Commit Graph

384 Commits

Author SHA1 Message Date
47b8bf6585 feat: update workspace deadline when template policy changes (#8964) 2023-08-14 21:16:47 +00:00
d2f22b063a fix: move STUN servers into their own regions (#9030) 2023-08-11 05:04:17 +10:00
9941f49056 fix: remove stun nodes from workspace proxy regions (#8990) 2023-08-09 09:31:25 +00:00
f7a35e0559 chore: add workspace proxies to telemetry (#8963) 2023-08-08 18:29:35 +00:00
f4122fa9f5 feat: add auto group create from OIDC (#8884)
* add flag for auto create groups
* fixup! add flag for auto create groups
* sync missing groups
Also added a regex filter to filter out groups that are not
important
2023-08-08 11:37:49 -05:00
5339a31532 fix: remove refresh oauth logic on OIDC login (#8950)
* fix: do not do oauth refresh logic on oidc login
2023-08-08 10:05:12 -05:00
0c7ff4fb8a fix(enterprise): ensure SCIM create user can unsuspend (#8916) 2023-08-04 22:03:21 +00:00
cb4989cd8d feat: add PSK for external provisionerd auth (#8877)
Signed-off-by: Spike Curtis <spike@coder.com>
2023-08-04 12:32:28 +04:00
4c1e63aae8 feat: add display_name field to groups (#8740)
* feat: add display_name field to groups

This is a non-unique human friendly group name for display
purposes. This means a display name can be used instead of
using an environment var to remap groups with OIDC names to
Coder names. Now groups can retain the OIDC name for mapping,
and use a display name for display purposes.
2023-08-02 10:53:06 -05:00
cd1e088f7c feat: add --derp-only flag to wsproxy (#8850) 2023-08-03 00:35:06 +10:00
d6e9870209 feat: add "dormant" user state (#8644) 2023-08-02 16:31:25 +02:00
6b69970d7c fix: avoid infinite loop in agent derp-map (#8848) 2023-08-02 13:18:46 +10:00
c575292ba6 fix: fix tailnet netcheck issues (#8802) 2023-08-02 01:50:43 +10:00
ddabe9cc7f feat: improve RBAC preconditions for Insights endpoint (#8794) 2023-07-31 13:44:32 +00:00
4cc270b12b revert(enterprise): make pgcoord experimental again (#8797) 2023-07-28 18:38:32 -05:00
2811ab62d0 chore: fix workspace proxy flake (#8755) 2023-07-26 23:50:25 +00:00
9ffbdc6696 hotfix: fix failed 32-bit builds (#8741) 2023-07-26 17:30:47 +00:00
2f0a9996e7 chore: add derpserver to wsproxy, add proxies to derpmap (#7311) 2023-07-27 02:21:04 +10:00
2089006fbc feat!: drop reading other 'user' permission (#8650)
* feat: drop reading other 'user' permission

Members of the platform can no longer read or list other users.
Resources that have "created_by" or "initiated_by" still retain
user context, but only include username and avatar url.

Attempting to read a user found via those means will result in
a 404.

* Hide /users page for regular users
* make groups a privledged endpoint
* Permissions page for template perms
* Admin for a given template enables an endpoint for listing users/groups.
2023-07-26 10:33:48 -04:00
f07d2ff68d fix(enterprise): ensure creating a SCIM user is idempotent (#8730) 2023-07-25 17:49:52 -05:00
de1a7a9210 chore: join user information to workspace_build and template_version (#8625)
* include minimial user on template version and build
* Add unit test to ensure join is superset
2023-07-25 09:14:38 -04:00
ac559f101e fix: handle omitted role sync claim (#8697)
* fix: handle omitted role sync claim
2023-07-24 15:50:23 -04:00
f827829afe feat: synchronize oidc user roles (#8595)
* feat: oidc user role sync
User roles come from oidc claims. Prevent manual user role changes
if set.
* allow mapping 1:many
2023-07-24 08:34:24 -04:00
b47d076756 feat: add deleting_at column to workspaces (#8333) 2023-07-20 22:01:11 -05:00
dc8b73168e feat: add user quiet hours schedule and restart requirement feature flag (#8115) 2023-07-20 23:35:41 +10:00
aceedefce3 chore: add template_with_user view to include user contextual data (#8568)
* chore: Refactor template sql queries to use new view
* TemplateWithUser -> Template
* Add unit test to enforce good view
2023-07-19 16:07:33 -04:00
517fb19474 feat: add single tailnet support to moons (#8587) 2023-07-19 11:11:11 -05:00
cc8d0af027 fix(enterprise): avoid initial license reconfig if feature isn't enabled (#8586) 2023-07-19 10:32:29 -05:00
c47b78c44b chore: replace wsconncache with a single tailnet (#8176) 2023-07-12 17:37:31 -05:00
928091aa05 feat!: add table format to 'coder license ls', 'license_expires' --> 'license_expires_human' (#8421)
* feat: add table format to 'coder license ls'
* feat: license expires_at to table view
* change: `license_expires` to `license_expires_human` and `license_expires` is unix timestamp
2023-07-12 08:06:18 -04:00
b4057bd74a feat: make pgCoordinator generally available (#8419)
* pgCoord to GA, fix tests

Signed-off-by: Spike Curtis <spike@coder.com>

* Fix generation and coordinator delete RBAC

Signed-off-by: Spike Curtis <spike@coder.com>

* Fix fakeQuerier -> FakeQuerier

Signed-off-by: Spike Curtis <spike@coder.com>

---------

Signed-off-by: Spike Curtis <spike@coder.com>
2023-07-12 13:35:29 +04:00
3f6a158016 chore: enable exhaustruct linter (#8403)
* chore: enable exhaustruct linter

* add exlusion rules

* move to allowlist instead

* exhaustruct httpmw package

* fixup! exhaustruct httpmw package

* make lint

* address PR comments
2023-07-11 14:30:33 +01:00
9a72ddf7d4 fix(enterprise/coderd): add missing fields to extract api key config (#8393) 2023-07-10 16:51:50 +03:00
7fcf319e01 fix(cli)!: protect client Logger and refactor cli scaletest tests (#8317)
- (breaking) Protects Logger and LogBodies fields of codersdk.Client with its mutex. This addresses a data race in cli/scaletest.
- Fillets the existing cli/createworkspaces unit test and moves the testing logic there into the tests under scaletest/createworkspaces.
- Adds testutil.RaceEnabled bool const and conditionaly skips previously-skipped tests under scaletest/ if the race detector is enabled. This is unfortunate and sad, but I would prefer to have these tests at least running without the race detector than not running at all.
- Adds IgnoreErrors option to fake in-memory agent loggers; having the agents fail the test immediately when they encounter any sort of error isn't really helpful.
2023-07-06 09:43:39 +01:00
4a9c8f407a feat: add auto-locking/deleting workspace based on template config (#8240) 2023-07-02 21:29:52 -05:00
6015319e9d feat: show service banner in SSH/TTY sessions (#8186)
* Allow workspace agents to get appearance
* Poll for service banner every two minutes
* Show service banner before MOTD if not quiet
2023-06-30 10:41:29 -08:00
f0bd258ff1 feat: move proxy settings page to deployment options (#8246)
* feat: Move workspace proxy page to deployment options

Workspace proxy settings page is now an admin feature

* WorkspaceProxy response extends region
2023-06-30 11:32:35 -04:00
7943a5b85e fix PG coordinator context and RBAC subject (#8223)
Signed-off-by: Spike Curtis <spike@coder.com>
2023-06-27 10:14:31 +00:00
31076ad665 fix(enterprise/coderd): prevent deadlock during entitlements update (#8215) 2023-06-26 20:22:28 +03:00
e856491476 feat: enable PG Coordinator as experiment (#8144)
Signed-off-by: Spike Curtis <spike@coder.com>
2023-06-22 13:12:29 +04:00
1b0124ecdb feat: automatically stop workspaces based on failure_ttl (#7989) 2023-06-22 00:33:22 -04:00
c3aef9363b feat: add locked TTL field to template meta (#8020) 2023-06-19 22:37:55 -04:00
f444100aa6 feat: add region querying to pre-fetched html (#8077) 2023-06-19 11:23:26 -05:00
9df9ad4503 feat: embed common client requests into the template html (#8076)
This should reduce the number of API requests a client makes
when loading the dashboard dramatically!
2023-06-18 13:57:27 -05:00
51226c55ab test(coderd): close metricscache and avoid background context (#7996) 2023-06-13 20:18:31 +03:00
2e7e99b135 fix: scope errors to subtests for flake (#8004)
See: https://github.com/coder/coder/actions/runs/5257676837/jobs/9500882394
2023-06-13 11:52:17 -05:00
f13632cea8 feat: add impending deletion filter to workspaces page (#7860)
* add workspace deletion dialog

* add deleting_by query param

* added test

* filtering on workspaces to be deleted

* cleaned up form

* added story

* added banner filter

* PR feedback

* fix lint and stories

* PR feedback

* added enterprise test

* added unit tests in search_test.go

* remove unused fn

* unstaged changes
2023-06-12 11:55:51 -07:00
30a635aa5f fix(enterprise): ensure scim usernames are validated (#7925) 2023-06-08 17:59:49 -05:00
fa8153a0fd chore: make default workspace proxy editable (#7903)
* chore: add editing the default workspace proxy
2023-06-08 10:30:15 -05:00
dd5b0b2721 fix(scim): ensure scim users aren't created with their own org (#7595) 2023-05-18 20:54:45 -04:00