synced/coder
1
0
Fork 0
mirror of https://github.com/coder/coder.git synced 2025-07-08 11:39:50 +00:00
Code Issues Packages Projects Releases Wiki Activity

chore: move agent functions from codersdk into agentsdk (#5903)

Browse Source 
* chore: rename `AgentConn` to `WorkspaceAgentConn`

The codersdk was becoming bloated with consts for the workspace
agent that made no sense to a reader. `Tailnet*` is an example
of these consts.

* chore: remove `Get` prefix from *Client functions

* chore: remove `BypassRatelimits` option in `codersdk.Client`

It feels wrong to have this as a direct option because it's so infrequently
needed by API callers. It's better to directly modify headers in the two
places that we actually use it.

* Merge `appearance.go` and `buildinfo.go` into `deployment.go`

* Merge `experiments.go` and `features.go` into `deployment.go`

* Fix `make gen` referencing old type names

* Merge `error.go` into `client.go`

`codersdk.Response` lived in `error.go`, which is wrong.

* chore: refactor workspace agent functions into agentsdk

It was odd conflating the codersdk that clients should use
with functions that only the agent should use. This separates
them into two SDKs that are closely coupled, but separate.

* Merge `insights.go` into `deployment.go`

* Merge `organizationmember.go` into `organizations.go`

* Merge `quota.go` into `workspaces.go`

* Rename `sse.go` to `serversentevents.go`

* Rename `codersdk.WorkspaceAppHostResponse` to `codersdk.AppHostResponse`

* Format `.vscode/settings.json`

* Fix outdated naming in `api.ts`

* Fix app host response

* Fix unsupported type

* Fix imported type
This commit is contained in:
Kyle Carberry
2023-01-29 15:47:24 -06:00
committed by GitHub
parent e49f41652f
commit 7ad87505c8
115 changed files with 2491 additions and 2567 deletions
Download Patch File Download Diff File Expand all files Collapse all files

456
coderd/apidoc/docs.go generated
View File

@ -153,7 +153,7 @@ const docTemplate = `{
"200": {
"description": "OK",
"schema": {
"$ref": "#/definitions/codersdk.GetAppHostResponse"
"$ref": "#/definitions/codersdk.AppHostResponse"
}
}
}
@ -3781,7 +3781,7 @@ const docTemplate = `{
"in": "body",
"required": true,
"schema": {
"$ref": "#/definitions/codersdk.AWSInstanceIdentityToken"
"$ref": "#/definitions/agentsdk.AWSInstanceIdentityToken"
}
}
],
@ -3789,7 +3789,7 @@ const docTemplate = `{
"200": {
"description": "OK",
"schema": {
"$ref": "#/definitions/codersdk.WorkspaceAgentAuthenticateResponse"
"$ref": "#/definitions/agentsdk.AuthenticateResponse"
}
}
}
@ -3820,7 +3820,7 @@ const docTemplate = `{
"in": "body",
"required": true,
"schema": {
"$ref": "#/definitions/codersdk.AzureInstanceIdentityToken"
"$ref": "#/definitions/agentsdk.AzureInstanceIdentityToken"
}
}
],
@ -3828,7 +3828,7 @@ const docTemplate = `{
"200": {
"description": "OK",
"schema": {
"$ref": "#/definitions/codersdk.WorkspaceAgentAuthenticateResponse"
"$ref": "#/definitions/agentsdk.AuthenticateResponse"
}
}
}
@ -3859,7 +3859,7 @@ const docTemplate = `{
"in": "body",
"required": true,
"schema": {
"$ref": "#/definitions/codersdk.GoogleInstanceIdentityToken"
"$ref": "#/definitions/agentsdk.GoogleInstanceIdentityToken"
}
}
],
@ -3867,7 +3867,7 @@ const docTemplate = `{
"200": {
"description": "OK",
"schema": {
"$ref": "#/definitions/codersdk.WorkspaceAgentAuthenticateResponse"
"$ref": "#/definitions/agentsdk.AuthenticateResponse"
}
}
}
@ -3898,7 +3898,7 @@ const docTemplate = `{
"in": "body",
"required": true,
"schema": {
"$ref": "#/definitions/codersdk.PostWorkspaceAppHealthsRequest"
"$ref": "#/definitions/agentsdk.PostAppHealthsRequest"
}
}
],
@ -3964,7 +3964,7 @@ const docTemplate = `{
"200": {
"description": "OK",
"schema": {
"$ref": "#/definitions/codersdk.WorkspaceAgentGitAuthResponse"
"$ref": "#/definitions/agentsdk.GitAuthResponse"
}
}
}
@ -3989,7 +3989,7 @@ const docTemplate = `{
"200": {
"description": "OK",
"schema": {
"$ref": "#/definitions/codersdk.AgentGitSSHKey"
"$ref": "#/definitions/agentsdk.GitSSHKey"
}
}
}
@ -4014,7 +4014,7 @@ const docTemplate = `{
"200": {
"description": "OK",
"schema": {
"$ref": "#/definitions/codersdk.WorkspaceAgentMetadata"
"$ref": "#/definitions/agentsdk.Metadata"
}
}
}
@ -4042,7 +4042,7 @@ const docTemplate = `{
"in": "body",
"required": true,
"schema": {
"$ref": "#/definitions/codersdk.PostWorkspaceAgentLifecycleRequest"
"$ref": "#/definitions/agentsdk.PostLifecycleRequest"
}
}
],
@ -4081,7 +4081,7 @@ const docTemplate = `{
"in": "body",
"required": true,
"schema": {
"$ref": "#/definitions/codersdk.AgentStats"
"$ref": "#/definitions/agentsdk.Stats"
}
}
],
@ -4089,7 +4089,7 @@ const docTemplate = `{
"200": {
"description": "OK",
"schema": {
"$ref": "#/definitions/codersdk.AgentStatsResponse"
"$ref": "#/definitions/agentsdk.StatsResponse"
}
}
}
@ -4120,7 +4120,7 @@ const docTemplate = `{
"in": "body",
"required": true,
"schema": {
"$ref": "#/definitions/codersdk.PostWorkspaceAgentVersionRequest"
"$ref": "#/definitions/agentsdk.PostVersionRequest"
}
}
],
@ -4262,7 +4262,7 @@ const docTemplate = `{
"200": {
"description": "OK",
"schema": {
"$ref": "#/definitions/codersdk.ListeningPortsResponse"
"$ref": "#/definitions/codersdk.WorkspaceAgentListeningPortsResponse"
}
}
}
@ -4957,6 +4957,188 @@ const docTemplate = `{
}
},
"definitions": {
"agentsdk.AWSInstanceIdentityToken": {
"type": "object",
"required": [
"document",
"signature"
],
"properties": {
"document": {
"type": "string"
},
"signature": {
"type": "string"
}
}
},
"agentsdk.AuthenticateResponse": {
"type": "object",
"properties": {
"session_token": {
"type": "string"
}
}
},
"agentsdk.AzureInstanceIdentityToken": {
"type": "object",
"required": [
"encoding",
"signature"
],
"properties": {
"encoding": {
"type": "string"
},
"signature": {
"type": "string"
}
}
},
"agentsdk.GitAuthResponse": {
"type": "object",
"properties": {
"password": {
"type": "string"
},
"url": {
"type": "string"
},
"username": {
"type": "string"
}
}
},
"agentsdk.GitSSHKey": {
"type": "object",
"properties": {
"private_key": {
"type": "string"
},
"public_key": {
"type": "string"
}
}
},
"agentsdk.GoogleInstanceIdentityToken": {
"type": "object",
"required": [
"json_web_token"
],
"properties": {
"json_web_token": {
"type": "string"
}
}
},
"agentsdk.Metadata": {
"type": "object",
"properties": {
"apps": {
"type": "array",
"items": {
"$ref": "#/definitions/codersdk.WorkspaceApp"
}
},
"derpmap": {
"$ref": "#/definitions/tailcfg.DERPMap"
},
"directory": {
"type": "string"
},
"environment_variables": {
"type": "object",
"additionalProperties": {
"type": "string"
}
},
"git_auth_configs": {
"description": "GitAuthConfigs stores the number of Git configurations\nthe Coder deployment has. If this number is \u003e0, we\nset up special configuration in the workspace.",
"type": "integer"
},
"motd_file": {
"type": "string"
},
"startup_script": {
"type": "string"
},
"startup_script_timeout": {
"type": "integer"
},
"vscode_port_proxy_uri": {
"type": "string"
}
}
},
"agentsdk.PostAppHealthsRequest": {
"type": "object",
"properties": {
"healths": {
"description": "Healths is a map of the workspace app name and the health of the app.",
"type": "object",
"additionalProperties": {
"$ref": "#/definitions/codersdk.WorkspaceAppHealth"
}
}
}
},
"agentsdk.PostLifecycleRequest": {
"type": "object",
"properties": {
"state": {
"$ref": "#/definitions/codersdk.WorkspaceAgentLifecycle"
}
}
},
"agentsdk.PostVersionRequest": {
"type": "object",
"properties": {
"version": {
"type": "string"
}
}
},
"agentsdk.Stats": {
"type": "object",
"properties": {
"conns_by_proto": {
"description": "ConnsByProto is a count of connections by protocol.",
"type": "object",
"additionalProperties": {
"type": "integer"
}
},
"num_comms": {
"description": "NumConns is the number of connections received by an agent.",
"type": "integer"
},
"rx_bytes": {
"description": "RxBytes is the number of received bytes.",
"type": "integer"
},
"rx_packets": {
"description": "RxPackets is the number of received packets.",
"type": "integer"
},
"tx_bytes": {
"description": "TxBytes is the number of transmitted bytes.",
"type": "integer"
},
"tx_packets": {
"description": "TxPackets is the number of transmitted bytes.",
"type": "integer"
}
}
},
"agentsdk.StatsResponse": {
"type": "object",
"properties": {
"report_interval": {
"description": "ReportInterval is the duration after which the agent should send stats\nagain.",
"type": "integer"
}
}
},
"coderd.SCIMUser": {
"type": "object",
"properties": {
@ -5107,21 +5289,6 @@ const docTemplate = `{
"APIKeyScopeApplicationConnect"
]
},
"codersdk.AWSInstanceIdentityToken": {
"type": "object",
"required": [
"document",
"signature"
],
"properties": {
"document": {
"type": "string"
},
"signature": {
"type": "string"
}
}
},
"codersdk.AddLicenseRequest": {
"type": "object",
"required": [
@ -5133,55 +5300,12 @@ const docTemplate = `{
}
}
},
"codersdk.AgentGitSSHKey": {
"codersdk.AppHostResponse": {
"type": "object",
"properties": {
"private_key": {
"host": {
"description": "Host is the externally accessible URL for the Coder instance.",
"type": "string"
},
"public_key": {
"type": "string"
}
}
},
"codersdk.AgentStats": {
"type": "object",
"properties": {
"conns_by_proto": {
"description": "ConnsByProto is a count of connections by protocol.",
"type": "object",
"additionalProperties": {
"type": "integer"
}
},
"num_comms": {
"description": "NumConns is the number of connections received by an agent.",
"type": "integer"
},
"rx_bytes": {
"description": "RxBytes is the number of received bytes.",
"type": "integer"
},
"rx_packets": {
"description": "RxPackets is the number of received packets.",
"type": "integer"
},
"tx_bytes": {
"description": "TxBytes is the number of transmitted bytes.",
"type": "integer"
},
"tx_packets": {
"description": "TxPackets is the number of transmitted bytes.",
"type": "integer"
}
}
},
"codersdk.AgentStatsResponse": {
"type": "object",
"properties": {
"report_interval": {
"description": "ReportInterval is the duration after which the agent should send stats\nagain.",
"type": "integer"
}
}
},
@ -5402,21 +5526,6 @@ const docTemplate = `{
"type": "boolean"
}
},
"codersdk.AzureInstanceIdentityToken": {
"type": "object",
"required": [
"encoding",
"signature"
],
"properties": {
"encoding": {
"type": "string"
},
"signature": {
"type": "string"
}
}
},
"codersdk.BuildInfoResponse": {
"type": "object",
"properties": {
@ -6263,15 +6372,6 @@ const docTemplate = `{
}
}
},
"codersdk.GetAppHostResponse": {
"type": "object",
"properties": {
"host": {
"description": "Host is the externally accessible URL for the Coder instance.",
"type": "string"
}
}
},
"codersdk.GetUsersResponse": {
"type": "object",
"properties": {
@ -6341,17 +6441,6 @@ const docTemplate = `{
}
}
},
"codersdk.GoogleInstanceIdentityToken": {
"type": "object",
"required": [
"json_web_token"
],
"properties": {
"json_web_token": {
"type": "string"
}
}
},
"codersdk.Group": {
"type": "object",
"properties": {
@ -6418,47 +6507,6 @@ const docTemplate = `{
}
}
},
"codersdk.ListeningPort": {
"type": "object",
"properties": {
"network": {
"description": "only \"tcp\" at the moment",
"allOf": [
{
"$ref": "#/definitions/codersdk.ListeningPortNetwork"
}
]
},
"port": {
"type": "integer"
},
"process_name": {
"description": "may be empty",
"type": "string"
}
}
},
"codersdk.ListeningPortNetwork": {
"type": "string",
"enum": [
"tcp"
],
"x-enum-varnames": [
"ListeningPortNetworkTCP"
]
},
"codersdk.ListeningPortsResponse": {
"type": "object",
"properties": {
"ports": {
"description": "If there are no ports in the list, nothing should be displayed in the UI.\nThere must not be a \"no ports available\" message or anything similar, as\nthere will always be no ports displayed on platforms where our port\ndetection logic is unsupported.",
"type": "array",
"items": {
"$ref": "#/definitions/codersdk.ListeningPort"
}
}
}
},
"codersdk.LogLevel": {
"type": "string",
"enum": [
@ -6836,35 +6884,6 @@ const docTemplate = `{
"ParameterSourceSchemeData"
]
},
"codersdk.PostWorkspaceAgentLifecycleRequest": {
"type": "object",
"properties": {
"state": {
"$ref": "#/definitions/codersdk.WorkspaceAgentLifecycle"
}
}
},
"codersdk.PostWorkspaceAgentVersionRequest": {
"description": "x-apidocgen:skip",
"type": "object",
"properties": {
"version": {
"type": "string"
}
}
},
"codersdk.PostWorkspaceAppHealthsRequest": {
"type": "object",
"properties": {
"healths": {
"description": "Healths is a map of the workspace app name and the health of the app.",
"type": "object",
"additionalProperties": {
"$ref": "#/definitions/codersdk.WorkspaceAppHealth"
}
}
}
},
"codersdk.PprofConfig": {
"type": "object",
"properties": {
@ -7844,14 +7863,6 @@ const docTemplate = `{
}
}
},
"codersdk.WorkspaceAgentAuthenticateResponse": {
"type": "object",
"properties": {
"session_token": {
"type": "string"
}
}
},
"codersdk.WorkspaceAgentConnectionInfo": {
"type": "object",
"properties": {
@ -7860,20 +7871,6 @@ const docTemplate = `{
}
}
},
"codersdk.WorkspaceAgentGitAuthResponse": {
"type": "object",
"properties": {
"password": {
"type": "string"
},
"url": {
"type": "string"
},
"username": {
"type": "string"
}
}
},
"codersdk.WorkspaceAgentLifecycle": {
"type": "string",
"enum": [
@ -7891,42 +7888,31 @@ const docTemplate = `{
"WorkspaceAgentLifecycleReady"
]
},
"codersdk.WorkspaceAgentMetadata": {
"codersdk.WorkspaceAgentListeningPort": {
"type": "object",
"properties": {
"apps": {
"network": {
"description": "only \"tcp\" at the moment",
"type": "string"
},
"port": {
"type": "integer"
},
"process_name": {
"description": "may be empty",
"type": "string"
}
}
},
"codersdk.WorkspaceAgentListeningPortsResponse": {
"type": "object",
"properties": {
"ports": {
"description": "If there are no ports in the list, nothing should be displayed in the UI.\nThere must not be a \"no ports available\" message or anything similar, as\nthere will always be no ports displayed on platforms where our port\ndetection logic is unsupported.",
"type": "array",
"items": {
"$ref": "#/definitions/codersdk.WorkspaceApp"
"$ref": "#/definitions/codersdk.WorkspaceAgentListeningPort"
}
},
"derpmap": {
"$ref": "#/definitions/tailcfg.DERPMap"
},
"directory": {
"type": "string"
},
"environment_variables": {
"type": "object",
"additionalProperties": {
"type": "string"
}
},
"git_auth_configs": {
"description": "GitAuthConfigs stores the number of Git configurations\nthe Coder deployment has. If this number is \u003e0, we\nset up special configuration in the workspace.",
"type": "integer"
},
"motd_file": {
"type": "string"
},
"startup_script": {
"type": "string"
},
"startup_script_timeout": {
"type": "integer"
},
"vscode_port_proxy_uri": {
"type": "string"
}
}
},

436
coderd/apidoc/swagger.json generated
View File

@ -125,7 +125,7 @@
"200": {
"description": "OK",
"schema": {
"$ref": "#/definitions/codersdk.GetAppHostResponse"
"$ref": "#/definitions/codersdk.AppHostResponse"
}
}
}
@ -3325,7 +3325,7 @@
"in": "body",
"required": true,
"schema": {
"$ref": "#/definitions/codersdk.AWSInstanceIdentityToken"
"$ref": "#/definitions/agentsdk.AWSInstanceIdentityToken"
}
}
],
@ -3333,7 +3333,7 @@
"200": {
"description": "OK",
"schema": {
"$ref": "#/definitions/codersdk.WorkspaceAgentAuthenticateResponse"
"$ref": "#/definitions/agentsdk.AuthenticateResponse"
}
}
}
@ -3358,7 +3358,7 @@
"in": "body",
"required": true,
"schema": {
"$ref": "#/definitions/codersdk.AzureInstanceIdentityToken"
"$ref": "#/definitions/agentsdk.AzureInstanceIdentityToken"
}
}
],
@ -3366,7 +3366,7 @@
"200": {
"description": "OK",
"schema": {
"$ref": "#/definitions/codersdk.WorkspaceAgentAuthenticateResponse"
"$ref": "#/definitions/agentsdk.AuthenticateResponse"
}
}
}
@ -3391,7 +3391,7 @@
"in": "body",
"required": true,
"schema": {
"$ref": "#/definitions/codersdk.GoogleInstanceIdentityToken"
"$ref": "#/definitions/agentsdk.GoogleInstanceIdentityToken"
}
}
],
@ -3399,7 +3399,7 @@
"200": {
"description": "OK",
"schema": {
"$ref": "#/definitions/codersdk.WorkspaceAgentAuthenticateResponse"
"$ref": "#/definitions/agentsdk.AuthenticateResponse"
}
}
}
@ -3424,7 +3424,7 @@
"in": "body",
"required": true,
"schema": {
"$ref": "#/definitions/codersdk.PostWorkspaceAppHealthsRequest"
"$ref": "#/definitions/agentsdk.PostAppHealthsRequest"
}
}
],
@ -3484,7 +3484,7 @@
"200": {
"description": "OK",
"schema": {
"$ref": "#/definitions/codersdk.WorkspaceAgentGitAuthResponse"
"$ref": "#/definitions/agentsdk.GitAuthResponse"
}
}
}
@ -3505,7 +3505,7 @@
"200": {
"description": "OK",
"schema": {
"$ref": "#/definitions/codersdk.AgentGitSSHKey"
"$ref": "#/definitions/agentsdk.GitSSHKey"
}
}
}
@ -3526,7 +3526,7 @@
"200": {
"description": "OK",
"schema": {
"$ref": "#/definitions/codersdk.WorkspaceAgentMetadata"
"$ref": "#/definitions/agentsdk.Metadata"
}
}
}
@ -3550,7 +3550,7 @@
"in": "body",
"required": true,
"schema": {
"$ref": "#/definitions/codersdk.PostWorkspaceAgentLifecycleRequest"
"$ref": "#/definitions/agentsdk.PostLifecycleRequest"
}
}
],
@ -3583,7 +3583,7 @@
"in": "body",
"required": true,
"schema": {
"$ref": "#/definitions/codersdk.AgentStats"
"$ref": "#/definitions/agentsdk.Stats"
}
}
],
@ -3591,7 +3591,7 @@
"200": {
"description": "OK",
"schema": {
"$ref": "#/definitions/codersdk.AgentStatsResponse"
"$ref": "#/definitions/agentsdk.StatsResponse"
}
}
}
@ -3616,7 +3616,7 @@
"in": "body",
"required": true,
"schema": {
"$ref": "#/definitions/codersdk.PostWorkspaceAgentVersionRequest"
"$ref": "#/definitions/agentsdk.PostVersionRequest"
}
}
],
@ -3744,7 +3744,7 @@
"200": {
"description": "OK",
"schema": {
"$ref": "#/definitions/codersdk.ListeningPortsResponse"
"$ref": "#/definitions/codersdk.WorkspaceAgentListeningPortsResponse"
}
}
}
@ -4368,6 +4368,180 @@
}
},
"definitions": {
"agentsdk.AWSInstanceIdentityToken": {
"type": "object",
"required": ["document", "signature"],
"properties": {
"document": {
"type": "string"
},
"signature": {
"type": "string"
}
}
},
"agentsdk.AuthenticateResponse": {
"type": "object",
"properties": {
"session_token": {
"type": "string"
}
}
},
"agentsdk.AzureInstanceIdentityToken": {
"type": "object",
"required": ["encoding", "signature"],
"properties": {
"encoding": {
"type": "string"
},
"signature": {
"type": "string"
}
}
},
"agentsdk.GitAuthResponse": {
"type": "object",
"properties": {
"password": {
"type": "string"
},
"url": {
"type": "string"
},
"username": {
"type": "string"
}
}
},
"agentsdk.GitSSHKey": {
"type": "object",
"properties": {
"private_key": {
"type": "string"
},
"public_key": {
"type": "string"
}
}
},
"agentsdk.GoogleInstanceIdentityToken": {
"type": "object",
"required": ["json_web_token"],
"properties": {
"json_web_token": {
"type": "string"
}
}
},
"agentsdk.Metadata": {
"type": "object",
"properties": {
"apps": {
"type": "array",
"items": {
"$ref": "#/definitions/codersdk.WorkspaceApp"
}
},
"derpmap": {
"$ref": "#/definitions/tailcfg.DERPMap"
},
"directory": {
"type": "string"
},
"environment_variables": {
"type": "object",
"additionalProperties": {
"type": "string"
}
},
"git_auth_configs": {
"description": "GitAuthConfigs stores the number of Git configurations\nthe Coder deployment has. If this number is \u003e0, we\nset up special configuration in the workspace.",
"type": "integer"
},
"motd_file": {
"type": "string"
},
"startup_script": {
"type": "string"
},
"startup_script_timeout": {
"type": "integer"
},
"vscode_port_proxy_uri": {
"type": "string"
}
}
},
"agentsdk.PostAppHealthsRequest": {
"type": "object",
"properties": {
"healths": {
"description": "Healths is a map of the workspace app name and the health of the app.",
"type": "object",
"additionalProperties": {
"$ref": "#/definitions/codersdk.WorkspaceAppHealth"
}
}
}
},
"agentsdk.PostLifecycleRequest": {
"type": "object",
"properties": {
"state": {
"$ref": "#/definitions/codersdk.WorkspaceAgentLifecycle"
}
}
},
"agentsdk.PostVersionRequest": {
"type": "object",
"properties": {
"version": {
"type": "string"
}
}
},
"agentsdk.Stats": {
"type": "object",
"properties": {
"conns_by_proto": {
"description": "ConnsByProto is a count of connections by protocol.",
"type": "object",
"additionalProperties": {
"type": "integer"
}
},
"num_comms": {
"description": "NumConns is the number of connections received by an agent.",
"type": "integer"
},
"rx_bytes": {
"description": "RxBytes is the number of received bytes.",
"type": "integer"
},
"rx_packets": {
"description": "RxPackets is the number of received packets.",
"type": "integer"
},
"tx_bytes": {
"description": "TxBytes is the number of transmitted bytes.",
"type": "integer"
},
"tx_packets": {
"description": "TxPackets is the number of transmitted bytes.",
"type": "integer"
}
}
},
"agentsdk.StatsResponse": {
"type": "object",
"properties": {
"report_interval": {
"description": "ReportInterval is the duration after which the agent should send stats\nagain.",
"type": "integer"
}
}
},
"coderd.SCIMUser": {
"type": "object",
"properties": {
@ -4504,18 +4678,6 @@
"enum": ["all", "application_connect"],
"x-enum-varnames": ["APIKeyScopeAll", "APIKeyScopeApplicationConnect"]
},
"codersdk.AWSInstanceIdentityToken": {
"type": "object",
"required": ["document", "signature"],
"properties": {
"document": {
"type": "string"
},
"signature": {
"type": "string"
}
}
},
"codersdk.AddLicenseRequest": {
"type": "object",
"required": ["license"],
@ -4525,55 +4687,12 @@
}
}
},
"codersdk.AgentGitSSHKey": {
"codersdk.AppHostResponse": {
"type": "object",
"properties": {
"private_key": {
"host": {
"description": "Host is the externally accessible URL for the Coder instance.",
"type": "string"
},
"public_key": {
"type": "string"
}
}
},
"codersdk.AgentStats": {
"type": "object",
"properties": {
"conns_by_proto": {
"description": "ConnsByProto is a count of connections by protocol.",
"type": "object",
"additionalProperties": {
"type": "integer"
}
},
"num_comms": {
"description": "NumConns is the number of connections received by an agent.",
"type": "integer"
},
"rx_bytes": {
"description": "RxBytes is the number of received bytes.",
"type": "integer"
},
"rx_packets": {
"description": "RxPackets is the number of received packets.",
"type": "integer"
},
"tx_bytes": {
"description": "TxBytes is the number of transmitted bytes.",
"type": "integer"
},
"tx_packets": {
"description": "TxPackets is the number of transmitted bytes.",
"type": "integer"
}
}
},
"codersdk.AgentStatsResponse": {
"type": "object",
"properties": {
"report_interval": {
"description": "ReportInterval is the duration after which the agent should send stats\nagain.",
"type": "integer"
}
}
},
@ -4783,18 +4902,6 @@
"type": "boolean"
}
},
"codersdk.AzureInstanceIdentityToken": {
"type": "object",
"required": ["encoding", "signature"],
"properties": {
"encoding": {
"type": "string"
},
"signature": {
"type": "string"
}
}
},
"codersdk.BuildInfoResponse": {
"type": "object",
"properties": {
@ -5588,15 +5695,6 @@
}
}
},
"codersdk.GetAppHostResponse": {
"type": "object",
"properties": {
"host": {
"description": "Host is the externally accessible URL for the Coder instance.",
"type": "string"
}
}
},
"codersdk.GetUsersResponse": {
"type": "object",
"properties": {
@ -5666,15 +5764,6 @@
}
}
},
"codersdk.GoogleInstanceIdentityToken": {
"type": "object",
"required": ["json_web_token"],
"properties": {
"json_web_token": {
"type": "string"
}
}
},
"codersdk.Group": {
"type": "object",
"properties": {
@ -5741,43 +5830,6 @@
}
}
},
"codersdk.ListeningPort": {
"type": "object",
"properties": {
"network": {
"description": "only \"tcp\" at the moment",
"allOf": [
{
"$ref": "#/definitions/codersdk.ListeningPortNetwork"
}
]
},
"port": {
"type": "integer"
},
"process_name": {
"description": "may be empty",
"type": "string"
}
}
},
"codersdk.ListeningPortNetwork": {
"type": "string",
"enum": ["tcp"],
"x-enum-varnames": ["ListeningPortNetworkTCP"]
},
"codersdk.ListeningPortsResponse": {
"type": "object",
"properties": {
"ports": {
"description": "If there are no ports in the list, nothing should be displayed in the UI.\nThere must not be a \"no ports available\" message or anything similar, as\nthere will always be no ports displayed on platforms where our port\ndetection logic is unsupported.",
"type": "array",
"items": {
"$ref": "#/definitions/codersdk.ListeningPort"
}
}
}
},
"codersdk.LogLevel": {
"type": "string",
"enum": ["trace", "debug", "info", "warn", "error"],
@ -6099,35 +6151,6 @@
"ParameterSourceSchemeData"
]
},
"codersdk.PostWorkspaceAgentLifecycleRequest": {
"type": "object",
"properties": {
"state": {
"$ref": "#/definitions/codersdk.WorkspaceAgentLifecycle"
}
}
},
"codersdk.PostWorkspaceAgentVersionRequest": {
"description": "x-apidocgen:skip",
"type": "object",
"properties": {
"version": {
"type": "string"
}
}
},
"codersdk.PostWorkspaceAppHealthsRequest": {
"type": "object",
"properties": {
"healths": {
"description": "Healths is a map of the workspace app name and the health of the app.",
"type": "object",
"additionalProperties": {
"$ref": "#/definitions/codersdk.WorkspaceAppHealth"
}
}
}
},
"codersdk.PprofConfig": {
"type": "object",
"properties": {
@ -7059,14 +7082,6 @@
}
}
},
"codersdk.WorkspaceAgentAuthenticateResponse": {
"type": "object",
"properties": {
"session_token": {
"type": "string"
}
}
},
"codersdk.WorkspaceAgentConnectionInfo": {
"type": "object",
"properties": {
@ -7075,20 +7090,6 @@
}
}
},
"codersdk.WorkspaceAgentGitAuthResponse": {
"type": "object",
"properties": {
"password": {
"type": "string"
},
"url": {
"type": "string"
},
"username": {
"type": "string"
}
}
},
"codersdk.WorkspaceAgentLifecycle": {
"type": "string",
"enum": ["created", "starting", "start_timeout", "start_error", "ready"],
@ -7100,42 +7101,31 @@
"WorkspaceAgentLifecycleReady"
]
},
"codersdk.WorkspaceAgentMetadata": {
"codersdk.WorkspaceAgentListeningPort": {
"type": "object",
"properties": {
"apps": {
"network": {
"description": "only \"tcp\" at the moment",
"type": "string"
},
"port": {
"type": "integer"
},
"process_name": {
"description": "may be empty",
"type": "string"
}
}
},
"codersdk.WorkspaceAgentListeningPortsResponse": {
"type": "object",
"properties": {
"ports": {
"description": "If there are no ports in the list, nothing should be displayed in the UI.\nThere must not be a \"no ports available\" message or anything similar, as\nthere will always be no ports displayed on platforms where our port\ndetection logic is unsupported.",
"type": "array",
"items": {
"$ref": "#/definitions/codersdk.WorkspaceApp"
"$ref": "#/definitions/codersdk.WorkspaceAgentListeningPort"
}
},
"derpmap": {
"$ref": "#/definitions/tailcfg.DERPMap"
},
"directory": {
"type": "string"
},
"environment_variables": {
"type": "object",
"additionalProperties": {
"type": "string"
}
},
"git_auth_configs": {
"description": "GitAuthConfigs stores the number of Git configurations\nthe Coder deployment has. If this number is \u003e0, we\nset up special configuration in the workspace.",
"type": "integer"
},
"motd_file": {
"type": "string"
},
"startup_script": {
"type": "string"
},
"startup_script_timeout": {
"type": "integer"
},
"vscode_port_proxy_uri": {
"type": "string"
}
}
},

2
coderd/apikey.go
View File

@ -343,7 +343,7 @@ func (api *API) createAPIKey(ctx context.Context, params createAPIKeyParams) (*h
// This format is consumed by the APIKey middleware.
sessionToken := fmt.Sprintf("%s-%s", keyID, keySecret)
return &http.Cookie{
Name: codersdk.SessionTokenKey,
Name: codersdk.SessionTokenCookie,
Value: sessionToken,
Path: "/",
HttpOnly: true,

10
coderd/apikey_test.go
View File

@ -19,7 +19,7 @@ func TestTokenCRUD(t *testing.T) {
defer cancel()
client := coderdtest.New(t, nil)
_ = coderdtest.CreateFirstUser(t, client)
keys, err := client.GetTokens(ctx, codersdk.Me)
keys, err := client.Tokens(ctx, codersdk.Me)
require.NoError(t, err)
require.Empty(t, keys)
@ -27,7 +27,7 @@ func TestTokenCRUD(t *testing.T) {
require.NoError(t, err)
require.Greater(t, len(res.Key), 2)
keys, err = client.GetTokens(ctx, codersdk.Me)
keys, err = client.Tokens(ctx, codersdk.Me)
require.NoError(t, err)
require.EqualValues(t, len(keys), 1)
require.Contains(t, res.Key, keys[0].ID)
@ -40,7 +40,7 @@ func TestTokenCRUD(t *testing.T) {
err = client.DeleteAPIKey(ctx, codersdk.Me, keys[0].ID)
require.NoError(t, err)
keys, err = client.GetTokens(ctx, codersdk.Me)
keys, err = client.Tokens(ctx, codersdk.Me)
require.NoError(t, err)
require.Empty(t, keys)
}
@ -59,7 +59,7 @@ func TestTokenScoped(t *testing.T) {
require.NoError(t, err)
require.Greater(t, len(res.Key), 2)
keys, err := client.GetTokens(ctx, codersdk.Me)
keys, err := client.Tokens(ctx, codersdk.Me)
require.NoError(t, err)
require.EqualValues(t, len(keys), 1)
require.Contains(t, res.Key, keys[0].ID)
@ -78,7 +78,7 @@ func TestTokenDuration(t *testing.T) {
Lifetime: time.Hour * 24 * 7,
})
require.NoError(t, err)
keys, err := client.GetTokens(ctx, codersdk.Me)
keys, err := client.Tokens(ctx, codersdk.Me)
require.NoError(t, err)
require.Greater(t, keys[0].ExpiresAt, time.Now().Add(time.Hour*6*24))
require.Less(t, keys[0].ExpiresAt, time.Now().Add(time.Hour*8*24))

2
coderd/audit.go
View File

@ -261,7 +261,7 @@ func (api *API) convertAuditLog(ctx context.Context, dblog database.GetAuditLogs
func auditLogDescription(alog database.GetAuditLogsOffsetRow, additionalFields AdditionalFields) string {
str := fmt.Sprintf("{user} %s",
codersdk.AuditAction(alog.Action).FriendlyString(),
codersdk.AuditAction(alog.Action).Friendly(),
)
// Strings for starting/stopping workspace builds follow the below format:

2
coderd/authorize_test.go
View File

@ -133,7 +133,7 @@ func TestCheckPermissions(t *testing.T) {
ctx, cancel := context.WithTimeout(context.Background(), testutil.WaitLong)
t.Cleanup(cancel)
resp, err := c.Client.CheckAuthorization(ctx, codersdk.AuthorizationRequest{Checks: params})
resp, err := c.Client.AuthCheck(ctx, codersdk.AuthorizationRequest{Checks: params})
require.NoError(t, err, "check perms")
require.Equal(t, c.Check, resp)
})

2
coderd/coderdtest/authorize.go
View File

@ -342,7 +342,7 @@ func NewAuthTester(ctx context.Context, t *testing.T, client *codersdk.Client, a
})
require.NoError(t, err, "create token")
apiKeys, err := client.GetTokens(ctx, admin.UserID.String())
apiKeys, err := client.Tokens(ctx, admin.UserID.String())
require.NoError(t, err, "get tokens")
apiKey := apiKeys[0]

3
coderd/coderdtest/coderdtest.go
View File

@ -68,6 +68,7 @@ import (
"github.com/coder/coder/coderd/updatecheck"
"github.com/coder/coder/coderd/util/ptr"
"github.com/coder/coder/codersdk"
"github.com/coder/coder/codersdk/agentsdk"
"github.com/coder/coder/cryptorand"
"github.com/coder/coder/provisioner/echo"
"github.com/coder/coder/provisionerd"
@ -951,7 +952,7 @@ func NewAzureInstanceIdentity(t *testing.T, instanceID string) (x509.VerifyOptio
signature := make([]byte, base64.StdEncoding.EncodedLen(len(signatureRaw)))
base64.StdEncoding.Encode(signature, signatureRaw)
payload, err := json.Marshal(codersdk.AzureInstanceIdentityToken{
payload, err := json.Marshal(agentsdk.AzureInstanceIdentityToken{
Signature: string(signature),
Encoding: "pkcs7",
})

5
coderd/gitsshkey.go
View File

@ -10,6 +10,7 @@ import (
"github.com/coder/coder/coderd/httpmw"
"github.com/coder/coder/coderd/rbac"
"github.com/coder/coder/codersdk"
"github.com/coder/coder/codersdk/agentsdk"
)
// @Summary Regenerate user SSH key
@ -121,7 +122,7 @@ func (api *API) gitSSHKey(rw http.ResponseWriter, r *http.Request) {
// @Security CoderSessionToken
// @Produce json
// @Tags Agents
// @Success 200 {object} codersdk.AgentGitSSHKey
// @Success 200 {object} agentsdk.GitSSHKey
// @Router /workspaceagents/me/gitsshkey [get]
func (api *API) agentGitSSHKey(rw http.ResponseWriter, r *http.Request) {
ctx := r.Context()
@ -162,7 +163,7 @@ func (api *API) agentGitSSHKey(rw http.ResponseWriter, r *http.Request) {
return
}
httpapi.Write(ctx, rw, http.StatusOK, codersdk.AgentGitSSHKey{
httpapi.Write(ctx, rw, http.StatusOK, agentsdk.GitSSHKey{
PublicKey: gitSSHKey.PublicKey,
PrivateKey: gitSSHKey.PrivateKey,
})

6
coderd/gitsshkey_test.go
View File

@ -12,7 +12,7 @@ import (
"github.com/coder/coder/coderd/coderdtest"
"github.com/coder/coder/coderd/database"
"github.com/coder/coder/coderd/gitsshkey"
"github.com/coder/coder/codersdk"
"github.com/coder/coder/codersdk/agentsdk"
"github.com/coder/coder/provisioner/echo"
"github.com/coder/coder/provisionersdk/proto"
"github.com/coder/coder/testutil"
@ -133,13 +133,13 @@ func TestAgentGitSSHKey(t *testing.T) {
workspace := coderdtest.CreateWorkspace(t, client, user.OrganizationID, project.ID)
coderdtest.AwaitWorkspaceBuildJob(t, client, workspace.LatestBuild.ID)
agentClient := codersdk.New(client.URL)
agentClient := agentsdk.New(client.URL)
agentClient.SetSessionToken(authToken)
ctx, cancel := context.WithTimeout(context.Background(), testutil.WaitLong)
defer cancel()
agentKey, err := agentClient.AgentGitSSHKey(ctx)
agentKey, err := agentClient.GitSSHKey(ctx)
require.NoError(t, err)
require.NotEmpty(t, agentKey.PrivateKey)
}

6
coderd/httpapi/cookie.go
View File

@ -20,9 +20,9 @@ func StripCoderCookies(header string) string {
continue
}
name, _, _ := strings.Cut(part, "=")
if name == codersdk.SessionTokenKey ||
name == codersdk.OAuth2StateKey ||
name == codersdk.OAuth2RedirectKey {
if name == codersdk.SessionTokenCookie ||
name == codersdk.OAuth2StateCookie ||
name == codersdk.OAuth2RedirectCookie {
continue
}
cookies = append(cookies, part)

8
coderd/httpmw/apikey.go
View File

@ -144,7 +144,7 @@ func ExtractAPIKey(cfg ExtractAPIKeyConfig) func(http.Handler) http.Handler {
if token == "" {
optionalWrite(http.StatusUnauthorized, codersdk.Response{
Message: SignedOutErrorMessage,
Detail: fmt.Sprintf("Cookie %q or query parameter must be provided.", codersdk.SessionTokenKey),
Detail: fmt.Sprintf("Cookie %q or query parameter must be provided.", codersdk.SessionTokenCookie),
})
return
}
@ -364,17 +364,17 @@ func ExtractAPIKey(cfg ExtractAPIKeyConfig) func(http.Handler) http.Handler {
// 4. The coder_session_token query parameter
// 5. The custom auth header
func apiTokenFromRequest(r *http.Request) string {
cookie, err := r.Cookie(codersdk.SessionTokenKey)
cookie, err := r.Cookie(codersdk.SessionTokenCookie)
if err == nil && cookie.Value != "" {
return cookie.Value
}
urlValue := r.URL.Query().Get(codersdk.SessionTokenKey)
urlValue := r.URL.Query().Get(codersdk.SessionTokenCookie)
if urlValue != "" {
return urlValue
}
headerValue := r.Header.Get(codersdk.SessionCustomHeader)
headerValue := r.Header.Get(codersdk.SessionTokenHeader)
if headerValue != "" {
return headerValue
}

30
coderd/httpmw/apikey_test.go
View File

@ -82,7 +82,7 @@ func TestAPIKey(t *testing.T) {
r = httptest.NewRequest("GET", "/", nil)
rw = httptest.NewRecorder()
)
r.Header.Set(codersdk.SessionCustomHeader, "test-wow-hello")
r.Header.Set(codersdk.SessionTokenHeader, "test-wow-hello")
httpmw.ExtractAPIKey(httpmw.ExtractAPIKeyConfig{
DB: db,
@ -100,7 +100,7 @@ func TestAPIKey(t *testing.T) {
r = httptest.NewRequest("GET", "/", nil)
rw = httptest.NewRecorder()
)
r.Header.Set(codersdk.SessionCustomHeader, "test-wow")
r.Header.Set(codersdk.SessionTokenHeader, "test-wow")
httpmw.ExtractAPIKey(httpmw.ExtractAPIKeyConfig{
DB: db,
@ -118,7 +118,7 @@ func TestAPIKey(t *testing.T) {
r = httptest.NewRequest("GET", "/", nil)
rw = httptest.NewRecorder()
)
r.Header.Set(codersdk.SessionCustomHeader, "testtestid-wow")
r.Header.Set(codersdk.SessionTokenHeader, "testtestid-wow")
httpmw.ExtractAPIKey(httpmw.ExtractAPIKeyConfig{
DB: db,
@ -137,7 +137,7 @@ func TestAPIKey(t *testing.T) {
r = httptest.NewRequest("GET", "/", nil)
rw = httptest.NewRecorder()
)
r.Header.Set(codersdk.SessionCustomHeader, fmt.Sprintf("%s-%s", id, secret))
r.Header.Set(codersdk.SessionTokenHeader, fmt.Sprintf("%s-%s", id, secret))
httpmw.ExtractAPIKey(httpmw.ExtractAPIKeyConfig{
DB: db,
@ -157,7 +157,7 @@ func TestAPIKey(t *testing.T) {
rw = httptest.NewRecorder()
user = createUser(r.Context(), t, db)
)
r.Header.Set(codersdk.SessionCustomHeader, fmt.Sprintf("%s-%s", id, secret))
r.Header.Set(codersdk.SessionTokenHeader, fmt.Sprintf("%s-%s", id, secret))
// Use a different secret so they don't match!
hashed := sha256.Sum256([]byte("differentsecret"))
@ -188,7 +188,7 @@ func TestAPIKey(t *testing.T) {
rw = httptest.NewRecorder()
user = createUser(r.Context(), t, db)
)
r.Header.Set(codersdk.SessionCustomHeader, fmt.Sprintf("%s-%s", id, secret))
r.Header.Set(codersdk.SessionTokenHeader, fmt.Sprintf("%s-%s", id, secret))
_, err := db.InsertAPIKey(r.Context(), database.InsertAPIKeyParams{
ID: id,
@ -217,7 +217,7 @@ func TestAPIKey(t *testing.T) {
rw = httptest.NewRecorder()
user = createUser(r.Context(), t, db)
)
r.Header.Set(codersdk.SessionCustomHeader, fmt.Sprintf("%s-%s", id, secret))
r.Header.Set(codersdk.SessionTokenHeader, fmt.Sprintf("%s-%s", id, secret))
sentAPIKey, err := db.InsertAPIKey(r.Context(), database.InsertAPIKeyParams{
ID: id,
@ -259,7 +259,7 @@ func TestAPIKey(t *testing.T) {
user = createUser(r.Context(), t, db)
)
r.AddCookie(&http.Cookie{
Name: codersdk.SessionTokenKey,
Name: codersdk.SessionTokenCookie,
Value: fmt.Sprintf("%s-%s", id, secret),
})
@ -302,7 +302,7 @@ func TestAPIKey(t *testing.T) {
user = createUser(r.Context(), t, db)
)
q := r.URL.Query()
q.Add(codersdk.SessionTokenKey, fmt.Sprintf("%s-%s", id, secret))
q.Add(codersdk.SessionTokenCookie, fmt.Sprintf("%s-%s", id, secret))
r.URL.RawQuery = q.Encode()
_, err := db.InsertAPIKey(r.Context(), database.InsertAPIKeyParams{
@ -339,7 +339,7 @@ func TestAPIKey(t *testing.T) {
rw = httptest.NewRecorder()
user = createUser(r.Context(), t, db)
)
r.Header.Set(codersdk.SessionCustomHeader, fmt.Sprintf("%s-%s", id, secret))
r.Header.Set(codersdk.SessionTokenHeader, fmt.Sprintf("%s-%s", id, secret))
sentAPIKey, err := db.InsertAPIKey(r.Context(), database.InsertAPIKeyParams{
ID: id,
@ -376,7 +376,7 @@ func TestAPIKey(t *testing.T) {
rw = httptest.NewRecorder()
user = createUser(r.Context(), t, db)
)
r.Header.Set(codersdk.SessionCustomHeader, fmt.Sprintf("%s-%s", id, secret))
r.Header.Set(codersdk.SessionTokenHeader, fmt.Sprintf("%s-%s", id, secret))
sentAPIKey, err := db.InsertAPIKey(r.Context(), database.InsertAPIKeyParams{
ID: id,
@ -413,7 +413,7 @@ func TestAPIKey(t *testing.T) {
rw = httptest.NewRecorder()
user = createUser(r.Context(), t, db)
)
r.Header.Set(codersdk.SessionCustomHeader, fmt.Sprintf("%s-%s", id, secret))
r.Header.Set(codersdk.SessionTokenHeader, fmt.Sprintf("%s-%s", id, secret))
sentAPIKey, err := db.InsertAPIKey(r.Context(), database.InsertAPIKeyParams{
ID: id,
@ -457,7 +457,7 @@ func TestAPIKey(t *testing.T) {
rw = httptest.NewRecorder()
user = createUser(r.Context(), t, db)
)
r.Header.Set(codersdk.SessionCustomHeader, fmt.Sprintf("%s-%s", id, secret))
r.Header.Set(codersdk.SessionTokenHeader, fmt.Sprintf("%s-%s", id, secret))
sentAPIKey, err := db.InsertAPIKey(r.Context(), database.InsertAPIKeyParams{
ID: id,
@ -514,7 +514,7 @@ func TestAPIKey(t *testing.T) {
user = createUser(r.Context(), t, db)
)
r.RemoteAddr = "1.1.1.1"
r.Header.Set(codersdk.SessionCustomHeader, fmt.Sprintf("%s-%s", id, secret))
r.Header.Set(codersdk.SessionTokenHeader, fmt.Sprintf("%s-%s", id, secret))
_, err := db.InsertAPIKey(r.Context(), database.InsertAPIKeyParams{
ID: id,
@ -602,7 +602,7 @@ func TestAPIKey(t *testing.T) {
rw = httptest.NewRecorder()
user = createUser(r.Context(), t, db)
)
r.Header.Set(codersdk.SessionCustomHeader, fmt.Sprintf("%s-%s", id, secret))
r.Header.Set(codersdk.SessionTokenHeader, fmt.Sprintf("%s-%s", id, secret))
sentAPIKey, err := db.InsertAPIKey(r.Context(), database.InsertAPIKeyParams{
ID: id,

2
coderd/httpmw/authorize_test.go
View File

@ -131,7 +131,7 @@ func TestExtractUserRoles(t *testing.T) {
})
req := httptest.NewRequest("GET", "/", nil)
req.Header.Set(codersdk.SessionCustomHeader, token)
req.Header.Set(codersdk.SessionTokenHeader, token)
rtr.ServeHTTP(rw, req)
resp := rw.Result()

6
coderd/httpmw/csrf.go
View File

@ -41,19 +41,19 @@ func CSRF(secureCookie bool) func(next http.Handler) http.Handler {
// CSRF only affects requests that automatically attach credentials via a cookie.
// If no cookie is present, then there is no risk of CSRF.
//nolint:govet
sessCookie, err := r.Cookie(codersdk.SessionTokenKey)
sessCookie, err := r.Cookie(codersdk.SessionTokenCookie)
if xerrors.Is(err, http.ErrNoCookie) {
return true
}
if token := r.Header.Get(codersdk.SessionCustomHeader); token == sessCookie.Value {
if token := r.Header.Get(codersdk.SessionTokenHeader); token == sessCookie.Value {
// If the cookie and header match, we can assume this is the same as just using the
// custom header auth. Custom header auth can bypass CSRF, as CSRF attacks
// cannot add custom headers.
return true
}
if token := r.URL.Query().Get(codersdk.SessionTokenKey); token == sessCookie.Value {
if token := r.URL.Query().Get(codersdk.SessionTokenCookie); token == sessCookie.Value {
// If the auth is set in a url param and matches the cookie, it
// is the same as just using the url param.
return true

10
coderd/httpmw/oauth2.go
View File

@ -71,7 +71,7 @@ func ExtractOAuth2(config OAuth2Config, client *http.Client) func(http.Handler)
}
http.SetCookie(rw, &http.Cookie{
Name: codersdk.OAuth2StateKey,
Name: codersdk.OAuth2StateCookie,
Value: state,
Path: "/",
HttpOnly: true,
@ -80,7 +80,7 @@ func ExtractOAuth2(config OAuth2Config, client *http.Client) func(http.Handler)
// Redirect must always be specified, otherwise
// an old redirect could apply!
http.SetCookie(rw, &http.Cookie{
Name: codersdk.OAuth2RedirectKey,
Name: codersdk.OAuth2RedirectCookie,
Value: r.URL.Query().Get("redirect"),
Path: "/",
HttpOnly: true,
@ -98,10 +98,10 @@ func ExtractOAuth2(config OAuth2Config, client *http.Client) func(http.Handler)
return
}
stateCookie, err := r.Cookie(codersdk.OAuth2StateKey)
stateCookie, err := r.Cookie(codersdk.OAuth2StateCookie)
if err != nil {
httpapi.Write(ctx, rw, http.StatusUnauthorized, codersdk.Response{
Message: fmt.Sprintf("Cookie %q must be provided.", codersdk.OAuth2StateKey),
Message: fmt.Sprintf("Cookie %q must be provided.", codersdk.OAuth2StateCookie),
})
return
}
@ -113,7 +113,7 @@ func ExtractOAuth2(config OAuth2Config, client *http.Client) func(http.Handler)
}
var redirect string
stateRedirect, err := r.Cookie(codersdk.OAuth2RedirectKey)
stateRedirect, err := r.Cookie(codersdk.OAuth2RedirectCookie)
if err == nil {
redirect = stateRedirect.Value
}

4
coderd/httpmw/oauth2_test.go
View File

@ -73,7 +73,7 @@ func TestOAuth2(t *testing.T) {
t.Parallel()
req := httptest.NewRequest("GET", "/?code=something&state=test", nil)
req.AddCookie(&http.Cookie{
Name: codersdk.OAuth2StateKey,
Name: codersdk.OAuth2StateCookie,
Value: "mismatch",
})
res := httptest.NewRecorder()
@ -84,7 +84,7 @@ func TestOAuth2(t *testing.T) {
t.Parallel()
req := httptest.NewRequest("GET", "/?code=test&state=something", nil)
req.AddCookie(&http.Cookie{
Name: codersdk.OAuth2StateKey,
Name: codersdk.OAuth2StateCookie,
Value: "something",
})
req.AddCookie(&http.Cookie{

2
coderd/httpmw/organizationparam_test.go
View File

@ -29,7 +29,7 @@ func TestOrganizationParam(t *testing.T) {
r = httptest.NewRequest("GET", "/", nil)
hashed = sha256.Sum256([]byte(secret))
)
r.Header.Set(codersdk.SessionCustomHeader, fmt.Sprintf("%s-%s", id, secret))
r.Header.Set(codersdk.SessionTokenHeader, fmt.Sprintf("%s-%s", id, secret))
userID := uuid.New()
username, err := cryptorand.String(8)

6
coderd/httpmw/ratelimit_test.go
View File

@ -111,7 +111,7 @@ func TestRateLimit(t *testing.T) {
// Bypass must fail
req := httptest.NewRequest("GET", "/", nil)
req.Header.Set(codersdk.SessionCustomHeader, key)
req.Header.Set(codersdk.SessionTokenHeader, key)
req.Header.Set(codersdk.BypassRatelimitHeader, "true")
rec := httptest.NewRecorder()
// Assert we're not using IP address.
@ -123,7 +123,7 @@ func TestRateLimit(t *testing.T) {
require.Eventually(t, func() bool {
req := httptest.NewRequest("GET", "/", nil)
req.Header.Set(codersdk.SessionCustomHeader, key)
req.Header.Set(codersdk.SessionTokenHeader, key)
rec := httptest.NewRecorder()
// Assert we're not using IP address.
req.RemoteAddr = randRemoteAddr()
@ -160,7 +160,7 @@ func TestRateLimit(t *testing.T) {
require.Never(t, func() bool {
req := httptest.NewRequest("GET", "/", nil)
req.Header.Set(codersdk.SessionCustomHeader, key)
req.Header.Set(codersdk.SessionTokenHeader, key)
req.Header.Set(codersdk.BypassRatelimitHeader, "true")
rec := httptest.NewRecorder()
// Assert we're not using IP address.

2
coderd/httpmw/templateparam_test.go
View File

@ -29,7 +29,7 @@ func TestTemplateParam(t *testing.T) {
hashed = sha256.Sum256([]byte(secret))
)
r := httptest.NewRequest("GET", "/", nil)
r.Header.Set(codersdk.SessionCustomHeader, fmt.Sprintf("%s-%s", id, secret))
r.Header.Set(codersdk.SessionTokenHeader, fmt.Sprintf("%s-%s", id, secret))
userID := uuid.New()
username, err := cryptorand.String(8)

2
coderd/httpmw/templateversionparam_test.go
View File

@ -29,7 +29,7 @@ func TestTemplateVersionParam(t *testing.T) {
hashed = sha256.Sum256([]byte(secret))
)
r := httptest.NewRequest("GET", "/", nil)
r.Header.Set(codersdk.SessionCustomHeader, fmt.Sprintf("%s-%s", id, secret))
r.Header.Set(codersdk.SessionTokenHeader, fmt.Sprintf("%s-%s", id, secret))
userID := uuid.New()
username, err := cryptorand.String(8)

2
coderd/httpmw/userparam_test.go
View File

@ -29,7 +29,7 @@ func TestUserParam(t *testing.T) {
r = httptest.NewRequest("GET", "/", nil)
rw = httptest.NewRecorder()
)
r.Header.Set(codersdk.SessionCustomHeader, fmt.Sprintf("%s-%s", id, secret))
r.Header.Set(codersdk.SessionTokenHeader, fmt.Sprintf("%s-%s", id, secret))
user, err := db.InsertUser(r.Context(), database.InsertUserParams{
ID: uuid.New(),

2
coderd/httpmw/workspaceagent.go
View File

@ -33,7 +33,7 @@ func ExtractWorkspaceAgent(db database.Store) func(http.Handler) http.Handler {
tokenValue := apiTokenFromRequest(r)
if tokenValue == "" {
httpapi.Write(ctx, rw, http.StatusUnauthorized, codersdk.Response{
Message: fmt.Sprintf("Cookie %q must be provided.", codersdk.SessionTokenKey),
Message: fmt.Sprintf("Cookie %q must be provided.", codersdk.SessionTokenCookie),
})
return
}

2
coderd/httpmw/workspaceagent_test.go
View File

@ -22,7 +22,7 @@ func TestWorkspaceAgent(t *testing.T) {
setup := func(db database.Store) (*http.Request, uuid.UUID) {
token := uuid.New()
r := httptest.NewRequest("GET", "/", nil)
r.Header.Set(codersdk.SessionCustomHeader, token.String())
r.Header.Set(codersdk.SessionTokenHeader, token.String())
return r, token
}

2
coderd/httpmw/workspaceagentparam_test.go
View File

@ -29,7 +29,7 @@ func TestWorkspaceAgentParam(t *testing.T) {
hashed = sha256.Sum256([]byte(secret))
)
r := httptest.NewRequest("GET", "/", nil)
r.Header.Set(codersdk.SessionCustomHeader, fmt.Sprintf("%s-%s", id, secret))
r.Header.Set(codersdk.SessionTokenHeader, fmt.Sprintf("%s-%s", id, secret))
userID := uuid.New()
username, err := cryptorand.String(8)

2
coderd/httpmw/workspacebuildparam_test.go
View File

@ -29,7 +29,7 @@ func TestWorkspaceBuildParam(t *testing.T) {
hashed = sha256.Sum256([]byte(secret))
)
r := httptest.NewRequest("GET", "/", nil)
r.Header.Set(codersdk.SessionCustomHeader, fmt.Sprintf("%s-%s", id, secret))
r.Header.Set(codersdk.SessionTokenHeader, fmt.Sprintf("%s-%s", id, secret))
userID := uuid.New()
username, err := cryptorand.String(8)

4
coderd/httpmw/workspaceparam_test.go
View File

@ -32,7 +32,7 @@ func TestWorkspaceParam(t *testing.T) {
hashed = sha256.Sum256([]byte(secret))
)
r := httptest.NewRequest("GET", "/", nil)
r.Header.Set(codersdk.SessionCustomHeader, fmt.Sprintf("%s-%s", id, secret))
r.Header.Set(codersdk.SessionTokenHeader, fmt.Sprintf("%s-%s", id, secret))
userID := uuid.New()
username, err := cryptorand.String(8)
@ -345,7 +345,7 @@ func setupWorkspaceWithAgents(t testing.TB, cfg setupConfig) (database.Store, *h
hashed = sha256.Sum256([]byte(secret))
)
r := httptest.NewRequest("GET", "/", nil)
r.Header.Set(codersdk.SessionCustomHeader, fmt.Sprintf("%s-%s", id, secret))
r.Header.Set(codersdk.SessionTokenHeader, fmt.Sprintf("%s-%s", id, secret))
userID := uuid.New()
username, err := cryptorand.String(8)

3
coderd/insights_test.go
View File

@ -13,6 +13,7 @@ import (
"github.com/coder/coder/agent"
"github.com/coder/coder/coderd/coderdtest"
"github.com/coder/coder/codersdk"
"github.com/coder/coder/codersdk/agentsdk"
"github.com/coder/coder/provisioner/echo"
"github.com/coder/coder/provisionersdk/proto"
"github.com/coder/coder/testutil"
@ -56,7 +57,7 @@ func TestDeploymentInsights(t *testing.T) {
workspace := coderdtest.CreateWorkspace(t, client, user.OrganizationID, template.ID)
coderdtest.AwaitWorkspaceBuildJob(t, client, workspace.LatestBuild.ID)
agentClient := codersdk.New(client.URL)
agentClient := agentsdk.New(client.URL)
agentClient.SetSessionToken(authToken)
agentCloser := agent.New(agent.Options{
Logger: slogtest.Make(t, nil),

3
coderd/templates_test.go
View File

@ -18,6 +18,7 @@ import (
"github.com/coder/coder/coderd/rbac"
"github.com/coder/coder/coderd/util/ptr"
"github.com/coder/coder/codersdk"
"github.com/coder/coder/codersdk/agentsdk"
"github.com/coder/coder/provisioner/echo"
"github.com/coder/coder/provisionersdk/proto"
"github.com/coder/coder/testutil"
@ -544,7 +545,7 @@ func TestTemplateMetrics(t *testing.T) {
workspace := coderdtest.CreateWorkspace(t, client, user.OrganizationID, template.ID)
coderdtest.AwaitWorkspaceBuildJob(t, client, workspace.LatestBuild.ID)
agentClient := codersdk.New(client.URL)
agentClient := agentsdk.New(client.URL)
agentClient.SetSessionToken(authToken)
agentCloser := agent.New(agent.Options{
Logger: slogtest.Make(t, nil),

6
coderd/userauth_test.go
View File

@ -751,7 +751,7 @@ func oauth2Callback(t *testing.T, client *codersdk.Client) *http.Response {
req, err := http.NewRequestWithContext(context.Background(), "GET", oauthURL.String(), nil)
require.NoError(t, err)
req.AddCookie(&http.Cookie{
Name: codersdk.OAuth2StateKey,
Name: codersdk.OAuth2StateCookie,
Value: state,
})
res, err := client.HTTPClient.Do(req)
@ -772,7 +772,7 @@ func oidcCallback(t *testing.T, client *codersdk.Client, code string) *http.Resp
req, err := http.NewRequestWithContext(context.Background(), "GET", oauthURL.String(), nil)
require.NoError(t, err)
req.AddCookie(&http.Cookie{
Name: codersdk.OAuth2StateKey,
Name: codersdk.OAuth2StateCookie,
Value: "somestate",
})
res, err := client.HTTPClient.Do(req)
@ -790,7 +790,7 @@ func i64ptr(i int64) *int64 {
func authCookieValue(cookies []*http.Cookie) string {
for _, cookie := range cookies {
if cookie.Name == codersdk.SessionTokenKey {
if cookie.Name == codersdk.SessionTokenCookie {
return cookie.Value
}
}

2
coderd/users.go
View File

@ -1079,7 +1079,7 @@ func (api *API) postLogout(rw http.ResponseWriter, r *http.Request) {
cookie := &http.Cookie{
// MaxAge < 0 means to delete the cookie now.
MaxAge: -1,
Name: codersdk.SessionTokenKey,
Name: codersdk.SessionTokenCookie,
Path: "/",
}
http.SetCookie(rw, cookie)

20
coderd/users_test.go
View File

@ -230,7 +230,7 @@ func TestPostLogin(t *testing.T) {
defer cancel()
split := strings.Split(client.SessionToken(), "-")
key, err := client.GetAPIKey(ctx, admin.UserID.String(), split[0])
key, err := client.APIKey(ctx, admin.UserID.String(), split[0])
require.NoError(t, err, "fetch login key")
require.Equal(t, int64(86400), key.LifetimeSeconds, "default should be 86400")
@ -238,7 +238,7 @@ func TestPostLogin(t *testing.T) {
token, err := client.CreateToken(ctx, codersdk.Me, codersdk.CreateTokenRequest{})
require.NoError(t, err, "make new token api key")
split = strings.Split(token.Key, "-")
apiKey, err := client.GetAPIKey(ctx, admin.UserID.String(), split[0])
apiKey, err := client.APIKey(ctx, admin.UserID.String(), split[0])
require.NoError(t, err, "fetch api key")
require.True(t, apiKey.ExpiresAt.After(time.Now().Add(time.Hour*24*29)), "default tokens lasts more than 29 days")
@ -307,7 +307,7 @@ func TestPostLogout(t *testing.T) {
defer cancel()
keyID := strings.Split(client.SessionToken(), "-")[0]
apiKey, err := client.GetAPIKey(ctx, admin.UserID.String(), keyID)
apiKey, err := client.APIKey(ctx, admin.UserID.String(), keyID)
require.NoError(t, err)
require.Equal(t, keyID, apiKey.ID, "API key should exist in the database")
@ -323,15 +323,15 @@ func TestPostLogout(t *testing.T) {
var found bool
for _, cookie := range cookies {
if cookie.Name == codersdk.SessionTokenKey {
require.Equal(t, codersdk.SessionTokenKey, cookie.Name, "Cookie should be the auth cookie")
if cookie.Name == codersdk.SessionTokenCookie {
require.Equal(t, codersdk.SessionTokenCookie, cookie.Name, "Cookie should be the auth cookie")
require.Equal(t, -1, cookie.MaxAge, "Cookie should be set to delete")
found = true
}
}
require.True(t, found, "auth cookie should be returned")
_, err = client.GetAPIKey(ctx, admin.UserID.String(), keyID)
_, err = client.APIKey(ctx, admin.UserID.String(), keyID)
sdkErr := &codersdk.Error{}
require.ErrorAs(t, err, &sdkErr)
require.Equal(t, http.StatusUnauthorized, sdkErr.StatusCode(), "Expecting 401")
@ -615,7 +615,7 @@ func TestUpdateUserPassword(t *testing.T) {
// Trying to get an API key should fail since our client's token
// has been deleted.
_, err = client.GetAPIKey(ctx, user.UserID.String(), apikey1.Key)
_, err = client.APIKey(ctx, user.UserID.String(), apikey1.Key)
require.Error(t, err)
cerr := coderdtest.SDKError(t, err)
require.Equal(t, http.StatusUnauthorized, cerr.StatusCode())
@ -630,12 +630,12 @@ func TestUpdateUserPassword(t *testing.T) {
// Trying to get an API key should fail since all keys are deleted
// on password change.
_, err = client.GetAPIKey(ctx, user.UserID.String(), apikey1.Key)
_, err = client.APIKey(ctx, user.UserID.String(), apikey1.Key)
require.Error(t, err)
cerr = coderdtest.SDKError(t, err)
require.Equal(t, http.StatusNotFound, cerr.StatusCode())
_, err = client.GetAPIKey(ctx, user.UserID.String(), apikey2.Key)
_, err = client.APIKey(ctx, user.UserID.String(), apikey2.Key)
require.Error(t, err)
cerr = coderdtest.SDKError(t, err)
require.Equal(t, http.StatusNotFound, cerr.StatusCode())
@ -833,7 +833,7 @@ func TestInitialRoles(t *testing.T) {
client := coderdtest.New(t, nil)
first := coderdtest.CreateFirstUser(t, client)
roles, err := client.GetUserRoles(ctx, codersdk.Me)
roles, err := client.UserRoles(ctx, codersdk.Me)
require.NoError(t, err)
require.ElementsMatch(t, roles.Roles, []string{
rbac.RoleOwner(),

59
coderd/workspaceagents.go
View File

@ -32,6 +32,7 @@ import (
"github.com/coder/coder/coderd/rbac"
"github.com/coder/coder/coderd/tracing"
"github.com/coder/coder/codersdk"
"github.com/coder/coder/codersdk/agentsdk"
"github.com/coder/coder/tailnet"
)
@ -76,7 +77,7 @@ func (api *API) workspaceAgent(rw http.ResponseWriter, r *http.Request) {
// @Security CoderSessionToken
// @Produce json
// @Tags Agents
// @Success 200 {object} codersdk.WorkspaceAgentMetadata
// @Success 200 {object} agentsdk.Metadata
// @Router /workspaceagents/me/metadata [get]
func (api *API) workspaceAgentMetadata(rw http.ResponseWriter, r *http.Request) {
ctx := r.Context()
@ -141,7 +142,7 @@ func (api *API) workspaceAgentMetadata(rw http.ResponseWriter, r *http.Request)
vscodeProxyURI += fmt.Sprintf(":%s", api.AccessURL.Port())
}
httpapi.Write(ctx, rw, http.StatusOK, codersdk.WorkspaceAgentMetadata{
httpapi.Write(ctx, rw, http.StatusOK, agentsdk.Metadata{
Apps: convertApps(dbApps),
DERPMap: api.DERPMap,
GitAuthConfigs: len(api.GitAuthConfigs),
@ -160,7 +161,7 @@ func (api *API) workspaceAgentMetadata(rw http.ResponseWriter, r *http.Request)
// @Accept json
// @Produce json
// @Tags Agents
// @Param request body codersdk.PostWorkspaceAgentVersionRequest true "Version request"
// @Param request body agentsdk.PostVersionRequest true "Version request"
// @Success 200
// @Router /workspaceagents/me/version [post]
// @x-apidocgen {"skip": true}
@ -176,7 +177,7 @@ func (api *API) postWorkspaceAgentVersion(rw http.ResponseWriter, r *http.Reques
return
}
var req codersdk.PostWorkspaceAgentVersionRequest
var req agentsdk.PostVersionRequest
if !httpapi.Read(ctx, rw, r, &req) {
return
}
@ -299,7 +300,7 @@ func (api *API) workspaceAgentPTY(rw http.ResponseWriter, r *http.Request) {
// @Produce json
// @Tags Agents
// @Param workspaceagent path string true "Workspace agent ID" format(uuid)
// @Success 200 {object} codersdk.ListeningPortsResponse
// @Success 200 {object} codersdk.WorkspaceAgentListeningPortsResponse
// @Router /workspaceagents/{workspaceagent}/listening-ports [get]
func (api *API) workspaceAgentListeningPorts(rw http.ResponseWriter, r *http.Request) {
ctx := r.Context()
@ -382,15 +383,15 @@ func (api *API) workspaceAgentListeningPorts(rw http.ResponseWriter, r *http.Req
// Filter out ports that are globally blocked, in-use by applications, or
// common non-HTTP ports such as databases, FTP, SSH, etc.
filteredPorts := make([]codersdk.ListeningPort, 0, len(portsResponse.Ports))
filteredPorts := make([]codersdk.WorkspaceAgentListeningPort, 0, len(portsResponse.Ports))
for _, port := range portsResponse.Ports {
if port.Port < codersdk.MinimumListeningPort {
if port.Port < codersdk.WorkspaceAgentMinimumListeningPort {
continue
}
if _, ok := appPorts[port.Port]; ok {
continue
}
if _, ok := codersdk.IgnoredListeningPorts[port.Port]; ok {
if _, ok := codersdk.WorkspaceAgentIgnoredListeningPorts[port.Port]; ok {
continue
}
filteredPorts = append(filteredPorts, port)
@ -400,7 +401,7 @@ func (api *API) workspaceAgentListeningPorts(rw http.ResponseWriter, r *http.Req
httpapi.Write(ctx, rw, http.StatusOK, portsResponse)
}
func (api *API) dialWorkspaceAgentTailnet(r *http.Request, agentID uuid.UUID) (*codersdk.AgentConn, error) {
func (api *API) dialWorkspaceAgentTailnet(r *http.Request, agentID uuid.UUID) (*codersdk.WorkspaceAgentConn, error) {
clientConn, serverConn := net.Pipe()
derpMap := api.DERPMap.Clone()
@ -467,7 +468,7 @@ func (api *API) dialWorkspaceAgentTailnet(r *http.Request, agentID uuid.UUID) (*
_ = conn.Close()
}
}()
return &codersdk.AgentConn{
return &codersdk.WorkspaceAgentConn{
Conn: conn,
CloseFunc: func() {
_ = clientConn.Close()
@ -861,8 +862,8 @@ func convertWorkspaceAgent(derpMap *tailcfg.DERPMap, coordinator tailnet.Coordin
// @Accept json
// @Produce json
// @Tags Agents
// @Param request body codersdk.AgentStats true "Stats request"
// @Success 200 {object} codersdk.AgentStatsResponse
// @Param request body agentsdk.Stats true "Stats request"
// @Success 200 {object} agentsdk.StatsResponse
// @Router /workspaceagents/me/report-stats [post]
func (api *API) workspaceAgentReportStats(rw http.ResponseWriter, r *http.Request) {
ctx := r.Context()
@ -877,13 +878,13 @@ func (api *API) workspaceAgentReportStats(rw http.ResponseWriter, r *http.Reques
return
}
var req codersdk.AgentStats
var req agentsdk.Stats
if !httpapi.Read(ctx, rw, r, &req) {
return
}
if req.RxBytes == 0 && req.TxBytes == 0 {
httpapi.Write(ctx, rw, http.StatusOK, codersdk.AgentStatsResponse{
httpapi.Write(ctx, rw, http.StatusOK, agentsdk.StatsResponse{
ReportInterval: api.AgentStatsRefreshInterval,
})
return
@ -928,7 +929,7 @@ func (api *API) workspaceAgentReportStats(rw http.ResponseWriter, r *http.Reques
return
}
httpapi.Write(ctx, rw, http.StatusOK, codersdk.AgentStatsResponse{
httpapi.Write(ctx, rw, http.StatusOK, agentsdk.StatsResponse{
ReportInterval: api.AgentStatsRefreshInterval,
})
}
@ -938,7 +939,7 @@ func (api *API) workspaceAgentReportStats(rw http.ResponseWriter, r *http.Reques
// @Security CoderSessionToken
// @Accept json
// @Tags Agents
// @Param request body codersdk.PostWorkspaceAgentLifecycleRequest true "Workspace agent lifecycle request"
// @Param request body agentsdk.PostLifecycleRequest true "Workspace agent lifecycle request"
// @Success 204 "Success"
// @Router /workspaceagents/me/report-lifecycle [post]
// @x-apidocgen {"skip": true}
@ -955,7 +956,7 @@ func (api *API) workspaceAgentReportLifecycle(rw http.ResponseWriter, r *http.Re
return
}
var req codersdk.PostWorkspaceAgentLifecycleRequest
var req agentsdk.PostLifecycleRequest
if !httpapi.Read(ctx, rw, r, &req) {
return
}
@ -994,13 +995,13 @@ func (api *API) workspaceAgentReportLifecycle(rw http.ResponseWriter, r *http.Re
// @Accept json
// @Produce json
// @Tags Agents
// @Param request body codersdk.PostWorkspaceAppHealthsRequest true "Application health request"
// @Param request body agentsdk.PostAppHealthsRequest true "Application health request"
// @Success 200
// @Router /workspaceagents/me/app-health [post]
func (api *API) postWorkspaceAppHealth(rw http.ResponseWriter, r *http.Request) {
ctx := r.Context()
workspaceAgent := httpmw.WorkspaceAgent(r)
var req codersdk.PostWorkspaceAppHealthsRequest
var req agentsdk.PostAppHealthsRequest
if !httpapi.Read(ctx, rw, r, &req) {
return
}
@ -1122,7 +1123,7 @@ func (api *API) postWorkspaceAppHealth(rw http.ResponseWriter, r *http.Request)
// @Tags Agents
// @Param url query string true "Git URL" format(uri)
// @Param listen query bool false "Wait for a new token to be issued"
// @Success 200 {object} codersdk.WorkspaceAgentGitAuthResponse
// @Success 200 {object} agentsdk.GitAuthResponse
// @Router /workspaceagents/me/gitauth [get]
func (api *API) workspaceAgentsGitAuth(rw http.ResponseWriter, r *http.Request) {
ctx := r.Context()
@ -1272,7 +1273,7 @@ func (api *API) workspaceAgentsGitAuth(rw http.ResponseWriter, r *http.Request)
return
}
httpapi.Write(ctx, rw, http.StatusOK, codersdk.WorkspaceAgentGitAuthResponse{
httpapi.Write(ctx, rw, http.StatusOK, agentsdk.GitAuthResponse{
URL: redirectURL.String(),
})
return
@ -1281,7 +1282,7 @@ func (api *API) workspaceAgentsGitAuth(rw http.ResponseWriter, r *http.Request)
// If the token is expired and refresh is disabled, we prompt
// the user to authenticate again.
if gitAuthConfig.NoRefresh && gitAuthLink.OAuthExpiry.Before(database.Now()) {
httpapi.Write(ctx, rw, http.StatusOK, codersdk.WorkspaceAgentGitAuthResponse{
httpapi.Write(ctx, rw, http.StatusOK, agentsdk.GitAuthResponse{
URL: redirectURL.String(),
})
return
@ -1293,7 +1294,7 @@ func (api *API) workspaceAgentsGitAuth(rw http.ResponseWriter, r *http.Request)
Expiry: gitAuthLink.OAuthExpiry,
}).Token()
if err != nil {
httpapi.Write(ctx, rw, http.StatusOK, codersdk.WorkspaceAgentGitAuthResponse{
httpapi.Write(ctx, rw, http.StatusOK, agentsdk.GitAuthResponse{
URL: redirectURL.String(),
})
return
@ -1310,7 +1311,7 @@ func (api *API) workspaceAgentsGitAuth(rw http.ResponseWriter, r *http.Request)
}
if !valid {
// The token is no longer valid!
httpapi.Write(ctx, rw, http.StatusOK, codersdk.WorkspaceAgentGitAuthResponse{
httpapi.Write(ctx, rw, http.StatusOK, agentsdk.GitAuthResponse{
URL: redirectURL.String(),
})
return
@ -1363,23 +1364,23 @@ func validateGitToken(ctx context.Context, validateURL, token string) (bool, err
}
// Provider types have different username/password formats.
func formatGitAuthAccessToken(typ codersdk.GitProvider, token string) codersdk.WorkspaceAgentGitAuthResponse {
var resp codersdk.WorkspaceAgentGitAuthResponse
func formatGitAuthAccessToken(typ codersdk.GitProvider, token string) agentsdk.GitAuthResponse {
var resp agentsdk.GitAuthResponse
switch typ {
case codersdk.GitProviderGitLab:
// https://stackoverflow.com/questions/25409700/using-gitlab-token-to-clone-without-authentication
resp = codersdk.WorkspaceAgentGitAuthResponse{
resp = agentsdk.GitAuthResponse{
Username: "oauth2",
Password: token,
}
case codersdk.GitProviderBitBucket:
// https://support.atlassian.com/bitbucket-cloud/docs/use-oauth-on-bitbucket-cloud/#Cloning-a-repository-with-an-access-token
resp = codersdk.WorkspaceAgentGitAuthResponse{
resp = agentsdk.GitAuthResponse{
Username: "x-token-auth",
Password: token,
}
default:
resp = codersdk.WorkspaceAgentGitAuthResponse{
resp = agentsdk.GitAuthResponse{
Username: token,
}
}

87
coderd/workspaceagents_test.go
View File

@ -27,6 +27,7 @@ import (
"github.com/coder/coder/coderd/database"
"github.com/coder/coder/coderd/gitauth"
"github.com/coder/coder/codersdk"
"github.com/coder/coder/codersdk/agentsdk"
"github.com/coder/coder/provisioner/echo"
"github.com/coder/coder/provisionersdk/proto"
"github.com/coder/coder/testutil"
@ -210,7 +211,7 @@ func TestWorkspaceAgentListen(t *testing.T) {
workspace := coderdtest.CreateWorkspace(t, client, user.OrganizationID, template.ID)
coderdtest.AwaitWorkspaceBuildJob(t, client, workspace.LatestBuild.ID)
agentClient := codersdk.New(client.URL)
agentClient := agentsdk.New(client.URL)
agentClient.SetSessionToken(authToken)
agentCloser := agent.New(agent.Options{
Client: agentClient,
@ -299,10 +300,10 @@ func TestWorkspaceAgentListen(t *testing.T) {
require.NoError(t, err)
coderdtest.AwaitWorkspaceBuildJob(t, client, stopBuild.ID)
agentClient := codersdk.New(client.URL)
agentClient := agentsdk.New(client.URL)
agentClient.SetSessionToken(authToken)
_, err = agentClient.ListenWorkspaceAgent(ctx)
_, err = agentClient.Listen(ctx)
require.Error(t, err)
require.ErrorContains(t, err, "build is outdated")
})
@ -339,7 +340,7 @@ func TestWorkspaceAgentTailnet(t *testing.T) {
coderdtest.AwaitWorkspaceBuildJob(t, client, workspace.LatestBuild.ID)
daemonCloser.Close()
agentClient := codersdk.New(client.URL)
agentClient := agentsdk.New(client.URL)
agentClient.SetSessionToken(authToken)
agentCloser := agent.New(agent.Options{
Client: agentClient,
@ -405,7 +406,7 @@ func TestWorkspaceAgentPTY(t *testing.T) {
workspace := coderdtest.CreateWorkspace(t, client, user.OrganizationID, template.ID)
coderdtest.AwaitWorkspaceBuildJob(t, client, workspace.LatestBuild.ID)
agentClient := codersdk.New(client.URL)
agentClient := agentsdk.New(client.URL)
agentClient.SetSessionToken(authToken)
agentCloser := agent.New(agent.Options{
Client: agentClient,
@ -502,7 +503,7 @@ func TestWorkspaceAgentListeningPorts(t *testing.T) {
workspace := coderdtest.CreateWorkspace(t, client, user.OrganizationID, template.ID)
coderdtest.AwaitWorkspaceBuildJob(t, client, workspace.LatestBuild.ID)
agentClient := codersdk.New(client.URL)
agentClient := agentsdk.New(client.URL)
agentClient.SetSessionToken(authToken)
agentCloser := agent.New(agent.Options{
Client: agentClient,
@ -517,10 +518,10 @@ func TestWorkspaceAgentListeningPorts(t *testing.T) {
}
willFilterPort := func(port int) bool {
if port < codersdk.MinimumListeningPort || port > 65535 {
if port < codersdk.WorkspaceAgentMinimumListeningPort || port > 65535 {
return true
}
if _, ok := codersdk.IgnoredListeningPorts[uint16(port)]; ok {
if _, ok := codersdk.WorkspaceAgentIgnoredListeningPorts[uint16(port)]; ok {
return true
}
@ -560,7 +561,7 @@ func TestWorkspaceAgentListeningPorts(t *testing.T) {
port uint16
)
require.Eventually(t, func() bool {
for ignoredPort := range codersdk.IgnoredListeningPorts {
for ignoredPort := range codersdk.WorkspaceAgentIgnoredListeningPorts {
if ignoredPort < 1024 || ignoredPort == 5432 {
continue
}
@ -615,7 +616,7 @@ func TestWorkspaceAgentListeningPorts(t *testing.T) {
}
)
for _, port := range res.Ports {
if port.Network == codersdk.ListeningPortNetworkTCP {
if port.Network == "tcp" {
if val, ok := expected[port.Port]; ok {
if val {
t.Fatalf("expected to find TCP port %d only once in response", port.Port)
@ -637,7 +638,7 @@ func TestWorkspaceAgentListeningPorts(t *testing.T) {
require.NoError(t, err)
for _, port := range res.Ports {
if port.Network == codersdk.ListeningPortNetworkTCP && port.Port == lPort {
if port.Network == "tcp" && port.Port == lPort {
t.Fatalf("expected to not find TCP port %d in response", lPort)
}
}
@ -667,7 +668,7 @@ func TestWorkspaceAgentListeningPorts(t *testing.T) {
sawCoderdPort := false
for _, port := range res.Ports {
if port.Network == codersdk.ListeningPortNetworkTCP {
if port.Network == "tcp" {
if port.Port == appLPort {
t.Fatalf("expected to not find TCP port (app port) %d in response", appLPort)
}
@ -764,50 +765,50 @@ func TestWorkspaceAgentAppHealth(t *testing.T) {
ctx, cancel := context.WithTimeout(context.Background(), testutil.WaitLong)
defer cancel()
agentClient := codersdk.New(client.URL)
agentClient := agentsdk.New(client.URL)
agentClient.SetSessionToken(authToken)
metadata, err := agentClient.WorkspaceAgentMetadata(ctx)
metadata, err := agentClient.Metadata(ctx)
require.NoError(t, err)
require.EqualValues(t, codersdk.WorkspaceAppHealthDisabled, metadata.Apps[0].Health)
require.EqualValues(t, codersdk.WorkspaceAppHealthInitializing, metadata.Apps[1].Health)
err = agentClient.PostWorkspaceAgentAppHealth(ctx, codersdk.PostWorkspaceAppHealthsRequest{})
err = agentClient.PostAppHealth(ctx, agentsdk.PostAppHealthsRequest{})
require.Error(t, err)
// empty
err = agentClient.PostWorkspaceAgentAppHealth(ctx, codersdk.PostWorkspaceAppHealthsRequest{})
err = agentClient.PostAppHealth(ctx, agentsdk.PostAppHealthsRequest{})
require.Error(t, err)
// healthcheck disabled
err = agentClient.PostWorkspaceAgentAppHealth(ctx, codersdk.PostWorkspaceAppHealthsRequest{
err = agentClient.PostAppHealth(ctx, agentsdk.PostAppHealthsRequest{
Healths: map[uuid.UUID]codersdk.WorkspaceAppHealth{
metadata.Apps[0].ID: codersdk.WorkspaceAppHealthInitializing,
},
})
require.Error(t, err)
// invalid value
err = agentClient.PostWorkspaceAgentAppHealth(ctx, codersdk.PostWorkspaceAppHealthsRequest{
err = agentClient.PostAppHealth(ctx, agentsdk.PostAppHealthsRequest{
Healths: map[uuid.UUID]codersdk.WorkspaceAppHealth{
metadata.Apps[1].ID: codersdk.WorkspaceAppHealth("bad-value"),
},
})
require.Error(t, err)
// update to healthy
err = agentClient.PostWorkspaceAgentAppHealth(ctx, codersdk.PostWorkspaceAppHealthsRequest{
err = agentClient.PostAppHealth(ctx, agentsdk.PostAppHealthsRequest{
Healths: map[uuid.UUID]codersdk.WorkspaceAppHealth{
metadata.Apps[1].ID: codersdk.WorkspaceAppHealthHealthy,
},
})
require.NoError(t, err)
metadata, err = agentClient.WorkspaceAgentMetadata(ctx)
metadata, err = agentClient.Metadata(ctx)
require.NoError(t, err)
require.EqualValues(t, codersdk.WorkspaceAppHealthHealthy, metadata.Apps[1].Health)
// update to unhealthy
err = agentClient.PostWorkspaceAgentAppHealth(ctx, codersdk.PostWorkspaceAppHealthsRequest{
err = agentClient.PostAppHealth(ctx, agentsdk.PostAppHealthsRequest{
Healths: map[uuid.UUID]codersdk.WorkspaceAppHealth{
metadata.Apps[1].ID: codersdk.WorkspaceAppHealthUnhealthy,
},
})
require.NoError(t, err)
metadata, err = agentClient.WorkspaceAgentMetadata(ctx)
metadata, err = agentClient.Metadata(ctx)
require.NoError(t, err)
require.EqualValues(t, codersdk.WorkspaceAppHealthUnhealthy, metadata.Apps[1].Health)
}
@ -848,9 +849,9 @@ func TestWorkspaceAgentsGitAuth(t *testing.T) {
workspace := coderdtest.CreateWorkspace(t, client, user.OrganizationID, template.ID)
coderdtest.AwaitWorkspaceBuildJob(t, client, workspace.LatestBuild.ID)
agentClient := codersdk.New(client.URL)
agentClient := agentsdk.New(client.URL)
agentClient.SetSessionToken(authToken)
_, err := agentClient.WorkspaceAgentGitAuth(context.Background(), "github.com", false)
_, err := agentClient.GitAuth(context.Background(), "github.com", false)
var apiError *codersdk.Error
require.ErrorAs(t, err, &apiError)
require.Equal(t, http.StatusNotFound, apiError.StatusCode())
@ -893,9 +894,9 @@ func TestWorkspaceAgentsGitAuth(t *testing.T) {
workspace := coderdtest.CreateWorkspace(t, client, user.OrganizationID, template.ID)
coderdtest.AwaitWorkspaceBuildJob(t, client, workspace.LatestBuild.ID)
agentClient := codersdk.New(client.URL)
agentClient := agentsdk.New(client.URL)
agentClient.SetSessionToken(authToken)
token, err := agentClient.WorkspaceAgentGitAuth(context.Background(), "github.com/asd/asd", false)
token, err := agentClient.GitAuth(context.Background(), "github.com/asd/asd", false)
require.NoError(t, err)
require.True(t, strings.HasSuffix(token.URL, fmt.Sprintf("/gitauth/%s", "github")))
})
@ -979,7 +980,7 @@ func TestWorkspaceAgentsGitAuth(t *testing.T) {
workspace := coderdtest.CreateWorkspace(t, client, user.OrganizationID, template.ID)
coderdtest.AwaitWorkspaceBuildJob(t, client, workspace.LatestBuild.ID)
agentClient := codersdk.New(client.URL)
agentClient := agentsdk.New(client.URL)
agentClient.SetSessionToken(authToken)
resp := gitAuthCallback(t, "github", client)
@ -990,7 +991,7 @@ func TestWorkspaceAgentsGitAuth(t *testing.T) {
srv.Config.Handler = http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
w.WriteHeader(http.StatusUnauthorized)
})
res, err := agentClient.WorkspaceAgentGitAuth(ctx, "github.com/asd/asd", false)
res, err := agentClient.GitAuth(ctx, "github.com/asd/asd", false)
require.NoError(t, err)
require.NotEmpty(t, res.URL)
@ -1000,7 +1001,7 @@ func TestWorkspaceAgentsGitAuth(t *testing.T) {
w.WriteHeader(http.StatusForbidden)
w.Write([]byte("Something went wrong!"))
})
_, err = agentClient.WorkspaceAgentGitAuth(ctx, "github.com/asd/asd", false)
_, err = agentClient.GitAuth(ctx, "github.com/asd/asd", false)
var apiError *codersdk.Error
require.ErrorAs(t, err, &apiError)
require.Equal(t, http.StatusInternalServerError, apiError.StatusCode())
@ -1052,10 +1053,10 @@ func TestWorkspaceAgentsGitAuth(t *testing.T) {
workspace := coderdtest.CreateWorkspace(t, client, user.OrganizationID, template.ID)
coderdtest.AwaitWorkspaceBuildJob(t, client, workspace.LatestBuild.ID)
agentClient := codersdk.New(client.URL)
agentClient := agentsdk.New(client.URL)
agentClient.SetSessionToken(authToken)
token, err := agentClient.WorkspaceAgentGitAuth(context.Background(), "github.com/asd/asd", false)
token, err := agentClient.GitAuth(context.Background(), "github.com/asd/asd", false)
require.NoError(t, err)
require.NotEmpty(t, token.URL)
@ -1067,7 +1068,7 @@ func TestWorkspaceAgentsGitAuth(t *testing.T) {
// Because the token is expired and `NoRefresh` is specified,
// a redirect URL should be returned again.
token, err = agentClient.WorkspaceAgentGitAuth(context.Background(), "github.com/asd/asd", false)
token, err = agentClient.GitAuth(context.Background(), "github.com/asd/asd", false)
require.NoError(t, err)
require.NotEmpty(t, token.URL)
})
@ -1110,17 +1111,17 @@ func TestWorkspaceAgentsGitAuth(t *testing.T) {
workspace := coderdtest.CreateWorkspace(t, client, user.OrganizationID, template.ID)
coderdtest.AwaitWorkspaceBuildJob(t, client, workspace.LatestBuild.ID)
agentClient := codersdk.New(client.URL)
agentClient := agentsdk.New(client.URL)
agentClient.SetSessionToken(authToken)
token, err := agentClient.WorkspaceAgentGitAuth(context.Background(), "github.com/asd/asd", false)
token, err := agentClient.GitAuth(context.Background(), "github.com/asd/asd", false)
require.NoError(t, err)
require.NotEmpty(t, token.URL)
// Start waiting for the token callback...
tokenChan := make(chan codersdk.WorkspaceAgentGitAuthResponse, 1)
tokenChan := make(chan agentsdk.GitAuthResponse, 1)
go func() {
token, err := agentClient.WorkspaceAgentGitAuth(context.Background(), "github.com/asd/asd", true)
token, err := agentClient.GitAuth(context.Background(), "github.com/asd/asd", true)
assert.NoError(t, err)
tokenChan <- token
}()
@ -1132,7 +1133,7 @@ func TestWorkspaceAgentsGitAuth(t *testing.T) {
token = <-tokenChan
require.Equal(t, "token", token.Username)
token, err = agentClient.WorkspaceAgentGitAuth(context.Background(), "github.com/asd/asd", false)
token, err = agentClient.GitAuth(context.Background(), "github.com/asd/asd", false)
require.NoError(t, err)
})
}
@ -1173,10 +1174,10 @@ func TestWorkspaceAgentReportStats(t *testing.T) {
workspace := coderdtest.CreateWorkspace(t, client, user.OrganizationID, template.ID)
coderdtest.AwaitWorkspaceBuildJob(t, client, workspace.LatestBuild.ID)
agentClient := codersdk.New(client.URL)
agentClient := agentsdk.New(client.URL)
agentClient.SetSessionToken(authToken)
_, err := agentClient.PostAgentStats(context.Background(), &codersdk.AgentStats{
_, err := agentClient.PostStats(context.Background(), &agentsdk.Stats{
ConnsByProto: map[string]int64{"TCP": 1},
NumConns: 1,
RxPackets: 1,
@ -1206,11 +1207,11 @@ func gitAuthCallback(t *testing.T, id string, client *codersdk.Client) *http.Res
req, err := http.NewRequestWithContext(context.Background(), "GET", oauthURL.String(), nil)
require.NoError(t, err)
req.AddCookie(&http.Cookie{
Name: codersdk.OAuth2StateKey,
Name: codersdk.OAuth2StateCookie,
Value: state,
})
req.AddCookie(&http.Cookie{
Name: codersdk.SessionTokenKey,
Name: codersdk.SessionTokenCookie,
Value: client.SessionToken(),
})
res, err := client.HTTPClient.Do(req)
@ -1263,7 +1264,7 @@ func TestWorkspaceAgent_LifecycleState(t *testing.T) {
}
}
agentClient := codersdk.New(client.URL)
agentClient := agentsdk.New(client.URL)
agentClient.SetSessionToken(authToken)
tests := []struct {
@ -1284,7 +1285,7 @@ func TestWorkspaceAgent_LifecycleState(t *testing.T) {
t.Run(string(tt.state), func(t *testing.T) {
ctx, _ := testutil.Context(t)
err := agentClient.PostWorkspaceAgentLifecycle(ctx, codersdk.PostWorkspaceAgentLifecycleRequest{
err := agentClient.PostLifecycle(ctx, agentsdk.PostLifecycleRequest{
State: tt.state,
})
if tt.wantErr {

8
coderd/workspaceapps.go
View File

@ -77,7 +77,7 @@ const (
// @Security CoderSessionToken
// @Produce json
// @Tags Applications
// @Success 200 {object} codersdk.GetAppHostResponse
// @Success 200 {object} codersdk.AppHostResponse
// @Router /applications/host [get]
func (api *API) appHost(rw http.ResponseWriter, r *http.Request) {
host := api.AppHostname
@ -85,7 +85,7 @@ func (api *API) appHost(rw http.ResponseWriter, r *http.Request) {
host += fmt.Sprintf(":%s", api.AccessURL.Port())
}
httpapi.Write(r.Context(), rw, http.StatusOK, codersdk.GetAppHostResponse{
httpapi.Write(r.Context(), rw, http.StatusOK, codersdk.AppHostResponse{
Host: host,
})
}
@ -862,9 +862,9 @@ func (api *API) proxyWorkspaceApplication(proxyApp proxyApplication, rw http.Res
return
}
if portInt < codersdk.MinimumListeningPort {
if portInt < codersdk.WorkspaceAgentMinimumListeningPort {
httpapi.Write(ctx, rw, http.StatusBadRequest, codersdk.Response{
Message: fmt.Sprintf("Application port %d is not permitted. Coder reserves ports less than %d for internal use.", portInt, codersdk.MinimumListeningPort),
Message: fmt.Sprintf("Application port %d is not permitted. Coder reserves ports less than %d for internal use.", portInt, codersdk.WorkspaceAgentMinimumListeningPort),
})
return
}

31
coderd/workspaceapps_test.go
View File

@ -27,6 +27,7 @@ import (
"github.com/coder/coder/coderd/httpmw"
"github.com/coder/coder/coderd/rbac"
"github.com/coder/coder/codersdk"
"github.com/coder/coder/codersdk/agentsdk"
"github.com/coder/coder/provisioner/echo"
"github.com/coder/coder/provisionersdk/proto"
"github.com/coder/coder/testutil"
@ -96,12 +97,12 @@ func TestGetAppHost(t *testing.T) {
defer cancel()
// Should not leak to unauthenticated users.
host, err := client.GetAppHost(ctx)
host, err := client.AppHost(ctx)
require.Error(t, err)
require.Equal(t, "", host.Host)
_ = coderdtest.CreateFirstUser(t, client)
host, err = client.GetAppHost(ctx)
host, err = client.AppHost(ctx)
require.NoError(t, err)
require.Equal(t, c.expected, host.Host)
})
@ -134,7 +135,7 @@ func setupProxyTest(t *testing.T, opts *setupProxyTestOpts) (*codersdk.Client, c
server := http.Server{
ReadHeaderTimeout: time.Minute,
Handler: http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
_, err := r.Cookie(codersdk.SessionTokenKey)
_, err := r.Cookie(codersdk.SessionTokenCookie)
assert.ErrorIs(t, err, http.ErrNoCookie)
w.Header().Set("X-Forwarded-For", r.Header.Get("X-Forwarded-For"))
w.WriteHeader(http.StatusOK)
@ -252,10 +253,10 @@ func createWorkspaceWithApps(t *testing.T, client *codersdk.Client, orgID uuid.U
user, err := client.User(ctx, codersdk.Me)
require.NoError(t, err)
agentClient := codersdk.New(client.URL)
agentClient := agentsdk.New(client.URL)
agentClient.SetSessionToken(authToken)
if appHost != "" {
metadata, err := agentClient.WorkspaceAgentMetadata(context.Background())
metadata, err := agentClient.Metadata(context.Background())
require.NoError(t, err)
proxyURL := fmt.Sprintf(
"http://{{port}}--%s--%s--%s%s",
@ -437,7 +438,7 @@ func TestWorkspaceApplicationAuth(t *testing.T) {
// Get the current user and API key.
user, err := client.User(ctx, codersdk.Me)
require.NoError(t, err)
currentAPIKey, err := client.GetAPIKey(ctx, firstUser.UserID.String(), strings.Split(client.SessionToken(), "-")[0])
currentAPIKey, err := client.APIKey(ctx, firstUser.UserID.String(), strings.Split(client.SessionToken(), "-")[0])
require.NoError(t, err)
// Try to load the application without authentication.
@ -499,7 +500,7 @@ func TestWorkspaceApplicationAuth(t *testing.T) {
apiKey := cookies[0].Value
// Fetch the API key.
apiKeyInfo, err := client.GetAPIKey(ctx, firstUser.UserID.String(), strings.Split(apiKey, "-")[0])
apiKeyInfo, err := client.APIKey(ctx, firstUser.UserID.String(), strings.Split(apiKey, "-")[0])
require.NoError(t, err)
require.Equal(t, user.ID, apiKeyInfo.UserID)
require.Equal(t, codersdk.LoginTypePassword, apiKeyInfo.LoginType)
@ -515,7 +516,7 @@ func TestWorkspaceApplicationAuth(t *testing.T) {
canCreateApplicationConnect = "can-create-application_connect"
canReadUserMe = "can-read-user-me"
)
authRes, err := appClient.CheckAuthorization(ctx, codersdk.AuthorizationRequest{
authRes, err := appClient.AuthCheck(ctx, codersdk.AuthorizationRequest{
Checks: map[string]codersdk.AuthorizationCheck{
canCreateApplicationConnect: {
Object: codersdk.AuthorizationObject{
@ -546,7 +547,7 @@ func TestWorkspaceApplicationAuth(t *testing.T) {
t.Log("navigating to: ", gotLocation.String())
req, err = http.NewRequestWithContext(ctx, "GET", gotLocation.String(), nil)
require.NoError(t, err)
req.Header.Set(codersdk.SessionCustomHeader, apiKey)
req.Header.Set(codersdk.SessionTokenHeader, apiKey)
resp, err = doWithRetries(t, client, req)
require.NoError(t, err)
resp.Body.Close()
@ -730,7 +731,7 @@ func TestWorkspaceAppsProxySubdomain(t *testing.T) {
require.NoError(t, err, "get workspaces")
require.Len(t, res.Workspaces, 1, "expected 1 workspace")
appHost, err := client.GetAppHost(ctx)
appHost, err := client.AppHost(ctx)
require.NoError(t, err, "get app host")
subdomain := httpapi.ApplicationURL{
@ -858,7 +859,7 @@ func TestWorkspaceAppsProxySubdomain(t *testing.T) {
ctx, cancel := context.WithTimeout(context.Background(), testutil.WaitLong)
defer cancel()
port := uint16(codersdk.MinimumListeningPort - 1)
port := uint16(codersdk.WorkspaceAgentMinimumListeningPort - 1)
resp, err := requestWithRetries(ctx, t, client, http.MethodGet, proxyURL(t, client, port, "/", proxyTestAppQuery), nil)
require.NoError(t, err)
defer resp.Body.Close()
@ -1049,7 +1050,7 @@ func TestAppSubdomainLogout(t *testing.T) {
_, err := client.User(ctx, codersdk.Me)
require.NoError(t, err)
appHost, err := client.GetAppHost(ctx)
appHost, err := client.AppHost(ctx)
require.NoError(t, err, "get app host")
if c.cookie == "-" {
@ -1087,7 +1088,7 @@ func TestAppSubdomainLogout(t *testing.T) {
// The header is prioritized over the devurl cookie if both are
// set, so this ensures we can trigger the logout code path with
// bad cookies during tests.
req.Header.Set(codersdk.SessionCustomHeader, client.SessionToken())
req.Header.Set(codersdk.SessionTokenHeader, client.SessionToken())
if c.cookie != "" {
req.AddCookie(&http.Cookie{
Name: httpmw.DevURLSessionTokenCookie,
@ -1526,7 +1527,7 @@ func TestWorkspaceAppsNonCanonicalHeaders(t *testing.T) {
secWebSocketKey := "test-dean-was-here"
req.Header["Sec-WebSocket-Key"] = []string{secWebSocketKey}
req.Header.Set(codersdk.SessionCustomHeader, client.SessionToken())
req.Header.Set(codersdk.SessionTokenHeader, client.SessionToken())
resp, err := doWithRetries(t, client, req)
require.NoError(t, err)
defer resp.Body.Close()
@ -1578,7 +1579,7 @@ func TestWorkspaceAppsNonCanonicalHeaders(t *testing.T) {
secWebSocketKey := "test-dean-was-here"
req.Header["Sec-WebSocket-Key"] = []string{secWebSocketKey}
req.Header.Set(codersdk.SessionCustomHeader, client.SessionToken())
req.Header.Set(codersdk.SessionTokenHeader, client.SessionToken())
resp, err := doWithRetries(t, client, req)
require.NoError(t, err)
defer resp.Body.Close()

21
coderd/workspaceresourceauth.go
View File

@ -13,6 +13,7 @@ import (
"github.com/coder/coder/coderd/httpapi"
"github.com/coder/coder/coderd/provisionerdserver"
"github.com/coder/coder/codersdk"
"github.com/coder/coder/codersdk/agentsdk"
"github.com/mitchellh/mapstructure"
)
@ -26,12 +27,12 @@ import (
// @Accept json
// @Produce json
// @Tags Agents
// @Param request body codersdk.AzureInstanceIdentityToken true "Instance identity token"
// @Success 200 {object} codersdk.WorkspaceAgentAuthenticateResponse
// @Param request body agentsdk.AzureInstanceIdentityToken true "Instance identity token"
// @Success 200 {object} agentsdk.AuthenticateResponse
// @Router /workspaceagents/azure-instance-identity [post]
func (api *API) postWorkspaceAuthAzureInstanceIdentity(rw http.ResponseWriter, r *http.Request) {
ctx := r.Context()
var req codersdk.AzureInstanceIdentityToken
var req agentsdk.AzureInstanceIdentityToken
if !httpapi.Read(ctx, rw, r, &req) {
return
}
@ -56,12 +57,12 @@ func (api *API) postWorkspaceAuthAzureInstanceIdentity(rw http.ResponseWriter, r
// @Accept json
// @Produce json
// @Tags Agents
// @Param request body codersdk.AWSInstanceIdentityToken true "Instance identity token"
// @Success 200 {object} codersdk.WorkspaceAgentAuthenticateResponse
// @Param request body agentsdk.AWSInstanceIdentityToken true "Instance identity token"
// @Success 200 {object} agentsdk.AuthenticateResponse
// @Router /workspaceagents/aws-instance-identity [post]
func (api *API) postWorkspaceAuthAWSInstanceIdentity(rw http.ResponseWriter, r *http.Request) {
ctx := r.Context()
var req codersdk.AWSInstanceIdentityToken
var req agentsdk.AWSInstanceIdentityToken
if !httpapi.Read(ctx, rw, r, &req) {
return
}
@ -86,12 +87,12 @@ func (api *API) postWorkspaceAuthAWSInstanceIdentity(rw http.ResponseWriter, r *
// @Accept json
// @Produce json
// @Tags Agents
// @Param request body codersdk.GoogleInstanceIdentityToken true "Instance identity token"
// @Success 200 {object} codersdk.WorkspaceAgentAuthenticateResponse
// @Param request body agentsdk.GoogleInstanceIdentityToken true "Instance identity token"
// @Success 200 {object} agentsdk.AuthenticateResponse
// @Router /workspaceagents/google-instance-identity [post]
func (api *API) postWorkspaceAuthGoogleInstanceIdentity(rw http.ResponseWriter, r *http.Request) {
ctx := r.Context()
var req codersdk.GoogleInstanceIdentityToken
var req agentsdk.GoogleInstanceIdentityToken
if !httpapi.Read(ctx, rw, r, &req) {
return
}
@ -196,7 +197,7 @@ func (api *API) handleAuthInstanceID(rw http.ResponseWriter, r *http.Request, in
return
}
httpapi.Write(ctx, rw, http.StatusOK, codersdk.WorkspaceAgentAuthenticateResponse{
httpapi.Write(ctx, rw, http.StatusOK, agentsdk.AuthenticateResponse{
SessionToken: agent.AuthToken.String(),
})
}

26
coderd/workspaceresourceauth_test.go
View File

@ -9,6 +9,7 @@ import (
"github.com/coder/coder/coderd/coderdtest"
"github.com/coder/coder/codersdk"
"github.com/coder/coder/codersdk/agentsdk"
"github.com/coder/coder/provisioner/echo"
"github.com/coder/coder/provisionersdk/proto"
"github.com/coder/coder/testutil"
@ -50,7 +51,10 @@ func TestPostWorkspaceAuthAzureInstanceIdentity(t *testing.T) {
defer cancel()
client.HTTPClient = metadataClient
_, err := client.AuthWorkspaceAzureInstanceIdentity(ctx)
agentClient := &agentsdk.Client{
SDK: client,
}
_, err := agentClient.AuthAzureInstanceIdentity(ctx)
require.NoError(t, err)
}
@ -92,7 +96,10 @@ func TestPostWorkspaceAuthAWSInstanceIdentity(t *testing.T) {
defer cancel()
client.HTTPClient = metadataClient
_, err := client.AuthWorkspaceAWSInstanceIdentity(ctx)
agentClient := &agentsdk.Client{
SDK: client,
}
_, err := agentClient.AuthAWSInstanceIdentity(ctx)
require.NoError(t, err)
})
}
@ -110,7 +117,10 @@ func TestPostWorkspaceAuthGoogleInstanceIdentity(t *testing.T) {
ctx, cancel := context.WithTimeout(context.Background(), testutil.WaitLong)
defer cancel()
_, err := client.AuthWorkspaceGoogleInstanceIdentity(ctx, "", metadata)
agentClient := &agentsdk.Client{
SDK: client,
}
_, err := agentClient.AuthGoogleInstanceIdentity(ctx, "", metadata)
var apiErr *codersdk.Error
require.ErrorAs(t, err, &apiErr)
require.Equal(t, http.StatusUnauthorized, apiErr.StatusCode())
@ -127,7 +137,10 @@ func TestPostWorkspaceAuthGoogleInstanceIdentity(t *testing.T) {
ctx, cancel := context.WithTimeout(context.Background(), testutil.WaitLong)
defer cancel()
_, err := client.AuthWorkspaceGoogleInstanceIdentity(ctx, "", metadata)
agentClient := &agentsdk.Client{
SDK: client,
}
_, err := agentClient.AuthGoogleInstanceIdentity(ctx, "", metadata)
var apiErr *codersdk.Error
require.ErrorAs(t, err, &apiErr)
require.Equal(t, http.StatusNotFound, apiErr.StatusCode())
@ -168,7 +181,10 @@ func TestPostWorkspaceAuthGoogleInstanceIdentity(t *testing.T) {
ctx, cancel := context.WithTimeout(context.Background(), testutil.WaitLong)
defer cancel()
_, err := client.AuthWorkspaceGoogleInstanceIdentity(ctx, "", metadata)
agentClient := &agentsdk.Client{
SDK: client,
}
_, err := agentClient.AuthGoogleInstanceIdentity(ctx, "", metadata)
require.NoError(t, err)
})
}

5
coderd/workspaces_test.go
View File

@ -23,6 +23,7 @@ import (
"github.com/coder/coder/coderd/rbac"
"github.com/coder/coder/coderd/util/ptr"
"github.com/coder/coder/codersdk"
"github.com/coder/coder/codersdk/agentsdk"
"github.com/coder/coder/cryptorand"
"github.com/coder/coder/provisioner/echo"
"github.com/coder/coder/provisionersdk/proto"
@ -900,7 +901,7 @@ func TestWorkspaceFilterManual(t *testing.T) {
workspace := coderdtest.CreateWorkspace(t, client, user.OrganizationID, template.ID)
coderdtest.AwaitWorkspaceBuildJob(t, client, workspace.LatestBuild.ID)
agentClient := codersdk.New(client.URL)
agentClient := agentsdk.New(client.URL)
agentClient.SetSessionToken(authToken)
agentCloser := agent.New(agent.Options{
Client: agentClient,
@ -1551,7 +1552,7 @@ func TestWorkspaceWatcher(t *testing.T) {
wait("agent timeout after create")
wait("agent timeout after start")
agentClient := codersdk.New(client.URL)
agentClient := agentsdk.New(client.URL)
agentClient.SetSessionToken(authToken)
agentCloser := agent.New(agent.Options{
Client: agentClient,

22
coderd/wsconncache/wsconncache.go
View File

@ -32,11 +32,11 @@ func New(dialer Dialer, inactiveTimeout time.Duration) *Cache {
}
// Dialer creates a new agent connection by ID.
type Dialer func(r *http.Request, id uuid.UUID) (*codersdk.AgentConn, error)
type Dialer func(r *http.Request, id uuid.UUID) (*codersdk.WorkspaceAgentConn, error)
// Conn wraps an agent connection with a reusable HTTP transport.
type Conn struct {
*codersdk.AgentConn
*codersdk.WorkspaceAgentConn
locks atomic.Uint64
timeoutMutex sync.Mutex
@ -49,8 +49,8 @@ func (c *Conn) HTTPTransport() *http.Transport {
return c.transport
}
// CloseWithError ends the HTTP transport if exists, and closes the agent.
func (c *Conn) CloseWithError(err error) error {
// Close ends the HTTP transport if exists, and closes the agent.
func (c *Conn) Close() error {
if c.transport != nil {
c.transport.CloseIdleConnections()
}
@ -59,7 +59,7 @@ func (c *Conn) CloseWithError(err error) error {
if c.timeout != nil {
c.timeout.Stop()
}
return c.AgentConn.CloseWithError(err)
return c.WorkspaceAgentConn.Close()
}
type Cache struct {
@ -108,24 +108,20 @@ func (c *Cache) Acquire(r *http.Request, id uuid.UUID) (*Conn, func(), error) {
transport := defaultTransport.Clone()
transport.DialContext = agentConn.DialContext
conn := &Conn{
AgentConn: agentConn,
timeoutCancel: timeoutCancelFunc,
transport: transport,
WorkspaceAgentConn: agentConn,
timeoutCancel: timeoutCancelFunc,
transport: transport,
}
go func() {
defer c.closeGroup.Done()
var err error
select {
case <-timeoutCtx.Done():
err = xerrors.New("cache timeout")
case <-c.closed:
err = xerrors.New("cache closed")
case <-conn.Closed():
}
c.connMap.Delete(id.String())
c.connGroup.Forget(id.String())
_ = conn.CloseWithError(err)
_ = conn.Close()
}()
return conn, nil
})

35
coderd/wsconncache/wsconncache_test.go
View File

@ -26,6 +26,7 @@ import (
"github.com/coder/coder/agent"
"github.com/coder/coder/coderd/wsconncache"
"github.com/coder/coder/codersdk"
"github.com/coder/coder/codersdk/agentsdk"
"github.com/coder/coder/tailnet"
"github.com/coder/coder/tailnet/tailnettest"
)
@ -38,8 +39,8 @@ func TestCache(t *testing.T) {
t.Parallel()
t.Run("Same", func(t *testing.T) {
t.Parallel()
cache := wsconncache.New(func(r *http.Request, id uuid.UUID) (*codersdk.AgentConn, error) {
return setupAgent(t, codersdk.WorkspaceAgentMetadata{}, 0), nil
cache := wsconncache.New(func(r *http.Request, id uuid.UUID) (*codersdk.WorkspaceAgentConn, error) {
return setupAgent(t, agentsdk.Metadata{}, 0), nil
}, 0)
defer func() {
_ = cache.Close()
@ -53,9 +54,9 @@ func TestCache(t *testing.T) {
t.Run("Expire", func(t *testing.T) {
t.Parallel()
called := atomic.NewInt32(0)
cache := wsconncache.New(func(r *http.Request, id uuid.UUID) (*codersdk.AgentConn, error) {
cache := wsconncache.New(func(r *http.Request, id uuid.UUID) (*codersdk.WorkspaceAgentConn, error) {
called.Add(1)
return setupAgent(t, codersdk.WorkspaceAgentMetadata{}, 0), nil
return setupAgent(t, agentsdk.Metadata{}, 0), nil
}, time.Microsecond)
defer func() {
_ = cache.Close()
@ -72,8 +73,8 @@ func TestCache(t *testing.T) {
})
t.Run("NoExpireWhenLocked", func(t *testing.T) {
t.Parallel()
cache := wsconncache.New(func(r *http.Request, id uuid.UUID) (*codersdk.AgentConn, error) {
return setupAgent(t, codersdk.WorkspaceAgentMetadata{}, 0), nil
cache := wsconncache.New(func(r *http.Request, id uuid.UUID) (*codersdk.WorkspaceAgentConn, error) {
return setupAgent(t, agentsdk.Metadata{}, 0), nil
}, time.Microsecond)
defer func() {
_ = cache.Close()
@ -105,8 +106,8 @@ func TestCache(t *testing.T) {
}()
go server.Serve(random)
cache := wsconncache.New(func(r *http.Request, id uuid.UUID) (*codersdk.AgentConn, error) {
return setupAgent(t, codersdk.WorkspaceAgentMetadata{}, 0), nil
cache := wsconncache.New(func(r *http.Request, id uuid.UUID) (*codersdk.WorkspaceAgentConn, error) {
return setupAgent(t, agentsdk.Metadata{}, 0), nil
}, time.Microsecond)
defer func() {
_ = cache.Close()
@ -144,7 +145,7 @@ func TestCache(t *testing.T) {
})
}
func setupAgent(t *testing.T, metadata codersdk.WorkspaceAgentMetadata, ptyTimeout time.Duration) *codersdk.AgentConn {
func setupAgent(t *testing.T, metadata agentsdk.Metadata, ptyTimeout time.Duration) *codersdk.WorkspaceAgentConn {
metadata.DERPMap = tailnettest.RunDERPAndSTUN(t)
coordinator := tailnet.NewCoordinator()
@ -182,7 +183,7 @@ func setupAgent(t *testing.T, metadata codersdk.WorkspaceAgentMetadata, ptyTimeo
return conn.UpdateNodes(node)
})
conn.SetNodeCallback(sendNode)
return &codersdk.AgentConn{
return &codersdk.WorkspaceAgentConn{
Conn: conn,
}
}
@ -190,15 +191,15 @@ func setupAgent(t *testing.T, metadata codersdk.WorkspaceAgentMetadata, ptyTimeo
type client struct {
t *testing.T
agentID uuid.UUID
metadata codersdk.WorkspaceAgentMetadata
metadata agentsdk.Metadata
coordinator tailnet.Coordinator
}
func (c *client) WorkspaceAgentMetadata(_ context.Context) (codersdk.WorkspaceAgentMetadata, error) {
func (c *client) Metadata(_ context.Context) (agentsdk.Metadata, error) {
return c.metadata, nil
}
func (c *client) ListenWorkspaceAgent(_ context.Context) (net.Conn, error) {
func (c *client) Listen(_ context.Context) (net.Conn, error) {
clientConn, serverConn := net.Pipe()
closed := make(chan struct{})
c.t.Cleanup(func() {
@ -213,18 +214,18 @@ func (c *client) ListenWorkspaceAgent(_ context.Context) (net.Conn, error) {
return clientConn, nil
}
func (*client) AgentReportStats(_ context.Context, _ slog.Logger, _ func() *codersdk.AgentStats) (io.Closer, error) {
func (*client) ReportStats(_ context.Context, _ slog.Logger, _ func() *agentsdk.Stats) (io.Closer, error) {
return io.NopCloser(strings.NewReader("")), nil
}
func (*client) PostWorkspaceAgentLifecycle(_ context.Context, _ codersdk.PostWorkspaceAgentLifecycleRequest) error {
func (*client) PostLifecycle(_ context.Context, _ agentsdk.PostLifecycleRequest) error {
return nil
}
func (*client) PostWorkspaceAgentAppHealth(_ context.Context, _ codersdk.PostWorkspaceAppHealthsRequest) error {
func (*client) PostAppHealth(_ context.Context, _ agentsdk.PostAppHealthsRequest) error {
return nil
}
func (*client) PostWorkspaceAgentVersion(_ context.Context, _ string) error {
func (*client) PostVersion(_ context.Context, _ string) error {
return nil
}