synced/coder
1
0
Fork 0
mirror of https://github.com/coder/coder.git synced 2025-07-23 21:32:07 +00:00
Code Issues Packages Projects Releases Wiki Activity

feat: Add provisioner force-cancel flag (#4947)

Browse Source 
* feat: Add provisionerd force cancel flag

* Golden files

* Fix: typesGenerated.ts

* Use single struct for Provisioner config
This commit is contained in:
Marcin Tojek
2022-11-08 14:19:40 +01:00
committed by GitHub
parent f6130e25b2
commit 16384f8594
7 changed files with 221 additions and 189 deletions
Download Patch File Download Diff File Expand all files Collapse all files

20
cli/deployment/config.go
View File

@ -151,12 +151,6 @@ func newConfig() *codersdk.DeploymentConfig {
Flag: "in-memory",
Hidden: true,
},
ProvisionerDaemons: &codersdk.DeploymentConfigField[int]{
Name: "Provisioner Daemons",
Usage: "Number of provisioner daemons to create on start. If builds are stuck in queued state for a long time, consider increasing this.",
Flag: "provisioner-daemons",
Default: 3,
},
PostgresURL: &codersdk.DeploymentConfigField[string]{
Name: "Postgres Connection URL",
Usage: "URL of a PostgreSQL database. If empty, PostgreSQL binaries will be downloaded from Maven (https://repo1.maven.org/maven2) and store all data in the config root. Access the built-in database with \"coder server postgres-builtin-url\".",
@ -359,6 +353,20 @@ func newConfig() *codersdk.DeploymentConfig {
Flag: "user-workspace-quota",
Enterprise: true,
},
Provisioner: &codersdk.ProvisionerConfig{
Daemons: &codersdk.DeploymentConfigField[int]{
Name: "Provisioner Daemons",
Usage: "Number of provisioner daemons to create on start. If builds are stuck in queued state for a long time, consider increasing this.",
Flag: "provisioner-daemons",
Default: 3,
},
ForceCancelInterval: &codersdk.DeploymentConfigField[time.Duration]{
Name: "Force Cancel Interval",
Usage: "Time to force cancel provisioning tasks that are stuck.",
Flag: "provisioner-force-cancel-interval",
Default: 10 * time.Minute,
},
},
}
}

2
cli/deployment/config_test.go
View File

@ -47,7 +47,7 @@ func TestConfig(t *testing.T) {
require.Equal(t, config.Pprof.Enable.Value, true)
require.Equal(t, config.Prometheus.Address.Value, "hello-world")
require.Equal(t, config.Prometheus.Enable.Value, true)
require.Equal(t, config.ProvisionerDaemons.Value, 5)
require.Equal(t, config.Provisioner.Daemons.Value, 5)
require.Equal(t, config.SecureAuthCookie.Value, true)
require.Equal(t, config.SSHKeygenAlgorithm.Value, "potato")
require.Equal(t, config.Telemetry.Enable.Value, false)

27
cli/server.go
View File

@ -562,8 +562,8 @@ func Server(vip *viper.Viper, newAPI func(context.Context, *coderd.Options) (*co
}
}()
provisionerdMetrics := provisionerd.NewMetrics(options.PrometheusRegistry)
for i := 0; i < cfg.ProvisionerDaemons.Value; i++ {
daemon, err := newProvisionerDaemon(ctx, coderAPI, provisionerdMetrics, logger, cfg.CacheDirectory.Value, errCh, false)
for i := 0; i < cfg.Provisioner.Daemons.Value; i++ {
daemon, err := newProvisionerDaemon(ctx, coderAPI, provisionerdMetrics, logger, cfg, errCh, false)
if err != nil {
return xerrors.Errorf("create provisioner daemon: %w", err)
}
@ -832,7 +832,7 @@ func newProvisionerDaemon(
coderAPI *coderd.API,
metrics provisionerd.Metrics,
logger slog.Logger,
cacheDir string,
cfg *codersdk.DeploymentConfig,
errCh chan error,
dev bool,
) (srv *provisionerd.Server, err error) {
@ -843,9 +843,9 @@ func newProvisionerDaemon(
}
}()
err = os.MkdirAll(cacheDir, 0o700)
err = os.MkdirAll(cfg.CacheDirectory.Value, 0o700)
if err != nil {
return nil, xerrors.Errorf("mkdir %q: %w", cacheDir, err)
return nil, xerrors.Errorf("mkdir %q: %w", cfg.CacheDirectory.Value, err)
}
terraformClient, terraformServer := provisionersdk.TransportPipe()
@ -861,7 +861,7 @@ func newProvisionerDaemon(
ServeOptions: &provisionersdk.ServeOptions{
Listener: terraformServer,
},
CachePath: cacheDir,
CachePath: cfg.CacheDirectory.Value,
Logger: logger,
})
if err != nil && !xerrors.Is(err, context.Canceled) {
@ -902,13 +902,14 @@ func newProvisionerDaemon(
provisioners[string(database.ProvisionerTypeEcho)] = proto.NewDRPCProvisionerClient(provisionersdk.Conn(echoClient))
}
return provisionerd.New(coderAPI.ListenProvisionerDaemon, &provisionerd.Options{
Logger: logger,
PollInterval: 500 * time.Millisecond,
UpdateInterval: 500 * time.Millisecond,
Provisioners: provisioners,
WorkDirectory: tempDir,
TracerProvider: coderAPI.TracerProvider,
Metrics: &metrics,
Logger: logger,
PollInterval: 500 * time.Millisecond,
UpdateInterval: 500 * time.Millisecond,
ForceCancelInterval: cfg.Provisioner.ForceCancelInterval.Value,
Provisioners: provisioners,
WorkDirectory: tempDir,
TracerProvider: coderAPI.TracerProvider,
Metrics: &metrics,
}), nil
}

344
cli/testdata/coder_server_--help.golden vendored
View File

@ -10,172 +10,184 @@ Commands:
postgres-builtin-url Output the connection URL for the built-in PostgreSQL deployment.
Flags:
--access-url string External URL to access your deployment.
This must be accessible by all provisioned
workspaces.
Consumes $CODER_ACCESS_URL
-a, --address string Bind address of the server.
Consumes $CODER_ADDRESS (default
"127.0.0.1:3000")
--cache-dir string The directory to cache temporary files. If
unspecified and $CACHE_DIRECTORY is set, it
will be used for compatibility with
systemd.
Consumes $CODER_CACHE_DIRECTORY (default
"/tmp/coder-cli-test-cache")
--derp-config-path string Path to read a DERP mapping from. See:
https://tailscale.com/kb/1118/custom-derp-servers/
Consumes $CODER_DERP_CONFIG_PATH
--derp-config-url string URL to fetch a DERP mapping on startup.
See:
https://tailscale.com/kb/1118/custom-derp-servers/
Consumes $CODER_DERP_CONFIG_URL
--derp-server-enable Whether to enable or disable the embedded
DERP relay server.
Consumes $CODER_DERP_SERVER_ENABLE (default
true)
--derp-server-region-code string Region code to use for the embedded DERP
server.
Consumes $CODER_DERP_SERVER_REGION_CODE
(default "coder")
--derp-server-region-id int Region ID to use for the embedded DERP
server.
Consumes $CODER_DERP_SERVER_REGION_ID
(default 999)
--derp-server-region-name string Region name that for the embedded DERP
server.
Consumes $CODER_DERP_SERVER_REGION_NAME
(default "Coder Embedded Relay")
--derp-server-stun-addresses strings Addresses for STUN servers to establish P2P
connections. Set empty to disable P2P
connections.
Consumes $CODER_DERP_SERVER_STUN_ADDRESSES
(default [stun.l.google.com:19302])
-h, --help help for server
--oauth2-github-allow-signups Whether new users can sign up with GitHub.
Consumes $CODER_OAUTH2_GITHUB_ALLOW_SIGNUPS
--oauth2-github-allowed-orgs strings Organizations the user must be a member of
to Login with GitHub.
Consumes $CODER_OAUTH2_GITHUB_ALLOWED_ORGS
--oauth2-github-allowed-teams strings Teams inside organizations the user must be
a member of to Login with GitHub.
Structured as:
<organization-name>/<team-slug>.
Consumes $CODER_OAUTH2_GITHUB_ALLOWED_TEAMS
--oauth2-github-client-id string Client ID for Login with GitHub.
Consumes $CODER_OAUTH2_GITHUB_CLIENT_ID
--oauth2-github-client-secret string Client secret for Login with GitHub.
Consumes $CODER_OAUTH2_GITHUB_CLIENT_SECRET
--oauth2-github-enterprise-base-url string Base URL of a GitHub Enterprise deployment
to use for Login with GitHub.
Consumes
$CODER_OAUTH2_GITHUB_ENTERPRISE_BASE_URL
--oidc-allow-signups Whether new users can sign up with OIDC.
Consumes $CODER_OIDC_ALLOW_SIGNUPS (default
true)
--oidc-client-id string Client ID to use for Login with OIDC.
Consumes $CODER_OIDC_CLIENT_ID
--oidc-client-secret string Client secret to use for Login with OIDC.
Consumes $CODER_OIDC_CLIENT_SECRET
--oidc-email-domain string Email domain that clients logging in with
OIDC must match.
Consumes $CODER_OIDC_EMAIL_DOMAIN
--oidc-issuer-url string Issuer URL to use for Login with OIDC.
Consumes $CODER_OIDC_ISSUER_URL
--oidc-scopes strings Scopes to grant when authenticating with
OIDC.
Consumes $CODER_OIDC_SCOPES (default
[openid,profile,email])
--postgres-url string URL of a PostgreSQL database. If empty,
PostgreSQL binaries will be downloaded from
Maven (https://repo1.maven.org/maven2) and
store all data in the config root. Access
the built-in database with "coder server
postgres-builtin-url".
Consumes $CODER_PG_CONNECTION_URL
--pprof-address string The bind address to serve pprof.
Consumes $CODER_PPROF_ADDRESS (default
"127.0.0.1:6060")
--pprof-enable Serve pprof metrics on the address defined
by pprof address.
Consumes $CODER_PPROF_ENABLE
--prometheus-address string The bind address to serve prometheus
metrics.
Consumes $CODER_PROMETHEUS_ADDRESS (default
"127.0.0.1:2112")
--prometheus-enable Serve prometheus metrics on the address
defined by prometheus address.
Consumes $CODER_PROMETHEUS_ENABLE
--provisioner-daemons int Number of provisioner daemons to create on
start. If builds are stuck in queued state
for a long time, consider increasing this.
Consumes $CODER_PROVISIONER_DAEMONS (default 3)
--proxy-trusted-headers strings Headers to trust for forwarding IP
addresses. e.g. Cf-Connecting-Ip,
True-Client-Ip, X-Forwarded-For
Consumes $CODER_PROXY_TRUSTED_HEADERS
--proxy-trusted-origins strings Origin addresses to respect
"proxy-trusted-headers". e.g.
192.168.1.0/24
Consumes $CODER_PROXY_TRUSTED_ORIGINS
--secure-auth-cookie Controls if the 'Secure' property is set on
browser session cookies.
Consumes $CODER_SECURE_AUTH_COOKIE
--ssh-keygen-algorithm string The algorithm to use for generating ssh
keys. Accepted values are "ed25519",
"ecdsa", or "rsa4096".
Consumes $CODER_SSH_KEYGEN_ALGORITHM
(default "ed25519")
--telemetry Whether telemetry is enabled or not. Coder
collects anonymized usage data to help
improve our product.
Consumes $CODER_TELEMETRY_ENABLE
--telemetry-trace Whether Opentelemetry traces are sent to
Coder. Coder collects anonymized
application tracing to help improve our
product. Disabling telemetry also disables
this option.
Consumes $CODER_TELEMETRY_TRACE
--tls-cert-file strings Path to each certificate for TLS. It
requires a PEM-encoded file. To configure
the listener to use a CA certificate,
concatenate the primary certificate and the
CA certificate together. The primary
certificate should appear first in the
combined file.
Consumes $CODER_TLS_CERT_FILE
--tls-client-auth string Policy the server will follow for TLS
Client Authentication. Accepted values are
"none", "request", "require-any",
"verify-if-given", or "require-and-verify".
Consumes $CODER_TLS_CLIENT_AUTH (default
"request")
--tls-client-ca-file string PEM-encoded Certificate Authority file used
for checking the authenticity of client
Consumes $CODER_TLS_CLIENT_CA_FILE
--tls-enable Whether TLS will be enabled.
Consumes $CODER_TLS_ENABLE
--tls-key-file strings Paths to the private keys for each of the
certificates. It requires a PEM-encoded
file.
Consumes $CODER_TLS_KEY_FILE
--tls-min-version string Minimum supported version of TLS. Accepted
values are "tls10", "tls11", "tls12" or
"tls13"
Consumes $CODER_TLS_MIN_VERSION (default
"tls12")
--trace Whether application tracing data is
collected. It exports to a backend
configured by environment variables. See:
https://github.com/open-telemetry/opentelemetry-specification/blob/main/specification/protocol/exporter.md
Consumes $CODER_TRACE_ENABLE
--trace-honeycomb-api-key string Enables trace exporting to Honeycomb.io
using the provided API Key.
Consumes $CODER_TRACE_HONEYCOMB_API_KEY
--wildcard-access-url string Specifies the wildcard hostname to use for
workspace applications in the form
"*.example.com".
Consumes $CODER_WILDCARD_ACCESS_URL
--access-url string External URL to access your deployment.
This must be accessible by all
provisioned workspaces.
Consumes $CODER_ACCESS_URL
-a, --address string Bind address of the server.
Consumes $CODER_ADDRESS (default
"127.0.0.1:3000")
--cache-dir string The directory to cache temporary files.
If unspecified and $CACHE_DIRECTORY is
set, it will be used for compatibility
with systemd.
Consumes $CODER_CACHE_DIRECTORY (default
"/tmp/coder-cli-test-cache")
--derp-config-path string Path to read a DERP mapping from. See:
https://tailscale.com/kb/1118/custom-derp-servers/
Consumes $CODER_DERP_CONFIG_PATH
--derp-config-url string URL to fetch a DERP mapping on startup.
See:
https://tailscale.com/kb/1118/custom-derp-servers/
Consumes $CODER_DERP_CONFIG_URL
--derp-server-enable Whether to enable or disable the embedded
DERP relay server.
Consumes $CODER_DERP_SERVER_ENABLE
(default true)
--derp-server-region-code string Region code to use for the embedded DERP
server.
Consumes $CODER_DERP_SERVER_REGION_CODE
(default "coder")
--derp-server-region-id int Region ID to use for the embedded DERP
server.
Consumes $CODER_DERP_SERVER_REGION_ID
(default 999)
--derp-server-region-name string Region name that for the embedded DERP
server.
Consumes $CODER_DERP_SERVER_REGION_NAME
(default "Coder Embedded Relay")
--derp-server-stun-addresses strings Addresses for STUN servers to establish
P2P connections. Set empty to disable P2P
connections.
Consumes
$CODER_DERP_SERVER_STUN_ADDRESSES
(default [stun.l.google.com:19302])
-h, --help help for server
--oauth2-github-allow-signups Whether new users can sign up with
GitHub.
Consumes $CODER_OAUTH2_GITHUB_ALLOW_SIGNUPS
--oauth2-github-allowed-orgs strings Organizations the user must be a member
of to Login with GitHub.
Consumes $CODER_OAUTH2_GITHUB_ALLOWED_ORGS
--oauth2-github-allowed-teams strings Teams inside organizations the user must
be a member of to Login with GitHub.
Structured as:
<organization-name>/<team-slug>.
Consumes $CODER_OAUTH2_GITHUB_ALLOWED_TEAMS
--oauth2-github-client-id string Client ID for Login with GitHub.
Consumes $CODER_OAUTH2_GITHUB_CLIENT_ID
--oauth2-github-client-secret string Client secret for Login with GitHub.
Consumes $CODER_OAUTH2_GITHUB_CLIENT_SECRET
--oauth2-github-enterprise-base-url string Base URL of a GitHub Enterprise
deployment to use for Login with GitHub.
Consumes
$CODER_OAUTH2_GITHUB_ENTERPRISE_BASE_URL
--oidc-allow-signups Whether new users can sign up with OIDC.
Consumes $CODER_OIDC_ALLOW_SIGNUPS
(default true)
--oidc-client-id string Client ID to use for Login with OIDC.
Consumes $CODER_OIDC_CLIENT_ID
--oidc-client-secret string Client secret to use for Login with OIDC.
Consumes $CODER_OIDC_CLIENT_SECRET
--oidc-email-domain string Email domain that clients logging in with
OIDC must match.
Consumes $CODER_OIDC_EMAIL_DOMAIN
--oidc-issuer-url string Issuer URL to use for Login with OIDC.
Consumes $CODER_OIDC_ISSUER_URL
--oidc-scopes strings Scopes to grant when authenticating with
OIDC.
Consumes $CODER_OIDC_SCOPES (default
[openid,profile,email])
--postgres-url string URL of a PostgreSQL database. If empty,
PostgreSQL binaries will be downloaded
from Maven
(https://repo1.maven.org/maven2) and
store all data in the config root. Access
the built-in database with "coder server
postgres-builtin-url".
Consumes $CODER_PG_CONNECTION_URL
--pprof-address string The bind address to serve pprof.
Consumes $CODER_PPROF_ADDRESS (default
"127.0.0.1:6060")
--pprof-enable Serve pprof metrics on the address
defined by pprof address.
Consumes $CODER_PPROF_ENABLE
--prometheus-address string The bind address to serve prometheus
metrics.
Consumes $CODER_PROMETHEUS_ADDRESS
(default "127.0.0.1:2112")
--prometheus-enable Serve prometheus metrics on the address
defined by prometheus address.
Consumes $CODER_PROMETHEUS_ENABLE
--provisioner-daemons int Number of provisioner daemons to create
on start. If builds are stuck in queued
state for a long time, consider
increasing this.
Consumes $CODER_PROVISIONER_DAEMONS
(default 3)
--provisioner-force-cancel-interval duration Time to force cancel provisioning tasks
that are stuck.
Consumes
$CODER_PROVISIONER_FORCE_CANCEL_INTERVAL
(default 10m0s)
--proxy-trusted-headers strings Headers to trust for forwarding IP
addresses. e.g. Cf-Connecting-Ip,
True-Client-Ip, X-Forwarded-For
Consumes $CODER_PROXY_TRUSTED_HEADERS
--proxy-trusted-origins strings Origin addresses to respect
"proxy-trusted-headers". e.g.
192.168.1.0/24
Consumes $CODER_PROXY_TRUSTED_ORIGINS
--secure-auth-cookie Controls if the 'Secure' property is set
on browser session cookies.
Consumes $CODER_SECURE_AUTH_COOKIE
--ssh-keygen-algorithm string The algorithm to use for generating ssh
keys. Accepted values are "ed25519",
"ecdsa", or "rsa4096".
Consumes $CODER_SSH_KEYGEN_ALGORITHM
(default "ed25519")
--telemetry Whether telemetry is enabled or not.
Coder collects anonymized usage data to
help improve our product.
Consumes $CODER_TELEMETRY_ENABLE
--telemetry-trace Whether Opentelemetry traces are sent to
Coder. Coder collects anonymized
application tracing to help improve our
product. Disabling telemetry also
disables this option.
Consumes $CODER_TELEMETRY_TRACE
--tls-cert-file strings Path to each certificate for TLS. It
requires a PEM-encoded file. To configure
the listener to use a CA certificate,
concatenate the primary certificate and
the CA certificate together. The primary
certificate should appear first in the
combined file.
Consumes $CODER_TLS_CERT_FILE
--tls-client-auth string Policy the server will follow for TLS
Client Authentication. Accepted values
are "none", "request", "require-any",
"verify-if-given", or
"require-and-verify".
Consumes $CODER_TLS_CLIENT_AUTH (default
"request")
--tls-client-ca-file string PEM-encoded Certificate Authority file
used for checking the authenticity of
client
Consumes $CODER_TLS_CLIENT_CA_FILE
--tls-enable Whether TLS will be enabled.
Consumes $CODER_TLS_ENABLE
--tls-key-file strings Paths to the private keys for each of the
certificates. It requires a PEM-encoded
file.
Consumes $CODER_TLS_KEY_FILE
--tls-min-version string Minimum supported version of TLS.
Accepted values are "tls10", "tls11",
"tls12" or "tls13"
Consumes $CODER_TLS_MIN_VERSION (default
"tls12")
--trace Whether application tracing data is
collected. It exports to a backend
configured by environment variables. See:
https://github.com/open-telemetry/opentelemetry-specification/blob/main/specification/protocol/exporter.md
Consumes $CODER_TRACE_ENABLE
--trace-honeycomb-api-key string Enables trace exporting to Honeycomb.io
using the provided API Key.
Consumes $CODER_TRACE_HONEYCOMB_API_KEY
--wildcard-access-url string Specifies the wildcard hostname to use
for workspace applications in the form
"*.example.com".
Consumes $CODER_WILDCARD_ACCESS_URL
Global Flags:
--experimental Enable experimental features. Experimental features are not

7
codersdk/deploymentconfig.go
View File

@ -23,7 +23,6 @@ type DeploymentConfig struct {
ProxyTrustedOrigins *DeploymentConfigField[[]string] `json:"proxy_trusted_origins" typescript:",notnull"`
CacheDirectory *DeploymentConfigField[string] `json:"cache_directory" typescript:",notnull"`
InMemoryDatabase *DeploymentConfigField[bool] `json:"in_memory_database" typescript:",notnull"`
ProvisionerDaemons *DeploymentConfigField[int] `json:"provisioner_daemons" typescript:",notnull"`
PostgresURL *DeploymentConfigField[string] `json:"pg_connection_url" typescript:",notnull"`
OAuth2 *OAuth2Config `json:"oauth2" typescript:",notnull"`
OIDC *OIDCConfig `json:"oidc" typescript:",notnull"`
@ -39,6 +38,7 @@ type DeploymentConfig struct {
BrowserOnly *DeploymentConfigField[bool] `json:"browser_only" typescript:",notnull"`
SCIMAPIKey *DeploymentConfigField[string] `json:"scim_api_key" typescript:",notnull"`
UserWorkspaceQuota *DeploymentConfigField[int] `json:"user_workspace_quota" typescript:",notnull"`
Provisioner *ProvisionerConfig `json:"provisioner" typescript:",notnull"`
}
type DERP struct {
@ -123,6 +123,11 @@ type GitAuthConfig struct {
Scopes []string `json:"scopes"`
}
type ProvisionerConfig struct {
Daemons *DeploymentConfigField[int] `json:"daemons" typescript:",notnull"`
ForceCancelInterval *DeploymentConfigField[time.Duration] `json:"force_cancel_interval" typescript:",notnull"`
}
type Flaggable interface {
string | time.Duration | bool | int | []string | []GitAuthConfig
}

2
provisionerd/provisionerd.go
View File

@ -65,7 +65,7 @@ func New(clientDialer Dialer, opts *Options) *Server {
opts.UpdateInterval = 5 * time.Second
}
if opts.ForceCancelInterval == 0 {
opts.ForceCancelInterval = time.Minute
opts.ForceCancelInterval = 10 * time.Minute
}
if opts.LogBufferInterval == 0 {
opts.LogBufferInterval = 50 * time.Millisecond

8
site/src/api/typesGenerated.ts
View File

@ -287,7 +287,6 @@ export interface DeploymentConfig {
readonly proxy_trusted_origins: DeploymentConfigField<string[]>
readonly cache_directory: DeploymentConfigField<string>
readonly in_memory_database: DeploymentConfigField<boolean>
readonly provisioner_daemons: DeploymentConfigField<number>
readonly pg_connection_url: DeploymentConfigField<string>
readonly oauth2: OAuth2Config
readonly oidc: OIDCConfig
@ -303,6 +302,7 @@ export interface DeploymentConfig {
readonly browser_only: DeploymentConfigField<boolean>
readonly scim_api_key: DeploymentConfigField<string>
readonly user_workspace_quota: DeploymentConfigField<number>
readonly provisioner: ProvisionerConfig
}
// From codersdk/deploymentconfig.go
@ -514,6 +514,12 @@ export interface PrometheusConfig {
readonly address: DeploymentConfigField<string>
}
// From codersdk/deploymentconfig.go
export interface ProvisionerConfig {
readonly daemons: DeploymentConfigField<number>
readonly force_cancel_interval: DeploymentConfigField<number>
}
// From codersdk/provisionerdaemons.go
export interface ProvisionerDaemon {
readonly id: string