synced/coder
1
0
Fork 0
mirror of https://github.com/coder/coder.git synced 2025-07-09 11:45:56 +00:00
Code Issues Packages Projects Releases Wiki Activity
3,444 Commits 363 Branches 234 Tags
4bf012cefb2de1d4611a9136d88ae27a1170015d
Commit Graph

155 Commits

Author SHA1 Message Date
Steven Masley
fe247c86eb feat: Add deployment side config-ssh options (#6613) 
* feat: Allow setting deployment wide ssh config settings
* feat: config-ssh respects deployment ssh config
* The '.' is now configurable
* Move buildinfo into deployment.go
 2023-03-16 13:03:37 -05:00
Ammar Bandukwala
a65a16122d chore: early merge clibase foundations (#6542) 2023-03-10 13:41:32 -06:00
Kyle Carberry
4a07fcd9d2 fix: ensure local derp uses the hostname (#6559) 
This broke deployments that use a custom port with an access
URL. We should write a test for this!
 2023-03-10 09:58:31 -06:00
Steven Masley
7f25d31745 feat: Allow changing the 'group' oidc claim field (#6546) 
* feat: Allow changing the 'group' oidc claim field
* Enable empty groups support
* fix: Delete was wiping all groups, not just the single user's groups
* Update docs
* fix: Dbfake delete group member fixed
 2023-03-09 23:31:38 -06:00
Steven Masley
11a930e779 !fix: Disallow access urls without valid scheme (#6548) 
Existing deployments will need to prepend a scheme if they have not already.
 2023-03-09 21:37:19 -06:00
Ammar Bandukwala
50432b89be fix: pass git auth config read from environment through server (#6540) 2023-03-09 20:27:54 +00:00
Ammar Bandukwala
62a64d5a34 fix: remove deprecation warnings when option unset (#6532) 
Resolves #6531
 2023-03-09 19:22:21 +00:00
Kyle Carberry
9d40d2ffdc fix: remove create first user from the cli message (#6493) 
This adjusts our setup to just show the Web UI, since you
can now create everything from there!
 2023-03-09 02:54:46 +00:00
Ammar Bandukwala
3b73321a6c feat: refactor deployment config (#6347) 2023-03-07 15:10:01 -06:00
Dean Sheather
1bdd2abed7 feat: use JWT ticket to avoid DB queries on apps (#6148) 
Issue a JWT ticket on the first request with a short expiry that
contains details about which workspace/agent/app combo the ticket is
valid for.
 2023-03-07 19:38:11 +00:00
Ammar Bandukwala
f05609b4da chore: format Go more aggressively 2023-02-18 18:32:09 -06:00
Cian Johnston
81c29c018a fix(coder): actually ignore email verified if config value is set (#6236) 2023-02-16 15:17:37 +00:00
Steven Masley
6189035e98 feat: Add option to enable hsts header (#6147) 
* feat: Add option to enable hsts header
* Update golden files
 2023-02-10 10:52:49 -06:00
Kyle Carberry
1617268859 fix: stop redirecting away from wildcard url (#6113) 
Fixes #6097.
 2023-02-08 13:48:17 -06:00
Dean Sheather
4fe221a700 feat: add flag to disable password auth (#5991) 
Adds a flag --disable-password-auth that prevents the password login
endpoint from working unless the user has the "owner" (aka. site admin)
role.

Adds a subcommand `coder server create-admin-user` which creates a user
directly in the database with the "owner" role, the "admin" role in
every organization, and password auth. This is to avoid lock-out
situations where all accounts have the login type set to an identity
provider and nobody can login.
 2023-02-06 14:58:21 +00:00
Steven Masley
8b424f03c2 chore: Rename databasefake --> dbfake (#6011) 2023-02-02 19:28:55 -06:00
Kyle Carberry
b9b402cd0c feat!: generate a self-signed certificate if no certificates are specified (#5973) 
* feat: generate a self-signed certificate if no certificates are specified

Clouds like AWS automatically navigate to https://<ip-here>. This
allows us to bind to that immediately, serve a self-signed certificate,
then reroute to the access URL.

* Add new flag and deprecate old one

* Fix redirect if not using tunnel

* Add deprecation notice

* Fix TLS redirect

* Run `make gen`

* Fix bad test

* Fix gen
 2023-02-02 17:08:35 +00:00
Arthur Normand
69fce0488e feat: Allow hiding password auth, changing OpenID Connect text and OpenID Connect icon (#5101) 
* Allow hiding password entry, changing OpenID Connect text and OpenID Connect icon

* Docs

* Cleaning

* Fix Prettier and Go test and TS compile error

* Fix LoginPage test

* Prettier

* Fix storybook

* Add query param to un-hide password auth

* Cleaning

* Hide password by default when OIDC enabled

* Ran prettier, updated goldenfiles and ran "make gen"

* Fixed and added LoginPage test

* Ran prettier

* PR Feedback and split up SignInForm.tsx

* Updated golden files

* Fix auto-genned-files

* make gen -B

* Revert provisioner files?

* Fix lint error

---------

Co-authored-by: Kyle Carberry <kyle@coder.com>
 2023-01-31 18:33:25 +00:00
Ben Potter
a040bcc0cf docs: clarify access URL in install flow (#5626) 
* fix: TLS disabled copy

* clarify default access URL

* add docs for coder address
 2023-01-18 23:23:55 +00:00
Dean Sheather
7f5dcc3d6c feat: remove server subcommand from slim binaries (#5747) 2023-01-17 16:58:00 +00:00
Kyle Carberry
bbc1a9a1d8 fix: use UserInfo endpoint with OIDC (#5735) 
This resolves a user issue surfaced in Discord:
https://discord.com/channels/747933592273027093/1064566338875576361/1064566338875576361

Both methods of obtaining claims need to be used according
to the OIDC specification.
 2023-01-16 16:06:39 -06:00
Colin Adler
dcab87358e feat: add stackdriver and json log options to coder server (#5682) 2023-01-12 20:08:23 -06:00
Dean Sheather
e72a2ad907 feat: add SIGQUIT/SIGTRAP handler for the CLI (#5665) 2023-01-11 16:22:20 +00:00
Colin Adler
7bcbf197c1 fix: print correct listen adress in coder server (#5634) 2023-01-09 13:59:23 -06:00
Colin Adler
a4ca8ffa65 fix: don't hang forever getting pg version (#5614) 2023-01-06 21:07:22 -06:00
Dean Sheather
5a968e2f93 feat: add flag to disaable all rate limits (#5570) 2023-01-05 18:05:20 +00:00
Ben Potter
04d45f3c1c fix!: remove AUTO_IMPORT_TEMPLATE for Kubernetes installs (#5401) 
* fix!: remove AUTO_IMPORT_TEMPLATE

* chore: remove template auto importing

Co-authored-by: Dean Sheather <dean@deansheather.com>
 2023-01-05 04:04:32 +00:00
Jan Losinski
de0601d611 feat: allow configurable username claim field in OIDC (#5507) 
Co-authored-by: Colin Adler <colin1adler@gmail.com>
 2023-01-04 15:16:31 -06:00
Mathias Fredriksson
c7ce3e70da feat: Add --raw-url to coder server postgres-builtin-* commands (#5478) 2022-12-20 18:51:17 +00:00
Dean Sheather
1bc4eb5329 fix: fix security vulnerabilities reported by CodeQL (#5467) 2022-12-19 19:25:59 +00:00
Marcin Tojek
dc6d271293 feat: Build framework for generating API docs (#5383) 
* WIP

* Gen

* WIP

* chi swagger

* WIP

* WIP

* WIP

* GetWorkspaces

* GetWorkspaces

* Markdown

* Use widdershins

* WIP

* WIP

* WIP

* Markdown template

* Fix: makefile

* fmt

* Fix: comment

* Enable swagger conditionally

* fix: site

* Default false

* Flag tests

* fix

* fix

* template fixes

* Fix

* Fix

* Fix

* WIP

* Formatted

* Cleanup

* Templates

* BEGIN END SECTION

* subshell exit code

* Fix

* Fix merge

* WIP

* Fix

* Fix fmt

* Fix

* Generic api.md page

* Fix merge

* Link pages

* Fix

* Fix

* Fix: links

* Add icon

* Write manifest file

* Fix fmt

* Fix: enterprise

* Fix: Swagger.Enable

* Fix: rename apidocs to apidoc

* Fix: find -not -prune

* Fix: json not available

* Fix: rename Coderd API to Coder API

* Fix: npm exec

* Fix: api dir

* Fix: by ID

* Fix: string uuid

* Fix: include deleted

* Fix: indirect go.mod

* Fix: source lib.sh

* Fix: shellcheck

* Fix: pushd popd

* Fix: fmt

* Fix: improve workspaces

* Fix: swagger-enable

* Fix

* Fix: mention only HTTP 200

* Fix: IDs

* Fix: https

* Fix: icon

* More APis

* Fix: format swagger.json

* Fix: SwaggerEndpoint

* Fix: SCRIPT_DIR

* Fix: PROJECT_ROOT

* Fix: use code tags in schemas.md

* Fix: examples

* Fix: examples

* Fix: improve format

* Fix: date-time,enums

* Fix: include_deleted

* Fix: array of

* Fix: parameter, response

* Fix: string time or null

* Workspaces: more docs

* Workspaces: more docs

* Fix: renderDisplayName

* Fix: ActiveUserCount

* Fix

* Fix: typo

* Templates: docs

* Notice: incomplete
 2022-12-19 18:43:46 +01:00
Dean Sheather
31d38d4246 feat: allow http and https listening simultaneously (#5365) 2022-12-15 20:09:19 +00:00
Arthur Normand
ad0dd1be5d fix: Add client certs to OAuth HTTPClient context (#5126) 2022-12-14 16:44:29 +02:00
Dean Sheather
6651c1632d fix: avoid terraform state concurrent access, remove global mutex (#5273) 2022-12-06 17:05:14 +00:00
Colin Adler
ab3b3d5fca feat: add debouncing to provisionerd rpc calls (#5198) 2022-12-01 16:54:53 -06:00
Mathias Fredriksson
d9f2aaf3b4 feat: Add support for update checks and notifications (#4810) 
Co-authored-by: Kira Pilot <kira@coder.com>
 2022-12-01 19:43:28 +02:00
Mathias Fredriksson
085f1917db fix: Fix develop script pid tracking, improve logging and interrupt (#5186) 2022-11-29 15:45:14 +02:00
Cian Johnston
a4a319a76e feat: add CODER_OIDC_IGNORE_EMAIL_VERIFIED config knob (#5165) 
* Adds a configuration knob CODER_OIDC_IGNORE_EMAIL_VERIFIED that allows
  ignoring the email_verified OIDC claim
* Adds warning message at startup if CODER_OIDC_IGNORE_EMAIL_VERIFIED=true
* Adds warning whenever an unverified OIDC email is let through
* Skips flaky test on non-linux platforms

Co-authored-by: Mathias Fredriksson <mafredri@gmail.com>
 2022-11-25 10:10:09 +00:00
Colin Adler
1f20cab110 fix: don't use yamux for in-memory provisioner{,d} streams (#5136) 2022-11-22 12:19:32 -06:00
Kyle Carberry
b6703b11c6 feat: Add external provisioner daemons (#4935) 
* Start to port over provisioner daemons PR

* Move to Enterprise

* Begin adding tests for external registration

* Move provisioner daemons query to enterprise

* Move around provisioner daemons schema

* Add tags to provisioner daemons

* make gen

* Add user local provisioner daemons

* Add provisioner daemons

* Add feature for external daemons

* Add command to start a provisioner daemon

* Add provisioner tags to template push and create

* Rename migration files

* Fix tests

* Fix entitlements test

* PR comments

* Update migration

* Fix FE types
 2022-11-16 16:34:06 -06:00
Geoffrey Huntley
1f4f0cee2a chore(branding): update branding (#5028) 2022-11-16 07:15:33 -03:00
Mathias Fredriksson
9fb710a04f feat: Add allow everyone option to GitHub OAuth2 logins (#5086) 
* feat: Add allow everyone option for GitHub OAuth

* fix: Detect team when multiple orgs are present

Co-authored-by: 李董睿煊 <dongruixuan@hotmail.com>
 2022-11-15 18:56:46 +02:00
Kyle Carberry
773fc73280 fix: Add debug logging for connecting to psql (#5078) 
If a database connection hung, the output was unclear.
 2022-11-14 20:10:37 -06:00
Kyle Carberry
fefacc5bfd chore: Expose additional agent options to telemetry (#5070) 
This also adds a few properties for deployments!
 2022-11-14 10:11:08 -06:00
Arthur Normand
9578ce9f77 OAuth now uses client TLS certs (if configured) (#5042) 
* OAuth now uses client TLS certs (if configured)

* Update docs

* Cleaning

* Fix lint errors and generate static files

* Fix lint error and regenerate more static files

* Suppress lint error
 2022-11-13 14:15:06 -06:00
Kyle Carberry
49c7648af5 chore: Close idle connections on test cleanup (#4993) 
It's possible that this was the source of a leak on Windows...
 2022-11-13 14:06:03 -06:00
Kyle Carberry
927c241995 fix: Debounce AcquireJob when no jobs are available (#5017) 
This prevents constant database spam at scale to a maximum
of 60 queries/s per coderd instance.
 2022-11-10 22:37:33 +00:00
Dean Sheather
8e5af82275 feat: add api-rate-limit flag (#5013) 2022-11-10 21:53:48 +00:00
Dean Sheather
ffc24dcbe0 feat: create tracing.SlogSink for storing logs as span events (#4962) 2022-11-09 12:58:23 -06:00
Kyle Carberry
089659ffb1 fix: Move SQL connection limits to initialization (#4981) 
The connection limit wasn't being applied to pubsub, which would
overload the server if a ton of logs were being published at once.

This should fix it, and improve scale a lot!
 2022-11-09 16:25:25 +00:00