features List Enterprise features
groups Manage groups
licenses Add, delete, and list licenses
provisionerd Manage provisioner daemons
server Start a Coder server
GLOBAL OPTIONS:
GLOBAL OPTIONS:
Global options are applied to all commands. They can be set using environment
variables or flags.
--debug-options bool
--debug-options bool
Print all options, how they're set, then exit.
--disable-direct-connections bool, $CODER_DISABLE_DIRECT_CONNECTIONS
--disable-direct-connections bool, $CODER_DISABLE_DIRECT_CONNECTIONS
Disable direct (P2P) connections to workspaces.
--global-config string, $CODER_CONFIG_DIR (default: ~/.config/coderv2)
--global-config string, $CODER_CONFIG_DIR (default: ~/.config/coderv2)
Path to the global `coder` config directory.
--header string-array, $CODER_HEADER
--header string-array, $CODER_HEADER
Additional HTTP headers added to all requests. Provide as key=value.
Can be specified multiple times.
--header-command string, $CODER_HEADER_COMMAND
--header-command string, $CODER_HEADER_COMMAND
An external command that outputs additional HTTP headers added to all
requests. The command must output each header as `key=value` on its
own line.
--no-feature-warning bool, $CODER_NO_FEATURE_WARNING
--no-feature-warning bool, $CODER_NO_FEATURE_WARNING
Suppress warnings about unlicensed features.
--no-version-warning bool, $CODER_NO_VERSION_WARNING
--no-version-warning bool, $CODER_NO_VERSION_WARNING
Suppress warning when client and server versions do not match.
--token string, $CODER_SESSION_TOKEN
--token string, $CODER_SESSION_TOKEN
Specify an authentication token. For security reasons setting
CODER_SESSION_TOKEN is preferred.
--url url, $CODER_URL
--url url, $CODER_URL
URL to a deployment.
-v, --verbose bool, $CODER_VERBOSE
-v, --verbose bool, $CODER_VERBOSE
Enable verbose output.
———

4
enterprise/cli/testdata/coder_features_--help.golden vendored
View File

@ -1,13 +1,13 @@
coder v0.0.0-devel
USAGE:
USAGE:
coder features
List Enterprise features
Aliases: feature
SUBCOMMANDS:
SUBCOMMANDS:
list
———

8
enterprise/cli/testdata/coder_features_list_--help.golden vendored
View File

@ -1,16 +1,16 @@
coder v0.0.0-devel
USAGE:
USAGE:
coder features list [flags]
Aliases: ls
OPTIONS:
-c, --column string-array (default: Name,Entitlement,Enabled,Limit,Actual)
OPTIONS:
-c, --column string-array (default: Name,Entitlement,Enabled,Limit,Actual)
Specify a column to filter in the table. Available columns are: Name,
Entitlement, Enabled, Limit, Actual.
-o, --output string (default: table)
-o, --output string (default: table)
Output format. Available formats are: table, json.
———

4
enterprise/cli/testdata/coder_groups_--help.golden vendored
View File

@ -1,13 +1,13 @@
coder v0.0.0-devel
USAGE:
USAGE:
coder groups
Manage groups
Aliases: group
SUBCOMMANDS:
SUBCOMMANDS:
create Create a user group
delete Delete a user group
edit Edit a user group

8
enterprise/cli/testdata/coder_groups_create_--help.golden vendored
View File

@ -1,15 +1,15 @@
coder v0.0.0-devel
USAGE:
USAGE:
coder groups create [flags] <name>
Create a user group
OPTIONS:
-u, --avatar-url string, $CODER_AVATAR_URL
OPTIONS:
-u, --avatar-url string, $CODER_AVATAR_URL
Set an avatar for a group.
--display-name string, $CODER_DISPLAY_NAME
--display-name string, $CODER_DISPLAY_NAME
Optional human friendly name for the group.
———

2
enterprise/cli/testdata/coder_groups_delete_--help.golden vendored
View File

@ -1,6 +1,6 @@
coder v0.0.0-devel
USAGE:
USAGE:
coder groups delete <name>
Delete a user group

14
enterprise/cli/testdata/coder_groups_edit_--help.golden vendored
View File

@ -1,24 +1,24 @@
coder v0.0.0-devel
USAGE:
USAGE:
coder groups edit [flags] <name>
Edit a user group
OPTIONS:
-a, --add-users string-array
OPTIONS:
-a, --add-users string-array
Add users to the group. Accepts emails or IDs.
-u, --avatar-url string
-u, --avatar-url string
Update the group avatar.
--display-name string, $CODER_DISPLAY_NAME
--display-name string, $CODER_DISPLAY_NAME
Optional human friendly name for the group.
-n, --name string
-n, --name string
Update the group name.
-r, --rm-users string-array
-r, --rm-users string-array
Remove users to the group. Accepts emails or IDs.
———

8
enterprise/cli/testdata/coder_groups_list_--help.golden vendored
View File

@ -1,16 +1,16 @@
coder v0.0.0-devel
USAGE:
USAGE:
coder groups list [flags]
List user groups
OPTIONS:
-c, --column string-array (default: name,display name,organization id,members,avatar url)
OPTIONS:
-c, --column string-array (default: name,display name,organization id,members,avatar url)
Columns to display in table output. Available columns: name, display
name, organization id, members, avatar url.
-o, --output string (default: table)
-o, --output string (default: table)
Output format. Available formats: table, json.
———

4
enterprise/cli/testdata/coder_licenses_--help.golden vendored
View File

@ -1,13 +1,13 @@
coder v0.0.0-devel
USAGE:
USAGE:
coder licenses
Add, delete, and list licenses
Aliases: license
SUBCOMMANDS:
SUBCOMMANDS:
add Add license to Coder deployment
delete Delete license by ID
list List licenses (including expired)

10
enterprise/cli/testdata/coder_licenses_add_--help.golden vendored
View File

@ -1,18 +1,18 @@
coder v0.0.0-devel
USAGE:
USAGE:
coder licenses add [flags] [-f file | -l license]
Add license to Coder deployment
OPTIONS:
--debug bool
OPTIONS:
--debug bool
Output license claims for debugging.
-f, --file string
-f, --file string
Load license from file.
-l, --license string
-l, --license string
License string.
———

2
enterprise/cli/testdata/coder_licenses_delete_--help.golden vendored
View File

@ -1,6 +1,6 @@
coder v0.0.0-devel
USAGE:
USAGE:
coder licenses delete <id>
Delete license by ID

8
enterprise/cli/testdata/coder_licenses_list_--help.golden vendored
View File

@ -1,18 +1,18 @@
coder v0.0.0-devel
USAGE:
USAGE:
coder licenses list [flags]
List licenses (including expired)
Aliases: ls
OPTIONS:
-c, --column string-array (default: UUID,Expires At,Uploaded At,Features)
OPTIONS:
-c, --column string-array (default: UUID,Expires At,Uploaded At,Features)
Columns to display in table output. Available columns: id, uuid,
uploaded at, features, expires at, trial.
-o, --output string (default: table)
-o, --output string (default: table)
Output format. Available formats: table, json.
———

4
enterprise/cli/testdata/coder_provisionerd_--help.golden vendored
View File

@ -1,11 +1,11 @@
coder v0.0.0-devel
USAGE:
USAGE:
coder provisionerd
Manage provisioner daemons
SUBCOMMANDS:
SUBCOMMANDS:
start Run a provisioner daemon
———

14
enterprise/cli/testdata/coder_provisionerd_start_--help.golden vendored
View File

@ -1,24 +1,24 @@
coder v0.0.0-devel
USAGE:
USAGE:
coder provisionerd start [flags]
Run a provisioner daemon
OPTIONS:
-c, --cache-dir string, $CODER_CACHE_DIRECTORY (default: [cache dir])
OPTIONS:
-c, --cache-dir string, $CODER_CACHE_DIRECTORY (default: [cache dir])
Directory to store cached data.
--poll-interval duration, $CODER_PROVISIONERD_POLL_INTERVAL (default: 1s)
--poll-interval duration, $CODER_PROVISIONERD_POLL_INTERVAL (default: 1s)
How often to poll for provisioner jobs.
--poll-jitter duration, $CODER_PROVISIONERD_POLL_JITTER (default: 100ms)
--poll-jitter duration, $CODER_PROVISIONERD_POLL_JITTER (default: 100ms)
How much to jitter the poll interval by.
--psk string, $CODER_PROVISIONER_DAEMON_PSK
--psk string, $CODER_PROVISIONER_DAEMON_PSK
Pre-shared key to authenticate with Coder server.
-t, --tag string-array, $CODER_PROVISIONERD_TAGS
-t, --tag string-array, $CODER_PROVISIONERD_TAGS
Tags to filter provisioner jobs by.
———

238
enterprise/cli/testdata/coder_server_--help.golden vendored
View File

@ -1,11 +1,11 @@
coder v0.0.0-devel
USAGE:
USAGE:
coder server [flags]
Start a Coder server
SUBCOMMANDS:
SUBCOMMANDS:
create-admin-user Create a new admin user with the given username,
email and password and adds it to every
organization.
@ -14,153 +14,153 @@ coder v0.0.0-devel
postgres-builtin-url Output the connection URL for the built-in
PostgreSQL deployment.
OPTIONS:
--cache-dir string, $CODER_CACHE_DIRECTORY (default: [cache dir])
OPTIONS:
--cache-dir string, $CODER_CACHE_DIRECTORY (default: [cache dir])
The directory to cache temporary files. If unspecified and
$CACHE_DIRECTORY is set, it will be used for compatibility with
systemd.
--disable-owner-workspace-access bool, $CODER_DISABLE_OWNER_WORKSPACE_ACCESS
--disable-owner-workspace-access bool, $CODER_DISABLE_OWNER_WORKSPACE_ACCESS
Remove the permission for the 'owner' role to have workspace execution
on all workspaces. This prevents the 'owner' from ssh, apps, and
terminal access based on the 'owner' role. They still have their user
permissions to access their own workspaces.
--disable-path-apps bool, $CODER_DISABLE_PATH_APPS
--disable-path-apps bool, $CODER_DISABLE_PATH_APPS
Disable workspace apps that are not served from subdomains. Path-based
apps can make requests to the Coder API and pose a security risk when
the workspace serves malicious JavaScript. This is recommended for
security purposes if a --wildcard-access-url is configured.
--swagger-enable bool, $CODER_SWAGGER_ENABLE
--swagger-enable bool, $CODER_SWAGGER_ENABLE
Expose the swagger endpoint via /swagger.
--experiments string-array, $CODER_EXPERIMENTS
--experiments string-array, $CODER_EXPERIMENTS
Enable one or more experiments. These are not ready for production.
Separate multiple experiments with commas, or enter '*' to opt-in to
all available experiments.
--postgres-url string, $CODER_PG_CONNECTION_URL
--postgres-url string, $CODER_PG_CONNECTION_URL
URL of a PostgreSQL database. If empty, PostgreSQL binaries will be
downloaded from Maven (https://repo1.maven.org/maven2) and store all
data in the config root. Access the built-in database with "coder
server postgres-builtin-url".
--ssh-keygen-algorithm string, $CODER_SSH_KEYGEN_ALGORITHM (default: ed25519)
--ssh-keygen-algorithm string, $CODER_SSH_KEYGEN_ALGORITHM (default: ed25519)
The algorithm to use for generating ssh keys. Accepted values are
"ed25519", "ecdsa", or "rsa4096".
--update-check bool, $CODER_UPDATE_CHECK (default: false)
--update-check bool, $CODER_UPDATE_CHECK (default: false)
Periodically check for new releases of Coder and inform the owner. The
check is performed once per day.
CLIENT OPTIONS:
CLIENT OPTIONS:
These options change the behavior of how clients interact with the Coder.
Clients include the coder cli, vs code extension, and the web UI.
--ssh-config-options string-array, $CODER_SSH_CONFIG_OPTIONS
--ssh-config-options string-array, $CODER_SSH_CONFIG_OPTIONS
These SSH config options will override the default SSH config options.
Provide options in "key=value" or "key value" format separated by
commas.Using this incorrectly can break SSH to your deployment, use
cautiously.
--ssh-hostname-prefix string, $CODER_SSH_HOSTNAME_PREFIX (default: coder.)
--ssh-hostname-prefix string, $CODER_SSH_HOSTNAME_PREFIX (default: coder.)
The SSH deployment prefix is used in the Host of the ssh config.
CONFIG OPTIONS:
CONFIG OPTIONS:
Use a YAML configuration file when your server launch become unwieldy.
-c, --config yaml-config-path, $CODER_CONFIG_PATH
-c, --config yaml-config-path, $CODER_CONFIG_PATH
Specify a YAML file to load configuration from.
--write-config bool
--write-config bool
Write out the current server config as YAML to stdout.
INTROSPECTION / LOGGING OPTIONS:
--enable-terraform-debug-mode bool, $CODER_ENABLE_TERRAFORM_DEBUG_MODE (default: false)
INTROSPECTION / LOGGING OPTIONS:
--enable-terraform-debug-mode bool, $CODER_ENABLE_TERRAFORM_DEBUG_MODE (default: false)
Allow administrators to enable Terraform debug output.
--log-human string, $CODER_LOGGING_HUMAN (default: /dev/stderr)
--log-human string, $CODER_LOGGING_HUMAN (default: /dev/stderr)
Output human-readable logs to a given file.
--log-json string, $CODER_LOGGING_JSON
--log-json string, $CODER_LOGGING_JSON
Output JSON logs to a given file.
-l, --log-filter string-array, $CODER_LOG_FILTER
-l, --log-filter string-array, $CODER_LOG_FILTER
Filter debug logs by matching against a given regex. Use .* to match
all debug logs.
--log-stackdriver string, $CODER_LOGGING_STACKDRIVER
--log-stackdriver string, $CODER_LOGGING_STACKDRIVER
Output Stackdriver compatible logs to a given file.
INTROSPECTION / PROMETHEUS OPTIONS:
--prometheus-address host:port, $CODER_PROMETHEUS_ADDRESS (default: 127.0.0.1:2112)
INTROSPECTION / PROMETHEUS OPTIONS:
--prometheus-address host:port, $CODER_PROMETHEUS_ADDRESS (default: 127.0.0.1:2112)
The bind address to serve prometheus metrics.
--prometheus-collect-agent-stats bool, $CODER_PROMETHEUS_COLLECT_AGENT_STATS
--prometheus-collect-agent-stats bool, $CODER_PROMETHEUS_COLLECT_AGENT_STATS
Collect agent stats (may increase charges for metrics storage).
--prometheus-collect-db-metrics bool, $CODER_PROMETHEUS_COLLECT_DB_METRICS (default: false)
--prometheus-collect-db-metrics bool, $CODER_PROMETHEUS_COLLECT_DB_METRICS (default: false)
Collect database metrics (may increase charges for metrics storage).
--prometheus-enable bool, $CODER_PROMETHEUS_ENABLE
--prometheus-enable bool, $CODER_PROMETHEUS_ENABLE
Serve prometheus metrics on the address defined by prometheus address.
INTROSPECTION / TRACING OPTIONS:
--trace-logs bool, $CODER_TRACE_LOGS
INTROSPECTION / TRACING OPTIONS:
--trace-logs bool, $CODER_TRACE_LOGS
Enables capturing of logs as events in traces. This is useful for
debugging, but may result in a very large amount of events being sent
to the tracing backend which may incur significant costs.
--trace bool, $CODER_TRACE_ENABLE
--trace bool, $CODER_TRACE_ENABLE
Whether application tracing data is collected. It exports to a backend
configured by environment variables. See:
https://github.com/open-telemetry/opentelemetry-specification/blob/main/specification/protocol/exporter.md.
--trace-honeycomb-api-key string, $CODER_TRACE_HONEYCOMB_API_KEY
--trace-honeycomb-api-key string, $CODER_TRACE_HONEYCOMB_API_KEY
Enables trace exporting to Honeycomb.io using the provided API Key.
INTROSPECTION / PPROF OPTIONS:
--pprof-address host:port, $CODER_PPROF_ADDRESS (default: 127.0.0.1:6060)
INTROSPECTION / PPROF OPTIONS:
--pprof-address host:port, $CODER_PPROF_ADDRESS (default: 127.0.0.1:6060)
The bind address to serve pprof.
--pprof-enable bool, $CODER_PPROF_ENABLE
--pprof-enable bool, $CODER_PPROF_ENABLE
Serve pprof metrics on the address defined by pprof address.
NETWORKING OPTIONS:
--access-url url, $CODER_ACCESS_URL
NETWORKING OPTIONS:
--access-url url, $CODER_ACCESS_URL
The URL that users will use to access the Coder deployment.
--docs-url url, $CODER_DOCS_URL
--docs-url url, $CODER_DOCS_URL
Specifies the custom docs URL.
--proxy-trusted-headers string-array, $CODER_PROXY_TRUSTED_HEADERS
--proxy-trusted-headers string-array, $CODER_PROXY_TRUSTED_HEADERS
Headers to trust for forwarding IP addresses. e.g. Cf-Connecting-Ip,
True-Client-Ip, X-Forwarded-For.
--proxy-trusted-origins string-array, $CODER_PROXY_TRUSTED_ORIGINS
--proxy-trusted-origins string-array, $CODER_PROXY_TRUSTED_ORIGINS
Origin addresses to respect "proxy-trusted-headers". e.g.
192.168.1.0/24.
--redirect-to-access-url bool, $CODER_REDIRECT_TO_ACCESS_URL
--redirect-to-access-url bool, $CODER_REDIRECT_TO_ACCESS_URL
Specifies whether to redirect requests that do not match the access
URL host.
--secure-auth-cookie bool, $CODER_SECURE_AUTH_COOKIE
--secure-auth-cookie bool, $CODER_SECURE_AUTH_COOKIE
Controls if the 'Secure' property is set on browser session cookies.
--wildcard-access-url url, $CODER_WILDCARD_ACCESS_URL
--wildcard-access-url url, $CODER_WILDCARD_ACCESS_URL
Specifies the wildcard hostname to use for workspace applications in
the form "*.example.com".
NETWORKING / DERP OPTIONS:
NETWORKING / DERP OPTIONS:
Most Coder deployments never have to think about DERP because all connections
between workspaces and users are peer-to-peer. However, when Coder cannot
establish a peer to peer connection, Coder uses a distributed relay network
backed by Tailscale and WireGuard.
--block-direct-connections bool, $CODER_BLOCK_DIRECT
--block-direct-connections bool, $CODER_BLOCK_DIRECT
Block peer-to-peer (aka. direct) workspace connections. All workspace
connections from the CLI will be proxied through Coder (or custom
configured DERP servers) and will never be peer-to-peer when enabled.
@ -168,36 +168,36 @@ backed by Tailscale and WireGuard.
until they are restarted after this change has been made, but new
connections will still be proxied regardless.
--derp-config-path string, $CODER_DERP_CONFIG_PATH
--derp-config-path string, $CODER_DERP_CONFIG_PATH
Path to read a DERP mapping from. See:
https://tailscale.com/kb/1118/custom-derp-servers/.
--derp-config-url string, $CODER_DERP_CONFIG_URL
--derp-config-url string, $CODER_DERP_CONFIG_URL
URL to fetch a DERP mapping on startup. See:
https://tailscale.com/kb/1118/custom-derp-servers/.
--derp-force-websockets bool, $CODER_DERP_FORCE_WEBSOCKETS
--derp-force-websockets bool, $CODER_DERP_FORCE_WEBSOCKETS
Force clients and agents to always use WebSocket to connect to DERP
relay servers. By default, DERP uses `Upgrade: derp`, which may cause
issues with some reverse proxies. Clients may automatically fallback
to WebSocket if they detect an issue with `Upgrade: derp`, but this
does not work in all situations.
--derp-server-enable bool, $CODER_DERP_SERVER_ENABLE (default: true)
--derp-server-enable bool, $CODER_DERP_SERVER_ENABLE (default: true)
Whether to enable or disable the embedded DERP relay server.
--derp-server-region-name string, $CODER_DERP_SERVER_REGION_NAME (default: Coder Embedded Relay)
--derp-server-region-name string, $CODER_DERP_SERVER_REGION_NAME (default: Coder Embedded Relay)
Region name that for the embedded DERP server.
--derp-server-stun-addresses string-array, $CODER_DERP_SERVER_STUN_ADDRESSES (default: stun.l.google.com:19302,stun1.l.google.com:19302,stun2.l.google.com:19302,stun3.l.google.com:19302,stun4.l.google.com:19302)
--derp-server-stun-addresses string-array, $CODER_DERP_SERVER_STUN_ADDRESSES (default: stun.l.google.com:19302,stun1.l.google.com:19302,stun2.l.google.com:19302,stun3.l.google.com:19302,stun4.l.google.com:19302)
Addresses for STUN servers to establish P2P connections. It's
recommended to have at least two STUN servers to give users the best
chance of connecting P2P to workspaces. Each STUN server will get it's
own DERP region, with region IDs starting at `--derp-server-region-id
+ 1`. Use special value 'disable' to turn off STUN completely.
NETWORKING / HTTP OPTIONS:
--disable-password-auth bool, $CODER_DISABLE_PASSWORD_AUTH
NETWORKING / HTTP OPTIONS:
--disable-password-auth bool, $CODER_DISABLE_PASSWORD_AUTH
Disable password authentication. This is recommended for security
purposes in production deployments that rely on an identity provider.
Any user with the owner role will be able to sign in with their
@ -206,221 +206,221 @@ backed by Tailscale and WireGuard.
create-admin` command to create a new admin user directly in the
database.
--disable-session-expiry-refresh bool, $CODER_DISABLE_SESSION_EXPIRY_REFRESH
--disable-session-expiry-refresh bool, $CODER_DISABLE_SESSION_EXPIRY_REFRESH
Disable automatic session expiry bumping due to activity. This forces
all sessions to become invalid after the session expiry duration has
been reached.
--http-address string, $CODER_HTTP_ADDRESS (default: 127.0.0.1:3000)
--http-address string, $CODER_HTTP_ADDRESS (default: 127.0.0.1:3000)
HTTP bind address of the server. Unset to disable the HTTP endpoint.
--max-token-lifetime duration, $CODER_MAX_TOKEN_LIFETIME (default: 876600h0m0s)
--max-token-lifetime duration, $CODER_MAX_TOKEN_LIFETIME (default: 876600h0m0s)
The maximum lifetime duration users can specify when creating an API
token.
--proxy-health-interval duration, $CODER_PROXY_HEALTH_INTERVAL (default: 1m0s)
--proxy-health-interval duration, $CODER_PROXY_HEALTH_INTERVAL (default: 1m0s)
The interval in which coderd should be checking the status of
workspace proxies.
--session-duration duration, $CODER_SESSION_DURATION (default: 24h0m0s)
--session-duration duration, $CODER_SESSION_DURATION (default: 24h0m0s)
The token expiry duration for browser sessions. Sessions may last
longer if they are actively making requests, but this functionality
can be disabled via --disable-session-expiry-refresh.
NETWORKING / TLS OPTIONS:
NETWORKING / TLS OPTIONS:
Configure TLS / HTTPS for your Coder deployment. If you're running Coder behind
a TLS-terminating reverse proxy or are accessing Coder over a secure link, you
can safely ignore these settings.
--strict-transport-security int, $CODER_STRICT_TRANSPORT_SECURITY (default: 0)
--strict-transport-security int, $CODER_STRICT_TRANSPORT_SECURITY (default: 0)
Controls if the 'Strict-Transport-Security' header is set on all
static file responses. This header should only be set if the server is
accessed via HTTPS. This value is the MaxAge in seconds of the header.
--strict-transport-security-options string-array, $CODER_STRICT_TRANSPORT_SECURITY_OPTIONS
--strict-transport-security-options string-array, $CODER_STRICT_TRANSPORT_SECURITY_OPTIONS
Two optional fields can be set in the Strict-Transport-Security
header; 'includeSubDomains' and 'preload'. The
'strict-transport-security' flag must be set to a non-zero value for
these options to be used.
--tls-address host:port, $CODER_TLS_ADDRESS (default: 127.0.0.1:3443)
--tls-address host:port, $CODER_TLS_ADDRESS (default: 127.0.0.1:3443)
HTTPS bind address of the server.
--tls-cert-file string-array, $CODER_TLS_CERT_FILE
--tls-cert-file string-array, $CODER_TLS_CERT_FILE
Path to each certificate for TLS. It requires a PEM-encoded file. To
configure the listener to use a CA certificate, concatenate the
primary certificate and the CA certificate together. The primary
certificate should appear first in the combined file.
--tls-client-auth string, $CODER_TLS_CLIENT_AUTH (default: none)
--tls-client-auth string, $CODER_TLS_CLIENT_AUTH (default: none)
Policy the server will follow for TLS Client Authentication. Accepted
values are "none", "request", "require-any", "verify-if-given", or
"require-and-verify".
--tls-client-ca-file string, $CODER_TLS_CLIENT_CA_FILE
--tls-client-ca-file string, $CODER_TLS_CLIENT_CA_FILE
PEM-encoded Certificate Authority file used for checking the
authenticity of client.
--tls-client-cert-file string, $CODER_TLS_CLIENT_CERT_FILE
--tls-client-cert-file string, $CODER_TLS_CLIENT_CERT_FILE
Path to certificate for client TLS authentication. It requires a
PEM-encoded file.
--tls-client-key-file string, $CODER_TLS_CLIENT_KEY_FILE
--tls-client-key-file string, $CODER_TLS_CLIENT_KEY_FILE
Path to key for client TLS authentication. It requires a PEM-encoded
file.
--tls-enable bool, $CODER_TLS_ENABLE
--tls-enable bool, $CODER_TLS_ENABLE
Whether TLS will be enabled.
--tls-key-file string-array, $CODER_TLS_KEY_FILE
--tls-key-file string-array, $CODER_TLS_KEY_FILE
Paths to the private keys for each of the certificates. It requires a
PEM-encoded file.
--tls-min-version string, $CODER_TLS_MIN_VERSION (default: tls12)
--tls-min-version string, $CODER_TLS_MIN_VERSION (default: tls12)
Minimum supported version of TLS. Accepted values are "tls10",
"tls11", "tls12" or "tls13".
OAUTH2 / GITHUB OPTIONS:
--oauth2-github-allow-everyone bool, $CODER_OAUTH2_GITHUB_ALLOW_EVERYONE
OAUTH2 / GITHUB OPTIONS:
--oauth2-github-allow-everyone bool, $CODER_OAUTH2_GITHUB_ALLOW_EVERYONE
Allow all logins, setting this option means allowed orgs and teams
must be empty.
--oauth2-github-allow-signups bool, $CODER_OAUTH2_GITHUB_ALLOW_SIGNUPS
--oauth2-github-allow-signups bool, $CODER_OAUTH2_GITHUB_ALLOW_SIGNUPS
Whether new users can sign up with GitHub.
--oauth2-github-allowed-orgs string-array, $CODER_OAUTH2_GITHUB_ALLOWED_ORGS
--oauth2-github-allowed-orgs string-array, $CODER_OAUTH2_GITHUB_ALLOWED_ORGS
Organizations the user must be a member of to Login with GitHub.
--oauth2-github-allowed-teams string-array, $CODER_OAUTH2_GITHUB_ALLOWED_TEAMS
--oauth2-github-allowed-teams string-array, $CODER_OAUTH2_GITHUB_ALLOWED_TEAMS
Teams inside organizations the user must be a member of to Login with
GitHub. Structured as: <organization-name>/<team-slug>.
--oauth2-github-client-id string, $CODER_OAUTH2_GITHUB_CLIENT_ID
--oauth2-github-client-id string, $CODER_OAUTH2_GITHUB_CLIENT_ID
Client ID for Login with GitHub.
--oauth2-github-client-secret string, $CODER_OAUTH2_GITHUB_CLIENT_SECRET
--oauth2-github-client-secret string, $CODER_OAUTH2_GITHUB_CLIENT_SECRET
Client secret for Login with GitHub.
--oauth2-github-enterprise-base-url string, $CODER_OAUTH2_GITHUB_ENTERPRISE_BASE_URL
--oauth2-github-enterprise-base-url string, $CODER_OAUTH2_GITHUB_ENTERPRISE_BASE_URL
Base URL of a GitHub Enterprise deployment to use for Login with
GitHub.
OIDC OPTIONS:
--oidc-group-auto-create bool, $CODER_OIDC_GROUP_AUTO_CREATE (default: false)
OIDC OPTIONS:
--oidc-group-auto-create bool, $CODER_OIDC_GROUP_AUTO_CREATE (default: false)
Automatically creates missing groups from a user's groups claim.
--oidc-allow-signups bool, $CODER_OIDC_ALLOW_SIGNUPS (default: true)
--oidc-allow-signups bool, $CODER_OIDC_ALLOW_SIGNUPS (default: true)
Whether new users can sign up with OIDC.
--oidc-auth-url-params struct[map[string]string], $CODER_OIDC_AUTH_URL_PARAMS (default: {"access_type": "offline"})
--oidc-auth-url-params struct[map[string]string], $CODER_OIDC_AUTH_URL_PARAMS (default: {"access_type": "offline"})
OIDC auth URL parameters to pass to the upstream provider.
--oidc-client-cert-file string, $CODER_OIDC_CLIENT_CERT_FILE
--oidc-client-cert-file string, $CODER_OIDC_CLIENT_CERT_FILE
Pem encoded certificate file to use for oauth2 PKI/JWT authorization.
The public certificate that accompanies oidc-client-key-file. A
standard x509 certificate is expected.
--oidc-client-id string, $CODER_OIDC_CLIENT_ID
--oidc-client-id string, $CODER_OIDC_CLIENT_ID
Client ID to use for Login with OIDC.
--oidc-client-key-file string, $CODER_OIDC_CLIENT_KEY_FILE
--oidc-client-key-file string, $CODER_OIDC_CLIENT_KEY_FILE
Pem encoded RSA private key to use for oauth2 PKI/JWT authorization.
This can be used instead of oidc-client-secret if your IDP supports
it.
--oidc-client-secret string, $CODER_OIDC_CLIENT_SECRET
--oidc-client-secret string, $CODER_OIDC_CLIENT_SECRET
Client secret to use for Login with OIDC.
--oidc-email-domain string-array, $CODER_OIDC_EMAIL_DOMAIN
--oidc-email-domain string-array, $CODER_OIDC_EMAIL_DOMAIN
Email domains that clients logging in with OIDC must match.
--oidc-email-field string, $CODER_OIDC_EMAIL_FIELD (default: email)
--oidc-email-field string, $CODER_OIDC_EMAIL_FIELD (default: email)
OIDC claim field to use as the email.
--oidc-group-field string, $CODER_OIDC_GROUP_FIELD
--oidc-group-field string, $CODER_OIDC_GROUP_FIELD
This field must be set if using the group sync feature and the scope
name is not 'groups'. Set to the claim to be used for groups.
--oidc-group-mapping struct[map[string]string], $CODER_OIDC_GROUP_MAPPING (default: {})
--oidc-group-mapping struct[map[string]string], $CODER_OIDC_GROUP_MAPPING (default: {})
A map of OIDC group IDs and the group in Coder it should map to. This
is useful for when OIDC providers only return group IDs.
--oidc-ignore-email-verified bool, $CODER_OIDC_IGNORE_EMAIL_VERIFIED
--oidc-ignore-email-verified bool, $CODER_OIDC_IGNORE_EMAIL_VERIFIED
Ignore the email_verified claim from the upstream provider.
--oidc-ignore-userinfo bool, $CODER_OIDC_IGNORE_USERINFO (default: false)
--oidc-ignore-userinfo bool, $CODER_OIDC_IGNORE_USERINFO (default: false)
Ignore the userinfo endpoint and only use the ID token for user
information.
--oidc-issuer-url string, $CODER_OIDC_ISSUER_URL
--oidc-issuer-url string, $CODER_OIDC_ISSUER_URL
Issuer URL to use for Login with OIDC.
--oidc-group-regex-filter regexp, $CODER_OIDC_GROUP_REGEX_FILTER (default: .*)
--oidc-group-regex-filter regexp, $CODER_OIDC_GROUP_REGEX_FILTER (default: .*)
If provided any group name not matching the regex is ignored. This
allows for filtering out groups that are not needed. This filter is
applied after the group mapping.
--oidc-scopes string-array, $CODER_OIDC_SCOPES (default: openid,profile,email)
--oidc-scopes string-array, $CODER_OIDC_SCOPES (default: openid,profile,email)
Scopes to grant when authenticating with OIDC.
--oidc-user-role-default string-array, $CODER_OIDC_USER_ROLE_DEFAULT
--oidc-user-role-default string-array, $CODER_OIDC_USER_ROLE_DEFAULT
If user role sync is enabled, these roles are always included for all
authenticated users. The 'member' role is always assigned.
--oidc-user-role-field string, $CODER_OIDC_USER_ROLE_FIELD
--oidc-user-role-field string, $CODER_OIDC_USER_ROLE_FIELD
This field must be set if using the user roles sync feature. Set this
to the name of the claim used to store the user's role. The roles
should be sent as an array of strings.
--oidc-user-role-mapping struct[map[string][]string], $CODER_OIDC_USER_ROLE_MAPPING (default: {})
--oidc-user-role-mapping struct[map[string][]string], $CODER_OIDC_USER_ROLE_MAPPING (default: {})
A map of the OIDC passed in user roles and the groups in Coder it
should map to. This is useful if the group names do not match. If
mapped to the empty string, the role will ignored.
--oidc-username-field string, $CODER_OIDC_USERNAME_FIELD (default: preferred_username)
--oidc-username-field string, $CODER_OIDC_USERNAME_FIELD (default: preferred_username)
OIDC claim field to use as the username.
--oidc-sign-in-text string, $CODER_OIDC_SIGN_IN_TEXT (default: OpenID Connect)
--oidc-sign-in-text string, $CODER_OIDC_SIGN_IN_TEXT (default: OpenID Connect)
The text to show on the OpenID Connect sign in button.
--oidc-icon-url url, $CODER_OIDC_ICON_URL
--oidc-icon-url url, $CODER_OIDC_ICON_URL
URL pointing to the icon to use on the OpenID Connect login button.
PROVISIONING OPTIONS:
PROVISIONING OPTIONS:
Tune the behavior of the provisioner, which is responsible for creating,
updating, and deleting workspace resources.
--provisioner-force-cancel-interval duration, $CODER_PROVISIONER_FORCE_CANCEL_INTERVAL (default: 10m0s)
--provisioner-force-cancel-interval duration, $CODER_PROVISIONER_FORCE_CANCEL_INTERVAL (default: 10m0s)
Time to force cancel provisioning tasks that are stuck.
--provisioner-daemon-poll-interval duration, $CODER_PROVISIONER_DAEMON_POLL_INTERVAL (default: 1s)
--provisioner-daemon-poll-interval duration, $CODER_PROVISIONER_DAEMON_POLL_INTERVAL (default: 1s)
Time to wait before polling for a new job.
--provisioner-daemon-poll-jitter duration, $CODER_PROVISIONER_DAEMON_POLL_JITTER (default: 100ms)
--provisioner-daemon-poll-jitter duration, $CODER_PROVISIONER_DAEMON_POLL_JITTER (default: 100ms)
Random jitter added to the poll interval.
--provisioner-daemon-psk string, $CODER_PROVISIONER_DAEMON_PSK
--provisioner-daemon-psk string, $CODER_PROVISIONER_DAEMON_PSK
Pre-shared key to authenticate external provisioner daemons to Coder
server.
--provisioner-daemons int, $CODER_PROVISIONER_DAEMONS (default: 3)
--provisioner-daemons int, $CODER_PROVISIONER_DAEMONS (default: 3)
Number of provisioner daemons to create on start. If builds are stuck
in queued state for a long time, consider increasing this.
TELEMETRY OPTIONS:
TELEMETRY OPTIONS:
Telemetry is critical to our ability to improve Coder. We strip all
personalinformation before sending data to our servers. Please only disable
telemetrywhen required by your organization's security policy.
--telemetry bool, $CODER_TELEMETRY_ENABLE (default: false)
--telemetry bool, $CODER_TELEMETRY_ENABLE (default: false)
Whether telemetry is enabled or not. Coder collects anonymized usage
data to help improve our product.
USER QUIET HOURS SCHEDULE OPTIONS:
USER QUIET HOURS SCHEDULE OPTIONS:
Allow users to set quiet hours schedules each day for workspaces to avoid
workspaces stopping during the day due to template max TTL.
--default-quiet-hours-schedule string, $CODER_QUIET_HOURS_DEFAULT_SCHEDULE
--default-quiet-hours-schedule string, $CODER_QUIET_HOURS_DEFAULT_SCHEDULE
The default daily cron schedule applied to users that haven't set a
custom quiet hours schedule themselves. The quiet hours schedule
determines when workspaces will be force stopped due to the template's
@ -430,8 +430,8 @@ workspaces stopping during the day due to template max TTL.
one hour and minute can be specified (ranges or comma separated values
are not supported).
⚠️ DANGEROUS OPTIONS:
--dangerous-allow-path-app-sharing bool, $CODER_DANGEROUS_ALLOW_PATH_APP_SHARING
⚠️ DANGEROUS OPTIONS:
--dangerous-allow-path-app-sharing bool, $CODER_DANGEROUS_ALLOW_PATH_APP_SHARING
Allow workspace apps that are not served from subdomains to be shared.
Path-based app sharing is DISABLED by default for security purposes.
Path-based apps can make requests to the Coder API and pose a security
@ -439,7 +439,7 @@ workspaces stopping during the day due to template max TTL.
can be disabled entirely with --disable-path-apps for further
security.
--dangerous-allow-path-app-site-owner-access bool, $CODER_DANGEROUS_ALLOW_PATH_APP_SITE_OWNER_ACCESS
--dangerous-allow-path-app-site-owner-access bool, $CODER_DANGEROUS_ALLOW_PATH_APP_SITE_OWNER_ACCESS
Allow site-owners to access workspace apps from workspaces they do not
own. Owners cannot access path-based apps they do not own by default.
Path-based apps can make requests to the Coder API and pose a security
@ -447,17 +447,17 @@ workspaces stopping during the day due to template max TTL.
can be disabled entirely with --disable-path-apps for further
security.
ENTERPRISE OPTIONS:
ENTERPRISE OPTIONS:
These options are only available in the Enterprise Edition.
--browser-only bool, $CODER_BROWSER_ONLY
--browser-only bool, $CODER_BROWSER_ONLY
Whether Coder only allows connections to workspaces via the browser.
--derp-server-relay-url url, $CODER_DERP_SERVER_RELAY_URL
--derp-server-relay-url url, $CODER_DERP_SERVER_RELAY_URL
An HTTP URL that is accessible by other replicas to relay DERP
traffic. Required for high availability.
--external-token-encryption-keys string-array, $CODER_EXTERNAL_TOKEN_ENCRYPTION_KEYS
--external-token-encryption-keys string-array, $CODER_EXTERNAL_TOKEN_ENCRYPTION_KEYS
Encrypt OIDC and Git authentication tokens with AES-256-GCM in the
database. The value must be a comma-separated list of base64-encoded
keys. Each key, when base64-decoded, must be exactly 32 bytes in
@ -467,7 +467,7 @@ These options are only available in the Enterprise Edition.
process of rotating keys with the `coder server dbcrypt rotate`
command.
--scim-auth-header string, $CODER_SCIM_AUTH_HEADER
--scim-auth-header string, $CODER_SCIM_AUTH_HEADER
Enables SCIM and sets the authentication header for the built-in SCIM
server. New users are automatically created with OIDC authentication.

16
enterprise/cli/testdata/coder_server_create-admin-user_--help.golden vendored
View File

@ -1,33 +1,33 @@
coder v0.0.0-devel
USAGE:
USAGE:
coder server create-admin-user [flags]
Create a new admin user with the given username, email and password and adds
it to every organization.
OPTIONS:
--email string, $CODER_EMAIL
OPTIONS:
--email string, $CODER_EMAIL
The email of the new user. If not specified, you will be prompted via
stdin.
--password string, $CODER_PASSWORD
--password string, $CODER_PASSWORD
The password of the new user. If not specified, you will be prompted
via stdin.
--postgres-url string, $CODER_PG_CONNECTION_URL
--postgres-url string, $CODER_PG_CONNECTION_URL
URL of a PostgreSQL database. If empty, the built-in PostgreSQL
deployment will be used (Coder must not be already running in this
case).
--raw-url bool
--raw-url bool
Output the raw connection URL instead of a psql command.
--ssh-keygen-algorithm string, $CODER_SSH_KEYGEN_ALGORITHM (default: ed25519)
--ssh-keygen-algorithm string, $CODER_SSH_KEYGEN_ALGORITHM (default: ed25519)
The algorithm to use for generating ssh keys. Accepted values are
"ed25519", "ecdsa", or "rsa4096".
--username string, $CODER_USERNAME
--username string, $CODER_USERNAME
The username of the new user. If not specified, you will be prompted
via stdin.

4
enterprise/cli/testdata/coder_server_dbcrypt_--help.golden vendored
View File

@ -1,11 +1,11 @@
coder v0.0.0-devel
USAGE:
USAGE:
coder server dbcrypt
Manage database encryption.
SUBCOMMANDS:
SUBCOMMANDS:
decrypt Decrypt a previously encrypted database.
delete Delete all encrypted data from the database. THIS IS A
DESTRUCTIVE OPERATION.

10
enterprise/cli/testdata/coder_server_dbcrypt_decrypt_--help.golden vendored
View File

@ -1,19 +1,19 @@
coder v0.0.0-devel
USAGE:
USAGE:
coder server dbcrypt decrypt [flags]
Decrypt a previously encrypted database.
OPTIONS:
--keys string-array, $CODER_EXTERNAL_TOKEN_ENCRYPTION_DECRYPT_KEYS
OPTIONS:
--keys string-array, $CODER_EXTERNAL_TOKEN_ENCRYPTION_DECRYPT_KEYS
Keys required to decrypt existing data. Must be a comma-separated list
of base64-encoded keys.
--postgres-url string, $CODER_PG_CONNECTION_URL
--postgres-url string, $CODER_PG_CONNECTION_URL
The connection URL for the Postgres database.
-y, --yes bool
-y, --yes bool
Bypass prompts.
———

8
enterprise/cli/testdata/coder_server_dbcrypt_delete_--help.golden vendored
View File

@ -1,17 +1,17 @@
coder v0.0.0-devel
USAGE:
USAGE:
coder server dbcrypt delete [flags]
Delete all encrypted data from the database. THIS IS A DESTRUCTIVE OPERATION.
Aliases: rm
OPTIONS:
--postgres-url string, $CODER_EXTERNAL_TOKEN_ENCRYPTION_POSTGRES_URL
OPTIONS:
--postgres-url string, $CODER_EXTERNAL_TOKEN_ENCRYPTION_POSTGRES_URL
The connection URL for the Postgres database.
-y, --yes bool
-y, --yes bool
Bypass prompts.
———

12
enterprise/cli/testdata/coder_server_dbcrypt_rotate_--help.golden vendored
View File

@ -1,22 +1,22 @@
coder v0.0.0-devel
USAGE:
USAGE:
coder server dbcrypt rotate [flags]
Rotate database encryption keys.
OPTIONS:
--new-key string, $CODER_EXTERNAL_TOKEN_ENCRYPTION_ENCRYPT_NEW_KEY
OPTIONS:
--new-key string, $CODER_EXTERNAL_TOKEN_ENCRYPTION_ENCRYPT_NEW_KEY
The new external token encryption key. Must be base64-encoded.
--old-keys string-array, $CODER_EXTERNAL_TOKEN_ENCRYPTION_ENCRYPT_OLD_KEYS
--old-keys string-array, $CODER_EXTERNAL_TOKEN_ENCRYPTION_ENCRYPT_OLD_KEYS
The old external token encryption keys. Must be a comma-separated list
of base64-encoded keys.
--postgres-url string, $CODER_PG_CONNECTION_URL
--postgres-url string, $CODER_PG_CONNECTION_URL
The connection URL for the Postgres database.
-y, --yes bool
-y, --yes bool
Bypass prompts.
———

6
enterprise/cli/testdata/coder_server_postgres-builtin-serve_--help.golden vendored
View File

@ -1,12 +1,12 @@
coder v0.0.0-devel
USAGE:
USAGE:
coder server postgres-builtin-serve [flags]
Run the built-in PostgreSQL deployment.
OPTIONS:
--raw-url bool
OPTIONS:
--raw-url bool
Output the raw connection URL instead of a psql command.
———

6
enterprise/cli/testdata/coder_server_postgres-builtin-url_--help.golden vendored
View File

@ -1,12 +1,12 @@
coder v0.0.0-devel
USAGE:
USAGE:
coder server postgres-builtin-url [flags]
Output the connection URL for the built-in PostgreSQL deployment.
OPTIONS:
--raw-url bool
OPTIONS:
--raw-url bool
Output the raw connection URL instead of a psql command.
———

2
go.mod
View File

@ -247,7 +247,7 @@ require (
github.com/cespare/xxhash/v2 v2.2.0 // indirect
github.com/clbanning/mxj/v2 v2.7.0 // indirect
github.com/cloudflare/circl v1.3.3 // indirect
github.com/coder/pretty v0.0.0-20230907215737-666f1c793d10
github.com/coder/pretty v0.0.0-20230908205945-e89ba86370e0
github.com/containerd/continuity v0.4.2-0.20230616210509-1e0d26eb2381 // indirect
github.com/coreos/go-iptables v0.6.0 // indirect
github.com/dlclark/regexp2 v1.10.0 // indirect

4
go.sum
View File

@ -214,8 +214,8 @@ github.com/coder/go-scim/pkg/v2 v2.0.0-20230221055123-1d63c1222136 h1:0RgB61LcNs
github.com/coder/go-scim/pkg/v2 v2.0.0-20230221055123-1d63c1222136/go.mod h1:VkD1P761nykiq75dz+4iFqIQIZka189tx1BQLOp0Skc=
github.com/coder/gvisor v0.0.0-20230714132058-be2e4ac102c3 h1:gtuDFa+InmMVUYiurBV+XYu24AeMGv57qlZ23i6rmyE=
github.com/coder/gvisor v0.0.0-20230714132058-be2e4ac102c3/go.mod h1:pzr6sy8gDLfVmDAg8OYrlKvGEHw5C3PGTiBXBTCx76Q=
github.com/coder/pretty v0.0.0-20230907215737-666f1c793d10 h1:uWbKrpV/yhctyqu27BSPzW2tRNzzPh7Q68im5AFznqM=
github.com/coder/pretty v0.0.0-20230907215737-666f1c793d10/go.mod h1:5UuS2Ts+nTToAMeOjNlnHFkPahrtDkmpydBen/3wgZc=
github.com/coder/pretty v0.0.0-20230908205945-e89ba86370e0 h1:3A0ES21Ke+FxEM8CXx9n47SZOKOpgSE1bbJzlE4qPVs=
github.com/coder/pretty v0.0.0-20230908205945-e89ba86370e0/go.mod h1:5UuS2Ts+nTToAMeOjNlnHFkPahrtDkmpydBen/3wgZc=
github.com/coder/retry v1.4.0 h1:g0fojHFxcdgM3sBULqgjFDxw1UIvaCqk4ngUDu0EWag=
github.com/coder/retry v1.4.0/go.mod h1:blHMk9vs6LkoRT9ZHyuZo360cufXEhrxqvEzeMtRGoY=
github.com/coder/ssh v0.0.0-20230621095435-9a7e23486f1c h1:TI7TzdFI0UvQmwgyQhtI1HeyYNRxAQpr8Tw/rjT8VSA=

2
provisionersdk/session.go
View File

@ -234,7 +234,7 @@ func (s *Session) extractArchive() error {
// Always check for context cancellation before reading the next header.
// This is mainly important for unit tests, since a canceled context means
// the underlying directory is going to be deleted. There still exists
// the small race condition that the context is cancelled after this, and
// the small race condition that the context is canceled after this, and
// before the disk write.
if ctx.Err() != nil {
return xerrors.Errorf("context canceled: %w", ctx.Err())

3
scaletest/workspacetraffic/run_test.go
View File

@ -8,6 +8,8 @@ import (
"testing"
"time"
"golang.org/x/exp/slices"
"github.com/coder/coder/v2/agent"
"github.com/coder/coder/v2/coderd/coderdtest"
"github.com/coder/coder/v2/codersdk"
@ -16,7 +18,6 @@ import (
"github.com/coder/coder/v2/provisionersdk/proto"
"github.com/coder/coder/v2/scaletest/workspacetraffic"
"github.com/coder/coder/v2/testutil"
"golang.org/x/exp/slices"
"github.com/google/uuid"
"github.com/stretchr/testify/assert"

2
scripts/apitypings/main.go
View File

@ -990,7 +990,7 @@ func (g *Generator) typescriptType(ty types.Type) (TypescriptType, error) {
}
// Do support "Stringer" interfaces, they likely can get string
// marshalled.
// marshaled.
for i := 0; i < intf.NumMethods(); i++ {
meth := intf.Method(i)
if meth.Name() == "String" {