Commit Graph

2146 Commits

Author SHA1 Message Date
42e2a4150c fix(coderd): improve workspace tests (#15069)
With [a recent PR](https://github.com/coder/coder/pull/14923) we
introduced [new
tests](https://github.com/coder/coder/pull/14923/files#diff-81081239b93aaa61eb8d180a5f9870fda8f0ab5cb4c6727d9d1636aa933e597b)
that - while running in parallel to the existing ones - are failing.

This PR is a quick proposal to fix it - tested in local and in the CI to
unblock the situation. We can ignore it to work on a longer term
solution if preferred.
2024-10-15 16:30:38 +02:00
b8420ecaaf test(coderd): fix flake on TestWorkspaceBuildTimings (#15077)
Fix https://github.com/coder/coder/issues/15073
2024-10-15 09:43:39 -03:00
208ed1efd7 chore(coderd/notifications): expand golden file testing for notifications (#15032)
This PR aims to close https://github.com/coder/coder/issues/14913.

It expands the golden files for the notifier to include the entire
payload serialised as JSON.
2024-10-14 12:34:32 +00:00
9c8ecb82a3 feat(coderd): return agent script timings (#14923)
Add the agent script timings into the
`/workspacebuilds/:workspacebuild/timings` response.

Close https://github.com/coder/coder/issues/14876
2024-10-14 09:31:03 -03:00
9d02269191 feat(coderd/notifications): improve notification format consistency (#14967)
This Pull request addresses the more trivial items in
https://github.com/coder/coder/issues/14893.
These were simple formatting changes that I was able to fix despite
limited context.

Some more changes are required for which I will have to dig a bit deeper
into how the template contexts are populated. I'm happy to add those to
this PR or create a subsequent PR.
2024-10-09 17:31:12 -05:00
6bf73a5964 fix(coderd): move test location to ignore Australia time saving error (#15013)
A test is currently failing because it relies on Sidney Tz.

from the internet : 

```
Daylight Saving Time begins at 2 am (AEST) on the first Sunday in October and ends at 3 am (Australian Eastern Daylight Time) on the first Sunday in April.
```

Due to that - there's one hour missing in the tests - and the test `6
days are acceptable` is failing.

Changing to another timezone to fix the situation, it would require a
longer-term solution or making sure it cannot happen anymore.
2024-10-07 21:10:01 +02:00
288df75686 fix: serialize updateEntitlements() (#14974)
fixes #14961

Adding the license and updating entitlements is flaky, especially at the start of our `coderdent` testing because, while the actual modifications to the `entitlements.Set` were threadsafe, we could have multiple goroutines reading from the database and writing to the set, so we could end up writing stale data.

This enforces serialization on updates, so that if you modify the database and kick off an update, you know the state of the `Set` is at least as fresh as your database update.
2024-10-05 06:58:43 +04:00
4369f2b4b5 feat: implement api for "forgot password?" flow (#14915)
Relates to https://github.com/coder/coder/issues/14232

This implements two endpoints (names subject to change):
- `/api/v2/users/otp/request`
- `/api/v2/users/otp/change-password`
2024-10-04 11:53:25 +01:00
7d9f5ab81d chore: add Coder service prefix to tailnet (#14943)
re: #14715

This PR introduces the Coder service prefix: `fd60:627a:a42b::/48` and refactors our existing code as calling the Tailscale service prefix explicitly (rather than implicitly).

Removes the unused `Addresses` agent option. All clients today assume they can compute the Agent's IP address based on its UUID, so an agent started with a custom address would break things.
2024-10-04 10:04:10 +04:00
68ec532ca7 feat: add jwt pkg (#14928)
- Adds a `jwtutils` package to be shared amongst the various
packages in the codebase that make use of JWTs. It's intended to help us
standardize on one library instead of some implementations using
`go-jose` and others using `golang-jwt`.

The main reason we're converging on `go-jose` is due to its support for
JWEs, `golang-jwt` also has a repo to handle it but it doesn't look
maintained: https://github.com/golang-jwt/jwe
2024-10-03 21:09:52 -05:00
zx
d0a8424819 feat: remove dark blue theme (#14890) 2024-10-02 09:30:33 -06:00
0aa84b18a1 feat: expose Markdown fields in webhook payload (#14931)
Fixes: https://github.com/coder/coder/issues/14930
2024-10-02 15:38:22 +02:00
21b92ef893 feat: add cache abstraction for fetching signing keys (#14777)
- Adds the database implementation for fetching and caching keys
used for JWT signing. It's been merged into the `keyrotate` pkg and
renamed to `cryptokeys` since they're coupled concepts.
2024-10-01 11:04:51 -05:00
11f7b1b3f5 chore: remove notifications experiment (#14869)
Notifications have proved stable in the [mainline release of
v2.15](https://github.com/coder/coder/releases/tag/v2.15.0), and in
preparation for v2.16 we're moving this to stable.
2024-10-01 13:43:47 +00:00
3f79022848 test: ignore log errors (#14892)
Fixes: https://github.com/coder/coder/issues/14891
2024-10-01 12:38:50 +02:00
2a3a00cf82 fix: remove redundant flaking test (#14888) 2024-10-01 09:01:24 +00:00
33988fedcd chore: allow user admins to configure idp sync (#14861) 2024-09-27 14:07:15 -05:00
2c8b264d78 chore: remove multi-organization and custom role experiment (#14862)
Closes https://github.com/coder/coder/issues/14704

---------

Co-authored-by: Kayla Washburn-Love <mckayla@hey.com>
2024-09-27 14:06:16 -05:00
5cc5bbea04 fix: improve provisioner key cli usability (#14834)
What this changes:
- Unhides the `--key` flag on provisioner start
- Deprecates and hides `provisionerd` command group in favor of
`provisioner(s)`
- Removes org id from `coder provisioner keys list`
2024-09-27 10:34:41 -05:00
3fdeaf7b24 feat: add endpoint for fetching workspace proxy keys (#14789) 2024-09-26 21:01:49 +01:00
5c977c6be7 chore: rename 'first-organization' to 'coder' (#14808)
Rename the first-organization original name. Users can change from the
original name.
2024-09-26 13:20:44 -05:00
3894bab038 chore: include error detail for ui error display (#14837)
Not including an error detail asks the user to check the dev console.
Which is unhelpful in this expected situation
2024-09-26 11:48:50 -05:00
9ef9044d9c chore: remove read all provisioners from users (#14801)
* chore: remove read all provisioners from users

Reading provisioner daemons now extends from org member,
not site wide member.

* update rbac perm test
* add unit test
2024-09-25 15:38:58 -05:00
575925c050 feat: add one time passcode columns to users table (#14797) 2024-09-25 17:46:51 +01:00
ae522c558d feat: add agent timings (#14713)
* feat: begin impl of agent script timings

* feat: add job_id and display_name to script timings

* fix: increment migration number

* fix: rename migrations from 251 to 254

* test: get tests compiling

* fix: appease the linter

* fix: get tests passing again

* fix: drop column from correct table

* test: add fixture for agent script timings

* fix: typo

* fix: use job id used in provisioner job timings

* fix: increment migration number

* test: behaviour of script runner

* test: rewrite test

* test: does exit 1 script break things?

* test: rewrite test again

* fix: revert change

Not sure how this came to be, I do not recall manually changing
these files.

* fix: let code breathe

* fix: wrap errors

* fix: justify nolint

* fix: swap require.Equal argument order

* fix: add mutex operations

* feat: add 'ran_on_start' and 'blocked_login' fields

* fix: update testdata fixture

* fix: refer to agent_id instead of job_id in timings

* fix: JobID -> AgentID in dbauthz_test

* fix: add 'id' to scripts, make timing refer to script id

* fix: fix broken tests and convert bug

* fix: update testdata fixtures

* fix: update testdata fixtures again

* feat: capture stage and if script timed out

* fix: update migration number

* test: add test for script api

* fix: fake db query

* fix: use UTC time

* fix: ensure r.scriptComplete is not nil

* fix: move err check to right after call

* fix: uppercase sql

* fix: use dbtime.Now()

* fix: debug log on r.scriptCompleted being nil

* fix: ensure correct rbac permissions

* chore: remove DisplayName

* fix: get tests passing

* fix: remove space in sql up

* docs: document ExecuteOption

* fix: drop 'RETURNING' from sql

* chore: remove 'display_name' from timing table

* fix: testdata fixture

* fix: put r.scriptCompleted call in goroutine

* fix: track goroutine for test + use separate context for reporting

* fix: appease linter, handle trackCommandGoroutine error

* fix: resolve race condition

* feat: replace timed_out column with status column

* test: update testdata fixture

* fix: apply suggestions from review

* revert: linter changes
2024-09-24 10:51:49 +01:00
b8944074c4 chore: improve coder server ux (#14761) 2024-09-24 13:16:36 +10:00
86f68b220e feat: add 'display_name' column to 'workspace_agent_scripts' (#14747)
* feat: add 'display_name' column to 'workspace_agent_scripts'

* fix: backfill from workspace_agent_log_sources

* fix: run 'make gen'
2024-09-20 14:26:13 +01:00
2d5c068525 feat: implement key rotation system (#14710) 2024-09-19 19:12:44 +01:00
922f4c545f fix: handle new agent stat format correctly (#14576)
---------

Co-authored-by: Ethan Dickson <ethan@coder.com>
2024-09-20 01:52:14 +10:00
37885e2e82 fix: make cli respect deployment --docs-url (#14568) 2024-09-18 21:47:53 +10:00
20a3801600 fix: use floats in report template (#14714) 2024-09-18 11:26:34 +00:00
fccf6f1e0e feat!: add --default-token-lifetime (#14631) 2024-09-18 21:23:42 +10:00
6de59371ea feat: notifications: report failed workspace builds (#14571) 2024-09-18 09:11:44 +02:00
1e5438eadb feat: remove user from groups on org membership delete (#14701)
* feat: remove user from groups on org membership delete

Groups inherently provide authz access to certain resources. If a
user is removed from an organization, they should be removed
from all their groups in said organization.
2024-09-17 19:41:34 -05:00
45160c7679 feat: add schema for key rotation (#14662) 2024-09-17 18:08:18 +01:00
45420b95f3 chore: allow removing users from the default org (#14699)
* chore: allow removing users from the default org

Removed as no longer in experimental
2024-09-17 10:42:47 -05:00
ce21b2030a feat: implement patch and get api methods for role sync (#14692)
* feat: implement patch and get api methods for role sync
2024-09-17 10:38:42 -05:00
370f0b9020 fix(coderd): check if timings can be read (#14697) 2024-09-17 10:57:57 -03:00
ff1eabebe5 feat: add SCIM support for multi-organization (#14691)
* chore: use legacy "AssignDefault" option for legacy behavior in SCIM (#14696)
* chore: reference legacy assign default option for legacy behavior

AssignDefault is a boolean flag mainly for single org and legacy
deployments. Use this flag to determine SCIM behavior.

---------

Co-authored-by: Steven Masley <Emyrk@users.noreply.github.com>
2024-09-17 00:17:38 +00:00
71393743dc feat: implement organization role sync (#14649)
* chore: implement organization and site wide role sync in idpsync
* chore: remove old role sync, insert new idpsync package
2024-09-16 19:03:25 -05:00
335eb05223 feat: add keys to organization provision daemons (#14627) 2024-09-16 20:02:08 +00:00
705b9ccda8 feat(coderd): add workspace timings endpoint (#14648) 2024-09-16 16:31:05 -03:00
c330af0e4d chore: add group_ids filter to /groups endpoint (#14688)
Allow filtering groups by IDs.
2024-09-16 13:01:46 -05:00
5ed065d88d feat: get and update group IdP Sync settings (#14647)
---------

Co-authored-by: Steven Masley <stevenmasley@gmail.com>
2024-09-16 12:01:37 -05:00
f5601cd783 chore: bump golang.org/x/oauth2 from 0.22.0 to 0.23.0 in the x group across 1 directory (#14669)
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-09-13 19:43:35 +05:00
6a846cdbb8 chore: support multi-org group sync with runtime configuration (#14578)
- Implement multi-org group sync
- Implement runtime configuration to change sync behavior
- Legacy group sync migrated to new package
2024-09-11 13:43:50 -05:00
3301212972 feat: turn off notification via email (#14520) 2024-09-11 11:10:24 -03:00
5bd19f8ba3 fix: fix flake in TestWorkspaceAgentClientCoordinate_ResumeToken (#14642)
fixes #14365

I bet what's going on is that in `connectToCoordinatorAndFetchResumeToken()` we call `Coordinate()`, send a message on the `Coordinate` client and then close it in rapid succession. We don't wait around for a response from the coordinator, so dRPC is likely aborting the call `Coordinate()` in the backend because the stream is closed before it even gets a chance.

Instead of using the Coordinator to record the peer ID assigned on the API call, we can wrap the resume token provider, since we call that API _and_ wait for a response. This also affords the opportunity to directly assert we get called with the right token.
2024-09-11 16:32:47 +04:00
914f35a3a3 chore: document RBAC usage (#14065) 2024-09-10 15:15:30 +00:00
328e69629c fix: limit OAuth redirects to local paths (#14585)
- This prevents a malicious user from crafting a redirect
  URL to a nefarious site under their control.
2024-09-10 15:58:50 +01:00