mirror of
https://github.com/coder/coder.git
synced 2025-07-06 15:41:45 +00:00
2ba4a62a0d
* feat: HA tailnet coordinator * fixup! feat: HA tailnet coordinator * fixup! feat: HA tailnet coordinator * remove printlns * close all connections on coordinator * impelement high availability feature * fixup! impelement high availability feature * fixup! impelement high availability feature * fixup! impelement high availability feature * fixup! impelement high availability feature * Add replicas * Add DERP meshing to arbitrary addresses * Move packages to highavailability folder * Move coordinator to high availability package * Add flags for HA * Rename to replicasync * Denest packages for replicas * Add test for multiple replicas * Fix coordination test * Add HA to the helm chart * Rename function pointer * Add warnings for HA * Add the ability to block endpoints * Add flag to disable P2P connections * Wow, I made the tests pass * Add replicas endpoint * Ensure close kills replica * Update sql * Add database latency to high availability * Pipe TLS to DERP mesh * Fix DERP mesh with TLS * Add tests for TLS * Fix replica sync TLS * Fix RootCA for replica meshing * Remove ID from replicasync * Fix getting certificates for meshing * Remove excessive locking * Fix linting * Store mesh key in the database * Fix replica key for tests * Fix types gen * Fix unlocking unlocked * Fix race in tests * Update enterprise/derpmesh/derpmesh.go Co-authored-by: Colin Adler <colin1adler@gmail.com> * Rename to syncReplicas * Reuse http client * Delete old replicas on a CRON * Fix race condition in connection tests * Fix linting * Fix nil type * Move pubsub to in-memory for twenty test * Add comment for configuration tweaking * Fix leak with transport * Fix close leak in derpmesh * Fix race when creating server * Remove handler update * Skip test on Windows * Fix DERP mesh test * Wrap HTTP handler replacement in mutex * Fix error message for relay * Fix API handler for normal tests * Fix speedtest * Fix replica resend * Fix derpmesh send * Ping async * Increase wait time of template version jobd * Fix race when closing replica sync * Add name to client * Log the derpmap being used * Don't connect if DERP is empty * Improve agent coordinator logging * Fix lock in coordinator * Fix relay addr * Fix race when updating durations * Fix client publish race * Run pubsub loop in a queue * Store agent nodes in order * Fix coordinator locking * Check for closed pipe Co-authored-by: Colin Adler <colin1adler@gmail.com>
181 lines
5.8 KiB
Go
181 lines
5.8 KiB
Go
package coderd_test
|
|
|
|
import (
|
|
"context"
|
|
"reflect"
|
|
"testing"
|
|
"time"
|
|
|
|
"github.com/stretchr/testify/assert"
|
|
"github.com/stretchr/testify/require"
|
|
"go.uber.org/goleak"
|
|
|
|
agplaudit "github.com/coder/coder/coderd/audit"
|
|
"github.com/coder/coder/coderd/coderdtest"
|
|
"github.com/coder/coder/coderd/database"
|
|
"github.com/coder/coder/codersdk"
|
|
"github.com/coder/coder/enterprise/audit"
|
|
"github.com/coder/coder/enterprise/coderd"
|
|
"github.com/coder/coder/enterprise/coderd/coderdenttest"
|
|
"github.com/coder/coder/testutil"
|
|
)
|
|
|
|
func TestMain(m *testing.M) {
|
|
goleak.VerifyTestMain(m)
|
|
}
|
|
|
|
func TestEntitlements(t *testing.T) {
|
|
t.Parallel()
|
|
t.Run("NoLicense", func(t *testing.T) {
|
|
t.Parallel()
|
|
client := coderdenttest.New(t, nil)
|
|
res, err := client.Entitlements(context.Background())
|
|
require.NoError(t, err)
|
|
require.False(t, res.HasLicense)
|
|
require.Empty(t, res.Warnings)
|
|
})
|
|
t.Run("FullLicense", func(t *testing.T) {
|
|
t.Parallel()
|
|
client := coderdenttest.New(t, &coderdenttest.Options{
|
|
AuditLogging: true,
|
|
})
|
|
_ = coderdtest.CreateFirstUser(t, client)
|
|
coderdenttest.AddLicense(t, client, coderdenttest.LicenseOptions{
|
|
UserLimit: 100,
|
|
AuditLog: true,
|
|
TemplateRBAC: true,
|
|
})
|
|
res, err := client.Entitlements(context.Background())
|
|
require.NoError(t, err)
|
|
assert.True(t, res.HasLicense)
|
|
ul := res.Features[codersdk.FeatureUserLimit]
|
|
assert.Equal(t, codersdk.EntitlementEntitled, ul.Entitlement)
|
|
assert.Equal(t, int64(100), *ul.Limit)
|
|
assert.Equal(t, int64(1), *ul.Actual)
|
|
assert.True(t, ul.Enabled)
|
|
al := res.Features[codersdk.FeatureAuditLog]
|
|
assert.Equal(t, codersdk.EntitlementEntitled, al.Entitlement)
|
|
assert.True(t, al.Enabled)
|
|
assert.Nil(t, al.Limit)
|
|
assert.Nil(t, al.Actual)
|
|
assert.Empty(t, res.Warnings)
|
|
})
|
|
t.Run("FullLicenseToNone", func(t *testing.T) {
|
|
t.Parallel()
|
|
client := coderdenttest.New(t, &coderdenttest.Options{
|
|
AuditLogging: true,
|
|
})
|
|
_ = coderdtest.CreateFirstUser(t, client)
|
|
license := coderdenttest.AddLicense(t, client, coderdenttest.LicenseOptions{
|
|
UserLimit: 100,
|
|
AuditLog: true,
|
|
})
|
|
res, err := client.Entitlements(context.Background())
|
|
require.NoError(t, err)
|
|
assert.True(t, res.HasLicense)
|
|
al := res.Features[codersdk.FeatureAuditLog]
|
|
assert.Equal(t, codersdk.EntitlementEntitled, al.Entitlement)
|
|
assert.True(t, al.Enabled)
|
|
|
|
err = client.DeleteLicense(context.Background(), license.ID)
|
|
require.NoError(t, err)
|
|
|
|
res, err = client.Entitlements(context.Background())
|
|
require.NoError(t, err)
|
|
assert.False(t, res.HasLicense)
|
|
al = res.Features[codersdk.FeatureAuditLog]
|
|
assert.Equal(t, codersdk.EntitlementNotEntitled, al.Entitlement)
|
|
assert.False(t, al.Enabled)
|
|
})
|
|
t.Run("Pubsub", func(t *testing.T) {
|
|
t.Parallel()
|
|
client, _, api := coderdenttest.NewWithAPI(t, nil)
|
|
entitlements, err := client.Entitlements(context.Background())
|
|
require.NoError(t, err)
|
|
require.False(t, entitlements.HasLicense)
|
|
coderdtest.CreateFirstUser(t, client)
|
|
_, err = api.Database.InsertLicense(context.Background(), database.InsertLicenseParams{
|
|
UploadedAt: database.Now(),
|
|
Exp: database.Now().AddDate(1, 0, 0),
|
|
JWT: coderdenttest.GenerateLicense(t, coderdenttest.LicenseOptions{
|
|
AuditLog: true,
|
|
}),
|
|
})
|
|
require.NoError(t, err)
|
|
err = api.Pubsub.Publish(coderd.PubsubEventLicenses, []byte{})
|
|
require.NoError(t, err)
|
|
require.Eventually(t, func() bool {
|
|
entitlements, err := client.Entitlements(context.Background())
|
|
assert.NoError(t, err)
|
|
return entitlements.HasLicense
|
|
}, testutil.WaitShort, testutil.IntervalFast)
|
|
})
|
|
t.Run("Resync", func(t *testing.T) {
|
|
t.Parallel()
|
|
client, _, api := coderdenttest.NewWithAPI(t, &coderdenttest.Options{
|
|
EntitlementsUpdateInterval: 25 * time.Millisecond,
|
|
})
|
|
entitlements, err := client.Entitlements(context.Background())
|
|
require.NoError(t, err)
|
|
require.False(t, entitlements.HasLicense)
|
|
coderdtest.CreateFirstUser(t, client)
|
|
// Valid
|
|
_, err = api.Database.InsertLicense(context.Background(), database.InsertLicenseParams{
|
|
UploadedAt: database.Now(),
|
|
Exp: database.Now().AddDate(1, 0, 0),
|
|
JWT: coderdenttest.GenerateLicense(t, coderdenttest.LicenseOptions{
|
|
AuditLog: true,
|
|
}),
|
|
})
|
|
require.NoError(t, err)
|
|
// Expired
|
|
_, err = api.Database.InsertLicense(context.Background(), database.InsertLicenseParams{
|
|
UploadedAt: database.Now(),
|
|
Exp: database.Now().AddDate(-1, 0, 0),
|
|
JWT: coderdenttest.GenerateLicense(t, coderdenttest.LicenseOptions{
|
|
ExpiresAt: database.Now().AddDate(-1, 0, 0),
|
|
}),
|
|
})
|
|
require.NoError(t, err)
|
|
// Invalid
|
|
_, err = api.Database.InsertLicense(context.Background(), database.InsertLicenseParams{
|
|
UploadedAt: database.Now(),
|
|
Exp: database.Now().AddDate(1, 0, 0),
|
|
JWT: "invalid",
|
|
})
|
|
require.NoError(t, err)
|
|
require.Eventually(t, func() bool {
|
|
entitlements, err := client.Entitlements(context.Background())
|
|
assert.NoError(t, err)
|
|
return entitlements.HasLicense
|
|
}, testutil.WaitShort, testutil.IntervalFast)
|
|
})
|
|
}
|
|
|
|
func TestAuditLogging(t *testing.T) {
|
|
t.Parallel()
|
|
t.Run("Enabled", func(t *testing.T) {
|
|
t.Parallel()
|
|
client, _, api := coderdenttest.NewWithAPI(t, &coderdenttest.Options{
|
|
AuditLogging: true,
|
|
})
|
|
coderdtest.CreateFirstUser(t, client)
|
|
coderdenttest.AddLicense(t, client, coderdenttest.LicenseOptions{
|
|
AuditLog: true,
|
|
})
|
|
auditor := *api.AGPL.Auditor.Load()
|
|
ea := audit.NewAuditor(audit.DefaultFilter)
|
|
t.Logf("%T = %T", auditor, ea)
|
|
assert.EqualValues(t, reflect.ValueOf(ea).Type(), reflect.ValueOf(auditor).Type())
|
|
})
|
|
t.Run("Disabled", func(t *testing.T) {
|
|
t.Parallel()
|
|
client, _, api := coderdenttest.NewWithAPI(t, nil)
|
|
coderdtest.CreateFirstUser(t, client)
|
|
auditor := *api.AGPL.Auditor.Load()
|
|
ea := agplaudit.NewNop()
|
|
t.Logf("%T = %T", auditor, ea)
|
|
assert.Equal(t, reflect.ValueOf(ea).Type(), reflect.ValueOf(auditor).Type())
|
|
})
|
|
}
|