- Notifications
You must be signed in to change notification settings - Fork928
feat: Add support for update checks and notifications#4810
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to ourterms of service andprivacy statement. We’ll occasionally send you account related emails.
Already on GitHub?Sign in to your account
Merged
Uh oh!
There was an error while loading.Please reload this page.
Merged
Changes fromall commits
Commits
Show all changes
14 commits Select commitHold shift + click to select a range
cc28c1b feat: Add support for checking for updates
mafredric163af8 wip(site): Add support for informing of updates
mafredrie9ed0b7 Add /api/v2/updatecheck to noauthorize list
mafredri64ad0f5 Fix edge case where update check has never succeeded
mafredri0238d5a Fix logging
mafredri9e1ea9e Use AlertBanner for coder version notice
mafredri979ff80 Update golden files
mafredrib80de3c Fix margins, improve alert banner and add stories
mafredri81d11dd Add authorization, dismissal and fetch after login
mafredri392d06e Apply suggestions from code review
mafredriad38c3b Add forgotten UpdateCheckBanner.stories.tsx
mafredri1c9dbc1 fix(api): Amend PR comments
mafredri49a7bfc fix(site): Always show prefix for update check errors, remove as const
mafredri44f6475 fix(site): Add jest tests for UpdateCheckBanner
mafredriFile filter
Filter by extension
Conversations
Failed to load comments.
Loading
Uh oh!
There was an error while loading.Please reload this page.
Jump to
Jump to file
Failed to load files.
Loading
Uh oh!
There was an error while loading.Please reload this page.
Diff view
Diff view
There are no files selected for viewing
5 changes: 5 additions & 0 deletionsbuildinfo/buildinfo.go
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.Learn more about bidirectional Unicode characters
7 changes: 7 additions & 0 deletionscli/deployment/config.go
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.Learn more about bidirectional Unicode characters
2 changes: 2 additions & 0 deletionscli/deployment/config_test.go
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.Learn more about bidirectional Unicode characters
20 changes: 20 additions & 0 deletionscli/server.go
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.Learn more about bidirectional Unicode characters
4 changes: 4 additions & 0 deletionscli/testdata/coder_server_--help.golden
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -219,6 +219,10 @@ Flags: | ||
| verbose flag was supplied, debug-level | ||
| logs will be included. | ||
| Consumes $CODER_TRACE_CAPTURE_LOGS | ||
| --update-check Periodically check for new releases of | ||
mafredri marked this conversation as resolved. Show resolvedHide resolvedUh oh!There was an error while loading.Please reload this page. | ||
| Coder and inform the owner. The check is | ||
| performed once per day. | ||
| Consumes $CODER_UPDATE_CHECK | ||
| --wildcard-access-url string Specifies the wildcard hostname to use | ||
| for workspace applications in the form | ||
| "*.example.com". | ||
28 changes: 19 additions & 9 deletionscoderd/coderd.go
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -47,6 +47,7 @@ import ( | ||
| "github.com/coder/coder/coderd/rbac" | ||
| "github.com/coder/coder/coderd/telemetry" | ||
| "github.com/coder/coder/coderd/tracing" | ||
| "github.com/coder/coder/coderd/updatecheck" | ||
| "github.com/coder/coder/coderd/wsconncache" | ||
| "github.com/coder/coder/codersdk" | ||
| "github.com/coder/coder/provisionerd/proto" | ||
| @@ -105,6 +106,7 @@ type Options struct { | ||
| AgentStatsRefreshInterval time.Duration | ||
| Experimental bool | ||
| DeploymentConfig *codersdk.DeploymentConfig | ||
| UpdateCheckOptions *updatecheck.Options // Set non-nil to enable update checking. | ||
| } | ||
| // New constructs a Coder API handler. | ||
| @@ -123,20 +125,14 @@ func New(options *Options) *API { | ||
| options.AgentInactiveDisconnectTimeout = options.AgentConnectionUpdateFrequency * 2 | ||
| } | ||
| if options.AgentStatsRefreshInterval == 0 { | ||
| options.AgentStatsRefreshInterval =5 * time.Minute | ||
mafredri marked this conversation as resolved. Show resolvedHide resolvedUh oh!There was an error while loading.Please reload this page. | ||
| } | ||
| if options.MetricsCacheRefreshInterval == 0 { | ||
| options.MetricsCacheRefreshInterval = time.Hour | ||
| } | ||
| if options.APIRateLimit == 0 { | ||
| options.APIRateLimit = 512 | ||
| } | ||
| if options.Authorizer == nil { | ||
| options.Authorizer = rbac.NewAuthorizer() | ||
| } | ||
| @@ -181,6 +177,13 @@ func New(options *Options) *API { | ||
| metricsCache: metricsCache, | ||
| Auditor: atomic.Pointer[audit.Auditor]{}, | ||
| } | ||
| if options.UpdateCheckOptions != nil { | ||
| api.updateChecker = updatecheck.New( | ||
| options.Database, | ||
| options.Logger.Named("update_checker"), | ||
| *options.UpdateCheckOptions, | ||
| ) | ||
| } | ||
| api.Auditor.Store(&options.Auditor) | ||
| api.workspaceAgentCache = wsconncache.New(api.dialWorkspaceAgentTailnet, 0) | ||
| api.TailnetCoordinator.Store(&options.TailnetCoordinator) | ||
| @@ -308,6 +311,9 @@ func New(options *Options) *API { | ||
| }) | ||
| }) | ||
| }) | ||
| r.Route("/updatecheck", func(r chi.Router) { | ||
| r.Get("/", api.updateCheck) | ||
| }) | ||
| r.Route("/config", func(r chi.Router) { | ||
| r.Use(apiKeyMiddleware) | ||
| r.Get("/deployment", api.deploymentConfig) | ||
| @@ -590,13 +596,14 @@ type API struct { | ||
| // RootHandler serves "/" | ||
| RootHandler chi.Router | ||
| siteHandler http.Handler | ||
| WebsocketWaitMutex sync.Mutex | ||
| WebsocketWaitGroup sync.WaitGroup | ||
| metricsCache *metricscache.Cache | ||
| workspaceAgentCache *wsconncache.Cache | ||
| updateChecker *updatecheck.Checker | ||
| } | ||
| // Close waits for all WebSocket connections to drain before returning. | ||
| @@ -606,6 +613,9 @@ func (api *API) Close() error { | ||
| api.WebsocketWaitMutex.Unlock() | ||
| api.metricsCache.Close() | ||
| if api.updateChecker != nil { | ||
| api.updateChecker.Close() | ||
| } | ||
| coordinator := api.TailnetCoordinator.Load() | ||
| if coordinator != nil { | ||
| _ = (*coordinator).Close() | ||
1 change: 1 addition & 0 deletionscoderd/coderdtest/authorize.go
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -48,6 +48,7 @@ func AGPLRoutes(a *AuthTester) (map[string]string, map[string]RouteCheck) { | ||
| "GET:/healthz": {NoAuthorize: true}, | ||
| "GET:/api/v2": {NoAuthorize: true}, | ||
| "GET:/api/v2/buildinfo": {NoAuthorize: true}, | ||
| "GET:/api/v2/updatecheck": {NoAuthorize: true}, | ||
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others.Learn more. review(api): Technically, we restrict access in the WebUI so that only owners can view this information. It's not sensitive information by any means, but it's somewhat pointless to show to users. That's why we do not require authorization here (but I can change it if this behavior seems too weird). There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others.Learn more. Unless the "updatecheck" can trigger a real update and potentially crash the deployment, I guess that it's safe to expose it to everyone. On the other hand, if there is a known security issue, all users would be informed that there is an update to install, so the system is currently vulnerable. There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others.Learn more. The updatecheck is read-only, so it won't do anything scandalous. If we ever add a POST endpoint, that should obviously be protected. You raised a good point about vulnerabilities. Since Coder is an open source product, this information would be available to anyone checking the GitHub releases too. More than protecting this endpoint, we should consider how we convey this information through our releases. | ||
| "GET:/api/v2/users/first": {NoAuthorize: true}, | ||
| "POST:/api/v2/users/first": {NoAuthorize: true}, | ||
| "POST:/api/v2/users/login": {NoAuthorize: true}, | ||
5 changes: 5 additions & 0 deletionscoderd/coderdtest/coderdtest.go
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.Learn more about bidirectional Unicode characters
25 changes: 22 additions & 3 deletionscoderd/database/databasefake/databasefake.go
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.Learn more about bidirectional Unicode characters
2 changes: 2 additions & 0 deletionscoderd/database/querier.go
Some generated files are not rendered by default. Learn more abouthow customized files appear on GitHub.
Oops, something went wrong.
Uh oh!
There was an error while loading.Please reload this page.
21 changes: 21 additions & 0 deletionscoderd/database/queries.sql.go
Some generated files are not rendered by default. Learn more abouthow customized files appear on GitHub.
Oops, something went wrong.
Uh oh!
There was an error while loading.Please reload this page.
7 changes: 7 additions & 0 deletionscoderd/database/queries/siteconfig.sql
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.Learn more about bidirectional Unicode characters
54 changes: 54 additions & 0 deletionscoderd/updatecheck.go
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,54 @@ | ||
| package coderd | ||
| import ( | ||
| "database/sql" | ||
| "net/http" | ||
| "strings" | ||
| "golang.org/x/mod/semver" | ||
| "golang.org/x/xerrors" | ||
| "github.com/coder/coder/buildinfo" | ||
| "github.com/coder/coder/coderd/httpapi" | ||
| "github.com/coder/coder/codersdk" | ||
| ) | ||
| func (api *API) updateCheck(rw http.ResponseWriter, r *http.Request) { | ||
| ctx := r.Context() | ||
| currentVersion := codersdk.UpdateCheckResponse{ | ||
| Current: true, | ||
| Version: buildinfo.Version(), | ||
| URL: buildinfo.ExternalURL(), | ||
| } | ||
| if api.updateChecker == nil { | ||
| // If update checking is disabled, echo the current | ||
| // version. | ||
| httpapi.Write(ctx, rw, http.StatusOK, currentVersion) | ||
| return | ||
| } | ||
| uc, err := api.updateChecker.Latest(ctx) | ||
| if err != nil { | ||
| if xerrors.Is(err, sql.ErrNoRows) { | ||
| // Update checking is enabled, but has never | ||
| // succeeded, reproduce behavior as if disabled. | ||
| httpapi.Write(ctx, rw, http.StatusOK, currentVersion) | ||
| return | ||
| } | ||
| httpapi.InternalServerError(rw, err) | ||
| return | ||
| } | ||
| // Since our dev version (v0.12.9-devel+f7246386) is not semver compatible, | ||
| // ignore everything after "-"." | ||
| versionWithoutDevel := strings.SplitN(buildinfo.Version(), "-", 2)[0] | ||
| httpapi.Write(ctx, rw, http.StatusOK, codersdk.UpdateCheckResponse{ | ||
| Current: semver.Compare(versionWithoutDevel, uc.Version) >= 0, | ||
| Version: uc.Version, | ||
| URL: uc.URL, | ||
| }) | ||
| } |
Oops, something went wrong.
Uh oh!
There was an error while loading.Please reload this page.
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.