8abca9bea7
chore: rename git_auth to external_auth in our schema ( #9935 )
...
* chore: rename `git_auth` to `external_auth` in our schema
We're changing Git auth to be external auth. It will support
any OAuth2 or OIDC provider.
To split up the larger change I want to contribute the schema
changes first, and I'll add the feature itself in another PR.
* Fix names
* Fix outdated view
* Rename some additional places
* Fix sort order
* Fix template versions auth route
* Fix types
* Fix dbauthz
2023-09-29 19:13:20 +00:00
92308bec3b
chore: color value_source for deployment values ( #9922 )
...
* chore: Return populated options vs a blank
* Strip secret values
2023-09-29 12:04:28 -05:00
375c70d141
feat: integrate Acquirer for provisioner jobs ( #9717 )
...
* chore: add Acquirer to provisionerdserver pkg
Signed-off-by: Spike Curtis <spike@coder.com >
* code review improvements & fixes
Signed-off-by: Spike Curtis <spike@coder.com >
* feat: integrate Acquirer for provisioner jobs
Signed-off-by: Spike Curtis <spike@coder.com >
* Fix imports, whitespace
Signed-off-by: Spike Curtis <spike@coder.com >
* provisionerdserver always closes; remove poll interval from playwright
Signed-off-by: Spike Curtis <spike@coder.com >
* post jobs outside transactions
Signed-off-by: Spike Curtis <spike@coder.com >
* graceful shutdown in test
Signed-off-by: Spike Curtis <spike@coder.com >
* Mark AcquireJob deprecated
Signed-off-by: Spike Curtis <spike@coder.com >
* Graceful shutdown on all provisionerd tests
Signed-off-by: Spike Curtis <spike@coder.com >
* Deprecate, not remove CLI flags
Signed-off-by: Spike Curtis <spike@coder.com >
---------
Signed-off-by: Spike Curtis <spike@coder.com >
2023-09-19 10:25:57 +04:00
38560dd922
chore: remove coder trace telemetry ( #9677 )
2023-09-14 02:20:28 -04:00
11b6068112
feat: add support for networked provisioners ( #9593 )
...
* Refactor provisionerd to use interface to connect to provisioners
Signed-off-by: Spike Curtis <spike@coder.com >
* feat: add support for networked provisioners
Signed-off-by: Spike Curtis <spike@coder.com >
* fix token length and linting
Signed-off-by: Spike Curtis <spike@coder.com >
---------
Signed-off-by: Spike Curtis <spike@coder.com >
2023-09-08 09:53:48 +00:00
dd97fe2bce
chore(cli): replace lipgloss with coder/pretty ( #9564 )
...
This change will improve over CLI performance and "snappiness" as well as
substantially reduce our test times. Preliminary benchmarks show
`coder server --help` times cut from 300ms to 120ms on my dogfood
instance.
The inefficiency of lipgloss disproportionately impacts our system, as all help
text for every command is generated whenever any command is invoked.
The `pretty` API could clean up a lot of the code (e.g., by replacing
complex string concatenations with Printf), but this commit is too
expansive as is so that work will be done in a follow up.
2023-09-07 16:28:22 -05:00
7d7c84bb4d
feat(coderd): connect dbcrypt package implementation ( #9523 )
...
See also: https://github.com/coder/coder/pull/9522
- Adds commands `server dbcrypt {rotate,decrypt,delete}` to re-encrypt, decrypt, or delete encrypted data, respectively.
- Plumbs through dbcrypt in enterprise/coderd (including unit tests).
- Adds documentation in admin/encryption.md.
This enables dbcrypt by default, but the feature is soft-enforced on supplying external token encryption keys. Without specifying any keys, encryption/decryption is a no-op.
2023-09-07 15:49:49 +01:00
f1f9cb030d
refactor(cli): avoid importing coderd in slim server ( #9483 )
...
This small change removes 11 MB from the slim binary size.
Ref: #9380
2023-09-01 13:32:21 +00:00
11d4b6f758
chore: move dormancy to enterprise package ( #9468 )
2023-08-31 17:59:53 +02:00
16ef97a061
feat(cli): add DataDog Go tracer ( #9411 )
2023-08-29 22:14:28 +00:00
6ba92ef924
ci: enable gocognit ( #9359 )
...
And, bring the server under 300:
* Removed the undocumented "disable" STUN address in favor of the
--disable-direct flag.
2023-08-27 14:46:44 -05:00
60d5002eb6
refactor: change template archive extraction to be on provisioner ( #9264 )
...
* refactor provisionersdk protocol
Signed-off-by: Spike Curtis <spike@coder.com >
* refactor provisioners to use new protocol
Signed-off-by: Spike Curtis <spike@coder.com >
* refactor provisionerd to use new protocol
Signed-off-by: Spike Curtis <spike@coder.com >
* refactor tests & proto renames
* Fixes from self-review
Signed-off-by: Spike Curtis <spike@coder.com >
* appease fmt & link
Signed-off-by: Spike Curtis <spike@coder.com >
* code review fixes & e2e fixes
Signed-off-by: Spike Curtis <spike@coder.com >
* More fmt
Signed-off-by: Spike Curtis <spike@coder.com >
* Code review fixes
Signed-off-by: Spike Curtis <spike@coder.com >
* new gen; use uuid for session workdir
Signed-off-by: Spike Curtis <spike@coder.com >
* Revert nix-based gen CI task until dogfood is on nix
Signed-off-by: Spike Curtis <spike@coder.com >
* revert deleting dogfood Docker stuff
Signed-off-by: Spike Curtis <spike@coder.com >
* Revert "revert deleting dogfood Docker stuff"
This reverts commit 9762158167spike@coder.com >
2023-08-25 06:10:15 +00:00
69ec8d774b
fix(cli/server): apply log filter to log message as well as name ( #9232 )
2023-08-21 17:53:26 -05:00
6d939b726c
fix: correctly assess quota for stopped resources ( #9201 )
2023-08-21 09:01:16 -05:00
22e781eced
chore: add /v2 to import module path ( #9072 )
...
* chore: add /v2 to import module path
go mod requires semantic versioning with versions greater than 1.x
This was a mechanical update by running:
```
go install github.com/marwan-at-work/mod/cmd/mod@latest
mod upgrade
```
Migrate generated files to import /v2
* Fix gen
2023-08-18 18:55:43 +00:00
be40dc85ab
chore: cleanup extraneous logging ( #9156 )
...
* The batchstats warning went out on every Ctrl+C in my development
Rule of silence:
The provisioner and connect messages messages were sent out on every startup
without a corresponding user event, making them annoying and more-so
debug messages.
2023-08-17 21:01:55 +00:00
25ce30df36
feat: add azure oidc PKI auth instead of client secret ( #9054 )
...
* feat: add azure oidc PKI auth instead of client secret
* add client cert and key as deployment options
* Custom token refresher to handle pki auth
2023-08-14 17:33:13 -05:00
0d01d022f7
fix: remove unnecessary newlines from the end of cli output ( #9068 )
...
`Infof` already adds a newline, so we don't need to as well!
2023-08-13 11:48:11 -05:00
f4122fa9f5
feat: add auto group create from OIDC ( #8884 )
...
* add flag for auto create groups
* fixup! add flag for auto create groups
* sync missing groups
Also added a regex filter to filter out groups that are not
important
2023-08-08 11:37:49 -05:00
9fb18f3ae5
feat(coderd): batch agent stats inserts ( #8875 )
...
This PR adds support for batching inserts to the workspace_agents_stats table.
Up to 1024 stats are batched, and flushed every second in a batch.
2023-08-04 17:00:42 +01:00
d6e9870209
feat: add "dormant" user state ( #8644 )
2023-08-02 16:31:25 +02:00
edd9628aa6
fix(cli): correctly print deprecated warnings ( #8771 )
...
In the previous implementation, it was possible for default-set values
to trigger the deprecation warning.
2023-07-27 16:42:18 +00:00
02550a9062
fix(cli): apply log-filter to debug logs only ( #8751 )
2023-07-26 22:31:41 +00:00
25e30c6f41
feat(cli): support fine-grained server log filtering ( #8748 )
2023-07-26 16:46:22 -05:00
2f0a9996e7
chore: add derpserver to wsproxy, add proxies to derpmap ( #7311 )
2023-07-27 02:21:04 +10:00
f827829afe
feat: synchronize oidc user roles ( #8595 )
...
* feat: oidc user role sync
User roles come from oidc claims. Prevent manual user role changes
if set.
* allow mapping 1:many
2023-07-24 08:34:24 -04:00
dc8b73168e
feat: add user quiet hours schedule and restart requirement feature flag ( #8115 )
2023-07-20 23:35:41 +10:00
e9d7a230fa
chore: server header specifies if wsproxy ( #8432 )
2023-07-12 12:07:36 +00:00
b5f26d9bdf
feat: add ability for users to convert their password login type to oauth/github login ( #8105 )
...
* Currently toggled by experiment flag
---------
Co-authored-by: Bruno Quaresma <bruno@coder.com >
2023-06-30 08:38:48 -04:00
34467a3289
feat: add github device flow for authentication ( #8232 )
...
* feat: add github device flow for authentication
This will allow us to add a GitHub OAuth provider out-of-the-box
to reduce setup requirements.
* Improve askpass view
* Add routes to improve clarity of git auth
* Redesign the git auth page
* Refactor to add a page view
* Fix sideways layout
* Remove legacy notify
* Fix git auth redirects
* Add E2E tests
* Fix route documentation
* Fix imports
* Remove unused imports
* Fix E2E web test
* Fix friendly message appearance
* Fix layout shifting for full-screen sign-in
* Fix height going to 100%
* Fix comments
2023-06-29 18:58:01 +00:00
98a5ae7f48
feat: add provisioner job hang detector ( #7927 )
2023-06-25 13:17:00 +00:00
1b0124ecdb
feat: automatically stop workspaces based on failure_ttl ( #7989 )
2023-06-22 00:33:22 -04:00
d434181941
feat: add cohesive e2e tests for the web terminal, apps, and workspaces ( #8140 )
...
* feat: add cohesive e2e tests for the web terminal, apps, and workspaces
* Fix web terminal flake
2023-06-22 00:21:40 +00:00
a28d422c35
feat: add flag to disable all direct connections ( #7936 )
2023-06-21 22:02:05 +00:00
6e598234b6
fix: only collect prometheus database metrics when explicitly enabled ( #8045 )
...
* fix: only collect prometheus database metrics when explicitly enabled
* add missing test
* de-duplicate wrapping
2023-06-15 12:34:16 +01:00
e4b6f5695b
chore: separate pubsub into a new package ( #8017 )
...
* chore: rename store to dbmock for consistency
* chore: remove redundant dbtype package
This wasn't necessary and forked how we do DB types.
* chore: separate pubsub into a new package
This didn't need to be in database and was bloating it.
2023-06-14 15:34:54 +00:00
5eaf809851
fix(cli): speed up CLI over SSH ( #7885 )
...
By caching the terminal's color profile, we avoid myriad round trips during command execution.
2023-06-07 05:22:58 +00:00
0665a6c2f2
feat: add metric for provisioner daemons ( #7858 )
2023-06-06 16:50:11 -05:00
784696dfa5
feat: add prometheus metrics to database.Store ( #7713 )
...
* Adds dbmetrics package and wraps database.Store with a Prometheus HistogramVec of timings.
* Adds Wrappers method to database.Store to avoid double-wrapping interfaces
* Fixes test flake in TestLicensesListFake
2023-05-31 14:55:57 +01:00
dd69cc9148
fix: use different terraform cache dir ( #7672 )
2023-05-24 22:35:00 +00:00
c8ea76c7fa
fix(cli): correctly use cache dir for provisionerd work dir ( #7651 )
2023-05-23 13:37:27 -04:00
640fcf450c
chore: improve terraform install performance ( #7478 )
2023-05-11 19:30:51 +00:00
8bd9f9c351
feat: unified tracing between coderd<->provisionerd ( #7370 )
2023-05-03 23:02:35 +00:00
75ad72de56
fix(server): prevent otel tracer provider from immediately being closed ( #7369 )
2023-05-02 12:06:58 -05:00
c00f5e499a
fix(server): retry initial connection to postgres ( #7325 )
2023-04-28 13:51:31 -05:00
bb0a38b161
feat: Implement aggregator for agent metrics ( #7259 )
2023-04-27 12:34:00 +02:00
fff2b1dc90
fix(cli): Fix postgres TDE failing version check ( #7203 )
2023-04-19 11:59:56 -05:00
c6b2861493
feat: allow disabling stun addresses via env ( #7066 )
...
* feat: allow disabling stun addresses via env
Resolves #6791
* Specify a dummy access URL so the tunnel wouldn't start
* Document
---------
Co-authored-by: Kyle Carberry <kyle@carberry.com >
2023-04-17 17:20:26 +00:00
942aba3a66
feat: expose agent stats via Prometheus endpoint ( #7115 )
...
* WIP
* WIP
* WIP
* Agents
* fix
* 1min
* fix
* WIP
* Test
* docs
* fmt
* Add timer to measure the metrics collection
* Use CachedGaugeVec
* Unit tests
* WIP
* WIP
* db: GetWorkspaceAgentStatsAndLabels
* fmt
* WIP
* gauges
* feat: collect
* fix
* fmt
* minor fixes
* Prometheus flag
* fix
* WIP
* fix tests
* WIP
* fix json
* Rx Tx bytes
* CloseFunc
* fix
* fix
* Fixes
* fix
* fix: IgnoreErrors
* Fix: Windows
* fix
* reflect.DeepEquals
2023-04-14 16:14:52 +02:00
085330ad96
fix(provisionerd): only heartbeat when logs aren't being flushed ( #7110 )
2023-04-13 14:02:10 -05:00
