chore: add custom samesite options to auth cookies (#16885)

Allows controlling `samesite` cookie settings from the deployment config
2025-07-03 16:13:58 +00:00 · 2025-04-08 14:15:14 -05:00
parent 389e88ec82
commit 52d555880c
26 changed files with 240 additions and 67 deletions
--- a/coderd/apidoc/docs.go
+++ b/coderd/apidoc/docs.go
@ -11902,6 +11902,9 @@ const docTemplate = `{
                    "description": "HTTPAddress is a string because it may be set to zero to disable.",
                    "type": "string"
                },
+                "http_cookies": {
+                    "$ref": "#/definitions/codersdk.HTTPCookieConfig"
+                },
                "in_memory_database": {
                    "type": "boolean"
                },
@ -11962,9 +11965,6 @@ const docTemplate = `{
                "scim_api_key": {
                    "type": "string"
                },
-                "secure_auth_cookie": {
-                    "type": "boolean"
-                },
                "session_lifetime": {
                    "$ref": "#/definitions/codersdk.SessionLifetime"
                },
@ -12484,6 +12484,17 @@ const docTemplate = `{
                }
            }
        },
+        "codersdk.HTTPCookieConfig": {
+            "type": "object",
+            "properties": {
+                "same_site": {
+                    "type": "string"
+                },
+                "secure_auth_cookie": {
+                    "type": "boolean"
+                }
+            }
+        },
        "codersdk.Healthcheck": {
            "type": "object",
            "properties": {