* fix: Tidy up closes for nicer output
There was a context canceled message that would appear
because of traces, and this was using the wrong close.
I don't think it was causing any specific problems, but
it could make a replica warning appear on restart.
* Fix migration and experimental
* Add base components for the Settings Page
* WIP OIDC page
* Imrove layout
* Add table
* Abstract option
* Refactor badges
* Load settings from the API
* Update deployment page
* feat: Add deployment settings page
This allows deployment admins to view options
set on their deployments.
* Format
* Remove replicas table since it's not used
* Remove references to HA table
* Fix tests
* Improve language
Co-authored-by: Bruno Quaresma <bruno@coder.com>
* feat: HA tailnet coordinator
* fixup! feat: HA tailnet coordinator
* fixup! feat: HA tailnet coordinator
* remove printlns
* close all connections on coordinator
* impelement high availability feature
* fixup! impelement high availability feature
* fixup! impelement high availability feature
* fixup! impelement high availability feature
* fixup! impelement high availability feature
* Add replicas
* Add DERP meshing to arbitrary addresses
* Move packages to highavailability folder
* Move coordinator to high availability package
* Add flags for HA
* Rename to replicasync
* Denest packages for replicas
* Add test for multiple replicas
* Fix coordination test
* Add HA to the helm chart
* Rename function pointer
* Add warnings for HA
* Add the ability to block endpoints
* Add flag to disable P2P connections
* Wow, I made the tests pass
* Add replicas endpoint
* Ensure close kills replica
* Update sql
* Add database latency to high availability
* Pipe TLS to DERP mesh
* Fix DERP mesh with TLS
* Add tests for TLS
* Fix replica sync TLS
* Fix RootCA for replica meshing
* Remove ID from replicasync
* Fix getting certificates for meshing
* Remove excessive locking
* Fix linting
* Store mesh key in the database
* Fix replica key for tests
* Fix types gen
* Fix unlocking unlocked
* Fix race in tests
* Update enterprise/derpmesh/derpmesh.go
Co-authored-by: Colin Adler <colin1adler@gmail.com>
* Rename to syncReplicas
* Reuse http client
* Delete old replicas on a CRON
* Fix race condition in connection tests
* Fix linting
* Fix nil type
* Move pubsub to in-memory for twenty test
* Add comment for configuration tweaking
* Fix leak with transport
* Fix close leak in derpmesh
* Fix race when creating server
* Remove handler update
* Skip test on Windows
* Fix DERP mesh test
* Wrap HTTP handler replacement in mutex
* Fix error message for relay
* Fix API handler for normal tests
* Fix speedtest
* Fix replica resend
* Fix derpmesh send
* Ping async
* Increase wait time of template version jobd
* Fix race when closing replica sync
* Add name to client
* Log the derpmap being used
* Don't connect if DERP is empty
* Improve agent coordinator logging
* Fix lock in coordinator
* Fix relay addr
* Fix race when updating durations
* Fix client publish race
* Run pubsub loop in a queue
* Store agent nodes in order
* Fix coordinator locking
* Check for closed pipe
Co-authored-by: Colin Adler <colin1adler@gmail.com>
* feat: add doas support
Some people may have some reason to drop sudo and switch to doas
* chore: doas at the end
Just because it is relatively cold :-(
Co-authored-by: Kyle Carberry <kyle@carberry.com>
* chore(CI): add doas to pass CI
* fix syntax error
Co-authored-by: Kyle Carberry <kyle@carberry.com>
Co-authored-by: Ben <me@bpmct.net>
* Start sketching out new design
* Working but ugly
* Highlight chosen mode
* Format
* Set hours field width
* Alignment on desktop
* Use primary button color
* Make 1 the default change
* Add stepper max
* Fix storybook
* Handle undefined deadline
* Access deadline correctly
* Format
* Fix overflow on mobile
On Windows, files in tar archives were stored with Windows
path-separators resulting in them being individual files as opposed to
contained in a folder.
This commit ensures Unix-based paths (slash) are being used inside tar
archives.
Exmple of previous output:
```
/tmp/provisionerd673501182/images:
/tmp/provisionerd673501182/:
README.md
images
images\base.Dockerfile
images\java.Dockerfile
images\node.Dockerfile
main.tf
```
Fixes#2815
* fix: await promises in WorkspacePage.test.tsx
* chore: add eventsourcemock to cspell words
* fix: clean up UsersPage.test.tsx
* refactor: clean up eventsource mock
* revert: remove changes from WorkspacePage.test.tsx
- As part of merging support for Template RBAC
and user groups a permission check on reading files
was relaxed.
With the addition of admin roles on individual templates, regular
users are now able to push template versions if they have
inherited the 'admin' role for a template. In order to do so
they need to be able to create and read their own files. Since
collisions on hash in the past were ignored, this means that a regular user
who pushes a template version with a file hash that collides with
an existing hash will not be able to read the file (since it belongs to
another user).
This commit fixes the underlying problem which was that
the files table had a primary key on the 'hash' column.
This was not a problem at the time because only template
admins and other users with similar elevated roles were
able to read all files regardless of ownership. To fix this
a new column and primary key 'id' has been introduced to the files
table. The unique constraint has been updated to be hash+created_by.
Tables (provisioner_jobs) that referenced files.hash have been updated
to reference files.id. Relevant API endpoints have also been updated.
* reword: chore: add CI to dogfood template
* use hardcoded URL
* use consistent name for tokens
* chore: add docs for template change management
* add an example
* fix case
* chore: rename feature rbac to template_rbac
* Fix feature visibility on FE
* fixup! Fix feature visibility on FE
Co-authored-by: Bruno Quaresma <bruno@coder.com>
* docs: Add initial docs to groups and rbac
* Update manifest
* Apply suggestions from code review
Co-authored-by: Joe Previte <jjprevite@gmail.com>
* use single user icon
* chore: add labels and standardize enterprise messaging
* clarify template role
* add groups role
* fix typo
* rename access to use
Co-authored-by: Joe Previte <jjprevite@gmail.com>
Co-authored-by: Ben <me@bpmct.net>
Kyle Carberry
Kyle Carberry
Jon Ayers
Ben Potter
Ammar Bandukwala
dependabot[bot]
Colin Adler
Phorcys
unknowndevQwQ
Dean Sheather
Kira Pilot
Presley Pizzo
Mathias Fredriksson
Joe Previte
Garrett Delfosse
Bruno Quaresma