Closes https://github.com/coder/internal/issues/551
We've noticed lots of flakes in `go test -race` tests that use the echo provisioner. I believe the root cause of this to be https://github.com/coder/coder/pull/17012/, where we started mutating the `echo.Responses`. This only caused issues as we previously shared `echo.Responses` across multiple test cases.
This PR is therefore the same as https://github.com/coder/coder/pull/17128, but I believe this is all the cases where an `echo.Responses` is shared between tests - including tests that haven't flaked (yet).
## Summary
- Clarifies that the CODER_EXTERNAL_AUTH_0_ID value is used as part of
the OAuth callback URL path
- Adds explicit callback URL examples to GitLab and Bitbucket Server
sections
- Updates the GitHub OAuth app configuration instructions to be more
explicit
- Fixes the documentation mistake where it claimed this ID was only for
"internal reference"
## Test plan
- Documentation change only
- Verified consistency across all OAuth provider sections
Fixes#16851
[preview](https://coder.com/docs/@fix-external-auth-docs-16851/admin/external-auth)
<sub>🤖 Generated with [Claude Code](https://claude.ai/code)</sub>
---------
Co-authored-by: EdwardAngert <17991901+EdwardAngert@users.noreply.github.com>
Co-authored-by: Edward Angert <EdwardAngert@users.noreply.github.com>
Co-authored-by: M Atif Ali <atif@coder.com>
## Issue
Closes#16206
(thanks @bjornrobertsson - not sure why I can't tag you as a reviewer)
Mismatch between the SMTP configuration UI and the documentation.
## Verification
Claude verified this issue by examining:
1. The current SMTP configuration code in the codebase
2. The CLI help documentation for the server command
3. The examples provided in the notifications documentation
The issue was confirmed by finding:
- A reference to a deprecated variable
`CODER_NOTIFICATIONS_EMAIL_FORCE_TLS` instead of the current
`CODER_EMAIL_FORCE_TLS`
- Missing information about the port format required for the SMTP
smarthost
## Changes made
1. Updated the `--email-smarthost` description to clarify that the
format should include both hostname and port: `(format:
hostname:port)`
2. Fixed the reference to the TLS environment variable in the STARTTLS
description, replacing the deprecated
`CODER_NOTIFICATIONS_EMAIL_FORCE_TLS` with the correct
`CODER_EMAIL_FORCE_TLS`
## Additional information
The Gmail and Outlook examples in the documentation already correctly
show the port included in the smarthost configuration, but the main
description table needed to be updated to explicitly mention this
requirement.
[preview](https://coder.com/docs/@16206-smtp-required-components/admin/monitoring/notifications)
<sub>🤖 Generated with [Claude Code](https://claude.ai/code)</sub>
---------
Co-authored-by: EdwardAngert <17991901+EdwardAngert@users.noreply.github.com>
Co-authored-by: Claude <noreply@anthropic.com>
## Changes made
- Switched almost all headers to use the `SettingHeader` component
- Redesigned component to be more composition-based, to stay in line
with the patterns we're starting to use more throughout the codebase
- Refactored `SettingHeader` to be based on Radix and Tailwind, rather
than Emotion/MUI
- Added additional props to `SettingHeader` to help resolve issues with
the component creating invalid HTML
- Beefed up `SettingHeader` to have better out-of-the-box accessibility
- Addressed some typographic problems in `SettingHeader`
- Addressed some responsive layout problems for `SettingsHeader`
- Added first-ever stories for `SettingsHeader`
## Notes
- There are still a few headers that aren't using `SettingHeader` yet.
There were some UI edge cases that meant I couldn't reliably bring it in
without consulting the Design team first. I'm a little less worried
about them, because they at least *look* like the other headers, but
it'd be nice if we could centralize everything in a followup PR
Spotted on main: https://github.com/coder/coder/actions/runs/14179449567/job/39721999486
```
=== FAIL: coderd TestOIDCDomainErrorMessage/MalformedEmailErrorOmitsDomains (0.01s)
==================
WARNING: DATA RACE
Read at 0x00c060b54e68 by goroutine 296485:
golang.org/x/oauth2.(*Config).Exchange()
/home/runner/go/pkg/mod/golang.org/x/oauth2@v0.28.0/oauth2.go:228 +0x1d8
github.com/coder/coder/v2/coderd.(*OIDCConfig).Exchange()
<autogenerated>:1 +0xb7
github.com/coder/coder/v2/coderd.New.func11.12.1.2.ExtractOAuth2.1.1()
/home/runner/work/coder/coder/coderd/httpmw/oauth2.go:168 +0x7b5
net/http.HandlerFunc.ServeHTTP()
/opt/hostedtoolcache/go/1.24.1/x64/src/net/http/server.go:2294 +0x47
[...]
Previous write at 0x00c060b54e68 by goroutine 55730:
github.com/coder/coder/v2/coderd/coderdtest/oidctest.(*FakeIDP).SetRedirect()
/home/runner/work/coder/coder/coderd/coderdtest/oidctest/idp.go:1280 +0x1e6
github.com/coder/coder/v2/coderd/coderdtest/oidctest.(*FakeIDP).LoginWithClient()
/home/runner/work/coder/coder/coderd/coderdtest/oidctest/idp.go:494 +0x170
github.com/coder/coder/v2/coderd/coderdtest/oidctest.(*FakeIDP).AttemptLogin()
/home/runner/work/coder/coder/coderd/coderdtest/oidctest/idp.go:479 +0x624
github.com/coder/coder/v2/coderd_test.TestOIDCDomainErrorMessage.func3()
/home/runner/work/coder/coder/coderd/userauth_test.go:2041 +0x1f2
```
As seen, this race was caused by sharing a `*oidctest.FakeIDP` between test cases. The fix is to simply do the setup twice.
```
$ go test -race -run "TestOIDCDomainErrorMessage" github.com/coder/coder/v2/coderd -count=100
ok github.com/coder/coder/v2/coderd 7.551s
````
There's a flake reported in https://github.com/coder/internal/issues/549
that was caused by the built-in Postgres failing to start. However, the
test was written in a way that didn't log the actual error which caused
Postgres to fail. This PR improves error logging in the affected test so
that the next time the error happens, we know what it is.
Fixes https://github.com/coder/coder/issues/17063
I'm ignoring flake.nix for now.
```
$ IGNORE_NIX=true ./scripts/check_go_versions.sh
INFO : go.mod : 1.24.1
INFO : dogfood/coder/Dockerfile : 1.24.1
INFO : setup-go/action.yaml : 1.24.1
INFO : flake.nix : 1.22
INFO : Ignoring flake.nix, as IGNORE_NIX=true
Go version check passed, all versions are 1.24.1
$ ./scripts/check_go_versions.sh
INFO : go.mod : 1.24.1
INFO : dogfood/coder/Dockerfile : 1.24.1
INFO : setup-go/action.yaml : 1.24.1
INFO : flake.nix : 1.22
ERROR: Go version mismatch between go.mod and flake.nix
```
Adds a `coder exp mcp` command which will start a local MCP server
listening on stdio with the following capabilities:
* Show logged in user (`coder whoami`)
* List workspaces (`coder list`)
* List templates (`coder templates list`)
* Start a workspace (`coder start`)
* Stop a workspace (`coder stop`)
* Fetch a single workspace (no direct CLI analogue)
* Execute a command inside a workspace (`coder exp rpty`)
* Report the status of a task (currently a no-op, pending task support)
This can be tested as follows:
```
# Start a local Coder server.
./scripts/develop.sh
# Start a workspace. Currently, creating workspaces is not supported.
./scripts/coder-dev.sh create -t docker --yes
# Add the MCP to your Claude config.
claude mcp add coder ./scripts/coder-dev.sh exp mcp
# Tell Claude to do something Coder-related. You may need to nudge it to use the tools.
claude 'start a docker workspace and tell me what version of python is installed'
```
This does ~95% of the backend work required to integrate the AI work.
Most left to integrate from the tasks branch is just frontend, which
will be a lot smaller I believe.
The real difference between this branch and that one is the abstraction
-- this now attaches statuses to apps, and returns the latest status
reported as part of a workspace.
This change enables us to have a similar UX to in the tasks branch, but
for agents other than Claude Code as well. Any app can report status
now.
Closes https://github.com/coder/coder/issues/16775
## Changes made
- Added `OneWayWebSocket` function that establishes WebSocket
connections that don't allow client-to-server communication
- Added tests for the new function
- Updated API endpoints to make new WS-based endpoints, and mark
previous SSE-based endpoints as deprecated
- Updated existing SSE handlers to use the same core logic as the new WS
handlers
## Notes
- Frontend changes handled via #16855
* Improves tests for webpush notifications
* Sets subscriber correctly in web push payload (without this,
notifications do not work in Safari)
* NOTE: for now, I'm using the Coder Access URL. Some push messaging
service don't like it when you use a non-HTTPS URL, so dropping a warn
log about this.
* Adds a service worker and context for push notifications
* Adds a button beside "Inbox" to enable / disable push notifications
Notes:
* ✅ Tested in in Firefox and Safari, and Chrome.
Fixes a transitive High severity dependency in path-to-regexp.
We've tried to [upgrade to
2.5.0](https://github.com/coder/coder/pull/17124) (currently, the latest
version) but there are some known bugs related to polyfills as [this
one](https://github.com/mswjs/msw/discussions/2288). As shared in the
comments, the latest version without this issue is 2.4.3.
