NotificationsYou must be signed in to change notification settings
Fork905
Star10k

Commit93f17bc

authored

fix: remove unnecessary user lookup in agent API calls (#17934)

# Use workspace.OwnerUsername instead of fetching the ownerThis PR optimizes the agent API by using the `workspace.OwnerUsername` field directly instead of making an additional database query to fetch the owner's username. The change removes the need to call `GetUserByID` in the manifest API and workspace agent RPC endpoints.An issue arose when the agent token was scoped without access to user data (`api_key_scope = "no_user_data"`), causing the agent to fail to fetch the manifest due to an RBAC issue.Change-Id: I3b6e7581134e2374b364ee059e3b18ece3d98b41Signed-off-by: Thomas Kosiewski <tk@coder.com>

1 parent1267c9c commit93f17bcCopy full SHA for 93f17bc

File tree

6 files changed

+194

-117

lines changed

coderd
flake.nix

6 files changed

+194

-117

lines changed

`‎coderd/agentapi/manifest.go`

Lines changed: 3 additions & 8 deletions

Original file line number	Diff line number	Diff line change
`@@ -47,7 +47,6 @@ func (a ManifestAPI) GetManifest(ctx context.Context, _ agentproto.GetManifest`
`47`	`47`	`scripts []database.WorkspaceAgentScript`
`48`	`48`	`metadata []database.WorkspaceAgentMetadatum`
`49`	`49`	`workspace database.Workspace`
`50`		`-owner database.User`
`51`	`50`	`devcontainers []database.WorkspaceAgentDevcontainer`
`52`	`51`	`)`
`53`	`52`
`@@ -76,10 +75,6 @@ func (a ManifestAPI) GetManifest(ctx context.Context, _ agentproto.GetManifest`
`76`	`75`	`iferr!=nil {`
`77`	`76`	`returnxerrors.Errorf("getting workspace by id: %w",err)`
`78`	`77`	`}`
`79`		`-owner,err=a.Database.GetUserByID(ctx,workspace.OwnerID)`
`80`		`-iferr!=nil {`
`81`		`-returnxerrors.Errorf("getting workspace owner by id: %w",err)`
`82`		`-}`
`83`	`78`	`returnerr`
`84`	`79`	`})`
`85`	`80`	`eg.Go(func() (errerror) {`
`@@ -98,7 +93,7 @@ func (a ManifestAPI) GetManifest(ctx context.Context, _ agentproto.GetManifest`
`98`	`93`	`AppSlugOrPort:"{{port}}",`
`99`	`94`	`AgentName:workspaceAgent.Name,`
`100`	`95`	`WorkspaceName:workspace.Name,`
`101`		`-Username:owner.Username,`
	`96`	`+Username:workspace.OwnerUsername,`
`102`	`97`	`}`
`103`	`98`
`104`	`99`	`vscodeProxyURI:=vscodeProxyURI(appSlug,a.AccessURL,a.AppHostname)`
`@@ -115,7 +110,7 @@ func (a ManifestAPI) GetManifest(ctx context.Context, _ agentproto.GetManifest`
`115`	`110`	`}`
`116`	`111`	`}`
`117`	`112`
`118`		`-apps,err:=dbAppsToProto(dbApps,workspaceAgent,owner.Username,workspace)`
	`113`	`+apps,err:=dbAppsToProto(dbApps,workspaceAgent,workspace.OwnerUsername,workspace)`
`119`	`114`	`iferr!=nil {`
`120`	`115`	`returnnil,xerrors.Errorf("converting workspace apps: %w",err)`
`121`	`116`	`}`
`@@ -128,7 +123,7 @@ func (a ManifestAPI) GetManifest(ctx context.Context, _ agentproto.GetManifest`
`128`	`123`	`return&agentproto.Manifest{`
`129`	`124`	`AgentId:workspaceAgent.ID[:],`
`130`	`125`	`AgentName:workspaceAgent.Name,`
`131`		`-OwnerUsername:owner.Username,`
	`126`	`+OwnerUsername:workspace.OwnerUsername,`
`132`	`127`	`WorkspaceId:workspace.ID[:],`
`133`	`128`	`WorkspaceName:workspace.Name,`
`134`	`129`	`GitAuthConfigs:gitAuthConfigs,`

`‎coderd/agentapi/manifest_test.go`

Lines changed: 4 additions & 6 deletions

Original file line number	Diff line number	Diff line change
`@@ -46,9 +46,10 @@ func TestGetManifest(t *testing.T) {`
`46`	`46`	`Username:"cool-user",`
`47`	`47`	`}`
`48`	`48`	`workspace= database.Workspace{`
`49`		`-ID:uuid.New(),`
`50`		`-OwnerID:owner.ID,`
`51`		`-Name:"cool-workspace",`
	`49`	`+ID:uuid.New(),`
	`50`	`+OwnerID:owner.ID,`
	`51`	`+OwnerUsername:owner.Username,`
	`52`	`+Name:"cool-workspace",`
`52`	`53`	`}`
`53`	`54`	`agent= database.WorkspaceAgent{`
`54`	`55`	`ID:uuid.New(),`
`@@ -336,7 +337,6 @@ func TestGetManifest(t *testing.T) {`
`336`	`337`	`}).Return(metadata,nil)`
`337`	`338`	`mDB.EXPECT().GetWorkspaceAgentDevcontainersByAgentID(gomock.Any(),agent.ID).Return(devcontainers,nil)`
`338`	`339`	`mDB.EXPECT().GetWorkspaceByID(gomock.Any(),workspace.ID).Return(workspace,nil)`
`339`		`-mDB.EXPECT().GetUserByID(gomock.Any(),workspace.OwnerID).Return(owner,nil)`
`340`	`340`
`341`	`341`	`got,err:=api.GetManifest(context.Background(),&agentproto.GetManifestRequest{})`
`342`	`342`	`require.NoError(t,err)`
`@@ -404,7 +404,6 @@ func TestGetManifest(t *testing.T) {`
`404`	`404`	`}).Return([]database.WorkspaceAgentMetadatum{},nil)`
`405`	`405`	`mDB.EXPECT().GetWorkspaceAgentDevcontainersByAgentID(gomock.Any(),childAgent.ID).Return([]database.WorkspaceAgentDevcontainer{},nil)`
`406`	`406`	`mDB.EXPECT().GetWorkspaceByID(gomock.Any(),workspace.ID).Return(workspace,nil)`
`407`		`-mDB.EXPECT().GetUserByID(gomock.Any(),workspace.OwnerID).Return(owner,nil)`
`408`	`407`
`409`	`408`	`got,err:=api.GetManifest(context.Background(),&agentproto.GetManifestRequest{})`
`410`	`409`	`require.NoError(t,err)`
`@@ -468,7 +467,6 @@ func TestGetManifest(t *testing.T) {`
`468`	`467`	`}).Return(metadata,nil)`
`469`	`468`	`mDB.EXPECT().GetWorkspaceAgentDevcontainersByAgentID(gomock.Any(),agent.ID).Return(devcontainers,nil)`
`470`	`469`	`mDB.EXPECT().GetWorkspaceByID(gomock.Any(),workspace.ID).Return(workspace,nil)`
`471`		`-mDB.EXPECT().GetUserByID(gomock.Any(),workspace.OwnerID).Return(owner,nil)`
`472`	`470`
`473`	`471`	`got,err:=api.GetManifest(context.Background(),&agentproto.GetManifestRequest{})`
`474`	`472`	`require.NoError(t,err)`

`‎coderd/workspaceagents_test.go`

Lines changed: 47 additions & 17 deletions

Original file line number	Diff line number	Diff line change
`@@ -439,25 +439,55 @@ func TestWorkspaceAgentConnectRPC(t *testing.T) {`
`439`	`439`	`t.Run("Connect",func(t*testing.T) {`
`440`	`440`	`t.Parallel()`
`441`	`441`
`442`		`-client,db:=coderdtest.NewWithDatabase(t,nil)`
`443`		`-user:=coderdtest.CreateFirstUser(t,client)`
`444`		`-r:=dbfake.WorkspaceBuild(t,db, database.WorkspaceTable{`
`445`		`-OrganizationID:user.OrganizationID,`
`446`		`-OwnerID:user.UserID,`
`447`		`-}).WithAgent().Do()`
`448`		`-_=agenttest.New(t,client.URL,r.AgentToken)`
`449`		`-resources:=coderdtest.AwaitWorkspaceAgents(t,client,r.Workspace.ID)`
	`442`	`+for_,tc:=range []struct {`
	`443`	`+namestring`
	`444`	`+apiKeyScope rbac.ScopeName`
	`445`	`+}{`
	`446`	`+{`
	`447`	`+name:"empty (backwards compat)",`
	`448`	`+apiKeyScope:"",`
	`449`	`+},`
	`450`	`+{`
	`451`	`+name:"all",`
	`452`	`+apiKeyScope:rbac.ScopeAll,`
	`453`	`+},`
	`454`	`+{`
	`455`	`+name:"no_user_data",`
	`456`	`+apiKeyScope:rbac.ScopeNoUserData,`
	`457`	`+},`
	`458`	`+{`
	`459`	`+name:"application_connect",`
	`460`	`+apiKeyScope:rbac.ScopeApplicationConnect,`
	`461`	`+},`
	`462`	`+} {`
	`463`	`+t.Run(tc.name,func(t*testing.T) {`
	`464`	`+client,db:=coderdtest.NewWithDatabase(t,nil)`
	`465`	`+user:=coderdtest.CreateFirstUser(t,client)`
	`466`	`+r:=dbfake.WorkspaceBuild(t,db, database.WorkspaceTable{`
	`467`	`+OrganizationID:user.OrganizationID,`
	`468`	`+OwnerID:user.UserID,`
	`469`	`+}).WithAgent(func(agents []proto.Agent) []proto.Agent {`
	`470`	`+for_,agent:=rangeagents {`
	`471`	`+agent.ApiKeyScope=string(tc.apiKeyScope)`
	`472`	`+}`
`450`	`473`
`451`		`-ctx,cancel:=context.WithTimeout(context.Background(),testutil.WaitLong)`
`452`		`-defercancel()`
	`474`	`+returnagents`
	`475`	`+}).Do()`
	`476`	`+_=agenttest.New(t,client.URL,r.AgentToken)`
	`477`	`+resources:=coderdtest.NewWorkspaceAgentWaiter(t,client,r.Workspace.ID).AgentNames([]string{}).Wait()`
`453`	`478`
`454`		`-conn,err:=workspacesdk.New(client).`
`455`		`-DialAgent(ctx,resources[0].Agents[0].ID,nil)`
`456`		`-require.NoError(t,err)`
`457`		`-deferfunc() {`
`458`		`-_=conn.Close()`
`459`		`-}()`
`460`		`-conn.AwaitReachable(ctx)`
	`479`	`+ctx,cancel:=context.WithTimeout(context.Background(),testutil.WaitLong)`
	`480`	`+defercancel()`
	`481`	`+`
	`482`	`+conn,err:=workspacesdk.New(client).`
	`483`	`+DialAgent(ctx,resources[0].Agents[0].ID,nil)`
	`484`	`+require.NoError(t,err)`
	`485`	`+deferfunc() {`
	`486`	`+_=conn.Close()`
	`487`	`+}()`
	`488`	`+conn.AwaitReachable(ctx)`
	`489`	`+})`
	`490`	`+}`
`461`	`491`	`})`
`462`	`492`
`463`	`493`	`t.Run("FailNonLatestBuild",func(t*testing.T) {`

`‎coderd/workspaceagentsrpc.go`

Lines changed: 2 additions & 11 deletions

Original file line number	Diff line number	Diff line change
`@@ -76,17 +76,8 @@ func (api API) workspaceAgentRPC(rw http.ResponseWriter, r http.Request) {`
`76`	`76`	`return`
`77`	`77`	`}`
`78`	`78`
`79`		`-owner,err:=api.Database.GetUserByID(ctx,workspace.OwnerID)`
`80`		`-iferr!=nil {`
`81`		`-httpapi.Write(ctx,rw,http.StatusBadRequest, codersdk.Response{`
`82`		`-Message:"Internal error fetching user.",`
`83`		`-Detail:err.Error(),`
`84`		`-})`
`85`		`-return`
`86`		`-}`
`87`		`-`
`88`	`79`	`logger=logger.With(`
`89`		`-slog.F("owner",owner.Username),`
	`80`	`+slog.F("owner",workspace.OwnerUsername),`
`90`	`81`	`slog.F("workspace_name",workspace.Name),`
`91`	`82`	`slog.F("agent_name",workspaceAgent.Name),`
`92`	`83`	`)`
`@@ -170,7 +161,7 @@ func (api API) workspaceAgentRPC(rw http.ResponseWriter, r http.Request) {`
`170`	`161`	`})`
`171`	`162`
`172`	`163`	`streamID:= tailnet.StreamID{`
`173`		`-Name:fmt.Sprintf("%s-%s-%s",owner.Username,workspace.Name,workspaceAgent.Name),`
	`164`	`+Name:fmt.Sprintf("%s-%s-%s",workspace.OwnerUsername,workspace.Name,workspaceAgent.Name),`
`174`	`165`	`ID:workspaceAgent.ID,`
`175`	`166`	`Auth: tailnet.AgentCoordinateeAuth{ID:workspaceAgent.ID},`
`176`	`167`	`}`

0 commit comments

Comments

(0)

Movatterモバイル変換

Navigation Menu

Search code, repositories, users, issues, pull requests...

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Commit93f17bc

File tree

6 files changed

6 files changed

`‎coderd/agentapi/manifest.go`

`‎coderd/agentapi/manifest_test.go`

`‎coderd/workspaceagents_test.go`

`‎coderd/workspaceagentsrpc.go`

0 commit comments