2279441517
feat: add --key flag to provisionerd start ( #14002 )
2024-07-25 15:26:26 -04:00
ca83017dc1
feat: accept provisioner keys for provisioner auth ( #13972 )
2024-07-25 10:22:55 -04:00
0a07c7e554
feat: get org scoped provisioners ( #13953 )
2024-07-23 14:56:46 +00:00
1691768fb9
chore: use store enqueuer with external provisioners ( #13881 )
2024-07-12 13:51:13 +02:00
bdd2caf95d
feat: implement thin vertical slice of system-generated notifications ( #13537 )
2024-07-08 15:38:50 +02:00
cb6b5e8fbd
chore: push rbac actions to policy package ( #13274 )
...
Just moved `rbac.Action` -> `policy.Action`. This is for the stacked PR to not have circular dependencies when doing autogen. Without this, the autogen can produce broken golang code, which prevents the autogen from compiling.
So just avoiding circular dependencies. Doing this in it's own PR to reduce LoC diffs in the primary PR, since this has 0 functional changes.
2024-05-15 09:46:35 -05:00
eeb3d63be6
chore: merge authorization contexts ( #12816 )
...
* chore: merge authorization contexts
Instead of 2 auth contexts from apikey and dbauthz, merge them to
just use dbauthz. It is annoying to have two.
* fixup authorization reference
2024-03-29 10:14:27 -05:00
f0f9569d51
chore: enforce that provisioners can only acquire jobs in their own organization ( #12600 )
...
* chore: add org ID as optional param to AcquireJob
* chore: plumb through organization id to provisioner daemons
* add org id to provisioner domain key
* enforce org id argument
* dbgen provisioner jobs defaults to default org
2024-03-18 12:48:13 -05:00
b5f866c1cb
chore: add organization_id column to provisioner daemons ( #12356 )
...
* chore: add organization_id column to provisioner daemons
* Update upsert to include organization id on set
2024-03-06 12:04:50 -06:00
5c6974e55f
feat: implement provisioner auth middleware and proper org params ( #12330 )
...
* feat: provisioner auth in mw to allow ExtractOrg
Step to enable org scoped provisioner daemons
* chore: handle default org handling for provisioner daemons
2024-03-04 15:15:41 -06:00
475c3650ca
feat: add support for optional external auth providers ( #12021 )
2024-02-21 11:18:38 -07:00
643c3ee54b
refactor(provisionerd): move provisionersdk.VersionCurrent -> provisionerdproto.VersionCurrent ( #12225 )
2024-02-20 12:44:19 +00:00
a2cbb0f87f
fix(enterprise/coderd): check provisionerd API version on connection ( #12191 )
2024-02-16 18:43:07 +00:00
1f5a6d59ba
chore: consolidate websocketNetConn implementations ( #12065 )
...
Consolidates websocketNetConn from multiple packages in favor of a central one in codersdk
2024-02-09 11:39:08 +04:00
04fd96a014
feat(coderd): add provisioner_daemons to /debug/health endpoint ( #11393 )
...
Adds a healthcheck for provisioner daemons to /debug/health endpoint.
2024-01-08 09:29:04 +00:00
1ef96022b0
feat(coderd): add provisioner build version and api_version on serve ( #11369 )
...
* assert provisioner daemon version and api_version in unit tests
* add build info in HTTP header, extract codersdk.BuildVersionHeader
* add api_version to codersdk.ProvisionerDaemon
* testutil.MustString -> testutil.MustRandString
2024-01-03 09:01:57 +00:00
213b768785
feat(coderd): insert provisioner daemons ( #11207 )
...
* Adds UpdateProvisionerDaemonLastSeenAt
* Adds heartbeat to provisioner daemons
* Inserts provisioner daemons to database upon start
* Ensures TagOwner is an empty string and not nil
* Adds COALESCE() in idx_provisioner_daemons_name_owner_key
2023-12-18 16:44:52 +00:00
b02796655e
fix(coderd/database): remove column updated_at from provisioner_daemons table ( #11108 )
2023-12-12 11:19:28 +00:00
2b19a2369f
chore(coderd): move provisionerd tags to provisionersdk ( #11100 )
2023-12-08 12:10:25 +00:00
1e349f0d50
feat(cli): allow specifying name of provisioner daemon ( #11077 )
...
- Adds a --name argument to provisionerd start
- Plumbs through name to integrated and external provisioners
- Defaults to hostname if not specified for external, hostname-N for integrated
- Adds cliutil.Hostname
2023-12-07 16:59:13 +00:00
a235644046
fix(codersdk): make codersdk.ProvisionerDaemon.UpdatedAt a codersdk.NullTime ( #11037 )
2023-12-05 15:40:45 +00:00
5fad611020
feat(coderd): add last_seen_at and version to provisioner_daemons table ( #11033 )
...
Related to #10676
- Adds columns last_seen_at and version to provisioner_daemons table
- Adds the above to codersdk.ProvisionerDaemons struct
2023-12-05 13:54:38 +00:00
504cedf15a
feat: add telemetry for external provisioners ( #10322 )
2023-10-18 14:20:30 -05:00
6875faf238
fix(coderd/provisionerdserver): pass through api ctx to provisionerdserver ( #10259 )
...
Passes through coderd API ctx to provisionerd server so we can cancel workspace updates when API is shutting down.
2023-10-16 13:50:07 +01:00
8abca9bea7
chore: rename git_auth to external_auth in our schema ( #9935 )
...
* chore: rename `git_auth` to `external_auth` in our schema
We're changing Git auth to be external auth. It will support
any OAuth2 or OIDC provider.
To split up the larger change I want to contribute the schema
changes first, and I'll add the feature itself in another PR.
* Fix names
* Fix outdated view
* Rename some additional places
* Fix sort order
* Fix template versions auth route
* Fix types
* Fix dbauthz
2023-09-29 19:13:20 +00:00
375c70d141
feat: integrate Acquirer for provisioner jobs ( #9717 )
...
* chore: add Acquirer to provisionerdserver pkg
Signed-off-by: Spike Curtis <spike@coder.com >
* code review improvements & fixes
Signed-off-by: Spike Curtis <spike@coder.com >
* feat: integrate Acquirer for provisioner jobs
Signed-off-by: Spike Curtis <spike@coder.com >
* Fix imports, whitespace
Signed-off-by: Spike Curtis <spike@coder.com >
* provisionerdserver always closes; remove poll interval from playwright
Signed-off-by: Spike Curtis <spike@coder.com >
* post jobs outside transactions
Signed-off-by: Spike Curtis <spike@coder.com >
* graceful shutdown in test
Signed-off-by: Spike Curtis <spike@coder.com >
* Mark AcquireJob deprecated
Signed-off-by: Spike Curtis <spike@coder.com >
* Graceful shutdown on all provisionerd tests
Signed-off-by: Spike Curtis <spike@coder.com >
* Deprecate, not remove CLI flags
Signed-off-by: Spike Curtis <spike@coder.com >
---------
Signed-off-by: Spike Curtis <spike@coder.com >
2023-09-19 10:25:57 +04:00
8d7eb1728c
fix: stop inserting provisioner daemons into the database ( #9108 )
...
Signed-off-by: Spike Curtis <spike@coder.com >
2023-09-08 10:37:36 +00:00
19d7da3d24
refactor(coderd/database): split Time and Now into dbtime package ( #9482 )
...
Ref: #9380
2023-09-01 16:50:12 +00:00
bc9fdd15f2
fix(enterprise/cli): correctly set default tags for PSK auth ( #9436 )
...
* provisionerd: unconditionally set tag scope to org for psk auth
* provisionerd: add unit tests for MutateTags
* cli: add some informational logging around provisionerd tags
* cli: respect CODER_VERBOSE when initializing logger
2023-09-01 10:37:09 +01:00
90acf998bf
fix: fix null pointer on external provisioner daemons with daily_cost ( #9401 )
...
* fix: fix null pointer on external provisioner daemons with daily_cost
Signed-off-by: Spike Curtis <spike@coder.com >
* Add logging for debounce and job acquire
Signed-off-by: Spike Curtis <spike@coder.com >
* Return error instead of panic
Signed-off-by: Spike Curtis <spike@coder.com >
* remove debounce on external provisioners to fix test flakes
Signed-off-by: Spike Curtis <spike@coder.com >
---------
Signed-off-by: Spike Curtis <spike@coder.com >
2023-08-30 10:48:35 +00:00
22e781eced
chore: add /v2 to import module path ( #9072 )
...
* chore: add /v2 to import module path
go mod requires semantic versioning with versions greater than 1.x
This was a mechanical update by running:
```
go install github.com/marwan-at-work/mod/cmd/mod@latest
mod upgrade
```
Migrate generated files to import /v2
* Fix gen
2023-08-18 18:55:43 +00:00
cb4989cd8d
feat: add PSK for external provisionerd auth ( #8877 )
...
Signed-off-by: Spike Curtis <spike@coder.com >
2023-08-04 12:32:28 +04:00
dc8b73168e
feat: add user quiet hours schedule and restart requirement feature flag ( #8115 )
2023-07-20 23:35:41 +10:00
aceedefce3
chore: add template_with_user view to include user contextual data ( #8568 )
...
* chore: Refactor template sql queries to use new view
* TemplateWithUser -> Template
* Add unit test to enforce good view
2023-07-19 16:07:33 -04:00
1b0124ecdb
feat: automatically stop workspaces based on failure_ttl ( #7989 )
2023-06-22 00:33:22 -04:00
c3aef9363b
feat: add locked TTL field to template meta ( #8020 )
2023-06-19 22:37:55 -04:00
ec5ef51b49
feat: add session token injection to provisioner ( #7461 )
2023-05-17 23:29:22 -05:00
5ffa6dae50
feat: add inactivity cleanup and failure cleanup configuration fields to Template Schedule Form ( #7402 )
...
* added workspace actions entitlement
* added workspace actions experiment
* added new route for template enterprise meta
* removing new route; repurposing old
* add new fields to get endpoints
* removed workspace actions experiment
* added logic to enterprise template store
* added new form fields
* feature flagged new fields
* fix validation
* fixed submit btn
* fix tests
* changed ttl defaults
* added FE tests
* added BE tests
* fixed lint
* adjusted comment language
* fixing unstaged changes check
* fix test
* Update coderd/database/migrations/000122_add_template_cleanup_ttls.down.sql
Co-authored-by: Dean Sheather <dean@deansheather.com >
* Update coderd/database/migrations/000122_add_template_cleanup_ttls.up.sql
Co-authored-by: Dean Sheather <dean@deansheather.com >
---------
Co-authored-by: Dean Sheather <dean@deansheather.com >
2023-05-05 08:19:26 -07:00
8bd9f9c351
feat: unified tracing between coderd<->provisionerd ( #7370 )
2023-05-03 23:02:35 +00:00
e33941b7c2
feat: allow disabling autostart and custom autostop for template ( #6933 )
...
API only, frontend in upcoming PR.
2023-04-04 12:48:35 +00:00
df31636e72
feat: pass access_token to coder_git_auth resource ( #6713 )
...
This allows template authors to leverage git auth to perform
custom actions, like clone repositories.
2023-03-22 19:37:08 +00:00
c3fb1b325f
feat: add owner_oidc_access_token to coder_workspace data source ( #6042 )
...
See the discussion in Discord here:
https://discord.com/channels/747933592273027093/1071182088490987542/1071182088490987542
Related provider PR: coder/terraform-provider-coder#91
2023-03-17 15:25:08 -05:00
66a6b590a1
feat: add template max_ttl ( #6114 )
...
Co-authored-by: Bruno Quaresma <bruno@coder.com >
2023-03-07 14:14:58 +00:00
5df7872661
fix: Improve use of context in websocket.NetConn code paths ( #6198 )
2023-02-14 16:42:55 +02:00
08cce81ac8
feat: Implement allow_list for scopes for resource specific permissions ( #5769 )
...
* feat: Implement allow_list for scopes for resource specific permissions
Feature that adds an allow_list for scopes to specify particular resources.
This enables workspace agent tokens to use the same RBAC system as users.
- Add ID to compileSQL matchers
* Plumb through WithID on rbac objects
* Rename Scope -> ScopeName
* Update input.json with scope allow_list
Co-authored-by: Cian Johnston <cian@coder.com >
2023-01-19 13:41:36 -06:00
deebfcbd53
feat: Validate swagger definitions ( #5694 )
...
* docs: audit, deploymentconfig, files, parameters
* Swagger comments in workspacebuilds.go
* structs in workspacebuilds.go
* workspaceagents: instance identity
* workspaceagents.go in progress
* workspaceagents.go in progress
* Agents
* workspacebuilds.go
* /workspaces
* templates.go, templateversions.go
* templateversion.go in progress
* cancel
* templateversions
* wip
* Merge
* x-apidocgen
* NullTime hack not needed anymore
* Fix: x-apidocgen
* Members
* Fixes
* Fix
* WIP
* WIP
* Users
* Logout
* User profile
* Status suspend activate
* User roles
* User tokens
* Keys
* SSH key
* All
* Typo
* Fix
* Entitlements
* Groups
* SCIM
* Fix
* Fix
* Clean templates
* Sort API pages
* Fix: HashedSecret
* WIP
* WIP
* WIP
* Fix: cover workspaceagents
* Assert: consistent ID and summary
* Assert: success or failure defined
* Fix: parallel
* Refactor
* Support enterprise
* Go comment goes to top
* Security
* assertPathParametersDefined
* assertUniqueRoutes
* assertRequestBody
* More fixes
* Fix: exceptions
* Fix field format
* Address PR comments
* Refactor
2023-01-13 12:27:21 +01:00
d9436fab69
docs: API enterprise ( #5625 )
...
* docs: audit, deploymentconfig, files, parameters
* Swagger comments in workspacebuilds.go
* structs in workspacebuilds.go
* workspaceagents: instance identity
* workspaceagents.go in progress
* workspaceagents.go in progress
* Agents
* workspacebuilds.go
* /workspaces
* templates.go, templateversions.go
* templateversion.go in progress
* cancel
* templateversions
* wip
* Merge
* x-apidocgen
* NullTime hack not needed anymore
* Fix: x-apidocgen
* Members
* Fixes
* Fix
* WIP
* WIP
* Users
* Logout
* User profile
* Status suspend activate
* User roles
* User tokens
* Keys
* SSH key
* All
* Typo
* Fix
* Entitlements
* Groups
* SCIM
* Fix
* Fix
* Clean templates
* Sort API pages
* Fix: HashedSecret
* General is first
2023-01-11 16:05:42 +01:00
ab3b3d5fca
feat: add debouncing to provisionerd rpc calls ( #5198 )
2022-12-01 16:54:53 -06:00
6786ca2854
Audit build outcomes/kira pilot ( #5143 )
...
* auditing failed builds
* logging workspace build successes
* remove duplicate workspace build entry
* fixed workspacebuilds_test
* PR feedback
* lint and migrations
* fix nil auditors
* workspace_build test
* fixed workspaces_teest
Co-authored-by: Colin Adler <colin1adler@gmail.com >
2022-11-22 13:22:56 -05:00
b6703b11c6
feat: Add external provisioner daemons ( #4935 )
...
* Start to port over provisioner daemons PR
* Move to Enterprise
* Begin adding tests for external registration
* Move provisioner daemons query to enterprise
* Move around provisioner daemons schema
* Add tags to provisioner daemons
* make gen
* Add user local provisioner daemons
* Add provisioner daemons
* Add feature for external daemons
* Add command to start a provisioner daemon
* Add provisioner tags to template push and create
* Rename migration files
* Fix tests
* Fix entitlements test
* PR comments
* Update migration
* Fix FE types
2022-11-16 16:34:06 -06:00
