synced/coder
1
0
Fork 0
mirror of https://github.com/coder/coder.git synced 2025-07-13 21:36:50 +00:00
Code Issues Packages Projects Releases Wiki Activity

feat: add API key scope to restrict access to user data (#17692)

Browse Source
This commit is contained in:
Thomas Kosiewski
2025-05-15 15:32:52 +01:00
committed by GitHub
parent ee2aeb44d7
commit 1bacd82e80
28 changed files with 824 additions and 447 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
coderd/database/migrations/000326_add_api_key_scope_to_workspace_agents.down.sql Normal file
View File

@ -0,0 +1,6 @@
-- Remove the api_key_scope column from the workspace_agents table
ALTER TABLE workspace_agents
DROP COLUMN IF EXISTS api_key_scope;
-- Drop the enum type for API key scope
DROP TYPE IF EXISTS agent_key_scope_enum;

10
coderd/database/migrations/000326_add_api_key_scope_to_workspace_agents.up.sql Normal file
View File

@ -0,0 +1,10 @@
-- Create the enum type for API key scope
CREATE TYPE agent_key_scope_enum AS ENUM ('all', 'no_user_data');
-- Add the api_key_scope column to the workspace_agents table
-- It defaults to 'all' to maintain existing behavior for current agents.
ALTER TABLE workspace_agents
ADD COLUMN api_key_scope agent_key_scope_enum NOT NULL DEFAULT 'all';
-- Add a comment explaining the purpose of the column
COMMENT ON COLUMN workspace_agents.api_key_scope IS 'Defines the scope of the API key associated with the agent. ''all'' allows access to everything, ''no_user_data'' restricts it to exclude user data.';