mirror of
https://github.com/coder/coder.git
synced 2025-07-09 11:45:56 +00:00
feat(coder): add authz_querier experiment (#5858)
* feat(coderd): add authz_querier experiment * coderdtest: wire up authz_querier * wire up AuthzQuerier in coderd * remove things that do not yet exist in this timeline * add newline * comment unreachable code
This commit is contained in:
11
coderd/apidoc/docs.go
generated
11
coderd/apidoc/docs.go
generated
@ -430,7 +430,7 @@ const docTemplate = `{
|
||||
"schema": {
|
||||
"type": "array",
|
||||
"items": {
|
||||
"type": "string"
|
||||
"$ref": "#/definitions/codersdk.Experiment"
|
||||
}
|
||||
}
|
||||
}
|
||||
@ -6195,6 +6195,15 @@ const docTemplate = `{
|
||||
}
|
||||
}
|
||||
},
|
||||
"codersdk.Experiment": {
|
||||
"type": "string",
|
||||
"enum": [
|
||||
"authz_querier"
|
||||
],
|
||||
"x-enum-varnames": [
|
||||
"ExperimentAuthzQuerier"
|
||||
]
|
||||
},
|
||||
"codersdk.Feature": {
|
||||
"type": "object",
|
||||
"properties": {
|
||||
|
7
coderd/apidoc/swagger.json
generated
7
coderd/apidoc/swagger.json
generated
@ -364,7 +364,7 @@
|
||||
"schema": {
|
||||
"type": "array",
|
||||
"items": {
|
||||
"type": "string"
|
||||
"$ref": "#/definitions/codersdk.Experiment"
|
||||
}
|
||||
}
|
||||
}
|
||||
@ -5528,6 +5528,11 @@
|
||||
}
|
||||
}
|
||||
},
|
||||
"codersdk.Experiment": {
|
||||
"type": "string",
|
||||
"enum": ["authz_querier"],
|
||||
"x-enum-varnames": ["ExperimentAuthzQuerier"]
|
||||
},
|
||||
"codersdk.Feature": {
|
||||
"type": "object",
|
||||
"properties": {
|
||||
|
@ -154,6 +154,14 @@ func New(options *Options) *API {
|
||||
if options == nil {
|
||||
options = &Options{}
|
||||
}
|
||||
experiments := initExperiments(options.Logger, options.DeploymentConfig.Experiments.Value, options.DeploymentConfig.Experimental.Value)
|
||||
// TODO: remove this once we promote authz_querier out of experiments.
|
||||
if experiments.Enabled(codersdk.ExperimentAuthzQuerier) {
|
||||
panic("Coming soon!")
|
||||
// if _, ok := (options.Database).(*authzquery.AuthzQuerier); !ok {
|
||||
// options.Database = authzquery.NewAuthzQuerier(options.Database, options.Authorizer)
|
||||
// }
|
||||
}
|
||||
if options.AppHostname != "" && options.AppHostnameRegex == nil || options.AppHostname == "" && options.AppHostnameRegex != nil {
|
||||
panic("coderd: both AppHostname and AppHostnameRegex must be set or unset")
|
||||
}
|
||||
@ -222,7 +230,7 @@ func New(options *Options) *API {
|
||||
},
|
||||
metricsCache: metricsCache,
|
||||
Auditor: atomic.Pointer[audit.Auditor]{},
|
||||
Experiments: initExperiments(options.Logger, options.DeploymentConfig.Experiments.Value, options.DeploymentConfig.Experimental.Value),
|
||||
Experiments: experiments,
|
||||
}
|
||||
if options.UpdateCheckOptions != nil {
|
||||
api.updateChecker = updatecheck.New(
|
||||
|
@ -21,6 +21,7 @@ import (
|
||||
"net/http"
|
||||
"net/http/httptest"
|
||||
"net/url"
|
||||
"os"
|
||||
"regexp"
|
||||
"strconv"
|
||||
"strings"
|
||||
@ -176,6 +177,14 @@ func NewOptions(t *testing.T, options *Options) (func(http.Handler), context.Can
|
||||
if options.Database == nil {
|
||||
options.Database, options.Pubsub = dbtestutil.NewDB(t)
|
||||
}
|
||||
// TODO: remove this once we're ready to enable authz querier by default.
|
||||
if strings.Contains(os.Getenv("CODER_EXPERIMENTS_TEST"), "authz_querier") {
|
||||
panic("Coming soon!")
|
||||
// if options.Authorizer != nil {
|
||||
// options.Authorizer = &RecordingAuthorizer{}
|
||||
// }
|
||||
// options.Database = authzquery.NewAuthzQuerier(options.Database, options.Authorizer)
|
||||
}
|
||||
if options.DeploymentConfig == nil {
|
||||
options.DeploymentConfig = DeploymentConfig(t)
|
||||
}
|
||||
|
Reference in New Issue
Block a user