shishantbiswas/coder
1
0
Fork 0
mirror of https://github.com/coder/coder.git synced 2026-06-05 05:58:20 +00:00
Code Issues Packages Projects Releases Wiki Activity
12,434 Commits 1,149 Branches 344 Tags
1a774ab7ce99063a2e01beb94de3fcbccaf84dbe
Commit Graph

1054 Commits

Author SHA1 Message Date
Muhammad Atif Ali 8e254cbb07 chore: integrate step-security/harden-runner in workflows (#15099) 
Redoing #15097
Part of #14879
 2024-10-16 11:23:00 -07:00
Spike Curtis 687b4dd41c fix: match go version in go.mod and CI (#15104) 
Causing CI to re-download Go to match the version in go.mod, and failing
on Windows, e.g.
https://github.com/coder/coder/actions/runs/11361195564/job/31600881001
 2024-10-16 12:23:48 +04:00
dependabot[bot] 5317c500c8 ci: bump aquasecurity/trivy-action from 0.25.0 to 0.27.0 in the github-actions group (#15061) 
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-10-15 23:28:04 +05:00
Cian Johnston 89ff48744c chore(docs): fix broken or missing links (#15085) 
Fixes a number of TODOs and broken links.
 2024-10-15 16:50:49 +01:00
Muhammad Atif Ali 57a65c15bf chore: use commit sha for GitHub actions (#15019) 
Use specific commit SHAs for GitHub actions across various workflows to
enhance reliability and reproducibility. This change ensures that
actions run against a known version, reducing the risk of unexpected
issues due to updates in the third-party action repositories.

This contributes to improving the score in #14879
 2024-10-14 08:49:55 -07:00
Sas Swart 208ed1efd7 chore(coderd/notifications): expand golden file testing for notifications (#15032) 
This PR aims to close https://github.com/coder/coder/issues/14913.

It expands the golden files for the notifier to include the entire
payload serialised as JSON.
 2024-10-14 12:34:32 +00:00
Muhammad Atif Ali 20b3f8fbf3 chore: use a smaller runner for e2e test (#15034) 
We run our e2e-tests on a 16-core machine with `--max-workers=1`
Using a standard runner with 2 cores, the machine runs the tests in the
same amount of time while reducing the cost 8 times.

Update: `test-e2e` fails on the 2core-8GB runner, so using a 4-core-16GB runner for that.
 2024-10-12 11:23:13 +00:00
dependabot[bot] 71d31713c5 ci: bump the github-actions group across 1 directory with 2 updates (#15016) 
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Muhammad Atif Ali <atif@coder.com>
 2024-10-08 09:04:43 +05:00
Muhammad Atif Ali e8d5fdfb1a chore: add OpenSSF badge (#15012) 2024-10-08 08:05:33 +05:00
Muhammad Atif Ali 419eba5fb6 docs: restructure docs (#14421) 
Closes #13434 
Supersedes #14182

---------

Co-authored-by: Ethan <39577870+ethanndickson@users.noreply.github.com>
Co-authored-by: Ethan Dickson <ethan@coder.com>
Co-authored-by: Ben Potter <ben@coder.com>
Co-authored-by: Stephen Kirby <58410745+stirby@users.noreply.github.com>
Co-authored-by: Stephen Kirby <me@skirby.dev>
Co-authored-by: EdwardAngert <17991901+EdwardAngert@users.noreply.github.com>
Co-authored-by: Edward Angert <EdwardAngert@users.noreply.github.com>
 2024-10-05 10:52:04 -05:00
dependabot[bot] 0623531ab8 ci: bump contributor-assistant/github-action from 2.6.0 to 2.6.1 in the github-actions group (#14870) 
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-10-01 17:33:10 +00:00
dependabot[bot] 86a82b5a2a ci: bump the github-actions group with 2 updates (#14770) 
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-09-25 19:40:06 +05:00
Mathias Fredriksson 7780087526 ci(.github): run release-labels when draft PRs are ready (#14667) 2024-09-13 12:41:45 +00:00
Mathias Fredriksson 95fc962871 ci(.github): remove success from release-labels job (#14664) 
It used to depend on another job which has since been removed.
 2024-09-13 11:28:27 +03:00
dependabot[bot] 26ebd70b12 ci: bump crate-ci/typos from 1.24.3 to 1.24.5 in the github-actions group (#14613) 
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-09-13 00:01:41 +05:00
Ammar Bandukwala 0787c42d32 chore(.github): disable stalebot (#14637) 2024-09-10 10:51:44 -05:00
Cian Johnston 2ed88d593a ci: disable update-flake in PRs (#14554) 2024-09-04 10:18:18 +00:00
dependabot[bot] 48430625a0 ci: bump crate-ci/typos from 1.24.1 to 1.24.3 in the github-actions group (#14521) 
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Muhammad Atif Ali <atif@coder.com>
 2024-09-03 17:17:12 +05:00
dependabot[bot] faf245234f ci: bump crate-ci/typos from 1.23.6 to 1.24.1 in the github-actions group (#14431) 
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-09-01 05:22:39 +00:00
Ethan d9f419308a chore(dogfood): use remote tf state (#14363) 2024-08-21 12:46:28 +10:00
Jon Ayers b6d35edebd chore: remove meticulous from CI (#14369) 2024-08-20 14:13:13 -04:00
dependabot[bot] f007c90a30 ci: bump contributor-assistant/github-action (#14345) 
Bumps the github-actions group with 1 update in the / directory: [contributor-assistant/github-action](https://github.com/contributor-assistant/github-action).


Updates `contributor-assistant/github-action` from 2.4.0 to 2.5.1
- [Release notes](https://github.com/contributor-assistant/github-action/releases)
- [Commits](https://github.com/contributor-assistant/github-action/compare/v2.4.0...v2.5.1)

---
updated-dependencies:
- dependency-name: contributor-assistant/github-action
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: github-actions
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-08-19 21:53:20 +03:00
Ethan d0f36dc6ba ci: add networking release validation (#14273) 2024-08-19 16:31:49 +10:00
Ethan 0613797934 fix: use dogfood contents as template dir (#14332) 2024-08-17 02:52:26 +10:00
Ethan 363a016281 fix: move to dogfood before terraform applying 2024-08-17 02:43:16 +10:00
Ethan 979430d635 chore: manage dogfood template using coderd provider (#14321) 2024-08-17 02:33:32 +10:00
Kayla Washburn-Love 95a7c0c4f0 chore: use tabs for prettier and biome (#14283) 2024-08-15 14:53:53 -06:00
Bruno Quaresma e398309a8f chore: allow minor and patch updates for npm deps (#14155) 2024-08-05 11:52:39 -03:00
dependabot[bot] 8acc7f2070 ci: bump crate-ci/typos in the github-actions group (#14149) 
Bumps the github-actions group with 1 update: [crate-ci/typos](https://github.com/crate-ci/typos).


Updates `crate-ci/typos` from 1.23.5 to 1.23.6
- [Release notes](https://github.com/crate-ci/typos/releases)
- [Changelog](https://github.com/crate-ci/typos/blob/master/CHANGELOG.md)
- [Commits](https://github.com/crate-ci/typos/compare/v1.23.5...v1.23.6)

---
updated-dependencies:
- dependency-name: crate-ci/typos
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: github-actions
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-08-05 15:27:55 +03:00
Bruno Quaresma a3c45861bf chore: upgrade nodejs tooling (#14134) 2024-08-02 19:56:12 -03:00
Jon Ayers f3ff172979 chore: remove dependency license review (#14131) 
- It's bafflingly buggy and is a source of annoyance for virtually the
  whole team.
- Will revisit if we don't have alternatives to catching invalid licenses.
 2024-08-02 14:14:14 -04:00
Bruno Quaresma 4d4d27c509 chore(site): allow pnpm packages license (#14122) 2024-08-02 13:02:22 -03:00
Muhammad Atif Ali 7619d1c49a chore: skip dogfood workflow for dependabot PRs (#14111) 2024-08-02 09:32:35 +00:00
Muhammad Atif Ali 894020db6a chore: skip dogfood workflow for dependabot PRs (#14106) 2024-08-02 09:39:57 +03:00
Alex Ivanov 6d3f7fb2a2 chore: update meticulous CI job (#14073) 2024-08-01 12:26:44 -04:00
Muhammad Atif Ali b0eaf4ca94 chore: commit update-flake as @dependabot (#14091) 
Thıs is needed to bypass the dependency check job for dependabot PRs.

https://github.com/coder/coder/blob/1289937eaeac63f27f2856a4374a0fedc5cc0e58/.github/workflows/ci.yaml#L973

The username and email are fetched from a previous  dependabot commit. 
https://github.com/coder/coder/commit/1289937eaeac63f27f2856a4374a0fedc5cc0e58.patch
 2024-08-01 19:24:51 +03:00
Muhammad Atif Ali 7a4737cf76 ci: handle retriggering ci and human authors in update-flake (#14052) 
Co-authored-by: Dean Sheather <dean@deansheather.com>
 2024-07-31 16:12:40 +00:00
Kyle Carberry 5d42f4aa7b fix: run update-flake with PAT to allow workflow runs (#14067) 
See the comment in the code.
 2024-07-31 11:43:43 -04:00
Danny Kopping c3390993dd chore: update generated files after pnpm upgrade (#14036) 2024-07-31 17:23:55 +02:00
dependabot[bot] c88ea26d7c ci: bump crate-ci/typos from 1.23.2 to 1.23.5 in the github-actions group (#14038) 
Bumps the github-actions group with 1 update: [crate-ci/typos](https://github.com/crate-ci/typos).


Updates `crate-ci/typos` from 1.23.2 to 1.23.5
- [Release notes](https://github.com/crate-ci/typos/releases)
- [Changelog](https://github.com/crate-ci/typos/blob/master/CHANGELOG.md)
- [Commits](https://github.com/crate-ci/typos/compare/v1.23.2...v1.23.5)

---
updated-dependencies:
- dependency-name: crate-ci/typos
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: github-actions
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-07-30 11:07:30 +03:00
Kyle Carberry b7102b39af chore: add script to update flake automatically (#14046) 2024-07-29 14:29:22 -04:00
Cian Johnston 68fa34feae ci: remove ci make concurrency to fix docker image race (#14027) 
This PR removes the `-j` argument to `make` when building and pushing Docker images on merge to main.
Seen here: https://github.com/coder/coder/actions/runs/10108431095/job/27954323032#step:9:119
We ran into this previously in #13769 for the release workflow, but neglected to apply the same change to the CI workflow.
 2024-07-26 10:53:18 +01:00
Muhammad Atif Ali 88bc491778 chore: add stable version info to repository-dispatch event (#13997) 
Co-authored-by: Mathias Fredriksson <mafredri@gmail.com>
 2024-07-25 11:03:01 +03:00
Danny Kopping 943ea7c52a feat: add SMTP auth & TLS support (#13902) 2024-07-19 09:22:15 +02:00
Jon Ayers 8d4bccc612 feat: add meticulous recorder (#13886) 2024-07-18 20:15:07 -05:00
Colin Adler 7a34a70cb8 chore: upgrade terraform to 1.9.2 (#13895) 2024-07-15 13:27:08 -05:00
dependabot[bot] aaf295badf ci: bump the github-actions group with 2 updates (#13890) 
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-07-15 15:56:12 +03:00
Colin Adler af001773db fix!: remove TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA cipher by default (#13837) 
This cipher is included by default in Go as a fallback, but is marked as
an insecure cipher. This removes the 3des cipher by default.

Before:
```
$ nmap --script ssl-enum-ciphers -p 443 xxxxxxx
Starting Nmap 7.94 ( https://nmap.org ) at 2024-07-08 14:16 CDT
Nmap scan report for xxxxx (xxx.xxx.xxx.xxx)
Host is up (0.038s latency).
rDNS record for xxx.xxx.xxx.xxx: xxx.xxx.xxx.xxx.bc.googleusercontent.com

PORT    STATE SERVICE
443/tcp open  https
| ssl-enum-ciphers:
|   TLSv1.2:
|     ciphers:
|       TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 (secp256r1) - A
|       TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256 (secp256r1) - A
|       TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (secp256r1) - A
|       TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA (secp256r1) - A
|       TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA (secp256r1) - A
|       TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA (secp256r1) - C
|     compressors:
|       NULL
|     cipher preference: server
|     warnings:
|       64-bit block cipher 3DES vulnerable to SWEET32 attack
|   TLSv1.3:
|     ciphers:
|       TLS_AKE_WITH_AES_128_GCM_SHA256 (ecdh_x25519) - A
|       TLS_AKE_WITH_AES_256_GCM_SHA384 (ecdh_x25519) - A
|       TLS_AKE_WITH_CHACHA20_POLY1305_SHA256 (ecdh_x25519) - A
|     cipher preference: server
|_  least strength: C
```

After:
```
$ nmap --script ssl-enum-ciphers -p 443 xxxxxxx
Starting Nmap 7.94 ( https://nmap.org ) at 2024-07-08 15:04 CDT
Nmap scan report for xxxxx (xxx.xxx.xxx.xxx)
Host is up (0.039s latency).
rDNS record for xxx.xxx.xxx.xxx: xxx.xxx.xxx.xxx.bc.googleusercontent.com

PORT    STATE SERVICE
443/tcp open  https
| ssl-enum-ciphers:
|   TLSv1.2:
|     ciphers:
|       TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA (secp256r1) - A
|       TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 (secp256r1) - A
|       TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA (secp256r1) - A
|       TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (secp256r1) - A
|       TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256 (secp256r1) - A
|     compressors:
|       NULL
|     cipher preference: client
|   TLSv1.3:
|     ciphers:
|       TLS_AKE_WITH_AES_128_GCM_SHA256 (ecdh_x25519) - A
|       TLS_AKE_WITH_AES_256_GCM_SHA384 (ecdh_x25519) - A
|       TLS_AKE_WITH_CHACHA20_POLY1305_SHA256 (ecdh_x25519) - A
|     cipher preference: server
|_  least strength: A
```

* fixup! fix!(cli): remove `TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA` cipher by default

* fixup! fix!(cli): remove `TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA` cipher by default
 2024-07-09 17:18:27 +00:00
Muhammad Atif Ali c62512a8bb chore: use base64 encoded kubeconfig for pr deployments (#13851) 2024-07-09 14:24:43 +00:00
Muhammad Atif Ali a123badccc chore: use base64 encoded kubeconfig for pr deployments (#13849) 2024-07-09 13:44:59 +00:00