synced/coder
1
0
Fork 0
mirror of https://github.com/coder/coder.git synced 2025-07-03 16:13:58 +00:00
Code Issues Packages Projects Releases Wiki Activity

feat: enable Terraform debug mode via deployment configuration (#8260)

Browse Source
This commit is contained in:
Marcin Tojek
2023-06-29 15:22:21 +02:00
committed by GitHub
parent 7ca624eceb
commit 83fee4b192
19 changed files with 214 additions and 27 deletions
Download Patch File Download Diff File Expand all files Collapse all files

32
coderd/wsbuilder/wsbuilder.go
View File

@ -34,11 +34,13 @@ import (
// build, job, err := b.Build(...)
type Builder struct {
// settings that control the kind of build you get
workspace database.Workspace
trans database.WorkspaceTransition
version versionTarget
state stateTarget
logLevel string
workspace database.Workspace
trans database.WorkspaceTransition
version versionTarget
state stateTarget
logLevel string
deploymentValues *codersdk.DeploymentValues
richParameterValues []codersdk.WorkspaceBuildParameter
initiator uuid.UUID
reason database.BuildReason
@ -128,6 +130,12 @@ func (b Builder) LogLevel(l string) Builder {
return b
}
func (b Builder) DeploymentValues(dv *codersdk.DeploymentValues) Builder {
// nolint: revive
b.deploymentValues = dv
return b
}
func (b Builder) Initiator(u uuid.UUID) Builder {
// nolint: revive
b.initiator = u
@ -638,11 +646,19 @@ func (b *Builder) authorize(authFunc func(action rbac.Action, object rbac.Object
}
}
if b.logLevel != "" && !authFunc(rbac.ActionUpdate, template) {
if b.logLevel != "" && !authFunc(rbac.ActionRead, rbac.ResourceDeploymentValues) {
return BuildError{
http.StatusBadRequest,
"Workspace builds with a custom log level are restricted to template authors only.",
xerrors.New("Workspace builds with a custom log level are restricted to template authors only."),
"Workspace builds with a custom log level are restricted to administrators only.",
xerrors.New("Workspace builds with a custom log level are restricted to administrators only."),
}
}
if b.logLevel != "" && b.deploymentValues != nil && !b.deploymentValues.EnableTerraformDebugMode {
return BuildError{
http.StatusBadRequest,
"Terraform debug mode is disabled in the deployment configuration.",
xerrors.New("Terraform debug mode is disabled in the deployment configuration."),
}
}
return nil