6b69970d7c
fix: avoid infinite loop in agent derp-map ( #8848 )
2023-08-02 13:18:46 +10:00
c575292ba6
fix: fix tailnet netcheck issues ( #8802 )
2023-08-02 01:50:43 +10:00
4cc270b12b
revert(enterprise): make pgcoord experimental again ( #8797 )
2023-07-28 18:38:32 -05:00
9ffbdc6696
hotfix: fix failed 32-bit builds ( #8741 )
2023-07-26 17:30:47 +00:00
2f0a9996e7
chore: add derpserver to wsproxy, add proxies to derpmap ( #7311 )
2023-07-27 02:21:04 +10:00
2089006fbc
feat!: drop reading other 'user' permission ( #8650 )
...
* feat: drop reading other 'user' permission
Members of the platform can no longer read or list other users.
Resources that have "created_by" or "initiated_by" still retain
user context, but only include username and avatar url.
Attempting to read a user found via those means will result in
a 404.
* Hide /users page for regular users
* make groups a privledged endpoint
* Permissions page for template perms
* Admin for a given template enables an endpoint for listing users/groups.
2023-07-26 10:33:48 -04:00
f827829afe
feat: synchronize oidc user roles ( #8595 )
...
* feat: oidc user role sync
User roles come from oidc claims. Prevent manual user role changes
if set.
* allow mapping 1:many
2023-07-24 08:34:24 -04:00
dc8b73168e
feat: add user quiet hours schedule and restart requirement feature flag ( #8115 )
2023-07-20 23:35:41 +10:00
517fb19474
feat: add single tailnet support to moons ( #8587 )
2023-07-19 11:11:11 -05:00
cc8d0af027
fix(enterprise): avoid initial license reconfig if feature isn't enabled ( #8586 )
2023-07-19 10:32:29 -05:00
b4057bd74a
feat: make pgCoordinator generally available ( #8419 )
...
* pgCoord to GA, fix tests
Signed-off-by: Spike Curtis <spike@coder.com >
* Fix generation and coordinator delete RBAC
Signed-off-by: Spike Curtis <spike@coder.com >
* Fix fakeQuerier -> FakeQuerier
Signed-off-by: Spike Curtis <spike@coder.com >
---------
Signed-off-by: Spike Curtis <spike@coder.com >
2023-07-12 13:35:29 +04:00
3f6a158016
chore: enable exhaustruct linter ( #8403 )
...
* chore: enable exhaustruct linter
* add exlusion rules
* move to allowlist instead
* exhaustruct httpmw package
* fixup! exhaustruct httpmw package
* make lint
* address PR comments
2023-07-11 14:30:33 +01:00
9a72ddf7d4
fix(enterprise/coderd): add missing fields to extract api key config ( #8393 )
2023-07-10 16:51:50 +03:00
6015319e9d
feat: show service banner in SSH/TTY sessions ( #8186 )
...
* Allow workspace agents to get appearance
* Poll for service banner every two minutes
* Show service banner before MOTD if not quiet
2023-06-30 10:41:29 -08:00
f0bd258ff1
feat: move proxy settings page to deployment options ( #8246 )
...
* feat: Move workspace proxy page to deployment options
Workspace proxy settings page is now an admin feature
* WorkspaceProxy response extends region
2023-06-30 11:32:35 -04:00
7943a5b85e
fix PG coordinator context and RBAC subject ( #8223 )
...
Signed-off-by: Spike Curtis <spike@coder.com >
2023-06-27 10:14:31 +00:00
31076ad665
fix(enterprise/coderd): prevent deadlock during entitlements update ( #8215 )
2023-06-26 20:22:28 +03:00
e856491476
feat: enable PG Coordinator as experiment ( #8144 )
...
Signed-off-by: Spike Curtis <spike@coder.com >
2023-06-22 13:12:29 +04:00
1b0124ecdb
feat: automatically stop workspaces based on failure_ttl ( #7989 )
2023-06-22 00:33:22 -04:00
f444100aa6
feat: add region querying to pre-fetched html ( #8077 )
2023-06-19 11:23:26 -05:00
9df9ad4503
feat: embed common client requests into the template html ( #8076 )
...
This should reduce the number of API requests a client makes
when loading the dashboard dramatically!
2023-06-18 13:57:27 -05:00
51226c55ab
test(coderd): close metricscache and avoid background context ( #7996 )
2023-06-13 20:18:31 +03:00
fa8153a0fd
chore: make default workspace proxy editable ( #7903 )
...
* chore: add editing the default workspace proxy
2023-06-08 10:30:15 -05:00
b7f4f3a771
chore: Implement workspace proxy going away (graceful shutdown) ( #7459 )
...
* chore: Implement workspace proxy going away
When a workspace proxy shuts down, the health status of that
proxy should immediately be updated. This is purely a courtesy
and technically not required
2023-05-10 19:23:16 -05:00
b5ad628460
chore: Allow editing proxy fields via api. ( #7435 )
...
* chore: Add ability to update workspace proxy fields
2023-05-09 13:46:50 -05:00
5ffa6dae50
feat: add inactivity cleanup and failure cleanup configuration fields to Template Schedule Form ( #7402 )
...
* added workspace actions entitlement
* added workspace actions experiment
* added new route for template enterprise meta
* removing new route; repurposing old
* add new fields to get endpoints
* removed workspace actions experiment
* added logic to enterprise template store
* added new form fields
* feature flagged new fields
* fix validation
* fixed submit btn
* fix tests
* changed ttl defaults
* added FE tests
* added BE tests
* fixed lint
* adjusted comment language
* fixing unstaged changes check
* fix test
* Update coderd/database/migrations/000122_add_template_cleanup_ttls.down.sql
Co-authored-by: Dean Sheather <dean@deansheather.com >
* Update coderd/database/migrations/000122_add_template_cleanup_ttls.up.sql
Co-authored-by: Dean Sheather <dean@deansheather.com >
---------
Co-authored-by: Dean Sheather <dean@deansheather.com >
2023-05-05 08:19:26 -07:00
2e9310b203
chore: add workspace actions entitlement and experiment ( #7361 )
...
* added workspace actions entitlement
* added workspace actions experiment
2023-05-03 11:34:43 -07:00
a1db82582f
chore: Dynamic CSP connect-src to support terminals connecting to workspace proxies ( #7352 )
...
* chore: Expose proxy hostnames to csp header
2023-05-02 08:30:44 -05:00
079d2821f5
chore: Set proxy health checks to 1 minute intervals ( #7351 )
2023-05-01 16:06:29 +00:00
b6666cf1cf
chore: tailnet debug logging ( #7260 )
...
* Enable discovery (disco) debug
Signed-off-by: Spike Curtis <spike@coder.com >
* Better debug on reconnectingPTY
Signed-off-by: Spike Curtis <spike@coder.com >
* Agent logging in appstest
Signed-off-by: Spike Curtis <spike@coder.com >
* More reconnectingPTY logging
Signed-off-by: Spike Curtis <spike@coder.com >
* Add logging to coordinator
Signed-off-by: Spike Curtis <spike@coder.com >
* Update agent/agent.go
Co-authored-by: Mathias Fredriksson <mafredri@gmail.com >
* Update agent/agent.go
Co-authored-by: Mathias Fredriksson <mafredri@gmail.com >
* Update agent/agent.go
Co-authored-by: Mathias Fredriksson <mafredri@gmail.com >
* Update agent/agent.go
Co-authored-by: Mathias Fredriksson <mafredri@gmail.com >
* Clarify logs; remove unrelated changes
Signed-off-by: Spike Curtis <spike@coder.com >
---------
Signed-off-by: Spike Curtis <spike@coder.com >
Co-authored-by: Mathias Fredriksson <mafredri@gmail.com >
2023-04-27 13:59:01 +04:00
a98341612c
feat: add regions endpoint for proxies feature ( #7277 )
...
* feat: add regions endpoint for proxies feature
2023-04-25 09:37:52 -05:00
3129741e08
chore: Proxy health status checks + endpoint ( #7233 )
...
* chore: Implement workspace proxy health check cron
At a given interval will check the reachability of workspace proxies.
* Proxyhealth is an enterprise feature
* Start proxyhealth go routine on enterprise coder
2023-04-24 10:25:35 -05:00
68667323f3
chore: support signed token query param for web terminal ( #7197 )
...
* chore: add endpoint to get token for web terminal
* chore: support signed token query param for web terminal
2023-04-20 23:59:45 +00:00
a5a5c4d400
chore: Add workspace proxy enterprise cli commands ( #7176 )
...
* feat: Add workspace proxy enterprise cli commands
* chore: Handle custom workspace proxy options. Remove excess
* chore: Add endpoint to register workspace proxies
2023-04-20 09:48:47 -05:00
658246d5f2
chore: add workspace proxies to the backend ( #7032 )
...
Co-authored-by: Dean Sheather <dean@deansheather.com >
2023-04-17 19:57:21 +00:00
391738cc25
chore: remove documented groups endpoint that doesn't exist ( #7020 )
2023-04-05 14:26:21 -05:00
b4afbe7720
feat: Implement experiment gated CRUD for workspace proxies ( #6928 )
...
* feat: Implement basic moon crud
* chore: Implement enterprise endpoints for moons
2023-04-04 15:07:29 -05:00
3b73321a6c
feat: refactor deployment config ( #6347 )
2023-03-07 15:10:01 -06:00
1bdd2abed7
feat: use JWT ticket to avoid DB queries on apps ( #6148 )
...
Issue a JWT ticket on the first request with a short expiry that
contains details about which workspace/agent/app combo the ticket is
valid for.
2023-03-07 19:38:11 +00:00
66a6b590a1
feat: add template max_ttl ( #6114 )
...
Co-authored-by: Bruno Quaresma <bruno@coder.com >
2023-03-07 14:14:58 +00:00
4cbbd1376d
feat: Turn on rbac check caching ( #6202 )
...
* chore: Turn on rbac check caching.
Should not affect much unless authz_querier experiment is
enabled
2023-02-15 08:56:07 -06:00
5e4931efaf
chore: add comment that explains require_telemetry behavior ( #6211 )
2023-02-15 01:40:08 +00:00
6e3330a03f
feat: add support for telemetry-required licenses ( #6194 )
2023-02-14 20:26:47 +00:00
6fb8aff6d0
feat: Add initial AuthzQuerier implementation ( #5919 )
...
feat: Add initial AuthzQuerier implementation
- Adds package database/dbauthz that adds a database.Store implementation where each method goes through AuthZ checks
- Implements all database.Store methods on AuthzQuerier
- Updates and fixes unit tests where required
- Updates coderd initialization to use AuthzQuerier if codersdk.ExperimentAuthzQuerier is enabled
2023-02-14 14:27:06 +00:00
496138b086
feat: assign users to groups returned by OIDC provider ( #5965 )
2023-02-02 19:53:48 +00:00
56b996532f
feat: add --experiments flag to replace --experimental ( #5767 )
...
- Deprecates the --experimental flag
- Adds a new flag --experiments which supports passing multiple comma-separated values or a wildcard value.
- Exposes a new endpoint /api/v2/experiments that returns the list of enabled experiments.
- Deprecates the field Features.Experimental in favour of this new API.
- Updates apidocgen to support type aliases (shoutout to @mtojek).
- Modifies apitypings to support generating slice types.
- Updates develop.sh to pass additional args after -- to $CODERD_SHIM.
2023-01-18 19:12:53 +00:00
501cfa9e8d
refactor: deduplicate / type license feature code ( #5734 )
2023-01-17 17:04:29 -06:00
eb48341696
chore: More complete tracing for RBAC functions ( #5690 )
...
* chore: More complete tracing for RBAC functions
* Add input.json as example rbac input for rego cli
The input.json is required to play with the rego cli and debug
the policy without golang. It is good to have an example to run
the commands in the readme.md
* Add span events to capture authorize and prepared results
* chore: Add prometheus metrics to rbac authorizer
2023-01-13 16:07:15 -06:00
deebfcbd53
feat: Validate swagger definitions ( #5694 )
...
* docs: audit, deploymentconfig, files, parameters
* Swagger comments in workspacebuilds.go
* structs in workspacebuilds.go
* workspaceagents: instance identity
* workspaceagents.go in progress
* workspaceagents.go in progress
* Agents
* workspacebuilds.go
* /workspaces
* templates.go, templateversions.go
* templateversion.go in progress
* cancel
* templateversions
* wip
* Merge
* x-apidocgen
* NullTime hack not needed anymore
* Fix: x-apidocgen
* Members
* Fixes
* Fix
* WIP
* WIP
* Users
* Logout
* User profile
* Status suspend activate
* User roles
* User tokens
* Keys
* SSH key
* All
* Typo
* Fix
* Entitlements
* Groups
* SCIM
* Fix
* Fix
* Clean templates
* Sort API pages
* Fix: HashedSecret
* WIP
* WIP
* WIP
* Fix: cover workspaceagents
* Assert: consistent ID and summary
* Assert: success or failure defined
* Fix: parallel
* Refactor
* Support enterprise
* Go comment goes to top
* Security
* assertPathParametersDefined
* assertUniqueRoutes
* assertRequestBody
* More fixes
* Fix: exceptions
* Fix field format
* Address PR comments
* Refactor
2023-01-13 12:27:21 +01:00
d9436fab69
docs: API enterprise ( #5625 )
...
* docs: audit, deploymentconfig, files, parameters
* Swagger comments in workspacebuilds.go
* structs in workspacebuilds.go
* workspaceagents: instance identity
* workspaceagents.go in progress
* workspaceagents.go in progress
* Agents
* workspacebuilds.go
* /workspaces
* templates.go, templateversions.go
* templateversion.go in progress
* cancel
* templateversions
* wip
* Merge
* x-apidocgen
* NullTime hack not needed anymore
* Fix: x-apidocgen
* Members
* Fixes
* Fix
* WIP
* WIP
* Users
* Logout
* User profile
* Status suspend activate
* User roles
* User tokens
* Keys
* SSH key
* All
* Typo
* Fix
* Entitlements
* Groups
* SCIM
* Fix
* Fix
* Clean templates
* Sort API pages
* Fix: HashedSecret
* General is first
2023-01-11 16:05:42 +01:00
