feat: use app tickets for web terminal (#6628)

coderd/database/dbauthz/querier.go

@@ -1292,6 +1292,15 @@ func (q *querier) GetWorkspaceAgentByInstanceID(ctx context.Context, authInstanc
 	return agent, nil
 }
 
+func (q *querier) GetWorkspaceAgentsInLatestBuildByWorkspaceID(ctx context.Context, workspaceID uuid.UUID) ([]database.WorkspaceAgent, error) {
+	workspace, err := q.GetWorkspaceByID(ctx, workspaceID)
+	if err != nil {
+		return nil, err
+	}
+
+	return q.db.GetWorkspaceAgentsInLatestBuildByWorkspaceID(ctx, workspace.ID)
+}
+
 func (q *querier) UpdateWorkspaceAgentLifecycleStateByID(ctx context.Context, arg database.UpdateWorkspaceAgentLifecycleStateByIDParams) error {
 	agent, err := q.db.GetWorkspaceAgentByID(ctx, arg.ID)
 	if err != nil {

coderd/database/dbfake/databasefake.go

@@ -314,6 +314,38 @@ func (*fakeQuerier) DeleteOldWorkspaceAgentStats(_ context.Context) error {
 	return nil
 }
 
+func (q *fakeQuerier) GetWorkspaceAgentsInLatestBuildByWorkspaceID(ctx context.Context, workspaceID uuid.UUID) ([]database.WorkspaceAgent, error) {
+	q.mutex.RLock()
+	defer q.mutex.RUnlock()
+
+	// Get latest build for workspace.
+	workspaceBuild, err := q.getLatestWorkspaceBuildByWorkspaceIDNoLock(ctx, workspaceID)
+	if err != nil {
+		return nil, xerrors.Errorf("get latest workspace build: %w", err)
+	}
+
+	// Get resources for build.
+	resources, err := q.GetWorkspaceResourcesByJobID(ctx, workspaceBuild.JobID)
+	if err != nil {
+		return nil, xerrors.Errorf("get workspace resources: %w", err)
+	}
+	if len(resources) == 0 {
+		return []database.WorkspaceAgent{}, nil
+	}
+
+	resourceIDs := make([]uuid.UUID, len(resources))
+	for i, resource := range resources {
+		resourceIDs[i] = resource.ID
+	}
+
+	agents, err := q.GetWorkspaceAgentsByResourceIDs(ctx, resourceIDs)
+	if err != nil {
+		return nil, xerrors.Errorf("get workspace agents: %w", err)
+	}
+
+	return agents, nil
+}
+
 func (q *fakeQuerier) GetDeploymentWorkspaceAgentStats(_ context.Context, createdAfter time.Time) (database.GetDeploymentWorkspaceAgentStatsRow, error) {
 	q.mutex.RLock()
 	defer q.mutex.RUnlock()

coderd/database/modelmethods.go

@@ -3,6 +3,7 @@ package database
 import (
 	"sort"
 	"strconv"
+	"time"
 
 	"golang.org/x/exp/maps"
 
@@ -36,6 +37,26 @@ func (s WorkspaceStatus) Valid() bool {
 	}
 }
 
+type WorkspaceAgentStatus string
+
+// This is also in codersdk/workspaceagents.go and should be kept in sync.
+const (
+	WorkspaceAgentStatusConnecting   WorkspaceAgentStatus = "connecting"
+	WorkspaceAgentStatusConnected    WorkspaceAgentStatus = "connected"
+	WorkspaceAgentStatusDisconnected WorkspaceAgentStatus = "disconnected"
+	WorkspaceAgentStatusTimeout      WorkspaceAgentStatus = "timeout"
+)
+
+func (s WorkspaceAgentStatus) Valid() bool {
+	switch s {
+	case WorkspaceAgentStatusConnecting, WorkspaceAgentStatusConnected,
+		WorkspaceAgentStatusDisconnected, WorkspaceAgentStatusTimeout:
+		return true
+	default:
+		return false
+	}
+}
+
 type AuditableGroup struct {
 	Group
 	Members []GroupMember `json:"members"`
@@ -199,6 +220,61 @@ func (l License) RBACObject() rbac.Object {
 	return rbac.ResourceLicense.WithIDString(strconv.FormatInt(int64(l.ID), 10))
 }
 
+type WorkspaceAgentConnectionStatus struct {
+	Status           WorkspaceAgentStatus `json:"status"`
+	FirstConnectedAt *time.Time           `json:"first_connected_at"`
+	LastConnectedAt  *time.Time           `json:"last_connected_at"`
+	DisconnectedAt   *time.Time           `json:"disconnected_at"`
+}
+
+func (a WorkspaceAgent) Status(inactiveTimeout time.Duration) WorkspaceAgentConnectionStatus {
+	connectionTimeout := time.Duration(a.ConnectionTimeoutSeconds) * time.Second
+
+	status := WorkspaceAgentConnectionStatus{
+		Status: WorkspaceAgentStatusDisconnected,
+	}
+	if a.FirstConnectedAt.Valid {
+		status.FirstConnectedAt = &a.FirstConnectedAt.Time
+	}
+	if a.LastConnectedAt.Valid {
+		status.LastConnectedAt = &a.LastConnectedAt.Time
+	}
+	if a.DisconnectedAt.Valid {
+		status.DisconnectedAt = &a.DisconnectedAt.Time
+	}
+
+	switch {
+	case !a.FirstConnectedAt.Valid:
+		switch {
+		case connectionTimeout > 0 && Now().Sub(a.CreatedAt) > connectionTimeout:
+			// If the agent took too long to connect the first time,
+			// mark it as timed out.
+			status.Status = WorkspaceAgentStatusTimeout
+		default:
+			// If the agent never connected, it's waiting for the compute
+			// to start up.
+			status.Status = WorkspaceAgentStatusConnecting
+		}
+	// We check before instead of after because last connected at and
+	// disconnected at can be equal timestamps in tight-timed tests.
+	case !a.DisconnectedAt.Time.Before(a.LastConnectedAt.Time):
+		// If we've disconnected after our last connection, we know the
+		// agent is no longer connected.
+		status.Status = WorkspaceAgentStatusDisconnected
+	case Now().Sub(a.LastConnectedAt.Time) > inactiveTimeout:
+		// The connection died without updating the last connected.
+		status.Status = WorkspaceAgentStatusDisconnected
+		// Client code needs an accurate disconnected at if the agent has been inactive.
+		status.DisconnectedAt = &a.LastConnectedAt.Time
+	case a.LastConnectedAt.Valid:
+		// The agent should be assumed connected if it's under inactivity timeouts
+		// and last connected at has been properly set.
+		status.Status = WorkspaceAgentStatusConnected
+	}
+
+	return status
+}
+
 func ConvertUserRows(rows []GetUsersRow) []User {
 	users := make([]User, len(rows))
 	for i, r := range rows {

coderd/database/querier.go

@@ -130,6 +130,7 @@ type sqlcQuerier interface {
 	GetWorkspaceAgentStats(ctx context.Context, createdAt time.Time) ([]GetWorkspaceAgentStatsRow, error)
 	GetWorkspaceAgentsByResourceIDs(ctx context.Context, ids []uuid.UUID) ([]WorkspaceAgent, error)
 	GetWorkspaceAgentsCreatedAfter(ctx context.Context, createdAt time.Time) ([]WorkspaceAgent, error)
+	GetWorkspaceAgentsInLatestBuildByWorkspaceID(ctx context.Context, workspaceID uuid.UUID) ([]WorkspaceAgent, error)
 	GetWorkspaceAppByAgentIDAndSlug(ctx context.Context, arg GetWorkspaceAppByAgentIDAndSlugParams) (WorkspaceApp, error)
 	GetWorkspaceAppsByAgentID(ctx context.Context, agentID uuid.UUID) ([]WorkspaceApp, error)
 	GetWorkspaceAppsByAgentIDs(ctx context.Context, ids []uuid.UUID) ([]WorkspaceApp, error)

coderd/database/queries.sql.go

@@ -5463,6 +5463,81 @@ func (q *sqlQuerier) GetWorkspaceAgentsCreatedAfter(ctx context.Context, created
 	return items, nil
 }
 
+const getWorkspaceAgentsInLatestBuildByWorkspaceID = `-- name: GetWorkspaceAgentsInLatestBuildByWorkspaceID :many
+SELECT
+	workspace_agents.id, workspace_agents.created_at, workspace_agents.updated_at, workspace_agents.name, workspace_agents.first_connected_at, workspace_agents.last_connected_at, workspace_agents.disconnected_at, workspace_agents.resource_id, workspace_agents.auth_token, workspace_agents.auth_instance_id, workspace_agents.architecture, workspace_agents.environment_variables, workspace_agents.operating_system, workspace_agents.startup_script, workspace_agents.instance_metadata, workspace_agents.resource_metadata, workspace_agents.directory, workspace_agents.version, workspace_agents.last_connected_replica_id, workspace_agents.connection_timeout_seconds, workspace_agents.troubleshooting_url, workspace_agents.motd_file, workspace_agents.lifecycle_state, workspace_agents.login_before_ready, workspace_agents.startup_script_timeout_seconds, workspace_agents.expanded_directory, workspace_agents.shutdown_script, workspace_agents.shutdown_script_timeout_seconds, workspace_agents.startup_logs_length, workspace_agents.startup_logs_overflowed
+FROM
+	workspace_agents
+JOIN
+	workspace_resources ON workspace_agents.resource_id = workspace_resources.id
+JOIN
+	workspace_builds ON workspace_resources.job_id = workspace_builds.job_id
+WHERE
+	workspace_builds.workspace_id = $1 :: uuid AND
+	workspace_builds.build_number = (
+    	SELECT
+			MAX(build_number)
+    	FROM
+			workspace_builds AS wb
+    	WHERE
+			wb.workspace_id = $1 :: uuid
+	)
+`
+
+func (q *sqlQuerier) GetWorkspaceAgentsInLatestBuildByWorkspaceID(ctx context.Context, workspaceID uuid.UUID) ([]WorkspaceAgent, error) {
+	rows, err := q.db.QueryContext(ctx, getWorkspaceAgentsInLatestBuildByWorkspaceID, workspaceID)
+	if err != nil {
+		return nil, err
+	}
+	defer rows.Close()
+	var items []WorkspaceAgent
+	for rows.Next() {
+		var i WorkspaceAgent
+		if err := rows.Scan(
+			&i.ID,
+			&i.CreatedAt,
+			&i.UpdatedAt,
+			&i.Name,
+			&i.FirstConnectedAt,
+			&i.LastConnectedAt,
+			&i.DisconnectedAt,
+			&i.ResourceID,
+			&i.AuthToken,
+			&i.AuthInstanceID,
+			&i.Architecture,
+			&i.EnvironmentVariables,
+			&i.OperatingSystem,
+			&i.StartupScript,
+			&i.InstanceMetadata,
+			&i.ResourceMetadata,
+			&i.Directory,
+			&i.Version,
+			&i.LastConnectedReplicaID,
+			&i.ConnectionTimeoutSeconds,
+			&i.TroubleshootingURL,
+			&i.MOTDFile,
+			&i.LifecycleState,
+			&i.LoginBeforeReady,
+			&i.StartupScriptTimeoutSeconds,
+			&i.ExpandedDirectory,
+			&i.ShutdownScript,
+			&i.ShutdownScriptTimeoutSeconds,
+			&i.StartupLogsLength,
+			&i.StartupLogsOverflowed,
+		); err != nil {
+			return nil, err
+		}
+		items = append(items, i)
+	}
+	if err := rows.Close(); err != nil {
+		return nil, err
+	}
+	if err := rows.Err(); err != nil {
+		return nil, err
+	}
+	return items, nil
+}
+
 const insertWorkspaceAgent = `-- name: InsertWorkspaceAgent :one
 INSERT INTO
 	workspace_agents (

coderd/database/queries/workspaceagents.sql

@@ -132,3 +132,23 @@ INSERT INTO
 DELETE FROM workspace_agent_startup_logs WHERE agent_id IN
 	(SELECT id FROM workspace_agents WHERE last_connected_at IS NOT NULL
 		AND last_connected_at < NOW() - INTERVAL '7 day');
+
+-- name: GetWorkspaceAgentsInLatestBuildByWorkspaceID :many
+SELECT
+	workspace_agents.*
+FROM
+	workspace_agents
+JOIN
+	workspace_resources ON workspace_agents.resource_id = workspace_resources.id
+JOIN
+	workspace_builds ON workspace_resources.job_id = workspace_builds.job_id
+WHERE
+	workspace_builds.workspace_id = @workspace_id :: uuid AND
+	workspace_builds.build_number = (
+    	SELECT
+			MAX(build_number)
+    	FROM
+			workspace_builds AS wb
+    	WHERE
+			wb.workspace_id = @workspace_id :: uuid
+	);