3152 Commits

Author	SHA1	Message	Date
Marcin Tojek	30179aeaac	fix: apply autofocus to workspace button search (#16905) ... Fixes: https://github.com/coder/coder/issues/14816	2025-03-13 13:31:18 +00:00
Bruno Quaresma	f2cd046b2b	chore: add notification UI components (#16818) ... Related to https://github.com/coder/internal/issues/336 This PR adds the base components for the Notifications UI below (you can click on the image to open the related Figma design) based on the response structure defined on this [notion doc](https://www.notion.so/coderhq/Coder-Inbox-Endpoints-1a1d579be592809eb921f13baf18f783). [](https://www.figma.com/design/5kRpzK8Qr1k38nNz7H0HSh/Inbox-notifications?node-id=2-1098&m=dev) **What is not included** - Support for infinite scrolling (pending on BE definition) **How to test the components?** - The only way to test the components is to use Chromatic or downloading the branch and running Storybook locally.	2025-03-12 14:36:33 -03:00
Bruno Quaresma	78df7869d5	refactor: name null users in audit logs (#16890) ... A few audit logs can have the user as null which means the user is not authenticated when executing the action. To make it more explicit we named than as "Unauthenticated user" in the log description instead of "undefined user".	2025-03-12 11:36:38 -03:00
Thomas Kosiewski	9ded2cc7ec	fix(flake.nix): synchronize playwright version in nix and package.json (#16715) ... Ensure that the version of Playwright installed with the Nix flake is equal to the one specified in `site/package.json.` -- This assertion ensures that `pnpm playwright:install` will not attempt to download newer browser versions not present in the Nix image, fixing the startup script and reducing the startup time, as `pnpm playwright:install` will not download or install anything. We also pre-install the required Playwright web browsers in the dogfood Dockerfile. This change prevents us from redownloading system dependencies and Google Chrome each time a workspace starts. Change-Id: I8cc78e842f7d0b1d2a90a4517a186a03636c5559 Signed-off-by: Thomas Kosiewski <tk@coder.com> Signed-off-by: Thomas Kosiewski <tk@coder.com>	2025-03-11 13:49:03 +01:00
Jaayden Halko	86b61ef1d8	fix: use correct permissions for CRUD of custom roles (#16854) ... resolves coder/internal#428 The goal of the PR is to start using updateOrgRoles and deleteOrgRoles permissions to gate custom roles functionality ``` updateOrgRoles: { object: { resource_type: "assign_org_role", organization_id: organizationId, }, action: "update", }, deleteOrgRoles: { object: { resource_type: "assign_org_role", organization_id: organizationId, }, action: "delete", } ```	2025-03-10 18:43:09 -04:00
brettkolodny	8c0350e20c	feat: add a paginated organization members endpoint (#16835) ... Closes [coder/internal#460](https://github.com/coder/internal/issues/460)	2025-03-10 14:42:07 -04:00
Kira Pilot	191b0efb80	fix: select default org in template form if only one exists (#16639) ... resolves #16849 https://github.com/coder/internal/issues/147  --------- Co-authored-by: ケイラ <mckayla@hey.com>	2025-03-10 11:56:08 -04:00
dependabot[bot]	1a544f0b07	chore: bump axios from 1.7.9 to 1.8.2 in /site (#16863) ... Bumps [axios](https://github.com/axios/axios) from 1.7.9 to 1.8.2. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/axios/axios/releases">axios's releases</a>.</em></p> <blockquote> <h2>Release v1.8.2</h2> <h2>Release notes:</h2> <h3>Bug Fixes</h3> <ul> <li><strong>http-adapter:</strong> add allowAbsoluteUrls to path building (<a href="https://redirect.github.com/axios/axios/issues/6810">#6810</a>) (<a href="fb8eec214c">fb8eec2</a>)</li> </ul> <h3>Contributors to this release</h3> <ul> <li><!-- raw HTML omitted --> <a href="https://github.com/lexcorp16" title="+1/-1 ([#6810](https://github.com/axios/axios/issues/6810) )">Fasoro-Joseph Alexander</a></li> </ul> <h2>Release v1.8.1</h2> <h2>Release notes:</h2> <h3>Bug Fixes</h3> <ul> <li><strong>utils:</strong> move <code>generateString</code> to platform utils to avoid importing crypto module into client builds; (<a href="https://redirect.github.com/axios/axios/issues/6789">#6789</a>) (<a href="36a5a620be">36a5a62</a>)</li> </ul> <h3>Contributors to this release</h3> <ul> <li><!-- raw HTML omitted --> <a href="https://github.com/DigitalBrainJS" title="+51/-47 ([#6789](https://github.com/axios/axios/issues/6789) )">Dmitriy Mozgovoy</a></li> </ul> <h2>Release v1.8.0</h2> <h2>Release notes:</h2> <h3>Bug Fixes</h3> <ul> <li><strong>examples:</strong> application crashed when navigating examples in browser (<a href="https://redirect.github.com/axios/axios/issues/5938">#5938</a>) (<a href="1260ded634">1260ded</a>)</li> <li>missing word in SUPPORT_QUESTION.yml (<a href="https://redirect.github.com/axios/axios/issues/6757">#6757</a>) (<a href="1f890b13f2">1f890b1</a>)</li> <li><strong>utils:</strong> replace getRandomValues with crypto module (<a href="https://redirect.github.com/axios/axios/issues/6788">#6788</a>) (<a href="23a25af068">23a25af</a>)</li> </ul> <h3>Features</h3> <ul> <li>Add config for ignoring absolute URLs (<a href="https://redirect.github.com/axios/axios/issues/5902">#5902</a>) (<a href="https://redirect.github.com/axios/axios/issues/6192">#6192</a>) (<a href="32c7bcc0f2">32c7bcc</a>)</li> </ul> <h3>Reverts</h3> <ul> <li>Revert &quot;chore: expose fromDataToStream to be consumable (<a href="https://redirect.github.com/axios/axios/issues/6731">#6731</a>)&quot; (<a href="https://redirect.github.com/axios/axios/issues/6732">#6732</a>) (<a href="1317261125">1317261</a>), closes <a href="https://redirect.github.com/axios/axios/issues/6731">#6731</a> <a href="https://redirect.github.com/axios/axios/issues/6732">#6732</a></li> </ul> <h3>BREAKING CHANGES</h3> <ul> <li> <p>code relying on the above will now combine the URLs instead of prefer request URL</p> </li> <li> <p>feat: add config option for allowing absolute URLs</p> </li> <li> <p>fix: add default value for allowAbsoluteUrls in buildFullPath</p> </li> <li> <p>fix: typo in flow control when setting allowAbsoluteUrls</p> </li> </ul> <h3>Contributors to this release</h3> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/axios/axios/blob/v1.x/CHANGELOG.md">axios's changelog</a>.</em></p> <blockquote> <h2><a href="https://github.com/axios/axios/compare/v1.8.1...v1.8.2">1.8.2</a> (2025-03-07)</h2> <h3>Bug Fixes</h3> <ul> <li><strong>http-adapter:</strong> add allowAbsoluteUrls to path building (<a href="https://redirect.github.com/axios/axios/issues/6810">#6810</a>) (<a href="fb8eec214c">fb8eec2</a>)</li> </ul> <h3>Contributors to this release</h3> <ul> <li><!-- raw HTML omitted --> <a href="https://github.com/lexcorp16" title="+1/-1 ([#6810](https://github.com/axios/axios/issues/6810) )">Fasoro-Joseph Alexander</a></li> </ul> <h2><a href="https://github.com/axios/axios/compare/v1.8.0...v1.8.1">1.8.1</a> (2025-02-26)</h2> <h3>Bug Fixes</h3> <ul> <li><strong>utils:</strong> move <code>generateString</code> to platform utils to avoid importing crypto module into client builds; (<a href="https://redirect.github.com/axios/axios/issues/6789">#6789</a>) (<a href="36a5a620be">36a5a62</a>)</li> </ul> <h3>Contributors to this release</h3> <ul> <li><!-- raw HTML omitted --> <a href="https://github.com/DigitalBrainJS" title="+51/-47 ([#6789](https://github.com/axios/axios/issues/6789) )">Dmitriy Mozgovoy</a></li> </ul> <h1><a href="https://github.com/axios/axios/compare/v1.7.9...v1.8.0">1.8.0</a> (2025-02-25)</h1> <h3>Bug Fixes</h3> <ul> <li><strong>examples:</strong> application crashed when navigating examples in browser (<a href="https://redirect.github.com/axios/axios/issues/5938">#5938</a>) (<a href="1260ded634">1260ded</a>)</li> <li>missing word in SUPPORT_QUESTION.yml (<a href="https://redirect.github.com/axios/axios/issues/6757">#6757</a>) (<a href="1f890b13f2">1f890b1</a>)</li> <li><strong>utils:</strong> replace getRandomValues with crypto module (<a href="https://redirect.github.com/axios/axios/issues/6788">#6788</a>) (<a href="23a25af068">23a25af</a>)</li> </ul> <h3>Features</h3> <ul> <li>Add config for ignoring absolute URLs (<a href="https://redirect.github.com/axios/axios/issues/5902">#5902</a>) (<a href="https://redirect.github.com/axios/axios/issues/6192">#6192</a>) (<a href="32c7bcc0f2">32c7bcc</a>)</li> </ul> <h3>Reverts</h3> <ul> <li>Revert &quot;chore: expose fromDataToStream to be consumable (<a href="https://redirect.github.com/axios/axios/issues/6731">#6731</a>)&quot; (<a href="https://redirect.github.com/axios/axios/issues/6732">#6732</a>) (<a href="1317261125">1317261</a>), closes <a href="https://redirect.github.com/axios/axios/issues/6731">#6731</a> <a href="https://redirect.github.com/axios/axios/issues/6732">#6732</a></li> </ul> <h3>BREAKING CHANGES</h3> <ul> <li> <p>code relying on the above will now combine the URLs instead of prefer request URL</p> </li> <li> <p>feat: add config option for allowing absolute URLs</p> </li> <li> <p>fix: add default value for allowAbsoluteUrls in buildFullPath</p> </li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="a9f7689b0c"><code>a9f7689</code></a> chore(release): v1.8.2 (<a href="https://redirect.github.com/axios/axios/issues/6812">#6812</a>)</li> <li><a href="fb8eec214c"><code>fb8eec2</code></a> fix(http-adapter): add allowAbsoluteUrls to path building (<a href="https://redirect.github.com/axios/axios/issues/6810">#6810</a>)</li> <li><a href="9812045755"><code>9812045</code></a> chore(sponsor): update sponsor block (<a href="https://redirect.github.com/axios/axios/issues/6804">#6804</a>)</li> <li><a href="72acf75937"><code>72acf75</code></a> chore(sponsor): update sponsor block (<a href="https://redirect.github.com/axios/axios/issues/6794">#6794</a>)</li> <li><a href="2e64afdff5"><code>2e64afd</code></a> chore(release): v1.8.1 (<a href="https://redirect.github.com/axios/axios/issues/6800">#6800</a>)</li> <li><a href="36a5a620be"><code>36a5a62</code></a> fix(utils): move <code>generateString</code> to platform utils to avoid importing crypto...</li> <li><a href="cceb7b1e15"><code>cceb7b1</code></a> chore(release): v1.8.0 (<a href="https://redirect.github.com/axios/axios/issues/6795">#6795</a>)</li> <li><a href="23a25af068"><code>23a25af</code></a> fix(utils): replace getRandomValues with crypto module (<a href="https://redirect.github.com/axios/axios/issues/6788">#6788</a>)</li> <li><a href="32c7bcc0f2"><code>32c7bcc</code></a> feat: Add config for ignoring absolute URLs (<a href="https://redirect.github.com/axios/axios/issues/5902">#5902</a>) (<a href="https://redirect.github.com/axios/axios/issues/6192">#6192</a>)</li> <li><a href="4a3e26cf65"><code>4a3e26c</code></a> chore(config): adjust rollup config to preserve license header to minified Ja...</li> <li>Additional commits viewable in <a href="https://github.com/axios/axios/compare/v1.7.9...v1.8.2">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/coder/coder/network/alerts). </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2025-03-10 12:10:10 +00:00
ケイラ	ec11f11ac5	fix: improve permissions checks in organization settings (#16849)	2025-03-07 14:45:29 -07:00
ケイラ	092c129de0	chore: perform several small frontend permissions refactors (#16735)	2025-03-07 10:33:09 -07:00
ケイラ	26832cba93	chore: remove old CreateTemplateButton component (#16836)	2025-03-07 10:22:11 -07:00
ケイラ	32c36d5336	feat: allow selecting the initial organization for new users (#16829)	2025-03-07 08:42:10 -07:00
ケイラ	deb95f948a	chore: remove unused code (#16815)	2025-03-05 13:53:21 -07:00
ケイラ	9041646b81	chore: add "user_configs" db table (#16564)	2025-03-05 10:46:03 -07:00
Marcin Tojek	77479cdd51	fix: hide "last seen" when user is suspended (#16813) ... Fixes: https://github.com/coder/coder/issues/14887	2025-03-05 14:02:12 +01:00
Bruno Quaresma	861c4b140b	feat: add devcontainer in the UI (#16800) ...  Related to https://github.com/coder/coder/issues/16422 --------- Co-authored-by: Cian Johnston <cian@coder.com>	2025-03-04 14:29:02 -03:00
Marcin Tojek	975ea23d6f	fix: display all available settings (#16798) ... Fixes: https://github.com/coder/coder/issues/15420	2025-03-04 15:46:25 +01:00
Cian Johnston	e9f882220e	feat(site): allow opening web terminal to container (#16797) ... Co-authored-by: BrunoQuaresma <bruno_nonato_quaresma@hotmail.com>	2025-03-04 10:22:03 -03:00
ケイラ	17ad2849e4	fix: fix deployment settings navigation issues (#16780)	2025-03-03 15:48:17 -07:00
Bruno Quaresma	7637d39528	feat: update default audit log avatar (#16774) ... After update: 	2025-03-03 11:53:59 -03:00
Eng Zer Jun	04c33968cf	refactor: replace golang.org/x/exp/slices with slices (#16772) ... The experimental functions in `golang.org/x/exp/slices` are now available in the standard library since Go 1.21. Reference: https://go.dev/doc/go1.21#slices Signed-off-by: Eng Zer Jun <engzerjun@gmail.com>	2025-03-04 00:46:49 +11:00
Vincent Vielle	c074f77a4f	feat: add notifications inbox db (#16599) ... This PR is linked [to the following issue](https://github.com/coder/internal/issues/334). The objective is to create the DB layer and migration for the new `Coder Inbox`.	2025-03-03 10:12:48 +01:00
Nick Fisher	ca23abe12c	feat(provisioner): add support for workspace_owner_rbac_roles (#16407) ... Part of https://github.com/coder/terraform-provider-coder/pull/330 Adds support for the coder_workspace_owner.rbac_roles attribute	2025-03-02 14:54:44 -06:00
Marcin Tojek	4216e283ec	fix: editor: fallback to default entrypoint (#16757) ... Related: https://github.com/coder/coder/pull/16753#discussion_r1975558383	2025-02-28 17:14:42 +01:00
Marcin Tojek	930816fd0e	fix: locate Terraform entrypoint file (#16753) ... Fixes: https://github.com/coder/coder/issues/16360	2025-02-28 15:22:36 +01:00
Sas Swart	e27953d2bc	fix(site): add a beta badge for presets (#16751) ... closes #16731 This pull request adds a "beta" badge to the presets input field on the workspace creation page.	2025-02-28 14:41:53 +02:00
ケイラ	7e339021c1	chore: use org-scoped roles for organization groups and members e2e tests (#16691)	2025-02-27 12:55:30 -07:00
Marcin Tojek	0ea06012fc	fix: handle undefined job while updating build progress (#16732) ... Fixes: https://github.com/coder/coder/issues/15444	2025-02-27 20:30:11 +01:00
ケイラ	91a4a98c27	chore: add an unassign action for roles (#16728)	2025-02-27 10:39:06 -07:00
Jaayden Halko	464fccd807	chore: create collapsible summary component (#16705) ... This is based on the Figma designs here: https://www.figma.com/design/WfqIgsTFXN2BscBSSyXWF8/Coder-kit?node-id=507-1525&m=dev --------- Co-authored-by: Steven Masley <stevenmasley@gmail.com>	2025-02-27 12:20:33 -05:00
Steven Masley	cccdf1ecac	feat: implement WorkspaceCreationBan org role (#16686) ... Using negative permissions, this role prevents a user's ability to create & delete a workspace within a given organization. Workspaces are uniquely owned by an org and a user, so the org has to supercede the user permission with a negative permission. # Use case Organizations must be able to restrict a member's ability to create a workspace. This permission is implicitly granted (see https://github.com/coder/coder/issues/16546#issuecomment-2655437860). To revoke this permission, the solution chosen was to use negative permissions in a built in role called `WorkspaceCreationBan`. # Rational Using negative permissions is new territory, and not ideal. However, workspaces are in a unique position. Workspaces have 2 owners. The organization and the user. To prevent users from creating a workspace in another organization, an [implied negative permission](36d9f5ddb3/coderd/rbac/policy.rego (L172-L192)) is used. So the truth table looks like: _how to read this table [here](36d9f5ddb3/coderd/rbac/README.md (roles))_ | Role (example) | Site | Org | User | Result | |-----------------|------|------|------|--------| | non-org-member | \_ | N | YN\_ | N | | user | \_ | \_ | Y | Y | | WorkspaceBan | \_ | N | Y | Y | | unauthenticated | \_ | \_ | \_ | N | This new role, `WorkspaceCreationBan` is the same truth table condition as if the user was not a member of the organization (when doing a workspace create/delete). So this behavior **is not entirely new**. <details> <summary>How to do it without a negative permission</summary> The alternate approach would be to remove the implied permission, and grant it via and organization role. However this would add new behavior that an organizational role has the ability to grant a user permissions on their own resources? It does not make sense for an org role to prevent user from changing their profile information for example. So the only option is to create a new truth table column for resources that are owned by both an organization and a user. | Role (example) | Site | Org |User+Org| User | Result | |-----------------|------|------|--------|------|--------| | non-org-member | \_ | N | \_ | \_ | N | | user | \_ | \_ | \_ | \_ | N | | WorkspaceAllow | \_ | \_ | Y | \_ | Y | | unauthenticated | \_ | \_ | \_ | \_ | N | Now a user has no opinion on if they can create a workspace, which feels a little wrong. A user should have the authority over what is theres. There is fundamental _philosophical_ question of "Who does a workspace belong to?". The user has some set of autonomy, yet it is the organization that controls it's existence. A head scratcher 🤔 </details> ## Will we need more negative built in roles? There are few resources that have shared ownership. Only `ResourceOrganizationMember` and `ResourceGroupMember`. Since negative permissions is intended to revoke access to a shared resource, then **no.** **This is the only one we need**. Classic resources like `ResourceTemplate` are entirely controlled by the Organization permissions. And resources entirely in the user control (like user profile) are only controlled by `User` permissions. ![Uploading Screenshot 2025-02-26 at 22.26.52.png…]() --------- Co-authored-by: Jaayden Halko <jaayden.halko@gmail.com> Co-authored-by: ケイラ <mckayla@hey.com>	2025-02-27 06:23:18 -05:00
Edward Angert	5cdc13ba9e	docs: fix broken links in feature-stages (#16727) ... fix broken links introduced by #16719 --------- Co-authored-by: EdwardAngert <17991901+EdwardAngert@users.noreply.github.com>	2025-02-26 22:42:46 +00:00
Jaayden Halko	6b69635140	chore: warn user without permissions to view org members (#16721) ... resolves coder/internal#392 In situations where a user accesses the org members without any permissions beyond that of a normal member, they will only be able to see themselves in the list of members. This PR shows a warning to users who arrive at the members page in this situation. <img width="1145" alt="Screenshot 2025-02-26 at 18 36 59" src="https://github.com/user-attachments/assets/16ad6ce1-2aa9-4719-bdae-914aff0fcd52" />	2025-02-26 17:03:23 -05:00
Jaayden Halko	1cb864bc1b	fix: allow viewOrgRoles for custom roles page (#16722) ... Users with viewOrgRoles should be able to see customs roles page as this matches the left sidebar permissions.	2025-02-26 14:39:08 -05:00
Bruno Quaresma	7c035a4d98	fix: remove provisioners from deployment sidebar (#16717) ... Provisioners should be only under orgs. This is a left over from a previous provisioner refactoring.	2025-02-26 14:20:47 -03:00
Bruno Quaresma	f1b357d6f2	feat: support session audit log (#16703) ... Related to https://github.com/coder/coder/issues/15139 Demo: <img width="1213" alt="Screenshot 2025-02-25 at 16 27 12" src="https://github.com/user-attachments/assets/9995a68d-5cd4-4b95-9523-dfd5bf4ff48d" /> --------- Co-authored-by: Mathias Fredriksson <mafredri@gmail.com>	2025-02-26 14:13:11 -03:00
Marcin Tojek	a2cc1b896f	fix: display premium banner on audit page when license inactive (#16713) ... Fixes: https://github.com/coder/coder/issues/14798	2025-02-26 14:16:48 +01:00
ケイラ	a3223397cb	chore: use tighter permissions in e2e workspace tests (#16687)	2025-02-25 11:13:44 -07:00
Jaayden Halko	b5ff9faa34	fix: update create template button styling (#16701) ... resolves #16697 Fix styling of create template button for non-premium users to match new template button for premium users. ## Previous behavior With premium license  Without license 	2025-02-25 13:03:09 -05:00
Bruno Quaresma	38ad8d1f3a	feat: add provisioner tags field on template creation (#16656) ... Close https://github.com/coder/coder/issues/15426 Demo: https://github.com/user-attachments/assets/a7901908-8714-4a55-8d4f-c27bf7743111	2025-02-25 14:27:51 -03:00
Bruno Quaresma	64984648d3	refactor: rollback provisioners page to its previous version (#16699) ... There is still some points to be aligned related to provisioners. I'm going to rollback the latest changes until we are more confident on the design changes so we don't block releases. <img width="1512" alt="Screenshot 2025-02-25 at 13 46 35" src="https://github.com/user-attachments/assets/4bb3719c-4659-4442-b7b7-b647a9c0a916" />	2025-02-25 14:21:38 -03:00
brettkolodny	33c9aa0703	fix: require permissions to view pages related to organization roles (#16688) ... Closes [this issue](https://github.com/coder/internal/issues/393) This PR adds the`<RequirePermissions />` component to the following routes: - _/organizations/\<org\>/roles_ - _/organizations/\<org\>/roles/create_	2025-02-25 12:16:02 -05:00
Hugo Dutka	d3a56ae3ef	feat: enable GitHub OAuth2 login by default on new deployments (#16662) ... Third and final PR to address https://github.com/coder/coder/issues/16230. This PR enables GitHub OAuth2 login by default on new deployments. Combined with https://github.com/coder/coder/pull/16629, this will allow the first admin user to sign up with GitHub rather than email and password. We take care not to enable the default on deployments that would upgrade to a Coder version with this change. To disable the default provider an admin can set the `CODER_OAUTH2_GITHUB_DEFAULT_PROVIDER` env variable to false.	2025-02-25 16:31:33 +01:00
Hugo Dutka	67d89bb102	feat: implement sign up with GitHub for the first user (#16629) ... Second PR to address https://github.com/coder/coder/issues/16230. See the issue for more context and discussion. It adds a "Continue with GitHub" button to the `/setup` page, so the deployment's admin can sign up with it. It also removes the "Username" and "Full Name" fields to make signing up with email faster. In the email flow, the username is now auto-generated based on the email, and full name is left empty. <img width="1512" alt="Screenshot 2025-02-21 at 17 51 22" src="https://github.com/user-attachments/assets/e7c6986b-c05e-458b-bb01-c3aea3b74c0e" /> There's a separate, follow up issue to visually align the `/setup` page with the new design system: https://github.com/coder/coder/issues/16653	2025-02-25 15:54:38 +01:00
Marcin Tojek	b419b36ada	fix: display banner when no matching templates found (#16696) ... Fixes: https://github.com/coder/coder/issues/16077	2025-02-25 14:30:50 +01:00
Marcin Tojek	a2d4b9984e	fix: hide app icon if not found (#16684) ... Fixes: https://github.com/coder/coder/issues/14759	2025-02-25 10:30:17 +00:00
Hugo Dutka	c8abf58e29	chore: reduce prominence of Scratch starter and emphasize Docker in UI (#16665)	2025-02-24 20:59:21 +01:00
Steven Masley	658825cad2	feat: add sourcing secondary claims from access_token (#16517) ... Niche edge case, assumes access_token is jwt. Some `access_token`s are JWT's with potential useful claims. These claims would be nearly equivalent to `user_info` claims. This is not apart of the oauth spec, so this feature should not be loudly advertised. If using this feature, alternate solutions are preferred.	2025-02-24 13:38:20 -06:00
Steven Masley	e005e4e51d	chore: merge provisioner key and provisioner permissions (#16628) ... Provisioner key permissions were never any different than provisioners. Merging them for a cleaner permission story until they are required (if ever) to be seperate. This removed `ResourceProvisionerKey` from RBAC and just uses the existing `ResourceProvisioner`.	2025-02-24 13:31:11 -06:00
Jaayden Halko	546a549dcf	feat: enable soft delete for organizations (#16584) ... - Add deleted column to organizations table - Add trigger to check for existing workspaces, templates, groups and members in a org before allowing the soft delete --------- Co-authored-by: Steven Masley <stevenmasley@gmail.com> Co-authored-by: Steven Masley <Emyrk@users.noreply.github.com>	2025-02-24 12:59:41 -05:00