* add token actions
* added basic token form
* removed token switch
* refined date field
* limiting lifetime days to maxTokenLifetime
* broke apart files
* added loader and error
* fixed form layout
* added some unit tests
* fixed be tests
* no authorize check
Prior to this change, DERP traffic would route from `coderd` to the
`CODER_ACCESS_URL` to reach the internal DERP server, which may have
resulted in slower connections due to proxying, or the failure of
web traffic entirely.
If your Coder deployment has a proxy in front of it, your traffic through
web terminals, apps, and port-forwarding is about to get a lot faster!
This PR adds a minimum set of Helm tests for the Helm chart.
It's heavily based on the approach in [1], but uses a golden-files-based approach instead.
It also runs helm template directly instead of importing the entire Kubernetes API.
Golden files can be updated by running go test ./helm/tests -update or by running make update-golden-files.
[1] https://github.com/coder/enterprise-helmFixes#6552
* chore: Ensure all audit types in ResourceTable match APGL
* Implement more checks to ensure all tracked fields are present
* Add unit test to ensure all types are represented in audit table
* Trade compile time safety for syntax
- Introduces rbac.ResourceSystem
- Grants system.* to system and provisionerd rbac subjects
- Updates dbauthz system queries where applicable
- coderd: Avoid index out of bounds in api.workspaceBuilds
- dbauthz: move GetUsersByIDs out of system, modify RBAC check to ResourceUser
- workspaceapps: Add test case for when owner of app is not found
* feat: Implement view for workspace builds to include rbac info
* Removes the need to fetch the workspace to run an rbac check.
* chore: Use workspace build as RBAC object
* chore: Use golang templates instead of sqlc files
* feat: Allow changing the 'group' oidc claim field
* Enable empty groups support
* fix: Delete was wiping all groups, not just the single user's groups
* Update docs
* fix: Dbfake delete group member fixed
This text wasn't useful to a customer anyways, because we don't get
an error from EventSource. This can happen if you close your laptop
and open it again, so it's better if we don't display it.
