Steven Masley
39c0539d42
feat: add controls to template for determining startup days ( #10226 )
...
* feat: template controls which days can autostart
* Add unit test to test blocking autostart with DaysOfWeek
2023-10-13 11:57:18 -05:00
Marcin Tojek
2a4ac2a53c
feat: expose user seat limits as Prometheus metrics ( #10169 )
2023-10-13 08:10:16 +00:00
Cian Johnston
59ae69b7f2
chore(enterprise/cli): fix test flake in TestServerDBCrypt ( #10222 )
...
* increase randomness in names generated by server dbcrypt
* more randomness
* close PTYs when we are done with them
2023-10-11 17:38:20 +01:00
Spike Curtis
3c43216e99
fix: remove Parallel() call after timeout context ( #10203 )
...
Fixes test flake seen here: https://github.com/coder/coder/runs/17562370632
It's inherently flaky to create a context with a timeout and then later call `t.Parallel()` since it causes the test to wait until all non-parallel tests have completed before resuming execution. By the time execution has resumed, the context may
have expired. The amount of time before resuming is dependent on machine resources and number of test cases, which are inherently variable.
2023-10-11 11:39:15 +04:00
Spike Curtis
fbabb43cbb
fix: ignore spurious node updates while waiting for errors ( #10175 )
...
fixes #9921
2023-10-11 09:22:20 +04:00
Jon Ayers
ec9b480ac0
fix: use is-dormant instead of dormant_at ( #10191 )
2023-10-10 19:00:09 -05:00
Jon Ayers
91555c3a85
feat: support configurable web terminal rendering ( #10095 )
...
* feat: support configurable web terminal rendering
- Added a deployment option for configuring web terminal rendering.
Valid values are 'webgl', 'canvas', and 'dom'.
2023-10-10 13:18:02 -05:00
Jon Ayers
05a393cd06
feat: only display license warnings to privileged users ( #10096 )
2023-10-10 12:48:51 -05:00
Steven Masley
69d13f1676
chore: add archive column to template versions ( #10178 )
...
* chore: add archive column to template versions
2023-10-10 10:52:42 -05:00
Spike Curtis
b780bff429
chore: drop unused redirectToLoginOnMe parameter ( #10164 )
...
The parameter seems to be vestigial from an earlier use of the middleware, but is always set to `false` in the code.
2023-10-10 16:13:00 +04:00
Kyle Carberry
863c2e7b64
feat: allow storing extra oauth token properties in the database ( #10152 )
2023-10-09 18:49:30 -05:00
Colin Adler
36f3151b71
fix(enterprise/tailnet): properly detect legacy agents ( #10083 )
2023-10-06 16:49:26 +00:00
Spike Curtis
983e8c3ae8
feat: add API support for workspace automatic updates ( #10099 )
...
* Added automatic_updates to workspaces table
Signed-off-by: Spike Curtis <spike@coder.com>
* Queries and API updates
Signed-off-by: Spike Curtis <spike@coder.com>
* Golden files
Signed-off-by: Spike Curtis <spike@coder.com>
* Enable automatic updates on autostart
Signed-off-by: Spike Curtis <spike@coder.com>
* db migration number
Signed-off-by: Spike Curtis <spike@coder.com>
* fix imports and ts mock
Signed-off-by: Spike Curtis <spike@coder.com>
* code review updates
Signed-off-by: Spike Curtis <spike@coder.com>
---------
Signed-off-by: Spike Curtis <spike@coder.com>
2023-10-06 13:27:12 +04:00
Jon Ayers
b32d79ef0b
fix: fix failed workspaces continuously auto-deleting ( #10069 )
...
- Fixes an issue where workspaces that are eligible for auto-deletion
are retried every tick (1 minute) even if the previous deletion
transition failed.
The updated logic only attempts to delete workspaces that previously
failed once a day (24 hours since last attempt).
2023-10-05 14:11:39 -05:00
Jon Ayers
91265678ad
chore: add auditing to workspace dormancy ( #10070 )
...
- Adds an audit log for workspaces automatically transitioned to the dormant
state.
- Imposes a mininum of 1 minute on cleanup-related fields. This is to
prevent accidental API misuse from resulting in catastrophe.
2023-10-05 13:41:07 -05:00
Steven Masley
5021e23105
chore: compute job status as column ( #10024 )
...
* chore: provisioner job status as column
* use provisioner job status for workspace searching
2023-10-04 20:57:46 -05:00
Kayla Washburn
c194119689
chore: rename `AwaitTemplateVersionJobCompleted` and `AwaitWorkspaceBuildJobCompleted` ( #10003 )
2023-10-03 11:02:56 -06:00
Kyle Carberry
f16eb1331f
chore: update multiple git providers docs ( #10017 )
...
* chore: update multiple git providers docs
* Improve var name
* Fix fmt
2023-10-03 15:27:02 +00:00
Cian Johnston
e55c25e037
chore: enable exhaustruct linter for database param structs ( #9995 )
2023-10-03 09:23:45 +01:00
Kyle Carberry
8abca9bea7
chore: rename `git_auth` to `external_auth` in our schema ( #9935 )
...
* chore: rename `git_auth` to `external_auth` in our schema
We're changing Git auth to be external auth. It will support
any OAuth2 or OIDC provider.
To split up the larger change I want to contribute the schema
changes first, and I'll add the feature itself in another PR.
* Fix names
* Fix outdated view
* Rename some additional places
* Fix sort order
* Fix template versions auth route
* Fix types
* Fix dbauthz
2023-09-29 19:13:20 +00:00
Colin Adler
4da1223a80
fix: pass `OnSubscribe` to HA MultiAgent ( #9947 )
...
Fixes https://github.com/coder/coder/issues/9929
2023-09-29 13:37:17 -05:00
Steven Masley
2d1b35390e
chore: relax wsproxy version checking ( #9796 )
2023-09-27 19:34:55 +00:00
Marcin Tojek
cb5f8df4c2
feat: expose application name via Appearance API ( #9886 )
2023-09-27 17:02:18 +02:00
Cian Johnston
93ef696b57
refactor(agent): add agenttest.New helper function ( #9812 )
...
* Adds agenttest.New() helper function
* Makes sure agent gets closed on test cleanup
* Makes sure you don't forget to set session token
* Sets the agent and client logger automatically
2023-09-26 12:05:19 +01:00
Cian Johnston
8d8402da00
fix(coderd/database): avoid clobbering workspace build state ( #9826 )
...
Fixes #9823 .
- Decomposes UpdateWorkspaceBuildByID into UpdateWorkspaceBuildProvisionerStateByID and UpdateWorkspaceBuildDeadlineByID.
- Replaces existing invocations of UpdateWorkspaceBuildByID with the newer queries where applicable.
- Modifies GetActiveWorkspaceBuildsByTemplateID to not return incomplete workspace builds.
2023-09-22 16:22:07 +01:00
Spike Curtis
e9077f3bd2
fix: use AlwaysEnable for licenses with all features ( #9808 )
...
* fix: use AlwaysEnable for licenses with all features
Signed-off-by: Spike Curtis <spike@coder.com>
* use dbtime.Now() intead of time.Now()
Signed-off-by: Spike Curtis <spike@coder.com>
---------
Signed-off-by: Spike Curtis <spike@coder.com>
2023-09-22 05:02:28 +00:00
Colin Adler
c900b5f8df
feat: add single tailnet support to pgcoord ( #9351 )
2023-09-21 14:30:48 -05:00
Steven Masley
f89b68056d
chore: add debug information to wsproxy errors ( #9683 )
...
* chore: add debug information to wsproxy errors
* Use codersdk.ReadBodyAsError
2023-09-20 10:05:14 -05:00
Spike Curtis
375c70d141
feat: integrate Acquirer for provisioner jobs ( #9717 )
...
* chore: add Acquirer to provisionerdserver pkg
Signed-off-by: Spike Curtis <spike@coder.com>
* code review improvements & fixes
Signed-off-by: Spike Curtis <spike@coder.com>
* feat: integrate Acquirer for provisioner jobs
Signed-off-by: Spike Curtis <spike@coder.com>
* Fix imports, whitespace
Signed-off-by: Spike Curtis <spike@coder.com>
* provisionerdserver always closes; remove poll interval from playwright
Signed-off-by: Spike Curtis <spike@coder.com>
* post jobs outside transactions
Signed-off-by: Spike Curtis <spike@coder.com>
* graceful shutdown in test
Signed-off-by: Spike Curtis <spike@coder.com>
* Mark AcquireJob deprecated
Signed-off-by: Spike Curtis <spike@coder.com>
* Graceful shutdown on all provisionerd tests
Signed-off-by: Spike Curtis <spike@coder.com>
* Deprecate, not remove CLI flags
Signed-off-by: Spike Curtis <spike@coder.com>
---------
Signed-off-by: Spike Curtis <spike@coder.com>
2023-09-19 10:25:57 +04:00
Cian Johnston
1df7589105
feat(coderd/database/dbtestutil): add ability to dump database on failure ( #9704 )
...
Adds dbtestutil.DumpOnFailure() to allow dumping the entire test database contents upon test failure.
This does nothing for dbfake currently.
2023-09-18 11:50:15 +01:00
Cian Johnston
9bcff30dee
fix(coderd/database): migrate workspaces.last_used_at to timestamptz ( #9699 )
2023-09-18 11:07:54 +01:00
Kayla Washburn
efe804498b
feat: add quiet hours settings page ( #9676 )
2023-09-15 11:14:33 -06:00
Cian Johnston
72dff7f188
fix(enterprise/dbcrypt): do not skip deleted users when encrypting or deleting ( #9694 )
...
- Broadens scope of data generation in TestServerDBCrypt over all user login types, statuses, and deletion status.
- Adds support for specifying user status / user deletion status in dbgen
- Adds more comprehensive logging in TestServerDBCrypt upon test failure (to be generalized and expanded upon in a follow-up)
- Adds AllUserIDs query, updates dbcrypt to use this instead of GetUsers.
2023-09-15 15:09:40 +01:00
Cian Johnston
65db7a71b7
feat(coderd/database/dbtestutil): set default database timezone to non-UTC in unit tests ( #9672 )
...
- Adds dbtestutil.WithTimezone(tz) to allow setting the timezone for a test database.
- Modifies our test database setup code to pick a consistently weird timezone for the database.
- Adds the facility randtz.Name() to pick a random timezone which is consistent across subtests (via sync.Once).
- Adds a linter rule to warn against setting the test database timezone to UTC.
2023-09-15 09:01:32 +01:00
Ammar Bandukwala
b63dfe7b75
perf(cli): optimize CPU consumption of help pages ( #9607 )
...
This change reduces the CPU consumption of --help by ~50%.
Also, this change removes ANSI escape codes from our golden files. I
don't think those were worth the inability to parallelize golden file tests and
global state fragility.
2023-09-14 19:48:29 -05:00
Colin Adler
38560dd922
chore: remove coder trace telemetry ( #9677 )
2023-09-14 02:20:28 -04:00
Spike Curtis
4ebf490d97
feat: add Acquirer to provisionerdserver pkg ( #9658 )
...
* chore: add Acquirer to provisionerdserver pkg
Signed-off-by: Spike Curtis <spike@coder.com>
* code review improvements & fixes
Signed-off-by: Spike Curtis <spike@coder.com>
---------
Signed-off-by: Spike Curtis <spike@coder.com>
2023-09-13 16:36:43 +04:00
Ammar Bandukwala
f703a5b34e
chore(cli): lighten flags on help page ( #9606 )
2023-09-08 13:43:56 -05:00
Ammar Bandukwala
e361f1107b
feat(cli): colorize help page ( #9589 )
2023-09-08 18:21:33 +00:00
Spike Curtis
8d7eb1728c
fix: stop inserting provisioner daemons into the database ( #9108 )
...
Signed-off-by: Spike Curtis <spike@coder.com>
2023-09-08 10:37:36 +00:00
Spike Curtis
11b6068112
feat: add support for networked provisioners ( #9593 )
...
* Refactor provisionerd to use interface to connect to provisioners
Signed-off-by: Spike Curtis <spike@coder.com>
* feat: add support for networked provisioners
Signed-off-by: Spike Curtis <spike@coder.com>
* fix token length and linting
Signed-off-by: Spike Curtis <spike@coder.com>
---------
Signed-off-by: Spike Curtis <spike@coder.com>
2023-09-08 09:53:48 +00:00
Ammar Bandukwala
dd97fe2bce
chore(cli): replace lipgloss with coder/pretty ( #9564 )
...
This change will improve over CLI performance and "snappiness" as well as
substantially reduce our test times. Preliminary benchmarks show
`coder server --help` times cut from 300ms to 120ms on my dogfood
instance.
The inefficiency of lipgloss disproportionately impacts our system, as all help
text for every command is generated whenever any command is invoked.
The `pretty` API could clean up a lot of the code (e.g., by replacing
complex string concatenations with Printf), but this commit is too
expansive as is so that work will be done in a follow up.
2023-09-07 16:28:22 -05:00
Cian Johnston
7d7c84bb4d
feat(coderd): connect dbcrypt package implementation ( #9523 )
...
See also: https://github.com/coder/coder/pull/9522
- Adds commands `server dbcrypt {rotate,decrypt,delete}` to re-encrypt, decrypt, or delete encrypted data, respectively.
- Plumbs through dbcrypt in enterprise/coderd (including unit tests).
- Adds documentation in admin/encryption.md.
This enables dbcrypt by default, but the feature is soft-enforced on supplying external token encryption keys. Without specifying any keys, encryption/decryption is a no-op.
2023-09-07 15:49:49 +01:00
Cian Johnston
7918e65510
feat(coderd): add dbcrypt package ( #9522 )
...
- Adds package enterprise/dbcrypt to implement database encryption/decryption
- Adds table dbcrypt_keys and associated queries
- Adds columns oauth_access_token_key_id and oauth_refresh_token_key_id
to tables git_auth_links and user_links
Co-authored-by: Kyle Carberry <kyle@coder.com>
2023-09-06 12:06:26 +01:00
Steven Masley
630d125286
chore: fix typo in OpenID on cli help ( #9535 )
2023-09-05 18:37:21 +00:00
Steven Masley
58f7071569
fix: make 'NoRefresh' honor unlimited tokens in gitauth ( #9472 )
...
* chore: fix NoRefresh to honor unlimited tokens
* improve testing coverage of gitauth
* refactor rest of gitauth tests
2023-09-05 09:08:04 -05:00
Mathias Fredriksson
39e3b049a5
refactor(coderd/healthcheck): move derp report to derphealth package ( #9506 )
...
This change helps remove one indirect use of coderd/database in the slim
CLI.
No size change (yet).
Ref: #9380
2023-09-04 21:41:50 +03:00
Mathias Fredriksson
d2115941b7
refactor(cli)!: remove reset-password from slim binary ( #9520 )
...
This is an alternative approach to #9519 and removes 2 MB instead of 1
MB (1.2 MB accounted for by embedded migration SQL files).
Combined with #9481 , #9506 , #9508 , #9517 , a total of 5 MB is removed.
Ref: #9380
2023-09-04 19:38:53 +03:00
Mathias Fredriksson
ad23d33f28
refactor(coderd/schedule): move cron schedule to cron package ( #9507 )
...
This removes an indirect import of `coderd/database` from the CLI and
results in a logical separation between server related and generalized
schedule.
No size change (yet).
Ref: #9380
2023-09-04 16:48:25 +03:00
Kyle Carberry
05439d2c1b
fix: generate username with uuid to prevent collision ( #9496 )
...
See https://github.com/coder/coder/actions/runs/6052801777/job/16426982174
2023-09-03 18:02:28 +00:00
Mathias Fredriksson
27ab0d9a84
refactor(enterprise/cli): remove provisionerd from slim binary ( #9488 )
...
This change saves 8 MB in the slim binary.
Ref: #9380
2023-09-01 18:26:44 +00:00
Mathias Fredriksson
19d7da3d24
refactor(coderd/database): split `Time` and `Now` into `dbtime` package ( #9482 )
...
Ref: #9380
2023-09-01 16:50:12 +00:00
Mathias Fredriksson
f1f9cb030d
refactor(cli): avoid importing coderd in slim server ( #9483 )
...
This small change removes 11 MB from the slim binary size.
Ref: #9380
2023-09-01 13:32:21 +00:00
Cian Johnston
bc9fdd15f2
fix(enterprise/cli): correctly set default tags for PSK auth ( #9436 )
...
* provisionerd: unconditionally set tag scope to org for psk auth
* provisionerd: add unit tests for MutateTags
* cli: add some informational logging around provisionerd tags
* cli: respect CODER_VERBOSE when initializing logger
2023-09-01 10:37:09 +01:00
Colin Adler
796a9754a9
feat(enterprise/audit): add user object to slog exporter ( #9456 )
2023-08-31 13:32:28 -05:00
Marcin Tojek
11d4b6f758
chore: move dormancy to enterprise package ( #9468 )
2023-08-31 17:59:53 +02:00
Steven Masley
e827278db7
feat: failed update refresh should redirect to login ( #9442 )
...
* chore: update refresh oauth token message
* chore: unauthorized -> forbidden for non authentication failures
* redirect to login on all 401 responses
* add unit test to verify 401 on expired refresh
2023-08-30 16:14:24 -05:00
Dean Sheather
1de61246a3
feat: add experimental template autostop requirement template settings UI ( #9417 )
2023-08-30 20:41:27 +00:00
Spike Curtis
90acf998bf
fix: fix null pointer on external provisioner daemons with daily_cost ( #9401 )
...
* fix: fix null pointer on external provisioner daemons with daily_cost
Signed-off-by: Spike Curtis <spike@coder.com>
* Add logging for debounce and job acquire
Signed-off-by: Spike Curtis <spike@coder.com>
* Return error instead of panic
Signed-off-by: Spike Curtis <spike@coder.com>
* remove debounce on external provisioners to fix test flakes
Signed-off-by: Spike Curtis <spike@coder.com>
---------
Signed-off-by: Spike Curtis <spike@coder.com>
2023-08-30 10:48:35 +00:00
Spike Curtis
a415395e9e
fix: stop dropping error log on context canceled after heartbeat ( #9427 )
...
Signed-off-by: Spike Curtis <spike@coder.com>
2023-08-30 14:44:00 +04:00
Colin Adler
8443d3e0f8
fix(enterprise): ensure audit log json fields are formatted correctly ( #9397 )
2023-08-29 13:36:54 -05:00
Dean Sheather
a572800d47
chore: rename template restart requirement to autostop requirement ( #9295 )
2023-08-29 18:35:05 +00:00
Mathias Fredriksson
be47cc58ff
fix(enterprise/coderd): use `websocketNetConn` in `workspaceProxyCoordinate` to bind context ( #9395 )
2023-08-28 23:12:45 +03:00
Steven Masley
d9d4d74f99
test: add full OIDC fake IDP ( #9317 )
...
* test: implement fake OIDC provider with full functionality
* Refactor existing tests
2023-08-25 14:34:07 -05:00
Spike Curtis
60d5002eb6
refactor: change template archive extraction to be on provisioner ( #9264 )
...
* refactor provisionersdk protocol
Signed-off-by: Spike Curtis <spike@coder.com>
* refactor provisioners to use new protocol
Signed-off-by: Spike Curtis <spike@coder.com>
* refactor provisionerd to use new protocol
Signed-off-by: Spike Curtis <spike@coder.com>
* refactor tests & proto renames
* Fixes from self-review
Signed-off-by: Spike Curtis <spike@coder.com>
* appease fmt & link
Signed-off-by: Spike Curtis <spike@coder.com>
* code review fixes & e2e fixes
Signed-off-by: Spike Curtis <spike@coder.com>
* More fmt
Signed-off-by: Spike Curtis <spike@coder.com>
* Code review fixes
Signed-off-by: Spike Curtis <spike@coder.com>
* new gen; use uuid for session workdir
Signed-off-by: Spike Curtis <spike@coder.com>
* Revert nix-based gen CI task until dogfood is on nix
Signed-off-by: Spike Curtis <spike@coder.com>
* revert deleting dogfood Docker stuff
Signed-off-by: Spike Curtis <spike@coder.com>
* Revert "revert deleting dogfood Docker stuff"
This reverts commit 9762158167
.
---------
Signed-off-by: Spike Curtis <spike@coder.com>
2023-08-25 06:10:15 +00:00
Jon Ayers
7f14b50dbe
chore: rename locked to dormant ( #9290 )
...
* chore: rename locked to dormant
- The following columns have been updated:
- workspace.locked_at -> dormant_at
- template.inactivity_ttl -> time_til_dormant
- template.locked_ttl -> time_til_dormant_autodelete
This change has also been reflected in the SDK.
A route has also been updated from /workspaces/<id>/lock to /workspaces/<id>/dormant
2023-08-24 13:25:54 -05:00
Dean Sheather
64df076328
feat: add server flag to force DERP to use always websockets ( #9238 )
2023-08-24 17:22:31 +00:00
Dean Sheather
f35423c041
fix: update conn derpmap every 5s in single tailnet ( #9176 )
2023-08-23 11:20:31 +00:00
Jon Ayers
6e41cd1eda
feat: add activity bumping to template scheduling ( #9040 )
2023-08-22 15:15:13 -05:00
Kayla Washburn
697b0283c5
chore: fix low hanging lint issues ( #9253 )
2023-08-22 12:32:37 -06:00
Steven Masley
262d7692b6
feat: add force refresh of license entitlements ( #9155 )
...
* feat: add force refresh of license entitlements
* send "going away" mesasge on licenses pubsub on close
* Add manual refresh to licenses page
2023-08-22 09:26:43 -05:00
Ammar Bandukwala
545a256b57
fix: correctly reject quota-violating builds ( #9233 )
...
Due to a logical error in CommitQuota, all workspace Stop->Start operations
were being accepted, regardless of the Quota limit. This issue only
appeared after #9201 , so this was a minor regression in main for about
3 days. This PR adds a test to make sure this kind of bug doesn't recur.
To make the new test possible, we give the echo provisioner the ability
to simulate responses to specific transitions.
2023-08-22 02:55:39 +00:00
Kyle Carberry
22e781eced
chore: add /v2 to import module path ( #9072 )
...
* chore: add /v2 to import module path
go mod requires semantic versioning with versions greater than 1.x
This was a mechanical update by running:
```
go install github.com/marwan-at-work/mod/cmd/mod@latest
mod upgrade
```
Migrate generated files to import /v2
* Fix gen
2023-08-18 18:55:43 +00:00
Spike Curtis
2f46f2315c
fix: fix race in PGCoord at startup ( #9144 )
...
Signed-off-by: Spike Curtis <spike@coder.com>
2023-08-18 09:53:03 +04:00
Jon Ayers
2f6687a475
feat: expose Everyone group through UI ( #9117 )
...
- Allows setting quota allowances on the 'Everyone' group.
2023-08-17 13:25:16 -05:00
Steven Masley
8910f05172
fix: /workspaces should work even if missing template perms ( #9152 )
...
If a user is missing template perms to a workspace, just block reading
that workspace. This is to keep the api consistent, it is not a rbac
enforcement.
This should ublock users reporting this bug that /workspaces returns
nothing when 1 workspace cannot be fully read. We might want to be
able to return missing or unknown fields in our api to account
for this.
2023-08-17 13:22:03 -05:00
Spike Curtis
c7a6d626b4
fix: make PGCoordinator close connections when unhealthy ( #9125 )
...
Signed-off-by: Spike Curtis <spike@coder.com>
2023-08-17 09:36:47 +04:00
Mathias Fredriksson
6fd9975aed
feat(coderd): add `coder_app` usage stats ( #9001 )
...
Updates #8658
2023-08-16 15:22:00 +03:00
Eric Paulsen
e4c24e05f8
fix: rename group GET request ( #9097 )
...
* fix: group GET req naming
* make: gen
2023-08-15 14:47:08 -04:00
Colin Adler
9d9b330b16
chore: add request body to patch groups openapi spec ( #9101 )
2023-08-15 15:29:15 +00:00
Spike Curtis
41433cd1ec
feat: add terminationGracePeriodSeconds to provisioner chart ( #9048 )
...
* feat: add terminationGracePeriodSeconds to provisioner chart
Signed-off-by: Spike Curtis <spike@coder.com>
* Remove hardcoded 1 minute graceful timeout
Signed-off-by: Spike Curtis <spike@coder.com>
---------
Signed-off-by: Spike Curtis <spike@coder.com>
2023-08-15 08:38:58 +00:00
Colin Adler
344d32b2f1
feat(coderd): expire agents from server tailnet ( #9092 )
2023-08-14 20:38:37 -05:00
Steven Masley
25ce30df36
feat: add azure oidc PKI auth instead of client secret ( #9054 )
...
* feat: add azure oidc PKI auth instead of client secret
* add client cert and key as deployment options
* Custom token refresher to handle pki auth
2023-08-14 17:33:13 -05:00
Dean Sheather
47b8bf6585
feat: update workspace deadline when template policy changes ( #8964 )
2023-08-14 21:16:47 +00:00
Asher
37f9d4b783
feat: add --header-command flag ( #9059 )
...
This allows specifying a command to run that can output headers for
cases where users require dynamic headers (like to authenticate to their
VPN).
The primary use case is to add this flag in SSH configs created by the
VS Code plugin, although maybe config-ssh should do the same.
2023-08-14 12:12:17 -08:00
Dean Sheather
d2f22b063a
fix: move STUN servers into their own regions ( #9030 )
2023-08-11 05:04:17 +10:00
Colin Adler
bc862fa493
chore: upgrade tailscale to v1.46.1 ( #8913 )
2023-08-09 19:50:26 +00:00
Dean Sheather
9941f49056
fix: remove stun nodes from workspace proxy regions ( #8990 )
2023-08-09 09:31:25 +00:00
Dean Sheather
f7a35e0559
chore: add workspace proxies to telemetry ( #8963 )
2023-08-08 18:29:35 +00:00
Steven Masley
f4122fa9f5
feat: add auto group create from OIDC ( #8884 )
...
* add flag for auto create groups
* fixup! add flag for auto create groups
* sync missing groups
Also added a regex filter to filter out groups that are not
important
2023-08-08 11:37:49 -05:00
Steven Masley
5339a31532
fix: remove refresh oauth logic on OIDC login ( #8950 )
...
* fix: do not do oauth refresh logic on oidc login
2023-08-08 10:05:12 -05:00
Colin Adler
0c7ff4fb8a
fix(enterprise): ensure SCIM create user can unsuspend ( #8916 )
2023-08-04 22:03:21 +00:00
Cian Johnston
7224ff2af8
fix(enterprise/replicasync): fix data race in Manager.Regional ( #8910 )
2023-08-04 17:33:05 +01:00
Spike Curtis
cb4989cd8d
feat: add PSK for external provisionerd auth ( #8877 )
...
Signed-off-by: Spike Curtis <spike@coder.com>
2023-08-04 12:32:28 +04:00
Steven Masley
4c1e63aae8
feat: add display_name field to groups ( #8740 )
...
* feat: add display_name field to groups
This is a non-unique human friendly group name for display
purposes. This means a display name can be used instead of
using an environment var to remap groups with OIDC names to
Coder names. Now groups can retain the OIDC name for mapping,
and use a display name for display purposes.
2023-08-02 10:53:06 -05:00
Dean Sheather
cd1e088f7c
feat: add --derp-only flag to wsproxy ( #8850 )
2023-08-03 00:35:06 +10:00
Marcin Tojek
d6e9870209
feat: add "dormant" user state ( #8644 )
2023-08-02 16:31:25 +02:00
Dean Sheather
6b69970d7c
fix: avoid infinite loop in agent derp-map ( #8848 )
2023-08-02 13:18:46 +10:00
Dean Sheather
c575292ba6
fix: fix tailnet netcheck issues ( #8802 )
2023-08-02 01:50:43 +10:00
Marcin Tojek
ddabe9cc7f
feat: improve RBAC preconditions for Insights endpoint ( #8794 )
2023-07-31 13:44:32 +00:00
Colin Adler
4cc270b12b
revert(enterprise): make `pgcoord` experimental again ( #8797 )
2023-07-28 18:38:32 -05:00
Colin Adler
0b4f333a6f
chore: add http debug support to pgcoord ( #8795 )
2023-07-28 17:59:31 -05:00
Colin Adler
2811ab62d0
chore: fix workspace proxy flake ( #8755 )
2023-07-26 23:50:25 +00:00
Colin Adler
dd2f79995b
chore(tailnet): rewrite coordinator debug using `html/template` ( #8752 )
2023-07-26 22:54:21 +00:00
Ammar Bandukwala
25e30c6f41
feat(cli): support fine-grained server log filtering ( #8748 )
2023-07-26 16:46:22 -05:00
Colin Adler
6b92abebb9
fix(tailnet): track agent names for http debug ( #8744 )
2023-07-26 18:44:10 +00:00
Dean Sheather
9ffbdc6696
hotfix: fix failed 32-bit builds ( #8741 )
2023-07-26 17:30:47 +00:00
Dean Sheather
2f0a9996e7
chore: add derpserver to wsproxy, add proxies to derpmap ( #7311 )
2023-07-27 02:21:04 +10:00
Steven Masley
2089006fbc
feat!: drop reading other 'user' permission ( #8650 )
...
* feat: drop reading other 'user' permission
Members of the platform can no longer read or list other users.
Resources that have "created_by" or "initiated_by" still retain
user context, but only include username and avatar url.
Attempting to read a user found via those means will result in
a 404.
* Hide /users page for regular users
* make groups a privledged endpoint
* Permissions page for template perms
* Admin for a given template enables an endpoint for listing users/groups.
2023-07-26 10:33:48 -04:00
Colin Adler
f07d2ff68d
fix(enterprise): ensure creating a SCIM user is idempotent ( #8730 )
2023-07-25 17:49:52 -05:00
Steven Masley
de1a7a9210
chore: join user information to workspace_build and template_version ( #8625 )
...
* include minimial user on template version and build
* Add unit test to ensure join is superset
2023-07-25 09:14:38 -04:00
Steven Masley
ac559f101e
fix: handle omitted role sync claim ( #8697 )
...
* fix: handle omitted role sync claim
2023-07-24 15:50:23 -04:00
Steven Masley
f827829afe
feat: synchronize oidc user roles ( #8595 )
...
* feat: oidc user role sync
User roles come from oidc claims. Prevent manual user role changes
if set.
* allow mapping 1:many
2023-07-24 08:34:24 -04:00
Jon Ayers
b47d076756
feat: add deleting_at column to workspaces ( #8333 )
2023-07-20 22:01:11 -05:00
Colin Adler
1cb39fc65d
test: ignore more spurious pgcoord errors ( #8628 )
2023-07-20 19:55:25 +00:00
Dean Sheather
dc8b73168e
feat: add user quiet hours schedule and restart requirement feature flag ( #8115 )
2023-07-20 23:35:41 +10:00
Colin Adler
00b9a3ce58
fix: prevent error log when `pgcoord` query is canceled ( #8609 )
2023-07-19 16:40:57 -05:00
Steven Masley
aceedefce3
chore: add `template_with_user` view to include user contextual data ( #8568 )
...
* chore: Refactor template sql queries to use new view
* TemplateWithUser -> Template
* Add unit test to enforce good view
2023-07-19 16:07:33 -04:00
Colin Adler
f8a2bd0f4d
chore: remove duplicate logger name in wsproxy ServerTailnet ( #8604 )
2023-07-19 18:06:26 +00:00
Colin Adler
517fb19474
feat: add single tailnet support to moons ( #8587 )
2023-07-19 11:11:11 -05:00
Colin Adler
cc8d0af027
fix(enterprise): avoid initial license reconfig if feature isn't enabled ( #8586 )
2023-07-19 10:32:29 -05:00
Marcin Tojek
4232a2eb96
feat: add custom docs URL to deployment config ( #8590 )
2023-07-19 08:31:17 -03:00
Muhammad Atif Ali
ce114a7f9f
chore: upgrade sqlc to 1.19.1 ( #8511 )
2023-07-15 09:07:19 +03:00
Colin Adler
c47b78c44b
chore: replace wsconncache with a single tailnet ( #8176 )
2023-07-12 17:37:31 -05:00
Steven Masley
e9d7a230fa
chore: server header specifies if wsproxy ( #8432 )
2023-07-12 12:07:36 +00:00
Steven Masley
928091aa05
feat!: add table format to 'coder license ls', 'license_expires' --> 'license_expires_human' ( #8421 )
...
* feat: add table format to 'coder license ls'
* feat: license expires_at to table view
* change: `license_expires` to `license_expires_human` and `license_expires` is unix timestamp
2023-07-12 08:06:18 -04:00
dependabot[bot]
2c2dd0eb83
chore: bump crate-ci/typos from v1.14.12 to v1.16.0 and fix typos ( #8455 )
...
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Muhammad Atif Ali <atif@coder.com>
Co-authored-by: Mathias Fredriksson <mafredri@gmail.com>
2023-07-12 12:01:30 +00:00
Spike Curtis
b4057bd74a
feat: make pgCoordinator generally available ( #8419 )
...
* pgCoord to GA, fix tests
Signed-off-by: Spike Curtis <spike@coder.com>
* Fix generation and coordinator delete RBAC
Signed-off-by: Spike Curtis <spike@coder.com>
* Fix fakeQuerier -> FakeQuerier
Signed-off-by: Spike Curtis <spike@coder.com>
---------
Signed-off-by: Spike Curtis <spike@coder.com>
2023-07-12 13:35:29 +04:00
Steven Masley
bc102d6bd7
feat: add cli first class validation ( #8374 )
...
* feat: add cli first class validation
* feat: add required flag to cli options
* Add unit test to catch invalid and missing flag
2023-07-11 09:59:55 -04:00
Cian Johnston
3f6a158016
chore: enable exhaustruct linter ( #8403 )
...
* chore: enable exhaustruct linter
* add exlusion rules
* move to allowlist instead
* exhaustruct httpmw package
* fixup! exhaustruct httpmw package
* make lint
* address PR comments
2023-07-11 14:30:33 +01:00
Mathias Fredriksson
75f62dc39d
feat: add support for template version messages in api and cli ( #8336 )
2023-07-11 13:11:08 +03:00
Mathias Fredriksson
9a72ddf7d4
fix(enterprise/coderd): add missing fields to extract api key config ( #8393 )
2023-07-10 16:51:50 +03:00
Steven Masley
f75d497c41
chore: touch ups to wsproxy UX ( #8350 )
...
* chore: update wording on wsproxy help
* chore: show help if no fields specified in wsproxy edit
* chore: Add run command example to wsproxy create
* chore: remove localhost warning
* chore: navbar match page title
* chore: Add helper text to latency picker
* chore: add confirm delete to workspace proxy delete cli
* chore: add errors + warnings to workspace proxy table
2023-07-07 10:06:11 -04:00
Mathias Fredriksson
814534d6b7
fix(enterprise/audit): improve error message for missing action ( #8335 )
2023-07-06 15:43:32 +03:00
Cian Johnston
7fcf319e01
fix(cli)!: protect client Logger and refactor cli scaletest tests ( #8317 )
...
- (breaking) Protects Logger and LogBodies fields of codersdk.Client with its mutex. This addresses a data race in cli/scaletest.
- Fillets the existing cli/createworkspaces unit test and moves the testing logic there into the tests under scaletest/createworkspaces.
- Adds testutil.RaceEnabled bool const and conditionaly skips previously-skipped tests under scaletest/ if the race detector is enabled. This is unfortunate and sad, but I would prefer to have these tests at least running without the race detector than not running at all.
- Adds IgnoreErrors option to fake in-memory agent loggers; having the agents fail the test immediately when they encounter any sort of error isn't really helpful.
2023-07-06 09:43:39 +01:00
Steven Masley
4a008a8f34
chore: prevent nil dereferences on cmd handlers ( #8319 )
...
* chore: detect nil cmd handlers
Prevent nil panic dereferences on cmd handlers. Add a unit test
to prevent future mistakes
2023-07-05 17:20:12 +00:00
Jon Ayers
4a9c8f407a
feat: add auto-locking/deleting workspace based on template config ( #8240 )
2023-07-02 21:29:52 -05:00
Asher
6015319e9d
feat: show service banner in SSH/TTY sessions ( #8186 )
...
* Allow workspace agents to get appearance
* Poll for service banner every two minutes
* Show service banner before MOTD if not quiet
2023-06-30 10:41:29 -08:00
Steven Masley
f0bd258ff1
feat: move proxy settings page to deployment options ( #8246 )
...
* feat: Move workspace proxy page to deployment options
Workspace proxy settings page is now an admin feature
* WorkspaceProxy response extends region
2023-06-30 11:32:35 -04:00
Steven Masley
b5f26d9bdf
feat: add ability for users to convert their password login type to oauth/github login ( #8105 )
...
* Currently toggled by experiment flag
---------
Co-authored-by: Bruno Quaresma <bruno@coder.com>
2023-06-30 08:38:48 -04:00
Marcin Tojek
83fee4b192
feat: enable Terraform debug mode via deployment configuration ( #8260 )
2023-06-29 15:22:21 +02:00
Jon Ayers
749307ef08
feat: provide endpoint to lock/unlock workspace ( #8239 )
2023-06-28 16:12:49 -05:00
Spike Curtis
c0a01ec81c
fix: fix TestPGCoordinatorDual_Mainline flake ( #8228 )
...
* fix TestPGCoordinatorDual_Mainline flake
Signed-off-by: Spike Curtis <spike@coder.com>
* use slices.Contains instead of local function
Signed-off-by: Spike Curtis <spike@coder.com>
---------
Signed-off-by: Spike Curtis <spike@coder.com>
2023-06-28 11:37:45 +04:00
Spike Curtis
7943a5b85e
fix PG coordinator context and RBAC subject ( #8223 )
...
Signed-off-by: Spike Curtis <spike@coder.com>
2023-06-27 10:14:31 +00:00
Steven Masley
140683813d
chore: reword wsproxy help ( #8168 )
2023-06-26 12:32:47 -05:00
Mathias Fredriksson
31076ad665
fix(enterprise/coderd): prevent deadlock during entitlements update ( #8215 )
2023-06-26 20:22:28 +03:00
Spike Curtis
5d48122f12
fix: fix PG Coordinator to update when heartbeats (re)start ( #8178 )
...
* fix: fix PG Coordinator to update when heartbeats (re)start
Signed-off-by: Spike Curtis <spike@coder.com>
* rename resetExpiryTimer(WithLock)
Signed-off-by: Spike Curtis <spike@coder.com>
---------
Signed-off-by: Spike Curtis <spike@coder.com>
2023-06-23 10:38:58 +00:00
Spike Curtis
ba9d038d42
feat: add periodic cleanup of PG Coordinator state ( #8142 )
...
* PG Coordinator cleans orphaned state
Signed-off-by: Spike Curtis <spike@coder.com>
* Don't need pubsub
Signed-off-by: Spike Curtis <spike@coder.com>
---------
Signed-off-by: Spike Curtis <spike@coder.com>
2023-06-23 13:23:28 +04:00
Spike Curtis
e856491476
feat: enable PG Coordinator as experiment ( #8144 )
...
Signed-off-by: Spike Curtis <spike@coder.com>
2023-06-22 13:12:29 +04:00
Jon Ayers
1b0124ecdb
feat: automatically stop workspaces based on failure_ttl ( #7989 )
2023-06-22 00:33:22 -04:00
Dean Sheather
a28d422c35
feat: add flag to disable all direct connections ( #7936 )
2023-06-21 22:02:05 +00:00
Dean Sheather
24b95e16c4
feat: add --disable-direct flag to CLI ( #8131 )
2023-06-21 20:22:43 +00:00
Spike Curtis
cc17d2feea
refactor: add postgres tailnet coordinator ( #8044 )
...
* postgres tailnet coordinator
Signed-off-by: Spike Curtis <spike@coder.com>
* Fix db migration; tests
Signed-off-by: Spike Curtis <spike@coder.com>
* Add fixture, regenerate
Signed-off-by: Spike Curtis <spike@coder.com>
* Fix fixtures
Signed-off-by: Spike Curtis <spike@coder.com>
* review comments, run clean gen
Signed-off-by: Spike Curtis <spike@coder.com>
* Rename waitForConn -> cleanupConn
Signed-off-by: Spike Curtis <spike@coder.com>
* code review updates
Signed-off-by: Spike Curtis <spike@coder.com>
* db migration order
Signed-off-by: Spike Curtis <spike@coder.com>
* fix log field name last_heartbeat
Signed-off-by: Spike Curtis <spike@coder.com>
* fix heartbeat_from log field
Signed-off-by: Spike Curtis <spike@coder.com>
* fix slog fields for linting
Signed-off-by: Spike Curtis <spike@coder.com>
---------
Signed-off-by: Spike Curtis <spike@coder.com>
2023-06-21 16:20:58 +04:00
Marcin Tojek
4fb4c9b270
chore: add more rules to ensure logs consistency ( #8104 )
2023-06-21 12:00:38 +02:00
Marcin Tojek
b1d1b63113
chore: ensure logs consistency across Coder ( #8083 )
2023-06-20 12:30:45 +02:00
Jon Ayers
c3aef9363b
feat: add locked TTL field to template meta ( #8020 )
2023-06-19 22:37:55 -04:00
Kyle Carberry
f444100aa6
feat: add region querying to pre-fetched html ( #8077 )
2023-06-19 11:23:26 -05:00
Kyle Carberry
9df9ad4503
feat: embed common client requests into the template html ( #8076 )
...
This should reduce the number of API requests a client makes
when loading the dashboard dramatically!
2023-06-18 13:57:27 -05:00
Cian Johnston
6e598234b6
fix: only collect prometheus database metrics when explicitly enabled ( #8045 )
...
* fix: only collect prometheus database metrics when explicitly enabled
* add missing test
* de-duplicate wrapping
2023-06-15 12:34:16 +01:00
Kyle Carberry
e4b6f5695b
chore: separate pubsub into a new package ( #8017 )
...
* chore: rename store to dbmock for consistency
* chore: remove redundant dbtype package
This wasn't necessary and forked how we do DB types.
* chore: separate pubsub into a new package
This didn't need to be in database and was bloating it.
2023-06-14 15:34:54 +00:00
Mathias Fredriksson
c12c9f1f4e
chore(go.mod): update cdr.dev/slog ( #7994 )
...
* chore(mod): update cdr.dev/slog
* fix: change uses of []slog.Field to []any to match new API
2023-06-13 18:17:04 +00:00
Mathias Fredriksson
51226c55ab
test(coderd): close metricscache and avoid background context ( #7996 )
2023-06-13 20:18:31 +03:00
Kyle Carberry
2e7e99b135
fix: scope errors to subtests for flake ( #8004 )
...
See: https://github.com/coder/coder/actions/runs/5257676837/jobs/9500882394
2023-06-13 11:52:17 -05:00
Kira Pilot
f13632cea8
feat: add impending deletion filter to workspaces page ( #7860 )
...
* add workspace deletion dialog
* add deleting_by query param
* added test
* filtering on workspaces to be deleted
* cleaned up form
* added story
* added banner filter
* PR feedback
* fix lint and stories
* PR feedback
* added enterprise test
* added unit tests in search_test.go
* remove unused fn
* unstaged changes
2023-06-12 11:55:51 -07:00
Ammar Bandukwala
a540e629e5
ci: improve caching ( #7954 )
2023-06-12 12:09:54 -05:00
Steven Masley
065206345e
test: add golden files to enterprise cli ( #7924 )
...
* test: Add golden files to enterprise cli
2023-06-09 11:35:20 -05:00
Colin Adler
30a635aa5f
fix(enterprise): ensure scim usernames are validated ( #7925 )
2023-06-08 17:59:49 -05:00
Steven Masley
a4cc883be1
chore: add proxy health interval flag/env config ( #7919 )
...
* chore: plumbing for proxy health interval from flag/env
2023-06-08 12:58:24 -05:00
Steven Masley
fa8153a0fd
chore: make default workspace proxy editable ( #7903 )
...
* chore: add editing the default workspace proxy
2023-06-08 10:30:15 -05:00
Steven Masley
5e647ba07a
chore: improve workspace proxy create cli flow ( #7907 )
...
* chore: improve workspace proxy create cli flow
2023-06-08 10:02:35 -05:00
Cian Johnston
4f29f9abe3
fixup! fix(cli): speed up CLI over SSH ( #7885 ) ( #7888 )
2023-06-07 09:13:22 +00:00
Ammar Bandukwala
5eaf809851
fix(cli): speed up CLI over SSH ( #7885 )
...
By caching the terminal's color profile, we avoid myriad round trips during command execution.
2023-06-07 05:22:58 +00:00
Steven Masley
72f59950f2
chore: add prometheus timing to latency endpoint ( #7742 )
...
* chore: Prometheus timing to latency endpoint
2023-06-06 10:26:13 -05:00
Cian Johnston
784696dfa5
feat: add prometheus metrics to database.Store ( #7713 )
...
* Adds dbmetrics package and wraps database.Store with a Prometheus HistogramVec of timings.
* Adds Wrappers method to database.Store to avoid double-wrapping interfaces
* Fixes test flake in TestLicensesListFake
2023-05-31 14:55:57 +01:00
Rodrigo Maia
61dc875454
feat(cli): show license_expires as rfc3339 date instead of unix time ( #7687 )
...
* feat(licenses): show license_expires time as rfc3339 date
* fix review comments
2023-05-26 14:36:26 +00:00
Spike Curtis
05da1e94a2
Fix pubsub goroutines in tests ( #7677 )
...
Signed-off-by: Spike Curtis <spike@coder.com>
2023-05-25 14:46:32 +04:00
Steven Masley
5d711fc95a
chore: CORs option for yarn dev server ( #7630 )
...
* chore: Yarn dev servers require CORs headers for external proxies
Adds a flag to set CORs headers to `*` for yarn dev servers
2023-05-22 20:02:39 +02:00
Colin Adler
dd5b0b2721
fix(scim): ensure scim users aren't created with their own org ( #7595 )
2023-05-18 20:54:45 -04:00
Jon Ayers
ec5ef51b49
feat: add session token injection to provisioner ( #7461 )
2023-05-17 23:29:22 -05:00
Kyle Carberry
6e7175b589
chore: fix lengthy tests in psql ( #7545 )
...
* chore: fix lengthy tests in psql
This was adding at a minimum 3mins to our psql tests!
* fix: automatically cancel tests on cleanup
2023-05-17 11:26:53 -05:00
Kyle Carberry
70d2203b9e
chore: reduce the log output of skipped tests ( #7520 )
...
With the introduction of the workspace proxy tests there was a lot
of output if a test was eventually skipped.
2023-05-14 19:37:00 -05:00
Ammar Bandukwala
f05f12231d
feat: update slog to use logfmt ( #7477 )
2023-05-14 20:23:13 +00:00
Steven Masley
8f768f8276
feat: Workspace Proxy picker show latency to each proxy ( #7486 )
...
* chore: Add cors to workspace proxies to allow for latency checks
* Add latency check to wsproxy
Use performance API timings.
- Fix cors and timing headers
- Accept custom headers
2023-05-11 15:42:30 -05:00
Steven Masley
b7f4f3a771
chore: Implement workspace proxy going away (graceful shutdown) ( #7459 )
...
* chore: Implement workspace proxy going away
When a workspace proxy shuts down, the health status of that
proxy should immediately be updated. This is purely a courtesy
and technically not required
2023-05-10 19:23:16 -05:00
Steven Masley
3f9af6f5e7
chore: Allow cors requests to workspace proxies for latency checks ( #7484 )
...
* CSP addition for web requests
* chore: Add cors to workspace proxies to allow for latency checks
2023-05-10 17:19:55 +00:00
Steven Masley
b5ad628460
chore: Allow editing proxy fields via api. ( #7435 )
...
* chore: Add ability to update workspace proxy fields
2023-05-09 13:46:50 -05:00
Steven Masley
1aac8200fa
chore: Fix column name in proxy ls command ( #7450 )
2023-05-08 12:23:12 -05:00
Steven Masley
52d2bc930b
chore: Make better error message if missing license ( #7440 )
...
* chore: Make better error message if missing license
* Change word to proxies
2023-05-05 14:22:56 -05:00
Steven Masley
07608fc3fb
chore: fix proxy 404 page ( #7421 )
...
* chore: fix proxy 404 page
---------
Co-authored-by: Kyle Carberry <kyle@coder.com>
2023-05-05 13:53:19 -05:00
Steven Masley
2624ee8f12
chore: Remove extra opt and fix 'proxy' alias ( #7413 )
...
* chore: Remove extra opt and fix 'proxy' alias
* proxy -> wsproxy
2023-05-05 13:09:04 -05:00
Kira Pilot
5ffa6dae50
feat: add inactivity cleanup and failure cleanup configuration fields to Template Schedule Form ( #7402 )
...
* added workspace actions entitlement
* added workspace actions experiment
* added new route for template enterprise meta
* removing new route; repurposing old
* add new fields to get endpoints
* removed workspace actions experiment
* added logic to enterprise template store
* added new form fields
* feature flagged new fields
* fix validation
* fixed submit btn
* fix tests
* changed ttl defaults
* added FE tests
* added BE tests
* fixed lint
* adjusted comment language
* fixing unstaged changes check
* fix test
* Update coderd/database/migrations/000122_add_template_cleanup_ttls.down.sql
Co-authored-by: Dean Sheather <dean@deansheather.com>
* Update coderd/database/migrations/000122_add_template_cleanup_ttls.up.sql
Co-authored-by: Dean Sheather <dean@deansheather.com>
---------
Co-authored-by: Dean Sheather <dean@deansheather.com>
2023-05-05 08:19:26 -07:00
Steven Masley
9908c84b2a
test: Return early and avoid using nil handler ( #7411 )
...
* test: Return early and avoid using nil handler
2023-05-04 11:14:53 -05:00
Colin Adler
8bd9f9c351
feat: unified tracing between coderd<->provisionerd ( #7370 )
2023-05-03 23:02:35 +00:00
Kira Pilot
2e9310b203
chore: add workspace actions entitlement and experiment ( #7361 )
...
* added workspace actions entitlement
* added workspace actions experiment
2023-05-03 11:34:43 -07:00
Steven Masley
434c4be9f1
chore: Add listing proxies to cli 'coder proxy ls' ( #7376 )
...
* feat: Add listing proxies to cli 'coder proxy ls'
* Add unit test
* Ignore errors
* Make gen and update golden files
* Update golden files
2023-05-03 10:12:56 -05:00
Colin Adler
75ad72de56
fix(server): prevent otel tracer provider from immediately being closed ( #7369 )
2023-05-02 12:06:58 -05:00
Spike Curtis
bd630113b2
fix: coordinator node update race ( #7345 )
...
* fix: coordinator node update race
Signed-off-by: Spike Curtis <spike@coder.com>
* Lint fixes, make core private
Signed-off-by: Spike Curtis <spike@coder.com>
* Don't log broken connections as errors
Signed-off-by: Spike Curtis <spike@coder.com>
---------
Signed-off-by: Spike Curtis <spike@coder.com>
2023-05-02 20:58:21 +04:00
Steven Masley
a1db82582f
chore: Dynamic CSP connect-src to support terminals connecting to workspace proxies ( #7352 )
...
* chore: Expose proxy hostnames to csp header
2023-05-02 08:30:44 -05:00
Dean Sheather
3b15234660
chore: add continuous deployment for workspace proxies ( #7364 )
2023-05-02 08:02:51 +10:00
Steven Masley
55824986bc
chore: 404 Requests to workspace proxy direct back to the primary ( #7353 )
...
* chore: 404 Requests to workspace proxy direct back to the primary
* Remove unnecessary sprintf
2023-05-01 13:58:36 -05:00
Steven Masley
079d2821f5
chore: Set proxy health checks to 1 minute intervals ( #7351 )
2023-05-01 16:06:29 +00:00
Steven Masley
4a9d1c16c7
chore: UI/UX for regions ( #7283 )
...
* chore: Allow regular users to query for all workspaces
* FE to add workspace proxy options to account settings
* WorkspaceProxy context syncs with coderd on region responses
---------
Co-authored-by: Dean Sheather <dean@deansheather.com>
2023-04-28 16:04:52 -05:00
Spike Curtis
b6666cf1cf
chore: tailnet debug logging ( #7260 )
...
* Enable discovery (disco) debug
Signed-off-by: Spike Curtis <spike@coder.com>
* Better debug on reconnectingPTY
Signed-off-by: Spike Curtis <spike@coder.com>
* Agent logging in appstest
Signed-off-by: Spike Curtis <spike@coder.com>
* More reconnectingPTY logging
Signed-off-by: Spike Curtis <spike@coder.com>
* Add logging to coordinator
Signed-off-by: Spike Curtis <spike@coder.com>
* Update agent/agent.go
Co-authored-by: Mathias Fredriksson <mafredri@gmail.com>
* Update agent/agent.go
Co-authored-by: Mathias Fredriksson <mafredri@gmail.com>
* Update agent/agent.go
Co-authored-by: Mathias Fredriksson <mafredri@gmail.com>
* Update agent/agent.go
Co-authored-by: Mathias Fredriksson <mafredri@gmail.com>
* Clarify logs; remove unrelated changes
Signed-off-by: Spike Curtis <spike@coder.com>
---------
Signed-off-by: Spike Curtis <spike@coder.com>
Co-authored-by: Mathias Fredriksson <mafredri@gmail.com>
2023-04-27 13:59:01 +04:00
Rodrigo Maia
87b7537878
feat: add license settings UI ( #7210 )
...
* wip: license page
* WIP
* WIP
* wip
* wip
* wip
* wip
* wip
* wip
* Apply suggestions from code review
Co-authored-by: Ben Potter <ben@coder.com>
* wip: ui improvements
* wip: extract components
* wip: stories
* wip: stories
* fixes from PR reviews
* fix stories
* fix empty license page
* fix copy
* fix
* wip
* add golang test
---------
Co-authored-by: Ben Potter <ben@coder.com>
2023-04-26 17:47:46 -03:00
Rodrigo Maia
c3fe2515a7
feat: add license expiration warning ( #7264 )
...
* wip: add expiration warning
* Use GraceAt
* show expiration warning for trial accounts
* fix test
* only show license banner for users with deployment permission
---------
Co-authored-by: Marcin Tojek <marcin@coder.com>
2023-04-26 16:39:39 -03:00
Dean Sheather
a98341612c
feat: add regions endpoint for proxies feature ( #7277 )
...
* feat: add regions endpoint for proxies feature
2023-04-25 09:37:52 -05:00
Steven Masley
3129741e08
chore: Proxy health status checks + endpoint ( #7233 )
...
* chore: Implement workspace proxy health check cron
At a given interval will check the reachability of workspace proxies.
* Proxyhealth is an enterprise feature
* Start proxyhealth go routine on enterprise coder
2023-04-24 10:25:35 -05:00
Mathias Fredriksson
6f06f8dadb
test: Fix test timeouts due to contexts created too early ( #7242 )
2023-04-21 17:32:25 +03:00
Dean Sheather
3680e158d9
chore: fix lint in main caused by incompatible merge ( #7239 )
2023-04-21 10:27:56 +00:00
Steven Masley
4353ad7940
chore: Remove url and wildcard url from moon create ( #7224 )
...
* chore: Remove url and wildcard url from moon create
2023-04-20 21:09:14 -05:00
Dean Sheather
68667323f3
chore: support signed token query param for web terminal ( #7197 )
...
* chore: add endpoint to get token for web terminal
* chore: support signed token query param for web terminal
2023-04-20 23:59:45 +00:00
Mathias Fredriksson
38a6d546ab
fix(enterprise/replicasync): Avoid deadlock during Close^2 ( #7230 )
2023-04-20 22:48:44 +03:00
Steven Masley
a5a5c4d400
chore: Add workspace proxy enterprise cli commands ( #7176 )
...
* feat: Add workspace proxy enterprise cli commands
* chore: Handle custom workspace proxy options. Remove excess
* chore: Add endpoint to register workspace proxies
2023-04-20 09:48:47 -05:00
Mathias Fredriksson
8d27978760
fix(enterprise/replicasync): Avoid deadlock during Close ( #7220 )
2023-04-20 15:37:30 +03:00
Colin Adler
f60b5579a7
chore: remove usage of `k8s.io/utils/pointer` ( #7209 )
2023-04-19 15:53:47 -05:00
Steven Masley
658246d5f2
chore: add workspace proxies to the backend ( #7032 )
...
Co-authored-by: Dean Sheather <dean@deansheather.com>
2023-04-17 19:57:21 +00:00
Steven Masley
38e5b9679b
chore: Rbac errors should be returned, and not hidden behind 404 ( #7122 )
...
* chore: Rbac errors should be returned, and not hidden behind 404
SqlErrNoRows was hiding actual errors
* Replace sql.ErrNoRow checks
* Remove sql err no rows check from dbauthz test
* Fix to use dbauthz system user
2023-04-13 13:06:16 -05:00
Kira Pilot
f6c89a2615
feat: differentiate new user registration from user login in the audit log ( #7096 )
...
* auditing register events
* fix tests
* update docs
* update comments
* Update coderd/audit/request.go
Co-authored-by: Colin Adler <colin1adler@gmail.com>
---------
Co-authored-by: Colin Adler <colin1adler@gmail.com>
2023-04-12 11:46:16 -07:00
Steven Masley
9d39371ee0
feat: Option to remove WorkspaceExec from `owner` role ( #7050 )
...
* chore: Add AllResources option for listing all RBAC objects
* Owners cannot do workspace exec site wide
* Fix FE authchecks to valid RBAC resources
2023-04-11 08:57:23 -05:00
Steven Masley
b2892c3d17
test: Increase test coverage on auditable resources ( #7038 )
...
* test: Increase test coverage on auditable resources
When adding a new audit resource, we also need to add it to the
function switch statements. This is a likely mistake, now a unit
test will check this for you
2023-04-06 16:16:53 -05:00
Colin Adler
e0f7cf5ec6
chore: fix `postGroupByOrganization` swagger tag ( #7021 )
2023-04-05 20:17:36 +00:00
Colin Adler
391738cc25
chore: remove documented groups endpoint that doesn't exist ( #7020 )
2023-04-05 14:26:21 -05:00
Steven Masley
b4afbe7720
feat: Implement experiment gated CRUD for workspace proxies ( #6928 )
...
* feat: Implement basic moon crud
* chore: Implement enterprise endpoints for moons
2023-04-04 15:07:29 -05:00
Kyle Carberry
385a4262e2
fix: remove audit-logging flag from the server ( #6991 )
...
Co-authored-by: Colin Adler <colin1adler@gmail.com>
2023-04-04 12:11:10 -05:00
Dean Sheather
e33941b7c2
feat: allow disabling autostart and custom autostop for template ( #6933 )
...
API only, frontend in upcoming PR.
2023-04-04 12:48:35 +00:00
Kyle Carberry
cd807bc0c8
fix: delete old addresses from the active derp mesh mapping ( #6926 )
2023-03-31 14:25:01 +00:00
Kyle Carberry
a63c97b8de
chore: wrap audit logs in a mutex to fix data race ( #6898 )
...
This was seen in `main`!
2023-03-30 12:13:03 -05:00
Ammar Bandukwala
42b3d90221
chore: rename "InsertOrUpdate" to Upsert around the codebase ( #6823 )
...
* chore: rename "InsertOrUpdate" to Upsert around the codebase
The shorter name uses up less line width, is easier to read
and is used more often.
* make gen
2023-03-28 00:55:10 +00:00
Steven Masley
7fa5afa268
fix: Users that can update a template can also read the file ( #6776 )
...
* fix: Users that can update a template can also read the file
This currently has a strange RBAC story. An issue will be filed
to streamline this.
This is a hotfix to resolve current functionality
* Only showsource code tab if the user has permission to edit the template
---------
Co-authored-by: Bruno Quaresma <bruno_nonato_quaresma@hotmail.com>
2023-03-27 09:21:41 -05:00
Ammar Bandukwala
2bd6d2908e
feat: convert entire CLI to clibase ( #6491 )
...
I'm sorry.
2023-03-23 17:42:20 -05:00
Kyle Carberry
df31636e72
feat: pass `access_token` to `coder_git_auth` resource ( #6713 )
...
This allows template authors to leverage git auth to perform
custom actions, like clone repositories.
2023-03-22 19:37:08 +00:00
Kyle Carberry
abe1e89f80
chore: increase parallelism of TestWorkspaceQuota ( #6710 )
...
This does a lot of build operations, so having multiple provisioner
daemons is great.
We were actually approaching the ceiling here for test duration!
2023-03-21 22:44:01 +00:00
Colin Adler
00860cf1c8
feat: add group mapping option for group sync ( #6705 )
...
* feat: add group mapping option for group sync
* fixup! feat: add group mapping option for group sync
2023-03-21 14:25:45 -05:00
Kyle Carberry
aaa3b31a0b
chore: add echo helper to create an agent with token ( #6576 )
...
This should reduce some LOC and duplication in tests!
2023-03-21 18:03:38 +00:00
Steven Masley
2321160c62
feat: Dbauthz is now default, remove out of experimental ( #6650 )
...
* feat: dbauthz always on, out of experimental
* Add ability to do rbac checks in unit tests
* Remove AuthorizeAllEndpoints
* Remove duplicate rbac checks
2023-03-21 09:10:22 -05:00
Kyle Carberry
c3fb1b325f
feat: add `owner_oidc_access_token` to `coder_workspace` data source ( #6042 )
...
See the discussion in Discord here:
https://discord.com/channels/747933592273027093/1071182088490987542/1071182088490987542
Related provider PR: coder/terraform-provider-coder#91
2023-03-17 15:25:08 -05:00
Kira Pilot
090e37fc46
feat(audit): auditing token addition and removal ( #6649 )
...
* auditing tokens
* adding diffs for token auditing
* added test
* generating docs
* auditing owner field
2023-03-17 10:41:44 -07:00
Steven Masley
37c859ec4c
chore: Ensure all audit types in ResourceTable match APGL ( #6563 )
...
* chore: Ensure all audit types in ResourceTable match APGL
* Implement more checks to ensure all tracked fields are present
* Add unit test to ensure all types are represented in audit table
* Trade compile time safety for syntax
2023-03-10 13:59:42 -06:00
Cian Johnston
144f374f60
refactor(dbauthz): add authz for system-level functions ( #6513 )
...
- Introduces rbac.ResourceSystem
- Grants system.* to system and provisionerd rbac subjects
- Updates dbauthz system queries where applicable
- coderd: Avoid index out of bounds in api.workspaceBuilds
- dbauthz: move GetUsersByIDs out of system, modify RBAC check to ResourceUser
- workspaceapps: Add test case for when owner of app is not found
2023-03-10 18:09:28 +00:00
Kyle Carberry
1db2b12b8e
chore: add a test to ensure audit code works with AGPL ( #6561 )
...
Fixes the regression seen in v0.19.1.
2023-03-10 17:04:40 +00:00
Kyle Carberry
7eb2c2ff6d
Revert "chore: Implement joins with golang templates ( #6429 )" ( #6560 )
...
This reverts commit 8b125d6c5d
.
2023-03-10 10:39:02 -06:00
Steven Masley
8b125d6c5d
chore: Implement joins with golang templates ( #6429 )
...
* feat: Implement view for workspace builds to include rbac info
* Removes the need to fetch the workspace to run an rbac check.
* chore: Use workspace build as RBAC object
* chore: Use golang templates instead of sqlc files
2023-03-10 09:44:38 -06:00
Steven Masley
7f25d31745
feat: Allow changing the 'group' oidc claim field ( #6546 )
...
* feat: Allow changing the 'group' oidc claim field
* Enable empty groups support
* fix: Delete was wiping all groups, not just the single user's groups
* Update docs
* fix: Dbfake delete group member fixed
2023-03-09 23:31:38 -06:00
Cian Johnston
fe10ba1157
fix: add audit information for WorkspaceBuild.MaxDeadilne ( #6504 )
...
* fix: add audit information for WorkspaceBuild.MaxDeadilne
* make gen
2023-03-08 12:41:57 +00:00
Ammar Bandukwala
3b73321a6c
feat: refactor deployment config ( #6347 )
2023-03-07 15:10:01 -06:00
Dean Sheather
1bdd2abed7
feat: use JWT ticket to avoid DB queries on apps ( #6148 )
...
Issue a JWT ticket on the first request with a short expiry that
contains details about which workspace/agent/app combo the ticket is
valid for.
2023-03-07 19:38:11 +00:00
Kyle Carberry
f287889cd7
chore: move client pubsub for HA coordinator after register ( #6487 )
...
Similar fix that happened for the agent. See:
https://github.com/coder/coder/actions/runs/4356099388/jobs/7613634277
2023-03-07 16:46:54 +00:00
Kyle Carberry
f19076cf06
chore: fix coordinator flake by moving pubsub below register ( #6482 )
...
After making the in-memory pubsub conform to the expectations of
PostgreSQL, this flake started appearing.
This fixes it because the agent socket is registered when a message
is received.
2023-03-07 09:38:18 -06:00
Dean Sheather
66a6b590a1
feat: add template max_ttl ( #6114 )
...
Co-authored-by: Bruno Quaresma <bruno@coder.com>
2023-03-07 14:14:58 +00:00
Kira Pilot
71d1e63af0
feat: add ability to name tokens ( #6365 )
...
* add tokens switch
* reorged TokensPage
* using Trans component for description
* using Trans component on DeleteDialog
* add owner col
* simplify hook return
* lint
* type for response
* added flag for name
* fixed auth
* lint, prettier, tests
* added unique index for login type token
* remove tokens by name
* better check for unique constraint
* docs
* test: Fix dbfake to insert token name
* fix doc tests
* Update cli/tokens.go
Co-authored-by: Steven Masley <Emyrk@users.noreply.github.com>
* Update coderd/database/migrations/000102_add_apikey_name.down.sql
Co-authored-by: Steven Masley <Emyrk@users.noreply.github.com>
* add more specificity to IsUniqueViolation check
* fix tests
* Fix AutorizeAllEndpoints
* rename migration
---------
Co-authored-by: Steven Masley <stevenmasley@coder.com>
Co-authored-by: Steven Masley <Emyrk@users.noreply.github.com>
2023-03-02 09:39:38 -08:00