shishantbiswas/coder
1
0
Fork 0
mirror of https://github.com/coder/coder.git synced 2026-06-03 04:58:23 +00:00
Code Issues Packages Projects Releases Wiki Activity

feat: add API key scope to restrict access to user data (#17692)

Browse Source
This commit is contained in:
Thomas Kosiewski
2025-05-15 15:32:52 +01:00
committed by GitHub
parent ee2aeb44d7
commit 1bacd82e80
28 changed files with 824 additions and 447 deletions
Download Patch File Download Diff File Expand all files Collapse all files
coderd/database/dump.sql
Generated
+8
View File
@@ -5,6 +5,11 @@ CREATE TYPE agent_id_name_pair AS (
name text
);
CREATE TYPE agent_key_scope_enum AS ENUM (
'all',
'no_user_data'
);
CREATE TYPE api_key_scope AS ENUM (
'all',
'application_connect'
@@ -1837,6 +1842,7 @@ CREATE TABLE workspace_agents (
api_version text DEFAULT ''::text NOT NULL,
display_order integer DEFAULT 0 NOT NULL,
parent_id uuid,
api_key_scope agent_key_scope_enum DEFAULT 'all'::agent_key_scope_enum NOT NULL,
CONSTRAINT max_logs_length CHECK ((logs_length <= 1048576)),
CONSTRAINT subsystems_not_none CHECK ((NOT ('none'::workspace_agent_subsystem = ANY (subsystems))))
);
@@ -1863,6 +1869,8 @@ COMMENT ON COLUMN workspace_agents.ready_at IS 'The time the agent entered the r
COMMENT ON COLUMN workspace_agents.display_order IS 'Specifies the order in which to display agents in user interfaces.';
COMMENT ON COLUMN workspace_agents.api_key_scope IS 'Defines the scope of the API key associated with the agent. ''all'' allows access to everything, ''no_user_data'' restricts it to exclude user data.';
CREATE UNLOGGED TABLE workspace_app_audit_sessions (
agent_id uuid NOT NULL,
app_id uuid NOT NULL,