NotificationsYou must be signed in to change notification settings
Fork913
Star10k

Commitac60d34

committed

feat: add agentapi endpoint to report connections for audit

This change adds a new `ReportConnection` endpoint to the `agentapi` andbumps the protocol version.This allows the agent to report connection events, for example when theuser connects to the workspace via SSH or VS Code.Updates#15139

1 parent640a0c3 commitac60d34Copy full SHA for ac60d34

File tree

13 files changed

+1126

-587

lines changed

agent
- agent.go
- agenttest
  - client.go
- proto
coderd
- agentapi
- workspaceagents_test.go
codersdk/agentsdk
- agentsdk.go
tailnet/proto
- tailnet_drpc_old.go
- version.go

13 files changed

+1126

-587

lines changed

`‎agent/agent.go`

Lines changed: 17 additions & 18 deletions

Original file line number	Diff line number	Diff line change
`@@ -87,8 +87,8 @@ type Options struct {`
`87`	`87`	`}`
`88`	`88`
`89`	`89`	`typeClientinterface {`
`90`		`-ConnectRPC23(ctx context.Context) (`
`91`		`-proto.DRPCAgentClient23, tailnetproto.DRPCTailnetClient23,error,`
	`90`	`+ConnectRPC24(ctx context.Context) (`
	`91`	`+proto.DRPCAgentClient24, tailnetproto.DRPCTailnetClient24,error,`
`92`	`92`	`)`
`93`	`93`	`RewriteDERPMap(derpMap*tailcfg.DERPMap)`
`94`	`94`	`}`
`@@ -369,7 +369,6 @@ func (a *agent) collectMetadata(ctx context.Context, md codersdk.WorkspaceAgentM`
`369`	`369`	`// Important: if the command times out, we may see a misleading error like`
`370`	`370`	`// "exit status 1", so it's important to include the context error.`
`371`	`371`	`err=errors.Join(err,ctx.Err())`
`372`		`-`
`373`	`372`	`iferr!=nil {`
`374`	`373`	`result.Error=fmt.Sprintf("run cmd: %+v",err)`
`375`	`374`	`}`
`@@ -406,7 +405,7 @@ func (t *trySingleflight) Do(key string, fn func()) {`
`406`	`405`	`fn()`
`407`	`406`	`}`
`408`	`407`
`409`		`-func (a*agent)reportMetadata(ctx context.Context,aAPI proto.DRPCAgentClient23)error {`
	`408`	`+func (a*agent)reportMetadata(ctx context.Context,aAPI proto.DRPCAgentClient24)error {`
`410`	`409`	`tickerDone:=make(chanstruct{})`
`411`	`410`	`collectDone:=make(chanstruct{})`
`412`	`411`	`ctx,cancel:=context.WithCancel(ctx)`
`@@ -622,7 +621,7 @@ func (a *agent) reportMetadata(ctx context.Context, aAPI proto.DRPCAgentClient23`
`622`	`621`
`623`	`622`	`// reportLifecycle reports the current lifecycle state once. All state`
`624`	`623`	`// changes are reported in order.`
`625`		`-func (a*agent)reportLifecycle(ctx context.Context,aAPI proto.DRPCAgentClient23)error {`
	`624`	`+func (a*agent)reportLifecycle(ctx context.Context,aAPI proto.DRPCAgentClient24)error {`
`626`	`625`	`for {`
`627`	`626`	`select {`
`628`	`627`	`case<-a.lifecycleUpdate:`
`@@ -704,7 +703,7 @@ func (a *agent) setLifecycle(state codersdk.WorkspaceAgentLifecycle) {`
`704`	`703`	`// fetchServiceBannerLoop fetches the service banner on an interval. It will`
`705`	`704`	`// not be fetched immediately; the expectation is that it is primed elsewhere`
`706`	`705`	`// (and must be done before the session actually starts).`
`707`		`-func (a*agent)fetchServiceBannerLoop(ctx context.Context,aAPI proto.DRPCAgentClient23)error {`
	`706`	`+func (a*agent)fetchServiceBannerLoop(ctx context.Context,aAPI proto.DRPCAgentClient24)error {`
`708`	`707`	`ticker:=time.NewTicker(a.announcementBannersRefreshInterval)`
`709`	`708`	`deferticker.Stop()`
`710`	`709`	`for {`
`@@ -740,7 +739,7 @@ func (a *agent) run() (retErr error) {`
`740`	`739`	`a.sessionToken.Store(&sessionToken)`
`741`	`740`
`742`	`741`	`// ConnectRPC returns the dRPC connection we use for the Agent and Tailnet v2+ APIs`
`743`		`-aAPI,tAPI,err:=a.client.ConnectRPC23(a.hardCtx)`
	`742`	`+aAPI,tAPI,err:=a.client.ConnectRPC24(a.hardCtx)`
`744`	`743`	`iferr!=nil {`
`745`	`744`	`returnerr`
`746`	`745`	`}`
`@@ -757,7 +756,7 @@ func (a *agent) run() (retErr error) {`
`757`	`756`	`connMan:=newAPIConnRoutineManager(a.gracefulCtx,a.hardCtx,a.logger,aAPI,tAPI)`
`758`	`757`
`759`	`758`	`connMan.startAgentAPI("init notification banners",gracefulShutdownBehaviorStop,`
`760`		`-func(ctx context.Context,aAPI proto.DRPCAgentClient23)error {`
	`759`	`+func(ctx context.Context,aAPI proto.DRPCAgentClient24)error {`
`761`	`760`	`bannersProto,err:=aAPI.GetAnnouncementBanners(ctx,&proto.GetAnnouncementBannersRequest{})`
`762`	`761`	`iferr!=nil {`
`763`	`762`	`returnxerrors.Errorf("fetch service banner: %w",err)`
`@@ -774,7 +773,7 @@ func (a *agent) run() (retErr error) {`
`774`	`773`	`// sending logs gets gracefulShutdownBehaviorRemain because we want to send logs generated by`
`775`	`774`	`// shutdown scripts.`
`776`	`775`	`connMan.startAgentAPI("send logs",gracefulShutdownBehaviorRemain,`
`777`		`-func(ctx context.Context,aAPI proto.DRPCAgentClient23)error {`
	`776`	`+func(ctx context.Context,aAPI proto.DRPCAgentClient24)error {`
`778`	`777`	`err:=a.logSender.SendLoop(ctx,aAPI)`
`779`	`778`	`ifxerrors.Is(err,agentsdk.LogLimitExceededError) {`
`780`	`779`	`// we don't want this error to tear down the API connection and propagate to the`
`@@ -814,7 +813,7 @@ func (a *agent) run() (retErr error) {`
`814`	`813`	`connMan.startAgentAPI("handle manifest",gracefulShutdownBehaviorStop,a.handleManifest(manifestOK))`
`815`	`814`
`816`	`815`	`connMan.startAgentAPI("app health reporter",gracefulShutdownBehaviorStop,`
`817`		`-func(ctx context.Context,aAPI proto.DRPCAgentClient23)error {`
	`816`	`+func(ctx context.Context,aAPI proto.DRPCAgentClient24)error {`
`818`	`817`	`iferr:=manifestOK.wait(ctx);err!=nil {`
`819`	`818`	`returnxerrors.Errorf("no manifest: %w",err)`
`820`	`819`	`}`
`@@ -847,7 +846,7 @@ func (a *agent) run() (retErr error) {`
`847`	`846`
`848`	`847`	`connMan.startAgentAPI("fetch service banner loop",gracefulShutdownBehaviorStop,a.fetchServiceBannerLoop)`
`849`	`848`
`850`		`-connMan.startAgentAPI("stats report loop",gracefulShutdownBehaviorStop,func(ctx context.Context,aAPI proto.DRPCAgentClient23)error {`
	`849`	`+connMan.startAgentAPI("stats report loop",gracefulShutdownBehaviorStop,func(ctx context.Context,aAPI proto.DRPCAgentClient24)error {`
`851`	`850`	`iferr:=networkOK.wait(ctx);err!=nil {`
`852`	`851`	`returnxerrors.Errorf("no network: %w",err)`
`853`	`852`	`}`
`@@ -858,8 +857,8 @@ func (a *agent) run() (retErr error) {`
`858`	`857`	`}`
`859`	`858`
`860`	`859`	`// handleManifest returns a function that fetches and processes the manifest`
`861`		`-func (aagent)handleManifest(manifestOKcheckpoint)func(ctx context.Context,aAPI proto.DRPCAgentClient23)error {`
`862`		`-returnfunc(ctx context.Context,aAPI proto.DRPCAgentClient23)error {`
	`860`	`+func (aagent)handleManifest(manifestOKcheckpoint)func(ctx context.Context,aAPI proto.DRPCAgentClient24)error {`
	`861`	`+returnfunc(ctx context.Context,aAPI proto.DRPCAgentClient24)error {`
`863`	`862`	`var (`
`864`	`863`	`sentResult=false`
`865`	`864`	`errerror`
`@@ -968,8 +967,8 @@ func (a agent) handleManifest(manifestOK checkpoint) func(ctx context.Context,`
`968`	`967`
`969`	`968`	`// createOrUpdateNetwork waits for the manifest to be set using manifestOK, then creates or updates`
`970`	`969`	`// the tailnet using the information in the manifest`
`971`		`-func (aagent)createOrUpdateNetwork(manifestOK,networkOKcheckpoint)func(context.Context, proto.DRPCAgentClient23)error {`
`972`		`-returnfunc(ctx context.Context,_ proto.DRPCAgentClient23) (retErrerror) {`
	`970`	`+func (aagent)createOrUpdateNetwork(manifestOK,networkOKcheckpoint)func(context.Context, proto.DRPCAgentClient24)error {`
	`971`	`+returnfunc(ctx context.Context,_ proto.DRPCAgentClient24) (retErrerror) {`
`973`	`972`	`iferr:=manifestOK.wait(ctx);err!=nil {`
`974`	`973`	`returnxerrors.Errorf("no manifest: %w",err)`
`975`	`974`	`}`
`@@ -1690,7 +1689,7 @@ const (`
`1690`	`1689`
`1691`	`1690`	`typeapiConnRoutineManagerstruct {`
`1692`	`1691`	`logger slog.Logger`
`1693`		`-aAPI proto.DRPCAgentClient23`
	`1692`	`+aAPI proto.DRPCAgentClient24`
`1694`	`1693`	`tAPI tailnetproto.DRPCTailnetClient23`
`1695`	`1694`	`eg*errgroup.Group`
`1696`	`1695`	`stopCtx context.Context`
`@@ -1699,7 +1698,7 @@ type apiConnRoutineManager struct {`
`1699`	`1698`
`1700`	`1699`	`funcnewAPIConnRoutineManager(`
`1701`	`1700`	`gracefulCtx,hardCtx context.Context,logger slog.Logger,`
`1702`		`-aAPI proto.DRPCAgentClient23,tAPI tailnetproto.DRPCTailnetClient23,`
	`1701`	`+aAPI proto.DRPCAgentClient24,tAPI tailnetproto.DRPCTailnetClient23,`
`1703`	`1702`	`)*apiConnRoutineManager {`
`1704`	`1703`	`// routines that remain in operation during graceful shutdown use the remainCtx. They'll still`
`1705`	`1704`	`// exit if the errgroup hits an error, which usually means a problem with the conn.`
`@@ -1732,7 +1731,7 @@ func newAPIConnRoutineManager(`
`1732`	`1731`	`// but for Tailnet.`
`1733`	`1732`	`func (a*apiConnRoutineManager)startAgentAPI(`
`1734`	`1733`	`namestring,behaviorgracefulShutdownBehavior,`
`1735`		`-ffunc(context.Context, proto.DRPCAgentClient23)error,`
	`1734`	`+ffunc(context.Context, proto.DRPCAgentClient24)error,`
`1736`	`1735`	`) {`
`1737`	`1736`	`logger:=a.logger.With(slog.F("name",name))`
`1738`	`1737`	`varctx context.Context`

`‎agent/agenttest/client.go`

Lines changed: 13 additions & 3 deletions

Original file line number	Diff line number	Diff line change
`@@ -15,6 +15,7 @@ import (`
`15`	`15`	`"golang.org/x/exp/slices"`
`16`	`16`	`"golang.org/x/xerrors"`
`17`	`17`	`"google.golang.org/protobuf/types/known/durationpb"`
	`18`	`+"google.golang.org/protobuf/types/known/emptypb"`
`18`	`19`	`"storj.io/drpc/drpcmux"`
`19`	`20`	`"storj.io/drpc/drpcserver"`
`20`	`21`	`"tailscale.com/tailcfg"`
`@@ -96,8 +97,8 @@ func (c *Client) Close() {`
`96`	`97`	`c.derpMapOnce.Do(func() {close(c.derpMapUpdates) })`
`97`	`98`	`}`
`98`	`99`
`99`		`-func (c*Client)ConnectRPC23(ctx context.Context) (`
`100`		`-agentproto.DRPCAgentClient23, proto.DRPCTailnetClient23,error,`
	`100`	`+func (c*Client)ConnectRPC24(ctx context.Context) (`
	`101`	`+agentproto.DRPCAgentClient24, proto.DRPCTailnetClient24,error,`
`101`	`102`	`) {`
`102`	`103`	`conn,lis:=drpcsdk.MemTransportPipe()`
`103`	`104`	`c.LastWorkspaceAgent=func() {`
`@@ -170,6 +171,7 @@ type FakeAgentAPI struct {`
`170`	`171`	`lifecycleStates []codersdk.WorkspaceAgentLifecycle`
`171`	`172`	`metadatamap[string]agentsdk.Metadata`
`172`	`173`	`timings []*agentproto.Timing`
	`174`	`+connections []*agentproto.Connection`
`173`	`175`
`174`	`176`	`getAnnouncementBannersFuncfunc() ([]codersdk.BannerConfig,error)`
`175`	`177`	`}`
`@@ -309,12 +311,20 @@ func (f FakeAgentAPI) BatchCreateLogs(ctx context.Context, req agentproto.Batc`
`309`	`311`
`310`	`312`	`func (fFakeAgentAPI)ScriptCompleted(_ context.Context,reqagentproto.WorkspaceAgentScriptCompletedRequest) (*agentproto.WorkspaceAgentScriptCompletedResponse,error) {`
`311`	`313`	`f.Lock()`
`312`		`-f.timings=append(f.timings,req.Timing)`
	`314`	`+f.timings=append(f.timings,req.GetTiming())`
`313`	`315`	`f.Unlock()`
`314`	`316`
`315`	`317`	`return&agentproto.WorkspaceAgentScriptCompletedResponse{},nil`
`316`	`318`	`}`
`317`	`319`
	`320`	`+func (fFakeAgentAPI)ReportConnection(_ context.Context,reqagentproto.ReportConnectionRequest) (*emptypb.Empty,error) {`
	`321`	`+f.Lock()`
	`322`	`+f.connections=append(f.connections,req.GetConnection())`
	`323`	`+f.Unlock()`
	`324`	`+`
	`325`	`+return&emptypb.Empty{},nil`
	`326`	`+}`
	`327`	`+`
`318`	`328`	`funcNewFakeAgentAPI(t testing.TB,logger slog.Logger,manifestagentproto.Manifest,statsChchanagentproto.Stats)*FakeAgentAPI {`
`319`	`329`	`return&FakeAgentAPI{`
`320`	`330`	`t:t,`

0 commit comments

Comments

(0)

Movatterモバイル変換

Navigation Menu

Search code, repositories, users, issues, pull requests...

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Commitac60d34

File tree

13 files changed

13 files changed

`‎agent/agent.go`

`‎agent/agenttest/client.go`

0 commit comments