Commit Graph

8635 Commits

Author SHA1 Message Date
6c9ccca687 feat: implement CRUD UI for IDP organization sync settings (#15503)
resolves coder/internal#205

The goal is to create a new page located in deployment settings to allow
users to create and update organization IDP sync settings.

- [x] Use shadcn button for export policy button
- [x] Disable save button if form is not dirty
- [x] Disable "Add IdP organization" button if idp org name or coder
orgs are empty
- [x] Add footnote label below organization sync field input
- [x] Add button to Delete rows in mapping table
- [x] Create Multi-select combox box component to select coder org to
map to idp org
- [x] Storybook tests
- [x] Tooltip for assign default org switch
- [x] Display success/error toast on form submission

<img width="1181" alt="Screenshot 2024-12-02 at 20 33 07"
src="https://github.com/user-attachments/assets/86877d3b-82ec-4ed2-b239-bf8497352a9e">
2024-12-04 14:23:18 -05:00
3b1131ca01 fix(docs): fix a typo in extending-templates (#15744)
It's -> its
2024-12-04 10:17:39 -05:00
75f417630b fix: persist the devtunnel file in a docker volume (#15731)
Addresses https://github.com/coder/coder/issues/15663.

This PR saves the entire coder home directory in a Docker volume to make
the dev tunnel URL persistent across container restarts.

I initially wanted to persist only the config directory, but Docker
Compose cannot set permissions on a named volume unless the directory
it’s mounted on already exists within the container. The
`/home/coder/.config` directory, however, is not created by default in
the Dockerfile. When I attempt to mount it, [Docker creates it with root
permissions](https://github.com/moby/moby/issues/2259#issue-21132999),
and Coder cannot write to it. I encounter the following error:

```
coder-1     | Started HTTP listener at http://0.0.0.0:7080
coder-1     | Opening tunnel so workspaces can connect to your deployment. For production scenarios, specify an external access URL
coder-1     | Encountered an error running "coder server", see "coder server --help" for more information
coder-1     | error: create tunnel: read or generate config: get config path: mkdirall config dir "/home/coder/.config/coderv2": mkdir /home/coder/.config/coderv2: permission denied
```

Creating the directory in the Dockerfile would resolve the issue for new
images but would break `docker-compose.yml` for all existing Coder
images. Mounting the entire home directory avoids this problem, but it
makes it less clear to admins which files need to be persisted. It’s a
trade-off - I believe keeping Docker Compose backwards-compatible is
more important, and I hope the added comment clarifies the purpose of
the volume for new users.
2024-12-04 12:21:54 +01:00
14a60303ac chore: rework RPC version negotiation (#15687)
Changes the RPC header format from `codervpn <version> <role>` to
`codervpn <role> <version1,version2,...>`.

The versions list is a list of the maximum supported minor version for
each major version, sorted by major versions.

E.g. `1.0,2.3,3.1` means `1.0, 2.0, 2.1, 2.2, 2.3, 3.0, 3.1` are
supported.

When we eventually support multiple versions, the peer's version list
will be compared against the current supported versions list to
determine the maximum major and minor version supported by both peers.

Closes #15601
2024-12-04 09:38:24 +00:00
887ea14b6a ci: fetch annotated tags during release/build-dylib (#15738)
The release action [ran into an
issue](https://github.com/coder/coder/actions/runs/12147281426) building
the dylib today, as the version script that's run during the build job
was unable to find an annotated tag. This is a step it skips during
dry-runs.

```
ERROR: version.sh: the current commit is not tagged with an annotated tag
```

This was almost certainly caused by omitting the `git fetch --tags
--force` that's present on each other release action job, as the
workflow passes on a release dry-run when run against a regular branch,
that's not an annotated tag.

From an existing comment:
> If the event that triggered the build was an annotated tag (which our
tags are supposed to be), actions/checkout has a bug where the tag in
      question is only a lightweight tag and not a full annotated tag.
2024-12-04 19:09:40 +11:00
c8c8e50eb7 Revert "chore: release cherry-picks for 2.18.0" (#15734)
Reverts coder/coder#15719
2024-12-03 19:59:52 +00:00
1afcd38273 chore: release cherry-picks for 2.18.0 (#15719)
- https://github.com/coder/coder/pull/15589
- https://github.com/coder/coder/pull/15683
- https://github.com/coder/coder/pull/15671

---------

Co-authored-by: Hugo Dutka <hugo@coder.com>
Co-authored-by: Sas Swart <sas.swart.cdk@gmail.com>
Co-authored-by: Spike Curtis <spike@coder.com>
Co-authored-by: Cian Johnston <cian@coder.com>
2024-12-03 13:56:03 -06:00
e744cde86f fix(coderd): ensure that clearing invalid oauth refresh tokens works with dbcrypt (#15721)
https://github.com/coder/coder/pull/15608 introduced a buggy behaviour
with dbcrypt enabled.
When clearing an oauth refresh token, we had been setting the value to
the empty string.
The database encryption package considers decrypting an empty string to
be an error, as an empty encrypted string value will still have a nonce
associated with it and thus not actually be empty when stored at rest.

Instead of 'deleting' the refresh token, 'update' it to be the empty
string.
This plays nicely with dbcrypt.

It also adds a 'utility test' in the dbcrypt package to help encrypt a
value. This was useful when manually fixing users affected by this bug
on our dogfood instance.
2024-12-03 13:26:31 -06:00
ebfc133641 fix: display build timings when all timings are loaded (#15728)
- [Refetch timings until script timings are
present](2181bec72b)
- [Stay on loading state when agent script timings are
empty](b16fad165c)

Fix https://github.com/coder/coder/issues/15273
2024-12-03 13:28:32 -03:00
c7c35ef4d7 chore: run macOS, windows, and race tests with Postgres in CI (#15520)
This PR is the second in a series aimed at closing
https://github.com/coder/coder/issues/15109.

## Changes

- adds `scripts/embedded-pg/main.go`, which can start a native Postgres
database. This is used to set up PG on Windows and macOS, as these
platforms don't support Docker in Github Actions.
- runs the `test-go-pg` job on macOS and Windows too
- adds the `test-go-race-go` job, which runs race tests with Postgres on
Linux
2024-12-03 13:33:17 +01:00
066a5ad7cb chore: bump eslint-config-next from 14.2.16 to 14.2.18 in /offlinedocs (#15693) 2024-12-03 08:56:48 -03:00
682d35003a chore: upgrade yamux to 0.1.2 (#15727)
Upgrades yamux to 0.1.2, which includes a couple bug fixes.

> Significant Changes
> * Fixed a case where Streams may continue to exist and block operations even after their Session has been closed. #127 ensures when a Session closes that blocking Stream operations exit as well.
> * Allow Reads on locally closed streams. Prior to #131 calling Close() and then Read() on a Stream would fail. Close should only indicate the Stream is done writing. The peer must call Close before Read considers the stream closed. See #131 for details.
> * Tests have been improved significantly. See below for details.

https://github.com/hashicorp/yamux/releases/tag/v0.1.2
2024-12-03 15:20:44 +04:00
a2cf40b9d4 chore: bump prettier from 3.3.3 to 3.4.1 in /offlinedocs (#15694)
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-12-03 13:25:38 +05:00
148a5a3593 fix: fix goroutine leak in log streaming over websocket (#15709)
fixes #14881

Our handlers for streaming logs don't read from the websocket. We don't allow the client to send us any data, but the websocket library we use requires reading from the websocket to properly handle pings and closing. Not doing so can [can cause the websocket to hang on write](https://github.com/coder/websocket/issues/405), leaking go routines which were noticed in #14881.

This fixes the issue, and in process refactors our log streaming to a encoder/decoder package which provides generic types for sending JSON over websocket.

I'd also like for us to upgrade to the latest https://github.com/coder/websocket but we should also upgrade our tailscale fork before doing so to avoid including two copies of the websocket library.
2024-12-03 10:12:30 +04:00
e4f6c9ac15 chore: upgrade storybook (#15720) 2024-12-02 15:59:19 -07:00
0ea76637af fix(dogfood): downgrade containerd.io to work around containerd DinD issue (#15723)
ref: https://github.com/nestybox/sysbox/issues/879
2024-12-02 22:51:49 +00:00
0c541c977e chore(cli): fix test flake introduced by #15688 (#15724) 2024-12-02 22:11:42 +00:00
e21a301682 fix: make GetWorkspacesEligibleForTransition return even less false positives (#15594)
Relates to https://github.com/coder/coder/issues/15082

Further to https://github.com/coder/coder/pull/15429, this reduces the
amount of false-positives returned by the 'is eligible for autostart'
part of the query. We achieve this by calculating the 'next start at'
time of the workspace, storing it in the database, and using it in our
`GetWorkspacesEligibleForTransition` query.

The prior implementation of the 'is eligible for autostart' query would
return _all_ workspaces that at some point in the future _might_ be
eligible for autostart. This now ensures we only return workspaces that
_should_ be eligible for autostart.

We also now pass `currentTick` instead of `t` to the
`GetWorkspacesEligibleForTransition` query as otherwise we'll have one
round of workspaces that are skipped by `isEligibleForTransition` due to
`currentTick` being a truncated version of `t`.
2024-12-02 21:02:36 +00:00
2b57dcc68c feat(coderd): add matched provisioner daemons information to more places (#15688)
- Refactors `checkProvisioners` into `db2sdk.MatchedProvisioners`
- Adds a separate RBAC subject just for reading provisioner daemons
- Adds matched provisioners information to additional endpoints relating to
  workspace builds and templates
-Updates existing unit tests for above endpoints
-Adds API endpoint for matched provisioners of template dry-run job
-Updates CLI to show warning when creating/starting/stopping/deleting
 workspaces for which no provisoners are available

---------

Co-authored-by: Danny Kopping <danny@coder.com>
2024-12-02 20:54:32 +00:00
7e1ac2e22b feat(site): show license utilization in general settings (#15683)
This PR is the first iteration towards #15297

We cannot yet show license utilization over time, so we show current
license utilization.
This is because we don't track user states over time. We only track the
current user state. A graph over time filtering by active users would
therefore not account for day to day changes in user state and be
inaccurate.
DB schema migrations and related updates will follow that allow us to
show license utilization over time.


![image](https://github.com/user-attachments/assets/91bd6e8c-e74c-4ef5-aa6b-271fd245da37)

---------

Co-authored-by: ケイラ <mckayla@hey.com>
2024-12-02 21:27:43 +02:00
d5d306f01d chore: bump @types/node from 20.17.6 to 20.17.9 in /offlinedocs (#15695) 2024-12-02 11:36:08 -07:00
372d26a6b0 chore: update release calendar to correct duplicate security support version (#15718) 2024-12-02 12:06:09 -06:00
b06d833012 docs: improve dev containers documentation for user start-up (#15458)
- [x] TODO: verify and expand [What is an image, template, devcontainer,
or
workspace](https://coder.com/docs/@bp-dev-containers/admin#what-is-an-image-template-devcontainer-or-workspace)
- [x] TODO: verify and expand `## Add a devcontainer template to Coder`
- [x] TODO: verify and expand `## Layer and image caching`
- [x] TODO: link to and edit
[dotfiles](https://coder.com/docs/user-guides/workspace-dotfiles) doc
- [x] TODO:
https://github.com/coder/coder/pull/15458/files#diff-be0dd9ff983020129c7a94c628a0fc4a397a9bbc8b5eec92ec38f4b8c83fe167R10


[preview](https://coder.com/docs/@bp-dev-containers/admin/templates/managing-templates/devcontainers)

---------

Co-authored-by: EdwardAngert <17991901+EdwardAngert@users.noreply.github.com>
Co-authored-by: Cian Johnston <cian@coder.com>
Co-authored-by: Ben Potter <ben@coder.com>
Co-authored-by: Edward Angert <2408959-EdwardAngert@users.noreply.gitlab.com>
Co-authored-by: Muhammad Atif Ali <atif@coder.com>
2024-12-02 09:19:04 -08:00
19ec6af2ad fix(dogfood): revert enabling process priority management for dogfood (#15713)
This reverts commit b08238c8db.
2024-12-02 13:22:10 +00:00
c47e7afae0 chore: bump prettier from 3.3.3 to 3.4.1 in /site (#15706)
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-12-02 15:00:35 +05:00
694b4e0d3e feat(dogfood/contents): set coder_workspace_tags in dogfood template (#15653)
* Sets `coder_workspace_tags` on our dogfood template to target new tagged provisioner deployment added in coder/dogfood#103
2024-12-02 09:17:40 +00:00
abb3df7e35 fix(site): avoid constructing invalid apps url (#15711)
In Firefox, parsing a URL containing a `*` returns an error:
```
new URL("https://*--apps.sydney.fly.dev.coder.com") 
```
```
Uncaught TypeError: URL constructor: https://*--apps.sydney.fly.dev.coder.com is not a valid URL.
    <anonymous> debugger eval code:1
```

In Chrome and Node, this same URL does not produce an error.

This causes a workspace dashboard with apps to fail to load on Firefox.

![image](https://github.com/user-attachments/assets/eeea4fe5-3759-432b-b7ce-22dfad5f8218)
2024-12-02 08:45:38 +00:00
3014713c47 fix(cli): handle version mismatch re MatchedProvisioners response (#15682)
* Modifies `MatchedProvisioners` response of `codersdk.TemplateVersion`
to be a pointer
* CLI now checks for absence of `*MatchedProvisioners` before showing
warning regarding provisioners
* Extracts logic for warning about provisioners to a function
* Improves test coverage for CLI template push with
`coder_workspace_tags`.
2024-11-29 19:45:58 +00:00
0b4eb8bafc feat(examples/templates/gcp-devcontainer): promote module usage (#15549) 2024-11-29 18:27:46 +05:00
68dc820a7c feat(examples/templates/devcontainer-docker): promote module usage (#15544) 2024-11-29 18:23:36 +05:00
56c792ab52 feat(site): warn on provisioner health during builds (#15589)
This PR adds warning alerts to log drawers for templates and template
versions. warning alerts for workspace builds to follow in a subsequent
PR. Phrasing to be finalised. Stories added and manually verified. See
screenshots below.

Updating a template version with no provisioners:
<img width="1250" alt="Screenshot 2024-11-27 at 11 06 28"
src="https://github.com/user-attachments/assets/47aa0940-57a8-44e1-b9a3-25a638fa2c8d">
Build Errors for template versions now show tags as well:
<img width="1250" alt="Screenshot 2024-11-27 at 11 07 01"
src="https://github.com/user-attachments/assets/566e5339-0fe1-4cf7-8eab-9bf4892ed28a">
Updating a template version with provisioners that are busy or
unresponsive:
<img width="1250" alt="Screenshot 2024-11-27 at 11 06 40"
src="https://github.com/user-attachments/assets/71977c8c-e4ed-457f-8587-2154850e7567">
Creating a new template with provisioners that are busy or unresponsive:
<img width="819" alt="Screenshot 2024-11-27 at 11 08 55"
src="https://github.com/user-attachments/assets/bda11501-b482-4046-95c5-feabcd1ad7f5">
Creating a new template when there are no provisioners to do the build:
<img width="819" alt="Screenshot 2024-11-27 at 11 08 45"
src="https://github.com/user-attachments/assets/e4279ebb-399e-4c6e-86e2-ead8f3ac7605">
2024-11-28 16:58:32 +02:00
74f7961018 chore(agent/agentexec): fix flake in agent/agentexec test (#15681)
Should hopefully fix https://github.com/coder/internal/issues/233
2024-11-28 14:28:10 +00:00
a16f877c5b fix: update portforward storybook tests to include host (#15680) 2024-11-28 15:22:36 +02:00
ef09b51912 fix(coderd): extract provisionerdserver.StaleInterval to 90 seconds (#15643)
Follow-up from https://github.com/coder/coder/pull/15578

Extracts `provisionerdserver.StaleInterval` and sets it to 90 seconds by
default
2024-11-28 12:57:43 +00:00
7a7db9f4ad feat(examples/templates/gcp-windows): add GCP region module (#15552) 2024-11-28 14:12:36 +05:00
56eb72236e feat(examples/templates/docker): switch code-server to a module and add jetbrains module (#15547) 2024-11-28 11:00:58 +05:00
946328f36e feat(examples/templates/gcp-linux): add GCP region, code-server and JetBrains Gateway modules (#15550) 2024-11-28 10:13:21 +05:00
ba91a95f77 feat(examples/templates/gcp-vm-container): add GCP region selector, code-server and JetBrains modules (#15551) 2024-11-28 09:25:12 +05:00
ffb0ebb5b6 fix: use url-parse for url construction (#15670)
This fixes some CodeQL-flagged issues. They're not real issues but the
refactor is small and it'll keep the analysis tools quiet.
2024-11-27 23:52:11 +02:00
40f12aeca3 chore: update group and role sync notes (#15658) 2024-11-27 14:39:03 -07:00
24d44b4518 fix: add additional context to agent exec errors (#15676) 2024-11-27 21:29:08 +02:00
b830c05e3e chore: track usage of built-in example templates (#15671)
Addresses https://github.com/coder/nexus/issues/99.

Changes:
- Save the id of the built-in example template used to create a template
version in the database
- Include the example id in telemetry
2024-11-27 20:01:08 +01:00
b08238c8db chore: enable process priority management for dogfood (#15674) 2024-11-27 20:43:56 +02:00
1f238fed59 feat: integrate new agentexec pkg (#15609)
- Integrates the `agentexec` pkg into the agent and removes the
legacy system of iterating over the process tree. It adds some linting
rules to hopefully catch future improper uses of `exec.Command` in the package.
2024-11-27 20:12:15 +02:00
45d9274aca chore: disable parallelization when running security action (#15666)
- `make -j` appears to be broken for clean builds
2024-11-26 23:35:51 +02:00
a9195bfe74 docs: add Amazon DCV Windows module to guides (#15610) 2024-11-26 21:41:22 +05:00
35594bb7fd chore: update testify to v1.9.0 in go.sum (#15662) 2024-11-26 12:41:20 +00:00
84395730dc chore: bump github.com/mocktools/go-smtp-mock/v2 from 2.3.0 to 2.4.0 (#15644)
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-11-26 16:26:59 +05:00
0239507ee2 chore: bump github.com/gohugoio/hugo from 0.138.0 to 0.139.2 (#15646)
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-11-26 16:26:08 +05:00
db6d345516 chore: bump github.com/coder/serpent from 0.9.0 to 0.10.0 (#15645)
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-11-26 16:25:26 +05:00