* chore: Separate the provisionerd server into it's own package
This code should be thoroughly tested now that we understand the abstraction.
I separated it to make our lives a bit easier for external provisioner daemons
as well!
* Add tests
* Add workspace builds
* Add test for workspace resources
* feat: Make workspace watching realtime instead of polling
This was leading to performance issues on the frontend, where
the page should only be rendered if changes occur. While this
could be changed on the frontend, it was always the intention
to make this socket ~realtime anyways.
* Fix workspace tests waiting, erroring on workspace update, and add comments to workspace events
The goroutine launched by `ServerSentEventSender` can perform a write
and flush after the calling http handler has exited, at this point the
resources (e.g. `http.ResponseWriter`) are no longer safe to use.
To work around this issue, heartbeats and sending events are now handled
by the goroutine which signals its closure via a channel. This allows
the calling handler to ensure it is kept alive until it's safe to exit.
Fixes#4807
* Start - still needs api call changes
* Some xservice changes
* Finish adding count to xservice
* Mock out api call on frontend
* Handle errors
* Doctor getWorkspaces
* Add types, start writing count function
* Hook up route
* Use empty page struct
* Write interface and database fake
* SQL query
* Fix params type
* Missed a spot
* Space after alert banner
* Fix model queries
* Unpack query correctly
* Fix filter-page interaction
* Make mobile friendly
* Format
* Test backend
* Fix key
* Delete unnecessary conditional
* Add test helpers
* Use limit constant
* Show widget with no count
* Add test
* Format
* make gen from garretts workspace idk why
* fix authorize test'
* Hide widget with 0 records
* Fix tests
* Format
* Fix types generated
* Fix story
* Add alert banner story
* Format
* Fix import
* Format
* Try removing story
* Revert "Fix story"
This reverts commit c06765b7fb.
* Add counts to page view story
* Revert "Try removing story"
This reverts commit 476019b041.
Co-authored-by: Garrett <garrett@coder.com>
- As part of merging support for Template RBAC
and user groups a permission check on reading files
was relaxed.
With the addition of admin roles on individual templates, regular
users are now able to push template versions if they have
inherited the 'admin' role for a template. In order to do so
they need to be able to create and read their own files. Since
collisions on hash in the past were ignored, this means that a regular user
who pushes a template version with a file hash that collides with
an existing hash will not be able to read the file (since it belongs to
another user).
This commit fixes the underlying problem which was that
the files table had a primary key on the 'hash' column.
This was not a problem at the time because only template
admins and other users with similar elevated roles were
able to read all files regardless of ownership. To fix this
a new column and primary key 'id' has been introduced to the files
table. The unique constraint has been updated to be hash+created_by.
Tables (provisioner_jobs) that referenced files.hash have been updated
to reference files.id. Relevant API endpoints have also been updated.
* Refactor workspaces xservice
* Remove layout comment
* Format
* Add comments
* Add running workspaces filter to frontend
* Start on backend - add status to filter
* Update sql and add test - wip
* Attempt to unconvert status for easier querying
* Fix syntax
* Join jobs table, untested
* sql
* Add Status to GetAuthorizedWorkspaces
* Update job tests to have canceled time
* fmt
* add status filter to database fake
Co-authored-by: Colin Adler <colin1adler@gmail.com>
* feat: Convert rego queries into SQL clauses
* Fix postgres quotes to single quotes
* Ensure all test cases can compile into SQL clauses
* Do not export extra types
* Add custom query with rbac filter
* First draft of a custom authorized db call
* Add comments + tests
* Support better regex style matching for variables
* Handle jsonb arrays
* Remove auth call on workspaces
* Fix PG endpoints test
* Match psql implementation
* Add some comments
* Remove unused argument
* Add query name for tracking
* Handle nested types
This solves it without proper types in our AST.
Might bite the bullet and implement some better types
* Add comment
* Renaming function call to GetAuthorizedWorkspaces
This also changes the status to be on the workspace build, since
that's where the true value is calculated. This exposed a bug where
jobs could never enter the canceled state unless fetched by a
provisioner daemon, which was nice to fix!
See: https://github.com/coder/coder/actions/runs/3175304200/jobs/5173479506
* chore: Refactor Enterprise code to layer on top of AGPL
This is an experiment to invert the import order of the Enterprise
code to layer on top of AGPL.
* Fix Garrett's comments
* Add pointer.Handle to atomically obtain references
This uses a context to ensure the same value persists through
multiple executions to `Load()`.
* Remove entitlements API from AGPL coderd
* Remove AGPL Coder entitlements endpoint test
* Fix warnings output
* Add command-line flag to toggle audit logging
* Fix hasLicense being set
* Remove features interface
* Fix audit logging default
* Add bash as a dependency
* Add comment
* Add tests for resync and pubsub, and add back previous exp backoff retry
* Separate authz code again
* Add pointer loading example from comment
* Fix duplicate test, remove pointer.Handle
* Fix expired license
* Add entitlements struct
* Fix context passing
This PR makes the following changes:
- enforces lower and upper limits on template `max_ttl_ms`
- adds a migration to enforce 7-day cap on `max_ttl`
- allows setting template `max_ttl` to 0
- updates template edit CLI help to be clearer
This removes the last built by column from the page. It seemed
cluttered to have both on the page, and is simple enough to
click on the workspace to see additional info.
- Rewrites some error messages to better integrate with the frontend (ttl_ms -> time until shutdown)
- Makes codersdk.ValidationError implement the error interface
- Only return validations if the error was a validation error, return detail otherwise (e.g. database error)
- make default template max TTL 24 hours (still less than 168)
- make default workspace autostop 2 hours unless specified otherwise
- add instance type selector to aws templates
* add reason field for workspace build
* add the reason field to FE via API
* update BuildReasonMember to BuildReasonInitiator
* add unit tests
* add more unit tests
* add error for unknown transition
* fix lint
* add documentation
* fix unit tests
* fix generated types
* remove nested transaction
* rename migration file
* feat: Add anonymized telemetry to report product usage
This adds a background service to report telemetry to a Coder
server for usage data. There will be realtime event data sent
in the future, but for now usage will report on a CRON.
* Fix flake and requested changes
* Add reporting options for setup
* Add reporting for workspaces
* Add resources as they are reported
* Track API key usage
* Ensure telemetry is tracked prior to exit
This PR makes the following changes:
- coderd: /api/v2/workspaces/:workspace/extend now accepts any time at least 30 minutes in the future.
- coder bump command also allows the above. Some small copy changes to command.
- coder bump now actually enforces template-level maxima.
This commit makes the following changes:
- Partially reverts the changes of feat: update workspace deadline when workspace ttl updated #2165, making the deadline of a running workspace build independant of TTL, once started.
- CLI: updating a workspace TTL no longer updates the deadline of the workspace.
- UI: updating a workspace TTL no longer updates the deadline of the workspace.
- Drive-by: API: When creating a workspace, default TTL to min(12 hours, template max_ttl) if not instructed otherwise.
- Drive-by: CLI: list: measure workspace extension correctly (+X in last column) from the time the provisioner job was completed
- Drive-by: WorkspaceSchedule: show timezone of schedule if it is set, defaulting to dayjs guess otherwise.
- Drive-by: WorkspaceScheduleForm: fixed an issue where deleting the "TTL" value in the form would show the text "Your workspace will shut down a few seconds after start".
* feat: add support for template in workspace filter
* feat: Implement workspace search filter to support names
* Use new query param parser for pagination fields
* Remove excessive calls, use filters on a single query
Co-authored-by: Garrett <garrett@coder.com>
This commit adds the following changes to workspace scheduling behaviour:
* CLI: updating a workspace TTL updates the deadline of the workspace.
* If the TTL is being un-set, the workspace deadline is set to zero.
* If the TTL is being set, the workspace deadline is updated to be the last updated time of the workspace build plus the requested TTL. Additionally, the user is prompted to confirm interactively (can be bypassed with -y).
* UI: updating the workspace schedule behaves similarly to the CLI, showing a message to the user if the updated TTL/time to shutdown would effect changes to the lifetime of the running workspace.
