Fixes test flake seen here: https://github.com/coder/coder/runs/17562370632
It's inherently flaky to create a context with a timeout and then later call `t.Parallel()` since it causes the test to wait until all non-parallel tests have completed before resuming execution. By the time execution has resumed, the context may
have expired. The amount of time before resuming is dependent on machine resources and number of test cases, which are inherently variable.
- Fixes an issue where workspaces that are eligible for auto-deletion
are retried every tick (1 minute) even if the previous deletion
transition failed.
The updated logic only attempts to delete workspaces that previously
failed once a day (24 hours since last attempt).
- Adds an audit log for workspaces automatically transitioned to the dormant
state.
- Imposes a mininum of 1 minute on cleanup-related fields. This is to
prevent accidental API misuse from resulting in catastrophe.
* chore: rename `git_auth` to `external_auth` in our schema
We're changing Git auth to be external auth. It will support
any OAuth2 or OIDC provider.
To split up the larger change I want to contribute the schema
changes first, and I'll add the feature itself in another PR.
* Fix names
* Fix outdated view
* Rename some additional places
* Fix sort order
* Fix template versions auth route
* Fix types
* Fix dbauthz
* Adds agenttest.New() helper function
* Makes sure agent gets closed on test cleanup
* Makes sure you don't forget to set session token
* Sets the agent and client logger automatically
Fixes#9823.
- Decomposes UpdateWorkspaceBuildByID into UpdateWorkspaceBuildProvisionerStateByID and UpdateWorkspaceBuildDeadlineByID.
- Replaces existing invocations of UpdateWorkspaceBuildByID with the newer queries where applicable.
- Modifies GetActiveWorkspaceBuildsByTemplateID to not return incomplete workspace builds.
* fix: use AlwaysEnable for licenses with all features
Signed-off-by: Spike Curtis <spike@coder.com>
* use dbtime.Now() intead of time.Now()
Signed-off-by: Spike Curtis <spike@coder.com>
---------
Signed-off-by: Spike Curtis <spike@coder.com>
- Adds dbtestutil.WithTimezone(tz) to allow setting the timezone for a test database.
- Modifies our test database setup code to pick a consistently weird timezone for the database.
- Adds the facility randtz.Name() to pick a random timezone which is consistent across subtests (via sync.Once).
- Adds a linter rule to warn against setting the test database timezone to UTC.
See also: https://github.com/coder/coder/pull/9522
- Adds commands `server dbcrypt {rotate,decrypt,delete}` to re-encrypt, decrypt, or delete encrypted data, respectively.
- Plumbs through dbcrypt in enterprise/coderd (including unit tests).
- Adds documentation in admin/encryption.md.
This enables dbcrypt by default, but the feature is soft-enforced on supplying external token encryption keys. Without specifying any keys, encryption/decryption is a no-op.
This removes an indirect import of `coderd/database` from the CLI and
results in a logical separation between server related and generalized
schedule.
No size change (yet).
Ref: #9380
* provisionerd: unconditionally set tag scope to org for psk auth
* provisionerd: add unit tests for MutateTags
* cli: add some informational logging around provisionerd tags
* cli: respect CODER_VERBOSE when initializing logger
* chore: update refresh oauth token message
* chore: unauthorized -> forbidden for non authentication failures
* redirect to login on all 401 responses
* add unit test to verify 401 on expired refresh
* chore: rename locked to dormant
- The following columns have been updated:
- workspace.locked_at -> dormant_at
- template.inactivity_ttl -> time_til_dormant
- template.locked_ttl -> time_til_dormant_autodelete
This change has also been reflected in the SDK.
A route has also been updated from /workspaces/<id>/lock to /workspaces/<id>/dormant
Due to a logical error in CommitQuota, all workspace Stop->Start operations
were being accepted, regardless of the Quota limit. This issue only
appeared after #9201, so this was a minor regression in main for about
3 days. This PR adds a test to make sure this kind of bug doesn't recur.
To make the new test possible, we give the echo provisioner the ability
to simulate responses to specific transitions.
* chore: add /v2 to import module path
go mod requires semantic versioning with versions greater than 1.x
This was a mechanical update by running:
```
go install github.com/marwan-at-work/mod/cmd/mod@latest
mod upgrade
```
Migrate generated files to import /v2
* Fix gen
If a user is missing template perms to a workspace, just block reading
that workspace. This is to keep the api consistent, it is not a rbac
enforcement.
This should ublock users reporting this bug that /workspaces returns
nothing when 1 workspace cannot be fully read. We might want to be
able to return missing or unknown fields in our api to account
for this.
