mirror of
https://github.com/coder/coder.git
synced 2025-07-21 01:28:49 +00:00
feat: improve resources_monitoring for OOM & OOD monitoring (#16241)
As requested for [this issue](https://github.com/coder/internal/issues/245) we need to have a new resource `resources_monitoring` in the agent. It needs to be parsed from the provisioner and inserted into a new db table.
This commit is contained in:
Vincent Vielle
GitHub
@ -4,39 +4,40 @@ package codersdk
|
||||
type RBACResource string
|
||||
|
||||
const (
|
||||
ResourceWildcard RBACResource = "*"
|
||||
ResourceApiKey RBACResource = "api_key"
|
||||
ResourceAssignOrgRole RBACResource = "assign_org_role"
|
||||
ResourceAssignRole RBACResource = "assign_role"
|
||||
ResourceAuditLog RBACResource = "audit_log"
|
||||
ResourceCryptoKey RBACResource = "crypto_key"
|
||||
ResourceDebugInfo RBACResource = "debug_info"
|
||||
ResourceDeploymentConfig RBACResource = "deployment_config"
|
||||
ResourceDeploymentStats RBACResource = "deployment_stats"
|
||||
ResourceFile RBACResource = "file"
|
||||
ResourceGroup RBACResource = "group"
|
||||
ResourceGroupMember RBACResource = "group_member"
|
||||
ResourceIdpsyncSettings RBACResource = "idpsync_settings"
|
||||
ResourceLicense RBACResource = "license"
|
||||
ResourceNotificationMessage RBACResource = "notification_message"
|
||||
ResourceNotificationPreference RBACResource = "notification_preference"
|
||||
ResourceNotificationTemplate RBACResource = "notification_template"
|
||||
ResourceOauth2App RBACResource = "oauth2_app"
|
||||
ResourceOauth2AppCodeToken RBACResource = "oauth2_app_code_token"
|
||||
ResourceOauth2AppSecret RBACResource = "oauth2_app_secret"
|
||||
ResourceOrganization RBACResource = "organization"
|
||||
ResourceOrganizationMember RBACResource = "organization_member"
|
||||
ResourceProvisionerDaemon RBACResource = "provisioner_daemon"
|
||||
ResourceProvisionerJobs RBACResource = "provisioner_jobs"
|
||||
ResourceProvisionerKeys RBACResource = "provisioner_keys"
|
||||
ResourceReplicas RBACResource = "replicas"
|
||||
ResourceSystem RBACResource = "system"
|
||||
ResourceTailnetCoordinator RBACResource = "tailnet_coordinator"
|
||||
ResourceTemplate RBACResource = "template"
|
||||
ResourceUser RBACResource = "user"
|
||||
ResourceWorkspace RBACResource = "workspace"
|
||||
ResourceWorkspaceDormant RBACResource = "workspace_dormant"
|
||||
ResourceWorkspaceProxy RBACResource = "workspace_proxy"
|
||||
ResourceWildcard RBACResource = "*"
|
||||
ResourceApiKey RBACResource = "api_key"
|
||||
ResourceAssignOrgRole RBACResource = "assign_org_role"
|
||||
ResourceAssignRole RBACResource = "assign_role"
|
||||
ResourceAuditLog RBACResource = "audit_log"
|
||||
ResourceCryptoKey RBACResource = "crypto_key"
|
||||
ResourceDebugInfo RBACResource = "debug_info"
|
||||
ResourceDeploymentConfig RBACResource = "deployment_config"
|
||||
ResourceDeploymentStats RBACResource = "deployment_stats"
|
||||
ResourceFile RBACResource = "file"
|
||||
ResourceGroup RBACResource = "group"
|
||||
ResourceGroupMember RBACResource = "group_member"
|
||||
ResourceIdpsyncSettings RBACResource = "idpsync_settings"
|
||||
ResourceLicense RBACResource = "license"
|
||||
ResourceNotificationMessage RBACResource = "notification_message"
|
||||
ResourceNotificationPreference RBACResource = "notification_preference"
|
||||
ResourceNotificationTemplate RBACResource = "notification_template"
|
||||
ResourceOauth2App RBACResource = "oauth2_app"
|
||||
ResourceOauth2AppCodeToken RBACResource = "oauth2_app_code_token"
|
||||
ResourceOauth2AppSecret RBACResource = "oauth2_app_secret"
|
||||
ResourceOrganization RBACResource = "organization"
|
||||
ResourceOrganizationMember RBACResource = "organization_member"
|
||||
ResourceProvisionerDaemon RBACResource = "provisioner_daemon"
|
||||
ResourceProvisionerJobs RBACResource = "provisioner_jobs"
|
||||
ResourceProvisionerKeys RBACResource = "provisioner_keys"
|
||||
ResourceReplicas RBACResource = "replicas"
|
||||
ResourceSystem RBACResource = "system"
|
||||
ResourceTailnetCoordinator RBACResource = "tailnet_coordinator"
|
||||
ResourceTemplate RBACResource = "template"
|
||||
ResourceUser RBACResource = "user"
|
||||
ResourceWorkspace RBACResource = "workspace"
|
||||
ResourceWorkspaceAgentResourceMonitor RBACResource = "workspace_agent_resource_monitor"
|
||||
ResourceWorkspaceDormant RBACResource = "workspace_dormant"
|
||||
ResourceWorkspaceProxy RBACResource = "workspace_proxy"
|
||||
)
|
||||
|
||||
type RBACAction string
|
||||
@ -60,37 +61,38 @@ const (
|
||||
// RBACResourceActions is the mapping of resources to which actions are valid for
|
||||
// said resource type.
|
||||
var RBACResourceActions = map[RBACResource][]RBACAction{
|
||||
ResourceWildcard: {},
|
||||
ResourceApiKey: {ActionCreate, ActionDelete, ActionRead, ActionUpdate},
|
||||
ResourceAssignOrgRole: {ActionAssign, ActionCreate, ActionDelete, ActionRead, ActionUpdate},
|
||||
ResourceAssignRole: {ActionAssign, ActionCreate, ActionDelete, ActionRead, ActionUpdate},
|
||||
ResourceAuditLog: {ActionCreate, ActionRead},
|
||||
ResourceCryptoKey: {ActionCreate, ActionDelete, ActionRead, ActionUpdate},
|
||||
ResourceDebugInfo: {ActionRead},
|
||||
ResourceDeploymentConfig: {ActionRead, ActionUpdate},
|
||||
ResourceDeploymentStats: {ActionRead},
|
||||
ResourceFile: {ActionCreate, ActionRead},
|
||||
ResourceGroup: {ActionCreate, ActionDelete, ActionRead, ActionUpdate},
|
||||
ResourceGroupMember: {ActionRead},
|
||||
ResourceIdpsyncSettings: {ActionRead, ActionUpdate},
|
||||
ResourceLicense: {ActionCreate, ActionDelete, ActionRead},
|
||||
ResourceNotificationMessage: {ActionCreate, ActionDelete, ActionRead, ActionUpdate},
|
||||
ResourceNotificationPreference: {ActionRead, ActionUpdate},
|
||||
ResourceNotificationTemplate: {ActionRead, ActionUpdate},
|
||||
ResourceOauth2App: {ActionCreate, ActionDelete, ActionRead, ActionUpdate},
|
||||
ResourceOauth2AppCodeToken: {ActionCreate, ActionDelete, ActionRead},
|
||||
ResourceOauth2AppSecret: {ActionCreate, ActionDelete, ActionRead, ActionUpdate},
|
||||
ResourceOrganization: {ActionCreate, ActionDelete, ActionRead, ActionUpdate},
|
||||
ResourceOrganizationMember: {ActionCreate, ActionDelete, ActionRead, ActionUpdate},
|
||||
ResourceProvisionerDaemon: {ActionCreate, ActionDelete, ActionRead, ActionUpdate},
|
||||
ResourceProvisionerJobs: {ActionRead},
|
||||
ResourceProvisionerKeys: {ActionCreate, ActionDelete, ActionRead},
|
||||
ResourceReplicas: {ActionRead},
|
||||
ResourceSystem: {ActionCreate, ActionDelete, ActionRead, ActionUpdate},
|
||||
ResourceTailnetCoordinator: {ActionCreate, ActionDelete, ActionRead, ActionUpdate},
|
||||
ResourceTemplate: {ActionCreate, ActionDelete, ActionRead, ActionUpdate, ActionUse, ActionViewInsights},
|
||||
ResourceUser: {ActionCreate, ActionDelete, ActionRead, ActionReadPersonal, ActionUpdate, ActionUpdatePersonal},
|
||||
ResourceWorkspace: {ActionApplicationConnect, ActionCreate, ActionDelete, ActionRead, ActionSSH, ActionWorkspaceStart, ActionWorkspaceStop, ActionUpdate},
|
||||
ResourceWorkspaceDormant: {ActionApplicationConnect, ActionCreate, ActionDelete, ActionRead, ActionSSH, ActionWorkspaceStart, ActionWorkspaceStop, ActionUpdate},
|
||||
ResourceWorkspaceProxy: {ActionCreate, ActionDelete, ActionRead, ActionUpdate},
|
||||
ResourceWildcard: {},
|
||||
ResourceApiKey: {ActionCreate, ActionDelete, ActionRead, ActionUpdate},
|
||||
ResourceAssignOrgRole: {ActionAssign, ActionCreate, ActionDelete, ActionRead, ActionUpdate},
|
||||
ResourceAssignRole: {ActionAssign, ActionCreate, ActionDelete, ActionRead, ActionUpdate},
|
||||
ResourceAuditLog: {ActionCreate, ActionRead},
|
||||
ResourceCryptoKey: {ActionCreate, ActionDelete, ActionRead, ActionUpdate},
|
||||
ResourceDebugInfo: {ActionRead},
|
||||
ResourceDeploymentConfig: {ActionRead, ActionUpdate},
|
||||
ResourceDeploymentStats: {ActionRead},
|
||||
ResourceFile: {ActionCreate, ActionRead},
|
||||
ResourceGroup: {ActionCreate, ActionDelete, ActionRead, ActionUpdate},
|
||||
ResourceGroupMember: {ActionRead},
|
||||
ResourceIdpsyncSettings: {ActionRead, ActionUpdate},
|
||||
ResourceLicense: {ActionCreate, ActionDelete, ActionRead},
|
||||
ResourceNotificationMessage: {ActionCreate, ActionDelete, ActionRead, ActionUpdate},
|
||||
ResourceNotificationPreference: {ActionRead, ActionUpdate},
|
||||
ResourceNotificationTemplate: {ActionRead, ActionUpdate},
|
||||
ResourceOauth2App: {ActionCreate, ActionDelete, ActionRead, ActionUpdate},
|
||||
ResourceOauth2AppCodeToken: {ActionCreate, ActionDelete, ActionRead},
|
||||
ResourceOauth2AppSecret: {ActionCreate, ActionDelete, ActionRead, ActionUpdate},
|
||||
ResourceOrganization: {ActionCreate, ActionDelete, ActionRead, ActionUpdate},
|
||||
ResourceOrganizationMember: {ActionCreate, ActionDelete, ActionRead, ActionUpdate},
|
||||
ResourceProvisionerDaemon: {ActionCreate, ActionDelete, ActionRead, ActionUpdate},
|
||||
ResourceProvisionerJobs: {ActionRead},
|
||||
ResourceProvisionerKeys: {ActionCreate, ActionDelete, ActionRead},
|
||||
ResourceReplicas: {ActionRead},
|
||||
ResourceSystem: {ActionCreate, ActionDelete, ActionRead, ActionUpdate},
|
||||
ResourceTailnetCoordinator: {ActionCreate, ActionDelete, ActionRead, ActionUpdate},
|
||||
ResourceTemplate: {ActionCreate, ActionDelete, ActionRead, ActionUpdate, ActionUse, ActionViewInsights},
|
||||
ResourceUser: {ActionCreate, ActionDelete, ActionRead, ActionReadPersonal, ActionUpdate, ActionUpdatePersonal},
|
||||
ResourceWorkspace: {ActionApplicationConnect, ActionCreate, ActionDelete, ActionRead, ActionSSH, ActionWorkspaceStart, ActionWorkspaceStop, ActionUpdate},
|
||||
ResourceWorkspaceAgentResourceMonitor: {ActionCreate, ActionRead},
|
||||
ResourceWorkspaceDormant: {ActionApplicationConnect, ActionCreate, ActionDelete, ActionRead, ActionSSH, ActionWorkspaceStart, ActionWorkspaceStop, ActionUpdate},
|
||||
ResourceWorkspaceProxy: {ActionCreate, ActionDelete, ActionRead, ActionUpdate},
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user