mirror of
https://github.com/coder/coder.git
synced 2025-07-13 21:36:50 +00:00
feat: Add provisioner force-cancel flag (#4947)
* feat: Add provisionerd force cancel flag * Golden files * Fix: typesGenerated.ts * Use single struct for Provisioner config
This commit is contained in:
Marcin Tojek
GitHub
@ -151,12 +151,6 @@ func newConfig() *codersdk.DeploymentConfig {
|
||||
Flag: "in-memory",
|
||||
Hidden: true,
|
||||
},
|
||||
ProvisionerDaemons: &codersdk.DeploymentConfigField[int]{
|
||||
Name: "Provisioner Daemons",
|
||||
Usage: "Number of provisioner daemons to create on start. If builds are stuck in queued state for a long time, consider increasing this.",
|
||||
Flag: "provisioner-daemons",
|
||||
Default: 3,
|
||||
},
|
||||
PostgresURL: &codersdk.DeploymentConfigField[string]{
|
||||
Name: "Postgres Connection URL",
|
||||
Usage: "URL of a PostgreSQL database. If empty, PostgreSQL binaries will be downloaded from Maven (https://repo1.maven.org/maven2) and store all data in the config root. Access the built-in database with \"coder server postgres-builtin-url\".",
|
||||
@ -359,6 +353,20 @@ func newConfig() *codersdk.DeploymentConfig {
|
||||
Flag: "user-workspace-quota",
|
||||
Enterprise: true,
|
||||
},
|
||||
Provisioner: &codersdk.ProvisionerConfig{
|
||||
Daemons: &codersdk.DeploymentConfigField[int]{
|
||||
Name: "Provisioner Daemons",
|
||||
Usage: "Number of provisioner daemons to create on start. If builds are stuck in queued state for a long time, consider increasing this.",
|
||||
Flag: "provisioner-daemons",
|
||||
Default: 3,
|
||||
},
|
||||
ForceCancelInterval: &codersdk.DeploymentConfigField[time.Duration]{
|
||||
Name: "Force Cancel Interval",
|
||||
Usage: "Time to force cancel provisioning tasks that are stuck.",
|
||||
Flag: "provisioner-force-cancel-interval",
|
||||
Default: 10 * time.Minute,
|
||||
},
|
||||
},
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
@ -47,7 +47,7 @@ func TestConfig(t *testing.T) {
|
||||
require.Equal(t, config.Pprof.Enable.Value, true)
|
||||
require.Equal(t, config.Prometheus.Address.Value, "hello-world")
|
||||
require.Equal(t, config.Prometheus.Enable.Value, true)
|
||||
require.Equal(t, config.ProvisionerDaemons.Value, 5)
|
||||
require.Equal(t, config.Provisioner.Daemons.Value, 5)
|
||||
require.Equal(t, config.SecureAuthCookie.Value, true)
|
||||
require.Equal(t, config.SSHKeygenAlgorithm.Value, "potato")
|
||||
require.Equal(t, config.Telemetry.Enable.Value, false)
|
||||
|
||||
@ -562,8 +562,8 @@ func Server(vip *viper.Viper, newAPI func(context.Context, *coderd.Options) (*co
|
||||
}
|
||||
}()
|
||||
provisionerdMetrics := provisionerd.NewMetrics(options.PrometheusRegistry)
|
||||
for i := 0; i < cfg.ProvisionerDaemons.Value; i++ {
|
||||
daemon, err := newProvisionerDaemon(ctx, coderAPI, provisionerdMetrics, logger, cfg.CacheDirectory.Value, errCh, false)
|
||||
for i := 0; i < cfg.Provisioner.Daemons.Value; i++ {
|
||||
daemon, err := newProvisionerDaemon(ctx, coderAPI, provisionerdMetrics, logger, cfg, errCh, false)
|
||||
if err != nil {
|
||||
return xerrors.Errorf("create provisioner daemon: %w", err)
|
||||
}
|
||||
@ -832,7 +832,7 @@ func newProvisionerDaemon(
|
||||
coderAPI *coderd.API,
|
||||
metrics provisionerd.Metrics,
|
||||
logger slog.Logger,
|
||||
cacheDir string,
|
||||
cfg *codersdk.DeploymentConfig,
|
||||
errCh chan error,
|
||||
dev bool,
|
||||
) (srv *provisionerd.Server, err error) {
|
||||
@ -843,9 +843,9 @@ func newProvisionerDaemon(
|
||||
}
|
||||
}()
|
||||
|
||||
err = os.MkdirAll(cacheDir, 0o700)
|
||||
err = os.MkdirAll(cfg.CacheDirectory.Value, 0o700)
|
||||
if err != nil {
|
||||
return nil, xerrors.Errorf("mkdir %q: %w", cacheDir, err)
|
||||
return nil, xerrors.Errorf("mkdir %q: %w", cfg.CacheDirectory.Value, err)
|
||||
}
|
||||
|
||||
terraformClient, terraformServer := provisionersdk.TransportPipe()
|
||||
@ -861,7 +861,7 @@ func newProvisionerDaemon(
|
||||
ServeOptions: &provisionersdk.ServeOptions{
|
||||
Listener: terraformServer,
|
||||
},
|
||||
CachePath: cacheDir,
|
||||
CachePath: cfg.CacheDirectory.Value,
|
||||
Logger: logger,
|
||||
})
|
||||
if err != nil && !xerrors.Is(err, context.Canceled) {
|
||||
@ -905,6 +905,7 @@ func newProvisionerDaemon(
|
||||
Logger: logger,
|
||||
PollInterval: 500 * time.Millisecond,
|
||||
UpdateInterval: 500 * time.Millisecond,
|
||||
ForceCancelInterval: cfg.Provisioner.ForceCancelInterval.Value,
|
||||
Provisioners: provisioners,
|
||||
WorkDirectory: tempDir,
|
||||
TracerProvider: coderAPI.TracerProvider,
|
||||
|
||||
110
cli/testdata/coder_server_--help.golden
vendored
110
cli/testdata/coder_server_--help.golden
vendored
@ -11,16 +11,16 @@ Commands:
|
||||
|
||||
Flags:
|
||||
--access-url string External URL to access your deployment.
|
||||
This must be accessible by all provisioned
|
||||
workspaces.
|
||||
This must be accessible by all
|
||||
provisioned workspaces.
|
||||
Consumes $CODER_ACCESS_URL
|
||||
-a, --address string Bind address of the server.
|
||||
Consumes $CODER_ADDRESS (default
|
||||
"127.0.0.1:3000")
|
||||
--cache-dir string The directory to cache temporary files. If
|
||||
unspecified and $CACHE_DIRECTORY is set, it
|
||||
will be used for compatibility with
|
||||
systemd.
|
||||
--cache-dir string The directory to cache temporary files.
|
||||
If unspecified and $CACHE_DIRECTORY is
|
||||
set, it will be used for compatibility
|
||||
with systemd.
|
||||
Consumes $CODER_CACHE_DIRECTORY (default
|
||||
"/tmp/coder-cli-test-cache")
|
||||
--derp-config-path string Path to read a DERP mapping from. See:
|
||||
@ -32,8 +32,8 @@ Flags:
|
||||
Consumes $CODER_DERP_CONFIG_URL
|
||||
--derp-server-enable Whether to enable or disable the embedded
|
||||
DERP relay server.
|
||||
Consumes $CODER_DERP_SERVER_ENABLE (default
|
||||
true)
|
||||
Consumes $CODER_DERP_SERVER_ENABLE
|
||||
(default true)
|
||||
--derp-server-region-code string Region code to use for the embedded DERP
|
||||
server.
|
||||
Consumes $CODER_DERP_SERVER_REGION_CODE
|
||||
@ -46,19 +46,21 @@ Flags:
|
||||
server.
|
||||
Consumes $CODER_DERP_SERVER_REGION_NAME
|
||||
(default "Coder Embedded Relay")
|
||||
--derp-server-stun-addresses strings Addresses for STUN servers to establish P2P
|
||||
connections. Set empty to disable P2P
|
||||
--derp-server-stun-addresses strings Addresses for STUN servers to establish
|
||||
P2P connections. Set empty to disable P2P
|
||||
connections.
|
||||
Consumes $CODER_DERP_SERVER_STUN_ADDRESSES
|
||||
Consumes
|
||||
$CODER_DERP_SERVER_STUN_ADDRESSES
|
||||
(default [stun.l.google.com:19302])
|
||||
-h, --help help for server
|
||||
--oauth2-github-allow-signups Whether new users can sign up with GitHub.
|
||||
--oauth2-github-allow-signups Whether new users can sign up with
|
||||
GitHub.
|
||||
Consumes $CODER_OAUTH2_GITHUB_ALLOW_SIGNUPS
|
||||
--oauth2-github-allowed-orgs strings Organizations the user must be a member of
|
||||
to Login with GitHub.
|
||||
--oauth2-github-allowed-orgs strings Organizations the user must be a member
|
||||
of to Login with GitHub.
|
||||
Consumes $CODER_OAUTH2_GITHUB_ALLOWED_ORGS
|
||||
--oauth2-github-allowed-teams strings Teams inside organizations the user must be
|
||||
a member of to Login with GitHub.
|
||||
--oauth2-github-allowed-teams strings Teams inside organizations the user must
|
||||
be a member of to Login with GitHub.
|
||||
Structured as:
|
||||
<organization-name>/<team-slug>.
|
||||
Consumes $CODER_OAUTH2_GITHUB_ALLOWED_TEAMS
|
||||
@ -66,13 +68,13 @@ Flags:
|
||||
Consumes $CODER_OAUTH2_GITHUB_CLIENT_ID
|
||||
--oauth2-github-client-secret string Client secret for Login with GitHub.
|
||||
Consumes $CODER_OAUTH2_GITHUB_CLIENT_SECRET
|
||||
--oauth2-github-enterprise-base-url string Base URL of a GitHub Enterprise deployment
|
||||
to use for Login with GitHub.
|
||||
--oauth2-github-enterprise-base-url string Base URL of a GitHub Enterprise
|
||||
deployment to use for Login with GitHub.
|
||||
Consumes
|
||||
$CODER_OAUTH2_GITHUB_ENTERPRISE_BASE_URL
|
||||
--oidc-allow-signups Whether new users can sign up with OIDC.
|
||||
Consumes $CODER_OIDC_ALLOW_SIGNUPS (default
|
||||
true)
|
||||
Consumes $CODER_OIDC_ALLOW_SIGNUPS
|
||||
(default true)
|
||||
--oidc-client-id string Client ID to use for Login with OIDC.
|
||||
Consumes $CODER_OIDC_CLIENT_ID
|
||||
--oidc-client-secret string Client secret to use for Login with OIDC.
|
||||
@ -87,8 +89,9 @@ Flags:
|
||||
Consumes $CODER_OIDC_SCOPES (default
|
||||
[openid,profile,email])
|
||||
--postgres-url string URL of a PostgreSQL database. If empty,
|
||||
PostgreSQL binaries will be downloaded from
|
||||
Maven (https://repo1.maven.org/maven2) and
|
||||
PostgreSQL binaries will be downloaded
|
||||
from Maven
|
||||
(https://repo1.maven.org/maven2) and
|
||||
store all data in the config root. Access
|
||||
the built-in database with "coder server
|
||||
postgres-builtin-url".
|
||||
@ -96,20 +99,27 @@ Flags:
|
||||
--pprof-address string The bind address to serve pprof.
|
||||
Consumes $CODER_PPROF_ADDRESS (default
|
||||
"127.0.0.1:6060")
|
||||
--pprof-enable Serve pprof metrics on the address defined
|
||||
by pprof address.
|
||||
--pprof-enable Serve pprof metrics on the address
|
||||
defined by pprof address.
|
||||
Consumes $CODER_PPROF_ENABLE
|
||||
--prometheus-address string The bind address to serve prometheus
|
||||
metrics.
|
||||
Consumes $CODER_PROMETHEUS_ADDRESS (default
|
||||
"127.0.0.1:2112")
|
||||
Consumes $CODER_PROMETHEUS_ADDRESS
|
||||
(default "127.0.0.1:2112")
|
||||
--prometheus-enable Serve prometheus metrics on the address
|
||||
defined by prometheus address.
|
||||
Consumes $CODER_PROMETHEUS_ENABLE
|
||||
--provisioner-daemons int Number of provisioner daemons to create on
|
||||
start. If builds are stuck in queued state
|
||||
for a long time, consider increasing this.
|
||||
Consumes $CODER_PROVISIONER_DAEMONS (default 3)
|
||||
--provisioner-daemons int Number of provisioner daemons to create
|
||||
on start. If builds are stuck in queued
|
||||
state for a long time, consider
|
||||
increasing this.
|
||||
Consumes $CODER_PROVISIONER_DAEMONS
|
||||
(default 3)
|
||||
--provisioner-force-cancel-interval duration Time to force cancel provisioning tasks
|
||||
that are stuck.
|
||||
Consumes
|
||||
$CODER_PROVISIONER_FORCE_CANCEL_INTERVAL
|
||||
(default 10m0s)
|
||||
--proxy-trusted-headers strings Headers to trust for forwarding IP
|
||||
addresses. e.g. Cf-Connecting-Ip,
|
||||
True-Client-Ip, X-Forwarded-For
|
||||
@ -118,40 +128,42 @@ Flags:
|
||||
"proxy-trusted-headers". e.g.
|
||||
192.168.1.0/24
|
||||
Consumes $CODER_PROXY_TRUSTED_ORIGINS
|
||||
--secure-auth-cookie Controls if the 'Secure' property is set on
|
||||
browser session cookies.
|
||||
--secure-auth-cookie Controls if the 'Secure' property is set
|
||||
on browser session cookies.
|
||||
Consumes $CODER_SECURE_AUTH_COOKIE
|
||||
--ssh-keygen-algorithm string The algorithm to use for generating ssh
|
||||
keys. Accepted values are "ed25519",
|
||||
"ecdsa", or "rsa4096".
|
||||
Consumes $CODER_SSH_KEYGEN_ALGORITHM
|
||||
(default "ed25519")
|
||||
--telemetry Whether telemetry is enabled or not. Coder
|
||||
collects anonymized usage data to help
|
||||
improve our product.
|
||||
--telemetry Whether telemetry is enabled or not.
|
||||
Coder collects anonymized usage data to
|
||||
help improve our product.
|
||||
Consumes $CODER_TELEMETRY_ENABLE
|
||||
--telemetry-trace Whether Opentelemetry traces are sent to
|
||||
Coder. Coder collects anonymized
|
||||
application tracing to help improve our
|
||||
product. Disabling telemetry also disables
|
||||
this option.
|
||||
product. Disabling telemetry also
|
||||
disables this option.
|
||||
Consumes $CODER_TELEMETRY_TRACE
|
||||
--tls-cert-file strings Path to each certificate for TLS. It
|
||||
requires a PEM-encoded file. To configure
|
||||
the listener to use a CA certificate,
|
||||
concatenate the primary certificate and the
|
||||
CA certificate together. The primary
|
||||
concatenate the primary certificate and
|
||||
the CA certificate together. The primary
|
||||
certificate should appear first in the
|
||||
combined file.
|
||||
Consumes $CODER_TLS_CERT_FILE
|
||||
--tls-client-auth string Policy the server will follow for TLS
|
||||
Client Authentication. Accepted values are
|
||||
"none", "request", "require-any",
|
||||
"verify-if-given", or "require-and-verify".
|
||||
Client Authentication. Accepted values
|
||||
are "none", "request", "require-any",
|
||||
"verify-if-given", or
|
||||
"require-and-verify".
|
||||
Consumes $CODER_TLS_CLIENT_AUTH (default
|
||||
"request")
|
||||
--tls-client-ca-file string PEM-encoded Certificate Authority file used
|
||||
for checking the authenticity of client
|
||||
--tls-client-ca-file string PEM-encoded Certificate Authority file
|
||||
used for checking the authenticity of
|
||||
client
|
||||
Consumes $CODER_TLS_CLIENT_CA_FILE
|
||||
--tls-enable Whether TLS will be enabled.
|
||||
Consumes $CODER_TLS_ENABLE
|
||||
@ -159,9 +171,9 @@ Flags:
|
||||
certificates. It requires a PEM-encoded
|
||||
file.
|
||||
Consumes $CODER_TLS_KEY_FILE
|
||||
--tls-min-version string Minimum supported version of TLS. Accepted
|
||||
values are "tls10", "tls11", "tls12" or
|
||||
"tls13"
|
||||
--tls-min-version string Minimum supported version of TLS.
|
||||
Accepted values are "tls10", "tls11",
|
||||
"tls12" or "tls13"
|
||||
Consumes $CODER_TLS_MIN_VERSION (default
|
||||
"tls12")
|
||||
--trace Whether application tracing data is
|
||||
@ -172,8 +184,8 @@ Flags:
|
||||
--trace-honeycomb-api-key string Enables trace exporting to Honeycomb.io
|
||||
using the provided API Key.
|
||||
Consumes $CODER_TRACE_HONEYCOMB_API_KEY
|
||||
--wildcard-access-url string Specifies the wildcard hostname to use for
|
||||
workspace applications in the form
|
||||
--wildcard-access-url string Specifies the wildcard hostname to use
|
||||
for workspace applications in the form
|
||||
"*.example.com".
|
||||
Consumes $CODER_WILDCARD_ACCESS_URL
|
||||
|
||||
|
||||
@ -23,7 +23,6 @@ type DeploymentConfig struct {
|
||||
ProxyTrustedOrigins *DeploymentConfigField[[]string] `json:"proxy_trusted_origins" typescript:",notnull"`
|
||||
CacheDirectory *DeploymentConfigField[string] `json:"cache_directory" typescript:",notnull"`
|
||||
InMemoryDatabase *DeploymentConfigField[bool] `json:"in_memory_database" typescript:",notnull"`
|
||||
ProvisionerDaemons *DeploymentConfigField[int] `json:"provisioner_daemons" typescript:",notnull"`
|
||||
PostgresURL *DeploymentConfigField[string] `json:"pg_connection_url" typescript:",notnull"`
|
||||
OAuth2 *OAuth2Config `json:"oauth2" typescript:",notnull"`
|
||||
OIDC *OIDCConfig `json:"oidc" typescript:",notnull"`
|
||||
@ -39,6 +38,7 @@ type DeploymentConfig struct {
|
||||
BrowserOnly *DeploymentConfigField[bool] `json:"browser_only" typescript:",notnull"`
|
||||
SCIMAPIKey *DeploymentConfigField[string] `json:"scim_api_key" typescript:",notnull"`
|
||||
UserWorkspaceQuota *DeploymentConfigField[int] `json:"user_workspace_quota" typescript:",notnull"`
|
||||
Provisioner *ProvisionerConfig `json:"provisioner" typescript:",notnull"`
|
||||
}
|
||||
|
||||
type DERP struct {
|
||||
@ -123,6 +123,11 @@ type GitAuthConfig struct {
|
||||
Scopes []string `json:"scopes"`
|
||||
}
|
||||
|
||||
type ProvisionerConfig struct {
|
||||
Daemons *DeploymentConfigField[int] `json:"daemons" typescript:",notnull"`
|
||||
ForceCancelInterval *DeploymentConfigField[time.Duration] `json:"force_cancel_interval" typescript:",notnull"`
|
||||
}
|
||||
|
||||
type Flaggable interface {
|
||||
string | time.Duration | bool | int | []string | []GitAuthConfig
|
||||
}
|
||||
|
||||
@ -65,7 +65,7 @@ func New(clientDialer Dialer, opts *Options) *Server {
|
||||
opts.UpdateInterval = 5 * time.Second
|
||||
}
|
||||
if opts.ForceCancelInterval == 0 {
|
||||
opts.ForceCancelInterval = time.Minute
|
||||
opts.ForceCancelInterval = 10 * time.Minute
|
||||
}
|
||||
if opts.LogBufferInterval == 0 {
|
||||
opts.LogBufferInterval = 50 * time.Millisecond
|
||||
|
||||
@ -287,7 +287,6 @@ export interface DeploymentConfig {
|
||||
readonly proxy_trusted_origins: DeploymentConfigField<string[]>
|
||||
readonly cache_directory: DeploymentConfigField<string>
|
||||
readonly in_memory_database: DeploymentConfigField<boolean>
|
||||
readonly provisioner_daemons: DeploymentConfigField<number>
|
||||
readonly pg_connection_url: DeploymentConfigField<string>
|
||||
readonly oauth2: OAuth2Config
|
||||
readonly oidc: OIDCConfig
|
||||
@ -303,6 +302,7 @@ export interface DeploymentConfig {
|
||||
readonly browser_only: DeploymentConfigField<boolean>
|
||||
readonly scim_api_key: DeploymentConfigField<string>
|
||||
readonly user_workspace_quota: DeploymentConfigField<number>
|
||||
readonly provisioner: ProvisionerConfig
|
||||
}
|
||||
|
||||
// From codersdk/deploymentconfig.go
|
||||
@ -514,6 +514,12 @@ export interface PrometheusConfig {
|
||||
readonly address: DeploymentConfigField<string>
|
||||
}
|
||||
|
||||
// From codersdk/deploymentconfig.go
|
||||
export interface ProvisionerConfig {
|
||||
readonly daemons: DeploymentConfigField<number>
|
||||
readonly force_cancel_interval: DeploymentConfigField<number>
|
||||
}
|
||||
|
||||
// From codersdk/provisionerdaemons.go
|
||||
export interface ProvisionerDaemon {
|
||||
readonly id: string
|
||||
|
||||
Reference in New Issue
Block a user