Commit Graph

384 Commits

Author SHA1 Message Date
3c43216e99 fix: remove Parallel() call after timeout context (#10203)
Fixes test flake seen here: https://github.com/coder/coder/runs/17562370632

It's inherently flaky to create a context with a timeout and then later call `t.Parallel()` since it causes the test to wait until all non-parallel tests have completed before resuming execution.  By the time execution has resumed, the context may 
have expired.  The amount of time before resuming is dependent on machine resources and number of test cases, which are inherently variable.
2023-10-11 11:39:15 +04:00
ec9b480ac0 fix: use is-dormant instead of dormant_at (#10191) 2023-10-10 19:00:09 -05:00
b780bff429 chore: drop unused redirectToLoginOnMe parameter (#10164)
The parameter seems to be vestigial from an earlier use of the middleware, but is always set to `false` in the code.
2023-10-10 16:13:00 +04:00
b32d79ef0b fix: fix failed workspaces continuously auto-deleting (#10069)
- Fixes an issue where workspaces that are eligible for auto-deletion
  are retried every tick (1 minute) even if the previous deletion
  transition failed.

  The updated logic only attempts to delete workspaces that previously
  failed once a day (24 hours since last attempt).
2023-10-05 14:11:39 -05:00
91265678ad chore: add auditing to workspace dormancy (#10070)
- Adds an audit log for workspaces automatically transitioned to the dormant
  state.
- Imposes a mininum of 1 minute on cleanup-related fields. This is to
  prevent accidental API misuse from resulting in catastrophe.
2023-10-05 13:41:07 -05:00
5021e23105 chore: compute job status as column (#10024)
* chore: provisioner job status as column
* use provisioner job status for workspace searching
2023-10-04 20:57:46 -05:00
c194119689 chore: rename AwaitTemplateVersionJobCompleted and AwaitWorkspaceBuildJobCompleted (#10003) 2023-10-03 11:02:56 -06:00
f16eb1331f chore: update multiple git providers docs (#10017)
* chore: update multiple git providers docs

* Improve var name

* Fix fmt
2023-10-03 15:27:02 +00:00
8abca9bea7 chore: rename git_auth to external_auth in our schema (#9935)
* chore: rename `git_auth` to `external_auth` in our schema

We're changing Git auth to be external auth. It will support
any OAuth2 or OIDC provider.

To split up the larger change I want to contribute the schema
changes first, and I'll add the feature itself in another PR.

* Fix names

* Fix outdated view

* Rename some additional places

* Fix sort order

* Fix template versions auth route

* Fix types

* Fix dbauthz
2023-09-29 19:13:20 +00:00
2d1b35390e chore: relax wsproxy version checking (#9796) 2023-09-27 19:34:55 +00:00
cb5f8df4c2 feat: expose application name via Appearance API (#9886) 2023-09-27 17:02:18 +02:00
93ef696b57 refactor(agent): add agenttest.New helper function (#9812)
* Adds agenttest.New() helper function
* Makes sure agent gets closed on test cleanup
* Makes sure you don't forget to set session token
* Sets the agent and client logger automatically
2023-09-26 12:05:19 +01:00
8d8402da00 fix(coderd/database): avoid clobbering workspace build state (#9826)
Fixes #9823.

- Decomposes UpdateWorkspaceBuildByID into UpdateWorkspaceBuildProvisionerStateByID and UpdateWorkspaceBuildDeadlineByID.
- Replaces existing invocations of UpdateWorkspaceBuildByID with the newer queries where applicable.
- Modifies GetActiveWorkspaceBuildsByTemplateID to not return incomplete workspace builds.
2023-09-22 16:22:07 +01:00
e9077f3bd2 fix: use AlwaysEnable for licenses with all features (#9808)
* fix: use AlwaysEnable for licenses with all features

Signed-off-by: Spike Curtis <spike@coder.com>

* use dbtime.Now() intead of time.Now()

Signed-off-by: Spike Curtis <spike@coder.com>

---------

Signed-off-by: Spike Curtis <spike@coder.com>
2023-09-22 05:02:28 +00:00
c900b5f8df feat: add single tailnet support to pgcoord (#9351) 2023-09-21 14:30:48 -05:00
f89b68056d chore: add debug information to wsproxy errors (#9683)
* chore: add debug information to wsproxy errors
* Use codersdk.ReadBodyAsError
2023-09-20 10:05:14 -05:00
375c70d141 feat: integrate Acquirer for provisioner jobs (#9717)
* chore: add Acquirer to provisionerdserver pkg

Signed-off-by: Spike Curtis <spike@coder.com>

* code review improvements & fixes

Signed-off-by: Spike Curtis <spike@coder.com>

* feat: integrate Acquirer for provisioner jobs

Signed-off-by: Spike Curtis <spike@coder.com>

* Fix imports, whitespace

Signed-off-by: Spike Curtis <spike@coder.com>

* provisionerdserver always closes; remove poll interval from playwright

Signed-off-by: Spike Curtis <spike@coder.com>

* post jobs outside transactions

Signed-off-by: Spike Curtis <spike@coder.com>

* graceful shutdown in test

Signed-off-by: Spike Curtis <spike@coder.com>

* Mark AcquireJob deprecated

Signed-off-by: Spike Curtis <spike@coder.com>

* Graceful shutdown on all provisionerd tests

Signed-off-by: Spike Curtis <spike@coder.com>

* Deprecate, not remove CLI flags

Signed-off-by: Spike Curtis <spike@coder.com>

---------

Signed-off-by: Spike Curtis <spike@coder.com>
2023-09-19 10:25:57 +04:00
9bcff30dee fix(coderd/database): migrate workspaces.last_used_at to timestamptz (#9699) 2023-09-18 11:07:54 +01:00
efe804498b feat: add quiet hours settings page (#9676) 2023-09-15 11:14:33 -06:00
65db7a71b7 feat(coderd/database/dbtestutil): set default database timezone to non-UTC in unit tests (#9672)
- Adds dbtestutil.WithTimezone(tz) to allow setting the timezone for a test database.
- Modifies our test database setup code to pick a consistently weird timezone for the database.
- Adds the facility randtz.Name() to pick a random timezone which is consistent across subtests (via sync.Once).
- Adds a linter rule to warn against setting the test database timezone to UTC.
2023-09-15 09:01:32 +01:00
8d7eb1728c fix: stop inserting provisioner daemons into the database (#9108)
Signed-off-by: Spike Curtis <spike@coder.com>
2023-09-08 10:37:36 +00:00
11b6068112 feat: add support for networked provisioners (#9593)
* Refactor provisionerd to use interface to connect to provisioners

Signed-off-by: Spike Curtis <spike@coder.com>

* feat: add support for networked provisioners

Signed-off-by: Spike Curtis <spike@coder.com>

* fix token length and linting

Signed-off-by: Spike Curtis <spike@coder.com>

---------

Signed-off-by: Spike Curtis <spike@coder.com>
2023-09-08 09:53:48 +00:00
7d7c84bb4d feat(coderd): connect dbcrypt package implementation (#9523)
See also: https://github.com/coder/coder/pull/9522

- Adds commands `server dbcrypt {rotate,decrypt,delete}` to re-encrypt, decrypt, or delete encrypted data, respectively.
- Plumbs through dbcrypt in enterprise/coderd (including unit tests).
- Adds documentation in admin/encryption.md.

This enables dbcrypt by default, but the feature is soft-enforced on supplying external token encryption keys. Without specifying any keys, encryption/decryption is a no-op.
2023-09-07 15:49:49 +01:00
58f7071569 fix: make 'NoRefresh' honor unlimited tokens in gitauth (#9472)
* chore: fix NoRefresh to honor unlimited tokens
* improve testing coverage of gitauth
* refactor rest of gitauth tests
2023-09-05 09:08:04 -05:00
ad23d33f28 refactor(coderd/schedule): move cron schedule to cron package (#9507)
This removes an indirect import of `coderd/database` from the CLI and
results in a logical separation between server related and generalized
schedule.

No size change (yet).

Ref: #9380
2023-09-04 16:48:25 +03:00
05439d2c1b fix: generate username with uuid to prevent collision (#9496)
See https://github.com/coder/coder/actions/runs/6052801777/job/16426982174
2023-09-03 18:02:28 +00:00
19d7da3d24 refactor(coderd/database): split Time and Now into dbtime package (#9482)
Ref: #9380
2023-09-01 16:50:12 +00:00
bc9fdd15f2 fix(enterprise/cli): correctly set default tags for PSK auth (#9436)
* provisionerd: unconditionally set tag scope to org for psk auth
* provisionerd: add unit tests for MutateTags
* cli: add some informational logging around provisionerd tags
* cli: respect CODER_VERBOSE when initializing logger
2023-09-01 10:37:09 +01:00
796a9754a9 feat(enterprise/audit): add user object to slog exporter (#9456) 2023-08-31 13:32:28 -05:00
11d4b6f758 chore: move dormancy to enterprise package (#9468) 2023-08-31 17:59:53 +02:00
e827278db7 feat: failed update refresh should redirect to login (#9442)
* chore: update refresh oauth token message
* chore: unauthorized -> forbidden for non authentication failures
* redirect to login on all 401 responses
* add unit test to verify 401 on expired refresh
2023-08-30 16:14:24 -05:00
1de61246a3 feat: add experimental template autostop requirement template settings UI (#9417) 2023-08-30 20:41:27 +00:00
90acf998bf fix: fix null pointer on external provisioner daemons with daily_cost (#9401)
* fix: fix null pointer on external provisioner daemons with daily_cost

Signed-off-by: Spike Curtis <spike@coder.com>

* Add logging for debounce and job acquire

Signed-off-by: Spike Curtis <spike@coder.com>

* Return error instead of panic

Signed-off-by: Spike Curtis <spike@coder.com>

* remove debounce on external provisioners to fix test flakes

Signed-off-by: Spike Curtis <spike@coder.com>

---------

Signed-off-by: Spike Curtis <spike@coder.com>
2023-08-30 10:48:35 +00:00
a572800d47 chore: rename template restart requirement to autostop requirement (#9295) 2023-08-29 18:35:05 +00:00
be47cc58ff fix(enterprise/coderd): use websocketNetConn in workspaceProxyCoordinate to bind context (#9395) 2023-08-28 23:12:45 +03:00
d9d4d74f99 test: add full OIDC fake IDP (#9317)
* test: implement fake OIDC provider with full functionality
* Refactor existing tests
2023-08-25 14:34:07 -05:00
60d5002eb6 refactor: change template archive extraction to be on provisioner (#9264)
* refactor provisionersdk protocol

Signed-off-by: Spike Curtis <spike@coder.com>

* refactor provisioners to use new protocol

Signed-off-by: Spike Curtis <spike@coder.com>

* refactor provisionerd to use new protocol

Signed-off-by: Spike Curtis <spike@coder.com>

* refactor tests & proto renames

* Fixes from self-review

Signed-off-by: Spike Curtis <spike@coder.com>

* appease fmt & link

Signed-off-by: Spike Curtis <spike@coder.com>

* code review fixes & e2e fixes

Signed-off-by: Spike Curtis <spike@coder.com>

* More fmt

Signed-off-by: Spike Curtis <spike@coder.com>

* Code review fixes

Signed-off-by: Spike Curtis <spike@coder.com>

* new gen; use uuid for session workdir

Signed-off-by: Spike Curtis <spike@coder.com>

* Revert nix-based gen CI task until dogfood is on nix

Signed-off-by: Spike Curtis <spike@coder.com>

* revert deleting dogfood Docker stuff

Signed-off-by: Spike Curtis <spike@coder.com>

* Revert "revert deleting dogfood Docker stuff"

This reverts commit 9762158167.

---------

Signed-off-by: Spike Curtis <spike@coder.com>
2023-08-25 06:10:15 +00:00
7f14b50dbe chore: rename locked to dormant (#9290)
* chore: rename locked to dormant

- The following columns have been updated:
  - workspace.locked_at -> dormant_at
  - template.inactivity_ttl -> time_til_dormant
  - template.locked_ttl -> time_til_dormant_autodelete

This change has also been reflected in the SDK.

A route has also been updated from /workspaces/<id>/lock to /workspaces/<id>/dormant
2023-08-24 13:25:54 -05:00
64df076328 feat: add server flag to force DERP to use always websockets (#9238) 2023-08-24 17:22:31 +00:00
f35423c041 fix: update conn derpmap every 5s in single tailnet (#9176) 2023-08-23 11:20:31 +00:00
6e41cd1eda feat: add activity bumping to template scheduling (#9040) 2023-08-22 15:15:13 -05:00
697b0283c5 chore: fix low hanging lint issues (#9253) 2023-08-22 12:32:37 -06:00
262d7692b6 feat: add force refresh of license entitlements (#9155)
* feat: add force refresh of license entitlements
* send "going away" mesasge on licenses pubsub on close
* Add manual refresh to licenses page
2023-08-22 09:26:43 -05:00
545a256b57 fix: correctly reject quota-violating builds (#9233)
Due to a logical error in CommitQuota, all workspace Stop->Start operations
were being accepted, regardless of the Quota limit. This issue only
appeared after #9201, so this was a minor regression in main for about
3 days. This PR adds a test to make sure this kind of bug doesn't recur.

To make the new test possible, we give the echo provisioner the ability
to simulate responses to specific transitions.
2023-08-22 02:55:39 +00:00
22e781eced chore: add /v2 to import module path (#9072)
* chore: add /v2 to import module path

go mod requires semantic versioning with versions greater than 1.x

This was a mechanical update by running:
```
go install github.com/marwan-at-work/mod/cmd/mod@latest
mod upgrade
```

Migrate generated files to import /v2

* Fix gen
2023-08-18 18:55:43 +00:00
2f6687a475 feat: expose Everyone group through UI (#9117)
- Allows setting quota allowances on the 'Everyone' group.
2023-08-17 13:25:16 -05:00
8910f05172 fix: /workspaces should work even if missing template perms (#9152)
If a user is missing template perms to a workspace, just block reading
that workspace. This is to keep the api consistent, it is not a rbac
enforcement.

This should ublock users reporting this bug that /workspaces returns
nothing when 1 workspace cannot be fully read. We might want to be
able to return missing or unknown fields in our api to account
for this.
2023-08-17 13:22:03 -05:00
6fd9975aed feat(coderd): add coder_app usage stats (#9001)
Updates #8658
2023-08-16 15:22:00 +03:00
e4c24e05f8 fix: rename group GET request (#9097)
* fix: group GET req naming

* make: gen
2023-08-15 14:47:08 -04:00
9d9b330b16 chore: add request body to patch groups openapi spec (#9101) 2023-08-15 15:29:15 +00:00