Movatterモバイル変換

[0]ホーム
URL:

Skip to content

Navigation Menu

Sign in
Appearance settings

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly

 Sign up
Appearance settings

Commit9a444b3

Browse files
stirbyEmyrkBrunoQuaresmaDanielleMaywoodcoadler
authored
chore: cherry pick PRs for 2.17 (#15339)
- [x]#15305 - [x]#15307 - [x]#15270 - [x]#15261 - [x]#15281- [x]#15298- Release Docs: - [x]#15296 - [x]#15280 - [x]#15294 - [x]#15310---------Co-authored-by: Steven Masley <Emyrk@users.noreply.github.com>Co-authored-by: Bruno Quaresma <bruno@coder.com>Co-authored-by: Danielle Maywood <danielle@themaywoods.com>Co-authored-by: Colin Adler <colin1adler@gmail.com>Co-authored-by: Edward Angert <EdwardAngert@users.noreply.github.com>
1 parentd83f4eb commit9a444b3

File tree

70 files changed

+2328
-269
lines changed

Some content is hidden

Large Commits have some content hidden by default. Use the searchbox below for content that may be hidden.

70 files changed

+2328
-269
lines changed

‎cli/server.go

Lines changed: 7 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -212,10 +212,16 @@ func enablePrometheus(
212212
options.PrometheusRegistry.MustRegister(collectors.NewGoCollector())
213213
options.PrometheusRegistry.MustRegister(collectors.NewProcessCollector(collectors.ProcessCollectorOpts{}))
214214

215-
closeUsersFunc,err:=prometheusmetrics.ActiveUsers(ctx,options.PrometheusRegistry,options.Database,0)
215+
closeActiveUsersFunc,err:=prometheusmetrics.ActiveUsers(ctx,options.Logger.Named("active_user_metrics"),options.PrometheusRegistry,options.Database,0)
216216
iferr!=nil {
217217
returnnil,xerrors.Errorf("register active users prometheus metric: %w",err)
218218
}
219+
afterCtx(ctx,closeActiveUsersFunc)
220+
221+
closeUsersFunc,err:=prometheusmetrics.Users(ctx,options.Logger.Named("user_metrics"),quartz.NewReal(),options.PrometheusRegistry,options.Database,0)
222+
iferr!=nil {
223+
returnnil,xerrors.Errorf("register users prometheus metric: %w",err)
224+
}
219225
afterCtx(ctx,closeUsersFunc)
220226

221227
closeWorkspacesFunc,err:=prometheusmetrics.Workspaces(ctx,options.Logger.Named("workspaces_metrics"),options.PrometheusRegistry,options.Database,0)

‎cli/server_createadminuser.go

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -197,6 +197,7 @@ func (r *RootCmd) newCreateAdminUserCommand() *serpent.Command {
197197
UpdatedAt:dbtime.Now(),
198198
RBACRoles: []string{rbac.RoleOwner().String()},
199199
LoginType:database.LoginTypePassword,
200+
Status:"",
200201
})
201202
iferr!=nil {
202203
returnxerrors.Errorf("insert user: %w",err)

‎cli/testdata/coder_server_--help.golden

Lines changed: 69 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -106,6 +106,58 @@ Use a YAML configuration file when your server launch become unwieldy.
106106

107107
Write out the current server config as YAML to stdout.
108108

109+
EMAIL OPTIONS:
110+
Configure how emails are sent.
111+
112+
--email-force-tls bool, $CODER_EMAIL_FORCE_TLS (default: false)
113+
Force a TLS connection to the configured SMTP smarthost.
114+
115+
--email-from string, $CODER_EMAIL_FROM
116+
The sender's address to use.
117+
118+
--email-hello string, $CODER_EMAIL_HELLO (default: localhost)
119+
The hostname identifying the SMTP server.
120+
121+
--email-smarthost host:port, $CODER_EMAIL_SMARTHOST (default: localhost:587)
122+
The intermediary SMTP host through which emails are sent.
123+
124+
EMAIL / EMAIL AUTHENTICATION OPTIONS:
125+
Configure SMTP authentication options.
126+
127+
--email-auth-identity string, $CODER_EMAIL_AUTH_IDENTITY
128+
Identity to use with PLAIN authentication.
129+
130+
--email-auth-password string, $CODER_EMAIL_AUTH_PASSWORD
131+
Password to use with PLAIN/LOGIN authentication.
132+
133+
--email-auth-password-file string, $CODER_EMAIL_AUTH_PASSWORD_FILE
134+
File from which to load password for use with PLAIN/LOGIN
135+
authentication.
136+
137+
--email-auth-username string, $CODER_EMAIL_AUTH_USERNAME
138+
Username to use with PLAIN/LOGIN authentication.
139+
140+
EMAIL / EMAIL TLS OPTIONS:
141+
Configure TLS for your SMTP server target.
142+
143+
--email-tls-ca-cert-file string, $CODER_EMAIL_TLS_CACERTFILE
144+
CA certificate file to use.
145+
146+
--email-tls-cert-file string, $CODER_EMAIL_TLS_CERTFILE
147+
Certificate file to use.
148+
149+
--email-tls-cert-key-file string, $CODER_EMAIL_TLS_CERTKEYFILE
150+
Certificate key file to use.
151+
152+
--email-tls-server-name string, $CODER_EMAIL_TLS_SERVERNAME
153+
Server name to verify against the target certificate.
154+
155+
--email-tls-skip-verify bool, $CODER_EMAIL_TLS_SKIPVERIFY
156+
Skip verification of the target server's certificate (insecure).
157+
158+
--email-tls-starttls bool, $CODER_EMAIL_TLS_STARTTLS
159+
Enable STARTTLS to upgrade insecure SMTP connections using TLS.
160+
109161
INTROSPECTION / HEALTH CHECK OPTIONS:
110162
--health-check-refresh duration, $CODER_HEALTH_CHECK_REFRESH (default: 10m0s)
111163
Refresh interval for healthchecks.
@@ -349,54 +401,68 @@ Configure how notifications are processed and delivered.
349401
NOTIFICATIONS / EMAIL OPTIONS:
350402
Configure how email notifications are sent.
351403

352-
--notifications-email-force-tls bool, $CODER_NOTIFICATIONS_EMAIL_FORCE_TLS (default: false)
404+
--notifications-email-force-tls bool, $CODER_NOTIFICATIONS_EMAIL_FORCE_TLS
353405
Force a TLS connection to the configured SMTP smarthost.
406+
DEPRECATED: Use --email-force-tls instead.
354407

355408
--notifications-email-from string, $CODER_NOTIFICATIONS_EMAIL_FROM
356409
The sender's address to use.
410+
DEPRECATED: Use --email-from instead.
357411

358-
--notifications-email-hello string, $CODER_NOTIFICATIONS_EMAIL_HELLO (default: localhost)
412+
--notifications-email-hello string, $CODER_NOTIFICATIONS_EMAIL_HELLO
359413
The hostname identifying the SMTP server.
414+
DEPRECATED: Use --email-hello instead.
360415

361-
--notifications-email-smarthost host:port, $CODER_NOTIFICATIONS_EMAIL_SMARTHOST (default: localhost:587)
416+
--notifications-email-smarthost host:port, $CODER_NOTIFICATIONS_EMAIL_SMARTHOST
362417
The intermediary SMTP host through which emails are sent.
418+
DEPRECATED: Use --email-smarthost instead.
363419

364420
NOTIFICATIONS / EMAIL / EMAIL AUTHENTICATION OPTIONS:
365421
Configure SMTP authentication options.
366422

367423
--notifications-email-auth-identity string, $CODER_NOTIFICATIONS_EMAIL_AUTH_IDENTITY
368424
Identity to use with PLAIN authentication.
425+
DEPRECATED: Use --email-auth-identity instead.
369426

370427
--notifications-email-auth-password string, $CODER_NOTIFICATIONS_EMAIL_AUTH_PASSWORD
371428
Password to use with PLAIN/LOGIN authentication.
429+
DEPRECATED: Use --email-auth-password instead.
372430

373431
--notifications-email-auth-password-file string, $CODER_NOTIFICATIONS_EMAIL_AUTH_PASSWORD_FILE
374432
File from which to load password for use with PLAIN/LOGIN
375433
authentication.
434+
DEPRECATED: Use --email-auth-password-file instead.
376435

377436
--notifications-email-auth-username string, $CODER_NOTIFICATIONS_EMAIL_AUTH_USERNAME
378437
Username to use with PLAIN/LOGIN authentication.
438+
DEPRECATED: Use --email-auth-username instead.
379439

380440
NOTIFICATIONS / EMAIL / EMAIL TLS OPTIONS:
381441
Configure TLS for your SMTP server target.
382442

383443
--notifications-email-tls-ca-cert-file string, $CODER_NOTIFICATIONS_EMAIL_TLS_CACERTFILE
384444
CA certificate file to use.
445+
DEPRECATED: Use --email-tls-ca-cert-file instead.
385446

386447
--notifications-email-tls-cert-file string, $CODER_NOTIFICATIONS_EMAIL_TLS_CERTFILE
387448
Certificate file to use.
449+
DEPRECATED: Use --email-tls-cert-file instead.
388450

389451
--notifications-email-tls-cert-key-file string, $CODER_NOTIFICATIONS_EMAIL_TLS_CERTKEYFILE
390452
Certificate key file to use.
453+
DEPRECATED: Use --email-tls-cert-key-file instead.
391454

392455
--notifications-email-tls-server-name string, $CODER_NOTIFICATIONS_EMAIL_TLS_SERVERNAME
393456
Server name to verify against the target certificate.
457+
DEPRECATED: Use --email-tls-server-name instead.
394458

395459
--notifications-email-tls-skip-verify bool, $CODER_NOTIFICATIONS_EMAIL_TLS_SKIPVERIFY
396460
Skip verification of the target server's certificate (insecure).
461+
DEPRECATED: Use --email-tls-skip-verify instead.
397462

398463
--notifications-email-tls-starttls bool, $CODER_NOTIFICATIONS_EMAIL_TLS_STARTTLS
399464
Enable STARTTLS to upgrade insecure SMTP connections using TLS.
465+
DEPRECATED: Use --email-tls-starttls instead.
400466

401467
NOTIFICATIONS / WEBHOOK OPTIONS:
402468
--notifications-webhook-endpoint url, $CODER_NOTIFICATIONS_WEBHOOK_ENDPOINT

‎cli/testdata/server-config.yaml.golden

Lines changed: 48 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -518,6 +518,51 @@ userQuietHoursSchedule:
518518
# compatibility reasons, this will be removed in a future release.
519519
# (default: false, type: bool)
520520
allowWorkspaceRenames: false
521+
# Configure how emails are sent.
522+
email:
523+
# The sender's address to use.
524+
# (default: <unset>, type: string)
525+
from: ""
526+
# The intermediary SMTP host through which emails are sent.
527+
# (default: localhost:587, type: host:port)
528+
smarthost: localhost:587
529+
# The hostname identifying the SMTP server.
530+
# (default: localhost, type: string)
531+
hello: localhost
532+
# Force a TLS connection to the configured SMTP smarthost.
533+
# (default: false, type: bool)
534+
forceTLS: false
535+
# Configure SMTP authentication options.
536+
emailAuth:
537+
# Identity to use with PLAIN authentication.
538+
# (default: <unset>, type: string)
539+
identity: ""
540+
# Username to use with PLAIN/LOGIN authentication.
541+
# (default: <unset>, type: string)
542+
username: ""
543+
# File from which to load password for use with PLAIN/LOGIN authentication.
544+
# (default: <unset>, type: string)
545+
passwordFile: ""
546+
# Configure TLS for your SMTP server target.
547+
emailTLS:
548+
# Enable STARTTLS to upgrade insecure SMTP connections using TLS.
549+
# (default: <unset>, type: bool)
550+
startTLS: false
551+
# Server name to verify against the target certificate.
552+
# (default: <unset>, type: string)
553+
serverName: ""
554+
# Skip verification of the target server's certificate (insecure).
555+
# (default: <unset>, type: bool)
556+
insecureSkipVerify: false
557+
# CA certificate file to use.
558+
# (default: <unset>, type: string)
559+
caCertFile: ""
560+
# Certificate file to use.
561+
# (default: <unset>, type: string)
562+
certFile: ""
563+
# Certificate key file to use.
564+
# (default: <unset>, type: string)
565+
certKeyFile: ""
521566
# Configure how notifications are processed and delivered.
522567
notifications:
523568
# Which delivery method to use (available options: 'smtp', 'webhook').
@@ -532,13 +577,13 @@ notifications:
532577
# (default: <unset>, type: string)
533578
from: ""
534579
# The intermediary SMTP host through which emails are sent.
535-
# (default:localhost:587, type: host:port)
580+
# (default:<unset>, type: host:port)
536581
smarthost: localhost:587
537582
# The hostname identifying the SMTP server.
538-
# (default:localhost, type: string)
583+
# (default:<unset>, type: string)
539584
hello: localhost
540585
# Force a TLS connection to the configured SMTP smarthost.
541-
# (default:false, type: bool)
586+
# (default:<unset>, type: bool)
542587
forceTLS: false
543588
# Configure SMTP authentication options.
544589
emailAuth:

‎coderd/apidoc/docs.go

Lines changed: 8 additions & 0 deletions
Some generated files are not rendered by default. Learn more aboutcustomizing how changed files appear on GitHub.

‎coderd/apidoc/swagger.json

Lines changed: 8 additions & 0 deletions
Some generated files are not rendered by default. Learn more aboutcustomizing how changed files appear on GitHub.

‎coderd/audit/fields.go

Lines changed: 33 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,33 @@
1+
package audit
2+
3+
import (
4+
"context"
5+
"encoding/json"
6+
7+
"cdr.dev/slog"
8+
)
9+
10+
typeBackgroundSubsystemstring
11+
12+
const (
13+
BackgroundSubsystemDormancyBackgroundSubsystem="dormancy"
14+
)
15+
16+
funcBackgroundTaskFields(subsystemBackgroundSubsystem)map[string]string {
17+
returnmap[string]string{
18+
"automatic_actor":"coder",
19+
"automatic_subsystem":string(subsystem),
20+
}
21+
}
22+
23+
funcBackgroundTaskFieldsBytes(ctx context.Context,logger slog.Logger,subsystemBackgroundSubsystem) []byte {
24+
af:=BackgroundTaskFields(subsystem)
25+
26+
wriBytes,err:=json.Marshal(af)
27+
iferr!=nil {
28+
logger.Error(ctx,"marshal additional fields for dormancy audit",slog.Error(err))
29+
return []byte("{}")
30+
}
31+
32+
returnwriBytes
33+
}

‎coderd/audit/request.go

Lines changed: 7 additions & 6 deletions
Original file line numberDiff line numberDiff line change
@@ -62,12 +62,13 @@ type BackgroundAuditParams[T Auditable] struct {
6262
AuditAuditor
6363
Log slog.Logger
6464

65-
UserID uuid.UUID
66-
RequestID uuid.UUID
67-
Statusint
68-
Action database.AuditAction
69-
OrganizationID uuid.UUID
70-
IPstring
65+
UserID uuid.UUID
66+
RequestID uuid.UUID
67+
Statusint
68+
Action database.AuditAction
69+
OrganizationID uuid.UUID
70+
IPstring
71+
// todo: this should automatically marshal an interface{} instead of accepting a raw message.
7172
AdditionalFields json.RawMessage
7273

7374
NewT

‎coderd/coderd.go

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -702,6 +702,7 @@ func New(options *Options) *API {
702702

703703
apiKeyMiddleware:=httpmw.ExtractAPIKeyMW(httpmw.ExtractAPIKeyConfig{
704704
DB:options.Database,
705+
ActivateDormantUser:ActivateDormantUser(options.Logger,&api.Auditor,options.Database),
705706
OAuth2Configs:oauthConfigs,
706707
RedirectToLogin:false,
707708
DisableSessionExpiryRefresh:options.DeploymentValues.Sessions.DisableExpiryRefresh.Value(),

‎coderd/coderdtest/coderdtest.go

Lines changed: 3 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -718,6 +718,9 @@ func createAnotherUserRetry(t testing.TB, client *codersdk.Client, organizationI
718718
Name:RandomName(t),
719719
Password:"SomeSecurePassword!",
720720
OrganizationIDs:organizationIDs,
721+
// Always create users as active in tests to ignore an extra audit log
722+
// when logging in.
723+
UserStatus:ptr.Ref(codersdk.UserStatusActive),
721724
}
722725
for_,m:=rangemutators {
723726
m(&req)

‎coderd/database/db.go

Lines changed: 28 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -28,6 +28,7 @@ type Store interface {
2828
wrapper
2929

3030
Ping(ctx context.Context) (time.Duration,error)
31+
PGLocks(ctx context.Context) (PGLocks,error)
3132
InTx(func(Store)error,*TxOptions)error
3233
}
3334

@@ -48,13 +49,26 @@ type DBTX interface {
4849
GetContext(ctx context.Context,destinterface{},querystring,args...interface{})error
4950
}
5051

52+
funcWithSerialRetryCount(countint)func(*sqlQuerier) {
53+
returnfunc(q*sqlQuerier) {
54+
q.serialRetryCount=count
55+
}
56+
}
57+
5158
// New creates a new database store using a SQL database connection.
52-
funcNew(sdb*sql.DB)Store {
59+
funcNew(sdb*sql.DB,opts...func(*sqlQuerier))Store {
5360
dbx:=sqlx.NewDb(sdb,"postgres")
54-
return&sqlQuerier{
61+
q:=&sqlQuerier{
5562
db:dbx,
5663
sdb:dbx,
64+
// This is an arbitrary number.
65+
serialRetryCount:3,
66+
}
67+
68+
for_,opt:=rangeopts {
69+
opt(q)
5770
}
71+
returnq
5872
}
5973

6074
// TxOptions is used to pass some execution metadata to the callers.
@@ -104,6 +118,10 @@ type querier interface {
104118
typesqlQuerierstruct {
105119
sdb*sqlx.DB
106120
dbDBTX
121+
122+
// serialRetryCount is the number of times to retry a transaction
123+
// if it fails with a serialization error.
124+
serialRetryCountint
107125
}
108126

109127
func (*sqlQuerier)Wrappers() []string {
@@ -143,11 +161,9 @@ func (q *sqlQuerier) InTx(function func(Store) error, txOpts *TxOptions) error {
143161
// If we are in a transaction already, the parent InTx call will handle the retry.
144162
// We do not want to duplicate those retries.
145163
if!inTx&&sqlOpts.Isolation==sql.LevelSerializable {
146-
// This is an arbitrarily chosen number.
147-
constretryAmount=3
148164
varerrerror
149165
attempts:=0
150-
forattempts=0;attempts<retryAmount;attempts++ {
166+
forattempts=0;attempts<q.serialRetryCount;attempts++ {
151167
txOpts.executionCount++
152168
err=q.runTx(function,sqlOpts)
153169
iferr==nil {
@@ -203,3 +219,10 @@ func (q *sqlQuerier) runTx(function func(Store) error, txOpts *sql.TxOptions) er
203219
}
204220
returnnil
205221
}
222+
223+
funcsafeString(s*string)string {
224+
ifs==nil {
225+
return"<nil>"
226+
}
227+
return*s
228+
}

0 commit comments

Comments
 (0)
[8]ページ先頭
©2009-2025 Movatter.jp