Relates to https://github.com/coder/coder/issues/15894:
- Adds `coderdenttest.NewExternalProvisionerDaemonTerraform`
- Adds integration-style test coverage for creating a workspace with
`coder_workspace_tags` specified in `main.tf`
- Modifies `coderd/wsbuilder` to fetch template version variables and
includes them in eval context for evaluating `coder_workspace_tags`
> We do not use Tailscale (product) but instead import Tailscale OSS
libraries which has some nice ways of handling Wireguard. We also use
Tailscale's logo in our architecture, but calling it only `Tailscale`
seems to throw people off when they're considering Coder and how it
works.
I've left it wherever it seems to make sense (such as when we talk about
[DERP](https://coder.com/docs/admin/networking#relayed-connections)),
and sprinkled some `Wireguard` and `websocket/HTTPS` where I could
This PR makes the dogfood template use `dev.registry.coder.com` for its
terraform module registry. I think this should be the state going
forward so that every new deployment of the registry gets a small amount
of dogfooding before going live.
- Fixes an issue where an init function
causes writes to the terminal when using `agent-exec` which results in raw
ansi characters being printed to the web terminal.
- Was also causing significant latency in launching a web terminal
Value of `.dockerconfigjson` in kubernetes_secret datasource is already
decoded, so I encode it again to avoid error for
`ENVBUILDER_DOCKER_CONFIG_BASE64`
Fixes a flake seen in
https://github.com/coder/coder/actions/runs/12346801529/job/34452940351
It's possible but exceedingly rare for the randomly generated username
to be exactly 32 characters.
Then, appending a `1` to that username causes the username to be invalid
and the test to fail. Instead of appending we'll just generate a new
username that is <=32 characters.
The `UpdateSelf` subtest has the same appending, but uses a fixed
username that is less than 32 characters, so it doesn't need to be
changed.
When Coder is ran in High Availability mode, each Coder instance has a
lifecycle executor. These lifecycle executors are all trying to do the
same work, and whilst transactions saves us from this causing an issue,
we are still doing extra work that could be prevented.
This PR adds a `TryAcquireLock` call for each attempted workspace
transition, meaning two Coder instances shouldn't duplicate effort.
When creating, starting, stopping or otherwise mutating a workspace, we
used to erroneously and briefly display a provisioner health warning
alert. This PR updates the component to only display this warning if the
build is pending, not "starting" or any other state that means a
provisioner has already acquired the job.
Closes https://github.com/coder/internal/issues/148
This has been validated to have working proxies with the `small`
scenario.
- [x] multi-region gcp infrastructure
- [x] use cloudflare provider to automate dns entries
- [x] automate proxy registration
- [x] multi-regional proxies
- [x] move scenarios into locals
This excludes the infrastructure for `cert-manager` and `otel-collector`
and those will be included in followup PRs.
When calculating the queue position in
`GetProvisionerJobsByIDsWithQueuePosition` we only counted jobs with
`started_at = NULL`. This is misleading, as it allows canceling or
canceled jobs to take up rows in the computed queue position, giving an
impression that the queue is larger than it really is.
This modifies the query to also exclude jobs with a null `canceled_at`,
`completed_at`, or `error` field for the purposes of calculating the
queue position, and also adds a test to validate this behaviour.
(Note: due to the behaviour of `dbgen.ProvisionerJob` with `dbmem` I had
to use other proxy methods to validate the corresponding dbmem
implementation.)
---------
Co-authored-by: Mathias Fredriksson <mafredri@gmail.com>
For some reason we were building the dylib on any code changes, now it's
just Go (and CI) changes - using the same condition that `go-test` uses.
`if: needs.changes.outputs.go == 'true' || needs.changes.outputs.ci ==
'true' || github.ref == 'refs/heads/main'`
The main check ensures that it's always run before `build` is run.
when creating a headless user, the linked documentation sent users to
the `Disable password auth` page, instead of the headless user
documentation. this PR corrects the typescript.
This PR introduces a new prometheus metrics for
`workspace_build_timing_seconds`, which specifically reports workspace
build times. To reduce cardinality, this metrics excludes
`workspace_name` and `workspace_owner` that are present on the
`workspace_builds_total` metrics.
