Movatterモバイル変換

[0]ホーム
URL:

Skip to content

Navigation Menu

Sign in
Appearance settings

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly

 Sign up
Appearance settings

fix(cli): remove defaulting to keyring when --global-config set (#20943)#20977

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to ourterms of service andprivacy statement. We’ll occasionally send you account related emails.

Already on GitHub?Sign in to your account

Closed
matifali wants to merge6 commits intorelease/2.29fromaibridge-beta
Closed
Show file tree
Hide file tree
Changes fromall commits
Commits
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
8 changes: 4 additions & 4 deletionscli/clitest/clitest.go
View file
Open in desktop
Original file line numberDiff line numberDiff line change
Expand Up@@ -61,10 +61,10 @@ func NewWithCommand(
t testing.TB, cmd *serpent.Command, args ...string,
) (*serpent.Invocation, config.Root) {
configDir := config.Root(t.TempDir())
// Keyring usage is disabled herebecause many existing tests expect the session token
// to be stored on disk and is not properly instrumented for parallel testing against
// the actual operating system keyring.
invArgs := append([]string{"--global-config", string(configDir), "--use-keyring=false"}, args...)
// Keyring usage is disabled herewhen --global-config is set because many existing
//tests expect the session tokento be stored on disk and is not properly instrumented
//for parallel testing againstthe actual operating system keyring.
invArgs := append([]string{"--global-config", string(configDir)}, args...)
return setupInvocation(t, cmd, invArgs...), configDir
}

Expand Down
2 changes: 2 additions & 0 deletionscli/keyring_test.go
View file
Open in desktop
Original file line numberDiff line numberDiff line change
Expand Up@@ -54,6 +54,7 @@ func setupKeyringTestEnv(t *testing.T, clientURL string, args ...string) keyring

serviceName := keyringTestServiceName(t)
root.WithKeyringServiceName(serviceName)
root.UseKeyringWithGlobalConfig()

inv, cfg := clitest.NewWithDefaultKeyringCommand(t, cmd, args...)

Expand DownExpand Up@@ -169,6 +170,7 @@ func TestUseKeyring(t *testing.T) {
logoutCmd, err := logoutRoot.Command(logoutRoot.AGPL())
require.NoError(t, err)
logoutRoot.WithKeyringServiceName(env.serviceName)
logoutRoot.UseKeyringWithGlobalConfig()

logoutInv, _ := clitest.NewWithDefaultKeyringCommand(t, logoutCmd,
"logout",
Expand Down
32 changes: 23 additions & 9 deletionscli/root.go
View file
Open in desktop
Original file line numberDiff line numberDiff line change
Expand Up@@ -483,9 +483,9 @@ func (r *RootCmd) Command(subcommands []*serpent.Command) (*serpent.Command, err
Flag: varUseKeyring,
Env: envUseKeyring,
Description: "Store and retrieve session tokens using the operating system " +
"keyring.Enabled by default. If the keyringisnot supported on the " +
"current platform, file-based storageisused automatically. Set to " +
"false to force file-based storage.",
"keyring.This flag is ignored and file-based storageisused when " +
"--global-config is set or keyring usageisnot supported on the current " +
"platform. Set tofalse to force file-based storage on supported platforms.",
Default: "true",
Value: serpent.BoolOf(&r.useKeyring),
Group: globalGroup,
Expand DownExpand Up@@ -536,11 +536,12 @@ type RootCmd struct {
disableDirect bool
debugHTTP bool

disableNetworkTelemetry bool
noVersionCheck bool
noFeatureWarning bool
useKeyring bool
keyringServiceName string
disableNetworkTelemetry bool
noVersionCheck bool
noFeatureWarning bool
useKeyring bool
keyringServiceName string
useKeyringWithGlobalConfig bool
}

// InitClient creates and configures a new client with authentication, telemetry,
Expand DownExpand Up@@ -721,8 +722,14 @@ func (r *RootCmd) createUnauthenticatedClient(ctx context.Context, serverURL *ur
// flag.
func (r *RootCmd) ensureTokenBackend() sessionstore.Backend {
if r.tokenBackend == nil {
// Checking for the --global-config directory being set is a bit wonky but necessary
// to allow extensions that invoke the CLI with this flag (e.g. VS code) to continue
// working without modification. In the future we should modify these extensions to
// either access the credential in the keyring (like Coder Desktop) or some other
// approach that doesn't rely on the session token being stored on disk.
assumeExtensionInUse := r.globalConfig != config.DefaultDir() && !r.useKeyringWithGlobalConfig
keyringSupported := runtime.GOOS == "windows" || runtime.GOOS == "darwin"
if r.useKeyring && keyringSupported {
if r.useKeyring &&!assumeExtensionInUse &&keyringSupported {
serviceName := sessionstore.DefaultServiceName
if r.keyringServiceName != "" {
serviceName = r.keyringServiceName
Expand All@@ -742,6 +749,13 @@ func (r *RootCmd) WithKeyringServiceName(serviceName string) {
r.keyringServiceName = serviceName
}

// UseKeyringWithGlobalConfig enables the use of the keyring storage backend
// when the --global-config directory is set. This is only intended as an override
// for tests, which require specifying the global config directory for test isolation.
func (r *RootCmd) UseKeyringWithGlobalConfig() {
r.useKeyringWithGlobalConfig = true
}

type AgentAuth struct {
// Agent Client config
agentToken string
Expand Down
7 changes: 4 additions & 3 deletionscli/testdata/coder_--help.golden
View file
Open in desktop
Original file line numberDiff line numberDiff line change
Expand Up@@ -111,9 +111,10 @@ variables or flags.

--use-keyring bool, $CODER_USE_KEYRING (default: true)
Store and retrieve session tokens using the operating system keyring.
Enabled by default. If the keyring is not supported on the current
platform, file-based storage is used automatically. Set to false to
force file-based storage.
This flag is ignored and file-based storage is used when
--global-config is set or keyring usage is not supported on the
current platform. Set to false to force file-based storage on
supported platforms.

-v, --verbose bool, $CODER_VERBOSE
Enable verbose output.
Expand Down
1 change: 1 addition & 0 deletionscoderd/database/queries.sql.go
View file
Open in desktop

Some generated files are not rendered by default. Learn more abouthow customized files appear on GitHub.

1 change: 1 addition & 0 deletionscoderd/database/queries/workspaces.sql
View file
Open in desktop
Original file line numberDiff line numberDiff line change
Expand Up@@ -846,6 +846,7 @@ SET
WHERE
template_id = @template_id
AND dormant_at IS NOT NULL
AND deleted = false
-- Prebuilt workspaces (identified by having the prebuilds system user as owner_id)
-- should not have their dormant or deleting at set, as these are handled by the
-- prebuilds reconciliation loop.
Expand Down
2 changes: 1 addition & 1 deletiondocs/ai-coder/ai-bridge/reference.md
View file
Open in desktop
Original file line numberDiff line numberDiff line change
Expand Up@@ -38,4 +38,4 @@ Where relevant, both streaming and non-streaming requests are supported.

## Troubleshooting

To report a bug, file a feature request, or view a list of known issues, please visit our [GitHub repository for AI Bridge](https://github.com/coder/aibridge). If you encounter issues with AI Bridge during early access, please reach out to us via [Discord](https://discord.gg/coder).
To report a bug, file a feature request, or view a list of known issues, please visit our [GitHub repository for AI Bridge](https://github.com/coder/aibridge). If you encounter issues with AI Bridge, please reach out to us via [Discord](https://discord.gg/coder).
2 changes: 1 addition & 1 deletiondocs/manifest.json
View file
Open in desktop
Original file line numberDiff line numberDiff line change
Expand Up@@ -935,7 +935,7 @@
"description": "Centralized LLM and MCP proxy for platform teams",
"path": "./ai-coder/ai-bridge/index.md",
"icon_path": "./images/icons/api.svg",
"state": ["premium", "early access"],
"state": ["premium", "beta"],
"children": [
{
"title": "Setup",
Expand Down
2 changes: 1 addition & 1 deletiondocs/reference/cli/index.md
View file
Open in desktop

Some generated files are not rendered by default. Learn more abouthow customized files appear on GitHub.

7 changes: 4 additions & 3 deletionsenterprise/cli/testdata/coder_--help.golden
View file
Open in desktop
Original file line numberDiff line numberDiff line change
Expand Up@@ -70,9 +70,10 @@ variables or flags.

--use-keyring bool, $CODER_USE_KEYRING (default: true)
Store and retrieve session tokens using the operating system keyring.
Enabled by default. If the keyring is not supported on the current
platform, file-based storage is used automatically. Set to false to
force file-based storage.
This flag is ignored and file-based storage is used when
--global-config is set or keyring usage is not supported on the
current platform. Set to false to force file-based storage on
supported platforms.

-v, --verbose bool, $CODER_VERBOSE
Enable verbose output.
Expand Down
2 changes: 1 addition & 1 deletionenterprise/coderd/coderd.go
View file
Open in desktop
Original file line numberDiff line numberDiff line change
Expand Up@@ -460,7 +460,7 @@ func New(ctx context.Context, options *Options) (_ *API, err error) {
})
r.Route("/templates/{template}/prebuilds", func(r chi.Router) {
r.Use(
api.templateRBACEnabledMW,
api.RequireFeatureMW(codersdk.FeatureWorkspacePrebuilds),
apiKeyMiddleware,
httpmw.ExtractTemplateParam(api.Database),
)
Expand Down
99 changes: 99 additions & 0 deletionsenterprise/coderd/schedule/template_test.go
View file
Open in desktop
Original file line numberDiff line numberDiff line change
Expand Up@@ -737,6 +737,105 @@ func TestNotifications(t *testing.T) {
require.Contains(t, sent[i].Targets, dormantWs.OwnerID)
}
})

// Regression test for https://github.com/coder/coder/issues/20913
// Deleted workspaces should not receive dormancy notifications.
t.Run("DeletedWorkspacesNotNotified", func(t *testing.T) {
t.Parallel()

var (
db, _ = dbtestutil.NewDB(t)
ctx = testutil.Context(t, testutil.WaitLong)
user = dbgen.User(t, db, database.User{})
file = dbgen.File(t, db, database.File{
CreatedBy: user.ID,
})
templateJob = dbgen.ProvisionerJob(t, db, nil, database.ProvisionerJob{
FileID: file.ID,
InitiatorID: user.ID,
Tags: database.StringMap{
"foo": "bar",
},
})
timeTilDormant = time.Minute * 2
templateVersion = dbgen.TemplateVersion(t, db, database.TemplateVersion{
CreatedBy: user.ID,
JobID: templateJob.ID,
OrganizationID: templateJob.OrganizationID,
})
template = dbgen.Template(t, db, database.Template{
ActiveVersionID: templateVersion.ID,
CreatedBy: user.ID,
OrganizationID: templateJob.OrganizationID,
TimeTilDormant: int64(timeTilDormant),
TimeTilDormantAutoDelete: int64(timeTilDormant),
})
)

// Create a dormant workspace that is NOT deleted.
activeDormantWorkspace := dbgen.Workspace(t, db, database.WorkspaceTable{
OwnerID: user.ID,
TemplateID: template.ID,
OrganizationID: templateJob.OrganizationID,
LastUsedAt: time.Now().Add(-time.Hour),
})
_, err := db.UpdateWorkspaceDormantDeletingAt(ctx, database.UpdateWorkspaceDormantDeletingAtParams{
ID: activeDormantWorkspace.ID,
DormantAt: sql.NullTime{
Time: activeDormantWorkspace.LastUsedAt.Add(timeTilDormant),
Valid: true,
},
})
require.NoError(t, err)

// Create a dormant workspace that IS deleted.
deletedDormantWorkspace := dbgen.Workspace(t, db, database.WorkspaceTable{
OwnerID: user.ID,
TemplateID: template.ID,
OrganizationID: templateJob.OrganizationID,
LastUsedAt: time.Now().Add(-time.Hour),
Deleted: true, // Mark as deleted
})
_, err = db.UpdateWorkspaceDormantDeletingAt(ctx, database.UpdateWorkspaceDormantDeletingAtParams{
ID: deletedDormantWorkspace.ID,
DormantAt: sql.NullTime{
Time: deletedDormantWorkspace.LastUsedAt.Add(timeTilDormant),
Valid: true,
},
})
require.NoError(t, err)

// Setup dependencies
notifyEnq := notificationstest.NewFakeEnqueuer()
logger := slogtest.Make(t, &slogtest.Options{IgnoreErrors: true}).Leveled(slog.LevelDebug)
const userQuietHoursSchedule = "CRON_TZ=UTC 0 0 * * *" // midnight UTC
userQuietHoursStore, err := schedule.NewEnterpriseUserQuietHoursScheduleStore(userQuietHoursSchedule, true)
require.NoError(t, err)
userQuietHoursStorePtr := &atomic.Pointer[agplschedule.UserQuietHoursScheduleStore]{}
userQuietHoursStorePtr.Store(&userQuietHoursStore)
templateScheduleStore := schedule.NewEnterpriseTemplateScheduleStore(userQuietHoursStorePtr, notifyEnq, logger, nil)

// Lower the dormancy TTL to ensure the schedule recalculates deadlines and
// triggers notifications.
_, err = templateScheduleStore.Set(dbauthz.AsNotifier(ctx), db, template, agplschedule.TemplateScheduleOptions{
TimeTilDormant: timeTilDormant / 2,
TimeTilDormantAutoDelete: timeTilDormant / 2,
})
require.NoError(t, err)

// We should only receive a notification for the non-deleted dormant workspace.
sent := notifyEnq.Sent()
require.Len(t, sent, 1, "expected exactly 1 notification for the non-deleted workspace")
require.Equal(t, sent[0].UserID, activeDormantWorkspace.OwnerID)
require.Equal(t, sent[0].TemplateID, notifications.TemplateWorkspaceMarkedForDeletion)
require.Contains(t, sent[0].Targets, activeDormantWorkspace.ID)

// Ensure the deleted workspace was NOT notified
for _, notification := range sent {
require.NotContains(t, notification.Targets, deletedDormantWorkspace.ID,
"deleted workspace should not receive notifications")
}
})
}

func TestTemplateTTL(t *testing.T) {
Expand Down
7 changes: 6 additions & 1 deletionenterprise/coderd/templates.go
View file
Open in desktop
Original file line numberDiff line numberDiff line change
Expand Up@@ -378,7 +378,12 @@ func (api *API) postInvalidateTemplatePresets(rw http.ResponseWriter, r *http.Re
slog.F("preset_count", len(invalidatedPresets)),
)

invalidated := db2sdk.InvalidatedPresets(invalidatedPresets)
if invalidated == nil {
invalidated = []codersdk.InvalidatedPreset{} // need to avoid nil value
}

httpapi.Write(ctx, rw, http.StatusOK, codersdk.InvalidatePresetsResponse{
Invalidated:db2sdk.InvalidatedPresets(invalidatedPresets),
Invalidated:invalidated,
})
}
Loading
Loading
[8]ページ先頭
©2009-2025 Movatter.jp