39c0539d42
feat: add controls to template for determining startup days ( #10226 )
...
* feat: template controls which days can autostart
* Add unit test to test blocking autostart with DaysOfWeek
2023-10-13 11:57:18 -05:00
2a4ac2a53c
feat: expose user seat limits as Prometheus metrics ( #10169 )
2023-10-13 08:10:16 +00:00
59ae69b7f2
chore(enterprise/cli): fix test flake in TestServerDBCrypt ( #10222 )
...
* increase randomness in names generated by server dbcrypt
* more randomness
* close PTYs when we are done with them
2023-10-11 17:38:20 +01:00
3c43216e99
fix: remove Parallel() call after timeout context ( #10203 )
...
Fixes test flake seen here: https://github.com/coder/coder/runs/17562370632
It's inherently flaky to create a context with a timeout and then later call `t.Parallel()` since it causes the test to wait until all non-parallel tests have completed before resuming execution. By the time execution has resumed, the context may
have expired. The amount of time before resuming is dependent on machine resources and number of test cases, which are inherently variable.
2023-10-11 11:39:15 +04:00
fbabb43cbb
fix: ignore spurious node updates while waiting for errors ( #10175 )
...
fixes #9921
2023-10-11 09:22:20 +04:00
ec9b480ac0
fix: use is-dormant instead of dormant_at ( #10191 )
2023-10-10 19:00:09 -05:00
91555c3a85
feat: support configurable web terminal rendering ( #10095 )
...
* feat: support configurable web terminal rendering
- Added a deployment option for configuring web terminal rendering.
Valid values are 'webgl', 'canvas', and 'dom'.
2023-10-10 13:18:02 -05:00
05a393cd06
feat: only display license warnings to privileged users ( #10096 )
2023-10-10 12:48:51 -05:00
69d13f1676
chore: add archive column to template versions ( #10178 )
...
* chore: add archive column to template versions
2023-10-10 10:52:42 -05:00
b780bff429
chore: drop unused redirectToLoginOnMe parameter ( #10164 )
...
The parameter seems to be vestigial from an earlier use of the middleware, but is always set to `false` in the code.
2023-10-10 16:13:00 +04:00
863c2e7b64
feat: allow storing extra oauth token properties in the database ( #10152 )
2023-10-09 18:49:30 -05:00
36f3151b71
fix(enterprise/tailnet): properly detect legacy agents ( #10083 )
2023-10-06 16:49:26 +00:00
983e8c3ae8
feat: add API support for workspace automatic updates ( #10099 )
...
* Added automatic_updates to workspaces table
Signed-off-by: Spike Curtis <spike@coder.com>
* Queries and API updates
Signed-off-by: Spike Curtis <spike@coder.com>
* Golden files
Signed-off-by: Spike Curtis <spike@coder.com>
* Enable automatic updates on autostart
Signed-off-by: Spike Curtis <spike@coder.com>
* db migration number
Signed-off-by: Spike Curtis <spike@coder.com>
* fix imports and ts mock
Signed-off-by: Spike Curtis <spike@coder.com>
* code review updates
Signed-off-by: Spike Curtis <spike@coder.com>
---------
Signed-off-by: Spike Curtis <spike@coder.com>
2023-10-06 13:27:12 +04:00
b32d79ef0b
fix: fix failed workspaces continuously auto-deleting ( #10069 )
...
- Fixes an issue where workspaces that are eligible for auto-deletion
are retried every tick (1 minute) even if the previous deletion
transition failed.
The updated logic only attempts to delete workspaces that previously
failed once a day (24 hours since last attempt).
2023-10-05 14:11:39 -05:00
91265678ad
chore: add auditing to workspace dormancy ( #10070 )
...
- Adds an audit log for workspaces automatically transitioned to the dormant
state.
- Imposes a mininum of 1 minute on cleanup-related fields. This is to
prevent accidental API misuse from resulting in catastrophe.
2023-10-05 13:41:07 -05:00
5021e23105
chore: compute job status as column ( #10024 )
...
* chore: provisioner job status as column
* use provisioner job status for workspace searching
2023-10-04 20:57:46 -05:00
c194119689
chore: rename `AwaitTemplateVersionJobCompleted` and `AwaitWorkspaceBuildJobCompleted` ( #10003 )
2023-10-03 11:02:56 -06:00
f16eb1331f
chore: update multiple git providers docs ( #10017 )
...
* chore: update multiple git providers docs
* Improve var name
* Fix fmt
2023-10-03 15:27:02 +00:00
e55c25e037
chore: enable exhaustruct linter for database param structs ( #9995 )
2023-10-03 09:23:45 +01:00
8abca9bea7
chore: rename `git_auth` to `external_auth` in our schema ( #9935 )
...
* chore: rename `git_auth` to `external_auth` in our schema
We're changing Git auth to be external auth. It will support
any OAuth2 or OIDC provider.
To split up the larger change I want to contribute the schema
changes first, and I'll add the feature itself in another PR.
* Fix names
* Fix outdated view
* Rename some additional places
* Fix sort order
* Fix template versions auth route
* Fix types
* Fix dbauthz
2023-09-29 19:13:20 +00:00
4da1223a80
fix: pass `OnSubscribe` to HA MultiAgent ( #9947 )
...
Fixes https://github.com/coder/coder/issues/9929
2023-09-29 13:37:17 -05:00
2d1b35390e
chore: relax wsproxy version checking ( #9796 )
2023-09-27 19:34:55 +00:00
cb5f8df4c2
feat: expose application name via Appearance API ( #9886 )
2023-09-27 17:02:18 +02:00
93ef696b57
refactor(agent): add agenttest.New helper function ( #9812 )
...
* Adds agenttest.New() helper function
* Makes sure agent gets closed on test cleanup
* Makes sure you don't forget to set session token
* Sets the agent and client logger automatically
2023-09-26 12:05:19 +01:00
8d8402da00
fix(coderd/database): avoid clobbering workspace build state ( #9826 )
...
Fixes #9823 .
- Decomposes UpdateWorkspaceBuildByID into UpdateWorkspaceBuildProvisionerStateByID and UpdateWorkspaceBuildDeadlineByID.
- Replaces existing invocations of UpdateWorkspaceBuildByID with the newer queries where applicable.
- Modifies GetActiveWorkspaceBuildsByTemplateID to not return incomplete workspace builds.
2023-09-22 16:22:07 +01:00
e9077f3bd2
fix: use AlwaysEnable for licenses with all features ( #9808 )
...
* fix: use AlwaysEnable for licenses with all features
Signed-off-by: Spike Curtis <spike@coder.com>
* use dbtime.Now() intead of time.Now()
Signed-off-by: Spike Curtis <spike@coder.com>
---------
Signed-off-by: Spike Curtis <spike@coder.com>
2023-09-22 05:02:28 +00:00
c900b5f8df
feat: add single tailnet support to pgcoord ( #9351 )
2023-09-21 14:30:48 -05:00
f89b68056d
chore: add debug information to wsproxy errors ( #9683 )
...
* chore: add debug information to wsproxy errors
* Use codersdk.ReadBodyAsError
2023-09-20 10:05:14 -05:00
375c70d141
feat: integrate Acquirer for provisioner jobs ( #9717 )
...
* chore: add Acquirer to provisionerdserver pkg
Signed-off-by: Spike Curtis <spike@coder.com>
* code review improvements & fixes
Signed-off-by: Spike Curtis <spike@coder.com>
* feat: integrate Acquirer for provisioner jobs
Signed-off-by: Spike Curtis <spike@coder.com>
* Fix imports, whitespace
Signed-off-by: Spike Curtis <spike@coder.com>
* provisionerdserver always closes; remove poll interval from playwright
Signed-off-by: Spike Curtis <spike@coder.com>
* post jobs outside transactions
Signed-off-by: Spike Curtis <spike@coder.com>
* graceful shutdown in test
Signed-off-by: Spike Curtis <spike@coder.com>
* Mark AcquireJob deprecated
Signed-off-by: Spike Curtis <spike@coder.com>
* Graceful shutdown on all provisionerd tests
Signed-off-by: Spike Curtis <spike@coder.com>
* Deprecate, not remove CLI flags
Signed-off-by: Spike Curtis <spike@coder.com>
---------
Signed-off-by: Spike Curtis <spike@coder.com>
2023-09-19 10:25:57 +04:00
1df7589105
feat(coderd/database/dbtestutil): add ability to dump database on failure ( #9704 )
...
Adds dbtestutil.DumpOnFailure() to allow dumping the entire test database contents upon test failure.
This does nothing for dbfake currently.
2023-09-18 11:50:15 +01:00
9bcff30dee
fix(coderd/database): migrate workspaces.last_used_at to timestamptz ( #9699 )
2023-09-18 11:07:54 +01:00
efe804498b
feat: add quiet hours settings page ( #9676 )
2023-09-15 11:14:33 -06:00
72dff7f188
fix(enterprise/dbcrypt): do not skip deleted users when encrypting or deleting ( #9694 )
...
- Broadens scope of data generation in TestServerDBCrypt over all user login types, statuses, and deletion status.
- Adds support for specifying user status / user deletion status in dbgen
- Adds more comprehensive logging in TestServerDBCrypt upon test failure (to be generalized and expanded upon in a follow-up)
- Adds AllUserIDs query, updates dbcrypt to use this instead of GetUsers.
2023-09-15 15:09:40 +01:00
65db7a71b7
feat(coderd/database/dbtestutil): set default database timezone to non-UTC in unit tests ( #9672 )
...
- Adds dbtestutil.WithTimezone(tz) to allow setting the timezone for a test database.
- Modifies our test database setup code to pick a consistently weird timezone for the database.
- Adds the facility randtz.Name() to pick a random timezone which is consistent across subtests (via sync.Once).
- Adds a linter rule to warn against setting the test database timezone to UTC.
2023-09-15 09:01:32 +01:00
b63dfe7b75
perf(cli): optimize CPU consumption of help pages ( #9607 )
...
This change reduces the CPU consumption of --help by ~50%.
Also, this change removes ANSI escape codes from our golden files. I
don't think those were worth the inability to parallelize golden file tests and
global state fragility.
2023-09-14 19:48:29 -05:00
38560dd922
chore: remove coder trace telemetry ( #9677 )
2023-09-14 02:20:28 -04:00
4ebf490d97
feat: add Acquirer to provisionerdserver pkg ( #9658 )
...
* chore: add Acquirer to provisionerdserver pkg
Signed-off-by: Spike Curtis <spike@coder.com>
* code review improvements & fixes
Signed-off-by: Spike Curtis <spike@coder.com>
---------
Signed-off-by: Spike Curtis <spike@coder.com>
2023-09-13 16:36:43 +04:00
f703a5b34e
chore(cli): lighten flags on help page ( #9606 )
2023-09-08 13:43:56 -05:00
e361f1107b
feat(cli): colorize help page ( #9589 )
2023-09-08 18:21:33 +00:00
8d7eb1728c
fix: stop inserting provisioner daemons into the database ( #9108 )
...
Signed-off-by: Spike Curtis <spike@coder.com>
2023-09-08 10:37:36 +00:00
11b6068112
feat: add support for networked provisioners ( #9593 )
...
* Refactor provisionerd to use interface to connect to provisioners
Signed-off-by: Spike Curtis <spike@coder.com>
* feat: add support for networked provisioners
Signed-off-by: Spike Curtis <spike@coder.com>
* fix token length and linting
Signed-off-by: Spike Curtis <spike@coder.com>
---------
Signed-off-by: Spike Curtis <spike@coder.com>
2023-09-08 09:53:48 +00:00
dd97fe2bce
chore(cli): replace lipgloss with coder/pretty ( #9564 )
...
This change will improve over CLI performance and "snappiness" as well as
substantially reduce our test times. Preliminary benchmarks show
`coder server --help` times cut from 300ms to 120ms on my dogfood
instance.
The inefficiency of lipgloss disproportionately impacts our system, as all help
text for every command is generated whenever any command is invoked.
The `pretty` API could clean up a lot of the code (e.g., by replacing
complex string concatenations with Printf), but this commit is too
expansive as is so that work will be done in a follow up.
2023-09-07 16:28:22 -05:00
7d7c84bb4d
feat(coderd): connect dbcrypt package implementation ( #9523 )
...
See also: https://github.com/coder/coder/pull/9522
- Adds commands `server dbcrypt {rotate,decrypt,delete}` to re-encrypt, decrypt, or delete encrypted data, respectively.
- Plumbs through dbcrypt in enterprise/coderd (including unit tests).
- Adds documentation in admin/encryption.md.
This enables dbcrypt by default, but the feature is soft-enforced on supplying external token encryption keys. Without specifying any keys, encryption/decryption is a no-op.
2023-09-07 15:49:49 +01:00
7918e65510
feat(coderd): add dbcrypt package ( #9522 )
...
- Adds package enterprise/dbcrypt to implement database encryption/decryption
- Adds table dbcrypt_keys and associated queries
- Adds columns oauth_access_token_key_id and oauth_refresh_token_key_id
to tables git_auth_links and user_links
Co-authored-by: Kyle Carberry <kyle@coder.com>
2023-09-06 12:06:26 +01:00
630d125286
chore: fix typo in OpenID on cli help ( #9535 )
2023-09-05 18:37:21 +00:00
58f7071569
fix: make 'NoRefresh' honor unlimited tokens in gitauth ( #9472 )
...
* chore: fix NoRefresh to honor unlimited tokens
* improve testing coverage of gitauth
* refactor rest of gitauth tests
2023-09-05 09:08:04 -05:00
39e3b049a5
refactor(coderd/healthcheck): move derp report to derphealth package ( #9506 )
...
This change helps remove one indirect use of coderd/database in the slim
CLI.
No size change (yet).
Ref: #9380
2023-09-04 21:41:50 +03:00
d2115941b7
refactor(cli)!: remove reset-password from slim binary ( #9520 )
...
This is an alternative approach to #9519 and removes 2 MB instead of 1
MB (1.2 MB accounted for by embedded migration SQL files).
Combined with #9481 , #9506 , #9508 , #9517 , a total of 5 MB is removed.
Ref: #9380
2023-09-04 19:38:53 +03:00
ad23d33f28
refactor(coderd/schedule): move cron schedule to cron package ( #9507 )
...
This removes an indirect import of `coderd/database` from the CLI and
results in a logical separation between server related and generalized
schedule.
No size change (yet).
Ref: #9380
2023-09-04 16:48:25 +03:00
05439d2c1b
fix: generate username with uuid to prevent collision ( #9496 )
...
See https://github.com/coder/coder/actions/runs/6052801777/job/16426982174
2023-09-03 18:02:28 +00:00
27ab0d9a84
refactor(enterprise/cli): remove provisionerd from slim binary ( #9488 )
...
This change saves 8 MB in the slim binary.
Ref: #9380
2023-09-01 18:26:44 +00:00
19d7da3d24
refactor(coderd/database): split `Time` and `Now` into `dbtime` package ( #9482 )
...
Ref: #9380
2023-09-01 16:50:12 +00:00
f1f9cb030d
refactor(cli): avoid importing coderd in slim server ( #9483 )
...
This small change removes 11 MB from the slim binary size.
Ref: #9380
2023-09-01 13:32:21 +00:00
bc9fdd15f2
fix(enterprise/cli): correctly set default tags for PSK auth ( #9436 )
...
* provisionerd: unconditionally set tag scope to org for psk auth
* provisionerd: add unit tests for MutateTags
* cli: add some informational logging around provisionerd tags
* cli: respect CODER_VERBOSE when initializing logger
2023-09-01 10:37:09 +01:00
796a9754a9
feat(enterprise/audit): add user object to slog exporter ( #9456 )
2023-08-31 13:32:28 -05:00
11d4b6f758
chore: move dormancy to enterprise package ( #9468 )
2023-08-31 17:59:53 +02:00
e827278db7
feat: failed update refresh should redirect to login ( #9442 )
...
* chore: update refresh oauth token message
* chore: unauthorized -> forbidden for non authentication failures
* redirect to login on all 401 responses
* add unit test to verify 401 on expired refresh
2023-08-30 16:14:24 -05:00
1de61246a3
feat: add experimental template autostop requirement template settings UI ( #9417 )
2023-08-30 20:41:27 +00:00
90acf998bf
fix: fix null pointer on external provisioner daemons with daily_cost ( #9401 )
...
* fix: fix null pointer on external provisioner daemons with daily_cost
Signed-off-by: Spike Curtis <spike@coder.com>
* Add logging for debounce and job acquire
Signed-off-by: Spike Curtis <spike@coder.com>
* Return error instead of panic
Signed-off-by: Spike Curtis <spike@coder.com>
* remove debounce on external provisioners to fix test flakes
Signed-off-by: Spike Curtis <spike@coder.com>
---------
Signed-off-by: Spike Curtis <spike@coder.com>
2023-08-30 10:48:35 +00:00
a415395e9e
fix: stop dropping error log on context canceled after heartbeat ( #9427 )
...
Signed-off-by: Spike Curtis <spike@coder.com>
2023-08-30 14:44:00 +04:00
8443d3e0f8
fix(enterprise): ensure audit log json fields are formatted correctly ( #9397 )
2023-08-29 13:36:54 -05:00
a572800d47
chore: rename template restart requirement to autostop requirement ( #9295 )
2023-08-29 18:35:05 +00:00
be47cc58ff
fix(enterprise/coderd): use `websocketNetConn` in `workspaceProxyCoordinate` to bind context ( #9395 )
2023-08-28 23:12:45 +03:00
d9d4d74f99
test: add full OIDC fake IDP ( #9317 )
...
* test: implement fake OIDC provider with full functionality
* Refactor existing tests
2023-08-25 14:34:07 -05:00
60d5002eb6
refactor: change template archive extraction to be on provisioner ( #9264 )
...
* refactor provisionersdk protocol
Signed-off-by: Spike Curtis <spike@coder.com>
* refactor provisioners to use new protocol
Signed-off-by: Spike Curtis <spike@coder.com>
* refactor provisionerd to use new protocol
Signed-off-by: Spike Curtis <spike@coder.com>
* refactor tests & proto renames
* Fixes from self-review
Signed-off-by: Spike Curtis <spike@coder.com>
* appease fmt & link
Signed-off-by: Spike Curtis <spike@coder.com>
* code review fixes & e2e fixes
Signed-off-by: Spike Curtis <spike@coder.com>
* More fmt
Signed-off-by: Spike Curtis <spike@coder.com>
* Code review fixes
Signed-off-by: Spike Curtis <spike@coder.com>
* new gen; use uuid for session workdir
Signed-off-by: Spike Curtis <spike@coder.com>
* Revert nix-based gen CI task until dogfood is on nix
Signed-off-by: Spike Curtis <spike@coder.com>
* revert deleting dogfood Docker stuff
Signed-off-by: Spike Curtis <spike@coder.com>
* Revert "revert deleting dogfood Docker stuff"
This reverts commit 9762158167
2023-08-25 06:10:15 +00:00
7f14b50dbe
chore: rename locked to dormant ( #9290 )
...
* chore: rename locked to dormant
- The following columns have been updated:
- workspace.locked_at -> dormant_at
- template.inactivity_ttl -> time_til_dormant
- template.locked_ttl -> time_til_dormant_autodelete
This change has also been reflected in the SDK.
A route has also been updated from /workspaces/<id>/lock to /workspaces/<id>/dormant
2023-08-24 13:25:54 -05:00
64df076328
feat: add server flag to force DERP to use always websockets ( #9238 )
2023-08-24 17:22:31 +00:00
f35423c041
fix: update conn derpmap every 5s in single tailnet ( #9176 )
2023-08-23 11:20:31 +00:00
6e41cd1eda
feat: add activity bumping to template scheduling ( #9040 )
2023-08-22 15:15:13 -05:00
697b0283c5
chore: fix low hanging lint issues ( #9253 )
2023-08-22 12:32:37 -06:00
262d7692b6
feat: add force refresh of license entitlements ( #9155 )
...
* feat: add force refresh of license entitlements
* send "going away" mesasge on licenses pubsub on close
* Add manual refresh to licenses page
2023-08-22 09:26:43 -05:00
545a256b57
fix: correctly reject quota-violating builds ( #9233 )
...
Due to a logical error in CommitQuota, all workspace Stop->Start operations
were being accepted, regardless of the Quota limit. This issue only
appeared after #9201 , so this was a minor regression in main for about
3 days. This PR adds a test to make sure this kind of bug doesn't recur.
To make the new test possible, we give the echo provisioner the ability
to simulate responses to specific transitions.
2023-08-22 02:55:39 +00:00
22e781eced
chore: add /v2 to import module path ( #9072 )
...
* chore: add /v2 to import module path
go mod requires semantic versioning with versions greater than 1.x
This was a mechanical update by running:
```
go install github.com/marwan-at-work/mod/cmd/mod@latest
mod upgrade
```
Migrate generated files to import /v2
* Fix gen
2023-08-18 18:55:43 +00:00
2f46f2315c
fix: fix race in PGCoord at startup ( #9144 )
...
Signed-off-by: Spike Curtis <spike@coder.com>
2023-08-18 09:53:03 +04:00
2f6687a475
feat: expose Everyone group through UI ( #9117 )
...
- Allows setting quota allowances on the 'Everyone' group.
2023-08-17 13:25:16 -05:00
8910f05172
fix: /workspaces should work even if missing template perms ( #9152 )
...
If a user is missing template perms to a workspace, just block reading
that workspace. This is to keep the api consistent, it is not a rbac
enforcement.
This should ublock users reporting this bug that /workspaces returns
nothing when 1 workspace cannot be fully read. We might want to be
able to return missing or unknown fields in our api to account
for this.
2023-08-17 13:22:03 -05:00
c7a6d626b4
fix: make PGCoordinator close connections when unhealthy ( #9125 )
...
Signed-off-by: Spike Curtis <spike@coder.com>
2023-08-17 09:36:47 +04:00
6fd9975aed
feat(coderd): add `coder_app` usage stats ( #9001 )
...
Updates #8658
2023-08-16 15:22:00 +03:00
e4c24e05f8
fix: rename group GET request ( #9097 )
...
* fix: group GET req naming
* make: gen
2023-08-15 14:47:08 -04:00
9d9b330b16
chore: add request body to patch groups openapi spec ( #9101 )
2023-08-15 15:29:15 +00:00
41433cd1ec
feat: add terminationGracePeriodSeconds to provisioner chart ( #9048 )
...
* feat: add terminationGracePeriodSeconds to provisioner chart
Signed-off-by: Spike Curtis <spike@coder.com>
* Remove hardcoded 1 minute graceful timeout
Signed-off-by: Spike Curtis <spike@coder.com>
---------
Signed-off-by: Spike Curtis <spike@coder.com>
2023-08-15 08:38:58 +00:00
344d32b2f1
feat(coderd): expire agents from server tailnet ( #9092 )
2023-08-14 20:38:37 -05:00
25ce30df36
feat: add azure oidc PKI auth instead of client secret ( #9054 )
...
* feat: add azure oidc PKI auth instead of client secret
* add client cert and key as deployment options
* Custom token refresher to handle pki auth
2023-08-14 17:33:13 -05:00
47b8bf6585
feat: update workspace deadline when template policy changes ( #8964 )
2023-08-14 21:16:47 +00:00
37f9d4b783
feat: add --header-command flag ( #9059 )
...
This allows specifying a command to run that can output headers for
cases where users require dynamic headers (like to authenticate to their
VPN).
The primary use case is to add this flag in SSH configs created by the
VS Code plugin, although maybe config-ssh should do the same.
2023-08-14 12:12:17 -08:00
d2f22b063a
fix: move STUN servers into their own regions ( #9030 )
2023-08-11 05:04:17 +10:00
bc862fa493
chore: upgrade tailscale to v1.46.1 ( #8913 )
2023-08-09 19:50:26 +00:00
9941f49056
fix: remove stun nodes from workspace proxy regions ( #8990 )
2023-08-09 09:31:25 +00:00
f7a35e0559
chore: add workspace proxies to telemetry ( #8963 )
2023-08-08 18:29:35 +00:00
f4122fa9f5
feat: add auto group create from OIDC ( #8884 )
...
* add flag for auto create groups
* fixup! add flag for auto create groups
* sync missing groups
Also added a regex filter to filter out groups that are not
important
2023-08-08 11:37:49 -05:00
5339a31532
fix: remove refresh oauth logic on OIDC login ( #8950 )
...
* fix: do not do oauth refresh logic on oidc login
2023-08-08 10:05:12 -05:00
0c7ff4fb8a
fix(enterprise): ensure SCIM create user can unsuspend ( #8916 )
2023-08-04 22:03:21 +00:00
7224ff2af8
fix(enterprise/replicasync): fix data race in Manager.Regional ( #8910 )
2023-08-04 17:33:05 +01:00
cb4989cd8d
feat: add PSK for external provisionerd auth ( #8877 )
...
Signed-off-by: Spike Curtis <spike@coder.com>
2023-08-04 12:32:28 +04:00
4c1e63aae8
feat: add display_name field to groups ( #8740 )
...
* feat: add display_name field to groups
This is a non-unique human friendly group name for display
purposes. This means a display name can be used instead of
using an environment var to remap groups with OIDC names to
Coder names. Now groups can retain the OIDC name for mapping,
and use a display name for display purposes.
2023-08-02 10:53:06 -05:00
cd1e088f7c
feat: add --derp-only flag to wsproxy ( #8850 )
2023-08-03 00:35:06 +10:00
d6e9870209
feat: add "dormant" user state ( #8644 )
2023-08-02 16:31:25 +02:00
6b69970d7c
fix: avoid infinite loop in agent derp-map ( #8848 )
2023-08-02 13:18:46 +10:00
c575292ba6
fix: fix tailnet netcheck issues ( #8802 )
2023-08-02 01:50:43 +10:00
ddabe9cc7f
feat: improve RBAC preconditions for Insights endpoint ( #8794 )
2023-07-31 13:44:32 +00:00
4cc270b12b
revert(enterprise): make `pgcoord` experimental again ( #8797 )
2023-07-28 18:38:32 -05:00
0b4f333a6f
chore: add http debug support to pgcoord ( #8795 )
2023-07-28 17:59:31 -05:00
2811ab62d0
chore: fix workspace proxy flake ( #8755 )
2023-07-26 23:50:25 +00:00
dd2f79995b
chore(tailnet): rewrite coordinator debug using `html/template` ( #8752 )
2023-07-26 22:54:21 +00:00
25e30c6f41
feat(cli): support fine-grained server log filtering ( #8748 )
2023-07-26 16:46:22 -05:00
6b92abebb9
fix(tailnet): track agent names for http debug ( #8744 )
2023-07-26 18:44:10 +00:00
9ffbdc6696
hotfix: fix failed 32-bit builds ( #8741 )
2023-07-26 17:30:47 +00:00
2f0a9996e7
chore: add derpserver to wsproxy, add proxies to derpmap ( #7311 )
2023-07-27 02:21:04 +10:00
2089006fbc
feat!: drop reading other 'user' permission ( #8650 )
...
* feat: drop reading other 'user' permission
Members of the platform can no longer read or list other users.
Resources that have "created_by" or "initiated_by" still retain
user context, but only include username and avatar url.
Attempting to read a user found via those means will result in
a 404.
* Hide /users page for regular users
* make groups a privledged endpoint
* Permissions page for template perms
* Admin for a given template enables an endpoint for listing users/groups.
2023-07-26 10:33:48 -04:00
f07d2ff68d
fix(enterprise): ensure creating a SCIM user is idempotent ( #8730 )
2023-07-25 17:49:52 -05:00
de1a7a9210
chore: join user information to workspace_build and template_version ( #8625 )
...
* include minimial user on template version and build
* Add unit test to ensure join is superset
2023-07-25 09:14:38 -04:00
ac559f101e
fix: handle omitted role sync claim ( #8697 )
...
* fix: handle omitted role sync claim
2023-07-24 15:50:23 -04:00
f827829afe
feat: synchronize oidc user roles ( #8595 )
...
* feat: oidc user role sync
User roles come from oidc claims. Prevent manual user role changes
if set.
* allow mapping 1:many
2023-07-24 08:34:24 -04:00
b47d076756
feat: add deleting_at column to workspaces ( #8333 )
2023-07-20 22:01:11 -05:00
1cb39fc65d
test: ignore more spurious pgcoord errors ( #8628 )
2023-07-20 19:55:25 +00:00
dc8b73168e
feat: add user quiet hours schedule and restart requirement feature flag ( #8115 )
2023-07-20 23:35:41 +10:00
00b9a3ce58
fix: prevent error log when `pgcoord` query is canceled ( #8609 )
2023-07-19 16:40:57 -05:00
aceedefce3
chore: add `template_with_user` view to include user contextual data ( #8568 )
...
* chore: Refactor template sql queries to use new view
* TemplateWithUser -> Template
* Add unit test to enforce good view
2023-07-19 16:07:33 -04:00
f8a2bd0f4d
chore: remove duplicate logger name in wsproxy ServerTailnet ( #8604 )
2023-07-19 18:06:26 +00:00
517fb19474
feat: add single tailnet support to moons ( #8587 )
2023-07-19 11:11:11 -05:00
cc8d0af027
fix(enterprise): avoid initial license reconfig if feature isn't enabled ( #8586 )
2023-07-19 10:32:29 -05:00
4232a2eb96
feat: add custom docs URL to deployment config ( #8590 )
2023-07-19 08:31:17 -03:00
ce114a7f9f
chore: upgrade sqlc to 1.19.1 ( #8511 )
2023-07-15 09:07:19 +03:00
c47b78c44b
chore: replace wsconncache with a single tailnet ( #8176 )
2023-07-12 17:37:31 -05:00
e9d7a230fa
chore: server header specifies if wsproxy ( #8432 )
2023-07-12 12:07:36 +00:00
928091aa05
feat!: add table format to 'coder license ls', 'license_expires' --> 'license_expires_human' ( #8421 )
...
* feat: add table format to 'coder license ls'
* feat: license expires_at to table view
* change: `license_expires` to `license_expires_human` and `license_expires` is unix timestamp
2023-07-12 08:06:18 -04:00
2c2dd0eb83
chore: bump crate-ci/typos from v1.14.12 to v1.16.0 and fix typos ( #8455 )
...
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Muhammad Atif Ali <atif@coder.com>
Co-authored-by: Mathias Fredriksson <mafredri@gmail.com>
2023-07-12 12:01:30 +00:00
b4057bd74a
feat: make pgCoordinator generally available ( #8419 )
...
* pgCoord to GA, fix tests
Signed-off-by: Spike Curtis <spike@coder.com>
* Fix generation and coordinator delete RBAC
Signed-off-by: Spike Curtis <spike@coder.com>
* Fix fakeQuerier -> FakeQuerier
Signed-off-by: Spike Curtis <spike@coder.com>
---------
Signed-off-by: Spike Curtis <spike@coder.com>
2023-07-12 13:35:29 +04:00
bc102d6bd7
feat: add cli first class validation ( #8374 )
...
* feat: add cli first class validation
* feat: add required flag to cli options
* Add unit test to catch invalid and missing flag
2023-07-11 09:59:55 -04:00
3f6a158016
chore: enable exhaustruct linter ( #8403 )
...
* chore: enable exhaustruct linter
* add exlusion rules
* move to allowlist instead
* exhaustruct httpmw package
* fixup! exhaustruct httpmw package
* make lint
* address PR comments
2023-07-11 14:30:33 +01:00
75f62dc39d
feat: add support for template version messages in api and cli ( #8336 )
2023-07-11 13:11:08 +03:00
9a72ddf7d4
fix(enterprise/coderd): add missing fields to extract api key config ( #8393 )
2023-07-10 16:51:50 +03:00
f75d497c41
chore: touch ups to wsproxy UX ( #8350 )
...
* chore: update wording on wsproxy help
* chore: show help if no fields specified in wsproxy edit
* chore: Add run command example to wsproxy create
* chore: remove localhost warning
* chore: navbar match page title
* chore: Add helper text to latency picker
* chore: add confirm delete to workspace proxy delete cli
* chore: add errors + warnings to workspace proxy table
2023-07-07 10:06:11 -04:00
814534d6b7
fix(enterprise/audit): improve error message for missing action ( #8335 )
2023-07-06 15:43:32 +03:00
7fcf319e01
fix(cli)!: protect client Logger and refactor cli scaletest tests ( #8317 )
...
- (breaking) Protects Logger and LogBodies fields of codersdk.Client with its mutex. This addresses a data race in cli/scaletest.
- Fillets the existing cli/createworkspaces unit test and moves the testing logic there into the tests under scaletest/createworkspaces.
- Adds testutil.RaceEnabled bool const and conditionaly skips previously-skipped tests under scaletest/ if the race detector is enabled. This is unfortunate and sad, but I would prefer to have these tests at least running without the race detector than not running at all.
- Adds IgnoreErrors option to fake in-memory agent loggers; having the agents fail the test immediately when they encounter any sort of error isn't really helpful.
2023-07-06 09:43:39 +01:00
4a008a8f34
chore: prevent nil dereferences on cmd handlers ( #8319 )
...
* chore: detect nil cmd handlers
Prevent nil panic dereferences on cmd handlers. Add a unit test
to prevent future mistakes
2023-07-05 17:20:12 +00:00
4a9c8f407a
feat: add auto-locking/deleting workspace based on template config ( #8240 )
2023-07-02 21:29:52 -05:00
6015319e9d
feat: show service banner in SSH/TTY sessions ( #8186 )
...
* Allow workspace agents to get appearance
* Poll for service banner every two minutes
* Show service banner before MOTD if not quiet
2023-06-30 10:41:29 -08:00
f0bd258ff1
feat: move proxy settings page to deployment options ( #8246 )
...
* feat: Move workspace proxy page to deployment options
Workspace proxy settings page is now an admin feature
* WorkspaceProxy response extends region
2023-06-30 11:32:35 -04:00
b5f26d9bdf
feat: add ability for users to convert their password login type to oauth/github login ( #8105 )
...
* Currently toggled by experiment flag
---------
Co-authored-by: Bruno Quaresma <bruno@coder.com>
2023-06-30 08:38:48 -04:00
83fee4b192
feat: enable Terraform debug mode via deployment configuration ( #8260 )
2023-06-29 15:22:21 +02:00
749307ef08
feat: provide endpoint to lock/unlock workspace ( #8239 )
2023-06-28 16:12:49 -05:00
c0a01ec81c
fix: fix TestPGCoordinatorDual_Mainline flake ( #8228 )
...
* fix TestPGCoordinatorDual_Mainline flake
Signed-off-by: Spike Curtis <spike@coder.com>
* use slices.Contains instead of local function
Signed-off-by: Spike Curtis <spike@coder.com>
---------
Signed-off-by: Spike Curtis <spike@coder.com>
2023-06-28 11:37:45 +04:00
7943a5b85e
fix PG coordinator context and RBAC subject ( #8223 )
...
Signed-off-by: Spike Curtis <spike@coder.com>
2023-06-27 10:14:31 +00:00
140683813d
chore: reword wsproxy help ( #8168 )
2023-06-26 12:32:47 -05:00
31076ad665
fix(enterprise/coderd): prevent deadlock during entitlements update ( #8215 )
2023-06-26 20:22:28 +03:00
5d48122f12
fix: fix PG Coordinator to update when heartbeats (re)start ( #8178 )
...
* fix: fix PG Coordinator to update when heartbeats (re)start
Signed-off-by: Spike Curtis <spike@coder.com>
* rename resetExpiryTimer(WithLock)
Signed-off-by: Spike Curtis <spike@coder.com>
---------
Signed-off-by: Spike Curtis <spike@coder.com>
2023-06-23 10:38:58 +00:00
ba9d038d42
feat: add periodic cleanup of PG Coordinator state ( #8142 )
...
* PG Coordinator cleans orphaned state
Signed-off-by: Spike Curtis <spike@coder.com>
* Don't need pubsub
Signed-off-by: Spike Curtis <spike@coder.com>
---------
Signed-off-by: Spike Curtis <spike@coder.com>
2023-06-23 13:23:28 +04:00
e856491476
feat: enable PG Coordinator as experiment ( #8144 )
...
Signed-off-by: Spike Curtis <spike@coder.com>
2023-06-22 13:12:29 +04:00
1b0124ecdb
feat: automatically stop workspaces based on failure_ttl ( #7989 )
2023-06-22 00:33:22 -04:00
a28d422c35
feat: add flag to disable all direct connections ( #7936 )
2023-06-21 22:02:05 +00:00
24b95e16c4
feat: add --disable-direct flag to CLI ( #8131 )
2023-06-21 20:22:43 +00:00
cc17d2feea
refactor: add postgres tailnet coordinator ( #8044 )
...
* postgres tailnet coordinator
Signed-off-by: Spike Curtis <spike@coder.com>
* Fix db migration; tests
Signed-off-by: Spike Curtis <spike@coder.com>
* Add fixture, regenerate
Signed-off-by: Spike Curtis <spike@coder.com>
* Fix fixtures
Signed-off-by: Spike Curtis <spike@coder.com>
* review comments, run clean gen
Signed-off-by: Spike Curtis <spike@coder.com>
* Rename waitForConn -> cleanupConn
Signed-off-by: Spike Curtis <spike@coder.com>
* code review updates
Signed-off-by: Spike Curtis <spike@coder.com>
* db migration order
Signed-off-by: Spike Curtis <spike@coder.com>
* fix log field name last_heartbeat
Signed-off-by: Spike Curtis <spike@coder.com>
* fix heartbeat_from log field
Signed-off-by: Spike Curtis <spike@coder.com>
* fix slog fields for linting
Signed-off-by: Spike Curtis <spike@coder.com>
---------
Signed-off-by: Spike Curtis <spike@coder.com>
2023-06-21 16:20:58 +04:00
4fb4c9b270
chore: add more rules to ensure logs consistency ( #8104 )
2023-06-21 12:00:38 +02:00
b1d1b63113
chore: ensure logs consistency across Coder ( #8083 )
2023-06-20 12:30:45 +02:00
c3aef9363b
feat: add locked TTL field to template meta ( #8020 )
2023-06-19 22:37:55 -04:00
f444100aa6
feat: add region querying to pre-fetched html ( #8077 )
2023-06-19 11:23:26 -05:00
9df9ad4503
feat: embed common client requests into the template html ( #8076 )
...
This should reduce the number of API requests a client makes
when loading the dashboard dramatically!
2023-06-18 13:57:27 -05:00
6e598234b6
fix: only collect prometheus database metrics when explicitly enabled ( #8045 )
...
* fix: only collect prometheus database metrics when explicitly enabled
* add missing test
* de-duplicate wrapping
2023-06-15 12:34:16 +01:00
e4b6f5695b
chore: separate pubsub into a new package ( #8017 )
...
* chore: rename store to dbmock for consistency
* chore: remove redundant dbtype package
This wasn't necessary and forked how we do DB types.
* chore: separate pubsub into a new package
This didn't need to be in database and was bloating it.
2023-06-14 15:34:54 +00:00
c12c9f1f4e
chore(go.mod): update cdr.dev/slog ( #7994 )
...
* chore(mod): update cdr.dev/slog
* fix: change uses of []slog.Field to []any to match new API
2023-06-13 18:17:04 +00:00
51226c55ab
test(coderd): close metricscache and avoid background context ( #7996 )
2023-06-13 20:18:31 +03:00
2e7e99b135
fix: scope errors to subtests for flake ( #8004 )
...
See: https://github.com/coder/coder/actions/runs/5257676837/jobs/9500882394
2023-06-13 11:52:17 -05:00
f13632cea8
feat: add impending deletion filter to workspaces page ( #7860 )
...
* add workspace deletion dialog
* add deleting_by query param
* added test
* filtering on workspaces to be deleted
* cleaned up form
* added story
* added banner filter
* PR feedback
* fix lint and stories
* PR feedback
* added enterprise test
* added unit tests in search_test.go
* remove unused fn
* unstaged changes
2023-06-12 11:55:51 -07:00
a540e629e5
ci: improve caching ( #7954 )
2023-06-12 12:09:54 -05:00
065206345e
test: add golden files to enterprise cli ( #7924 )
...
* test: Add golden files to enterprise cli
2023-06-09 11:35:20 -05:00
30a635aa5f
fix(enterprise): ensure scim usernames are validated ( #7925 )
2023-06-08 17:59:49 -05:00
a4cc883be1
chore: add proxy health interval flag/env config ( #7919 )
...
* chore: plumbing for proxy health interval from flag/env
2023-06-08 12:58:24 -05:00
fa8153a0fd
chore: make default workspace proxy editable ( #7903 )
...
* chore: add editing the default workspace proxy
2023-06-08 10:30:15 -05:00
5e647ba07a
chore: improve workspace proxy create cli flow ( #7907 )
...
* chore: improve workspace proxy create cli flow
2023-06-08 10:02:35 -05:00
4f29f9abe3
fixup! fix(cli): speed up CLI over SSH ( #7885 ) ( #7888 )
2023-06-07 09:13:22 +00:00
5eaf809851
fix(cli): speed up CLI over SSH ( #7885 )
...
By caching the terminal's color profile, we avoid myriad round trips during command execution.
2023-06-07 05:22:58 +00:00
72f59950f2
chore: add prometheus timing to latency endpoint ( #7742 )
...
* chore: Prometheus timing to latency endpoint
2023-06-06 10:26:13 -05:00
784696dfa5
feat: add prometheus metrics to database.Store ( #7713 )
...
* Adds dbmetrics package and wraps database.Store with a Prometheus HistogramVec of timings.
* Adds Wrappers method to database.Store to avoid double-wrapping interfaces
* Fixes test flake in TestLicensesListFake
2023-05-31 14:55:57 +01:00
61dc875454
feat(cli): show license_expires as rfc3339 date instead of unix time ( #7687 )
...
* feat(licenses): show license_expires time as rfc3339 date
* fix review comments
2023-05-26 14:36:26 +00:00
05da1e94a2
Fix pubsub goroutines in tests ( #7677 )
...
Signed-off-by: Spike Curtis <spike@coder.com>
2023-05-25 14:46:32 +04:00
5d711fc95a
chore: CORs option for yarn dev server ( #7630 )
...
* chore: Yarn dev servers require CORs headers for external proxies
Adds a flag to set CORs headers to `*` for yarn dev servers
2023-05-22 20:02:39 +02:00
dd5b0b2721
fix(scim): ensure scim users aren't created with their own org ( #7595 )
2023-05-18 20:54:45 -04:00
ec5ef51b49
feat: add session token injection to provisioner ( #7461 )
2023-05-17 23:29:22 -05:00
6e7175b589
chore: fix lengthy tests in psql ( #7545 )
...
* chore: fix lengthy tests in psql
This was adding at a minimum 3mins to our psql tests!
* fix: automatically cancel tests on cleanup
2023-05-17 11:26:53 -05:00
70d2203b9e
chore: reduce the log output of skipped tests ( #7520 )
...
With the introduction of the workspace proxy tests there was a lot
of output if a test was eventually skipped.
2023-05-14 19:37:00 -05:00
f05f12231d
feat: update slog to use logfmt ( #7477 )
2023-05-14 20:23:13 +00:00
8f768f8276
feat: Workspace Proxy picker show latency to each proxy ( #7486 )
...
* chore: Add cors to workspace proxies to allow for latency checks
* Add latency check to wsproxy
Use performance API timings.
- Fix cors and timing headers
- Accept custom headers
2023-05-11 15:42:30 -05:00
b7f4f3a771
chore: Implement workspace proxy going away (graceful shutdown) ( #7459 )
...
* chore: Implement workspace proxy going away
When a workspace proxy shuts down, the health status of that
proxy should immediately be updated. This is purely a courtesy
and technically not required
2023-05-10 19:23:16 -05:00
3f9af6f5e7
chore: Allow cors requests to workspace proxies for latency checks ( #7484 )
...
* CSP addition for web requests
* chore: Add cors to workspace proxies to allow for latency checks
2023-05-10 17:19:55 +00:00
b5ad628460
chore: Allow editing proxy fields via api. ( #7435 )
...
* chore: Add ability to update workspace proxy fields
2023-05-09 13:46:50 -05:00
1aac8200fa
chore: Fix column name in proxy ls command ( #7450 )
2023-05-08 12:23:12 -05:00
52d2bc930b
chore: Make better error message if missing license ( #7440 )
...
* chore: Make better error message if missing license
* Change word to proxies
2023-05-05 14:22:56 -05:00
07608fc3fb
chore: fix proxy 404 page ( #7421 )
...
* chore: fix proxy 404 page
---------
Co-authored-by: Kyle Carberry <kyle@coder.com>
2023-05-05 13:53:19 -05:00
2624ee8f12
chore: Remove extra opt and fix 'proxy' alias ( #7413 )
...
* chore: Remove extra opt and fix 'proxy' alias
* proxy -> wsproxy
2023-05-05 13:09:04 -05:00
5ffa6dae50
feat: add inactivity cleanup and failure cleanup configuration fields to Template Schedule Form ( #7402 )
...
* added workspace actions entitlement
* added workspace actions experiment
* added new route for template enterprise meta
* removing new route; repurposing old
* add new fields to get endpoints
* removed workspace actions experiment
* added logic to enterprise template store
* added new form fields
* feature flagged new fields
* fix validation
* fixed submit btn
* fix tests
* changed ttl defaults
* added FE tests
* added BE tests
* fixed lint
* adjusted comment language
* fixing unstaged changes check
* fix test
* Update coderd/database/migrations/000122_add_template_cleanup_ttls.down.sql
Co-authored-by: Dean Sheather <dean@deansheather.com>
* Update coderd/database/migrations/000122_add_template_cleanup_ttls.up.sql
Co-authored-by: Dean Sheather <dean@deansheather.com>
---------
Co-authored-by: Dean Sheather <dean@deansheather.com>
2023-05-05 08:19:26 -07:00
9908c84b2a
test: Return early and avoid using nil handler ( #7411 )
...
* test: Return early and avoid using nil handler
2023-05-04 11:14:53 -05:00
8bd9f9c351
feat: unified tracing between coderd<->provisionerd ( #7370 )
2023-05-03 23:02:35 +00:00
2e9310b203
chore: add workspace actions entitlement and experiment ( #7361 )
...
* added workspace actions entitlement
* added workspace actions experiment
2023-05-03 11:34:43 -07:00
434c4be9f1
chore: Add listing proxies to cli 'coder proxy ls' ( #7376 )
...
* feat: Add listing proxies to cli 'coder proxy ls'
* Add unit test
* Ignore errors
* Make gen and update golden files
* Update golden files
2023-05-03 10:12:56 -05:00
75ad72de56
fix(server): prevent otel tracer provider from immediately being closed ( #7369 )
2023-05-02 12:06:58 -05:00
bd630113b2
fix: coordinator node update race ( #7345 )
...
* fix: coordinator node update race
Signed-off-by: Spike Curtis <spike@coder.com>
* Lint fixes, make core private
Signed-off-by: Spike Curtis <spike@coder.com>
* Don't log broken connections as errors
Signed-off-by: Spike Curtis <spike@coder.com>
---------
Signed-off-by: Spike Curtis <spike@coder.com>
2023-05-02 20:58:21 +04:00
a1db82582f
chore: Dynamic CSP connect-src to support terminals connecting to workspace proxies ( #7352 )
...
* chore: Expose proxy hostnames to csp header
2023-05-02 08:30:44 -05:00
3b15234660
chore: add continuous deployment for workspace proxies ( #7364 )
2023-05-02 08:02:51 +10:00
55824986bc
chore: 404 Requests to workspace proxy direct back to the primary ( #7353 )
...
* chore: 404 Requests to workspace proxy direct back to the primary
* Remove unnecessary sprintf
2023-05-01 13:58:36 -05:00
079d2821f5
chore: Set proxy health checks to 1 minute intervals ( #7351 )
2023-05-01 16:06:29 +00:00
4a9d1c16c7
chore: UI/UX for regions ( #7283 )
...
* chore: Allow regular users to query for all workspaces
* FE to add workspace proxy options to account settings
* WorkspaceProxy context syncs with coderd on region responses
---------
Co-authored-by: Dean Sheather <dean@deansheather.com>
2023-04-28 16:04:52 -05:00
b6666cf1cf
chore: tailnet debug logging ( #7260 )
...
* Enable discovery (disco) debug
Signed-off-by: Spike Curtis <spike@coder.com>
* Better debug on reconnectingPTY
Signed-off-by: Spike Curtis <spike@coder.com>
* Agent logging in appstest
Signed-off-by: Spike Curtis <spike@coder.com>
* More reconnectingPTY logging
Signed-off-by: Spike Curtis <spike@coder.com>
* Add logging to coordinator
Signed-off-by: Spike Curtis <spike@coder.com>
* Update agent/agent.go
Co-authored-by: Mathias Fredriksson <mafredri@gmail.com>
* Update agent/agent.go
Co-authored-by: Mathias Fredriksson <mafredri@gmail.com>
* Update agent/agent.go
Co-authored-by: Mathias Fredriksson <mafredri@gmail.com>
* Update agent/agent.go
Co-authored-by: Mathias Fredriksson <mafredri@gmail.com>
* Clarify logs; remove unrelated changes
Signed-off-by: Spike Curtis <spike@coder.com>
---------
Signed-off-by: Spike Curtis <spike@coder.com>
Co-authored-by: Mathias Fredriksson <mafredri@gmail.com>
2023-04-27 13:59:01 +04:00
87b7537878
feat: add license settings UI ( #7210 )
...
* wip: license page
* WIP
* WIP
* wip
* wip
* wip
* wip
* wip
* wip
* Apply suggestions from code review
Co-authored-by: Ben Potter <ben@coder.com>
* wip: ui improvements
* wip: extract components
* wip: stories
* wip: stories
* fixes from PR reviews
* fix stories
* fix empty license page
* fix copy
* fix
* wip
* add golang test
---------
Co-authored-by: Ben Potter <ben@coder.com>
2023-04-26 17:47:46 -03:00
c3fe2515a7
feat: add license expiration warning ( #7264 )
...
* wip: add expiration warning
* Use GraceAt
* show expiration warning for trial accounts
* fix test
* only show license banner for users with deployment permission
---------
Co-authored-by: Marcin Tojek <marcin@coder.com>
2023-04-26 16:39:39 -03:00
a98341612c
feat: add regions endpoint for proxies feature ( #7277 )
...
* feat: add regions endpoint for proxies feature
2023-04-25 09:37:52 -05:00
3129741e08
chore: Proxy health status checks + endpoint ( #7233 )
...
* chore: Implement workspace proxy health check cron
At a given interval will check the reachability of workspace proxies.
* Proxyhealth is an enterprise feature
* Start proxyhealth go routine on enterprise coder
2023-04-24 10:25:35 -05:00
6f06f8dadb
test: Fix test timeouts due to contexts created too early ( #7242 )
2023-04-21 17:32:25 +03:00
3680e158d9
chore: fix lint in main caused by incompatible merge ( #7239 )
2023-04-21 10:27:56 +00:00
4353ad7940
chore: Remove url and wildcard url from moon create ( #7224 )
...
* chore: Remove url and wildcard url from moon create
2023-04-20 21:09:14 -05:00
68667323f3
chore: support signed token query param for web terminal ( #7197 )
...
* chore: add endpoint to get token for web terminal
* chore: support signed token query param for web terminal
2023-04-20 23:59:45 +00:00
38a6d546ab
fix(enterprise/replicasync): Avoid deadlock during Close^2 ( #7230 )
2023-04-20 22:48:44 +03:00
a5a5c4d400
chore: Add workspace proxy enterprise cli commands ( #7176 )
...
* feat: Add workspace proxy enterprise cli commands
* chore: Handle custom workspace proxy options. Remove excess
* chore: Add endpoint to register workspace proxies
2023-04-20 09:48:47 -05:00
8d27978760
fix(enterprise/replicasync): Avoid deadlock during Close ( #7220 )
2023-04-20 15:37:30 +03:00
f60b5579a7
chore: remove usage of `k8s.io/utils/pointer` ( #7209 )
2023-04-19 15:53:47 -05:00
658246d5f2
chore: add workspace proxies to the backend ( #7032 )
...
Co-authored-by: Dean Sheather <dean@deansheather.com>
2023-04-17 19:57:21 +00:00
38e5b9679b
chore: Rbac errors should be returned, and not hidden behind 404 ( #7122 )
...
* chore: Rbac errors should be returned, and not hidden behind 404
SqlErrNoRows was hiding actual errors
* Replace sql.ErrNoRow checks
* Remove sql err no rows check from dbauthz test
* Fix to use dbauthz system user
2023-04-13 13:06:16 -05:00
f6c89a2615
feat: differentiate new user registration from user login in the audit log ( #7096 )
...
* auditing register events
* fix tests
* update docs
* update comments
* Update coderd/audit/request.go
Co-authored-by: Colin Adler <colin1adler@gmail.com>
---------
Co-authored-by: Colin Adler <colin1adler@gmail.com>
2023-04-12 11:46:16 -07:00
9d39371ee0
feat: Option to remove WorkspaceExec from `owner` role ( #7050 )
...
* chore: Add AllResources option for listing all RBAC objects
* Owners cannot do workspace exec site wide
* Fix FE authchecks to valid RBAC resources
2023-04-11 08:57:23 -05:00
b2892c3d17
test: Increase test coverage on auditable resources ( #7038 )
...
* test: Increase test coverage on auditable resources
When adding a new audit resource, we also need to add it to the
function switch statements. This is a likely mistake, now a unit
test will check this for you
2023-04-06 16:16:53 -05:00
e0f7cf5ec6
chore: fix `postGroupByOrganization` swagger tag ( #7021 )
2023-04-05 20:17:36 +00:00
391738cc25
chore: remove documented groups endpoint that doesn't exist ( #7020 )
2023-04-05 14:26:21 -05:00
b4afbe7720
feat: Implement experiment gated CRUD for workspace proxies ( #6928 )
...
* feat: Implement basic moon crud
* chore: Implement enterprise endpoints for moons
2023-04-04 15:07:29 -05:00
385a4262e2
fix: remove audit-logging flag from the server ( #6991 )
...
Co-authored-by: Colin Adler <colin1adler@gmail.com>
2023-04-04 12:11:10 -05:00
e33941b7c2
feat: allow disabling autostart and custom autostop for template ( #6933 )
...
API only, frontend in upcoming PR.
2023-04-04 12:48:35 +00:00
cd807bc0c8
fix: delete old addresses from the active derp mesh mapping ( #6926 )
2023-03-31 14:25:01 +00:00
a63c97b8de
chore: wrap audit logs in a mutex to fix data race ( #6898 )
...
This was seen in `main`!
2023-03-30 12:13:03 -05:00
42b3d90221
chore: rename "InsertOrUpdate" to Upsert around the codebase ( #6823 )
...
* chore: rename "InsertOrUpdate" to Upsert around the codebase
The shorter name uses up less line width, is easier to read
and is used more often.
* make gen
2023-03-28 00:55:10 +00:00
7fa5afa268
fix: Users that can update a template can also read the file ( #6776 )
...
* fix: Users that can update a template can also read the file
This currently has a strange RBAC story. An issue will be filed
to streamline this.
This is a hotfix to resolve current functionality
* Only showsource code tab if the user has permission to edit the template
---------
Co-authored-by: Bruno Quaresma <bruno_nonato_quaresma@hotmail.com>
2023-03-27 09:21:41 -05:00
2bd6d2908e
feat: convert entire CLI to clibase ( #6491 )
...
I'm sorry.
2023-03-23 17:42:20 -05:00
df31636e72
feat: pass `access_token` to `coder_git_auth` resource ( #6713 )
...
This allows template authors to leverage git auth to perform
custom actions, like clone repositories.
2023-03-22 19:37:08 +00:00
abe1e89f80
chore: increase parallelism of TestWorkspaceQuota ( #6710 )
...
This does a lot of build operations, so having multiple provisioner
daemons is great.
We were actually approaching the ceiling here for test duration!
2023-03-21 22:44:01 +00:00
00860cf1c8
feat: add group mapping option for group sync ( #6705 )
...
* feat: add group mapping option for group sync
* fixup! feat: add group mapping option for group sync
2023-03-21 14:25:45 -05:00
aaa3b31a0b
chore: add echo helper to create an agent with token ( #6576 )
...
This should reduce some LOC and duplication in tests!
2023-03-21 18:03:38 +00:00
2321160c62
feat: Dbauthz is now default, remove out of experimental ( #6650 )
...
* feat: dbauthz always on, out of experimental
* Add ability to do rbac checks in unit tests
* Remove AuthorizeAllEndpoints
* Remove duplicate rbac checks
2023-03-21 09:10:22 -05:00
c3fb1b325f
feat: add `owner_oidc_access_token` to `coder_workspace` data source ( #6042 )
...
See the discussion in Discord here:
https://discord.com/channels/747933592273027093/1071182088490987542/1071182088490987542
Related provider PR: coder/terraform-provider-coder#91
2023-03-17 15:25:08 -05:00
090e37fc46
feat(audit): auditing token addition and removal ( #6649 )
...
* auditing tokens
* adding diffs for token auditing
* added test
* generating docs
* auditing owner field
2023-03-17 10:41:44 -07:00
37c859ec4c
chore: Ensure all audit types in ResourceTable match APGL ( #6563 )
...
* chore: Ensure all audit types in ResourceTable match APGL
* Implement more checks to ensure all tracked fields are present
* Add unit test to ensure all types are represented in audit table
* Trade compile time safety for syntax
2023-03-10 13:59:42 -06:00
144f374f60
refactor(dbauthz): add authz for system-level functions ( #6513 )
...
- Introduces rbac.ResourceSystem
- Grants system.* to system and provisionerd rbac subjects
- Updates dbauthz system queries where applicable
- coderd: Avoid index out of bounds in api.workspaceBuilds
- dbauthz: move GetUsersByIDs out of system, modify RBAC check to ResourceUser
- workspaceapps: Add test case for when owner of app is not found
2023-03-10 18:09:28 +00:00
1db2b12b8e
chore: add a test to ensure audit code works with AGPL ( #6561 )
...
Fixes the regression seen in v0.19.1.
2023-03-10 17:04:40 +00:00
7eb2c2ff6d
Revert "chore: Implement joins with golang templates ( #6429 )" ( #6560 )
...
This reverts commit 8b125d6c5d
2023-03-10 10:39:02 -06:00
8b125d6c5d
chore: Implement joins with golang templates ( #6429 )
...
* feat: Implement view for workspace builds to include rbac info
* Removes the need to fetch the workspace to run an rbac check.
* chore: Use workspace build as RBAC object
* chore: Use golang templates instead of sqlc files
2023-03-10 09:44:38 -06:00
7f25d31745
feat: Allow changing the 'group' oidc claim field ( #6546 )
...
* feat: Allow changing the 'group' oidc claim field
* Enable empty groups support
* fix: Delete was wiping all groups, not just the single user's groups
* Update docs
* fix: Dbfake delete group member fixed
2023-03-09 23:31:38 -06:00
fe10ba1157
fix: add audit information for WorkspaceBuild.MaxDeadilne ( #6504 )
...
* fix: add audit information for WorkspaceBuild.MaxDeadilne
* make gen
2023-03-08 12:41:57 +00:00
3b73321a6c
feat: refactor deployment config ( #6347 )
2023-03-07 15:10:01 -06:00
1bdd2abed7
feat: use JWT ticket to avoid DB queries on apps ( #6148 )
...
Issue a JWT ticket on the first request with a short expiry that
contains details about which workspace/agent/app combo the ticket is
valid for.
2023-03-07 19:38:11 +00:00
f287889cd7
chore: move client pubsub for HA coordinator after register ( #6487 )
...
Similar fix that happened for the agent. See:
https://github.com/coder/coder/actions/runs/4356099388/jobs/7613634277
2023-03-07 16:46:54 +00:00
f19076cf06
chore: fix coordinator flake by moving pubsub below register ( #6482 )
...
After making the in-memory pubsub conform to the expectations of
PostgreSQL, this flake started appearing.
This fixes it because the agent socket is registered when a message
is received.
2023-03-07 09:38:18 -06:00
66a6b590a1
feat: add template max_ttl ( #6114 )
...
Co-authored-by: Bruno Quaresma <bruno@coder.com>
2023-03-07 14:14:58 +00:00
71d1e63af0
feat: add ability to name tokens ( #6365 )
...
* add tokens switch
* reorged TokensPage
* using Trans component for description
* using Trans component on DeleteDialog
* add owner col
* simplify hook return
* lint
* type for response
* added flag for name
* fixed auth
* lint, prettier, tests
* added unique index for login type token
* remove tokens by name
* better check for unique constraint
* docs
* test: Fix dbfake to insert token name
* fix doc tests
* Update cli/tokens.go
Co-authored-by: Steven Masley <Emyrk@users.noreply.github.com>
* Update coderd/database/migrations/000102_add_apikey_name.down.sql
Co-authored-by: Steven Masley <Emyrk@users.noreply.github.com>
* add more specificity to IsUniqueViolation check
* fix tests
* Fix AutorizeAllEndpoints
* rename migration
---------
Co-authored-by: Steven Masley <stevenmasley@coder.com>
Co-authored-by: Steven Masley <Emyrk@users.noreply.github.com>
2023-03-02 09:39:38 -08:00
Steven Masley
Marcin Tojek
Cian Johnston
Spike Curtis
Jon Ayers
Kyle Carberry
Colin Adler
Kayla Washburn
Ammar Bandukwala
Mathias Fredriksson
Dean Sheather
Eric Paulsen
Asher
Muhammad Atif Ali
dependabot[bot]
Kira Pilot
Rodrigo Maia