coder/coderPublic

NotificationsYou must be signed in to change notification settings
Fork1k
Star11.1k

Commit9a444b3

authored

chore: cherry pick PRs for 2.17 (#15339)

- [x]#15305 - [x]#15307 - [x]#15270 - [x]#15261 - [x]#15281- [x]#15298- Release Docs: - [x]#15296 - [x]#15280 - [x]#15294 - [x]#15310---------Co-authored-by: Steven Masley <Emyrk@users.noreply.github.com>Co-authored-by: Bruno Quaresma <bruno@coder.com>Co-authored-by: Danielle Maywood <danielle@themaywoods.com>Co-authored-by: Colin Adler <colin1adler@gmail.com>Co-authored-by: Edward Angert <EdwardAngert@users.noreply.github.com>

1 parentd83f4eb commit9a444b3Copy full SHA for 9a444b3

File tree

70 files changed

+2328

-269

lines changed

cli
coderd
- apidoc
  - docs.go
  - swagger.json
- audit
  - fields.go
  - request.go
- coderd.go
- coderdtest
  - coderdtest.go
- database
  - db.go
  - dbauthz
  - dbfake
    - builder.go
  - dbgen
    - dbgen.go
  - dbmem
    - dbmem.go
  - dbmetrics
    - querymetrics.go
  - dbmock
    - dbmock.go
  - dbtestutil
    - db.go
    - tx.go
  - pglocks.go
  - queries.sql.go
  - queries
- httpmw
  - apikey.go
- notifications/dispatch
  - smtp.go
- prometheusmetrics
  - prometheusmetrics.go
  - prometheusmetrics_test.go
- provisionerdserver
  - provisionerdserver.go
- userauth.go
- userauth_test.go
- users.go
- users_test.go
- workspaces_test.go
codersdk
docs
- admin
  - monitoring/notifications
    - index.md
  - templates
    - troubleshooting.md
  - users
    - groups-roles.md
    - index.md
- images
  - admin
    - templates/troubleshooting
      - workspace-build-timings-ui.png
    - users/roles
  - best-practice
    - build-timeline.png
- install
  - kubernetes.md
- manifest.json
- reference
  - api
    - schemas.md
    - users.md
  - cli
    - server.md
- tutorials/best-practices
  - index.md
  - speed-up-templates.md
- user-guides
  - workspace-lifecycle.md
enterprise
- cli
  - server.go
  - testdata
    - coder_server_--help.golden
- coderd
site/src
- api
  - typesGenerated.ts
- components/ActiveUserChart
  - ActiveUserChart.stories.tsx
  - ActiveUserChart.tsx
- pages
  - AuditPage/AuditLogRow/AuditLogDescription
    - AuditLogDescription.tsx
  - DeploymentSettingsPage/GeneralSettingsPage
    - GeneralSettingsPageView.stories.tsx
    - GeneralSettingsPageView.tsx
  - TemplatePage/TemplateInsightsPage
    - TemplateInsightsPage.stories.tsx
    - TemplateInsightsPage.tsx

Some content is hidden

Large Commits have some content hidden by default. Use the searchbox below for content that may be hidden.

70 files changed

+2328

-269

lines changed

`‎cli/server.go‎`

Lines changed: 7 additions & 1 deletion

Original file line number	Diff line number	Diff line change
`@@ -212,10 +212,16 @@ func enablePrometheus(`
`212`	`212`	`options.PrometheusRegistry.MustRegister(collectors.NewGoCollector())`
`213`	`213`	`options.PrometheusRegistry.MustRegister(collectors.NewProcessCollector(collectors.ProcessCollectorOpts{}))`
`214`	`214`
`215`		`-closeUsersFunc,err:=prometheusmetrics.ActiveUsers(ctx,options.PrometheusRegistry,options.Database,0)`
	`215`	`+closeActiveUsersFunc,err:=prometheusmetrics.ActiveUsers(ctx,options.Logger.Named("active_user_metrics"),options.PrometheusRegistry,options.Database,0)`
`216`	`216`	`iferr!=nil {`
`217`	`217`	`returnnil,xerrors.Errorf("register active users prometheus metric: %w",err)`
`218`	`218`	`}`
	`219`	`+afterCtx(ctx,closeActiveUsersFunc)`
	`220`	`+`
	`221`	`+closeUsersFunc,err:=prometheusmetrics.Users(ctx,options.Logger.Named("user_metrics"),quartz.NewReal(),options.PrometheusRegistry,options.Database,0)`
	`222`	`+iferr!=nil {`
	`223`	`+returnnil,xerrors.Errorf("register users prometheus metric: %w",err)`
	`224`	`+}`
`219`	`225`	`afterCtx(ctx,closeUsersFunc)`
`220`	`226`
`221`	`227`	`closeWorkspacesFunc,err:=prometheusmetrics.Workspaces(ctx,options.Logger.Named("workspaces_metrics"),options.PrometheusRegistry,options.Database,0)`

`‎cli/server_createadminuser.go‎`

Lines changed: 1 addition & 0 deletions

Original file line number	Diff line number	Diff line change
`@@ -197,6 +197,7 @@ func (r RootCmd) newCreateAdminUserCommand() serpent.Command {`
`197`	`197`	`UpdatedAt:dbtime.Now(),`
`198`	`198`	`RBACRoles: []string{rbac.RoleOwner().String()},`
`199`	`199`	`LoginType:database.LoginTypePassword,`
	`200`	`+Status:"",`
`200`	`201`	`})`
`201`	`202`	`iferr!=nil {`
`202`	`203`	`returnxerrors.Errorf("insert user: %w",err)`

`‎cli/testdata/coder_server_--help.golden‎`

Lines changed: 69 additions & 3 deletions

Original file line number	Diff line number	Diff line change
`@@ -106,6 +106,58 @@ Use a YAML configuration file when your server launch become unwieldy.`
`106`	`106`
`107`	`107`	`Write out the current server config as YAML to stdout.`
`108`	`108`
	`109`	`+EMAIL OPTIONS:`
	`110`	`+Configure how emails are sent.`
	`111`	`+`
	`112`	`+ --email-force-tls bool, $CODER_EMAIL_FORCE_TLS (default: false)`
	`113`	`+ Force a TLS connection to the configured SMTP smarthost.`
	`114`	`+`
	`115`	`+ --email-from string, $CODER_EMAIL_FROM`
	`116`	`+ The sender's address to use.`
	`117`	`+`
	`118`	`+ --email-hello string, $CODER_EMAIL_HELLO (default: localhost)`
	`119`	`+ The hostname identifying the SMTP server.`
	`120`	`+`
	`121`	`+ --email-smarthost host:port, $CODER_EMAIL_SMARTHOST (default: localhost:587)`
	`122`	`+ The intermediary SMTP host through which emails are sent.`
	`123`	`+`
	`124`	`+EMAIL / EMAIL AUTHENTICATION OPTIONS:`
	`125`	`+Configure SMTP authentication options.`
	`126`	`+`
	`127`	`+ --email-auth-identity string, $CODER_EMAIL_AUTH_IDENTITY`
	`128`	`+ Identity to use with PLAIN authentication.`
	`129`	`+`
	`130`	`+ --email-auth-password string, $CODER_EMAIL_AUTH_PASSWORD`
	`131`	`+ Password to use with PLAIN/LOGIN authentication.`
	`132`	`+`
	`133`	`+ --email-auth-password-file string, $CODER_EMAIL_AUTH_PASSWORD_FILE`
	`134`	`+ File from which to load password for use with PLAIN/LOGIN`
	`135`	`+ authentication.`
	`136`	`+`
	`137`	`+ --email-auth-username string, $CODER_EMAIL_AUTH_USERNAME`
	`138`	`+ Username to use with PLAIN/LOGIN authentication.`
	`139`	`+`
	`140`	`+EMAIL / EMAIL TLS OPTIONS:`
	`141`	`+Configure TLS for your SMTP server target.`
	`142`	`+`
	`143`	`+ --email-tls-ca-cert-file string, $CODER_EMAIL_TLS_CACERTFILE`
	`144`	`+ CA certificate file to use.`
	`145`	`+`
	`146`	`+ --email-tls-cert-file string, $CODER_EMAIL_TLS_CERTFILE`
	`147`	`+ Certificate file to use.`
	`148`	`+`
	`149`	`+ --email-tls-cert-key-file string, $CODER_EMAIL_TLS_CERTKEYFILE`
	`150`	`+ Certificate key file to use.`
	`151`	`+`
	`152`	`+ --email-tls-server-name string, $CODER_EMAIL_TLS_SERVERNAME`
	`153`	`+ Server name to verify against the target certificate.`
	`154`	`+`
	`155`	`+ --email-tls-skip-verify bool, $CODER_EMAIL_TLS_SKIPVERIFY`
	`156`	`+ Skip verification of the target server's certificate (insecure).`
	`157`	`+`
	`158`	`+ --email-tls-starttls bool, $CODER_EMAIL_TLS_STARTTLS`
	`159`	`+ Enable STARTTLS to upgrade insecure SMTP connections using TLS.`
	`160`	`+`
`109`	`161`	`INTROSPECTION / HEALTH CHECK OPTIONS:`
`110`	`162`	`--health-check-refresh duration, $CODER_HEALTH_CHECK_REFRESH (default: 10m0s)`
`111`	`163`	`Refresh interval for healthchecks.`
`@@ -349,54 +401,68 @@ Configure how notifications are processed and delivered.`
`349`	`401`	`NOTIFICATIONS / EMAIL OPTIONS:`
`350`	`402`	`Configure how email notifications are sent.`
`351`	`403`
`352`		`- --notifications-email-force-tls bool, $CODER_NOTIFICATIONS_EMAIL_FORCE_TLS (default: false)`
	`404`	`+ --notifications-email-force-tls bool, $CODER_NOTIFICATIONS_EMAIL_FORCE_TLS`
`353`	`405`	`Force a TLS connection to the configured SMTP smarthost.`
	`406`	`+ DEPRECATED: Use --email-force-tls instead.`
`354`	`407`
`355`	`408`	`--notifications-email-from string, $CODER_NOTIFICATIONS_EMAIL_FROM`
`356`	`409`	`The sender's address to use.`
	`410`	`+ DEPRECATED: Use --email-from instead.`
`357`	`411`
`358`		`- --notifications-email-hello string, $CODER_NOTIFICATIONS_EMAIL_HELLO (default: localhost)`
	`412`	`+ --notifications-email-hello string, $CODER_NOTIFICATIONS_EMAIL_HELLO`
`359`	`413`	`The hostname identifying the SMTP server.`
	`414`	`+ DEPRECATED: Use --email-hello instead.`
`360`	`415`
`361`		`- --notifications-email-smarthost host:port, $CODER_NOTIFICATIONS_EMAIL_SMARTHOST (default: localhost:587)`
	`416`	`+ --notifications-email-smarthost host:port, $CODER_NOTIFICATIONS_EMAIL_SMARTHOST`
`362`	`417`	`The intermediary SMTP host through which emails are sent.`
	`418`	`+ DEPRECATED: Use --email-smarthost instead.`
`363`	`419`
`364`	`420`	`NOTIFICATIONS / EMAIL / EMAIL AUTHENTICATION OPTIONS:`
`365`	`421`	`Configure SMTP authentication options.`
`366`	`422`
`367`	`423`	`--notifications-email-auth-identity string, $CODER_NOTIFICATIONS_EMAIL_AUTH_IDENTITY`
`368`	`424`	`Identity to use with PLAIN authentication.`
	`425`	`+ DEPRECATED: Use --email-auth-identity instead.`
`369`	`426`
`370`	`427`	`--notifications-email-auth-password string, $CODER_NOTIFICATIONS_EMAIL_AUTH_PASSWORD`
`371`	`428`	`Password to use with PLAIN/LOGIN authentication.`
	`429`	`+ DEPRECATED: Use --email-auth-password instead.`
`372`	`430`
`373`	`431`	`--notifications-email-auth-password-file string, $CODER_NOTIFICATIONS_EMAIL_AUTH_PASSWORD_FILE`
`374`	`432`	`File from which to load password for use with PLAIN/LOGIN`
`375`	`433`	`authentication.`
	`434`	`+ DEPRECATED: Use --email-auth-password-file instead.`
`376`	`435`
`377`	`436`	`--notifications-email-auth-username string, $CODER_NOTIFICATIONS_EMAIL_AUTH_USERNAME`
`378`	`437`	`Username to use with PLAIN/LOGIN authentication.`
	`438`	`+ DEPRECATED: Use --email-auth-username instead.`
`379`	`439`
`380`	`440`	`NOTIFICATIONS / EMAIL / EMAIL TLS OPTIONS:`
`381`	`441`	`Configure TLS for your SMTP server target.`
`382`	`442`
`383`	`443`	`--notifications-email-tls-ca-cert-file string, $CODER_NOTIFICATIONS_EMAIL_TLS_CACERTFILE`
`384`	`444`	`CA certificate file to use.`
	`445`	`+ DEPRECATED: Use --email-tls-ca-cert-file instead.`
`385`	`446`
`386`	`447`	`--notifications-email-tls-cert-file string, $CODER_NOTIFICATIONS_EMAIL_TLS_CERTFILE`
`387`	`448`	`Certificate file to use.`
	`449`	`+ DEPRECATED: Use --email-tls-cert-file instead.`
`388`	`450`
`389`	`451`	`--notifications-email-tls-cert-key-file string, $CODER_NOTIFICATIONS_EMAIL_TLS_CERTKEYFILE`
`390`	`452`	`Certificate key file to use.`
	`453`	`+ DEPRECATED: Use --email-tls-cert-key-file instead.`
`391`	`454`
`392`	`455`	`--notifications-email-tls-server-name string, $CODER_NOTIFICATIONS_EMAIL_TLS_SERVERNAME`
`393`	`456`	`Server name to verify against the target certificate.`
	`457`	`+ DEPRECATED: Use --email-tls-server-name instead.`
`394`	`458`
`395`	`459`	`--notifications-email-tls-skip-verify bool, $CODER_NOTIFICATIONS_EMAIL_TLS_SKIPVERIFY`
`396`	`460`	`Skip verification of the target server's certificate (insecure).`
	`461`	`+ DEPRECATED: Use --email-tls-skip-verify instead.`
`397`	`462`
`398`	`463`	`--notifications-email-tls-starttls bool, $CODER_NOTIFICATIONS_EMAIL_TLS_STARTTLS`
`399`	`464`	`Enable STARTTLS to upgrade insecure SMTP connections using TLS.`
	`465`	`+ DEPRECATED: Use --email-tls-starttls instead.`
`400`	`466`
`401`	`467`	`NOTIFICATIONS / WEBHOOK OPTIONS:`
`402`	`468`	`--notifications-webhook-endpoint url, $CODER_NOTIFICATIONS_WEBHOOK_ENDPOINT`

`‎cli/testdata/server-config.yaml.golden‎`

Lines changed: 48 additions & 3 deletions

Original file line number	Diff line number	Diff line change
`@@ -518,6 +518,51 @@ userQuietHoursSchedule:`
`518`	`518`	`# compatibility reasons, this will be removed in a future release.`
`519`	`519`	`# (default: false, type: bool)`
`520`	`520`	`allowWorkspaceRenames: false`
	`521`	`+# Configure how emails are sent.`
	`522`	`+email:`
	`523`	`+ # The sender's address to use.`
	`524`	`+ # (default: <unset>, type: string)`
	`525`	`+ from: ""`
	`526`	`+ # The intermediary SMTP host through which emails are sent.`
	`527`	`+ # (default: localhost:587, type: host:port)`
	`528`	`+ smarthost: localhost:587`
	`529`	`+ # The hostname identifying the SMTP server.`
	`530`	`+ # (default: localhost, type: string)`
	`531`	`+ hello: localhost`
	`532`	`+ # Force a TLS connection to the configured SMTP smarthost.`
	`533`	`+ # (default: false, type: bool)`
	`534`	`+ forceTLS: false`
	`535`	`+ # Configure SMTP authentication options.`
	`536`	`+ emailAuth:`
	`537`	`+ # Identity to use with PLAIN authentication.`
	`538`	`+ # (default: <unset>, type: string)`
	`539`	`+ identity: ""`
	`540`	`+ # Username to use with PLAIN/LOGIN authentication.`
	`541`	`+ # (default: <unset>, type: string)`
	`542`	`+ username: ""`
	`543`	`+ # File from which to load password for use with PLAIN/LOGIN authentication.`
	`544`	`+ # (default: <unset>, type: string)`
	`545`	`+ passwordFile: ""`
	`546`	`+ # Configure TLS for your SMTP server target.`
	`547`	`+ emailTLS:`
	`548`	`+ # Enable STARTTLS to upgrade insecure SMTP connections using TLS.`
	`549`	`+ # (default: <unset>, type: bool)`
	`550`	`+ startTLS: false`
	`551`	`+ # Server name to verify against the target certificate.`
	`552`	`+ # (default: <unset>, type: string)`
	`553`	`+ serverName: ""`
	`554`	`+ # Skip verification of the target server's certificate (insecure).`
	`555`	`+ # (default: <unset>, type: bool)`
	`556`	`+ insecureSkipVerify: false`
	`557`	`+ # CA certificate file to use.`
	`558`	`+ # (default: <unset>, type: string)`
	`559`	`+ caCertFile: ""`
	`560`	`+ # Certificate file to use.`
	`561`	`+ # (default: <unset>, type: string)`
	`562`	`+ certFile: ""`
	`563`	`+ # Certificate key file to use.`
	`564`	`+ # (default: <unset>, type: string)`
	`565`	`+ certKeyFile: ""`
`521`	`566`	`# Configure how notifications are processed and delivered.`
`522`	`567`	`notifications:`
`523`	`568`	`# Which delivery method to use (available options: 'smtp', 'webhook').`
`@@ -532,13 +577,13 @@ notifications:`
`532`	`577`	`# (default: <unset>, type: string)`
`533`	`578`	`from: ""`
`534`	`579`	`# The intermediary SMTP host through which emails are sent.`
`535`		`- # (default:localhost:587, type: host:port)`
	`580`	`+ # (default:<unset>, type: host:port)`
`536`	`581`	`smarthost: localhost:587`
`537`	`582`	`# The hostname identifying the SMTP server.`
`538`		`- # (default:localhost, type: string)`
	`583`	`+ # (default:<unset>, type: string)`
`539`	`584`	`hello: localhost`
`540`	`585`	`# Force a TLS connection to the configured SMTP smarthost.`
`541`		`- # (default:false, type: bool)`
	`586`	`+ # (default:<unset>, type: bool)`
`542`	`587`	`forceTLS: false`
`543`	`588`	`# Configure SMTP authentication options.`
`544`	`589`	`emailAuth:`

Original file line number	Diff line number	Diff line change
`@@ -0,0 +1,33 @@`
	`1`	`+package audit`
	`2`	`+`
	`3`	`+import (`
	`4`	`+"context"`
	`5`	`+"encoding/json"`
	`6`	`+`
	`7`	`+"cdr.dev/slog"`
	`8`	`+)`
	`9`	`+`
	`10`	`+typeBackgroundSubsystemstring`
	`11`	`+`
	`12`	`+const (`
	`13`	`+BackgroundSubsystemDormancyBackgroundSubsystem="dormancy"`
	`14`	`+)`
	`15`	`+`
	`16`	`+funcBackgroundTaskFields(subsystemBackgroundSubsystem)map[string]string {`
	`17`	`+returnmap[string]string{`
	`18`	`+"automatic_actor":"coder",`
	`19`	`+"automatic_subsystem":string(subsystem),`
	`20`	`+}`
	`21`	`+}`
	`22`	`+`
	`23`	`+funcBackgroundTaskFieldsBytes(ctx context.Context,logger slog.Logger,subsystemBackgroundSubsystem) []byte {`
	`24`	`+af:=BackgroundTaskFields(subsystem)`
	`25`	`+`
	`26`	`+wriBytes,err:=json.Marshal(af)`
	`27`	`+iferr!=nil {`
	`28`	`+logger.Error(ctx,"marshal additional fields for dormancy audit",slog.Error(err))`
	`29`	`+return []byte("{}")`
	`30`	`+}`
	`31`	`+`
	`32`	`+returnwriBytes`
	`33`	`+}`

`‎coderd/audit/request.go‎`

Lines changed: 7 additions & 6 deletions

Original file line number	Diff line number	Diff line change
`@@ -62,12 +62,13 @@ type BackgroundAuditParams[T Auditable] struct {`
`62`	`62`	`AuditAuditor`
`63`	`63`	`Log slog.Logger`
`64`	`64`
`65`		`-UserID uuid.UUID`
`66`		`-RequestID uuid.UUID`
`67`		`-Statusint`
`68`		`-Action database.AuditAction`
`69`		`-OrganizationID uuid.UUID`
`70`		`-IPstring`
	`65`	`+UserID uuid.UUID`
	`66`	`+RequestID uuid.UUID`
	`67`	`+Statusint`
	`68`	`+Action database.AuditAction`
	`69`	`+OrganizationID uuid.UUID`
	`70`	`+IPstring`
	`71`	`+// todo: this should automatically marshal an interface{} instead of accepting a raw message.`
`71`	`72`	`AdditionalFields json.RawMessage`
`72`	`73`
`73`	`74`	`NewT`

`‎coderd/coderd.go‎`

Lines changed: 1 addition & 0 deletions

Original file line number	Diff line number	Diff line change
`@@ -702,6 +702,7 @@ func New(options Options) API {`
`702`	`702`
`703`	`703`	`apiKeyMiddleware:=httpmw.ExtractAPIKeyMW(httpmw.ExtractAPIKeyConfig{`
`704`	`704`	`DB:options.Database,`
	`705`	`+ActivateDormantUser:ActivateDormantUser(options.Logger,&api.Auditor,options.Database),`
`705`	`706`	`OAuth2Configs:oauthConfigs,`
`706`	`707`	`RedirectToLogin:false,`
`707`	`708`	`DisableSessionExpiryRefresh:options.DeploymentValues.Sessions.DisableExpiryRefresh.Value(),`

`‎coderd/coderdtest/coderdtest.go‎`

Lines changed: 3 additions & 0 deletions

Original file line number	Diff line number	Diff line change
`@@ -718,6 +718,9 @@ func createAnotherUserRetry(t testing.TB, client *codersdk.Client, organizationI`
`718`	`718`	`Name:RandomName(t),`
`719`	`719`	`Password:"SomeSecurePassword!",`
`720`	`720`	`OrganizationIDs:organizationIDs,`
	`721`	`+// Always create users as active in tests to ignore an extra audit log`
	`722`	`+// when logging in.`
	`723`	`+UserStatus:ptr.Ref(codersdk.UserStatusActive),`
`721`	`724`	`}`
`722`	`725`	`for_,m:=rangemutators {`
`723`	`726`	`m(&req)`

0 commit comments

Comments

(0)

Movatterモバイル変換

Navigation Menu

Search code, repositories, users, issues, pull requests...

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Commit9a444b3

File tree

70 files changed

Some content is hidden

70 files changed

`‎cli/server.go‎`

`‎cli/server_createadminuser.go‎`

`‎cli/testdata/coder_server_--help.golden‎`

`‎cli/testdata/server-config.yaml.golden‎`

`‎coderd/apidoc/docs.go‎`

`‎coderd/apidoc/swagger.json‎`

`‎coderd/audit/fields.go‎`

`‎coderd/audit/request.go‎`

`‎coderd/coderd.go‎`

`‎coderd/coderdtest/coderdtest.go‎`

0 commit comments