feature: disable provisionerd listen endpoint (#1614)

* feature: disable provisionerd listen endpoint Signed-off-by: Spike Curtis <spike@coder.com> * Regenerate ts types Signed-off-by: Spike Curtis <spike@coder.com>
2025-07-13 21:36:50 +00:00 · 2022-05-19 16:52:17 -07:00
parent d1817310a1
commit a03615a01f
5 changed files with 6 additions and 122 deletions
--- a/coderd/coderd.go
+++ b/coderd/coderd.go
@ -209,11 +209,6 @@ func newRouter(options *Options, a *api) chi.Router {
 			r.Get("/resources", a.templateVersionResources)
 			r.Get("/logs", a.templateVersionLogs)
 		})
-		r.Route("/provisionerdaemons", func(r chi.Router) {
-			r.Route("/me", func(r chi.Router) {
-				r.Get("/listen", a.provisionerDaemonsListen)
-			})
-		})
 		r.Route("/users", func(r chi.Router) {
 			r.Get("/first", a.firstUser)
 			r.Post("/first", a.postFirstUser)
--- a/coderd/coderd_test.go
+++ b/coderd/coderd_test.go
@ -106,8 +106,6 @@ func TestAuthorizeAllEndpoints(t *testing.T) {
 		"GET:/api/v2/parameters/{scope}/{id}":           {NoAuthorize: true},
 		"DELETE:/api/v2/parameters/{scope}/{id}/{name}": {NoAuthorize: true},

-		"GET:/api/v2/provisionerdaemons/me/listen": {NoAuthorize: true},
-
 		"DELETE:/api/v2/templates/{template}":                             {NoAuthorize: true},
 		"GET:/api/v2/templates/{template}":                                {NoAuthorize: true},
 		"GET:/api/v2/templates/{template}/versions":                       {NoAuthorize: true},
--- a/coderd/provisionerdaemons.go
+++ b/coderd/provisionerdaemons.go
@ -13,12 +13,10 @@ import (
 	"time"

 	"github.com/google/uuid"
-	"github.com/hashicorp/yamux"
 	"github.com/moby/moby/pkg/namesgenerator"
 	"github.com/tabbed/pqtype"
 	"golang.org/x/xerrors"
 	protobuf "google.golang.org/protobuf/proto"
-	"nhooyr.io/websocket"
 	"storj.io/drpc/drpcmux"
 	"storj.io/drpc/drpcserver"

@ -49,77 +47,6 @@ func (api *api) provisionerDaemonsByOrganization(rw http.ResponseWriter, r *http
 	httpapi.Write(rw, http.StatusOK, daemons)
 }

-// Serves the provisioner daemon protobuf API over a WebSocket.
-func (api *api) provisionerDaemonsListen(rw http.ResponseWriter, r *http.Request) {
-	api.websocketWaitMutex.Lock()
-	api.websocketWaitGroup.Add(1)
-	api.websocketWaitMutex.Unlock()
-	defer api.websocketWaitGroup.Done()
-
-	conn, err := websocket.Accept(rw, r, &websocket.AcceptOptions{
-		// Need to disable compression to avoid a data-race.
-		CompressionMode: websocket.CompressionDisabled,
-	})
-	if err != nil {
-		httpapi.Write(rw, http.StatusBadRequest, httpapi.Response{
-			Message: fmt.Sprintf("accept websocket: %s", err),
-		})
-		return
-	}
-	// Align with the frame size of yamux.
-	conn.SetReadLimit(256 * 1024)
-
-	daemon, err := api.Database.InsertProvisionerDaemon(r.Context(), database.InsertProvisionerDaemonParams{
-		ID:           uuid.New(),
-		CreatedAt:    database.Now(),
-		Name:         namesgenerator.GetRandomName(1),
-		Provisioners: []database.ProvisionerType{database.ProvisionerTypeEcho, database.ProvisionerTypeTerraform},
-	})
-	if err != nil {
-		_ = conn.Close(websocket.StatusInternalError, httpapi.WebsocketCloseSprintf("insert provisioner daemon: %s", err))
-		return
-	}
-
-	// Multiplexes the incoming connection using yamux.
-	// This allows multiple function calls to occur over
-	// the same connection.
-	config := yamux.DefaultConfig()
-	config.LogOutput = io.Discard
-	session, err := yamux.Server(websocket.NetConn(r.Context(), conn, websocket.MessageBinary), config)
-	if err != nil {
-		_ = conn.Close(websocket.StatusInternalError, httpapi.WebsocketCloseSprintf("multiplex server: %s", err))
-		return
-	}
-	mux := drpcmux.New()
-	err = proto.DRPCRegisterProvisionerDaemon(mux, &provisionerdServer{
-		AccessURL:    api.AccessURL,
-		ID:           daemon.ID,
-		Database:     api.Database,
-		Pubsub:       api.Pubsub,
-		Provisioners: daemon.Provisioners,
-		Logger:       api.Logger.Named(fmt.Sprintf("provisionerd-%s", daemon.Name)),
-	})
-	if err != nil {
-		_ = conn.Close(websocket.StatusInternalError, httpapi.WebsocketCloseSprintf("drpc register provisioner daemon: %s", err))
-		return
-	}
-	server := drpcserver.NewWithOptions(mux, drpcserver.Options{
-		Log: func(err error) {
-			if xerrors.Is(err, io.EOF) {
-				return
-			}
-			api.Logger.Debug(r.Context(), "drpc server error", slog.Error(err))
-		},
-	})
-	err = server.Serve(r.Context(), session)
-	if err != nil && !xerrors.Is(err, io.EOF) {
-		api.Logger.Debug(r.Context(), "provisioner daemon disconnected", slog.Error(err))
-		_ = conn.Close(websocket.StatusInternalError, httpapi.WebsocketCloseSprintf("serve: %s", err))
-		return
-	}
-	_ = conn.Close(websocket.StatusGoingAway, "")
-}
-
 // ListenProvisionerDaemon is an in-memory connection to a provisionerd.  Useful when starting coderd and provisionerd
 // in the same process.
 func (c *coderD) ListenProvisionerDaemon(ctx context.Context) (client proto.DRPCProvisionerDaemonClient, err error) {